Re: used hardware

www.subspacecom.com -- gear ++ Shows up @ NANOG, doesn't spam and clue. Best, -M< On 12/18/09, Barrett Lyon wrote: > I buy a lot of gear from Peter Giberd at Townsend. I have been > working with him for a good 7 years. It's budded into a friendship, > good people there. > > -B > > > http://

Re: Revisiting the Aviation Safety vs. Networking discussion

1. I grew up at the local airport watching my CFII pop train an endless stream of pilots. 2. The checklist for my last production gear swap had over 400 steps and 4 time/task gates (each with a rollback plan). As I did each sequence of steps, I called it out, and someone read their copy of the

Re: [NANOG] Roport on internet business

>- Original Message >From: Jared Mauch >I know, watching my local incumbent they are not replacing damaged copper with >fiber. I think they must have warehouses of it someplace. I can't imagine >that it is good to replace buried copper w/copper during the wintertime. If >you're out

Re: IPv6 Training

Marty A., Not an endorsement, but Aaron Hughes ahug...@bind.com has been doing training. I mention him because I'm aware that he has a track record, has done some +NOG presos and generally knowledgeable. He's also the only person I'm aware of outside of Europe doing training. Alternatively, I bel

Re: UltraDNS Failure?

Richard A Steenbergen wrote: On Wed, Dec 23, 2009 at 05:38:21PM -0800, Shrdlu wrote: I'm still seeing the DNS servers at udns down, hard. Amazon's cloud will need a reboot when this is over. Dang, what the heck happened to all that anycast stuff? We have some DNS providing type customers (

Re: UltraDNS Failure?

There have been several DNS based DDoS observed throughout the day targetting Ultra as well as a few other companies. They were first observed earlier in the morning on the East coast. --Original Message-- From: Richard A Steenbergen To: Shrdlu Cc: Nanog Subject: Re: UltraDNS Failure? S

Re: UltraDNS Failure?

On Wed, Dec 23, 2009 at 05:38:21PM -0800, Shrdlu wrote: > I'm still seeing the DNS servers at udns down, hard. Amazon's cloud will > need a reboot when this is over. Dang, what the heck happened to all > that anycast stuff? We have some DNS providing type customers (not UltraDNS) receiving a few

Re: UltraDNS Failure?

I'm still seeing the DNS servers at udns down, hard. Amazon's cloud will need a reboot when this is over. Dang, what the heck happened to all that anycast stuff?

Re: UltraDNS Failure?

Mark Pace wrote: Anyone else having problems resolving DNS from UltraDNS? I'm seeing this: $ dig www.ultradns.com @8.8.8.8 Yeah, they went belly up in the last 20 or so. Hard. Looks like it's hitting some of Amazon's Cloud stuff too. It seems west coast related, by the way. On

Re: UltraDNS Failure?

Clarification: www.ultradns.com is back. There are still other problems afoot, like amazon: $ dig amazon.com @8.8.8.8 ; <<>> DiG 9.6.0-P1 <<>> amazon.com @8.8.8.8 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 56390 ;; flags: qr rd ra; QUERY: 1, ANSWE

Re: [NANOG] Roport on internet business

--- sc...@doc.net.au wrote: -- From: Scott Howard On Wed, Dec 23, 2009 at 3:01 PM, Scott Weeks wrote: > It must be purchased: Only if you want the dead-tree edition. The others are linked below the text you've quoted. -- DOH! I blame i

Re: UltraDNS Failure?

> >>> Anyone else having problems resolving DNS from UltraDNS? >>> >>> I'm seeing this: >>> >>> $ dig www.ultradns.com @8.8.8.8 >>> >> Yeah, they went belly up in the last 20 or so. Hard. Looks like it's >> hitting some of Amazon's Cloud stuff too. It seems west coast related, >> by the

Re: UltraDNS Failure?

