Re: Reminiscing our first internet connections (WAS) Re: akamai yesterday - what in the world was that

I didn't think one could get a single 'B' channel over ISDN ... but I could be mistaken. In my early ISP days, ISDN was 2 x 64k (full-rate) 'B' channels and a 16k 'D' channel for signaling. On 1/26/20 5:58 AM, Joly MacFie wrote: IIRC that 64k was in fact 56k with 8k for overhead. I had one

Re: Reminiscing our first internet connections (WAS) Re: akamai yesterday - what in the world was that

On Mon, 27 Jan 2020 at 13:35, Bryan Holloway wrote: > I didn't think one could get a single 'B' channel over ISDN ... but I > could be mistaken. > > In my early ISP days, ISDN was 2 x 64k (full-rate) 'B' channels and a > 16k 'D' channel for signaling. There was much flexibility you could do with

Re: Reminiscing our first internet connections (WAS) Re: akamai yesterday - what in the world was that

The hardware support was 2B+D but you could definitely just use a single B. 56k vs 64k depended on where you where is the world and which style of ISDN the telco offered. -- Mark Andrews > On 27 Jan 2020, at 22:32, Bryan Holloway wrote: > > I didn't think one could get a single 'B' chan

Re: Reminiscing our first internet connections (WAS) Re: akamai yesterday - what in the world was that

Wasn't the 56/64k thing a result of CAS (bit robbed) signalling which was a fudge AT&T did to transport signalling information in-band on T1s by stealing the low order bit for OOB signalling (it wasnt actually every low order bit, but meant you had to throw away every low order bit as CPE didn't kn

Re: Dual Homed BGP

Interesting discussion. Besides the point about control which many people have made, I would like to point - it also depends on your geography and peering in that geography. Cannot generalise but typically in the US and Europe you will find reasonably good peering across larger operators and hence

Re: Reminiscing our first internet connections (WAS) Re: akamai yesterday - what in the world was that

On Mon, 27 Jan 2020 at 12:13, Rob Pickering wrote: > Wasn't the 56/64k thing a result of CAS (bit robbed) signalling which was > a fudge AT&T did to transport signalling information in-band on T1s by > stealing the low order bit for OOB signalling (it wasnt actually every low > order bit, but mea

Re: Reminiscing our first internet connections (WAS) Re: akamai yesterday - what in the world was that

On 1/27/20 1:42 PM, Aled Morris via NANOG wrote: On Mon, 27 Jan 2020 at 12:13, Rob Pickering > wrote: Wasn't the 56/64k thing a result of CAS (bit robbed) signalling which was a fudge AT&T did to transport signalling information in-band on T1s by stealin

Re: Reminiscing our first internet connections (WAS) Re: akamai yesterday - what in the world was that

Similar…. In ’93 I had a 2400bps modem and an $40/month ISP dialup account for 10 hours a month - my Mac IIci was zooming! I quickly upgraded to 9600, then 14400, then 56k. I rocked the 56k till about 2003 - mind you all my email was over telnet/ssh/pine and websites in 2003 still worked somew

Re: Reminiscing our first internet connections (WAS) Re: akamai yesterday - what in the world was that

... and disabling call-waiting ... ;) On 1/27/20 1:55 PM, John Von Essen wrote: In those early days I remember setting up a download to start before bed so it could run all night, then wake up the morning to see my freshly downloaded 300KB file — assuming the phone line remained stable. -J

Re: Reminiscing our first internet connections (WAS) Re: akamai yesterday - what in the world was that

On Mon, 27 Jan 2020 at 12:53, Bryan Holloway wrote: > > I seem to also recall that you couldn't use a 56k modem unless the > far-end was digital. > Exactly so - the connection to the telephone network needed to be as "clean" as possible for the modem to achieve the best rate, which was only poss

Re: Dual Homed BGP

Dear Job and NANOG, Just wondering, wouldn't any of you guys consider using full tables in this case, for the ability to detect and avoid prefix hijacks (using RPKI/ROV or other means)? Of course, I'm focused on security, and I know this is often not a high priority for a real network manager wh

