On Wed, Jan 18, 2012 at 8:07 PM, Robert Kisteleki wrote:
> One can also try RIPEstat for this: http://stat.ripe.net/
>
> Amongst other modules it gives full (~10 year) BGP history for prefixes.
Does it also give a similar history for ASN announcements?I see a
lot many shady ASNs that simply m
By the same token, The mobile broadband network is not some also-ran adjunct to
the residential broadband service.
On Jan 18, 2012, at 16:45, "Justin M. Streiner" wrote:
> On Wed, 18 Jan 2012, Joel jaeggli wrote:
>
>> On 1/18/12 15:56 , Justin M. Streiner wrote:
>>> On Wed, 18 Jan 2012, Chris
On Wed, 18 Jan 2012, Anurag Bhatia wrote:
1. No A or record on main worldipv6launch.org
Odd and annoying. So 20th century... :)
Antonio Querubin
e-mail: t...@lavanauts.org
xmpp: antonioqueru...@gmail.com
On Wed, Jan 18, 2012 at 2:10 PM, Anurag Bhatia wrote:
> Call it funny or what - so far I have got 4 replies and in total 10emails
> in one to one discussion.
>
> No one replied in mailing list!
People are often hesitant to discuss dirty laundry in public; not
least because it can sometimes have
On Wed, 18 Jan 2012, Joel jaeggli wrote:
On 1/18/12 15:56 , Justin M. Streiner wrote:
On Wed, 18 Jan 2012, Christopher Morrow wrote:
I wonder when Comcast and Verizon will get into an IPv6 advertising war.
"v6... smhee-6! Ditch that cable modem and switch to Fios!"
LTE has V6 natively and i
On Wed, Jan 18, 2012 at 5:58 AM, Deric Kwok wrote:
> ls it supporting equally multipath in different bgp connections?
Most software routing protocols have support for this in their RIBs,
but the actual forwarding ability of the underlying kernel will
determine the support for this.
What platform
On 1/18/12 15:56 , Justin M. Streiner wrote:
> On Wed, 18 Jan 2012, Christopher Morrow wrote:
>
>> My question is when is FiOS going to get v6 natively? could we get the
>> engineers there to actually do something as opposed to trials of
>> non-production systems that'll never actually get deploye
On Wed, 18 Jan 2012, Christopher Morrow wrote:
My question is when is FiOS going to get v6 natively? could we get the
engineers there to actually do something as opposed to trials of
non-production systems that'll never actually get deployed? :)
I wonder when Comcast and Verizon will get into
On Wed, 18 Jan 2012, Deric Kwok wrote:
Could you tell me more about "routing registries"?
I would like to learn it
In a nutshell, Internet Routing Registries (IRRs) are places where
networks can store information that describes their routing policies.
Other networks can query this informatio
> One can also try RIPEstat for this: http://stat.ripe.net/
wfm
> (Disclaimer: our team is working on this tool.)
and you used your work email address. thank you.
randy
On Jan 18, 2012, at 5:58 AM, Deric Kwok wrote:
> Could you tell me more about "routing registries"?
> I would like to learn it
google it, and RADB for example.
> 2nd questions? Are you familiar to quagga?
> ls it supporting equally multipath in different bgp connections?
Yes, absolutely.
--
J
Call it funny or what - so far I have got 4 replies and in total 10emails
in one to one discussion.
No one replied in mailing list!
On Thu, Jan 19, 2012 at 1:06 AM, Anurag Bhatia wrote:
> Hello everyone!
>
> Was wondering is there's anyone from Tata Communications (VSNL/TeleGlobe)
> or NTT Comm
Hello everyone!
Was wondering is there's anyone from Tata Communications (VSNL/TeleGlobe)
or NTT Communications? I can see Tata Comm's AS6453 is not exchanging
traffic with NTT AS2914 in Japan. Is there's any specific reason for that?
I can see traffic exchange is being done at London, New York, S
-Original Message-
From: Christopher Morrow [mailto:morrowc.li...@gmail.com]
Sent: Wednesday, January 18, 2012 11:43 AM
To: Steven Bellovin
Cc: nanog@nanog.org
Subject: Re: DNS Attacks
yup... I think roland and nick (he can correct me, roland I KNOW is saying
this) are basically saying
Nice link. Thanks Joshua.