>> Anyone else having problems resolving DNS from UltraDNS? >> >> I'm seeing this: >> >> $ dig www.ultradns.com @8.8.8.8 > > Yeah, they went belly up in the last 20 or so. Hard. Looks like it's > hitting some of Amazon's Cloud stuff too. It seems west coast related, > by the way. > On the west co

Re: UltraDNS Failure?

Mark Pace wrote: Anyone else having problems resolving DNS from UltraDNS? I'm seeing this: $ dig www.ultradns.com @8.8.8.8 Yeah, they went belly up in the last 20 or so. Hard. Looks like it's hitting some of Amazon's Cloud stuff too. It seems west coast related, by the way. -- Oh, mairzy

Re: [NANOG] Roport on internet business

Maybe we need to pass some laws that ban copper wire outdoors. On 12/23/2009 4:22 PM, Jared Mauch wrote: On Dec 23, 2009, at 6:11 PM, Richard Bennett wrote: The authors are pretty well convinced that the demand for more wireless spectrum will be handled by spectral efficiency improvements

Re: [NANOG] Roport on internet business

On Wed, Dec 23, 2009 at 3:01 PM, Scott Weeks wrote: > It must be purchased: > Only if you want the dead-tree edition. The others are linked below the text you've quoted. Scott.

Re: [NANOG] Roport on internet business

On Dec 23, 2009, at 6:11 PM, Richard Bennett wrote: > The authors are pretty well convinced that the demand for more wireless > spectrum will be handled by spectral efficiency improvements and deployment > of more towers, they stress the importance of replacing copper with fiber and > microwav

Re: IGMP and PIM protection

> > I think OP meant that he only wants an integrity check of the control > traffic, not confidentiality, hence the statement that he does not want to > encrypt the control traffic. Yes, thats correct. Kent > > Stefan Fouant > www.shortestpathfirst.net > GPG Key ID: 0xB5E3803D > >

Re: IGMP and PIM protection

> > Musing on the idea for a moment, it would surely be 'nice' to somehow > know that PIM v2 joins from some other network were, in fact, 'good' > or somehow well-formed, rate-limited, and/or somehow 'safe' to accept > & hold state for. However, it seems as if the OP isn't interested in > inter-dom

Re: IPv6 Training

On 12/23/2009 13:03, Mike Leber wrote: > > Marty Anstey wrote: >> Just wondering if anyone has had any experience with IPv6 training >> courses. >> >> A quick search turns up a few results on the subject, but it would be >> handy to hear if anyone has any firsthand experiences or >> recommendations

Re: [NANOG] Roport on internet business

It's actually available for free on the World-Wide Internet at http://www.morganstanley.com/institutional/techresearch/pdfs/Mobile_Internet_Report_Key_Themes_Final.pdf , but you can purchase a paper copy if you'd rather. It's pretty slow going as it's mostly power points, some with lots and lots

Re: IPv6 Training

On Dec 23, 2009, at 12:00 PM, Marty Anstey wrote: > Greetings, > > Just wondering if anyone has had any experience with IPv6 training courses. > > A quick search turns up a few results on the subject, but it would be > handy to hear if anyone has any firsthand experiences or recommendations. >

Re: [NANOG] Roport on internet business

--- taka...@cpqd.com.br wrote: From: "Takashi Tome" Morgan Stanley has released a very interesting report on internet business with some tips to net operators: http://www.morganstanley.com/institutional/techresearch/mobile_internet_report122009.html

Re: IGMP and PIM protection

On Wed, Dec 23, 2009 at 10:24 AM, Stefan Fouant wrote: > I think OP meant that he only wants an integrity check of the control > traffic, not confidentiality, hence the statement that he does not want to > encrypt the control traffic. I read the OP to mean this, too. Musing on the idea for a mom

Re: IPv6 Training

Marty Anstey wrote: Just wondering if anyone has had any experience with IPv6 training courses. A quick search turns up a few results on the subject, but it would be handy to hear if anyone has any firsthand experiences or recommendations. We're based in western Canada but don't mind traveling

