Don't forget the old way of forming usernames, before the wjc33 format.
Mine was (and still is, since somehow I'm still an active student) st966f7k.
ST - Undergrad. SG for grad student. 96 - year I started Drexel. 6f7k - apparently the result of a hash function of your SSN. I've not looked, but possibly md5 or somesuch.
Of course, the next year, they started the cccnn format.
Hey, I never said 1700 was justifiable. But if there was such a technology boom, as JonKatz suggests, there'd be money around for the additional staff, additional R&D, additional sales people, additional HR, etc.
It's kinda hard to run a 200+ server environment with three 9's expectations with only 3 people. AFAIK, that's what they're doing right now. That's understaffed.
Of course, the company has pissed through $100 million or more since I started there, mostly on stupid deals or pipe dreams. But oh well.
(And no, last I saw, the number of people it took to get a shuttle into orbit was well over ten thousand, including all the maintenance)
Despite much hype to the contrary, Silicon Valley is quite alive and well, as is our increasingy data-driven, tech-based economy.
Jon, you're full of shit.
If the Valley was quite alive and well, then why did my former company go from almost 1700 people to less than a hundred in 18 months (and then I got laid off in January). IPIX wasnt one of the cruft. I helped design and implemented most of the Enhanced Picture Services (as seen on eBay.com) system, hell I ran it all singlehandedly for a few weeks at a time, and usually with a tiny ops team. If it was such a technology boom, I should've been able to hire people to help me. We also ran the Full360 real estate virtual tours system.
Now I see why everyone's tired of your same old bullshit, Jon.
I'm a UNIX geek too, a cursory look at my resume will show this. I came from a primarily UNIX shop. It looks like I'll be going to a UNIX shop. But, guess what! HR doesn't always follow Operations. Both times, previous job and my current hopeful, I've been asked for MS Word.
In HR's eyes, if you give pushback to this simple request, what other trouble will you cause?
...but not what the original poster had in mind. I have to agree with most of the replies. If you've got that kind of experience, writing a resume should be simple.
HOWEVER. What I want to see is something that will store this information, possibly in a db or somesuch, and then spit it out easily into multiple formats. The problem I'm finding now is, I've been asked for PDF, PostScript, HTML, Plaintext, RichText, and MS Word versions of my resume. So I've got 6 versions to keep up to date. Granted, it's not all THAT hard, but it's still a pain in the ass.
The ideal situation would be to stuff all the relevent information (name, contact info, objective, experience, skills) into a database, then have an automagic confragulator or whatever generate the various formats. That way, I only have to update the information one, and this automagical process can just be a link on my homepage to "Download my resume in your favorite format". Adding a format is as simple as adding an output filter for the automagic confragulator. So when someone asks for ClarisWorks for MacOS 1.0 format, you hack together the appropriate output filter, and now you can kick it out in 7 formats, instantaneously, and always up to date.
If anyone knows of something like that, it would be -very- useful.
OK, first off, I'm very serious. And I'm ignoring such things as Morpheus, Gnutella, etc. Those should be blocked.
But honestly, is it so unreasonable for bandwidth demand to go up? The medium is getting richer. Websites are taking advantage of media like Flash, movies, and sound more and more. More information abounds. People want stuff in more than just plain marked-up text. Maybe the increase is disproportional, but there are people (like my parents) that still believe that a 28.8kbps modem is sufficient. Not true.
Yes, as new services (including gnutella and napster) come about, there is a natural demand for more access. Deal with it.
More, quicker, better. It's the way things will go.
What options are there when consumers have been frauded on auction websites?
And in the poster's own words:
But regardless of what we learned, most of us feel helpless because eBay has not done more to get our money back. Any suggestions?
I think he's asking for resolutions to his problem, not prevention for next time. Personally, if I'd lost $1700, I'd try my damndest to get it back before I allowed a "next time" to occur.
Auction fraud is illegal, I believe there is a way you can file with the FTC and have the fraudelant seller fined thousands of dollars, or even possibly jailed. IIRC, something about interstate commerce, or whatknot. I think you may also get a full refund of the amount of money you were defrauded from, or a portion of the money collected by the FTC in fines; I don't remember which.
Absolutely. Since this is interstate commerce, it falls under the category of Mail Fraud. Contact the postmaster in your area, as well as the FTC. You might also want to seek legal advice (I wouldn't retain a lawyer yet) to get specifics for your locality (and his).
