On Jul 10, 2011, at 11:57 PM, William Herrin wrote:
> On Sun, Jul 10, 2011 at 4:22 PM, Owen DeLong wrote:
>> On Jul 10, 2011, at 12:23 PM, William Herrin wrote:
>>> Consider, for example, RFC 3484. That's the one that determines how an
>>> IPv6 capable host selects which of a group of candidate
On Sun, 2011-07-10 at 10:14 -0400, Jeff Wheeler wrote:
> Cogent's policy of requiring a new contract, and from what I am still
> being told by some European customers, new money, from customers in
> exchange for provisioning IPv6 on existing circuits, means a simple
> technical project gets caught
On 11/07/2011 08:25, Tom Hill wrote:
> I'm not saying it's any good, but it certainly didn't cost extra.
Several people mentioned this to Jeff on IRC a short time ago, so it's not
clear why he chose to suggest that ipv6 users in Europe were being fleeced
by Cogent for a set-up fee. Perhaps it has
On Mon, Jul 11, 2011 at 3:25 AM, Tom Hill wrote:
> On Sun, 2011-07-10 at 10:14 -0400, Jeff Wheeler wrote:
>> Cogent's policy of requiring a new contract, and from what I am still
>> being told by some European customers, new money, from customers in
>> exchange for provisioning IPv6 on existing ci
On Mon, 11 Jul 2011, William Herrin wrote:
If the complaint is that the IETF doesn't adequately listen to the
operations folk, then I think it makes sense to consult the operations
folks early and often on potential fixes. If folks here think it would
help, -that- is when I'll it to the IETF.
On Mon, 2011-07-11 at 04:50 -0400, Jeff Wheeler wrote:
> > "Can we have IPv6 transit?"
> > "Yes, please turn up a session to.."
> >
> > That was asking Cogent for IPv6 dual-stack on our existing IPv4
> > transit.
>
> I continue to hear different. In my first-hand experience just about
> three wee
Sent from my iPad
On Jul 11, 2011, at 2:57, William Herrin wrote:
> On Sun, Jul 10, 2011 at 4:22 PM, Owen DeLong wrote:
>> On Jul 10, 2011, at 12:23 PM, William Herrin wrote:
>>> Consider, for example, RFC 3484. That's the one that determines how an
>>> IPv6 capable host selects which of a gr
On Mon, Jul 11, 2011 at 3:08 AM, Joel Jaeggli wrote:
> On Jul 10, 2011, at 11:57 PM, William Herrin wrote:
>> A more optimal answer would have been to make records more like
>> MX or SRV records -- with explicit priorities the clients are
>> encouraged to follow. I wasn't there but I'd be wil
On Jul 11, 2011, at 8:13 AM, William Herrin wrote:
>
>
> Today's RFC candidates are required to call out IANA considerations
> and security considerations in special sections. They do so because
> each of these areas has landmines that the majority of working groups
> are ill eq
Anyone have an AOL security contact because like I posted yesterday,
CNN was hit through a redirect vulnerability in their ad system and
now AOL is suffering the same thing by having some scammer serving up
"Casey Anthony leaked lawyer video" crap as Facebook spam where
unsuspecting lusers are clic
- Original Message -
> From: "Chris"
> Anyone have an AOL security contact because like I posted yesterday,
> CNN was hit through a redirect vulnerability in their ad system and
> now AOL is suffering the same thing by having some scammer serving up
> "Casey Anthony leaked lawyer video" c
I tried doma...@aol.net, which I got when I did a whois on the IP of
the affected domain, then hit noc@ and ab...@aol.com
I fired off an email to iWeb, who is hosting the scam site and is
notorious for lack of response, and GoDaddy.