-Hammer-
"I was a normal American nerd"
-Jack Herer
On 1/18/2012 11:57 AM, joshua sahala wrote:
vpc has a long list of unclear and/or seemingly contradictory caveats
(spread across multiple cisco docs/webpages). when it doesn't work
(as expected), it can be challen
Found them all on the same page. Not exactly what I was looking for but
it's worth sharing.
http://www.cisco.com/en/US/products/ps9670/products_implementation_design_guides_list.html
-Hammer-
"I was a normal American nerd"
-Jack Herer
On 1/14/2012 7:10 PM, Charles Spurgeon wrote:
On Fri, J
Jay Ashworth writes:
> - Original Message -
>> From: "Jared Mauch"
>
>> network side. I'm personally not convinced of the value of very short
>> lease times (less than an hour)
>
> Less than an hour, perhaps not.
>
> On small residential networks, though -- generally, anything where th
vpc has a long list of unclear and/or seemingly contradictory caveats
(spread across multiple cisco docs/webpages). when it doesn't work
(as expected), it can be challenging to find someone with tac who can
actually tell you why (or how to fix it properly). if your needs are
fairly basic, are all
On Wed, Jan 18, 2012 at 12:30 PM, Anurag Bhatia wrote:
> Hi Fred
>
> You can access on www.worldipv6launch.org but not
> http://worldipv6launch.org (without
> www)
>
>
not everyone puts their web content on their domain? nothing to see
here, please drive through...
On Wed, Jan 18, 2012 at 12:04 PM, Owen DeLong wrote:
>>
>> My question is when is FiOS going to get v6 natively? could we get the
>> engineers there to actually do something as opposed to trials of
>> non-production systems that'll never actually get deployed? :)
>>
>
> My understanding is that s
Hi Fred
You can access on www.worldipv6launch.org but not
http://worldipv6launch.org (without
www)
It's available on IPv6 on www since Akami node has and seems fine.
anurag@laptop:~$ dig www.worldipv6launch.org +short
www.worldipv6launch.org.edgesuite.net.
a1448.dscb.akamai.net.
2600:1
On Jan 18, 2012, at 9:03 AM, Shumon Huque wrote:
> But, checking www.worldipv6launch.org just now shows that it
> have IPv6 records now:
I just successfully accessed it using IPv6. The service is real, not just the
DNS record. The address I accessed it at was 2600:809:600::3f50:411.
On Jan 18, 2012 8:43 AM, "Christopher Morrow"
wrote:
>
> On Wed, Jan 18, 2012 at 11:34 AM, Steven Bellovin
wrote:
> >
> > On Jan 18, 2012, at 10:41 30AM, Christopher Morrow wrote:
> >
> >> On Wed, Jan 18, 2012 at 10:05 AM, Nick Hilliard
wrote:
> >>> On 18/01/2012 14:18, Leigh Porter wrote:
> >>>
Btw did someone noticed DNS setup of project site is really crazy!
anurag@laptop:~$ ping worldipv6launch.org
ping: unknown host worldipv6launch.org
anurag@laptop:~$ dig worldipv6launch.org ns +short
ns5.he.net.
ns4.he.net.
ns2.he.net.
ns3.he.net.