I went to Drexel from 96 to 99, but after I was in a near-fatal auto accident in March of 99 that caused me to be in the hospital for a month, and a wheelchair for two more, they decided it wasn't a valid reason for me to miss a term of class, and cancelled all of my financial aid. Gee, thanks!
Anyway, yeah, this is standard operating procedure for Drexel. They put me on probation for having an A record referencing a non-drexel domain pointing to my linux box (and turned off my ResNet access). I was wondering where Drexel.Com went...
A point of fact, however. Drexel Furniture -is- related to Drexel University. A. J. Drexel founded both. And Drexel Hill, PA was named such because AJ Drexel's family was from there. Etc, etc. Remember, Anthony J Drexel was a bigwig back then. Lotsa cash, power, etc.
I know he asked for a Linux solution, but the truth is that sometimes Linux just isn't the best tool for the job.
Currently, we're running a pair of Sun E4500's (4 CPU 6 gig 2 disk boards 2 IO boards) connected to a pair of Sun StorEDGE A5200 disk arrays by FCAL. Each box has 2 fiber connections to each array, for a max throughput to the box of 2gbit. The 4500's are running Solaris 7 for OS, Veritas Volume Manager for managing disk storage, and Veritas Cluster Server for HA management of Oracle 8.
Veritas won't let both machines mount the disks at the same time (which would be bad anyway), and it does a rather good job of managing things. Recently when we had a cpu die in the primary machine, the cluster failed over and had Oracle up (and running recovery) in 1 minute 3 seconds. Not bad, considering the other box rebooted itself and didn't shut Oracle down cleanly.
I am not blind now. IF I GO BLIND TOMORROW, I am screwed. I can't learn Braille overnight. My employer wont be able to afford all the blind-access kit overnight. I know several people who work in this industry that are similarly handicapped, and they do fine. But most of them have had years to adjust. I wouldn't.
And RSI does more than hurt. YOU CAN PERMANENTLY LOSE FUNCTION if you ignore RSI. I know. My sister almost did.
More importantly, they rely on their physical body parts to do their jobs. An athlete losing a leg is not the same as a geek getting RSI.
Bull fucking shit. It's very simple.
I'm a sysadmin and network engineer. If I get RSI, I can't type. If I lose my sight, I can't perform my job. Find me an employer on this planet that will pay me to tell someone else what to type, and never, EVER require me to touch a keyboard myself. Find me someone who will wake up with me at 4am, to tell me what the monitor says, because the webserver went down or the edge router lost a line card.
My roommate is a sysadmin and a programmer. If he loses his sight, he's boned. If he gets RSI, he's boned. Noone's going to sit there and tell him what's on the screen and type for him.
This is just like what happens to if he loses a leg in an accident. Or if he loses an arm, or his sight. He is -BONED-. He can't be a quarterback or baseball player anymore.
This has got to be the best way of getting bandwidth, for close to nothing. I'd ask for at least a T3, make sure they include a CSU/DSU, and a full class D IP range. Then you could run fiber to all of your neighbors and charge them for access.:)
CID 5:
First off, don't ask for a full Class D, unless you're planning on giving the entire town internet access, or literally wall-papering your house with terminals, you'd need at most a 16-IP class D, or in techno-speak, a/28 IP block.
Guys. Please. If you're going to reply and spout off smart-sounding technical terms, at least use the correct ones.
A class A is a/8 (16,777,216 IPs), a class B is a/16 (65,536 IPs), and a class C is a/24 (256 IPs). Class D IP space is -MULTICAST-. Not unicast IP space. It's multicast (224.0.0.0). It's not the size of an IP block. And given that noone uses classful IP anymore (at least, not anyone with a clue), asking an ISP for a Class anything block will probably get inquisitive stares and/or laughter.
That said, we'll move on now to the "ask for a guaranteed minimum of 400Mbit/s full duplex" comment.
Basically, you're full of crap. OC3 is 155Mbit, an OC12 is 622Mbit. There's nothing in between. Telco's dont run Ethernet (100xX or 1000xX) over WAN, so where did you get this "100mbit per fiber" crap? You really expect to take an underground-rated singlemode pair of fiber $TELCO ran into your back yard and plug it into some $1200 Linksys switch? And, do you -really- think some telco is going to just GIVE you this kind of bandwidth? The cheapest I've seen bandwidth sold for is around $400 PER MEGABIT per MONTH. You expect $TELCO to give away $62,000 (OC3) in revenue a MONTH just to drop a conduit on this guy's property? Where do you buy your crack, and can I have some?
