[cramer:ttyp0]dominion:~/[3:35pm]:cat/etc/redhat-release release 4.1 (Vanderbilt) [cramer:ttyp0]dominion:~/[3:35pm]:un ame -a Linux dominion 2.3.42-SMP #11 SMP Sun Feb 6 20:06:02 EST 2000 i686
Please clarify what metrics you're measuring to declare it "slow". Just because Gentoo compiles everything on the installing host doesn't mean it's any better. The options given on your P4 will be the same as those on a PIII or athlon system.
I've already commited to switching to Debian as redhat long ago abandoned everything non-x86. (alpha's, sparc's, ppc's,...) RedHat tends to make too many modification to the stuff they ship with very little reasoning -- ipv6 support in ncftp that cannot be shut off without building it yourself, a kernel so alien I cannot bring myself to call it Linux.
Fedora is just another cheap trick... people develop redhat's systems for free and RedHat turns around to sell it. For a very high price. It's a nice gig, if you can get it.
The general public ("people") aren't sysadmins. And yes, they do use Windows 2000, although I'd have to say it's rare. The sysadmins who install and manage those 2k/NT systems usually do (or have) run the same OSes at home -- it's part of the learning process.
If one isn't familiar with a product, then they won't even know of it's existance to recommend it. As a good admin, I will never recommend any product for which I have no familiarity because there's no way for me to know it will do what we need (or if the sales drone is lying -- which they do, you know.) Without the backing of experience, a recommendation is almost useless. (That's why companies offer evaluations.)
[SMTP is on port 25. No wonder you can't send email:-)]
If you use Cox, then you have other problems.
And Cox is a cable provider, so, technically, those users aren't "dialup". Cable modems are a very serious spam soup. Blocking port 25 is almost required by law.
Where I used to work, we had people's open Exchange(tm) servers being blacklisted all the time (a few per month.) It was never a huge "stone tablet"-deal to get them removed from the various lists. Yes, it would take time -- a few days to a week.
AOL on the other hand has always been a pain in the ass. Blocking isn't consistant across their farm(s). And even they don't know how to find elements in their block lists. (I'm glad I don't deal with that shit anymore.)
As for item #4, you're right all email from dialup's is not spam. However, finding the few that aren't in the sea of spam is not easy, and in fact, not worth the effort. It's perfectly acceptable to tell dialup users to relay their email through their ISP's systems. It's not like email is being received on that dialup IP.
You're living in the land of theory (where everything works.) Dialup users are like trailer parks (no offense.) There are very few dialup users who patch their systems at all. In their minds, what's the point; they aren't connected all the time so how can anyone break in? (assuming they think about it, which they don't.) Plus, it takes freakin' forever to download the 30MB of M$ patches every week.
(FYI, UUNet wholesale dialup requires an SMTP filter in the RADIUS reply. If dialup spam weren't a problem, they certainly wouldn't require it.)
Yes, but then you've already wasted the bandwidth for receiving this junk. To an ISP, that's a whole freakin' lot of junk. Wasted bandwidth and processing time means bigger connections (3x the bandwitdh; 3x the price) and more hardware (10k$ at a pop.)
Think about how many bits there are in the billion+ emails AOL is claiming to filter everyday.
There's a big difference here -- even if the law doesn't make any distinction. SCO is taking stuff thousands of people have created for free, calling it theirs and then selling it (for real money.) And they're going even further to say it doesn't belong to those who created it. File swapping of songs is taking something someone was paid to create (and presumablly, at least one person paid money to obtain) and giving it away for free. (It's not as if everyone were downloading from napster, burning the stuff to CDs, and then selling them as their own songs.)
Granted, legally, there's no distinction between the two. Both are copyright violations and theft. Selling something that's free or giving away something that's forsale... doesn't matter.
Cisco only require you to buy a new software licence if you want support.
Not true. Cisco wants you to pay for a software license and support for every molecule of Cisco hardware you own. For the stuff purchased directly through the Cisco distribution network, you've already paid that fee (and for the hardware about 5x over.) If you have existing support contracts and Cisco finds out you have purchased any used hardware, they will threaten to cancel all the contracts. And until your lawyers, without blinking, tell Cisco to "shut the f*** up", they will continue to reiterate that threat.
