like this one. It
is unacceptable that no swift action was taken on your end to limit the
global routing issues you caused.
Sincerely,
Martin Millnert
Member of Internet Community - no carrier / ISP affiliation.
signature.asc
Description: This is a digitally signed message part
On Fri, 2015-06-12 at 10:43 +0100, Marty Strong via NANOG wrote:
> It *looks* like GBLX stopped accepting the leak.
Nope. Churn is ongoing, nothing has been fixed.
Global outage began 08:44 UTC and is still ongoing.
It's been so long people have now had time to come up with things like
"33.333%".
Hi list,
in the interest of really running down also the final /8 of RIPE, which
was entered today, let me point out that the cost to setup a new LIR is
a meager application + application fee (2000 EUR) + ~1500 EUR or so for
the first year. You can obviously transfer the resource as long as the
r
On Sun, 2012-04-29 at 21:50 +0100, Nick Hilliard wrote:
> - the RIPE NCC is now funding a project for which there is no
> consensus policy supported by the RIPE community, and is doing this on
> the basis of a hair's breath majority vote amongst its membership.
Not only were the vote extremely na
Jared,
On Thu, Oct 13, 2011 at 5:56 PM, Jared Mauch wrote:
> Rebuilding this trust can take some time. I do expect that with the iMessage
> stuff that was released yesterday (SMS/MMSoIP to email/phone#) many more
> companies will shift to using that instead as the value of BBM is decreased.
W
Arturo,
On Fri, Oct 7, 2011 at 8:59 PM, Arturo Servin wrote:
> ARIN and APNIC allows it, LACNIC will when it reaches the last /12 (so
> now is not possible). RIPE NCC and Afrinic do not have a policy yet AFAIK.
RIPE's LIR IPv4 listing service has 1x /20 listed, *right now*.
https://www.r
On Sat, Oct 8, 2011 at 6:14 PM, Florian Weimer wrote:
> IPv4 addresses will never run out in a strict sense of the word, it
> will just become increasingly more difficult to reassign IPv4 address
> space to those who need it.
If you by difficult mean expensive, then I agree.
Regards,
Martin
Hi,
On Wed, Oct 5, 2011 at 1:11 PM, Claudio Lapidus wrote:
> what actual use cases have you seen in the field (if any) for DPI'ing user
> sessions,
> considering we are mostly a DSL shop.
I've seen tyrannical governments use Bluecoat's to crack down on their
own population(*).
Was this the sort
Leo,
On Mon, Oct 3, 2011 at 7:34 PM, Leo Bicknell wrote:
> The only way to make sure a route was correct, everywhere, would
> be to have 39,000+ probes, one on every ASN, and check the path to
> the root server. Even if you had that, how do you define when any
> of the changes in 1-4 are legitim
Jimmy,
On Tue, Sep 27, 2011 at 1:50 PM, Jimmy Hess wrote:
> The name for an ISP intercepting traffic from its own users is not
> "interference" or "DoS",
> because they're breaking the operation of (er) only their own network.
This statement somehow assumes that users of said network were onl
Brent,
On Mon, Sep 12, 2011 at 11:13 PM, Brent Jones wrote:
> Lots of devices can have trouble if you direct high PPS to the control
> plane, and will exhibit performance degradation, leading up to a DoS
> eventually.
> That isn't limited to software based routers at all, it will impact
> dedicat
On Mon, Sep 12, 2011 at 5:09 PM, Michael Thomas wrote:
> And how long would it be before browsers allowed
> self-signed-but-ok'ed-using-dnssec-protected-cert-hashes?
As previously mentioned, Chrome >= v14 already does.
Regards,
Martin
Steinar,
On Sun, Sep 11, 2011 at 8:12 PM, wrote:
>> To pop up the stack a bit it's the fact that an organization willing to
>> behave in that fashion was in my list of CA certs in the first place.
