On machines that are not owned by me, but where I can influence the security policy, sudo is the only mechanism I permit. The only root logins are on the console (since they are all stuck in data centres, phyical access is very limited). Forcing sudo causes more responsible behaviour on everyone's part, and knowing that commands are logged, admins tend to think a little more before blowing the system away. On machines where I've enforced a sudo only policy, reliability goes way, WAY up.
On my own machines, I still use sudo, but it tends to be 'sudo bash', and I change the color of the xterm to red-on-black so I know it's root. Not the best practice, but I've made enough expensive mistakes in my past to be overly cautious most of the time.
I see token ring still in use in bank branches, main bank data processing centres, and some insurance companies. NATO is rumoured to have a bunch of legacy systems on TR. On the PC side, its mostly old ISA cards, and the 486-PII era machines which still have some crappy 32x0 emulator running in fullscreen mode on OS/2. On the the mainframe side, there are still old IBM 3080s+3090s, system 36/37/38s and many C390s around. Be afraid, be very afraid.
One of the side effects of some companies locked into dino^H^H^H^Hlegac^H^H^H^Htime tested solutions, is that they have to pay whatever it takes for dino^H^H^H^Hexperienced old-fa^H^Htimers to come in and fix the fsckups caused by young ignoramuses not having any knowledge of TR. My going rate right now is EUR400/hour, with a minimum of an 8 hour payment up front before I even set foot on the premises, and I still get called out about 3 times per year. get off my lawn...
Cisco must still have TR, I met a dejected CCIE candidate who told me he paid many thousands of euros for a one week CCIE-mill course, which took him from windoze point and click to supposedly a CCIE, only to have half his stack be wired with TR which the fly-by-night company had never heard of. Clearly the CCIE proctors have some tricks up their sleeves when they detect a candidate who has all the answers but none of the experience.
the AC As well, my cisco study kit still has some 2513s and AGS+s and a box of TR cables (hermaphrodite and RJ45), ISA cards, and some 8228s. I haven't touched any of it in at least 5 years
Apple didn't know how to move funds from California to Belgium.
It's not as easy as many american companies think. I've seen Cisco, MTV, CNN, and a few other big american corps screw up the openings of their European HQs because they didn't pay the right law firm up front to do all the paper work and hire the legal minimum of locals. It was really bad during the dotcom boom, because companies flush with investment capital would just send a couple of guys they hired straight out of university (with zero work experience) and give them titles of "VP of European Operations" or "Head of European Sales", and the guys would end up working out of a hotel room for a few months because they didn't know enough to hire some locals. On at least two occasions they would try to hire me, since I had both European and American bank accounts. They'd want me to get all the payroll and expenses sent to my US account, and then distribute the money from my Belgian account to all their new partners. I'd say NO, and they had to fold up their operations because they just couldn't understand there were steep start up costs in Europe and they weren't willing to pay. Even when everything is set up, the banks sit on money transfers for a month or two, until a year's worth of funds go through with no problems.
Triple play DSL installations are now the norm in both Europe and parts of Asia. They are mostly based on the G.992.5 ADSL2+ standard, the DSLAMs and CPE boxes have been available since 2002, with a big uptake seen about 2 years ago.
Technically, there is 24 Mbps of downstream bandwidth available (with no voice band splitters, it can use the whole bandwidth of the copper pair). G.992 also allows for multiple ATM pipes, so a service provider can reserve 16kbps for VOIP, 1-3 Mbps for a single MPEG-4 video stream, and the rest for internet. There is also the concept of separate interleave delays for each ATM circuit, so a voice channel can have a low delay, video a high delay, and internet can have either a high delay with higer bandwidth or low delay with lower bandwidth (for the gamerz oh-so-important ping times). Even customers out at the far limits of DSL still have a few hundred Kbps of internet left after the VOIP and TV feeds.
Video channel switching is done via a reserved communications channel between the set-top CPE box and the DSLAM, as you zap through the channels, the DSLAM chooses the video stream. The major downside is that there needs to be a fibre feed with all the channels going through every DSLAM, a couple of Gbit/sec worth of streaming video for the companies who have 300+ channels available. The video quality I've seen on every system is pretty poor, MPEG artifacts everywhere, skips and delays, and no synchro between audio and video streams.
I've just returned from a working vacation in the U.S., and I was stunned at the primitiveness of the DSL infrastructure. The big 3 monopolies own the copper, Local Loop Unbundling (or naked DSL) is almost non-existant, download caps as bad as Australia, AUPs forbid all kinds of things like leaving an SSH server on your home machine for remote access. I'm glad to be back in the first world, internet-wise.
At CeBIT last week, everyone was talking VDSL2. European providers with large ADSL2+ networks are upgrading to 50Mbps VDSL2. All the chinese manufacturers were showing off working VDSL2 systems based on conexant and broadcom chipsets.
My network sounded like a couple of trains crashing into each other, in the middle of a field of empty rusting bathtubs, with a cold, harsh, north wind blowing at hurricane force. And that was on a good day:-)
You may have meant your post to be "funny", but it's a serious business for used booksellers.
I shop regularly at a couple of used bookshops, and both owners are quite well versed in the battle to eliminate their livelihood. Brussels (the Commission and the Parliament) have been heavily lobbied by publishers to change the rights around "right of first sale", and criminalise the re-selling of books. The lobbying currently is following in the footsteps of the recording industry, in the hopes of making a complete overhaul of copyright law in Europe, pointing to the gains made in the US and asking for equalisation without debate.
