Programmers with network engineering skills
Hello All, i have been looking for quite some time now a descent coder (c,php) who has a descent amount of system admin / netadmin experience. Doesn't necessarily need to be an expert at network engineering but being acclimated in understanding the basic fundamentals of networking. Understanding basic routing concepts, how to diagnose using tcpdump / pcap, understanding subnetting and how bgp works (not necessarily setting up bgp). I've posted job listings on the likes of dice and monster and have not found any good canidates, most of them ASP / Java guys. If anyone can point me to a site they might recommend for job postings or know of any consulting firms that might provide these services that would be greatly appreciated.
Isn't this what the entire DevOps movement is kinda trying to push? I see quite a few of these gigs pop up on Craigslist. If you've already invested some time in the search, perhaps it'd be better to hire someone good with C/PHP and train them in the art of networking. If you're located in a major city, I'm sure you can find a community college that has a networking certificate program you can send your developer to, along with an in-house training program. Just a thought. Best of luck. :) On Sun, Feb 26, 2012 at 5:27 PM, A. Pishdadi <apishdadi@gmail.com> wrote:
Hello All,
i have been looking for quite some time now a descent coder (c,php) who has a descent amount of system admin / netadmin experience. Doesn't necessarily need to be an expert at network engineering but being acclimated in understanding the basic fundamentals of networking. Understanding basic routing concepts, how to diagnose using tcpdump / pcap, understanding subnetting and how bgp works (not necessarily setting up bgp). I've posted job listings on the likes of dice and monster and have not found any good canidates, most of them ASP / Java guys.
If anyone can point me to a site they might recommend for job postings or know of any consulting firms that might provide these services that would be greatly appreciated.
-- 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
On Mon, Feb 27, 2012 at 1:34 AM, Mike Hale <eyeronic.design@gmail.com> wrote:
Isn't this what the entire DevOps movement is kinda trying to push?
as to devops... this was funny: <http://velocityconf.com/velocity2011/public/schedule/detail/20406> -chris
On 27/02/2012 15:34, Mike Hale wrote:
Isn't this what the entire DevOps movement is kinda trying to push?
Wow, thanks, I ignored about the DevOps, that's exactly how I would define myself. Is there a particular website where DevOps are supposed to post their resume or find job offers?
Mike Hale wrote:
If you're located in a major city, I'm sure you can find a community college that has a networking certificate program you can send your developer to, along with an in-house training program.
Oh come on!!!1 Investing in your employee by sending them out to courses, for crying out loud, that's way too practical and effective to even consider. And to add insult to injury you suggest a low cost alternative such as a community college. If an employer was going to do such an outrageous thing as sending an employee to a course at least let it be an overpriced corporate course. Gees. </sarcasm> -- Earthquake Magnitude: 3.0 Date: Tuesday, February 28, 2012 19:17:34 UTC Location: Northern California Latitude: 40.2860; Longitude: -124.3183 Depth: 19.90 km
Generalists are hard to come by these days. They are people who learn less and less about more and more till they know nothing about everything. People today are specializing in the left and right halves of the bytes.... They learn more and more about less and less till they know everything about nothing. And BTW, they are worthless unless you have five of them working on a problem because none of them know enough to fix it. Worse, you can replace the word five with fifty and it may be still true. I know of three of these, all gainfully employed at this time and could each find at least a couple jobs if they wanted. I am one, my son is two and a guy we worked with is the third. At one time (40 years ago) the mantra in IS was train for expertise, now it is hire for it. Somewhere there has to be a happy medium. I suggest this, find a good coder, not a mediocre who writes shit code but a good one who can think and learn and when you talk about branching out with his skill set he or she lights up. His first thing on site is take the A+ networking course. No, I do not sell the courses. But I have seen this kind of approach work when nothing else was. Ralph Brandt Communications Engineer HP Enterprise Services Telephone +1 717.506.0802 FAX +1 717.506.4358 Email Ralph.Brandt@pateam.com 5095 Ritter Rd Mechanicsburg PA 17055 -----Original Message----- From: A. Pishdadi [mailto:apishdadi@gmail.com] Sent: Sunday, February 26, 2012 8:27 PM To: NANOG Subject: Programmers with network engineering skills Hello All, i have been looking for quite some time now a descent coder (c,php) who has a descent amount of system admin / netadmin experience. Doesn't necessarily need to be an expert at network engineering but being acclimated in understanding the basic fundamentals of networking. Understanding basic routing concepts, how to diagnose using tcpdump / pcap, understanding subnetting and how bgp works (not necessarily setting up bgp). I've posted job listings on the likes of dice and monster and have not found any good canidates, most of them ASP / Java guys. If anyone can point me to a site they might recommend for job postings or know of any consulting firms that might provide these services that would be greatly appreciated.
I think you're more likely to find a network engineer with (possibly limited) programming skills. That's certainly where I would categorize myself. Owen On Feb 27, 2012, at 12:02 PM, Brandt, Ralph wrote:
Generalists are hard to come by these days. They are people who learn less and less about more and more till they know nothing about everything. People today are specializing in the left and right halves of the bytes.... They learn more and more about less and less till they know everything about nothing. And BTW, they are worthless unless you have five of them working on a problem because none of them know enough to fix it. Worse, you can replace the word five with fifty and it may be still true.
I know of three of these, all gainfully employed at this time and could each find at least a couple jobs if they wanted. I am one, my son is two and a guy we worked with is the third.
At one time (40 years ago) the mantra in IS was train for expertise, now it is hire for it. Somewhere there has to be a happy medium. I suggest this, find a good coder, not a mediocre who writes shit code but a good one who can think and learn and when you talk about branching out with his skill set he or she lights up. His first thing on site is take the A+ networking course.
No, I do not sell the courses. But I have seen this kind of approach work when nothing else was.
Ralph Brandt Communications Engineer HP Enterprise Services Telephone +1 717.506.0802 FAX +1 717.506.4358 Email Ralph.Brandt@pateam.com 5095 Ritter Rd Mechanicsburg PA 17055
-----Original Message----- From: A. Pishdadi [mailto:apishdadi@gmail.com] Sent: Sunday, February 26, 2012 8:27 PM To: NANOG Subject: Programmers with network engineering skills
Hello All,
i have been looking for quite some time now a descent coder (c,php) who has a descent amount of system admin / netadmin experience. Doesn't necessarily need to be an expert at network engineering but being acclimated in understanding the basic fundamentals of networking. Understanding basic routing concepts, how to diagnose using tcpdump / pcap, understanding subnetting and how bgp works (not necessarily setting up bgp). I've posted job listings on the likes of dice and monster and have not found any good canidates, most of them ASP / Java guys.
If anyone can point me to a site they might recommend for job postings or know of any consulting firms that might provide these services that would be greatly appreciated.
On Mon, 27 Feb 2012, Owen DeLong wrote:
I think you're more likely to find a network engineer with (possibly limited) programming skills.
While I'll agree about the more likely, if I needed a coder who had a firm grasp of networking I'd rather teach a good coder networking, than try to teach the art and magic of good development to a network guy. I think it really comes down to which you need: a hardcore network engineer/architect who can hack up code, or a hardcore developer who has or can obtain enough of a grasp of networking fundementals and specifics to build you the software you need him to develop. The ones who already know both ends extremely well are going to be -very- hard to find, but finding one who can learn enough of the other to accomplish what you need shouldn't be hard at all. oh wait, that's an echo I hear isn't it. ...d (who is not exactly the former though I've played one for TV, and not at all the later) -- david raistrick http://www.netmeister.org/news/learn2quote.html drais@icantclick.org http://www.expita.com/nomime.html
On Feb 27, 2012, at 12:31 PM, david raistrick wrote:
On Mon, 27 Feb 2012, Owen DeLong wrote:
I think you're more likely to find a network engineer with (possibly limited) programming skills.
While I'll agree about the more likely, if I needed a coder who had a firm grasp of networking I'd rather teach a good coder networking, than try to teach the art and magic of good development to a network guy.
Well, I won't call myself a hard-core coder, but, I think I have a reasonable grasp on the art and magic of good development. What I mostly lack is speed and efficiency in the language of choice for whatever project. I can write good code, it just takes me longer than it would take a hard-core coder. OTOH, having done both, I would say that I think you are not necessarily correct about which direction of teaching is harder. Yes, if you start with a network engineer that knows nothing about writing code or doesn't understand the principles of good coding, you're probably right. However, starting with a network engineer that can write decent code slowly, I think you will get a better result in most cases than if you try to teach network engineering to a hard-core coder that has only a minimal understanding of networking.
I think it really comes down to which you need: a hardcore network engineer/architect who can hack up code, or a hardcore developer who has or can obtain enough of a grasp of networking fundementals and specifics to build you the software you need him to develop.
I'm guessing that someone who needed a hard-core developer that could grasp fundamentals would have grabbed an existing coder and handed him a copy of Comer. The fact that this person posted to NANOG instead implies to me that he needs someone that has a better grasp than just the fundamentals. Of course I am speculating about that and I could be wrong.
The ones who already know both ends extremely well are going to be -very- hard to find, but finding one who can learn enough of the other to accomplish what you need shouldn't be hard at all.
Depends on what you need. However, I think it's faster to go from limited coding skills with a good basis in the fundamentals to usable development than to go from limited networking skills to a firm grasp on how networks behave in the real world. To the best of my knowledge, nothing but experience will teach you the latter. Even with 20+ years experience networks do still occasionally manage to surprise me.
...d (who is not exactly the former though I've played one for TV, and not at all the later)
I am admittedly lost given the three choices as to which constitutes former or latter at this point. 1. Strong coder with limited networking 2. Strong networker with limited coding 3. Strong in both Owen Who is a strong network engineer Who has been a professional software engineer (though many years ago and my skills are rusty and out of date)
Le lundi 27 février 2012 à 14:14 -0800, Owen DeLong a écrit :
On Feb 27, 2012, at 12:31 PM, david raistrick wrote:
On Mon, 27 Feb 2012, Owen DeLong wrote:
I think you're more likely to find a network engineer with (possibly limited) programming skills.
While I'll agree about the more likely, if I needed a coder who had a firm grasp of networking I'd rather teach a good coder networking, than try to teach the art and magic of good development to a network guy.
Well, I won't call myself a hard-core coder, but, I think I have a reasonable grasp on the art and magic of good development. What I mostly lack is speed and efficiency in the language of choice for whatever project. I can write good code, it just takes me longer than it would take a hard-core coder.
OTOH, having done both, I would say that I think you are not necessarily correct about which direction of teaching is harder. Yes, if you start with a network engineer that knows nothing about writing code or doesn't understand the principles of good coding, you're probably right. However, starting with a network engineer that can write decent code slowly, I think you will get a better result in most cases than if you try to teach network engineering to a hard-core coder that has only a minimal understanding of networking.
I think it really comes down to which you need: a hardcore network engineer/architect who can hack up code, or a hardcore developer who has or can obtain enough of a grasp of networking fundementals and specifics to build you the software you need him to develop.
I'm guessing that someone who needed a hard-core developer that could grasp fundamentals would have grabbed an existing coder and handed him a copy of Comer.
The fact that this person posted to NANOG instead implies to me that he needs someone that has a better grasp than just the fundamentals.
Of course I am speculating about that and I could be wrong.
The ones who already know both ends extremely well are going to be -very- hard to find, but finding one who can learn enough of the other to accomplish what you need shouldn't be hard at all.
Depends on what you need. However, I think it's faster to go from limited coding skills with a good basis in the fundamentals to usable development than to go from limited networking skills to a firm grasp on how networks behave in the real world. To the best of my knowledge, nothing but experience will teach you the latter. Even with 20+ years experience networks do still occasionally manage to surprise me.
...d (who is not exactly the former though I've played one for TV, and not at all the later)
I am admittedly lost given the three choices as to which constitutes former or latter at this point.
1. Strong coder with limited networking 2. Strong networker with limited coding 3. Strong in both
It's all about KISS, to appreciate sound abstraction, in other words. Cheers, mh
Owen Who is a strong network engineer Who has been a professional software engineer (though many years ago and my skills are rusty and out of date)
What about the case of the strong coder who decides that networking is more interesting as a life's work, moves into networking, will not consider employment where coding is even a remote possibility, and will successfully land another networking job elsewhere if management even brings up the subject of coding? I think this describes the great majority of networking professionals. -----Original Message----- From: Owen DeLong [mailto:owen@delong.com] Sent: Monday, February 27, 2012 2:14 PM To: david raistrick Cc: NANOG Subject: Re: Programmers with network engineering skills On Feb 27, 2012, at 12:31 PM, david raistrick wrote:
On Mon, 27 Feb 2012, Owen DeLong wrote:
I think you're more likely to find a network engineer with (possibly limited) programming skills.
While I'll agree about the more likely, if I needed a coder who had a firm grasp of networking I'd rather teach a good coder networking, than try to teach the art and magic of good development to a network guy.
Well, I won't call myself a hard-core coder, but, I think I have a reasonable grasp on the art and magic of good development. What I mostly lack is speed and efficiency in the language of choice for whatever project. I can write good code, it just takes me longer than it would take a hard-core coder. OTOH, having done both, I would say that I think you are not necessarily correct about which direction of teaching is harder. Yes, if you start with a network engineer that knows nothing about writing code or doesn't understand the principles of good coding, you're probably right. However, starting with a network engineer that can write decent code slowly, I think you will get a better result in most cases than if you try to teach network engineering to a hard-core coder that has only a minimal understanding of networking.
I think it really comes down to which you need: a hardcore network engineer/architect who can hack up code, or a hardcore developer who has or can obtain enough of a grasp of networking fundementals and specifics to build you the software you need him to develop.
I'm guessing that someone who needed a hard-core developer that could grasp fundamentals would have grabbed an existing coder and handed him a copy of Comer. The fact that this person posted to NANOG instead implies to me that he needs someone that has a better grasp than just the fundamentals. Of course I am speculating about that and I could be wrong.
The ones who already know both ends extremely well are going to be -very- hard to find, but finding one who can learn enough of the other to accomplish what you need shouldn't be hard at all.
Depends on what you need. However, I think it's faster to go from limited coding skills with a good basis in the fundamentals to usable development than to go from limited networking skills to a firm grasp on how networks behave in the real world. To the best of my knowledge, nothing but experience will teach you the latter. Even with 20+ years experience networks do still occasionally manage to surprise me.
...d (who is not exactly the former though I've played one for TV, and not at all the later)
I am admittedly lost given the three choices as to which constitutes former or latter at this point. 1. Strong coder with limited networking 2. Strong networker with limited coding 3. Strong in both Owen Who is a strong network engineer Who has been a professional software engineer (though many years ago and my skills are rusty and out of date) This communication, together with any attachments or embedded links, is for the sole use of the intended recipient(s) and may contain information that is confidential or legally protected. If you are not the intended recipient, you are hereby notified that any review, disclosure, copying, dissemination, distribution or use of this communication is strictly prohibited. If you have received this communication in error, please notify the sender immediately by return e-mail message and delete the original and all copies of the communication, along with any attachments or embedded links, from your system.
programming is not being able to write a hundred lines of unreadable perl. a real programmer can be productive in networking tools in a matter of a month or two. i have seen it multiple times. a networker can become a useful real progammer in a year or three. randy
On 02/27/2012 06:23 PM, Randy Bush wrote:
programming is not being able to write a hundred lines of unreadable perl.
a real programmer can be productive in networking tools in a matter of a month or two. i have seen it multiple times.
a networker can become a useful real progammer in a year or three.
I agree. Programmers aren't born understanding some fields and not others. In my case, I didn't have a clue about networking coming out of school but picked it up because I thought it was neat, and there was something intoxicating about the smell of the printed out RFC's. Mike, weird i know
But my point is that each person who is capable to do so generally chooses their life's work, after working in and trying out several capacities, and this is extremely common in IT environments where a person could have cycled through programming, system admin, dba, networking, security, etc. For me, I prefer networking, and even a substantial raise would not get me to design and write computer programs again. Life is short, networking professionals generally are in high demand, and are in networking because they like it. Yes Perl scripting may become a temporary, necessary evil at some point, but if the subject of coding comes up, many will move on. -----Original Message----- From: Randy Bush [mailto:randy@psg.com] Sent: Monday, February 27, 2012 6:23 PM To: Holmes,David A Cc: North American Network Operators' Group Subject: Re: Programmers with network engineering skills programming is not being able to write a hundred lines of unreadable perl. a real programmer can be productive in networking tools in a matter of a month or two. i have seen it multiple times. a networker can become a useful real progammer in a year or three. randy This communication, together with any attachments or embedded links, is for the sole use of the intended recipient(s) and may contain information that is confidential or legally protected. If you are not the intended recipient, you are hereby notified that any review, disclosure, copying, dissemination, distribution or use of this communication is strictly prohibited. If you have received this communication in error, please notify the sender immediately by return e-mail message and delete the original and all copies of the communication, along with any attachments or embedded links, from your system.
a real programmer can be productive in networking tools in a matter of a month or two. i have seen it multiple times.
a networker can become a useful real progammer in a year or three.
Thank you! I always wonder when someone distinguishes between a networker and a programmer as if they came from completely different worlds. I find these fields to be highly related. They are algorithmic at the core and you need a good understanding of architecture and design to successfully make the concepts work. If you have ever tried to find a bug in a badly structured network, you should be able to understand that implementing all of your application's use cases in one module is not a good idea. After implementing a good serialization scheme for your class data, network protocols are not that strange anymore (I know I'm exaggerating on simple examples here, but I hope the idea comes across). My point is, if someone has a good understanding of applying architectural patterns to a problem and isolating error causes while debugging, it shouldn't matter if he wrote mostly software the last years or if she administered a large scale network. A good sysadmin can learn to write software and a good programmer can learn to love the datacenter.
Yes, a theoretical understanding of algorithms is a common element in programming and networking. But the thread seems to assume that highly capable programmers/network engineers are mere serfs, unable to forge their own destiny, at the beck and call of whomever they work for, instead of independent beings who are doing what they are doing because they like it and choose to continue doing so, even at the expense of foregoing substantial financial gain. -----Original Message----- From: Daniel Schauenberg [mailto:d@unwiredcouch.com] Sent: Monday, February 27, 2012 7:09 PM To: Randy Bush Cc: Holmes,David A; North American Network Operators' Group Subject: Re: Programmers with network engineering skills
a real programmer can be productive in networking tools in a matter of a month or two. i have seen it multiple times.
a networker can become a useful real progammer in a year or three.
