I will be out of the office starting 12/30/2009 and will not return until
01/04/2010.
If you need immediate assistance please call TechSupport at 651-665-5000.
> Totally out of the box, but here goes: why don't we run the entire
> Internet management plane "out of band"
This has been one of my favorite conversation-stoppers for years. The
PSTN fought tooth and nail against the need for OOB control, but
2600hz was a problem that they could not solve, so
On Tuesday 29 December 2009 22:22:05 Randy Bush wrote:
> > None of us knows precisely what we're going to absolutely require, or
> > merely want/prefer, tomorrow or the next day, much less a year or two
> > from now. Unless, of course, we choose to optimize (constrain)
> > functionality so tightly
On Wed, Dec 23, 2009 at 01:58:47AM -0500, Christopher Morrow wrote:
> The ARIN meetings (at least) are open, please come and help guide
> policies. I'm sure RIPE also wouldn't mind a discussion, if there
> could be some positive policy outcome.
Why should I or anyone else do that? It will cost us
> If ARIN and/or RIPE and/or ICANN and/or anyone else were truly
> interested in making a dent in the problem, then they would have
> already paid attention to our collective work product.
the rirs, the ietf, the icann, ... each think they are the top of the
mountain. we are supposed to come to t
>> If ARIN and/or RIPE and/or ICANN and/or anyone else were truly
>> interested in making a dent in the problem, then they would have
>> already paid attention to our collective work product.
>
> the rirs, the ietf, the icann, ... each think they are the top of the
> mountain. we are supposed to c
David Hiers wrote:
If the world wants an internet that is as predictable and reliable as
the PSTN, it'll bear the cost of protecting the control plane. A
fundamental choice in the protection scheme is physical architecture.
IB or OOB, it's always a good thing to be explicit in design
decisions,
On Tue, Dec 29, 2009 at 12:19:32PM -0500, Jared Mauch wrote:
[snip]
> Apparently I forgot the tag, but really, if you have sane
> CoPP policies, you are mostly protected. If the vendor does not
> provide this capability, please STOP BUYING THEIR CRAP.
Another fine example of broken fate-sharing
Not sure whether this is an appropriate place to post this, but I thought
I'd give it a shot, since you're all knowledgeable folks with regard to
networking things...
At home, I currently run two DSL lines. Right now, we just have two
separate LANs, one connected to each line, with my wife'
Do you control or have access to the provider side-the PPPoE server-and would
both PPPoE connections hit the same PPPoE server at the provider? If so, I
recommend setting up a PPP multilink with both DSL lines. The DSL provider
would have to support that capability. I also recommend something li
On Dec 30, 2009, at 10:49 AM, Paul Bennett wrote:
> Not sure whether this is an appropriate place to post this, but I thought I'd
> give it a shot, since you're all knowledgeable folks with regard to
> networking things...
>
> At home, I currently run two DSL lines. Right now, we just have two
Paul Bennett wrote:
At home, I currently run two DSL lines. Right now, we just have two
separate LANs, one connected to each line, with my wife's devices
attached to one, and my devices attached to the other. For a while now,
I've been thinking about setting up a load-balancing routing soluti
2x DSL not so backhoe-resistant.
I like mixing cable with dsl. Tasty disparate paths (modulo garden shears
applied to the single ingres point to your basement) if not technologies, orgs
and methodologies. Or radio + dsl, or pigeon + mule, take your pick.
Would be great if you could rate your conn
On Wed, Dec 30, 2009 at 10:46 AM, Ken Chase wrote:
> 2x DSL not so backhoe-resistant.
>
> I like mixing cable with dsl. Tasty disparate paths (modulo garden shears
> applied to the single ingres point to your basement) if not technologies,
> orgs
> and methodologies. Or radio + dsl, or pigeon + m
Hi all,
Happy new year...
