RIP: Bill Manning

I was saddened to see this yesterday, that Bill Manning had passed. I was surprised this morning that it hadn’t hit NANOG yet but thought I’d post something because I have a ton of respect for Bill as I’m sure many here do. I met Bill as a very young, thought-I-knew-everything network engineer a

Re: abha

> On Oct 20, 2021, at 10:41, Randy Bush wrote: > > abha died 20 years ago today Still miss her, she was a ray of sunshine.

Re: Special Counsel Office report web site

Or maybe do this (faster than nanog archives) :) bash-3.2# dig cia.gov ns ; <<>> DiG 9.10.6 <<>> cia.gov ns ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33203 ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECT

Re: netstat -s

> On Jul 17, 2019, at 6:54 PM, Randy Bush wrote: > > do folk use `netstat -s` to help diagnose on routers/switches? > indeed.

Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey

>> > that's not the one I was thinking of, this is: > > > which references your presentation, nice! and is about J-root, not K-root, > but mentions Lorenzo's work on K-root studies... In anycase, both seem to > say that 'tcp anyc

Re: American Airlines down

> On Feb 8, 2017, at 19:12, Michael Voity wrote: > > Looks like it _just_ came back. > I was delayed at LAX but apparently a global reboot of Windows actually worked and I'm on my plane. -b

Re: What are people using for IPAM these days?

> On Jun 11, 2018, at 9:31 AM, Patrick W. Gilmore wrote: > > While there are many good options, I prefer 6Connect personally. Lots of > hooks to let you automate things (not just which device has which IP address, > much more), cheap as hell, and support is unbeatable. Indeed, 6connect is aw

Re: What are people using for IPAM these days?

It’s some blood, sweat, and tears. I helped on a migration from IPPlan to Infoblox for a Fortune 5 company years ago, and it was a LOT of data, and it was painful. Lots of CSV exports and scripts to do conversions to get data in a state where it could be imported to Infoblox properly. Ok, it wa

Re: A Zero Spam Mail System [Feedback Request]

On Feb 20, 2019, at 19:01, Forrest Christian (List Account) wrote: > > I still believe that sendmail is Alien technology. How else can one > explain sendmail.cf? Eric Altman and scotch, lots of scotch (as I remember it from Usenix). -b

Re: A Zero Spam Mail System [Feedback Request]

> On Feb 21, 2019, at 20:21, Brett Watson wrote: > >> On Feb 20, 2019, at 19:01, Forrest Christian (List Account) >> wrote: >> >> I still believe that sendmail is Alien technology. How else can one >> explain sendmail.cf? > > Eric Altman and sco

Re: 4 or smaller digit ASNs

> On Oct 12, 2017, at 15:53, Richard Hicks wrote: > > Anyone know the history behind ASN 2906 (Netflix)? > How did they get a number that low? I didn’t recognize as2906 so went digging... and I can’t find a thing. ARIN has a “who has” service but my account on ARIN was locked and I wasn’t able

Re: abha

On Oct 13, 2017, at 11:26 AM, Randy Bush wrote: > > a moment of silence on this 16th anniversary of her tragic death One of the smartest geeks I have known, and she always lit up the room she was in with her smile and attitude. -b

Re: Cloudflare 1.1.1.1 public DNS broken w/ AT&T CPE

> On Apr 2, 2018, at 10:18, John Levine wrote: > > In article <7db5fac7-972a-4eb6-89d9-b305a7233...@cloudflare.com> you write: >> If you know of others please send them my way so we can investigate. > > A lot of hotel and coffee shop captive portals use it for the login > and logout screens.

