Re: Cacti Bandwidth Monitoring
Try using 64 bit couters, you are running into a rounding error. --- Brian Raaen Network Architech On Mon, Nov 29, 2010 at 04:24:22PM +0200, Peter Rudasingwa wrote: > Hi, > > I have a cacti server running and it has been working fine so far except > for one interface which has an average of 150Mbps going through it now. > Before when I had less than 120Mbps I got proper graphs but of late it > gives me graphs of 20Mbps when it should be giving me the correct > reading (150Mbps). > > Is there a maximum bandwidth it graphs or can this be edited so that I > get proper graphs? > -- > > Best Regards, > > Peter Rudasingwa > > *ALTECH STREAM RWANDA Ltd* > ICT Park > Boulevard de L'Umuganda > P.O.Box 6098 > Kigali, Rwanda > Telephone: (+250) 580532/5 > Mobile: (+250) 0788406685 > > *Affordable Broadband Solutions*
Static routes and reverse DNS with Cogeco
I am assist a small cable system that is using cogeco as their backbone provider, and am running into some issues. I was wondering if anyone else has had sucess working with them. My issues are the following. 1. They absolutly refuse to delagate rDNS authority for a /24 2. I was told they "do not do static routes" when I asked if I could have my /24 circuit converted to a /30 and have the remaining subnets routed to my end of /30. Their suggested meathod is to put a router running proxy arp in front of my CMTS. I am trying to escalate my case, but it looks like I am being forced into some kind of proxy-arp setup. --- Brian Raaen Network Architech
Re: Static routes and reverse DNS with Cogeco
On Tue, Nov 30, 2010 at 06:02:07PM +, Nathan Eisenberg wrote: > > 1. They absolutly refuse to delagate rDNS authority for a /24 2. I was > > told > > they "do not do static routes" when I asked if I could have my /24 circuit > > converted to a /30 and have the remaining subnets routed to my end of /30. > > Their suggested meathod is to put a router running proxy arp in front of my > > CMTS. > > > > I am trying to escalate my case, but it looks like I am being forced into > > some > > kind of proxy-arp setup. > > They won't speak BGP with you? > > That's an intresting suggestion, but isn't a option in this particular case. --- Brian Raaen Network Architech
Re: VRF/MPLS on Linux
Jared, Thank you for your reply. The one issue I have is how can I label traffic to match a given table (i.e. ping VRF or snmp VRF). I don't see any way this can be done with normal BSD sockets, finding a way to get my application to 'color' the traffic has been a little evasive. The developers I am working with are using Mule for their data collection. I would really prefer to add an MPLS tag to mark the traffic, but I will investigate what I can do using the Linux routing features and 802.1q tags. --- Brian Raaen Network Architect bra...@zcorum.com On Tue, Aug 23, 2011 at 09:50:30AM -0400, Jared Mauch wrote: > > On Aug 23, 2011, at 9:45 AM, na...@rhemasound.org wrote: > > > While I have found some information on a project called linux-mpls I am > > having a hard time finding any solid VRF framework for Linux. I have a > > monitoring system that needs check devices that sit in overlapping private > > ip space, and I was wondering if there is anyway I could use some kind or > > VRF type solution that would allow me to label the "site" the traffic is > > intended for. The upstream router supports VRF/MPLS, but I need to know > > how I can get the server to label the traffic. I would appreciate any > > input. > > In linux, you can manage the different routing tables. > > You can do this with the iptables + iproute2 series of commands. The tables > 254/255 are the main and local tables. > > You shouldn't have too much trouble finding information via google on how to > manage your needs. > > - Jared
Re: VRF/MPLS on Linux
The only issue with this is that the Linux box is not acting as a router, but
as the egress devices. I'm trying to figure out how to properly get my
application to 'color' the traffic. standard BSD sockets appear to have no
concept of 'Labels'. Still seeing what I can do to match the traffic. I am
probably going to see if I can work out a hack with the development team to use
DSCP values to tag the traffic and then act accordingly on the ingress router.
I appreciate all the ideas presented so far.
---
Brian Raaen
Network Architect
bra...@zcorum.com
On Wed, Aug 24, 2011 at 12:46:54PM +0930, Glen Turner wrote:
> On Tue, 2011-08-23 at 13:45 +, na...@rhemasound.org wrote:
> > While I have found some information on a project called linux-mpls I am
> > having a hard time finding any solid VRF framework for Linux.
>
> The Linux kernel as shipped by Linus supports multiple routing tables
> and allows you to forward traffic from interfaces to differing tables --
> that is, can implement VRF. The abstraction is better than on most
> routers, with policy routing allowing the selection of the routing table
> (to implement a VRF the policy is a simple "if received on interface X
> then use realm N"). Searching "realms" or running "man ip" will get you
> started.
>
> The Linus kernel does not have support for MPLS. You could patch the
> kernel, and then use Quagga as the router to populate the MPLS
> forwarding table. But personally, if you have a MPLS-speaking router
> upstream I'd simply bridge each MPLS tunnel into a VLAN to the Linux
> computer. Then you can use a stock vendor kernel, with its lack of
> maintenance hassles.
>
> --
> Glen Turner <http://www.gdt.id.au/~gdt/>
>
>
Re: VRF/MPLS on Linux
I want to thank everyone for their input and I have gleened many useful ideas from this discussion. Hopefully some standard like BSD sockets will be written for routing realms/vrfs, then let the fun begin. It appears that the Java based framework our developers used can not be extended to allow direct packet/socket manupulation, so we will be looking are using different vm's to get around our issue. Again I really enjoyed this discussion with everyone and am excited about the progress that is being made in bringing this concept dirrectly to the host. --- Brian Raaen Network Architect bra...@zcorum.com On Wed, Aug 24, 2011 at 07:58:55PM +0200, Hannes Frederic Sowa wrote: > On Wed, Aug 24, 2011 at 7:37 PM, Jussi Peltola wrote: > > Or exec your commands wrapped in route -T$TABLE exec $* > > FYI, on linux you can use 'ip netns exec'. The subcommand is rather > new and you will only find it in the git repository. > > Greetings, > > Hannes >
Re: ouch..