Thank you! I always wonder when someone distinguishes between a networker and a programmer as if they came from completely different worlds. I find these fields to be highly related. They are algorithmic at the core and you need a good understanding of architecture and design to successfully make the concepts work. If you have ever tried to find a bug in a badly structured network, you should be able to understand that implementing all of your application's use cases in one module is not a good idea. After implementing a good serialization scheme for your class data, network protocols are not that strange anymore (I know I'm exaggerating on simple examples here, but I hope the idea comes across). My point is, if someone has a good understanding of applying architectural patterns to a problem and isolating error causes while debugging, it shouldn't matter if he wrote mostly software the last years or if she administered a large scale network. A good sysadmin can learn to write software and a good programmer can learn to love the datacenter. This communication, together with any attachments or embedded links, is for the sole use of the intended recipient(s) and may contain information that is confidential or legally protected. If you are not the intended recipient, you are hereby notified that any review, disclosure, copying, dissemination, distribution or use of this communication is strictly prohibited. If you have received this communication in error, please notify the sender immediately by return e-mail message and delete the original and all copies of the communication, along with any attachments or embedded links, from your system.
On Mon, 27 Feb 2012, Owen DeLong wrote:
I think you're more likely to find a network engineer with (possibly
programming skills.
While I'll agree about the more likely, if I needed a coder who had a firm grasp of networking I'd rather teach a good coder networking, than
Owen, I can only say it is my opinion, based on some years of experience and working with people who have come from both sides. I have seen more people successfully move from programming to networking than the reverse. Ralph Brandt Communications Engineer HP Enterprise Services Telephone +1 717.506.0802 FAX +1 717.506.4358 Email Ralph.Brandt@pateam.com 5095 Ritter Rd Mechanicsburg PA 17055 -----Original Message----- From: Owen DeLong [mailto:owen@delong.com] Sent: Monday, February 27, 2012 5:14 PM To: david raistrick Cc: Brandt, Ralph; NANOG Subject: Re: Programmers with network engineering skills On Feb 27, 2012, at 12:31 PM, david raistrick wrote: limited) try to teach the art and magic of good development to a network guy.
Well, I won't call myself a hard-core coder, but, I think I have a reasonable grasp on the art and magic of good development. What I mostly lack is speed and efficiency in the language of choice for whatever project. I can write good code, it just takes me longer than it would take a hard-core coder. OTOH, having done both, I would say that I think you are not necessarily correct about which direction of teaching is harder. Yes, if you start with a network engineer that knows nothing about writing code or doesn't understand the principles of good coding, you're probably right. However, starting with a network engineer that can write decent code slowly, I think you will get a better result in most cases than if you try to teach network engineering to a hard-core coder that has only a minimal understanding of networking.
I think it really comes down to which you need: a hardcore network engineer/architect who can hack up code, or a hardcore developer who has or can obtain enough of a grasp of networking fundementals and specifics to build you the software you need him to develop.
I'm guessing that someone who needed a hard-core developer that could grasp fundamentals would have grabbed an existing coder and handed him a copy of Comer. The fact that this person posted to NANOG instead implies to me that he needs someone that has a better grasp than just the fundamentals. Of course I am speculating about that and I could be wrong.
The ones who already know both ends extremely well are going to be -very- hard to find, but finding one who can learn enough of the other to accomplish what you need shouldn't be hard at all.
Depends on what you need. However, I think it's faster to go from limited coding skills with a good basis in the fundamentals to usable development than to go from limited networking skills to a firm grasp on how networks behave in the real world. To the best of my knowledge, nothing but experience will teach you the latter. Even with 20+ years experience networks do still occasionally manage to surprise me.
...d (who is not exactly the former though I've played one for TV, and not at all the later)
I am admittedly lost given the three choices as to which constitutes former or latter at this point. 1. Strong coder with limited networking 2. Strong networker with limited coding 3. Strong in both Owen Who is a strong network engineer Who has been a professional software engineer (though many years ago and my skills are rusty and out of date)
While what you say is true (heck, I'm one of them), my point is that a great many network engineers have relatively strong programming backgrounds and if you could convince one of them to go back to writing code (sufficiently interesting project and/or right $$) you'd probably have better luck than finding a programmer that has networking skills. Owen On Feb 28, 2012, at 5:18 AM, Brandt, Ralph wrote:
Owen, I can only say it is my opinion, based on some years of experience and working with people who have come from both sides. I have seen more people successfully move from programming to networking than the reverse.
Ralph Brandt Communications Engineer HP Enterprise Services Telephone +1 717.506.0802 FAX +1 717.506.4358 Email Ralph.Brandt@pateam.com 5095 Ritter Rd Mechanicsburg PA 17055
-----Original Message----- From: Owen DeLong [mailto:owen@delong.com] Sent: Monday, February 27, 2012 5:14 PM To: david raistrick Cc: Brandt, Ralph; NANOG Subject: Re: Programmers with network engineering skills
On Feb 27, 2012, at 12:31 PM, david raistrick wrote:
On Mon, 27 Feb 2012, Owen DeLong wrote:
I think you're more likely to find a network engineer with (possibly limited) programming skills.
While I'll agree about the more likely, if I needed a coder who had a firm grasp of networking I'd rather teach a good coder networking, than try to teach the art and magic of good development to a network guy.
Well, I won't call myself a hard-core coder, but, I think I have a reasonable grasp on the art and magic of good development. What I mostly lack is speed and efficiency in the language of choice for whatever project. I can write good code, it just takes me longer than it would take a hard-core coder.
OTOH, having done both, I would say that I think you are not necessarily correct about which direction of teaching is harder. Yes, if you start with a network engineer that knows nothing about writing code or doesn't understand the principles of good coding, you're probably right. However, starting with a network engineer that can write decent code slowly, I think you will get a better result in most cases than if you try to teach network engineering to a hard-core coder that has only a minimal understanding of networking.
I think it really comes down to which you need: a hardcore network engineer/architect who can hack up code, or a hardcore developer who has or can obtain enough of a grasp of networking fundementals and specifics to build you the software you need him to develop.
I'm guessing that someone who needed a hard-core developer that could grasp fundamentals would have grabbed an existing coder and handed him a copy of Comer.
The fact that this person posted to NANOG instead implies to me that he needs someone that has a better grasp than just the fundamentals.
Of course I am speculating about that and I could be wrong.
The ones who already know both ends extremely well are going to be -very- hard to find, but finding one who can learn enough of the other to accomplish what you need shouldn't be hard at all.
Depends on what you need. However, I think it's faster to go from limited coding skills with a good basis in the fundamentals to usable development than to go from limited networking skills to a firm grasp on how networks behave in the real world. To the best of my knowledge, nothing but experience will teach you the latter. Even with 20+ years experience networks do still occasionally manage to surprise me.
...d (who is not exactly the former though I've played one for TV, and not at all the later)
I am admittedly lost given the three choices as to which constitutes former or latter at this point.
1. Strong coder with limited networking 2. Strong networker with limited coding 3. Strong in both
Owen Who is a strong network engineer Who has been a professional software engineer (though many years ago and my skills are rusty and out of date)
On Monday, February 27, 2012 05:14:00 PM Owen DeLong wrote:
Who is a strong network engineer Who has been a professional software engineer (though many years ago and my skills are rusty and out of date)
Owen, you nailed it here. Even the ACM recognizes that a 'Software Engineer' and a 'Computer Scientist' are different animals (ACM recognizes five 'computer related' degree paths with unique skill maps: Computer Engineering, Computer Science, Software Engineering, Information Services, and Information Technology; see https://www.acm.org/education/curricula-recommendations for more details). A true 'network engineer' will have a different mindset and different focus than a 'Computer Scientist' who has all the theoretical math skills that a Computer Scientist needs (a reply to one of my recent posts mentioned that math, and was somewhat derogatory about engineers and timeliness, but I digress). Coding and development can bridge across the differences; but it is very useful to understand some of the very basic differences in mindset, and apply that to the position being sought. It boils down to whether the OP wants strong engineering skills with the accompanying mindset, or strong CS skills with the accompanying mindset. Given the other clearance issues, I would be more inclined to say that the OP would want a 'Software Engineer' with some network engineering skills rather than a CS grad with some network guy skills. It's a different animal, and software engineering teaches change control and configuration management at a different depth than the typical CS track will do (and that sort of thing would be required in such a cleared environment). On the flip side, that same 'Software Engineer' isn't nearly as steeped in CS fundamentals of algorithms and the associated math.
----- Original Message -----
From: "Owen DeLong" <owen@delong.com>
I think you're more likely to find a network engineer with (possibly limited) programming skills.
That's certainly where I would categorize myself.
And you're the first I've seen suggest, or even imply, that going that direction instead might be more fruitful; seemed to me that the skills necessary to make a decent network engineer would support learning programming better than the other way round -- though in fact I personally did it the other way. Cheers, -- jra -- Jay R. Ashworth Baylink jra@baylink.com Designer The Things I Think RFC 2100 Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII St Petersburg FL USA http://photo.imageinc.us +1 727 647 1274
On 2/27/2012 2:23 PM, Jay Ashworth wrote:
----- Original Message -----
From: "Owen DeLong" <owen@delong.com>
I think you're more likely to find a network engineer with (possibly limited) programming skills.
That's certainly where I would categorize myself.
And you're the first I've seen suggest, or even imply, that going that direction instead might be more fruitful; seemed to me that the skills necessary to make a decent network engineer would support learning programming better than the other way round -- though in fact I personally did it the other way.
I think it depends on what level of "coding" you're talking about. If you want someone that can whip up a few scripts to easily manage routine tasks, then sure, network guy -> "coder" is usually a safe and easy path. OTOH, if you're talking professional application developer working on a project with more than one moving part, and/or more than one person on the team, you really need someone who thinks like a developer, and can be trained to understand network concepts. .... and yes, the latter is the path that I've taken, so I have a built-in bias. Doug -- It's always a long day; 86400 doesn't fit into a short. Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/
On 2/27/2012 2:31 PM, Doug Barton wrote:
then sure, network guy -> "coder" is usually a safe and easy path.
Sorry, looking at this again it reads a lot more derogatory on paper than I meant it to. There is a lot of value in being able to automate repetitive tasks ... my point was simply that doing that is a different development model than working on a larger scale project; where scope, structure, etc. come into play. Doug (who either needs more caffeine, or less ...) -- It's always a long day; 86400 doesn't fit into a short. Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/
Doug, I think the difference is that network engineers typically find themselves wanting to learn some form of programming to automate routine tasks while doing their job as a network engineer. They've actually managed to be interested in programming while pursuing a career in networking out of necessity. On the other hand, I think it's very rare for a hard-core programmer/developer to want to learn more about networking because it typically doesn't come up in their job when coding a professional application / large product with many moving parts and "more than one person on the team". I'm sure it can happen either way and has (as many people have posted going either direction in this thread), but there needs to be some desire to learn for the individual. I think you'll find a network engineer desiring to improve their programming skills much easier than a developer that wants to learn improve their networking skills beyond plugging a router into their home network. -Jared -----Original Message----- From: Doug Barton [mailto:dougb@dougbarton.us] Sent: Monday, February 27, 2012 2:31 PM To: Jay Ashworth Cc: NANOG Subject: Re: Programmers with network engineering skills On 2/27/2012 2:23 PM, Jay Ashworth wrote:
----- Original Message -----
From: "Owen DeLong" <owen@delong.com>
I think you're more likely to find a network engineer with (possibly limited) programming skills.
That's certainly where I would categorize myself.
And you're the first I've seen suggest, or even imply, that going that direction instead might be more fruitful; seemed to me that the skills necessary to make a decent network engineer would support learning programming better than the other way round -- though in fact I personally did it the other way.
I think it depends on what level of "coding" you're talking about. If you want someone that can whip up a few scripts to easily manage routine tasks, then sure, network guy -> "coder" is usually a safe and easy path. OTOH, if you're talking professional application developer working on a project with more than one moving part, and/or more than one person on the team, you really need someone who thinks like a developer, and can be trained to understand network concepts. .... and yes, the latter is the path that I've taken, so I have a built-in bias. Doug -- It's always a long day; 86400 doesn't fit into a short. Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/
On Mon, 27 Feb 2012, Jared Newell wrote:
I think the difference is that network engineers typically find themselves wanting to learn some form of programming to automate routine tasks while doing their job as a network engineer. They've actually managed to be interested in programming while pursuing a career in networking out of necessity.
That pretty much the path that I took. I found a lot of value in automating tasks, which eventually grew into a configuration backup system that was used company-wide. I could have deployed one of several configuration management systems, but I wanted to build one from the ground up. While the code I wrote wasn't exactly pretty, it worked. No doubt there was a lot of room to do it better, and one of my long-term goals was to re-write the whole thing in a language that was better suited to the task at hand, I ended up moving on to a new gig before that came to pass. I still have the code (previous employer was OK with that), and I still tinker with it from time to time. It taught me a lot more about some of the nuts-and-bolts aspects of both coding and SNMP that I ever would have encountered, had I not written that system. I think I would also add to the wish list for "the perfect candidate" is some database experience. Sometimes data is much easier to work with in the SQL world than 'live'. jms
On 27 February 2012 23:23, Jay Ashworth <jra@baylink.com> wrote:
----- Original Message -----
From: "Owen DeLong" <owen@delong.com>
I think you're more likely to find a network engineer with (possibly limited) programming skills.
That's certainly where I would categorize myself.
And you're the first I've seen suggest, or even imply, that going that direction instead might be more fruitful; seemed to me that the skills necessary to make a decent network engineer would support learning programming better than the other way round -- though in fact I personally did it the other way.
I agree. And I am just a programmer. Part of it, is that our job is to obscure implementation details to these in higuer levels. We think hard to build stuff, so other people don't have to. If theres a program that create a conexion, and that conexion can break, we silently repeat the re-conexion part, so these that use the program ignore these problems and can live happy. A bad programmer will show a message "Conexion break, please connect again". Having the human manually pressing the "connect" button again. I have no words for how lame is that. So we hide implementation details for us, and for others. Programmers that write compilers hide implementation details to others. Designers of CPU's microcode hide implementation details to mere assembler programmers. -- -- ℱin del ℳensaje.
On Mon, Feb 27, 2012 at 3:22 PM, Owen DeLong <owen@delong.com> wrote:
On Feb 27, 2012, at 12:02 PM, Brandt, Ralph wrote:
Generalists are hard to come by these days.
I think you're more likely to find a network engineer with (possibly limited) programming skills.
I wish. For the past three months I've been trying to find a network engineer with a deep TCP/IP protocol understanding, network security expertise, some Linux experience, minor programming skill with sockets and a TS/SCI clearance. The clearance is killing me. The two generalists didn't have a clearance and the cleared applicants are programmers or admins but never both. On Mon, Feb 27, 2012 at 6:12 PM, Rodrick Brown <rodrick.brown@gmail.com> wrote:
Good Luck guys like these are being scooped up by large financial firms and hedgefunds and they don't come cheap ~$250k easy!
Not all of them. I've been approached a few times but there is something sleazy about helping a bunch of tycoons do millisecond timing attacks against the market. The money doesn't magically appear. Every dollar they squeeze out that way is stolen from some grandmother who has held the stock for 20 years. Regards, Bill Herrin -- William D. Herrin ................ herrin@dirtside.com bill@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004
On Feb 27, 2012, at 7:53 PM, William Herrin <bill@herrin.us> wrote:
On Mon, Feb 27, 2012 at 3:22 PM, Owen DeLong <owen@delong.com> wrote:
On Feb 27, 2012, at 12:02 PM, Brandt, Ralph wrote:
Generalists are hard to come by these days.
I think you're more likely to find a network engineer with (possibly limited) programming skills.
I wish. For the past three months I've been trying to find a network engineer with a deep TCP/IP protocol understanding, network security expertise, some Linux experience, minor programming skill with sockets and a TS/SCI clearance.
The clearance is killing me. The two generalists didn't have a clearance and the cleared applicants are programmers or admins but never both.
On Mon, Feb 27, 2012 at 6:12 PM, Rodrick Brown <rodrick.brown@gmail.com> wrote:
Good Luck guys like these are being scooped up by large financial firms and hedgefunds and they don't come cheap ~$250k easy!
Not all of them. I've been approached a few times but there is something sleazy about helping a bunch of tycoons do millisecond timing attacks against the market. The money doesn't magically appear. Every dollar they squeeze out that way is stolen from some grandmother who has held the stock for 20 years.
Try explaining the number of ex-Bell Lab R&D folks working on trading desks these days. A major financial firm I worked for in the past directly targeted candidates from the telecom industry. In recent news a russian programmer who allegedly stole Goldman Sachs proprietary code was making $400k/year and he's probably still on the market looking for work :-)
Regards, Bill Herrin
-- William D. Herrin ................ herrin@dirtside.com bill@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004
On 2/27/2012 7:53 PM, William Herrin wrote:
I think you're more likely to find a network engineer with (possibly limited)
programming skills. I wish. For the past three months I've been trying to find a network engineer with a deep TCP/IP protocol understanding, network security expertise, some Linux experience, minor programming skill with sockets and a TS/SCI clearance.
Is clearance the problem, or the ability to obtain clearance due to something in their background? If your work requires it, you should have some recourse for applicants to obtain the required clearance, no? /Jason
On Mon, Feb 27, 2012 at 5:07 PM, Jason Bertoch <jason@i6ix.com> wrote:
On 2/27/2012 7:53 PM, William Herrin wrote:
I think you're more likely to find a network engineer with (possibly limited)
programming skills.
I wish. For the past three months I've been trying to find a network engineer with a deep TCP/IP protocol understanding, network security expertise, some Linux experience, minor programming skill with sockets and a TS/SCI clearance.
Is clearance the problem, or the ability to obtain clearance due to something in their background? If your work requires it, you should have some recourse for applicants to obtain the required clearance, no?
My understanding is that while primary and subcontractor companies can put people in the sponsoring organization's clearance granting queue, it takes so long to get someone through the queue that for high-level positions they essentially make having the clearance already a prerequisite. -- -george william herbert george.herbert@gmail.com
Is clearance the problem, or the ability to obtain clearance due to something in their background? If your work requires it, you should have some recourse for applicants to obtain the required clearance, no?
My understanding is that while primary and subcontractor companies can put people in the sponsoring organization's clearance granting queue, it takes so long to get someone through the queue that for high-level positions they essentially make having the clearance already a prerequisite.
Things have gotten a lot better than they used to be. My understanding is that these days a DoD collateral TS is routinely completed in < 6 months. -r
William Herrin [mailto:bill@herrin.us]
On Feb 27, 2012, at 12:02 PM, Brandt, Ralph wrote:
Generalists are hard to come by these days.
I think you're more likely to find a network engineer with (possibly
On Mon, Feb 27, 2012 at 3:22 PM, Owen DeLong <owen@delong.com> wrote: limited)
programming skills.
I wish. For the past three months I've been trying to find a network engineer with a deep TCP/IP protocol understanding, network security expertise, some Linux experience, minor programming skill with sockets and a TS/SCI clearance.
The clearance is killing me. The two generalists didn't have a clearance and the cleared applicants are programmers or admins but never both.