anurag@laptop:~$ dig worldipv6launch.org soa +short
On Jan 18, 2012, at 8:46 AM, Christopher Morrow wrote:
> On Tue, Jan 17, 2012 at 11:38 PM, Shumon Huque wrote:
>> On Tue, Jan 17, 2012 at 08:17:40PM -0800, Owen DeLong wrote:
>>> Another very sad thing about it:
>>>
>>> delong-dhcp202:owen (9) ~ % host www.worldipv6launch.org
On Wed, Jan 18, 2012 at 11:46:24AM -0500, Christopher Morrow wrote:
> On Tue, Jan 17, 2012 at 11:38 PM, Shumon Huque wrote:
> >
> > I heard that it initially had records. After the site
> > couldn't keep up with the initial load, it was migrated to
> > Akamai's CDN (the DNS records you see no
Like many others on here, I utilize rancid's set of scripts to handle
all the different platform's quirks for access. I then wrap that
inside a perl script that can do things in parallel. I'm no developer
by any stretch of the imagination but I can poke around in perl badly
enough to write some t
On Tue, Jan 17, 2012 at 11:38 PM, Shumon Huque wrote:
> On Tue, Jan 17, 2012 at 08:17:40PM -0800, Owen DeLong wrote:
>> Another very sad thing about it:
>>
>> delong-dhcp202:owen (9) ~ % host www.worldipv6launch.org
>> 2012/01/16 21:24:21
>> www.worldipv6launch.org is an alias f
On Wed, Jan 18, 2012 at 11:34 AM, Steven Bellovin wrote:
>
> On Jan 18, 2012, at 10:41 30AM, Christopher Morrow wrote:
>
>> On Wed, Jan 18, 2012 at 10:05 AM, Nick Hilliard wrote:
>>> On 18/01/2012 14:18, Leigh Porter wrote:
Yeah like I say, it wasn't my idea to put DNS behind firewalls. As l
On Jan 18, 2012, at 10:41 30AM, Christopher Morrow wrote:
> On Wed, Jan 18, 2012 at 10:05 AM, Nick Hilliard wrote:
>> On 18/01/2012 14:18, Leigh Porter wrote:
>>> Yeah like I say, it wasn't my idea to put DNS behind firewalls. As long
>>> as it is not *my* firewalls I really don't care what they
On Wed, Jan 18, 2012 at 10:05 AM, Nick Hilliard wrote:
> On 18/01/2012 14:18, Leigh Porter wrote:
>> Yeah like I say, it wasn't my idea to put DNS behind firewalls. As long
>> as it is not *my* firewalls I really don't care what they do ;-)
>
> As you're posting here, it looks like it's become you
On 18/01/2012 14:18, Leigh Porter wrote:
> Yeah like I say, it wasn't my idea to put DNS behind firewalls. As long
> as it is not *my* firewalls I really don't care what they do ;-)
As you're posting here, it looks like it's become your problem. :-D
Seriously, though, there is no value to maintai
On 2012.01.18. 15:22, Arturo Servin wrote:
>
> For example for any given prefix to get which ASNs have originated that
> prefix over time and when.
>
> I think that could be interesting for discovering if a prefix has been
> hijacked in the past.
>
> RIS from RIPE NCC provid
For example for any given prefix to get which ASNs have originated that
prefix over time and when.
I think that could be interesting for discovering if a prefix has been
hijacked in the past.
RIS from RIPE NCC provides something like this:
http://www.ripe.net/data-tool
Yeah like I say, it wasn't my idea to put DNS behind firewalls. As long as it
is not *my* firewalls I really don't care what they do ;-)
--
Leigh Porter
> -Original Message-
> From: Dennis [mailto:den...@justipit.com]
> Sent: 18 January 2012 12:55
> To: Leigh Porter; toor
> Cc: nanog@
We ran into a 25Gbps SNMP 'reply/amplification attack' from a cable modem
network about a month ago.
Hopefully the particular network has fixed that issue now, but it was a banner
day to be sure.
Thanks,
-Drew
-Original Message-
From: virendra rode [mailto:virendra.r...@gmail.com]
Se
Hi Justin
Thank you
Could you tell me more about "routing registries"?
I would like to learn it
2nd questions? Are you familiar to quagga?
ls it supporting equally multipath in different bgp connections?
Thank you so much
On Tue, Jan 10, 2012 at 7:58 PM, Justin M. Streiner
wrote:
> On Tue,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi -
We've been victims of these attacks many a times and more recently
towards our customer dns servers which was rated at ~ 4gbps for a
duration of 30mins.
Tracking the source of an attack is simplified when the source is more
likely to be "valid
I agree with Roland on the firewall placement. I add that the attack would
have likely succeeded to exhaust the servers. There is alot of recent ddos
activity on DNS with what looks like legitimate queries. You should also look
at some DOS/ application level protections; Radware and Arbor to
On 1/17/12 23:45 , Leigh Porter wrote:
>
>
> On 18 Jan 2012, at 05:06, "toor" wrote:
>
>> Hi list,
>>
>> I am wondering if anyone else has seen a large amount of DNS
>> queries coming from various IP ranges in China. I have been trying
>> to find a pattern in the attacks but so far I have come
On Jan 18, 2012, at 2:45 AM, Leigh Porter wrote:
> The firewall is significant because the attacks killed the firewall as it is
> rather under specified (not my idea..).
DNS servers (nor any other kind of server, for that matter) should never be
placed behind stateful firewalls - the largest
41 matches
Mail list logo
