On Fri, Sep 30, 2011 at 2:44 PM, Ukpong Ukpong wrote:
> Have you tried qradar? It's rather good
I've used Splunk and QRadar; both are available as free VMware
appliances with limitations on log volume, sufficient for testing. Or
if you're mostly looking at webserver/proxy/firewall logs, Sawmil
Hi,
If anyone from Time Warner Cable / Roadrunner is monitoring, there's been a
high latency issue on your network in NYC both yesterday (for at least 10
hours) and again this evening to most/all of the internet. Please contact me
off-list if you need more information. Thanks.
Sample pings/traces
On 09/30/2011 08:56 AM, Blake T. Pfankuch wrote:
> The easy way around the unhappy significant other/minion shaped offspring
> solution is to put all of the "end user" devices On a separate VLAN, and then
> treat that as an open DMZ. Then everything operational (ironic in a home) on
> your secu
> On Fri, Sep 30, 2011 at 02:54:38PM -0700, steve pirk [egrep] wrote:
> I seem to recollect back the 1999 or 2000 times that I was unable to
> register a domain name that was 24 characters long...
I remember tales from when there was an eight character limit. But that was
back when you didn't h
On Fri, Sep 30, 2011 at 9:44 PM, Christopher Morrow
wrote:
> On Fri, Sep 30, 2011 at 9:32 PM, Dobbins, Roland wrote:
>> On Sep 30, 2011, at 11:44 PM, Christopher Morrow wrote:
>>
>>> this is exactly why punting anything NOT management and/or
>>> routing-protocols should be banned. Thanks for mak
On Fri, Sep 30, 2011 at 9:32 PM, Dobbins, Roland wrote:
> On Sep 30, 2011, at 11:44 PM, Christopher Morrow wrote:
>
>> this is exactly why punting anything NOT management and/or routing-protocols
>> should be banned. Thanks for making that point explicitly.
>
> And this is the requirement which s
On Sep 30, 2011, at 11:44 PM, Christopher Morrow wrote:
> this is exactly why punting anything NOT management and/or routing-protocols
> should be banned. Thanks for making that point explicitly.
And this is the requirement which should be placed in RFPs, along with other
specific requirements
On Sep 30, 2011, at 9:45 PM, Christopher Morrow wrote:
> enough is enough please stop doing this.
Yes, but keep in mind that this particular issue has to do with an ASIC which
is several years old and which contains other significant handicaps as well
(viz. NetFlow caveats, no per-interface uRP
All,
If you've ever thought about helping to give back to the community and you regularly attend NANOG
conferences, please consider running for the NANOG Program Committee. Committee nominations close on
10/11/2011, and we need your help!
The seventeen-member NANOG Program Committee solicits
On 9/30/11 15:58 , Seth Mattinen wrote:
> On 9/30/11 3:41 PM, Michael Painter wrote:
>> Steven G. Huter wrote:
>>> this August 2011 article in the Economist outlines some relevant info
>>> about the prineville, oregon FB datacenter.
>>>
>>> http://www.economist.com/node/21525237
>>>
>>> steve
>>
>>
It was a relative comparison, and it's off the shelf network gear.
-Callahan
On Fri, Sep 30, 2011 at 3:58 PM, Seth Mattinen wrote:
> On 9/30/11 3:41 PM, Michael Painter wrote:
>> Steven G. Huter wrote:
>>> this August 2011 article in the Economist outlines some relevant info
>>> about the prinev
On 9/30/11 3:41 PM, Michael Painter wrote:
> Steven G. Huter wrote:
>> this August 2011 article in the Economist outlines some relevant info
>> about the prineville, oregon FB datacenter.
>>
>> http://www.economist.com/node/21525237
>>
>> steve
>
> Informative article..."It's the climate, stupid".
On 9/30/11 15:19 , Steven G. Huter wrote:
>>> I can't tell you the kind of servers, but I can say that I was
>>> recently in Prineville, OR, where FB is building a data center (and a
>>> second data center). I was used to the ol data centers - you know,
>>> where there's raised floors, cabinets, co
Steven G. Huter wrote:
this August 2011 article in the Economist outlines some relevant info
about the prineville, oregon FB datacenter.
http://www.economist.com/node/21525237
steve
Informative article..."It's the climate, stupid".