The moves to criminalise libraries and used bookshops are quite well advanced in the US, but until now common sense is resisting the corrupting influence of the almighty dollar. Give the US congress a little more time to accept some bribes^Wlobbying dollars, and we could see used bookshops outlawed soon enough.
Companies are only recruiting younger talent for perm positions right now, because once they get them in at a cheap wage, there will not be any significant pay rises for the length of their career. Companies only want older, extremely experienced people, like myself, for specific short term contracts. I can do the work of a whole department of CCNAs in one tenth the time, so the numbers come out in my favour. Unfortunately, not all the companies out there have someone who can run the numbers. Its all the people between 30 and 50 years of age who have familes to think of, regular hours to keep, and a life outside of work, who have the most difficult time.
As for skin colour racism, there isn't as much these days, compared to 30 or 40 years ago. I work in an industry with lots of Africans and Eastern Europeans, and all of our racism tends towards nationalism. Nobody, but nobody, will work on a project with Nigerians. Many will discretely ask about other problem nationalities, such as Albanians, Ukranians, and Egyptians. I just haven't seen much race or gender discrimination recently, but lacking a reasonable command of the local language (as well as english) will leave you as a third class citizen.
There is very recently a blatant political bias as well. Many interviewers will try to draw out answers on support for Bush or the Vlaams Blok. Most companies who want to be seen as progressive try to weed out Bushido supporters or Vlaams fanatics, while some companies take pride in being racist, right wing, all white, mullet sporting rednecks.
Since you haven't had a straight answer yet, I'll troll for karma^W^W^Wanswer your question.
The two biggest reasons for undersea cuts are boat anchors and bottom-drag fishing trawlers. The fishermen are the worst, there are areas where large numbers of undersea cables come in to shore, and fishing is outlawed. That means the area has a large amount of bottom fish (mollusks and the like) due to underfishing, which attracts idiot fishermen. They'll get their nets caught on a fibre, winch it up back and cut the fibre to save their nets. The ones who survive the first time they cut a fibre (which has high voltage to power undersea repeaters, 2000VDC at 10Amps from shore), learn to cut with non-conductive saws away from their boat. There are also lots of ships which drop anchors and catch a fibre, or crush it or drag it over rocks. Fortunately, most cuts happen within view of shore, so repair costs are only astronomical. Cuts further out tend to require a whole ship's compliment for a few weeks, and pro divers aren't cheap.
There is also a problem that undersea cables eventually come to land, usually very far away from civilisation. Then the fibre continues overland to get to someplace useful, and all the normal rules for backhoe fade come into play.
Doesn't anyone remember when Apple was doing really badly at the end of 1997, when Steve Jobs came back as "not the CEO, just a consultant"? Apple was doing very poorly because they, like every other OS manufacturer at the time, were locked out of every distribution channel by M$'s aggressive (and later, ruled illegal) control of >95% of the retail market place.
The MacWorld of 1998 had Jobs introducing Gates on stage, and they announced that M$ would make a US$150 million investment in Apple, buying US$75M of non-voting stock at twice the price (IIRC, AAPL was at $11/share, M$ paid $22/share). The deal also included a patent portfolio swap, where each has unlimited access to the other's patents royalty free. M$ agreed to support a fully functional version of office on the mac for at least 10 years. Apple agreed to drop its support of the anti-trust case. There were a bunch of other details in the deal which made the business rather unsavory, but both companies desperately needed each other at that moment in time.
Since then, it was obvious who really got the better end of that deal. Apple has unlimited access to every patent M$ owns or licenses from other companies. Apple can out-innovate M$ at every step, and never has to worry about a patent challenge in the courts. Jobs learned his lessons when dealing with Gates, and certainly made sure Apple couldn't be too screwed over by M$ later on. Now, with Apple rising on a whole raft of good, trendy, high-margin products and a completely independant distribution chain, and M$ floundering in a sea of troubles, it looks like Jobs is getting his revenge.
Exactly. When you have equipment that earns you money, you pay for support contracts. When you have kit that will cost you a lot of money if you can't fix it right away, you have service contracts.
All the big name vendors in every field, Sun and HP in servers, Cisco and Juniper in networking, etc, have service and support contract options. With Sun and Cisco, you have to be within a 3 hour drive of their warehouse to qualify, Dell will sell you a 4 hour contract even if the server is on top of a remote mountain, they just don't honor it when the crunch comes.
Support contracts are just a required operating expense, like paying for electricity, or taking payroll taxes out of salaries. Sure, it looks expensive to bean counters, but to anyone with real world experience it's just a cost to be absorbed into the budget. All hardware dies. Always. Only the young, naive idiots think their hardware is somehow magical and will continue working forever.
Dell recently gave themselves a black eye on their 4 hour service. Someone in an anal-retentive data centre, where you have to fax in a signed authorisation form for every person going in or out, had a Dell guy show up 1 or 2 days too late for their 4 hour window. I was just watching from the sidelines, but it was quite a show. Server dies on the Sunday a week before Christmas, the busiest time of the year for online retailers. Customer finally gets Dell on phone Monday morning, they had accidentally redirected their support number to an answering service. They get a promise to have Dell onsite Monday afternoon, fax in the auth request, have the dead server sitting out ready to go. Tuesday about noon the Dell guy shows up, is not let into the building because the auth was for Monday. I got hooked into the discussion by the security guards because I support that network, and can authorise equipment removal. I point out that the service contract is a 4 hour response time, and the courier is responding "but its before 4". Much funnier in dutch, and you had to be there. I think the customer got 2 years support for free (or refunded) on all his servers for that fuckup, after being seen with the HP sales rep.
