On 03/26/08 02:09, Grant Taylor wrote:
> If ORDB did follow the BCP guidelines and then switched to collateral
> damage I personally don't fault them for trying to get people to
> clean up their config(s).

One thing that ORDB has not done is to put a web page in place
(re)stating that the DNSBL is shut down and that they are changing their
practices, which I think they should have done. I can understand
shutting down the website for the past 6 - 9 months. However I (my
opinion) think they should have at least put something simple up
indicating their new policy change.



Grant. . . .

On Mar 27, 5:43pm, "D. Stussy" <s...@bde-arc.ampr.org> wrote:
> "Grant Taylor" <gtay...@riverviewtech.net> wrote in message
>
> news:mailman.23.1206541695.12289.comp.mail.sendmai l@maillists.riverviewtech.net...
>
> > On 03/26/08 02:09, Grant Taylor wrote:
> > > If ORDB did follow the BCP guidelines and then switched to collateral
> > > damage I personally don't fault them for trying to get people to
> > > clean up their config(s).
>
> > One thing that ORDB has not done is to put a web page in place
> > (re)stating that the DNSBL is shut down and that they are changing their
> > practices, which I think they should have done. I can understand
> > shutting down the website for the past 6 - 9 months. However I (my
> > opinion) think they should have at least put something simple up
> > indicating their new policy change.
>
> I found that their policy statement of "going out of business" in December
> 2006 was sufficient. 15 months was more than enough time.

I work as a contract tech. So alot of the companies I deal with do
not have there own IT person that can sit on their @ss all day and
read tech forums about the latest thing to happen in the tech world.
Some of us are out there doing real work and can not follow every
company that we have under our, belts stupid entries in some firewall
smtp proxy. This shit took a real business down for a couple hours
before I could figure out exactly what was happening. Just drop the
DNS entry for relays.ordb.org or point it to some benign IP that no
one gives a flying F&*%&* about. Remember not everyone has the time
to keep up with this stuff. Or to know all the settings in every
firewall and
every server that we are responsible for. In my opinion and its just
that
anyone working in an environment with less than 100 computers and 10
servers is not really working.

<aoberlin@gmail.com> wrote in message
news:6cbe5df5-a582-42e1-a674-8c69bb9da999@m44g2000hsc.googlegroups.com...
On Mar 27, 5:43 pm, "D. Stussy" <s...@bde-arc.ampr.org> wrote:
> "Grant Taylor" <gtay...@riverviewtech.net> wrote in message
>
news:mailman.23.1206541695.12289.comp.mail.sendmai l@maillists.riverviewtech.net...
> > On 03/26/08 02:09, Grant Taylor wrote:
> > > If ORDB did follow the BCP guidelines and then switched to collateral
> > > damage I personally don't fault them for trying to get people to
> > > clean up their config(s).
>
> > One thing that ORDB has not done is to put a web page in place
> > (re)stating that the DNSBL is shut down and that they are changing their
> > practices, which I think they should have done. I can understand
> > shutting down the website for the past 6 - 9 months. However I (my
> > opinion) think they should have at least put something simple up
> > indicating their new policy change.
>
> I found that their policy statement of "going out of business" in December
> 2006 was sufficient. 15 months was more than enough time.

=I work as a contract tech. So alot of the companies I deal with do
=not have there own IT person that can sit on their @ss all day and
=read tech forums about the latest thing to happen in the tech world.
=Some of us are out there doing real work and can not follow every
=company that we have under our, belts stupid entries in some firewall
=smtp proxy. This shit took a real business down for a couple hours
=before I could figure out exactly what was happening. Just drop the
=DNS entry for relays.ordb.org or point it to some benign IP that no
=one gives a flying F&*%&* about. Remember not everyone has the time
=to keep up with this stuff. Or to know all the settings in every firewall
and
=every server that we are responsible for. In my opinion and its just that
=anyone working in an environment with less than 100 computers and 10
=servers is not really working.


Well, excuse me. I haven't worked in the IT industry for over a decade (but
in the tax industry), and I still knew. Now, I found out a week after it
went down (still in December 2006) - because I bother to occasionally check
with services that I use to make certain they're still running. Did I wait
for someone else to report on it? No.

As a professional that is employed in IT, I don't see what you're saying as
a valid excuse. Every profession has things happening in it, and every
professional is expected to keep up. It seems to me that this change is
within the scope of your responsibilities as it did affect at least one of
your clients. If that's too much for you, perhaps a career change is in
order....

As for them simply dropping the DNS entry, etc., that's exactly what they've
been doing for the past 15 months, but they noticed that some people were
still trying to use the service. All of us COMPETENT people took care of
the problem at the end of 2006 or during 2007.