Revisiting the Aviation Safety vs. Networking discussion

Those that remember the discussion may find this article interesting: http://abcnews.go.com/Health/wireStory?id=9394406 Owen

Re: IPv6 Training

On Wed, Dec 23, 2009 at 12:00:28PM -0800, Marty Anstey wrote: > Greetings, > > Just wondering if anyone has had any experience with IPv6 training courses. > > A quick search turns up a few results on the subject, but it would be > handy to hear if anyone has any firsthand experiences or recommend

IPv6 Training

Greetings, Just wondering if anyone has had any experience with IPv6 training courses. A quick search turns up a few results on the subject, but it would be handy to hear if anyone has any firsthand experiences or recommendations. We're based in western Canada but don't mind traveling a bit, but

Re: Article on spammers and their infrastructure

JD Great point, I am more than happy to have a couple of people from ARIN or RIPE as guests at the next MAAWG in SFO or the subsequent one in Barcelona. Mike On 12/23/09 1:18 PM, "J.D. Falk" wrote: > On Dec 22, 2009, at 11:58 PM, Christopher Morrow wrote: > >> > On Wed, Dec 23, 2009 at 1:12

looking for a contact at Orange

if anyone has a contact at Orange or is from Orange, can you contact me off list. need help with some issues originating from the EU. -- Andrew Young Webair Internet Development, Inc. Phone: 1 866 WEBAIR 1 x143 http://www.webair.com Shift hours: Tues-Fr

Re: Article on spammers and their infrastructure

On Dec 22, 2009, at 11:58 PM, Christopher Morrow wrote: > On Wed, Dec 23, 2009 at 1:12 AM, Paul Ferguson wrote: >> -BEGIN PGP SIGNED MESSAGE- >> Hash: SHA1 >> >> Folks should not be so obtuse about these activities. It's almost blatantly >> in-your-face, so to speak. These guys have no f

Re: FYI, new USG Cybersecurity Coordinator ...

+BIGINT The real issues are (a) is this billet actually able to originate policy, (b) interpret existing policy, (c) at least find the RNC mail archive, (d) ... Who the hell cares if the billet is filled by a Soviet Mole (tm) if the job is decoration? Eric On 12/23/09 12:42 PM, William Al

Re: FYI, new USG Cybersecurity Coordinator ...

andrew.wallace wrote: "He was born in Lahore, Pakistan in 1959 and moved to Tallahassee, Florida with his parents and younger brother in 1961." --Wikipedia. http://en.wikipedia.org/wiki/Marcus_Sachs Just like many Americans. To me its amazing how deep into U.S Intelligence and The White Hou

Re: FYI, new USG Cybersecurity Coordinator ...

On Wed, Dec 23, 2009 at 7:19 AM, Christopher Morrow wrote: > (again, this seems really off topic, but) > > On Tue, Dec 22, 2009 at 7:33 PM, andrew.wallace > wrote: >> though Gadi is Israeli and Marcus Sachs Pakistani and couldn't be > > marcus is pakistani? > > "He was born in Lahore, Pakistan i

RE: IGMP and PIM protection

> -Original Message- > From: Scott Morris [mailto:s...@emanon.com] > Sent: Wednesday, December 23, 2009 9:27 AM > To: Glen Kent > Cc: nanog@nanog.org > Subject: Re: IGMP and PIM protection > > But IGMP IS the control traffic with users. And PIM IS the control > traffic between multicast r

Re: IGMP and PIM protection

But IGMP IS the control traffic with users. And PIM IS the control traffic between multicast routers. ? Scott Glen Kent wrote: > On Wed, Dec 23, 2009 at 7:46 PM, Dobbins, Roland wrote: > >> On Dec 23, 2009, at 6:41 PM, Glen Kent wrote: >> >> >>> Any idea if folks use AH or ESP to prot

Re: IGMP and PIM protection

So we're looking to complicate things for the same of complicating them? Using a predictable "security" doesn't exactly make things secure does it? On the links that you are running PIM or IGMP on, do you not have a predictable set of clients and therefore problems? Or are we trying to protect

