Discuss mailing list

[Pei <pei AT virtual-dope.com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 8/15/2013 8:15 PM, Zach Gibbens wrote:
> On 08/15/2013 07:03 PM, Ian Carroll wrote:
>> Maybe one of the TLDs could (or already have) put their code up
>> under OSS. Everyone could improve it and use it.
>> 
>> Sent from my iPhone
>> 
>> On Aug 15, 2013, at 6:34 PM, "J.B. BERLIN"
>> <endlesspixel AT hotmail.com> wrote:
>> 
>>> I think a central registration site is not the point but a
>>> standard web frontend and a standard backend. That what I now
>>> seen was that every opennic .tld have they own soultion for
>>> register a domain. From: Ian Carroll Sent: Friday, August 16,
>>> 2013 12:35 AM To: discuss AT lists.opennicproject.org Subject: Re:
>>> [opennic-discuss] Hi list! What if we had one central
>>> registration site?
>>> 
>>> 
>>> On Thu, Aug 15, 2013 at 6:29 PM, Christopher
>>> <weblionx AT gmail.com> wrote:
>>>> Domains aren't an issue, all T1s mirror each other. The
>>>> problem is the registration sites aren't distributed like
>>>> that.
>>>> 
>>>> On Thu, Aug 15, 2013 at 6:17 PM, Ian Carroll 
>>>> <ian.carroll AT snapstudiodesign.com> wrote:
>>>>> I'm going to go ahead and defeat the whole purpose of
>>>>> decentralized systems and say we need a central fallback
>>>>> server that has all records for all TLD's and when the main
>>>>> T1/2 server is dead it goes to that server.
>>>>> 
>>>>> 
>>>>> On Thu, Aug 15, 2013 at 6:04 PM, J.B. BERLIN 
>>>>> <endlesspixel AT hotmail.com> wrote:
>>>>>> Hello,
>>>>>> 
>>>>>> I think that it would be better run the all services with
>>>>>> more uptime if they where more standards for the Opennic
>>>>>> service like for registration, webfrontends ect.
>>>>>> 
>>>>>> J.B.
>>>>>> 
>>>>>> -----Ursprüngliche Nachricht----- From: Peter Green Sent:
>>>>>> Thursday, August 15, 2013 11:35 PM To:
>>>>>> discuss AT lists.opennicproject.org Subject: Re:
>>>>>> [opennic-discuss] Hi list!
>>>>>> 
>>>>>> 
>>>>>>>> sites look down.
> 
> You know, this really isn't good and in the light of I.C.A.N.N. 
> firing up more T.L.D.s that collide with ours, no one in their
> right mind will take us seriously when our services are so often
> unreliable :-(
> 
> It seems T1's and their services more so than T2.
> 
> Is this the way it always is/has been or is it a symptom of the 
> feelings caused by the onset of such domain collisions... i.e. is 
> this just going to get worse as more and more OpenNIC sys-admins
> feel they are wasting their time and don't keep their services up
> and running 99.**% of the time?
> 
> Is OpenNIC going to end up simply an alternative DNS provider
> (which would be no bad thing in and of itself perhaps)?
> 
> Peter
> 
>>>>>> 
>>>>>> 
>>>>>> -------- You are a member of the OpenNIC Discuss list. 
>>>>>> You may unsubscribe by emailing 
>>>>>> discuss-unsubscribe AT lists.opennicproject.org
>>>>>> 
>>>>>> 
>>>>>> -------- You are a member of the OpenNIC Discuss list.
>>>>>> You may unsubscribe by emailing
>>>>>> discuss-unsubscribe AT lists.opennicproject.org
>>>>> 
>>>>> 
>>>>> 
>>>>> -- If you can see this, this email was sent from Ian
>>>>> Carroll's personal account. This email is not signed. The
>>>>> email must be signed by Comodo to the name of Ian Carroll. 
>>>>> You are responsible for any damages if you transact under
>>>>> this unsigned email and I cannot sign it for you.
>>>>> 
>>>>> 
>>>>> -------- You are a member of the OpenNIC Discuss list. You
>>>>> may unsubscribe by emailing 
>>>>> discuss-unsubscribe AT lists.opennicproject.org
>>>> 
>>>> -------- You are a member of the OpenNIC Discuss list. You
>>>> may unsubscribe by emailing 
>>>> discuss-unsubscribe AT lists.opennicproject.org
>>> 
>>> -- If you can see this, this email was sent from Ian Carroll's
>>> personal account. This email is not signed. The email must be
>>> signed by Comodo to the name of Ian Carroll. You are
>>> responsible for any damages if you transact under this unsigned
>>> email and I cannot sign it for you.
>>> 
>>> 
>>> -------- You are a member of the OpenNIC Discuss list. You may
>>> unsubscribe by emailing 
>>> discuss-unsubscribe AT lists.opennicproject.org
>>> 
>>> 
>>> -------- You are a member of the OpenNIC Discuss list. You may
>>> unsubscribe by emailing 
>>> discuss-unsubscribe AT lists.opennicproject.org
>> 
>> -------- You are a member of the OpenNIC Discuss list. You may
>> unsubscribe by emailing 
>> discuss-unsubscribe AT lists.opennicproject.org
>> 
> Just throwing this out there, for some of us (myself included) it
> has nothing to do with opennic or icann, it's abuse and stricter
> enforcement of ToS (alot of ToS has sections about open resolvers)
> I had to stop my t2 due to a combo of both, a dns amplification
> attack which took out my server's connection, and when the isp
> looked into it, reminded me of the terms (it was polite, they
> didn't kick me off, but I did have to suspend services)
> 
> one of the t1 servers recently suffered from a DoS that was likely 
> directed at them (if I recall the conversation correctly, kept
> asking for large transfers at a rate excessively beyond normal
> use)
> 
> I have my theories on why this is happening lately, but I'll keep
> that to myself for now, but I will say this, I saw more abuse
> happen in the past month or two, than I've seen in the last five
> years (I'm talking in terms of scale AND length of attack, I saw
> one or the other, but it seems like it's more intense nowadays)
> 
> also, I just went through a move for work, which meant I wasn't
> online as much as usual this month, we do volunteer here, we do
> work elsewhere too, we all have our hardships come up from time to
> time (well, most of us, I can't speak for everyone, and really I'm
> trying to speak for myself only)
> 
> I like alot of the ideas in this thread for their own merit, but
> the issues brought up, issues with uptime, I don't have full
> control of my ISP, or the cage my server sits in, and if I had any
> control on those that actively attack my server....well lets just
> say violence is never the answer, but sometimes it just feels
> right.
> 
> the idea of a central fallback server seems like a contradiction to
> me, however I agree more redundancy is ideal, each client should
> have two servers at least, ideally not from the same volunteer,
> host or datacenter, each of these t2 servers should have all the t1
> servers for syncing tlds, all t1 servers are to sync amongst each
> other to serve as a temporary backup.
> 
> To the question "Is OpenNIC going to end up simply an alternative
> DNS provider (which would be no bad thing in and of itself
> perhaps)?" I think that already happened in some respects, less
> than a percent was traffic for opennic tlds on my server, and I was
> fine with that, but I still want our alternate root to survive
> too.
> 
> I'm not sending this to start a fight, or to put down any of these 
> ideas, merely highlighting that whatever we do, we should
> understand what's happening, what our changes will do, and I'm
> hoping this does some of that.
> 
> 
> -------- You are a member of the OpenNIC Discuss list. You may
> unsubscribe by emailing
> discuss-unsubscribe AT lists.opennicproject.org
> 