On Thu, 27 Mar 2008, aoberlin@gmail.com wrote:


The best way would be in all your DNS's put

zone "ordb.org" {
type master;
file "empty";
notify no;
};

if they dont want dns hits, they wont get any


--
Cheers
Res

mysql> update auth set Framed-IP-Address='127.0.0.127' where user= 'troll';

On Mar 28, 1:18am, "D. Stussy" <s...@bde-arc.ampr.org> wrote:
> <aober...@gmail.com> wrote in message
>
> news:6cbe5df5-a582-42e1-a674-8c69bb9da999@m44g2000hsc.googlegroups.com...
> On Mar 27, 5:43 pm, "D. Stussy" <s...@bde-arc.ampr.org> wrote:> "Grant Taylor" <gtay...@riverviewtech.net> wrote in message
>
> news:mailman.23.1206541695.12289.comp.mail.sendmai l@maillists.riverviewtech.net...
>
> > > On 03/26/08 02:09, Grant Taylor wrote:
> > > > If ORDB did follow the BCP guidelines and then switched to collateral
> > > > damage I personally don't fault them for trying to get people to
> > > > clean up their config(s).
>
> > > One thing that ORDB has not done is to put a web page in place
> > > (re)stating that the DNSBL is shut down and that they are changing their
> > > practices, which I think they should have done. I can understand
> > > shutting down the website for the past 6 - 9 months. However I (my
> > > opinion) think they should have at least put something simple up
> > > indicating their new policy change.
>
> > I found that their policy statement of "going out of business" in December
> > 2006 was sufficient. 15 months was more than enough time.
>
> =I work as a contract tech. So alot of the companies I deal with do
> =not have there own IT person that can sit on their @ss all day and
> =read tech forums about the latest thing to happen in the tech world.
> =Some of us are out there doing real work and can not follow every
> =company that we have under our, belts stupid entries in some firewall
> =smtp proxy. This shit took a real business down for a couple hours
> =before I could figure out exactly what was happening. Just drop the
> =DNS entry forrelays.ordb.orgor point it to some benign IP that no
> =one gives a flying F&*%&* about. Remember not everyone has the time
> =to keep up with this stuff. Or to know all the settings in every firewall
> and
> =every server that we are responsible for. In my opinion and its justthat
> =anyone working in an environment with less than 100 computers and 10
> =servers is not really working.
>
> Well, excuse me. I haven't worked in the IT industry for over a decade (but
> in the tax industry), and I still knew. Now, I found out a week after it
> went down (still in December 2006) - because I bother to occasionally check
> with services that I use to make certain they're still running. Did I wait
> for someone else to report on it? No.
>
> As a professional that is employed in IT, I don't see what you're saying as
> a valid excuse. Every profession has things happening in it, and every
> professional is expected to keep up. It seems to me that this change is
> within the scope of your responsibilities as it did affect at least one of
> your clients. If that's too much for you, perhaps a career change is in
> order....
>
> As for them simply dropping the DNS entry, etc., that's exactly what they've
> been doing for the past 15 months, but they noticed that some people were
> still trying to use the service. All of us COMPETENT people took care of
> the problem at the end of 2006 or during 2007.

Sorry if I offended you. I had a bad day. It was a new client that I
didn't even know used blacklist databases on their firewall. As far
as the competent part goes I never recieve any complaints from my
clients, which is around 75 different companies,about the service that
they recieve and in the IT world that speaks for itself.

Have a good day and again I apologize.

On Fri, 28 Mar 2008, aoberlin@gmail.com wrote:

> Sorry if I offended you. I had a bad day. It was a new client that I

never apologise to a troll, you have every right to speak your mind and
say what you said, many agree, many remain silent because of the lamers
like stussy et al knowing they try shoot you down, most of us have also
been around longer than clueless fools like him and will outsee him for
many a time to come, you are not expected to live usenet/internet forums,
even those of us on handsome 6 figure salaries, enjoy the right to have a
life outside of work that doesnt evolve around searching to find out
which fuckwit wannabe RBL operator has closed his doors today because he
cant handle a few DDoS's.



--
Cheers
Res

mysql> update auth set Framed-IP-Address='127.0.0.127' where user= 'troll';

"Res" <res@ausics.net> wrote in message
news:Pine.LNX.4.64.0803282256390.13843@ebfjryy.nhf vpf.arg...
> On Fri, 28 Mar 2008, aoberlin@gmail.com wrote:
>
> > Sorry if I offended you. I had a bad day. It was a new client that I
>
> never apologise to a troll, you have every right to speak your mind ...

That's exactly why I made nor offered any apology for any statement I made.

As for you, asshole, you don't even deserve the respect of consideration of
an apology, and that starts with failing to capitalize my name.

D. Stussy <spam@bde-arc.ampr.org> wrote:


>
> As for them simply dropping the DNS entry, etc., that's exactly what they've
> been doing for the past 15 months, but they noticed that some people were
> still trying to use the service.

Were they droping the requests at their name server or had they removed
all NS and glue A record from their domain registration before?

The resource lost for the later option wouldn't be their problem at all.
Especially when you don't do anything with the domain.