Re: Reminiscing our first internet connections (WAS) Re: akamai yesterday - what in the world was that

On 1/26/20 6:08 PM, b...@theworld.com wrote: You had ones?! We couldn't afford them, we had to guess from the time delays between zeros. I'm fairly certain there's an RFC-1149 joke in here somewhere. -- Bruce H. McIntosh Network Engineer II Univer

Re: Reminiscing our first internet connections (WAS) Re: akamai yesterday - what in the world was that

On 1/27/20 7:59 AM, Bryan Holloway wrote: [External Email] ... and disabling call-waiting ... ;) We had a separate line (paid for by our work) without call-bothering on it for the modem. -- Bruce H. McIntosh Network Engineer II University of Flori

Re: Reminiscing our first internet connections (WAS) Re: akamai yesterday - what in the world was that

Does AOL count? If my first real internet connection was dial up 3600 baud through compuserv. When I finally upgraded to 56K I thought it was light speed. On Mon, Jan 27, 2020 at 9:01 AM Bruce H McIntosh wrote: > On 1/27/20 7:59 AM, Bryan Holloway wrote: > > [External Email] > > > > ... and disa

Re: FYI - Suspension of Cogent access to ARIN Whois

Peering cake? Carbohydrates always entice me to peer... :-) On Wed, 8 Jan 2020 10:16:12 -0600 "Aaron Gould" wrote: > I’m pretty sure cogent has had issues providing full internet connectivity > via ipv6 to google and perhaps he (hurricane electric), perhaps others as > well, for quite some tim

Re: akamai yesterday - what in the world was that

PS4 has the same slate of options. The Switch I believe only ever updates when on. Steam on my PC is also very configurable when it comes to when update downloads, along with throttling options. None of this matters though. Most of these games that cause such traffic bursts are very large, often

Prominent horse racing identities (was Re: Elad Cohen)

As much as Mr Cohen's minor libel of Spamhaus and ARIN exposes him as perhaps having something to hide on this subject, Mr Guilmette's message here, among the other screeds of his I have read, seems to leak anti-Semitism from its every fetid, infected pore. I have no doubt that Mr Cohen, in acting

Re: Reminiscing our first internet connections (WAS) Re: akamai yesterday - what in the world was that

> On Jan 24, 2020, at 5:26 PM, Ben Cannon wrote: > > I started what became 6x7 with a 64k ISDN line. And 9600 baud modems… Hayes Smartmodem here, 1200 baud. Local BBS offered PPP service. When I got my first sysadmin job, $work had a T1 and it felt like more speed than was fair…

Re: Prominent horse racing identities (was Re: Elad Cohen)

On Mon, Jan 27, 2020 at 7:11 AM Large Hadron Collider wrote: > As much as Mr Cohen's minor libel of Spamhaus and ARIN exposes him as perhaps > having something to hide on this subject, Mr Guilmette's message here, among > the other screeds of his I have read, seems to leak anti-Semitism from its >

Re: akamai yesterday - what in the world was that

first internet for me was a 300 baud modem from offsite to someplace buried in the pentagon that I think aggregated all of us into a single 56k upstream. at 300 baud, you could actually read faster than the screen scrolled. we started getting 1200 baud, then 2400 baud but the USAF wouldn't let you

Re: akamai yesterday - what in the world was that

On Mon, 27 Jan 2020 at 16:43, Paul Ebersman wrote: > > first personal connection was a dedicated dialin using a telebit > trailblazer at 9600 bps. that was a benefit of work. > Got to respect a modem with firmware that recognised hosts talking UUCP protocol and optimised for it! Aled

Re: akamai yesterday - what in the world was that

> first personal connection was a dedicated dialin using a telebit > trailblazer at 9600 bps. that was a benefit of work. The Telebits were awesome over impaired lines. Their funky modulation scheme let them get through where nothing else would (like using barbed wire fences instead of phone wi

