Re: Nashville

[Javier J]

I can confirm people in Alabama have outages as well. Reports from boots on
the ground in the Nashville area.

Comcast / Xfinity seem to be ok. Verizon seems to be ok also. Not sure the
logistics.

On Fri, Dec 25, 2020 at 3:38 PM Matt Hoppes <
mattli...@rivervalleyinternet.net> wrote:

> Can confirm internet service in Kentucky is being affected.
>
> On Dec 25, 2020, at 3:33 PM, Josh Baird  wrote:
>
> 
> I think the outage is a bit more widespread than "Nashville and
> surrounding areas."  Most (all?) of Kentucky is without AT&T cellular
> service right now.
>
> I can't say for sure of how many of AT&T's residential internet customers
> are affected, but reports on Twitter indicate it's a pretty significant
> chunk.  I have AT&T ASE/metro services here in Kentucky that do not appear
> to be affected at this time.
>
> On Fri, Dec 25, 2020 at 2:33 PM Sean Donelan  wrote:
>
>>
>> AT&T statement regarding the intentional explosion in Nashville TN
>>
>> "Service for some customers in Nashville and the surrounding areas may be
>> affected by damage to our facilities from the explosion this morning. We
>> are in contact with law enforcement and working as quickly and safely as
>> possible to restore service."
>>
>>
>> From local news reporting:
>>
>> A widespread internet outage was reported in Nashville hours after a
>> massive explosion downtown. AT&T internet and phone service was disrupted
>> in the area about 12 p.m. Friday.
>>
>> A handful of local police departments reported the outage was disrupting
>> 911 access, including some non-emergency lines, in their jurisdictions.
>>
>>
>>

Re: Nashville

[Javier J]

Is there a video of this? I would also love to see pictures of what the
damage was inside the building and repairs. Not sure if that was documented
anywhere. I would assume they are still doing repairs and upgrades to the
facility.

On Tue, Dec 29, 2020 at 8:18 PM Robert DeVita 
wrote:

> AT&T Disaster Recovery Team is probably the best in the business. The
> resources they can bring to the table are unmatched. This would have been
> 100x worse if it hit a carrier neutral datacenter. They don’t have nearly
> the same resources to restore something like this. They usually do a road
> show (pre Covid). If you get a chance it’s definitely something you should
> go check out. Very impressive.
>
> Robert DeVita
> Founder & CEO
> Mejeticks
> c. 469-441-8864
> e. radev...@mejeticks.com
> --
> *From:* NANOG  on behalf
> of Eric Kuhnke 
> *Sent:* Tuesday, December 29, 2020 5:06:00 PM
> *To:* Sean Donelan 
> *Cc:* NANOG 
> *Subject:* Re: Nashville
>
> From a few days ago. Obviously centralizing lots of ss7/pstn stuff all in
> one place has a long recovery time when it's physically damaged. Something
> to think about for entities that own and operate traditional telco COs and
> their plans for disaster recovery.
>
>
> Nv1
>
> Here is the latest update:  6:46AM 12/27:
>
> Work continues restoring service to the CRS routers in the Nashville
> Central Office. One router remains out of service and the other is in
> service with some links remaining out of service.
>
> The working bridge will reconvene at 08:00 CT with the following action
> plan:
> Additional cabling added to the first portable generator to enable full
> load capabilities (08:00 CT)
> Pigtails with camlocks installed for easy swap; investigate possibility to
> land generator on the emergency service board to give the site N+1 with a
> manual ability to choose anyone. (08:00 CT)
> check small power plants on floors 4 and 6 (08:00 CT)
> Investigate water damage on 1st floor and energize if safe (08:00 CT
> Air handlers for floors 4,5 and 6 (09:00 CT)
> complete all transport work
> Turn up SS7
> Turn up 911 service - Approximately noon or after)
> Turn up switching service.
> TDM Switching team will reconvene at 09:00 CT and the Signaling team will
> reconvene at 11:00 CT on 12/27/2020.
> DMS equipment on the 1st floor will be assessed for water damage.
> Switching teams will monitor power and HVAC restoration and will begin
> switch restoration as soon as the go ahead is provided by the power team.
>
> Recovery Priorities:
> 1. 4th & 5th floors (Specify transport equipment needed to clear MTSO SS7
> isolation & Datakit needed for Local Switch restoration). Transport SMEs
> currently working to turn up transport equipment
> 2. 6th floor (ESINET Groomers)
> 3. 10th and 8th floors (N4E) – Trunks
> 4. 1st floor (DMS: DS1, 5E: DS3) - Local POTS
> 5. 1st floor (DMS: DS0, DS2 | 5E: DS6) – Trunks
> 6. 11th floor (DMS: 01T) – Trunks
> 7. 4th floor (STP and SCP with mates up in Donelson)
>
> The next update will be issued at approximately 09:00 CT on December 27.
>
>
>
> Nv2
>
> As of 09:00 CT: Teams worked through the night to restore service and
> improve conditions at the Nashville 2nd Ave Central Office. Since the
> initial service impact, over 75% of the Out of Service Mobility Sites have
> been restored. Certain call flows may be limited and should improve as
> additional restoration activities complete.
> The generator that is currently powering equipment on the 2nd and 3rd
> floor, was refueled and ran with no issues through the night. Overnight,
> the batteries connected to it, continued to charge. Teams have placed
> additional power cables, which once connected, will allow the working
> generator, to better handle the load in the building. In order to
> accomplish this, the generator will need to be shut down for 15-30 minutes
> this morning, so teams can connect the new cables to the system. The power
> team reports they are still on target to restore power and cooling to the
> 5th and 6th floor by approximately 12:00 CT. Also, a portable chiller will
> be delivered this morning and strategically placed, in case it is needed to
> assist in cooling the office.
> There is a Call Center at 333 Commerce, in Nashville that does not have
> network or phone services available. Corporate Real Estate (CRE) reports
> there is some damage to that office, but the extent of the damage will not
> be known until they can gain access to the site. Because of this, the
> impacted Call Center ceased operations until further notice.
> DMS switching equipment on the 1st floor will be assessed for water
> damage. Switching teams will monitor power and HVAC restoration. Equipment
> power ups will begin, as soon as the go ahead is provided by the power
> team.
> Two SatCOLTs remain positioned on the East and West sides of the NSVLTNMT
> Central Office providing critical communication for teams working
> restoration efforts. There are 17 assets deplo

Re: Nashville

[Javier J]

I wouldn't say bad design, I would say outdated design. How do you take a
single fiber optic cable or a copper cable bundle going to a
business/building or a house and terminate it at 2 different Central
Offices? It inherently has a single points of failure. (why I added extra
straps to my fiber outside at home because stupid wind blows the damn cable
around that goes to the pole, I'm in NJ everything on poles here)

I don't think a bomb going off was part of the redundancy design process
when telephone central offices were first starting to be built.
I heard the rumour is (perhaps fact) the generators were keeping everything
up till about 12-1 PM eastern when they shut the gas supply off to the
neighborhood earlier safety. Once the batteries drained, that was it.

Family I have in Nashville were on the phone when it cut out and then
everything went dark.

I do think they could have done a better job with the wireless infra.

No reason you can't have some cell sites that can feed to a different
central office.

The fact is, distributed systems could work better, many smaller switching
and distribution buildings scattered about a metro area with redundant
links. A mesh. That was the single point of failure is just the link from
your house to the next hop. Obviously not feasible with copper pairs.

- Javier



On Thu, Jan 14, 2021 at 10:05 AM Hiers, David  wrote:

> No doubt they’re good, but the best support can’t overcome bad design.
>
>
>
>
>
>
>
> *From:* NANOG  *On Behalf Of
> *Robert DeVita
> *Sent:* Tuesday, December 29, 2020 5:17 PM
> *To:* Eric Kuhnke ; Sean Donelan 
> *Cc:* NANOG 
> *Subject:* Re: Nashville
>
>
>
> AT&T Disaster Recovery Team is probably the best in the business. The
> resources they can bring to the table are unmatched. This would have been
> 100x worse if it hit a carrier neutral datacenter. They don’t have nearly
> the same resources to restore something like this. They usually do a road
> show (pre Covid). If you get a chance it’s definitely something you should
> go check out. Very impressive.
>
>
>
> Robert DeVita
>
> Founder & CEO
>
> Mejeticks
>
> c. 469-441-8864
>
> e. radev...@mejeticks.com
> --
>
> *From:* NANOG  on behalf
> of Eric Kuhnke 
> *Sent:* Tuesday, December 29, 2020 5:06:00 PM
> *To:* Sean Donelan 
> *Cc:* NANOG 
> *Subject:* Re: Nashville
>
>
>
> From a few days ago. Obviously centralizing lots of ss7/pstn stuff all in
> one place has a long recovery time when it's physically damaged. Something
> to think about for entities that own and operate traditional telco COs and
> their plans for disaster recovery.
>
>
>
>
>
> Nv1
>
>
>
> Here is the latest update:  6:46AM 12/27:
>
>
>
> Work continues restoring service to the CRS routers in the Nashville
> Central Office. One router remains out of service and the other is in
> service with some links remaining out of service.
>
>
>
> The working bridge will reconvene at 08:00 CT with the following action
> plan:
>
> Additional cabling added to the first portable generator to enable full
> load capabilities (08:00 CT)
>
> Pigtails with camlocks installed for easy swap; investigate possibility to
> land generator on the emergency service board to give the site N+1 with a
> manual ability to choose anyone. (08:00 CT)
>
> check small power plants on floors 4 and 6 (08:00 CT)
>
> Investigate water damage on 1st floor and energize if safe (08:00 CT
>
> Air handlers for floors 4,5 and 6 (09:00 CT)
>
> complete all transport work
>
> Turn up SS7
>
> Turn up 911 service - Approximately noon or after)
>
> Turn up switching service.
>
> TDM Switching team will reconvene at 09:00 CT and the Signaling team will
> reconvene at 11:00 CT on 12/27/2020.
>
> DMS equipment on the 1st floor will be assessed for water damage.
> Switching teams will monitor power and HVAC restoration and will begin
> switch restoration as soon as the go ahead is provided by the power team.
>
>
>
> Recovery Priorities:
>
> 1. 4th & 5th floors (Specify transport equipment needed to clear MTSO SS7
> isolation & Datakit needed for Local Switch restoration). Transport SMEs
> currently working to turn up transport equipment
>
> 2. 6th floor (ESINET Groomers)
>
> 3. 10th and 8th floors (N4E) – Trunks
>
> 4. 1st floor (DMS: DS1, 5E: DS3) - Local POTS
>
> 5. 1st floor (DMS: DS0, DS2 | 5E: DS6) – Trunks
>
> 6. 11th floor (DMS: 01T) – Trunks
>
> 7. 4th floor (STP and SCP with mates up in Donelson)
>
>
>
> The next update will be issued at approximately 09:00 CT on December 27.
>
>
>
>
>
>
>
> Nv2
>
>
>
> As of 09:00 CT: Teams worked through the night to restore service and
> improve conditions at the Nashville 2nd Ave Central Office. Since the
> initial service impact, over 75% of the Out of Service Mobility Sites have
> been restored. Certain call flows may be limited and should improve as
> additional restoration activities complete.
>
> The generator that is currently powering equipment on the 2nd and 3rd
> floor, was refueled and ran 

Fwd: Re: Nashville

[Javier J]

WTF is this? Responding to a thread on NANOG is now emailing politicians?

-- Forwarded message -
From: 
Date: Sun, Jan 17, 2021 at 1:31 PM
Subject: Re: Re: Nashville
To: Javier J 


Hi there,

Thanks very much for your message, and for reaching out to the campaign
office of Representative Ocasio-Cortez!

   - *For press inquiries*, please reach out to our Press Secretary, Ivet
   Contreras, at i...@ocasiocortez.com. We also recommend following
   Alexandria on Twitter <https://twitter.com/AOC> for direct quotes and
   real-time updates. Sign up for our press advisory list here
   <http://eepurl.com/hblQ5r>.


   - *If you are a resident of New York's 14th Congressional District and
   are reaching out for assistance, *please contact Alexandria's
   congressional team directly by visiting
   https://ocasio-cortez.house.gov/contact.


   - *If you are reaching out to request a meeting or invite Alexandria to
   an event*, please visit
   https://ocasio-cortez.house.gov/scheduling-request and submit a
   Scheduling Request for review by Alexandria's congressional schedulers.


   - *If your inquiry is not press-related*, please email
   u...@ocasiocortez.com.


Thank you again for reaching out, and we hope to be able to connect with
you soon!

Re: Nashville

[Javier J]

I heard she knows how to mix drinks, but that's as far as in depth I go
into politics.

On Sun, Jan 17, 2021 at 4:11 PM J. Hellenthal 
wrote:

> That’s funny... sure you don’t want to watch her do some home decorating
> or house projects like fixing the sink ? ;-)
>
> --
>  J. Hellenthal
>
> The fact that there's a highway to Hell but only a stairway to Heaven says
> a lot about anticipated traffic volume.
>
> On Jan 17, 2021, at 14:06, Javier J  wrote:
>
> 
> WTF is this? Responding to a thread on NANOG is now emailing politicians?
>
> -- Forwarded message -
> From: 
> Date: Sun, Jan 17, 2021 at 1:31 PM
> Subject: Re: Re: Nashville
> To: Javier J 
>
>
> Hi there,
>
> Thanks very much for your message, and for reaching out to the campaign
> office of Representative Ocasio-Cortez!
>
>- *For press inquiries*, please reach out to our Press Secretary, Ivet
>Contreras, at i...@ocasiocortez.com. We also recommend following
>Alexandria on Twitter <https://twitter.com/AOC> for direct quotes and
>real-time updates. Sign up for our press advisory list here
><http://eepurl.com/hblQ5r>.
>
>
>- *If you are a resident of New York's 14th Congressional District and
>are reaching out for assistance, *please contact Alexandria's
>congressional team directly by visiting
>https://ocasio-cortez.house.gov/contact.
>
>
>- *If you are reaching out to request a meeting or invite Alexandria
>to an event*, please visit
>https://ocasio-cortez.house.gov/scheduling-request and submit a
>Scheduling Request for review by Alexandria's congressional schedulers.
>
>
>- *If your inquiry is not press-related*, please email
>u...@ocasiocortez.com.
>
>
> Thank you again for reaching out, and we hope to be able to connect with
> you soon!
>
>

Re: Alexandria Ocasio-Cortez' Office is on NANOG?? Or, what is the policy about sharing email offlist?

[Javier J]

I agree 100%.

I know the emails on this list are public and that is fine.  What I don't
appreciate is that now my email address is in some politico's address list
because of someone's behavior.

- Javier

On Mon, Jan 18, 2021 at 3:20 PM Jon Lewis  wrote:

> There's a world of difference between "don't expect list posts to be
> private to list members" and "don't forward the list to autoresponders."
> The stupidity of the latter, if it can be tracked down to who did it,
> should result in their removal from the list, at least until they explain
> what caused them to do that and have undone it.
>
> On Mon, 18 Jan 2021, Paul Timmins wrote:
>
> > The list has public archives. Draw your own conclusions on the policy.
> >
> > https://mailman.nanog.org/pipermail/nanog/
> >
> > On 1/18/21 2:40 PM, Anne P. Mitchell, Esq. wrote:
> >>  Not under that impression at all. That's very different from "what is
> the
> >>  policy" - at least in the groups I run, if the policy is "no sharing
> >>  offlist" and then someone does, there are consequences for that
> someone.
> >>  Anne
> >>
> >>  --
> >>  Anne P. Mitchell,  Attorney at Law
> >>  Dean of Cyberlaw & Cybersecurity, Lincoln Law School
> >>  Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal anti-spam
> law)
> >>  Board of Directors, Denver Internet Exchange
> >>  Chair Emeritus, Asilomar Microcomputer Workshop
> >>  Former Counsel: Mail Abuse Prevention System (MAPS)
> >>
> >
>
> --
>   Jon Lewis, MCP :)   |  I route
>   StackPath, Sr. Neteng   |  therefore you are
> _ http://www.lewis.org/~jlewis/pgp for PGP public key_
>

Re: Alexandria Ocasio-Cortez' Office is on NANOG?? Or, what is the policy about sharing email offlist?

[Javier J]

I couldn't agree more.
If I want to talk politics, I will go to other places. I use this mailing
list to talk about things relevant to technology and operation of networks
in North American and other places.

- Javier


On Mon, Jan 18, 2021 at 4:19 PM Mel Beckman  wrote:

> javier,
>
> I concur. What we don’t need on Nanog is outside parties deciding to
> “reign in” our discussions on political grounds!
>
>  -mel beckman
>
> On Jan 18, 2021, at 12:38 PM, Javier J  wrote:
>
> 
> I agree 100%.
>
> I know the emails on this list are public and that is fine.  What I don't
> appreciate is that now my email address is in some politico's address list
> because of someone's behavior.
>
> - Javier
>
> On Mon, Jan 18, 2021 at 3:20 PM Jon Lewis  wrote:
>
>> There's a world of difference between "don't expect list posts to be
>> private to list members" and "don't forward the list to autoresponders."
>> The stupidity of the latter, if it can be tracked down to who did it,
>> should result in their removal from the list, at least until they explain
>> what caused them to do that and have undone it.
>>
>> On Mon, 18 Jan 2021, Paul Timmins wrote:
>>
>> > The list has public archives. Draw your own conclusions on the policy.
>> >
>> > https://mailman.nanog.org/pipermail/nanog/
>> >
>> > On 1/18/21 2:40 PM, Anne P. Mitchell, Esq. wrote:
>> >>  Not under that impression at all. That's very different from "what is
>> the
>> >>  policy" - at least in the groups I run, if the policy is "no sharing
>> >>  offlist" and then someone does, there are consequences for that
>> someone.
>> >>  Anne
>> >>
>> >>  --
>> >>  Anne P. Mitchell,  Attorney at Law
>> >>  Dean of Cyberlaw & Cybersecurity, Lincoln Law School
>> >>  Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal anti-spam
>> law)
>> >>  Board of Directors, Denver Internet Exchange
>> >>  Chair Emeritus, Asilomar Microcomputer Workshop
>> >>  Former Counsel: Mail Abuse Prevention System (MAPS)
>> >>
>> >
>>
>> --
>>   Jon Lewis, MCP :)   |  I route
>>   StackPath, Sr. Neteng   |  therefore you are
>> _ http://www.lewis.org/~jlewis/pgp for PGP public key_
>>
>

Re: Alexandria Ocasio-Cortez' Office is on NANOG?? Or, what is the policy about sharing email offlist?

[Javier J]

Why are you emailing me?

On Mon, Jan 18, 2021 at 3:54 PM Jeff P  wrote:

> SEE!?!
>
> With no evidence yet publicly acknowledged as to who added the AOC email
> to the list now they are just accusing some random "A woman!"
>
> Words (The Pen) are mightier than any brute force (The Sword).
>
> And you did it without thought, just piled on. It came as natural to you
> as putting on your shoes in the morning.
>
> JeffP
> je...@jeffp.us
>
>
>
> *Please consider the environment before printing this e-mail.*
>
> NOTICE:
> This email and any files transmitted with it are confidential and intended
> solely for the use of the individual or entity to whom they are addressed.
> Use or dissemination by persons other than the intended recipient(s) is
> strictly prohibited. If you have received this message in error, please
> notify the sender immediately by reply e-mail to correct our records.
> Please then delete the original message (including any attachments) in its
> entirety, including any backup processes that your system may perform.
> Please note that any views or opinions presented in this email are solely
> those of the author. Email transmission cannot be guaranteed to be secure
> or error-free as information could be intercepted, corrupted, lost,
> destroyed, arrive late or incomplete, or contain viruses. The sender,
> therefore, does not accept liability for any errors or omissions in the
> contents of this message, which arise as a result of e-mail transmission.
>
>
>
>
> -- Forwarded message -
> From: Lorell Hathcock 
> Date: Mon, Jan 18, 2021 at 12:43 PM
> Subject: Re: Alexandria Ocasio-Cortez' Office is on NANOG?? Or, what is
> the policy about sharing email offlist?
> To: Javier J 
> Cc: nanog 
>
>
> A-woman!
>
> Sincerely,
>
> Lorell Hathcock
>
> On Jan 18, 2021, at 1:36 PM, Javier J  wrote:
>
> 
> I agree 100%.
>
> I know the emails on this list are public and that is fine.  What I don't
> appreciate is that now my email address is in some politico's address list
> because of someone's behavior.
>
> - Javier
>
> On Mon, Jan 18, 2021 at 3:20 PM Jon Lewis  wrote:
>
>> There's a world of difference between "don't expect list posts to be
>> private to list members" and "don't forward the list to autoresponders."
>> The stupidity of the latter, if it can be tracked down to who did it,
>> should result in their removal from the list, at least until they explain
>> what caused them to do that and have undone it.
>>
>> On Mon, 18 Jan 2021, Paul Timmins wrote:
>>
>> > The list has public archives. Draw your own conclusions on the policy.
>> >
>> > https://mailman.nanog.org/pipermail/nanog/
>> >
>> > On 1/18/21 2:40 PM, Anne P. Mitchell, Esq. wrote:
>> >>  Not under that impression at all. That's very different from "what is
>> the
>> >>  policy" - at least in the groups I run, if the policy is "no sharing
>> >>  offlist" and then someone does, there are consequences for that
>> someone.
>> >>  Anne
>> >>
>> >>  --
>> >>  Anne P. Mitchell,  Attorney at Law
>> >>  Dean of Cyberlaw & Cybersecurity, Lincoln Law School
>> >>  Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal anti-spam
>> law)
>> >>  Board of Directors, Denver Internet Exchange
>> >>  Chair Emeritus, Asilomar Microcomputer Workshop
>> >>  Former Counsel: Mail Abuse Prevention System (MAPS)
>> >>
>> >
>>
>> --
>>   Jon Lewis, MCP :)   |  I route
>>   StackPath, Sr. Neteng   |  therefore you are
>> _ http://www.lewis.org/~jlewis/pgp for PGP public key_
>>
>

Re: Alexandria Ocasio-Cortez' Office is on NANOG?? Or, what is the policy about sharing email offlist?

[Javier J]

you too, why are you emailing me?

I didn't ask anyone to contact me off list.

On Mon, Jan 18, 2021 at 8:53 PM Sam Silvester 
wrote:

> Archives are browsable by anybody. How do you expect to keep political
> types out of the discussion?
>
> On Tue, 19 Jan 2021 at 11:36 am, Javier J 
> wrote:
>
>> I couldn't agree more.
>> If I want to talk politics, I will go to other places. I use this mailing
>> list to talk about things relevant to technology and operation of networks
>> in North American and other places.
>>
>> - Javier
>>
>>
>> On Mon, Jan 18, 2021 at 4:19 PM Mel Beckman  wrote:
>>
>>> javier,
>>>
>>> I concur. What we don’t need on Nanog is outside parties deciding to
>>> “reign in” our discussions on political grounds!
>>>
>>>  -mel beckman
>>>
>>> On Jan 18, 2021, at 12:38 PM, Javier J 
>>> wrote:
>>>
>>> 
>>> I agree 100%.
>>>
>>> I know the emails on this list are public and that is fine.  What I
>>> don't appreciate is that now my email address is in some politico's address
>>> list because of someone's behavior.
>>>
>>> - Javier
>>>
>>> On Mon, Jan 18, 2021 at 3:20 PM Jon Lewis  wrote:
>>>
>>>> There's a world of difference between "don't expect list posts to be
>>>> private to list members" and "don't forward the list to autoresponders."
>>>> The stupidity of the latter, if it can be tracked down to who did it,
>>>> should result in their removal from the list, at least until they
>>>> explain
>>>> what caused them to do that and have undone it.
>>>>
>>>> On Mon, 18 Jan 2021, Paul Timmins wrote:
>>>>
>>>> > The list has public archives. Draw your own conclusions on the policy.
>>>> >
>>>> > https://mailman.nanog.org/pipermail/nanog/
>>>> >
>>>> > On 1/18/21 2:40 PM, Anne P. Mitchell, Esq. wrote:
>>>> >>  Not under that impression at all. That's very different from "what
>>>> is the
>>>> >>  policy" - at least in the groups I run, if the policy is "no sharing
>>>> >>  offlist" and then someone does, there are consequences for that
>>>> someone.
>>>> >>  Anne
>>>> >>
>>>> >>  --
>>>> >>  Anne P. Mitchell,  Attorney at Law
>>>> >>  Dean of Cyberlaw & Cybersecurity, Lincoln Law School
>>>> >>  Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal
>>>> anti-spam law)
>>>> >>  Board of Directors, Denver Internet Exchange
>>>> >>  Chair Emeritus, Asilomar Microcomputer Workshop
>>>> >>  Former Counsel: Mail Abuse Prevention System (MAPS)
>>>> >>
>>>> >
>>>>
>>>> --
>>>>   Jon Lewis, MCP :)   |  I route
>>>>   StackPath, Sr. Neteng   |  therefore you are
>>>> _ http://www.lewis.org/~jlewis/pgp for PGP public key_
>>>>
>>>

Re: Alexandria Ocasio-Cortez' Office is on NANOG?? Or, what is the policy about sharing email offlist?