"Hugo Villeneuve" <hugo@EINTR.net> wrote in message
news:1iejei1.6ehoqj1b8g6bqN%hugo@EINTR.net...
> D. Stussy <spam@bde-arc.ampr.org> wrote:
> > As for them simply dropping the DNS entry, etc., that's exactly what
they've
> > been doing for the past 15 months, but they noticed that some people
were
> > still trying to use the service.
>
> Were they droping the requests at their name server or had they removed
> all NS and glue A record from their domain registration before?
>
> The resource lost for the later option wouldn't be their problem at all.
> Especially when you don't do anything with the domain.

I'd have to say that they didn't remove their DNS entries from their
registration.

Domain ID72422737-LROR
Domain Name:ORDB.ORG
Created On:11-Jun-2001 12:35:51 UTC
Last Updated On:12-Jan-2007 10:52:44 UTC
Expiration Date:11-Jun-2016 12:35:51 UTC
....
Name Server:AUTH02.NS.TELE.DK
Name Server:KOALA.DROSO.DK
Name Server:NS1.ORDB.MOENSTED.DK
Name Server:NS2.ORDB.MOENSTED.DK

On Fri, 28 Mar 2008, D. Stussy wrote:

> As for you, asshole, you don't even deserve the respect of consideration of
> an apology, and that starts with failing to capitalize my name.

maybe that says all it needs to on what I think of you eh...


--
Cheers
Res

mysql> update auth set Framed-IP-Address='127.0.0.127' where user= 'troll';

On 3/28/2008 12:31 AM, Res wrote:
> The best way would be in all your DNS's put
>
> zone "ordb.org" {
> type master;
> file "empty";
> notify no;
> };
>
> if they dont want dns hits, they wont get any

What about the traffic coming to their server looking for the ordb.org
zone? That would still continue for years to come.

If all you do is drop the traffic as early as possible, you are still
dropping traffic that is still coming to you. Where as if you do
something to cause people to want to not query you, the traffic will
drop off sharply in short order.



Grant. . . .

On Sun, 30 Mar 2008, Grant Taylor wrote:

>
> On 3/28/2008 12:31 AM, Res wrote:
>> The best way would be in all your DNS's put
>>
>> zone "ordb.org" {
>> type master;
>> file "empty";
>> notify no;
>> };
>>
>> if they dont want dns hits, they wont get any
>
> What about the traffic coming to their server looking for the ordb.org zone?
> That would still continue for years to come.

huh? that entry you would put in your DNS's, as in an ISP/Telco DNS's,
couldnt care less about theirs, if they dont have the bandwith thats
their problem, they knew the risks involved before starting up.



--
Cheers
Res

mysql> update auth set Framed-IP-Address='127.0.0.127' where user= 'troll';

Res <res@ausics.net> wrote:
> huh? that entry you would put in your DNS's, as in an ISP/Telco DNS's,
> couldnt care less about theirs, if they dont have the bandwith thats
> their problem, they knew the risks involved before starting up.

Oh. Great. Because one's to f***ing stupid to maintain one's mailserver
he's going to tinker with other peoples zones in his DNS setup. Yeah,
thats the way to go. As it shows the same clue-level regarding email
and DNS.

l33t solution. Go and post this to every phpBB.
Clemens.
--
/"\ http://czauner.onlineloop.com/
\ / ASCII RIBBON CAMPAIGN
X AGAINST HTML MAIL
/ \ AND POSTINGS

On Sun, 30 Mar 2008, Clemens Zauner wrote:

> Oh. Great. Because one's to f***ing stupid to maintain one's mailserver
> he's going to tinker with other peoples zones in his DNS setup. Yeah,
> thats the way to go. As it shows the same clue-level regarding email
> and DNS.

yup, becasue I dont assume all corporate clients with their own
mailservers are guru's, I implimented that work around for osirusoft
years ago, as not every client can have their IT contractor drop
everything and attend to their problems on a weekend for instance.
It was appreciated by our clients and thats all *I* care about, I dont
care about anything else so long as they are happy.


--
Cheers
Res

mysql> update auth set Framed-IP-Address='127.0.0.127' where user= 'troll';

On Mar 30, 6:34pm, Res <r...@ausics.net> wrote:
> On Sun, 30 Mar 2008, Clemens Zauner wrote:
> > Oh. Great. Because one's to f***ing stupid to maintain one's mailserver
> > he's going to tinker with other peoples zones in his DNS setup. Yeah,
> > thats the way to go. As it shows the same clue-level regarding email
> > and DNS.
>
> yup, becasue I dont assume all corporate clients with their own
> mailservers are guru's, I implimented that work around for osirusoft
> years ago, as not every client can have their IT contractor drop
> everything and attend to their problems on a weekend for instance.
> It was appreciated by our clients and thats all *I* care about, I dont
> care about anything else so long as they are happy.
>
> --
> Cheers
> Res
>
> mysql> update auth set Framed-IP-Address='127.0.0.127' where user= 'troll';

I guess some people just don't have a clue about the contracting
world. There are many companies out there that only call when they
have a problem or just have a contract computer company come in for a
couple hours every now in then to check stuff out. Just because these
companies don't have a full time IT person or a budget that allows
them to, doesn't mean they deserve to have their company's e-mail
taken down because people decide to be idiots. Really, honestly, is
it to much to ask have them make some changes to their DNS. They took
on the responsibility of hosting this service they should respect that
responsibility and do the right thing. Imagine how much money was
spent on troubleshooting this problem around the nation. I know that
Astaro had to release a patch for it.

