Re: Hurricane Electric
used them for years, from when they were just a local ISP till today. a good addition to your mix... great value for money. --bill On Wed, Jun 17, 2009 at 08:41:23PM -0400, Paul Stewart wrote: > Hi folks... > > Looking for some feedback on using Hurricane Electric as an upstream? > > Thanks, > > Paul > > > > > > > > "The information transmitted is intended only for the person or entity to > which it is addressed and contains confidential and/or privileged material. > If you received this in error, please contact the sender immediately and then > destroy this transmission, including all attachments, without copying, > distributing or disclosing same. Thank you." >
Re: IPv6 transits (Was: Cogent input)
On Jun 14, 2009, at 6:04 PM, Jeroen Massar wrote: For people trying to find the "list", check: http://www.sixxs.net/faq/connectivity/?faq=ipv6transit Since when has Level3 offered native IPv6? I nag our rep & SE's just about every month on "when" and right now AFAIK it's still just tunnels. -- Robert Blayzor, BOFH INOC, LLC rblay...@inoc.net http://www.inoc.net/~rblayzor/
Re: IPv6 transits (Was: Cogent input)
i can confirm that Level(3), at least in Madrid area is only offering tunneled IPv6. --- Nuno Vieira nfsi telecom, lda. nuno.vie...@nfsi.pt Tel. (+351) 21 949 2300 - Fax (+351) 21 949 2301 http://www.nfsi.pt/ - "Robert Blayzor" wrote: > On Jun 14, 2009, at 6:04 PM, Jeroen Massar wrote: > > For people trying to find the "list", check: > > http://www.sixxs.net/faq/connectivity/?faq=ipv6transit > > > > Since when has Level3 offered native IPv6? I nag our rep & SE's just > > about every month on "when" and right now AFAIK it's still just > tunnels. > > -- > Robert Blayzor, BOFH > INOC, LLC > rblay...@inoc.net > http://www.inoc.net/~rblayzor/
Re: IPv6 transits
> > For people trying to find the "list", check: > > http://www.sixxs.net/faq/connectivity/?faq=ipv6transit > > Since when has Level3 offered native IPv6? I nag our rep & SE's just > about every month on "when" and right now AFAIK it's still just tunnels. That's also our experience. We receive Level3 transit in Oslo, Norway. The IPv6 transit is tunnelled to routers in Amsterdam and London. For all I know you might be able to get a native Level3 IPv6 transit if you happen to live in Amsterdam or London... Steinar Haug, Nethelp consulting, sth...@nethelp.no
Re: IPv6 transits
we are taking Ipv6 from level 3 in London and it's also via tunnel ( they are not able to provide us native). Tomas Caslavsky sth...@nethelp.no wrote: For people trying to find the "list", check: http://www.sixxs.net/faq/connectivity/?faq=ipv6transit Since when has Level3 offered native IPv6? I nag our rep & SE's just about every month on "when" and right now AFAIK it's still just tunnels. That's also our experience. We receive Level3 transit in Oslo, Norway. The IPv6 transit is tunnelled to routers in Amsterdam and London. For all I know you might be able to get a native Level3 IPv6 transit if you happen to live in Amsterdam or London... Steinar Haug, Nethelp consulting, sth...@nethelp.no
RE: Hurricane Electric
Thanks to everyone who replied to this question - I got a LOT of offline replies plus some of them online here The response was *very* positive and I appreciate again folks taking the time to drop me a line... Paul -Original Message- From: bmann...@vacation.karoshi.com [mailto:bmann...@vacation.karoshi.com] Sent: June 18, 2009 3:22 AM To: Paul Stewart Cc: NANOG list Subject: Re: Hurricane Electric used them for years, from when they were just a local ISP till today. a good addition to your mix... great value for money. --bill On Wed, Jun 17, 2009 at 08:41:23PM -0400, Paul Stewart wrote: > Hi folks... > > Looking for some feedback on using Hurricane Electric as an upstream? > > Thanks, > > Paul > > > > > > > > "The information transmitted is intended only for the person or entity to which it is addressed and contains confidential and/or privileged material. If you received this in error, please contact the sender immediately and then destroy this transmission, including all attachments, without copying, distributing or disclosing same. Thank you." > "The information transmitted is intended only for the person or entity to which it is addressed and contains confidential and/or privileged material. If you received this in error, please contact the sender immediately and then destroy this transmission, including all attachments, without copying, distributing or disclosing same. Thank you."
Re: spamhaus drop list
On Tue, Jun 16, 2009 at 09:04:50PM -, John Levine wrote: > Not that I've ever seen. Nobody else has the breadth of data that > Spamhaus does. > > I've been using it for ages and based on zero complaints, it's never > blocked anything that any of my users wanted. I strongly concur with John: using the Spamhaus DROP list is incredibly effective not just against spam but against many other forms of abuse. I use a script to update various routers/firewalls/mail systems once a week, and there have been no problems of any kind with it. ---Rsk
Re: Wireless bridge
On Thu, Jun 18, 2009 at 09:05:56AM -0400, Peter Boone wrote: > Hi NANOG, > > I'm looking for some equipment recommendations for a wireless bridge between > two locations approximately 500-800 meters apart. The current setup for this > company has been extremely unstable and slow. I don't have a lot of > experience in this area so I was hoping someone could give me a few > pointers. I've had good luck with Cisco Aironet gear running in repeater mode. I've done the cheap linksys thing as well and it just did not work as well as using some equipment that was better designed. I have actually found the non-IOS software on the aironet 350/340 to be more usable than the IOS software. You need to have your network be consistent. You also have the obvious interference challenges with any unlicensed deployment. - Jared some of the equipment i've used: http://cgi.ebay.com/5-Cisco-Aironet-350-WAPs-AP352E2R-A-K9_W0QQitemZ200351697798QQcmdZViewItemQQptZCOMP_EN_Routers?hash=item2ea5e44b86&_trksid=p3286.c0.m14&_trkparms=65%3A1|66%3A2|39%3A1|240%3A1318|301%3A1|293%3A1|294%3A50 http://cgi.ebay.com/Cisco-AIR-AP1121G-A-K9-Aironet-1100-1121-Access-Point_W0QQitemZ190313803887QQcmdZViewItemQQptZCOMP_EN_Routers?hash=item2c4f96306f&_trksid=p3286.c0.m14&_trkparms=65%3A1|66%3A2|39%3A1|240%3A1318|301%3A1|293%3A1|294%3A50 -- Jared Mauch | pgp key available via finger from ja...@puck.nether.net clue++; | http://puck.nether.net/~jared/ My statements are only mine.
Re: WISP NMS recommendations
Although this would probably be better suited for one of the WISPA lists, I'll respond here anyhow since there seems to be some interest. For managing Canopy elements, Motorola Prizm is probably the way to go. First of all, you'll need it to handle element authentication for your PtMP system. It will also do configuration management, alerting, and all the usual NMS stuff. It's also *possible* to get it to work with other SNMP capable devices if you want to manage other vendors' equipment. It will work out of the box with the Canopy PtMP line, PtP devices, powerline carrier devices, and (I think) the MotoMESH line. It gives you all the info you need at a glance for each element: configuration history, RF power level plots, bandwidth utilization plots, alert history, etc. FYI if you haven't used it, Prizm is a pretty clunky and slow Java-based package. The features are nice, but configuring it can be a chore. Patrick Shoemaker Vector Data Systems LLC shoemak...@vectordatasystems.com office: (301) 358-1690 x36 http://www.vectordatasystems.com nanog-requ...@nanog.org wrote: Message: 5 Date: Wed, 17 Jun 2009 21:31:29 -0700 From: Freddie Sessler Subject: WISP NMS recommendations To: nanog@nanog.org Message-ID: Content-Type: text/plain; charset=ISO-8859-1 Hi Folks,I am looking for recommendations on an NMS system for use in managing a multivendor wireless infrastructure. Specifically we run mostly Motorola point to point, point to multipoint(Canopy platform) and mesh radios devices We have looked at the One Point Wireless Manager but this product in our evaluation doesn't seem to be ready for prime time and also has the limitation of only being able to manage Motorola. Ideally we would have something that could be used for configuration management in a multi vendor environment as well as recieve SNMP traps about RF issues such as latency and jitter. I am curious to what other shops are using out there. If this is a top better suited to another list, my apologies and any pointers to a different list would be greatly appreciated. Thanks JT
Re: Wireless bridge
We've used aironet since before cisco owned it. We just recently went fiber for most of the district, but still running one aironet connection a good distance apart. On Thu, Jun 18, 2009 at 9:18 AM, Jared Mauch wrote: > On Thu, Jun 18, 2009 at 09:05:56AM -0400, Peter Boone wrote: > > Hi NANOG, > > > > I'm looking for some equipment recommendations for a wireless bridge > between > > two locations approximately 500-800 meters apart. The current setup for > this > > company has been extremely unstable and slow. I don't have a lot of > > experience in this area so I was hoping someone could give me a few > > pointers. > > I've had good luck with Cisco Aironet gear running in repeater > mode. > >I've done the cheap linksys thing as well and it just did not work > as well as using some equipment that was better designed. > >I have actually found the non-IOS software on the aironet 350/340 to > be more usable than the IOS software. You need to have your network be > consistent. > >You also have the obvious interference challenges with any > unlicensed > deployment. > >- Jared > > some of the equipment i've used: > > > http://cgi.ebay.com/5-Cisco-Aironet-350-WAPs-AP352E2R-A-K9_W0QQitemZ200351697798QQcmdZViewItemQQptZCOMP_EN_Routers?hash=item2ea5e44b86&_trksid=p3286.c0.m14&_trkparms=65%3A1|66%3A2|39%3A1|240%3A1318|301%3A1|293%3A1|294%3A50 > > > http://cgi.ebay.com/Cisco-AIR-AP1121G-A-K9-Aironet-1100-1121-Access-Point_W0QQitemZ190313803887QQcmdZViewItemQQptZCOMP_EN_Routers?hash=item2c4f96306f&_trksid=p3286.c0.m14&_trkparms=65%3A1|66%3A2|39%3A1|240%3A1318|301%3A1|293%3A1|294%3A50 > > > -- > Jared Mauch | pgp key available via finger from ja...@puck.nether.net > clue++; | http://puck.nether.net/~jared/ My statements are only > mine. > >
Re: Wireless bridge
On Thu, Jun 18, 2009 at 09:05:56AM -0400, Peter Boone wrote: > I'm looking for some equipment recommendations for a wireless bridge between > two locations approximately 500-800 meters apart. The current setup for this > company has been extremely unstable and slow. I don't have a lot of > experience in this area so I was hoping someone could give me a few > pointers. We use Nortel 7230 wireless bridges and are *very* happy with them. They run at 5.8 GHz, 20 Mbps full duplex (really 18 Mbps data rate), do transparent bridging, and pass VLAN tagged frames just fine. For one particular link, we continually push the full 18 Mbps and they work fine. They are PoE powered via a power brick in the network closets, with a single Cat5 cable up to the outdoor unit which has the antenna integrated. We've had very few failures over the years--mainly a few infancy failures shortly after installation. We have about 40 units (20 links), all less than 1 km apart, most of them a few hundred meters across city streets. These are the third generation of wireless bridge products we have used, and they far outperform the older ones, especially from a reliability and maintenance perspective. We will be looking to upgrade these over the next few years to get more bandwidth in some locations, and I'm not overly optimistic about finding something that matches these from a reliability and ease-of-use perspective--I would appreciate it if you share a summary of any results you find.