Hey now...the time from zero to TS/SCI has gone from over half a decade to a mere quarter decade. You can totally pay these guys to sit around doing drudge work while their skills atrophy in the interim. Of course, if you need a poly on top, add some more time and stir continually while applying heat. Jamie
Jamie Bowden wrote:
Hey now...the time from zero to TS/SCI has gone from over half a decade to a mere quarter decade. You can totally pay these guys to sit around doing drudge work while their skills atrophy in the interim. Of course, if you need a poly on top, add some more time and stir continually while applying heat.
I didn't know what TS/SCI exactly stood for. So I did some thorough research (read: wikipedia, so if I am wrong please correct me :-) and I found this: http://en.wikipedia.org/wiki/List_of_U.S._security_clearance_terms#SCI_eligi... "In general, employees do not publish the individual compartments for which they are cleared. While this information is not classified, specific compartment listings may reveal sensitive information when correlated with an individual's resume. Therefore, it is sufficient to declare that a candidate possesses a TS/SCI clearance with a polygraph." That sparked my interest. Did I miss something? One can lie about TS/CSI clearance and be believed as long as one can fool a lie detector? How safe is that? That strikes me as a bit odd. http://en.wikipedia.org/wiki/Polygraph#Validity "Polygraphy has little credibility among scientists.[22][23] Despite claims of 90-95% validity by polygraph advocates, and 95-100% by businesses providing polygraph services,[non-primary source needed] critics maintain that rather than a "test", the method amounts to an inherently unstandardizable interrogation technique whose accuracy cannot be established" -- Earthquake Magnitude: 4.7 Date: Tuesday, February 28, 2012 23:18:51 UTC Location: Iran-Iraq border region Latitude: 32.4895; Longitude: 47.1147 Depth: 10.20 km
That sparked my interest. Did I miss something? One can lie about TS/CSI clearance and be believed as long as one can fool a lie detector? How safe is that? That strikes me as a bit odd.
Yeah, you missed something. TS/SCI w/polygraph means that you underwent a Special Background Investigation *and* you passed a polygraph during an interview which is generally used to detect if you are being deceptive in your answers to questions, not so much to find "the truth". And you can lie about the TS/SCI until it comes time to actually be cleared for work. The "powers that be" will discover your lie before you ever emerge from the "leper colony" and your hopes of ever getting one at that point are headed down the drain.
On Monday, February 27, 2012 07:53:07 PM William Herrin wrote:
.../SCI clearance.
The clearance is killing me. The two generalists didn't have a clearance and the cleared applicants are programmers or admins but never both.
I just about spewed my chai tea seeing 'SCI' and 'generalist' in the same post... isn't that mutually exclusive?
On Tue, Feb 28, 2012 at 11:21 AM, Lamar Owen <lowen@pari.edu> wrote:
On Monday, February 27, 2012 07:53:07 PM William Herrin wrote:
.../SCI clearance.
The clearance is killing me. The two generalists didn't have a clearance and the cleared applicants are programmers or admins but never both.
I just about spewed my chai tea seeing 'SCI' and 'generalist' in the same post... isn't that mutually exclusive?
There's a difference between the TS/SCI clearance - and SCI compartmentalization security model for secure projects or information - and whether you need a generalist programmer / network programmer to solve the problem within the compartment or a specialist. One can have very generalist problems within a very narrowly defined security compartment. One of my main hobbies, if done as a day job, would require TS/SCI clearance plus an additional level; it requires about 8 or 9 major scientific and engineering disciplines to master. -- -george william herbert george.herbert@gmail.com
+1 on both. Senior network guys learn programming/scripting as a way to automate configuration and deal with large amounts of data. It's an enhancement for us and most network people are willing to expand their programming skills given the time. On the other hand there are way too many jobs where programmers can just be programmers for many of them to be interested in expanding their networking skills even if they have prior experience. If they become interested in the "hardware" world they usually go toward systems administrator and OS's. Some of them are big enough geeks to want to learn both or all three, but those are few and far between. It's very likely that such programmers frequent this list so hopefully I won't get flamed for posting this. EIther way it's just semantics, but it is generally easier to find a network guy that wants to learn how to program or get better at it than to find a programmer who is dying to learn about networking. Not sure if I agree with the opinion about generalists. There are alot of people who view technology as both a job and a hobby and become experts in what pays their bills and then slowly learn something about everything via osmosis. There are alot of people that never saw a book or trade rag they didn't like. 2012/2/27 Owen DeLong <owen@delong.com>
I think you're more likely to find a network engineer with (possibly limited) programming skills.
That's certainly where I would categorize myself.
Owen
On Feb 27, 2012, at 12:02 PM, Brandt, Ralph wrote:
Generalists are hard to come by these days. They are people who learn less and less about more and more till they know nothing about everything. People today are specializing in the left and right halves of the bytes.... They learn more and more about less and less till they know everything about nothing. And BTW, they are worthless unless you have five of them working on a problem because none of them know enough to fix it. Worse, you can replace the word five with fifty and it may be still true.
I know of three of these, all gainfully employed at this time and could each find at least a couple jobs if they wanted. I am one, my son is two and a guy we worked with is the third.
At one time (40 years ago) the mantra in IS was train for expertise, now it is hire for it. Somewhere there has to be a happy medium. I suggest this, find a good coder, not a mediocre who writes shit code but a good one who can think and learn and when you talk about branching out with his skill set he or she lights up. His first thing on site is take the A+ networking course.
No, I do not sell the courses. But I have seen this kind of approach work when nothing else was.
Ralph Brandt Communications Engineer HP Enterprise Services Telephone +1 717.506.0802 FAX +1 717.506.4358 Email Ralph.Brandt@pateam.com 5095 Ritter Rd Mechanicsburg PA 17055
-----Original Message----- From: A. Pishdadi [mailto:apishdadi@gmail.com] Sent: Sunday, February 26, 2012 8:27 PM To: NANOG Subject: Programmers with network engineering skills
Hello All,
i have been looking for quite some time now a descent coder (c,php) who has a descent amount of system admin / netadmin experience. Doesn't necessarily need to be an expert at network engineering but being acclimated in understanding the basic fundamentals of networking. Understanding basic routing concepts, how to diagnose using tcpdump / pcap, understanding subnetting and how bgp works (not necessarily setting up bgp). I've posted job listings on the likes of dice and monster and have not found any good canidates, most of them ASP / Java guys.
If anyone can point me to a site they might recommend for job postings or know of any consulting firms that might provide these services that would be greatly appreciated.
I'm definitely in that camp as well :-) In my experience the path of least resistance is to get a junior network engineer and mentor he/she into improving his/hers programming skills than go the other way around. s2 C. On 2/27/12 6:22 PM, Owen DeLong wrote:
I think you're more likely to find a network engineer with (possibly limited) programming skills.
That's certainly where I would categorize myself.
Owen
On Feb 27, 2012, at 12:02 PM, Brandt, Ralph wrote:
Generalists are hard to come by these days. They are people who learn less and less about more and more till they know nothing about everything. People today are specializing in the left and right halves of the bytes.... They learn more and more about less and less till they know everything about nothing. And BTW, they are worthless unless you have five of them working on a problem because none of them know enough to fix it. Worse, you can replace the word five with fifty and it may be still true.
I know of three of these, all gainfully employed at this time and could each find at least a couple jobs if they wanted. I am one, my son is two and a guy we worked with is the third.
At one time (40 years ago) the mantra in IS was train for expertise, now it is hire for it. Somewhere there has to be a happy medium. I suggest this, find a good coder, not a mediocre who writes shit code but a good one who can think and learn and when you talk about branching out with his skill set he or she lights up. His first thing on site is take the A+ networking course.
No, I do not sell the courses. But I have seen this kind of approach work when nothing else was.
Ralph Brandt Communications Engineer HP Enterprise Services Telephone +1 717.506.0802 FAX +1 717.506.4358 Email Ralph.Brandt@pateam.com 5095 Ritter Rd Mechanicsburg PA 17055
-----Original Message----- From: A. Pishdadi [mailto:apishdadi@gmail.com] Sent: Sunday, February 26, 2012 8:27 PM To: NANOG Subject: Programmers with network engineering skills
Hello All,
i have been looking for quite some time now a descent coder (c,php) who has a descent amount of system admin / netadmin experience. Doesn't necessarily need to be an expert at network engineering but being acclimated in understanding the basic fundamentals of networking. Understanding basic routing concepts, how to diagnose using tcpdump / pcap, understanding subnetting and how bgp works (not necessarily setting up bgp). I've posted job listings on the likes of dice and monster and have not found any good canidates, most of them ASP / Java guys.
If anyone can point me to a site they might recommend for job postings or know of any consulting firms that might provide these services that would be greatly appreciated.
In my experience the path of least resistance is to get a junior network engineer and ...
agree, where the end goal is to increment the facility's scripting capable administrators. been there, done that. disagree, where the end goal is to create a coherent distributed system with a non-trivial lifecycle, release schedule, documentation, i18n/l10n capabilities and deliverables, resembling an operating system product. been there, done that. where i'm looking at gray is platforms built atop of platforms. for mpi, pvm and similar (b) is the better choice. for grid computing, i suspect (a) may answer. -e
In my experience the path of least resistance is to get a junior network engineer and mentor he/she into improving his/hers programming skills than go the other way around.
and then the organization pays forever to maintain the crap code while the kiddie learned to program. right. brilliant. Always code as if the guy who ends up maintaining your code will be a violent psychopath who knows where you live. -- Martin Golding randy
2012/3/2 Randy Bush <randy@psg.com>
In my experience the path of least resistance is to get a junior network engineer and mentor he/she into improving his/hers programming skills than go the other way around.
and then the organization pays forever to maintain the crap code while the kiddie learned to program. right. brilliant.
+1 Although, I've seen the opposite where a brilliant developer writes wonderful code, leaves and you are left with a similarly difficult situation since there are no more programmers in the department and no brilliant developers willing to do programming that requires in depth knowledge of networking.
Always code as if the guy who ends up maintaining your code will be a violent psychopath who knows where you live. -- Martin Golding
randy
In my experience the path of least resistance is to get a junior network engineer and mentor he/she into improving his/hers programming skills than go the other way around.
and then the organization pays forever to maintain the crap code while the kiddie learned to program. right. brilliant.
+1 Although, I've seen the opposite where a brilliant developer writes wonderful code, leaves and you are left with a similarly difficult situation since there are no more programmers in the department and no brilliant developers willing to do programming that requires in depth knowledge of networking.
that was not a brilliant developer. that was a clever developer. Debugging is twice as hard as writing the code in the first place. Therefore, if you write the code as cleverly as possible, you are, by definition, not smart enough to debug it. -- Brian W. Kernighan and, if the department was not willing to invest in long-term software capability, then they were foolish to enter the game in the first place. go find an open-source solution or buy commercial. and if none fit your needs, and you are not willing to invest in softdev, then you have a problem in your business model. randy
2012/3/2 Randy Bush <randy@psg.com>
In my experience the path of least resistance is to get a junior network engineer and mentor he/she into improving his/hers programming skills than go the other way around.
and then the organization pays forever to maintain the crap code while the kiddie learned to program. right. brilliant.
+1 Although, I've seen the opposite where a brilliant developer writes wonderful code, leaves and you are left with a similarly difficult situation since there are no more programmers in the department and no brilliant developers willing to do programming that requires in depth knowledge of networking.
that was not a brilliant developer. that was a clever developer.
Debugging is twice as hard as writing the code in the first place. Therefore, if you write the code as cleverly as possible, you are, by definition, not smart enough to debug it. -- Brian W. Kernighan
It's not so much that the code was too clever to troubleshoot, just that we were fresh out of developers.
and, if the department was not willing to invest in long-term software capability, then they were foolish to enter the game in the first place.
If I said this was the first time I saw a large corporation do something foolish I'd be lying... I was consulting on a project that created a need to modify the existing code. I probably could have tackled it but I have a day job and didn't want to become the "house developer". Watching people try to explain to upper management why their band of merry router jockeys should have a developer was interesting. Sometimes it comes down to convincing the business side to invest time and money into creating the development position for code that hasn't been touched in years.. If you just look at the technical bits, the need is usually obvious.
go find an open-source solution or buy commercial. and if none fit your needs, and you are not willing to invest in softdev, then you have a problem in your business model.
Agreed... but I was consulting. My business model was satisfied when I walked through the door. I'm not saying there shouldn't be developers on a team of network engineers, it's was just interesting to see what happens when the one-eye'd man leaves.
Never said it was *perfect*. But you probably haven't a good (in CV terms at least) prorgrammer assigned to you but didn't know the difference between a TCP port and an IP protocol number. Or the difference between an Ethernet and an IP address. For me at least (and I grant you that everyone's mileage may vary), it has been a lot easier to teach networkers to program than the other way around. I remember (not very fondly) the time when I was assigned to the team which was going to write a DNS provisioning system, which was going to be used by clients to get x.tld domains, and which had to periodically generate the zone. A team of programmers, fully into the maintainability, lifecycle, corporate IT thing was created. They didn't know what a DNS zone was, or a SOA record, or a CNAME record for that matter. The project failed before I could bring the matter of AAAA records up. Several tens of thousands of dollars were spent on a failed project that could have been saved by a different choice of programmers. The same problem was solved some two years later by a team composed mainly of network engineers with one or two corporate IT programmers who were in charge of ensuring lifecycle and integration with business systems. And a programming engineer (even if he/she is by default an electrical/network engineer) is a far cry from a script kiddie. Sorry to differ on that. cheers! Carlos On 3/2/12 8:35 PM, Randy Bush wrote:
In my experience the path of least resistance is to get a junior network engineer and mentor he/she into improving his/hers programming skills than go the other way around. and then the organization pays forever to maintain the crap code while the kiddie learned to program. right. brilliant.
Always code as if the guy who ends up maintaining your code will be a violent psychopath who knows where you live. -- Martin Golding
randy
I've played on both sides of the fence of this one, but I think the key piece is that you have to get enough software engineering for your tool to fit the life cycle it needs to follow and enough domain specific knowledge to for the tool to do what it exists to do. If you lack *either* of those you're going to suffer either through a tool that doesn't do what its supposed to or a tool that does everything it should right *now* but can't be efficiently expanded when the project scope suddenly expands. The real challenge is understanding what the scope of your project is and what it will likely be in ~4 years. If its not going to change much then the need for professional software engineering methodologies & practices is much lower than if you're going to have to add new features each quarter. Your target audience also has a big impact on what you need to do. Most internal projects have little need for a professional UI designer, but if you have a project that's going to touch thousands of people using a range of PC's and other devices you had better spend a lot of time on UI. tl;dr I don't think there is a *right* answer to be found because it depends on the project. BTW, just replying to Carlos in general not in specific. On 3/5/2012 11:08 AM, Carlos Martinez-Cagnazzo wrote:
Never said it was *perfect*. But you probably haven't a good (in CV terms at least) prorgrammer assigned to you but didn't know the difference between a TCP port and an IP protocol number. Or the difference between an Ethernet and an IP address.
For me at least (and I grant you that everyone's mileage may vary), it has been a lot easier to teach networkers to program than the other way around.
I remember (not very fondly) the time when I was assigned to the team which was going to write a DNS provisioning system, which was going to be used by clients to get x.tld domains, and which had to periodically generate the zone.
A team of programmers, fully into the maintainability, lifecycle, corporate IT thing was created. They didn't know what a DNS zone was, or a SOA record, or a CNAME record for that matter. The project failed before I could bring the matter of AAAA records up. Several tens of thousands of dollars were spent on a failed project that could have been saved by a different choice of programmers.
The same problem was solved some two years later by a team composed mainly of network engineers with one or two corporate IT programmers who were in charge of ensuring lifecycle and integration with business systems.
And a programming engineer (even if he/she is by default an electrical/network engineer) is a far cry from a script kiddie. Sorry to differ on that.
cheers!
Carlos
On 3/2/12 8:35 PM, Randy Bush wrote:
In my experience the path of least resistance is to get a junior network engineer and mentor he/she into improving his/hers programming skills than go the other way around. and then the organization pays forever to maintain the crap code while the kiddie learned to program. right. brilliant.
Always code as if the guy who ends up maintaining your code will be a violent psychopath who knows where you live. -- Martin Golding
randy
-- Scott Helms Vice President of Technology ISP Alliance, Inc. DBA ZCorum (678) 507-5000 -------------------------------- http://twitter.com/kscotthelms --------------------------------
Global NAPs seemingly shutdown all tandem services last week and it is causing major congestion issues with routing calls. Anyone have more information on this mess as it seems to be in it's 4th day? Thanks Mark Stevens
FYI, picking an existing message, hitting reply, and then changing the subject line is not a good way to start a new thread. It causes your message to appear in an odd location for those of us who use threaded mail readers, and may cause your message to be ignored altogether. hth, Doug
Scott, I fully agree with you. In fact, I was just commenting on *my* experiences and never implied that they would / should apply the same for everyone. cheers! Carlos On 3/5/12 3:53 PM, Scott Helms wrote:
I've played on both sides of the fence of this one, but I think the key piece is that you have to get enough software engineering for your tool to fit the life cycle it needs to follow and enough domain specific knowledge to for the tool to do what it exists to do. If you lack *either* of those you're going to suffer either through a tool that doesn't do what its supposed to or a tool that does everything it should right *now* but can't be efficiently expanded when the project scope suddenly expands. The real challenge is understanding what the scope of your project is and what it will likely be in ~4 years. If its not going to change much then the need for professional software engineering methodologies & practices is much lower than if you're going to have to add new features each quarter. Your target audience also has a big impact on what you need to do. Most internal projects have little need for a professional UI designer, but if you have a project that's going to touch thousands of people using a range of PC's and other devices you had better spend a lot of time on UI.
tl;dr I don't think there is a *right* answer to be found because it depends on the project.
BTW, just replying to Carlos in general not in specific.
On 3/5/2012 11:08 AM, Carlos Martinez-Cagnazzo wrote:
Never said it was *perfect*. But you probably haven't a good (in CV terms at least) prorgrammer assigned to you but didn't know the difference between a TCP port and an IP protocol number. Or the difference between an Ethernet and an IP address.
For me at least (and I grant you that everyone's mileage may vary), it has been a lot easier to teach networkers to program than the other way around.
I remember (not very fondly) the time when I was assigned to the team which was going to write a DNS provisioning system, which was going to be used by clients to get x.tld domains, and which had to periodically generate the zone.
A team of programmers, fully into the maintainability, lifecycle, corporate IT thing was created. They didn't know what a DNS zone was, or a SOA record, or a CNAME record for that matter. The project failed before I could bring the matter of AAAA records up. Several tens of thousands of dollars were spent on a failed project that could have been saved by a different choice of programmers.
The same problem was solved some two years later by a team composed mainly of network engineers with one or two corporate IT programmers who were in charge of ensuring lifecycle and integration with business systems.