As I was told (by an actual lawyer), Cisco can not bar the transfer of the hardware plus software. In selling you used Cisco gear, I'm transfering exactly what I've purchased from Cisco -- the physical hardware and all the associated integrated components of which the internal IOS/CatOS/PixOS is but one. (Go look up stuff pertaining to the doctrine of first sale.) HOWEVER, Cisco pays their lawyers good money; I know they've changed the ordering process and they've probably changed the wording of their contracts. So, I'd recommend reading any new Cisco contracts very closely.
Kernel modules are not "dynamic linkage". Linus has stated repeatedly over the years that binary modules are not a violation. If it is, then many more than broadcom, linksys, and cisco are in hot water. And if your non-legal interpretation is true, there are thousands of companies violating the GPL -- everything uses (g)libc, and a lot of other GPL'd stuff uses (or can use) non-GPL'd libraries. (In fact, it would be so broad as to be unenforcable.) That's the whole point of dynamic linkage. Static linkage is a whole other ballgame.
The GPL covers source code and what gets done to that source code (a "derivative work".) In the case of linux kernel modules, 3rd party code is using a documented standard interface to provide additional functionality. The code covered by the GPL need not be modified in any way. The only restrictions Linus has voiced pertain to modifying the kernel (GPL'd code) to create hooks specifically for a 3rd party module. 3rd party, closed source, non-GPL'd modular drivers are perfectly acceptable.
Looking through the image the new wrv54g is running... wait for it... the wireless interface is a MODULE. lib/modules/islpci.o to be precise. The wrt54g... lib/modules/2.4.5/kernel/drivers/net/wl/wl.o.
And Linksys didn't write those drivers. The chip manufacturers did. And their current linux environment (wrv54g hardware) is a commercial environment from Jungo - OpenRG.
(BTW, the include files for the ipsec hardware crypto aren't there, so one cannot build the exact same kernel. I haven't dug through Intel's web site to see if they are available or not.)
That's exactly the point. Cisco started this practice recently (over a year ago now.) All that hardware sold on credit that no one is left to cover is coming back to haunt them.
bulk? Linksys didn't simply download the latest RedHat and install it on their hardware. They did a lot more work than you're giving them credit for.
There's nothing at all wrong with companies using Linux as the base for their products -- more than you'd ever suspect actually are. The biggest stink is over the source to Broadcom's wireless driver -- so the chips can be supported in other systems. The thing is, they don't have to give you the source to *their* f***ing driver. It's their driver. It's loaded as a module and thus not sucked under the GPL. Unless you can prove the Broadcom driver is an adaptation of a GPL'd driver, that's the end of the discussion. Now who's trying to steel what?
Can we stop blaming CISCO... they bought LINKSYS. And LINKSYS uses Linux in many of their products. It's sorta like buying up rental properties to later find one of them was a meth lab. Cisco will eventually figure out what their children are doing and put a stop to it. (Everything must run IOS afterall.)
You've obviously never worked with Cisco. Cisco wants to sell you everything. Repeatedly. Look what happened to the guys that ported Linux to a Cat 6500... they now work for Cisco and the code never left the building. If end users could recompile "IOS", Cisco loses a substantial source of income -- even if most people wouldn't know what to do with the source, someone would and that'd be the end of Cisco getting paid for their development. (In my opinion, Cisco has done such a piss poor job of development and testing in recent years, "open source" couldn't do any worse.) Cisco makes great hardware (and always has), however, their software just makes me want to shoot someone -- really, what the f*** are they testing?!
As a company, "we" once toyed with the idea of loading our own code on Linksys hardware (it's simple really, even before the whole GPL BS.) But that didn't make it past the lawyer(s):-)
PS: Cisco is terrified of all the old, "obsolete", "used" hardware floating around. And with all the failed dot-coms, there's tones of it available. Some of it never came out of the box/off the pallet. It might be several years old, but it works perfectly (2500's, 5000's, etc.)