>> Yes they're blackballed now, better late than never I suppose. What does
>> that say about the p
Gregory,
On Mon, Sep 12, 2011 at 1:23 PM, Gregory Edigarov
wrote:
> On Mon, 12 Sep 2011 12:12:08 +0200
> Martin Millnert wrote:
>
>> Mike,
>>
>> On Sun, Sep 11, 2011 at 8:44 PM, Mike Jones wrote:
>> > It will take a while to get updated browsers rolled o
Mike,
On Sun, Sep 11, 2011 at 8:44 PM, Mike Jones wrote:
> It will take a while to get updated browsers rolled out to enough
> users for it do be practical to start using DNS based self-signed
> certificated instead of CA-Signed certificates, so why don't any
> browsers have support yet? are any
On Wed, Aug 31, 2011 at 12:56 PM, Denis Spirin wrote:
(snip)
> So, noone is protected from IP network stealing. And noone cares. If
> Internap or it's uplinks was more clever and more insistent - we really had
> a chance to lost our networks forever.
Denis, I think you handled it pretty well from
Iljitsch,
On Thu, Jun 9, 2011 at 12:49 PM, Iljitsch van Beijnum
wrote:
> Are there any switches out there that do MLDP snooping to avoid flooding IPv6
> multicasts?
Something as enterprisey as even HP Procurve (!) has been doing this for years.
Regards,
Martin
On Wed, Jun 8, 2011 at 4:10 PM, Ken Chase wrote:
> So we have to buy from BOTH HE and Cogent?! Sounds like market fixing to me!
> :/
>
> Guess if we do we can advertise that on our webpage... "now with BOTH halves
> of the ipv6 internets!"
Or just buy from someone who have sessions with both, wh
Hi,
On Thu, Jun 9, 2011 at 10:39 AM, Cameron Byrne wrote:
>> In message <4df053aa.50...@axu.tm>, Aleksi Suhonen writes:
>> > Some people were talking about Large Scale NATs (LSN) or Carrier Grade
>> > NATs (CGN) yesterday. Comments included that DS-Lite and NAT64 are
>> > basically LSNs and they
Nick,
On Wed, Jun 8, 2011 at 9:51 AM, Nick Olsen wrote:
> I'm sure someone here is doing IPv6 peering with cogent.
(snip)
> Any things to be aware of before
> pulling the trigger on it? (Other then them not having connectivity to HE's
> IPv6 side of things, Wish they would fix that already...)
N
Cameron,
On Wed, Jun 8, 2011 at 8:48 AM, Cameron Byrne wrote:
> On Wed, Jun 8, 2011 at 5:47 AM, Cameron Byrne wrote:
>> On Wed, Jun 8, 2011 at 12:09 AM, Owen DeLong wrote:
>>>
>>> On Jun 7, 2011, at 9:59 PM, Martin Millnert wrote:
>>>
>>>> Owen,
Owen,
On Tue, Jun 7, 2011 at 11:47 PM, Owen DeLong wrote:
> LSN is required when access providers come across the following two
> combined constraints:
>
> 1. No more IPv4 addresses to give to customers.
> 2. No ability to deploy those customers on IPv6.
2 has little bear
George,
On Thu, May 12, 2011 at 11:41 AM, George Bonser wrote:
>> A lot. I see /48 breakouts from /32 PA blocks for instance, announced
>> by a
>> customer AS of the PA holder AS.
>>
>> --
>> Mikael Abrahamsson email: swm...@swm.pp.se
>
> Which is kinda sad.
It's reality.
> If those customer
Owen,
On Mon, May 9, 2011 at 8:40 PM, Owen DeLong wrote:
> RIPE-NCC is probably next and I expect they will likely run out next month.
Seems a bit improbable to me, considering:
http://www.ripe.net/internet-coordination/ipv4-exhaustion/ipv4-available-pool-graph
Regards,
Martin
Daniel,
On Fri, Apr 29, 2011 at 7:44 PM, Daniel Roesen wrote:
> On Fri, Apr 29, 2011 at 05:51:25PM -0400, Jay Ashworth wrote:
>> > Imagine: multicast internet radio! Awesome!
