Re: Public DNS64

* Baldur Norddahl > It goes to the USA and back again. They would need NAT64 servers in > every region and then let the DNS64 service decide which one is close > to you by encoding the region information in the returned IPv6 > address. Such as 2001:470:64:[region number]::/96. > > An anycast solu

Re: PeeringDB ?

More issues? :( Regards, Marty Strong -- CloudFlare - AS13335 Network Engineer ma...@cloudflare.com +44 7584 906 055 smartflare (Skype) http://www.peeringdb.com/view.php?asn=13335 > On 24 May 2016, at 12:43, Job Snijders wrote: > > On Tue, May 24, 2016 at 12

Re: ISP License in the USA?

He might have meant one of these: Consultants Often Adlib License Specifications

Re: Public DNS64

In message <20160601103707.7de9d...@envy.e5.y.home>, Tore Anderson writes: > * Baldur Norddahl > > > It goes to the USA and back again. They would need NAT64 servers in > > every region and then let the DNS64 service decide which one is close > > to you by encoding the region information in the r

Re: Public DNS64

* Mark Andrews > In message <20160601103707.7de9d...@envy.e5.y.home>, Tore Anderson writes: > > Or you could simply accept that active sessions are torn down > > whenever the routing topology changes enough to flip traffic to the > > anycast prefix to another NAT64 instance in a different region.

Re: Public DNS64

On Monday, May 30, 2016, Ca By wrote: > > > On Monday, May 30, 2016, Baldur Norddahl > wrote: > >> > >> > Like HE is doing? >> > >> > swmike@uplift:~$ dig +short ipv4.swm.pp.se @nat64.he.net >> > 2001:470:64:::d4f7:c88f >> > swmike@uplift:~$ ping6 2001:470:64:::d4f7:c88f >> > PING 2

Tracking traffic usage at router or switch port?

NANOG Community, Typically where would you expect a service provider to monitor bandwidth usage on your circuits? On the physical switch port interface or on the vlan interface at the router? In some of the field testing I've been doing there can be a difference in the bandwidth usage on the vlan

Verizon and Level3 DNS flush

Dear NANOGers, is there anyone from Verizon and Level3 who can help me with DNS caching issue? We're running a global service for a customer and we had to change to NS IPs via Glue Records. At the moment at least Verizone and Level3 are caching old NS records. Looking for DNS admins out there.

Re: Tracking traffic usage at router or switch port?

I would monitor it wherever you would do traffic shaping/policing. If that happens on the CPE monitor it there. If the CPE is just all Layer2 back to a router or whatever and the router is doing rate limiting monitor it there. For circuits that run at wirespeed with no limits (10/100/1000/10k/etc)

Re: Tracking traffic usage at router or switch port?

On Wed 2016-Jun-01 12:58:15 -0500, Jason Lee wrote: NANOG Community, Typically where would you expect a service provider to monitor bandwidth usage on your circuits? On the physical switch port interface or on the vlan interface at the router? In some of the field testing I've been doing there

Re: Tracking traffic usage at router or switch port?

The reason there can be a (small) difference between those two test points is encapsulation overhead. If the provider is counting traffic that is still in an MPLS envelope, it will count more bytes than it will after the traffic has been stripped down to just the Ethernet frame on the switch por

Re: Verizon and Level3 DNS flush

On 06/01/2016 10:59 AM, Jürgen Jaritsch wrote: Dear NANOGers, is there anyone from Verizon and Level3 who can help me with DNS caching issue? We're running a global service for a customer and we had to change to NS IPs via Glue Records. At the moment at least Verizone and Level3 are caching

Re: Tracking traffic usage at router or switch port?

On 1/Jun/16 19:58, Jason Lee wrote: > NANOG Community, > > Typically where would you expect a service provider to monitor bandwidth > usage on your circuits? On the physical switch port interface or on the > vlan interface at the router? In some of the field testing I've been doing > there can b

AW: Verizon and Level3 DNS flush

Hi Mike, thanks for your (not so useful :)) answer ... I'm aware of things like TTL etc ... but the situation is that customer is receiving ~130gbit of DNS reflection attack to their original DNS and that's the reason why we had to move over to a new NS set. I'm not allowed to tell you the cus

Re: rfc 1812 third party address on traceroute

With BCP38 in mind, could therre be situations where Router R is not allowed to source packets with address A out of intergace C? I think that the possibility does exist. E.g. If interface A and C are upstream interfaces, router R may use an IP address from ISP A on interface A and an address f

Re: rfc 1812 third party address on traceroute

On 05/31/2016 11:22 AM, William Herrin wrote: >> I'm not sure if you mean that, if sent through C it should have the >> source addres of A, or that it should actually be sent through A >> regardless of the routing table (which sounds better to me). > > That doesn't make sense. There may be multipl

Re: rfc 1812 third party address on traceroute

On Wed 2016-Jun-01 14:03:41 -0700, Octavio Alvarez wrote: On 05/31/2016 11:22 AM, William Herrin wrote: I'm not sure if you mean that, if sent through C it should have the source addres of A, or that it should actually be sent through A regardless of the routing table (which sounds better to