I have a question regarding multi-homing, mostly from stub network's
operational point of view. My big question is: what kind of failures
do you usually see from your providers? Link down? Link up, but
withdraw some routes? Link up, no route change, but blackholing
parti
Simon Chen wrote:
> Hi all,
>
> Happy new year...
>
> I have a question regarding multi-homing, mostly from stub network's
> operational point of view. My big question is: what kind of failures
> do you usually see from your providers? Link down? Link up, but
> withdraw some routes? Link up, no r
Simon-
We do exactly what you are trying to accomplish. We have two routers and two
providers. Provider A is our primary and we receive partial routes from them
(no static route). Then Router B is connected to Provider B with no default
route (basically it looks like we are not advertising to
If you are using Cisco...
http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6554/ps6599/ps8787/product_data_sheet0900aecd806c4ee4.html
On Wed, Dec 30, 2009 at 12:38 PM, Dylan Ebner wrote:
> Simon-
> We do exactly what you are trying to accomplish. We have two routers and
> two pr
I got this email inquiring about data center space, from the most
honest scumbag, *EVER* today. Operational relevance? Well, if
everyone would turn these people down, we'd have a lot less problems
to deal with. Sadly, requests like these happen far too often, but
never have I had someone com
On Dec 30, 2009, at 1:04 PM, Jerry Pasker wrote:
> I got this email inquiring about data center space, from the most honest
> scumbag, *EVER* today. Operational relevance? Well, if everyone would turn
> these people down, we'd have a lot less problems to deal with. Sadly,
> requests like the
On Dec 30, 2009, at 1:04 PM, Jerry Pasker wrote:
> I got this email inquiring about data center space, from the most honest
> scumbag, *EVER* today. Operational relevance? Well, if everyone would turn
> these people down, we'd have a lot less problems to deal with. Sadly,
> requests like th
On Wed, Dec 30, 2009 at 12:02 PM, Simon Chen wrote:
> I have a question regarding multi-homing, mostly from stub network's
> operational point of view. My big question is: what kind of failures
> do you usually see from your providers? Link down? Link up, but
> withdraw some routes? Link up, no ro
I use a T1/26xx for primary and a sprint datacard in a little NAT router for
secondary. The two boxes sit on the same LAN but provide different gateway
IP addresses. The sprint router does the DHCP, so things that ask for DHCP
wind up using that as the primary. Some boxes use the 26xx as default
On Dec 30, 2009, at 10:49 AM, Paul Bennett wrote:
> Is it going to be a more-effective solution to drop a few bucks on the 2960
> and go through the hassle of learning how to set it up (and then setting it
> up), or would I be better off putting a secured Linux distro (e.g.
> gentoo-hardened,
On Wed, Dec 30, 2009 at 2:03 PM, Jared Mauch wrote:
>
> On Dec 30, 2009, at 10:49 AM, Paul Bennett wrote:
>
> > Is it going to be a more-effective solution to drop a few bucks on the
> 2960 and go through the hassle of learning how to set it up (and then
> setting it up), or would I be better off
> At home, I currently run two DSL lines. Right now, we just have two
> separate LANs, one connected to each line, with my wife's devices attached
> to one, and my devices attached to the other. For a while now, I've been
> thinking about setting up a load-balancing routing solution to give both
>
>On Wed, Dec 30, 2009 at 2:03 PM, Jared Mauch wrote:
>> Back at the Toronto NANOG I bumped into someone who had an interesting
>> solution to the multihoming problem.
>>
>> What they had was a machine that would key/sequence the packets and send
>> them out each connection (so if they
On Dec 30, 2009, at 2:08 PM, Dorn Hetzel wrote:
> I guess that method presume some cooperating box out there on the net
> somewhere to coordinate the far end?
>
Yes. This allowed the provider to use a variety of different technologies to
reach a site, eg: IP over CATV, DSL, Fiber, Wireless,
All,
I know this has been discussed to some degree before and I have
searched the archives. However is it seems in my previous posts to this
list about anything, the truly useful replies are the private replies
ones that don't make it to this list.