For all you negative nancys, oh how nice it would be to sit back and
throw jabs and act like you know what the hell you are talking about
on a little forum. I can pretty much guarantee you that I solve more
problems in 1 week then most of you will solve in a year. Thats the
one thing I hate about this field is all the arrogant a-holes that act
like they know everything. I hate to tell you this but if you think
you everything about computers and networks you don't have a clue.

P's out,

Keep up the good fight Res

On 4/1/2008 8:16 PM, aoberlin@gmail.com wrote:
> I guess some people just don't have a clue about the contracting
> world. There are many companies out there that only call when they
> have a problem or just have a contract computer company come in for a
> couple hours every now in then to check stuff out. Just because these
> companies don't have a full time IT person or a budget that allows
> them to, doesn't mean they deserve to have their company's e-mail
> taken down because people decide to be idiots. Really, honestly, is
> it to much to ask have them make some changes to their DNS. They took
> on the responsibility of hosting this service they should respect that
> responsibility and do the right thing. Imagine how much money was
> spent on troubleshooting this problem around the nation. I know that
> Astaro had to release a patch for it.

Question(s):
- How do you get people that are querying a dead system to stop
querying it?
- How many months / years should someone pay for a service bandwidth
for a service that has been dead for 14+ months? 2 years? Longer?
- How long are you willing to pay to host 50 GB of traffic a month for
a service that is dead?
- What would you do that is different than what ORDB has done?

> For all you negative nancys, oh how nice it would be to sit back and
> throw jabs and act like you know what the hell you are talking about
> on a little forum. I can pretty much guarantee you that I solve more
> problems in 1 week then most of you will solve in a year. Thats the
> one thing I hate about this field is all the arrogant a-holes that act
> like they know everything. I hate to tell you this but if you think
> you everything about computers and networks you don't have a clue.

Rather than throwing jabs your self, how about throwing down some
information for discussion? Please answer the above questions. Please
persuade me ("show me the light" if you will) why and / or how what ORDB
did was wrong and explain what you would have done different. Will your
solution hold up now, 1 month from now, 1 year from now, 5 years from
now? Would you still be willing to pay for the resources for your
defunct service 5 or 10 years from now?



Grant. . . .

On 4/1/2008 11:30 PM, Res wrote:
> This is exactly the point, the entire domain is moot, removing the
> name servers from zone, setting thme to 127.0.0.1, dropping the zone
> sicne they dont want it, it has no use these days. It has no A
> records, www has no A records, it has no MX record, but yet they
> still have records to block everyone querrying *.relays.ordb.org
> petty absolutely fucking petty.

For the sake of the on going discussion please clarify what you want
ORDB to do and where you would like them to do it.

Are you wanting ORDB to:
- Remove NS records for the relays.ordb.org sub-domain from the
ordb.org zone?
- Set the A record referenced in the glue records for the
relays.ordb.org sub-domain to 127.0.0.1?
- Remove all references to the relays.ordb.org sub-domain?
- Remove all ORDB zones?
- Set glue records with Tucows to 127.0.0.1?
- Remove the glue records with Tucows if possible?

> since your in the business of calling others, I'll call you, show me
> the evidence they ar ehit with 50G a month

Fair enough. I will first say that I do not have any ""evidence per say
(logs, reports, etc from ORDB), but I can run (what I believe to be)
extremely conservative numbers to come up with the amount of traffic
that their DNS servers would see.

Please reference my 2nd & 3rd message in the Google archive
http://groups.google.com/group/comp....34fe99fe90ab5#

From my second message you can see how I derived the size of queries
and replies. Below are the formulas that I used to run the numbers.

I found that there were (approximately) 246 country codes. I'm going to
presume that ORDB is receiving at least one query per second per country
code. I feel confident that this is a very safe number to use.

Per my other posts, I found that a query is 85 bytes and a reply is 202
bytes, making a query and reply 287 bytes.

If we take the 85 (bytes per query) * 246 (country codes) is 20910 bytes
per second or 20.9 kB per second of DNS query traffic.

If we take the 85 (bytes per query) * 246 (country codes) * 60 (second
per minute) * 60 (minutes per hour) * 24 (hours per day) is 1806624000
bytes per day or 1806624 kB per day or 1806.6 MB per day or 1.8 GB per
day of DNS query traffic.

