Re: Carrier Options in Bogota

2022-07-01 Thread Max Tulyev
01.07.22 16:47, nanoguser99 via NANOG пише: Nanog, I need good connectivity to local eyeball networks there.  I've explored Cogent, Lumen, and a local clled Telxius and results are all over the map.  Is there a provider that's 'well peered' with all the locals? Hoping this formats correct

Re: FCC proposes higher speed goals (100/20 Mbps) for USF providers

2022-05-24 Thread Max Tulyev
Do they help with a local government ("we do not need your cables, go avway")? 23.05.22 21:56, Sean Donelan пише: Money, money, money. On Mon, 23 May 2022, Aaron Wendel wrote: The Fiber Broadband Association estimates that the average US household will need more than a gig within 5 years. 

Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.)

2022-05-24 Thread Max Tulyev
11.05.22 15:31, Masataka Ohta пише: As I wrote: But some spam actors deliberately compared zone file editions to single out additions, and then harass the owners of newly registered domains, both by e-mail and phone. If that is a serious concern, stop whois. There are various ways, such as

Re: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s)

2022-05-24 Thread Max Tulyev
15.05.22 00:19, Nick Hilliard пише: a malicious actor will spoof the origin AS.  The aim of RPKI to help stop mis-origination of prefixes, and the root cause of most of this is accidental. To make a working hijack of the routed prefix (for sniffing traffic, DDoS or something similar), you hav

Re: Russian aligned ASNs?

2022-02-25 Thread Max Tulyev
Better just apply EU sanctions to RIPE NCC. Wait for some time. And see all Russians are NATed to several Chinese IPs ;) No ASN, no BGP, no hijacks, no DDoSes... 25.02.22 02:40, William Allen Simpson пише: There have been reports of DDoS and new targeted malware attacks. There were questions

Re: SentryPeer: A distributed peer to peer list of bad IP addresses and phone numbers collected via a SIP Honeypot

2021-11-26 Thread Max Tulyev
Hi Gavin, I thought to do something similar ;) As I can see in the code, you count somebody as a bad actor just because of one UDP packet is received. It is a bad idea, because it is easy to spoof that packet and make a DoS against some good actor. Right way: you have to simulate a SIP dialo

Re: IPv6 and CDN's

2021-11-03 Thread Max Tulyev
Implementing IPv6 reduces costs for CGNAT. You will have (twice?) less traffic flow through CGNAT, so cheaper hardware and less IPv4 address space. Isn't it? 22.10.21 20:19, Mark Tinka пише: On 10/22/21 18:08, t...@pelican.org wrote: I don't think it'll ever make money, but I think it will

Re: Global issues @ Telia - doing a "FB/hold my beer" move?

2021-10-07 Thread Max Tulyev
Really it depends on the problem source. BGP do not know either route really reachable or not. This time we was just lucky. 07.10.21 22:36, Ca By пише: On Thu, Oct 7, 2021 at 11:47 AM Max Tulyev <mailto:max...@netassist.ua>> wrote: We have 2 ports from Telia, one in Kiev (Ukr

Re: Global issues @ Telia - doing a "FB/hold my beer" move?

2021-10-07 Thread Max Tulyev
We have 2 ports from Telia, one in Kiev (Ukraine) and one in New York (USA). I have seen both ports simultaneously dropped traffic volume for about one hour today. It was not critical (for us), as traffic was shifted to another links, and there was no unreachable destinations like BGP announce

Re: [EXTERNAL] Re: dumb question: are any of the RIR's out of IPv4 addresses?

2021-02-19 Thread Max Tulyev
We can help, of course ;) Mail me off-list for details. Or isn't it off-topic right here? 17.02.21 06:53, Mann, Jason via NANOG пише: Any recommendations for legitimate ip brokers? *From:* NANOG on behalf of Michael Tho

Microsoft is hacking my Asterisk??? O_o

2020-11-03 Thread Max Tulyev
Hi All, I have just seen a number of IPs trying to brute-force my VoIP server from Microsoft network. For example, 13.90.148.133, 20.55.203.249, 40.76.244.210... Traceroute really goes to MSN. More than a half of all usual attempts to hack my Asterisk I got today, came from MSN. What is happ

Netflix people?

2020-08-10 Thread Max Tulyev
Hi All, is there anyone from Netflix? We have a strange problem: our customers also customers of Netflix when connecting to Netfilx sees 404 error. If they change IP to another ISP - everything works fine. The support can't solve it.