And a programming engineer (even if he/she is by default an electrical/network engineer) is a far cry from a script kiddie. Sorry to differ on that.
cheers!
Carlos
On 3/2/12 8:35 PM, Randy Bush wrote:
In my experience the path of least resistance is to get a junior network engineer and mentor he/she into improving his/hers programming skills than go the other way around. and then the organization pays forever to maintain the crap code while the kiddie learned to program. right. brilliant.
Always code as if the guy who ends up maintaining your code will be a violent psychopath who knows where you live. -- Martin Golding
randy
Given my experience to date with the assumptions made by programers about networking in the following: Apps (iOS apps, Droid apps, etc.) Consumer Electronics Microcontrollers Home Routers I have to say that the strategy being used to date, whichever one it is, is not working. I will also note that the erroneous assumptions, incorrect behaviors, and other problems I have encountered with these items are indicative of coders that almost learned networking more than of networkers that almost learned software development. Owen On Mar 5, 2012, at 9:53 AM, Scott Helms wrote:
I've played on both sides of the fence of this one, but I think the key piece is that you have to get enough software engineering for your tool to fit the life cycle it needs to follow and enough domain specific knowledge to for the tool to do what it exists to do. If you lack *either* of those you're going to suffer either through a tool that doesn't do what its supposed to or a tool that does everything it should right *now* but can't be efficiently expanded when the project scope suddenly expands. The real challenge is understanding what the scope of your project is and what it will likely be in ~4 years. If its not going to change much then the need for professional software engineering methodologies & practices is much lower than if you're going to have to add new features each quarter. Your target audience also has a big impact on what you need to do. Most internal projects have little need for a professional UI designer, but if you have a project that's going to touch thousands of people using a range of PC's and other devices you had better spend a lot of time on UI.
tl;dr I don't think there is a *right* answer to be found because it depends on the project.
BTW, just replying to Carlos in general not in specific.
On 3/5/2012 11:08 AM, Carlos Martinez-Cagnazzo wrote:
Never said it was *perfect*. But you probably haven't a good (in CV terms at least) prorgrammer assigned to you but didn't know the difference between a TCP port and an IP protocol number. Or the difference between an Ethernet and an IP address.
For me at least (and I grant you that everyone's mileage may vary), it has been a lot easier to teach networkers to program than the other way around.
I remember (not very fondly) the time when I was assigned to the team which was going to write a DNS provisioning system, which was going to be used by clients to get x.tld domains, and which had to periodically generate the zone.
A team of programmers, fully into the maintainability, lifecycle, corporate IT thing was created. They didn't know what a DNS zone was, or a SOA record, or a CNAME record for that matter. The project failed before I could bring the matter of AAAA records up. Several tens of thousands of dollars were spent on a failed project that could have been saved by a different choice of programmers.
The same problem was solved some two years later by a team composed mainly of network engineers with one or two corporate IT programmers who were in charge of ensuring lifecycle and integration with business systems.
And a programming engineer (even if he/she is by default an electrical/network engineer) is a far cry from a script kiddie. Sorry to differ on that.
cheers!
Carlos
On 3/2/12 8:35 PM, Randy Bush wrote:
In my experience the path of least resistance is to get a junior network engineer and mentor he/she into improving his/hers programming skills than go the other way around. and then the organization pays forever to maintain the crap code while the kiddie learned to program. right. brilliant.
Always code as if the guy who ends up maintaining your code will be a violent psychopath who knows where you live. -- Martin Golding
randy
-- Scott Helms Vice President of Technology ISP Alliance, Inc. DBA ZCorum (678) 507-5000 -------------------------------- http://twitter.com/kscotthelms --------------------------------
2012/3/5 Owen DeLong <owen@delong.com>
Given my experience to date with the assumptions made by programers about networking in the following:
Apps (iOS apps, Droid apps, etc.) Consumer Electronics Microcontrollers Home Routers
I have to say that the strategy being used to date, whichever one it is, is not working. I will also note that the erroneous assumptions, incorrect behaviors, and other problems I have encountered with these items are indicative of coders that almost learned networking more than of networkers that almost learned software development.
I think it comes down to economics mostly. Most development jobs either do not require knowledge of networking or do not enforce the requirement. There are plenty of jobs where developers do not need to know networking so when it's a sticking point it just becomes harder to find someone that fits. This doesn't give the average developer much incentive to learn networking, even if it leads to buggy or incorrectly written code. On the other hand a senior net-eng that can code is worth is weight in gold, especially if he can spit out palatable webUI's for everything.
Owen, I'd say that everyone's PoV on this is going to be experience driven. I've seen both approaches work (and both fail) and IMO the determining factor was matching the "right" approach with the project. I don't believe that you can develop a large scale project (large scale being a team of 12 or more full time developers working for more than a year on the same project) with people who primarily want to be network engineers. Its not a matter of skill set so much as it as what interests each group and they are very different. Today I manage network engineers, Unix/Linux System Administrators, and Java (and Flex) developers and while there are tasks I can move from one group to another there is usually a best home for a specific project. Where I usually run into trouble is when I put a project into a non-optimal group usually because of deadlines. On 3/5/2012 3:29 PM, Owen DeLong wrote:
Given my experience to date with the assumptions made by programers about networking in the following:
Apps (iOS apps, Droid apps, etc.) Consumer Electronics Microcontrollers Home Routers
I have to say that the strategy being used to date, whichever one it is, is not working. I will also note that the erroneous assumptions, incorrect behaviors, and other problems I have encountered with these items are indicative of coders that almost learned networking more than of networkers that almost learned software development.
Owen
On Mar 5, 2012, at 9:53 AM, Scott Helms wrote:
I've played on both sides of the fence of this one, but I think the key piece is that you have to get enough software engineering for your tool to fit the life cycle it needs to follow and enough domain specific knowledge to for the tool to do what it exists to do. If you lack *either* of those you're going to suffer either through a tool that doesn't do what its supposed to or a tool that does everything it should right *now* but can't be efficiently expanded when the project scope suddenly expands. The real challenge is understanding what the scope of your project is and what it will likely be in ~4 years. If its not going to change much then the need for professional software engineering methodologies& practices is much lower than if you're going to have to add new features each quarter. Your target audience also has a big impact on what you need to do. Most internal projects have little need for a professional UI designer, but if you have a project that's going to touch thousands of people using a range of PC's and other devices you had better spend a lot of time on UI.
tl;dr I don't think there is a *right* answer to be found because it depends on the project.
BTW, just replying to Carlos in general not in specific.
On 3/5/2012 11:08 AM, Carlos Martinez-Cagnazzo wrote:
Never said it was *perfect*. But you probably haven't a good (in CV terms at least) prorgrammer assigned to you but didn't know the difference between a TCP port and an IP protocol number. Or the difference between an Ethernet and an IP address.
For me at least (and I grant you that everyone's mileage may vary), it has been a lot easier to teach networkers to program than the other way around.
I remember (not very fondly) the time when I was assigned to the team which was going to write a DNS provisioning system, which was going to be used by clients to get x.tld domains, and which had to periodically generate the zone.
A team of programmers, fully into the maintainability, lifecycle, corporate IT thing was created. They didn't know what a DNS zone was, or a SOA record, or a CNAME record for that matter. The project failed before I could bring the matter of AAAA records up. Several tens of thousands of dollars were spent on a failed project that could have been saved by a different choice of programmers.
The same problem was solved some two years later by a team composed mainly of network engineers with one or two corporate IT programmers who were in charge of ensuring lifecycle and integration with business systems.
And a programming engineer (even if he/she is by default an electrical/network engineer) is a far cry from a script kiddie. Sorry to differ on that.
cheers!
Carlos
On 3/2/12 8:35 PM, Randy Bush wrote:
In my experience the path of least resistance is to get a junior network engineer and mentor he/she into improving his/hers programming skills than go the other way around. and then the organization pays forever to maintain the crap code while the kiddie learned to program. right. brilliant.
Always code as if the guy who ends up maintaining your code will be a violent psychopath who knows where you live. -- Martin Golding
randy
-- Scott Helms Vice President of Technology ISP Alliance, Inc. DBA ZCorum (678) 507-5000 -------------------------------- http://twitter.com/kscotthelms --------------------------------
-- Scott Helms Vice President of Technology ISP Alliance, Inc. DBA ZCorum (678) 507-5000 -------------------------------- http://twitter.com/kscotthelms --------------------------------
On Mar 5, 2012, at 12:51 PM, Scott Helms wrote:
Owen,
I'd say that everyone's PoV on this is going to be experience driven. I've seen both approaches work (and both fail) and IMO the determining factor was matching the "right" approach with the project. I don't believe that you can develop a large scale project (large scale being a team of 12 or more full time developers working for more than a year on the same project) with people who primarily want to be network engineers. Its not a matter of skill set so much as it as what interests each group and they are very different.
I completely agree. In fact, such an effort is likely to fail in a rather spectacular and obvious manner if anyone were even to attempt it. I think everyone pretty much realizes the truth of this statement intuitively. However, the bigger problem (from my experience-driven POV) is that it is not so intuitively obvious that developing a network-based product using a team consisting entirely of developers who view the network as an unnecessarily complicated serial port (which, really is about the approach most developers seem to take to networking) is also doomed to a certain amount of failure. Usually that comes in the form of products that make invalid assumptions/assertions about the environment(s) in which they will operate. For example, most apps designed to work with consumer electronics make the assumption that everything in a given household will be within the same broadcast domain as the device on which the app is running. However, in my household, the wireless network and the wired network are in separate broadcast domains. The consumer electronics are by and large on the wired network. The iPad, iPhone, and other portable network-capable electronics are not. Faced with a support request regarding this problem, the universal answer has been to insist that this assumption is correct and that I should work with my router vendor to correct the problems in my network.
Today I manage network engineers, Unix/Linux System Administrators, and Java (and Flex) developers and while there are tasks I can move from one group to another there is usually a best home for a specific project. Where I usually run into trouble is when I put a project into a non-optimal group usually because of deadlines.
Of course. But when the task crosses the skill-sets of the different groups, it's not always obvious which group is optimal or how to go about merging the correct blend of talents from each. Owen
On 3/5/2012 3:29 PM, Owen DeLong wrote:
Given my experience to date with the assumptions made by programers about networking in the following:
Apps (iOS apps, Droid apps, etc.) Consumer Electronics Microcontrollers Home Routers
I have to say that the strategy being used to date, whichever one it is, is not working. I will also note that the erroneous assumptions, incorrect behaviors, and other problems I have encountered with these items are indicative of coders that almost learned networking more than of networkers that almost learned software development.
Owen
On Mar 5, 2012, at 9:53 AM, Scott Helms wrote:
I've played on both sides of the fence of this one, but I think the key piece is that you have to get enough software engineering for your tool to fit the life cycle it needs to follow and enough domain specific knowledge to for the tool to do what it exists to do. If you lack *either* of those you're going to suffer either through a tool that doesn't do what its supposed to or a tool that does everything it should right *now* but can't be efficiently expanded when the project scope suddenly expands. The real challenge is understanding what the scope of your project is and what it will likely be in ~4 years. If its not going to change much then the need for professional software engineering methodologies& practices is much lower than if you're going to have to add new features each quarter. Your target audience also has a big impact on what you need to do. Most internal projects have little need for a professional UI designer, but if you have a project that's going to touch thousands of people using a range of PC's and other devices you had better spend a lot of time on UI.
tl;dr I don't think there is a *right* answer to be found because it depends on the project.
BTW, just replying to Carlos in general not in specific.
On 3/5/2012 11:08 AM, Carlos Martinez-Cagnazzo wrote:
Never said it was *perfect*. But you probably haven't a good (in CV terms at least) prorgrammer assigned to you but didn't know the difference between a TCP port and an IP protocol number. Or the difference between an Ethernet and an IP address.
For me at least (and I grant you that everyone's mileage may vary), it has been a lot easier to teach networkers to program than the other way around.
I remember (not very fondly) the time when I was assigned to the team which was going to write a DNS provisioning system, which was going to be used by clients to get x.tld domains, and which had to periodically generate the zone.
A team of programmers, fully into the maintainability, lifecycle, corporate IT thing was created. They didn't know what a DNS zone was, or a SOA record, or a CNAME record for that matter. The project failed before I could bring the matter of AAAA records up. Several tens of thousands of dollars were spent on a failed project that could have been saved by a different choice of programmers.
The same problem was solved some two years later by a team composed mainly of network engineers with one or two corporate IT programmers who were in charge of ensuring lifecycle and integration with business systems.
And a programming engineer (even if he/she is by default an electrical/network engineer) is a far cry from a script kiddie. Sorry to differ on that.
cheers!
Carlos
On 3/2/12 8:35 PM, Randy Bush wrote:
In my experience the path of least resistance is to get a junior network engineer and mentor he/she into improving his/hers programming skills than go the other way around. and then the organization pays forever to maintain the crap code while the kiddie learned to program. right. brilliant.
Always code as if the guy who ends up maintaining your code will be a violent psychopath who knows where you live. -- Martin Golding
randy
-- Scott Helms Vice President of Technology ISP Alliance, Inc. DBA ZCorum (678) 507-5000 -------------------------------- http://twitter.com/kscotthelms --------------------------------
-- Scott Helms Vice President of Technology ISP Alliance, Inc. DBA ZCorum (678) 507-5000 -------------------------------- http://twitter.com/kscotthelms --------------------------------
On Mon, Mar 5, 2012 at 6:46 PM, Owen DeLong <owen@delong.com> wrote:
However, the bigger problem (from my experience-driven POV) is that it is not so intuitively obvious that developing a network-based product using a team consisting entirely of developers who view the network as an unnecessarily complicated serial port (which, really is about the approach most developers seem to take to networking) is also doomed to a certain amount of failure.
Owen, Surely you don't mean to suggest that having someone with domain knowledge develop a set of requirements and then kick it over the wall to folks who know how to program but have no domain knowledge is a recipe for failure? That having linchpin members of the team with core competencies in both software development -and- the product-relevant knowledge domains is critical to success? Regards, Bill Herrin -- William D. Herrin ................ herrin@dirtside.com bill@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004
On 03/05/2012 03:46 PM, Owen DeLong wrote:
However, the bigger problem (from my experience-driven POV) is that it is not so intuitively obvious that developing a network-based product using a team consisting entirely of developers who view the network as an unnecessarily complicated serial port
Here's a thought: if you want network clueful programmers, do what everybody else does when they need a XXX clueful programmer: hire them fresh and mold them. Programmers don't come with built in skills for the vast array of possibilities, so they have to learn it *somewhere*. Mike, networking is no different than any other specialized area, imo
On Mon, 5 Mar 2012, Owen DeLong wrote:
However, the bigger problem (from my experience-driven POV) is that it is not so intuitively obvious that developing a network-based product using a team consisting entirely of developers who view the network as an unnecessarily complicated serial port (which, really is about the approach most developers seem to take to networking) is also doomed to a certain amount of failure.
I'd also add that many software developers are either ignorant of how protocols operate, or they take a "meh, it's close enough, XYZ gets through, doesn't it?" approach. That's not to say that those developers aren't good at what they do - they just might not be accustomed to working the way that people with a more network-centric (or task-agnostic) view would likely choose to work. This would include things like digesting RFCs/standards/BCPs, boiling those down to finite-state machines and then writing code to execute the machine. Admittedly we (the 'network guys') don't always make it easy for them. RFCs get obsoleted by newer RFCs, but the newer RFCs might still reference items from the original RFC, etc. This can turn into developing for something that is still a moving target (DHCPv6, anyone?), which can turn into scope creep, and ultimately, frustrated developers (see: "meh, it's close enough, XYZ gets through, doesn't it?").
For example, most apps designed to work with consumer electronics make the assumption that everything in a given household will be within the same broadcast domain as the device on which the app is running. However, in my household, the wireless network and the wired network are in separate broadcast domains. The consumer electronics are by and large on the wired network. The iPad, iPhone, and other portable network-capable electronics are not.
Other common, but misguided assumptions (even in 2012): 1. You will be using IPv4. We have no idea what this IPv6 nonsense is. Looks complicated and scary. 2. 255.255.255.0 is the only valid netmask. 3. You are using Internet Explorer, and our web management interface has ActiveX controls that require you to do so. 4. You will be assimilated. Resistance is futile. jms
On Mon, Mar 5, 2012 at 6:09 PM, Justin M. Streiner <streiner@cluebyfour.org> wrote:
Admittedly we (the 'network guys') don't always make it easy for them. RFCs get obsoleted by newer RFCs, but the newer RFCs might still reference items from the original RFC, etc. This can turn into developing for something
Yes, this is problematic. The preferred result should be one specification for each protocol, with references only for optional extensions.
Other common, but misguided assumptions (even in 2012): 1. You will be using IPv4. We have no idea what this IPv6 nonsense is. Looks complicated and scary. 2. 255.255.255.0 is the only valid netmask. 3. You are using Internet Explorer, and our web management interface has ActiveX controls that require you to do so. 4. You will be assimilated. Resistance is futile.
Add some additional misguided assumptions: (5) Any IP address whose first octet is 192. or 1. is a private IP. (6) Any IP address whose first octet is not 192. is not a valid LAN IP. (7) Any IP address whose last octet is .0 is an invalid IP host address (8) Any IP address whose last octet is .255 is an invalid IP host address (9) If my DNS service supports DNSSEC validation, even with no trust anchors configured, it's cool to go ahead and send all queries with the CD and DO bits set to 1 and perform no validation; it's even cooler if I only support SHA1 keys and no RSA/SHA-256. (10) Everyone enters their NTP, and AD servers by IP address, so it is best to have a textbox that only allows IPs, not hostnames. (11) Nobody actually uses SRV records, so don't bother looking for them. (12) Once a DNS lookup has been performed, the IP never changes, so it makes sense to keep this in memory until we reboot. (13) Nobody has more than 1 recursive DNS server, 1 NTP server, 1 LDAP server, 1 Syslog server, and 1 Snmp management station; so a single IP entry text box for each will suffice. (14) Nobody has more than 2 recursive DNS servers, so just allow only 2 to be entered. (15) 30 seconds per resolver seems like a good timeout for DNS queries, so no need for a configurable timeout; just try each server sequentially, make the UI hang, the user will be happy to wait 5 minutes; also make the service provided by the device temporarily stop -- users likes it when their devices stop working, to remind them to get their first DNS server back up. (16) The default gateway's IP address is always 192.168.0.1 (17) The user portion of E-mail addresses never contain special characters like "-" "+" "$" "~" "." ",", "[", "]"
jms -- -JH
About (5 thru 6) Hard to keep a straight face in front of a customer when, after assigning him a IP in our 192.172.250.0 range... ... He ask why are we NATing using private IP's. We also had plenty of experience with ppl getting confused about 16, 17. Your could add L2 Trunking and VRRP to your list... I spent many hours explaining those to no avail on many occasion. Sad. ----- Alain Hebert ahebert@pubnix.net PubNIX Inc. 50 boul. St-Charles P.O. Box 26770 Beaconsfield, Quebec H9W 6G7 Tel: 514-990-5911 http://www.pubnix.net Fax: 514-990-9443 On 03/05/12 21:36, Jimmy Hess wrote:
On Mon, Mar 5, 2012 at 6:09 PM, Justin M. Streiner <streiner@cluebyfour.org> wrote:
Admittedly we (the 'network guys') don't always make it easy for them. RFCs get obsoleted by newer RFCs, but the newer RFCs might still reference items from the original RFC, etc. This can turn into developing for something Yes, this is problematic. The preferred result should be one specification for each protocol, with references only for optional extensions.