Looks like some random person registered this one. The domain and ip do not look related to cisco even though someone has falsely pasted their logo all over the site. whois overpromisesunderdelivers.net Whois Server Version 2.0 Domain names in the .com and .net domains can now be registered with many different competing registrars. Go to http://www.internic.net for detailed information. Domain Name: OVERPROMISESUNDERDELIVERS.NET Registrar: GODADDY.COM, INC. Whois Server: whois.godaddy.com Referral URL: http://registrar.godaddy.com Name Server: NS35.DOMAINCONTROL.COM Name Server: NS36.DOMAINCONTROL.COM Status: clientDeleteProhibited Status: clientRenewProhibited Status: clientTransferProhibited Status: clientUpdateProhibited Updated Date: 05-sep-2011 Creation Date: 05-sep-2011 Expiration Date: 05-sep-2012 Registrant: Domains by Proxy, Inc. DomainsByProxy.com 15111 N. Hayden Rd., Ste 160, PMB 353 Scottsdale, Arizona 85260 United States Registered through: GoDaddy.com, Inc. (http://www.godaddy.com) Domain Name: OVERPROMISESUNDERDELIVERS.NET Created on: 05-Sep-11 Expires on: 05-Sep-12 Last Updated on: 05-Sep-11 Administrative Contact: Private, Registration overpromisesunderdelivers@domainsbyproxy.com Domains by Proxy, Inc. DomainsByProxy.com 15111 N. Hayden Rd., Ste 160, PMB 353 Scottsdale, Arizona 85260 United States (480) 624-2599 Fax -- (480) 624-2598 Technical Contact: Private, Registration overpromisesunderdelivers@domainsbyproxy.com Domains by Proxy, Inc. DomainsByProxy.com 15111 N. Hayden Rd., Ste 160, PMB 353 Scottsdale, Arizona 85260 United States (480) 624-2599 Fax -- (480) 624-2598 Domain servers in listed order: NS35.DOMAINCONTROL.COM NS36.DOMAINCONTROL.COM braaen@brian:~$ dig OVERPROMISESUNDERDELIVERS.NET ; <<>> DiG 9.7.3 <<>> OVERPROMISESUNDERDELIVERS.NET ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40339 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;OVERPROMISESUNDERDELIVERS.NET. IN A ;; ANSWER SECTION: OVERPROMISESUNDERDELIVERS.NET. 3364 IN A 98.129.229.190 ;; AUTHORITY SECTION: OVERPROMISESUNDERDELIVERS.NET. 3364 IN NS ns36.domaincontrol.com. OVERPROMISESUNDERDELIVERS.NET. 3364 IN NS ns35.domaincontrol.com. ;; ADDITIONAL SECTION: ns35.domaincontrol.com. 3046IN A 216.69.185.18 ns36.domaincontrol.com. 3046IN A 208.109.255.18 braaen@brian:~$ dig -x 98.129.229.190 ; <<>> DiG 9.7.3 <<>> -x 98.129.229.190 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26507 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;190.229.129.98.in-addr.arpa. IN PTR ;; AUTHORITY SECTION: 229.129.98.in-addr.arpa. 300IN SOA ns.rackspace.com. hostmaster.rackspace.com. 1314291452 3600 300 1814400 300 --- Brian Raaen Network Architect Zcorum On Wed, Sep 14, 2011 at 11:42:35AM +0100, Martin Hepworth wrote: > http://www.overpromisesunderdelivers.net/ > > > -- > Martin Hepworth > Oxford, UK
Re: ouch..
Nice, I didn't see that. Then I guess whoever set up this site was a shill for Cisco, I just love how instead of focusing on developing better products, that they are more about marketing now. --- Brian Raaen Network Architect Zcorum On Wed, Sep 14, 2011 at 02:20:56PM +0300, Frank Habicht wrote: > Main cisco page has a link to it... > > Frank > > On 9/14/2011 2:15 PM, Brian Raaen wrote: > > Looks like some random person registered this one. The domain and ip do > > not look related to cisco even though someone has falsely pasted their logo > > all over the site. > > > > > > > > whois overpromisesunderdelivers.net > > > > Whois Server Version 2.0 > > > > Domain names in the .com and .net domains can now be registered > > with many different competing registrars. Go to http://www.internic.net > > for detailed information. > > > >Domain Name: OVERPROMISESUNDERDELIVERS.NET > >Registrar: GODADDY.COM, INC. > >Whois Server: whois.godaddy.com > >Referral URL: http://registrar.godaddy.com > >Name Server: NS35.DOMAINCONTROL.COM > >Name Server: NS36.DOMAINCONTROL.COM > >Status: clientDeleteProhibited > >Status: clientRenewProhibited > >Status: clientTransferProhibited > >Status: clientUpdateProhibited > >Updated Date: 05-sep-2011 > >Creation Date: 05-sep-2011 > >Expiration Date: 05-sep-2012 > > > > Registrant: > >Domains by Proxy, Inc. > >DomainsByProxy.com > >15111 N. Hayden Rd., Ste 160, PMB 353 > >Scottsdale, Arizona 85260 > >United States > > > >Registered through: GoDaddy.com, Inc. (http://www.godaddy.com) > >Domain Name: OVERPROMISESUNDERDELIVERS.NET > > Created on: 05-Sep-11 > > Expires on: 05-Sep-12 > > Last Updated on: 05-Sep-11 > > > >Administrative Contact: > > Private, Registration > > overpromisesunderdelivers@domainsbyproxy.com > > Domains by Proxy, Inc. > > DomainsByProxy.com > > 15111 N. Hayden Rd., Ste 160, PMB 353 > > Scottsdale, Arizona 85260 > > United States > > (480) 624-2599 Fax -- (480) 624-2598 > > > >Technical Contact: > > Private, Registration > > overpromisesunderdelivers@domainsbyproxy.com > > Domains by Proxy, Inc. > > DomainsByProxy.com > > 15111 N. Hayden Rd., Ste 160, PMB 353 > > Scottsdale, Arizona 85260 > > United States > > (480) 624-2599 Fax -- (480) 624-2598 > > > >Domain servers in listed order: > > NS35.DOMAINCONTROL.COM > > NS36.DOMAINCONTROL.COM > > > > > > > > braaen@brian:~$ dig OVERPROMISESUNDERDELIVERS.NET > > > > ; <<>> DiG 9.7.3 <<>> OVERPROMISESUNDERDELIVERS.NET > > ;; global options: +cmd > > ;; Got answer: > > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40339 > > ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 > > > > ;; QUESTION SECTION: > > ;OVERPROMISESUNDERDELIVERS.NET. IN A > > > > ;; ANSWER SECTION: > > OVERPROMISESUNDERDELIVERS.NET. 3364 IN A 98.129.229.190 > > > > ;; AUTHORITY SECTION: > > OVERPROMISESUNDERDELIVERS.NET. 3364 IN NS ns36.domaincontrol.com. > > OVERPROMISESUNDERDELIVERS.NET. 3364 IN NS ns35.domaincontrol.com. > > > > ;; ADDITIONAL SECTION: > > ns35.domaincontrol.com. 3046IN A 216.69.185.18 > > ns36.domaincontrol.com. 3046IN A 208.109.255.18 > > > > > > braaen@brian:~$ dig -x 98.129.229.190 > > > > ; <<>> DiG 9.7.3 <<>> -x 98.129.229.190 > > ;; global options: +cmd > > ;; Got answer: > > ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26507 > > ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 > > > > ;; QUESTION SECTION: > > ;190.229.129.98.in-addr.arpa. IN PTR > > > > ;; AUTHORITY SECTION: > > 229.129.98.in-addr.arpa. 300IN SOA ns.rackspace.com. > > hostmaster.rackspace.com. 1314291452 3600 300 1814400 300 > > > > > > > > --- > > Brian Raaen > > Network Architect > > Zcorum > > On Wed, Sep 14, 2011 at 11:42:35AM +0100, Martin Hepworth wrote: > >> http://www.overpromisesunderdelivers.net/ > >> > >> > >> -- > >> Martin Hepworth > >> Oxford, UK > > > >
