Hi,
We currently announce our entire range as the largest possible aggregates.
We are about to add the first site that's a sizable distance away.
The link to the remote site is relatively expensive, so we don't want to
have to backhaul traffic between the sites if we can help it.
We seem to hav
On Mon, 13 Dec 2004, Alex Bligh wrote:
--On 13 December 2004 13:18 + Sam Stickland <[EMAIL PROTECTED]>
wrote:
doesn't lock out traffic for such long periods of time.
Could it be that buffers and flow-control over the 14ms third party leg
are causing the rate-limiting leaky bucket
Hi,
Just a quicky. We've got leased line out to a remote site that's pretty
much at capacity for remote to local site traffic, and from time to time
it appears to lock up for periods of 30 seconds or more.
Investigating it appears we outbound traffic shape, and ingress rate-limit
at the 'local'
Since IPSEC is an integral part of IPv6 won't this have an affect on the
deep packet inspection firewalls? Is this type of inspection expected to
work in IPv6?
Perhaps using some kind of NAP the firewall is allowed to speak on behalf
of the host(s) it firewalls, so that to the client it appears
Hi,
Quick question: If I have two E1 ports (RJ45), then will running a
straight ethernet cable between the two ports have the same affect as
plugging a ballan into each port and using a pair of coax (over a v.
short distance).
Likewise would using an ethernet crossover cable have the same affec
Hi,
We're looking at doing outbound traffic values based on upstream ("tier1")
MED values. But, of course, there's no standard for MED values. Assuming I
can get definations from the upstreams as to what their MED values mean, I
have to rebase them into a common range.
However, a route-map (cis
On Wed, 25 May 2005, Eric A. Hall wrote:
On 5/25/2005 7:08 AM, Mikael Abrahamsson wrote:
I've been debating whether the TOS header information must be left
untouched by an ISP, or if it's ok to zero/(or modify) it for internet
traffic. Does anyone know of a BCP that touches on this?
My tho
Hi,
I'm wondering what seen as best practice in this network layout:
cisco6500 Network Cloud cisco3550 --- Client
The client needs a full BGP feed, which of course the 3550 is unable to
provide, but the cisco 6500 can. The network cloud is relatively simple,
and is running IP.
Th
Andrew - Supernews <[EMAIL PROTECTED]> wrote:
>> "Per" == Per Gregers Bilse <[EMAIL PROTECTED]> writes:
>
> Per> But that wasn't really the point. If I telnet to all border
> Per> routers and do 'sh ip b' I can get all tables too; likewise if I
> Per> have a starting point and do a lot of
Bruce Pinsky <[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Per Gregers Bilse wrote:
>
>> On May 28, 10:37am, "Sam Stickland" <[EMAIL PROTECTED]> wrote:
>>
>>> Are there any BGP extensions that would cau
Are there any BGP extensions that would cause a BGP speaker to foward all of
it's paths, not just it best? I believe quagga had made some recent attempts
in this direction. IIRC the problem isn't to do with the route annoucements,
it's the route withdrawals. I believe BGP only specifies the prefix
Per Gregers Bilse <[EMAIL PROTECTED]> wrote:
> On May 28, 10:37am, "Sam Stickland" <[EMAIL PROTECTED]> wrote:
>> Are there any BGP extensions that would cause a BGP speaker to
>> foward all of it's paths, not just it best? I believe quagga had
&g
Thanks for the reply. Pretty much everyone has told me that it's vendor
specific, although the implementation mentioned below sounds nice. Any
chance of naming that vendor?
One question about this, the Q-in-Q tunnelling would have to take place on
the switch connected to the ring - what happens
On Wed, 7 Jul 2004, Mikael Abrahamsson wrote:
>
> On Wed, 7 Jul 2004, Sam Stickland wrote:
>
> > One question about this, the Q-in-Q tunnelling would have to take place on
> > the switch connected to the ring - what happens if the packet has already
> > been placed i
On Tue, 13 Jul 2004, Eric Kagan wrote:
>
> > > Is anyone aware of a WIC card that will work with the lower end Cisco
> gear
> > > (1700 or 2600 series) that will allow me to terminate an ADSL or
> > > preferably an SDSL line directly on the router? The idea being that the
> > > router is then a
On Wed, 14 Jul 2004, Joe Maimon wrote:
>
> Sam Stickland wrote:
>
> >On Tue, 13 Jul 2004, Eric Kagan wrote:
> >
> >>There is a WIC-1ADSL for 1700/2600. Not sure about an SDSL WIC. We have
> >>done a few T1/ADSL and ADSL/ISDN setups and it seems to w
Well, a naive calculation, based on reducing the TTL to 15 mins from 24
hours to match Verisign's new update times, would suggest that the number
of queries would increase by (24 * 60) / 15 = 96 times? (or twice that if
you factor in for the Nyquist interval).