Other common, but misguided assumptions (even in 2012): 1. You will be using IPv4. We have no idea what this IPv6 nonsense is. Looks complicated and scary. 2. 255.255.255.0 is the only valid netmask. 3. You are using Internet Explorer, and our web management interface has ActiveX controls that require you to do so. 4. You will be assimilated. Resistance is futile. Add some additional misguided assumptions:
(5) Any IP address whose first octet is 192. or 1. is a private IP. (6) Any IP address whose first octet is not 192. is not a valid LAN IP. (7) Any IP address whose last octet is .0 is an invalid IP host address (8) Any IP address whose last octet is .255 is an invalid IP host address
(9) If my DNS service supports DNSSEC validation, even with no trust anchors configured, it's cool to go ahead and send all queries with the CD and DO bits set to 1 and perform no validation; it's even cooler if I only support SHA1 keys and no RSA/SHA-256.
(10) Everyone enters their NTP, and AD servers by IP address, so it is best to have a textbox that only allows IPs, not hostnames.
(11) Nobody actually uses SRV records, so don't bother looking for them.
(12) Once a DNS lookup has been performed, the IP never changes, so it makes sense to keep this in memory until we reboot.
(13) Nobody has more than 1 recursive DNS server, 1 NTP server, 1 LDAP server, 1 Syslog server, and 1 Snmp management station; so a single IP entry text box for each will suffice.
(14) Nobody has more than 2 recursive DNS servers, so just allow only 2 to be entered.
(15) 30 seconds per resolver seems like a good timeout for DNS queries, so no need for a configurable timeout; just try each server sequentially, make the UI hang, the user will be happy to wait 5 minutes; also make the service provided by the device temporarily stop -- users likes it when their devices stop working, to remind them to get their first DNS server back up.
(16) The default gateway's IP address is always 192.168.0.1 (17) The user portion of E-mail addresses never contain special characters like "-" "+" "$" "~" "." ",", "[", "]"
jms -- -JH
if I may chime in - It is the nature of the corporate-beast which has changed. When I was starting out in the 80's and even through the early 90's network eng and sys eng went hand in hand. Today it is far more silo'd. NetEng, SysEng are very *distinct* and as a result different groups today from an operational standpoint. NetEng deals with tcp/ip(without having a clue as to how apps interact with tcp/ip (generally speaking!!) and the opposite applies to SysEng(once again, generally speaking!) So, programmers with network engineering skills and vise-versa are a rare-commodity to say the least. I don't think it has anything to do with who is *inherently* interested in network eng or sys eng. In the end: upto the "$Employer". Know what you are *really* looking for, give them the opportunity to expand their horizons and you will have found your-network engineer/programmer(you will still find people who are willing to learn - that is you greatest asset!!) ( I used to script, write; maybe a few lines of C many many years ago....as a Sr. Network Engineer. Haven't done that for years because $employer doesn't want it as a part of my job: and to $employer, I The "Sr. Network Architect".....<lol> My 02c's worth wrt this thread. ./Randy --- On Mon, 3/5/12, Alain Hebert <ahebert@pubnix.net> wrote:
From: Alain Hebert <ahebert@pubnix.net> Subject: Re: Programmers with network engineering skills To: nanog@nanog.org Date: Monday, March 5, 2012, 7:18 PM About (5 thru 6)
Hard to keep a straight face in front of a customer when, after assigning him a IP in our 192.172.250.0 range...
... He ask why are we NATing using private IP's.
We also had plenty of experience with ppl getting confused about 16, 17.
Your could add L2 Trunking and VRRP to your list... I spent many hours explaining those to no avail on many occasion.
Sad.
----- Alain Hebert ahebert@pubnix.net PubNIX Inc. 50 boul. St-Charles P.O. Box 26770 Beaconsfield, Quebec H9W 6G7 Tel: 514-990-5911 http://www.pubnix.net Fax: 514-990-9443
On 03/05/12 21:36, Jimmy Hess wrote:
On Mon, Mar 5, 2012 at 6:09 PM, Justin M. Streiner <streiner@cluebyfour.org> wrote:
Admittedly we (the 'network guys') don't always make it easy for them. RFCs get obsoleted by newer RFCs, but the newer RFCs might still reference items from the original RFC, etc. This can turn into developing for something Yes, this is problematic. The preferred result should be one specification for each protocol, with references only for optional extensions.
Other common, but misguided assumptions (even in 2012): 1. You will be using IPv4. We have no idea what this IPv6 nonsense is. Looks complicated and scary. 2. 255.255.255.0 is the only valid netmask. 3. You are using Internet Explorer, and our web management interface has ActiveX controls that require you to do so. 4. You will be assimilated. Resistance is futile. Add some additional misguided assumptions:
(5) Any IP address whose first octet is 192. or 1. is a private IP. (6) Any IP address whose first octet is not 192. is not a valid LAN IP. (7) Any IP address whose last octet is .0 is an invalid IP host address (8) Any IP address whose last octet is .255 is an invalid IP host address
(9) If my DNS service supports DNSSEC validation, even with no trust anchors
the CD and DO bits set to 1 and
support SHA1 keys and no RSA/SHA-256.
(10) Everyone enters their NTP, and AD servers by IP address, so it is best to have a textbox that only allows IPs, not hostnames.
(11) Nobody actually uses SRV records, so don't bother looking for them.
(12) Once a DNS lookup has been
it makes sense to keep
configured, it's cool to go ahead and send all queries with perform no validation; it's even cooler if I only performed, the IP never changes, so this in memory until we reboot.
(13) Nobody has more than 1
recursive DNS server, 1 NTP server, 1
LDAP server, 1 Syslog server, and 1 Snmp management station; so a single IP entry text box for each will suffice.
(14) Nobody has more than 2 recursive DNS servers, so just allow only 2 to be entered.
(15) 30 seconds per resolver seems like a good timeout for DNS queries, so no need for a configurable timeout; just try each server sequentially, make the UI hang, the user will be happy to wait 5 minutes; also make the service provided by the device temporarily stop -- users likes it when their devices stop working, to remind them to get their first DNS server back up.
(16) The default gateway's IP address is always 192.168.0.1 (17) The user portion of E-mail addresses never contain special characters like "-" "+" "$" "~" "." ",", "[", "]"
jms -- -JH
In message <CAAAwwbXPpNEU_aKgUe=9Si2ZaYn30+NmrHOsV2t4AG5fUEtUHw@mail.gmail.com> , Jimmy Hess writes:
On Mon, Mar 5, 2012 at 6:09 PM, Justin M. Streiner <streiner@cluebyfour.org> wrote:
Admittedly we (the 'network guys') don't always make it easy for them. RF= Cs get obsoleted by newer RFCs, but the newer RFCs might still reference ite= ms from the original RFC, etc. =A0This can turn into developing for somethin= g
Yes, this is problematic. The preferred result should be one specificati= on for each protocol, with references only for optional extensions.
Other common, but misguided assumptions (even in 2012): 1. You will be using IPv4. =A0We have no idea what this IPv6 nonsense is. Looks complicated and scary. 2. 255.255.255.0 is the only valid netmask. 3. You are using Internet Explorer, and our web management interface has ActiveX controls that require you to do so. 4. You will be assimilated. =A0Resistance is futile.
Add some additional misguided assumptions:
(5) Any IP address whose first octet is 192. or 1. is a private IP. (6) Any IP address whose first octet is not 192. is not a valid LAN IP= . (7) Any IP address whose last octet is .0 is an invalid IP host addres= s (8) Any IP address whose last octet is .255 is an invalid IP host addre= ss
(9) If my DNS service supports DNSSEC validation, even with no trust an= chors configured, it's cool to go ahead and send all queries with the CD and DO bits set to 1 and perform no validation; it's even cooler if I only support SHA1 keys and no RSA/SHA-256.
Setting DO to 1 is fine. CD however should be zero unless CD was one on the request.
(10) Everyone enters their NTP, and AD servers by IP address, so it is best to have a textbox that only allows IPs, not hostnames.
(11) Nobody actually uses SRV records, so don't bother looking for them.
(12) Once a DNS lookup has been performed, the IP never changes, so it makes sense to keep this in memory until we reboot.
(13) Nobody has more than 1 recursive DNS server, 1 NTP server, 1 LDAP server, 1 Syslog server, and 1 Snmp management station; so a single IP entry text box for each will suffice.
(14) Nobody has more than 2 recursive DNS servers, so just allow only 2 to be entered.
(15) 30 seconds per resolver seems like a good timeout for DNS queries, s= o no need for a configurable timeout; just try each server sequentially, make the UI hang, the user will be happy to wait 5 minutes; also make the service provided by the device temporarily stop -- users likes it when their devices stop working, to remind them to get their first DNS server back up.
(16) The default gateway's IP address is always 192.168.0.1 (17) The user portion of E-mail addresses never contain special characters like "-" "+" "$" "~" "." ",", "[", "]"
(18) DNS doesn't use TCP so I won't forward it. (19) I only need to offer 1 DNS server though I learnt 3 from upstream and they all have different characteristics. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
Jimmy Hess wrote:
(15) 30 seconds per resolver seems like a good timeout for DNS queries, so no need for a configurable timeout; just try each server sequentially, make the UI hang,
Of course you HAVE to use "busy waiting" in order to be able to quickly act upon the query timing out so you can swiftly move to the next dns server. That way the UI hangs for the least amount of time possible. (that was sarcasm) -- Earthquake Magnitude: 4.6 Date: Tuesday, March 6, 2012 09:50:22 UTC Location: near the east coast of Honshu, Japan Latitude: 37.7614; Longitude: 141.6382 Depth: 46.10 km
On Monday, March 05, 2012 09:36:41 PM Jimmy Hess wrote:
Other common, but misguided assumptions (even in 2012): 1. You will be using IPv4. We have no idea what this IPv6 nonsense is. Looks complicated and scary. 2. 255.255.255.0 is the only valid netmask. ... (16) The default gateway's IP address is always 192.168.0.1 (17) The user portion of E-mail addresses never contain special characters like "-" "+" "$" "~" "." ",", "[", "]"
Hilarious. Wish I'd seen this a few days ago, my whole week would have been brighter.... I'll add one from my 'I asked the programmer about a problem in the code, which the programmer proceeded to say wasn't a problem' list: (18) No, our control protocol doesn't have authentication, it's up to the network to keep undesired users out. (I won't say what this software is, but suffice to say the package in which it was a part cost over $250,000).
On Thu, Mar 8, 2012 at 5:24 PM, Lamar Owen <lowen@pari.edu> wrote:
(18) No, our control protocol doesn't have authentication, it's up to the network to keep undesired users out. (I won't say what this software is, but suffice to say the package in which it was a part cost over $250,000).
Ten years ago there was a database this was true of: Filemaker. It was designed to reside on a Windows network share but the files could be placed on a Linux server instead. If you chose option 2, you got a custom protocol presenting the database as an array of bytes consisting of the entire raw database file. Logging in meant that the Windows app read the the file header, jumped to the user/password section, read the users and passwords and compared with the one you supplied. The TCP-based protocol requested no authentication: it received only a byte offset and length in the raw file. A colleague and I were asked to install an ISP billing system (!!) built on top of this database. On objection, the ISP's owner insisted. I understood where he was coming from: he was a technical guy who built the then-existing system with scripting and an old DOS-based database which he alone could operate, requiring him to spend gobs of his time on the repetitive and thankless task of processing payments month after month after month after month. He damn well wanted a replacement and didn't much care what. Still... We ended up stuffing the billing app on to a Windows Terminal Server, rigging the server to run that app as the shell, and isolating the DB machine behind it. Office users connected to the virtual server rather than running the app locally. The web portal for the billing app was fun too: it had the standard stupidity where you change the sequential customer userid number in the URL and got the next user's data without having to authenticate as that user. We solved that one with a front end which handled auth and re-wrote the customer request to the heavily firewalled web portal. As I recall, we named the DB machine "HeartOfGold" because (A) it contained all the customers' financial data and (B) there was something improbable and more than a little crazy about how it came to house the billing system. Regards, Bill Herrin -- William D. Herrin ................ herrin@dirtside.com bill@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004
On Monday, March 05, 2012 09:36:41 PM Jimmy Hess wrote: ...
(16) The default gateway's IP address is always 192.168.0.1 (17) The user portion of E-mail addresses never contain special characters like "-" "+" "$" "~" "." ",", "[", "]" I've just had my ' xx AT cagnazzo.name' email address rejected by a web
Hey! On 3/8/12 8:24 PM, Lamar Owen wrote: form saying that 'it is not a valid email address'. So I guess point (17) can be extended to say that 'no email address shall end in anything different that .com, .net or the local ccTLD' :=) Carlos
On 12 March 2012 09:59, Carlos Martinez-Cagnazzo <carlosm3011@gmail.com> wrote:
Hey!
On Monday, March 05, 2012 09:36:41 PM Jimmy Hess wrote: ...
(16) The default gateway's IP address is always 192.168.0.1 (17) The user portion of E-mail addresses never contain special characters like "-" "+" "$" "~" "." ",", "[", "]" I've just had my ' xx AT cagnazzo.name' email address rejected by a web
On 3/8/12 8:24 PM, Lamar Owen wrote: form saying that 'it is not a valid email address'. So I guess point (17) can be extended to say that 'no email address shall end in anything different that .com, .net or the local ccTLD'
:=)
Carlos
Yea, I don't even know how programmers can get that wrong. The regex is not even hard or anything. (?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*|"(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])*")@(?:(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?|\[(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?|[a-z0-9-]*[a-z0-9]:(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])+)\]) -- -- ℱin del ℳensaje.
2012/3/12 Tei <oscar.vives@gmail.com>
On 12 March 2012 09:59, Carlos Martinez-Cagnazzo <carlosm3011@gmail.com> wrote:
Hey!
On Monday, March 05, 2012 09:36:41 PM Jimmy Hess wrote: ...
(16) The default gateway's IP address is always 192.168.0.1 (17) The user portion of E-mail addresses never contain special characters like "-" "+" "$" "~" "." ",", "[", "]" I've just had my ' xx AT cagnazzo.name' email address rejected by a web
On 3/8/12 8:24 PM, Lamar Owen wrote: form saying that 'it is not a valid email address'. So I guess point (17) can be extended to say that 'no email address shall end in anything different that .com, .net or the local ccTLD'
:=)
Carlos
Yea, I don't even know how programmers can get that wrong. The regex is not even hard or anything.
(?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*|"(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])*")@(?:(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?|\[(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?|[a-z0-9-]*[a-z0-9]:(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])+)\])
I bet it's even harder without the use of a search engine.
On Mar 12, 2012, at 2:12 PM, Keegan Holley wrote:
2012/3/12 Tei <oscar.vives@gmail.com>
On 12 March 2012 09:59, Carlos Martinez-Cagnazzo <carlosm3011@gmail.com> wrote:
Hey!
On Monday, March 05, 2012 09:36:41 PM Jimmy Hess wrote: ...
(16) The default gateway's IP address is always 192.168.0.1 (17) The user portion of E-mail addresses never contain special characters like "-" "+" "$" "~" "." ",", "[", "]" I've just had my ' xx AT cagnazzo.name' email address rejected by a web
On 3/8/12 8:24 PM, Lamar Owen wrote: form saying that 'it is not a valid email address'. So I guess point (17) can be extended to say that 'no email address shall end in anything different that .com, .net or the local ccTLD'
:=)
Carlos
Yea, I don't even know how programmers can get that wrong. The regex is not even hard or anything.
(?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*|"(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])*")@(?:(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?|\[(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?|[a-z0-9-]*[a-z0-9]:(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])+)\])
I bet it's even harder without the use of a search engine.
Whenever I've built code to check someone's email address on a form, I always just looked for the following: 1. matches ^[^@]+@[A-Za-z0-0\-\.]+[A-Za-z]$ 2. The component to the right of the @ sign returns at least one A, AAAA, or MX record. If it passed those two checks, I figured that was about as good as I could do without resorting to one of the following: 1. An incomprehensible and unmaintainable regex as the one above 2. Actually attempting delivery to said address Owen
On 03/12/2012 02:32 PM, Owen DeLong wrote:
Whenever I've built code to check someone's email address on a form, I always just looked for the following: 1. matches ^[^@]+@[A-Za-z0-0\-\.]+[A-Za-z]$ 2. The component to the right of the @ sign returns at least one A, AAAA, or MX record. If it passed those two checks, I figured that was about as good as I could do without resorting to one of the following: 1. An incomprehensible and unmaintainable regex as the one above 2. Actually attempting delivery to said address Owen
"'I know, I'll use a regular expression!' now you have two problems." Mike
On Mon, Mar 12, 2012 at 5:32 PM, Owen DeLong <owen@delong.com> wrote:
Whenever I've built code to check someone's email address on a form, I always just looked for the following:
1. matches ^[^@]+@[A-Za-z0-0\-\.]+[A-Za-z]$ 2. The component to the right of the @ sign returns at least one A, AAAA, or MX record.