If we take the 85 (bytes per query) * 246 (country codes) * 60 (second
per minute) * 60 (minutes per hour) * 24 (hours per day) * 30 (days per
month) is 54198720000 bytes per month or 54198720 kB per month or
54198.7 MB per month or 54.1 GB per month of DNS query traffic.

If we use the same equations with the size of the reply and the size of
the query and reply combined we get the following numbers:

DNS reply traffic
202 * 246 = 49692 B or 49.69 kB per second
202 * 246 * 60 * 60 * 24 = 4293388800 B or 4293388.8 kB or 4293.3 MB or
4.2 GB per day
202 * 246 * 60 * 60 * 24 * 30 = 128801664000 B or 128801664 kB or
128801.6 MB or 128.8 GB per month

Combined DNS query and reply traffic
287 * 246 = 70602 B or 70.6 kB per second
287 * 246 * 60 * 60 * 24 = 6100012800 B or 6100012.8 kB or 6100 MB or
6.1 GB per day
287 * 246 * 60 * 60 * 24 * 30 = 183000384000 B or 183000384 kB or
183000.3 MB or 183 GB per month

I think it is fairly obvious that this is a LOT of traffic that has to
be absorbed by someone's DNS servers. What is worse is that this amount
of traffic is very unlikely to taper off very fast at all if nothing is
done to encourage people to stop querying the servers. Hence why I
believe ORDB decided to switch to collateral damage after being closed
for 14+ months all the wile handling 183 GB (or more) traffic for a
defunct service.

With these numbers in mind, let's see how what I believe you are wanting
ORDB to do stacks up.

- Remove NS records for the relays.ordb.org sub-domain from the
ordb.org zone?

Systems will still be querying the ordb.org zone for the sub-domain,
thus the traffic numbers still apply. Adjust the size of queries and
replies for the sizes of packets if need be. However this number will
still be very large.

- Set the A record referenced in the glue records for the
relays.ordb.org sub-domain to 127.0.0.1?

(same as above)

- Remove all references to the relays.ordb.org sub-domain?

(same as above)

- Remove all ORDB zones?

Systems will still query the ORDB zone name servers looking for
records. Still very similar to above.

- Set glue records with Tucows to 127.0.0.1?

Root name servers will still receive traffic looking for the name
servers for the ORDB zone.

- Remove the glue records with Tucows if possible?

Root name servers will still be queried.

What is worse with doing the above is that most of the systems that are
still querying ORDB after being closed for 14+ months will continue to
do so for quite a while to come. What incentive do all the companies
like aoberlin is referring to have to bring someone in to correct the
problem if at worst they have a DNS timeout per message passing through
their system? How long do you think it will be before someone does
remove ORDB from the config? I'm betting that ORDB will stay in the
config until the system is replaced with something new, so most likely
sometime with in the next 5 years (give or take). What if someone
copies the old config to the next system? How many new systems down the
road will be able to use the old config file or .mc file? Let's say 3
generations with a 5 year life cycle. Now we are up to 11 years if we
say the replacement cycle is every 3 years and we take off the 14 months
that have passed. All this time will add up to a *LOT* of wasted
bandwidth and $$$ because people do not update their config.

This is why I think it perfectly reasonable for ORDB to result to some
action that will ensure that people will want to update their config.
ORDB has been defunct for 14+ months. Any one that was going to update
their config on their own accord has done so already. I'm willing to
bet that a very large majority of systems that were querying ORDB a week
ago are no longer querying ORDB. Let's just say that the number is cut
bu 10%. Here is a simple list of the number of queries per second for
each week for the next 6 months:

Week Query / Sec
1 246
2 221.4
3 199.2
4 179.2
5 161.2
6 145
7 130.5
8 117.4
9 105.6
10 95
11 85.5
12 76.9
13 69.2
14 62.2
15 55.9
16 50.3
17 45.2
18 40.6
19 36.5
20 32.8
21 29.5
22 26.5
23 23.8
24 21.4

If I run the numbers out with a 10% drop per week, all queries should be
stopped by the 60 weeks. For the curious, if the number of queries per
week is cut in half, with in 13 weeks all queries should be stopped.
Cut in to a quarter and you are down to 7 weeks.

Compare the operational costs of doing this verses answering queries for
the coming years.



Grant. . . .

<aoberlin@gmail.com> wrote in message
news:2582e793-3ebf-41cc-ae5a-30844c2f2bdb@e39g2000hsf.googlegroups.com...
For all you negative nancys, oh how nice it would be to sit back and
throw jabs and act like you know what the hell you are talking about
on a little forum. I can pretty much guarantee you that I solve more
problems in 1 week then most of you will solve in a year. Thats the
one thing I hate about this field is all the arrogant a-holes that act
like they know everything. I hate to tell you this but if you think
you everything about computers and networks you don't have a clue.


Maybe that's because some of us learn about such things and make changes
BEFORE any problems arise.

I don't claim to know "everything" but I do keep up with services I actually
use.