Why pay for support and wait for a replacement parts when you can just buy your own spares for a fraction of the cost?
Because you don't always know where the client bought the counterfeit card in the first place. It works if some Chinese guy in a warehouse in Rotterdam is offering you a palette of boxes all at the same time, you put some aside for the eventual failures. But most of what I see is one-off counterfeits that were sold to a client at Cisco prices.
Sometimes when I get called to look at dead network, I find they have a half counterfeit system. At that point, the only thing I can do is search around for a used genuine Cisco system. Sometimes the replacement cost, even using a used equipment broker, is more than they paid for their whole network originally. Lots of fly-by-night web hosting services go for whatever cheap used junk they can find, and can't afford anything but counterfeit/ancient/broken kit.
There are a ton of counterfeit Cisco goods on the market, they all come from the same Flextronics plant in Suzhou, China where Cisco makes 40% of all its electronics. The cards are exactly the same as Cisco cards, but the firmware is sometimes different, and they are missing the official Cisco logo. They have the same part numbers as their Cisco counterpart. I'm pretty certain these are cards which failed QA/QC in the plant, and are re-sold without the Cisco logo.
These cards are the bane of support people. When you yank a failing card and realise you can't call TAC, the customer is screwed.
There are a lot of used equipment resellers in Europe with these cards and chassis, they come in through Rotterdam by the container load. You can pick up a non-branded, fully loaded 12008 for a few thousand euros, a 2811 for about 100 euros, and a palette of 1720s with ADSL WICs for 20 euros each. At those prices, you don't bother about TAC support, you just buy extras as spares and swap out anything that fails. The MTTF is usually under a year, so it's still Caveat Emptor.
I've never stayed there, I tend to stay at the Sofitel when in France. They keep sending me photos of some naked woman, but they aren't viewable on a Solaris Sparc station. I guess I'm missing out on something, but I really don't have any desire to find out.
It seems that you have picked up a few cisco buzzwords, but don't really understand where the problem lies. You need to learn more about how TCP truly works before spouting off.
rules to give TCP ACKs
"Hogging" the line isn't the problem. Even with prioritization, fair queueing and ingress policing being performed by my router, the problem isn't that the packets don't get through, or bandwidth isn't shared fairly, it's that latency gets large.
You are missing the point. TCP ACKs are the problem. The clearest explanation is Daniel Hartmeier's page. Pay attention to the graphs, where the "latency" seems to be getting too large, it is because the empty TCP ACK packets are getting delayed or dropped, limiting the download speeds. There are other things you can do on a loaded asymmetric line, such as enlarging the TCP window on your end equipment. WRED on your cisco is not going to help you at all, if it isn't putting ACKs in the higher priority queue. If you know so much about cisco (or are at least learning), then learn to make some class based rules for TCP ACKs, or some advanced ACLs to put ACKs into custom priority queues. Googling doesn't easily turn up the answer, and I don't really know why.
There rarely is any saturation internal to an ISP's network, it tends to happen at the transit peering connections (which cost money, and thus lag in development). Once customer traffic clears that first asymmetric hop, all the internal connections are symmetric. Your problem is that the asymmetry is accentuating TCP congestion problems, so concentrate your solution there.
Your ISP does not perform queueing. This is unlikely
Realise that no ADSL provider is going to do IP based prioritization, (although we'll tweak individual VCI channels at the ATM level for voice and video). ICMP packets have always been lowest priority, and are the first type of packets dropped on heavily loaded routers and switches. There isn't enough marketing return from whiny gamerz to prioritize ICMP.
I believe there is a very lucrative market out there for the first ADSL modem box manufacturer to produce a system which prioritizes return traffic and target the gamerz community. Come up with some snazzy marketing slogans "guaranteed best ping times" "cut your lag by 20%", and they could charge quite a premium to the gamerz crowd.
Marriage is not a guarantee of anything with the US anymore. I know quite a few Europeans married to Americans who have been refused entry because the marriage didn't perfectly meet the requirements. Even couples who have been together for decades can never visit the US together because once the authorities decide the marriage was for a green card the European ends up on the deny list. It takes about 10 to 15 years to get off the list.
I also know some couples who, all, without exception, sought out advice from immigration lawyers well before getting married. Good immigration lawyers know all the tricks the INS/DHS/whatever department uses to get a single disqualifying answer, and can school a couple on how to avoid the traps.
Talk to other bi-national couples, you should be searching out support groups for them in your area. Get recommendations for good immigration lawyers before hand, and make sure you know what exactly to say and how the process works.
My best advice is to start entering the green card lottery, you have about a 5x chance of getting a green card compared with H1 or other official channels. Skip the marriage gambit unless you are serious about your MOTOS.
Do you think evilviper knows of the legacy of KA9Q's packet drivers and all the technical contributions and advances he's made to networking over the years? I seriously doubt it, but then again, this is/.
Boom? It explodes? I don't touch M$ systems much any more, now I have a new excuse:-)
Sorry, it was wind{oze|ows} 2000 that needed a patch, I'm glad to see its much simpler in XP. I do have all my networks running IPv6 now (a few ISPs and a larger number of hosting companies). One of the bigger M$ installations I've hosted reports they just turned on IPv6 in the OS, patched IIS and dotNET for some critical IPv6 bugs, and their systems just worked. They only see about 1% of their total traffic on v6, entirely from macintosh users.