Got a laugh out of:
"The server racks are nearly silent, and
Good question, we do not use manageengine for NMS and I have no desire to use
them either.
I tried their NMS platform last year and it was "ok", the interface just seemed
a little clunky
Setting up ManageEngine syslog was a breeze and now we get alerts based on what
kind of messages
we wan
Found a decent starting reference. It was a Network solutions limit... I
*knew* it! LOL
http://www.123-domain-register.com/longdomainnames.htm
The domain in question was inspectorgadgetthemovie.com 27 characters long
including the .tld. I was off by one, the limit was 22 characters for the A
recor
I can't tell you the kind of servers, but I can say that I was
recently in Prineville, OR, where FB is building a data center (and a
second data center). I was used to the ol data centers - you know,
where there's raised floors, cabinets, cool air, a guard and a few
guys around with some screens?
On 9/30/11 14:59 , Jones, Barry wrote:
> I can't tell you the kind of servers, but I can say that I was
> recently in Prineville, OR, where FB is building a data center (and a
> second data center). I was used to the ol data centers - you know,
> where there's raised floors, cabinets, cool air, a g
On Fri, Sep 30, 2011 at 02:54:38PM -0700, steve pirk [egrep] wrote:
> I seem to recollect back the 1999 or 2000 times that I was unable to
> register a domain name that was 24 characters long. Shortly after that, I
> heard that the character limit had been increased to like 128 characters,
> and we
This report has been generated at Fri Sep 30 21:12:35 2011 AEST.
The report analyses the BGP Routing Table of AS2.0 router
and generates a report on aggregation potential within the table.
Check http://www.cidr-report.org for a current version of this report.
Recent Table History
Date
BGP Update Report
Interval: 22-Sep-11 -to- 29-Sep-11 (7 days)
Observation Point: BGP Peering with AS131072
TOP 20 Unstable Origin AS
Rank ASNUpds % Upds/PfxAS-Name
1 - AS982944536 2.8% 61.9 -- BSNL-NIB National Internet
Backbone
2 - AS58003
I can't tell you the kind of servers, but I can say that I was recently in
Prineville, OR, where FB is building a data center (and a second data center).
I was used to the ol data centers - you know, where there's raised floors,
cabinets, cool air, a guard and a few guys around with some screens
I seem to recollect back the 1999 or 2000 times that I was unable to
register a domain name that was 24 characters long. Shortly after that, I
heard that the character limit had been increased to like 128 characters,
and we were able to register the name.
Can anyone offer some input, or is this a
On Fri, Sep 30, 2011 at 05:35:52PM -0400, valdis.kletni...@vt.edu wrote:
> On Fri, 30 Sep 2011 04:14:39 -, bmann...@vacation.karoshi.com said:
>
> > > Tell me how that flys with the customers in your household...
> >
> > They are freeloaders, not customers. If they -PAID-
> > for serv
On Fri, 30 Sep 2011 04:14:39 -, bmann...@vacation.karoshi.com said:
> > Tell me how that flys with the customers in your household...
>
> They are freeloaders, not customers. If they -PAID-
> for service, then it would be a different conversation.
Time to cue up "Move it on over"
On 09/30/2011 02:53 PM, bmann...@vacation.karoshi.com wrote:
> http://gcn.com/articles/2011/09/26/fcc-net-neutrality-rules-nov-20.aspx
>
> wondering who is going to publically announce any changes prior to the 20nov
> date.
>
> Or is this a non-issue for the Internet as we know it?
>
> /bill
>
On Fri, Sep 30, 2011 at 03:13:50PM -0500, Robert Bonomi wrote:
>
> > Date: Fri, 30 Sep 2011 19:53:46 +
> > From: bmann...@vacation.karoshi.com
> > To: nanog@nanog.org
> > Subject: FCC - with Klezmer backup
> >
> >
> > http://gcn.com/articles/2011/09/26/fcc-net-neutrality-rules-nov-20.aspx
> >
There's also DPS Telecom (http://www.dpstele.com).