On Apr 2, 1:58am, Grant Taylor <gtay...@riverviewtech.net> wrote:
> On 4/1/2008 11:30 PM, Res wrote:
>
> > This is exactly the point, the entire domain is moot, removing the
> > name servers from zone, setting thme to 127.0.0.1, dropping the zone
> > sicne they dont want it, it has no use these days. It has no A
> > records, www has no A records, it has no MX record, but yet they
> > still have records to block everyone querrying *.relays.ordb.org
> > petty absolutely fucking petty.
>
> For the sake of the on going discussion please clarify what you want
> ORDB to do and where you would like them to do it.
>
> Are you wanting ORDB to:
> - Remove NS records for therelays.ordb.orgsub-domain from the
> ordb.org zone?
> - Set the A record referenced in the glue records for therelays.ordb.orgsub-domain to 127.0.0.1?
> - Remove all references to therelays.ordb.orgsub-domain?
> - Remove all ORDB zones?
> - Set glue records with Tucows to 127.0.0.1?
> - Remove the glue records with Tucows if possible?
>
> > since your in the business of calling others, I'll call you, show me
> > the evidence they ar ehit with 50G a month
>
> Fair enough. I will first say that I do not have any ""evidence per say
> (logs, reports, etc from ORDB), but I can run (what I believe to be)
> extremely conservative numbers to come up with the amount of traffic
> that their DNS servers would see.
>
> Please reference my 2nd & 3rd message in the Google archivehttp://groups.google.com/group/comp.mail.sendmail/browse_thread/threa...
>
> From my second message you can see how I derived the size of queries
> and replies. Below are the formulas that I used to run the numbers.
>
> I found that there were (approximately) 246 country codes. I'm going to
> presume that ORDB is receiving at least one query per second per country
> code. I feel confident that this is a very safe number to use.
>
> Per my other posts, I found that a query is 85 bytes and a reply is 202
> bytes, making a query and reply 287 bytes.
>
> If we take the 85 (bytes per query) * 246 (country codes) is 20910 bytes
> per second or 20.9 kB per second of DNS query traffic.
>
> If we take the 85 (bytes per query) * 246 (country codes) * 60 (second
> per minute) * 60 (minutes per hour) * 24 (hours per day) is 1806624000
> bytes per day or 1806624 kB per day or 1806.6 MB per day or 1.8 GB per
> day of DNS query traffic.
>
> If we take the 85 (bytes per query) * 246 (country codes) * 60 (second
> per minute) * 60 (minutes per hour) * 24 (hours per day) * 30 (days per
> month) is 54198720000 bytes per month or 54198720 kB per month or
> 54198.7 MB per month or 54.1 GB per month of DNS query traffic.
>
> If we use the same equations with the size of the reply and the size of
> the query and reply combined we get the following numbers:
>
> DNS reply traffic
> 202 * 246 = 49692 B or 49.69 kB per second
> 202 * 246 * 60 * 60 * 24 = 4293388800 B or 4293388.8 kB or 4293.3 MB or
> 4.2 GB per day
> 202 * 246 * 60 * 60 * 24 * 30 = 128801664000 B or 128801664 kB or
> 128801.6 MB or 128.8 GB per month
>
> Combined DNS query and reply traffic
> 287 * 246 = 70602 B or 70.6 kB per second
> 287 * 246 * 60 * 60 * 24 = 6100012800 B or 6100012.8 kB or 6100 MB or
> 6.1 GB per day
> 287 * 246 * 60 * 60 * 24 * 30 = 183000384000 B or 183000384 kB or
> 183000.3 MB or 183 GB per month
>
> I think it is fairly obvious that this is a LOT of traffic that has to
> be absorbed by someone's DNS servers. What is worse is that this amount
> of traffic is very unlikely to taper off very fast at all if nothing is
> done to encourage people to stop querying the servers. Hence why I
> believe ORDB decided to switch to collateral damage after being closed
> for 14+ months all the wile handling 183 GB (or more) traffic for a
> defunct service.
>
> With these numbers in mind, let's see how what I believe you are wanting
> ORDB to do stacks up.
>
> - Remove NS records for therelays.ordb.orgsub-domain from the
> ordb.org zone?
>
> Systems will still be querying the ordb.org zone for the sub-domain,
> thus the traffic numbers still apply. Adjust the size of queries and
> replies for the sizes of packets if need be. However this number will
> still be very large.
>
> - Set the A record referenced in the glue records for therelays.ordb.orgsub-domain to 127.0.0.1?
>
> (same as above)
>
> - Remove all references to therelays.ordb.orgsub-domain?
>
> (same as above)
>
> - Remove all ORDB zones?
>
> Systems will still query the ORDB zone name servers looking for
> records. Still very similar to above.
>
> - Set glue records with Tucows to 127.0.0.1?
>
> Root name servers will still receive traffic looking for the name
> servers for the ORDB zone.
>
> - Remove the glue records with Tucows if possible?
>
> Root name servers will still be queried.
>
> What is worse with doing the above is that most of the systems that are
> still querying ORDB after being closed for 14+ months will continue to
> do so for quite a while to come. What incentive do all the companies
> like aoberlin is referring to have to bring someone in to correct the
> problem if at worst they have a DNS timeout per message passing through
> their system? How long do you think it will be before someone does
> remove ORDB from the config? I'm betting that ORDB will stay in the
> config until the system is replaced with something new, so most likely
> sometime with in the next 5 years (give or take). What if someone
> copies the old config to the next system? How many new systems down the
> road will be able to use the old config file or .mc file? Let's say 3
> generations with a 5 year life cycle. Now we are up to 11 years if we
> say the replacement cycle is every 3 years and we take off the 14 months
> that have passed. All this time will add up to a *LOT* of wasted
> bandwidth and $$$ because people do not update their config.
>
> This is why I think it perfectly reasonable for ORDB to result to some
> action that will ensure that people will want to update their config.
> ORDB has been defunct for 14+ months. Any one that was going to update
> their config on their own accord has done so already. I'm willing to
> bet that a very large majority of systems that were querying ORDB a week
> ago are no longer querying ORDB. Let's just say that the number is cut
> bu 10%. Here is a simple list of the number of queries per second for
> each week for the next 6 months:
>
> Week Query / Sec
> 1 246
> 2 221.4
> 3 199.2
> 4 179.2
> 5 161.2
> 6 145
> 7 130.5
> 8 117.4
> 9 105.6
> 10 95
> 11 85.5
> 12 76.9
> 13 69.2
> 14 62.2
> 15 55.9
> 16 50.3
> 17 45.2
> 18 40.6
> 19 36.5
> 20 32.8
> 21 29.5
> 22 26.5
> 23 23.8
> 24 21.4
>
> If I run the numbers out with a 10% drop per week, all queries should be
> stopped by the 60 weeks. For the curious, if the number of queries per
> week is cut in half, with in 13 weeks all queries should be stopped.
> Cut in to a quarter and you are down to 7 weeks.
>
> Compare the operational costs of doing this verses answering queries for
> the coming years.
>
> Grant. . . .

