On Wed, 07 Oct 2020 22:10:07 -0700, "Constantine A. Murenin" said:
> People act like 1.1 million requests per hour is a huge number.
>
> That's only 305 requests per second!
>
> Cheapest NVMe SSDs are capable of 160k+ IOPS.
>
> You can literally serve the whole thing from a single server on a
> 10
Yeah, it changes.
They started with FreeBSD 4.x + their patches, then moved it inside
a hardened Linux for virtualization functions (watch closely the boot
sequence).
uname returns
MX960 - FreeBSD amd64
QFX 5100 - JUNOS i386 (build tag show indication its FreeBSD
Some questions on the clean network program adoption/policy as a network
operator. https://www.state.gov/the-clean-network/
Looking at some Tier 1 network operator logos and statements on that
notification, Is this only about choice of network electronics deployment for
future..
Would this
Above all, JUNOS makes sense when configuring, you literally the software
gives you the feel of talking to the device. If your brain is programmed to
be logically then all pieces and modes easily come to life and adaptation
becomes a zero hustle.
*Paschal Masha*
Lead Network Engineer
6x7 Network
In response to feedback from operational security communities,
CAIDA's source address validation measurement project
(https://spoofer.caida.org) is automatically generating monthly
reports of ASes originating prefixes in BGP for systems from which
we received packets with a spoofed source address.
I apologize for the noise, this seems like the kind of thing where it
actually isn't possible to get a message to the right folks through the
front door. Hoping someone subscribed here can take a look.
Looks like something here in Boise is squirrelly.
fw1$ traceroute -A -I twitch.tv
traceroute: W
Google around for Junos Evolution. Junos is going native Linux.
From: NANOG on behalf of Matt
Harris
Date: Thursday, October 8, 2020 at 4:15 PM
To: Chris Boyd
Cc: nanog list
Subject: Re: Juniper configuration recommendations/BCP
Matt Harris
|
Infrastructure Lead Engineer
816‑256‑544
Im on a CenturyLink fiber connection in Boise. What is the problem you are
seeing exactly? Traceroute doesn’t look odd really.
Sent from my iPhone
> On Oct 9, 2020, at 8:40 AM, Allen Smith via NANOG wrote:
>
>
>
> I apologize for the noise, this seems like the kind of thing where it
>
On Thursday, 8 October, 2020 10:37, "Forrest Christian (List Account)"
said:
> I've done a bit of googling and am either finding stuff that is largely
> Cisco-specific or which is generic - all of which I'm rather familiar with
> based on my past history. Is there anything I should worry about
This is an automated weekly mailing describing the state of the Internet
Routing Table as seen from APNIC's router in Japan.
The posting is sent to APOPS, NANOG, AfNOG, SANOG, PacNOG, SAFNOG
TZNOG, MENOG, BJNOG, SDNOG, CMNOG, LACNOG and the RIPE Routing WG.
Daily listings are sent to bgp-st...@li
Dear Nanog;
Hope everyone is getting ready for a good weekend. I'm working on a greenfield
service provider network and I'm running into a security challenge. I hope the
great minds here can help.
Since the majority of traffic is SSL/TLS, encrypted malicious content can pass
through even an
On Fri, Oct 9, 2020 at 2:27 PM Christopher J. Wolff
wrote:
> Dear Nanog;
>
>
>
> Hope everyone is getting ready for a good weekend. I’m working on a
> greenfield service provider network and I’m running into a security
> challenge. I hope the great minds here can help.
>
>
>
> Since the majorit
DNS filtering might be an easier option to get most of the bad stuff with
services like 9.9.9.9 and 1.1.1.2. Paid options like dnsfilter.com will
give you better control. Cloudflare Gateway might also be an option.
On Fri, Oct 9, 2020 at 12:29 PM Christopher J. Wolff
wrote:
> Dear Nanog;
>
>
>
>
CJ,
On 09.10.20 15:09, Christopher J. Wolff wrote:
Dear Nanog;
Hope everyone is getting ready for a good weekend.� I�m working on a
greenfield service provider network and I�m running into a security
challenge.� I hope the great minds here can help.
Since the majority of traffic is
Agreed DNS/IP reputation is still about the best. Then move on with everything
else we should be doing.
Decrypting the content would bring us to the next problem. Malware is commonly
encrypted to prevent AntiVirus from pattern matching or hash matching.
Decrypting the content always struck me
Hi, can someone reach out off-list please? We are seeing very high latency
to Spectrum residential users from LAX.
Are you really suggesting decrypting customer traffic? In most parts of the
world that act falls in one of two categories: it is either required by law
or it is illegal.
Offer your customers a good virus scanner to install instead.
Regards
Baldur
fre. 9. okt. 2020 21.27 skrev Christopher J. Wo
If you search for this phrase
During 2020 more than fifty percent of new malware campaigns will use
various forms of encryption and obfuscation to conceal delivery, and to conceal
ongoing communications, including data exfiltration.
you will find lots of vendors of decryption have th
I guess he never saw a Juniper M40, it's literally an i686/x86 32-bit
motherboard for the routine engine, glued to a chassis with linecards
containing custom ASICs and optics. As I recall it was a moderate speed
Pentium 2 with some average amount of RAM and a 2.5" 44pin ATA66 laptop
hard drive.
Or
On Fri, Oct 9, 2020 at 2:27 PM Christopher J. Wolff
wrote:
> Without setting up SSL encrypt/decrypt through a MITM setup and handing
> certificates out to every client, is there any other software/hardware that
> can perform DPI and/or ssl analysis[...]?
>
No. That was kind of the point of SSL.
100ms to twitch for continental USA seems a bit absurd!
On Fri, Oct 9, 2020 at 10:56 AM Brielle wrote:
>
> Im on a CenturyLink fiber connection in Boise. What is the problem you
> are seeing exactly? Traceroute doesn’t look odd really.
>
>
> Sent from my iPhone
>
> On Oct 9, 2020, at 8:40 AM,
It is a tad bit unusual yes, but not surprising from Boise. Our connections
have to go out to Seattle or other neighboring states before hitting any major
IX.
Well, that and basing issues solely on ICMP echos and trace routes can be
tricky, given that they are low priority and require hitting
22 matches
Mail list logo