SaoPaolo to Frankfurt

2020-07-12 Thread Max Tulyev
Hi All! Who can provide a VLAN from SaoPaolo to Frankfurt for remote IX.BR participation? Please contact me off-list. I see there is only one undersea cable going directly from Brazil to Europe. Why?

Re: Quality of the internet

2020-06-18 Thread Max Tulyev
Hi, in our region (CIS, eastern Europe) we still have issues with overloaded international transport and bad quality of international channels from time to time (especially at the beginning of COVID19). While Internet looks slow, but still usable, this case VoIP goes really bad. Our regional

Re: FCC proposes $10 Million fine for spoofed robocalls

2020-01-07 Thread Max Tulyev
Not only international call costs money (yes, it is extremely cheap SIP nowdays), but the time of call center operators costs money as well, And it is really not so cheap for the end customer (i.e. spammer), even in India. 20.12.19 19:56, Mark Milhollan пише: On Thu, 19 Dec 2019, Keith Medcal

Re: FCC proposes $10 Million fine for spoofed robocalls

2020-01-07 Thread Max Tulyev
I do that every time ;) As the owner of telco, I even get small money for this call termination. Also, we implemented immediate answer and voice menu option, it says "Welcome, press ... to reach ...!" and circles. So me (as the telco operator) receive the money for call termination, and real c

Re: CloudFlare issues?

2019-06-24 Thread Max Tulyev
24.06.19 19:04, Matthew Walster пише: On Mon, 24 Jun 2019, 16:28 Max Tulyev, <mailto:max...@netassist.ua>> wrote: 1. Why Cloudflare did not immediately announced all their address space by /24s? This can put the service up instantly for almost all places Probably RPKI and t

Re: Verizon Routing issue

2019-06-24 Thread Max Tulyev
24.06.19 17:44, Jared Mauch пише: 1. Why Cloudflare did not immediately announced all their address space by /24s? This can put the service up instantly for almost all places. They may not want to pollute the global routing table with these entries. It has a cost for everyone. If we all did

Re: CloudFlare issues?

2019-06-24 Thread Max Tulyev
Hi All, here in Ukraine we got an impact as well! Have two questions: 1. Why Cloudflare did not immediately announced all their address space by /24s? This can put the service up instantly for almost all places. 2. Why almost all carriers did not filter the leak on their side, but waited fo

Re: Webzilla

2019-03-17 Thread Max Tulyev
It's quite conveniently to have all botnets C&C in several known ASNs. More pain if it will be spread through thousands regular residential customers, like when use fast(double)flux or peertopeer technologies ;) Joke. Really, there were a lot of cases all upstreams had disconnected some ASN f

Re: IPv6 and forensic requests

2019-02-10 Thread Max Tulyev
(last RIPE meeting, APNIC meeting, etc., there are even videos of them). Regards, Jordi -Mensaje original- De: NANOG en nombre de Max Tulyev Fecha: domingo, 10 de febrero de 2019, 16:30 CC: NANOG Asunto: Re: IPv6 and forensic requests Hello Jordi, thank you, I

Re: IPv6 and forensic requests

2019-02-10 Thread Max Tulyev
, if you want the customers are able to use old IPv4 apps and devices, NAT64 is not sufficient, you need also CLAT at the customer premises (so they can run 464XLAT). Regards, Jordi -Mensaje original- De: NANOG en nombre de Max Tulyev Fecha: domingo, 10 de febrero de 2019, 14

IPv6 and forensic requests

2019-02-10 Thread Max Tulyev
Hi All, we are implementing IPv6 only infrastructure. For IPv4 access, we using tayga for 6to4 translation and then CGN for NAT. There is a number of ways for Linux based NAT to store information for future forensic requests (i.e. "who was it cracking that website?"). But what about 6to4 tra

Re: Dnssec still inoperable on the internet ?— was ARIN NS down?

2019-01-11 Thread Max Tulyev
It's because you see problems it causes, and do not see problems it solves ;) 11.01.19 17:58, Ca By пише: > Thanks for the update that dnssec STILL causes more real world problems > than it solves.  > > . > > That said, arin is a pro outfit. If they can screw it up, like nasa, so > can you.

Re: Facebook doesn't have a route to my ISP's (Cogeco) IPv6 space?

2018-12-20 Thread Max Tulyev
Well known problem. You can use our tunnel broker connection (tb.netassist.ua) as a workaround. 17.12.18 22:01, Brian J. Murrell пише: > I've been trying to figure out why I can reach an IPv6 address at > Facebook (2a03:2880:f012:3:face:b00c:0:1) through (only) one of my two > Internet connection

Re: Should ISP block child pornography?