My recommendation to anyone: start blocking .info like how Googl
Chris,
Did you not get my direct email to you? I included the email address there,
here it is again for yourself and others who need to report a security
vulnerability with an AOL property.
secvuln
at
aol
dot
net
Jay
--
Jay Moran
http://tp.org/jay
On Mon, Jul 11, 2011 at 12:42 PM, Chris wrote
On Mon, Jul 11, 2011 at 11:20 AM, Joel Jaeggli wrote:
> On Jul 11, 2011, at 8:13 AM, William Herrin wrote:
>> Today's RFC candidates are required to call out IANA considerations
>> and security considerations in special sections. They do so because
>> each of these areas has landmines
> \
> I have found my input on the LISP list completely ignored because, as
> you suggest, my concerns are real-world and don't have any impact on
> someone's pet project. LISP as it stands today can never work on the
> Internet, and regardless of the fine reputations of the people at
> Cisco and
On 7/10/11 6:29 PM, Randy Bush wrote:
The IETF is run by volunteers. They volunteer because they find
designing protocols to be fun. For the most part, operators are not
entertained by designing network protocols. So, for the most part they
don't partiticpate.
Randy Bush, "Editorial zone: Into
On Mon, Jul 11, 2011 at 11:20 AM, Joel Jaeggli wrote:
> On Jul 11, 2011, at 8:13 AM, William Herrin wrote:
>> Today's RFC candidates are required to call out IANA considerations
>> and security considerations in special sections. They do so because
>> each of these areas has landmines
Hello,
I am not a heads down network guy, but I have setup a few
firewalls, and have got them to do what I wanted, "eventually". But
mostly through reading and trial and error.
I am struggling with this one, but I think I know the answer, but
want to verify it with some
In a message written on Sun, Jul 10, 2011 at 06:16:09PM +0200, Jeroen Massar
wrote:
> Eh ANYBODY, including you, can sign up to the IETF mailing lists and
> participate there, just like a couple of folks from NANOG are already doing.
The way the IETF and the operator community interact is bad
On Mon, Jul 11, 2011 at 3:18 PM, William Herrin wrote:
> On the other hand, calling out ops issues in RFCs is a modest reform
> that at worst shouldn't hurt anything. That beats my next best idea:
I think if this were done, some guy like me would spend endless hours
arguing with others about what
On Mon, Jul 11, 2011 at 3:35 PM, Leo Bicknell wrote:
> The IETF does not want operators in many steps of the process. If
> you try to bring up operational concerns in early protocol development
> for example you'll often get a "we'll look at that later" response,
> which in many cases is right.
Hello,
We have Nat setup on our equipment, just a plain vanilla internet
connection.
Here is the pertinent section of the runing config.
!
interface Ethernet0/2
nameif Etherpoint
security-level 0
ip address outside-ip 255.255.255.252
ospf cost 10
!
Hello,
I believe I have setup the appropriate access-lists, even have
created it both ways in case I have the inside and outside reversed.
The packet trace always drops through and hits the implicit rule
which is deny everything. No matter how I have the access list setup
Looking for a NOC contact if there are any available.
Sincerely,
Eric Tykwinski
TrueNet, Inc.
P: 610-429-8300
F: 610-429-3222
>setup for outgoing connections for some time, but I have been trying to
>get a new inbound connection going for terminal services to a specific
>host on tcp port 3389.
It sounds like what you want to do is reverse PAT (aka "Policy NAT")
http://www.cisco.com/en/US/products/ps6120/pro
Thank You all,
Here are some of the suggestions so far, all good. And I will followup
on them and report back the final solution.
Some reading for tonite ( I already had it and skimmed thru, but I'll
need to digest it better).
I'm hoping that I'm not beating my head against the
On Jul 11, 2011, at 12:18 PM, William Herrin wrote:
> On Mon, Jul 11, 2011 at 11:20 AM, Joel Jaeggli wrote:
>> On Jul 11, 2011, at 8:13 AM, William Herrin wrote:
>>> Today's RFC candidates are required to call out IANA considerations
>>> and security considerations in special sections. T
On Jul 11, 2011, at 12:57 PM, Jeff Wheeler wrote:
> On Mon, Jul 11, 2011 at 3:35 PM, Leo Bicknell wrote:
>> The IETF does not want operators in many steps of the process. If
>> you try to bring up operational concerns in early protocol development
>> for example you'll often get a "we'll look a
On Mon, Jul 11, 2011 at 3:41 PM, Jeff Wheeler wrote:
> On Mon, Jul 11, 2011 at 3:18 PM, William Herrin wrote:
>> On the other hand, calling out ops issues in RFCs is a modest reform
>> that at worst shouldn't hurt anything. That beats my next best idea:
>
> I think if this were done, some guy lik
>
>> You disagree? What are your thoughts on fixing the problem?