This DDoS shit has gotten bad, one of my provider's datacenters
nullrouted my IP due to getting such massive DDoS traffic I had to
suspend services on it, and when I confronted the provider about open
dns resolvers not being against the ToS they said I was right but the
datacenters are "getting very draconian about it esp over the past
month or two"

So I got another provider hence the update to my secondary server, but
on my main server I am currently weathering attacks for queries on 5
different domains. It's insane.... why so much DDoS lately... If you
know or have theories, please don't keep them to yourself and do tell...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.21-beta27 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJSDZt5AAoJEMF0s4FMzA2LjHUIALp+jsa6GnrUEX7WlokYQwWo
oasu+URjtXpvN/hiuZJEav1NHyakLKIqSgnmCNgx/EKAZQV8G76RmvsMawNer/x6
wvRzRIdx9e8q6fVOaFu6rv0ofrExNWvukq0ebAqlATCCeMGF3wcvAp+j7i5sN8Hq
L+gjzKOklHxQ4cPc0QogVNJt95hfuNS+KE3yqw+jiUr4AqhgiTUEqcO7hf9tLdgO
RmxYfqR5cLyOVqLs8Xzble7fRqMPetdggfP5XfysfnS+MoD2hfpJtq8qiPv/1BVC
CC2ZLTcr24F4Q5HrlA34Jj5IHJ/5c9RwID4OSfmvP/XKmzcL9iy9CwiDmAWB9x4=
=d4Mj
-----END PGP SIGNATURE-----