ve
> > the holy ratio. Even web pages could use
> > javascript footers to send back upstream an
> > equivalent amount of data to what was
> > downloaded.
> >
> > Once and for all, we could put an end to
> > the ceaseless bickering about ratios, as
> > e
I would imagine this should be announced with the larger block owner.
On Jan 25, 2014 2:19 PM, "Drew Linsalata" wrote:
> Yeah, its been a while since I had to get involved in this. We have a
> customer with their own IPv4 allocation that wants us to announce a /27 for
> them. Back in "the day",
SRX650 IDP caps at 1gb imix; BGP and OSPF in cluster won't be a
problem...but your running up against resource limits if you need to grow.
Juniper has a good write up on active active SRX deployments and offer 3gb
IDP imix on the 1400.
d to announce that all of the recorded presentations from
>>> Monday at NANOG 59 in Phoenix have now been posted to Youtube.
>>>
>>
>> This is really neat.
>>
>
> I agree, it's great! My only nit with it is that the aspect ratio seems to
> be wrong.
>
e:
> On 9/13/2013 2:14 AM, Marco Davids (Prive) wrote:
>
>> On 09/13/13 03:53, Larry Sheldon wrote:
>>
>>> On 9/12/2013 3:25 PM, Phil Fagan wrote:
>>>
>>>> Its a good point about the anycast; 99.999% should be expected.
>>>>
>>> A
Good reference; thank you.
On Thu, Sep 12, 2013 at 2:39 PM, Rubens Kuhl wrote:
>
>
>
> On Thu, Sep 12, 2013 at 5:03 PM, Phil Fagan wrote:
>
>> Everything else remaining equal...is there a standard or expectation for
>> DNS reliability?
>>
>> 98%
>&
Its a good point about the anycast; 99.999% should be expected.
On Thu, Sep 12, 2013 at 2:14 PM, Beavis wrote:
> I go with 99.999% given that you have a good number of DNS Servers
> (anycasted).
>
>
> On Thu, Sep 12, 2013 at 9:03 PM, Phil Fagan wrote:
>
>> Everything e
m encounters a defect that breaks your
> announcements then although a well built anycast footprint might acheive
> 99.999, a poorly implemented management system that is less available and
> creates an outage would reduce the number.
>
>
> On Thu, Sep 12, 2013 at 4:25 PM, Phil Fagan
Everything else remaining equal...is there a standard or expectation for
DNS reliability?
98%
99%
99.5%
99.9%
99.99%
99.999%
Measured in queries completed vs. queries lost.
Whats the consensus?
--
Phil Fagan
Denver, CO
970-480-7618
a temporary work-around
> until the adjustment could be made during a demand maintenance window to
> minimize disruption.
>
> Thanks,
> Tony
>
>
> On Wed, Aug 7, 2013 at 5:31 PM, Phil Fagan wrote:
>
>> BGP Noob question here; but wouldn't Time Warner not recie
A-M002 │ Phoenix, AZ 85040
> phone: 602.557.6746 │ fax: 602.557.6606 │ email: chad.r...@apollogrp.edu
>
>
>
> This message is private and confidential. If you have received it in
> error, please notify the sender and remove it from your system.
>
>
>
>
--
Phil Fagan
Denver, CO
970-480-7618
I took that as path agnostic.
On Fri, Jun 28, 2013 at 3:00 PM, Christopher Morrow wrote:
> On Fri, Jun 28, 2013 at 4:49 PM, Phil Fagan wrote:
> > "In the presence of layer-3 load-balancers, a multiplexed transport has
> the
> > potential to allow the different data flo
s/?comments=1
>
> >
> > Sounds like a UDP replacement. If this is true, then OS-level support
> will
> > be needed. If they are on this, then it's the perfect opportunity to fix
> > some other problems with the Internet in general.
>
> I'm no genius, but
Well put Leo; defense-in-depth.