>>
>> That would, indeed, be awesome; when everyone in my office was listening to
>> the royal wedding, there would be a *
Mobile v6 folks,
On Wed, Apr 27, 2011 at 12:56 PM, Kevin Day wrote:
> T-Mobile: Nokia N900 works great thanks to you(admittedly a dead-end from
> Nokia, but it works with the same level of shell script and kernel hacking
> that all N900 users expect)
Add the Nokia N97 to this list, with cellul
On Thu, Apr 21, 2011 at 1:00 PM, Scott Berkman wrote:
> It's not specific for mobile, but this is one of the most well know VOIP
> exchanges:
And here I thought IP exchanges would cover the IP in VOIP.
When do we get HTTP exchanges? :)
Regards,
Martin
On Wed, Apr 20, 2011 at 9:55 PM, Patrick W. Gilmore wrote:
> On Apr 20, 2011, at 9:35 PM, Curran, David wrote:
>
>> I'm interested in any evidence (even anecdotal) that general Internet usage
>> (and more importantly, link utilization) has increased at higher rates in
>> the last 6-12 months tha
Butch,
On Tue, Apr 19, 2011 at 8:52 PM, Butch Evans wrote:
> The drafts I saw posted earlier were discussing what is
> essentially toredo services (anycast tunnel) at least.
6to4 is significantly different from Teredo, since it:
a) it does not hurt web deployments using DNS records for their
re
John,
On Tue, Apr 19, 2011 at 4:44 PM, Brzozowski, John
wrote:
> Folks,
>
> Since deploying our 6to4 relays, Comcast has observed a substantial
> reduction in the latency associated with the use of 6to4. As such we are
> contemplating further opening our relays for use by others. The
> availabili
Jay,
On Fri, Mar 25, 2011 at 9:46 PM, Jay Ashworth wrote:
> - Original Message -
>> From: "Leo Bicknell"
>
>> Having looked around the world I personally believe most communities
>> would be best served if the government provided layer-1 distribution,
>> possibly with some layer 2 switch
Paul,
On Fri, Mar 25, 2011 at 2:31 PM, Paul Graydon wrote:
> http://arstechnica.com/tech-policy/news/2011/03/133-us-cities-now-run-their-own-broadband-networks.ars
>
> Ars Technica has a short article up about the growth of municipal networks,
> but principally a nice little 'hey check out this w
On Fri, Mar 25, 2011 at 12:19 PM, Akyol, Bora A wrote:
> One could argue that you could try something like the facebook model (or
> facebook itself). I can see it coming.
> Facebook web of trust app ;-)
Indeed not very unreasonable at all, except a) it would be kind of
unfortunate if Facebook wo
List,
since there are IRR databases operated by non-RIRs, does one need to
register a prefix in any RIR-DB at all, to see it reachable on the
Internet?
Have there been any presentations/research done on reachability of
RIR-registered vs non-RIR-registered vs completely unregistered
announcements?
To my surprise, I did not see a mention in this community of the
latest proof of the complete failure of the SSL CA model to actually
do what it is supposed to: provide security, rather than a false sense
of security.
Essentially a state somewhere between Iraq and Pakistan snatched valid
certs for
On Sun, Mar 20, 2011 at 6:35 PM, Patrick W. Gilmore wrote:
> Is 127.0.0.1 / ::1 the Internet version of "555"?
Not according to the RFC:s.
Given the use of "555" in the (North American) TV world, and the
regularity with which IETF defines specific example resources of
various sorts, one would al
On Sat, Feb 19, 2011 at 1:45 AM, Randy Bush wrote:
> thanks, craig
>
> luckily, we have no problems like this
>
> http://www.boingboing.net/2011/02/17/dhs-erroneously-seiz.html
mm what would we do without these well-functioning blacklists (
http://boingboing.net/2010/09/30/only-17-of-sites-blo
Mounir,
On Wed, Feb 16, 2011 at 6:58 PM, Mounir Mohamed
wrote:
> No the BGP and the physical links were down.
did you have any domestic BGP sessions up?