Any there any resources out there t
way it was if there is an event of such proportion
> to totally hoze the entire network or any major
> portion of it, until they fix any major issue with
> these changes....
>
> -Henry
>
> --- Sam Stickland <[EMAIL PROTECTED]> wrote:
> >
> > Well, a naive cal
among more
than 10 or 20 clients. These results suggest that the performance of DNS
is not as dependent on aggressive caching as is commonly believed, and
that the widespread use of dynamic, low-TTL A-record bindings should not
degrade DNS performance.
Sam
On Thu, 22 Jul 2004, Sam Stickla
Last draft appeared to be
http://www.watersprings.org/pub/id/draft-retana-marp-02.txt
which expired Sept 2003 (Abstract: defines a protocol to quickly determine
the existence or aliveness of devices attached to a shared media
(broadcast) subnet.)
First read about it in this presentation, where
On Wed, 4 Aug 2004, Randy Bush wrote:
How much is "low latency"? I have 6ms RTT over my 8M/800k ADSL, it's
usually 6-8ms over an equivalent 2M g.shdsl line.
interesting question. i have two adsl lines. pinging the first hop
router
verizon / lavanet (hawi to honolulu, 25 mins air time by plane)
Hi,
I'm interested in experiences (good and bad) that people have had with
various TDM over IP products.
If people can reply off-list I'll post a summary to the list in a day or
two.
Sam
On Thu, 14 Oct 2004, Joe Maimon wrote:
Sabri Berisha wrote:
On Mon, Oct 11, 2004 at 11:12:55AM +0300, Pekka Savola wrote:
Hi Pekka and others,
Please send comments to me by the end of this week, either on- of
off-list, as you deem appropriate.
With the risk of stating the obvious I would say that
I haven't seen anything like this before, so I'm hoping someone here could
enlighten me.
We have a customer that has taken a single co-located server from us. They
can download large files from this server to any machine, except the Mac
OS X machines at the end of their shared leased line at th
- Original Message -
From: "Laurence F. Sheldon, Jr." <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, January 16, 2004 10:49 PM
Subject: Re: sniffer/promisc detector
>
> Gerald wrote:
> >
> > Subject says it all. Someone asked the other day here for sniffers. Any
> > progress
Christopher Bird wrote:
> Please pardon my ignorance, but I am *mightily* confused.
> In a message from Michel Py is the following:
>
>>
>>
>>> and ISTR one patch for Outlook 2000 that blocked
>>> your ability to save executables was released)
>>
>> It default in Outlook XP and Outlook 2003, whic
Hi,
There was a link posted to this list about six months ago, of a presentation
that showed how to use additive MEDs to set up traffic flows correctly
between sites (where each site is it's own BGP confederation) and showing
animation of the resulting (example) traffic flows. I remember that the
Thanks Pete, that's exactly what I was looking for :)
Sam
Pete Templin wrote:
> This might be it: http://www.nanog.org/mtg-0006/confed.html
>
> (It's certainly been a great reference to me!)
>
> Sam Stickland wrote:
>
>> Hi,
>>
>> There was a
[EMAIL PROTECTED] wrote:
>
> P.S. I think a solution lies in the general direction
> of converting the entire world to use 112 for emergency
> services and having the VoIP services set up an automated
> system that rings back whenever your phone connects using
> a different IP address and asks you
Curtis Maurand wrote:
> On Mon, 1 Mar 2004, Todd Vierling wrote:
>
>> On Mon, 1 Mar 2004, Curtis Maurand wrote:
>>
>>> Sure they doits called COM/DCOM/OLE/ActiveX or whatever they
>>> want to call it this week. Its on every windows system.
>>
>> No, my point was that the majority of newer tro
For the people talking about how quickly the variants have been produced ;)
http://news.bbc.co.uk/1/hi/technology/3532009.stm
Seems the authors are taunting each other in the code.
Sam
Curtis Maurand wrote:
> On Thu, 4 Mar 2004, Laurence F. Sheldon, Jr. wrote:
>
>>
>> Jeff Shultz wrote:
>>
>> There are others.
>> unquote
>>
>
> But nothing that's been developed. Joe user's ip address changes on a
> regular basis. One would still need to find that machine. DNS gets
> cached (s
Joel Jaeggli wrote:
> On Thu, 11 Mar 2004, Petri Helenius wrote:
>
>>
>> Gregory Taylor wrote:
>>
>>>
>>> Oh yes, lets not forget the fact that if enough sites have this
>>> 'firewall' and one of them gets attacked by other sites using this
>>> firewall it'll create a nuclear fission sized chain r
[EMAIL PROTECTED] wrote:
> So, the US gov't is "Satan" going after "innocent" hackers in Wales?