Remember, telco's would sell their own mothers for a price. And not necessarily a high one, either.
Here's a more realistic request.
Ask for a 768K FT1 or frame + transit, a/28 (16 IPs, 14 useable), a DSU and router (nothing fancy, a cisco 2611 with WIC-1T would do nicely), and offer to take the rep out to lunch. Even this is probably a stretch, but it's one HELL of a lot more likely than the previous suggestions.
If you act like an ass, and start getting pie-in-the-sky-dreams of an OC12 for your bathroom (like previous posters), complete with termination and routing equipment, $TELCO is going to tell you to stuff it where the sun don't shine, and alter their plans to move about 5 miles around you and you get nothing.
It is not simply a matter of coding to support name based virtual ftp hosts, a change to the ftp protocol is needed. The http protocol contains a slot for the server name, the ftp protocol does not. An upgrade of the ftp protocol, with the associated upgrade of the client base is a _major_ undertaking.?
HTTP 1.0 didnt have a slot for it. How many servers run HTTP 1.1 compliant code? And how many are still running HTTP 1.0?
Yes, it's a semi-major undertaking. But it's not much different than adding Host: header to the HTTP protocol. It just has to be pushed.
Personally, I think ARIN needs to go, and NetworkSolutions with it. They've become monstrosities that don't belong on the Internet. They're plagued with bureaucratic crap, slowness, and idiocy that all harm the public Internet of today.
Anyway. This policy isn't near as bad as it seems. True, SSL websites require their own IP address, since SSL certificates are bound to both name and IP, and the SSL handshake verifies the certificate before it exchanges hostname data. But, the majority of websites out there are name-based. I host 5 websites on my one machine. My roommate hosts 7 on his. I know of companies with -thousands- of sites on one machine, one IP. HTTPS gets moved to a separate box (which it would be anyway, for security reasons), with IP aliases. So this doesn't affect daily operations near as much as people think it does.
Of course, FTP is also affected. But it isn't something that can't be overcome by coders. I mean hell, it should be as simple as it was to introduce name based virtual hosting for webservers. Or, just move your ftp files into HTTP, since most people just click links inside IE/Netscape/etc.
As someone who has a request for a/19 in *pray* *hope*, I can understand this policy. Now, if I can just make sure my announcements wont get filtered.....
Unfortunately, at Drexel University, they crammed CodeWarrior down our throats. In our first C++ class, if we didnt turn in CodeWarrior project files, we would lose 50 points (give or take, it's been a while). And the reason? "It makes it easier for the TA's." Give me a break. I had three programming classes, a physics class, calculus class, and history class that term. I didn't even have a machine that would RUN CodeWarrior for Windows, or Mac for that matter. I used pico/jed/vi and g++ on my dinky 486 linux box. And my code was cleaner, faster, and tighter than any other students' code. I eventually had to go to the professor and DEMAND he regrade my projects, because I was getting shafted out of my points just because I didn't use CW. Of course, he preferred solaris to windows, so that helped.
The moral of the story? Sometimes, even begging wont get the TA's to let you use what you want. You may get stuck with the shitty tools.
One of the problems I see with your theory of blocking out all private addresses (for those of you keeping score at home, that's 10.x.x.x, 172.16.x.x through 172.31.x.x, and 192.168.x.x) is that you won't see these addresses trying to come in through your firewall (if you've built it right) as often as you'd think.
Here's an excerpt from access-list 102, applied for ingress filtering on GigabitEthernet0/0/0 (our incoming interface) on the primary router.
Extended IP access list 102
deny tcp 192.168.0.0 0.0.255.255 any (179 matches) deny tcp 10.0.0.0 0.255.255.255 any (463 matches) deny tcp 172.16.0.0 0.15.255.255 any (106 matches) deny udp 192.168.0.0 0.0.255.255 any (20 matches) deny udp 10.0.0.0 0.255.255.255 any (22 matches) deny udp 172.16.0.0 0.15.255.255 any (23 matches) deny udp 169.254.0.0 0.0.255.255 any (6 matches) deny icmp 192.168.0.0 0.0.255.255 any (88 matches) deny icmp 10.0.0.0 0.255.255.255 any (80 matches) deny icmp 172.16.0.0 0.15.255.255 any (2 matches)
Won't see them? Pfft.
Admittedly, this is the router. Not the firewall. But they DO travel over the public internet.
