, and
Paetec just got lucky?
------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
ise
> a /16 prefix out to the Internet, rather then a /22. We have not been
> able to accommodate this unfortunately.
>
> -Original Message-
> From: Jon Lewis [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, July 06, 2005 10:31 AM
> To: Sanfilippo, Ted
> Cc: nanog@merit.ed
> Does anyone have a bad-guy list (or part of one) that I can use to get
> started?
> I'm using pf under OpenBSD 3.7 as a firewall box.
data from blackholes.us may be useful. As luck would have it, I can't
load their web page at the moment.
-----
every major (and many minor) telco has the same mess.
>
> "Never attribute to malice that which can be adequately explained by
> stupidity."
If its well known that your A/R is a fairy tale (or horror fiction), but
you continue to book it as revenue, how is that not fraud?
g one of those to
provide a phone line to his personal asterisk server.
------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
rnate root zone I don't query.
RBL is, AFAIK, a MAPS trademark...so there's only one RBL (or set of
them run by MAPS).
------
Jon Lewis | I route
Senior Network Engineer | therefore y
cisco-nsp?
------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
I basically picked the largest, most important looking
networks and contacted them manually via email and phone.
------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic
.255 addresses.
------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
to 12.1T due to too many
new bugs.
------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
n Class C space...
Yeah. It definitely has "ip classless" and "ip subnet-zero" in the
config.
------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic N
3 of DSL and
PPPoE DSL from a DSLAM.
----------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
ilizing our VOIP network, if I force the call to go out
through a PRI in a city other than Gainesville, it also goes through.
----------
Jon Lewis | I route
Senior Network Engineer | t
s.
Is anyone aware of Sprint having LD voice routing issues, probably a
result of Katrina damage?
------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net
en an LD number.
------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
follow the rules.
------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
I almost email'd Paul (note, not the list) to ask what
these had to do with network operations.
------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
if you happen to be on the
outside trying to get in to manage things, you may suffer a little packet
loss if your transit pipes are full, but nothing compared to the first
case.
------
Jon Lewis | I route
Senior Ne
how to reach me.
------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
--
Richard A Steenbergen <[EMAIL PROTECTED]> http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
----------
Jon Lewis | I route
Senior Network Eng
cheaper transit.
------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
connect, sure that can be done quickly...but at least around here,
getting any sort of high bandwidth circuit (>T1) can take months. IIRC,
the UNE DS3 connecting our office to the rest of our network was several
months late.
one already .procmailrc'ing Peter to /dev/null for
sneaking this into your inbox.
----------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http:/
ve
coming.
------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
nts). Other than expansion (more
network statements), running out of RAM again, or changing providers, I
doubt their BGP config will need to be touched in the forseeable future.
--
Jon Lewis
BGP or
just sending them 0/0. Another 3640 bites the dust.
------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
route to customers?
--
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
ade it to 384mb.
------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
ou will be unable to reach
single-homed Cogent customers (or Cogent itself) from your friend's
single-homed Level3 colo...as you were when Level3 depeered Cogent
previously.
----------
Jon Lewis | I route
traffic cross country? i.e. We both bill
our customers...who pays to move the bits cross country?
--
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
#x27;s going on out there?
------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
#x27;d...not just nanog'd. They've
apparently mistaken the spike in load for a DoS.
------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http:
us fiber cuts...yeah, that seems likely.
------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
54
12. ???
------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
anizations/networks. Those entities may have several ASNs or no ASN of
their own. You can see what ASN(s) annnounce what prefixes by looking at
BGP.
------
Jon Lewis | I route
Senior Network Engineer | therefo
tency.
If that model doesn't work for the ISP in question, they should ask Akamai to
pull their gear.
Think of the man hours that'd take, ripping them out, boxing them up, etc.
:)
------
Jon Lewis
ilar errors:
% ERROR: serials (1 - 108) don't exist!
% ERROR: 4: Invalid range: serial(s) 1-2902 don't exist
--
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
c.net/
------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
reveals.
Nobody remembers Nachi/Welchia and the damage it did to networks while
curing blaster?
