[nycbug-talk] IPv6 NY-US Roll Call

[Miles Nordin]

>>>>> "jm" == Jeroen Massar <jeroen at unfix.org> writes:

    jm> I think they call it "slander" what you are trying to do, or
    jm> was it "libel"?

.....r...right.

    jm> Ever wondered where most CCC people get their IPv6 from? :)

CCCC is SixXS, but I think it is hard to run a server there because
they are trying so much to save power.  It's mostly just laptop
clients.  so I guess the server policy is no problem for them.  They
mentioned some problem with a ``tunnel points'' hoop they had to jump
through, but it sounded like they had it worked out.

Berlin is from Packbart I think?  some ISP-ish guy who runs a few
AS's?  I couldn't get a clear answer in Berlin.  I think they were
working on setting up some new things that were not finished.

The Congress gets dark fiber and collects transit from a bunch of
friendly ISP's from scratch every year, so I would expect one of the
peers throws in v6.

not sure what's going on in Hamburg, if they have v6 or not.  I wish
I'd asked.  They did have a workin ChaosPhone though!

most of the individuals I know use xs26, though, because they accept 
anyone, and it ``just works.''

    jm> * If you want to define your own rules/requirements: pay for
    jm> it. [...]

    jm> Then PAY for it. Go to NTT, C&W, and a lot of other ISP's who
    jm> can provide it to you.

    jm> For the ARIN region, take your pick:
    jm> http://www.sixxs.net/tools/grh/dfp/arin/

If you read the thread here, I'm trying to do just that, as are
several other people in NYCBUG.  I haven't found any good options.

I sent an email to Hurricane asking to pay for a nonsilly tunnel a
month ago---no response.  I discussed getting v6 from Alex on this
list---not happening right away.  I sent an email to nLayer today, but
I doubt they handle such small pipes.

Anyone on this list have experience with NTT or C&W in T1 sizes?

wasn't someone saying NTT has v6 but not at all POPs?

    jm> Do note that we do publish, in whois.sixxs.net, the
    jm> IPv4 endpoint of every user and with even a slight breeze of
    jm> an abuse ticket we will terminate the account,

yes, this ``slight breeze'' thing is one of my main concerns.

My irc server and shell server are available on v4 as well.  I'm not
``hiding'' from anyone.  And when I ran it under OCCAID, I agreed when
I signed up and repeatedly thereafter that I'd take the irc server off
IPv6 if there were any DDoS problems with it.

Such agreements were the foundation of the Internet I grew up with.
It's really sad and frustrating for me to see us moving to this new
``slightest breeze'' system.

    jm> go to one of the many "IRC Shell Hosting" companies
    jm> who have "bulletproof" services etc blabla. They tend to have
    jm> you pay for them btw.

Yeah, I know about those.  We use those, too.  I think we have three
or four of them.  And yes, we pay for them.  And they're a lot cheaper
than the T1+colo I was using for OCCAID.  And they don't have IPv6.

But you're under no obligation to provide a complete solution to
everyone's problems.  ``I want to run an irc server'' doesn't mean you
have to either help me do it yourself or else tell me how to do it
without you, and I also don't have to take your advice.  so I don't
think ``irc shell hosting'' has much to do with the problems of
getting reasonable v6 transit in the US.

I'm just saying, I'm embarassed to offer some degraded port-blocked or
condescending-AUP'ed v6 to my friends in the same way that I wouldn't
buy Internet that didn't permit wireless sharing.  Also, it doesn't
fit my needs because I want to run ipv6 irc and shell servers, and
others who want to do the same should be aware.

    jm> If you really have a 'shell service' which is not meant for
    jm> IRC, can you explain what that service entails?

mail, webpage-serving, hosting 'screen' sessions for irc.  There's
other chat stuff on there like mcabber and silc.  emacs.  A few people
may write C or Perl programs there if they don't have their own Unix.
finger and ytalk still work on my box, like in the old days.  <shrug>.
I don't know what other people are doing with their shell servers.
Some were doing audio streaming at one point.  One guy runs a Jabber
server.  There's always talk about VoIP, but no one finishes it.

but I'm really not interested in second-class Internet access for any
price whether it =0 or not, so I'm not sure why I need to justify to
you what I'm doing with my shell server, and endorse the IMO silly
implication that irc is ``abuse''.

    jm> I checked, but you clearly never signed up to SixXS and never
    jm> send an email either.

I think you and I had a discussion on the OCCAID list, so it's not
exactly fair to imply I just appeared out of nowhere.  I was going to
sign up until a couple of my friends pointed out irc and shell servers
were forbidden, which makes SixXS uninteresting to me, so what's the
point?

    jm> Can you also show which person didn't provide his real name
    jm> and got rejected?

yeah, I could try.

I'm a little concerned though because I feel like I'm basically
blacklisted from OCCAID/SixXS folk at this point, and I don't want to
make my friend into another squeaky wheel to go on your shit list.

The stories are common enough that I find them a credible irritant to
working with and getting reliable drama-free service from your crew.
If others find my experiences too vague without the names and dates, I
think I'll leave them with their skepticism.

    jm> If you don't like that [DNS spam] rule, then don't use the
    jm> service.

That's exactly what I'm doing, for the moment.