Regards,
Martin
On Wed, Feb 16, 2011 at 9:09 AM, Marshall Eubanks wrote:
>
> On Feb 16, 2011, at 12:15 AM, Joly MacFie wrote:
>
>> http://www.nytimes.com/2011/02/16/technology/16internet.html
>>
>> There has been intense debate both inside and outside Egypt on whether the
>>> cutoff at 26 Ramses Street was accomp
On Sun, Feb 6, 2011 at 12:00 AM, Joly MacFie wrote:
> Lebanon's Telecom minister is claiming that US Navy radar is blocking the
> country's Internet..
>
> http://www.naharnet.com/domino/tn/NewsDesk.nsf/0/93A95CA1A4E42178C225782E007371AF
>
> "The problem, however, is due to a coordination error rel
Paul,
a key piece in the article is on the second page:
"In fact, a lot of what the bill provides for are a very good ideas.
The bill sets out the concept that cyberspace is a strategic asset for
the United States and needs to be protected like any other strategic
asset. This is good.
The bill al
Alex,
On Tue, Feb 1, 2011 at 4:57 PM, Alex Band wrote:
> On 1 Feb 2011, at 22:20, Owen DeLong wrote:
>> RPKI is a big knob governments might be tempted to turn.
>
> Of course we looked into this, cause we're running our service from
> Amsterdam, the Netherlands. The possibilities for law enforce
On Tue, Feb 1, 2011 at 5:15 PM, Carlos M. Martinez
wrote:
> Although I support Rpki as a technology, there are legitimate concerns that
> it could be abused. I now believe that Rpki needs work in this area at IETF
> level so the concerns are adressed.
>
> I imagine some form of secret sharing am
On Tue, Feb 1, 2011 at 4:36 PM, Michael Hallgren wrote:
> But RIR is (at least supposed to be) regional, so
> (hopefully) more stable from a policy point of view (since the number of
> national "stake holders" need to agree on a common policy). In theory,
> at least...
For Europe and RIPE, the EU
On Tue, Feb 1, 2011 at 3:32 PM, Majdi S. Abbas wrote:
> If your business requires connectivity, you're not going to
> have a choice, so you might as well get with the program. It's
> less about making a business case for v6, and more about risk
> management at this point.
+1
Regards,
Mar
On Tue, Feb 1, 2011 at 12:00 AM, Martin Millnert wrote:
> Neither Linux 2.6.37 nor Windows 7 accepts it
Oops, I was clumpsy there, apologies. When I was testing this, I
messed up one of my hosts :/ It seems 240/4 *does* work as unicast v4
in Linux 2.6.37.
Then it's easy, just
Jeremy,
I have not heard of any IP stack that is built to accept 240/4.
Neither Linux 2.6.37 nor Windows 7 accepts it, and let's not think
about all routers, including CPE:s, out there.
The logic goes:
You are many orders of magnitudes more likely to get v6 off the
ground, than 240/4 or 224/4 as u
Carlos,
On Sun, Jan 30, 2011 at 9:22 PM, Carlos Martinez-Cagnazzo
wrote:
> Hi,
>
> this is the second mention I see of RPKI and Egypt in the same
> context. I sincerely fail to see the connection between both
> situations.
>
It is quite simple actually.
1. Governments (eventually) want to take
On Sun, Jan 30, 2011 at 5:08 PM, Jack Bates wrote:
> Just a simple, if route invalidly signed, drop it.
What constitutes a invalidly signed route more exactly?
Would a signed route by a signer (ISP) who's status has been revoked
by an entity in the RPKI-hierarchy-of-trust above (for whatever
rea
Here be dragons,
On Sun, Jan 30, 2011 at 12:39 PM, Carlos Martinez-Cagnazzo
wrote:
> The solution to this problem (theoretical at least) already exist in
> the form of RPKI.
Any top-down RPKI model is intrinsically flawed.
Deploying an overlay of single-point(s) of failure on top of a
well-func
On Sun, Jan 30, 2011 at 3:52 AM, Joseph Prasad wrote:
> A very good interview with John Young on Russia Today.
>
> http://www.youtube.com/watch?v=oMRUiB_8tTc
One thing that Mr Young mentions in this interview is the threat
secret governance poses for any free and democratic society and how
there
51 matches
Mail list logo