2018-12-11 Thread Max Tulyev
photos, LEOs in the US have to ascertain if this is CP > or photo shopped.  > > On Tue, Dec 11, 2018 at 12:54 PM Max Tulyev <mailto:max...@netassist.ua>> wrote: > > ...and you will see the TOR exit nodes instead of crime home IP if > censorship is

Re: Should ISP block child pornography?

2018-12-11 Thread Max Tulyev
...and you will see the TOR exit nodes instead of crime home IP if censorship is implemented. 11.12.18 19:35, Aaron1 пише: > ... The only thing I can think of is the idea that I’ve heard before is > the way to catch someone is to watch them well they are accessing, the > concept of honeypots comes

Re: Should ISP block child pornography?

2018-12-11 Thread Max Tulyev
Remember what I said... If the censorship system will be created FOR ANY, ANY REASON - you will forget the initial reason very quickly. 11.12.18 19:34, Aaron1 пише: > Right... When would it ever be wrong to stop terrible internet activity > such as this?! > > Aaron > > On Dec 11, 2018, at 10:43

Re: Should ISP block child pornography?

2018-12-08 Thread Max Tulyev
Because of USA does not have any block lists for example ;) 08.12.18 22:29, Keith Medcalf пише: > >> They put IP of some government or critical (for example, >> VISA/Mastercard processing) sites in their blocked >> domain - and those victim sites will be blocked. >> This trolling is very popula

Re: Should ISP block child pornography?

2018-12-08 Thread Max Tulyev
victim sites will be blocked. This trolling is very popular in Russia, for example. 08.12.18 19:41, Hank Nussbacher пише: > On 07/12/2018 20:48, Max Tulyev wrote: >> Yes, you may nullroute some IP with some site, but as the collateral >> damage you will block part of Cloudflare

Re: Should ISP block child pornography?

2018-12-07 Thread Max Tulyev
Hi All, we are fighting with censorship in our country. So I have something to say. First, censorship is not just "switch off this website and that webpage". No magic button exist. It is more complex, if you think as for while system. Initially, networks was build without systems (hardware and s

Re: Proving Gig Speed

2018-07-16 Thread Max Tulyev
Hi! Here I have http://www.speedtest.net/result/7475546550 from my notebook right now. It is i5-2540M CPU. First of all, NIC is much more important than CPU. Intel NIC can give 1Gbps easy, while Realtek or Broadcom probably never gives you more than ~300mbps. Linux times faster than Windows in t

Re: AS3266: BitCanal hijack factory, courtesy of many connectivity providers

2018-06-26 Thread Max Tulyev
RPKI? BGPsec? 26.06.18 21:27, Mike Hammett пише: > Any solution to that? Yell at the IRRs more? > > > > > - > Mike Hammett > Intelligent Computing Solutions > http://www.ics-il.com > > Midwest-IX > http://www.midwest-ix.com > > - Original Message - > > From: "Job Snijders

Re: BGP in a containers

2018-06-14 Thread Max Tulyev
bird is better than quagga! (runs away) ;) 14.06.18 21:56, james jones пише: > I am working on an personal experiment and was wondering what is the best > option for running BGP in a docker base container. I have seen a lot blogs > and docs referencing Quagga. I just want to make sure I am not ov

Re: FW: Satelite Internet Provider

2018-06-07 Thread Max Tulyev
Uses Yamal 402 Russian (spy)service ;) 07.06.18 08:35, Itay Fisher пише: > Dear Edwin, > > IO-SAT is a Vsat internet provider for both fixed and > maritime purposes. > Please share with us what exactly do you need and the estimate capacity you > are looking for. > > > Reg

Re: SIP fax sending software?

2018-06-03 Thread Max Tulyev
Hi All, Looking for similar, but other one. Have Asterisk with E1 connection to PSTN (not VoIP). Is there some software to let it work as a fax and modem? 30.05.18 23:13, John R. Levine пише: > Can anyone recommend software that sends faxes over SIP?  I have plenty > of inbound fax to email serv

Re: Subsea availability

2018-05-22 Thread Max Tulyev
May be there is something similar, but with the sales contact for each cable system? ;) 22.05.18 08:54, Reid Fishler пише: > Not to mention: > https://www.cablemap.info/ > > Reid > > > On Tue, May 22, 2018 at 1:46 AM james jones wrote: > >> Not interactive but cool animation: >> >> https://ww

Re: Email security: PGP/GPG & S/MIME vulnerability drop imminent

2018-05-15 Thread Max Tulyev
I did a lot. Centralized proprietary messenger with a lot of noise around. Unlike for example clear p2p tox, federalized own jabber server, with TOR to hide a metadata. 15.05.18 19:36, John Levine пише: > In article <47acebac-7df1-0dbb-9584-27062a945...@netassist.ua> you write: >> Really? Use ext