> It still boggles my mind how prevelant this shallow, trendy attitude
> is in Europe, even among supposedly educated people. Why think when
> you can just join the crowd spewing ignorance, as long as
Hi,
I'm having a right mare trying to get a Foundry BigIron to connect up to a
cisco 2950T, via Gigabit copper.
The Foundry BigIron is using a cisco RJ45/copper GBIC that was pulled from
a live cisco 6500, where it was working fine. The cisco 2950T has two
fixed 10/100/1000 RJ45 ports.
Th
oundry equipment
before, not sure if that could be an issue. I would go with
the hard set 1000-full on both sides.
David
From: Sam Stickland
Hi,
I'm having a right mare trying to get a Foundry BigIron to
connect up to a cisco 2950T, via Gigabit copper.
The Foundry BigIron is using a c
Hi,
On Sun, 15 Jan 2006, Paul G wrote:
- Original Message - From: "Farrell,Bob" <[EMAIL PROTECTED]>
To: "Randy Bush" <[EMAIL PROTECTED]>; "David Hubbard"
<[EMAIL PROTECTED]>
Cc: "Sam Stickland" <[EMAIL PROTECTED]>; &l
ock signal.
Can anyone elaborate?
Sam
On Sun, 15 Jan 2006, Sam Stickland wrote:
Hi,
On Sun, 15 Jan 2006, Paul G wrote:
- Original Message - From: "Farrell,Bob" <[EMAIL PROTECTED]>
To: "Randy Bush" <[EMAIL PROTECTED]>; "David Hubbard"
<[E
On Mon, 16 Jan 2006, Mark Smith wrote:
On Sun, 15 Jan 2006 23:50:07 + (GMT Standard Time)
Sam Stickland <[EMAIL PROTECTED]> wrote:
Hi,
The cabling arrangement is:
Foundry -- Straight -- Patch -- Underfloor -- Patch -- Crossover -- Cisco
GBIC Cable Panel St
straight cable and if that fails I'll have to make up a 1000Base-T
crossover cable.
Thanks for all the help people,
S
On Mon, 16 Jan 2006, Sam Stickland wrote:
On Mon, 16 Jan 2006, Mark Smith wrote:
On Sun, 15 Jan 2006 23:50:07 + (GMT Standard Time)
Sam Stickland <[EMAIL PROTECTED
Thanks Mark - just found the same thing out myself :)
S
On Mon, 16 Jan 2006, Mark Smith wrote:
On Mon, 16 Jan 2006 00:24:35 + (GMT Standard Time)
Sam Stickland <[EMAIL PROTECTED]> wrote:
On Mon, 16 Jan 2006, Mark Smith wrote:
On Sun, 15 Jan 2006 23:50:07 + (GMT Standar
Hi,
I've had a lot of emails asking me how I was getting on with this, so I
figured I'd do a quick redux of the issues for the archives.
One of the main problem actually turned out to be a damaged strand in the
CAT5e underfloor cabling, which meant that the connection would work at
10/100,
Hi,
Long story short... I'm under some considerable pressure from management
to obtain a /24 of addresses from ARIN. We are a UK based ISP that are, of
course, members of RIPE. Is this possible? If I approach one of ARIN's
LIRs can they obtain ARIN PI space for our client, and are their any
an operational that comes down hard on nefrarious
activities. Sorry.
Sam
On Thu, 19 Jan 2006, David Ulevitch wrote:
Be wary.
Who is this client? Some of us in the security abuse world wouldn't mind a
heads up...
-david
On Jan 19, 2006, at 6:20 AM, Sam Stickland wrote:
Hi,
Long
Matt,
A few quick questions for you, if you got the time to answer it would be
appreciated (questions inline):
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
> Matt Ghali
> Sent: 04 July 2006 07:21
> To: Patrick W. Gilmore
> Cc: nanog@merit.edu
> Su
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
> Sean Donelan
> Sent: 24 July 2006 13:27
> To: nanog@merit.edu
> Subject: Re: Hot weather and power outages continue
>
>
> I've always been a fan of being able to force 100% economizer and chiller
> lo
It's called Ehnt - the Extremely Happy Netflow Tool :)
http://ehnt.sourceforge.net/
S
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
> matthew zeier
> Sent: 04 August 2006 07:05
> To: [EMAIL PROTECTED]
> Subject: text based netflow top ASN tool?
>
Hi John,
John Kristoff wrote:
On Thu, 7 Sep 2006 07:27:16 -0400
"Mike Walter" <[EMAIL PROTECTED]> wrote:
Sep 7 06:50:20.697 EST: %SEC-6-IPACCESSLOGP: list 166 denied tcp
69.50.222.8(25) -> 69.4.74.14(2421), 4 packets
[...]