Hi Owen, If I'm not mistaken, "B@M4N"@delong.com is a legitimately formatted email address which fails part one of your test. Something along the lines of @delong.com;bob@some.private.network is also supposed to be legit though it's been so long since I looked at it that I may have munged the format. No, I don't allow these in systems I've designed either. Just sayin'. Regards, Bill Herrin -- William D. Herrin ................ herrin@dirtside.com bill@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004
I don't believe that is true. From RFC-821, it is true that: @ONE, @TWO:JOE@THREE Is supposed to be valid as a forward path, but, not an address. However, I believe its use is effectively, if not actually deprecated at this point. It doesn't really describe address, per se, but, it does define mailbox as follows: mailbox A character string (address) which identifies a user to whom mail is to be sent. Mailbox normally consists of the host and user specifications. The standard mailbox naming convention is defined to be "user@domain". Additionally, the "container" in which mail is stored. Looking at more recent RFC 5321, One important change is this: Only resolvable, fully-qualified domain names (FQDNs) are permitted when domain names are used in SMTP. In other words, names that can be resolved to MX RRs or address (i.e., A or AAAA) RRs (as discussed in Section 5) are permitted, as are CNAME RRs whose targets can be resolved, in turn, to MX or address RRs. Local nicknames or unqualified names MUST NOT be used. There are two exceptions to the rule requiring FQDNs: o The domain name given in the EHLO command MUST be either a primary host name (a domain name that resolves to an address RR) or, if the host has no name, an address literal, as described in Section 4.1.3 and discussed further in the EHLO discussion of Section 4.1.4. Regarding addresses, it says this: 2.3.11. Mailbox and Address As used in this specification, an "address" is a character string that identifies a user to whom mail will be sent or a location into which mail will be deposited. The term "mailbox" refers to that depository. The two terms are typically used interchangeably unless the distinction between the location in which mail is placed (the mailbox) and a reference to it (the address) is important. An address normally consists of user and domain specifications. The standard mailbox naming convention is defined to be "local-part@domain"; contemporary usage permits a much broader set of applications than simple "user names". Consequently, and due to a long history of problems when intermediate hosts have attempted to Klensin Standards Track [Page 15] RFC 5321 SMTP October 2008 optimize transport by modifying them, the local-part MUST be interpreted and assigned semantics only by the host specified in the domain part of the address. Yes, there are user parts that are technically valid which my regex would reject. There are also some invalid addresses which I don't reject (for example, I won't reject Abc.@example.com). If you want to get truly pathologically pedantic about it: http://en.wikipedia.org/wiki/Email_address#Valid_email_addresses You may have noticed my particular test wouldn't accept foo!bar!ucbvax!user format addresses, either. It works well enough for my purposes. I did not claim it was perfect. Owen On Mar 12, 2012, at 3:01 PM, William Herrin wrote:
On Mon, Mar 12, 2012 at 5:32 PM, Owen DeLong <owen@delong.com> wrote:
Whenever I've built code to check someone's email address on a form, I always just looked for the following:
1. matches ^[^@]+@[A-Za-z0-0\-\.]+[A-Za-z]$ 2. The component to the right of the @ sign returns at least one A, AAAA, or MX record.
Hi Owen,
If I'm not mistaken, "B@M4N"@delong.com is a legitimately formatted email address which fails part one of your test. Something along the lines of @delong.com;bob@some.private.network is also supposed to be legit though it's been so long since I looked at it that I may have munged the format.
No, I don't allow these in systems I've designed either. Just sayin'.
Regards, Bill Herrin
-- William D. Herrin ................ herrin@dirtside.com bill@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004
Owen DeLong wrote:
http://en.wikipedia.org/wiki/Email_address#Valid_email_addresses
You may have noticed my particular test wouldn't accept foo!bar!ucbvax!user format addresses, either.
It works well enough for my purposes. I did not claim it was perfect.
Why not leave it to the MTA to decide what is a valid address? It only requires a few SMTP commands to the MTA to know if it will accept it. Normally the MTA will tell you after the "rcpt to:" command if it will accept it (i'm ignoring some badly behaving MTAs who will swallow anything and then bounce, no point trying to work around such crap). No need to re-invent the wheel, unless you're actually creating an MTA or something similar. Who is to say that even IF your address verifier verifies it as valid that the MTA is configured to allow it (or the other way around)? MTAs can be arbitrarily configured to (dis)allow "bang path" addresses, IP addresses etc. Regards, Jeroen -- Earthquake Magnitude: 5.0 Date: Monday, March 12, 2012 17:55:10 UTC Location: Kepulauan Talaud, Indonesia Latitude: 3.0222; Longitude: 127.0054 Depth: 35.00 km
Sometimes you don't want to have your application exposed to an unconstrained wait outside of your control. Sometimes your application may not have access/permissions/etc. to open sockets. (This is actually a common security precaution in some CGI environments). Owen On Mar 12, 2012, at 4:22 PM, Jeroen van Aart wrote:
Owen DeLong wrote:
http://en.wikipedia.org/wiki/Email_address#Valid_email_addresses You may have noticed my particular test wouldn't accept foo!bar!ucbvax!user format addresses, either. It works well enough for my purposes. I did not claim it was perfect.
Why not leave it to the MTA to decide what is a valid address? It only requires a few SMTP commands to the MTA to know if it will accept it. Normally the MTA will tell you after the "rcpt to:" command if it will accept it (i'm ignoring some badly behaving MTAs who will swallow anything and then bounce, no point trying to work around such crap).
No need to re-invent the wheel, unless you're actually creating an MTA or something similar.
Who is to say that even IF your address verifier verifies it as valid that the MTA is configured to allow it (or the other way around)? MTAs can be arbitrarily configured to (dis)allow "bang path" addresses, IP addresses etc.
Regards, Jeroen
-- Earthquake Magnitude: 5.0 Date: Monday, March 12, 2012 17:55:10 UTC Location: Kepulauan Talaud, Indonesia Latitude: 3.0222; Longitude: 127.0054 Depth: 35.00 km
Owen DeLong wrote:
http://en.wikipedia.org/wiki/Email_address#Valid_email_addresses
You may have noticed my particular test wouldn't accept foo!bar!ucbvax!user format addresses, either.
It works well enough for my purposes. I did not claim it was perfect.
Why not leave it to the MTA to decide what is a valid address? It only requires a few SMTP commands to the MTA to know if it will accept it. Normally the MTA will tell you after the "rcpt to:" command if it will accept it (i'm ignoring some badly behaving MTAs who will swallow anything and then bounce, no point trying to work around such crap).
No need to re-invent the wheel, unless you're actually creating an MTA or something similar.
Who is to say that even IF your address verifier verifies it as valid that the MTA is configured to allow it (or the other way around)? MTAs can be arbitrarily configured to (dis)allow "bang path" addresses, IP addresses etc.
The ideal world contains a mix of techniques. You cannot just blindly leave it to the MTA to decide what's valid. Along that path lies madness. How do you pass the address to the MTA? Don't do it as a system() call unless you want someone to own your box with a semicolon. Do you allow \n? \r? Do you allow \\? There is a certain amount of paranoia that is prudent, and a certain amount that is actually necessary... though it's true that implementations often don't bother to work that out correctly... ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.
In message <201203130131.q2D1VLXa087735@aurora.sol.net>, Joe Greco writes:
Owen DeLong wrote:
http://en.wikipedia.org/wiki/Email_address#Valid_email_addresses
You may have noticed my particular test wouldn't accept foo!bar!ucbvax!us er format addresses, either.
It works well enough for my purposes. I did not claim it was perfect.
Why not leave it to the MTA to decide what is a valid address? It only requires a few SMTP commands to the MTA to know if it will accept it. Normally the MTA will tell you after the "rcpt to:" command if it will accept it (i'm ignoring some badly behaving MTAs who will swallow anything and then bounce, no point trying to work around such crap).
No need to re-invent the wheel, unless you're actually creating an MTA or something similar.
Who is to say that even IF your address verifier verifies it as valid that the MTA is configured to allow it (or the other way around)? MTAs can be arbitrarily configured to (dis)allow "bang path" addresses, IP addresses etc.
The ideal world contains a mix of techniques.
You cannot just blindly leave it to the MTA to decide what's valid. Along that path lies madness. How do you pass the address to the MTA? Don't do it as a system() call unless you want someone to own your box with a semicolon.
Only if you don't properly quote/escape the arguments you are passing.
Do you allow \n? \r? Do you allow \\? There is a certain amount of paranoia that is prudent, and a certain amount that is actually necessary... though it's true that implementations often don't bother to work that out correctly...
... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CN N) With 24 million small businesses in the US alone, that's way too many apples.
-- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
The ideal world contains a mix of techniques.
You cannot just blindly leave it to the MTA to decide what's valid. Along that path lies madness. How do you pass the address to the MTA? Don't do it as a system() call unless you want someone to own your box with a semicolon.
Only if you don't properly quote/escape the arguments you are passing.
That's a great theory that's been a disaster in practice, as "properly" is difficult and mistakes often turn into exploits. That's not to say that you're not right, obviously you are, but that is kind of more of a sign of the scope of the problem than anything else. In an ideal world, it wouldn't be an issue. In reality, the set of allowed characters for e-mail addresses should probably have been a bit more controlled... ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.
On Tue, Mar 13, 2012 at 8:41 AM, Joe Greco <jgreco@ns.sol.net> wrote:
box with a semicolon. Only if you don't properly quote/escape the arguments you are passing.
You're going to run into a big mess when trying to combine the rules for escaping e-mail addresses that contain special characters with the shell-specifc rules for escaping when invoking system. When invoking system() you may need different logic for safe execution when the user's shell is /bin/bash than when it's /bin/zsh.
That's a great theory that's been a disaster in practice, as "properly" is difficult and mistakes often turn into exploits.
The disaster in practice is invoking system() with user provided data into a shell that interprets special characters. The semantics of system() are not your end user's problem. It's a similar disaster to attempting to embed a SQL query into an application, but failing to utilize named parameters for untrusted user inputs -- again, the SQL language is not your end user's problem, Just because ";" "--", "/*" or "DROP" may have special meaning to SQL, does not mean strings that contain these patterns won't be part of a legitimate e-mail address. If you must execute a program to validate an e-mail address from its parameters, make sure to range check the length, fork, and exec(), preferably after chroot()'ing to an unwritable path and setuid'ing to an unprivileged GID, UID, and EUID, after fwapping yourself for not passing a file descriptor to the child process in order to exchange the e-mail address data, and as a result of this -- you made potentially private data available to anyone who happens to enter the right 'ps' command and see command line arguments at the moment an address is being validated. -- -JH
Joe Greco wrote:
The ideal world contains a mix of techniques.
Yes and copying parts of relevant code of an MTA could be one.
You cannot just blindly leave it to the MTA to decide what's valid. Along that path lies madness. How do you pass the address to the MTA? Don't do it as a system() call unless you want someone to own your box with a semicolon.
Well, the whole world can pass whatever it wants to an MTA, it's supposed to be listening on internet facing port 25 all the time, that's it's mean reason of existence. An MTA is particularly well suited to take any kind of abuse, because that's exactly what it's expecting. Unless in cases such as Owen mentioned I'd say it's a pretty good solution. The madness to me lies in making your own email validating code... Greetings, Jeroen -- Earthquake Magnitude: 4.5 Date: Tuesday, March 13, 2012 04:15:05 UTC Location: Dominican Republic region Latitude: 19.3644; Longitude: -68.0645 Depth: 19.20 km
Joe Greco wrote:
The ideal world contains a mix of techniques.
Yes and copying parts of relevant code of an MTA could be one.
May actually be one of the few sane ones.
You cannot just blindly leave it to the MTA to decide what's valid. Along that path lies madness. How do you pass the address to the MTA? Don't do it as a system() call unless you want someone to own your box with a semicolon.
Well, the whole world can pass whatever it wants to an MTA, it's supposed to be listening on internet facing port 25 all the time, that's it's mean reason of existence. An MTA is particularly well suited to take any kind of abuse, because that's exactly what it's expecting.
Unless in cases such as Owen mentioned I'd say it's a pretty good solution. The madness to me lies in making your own email validating code...
This is probably one of those things where the spec was good when it was written for reasons that were good at the time, but now many years later in a generally completely FQDN-ified world, there's little valid reason to need to be able to support some of the odd possible syntaxes that we used twenty or thirty years ago. The problem is, current programmers look at the evil spec, say "fooey with that," and then code up something that is too unreasonably restrictive in the opposite direction. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.
On 2012-03-13 16:33, Joe Greco wrote:
Joe Greco wrote:
The ideal world contains a mix of techniques.
Yes and copying parts of relevant code of an MTA could be one.
May actually be one of the few sane ones.
You cannot just blindly leave it to the MTA to decide what's valid. Along that path lies madness. How do you pass the address to the MTA? Don't do it as a system() call unless you want someone to own your box with a semicolon.
Well, the whole world can pass whatever it wants to an MTA, it's supposed to be listening on internet facing port 25 all the time, that's it's mean reason of existence. An MTA is particularly well suited to take any kind of abuse, because that's exactly what it's expecting.
imo, this discussion of outbound SMTP has been sounding akin to me saying I should let my upstream ensure that all of my BGP announcements are good, instead of filtering my own outbound.
Unless in cases such as Owen mentioned I'd say it's a pretty good solution. The madness to me lies in making your own email validating code...
This is probably one of those things where the spec was good when it was written for reasons that were good at the time, but now many years later in a generally completely FQDN-ified world, there's little valid reason to need to be able to support some of the odd possible syntaxes that we used twenty or thirty years ago.
The problem is, current programmers look at the evil spec, say "fooey with that," and then code up something that is too unreasonably restrictive in the opposite direction.
There are ready-made solutions that abstract away the need for the programmer to write their own regex or compliance checks to meet the specs. In Perl for example, there is Email::Valid. One line of code and you know whether the address is to RFC or not. Less bugs and changes, I feel it is better to give the remote host known-good data then have to have them tell me it is bad. Steve disclaimer: I've wrote patches for said module over the years, and I named it only for example purposes.
Steve Bertrand wrote:
imo, this discussion of outbound SMTP has been sounding akin to me saying I should let my upstream ensure that all of my BGP announcements are good, instead of filtering my own outbound.
know whether the address is to RFC or not. Less bugs and changes, I feel it is better to give the remote host known-good data then have to have them tell me it is bad.
I don't think it's comparable. Because you would not use a remote MTA to validate your email address. You would use the MTA that listens on localhost on the server your code is running. It's really trivial to install an MTA that only listens on localhost and submits email to a smarthost. I mean, if you have code on a webserver that gets form data and sends out emails you best run an MTA locally to which you submit the email and be done with it. The local MTA will take care of queuing and all that for you and submits your email to a smarthost, und so weiter.
In Perl for example, there is Email::Valid. One line of code and you
Of course use something like that if it's available to you. Regards, Jeroen -- Earthquake Magnitude: 4.9 Date: Friday, March 16, 2012 11:36:40 UTC Location: Pacific-Antarctic Ridge Latitude: -55.2298; Longitude: -128.8988 Depth: 10.20 km
On Mar 12, 2012, at 5:32 PM, Owen DeLong <owen@delong.com> wrote:
On Mar 12, 2012, at 2:12 PM, Keegan Holley wrote:
2012/3/12 Tei <oscar.vives@gmail.com>
On 12 March 2012 09:59, Carlos Martinez-Cagnazzo <carlosm3011@gmail.com> wrote:
Hey!
On Monday, March 05, 2012 09:36:41 PM Jimmy Hess wrote: ...
(16) The default gateway's IP address is always 192.168.0.1 (17) The user portion of E-mail addresses never contain special characters like "-" "+" "$" "~" "." ",", "[", "]" I've just had my ' xx AT cagnazzo.name' email address rejected by a web
On 3/8/12 8:24 PM, Lamar Owen wrote: form saying that 'it is not a valid email address'. So I guess point (17) can be extended to say that 'no email address shall end in anything different that .com, .net or the local ccTLD'
:=)
Carlos
Yea, I don't even know how programmers can get that wrong. The regex is not even hard or anything.
(?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*|"(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])*")@(?:(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?|\[(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?|[a-z0-9-]*[a-z0-9]:(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])+)\])
I bet it's even harder without the use of a search engine.
Whenever I've built code to check someone's email address on a form, I always just looked for the following:
1. matches ^[^@]+@[A-Za-z0-0\-\.]+[A-Za-z]$ 2. The component to the right of the @ sign returns at least one A, AAAA, or MX record.
If it passed those two checks, I figured that was about as good as I could do without resorting to one of the following: 1. An incomprehensible and unmaintainable regex as the one above 2. Actually attempting delivery to said address
Owen
I've done some scripting with the similar goals and to be completely honest I've skews at least consulted google. It's much easier to read and test a regular expression like the one above than to write one from scratch. Sometimes it takes an incomprehensible regex to be thorough. Sometimes close enough really is close enough though. It depends on the problem you are trying to solve.
On 03/12/2012 09:46 AM, Tei wrote:
On 12 March 2012 09:59, Carlos Martinez-Cagnazzo<carlosm3011@gmail.com> wrote:
Hey!
On Monday, March 05, 2012 09:36:41 PM Jimmy Hess wrote: ...
(16) The default gateway's IP address is always 192.168.0.1 (17) The user portion of E-mail addresses never contain special characters like "-" "+" "$" "~" "." ",", "[", "]"
I've just had my ' xx AT cagnazzo.name' email address rejected by a web
On 3/8/12 8:24 PM, Lamar Owen wrote: form saying that 'it is not a valid email address'. So I guess point (17) can be extended to say that 'no email address shall end in anything different that .com, .net or the local ccTLD'
:=)
Carlos
Yea, I don't even know how programmers can get that wrong. The regex is not even hard or anything.
(?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*|"(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])*")@(?:(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?|\[(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?|[a-z0-9-]*[a-z0-9]:(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])+)\])
It's supposedly a lot harder than that. Try this for strict RFC822 compliance (from http://www.ex-parrot.com/pdw/Mail-RFC822-Address.html): (?:(?:\r\n)?[ \t])*(?:(?:(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t] )+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?: \r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:( ?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*))*@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\0 31]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\ ](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+ (?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?: (?:\r\n)?[ \t])*))*|(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z |(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n) ?[ \t])*)*\<(?:(?:\r\n)?[ \t])*(?:@(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\ r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n) ?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t] )*))*(?:,@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])* )(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t] )+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*) *:(?:(?:\r\n)?[ \t])*)?(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+ |\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r \n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?: \r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t ]))*"(?:(?:\r\n)?[ \t])*))*@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031 ]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\]( ?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(? :(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(? :\r\n)?[ \t])*))*\>(?:(?:\r\n)?[ \t])*)|(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(? :(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)? [ \t]))*"(?:(?:\r\n)?[ \t])*)*:(?:(?:\r\n)?[ \t])*(?:(?:(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]| \\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<> @,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|" (?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*))*@(?:(?:\r\n)?[ \t] )*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\ ".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(? :[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[ \]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*|(?:[^()<>@,;:\\".\[\] \000- \031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|( ?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)*\<(?:(?:\r\n)?[ \t])*(?:@(?:[^()<>@,; :\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([ ^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\" .\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\ ]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*(?:,@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\ [\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\ r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\] |\\.)*\](?:(?:\r\n)?[ \t])*))*)*:(?:(?:\r\n)?[ \t])*)?(?:[^()<>@,;:\\".\[\] \0 00-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\ .|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@, ;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(? :[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*))*@(?:(?:\r\n)?[ \t])* (?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\". \[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[ ^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\] ]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*\>(?:(?:\r\n)?[ \t])*)(?:,\s*( ?:(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\ ".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)(?:\.(?:( ?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[ \["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t ])*))*@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t ])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(? :\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+| \Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*|(?: [^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\ ]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)*\<(?:(?:\r\n) ?[ \t])*(?:@(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\[" ()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n) ?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<> @,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*(?:,@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@, ;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t] )*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\ ".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*)*:(?:(?:\r\n)?[ \t])*)? (?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\". \[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)(?:\.(?:(?: \r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\[ "()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t]) *))*@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t]) +|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\ .(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z |(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*\>(?:( ?:\r\n)?[ \t])*))*)?;\s*) Paul
I think this proves one thing... Given enough monkeys with typewriters, you will, in fact, not get Shakespeare, but, instead, regular expressions for Shakespeare's email address. Owen On Mar 12, 2012, at 3:09 PM, Paul Graydon wrote:
On 03/12/2012 09:46 AM, Tei wrote:
On 12 March 2012 09:59, Carlos Martinez-Cagnazzo<carlosm3011@gmail.com> wrote:
Hey!