And about 4hrs after announcing the 320GB drives, Maxtor recalled them. Permanently. Without comment. The few that made it outside the company did not appear to problematic (they weren't radioactive or anything), but they were all returned as requested, so I have no idea what issues might have existed.
Under Linux on x86 (HZ=100), the uptime counter rolls over just beyond 497 days. I know of a (linux) machine that's been running just as long. Sitting on the same shelf as that firewall, in fact.:-) (Last restart was in April 2001 when it was moved to the co-lo area at the CO.)
Don't waste your time complaining about a "3 year old kernel" -- if it's been working for 3 years, leave it the f*** alone.)
No,.com is not a domain. foo.com is a domain. ".com" is a primary branch in the DNS tree. And providing a single A record does not make it a valid domain. The are no SOA or NS records for these nonexistant domains created by the wildcard.
We're working in a different part of the tree. Leaves don't sprout from the trunk of a tree (or from the roots); they form at the end of branches off larger branches from the trunk.
At any rate, Verisign has changed the behavior of a well established system with reckless disregard for it's impact. Furthermore, they did so expressly for their financial gain. In this country, we have laws to prevent people/companies from unjustly weild monopoly power. Verisign receives a fee for every domain that exists, yet they still see fit to coopt the domain system for their benefit. At the very least, they are violating the Sherman Act.
Again, someone with only a partial clue... the roots are a-m (at the moment.) And there are a-m gtld servers as well. The "number of responses" doesn't have anything to do with it... if you send X queries, you get back, at most, X responses. If the payload is too big, all of it will not be processed (or, if it's a crappy M$ Windows product, it'll probablly just crash.) (Yes, I have a 10 year old BIND server that works perfectly fine in the modern internet.)
As for the load on the DNS system... caching doesn't help much when presented with queries for hundreds or thousands of domains that don't exist. What Verisign is doing isn't going to help this -- in fact, with the TTL they have on the wildcard, it'll actually make it worse.
WRONG. There is an "A" record (address) resovling for everything. If it were a CNAME, then it wouldn't be an issue for compliant SMTP servers -- email isn't delivered to CNAMEs.
At any rate, what they are doing is a violation of the RFCs. Nonexistant domains return NXDOMAIN - period; there is simply no area for discussion on this point. Wildcards for host records and/or subdomains ala "*.bar.com" are perfectly valid; they are wildcards for individual hosts and subdomains. A wildcard for "*.net" is a violation of the RFCs as you are now returning something other than NXDOMAIN for a nonexistant domain. It doesn't matter what the f*** the user asked for, if the domain does not exist, you DO NOT return a record.
We're working at a different point in the tree. A different section of the rules apply. The asses at Verisign are attempting to attach application intelligence to a system that has no application awareness -- DNS doesn't know what protocol you're going to be using or to what port you're going to attempt to connect.
Not exactly... the trailing dot is not there unless you type it. (However, it is generally implied.) Adding the trailing dot on a hostname prevents the resolver from trying domains from the search list (if there are any.) As such, there's a difference between "www" and "www.".
A search for www.ibm.com would look in the cache for a match. Failing that, the leading component is removed and the search repeated. Once it been striped down to nothing, you're at the top of the tree ("."). Those are the gTLD's (global top level domain servers) explicitly provided ("named.cache") to the server. (Changing the root is how various alternative DNS systems work.)
Domain names were never free. You were simply never charged for them. The NSF entrusted Internic with running the domain service. They were allowed to charge for domain registrations (and actually claimed to do so) but didn't do so for years. When they did start charging, they only billed the initial cost (2 years up front) and never sent bills for renewals. As I recall, domains were 100$ per year then. Increasingly greeder people have been running the system ever since -- the cost of running DNS for.com and.net is an insignificant fraction of the money collected for domain registration and renewal. Network Solutions (Verisign) is just pissed off that they don't get to set the price for domains and collect their billions every year. (35$/yr x how many million domains?)
(Internic started charging only after the costs began to exceed the amount NSF was paying them.)