Re: Prominent horse racing identities (was Re: Elad Cohen)

Perhaps nobody should be using NANOG to trade ad hominem attacks in any case. Just my $0.02. Owen > On Jan 27, 2020, at 08:02 , William Herrin wrote: > > On Mon, Jan 27, 2020 at 7:11 AM Large Hadron Collider > wrote: >> As much as Mr Cohen's minor libel of Spamhaus and ARIN exposes him as pe

Re: Prominent horse racing identities (was Re: Elad Cohen)

On Mon, 27 Jan 2020 07:10:02 +, Large Hadron Collider said: > As much as Mr Cohen's minor libel of Spamhaus and ARIN exposes him as perhaps > having something to hide on this subject, Mr Guilmette's message here, among > the other screeds of his I have read, seems to leak anti-Semitism from its

Re: Reminiscing our first internet connections (WAS) Re: akamai yesterday - what in the world was that

64k vs 56k was the result of changing T1 framing from SF to ESF. SF utilized AMI(Alt Mark Inversion) required for copper T1 lines between Central Offices.  SF(Super Frame) robbed bits for signalling and limited each voice channel to 56k.  Conversion to fiber between TELCO offices allowed the co

Re: Reminiscing our first internet connections (WAS) Re: akamai yesterday - what in the world was that

The fudge was required because of the use of copper based T1's. The early implementation required a min of 1's density for those old repeaters to work properly(AMI, Alt Mark Inversion). Conversion to fiber between telco offices allowed them to drop SF and AMI to ESF. Fiber equipment dropped the

Re: FYI - Suspension of Cogent access to ARIN Whois

I now longer have a dog in this fight, but “The” peering cake was my project (such as it was)... Cogent has, to the best of my knowledge, always had rather large voids in their IPv6 connectivity. To the best of my knowledge, HE and Google are the most significant of these voids, but I believe t

Re: Rogue objects in routing databases

On Sat, Jan 25, 2020 at 12:06:51AM +0100, Florian Brandstetter wrote a message of 53 lines which said: > Examples of affected networks are: > > 193.30.32.0/23 > 45.129.92.0/23 > 45.129.94.0/24 Note that 193.30.32.0/23 has also a ROA (announces by 42198). So, announces by AS8100 would be RPKI-

Re: Prominent horse racing identities (was Re: Elad Cohen)

Wasn’t Hadron a Roman emperor who can somehow be blamed for the killing of Jesus? (or was that Jebus?) or was that Hadrian?  I forget…) (jest sayin’…) On Jan 27, 2020, 9:41 AM -0800, Valdis Klētnieks , wrote: > On Mon, 27 Jan 2020 07:10:02 +, Large Hadron Collider said: > > As much as M

Re: Reminiscing our first internet connections (WAS) Re: akamai yesterday - what in the world was that

On 1/27/2020 8:29 AM, Daniel Seagraves wrote: On Jan 24, 2020, at 5:26 PM, Ben Cannon wrote: I started what became 6x7 with a 64k ISDN line. And 9600 baud modems… Hayes Smartmodem here, 1200 baud. Local BBS offered PPP service. When I got my first sysadmin job, $work had a T1 and it felt li

Re: FYI - Suspension of Cogent access to ARIN Whois

I find it interesting that they say their clients didn't see it as an issue. Whenever they called and asked if I want transit my answer always was when they had v6 peering to He and Gooogle we could talk. On Mon, Jan 27, 2020 at 12:56 PM Owen DeLong wrote: > I now longer have a dog in this figh

Re: Reminiscing our first internet connections (WAS) Re: akamai yesterday - what in the world was that

Don't forget B8ZS which did way with the need for SFon copper data T1s On 1/27/2020 10:43 AM, Lyle Giese wrote: 64k vs 56k was the result of changing T1 framing from SF to ESF.  SF utilized AMI(Alt Mark Inversion) required for copper T1 lines between Central Offices.  SF(Super Frame) robbe