Frank
-Original Message-
From: eric clark [mailto:cabe...@gmail.com]
Sent: Tuesday, September 27, 2011 9:06 AM
To: NANOG list
Subject: Environmental monitoring options
I'd like to ask the list what products people are using to monitor t
> Date: Fri, 30 Sep 2011 19:53:46 +
> From: bmann...@vacation.karoshi.com
> To: nanog@nanog.org
> Subject: FCC - with Klezmer backup
>
>
> http://gcn.com/articles/2011/09/26/fcc-net-neutrality-rules-nov-20.aspx
>
> wondering who is going to publically announce any changes prior to the
> 20nov
It's updates, I've got a 1511+ here and at the office. It phones home to
check for updates. I noticed this the day I got it. Blocked the dst IP and
that was the only thing that "broke".
Nick Olsen
Network Operations
(855) FLSPEED x106
From: "Pierre-Y
http://gcn.com/articles/2011/09/26/fcc-net-neutrality-rules-nov-20.aspx
wondering who is going to publically announce any changes prior to the 20nov
date.
Or is this a non-issue for the Internet as we know it?
/bill
This is an automated weekly mailing describing the state of the Internet
Routing Table as seen from APNIC's router in Japan.
The posting is sent to APOPS, NANOG, AfNOG, AusNOG, SANOG, PacNOG, LacNOG,
CaribNOG and the RIPE Routing Working Group.
Daily listings are sent to bgp-st...@lists.apnic.net
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 09/30/2011 09:50 AM, harbor235 wrote:
> Soalrwinds, splunk, fwanalog, and others come to mind, any other
good ones
> out there?
We've made some great strides in OpenNMS in the area of syslog event
processing. The upcoming 1.10 release will be muc
Have you tried qradar? It's rather good
On 30 Sep 2011, at 19:21, Jason Lixfeld wrote:
> On 2011-09-30, at 2:13 PM, Brandon Kim wrote:
>
>> I've been happy with my basic ManageEngine's syslog, but I may be looking at
>> Solarwinds too...
>
> I've just installed the Splunk eval myself, but I'm
I'm obviously biased as I'm the Head Geek here at SolarWinds but if you need
any help or guidance with our products feel free to ping me off list.
Josh
-Original Message-
From: Brandon Kim [mailto:brandon@brandontek.com]
Sent: Friday, September 30, 2011 1:14 PM
To: mlof...@wgops.com
On 09/30/2011 06:13, Jay Ashworth wrote:
> "not everyone's a geek"
Right!
Doug (wait, what?!?)
--
Nothin' ever doesn't change, but nothin' changes much.
-- OK Go
Breadth of IT experience, and depth of knowledge in the DNS.
Yours for the right p
On 2011-09-30, at 2:13 PM, Brandon Kim wrote:
> I've been happy with my basic ManageEngine's syslog, but I may be looking at
> Solarwinds too...
I've just installed the Splunk eval myself, but I'm curious about your
ManageEngine experiences. I don't have any interest in using ManageEngine as
Thank you! That's a bummer about the way they license their product.
All it takes is another "splunk" company to come out with something just as
competitive
I've been happy with my basic ManageEngine's syslog, but I may be looking at
Solarwinds too...
> Date: Fri, 30 Sep 2011 11:36:58 -
On Fri, Sep 30, 2011 at 11:21 AM, Brandon Kim
wrote:
>
> Is it really that expensive, and WORTH the expense?
IMO, from price quotes I've gotten in the past, it's astronomically
expensive. As for worth it...depends. If you're dealing with events
for say payment processing systems, it might be.
Use Splunk here.
Cheers,
RR
On Fri, Sep 30, 2011 at 9:50 AM, harbor235 wrote:
> What is everyone using to collect, alert, and analyze syslog data?
> I am looking for something that can generate reports as well as support
> multiple vendors. We have done some home grown stuff in the past but
> w
Is it really that expensive, and WORTH the expense?