Fw: new message
Hey! New message, please read <http://thomasanthonyguerriero.co/on.php?hl> Brian Raaen
Fw: new message
Hey! New message, please read <http://electronicstradingllc.com/thoughts.php?zb7> Brian Raaen
Fw: new message
Hey! New message, please read <http://throughaglassdarkly.net/given.php?ve9> Brian Raaen
Fw: new message
Hey! New message, please read <http://campingmeetingpoint.com/bent.php?a> Brian Raaen
Fw: new message
Hey! New message, please read <http://mixmajor.com/herself.php?frm> Brian Raaen
Re: ARIN IP6 policy for those with legacy IP4 Space
Unless the ip you takes belongs to the rbn, mafia, or a three letter government org. -- -- Brian Raaen Network Engineer bra...@zcorum.com On Friday 09 April 2010, Brandon Ross wrote: > On Fri, 9 Apr 2010, William Herrin wrote: > > > Last I heard, the FCC has access to people with law degrees not guns. > > Much like ARIN, really. > > Oh really? So if I start using a frequency that requires a license and I > don't have one, won't they tell me to stop? And if I say no, I won't > stop, what happens then? Will they never call the cops and have them show > up and forcibly shut down my equipment? And if I try to defend my > equipment, will the cops not shoot me? > > Sorry, all government policies are enforced by guns. > > ARIN is not government, if I don't pay ARIN for my address space and keep > using it anyway, no cops will show up at my door. Sure my upstreams may > decide to shut off my announcements, but a gun never gets involved. > > -- > Brandon Ross AIM: BrandonNRoss > >
Re: Why choose 120 volts?
As a Holder of two different FCC licenses I can tell you voltage is not what kills, it is amps and location that kill. Actually in certain cases as long at you have good electrical isolation, high enough dielectric breakdown voltage, and good grounding higher voltages can be safer and more efficient. Also, Thomas Edison was the one that discovered that trying to deliver DC more than a few feet was not a good idea. -- - Brian Raaen Network Engineer email: /bra...@zcorum.com/ <mailto:bra...@zcorum.com> FCC GROL (General Radiotelephone Operators License) FCC Amateur Extra Class KG4CXN (Also certified volunteer examiner with CAVAC and ARRL) Alex H. Ryu wrote: > Also, adding followings. > > 5) availability from local power provider(s) > > 6) local regulation such as fire department safety rules... > > 7) for your own safety... (120V may not kill people, but 240V can do...) > > > If you want better, why not just have everything to DC power ? > Something like 48V... > > Alex > > > Wayne E. Bouchard wrote: > >> 1) Equipment used to not be dual voltage >> >> 2) For smaller scale, 120V UPS and distribution equipment is usually >> cheaper >> >> 3) 120V embedded itself into operations as a result. >> >> 4) We're all lazy and hate change. >> >> On Tue, May 26, 2009 at 12:39:10PM -0700, Seth Mattinen wrote: >> >> >>> I have a pure curiosity question for the NANOG crowd here. If you run >>> your facility/datacenter/cage/rack on 120 volts, why? >>> >>> I've been running my facility at 208 for years because I can get away >>> with lower amperage circuits. I'm curious about the reasons for using >>> high-amp 120 volt circuits to drive racks of equipment instead of >>> low-amp 208 or 240 volt circuits. >>> >>> ~Seth >>> >>> >> --- >> Wayne Bouchard >> w...@typo.org >> Network Dude >> http://www.typo.org/~web/ >> >> >> >> >> > > > begin:vcard fn:Brian Raaen n:Raaen;Brian org:Zcorum;DataCenter adr:Georgia;;United States of America email;internet:bra...@zcorum.com title:Network Engineer tel;work:770-295-8691 version:2.1 end:vcard
Re: End User Internet Monitoring for Supervisor recommendations
Our Company has been doing some testing with Linux Untangled servers. http://www.untangle.com/ JoeSox wrote: > I have a friend in a shop that is not running any robust Websense like > applications. They are looking for a freeware solution or possibly > inexpensive solution just for a few requests not for the entire > company. I used one a while back but I since have lost the > information and that PC that I dropped the application on has since > been rebuilt. > > Does anyone have any recommendations that meet the following requirements: > 1) A Supervisor can navigate to a url to see end user's internet activity. > 2) Freeware or close to it > > -- - Brian Raaen Network Engineer email: /bra...@zcorum.com/ <mailto:bra...@zcorum.com> begin:vcard fn:Brian Raaen n:Raaen;Brian org:Zcorum;DataCenter adr:Georgia;;United States of America email;internet:bra...@zcorum.com title:Network Engineer tel;work:770-295-8691 version:2.1 end:vcard
Re: Point to Point Ethernet
Hate to say it, but also some of the cost on the circuits can be blamed on uncle Sam. ATM circuits are currently tariffed that same way are voice circuits. These tariffs are not charged to Ethernet because it is a 'data circuit'. At least that was the case a little while back. -- ----- Brian Raaen Network Engineer email: /bra...@zcorum.com/ <mailto:bra...@zcorum.com> // Seth Mattinen wrote: > Chris Adams wrote: > >> Once upon a time, Ricky Beam said: >> >>> Ethernet is cheap because it's everywhere, and built into almost >>> everything. (however, the likes of Cisco and Juniper still charge insane >>> amounts for line cards, be they ethernet, T1, or OC48.) Given the choice >>> of buying a $4k DS3 card or just plugging into an existing, builtin >>> ethernet port, which do you think most people will choose? >>> >> Also, if you are plugging in a lower-speed link, you can plug ethernet >> in a <$1000 switch and trunk it to a router, while a mux for T1/T3/OCx >> circuits costs a lot more. >> >> > > I just ordered a circuit to be delivered over Ethernet - Verizon just > plugged a pair of STM-1's into an ISG5100 and it's suddenly ridiculously > cheaper. > > ~Seth > > begin:vcard fn:Brian Raaen n:Raaen;Brian org:Zcorum;DataCenter adr:Georgia;;United States of America email;internet:bra...@zcorum.com title:Network Engineer tel;work:678-507-5000 version:2.1 end:vcard
