Clear DNS Cache in Windows and Linux

As a reminder to myself, the proper way to clear the DNS cache on a windows machine (be it Windows 7, Vista, or XP) is to do:

ipconfig /flushdns

In some versions of Linux (Centos 5.6 confirmed), usually the name service cache daemon is installed to manage DNS cache. To clear NSCD do

/etc/init.d/nscd restart

And… If you happen to have installed bind9 as a caching name server, use:
rndc flush


Portal 2 Cheap

Portal 2 – $30 from Amazon.


New Zealand Earthquake


IPv6 Feature Equality.

I decided that the next big thing is IPv6. Good time to get ahead of the curve; in 18 months the crap is going to hit the fan; I will have highly marketable skills as I will be a precision instrument of speed and aeromatics…

The biggest problem I’ve been running into is Feature Equality, i.e. things may work for IPv4, but most programs really don’t have any or full IPv6 feature equality.

For example, I have a Juniper firewall as a home CPE device. However, running the latest JunOS on it, I cannot enter an IPv6 address on a Vlan. But, I can via the GUI. Wacky. But when I’m talking about Feature Equality, you can configure the firewall to do DHCP using IPv4, but it won’t allow you to configure DHCPv6 on the device; I guess Juniper believes SLAAC or static IP address assignment is the way of the future. And, you can’t even setup an address name on the CLI, it doesn’t know what an IPv6 address looks like:

[edit security zones security-zone trust]
admin@firewall# set address-book address foobar 2001:470:8986:1::10/128
invalid ip address or hostname: 2001:470:8986:1::10/128 at '2001:470:8986:1::10/128'

Oh and lord knows DHCPv6 doesn’t have problems. There’s no ipv6 routers option. None. Been talked about, but there’s no way to specifically tell an IPv6 client what its gateway is. Because we all know that it just needs to be told it’s IP subnet, it can figure out the rest… I’d hate to be on a network with Windows XP/Vista set up for Internet Access Sharing; each Windows box will announce itself as a router (i.e. Router Announcement) and you may end up with your entire LAN routing thru a tunnel on someone’s Windows desktop instead of that Juniper Firewall (Yea, I can’t set Router Announcement priority on the SRX either).

Once you get past that, and have a dual-stack or native desktop, good luck getting full featured IPv6 out of your applications.

If I want to connect to my internal CPE device to manage its configuration, I connect to https://2001:470:8986:1::1. I do not want however, want to search for information about https://2001:470:8986:1::1…

But at least you’re not the only one; Firefox doesn’t work either…

And yes, IPv6 is working:

Oh, btw: I can hit the Forward resolving host (i.e. but can’t hit the IP address in Chrome either.


I’m in the Wrong Business.

This isn’t from the point of view of a furious subscriber to a service, but that of a peer in a similar industry.

From Lord Of The Rings Online:

As the final stage of our datacenter move, all Turbine games will be offline on Tuesday February 23, from 4:00AM – 4:00PM Eastern Time (-5 GMT). Websites, including, forums, wikis, and social networks will be available, but players may be unable to log in or access their account information during this time. We thank you for your patience while we complete the move!

If I went to my boss and told her that “We need to do a datacenter move, which, in my consulting with every other operations team, will require a 12 hour downtime,” I think she’d laugh in my face and go talk to HR about my further employment.

I’ve worked in providing internet access, either to the business traveler, in a dial-up ISP, a web-hosting ISP, the worlds largest Tier1 network provider (at the time), and now providing internet-based services. I’m amazed when a business can provide this type of inept service to their customer base.

It just goes to show you that the real players in the internet-services space know how to build in redundancy, scale, and resilience into their product.

Redundancy: How about multiple datacenters guys? I understand the need to have centralized shards and back end database servers, but when your entire product goes offline because you’ve got a single point of failure somewhere shows that you need to push the data closer to the front-end servers.