Re: Email security: PGP/GPG & S/MIME vulnerability drop imminent

2018-05-15 Thread Max Tulyev
Really? Use extremely centralized closed source "solution"? LOL. 15.05.18 18:47, John Levine пише: > In article <240538927.8145.1526388210820.JavaMail.mhammett@ThunderFuck> you > write: >> Encrypted e-mail is so incredibly niche, this won't affect almost everyone. > > Bruce Schneier's blog ent

Re: Question about great firewall of China

2018-03-25 Thread Max Tulyev
Hi, even in China it is not possible to block content from people proactively want to reach it (VPN, TOR, etc). So terrorists, child pornographers, drug dealer, copyright violators and other s*it are in safe. Only can really do the Internel Censorship is to decrease of circle of spreading informa

Re: Free access to measurement network

2017-12-16 Thread Max Tulyev
So for my point of view, better solution is to push some law that ease access to the buildings for ISPs. 15.12.17 19:40, valdis.kletni...@vt.edu пише: > On Fri, 15 Dec 2017 07:47:42 -0500, Dovid Bender said: >> What kind of internet are these devices on? With Net Neutrality gone here >> in the US

Re: USA local SIM card

2017-09-17 Thread Max Tulyev
private IP address? IPv6? On 17.09.17 22:52, Jean-Francois Mezei wrote: > On 2017-09-17 13:07, Max Tulyev wrote: > > > AT&T's $45 prepaid pans and its more expemsive sibbling (I think $65) > allow over 6GB of data at LTE speeds, and the rest is unlimited but at > 2G speeds

Re: IPv6 migration steps for mid-scale isp

2017-09-17 Thread Max Tulyev
Hello, for my point of view, the start question is do you control CPEs (can re-configure and re-flash it), or users buy and own CPEs themself? On 13.09.17 15:08, Fredrik Sallinen wrote: > Hello, > > Recently we have decided to start IPv6 migration in our network. We > have ~1K BNGs and connectin

USA local SIM card

2017-09-17 Thread Max Tulyev
Hi All, sorry for possible off-topic, I really did not know where to ask this. I'm going to visit USA for two weeks. I want to buy a local prepaid SIM card mostly for IP access. Is it possible in USA to buy a prepaid SIM as a visitor, without long term contract? I need a public (can be dynamic)

Re: PCIe adapters supporting long distance 10GB fiber?

2017-06-20 Thread Max Tulyev
We use Intel NICs with SFP+ holes. It works good with long and short range SFP+ modules, including CWDM/DWDM. On 15.06.17 12:10, chiel wrote: > Hello, > > We are deploying more and more server based routers (based on BSD). We > have now come to the point where we need to have 10GB uplinks one the

Re: Financial services BGP hijack last week?

2017-05-02 Thread Max Tulyev
All know. Nobody care. On 02.05.17 08:49, valdis.kletni...@vt.edu wrote: > I didn't see any mention of this here. Any comments? > > "On Wednesday, large chunks of network traffic belonging to MasterCard, Visa, > and more than two dozen other financial services companies were briefly routed > thr

Re: ipv6 accepted & announcement size upto /48 or longer than /48 ?

2017-04-27 Thread Max Tulyev
Yes, but that's not a policy, that's a BCP. On 27.04.17 16:47, root wrote: > Am i right ? > > Policy for ipv4 accept and send upto /24 > Policy for ipv6 accept and send upto /48 >

Re: Facebook more specific via Level3 ?

2017-04-16 Thread Max Tulyev
Hi, got the same from Kiev, Ukraine: dig fbcdn.com fbcdn.com. 300 IN A 31.13.74.1 which is slow and routed through USA and dig fbcdn.com @8.8.8.8 fbcdn.com. 299 IN A 31.13.93.3 which is fast and routed through Germany Same is for IPv6. Is

Re: CGNAT

2017-04-07 Thread Max Tulyev
BTW, does somebody check how implementing a native IPv6 decrease actual load of CGNAT? On 06.04.17 23:33, Aaron Gould wrote: > Last year I evaluated Cisco ASR9006/VSM-500 and Juniper MX104/MS-MIC-16G in > my lab. > > I went with MX104/MS-MIC-16G. I love it. > > I deployed (2) MX104's. Each MX

Re: Passive Optical Network (PON)