I'm not very familiar with NBAR or how to use it for CodeRed, but th
Hi Glenn,
Glen Kent wrote:
Hi,
There is an interesting discussion going on in the IDR WG and i am
cross posting a mail on Nanog to hear from the operators, if what is
described below, a common practise followed by them:
>> I don't think its correct to advertise one while using both for
>> f
Scott Weeks wrote:
--- [EMAIL PROTECTED] wrote:
What (if any) are the legal implications of taking internet destined
traffic in one country and egressing it in another (with an ip block
correctly marked for the correct country).
Somebody mentioned to me the other day that they thought the Dut
Ted Hardie wrote:
Fred Baker writes:
Hence, moving a file into a campus doesn't mean that the campus has the file and
will stop bothering you. I'm pushing an agenda in the open source world to add
some concept of locality, with the purpose of moving traffic off ISP
networks when I can.
Sean Donelan wrote:
Much of the same content is available through NNTP, HTTP and P2P. The
content part gets a lot of attention and outrage, but network
engineers seem to be responding to something else.
If its not the content, why are network engineers at many university
networks, enterpri
Interesting. I imainge this could have a large impact to the typical
enterprise, where they might do large scale upgrades in a short period
of time.
Does anyone know if there are any plans by Microsoft to push this out as
a Windows XP update as well?
S
Leo Bicknell wrote:
Windows Vista,
Mikael Abrahamsson wrote:
On Mon, 22 Oct 2007, Sam Stickland wrote:
Does anyone know if there are any plans by Microsoft to push this out
as a Windows XP update as well?
You can achieve the same thing by running a utility such as TCP
Optimizer.
http://www.speedguide.net/downloads.php
Adrian Chadd wrote:
On Tue, Oct 23, 2007, Sam Stickland wrote:
I'm concerned that if Microsoft were to post this as a patch to Windows
XP/2003 then we would see the effects of this "all at once", instead of
the gradual process of Vista deployment. Anyone agree?
You
Iljitsch van Beijnum wrote:
On 22-okt-2007, at 18:12, Sean Donelan wrote:
Network operators probably aren't operating from altruistic
principles, but for most network operators when the pain isn't spread
equally across the the customer base it represents a "fairness"
issue. If 490 customer
Iljitsch van Beijnum wrote:
On 23-okt-2007, at 15:43, Sam Stickland wrote:
What I would like is a system where there are two diffserv traffic
classes: normal and scavenger-like. When a user trips some
predefined traffic limit within a certain period, all their traffic
is put in the
Sean Donelan wrote:
When 5% of the users don't play nicely with the rest of the 95% of
the users; how can network operators manage the network so every user
receives a fair share of the network capacity?
This question keeps getting asked in this thread. What is there about a
scavenger class (ba
Kevin Day wrote:
Yeah, I guess the point I was trying to make is that once you throw
SACK into the equation you lose the assumption that if you drop TCP
packets, TCP slows down. Before New Reno, fast-retransmit and SACK
this was true and very easy to model. Now you can drop a considerable
num
Could be your TCP window size? A 17520 byte TCP window (Windows 2000)
will cause a single flow to top out at 5Mbps at about 50ms. What is the
latency on the link?
Try some figures here and see what limit you might be hitting:
http://www.wand.net.nz/~perry/max_download.php?bits_per_second=155
Saku Ytti wrote:
(oops technical question in nanog, wearing my asbestos suit)
Consider this topology
GSR - 3750 --(GE over 4xVC4) - NSE100 - NSE100 --(GE over 4xVC4) -- 3550 - GSR
All other fibres are dark fibres, except marked.
When we ping either NSE100 <-> GSR leg, when there is no backgr
Will Hargrave wrote:
[EMAIL PROTECTED] wrote:
I have to admit that I have no idea how BT charges
ISPs for wholesale ADSL. If there is indeed some kind
of metered charging then Internet video will be a big
problem for the business model.
They vary, it depends on what pricing model has
Joseph S D Yao wrote:
On Mon, Apr 02, 2007 at 10:56:00PM -0500, Gadi Evron wrote:
...
I just posted this, and I believe it makes sense:
Title: Put Security Alongside .XXX
Isn't security as important to discuss as .XSS?
The DNS has become an abuse infrastructure, it is no longer just a
fun
Matthew Palmer wrote:
I can think of one counter-example to this argument, and that's
SSL-protected services, where having a proxy, transparent or otherwise, in
your data stream just isn't going to work.
Not so. Look at: http://muffin.doit.org/docs/rfc/tunneling_ssl.html
S
64 matches
Mail list logo