Scale: If you’ve got at least 11 shards, that’s probably 10 too many. I understand the need to lower latency, really, I completely understand; jitter is my enemy. However, if none of these survives because your login server or front-end access servers can’t scale beyond a certain number of concurrent logged in users, you need to look at doing it differently, especially when all the graphics and all the maps and all the physics and all the etc is handled on the 11 Gig client installed on your users’ computers, essentially at the core of your shards is a long term storage database, a short term storage database, and tens of thousands of UDP updates that can be highly localized so that only the information the character would ever see will be sent their way. Maybe look at different hardware (Sun has some highly threaded servers now that can handle the amazing amount of UDP packets required should you need to handle 20,000 users with 20ms update packetization) to break out of the norm.

Resiliency: If you have single points of failure that take down your entire system, then you need to look at developing a system that allows for diminished running should that single point go down. For example, if your huge honking 32 processor Sun/Oracle database server dies, can your customers still subscribe to your service, and use your service in a normal or degraded state? Yes, somewhere something has to track that these 6 characters defeated Kranluk, but does that need to be stored centrally or can it make its way to the central DB eventually?

I interviewed for a job which had the complete change management and maintenance mode one in any operations group would dream for; at 5pm on Friday night, they shut down their service. From that time until 8am on Sunday morning, they had full reign to re-install servers, update router software, make firewall changes, etc. But it had to be up at 5pm on Sunday or millions of dollars in transactions would be lost per minute. As much as the cellphone industry has allowed other companies to provide the same level of poor service, the Financial Industry knows no such lack of service. I think Turbine should aspire more towards the loftier goal of a no outage service like those who run financial companies than be like those who manage cellular networks.


Network Musings, Feb 12, 2010

Microsoft QA approved patch that causes XP BSODs. Patch meant to fix 17 year old but recently discovered issue.

“After installing today’s update 02/09/10 I now get the BSoD PAGE_FAULT_IN_NONPAGED_AREA 0x00000050,” said one user, who goes by the screen name Sacdan69. “This has happened to both my wife’s computer and my nephew’s.”

AMD to bring new chips to the plate to compete with Intel i5/i7.

AT&T stays with a well worn relationship with Alcatel/Lucent and Ericsson (Remember EDGE – Ericsson’s technology) to move forward with LTE. Though I think WIMAX is a better technology for delivering high speed internet access over wireless, LTE will leverage already existing infrastructure. And really now it’s just Sprint/Intel/Clear to deliver WIMAX.

Cisco and Juniper start diving in on the Cellular Data bandwagon. Not that any of this is really all that hard; it’s just a matter of how close do you put your internet peers to the towers, and how to QoS the voice (because at that point it really is VoIP) over the Data traffic.

Not sure what to think about Google wanting to deploy a single community’s fiber for 1Gbps to the home. I’d imagine you’d have to (i.e. the community) sign away users’ privacy and allow certain behavioral monitoring to happen.

Level3 continues to lose money. If the company weren’t so important to carriers and government alike, it would have been out of business a long time ago.

The Broomfield-Colo.-based service provider lost $182 million in the three months ending Dec. 31 – that’s compared to a year-earlier profit of $43 million. The number also outpaced 2009’s third-quarter losses of $170 million. Revenue fell, too, by 12 percent to $921 million. On the whole, the losses were higher than analysts expected.

A key VoIP patent will get further scrutiny by the USPTO after significant prior art is provided.

According to a statement released by the EFF on Friday, the VoIP patent — which covers systems where the internet is used to route and maintain voice calls made between analogue phones — should not have been granted because “both a prior patent and published reference materials described the underlying technology” long before the applicant, Acceris, made its claim in 1995.

It’s one thing to require physical access to a chip and special acid to dissolve parts of said chip to effect a hack, it’s another when enough simple hardware concealed in a backpack could be used. You know it’s a good hack when the response from the vendor (in this case it’s the Chip and PIN and the Payment Card Industry) is:

“We never said chip-and-PIN was completely infallible,” a spokeswoman said Friday. “We firmly believe it [the attack] is not really plausible in a day-to-day environment. They’ve created a convoluted way of committing this fraud.”

The demise of Veoh shows that copyright and patent law in the United States is anti-innovation and anti-competitive. But as long as Disney owns Congress, the copyright laws will always be written so that Steamboat Willie will never be out of Disney’s copyright. Since Disney died in 1966, this won’t be a problem until 2041.