I really don't know your usage habits, but I personally have a trackball that's 7 years old, has been used -continually- for all that time, and still works perfectly. Are you beating on the mouse? Did you submerge it in/spill on, coke, lemonade, coffee, etc? Are you working in a high humidity environment? Wet lint ruins mice.
I've only retired mice when I desired new functionality (like replacing the aforementioned Mouse Systems 3 button trackball with a Logitech TrackMan+ on my primary computer, and moving the old one to another box). I did have one that lost a button once, but then it turned out the dog was chewing on it. That'll kill 'em.
At the risk of starting YAHW (yet another holy war).....
Sendmail is ancient. Stop using it.
sendmail.8.10.1.tar.gz Fri Apr 07 17:45:00 2000
Ancient? 2 weeks is ancient?
Yes, the design is old, and admittedly, some of the worst pain in the ass security holes of all time have been from sendmail. But it -works-. It's up to date. And it's standard in every *NIX distribution I've seen (Slackware, redhat, debian, suse, and mandrake linux, solaris/sunos, etc etc.)
I recommend qmail in its place. Using it, you can put all of your dialup user's ips. This is assuming that you are the one handing out IP's -- you will have a specific block of them, so you can force that you only relay from those hosts.
This is what/etc/mail/relay-domains is for with sendmail.
Also, don't use sendmail. It stores all of your emails in one big file. What happens when you get a mailbox file that is 70-700megs big? When pop comes along, it starts timing itself out when you copy the box from username to.username.pop and you'll kill your pop server.
Uhhhh. If you have a user that's leaving 70 megs of email on the server, your problem does not reside in your MTA. Your problem lies in your method of systems administration. POP3 isnt really designed (IMO) for users to leave their mail on your server. IMAP maybe, but not pop3. Personally, I use quotas on user mailboxes set for 2 megs, maybe 5, depends. And if they leave mail on the server, they get bitched at.
qmail stores each email in a seperate file to prevent this. If you have all the wrapper programs it runs under give the process the resources it needs, you can easily store gigabytes 'in your pop account'.
Again, if you're storing gigabytes in a POP3 account, you need your head examined (and/or your user shot). If I need to store a gig of data somewhere, it's gonna be in an SQL database, or some other facility. Not my damned email account.
And to return on topic and answer the question at hand.... It's sucky, but SMTP-Auth or POP3 before SMTP seems to be the best thing going these days. I haven't had to deal with it much, yet, but I'm afraid it's getting ready to happen. You could design a quick little hack of a website to authenticate users to relay for 15 minutes (10? 5?). Just have it ask them for their dialup username/password, authenticate it, grab their IP out of the environment, and add them to/etc/mail/relay-domains. *shrug*
I purchased one of the Sun Microsystems Java laptop backpacks they were selling at the Java Store in November 98. So far it's protected two laptops, plus my cd cases full of audio and data cds, and still has room for my cellphone, a palm III and batteries, a few ethernet router and switch console cables, and a bottle of Dew. Unfortunately I dont think they're being sold anymore. But it's quite the kickass bag. Has a nice bad between your back and the laptop, plus a separator for cables, etc.
Hehehe. About the only coding I do these days is Perl scripts for the linux boxen. To be honest, I'm not just into networking now. I slipped easily from coding to *NIX and systems during my freshman year of college. Amazing how much easier it is to use pico[0] and gcc on a 486 with 8MB RAM than it is to try to stagger through MetroWerks CodeWarrior or MS Visual C++ on Win95. Faster too. And damn if gcc doesnt give much better error messages than VC++ or CW.
But, along with the systems experience came the interest in networking. Some people would be amazed at how integrated the Linux OS is with networking. Now, after recouperating for 9 months after almost killing myself in an auto accident[1], I'm about to return to my job at a large health system in the Northeast US as Assistant Senior Network Engineer[2]. Woo. OC3 to my workstation. I luff vlans. I luff my 3C975F.
[0] before I'm throttled, I've since graduated to vi. emacs is sure to be close behind *eyes ORA emacs book*
[1] After driving for 18 hours straight, not even 2L of Mt Dew and a box of Vivarin will save you from dozing off at 60MPH and trying to kill a tree. I think I'm one of the few 21 year old neteng's that hobble on a cane and have 40% use of one arm. But there's always a first.