[Javier J]

Sounds like someone has more time to talk/type about political dogma with
random strangers than the purpose of this mailing list.

- J

On Tue, Jan 19, 2021 at 6:58 AM J. Hellenthal 
wrote:

> Yeah he did the same dolt act to me to. Just a really bored dolt looking
> for nonsense with a crush on AOC.
>
> --
>  J. Hellenthal
>
> The fact that there's a highway to Hell but only a stairway to Heaven says
> a lot about anticipated traffic volume.
>
> On Jan 19, 2021, at 00:40, Javier J  wrote:
>
> 
> you too, why are you emailing me?
>
> I didn't ask anyone to contact me off list.
>
> On Mon, Jan 18, 2021 at 8:53 PM Sam Silvester 
> wrote:
>
>> Archives are browsable by anybody. How do you expect to keep political
>> types out of the discussion?
>>
>> On Tue, 19 Jan 2021 at 11:36 am, Javier J 
>> wrote:
>>
>>> I couldn't agree more.
>>> If I want to talk politics, I will go to other places. I use this
>>> mailing list to talk about things relevant to technology and operation of
>>> networks in North American and other places.
>>>
>>> - Javier
>>>
>>>
>>> On Mon, Jan 18, 2021 at 4:19 PM Mel Beckman  wrote:
>>>
>>>> javier,
>>>>
>>>> I concur. What we don’t need on Nanog is outside parties deciding to
>>>> “reign in” our discussions on political grounds!
>>>>
>>>>  -mel beckman
>>>>
>>>> On Jan 18, 2021, at 12:38 PM, Javier J 
>>>> wrote:
>>>>
>>>> 
>>>> I agree 100%.
>>>>
>>>> I know the emails on this list are public and that is fine.  What I
>>>> don't appreciate is that now my email address is in some politico's address
>>>> list because of someone's behavior.
>>>>
>>>> - Javier
>>>>
>>>> On Mon, Jan 18, 2021 at 3:20 PM Jon Lewis  wrote:
>>>>
>>>>> There's a world of difference between "don't expect list posts to be
>>>>> private to list members" and "don't forward the list to
>>>>> autoresponders."
>>>>> The stupidity of the latter, if it can be tracked down to who did it,
>>>>> should result in their removal from the list, at least until they
>>>>> explain
>>>>> what caused them to do that and have undone it.
>>>>>
>>>>> On Mon, 18 Jan 2021, Paul Timmins wrote:
>>>>>
>>>>> > The list has public archives. Draw your own conclusions on the
>>>>> policy.
>>>>> >
>>>>> > https://mailman.nanog.org/pipermail/nanog/
>>>>> >
>>>>> > On 1/18/21 2:40 PM, Anne P. Mitchell, Esq. wrote:
>>>>> >>  Not under that impression at all. That's very different from "what
>>>>> is the
>>>>> >>  policy" - at least in the groups I run, if the policy is "no
>>>>> sharing
>>>>> >>  offlist" and then someone does, there are consequences for that
>>>>> someone.
>>>>> >>  Anne
>>>>> >>
>>>>> >>  --
>>>>> >>  Anne P. Mitchell,  Attorney at Law
>>>>> >>  Dean of Cyberlaw & Cybersecurity, Lincoln Law School
>>>>> >>  Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal
>>>>> anti-spam law)
>>>>> >>  Board of Directors, Denver Internet Exchange
>>>>> >>  Chair Emeritus, Asilomar Microcomputer Workshop
>>>>> >>  Former Counsel: Mail Abuse Prevention System (MAPS)
>>>>> >>
>>>>> >
>>>>>
>>>>> --
>>>>>   Jon Lewis, MCP :)   |  I route
>>>>>   StackPath, Sr. Neteng   |  therefore you are
>>>>> _ http://www.lewis.org/~jlewis/pgp for PGP public key_
>>>>>
>>>>

Re: 10 years from now... (was: internet futures)

[Javier J]

I've had an IPV6 tunnel from Hurricane Electric for 10+ years I think.
IPv4 will probably live as it does now in my network, mostly for management
/ interserver coms for legacy hardware/software that doesn't support ipv6.


On Fri, Mar 26, 2021 at 5:31 PM  wrote:

> Oh, sorry to disappoint you, but they are not missing anything..
> Internet become a consumer product where data is provided by
> large corporations similary to TV now. Your avarage Joe consumer
> does NOT care about NAT and that he cant run services or he does NOT
> have full e2e communication.
>
> Yes, you are right, NAT was a second class internet for a while but
> now it seems that we cannot live without it anymore :)
> I dont really see other way how I can connect LAN to internet now.
> Using public IPs? Thats so terrible idea. How can I be el-cheappo
> dual-homed then?
>
>
> -- Original message --
>
> From: Mark Andrews 
> To: Andy Ringsmuth 
> Cc: Grant Taylor via NANOG 
> Subject: Re: 10 years from now... (was: internet futures)
> Date: Sat, 27 Mar 2021 08:00:38 +1100
>
> There are more smart phones in use in the world today the world than can
> be
> addressed by IPv4. Complaining about lack of IPv6 deployment has been
> legitimate for a long time. Telcos shouldn˙˙t have to deploy NATs. Homes
> shouldn˙˙t have to deploy NATs. Businesses shouldn˙˙t have to deploy NATs.
>
> NATs produce a second class Internet.  We have had to lived with a second
> class Internet for so long that most don˙˙t know what they are missing. --
> Mark Andrews
>

Re: 10 years from now... (was: internet futures)

[Javier J]

Since FiOS still doesn't do ipv6 (I don't bother checking anymore) I've
used tunnelbroker since I was stuck on Comcast.
I'm not running BGP since that's overkill for my home lab needs. just a
tunnel with the /64 they give you and an addition /48.

If I have to renumber, there are maybe just 4-5 places where an ipv6 is
manually set. I'll just setup a new tunnel and change the router
advertisement settings.

- J

On Tue, Mar 30, 2021 at 4:53 AM  wrote:

> So, I assume you have PI IPv6 space and doing BGP with HE?
> In other case, if anything will happen to HE (they close they
> tunnelbroker service) you will have to renumber.
>
>
> ------ Original message --
>
> From: Javier J 
> To: b...@uu3.net
> Cc: nanog 
> Subject: Re: 10 years from now... (was: internet futures)
> Date: Mon, 29 Mar 2021 13:57:20 -0400
>
> I've had an IPV6 tunnel from Hurricane Electric for 10+ years I think.
> IPv4 will probably live as it does now in my network, mostly for management
> / interserver coms for legacy hardware/software that doesn't support ipv6.
>
>
> On Fri, Mar 26, 2021 at 5:31 PM  wrote:
>
> > Oh, sorry to disappoint you, but they are not missing anything..
> > Internet become a consumer product where data is provided by
> > large corporations similary to TV now. Your avarage Joe consumer
> > does NOT care about NAT and that he cant run services or he does NOT
> > have full e2e communication.
> >
> > Yes, you are right, NAT was a second class internet for a while but
> > now it seems that we cannot live without it anymore :)
> > I dont really see other way how I can connect LAN to internet now.
> > Using public IPs? Thats so terrible idea. How can I be el-cheappo
> > dual-homed then?
> >
> >
> > -- Original message --
> >
> > From: Mark Andrews 
> > To: Andy Ringsmuth 
> > Cc: Grant Taylor via NANOG 
> > Subject: Re: 10 years from now... (was: internet futures)
> > Date: Sat, 27 Mar 2021 08:00:38 +1100
> >
> > There are more smart phones in use in the world today the world than can
> > be
> > addressed by IPv4. Complaining about lack of IPv6 deployment has been
> > legitimate for a long time. Telcos shouldn˙˙t have to deploy NATs. Homes
> > shouldn˙˙t have to deploy NATs. Businesses shouldn˙˙t have to deploy
> NATs.
> >
> > NATs produce a second class Internet.  We have had to lived with a second
> > class Internet for so long that most don˙˙t know what they are missing.
> --
> > Mark Andrews
> >
>

Protecting 1Gb Ethernet From Lightning Strikes

[Javier J]

I'm working with a client site that has been hit twice, very close by
lightening.

I did lots of electrical work/upgrades/grounding but now I want to focus on
protecting Ethernet connections between core switching/other devices that
can't be migrated to fiber optic.

I was looking for surge protection devices for Ethernet but have never
shopped for anything like this before. Was wondering if anyone has deployed
a solution?
They don't have a large presence on site (I have been moving all of their
core stuff to AWS) but they still have core networking / connectivity and
PoE cameras / APs around the property.
Since migrating their onsite servers/infra to the cloud, now their
connectivity is even more important.

This is a small site, maybe about 200 switch ports, but I would only need
to protect maybe 12 core ones. but would be something I could use in the
future with larger deployments.
it's just a 1Gbe network BTW.

Hope someone with more experience can help make hardware recommendations?

Thanks in advance.

- Javier

Re: AWS issues with 172.0.0.0/12

[Javier J]

Auto generated VPC in AWS use RFC1819 addresses. This should not interfere
with pub up space.

What is the exact issue? If you can't ping something in AWS chances are
it's a security group blocking you.



On Tue, Oct 1, 2019, 7:00 PM Jim Popovitch via NANOG 
wrote:

> On October 1, 2019 9:39:03 PM UTC, Matt Palmer 
> wrote:
> >On Tue, Oct 01, 2019 at 04:50:33AM -0400, Jim Popovitch via NANOG
> >wrote:
> >> On 10/1/2019 4:09 AM, Christopher Morrow wrote:
> >> > possible that this is various AWS customers making
> >iptables/firewall mistakes?
> >> >"block that pesky rfc1918 172/12 space!!"
> >>
> >> AWS also uses some 172/12 space on their internal network (e.g. the
> >network
> >> that sits between EC2 instances and the AWS external firewalls)
> >
> >Does AWS use 172.0.0.0/12 internally, or 172.16.0.0/12?  They're
> >different
> >things, after all.
> >
>
> I don't know their entire operations, but they do use some 172.16.0.0/12
> addresses internally. And yes, that is very different than 172/12, sorry
> for the confusion.
>
> -Jim P.
>
>

Re: AWS issues with 172.0.0.0/12

[Javier J]

I'm just curious, was the ip in the RFC 1918 172.16.0.0/16 range?

https://tools.ietf.org/html/rfc1918



On Mon, Oct 7, 2019 at 6:01 PM Mehmet Akcin  wrote:

> To close the loop here (in case if someone has this type of issue in the
> future), I have spoken to AT&T instead of trying to work it out with AWS
> Hosted Vendor, Reolink.
>
> AT&T Changed my public IP, and now I am no longer in that 172.x.x.x block,
> everything is working fine.
>
> mehmet
>
> On Thu, Oct 3, 2019 at 2:54 PM Javier J 
> wrote:
>
>> Auto generated VPC in AWS use RFC1819 addresses. This should not
>> interfere with pub up space.
>>
>> What is the exact issue? If you can't ping something in AWS chances are
>> it's a security group blocking you.
>>
>>
>>
>> On Tue, Oct 1, 2019, 7:00 PM Jim Popovitch via NANOG 
>> wrote:
>>
>>> On October 1, 2019 9:39:03 PM UTC, Matt Palmer 
>>> wrote:
>>> >On Tue, Oct 01, 2019 at 04:50:33AM -0400, Jim Popovitch via NANOG
>>> >wrote:
>>> >> On 10/1/2019 4:09 AM, Christopher Morrow wrote:
>>> >> > possible that this is various AWS customers making
>>> >iptables/firewall mistakes?
>>> >> >"block that pesky rfc1918 172/12 space!!"
>>> >>
>>> >> AWS also uses some 172/12 space on their internal network (e.g. the
>>> >network
>>> >> that sits between EC2 instances and the AWS external firewalls)
>>> >
>>> >Does AWS use 172.0.0.0/12 internally, or 172.16.0.0/12?  They're
>>> >different
>>> >things, after all.
>>> >
>>>
>>> I don't know their entire operations, but they do use some 172.16.0.0/12
>>> addresses internally. And yes, that is very different than 172/12, sorry
>>> for the confusion.
>>>
>>> -Jim P.
>>>
>>>

Re: AWS issues with 172.0.0.0/12

[Javier J]

Very strange ATT would put end users on an RFC 1918 block unless they were
doing NAT to the end user.
If they were doing NAT, I would expect CGNAT in the 100.something or other
range.


On Thu, Oct 10, 2019, 11:07 AM Mehmet Akcin  wrote:

> Yes
>
> On Wed, Oct 9, 2019 at 20:46 Javier J  wrote:
>
>> I'm just curious, was the ip in the RFC 1918 172.16.0.0/16 range?
>>
>> https://tools.ietf.org/html/rfc1918
>>
>>
>>
>> On Mon, Oct 7, 2019 at 6:01 PM Mehmet Akcin  wrote:
>>
>>> To close the loop here (in case if someone has this type of issue in the
>>> future), I have spoken to AT&T instead of trying to work it out with AWS
>>> Hosted Vendor, Reolink.
>>>
>>> AT&T Changed my public IP, and now I am no longer in that 172.x.x.x
>>> block, everything is working fine.
>>>
>>> mehmet
>>>
>>> On Thu, Oct 3, 2019 at 2:54 PM Javier J 
>>> wrote:
>>>
>>>> Auto generated VPC in AWS use RFC1819 addresses. This should not
>>>> interfere with pub up space.
>>>>
>>>> What is the exact issue? If you can't ping something in AWS chances are
>>>> it's a security group blocking you.
>>>>
>>>>
>>>>
>>>> On Tue, Oct 1, 2019, 7:00 PM Jim Popovitch via NANOG 
>>>> wrote:
>>>>
>>>>> On October 1, 2019 9:39:03 PM UTC, Matt Palmer 
>>>>> wrote:
>>>>> >On Tue, Oct 01, 2019 at 04:50:33AM -0400, Jim Popovitch via NANOG
>>>>> >wrote:
>>>>> >> On 10/1/2019 4:09 AM, Christopher Morrow wrote:
>>>>> >> > possible that this is various AWS customers making
>>>>> >iptables/firewall mistakes?
>>>>> >> >"block that pesky rfc1918 172/12 space!!"
>>>>> >>
>>>>> >> AWS also uses some 172/12 space on their internal network (e.g. the
>>>>> >network
>>>>> >> that sits between EC2 instances and the AWS external firewalls)
>>>>> >
>>>>> >Does AWS use 172.0.0.0/12 internally, or 172.16.0.0/12?  They're
>>>>> >different
>>>>> >things, after all.
>>>>> >
>>>>>
>>>>> I don't know their entire operations, but they do use some
>>>>> 172.16.0.0/12
>>>>> addresses internally. And yes, that is very different than 172/12,
>>>>> sorry
>>>>> for the confusion.
>>>>>
>>>>> -Jim P.
>>>>>
>>>>> --
> Mehmet
> +1-424-298-1903
>

Re: AWS issues with 172.0.0.0/12

[Javier J]

IPv6 all the things.

On Thu, Oct 10, 2019, 12:11 PM Neil Hanlon  wrote:

> RCN here in the greater Boston area does CGNAT inside 10.0.0.0/8. This
> doesn't surprise me.
> On Oct 10, 2019, at 11:27, Javier J  wrote:
>>
>> Very strange ATT would put end users on an RFC 1918 block unless they
>> were doing NAT to the end user.
>> If they were doing NAT, I would expect CGNAT in the 100.something or
>> other range.
>>
>>
>> On Thu, Oct 10, 2019, 11:07 AM Mehmet Akcin < meh...@akcin.net> wrote:
>>
>>> Yes
>>>
>>> On Wed, Oct 9, 2019 at 20:46 Javier J < jav...@advancedmachines.us>
>>> wrote:
>>>
>>>> I'm just curious, was the ip in the RFC 1918 172.16.0.0/16 range?
>>>>
>>>> https://tools.ietf.org/html/rfc1918
>>>>
>>>>
>>>>
>>>> On Mon, Oct 7, 2019 at 6:01 PM Mehmet Akcin < meh...@akcin.net> wrote:
>>>>
>>>>> To close the loop here (in case if someone has this type of issue in
>>>>> the future), I have spoken to AT&T instead of trying to work it out with
>>>>> AWS Hosted Vendor, Reolink.
>>>>>
>>>>> AT&T Changed my public IP, and now I am no longer in that 172.x.x.x
>>>>> block, everything is working fine.
>>>>>
>>>>> mehmet
>>>>>
>>>>> On Thu, Oct 3, 2019 at 2:54 PM Javier J < jav...@advancedmachines.us>
>>>>> wrote:
>>>>>
>>>>>> Auto generated VPC in AWS use RFC1819 addresses. This should not
>>>>>> interfere with pub up space.
>>>>>>
>>>>>> What is the exact issue? If you can't ping something in AWS chances
>>>>>> are it's a security group blocking you.
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Tue, Oct 1, 2019, 7:00 PM Jim Popovitch via NANOG <
>>>>>> nanog@nanog.org> wrote:
>>>>>>
>>>>>>> On October 1, 2019 9:39:03 PM UTC, Matt Palmer < mpal...@hezmatt.org>
>>>>>>> wrote:
>>>>>>> >On Tue, Oct 01, 2019 at 04:50:33AM -0400, Jim Popovitch via NANOG
>>>>>>> >wrote:
>>>>>>> >> On 10/1/2019 4:09 AM, Christopher Morrow wrote:
>>>>>>> >> > possible that this is various AWS customers making
>>>>>>> >iptables/firewall mistakes?
>>>>>>> >> >"block that pesky rfc1918 172/12 space!!"
>>>>>>> >>
>>>>>>> >> AWS also uses some 172/12 space on their internal network (e.g.
>>>>>>> the
>>>>>>> >network
>>>>>>> >> that sits between EC2 instances and the AWS external firewalls)
>>>>>>> >
>>>>>>> >Does AWS use 172.0.0.0/12 internally, or 172.16.0.0/12?  They're
>>>>>>> >different
>>>>>>> >things, after all.
>>>>>>> >
>>>>>>>
>>>>>>> I don't know their entire operations, but they do use some
>>>>>>> 172.16.0.0/12
>>>>>>> addresses internally. And yes, that is very different than 172/12,
>>>>>>> sorry
>>>>>>> for the confusion.
>>>>>>>
>>>>>>> -Jim P.
>>>>>>>
>>>>>>> --
>>> Mehmet
>>> +1-424-298-1903
>>>
>>

Re: California public safety power shutdowns

[Javier J]

Reminds me of Enron days.

On Thu, Oct 10, 2019 at 2:06 PM Michael Thomas  wrote:

>
> On 10/10/19 10:40 AM, Randy Bush wrote:
> >> Pacific Gas & Electric and Southern California Edison have started
> >> Public Safety Power Shut-offs (PSPS) in California wildfire high-risk
> >> areas.
> > not exactly
> >
> > the diablo winds are way north in the state.  but much of the power
> > for the big metros is bought from the hydros in the northwest and
> > has to come on lines through the windy area.
> >
> > for some years, pg&e traded short term profits for long term risk by
> > not clearing the lines.  their long term risk cost lives, jillions in
> > property and other damage last fire season.
> >
> > now pg&e is in a severe liability pickle and madly trying to shovel
> > kitty litter over it.
> >
> > the high risk is putting stockholders and profit before public safety
> > and service.
> >
> It's also pretty clear that this is revenge pr0n for us getting all
> upset for them burning down paradise.
>
> I'm fairly certain that tech can help this problem along significantly,
> but that might cut into e-staff bonuses.
>
>
> https://wildfiremitigation.tees.tamus.edu/faqs/other-monitoring-benefits
>
>
> Mike
>
>

Re: California public safety power shutdowns

[Javier J]

I have an alternative view. the more generators are running, the more
trucks semt to refuel the tanks, the more moving parts, the more likely an
accident is prone to happen somewhere. It's thr same reason you turn your
vehicles engine off when you fill up at the gas station.

Diesel doesn't combust easily without conpression, but I'm pretty sure you
can find incidents where diesel engines catch fire. maybe the roof of a
datacenter is not a risk factor, but in thinking remote antennas on the top
of a mountain anything can happen.

On Thu, Oct 10, 2019, 8:52 PM Mel Beckman  wrote:

> Sean,
>
> A diesel generator sparking a fire is extremely unlikely. A diesel
> generator by code must have a clear, nonflammable, area around it, and a
> spark arrestor on the exhaust to protect against burning particles in the
> exhaust. Diesel generators are not even a listed cause according to the
> National Wildfire Coordinating Group:
>
> https://www.nwcg.gov/sites/default/files/publications/pms412.pdf
>
> Let’s not go making up fantastical monsters. There are plenty of real
> monsters to go around :)
>
>  -mel
>
> On Oct 10, 2019, at 5:29 PM, Ca By  wrote:
>
> I just hope the next fire is not sparked by a diesel generator that is
> running because commercial power is off.
>
> On Thu, Oct 10, 2019 at 3:48 PM Sean Donelan  wrote:
>
>>
>>
>> AT&T statement:
>>
>> Like all PG&E customers, we are also affected by this power shutdown.
>> Overall our network continues to perform well and is operating at more
>> than 97% cause
>
> of normal. We are aware that service for some customers may be
>> affected by this event and are working as quickly as possible to deploy
>> additional generators and recovery equipment. We appreciate our
>> customer’s
>> patience.
>>
>>
>> T-Mobile statement:
>>
>> The T-Mobile network is holding up well during the ongoing PG&E and SCE
>> safety power shut offs in California. We are seeing a small number of
>> sites down in some of the areas affected by the power shut off.
>>
>> Our response teams are working to get sites back up and running as
>> quickly
>> as possible. We understand that service disruptions are an inconvenience
>> to our customers and we appreciate their patience during this event.
>>
>>
>> Verizon:
>>
>> Verizon spokeswoman Jeannine Brew Braggs said the company can serve
>> customers "indefinitely" until commercial power is restored. She
>> attributed that to the generators and backup batteries on-site at the
>> majority of its cell towers and other locations. Brew Braggs said the
>> company can refuel the generators to keep them running.
>>
>>
>> I'm still looking for statements from Sprint and US Cellular.
>>
>

Re: Best components for a full mvno core network?

[Javier J]

This is interesting but so many variables to unpack to determin what the
right solution is. What are the main goals of your org? What exact pain
points are you trying to fix?



On Wed, Oct 16, 2019, 8:28 AM Dario Renaud  wrote:

> Hello,
>
> At my day job, we are considering going Full MVNO. Which means building a
> mobile core network.
>
> I was wondering if some of you would have feedback or advices on the
> solutions currently available?
>
> We would like to avoid the big providers (Ericsson & such).
> Ideally, something opensource, or, if proprietary, a company maybe willing
> to license access to the code (one can dream).
>
> There seems to be a lot of bits and pieces available out there, with a mix
> of full, fullish or partial solutions. This makes for quite the puzzle.
>
> Among the ones I found most interesting:
>
> nextEPC, covering, well, the EPC… (https://github.com/nextepc/nextepc).
> It looks like the more active open EPC implementation out there.
>
> And it seems that Yate people have a commercial product covering basically
> everything needed (
> https://yatebts.com/solutions_and_technology/mobile_virtual_network_operator/).
>
>
> What do you think?
>
> Regards
>
> Dario Renaud
>

Re: AWS issues with 172.0.0.0/12

[Javier J]

> No, Mehmet's public IP was _not_ from the RFC 1918 172.16.0.0/16
range.

I was guessing the same thing. It wouldn't matter even behind NAT if you
are using RFC 1918 unless you are building a tunnel into the VPC since in
the AWS VPC, you are behind a NAT / Internet Gateway for anything to reach
the public IPv4 internet.

