Re: On the control of the Internet.
On 6/13/2010 14:59, Joe Greco wrote:
What happens? The master zone simply doesn't get updated until someone FedEx's a floppy. You know, some of us made these sorts of contingency plans long ago, back in days when the Internet actually wasn't all that reliable, and it wasn't completely unthinkable to be off the air for at least 24 hours.
Interesting plan. I've got a Gateway computer down stairs that can write a 3.5 inch floppy and a Micron tower (running Windows 2000 the last time it was powered up) that can write 5 inch floppies. When I left active administration in 2003, out of 30 or so machines running BIND I can't recall one that has a floppy drive of any sort.
It's not that rough, these days, to install some monitoring to make sure that your zones are up to date on the secondaries and that they resolve names correctly; some operators used to even get really super-freakazoid and do zone transfers back to allow verification. Here, we draw the line at checking the SOA's for consistency and checking one other beacon record for resolvability. That's clearly not a solution aimed at warning about non-transferable zones; it raises some interesting questions. Think maybe I'll go asking on dnsops what, if anything, people do to monitor.
"monitor" implies connectivity. The OP was about the possibility that the government would deny you connectivity. Please try to stay n topic. -- Somebody should have said: A democracy is two wolves and a lamb voting on what to have for dinner. Freedom under a constitutional republic is a well armed lamb contesting the vote. Requiescas in pace o email Ex turpi causa non oritur actio Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs http://tinyurl.com/7tp8ml
On 6/13/2010 14:59, Joe Greco wrote:
What happens? The master zone simply doesn't get updated until someone FedEx's a floppy. You know, some of us made these sorts of contingency plans long ago, back in days when the Internet actually wasn't all that reliable, and it wasn't completely unthinkable to be off the air for at least 24 hours.
Interesting plan.
I've got a Gateway computer down stairs that can write a 3.5 inch floppy and a Micron tower (running Windows 2000 the last time it was powered up) that can write 5 inch floppies.
If we want to be pedantic, Sony this year announced that it is shutting down its production of floppy disks by next year. Of course, the choice of "floppy disk" is irrelevant, and I'm guessing you know it. If your devices are more comfortable with CD-ROM or USB MicroSD readers, then by all means. Long before NANOG, there was actually a time that some of us hauled around things like USENET on magnetic media, because it was simply the highest bandwidth yet cheapest method to haul large amounts of data around the city, back when a Telebit Trailblazer was still vaguely able to cope with a USENET feed - and for a little while thereafter.
When I left active administration in 2003, out of 30 or so machines running BIND I can't recall one that has a floppy drive of any sort.
If your network has been so thoroughly taken over that you cannot hope to get a file from a computer that does have a floppy over to your DNS server, you have Much Bigger Problems to begin with...
It's not that rough, these days, to install some monitoring to make sure that your zones are up to date on the secondaries and that they resolve names correctly; some operators used to even get really super-freakazoid and do zone transfers back to allow verification. Here, we draw the line at checking the SOA's for consistency and checking one other beacon record for resolvability. That's clearly not a solution aimed at warning about non-transferable zones; it raises some interesting questions. Think maybe I'll go asking on dnsops what, if anything, people do to monitor.
"monitor" implies connectivity. The OP was about the possibility that the government would deny you connectivity. Please try to stay n topic.
Our monitoring systems are definitely able to detect when connectivity goes away. What happens if and when that happens is generally left up to a human to decide. The sorts of brokenness that one might potentially discover if the government were to corrupt connectivity is much more complex than simple on/off; I feel comfortable saying that the best plan is to have diversity of resources and some in-depth knowledge, since that also serves normal engineering needs well. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.
On 6/13/2010 15:54, Joe Greco wrote:
If we want to be pedantic, Sony this year announced that it is shutting down its production of floppy disks by next year. Of course, the choice of "floppy disk" is irrelevant, and I'm guessing you know it. If your devices are more comfortable with CD-ROM or USB MicroSD readers, then by all means.
I certainly hoped that that was the case, but not very long ago I read a current "Emergency Recovery Plan" that depended on 9-track 1600BPI round reel tapes in a shop that had not had a drive like that for ten years.
Long before NANOG, there was actually a time that some of us hauled around things like USENET on magnetic media, because it was simply the highest bandwidth yet cheapest method to haul large amounts of data around the city, back when a Telebit Trailblazer was still vaguely able to cope with a USENET feed - and for a little while thereafter.
Wide Band Truck was a major component of plans long ago. And I wish I had a nickel for every round-real tape in Anvil case I escorted through airports.
If your network has been so thoroughly taken over that you cannot hope to get a file from a computer that does have a floppy over to your DNS server, you have Much Bigger Problems to begin with...
And that is the issue I was trying to raise.
Our monitoring systems are definitely able to detect when connectivity goes away. What happens if and when that happens is generally left up to a human to decide. The sorts of brokenness that one might potentially discover if the government were to corrupt connectivity is much more complex than simple on/off; I feel comfortable saying that the best plan is to have diversity of resources and some in-depth knowledge, since that also serves normal engineering needs well.
I'll bet you think The Stimulus created jobs. -- Somebody should have said: A democracy is two wolves and a lamb voting on what to have for dinner. Freedom under a constitutional republic is a well armed lamb contesting the vote. Requiescas in pace o email Ex turpi causa non oritur actio Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs http://tinyurl.com/7tp8ml
On 6/13/2010 15:54, Joe Greco wrote:
If we want to be pedantic, Sony this year announced that it is shutting down its production of floppy disks by next year. Of course, the choice of "floppy disk" is irrelevant, and I'm guessing you know it. If your devices are more comfortable with CD-ROM or USB MicroSD readers, then by all means.
I certainly hoped that that was the case, but not very long ago I read a current "Emergency Recovery Plan" that depended on 9-track 1600BPI round reel tapes in a shop that had not had a drive like that for ten years.
That's why emergency planning needs to be an ongoing thing.
If your network has been so thoroughly taken over that you cannot hope to get a file from a computer that does have a floppy over to your DNS server, you have Much Bigger Problems to begin with...
And that is the issue I was trying to raise.
If they've got control of your network to the point where you cannot even hook up a laptop and get access to the DNS server, I submit that they effectively own your network and it is no longer your problem, unless maybe you have a love of being thrown in some dark room where no one will find you for a few years. If that's the issue you're trying to raise, I do not think it's solvable in any meaningful way. More generally, is your company going to refuse to comply? Or are you planning to refuse to comply with the directives of your employer?
Our monitoring systems are definitely able to detect when connectivity goes away. What happens if and when that happens is generally left up to a human to decide. The sorts of brokenness that one might potentially discover if the government were to corrupt connectivity is much more complex than simple on/off; I feel comfortable saying that the best plan is to have diversity of resources and some in-depth knowledge, since that also serves normal engineering needs well.
I'll bet you think The Stimulus created jobs.
It sure did, there's a bunch of construction going on all over the place. Of course, a much better measure would be "how many of the jobs created by these projects will be there in a year" - or better yet, but much harder to quantify, would be positions created that weren't directly funded by The Stimulus. That's the best target to discuss, since everyone can pull statistics to prove whatever position they hold dear. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.
participants (2)
-
Joe Greco
-
Larry Sheldon