[2] This is the best title I can come up with. I'll be directly assisting the Senior Network Engineer, relieving him of some of his duties so he isnt so stressed, and taking over some of the testing and implementation stuff of the new ATM network installs. I'd call myself Senior ATM Gimp but they wont let me put it on my business cards.
Slashdot Mirror
Ah, sounds like Drexel to me.
Don't forget the old way of forming usernames, before the wjc33 format.
Mine was (and still is, since somehow I'm still an active student) st966f7k.
ST - Undergrad. SG for grad student.
96 - year I started Drexel.
6f7k - apparently the result of a hash function of your SSN. I've not looked, but possibly md5 or somesuch.
Of course, the next year, they started the cccnn format.
-j (ujdisher@mcs, st966f7k@post, mug@drexel.edu)
Hey, I never said 1700 was justifiable. But if there was such a technology boom, as JonKatz suggests, there'd be money around for the additional staff, additional R&D, additional sales people, additional HR, etc.
It's kinda hard to run a 200+ server environment with three 9's expectations with only 3 people. AFAIK, that's what they're doing right now. That's understaffed.
Of course, the company has pissed through $100 million or more since I started there, mostly on stupid deals or pipe dreams. But oh well.
(And no, last I saw, the number of people it took to get a shuttle into orbit was well over ten thousand, including all the maintenance)
-j
Jon, you're full of shit.
If the Valley was quite alive and well, then why did my former company go from almost 1700 people to less than a hundred in 18 months (and then I got laid off in January). IPIX wasnt one of the cruft. I helped design and implemented most of the Enhanced Picture Services (as seen on eBay.com) system, hell I ran it all singlehandedly for a few weeks at a time, and usually with a tiny ops team. If it was such a technology boom, I should've been able to hire people to help me. We also ran the Full360 real estate virtual tours system.
Now I see why everyone's tired of your same old bullshit, Jon.
I'm a UNIX geek too, a cursory look at my resume will show this. I came from a primarily UNIX shop. It looks like I'll be going to a UNIX shop. But, guess what! HR doesn't always follow Operations. Both times, previous job and my current hopeful, I've been asked for MS Word.
In HR's eyes, if you give pushback to this simple request, what other trouble will you cause?
...but not what the original poster had in mind. I have to agree with most of the replies. If you've got that kind of experience, writing a resume should be simple.
HOWEVER. What I want to see is something that will store this information, possibly in a db or somesuch, and then spit it out easily into multiple formats. The problem I'm finding now is, I've been asked for PDF, PostScript, HTML, Plaintext, RichText, and MS Word versions of my resume. So I've got 6 versions to keep up to date. Granted, it's not all THAT hard, but it's still a pain in the ass.
The ideal situation would be to stuff all the relevent information (name, contact info, objective, experience, skills) into a database, then have an automagic confragulator or whatever generate the various formats. That way, I only have to update the information one, and this automagical process can just be a link on my homepage to "Download my resume in your favorite format". Adding a format is as simple as adding an output filter for the automagic confragulator. So when someone asks for ClarisWorks for MacOS 1.0 format, you hack together the appropriate output filter, and now you can kick it out in 7 formats, instantaneously, and always up to date.
If anyone knows of something like that, it would be -very- useful.
-j
OK, first off, I'm very serious. And I'm ignoring such things as Morpheus, Gnutella, etc. Those should be blocked.
But honestly, is it so unreasonable for bandwidth demand to go up? The medium is getting richer. Websites are taking advantage of media like Flash, movies, and sound more and more. More information abounds. People want stuff in more than just plain marked-up text. Maybe the increase is disproportional, but there are people (like my parents) that still believe that a 28.8kbps modem is sufficient. Not true.
Yes, as new services (including gnutella and napster) come about, there is a natural demand for more access. Deal with it.
More, quicker, better. It's the way things will go.
What options are there when consumers have been frauded on auction websites?
And in the poster's own words:
But regardless of what we learned, most of us feel helpless because eBay has not done more to get our money back. Any suggestions?
I think he's asking for resolutions to his problem, not prevention for next time. Personally, if I'd lost $1700, I'd try my damndest to get it back before I allowed a "next time" to occur.
Absolutely. Since this is interstate commerce, it falls under the category of Mail Fraud. Contact the postmaster in your area, as well as the FTC. You might also want to seek legal advice (I wouldn't retain a lawyer yet) to get specifics for your locality (and his).
I went to Drexel from 96 to 99, but after I was in a near-fatal auto accident in March of 99 that caused me to be in the hospital for a month, and a wheelchair for two more, they decided it wasn't a valid reason for me to miss a term of class, and cancelled all of my financial aid. Gee, thanks!