Re: Wireless bridge
Peter Boone wrote: Hi NANOG, I'm looking for some equipment recommendations for a wireless bridge between two locations approximately 500-800 meters apart. The current setup for this company has been extremely unstable and slow. I don't have a lot of experience in this area so I was hoping someone could give me a few pointers. I have had good luck with Airaya. May be a bit pricy for your application but they are solid. The one I am on right now has to be at least five years old. http://airaya.com Whatever you do, move out of 2.4Ghz. That's probably 50% of your problems right there.
Re: Wireless bridge
Cisco Aironet www.cisco.com Alvarion www.alvarion.com Aruba www.arubanetworks.com bluesocket www.bluesocket.com I've used all but bluesocket and they all worked pretty well. bluesocket gets good reviews. These are just a few. There are lots of them. Try to use one as and access point and use one as a client. Working in repeater mode will cut your bandwidth in half. --Curtis Peter Boone wrote: Hi NANOG, I'm looking for some equipment recommendations for a wireless bridge between two locations approximately 500-800 meters apart. The current setup for this company has been extremely unstable and slow. I don't have a lot of experience in this area so I was hoping someone could give me a few pointers. Currently, both locations are using Linksys WRT54GL's flashed with DD-WRT firmware (Yes, 802.11g. All extra bells and whistles are disabled in the firmware. They were set up for WDS so other wireless clients could connect to the same access point, with varying degrees of success. Not very important). They are connected to SmartAnt 2300-2500 MHz 14 dBi directional antenna mounted on the roof (extended pretty high for perfect line of sight). I'm not sure when they got these antenna exactly but I'm told it was when WiFi was very new. The network is very small so both locations share the same subnet (192.168.1.0/24). They have gone through numerous Linksys access points over the years. The wireless settings are tweaked as best as possible, and we have found the connection to be most stable when the TX is limited to 6-9 Mbps. We have explored other options as well. An internet connection at each location + VPN is out due to very slow upstream speeds (the buildings are in an industrial area, ADSL is the only option.) The max they offer on regular business accounts is 800 kbps up. T1 lines are even slower and even more expensive. They won't offer us any other solutions such as fibre. We have considered running fibre/coax but there is too much construction activity and other property in the way. I'm looking into RouterBOARD right now, considering a RB433AH and R52H wireless card, but I'm not sure this will actually solve the problem. It's difficult to determine if the issue is with the antennas or access points (for example, after a good thunderstorm, the wireless link will be down for at least 12 hours, but will fix itself eventually. Resetting either access point will keep the link down for at least 30 minutes. Using an airgun on the access points tends to make them more reliable, even if they are clean and dust free. From the admin interface, each access point will report seeing a very good and strong signal from the other, yet they refuse to communicate until they feel like it a few hours later.) Any suggestions welcome. I'm sure you can tell cost is a bit of a factor here but it will be easy for me to justify a higher price if I'm confident it will be effective. While I'm at it, I've been reading along on the list for over a year now; thanks everyone for sharing your real world experiences :) Peter
Re: Wireless bridge
Pair of Ubuquiti power station 2 or 5 bridges, 5 would be preferable, under $200 per end. http://www.ubnt.com/downloads/ps5_datasheet.pdf Peter Boone wrote: > Hi NANOG, > > I'm looking for some equipment recommendations for a wireless bridge between > two locations approximately 500-800 meters apart. The current setup for this > company has been extremely unstable and slow. I don't have a lot of > experience in this area so I was hoping someone could give me a few > pointers. > > Currently, both locations are using Linksys WRT54GL's flashed with DD-WRT > firmware (Yes, 802.11g. All extra bells and whistles are disabled in the > firmware. They were set up for WDS so other wireless clients could connect > to the same access point, with varying degrees of success. Not very > important). They are connected to SmartAnt 2300-2500 MHz 14 dBi directional > antenna mounted on the roof (extended pretty high for perfect line of > sight). I'm not sure when they got these antenna exactly but I'm told it was > when WiFi was very new. The network is very small so both locations share > the same subnet (192.168.1.0/24). > > They have gone through numerous Linksys access points over the years. The > wireless settings are tweaked as best as possible, and we have found the > connection to be most stable when the TX is limited to 6-9 Mbps. > > We have explored other options as well. An internet connection at each > location + VPN is out due to very slow upstream speeds (the buildings are in > an industrial area, ADSL is the only option.) The max they offer on regular > business accounts is 800 kbps up. T1 lines are even slower and even more > expensive. They won't offer us any other solutions such as fibre. We have > considered running fibre/coax but there is too much construction activity > and other property in the way. > > I'm looking into RouterBOARD right now, considering a RB433AH and R52H > wireless card, but I'm not sure this will actually solve the problem. It's > difficult to determine if the issue is with the antennas or access points > (for example, after a good thunderstorm, the wireless link will be down for > at least 12 hours, but will fix itself eventually. Resetting either access > point will keep the link down for at least 30 minutes. Using an airgun on > the access points tends to make them more reliable, even if they are clean > and dust free. From the admin interface, each access point will report > seeing a very good and strong signal from the other, yet they refuse to > communicate until they feel like it a few hours later.) > > Any suggestions welcome. I'm sure you can tell cost is a bit of a factor > here but it will be easy for me to justify a higher price if I'm confident > it will be effective. > > While I'm at it, I've been reading along on the list for over a year now; > thanks everyone for sharing your real world experiences :) > > Peter > >
Re: Unicast Flooding
Thanks for all the good info.. So it sounds like changing my CAM timeout to 4 hours is the best suggestion. Anyone have any problems when implementing this?
RE: WISP NMS recommendations
We use Intermapper. It's very flexible, and offers a 'wireless probe' package, which covers Motorola Canopy and their PTP products, along with several other hardware vendors (Alvarion, Atmel, MikroTik, etc). Also, it's written in Java, and runs on just about anything. It does monitoring and (very basic) graphing, but not management. They have a pretty well documented and simple scripting language for writing new probes as well, which comes in very handy. I've written probes for several Dragonwave products, and submitted them to the community. Their support is also very responsive, which is always important. Tim Huffman Director of Engineering Business Only Broadband, LLC O (630) 590-6012 C (630) 340-1925 t...@bobbroadband.com www.bobbroadband.com > -Original Message- > From: Freddie Sessler [mailto:nanog...@gmail.com] > Sent: Wednesday, June 17, 2009 11:31 PM > To: nanog@nanog.org > Subject: WISP NMS recommendations > > Hi Folks,I am looking for recommendations on an NMS system for use in > managing a multivendor wireless infrastructure. Specifically we run mostly > Motorola point to point, point to multipoint(Canopy platform) and mesh > radios devices We have looked at the One Point Wireless Manager but this > product in our evaluation doesn't seem to be ready for prime time and also > has the limitation of only being able to manage Motorola. Ideally we would > have something that could be used for configuration management in a multi > vendor environment as well as recieve SNMP traps about RF issues such as > latency and jitter. I am curious to what other shops are using out there. > If > this is a top better suited to another list, my apologies and any pointers > to a different list would be greatly appreciated. > > Thanks > JT
Re: Wireless bridge
> (for example, after a good thunderstorm, the wireless link will be down for > at least 12 hours, but will fix itself eventually. Sounds like there are trees in the line of sight, and maybe they are getting leafier over the years. The only solution to that is to change the path if it is possible.
Re: Unicast Flooding
Holmes,David A wrote: > In a layer 3 switch I consider unicast flooding due to an L2 cam table > timeout a design defect. To test vendors' L3 switches for this defect we have > used a traffic generator to send 50-100 Mbps of pings to a device that does > not reply to the pings, where the L3 switch was routing from one vlan to > another to forward the pings. You don't need an elaborate scenario to create the unicast flooding. Syslog servers can cause this quite frequently, if all they do is sink syslog UDP traffic and never (or rarely) generate any packets themselves. You can push up L2 / CAM / mac-address-table timeouts, but you may have some unexpected results if you have a volatile / mobile network where end devices are not static. I still don't have a "really comfortable" recommendation on settings, but agree in general that the ARP timeout should be somewhat less than the L2 timeout, and yes, the ARP response will refresh the L2 entry. It gets even more complicated if you are using a NAC / monitoring function that triggers on mac-address-table tracking / changes / traps, as the shorter the L2 timeout, the more frequent your mac-address-table changes are generated. You can complicate this even further with "smart" monitors that are trying to keep a mapping of IP-to-MAC-to-switchport -- you may have L2 entries without ARPs, ARPs without L2 entries, etc. Jeff
RE: Wireless bridge
We're a WISP, so I have lots of experience with this kind of thing. The problem with using 2.4GHz equipment is that there's a whole lot of noise out there (run Network Stumbler sometime on a laptop with a wireless card, and you'll be shocked by just how many wi-fi APs are floating around). You didn't mention your bandwidth requirements, but I'm assuming that you're trying to get more (and spend less), so I'll only recommend unlicensed gear. For that distance, you might want to consider using a 5.2GHz radio. The FCC limits their transmit power, so they only work well in short-range applications (>2 miles or so), and 5.2GHz doesn't propagate the way that 2.4GHz does, so there tends to be much less noise in that band. The Motorola PTP400 series (http://www.motorola.com/Business/US-EN/Business+Product+and+Services/Wireless+Broadband+Networks/Point-to-Point+Bridges) is very good (Asymetric Dynamic Frequency selection means that each side can pick the best frequency to transmit on, and ARQ means that scrambled packets get handled at the wireless layer), and throughput tops out about 45Mbps (300Mbps for the PTP600 series), but they are expensive. They can be purchased in many different bands. On the lower end, we've been using Ligowave (http://www.ligowave.com), and had good results from them, for the price. They also come in many bands, and run about $3000 (for the model with an integrated panel antenna), support throughput up to 45Mbps, and also support ARQ. Hope this helps. Tim Huffman Director of Engineering Business Only Broadband, LLC O (630) 590-6012 C (630) 340-1925 t...@bobbroadband.com www.bobbroadband.com > -Original Message- > From: Peter Boone [mailto:na...@aquillar.com] > Sent: Thursday, June 18, 2009 8:06 AM > To: nanog@nanog.org > Subject: Wireless bridge > > Hi NANOG, > > I'm looking for some equipment recommendations for a wireless bridge > between > two locations approximately 500-800 meters apart. The current setup for > this > company has been extremely unstable and slow. I don't have a lot of > experience in this area so I was hoping someone could give me a few > pointers. > > Currently, both locations are using Linksys WRT54GL's flashed with DD-WRT > firmware (Yes, 802.11g. All extra bells and whistles are disabled in the > firmware. They were set up for WDS so other wireless clients could connect > to the same access point, with varying degrees of success. Not very > important). They are connected to SmartAnt 2300-2500 MHz 14 dBi > directional > antenna mounted on the roof (extended pretty high for perfect line of > sight). I'm not sure when they got these antenna exactly but I'm told it > was > when WiFi was very new. The network is very small so both locations share > the same subnet (192.168.1.0/24). > > They have gone through numerous Linksys access points over the years. The > wireless settings are tweaked as best as possible, and we have found the > connection to be most stable when the TX is limited to 6-9 Mbps. > > We have explored other options as well. An internet connection at each > location + VPN is out due to very slow upstream speeds (the buildings are > in > an industrial area, ADSL is the only option.) The max they offer on > regular > business accounts is 800 kbps up. T1 lines are even slower and even more > expensive. They won't offer us any other solutions such as fibre. We have > considered running fibre/coax but there is too much construction activity > and other property in the way. > > I'm looking into RouterBOARD right now, considering a RB433AH and R52H > wireless card, but I'm not sure this will actually solve the problem. It's > difficult to determine if the issue is with the antennas or access points > (for example, after a good thunderstorm, the wireless link will be down > for > at least 12 hours, but will fix itself eventually. Resetting either access > point will keep the link down for at least 30 minutes. Using an airgun on > the access points tends to make them more reliable, even if they are clean > and dust free. From the admin interface, each access point will report > seeing a very good and strong signal from the other, yet they refuse to > communicate until they feel like it a few hours later.) > > Any suggestions welcome. I'm sure you can tell cost is a bit of a factor > here but it will be easy for me to justify a higher price if I'm confident > it will be effective. > > While I'm at it, I've been reading along on the list for over a year now; > thanks everyone for sharing your real world experiences :) > > Peter >
Re: Cogent input
Speaking of the devil:
"Comcast plans to enter into broadband IPv6 technical trials later
this year and into 2010," {Barry Tishgart, VP of Internet Services for
Comcast} said. "Planning for general deployment is underway."
