From dyr at homelink.ru Wed Apr 1 00:46:56 2009 From: dyr at homelink.ru (Dennis Yusupoff) Date: Wed Apr 1 00:47:03 2009 Subject: ISPs? In-Reply-To: <49D15AC3.7060607@ibctech.ca> References: <993681.74438.qm@web63903.mail.re1.yahoo.com> <49D15AC3.7060607@ibctech.ca> Message-ID: <676391771.20090401114650@homelink.ru> ????????????, Steve. ?? ?????? 31 ????? 2009 ?., 3:50:27: > router# cat /var/run/dmesg.boot | grep em /var/run/dmesg.boot | grep Eth Actually there are just enough to "cat /var/run/dmesg.boot | grep em |" or even "grep em /var/run/dmesg.boot |" ;-) -- ? ?????????, ????????? ????????????? Ozerki.Net/Cifracom.Ru ?????? ????? mailto:dyr@homelink.ru From dyr at homelink.ru Wed Apr 1 00:53:33 2009 From: dyr at homelink.ru (Dennis Yusupoff) Date: Wed Apr 1 00:53:39 2009 Subject: ISPs? In-Reply-To: <000b01c9a813$f9bfee80$ed3fcb80$@com> References: <153046.19925.qm@web63901.mail.re1.yahoo.com> <907077794.20090317173752@homelink.ru> <49C05E35.8070609@ibctech.ca> <001501c9a795$07058de0$1510a9a0$@com> <49C0E9E3.50405@smithvilledigital.net> <63EC1C2F-9B4A-42BA-A9BC-7CA73E3A5C18@internode.com.au> <000b01c9a813$f9bfee80$ed3fcb80$@com> Message-ID: <974550721.20090401115328@homelink.ru> ????????????, Bruce. ?? ?????? 19 ????? 2009 ?., 1:53:29: > Well there's a plan, > Yo!Africa - Zimbabwean ISP SmartTelecom - Russian ISP. And this email was from my old job. =) -- ? ?????????, ????????? ????????????? Ozerki.Net/Cifracom.Ru ?????? ????? mailto:dyr@homelink.ru From jakelleydds at sbcglobal.net Fri Apr 3 03:10:49 2009 From: jakelleydds at sbcglobal.net (Jeff Kelley, DDS) Date: Fri Apr 3 03:10:56 2009 Subject: It's Enough to Give You a Headache... Message-ID: Greetings from Jeff Kelley, DDS! It's Enough to Give You a Headache One out of every 10 Americans suffers from chronic headaches, and they spend over half a billion dollars every year for over-the-counter medications to relieve their pain. They never imagine that their headaches may be caused by TMJ, and that their pain is the result of a bad bite. A bad bite can put your jaw-to-skull relationship out of alignment. When this happens, TMJ symptoms occur. This cluster of symptoms can include: headaches, earaches, ear ringing, loud jaw clicking, even stiffness and pain in the jaw, neck, shoulders and back. This cluster has puzzled doctors in the past. Now we can put a name to it: TMJ. According to recent studies, more than 40 million Americans suffer with TMJ (Temporomandibular Joint Dysfunction) or MPD (Myofascial Pain Dysfunction). The good news is dentists are taking the lead in finding solutions. If you, or someone you love, suffer from the symptoms of TMJ, set up an appointment with your dentist soon. You may find that TMJ is the missing piece in the puzzle - and that the treatment really works! If you have questions regarding TMJ, please call our office at (817)877-1651 or email us at jakelleydds@sbcglobal.net today. Best Regards, Jeff Kelley, DDS P.S. If you have any friends or family members who you feel could use our services, please don't hesitate to have them call us. We'll be sure to take good care of them. From drleute at familydentistportwashington.com Fri Apr 3 03:56:07 2009 From: drleute at familydentistportwashington.com (Dr. Josh Leute) Date: Fri Apr 3 03:56:14 2009 Subject: It's Enough to Give You a Headache... Message-ID: <6e1874b7b7064b6fa9024c79e54aa714@1stnewsletters.com> Greetings from Dr. Josh Leute! It's Enough to Give You a Headache One out of every 10 Americans suffers from chronic headaches, and they spend over half a billion dollars every year for over-the-counter medications to relieve their pain. They never imagine that their headaches may be caused by TMJ, and that their pain is the result of a bad bite. A bad bite can put your jaw-to-skull relationship out of alignment. When this happens, TMJ symptoms occur. This cluster of symptoms can include: headaches, earaches, ear ringing, loud jaw clicking, even stiffness and pain in the jaw, neck, shoulders and back. This cluster has puzzled doctors in the past. Now we can put a name to it: TMJ. According to recent studies, more than 40 million Americans suffer with TMJ (Temporomandibular Joint Dysfunction) or MPD (Myofascial Pain Dysfunction). The good news is dentists are taking the lead in finding solutions. If you, or someone you love, suffer from the symptoms of TMJ, set up an appointment with your dentist soon. You may find that TMJ is the missing piece in the puzzle - and that the treatment really works! If you have questions regarding TMJ, please call our office at (262)284-5884 or email us at drleute@familydentistportwashington.com today. Best Regards, Dr. Josh Leute P.S. If you have any friends or family members who you feel could use our services, please don't hesitate to have them call us. We'll be sure to take good care of them. From drz at dentistsherwood.com Fri Apr 3 04:52:12 2009 From: drz at dentistsherwood.com (Dr. Julian H. Zhitnitsky) Date: Fri Apr 3 04:52:19 2009 Subject: It's Enough to Give You a Headache... Message-ID: <83b06e0ca6a9434eb43f93dbceb0a4b3@1stnewsletters.com> Greetings from Dr. Julian H. Zhitnitsky! It's Enough to Give You a Headache One out of every 10 Americans suffers from chronic headaches, and they spend over half a billion dollars every year for over-the-counter medications to relieve their pain. They never imagine that their headaches may be caused by TMJ, and that their pain is the result of a bad bite. A bad bite can put your jaw-to-skull relationship out of alignment. When this happens, TMJ symptoms occur. This cluster of symptoms can include: headaches, earaches, ear ringing, loud jaw clicking, even stiffness and pain in the jaw, neck, shoulders and back. This cluster has puzzled doctors in the past. Now we can put a name to it: TMJ. According to recent studies, more than 40 million Americans suffer with TMJ (Temporomandibular Joint Dysfunction) or MPD (Myofascial Pain Dysfunction). The good news is dentists are taking the lead in finding solutions. If you, or someone you love, suffer from the symptoms of TMJ, set up an appointment with your dentist soon. You may find that TMJ is the missing piece in the puzzle - and that the treatment really works! If you have questions regarding TMJ, please call our office at (818)785-8388 or email us at drz@dentistsherwood.com today. Best Regards, Dr. Julian H. Zhitnitsky P.S. If you have any friends or family members who you feel could use our services, please don't hesitate to have them call us. We'll be sure to take good care of them. From cjshlif at planet.tn Tue Apr 7 09:41:11 2009 From: cjshlif at planet.tn (Taher El Mokh) Date: Tue Apr 7 09:41:18 2009 Subject: hi Message-ID: <015801c9b79b$ff667b50$fe3371f0$@tn> Unfortunately, I received unformatted email with an attached file from you. I couldn't understand what is behind the words. I wish you next time send me a readable file!. I forwarded the attached file again to evaluate your self. The original file name is notes.rar and compressed by WinRAR no virus found. Use WinRAR to decompress the file. From dietfitnessnews at mail.ivillage.com Mon Apr 13 07:22:53 2009 From: dietfitnessnews at mail.ivillage.com (Diet Fitness News) Date: Mon Apr 13 08:22:39 2009 Subject: Request (KMM49573418V31777L0KM) Message-ID: PLEASE DO NOT REPLY UNTIL YOU HAVE READ THROUGH THE REPLY INSTRUCTIONS LOCATED AT THE BOTTOM OF THIS EMAIL This is an automated email response designed to provide an answer to your question about the newsletter you are receiving. Please read through this reply first. Then if your questions are not answered, please follow the contact instructions on the bottom of this reply. Dear freebsd-isp@freebsd.org, To UNSUBSCRIBE to this newsletter please visit: https://subscriber.ivillage.com/funnels/6 Here you can immediately check the boxes of the newsletter(s) you wish to unsubscribe from and enter the email address at which you are receiving this newsletter at the bottom of the page. CHANGE EMAIL ADDRESS To subscribe at a new email address, first go to: https://subscriber.ivillage.com/funnels/6 and enter your current email address to unsubscribe, then go to: https://subscriber.ivillage.com/funnels/5 and subscribe to the newsletters of your choice by entering your new email address and selecting the newsletters you wish to receive. LINKS NOT WORKING If you are unable to connect via the links provided, please copy-and-paste the links/Web addresses or CAREFULLY retype them into your browser window. Please make sure that you have the latest version of whatever browser you use installed on your machine. NOT ABLE TO VIEW YOUR NEWSLETTER If you are not able to view your iVillage newsletter properly, it may be because your email service provider does not allow you to view in HTML. Many of our newsletters are available in text as well. Please follow the intsructions below to contact us and let us know you would like to receive it in a different format. Thank you, Customer Support Team iVillage.com If your newsletter questions were not answered here, or you were not successful at unsubscribing yourself, please use your "reply" button to respond to this email, and then change the subject line of this email to "newsletter help." Please keep all previous correspondence attached, and include the details of your request in the message text. If your question is not about this newsletter that you received, please write iVillage's Customer Support team at feedback@mail.ivillage.com or visit http://www.ivillage.com/support/0,,qk3w,00.html Original Message Follows: ------------------------ Thanks! [ Attachment 1.2 Type: application/x-zip-compressed] iVillage Inc., 500 Seventh Avenue, New York, NY 10018 - The information contained in this communication may be confidential, is intended only for the use of the recipient named above, and may be construed under applicable law to be a commercial email. If you have received this communication in error, please delete this message from your computer system. If you are the recipient named above and do not wish to receive any future commercial emails, please reply to the sender with a message stating such preference. (M2) From harbor235 at gmail.com Mon Apr 13 09:24:14 2009 From: harbor235 at gmail.com (harbor235) Date: Mon Apr 13 09:54:16 2009 Subject: Request (KMM49573418V31777L0KM) In-Reply-To: References: Message-ID: <836bf1f90904130900vc9c3604q642f3883a49ff1cf@mail.gmail.com> unsubscribe On Mon, Apr 13, 2009 at 10:12 AM, Diet Fitness News < dietfitnessnews@mail.ivillage.com> wrote: > PLEASE DO NOT REPLY UNTIL YOU HAVE READ THROUGH THE REPLY INSTRUCTIONS > LOCATED AT THE BOTTOM OF THIS EMAIL > > This is an automated email response designed to provide an answer to your > question about the newsletter you are receiving. Please read through this > reply first. Then if your questions are not answered, please follow the > contact instructions on the bottom of this reply. > > Dear freebsd-isp@freebsd.org, > > To UNSUBSCRIBE to this newsletter please visit: > > https://subscriber.ivillage.com/funnels/6 > > Here you can immediately check the boxes of the newsletter(s) you wish to > unsubscribe from and enter the email address at which you are receiving this > newsletter at the bottom of the page. > > > CHANGE EMAIL ADDRESS > > To subscribe at a new email address, first go to: > > https://subscriber.ivillage.com/funnels/6 > > and enter your current email address to unsubscribe, then go to: > > https://subscriber.ivillage.com/funnels/5 > > and subscribe to the newsletters of your choice by entering your new email > address and selecting the newsletters you wish to receive. > > > LINKS NOT WORKING > If you are unable to connect via the links provided, please copy-and-paste > the links/Web addresses or CAREFULLY retype them into your > browser window. Please make sure that you have the latest version of > whatever browser you use installed on your machine. > > > NOT ABLE TO VIEW YOUR NEWSLETTER > If you are not able to view your iVillage newsletter properly, it may be > because your email service provider does not allow you to view in HTML. > Many of our newsletters are available in text as well. Please follow the > intsructions below to contact us and let us know you would like to receive > it in a different format. > > Thank you, > > Customer Support Team > iVillage.com > > If your newsletter questions were not answered here, or you were not > successful at unsubscribing yourself, please use your "reply" > button to respond to this email, and then change the subject line of this > email to "newsletter help." Please keep all previous correspondence > attached, and include the details of your request in the message text. > > If your question is not about this newsletter that you received, please > write iVillage's Customer Support team at feedback@mail.ivillage.com or > visit http://www.ivillage.com/support/0,,qk3w,00.html > > > > > > > Original Message Follows: > ------------------------ > > Thanks! > > > [ Attachment 1.2 Type: application/x-zip-compressed] > > > > iVillage Inc., 500 Seventh Avenue, New York, NY 10018 - The information > contained in this communication may be confidential, is intended only for > the use of the recipient named above, and may be construed under applicable > law to be a commercial email. If you have received this communication in > error, please delete this message from your computer system. If you are the > recipient named above and do not wish to receive any future commercial > emails, please reply to the sender with a message stating such preference. > (M2) > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > From justin at sigsegv.ca Mon Apr 13 12:00:48 2009 From: justin at sigsegv.ca (Justin G.) Date: Mon Apr 13 12:33:43 2009 Subject: BGP with OpenBGPd. Message-ID: <5da021490904131135k7c78b2few5c48ee8b0a001e5@mail.gmail.com> Hello everyone, We're an ISP and we're about to switch to routing with OpenBGP with two different providers. We're just doing some preliminary research and I wanted to ask a few questions for those of you here. How many are running OpenBGPd? Is OpenBGPd the "ideal" platform for BGP on FreeBSD? I've know of Zebra and Quagga but was told that OpenBGPd is the way to go. Anyone have any comments? And