On Jun 25, 2013 6:57 PM, "Leo Bicknell" wrote:
>
> On Jun 25, 2013, at 6:34 PM, s...@wwcandt.com wrote:
>
> > I believe that if you encrypted your links sufficiently that it was
> > impossible to siphon the wanted data from your upstream the response
> would
> > be
Since we're no longer trying to dodge the NSAwhy would one want to
encrypt transport? I think protected links are a great business model.
L3VPN encryption? Whats the best offering?
Transnational seems like a good place to start. It seems like a tough space
to break into ( no PUN intended).
On Tue, Jun 25, 2013 at 7:15 AM, Leo Bicknell wrote:
>
> On Jun 25, 2013, at 7:38 AM, Phil Fagan wrote:
>
> > Are these private links or customer links? Why encryp
Are these private links or customer links? Why encrypt at that layer? I'm
looking for the niche usecase.
On Jun 24, 2013 1:57 PM, "Scott Weeks" wrote:
>
>
> - william.allen.simpson wrote: -
> And at $189,950 MSRP, obviously every ISP is dashing out the door
> for a pair for each and every
Hah!
On Fri, Jun 21, 2013 at 1:10 PM, Warren Bailey <
wbai...@satelliteintelligencegroup.com> wrote:
> The United States Constitution*
>
> *See Terms and Conditions for details, not all citizens apply, void where
> prohibited, subject to change at any time.
>
> On 6/21/
I guess the moral here isdon't do anything "wrong."
:-D
On Fri, Jun 21, 2013 at 12:31 PM, William Herrin wrote:
> On Fri, Jun 21, 2013 at 11:19 AM, Owen DeLong wrote:
> > On Jun 21, 2013, at 5:10 PM, Phil Fagan wrote:
> >> I would think this is only an i
Good point; apparently the doctorine does protect against the case whereby
any collected data would have been found anway "with a court order."
On Fri, Jun 21, 2013 at 9:19 AM, Owen DeLong wrote:
>
> On Jun 21, 2013, at 5:10 PM, Phil Fagan wrote:
>
> I would think th
gt;
> All protections afforded by the fourth amendment have essentially been
> thrown into the (rather large) bit bucket by the FISA court, when it comes
> to any bits which leave your premise.
>
> --
> Dan White
>
>
--
Phil Fagan
Denver, CO
970-480-7618
one of this is surprising.
>
> and dnssec did not save us. is there anything which could have?
>
> randy
>
>
>
--
Phil Fagan
Denver, CO
970-480-7618
t;
> ;; QUESTION SECTION:
> ;parsonstech.com.INNS
>
> ;; ANSWER SECTION:
> parsonstech.com.172800INNSns2617.ztomy.com.
> parsonstech.com.172800INNSns1617.ztomy.com.
>
> ;; Query time: 286 msec
> ;; SERVER: 127.0.0.1#53(127.
e tried
> coordinating a few
>
> brandon
>
--
Phil Fagan
Denver, CO
970-480-7618
, Paul Ferguson wrote:
>
>> I'm sure that folks in the ICANN SSAC will be talking about this
>> subject well in to the future once a postmortem is completed. Also,
>> perhaps even the DNS-OARC community.
>>
>> Coordination? This is the Internet! :-)
>>
>
This is the Internet! :-)
>
> - ferg
>
> On Thu, Jun 20, 2013 at 8:49 AM, Phil Fagan wrote:
>
> > Is there an organization that coordinates outages like this amongst the
> > industry?
> >
> >
> > On Thu, Jun 20, 2013 at 9:36 AM, Frank Bulk wrote:
> &g
t;> wrote:
> >>> On Jun 20, 2013, at 01:30 , Grant Ridder
> >>> wrote:
> >>> > Yelp is evidently also affected
> >>> Not from here.
> >> Patrick:
> >> $ dig NS yelp.com @8.8.8.8 +short
> >> ns1620.ztomy.com.
> >> ns2620.ztomy.com.
