(Slightly OT?) K8S Platform As A Service Recommendations

Hello all, I know this is primarily a networking list, but I know lots of server admins hang out here. Does anyone have a recommendation for a self-hosted, on premise, platform as a service layer for k8s (specifically k3s)? I have written up some context here: https://github.com/TSYSGroup

Re: (Slightly OT?) K8S Platform As A Service Recommendations

On 4/7/21 11:38 PM, Raymond Burkholder wrote: On 4/7/21 9:16 AM, Charles N Wyble wrote:> Does anyone have a recommendation for a self-hosted, on premise, > platform as a service layer for k8s (specifically k3s)? FWIW: Maybe you don't need kubernetes: https://endler.dev/2019/may

Re: Rough cost for monitoring

One would need to know a lot more about the specifics of your requirements. My suggestion would be to invest money in qualified people to watch over something like opennms or (my favorite) a combination of alienvault and opsview. "Eric Gauthier" wrote: >Heya, > >I'm trying to quickly pull t

Re: Low end, cool CPE.

Check out cradlepoint. Doesn't have all the features you want, but will do wifi/3g/ethernet as wan options. Not sure if it load balances between them though. Also check out pfsense. That's what I am currently running. On 11/11/2010 05:54 PM, Suresh Ramasubramanian wrote: And does this take cel

Re: Low end, cool CPE.

On 11/12/2010 01:24 AM, Eugen Leitl wrote: On Thu, Nov 11, 2010 at 05:41:00PM -0800, Leo Bicknell wrote: I've run into a number of low end CPE situations lately where I haven't found anything that does what I want, but I have to believe it is out there. I'm hoping NANOG can help. An ALIX with

Re: OT: VM slicing and dicing

On 11/9/2010 2:38 PM, Brandon Kim wrote: Thanks everyone for your input today on this topic. I wanted to recap with a list of sites that everyone has suggested both online and offline for FYI purposes. http://www.microsoft.com/systemcenter/en/us/default.aspx I haven't used system center, bu

Re: OT: VM slicing and dicing

On 11/12/2010 12:09 PM, Robert Brockway wrote: On Fri, 12 Nov 2010, Charles N Wyble wrote: I use Proxmox exclusively and am very happy with it. It's a great product. You might need to do a bit of CLI work if you want to support multiple VLANS or other slightly advanced features. I'm

nanog@nanog.org

Repair Service 1-866-346-1168 or 611 within state 24 hours a day, 7 days a week It's amazing how many people don't know about 611. It's the fastest way to reach clued/capable of paging clued people. > - -- Charles N Wyble (char...@knownelement.com) Systems craftsman for

Re: AltDB? (IRR support & direction at ARIN)

th it's copy of the IRR. In fact I'm not sure why they even operate one. It seems to be the realm of service providers to do so. Can anyone enlighten me as to why a RIR is operating an IRR database? It doesn't make sense to me. - -- Charles N Wyble (char...@knownelement.com)

Re: AltDB? (IRR support & direction at ARIN)

s). John, Can you shed some light on why this is the case? Was this requested by the community, or driven internally? Or both? - -- Charles N Wyble (char...@knownelement.com) Systems craftsman for the stars http://www.knownelement.com Mobile: 626 539 4344 Office: 310 929 8793 -BEGIN PGP

Re: Is Cisco equpiment de facto for you?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 pfsense in redundant pair for routing/security/vlan termination cisco all the way for l2 switching On 01/10/2011 09:38 AM, James Smith wrote: > All the places I've worked in the past decade have been all Cisco shops for > routing and switching, with a

Re: Software DNS hghi availability and load balancer solution

server plugin) must > be able to monitor server availability (for example by TCP connect) and from > DNS-reply depends on it. > > I know that it is possible by BIND with set of script. But we are trying to > find more usable solution with frendly interface. > > Thanks a lot.

Re: Software DNS hghi availability and load balancer solution

ain point is that DNS-server (or dns server >>> plugin) must >>> be able to monitor server availability (for example by TCP connect) >>> and from >>> DNS-reply depends on it. >>> > > On Tue, 18 Jan 2011, Charles N Wyble wrote: >> >> Ha-proxy

Re: DSL options in NYC for OOB access

xed modem with static IP address for $50 > (USD) monthly, or less if you opt for the low-bandwidth plan. +1 for the clear stuff. I've spent the last couple of weeks doing extensive 3g/4g testing, and been incredibly impressed with Clear. (I'm doing video conferencing over it

Re: [arin-announce] ARIN Resource Certification Update

On 1/24/2011 8:52 PM, Roland Dobbins wrote: On Jan 25, 2011, at 11:35 AM, Christopher Morrow wrote: thinking of using DNS is tempting The main arguments I see against it are: 2. The generally creaky, fragile, brittle, non-scalable state of the overall DNS infrastructure in general.