Its also good to see someone hack IPv6 onto a WRT54G, I've got a stack of them lying around that are pretty useless right now.
I hang my head in shame. I should have caught that, so I'll blame my Euro/American schizophrenic language skills.
Where it gets confusing is when using a word which describes a group or number using a singular. The English would say "The press are biased" and the Americans would say "The press is biased", in both cases the word "press" describes a group of people working in journalism. In the case of "a lot of", I could be referring to either a singular set or a plural set, so the verb conjugation would have to match the subject.
the AC Awww fsck it, I'll blame lack of beer^H^H^H^Hcaffeine
Yes, that is the (approximately) correct labeling of the 10 layer OSI model
Layers 1 through 7 - Technical Layer 8 - Financial Layer 9 - Political Layer 10 - Religious
I can show people what to do with layers 1 through 9, but layer 10 is something they have to experience and develop on their own. Layer 10 overrules all the lower layers when handled by someone sufficiently competent.
The original report was by Juniper and presented to a group working on upgrading the U.S. government and military networks to be dual-stacked for both v4 and v6. Since Juniper sells very expensive equipment, they want to lessen the sticker shock for all their government buyers.
There are a lot (two words) of places to look for IPv6 dual stacking.
Start with the big IPv6 hardware equipment vendors, like Cisco, Juniper, and Foundry. Look at the (relatively) free implementations that exist today, like BSDs, OpenBGPd, Mac OS-X, some linux distributions, Windoze with a patch (and soon to be included by default in Vista). That will give you some background in what to do, but since you asked such a wide open question there isn't really any one place to point you. Its almost as if you asked "I need to set up the internet, is there someplace I can learn everything about it?"
Try subscribing to some IPv6 mailing lists, or at least browsing their archives. Lots to learn there, some technical, much political. Most of the political is from clueless noobs who have just barely caught on how to configure their home NAT router, and are terrified they will now have to spend another decade learning something slightly new. The real engineers consider the migration to a dual-stacked internet as just another excercise they have to do as with every new technology.
I will admit, there is a learning curve. I have over 20 years of IPv4 experience, and it still took me a while to pick up some of the subtleties of v6. BGP peerings takes some extra work, but then again, it took years to learn all I know about v4 BGP peerings.
I would love to see some of the major internet sites start serving up content via IPv6. Slashdot, which, unfortunately, no longer seems to have anyone technically competent running it, would be a huge boost to IPv6 if they started serving up AAAA records in DNS. Add extra karma during the first few months of early adopters who can connect with IPv6, and there would be a rush of competent geeks setting up IPv6 tunnels to their home networks and pressuring their upstream ISPs to support it natively.
There is a huge amount of work to be done before the internet can be dual stacked. Apache2 supports IPv6 addresses, but PHP, MySQL, Perl and a host of other apps/languages/scripts choke or die when presented with IPv6. The IETF working group moved IPv6 from draft to standard recently, and now we just have to wait until it works its way into more and more new devices. I'm waiting on Cisco to include IPv6 standard in all versions of IOS, just like IPv4 is now.
Me, for one. Not exactly a new installation, but I just converted a bunch of E1 lines from R2 signalling to ISDN. It took about 4 hours, 3 of which were experimenting and testing to make sure the signalling was correct, then about 10 minutes to switch over each E1 and monitor call reliability. Next week I have to bring a whole system over to SS7, and start to convert the far end from R2 to ISDN. It's a standard Cisco job.
I'm not a big fan of the Cisco certs, but Cisco does know what is out there in the market. If you are naive enough to think the world is only DSL lines then I don't want you anywhere near my kit. When I see someone has earned their certs coupled with some equivalent work experience, I know they aren't going to break a network when I show them something new (meaning old and well established). The world is full of X.25 circuits, SNA, appletalk, ISDN, SS7, IpSec tunnels, but you will never have a real job working on Cisco with a bad attitude and obvious bias not to learn what's needed.
An E1 data circuit via a satellite channel to Africa or the Middle East will run about US$125k to US$200k/year, in satellite costs, uplink and downlink station maintenance, and the actual internet connection in Europe or NYC.
Compressors, TCP (packet shaping) optimisers, proxy caches, DNS/email caching, webvertising blocks, QoS and agressive firewall rules are pretty much a given for any kind of expensive satellite connection. On the luser end, to really make use of the web they can set their browsers to not automatically load images, change their TCP window to something huge, and a bunch of other tricks to keep themselves happy. Remote stations with large numbers of geeks have NNTP servers locally to keep up on the non-web world. IRC/IM is quite widely used, because they don't use much bandwidth at all (although I've heard of remote stations banning MSN messenger because it won't work without constantly loading advertising images)
But really, US$300k per year for an E1 circuit? There isn't any place on earth still that expensive. Drop me an email, we'll do lunch.
Slashdot Mirror
On machines that are not owned by me, but where I can influence the security policy, sudo is the only mechanism I permit. The only root logins are on the console (since they are all stuck in data centres, phyical access is very limited). Forcing sudo causes more responsible behaviour on everyone's part, and knowing that commands are logged, admins tend to think a little more before blowing the system away. On machines where I've enforced a sudo only policy, reliability goes way, WAY up.