[cramer:ttyp0]dominion:~/[3:35pm]:cat /etc/redhat-releasen ame -a
release 4.1 (Vanderbilt)
[cramer:ttyp0]dominion:~/[3:35pm]:u
Linux dominion 2.3.42-SMP #11 SMP Sun Feb 6 20:06:02 EST 2000 i686
*whistles innocently*
- de facto slowest Linux distribution
Please clarify what metrics you're measuring to declare it "slow". Just because Gentoo compiles everything on the installing host doesn't mean it's any better. The options given on your P4 will be the same as those on a PIII or athlon system.I've already commited to switching to Debian as redhat long ago abandoned everything non-x86. (alpha's, sparc's, ppc's, ...) RedHat tends to make too many modification to the stuff they ship with very little reasoning -- ipv6 support in ncftp that cannot be shut off without building it yourself, a kernel so alien I cannot bring myself to call it Linux.
Fedora is just another cheap trick... people develop redhat's systems for free and RedHat turns around to sell it. For a very high price. It's a nice gig, if you can get it.
The general public ("people") aren't sysadmins. And yes, they do use Windows 2000, although I'd have to say it's rare. The sysadmins who install and manage those 2k/NT systems usually do (or have) run the same OSes at home -- it's part of the learning process.
If one isn't familiar with a product, then they won't even know of it's existance to recommend it. As a good admin, I will never recommend any product for which I have no familiarity because there's no way for me to know it will do what we need (or if the sales drone is lying -- which they do, you know.) Without the backing of experience, a recommendation is almost useless. (That's why companies offer evaluations.)
[SMTP is on port 25. No wonder you can't send email :-)]
If you use Cox, then you have other problems.
And Cox is a cable provider, so, technically, those users aren't "dialup". Cable modems are a very serious spam soup. Blocking port 25 is almost required by law.
Where I used to work, we had people's open Exchange(tm) servers being blacklisted all the time (a few per month.) It was never a huge "stone tablet"-deal to get them removed from the various lists. Yes, it would take time -- a few days to a week.
AOL on the other hand has always been a pain in the ass. Blocking isn't consistant across their farm(s). And even they don't know how to find elements in their block lists. (I'm glad I don't deal with that shit anymore.)
As for item #4, you're right all email from dialup's is not spam. However, finding the few that aren't in the sea of spam is not easy, and in fact, not worth the effort. It's perfectly acceptable to tell dialup users to relay their email through their ISP's systems. It's not like email is being received on that dialup IP.
You're living in the land of theory (where everything works.) Dialup users are like trailer parks (no offense.) There are very few dialup users who patch their systems at all. In their minds, what's the point; they aren't connected all the time so how can anyone break in? (assuming they think about it, which they don't.) Plus, it takes freakin' forever to download the 30MB of M$ patches every week.
(FYI, UUNet wholesale dialup requires an SMTP filter in the RADIUS reply. If dialup spam weren't a problem, they certainly wouldn't require it.)
Yes, but then you've already wasted the bandwidth for receiving this junk. To an ISP, that's a whole freakin' lot of junk. Wasted bandwidth and processing time means bigger connections (3x the bandwitdh; 3x the price) and more hardware (10k$ at a pop.)
Think about how many bits there are in the billion+ emails AOL is claiming to filter everyday.
There's a big difference here -- even if the law doesn't make any distinction. SCO is taking stuff thousands of people have created for free, calling it theirs and then selling it (for real money.) And they're going even further to say it doesn't belong to those who created it. File swapping of songs is taking something someone was paid to create (and presumablly, at least one person paid money to obtain) and giving it away for free. (It's not as if everyone were downloading from napster, burning the stuff to CDs, and then selling them as their own songs.)
Granted, legally, there's no distinction between the two. Both are copyright violations and theft. Selling something that's free or giving away something that's forsale... doesn't matter.
- Cisco only require you to buy a new software licence if you want support.
