On Wed, Aug 7, 2013 at 2:31 PM, Phil Fagan wrote:
> BGP Noob question here; but wouldn't Time Warner not recieve a prefix if it
> wasn't reachable? Is this an artifact?
>
In a perfect world, people wouldn't advertise
prefixes unless they knew they had reachability
for those prefixes.
Unfortuna
On 8/7/2013 2:58 PM, valdis.kletni...@vt.edu wrote:
On Wed, 07 Aug 2013 03:07:04 -0700, Paul Ferguson said:
Having said that, there are quite a few documented cases of it being
done intentionally, and for nefarious purposes.
Do I need ECC on my brain to stop the bitrot, or was there a kerfluf
In message
, Paul Ferguson writes:
> On Wed, Aug 7, 2013 at 1:58 AM, Saku Ytti wrote:
>
> > On (2013-08-07 11:20 +0300), Martin T wrote:
> >
> >> on Internet? Has there been such situations in history? Isn't there a
> >> method against such hijacking? Or have I misunderstood something and
> >>
In message , Marsh Ray writes:
> > From: Christopher Morrow
> > Sent: Wednesday, August 7, 2013 2:06 PM
> >
> > On Wed, Aug 7, 2013 at 4:59 PM, Marsh Ray wrote:
> > >
> > > It would be incredibly useful for someone to start a page or a
> > > category on
> > > Wikipedia "List of Internet Routing a
On Wed, 7 Aug 2013, Natambu Obleton wrote:
I have customer that we deployed Northstar for their internal ip
management over 8 yrs ago. They are still using it, but it is slowly
breaking on them. Can someone recommend an IPAM solution that has a
Northstar import option? They have hundreds of en
> It appears AS3549 is announcing 10.0.0.0/8. I noticed it from an
> AS3549 customer.
>
>>From GBLX looking glass, ATL1
>
> traceroute
> Protocol [ip]: ip
> Target IP address: 10.0.0.1
> Source address:
> Numeric display [n]: n
> Timeout in seconds [3]: 1
> Probe count [3]: 2
> Minimum Time to Li
Regards
Alexander
Alexander Neilson
Neilson Productions Limited
alexan...@neilson.net.nz
021 329 681
022 456 2326
On 8/08/2013, at 9:47 AM, Marsh Ray wrote:
>> From: Christopher Morrow
>> Sent: Wednesday, August 7, 2013 2:06 PM
>>
>> On Wed, Aug 7, 2013 at 4:59 PM, Marsh Ray wrote:
>>>
>>>
> From: Christopher Morrow
> Sent: Wednesday, August 7, 2013 2:06 PM
>
> On Wed, Aug 7, 2013 at 4:59 PM, Marsh Ray wrote:
> >
> > It would be incredibly useful for someone to start a page or a category on
> Wikipedia "List of Internet Routing and DNS Incidents" that would include
> both "accident
BGP Noob question here; but wouldn't Time Warner not recieve a prefix if it
wasn't reachable? Is this an artifact?
On Mon, Aug 5, 2013 at 11:32 AM, Chad Reid wrote:
> Thanks for the assistance everyone. This issue was resolved by shutting
> down a BGP peering session between Time Warner and Com
On Wed, Aug 7, 2013 at 4:59 PM, Marsh Ray wrote:
>
> It would be incredibly useful for someone to start a page or a category on
> Wikipedia "List of Internet Routing and DNS Incidents" that would include
> both "accidental" and malicious events.
>
do we really need that? they seem to occur ofte
> From: Paul Ferguson
> Sent: Wednesday, August 7, 2013 3:07 AM
> Subject: Re: questions regarding prefix hijacking
>
> Historically, most prefix hijacks have been accidental, generally due to
> configuration error -- for instance...
>
> Having said that, there are quite a few documented cases o
On Wed, 07 Aug 2013 03:07:04 -0700, Paul Ferguson said:
> Having said that, there are quite a few documented cases of it being
> done intentionally, and for nefarious purposes.