- Javier



On Fri, Oct 11, 2019 at 7:48 AM Jay Borkenhagen  wrote:

> I'm surprised that no one else has corrected this, so allow me to do
> so for the record.
>
> No, Mehmet's public IP was _not_ from the RFC 1918 172.16.0.0/16
> range.
>
> One of the public ipv4 ranges that AT&T assigns subscriber addresses
> from is 172.0.0.0/12: [ 172.0.0.0 - 172.15.255.255 ]
>
>  https://whois.arin.net/rest/net/NET-172-0-0-0-1
>
> One of the private ipv4 ranges set aside by RFC 1918 is the
> neighboring 172.16.0.0/12: [ 172.16.0.0 - 172.31.255.255 ]
>
>  https://whois.arin.net/rest/net/NET-172-16-0-0-1
>
>
>
> We notice more mis-originations of our 172.0.0.0/12 space and its
> more-specifics than any of our other ipv4 blocks, probably because
> other folks are similarly confused.  So please, if you intend to use
> RFC1918 space, please check your filters to make sure you're using
> 172.16.0.0/12 and not our 172.0.0.0/12.
>
>     Jay B.
>
>
> Mehmet Akcin writes:
>  > Yes
>  >
>  > On Wed, Oct 9, 2019 at 20:46 Javier J 
> wrote:
>  >
>  > > I'm just curious, was the ip in the RFC 1918 172.16.0.0/16 range?
>  > >
>  > > https://tools.ietf.org/html/rfc1918
>  > >
>  > >
>  > >
>  > > On Mon, Oct 7, 2019 at 6:01 PM Mehmet Akcin  wrote:
>  > >
>  > >> To close the loop here (in case if someone has this type of issue in
> the
>  > >> future), I have spoken to AT&T instead of trying to work it out with
> AWS
>  > >> Hosted Vendor, Reolink.
>  > >>
>  > >> AT&T Changed my public IP, and now I am no longer in that 172.x.x.x
>  > >> block, everything is working fine.
>  > >>
>  > >> mehmet
>  > >>
>  > >> On Thu, Oct 3, 2019 at 2:54 PM Javier J 
>  > >> wrote:
>  > >>
>  > >>> Auto generated VPC in AWS use RFC1819 addresses. This should not
>  > >>> interfere with pub up space.
>  > >>>
>  > >>> What is the exact issue? If you can't ping something in AWS chances
> are
>  > >>> it's a security group blocking you.
>  > >>>
>  > >>>
>  > >>>
>  > >>> On Tue, Oct 1, 2019, 7:00 PM Jim Popovitch via NANOG <
> nanog@nanog.org>
>  > >>> wrote:
>  > >>>
>  > >>>> On October 1, 2019 9:39:03 PM UTC, Matt Palmer <
> mpal...@hezmatt.org>
>  > >>>> wrote:
>  > >>>> >On Tue, Oct 01, 2019 at 04:50:33AM -0400, Jim Popovitch via NANOG
>  > >>>> >wrote:
>  > >>>> >> On 10/1/2019 4:09 AM, Christopher Morrow wrote:
>  > >>>> >> > possible that this is various AWS customers making
>  > >>>> >iptables/firewall mistakes?
>  > >>>> >> >"block that pesky rfc1918 172/12 space!!"
>  > >>>> >>
>  > >>>> >> AWS also uses some 172/12 space on their internal network (e.g.
> the
>  > >>>> >network
>  > >>>> >> that sits between EC2 instances and the AWS external firewalls)
>  > >>>> >
>  > >>>> >Does AWS use 172.0.0.0/12 internally, or 172.16.0.0/12?  They're
>  > >>>> >different
>  > >>>> >things, after all.
>  > >>>> >
>  > >>>>
>  > >>>> I don't know their entire operations, but they do use some
>  > >>>> 172.16.0.0/12
>  > >>>> addresses internally. And yes, that is very different than 172/12,
> sorry
>  > >>>> for the confusion.
>  > >>>>
>  > >>>> -Jim P.
>  > >>>>
>  > >>>> --
>  > Mehmet
>  > +1-424-298-1903
>

Re: Disney+ Geolocation issues

[Javier J]

The word on the street (that Disney pushed) was that "we are seeing higher
than expected demand"

WTF, you are in AWS, don't know how to autoscale?

On Thu, Nov 14, 2019 at 11:06 AM Ethan O'Toole  wrote:

> > For Disney, isn't it the same "house" ?
>
> They're trying to control different pricing for different markets. Similar
> to how Spotify costs a lot less in Indonesia and the Philippines.
>
> This is where a VPN comes in handy.
>
> - Ethan
>

Re: Landing Stations used as datacenter

[Javier J]

I would think that just a few extra fractions of a second from the cable
station to a DC/IX are better than a DC/IX near the beach where water can
wipe it all out. Preferably DC/IX should be on the 2nd or third floor IMHO
on some islands.

- J

On Fri, Nov 15, 2019 at 4:11 PM Owen DeLong  wrote:

> Some Caribbean islands had IXs in landing stations early on IIRC. Usually
> before the island built it’s first datacenter.
>
> Some of them were better/faster about moving to the datacenter once it was
> established than others.
>
> Owen
>
>
> On Nov 15, 2019, at 01:47 , Martijn Schmidt via NANOG 
> wrote:
>
> I think AMS-IX had an exchange in Mombasa in the SEACOM landing station at
> some point, but that is gone now. I'm not sure about the exact reasons
> there but someone here probably knows what happened.
>
> There's also a big amount of carriers in the TATA landing station in
> Mumbai, it is the second-largest in that market just behind GPX in terms of
> carrier density at least according to PeeringDB.
>
> Best regards,
> Martijn
>
> On 11/15/19 3:58 AM, Mehmet Akcin wrote:
>
> Hey there
>
> I have been putting my thoughts on Infrapedia blog and sharing with folks
> like
>
> https://www.infrapedia.com/post/top20cities-datacenters
>
> I am working on a new article and this time my topic will be looking at
> cable landing stations(cls). Do you consider cable landing stations as a
> datacenter? Do you have any experience deploying a pop in CLS? Are you able
> to share (on or off record) your experience which I can refer as your
> experience (good or bad) why deploying a pop inside a CLS is good or bad
> idea. Any additional comments..
>
> I am not a big fan of CLS deployments. They have limited networks ( like
> only carriers and no eyeballs) and very expensive connectivity (usually)
>
> Thank you in advance sharing your experience
>
> Mehmet
>
> --
> Mehmet
> +1-424-298-1903
>
>
>
>

Re: Landing Stations used as datacenter

[Javier J]

Owen of course. I was just expressing my humble opinion to the thread.
Cheers.

On Fri, Nov 15, 2019 at 8:41 PM Owen DeLong  wrote:

> I was neither defending, nor advocating the placement, merely attempting
> to document some of the history.
>
> Owen
>
>
> On Nov 15, 2019, at 15:20 , Javier J  wrote:
>
> I would think that just a few extra fractions of a second from the cable
> station to a DC/IX are better than a DC/IX near the beach where water can
> wipe it all out. Preferably DC/IX should be on the 2nd or third floor IMHO
> on some islands.
>
> - J
>
> On Fri, Nov 15, 2019 at 4:11 PM Owen DeLong  wrote:
>
>> Some Caribbean islands had IXs in landing stations early on IIRC. Usually
>> before the island built it’s first datacenter.
>>
>> Some of them were better/faster about moving to the datacenter once it
>> was established than others.
>>
>> Owen
>>
>>
>> On Nov 15, 2019, at 01:47 , Martijn Schmidt via NANOG 
>> wrote:
>>
>> I think AMS-IX had an exchange in Mombasa in the SEACOM landing station
>> at some point, but that is gone now. I'm not sure about the exact reasons
>> there but someone here probably knows what happened.
>>
>> There's also a big amount of carriers in the TATA landing station in
>> Mumbai, it is the second-largest in that market just behind GPX in terms of
>> carrier density at least according to PeeringDB.
>>
>> Best regards,
>> Martijn
>>
>> On 11/15/19 3:58 AM, Mehmet Akcin wrote:
>>
>> Hey there
>>
>> I have been putting my thoughts on Infrapedia blog and sharing with folks
>> like
>>
>> https://www.infrapedia.com/post/top20cities-datacenters
>>
>> I am working on a new article and this time my topic will be looking at
>> cable landing stations(cls). Do you consider cable landing stations as a
>> datacenter? Do you have any experience deploying a pop in CLS? Are you able
>> to share (on or off record) your experience which I can refer as your
>> experience (good or bad) why deploying a pop inside a CLS is good or bad
>> idea. Any additional comments..
>>
>> I am not a big fan of CLS deployments. They have limited networks ( like
>> only carriers and no eyeballs) and very expensive connectivity (usually)
>>
>> Thank you in advance sharing your experience
>>
>> Mehmet
>>
>> --
>> Mehmet
>> +1-424-298-1903
>>
>>
>>
>>
>

Re: Short-circuited traceroutes on FIOS

[Javier J]

mtr -u 4.2.2.2 --report-wide
Start: 2019-12-10T21:26:20-0500
HOST: fedora-lenovo   Loss%   Snt   Last   Avg  Best
 Wrst StDev
  1.|-- _gateway 0.0%101.3   1.4   1.1
  2.3   0.3
  2.|-- ??? 100.0100.0   0.0   0.0
  0.0   0.0
  3.|-- b3346.nwrknj-lcr-21.verizon-gni.net  0.0%106.7   4.8   2.2
  8.2   1.9
  4.|-- ??? 100.0100.0   0.0   0.0
  0.0   0.0
  5.|-- 0.ae1.br1.ewr6.alter.net 0.0%10   18.9   6.2   3.6
 18.9   4.6
  6.|-- lag-12.ear3.newark1.level3.net  20.0%103.9   3.3   2.2
  4.4   1.0
  7.|-- ae-2-3602.ear2.newyork1.level3.net  90.0%105.6   5.6   5.6
  5.6   0.0
  8.|-- ??? 100.0100.0   0.0   0.0
  0.0   0.0

Verizon FIOS
They are blocking ICMP and returning false responses right at their gateway
at the CO, not the CPE (I'm using my own router)

You have to do it using UDP to get real results of a traceroute.

- Javier



On Tue, Dec 10, 2019 at 3:56 PM Joe Maimon  wrote:

> This is not from a verizon CPE. Its happening on their CO internet
> gateway customer facing routers.
>
> tcptraceroute looks more legit
>
> Joe
>
> Nimrod Levy wrote:
> > Is that unique to the FiOS gateway device? I don't use their router
> > and my traces go right out.
> >
> >
> > On Tue, Dec 10, 2019 at 3:08 PM Joe Maimon  > > wrote:
> >
> > Apparently Verizon FIOS is a red herring, terminating ICMP
> > traceroutes
> > right on their gateways.
> >
> > More internet breakage. Thanks for the information to all who
> > responded.
> >
> > Random control test.
> >
> > C:\Users\Home>tracert -d 1.4.5.6
> >
> > Tracing route to 1.4.5.6 over a maximum of 30 hops
> >
> >115 ms 5 ms<1 ms  172.18.24.1
> >2 3 ms23 ms24 ms  192.168.2.33
> >3 3 ms 6 ms 3 ms  1.4.5.6
> >
> > Trace complete.
> >
> >
> > Joe
> >
> > Joe Maimon wrote:
> > > Anyone have an idea why there are some destinations that on
> > > residential verizon fios here in NY area terminate right on first
> > > external hop?
> > >
> > > There seems to be a CDN common denominator here. On other networks
> > > with more typical BGP paths and traceroutes, users are reporting
> > > issues accessing these sites.
> > >
> > > C:\Users\Home>tracert www.usfoods.com 
> > >
> > > Tracing route to statics.usfoods.com
> >  [205.132.109.90]
> > > over a maximum of 30 hops:
> > >
> > >   1 3 ms<1 ms<1 ms  172.18.24.1
> > >   2 4 ms 3 ms 3 ms  192.168.2.33
> > >   317 ms 6 ms 3 ms statics.usfoods.com
> >  [205.132.109.90]
> > >
> > > Trace complete.
> > >
> > > C:\Users\Home>tracert atworkhp.americanexpress.com
> > 
> > >
> > > Tracing route to atworkhp.americanexpress.com.akadns.net
> >  [139.71.19.87]
> > > over a maximum of 30 hops:
> > >
> > >   1 2 ms<1 ms<1 ms  172.18.24.1
> > >   2 3 ms 4 ms23 ms  192.168.2.33
> > >   321 ms11 ms 5 ms
> > atworkhomepage2.americanexpress.com
> > 
> > > [139.71.19.87]
> > >
> > > Trace complete.
> > >
> > > C:\Users\Home>tracert portal.discover.com
> > 
> > >
> > > Tracing route to e14577.x.akamaiedge.net
> >  [23.51.172.254]
> > > over a maximum of 30 hops:
> > >
> > >   1 3 ms 1 ms18 ms  172.18.24.1
> > >   221 ms 7 ms 6 ms  192.168.2.33
> > >   3 4 ms 2 ms 2 ms
> > > a23-51-172-254.deploy.static.akamaitechnologies.com
> > 
> > [23.51.172.254]
> > >
> > > Trace complete.
> > >
> > >
> > >
> >
>
>

Re: Short-circuited traceroutes on FIOS

[Javier J]

If you have static addressing (biz account) then possibly different from
what I have.

In North NJ, 3 different accounts I can verify have ICMP blocked as of
sometime earlier this year or late last year so have to use udp to get a
real traceroute.

Could not be deployed in all areas the same way.

 - Javier

On Wed, Dec 11, 2019 at 7:19 AM Nimrod Levy  wrote:

> I'm in the same region as Chris and I still can't make it fail. I wonder
> if it's because I have static addressing?
>
> On Tue, Dec 10, 2019 at 11:59 PM Christopher Morrow <
> morrowc.li...@gmail.com> wrote:
>
>> On Tue, Dec 10, 2019 at 11:44 PM Lee  wrote:
>> > It's protocol specific.  Windows tracert uses icmp instead of udp.
>> > On a linux box try
>> >   ping -t 2 205.132.109.90
>> >
>> > You should get a time to live exceeded but the Verizon router gives
>> > you an echo reply instead.
>>
>> that's hilariously bad :( I think this is the OLT really that's doing
>> this...
>> $ ping -t 3 205.132.109.90
>> PING 205.132.109.90 (205.132.109.90) 56(84) bytes of data.
>> From 130.81.32.236 icmp_seq=1 Time to live exceeded
>>
>> $ ping -t 1 205.132.109.90
>> PING 205.132.109.90 (205.132.109.90) 56(84) bytes of data.
>> From 192.168.100.1 icmp_seq=1 Time to live exceeded
>>
>> $ ping -t 2 205.132.109.90
>> PING 205.132.109.90 (205.132.109.90) 56(84) bytes of data.
>> 64 bytes from 205.132.109.90: icmp_seq=1 ttl=254 time=3.38 ms
>>
>> An outbound traceroute has:
>>  1  _gateway (192.168.100.1)  2.537 ms  2.587 ms  2.703 ms
>>  2  * * *
>>  3  B3320.WASHDC-LCR-21.verizon-gni.net (130.81.32.236)  6.638 ms
>> B3320.WASHDC-LCR-22.verizon-gni.net (130.81.32.238)  6.223 ms  6.414
>> ms
>> ...
>>
>> and inbound that hop 2 is:
>>  6  HundredGigE2-4-0-3.WASHDC-LCR-22.verizon-gni.NET (140.222.238.55)
>> 5.504 ms HundredGigE2-6-0-3.WASHDC-LCR-21.verizon-gni.NET
>> (140.222.234.53)  9.261 ms  9.266 ms
>>  7  ae203-0.WASHDC-VFTTP-320.verizon-gni.net ()  7.955 ms  3.026 ms
>> ae204-0.WASHDC-VFTTP-320.verizon-gni.net (130.81.32.239)  2.347 ms
>>
>> oh well, just wonky gpon again?
>>
>

Re: Short-circuited traceroutes on FIOS

[Javier J]

> what do you do with a traceroute that looks like this

Tell you to not change IP addresses so that I can do a proper analysis on
it?
Recommend you use something other than windows?
Give you a stock tip?
The possibilities are endless.

(I'm being sarcastic)

It is shitty and I have no clue why ISPs play these games.

Rumor is that with FiOS, that so many gamers or game software was sending
out ICMP requests that it was enough traffic for them to say screw this and
block it. I don't buy that but whatever.
Just annoying.

Oh yeah, and why do I still to this day have to use a HE ipv6 tunnel?


On Thu, Dec 12, 2019 at 8:55 AM Aaron Gould  wrote:

> Yeah, and what do you do with a traceroute that looks like this….  (ip
> address intentionally changed)
>
>
>
> C:\>tracert -d -w 1 1.2.3.4
>
>
>
> Tracing route to 1.2.3.4 over a maximum of 30 hops
>
>
>
>   1 8 ms 5 ms 5 ms  96.8.191.129
>
>   2 *** Request timed out.
>
>   3 *** Request timed out.
>
>   4 *** Request timed out.
>
>   5 *** Request timed out.
>
>   6 *** Request timed out.
>
>   7 *** Request timed out.
>
>   8 *** Request timed out.
>
>  9 *** Request timed out.
>
> 10 *** Request timed out.
>
> 11 *** Request timed out.
>
> 12 *** Request timed out.
>
> 13 *** Request timed out.
>
> 14 *** Request timed out.
>
> 15 *** Request timed out.
>
> 16 *** Request timed out.
>
> 17   267 ms   202 ms * 1.2.3.4
>
> 18   205 ms   175 ms * 1.2.3.4
>
> 19   160 ms   233 ms * 1.2.3.4
>
> 20   199 ms   201 ms * 1.2.3.4
>
> 21   213 ms   206 ms * 1.2.3.4
>
> 22   165 ms   158 ms * 1.2.3.4
>
> 23   237 ms   158 ms * 1.2.3.4
>
> 24   158 ms   290 ms * 1.2.3.4
>
> 25   158 ms   160 ms   158 ms  1.2.3.4
>
>
>
> Trace complete.
>
>
>
> C:\>
>
>
>
>
>
>
>
> *From:* NANOG [mailto:nanog-boun...@nanog.org] *On Behalf Of *Etienne-Victor
> Depasquale
> *Sent:* Thursday, December 12, 2019 1:18 AM
> *To:* Valdis Klētnieks
> *Cc:* nanog@nanog.org
> *Subject:* Re: Short-circuited traceroutes on FIOS
>
>
>
> Traceroute is becoming more and more an expert's tool because
> interpretation of its results isn't straightforward.
>
>
>
> I had written a paper last year and mentioned its misuse in academia in
> the context of estimating the number of energy-consuming devices between a
> source and a destination.
>
> Traceroute was being used to count the number of physical router devices
> from the hop count, notwithstanding the use of MPLS in domain cores.
>
> To an external observer, this results in significant underestimation of
> the energy consumption in the path from source to destination.
>
>
>
> On Thu, Dec 12, 2019 at 12:51 AM Valdis Klētnieks 
> wrote:
>
> On Wed, 11 Dec 2019 19:26:09 +0200, Saku Ytti said:
> > On Wed, 11 Dec 2019 at 19:14, Rob Foehl  wrote:
> >
> > > Support claims that it was a mistake, but it's also been 15+ months and
> > > it's pretty deliberate behavior.  Draw your own conclusions...
> >
> > TTL decrement issues are fairly common across multiple vendors and hw,
> > can be sw can be hw limit
>
> Yes, but you need to screw up gloriously on the decrement if you think that
> "I decremented and it's zero now" means "therefor it must have been
> addressed
> to me, so I'll send an ECHO REPLY instead of TTL EXCEEDED".
>
>
>
>
> --
>
> Ing. Etienne-Victor Depasquale
> Assistant Lecturer
> Department of Communications & Computer Engineering
> Faculty of Information & Communication Technology
> University of Malta
>
> Web. https://www.um.edu.mt/profile/etiennedepasquale
>

Re: Short-circuited traceroutes on FIOS

[Javier J]

Is anyone from Verizon on this list? They probably are but not allowed to
comment. I would love to know if there is an official comment on why they
do this.

It annoyed me when they first implemented and I was trying to diagnose an
issue with a client.

Regarding your edge device:
Same here, I had ubiquity gear at my GW for a while and before that PFsense.

When i saw 1ms responses to a ping one day I was confused.

- J

On Thu, Dec 12, 2019 at 12:51 PM Peter Beckman  wrote:

> On Wed, 11 Dec 2019, Javier J wrote:
>
> > If you have static addressing (biz account) then possibly different from
> > what I have.
> >
> > In North NJ, 3 different accounts I can verify have ICMP blocked as of
> > sometime earlier this year or late last year so have to use udp to get a
> > real traceroute.
> >
> > Could not be deployed in all areas the same way.
>
>   I noticed this about the same time I installed Ubiquiti gear at home,
>   December 2018.
>
>   Until this thread, I thought there was something wrong with my gateway
>   router config. I could do UDP/TCP traceroutes, but ICMP kept dying.
>
>   Glad to know it isn't my gateway, but frustrated as hell that Verizon
>   decided that a few customers doing less-than-ideal things was enough to
>   cut a standard network protocol off at the knees.
>
> ---
> Peter Beckman  Internet Guy
> beck...@angryox.com
> http://www.angryox.com/
> ---
>

Fwd: urgent opening: Engineer-Transport - III

[Javier J]

In case some is interested, Got this email today:

-- Forwarded message -
From: Garima Agrawal 
Date: Tue, Dec 17, 2019 at 6:01 PM
Subject: urgent opening: Engineer-Transport - III
To: REDACTED


Hello Javier,

I am  Garima, a recruiter with *Pyramid Consulting, Inc.* a leading IT
staffing organization. I came across your profile in one of the job
boards and feel that your skills and professional experience would be a
good fit for a position with one of our premier clients. Please review the
job description below. If you are interested in this position please
forward your updated resume for immediate consideration and preferred time
to discuss this opportunity further.

*Title:* Engineer-Transport - III
*Location:* MI; Southfield
*Duration:*

*Job Description:*
 Immediate need for a talented *Engineer Transport * with experience in the
*Telecom* *Industry*.
This is a *12+* *Months* Contract opportunity with long-term potential and
is located in *Southfield, MI.* Please review the job description below.

*Job ID: 19-55622*
*Key Responsibilities:*

   - Cisco and/or ALU/Nokia router configuration experience.
   - Working knowledge of Optical transport systems.
   - Ciena or Fujitsu experience preferred
   - Knowledge of installation standards for telecom equipment.
   - Three or more years of relevant work experience.
   - Five or more years of experience in the cellular/ telecommunications
   industry in a Transport engineering role.
   - CCNA certification.
   - Knowledge in CWDM/DWDM Optical Transport systems including: Ciena,
   Alcatel-Client, and Fujitsu.
   - Knowledge with Dark Fiber vendors, their organizational processes and
   standards, as well as their network portfolio maps.
   - Experience in Microsoft Office Excel, Word, PowerPoint, and Project.
   - Experience with PSTN traffic reporting tools, and least cost routing.
   - Working knowledge and experience with SevOne traffic data collection
   system or another traffic statistics reporting package.
   - Experience with Atoll or Pathloss for microwave design.
   - Experience troubleshooting, problem solving, project management, and
   interpersonal skills.
   - Proven track record of quality decision making.
   - Organizational and planning skills.
   - Ability to learn new technology quickly and apply working knowledge of
   wireless engineering on new projects.
   - Ability to be self-motivated, show initiative, and capability to work
   independently.
   - Strong interpersonal and communications skills.
   - Ability to be highly productive and pay close attention to detail.
   - Knowledge with engineering and engineering economic principles.

*Key Requirements and Technology Experience:*

   - DWDM Optical Transport systems including: Ciena 6500 and Fujitsu 9500
   - ALU/Nokia 7705 & 7750 routers. Cisco ***, 540 routers
   - Micro Semi Edge Grand Mater experience.
   - PSTN traffic engineering including E911 and SS7
   - Digital Communications including: Fiber and Ethernet
   - Wireless voice and data service including: EVDO, CDMA, and LTE
   - Microwave experience including: Aviat, NEC , ALU/Nokia MPR9500
   - Test equipment experience including: JDSU & EXFO, spectrum analyzers,
   and path analyzers

Our client is a leading* Telecom* *Industry *and we are currently
interviewing to fill this and other similar contract positions. If you are
interested in this position, please apply online for immediate
consideration.


Thank you!
Garima Agrawal
Recruiter
Pyramid Consulting, Inc
3060 Kimball Bridge Rd. Suite 200
Alpharetta, GA
Email: garima.agra...@pyramidci.com; Desk: (770) 255-3535 Ext.6187 or Cell:
Web: www.pyramidci.com
USA | Canada | UK | India | Singapore

*NOTE:* *Please accept my sincere apologies if the location or the skill
set does not match with your location or your skill set. We have several
other opportunities which we can review together. If you wish to be removed
from this mailing list, please reply "REMOVE ME FROM THE LIST " in the
subject line or click on the “generate opt-out link below.” Any
inconvenience caused is highly regretted.*

You have received this message because either you have contacted our
Company to express interest in employment, or you have posted your Resume
in an area accessible to recruiters or HR professionals, which implies an
interest in being contacted regarding employment opportunities.

If you would prefer to no longer receive any emails whatsoever from our
Company, you may opt out at anytime by clicking here

.

Re: Fwd: urgent opening: Engineer-Transport - III

[Javier J]

I got tons of these spammed to me everyday, only reason I posted this
particular one was that it was very specific to network infrastructure.

Mentioning core networking equipment.
Are they really using fake job postings to justify H1-B hires these days?

Well that is Fing depressing if true.