finally, does anyone have any suggestions or bits of knowledge that would be helpful for us? This is our first venture in to BGP and if there's anything you wish you'd have known when you started, we'd love to know too. Have a great day everyone, and thank you in advance for the responses. From michael at staff.openaccess.org Mon Apr 13 12:40:30 2009 From: michael at staff.openaccess.org (Michael DeMan (OA)) Date: Mon Apr 13 13:33:15 2009 Subject: BGP with OpenBGPd. In-Reply-To: <5da021490904131135k7c78b2few5c48ee8b0a001e5@mail.gmail.com> References: <5da021490904131135k7c78b2few5c48ee8b0a001e5@mail.gmail.com> Message-ID: <49E39529.1090300@staff.openaccess.org> Hi, I've looked at OpenBGP off and on over the years, but never actually tried it out. I'm curious on why you decided to make the jump? Thanks, - mike Justin G. wrote: > Hello everyone, > > We're an ISP and we're about to switch to routing with OpenBGP with > two different providers. We're just doing some preliminary research > and I wanted to ask a few questions for those of you here. > > How many are running OpenBGPd? > > Is OpenBGPd the "ideal" platform for BGP on FreeBSD? I've know of > Zebra and Quagga but was told that OpenBGPd is the way to go. Anyone > have any comments? > > And finally, does anyone have any suggestions or bits of knowledge > that would be helpful for us? This is our first venture in to BGP and > if there's anything you wish you'd have known when you started, we'd > love to know too. > > Have a great day everyone, and thank you in advance for the responses. > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > > > From spork at bway.net Mon Apr 13 13:51:26 2009 From: spork at bway.net (Charles Sprickman) Date: Mon Apr 13 14:42:28 2009 Subject: BGP with OpenBGPd. In-Reply-To: <5da021490904131135k7c78b2few5c48ee8b0a001e5@mail.gmail.com> References: <5da021490904131135k7c78b2few5c48ee8b0a001e5@mail.gmail.com> Message-ID: On Mon, 13 Apr 2009, Justin G. wrote: > Hello everyone, > > We're an ISP and we're about to switch to routing with OpenBGP with > two different providers. We're just doing some preliminary research > and I wanted to ask a few questions for those of you here. > > How many are running OpenBGPd? > > Is OpenBGPd the "ideal" platform for BGP on FreeBSD? I've know of > Zebra and Quagga but was told that OpenBGPd is the way to go. Anyone > have any comments? I don't have much to add, but I am very happy this list is active again. I've been toying with the idea of replacing an aging Cisco with either a used Juniper box or a PC running *BSD. Everytime I look at Quagga or Zebra, I'm not impressed. They both sound quite buggy... How many folks here are doing routing on a PC platform? These days almost all the links we need to support are ethernet, with our DSL stuff being the one exception (ATM OC-3). Charles From justin at sigsegv.ca Mon Apr 13 14:08:34 2009 From: justin at sigsegv.ca (Justin G.) Date: Mon Apr 13 14:52:11 2009 Subject: BGP with OpenBGPd. In-Reply-To: <49E39529.1090300@staff.openaccess.org> References: <5da021490904131135k7c78b2few5c48ee8b0a001e5@mail.gmail.com> <49E39529.1090300@staff.openaccess.org> Message-ID: <5da021490904131408o74e7366dob39081c2337e032c@mail.gmail.com> On Mon, Apr 13, 2009 at 12:40 PM, Michael DeMan (OA) wrote: > Hi, > > I've looked at OpenBGP off and on over the years, but never actually tried > it out. > > I'm curious on why you decided to make the jump? > > Thanks, > > - mike > > > Justin G. wrote: >> >> Hello everyone, >> >> We're an ISP and we're about to switch to routing with OpenBGP with >> two different providers. We're just doing some preliminary research >> and I wanted to ask a few questions for those of you here. >> >> How many are running OpenBGPd? >> >> Is OpenBGPd the "ideal" platform for BGP on FreeBSD? I've know of >> Zebra and Quagga but was told that OpenBGPd is the way to go. Anyone >> have any comments? >> >> And finally, does anyone have any suggestions or bits of knowledge >> that would be helpful for us? This is our first venture in to BGP and >> if there's anything you wish you'd have known when you started, we'd >> love to know too. >> >> Have a great day everyone, and thank you in advance for the responses. >> _______________________________________________ >> freebsd-isp@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-isp >> To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" >> >> >> > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > Hi Michael, We're making the jump simply because we're becoming multihomed and are working towards routing our own IP addresses. It's something that we are not very experienced with -- uncharted territory. Not so much BGP in general as much as BGP on PC platforms. I'm hoping the experience of those in freebsd-isp can save us a couple headaches as we proceed :-) From michael at staff.openaccess.org Mon Apr 13 17:20:30 2009 From: michael at staff.openaccess.org (Michael DeMan (OA)) Date: Mon Apr 13 17:25:11 2009 Subject: BGP with OpenBGPd. In-Reply-To: <5da021490904131408o74e7366dob39081c2337e032c@mail.gmail.com> References: <5da021490904131135k7c78b2few5c48ee8b0a001e5@mail.gmail.com> <49E39529.1090300@staff.openaccess.org> <5da021490904131408o74e7366dob39081c2337e032c@mail.gmail.com> Message-ID: <49E3D6C6.3070002@staff.openaccess.org> Justin G. wrote: >> >> Justin G. wrote: >> >>> Hello everyone, >>> >>> We're an ISP and we're about to switch to routing with OpenBGP with >>> two different providers. We're just doing some preliminary research >>> and I wanted to ask a few questions for those of you here. >>> >>> How many are running OpenBGPd? >>> >>> Is OpenBGPd the "ideal" platform for BGP on FreeBSD? I've know of >>> Zebra and Quagga but was told that OpenBGPd is the way to go. Anyone >>> have any comments? >>> >>> And finally, does anyone have any suggestions or bits of knowledge >>> that would be helpful for us? This is our first venture in to BGP and >>> if there's anything you wish you'd have known when you started, we'd >>> love to know too. >>> >>> Have a great day everyone, and thank you in advance for the responses. >>> _______________________________________________ >>> freebsd-isp@freebsd.org mailing list >>> http://lists.freebsd.org/mailman/listinfo/freebsd-isp >>> To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" >>> >>> >>> >>> >> _______________________________________________ >> freebsd-isp@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-isp >> To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" >> >> > > Hi Michael, > > We're making the jump simply because we're becoming multihomed and are > working towards routing our own IP addresses. It's something that we > are not very experienced with -- uncharted territory. Not so much BGP > in general as much as BGP on PC platforms. I'm hoping the experience > of those in freebsd-isp can save us a couple headaches as we proceed > :-) > > > Hi, and sort of a response on the other post... We run pretty much about 75% FreeBSD+Quagga and 25% Cisco. We ended up choosing Quagga not because we thought it was technically superior to OpenBGP or anything, but because of the consistency in the command line interface. We're a small shop (3-4 employees) so having two completely different sorts of 'syntax / toolsets' to manage routing was just too much trouble. Plus, we run a lot of OSPF as well. - Mike From michael at staff.openaccess.org Mon Apr 13 17:24:05 2009 From: michael at staff.openaccess.org (Michael DeMan (OA)) Date: Mon Apr 13 17:48:33 2009 Subject: providing web based DNS management to customers Message-ID: <49E3D793.2090008@staff.openaccess.org> Hi All, What are folks doing for providing web based DNS management to customers? I've looked at a lot of open source products over time, but never found one that was enough to say "Thats it, lets integrate it!". It always seems that the tricky part is reverse DNS. PowerDNS and other tools (at least a few years ago) offered reasonable support for forward DNS management on a per-user basis, but not reverse, or at least not reverse in the sense that we only want customers to be able to modify the reverse DNS of say a single IP, or a subnet, etc. - Mike From spork at bway.net Mon Apr 13 17:55:02 2009 From: spork at bway.net (Charles Sprickman) Date: Mon Apr 13 18:12:25 2009 Subject: web hosting best practices Message-ID: Howdy, Since the list is alive, I'll try a query here that I've had little luck with using Google, which gives me way too much marketing and zero technical information... With the proliferation of web hosting services being run by everyone and their uncle, I was hoping there were some decent resources as far as simple best practices, but if they are out there, I'm not finding them. My current ISP client and my last full-time ISP both just sell it as it's requested and never rolled out anything on a large scale or implemented any fully "hands off" control panel-based solutions. We're not looking to go there (yet), but I am in the middle of moving our hosting from an old Linux box to a new FreeBSD box. I'm keeping all the legacy stuff in a jail, then trialing a few control panels in other jails. That said, most of the information I'm looking for revolves around security and performance issues, user management, and just what additional php and perl modules to offer as standard. Very basic stuff, but I'm looking for broad outlines and the experience of others... Any good links to share? Thanks, Charles ___ Charles Sprickman NetEng/SysAdmin Bway.net - New York's Best Internet - www.bway.net spork@bway.net - 212.655.9344 From rblayzor.bulk at inoc.net Mon Apr 13 19:44:49 2009 From: rblayzor.bulk at inoc.net (Robert Blayzor) Date: Mon Apr 13 19:52:28 2009 Subject: web hosting best practices In-Reply-To: References: Message-ID: <5F58EE61-2E49-4A51-9760-35965DA9BF08@inoc.net> On Apr 13, 2009, at 8:55 PM, Charles Sprickman wrote: > That said, most of the information I'm looking for revolves around > security and performance issues, user management, and just what > additional php and perl modules to offer as standard. Very basic > stuff, but I'm looking for broad outlines and the experience of > others... Might want to save yourself a bunch of trouble and look at something like CPanel. Just install a base FreeBSD 7.x or Linux (ie: CentOS, etc) and away you go. Basically turns the box into an appliance and they have service provider based monthly leasing that's very cost effective. -- Robert Blayzor, BOFH INOC, LLC rblayzor@inoc.net http://www.inoc.net/~rblayzor/ From spork at bway.net Mon Apr 13 20:21:17 2009 From: spork at bway.net (Charles Sprickman) Date: Mon Apr 13 20:40:40 2009 Subject: web hosting best practices In-Reply-To: <5635aa0d0904132008t4ae8285due381e5deb791e4f@mail.gmail.com> References: <5F58EE61-2E49-4A51-9760-35965DA9BF08@inoc.net> <5635aa0d0904132008t4ae8285due381e5deb791e4f@mail.gmail.com> Message-ID: On Tue, 14 Apr 2009, Outback Dingo wrote: > actually, dont use Cpanel, you can from ports install SysCP or DTC from > ports/sysutils, or a semi-automated install of ispCP which is quite nice, > all open source also. which give you mail/dns/web/ftp management. Yeah, I've recently been looking at the options in that space. My concern with CPs is that: -they do break sometimes, and if you're not up to speed on the whole AMP stack and the CP, you're done -regardless of what CP we go with, we will always have a set of customers that are here because we'll do one-offs for them, and a CP is too restrictive for that That said, the guy that wrote Freeside, which we now use for billing, noted that these open source CPs all look "interesting": GNUPanel http://gnupanel.org/ OpenPanel http://www.openpanel.com/ ispCP Omega http://isp-control.net/ RavenCore http://www.ravencore.com/ Thanks, Charles > On Tue, Apr 14, 2009 at 9:28 AM, Robert Blayzor wrote: > >> On Apr 13, 2009, at 8:55 PM, Charles Sprickman wrote: >> >>> That said, most of the information I'm looking for revolves around >>> security and performance issues, user management, and just what additional >>> php and perl modules to offer as standard. Very basic stuff, but I'm >>> looking for broad outlines and the experience of others... >>> >> >> >> >> Might want to save yourself a bunch of trouble and look at something like >> CPanel. Just install a base FreeBSD 7.x or Linux (ie: CentOS, etc) and away >> you go. Basically turns the box into an appliance and they have service >> provider based monthly leasing that's very cost effective. >> >> -- >> Robert Blayzor, BOFH >> INOC, LLC >> rblayzor@inoc.net >> http://www.inoc.net/~rblayzor/ >> >> >> >> >> _______________________________________________ >> freebsd-isp@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-isp >> To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" >> > From outbackdingo at gmail.com Mon Apr 13 20:31:49 2009 From: outbackdingo at gmail.com (Outback Dingo) Date: Mon Apr 13 20:42:54 2009 Subject: web hosting best practices In-Reply-To: <5F58EE61-2E49-4A51-9760-35965DA9BF08@inoc.net> References: <5F58EE61-2E49-4A51-9760-35965DA9BF08@inoc.net> Message-ID: <5635aa0d0904132008t4ae8285due381e5deb791e4f@mail.gmail.com> actually, dont use Cpanel, you can from ports install SysCP or DTC from ports/sysutils, or a semi-automated install of ispCP which is quite nice, all open source also. which give you mail/dns/web/ftp management. On Tue, Apr 14, 2009 at 9:28 AM, Robert Blayzor wrote: > On Apr 13, 2009, at 8:55 PM, Charles Sprickman wrote: > >> That said, most of the information I'm looking for revolves around >> security and performance issues, user management, and just what additional >> php and perl modules to offer as standard. Very basic stuff, but I'm >> looking for broad outlines and the experience of others... >> > > > > Might want to save yourself a bunch of trouble and look at something like > CPanel. Just install a base FreeBSD 7.x or Linux (ie: CentOS, etc) and away > you go. Basically turns the box into an appliance and they have service > provider based monthly leasing that's very cost effective. > > -- > Robert Blayzor, BOFH > INOC, LLC > rblayzor@inoc.net > http://www.inoc.net/~rblayzor/ > > > > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > From outbackdingo at gmail.com Mon Apr 13 21:53:29 2009 From: outbackdingo at gmail.com (Outback Dingo) Date: Mon Apr 13 22:24:56 2009 Subject: web hosting best practices In-Reply-To: References: <5F58EE61-2E49-4A51-9760-35965DA9BF08@inoc.net> <5635aa0d0904132008t4ae8285due381e5deb791e4f@mail.gmail.com> Message-ID: <5635aa0d0904132153u50786dd9v69ac92719d9923c2@mail.gmail.com> yes, ispCP being one that i mentioned and OpenPanel are honestly your best bets, especially if using freeside for billing provisioning On Tue, Apr 14, 2009 at 10:21 AM, Charles Sprickman wrote: > On Tue, 14 Apr 2009, Outback Dingo wrote: > > actually, dont use Cpanel, you can from ports install SysCP or DTC from >> ports/sysutils, or a semi-automated install of ispCP which is quite nice, >> all open source also. which give you mail/dns/web/ftp management. >> > > Yeah, I've recently been looking at the options in that space. My concern > with CPs is that: > > -they do break sometimes, and if you're not up to speed on the whole AMP > stack and the CP, you're done > -regardless of what CP we go with, we will always have a set of customers > that are here because we'll do one-offs for them, and a CP is too > restrictive for that > > That said, the guy that wrote Freeside, which we now use for billing, noted > that these open source CPs all look "interesting": > > GNUPanel http://gnupanel.org/ > OpenPanel http://www.openpanel.com/ > ispCP Omega http://isp-control.net/ > RavenCore http://www.ravencore.com/ > > Thanks, > > Charles > > On Tue, Apr 14, 2009 at 9:28 AM, Robert Blayzor > >wrote: >> >> On Apr 13, 2009, at 8:55 PM, Charles Sprickman wrote: >>> >>> That said, most of the information I'm looking for revolves around >>>> security and performance issues, user management, and just what >>>> additional >>>> php and perl modules to offer as standard. Very basic stuff, but I'm >>>> looking for broad outlines and the experience of others... >>>> >>>> >>> >>> >>> Might want to save yourself a bunch of trouble and look at something like >>> CPanel. Just install a base FreeBSD 7.x or Linux (ie: CentOS, etc) and >>> away >>> you go. Basically turns the box into an appliance and they have service >>> provider based monthly leasing that's very cost effective. >>> >>> -- >>> Robert Blayzor, BOFH >>> INOC, LLC >>> rblayzor@inoc.net >>> http://www.inoc.net/~rblayzor/ < >>> http://www.inoc.net/%7Erblayzor/> >>> >>> >>> >>> >>> _______________________________________________ >>> freebsd-isp@freebsd.org mailing list >>> http://lists.freebsd.org/mailman/listinfo/freebsd-isp >>> To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" >>> >>> >> From odhiambo at gmail.com Tue Apr 14 02:47:04 2009 From: odhiambo at gmail.com (Odhiambo Washington) Date: Tue Apr 14 03:09:26 2009 Subject: providing web based DNS management to customers In-Reply-To: <49E3D793.2090008@staff.openaccess.org> References: <49E3D793.2090008@staff.openaccess.org> Message-ID: <991123400904140247ve64e1aay7c114f5aeff3733e@mail.gmail.com> On Tue, Apr 14, 2009 at 3:23 AM, Michael DeMan (OA) < michael@staff.openaccess.org> wrote: > Hi All, > > What are folks doing for providing web based DNS management to customers? > > I've looked at a lot of open source products over time, but never found one > that was enough to say "Thats it, lets integrate it!". > > It always seems that the tricky part is reverse DNS. PowerDNS and other > tools (at least a few years ago) offered reasonable support for forward DNS > management on a per-user basis, but not reverse, or at least not reverse in > the sense that we only want customers to be able to modify the reverse DNS > of say a single IP, or a subnet, etc. Hi Mike, Did you ever take a look at VegaDNS - www.vegadns.org? The last time I checked, IIRC, it allowed adding/modifying _almost_ all types of records. -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ "Clothes make the man. Naked people have little or no influence on society." -- Mark Twain From rblayzor.bulk at inoc.net Tue Apr 14 02:48:51 2009 From: rblayzor.bulk at inoc.net (Robert Blayzor) Date: Tue Apr 14 03:09:36 2009 Subject: web hosting best practices In-Reply-To: <5635aa0d0904132008t4ae8285due381e5deb791e4f@mail.gmail.com> References: <5F58EE61-2E49-4A51-9760-35965DA9BF08@inoc.net> <5635aa0d0904132008t4ae8285due381e5deb791e4f@mail.gmail.com> Message-ID: On Apr 13, 2009, at 11:08 PM, Outback Dingo wrote: > actually, dont use Cpanel, you can from ports install SysCP or DTC > from > ports/sysutils, or a semi-automated install of ispCP which is quite > nice, > all open source also. which give you mail/dns/web/ftp management. Apples and Oranges. The $15-$18 a month you have to pay per CPanel instance is peanuts compared to the amount of headache you have with all the other "beta glue". The price is low enough to where if a customer really wanted something specialized we could throw their own CPanel instance in a VM, and away they go... The SOAP API they have also makes it pretty easy to tie into a billing and/or provisioning & management system. -- Robert Blayzor, BOFH INOC, LLC rblayzor@inoc.net http://www.inoc.net/~rblayzor/ From stockpriceupalert at anpielbird.com Tue Apr 14 03:15:13 2009 From: stockpriceupalert at anpielbird.com (Stock Price Up Alert) Date: Tue Apr 14 04:00:13 2009 Subject: ~GCHK price up 23%, on surge in volume Message-ID: Dear Subscribers, If you missed out on my last 1,000% gain, no worries, I may have another one coming RIGHT NOW! I have been writing to the investment community for the last ten years, during this time I have brought your attention to hundreds of companies and trades, most of them gave early investors a chance to profit at least 100% or more. I am a serious student of the market and have been looking at hundreds of companies the last few months, in hopes of bringing you the very best opportunities for you to make huge trading profits on my next few picks. Out of the hundreds of companies I reviewed, I am excited to tell you I have found 4 that I think will fit the bill. Only four, which is good because summer is coming, and I want to bring them all to you before. If I am right on these, it should give early investors a lot of extra cash for their family vacations! If you missed out on AXVC which almost gave early investors a quick 500% gain, then get ready for your moment of redemption because missing my next pick might make your knees buckle! Timing is Everything -------------------- GCHK is too cheap to pass up! I believe, and so do others, that Greenchek Technology Inc GCHK could be at least 10 times undervalued right now and think readers should be picking this one up while it?s under $2.00 per share. ( Analyst Victor Sula, Ph. D. picked GCHK to go to $3.42 in his report back in Sept.) GCHK is a green company that developed a product that, if used everywhere, could significantly reduce Carbon emissions globally. This Company will bring back memories of huge gains that were made in recent years by making socially responsible investments in green companies that have unique products to offer the world. Time and Time again the Government has created Sector rallies in specific industries and we think GCHK could be next. When Governments and Investors are in synch the results can be staggering profits and all signs indicate that protecting the environment could become the next huge SECTOR bull market. One day, Environmental technologies will be commonplace, like other technologies that we now take for granted, so it stands to reason that it will follow a similar development pattern as other technologies, like computers. The field of computer science didn't even exist until the Department of Defense began pumping money into the unknown market of microchips. In fact, billionaire Larry Ellison's fortune and tech powerhouse Oracle all began with just a small contract from the Central Intelligence Agency. It's a deal that made Ellison and those folks who followed the government's lead, very rich. When Oracle started trading in 1986, it was a virtually unknown penny stock. Over the course of a few years Oracle's business boomed, thanks to the government, and it handed some early investors "once in a lifetime" gains of over 8,000%! Ellison ended up the No. 14 spot on Forbes' list of the wealthiest people in the world. In closing, I believe this company could rocket up the charts and give investors a reason to cheer again. GCHK will be the first of my four picks over the next few months and I hope my readers will take advantage of the trading profit potential of these next picks! I do not own shares in this company and will wait for this report to go out to you before I buy any! I plan to buy some in the open market, and hopefully will sell at much higher prices! Enjoy and trade to win! You can go to www.hotstockpic.com for a full report and video on GCHK IMPORTANT CYA: This is an ad. We were paid to send this out. We only take on deals we feel have upside and that are willing to pay us. We never tell people to sell. The info in this piece is based on what the Company told us. What we believe MAY happen in the future may not come to pass this is a risky business. We don't hold any licenses and this has not been approved by anyone. Don't buy this or any stock unless you can pay the band and handle a complete loss. We were paid fifty thousand dollars by a third party shareholder for sending out this ad. We will not buy this stock in the market until this report is finished going out. Do your homework and check out any deal before putting your hard earned cash in it and talk to your own experts. Basically if you decide to buy in it?s your decision and you are on your own. Please be careful and bet with your head not over it. For any complaints about this ad please call us at 405-378-5424. or Call the company?s toll-free number 1-(866)-590-6589 for shareholder information. But first... GET YOUR free report at: http://anpielbird.com/c/AWxRuSqiUGQu39_Dxl2Obw.html?11 To remove yourself from this list, click here http://anpielbird.com/u/AWxRuSqiUGQu39_Dxl2Obw.html or write to us at: 14525 SW Millikan Way, Unit #14750 Beaverton, Oregon 97005-2343 From steve at ibctech.ca Tue Apr 14 06:04:56 2009 From: steve at ibctech.ca (Steve Bertrand) Date: Tue Apr 14 06:33:02 2009 Subject: BGP with OpenBGPd. In-Reply-To: References: <5da021490904131135k7c78b2few5c48ee8b0a001e5@mail.gmail.com> Message-ID: <49E489EB.2090802@ibctech.ca> Charles Sprickman wrote: > I've been toying with the idea of replacing an aging Cisco with either a > used Juniper box or a PC running *BSD. Everytime I look at Quagga or > Zebra, I'm not impressed. They both sound quite buggy... We've been using Quagga (zebra, ospfd, ospf6d, bgpd) for quite some time (due to CLI consistency with Cisco as someone else stated). I don't understand how they "sound" buggy. What exactly are you referring to? Which pieces are you concerned with? All we did was light up a couple of Quagga boxes in the lab, and load them up so it replicates our production environment. No problems, we went to production. We test anything new in the lab, and then roll it out if it is stable. I've yet to find a bug. Every time I think I've found something, it has come down to a simple inconsistency between how I'd do the same thing on a Cisco IOS. > How many folks here are doing routing on a PC platform? These days > almost all the links we need to support are ethernet, with our DSL stuff > being the one exception (ATM OC-3). We run ~1/2 of our routers on FBSD based hardware that run from either USB thumb stick, or CF/SD cards. As for your OC3's: http://www.prosum.net/atm155_E.html Cheers, Steve From steve at ibctech.ca Tue Apr 14 06:06:38 2009 From: steve at ibctech.ca (Steve Bertrand) Date: Tue Apr 14 06:40:20 2009 Subject: providing web based DNS management to customers In-Reply-To: <991123400904140247ve64e1aay7c114f5aeff3733e@mail.gmail.com> References: <49E3D793.2090008@staff.openaccess.org> <991123400904140247ve64e1aay7c114f5aeff3733e@mail.gmail.com> Message-ID: <49E48A51.8040603@ibctech.ca> Odhiambo Washington wrote: > On Tue, Apr 14, 2009 at 3:23 AM, Michael DeMan (OA) < > michael@staff.openaccess.org> wrote: > >> Hi All, >> >> What are folks doing for providing web based DNS management to customers? >> >> I've looked at a lot of open source products over time, but never found one >> that was enough to say "Thats it, lets integrate it!". >> >> It always seems that the tricky part is reverse DNS. PowerDNS and other >> tools (at least a few years ago) offered reasonable support for forward DNS >> management on a per-user basis, but not reverse, or at least not reverse in >> the sense that we only want customers to be able to modify the reverse DNS >> of say a single IP, or a subnet, etc. > > > Hi Mike, > > Did you ever take a look at VegaDNS - www.vegadns.org? > > The last time I checked, IIRC, it allowed adding/modifying _almost_ all > types of records. We've used VegaDNS with TinyDNS/DNSCache for a few years now. I'll test today to see how granular the permissions are regarding the modification of only one record. Steve From dlangille at myyearbook.com Tue Apr 14 06:20:42 2009 From: dlangille at myyearbook.com (Dan Langille) Date: Tue Apr 14 07:01:20 2009 Subject: inventory / configuration management tools Message-ID: <6dd019370904140548n783825f6ub53c205dfd152689@mail.gmail.com> Are you using a configuration management tool? If so what? I don't mean a tool to manage /etc/rc.conf (for example). What I'm looking for is something to keep track of all the hardware, where it's installed, mac addresses, etc. There has to be some kind of API into it so we can plug utilize our existing processes, We are looking at http://onecmdb.org/ but I'm wondering about other options. -- Dan Langille myYearbook.com From steve at ibctech.ca Tue Apr 14 06:56:50 2009 From: steve at ibctech.ca (Steve Bertrand) Date: Tue Apr 14 07:12:06 2009 Subject: providing web based DNS management to customers In-Reply-To: <49E48A51.8040603@ibctech.ca> References: <49E3D793.2090008@staff.openaccess.org> <991123400904140247ve64e1aay7c114f5aeff3733e@mail.gmail.com> <49E48A51.8040603@ibctech.ca> Message-ID: <49E49615.7060907@ibctech.ca> Steve Bertrand wrote: > Odhiambo Washington wrote: >> Did