2017-01-23 Thread Max Tulyev
Hi, using in rural area, it works. Much cheaper than ETTH. On 21.01.17 18:44, Kenneth McRae wrote: > Greeting all, > > Is anyone out there using PON in a campus or facility environment? I am > talking to a few vendors who are pushing PON as a replacement for edge > switching on the campus and

Re: Safe IPv4 Was: Re: premiumcolo.net IP address rental

2017-01-18 Thread Max Tulyev
Very strange. Everytime it was open for all companies need IP network will be used in RIPE region. Not for those having (any? main? branch? legal address?) office in the RIPE region. And it is still possible to open a RIPE LIR for offshore companies like BVI, Belize, Seychelles without any questio

Re: Measuring the quality of Internet access

2016-06-13 Thread Max Tulyev
All results will be very depend of target choise, as we can understand. So that's the main point. On 13.06.16 23:58, Collin Anderson wrote: > > On Mon, Jun 13, 2016 at 4:18 PM, Max Tulyev <mailto:max...@netassist.ua>> wrote: > > But I can't figure out what S

Re: Measuring the quality of Internet access

2016-06-13 Thread Max Tulyev
Well, that was MY question! =) What who where (goverment/regulators) define as the quality? On 13.06.16 23:38, valdis.kletni...@vt.edu wrote: > On Mon, 13 Jun 2016 22:11:47 +0300, Max Tulyev said: >> Is it possible in general to measure the quality of Internet access? And >&g

Re: Measuring the quality of Internet access

2016-06-13 Thread Max Tulyev
nished keyboard. > > No dia 13/06/2016, às 20:11, Max Tulyev <mailto:max...@netassist.ua>> escreveu: > >> Hi All, >> >> I know there are many people from many countries. >> >> Do you know something about mandatory measurements of Internet access >&

Re: Measuring the quality of Internet access

2016-06-13 Thread Max Tulyev
-- > From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Max Tulyev > Sent: June 13, 2016 3:12 PM > To: NANOG list > Subject: Measuring the quality of Internet access > > Hi All, > > I know there are many people from many countries. > > Do you know somethin

Measuring the quality of Internet access

2016-06-13 Thread Max Tulyev
Hi All, I know there are many people from many countries. Do you know something about mandatory measurements of Internet access quality from country telecom regulators? If yes, could you please share that information with me? I found ETSI EG 202 057-4 standard (http://www.etsi.org/deliver/etsi_e

Re: Question on peering strategies

2016-05-24 Thread Max Tulyev
I'm right here at RIPE 72 now, so I saw it of course ;) The problem is not peering itself, but more general problem of filtering nets, and it was told in the presentation. On 24.05.16 13:19, Jared Mauch wrote: > >> On May 24, 2016, at 6:11 AM, Max Tulyev wrote: >> >>

Re: Question on peering strategies

2016-05-24 Thread Max Tulyev
If you dig into hijacking topic more, you will see that hijacks through Tier1 is same or even more popular than through IXes. And if someone want to make me a transit offer for the price of DE-CIX (I do not even ask the price of DTEL-IX peering ;) ) - please, contact me off-list, I will be really

Re: Question on peering strategies

2016-05-23 Thread Max Tulyev
Hi All, I wonder why a "VLAN exchange" does not exists. Or I do not know any? In my understanding it should be a switch, and people connected can easily order a private VLAN between each other (or to private group) through some kind of web interface. That should be a more easy and much less expe

Re: Major IX bandwidth sharing

2016-04-21 Thread Max Tulyev
onditions. > > On Thursday, 21 April 2016, Max Tulyev <mailto:max...@netassist.ua>> wrote: > > Hello, > > I'm sure in this case they will pay for 100G every month, not for > 10-20G ;) > > On 21.04.16 20:25, Pavel Odintsov wrote: > > H

Re: Major IX bandwidth sharing

2016-04-21 Thread Max Tulyev
Hello, I'm sure in this case they will pay for 100G every month, not for 10-20G ;) On 21.04.16 20:25, Pavel Odintsov wrote: > Hello! > > If you want cheaper price just ask any TIER-1 provider for link with commit > 10ge and burst up to 100GE. It will be definitely cheaper and simpler than > your

Re: Stop IPv6 Google traffic

2016-04-10 Thread Max Tulyev
That's the problem. Nobody want to say which customer (IP) violates which policy. On 10.04.16 18:31, a.l.m.bu...@lboro.ac.uk wrote: > give clients their own bigger blocks - or identify the clients violating > policy (what the policy > they are violating?) - you'll probably find the ones getting t