- J

On Tue, Dec 17, 2019 at 9:30 PM John Levine  wrote:

> In article  vndbxsd5fw+...@mail.gmail.com> you write:
> >-=-=-=-=-=-
> >
> >In case some is interested, Got this email today:
>
> Please, no.  If we want help wanted ads, we know where to find them.
>
> This particular one is so specific that as likely as not it's a fake
> ad to justify and H1-B hire.
>
> R's,
> John
>

Re: Fwd: urgent opening: Engineer-Transport - III

[Javier J]

Thanks for the heads up Bill.

Now I just feel like a sucker entertaining these fools. Sorry to spam the
board. I haven't really looked at the IT staffing game in a while and it
seems it has gone to complete trash compared to even how bad it was 10
years ago.

- Javier

On Wed, Dec 18, 2019 at 7:53 PM William Herrin  wrote:

> On Wed, Dec 18, 2019 at 4:39 PM Javier J 
> wrote:
> > I got tons of these spammed to me everyday, only reason I posted this
> particular one was that it was very specific to network infrastructure.
>
> Hi Javier,
>
> I probably got 5 like it this week. Only counting the ones that got
> detailed about network infrastructure. And I'm not even looking for a
> network engineering job; I want to write network software.
>
> So yeah, dime a dozen, no need to share with Nanog. Post a resume to a
> few job boards and you'll get flooded with them too.
>
>
> > Mentioning core networking equipment.
> > Are they really using fake job postings to justify H1-B hires these days?
> >
> > Well that is Fing depressing if true.
>
> Yes, they do. You won't know for sure though until you tell them your
> salary and hear what they say. If it's way under market (it often is)
> then yeah, it's H1-B spam. And there is a sorry amount of that going
> around.
>
> Regards,
> Bill Herrin
>
>
>
> --
> William Herrin
> b...@herrin.us
> https://bill.herrin.us/
>

Re: FCC proposes $10 Million fine for spoofed robocalls

[Javier J]

It is so bad that I am not above us bribing politicians in
foreign countries to crack down on this.



On Thu, Dec 12, 2019 at 3:37 PM Sean Donelan  wrote:

>
> On Monday, U.S. FCC Chairman Pai and Canadian CRTC Chairperson Scott made
> the first official cross-border SHAKEN/STIR call.
>
> https://www.fcc.gov/document/pai-scott-make-first-official-cross-border-shakenstir-call
>
>
> Today, the U.S. FCC announced a proposed nearly $10 million fine for
> spoofed robocalls.
>
> https://www.fcc.gov/document/fcc-proposes-nearly-10-million-fine-spoofed-robocalls
>
> A U.S. telemarketing firm spoofed the caller-id of a competitor to make
> approximately 47,610 political robocalls shortly before a California State
> Assembly primary election.
>
> I think this case is somewhat unusual for robocall spoofing, because the
> alleged perpetrator, victims, and 'crime scene' occured within the same
> jurisdiction.
>
> While the FCC likes to announce large enforcement actions in splashy
> press releases, its actually bad about collecting fines. The FCC must
> rely on the Justice Department to initiate separate prosecution to
> enforce payment from non-license holders because the FCC can't do that
> itself.  So don't expect anyone to actually pay soon (or ever).
>

Re: Fwd: urgent opening: Engineer-Transport - III

[Javier J]

I made the mistake of posting a resume from a link on linkedin, luckily,
with a google voice number, but unfortunately, not with a burner email
address.

I had 11 missed calls yesterday because for now I am keeping my phone on
silent. I mean, for f's sake, just send me an email.

So annoying. Thanks for reaching out, but if I don't pick up on the first
call, LEAVE A VOICEMAIL.

- Javier

On Wed, Dec 18, 2019 at 8:37 PM William Herrin  wrote:

> On Wed, Dec 18, 2019 at 5:31 PM Javier J 
> wrote:
> > Now I just feel like a sucker entertaining these fools. Sorry to spam
> the board. I haven't really looked at the IT staffing game in a while and
> it seems it has gone to complete trash compared to even how bad it was 10
> years ago.
>
> The effing annoying thing is when the calls start at 6:00 am because
> they can't be bothered to read the top of your resume which says
> you're on the west coast and just figure hey, 703 number, must be
> eastern time. Honestly, I'm not sure why I still own a telephone.
>
> Regards,
> Bill
>
>
> --
> William Herrin
> b...@herrin.us
> https://bill.herrin.us/
>

ATT Mobile Outage San Juan, PR 8+ hours, 1 Million out.

[Javier J]

Anyone know what is going on, nothing in the English speaking media (not
surprised)

but reports are that a million + people on ATT in the metro area are
without service for 8+ hours now.


Only reports I have seen are on local media and social media.


Any information is appreciated.   If there is a better mailing list please
let me know.

- Javier

Re: ATT Mobile Outage San Juan, PR 8+ hours, 1 Million out.

[Javier J]

Submitted.


Here is the only news story I found in English:
http://cb.pr/att-network-down-in-puerto-rico/



On Wed, May 4, 2016 at 4:57 PM, Bill Woodcock  wrote:

>
> > On May 4, 2016, at 4:37 PM, Javier J  wrote:
> >
> > If there is a better mailing list please let me know.
>
> outa...@outages.org
>
> -Bill
>
>
>
>
>

RE: ATT Mobile Outage San Juan, PR 8+ hours, 1 Million out.

[Javier J]

Haha, wouldn't be surprised if it had something to do with some government
owned infrastructure crashing on a fiber.

Just got my first call of the day from someone there. Looks like it's
starting to come back.

I'm still curious what exactly died.

I saw hardware mentioned, but you could get a plane from Miami there in 2
hours if it was a matter of just swapping out a piece of network gear.
On May 4, 2016 5:22 PM, "Tyler Applebaum"  wrote:

> Maybe they didn't pay their bill! (kidding...)
>
> http://money.cnn.com/2016/05/02/investing/puerto-rico-default-may-1/
>
> -Original Message-
> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Javier J
> Sent: Wednesday, May 4, 2016 1:37 PM
> To: nanog@nanog.org
> Subject: ATT Mobile Outage San Juan, PR 8+ hours, 1 Million out.
>
> Anyone know what is going on, nothing in the English speaking media (not
> surprised)
>
> but reports are that a million + people on ATT in the metro area are
> without service for 8+ hours now.
>
>
> Only reports I have seen are on local media and social media.
>
>
> Any information is appreciated.   If there is a better mailing list please
> let me know.
>
> - Javier
> Attention: Information contained in this message and or attachments is
> intended only for the recipient(s) named above and may contain confidential
> and or privileged material that is protected under State or Federal law. If
> you are not the intended recipient, any disclosure, copying, distribution
> or action taken on it is prohibited. If you believe you have received this
> email in error, please contact the sender with a copy to
> complia...@ochin.org, delete this email and destroy all copies.
>

Re: ATT Mobile Outage San Juan, PR 8+ hours, 1 Million out.

[Javier J]

Thanks Todd, I got only the "hardware" info as well.


I would assume it was something more serious than just a simple "hardware"
issue.

On Wed, May 4, 2016 at 6:29 PM, Todd Underwood  wrote:

>
> http://www.univision.com/noticias/comunicacion/cerca-de-un-millon-de-abonados-de-at-t-sin-servicio-en-el-pais-debido-a-averia
>
> for spanish speakers.
>
> they say it's a "hardware" issue that caused the fault.  the story has
> almost no other facts in it about the RFO.  there.  i just read it for
> you.
>
> :-)
>
> t
>
> On Wed, May 4, 2016 at 5:44 PM, Javier J 
> wrote:
> > Haha, wouldn't be surprised if it had something to do with some
> government
> > owned infrastructure crashing on a fiber.
> >
> > Just got my first call of the day from someone there. Looks like it's
> > starting to come back.
> >
> > I'm still curious what exactly died.
> >
> > I saw hardware mentioned, but you could get a plane from Miami there in 2
> > hours if it was a matter of just swapping out a piece of network gear.
> > On May 4, 2016 5:22 PM, "Tyler Applebaum"  wrote:
> >
> >> Maybe they didn't pay their bill! (kidding...)
> >>
> >> http://money.cnn.com/2016/05/02/investing/puerto-rico-default-may-1/
> >>
> >> -Original Message-
> >> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Javier J
> >> Sent: Wednesday, May 4, 2016 1:37 PM
> >> To: nanog@nanog.org
> >> Subject: ATT Mobile Outage San Juan, PR 8+ hours, 1 Million out.
> >>
> >> Anyone know what is going on, nothing in the English speaking media (not
> >> surprised)
> >>
> >> but reports are that a million + people on ATT in the metro area are
> >> without service for 8+ hours now.
> >>
> >>
> >> Only reports I have seen are on local media and social media.
> >>
> >>
> >> Any information is appreciated.   If there is a better mailing list
> please
> >> let me know.
> >>
> >> - Javier
> >> Attention: Information contained in this message and or attachments is
> >> intended only for the recipient(s) named above and may contain
> confidential
> >> and or privileged material that is protected under State or Federal
> law. If
> >> you are not the intended recipient, any disclosure, copying,
> distribution
> >> or action taken on it is prohibited. If you believe you have received
> this
> >> email in error, please contact the sender with a copy to
> >> complia...@ochin.org, delete this email and destroy all copies.
> >>
>

Re: sub $500-750 CPE firewall for voip-centric application

[Javier J]

I'm a fan of the EdgeRouterLite3


I don't manage many small businesses networks anymore because we now do
only 100% cloud and remote work but I started deploying them to all my old
clients I still have on retainer.


It is a wonderful solid set it, and forget it device and you can manage it
with ssh (it is basically running a fork of Vyatta under the hood on Cavium
hardware which is nice because it does lots of hardware offload like any
other enterprise device.)


I won't use pfsense anymore because it's project was taken over by a-holes,
but that is just my personal experience.

- Javier

On Thu, May 5, 2016 at 1:53 PM, Ken Chase  wrote:

> Looking around at different SMB firewalls to standardize on so we can start
> training up our level 2/3 techs instead of dealing with a mess of
> different vendors
> at cust premises.
>
> I've run into a few firewalls that were not sip or 323 friendly however,
> wondering
> what your experiences are. Need something cheap enough (certainly <$1k,
> <$500-750 better)
> that we are comfortable telling endpoints to toss current gear/buy
> additional gear.
>
> Basic firewalling of course is covered, but also need port range forwarding
> (not available until later ASA versions for eg was an issue), QoS
> (port/flow
> based as well as possibly actually talking some real QoS protocols) and VPN
> capabilities (not sure if many do without #seats licensing schemes which
> get
> irritating to clients).
>
> We'd like a bit of diagnostic capability (say tcpdump or the like, via
> shell
> preferred) - I realize a PFsense unit would be great, but might not have
> enough brand name recognition to make the master client happy plopping
> down as
> a CPE at end client sites. (I know, "there's only one brand, Cisco."
> ASA5506x is a
> bit $$ and licensing acrobatics get irritating for end customers.)
>
> /kc
> --
> Ken Chase - Guelph Canada
>

Re: Netflix banning HE tunnels

[Javier J]

Getting back on topic here, the biggest group to blame here is the content
producers and the MPAA who insist on only giving licenses out for content
on a regional/country basis, and I would bet the balance of my bank account
that they have forced netflix to block VPNs Tunnels and anything else by
force, in order to keep the licensed content they have.


Remember that the industry has been at war with Netflix from the beginning,
the cable companies (some are also content producers) hate netflix.


I am sure that netflix doesn't give a crap where you are located as long as
you pay the subscription, it is their licensing agreements for content that
has forced their hand and created this mess.


Shame on the content producers, and shame on the MPAA.

- J

On Wed, Jun 8, 2016 at 11:54 AM, Elvis Daniel Velea  wrote:

> So, how do you identify where an IP address is used?
>
> /elvis
>
> Excuse the briefness of this mail, it was sent from a mobile device.
>
> > On Jun 8, 2016, at 18:41, Spencer Ryan  wrote:
> >
> > It identifys where you told it you are. It doesn't tell Netflix that your
> > v4 endpoint is in New Zeland and you are watching a bunch of content you
> > are not supposed to have access to.
> >
> > Is this really that hard to understand?
> >
> >
> > *Spencer Ryan* | Senior Systems Administrator | sr...@arbor.net
> > *Arbor Networks*
> > +1.734.794.5033 (d) | +1.734.846.2053 (m)
> > www.arbornetworks.com
> >
> > On Wed, Jun 8, 2016 at 11:33 AM, John Peach 
> > wrote:
> >
> >> Mine, whilst not identifying me personally, has detail down to the
> >> correct town and zipcode.
> >>
> >>
> >> On Wed, 8 Jun 2016 10:30:31 -0500
> >> Chris Adams  wrote:
> >>
> >>> Once upon a time, Owen DeLong  said:
>  Contrary to your repeated assertions, HE tunnels are NOT anonymous.
> 
>  HE operates a perfectly fine RWHOIS server that provides sufficient
>  information about each tunnel that it cannot be considered
>  anonymous.
> >>>
> >>> Unless that information is verified, it is effectively anonymous.  I
> >>> had an HE tunnel years ago, and the only verified information was my
> >>> email address.
> >>
>

RE: Netflix banning HE tunnels

[Javier J]

Tony, I agree 100% with you. Unfortunately I need ipv6 on my media subnet
because it's part of my lab. And now that my teenage daughter is
complaining about Netflix not working g on her Chromebook I'm starting to
think consumers should just start complaining to Netflix. Why should I have
to change my damn network to fix Netflix?

In her eyes it's "daddy fix Netflix" but the heck with that. The man hours
of the consumers who are affected to work around this issue is less than
the man hours it would take for Netflix to redirect you with a 301 to an
ipv4 only endpont.

If Netflix needs help with this point me in the right direction. I'll be
happy to fix it for them and send them a bill.
On Jun 8, 2016 1:46 PM, "Tony Hain"  wrote:

> Ca By wrote:
> > On Tuesday, June 7, 2016, chris  wrote:
> >
> > > it really feels alot like what net neutrality was supposed to avoid.
> > > making a policy where there is different treatment of one set of bits
> > > over another
> > >
> > > "your ipv6 bits are bad but if you turn it off the ipv4 bits are just
> fine"
> > >
> > > someone mentioned the fact that netflix is not just a content company
> > > but also acting as a network operator maybe the two should be separate
> > >
> > > i also find it ironic that they arent big fans of ISPs who use NAT or
> > > CGN and dont have 1 customer per IP yet their stifiling ipv6 and
> > > telling users to turn it off. you really cant have it both ways and
> > > complain about NAT and also say you recommend shutting off ipv6 :)
> > >
> > > hopefully they will realize imposing their own policy on how customers
> > > use their networks and the internet  this isnt worth losing customers
> > > over
> > >
> > > chris
> > >
> > >
> >
> > Again. An HE tunnel is not production ipv6. It is a toy.
>
> Well, "service that works" from an OTT provider vs. "useless crap that is
> unsupported" from the L2 provider would beg to differ about the definition
> of toy. While there has been substantial effort by the participants on this
> list to get IPv6 deployed across their national network, the local support
> team from my ISP continues to give me the "IPv6 is not supported" crap
> response when I complain that all I am getting for a business class
> connection is a /64, and I need a /48.
>
> >
> > Telling people to turn of HE tunnel is NOT the same as turning off
> > production ipv6.
>
> Rather than telling people to turn off IPv6, Netflix should have just
> redirected to an IPv4-only name and let that geo-loc deal with it. If the
> account was trying to use a vpn to bypass geo-loc, it would still fail, but
> those trying to bypass lethargic ISP deployment/support of IPv6 would not
> notice unless they looked. Given that they are likely watching the Netflix
> content at the time, they would be very unlikely to notice the packet
> headers so this would never have become an issue.
>
> Fortunately in my case since I view Netflix through Chromecasts, I can
> turn off IPv6 on the media subnet and not impact the rest of my IPv6 use. I
> shouldn't have to do that, but the ability to isolate traffic is one reason
> people on  this list need to get over the historic perception that a
> customer network is a single flat subnet. Allocating space on that
> assumption simply perpetuates the problems that come along with it. There
> is no technical reason to allocate anything longer than a /48, but for
> those that insist on doing so, please, please, please, don't go longer than
> a /56. Even a phone is a router that happens to have a voice app built in,
> so mobile providers need to stop the assumption that "it only needs a
> single subnet".
>
> Tony
>
>
> >
> > CB
> >
> >
> > > On Tue, Jun 7, 2016 at 6:35 PM, Elvis Daniel Velea  > > > wrote:
> > >
> > > > apparently, all they see is 3 people complaining on this mailing
> list..
> > > > well, this makes it 4 with me (and I have a bunch of people in
> > > > various countries complaining on facebook that they have been banned
> > > > from using netflix because they use an HE tunnel.
> > > >
> > > > their answer - TURN IPV6 OFF!!! you're a techie so if you know how
> > > > to setup a tunnel, you must know how to redirect netflix to use IPv4
> > only...
> > > > really?
> > > > the answer just pisses me off!
> > > >
> > > > Netflix, YOU are the ones forcing people to turn IPv4 off... this is
> > > > just insane. tens (if not hundred) of thousands of people chose to
> > > > use HE tunnels because their ISP does not offer IPv6..
> > > > do you really expect all of them to turn it off? do you really want
> > > > IPv6 usage in the world to go down by a few percent because you are
> > > > unable to figure out how to serve content?
> > > >
> > > > I know nobody at Netflix will even answer to the e-mails on this
> list..
> > > > but I hope that they will at least acknowledge the problem and
> > > > figure an other way to block content by country.
> > > > ie: they could try to talk to HE to register each tunnel in a
> > > > databa

Re: AT&T/Bellsouth Fiber Gear

[Javier J]

Haha, I would have done the same thing.


If it is important, someone will show up.

On Tue, Jun 28, 2016 at 5:58 PM, Carlos Alcantar  wrote:

> We had a similar situation a couple years ago we went around for weeks
> trying to find someone that could help us with the equipment.  We ended up
> pulling the power on the gear someone showed up 2 hours later.  That
> finally got us someone we could actually talk with about re locating the
> equipment in the building.
>
>
> ​
> Carlos Alcantar
> Race Communications / Race Team Member
> 1325 Howard Ave. #604, Burlingame, CA. 94010
> Phone: +1 415 376 3314 / car...@race.com / http://www.race.com
>
>
> 
> From: NANOG  on behalf of Morgan A. Miskell <
> morgan.misk...@caro.net>
> Sent: Tuesday, June 28, 2016 9:47:17 AM
> To: nanog@nanog.org
> Subject: AT&T/Bellsouth Fiber Gear
>
> Anyone on this list that can put me in touch with a contact in the
> division within AT&T that manages their fiber equipment deployed in the
> field?
>
> I need to speak with someone regarding some AT&T gear in our data center
> that is on old Bellsouth Sonet rings.. thanks!
>
> You can contact me off list via e-mail please!
>
> --
> Morgan A. Miskell
> CaroNet Data Centers
> 704-643-8330 x206
>
> 
> The information contained in this e-mail is confidential and is intended
> only for the named recipient(s). If you are not the intended recipient
> you must not copy, distribute, or take any action or reliance on it. If
> you have received this e-mail in error, please notify the sender. Any
> unauthorized disclosure of the information contained in this e-mail is
> strictly prohibited.
>
> 
>
>
>

Re: Leap Second planned for 2016

[Javier J]

> Time to start preparing


Unless you are running something that can't handle leap seconds what do you
really need to prepare for?



On Thu, Jul 7, 2016 at 12:59 PM, Andrew Gallo  wrote:

> Looks like we'll have another second in 2016:
> http://www.space.com/33361-leap-second-2016-atomic-clocks.html
>
>
> Time to start preparing
>
>

buying a /24 ipv4

[Javier J]

What are the going rates these days in north america.

What are some good sites to get a block?


In the process now of setting up an Org and AS with Arin for a client.

Thanks in advance for your help.

- Javier

Re: ChangeIP.com has been down for 20+ hours

[Javier J]

Anyone have a contact there?


They probably could have used a hot standby of their DB.

On Wed, Dec 14, 2016 at 9:24 PM, Jay Farrell via NANOG 
wrote:

> See their twitter: https://twitter.com/changeipcom
>
> ChangeIP.com ‏@ChangeIPcom  Dec 13
>
> DNS Service functions restored, website, dynamic dns, and control panel
> functions remain offline as we continue DB restore process.
>
> On Mon, Dec 12, 2016 at 11:35 AM, Brian J. Dent 
> wrote:
>
> >
>

Re: Any info on AT&T Wireless Outage?

[Javier J]

Where did you see this? Erik Prince was on the PBD podcast saying he has a
70% chance in his head it was China. I tend to learn towards human error
from my experience in the IT biz.

- J

On Wed, Feb 28, 2024 at 10:58 AM  wrote:

> I read it as “someone pushed an ACL that wasn’t properly reviewed and it
> really screwed things up."
>
> On Feb 27, 2024, at 21:41, Mark Seiden  wrote:
>
> aside from the official pablum that was released about an “incorrect
> process used”
> (which says exactly nothing) does anyone actually know anything accurate
> and
> more specific about the root cause?
>
> (and why it took 11 hours to recover?)
>
> On Feb 22, 2024, at 11:15 AM, John Councilman 
> wrote:
>
> From what I've read, they lost their database of SIM cards.  I could be
> wrong of course.
>
> On Thu, Feb 22, 2024 at 2:02 PM Dorn Hetzel  wrote:
>
>> As widespread as it seemed to be, it feels like it would be quite a trick
>> if it were a single piece of hardware.  Firmware load that ended badly, I
>> wonder?
>>
>>
>> On Thu, Feb 22, 2024 at 1:51 PM Leato, Gary via NANOG 
>> wrote:
>>
>>> Do you have the ability to expand on this at all? Do you mean a hardware
>>> failure of some kind IE router, optitcs, etc?
>>>
>>>
>>>
>>> *From:* NANOG  *On
>>> Behalf Of *R. Leigh Hennig
>>> *Sent:* Thursday, February 22, 2024 8:17 AM
>>> *To:* Robert DeVita 
>>> *Cc:* nanog@nanog.org
>>> *Subject:* Re: Any info on AT&T Wireless Outage?
>>>
>>>
>>>
>>> Word around the campfire is that it’s a Cisco issue.
>>>
>>>
>>>
>>> On Feb 22, 2024, at 8:03 AM, Robert DeVita 
>>> wrote:
>>>
>>>
>>>
>>> Reports have it starting at 4:30 a.m.. SOS on all phones..
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> *Robert DeVita**​**​**​**​*
>>>
>>> *CEO and Founder*
>>>
>>> t: (469) 581-2160 <(469)%20581-2160>
>>>
>>>  |
>>>
>>> m: (469) 441-8864 <(469)%20441-8864>
>>>
>>> e: radev...@mejeticks.com
>>>
>>>  |
>>>
>>> w: mejeticks.com 
>>>
>>> a:
>>>
>>> 2323 N Akard Street
>>>
>>> ,
>>>
>>> Dallas
>>>
>>> ,
>>>
>>> 75201
>>>
>>> 
>>>
>>> 
>>>
>>> 
>>>
>>> 
>>>
>>>
>>>
>>>
>>> The risk of trading futures and options can be substantial. All
>>> information, publications, and material used and distributed by Advance
>>> Trading Inc. shall be construed as a solicitation. ATI does not maintain an
>>> independent research department as defined in CFTC Regulation 1.71.
>>> Information obtained from third-party sources is believed to be reliable,
>>> but its accuracy is not guaranteed by Advance Trading Inc. Past performance
>>> is not necessarily indicative of future results.
>>>
>>
>
>

Any validity to this claim? Fiber cable cut to St. John USVI.

[Javier J]

https://www.reddit.com/r/TropicalWeather/comments/6zcr3y/this_is_a_message_from_st_john_us_virgin_islands/?st=j7flzzyx&sh=28637fa3

Puerto Rico just lost internet?

[Javier J]

Any info would help.

Re: Puerto Rico just lost internet?

[Javier J]

Thank you for the updates.

How long usually till generators at cell sites run out of juice?



On Wed, Sep 20, 2017 at 2:09 PM, Todd Underwood  wrote:

> the entire island is now without power:
>
> http://www.bbc.co.uk/news/world-latin-america-41340392
>  2Fnews%2Fworld-latin-america-41340392&sa=D&sntz=1&usg=
> AFQjCNEYKsHT4Y3MS40bMMoPBLC0X9-DMg>
>
>
> no bueno.
>
> t
>
> On Wed, Sep 20, 2017 at 1:36 PM, Mehmet Akcin  wrote:
>
> > There is a major outage going on in Puerto Rico and you can see it here -
> >
> > https://stat.ripe.net/PR#tabId=routing
> >
> > I am putting together some analysis as time passes - i will publish them
> in
> > a blog and share.
> >
> > On Wed, Sep 20, 2017 at 5:45 AM, Sean Donelan  wrote:
> >
> > > On Wed, 20 Sep 2017, Daniel Brisson wrote:
> > >
> > >> “Strongest storm of the century” just hit San Juan.
> > >>
> > >
> > > The number of reachable networks in Puerto Rico is down by 50%.
> > >
> > > Puerto Rico still has connectivity to the island, but outside
> facilities
> > > and electrical grid is being damaged by Hurricane Maria (Cat 4).
> > >
> >
>

Re: Puerto Rico just lost internet?