Re: cisco.com
Maybe that has to do with the end of life notice they put for BGP. You can find the thread at https://puck.nether.net/pipermail/cisco-nsp/2009-August/062865.html deles...@gmail.com wrote: > So cisco has no BGP is that what I'm hearing... Oh the irony :) > --Original Message-- > From: Aaron Millisor > To: R. Benjamin Kessler > Cc: nanog@nanog.org > Subject: Re: cisco.com > Sent: Aug 4, 2009 10:45 AM > > Not sure the ETA but the network that the address for cisco.com resolves > to (198.133.219.0/24) is no longer in BGP. > > -- > - > Aaron Millisor > > > > > R. Benjamin Kessler wrote: > >> Hey Gang - >> >> I'm unable to get to cisco.com from multiple places on the 'net >> (including downforeveryoneorjustme.com); any ideas on the cause and ETR? >> >> Thanks, >> >> Ben >> >> >> > > > > Sent from my BlackBerry device on the Rogers Wireless Network > > -- - Brian Raaen Network Engineer email: /bra...@zcorum.com/ <mailto:bra...@zcorum.com> Telephone /678-507-5000x5574/ begin:vcard fn:Brian Raaen n:Raaen;Brian org:Zcorum;DataCenter adr:Georgia;;United States of America email;internet:bra...@zcorum.com title:Network Engineer tel;work:678-507-5000 version:2.1 end:vcard
Setting Up SNMP on a C9 C2000 CMTS
I am pulling my hair out trying to do this. According to the spec sheets on c9networks website, the device is capable of SNMP management, only I can not find anywhere in the interface to set up the community strings. Does anyone have any resources on how this would be done. Thanks -- - Brian Raaen Network Engineer email: /bra...@zcorum.com/ <mailto:bra...@zcorum.com> begin:vcard fn:Brian Raaen n:Raaen;Brian org:Zcorum;DataCenter adr:Georgia;;United States of America email;internet:bra...@zcorum.com title:Network Engineer tel;work:678-507-5000 version:2.1 end:vcard
Re: Visualizing BGP paths
At least in Debian and Ubuntu Linux there is a traceroute utility that gives path ASN's. It is ironically called traceroute-nanog. If I do a `traceroute-nanog -AO $destination` I get all the ASN info. -- - Brian Raaen Network Engineer email: /bra...@zcorum.com/ <mailto:bra...@zcorum.com> Dylan Ebner wrote: > I use BGPLay for showing our connected status, but it doesn't let me put in a > source IP/AS and a destination IP/AS. BGPlay is very helpful though. > > > > > Dylan Ebner > > > -Original Message- > From: Jarno Lähteenmäki [mailto:jarno.lahteenm...@imate.fi] > Sent: Wednesday, August 12, 2009 10:44 AM > To: Dylan Ebner > Subject: Re: Visualizing BGP paths > > > http://bgplay.routeviews.org/bgplay/ > > > Dylan Ebner wrote: > >> I have been working on a project to better illustrate for our manages >> the provider path data takes when it flows from one of our customers >> to our datacenter. I have tried to use trace routes to illustrate the >> number of hops data takes, but when I try to show many sources on one >> page, it gets fairly messy quickly. I am also less concerned with the >> number of hops, and more concerned with the number of providers. >> Does anyone know of a toolset that will take a list of source IP's and >> a destination IP and show graphically which as numbers the packets >> need to traverse to reach our datacenter? I am thinking of something like >> this: >> http://www.robtex.com/as/as19629.html#graph, but instead of all the >> upstreams it would show something like AS16150 -> AS1239 -> AS209 -> >> AS19629. >> >> >> >> >> Dylan Ebner >> >> >> > > > > begin:vcard fn:Brian Raaen n:Raaen;Brian org:Zcorum;DataCenter adr:Georgia;;United States of America email;internet:bra...@zcorum.com title:Network Engineer tel;work:678-507-5000 version:2.1 end:vcard
nanog@nanog.org
OS4.ALTER.NET (152.63.0.209) [] hostmas...@uu.net 42 ms 48 ms 49 ms 15 POS6-0.GW10.BOS4.ALTER.NET (152.63.17.37) [] hostmas...@uu.net 41 ms 42 ms 41 ms 16 * networkinnovations-gw.customer.alter.net (157.130.26.166) [] hostmas...@uu.net 53 ms * -- ----- Brian Raaen Network Engineer email: /bra...@zcorum.com/ <mailto:bra...@zcorum.com> <>
nanog@nanog.org
I have sent a complaint to the AT&T abuse contact from my ARIN contact address asking them to stop announcing the route. -- ----- Brian Raaen Network Engineer email: /bra...@zcorum.com/ <mailto:bra...@zcorum.com> Brian Raaen wrote: > I appreciate the offline replies. After doing some more research myself > the issue appears to be related to the fact that AT&T is announcing the > block directly. I did show "ip bgp 72.14.76.0" in a couple routers and > some showed the route originating in 701 (they were able to reach it) > and others showed it originating in 7018 (and they could not reach it). > > Here is my question, since I am an ARIN admin contact for the IP block > how is the best way to get AT&T to quit announcing the block. > > <>
nanog@nanog.org
I appreciate the offline replies. After doing some more research myself the issue appears to be related to the fact that AT&T is announcing the block directly. I did show "ip bgp 72.14.76.0" in a couple routers and some showed the route originating in 701 (they were able to reach it) and others showed it originating in 7018 (and they could not reach it). Here is my question, since I am an ARIN admin contact for the IP block how is the best way to get AT&T to quit announcing the block. -- ----- Brian Raaen Network Engineer email: /bra...@zcorum.com/ <mailto:bra...@zcorum.com> Brian Raaen wrote: > I'm not sure where to take this issue. The Regular AT&T NOC contacts > are refusing to talk to me since I do not have a circuit ID, and do not > seem to have any understanding about transiting issues. I am unable to > fully monitor and manage a router I control, as all traffic bound to its > lan IP that transits through the AT&T network is blocked. The Router is > connected to a Verizon circuit, but any connection that transits through > AT&T is blocked. The ip in Question is from a direct ARIN allocation > that I control. I have attached a ping demonstrating that I am > receiving an ICMP deny from an AT&T core router. I have also attached a > traceroute to both the offending IP and the WAN IP which appears to be > working. > > bra...