Not true. Cisco wants you to pay for a software license and support for every molecule of Cisco hardware you own. For the stuff purchased directly through the Cisco distribution network, you've already paid that fee (and for the hardware about 5x over.) If you have existing support contracts and Cisco finds out you have purchased any used hardware, they will threaten to cancel all the contracts. And until your lawyers, without blinking, tell Cisco to "shut the f*** up", they will continue to reiterate that threat.As I was told (by an actual lawyer), Cisco can not bar the transfer of the hardware plus software. In selling you used Cisco gear, I'm transfering exactly what I've purchased from Cisco -- the physical hardware and all the associated integrated components of which the internal IOS/CatOS/PixOS is but one. (Go look up stuff pertaining to the doctrine of first sale.) HOWEVER, Cisco pays their lawyers good money; I know they've changed the ordering process and they've probably changed the wording of their contracts. So, I'd recommend reading any new Cisco contracts very closely.
Stupid Anonymous Idiot.
Kernel modules are not "dynamic linkage". Linus has stated repeatedly over the years that binary modules are not a violation. If it is, then many more than broadcom, linksys, and cisco are in hot water. And if your non-legal interpretation is true, there are thousands of companies violating the GPL -- everything uses (g)libc, and a lot of other GPL'd stuff uses (or can use) non-GPL'd libraries. (In fact, it would be so broad as to be unenforcable.) That's the whole point of dynamic linkage. Static linkage is a whole other ballgame.
The GPL covers source code and what gets done to that source code (a "derivative work".) In the case of linux kernel modules, 3rd party code is using a documented standard interface to provide additional functionality. The code covered by the GPL need not be modified in any way. The only restrictions Linus has voiced pertain to modifying the kernel (GPL'd code) to create hooks specifically for a 3rd party module. 3rd party, closed source, non-GPL'd modular drivers are perfectly acceptable.
Looking through the image the new wrv54g is running... wait for it... the wireless interface is a MODULE. lib/modules/islpci.o to be precise. The wrt54g... lib/modules/2.4.5/kernel/drivers/net/wl/wl.o.
And Linksys didn't write those drivers. The chip manufacturers did. And their current linux environment (wrv54g hardware) is a commercial environment from Jungo - OpenRG.
(BTW, the include files for the ipsec hardware crypto aren't there, so one cannot build the exact same kernel. I haven't dug through Intel's web site to see if they are available or not.)
That's exactly the point. Cisco started this practice recently (over a year ago now.) All that hardware sold on credit that no one is left to cover is coming back to haunt them.
bulk? Linksys didn't simply download the latest RedHat and install it on their hardware. They did a lot more work than you're giving them credit for.
There's nothing at all wrong with companies using Linux as the base for their products -- more than you'd ever suspect actually are. The biggest stink is over the source to Broadcom's wireless driver -- so the chips can be supported in other systems. The thing is, they don't have to give you the source to *their* f***ing driver. It's their driver. It's loaded as a module and thus not sucked under the GPL. Unless you can prove the Broadcom driver is an adaptation of a GPL'd driver, that's the end of the discussion. Now who's trying to steel what?
Can we stop blaming CISCO... they bought LINKSYS. And LINKSYS uses Linux in many of their products. It's sorta like buying up rental properties to later find one of them was a meth lab. Cisco will eventually figure out what their children are doing and put a stop to it. (Everything must run IOS afterall.)
You've obviously never worked with Cisco. Cisco wants to sell you everything. Repeatedly. Look what happened to the guys that ported Linux to a Cat 6500... they now work for Cisco and the code never left the building. If end users could recompile "IOS", Cisco loses a substantial source of income -- even if most people wouldn't know what to do with the source, someone would and that'd be the end of Cisco getting paid for their development. (In my opinion, Cisco has done such a piss poor job of development and testing in recent years, "open source" couldn't do any worse.) Cisco makes great hardware (and always has), however, their software just makes me want to shoot someone -- really, what the f*** are they testing?!
:-)
As a company, "we" once toyed with the idea of loading our own code on Linksys hardware (it's simple really, even before the whole GPL BS.) But that didn't make it past the lawyer(s)
PS: Cisco is terrified of all the old, "obsolete", "used" hardware floating around. And with all the failed dot-coms, there's tones of it available. Some of it never came out of the box/off the pallet. It might be several years old, but it works perfectly (2500's, 5000's, etc.)