[Javier J]

Thank you for this info!


I think most of us kind of know there are backup power strategies in place
but this is very detailed and appreciated. The little communication I have
had with family on the island they tell me no internet, no cable tv, etc so
this timing is good to know for when the few cell towers that survived
start to go dark.

- J



On Wed, Sep 20, 2017 at 4:36 PM, Sean Donelan  wrote:

> On Wed, 20 Sep 2017, Javier J wrote:
>
>> How long usually till generators at cell sites run out of juice?
>>
>
> Rough, every provider is different, backup power hierarchy:
>
> Neighborhood pole boxes: 1-4 hours, batteries only. May be re-charged with
> portable generators when safe to access area. There is likely severe
> physical damage to neighborhood lines.
>
> Cell towers: 8-12 hours battery. Some, not all, towers have a natural gas
> generator or 24 hours diesel generator
>
> Central offices and cable headends: 8-12 hours battery, 1-3 days diesel
> generators. Core, tandem, and hub sites usually have more backup.
>
> Major colocation data centers: <1 hour battery, 3-14 days diesel generators
>
> Submarine cable landing points and satellite control stations: 24 hours
> battery, 30 days diesel generators
>
>

Re: Hurricane Maria: Summary of communication status - and lack of

[Javier J]

T-Mobile PR on twitter just posted that two of it's submarine cables are
out of service.

Claro PR Wireless (this is the ILEC in PR) website can't even be reached.

I am assuming this is due to power and submarine cable issues since I'm
sure t-mobile and many other providers are using the same cables.

Link to the post on twitter:
https://twitter.com/tmobilepr/status/911644083155869697

- Javier

On Fri, Sep 22, 2017 at 10:43 AM, Sean Donelan  wrote:

>
> Following up - there are three cable landing stations and 9 submarine
> cable systems connecting Puerto Rico.
>
> One of the cable landing stations experienced flooding, and shutdown its
> power system affecting some circuits.  I haven't been able to determine how
> many submarine cable systems are affected, since they share cable landing
> stations.
>
>

Re: Hurricane Maria: Summary of communication status - and lack of

[Javier J]

Keep on posting this great info Sean. It is being passed along. Just wanted
you to be aware.

On Tue, Sep 26, 2017 at 12:52 AM, Sean Donelan  wrote:

> It looks like someone kicked the cellular carriers public relations people
> into gear. Today, instead of the normal "we care" messages; they released
> statements providing more concrete details about their restoration activity
> in PR and USVI.
>
> Overall, 91.2% cell sites out of service in Puerto Rico. 34 of 78 counties
> have 100% cell sites out of service.  This will continue to change up and
> down, as sites are restored and circuits are damaged by cleanup activity.
>
> There are over 2,671 cell sites on Puerto Rico and 106 cell sites in U.S.
> Virgin Islands.  As carriers bring in tens of generators and repair
> equipment at a time, gives you some idea how long restoration will take.
>
>
> In alphabetical order...
>
> ATT:
> "We continue to send aircraft with essential supplies and network
> resources as we help the people of Puerto Rico. These flights include
> portable temporary cell sites, high capacity generators to provide
> temporary power, and other larger network equipment on cargo planes and
> barges to help restore services on the island. We planning to set up a
> number of portable cell sites in the San Juan area as soon as possible.
>
> So far, we’ve sent multiple flights carrying the following supplies:
> More than 30 generators
> 5,000+ gallons of water
> We are also focused on network restoration in the U.S. Virgin Islands are
> bringing additional resources there."
>
>
> Claro (google translate from Spanish):
> They reported that in the metropolitan area specifically, Claro's signal
> was already reaching 31 percent of customers in San Juan, 22 percent in
> Guaynabo and 18 percent in Carolina and Bayamón.
>
> At the island level, the Claro signal is up in 14 municipalities today,
> covering an average of 20 percent of the clients in Aguada, Manatí,
> Mayaguez, San Germán, Cabo Rojo, Trujillo Alto, Dorado, Camuy,
> Quebradillas, Humacao, Juncos , Caguas, Aguadilla and Toa Baja.
>
> That number will increase in the coming days.
>
>
> Sprint:
> "A vessel has already arrived in Puerto Rico with the generators and parts
> required to begin the work. In turn, a body of over 40 Sprint engineers and
> technicians in the United States were sent to the Island to join the local
> technical staff, coordinate the delivery of the equipment received and
> continue work to speed up the communication.
> A second shipment will arrive on the island this Wednesday, September 27
> with additional spare parts and materials."
>
>
> T-Mobile:
> "The damage to the infrastructure is unprecedented, but equally it is the
> support we are receiving from T-Mobile US. Between Saturday and Sunday, six
> MD11 cargo planes and one AM124 (second largest cargo plane in the world)
> arrived with 80 generators, 16 trucks, equipment to build 100 communication
> facilities. More cargo planes will arrive today with more equipment and
> personnel."
>
> T-Mobile also mentions while T-Mobile's field engineering crew was at the
> Luis Muñoz Marín Airport, they were drafted to help install a generator for
> the FAA Control Tower. That's one way to help get your supplies on the
> island.
>
>
> If you have information about other telecommunication providers in Puerto
> Rico or U.S. Virgin Islands, let me know.
>
>
>
> Due to damage to the FAA communications and guidance systems, only a dozen
> or so commercial flights can land during daylight hours each day. Airlines
> report over 20,000 people on standby lists, and nearly 1,000 people waiting
> at the airport for any flight.
>
> The Port of San Juan is open, daylight hours only, and receiving freight
> barges. While there is a plenty of fuel, food and supplies at the port;
> getting truck drivers to the port and damage/blocked roads is slowing
> distribution of supplies to the rest of the island. U.S. Mail and other
> express delivery companies still do not have service in Puerto Rico.
> Limited U.S. Mail hand-out service is available at a few post offices in
> U.S. Virgin Islands.
>

Re: Hurricane Maria: Summary of communication status - and lack of

[Javier J]

> Telecommunications:

  Pictures posted on twitter of joint restoration meeting between..


What twitter feed was this?

I didn't catch it.

On Wed, Sep 27, 2017 at 5:44 PM, Sean Donelan  wrote:

>
> After a week without power, all the stationary batteries throughout the
> telecommunications network are likely completely drained.  This makes
> restoration even more difficult, like a dead car battery needing a jump
> start.
>
> I am focusing on U.S. territories, but there is also disaster response
> from Hurricanes Irma and Maria on Antigua and Barbuda, Cuba, Dominica,
> Montserrat, Saint Martin, and St. Kitts and Nevis.
>
> Fatalities, including deaths attributed to post-hurricane recovery:
>Hurricane Iram: 72 - Florida; 40
>  -
> Caribbean
>Hurricane Maria: 16 - Puerto Rico; 2
>  -
> U.S. Virigin Islands; 15 - Dominica, 3 - Haiti; 2 - Guadeloupe
>
> Department of Defense:
>Supporting FEMA, the Department of Defense has deployed USNORTHCOM
> Brigadier General Rich Kim to Puerto Rico to manage the Title 10 (military)
> response efforts in Puerto Rico and U.S. Virgin Islands. USSOUTHCOM
> continues to support relief activities elsewhere in the Caribbean.
>
>
> Airports and sea ports:
>Puerto Rico: 3 sea ports open; 5 sea ports open with restrictions,
> daylight hours only. 9 airports are open. Only San Juan Airport open to
> commercial air traffic, approximately 15-20 commercial flights.  All other
> flights reserved for priority military and relief activities.
>
>U.S Virgin Islands: 4 sea ports open with restrictions, daylight hours
> only.  U.S. VI airports closed except military and relief flights.
>
>
> Electricity:
>Puerto Rico: 1.57 million customers out of service. An estimate of 4%
> has been restored. Restoring power to airports, hospitals, sea ports and
> water treatment plants are still critical priorities.  80% of transmission
> lines damaged, power generation plants appear intact.
>
>U.S. Virgin Islands: 55,000 customers out of service, most of the
> islands. St. Thomas has five feeders partially energised. St. Croix has
> three feeders partially energized. Restoring power to airports, hospitals,
> sea ports and water treatment plants are still critical priorities.
>
>
> Telecommunications:
>
>   Pictures posted on twitter of joint restoration meeting between
> telecommunications providers, FEMA and Puerto Rico Telecommunications
> Regulatory Board. From the logos & colors on shirts: Claro, T-Mobile,
> Sprint, and many other company logos I couldn't make out (estimate 20
> people in the room).
>
>   Reports of generators and fuel stolen from cell sites and remote
> telecommunications locations. This is not unusual during disasters.  The
> Puerto Rico Telecommunications Industry Alliance, which appears to be a
> lobbying group of communication companies in Puerto Rico, has sent a letter
> about the need for FEMA to coordinate logistics and prioritize access to
> fuel and security. PRTIA (or APT in Spanish) has existed for a few years,
> but I can't judge if its letter represents telecommunication companies in
> Puerto Rico.
>
>   Puerto Rico:
>  2,432 of 2,671 cell sites (91%) out of service.
>  No update/change to cable and wireline systems, about 55% of central
> offices with voice, data and long-distance.  The rest with only local
> voice, no inter-office connections.  No clear description about status of
> local loops or subscribers with service.
>
>  Pictures of Liberty Cable PR repair crews posted on twitter. I still
> haven't found a public statement about LibertyPR's status.
>
>  Approximately 450-500 out of 1200 Internet networks and 35-38 out of
> 48 ASNs are present in the global Internet routing table, with occasional
> up/down changes due to restoration activity.
>
>   U.S. Virigin Islands:
>  70 of 106 cell sites (66%) out of service.
>  No update/change to cable and wireline systems.
>
>  U.S. Virgin Islands Internet routes have nearly returned to normal,
> with occasional up/down blips due to restoration activity.
>
>
> I'm not ignoring the status competitive and smaller USVI and PR
> communication providers, its just difficult to find official statements
> from them.  If you have status about them, let me know.
>

Re: Hurricane Maria: Summary of communication status - and lack of

[Javier J]

At this point, I wouldn't trust status.pr and any media reports without
verifying information. As far as LibertyPR is concerned my cousin who lives
in Carolina, PR told me thieves were stealing fiber optic cable after the
storm. I trust the Seon Donelan, FCC, US Military, FEMA reports in that
order. There was a report that 33% of cell phone service was reported. That
is BS. We know from FCC reports it is still at ~90% out as far as number of
operational cell sites.


The media here in the states is no better. I have multiple confirmations
and am looking for hard proof but the Teamsters Puerto Rico trucking union
is refusing to move containers out of the port. Only 20% of truckers showed
up for work. Perhaps someone who works at Crowley can give us more concrete
info but if you can't even move supplies out of the port, how the heck are
you supposed to replace wires/fiber/fuel etc?


Here is a CNBC report:  https://www.youtube.com/watch?v=f4Z01o4tBlI

- Javier







On Sat, Sep 30, 2017 at 4:39 PM, Sean Donelan  wrote:

> On Sat, 30 Sep 2017, Sean Donelan wrote:
>
>> The first public statement I've seen from LibertyPR was yesterday. Their
>> network was completely down.  They've restored some of their main
>> infrastructure, i.e. cable headends and main fiber connections.
>> 100% of subscribers are out of service.
>>
>> I've seen pictures on twitter of LibertyPR crews fixing cables and poles
>> on the island.
>>
>
> Liberty cable Puerto Rico has put out a press release today.
>
> LibertyPR is opening one public WiFi hot spot in Bahia Urbana in San Juan
> from 3pm to 7pm Saturday, and 8am to 7pm daily starting Sunday.
>
> Additional hot spots will be announced by LibertyPR via press release in
> the future.
>
> I guess this is a sign LibertyPR's public relations office is back in
> operation.
>

Re: Hurricane Maria: Summary of communication status - and lack of

[Javier J]

> Do FEMA and the National Guard have the authority to commandeer the
trucks and deliver the containers themselves?


I hope they do. There doesn't seem to be a shortage of FEMA, Army, etc
personnel on the ground or a shortage of truck drivers in the US willing to
help. If 80% of Truck drivers that pick up containers from the ports can't
make it, then this needs to be supplemented any way possible to get things
moving.

On Sun, Oct 1, 2017 at 11:09 PM, Jason Baugher 
wrote:

> The more I read about this, the more disturbed I get. On the one hand, we
> keep hearing that the trucks aren't moving because roads are impassable.
> Then I read that government officials are driving from their remote areas
> to San Juan to ask why no aid is coming, disputing the claims about the
> roads. We hear that there isn't fuel for the trucks, then a reporter from
> CNBC disputes that claim as well. The only thing that seems to be a common
> thread is that there are massive amounts of supplies sitting in San Juan
> and that they can't get truck drivers to deliver them.
>
> Do FEMA and the National Guard have the authority to commandeer the trucks
> and deliver the containers themselves? The telcom companies aren't going to
> be able to do much by way of repairs without supplies.
>
> On Sun, Oct 1, 2017 at 9:28 PM, Javier J 
> wrote:
>
>> At this point, I wouldn't trust status.pr and any media reports without
>> verifying information. As far as LibertyPR is concerned my cousin who
>> lives
>> in Carolina, PR told me thieves were stealing fiber optic cable after the
>> storm. I trust the Seon Donelan, FCC, US Military, FEMA reports in that
>> order. There was a report that 33% of cell phone service was reported.
>> That
>> is BS. We know from FCC reports it is still at ~90% out as far as number
>> of
>> operational cell sites.
>>
>>
>> The media here in the states is no better. I have multiple confirmations
>> and am looking for hard proof but the Teamsters Puerto Rico trucking union
>> is refusing to move containers out of the port. Only 20% of truckers
>> showed
>> up for work. Perhaps someone who works at Crowley can give us more
>> concrete
>> info but if you can't even move supplies out of the port, how the heck are
>> you supposed to replace wires/fiber/fuel etc?
>>
>>
>> Here is a CNBC report:  https://www.youtube.com/watch?v=f4Z01o4tBlI
>>
>> - Javier
>>
>>
>>
>>
>>
>>
>>
>> On Sat, Sep 30, 2017 at 4:39 PM, Sean Donelan  wrote:
>>
>> > On Sat, 30 Sep 2017, Sean Donelan wrote:
>> >
>> >> The first public statement I've seen from LibertyPR was yesterday.
>> Their
>> >> network was completely down.  They've restored some of their main
>> >> infrastructure, i.e. cable headends and main fiber connections.
>> >> 100% of subscribers are out of service.
>> >>
>> >> I've seen pictures on twitter of LibertyPR crews fixing cables and
>> poles
>> >> on the island.
>> >>
>> >
>> > Liberty cable Puerto Rico has put out a press release today.
>> >
>> > LibertyPR is opening one public WiFi hot spot in Bahia Urbana in San
>> Juan
>> > from 3pm to 7pm Saturday, and 8am to 7pm daily starting Sunday.
>> >
>> > Additional hot spots will be announced by LibertyPR via press release in
>> > the future.
>> >
>> > I guess this is a sign LibertyPR's public relations office is back in
>> > operation.
>> >
>>
>
>

Re: Hurricane Maria: Summary of communication status - and lack of

[Javier J]

This is great to hear Nicholas.

On Mon, Oct 2, 2017 at 5:55 PM, Nicholas Harland  wrote:

> Hi Sean,
>
> Thank you for all of your updates. I am just catching up on them because I
> only recently got back from the virgin islands. I am one of those
> volunteers working in the USVI. St John specifically. We are building out a
> wireless network, and had our first hotspot up in Cruz Bay 4 days after
> Maria, with connectivity to NPS/FEMA/Red Cross/St John Rescue/Fire/Police
> just a few days after that.
>
> If there are technical minded and physically able bodied people would like
> to join the effort on St John, even just for a 1-2 week rotation, I would
> be happy to discuss what we need in terms of support and can make all
> arrangements on the island for housing etc. Getting some relief and fresh
> minds in would be a great help as our team is primarily St John residents
> who have been on the island through both hurricanes and have had to deal
> with their own personal situations while also trying to get internet up
> where it's needed.
>
> St John was hit directly by Irma, infrastructure was completely destroyed,
> but it's a very small island and so the humanitarian situation there is
> much more stable than Puerto Rico, but many of the resources that were
> assisting on STJ are now rightfully being diverted to SJU. You could expect
> to sleep somewhere that has a generator running overnight, have access to
> refrigeration/freezer (though cannot open fridge during day). Food/water
> situation is fine there, we have a beach volleyball game on Sundays, more
> generators are appearing on the island and some businesses are opening.
>
> Regards,
>
> Nick Harland
>
>
>
>
> On Sun, Sep 24, 2017 at 2:13 PM, Sean Donelan  wrote:
>
> > On Sun, 24 Sep 2017, Mike Hammett wrote:
> >
> >> There are a bunch of WISPs waiting to go rebuild, but waiting for the
> >> clearance to do so.
> >>
> >
> > I'm not sure what clearances they are waiting for.  If they are already
> in
> > Puerto Rico, self-sufficient, and respect curfews and other emergency
> > responders, they should be able to start local restoration and recovery
> > activities.
> >
> > Several local ISPs and communication providers have announced open public
> > WiFi hotspots outside their Puerto Rico offices during non-curfew hours.
> > I've also seen reports from individuals volunteering on the Virigin
> Islands
> > setting up internet access.
> >
> > If they are not already on the island, most Puerto Rican airports and
> > ports are still closed to non-military or relief activities. There is no
> > U.S. mail or freight service. Only one airport was open for limited
> > commercial flights.  They will need to bring everything neccessary to
> > support themselves, including food, water, shelter, etc.
> >
> > Managing volunteers who want to help is difficult in all disasters.
> Unless
> > they have training how to survive and take care of themselves in such a
> > situation, letting in outside well-meaning volunteers sometimes become
> > additional people who need to rescue.
> >
> > WISPs already on Puerto Rico or U.S. Virigin Islands, with resources for
> > recovery and restoration of communications; can contact the FCC
> Operations
> > Center, (202) 418-1122, fccoperationcen...@fcc.gov
> >
> > http://transition.fcc.gov/Daily_Releases/Daily_Business/2017
> > /db0920/DA-17-913A1.pdf
> >
> >
>

Re: Hurricane Maria: Summary of communication status - and lack of

[Javier J]

@ Jean

Interesting stuff. Please keep this thread updated with info on that
initiative.

On Fri, Oct 6, 2017 at 9:55 PM, Jean-Francois Mezei <
jfmezei_na...@vaxination.ca> wrote:

> I have not ound the official announcements, but the press is reporting
> that the FCC has granted Google rights to fly 30 of its "Loon" high
> altitude ballons to provide cellular cervice in Puerto Rico for up to 6
> months.
>
> (From my readings, there are glorified relays of ground based signals
> (which I assume some antennas have to be oriented to face up towards the
> balloons).
>
> The Loon will use spectrum allocated to the carriers they relay (and got
> their OK)
>
> Altitude 20km. (so not sure they need 30 balloons, 1 probably suffices
> to cover all of PR).
>
> I suspect more concrete info will be coming.
>

Re: Chinese websites loading slower recently?

[Javier J]

The great firewall.

https://en.wikipedia.org/wiki/Great_Firewall






On Mon, Oct 23, 2017 at 2:18 PM, Olivier Benghozi <
olivier.bengh...@wifirst.fr> wrote:

> I can confirm, several customers complaining of being suddenly unable to
> access baidu/weibo and so on
> Same conclusion ensues.
>
> > On 20 oct. 2017 at 23:27, Tianhao Xiao  wrote :
> >
> > The National Congress[0] just happened, and the Chinese government does
> > make a very big deal out of it. I know that many universities were asked
> > to temporarily block inbound HTTP traffic, which even affected open
> > source mirrors during that time.
> >
> > With all this going on it is only natural that something restrictive
> > happened to the rest of the international network. I'm not exactly sure
> > what has been done, but it is very likely that it is not your problem.
> >
> >
> > On Fri, 20 Oct 2017, at 08:51, Simon Lockhart wrote:
> >>
> >> Is anyone else seeing an increase in problems related to Chinese
> >> websites?
>
>

Re: Definition of ISP vs Transit provider

[Javier J]

I can't seem to find the answer for this. But I'm curious as to what
exactly is proposed.

On Wed, Nov 22, 2017 at 3:35 PM, Jean-Francois Mezei <
jfmezei_na...@vaxination.ca> wrote:

> The FCC is about to reclassify "Broadband Internet Access Service" as an
> information service instead of Telecommunications Service. This
> prombpted the following question which isn't about the FCC action per say.
>
> This is about how does one define Transit provider vs ISP ?
>
> Cogent for instance acts as a transit provider to other networks but
> also sells connectivity to companies.
>
> Peer1 in Canada used to sell "transit" to a then small emerging ISP, but
> as its sole transit provider, provided the BGP management as well as
> peering at Torix.  Is the service to the ISP still called "transit" ?
>
> Or would ISP be defined as the organsation which assigns IPs to end
> users via PPPoE of DHCP ?
>
> One could argue that a network which assigns 4 or less IPs per customer
> would be an ISP. But what about IPv6 where the ISP could give each end
> user a /64 ?
>
> Just curious to see if there are agreed upon definitions from the
> network operators's point of view.
>
> I note that large companies tend to do everything from transit, to
> residential ISP, business ISP, libraries, airports etc. For Bell Canada,
> it is almost all under AS577. So separating what is telecom and what is
> information becomes more "interesting".
>
>
>
>
>
>
>
>
>
> As a point of reference this is what I *think* the FCC defines as an ISP:
>
> ##
> 23. Broadband Internet access service also does not include virtual
> private network (VPN) services, content delivery networks (CDNs),
> hosting or data storage services, or Internet backbone services (if
> those services are separate from broadband Internet access service),
> consistent with past Commission precedent.69 The Commission has
> historically distinguished these services from “mass market” services,
> as they do not provide the capability to transmit data to and receive
> data from all or substantially all Internet endpoints.70 We do not
> disturb that finding here.
>
> 24. Finally, we observe that to the extent that coffee shops,
> bookstores, airlines, private end- user networks such as libraries and
> universities, and other businesses acquire broadband Internet access
> service from a broadband provider to enable patrons to access the
> Internet from their respective establishments, provision of such service
> by the premise operator would not itself be considered a broadband
> Internet access service unless it was offered to patrons as a retail
> mass market service, as we define it here.71 Likewise, when a user
> employs, for example, a wireless router or a Wi-Fi hotspot to create a
> personal Wi-Fi network that is not intentionally offered for the benefit
> of others, he or she is not offering a broadband Internet access
> service, under our definition, because the user is not marketing and
> selling such service to residential customers, small business, and other
> end-user customers such as schools and libraries.
> ##
>
> The full 210 proposed FCC decision is at:
> https://apps.fcc.gov/edocs_public/attachmatch/DOC-347927A1.pdf
>
>

Re: AWS EC2 us-west-2 reboot

[Javier J]

Just got the same email. Not just US. Servers in Sydney we have also. Why
such short notice?
On Sep 24, 2014 4:58 PM, "Grant Ridder"  wrote:

> Doubt it since a bash patch shouldn't require a reboot
>
> On Wed, Sep 24, 2014 at 1:51 PM, Gabriel Blanchard 
> wrote:
>
> > Bash related?
> >
> > > On Sep 24, 2014, at 4:47 PM, "Grant Ridder" 
> > wrote:
> > >
> > > As an FYI,  it looks like Amazon is doing a mass reboot of the physical
> > > hosts in us-west-2 across all AZ's and it is scheduled to start
> tomorrow
> > > and take a couple days.
> > > Go to *
> > https://console.aws.amazon.com/ec2/v2/home?region=us-west-2#Events
> > > :*
> > to
> > > see what instances are affected when.
> > >
> > > -Grant
> >
>

NTT high packet loss from US and BR to AU?

[Javier J]

Anyone else notice this?

Or is this an AWS issue in APAC that hasn't been reported yet?

AU-NY(aws)
18. xe-1.level3.lsanca03.us.bb.gin.n 72.0%

BR(aws)-AU(aws)
11. ae-9.r20.snjsca04.us.bb.gin.ntt.net 71.4%


NJ/NYC to AU(aws)
9. ae-9.r20.asbnva02.us.bb.gin.ntt.net 45.9% 772 10.1 16.4 9.2 94.4 13.3
10. ae-2.r21.lsanca03.us.bb.gin.ntt.net 40.5% 772 69.6 72.7 69.3 149.2 9.0

Re: NTT high packet loss from US and BR to AU?