Anyway, yeah, this is standard operating procedure for Drexel. They put me on probation for having an A record referencing a non-drexel domain pointing to my linux box (and turned off my ResNet access). I was wondering where Drexel.Com went...
A point of fact, however. Drexel Furniture -is- related to Drexel University. A. J. Drexel founded both. And Drexel Hill, PA was named such because AJ Drexel's family was from there. Etc, etc. Remember, Anthony J Drexel was a bigwig back then. Lotsa cash, power, etc.
-j (ujdisher@mcs account still lives, too!)
No, they come with 2 PCI slots. I've got a 9' rack full of Blazers.
*sigh*
The other pairs are there for a -reason-.
They are ground wires. They also provide protection against attenuation and signal leakage. That's why they're twisted in there.
If they didn't need to be there, they wouldn't.
-j
I know he asked for a Linux solution, but the truth is that sometimes Linux just isn't the best tool for the job.
Currently, we're running a pair of Sun E4500's (4 CPU 6 gig 2 disk boards 2 IO boards) connected to a pair of Sun StorEDGE A5200 disk arrays by FCAL. Each box has 2 fiber connections to each array, for a max throughput to the box of 2gbit. The 4500's are running Solaris 7 for OS, Veritas Volume Manager for managing disk storage, and Veritas Cluster Server for HA management of Oracle 8.
Veritas won't let both machines mount the disks at the same time (which would be bad anyway), and it does a rather good job of managing things. Recently when we had a cpu die in the primary machine, the cluster failed over and had Oracle up (and running recovery) in 1 minute 3 seconds. Not bad, considering the other box rebooted itself and didn't shut Oracle down cleanly.
-j
OK. Since noone listed to exactly what I wrote...
I am not blind now. IF I GO BLIND TOMORROW, I am screwed. I can't learn Braille overnight. My employer wont be able to afford all the blind-access kit overnight. I know several people who work in this industry that are similarly handicapped, and they do fine. But most of them have had years to adjust. I wouldn't.
And RSI does more than hurt. YOU CAN PERMANENTLY LOSE FUNCTION if you ignore RSI. I know. My sister almost did.
-j
Bull fucking shit. It's very simple.
I'm a sysadmin and network engineer. If I get RSI, I can't type. If I lose my sight, I can't perform my job. Find me an employer on this planet that will pay me to tell someone else what to type, and never, EVER require me to touch a keyboard myself. Find me someone who will wake up with me at 4am, to tell me what the monitor says, because the webserver went down or the edge router lost a line card.
My roommate is a sysadmin and a programmer. If he loses his sight, he's boned. If he gets RSI, he's boned. Noone's going to sit there and tell him what's on the screen and type for him.
This is just like what happens to if he loses a leg in an accident. Or if he loses an arm, or his sight. He is -BONED-. He can't be a quarterback or baseball player anymore.
-j
This has got to be the best way of getting bandwidth, for close to nothing. I'd ask for at least a T3, make sure they include a CSU/DSU, and a full class D IP range. Then you could run fiber to all of your neighbors and charge them for access. :)
CID 5:
First off, don't ask for a full Class D, unless you're planning on giving the entire town internet access, or literally wall-papering your house with terminals, you'd need at most a 16-IP class D, or in techno-speak, a /28 IP block.
Guys. Please. If you're going to reply and spout off smart-sounding technical terms, at least use the correct ones.
A class A is a /8 (16,777,216 IPs), a class B is a /16 (65,536 IPs), and a class C is a /24 (256 IPs). Class D IP space is -MULTICAST-. Not unicast IP space. It's multicast (224.0.0.0). It's not the size of an IP block. And given that noone uses classful IP anymore (at least, not anyone with a clue), asking an ISP for a Class anything block will probably get inquisitive stares and/or laughter.
That said, we'll move on now to the "ask for a guaranteed minimum of 400Mbit/s full duplex" comment.
Basically, you're full of crap. OC3 is 155Mbit, an OC12 is 622Mbit. There's nothing in between. Telco's dont run Ethernet (100xX or 1000xX) over WAN, so where did you get this "100mbit per fiber" crap? You really expect to take an underground-rated singlemode pair of fiber $TELCO ran into your back yard and plug it into some $1200 Linksys switch? And, do you -really- think some telco is going to just GIVE you this kind of bandwidth? The cheapest I've seen bandwidth sold for is around $400 PER MEGABIT per MONTH. You expect $TELCO to give away $62,000 (OC3) in revenue a MONTH just to drop a conduit on this guy's property? Where do you buy your crack, and can I have some?
