On Tue, Nov 1, 2011 at 8:00 PM, Jimmy Hess wrote:
> On Tue, Nov 1, 2011 at 1:22 PM, Kevin Loch wrote:
>> We have always accommodated temporary ACL's for active DDOS attacks. I
>> think that is fairly standard across the ISP/hosting industry.
Indeed. We'll do it; ditto every reputable hosting,
This is a perfect example of why it is crucial that inbound route filters be
scrupulously maintained in upstream BGP providers. Who knows who is out there.
-Original Message-
From: McCall, Gabriel [mailto:gabriel.mcc...@thyssenkrupp.com]
Sent: Tuesday, November 01, 2011 7:29 PM
To: Edward
LACNIC http://lacnic.net/en/index.html
On Thu, Oct 27, 2011 at 11:24:54PM -0400, Ryan Finnesey wrote:
> If I want to get a block of IP's issued for a network within Mexico who do I
> talk with? I have been told arin does not cover Mexico. It was my
> understand arin covers North America.
>
>
I work for a regional ISP and very recently there has been an influx of
calls reporting "slowness" when accessing certain websites (i.e
google.com/voice/b) via HTTP. After performing a tcpdump and analyzing the
session, I have been able to pinpoint the latency at the application
layer. After the
On 11/2/2011 2:57 PM, Matt Chung wrote:
Although we will be assigning a record for each address, my question is why
is the application (specifically HTTP) dependent on a reverse record ?
What is the purpose?
HTTP has no requirement that the connecting client have reverse DNS
setup. Some serv
6596 (20111102) __
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
From: Matt Chung [mailto:itsmemattch...@gmail.com]
>
> Historically, there was no compelling reason to create PTR
> records for our CPE however more and more applications seem
> to be dependent on it. Although we will be assigning a
> record for each address, my question is why
> is the appli
min to see real IPV6 traffic.
> if someone want to help me, please contact me
> thank you
>Meftah Tayeb
> IT Consulting
> http://www.tmvoip.com/
> phone: +21321656139
> Mobile: +213660347746
>
>
> __ Information from ESET NOD32 Antivirus, version of virus
k you
Meftah Tayeb
IT Consulting
http://www.tmvoip.com/
phone: +21321656139
Mobile: +213660347746
__ Information from ESET NOD32 Antivirus, version of virus
signature database 6596 (2002) __
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
___
On Wed, Nov 02, 2011 at 06:12:21PM -0400, David Hubbard wrote:
> From: Matt Chung [mailto:itsmemattch...@gmail.com]
> > Historically, there was no compelling reason to create PTR
> > records for our CPE however more and more applications seem
> > to be dependent on it. Although we will be assign
From: Matthew Palmer [mailto:mpal...@hezmatt.org]
>
> That's even less effective than you'd naively expect, given
> that Indonesia's
> TLD is .id...
>
Umm yeah, simple typo, but I appreciate the help.
> As a web host, we frequently find customers who have
> added Apache rules to their ecommerce sites to block
> undesirable traffic, such as credit card scammers, etc.
> Not knowing any better, they often do this by just
> blocking anything that ends in .in to block Indonesia
> for example.
On Nov 2, 2011, at 5:57 PM, Matt Chung wrote:
> I work for a regional ISP and very recently there has been an influx of
> calls reporting "slowness" when accessing certain websites (i.e
> google.com/voice/b) via HTTP. After performing a tcpdump and analyzing the
> session, I have been able to pin
Halo,
sorry, my english not so perfect, at no time I mean send to IX what Verizon
send me, I'm not THAT stupid hehe
I mean if destination/origin is via IX, then send THAT traffic only by IX
and not Verizon.
On Thu, Nov 3, 2011 at 1:54 AM, Holmes,David A wrote:
> This is a perfect example of why
On Wed, Nov 2, 2011 at 7:50 PM, Edward avanti wrote:
> sorry, my english not so perfect, at no time I mean send to IX what Verizon
> send me, I'm not THAT stupid hehe
> I mean if destination/origin is via IX, then send THAT traffic only by IX
> and not Verizon.