[Javier J]

On Thu, Oct 23, 2014 at 12:34 AM, Javier J 
wrote:

> from Newark, NJ
>
> 1. pfsense.home 0.0%   295
>  0.2   0.1   0.1   0.7   0.0
>  2. l100.nwrknj-vfttp-134.verizon-gni.net0.0%   294
>  1.1   8.7   0.9 297.7  31.3
>  3. g0-14-4-1.nwrknj-lcr-21.verizon-gni.net  0.0%   294
>  1.9   4.1   1.6  21.2   2.0
>  4. ae3-0.nwrk-bb-rtr1.verizon-gni.net   0.0%   294
> 30.6  13.3   1.6 127.7  22.0
>  5. ???
>  6. 0.ae1.br3.nyc4.alter.net 0.0%   294
> 22.1   5.0   4.6  36.0   2.2
>  7. 204.255.169.234  0.0%   294
>  3.3   4.0   2.9 221.6  12.7
>  8. ae-2.r23.nycmny01.us.bb.gin.ntt.net  2.4%   294
>  8.9   7.0   3.4  33.8   6.2
>  9. ae-9.r20.asbnva02.us.bb.gin.ntt.net 47.3%   294
>  9.6  16.7   9.2  35.8   6.5
> 10. ae-2.r21.lsanca03.us.bb.gin.ntt.net  0.0%   294
> 71.5  72.2  71.3  91.8   1.9
> 11. xe-0-0-0.r02.lsanca03.us.bb.gin.ntt.net  5.1%   294
> 68.5  69.4  68.0 106.7   4.8
> 12. as-1.r05.sydnau01.au.bb.gin.ntt.net 13.6%   294
>  292.2 289.8 280.8 313.7   3.5
> 13. xe-0-1-0.a06.sydnau01.au.ra.gin.ntt.net 11.2%   294
>  288.5 290.3 281.5 348.9   5.5
> 14. 202.68.70.10 9.5%   294
>  294.3 289.7 280.6 308.9   3.3
> 15. 54.240.192.89   10.6%   294
>  291.4 288.7 279.5 299.8   3.2
> 16. 54.240.192.113  10.9%   294
>  290.1 287.5 279.2 298.7   3.0
> 17. 54.240.192.171  11.9%   294
>  296.2 291.4 282.1 299.1   3.1
> 18. 54.240.192.160  11.3%   294
>  296.2 292.2 283.9 299.6   3.2
> 19. s3-website-ap-southeast-2.amazonaws.com 15.4%   294
>  292.1 291.6 281.9 299.0   3.0
>
> From AWS brazil.
>
>
>  Host
>  Loss%   Snt   Last   Avg  Best  Wrst StDev
>  1. ec2-177-71-128-6.sa-east-1.compute.amazonaws.com
>0.0%  13640.6   0.8   0.5  41.3   3.1
>  2. 177.72.240.152
>  0.0%  13640.9   1.2   0.7  50.6   3.6
>  3. 177.72.240.134
>  2.8%  13641.0   1.2   0.7  23.1   2.4
>  4. 2-2-0-0-IPV4-GRASAOTM1
>  0.0%  13641.5   0.9   0.6  34.3   2.7
>  5. 5.53.5.246
>  0.0%  13641.6   9.7   1.3 117.4  21.1
>  6. Xe2-0-2-0-grtmiana2.red.telefonica-wholesale.net
>0.0%  1364  117.4 119.5 117.1 134.5   3.5
> TE-0-5-0-3-GRTMIANA4.red.telefonica-wholesale.net
> Xe2-0-0-0-grtmiana2.red.telefonica-wholesale.net
>  7. Xe2-1-3-0-grtmiabr4.red.telefonica-wholesale.net
>0.0%  1364  119.4 127.9 119.0 304.6  22.1
> Te0-10-0-6-grtmiabr6.red.telefonica-wholesale.net
>  8. Xe0-0-0-0-grtpaopx2.red.telefonica-wholesale.net
>0.0%  1364  181.9 184.2 181.8 250.1   8.0
> Xe1-3-0-0-grtpaopx2.red.telefonica-wholesale.net
>  9. 213.140.53.178
>  0.0%  1364  182.8 182.5 181.9 185.8   0.7
> 10. ae-15.r01.snjsca04.us.bb.gin.ntt.net
>0.8%  1364  525.1 535.6 497.8 546.8   6.1
> 11. ae-9.r20.snjsca04.us.bb.gin.ntt.net
>  52.1%  1364  200.8 192.8 180.5 214.9   9.3
> 12. ae-7.r21.lsanca03.us.bb.gin.ntt.net
>   0.3%  1364  183.5 184.4 182.5 263.8   6.1
> 13. xe-0-0-0.r02.lsanca03.us.bb.gin.ntt.net
>   2.5%  1364  183.9 183.8 182.5 224.1   4.4
> 14. as-3.r05.sydnau01.au.bb.gin.ntt.net
>   3.2%  1364  546.5 544.3 520.7 642.3   8.0
> 15. xe-0-1-0.a06.sydnau01.au.ra.gin.ntt.net
>   1.7%  1364  538.6 542.2 514.5 653.1   8.3
> 16. 202.68.70.10
>  2.3%  1364  411.3 413.8 384.3 445.4   3.5
> 17. 54.240.192.93
>   2.5%  1364  406.3 411.9 387.9 420.2   2.7
> 18. 54.240.192.117
>  2.2%  1363  405.5 412.5 394.0 482.0   6.6
> 19. 54.240.192.193
>  2.8%  1363  406.7 410.6 396.2 420.2   2.4
> 20. s3-website-ap-southeast-2.amazonaws.com
>   2.6%  1363  407.6 410.5 397.2 415.7   2.4
>
>
> From an AWS instance in Sydney to 4.2.2.2
>
>  1. ip-10-5-69-193.ap-southeast-2.co  0.0%  15450.8   5.3   0.6 180.5
>  17.3
>  2. 100.68.201.6  0.0%  15450.5   0.4   0.3  44.0
>   1.4
>  3. 100.68.201.46 0.0%  15450.4   0.3   0.3  28.9
>   0.9
>  4. 100.67.186.7  0.0%  15450.4   0.3   0.3  38.9
>   1.2
>  5. 100.67.185.2420.0%  15451.2   0.8   0.6   2.7
>   0.3
>  6. 100.64.135.1770.0%  15450.8   0.8   0.7   3.0
>   0.3
>  7. 100.64.128.2400.0%  15451.0   0.8   0.6   2.6
>   0.3
>  8. 100.64.57.

Re: NTT high packet loss from US and BR to AU?

[Javier J]

So we have a nagios box in the environment in Sydney and everything is 100%
ok.

new relic kept loosing connectivity to 30 plus servers on and off.

Guys from California can ssh in, some cant.

AWS reports everything operating as normal.

Guys from other parts of the world can and can't load web pages.

All servers show low usage (if you can ssh to them)

It seems to be getting better now but still not right.

This is from a box in AWS(sys) to level 3 dns server.

--- 4.2.2.2 ping statistics ---
70 packets transmitted, 68 received, 2% packet loss, time 69744ms
rtt min/avg/max/mdev = 143.646/151.662/154.732/2.943 ms
[root@Webapp javier]#

Before it was 70% packet lost to that host. There is a mtr traceroute in a
previous email. Look for AU-US



On Thu, Oct 23, 2014 at 12:41 AM, Justin M. Streiner <
strei...@cluebyfour.org> wrote:

> Do you see any other indications of performance problems?
>
> jms
>
>
> On Thu, 23 Oct 2014, Javier J wrote:
>
>  Anyone else notice this?
>>
>> Or is this an AWS issue in APAC that hasn't been reported yet?
>>
>> AU-NY(aws)
>> 18. xe-1.level3.lsanca03.us.bb.gin.n 72.0%
>>
>> BR(aws)-AU(aws)
>> 11. ae-9.r20.snjsca04.us.bb.gin.ntt.net 71.4%
>>
>>
>> NJ/NYC to AU(aws)
>> 9. ae-9.r20.asbnva02.us.bb.gin.ntt.net 45.9% 772 10.1 16.4 9.2 94.4 13.3
>> 10. ae-2.r21.lsanca03.us.bb.gin.ntt.net 40.5% 772 69.6 72.7 69.3 149.2
>> 9.0
>>
>>

Re: NTT high packet loss from US and BR to AU?

[Javier J]

Thank you Andree,

This confirms it wasn't just us. I am curious if anyone knows what the
issue was. I can't find anything on NTT website.

On Thu, Oct 23, 2014 at 1:25 AM, Andree Toonk  wrote:

> Yup seeing the same. Following examples all show same loss pattern
> between ~ 3:30 and ~ 4:30 UTC:
>
> syd ntt - nyc ntt
> syd ntt - mia ntt
> syd ntt - cdg ntt (paris)
> syd ntt - ams ntt
>
> One example:
> http://i.imgur.com/TmCkd1B.png?1
>
> Cheers,
>  Andree
>
>
>
> .-- My secret spy satellite informs me that at 2014-10-22 9:54 PM
> Javier J wrote:
> > So we have a nagios box in the environment in Sydney and everything is
> 100%
> > ok.
> >
> > new relic kept loosing connectivity to 30 plus servers on and off.
> >
> > Guys from California can ssh in, some cant.
> >
> > AWS reports everything operating as normal.
> >
> > Guys from other parts of the world can and can't load web pages.
> >
> > All servers show low usage (if you can ssh to them)
> >
> > It seems to be getting better now but still not right.
> >
> > This is from a box in AWS(sys) to level 3 dns server.
> >
> > --- 4.2.2.2 ping statistics ---
> > 70 packets transmitted, 68 received, 2% packet loss, time 69744ms
> > rtt min/avg/max/mdev = 143.646/151.662/154.732/2.943 ms
> > [root@Webapp javier]#
> >
> > Before it was 70% packet lost to that host. There is a mtr traceroute in
> a
> > previous email. Look for AU-US
> >
> >
> >
> > On Thu, Oct 23, 2014 at 12:41 AM, Justin M. Streiner <
> > strei...@cluebyfour.org> wrote:
> >
> >> Do you see any other indications of performance problems?
> >>
> >> jms
> >>
> >>
> >> On Thu, 23 Oct 2014, Javier J wrote:
> >>
> >>  Anyone else notice this?
> >>> Or is this an AWS issue in APAC that hasn't been reported yet?
> >>>
> >>> AU-NY(aws)
> >>> 18. xe-1.level3.lsanca03.us.bb.gin.n 72.0%
> >>>
> >>> BR(aws)-AU(aws)
> >>> 11. ae-9.r20.snjsca04.us.bb.gin.ntt.net 71.4%
> >>>
> >>>
> >>> NJ/NYC to AU(aws)
> >>> 9. ae-9.r20.asbnva02.us.bb.gin.ntt.net 45.9% 772 10.1 16.4 9.2 94.4
> 13.3
> >>> 10. ae-2.r21.lsanca03.us.bb.gin.ntt.net 40.5% 772 69.6 72.7 69.3 149.2
> >>> 9.0
> >>>
> >>>
> >
>

Re: NIST NTP Server List

[Javier J]

Either is alcatel-lucent.com for the past 2 days I noticed. Ipv6 version of
their site broken.
 On Oct 30, 2014 1:18 PM, "Brian Christopher Raaen" <
mailing-li...@brianraaen.com> wrote:

> It is now working over IPv6
>
> On Thu, Oct 30, 2014 at 10:09 AM, Brian Christopher Raaen <
> mailing-li...@brianraaen.com> wrote:
>
> > Still acting up for me this morning.
> >
> > On Wed, Oct 29, 2014 at 4:05 PM, Doug Barton 
> wrote:
> >
> >> On 10/29/14 12:36 PM, Christopher Morrow wrote:
> >>
> >>> On Wed, Oct 29, 2014 at 11:36 AM, Doug Barton 
> >>> wrote:
> >>>
>  Happy Eyeballs has nothing to do with it. This is a server
>  misconfiguration
>  plain and simple.
> 
> 
> >>> I meant that it seems that v4 is broken, but v6 is not.
> >>>
> >>
> >> Other way around.
> >>
> >>
> >
> >
> > --
> > Brian Christopher Raaen
> > Network Architect
> > Zcorum
> >
>
>
>
> --
> Brian Christopher Raaen
> Network Architect
> Zcorum
>

Re: Kind of sad

[Javier J]

Is there a vulnerability in telnet to be exploited? If not it might be on
purpose. I know of switching gear that is publicly accessible via telnet.

On Mon, Nov 10, 2014 at 10:58 PM, Jason Hellenthal 
wrote:

> Ha ya know what they say... Don't ever trust someone that says "trust
> me..."
>
> --
>  Jason Hellenthal
>  Mobile: +1 (616) 953-0176
>  jhellent...@dataix.net
>  JJH48-ARIN
>
> On Nov 10, 2014, at 21:43, Joe  wrote:
>
> Generally speaking its best you do what your good at and this is not it.
>
> Exposing there is a window open to a gov agency is not hacking, trust me. I
> would say go back to fathering children and once you have a few more years
> under your belt feel free to join in.
> > On Mon, Nov 10, 2014 at 5:48 PM, Brian Henson 
> wrote:
> >
> > Generally speaking its a bad idea to show you hacking into a server.
> Makes
> > it to easy to prosecute those who do.
> >
>

Re: Kind of sad

[Javier J]

I agree with you 100 percent. But my point is. Telnet in and of itself
isn't broken. Not that I would want to leave it open to the world.  He.net
has a router you can log into over telnet with no auth. Forgot URL but you
can find it on their site.
On Nov 11, 2014 4:05 AM, "Karl Auer"  wrote:

> On Tue, 2014-11-11 at 03:32 -0500, Javier J wrote:
> > Is there a vulnerability in telnet to be exploited? If not it might be on
> > purpose. I know of switching gear that is publicly accessible via telnet.
>
> telnet does not of itself encrypt anything. If you log in somewhere via
> telnet, everything that passes between you and the remote end is passing
> in clear text. That is true for all data sent to you or from you during
> the whole session, but especially for the username and password you may
> have used to log in with.
>
> Unless you have secured the channel by some other means (an encrypted
> tunnel, for example) or you own and control and can vouch for every
> piece of the infrastructure between you and the remote end, using telnet
> is just about the most insecure thing you can do short of mailing stuff
> to yourself on postcards.
>
> Someone who puts a real switch doing real work on the Internet with
> working telnet access is asking to have at least the switch compromised
> very quickly. A plaything, a honeypot, or a teaching tool - maybe.
> Anything else, probably a bad idea. Remember that if I own your switch,
> I own all the data sent to or from any system connected to that
> switch...
>
> Regards, K.
>
> --
> ~~~
> Karl Auer (ka...@biplane.com.au)
> http://www.biplane.com.au/kauer
> http://twitter.com/kauer389
>
> GPG fingerprint: EC67 61E2 C2F6 EB55 884B E129 072B 0AF0 72AA 9882
> Old fingerprint: B862 FB15 FE96 4961 BC62 1A40 6239 1208 9865 5F9A
>
>
>

Re: Kind of sad

[Javier J]

Found it.

telnet://route-server.he.net
 On Nov 11, 2014 6:05 AM, "Javier J"  wrote:

> I agree with you 100 percent. But my point is. Telnet in and of itself
> isn't broken. Not that I would want to leave it open to the world.  He.net
> has a router you can log into over telnet with no auth. Forgot URL but you
> can find it on their site.
> On Nov 11, 2014 4:05 AM, "Karl Auer"  wrote:
>
>> On Tue, 2014-11-11 at 03:32 -0500, Javier J wrote:
>> > Is there a vulnerability in telnet to be exploited? If not it might be
>> on
>> > purpose. I know of switching gear that is publicly accessible via
>> telnet.
>>
>> telnet does not of itself encrypt anything. If you log in somewhere via
>> telnet, everything that passes between you and the remote end is passing
>> in clear text. That is true for all data sent to you or from you during
>> the whole session, but especially for the username and password you may
>> have used to log in with.
>>
>> Unless you have secured the channel by some other means (an encrypted
>> tunnel, for example) or you own and control and can vouch for every
>> piece of the infrastructure between you and the remote end, using telnet
>> is just about the most insecure thing you can do short of mailing stuff
>> to yourself on postcards.
>>
>> Someone who puts a real switch doing real work on the Internet with
>> working telnet access is asking to have at least the switch compromised
>> very quickly. A plaything, a honeypot, or a teaching tool - maybe.
>> Anything else, probably a bad idea. Remember that if I own your switch,
>> I own all the data sent to or from any system connected to that
>> switch...
>>
>> Regards, K.
>>
>> --
>> ~~~
>> Karl Auer (ka...@biplane.com.au)
>> http://www.biplane.com.au/kauer
>> http://twitter.com/kauer389
>>
>> GPG fingerprint: EC67 61E2 C2F6 EB55 884B E129 072B 0AF0 72AA 9882
>> Old fingerprint: B862 FB15 FE96 4961 BC62 1A40 6239 1208 9865 5F9A
>>
>>
>>

Anyone else having trouble reaching thepiratebay.se? AS39138

[Javier J]

Name:   thepiratebay.se
Address: 194.71.107.27

Its reachable from some places and not others.

Is it being filtered?

Is it being hijacked?

Email to them bounced from google apps.

Are we now officially living in a police state?

mtr dies at hop 2 for me:

2. l100.nwrknj-vfttp-134.verizon-gni.net  ( 173.70.26.1 )

Is verizon now censoring the internet for me?

Re: Anyone else having trouble reaching thepiratebay.se? AS39138

[Javier J]

Here is one from an EC2 instance in Sydney.

 2. 100.68.201.19   0.0%24
 0.5   0.6   0.4   4.3   0.8
 3. 100.68.201.41   0.0%24
 0.4   0.5   0.4   0.6   0.1
 4. 100.67.166.50.0%24
 0.4   0.4   0.3   0.5   0.1
 5. 100.67.164.126  0.0%24
 8.7   3.0   0.9   9.8   3.0
 6. 100.64.134.79   0.0%24
 1.0   4.7   0.8  13.6   4.6
 7. 100.64.129.14   0.0%24
 1.9   2.5   0.8  15.0   3.7
 8. 100.64.57.640.0%24
 0.8   0.6   0.3   3.8   0.7
 9. 100.64.24.690.0%24
 1.0   1.2   0.8   1.8   0.3
10. ec2-54-252-0-16.ap-southeast-2.compute.amazonaws.com0.0%24
 0.4   8.8   0.3  49.3  17.1
11. 54.240.192.108  0.0%23
 2.2   2.2   2.0   3.6   0.4
12. 54.240.192.78   0.0%23
 2.3   3.5   1.9  21.3   4.0
13. 202.68.70.5 0.0%23
 1.7   1.7   1.3   4.1   0.5
14. xe-3-1-0.r00.sydnau02.au.bb.gin.ntt.net 0.0%23
 1.5   1.5   1.4   1.7   0.1
15. as-0.r22.tokyjp01.jp.bb.gin.ntt.net 0.0%23
 133.8 115.9 112.8 133.8   6.0
16. ae-8.r25.tokyjp05.jp.bb.gin.ntt.net 0.0%23
 113.0 117.9 112.8 138.5   7.3
17. ae-1.r22.amstnl02.nl.bb.gin.ntt.net 0.0%23
 382.1 382.3 381.4 389.4   2.0
18. ae-1.r02.amstnl02.nl.bb.gin.ntt.net 0.0%23
 370.8 369.5 368.8 370.8   0.5
19. ae7.edge6.Amsterdam.Level3.net  0.0%23
 380.7 381.1 380.7 381.6   0.3
20. ae-232-3608.edge4.Amsterdam1.Level3.net 0.0%23
 380.0 381.2 380.0 387.9   2.2
21. AS5580.edge4.Amsterdam1.Level3.net  0.0%23
 342.5 343.1 342.1 353.3   2.2
22. eth5-4.core1.ams1.nl.as5580.net 0.0%23
 342.1 342.6 342.0 344.4   0.6
23. eth4-1.r1.dus1.de.as5580.net0.0%23
 345.6 346.4 341.4 355.4   4.6
24. 78.152.56.135   9.1%23
 346.5 347.0 345.5 351.3   1.4
25. te-2-1-800.bbr-dtm-01.de.infra.rrbone.net   0.0%23
 349.5 348.4 347.5 349.5   0.6
26. ???
27. xe-3-2.r02.dsdfge01.de.bb.gin.ntt.net   0.0%23
 347.7 348.3 347.3 349.2   0.6
28. xe-0-1-0-20.r02.amstnl02.nl.bb.gin.ntt.net  4.3%23
 348.6 348.7 347.5 349.5   0.5
29. 129.250.9.500.0%23
 354.3 354.4 353.6 355.3   0.5
30. sl-bb21-ams-.sprintlink.net 4.5%23
 356.5 356.2 355.3 357.3   0.6



On Wed, Nov 26, 2014 at 12:47 PM, Ken Chase  wrote:

> im hitting 30 hops tracing from one location, and 30 from some EC2s.
> another shows
>
>  4. v638.core1.tor1.he.net
>  5. 100ge1-2.core1.nyc4.he.net
>  6. 100ge7-2.core1.lon2.he.net
>  7. 100ge3-2.core1.ams1.he.net
>  8. 100ge5-1.core1.fra1.he.net
>  9. rrbone.dus.ecix.net
> 10. te-2-1-800.bbr-dtm-01.de.infra.rrbone.net
> 11. ???
> 12. xe-3-2.r02.dsdfge01.de.bb.gin.ntt.net
> 13. xe-0-1-0-20.r02.amstnl02.nl.bb.gin.ntt.net
> 14. 129.250.9.50
> 15. sl-bb21-ams-.sprintlink.net
> 16. sl-crs2-lon-0-8-3-0.sprintlink.net
> 17. sl-crs2-lon-.sprintlink.net
> 18. sl-crs1-nyc-0-5-2-0.sprintlink.net
> 19. 144.232.5.216
> 20. 144.232.18.59
> 21. 144.232.1.73
> 22. 144.232.11.17
> 23. 144.232.12.41
> 24. 144.232.7.124
> 25. sl-st20-sj-0-0-0.sprintlink.net
> 26. sl-china6-192107-0.sprintlink.net
> 27. 219.158.32.174
> 28. 175.45.177.217
> 29. ???
>
> with some 1/2 ping times by the end. that's quite the trip around the
> world,
> hitting nyc twice. (no he<>sprintlink peering?)
>
> /kc
>
>
> On Wed, Nov 26, 2014 at 12:41:07PM -0500, Javier J said:
>   >Name:   thepiratebay.se
>   >Address: 194.71.107.27
>   >
>   >Its reachable from some places and not others.
>   >
>   >Is it being filtered?
>   >
>   >Is it being hijacked?
>   >
>   >Email to them bounced from google apps.
>   >
>   >Are we now officially living in a police state?
>   >
>   >mtr dies at hop 2 for me:
>   >
>   >2. l100.nwrknj-vfttp-134.verizon-gni.net  ( 173.70.26.1 )
>   >
>   >Is verizon now censoring the internet for me?
>
> --
> Ken Chase - m...@sizone.org Toronto
>

Re: Anyone else having trouble reaching thepiratebay.se? AS39138

[Javier J]

I heard about that vandalism. Can anyone confirm that is the issue? But I
am in the NY area so why would traffic destined to Europe go to LA?

On Wed, Nov 26, 2014 at 1:02 PM, Aaron D. Osgood <
aosg...@streamline-solutions.net> wrote:

> Perhaps it has something to do with Verizon' huge fiber cut in LA?
> Vandalism
> this morning
>
>
> Aaron D. Osgood
>
> Streamline Solutions L.L.C
>
> 274 E. Eau Gallie Blvd. #336
> Indian Harbour Beach, FL 32937
>
> TEL: 207-518-8455
> MOBILE: 207-831-5829
> GTalk: aaron.osgood
> aosg...@streamline-solutions.net
> www.Streamline-Solutions.net
> www.WMDaWARe.com
>
>
> Introducing Efficiency to Business since 1986
>
>
> -Original Message-
> From: NANOG
> [mailto:nanog-bounces+aosgood=streamline-solutions@nanog.org] On
> Behalf
> Of TR Shaw
> Sent: November 26, 2014 12:50
> To: Josh Luthman
> Cc: nanog@nanog.org
> Subject: Re: Anyone else having trouble reaching thepiratebay.se? AS39138
>
> From FL I die at
>
> xe-3-2.r02.dsdfge01.de.bb.gin.ntt.net (129.250.5.174)  172.519 ms  155.386
> ms  187.235 ms
>
> On Nov 26, 2014, at 12:43 PM, Josh Luthman 
> wrote:
>
> > Works for me
> >
> >
> > Josh Luthman
> > Office: 937-552-2340
> > Direct: 937-552-2343
> > 1100 Wayne St
> > Suite 1337
> > Troy, OH 45373
> >
> > On Wed, Nov 26, 2014 at 12:41 PM, Javier J 
> > wrote:
> >
> >> Name:   thepiratebay.se
> >> Address: 194.71.107.27
> >>
> >> Its reachable from some places and not others.
> >>
> >> Is it being filtered?
> >>
> >> Is it being hijacked?
> >>
> >> Email to them bounced from google apps.
> >>
> >> Are we now officially living in a police state?
> >>
> >> mtr dies at hop 2 for me:
> >>
> >> 2. l100.nwrknj-vfttp-134.verizon-gni.net  ( 173.70.26.1 )
> >>
> >> Is verizon now censoring the internet for me?
> >>
>
>
>

Re: Anyone else having trouble reaching thepiratebay.se? AS39138

[Javier J]

I confirmed It is also blocked for Comcast users. Even Comcast business
users. This is starting to look like censorship to me.