We are considering the InterNAP Fl
Call me offline.
Ric.
214-442-0555
-Original Message-
From: Michael J McCafferty [mailto:m...@m5computersecurity.com]
Sent: Wednesday, December 30, 2009 2:59 PM
To: nanog
Subject: InterNAP FCP (again?)
All,
I know this has been discussed to some degree before and I have
search
Interesting article about RBN, it's spin-offs and the global network
infrastructure used for cybercrime. Has a passing mention of Atrivo's place
in the global picture.
http://www.newsweek.com/id/228674
Reportedly started by someone operating under the name "Flyman," RBN is
known as the mother of
> Reportedly started by someone operating under the name "Flyman," RBN is
> known as the mother of cybercrime among online investigators. François
> Paget, senior expert for the McAfee company, says that RBN began as an
> Internet provider and offered "impenetrable" hosting for $600 a month.
> Thi
On Wed, Dec 30, 2009 at 11:13:24AM -0500, Steven Bellovin wrote:
>
> I know nothing of how to do this on a Catalyst; for PCs, my own guess
> is that you're looking far too high-end. If the issue is relaying to
> the outside, I suspect that a small, dedicated Soekris or the like
> will do all you
Would it be possible to string along and coordinate with the appropriate law
enforcement entity?
tv
- Original Message -
From: "Jerry Pasker"
To:
Sent: Wednesday, December 30, 2009 12:04 PM
Subject: just...wow.
I got this email inquiring about data center space, from the most hones
Brett Frankenberger wrote:
> On Wed, Dec 30, 2009 at 11:13:24AM -0500, Steven Bellovin wrote:
>> I know nothing of how to do this on a Catalyst; for PCs, my own guess
>> is that you're looking far too high-end. If the issue is relaying to
>> the outside, I suspect that a small, dedicated Soekris
Would it be possible to string along and coordinate with the
appropriate law enforcement entity?
tv
Probably, but the fourth basic law of human stupidity (google it, and
have a laugh) promisees that I would suffer for doing so. It's why
I've never ever attempted to deal with any of these ty
LOL! That was purty good and mostly true.
Well, I was thinking from the standpoint of 1) They are going somewhere,
maybe not you 2) breaking law(s) 3) someone has to intervene, eventually.
You could apply the above to any crime really. And they essentially told
you they are going to commit
On Dec 30, 2009, at 6:23 PM, Joel Jaeggli wrote:
>
>
> Brett Frankenberger wrote:
>> On Wed, Dec 30, 2009 at 11:13:24AM -0500, Steven Bellovin wrote:
>>> I know nothing of how to do this on a Catalyst; for PCs, my own guess
>>> is that you're looking far too high-end. If the issue is relaying
> I believe he's refering to the situation where the soekris is doing
> the bridging, since the soekris only has 4 ethernet ports and two pci
> slots max it's likely that if you need greater than quantity 3 plus
> wireless internal interfaces that you'll need a switch. given the
> performance limit
On Thu, Dec 31, 2009 at 4:00 AM, Keith Medcalf wrote:
>
>> Reportedly started by someone operating under the name "Flyman," RBN is
>> known as the mother of cybercrime among online investigators. François
>> Paget, senior expert for the McAfee company, says that RBN began as an
>> Internet provide
>>> Reportedly started by someone operating under the name
>>> "Flyman," RBN is known as the mother of cybercrime among
>>> online investigators. François Paget, senior expert for
>>> the McAfee company, says that RBN began as an Internet
>>> provider and offered "impenetrable" hosting for $600 a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Dec 30, 2009 at 8:05 PM, Keith Medcalf wrote:
>
> Without a warrant, there is an absolute right to privacy.