Re: rfc 1812 third party address on traceroute

On 05/31/2016 09:52 AM, Hugo Slabbert wrote: >> I'm not sure if you mean that, if sent through C it should have the >> source addres of A, or that it should actually be sent through A >> regardless of the routing table (which sounds better to me). > > How is the latter better? What guarantees are

Re: rfc 1812 third party address on traceroute

On Wed, Jun 1, 2016 at 5:03 PM, Octavio Alvarez wrote: > On 05/31/2016 11:22 AM, William Herrin wrote: >>> I'm not sure if you mean that, if sent through C it should have the >>> source addres of A, or that it should actually be sent through A >>> regardless of the routing table (which sounds bett

Re: rfc 1812 third party address on traceroute

On Wed, Jun 1, 2016 at 3:16 PM, Marc Storck wrote: >> .-. >> | | >> | B |- D >>S -| A R| >> | C |- (toward S) >> |

Re: rfc 1812 third party address on traceroute

I'm not saying anyone is wrong here. I merely want to point out eventual incompatabilities. So please don't get me wrong. Regards, Marc > On 1 juin 2016, at 23:46, William Herrin wrote: > > On Wed, Jun 1, 2016 at 3:16 PM, Marc Storck wrote: >>> .-. >>>

Google GeoIP issue

Hello folks. An address we use is not identified as being in the correct location by Google. Can someone from their NOC reach out off-list? Thanks. Sent from my iPhone

Re: Google GeoIP issue

We had the same issue, there's a form you can fill out on Google's site if you visit the homepage from one of the IPs in question. However, I don't remember the exact link. On Wed, Jun 1, 2016 at 6:17 PM, Peter Loron wrote: > Hello folks. An address we use is not identified as being in the corre

Re: Google GeoIP issue

I too am having a similar problem. Used the remediation link at https://support.google.com/websearch/contact/ip and it’s only partially corrected. Users who log in to Google are seeing the US google.com page after they select the preferred country and languate, but everyone else is still gett

Netflix VPN detection - actual engineer needed

Every device in my house is blocked from Netflix this evening due to their new "VPN blocker". My house is on my own IP space, and the outside of the NAT that the family devices are on is 198.202.199.254, announced by AS 11994. A simple ping from Netflix HQ in Los Gatos to my house should show t

Re: Netflix VPN detection - actual engineer needed

Maybe it's time to use some reverse-psychology and try connecting through a VPN provider? ;-)  Pete Ps, I hope you succeed in getting an answer from an actual engineer. But if I were a betting man... > On 2/06/2016, at 3:27 pm, Matthew Kaufman wrote: > > Every device in my house i

Turning Off IPv6 for Good (was Re: Netflix VPN detection - actual engineer needed)

Turns out it has nothing to do with my IPv4 connectivity. Neither of my ISPs has native IPv6 connectivity, so both require tunnels (one of them to HE.net, one to the ISPs own tunnel broker), and both appear to be detected as a non-permitted VPN. As an early IPv6 adopter, I've had IPv6 on all m

Re: Turning Off IPv6 for Good (was Re: Netflix VPN detection - actual engineer needed)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 There is an epic lesson here. I'm just not sure what it is. :-) - - ferg On 6/1/2016 8:41 PM, Matthew Kaufman wrote: > Turns out it has nothing to do with my IPv4 connectivity. Neither > of my ISPs has native IPv6 connectivity, so both require tu

Re: Netflix VPN detection - actual engineer needed

> On Jun 2, 2016, at 6:27 AM, Matthew Kaufman wrote: > > Every device in my house is blocked from Netflix this evening due to their > new "VPN blocker". My house is on my own IP space, and the outside of the NAT > that the family devices are on is 198.202.199.254, announced by AS 11994. A > s

Re: Netflix VPN detection - actual engineer needed

Have you tried cdnet...@netflix.com ? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Jun 1, 2016 11:56 PM, "Bill Woodcock" wrote: > > > On Jun 2, 2016, at 6:27 AM, Matthew Kaufman wrote: > > > > Every device in my house is blocked from Netflix

Re: Turning Off IPv6 for Good (was Re: Netflix VPN detection - actual engineer needed)

On 2 Jun 2016, at 10:47, Paul Ferguson wrote: There is an epic lesson here. I'm just not sure what it is. :-) That Netflix offering free streaming to everyone over IPv6 (after fixing their VPN detection) would be the most effective way to convince end-users to demand IPv6 service from their

Re: Verizon and Level3 DNS flush

On 01/06/2016 21:16, Mike wrote: > > > On 06/01/2016 10:59 AM, Jürgen Jaritsch wrote: >> Dear NANOGers, >> >> is there anyone from Verizon and Level3 who can help me with DNS >> caching issue? We're running a global service for a customer and we >> had to change to NS IPs via Glue Records. At the m

Re: rfc 1812 third party address on traceroute

>>.-. >>| | >>| B |- D >> S -| A R| >>| C |- (toward S) >>| | >>`-' >>