Nice intention. Bad idea.
--
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net
improve before we see widespread use of bogus DSN
sender DNSBLs. Unfortunately, for some people, experiencing pain is the
only way they can be convinced to clean up their problems.
----------
Jon Lewis | I route
Sen
te would their
default bogon filters be now?
------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
. :)
As long as you don't believe the performance numbers someone at cisco made
up for the 7500 VIP datasheets, you'll be fine.
----------
Jon Lewis | I route
Senior Network Engineer
the /24s, but I don't want to call negative attention to
> a SP that might be doing his/her job just fine and I just have unrealistic
> expectations..
How about you post the /8 they're from (if you haven't already).
-
e some much smaller bursts of updates around
11:15AM...but I haven't noticed any connectivity issues.
------
Jon Lewis | I route
Senior Network Engineer | therefore you are
A
erisk/example-configs.2003-04-24/
They're allegedly a config setup to talk to inoc-dba.
--
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
got this today from 2 of 3 transit providers (6461 and 3356).
--
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp
cident where they
went from 962 nets on 07Feb05 to 2238 routes 08Feb05, 2602 routes 09Feb05,
and finally back down to 1031 on 11Feb05. Anyone know what happened
there?
------
Jon Lewis | I route
Senior Network En
x27;ll bet there are at least hundreds of similar AS's that just need to
be prodded (or maybe even some hand holding or config help) in order to
clean up their announcements.
--
Jon Lewis | I route
Senior
m to the
correct customers.
----------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
grade routers to support a feature set
> of their choosing.
>
> A lot of malware uses TFTP to update itself as well.
Didn't nachi setup a tftpd on infected systems and then use tftp to load
itself onto systems it spread to?
-------
#x27;t be held against the provider when
they apply for more space.
----------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
just been coverup for network stability/capacity issues.
------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
e same time the day before. Maybe it wasn't quite the "first
issue" they've ever had related to software upgrades.
--
Jon Lewis | I route
Senior Network Engineer | therefore you are
t, but they
don't even exist anymore AFAIK, as they were bought by USLEC.
So while the list would be useful as a contact list for those affected, I
doubt it's going to influence anyone's transit buying decisions.
------
Jon
istic. Would it be that hard for someone at
aol.net to take a single /32 from that vast IP range and assign it to a
host as an IP alias or router loopback address?
I did that (router loopback to give people something to ping) with a 69/8
IP before setting up 69box.
-------
problem without too much effort before handing "damaged IP space" out
to members. The current situation frustrates those who don't know what to
do, and encourages them to look elsewhere for the IP space they need.
--
etworks are (and try contacting them) before we start using or
assigning IP's from that space.
[1] at least not until cisco adds a feature allowing you to ignore new BGP
routes for subnets of a bogon feed.
--
Jon Le
rom older space. At
least then members given former bogon IP blocks could go to that page, see
if there are any networks listed that they might care about reachability
to, and try to make contact themselves with those networks they care
about in order to get their bogon issues resolved.
--
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
ch I
think was doing some flavor of g.723. Quality wasn't perfect, but it
really did work. As others have said, PTP is what eats PIPE.
------
Jon Lewis | I route
Senior Network Engineer | therefo
86400 ); Minimum
IN NS localhost.
* PTR invalid
--
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
you on losing the * entry, and just letting it return
nxdomain.
----------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
On Thu, 7 Apr 2005, Eric A. Hall wrote:
> On 4/7/2005 1:02 PM, Jon Lewis wrote:
> > On Thu, 7 Apr 2005, Eric A. Hall wrote:
>
> > Would you really have to scream?
>
> If folks were used to just adding forwarder entries to named.boot, yes,
> since they'd als
ave I gone too far with 3 prepend
> statements.
Who's ASN are you prepending on your advertised routes?
----------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net
outes when propogating them to their
peers.
----------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
tp://www.arin.net/policy/proposals/2003_15.html
http://archives.afnog.org/msg02339.html goes into much more detail
----------
Jon Lewis | I route
Senior Network Engineer | therefore you
think they're not just bots participating in
a DDoS?