http://tech.slashdot.org/story/09/06/18/1417201/Comcast-To-Bring-IPv6-To-Residential-US-In-2010
http://www.internetnews.com/infra/article.phpr/3825696/Comcast+Embraces+IPv6.htm
http://news.google.com/news/more?um=1&ned=us&cf=all&ncl=dsg_EPKdMw3ISjMxORbZRq061pu7M
On Thu, Jun 18, 2009 at 1:52 AM, Kevin Hodle wrote:
> Hi Justin,
>
> Just FYI - Global Crossing can currently deliver dual stack/native v6
> transit in downtown KC,MO. You can either colo with them at 1100 Main St, or
> possibly have them haul a wave to one of the other major downtown carrier
> hotels they have strands running through / into (1102 Grand/Bryant and 324
> E. 11th St/Oak Towers come to mind, not to mention Level3's suite in 1100
> Walnut right across the street).
>
> Cheers,
> Kevin Hodle
>
> On Fri, Jun 12, 2009 at 8:13 AM, Justin Shore wrote:
>
>> John van Oppen wrote:
>>
>>> NTT (2914) and GBLX (3549) both do native v6... most everyone else on
>>> the tier1 list does tunnels. :(
>>>
>>> There are some nice tier2 networks who do native v6, tiscali and he.net
>>> come to mind.
>>>
>>
>> Let me rephrase that. :-) I know of no tier-Ns that offer any native v6
>> services here in the Midwest (central Kansas) including L3 which only has a
>> best effort pilot program using tunnels. There might be more options in KC
>> or OKC but not here that I'm aware of...
>>
>> Justin
>>
>>
>>
>>
>
>
> --
> || Kevin Hodle
> ||
> || 913-780-3959 (Primary)
> || 913-626-7197 (Mobile)
>
> PGP KeyID [0xBBDE8ED7]
> fingerprint [3E1B 1F10 938E A831 8CF2 670C 1329 0B8B BBDE 8ED7]
>
RE: Wireless bridge
> (for example, after a good thunderstorm, the wireless link will be down > for at least 12 hours, but will fix itself eventually. Are you sure there's not a moisture problem in the antennae cabling? Get an SWR meter that can handle the 2.4 GHz range and make sure that SWR is very low (approaching 1:1 but certainly less than 2:1). Hook up the meter in-line at the AP. Test this after everything is wet and again when there's been a dry spell. Minimize the number of exposed connections and use dielectric grease. Any exposed connections should be well wrapped with that rubberized electricians tape first, then with regular. > Resetting either access point will keep the link down for at least 30 > minutes. This seems to point to signal quality issues. This could be interference as others have suggested. Few things to try (in order of less work, less $$$): 1.) Try different 802.11 channels. Pick one of 1, 6, or 12 as they are the only non-overlapping spectrum. Set this manually on both ends 2.) if yaggi type antennas, try changing the polarity. If it's vertical now, try horizontal or vice versa (both ends should be the same for maximum gain!) 3.) Try even higher gain "dish" style antennas (these have circular polarity) 4.) Use APs that do 802.11a or n. These are much less susceptible to interference. This probably also means changing/adding antennas. *.) Bonus idea: Google roll your own dsl (assuming both locations have the same CO). Basically: get a dry pair (no dialtone) from the telco going from location A to Location B; buy two sdsl modems and install at each end; hopefully enjoy a few-several Mb connection! ~JasonG smime.p7s Description: S/MIME cryptographic signature
Telephones for Noisy Data Centers
The ones I can recommend in that line are the headsets from David Clark. I've used these for decades in some of the harshest noise locations with great success. While most of the adaptors I use are home made I suspect that they can supply one for about any application. They have for me. http://www.davidclark.com/ regards Rick Try noice-canceling aviation headsets (GA or helicopter models have truly amazing noise suppression). High-end models come with cellphone interface. I don't think cellphones will work in many data centers, but I think rigging interface from a normal cordless phone to the headset is pretty simple. The better of these headsets (Bose X, Sennheiser HMC460, Zulu Lightspeed, etc) have additional digital signal processing for getting voice out of noise - if you don't mind expense:) --vadim > Michael J McCafferty wrote: > > All, > > I'd be OK if we were in a facility that was only average in terms of > > noise, but we are not. I need an exceptional phone for the data center. > > Something that doesn't transmit the horrible background noise to the > > other end, and something that is loud without being painful for the user > > of this phone. Cordless would be very fine, headset is excellent. > > Ordinary desk phone is OK... but the most important thing is that it > > works for clear communication. A loud ringer would great too... but if > > the best phone doesn't have one, I'll get an auxiliary ringer. > > > > Does anyone have a phone model that they find to be excellent in a > > louder than usual data center?
RE: Wireless bridge
> From: Michael Dillon [mailto:wavetos...@googlemail.com] > > (for example, after a good thunderstorm, the wireless link will be > down for > > at least 12 hours, but will fix itself eventually. > > Sounds like there are trees in the line of sight, and maybe they are > getting > leafier over the years. The only solution to that is to change the path > if > it is possible. The line of sight is all clear, no trees. Only one building along the way has a rooftop of similar height, but the antennas are extended far above the roofline. We have used a rifle scope to confirm line of sight is all clear at all angles. > From: Tim Huffman [mailto:t...@bobbroadband.com] > We're a WISP, so I have lots of experience with this kind of thing. The > problem with using 2.4GHz equipment is that there's a whole lot of > noise out there (run Network Stumbler sometime on a laptop with a > wireless card, and you'll be shocked by just how many wi-fi APs are > floating around). > Oh I know. Luckily it's located in an industrial area just on the outskirts of the city. There isn't a lot of other WiFi (in my opinion); 3-5 total SSIDs spread across 2 of the 3 physical channels (1,6,11) depending on which rooftop you measure from. > You didn't mention your bandwidth requirements, but I'm assuming that > you're trying to get more (and spend less), so I'll only recommend > unlicensed gear. For that distance, you might want to consider using a > 5.2GHz radio. The FCC limits their transmit power, so they only work > well in short-range applications (>2 miles or so), and 5.2GHz doesn't > propagate the way that 2.4GHz does, so there tends to be much less > noise in that band. > Bandwidth requirements aren't too picky. If it can handle minimum 9 Mbps full-duplex everyone will be happy. Of course, the faster the better. I don't know if it makes a difference or not but this is all taking place in Canada. I don't know of any regulations drastically different from the U.S's regarding frequency use here. The biggest problem I've ever had though has just been payment/shipping depending on the supplier (some don't ship to Canada or are very specific about payment methods!). Just to answer a few more questions I've been getting, the access points are located inside, connected to a small UPS. The antenna wire is a very thick coax up to the roof, BNC connectors to the access point and I'm fairly certain BNC connectors on the antenna end as well. I'll double check grounding on the poles but I'm somewhat afraid to turn it into a lightning rod. I'm fairly certain that the ground in the antenna wire is clean but again, something to double check. Rain/moisture doesn't seem to cause problems. In fact the connection is more reliable through the winter. The last 2 months here have been cold/warm, dry/wet and there's been no pattern to the stability issues. The only correlation between weather and stability that they have noticed there is lightning related. > From: Jason Gurtz [mailto:jasongu...@npumail.com] > Are you sure there's not a moisture problem in the antennae cabling? I hope I just answered most of your questions Jason. Good tips to check for too. I'll answer more of your specific questions ASAP. Thanks everyone for the responses so far on and off list. I've been getting lots of product suggestions as well as ideas for troubleshooting the current implementation for the short term. I'm working on another project for today so I've just been skimming through the responses. Later tonight I'll go through all the options in more detail and report back/answer more questions. Keep 'em coming and thanks again, Peter
question about Mark Koster's ARIN presentation
This message is sent to the whole nanog list, rather than the nanog-attendees list, as I'm not sure who would be watching that list when the conference is over. I stood up to ask a question at the end of Mark Koster's presentation yesterday, but before I got to the end of the table, he was being applauded and leaving the stage. I must be too short. The presentation said that ARIN would be doing a lot of work to improve the IRR. The last I asked, the ARIN IRR did not support the RPSS (Routing Policy System Security - RFC2725). RIPE supports this, I know. Will the ARIN improvements include support for RPSS? The presentation talked about the RPKI pilot, and Mark said that ARIN would be using the RIPE code. I believe RIPE has or had a couple different attempts at this, so I'm not sure what features the code you use will have. Will you have the ability to hand certs to ISPs so that they can do their own cert generation for the allocations they hand to their own customers? I.e., is ARIN going to run a service just for its members, or will it enable its members to participate in the RPKI themselves? --Sandy
RE: Wireless bridge
On Thu, 2009-06-18 at 11:54 -0400, Peter Boone wrote: > Oh I know. Luckily it's located in an industrial area just on the > outskirts > of the city. There isn't a lot of other WiFi (in my opinion); 3-5 > total > SSIDs spread across 2 of the 3 physical channels (1,6,11) depending on > which > rooftop you measure from. 2.4 and 5GHz license-free Wifi is license free because the frequencies are shared with the ISM (Industrial/Scientific/Medical) services. In an industrial area, competing WiFi is the least of your worries. These frequencies are also used by industrial grade heating units. Got anyone in the neighbourhood running a large plastic shrink wrap machine, for example? You can't directly detect these other users with a Wifi transceiver. Depending on the nature of the interference you *might* be able to hear it directly on a scanner (if you can find one that covers those frequencies), but you really need a good spectrum analyzer to tell what's going on. Anyway, don't assume the competition for spectrum is only other Wifi units. --lyndon
Re: NANOG Digest, Vol 17, Issue 51