On Monday, March 05, 2012 09:36:41 PM Jimmy Hess wrote: ...
(16) The default gateway's IP address is always 192.168.0.1 (17) The user portion of E-mail addresses never contain special characters like "-" "+" "$" "~" "." ",", "[", "]" I've just had my ' xx AT cagnazzo.name' email address rejected by a web
On 3/8/12 8:24 PM, Lamar Owen wrote: form saying that 'it is not a valid email address'. So I guess point (17) can be extended to say that 'no email address shall end in anything different that .com, .net or the local ccTLD'
:=)
Carlos
Yea, I don't even know how programmers can get that wrong. The regex is not even hard or anything.
(?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*|"(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])*")@(?:(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?|\[(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?|[a-z0-9-]*[a-z0-9]:(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])+)\])
It's supposedly a lot harder than that. Try this for strict RFC822 compliance (from http://www.ex-parrot.com/pdw/Mail-RFC822-Address.html):
(?:(?:\r\n)?[ \t])*(?:(?:(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t] )+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?: \r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:( ?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*))*@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\0 31]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\ ](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+ (?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?: (?:\r\n)?[ \t])*))*|(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z |(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n) ?[ \t])*)*\<(?:(?:\r\n)?[ \t])*(?:@(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\ r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n) ?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t] )*))*(?:,@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])* )(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t] )+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*) *:(?:(?:\r\n)?[ \t])*)?(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+ |\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r \n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?: \r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t ]))*"(?:(?:\r\n)?[ \t])*))*@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031 ]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\]( ?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(? :(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(? :\r\n)?[ \t])*))*\>(?:(?:\r\n)?[ \t])*)|(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(? :(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)? [ \t]))*"(?:(?:\r\n)?[ \t])*)*:(?:(?:\r\n)?[ \t])*(?:(?:(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]| \\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<> @,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|" (?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*))*@(?:(?:\r\n)?[ \t] )*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\ ".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(? :[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[ \]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*|(?:[^()<>@,;:\\".\[\] \000- \031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|( ?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)*\<(?:(?:\r\n)?[ \t])*(?:@(?:[^()<>@,; :\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([ ^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\" .\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\ ]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*(?:,@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\ [\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\ r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\] |\\.)*\](?:(?:\r\n)?[ \t])*))*)*:(?:(?:\r\n)?[ \t])*)?(?:[^()<>@,;:\\".\[\] \0 00-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\ .|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@, ;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(? :[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*))*@(?:(?:\r\n)?[ \t])* (?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\". \[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[ ^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\] ]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*\>(?:(?:\r\n)?[ \t])*)(?:,\s*( ?:(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\ ".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)(?:\.(?:( ?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[ \["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t ])*))*@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t ])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(? :\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+| \Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*|(?: [^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\ ]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)*\<(?:(?:\r\n) ?[ \t])*(?:@(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\[" ()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n) ?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<> @,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*(?:,@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@, ;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t] )*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\ ".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*)*:(?:(?:\r\n)?[ \t])*)? (?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\". \[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)(?:\.(?:(?: \r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\[ "()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t]) *))*@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t]) +|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\ .(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z |(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*\>(?:( ?:\r\n)?[ \t])*))*)?;\s*)
Paul
I may add that when I reached the point of having my 'AT cagnazzo.name' address rejected by the form, I was already pretty angry because the form had a sign, all written in UPPER CASE LETTERS, saying that the form did not support other browsers than Internet Explorer. :=) C. On 3/12/12 7:43 PM, Owen DeLong wrote:
I think this proves one thing...
Given enough monkeys with typewriters, you will, in fact, not get Shakespeare, but, instead, regular expressions for Shakespeare's email address.
Owen
On Mar 12, 2012, at 3:09 PM, Paul Graydon wrote:
On 03/12/2012 09:46 AM, Tei wrote:
On 12 March 2012 09:59, Carlos Martinez-Cagnazzo<carlosm3011@gmail.com> wrote:
Hey!
On Monday, March 05, 2012 09:36:41 PM Jimmy Hess wrote: ...
(16) The default gateway's IP address is always 192.168.0.1 (17) The user portion of E-mail addresses never contain special characters like "-" "+" "$" "~" "." ",", "[", "]" I've just had my ' xx AT cagnazzo.name' email address rejected by a web
On 3/8/12 8:24 PM, Lamar Owen wrote: form saying that 'it is not a valid email address'. So I guess point (17) can be extended to say that 'no email address shall end in anything different that .com, .net or the local ccTLD'
:=)
Carlos Yea, I don't even know how programmers can get that wrong. The regex is not even hard or anything.
(?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*|"(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])*")@(?:(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?|\[(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?|[a-z0-9-]*[a-z0-9]:(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])+)\])
It's supposedly a lot harder than that. Try this for strict RFC822 compliance (from http://www.ex-parrot.com/pdw/Mail-RFC822-Address.html):
(?:(?:\r\n)?[ \t])*(?:(?:(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t] )+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?: \r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:( ?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*))*@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\0 31]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\ ](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+ (?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?: (?:\r\n)?[ \t])*))*|(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z |(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n) ?[ \t])*)*\<(?:(?:\r\n)?[ \t])*(?:@(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\ r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n) ?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t] )*))*(?:,@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])* )(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t] )+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*) *:(?:(?:\r\n)?[ \t])*)?(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+ |\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r \n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?: \r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t ]))*"(?:(?:\r\n)?[ \t])*))*@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031 ]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\]( ?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(? :(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(? :\r\n)?[ \t])*))*\>(?:(?:\r\n)?[ \t])*)|(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(? :(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)? [ \t]))*"(?:(?:\r\n)?[ \t])*)*:(?:(?:\r\n)?[ \t])*(?:(?:(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]| \\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<> @,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|" (?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*))*@(?:(?:\r\n)?[ \t] )*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\ ".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(? :[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[ \]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*|(?:[^()<>@,;:\\".\[\] \000- \031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|( ?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)*\<(?:(?:\r\n)?[ \t])*(?:@(?:[^()<>@,; :\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([ ^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\" .\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\ ]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*(?:,@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\ [\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\ r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\] |\\.)*\](?:(?:\r\n)?[ \t])*))*)*:(?:(?:\r\n)?[ \t])*)?(?:[^()<>@,;:\\".\[\] \0 00-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\ .|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[^()<>@, ;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|"(? :[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*))*@(?:(?:\r\n)?[ \t])* (?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\". \[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t])*(?:[ ^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\] ]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*\>(?:(?:\r\n)?[ \t])*)(?:,\s*( ?:(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\ ".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)(?:\.(?:( ?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[ \["()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t ])*))*@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t ])+|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(? :\.(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+| \Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*|(?: [^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\".\[\ ]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)*\<(?:(?:\r\n) ?[ \t])*(?:@(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\[" ()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n) ?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<> @,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*(?:,@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@, ;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\.(?:(?:\r\n)?[ \t] )*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\ ".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*)*:(?:(?:\r\n)?[ \t])*)? (?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\["()<>@,;:\\". \[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t])*)(?:\.(?:(?: \r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z|(?=[\[ "()<>@,;:\\".\[\]]))|"(?:[^\"\r\\]|\\.|(?:(?:\r\n)?[ \t]))*"(?:(?:\r\n)?[ \t]) *))*@(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t]) +|\Z|(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*)(?:\ .(?:(?:\r\n)?[ \t])*(?:[^()<>@,;:\\".\[\] \000-\031]+(?:(?:(?:\r\n)?[ \t])+|\Z |(?=[\["()<>@,;:\\".\[\]]))|\[([^\[\]\r\\]|\\.)*\](?:(?:\r\n)?[ \t])*))*\>(?:( ?:\r\n)?[ \t])*))*)?;\s*)
Paul
Hi : If there is anyone out there that has experience with migrating Email from one ISP to another at the retail level using products such as the "True Switch" product from ESAYA, and would be willing to share some thoughts/experiences, could you please contact me off list ? Thanks mike
I've successfully used YippieMove in the past migrating from Google Apps to Exchange. http://www.yippiemove.com/ -Mike On Tue, Mar 13, 2012 at 8:36 AM, Mike Rae <Mike.Rae@sjrb.ca> wrote:
Hi :
If there is anyone out there that has experience with migrating Email from one ISP to another at the retail level using products such as the "True Switch" product from ESAYA, and would be willing to share some thoughts/experiences, could you please contact me off list ?
Thanks mike
-- Mike Lyon 408-621-4826 mike.lyon@gmail.com http://www.linkedin.com/in/mlyon
Hello Mike You can look for my friends form shuttlecloud.com They are much into hard core data migration. On Tue, Mar 13, 2012 at 9:06 PM, Mike Rae <Mike.Rae@sjrb.ca> wrote:
Hi :
If there is anyone out there that has experience with migrating Email from one ISP to another at the retail level using products such as the "True Switch" product from ESAYA, and would be willing to share some thoughts/experiences, could you please contact me off list ?
Thanks mike
-- Anurag Bhatia anuragbhatia.com or simply - http://[2001:470:26:78f::5] if you are on IPv6 connected network! Twitter: @anurag_bhatia <https://twitter.com/#!/anurag_bhatia> Linkedin: http://linkedin.anuragbhatia.com
Hi all, I suggest to check out www.audriga.com which runs www.email-umzug.de and www.groupware-migration.com. They are from Germany and adhere the EU data privacy regulations. I have to disclose that I am one of the founders of www.audriga.com. :-) So, if you have any questions about www.audriga.com please feel free to contact me. Best regards, Thomas 2012/3/13 Anurag Bhatia <me@anuragbhatia.com>:
Hello Mike
You can look for my friends form shuttlecloud.com
They are much into hard core data migration.
On Tue, Mar 13, 2012 at 9:06 PM, Mike Rae <Mike.Rae@sjrb.ca> wrote:
Hi :
If there is anyone out there that has experience with migrating Email from one ISP to another at the retail level using products such as the "True Switch" product from ESAYA, and would be willing to share some thoughts/experiences, could you please contact me off list ?
Thanks mike
--
Anurag Bhatia anuragbhatia.com or simply - http://[2001:470:26:78f::5] if you are on IPv6 connected network!
Twitter: @anurag_bhatia <https://twitter.com/#!/anurag_bhatia> Linkedin: http://linkedin.anuragbhatia.com
<rant> I would wholeheartedly agree with this, but I believe its worse than just that. I used to categorize myself as a full developer, now I'm slightly ashamed to be tainted with that brush since there's so many people using the term who don't know the first thing about programming. It used to be that when you were taught programming, you were taught concepts (when to use a for loop, while loop, Boolean algebra), then you built on the foundations by learning advanced concepts (data structures, how to program concurrently using semaphores etc etc), you would then pick some optional classes to make up for some non programming specific knowledge (networking, linux admin, etc etc). I now have a lot of friends who work in academia and they are worried by a decline (as am I when trying to hire new talent). Currently the teaching process is one of learning to program like a monkey, monkey see monkey do. People are no longer taught to think for themselves, but instead taught to program in a specific language (PHP, Java, rarely C or C++ any more, C#, or VB) and that is all they know. I don't believe this is a failing with the lecturers but with the fundamental change in attitudes to programming. One of the tests I give all interviewees is write a very short program in a language they have never ever used before ( personally I recommend http://en.wikipedia.org/wiki/Brainfuck ) since this gives people a chance to show they can program rather than being able to tell me "I know PHP" or "I know C", suprisingly very few newer programmers can make it through, or even try it, because the concept of thinking for themselves is so last year. </rant> On 27 February 2012 20:02:13, Brandt, Ralph wrote:
Generalists are hard to come by these days. They are people who learn less and less about more and more till they know nothing about everything. People today are specializing in the left and right halves of the bytes.... They learn more and more about less and less till they know everything about nothing. And BTW, they are worthless unless you have five of them working on a problem because none of them know enough to fix it. Worse, you can replace the word five with fifty and it may be still true.
I know of three of these, all gainfully employed at this time and could each find at least a couple jobs if they wanted. I am one, my son is two and a guy we worked with is the third.
At one time (40 years ago) the mantra in IS was train for expertise, now it is hire for it. Somewhere there has to be a happy medium. I suggest this, find a good coder, not a mediocre who writes shit code but a good one who can think and learn and when you talk about branching out with his skill set he or she lights up. His first thing on site is take the A+ networking course.
No, I do not sell the courses. But I have seen this kind of approach work when nothing else was.
Ralph Brandt Communications Engineer HP Enterprise Services Telephone +1 717.506.0802 FAX +1 717.506.4358 Email Ralph.Brandt@pateam.com 5095 Ritter Rd Mechanicsburg PA 17055
-----Original Message----- From: A. Pishdadi [mailto:apishdadi@gmail.com] Sent: Sunday, February 26, 2012 8:27 PM To: NANOG Subject: Programmers with network engineering skills
Hello All,
i have been looking for quite some time now a descent coder (c,php) who has a descent amount of system admin / netadmin experience. Doesn't necessarily need to be an expert at network engineering but being acclimated in understanding the basic fundamentals of networking. Understanding basic routing concepts, how to diagnose using tcpdump / pcap, understanding subnetting and how bgp works (not necessarily setting up bgp). I've posted job listings on the likes of dice and monster and have not found any good canidates, most of them ASP / Java guys.
If anyone can point me to a site they might recommend for job postings or know of any consulting firms that might provide these services that would be greatly appreciated.
This problem is not limited to programming. Education in general has moved from teaching conceptual knowledge re-inforced by practical examples and exercises to teaching methodological and/or procedural knowledge without any effort to convey concepts. It's much like the difference between teaching a man to buy a fish using cash vs. teaching a man more generalized economic skills and money management. In the former case, you get a man who can eat fish as long as he still has some cash. In the latter case, you get a man who can keep cash coming in and use it to obtain a varied diet and other things he may want. Today, the indoctrination mills (hard to call them education centers at this point) churn out people who are good at repeating the same process and solving the same problems over and over. Unfortunately, when faced with a problem that doesn't look like something from their text book, they either become completely lost or they take the hammer approach (when the only tool you have is a hammer, every problem looks like a nail). I'm not sure how to solve this. Teaching methodologically is much much faster than teaching conceptually and the endemic lack of patience makes it hard to get people to sit still long enough to learn conceptually. Owen On Feb 28, 2012, at 6:03 AM, John Mitchell wrote:
<rant>
I would wholeheartedly agree with this, but I believe its worse than just that. I used to categorize myself as a full developer, now I'm slightly ashamed to be tainted with that brush since there's so many people using the term who don't know the first thing about programming.
It used to be that when you were taught programming, you were taught concepts (when to use a for loop, while loop, Boolean algebra), then you built on the foundations by learning advanced concepts (data structures, how to program concurrently using semaphores etc etc), you would then pick some optional classes to make up for some non programming specific knowledge (networking, linux admin, etc etc).
I now have a lot of friends who work in academia and they are worried by a decline (as am I when trying to hire new talent). Currently the teaching process is one of learning to program like a monkey, monkey see monkey do. People are no longer taught to think for themselves, but instead taught to program in a specific language (PHP, Java, rarely C or C++ any more, C#, or VB) and that is all they know. I don't believe this is a failing with the lecturers but with the fundamental change in attitudes to programming.
One of the tests I give all interviewees is write a very short program in a language they have never ever used before ( personally I recommend http://en.wikipedia.org/wiki/Brainfuck ) since this gives people a chance to show they can program rather than being able to tell me "I know PHP" or "I know C", suprisingly very few newer programmers can make it through, or even try it, because the concept of thinking for themselves is so last year.
</rant>
On 27 February 2012 20:02:13, Brandt, Ralph wrote:
Generalists are hard to come by these days. They are people who learn less and less about more and more till they know nothing about everything. People today are specializing in the left and right halves of the bytes.... They learn more and more about less and less till they know everything about nothing. And BTW, they are worthless unless you have five of them working on a problem because none of them know enough to fix it. Worse, you can replace the word five with fifty and it may be still true.
I know of three of these, all gainfully employed at this time and could each find at least a couple jobs if they wanted. I am one, my son is two and a guy we worked with is the third.
At one time (40 years ago) the mantra in IS was train for expertise, now it is hire for it. Somewhere there has to be a happy medium. I suggest this, find a good coder, not a mediocre who writes shit code but a good one who can think and learn and when you talk about branching out with his skill set he or she lights up. His first thing on site is take the A+ networking course.
No, I do not sell the courses. But I have seen this kind of approach work when nothing else was.
Ralph Brandt Communications Engineer HP Enterprise Services Telephone +1 717.506.0802 FAX +1 717.506.4358 Email Ralph.Brandt@pateam.com 5095 Ritter Rd Mechanicsburg PA 17055
-----Original Message----- From: A. Pishdadi [mailto:apishdadi@gmail.com] Sent: Sunday, February 26, 2012 8:27 PM To: NANOG Subject: Programmers with network engineering skills
Hello All,
i have been looking for quite some time now a descent coder (c,php) who has a descent amount of system admin / netadmin experience. Doesn't necessarily need to be an expert at network engineering but being acclimated in understanding the basic fundamentals of networking. Understanding basic routing concepts, how to diagnose using tcpdump / pcap, understanding subnetting and how bgp works (not necessarily setting up bgp). I've posted job listings on the likes of dice and monster and have not found any good canidates, most of them ASP / Java guys.
If anyone can point me to a site they might recommend for job postings or know of any consulting firms that might provide these services that would be greatly appreciated.
Education in theoretical concepts is definitely a problem in general, but I've found it's particularly noticeable in the technology field which has become increasingly commercialized (or commoditized); where once a "sysadmin" was a long-running process, grown from a person with the mindset of "how does this work?" and "let's build cool stuff!", eventually culminating in someone who knew operating systems, networking, and programming inside out (see: "UNIX greybeard" types), nowadays people haul off to a 5 day course in "Advanced System Administration(TM)", write a certificate exam or 15, and call themselves a "sysadmin". There still are people with the "greybeard" mentality -- all of the very best sysadmins I know are of this type, and many know real programming (that is, data structures, algorithms, etc) better than the mass-produced developers our there -- but unfortunately, they're relatively rare, and usually very hard to recruit. You have to have a very interesting project first and foremost -- salary is important, but building new, cool stuff is usually the #1 factor for top-notch generalists. - Pete On 12-02-28 01:51 PM, Owen DeLong wrote:
This problem is not limited to programming.
