[HECnet] Use of Area 63 for Testing

John Forecast john at forecast.name
Wed Apr 7 10:21:40 PDT 2021 


> On Apr 6, 2021, at 9:17 PM, Johnny Billquist <bqt at softjar.se> wrote:
> 
> Hi, all.
> 
> First of all, to comment on the OP. Area 63 has indeed been reserved for people interested in doing hidden areas, like DEC did. I also do not remember much detail right now, but others asked for it, and I saw no problem in reserving one area for it. Others might even be using this, based on comments here.
> 
> When it comes to PMR and PASSTHRU, I might have some stuff for RSX that could answer some questions, but I would have to dig through things... Not sure if there is enough interest for any digging around right now.
> 

If you find anything I would be interested in adding support to Linux DECnet.

> Finally, when it comes to duplicate addresses, the most obvious casualties are always the two nodes where the duplication actually happens. If they are just endnodes, the damage always stops there. While this is maybe not a good state, it at least is containable. But make sure people do not get creative and just start changing to arbitrary other addresses, or we are going to need to take more drastic action.
> 
> I can understand the desire to make it easier for people with little understanding to hook up, there is a risk that if you don't know what you are doing, you create problems for others that you don't even understand. I would really recommend that we don't make it *too* easy for people to hook up. I don't want to hold hands for people who have no idea what they are doing, just to prevent chaos on HECnet.
> 
> Finally, if you setup nodes that are not endnodes, the responsibilities grow. Especially if you are in an area where others are also active, since any kind of router can potentially wreck havoc in an area, or possible even with the inter-area routing.
> So for those, I would even more suggest that you do not set anything like that up for someone who don't know what they are doing.
> 
> Now, these comments are not really targeted at anyone in particular, but something for everyone to be aware of, and consider, when you hook up others. HECnet is rather distributed, really. I do manage the area allocation, and area 1. But when I hand out an area to someone, then everything about that area becomes that persons responsibility. So adding new people, new nodes, new links, or whatever, is totally up to them. I can certainly offer a bit of support, but the "owner" of an area is really the deciding person on what happens in that area. If the owner sub-let part of the area to someone else, I think it still makes sense to consult with that area owner, if you further sub-let, or hook others up, since this definitely can have an impact on the area.
> 
> Think about it. We should all try to be good neighbors. DECnet, while ok, isn't at the robustness level, or security (well there are none) of modern internets.
> 

In the late ‘80s I was a member of the Distributed Services group working on DAAS (Distributed Authentication and Authorization Service). The group was also responsible for distributed naming services (DNADNS), distributed file service (DFS) and distributed time service (DTSS). We licensed the RSA algorithm for prototyping and we were working on an architecture using distributed CAs similar to what is used today. I had a version of CTERM on Ultrix (dlogin) which used a crypto exchange to perform an immediate login without entering a password. The main problem was the lack of compute power. A Microvax II, using hand crafted assembler, could manage a blistering 8KB/s of DES encrypt or decrypt and the RSA code was many times slower. I moved over to the Network Advanced Development group in 1990 and, I think, the assigned architect left the company around the same time so nothing further came of the work.

 John.

>  Johnny
> 
> On 2021-04-07 02:50, Paul Koning wrote:
>>> On Apr 6, 2021, at 8:21 PM, Mark J. Blair <nf6x at nf6x.net> wrote:
>>> 
>>> 
>>> 
>>>> On Apr 6, 2021, at 4:51 PM, Paul Koning <paulkoning at comcast.net> wrote:
>>>> 
>>>> 
>>>> Given that you have an area number assigned to you
>>> 
>>> I don't have a whole area number. I have a 100-number chunk of Robert's area reserved for me.
>>> 
>>> -- 
>>> Mark J. Blair, NF6X <nf6x at nf6x.net>
>>> https://www.nf6x.net/
>> Ok.  The same principle holds: a misbehaving node connected to an L1 router can mess up at most that area.  If it mistakenly grabs someone else's node number, those two nodes are affected but others are not.  The only way it could do worse things is if it's a router and it claims to be a really good path to other nodes in the area, and then doesn't live up to the promise.  (That happened in the Internet once, when routers in some corner of the Internet, Hong Kong perhaps, claimed to be the best way to reach Pakistan.)
>> Short of major software malfunction, not likely when dealing with VMS systems, the main worry is misconfiguration.  For that, connect via an L1 router and look for node address errors.
>> 	paul
> 
> -- 
> Johnny Billquist                  || "I'm on a bus
>                                  ||  on a psychedelic trip
> email: bqt at softjar.se             ||  Reading murder books
> pdp is alive!                     ||  tryin' to stay hip" - B. Idol

More information about the Hecnet-list mailing list