Cisco aironet ...reliable and the ony way to go ... Chris ledford CCNA CCSP CWLSS --Original Message-- From: nanog-requ...@nanog.org To: nanog@nanog.org ReplyTo: nanog@nanog.org Subject: NANOG Digest, Vol 17, Issue 51 Sent: Jun 18, 2009 9:23 AM Send NANOG mailing list submissions to nanog@nanog.org To subscribe or unsubscribe via the World Wide Web, visit http://mailman.nanog.org/mailman/listinfo/nanog or, via email, send a message with subject or body 'help' to nanog-requ...@nanog.org You can reach the person managing the list at nanog-ow...@nanog.org When replying, please edit your Subject line so it is more specific than "Re: Contents of NANOG digest..." Today's Topics: 1. Wireless bridge (Peter Boone) 2. Re: Wireless bridge (Jared Mauch) 3. Re: WISP NMS recommendations (Patrick Shoemaker) 4. Re: Wireless bridge (Joe Tyson) 5. Re: Wireless bridge (Chuck Anderson) 6. Re: Wireless bridge (Roy) 7. Re: Wireless bridge (Curtis Maurand) 8. Re: Wireless bridge (Joel Jaeggli) -- Message: 1 Date: Thu, 18 Jun 2009 09:05:56 -0400 From: "Peter Boone" Subject: Wireless bridge To: Message-ID: <005c01c9f015$852ae490$8f80ad...@com> Content-Type: text/plain; charset="us-ascii" Hi NANOG, I'm looking for some equipment recommendations for a wireless bridge between two locations approximately 500-800 meters apart. The current setup for this company has been extremely unstable and slow. I don't have a lot of experience in this area so I was hoping someone could give me a few pointers. Currently, both locations are using Linksys WRT54GL's flashed with DD-WRT firmware (Yes, 802.11g. All extra bells and whistles are disabled in the firmware. They were set up for WDS so other wireless clients could connect to the same access point, with varying degrees of success. Not very important). They are connected to SmartAnt 2300-2500 MHz 14 dBi directional antenna mounted on the roof (extended pretty high for perfect line of sight). I'm not sure when they got these antenna exactly but I'm told it was when WiFi was very new. The network is very small so both locations share the same subnet (192.168.1.0/24). They have gone through numerous Linksys access points over the years. The wireless settings are tweaked as best as possible, and we have found the connection to be most stable when the TX is limited to 6-9 Mbps. We have explored other options as well. An internet connection at each location + VPN is out due to very slow upstream speeds (the buildings are in an industrial area, ADSL is the only option.) The max they offer on regular business accounts is 800 kbps up. T1 lines are even slower and even more expensive. They won't offer us any other solutions such as fibre. We have considered running fibre/coax but there is too much construction activity and other property in the way. I'm looking into RouterBOARD right now, considering a RB433AH and R52H wireless card, but I'm not sure this will actually solve the problem. It's difficult to determine if the issue is with the antennas or access points (for example, after a good thunderstorm, the wireless link will be down for at least 12 hours, but will fix itself eventually. Resetting either access point will keep the link down for at least 30 minutes. Using an airgun on the access points tends to make them more reliable, even if they are clean and dust free. From the admin interface, each access point will report seeing a very good and strong signal from the other, yet they refuse to communicate until they feel like it a few hours later.) Any suggestions welcome. I'm sure you can tell cost is a bit of a factor here but it will be easy for me to justify a higher price if I'm confident it will be effective. While I'm at it, I've been reading along on the list for over a year now; thanks everyone for sharing your real world experiences :) Peter -- Message: 2 Date: Thu, 18 Jun 2009 09:18:24 -0400 From: Jared Mauch Subject: Re: Wireless bridge To: Peter Boone Cc: nanog@nanog.org Message-ID: <20090618131824.ga25...@puck.nether.net> Content-Type: text/plain; charset=us-ascii On Thu, Jun 18, 2009 at 09:05:56AM -0400, Peter Boone wrote: > Hi NANOG, > > I'm looking for some equipment recommendations for a wireless bridge between > two locations approximately 500-800 meters apart. The current setup for this > company has been extremely unstable and slow. I don't have a lot of > experience in this area so I was hoping someone could give me a few > pointers. I've had good luck with Cisco Aironet gear running in repeater mode. I've done the cheap linksys thing as well and it just did not work as well as using some equipment that was better designed. I have actually found the non-IOS software on the aironet 350/340 to be more usable than the IOS software. You need to have your netwo
RE: Wireless bridge
> The line of sight is all clear, no trees. Only one building along the way > has a rooftop of similar height, but the antennas are extended far above > the > roofline. We have used a rifle scope to confirm line of sight is all clear > at all angles. > Unfortunately, you can't necessarily rely on visual line of sight. At 800meters, the Fresnel Zone on your radio is about 14ft in diameter at the midpoint. You need to make sure that this is free of obstructions. > Oh I know. Luckily it's located in an industrial area just on the > outskirts > of the city. There isn't a lot of other WiFi (in my opinion); 3-5 total > SSIDs spread across 2 of the 3 physical channels (1,6,11) depending on > which > rooftop you measure from. > Make sure you're using the channel that doesn't have an AP on it! > > Bandwidth requirements aren't too picky. If it can handle minimum 9 Mbps > full-duplex everyone will be happy. Of course, the faster the better. > I don't know if it makes a difference or not but this is all taking place > in > Canada. I don't know of any regulations drastically different from the > U.S's > regarding frequency use here. The biggest problem I've ever had though has > just been payment/shipping depending on the supplier (some don't ship to > Canada or are very specific about payment methods!). Canadian and US regulations are very similar in the unlicensed bands. I'd still pick 5.2GHz if you were replacing the radio. > > > Just to answer a few more questions I've been getting, the access points > are > located inside, connected to a small UPS. The antenna wire is a very thick > coax up to the roof, BNC connectors to the access point and I'm fairly > certain BNC connectors on the antenna end as well. I'll double check > grounding on the poles but I'm somewhat afraid to turn it into a lightning > rod. I'm fairly certain that the ground in the antenna wire is clean but > again, something to double check. How long is your cable run, and what kind of cable is it? It's probably LMR-400 (the most common) loses about 6.6dB of your signal for every 100 feet. Also, you should check the waterproofing on the connector at the antenna. We normally use a 'courtesy wrap' of electrical tape, followed by a thick layer of Mastic tape, followed by another layer of electrical tape. Also, check your cable for nicks or kinks. > > Rain/moisture doesn't seem to cause problems. In fact the connection is > more > reliable through the winter. The last 2 months here have been cold/warm, > dry/wet and there's been no pattern to the stability issues. The only > correlation between weather and stability that they have noticed there is > lightning related. Moisture in the cables doesn't necessarily show up during rain! That moisture can seep throughout the cable, and cause attenuation when it gets cool and the moisture condenses, for example. You haven't said what kind of antennas you are using, but if they are yagi's, they probably have very poor back-to-front ratios, which means that you could be picking up interference from behind you, or on the sides, especially if the antennas are up above the tree cover. You might try horizontal polarization on the antennas (just rotate them 90 degrees, but make sure you do it on BOTH sides!) to see if that helps. Cross-polarization is usually good for about 20dB of noise rejection. The fact that there doesn't seem to be any pattern to your loss means that it's probably either interference (somebody changing channels), hardware failure, or software failure. Hope this helps. -- Tim Huffman Director of Engineering Business Only Broadband, LLC O (630) 590-6012 C (630) 340-1925 t...@bobbroadband.com www.bobbroadband.com
Re: Unicast Flooding
On 6/18/09, Brian Shope wrote: > Thanks for all the good info.. > > So it sounds like changing my CAM timeout to 4 hours is the best > suggestion. Anyone have any problems when implementing this? Not as long as all the user ports have portfast enabled. Without portfast, when a port goes up or down it causes a topology change notification which sets the fast aging timer and the cam table entries age out in something like 15 seconds. Regards, Lee
RE: Wireless bridge
To come up with an accurate recommendation one really needs to know your budget, on that distance speeds up to 1 gbit/sec are possible if you spend enough on the radios...Do you have some cost and desired throughput parameters to guide everyone's recommendations? -Original Message- From: Tim Huffman [mailto:t...@bobbroadband.com] Sent: Thursday, June 18, 2009 9:27 AM To: nanog@nanog.org Subject: RE: Wireless bridge > The line of sight is all clear, no trees. Only one building along the way > has a rooftop of similar height, but the antennas are extended far above > the > roofline. We have used a rifle scope to confirm line of sight is all clear > at all angles. > Unfortunately, you can't necessarily rely on visual line of sight. At 800meters, the Fresnel Zone on your radio is about 14ft in diameter at the midpoint. You need to make sure that this is free of obstructions. > Oh I know. Luckily it's located in an industrial area just on the > outskirts > of the city. There isn't a lot of other WiFi (in my opinion); 3-5 total > SSIDs spread across 2 of the 3 physical channels (1,6,11) depending on > which > rooftop you measure from. > Make sure you're using the channel that doesn't have an AP on it! > > Bandwidth requirements aren't too picky. If it can handle minimum 9 Mbps > full-duplex everyone will be happy. Of course, the faster the better. > I don't know if it makes a difference or not but this is all taking place > in > Canada. I don't know of any regulations drastically different from the > U.S's > regarding frequency use here. The biggest problem I've ever had though has > just been payment/shipping depending on the supplier (some don't ship to > Canada or are very specific about payment methods!). Canadian and US regulations are very similar in the unlicensed bands. I'd still pick 5.2GHz if you were replacing the radio. > > > Just to answer a few more questions I've been getting, the access points > are > located inside, connected to a small UPS. The antenna wire is a very thick > coax up to the roof, BNC connectors to the access point and I'm fairly > certain BNC connectors on the antenna end as well. I'll double check > grounding on the poles but I'm somewhat afraid to turn it into a lightning > rod. I'm fairly certain that the ground in the antenna wire is clean but > again, something to double check. How long is your cable run, and what kind of cable is it? It's probably LMR-400 (the most common) loses about 6.6dB of your signal for every 100 feet. Also, you should check the waterproofing on the connector at the antenna. We normally use a 'courtesy wrap' of electrical tape, followed by a thick layer of Mastic tape, followed by another layer of electrical tape. Also, check your cable for nicks or kinks. > > Rain/moisture doesn't seem to cause problems. In fact the connection is > more > reliable through the winter. The last 2 months here have been cold/warm, > dry/wet and there's been no pattern to the stability issues. The only > correlation between weather and stability that they have noticed there is > lightning related. Moisture in the cables doesn't necessarily show up during rain! That moisture can seep throughout the cable, and cause attenuation when it gets cool and the moisture condenses, for example. You haven't said what kind of antennas you are using, but if they are yagi's, they probably have very poor back-to-front ratios, which means that you could be picking up interference from behind you, or on the sides, especially if the antennas are up above the tree cover. You might try horizontal polarization on the antennas (just rotate them 90 degrees, but make sure you do it on BOTH sides!) to see if that helps. Cross-polarization is usually good for about 20dB of noise rejection. The fact that there doesn't seem to be any pattern to your loss means that it's probably either interference (somebody changing channels), hardware failure, or software failure. Hope this helps. -- Tim Huffman Director of Engineering Business Only Broadband, LLC O (630) 590-6012 C (630) 340-1925 t...@bobbroadband.com www.bobbroadband.com
