Re: Issue with point to point VPNs behind NAT and asymmetric traffic

On 6/12/19 3:44 PM, Anurag Bhatia wrote: Hello everyone, Hi, I am running two site to site VPNs (wireguard now, OpenVPN earlier) between my home and a remote server over two different WAN links. Both WAN links are just consumer connections - one with public IP and one with CGNATed IP. Oka

RE: Issue with point to point VPNs behind NAT and asymmetric traffic

Linux by default (regardless of firewall rules) will not accept a packet on an interface when the source of that packet "should" be on another interface according to the current route table (in other words, you're doing asymetric routing).   Easy fix:   # Controls source route verification net

Re: Issue with point to point VPNs behind NAT and asymmetric traffic

My guess is something is doing stateful filtering. If you send a SYN down one link and the SYN-ACK comes back a different link, the receiving firewall will discard it as bogus. You should be able to test this by doing pcaps to confirm the traffic is arriving (though I'm not familiar with WireGuard

Re: Issue with point to point VPNs behind NAT and asymmetric traffic

Could it be as simple as a stateful firewall? Anurag Bhatia wrote on 6/12/2019 14:44: Hello everyone, Trying to get my head around a certain unexpected behaviour. I am running two site to site VPNs (wireguard now, OpenVPN earlier) between my home and a remote server over two different WAN l

Issue with point to point VPNs behind NAT and asymmetric traffic

Hello everyone, Trying to get my head around a certain unexpected behaviour. I am running two site to site VPNs (wireguard now, OpenVPN earlier) between my home and a remote server over two different WAN links. Both WAN links are just consumer connections - one with public IP and one with CGNATe

Re: someone is using my AS number

AS15001 ? (IT Convergence Inc.) MSP in India: did they have any slightest idea about the issue? :-) Cheers, Carlos On Wed, 12 Jun 2019, Philip Lavine via NANOG wrote: I talked to the upstream provider on AS 1500. I called the telephone number on the abuse record on ARIN and it went to a

Re: someone is using my AS number

On Wed, 12 Jun 2019 16:10:00 -, David Guo via NANOG said: > Get Outlook for iOS Does it work better on XE or XR versions? /ducks ;) pgpCxfGZJGXxT.pgp Description: PGP signature

Re: someone is using my AS number

Proper filtering from the upstream providers. .as On Wed, Jun 12, 2019 at 9:25 PM Alejandro Acosta < alejandroacostaal...@gmail.com> wrote: > Unfortunately RPKI is not useful in this case. > > Question: What else could be done to prevent this? > > > Alejandro, > > > > On 6/12/19 12:05 PM, Philip

Re: someone is using my AS number

>On 12 June 2019 6:05:58 pm GMT+02:00, Philip Lavine via NANOG >What is the procedure to have another party to cease and desist >in using my AS number? On 12 June 2019 7:57:52 pm GMT+02:00, Philip Lavine wrote: > Here is what I got from BGPMon- MY AS is 15053 > >Detected new prefix: 134.37.

Re: someone is using my AS number

Unfortunately RPKI is not useful in this case. Question: What else could be done to prevent this? Alejandro, On 6/12/19 12:05 PM, Philip Lavine via NANOG wrote: > What is the procedure to have another party to cease and desist in > using my AS number? > > Thx pEpkey.asc Description: applica

Re: someone is using my AS number

Seems the issue was on AS25213 side. They don't provide transit to AS15001 at all. Regards, Filip On 12 June 2019 7:57:52 pm GMT+02:00, Philip Lavine wrote: > Here is what I got from BGPMon- MY AS is 15053 > >Detected new prefix: 134.37.2.0/23 >Update time: 2019-06-11 17:58 (UTC) >Detected by

Re: someone is using my AS number

I talked to the upstream provider on AS 1500. I called the telephone number on the abuse record on ARIN and it went to a MSP in India. On Wednesday, June 12, 2019, 11:06:13 AM PDT, Töma Gavrichenkov wrote: Our records show this happened yesterday and lasted before 2019-06-11 20:24:00

Re: someone is using my AS number

Indeed, I do not see this in the our current version of the Default-Free Zone, so there may not be a problem for us to solve at this moment. I think your reaching out to NANOG or other operator forums is the correct action. Someone is bound to know someone who knows someone who can help. Kind reg

Re: someone is using my AS number

Our records show this happened yesterday and lasted before 2019-06-11 20:24:00, for 2.5 hours total. Maybe that was just by accident. I'm sort of confused why you're speaking of some ISPs in India. The incident was more or less local to Finland, wasn't it? -- Töma