Re: FYI - Suspension of Cogent access to ARIN Whois

This shall be my answer from now on. > On Jan 27, 2020, at 1:22 PM, Dovid Bender wrote: > > I find it interesting that they say their clients didn't see it as an issue. > Whenever they called and asked if I want transit my answer always was when > they had v6 peering to He and Gooogle we could

RE: Re: Reminiscing our first internet connections (WAS) Re: akamai yesterday - what in the world was that

That was the other half of going to Extended Super Frame. Lyle talked about AMI going away below, but didn't mention what replaced it (Binary 8bit Zero Substitution for the kids on the list). I don't know about the other ILECs out there, but I don't know if Verizon will even provision a T1 any

Re: Reminiscing our first internet connections (WAS) Re: akamai yesterday - what in the world was that

On 1/27/20 2:00 PM, Jamie Bowden via NANOG wrote: > I don't know about the other ILECs out there, but I don't know if Verizon > will even provision a T1 anymore. I know you can still get a PRI (that's how > our phone systems interface with the PSTN), but if we needed a CT1 instead, I > don't kn

Re: FYI - Suspension of Cogent access to ARIN Whois

Cogent is still violating this whois suspension. A couple wisp's I know were contacted by cogent in the last week after receiving their ASN. On Mon, Jan 27, 2020, 12:57 PM Justin Wilson wrote: > This shall be my answer from now on. > > > On Jan 27, 2020, at 1:22 PM, Dovid Bender wrote: > > > >

Re: FYI - Suspension of Cogent access to ARIN Whois

Make sure they send evidence to complia...@arin.net so Cogent doesn't keep getting away with it. On Mon, Jan 27, 2020, 2:21 PM Darin Steffl wrote: > Cogent is still violating this whois suspension. > > A couple wisp's I know were contacted by cogent in the last week after > receiving their ASN.

Re: Reminiscing our first internet connections (WAS) Re: akamai yesterday - what in the world was that

On January 27, 2020 at 22:57 ma...@isc.org (Mark Andrews) wrote: > The hardware support was 2B+D but you could definitely just use a single B. > 56k vs 64k depended on where you where is the world and which style of ISDN > the telco offered. FWIW bulk dial-up lines were often brought in

Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC

Hey everyone, decided to do a small update for those who are interested. - Sony reached out to me, they whitelisted our IP's temporarily but then removed them. We have not heard from them since (10th January) - We tracked down the cause of the blacklist, it is happening because we are a victim o

Re: Reminiscing our first internet connections (WAS) Re: akamai yesterday - what in the world was that

On January 27, 2020 at 09:26 james.v...@gmail.com (james jones) wrote: > Does AOL count? If my first real internet connection was dial up 3600 baud > through compuserv. When I finally upgraded to 56K I thought it was light > speed.  I remember going from 300b to 1200b and thinking wow, this i

Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC

One approach would be to trace the true origin of the spoofed packets, and get it filtered by their upstream. To that end, can you share some details of a recent tcp-amp attack? Eg, the victim IP and a timestamp? Damian On Mon, Jan 27, 2020 at 12:06 PM Octolus Development wrote: > Hey everyon

Re: FYI - Suspension of Cogent access to ARIN Whois

On Tue, Jan 7, 2020 at 8:50 AM John Curran wrote: > On 7 Jan 2020, at 5:01 AM, Martijn Schmidt via NANOG > wrote: > > > > Out of curiosity, since we aren't affected by this ourselves, I know of > cases where Cogent has sub-allocated IP space to its customers but which > those customers originate

RIP: Bill Manning

I was saddened to see this yesterday, that Bill Manning had passed. I was surprised this morning that it hadn’t hit NANOG yet but thought I’d post something because I have a ton of respect for Bill as I’m sure many here do. I met Bill as a very young, thought-I-knew-everything network engineer a