I understood what you mean. The re
On Wed, Nov 2, 2011 at 6:08 PM, Barry Shein wrote:
> Another practical problem with this approach is that .IN is India but
> hey, at least it blocks something :-)
There are also some services out there that block connections
entirely, if the user doesn't have a PTR record.
I'm thinking IRC server
On 11/2/2011 7:01 PM, Jeff Wheeler wrote:
What you are asking your boss/company to do is trust you to put tires
on their car without the right tools or knowledge. The result of that
is probably how your network will end up: "a wreck."
Reminds me of the look on my original boss' face when I sai
What happens if the ISP never defines a name server with their RIR for
their provider-independent address space? Does ARIN point to somewhere
which supplies NXDOMAIN? Just a thought -- I don't have a clue.
It is entirely possible they have it pointed to their non-existent or
broken DNS. Given c
PC wrote:
> What happens if the ISP never defines a name server with their RIR for
> their provider-independent address space? Does ARIN point to somewhere
> which supplies NXDOMAIN? Just a thought -- I don't have a clue.
>
> It is entirely possible they have it pointed to their non-existent or
Anyone out there know how to generate a IPv6 list Level3's filtergen? I tried
Google but didn't find anything.
() ascii ribbon campaign - against html e-mail
/\ www.asciiribbon.org - against proprietary attachments
We really have no objections to creating records for our IPs however there was
no compelling reason previously. With the manifestation of performance issues,
we are currently creating a generic record for our addresses.
I assumed that the applications would take absent records into consideratio
On Wed November 2 2011 20:27, Matt Chung wrote:
> I assumed that the applications would take absent records into
> consideration instead of waiting and timing out before responding with
> data. Trying to troubleshoot this issue from the limited visibility is
> difficult ; the latency the applicatio
On Wed, Nov 2, 2011 at 8:44 PM, Jack Bates wrote:
> Now I have the mile long monstrosity that uses BGP communities for
> everything, and of route-maps/policies with prefix-lists for downstream
> customers. You have to start somewhere.
>
> cymru secure bgp templates is probably a good beginning.
I
Hi Courtney -
Try something like:
whois -h filtergen.level3.net "AS3356 -cp -v6"
or
whois -h filtergen.level3.net "AS3356 -cp -v4v6"
Using AS7922 or something of that nature (currently I dont see any v6
routes registered under 7922.)
-Kevin
On Thu, 3 Nov 2011, Smith, Courtney wrot
On 11/2/2011 8:58 PM, Jeff Wheeler wrote:
On Wed, Nov 2, 2011 at 8:44 PM, Jack Bates wrote:
Now I have the mile long monstrosity that uses BGP communities for
everything, and of route-maps/policies with prefix-lists for downstream
customers. You have to start somewhere.
cymru secure bgp templa
Thanks!!!
~$ whois -h filtergen.level3.net "RADB::AS7922 -v6"
Prefix list for policy RADB::AS7922 =
RADB::AS7922
2001:558::/29
2001:558::/31
2601::/28
~$
Courtney Smith
Network Engineer
Comcast, National Engineering & Technical Operations
NOC:888.662.6386x2x2
http://as7922.peeringdb.com
()
On Wed, Nov 2, 2011 at 8:33 PM, Larry Smith wrote:
> On Wed November 2 2011 20:27, Matt Chung wrote:
>> I assumed that the applications would take absent records into
> When you mis-place your keys do you only look in one place and then give
> up? The calling server does not know there is "no" re
On Wed, Nov 2, 2011 at 10:04 PM, Jack Bates wrote:
> Have to read the current cymru bgp templates?
>
> ! manner. Why not consider peering with our globally distributed bogon
> ! route-server project? Alternately you can obtain a current and well
I'm not telling you something you don't already kno
On 11/2/2011 9:58 PM, Jeff Wheeler wrote:
> I guess ten years of watching RIRs and users de-bogon new /8s didn't
> teach you why those Cymru examples are more dangerous than they are good.
If you follow "all" the CYMRU examples and subscribe to the BGP bogon
feed, that isn't an issue...
Jeff
Participants,
This thread makes me want to LAUGH and VOMIT at the same time...
This guy is asking for advice and all this list can do is poke and make
fun at him for trying to learn the right way to do things...
We ALL need to remember...NONE of us come out of the womb being BGP
experts... and a
30 matches
Mail list logo