On my own machines, I still use sudo, but it tends to be 'sudo bash', and I change the color of the xterm to red-on-black so I know it's root. Not the best practice, but I've made enough expensive mistakes in my past to be overly cautious most of the time.
the AC
I see token ring still in use in bank branches, main bank data processing centres, and some insurance companies. NATO is rumoured to have a bunch of legacy systems on TR. On the PC side, its mostly old ISA cards, and the 486-PII era machines which still have some crappy 32x0 emulator running in fullscreen mode on OS/2. On the the mainframe side, there are still old IBM 3080s+3090s, system 36/37/38s and many C390s around. Be afraid, be very afraid.
One of the side effects of some companies locked into dino^H^H^H^Hlegac^H^H^H^Htime tested solutions, is that they have to pay whatever it takes for dino^H^H^H^Hexperienced old-fa^H^Htimers to come in and fix the fsckups caused by young ignoramuses not having any knowledge of TR. My going rate right now is EUR400/hour, with a minimum of an 8 hour payment up front before I even set foot on the premises, and I still get called out about 3 times per year. get off my lawn...
Cisco must still have TR, I met a dejected CCIE candidate who told me he paid many thousands of euros for a one week CCIE-mill course, which took him from windoze point and click to supposedly a CCIE, only to have half his stack be wired with TR which the fly-by-night company had never heard of. Clearly the CCIE proctors have some tricks up their sleeves when they detect a candidate who has all the answers but none of the experience.
the AC
As well, my cisco study kit still has some 2513s and AGS+s and a box of TR cables (hermaphrodite and RJ45), ISA cards, and some 8228s. I haven't touched any of it in at least 5 years
Apple didn't know how to move funds from California to Belgium.
It's not as easy as many american companies think. I've seen Cisco, MTV, CNN, and a few other big american corps screw up the openings of their European HQs because they didn't pay the right law firm up front to do all the paper work and hire the legal minimum of locals. It was really bad during the dotcom boom, because companies flush with investment capital would just send a couple of guys they hired straight out of university (with zero work experience) and give them titles of "VP of European Operations" or "Head of European Sales", and the guys would end up working out of a hotel room for a few months because they didn't know enough to hire some locals. On at least two occasions they would try to hire me, since I had both European and American bank accounts. They'd want me to get all the payroll and expenses sent to my US account, and then distribute the money from my Belgian account to all their new partners. I'd say NO, and they had to fold up their operations because they just couldn't understand there were steep start up costs in Europe and they weren't willing to pay. Even when everything is set up, the banks sit on money transfers for a month or two, until a year's worth of funds go through with no problems.
the AC
Triple play DSL installations are now the norm in both Europe and parts of Asia. They are mostly based on the G.992.5 ADSL2+ standard, the DSLAMs and CPE boxes have been available since 2002, with a big uptake seen about 2 years ago.
Technically, there is 24 Mbps of downstream bandwidth available (with no voice band splitters, it can use the whole bandwidth of the copper pair). G.992 also allows for multiple ATM pipes, so a service provider can reserve 16kbps for VOIP, 1-3 Mbps for a single MPEG-4 video stream, and the rest for internet. There is also the concept of separate interleave delays for each ATM circuit, so a voice channel can have a low delay, video a high delay, and internet can have either a high delay with higer bandwidth or low delay with lower bandwidth (for the gamerz oh-so-important ping times). Even customers out at the far limits of DSL still have a few hundred Kbps of internet left after the VOIP and TV feeds.
Video channel switching is done via a reserved communications channel between the set-top CPE box and the DSLAM, as you zap through the channels, the DSLAM chooses the video stream. The major downside is that there needs to be a fibre feed with all the channels going through every DSLAM, a couple of Gbit/sec worth of streaming video for the companies who have 300+ channels available. The video quality I've seen on every system is pretty poor, MPEG artifacts everywhere, skips and delays, and no synchro between audio and video streams.
I've just returned from a working vacation in the U.S., and I was stunned at the primitiveness of the DSL infrastructure. The big 3 monopolies own the copper, Local Loop Unbundling (or naked DSL) is almost non-existant, download caps as bad as Australia, AUPs forbid all kinds of things like leaving an SSH server on your home machine for remote access. I'm glad to be back in the first world, internet-wise.
At CeBIT last week, everyone was talking VDSL2. European providers with large ADSL2+ networks are upgrading to 50Mbps VDSL2. All the chinese manufacturers were showing off working VDSL2 systems based on conexant and broadcom chipsets.
the AC
My network sounded like a couple of trains crashing into each other, in the middle of a field of empty rusting bathtubs, with a cold, harsh, north wind blowing at hurricane force. And that was on a good day :-)
the AC
You may have meant your post to be "funny", but it's a serious business for used booksellers.
I shop regularly at a couple of used bookshops, and both owners are quite well versed in the battle to eliminate their livelihood. Brussels (the Commission and the Parliament) have been heavily lobbied by publishers to change the rights around "right of first sale", and criminalise the re-selling of books. The lobbying currently is following in the footsteps of the recording industry, in the hopes of making a complete overhaul of copyright law in Europe, pointing to the gains made in the US and asking for equalisation without debate.
The moves to criminalise libraries and used bookshops are quite well advanced in the US, but until now common sense is resisting the corrupting influence of the almighty dollar. Give the US congress a little more time to accept some bribes^Wlobbying dollars, and we could see used bookshops outlawed soon enough.
the AC
Age is the biggest issue.