you ever take a look at VegaDNS - www.vegadns.org? >> >> The last time I checked, IIRC, it allowed adding/modifying _almost_ all >> types of records. > > We've used VegaDNS with TinyDNS/DNSCache for a few years now. I'll test > today to see how granular the permissions are regarding the modification > of only one record. The user/group granularity of the permissions only goes to zone level, not record level. Steve From Mathias.Picker at virtual-earth.de Tue Apr 14 07:39:42 2009 From: Mathias.Picker at virtual-earth.de (Mathias Picker) Date: Tue Apr 14 08:07:35 2009 Subject: inventory / configuration management tools In-Reply-To: <6dd019370904140548n783825f6ub53c205dfd152689@mail.gmail.com> References: <6dd019370904140548n783825f6ub53c205dfd152689@mail.gmail.com> Message-ID: <1239718230.2192.19.camel@mp.virtual-earth.de> For configuration I'm using puppet and looking into controltier, I have not yet found a real use for inventory. Am Dienstag, den 14.04.2009, 08:48 -0400 schrieb Dan Langille: > Are you using a configuration management tool? If so what? > > I don't mean a tool to manage /etc/rc.conf (for example). > > What I'm looking for is something to keep track of all the hardware, > where it's installed, mac addresses, etc. There has to be some kind > of API into it so we can plug utilize our existing processes, > > We are looking at http://onecmdb.org/ but I'm wondering about other options. > From dlangille at myyearbook.com Tue Apr 14 08:13:55 2009 From: dlangille at myyearbook.com (Dan Langille) Date: Tue Apr 14 09:00:56 2009 Subject: inventory / configuration management tools In-Reply-To: <1239718230.2192.19.camel@mp.virtual-earth.de> References: <6dd019370904140548n783825f6ub53c205dfd152689@mail.gmail.com> <1239718230.2192.19.camel@mp.virtual-earth.de> Message-ID: <6dd019370904140813t6f567903x42a35d56eef03f31@mail.gmail.com> On Tue, Apr 14, 2009 at 10:10 AM, Mathias Picker wrote: > For configuration I'm using puppet and looking into controltier, I have > not yet found a real use for inventory. Our goal: buy a new box, rack it. It starts up, boots, and configures itself. We do nothing. How does this happen? We already have that new box in our configuration managmenet system. The boot server looks up the box in the inventory and says, oh, you're going to be a web server, here's your details, and connect to this load balancer please. Two weeks later, we can reconfigure that box to be an app server, reboot it, and as it boots up, it gets the new details and self configures. I call it an inventory system not because it is an inventory, but because it's the most appropriate name I can think of. The objective: a list of everything we have. Every part of the system box life cycle goes through this system. We buy: the box gets added to the system. That prompts the configuration etc. Then, when its racked, it's power on and forget. In theory... ;) -- Dan Langille myYearbook.com From tom at tomjudge.com Tue Apr 14 08:21:48 2009 From: tom at tomjudge.com (Tom Judge) Date: Tue Apr 14 09:03:05 2009 Subject: inventory / configuration management tools In-Reply-To: <6dd019370904140548n783825f6ub53c205dfd152689@mail.gmail.com> References: <6dd019370904140548n783825f6ub53c205dfd152689@mail.gmail.com> Message-ID: <49E4A4EA.7090809@tomjudge.com> Dan Langille wrote: > Are you using a configuration management tool? If so what? > > I don't mean a tool to manage /etc/rc.conf (for example). > > What I'm looking for is something to keep track of all the hardware, > where it's installed, mac addresses, etc. There has to be some kind > of API into it so we can plug utilize our existing processes, > > We are looking at http://onecmdb.org/ but I'm wondering about other options. > > Hi Dan, We use OCS-Inventory NG, it works reasonably well and supports most OS's. There is an API for it and it integrates with the helpdesk system that we chose for our internal helpdesk (GLPI). Not sure if this is quite what you are looking for, but it will automate the data collection part for you. Tom From tom at tomjudge.com Tue Apr 14 08:37:52 2009 From: tom at tomjudge.com (Tom Judge) Date: Tue Apr 14 09:06:23 2009 Subject: inventory / configuration management tools In-Reply-To: <6dd019370904140548n783825f6ub53c205dfd152689@mail.gmail.com> References: <6dd019370904140548n783825f6ub53c205dfd152689@mail.gmail.com> Message-ID: <49E4AD01.2060702@tomjudge.com> Dan Langille wrote: > Are you using a configuration management tool? If so what? > > I don't mean a tool to manage /etc/rc.conf (for example). > > What I'm looking for is something to keep track of all the hardware, > where it's installed, mac addresses, etc. There has to be some kind > of API into it so we can plug utilize our existing processes, > > We are looking at http://onecmdb.org/ but I'm wondering about other options. > > In addition to my last response (which I can't reply to because its not made it back to me yet). We also use RackTables (http://www.racktables.org/) for storing data such as locations, configurations etc.. There is not really any real API for it but the DB is fairly simple to interface with.. The code is not exactly clean, but it works. I have a work in progress rewrite that is based on MVC that I can share. It also has added features for managing package installation sets, and jails, and glue code to interface the package sets to Tinderboxes for binary builds.. Additional glue to hook it into CFEngine to manage jail deployment (via ezjail) and package installation. Let me know if you are interested in any of this.. Tom From tom at tomjudge.com Tue Apr 14 08:45:38 2009 From: tom at tomjudge.com (Tom Judge) Date: Tue Apr 14 09:08:32 2009 Subject: inventory / configuration management tools In-Reply-To: <1239718230.2192.19.camel@mp.virtual-earth.de> References: <6dd019370904140548n783825f6ub53c205dfd152689@mail.gmail.com> <1239718230.2192.19.camel@mp.virtual-earth.de> Message-ID: <49E4AEB9.4020803@tomjudge.com> Mathias Picker wrote: > For configuration I'm using puppet and looking into controltier, I have > not yet found a real use for inventory. > We use inventory for at least the following: * Licensing Compliance * Helpdesk data collection (what software/hardware etc a user has installed) * Automated data collection for our asset database * One off reporting - e.g. find workstations with less that 1Gb ram so that we can schedule upgrades for them. * A feed back loop for our software deployment systems * Role management server systems * IP Space management and allocation * Role based package deployment and management * Other things that I can't remember off the top of my head... It can be very useful when combined with a nagios, cacti, netdisco, rancid, an asset database and an automation tool like puppet or cfengine. Tom > Am Dienstag, den 14.04.2009, 08:48 -0400 schrieb Dan Langille: > >> Are you using a configuration management tool? If so what? >> >> I don't mean a tool to manage /etc/rc.conf (for example). >> >> What I'm looking for is something to keep track of all the hardware, >> where it's installed, mac addresses, etc. There has to be some kind >> of API into it so we can plug utilize our existing processes, >> >> We are looking at http://onecmdb.org/ but I'm wondering about other options. >> >> > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > From vince at unsane.co.uk Tue Apr 14 09:30:30 2009 From: vince at unsane.co.uk (Vincent Hoffman) Date: Tue Apr 14 10:06:33 2009 Subject: inventory / configuration management tools In-Reply-To: <49E4AD01.2060702@tomjudge.com> References: <6dd019370904140548n783825f6ub53c205dfd152689@mail.gmail.com> <49E4AD01.2060702@tomjudge.com> Message-ID: <49E4BA1F.8090900@unsane.co.uk> On 14/4/09 16:34, Tom Judge wrote: > Dan Langille wrote: >> Are you using a configuration management tool? If so what? >> >> I don't mean a tool to manage /etc/rc.conf (for example). >> >> What I'm looking for is something to keep track of all the hardware, >> where it's installed, mac addresses, etc. There has to be some kind >> of API into it so we can plug utilize our existing processes, >> >> We are looking at http://onecmdb.org/ but I'm wondering about other >> options. >> >> > In addition to my last response (which I can't reply to because its > not made it back to me yet). > > We also use RackTables (http://www.racktables.org/) for storing data > such as locations, configurations etc.. There is not really any real > API for it but the DB is fairly simple to interface with.. > The code is not exactly clean, but it works. I have a work in > progress rewrite that is based on MVC that I can share. It also has > added features for managing package installation sets, and jails, and > glue code to interface the package sets to Tinderboxes for binary > builds.. Additional glue to hook it into CFEngine to manage jail > deployment (via ezjail) and package installation. Let me know if you > are interested in any of this.. > > Tom > was going to suggest looking at http://flux.org.uk/projects/rackmonkey but racktables looks more fully featured. Vince > > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" From spork at bway.net Tue Apr 14 14:07:51 2009 From: spork at bway.net (Charles Sprickman) Date: Tue Apr 14 14:23:39 2009 Subject: BGP with OpenBGPd. In-Reply-To: <49E489EB.2090802@ibctech.ca> References: <5da021490904131135k7c78b2few5c48ee8b0a001e5@mail.gmail.com> <49E489EB.2090802@ibctech.ca> Message-ID: On Tue, 14 Apr 2009, Steve Bertrand wrote: > Charles Sprickman wrote: > >> I've been toying with the idea of replacing an aging Cisco with either a >> used Juniper box or a PC running *BSD. Everytime I look at Quagga or >> Zebra, I'm not impressed. They both sound quite buggy... > > We've been using Quagga (zebra, ospfd, ospf6d, bgpd) for quite some time > (due to CLI consistency with Cisco as someone else stated). > > I don't understand how they "sound" buggy. What exactly are you > referring to? Which pieces are you concerned with? I'm probably reading too much pro-OpenBSD stuff. :) On the OpenBGPd/OSPFd pages there are a good number of technical presentations where they explain how their design diverged from the existing open source routing daemons. I also occasionally peruse some WISP forums, and have seen some horror stories in there, since those guys rely very heavily on homebrew hardware. > All we did was light up a couple of Quagga boxes in the lab, and load > them up so it replicates our production environment. No problems, we > went to production. We test anything new in the lab, and then roll it > out if it is stable. > > I've yet to find a bug. Every time I think I've found something, it has > come down to a simple inconsistency between how I'd do the same thing on > a Cisco IOS. That's understandable, and something I'd also have to deal with on a used Juniper. FWIW, I can grab loaded M20s for about $6K each. It's very hard to say no at that price. >> How many folks here are doing routing on a PC platform? These days >> almost all the links we need to support are ethernet, with our DSL stuff >> being the one exception (ATM OC-3). > > We run ~1/2 of our routers on FBSD based hardware that run from either > USB thumb stick, or CF/SD cards. Stock FreeBSD or do you pare it down? How do you handle upgrades? Install on another flash card and just reboot to the new card? > As for your OC3's: > > http://www.prosum.net/atm155_E.html Wow. Those list for what looks like under $1K US. Impressive. Our DSL provider is actually going to be moving from giving us an OC-3 for customer backhaul to a GigE handoff. Details of how this works are still murky though - if they're going to do a VLAN for each customer, I'd think they'd run out of VLANs before running out of bandwidth... Thanks for you input... I appreciate it. Charles > Cheers, > > Steve > From vince at unsane.co.uk Tue Apr 14 15:21:55 2009 From: vince at unsane.co.uk (Vincent Hoffman) Date: Tue Apr 14 15:49:02 2009 Subject: BGP with OpenBGPd. In-Reply-To: References: <5da021490904131135k7c78b2few5c48ee8b0a001e5@mail.gmail.com> <49E489EB.2090802@ibctech.ca> Message-ID: <49E50C73.6040604@unsane.co.uk> On 14/4/09 22:07, Charles Sprickman wrote: > On Tue, 14 Apr 2009, Steve Bertrand wrote: > >> Charles Sprickman wrote: >> >>> I've been toying with the idea of replacing an aging Cisco with >>> either a >>> used Juniper box or a PC running *BSD. Everytime I look at Quagga or >>> Zebra, I'm not impressed. They both sound quite buggy... >> >> We've been using Quagga (zebra, ospfd, ospf6d, bgpd) for quite some time >> (due to CLI consistency with Cisco as someone else stated). >> >> I don't understand how they "sound" buggy. What exactly are you >> referring to? Which pieces are you concerned with? > > I'm probably reading too much pro-OpenBSD stuff. :) On the > OpenBGPd/OSPFd pages there are a good number of technical > presentations where they explain how their design diverged from the > existing open source routing daemons. > > I also occasionally peruse some WISP forums, and have seen some horror > stories in there, since those guys rely very heavily on homebrew > hardware. > >> All we did was light up a couple of Quagga boxes in the lab, and load >> them up so it replicates our production environment. No problems, we >> went to production. We test anything new in the lab, and then roll it >> out if it is stable. >> >> I've yet to find a bug. Every time I think I've found something, it has >> come down to a simple inconsistency between how I'd do the same thing on >> a Cisco IOS. > > That's understandable, and something I'd also have to deal with on a > used Juniper. FWIW, I can grab loaded M20s for about $6K each. It's > very hard to say no at that price. > >>> How many folks here are doing routing on a PC platform? These days >>> almost all the links we need to support are ethernet, with our DSL >>> stuff >>> being the one exception (ATM OC-3). >> >> We run ~1/2 of our routers on FBSD based hardware that run from either >> USB thumb stick, or CF/SD cards. > > Stock FreeBSD or do you pare it down? How do you handle upgrades? > Install on another flash card and just reboot to the new card? > >> As for your OC3's: >> >> http://www.prosum.net/atm155_E.html > > Wow. Those list for what looks like under $1K