However, one thing that gets lost in these discussions sometimes is
that it's completely reasonable for me to use a service but still
complain about it.  James has asked me over and over again, if I have
such a problem with him claiming to be ``apolitical'' or with ``layer
10 issues,'' why did I keep using OCCAID, and the answer is very
simple: there isn't a good alternative, and, as I never fail to
mention, by some metrics OCCAID was very good.

I think it's important to accept criticism.  Based on the way James
and other OCCAID folk have responded to my criticism in the past, I'm
not really comfortable speaking with full frankness until (1) I'm not
doing it on his list where he can emergency-moderate it, and (2) I'm
already cut off from OCCAID, so I've got nothing more to lose by
failing to grovel to the nerd mafia.

    jm> Over the years having this little rule in place has saved us
    jm> from a lot of problems.

well, it's not just one rule.  It's the DNS ``spam'' rule, which you
equate with ``network abuse''.  It's the ``slightest breeze'' policy.
It's the blocking people whose names don't sound real enough.  It's
the complicated email address validation stuff.  and who knows what
else.  I just don't want to deal with it, because even after I do get
it working, it's just going to go down again when some gentle zephyr
trips one of your auto-kiddie-hoop tests and flags me as an abuser,
after which my account gets permanently blacklisted.

As for the rules saving you from problems, yeah, I get it.  You have
to be practical.  You have to build something that doesn't fall apart.
And if we look around, we don't see much of that.  but _post hoc ergo
propter hoc_: how do you really know which rules have done what when
you have so many?  My intuition says BGP is a better hoop than any of
this other stuff.  And the value system you've built around what
should be practical value-agnostic rules for which, if anything, you
regrettably appologize is definitely not necessary.  Instead the
definition of this word ``abuse'' has spread like a hungry mold.

    jm> Clearly you know what DDoS does to your network, and you have
    jm> had to, according to wikipedia, change ISP's because you where
    jm> a DDoS target. So why should we, as a free (gratuit, free as
    jm> in beer) provider allow you to attracked it and then let *OUR*
    jm> systems get hurt by it?

I can't think of a good reason why you would offer v6 for free at all,
much less put up with non-customers getting DDoSed.  However, I do
exactly that same thing, also for free, for a few other people who
host shell servers on my shelf, so maybe the answer is ``for the same
reason I do,'' whatever that is.

    >> but I will probably sign up soon to get back some kind of
    >> censored politicized v6 (albeit without BGP now).

    jm> Why do you have a need for BGP? Do you have your own ASN? Do
    jm> you have multiple circuits to the Internet? Do you have a
    jm> prefix to announce?  If not, then why BGP, as it for sure
    jm> isn't helping connectivity for a bit for you in that case. So
    jm> please any arguments?

I need to learn BGP.  This is what OCCAID was invented _for_.  only
as a second step did it get involved in IPv6.

no, obviously you don't have to provide BGP to your users to be a
valuable service, but there's no reason I need to justify myself with
``arguments'' before I can be sad that I used to have BGP, and now I
can't get it any more.

Seriously....this is a Unix user's group.  We do not have a
cost/benefit analysis for everything we learn, use, or play with.  I
think SixXS is against the Internet ethic for other reasons, not
because it doesn't offer BGP.  

But I'm...well first, I'm not saying you're doing this exactly.  But
I've seen others do it, and I suspect it's common.  I'm frustrated
when netadmin types talk about ``kiddies wanting access to the elite
default free zone'' or some such, basically making fun of people for
being curious and enthusiastic like that implies some sort of weakness
or desperation.  It's sort of like a father calling his nine-year-old
son a skinny whimp and knocking him around and pushing him down and
not letting him win at sports.  It's not just unreasonable or harmful.
As a geek, I find it absolutely disgusting.  You guys seem to start by
thinking BGP is some kind of privilege that has to be earned or
deserved (which I don't agree with), and then extend it _further_
suggesting that even trying to _earn_ it is pathetic---it has to fall
in your lap, or be forced upon you, and only in that way does it
become deserved.  Imagine if the source code for BSD were a privilege
given only to people who proved they had both need and ability to
write drivers.  We'd be the laughingstock of our community.  the
awkward ugly girl at the catholic school wearing the abstinence
T-shirt that says ``I'm worth waiting for.''  Sorry, that's just not
my culture.

    jm> You clearly seem to have a more personal issue then than
    jm> anything else.  If you want to talk about it, try
    jm> info at sixxs.net.

or I could just post on any mailing list anywhere and wait for you
guys to google yourselves.  Then you'll yuck it up in private irc
channels so I hear back from my friends ``haha those guys are LOLing
it up over you again Miles'', and then eventually, as I predicted in
my original post, you'll track me down from wherever outside NYC you
operate and engage me on our little local user's group list.  such
service! :)

here's what I would say to info@:

Q. I would like to sign up, but I run an irc and shell server.  Do the
   rules apply to everyone else, but not me?

A. No.

Q. shit.  BTW I think the rules suck.

Anyway seriously thanks for the invitation and the reply.  And thanks
for the work you've done taking the first few small steps for IPv6 in
the many, many years since the basic tools have been available.  I
just hope we can get some viable competition in this space soon,
because I think that will make everyone's attitude mellow out a bit,
and better yet will give me the chance to take your repeated ``then
PAY for it'' jab seriously.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 304 bytes
Desc: not available
URL: <http://lists.nycbug.org/pipermail/talk/attachments/20070407/d614bf95/attachment.bin>