Notices by kaniini (kaniini@mastodon.dereferenced.org), page 47

@feld

when i was doing hosting, it saved me from having to get out of bed at 3 AM to nullroute something many times.

@feld

arbor gear couldn't detect anomalies faster than my own tools

https://bitbucket.org/tortoiselabs/ddosmon

built a custom model that could null IPs within a second or two of the ddos beginning.

@feld

yeah, that's definitely true.

the arbor devices have some pretty whack bandwidth consumption forecast models.

i wonder if the bandwidth billing these ISPs are doing are actually based on those forecast models (it would explain the anecdotes of people using data on days where they had no power)

Now it comes out that some of the anti #netneutrality comments written by actual ghosts: https://twitter.com/MackenzieAstin/status/941459382864437248

@galaxis

and well, sampled netflow has been largely a nightmare for ISPs... tons of threads on dslreports about it's inaccuracies.

@galaxis

yes and no.

without significant reworking of basically every central office in america, it would not.

major upgrades needed (either in routers themselves, or in stuff like sandvine/arbor devices) to facilitate that kind of metering.

metering schemes in america have largely been based around sampled netflow (with all of the inaccuracy that can provide) so far.

@literorrery ... i'm sorry.

@galaxis

I don't really see the problem with that as long as the telcos are not allowed to degrade their network by sending traffic over known-to-be-congested transit links (Comcast and Tata is a good example here)

@feld

Cox are using Arbor Peakflow devices for that, but they still have to use sampling.

I hadn't thought about the possibility of using those types of boxes for that purpose, as my only experience with them has been for DDoS mitigation though.

@feld

to expand on this, another part of why they want to force everything over transit is explicitly because then they can go to the people they would have peered with in the past and charge them for transit at a premium.

that's what the netflix-comcast deal was about a few years ago.

@feld

be glad your local ISP techs had enough courage to add a clandestine Best Buy UPS...

after the 2007 ice storm and 2011 blizzard, Big Cable around here intentionally kept their network offline because corporate were "afraid that people would steal the generators at the HFC super-nodes."

@feld

yes, the question ultimately comes down to what the accountants will say.

i'm hopeful that the accountants will observe what has happened in mobile and give an honest cost-benefit analysis.

i expect that Comcast or Verizon will try this, the other major players will watch what happens and run away from the ensuing shitshow.

of course, Comcast is the largest ISP in America in terms of footprint, so that's pretty bad still. but i suspect they will do a very limited test (one or two markets) like TWC did when they wanted to do netflow-based metering (which was, of course, a complete disaster)

@galaxis

yeah, I'm aware of stuff like that too, but ISPs aren't willing to fork out the cash for such things in America.

Netflix is having to pay ISPs to allow them to install their caching devices in various places, for example.

@feld

it's cheaper and easier to just force the unwanted traffic over bad transit links though.

example: Comcast pushing all traffic it does not like over Tata, because they know Tata's network in the US can't handle it.

@feld

that was the point i was making.

trust me, i fully understand that it's technically feasible to do all sorts of evil shit.

i just do not believe that ISPs are willing to spend the money to actually do the upgrades required to make it work.

because they would have done so already for DOCSIS 3.

@djsundog @feld

it's not.

31% is still a minority.

there's still a lot of CMTS systems out there that need to be upgraded, Cox is only offering IPv6 in very large markets that they bothered to upgrade to DOCSIS 3 for example: some of my friends in western Arkansas still do not have IPv6 from Cox, and are still on a DOCSIS 1.1 CMTS that is providing a whopping 12 megs down.

@elomatreb @galaxis @phessler

wireless network architecture is way different than wireline architecture.

wireless networks were designed from day 1 to enable this type of thing, it's literally well documented in the various 3GPP standards how to do it.

wireline networks in US don't have the capital support to actually make such things work. it is easier to just degrade competitors at the network edge, which Comcast was doing with or without Title II regulations.

after all, it is easiest to just send traffic to Hulu and Netflix over an ISP based in India (Tata) than it is to do it at the central office right now.

note I keep saying "right now." it is, of course, possible that some cable idiots in some board room will decide to spend money to do this scheme, but honestly I don't think the cost-benefit analysis is going to play out in such a way that it gets implemented nationwide.

@feld

i mean, i assume that you live in a part of the world where you do not have an American cable company as your primary source of broadband.

to be clear: these companies are literally running on mostly the same infrastructure they deployed in the 1990s (which doesn't have Netflow to begin with), if you're lucky, you might get infrastructure that was upgraded some time around 2008. if you're really really lucky (you live in the same town as the corporate HQ basically), you might actually have a state of the art CO.

we don't even have native IPv6 in 99% of the country, and the primary data usage buckets are still basically not rolled out at the ISPs which use them.

you can't honestly expect Netflow-based data bucket billing to be rolled out any time soon?

Cox has been promising gigabit over DOCSIS 3.1 for years, and yet, it is still not here, because they can't even keep the lines in good enough shape to enable 24-channel bonding.

so, no, I'm really not a believer that data usage packages like that are technically possible in American wireline networks right now, the infrastructure just isn't there.

i sure do love being lectured by europeans on the state of america's internet infrastructure.

@galaxis @phessler

look, i get that you people in europe have fancy network infrastructure, but residential wireline ISPs in america (even DOCSIS 3 is only available in the largest markets, most markets are DOCSIS 1 for example) mostly have ghetto equipment that can't handle this scheme, right now.

the only approach that could work is mucking with DNS and transparent proxying, but that will break other things, so is thankfully unlikely to happen. we don't have CGNAT yet, after all.