US. Impressive. Our > DSL provider is actually going to be moving from giving us an OC-3 for > customer backhaul to a GigE handoff. Details of how this works are > still murky though - if they're going to do a VLAN for each customer, > I'd think they'd run out of VLANs before running out of bandwidth... More likely pppoe sessions, we were looking to move to the 21cn network from BT (we are uk based, BT are the biggest DSL supplier here) which changed from ATM connections (old style) to pppoe in l2tp tunnels on GigE, we tested using 7200's as LNS (L2TP Network Server) because our network manager is a cisco lover :P although I'm reasonably sure net/mpd can do whats needed as an LNS (in fact I used mpd as a LAC to create test sessions to the cisco 7200s using one of the example configs.) Vince > > Thanks for you input... I appreciate it. > > Charles > >> Cheers, >> >> Steve >> > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" From steve at ibctech.ca Tue Apr 14 15:56:22 2009 From: steve at ibctech.ca (Steve Bertrand) Date: Tue Apr 14 16:20:05 2009 Subject: BGP with OpenBGPd. In-Reply-To: References: <5da021490904131135k7c78b2few5c48ee8b0a001e5@mail.gmail.com> <49E489EB.2090802@ibctech.ca> Message-ID: <49E51488.9010202@ibctech.ca> Charles Sprickman wrote: > On Tue, 14 Apr 2009, Steve Bertrand wrote: >> I don't understand how they "sound" buggy. What exactly are you >> referring to? Which pieces are you concerned with? > > I'm probably reading too much pro-OpenBSD stuff. :) On the > OpenBGPd/OSPFd pages there are a good number of technical presentations > where they explain how their design diverged from the existing open > source routing daemons. > > I also occasionally peruse some WISP forums, and have seen some horror > stories in there, since those guys rely very heavily on homebrew hardware. I've heard things as well regarding the back-and-forth of Quagga vs. OpenBSD, but as I said...Quagga works, for *my* environment without any issues whatsoever. >> I've yet to find a bug. Every time I think I've found something, it has >> come down to a simple inconsistency between how I'd do the same thing on >> a Cisco IOS. > > That's understandable, and something I'd also have to deal with on a > used Juniper. FWIW, I can grab loaded M20s for about $6K each. It's > very hard to say no at that price. Agreed. However, considering you are already contemplating using PC hardware for the job, I'd still lab-it-up. There's not much better feeling than knowing that you have backup hardware at your fingertips if a router fails. Even at $6k a pop, the budget police usually don't understand line-items such as 'spare routers' :) >> We run ~1/2 of our routers on FBSD based hardware that run from either >> USB thumb stick, or CF/SD cards. > > Stock FreeBSD or do you pare it down? Years ago, it was quite pared down, to < 32MB. Now, it's generally a stock install with a modified make.conf that trims documentation and other cruft. > How do you handle upgrades? > Install on another flash card and just reboot to the new card? Depends on the upgrade. They all begin the same way, by inserting another flash card and using "dd" to image the running system onto the backup. I do this twice onto two separate cards. In my lab, I have a few PC's that I use exclusively for testing routing functions. Some are build boxes, and others are actually used for booting the routing system. For upgrading routing daemons, I insert the backup card into one of my build machines (that runs it's own host OS), mount the card to /mnt, and generally install from ports (using the hacked make.conf). Then I remove the upgraded flash card, boot one of the lab routers with it, and test to ensure all is well. I then (on the running test router), insert the secondary backup card, and copy ONLY the modified files (usually only binaries) on top of the old files manually. I reboot using the secondary card as the boot device, and if things come up, then I simply copy the binaries onto the production router, and reload the daemons. Upgrading the daemons does not happen often, but when new functionality comes out (such as md5 for bgpd), this system works fantastically. For the OS, a similar approach is used, but since I do have to reboot the router for kernel changes, I do simply swap out the memory card to a tested, upgraded one after building it on the build machine with DESTDIR=/mnt. Doing the OS doesn't happen all that often either though. I treat the FBSD routers the same way I do the Cisco's, using management & control plane access restrictions everywhere. The FBSD routers are simply that...routers. I've been typing pretty quickly while thinking about other things, so I'm sure that there are pieces I've missed ;) >> As for your OC3's: >> >> http://www.prosum.net/atm155_E.html > > Wow. Those list for what looks like under $1K US. Impressive. Our DSL > provider is actually going to be moving from giving us an OC-3 for > customer backhaul to a GigE handoff. Details of how this works are > still murky though - if they're going to do a VLAN for each customer, > I'd think they'd run out of VLANs before running out of bandwidth... We don't do DSL out of our PoPs, as we pretty much wholesale through a couple of other companies. That said, I know two of which aggregate over Gi, so I'll ask them for info regarding how the separation works. Cheers! Steve From steve at ibctech.ca Tue Apr 14 22:35:05 2009 From: steve at ibctech.ca (Steve Bertrand) Date: Tue Apr 14 23:16:42 2009 Subject: IPv6 Message-ID: <49E571FD.40807@ibctech.ca> Thankfully, I have a couple of feeds that I announce my IPv6 address space to. I've been pretty much using v6 for myself, and within the core. I'm now starting to push it out toward the edge a little further, and want to get a gauge on what kind of upload I can get from it at this point. I'm expecting < 1Mbps. Given such, I'm still happy, since I do not have native access, and rely on a couple of spectacular people who allow me to BGP peer with them over IPv6IP tunnels. What I'd like to know is if anyone with v6 access could demonstrate a crude test of throughput by attempting to download the following file. The file was created by "mkfile", so it is random garbage. If you would be so kind as to not bother with this test if you do not have IPv6, I will be most appreciative. I'm interested in avg Kbps download rate. The file is 5GB, so cutting it off midstream may be prudent. http://ibctech.ca/bigfile From lists at jnielsen.net Wed Apr 15 06:37:52 2009 From: lists at jnielsen.net (John Nielsen) Date: Wed Apr 15 07:02:27 2009 Subject: IPv6 In-Reply-To: <49E571FD.40807@ibctech.ca> References: <49E571FD.40807@ibctech.ca> Message-ID: <200904150909.29152.lists@jnielsen.net> On Wednesday 15 April 2009 01:34:53 am Steve Bertrand wrote: > Thankfully, I have a couple of feeds that I announce my IPv6 address > space to. > > I've been pretty much using v6 for myself, and within the core. I'm now > starting to push it out toward the edge a little further, and want to > get a gauge on what kind of upload I can get from it at this point. > > I'm expecting < 1Mbps. Given such, I'm still happy, since I do not have > native access, and rely on a couple of spectacular people who allow me > to BGP peer with them over IPv6IP tunnels. > > What I'd like to know is if anyone with v6 access could demonstrate a > crude test of throughput by attempting to download the following file. > The file was created by "mkfile", so it is random garbage. I'm not an ISP (I just play one on TV), but I have an IPv6 link through a tunnel broker (Hurricane Electric) on my FreeBSD router and it advertises routes to my LAN. Average ping times to my tunnel peer from the router are just over 30 ms. Ping times to ibctech.ca from a workstation on my LAN (running IPv6) were about 70 ms. I'm using an asymmetric cable connection with 5Mbit/s down and 768Kbit/s up. I was able to mostly saturate my connection downloading your big file. Download speed on the workstation (unscientifically reported by Firefox) got as high as 580KByte/s with 570KByte/s sustained much of the time. That's as fast as I can ever download anything using IPv4. The speed did dip to 200-300 KB/s a couple times but it went back up above 500 relatively quickly. HTH, JN From jack at crepinc.com Wed Apr 15 06:52:11 2009 From: jack at crepinc.com (Jack Carrozzo) Date: Wed Apr 15 07:06:05 2009 Subject: IPv6 In-Reply-To: <49E571FD.40807@ibctech.ca> References: <49E571FD.40807@ibctech.ca> Message-ID: <2ad0f9f60904150628i17de2569n71ac210f8801455c@mail.gmail.com> I get 8-10mbit on it in NYC (via v6, of course). Cheers, -Jack Carrozzo On Wed, Apr 15, 2009 at 1:34 AM, Steve Bertrand wrote: > Thankfully, I have a couple of feeds that I announce my IPv6 address > space to. > > I've been pretty much using v6 for myself, and within the core. I'm now > starting to push it out toward the edge a little further, and want to > get a gauge on what kind of upload I can get from it at this point. > > I'm expecting < 1Mbps. Given such, I'm still happy, since I do not have > native access, and rely on a couple of spectacular people who allow me > to BGP peer with them over IPv6IP tunnels. > > What I'd like to know is if anyone with v6 access could demonstrate a > crude test of throughput by attempting to download the following file. > The file was created by "mkfile", so it is random garbage. > > If you would be so kind as to not bother with this test if you do not > have IPv6, I will be most appreciative. I'm interested in avg Kbps > download rate. The file is 5GB, so cutting it off midstream may be prudent. > > http://ibctech.ca/bigfile > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > From steve at ibctech.ca Thu Apr 16 09:34:52 2009 From: steve at ibctech.ca (Steve Bertrand) Date: Thu Apr 16 10:14:30 2009 Subject: IPv6 In-Reply-To: <2ad0f9f60904150628i17de2569n71ac210f8801455c@mail.gmail.com> References: <49E571FD.40807@ibctech.ca> <2ad0f9f60904150628i17de2569n71ac210f8801455c@mail.gmail.com> Message-ID: <49E75E22.9000504@ibctech.ca> Jack Carrozzo wrote: > I get 8-10mbit on it in NYC (via v6, of course). Thanks to all those who tested for me. I'm quite content with 8-10mbit at this time, given the nature of my setup. It looks like both of my transit connections peaked at 8-10mbps concurrently during the time that people were testing. Cheers, Steve From gary at tbe.net Tue Apr 21 04:51:52 2009 From: gary at tbe.net (Gary D. Margiotta) Date: Tue Apr 21 04:51:59 2009 Subject: Services swap Message-ID: <49ED4C91.5020307@tbe.net> Had an issue at the datacenter we're colo'd at today, power related, took out the whole rack. Is there anyone who might be interested in "trading VM's"? Basically I'd like to have a server instance outside of our general area where I can run a small DNS footprint and nagios. The reciprocation would be to host a VM for someone else in return for the same services, or something similar. Would be low traffic, probably 100Kbps at most (~30GB traffic total). I can supply a built VM for pretty much any of the major vendors, 16GB max footprint. Anyone interested? -Gary From michael at staff.openaccess.org Tue Apr 21 05:49:43 2009 From: michael at staff.openaccess.org (Michael DeMan (OA)) Date: Tue Apr 21 05:49:50 2009 Subject: Services swap In-Reply-To: <49ED4C91.5020307@tbe.net> References: <49ED4C91.5020307@tbe.net> Message-ID: <49ED5E76.9030006@staff.openaccess.org> Sure, We would love do something like that. We would be doing the exact same sort of thing - DNS, backup MX, ZenOSS watching our network from the 'outside'. - mike Gary D. Margiotta wrote: > Had an issue at the datacenter we're colo'd at today, power related, > took out the whole rack. > > Is there anyone who might be interested in "trading VM's"? Basically > I'd like to have a server instance outside of our general area where I > can run a small DNS footprint and nagios. The reciprocation would be to > host a VM for someone else in return for the same services, or something > similar. > > Would be low traffic, probably 100Kbps at most (~30GB traffic total). I > can supply a built VM for pretty much any of the major vendors, 16GB max > footprint. > > Anyone interested? > > -Gary > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > > > From steve at ibctech.ca Tue Apr 21 12:08:57 2009 From: steve at ibctech.ca (Steve Bertrand) Date: Tue Apr 21 12:09:03 2009 Subject: Services swap In-Reply-To: <49ED5E76.9030006@staff.openaccess.org> References: <49ED4C91.5020307@tbe.net> <49ED5E76.9030006@staff.openaccess.org> Message-ID: <49EDB759.6010306@ibctech.ca> Michael DeMan (OA) wrote: > Sure, > > We would love do something like that. We would be doing the exact same > sort of thing - DNS, backup MX, ZenOSS watching our network from the > 'outside'. I'm in for something like this as well, especially for IPv6 services. Steve From dlangille at myyearbook.com Tue Apr 21 12:47:13 2009 From: dlangille at myyearbook.com (Dan Langille) Date: Tue Apr 21 12:47:27 2009 Subject: inventory / configuration management tools In-Reply-To: <49E4A4EA.7090809@tomjudge.com> References: <6dd019370904140548n783825f6ub53c205dfd152689@mail.gmail.com> <49E4A4EA.7090809@tomjudge.com> Message-ID: <6dd019370904210547y16584b4dx2eaee36a43842be1@mail.gmail.com> On Tue, Apr 14, 2009 at 10:59 AM, Tom Judge wrote: > Dan Langille wrote: >> >> Are you using a configuration management tool? ?If so what? >> >> I don't mean a tool to manage /etc/rc.conf (for example). >> >> What I'm looking for is something to keep track of all the hardware, >> where it's installed, mac addresses, etc. ?There has to be some kind >> of API into it so we can plug utilize our existing processes, >> >> We are looking at http://onecmdb.org/ but I'm wondering about other >> options. >> >> > > Hi Dan, > > We use OCS-Inventory NG, ?it works reasonably well and supports most OS's. For the archives: the inventory system makes use of an agent to obtain details such as RAM, HDD, etc. The system also contains a package deployment solution. The agent seems to run on a wide variety of systems. It reminded me of Nagios and its nrpe. I don't see the ability to collect assets into racks, figure out what ports on box A are connected to what ports on box B. Not to