Companies are only recruiting younger talent for perm positions right now, because once they get them in at a cheap wage, there will not be any significant pay rises for the length of their career. Companies only want older, extremely experienced people, like myself, for specific short term contracts. I can do the work of a whole department of CCNAs in one tenth the time, so the numbers come out in my favour. Unfortunately, not all the companies out there have someone who can run the numbers. Its all the people between 30 and 50 years of age who have familes to think of, regular hours to keep, and a life outside of work, who have the most difficult time.
As for skin colour racism, there isn't as much these days, compared to 30 or 40 years ago. I work in an industry with lots of Africans and Eastern Europeans, and all of our racism tends towards nationalism. Nobody, but nobody, will work on a project with Nigerians. Many will discretely ask about other problem nationalities, such as Albanians, Ukranians, and Egyptians. I just haven't seen much race or gender discrimination recently, but lacking a reasonable command of the local language (as well as english) will leave you as a third class citizen.
There is very recently a blatant political bias as well. Many interviewers will try to draw out answers on support for Bush or the Vlaams Blok. Most companies who want to be seen as progressive try to weed out Bushido supporters or Vlaams fanatics, while some companies take pride in being racist, right wing, all white, mullet sporting rednecks.
the AC
In France, you get a pamphlet that goes something like this (I'm not exaggerating):
...snippage...
:-)
Ah, the good old days. Things were simpler, then.
the AC
Since you haven't had a straight answer yet, I'll troll for karma^W^W^Wanswer your question.
The two biggest reasons for undersea cuts are boat anchors and bottom-drag fishing trawlers. The fishermen are the worst, there are areas where large numbers of undersea cables come in to shore, and fishing is outlawed. That means the area has a large amount of bottom fish (mollusks and the like) due to underfishing, which attracts idiot fishermen. They'll get their nets caught on a fibre, winch it up back and cut the fibre to save their nets. The ones who survive the first time they cut a fibre (which has high voltage to power undersea repeaters, 2000VDC at 10Amps from shore), learn to cut with non-conductive saws away from their boat. There are also lots of ships which drop anchors and catch a fibre, or crush it or drag it over rocks. Fortunately, most cuts happen within view of shore, so repair costs are only astronomical. Cuts further out tend to require a whole ship's compliment for a few weeks, and pro divers aren't cheap.
There is also a problem that undersea cables eventually come to land, usually very far away from civilisation. Then the fibre continues overland to get to someplace useful, and all the normal rules for backhoe fade come into play.
the AC
Doesn't anyone remember when Apple was doing really badly at the end of 1997, when Steve Jobs came back as "not the CEO, just a consultant"? Apple was doing very poorly because they, like every other OS manufacturer at the time, were locked out of every distribution channel by M$'s aggressive (and later, ruled illegal) control of >95% of the retail market place.
The MacWorld of 1998 had Jobs introducing Gates on stage, and they announced that M$ would make a US$150 million investment in Apple, buying US$75M of non-voting stock at twice the price (IIRC, AAPL was at $11/share, M$ paid $22/share). The deal also included a patent portfolio swap, where each has unlimited access to the other's patents royalty free. M$ agreed to support a fully functional version of office on the mac for at least 10 years. Apple agreed to drop its support of the anti-trust case. There were a bunch of other details in the deal which made the business rather unsavory, but both companies desperately needed each other at that moment in time.
Since then, it was obvious who really got the better end of that deal. Apple has unlimited access to every patent M$ owns or licenses from other companies. Apple can out-innovate M$ at every step, and never has to worry about a patent challenge in the courts. Jobs learned his lessons when dealing with Gates, and certainly made sure Apple couldn't be too screwed over by M$ later on. Now, with Apple rising on a whole raft of good, trendy, high-margin products and a completely independant distribution chain, and M$ floundering in a sea of troubles, it looks like Jobs is getting his revenge.
the AC
Exactly. When you have equipment that earns you money, you pay for support contracts. When you have kit that will cost you a lot of money if you can't fix it right away, you have service contracts.
All the big name vendors in every field, Sun and HP in servers, Cisco and Juniper in networking, etc, have service and support contract options. With Sun and Cisco, you have to be within a 3 hour drive of their warehouse to qualify, Dell will sell you a 4 hour contract even if the server is on top of a remote mountain, they just don't honor it when the crunch comes.
Support contracts are just a required operating expense, like paying for electricity, or taking payroll taxes out of salaries. Sure, it looks expensive to bean counters, but to anyone with real world experience it's just a cost to be absorbed into the budget. All hardware dies. Always. Only the young, naive idiots think their hardware is somehow magical and will continue working forever.
Dell recently gave themselves a black eye on their 4 hour service. Someone in an anal-retentive data centre, where you have to fax in a signed authorisation form for every person going in or out, had a Dell guy show up 1 or 2 days too late for their 4 hour window. I was just watching from the sidelines, but it was quite a show. Server dies on the Sunday a week before Christmas, the busiest time of the year for online retailers. Customer finally gets Dell on phone Monday morning, they had accidentally redirected their support number to an answering service. They get a promise to have Dell onsite Monday afternoon, fax in the auth request, have the dead server sitting out ready to go. Tuesday about noon the Dell guy shows up, is not let into the building because the auth was for Monday. I got hooked into the discussion by the security guards because I support that network, and can authorise equipment removal. I point out that the service contract is a 4 hour response time, and the courier is responding "but its before 4". Much funnier in dutch, and you had to be there. I think the customer got 2 years support for free (or refunded) on all his servers for that fuckup, after being seen with the HP sales rep.
the AC
Why pay for support and wait for a replacement parts when you can just buy your own spares for a fraction of the cost?