Re: Stop IPv6 Google traffic

2016-04-10 Thread Max Tulyev
t;>> Obviously if you block something, there will be a timeout in getting >>> to it. >>> >>> What is broken that you're trying to fix by blackholing them? >>> >>> >>> >>> >>> - >>> Mike Hammett >>

Re: Stop IPv6 Google traffic

2016-04-10 Thread Max Tulyev
Thank you! I think it is what I need now ;) On 10.04.16 17:50, Niels Bakker wrote: > You can add a reject route at your borders rather than nullroute. That > will cause ICMP Unreachables to be sent by your routers back to your > customers so their applications will know immediately to retry using

Re: Stop IPv6 Google traffic

2016-04-10 Thread Max Tulyev
Every have /56 or /48, depending on type of service. All our /32 allocation is affacted. On 10.04.16 17:35, Chuck Anderson wrote: > Assign your customers larger v6 prefixes so one customer's bad > behavior doesn't affect the others? > > On Sun, Apr 10, 2016 at 05:27:53PM +

Re: Stop IPv6 Google traffic

2016-04-10 Thread Max Tulyev
to fix by blackholing them? > > > > > - > Mike Hammett > Intelligent Computing Solutions > http://www.ics-il.com > > > > Midwest Internet Exchange > http://www.midwest-ix.com > > > - Original Message - > > From: "Max Tul

Re: Stop IPv6 Google traffic

2016-04-10 Thread Max Tulyev
Customers see timeouts if I blackhole Google network. I looking for alternatives (other than stop providing IPv6 to customers at all). On 10.04.16 16:50, valdis.kletni...@vt.edu wrote: > On Sun, 10 Apr 2016 16:29:39 +0300, Max Tulyev said: > >> I need to stop IPv6 web traffic go

Stop IPv6 Google traffic

2016-04-10 Thread Max Tulyev
Hi All, I need to stop IPv6 web traffic going from our customers to Google without touching all other IPv6 and without blackhole IPv6 Google network (this case my customers are complaining on long timeouts). What can you advice for that?

Re: Cogent & Google IPv6

2016-02-24 Thread Max Tulyev
If you connected to Internet ONLY through Cogent - there is no other way. If you have another upstreams - Google should be reachable. On 24.02.16 21:46, Matt Hoppes wrote: > Correct me if I'm wrong, but if Cogent isn't peering with Google IPv6, > shouldn't the traffic flow out to one of their peer

Re: Softlayer / Blocking Cuba IP's ?

2016-02-21 Thread Max Tulyev
Why Crimea still not in the list? On 20.02.16 02:57, frnk...@iname.com wrote: > Official statement here: > https://knowledgelayer.softlayer.com/faq/softlayer-network-wide-ip-blocking > > Frank > > -Original Message- > From: NANOG [mailto:nanog-bounces+frnkblk=iname@nanog.org] On Beh

Re: Cogent <=> Google Peering issue

2016-02-17 Thread Max Tulyev
If my telepathy still works fine and I understood your question well - then the answer is "NO, that is not a global well-known issue" ;) On 17.02.16 18:15, Fred Hollis wrote: > Anyone else aware of it? >

Re: algorithm used by (RIPE region) ISPs to generate automatic BGP prefix filters

2016-02-12 Thread Max Tulyev
Hi Martin, well, not only as-set and route. Assuming only legitimate owner of inetnum and aut-num have passwords for mntner from that objects can modify their RIPE DB objects and can create routes. So to create a route object, you have to have access for inetnum and aut-num objects (that can be

Re: Team Cymru BGP bogon status ???

2016-02-01 Thread Max Tulyev
Looks good for me too (Ukraine/Kiev). But no IPv6, only IPv4. Is it a bug or a feature? ;) On 31.01.16 19:23, Tom Storey wrote: > Working just fine from Virgin Media. > > On 31 January 2016 at 17:19, Daniel Corbe wrote: >>> On Jan 31, 2016, at 11:44 AM, Matthew Huff wrote: >>> >>> Starting aro

Re: RADb Outage?

2016-01-23 Thread Max Tulyev
People do prefix filtering based on *DB may think twice... On 23.01.16 07:42, Larry J. Blunk wrote: > >Service for the RADb whois protocol has now been restored. We were > experiencing > extensive DDOS activity directed at the whois service host(s). > > Regards, >Larry Blunk >Meri

Re: Binge On! - get your umbrellas out, stuff's hitting the fan.