> Date: Fri, 30 Sep 2011 10:37:22 -0600
> Subject: Re: events
> From: pfu...@gmail.com
> To: harbor...@gmail.com
> CC: nanog@nanog.org
>
> We use splunk works ok except with the amount of text data you can
> process with it (depends on licen
On Fri, Sep 30, 2011 at 12:38 PM, Nick Hilliard wrote:
> On 30/09/2011 17:30, Christopher Morrow wrote:
>> traceroute is really an example of 'packet expired, send
>> unreachable'... that, today is basically:
>> o grab 64bytes of header (or something similar)
>> o shove that in a payload
>>
On 30/09/2011 17:30, Christopher Morrow wrote:
> traceroute is really an example of 'packet expired, send
> unreachable'... that, today is basically:
> o grab 64bytes of header (or something similar)
> o shove that in a payload
> o use the src as the dst
> o stick my src on
> o set icmp
>
We use splunk works ok except with the amount of text data you can
process with it (depends on license).
-B
On Fri, Sep 30, 2011 at 7:50 AM, harbor235 wrote:
> What is everyone using to collect, alert, and analyze syslog data?
> I am looking for something that can generate reports as well as sup
On Fri, Sep 30, 2011 at 12:00 PM, Nick Hilliard wrote:
> Of course, if you wanted a 10g capable service provider router and didn't
> want an asr9k, they were pushing the 7600 because the 6500 is a switch and
> the 7600 is a router and the two are totally different, no really you've
> gotta believe
On Fri, Sep 30, 2011 at 11:24 AM, Nick Hilliard wrote:
> On 30/09/2011 15:45, Christopher Morrow wrote:
>> traceroute could certainly be handled in the fastpath.
>
> which traceroute? icmp? udp? tcp? Traceroute is not a single protocol.
>
traceroute is really an example of 'packet expired, se
On 30/09/2011 16:38, Mohacsi Janos wrote:
> They are pushing sup2T - however more for enterprise ip layer (6500 series).
they are now, yes. But until the sup2t started becoming available a couple
of weeks ago the only option for the 6500 was a sup720. You're right that
this was only pushed on th
Path MTU discovery would also break... oh wait, that's usually broken anyway.
-Vinny
-Original Message-
From: Saku Ytti [mailto:s...@ytti.fi]
Sent: Friday, September 30, 2011 10:27 AM
To: nanog@nanog.org
Subject: Re: Cisco 7600 PFC3B(XL) and IPv6 packets with fragmentation header
On (20
On Fri, 30 Sep 2011, Nick Hilliard wrote:
On 30/09/2011 15:45, Christopher Morrow wrote:
traceroute could certainly be handled in the fastpath.
which traceroute? icmp? udp? tcp? Traceroute is not a single protocol.
what is that limit? from a single port? from a single linecard? from
On 30/09/2011 15:45, Christopher Morrow wrote:
> traceroute could certainly be handled in the fastpath.
which traceroute? icmp? udp? tcp? Traceroute is not a single protocol.
> what is that limit? from a single port? from a single linecard? from a
> chassis? how about we remove complexity her
On (2011-09-30 10:45 -0400), Christopher Morrow wrote:
> after this long, yes... this is just dumb, there's no reason that the
> default should be punt. There are cases (you've brought up a few)
> where it's required today because of design limitations, there really
> shouldn't be cases like this
On Fri, Sep 30, 2011 at 10:26 AM, Saku Ytti wrote:
> explained. And probably issues I'm not aware of. Unsure if blind forwarding is
> best option. But I'm all for giving operator options, but calling it stupid
> that vendors punt something is misguided.
after this long, yes... this is just dumb,
In a message written on Fri, Sep 30, 2011 at 01:56:42PM +, Blake T.
Pfankuch wrote:
> Personally I run 8 separate networks (some with multiple routed subnets).
> Wireless data, management network, voice networks, game consoles, storage,
> internal servers, DMZ servers and Project network.