Remember, telco's would sell their own mothers for a price. And not necessarily a high one, either.
Here's a more realistic request.
Ask for a 768K FT1 or frame + transit, a /28 (16 IPs, 14 useable), a DSU and router (nothing fancy, a cisco 2611 with WIC-1T would do nicely), and offer to take the rep out to lunch. Even this is probably a stretch, but it's one HELL of a lot more likely than the previous suggestions.
If you act like an ass, and start getting pie-in-the-sky-dreams of an OC12 for your bathroom (like previous posters), complete with termination and routing equipment, $TELCO is going to tell you to stuff it where the sun don't shine, and alter their plans to move about 5 miles around you and you get nothing.
-j
My high school.
You do of course understand that RADIUS is for network authentication, mildly similar to NIS, right?
RADIUS has no bandwidth monitoring functionality in it whatsoever.
Put the pretty little buzzwords down and step away from the keyboard.
HTTP 1.0 didnt have a slot for it. How many servers run HTTP 1.1 compliant code? And how many are still running HTTP 1.0?
Yes, it's a semi-major undertaking. But it's not much different than adding Host: header to the HTTP protocol. It just has to be pushed.
Personally, I think ARIN needs to go, and NetworkSolutions with it. They've become monstrosities that don't belong on the Internet. They're plagued with bureaucratic crap, slowness, and idiocy that all harm the public Internet of today.
/19 in *pray* *hope*, I can understand this policy. Now, if I can just make sure my announcements wont get filtered.....
Anyway. This policy isn't near as bad as it seems. True, SSL websites require their own IP address, since SSL certificates are bound to both name and IP, and the SSL handshake verifies the certificate before it exchanges hostname data. But, the majority of websites out there are name-based. I host 5 websites on my one machine. My roommate hosts 7 on his. I know of companies with -thousands- of sites on one machine, one IP. HTTPS gets moved to a separate box (which it would be anyway, for security reasons), with IP aliases. So this doesn't affect daily operations near as much as people think it does.
Of course, FTP is also affected. But it isn't something that can't be overcome by coders. I mean hell, it should be as simple as it was to introduce name based virtual hosting for webservers. Or, just move your ftp files into HTTP, since most people just click links inside IE/Netscape/etc.
As someone who has a request for a
Unfortunately, at Drexel University, they crammed CodeWarrior down our throats. In our first C++ class, if we didnt turn in CodeWarrior project files, we would lose 50 points (give or take, it's been a while). And the reason? "It makes it easier for the TA's." Give me a break. I had three programming classes, a physics class, calculus class, and history class that term. I didn't even have a machine that would RUN CodeWarrior for Windows, or Mac for that matter. I used pico/jed/vi and g++ on my dinky 486 linux box. And my code was cleaner, faster, and tighter than any other students' code. I eventually had to go to the professor and DEMAND he regrade my projects, because I was getting shafted out of my points just because I didn't use CW. Of course, he preferred solaris to windows, so that helped.
The moral of the story? Sometimes, even begging wont get the TA's to let you use what you want. You may get stuck with the shitty tools.
Here's an excerpt from access-list 102, applied for ingress filtering on GigabitEthernet0/0/0 (our incoming interface) on the primary router.
Extended IP access list 102
deny tcp 192.168.0.0 0.0.255.255 any (179 matches)
deny tcp 10.0.0.0 0.255.255.255 any (463 matches)
deny tcp 172.16.0.0 0.15.255.255 any (106 matches)
deny udp 192.168.0.0 0.0.255.255 any (20 matches)
deny udp 10.0.0.0 0.255.255.255 any (22 matches)
deny udp 172.16.0.0 0.15.255.255 any (23 matches)
deny udp 169.254.0.0 0.0.255.255 any (6 matches)
deny icmp 192.168.0.0 0.0.255.255 any (88 matches)
deny icmp 10.0.0.0 0.255.255.255 any (80 matches)
deny icmp 172.16.0.0 0.15.255.255 any (2 matches)
Won't see them? Pfft.
Admittedly, this is the router. Not the firewall. But they DO travel over the public internet.