2016-01-10 Thread Max Tulyev
(chewing my pop-corn) Eh... I would like to have that kind of problems! Here we sell a residental 1Gbps for $5/mo with really unlimited traffic, and have a lot of complaint calls if there is slightly less than 1Gbps for that particular users. THAT is how the high competitive market works! ;) On

Re: de-peering for security sake

2015-12-25 Thread Max Tulyev
Come on, keep calm and wait a year: Russia and China will de-peer with all the world for their security (AKA censorship) reasons! ;) On 25.12.15 01:44, Colin Johnston wrote: > see > http://map.norsecorp.com > > We really need to ask if China and Russia for that matter will not take abuse > repor

Re: IPv6 Cogent vs Hurricane Electric

2015-12-06 Thread Max Tulyev
On 04.12.15 01:19, Baldur Norddahl wrote: > On 1 December 2015 at 20:23, Max Tulyev wrote: >> I have to change at least one of my uplinks because of it, which one is >> better to drop, HE or Cogent? >> > > Question: Why would you have to drop one of them? You have no

Re: IPv6 Cogent vs Hurricane Electric

2015-12-01 Thread Max Tulyev
Just hit it for first time... Is there any other similar splits in IPv6 world? On 01.12.15 21:33, Christopher Morrow wrote: > hasn't this been the case for ~10 yrs now? > > On Tue, Dec 1, 2015 at 2:23 PM, Max Tulyev wrote: >> Hi All, >> >> we got an issue today

IPv6 Cogent vs Hurricane Electric

2015-12-01 Thread Max Tulyev
Hi All, we got an issue today that announces from Cogent don't reach Hurricane Electric. HE support said that's a feature, not a bug. So we have splitted Internet again? I have to change at least one of my uplinks because of it, which one is better to drop, HE or Cogent?

Re: IPv6 Irony.

2015-10-13 Thread Max Tulyev
Well, especially our copmany hire admins already familiar with IPv6. But yes, some of our friends company had to upgrade admins too. On 13.10.15 13:22, Stephen Satchell wrote: > On 10/13/2015 02:56 AM, Max Tulyev wrote: >> So upgrade hardware and network admins are NOT sufficient

Re: IPv6 Irony.

2015-10-13 Thread Max Tulyev
On our network, we had to spent times more money in people than in hardware. Customer support, especially network troubleshootings and so on... So upgrade hardware and network admins are NOT sufficient for IPv6 adoption ;) On 13.10.15 06:17, Ca By wrote: > On Monday, October 12, 2015, Donn Lashe

Re: AW: /27 the new /24

2015-10-03 Thread Max Tulyev
Which routers? DIR-300 with OpenWRT/Quagga? :) I think all above-the-trash level routers supports >1M routes, isn't it? On 02.10.15 17:45, Jürgen Jaritsch wrote: > Hi, > > this would at least help to get rid of many old routing engines around the > world :) ... or people would keep their "learn

Script for NAT timeout detection

2015-09-30 Thread Max Tulyev
Hello All, I have some devices connected under NAT that is not under my control. Is there some software/script to detect NAT session timeout to adjust keepalives? Thank you!

Re: Skype off line ??

2015-09-21 Thread Max Tulyev
.net wrote: > On 2015-09-21 12:58, Max Tulyev wrote: >> Google hangouts and jit.si are services, not a client of open protocol. >> >> Feel the difference. > > Well you can set a server wide default for Jabber/XMPP MUC chats at > least with ejabberd. > https://www.process

Re: Skype off line ??

2015-09-21 Thread Max Tulyev
oun...@nanog.org] On Behalf Of Max Tulyev > Sent: Monday, September 21, 2015 1:27 PM > To: nanog@nanog.org > Subject: Re: Skype off line ?? > > For me yes, it is down for several hours. > > BTW, is there any Jabber/XMPP client with similar usability? > > I need just scro

Re: Skype off line ??

2015-09-21 Thread Max Tulyev
For me yes, it is down for several hours. BTW, is there any Jabber/XMPP client with similar usability? I need just scroll up to view all history and one click to join someone to multiuser conference in fact. On 21.09.15 11:32, Marco Paesani wrote: > Hi, > do you have sone news about it ? > Best

Re: Transit Options in the UK?

2015-09-18 Thread Max Tulyev
It seems some time if you want a good uplink you have to rent a L2 channel to another country for that ;) So that can be an option too. On 17.09.15 23:49, Gary T. Giesen wrote: > I have a customer who's trying to decide whether to renew their existing > transit contract or not for a POP they have

Re: Can't reach RIPE WHOIS via IPv6 ?