On (2011-09-30 10:09 -0400), Christopher Morrow wrote:
> a switch to be used that stops processing this sort of thing, in an
> internet core (and honestly most enterprise core) routers, all I want
> is packet-in/packet-out. there's no need for anything else, stop
> trying to send line-rate packets
On Fri, Sep 30, 2011 at 6:02 AM, Saku Ytti wrote:
> On (2011-09-30 01:55 -0400), Christopher Morrow wrote:
>
>> when will vendors learn that punting to the RE/RP/smarts for packets
>> in the fastpath is ... not just 'unwise' but wholesale stupid? :(
>
> What to do with IP options or IPv6 hop-by-ho
I've been testing ManageEngines Syslog application. It works pretty good so
far, I haven't really hammered
it with a lot of devices.
Splunk is suppose to be king of the hill I hear, but so is their pricing.
> Date: Fri, 30 Sep 2011 09:50:29 -0400
> Subject: events
> From: harbor...@gma
The easy way around the unhappy significant other/minion shaped offspring
solution is to put all of the "end user" devices On a separate VLAN, and then
treat that as an open DMZ. Then everything operational (ironic in a home) on
your secured production network (restrict all outbound/inbound exc
It's a bit old but still works well. Russel Fulton and I worked on this
when I was down in NZ.
You still need to run syslog-ng but this allows you to ignore, warn,
alert on logs via regex.
http://www.ip-solutions.net/syslog-ng/
Cheers,
Harry
On 09/30/2011 09:50 AM, harbor235 wrote:
Wha
What is everyone using to collect, alert, and analyze syslog data?
I am looking for something that can generate reports as well as support
multiple vendors. We have done some home grown stuff in the past but
would be interested in something that incorprates all the best features.
Soalrwinds, splu
- Original Message -
> From: bmann...@vacation.karoshi.com
> > Tell me how that flys with the customers in your household...
>
> They are freeloaders, not customers. If they -PAID-
> for service, then it would be a different conversation.
I'm pretty sure that was a "wife approval factor"
Actually, the reason for what happened in your example is that Cee Lo's
page has what is **technically** an app (called I Want You, as seen in
the sidebar under his profile photo) set as the default screen for when
you view his page. The app (that does admittedly looks like it could be
an offic
2011/9/29 Jones, Barry
> Hey all.
> A little off topic, but wanted to share... I purchased a home storage
> Synology DS1511+. After configuring it on the home net, I did some captures
> to look at the protocols, and noticed that the DS1511+ is making outgoing
> connections to 59.124.41.242 (www)
is
> wrong. Has anyone experienced this issue, or has any helpful contact
> information to Google? I have checked
> http://www.google.com/support/a/bin/static.py?page=contacting_support.h
> t
> ml and called these numbers, but they were not able to help me.
>
> Regards,
>
ecked
http://www.google.com/support/a/bin/static.py?page=contacting_support.ht
ml and called these numbers, but they were not able to help me.
Regards,
Jörgen Nilsson
__ Information from ESET NOD32 Antivirus, version of virus signature
database 6505 (20110930) __
The message was check
On Fri, Sep 30, 2011 at 12:19 PM, foks wrote:
>
> Hello,
>
> Since Sep 7 Google has bounced a specific type of our mails with this
> message:
>
> host aspmx.l.google.com[74.125.43.27] said: 552-5.7.0 Our system
> detected an illegal attachment on your message. Please 552-5.7.0 visit
> http://mail.
Hello,
Since Sep 7 Google has bounced a specific type of our mails with this
message:
host aspmx.l.google.com[74.125.43.27] said: 552-5.7.0 Our system
detected an illegal attachment on your message. Please 552-5.7.0 visit
http://mail.google.com/support/bin/answer.py?answer=6590 to 552 5.7.0
revie
On (2011-09-30 01:55 -0400), Christopher Morrow wrote:
> when will vendors learn that punting to the RE/RP/smarts for packets
> in the fastpath is ... not just 'unwise' but wholesale stupid? :(
What to do with IP options or IPv6 hop-by-hop options? What to do with IPv6
packets which contain opti
In accord with the recent thread, "facebook spying on us?"
We should also worry about other spying on us. Without
some sort of rudimentary security, all that personally
identifiable information is exposed on our ISP networks,
over WiFi, etc.
Facebook claims to be able to run over TLS connection
68 matches
Mail list logo