Because you don't always know where the client bought the counterfeit card in the first place. It works if some Chinese guy in a warehouse in Rotterdam is offering you a palette of boxes all at the same time, you put some aside for the eventual failures. But most of what I see is one-off counterfeits that were sold to a client at Cisco prices.
Sometimes when I get called to look at dead network, I find they have a half counterfeit system. At that point, the only thing I can do is search around for a used genuine Cisco system. Sometimes the replacement cost, even using a used equipment broker, is more than they paid for their whole network originally. Lots of fly-by-night web hosting services go for whatever cheap used junk they can find, and can't afford anything but counterfeit/ancient/broken kit.
the AC
There are a ton of counterfeit Cisco goods on the market, they all come from the same Flextronics plant in Suzhou, China where Cisco makes 40% of all its electronics. The cards are exactly the same as Cisco cards, but the firmware is sometimes different, and they are missing the official Cisco logo. They have the same part numbers as their Cisco counterpart. I'm pretty certain these are cards which failed QA/QC in the plant, and are re-sold without the Cisco logo.
These cards are the bane of support people. When you yank a failing card and realise you can't call TAC, the customer is screwed.
There are a lot of used equipment resellers in Europe with these cards and chassis, they come in through Rotterdam by the container load. You can pick up a non-branded, fully loaded 12008 for a few thousand euros, a 2811 for about 100 euros, and a palette of 1720s with ADSL WICs for 20 euros each. At those prices, you don't bother about TAC support, you just buy extras as spares and swap out anything that fails. The MTTF is usually under a year, so it's still Caveat Emptor.
the AC
I've never stayed there, I tend to stay at the Sofitel when in France. They keep sending me photos of some naked woman, but they aren't viewable on a Solaris Sparc station. I guess I'm missing out on something, but I really don't have any desire to find out.
the AC
It seems that you have picked up a few cisco buzzwords, but don't really understand where the problem lies. You need to learn more about how TCP truly works before spouting off.
rules to give TCP ACKs
"Hogging" the line isn't the problem. Even with prioritization, fair queueing and ingress policing being performed by my router, the problem isn't that the packets don't get through, or bandwidth isn't shared fairly, it's that latency gets large.
You are missing the point. TCP ACKs are the problem. The clearest explanation is Daniel Hartmeier's page. Pay attention to the graphs, where the "latency" seems to be getting too large, it is because the empty TCP ACK packets are getting delayed or dropped, limiting the download speeds. There are other things you can do on a loaded asymmetric line, such as enlarging the TCP window on your end equipment. WRED on your cisco is not going to help you at all, if it isn't putting ACKs in the higher priority queue. If you know so much about cisco (or are at least learning), then learn to make some class based rules for TCP ACKs, or some advanced ACLs to put ACKs into custom priority queues. Googling doesn't easily turn up the answer, and I don't really know why.
There rarely is any saturation internal to an ISP's network, it tends to happen at the transit peering connections (which cost money, and thus lag in development). Once customer traffic clears that first asymmetric hop, all the internal connections are symmetric. Your problem is that the asymmetry is accentuating TCP congestion problems, so concentrate your solution there.
Your ISP does not perform queueing. This is unlikely
Realise that no ADSL provider is going to do IP based prioritization, (although we'll tweak individual VCI channels at the ATM level for voice and video). ICMP packets have always been lowest priority, and are the first type of packets dropped on heavily loaded routers and switches. There isn't enough marketing return from whiny gamerz to prioritize ICMP.
I believe there is a very lucrative market out there for the first ADSL modem box manufacturer to produce a system which prioritizes return traffic and target the gamerz community. Come up with some snazzy marketing slogans "guaranteed best ping times" "cut your lag by 20%", and they could charge quite a premium to the gamerz crowd.
the AC
It's the end of the year, and /. is reposting its best dupes from 2005 (and 2004 and...)
the AC
Marriage is not a guarantee of anything with the US anymore. I know quite a few Europeans married to Americans who have been refused entry because the marriage didn't perfectly meet the requirements. Even couples who have been together for decades can never visit the US together because once the authorities decide the marriage was for a green card the European ends up on the deny list. It takes about 10 to 15 years to get off the list.
I also know some couples who, all, without exception, sought out advice from immigration lawyers well before getting married. Good immigration lawyers know all the tricks the INS/DHS/whatever department uses to get a single disqualifying answer, and can school a couple on how to avoid the traps.
Talk to other bi-national couples, you should be searching out support groups for them in your area. Get recommendations for good immigration lawyers before hand, and make sure you know what exactly to say and how the process works.
My best advice is to start entering the green card lottery, you have about a 5x chance of getting a green card compared with H1 or other official channels. Skip the marriage gambit unless you are serious about your MOTOS.
the AC
Don't tug on Superman's cape, son.
/.
Do you think evilviper knows of the legacy of KA9Q's packet drivers and all the technical contributions and advances he's made to networking over the years? I seriously doubt it, but then again, this is
the AC
wait a few minutes and boom
:-)
Boom? It explodes? I don't touch M$ systems much any more, now I have a new excuse
Sorry, it was wind{oze|ows} 2000 that needed a patch, I'm glad to see its much simpler in XP. I do have all my networks running IPv6 now (a few ISPs and a larger number of hosting companies). One of the bigger M$ installations I've hosted reports they just turned on IPv6 in the OS, patched IIS and dotNET for some critical IPv6 bugs, and their systems just worked. They only see about 1% of their total traffic on v6, entirely from macintosh users.