Sagem Orga builds WiFi hotspot capability straight into the GSM Sim. No need for a MiFi device.


Network Musings, Feb 08, 2010

Ars Technica has a round up of the future CPU architecture. More cores and threads in more places. IBM is also retuning their POWER architecture.

When I read articles touting an tech certification earning more money than another, I often wonder if the reason for the income differential isn’t some self-serving in-industry backscratch to promote the certification (through government regulations, laws, etc) rather than provide some real return on investment.

In a follow-up article, Brodkin reported on a survey carried out for the International Information Systems Security Certification Consortium, (ISC)^2, which showed “that holders of the CISSP, SSCP or CAP certifications who work in the Americas and have at least five years experience earn [an average of] $102,376 per year – more than $21,000 higher than IT pros who also have five years experience but lack the certifications.”

Juniper gets interviewed about their focus for next year. Though I’m having a hard time believing that reducing tiers in datacenters will reduce complexity. It’s more like it increases a company’s reliance upon a single vendor; and when you start making your layers do more, it definitely becomes more complicated requiring higher paid engineers with certifications.

When you reduce a tier, a layer, by definition you save in cost, you save in power and you have better latency that translates to better performance. So this is why we’re winning a number of data center deals — including the New York Stock Exchange — with our two-tier approach, the fixed configuration EX3200 and EX4200 in the front, and the modular EX 8200 switches in the back. And very frequently, MX will become part of the equation when the customer looks at edge routing.

Google Mystery Domain ( takes up a lot of internet traffic. Doing 3 minutes of analysis, I’m of the opinion this is for non-search (i.e. non interfacing traffic, like that from chrome, apps, etc.

Teen Blogging is in decline. It’s the closed feedback loop coupled with ADHD. Why blog if no one reads? Why write if no one reads? Twitter thought it had cornered the market on blogs, because everyone liked SMS at 140 characters, why not microblogs. Now if you have no followers, whats the point of Tweeting? Twitter quickly de-evolving into a secondary market channel for Celebrities / Famous People / And Businesses.

“Teenagers do not use Twitter,” he wrote. “Most have signed up to the service, but then just leave it as they realise that they are not going to update it (mostly because texting Twitter uses up credit, and they would rather text friends with that credit). They realise that no one is viewing their profile, so their tweets are pointless.”

DECT Phone encryption broken by cryptographers. Key takeaway is public algorithm review:

“It relied on the fact that the encryption was unknown and hence could not be broken. This is a case where something that has some potential for being strong is broken by just this one design decision that in any public review would have been spotted immediately.”

ZeuStracker turns 1. Happy Birthday!


Network Musings, Feb 05, 2010

As an answer to Cisco’s rumored CRS-1 upgrade, Juniper ups the ante on their T1600 router from 100GBps per slot to 250GBps per slot in the same chassis as an in-service upgrade as well.

The design work for the next-generation silicon has already been completed, and Sardella noted that Juniper is now beginning to build out and test the technology.

Boxee CET Avner Ronen takes the advantage of having NBC and Comcast CEO’s testifying under oath in front of an congressional hearing to point out that someone might not be telling the whole story regarding Hulu blocking Boxee.

Sprint uses Fixed to Mobile Convergence vendor Tango to sell Sprint MPLS circuits to provide minute offloading for IP PBX business owners.

Mobile calls to/from the PBX will still be routed over an MPLS connection, and the financial advantage of treating them as on-net mobile calls will be maintained.

Deutche Telecom floats a trial baloon towards a T-Mobile IPO. Is this DT trying to craft an exit strategy from the US market, or maneuvering towards a different style of engagement in the US?

EPIC files Freedom of Information Act request to get more information regarding the NSA’s agreement with Google. Most people look at this as a Privacy issue, my concern is that why should the US government be spending resources to secure or help secure a company with a $167 Billion market cap? Is Google now “Too Big To Fail” and needs to be taken over by the US government?

Apple says no location-based ads on their approved apps. Reminder: This technology (Providing geographic based promotion services to a computing device) is patented and owned by AT&T. Is this why they’re going to keep AT&T as their exclusive carrier for the iPhone?

Behavioral targeting and Ad Clearing houses are the next realm of ad delivery.