> It continues to exist right up until either (a) one party chooses
> to give up that privacy or (b) a third party arrives with a Cour
On Wed, 2009-12-30 at 20:12 -0800, Paul Ferguson wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On Wed, Dec 30, 2009 at 8:05 PM, Keith Medcalf wrote:
>
> >
> > Without a warrant, there is an absolute right to privacy.
> > It continues to exist right up until either (a) one party ch
Ferg nailed it. I'll shut up now as he's made my point and its new
year's eve ..
On Thu, Dec 31, 2009 at 9:42 AM, Paul Ferguson wrote:
>
> That's funny.
>
> You're assuming that the MLAT [1] process works -- it doesn't.
>
> - - ferg
>
> [1] http://en.wikipedia.org/wiki/Mutual_Legal_Assistance_Tr
Hey, I am not sure if this is the question asked in the first email.
If I found a RBN fishing site, and ask RBN to shutdown the site, appears to
me that this will not be done...so I need to block all the RBN cyber space,
or initiate a fight for a warrant?
I would prefer just block RBN sites...
On Wed, Dec 30, 2009 at 11:13 PM, William Pitcock
wrote:
> It "worked" against Indymedia UK: http://www.indymedia.org/fbi/
indymedia is in texas, no mlat required.
rbn was actually, for a good portion of their existence, in Russia (I
believe St Petersburg, but my memory is fuzzy).
-chris
Randy Bush writes:
>> If ARIN and/or RIPE and/or ICANN and/or anyone else were truly
>> interested in making a dent in the problem, then they would have already
>> paid attention to our collective work product.
>
> the rirs, the ietf, the icann, ... each think they are the top of the
> mountain.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Dec 30, 2009 at 8:25 PM, Christopher Morrow
wrote:
> On Wed, Dec 30, 2009 at 11:13 PM, William Pitcock
> wrote:
>
>> It "worked" against Indymedia UK: http://www.indymedia.org/fbi/
>
> indymedia is in texas, no mlat required.
>
Exactly.
>
On Wed, 2009-12-30 at 23:25 -0500, Christopher Morrow wrote:
> On Wed, Dec 30, 2009 at 11:13 PM, William Pitcock
> wrote:
>
> > It "worked" against Indymedia UK: http://www.indymedia.org/fbi/
>
> indymedia is in texas, no mlat required.
It was an MLAT initiated by the Dutch government because s
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Dec 30, 2009 at 8:36 PM, William Pitcock
wrote:
> On Wed, 2009-12-30 at 23:25 -0500, Christopher Morrow wrote:
>> On Wed, Dec 30, 2009 at 11:13 PM, William Pitcock
>> wrote:
>>
>> > It "worked" against Indymedia UK: http://www.indymedia.org/
One might say the same about the IETF, which Randy likes to lampoon.
Not sure how it comes up in this context, as (as Randy loves to remind
us) while many operators attend, it is not first-and-foremost an
operational community. As to ICANN, I think Rich may be talking about
the registries a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Dec 30, 2009 at 8:42 PM, Paul Ferguson
wrote:
>
> On Wed, Dec 30, 2009 at 8:36 PM, William Pitcock
> wrote:
>
>> On Wed, 2009-12-30 at 23:25 -0500, Christopher Morrow wrote:
>>> On Wed, Dec 30, 2009 at 11:13 PM, William Pitcock
>>> wrote:
>
He's also assuming that US on-shore law applies, which it doesn't when
any one party is a non-US person, at which point it passes to the real
of National Security.
-Original Message-
From: Paul Ferguson [mailto:fergdawgs...@gmail.com]
Sent: Wednesday, December 30, 2009 8:12 PM
To: Keith
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Dec 30, 2009 at 9:47 PM, Tomas L. Byrnes wrote:
>
> That's funny.
>
> You're assuming that the MLAT [1] process works -- it doesn't.
>
> He's also assuming that US on-shore law applies, which it doesn't when
> any one party is a non-US perso
54 matches
Mail list logo