>
> --
> -JH
>
>
>
>
>
--
Phil Fagan
Denver, CO
970-480-7618
one who can code a working config from scratch based on the
> old config, not someone who's going to sit there scratching his head,
> running useless packet captures, and being silent when we ask
> questions. *sigh*
>
> /rant off
>
> On Tue, Jun 18, 2013 at 6:11 PM, Phil Faga
y. It also causes nausea…
>
> ** **
>
> Thanks,
>
> ** **
>
> Blake
>
> ** **
>
> *From:* Phil Fagan [mailto:philfa...@gmail.com]
> *Sent:* Tuesday, June 18, 2013 6:08 PM
> *To:* Blake Pfankuch - Mailing List
> *Cc:* NANOG (nanog@nanog.or
what is bad? Is the config sane?
>
> I would be happy to compile any information I find, as well as our
> sanitized internal conclusions. On and off list responses welcome.
>
> If there is another vendor anyone would suggest, please add them to the
> list with similarly asked questions.
>
> Thanks!
>
> Blake
>
--
Phil Fagan
Denver, CO
970-480-7618
that's just another barrier to entry. A little Google-fu could
> probably source a paper dealing with its implementation, at least.
>
> I doubt it would be easy, but if the motivation exists, the required
> test bed is easily assembled, and the information is available. Not
> li
w.presidio.com/>
> > 3250 W. Commercial Blvd Suite 360, Oakland Park, FL 33309
> > D: 954.703.1490 | C: 954.298.1697 | F: 407.284.6681 |
> frei...@presidio.com
> > CCIE 23812, CISSP 107125, HP MASE, TPCSE 2265
> >
> >
> >
> >
> > On 6/18/13 9:20 AM,
oast-to-coast is going to cost you a few appendages. You may land
> > a lambda for a reasonable price depending on the endpoints, you'll need
> > an established carrier with DWDM gear on both ends.
> >
> > Jeff
> >
> >
>
>
>
--
Phil Fagan
Denver, CO
970-480-7618
; > From: trapperjohn...@gmail.com
> > To: nanog@nanog.org
> >
> > Why is it so difficult? Hiding communications is an intriguing subject -
> My
> > ears perked up a bit at the Multics remark - Morse is something that
> > probably never would have even crossed my mind.
>
>
--
Phil Fagan
Denver, CO
970-480-7618
have no particular reason to
> look
> and, some might argue, lots of reasons not to want to know.
>
> Cheers,
> -- jra
> --
> Jay R. Ashworth Baylink
> j...@baylink.com
> Designer The Things I Think RFC
> 2100
> Ashworth & Associates http://baylink.pitas.com 2000 Land
> Rover DII
> St Petersburg FL USA #natog +1 727 647
> 1274
>
>
--
Phil Fagan
Denver, CO
970-480-7618
--
> > Roland Dobbins // <http://www.arbornetworks.com>
> >
> > Luck is the residue of opportunity and design.
> >
> >-- John Milton
> >
> >
> >
>
--
Phil Fagan
Denver, CO
970-480-7618
or
> so
> > of
> > > being added.
> >
> > What's the actual application for this mechanism?
> >
> > ---
> > Roland Dobbins // <http://www.arbornetworks.com>
> >
&
vectors
> > which get surreptitiously added to the other DPI terms unbeknownst to the
> > owner and sent back to the attacker. That's enormously powerful. All it
> > takes
> > is sufficient money and motivation. Is this speculative? Of course -- I'm
> > not
> > a spook. Is it possible? You bet.
> >
> > Mike
> >
>
--
Phil Fagan
Denver, CO
970-480-7618
k
out PF_RING.
On Thu, Jun 13, 2013 at 4:49 PM, Jonathan Lassoff wrote:
> On Thu, Jun 13, 2013 at 3:38 PM, Phil Fagan wrote:
> > I would assume something FreeBSD based might be best
>
> Meh... personal choice. I prefer Linux, mostly because I know it best
> and most netw
I would assume something FreeBSD based might be best
On Thu, Jun 13, 2013 at 4:37 PM, Phil Fagan wrote:
> I really like the idea of a stripe of linux boxes doing the heavy lifting.