Re: FUD: 15% of world's internet traffic hijacked

On Nov 17, 2010, at 9:45 AM, Bob Poortinga wrote: > My concern is that this "report" will be presented to the US Congress without > being refuted by experts in the know. > > My request is that someone with some gravitas please issue a press release > setting the facts straight on this matter. I

Re: FUD: 15% of world's internet traffic hijacked

On Dec 1, 2010, at 4:17 PM, Christopher Morrow wrote: > sometimes I love to pull your chain... :) I agree though that folks > won't publish this data (in general) directly, for whatever reason. > Also, right '15% of traffic' really should have been '15% of routes*' Agreed, I should have been mor

Re: The stupidity of trying to "fix" DHCPv6

On Jun 10, 2011, at 7:03 PM, Owen DeLong wrote: > I see no reason that additional DHCPv6 options would have to fragment the > installed > base or perpetuate the lack of agreed upon DHCPv6 behavior. In fact, I think > that > adding these options could allow for a set of rules that would be accep

Not operational, but related to the attendees in Philly

I'm getting a rash of emails (as are some of my colleagues at work that are attending in Philly) from vendors that act like they know me, and just want to "have a drink and catch up while in Philly". Just me, or are others seeing an increase in spam from vendors that will be there? -b

Re: Not operational, but related to the attendees in Philly

On Oct 6, 2011, at 6:11 PM, John van Oppen wrote: > That does not seem to be unique to nanog. Oh I know, it's just never happened to me until this nanog, and I've been attending off/on since '94. (Ok, I probably got a few here and there). I just need to get older and more crotchety-er like Rand

Re: Microsoft Job Poaching on NANOG

On Oct 18, 2011, at 5:03 PM, Babak Pasdar wrote: > Is Microsoft trying to poach people off the NANOG list? IMHO this is > inappropriate. There's a lot more than just MS doing it after this NANOG, and it's damned annoying. I've had it happen over the years just a few times, but it's unprecede

Re: Outsourcing DDOS

On Oct 24, 2011, at 10:54 AM, Andreas Echavez wrote: > Prolexic is the go-to company for handling large-scale DDoSes. We haven't > yet tried the service, but they've been extremely professional. Not sure I understand your post. You claim Prolexic are the go-to-guys, and extremely professional… b

Re: Performance Issues - PTR Records

On Nov 6, 2011, at 6:57 PM, Jimmy Hess wrote: > On Sun, Nov 6, 2011 at 7:10 PM, Mark Andrews wrote: >> MacOS and Windows can both populate the reverse zone for you as can >> dhcp servers. >> The practice of filling out the reverse zone with fake PTR record [...] > > OK.. let's say you're a DSL

Re: ARIN-2011-1: ARIN Inter-RIR Transfers - Last Call (expires in one week)

On Nov 10, 2011, at 6:56 AM, Leo Bicknell wrote: > The tide is coming. The tide is wet. The tide is full of IPv6 water. > Get over it. Awesome, so you've solved the multi-homing issues with v6? The RA/DHCPv6 issues? (I'll just leave it at those three). -b

Re: IP Address Management IPAM software for small ISP

On Dec 13, 2012, at 3:25 PM, Mike Walter wrote: > Eric, you should look at 6connect. They have a good product for IPv4 and > IPv6 address management. Agreed, good product, and they have tie-ins to the Registries for filling out and submitting request templates, etc. -b

Re: Level3 worldwide emergency upgrade?

Hell, we used to not have to bother notifying customers of anything, we just fixed the problem. Reminds me a of a story I've probably shared on the past. 1995, IETF in Dallas. The "big ISP" I worked for at the time got tripped up on a 24-day IS-IS timer bug (maybe all of them at the time did, I

Re: IP Management Software

Infoblox is pretty nice but not a stand-alone IPAM solution. It's bundled DNS, DHCP, and IPAM. 6Connect definitely has a nice IPAM solution, right now more tailored for service providers but it's linked to the regional registries and helps you do requests for address space, etc. I think they'r

Re: Question regarding anycasting in CDN setup

On Feb 8, 2012, at 11:58 AM, Anurag Bhatia wrote: > Mike > > I can also have a single DNS >> server give 192.0.2.80 out to queries sourced from a US IP Address, >> 198.51.100.80 for queries sourced from a German IP Address and >> 203.0.113.80 to queries sourced from a Chinese address (djbdns has