Its also good to see someone hack IPv6 onto a WRT54G, I've got a stack of them lying around that are pretty useless right now.
the AC
I hang my head in shame. I should have caught that, so I'll blame my Euro/American schizophrenic language skills.
Where it gets confusing is when using a word which describes a group or number using a singular. The English would say "The press are biased" and the Americans would say "The press is biased", in both cases the word "press" describes a group of people working in journalism. In the case of "a lot of", I could be referring to either a singular set or a plural set, so the verb conjugation would have to match the subject.
the AC
Awww fsck it, I'll blame lack of beer^H^H^H^Hcaffeine
Yes, that is the (approximately) correct labeling of the 10 layer OSI model
Layers 1 through 7 - Technical
Layer 8 - Financial
Layer 9 - Political
Layer 10 - Religious
I can show people what to do with layers 1 through 9, but layer 10 is something they have to experience and develop on their own. Layer 10 overrules all the lower layers when handled by someone sufficiently competent.
the AC
The original report was by Juniper and presented to a group working on upgrading the U.S. government and military networks to be dual-stacked for both v4 and v6. Since Juniper sells very expensive equipment, they want to lessen the sticker shock for all their government buyers.
There are a lot (two words) of places to look for IPv6 dual stacking.
Start with the big IPv6 hardware equipment vendors, like Cisco, Juniper, and Foundry. Look at the (relatively) free implementations that exist today, like BSDs, OpenBGPd, Mac OS-X, some linux distributions, Windoze with a patch (and soon to be included by default in Vista). That will give you some background in what to do, but since you asked such a wide open question there isn't really any one place to point you. Its almost as if you asked "I need to set up the internet, is there someplace I can learn everything about it?"
Try subscribing to some IPv6 mailing lists, or at least browsing their archives. Lots to learn there, some technical, much political. Most of the political is from clueless noobs who have just barely caught on how to configure their home NAT router, and are terrified they will now have to spend another decade learning something slightly new. The real engineers consider the migration to a dual-stacked internet as just another excercise they have to do as with every new technology.
I will admit, there is a learning curve. I have over 20 years of IPv4 experience, and it still took me a while to pick up some of the subtleties of v6. BGP peerings takes some extra work, but then again, it took years to learn all I know about v4 BGP peerings.
I would love to see some of the major internet sites start serving up content via IPv6. Slashdot, which, unfortunately, no longer seems to have anyone technically competent running it, would be a huge boost to IPv6 if they started serving up AAAA records in DNS. Add extra karma during the first few months of early adopters who can connect with IPv6, and there would be a rush of competent geeks setting up IPv6 tunnels to their home networks and pressuring their upstream ISPs to support it natively.
There is a huge amount of work to be done before the internet can be dual stacked. Apache2 supports IPv6 addresses, but PHP, MySQL, Perl and a host of other apps/languages/scripts choke or die when presented with IPv6. The IETF working group moved IPv6 from draft to standard recently, and now we just have to wait until it works its way into more and more new devices. I'm waiting on Cisco to include IPv6 standard in all versions of IOS, just like IPv4 is now.
the AC
Then let it be this girl:
Melissa Theuriau
with other photos here and a GIS will turn up enough to keep you happy.
Currently a Fark cliche, but one of the most pleasant to look at.
the AC
Who uses ISDN in a new installation anyway?
Me, for one. Not exactly a new installation, but I just converted a bunch of E1 lines from R2 signalling to ISDN. It took about 4 hours, 3 of which were experimenting and testing to make sure the signalling was correct, then about 10 minutes to switch over each E1 and monitor call reliability. Next week I have to bring a whole system over to SS7, and start to convert the far end from R2 to ISDN. It's a standard Cisco job.
I'm not a big fan of the Cisco certs, but Cisco does know what is out there in the market. If you are naive enough to think the world is only DSL lines then I don't want you anywhere near my kit. When I see someone has earned their certs coupled with some equivalent work experience, I know they aren't going to break a network when I show them something new (meaning old and well established). The world is full of X.25 circuits, SNA, appletalk, ISDN, SS7, IpSec tunnels, but you will never have a real job working on Cisco with a bad attitude and obvious bias not to learn what's needed.
the AC
An E1 data circuit via a satellite channel to Africa or the Middle East will run about US$125k to US$200k/year, in satellite costs, uplink and downlink station maintenance, and the actual internet connection in Europe or NYC.
Compressors, TCP (packet shaping) optimisers, proxy caches, DNS/email caching, webvertising blocks, QoS and agressive firewall rules are pretty much a given for any kind of expensive satellite connection. On the luser end, to really make use of the web they can set their browsers to not automatically load images, change their TCP window to something huge, and a bunch of other tricks to keep themselves happy. Remote stations with large numbers of geeks have NNTP servers locally to keep up on the non-web world. IRC/IM is quite widely used, because they don't use much bandwidth at all (although I've heard of remote stations banning MSN messenger because it won't work without constantly loading advertising images)
But really, US$300k per year for an E1 circuit? There isn't any place on earth still that expensive. Drop me an email, we'll do lunch.
the AC