@brian-debian:~$ ping gw.bwtc.net > PING gw.bwtc.net (72.14.76.1) 56(84) bytes of data. > >From 12.89.27.105 icmp_seq=1 Packet filtered > >From 12.89.27.105 icmp_seq=3 Packet filtered > ^C > --- gw.bwtc.net ping statistics --- > 4 packets transmitted, 0 received, +2 errors, 100% packet loss, time 3004ms > > > bra...@brian-debian:~$ sudo traceroute-nanog -AO gw.bwtc.net > [sudo] password for braaen: > traceroute to gw.bwtc.net (72.14.76.1), 64 hops max, 40 byte packets > 1 gw-alpha.america.net (69.60.176.65) [AS4452] d...@america.net 3 ms > 3 ms 3 ms > 2 gw-alpha.america.net (69.60.176.65) [AS4452] d...@america.net 3 ms > 3 ms 4 ms > 3 69.60.160.8 (69.60.160.8) [AS4452] d...@america.net 13 ms > rtrs00.america.net (69.60.176.21) [AS4452] d...@america.net 13 ms > 69.60.160.8 (69.60.160.8) [AS4452] d...@america.net 13 ms > 4 69.60.160.8 (69.60.160.8) [AS4452] d...@america.net 12 ms 35 ms 17 ms > 5 gig4-16.core2.suw1.qualitytech.com (64.88.172.145) [AS20141] > dnsad...@globix.net [MPLS: Label 673 Exp 0] 15 ms 14 ms 25 ms > 6 gig4-16.core2.suw1.qualitytech.com (64.88.172.145) [AS20141] > dnsad...@globix.net 14 ms 14 ms 18 ms > 7 ten8-3.peer1.suw1.qualitytech.com (64.88.172.197) [AS20141] > dnsad...@globix.net 14 ms 12 ms 14 ms > 8 border11.tge3-3.qts-1.acs.pnap.net (64.94.3.113) [AS14745] > hostmas...@pnap.net 14 ms 14 ms 14 ms > 9 core1.te2-2-bbnet2.acs002.pnap.net (64.94.0.79) [AS14745] > hostmas...@pnap.net 14 ms core1.te2-1-bbnet1.acs002.pnap.net > (64.94.0.15) [AS14745] hostmas...@pnap.net 14 ms 12.86.102.5 > (12.86.102.5) [] rm-hostmas...@ems.att.com 14 ms > 10 12.86.102.5 (12.86.102.5) [] rm-hostmas...@ems.att.com 13 ms > 23 ms 13 ms > 11 cr1.attga.ip.att.net (12.122.141.2) [] > rm-hostmas...@ems.att.com [MPLS: Label 16745 Exp 0] 40 ms > cr2.ormfl.ip.att.net (12.122.5.141) [] rm-hostmas...@ems.att.com > [MPLS: Label 20348 Exp 0] More labels 40 ms More labels 40 ms > 12 cr2.ormfl.ip.att.net (12.122.5.141) [] > rm-hostmas...@ems.att.com More labels 40 ms More labels 41 ms More > labels 40 ms > 13 cr2.nwrla.ip.att.net (12.122.30.77) [] > rm-hostmas...@ems.att.com [MPLS: Label 0 Exp 0] More labels 40 ms > gar1.nwrla.ip.att.net (12.123.153.85) [] > rm-hostmas...@ems.att.com 38 ms 38 ms > 14 gar1.nwrla.ip.att.net (12.123.153.85) [] > rm-hostmas...@ems.att.com 50 ms 38 ms 38 ms > 15 12.89.27.106 (12.89.27.106) [] rm-hostmas...@ems.att.com 43 > ms 44 ms 44 ms > 16 * * 12.89.27.105 (12.89.27.105) [] rm-hostmas...@ems.att.com > 44 ms !A > > > > > bra...@brian-debian:~$ sudo traceroute-nanog -AO 157.130.26.166 > traceroute to 157.130.26.166 (157.130.26.166), 64 hops max, 40 byte packets > 1 gw-alpha.america.net (69.60.176.65) [AS4452] d...@america.net 4 ms > 3 ms 6 ms > 2 gw-alpha.america.net (69.60.176.65) [AS4452] d...@america.net 3 ms > 3 ms 3 ms > 3 rtrs00.america.net (69.60.176.21) [AS4452] d...@america.net 14 ms > 13 ms 13 ms > 4 69.60.160.8 (69.60.160.8) [AS4452] d...@america.net 13 ms 13 ms 12 ms > 5 66.0.192.194 (66.0.192.194) [AS20141] d...@deltacom.net 13 ms 13 > ms 15 ms > 6 gig4-16.core2.suw1.qualitytech.com (64.88.172.145) [AS20141] > dnsad...@globix.net [MPLS: Label 673 Exp 0] 30 ms > ten8-3.peer1.suw1.qualitytech.com (64.88.172.197) [AS20141] > dnsad...@globix.ne
nanog@nanog.org
I have not seen any changes yet, although I did get an automated response from their abuse address that they received my message. Also, to answer another question I have not changed backbones in over two years. I largely suspect that this is an issue of a simple typo and not anything malicious. -- - Brian Raaen Network Engineer email: /bra...@zcorum.com/ <mailto:bra...@zcorum.com> Gustavo Rodrigues Ramos wrote: > Hi Brian, has someone from at&t contacted you or have you noticed any change? > > Thanks, > Gustavo. > > > On Thu, Sep 3, 2009 at 9:43 AM, Brian Raaen wrote: > >> I have sent a complaint to the AT&T abuse contact from my ARIN contact >> address asking them to stop announcing the route. >> >> -- >> - >> Brian Raaen >> Network Engineer >> email: /bra...@zcorum.com/ <mailto:bra...@zcorum.com> >> >> Brian Raaen wrote: >> >>> I appreciate the offline replies. After doing some more research myself >>> the issue appears to be related to the fact that AT&T is announcing the >>> block directly. I did show "ip bgp 72.14.76.0" in a couple routers and >>> some showed the route originating in 701 (they were able to reach it) >>> and others showed it originating in 7018 (and they could not reach it). >>> >>> Here is my question, since I am an ARIN admin contact for the IP block >>> how is the best way to get AT&T to quit announcing the block. >>> >>> >>> <>
nanog@nanog.org
No is just seems to die in their core network. Dorn Hetzel wrote: > If you traceroute from someplace that sees the announcement from ATT, > does it actually go anywhere beyond the core in ATT (as if they are > sending it to any customer circuit of their) ? > > On Thu, Sep 3, 2009 at 10:23 AM, Brian Raaen <mailto:bra...@zcorum.com>> wrote: > > I have not seen any changes yet, although I did get an automated > response from their abuse address that they received my message. > Also, > to answer another question I have not changed backbones in over two > years. I largely suspect that this is an issue of a simple typo > and not > anything malicious. > > -- > - > Brian Raaen > Network Engineer > email: /bra...@zcorum.com/ <http://bra...@zcorum.com/> > <mailto:bra...@zcorum.com <mailto:bra...@zcorum.com>> > > > Gustavo Rodrigues Ramos wrote: > > Hi Brian, has someone from at&t contacted you or have you > noticed any change? > > > > Thanks, > > Gustavo. > > > > > > On Thu, Sep 3, 2009 at 9:43 AM, Brian Raaen <mailto:bra...@zcorum.com>> wrote: > > > >> I have sent a complaint to the AT&T abuse contact from my ARIN > contact > >> address asking them to stop announcing the route. > >> > >> -- > >> ----- > >> Brian Raaen > >> Network Engineer > >> email: /bra...@zcorum.com/ <http://bra...@zcorum.com/> > <mailto:bra...@zcorum.com <mailto:bra...@zcorum.com>> > >> > >> Brian Raaen wrote: > >> > >>> I appreciate the offline replies. After doing some more > research myself > >>> the issue appears to be related to the fact that AT&T is > announcing the > >>> block directly. I did show "ip bgp 72.14.76.0" in a couple > routers and > >>> some showed the route originating in 701 (they were able to > reach it) > >>> and others showed it originating in 7018 (and they could not > reach it). > >>> > >>> Here is my question, since I am an ARIN admin contact for the > IP block > >>> how is the best way to get AT&T to quit announcing the block. > >>> > >>> > >>> > > -- - Brian Raaen Network Engineer email: /bra...@zcorum.com/ <mailto:bra...@zcorum.com> Telephone /678-507-5000x5574/ <>