-j
I really don't know your usage habits, but I personally have a trackball that's 7 years old, has been used -continually- for all that time, and still works perfectly. Are you beating on the mouse? Did you submerge it in/spill on, coke, lemonade, coffee, etc? Are you working in a high humidity environment? Wet lint ruins mice.
I've only retired mice when I desired new functionality (like replacing the aforementioned Mouse Systems 3 button trackball with a Logitech TrackMan+ on my primary computer, and moving the old one to another box). I did have one that lost a button once, but then it turned out the dog was chewing on it. That'll kill 'em.
-j
Sendmail is ancient. Stop using it.
sendmail.8.10.1.tar.gz Fri Apr 07 17:45:00 2000
Ancient? 2 weeks is ancient?
Yes, the design is old, and admittedly, some of the worst pain in the ass security holes of all time have been from sendmail. But it -works-. It's up to date. And it's standard in every *NIX distribution I've seen (Slackware, redhat, debian, suse, and mandrake linux, solaris/sunos, etc etc.)
I recommend qmail in its place. Using it, you can put all of your dialup user's ips. This is assuming that you are the one handing out IP's -- you will have a specific block of them, so you can force that you only relay from those hosts.
This is what /etc/mail/relay-domains is for with sendmail.
Also, don't use sendmail. It stores all of your emails in one big file. What happens when you get a mailbox file that is 70-700megs big? When pop comes along, it starts timing itself out when you copy the box from username to .username.pop and you'll kill your pop server.
Uhhhh. If you have a user that's leaving 70 megs of email on the server, your problem does not reside in your MTA. Your problem lies in your method of systems administration. POP3 isnt really designed (IMO) for users to leave their mail on your server. IMAP maybe, but not pop3. Personally, I use quotas on user mailboxes set for 2 megs, maybe 5, depends. And if they leave mail on the server, they get bitched at.
qmail stores each email in a seperate file to prevent this. If you have all the wrapper programs it runs under give the process the resources it needs, you can easily store gigabytes 'in your pop account'.
Again, if you're storing gigabytes in a POP3 account, you need your head examined (and/or your user shot). If I need to store a gig of data somewhere, it's gonna be in an SQL database, or some other facility. Not my damned email account.
And to return on topic and answer the question at hand.... It's sucky, but SMTP-Auth or POP3 before SMTP seems to be the best thing going these days. I haven't had to deal with it much, yet, but I'm afraid it's getting ready to happen. You could design a quick little hack of a website to authenticate users to relay for 15 minutes (10? 5?). Just have it ask them for their dialup username/password, authenticate it, grab their IP out of the environment, and add them to /etc/mail/relay-domains. *shrug*
-j
I purchased one of the Sun Microsystems Java laptop backpacks they were selling at the Java Store in November 98. So far it's protected two laptops, plus my cd cases full of audio and data cds, and still has room for my cellphone, a palm III and batteries, a few ethernet router and switch console cables, and a bottle of Dew. Unfortunately I dont think they're being sold anymore. But it's quite the kickass bag. Has a nice bad between your back and the laptop, plus a separator for cables, etc.
Hehehe. About the only coding I do these days is Perl scripts for the linux boxen. To be honest, I'm not just into networking now. I slipped easily from coding to *NIX and systems during my freshman year of college. Amazing how much easier it is to use pico[0] and gcc on a 486 with 8MB RAM than it is to try to stagger through MetroWerks CodeWarrior or MS Visual C++ on Win95. Faster too. And damn if gcc doesnt give much better error messages than VC++ or CW.
But, along with the systems experience came the interest in networking. Some people would be amazed at how integrated the Linux OS is with networking. Now, after recouperating for 9 months after almost killing myself in an auto accident[1], I'm about to return to my job at a large health system in the Northeast US as Assistant Senior Network Engineer[2]. Woo. OC3 to my workstation. I luff vlans. I luff my 3C975F.
[0] before I'm throttled, I've since graduated to vi. emacs is sure to be close behind *eyes ORA emacs book*
[1] After driving for 18 hours straight, not even 2L of Mt Dew and a box of Vivarin will save you from dozing off at 60MPH and trying to kill a tree. I think I'm one of the few 21 year old neteng's that hobble on a cane and have 40% use of one arm. But there's always a first.
[2] This is the best title I can come up with. I'll be directly assisting the Senior Network Engineer, relieving him of some of his duties so he isnt so stressed, and taking over some of the testing and implementation stuff of the new ATM network installs. I'd call myself Senior ATM Gimp but they wont let me put it on my business cards.