RE: Wireless bridge
> -Original Message- > From: Lyndon Nerenberg [mailto:lyn...@orthanc.ca] > Sent: June 18, 2009 12:11 PM > To: Peter Boone > Cc: nanog@nanog.org > Subject: RE: Wireless bridge > > On Thu, 2009-06-18 at 11:54 -0400, Peter Boone wrote: > > Oh I know. Luckily it's located in an industrial area just on the > > outskirts > > of the city. There isn't a lot of other WiFi (in my opinion); 3-5 > > total > > SSIDs spread across 2 of the 3 physical channels (1,6,11) depending > on > > which > > rooftop you measure from. > > 2.4 and 5GHz license-free Wifi is license free because the frequencies > are shared with the ISM (Industrial/Scientific/Medical) services. In an > industrial area, competing WiFi is the least of your worries. These > frequencies are also used by industrial grade heating units. Got anyone > in the neighbourhood running a large plastic shrink wrap machine, for > example? Within range of the beam, not that I know of. The biggest building is just a supplier, there's 2 other small buildings, not 100% sure what they do though. > You can't directly detect these other users with a Wifi transceiver. > Depending on the nature of the interference you *might* be able to hear > it directly on a scanner (if you can find one that covers those > frequencies), but you really need a good spectrum analyzer to tell > what's going on. > > Anyway, don't assume the competition for spectrum is only other Wifi > units. > > --lyndon I don't have a spectrum analyzer available to me (I've found a USB one for $200 designed for WiFi that will pick up any non-wifi noise around the frequency range too). Each access point reports a good signal. From what I recall (not on site today) the noise is very minimal. Noise anywhere from -98 to -85 with the signal at -20 to -40. The SNR is 30+, even when the connection isn't working. The DDWRT firmware reports a Signal Quality as a percentage as well: it's generally high, 80%+ (not sure exactly how it's calculated though, I've seen it fluctuate while the Signal and Noise remain about the same). These readings are consistent at both access points, and remain about the same on each of the 3 physical channels. Hard to tell for sure since the firmware doesn't keep any averages or historical statistics on the signals, and no one has the time to sit around and take a reading every few minutes. Peter
Re: Wireless bridge
Jason Gurtz wrote: Are you sure there's not a moisture problem in the antennae cabling? Get an SWR meter that can handle the 2.4 GHz range and make sure that SWR is very low (approaching 1:1 but certainly less than 2:1). Hook up the meter in-line at the AP. Test this after everything is wet and again when there's been a dry spell. Minimize the number of exposed connections and use dielectric grease. Use dielectric grease sparingly on the outer threads of the connector. Don't let it get in contact with the inside where it bridges the center pin and the shield. This will cause nasty impedance bumps. The inside of the connector should be dry. The grease on the threads helps to ensure this. Any exposed connections should be well wrapped with that rubberized electricians tape first, then with regular. Yep, the stretchy stuff. 3M type 23. -- Jay Hennigan - CCIE #7880 - Network Engineering - j...@impulse.net Impulse Internet Service - http://www.impulse.net/ Your local telephone and internet company - 805 884-6323 - WB6RDV
Re: Wireless bridge
> Jason Gurtz wrote: > >> Are you sure there's not a moisture problem in the antennae cabling? Get >> an SWR meter that can handle the 2.4 GHz range and make sure that SWR is >> very low (approaching 1:1 but certainly less than 2:1). Hook up the >> meter >> in-line at the AP. Test this after everything is wet and again when >> there's been a dry spell. Minimize the number of exposed connections and >> use dielectric grease. Alternatively using an antenna with integrated ap like the one's I referred to previously (they have a nice cast enclosure for radio and a screw down bulkhead with gasket for the cable) eliminates the need for runs of rf coax at all and also deals handily with the necessity for an outdoor enclosure for the linksys ap. I would use outdoor rated cat-5 for the run up to the ap.
Re: spamhaus drop list
> Date: Tue, 16 Jun 2009 19:49:36 -0400 > From: Bret Clark > Subject: Re: spamhaus drop list > > John Levine wrote: > > Not that I've ever seen. Nobody else has the breadth of data that > > Spamhaus does. > > > > I've been using it for ages and based on zero complaints, it's never > > blocked anything that any of my users wanted. > > > > R's, > > John > > I have to agree with this...I'm somewhat surprised to see some of the > comments here. Methinks "consider the source", when evaluating the 'meaningfulness' of the comlaints, goes a long way towards clarifying the situation. In -that- light, I'm really not all that 'surprised' at what shook loose from the belfry.
Re: Wireless bridge
Lyndon Nerenberg wrote: On Thu, 2009-06-18 at 11:54 -0400, Peter Boone wrote: Oh I know. Luckily it's located in an industrial area just on the outskirts of the city. There isn't a lot of other WiFi (in my opinion); 3-5 total SSIDs spread across 2 of the 3 physical channels (1,6,11) depending on which rooftop you measure from. 2.4 and 5GHz license-free Wifi is license free because the frequencies are shared with the ISM (Industrial/Scientific/Medical) services. In an industrial area, competing WiFi is the least of your worries. These frequencies are also used by industrial grade heating units. Got anyone in the neighbourhood running a large plastic shrink wrap machine, for example? Motion sensors also run in the 2.4GHz range. You can't directly detect these other users with a Wifi transceiver. Depending on the nature of the interference you *might* be able to hear it directly on a scanner (if you can find one that covers those frequencies), but you really need a good spectrum analyzer to tell what's going on. Anyway, don't assume the competition for spectrum is only other Wifi units. --lyndon
Re: Wireless bridge
Might I suggest Ubnt.com ? Or a vendor that I use http://www.wlanparts.com/category/ubiquiti/ Couple of these http://www.wlanparts.com/product/BULLET2-D13/Ubiquiti_BULLET2_and_13dBi_24GHz_Panel_Antenna__BULLET2D13.html (100.00 per side or so). Peter Boone wrote: Hi NANOG, I'm looking for some equipment recommendations for a wireless bridge between two locations approximately 500-800 meters apart. The current setup for this company has been extremely unstable and slow. I don't have a lot of experience in this area so I was hoping someone could give me a few pointers. Currently, both locations are using Linksys WRT54GL's flashed with DD-WRT firmware (Yes, 802.11g. All extra bells and whistles are disabled in the firmware. They were set up for WDS so other wireless clients could connect to the same access point, with varying degrees of success. Not very important). They are connected to SmartAnt 2300-2500 MHz 14 dBi directional antenna mounted on the roof (extended pretty high for perfect line of sight). I'm not sure when they got these antenna exactly but I'm told it was when WiFi was very new. The network is very small so both locations share the same subnet (192.168.1.0/24). They have gone through numerous Linksys access points over the years. The wireless settings are tweaked as best as possible, and we have found the connection to be most stable when the TX is limited to 6-9 Mbps. We have explored other options as well. An internet connection at each location + VPN is out due to very slow upstream speeds (the buildings are in an industrial area, ADSL is the only option.) The max they offer on regular business accounts is 800 kbps up. T1 lines are even slower and even more expensive. They won't offer us any other solutions such as fibre. We have considered running fibre/coax but there is too much construction activity and other property in the way. I'm looking into RouterBOARD right now, considering a RB433AH and R52H wireless card, but I'm not sure this will actually solve the problem. It's difficult to determine if the issue is with the antennas or access points (for example, after a good thunderstorm, the wireless link will be down for at least 12 hours, but will fix itself eventually. Resetting either access point will keep the link down for at least 30 minutes. Using an airgun on the access points tends to make them more reliable, even if they are clean and dust free. From the admin interface, each access point will report seeing a very good and strong signal from the other, yet they refuse to communicate until they feel like it a few hours later.) Any suggestions welcome. I'm sure you can tell cost is a bit of a factor here but it will be easy for me to justify a higher price if I'm confident it will be effective. While I'm at it, I've been reading along on the list for over a year now; thanks everyone for sharing your real world experiences :) Peter
Re: Wireless bridge
+1 for Ubnt gear! Joel Jaeggli wrote: Pair of Ubuquiti power station 2 or 5 bridges, 5 would be preferable, under $200 per end. http://www.ubnt.com/downloads/ps5_datasheet.pdf Peter Boone wrote:
Re: Wireless bridge
2.4 and 5GHz license-free Wifi is license free because the frequencies are shared with the ISM (Industrial/Scientific/Medical) services. In an industrial area, competing WiFi is the least of your worries. These frequencies are also used by industrial grade heating units. Got anyone in the neighbourhood running a large plastic shrink wrap machine, for example? Good point. You can't directly detect these other users with a Wifi transceiver. Depending on the nature of the interference you *might* be able to hear it directly on a scanner (if you can find one that covers those frequencies), but you really need a good spectrum analyzer to tell what's going on. Check out http://www.ubnt.com/airview/ for a decent one. There is also wispy.