> Any suggestions on platforms, card types, and chip types that might be
> better purposed at proces
(fails in bypass mode).
> Are
> > there any
> > COTS devices I should be looking at? Or is the market for this all under
> > the table to
> > pro-censorship governments?
> >
> > Thanks,
> >
> > -Eric
>
>
--
Phil Fagan
Denver, CO
970-480-7618
lly added flows (hundreds per
> > second),
> > and would be deployable in a production network (fails in bypass mode).
> Are
> > there any
> > COTS devices I should be looking at? Or is the market for this all under
> > the table to
> > pro-censorship governments?
> >
> > Thanks,
> >
> > -Eric
>
>
--
Phil Fagan
Denver, CO
970-480-7618
s through that
> mechanism not in syslog, not in the currently logged in user table, perhaps
> the process(es) hidden from view.
>
> Do we really trust Cisco and Juniper more than Hueawei? :)
>
> --
>Leo Bicknell - bickn...@ufp.org - CCIE 3440
> PGP keys at ht
;>
> >> Scary
> >
> > Why?
> >
> > Do you think Huawei has a magic ability to transmit data without you
> noticing?
> >
> > If you don't want to use Hauwei because they stole code or did other
> nasty things, I'm right there with you. If you believe a router can somehow
> magically duplicate info and transport it back to China (ignoring CT/CU's
> inability to have congestion free links), I think you are confused.
> >
> > --
> > TTFN,
> > patrick
> >
> >
> >
>
>
>
--
Phil Fagan
Denver, CO
970-480-7618
Yeah, I can't imagine there is any real magic there...mystical protocol not
seen over transport.
On Thu, Jun 13, 2013 at 10:26 AM, david raistrick wrote:
> On Thu, 13 Jun 2013, Phil Fagan wrote:
>
> I've always wondered about thatwould you know that the Huawei
well, so much for that
>
> randy
>
>
--
Phil Fagan
Denver, CO
970-480-7618
And a basic front-end and your in business!!
On Jun 12, 2013 6:15 PM, "Scott Weeks" wrote:
>
>
> --- eyeronic.des...@gmail.com wrote:
> From: Mike Hale
>
> >> Splunk
>
> It would make sense. It's a friggin' sick syslog analyzer. Expensive
> as hell, but awesome.
> -
sa-tool-that-watches-the-512107983
> >>
> >>
> >>
> >> Sent from my Mobile Device.
> >>
>
>
>
> --
>
>
> BaconZombie
>
> LOAD "*",8,1
>
>
--
Phil Fagan
Denver, CO
970-480-7618
Thank you
On Tue, Jun 11, 2013 at 5:42 PM, Dobbins, Roland wrote:
>
> On Jun 12, 2013, at 6:36 AM, Phil Fagan wrote:
>
> > Any ASA sme's out there?
>
> Suggest you check on the cisco-nsp list.
>
>
Any ASA sme's out there?
--
Phil Fagan
Denver, CO
970-480-7618
Nick are you trying to run these codecs on linux?
On Sun, Jun 9, 2013 at 11:29 AM, Michael Loftis wrote:
> Most modern gear can go all the way to individual DS0's in a single
> card without a MUX of any kind. OC3/STM-1 is only like 155mbit.
>
> On Sun, Jun 9, 2013 at 10:
> What we are looking to do is replace our traditional ISDN DS3 equipped
> for voice using an STM-1/OC3 backbone and our own put together linux
> box. Again, this will be used for voice signaling...
>
> Kind Regards,
>
> Nick.
>
>
--
Phil Fagan
Denver, CO
970-480-7618
day morning, a Newcomers Lunch, and then General Sessions
> beginning in the early afternoon. The program will conclude with the
> Peering Track and then a social on Wednesday night.