------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis
localized
meaning for global. :)
----------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
promptly infected.
----------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
der the load.
------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
quire actually picking them up first,
which LE doesn't seem to be motivated or have the time to do.
--
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
eed.
BGP routing table entry for 192.169.0.0/16, version 17612444
Paths: (1 available, best #1, table Default-IP-Routing-Table)
Advertised to update-groups:
1
4323
------
Jon Lewis | I route
Senior Net
at number out of
someone's
------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
evel of notification, but why
bother if you're not going to stick to what you publicize?
--
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
st for those types of events.
So send out another email.
"Hey people, something came up and we couldn't get started on schedule.
We've rescheduled the test to begin at 16:00 UTC, June 20."
Incidentally, I got a small flurry of MAXAS-LIMIT messages from our
transit routers,
t reply to requests.
------
Jon Lewis [EMAIL PROTECTED]| I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
our transit providers have dampened them out of
existence.
----------
Jon Lewis [EMAIL PROTECTED]| I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
the
problem. We do not know what caused the failure
at this time.
Apparently networking issues are causing networking issues on their
network. I hate it when that happens.
----------
Jon Lewis | I route
Senio
.
--
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
What's going on? whois.arin.net is not accepting connections and the
whois search via www.arin.net is dead again.
------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlanti
ll be revoked if/when the
customer's service is terminated. I'll have to see if ours have anything
about that.
--
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
server, it
will not normally contact that server again.
------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
e not been looking
forward to changing that as it means redoing half a dozen BGP peerings.
--
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
ational lesson here is that it's not just the junk from
Redmond that may have classful/classless IP routing issues. Even your
core routers might, depending on IOS versions.
--
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
now. I suspect Alex can't post it without being
in violation of the TRO since he knows what we'll do with it.
----------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net
systems is somewhat inflexible
with IP addressing and would need to be hacked to deal with dual IP blocks
during the transition.
----------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlanti
/16 worth of NAC space, probably
in several blocks of /24 and shorter.
So, how do your filters tell the difference between these broken out
NAC routes through a new provider and "multihomed customer routes with the
primary provider's connection down"?
-------
quot; and hitting return before typing
"secondary". Maybe it would have been better/safer if the command were
"secondary ip addr ..." :)
--
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
ur.packets.call.1-900-... :)
----------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
om being blocked by
AOL.
In the mean time, the original person's only option may be to change the
IP(s) they use to deliver mail to AOL. That's what I did while I waited
for my week later call-back...and it worked.
--------
ked than have to
call them and wait a week for a callback to possibly find out why we're
blocked.
--
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
needed anymore?
Hadn't it gotten to the point shortly before Cidera folded that the
satellite bandwidth was so insufficient for a "full feed" that it was of
questionable value?...or was it still fine if you wanted a usenet feed
with no binaries?
--------
e would be unnecessary :)
----------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
ng at the seams of our
drive space and chose to outsource rather than build an even bigger
server.
AFAIK, we still have one or more dishes and several receivers kicking
around somewhere.
------
Jon Lewis | I route
S
ir message was rude, just try to imagine the crap
people send _to_ DNSBLs. It makes the message from the Swedes seem like
they were kissing your @$$.
----------
Jon Lewis | I route
Senior Network Engineer | theref
time.
Welcome to NANOST (North American Network Operaters Spam Talk). But
seriously, anyone who has an interest in such issues ought to at least
occasionaly read spam-l or spamtools before posting to nanog about long
fixed problems in old software.
-----
t http://69box.atlantic.net/cgi-bin/bogon still lists a several
hundred networks with 69/8 issues. They're still slowly getting fixed.
I just found several listed IPs that are finally reachable from 69/8.
------
le network wide, but
concentrated on the eastern US.
------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
ng MD5 on BGP peers under
certain latest in their train IOS versions will immediately crash IOS.
Guess how I know that?
----------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atl
7; BGP, that's
not true for all Sprintlink customers.
----------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
m Sprint can tell us, but I suspect it's just a change
in policy at least several years ago.
----------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net|
_ htt
1 - 100 of 184 matches
Mail list logo