Re: WISP NMS recommendations
This list is quite active: http://lists.wispa.org/mailman/listinfo/wireless +1 for Wispa. Several knowledgeable people on there, and it's quite active. Lately both NANOG and WISPA have had very high signal. Hopefully it keeps up! :)
Re: Wireless bridge
Peter Boone wrote: From: Michael Dillon [mailto:wavetos...@googlemail.com] (for example, after a good thunderstorm, the wireless link will be down for at least 12 hours, but will fix itself eventually. Sounds like there are trees in the line of sight, and maybe they are getting leafier over the years. The only solution to that is to change the path if it is possible. The line of sight is all clear, no trees. Only one building along the way has a rooftop of similar height, but the antennas are extended far above the roofline. We have used a rifle scope to confirm line of sight is all clear at all angles. Given that you have optical line of sight, and that your path length is only 800m, have you considered line-of-sight optical links for this application? -- Neil
tire 1 in Montreal
Hi List I'm looking for two tier 1 providers in Montreal, with independent fiber runs to the city.Which operator fit this criteria? Thanks in advance //MKS
Re: tire 1 in Montreal
check TATA Communications (former Teleglobe). regards, --nvieira - "MKS" wrote: > Hi List > > I'm looking for two tier 1 providers in Montreal, with independent > fiber runs to the city.Which operator fit this criteria? > > Thanks in advance > //MKS
Re: Wireless bridge
Couple of comments: Regarding ISM spectrum sharing: the 2.4 GHZ band (2400-2500 MHz) and the 5.8 GHz (5725-5875 MHz) are certainly shared with ISM devices- microwave ovens, induction heaters, etc. However, the 5.2 and 5.4 GHz unlicensed bands (UNII) are not shared with ISM devices. However, these bands are subject to FCC regulations that mandate radar sensing and avoidance. This means that if your radios detect the signature of a military radar system on their active channel, they will automatically shut down and begin a waiting period before switching to another channel. Mandatory 60 second outage. There are generally three classes of point-to-point high speed unlicensed data radio gear out there today: 1. Wi-fi based gear with some additional hardware and a user interface suitable for point-to-point use. Ubiquiti, Tranzeo, HGA, etc. Pretty self-explanatory. Sub-1000 range. 2. Gear using a wi-fi chipeset (Atheros, Broadcom, etc.) with a proprietary firmware load. Trango, Alvarion, Ligowave, etc. $2000-5000 range. 3. Gear using a custom designed RF interface. Motorola, Dragonwave, etc. Given your requirements, I'd encourage you to look at classes 2 and 3. Getting any decent amount of reliability from vanilla 802.11 equipment is (as you've found) difficult. Gear in categories 2 and 3 from above will generally have a built in spectrum analyzer of some sort that will be able to see interference not caused by 802.11 devices, performance monitoring systems (BER reporting, event logs, etc), SNMP capability, etc. Definitely choose a system with an integrated antenna. You want a directional antenna such as a patch array (panel) integrated with the radio. Messing around with RF cabling, connectors, etc. is not necessary with what you're trying to do. Minimize the potential points of failure. Lightning protection is a concern. Most of this gear is PoE powered, so you'll have a single cat-5 going to the roof. Make sure it's protected with an Ethernet surge suppressor that is properly grounded. Follow the radio manufacturer's recommendations here. Your antenna mount must also be grounded according to NEC requirements. The Motorola PTP400 series radio that was recommended is one of the best unlicensed point to point radios out there. However, it's been EOL'd and replaced by the PTP500. Seems like these are both out of your budget, though. As an alternative, you might consider looking at the Trango TLink45. This radio uses a proprietary firmware and an Atheros WiFi chipset. It has a rudimentary spectrum analyzer, SNMP, ARQ (important), and adaptive rate modulation. It also has a dual-polarity software switchable antenna. This greatly increases your ability to avoid interference. It will run in the 5.3, 5.4, or 5.8 GHz unlicensed bands. They retail at about $4000 for a pair, but Trango routinely runs specials. They were on special for $1700 per pair in April. The WISPA list is a great resource for help with projects like this. Patrick Shoemaker Vector Data Systems LLC shoemak...@vectordatasystems.com office: (301) 358-1690 x36 http://www.vectordatasystems.com Message: 6 Date: Thu, 18 Jun 2009 13:13:17 -0400 From: Curtis Maurand Subject: Re: Wireless bridge To: Lyndon Nerenberg Cc: nanog@nanog.org, Peter Boone Message-ID: <4a3a75ad.8090...@xyonet.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Lyndon Nerenberg wrote: > On Thu, 2009-06-18 at 11:54 -0400, Peter Boone wrote: > >> Oh I know. Luckily it's located in an industrial area just on the >> outskirts >> of the city. There isn't a lot of other WiFi (in my opinion); 3-5 >> total >> SSIDs spread across 2 of the 3 physical channels (1,6,11) depending on >> which >> rooftop you measure from. >> > > 2.4 and 5GHz license-free Wifi is license free because the frequencies > are shared with the ISM (Industrial/Scientific/Medical) services. In an > industrial area, competing WiFi is the least of your worries. These > frequencies are also used by industrial grade heating units. Got anyone > in the neighbourhood running a large plastic shrink wrap machine, for > example? > > Motion sensors also run in the 2.4GHz range. > You can't directly detect these other users with a Wifi transceiver. > Depending on the nature of the interference you *might* be able to hear > it directly on a scanner (if you can find one that covers those > frequencies), but you really need a good spectrum analyzer to tell > what's going on. > > Anyway, don't assume the competition for spectrum is only other Wifi > units. > > --lyndon > > >
RE: Wireless bridge
On Thu, 2009-06-18 at 09:34 -0700, John van Oppen wrote: > -Original Message- > From: Tim Huffman [mailto:t...@bobbroadband.com] > Sent: Thursday, June 18, 2009 9:27 AM > To: nanog@nanog.org > Subject: RE: Wireless bridge > > > The line of sight is all clear, no trees. Only one building along > the > way > > has a rooftop of similar height, but the antennas are extended far > above > > the > > roofline. We have used a rifle scope to confirm line of sight is all > clear > > at all angles. > > > > Unfortunately, you can't necessarily rely on visual line of sight. At > 800meters, the Fresnel Zone on your radio is about 14ft in diameter at > the midpoint. You need to make sure that this is free of obstructions. > Not only that, the radios may actually be screaming at each other at those distances which will affect performance
RE: Telephones for Noisy Data Centers
I use the Peltor Bluetooth headset in our datacenter. Works better than most earplugs for noise attenuation, plus as a cell phone headset it has the noise cancelling microphone. The construction quality is really good, it could be used on a construction site without issues. I highly recommend it. http://www.peltor.se/int/Product.asp?PageNumber=144&ProductCategory_Id=9 &Product_Id=25 Thanks Sameer Khosla Managing Director Neutral Data Centers Corp. 416 682 3434 x5002 (w) 416 682 3435 (f) -Original Message- From: Michael J McCafferty [mailto:m...@m5computersecurity.com] Sent: Wednesday, June 17, 2009 9:32 PM To: nanog Subject: Telephones for Noisy Data Centers All, I'd be OK if we were in a facility that was only average in terms of noise, but we are not. I need an exceptional phone for the data center. Something that doesn't transmit the horrible background noise to the other end, and something that is loud without being painful for the user of this phone. Cordless would be very fine, headset is excellent. Ordinary desk phone is OK... but the most important thing is that it works for clear communication. A loud ringer would great too... but if the best phone doesn't have one, I'll get an auxiliary ringer. Does anyone have a phone model that they find to be excellent in a louder than usual data center? Thanks! Mike -- Michael J. McCafferty Principal, Security Engineer M5 Hosting http://www.m5hosting.com You can have your own custom Dedicated Server up and running today ! RedHat Enterprise, CentOS, Ubuntu, Debian, OpenBSD, FreeBSD, and more
Re: Unicast Flooding
Relying on a TCN would yield very inconsistent results. Lee wrote: > On 6/18/09, Brian Shope wrote: > >> Thanks for all the good info.. >> >> So it sounds like changing my CAM timeout to 4 hours is the best >> suggestion. Anyone have any problems when implementing this? >> > > Not as long as all the user ports have portfast enabled. Without > portfast, when a port goes up or down it causes a topology change > notification which sets the fast aging timer and the cam table entries > age out in something like 15 seconds. > > Regards, > Lee > > -- Steve King Network Engineer - Liquid Web, Inc. Cisco Certified Network Associate CompTIA Linux+ Certified Professional CompTIA A+ Certified Professional
Re: Unicast Flooding
Brian, > The first is preventing it in the first place. As annoying as this might sound, this is one of the standard operating modes for load balancing within a Microsoft server cluster (see NLB). We've tried to avoid it, but it seems to come up around once a year from someone on our campus... Eric :)
Is your ISP blocking outgoing port 25?
It has been long heard that many ISPs block outgoing port 25 for the purpose of reducing spam originated from their network. I wonder which ISPs are still doing so. I know comcast has been doing that but they cancelled it after many complaints. It seems to be the same case for Verizon. AT&T is the major one that I know of that is still enforcing this policy. But they said they can unblock port 25 upon request. I am not sure how easy it is. One simple way to test if your ISP is blocking outgoing port 25 is to try: "telnet mx2.hotmail.com 25" or "telnet gmail-smtp-in.l.google.com 25". If the connection fails, it could be due to the fact your ISP is blocking outgoing port 25, although it can also be other reasons such as local firewall configuration. Can someone perform the test and let me know result if possible? Thanks a lot! Regards. -Zhiyun
Re: question about Mark Koster's ARIN presentation
Le jeudi 18 juin 2009 à 12:05 -0400, Sandy Murphy a écrit : > This message is sent to the whole nanog list, rather than the > nanog-attendees list, How come there is a nanog-attendees list disjunct from the nanog list. Wouldn't it be natural to broadcast any kind of content to the entire community? Cheers, mh > as I'm not sure who would be watching that > list when the conference is over. > > I stood up to ask a question at the end of Mark Koster's presentation > yesterday, but before I got to the end of the table, he was being applauded > and leaving the stage. I must be too short. > > The presentation said that ARIN would be doing a lot of work to > improve the IRR. The last I asked, the ARIN IRR did not support the > RPSS (Routing Policy System Security - RFC2725). RIPE supports this, > I know. Will the ARIN improvements include support for RPSS? Interesting, yes. > > The presentation talked about the RPKI pilot, and Mark said that > ARIN would be using the RIPE code. I believe RIPE has or had a couple > different attempts at this, so I'm not sure what features the code > you use will have. Will you have the ability to hand certs to ISPs > so that they can do their own cert generation for the allocations > they hand to their own customers? I.e., is ARIN going to run a > service just for its members, or will it enable its members to > participate in the RPKI themselves? > As well. > --Sandy > mh -- michael hallgren, mh2198-ripe signature.asc Description: Ceci est une partie de message numériquement signée
RE: Is your ISP blocking outgoing port 25?
We still do it and never get any complaints - we don't filter static IP customers but dynamic customers can either use our SMTP relays or alternate ports Paul -Original Message- From: Zhiyun Qian [mailto:zhiy...@umich.edu] Sent: Thursday, June 18, 2009 3:37 PM To: nanog@nanog.org Subject: Is your ISP blocking outgoing port 25? It has been long heard that many ISPs block outgoing port 25 for the purpose of reducing spam originated from their network. I wonder which ISPs are still doing so. I know comcast has been doing that but they cancelled it after many complaints. It seems to be the same case for Verizon. AT&T is the major one that I know of that is still enforcing this policy. But they said they can unblock port 25 upon request. I am not sure how easy it is. One simple way to test if your ISP is blocking outgoing port 25 is to try: "telnet mx2.hotmail.com 25" or "telnet gmail-smtp-in.l.google.com 25". If the connection fails, it could be due to the fact your ISP is blocking outgoing port 25, although it can also be other reasons such as local firewall configuration. Can someone perform the test and let me know result if possible? Thanks a lot! Regards. -Zhiyun "The information transmitted is intended only for the person or entity to which it is addressed and contains confidential and/or privileged material. If you received this in error, please contact the sender immediately and then destroy this transmission, including all attachments, without copying, distributing or disclosing same. Thank you."