On Wed, Nov 26, 2014 at 1:14 PM, Javier J 
wrote:

> I heard about that vandalism. Can anyone confirm that is the issue? But I
> am in the NY area so why would traffic destined to Europe go to LA?
>
> On Wed, Nov 26, 2014 at 1:02 PM, Aaron D. Osgood <
> aosg...@streamline-solutions.net> wrote:
>
>> Perhaps it has something to do with Verizon' huge fiber cut in LA?
>> Vandalism
>> this morning
>>
>>
>> Aaron D. Osgood
>>
>> Streamline Solutions L.L.C
>>
>> 274 E. Eau Gallie Blvd. #336
>> Indian Harbour Beach, FL 32937
>>
>> TEL: 207-518-8455
>> MOBILE: 207-831-5829
>> GTalk: aaron.osgood
>> aosg...@streamline-solutions.net
>> www.Streamline-Solutions.net
>> www.WMDaWARe.com
>>
>>
>> Introducing Efficiency to Business since 1986
>>
>>
>> -Original Message-
>> From: NANOG
>> [mailto:nanog-bounces+aosgood=streamline-solutions@nanog.org] On
>> Behalf
>> Of TR Shaw
>> Sent: November 26, 2014 12:50
>> To: Josh Luthman
>> Cc: nanog@nanog.org
>> Subject: Re: Anyone else having trouble reaching thepiratebay.se? AS39138
>>
>> From FL I die at
>>
>> xe-3-2.r02.dsdfge01.de.bb.gin.ntt.net (129.250.5.174)  172.519 ms
>> 155.386
>> ms  187.235 ms
>>
>> On Nov 26, 2014, at 12:43 PM, Josh Luthman 
>> wrote:
>>
>> > Works for me
>> >
>> >
>> > Josh Luthman
>> > Office: 937-552-2340
>> > Direct: 937-552-2343
>> > 1100 Wayne St
>> > Suite 1337
>> > Troy, OH 45373
>> >
>> > On Wed, Nov 26, 2014 at 12:41 PM, Javier J 
>> > wrote:
>> >
>> >> Name:   thepiratebay.se
>> >> Address: 194.71.107.27
>> >>
>> >> Its reachable from some places and not others.
>> >>
>> >> Is it being filtered?
>> >>
>> >> Is it being hijacked?
>> >>
>> >> Email to them bounced from google apps.
>> >>
>> >> Are we now officially living in a police state?
>> >>
>> >> mtr dies at hop 2 for me:
>> >>
>> >> 2. l100.nwrknj-vfttp-134.verizon-gni.net  ( 173.70.26.1 )
>> >>
>> >> Is verizon now censoring the internet for me?
>> >>
>>
>>
>>
>

Re: Anyone else having trouble reaching thepiratebay.se? AS39138

[Javier J]

I can get to www.rrbone.net via ipv6 (HE.net tunnel) but on ipv4, it dies
on hop 2, same as thepiratebay.se on Verizon Fios.

On Wed, Nov 26, 2014 at 2:01 PM,  wrote:

> Javier,
>
> I can't get to www.rrbone.net, an upstream provider to the IP I was given
> for thepiratebay.se.
> I tested on VZ FiOS and Wireless in Philadelphia area and both die within
> the VZ network.
>
> For Comcast, it looks like the space isn't showing up in the BGP table:
> route-server.newyork.ny.ibone>show ip bgp 194.71.107.27
> % Network not in table
>
> No clue what the cause is, but it bigger than just the PirateBay.
>
> Sincerely,
>
> Eric Tykwinski
> TrueNet, Inc.
> P: 610-429-8300
> F: 610-429-3222
>
>
> -Original Message-
> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Javier J
> Sent: Wednesday, November 26, 2014 1:44 PM
> To: nanog@nanog.org
> Subject: Re: Anyone else having trouble reaching thepiratebay.se? AS39138
>
> I confirmed It is also blocked for Comcast users. Even Comcast business
> users. This is starting to look like censorship to me.
>
>
>

Re: Anyone else having trouble reaching thepiratebay.se? AS39138

[Javier J]

Paul, I think this is isolated to ISP providers in the US.

It seems this is affecting Comcast, ATT U-Verse and Verizon FIOS customers.

Here is some interesting info:

http://www.reddit.com/r/AskTechnology/comments/2ni118/is_att_uverse_blocking_the_pirate_bay/



On Wed, Nov 26, 2014 at 10:06 PM, Paul S.  wrote:

> No problem here in Los Angeles either, but seeing a lone route through
> Atrato only.
>
> flags destination  gateway  lpref   med aspath origin
> *>194.71.107.0/24  <> 100 0 3491 5580 39138 22351 2.207
> 51040 i
> * 194.71.107.0/24  <>   100 0 174 5580 39138 22351 2.207
> 51040 i
>
>
>
> On 11/27/2014 午前 11:24, Tony Wicks wrote:
>
>> No problem here in New Zealand
>>
>> tonyw@vrhost1-w> show route 194.71.107.0/24
>>
>> icore1-w.inet.0: 519451 destinations, 525214 routes (519437 active, 14
>> holddown, 0 hidden)
>> + = Active Route, - = Last Active, * = Both
>>
>> 194.71.107.0/24*[BGP/170] 10:25:44, MED 0, localpref 90
>>AS path: 4826 5580 39138 22351 131279 51040 I,
>> validation-state: unverified
>>  > to 175.45.102.9 via ae1.526
>>
>> -Original Message-
>> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Courtney Smith
>> Sent: Thursday, 27 November 2014 3:18 p.m.
>> To: Eric Tykwinski
>> Cc: nanog@nanog.org
>> Subject: Re: Anyone else having trouble reaching thepiratebay.se? AS39138
>>
>> I just posted TATA as a single example.  This route is missing from
>> multiple
>> networks.  I could not find the specific /24 on, Sprint(1239) AT&T(7018)
>> and
>> Centurylink either.
>>
>> rvi...@route-server.ip.att.net> show route 194.71.107.0/24
>>
>> rvi...@route-server.ip.att.net>
>>
>>
>

Re: Anyone else having trouble reaching thepiratebay.se? AS39138

[Javier J]

Looks like its working now (on FIOS anyway)

Curious to know why the major networks stopped seeing it yesterday as well.

On Thu, Nov 27, 2014 at 12:45 AM, Courtney Smith 
wrote:

>
> > No problem here in Los Angeles either, but seeing a lone route through
> Atrato only.
> >
> > flags destination  gateway  lpref   med aspath origin
> > *>194.71.107.0/24  <> 100 0 3491 5580 39138 22351 2.207
> 51040 i
> > * 194.71.107.0/24  <>   100 0 174 5580 39138 22351
> 2.207 51040 i
> >
> >
> > On 11/27/2014 午前 11:24, Tony Wicks wrote:
> >>
> >> No problem here in New Zealand
> >>
> >> tonyw@vrhost1-w> show route 194.71.107.0/24
> >>
> >> icore1-w.inet.0: 519451 destinations, 525214 routes (519437 active, 14
> >> holddown, 0 hidden)
> >> + = Active Route, - = Last Active, * = Both
> >>
> >> 194.71.107.0/24*[BGP/170] 10:25:44, MED 0, localpref 90
> >>AS path: 4826 5580 39138 22351 131279 51040 I,
> >> validation-state: unverified
> >>  > to 175.45.102.9 via ae1.526
> >>
>
> Hopefully the body cones thru this time.  The issue isn't city or country
> based.  In my last post I pointed out the do not announce to peers
> community AS5580 was sending to Cogent, Level3 and who knows who else.   So
> any ASN that is not a customer of Cogent or Level3 wont learn the 5580 path
> from them.
>
> When I checked a few hours ago, Comcast, Centurylink, AT&T, TATA, and
> possibly Sprint were not seeing the /24 based on their public looking
> glasses or route servers.  Have not had time to run bgplay  to see if
> routeviews data shows how they previously saw the /24 in past 30 days.
> Finding the ASN(s) they used to see from would shed light on why they
> stopped seeing.   Checking bgplay and contacting AS51040 to reach out to
> their upstreams is my suggestion.

Re: Anyone else having trouble reaching thepiratebay.se? AS39138

[Javier J]

It was working for me a few hours ago, and now dead at hop 3 on FIOS again.

If they have 2 prefixes being advertised from AS51040
http://bgp.he.net/AS51040#_prefixes  Why can I traceroute to 1 but not the
other?

[root@tor-proxy network-scripts]# mtr --report -c 5 194.14.56.1
HOST: tor-proxy.home  Loss%   Snt   Last   Avg  Best  Wrst StDev
  1. pfsense.home  0.0% 50.5   1.0   0.4   2.7   1.0
  2. L100.NWRKNJ-VFTTP-134.verizo  0.0% 51.3   6.0   1.3  20.6   8.3
  3. G0-5-3-4.NWRKNJ-LCR-22.veriz  0.0% 53.2   4.6   3.2   6.7   1.4
  4. ae0-0.NWRK-BB-RTR2.verizon-g  0.0% 55.9   8.4   4.9  20.7   6.8
  5. ???  100.0 50.0   0.0   0.0   0.0   0.0
  6. 0.ae2.BR3.NYC4.ALTER.NET  0.0% 56.8   6.7   6.6   6.9   0.1
  7. 204.255.169.234   0.0% 55.4   5.7   5.2   7.1   0.8
  8. ae-2.r23.nycmny01.us.bb.gin.  0.0% 56.2   7.1   5.9  11.0   2.2
  9. ae-6.r21.frnkge03.de.bb.gin. 60.0% 5   94.5  92.6  90.7  94.5   2.7
 10. ae-1.r02.frnkge03.de.bb.gin.  0.0% 5   95.2  94.3  93.1  95.6   1.1
 11. 213.198.77.2140.0% 5   92.7  93.4  92.7  94.1   0.5
 12. et030-4.RT.TC1.STO.SE.retn.n  0.0% 5  109.2 109.4 109.0 110.9   0.8
 13. GW-ObeNetwork.retn.net0.0% 5  116.0 190.0 111.1 341.8 100.4
 14. moria-cr-3.piratpartiet.se   20.0% 5  110.1 111.6 109.9 116.1   2.9


[root@tor-proxy network-scripts]# mtr --report -c 5 194.71.107.27
HOST: tor-proxy.home  Loss%   Snt   Last   Avg  Best  Wrst StDev
  1. pfsense.home  0.0% 50.6   0.4   0.3   0.6   0.1
  2. L100.NWRKNJ-VFTTP-134.verizo  0.0% 51.4   7.1   1.4  29.1  12.3
  3. ???  100.0 50.0   0.0   0.0   0.0   0.0


The site works 100 % fine over vpn or proxy. So I don't think this is
related to any DDOS attack.




On Thu, Nov 27, 2014 at 2:06 PM, Phil Bedard  wrote:

> In the post you quoted it says:
>
> "In my last post I pointed out the do not announce to peers
> community AS5580 was sending to Cogent, Level3 and who knows who else. So
> any ASN that is not a customer of Cogent or Level3 wont learn the 5580 path
> from them."
>
> Verizon, ATT, and the rest of those networks are Tier-1 networks meaning
> if 5580 was tagging the route with do-not-advertise to their transit
> providers (Level3 & Cogent) the other Tier-1s wouldn't have another route
> to it.  Looking at routing updates there were a lot of them yesterday for
> that prefix, for whatever reason.  The lack of reachability was completely
> due to Atrato, had nothing to do with the ISPs in the US.
>
> It was reachable for me yesterday on our network, but we peer directly
> with Atrato.
>
> It's possible they did it to stop a DDoS, some other kind of attack, or
> any number of reasons.
>
> Phil
>
>
>
>
>
>
> On 11/27/14, 2:47 PM, "Javier J"  wrote:
>
> >Looks like its working now (on FIOS anyway)
> >
> >Curious to know why the major networks stopped seeing it yesterday as
> >well.
> >
> >On Thu, Nov 27, 2014 at 12:45 AM, Courtney Smith
> >
> >wrote:
> >
> >>
> >> > No problem here in Los Angeles either, but seeing a lone route through
> >> Atrato only.
> >> >
> >> > flags destination  gateway  lpref   med aspath origin
> >> > *>194.71.107.0/24  <> 100 0 3491 5580 39138 22351
> >>2.207
> >> 51040 i
> >> > * 194.71.107.0/24  <>   100 0 174 5580 39138 22351
> >> 2.207 51040 i
> >> >
> >> >
> >> > On 11/27/2014 午前 11:24, Tony Wicks wrote:
> >> >>
> >> >> No problem here in New Zealand
> >> >>
> >> >> tonyw@vrhost1-w> show route 194.71.107.0/24
> >> >>
> >> >> icore1-w.inet.0: 519451 destinations, 525214 routes (519437 active,
> >>14
> >> >> holddown, 0 hidden)
> >> >> + = Active Route, - = Last Active, * = Both
> >> >>
> >> >> 194.71.107.0/24*[BGP/170] 10:25:44, MED 0, localpref 90
> >> >>AS path: 4826 5580 39138 22351 131279 51040 I,
> >> >> validation-state: unverified
> >> >>  > to 175.45.102.9 via ae1.526
> >> >>
> >>
> >> Hopefully the body cones thru this time.  The issue isn't city or
> >>country
> >> based.  In my last post I pointed out the do not announce to peers
> >> community AS5580 was sending to Cogent, Level3 and who knows who else.
> >> So
> >> any ASN that is not a customer of Cogent or Level3 wont learn the 5580
> >>path
> >> from them.
> >>
> >> When I checked a few hours ago, Comcast, Centurylink, AT&T, TATA, and
> >> possibly Sprint were not seeing the /24 based on their public looking
> >> glasses or route servers.  Have not had time to run bgplay  to see if
> >> routeviews data shows how they previously saw the /24 in past 30 days.
> >> Finding the ASN(s) they used to see from would shed light on why they
> >> stopped seeing.   Checking bgplay and contacting AS51040 to reach out to
> >> their upstreams is my suggestion.
>
>

Re: Anyone else having trouble reaching thepiratebay.se? AS39138

[Javier J]

Thanks Phil. I guess the confusion is that during the outages, it was
reachable from everywhere except Comcast, Verizon and ATT-U-verse all at
the same time.

Every proxy, vpn etc tested worked fine. Also the fact that the traces
dropped immediately and not far off on a far network. In addition to that.
Other users on other ISP in the local area (cable-vision / optimum, NYC)
had no problem.

obviously not all providers are using the same routes to the same
destination. Just that when a controversial site becomes inaccessible,
questions start to be raised. I think it was also mentioned somewhere on
some site that as far as the pirate bay was concerned, everything on their
end was operating normally.

On Thu, Nov 27, 2014 at 3:30 PM, Phil Bedard  wrote:

> It looks like they use different upstream providers for each prefix,
> probably hosted in different locations.
>
> The 194.71.107.0/24 prefix on my network was withdrawn by Ataro, and is
> now reachable via this path:
>
> 194.71.107.0/24*[BGP/170] 00:04:34
>   AS path: 3356 3320 3320 24961 24961 24961 24961
> 39138 22351 131279 51040 I, validation-state: unverified
>
> The 4 minutes isn't really a good thing.
>
> This is the other prefix, via RETN who we also peer with.
>
> 194.14.56.0/24 *[BGP/170] 1d 07:15:42, MED 0
>   AS path: 9002 197595 51040 I
>
> AS 24961 is myLoc.de who could be their hosting provider and may have had
> issues with Atrato, who is now Hibernia.   Who knows it looks like normal
> BGP/Internet issues to me, if you are looking for some kind of conspiracy
> nothing is going on.
>
>
> Phil
>
> From: Javier J 
> Date: Thursday, November 27, 2014 at 2:16 PM
> To: Phil B 
> Cc: Courtney Smith , "nanog@nanog.org" <
> nanog@nanog.org>
> Subject: Re: Anyone else having trouble reaching thepiratebay.se? AS39138
>
> It was working for me a few hours ago, and now dead at hop 3 on FIOS again.
>
> If they have 2 prefixes being advertised from AS51040
> http://bgp.he.net/AS51040#_prefixes  Why can I traceroute to 1 but not
> the other?
>
> [root@tor-proxy network-scripts]# mtr --report -c 5 194.14.56.1
> HOST: tor-proxy.home  Loss%   Snt   Last   Avg  Best  Wrst
> StDev
>   1. pfsense.home  0.0% 50.5   1.0   0.4   2.7
> 1.0
>   2. L100.NWRKNJ-VFTTP-134.verizo  0.0% 51.3   6.0   1.3  20.6
> 8.3
>   3. G0-5-3-4.NWRKNJ-LCR-22.veriz  0.0% 53.2   4.6   3.2   6.7
> 1.4
>   4. ae0-0.NWRK-BB-RTR2.verizon-g  0.0% 55.9   8.4   4.9  20.7
> 6.8
>   5. ???  100.0 50.0   0.0   0.0   0.0
> 0.0
>   6. 0.ae2.BR3.NYC4.ALTER.NET  0.0% 56.8   6.7   6.6   6.9
> 0.1
>   7. 204.255.169.234   0.0% 55.4   5.7   5.2   7.1
> 0.8
>   8. ae-2.r23.nycmny01.us.bb.gin.  0.0% 56.2   7.1   5.9  11.0
> 2.2
>   9. ae-6.r21.frnkge03.de.bb.gin. 60.0% 5   94.5  92.6  90.7  94.5
> 2.7
>  10. ae-1.r02.frnkge03.de.bb.gin.  0.0% 5   95.2  94.3  93.1  95.6
> 1.1
>  11. 213.198.77.2140.0% 5   92.7  93.4  92.7  94.1
> 0.5
>  12. et030-4.RT.TC1.STO.SE.retn.n  0.0% 5  109.2 109.4 109.0 110.9
> 0.8
>  13. GW-ObeNetwork.retn.net0.0% 5  116.0 190.0 111.1 341.8
> 100.4
>  14. moria-cr-3.piratpartiet.se   20.0% 5  110.1 111.6 109.9 116.1
> 2.9
>
>
> [root@tor-proxy network-scripts]# mtr --report -c 5 194.71.107.27
> HOST: tor-proxy.home  Loss%   Snt   Last   Avg  Best  Wrst
> StDev
>   1. pfsense.home  0.0% 50.6   0.4   0.3   0.6
> 0.1
>   2. L100.NWRKNJ-VFTTP-134.verizo  0.0% 51.4   7.1   1.4  29.1
>  12.3
>   3. ???  100.0 50.0   0.0   0.0   0.0
> 0.0
>
>
> The site works 100 % fine over vpn or proxy. So I don't think this is
> related to any DDOS attack.
>
>
>
>
> On Thu, Nov 27, 2014 at 2:06 PM, Phil Bedard 
> wrote:
>
>> In the post you quoted it says:
>>
>> "In my last post I pointed out the do not announce to peers
>> community AS5580 was sending to Cogent, Level3 and who knows who else. So
>> any ASN that is not a customer of Cogent or Level3 wont learn the 5580
>> path
>> from them."
>>
>> Verizon, ATT, and the rest of those networks are Tier-1 networks meaning
>> if 5580 was tagging the route with do-not-advertise to their transit
>> providers (Level3 & Cogent) the other Tier-1s wouldn't have another route
>> to it.  Looking at routing updates there were a lot of them yesterday for
>> that prefix, for whatever reason.  The lack of reachability was completely
>> due to Atrato, had nothing to do

Re: Incident notification

[Javier J]

Multiple nagios servers directly sending via amazon web services SES to
pager duty.

Unlikely SES would go completely down. Nagios boxes monitor eachother from
different continents.
On Nov 21, 2014 10:52 AM, "Thijs Stuurman"  wrote:

> Nanog list members,
>
> I was looking at some statistic and noticed we are sending out a massive
> amount of SMS messages from our monitoring systems.
> This left me wondering if there isn't a better (and cheaper) alternative
> to this, something just as reliant but IP based. We all have smartphones
> these days anyway.
>
> Therefore my question, what are you using to notify admins of incidents?
>
> Kind regards / Met vriendelijke groet,
>
> Thijs Stuurman
>
>
>
> [IS Logo]
>
>
> 
>
> IS Group
>
> Wielingenstraat 8
>
> T
>
> +31 (0)299 476 185
>
> i...@is.nl
>
> 1441 ZR Purmerend
>
> F
>
> +31 (0)299 476 288
>
> www.is.nl
>
> 
>
> IS Group is ISO 9001:2008, ISO/IEC 27001:2005, ISO 20.000-1:2005, ISAE
> 3402 certified. De datacenters zijn PCI DSS en ISO 14001 compliant.
>
>
>

Re: Got a call at 4am - RAID Gurus Please Read

[Javier J]

I'm just going to chime in here since I recently had to deal with bit-rot
affecting a 6TB linux raid5 setup using mdadm (6x 1TB disks)

We couldn't rebuild because of 5 URE sectors on one of the other disks in
the array after a power / ups issue rebooted our storage box.

We are now using ZFS RAIDZ and the question I ask myself is, why wasn't I
using ZFS years ago?

+1 for ZFS and RAIDZ



On Wed, Dec 10, 2014 at 8:40 AM, Rob Seastrom  wrote:

>
> The subject is drifting a bit but I'm going with the flow here:
>
> Seth Mos  writes:
>
> > Raid10 is the only valid raid format these days. With the disks as big
> > as they get these days it's possible for silent corruption.
>
> How do you detect it?  A man with two watches is never sure what time it
> is.
>
> Unless you have a filesystem that detects and corrects silent
> corruption, you're still hosed, you just don't know it yet.  RAID10
> between the disks in and of itself doesn't help.
>
> > And with 4TB+ disks that is a real thing.  Raid 6 is ok, if you accept
> > rebuilds that take a week, literally. Although the rebuild rate on our
> > 11 disk raid 6 SSD array (2TB) is less then a day.
>
> I did a rebuild on a RAIDZ2 vdev recently (made out of 4tb WD reds).
> It took nowhere near a day let alone a week.  Theoretically takes 8-11
> hours if the vdev is completely full, proportionately less if it's
> not, and I was at about 2/3 in use.
>
> -r
>
>

Re: Comcast thinks it ok to install public wifi in your house

[Javier J]

In analyzing my neighbors who use comcast (I live in a townhouse and can
see many access points) my biggest complaint is the the wifi pollution
these comcast router/access-points cause.

For each neighbor who has comcast HSI, expect to see 3 SSID with different
mac showing up. There is the xfinity one, the customer one, and a blank one
broadcasting with similar mac on the same channel.

So even if you are just minding your business as a comcast customer
watching netflix, someone who hooks into your comcast router can not only
kill your wifi throughput but streaming content etc on the same channel,
but also piss of your neighbors (me) because of the small channel space in
the 2.4GHz range.

The 2nd problem I have with this is that I'm pretty sure 99.8% of the
people who have comcast and have their new routers have no clue they are
paying for essentially running a public hotspot for comcast. Even if you
still have to register or pay for it, it's available to the general public
without these people knowing about it.



On Wed, Dec 10, 2014 at 9:35 PM, Jeroen van Aart  wrote:

> Why am I not surprised?
>
> Whose fault would it be if your comcast installed public wifi would be
> abused to download illegal material or launch a botnet, to name some random
> fun one could have on your behalf. :-/
>
> (apologies if this was posted already, couldn't find an email about it on
> the list)
>
> http://www.theregister.co.uk/2014/12/10/disgruntled_
> customers_lob_sueball_at_comcast_over_public_wifi/
>
> "A mother and daughter are suing Comcast claiming the cable giant's router
> in their home was offering public Wi-Fi without their permission.
>
> Comcast-supplied routers broadcast an encrypted, private wireless network
> for people at home, plus a non-encrypted network called XfinityWiFi that
> can be used by nearby subscribers. So if you're passing by a fellow user's
> home, you can lock onto their public Wi-Fi, log in using your Comcast
> username and password, and use that home's bandwidth.
>
> However, Toyer Grear, 39, and daughter Joycelyn Harris – who live together
> in Alameda County, California – say they never gave Comcast permission to
> run a public network from their home cable connection.
>
> In a lawsuit [PDF] filed in the northern district of the golden state, the
> pair accuse the ISP of breaking the Computer Fraud and Abuse Act and two
> other laws.
>
> Grear – a paralegal – and her daughter claim the Xfinity hotspot is an
> unauthorized intrusion into their private home, places a "vast" burden on
> electricity bills, opens them up to attacks by hackers, and "degrades"
> their bandwidth.
>
> "Comcast does not, however, obtain the customer's authorization prior to
> engaging in this use of the customer's equipment and internet service for
> public, non-household use," the suit claims.
>
> "Indeed, without obtaining its customers' authorization for this
> additional use of their equipment and resources, over which the customer
> has no control, Comcast has externalized the costs of its national Wi-Fi
> network onto its customers."
>
> The plaintiffs are seeking monetary damages for themselves and on behalf
> of all Comcast customers nation-wide in their class-action case – the
> service was rolled out to 20 million customers this year."
>
> --
> Earthquake Magnitude: 4.8
> Date: 2014-12-10  22:10:36.800 UTC
> Date Local: 2014-12-10 13:10:36 PST
> Location: 120km W of Panguna, Papua New Guinea
> Latitude: -6.265; Longitude: 154.4004
> Depth: 35 km | e-quake.org
>

Re: Carrier-grade DDoS Attack mitigation appliance

[Javier J]

What about DDOS protection as a service? is that something that is being
offered by more than a few vendors? I know of only one that exists through
a friend.

