News server

Evenin all.

I've just been working out traffic numbers and suchlike for a news
swerver...

Going by Cabs stats, an average amount of posts to UKRM per
day is a fraction over 1MB.

Now, if each reader downloaded the whole of that 1MB of data,
over a 256Kbps link (ADSL upload speed), it'd take them
roughly 100 seconds.

And there's roughly 850 X lumps of 100 seconds in 24 hours.

So theoretically that 256Kbps link could support a max of
850 people reading & posting to UKRM.

Anyone see any obvious balls ups in my "back of fag packet"
calculations?

If not can volunteers form an orderly email queue to get usernames
& passwords to use my newsserver

Those people who like to sit there and hit "refresh" every 30 seconds
and expect new posts to appear need not apply, as I synch with
Zens and the german server every 10 mins or so.




frag
(bored & DFVing...)

 

Quite. Those cunts who stay 'online' can **** off.

Totally feasible to run a newsserver for 'offline' readers on any old
256kB ADSL uplink.

One OE/Xnews user and you're sunk

 

Is it somehow better than the German server?

 

Remember this is nowhere near my specialist subject - but if it used a
different port to those commonly blocked by work firewalls [1] it may be
useful to office types.


[1] Although isn't the usual practice to block everything and only open
what's necessary? I know nothing about this - does it show?

 

My corporate firewall doesn't allow me to connect to the German server, so
Eddie tried running a news feed for me on a different socket, but it turned
out that it was NNTP traffic that was blocked.

Which is why he shifted to offering a web-based news service which I know at
least one other person on here was using for a while.

--
AndrewR, D.Bot (Celeritas)
Kawasaki ZX-6R J1, Fiat Coupe 20v Turbo
BOTAFOT#2,ITJWTFO#6,UKRMRM#1/13a,MCT#1,DFV#2,SKoGA#0 (and KotL)
BotToS#5,SBS#25,IbW#34, DS#5, COSOC# Suspended, KotTFSTR#
The speccy Geordie twat.

 

everything's blocked here except port 80, but that traffic goes through
two proxies and a web-marshall, so nothing other than valid HTML and
XML gets through.

Which isn't very handy.

 

There are 2 schools of thought - the "ban everything and only let
approved traffic through" and the "ban just the bad stuff and let
everything else through".

Most corporates tend to the first one on the basis that they don't know
and don't trust most of their staff.

Indeed. The proxies are also probably doing http protocol verification
to stop other protocols being tunneled via HTTP.

Do they allow https? Thats usually very very very hard to proxy because
of the end-end encryption.

Phil

 

we do the first because of the reason you outline, but also because our
systems control billions of euros of other peoples' money.

We do allow https - it's a thought.

 

Until yours goes down.

 

NNTP is an upper layer protocol and can be identified as such by any
firewall with that kind of deep inspection capability. Same as they
can spot p2p traffic, regardless of the layer 3 ports in use.

TCP is a layer 3 transport protocol. There's not much overlap between
L3 and L4.

 

HTTPS is easy to proxy, if you just treat it as a TCP session once the
CONNECT's been handled. Which is about all you can do unless you have
the keys.

 

Ever the optimist.

 

And the "allow everything" school, which was deployed very
successfully at the network consulting servicing organisation at which
I worked.

 

no dice - it returns a proxy time-out error, probably because the
web-marshall identifies it as non-HTTP traffic.

 

Well it ran happily for over a year until the mobo became unreliable.

Rebuilt now and happy again.

I'll put you down as a "no thanks" then.



frag

 

TBH, if I was really that bothered, I'd put together a business case
for opening up port 119 through the firewalls for my machine.

 

What about the fact that quite few people [1] only download headers, and
then just the bodies of the messages thay want to read.


[1] in a brief[2] and recent survey, it was 100%
[2] sample size = 1

--
John

SV650
Black it is
and naked

 

You only download headers? How quaint. You must be on one of those
modem dial up thingies, no?

 

In a company of highly-educated, well-qualified network professionals?
The kind of network professionals who Cisco call to write their
certification tests? I think it would work. I mean, I've never had
any kind of port-blocking on my home DSL connection in the last 4
years, and I've never had any kind of nasty (despite only getting a
virus checker in the last year or so).

 

I have port 445 blocked, so as to stop cheeky types making use of
default shares on the Windows boxes here (a stroke of genius on the
part of Microsoft there)

But other than that, nothing, and I've never had a problem. Likewise
my vanity machine colo'ed elsewhere, whereas others around me seem to
be 0wn3d on an almost daily basis. Quite why I'm special I don't know.