Impressive.

On Apr 2, 1:58am, Grant Taylor <gtay...@riverviewtech.net> wrote:
> On 4/1/2008 11:30 PM, Res wrote:
>
> > This is exactly the point, the entire domain is moot, removing the
> > name servers from zone, setting thme to 127.0.0.1, dropping the zone
> > sicne they dont want it, it has no use these days. It has no A
> > records, www has no A records, it has no MX record, but yet they
> > still have records to block everyone querrying *.relays.ordb.org
> > petty absolutely fucking petty.
>
> For the sake of the on going discussion please clarify what you want
> ORDB to do and where you would like them to do it.
>
> Are you wanting ORDB to:
> - Remove NS records for therelays.ordb.orgsub-domain from the
> ordb.org zone?
> - Set the A record referenced in the glue records for therelays.ordb.orgsub-domain to 127.0.0.1?
> - Remove all references to therelays.ordb.orgsub-domain?
> - Remove all ORDB zones?
> - Set glue records with Tucows to 127.0.0.1?
> - Remove the glue records with Tucows if possible?
>
> > since your in the business of calling others, I'll call you, show me
> > the evidence they ar ehit with 50G a month
>
> Fair enough. I will first say that I do not have any ""evidence per say
> (logs, reports, etc from ORDB), but I can run (what I believe to be)
> extremely conservative numbers to come up with the amount of traffic
> that their DNS servers would see.
>
> Please reference my 2nd & 3rd message in the Google archivehttp://groups.google.com/group/comp.mail.sendmail/browse_thread/threa...
>
> From my second message you can see how I derived the size of queries
> and replies. Below are the formulas that I used to run the numbers.
>
> I found that there were (approximately) 246 country codes. I'm going to
> presume that ORDB is receiving at least one query per second per country
> code. I feel confident that this is a very safe number to use.
>
> Per my other posts, I found that a query is 85 bytes and a reply is 202
> bytes, making a query and reply 287 bytes.
>
> If we take the 85 (bytes per query) * 246 (country codes) is 20910 bytes
> per second or 20.9 kB per second of DNS query traffic.
>
> If we take the 85 (bytes per query) * 246 (country codes) * 60 (second
> per minute) * 60 (minutes per hour) * 24 (hours per day) is 1806624000
> bytes per day or 1806624 kB per day or 1806.6 MB per day or 1.8 GB per
> day of DNS query traffic.
>
> If we take the 85 (bytes per query) * 246 (country codes) * 60 (second
> per minute) * 60 (minutes per hour) * 24 (hours per day) * 30 (days per
> month) is 54198720000 bytes per month or 54198720 kB per month or
> 54198.7 MB per month or 54.1 GB per month of DNS query traffic.
>
> If we use the same equations with the size of the reply and the size of
> the query and reply combined we get the following numbers:
>
> DNS reply traffic
> 202 * 246 = 49692 B or 49.69 kB per second
> 202 * 246 * 60 * 60 * 24 = 4293388800 B or 4293388.8 kB or 4293.3 MB or
> 4.2 GB per day
> 202 * 246 * 60 * 60 * 24 * 30 = 128801664000 B or 128801664 kB or
> 128801.6 MB or 128.8 GB per month
>
> Combined DNS query and reply traffic
> 287 * 246 = 70602 B or 70.6 kB per second
> 287 * 246 * 60 * 60 * 24 = 6100012800 B or 6100012.8 kB or 6100 MB or
> 6.1 GB per day
> 287 * 246 * 60 * 60 * 24 * 30 = 183000384000 B or 183000384 kB or
> 183000.3 MB or 183 GB per month
>
> I think it is fairly obvious that this is a LOT of traffic that has to
> be absorbed by someone's DNS servers. What is worse is that this amount
> of traffic is very unlikely to taper off very fast at all if nothing is
> done to encourage people to stop querying the servers. Hence why I
> believe ORDB decided to switch to collateral damage after being closed
> for 14+ months all the wile handling 183 GB (or more) traffic for a
> defunct service.
>
> With these numbers in mind, let's see how what I believe you are wanting