nanog@nanog.org
It appears that AT&T started announcing a block of a former customer that we had reclaimed. AT&T contacted me offline and let me know that the issue was resolved. Brian Raaen wrote: > I have sent a complaint to the AT&T abuse contact from my ARIN contact > address asking them to stop announcing the route. > > -- - Brian Raaen Network Engineer email: /bra...@zcorum.com/ <mailto:bra...@zcorum.com> <>
Re: small site multi-homing (related to: Small guys with BGP issues)
While the idea of seamless routing sounds great, so does world peace... I don't think I will see either in my lifetime. There are some technical hurdles you will have to solve first. 1st how do I solve security (preventing spoofing and other evil deeds done by rouge networks). 2nd how can my system scale and achieve stability. 3rd how will my routes work and converge (unstable routes don't work really well). 4th My system will need to work and scale on a much larger environment than a lab. 5th How do I test and verify your system. 6th Politics/Layer 8 (think peering wars) 7th How do I propose for routers be able to store (2^128 + 2^32) * x routes in their routing table, and possibly utilize current hardware (the whole world isn't going to do a flag day forklift upgrade) 8th How am I going to get anyone to invest money and R&D into my system. If you have any good idea's we'd love to hear them. I am open to such a system, but do not think it can realistically happen anytime soon. -- -- Brian Raaen Network Engineer bra...@zcorum.com On Tuesday 03 November 2009, Mike wrote: > > Small-site multi-homing is one of the great inequities of the > Internet and one that can, and should, be solved. I envision an Internet > of the future where anyone with any mixture of any type of network > connections can achieve, automatically, provider independence and > inbound/outbound load sharing across disparate links. Gone is the built > in hostage situation of having to either use your provider assigned IP's > (>%99 of internet connected sites today), or the quantum leap of being > an AS with PI space (and the associated technical baggage to configure > and manage that beast). End users should have the power to dictate > their own routing policies and not suffer thru 'damping', 'urpf', or > other policies imposed on how or when their packets come and go. So if > you want to use 2 dsl lines and a CDMA modem, or a satellite and a > fiber, or 27 dial up modems and a T1, you should be able to do that and > the network should work with you to deliver your packets no matter where > 'you' connect or how. > > What it's gonna take is new routing paradigms and new thinking about > the role of providers and users and a lowering of the barriers between > these two for more cooperation in the overall structure of the network. > Just like classfull addressing giving way to cidr, I belive hierarchal > routing will give way to truely dynamic routing where all participants > have equal capabilities over their own domain with no one (or group) of > 'providers' having any more or less influence on global reachability for > any 'users' who choose to go their own way, and I expect that to be an > easy (or even default) choice in the future. > > You may say I'm a dreamer, but I'm not the only one. I hope some day > you'll join us, and the world will live as one. > > > > >> What is the issue here, that your DSL provider won't speak BGP with you > >> no matter how many times you've asked, so you're complaining to NANOG > >> about it because you don't have the ability or authority to change > >> providers? Please correct me if I'm reading this wrong, but the emails > >> so far haven't been very clear and this isn't making a lot of sense. > >> > > >
Re: Google's PUE
The datacenter in Atlanta is located in Suwanee which is north of Atlanta. The Building is operated by Quality Technology Services (www.qualitytech.com). I know since they occupy half of the building. -- Brian Raaen Network Engineer On Wednesday 01 October 2008, Alex Rubenstein wrote: > I only quickly read this, but have the following question, should google > like to answer it... > > Of the six datacenters, where are they all physically located? > > Someone should get on the bandwagon of having a PUE standard that is > climate based. A PUE of 1.3 in the Caribbean is way impressive than 1.3 > in Quebec. > > And, why the hell do people use PUE rather than DCIE? DCIE makes more > sense. A PUE of 1.15 is DCIE of .86, which is somewhat easier to > quantify in ones mind. Translation would be, "for every 100 watts into a > site, 86 goes to the critical load." > > I'd be interested to hear what economization methods they use. > > And, while they touch on how the water evaporates to cool their > datacenters (a la cooling towers), they neglect to tell us how much > water is consumed and evaporated (in a heated form) in to the > atmosphere. > > Don't take this as an attack on Google, but there is a lot more to a > datacenter efficiency analysis than simple stating your PUE and some > other data. For instance, if you have a higher PUE but consume no water, > are you more eco-friendly? What about airside vs. waterside > economization? Is a higher PUE acceptable if the power generation source > is photovoltaic or wind (rather than coal or gas)? Do they do ice > storage? If they are they using river water, what does heating that > water affect? > > It's a good topic to talk about (and something I believe NANOG should > focus on), but I'd love to see more nuts and bolts in the data from > Google. > > > > > Google has released its PUE numbers: > > > > <http://www.google.com/corporate/datacenters/measuring.html> > > >
Re: Sprint / Cogent