Re: uunet ends newsfeed/newsreader in US

On Mar 30, 2012, at 3:47 PM, Jon Lewis wrote: > On Fri, 30 Mar 2012, Henry Yen wrote: > >> uunet/vzb "will terminate its United States Newsreader and Newsfeed >> services on March 31, 2012, with no plans to offer a replacement, and >> any content/data remaining after that date will be unrecovera

Re: Vixie warns: DNS Changer ‘blackouts’ inevitable

On May 23, 2012, at 18:27, George Herbert wrote: > > Please don't make me remember hosts.txt before I've had a chance to > wrap up work, go home, and get some Scotch in... > Come on George, hosts.txt was the good old days :) -b

Re: trading bandwidth

On May 29, 2012, at 3:10 PM, Owen DeLong wrote: > IIRC, the concept was first introduced by MCI and Enron to great fanfare > and subsequent graphic demonstrations of the destructive power of > unregulated markets controlled by people of limited moral fortitude. Not ALL of us were of limited mora

Re: Penetration Test Assistance

On Jun 5, 2012, at 9:52 AM, Peter Kristolaitis wrote: > > As far as horror stories... yeah. My most memorable experience was a guy > (with a CISSP designation, working for a company who came highly recommended) > who: >- Spent a day trying to get his Backtrack CD to "work properly". Whe

Re: Penetration Test Assistance

On Jun 5, 2012, at 11:34 AM, Darden, Patrick S. wrote: > > I'm with Barry--a network diagram showing everything from the pov of the pen > team should be part of the end report. Maybe, maybe not. It all depends on the scope of the engagement. I've had customers ask for very specific pen test o

Re: Urgent

If only we had origin and path-based routing… -b On Aug 18, 2014, at 5:28 PM, Franck Martin wrote: > > On Aug 18, 2014, at 3:08 PM, Randy Bush wrote: > Contact for God, please reach out to me offlist. >>> And this is why we're going to have the >>> "always remember to lock your screen >

Re: Remember "Internet-In-A-Box"?

> On Jul 14, 2015, at 4:46 PM, Stephen Satchell wrote: > > This goes back a number of years. There was a product that literally was a > cardboard box that contained everything one needed to get started on the > Internet. Just add a modem and a computer, and you were on your way. No > fuss,

Re: DDOS Simulation

> On Jul 28, 2015, at 9:05 PM, jim deleskie wrote: > > If anyone offers to "test" your DDoS devices across a network that you do > not 100% own, you are risking legal issues. > > If they offer to test it across your own network, make sure you have in > writing from you upper management that the

Re: abha ahuja

Brilliant woman with a great sense of humor, just a wonderful person. Deeply missed. Typing with thumbs... > On Oct 19, 2013, at 15:36, Randy Bush wrote: > > abha ahuja, researcher and operator, died this day in 2001 at a > tragically early age. if you did not know her, search a bit. > she d

Re: Rate of growth on IPv6 not fast enough?

On Apr 18, 2010, at 5:17 PM, Randy Bush wrote: >> And doing guess-o-matic extrapolation, it will take another 3 years >> before we reach 10,000 ASN advertising IPv6 networks. That will be 33% >> of ASN. With the impending running out of IPv4 starting next year, >> seems to me we are not going to

Re: Network Documentation

On Jun 29, 2010, at 8:28 AM, Jens Link wrote: > >> I am curious as to how others are documenting their network; both >> visually and configurations. >> >> Is there any a software offers a database with web-based front end that >> can document in a very details. > > Most people I know use a wiki

Re: BGP next-hop

On Sep 30, 2010, at 4:57 PM, Randy Bush wrote: >>> it seems it gets the bgp route for 147.28.0.0/16 and then can not >>> resolve the next hop. it would not recurse to the default exit. >>> >>> of course it was solved by >>>ip route 147.28.0.0 255.255.0.0 42.666.77.11 >>> but i do not real

Re: Anyone else seeing "(invalid or corrupt AS path) 3 bytes E01100" ?

On Aug 17, 2009, at 5:17 PM, Paul Ferguson wrote: I recall Cisco code bugs that were fixed in semi- real-time, and quotes from tli: "Code still warm from compiler. Confidence level: Boots in lab." IETF Dallas, 1995 I think. MCI Reston engg and Cisco (Ravi and others) in the terminal room

Re: Dynamic IP log retention = 0?

