http://tools.ietf.org/html/draft-andrews-dnsop-pd-reverse-00
It would be great to have this conversation in the IETF Homenet WG, as
well as DNSops.
This would solve the gaps I identified. Not sure why I, as an ISP, would
spend money on this.
Lee
FYI.
Cheers,
Mark.
--- Begin Message ---
Hi everyone,
We have just released the call for presentations for APRICOT 2014.
Please consider presenting at APRICOT, or encourage a colleague or
friend to do so.
Also we'd really appreciate it if you would help inform members of your
local operations c
of possible interest.
/bill
- Forwarded message from Philip Smith -
X-Mailman-Approved-At: Tue, 05 Nov 2013 19:37:41 +1000
Subject: [APRICOT-INFO] APRICOT 2014 call for papers
Hi everyone,
We have just released the call for presentations for APRICOT 2014.
Please consider presenting a
In message , Lee Howard writes:
> http://tools.ietf.org/html/draft-andrews-dnsop-pd-reverse-00
>
>
> It would be great to have this conversation in the IETF Homenet WG, as
> well as DNSops.
I did send the announcement to homenet as well with reply-to sent
to dnsop. While I am in homenet I woul
Hi fellow operators,
We are slowly and carefully joining the fray of autonomous systems and
started announcing our own netblock, a first test that started last
week. So far, things are going well, but before going further along this
setup, I would be curious to hear experience from other operators
Is anybody else seeing or having major latency between Level 3 and AT&T
today? We are multi-homed with Level 3 being one of our ISP's and had to
divert traffic after seeing these issues.
http://www.internetpulse.net/
Eric
Yes, we are seeing the same issues, centering around Chicago. I have a
ticket open with Level3, but I'm assuming they're going to tell me it's
AT&T's issue.
On Tue, Nov 5, 2013 at 1:48 PM, Eric Williams wrote:
> Is anybody else seeing or having major latency between Level 3 and AT&T
> today?
All,
I've noticed a lot more nxdomain redirects on providers (cox, uverse, tmo,
etc.) networks lately. How is this being done?? Is it a magic box or some kind
of subscription service?
Are any of you doing it?
//warren
On 05/11/2013 19:31, Antoine Beaupré wrote:
> Our requirements:
>
> * free software, as much as possible
> * inexpensive
> * using existing operating system expertise (FreeBSD or Debian)
You need to make a decision on how to spend your money: on commodity router
hardware where you can easily g
valdis.kletni...@vt.edu wrote:
>>> How do you intend to *find* the agents
>>> who were hired at a government agency's under-the-table request that
>>> never had a written record that the company had access to?
>>
>> By memories of those who are at the table.
>
> So one of the two people at the ta
I know we have been dealing with a Level 3, OC192 Fiber cut in PHX today.
They just got it spliced back up. Not sure if it is related to your latency.
David
-Original Message-
From: Eric Williams [mailto:ewilli...@connectria.com]
Sent: Tuesday, November 05, 2013 11:49 AM
To: nanog@nan
Sander Steffann wrote:
>> Also remember that this thread is on secure rDNS by the ISP,
>> which means you can't expect the ISP operate rDNS very securely
>> even though the ISP operate rest of networking not very securely.
>
> You're linking things together that are completely orthogonal...
You
On Tue, Nov 5, 2013 at 2:38 PM, Warren Bailey <
wbai...@satelliteintelligencegroup.com> wrote:
> I've noticed a lot more nxdomain redirects on providers (cox, uverse, tmo,
I believe these ISPs have been servicing a mucked up recursive DNS like
this for quite a while.
Yes, this traffic hijackin
On Tue, Nov 5, 2013 at 6:00 PM, Masataka Ohta <
mo...@necom830.hpcl.titech.ac.jp> wrote:
> Sander Steffann wrote:
> >>...
>
> You're linking things together that are completely orthogonal...
>
> You misunderstand very basic points on why forward and reverse
> DNS checking is useful.
>
Just to not
On 11/5/13, 7:25 PM, "Jimmy Hess" wrote:
>On Tue, Nov 5, 2013 at 2:38 PM, Warren Bailey <
>wbai...@satelliteintelligencegroup.com> wrote:
>
>
>> I've noticed a lot more nxdomain redirects on providers (cox, uverse,
>>tmo,
>
>
>I believe these ISPs have been servicing a mucked up recursive DNS l
Just as a side note, I don't think MS supports NXDOMAIN redirections yet, which
is rather surprising.
Given I highly doubt anyone is using this external resolvers, which redirection
is usually for.
Sincerely,
Eric Tykwinski
TrueNet, Inc.
P: 610-429-8300
F: 610-429-3222
On Nov 5, 2013, at 7:57
In message <527986a2.6010...@necom830.hpcl.titech.ac.jp>, Masataka Ohta writes:
> Sander Steffann wrote:
>
> >> Also remember that this thread is on secure rDNS by the ISP,
> >> which means you can't expect the ISP operate rDNS very securely
> >> even though the ISP operate rest of networking not
On Tue, Nov 05, 2013 at 07:57:59PM -0500, Phil Bedard wrote:
>
> I think every major residential ISP in the US has been doing this for 5+
> years now.
Comcast doesn't, because it breaks DNSSEC.
A
--
Andrew Sullivan
Dyn, Inc.
asulli...@dyn.com
v: +1 603 663 0448
http://en.wikipedia.org/wiki/Response_policy_zone
RPZ functionality has been widely adopted in the past few years. Also
known as "DNS Firewall".
On Tue, Nov 5, 2013 at 10:30 PM, Andrew Sullivan wrote:
> On Tue, Nov 05, 2013 at 07:57:59PM -0500, Phil Bedard wrote:
> >
> > I think every major r
My favorite is "12.8tbps Capacityz" on the second slide.
On 11/2/2013 3:44 PM, Jim Popovitch wrote:
Yeah. I reported that to them over the Summer... hopefully their cable
laying crew is more attentive to detail. ;-) -Jim P.
--
Jon Sands
In message <20131106033003.gb6...@dyn.com>, Andrew Sullivan writes:
> On Tue, Nov 05, 2013 at 07:57:59PM -0500, Phil Bedard wrote:
> >
> > I think every major residential ISP in the US has been doing this for 5+
> > years now.
>
> Comcast doesn't, because it breaks DNSSEC.
Only if you are valid
For what it's worth, Level3 finally told us they had a peering issue with
AT&T. They ended up re-routing traffic for the time being until they
identify the issue.
Of course, for some reason a peering issue doesn't warrant a Network Event
on their portal...
On Tue, Nov 5, 2013 at 6:00 PM, David S
Unfortunately, many issues don't appear (deliberately?) as network events on
their portal.
--
Tassos
Jason Baugher wrote on 6/11/2013 06:46:
> For what it's worth, Level3 finally told us they had a peering issue with
> AT&T. They ended up re-routing traffic for the time being until they
> identi
Mark Andrews wrote:
>> You misunderstand very basic points on why forward and reverse
>> DNS checking is useful.
>>
>> If an attacker can snoop DHCP reply packet to a victim's CPE, the
>> attacker can snoop any packet to a victim's server, which is
>> already bad.
>
> The DHCP reply packet is spe
24 matches
Mail list logo