Re: question about Mark Koster's ARIN presentation
On Thu, 18 Jun 2009 21:35:53 +0200, Michael Hallgren said: > How come there is a nanog-attendees list disjunct from the nanog list. > Wouldn't it be natural to broadcast any kind of content to the > entire community? Umm... "Presentation XYZ has been moved from the Blue Room to the Paisley Room" and similar administrivia of interest only to actual attendees? pgpc0lMTjt40Q.pgp Description: PGP signature
Re: question about Mark Koster's ARIN presentation
On Jun 18, 2009, at 12:35 PM, Michael Hallgren wrote: Le jeudi 18 juin 2009 à 12:05 -0400, Sandy Murphy a écrit : This message is sent to the whole nanog list, rather than the nanog-attendees list, How come there is a nanog-attendees list disjunct from the nanog list. Wouldn't it be natural to broadcast any kind of content to the entire community? nanog-attendees is intended to be used for social and specific conference related topics. Topics discussed at the conference with operational relevance should be here on the main list. If anyone feels the need to follow up on the nanog-attendees/nanog distinction, please do so on nanog-futures. Thanks! Kris MLC Chair
Re: Is your ISP blocking outgoing port 25?
Zhiyun Qian wrote: It has been long heard that many ISPs block outgoing port 25 for the purpose of reducing spam originated from their network. Well blocking or redirecting to there servers, which have an undocumented filtering policy. All one needs to do in order to bypass that is use a vpn. Something lightweight like n2n could be used by the bot herders of the world. I worked for a company that sent out several hundred thousand messages per day (an online card/invitations company). We ran spam assassian on our outbound farm, to prevent folks from using us to send spam. I presume the large service providers do the same. AT&T is the major one that I know of that is still enforcing this policy. But they said they can unblock port 25 upon request. I am not sure how easy it is. It's trivial. A web form. You get the link when you try to send mail to port 25 anywhere else. At least with Yahoo/SBC dsl. I got the business class DSL from AT&T and no such nonsense exists.
Re: question about Mark Koster's ARIN presentation
Michael Hallgren wrote: Le jeudi 18 juin 2009 à 12:05 -0400, Sandy Murphy a écrit : This message is sent to the whole nanog list, rather than the nanog-attendees list, How come there is a nanog-attendees list disjunct from the nanog list. Wouldn't it be natural to broadcast any kind of content to the entire community? Before we had a nanog-attendees list, the nanog list would be bombarded with posts that were of no interest to people who weren't actually at the conference, such as issues with the conference wifi, issues with schedule conflicts, chatter about outside events in the host city, etc. It makes perfect sense to have a nanog-attendees list to keep those discussions off the main nanog list. I believe you can join the nanog attendees list without actually attending a nanog conference, if you want to get everything-nanog in your inbox. jc
Re: Is your ISP blocking outgoing port 25?
Do you provide your users an SMTP server to use, with some out bound spam filtering? It would seem this is to be expected, as you don't want your IP ranges showing up on RBL filters. Do you force SSL connectivity like AT&T does? Paul Stewart wrote: We still do it and never get any complaints - we don't filter static IP customers but dynamic customers can either use our SMTP relays or alternate ports Paul -Original Message- From: Zhiyun Qian [mailto:zhiy...@umich.edu] Sent: Thursday, June 18, 2009 3:37 PM To: nanog@nanog.org Subject: Is your ISP blocking outgoing port 25? It has been long heard that many ISPs block outgoing port 25 for the purpose of reducing spam originated from their network. I wonder which ISPs are still doing so. I know comcast has been doing that but they cancelled it after many complaints. It seems to be the same case for Verizon. AT&T is the major one that I know of that is still enforcing this policy. But they said they can unblock port 25 upon request. I am not sure how easy it is. One simple way to test if your ISP is blocking outgoing port 25 is to try: "telnet mx2.hotmail.com 25" or "telnet gmail-smtp-in.l.google.com 25". If the connection fails, it could be due to the fact your ISP is blocking outgoing port 25, although it can also be other reasons such as local firewall configuration. Can someone perform the test and let me know result if possible? Thanks a lot! Regards. -Zhiyun "The information transmitted is intended only for the person or entity to which it is addressed and contains confidential and/or privileged material. If you received this in error, please contact the sender immediately and then destroy this transmission, including all attachments, without copying, distributing or disclosing same. Thank you."
RE: Is your ISP blocking outgoing port 25?
We don't force SSL but do have several SMTP servers they can use -Original Message- From: Charles Wyble [mailto:char...@thewybles.com] Sent: Thursday, June 18, 2009 3:55 PM To: NANOG list Subject: Re: Is your ISP blocking outgoing port 25? Do you provide your users an SMTP server to use, with some out bound spam filtering? It would seem this is to be expected, as you don't want your IP ranges showing up on RBL filters. Do you force SSL connectivity like AT&T does? Paul Stewart wrote: > We still do it and never get any complaints - we don't filter static IP > customers but dynamic customers can either use our SMTP relays or > alternate ports > > Paul > > > -Original Message- > From: Zhiyun Qian [mailto:zhiy...@umich.edu] > Sent: Thursday, June 18, 2009 3:37 PM > To: nanog@nanog.org > Subject: Is your ISP blocking outgoing port 25? > > It has been long heard that many ISPs block outgoing port 25 for the > purpose > of reducing spam originated from their network. > > I wonder which ISPs are still doing so. I know comcast has been doing > that > but they cancelled it after many complaints. It seems to be the same > case > for Verizon. > > AT&T is the major one that I know of that is still enforcing this > policy. > But they said they can unblock port 25 upon request. I am not sure how > easy > it is. > > One simple way to test if your ISP is blocking outgoing port 25 is to > try: > "telnet mx2.hotmail.com 25" or "telnet gmail-smtp-in.l.google.com 25". > If > the connection fails, it could be due to the fact your ISP is blocking > outgoing port 25, although it can also be other reasons such as local > firewall configuration. Can someone perform the test and let me know > result > if possible? Thanks a lot! > > Regards. > -Zhiyun > > > > > > > "The information transmitted is intended only for the person or entity to which it is addressed and contains confidential and/or privileged material. If you received this in error, please contact the sender immediately and then destroy this transmission, including all attachments, without copying, distributing or disclosing same. Thank you." > "The information transmitted is intended only for the person or entity to which it is addressed and contains confidential and/or privileged material. If you received this in error, please contact the sender immediately and then destroy this transmission, including all attachments, without copying, distributing or disclosing same. Thank you."
Re: question about Mark Koster's ARIN presentation
Le jeudi 18 juin 2009 à 15:49 -0400, valdis.kletni...@vt.edu a écrit : > On Thu, 18 Jun 2009 21:35:53 +0200, Michael Hallgren said: > > > How come there is a nanog-attendees list disjunct from the nanog list. > > Wouldn't it be natural to broadcast any kind of content to the > > entire community? > > Umm... "Presentation XYZ has been moved from the Blue Room to the Paisley > Room" > and similar administrivia of interest only to actual attendees? OK. More info's good thing, better than less info... And we all know how to read and filter mail. Right? :) No harm, TTYS, mh -- michael hallgren, mh2198-ripe signature.asc Description: Ceci est une partie de message numériquement signée
Re: question about Mark Koster's ARIN presentation
Le jeudi 18 juin 2009 à 12:51 -0700, kris foster a écrit : > On Jun 18, 2009, at 12:35 PM, Michael Hallgren wrote: > > > Le jeudi 18 juin 2009 à 12:05 -0400, Sandy Murphy a écrit : > >> This message is sent to the whole nanog list, rather than the > >> nanog-attendees list, > > > > How come there is a nanog-attendees list disjunct from the nanog list. > > Wouldn't it be natural to broadcast any kind of content to the > > entire community? > > nanog-attendees is intended to be used for social and specific > conference related topics. Topics discussed at the conference with > operational relevance should be here on the main list. > > If anyone feels the need to follow up on the nanog-attendees/nanog > distinction, please do so on nanog-futures. > > Thanks! > > Kris > MLC Chair Thanks MLC Chair, so will be. mh -- michael hallgren, mh2198-ripe signature.asc Description: Ceci est une partie de message numériquement signée
Re: Is your ISP blocking outgoing port 25?
On Thu, Jun 18, 2009 at 03:36:44PM -0400, Zhiyun Qian wrote: > It has been long heard that many ISPs block outgoing port 25 for the purpose > of reducing spam originated from their network. Yes, it is standard practice for non-server accounts and most dynamic-only accounts; only allow unauthenticated smtp traffic to your own smtp servers. If you are not running server-to-server traffic at the end of that broadband pipe, then you should be shifting your userbase to authenticated on the SUBMIT port [587] anyway... -- RSUC / GweepNet / Spunk / FnB / Usenix / SAGE
Re: Is your ISP blocking outgoing port 25?
>I wonder which ISPs are still doing so. I know comcast has been doing >that but they cancelled it after many complaints. It seems to be the >same case for Verizon. You're mistaken. Comcast most certainly does port 25 filtering, although not necessarily on every line at every moment. So does Verizon, AT&T, and every other large North American consumer ISP I know. Look, kids, it's not 1998 any more. These days outgoing traffic to port 25 is approximately 99.9% botnet spam, 0.1% GWL, and 0% legitimate mail. Blame the botnet herders and the vendors of cruddy software that year after year still is full of trivial exploits. If you can make the botnets go away, I will be happy to lead the charge to unblock all those ports. If it's important to you to have an unfiltered connection, pay for business service that has a static IP, or arrange to tunnel to some host that does. R's, John
Re: Is your ISP blocking outgoing port 25?
On Thu, 2009-06-18 at 16:14 -0400, Joe Provo wrote: > then you should be shifting your userbase to authenticated on the > SUBMIT > port [587] anyway... Except for those ISPs who choose to intercept port 587 as well. This is a big problem with Rogers in Vancouver. They hijack port 587 connections through some sort of lame proxy that connects you to your intended host, but strips the AUTH field out of the EHLO response from the remote submission server ...
Re: Is your ISP blocking outgoing port 25?
Joe Provo wrote: On Thu, Jun 18, 2009 at 03:36:44PM -0400, Zhiyun Qian wrote: It has been long heard that many ISPs block outgoing port 25 for the purpose of reducing spam originated from their network. Yes, it is standard practice for non-server accounts and most dynamic-only accounts; only allow unauthenticated smtp traffic to your own smtp servers. If you are not running server-to-server traffic at the end of that broadband pipe, then you should be shifting your userbase to authenticated on the SUBMIT port [587] anyway... The Messaging Anti-Abuse Working Group (MAAWG) published recommendations for managing port 25 traffic a few years ago, and even then it had already been a widely-accepted best practice for nearly a decade. http://www.maawg.org/port25 -- J.D. Falk Return Path Inc http://www.returnpath.net/
Re: Is your ISP blocking outgoing port 25?
On Thu, Jun 18, 2009 at 4:27 PM, Lyndon Nerenberg wrote: > On Thu, 2009-06-18 at 16:14 -0400, Joe Provo wrote: >> then you should be shifting your userbase to authenticated on the >> SUBMIT >> port [587] anyway... > > Except for those ISPs who choose to intercept port 587 as well. This is > a big problem with Rogers in Vancouver. They hijack port 587 connections port 26 FTW! in all seriousness, most isp's (consumer provider folk) today do some form of blocking of port 25, if you are 'smart' enough to evade this sort of thing, then you can still do email/blah. 99.999% of users are: 1) not interested in bypassing it 2) not clued into what's going on 3) using webmail Why is this debate still ongoing?? -Chris
Re: Wireless bridge
Once upon a time, Peter Boone said: > I'll double check > grounding on the poles but I'm somewhat afraid to turn it into a lightning > rod. If it is a high point on a roof, it is a lightning rod already. You ground the antenna and mount to give the lightning a better path to ground than running through your coax and equipment. -- Chris Adams Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble.