>
> I'm not sure that we agree on the dimensions of the problem.
>
> on the question of ipv6 is broken:
>
> * You're going to have to cope with what you have and can squeeze out of
> vendors in the near term. implmentors don't ch
Once upon a time, there was only the IETF, then NOGs came and standards
became sloppy
On Mon, Jul 11, 2011 at 5:12 PM, Owen DeLong wrote:
> No... I like SLAAC and find it useful in a number of places. What's wrong
> with /64? Yes, we need better DOS protection in switches and routers
See my slides http://inconcepts.biz/~jsw/IPv6_NDP_Exhaustion.pdf for
why no vendor's implementatio
On Mon, Jul 11, 2011 at 3:35 PM, Leo Bicknell wrote:
> If the IETF really wanted to get useful operator impact, they would
> slightly modify their process. On the front end there would be a
> more clear way for operational types to add to the To-Do list "stuff
> we really need to make the Interne
On Mon, Jul 11, 2011 at 5:10 PM, Joel Jaeggli wrote:
>
> On Jul 11, 2011, at 12:18 PM, William Herrin wrote:
>
>> On Mon, Jul 11, 2011 at 11:20 AM, Joel Jaeggli wrote:
>>> On Jul 11, 2011, at 8:13 AM, William Herrin wrote:
Today's RFC candidates are required to call out IANA consideratio
On Mon, 11 Jul 2011, William Herrin wrote:
On Mon, Jul 11, 2011 at 5:10 PM, Joel Jaeggli wrote:
On Jul 11, 2011, at 12:18 PM, William Herrin wrote:
My focus in this thread is this: how do we help the next teams avoid
the discourtesy and the smackdown that the v6 teams are getting for
no
On Jul 11, 2011, at 3:37 PM, William Herrin wrote:
> On Mon, Jul 11, 2011 at 5:10 PM, Joel Jaeggli wrote:
>>
>> On Jul 11, 2011, at 12:18 PM, William Herrin wrote:
>>
>>> On Mon, Jul 11, 2011 at 11:20 AM, Joel Jaeggli wrote:
On Jul 11, 2011, at 8:13 AM, William Herrin wrote:
> To
On Mon, Jul 11, 2011 at 5:03 PM, Jeff Wheeler wrote:
> On Mon, Jul 11, 2011 at 5:12 PM, Owen DeLong wrote:
>> No... I like SLAAC and find it useful in a number of places. What's wrong
>> with /64? Yes, we need better DOS protection in switches and routers
> See my slides http://inconcepts.biz/~j
On Mon, 2011-07-11 at 18:48 -0500, Jimmy Hess wrote:
> It would be useful to at least have the risk properly described, in
> terms of what kind of DoS condition could arise on specific implementations.
RFC3756 IPv6 Neighbor Discovery (ND) Trust Models and Threats
Section 4.3.2
In this attack,
On Mon, Jul 11, 2011 at 7:48 PM, Jimmy Hess wrote:
> If every vendor's implementation is vulnerable to a NDP Exhaustion
> vulnerability,
> how come the behavior of specific routers has not been documented
> specifically?
Well, I am in the business of knowing the behavior of kit being
considered
On 07/10/2011 12:45, Owen DeLong wrote:
>
> On Jul 10, 2011, at 9:16 AM, Jeroen Massar wrote:
>
>> On 2011-07-10 17:56 , David Miller wrote:
>> [..]