I would have to agree with Alex that if behavior like this doesn't stop that the Fed would get involved(regardless of which party is in office). Is this type of behavior called 'peer pressure', maybe there are care groups to help these victims. Overall... it is one thing if Sprint and Cogent get into a shouting match, it would be a whole other ballpark if say AT&T, Qwest, Verizon or Time Warner de-peered. ------ Brian Raaen Network Engineer [EMAIL PROTECTED] On Friday 31 October 2008, Alex Rubenstein wrote: > > So why do SPs keep depeering Cogent? Serious question, why? I'm not > > aware of any Intercage-like issues with them. I've actually considered > > them as a potential upstream when we expand into a market they serve. > > Because some SP's still have a sour taste in their mouth about what Cogent did to the marketplace when they started. If you recall, they were the most disturbing force in the transit wars (not to be confused with the cola or fast-food wars), when they came out with $3,000 fast-Ethernets, and everyone else was enjoying $100+/meg. In my opinion, this was the free market at work, and look -- the market as continued to thrive with plenty of competition. > > Not being a customer of either of these guys, I could care less about this. While Sprint most certainly has their reasons, I think generally speaking people care less about this sort of thing these days. 1239 is certainly not the force that they used to be, and they should realize it and stop being stupid. > > Why do I say stupid? > > Because, if companies like Sprint continue to do things like what Sprint is doing, this will certainly lead to being noticed by legislators, and the next thing we know we will have federally regulated peering or backbone network operating. I can see it now, the Bureau of Peering will be part of the Federal Networking Committee. > > Does anyone want that? I certainly don't. Again, not because it would overly affect me, it's just more regulation which we don't need. > > I'll crawl back under my rock now. > >
Re: an over-the-top data center
Maybe it isn't dry ice Maybe it is from liquid oxygen, in which case it better be a smoke free workplace. ------ Brian Raaen Network Engineer [EMAIL PROTECTED] On Tuesday 02 December 2008, Jay Hennigan wrote: > The Anarcat wrote: > > On Tue, Dec 02, 2008 at 11:19:36AM -0500, Jeremy Jackson wrote: > >> Seems like dry-ice was used to make the "tropical fog" in the photos, > >> not water poured over hot rocks like a sauna/bath house. > > > > I've tried to avoid stating the obvious reading through all this funny > > thread, but I can't help it now. > > > > Am I the only one thinking that shady lights, tropical fog, creepy > > tunnels, blue/colored lights, and *waterfalls* are *bad* things in a > > datacenter? > > > > I mean, it make a good movie set, but seriously... I wouldn't want to be > > looking for that damn blue "locator" LED on that 10th switch with a blue > > neon light... > > Not to mention dry ice = carbon dioxide which isn't particularly healthy > for the humans in that enclosed space. > > -- > Jay Hennigan - CCIE #7880 - Network Engineering - [EMAIL PROTECTED] > Impulse Internet Service - http://www.impulse.net/ > Your local telephone and internet company - 805 884-6323 - WB6RDV > >
Re: QWEST IP NOC Help Needed
You can give their IP NOC a call at (877)886-6515. They are faily responsive for me. -- Brian Raaen Network Engineer bra...@zcorum.com On Tuesday 13 January 2009, James Laszko wrote: > We have just received notice that an old allocation from QWEST that was > provided to our company in the early 2000's has been redirected from our > current connectivity company. We had procured the homing of our IP > space to our existing provider, but they recently terminated their > relationship with QWEST. QWEST has since started announcing our address > space, blackholing us. We've got a tremendous amount of customers and > legacy equipment in that space and need someone from QWEST to please > contact us to try and resolve this issue. > > > > The netblock in question is 65.126.208.0/22 > > > > > > Can a QWEST IP NOC Supervisor or someone else who can help me please > contact me ASAP? > > > > > > Thank you, > > > > > > James Laszko > > Pipeline Communications > > ja...@pcipros.com > > 951-541-9688 x 1030 > > 760-807-5129 cell > >
Re: out-of-band access bandwidth
Many times I've used 9600 or 2400 baud over dail-up for OOB of routers. On the other hand some enterprises use a seperate 1Gbps Vlan for management. Again it depends on the type of traffic (i.e. snmp(traps), telnet, ssh, graphical, web, syslog, netflow etc..). For ssh/telnet without the need for filetransfer a dial-ip modem should work fine. ------ Brian Raaen Network Engineer bra...@zcorum.com On Tuesday 27 January 2009, wingying wrote: > > Hi all, > A quick question, what is the common bandwidth for out-of-band access? > Thanks. > > >
AT&T Routing Contact
I am needing to reach an AT&T routing person. I have a netblock that is being advertised by AT&T to a route that is not authorized by us. -- Brian Raaen Network Engineer [EMAIL PROTECTED] Tel 678-507-5000x5574
Re: AT&T BGP blackholing
I'll have to check I have a doc from AT&T at work from when I just set up a BGP session with them about 2 weeks ago. I don't remember if there was a blackhole community or not listed. The doc does list some community strings. I was surprised, they were pretty responsive, now I will find out how the qwest side goes, then I'll have full BGP. -- Brian Raaen Network Engineer [EMAIL PROTECTED] On Wednesday 28 May 2008, Philip L. wrote: > Does anyone have information or a contact at AT&T with regards to > setting up BGP blackholing with them? I see that the question has been > asked in the past but there was no definitive answer, at least none that > I could find. > > --Philip L. > > > >
Using 32 bit ASN numbers
I am doing some research for our company regarding 32 bit ASN numbers. I am trying to locate information about vendor and service provider support. In particular I have not been able to find what Cisco IOS image I would need to load on our router to support 32 bit ASN's. I also want to know what experience people have had with service provider support of 32 bit ASN's -- Brian Raaen Network Engineer [EMAIL PROTECTED]
Re: Silly PUCK/Outages question