Re: someone is using my AS number

Here is what I got from BGPMon- MY AS is 15053 Detected new prefix: 134.37.2.0/23 Update time: 2019-06-11 17:58 (UTC) Detected by #peers: 70 Announced by: AS15053 (ROLL-GLOBAL-LLC - Roll Global LLC, US) Upstream AS: AS15001 (ITCONVERGENCE-COM - IT Convergence Inc., US) ASpath: 394256 174 702 2521

contacts for two abuse cases - cloudstar.is and heficed.com

We are getting since several weeks ago, intrusion attempts via SIP (among others) from: 1) cloudstar.is - They are not responding at all. 2) heficed.com - The people responding is "unable" to resolve it. In both cases the attacks come from different IP addresses. So, anyone has a "realiable" c

Re: someone is using my AS number

What is your ASN? On Wed, Jun 12, 2019 at 12:08 PM Philip Lavine via NANOG wrote: > What is the procedure to have another party to cease and desist in using > my AS number? > > Thx >

Re: someone is using my AS number

On Wed, Jun 12, 2019 at 11:46 AM Carsten Bormann wrote: > On Jun 12, 2019, at 18:10, David Guo via NANOG wrote: > > > > Send abuse complaint to the upstreams > > > > Get Outlook for iOS > > Yes, but which of these is more effective? > With some upstreams, I wonder if getting Outlook for iOS mig

Re: someone is using my AS number

On Jun 12, 2019, at 18:10, David Guo via NANOG wrote: > > Send abuse complaint to the upstreams > > Get Outlook for iOS Yes, but which of these is more effective? SCNR Grüße, Carsten

Re: someone is using my AS number

On Wed, Jun 12, 2019 at 04:10:00PM +, David Guo via NANOG wrote: > Send abuse complaint to the upstreams ...and then name & shame publicly. AS-path forgery "for TE" was never a good idea. Sharing the affected prefix[es]/path[s] would be good. -- Posted from my personal account - see X-Disc

Re: someone is using my AS number

Can you share more details? Perhaps we can put the human social network to good use. Other than that this is annoying - are right now operationally impacted? Kind regards, Job On Wed, Jun 12, 2019 at 12:24 Filip Hruska wrote: > I would contact upstreams of the upstream then. This is quite a s

Re: someone is using my AS number

details help here, and perhaps folk who peer with the upstreams can just reject routes with your as in them... if, you know, we knew what that was :) On Wed, Jun 12, 2019 at 9:21 AM Philip Lavine via NANOG wrote: > > yeah I did they are some MSP in India. No help. > > On Wednesday, June 12, 2019,

Re: someone is using my AS number

Maybe try contacting the RIR? On Wed, Jun 12, 2019, 12:23 PM Philip Lavine via NANOG wrote: > yeah I did they are some MSP in India. No help. > > On Wednesday, June 12, 2019, 9:15:51 AM PDT, Filip Hruska > wrote: > > > Contact the offending upstreams. > > Filip > > On 12 June 2019 6:05:58 pm GM

Re: someone is using my AS number

I would contact upstreams of the upstream then. This is quite a serious offence and they should help you. Regards, Filip On 12 June 2019 6:20:42 pm GMT+02:00, Philip Lavine wrote: > yeah I did they are some MSP in India. No help. > >On Wednesday, June 12, 2019, 9:15:51 AM PDT, Filip Hruska >

Re: someone is using my AS number

yeah I did they are some MSP in India. No help. On Wednesday, June 12, 2019, 9:15:51 AM PDT, Filip Hruska wrote: Contact the offending upstreams. Filip On 12 June 2019 6:05:58 pm GMT+02:00, Philip Lavine via NANOG wrote: What is the procedure to have another party to cease and desi

Re: someone is using my AS number

Contact the offending upstreams. Filip On 12 June 2019 6:05:58 pm GMT+02:00, Philip Lavine via NANOG wrote: >What is the procedure to have another party to cease and desist in >using my AS number? >Thx -- Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: someone is using my AS number

Send abuse complaint to the upstreams Get Outlook for iOS From: NANOG on behalf of Philip Lavine via NANOG Sent: Thursday, June 13, 2019 12:05:58 AM To: NANOG List Subject: someone is using my AS number What is the procedure to have anoth

someone is using my AS number

What is the procedure to have another party to cease and desist in using my AS number? Thx