Chinese VoIP company’s numbers disappoint, mainly because China banned VoIP.


Network Musings, Feb 03, 2010

Sun CEO Tweetku’s his resignation.

The Internet Generation prefers SMS/Tweets over blogs, a Pew study finds.. I think this has to do with none of them want to actually involve themselves with learning/running things on the Interwebs, but wants to use pre-built infrastructure.

VoIP scammer gets prison term. His mistake was living in a country that actually cares.

Packet8 launches Facebook click to call app.

Study finds people reuse the same passwords for multiple services. I’ve had a long standing observation about this practice. It has to deal with passwords and remembering them. The idiot uses the same password for everything, usually a weak strength. The newbie uses a different password for every site, but writes them all down on a piece of paper and never remembers any of them. The paranoid person uses a high strength password for each site, uses a different login for each one, uses a password memory service to store them all. While the veteran uses a few well thought out passwords, classifies those into usage categories, so that the crap password for a throw away site is always the same password, the login password to Windows / Playstation / Xbox is another, and only uses unique ones for banks. All this is alluded to at the end of the article:

The company’s practical advice for users who don’t wish to use a dedicated password application or password management website was to create three separate logins, one for financial sites, a second for any site holding sensitive data, and a third for sites not holding anything of value.

iiNet wins Safe Harbor ruling in Australia. Another article questions should Copyright holders pay for ISPs to deliver notices to end users? Since the FCC allows telecoms to charge for CALEA compliance, this is a solid precedent to site; Yes, the copyright holders should pay for DMCA-to-enduser delivery.

Cisco adds Unified Communications iPhone app to do VoIP over 3G. This totally makes sense, as you can minute shift from corporate PBX calls over VoIP data instead of Voice Minutes. Someone was suggesting Cisco buy Truphone to do this for them, but I think the minute Cisco did any investigation, they’d realize how bad Truphone is and end up buying someone like Packet8 or Fring. Both of those have a business end-user focus, and can tie in telepresence as well.

Xconnect proves ENUM and caller id can be a profitable business.

Canadian Cable ISP Novus offers 200 mbps to its customers. Prices still not in line with this amount of bandwidth outside of North America.


Network Musings – Feb 02, 2010

Broadcom announces Bluetooth 3.0 + HS chips – 24mbps over WiFi.

Personal computers, netbooks, smartphones and other consumer electronics (CE) devices are adding Bluetooth v3.0 + HS wireless functionality to extend the user experience and facilitate high-speed file transfer and synchronization among devices.

Oracle is determining what from Sun to keep and what to let fall by the wayside. Winners seem to be StarOffice, Java, Storage (Disk and Tape).

Sun’s hardware line will eventually be streamlined. Ellison pointed out that in addition to the inefficient supply chain, there are numerous point versions of products. The same server could have Sparc, AMD and Intel chips, with multiple versions at multiple clock speeds. The number of Sun servers can be expected to diminish, if only for the sake of eliminating redundancy.

Juniper Q4 numbers were up year-over-year. Seems Comcast and AT&T need more routers to meet demand.

AT&T was also specifically mentioned by Denholm as a key customer, representing more than 10 percent of Juniper total revenues for the year and for the fourth quarter.

Could Cisco be replacing the CRS-1?

Want cheap CNAM from your Asterisk box? BulkCNAM to the rescue!

Oracle 11g user privilege escalation hack discovered.

10 Free Photo Editing tools.

Startup Coraid looks to do ATA over Ethernet.

Counterpath’s new Bria softphone adds in some really cool features, including HD video and Jabber-like chat.

Comcast seems increasingly to be getting into the Business VoIP line of business. Guessing they’ve located a lucrative market to finally set up a real triple-play with businesses. Typically their Business offering has been their Consumer offering, just with more cable modems. If they look to integrate with a SIP PBX like Asterisk, companies like Packet8 may have problems.

Mark Cuban calls Google a Vampire. Danny Sullivan calls Mark Cuban’s Mahalo a Vampire. Sullivan FTW (graphs and charts over mere words everyime).


« Previous Page« Previous entries « Previous Page · Next Page » Next entries »Next Page »