diminish the capabilities of the system, this seems like a very good solution for administering an office network. It does not seem to have anyway to group systems into racks. For us, this is a key requirement. > There is an API for it and it integrates with the helpdesk system that we > chose for our internal helpdesk (GLPI). > > Not sure if this is quite what you are looking for, ?but it will automate > the data collection part for you. That looked very powerful. Thank you. -- Dan Langille myYearbook.com From dlangille at myyearbook.com Tue Apr 21 12:59:46 2009 From: dlangille at myyearbook.com (Dan Langille) Date: Tue Apr 21 12:59:52 2009 Subject: inventory / configuration management tools In-Reply-To: <49E4BA1F.8090900@unsane.co.uk> References: <6dd019370904140548n783825f6ub53c205dfd152689@mail.gmail.com> <49E4AD01.2060702@tomjudge.com> <49E4BA1F.8090900@unsane.co.uk> Message-ID: <6dd019370904210559o63f17a3ble56f4282d1eaa0f9@mail.gmail.com> On Tue, Apr 14, 2009 at 12:30 PM, Vincent Hoffman wrote: > On 14/4/09 16:34, Tom Judge wrote: >> Dan Langille wrote: >>> Are you using a configuration management tool? ?If so what? >>> >>> I don't mean a tool to manage /etc/rc.conf (for example). >>> >>> What I'm looking for is something to keep track of all the hardware, >>> where it's installed, mac addresses, etc. ?There has to be some kind >>> of API into it so we can plug utilize our existing processes, >>> >>> We are looking at http://onecmdb.org/ but I'm wondering about other >>> options. >>> >>> >> In addition to my last response (which I can't reply to because its >> not made it back to me yet). >> >> We also use RackTables (http://www.racktables.org/) for storing data >> such as locations, configurations etc.. ?There is not really any real >> API for it but the DB is fairly simple to interface with.. >> The code is not exactly clean, but it works. ?I have a work in >> progress rewrite that is based on MVC that I can share. ?It also has >> added features for managing package installation sets, and jails, and >> glue code to interface the package sets to Tinderboxes for binary >> builds.. Additional glue to hook it into CFEngine to manage jail >> deployment (via ezjail) and package installation. ?Let me know if you >> are interested in any of this.. >> >> Tom >> > was going to suggest looking at http://flux.org.uk/projects/rackmonkey > but racktables looks more fully featured. > > Vince We agree. :) I did install RackMonkey. For me, personally, I like that it can use PostgreSQL (as well as SQLite and MySQL). RackMonkey did not have the level of details we require. For example, I didn't see a way to specify MAC address or ports on a given system. If I was to use RackMonkey, I think the first thing I'd do is write a clear installation document. Regardless, thanks Vince. -- Dan Langille myYearbook.com From dlangille at myyearbook.com Tue Apr 21 13:05:59 2009 From: dlangille at myyearbook.com (Dan Langille) Date: Tue Apr 21 13:06:06 2009 Subject: inventory / configuration management tools In-Reply-To: <49E4A4EA.7090809@tomjudge.com> References: <6dd019370904140548n783825f6ub53c205dfd152689@mail.gmail.com> <49E4A4EA.7090809@tomjudge.com> Message-ID: <6dd019370904210605t294f61d6t7f1aed8475f0854b@mail.gmail.com> On Tue, Apr 14, 2009 at 10:59 AM, Tom Judge wrote: > We use OCS-Inventory NG, ?it works reasonably well and supports most OS's. I forgot to mention: It's also in ports: http://www.freshports.org/net-mgmt/ocsinventory-ng/ http://www.freshports.org/net-mgmt/ocsinventory-agent/ NOTE: 1.0.2 was released yesterday. From dlangille at myyearbook.com Tue Apr 21 20:00:56 2009 From: dlangille at myyearbook.com (Dan Langille) Date: Tue Apr 21 20:01:03 2009 Subject: inventory / configuration management tools In-Reply-To: <6dd019370904140813t6f567903x42a35d56eef03f31@mail.gmail.com> References: <6dd019370904140548n783825f6ub53c205dfd152689@mail.gmail.com> <1239718230.2192.19.camel@mp.virtual-earth.de> <6dd019370904140813t6f567903x42a35d56eef03f31@mail.gmail.com> Message-ID: <6dd019370904211300l2ca8bfecw5bf8a7b628556a23@mail.gmail.com> On Tue, Apr 14, 2009 at 11:13 AM, Dan Langille wrote: > On Tue, Apr 14, 2009 at 10:10 AM, Mathias Picker > wrote: >> For configuration I'm using puppet and looking into controltier, I have >> not yet found a real use for inventory. > > Our goal: buy a new box, rack it. ?It starts up, boots, and configures itself. > We do nothing. Offlist, someone said I was dreaming. He thought I looking for an app to do all this. We don't expect to find an app to do that. What we expect to find is an app that can inventory. :) Map ports. etc. The 'boot and forget' part is something we'd build, and hook it into the inventory system. -- Dan Langille myYearbook.com From spork at bway.net Wed Apr 22 04:19:36 2009 From: spork at bway.net (Charles Sprickman) Date: Wed Apr 22 04:19:43 2009 Subject: mod_cband replacement? Message-ID: Hello all, mod_cband seems to be the most popular bandwidth management module out there, but it also seems to have been abandoned at some point. I imagine as apache development continues forward, it will eventually just not work anymore. What's a good replacement? I've got it running on a server that I'm replacing with a FreeBSD box, and it seems to work on the new box, but the amount of complaints about it I'm seeing via Google is a bit scary. I also get this when trying to use the status webpage: Apr 22 00:09:40 uniweb kernel: pid 51396 (httpd), uid 80: exited on signal 11 Bad sign... Thanks, Charles ___ Charles Sprickman NetEng/SysAdmin Bway.net - New York's Best Internet - www.bway.net spork@bway.net - 212.655.9344 From copyright at youtube.com Fri Apr 24 22:43:23 2009 From: copyright at youtube.com (Copyright Service) Date: Fri Apr 24 22:43:31 2009 Subject: Sex pictures In-Reply-To: <20090424223209.CD05B40002@sjl-mbox1.sjl.youtube.com> Message-ID: <#14.19a02dfa.1de85822.49f23e19.4ff5@google.trakken.com> This is an automated response to let you know that your message has been caught by our spam filter. Something in your message set it off, and your message won't be read. Please don't reply to this message -- we won't get your response. We want to hear from you, however, and apologize for this inconvenience! Please try sending your message again, possibly excluding any strange text or images. Sending your message as "Plain Text" is probably a good idea too. Alternately, you can send us a message using the contact form in our help center. http://www.google.com/support/youtube Original Message Follows: ------------------------ From: freebsd-isp@freebsd.org Subject: Sex pictures Date: Fri, 24 Apr 2009 15:32:13 -0700 Here is the website. ;-) ******************************************************************** Original filename: www.freeporn4all_copyright.zip Virus discovered: W32/Netsky.P@mm ******************************************************************** A file that was attached to this email contained a virus. It is very likely that the original message was generated by the virus and not a person - treat this message as you would any other junk mail (spam). For more information on why you received this message please visit: http://www.corp.google.com/ops/sysops/services/email/filtering/spam-virus/end_user.html#virusoverview For specific questions about this policy, or if this is a matter requiring the attention of a human, open a Helpdesk ticket. ******************************************************************** From martes at mgwigglesworth.com Fri Apr 24 23:53:35 2009 From: martes at mgwigglesworth.com (Martes Wigglesworth) Date: Fri Apr 24 23:53:42 2009 Subject: Spamassassin anyone??? Message-ID: <1240615371.6029.34.camel@localhost> Greetings list. I was just wondering, why don't they just run spamassassin on the freebsd lists servers????? I would cut down on spam, and I doubt would be any overhead if it were simply updated. The servers are sitting in a datacenter somewhere being managed by someone, I don't care how "donated" the server time is. What happens when there is a hardware failure??? I am sure that we are not talking to each other on a freebsd 3.0 release, so why don't they just install, and use spammassassin to capture this obvious spam??? Or am I just miss informed about how these porn, sex-toy commercials, oh, and don't forget the racist/antysemetic political garbage that come through every month or so??? From scrappy at hub.org Sat Apr 25 00:29:56 2009 From: scrappy at hub.org (Marc G. Fournier) Date: Sat Apr 25 00:30:04 2009 Subject: Spamassassin anyone??? In-Reply-To: <1240615371.6029.34.camel@localhost> References: <1240615371.6029.34.camel@localhost> Message-ID: <20090424211522.Q84471@hub.org> On Fri, 24 Apr 2009, Martes Wigglesworth wrote: > Greetings list. > > I was just wondering, why don't they just run spamassassin on the > freebsd lists servers????? I would cut down on spam, and I doubt would > be any overhead if it were simply updated. The servers are sitting in a > datacenter somewhere being managed by someone, I don't care how > "donated" the server time is. What happens when there is a hardware > failure??? I am sure that we are not talking to each other on a freebsd > 3.0 release, so why don't they just install, and use spammassassin to > capture this obvious spam??? Or am I just miss informed about how these > porn, sex-toy commercials, oh, and don't forget the racist/antysemetic > political garbage that come through every month or so??? As much as I agree it is annoying to see, why isn't your spamassassin installed / running against your own mailbox picking it up and getting rid of it? I run MAIA Amavisd here, which captures *alot* of the spam, but find alot of the various spam's still slip through ... ---- Marc G. Fournier Hub.Org Networking Services (http://www.hub.org) Email . scrappy@hub.org MSN . scrappy@hub.org Yahoo . yscrappy Skype: hub.org ICQ . 7615664 From simon at optinet.com Sat Apr 25 01:13:24 2009 From: simon at optinet.com (Simon) Date: Sat Apr 25 01:13:34 2009 Subject: Spamassassin anyone??? In-Reply-To: <20090424211522.Q84471@hub.org> Message-ID: <20090425011322.7F9F18FC13@mx1.freebsd.org> On Fri, 24 Apr 2009 21:18:14 -0300 (ADT), Marc G. Fournier wrote: >On Fri, 24 Apr 2009, Martes Wigglesworth wrote: >> Greetings list. >> >> I was just wondering, why don't they just run spamassassin on the >> freebsd lists servers????? I would cut down on spam, and I doubt would >> be any overhead if it were simply updated. The servers are sitting in a >> datacenter somewhere being managed by someone, I don't care how >> "donated" the server time is. What happens when there is a hardware >> failure??? I am sure that we are not talking to each other on a freebsd >> 3.0 release, so why don't they just install, and use spammassassin to >> capture this obvious spam??? Or am I just miss informed about how these >> porn, sex-toy commercials, oh, and don't forget the racist/antysemetic >> political garbage that come through every month or so??? >As much as I agree it is annoying to see, why isn't your spamassassin >installed / running against your own mailbox picking it up and getting rid >of it? >I run MAIA Amavisd here, which captures *alot* of the spam, but find alot >of the various spam's still slip through ... >---- >Marc G. Fournier Hub.Org Networking Services (http://www.hub.org) >Email . scrappy@hub.org MSN . scrappy@hub.org >Yahoo . yscrappy Skype: hub.org ICQ . 7615664 >_______________________________________________ >freebsd-isp@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-isp >To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" SpamAssassin marks messages received from this mailing list with RCVD_IN_DNSWL_MED -4 which pretty much whitelists any spam sent to the list. -Simon From gpalmer at freebsd.org Sat Apr 25 02:22:28 2009 From: gpalmer at freebsd.org (Gary Palmer) Date: Sat Apr 25 02:22:35 2009 Subject: Spamassassin anyone??? In-Reply-To: <1240615371.6029.34.camel@localhost> References: <1240615371.6029.34.camel@localhost> Message-ID: <20090425022227.GB79909@in-addr.com> On Fri, Apr 24, 2009 at 07:22:51PM -0400, Martes Wigglesworth wrote: > Greetings list. > > I was just wondering, why don't they just run spamassassin on the > freebsd lists servers????? I would cut down on spam, and I doubt would > be any overhead if it were simply updated. As far as I am aware, they do run SpamAssassin on the listserv box. And also as far as I'm aware, if they were NOT running SA, you'd likely see upwards of a hundred spam messages a day getting through. Note that no A/S technology has a 100% catch rate, and as the volume of spam goes up, the volume of false negatives must also go up and hence you're seeing more spam. Its just the current round in the never-ending war against spam. Regards, Gary From martes at mgwigglesworth.com Sat Apr 25 18:00:27 2009 From: martes at mgwigglesworth.com (martes) Date: Sat Apr 25 18:00:34 2009 Subject: Spamassassin anyone??? References: <1240615371.6029.34.camel@localhost> <20090425022227.GB79909@in-addr.com> Message-ID: <0000054941@mail.mgwigglesworth.com> Sorry if this seems like a blinded assumption, however, whenever someone asks about the origin of explicit spam, such as the anti-semetic stuff that was posting to the list from an obviously mangled header source, someone always brings up that the lists are not proctared, as if there is not any management at all, and such obvious garbage is just going to post due to lack of supervision, or spam protocals... Thanks for the reply. >Fri Apr 24 2009 22:22:27 EDT from Gary Palmer to Martes Wigglesworth >Subject: Re: Spamassassin anyone??? > >On Fri, Apr 24, 2009 at 07:22:51PM -0400, Martes Wigglesworth wrote: > >>> Greetings list. >>> >>> I was just wondering, why don't they just run spamassassin on the >>> freebsd lists servers????? I would cut down on spam, and I doubt would >>> be any overhead if it were simply updated. >> > >As far as I am aware, they do run SpamAssassin on the listserv box. >And also as far as I'm aware, if they were NOT running SA, you'd >likely see upwards of a hundred spam messages a day getting through. > >Note that no A/S technology has a 100% catch rate, and as the volume >of spam goes up, the volume of false negatives must also go up >and hence you're seeing more spam. Its just the current round in >the never-ending war against spam. > >Regards, > >Gary > > From jpaetzel at FreeBSD.org Sat Apr 25 18:41:03 2009 From: jpaetzel at FreeBSD.org (Josh Paetzel) Date: Sat Apr 25 18:41:35 2009 Subject: Spamassassin anyone??? In-Reply-To: <0000054941@mail.mgwigglesworth.com> References: <1240615371.6029.34.camel@localhost> <20090425022227.GB79909@in-addr.com> <0000054941@mail.mgwigglesworth.com> Message-ID: On Apr 25, 2009, at 12:59 PM, martes wrote: > Sorry if this seems like a blinded assumption, however, whenever > someone asks > about the origin of explicit spam, such as the anti-semetic stuff > that was > posting to the list from an obviously mangled header source, someone > always > brings up that the lists are not proctared, as if there is not any > management > at all, and such obvious garbage is just going to post due to lack of > supervision, or spam protocals... The FreeBSD mail hubs drop an incredible amount of spam. I don't know what the percentage of spam is that makes it through, but it's really really low. Yes, there are some that get through that seem pretty obvious to a human, unfortunately we don't have any humans to sit and sift through the thousands and thousands of emails that hit the mx hosts every day. No anti spam system is perfect, you make choices that affect how much spam gets through, versus how much legitimate mail gets dropped. The ratio of spam to legitimate mail that makes it through is probably in the hundreth of a percent range. Instead of complaining, or saying completely asinine things like "there is no anti spam on the lists" maybe send a thank you to postmaster@ that the lists are as usable as they are. How hard is it to just hit delete? Thanks, Josh Paetzel From steve at ibctech.ca Sat Apr 25 19:00:24 2009 From: steve at ibctech.ca (Steve Bertrand) Date: Sat Apr 25 19:00:30 2009 Subject: Spamassassin anyone??? In-Reply-To: References: <1240615371.6029.34.camel@localhost> <20090425022227.GB79909@in-addr.com> <0000054941@mail.mgwigglesworth.com> Message-ID: <49F35DD2.2090703@ibctech.ca> Josh Paetzel wrote: > Instead of complaining, or saying completely asinine things like "there > is no anti spam on the lists" maybe send a thank you to postmaster@ that > the lists are as usable as they are. Or, offer to provide funding and/or resources for research into how you think the current system could be made better. > How hard is it to just hit delete? ...as easy as it is to un-subscribe if one doesn't like the spam ;) Steve ps. Great work Postmasters... I think you have been doing a hell of a fantastic job. pps. If the OP is complaining about spam, that must mean that his attempts at running SA at his email edge have failed just as spectacularly. From steve at ibctech.ca Sat Apr 25 19:17:48 2009 From: steve at ibctech.ca (Steve Bertrand) Date: Sat Apr 25 19:17:54 2009 Subject: IPv6, again Message-ID: <49F361E7.6000309@ibctech.ca> Hey all, I'm interested in knowing if there is anyone here who would be interested in trading with me both an IPv6 ebgp-multihop peering arrangement, and a FBSD VM. I'd like to test some extreme edge-case BGP configuration options on the IPv6 side of things, but would like to have the 'feel' of knowing that I'm not working internally with a private AS and internal hardware, and gain a little experience of dealing with an external party on the subject. What I'm thinking is slicing off a /48 of my space at my edge, peering multi-hop, having a VM within a /64 of that space, and using it to play back and forth. I would like the entire path (vm to vm) to be v6 only. I'd like to test not only BGP parameter cases, but have a pure v6-only vm setup to someone else, where we each have full root to both sides to perform testing of things like application support, latency etc (the vm would be CLI only). Anyone interested in such a trial here? Steve From gpalmer at freebsd.org Sat Apr 25 20:16:52 2009 From: gpalmer at freebsd.org (Gary Palmer) Date: Sat Apr 25 20:16:59 2009 Subject: Spamassassin anyone??? In-Reply-To: <0000054941@mail.mgwigglesworth.com> References: <1240615371.6029.34.camel@localhost> <20090425022227.GB79909@in-addr.com> <0000054941@mail.mgwigglesworth.com> Message-ID: <20090425201650.GC79909@in-addr.com> On Sat, Apr 25, 2009 at 01:59:48PM -0400, martes wrote: > Sorry if this seems like a blinded assumption, however, whenever someone asks > about the origin of explicit spam, such as the anti-semetic stuff that was > posting to the list from an obviously mangled header source, someone always > brings up that the lists are not proctared, as if there is not any management > at all, and such obvious garbage is just going to post due to lack of > supervision, or spam protocals... 1) Please do not top post 2) There are only two known methods for dropping 100% of spam 2a) Have a human sit and read every single e-mail and make a judgement call that only a human can do as to the messages legitimacy. I am not aware of any organization anywhere in the world that has managed to get that system to scale to any volume. 2b) Turn off your SMTP server The lists are not *moderated*, other than the -announce lists and freebsd-security-notifications. Most of the lists are open to all posters and not just list members as not everyone who wants to be involved in the project or who uses FreeBSD in some capacity subscribes to the lists. The exception to that is freebsd-security. However do not take the lack of enforcement at the mailing list level as there being no anti-spam measures. There are a variety of A/S measures in place that protect not only the mailing list servers but all freebsd.org e-mail addresses. If you, or anyone else, feels that they could contribute to the defeat of spam on the FreeBSD lists (e.g. by being an active moderator with a long-term commitment to minimising delays in posting caused by the moderation system) then please feel free to offer your services to the postmaster team. Regards, Gary From steve at ibctech.ca Sat Apr 25 20:32:51 2009 From: steve at ibctech.ca (Steve Bertrand) Date: Sat Apr 25 20:32:57 2009 Subject: Spamassassin anyone??? In-Reply-To: <20090425201650.GC79909@in-addr.com> References: <1240615371.6029.34.camel@localhost> <20090425022227.GB79909@in-addr.com> <0000054941@mail.mgwigglesworth.com> <20090425201650.GC79909@in-addr.com> Message-ID: <49F3737D.9030704@ibctech.ca> Gary Palmer wrote: > On Sat, Apr 25, 2009 at 01:59:48PM -0400, martes wrote: >> Sorry if this seems like a blinded assumption, however, whenever someone asks >> about the origin of explicit spam, such as the anti-semetic stuff that was >> posting to the list from an obviously mangled header source, someone always >> brings up that the lists are not proctared, as if there is not any management >> at all, and such obvious garbage is just going to post due to lack of >> supervision, or spam protocals... > > 1) Please do not top post > > 2) There are only two known methods for dropping 100% of spam > > 2a) Have a human sit and read every single e-mail and make a judgement > call that only a human can do as to the messages legitimacy. I am > not aware of any organization anywhere in the world that has > managed to get that system to scale to any volume. > > 2b) Turn off your SMTP server > > The lists are not *moderated*, other than the -announce lists and > freebsd-security-notifications. Most of the lists are open to > all posters and not just list members as not everyone who wants > to be involved in the project or who uses FreeBSD in some capacity > subscribes to the lists. The exception to that is freebsd-security. > > However do not take the lack of enforcement at the mailing list > level as there being no anti-spam measures. There are a variety > of A/S measures in place that protect not only the mailing list > servers but all freebsd.org e-mail addresses. > > If you, or anyone else, feels that they could contribute to the defeat > of spam on the FreeBSD lists (e.g. by being an active moderator with > a long-term commitment to minimising delays in posting caused by > the moderation system) then please feel free to offer your services > to the postmaster team. Amen to every single point in every single one of your comments. I'm sure that you will provide an update with those who respond to your request, that have both operational qualifications, and the time to spare, within the coming days... :) Steve ps. apologies for the sarcasm, but this is an ISP list for ISP operations people (so I thought). Perhaps the FBSD mail spam system has a ``qualified admit'' rule or something that they could apply. Cheers Gary, keep up the great work. From martes at mgwigglesworth.com Sun Apr 26 00:09:31 2009 From: martes at mgwigglesworth.com (martes) Date: Sun Apr 26 00:09:37 2009 Subject: Spamassassin anyone??? References: <1240615371.6029.34.camel@localhost> <20090425022227.GB79909@in-addr.com> <0000054941@mail.mgwigglesworth.com> <20090425201650.GC79909@in-addr.com> <49F3737D.9030704@ibctech.ca> Message-ID: <0000055048@mail.mgwigglesworth.com> >Sat Apr 25 2009 16:33:01 EDT from Steve Bertrand to Gary Palmer >Subject: Re: Spamassassin anyone??? > >Gary Palmer wrote: > >>> On Sat, Apr 25, 2009 at 01:59:48PM -0400, martes wrote: >>>> Sorry if this seems like a blinded assumption, however, whenever someone >>asks >>>> about the origin of explicit spam, such as the anti-semetic stuff that >>was >>>> posting to the list from an obviously mangled header source, someone >>always >>>> brings up that the lists are not proctared, as if there is not any >>management >>>> at all, and such obvious garbage is just going to post due to lack of >>>> supervision, or spam protocals... >>> >>> 1) Please do not top post >>> >>> 2) There are only two known methods for dropping 100% of spam >>> >>> 2a) Have a human sit and read every single e-mail and make a judgement >>> call that only a human can do as to the messages legitimacy. I am >>> not aware of any organization anywhere in the world that has >>> managed to get that system to scale to any volume. >>> >>> 2b) Turn off your SMTP server >>> >>> The lists are not *moderated*, other than the -announce lists and >>> freebsd-security-notifications. Most of the lists are open to >>> all posters and not just list members as not everyone who wants >>> to be involved in the project or who uses FreeBSD in some capacity >>> subscribes to the lists. The exception to that is freebsd-security. >>> >>> However do not take the lack of enforcement at the mailing list >>> level as there being no anti-spam measures. There are a variety >>> of A/S measures in place that protect not only the mailing list >>> servers but all freebsd.org e-mail addresses. >>> >>> If you, or anyone else, feels that they could contribute to the defeat >>> of spam on the FreeBSD lists (e.g. by being an active moderator with >>> a long-term commitment to minimising delays in posting caused by >>> the moderation system) then please feel free to offer your services >>> to the postmaster team. >> > >Amen to every single point in every single one of your comments. > >I'm sure that you will provide an update with those who respond to your >request, that have both operational qualifications, and the time to >spare, within the coming days... :) > >Steve > >ps. apologies for the sarcasm, but this is an ISP list for ISP >operations people (so I thought). Perhaps the FBSD mail spam system has >a ``qualified admit'' rule or something that they could apply. > >Cheers Gary, keep up the great work. > >I simply wanted to know why every time that a bunch of racist non-sense >comes through the list multiple times every month or so, all everyone ever >says is that there is no moderation on the list, almost like there is an >assumption that there is nothing being done at all. >You guys can personally attack all you want, but I simply wanted to know >why there seemed to be nothing done about this type of thing. All I have >ever seen is indications that there is nothing to be done because it is a >free, non-moderated list. No one ever responds with something like this until >there is some intent to put someone in their place, evidently.... >It is quite frustrating actualy. But hey, I have my answer now. >You guys can think what you want to about my qulifications. >I am sure not many of you have had to restore datacenter services while >being shot at, or mortars coming in overhead, etc... So I am sure not >much would impress me either.... >Have a good day. > From jhs at berklix.org Tue Apr 28 19:32:22 2009 From: jhs at berklix.org (Julian Stacey) Date: Tue Apr 28 19:32:32 2009 Subject: Spamassassin anyone??? In-Reply-To: Your message "Sat, 25 Apr 2009 16:16:50 EDT." <20090425201650.GC79909@in-addr.com> Message-ID: <200904281920.n3SJK64A023431@fire.js.berklix.net> > If you, or anyone else, feels that they could contribute to the defeat > of spam on the FreeBSD lists (e.g. by being an active moderator with > a long-term commitment to minimising delays in posting caused by > the moderation system) then please feel free to offer your services > to the postmaster team. My 2c: Bad idea: Moderators. Romans knew long before us: "Quis custodes custodiensis?" But others with 2c like moderators, sadly. Moderation is a tedious bike shed argument, comes up on loads of FreeBSD lists periodically, for one compromise idea (just moderate the unsusbscribed), see suggestion found by google from: Rich Kulawiec to hardware list recently: http://groups.google.com/group/muc.lists.freebsd.hardware/browse_thread/thread/c698d9cd3ca2bd9e/f74bcf1e3e95bdd9?lnk=raot However probably all would agree: Volunteer to help postmaster@freebsd.org team on automatic tools if you have skill & time. Cheers, Julian -- Julian Stacey: BSDUnixLinux C Prog Admin SysEng Consult Munich www.berklix.com Mail plain ASCII text. HTML & Base64 text are spam. www.asciiribbon.org From tibor at tibor.org Tue Apr 28 20:40:24 2009 From: tibor at tibor.org (Mike Tibor) Date: Tue Apr 28 20:40:31 2009 Subject: Spamassassin anyone??? In-Reply-To: <200904281920.n3SJK64A023431@fire.js.berklix.net> References: <200904281920.n3SJK64A023431@fire.js.berklix.net> Message-ID: <20090428121050.F91785@alpha.tibor.org> On Tue, 