Re: Article on spammers and their infrastructure

Rich Kulawiec wrote: > On Wed, Dec 23, 2009 at 01:58:47AM -0500, Christopher Morrow wrote: >> no real arguement, but... 'please provide some set of workable >> solutions' > > The set of workable solutions at this point looks something like > "null routes, firewall rules, blacklist entries" -- in

Re: IGMP and PIM protection

On Dec 23, 2009, at 9:19 PM, Glen Kent wrote: > Just integrity protection to ensure that my reports, etc. are not mangled > when i recv them. OR to make sure that i only receive reports/leaves from the > folks who are supposed to send them. I echo the previous respondent who noted that this is

Re: IGMP and PIM protection

On Wed, Dec 23, 2009 at 7:46 PM, Dobbins, Roland wrote: > > On Dec 23, 2009, at 6:41 PM, Glen Kent wrote: > >> Any idea if folks use AH or ESP to protect IGMP/PIM packets > > What are you trying to 'protect' them against? Just integrity protection to ensure that my reports, etc. are not mangled w

Re: IGMP and PIM protection

>> > > Would encrypting multicast not fundamentally break the concept of multicast > itself, unless you're encrypting multicast traffic over a backbone? > No, i wasnt alluding to encrypting the multicast traffic. I was thinking of using ESP-NULL (AH is optional) for the IGMP/PIM packets. Affably,

Re: IGMP and PIM protection

On Dec 23, 2009, at 6:41 PM, Glen Kent wrote: > Any idea if folks use AH or ESP to protect IGMP/PIM packets What are you trying to 'protect' them against? --- Roland Dobbins // Injustice is

Re: IGMP and PIM protection

Multicast encryption using GDOI works well, although I haven't seen that implemented on a LAN. If you're trying to provide encryption for LAN listeners (more accurately to exclude some LAN listeners) you'll probably find more bang for the buck in implementing this on a per-application basis. T

Re: IGMP and PIM protection

Glen Kent wrote: Any idea if folks use AH or ESP to protect IGMP/PIM packets? Wondering that if they do, then how would snooping switches work? Would encrypting multicast not fundamentally break the concept of multicast itself, unless you're encrypting multicast traffic over a backbone? P

Re: Article on spammers and their infrastructure

On Wed, Dec 23, 2009 at 01:58:47AM -0500, Christopher Morrow wrote: > no real arguement, but... 'please provide some set of workable solutions' The set of workable solutions at this point looks something like "null routes, firewall rules, blacklist entries" -- in order to deny traffic to and from

IGMP and PIM protection

Hi, Any idea if folks use AH or ESP to protect IGMP/PIM packets? Wondering that if they do, then how would snooping switches work? Affably, Kent

[NANOG] Roport on internet business

Hi All Morgan Stanley has released a very interesting report on internet business with some tips to net operators: http://www.morganstanley.com/institutional/techresearch/mobile_internet_report122009.html Regards Takashi Tome CPqD www.cpqd.com.br

Re: Experiences with Comcast Ethernet/Transit service

I just started looking into them as well. Mind of I has for similar info? (maybe just keep the responses on list?) -Sean On 2009.12.23 01:10:39, Brandon Galbraith wrote: We're looking at using Comcast's (business) transit and private ethernet services at several client locations and I wanted t

Experiences with Comcast Ethernet/Transit service

We're looking at using Comcast's (business) transit and private ethernet services at several client locations and I wanted to see what experiences others have had regarding this. Off-list replies are preferred. Thanks, -brandon -- Brandon Galbraith Mobile: 630.400.6992

RE: IPv6 allocations, deaggregation, etc.

Apologies in advance for the top post. My initial idea was to use a /48, divide it up into /56 nets for each facility with /64 subnets within each facility. We would announce a /48 to our transit providers that I would expect them to announce in turn to their peers and we would also anno