>>> +1
>>>
>>> The lack of will on the part of the IETF to attract input from and involve
>>> operators in their processes (which I would posit is a
If anyone from Facebook is here, Please contact me.
Thanks
--
Walter Keen
Network Engineer
Rainier Connect
(P) 360-832-4024
(C) 253-302-0194
> Well, you work at Zynga, a company which makes facebook games. Before
> that you worked at Nokia, company which makes phones but doesn't run
> phone networks. Before that it was Check Point Software, a company
> which makes firewalls but doesn't run networks. And before that it was
> the Universi
On Mon, Jul 11, 2011 at 3:16 PM, wrote:
> connection.
>ip address outside-ip 255.255.255.252
Aside from the fact 255.255.255.252 is not a valid IP address.
Firewalls are security sensitive devices, I suggest reading docs and not
relying on untrusted sources for basic operating directions;
>> My focus in this thread is this: how do we help the next teams avoid
>> the discourtesy and the smackdown that the v6 teams are getting for
>> not adequately recognizing the ops' issues. These guys should have
>> been heroes but instead they screwed the pooch and everybody's paying
>> for it. Ho
> I said there is an ops directorate that reviews basically every draft
> in front of the iesg.
and this directorate is a group of actual operators?
randy
My apologies all, I meant to say myspace contact
Connected by DROID on Verizon Wireless
-Original message-
From: Walter Keen
To: NANOG list
Sent: Tue, Jul 12, 2011 00:29:19 GMT+00:00
Subject: Facebook contact?
If anyone from Facebook is here, Please contact me.
Thanks
-- Walter Keen
On Mon, Jul 11, 2011 at 6:23 PM, Walter Keen
wrote:
> My apologies all, I meant to say myspace contact
>
You're more likely to get a response if you give some indication
of what the issue is; for example, saying "I'm looking for a MySpace
contact because there is an attack coming from their serve
On Jul 10, 2011, at 12:16 PM, Jeroen Massar wrote:
> On 2011-07-10 17:56 , David Miller wrote:
> [..]
>> +1
>>
>> The lack of will on the part of the IETF to attract input from and involve
>> operators in their processes (which I would posit is a critical element in
>> the process).
>
> Eh
On Jul 11, 2011, at 2:54 PM, Franck Martin wrote:
> Once upon a time, there was only the IETF, then NOGs came and standards
> became sloppy
>
Uh, no... Really not.
Read some of the earliest standards documents and you'll find that they are
pretty sloppy, but, the community back then (prede
>
> Again, no one is interested in this problem yet because vendors really
> don't want their customers to demand more knobs. Cisco is the only
> vendor who has done anything at all. If you read about their knob,
> you immediately realize that it is a knob to control the failure mode
> of the bo
Hello:
I'll be testing the list cutover again at 10:00 PM PDT (GMT -7). Please
ignore the subsequent "NANOG TEST" email that comes through to the list.
Regards,
Mike
As per my previous message - please ignore.
Mike
NANOG CC Chair
Hello All:
Thankfully, the current test has been a success. We are going to stay in
the present setup through tomorrow morning at approximately 11:00 AM PDT
(GMT -7). Below is a brief description of the present state and the
changes that will be made tomorrow.
Present State
Mai
节约你的设备成本,提高你的设备质量――请选用中国五工变频器!
■五工变频器――中国唯一与世界竞争的产品!
――德国技术合作!
――国际认可的中国品牌!
――节约成本,提高质量,取代进口变频,一年为你节约几十万至几百万,甚至几千万资金!
――2010年取代进口变频快速上升!
(因是产品简介,内容简短,以免占用你的邮箱空间)
■五工变频器优势简介
详细产品请查看
――五工变频网站:http://wugon.letgo.com.cn(无病毒,请放心查看)
注意:咨询、合作、代理请按以下正确的联系方式:
联系方式:
单位:五工能源系统制造(惠州)有限公司 (变频器产品商务部)
地址:中国电子
54 matches
Mail list logo