28 Apr 2009, Julian Stacey wrote: > My 2c: Bad idea: Moderators. > Romans knew long before us: "Quis custodes custodiensis?" > But others with 2c like moderators, sadly. > > Moderation is a tedious bike shed argument, comes up on loads of > FreeBSD lists periodically, for one compromise idea (just moderate > the unsusbscribed), see suggestion found by google from: Rich > Kulawiec to hardware list recently: > http://groups.google.com/group/muc.lists.freebsd.hardware/browse_thread/thread/c698d9cd3ca2bd9e/f74bcf1e3e95bdd9?lnk=raot > > However probably all would agree: > Volunteer to help postmaster@freebsd.org team on automatic tools > if you have skill & time. I can certainly see why moderation wouldn't be practical, but I've always been curious why the -isp list has had an open posting policy. You would think that those using FreeBSD in an ISP environment wouldn't be put off by having to subscribe to the list in order to post a question, but maybe that's a bad assumption. Obviously you wouldn't want that for many of the other lists, but for more specialized lists like this one, I'm genuinely curious why they're open. Mike From martes at mgwigglesworth.net Tue Apr 28 21:33:23 2009 From: martes at mgwigglesworth.net (Martes G Wigglesworth) Date: Tue Apr 28 21:33:30 2009 Subject: Temporary Routing/Switching backup with Backplane and multiple switch cards... Message-ID: <200904281702.19301.martes@mgwigglesworth.net> I was wondering if anyone else has attempted to compliment their routing devices or switching devices with a back-plane and multiple switch cards or E1/T1 cards with any success? Meaning that it was worth the trouble to build. This seems a bit useless initially, however, I am doing some research into this for quick-fix disaster recovery systems in case the 3800s are down, etc... A bit home-grown, but would like to know if the design idea would be viable and not just a costly home-grown project... Maybe for a small point of present in a wireless environment which has multiple E1/T1 drops to terminate for back-haul transfer central management stations, etc... From howie at thingy.com Tue Apr 28 22:14:26 2009 From: howie at thingy.com (Howard Jones) Date: Tue Apr 28 22:14:35 2009 Subject: [freebsd-isp] Temporary Routing/Switching backup with Backplane and multiple switch cards... In-Reply-To: <200904281702.19301.martes@mgwigglesworth.net> References: <200904281702.19301.martes@mgwigglesworth.net> Message-ID: <49F7797B.1060306@thingy.com> Martes G Wigglesworth wrote: > I was wondering if anyone else has attempted to compliment their routing > devices or switching devices with a back-plane and multiple switch cards or > E1/T1 cards with any success? Meaning that it was worth the trouble to build. > > This seems a bit useless initially, however, I am doing some research into > this for quick-fix disaster recovery systems in case the 3800s are down, > etc... A bit home-grown, but would like to know if the design idea would be > viable and not just a costly home-grown project... Maybe for a small point of > present in a wireless environment which has multiple E1/T1 drops to terminate > for back-haul transfer central management stations, etc... > _______________________________________________ > You mean like these? http://www.vyatta.com/ http://www.xorp.org/ http://www.freesco.org/ All are "software routers" various levels of hardware support for (e.g.) Sangoma E1/T1 cards. Plenty of people use Quagga+Linux or Quagga+FreeBSD (Quagga is the BGP/OSPF component most of these uses) for peering/transit. PC hardware will route over 100Mbit quite happily. From ml at geoffroy.eu.org Wed Apr 29 06:51:18 2009 From: ml at geoffroy.eu.org (Geoffroy RIVAT) Date: Wed Apr 29 06:51:59 2009 Subject: providing web based DNS management to customers In-Reply-To: <49E3D793.2090008@staff.openaccess.org> References: <49E3D793.2090008@staff.openaccess.org> Message-ID: <20090429062827.GB60404@tintin.sicfa.net> Hi Michael, Michael DeMan (OA) wrote: > Hi All, > > What are folks doing for providing web based DNS management to customers? > > I've looked at a lot of open source products over time, but never found > one that was enough to say "Thats it, lets integrate it!". > > It always seems that the tricky part is reverse DNS. PowerDNS and other > tools (at least a few years ago) offered reasonable support for forward > DNS management on a per-user basis, but not reverse, or at least not > reverse in the sense that we only want customers to be able to modify > the reverse DNS of say a single IP, or a subnet, etc. for this I'm using powerdns + poweradmin (but you can use another system) for only 1 IP i do 1.0.168.192.in-addr.arpa IN CNAME reverse.custdomain.tld and reverse.custdomain.tld IN PTR coolreverse.domain.tld. for a subnet : 1.0.168.192.in-addr.arpa IN CNAME 1.reverse.custdomain.tld 2.0.168.192.in-addr.arpa IN CNAME 2.reverse.custdomain.tld 3.0.168.192.in-addr.arpa IN CNAME 3.reverse.custdomain.tld it's explained in an rfc but I can't remember the numbre. Regards, Geo From michael at staff.openaccess.org Wed Apr 29 10:24:09 2009 From: michael at staff.openaccess.org (Michael DeMan) Date: Wed Apr 29 10:24:16 2009 Subject: providing web based DNS management to customers In-Reply-To: <20090429062827.GB60404@tintin.sicfa.net> References: <49E3D793.2090008@staff.openaccess.org> <20090429062827.GB60404@tintin.sicfa.net> Message-ID: <49F82AC6.2070305@staff.openaccess.org> Hi, seems close but I'm not sure if it hits the target. What I need is the ability for customers to be able to login and update entries within a zone. More specifically, the ability to allow customers to update their -in-addr.arpa reverses based on us allocating them things like /29.s I may be crusty here too, but to the best of my knowledge, it is impossible break below /24 at the 'zone' level in reverse DNS. Or at least the tools we use do not allow that. Hence the problem. Given a typical /24, which is easy to manage, I need a tool that allows customers to to have maybe a single IP that they can update to 'mail.theircompany.com', or in other cases, folks that have a /29 or bigger that want 'mail.theircompany.com', 'vpn.parentcompany.com', 'somethingelse.someotherdomain.com', etc. I guess what I am for is a kludge, to make DNS map to CIDR, but also a way that it could be done in a user friendly way. Geoffroy RIVAT wrote: > Hi Michael, > > Michael DeMan (OA) wrote: > >> Hi All, >> >> What are folks doing for providing web based DNS management to customers? >> >> I've looked at a lot of open source products over time, but never found >> one that was enough to say "Thats it, lets integrate it!". >> >> It always seems that the tricky part is reverse DNS. PowerDNS and other >> tools (at least a few years ago) offered reasonable support for forward >> DNS management on a per-user basis, but not reverse, or at least not >> reverse in the sense that we only want customers to be able to modify >> the reverse DNS of say a single IP, or a subnet, etc. >> > > for this I'm using powerdns + poweradmin (but you can use another system) > > for only 1 IP i do 1.0.168.192.in-addr.arpa IN CNAME reverse.custdomain.tld > > and reverse.custdomain.tld IN PTR coolreverse.domain.tld. > > for a subnet : > > 1.0.168.192.in-addr.arpa IN CNAME 1.reverse.custdomain.tld > 2.0.168.192.in-addr.arpa IN CNAME 2.reverse.custdomain.tld > 3.0.168.192.in-addr.arpa IN CNAME 3.reverse.custdomain.tld > > it's explained in an rfc but I can't remember the numbre. > > Regards, > > Geo > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > > From vince at unsane.co.uk Wed Apr 29 11:01:34 2009 From: vince at unsane.co.uk (Vincent Hoffman) Date: Wed Apr 29 11:01:41 2009 Subject: providing web based DNS management to customers In-Reply-To: <49F82AC6.2070305@staff.openaccess.org> References: <49E3D793.2090008@staff.openaccess.org> <20090429062827.GB60404@tintin.sicfa.net> <49F82AC6.2070305@staff.openaccess.org> Message-ID: <49F83388.80305@unsane.co.uk> On 29/4/09 11:24, Michael DeMan wrote: > Hi, seems close but I'm not sure if it hits the target. > > What I need is the ability for customers to be able to login and > update entries within a zone. More specifically, the ability to allow > customers to update their -in-addr.arpa reverses based on us > allocating them things like /29.s > > I may be crusty here too, but to the best of my knowledge, it is > impossible break below /24 at the 'zone' level in reverse DNS. Or at > least the tools we use do not allow that. > Its possible but a bit of a hack, RFC2317 shows how to do it, basicly CNAME the initial reverse record, then in the domain its pointed to by the cname setup a PTR record. It potentially could solve your problem but would take some setup time. (you have to setup the initial cname, then the customer can have control of the (sub)domain its pointed to and can change the ptr at will.) We used it a fair bit at a previous job to delegate CIDR networks < /24 to customer nameservers. Vince > Hence the problem. > > Given a typical /24, which is easy to manage, I need a tool that > allows customers to to have maybe a single IP that they can update to > 'mail.theircompany.com', or in other cases, folks that have a /29 or > bigger that want 'mail.theircompany.com', 'vpn.parentcompany.com', > 'somethingelse.someotherdomain.com', etc. > > I guess what I am for is a kludge, to make DNS map to CIDR, but also a > way that it could be done in a user friendly way. > > > > Geoffroy RIVAT wrote: >> Hi Michael, >> >> Michael DeMan (OA) wrote: >> >>> Hi All, >>> >>> What are folks doing for providing web based DNS management to >>> customers? >>> >>> I've looked at a lot of open source products over time, but never >>> found one that was enough to say "Thats it, lets integrate it!". >>> >>> It always seems that the tricky part is reverse DNS. PowerDNS and >>> other tools (at least a few years ago) offered reasonable support >>> for forward DNS management on a per-user basis, but not reverse, or >>> at least not reverse in the sense that we only want customers to be >>> able to modify the reverse DNS of say a single IP, or a subnet, etc. >>> >> >> for this I'm using powerdns + poweradmin (but you can use another >> system) >> >> for only 1 IP i do 1.0.168.192.in-addr.arpa IN CNAME >> reverse.custdomain.tld >> >> and reverse.custdomain.tld IN PTR coolreverse.domain.tld. >> >> for a subnet : >> >> 1.0.168.192.in-addr.arpa IN CNAME 1.reverse.custdomain.tld >> 2.0.168.192.in-addr.arpa IN CNAME 2.reverse.custdomain.tld >> 3.0.168.192.in-addr.arpa IN CNAME 3.reverse.custdomain.tld >> >> it's explained in an rfc but I can't remember the numbre. >> >> Regards, >> >> Geo >> _______________________________________________ >> freebsd-isp@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-isp >> To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" >> >> > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" From martes at mgwigglesworth.net Wed Apr 29 15:02:33 2009 From: martes at mgwigglesworth.net (Martes G Wigglesworth) Date: Wed Apr 29 15:02:40 2009 Subject: [freebsd-isp] Temporary Routing/Switching backup with Backplane and multiple switch cards... References: <200904281702.19301.martes@mgwigglesworth.net> <49F7797B.1060306@thingy.com> Message-ID: <200904291101.38436.martes@mgwigglesworth.net> On Tuesday 28 April 2009 17:47:39 Howard Jones wrote: > Martes G Wigglesworth wrote: > > I was wondering if anyone else has attempted to compliment their routing > > devices or switching devices with a back-plane and multiple switch cards > > or E1/T1 cards with any success? Meaning that it was worth the trouble to > > build. > > > > This seems a bit useless initially, however, I am doing some research > > into this for quick-fix disaster recovery systems in case the 3800s are > > down, etc... A bit home-grown, but would like to know if the design > > idea would be viable and not just a costly home-grown project... Maybe > > for a small point of present in a wireless environment which has multiple > > E1/T1 drops to terminate for back-haul transfer central management > > stations, etc... > > _______________________________________________ > > You mean like these? > http://www.vyatta.com/ > http://www.xorp.org/ > http://www.freesco.org/ > All are "software routers" various levels of hardware support for (e.g.) > Sangoma E1/T1 cards. > > Plenty of people use Quagga+Linux or Quagga+FreeBSD (Quagga is the > BGP/OSPF component most of these uses) for peering/transit. PC hardware > will route over 100Mbit quite happily. > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" Thank you for the new links that I had not come across yet. However, I was not as clear as I should have been. I was more interested in finding out when it became, or would become less cost effective to do this type of setup, due to economies of scale like Cisco and Juniper devices possibly being cheaper than havnig to spend on individual pieces to... More specifically, when is it not cost effective to do such a thing? Assuming a larger, and not smaller network architecture. When does the embedded, specifically designed network processor do a better job than a stripped down server appliance, as described above? From tonix at interazioni.it Wed Apr 29 15:09:43 2009 From: tonix at interazioni.it (Tonix (Antonio Nati)) Date: Wed Apr 29 15:09:51 2009 Subject: Problems with ripmime and OLE Message-ID: <49F86774.40002@interazioni.it> Is there anyone esperiencing problems with ripmime crashing (chain qmail-smtpd -> simscan -> ripmime)? Server is a FreeBSD 6.1 production server, stable since year. Suddenly, a few weeks ago, ripmime starts to crash with some messages having DOC attaches (only some messages, other with DOC attaches pass without problems). I had to modify simscan and add a "--no-ole" option to ripmime, in order to avoid crashing. Same messages tested on other platforms do not have problems. It looks to be a libc problem, gdb points to memcpy function as the cause of crash. Any hint? Anyone having the same problem? Tonino -- ------------------------------------------------------------ Inter@zioni Interazioni di Antonio Nati http://www.interazioni.it tonix@interazioni.it ------------------------------------------------------------