> ORDB to do stacks up.
>
> - Remove NS records for therelays.ordb.orgsub-domain from the
> ordb.org zone?
>
> Systems will still be querying the ordb.org zone for the sub-domain,
> thus the traffic numbers still apply. Adjust the size of queries and
> replies for the sizes of packets if need be. However this number will
> still be very large.
>
> - Set the A record referenced in the glue records for therelays.ordb.orgsub-domain to 127.0.0.1?
>
> (same as above)
>
> - Remove all references to therelays.ordb.orgsub-domain?
>
> (same as above)
>
> - Remove all ORDB zones?
>
> Systems will still query the ORDB zone name servers looking for
> records. Still very similar to above.
>
> - Set glue records with Tucows to 127.0.0.1?
>
> Root name servers will still receive traffic looking for the name
> servers for the ORDB zone.
>
> - Remove the glue records with Tucows if possible?
>
> Root name servers will still be queried.
>
> What is worse with doing the above is that most of the systems that are
> still querying ORDB after being closed for 14+ months will continue to
> do so for quite a while to come. What incentive do all the companies
> like aoberlin is referring to have to bring someone in to correct the
> problem if at worst they have a DNS timeout per message passing through
> their system? How long do you think it will be before someone does
> remove ORDB from the config? I'm betting that ORDB will stay in the
> config until the system is replaced with something new, so most likely
> sometime with in the next 5 years (give or take). What if someone
> copies the old config to the next system? How many new systems down the
> road will be able to use the old config file or .mc file? Let's say 3
> generations with a 5 year life cycle. Now we are up to 11 years if we
> say the replacement cycle is every 3 years and we take off the 14 months
> that have passed. All this time will add up to a *LOT* of wasted
> bandwidth and $$$ because people do not update their config.
>
> This is why I think it perfectly reasonable for ORDB to result to some
> action that will ensure that people will want to update their config.
> ORDB has been defunct for 14+ months. Any one that was going to update
> their config on their own accord has done so already. I'm willing to
> bet that a very large majority of systems that were querying ORDB a week
> ago are no longer querying ORDB. Let's just say that the number is cut
> bu 10%. Here is a simple list of the number of queries per second for
> each week for the next 6 months:
>
> Week Query / Sec
> 1 246
> 2 221.4
> 3 199.2
> 4 179.2
> 5 161.2
> 6 145
> 7 130.5
> 8 117.4
> 9 105.6
> 10 95
> 11 85.5
> 12 76.9
> 13 69.2
> 14 62.2
> 15 55.9
> 16 50.3
> 17 45.2
> 18 40.6
> 19 36.5
> 20 32.8
> 21 29.5
> 22 26.5
> 23 23.8
> 24 21.4
>
> If I run the numbers out with a 10% drop per week, all queries should be
> stopped by the 60 weeks. For the curious, if the number of queries per
> week is cut in half, with in 13 weeks all queries should be stopped.
> Cut in to a quarter and you are down to 7 weeks.
>
> Compare the operational costs of doing this verses answering queries for
> the coming years.
>
> Grant. . . .

Grant I like your style. I would say drop the whole domain. Since
they gambled and lost the the whole ordb zone should should no longer
exist. Yes there would still be queries but there a millions of
queries a day for zones that do not exist. Not a big deal. It would
be like saying we need to take every satellite out of space that are
no longer in service, because some day we will run out of room.

But with that said you make a valid argument and back it up with some
cool stats. And I would have to say I am less pissed about the
situation.

See this is the kind of reasoning I can understand. Not the "your
idiot for not reading about this 2 years ago."

Aoberlin, thank you for your comments.