They basically start advertising your bgp routes, filter out the junk, and
send the good traffic back to you.

On Wed, Dec 10, 2014 at 8:08 AM, James Braunegg  wrote:

> Dear All
>
>
>
> We use a combination of NSFOCUS hardware (ADS, ADS-m and NTA along with
> A10 Hardware)
>
>
>
> All of which I highly recommend !
>
>
>
> Kindest Regards
>
>
> James Braunegg
> P:  1300 769 972  |  M:  0488 997 207 |  D:  (03) 9751 7616
> E:   james.braun...@micron21.com  |
> ABN:  12 109 977 666
> W:  www.micron21.com/ddos-protection<
> http://www.micron21.com/ddos-protection>   T: @micron21
>
>
> [Description: Description: Description: Description: M21.jpg]
> This message is intended for the addressee named above. It may contain
> privileged or confidential information. If you are not the intended
> recipient of this message you must not use, copy, distribute or disclose it
> to anyone other than the addressee. If you have received this message in
> error please return the message to the sender by replying to it and then
> delete the message from your computer.
>
>
>
> -Original Message-
> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Parrish, Luke
> Sent: Wednesday, December 10, 2014 8:08 AM
> To: J. Tozo
> Cc: nanog
> Subject: RE: Carrier-grade DDoS Attack mitigation appliance
>
>
>
> Switch to Nemo.
>
>
>
>
>
>
>
> -Original Message-
>
> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of J. Tozo
>
> Sent: Monday, December 08, 2014 3:26 PM
>
> Cc: nanog
>
> Subject: Re: Carrier-grade DDoS Attack mitigation appliance
>
>
>
> We also evaluating another appliance to put in place of Arbor, their
> "support" outside USA its a joke.
>
>
>
> On Mon, Dec 8, 2014 at 6:17 PM, Ammar Zuberi  wrote:
>
>
>
> > Hi,
>
> >
>
> > We're currently running the Arbor Peakflow SP with the TMS and it
>
> > works very well for us.
>
> >
>
> > Best Regards,
>
> >
>
> > Ammar Zuberi
>
> > FastReturn, Inc
>
> >
>
> >
>
> >
>
> >
>
> > Direct Line: +971 50 394 7299
>
> > Email: am...@fastreturn.net
>
> >
>
> > This email and any files transmitted with it are confidential and
>
> > intended solely for the use of the individual or entity to whom they are
> addressed.
>
> > If you have received it by mistake, please let us know by e-mail reply
>
> > and delete it from your system; you may not copy this message or
>
> > disclose its contents to anyone. Please note that any views or
>
> > opinions presented in this email are solely those of the author and do
>
> > not necessarily represent those of the company. Finally, the recipient
>
> > should check this email and any attachments for the presence of
>
> > viruses. The company accepts no liability for any damage caused by any
> virus transmitted by this email.
>
> >
>
> > > On Dec 8, 2014, at 10:53 PM, Tony McKay
>
> >  wrote:
>
> > >
>
> > > Does anyone on list currently use Peakflow SP from Arbor with TMS,
>
> > > and
>
> > is it truly a carrier grade DDoS detection and mitigation platform?
>
> > Anyone have any experience with Plixir?
>
> > >
>
> > > Tony McKay
>
> > > Dir. Of Network Operations
>
> > > Office:  870.336.3449
>
> > > Mobile:  870.243.0058
>
> > > -The boundary to your comfort zone fades a little each time you
>
> > > cross
>
> > it.  Raise your limits by pushing them.
>
> > >
>
> > > This electronic mail transmission may contain confidential or
>
> > > privileged
>
> > information. If you believe that you have received this message in
>
> > error, please notify the sender by reply transmission and delete the
>
> > message without copying or disclosing it.
>
> > >
>
> > >
>
> > >
>
> > > -Original Message-
>
> > > From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Mohamed
>
> > > Kamal
>
> > > Sent: Sunday, December 07, 2014 2:10 PM
>
> > > To: nanog
>
> > > Subject: Carrier-grade DDoS Attack mitigation appliance
>
> > >
>
> > >
>
> > > Have anyone tried any DDoS attack mitigation appliance rather than
>
> > > Arbor
>
> > PeakFlow TMS? I need it to be carrier-grade in terms of capacity and
>
> > redundancy, and as far as I know, Arbor is the only product in the
>
> > market which offers a "clean pipe" volume of traffic, so if the DDoS
>
> > attack volume is, for example, 1Tbps, they will grant you for example
>
> > 50Gbps of clean traffic.
>
> > >
>
> > > Anyway, I'm open to other suggestions, and open-source products that
>
> > > can
>
> > do the same purpose, we have network development team that can work on
> this.
>
> > >
>
> > > Thanks.
>
> > >
>
> > > --
>
> > > Mohamed Kamal
>
> > > Core Network Sr. Engineer
>
> > >
>
> >
>
> >
>
>
>
>
>
> --
>
> Grato,
>
>
>
> Tozo
>
> 
>
>
>
> The information transmitted is intended only for the person or entity to
> which it is addressed and may contain proprietary, c

Re: Comcast thinks it ok to install public wifi in your house

[Javier J]

The answer is, if someone is using your hotspot, it does use the same radio
and channel your ssid is on.

On Wed, Dec 10, 2014 at 11:18 PM, Andrew Jones  wrote:

> It reads to me like it's not a separate Wi-Fi radio on a different
> channel, but just an additional SSID being broadcast:
> http://wifi.comcast.com/faqs.html
> ctrl+f "Does the new Home Hotspot impact my Internet speeds or data usage?"
>
>
>
>
> On 11.12.2014 14:55, Phil Bedard wrote:
>
>> It won't overlap with the one you are using for yourself on the same
>> device.
>>
>> DOCSIS has service flows with different priorities.  I don't know if
>> they are allocating specific channels for it or if it's just a
>> different service flow, but either way it is a lower priority and
>> should not cause contention with regular user traffic.
>>
>> Really it is just the power they seem to be complaining about.
>>
>> Phil
>>
>> -Original Message-
>> From: "Harald Koch" 
>> Sent: ‎12/‎10/‎2014 10:21 PM
>> To: "Mr Bugs" 
>> Cc: "NANOG list" 
>> Subject: Re: Comcast thinks it ok to install public wifi in your house
>>
>> On 10 December 2014 at 21:50, Mr Bugs  wrote:
>>
>>  however they use a separate DOCSIS and 802.11 channel so if would follow
>>> that it would be a separate IP tied to comcast corporate and not the
>>> subscriber as well as not taking up your bandwidth.
>>>
>>
>>
>>
>> IIRC there are only three non-overlapping channels on 802.11g and six on
>> 802.11n; I can see more networks than that from my basement.
>>
>> I haven't been keeping up with the technology, but in the ancient of days
>> wasn't the uplink side of DOCSIS also a limited-bandwidth, shared
>> resource?
>>
>
>

Re: Got a call at 4am - RAID Gurus Please Read

[Javier J]

Hey guys, I am running it on freeBSD. (nas4free)

It's my understanding that when a resilver happens in a zpool, only the
data that has actually been written to the disks gets used, not the whole
array like traditional raid5 does, reading even empty blocks. I know I
should be using RAIDZ2 for this size array, but I have daily backups off of
this array and also this is a lab, not a production environment. In a
production environment I would use raidz2 or raidz3. The bottom line is
even just Raidz1 is way better than any RAID5 hardware/software solution I
have come across. 1 disk with ZFS can survive 1/8 of the disk becoming
destroyed apparently. ZFS itself has many protections against data
corruption. Also I have scheduled a zpool scrub to run twice a week (to
detect bitrot before it happens.)

Anyway. I have been using linux raid since it has been available and I ask
myself, why haven't I used ZFS seriously before now.

- J

On Thu, Dec 11, 2014 at 11:06 AM, Bacon Zombie 
wrote:

> Are you running ZFS and RAIDZ on Linux or BSD?
> On 10 Dec 2014 23:21, "Javier J"  wrote:
>
>> I'm just going to chime in here since I recently had to deal with bit-rot
>> affecting a 6TB linux raid5 setup using mdadm (6x 1TB disks)
>>
>> We couldn't rebuild because of 5 URE sectors on one of the other disks in
>> the array after a power / ups issue rebooted our storage box.
>>
>> We are now using ZFS RAIDZ and the question I ask myself is, why wasn't I
>> using ZFS years ago?
>>
>> +1 for ZFS and RAIDZ
>>
>>
>>
>> On Wed, Dec 10, 2014 at 8:40 AM, Rob Seastrom  wrote:
>>
>> >
>> > The subject is drifting a bit but I'm going with the flow here:
>> >
>> > Seth Mos  writes:
>> >
>> > > Raid10 is the only valid raid format these days. With the disks as big
>> > > as they get these days it's possible for silent corruption.
>> >
>> > How do you detect it?  A man with two watches is never sure what time it
>> > is.
>> >
>> > Unless you have a filesystem that detects and corrects silent
>> > corruption, you're still hosed, you just don't know it yet.  RAID10
>> > between the disks in and of itself doesn't help.
>> >
>> > > And with 4TB+ disks that is a real thing.  Raid 6 is ok, if you accept
>> > > rebuilds that take a week, literally. Although the rebuild rate on our
>> > > 11 disk raid 6 SSD array (2TB) is less then a day.
>> >
>> > I did a rebuild on a RAIDZ2 vdev recently (made out of 4tb WD reds).
>> > It took nowhere near a day let alone a week.  Theoretically takes 8-11
>> > hours if the vdev is completely full, proportionately less if it's
>> > not, and I was at about 2/3 in use.
>> >
>> > -r
>> >
>> >
>>
>

Re: Comcast thinks it ok to install public wifi in your house

[Javier J]

Jason, I hope you are Livin' Good.

On a serious note.
What stops someone from going down to the center of town, launching a
little wifi SSID named xfinitywifi and collecting your customers usernames
and passwords?

Also, don't you think there is something just morally wrong with the fact
that your customers don't know they are providing a public access point out
of their homes by just being comcast HSI customers? I am all for wifi
everywhere, but this isn't the way to do it.

http://i.imgur.com/R3xCpZO.png

Pic is related, one of those access points isn't owned by Comcast.




On Thu, Dec 11, 2014 at 7:32 PM, Livingood, Jason <
jason_living...@cable.comcast.com> wrote:

> On 12/11/14, 4:37 PM, "Tim Upthegrove"  wrote:
>
> >I received an email from Comcast that they were offering a free upgraded
> >wifi router for my home.
>
> Yes, since the main service tier doubled from 25 Mbps to 50 Mbps (some
> went to 105 Mbps) that means DOCSIS 2.0 devices were no longer up to the
> task. If you got an email like that you had a D2.0 device and needed a
> D3.0 device. A side benefit is the device either now or very soon supports
> native dual stack.
>
> Jason
>
>

Re: Looking for piece of undersea cable

[Javier J]

I would also love to have a section of one just for the heck of it in my
office.

On Fri, Dec 12, 2014 at 3:58 PM, Colin McIntosh 
wrote:
>
> Hey all,
>
> I'm looking for a piece of undersea cable to use for educational purposes
> and was hoping somebody would have a section they can part with. Doesn't
> need to be a big piece, really any size will work. I can pay for shipping
> and the cable, if needed.
>
> Thanks!
> -Colin
>

Re: Comcast thinks it ok to install public wifi in your house

[Javier J]

Arguing over semantics are we now?

http://www.diffen.com/difference/Ethics_vs_Morals



On Fri, Dec 12, 2014 at 6:41 PM, Randy Bush  wrote:
>
> > Also, don't you think there is something just morally wrong
>
> if folk wish to indulge in hyperbole, could they at least not confuse
> morals with ethics?
>
> randy
>

Re: Ars breaks Misfortune Cookie vulnerability news to public

[Javier J]

Glad I'm using a freebsd based routing solution.
On Dec 19, 2014 5:54 PM, "Jay Ashworth"  wrote:

> While the flaw is 12 years old and the fix 9, the article suggests that
> firmware for consumer routers may yet be being built with the vulnerable
> webserver code baked in.
>
> If you are responsible for lots of eyeballs you might want to look at this.
>
>
> http://arstechnica.com/security/2014/12/12-million-home-and-business-routers-vulnerable-to-critical-hijacking-hack/
>
> Have a nice Christmas weekend.  :-)
>
> Cheers,
> -- jra
>
> --
> Jay R. Ashworth  Baylink
> j...@baylink.com
> Designer The Things I Think   RFC
> 2100
> Ashworth & Associates   http://www.bcp38.info  2000 Land
> Rover DII
> St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647
> 1274
>

Re: Ars breaks Misfortune Cookie vulnerability news to public

[Javier J]

Haha, yeah I spoke too soon.

Happy Holidays.

Also has anyone looked at the list of devices / vendors that are using that
software?

https://www.allegrosoft.com/about-allegro-software#tabs-896-0-4

Did the vendors know their vendor was giving them buggy software?

What is the test for this vuln?

On Fri, Dec 19, 2014 at 8:01 PM, Niels Bakker 
wrote:

> * jav...@advancedmachines.us (Javier J) [Sat 20 Dec 2014, 00:50 CET]:
>
>> Glad I'm using a freebsd based routing solution.
>>
>
> Time to update that one too: https://ics-cert.us-cert.gov/
> advisories/ICSA-14-353-01
>
>
> -- Niels.
>

Re: OT - Verizon/ATT Cell/4G Signal Booster/Repeater

[Javier J]

Add T-mobile LTE and to that list.

I need one.

On Tue, Dec 16, 2014 at 4:11 PM, Alex Rubenstein  wrote:

> > > On Tue, Dec 16, 2014 at 12:32 PM, Alex Rubenstein  > > > wrote:
> > > >
> > > > I just with Wifi calling was ubiquitous.
> > >
> > > isn't it in every android phone since ~1yr ago?
>
> Perhaps they are, but AT&T and Verizon don't allow it, because they are
> terrible.
>
>
>

Re: OT - Verizon/ATT Cell/4G Signal Booster/Repeater

[Javier J]

I used to use it too, but then I started with the nexus line of phones and
guess what? gone. Because its a custom android implementation in their
version of android but the Nexus is pure android untouched by t-mo.

Not switching from my nexus 5 anytime soon and if I did I would probably
get the 6.

T-mo really should release it as an app of some kind.

On Sat, Dec 20, 2014 at 4:58 PM, Doug Barton  wrote:

> On 12/19/14 8:30 PM, Javier J wrote:
>
>> Add T-mobile LTE and to that list.
>>
>> I need one.
>>
>
> I'm using wifi calling on my T-mobile device now and then 'just 'cuz', and
> it works a treat. Usually my cell coverage is excellent, but I'm sure that
> someday I'll be in a spot where I need it, so I want to keep exercising
> that path occasionally. :)
>
> FWIW,
>
> Doug
>
> (Usually I wouldn't bother speaking about a specific vendor, especially
> one that's arguably off-topic, but given the historical scuzziness of most
> of the mobile vendors, and what T-mobile is doing now to improve the
> situation; albeit with occasionally distasteful marketing theatrics, I
> thought it worth mentioning ...)
>

jack in the box ssl cert

[Javier J]

can someone let them know they are having a bad day?

https://www.jackinthebox.com/

Re: They have the Internet in North Korea now?

[Javier J]

This blog is gold. Pure gold.

On Sun, Dec 21, 2014 at 6:43 PM, Jay Ashworth  wrote:

> Well, kind of:
>
>   https://nknetobserver.github.io/
>
> Cheers,
> -- jra
>
> --
> Jay R. Ashworth  Baylink
> j...@baylink.com
> Designer The Things I Think   RFC
> 2100
> Ashworth & Associates   http://www.bcp38.info  2000 Land
> Rover DII
> St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647
> 1274
>

Internet Service Providers in Bogota Colombia.

[Javier J]

My apologies in advance If there is a better list, please let me know.

I will be traveling to Bogota, Colombia for a few weeks in the spring and a
family member who is working there on a contract (where I will be staying)
has crappy internet. I want to kill 2 birds with one stone. Make sure I
have reliable internet and improve what they have. I'm just not sure what
options are available there.

I speak the language just not familiar with the options.

Any help would be greatly appreciated.

in-case anyone is interested, the pirate flag flies again.

[Javier J]

http://www.thepiratebay.se/

How our young colleagues are being educated....

[Javier J]

Dear NANOG Members,

It has come to my attention, that higher learning institutions in North
America are doing our young future colleagues a disservice.

I recently ran into a student of Southern New Hampshire University enrolled
in the Networking/Telecom Management course and was shocked by what I
learned.

Not only are they skimming over new technologies such as BGP, MPLS and the
fundamentals of TCP/IP that run the internet and the networks of the world,
they were focusing on ATM , Frame Relay and other technologies that are on
their way out the door and will probably be extinct by the time this
student graduates. They are teaching classful routing and skimming over
CIDR. Is this indicative of the state of our education system as a whole?
How is it this student doesn't know about OSPF and has never heard of RIP?

If your network hardware is so old you need a crossover cable, it's time to
upgrade. In this case, it’s time to upgrade our education system.

I didn't write this email on the sole experience of my conversation with
one student, I wrote this email because I have noticed a pattern emerging
over the years with other university students at other schools across the
country. It’s just the countless times I have crossed paths with a young IT
professional and was literally in shock listening to the things they were
being taught. Teaching old technologies instead of teaching what is
currently being used benefits no one. Teaching classful and skipping CIDR
is another thing that really gets my blood boiling.

Are colleges teaching what an RFC is? Are colleges teaching what IPv6 is?

What about unicast and multicast? I confirmed with one student half way
through their studies that they were not properly taught how DNS works, and
had no clue what the term “root servers” meant.

Am I crazy? Am I ranting? Doesn't this need to be addressed? …..and if not
by us, then by whom? How can we fix this?

Re: Internet Service Providers in Bogota Colombia.

[Javier J]

Thanks guys, I appreciate the info greatly.

Happy Holidays and a Happy New Year.

On Mon, Dec 22, 2014 at 1:00 PM, Alessandro Martins <
alessandro.mart...@gmail.com> wrote:

> As Rubens said, ETB and Telmex Comlombia/Claro are the biggest players in
> Colombia.
>
> Other good options are Internexa, Level3 and Telefónica.
>
> Thanks,
>
> Alessandro Martins
>
> --
> Alessandro Martins
>
> On Sun, Dec 21, 2014 at 11:37 PM, Rubens Kuhl  wrote:
>
>> It's very likely that your family member has either ETB (local city-owned
>> access) or Telmex Colombia. Both players have multiple technology options
>> (ADSL and WiMAX for both, coax and fiber for Telmex Colombia), so besides
>> replacing one for the other, it might be possible to improve access by
>> using a different technology from the same vendor already in place.
>>
>> Knowing which technology options are available from each vendor at where
>> you will be will probably be key in defining a way forward.
>>
>>
>> Rubens
>>
>>
>>
>> On Sun, Dec 21, 2014 at 11:23 PM, Javier J 
>> wrote:
>>
>> > My apologies in advance If there is a better list, please let me know.
>> >
>> > I will be traveling to Bogota, Colombia for a few weeks in the spring
>> and a
>> > family member who is working there on a contract (where I will be
>> staying)
>> > has crappy internet. I want to kill 2 birds with one stone. Make sure I
>> > have reliable internet and improve what they have. I'm just not sure
>> what
>> > options are available there.
>> >
>> > I speak the language just not familiar with the options.
>> >
>> > Any help would be greatly appreciated.
>> >
>>
>
>

Re: North Korean internet goes dark (yes, they had one)

[Javier J]

But I can ping them.

https://nknetobserver.github.io/

And what would it matter if its offline, they already block their
population. What exactly is offline?

On Mon, Dec 22, 2014 at 9:05 PM, Valdis Kletnieks 
wrote:

> Any of you guys want to fess up? :)
>
>
> http://www.msnbc.com/the-ed-show/watch/north-koreas-internet-goes-dark-376097859903
>
> (Yes, I know, they're saying it's a DDoS, not a routing hack...)
>

Re: North Korean internet goes dark (yes, they had one)

[Javier J]

What would be the point in blocking them? They don't even have electricity
in the country, what would I worry about coming out of their IP block that
wouldn't be more interesting than dangerous. Pretty obvious if it was
really them behind the Sony hack, it was outsourced.


http://www.standupamericaus.org/sua/wp-content/uploads/2013/03/North-Korea-at-night.jpg

On Tue, Dec 23, 2014 at 12:38 PM, Joe Hamelin  wrote:

> On Mon, Dec 22, 2014 at 6:05 PM, Valdis Kletnieks  >
>  wrote:
>
> > Any of you guys want to fess up? :)
> >
> >
> >
> http://www.msnbc.com/the-ed-show/watch/north-koreas-internet-goes-dark-376097859903
> >
> > (Yes, I know, they're saying it's a DDoS, not a routing hack...)
>
>
> I was hoping that everyone just put 175.45.176.0/22 in their bogon list.
>
>
> --
> Joe Hamelin, W7COM, Tulalip, WA, 360-474-7474
>

Re: AS6713 (aka IAM / MOROCCO TELECOMS) peering contact

[Javier J]

What if they don't identify as a he or a she?

On Fri, Dec 26, 2014 at 6:46 PM, Clayton Zekelman  wrote:

> What if the peering team member is a she?  Should she not contact you if
> so?
>
> Sent from my iPhone
>
> > On Dec 26, 2014, at 5:48 PM, Youssef Bengelloun-Zahr 
> wrote:
> >
> > Hello,
> >
> > If someone from IAM peering team is watching, could he please get in
> touch
> > OFF-list please ?
> >
> > Best regards.
> >
> > --
> > Youssef BENGELLOUN-ZAHR
>

Re: North Korean internet goes dark (yes, they had one)

[Javier J]

Looks like it is still going on.

you can make this stuff up:

""Obama always goes reckless in words and deeds like a monkey in a tropical
forest,""

http://arstechnica.com/tech-policy/2014/12/north-korea-suffers-another-internet-outage-hurls-racial-slur-at-pres-obama/

On Wed, Dec 24, 2014 at 6:26 PM, Keith Medcalf  wrote:

> >> What would be the point in blocking them? They don't even have
> >> electricity in the country, what would I worry about coming out
> >> of their IP block that wouldn't be more interesting than dangerous.
> >> Pretty obvious if it was really them behind the Sony hack, it
> >> was outsourced.
>
> >For the few elite that do have Internet in DPRK it would be 1) a big
> >inconvenience which would annoy them a lot and 2) they have to transmit
> >what they want attacked to the outsourced crew (whoever they might be)
> >somehow.  I doubt the outsourced group has a fax#.
>
> I am pretty sure that they have fax machines in Washington Dee Cee.
>
> ---
> Theory is when you know everything but nothing works.  Practice is when
> everything works but no one knows why.  Sometimes theory and practice are
> combined:  nothing works and no one knows why.
>
>
>
>
>
>

Re: Shapefiles, KMZs, etc.

[Javier J]

If you have KMZ files you have compiled from public sources, can you make
them available?

This would be very useful to have for project I work on from time to time.

On Sat, Dec 27, 2014 at 1:00 PM, Mike Hammett  wrote:

> I am looking for shapefiles, KMZs, etc. for networks primarily in the
> Midwest, but really throughout the area that is the scope of this list. I
> am a small ISP that just happens to know more than your average ISP about
> where people are and how to use GIS tools. I use them to help other ISPs
> find transport and they may come in handy for some start-up IX work I'm
> involved with. They would not go public and I would be willing to sign NDAs
> to get them. I have gotten several form public sources, but I may not have
> gotten all of the public ones and I have some (but still only a few)
> private ones.
>
> Thank you.
>
>
>
>
> -
> Mike Hammett
> Intelligent Computing Solutions
> http://www.ics-il.com
>
>