On Mar 12, 2009, at 12:25 AM, Ross wrote: How did a simple thread about network scanning get so derailedwe have people talking about the legal implications of port scanning, hiring lawyers to go after ISPs, talking to the fbi, the benefits/downfalls of NAT as a security policy, etc. Wow

Re: YouTube IP Hijacking

On Feb 26, 2008, at 5:02 PM, Danny McPherson wrote: The fact is that employment of explicit inter-domain prefix filtering seems to only be deteriorating from where it was 15 years ago is telling, and I think folks have become lazy and accepting, even as more and more critical infrastructure an

Re: Federal Government Interest in your patch progress

On Jul 25, 2008, at 10:32 AM, Sean Donelan wrote: Unfortunately, several of the public "testing" sites have been generating false-positives. It would be good of you to list those here if you know which ones are generating false positives, so folks can avoid using them. -b

Re: facebook worm

On Aug 8, 2008, at 9:48 AM, Laurence F. Sheldon, Jr. wrote: Patrick Giagnocavo wrote: Turning nanog into a rehash of digg's technology section or the front page of news.com reduces nanog's utility. As does the days and days of rehash of one of Gadi's postings. And all of this BS is even *

Re: maybe a dumb idea on how to fix the dns problems i don't know....

On Aug 9, 2008, at 3:48 PM, Chris Paul wrote: Paul Vixie wrote: because TCP is considered optional by many authority DNS server operators. Hey authority DNS server operators. Can you make a change to your servers to always allow TCP client connections? Would this be difficult? What wou

Re: Public shaming list for ISPs announcing other ISPs IP space by mistake

On Aug 14, 2008, at 9:02 AM, Randy Bush wrote: bottom line: the irr is a hack, not a formal solution. I don't think the IRR is so much a hack (it's a tool), but we're lacking the process and infrastructure to vet/validate that a given ASN is *authorized* to originate a prefix, and all of

Re: Public shaming list for ISPs announcing other ISPs IP space by mistake

On Aug 14, 2008, at 11:21 AM, David Freedman wrote: but, why wouldn't something like formally requiring customers/peers/transits/etc to have radb objects as a 'requirement' for peering/customer bgp services Step 1 : Enforce IRR for customers *now*. Right, but I think the bigger issue is n

Re: CRS-3

On Mar 9, 2010, at 1:09 PM, Brandon Galbraith wrote: > It was mentioned that Att is already testing this with a 100gbps fiber run. Maybe Peter Lothberg is testing one in his basement? :) -b

Re: Mac OS X 10.7, still no DHCPv6

On Feb 28, 2011, at 6:38 PM, Majdi S. Abbas wrote: > Anyone care to start the IPv4 dead pool, Price is Right > style, for when the last v4 NLRI is removed from the DFZ? That's funny, I don't care what galaxy you're from :) -b

Re: HIJACKED: 159.223.0.0/16 -- WTF? Does anybody care?

On Mar 31, 2011, at 5:46 PM, Ronald F. Guilmette wrote: > (Sorry, but I can't help snickering a bit at your _prior_ employment. > As I feel sure you are already painfully aware, having that on your > resume does not exactly inspire a whole lotta confidence in the notion > that you are a straight

Re: coprorations using BGP for advertising prefixes in mid-1990s

On May 12, 2011, at 4:47 PM, Tony Li wrote: > To be fair, that was for folks on the isp-geeks mailing list, who were > effectively doing alpha test with me. I was fixing about 1 significant bug > per day and doing at least one release per day. 10 day old code was missing > at least 10 fixes..

Re: coprorations using BGP for advertising prefixes in mid-1990s

On May 12, 2011, at 8:53 PM, c...@daydream.com wrote: > Yes images had names in them and in 1989 you could call cisco if your box > was broken and Eileen would just send parts. Hell, you knew from the image name wether Toni, Ravi, Dino, etc have built the image. It was quite personal back then :