Education in general has moved from teaching conceptual knowledge re-inforced by practical examples and exercises to teaching methodological and/or procedural knowledge without any effort to convey concepts.
It's much like the difference between teaching a man to buy a fish using cash vs. teaching a man more generalized economic skills and money management.
In the former case, you get a man who can eat fish as long as he still has some cash. In the latter case, you get a man who can keep cash coming in and use it to obtain a varied diet and other things he may want.
Today, the indoctrination mills (hard to call them education centers at this point) churn out people who are good at repeating the same process and solving the same problems over and over.
Unfortunately, when faced with a problem that doesn't look like something from their text book, they either become completely lost or they take the hammer approach (when the only tool you have is a hammer, every problem looks like a nail).
I'm not sure how to solve this. Teaching methodologically is much much faster than teaching conceptually and the endemic lack of patience makes it hard to get people to sit still long enough to learn conceptually.
Owen
On Feb 28, 2012, at 6:03 AM, John Mitchell wrote:
<rant>
I would wholeheartedly agree with this, but I believe its worse than just that. I used to categorize myself as a full developer, now I'm slightly ashamed to be tainted with that brush since there's so many people using the term who don't know the first thing about programming.
It used to be that when you were taught programming, you were taught concepts (when to use a for loop, while loop, Boolean algebra), then you built on the foundations by learning advanced concepts (data structures, how to program concurrently using semaphores etc etc), you would then pick some optional classes to make up for some non programming specific knowledge (networking, linux admin, etc etc).
I now have a lot of friends who work in academia and they are worried by a decline (as am I when trying to hire new talent). Currently the teaching process is one of learning to program like a monkey, monkey see monkey do. People are no longer taught to think for themselves, but instead taught to program in a specific language (PHP, Java, rarely C or C++ any more, C#, or VB) and that is all they know. I don't believe this is a failing with the lecturers but with the fundamental change in attitudes to programming.
One of the tests I give all interviewees is write a very short program in a language they have never ever used before ( personally I recommend http://en.wikipedia.org/wiki/Brainfuck ) since this gives people a chance to show they can program rather than being able to tell me "I know PHP" or "I know C", suprisingly very few newer programmers can make it through, or even try it, because the concept of thinking for themselves is so last year.
</rant>
On 27 February 2012 20:02:13, Brandt, Ralph wrote:
Generalists are hard to come by these days. They are people who learn less and less about more and more till they know nothing about everything. People today are specializing in the left and right halves of the bytes.... They learn more and more about less and less till they know everything about nothing. And BTW, they are worthless unless you have five of them working on a problem because none of them know enough to fix it. Worse, you can replace the word five with fifty and it may be still true.
I know of three of these, all gainfully employed at this time and could each find at least a couple jobs if they wanted. I am one, my son is two and a guy we worked with is the third.
At one time (40 years ago) the mantra in IS was train for expertise, now it is hire for it. Somewhere there has to be a happy medium. I suggest this, find a good coder, not a mediocre who writes shit code but a good one who can think and learn and when you talk about branching out with his skill set he or she lights up. His first thing on site is take the A+ networking course.
No, I do not sell the courses. But I have seen this kind of approach work when nothing else was.
Ralph Brandt Communications Engineer HP Enterprise Services Telephone +1 717.506.0802 FAX +1 717.506.4358 Email Ralph.Brandt@pateam.com 5095 Ritter Rd Mechanicsburg PA 17055
-----Original Message----- From: A. Pishdadi [mailto:apishdadi@gmail.com] Sent: Sunday, February 26, 2012 8:27 PM To: NANOG Subject: Programmers with network engineering skills
Hello All,
i have been looking for quite some time now a descent coder (c,php) who has a descent amount of system admin / netadmin experience. Doesn't necessarily need to be an expert at network engineering but being acclimated in understanding the basic fundamentals of networking. Understanding basic routing concepts, how to diagnose using tcpdump / pcap, understanding subnetting and how bgp works (not necessarily setting up bgp). I've posted job listings on the likes of dice and monster and have not found any good canidates, most of them ASP / Java guys.
If anyone can point me to a site they might recommend for job postings or know of any consulting firms that might provide these services that would be greatly appreciated.
On Tuesday, February 28, 2012 09:03:33 AM John Mitchell wrote:
One of the tests I give all interviewees is write a very short program in a language they have never ever used before
I typically recommend either Intercal, or one of various assembler languages that are out of date (well, not really out of date, but out of date for mainstream computing. My old TRS-80 Z80 assembler skills come in handy when playing around with certain DVD drives' firmware, since a Z80 variant is used in many such drives). Make 'em do something in 6502 that absolutely has to use page zero stuff, or in Z80 where a block instruction would be the best way to accomplish a task. Or maybe handcoded ia64, or MIPS, the 6502's godgrandchildren.... Object shmobject, let me see the bytes! And if they choose to try it in Intercal, they have to use at least two COME FROM statements. In a 'Hello World' type program (of course, 'Hello World' in Intercal is, well, interesting, and reads like an obfuscated perl contest entry. The point being, if you can make something useful happen in Intercal, you can probably do something useful in a sane language. The skills I'm looking for are simple: be able to think sideways, and on your feet, with unfamiliar tools if necessary. That is, be a quick study who doesn't cringe at any language, tool, toolkit, or technique that might need to be used.
John Mitchell wrote:
<rant>
I would wholeheartedly agree with this, but I believe its worse than
teaching process is one of learning to program like a monkey, monkey see monkey do. People are no longer taught to think for themselves, but instead taught to program in a specific language (PHP, Java, rarely C or C++ any more, C#, or VB) and that is all they know. I don't believe this is a failing with the lecturers but with the fundamental change in attitudes to programming.
The story of Mel comes to mind (one of my favourite): http://www.catb.org/jargon/html/story-of-mel.html http://www.catb.org/jargon/html/R/Real-Programmer.html
http://en.wikipedia.org/wiki/Brainfuck ) since this gives people a chance to show they can program rather than being able to tell me "I know PHP" or "I know C", suprisingly very few newer programmers can
I think someone being able to quickly understand brainfuck and write usable code in it may be smart, but I don't think it's necessarily a sure sign of a potentially productive employee that "fits well in the team". Greetings, Jeroen -- Earthquake Magnitude: 3.5 Date: Tuesday, February 28, 2012 20:15:32 UTC Location: Channel Islands region, California Latitude: 33.9042; Longitude: -119.4195 Depth: 8.60 km
I would hope that the working with the team aspect would have been have been handled BEFORE you spend time on this. Let HR do it, then check if they did it right because they screw it up at times. I have been overridden twice in hiring decisions over the years by my boss. Both of them lived to regret that action. Both were unsuitable because the person had character and personality flaws that made them unsuitable for any job except working more than 20 miles from Ted Kaminski. Ralph Brandt Communications Engineer HP Enterprise Services Telephone +1 717.506.0802 FAX +1 717.506.4358 Email Ralph.Brandt@pateam.com 5095 Ritter Rd Mechanicsburg PA 17055 -----Original Message----- From: Jeroen van Aart [mailto:jeroen@mompl.net] Sent: Tuesday, February 28, 2012 4:05 PM To: NANOG list Subject: Re: Programmers with network engineering skills John Mitchell wrote:
<rant>
I would wholeheartedly agree with this, but I believe its worse than
teaching process is one of learning to program like a monkey, monkey see monkey do. People are no longer taught to think for themselves, but instead taught to program in a specific language (PHP, Java, rarely C or C++ any more, C#, or VB) and that is all they know. I don't believe this is a failing with the lecturers but with the fundamental change in attitudes to programming.
The story of Mel comes to mind (one of my favourite): http://www.catb.org/jargon/html/story-of-mel.html http://www.catb.org/jargon/html/R/Real-Programmer.html
http://en.wikipedia.org/wiki/Brainfuck ) since this gives people a chance to show they can program rather than being able to tell me "I know PHP" or "I know C", suprisingly very few newer programmers can
I think someone being able to quickly understand brainfuck and write usable code in it may be smart, but I don't think it's necessarily a sure sign of a potentially productive employee that "fits well in the team". Greetings, Jeroen -- Earthquake Magnitude: 3.5 Date: Tuesday, February 28, 2012 20:15:32 UTC Location: Channel Islands region, California Latitude: 33.9042; Longitude: -119.4195 Depth: 8.60 km
Generalists are hard to come by these days. They are people who learn less and less about more and more till they know nothing about everything. People today are specializing in the left and right halves of the bytes.... They learn more and more about less and less till they know everything about nothing. And BTW, they are worthless unless you have five of them working on a problem because none of them know enough to fix it. Worse, you can replace the word five with fifty and it may be still true. I know of three of these, all gainfully employed at this time and could each find at least a couple jobs if they wanted. I am one, my son is two and a guy we worked with is the third. At one time (40 years ago) the mantra in IS was train for expertise, now it is hire for it. Somewhere there has to be a happy medium. I suggest this, find a good coder, not a mediocre who writes bad code but a good one who can think and learn and when you talk about branching out with his skill set he or she lights up. His first thing on site is take the A+ networking course. No, I do not sell the courses. But I have seen this kind of approach work when nothing else was. Ralph Brandt Communications Engineer HP Enterprise Services Telephone +1 717.506.0802 FAX +1 717.506.4358 Email Ralph.Brandt@pateam.com 5095 Ritter Rd Mechanicsburg PA 17055 -----Original Message----- From: A. Pishdadi [mailto:apishdadi@gmail.com] Sent: Sunday, February 26, 2012 8:27 PM To: NANOG Subject: Programmers with network engineering skills Hello All, i have been looking for quite some time now a descent coder (c,php) who has a descent amount of system admin / netadmin experience. Doesn't necessarily need to be an expert at network engineering but being acclimated in understanding the basic fundamentals of networking. Understanding basic routing concepts, how to diagnose using tcpdump / pcap, understanding subnetting and how bgp works (not necessarily setting up bgp). I've posted job listings on the likes of dice and monster and have not found any good canidates, most of them ASP / Java guys. If anyone can point me to a site they might recommend for job postings or know of any consulting firms that might provide these services that would be greatly appreciated.
On Feb 26, 2012, at 8:27 PM, "A. Pishdadi" <apishdadi@gmail.com> wrote:
Hello All,
i have been looking for quite some time now a descent coder (c,php) who has a descent amount of system admin / netadmin experience. Doesn't necessarily need to be an expert at network engineering but being acclimated in understanding the basic fundamentals of networking. Understanding basic routing concepts, how to diagnose using tcpdump / pcap, understanding subnetting and how bgp works (not necessarily setting up bgp). I've posted job listings on the likes of dice and monster and have not found any good canidates, most of them ASP / Java guys.
If anyone can point me to a site they might recommend for job postings or know of any consulting firms that might provide these services that would be greatly appreciated.
Good Luck guys like these are being scooped up by large financial firms and hedgefunds and they don't come cheap ~$250k easy!
Hello All,
i have been looking for quite some time now a descent coder (c,php) who has a descent amount of system admin / netadmin experience. Doesn't necessarily need to be an expert at network engineering but being acclimated in understanding the basic fundamentals of networking. Understanding basic routing concepts, how to diagnose using tcpdump / pcap, understanding subnetting and how bgp works (not necessarily setting up bgp). I've
Rodrick, give me the name of one of those firms. :) Ralph Brandt -----Original Message----- From: Rodrick Brown [mailto:rodrick.brown@gmail.com] Sent: Monday, February 27, 2012 6:13 PM To: A. Pishdadi Cc: NANOG Subject: Re: Programmers with network engineering skills On Feb 26, 2012, at 8:27 PM, "A. Pishdadi" <apishdadi@gmail.com> wrote: posted
job listings on the likes of dice and monster and have not found any good canidates, most of them ASP / Java guys.
If anyone can point me to a site they might recommend for job postings or know of any consulting firms that might provide these services that would be greatly appreciated.
Good Luck guys like these are being scooped up by large financial firms and hedgefunds and they don't come cheap ~$250k easy!
The smaller more elite hedge funds are - Getco LLC, Knight Capital, SAC Capital Advisors, Jump Trading, Wolverine Trading, Chicago Trading, Citadel, Sun Trading A list of larger firms are here - http://www.nasdaqtrader.com/Trader.aspx?id=topliquidity The core skill sets most look for is core Linux, C/C++, multicast, multithreading, IPC, and low level kernel drivers. FPGA and CUDA is also becoming more relevant. Sent from my iPhone On Feb 28, 2012, at 8:23 AM, "Brandt, Ralph" <ralph.brandt@pateam.com> wrote:
Rodrick, give me the name of one of those firms. :)
Ralph Brandt
-----Original Message----- From: Rodrick Brown [mailto:rodrick.brown@gmail.com] Sent: Monday, February 27, 2012 6:13 PM To: A. Pishdadi Cc: NANOG Subject: Re: Programmers with network engineering skills
On Feb 26, 2012, at 8:27 PM, "A. Pishdadi" <apishdadi@gmail.com> wrote:
Hello All,
i have been looking for quite some time now a descent coder (c,php) who has a descent amount of system admin / netadmin experience. Doesn't necessarily need to be an expert at network engineering but being acclimated in understanding the basic fundamentals of networking. Understanding basic routing concepts, how to diagnose using tcpdump / pcap, understanding subnetting and how bgp works (not necessarily setting up bgp). I've posted job listings on the likes of dice and monster and have not found any good canidates, most of them ASP / Java guys.
If anyone can point me to a site they might recommend for job postings or know of any consulting firms that might provide these services that would be greatly appreciated.
Good Luck guys like these are being scooped up by large financial firms and hedgefunds and they don't come cheap ~$250k easy!
On Mon, Feb 27, 2012 at 12:27 PM, A. Pishdadi <apishdadi@gmail.com> wrote:
Hello All,
i have been looking for quite some time now a descent coder (c,php) who has
Just a practical comment here; part of your problem may be offering c and php together. I don't want to start a war, but I know that at the very least all the c programmers I know would considered php to be ... "horribly offensive". So, maybe seperating out these two roles (c and php programming) will help you. It is definitely true (speaking as a programmer, C# for several years) that seeing +PHP would instantly turn me off. Further, I'm sure that almost anyone who is still programming in c these days would have the level of networking knowledge you care about (and can train on top of).
a descent amount of system admin / netadmin experience. Doesn't necessarily need to be an expert at network engineering but being acclimated in understanding the basic fundamentals of networking. Understanding basic routing concepts, how to diagnose using tcpdump / pcap, understanding subnetting and how bgp works (not necessarily setting up bgp). I've posted job listings on the likes of dice and monster and have not found any good canidates, most of them ASP / Java guys.
If anyone can point me to a site they might recommend for job postings or know of any consulting firms that might provide these services that would be greatly appreciated.
-- Noon Silk Fancy a quantum lunch? https://sites.google.com/site/quantumlunch/ "Every morning when I wake up, I experience an exquisite joy — the joy of being this signature."
Noon Silk said:
Just a practical comment here; part of your problem may be offering c and php together. I don't want to start a war, but I know that at the very least all the c programmers I know would considered php to be ... "horribly offensive". So, maybe seperating out these two roles (c and php programming) will help you.
It is definitely true (speaking as a programmer, C# for several years) that seeing +PHP would instantly turn me off. Further, I'm sure that almost anyone who is still programming in c these days would have the level of networking knowledge you care about (and can train on top of).
PHP tends to mesh well with things like perl programmers. It is basically a scripting language. Anyone using D ?
The right tool for the right job. PHP (and the LAMP stack) can result in very quick development of systems that will run on any vanilla Linux server. In my experience, that has turned out to be a huge benefit. If you have a developer who knows C well, then they will more than likely be able to use PHP properly. I use both C and PHP myself, and have no conflict. I think they compliment each other nicely. C for performance, PHP for web applications or quick scrips. C# and any .NET language on the other hand . . . now /that/ I question. ; ) On Tue, Feb 28, 2012 at 1:21 AM, Noon Silk <noonslists@gmail.com> wrote:
On Mon, Feb 27, 2012 at 12:27 PM, A. Pishdadi <apishdadi@gmail.com> wrote:
Hello All,
i have been looking for quite some time now a descent coder (c,php) who has
Just a practical comment here; part of your problem may be offering c and php together. I don't want to start a war, but I know that at the very least all the c programmers I know would considered php to be ... "horribly offensive". So, maybe seperating out these two roles (c and php programming) will help you.
It is definitely true (speaking as a programmer, C# for several years) that seeing +PHP would instantly turn me off. Further, I'm sure that almost anyone who is still programming in c these days would have the level of networking knowledge you care about (and can train on top of).
a descent amount of system admin / netadmin experience. Doesn't necessarily need to be an expert at network engineering but being acclimated in understanding the basic fundamentals of networking. Understanding basic routing concepts, how to diagnose using tcpdump / pcap, understanding subnetting and how bgp works (not necessarily setting up bgp). I've posted job listings on the likes of dice and monster and have not found any good canidates, most of them ASP / Java guys.
If anyone can point me to a site they might recommend for job postings or know of any consulting firms that might provide these services that would be greatly appreciated.
-- Noon Silk
Fancy a quantum lunch? https://sites.google.com/site/quantumlunch/
"Every morning when I wake up, I experience an exquisite joy — the joy of being this signature."
-- Ray Soucy Epic Communications Specialist Phone: +1 (207) 561-3526 Networkmaine, a Unit of the University of Maine System http://www.networkmaine.net/
participants (47)
-
A. Pishdadi
-
Alain Hebert
-
Aled Morris
-
Anurag Bhatia
-
Benjamin
-
Brandt, Ralph
-
Carlos Martinez-Cagnazzo
-
Christopher Morrow
-
Daniel Schauenberg
-
david raistrick
-
Doug Barton
-
Eric Brunner-Williams
-
George Bonser
-
George Herbert
-
Holmes,David A
-
Jamie Bowden
-
Jared Newell
-
Jason Bertoch
-
Jay Ashworth
-
Jeroen van Aart
-
Jimmy Hess
-
Joe Greco
-
John Mitchell
-
Justin M. Streiner
-
Keegan Holley
-
Lamar Owen
-
Mark Andrews
-
Mark Stevens
-
Michael Hallgren
-
Michael Thomas
-
Mike Hale
-
Mike Lyon
-
Mike Rae
-
Noon Silk
-
Owen DeLong
-
Paul Graydon
-
Peter Kristolaitis
-
Randy
-
Randy Bush
-
Ray Soucy
-
Robert E. Seastrom
-
Rodrick Brown
-
Scott Helms
-
Steve Bertrand
-
Tei
-
Thomas King
-
William Herrin