2015-09-10 Thread Max Tulyev
Same for me from 2a01:d0::/32 telnet whois.ripe.net whois Trying 2001:67c:2e8:22::c100:687... Connected to whois.ripe.net. Escape character is '^]'. % This is the RIPE Database query service. % The objects are in RPSL format. % % The RIPE Database is subject to Terms and Conditions. % See http://w

Re: internet visualization

2015-09-08 Thread Max Tulyev
Really nice! How can I do zoom in/zoom out? On 06.09.15 03:15, Jared Mauch wrote: > > OT: hit delete, or shameless plug disclaimer > > one of my colleagues just posted this visualiation > of the internet from the as_path view of 2914. if you are on > a mobile, you have to physically move

Re: Peering + Transit Circuits

2015-08-19 Thread Max Tulyev
My solution is: 1. Don't care. 2. If some peer steal your transit, and it is noticeable amount of traffic causing some problems for you - investigate and terminate that peer. On 18.08.15 15:29, Tim Durack wrote: > Question: What is the preferred practice for separating peering and transit > circu

Re: BGP Update Report

2015-07-25 Thread Max Tulyev
Unassigned ASN is used and even is in top of the list? WTF?! On 25.07.15 01:00, cidr-rep...@potaroo.net wrote: > Rank ASNUpds % Upds/PfxAS-Name > 2 - AS22059 140461 3.6% 70230.5 -- -Reserved AS-,ZZ

Re: United Airlines is Down (!) due to network connectivity problems

2015-07-08 Thread Max Tulyev
I noticed there are days when different nets has no links with each other became faultly. It magically happens. We usually stop all our planned works this days. On 08.07.15 19:50, Matthew Huff wrote: > Once is happenstance > Twice is coincidence > Three times is enemy action… > > Serious, could a

Re: Youtube / IPv6 / Netherlands

2015-06-25 Thread Max Tulyev
Hi, +1. Our 2a01:d0::/32 is floating by Google's geo all around the world, it was Iran, now it is Russia... and I can't do anything with it, and have no human contact in Google for complaint. On 25.06.15 15:33, Marco Davids wrote: > Hi, > > Would anyone from Google care to explain to me off-lis

Re: Anycast provider for SMTP?

2015-06-15 Thread Max Tulyev
I see no major problems to use anycast for that. The problem will be in rare case when particular routing chain from client to one of your servers will be changed until TCP stream is active. SMTP have short connections. Even if it happens, it will look as just broken connection for client, and it

Re: BGP in the Washngton Post

2015-06-01 Thread Max Tulyev
Is there *IN THEIORY* any possibility to make BGP secure enough now? Yes, RPKI protects from fat fingered people, but NOT protects from people doing hijacks knowlingly. The global routing registry really can be the solution, but it automatically gives one authority a power to cut off any network.

Re: Low Cost 10G Router

2015-05-19 Thread Max Tulyev
1.4Mpps now. On 19.05.15 21:32, Oleg A. Arkhangelsky wrote: > > > 19.05.2015, 21:26, "Max Tulyev" : >> Last config I touched: 2xIntel(R) Xeon(R) CPU E5-2650 0 @ 2.00GHz, 12 >> Gbit summary, <5% each core load. > > And what PPS rate (in+out)? > >

Re: Spamhaus BGP feed experiences?

2015-05-19 Thread Max Tulyev
How much false positives (i.e. blackholing traffic users want to reach)? On 18.05.15 21:04, Marco d'Itri wrote: > On May 17, Mike Lyon wrote: > >> Any ISPs out there (big or small) ever used the Spamhaus BGP feed to >> prevent against botnet, spam, etc? If so, how has your experience been? Is >>

Re: Low Cost 10G Router

2015-05-19 Thread Max Tulyev
Last config I touched: 2xIntel(R) Xeon(R) CPU E5-2650 0 @ 2.00GHz, 12 Gbit summary, <5% each core load. On 19.05.15 21:06, Piotr Iwanejko wrote: > Wiadomość napisana przez Max Tulyev w dniu 19 maj 2015, > o godz. 19:58: >> We are using softrouters based on Supermicro chassis, E5v

Re: Low Cost 10G Router

2015-05-19 Thread Max Tulyev
We are using softrouters based on Supermicro chassis, E5v3 cpu, Linux/BIRD and Intel 10G NICs. And VERY happy. On 19.05.15 20:22, Colton Conor wrote: > What options are available for a small, low cost router that has at least > four 10G ports, and can handle full BGP routes? All that I know of are

Re: Peering and Network Cost

2015-04-21 Thread Max Tulyev
That's generally good idea, but average TCP session speed depends not only your side of connection, but another side as well. On 18.04.15 07:58, Mark Tinka wrote: > > > On 17/Apr/15 15:05, Max Tulyev wrote: >> One more interesting thing. >> >> If you buy IP t

  1   2   >