Re: Rogue objects in routing databases

Hi Stephane, NANOG – Do the math for all pertained prefixes in the pastes, those 3 prefixes were just examples I had at hand, and the event is still of quite some significance. Albeit ROA-validating routers being an argument that extenuates probabilities and the ensuing effect, deployment of suc

Re: Reminiscing our first internet connections (WAS) Re: akamai yesterday - what in the world was that

Whoa. Gandalf. I worked on one of those once and it was cray-zee. Customer bought one, and I had to get it to interoperate with an Ascend 400. It took a lot of fiddle-farting, but I did eventually get it to work. Fun times. On 1/27/20 8:00 PM, Jamie Bowden via NANOG wrote: That was the

Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC

It is impossible to find the true origin of where the spoofed attacks are coming from. I don't have an exact timestamp, because the attacks are really difficult to see as well. As I said, you can block the IP from accessing internet completely. Yet, some services will flag our IP as "port flood

Re: RIP: Bill Manning

Sad to hear about Bill. I also began my career at a small ISP in Houston where we also had a T1 to SESQUINET, and Bill was already a legend to us Jr. Sysadmins in town in 1995/96. -Andrew On Mon, Jan 27, 2020 at 2:36 PM Brett Watson wrote: > I was saddened to see this yesterday, that Bill Mann

Re: RIP: Bill Manning

I'm so sorry to hear about Bill. He willingly shared what he knew with anyone who asked, and had an oft-unacknowledged hand in many RFCs. I first met him at ISI in Santa Monica where he helped install one of our first peering routers in a parking ramp janitor's closet. Later I had the good fort

Re: RIP: Bill Manning

Dear team, I was very sad when I heard this news. Bill was a fun and friendly presence, and patiently mentored me in my early days. I’ll never forget when he scrawled “I love bots” on one of my NANOG badges. I still have it. :) I had the fortune to be on a couple of panels with him, and I

Wifi implementators

Hi there I am looking for companies who can implement wifi to a 20,000 sq ft space in Virginia (near Virginia Beach area) and offer services that are turn key including upgrades/expansion/maintenance and such. Please contact me offlist if you can provide enterprise grade turn key wifi solutions

Re: Wifi implementators

Probably would be better off posting this to a jobs mailing list then an operators mailing list... On 1/27/2020 4:28 PM, Mehmet Akcin wrote: Hi there I am looking for companies who can implement wifi to a 20,000 sq ft space in Virginia (near Virginia Beach area) and offer services that are

Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC

On Jan 28, 2020, at 04:12, Octolus Development wrote: It is impossible to find the true origin of where the spoofed attacks are coming from. This is demonstrably untrue. If you provide the requisite information to operators, they can look through their flow telemetry collection/analysis sys

Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC

On Jan 28, 2020, at 04:12, Octolus Development wrote: I don't have an exact timestamp, because the attacks are really difficult to see as well. If you implement an open-source flow telemetry collection system & export flow telemetry from your edge routers to it, this becomes trivial. See th

Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC

If someone is being spoofed, they aren't receiving the spoofed packets. How are they supposed to collect anything on the attack? Offending host pretending to be Octolus -> Sony -> Real Octolus. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest-IX http:/

Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC

Transit carriers could work the flows backwards. -Ben Cannon CEO 6x7 Networks & 6x7 Telecom, LLC b...@6by7.net > On Jan 27, 2020, at 4:39 PM, Mike Hammett wrote: > > If someone is being spoofed, they aren't receiving the spoofed packets. How > are they supposed to co

Re: RIP: Bill Manning

Chris Caputo posted the following to the SIX mailing list a few days ago. I think this really shows Bill in action, helping a new IX get set up. He will be missed. Bill Manning died unexpectedly this morning, January 25th, at his home. It was Bill's presentations on June 5th, 1997 at NANOG in Tam

Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC

How would they know what to look for? I'm assuming Sony isn't cooperating. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest-IX http://www.midwest-ix.com - Original Message - From: "Ben Cannon" To: "Mike Hammett" Cc: "Roland Dobbins" , "NAN

Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC

The victim already posted the signature to this thread: - source IP: 51.81.119.7 - protocol: 6 (tcp) - tcp_flags: 2 (syn) That alone is sufficient for Level3/CenturyLink/etc to identify the source of this abuse and apply filters, if they choose. For a more detailed explanation of how to tra

Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC

Peace, On Tue, Jan 28, 2020, 3:43 AM Ben Cannon wrote: > Transit carriers could work the flows backwards. > And if the stars align, some of them might even do that for you once even though you are not their direct customer. Next you're going to convince them to talk to the (probably abuse resi

Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC

Peace, On Tue, Jan 28, 2020, 4:02 AM Damian Menscher via NANOG wrote: > The victim already posted the signature to this thread: > - source IP: 51.81.119.7 > - protocol: 6 (tcp) > - tcp_flags: 2 (syn) > > That alone is sufficient for Level3/CenturyLink/etc to identify the source > of this a

Re: Prominent horse racing identities (was Re: Elad Cohen)

Jesus was crucified during the later years of the reign of Tiberius Hadrian on the other hand would have been loved by 45 for his dedication to building the wall --srs From: NANOG on behalf of Mark Seiden Sent: Monday, January 27, 2020 11:47 PM To: Large Hadro

Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC

On Mon, Jan 27, 2020 at 5:10 PM Töma Gavrichenkov wrote: > On Tue, Jan 28, 2020, 4:02 AM Damian Menscher via NANOG > wrote: > >> The victim already posted the signature to this thread: >> - source IP: 51.81.119.7 >> - protocol: 6 (tcp) >> - tcp_flags: 2 (syn) >> >> That alone is sufficient

Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC

Peace, On Tue, Jan 28, 2020, 4:32 AM Damian Menscher wrote: > On Mon, Jan 27, 2020 at 5:10 PM Töma Gavrichenkov > wrote: > >> If this endpoint doesn't connect to anything outside of their network, >> then yes. >> If it does though, the design of the filter might become more complicated. >> > >

Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC

You will still see backscatter which will let you know your space is being spoofed as well. This will show in your telemetry. Sent from my iCar > On Jan 27, 2020, at 7:57 PM, Mike Hammett wrote: > >  > How would they know what to look for? > > I'm assuming Sony isn't cooperating. > > >

Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC

Peace, On Tue, Jan 28, 2020, 4:42 AM Töma Gavrichenkov wrote: > As for the detection of the real source, everything is technically > possible but you need certain bargaining power which a medium-sized (at > best) VPN service probably doesn't have. > ...because if they *did* have some, they coul

Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC

On Mon, Jan 27, 2020 at 5:43 PM Töma Gavrichenkov wrote: > On Tue, Jan 28, 2020, 4:32 AM Damian Menscher wrote: > >> On Mon, Jan 27, 2020 at 5:10 PM Töma Gavrichenkov >> wrote: >> >>> If this endpoint doesn't connect to anything outside of their network, >>> then yes. >>> If it does though, the

Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC

Peace, On Tue, Jan 28, 2020, 4:49 AM Damian Menscher wrote: > They don't need to filter by destination. Once a problem customer has > been identified, they can apply an ACL restricting them to only originate > IPs they own. > > [..] > there are ways around that, including public shaming (here)

Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC

On Jan 28, 2020, at 07:39, Mike Hammett wrote: If someone is being spoofed, they aren't receiving the spoofed packets. How are they supposed to collect anything on the attack? OP stated that *his own network* was being packeted with a TCP reflection/amplification attack. This means that if h

AFRINIC: The Saga Continues

For the benefit of those of you who may have been living in caves for the past two months, I would like to share the following links regarding a massive fraud that appears to have been perpetrated by at least one AFRINIC insider. (It has still not been definitively determined if he had help or not

Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC

On Jan 28, 2020, at 11:40, Dobbins, Roland wrote: And even if his network weren't on the receiving end of a reflection/amplification attack, OP could still see backscatter, as Jared indicated. In point of fact, if the traffic was low-volume, this might in fact be what he was seeing. -