Re: Unicast Flooding
Very true Eric. Microsoft even acknowledges the issue, and still has not fixed it. I have had a few customers use NLB and have this issue. Eric Gauthier wrote: > Brian, > > >> The first is preventing it in the first place. >> > > As annoying as this might sound, this is one of the > standard operating modes for load balancing within > a Microsoft server cluster (see NLB). We've tried > to avoid it, but it seems to come up around once a > year from someone on our campus... > > Eric :) > > -- Steve King Network Engineer - Liquid Web, Inc. Cisco Certified Network Associate CompTIA Linux+ Certified Professional CompTIA A+ Certified Professional
Re: Is your ISP blocking outgoing port 25?
Christopher Morrow wrote: in all seriousness, most isp's (consumer provider folk) today do some form of blocking of port 25, if you are 'smart' enough to evade this sort of thing, then you can still do email/blah. 99.999% of users are: 1) not interested in bypassing it 2) not clued into what's going on 3) using webmail I'd say 0.5% of my customer base contacts the helpdesk to setup auth and bypass tcp/25 blocks using tcp/587. Another 2% use my webmail offsite, and about 10% use webmail only (on my network or off). Then there's those pesky gmail users. We should just block them. j/k :P Why is this debate still ongoing?? Because nanog is slow? Actually, I think the original poster was just curious as these days not much is said overly much outside of the "Die Spammer" threads in other venues. Jack
Re: Unicast Flooding
Steven King wrote: Very true Eric. Microsoft even acknowledges the issue, and still has not fixed it. I have had a few customers use NLB and have this issue. Eric Gauthier wrote: Brian, The first is preventing it in the first place. As annoying as this might sound, this is one of the standard operating modes for load balancing within a Microsoft server cluster (see NLB). We've tried to avoid it, but it seems to come up around once a year from someone on our campus... Eric :) I understand is 'working as designed' ? Much like the Stonegate (?) Firewall redundancy trick ? It was a little worse when doing the multicast-l2 to a unicast-l3 address trick.. By the way, if you think this is funny in a campus ethernet backbone.. Try it in an old ATM/LANE environment..I had customer that had the chance to try it, and wanted a root cause analysis. The BUS switch, was NOT happy in forwarding all the traffic going to the firewall cluster :-)...
Ciena Help around Atlanta
All, If there is anyone good with Ciena Online Metro systems that would be willing to do some contract work around Atlanta, please contact me off list. Thanks! -Scott
Re: tire 1 in Montreal
It looks like Buffalo - Toronto - Montreal - Albany - Buffalo is a popular ring route to connect into Canada e.g. Level3 and Cogent use it (according to their online network maps), It looks like these carriers (Global Crossing, Level 3, Cogent, Tata, Tinet) have a pop in Montreal, does someone know if some/any are sharing the same fiber routes? or which carriers have the own diverse fiber route to/from Monteral. Regard MKS On Thu, Jun 18, 2009 at 5:42 PM, Nuno Vieira - nfsi telecom wrote: > check TATA Communications (former Teleglobe). > > regards, > --nvieira > > > - "MKS" wrote: > >> Hi List >> >> I'm looking for two tier 1 providers in Montreal, with independent >> fiber runs to the city.Which operator fit this criteria? >> >> Thanks in advance >> //MKS >
RE: [SPAM-HEADER] - Re: tire 1 in Montreal - Email has different SMTP TO: and MIME TO: fields in the email addresses
Hibernia Atlantic is a leading wholesaler on that route. Many IP backbones use us. Most carriers use 360 conduit into Montreal. We do not. Lots of carriers use Wiltel conduit into Buffalo and then 360 into Canada. Roderick S. Beck Director of European Sales Hibernia Atlantic -Original Message- From: MKS [mailto:rekordmeis...@gmail.com] Sent: Thu 6/18/2009 11:08 PM To: Nuno Vieira - nfsi telecom Cc: nanog@nanog.org Subject: [SPAM-HEADER] - Re: tire 1 in Montreal - Email has different SMTP TO: and MIME TO: fields in the email addresses It looks like Buffalo - Toronto - Montreal - Albany - Buffalo is a popular ring route to connect into Canada e.g. Level3 and Cogent use it (according to their online network maps), It looks like these carriers (Global Crossing, Level 3, Cogent, Tata, Tinet) have a pop in Montreal, does someone know if some/any are sharing the same fiber routes? or which carriers have the own diverse fiber route to/from Monteral. Regard MKS
RE: tire 1 in Montreal
Level(3) has a lot of fiber in that ring route ... not sure who else covers those areas from a physical perspective Paul -Original Message- From: MKS [mailto:rekordmeis...@gmail.com] Sent: June 18, 2009 6:08 PM To: Nuno Vieira - nfsi telecom Cc: nanog@nanog.org Subject: Re: tire 1 in Montreal It looks like Buffalo - Toronto - Montreal - Albany - Buffalo is a popular ring route to connect into Canada e.g. Level3 and Cogent use it (according to their online network maps), It looks like these carriers (Global Crossing, Level 3, Cogent, Tata, Tinet) have a pop in Montreal, does someone know if some/any are sharing the same fiber routes? or which carriers have the own diverse fiber route to/from Monteral. Regard MKS On Thu, Jun 18, 2009 at 5:42 PM, Nuno Vieira - nfsi telecom wrote: > check TATA Communications (former Teleglobe). > > regards, > --nvieira > > > - "MKS" wrote: > >> Hi List >> >> I'm looking for two tier 1 providers in Montreal, with independent >> fiber runs to the city.Which operator fit this criteria? >> >> Thanks in advance >> //MKS > "The information transmitted is intended only for the person or entity to which it is addressed and contains confidential and/or privileged material. If you received this in error, please contact the sender immediately and then destroy this transmission, including all attachments, without copying, distributing or disclosing same. Thank you."
Re: Cogent input - no peering with Global Crossing in Europe [Re: NANOG Digest, Vol 17, Issue 46]
On Wed, Jun 17, 2009 at 4:32 PM, Charles Wyble wrote: > Ouch... latency must be awful. > > I suppose this is based on Cogents reputation but who knows. The whole > peering aspect of the networking business is often a mystery. I dont think it is any mystery Cogent doesn't have many friends in the European IP market...
RE: Wireless bridge
OK, from reading all the excellent feedback I've got on and off list I've attempted to compile a "quick" summary of findings/ideas/products so far. - RouterBoard is no good for this type of application. - Get a unit with radio/antenna integrated, PoE from inside the building (outdoor rated cat5, shielded I assume), lightning suppression for the PoE (properly grounded), and ensure the mast is properly grounded. - Get off the 2.4 GHz range. Move up to 5. As for licensed vs. unlicensed, I'm getting mixed input. I'm fairly certain that if the price is right and the frequency is 5GHz+, it won't be a factor. Also, I'll be very glad to separate the bridge from the client access points so that allows for more options. Every solution at this range can easily do 20+ Mbps so throughput is no longer a factor. - Products that support ARQ are highly recommended. - I'm hearing the same products mentioned over and over: - Motorola - Ubiquiti - Aironet (Cisco) - Aruba A number of individuals recommended products from other brands at low cost that meet these mentioned requirements too. I'm not going to bother with a spectrum analyzer. In the current implementation we tried channels 1, 6 and 11 for a few days at a time and found 1 to be the most reliable. Done. At this point an analyzer will tell me what I already suspect: there's a problem. I've researched the Fresnel zones and calculated out a few things with rough numbers and worst case. For one, the Fresnel zone is disrupted most if the obstruction is closer to the endpoints (e.g. antennas). In this case, this is fine as the antenna are mounted at the outermost corner of the buildings as close as possible to the other buildings, approximately 3 floors in the air. Other buildings become a factor near the middle. Based on channel 1's wavelength of 0.12438 m, and assuming 1 km apart (for simplicity sake. It's actually less), the Fresnel zone is largest in the center at approx 5.6 m radius. That could definitely be obstructed by rooftops, I'll have to take another look though. This radius cuts in half when the frequency is doubled, thus more evidence in favour of the 5 GHz+ range. Cool. Or we could just go with a good line of sight optical solution but they look too expensive, and this area can have very unforgiving fog/wind to disrupt things further. What if we tilt each existing antenna up towards the sky 10-20 degrees? Please correct me if I'm wrong. The current antennas are plates. I'm pretty sure they are polarized. I used to have a product sheet on these but a Google search doesn't turn up any useful results anymore (SmartAnt PCW24-03014-BFL). The way they are mounted to the poles might make it difficult to try rotating them 90 degrees, but worth another look. The coax between the AP and antennas are no longer than 30 feet. I've often wondered if a Pringle or Coffee Cantenna would work better than these! For right now I'll have the coax line and ends inspected for damage/softspots, check the grounding, and cover/re-cover the ends in large amounts of rubber/electric tape. I think we might try the Ubiquiti Bullet2 for approx $100 per side (PoE supply/lightning suppression, wiring included) and see what happens! If that doesn't work, no major loss and we'll move up to something more serious (the PoE and wiring will already be ready to go). I will have to look into pricing on some of these suggestions and figure out if we should even bother getting a Bullet but instead go straight to a better all-in-one solution. Thank you guys very much for the tips. Feel free to keep them coming! Peter
Re: Wireless bridge
Peter Boone wrote: > - Get a unit with radio/antenna integrated, PoE from inside the building > (outdoor rated cat5, shielded I assume), Actually shielding doesn't matter so much and it requires that the rj45 connector and socket be similarly sheilded to be effective, the salient points are: uv stablized and gel filled. normally comes in 1000' or longer rolls but something like the following will do if you're not running more than two cables ever: http://www.fab-corp.com/product.php?productid=16285&cat=296&page=1 > lightning suppression for the PoE > (properly grounded), and ensure the mast is properly grounded. excellent plan.
Re: Wireless bridge
I didn't read through all of the replies to see if this was suggested, apologies if it was. http://www.solectek.com/products.php?prod=sw7k&page=feat I implemented a PTP link at about 3 miles using these Solectek radios. I get 40Mbps consistently with TCP traffic and ~100Mbps UDP. This PTP link has literally been up for 3 years (in 2 weeks) without failing. I live in a 4 seaons state, so its seen all sorts of weather over those years. I have clean line of site down the freeway for what its worth. Its natively powered via POE, power injector included. We run all sorts of usual business application over this link, including about 30 simultaneous VOIP channels, and have not had one issue with stability. I was also told by the VAR that sold us the product that a city nearby (can't remember which one) connects all of its municipal buildings with Solectek stuff and runs its VOIP infrastructure over it as well. We run it in bridged mode with routers on each end, but it does support some rudimentary L3 stuff, static routing and RIP. IIRC, they were not "cheap" (couple of 1k), but for us have definitely been much cheaper than private circuits from carriers of comparable throughput capacity. Hope its helpful. --Justin