>
> Looking forward to seeing everyone in The Big Easy!
>
> Regards,
> -Dave Temkin
> Chair, NANOG Program Committee
>
--
Phil Fagan
Denver, CO
970-480-7618
awesome, thanks!
On Mon, Jun 3, 2013 at 9:22 AM, Joe Abley wrote:
>
> On 2013-06-03, at 11:14, Phil Fagan wrote:
>
> > Stupid questionthere's not a live stream for 58 is there?
>
> There's a grey icon in the agenda for sessions that are being streamed,
>
Stupid questionthere's not a live stream for 58 is there?
On Mon, Jun 3, 2013 at 8:30 AM, Jeff Hartley wrote:
> Re-posting for those having difficulties:
>
> tinyurl.com/nanog58-slides
>
--
Phil Fagan
Denver, CO
970-480-7618
What hung the box? Core dump? Filled up var?
On May 23, 2013 11:57 AM, "Grant Ridder" wrote:
> Hi Everyone,
>
> Has anyone ever seen Mailman revert to an old user list? This morning we
> had out lists VM pounded on from India and hung the box. After blocking
> the ip on our firewall and rebooti
in, are you certain the folks at DHS were aware
> their
> > machine(s) were engaged in a DoS attack?
> >
> > You can find zombies in the oddest places...
> >
> > Regards,
> > -drc
> >
> >
> >
>
--
Phil Fagan
Denver, CO
970-480-7618
rts etc without it.
> >
> > I believe PCI compliance requires it, other things like it probably do
> too.
>
> There'd be very few PCI compliant sites if PCI required stateful
> firewalling
> in core routers.
>
> - Matt
>
>
>
--
Phil Fagan
Denver, CO
970-480-7618
Not noise!
On May 19, 2013 10:20 AM, "Nick Khamis" wrote:
> On 5/19/13, Zachary Giles wrote:
> > I had two Dell R3xx 1U servers with Quad Gige Cards in them and a few
> small
> > BGP connections for a few year. They were running CentOS 5 + Quagga with
> a
> > bunch of stuff turned off. Worked ex
Well put.
On May 17, 2013 1:54 PM, "John Starta" wrote:
> On May 17, 2013, at 8:24 AM, valdis.kletni...@vt.edu wrote:
>
> > On Thu, 16 May 2013 15:16:22 -0700, "Scott Weeks" said:
> >
> >> You haven't been here long have you...
> >>
> >> He DOES NOT need a 260 word signature (see below!) to make
attenuation in a
> vacuum.. ;)
>
> Look up vortex beams. These guys should hook up with the vortex guys.
> They were getting like 40bits to hertz using oam.
>
>
> Sent from my Mobile Device.
>
>
> ---- Original message
> From: Phil Fagan
> Date
of
> >the world" torrent, but it's not like you sneeze and the link goes down.
> >(And if you have more than 50 mm/h sustained, you've got a much, much
> >bigger problem :-)
> >
> >Grüße, Carsten
> >
>
>
>
--
Phil Fagan
Denver, CO
970-480-7618
Congrats! How does 240Ghz react to atmospheric conditions other than "clear
skys?"
On May 17, 2013 4:17 AM, "Eugen Leitl" wrote:
>
> Fraunhofer:
>
> http://www.iaf.fraunhofer.de/de/news-medien/pressemitteilungen/presse-2013-05-16.html
>
> Google Translate:
>
> New world record in data transmissio
I'd stay clear of the 34s
On Jan 18, 2013 11:56 PM, "Julien Goodwin" wrote:
> Another (somewhat cheaper) Juniper option if you meet its limits is the
> EX[34]200's which now do GRE in hardware:
>
>
> http://www.juniper.net/techpubs/en_US/junos12.1/topics/concept/gre-tunnel-services.html
>
> On 19
64 matches
Mail list logo
