DotBlag

Technical Trials And Errors

Category: Net.working

  • New server coming!

    Well, the box running dotblag.com, while plenty serviceable, is showing it’s age.  I’ve ordered a pretty large machine (just short of $3000 in total parts) and the bits are on their way, woohoo!  I’ll be setting it up and burning it in over the next month or two.  Once it’s ready dotblag will be moving […]

  • Damn you BGP! Damn you!

    Seriously.  You’d think after all these years there’d be better tools than BGP and better tools for working with BGP.  But no.   *sigh* deactivate neighbor 216.x.y.z commit  

  • Size does matter.

    [ part two of I Cee emM Pee you ] If a woman ever tells a man size doesn’t matter, she’s certainly not being truthful.  Similarly anyone talking about packet sizes is also spinning a yarn. Tunnels can and will reduce your MTU.  A lot of consumer NAT devices don’t handle/pass along the ICMP Unreachable […]

  • I Cee emM Pee you!

    An open invitation to D-Link, NetGear, etc.  DISABLE ANYTHING IN YOUR DAMNED ROUTERS THAT MIGHT FILTER ICMP UNREACHABLEs. We’ve been seeing occasional problems with a tunnel “somewhere” on the internet getting into our path.  It shouldn’t be a problem except that it seems a lot of firewalls still filter ICMP Unreachable’s at the least. DON’T […]

  • TLS-SNI, bless you, need a tissue?

    OK so if you try to pronounce it incorrectly people might think you have a cold.  The good news is though that Server Name Identification AKA TLS-SNI will likely be making it into Debian Lenny.  It’s already in Apache 2.2.x upstream but there’s no release with it quite yet.   Now we can do SSL […]

  • (non) Instant Messaging

    Yahoo! Instant Messaging recently (from my perspective) had a nearly 2 hour outage.  This has brought back a problem we’ve had here a number of times in that we  – de facto – standardized on YIM for internal messaging.  I’m now trying to encourage everyone (again) to use IRC on our (sort of private) IRC […]

  • One network in the next generation? Or something…

    We’ve been seeing some reachability issues either inside Tiscali International or Global Crossing.  And the finger pointing has started between them.  AOL/ATDN is also affected.  All of these issues are appearing to European customers.  Global Crossing gets a big BOO for not having any way for me to contact them (an email to their NOC […]

  • State of the Firewall

    Or the stateful-firewall.  Interesting little thing to get bit by.  But to understand it at all I have to go into a little bit of explanation.  We use LVS in what’s known as a Direct Routing (LVS/DR) configuration.  We have a (large) number of VIP’s that the load balancers handle.  The VIP’s are not on […]

  • Of Domains and Duhmains

    So.  This is the story of trying to register dotblag.com.   I’ve used joker.com as my primary registrar for some years now.  They’ve been reliable and responsive in the past when I’ve needed manual intervention/help.  However.  Their CC validation system lately has been, to say the least, persnickety.  Wonk.  Very wonk.  To the point that […]

  • AAAA, and I’m not talking bonds or insurance.

    The root name servers now officially have AAAA glue records installed.  This is actually a pretty major step towards global IPv6 deployment.  There was a few snafu/foul-ups, mostly regarding VeriSign not setting the connection limit high enough on ftp.rs.internic.net so causing a mirror failure. What does this mean to you, as someone who’s on the […]