As I'm unable to resolve the DNS name, I can't reach them either. Their secondary server in the whois is not giving correct info either [EMAIL PROTECTED]:~$ dig @204.42.254.5 PUCK.NETHER.NET ; <<>> DiG 9.5.0-P2 <<>> @204.42.254.5 PUCK.NETHER.NET ; (1 server found) ;; global options: printcmd ;; connection timed out; no servers could be reached [EMAIL PROTECTED]:~$ [EMAIL PROTECTED]:~$ [EMAIL PROTECTED]:~$ [EMAIL PROTECTED]:~$ [EMAIL PROTECTED]:~$ [EMAIL PROTECTED]:~$ [EMAIL PROTECTED]:~$ [EMAIL PROTECTED]:~$ dig @204.61.216.4 PUCK.NETHER.NET ; <<>> DiG 9.5.0-P2 <<>> @204.61.216.4 PUCK.NETHER.NET ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58498 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 14 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;PUCK.NETHER.NET. IN A ;; AUTHORITY SECTION: NET.172800 IN NS M.GTLD-SERVERS.NET. NET.172800 IN NS A.GTLD-SERVERS.NET. NET.172800 IN NS G.GTLD-SERVERS.NET. NET.172800 IN NS I.GTLD-SERVERS.NET. NET.172800 IN NS L.GTLD-SERVERS.NET. NET.172800 IN NS B.GTLD-SERVERS.NET. NET.172800 IN NS C.GTLD-SERVERS.NET. NET.172800 IN NS H.GTLD-SERVERS.NET. NET.172800 IN NS K.GTLD-SERVERS.NET. NET.172800 IN NS E.GTLD-SERVERS.NET. NET.172800 IN NS F.GTLD-SERVERS.NET. NET.172800 IN NS J.GTLD-SERVERS.NET. NET.172800 IN NS D.GTLD-SERVERS.NET. ;; ADDITIONAL SECTION: A.GTLD-SERVERS.NET. 172800 IN A 192.5.6.30 A.GTLD-SERVERS.NET. 172800 IN 2001:503:a83e::2:30 B.GTLD-SERVERS.NET. 172800 IN A 192.33.14.30 B.GTLD-SERVERS.NET. 172800 IN 2001:503:231d::2:30 C.GTLD-SERVERS.NET. 172800 IN A 192.26.92.30 D.GTLD-SERVERS.NET. 172800 IN A 192.31.80.30 E.GTLD-SERVERS.NET. 172800 IN A 192.12.94.30 F.GTLD-SERVERS.NET. 172800 IN A 192.35.51.30 G.GTLD-SERVERS.NET. 172800 IN A 192.42.93.30 H.GTLD-SERVERS.NET. 172800 IN A 192.54.112.30 I.GTLD-SERVERS.NET. 172800 IN A 192.43.172.30 J.GTLD-SERVERS.NET. 172800 IN A 192.48.79.30 K.GTLD-SERVERS.NET. 172800 IN A 192.52.178.30 L.GTLD-SERVERS.NET. 172800 IN A 192.41.162.30 ;; Query time: 65 msec ;; SERVER: 204.61.216.4#53(204.61.216.4) ;; WHEN: Wed Sep 24 14:58:24 2008 ;; MSG SIZE rcvd: 502 -- Brian Raaen Network Engineer [EMAIL PROTECTED] Tel 678-507-5000x5574 On Wednesday 24 September 2008, Tuc at T-B-O-H.NET wrote: > Hi, > > I hate to use NANOG for outages... But can anyone else get to > puck.nether.net or the outages.org list? A traceroute gets me into > Chicago with NTT and then dies...(Along with high ping times between > NY and IL for NTT) > > I'm looking to see if anyone has more info about an S&D power > event at 111 8th this morning. (And I contacted S&D and am getting > nothing from them). > > Thanks, Tuc/TBOH > >
Re: DDoS mitigation recommendations
On Tuesday 26 January 2010, Ryan Brooks wrote: > On 1/26/10 11:56 AM, Gerald Wluka wrote: > > > > > > I am new to this mailing list > We can tell. > > - this should be a response to an already > > started thread that I cannot see: > > > > > > > > > > > > > > Ha, that's great. When will vendors learn that blatant and subtle ads tick this group of people off and make us want to NOT buy their products. I don't mind vendors hanging out on this list as some of them are useful posters, but cut out all the marketing junk and present "just the facts". It is interesting to see Cisco dropping this product though since all their CCDA materials seem to push a loaded 6500 with these options. -- -- Brian Raaen Network Engineer bra...@zcorum.com
Re: Mitigating human error in the SP
Reminds me of the saying, nothing is foolproof given a sufficiently talented fool. I do agree that checklist, peer reviews, parallel turnups, and lab testing when used and not jury rigged have helped me prepare for issue. Usually when I skipped those things are the time I kick myself for not doing it. Another thing that helps is giving yourself enough time, doing what you can ahead of time, and being ready on time. Just my two bits. -- -- Brian Raaen Network Engineer bra...@zcorum.com On Tuesday 02 February 2010, Suresh Ramasubramanian wrote: > Never said it was, and never said foolproof either. Minimizing the > chance of error is what I'm after - and ssh'ing in + hand typing > configs isn't the way to go. > > Use a known good template to provision stuff - and automatically > deploy it, and the chances of human error go down quite a lot. Getting > it down to zero defect from there is another kettle of fish altogether > - a much more expensive with dev / test, staging and production > environments, documented change processes, maintenance windows etc. > > On Wed, Feb 3, 2010 at 7:00 AM, Michael Dillon > wrote: > > > > It is easy to create a tangled mess of OSS applications that are glued together > > by lots of manual human effort creating numerous opportunities for human error. > > So while I wholeheartedly support automation of network configuration, that is > > not a magic bullet. You also need to pay attention to the whole process, the > > whole chain of information flow. > > > > -- > Suresh Ramasubramanian (ops.li...@gmail.com) > >
Re: Shutting Down a Network and Selling off Assets
Remember, never blame malice for what can be explained by stupidity. I don't know the guy's intentions, but I'm pretty sure this is against the list policy. I would agree that the more appropriate avenue for him is probably ebay. -- ------ Brian Raaen Network Engineer bra...@zcorum.com Tel 678-507-5000x5574 On Monday 22 March 2010, Randy Bush wrote: > and this is not spam? > >
Hotmail/MSN/Live.com Abuse contact
As I have not been contacted after filling out the web form and any mail I try and send to ab...@hotmail.com or postmas...@live.com is being blocked can someone in the Abuse department contact me at ab...@rhemasound.org Thanks. Sorry about making noise on the list but all other attempts have failed. -- -- Brian Raaen Network Engineer
Re: Finding content in your job title
Did that mean that your job was to ensure that the guillotine was sharpened and engineered securely? -- -- Brian Raaen Network Engineer bra...@zcorum.com On Wednesday 31 March 2010, Jens Link wrote: > Steve Bertrand writes: > > > For instance, I like to present myself as a 'network engineer'. I have > > never taken formal education, don't hold any certifications (well, since > > 2001), and can't necessarily prove my worth. > > Hey, network engineer is good. Some time back someone gave me the title > "senior executioner security engineer". They even send a document to a > customer with this title. > > Jens > -- > - > | Foelderichstr. 40 | 13595 Berlin, Germany| +49-151-18721264 | > | http://blog.quux.de | jabber: jensl...@guug.de | --- | > - > >