Do I need ECC on my brain to stop the bitrot, or was there a kerfluffle a
long ways back when somebody announced 127/8,
I have customer that we deployed Northstar for their internal ip management
over 8 yrs ago. They are still using it, but it is slowly breaking on them. Can
someone recommend an IPAM solution that has a Northstar import option? They
have hundreds of entries detailing customer who was assigned the
One big happening I can recall was the AS7007 incident way back in 1997.
http://en.wikipedia.org/wiki/AS_7007_incident
Cheers.
On Wed, Aug 7, 2013 at 7:23 PM, Ahad Aboss wrote:
> It has happened in the past and there is no silver bullet solution to
> prevent this 100%.
>
>
> -Original Me
I agree it's not a lot of bandwidth, but I was grasping at straws at that point
finding out about the cross country VoIP arrangement after the fact. For
whatever reason, the 711 calls were full of voice clipping and call drops, 729,
(with to your point, the lower MOS) worked better as despite no
agreed this isn't the case based on what I've seen based on my latest
former employer(s). Comcast is playing by the (generally agreed upon)
rules. what I have been seeing is a lot of other route optimizations
changing as other providers consolidate routing among latest acquisitions.
And of course,
Andy, I posted in this list earlier in the week regarding Comcast and an issue
my company was experiencing. I also posted at www.reddit.com/r/networking. I
had numerous support staff from Comcast contact me over on Reddit. I would
recommend posting there too.
Message: 4
Date: Tue, 6 Aug 2013 1
>I have found Comcast rate shapes or resets long running encrypted
>sessions such as https. At $DAYJOB I had to set our SSL VPN system to
>re-key via new-tunnels every 5 minutes to keep it under their threshold
>of what looks like seven minutes for a tcp session. After that the
>sessions appear
It has happened in the past and there is no silver bullet solution to
prevent this 100%.
-Original Message-
From: Martin T [mailto:m4rtn...@gmail.com]
Sent: Wednesday, 7 August 2013 7:13 PM
To: Paul Ferguson
Cc: nanog@nanog.org
Subject: Re: questions regarding prefix hijacking
Ok. And su
On Wed, Aug 7, 2013 at 2:13 AM, Martin T wrote:
> Ok. And such attacks have happened in the past? For example one could
> do a pretty widespread damage for at least short period of time if it
> announces for example some of the root DNS server prefixes(as long
> prefixes as possible) to it's upst
On 8/7/13 11:13 AM, Martin T wrote:
> Ok. And such attacks have happened in the past? For example one could
> do a pretty widespread damage for at least short period of time if it
> announces for example some of the root DNS server prefixes(as long
> prefixes as possible) to it's upstream provider
Ok. And such attacks have happened in the past? For example one could
do a pretty widespread damage for at least short period of time if it
announces for example some of the root DNS server prefixes(as long
prefixes as possible) to it's upstream provider and as upstream
provider probably prefers cl
On Wed, Aug 7, 2013 at 1:58 AM, Saku Ytti wrote:
> On (2013-08-07 11:20 +0300), Martin T wrote:
>
>> on Internet? Has there been such situations in history? Isn't there a
>> method against such hijacking? Or have I misunderstood something and
>> this isn't possible?
>
> Certainly practical scenar
On (2013-08-07 11:20 +0300), Martin T wrote:
> on Internet? Has there been such situations in history? Isn't there a
> method against such hijacking? Or have I misunderstood something and
> this isn't possible?
Certainly practical scenario, but in many cases not needed at all. In most
cases upstr
Unfortunately, it is way too easy for people to inject routes into the
global routing system.
I think most of the folks on the list can attest to that. :-)
- ferg
On Wed, Aug 7, 2013 at 1:20 AM, Martin T wrote:
> Hi,
>
> as probably many of you know, it's possible to create a "route" object
>
Hi,
as probably many of you know, it's possible to create a "route" object
to RIPE database for an address space which is allocated outside the
RIPE region using the RIPE-NCC-RPSL-MNT maintainer object. For example
an address space is from APNIC or ARIN region and AS is from RIPE
region. For examp
26 matches
Mail list logo