And about 4hrs after announcing the 320GB drives, Maxtor recalled them. Permanently. Without comment. The few that made it outside the company did not appear to problematic (they weren't radioactive or anything), but they were all returned as requested, so I have no idea what issues might have existed.
Under Linux on x86 (HZ=100), the uptime counter rolls over just beyond 497 days. I know of a (linux) machine that's been running just as long. Sitting on the same shelf as that firewall, in fact. :-) (Last restart was in April 2001 when it was moved to the co-lo area at the CO.)
Don't waste your time complaining about a "3 year old kernel" -- if it's been working for 3 years, leave it the f*** alone.)
No, .com is not a domain. foo.com is a domain. ".com" is a primary branch in the DNS tree. And providing a single A record does not make it a valid domain. The are no SOA or NS records for these nonexistant domains created by the wildcard.
We're working in a different part of the tree. Leaves don't sprout from the trunk of a tree (or from the roots); they form at the end of branches off larger branches from the trunk.
At any rate, Verisign has changed the behavior of a well established system with reckless disregard for it's impact. Furthermore, they did so expressly for their financial gain. In this country, we have laws to prevent people/companies from unjustly weild monopoly power. Verisign receives a fee for every domain that exists, yet they still see fit to coopt the domain system for their benefit. At the very least, they are violating the Sherman Act.
Again, someone with only a partial clue... the roots are a-m (at the moment.) And there are a-m gtld servers as well. The "number of responses" doesn't have anything to do with it... if you send X queries, you get back, at most, X responses. If the payload is too big, all of it will not be processed (or, if it's a crappy M$ Windows product, it'll probablly just crash.) (Yes, I have a 10 year old BIND server that works perfectly fine in the modern internet.)
As for the load on the DNS system... caching doesn't help much when presented with queries for hundreds or thousands of domains that don't exist. What Verisign is doing isn't going to help this -- in fact, with the TTL they have on the wildcard, it'll actually make it worse.
left side... "Personalize Windows Update..."
- But the RRs are valid, they point to the CNAME...
WRONG. There is an "A" record (address) resovling for everything. If it were a CNAME, then it wouldn't be an issue for compliant SMTP servers -- email isn't delivered to CNAMEs.At any rate, what they are doing is a violation of the RFCs. Nonexistant domains return NXDOMAIN - period; there is simply no area for discussion on this point. Wildcards for host records and/or subdomains ala "*.bar.com" are perfectly valid; they are wildcards for individual hosts and subdomains. A wildcard for "*.net" is a violation of the RFCs as you are now returning something other than NXDOMAIN for a nonexistant domain. It doesn't matter what the f*** the user asked for, if the domain does not exist, you DO NOT return a record.
We're working at a different point in the tree. A different section of the rules apply. The asses at Verisign are attempting to attach application intelligence to a system that has no application awareness -- DNS doesn't know what protocol you're going to be using or to what port you're going to attempt to connect.
Not exactly... the trailing dot is not there unless you type it. (However, it is generally implied.) Adding the trailing dot on a hostname prevents the resolver from trying domains from the search list (if there are any.) As such, there's a difference between "www" and "www.".
A search for www.ibm.com would look in the cache for a match. Failing that, the leading component is removed and the search repeated. Once it been striped down to nothing, you're at the top of the tree ("."). Those are the gTLD's (global top level domain servers) explicitly provided ("named.cache") to the server. (Changing the root is how various alternative DNS systems work.)
Jez, you people need to defrag your brain...
.com and .net is an insignificant fraction of the money collected for domain registration and renewal. Network Solutions (Verisign) is just pissed off that they don't get to set the price for domains and collect their billions every year. (35$/yr x how many million domains?)
Domain names were never free. You were simply never charged for them. The NSF entrusted Internic with running the domain service. They were allowed to charge for domain registrations (and actually claimed to do so) but didn't do so for years. When they did start charging, they only billed the initial cost (2 years up front) and never sent bills for renewals. As I recall, domains were 100$ per year then. Increasingly greeder people have been running the system ever since -- the cost of running DNS for
(Internic started charging only after the costs began to exceed the amount NSF was paying them.)
The British were doing this long before the USA existed.