Ipv6 for the content provider

manuals and say RTFM :) - -- Charles N Wyble (char...@knownelement.com) Systems craftsman for the stars http://www.knownelement.com Mobile: 626 539 4344 Office: 310 929 8793 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http:/

What's the current state of major access networks in North America ipv6 delivery status?

k ipv6 delivery. Thanks. - -- Charles N Wyble (char...@knownelement.com) Systems craftsman for the stars http://www.knownelement.com Mobile: 626 539 4344 Office: 310 929 8793 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.o

Re: Ipv6 for the content provider

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/26/2011 01:50 PM, Randy McAnally wrote: > On Wed, 26 Jan 2011 10:22:40 -0800, Charles N Wyble wrote > >> For the most part, I'm a data center/application >> administrator/content provider kind of guy. As such, I want to

Re: What's the current state of major access networks in North America ipv6 delivery status?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/26/2011 01:52 PM, Charles N Wyble wrote: > > Is anyone tracking the major consumer/business class access networks > delivery of ipv6 in North America? > > I'm on ATT DSL. It looks like they want to use 6rd? I've o

Re: Connectivity status for Egypt

user going to setup static routes? Unless there are no firewalls and everything is wide open how would you reach gateways? - -- Charles N Wyble (char...@knownelement.com) Systems craftsman for the stars http://www.knownelement.com Mobile: 626 539 4344 Office: 310 929 8793 -

Re: Connectivity status for Egypt

for >>> >>> "routing around it".) >> >> I think it would be pretty hard to actually cut off communications when the >> telephone system is still working. You can move a lot of email by dialup >> UUCP if you wanted to. >> >> > &g

Someone with IP clue @Suddenlink please contact me

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello all, Anyone from Suddenlink on this list? If so, please contact me unicast. I'm seeing some very significant issues originating in your network core and want to get them sorted out. The normal channels haven't been helpful. Yes I'm a downstream

Re: What Net Neutrality should and should not cover

On 4/27/2014 3:30 PM, John Levine wrote: That is, with CATV companies like HBO have to pay companies like Comcast for access to their cable subscribers. In a non-stupid world, the cable companies would do video on demand through some combination of content caches at the head end or, for popula

Re: Next steps in extortion case - ideas?

Sue him for slander? Contact the US DOJ and request extortion charges be filed? I mean if someone was committing a crime against me, I'd certainly be in contact with law enforcement to have charges filed and a warrant out for arrest. You shouldn't have called him. He has certainly changed his

Re: Peering Latency

Is it Friday already? Or is this not a troll email? Its hard to tell. If its not a troll: Put up some smokeping boxes. Graph it for a few nights. Gather details. Send us those. That is far more interesting/(damning?) If its a troll: *grabs popcorn and gets comfortable* . we've not had a good "

4g hack

http://seclists.org/fulldisclosure/2011/Aug/76 Wondering what folks think about this? If this was true then we just entered a whole new era of mass WAN exploitation. Off list replies welcome. Rock and roll folks.

I'm back...

Hey folks, Been months since I've graced the NANOG list. Been a busy year so far. I see the same exact v6 threads going on as when I left. LOL. Like a forest fire that won't die. :) Go Owen and your band of merry men! And OSPF vs ISIS. Glad to see nothing has changed. I have a few threads qu

NANOGers home data centers - What's in your closet?

Hey all, I'm curious what other NANOGers have in their home compute centers? On the extreme end of course we have mr morris :) with his uber lab: http://smorris.uber-geek.net/lab.htm I've got the following: Production rack (4 post AV rack) >From top down: Current primary internet connection, so

Home computer rooms

All, Related to my thread about home data centers, what are folks using to store compute gear in? Mine sits in two racks in my second bedroom. Cooled by ambient AC. Has anyone built a dedicated room? What resources did you use to do so? Are their any standards to reference etc?

Re: NANOG Digest, Vol 43, Issue 53

On 08/12/2011 08:52 PM, Coy Hile wrote: > Damn, and people claim I'm nuts! > > You know, you could go whole hog and multihome. See I read that as having multiple homes. Not multiple feeds. LOL.

Re: NANOGers home data centers - What's in your closet?

On 08/12/2011 09:17 PM, Joe Greco wrote: >> What nobody wired their abode with fiber ? >> >> Am i the only one here > I ran a bunch of fiber from the telco rack What's in the telco rack? This is in your house? What's on it? > to the server rack to reduce > the risk of damage to expensive servers

Re: NANOGers home data centers - What's in your closet?

On 08/12/2011 10:08 PM, Eric Krichbaum wrote: > I have a 12 pack of single mode run between wiring closets upstairs and > downstairs. Nice. I can't wait to get my next house and be able to say exactly that phrase. LOL. > Only one server running feeding media to my xbmc's everywhere > but quite

Re: Verizon Business - LTE?

On 08/12/2011 10:23 PM, Ryan Finnesey wrote: > Does anyone know if Verizon Business is using the Verizon Wireless LTE > network to deliver service? Who else would they use? I would presume they are eating their own dog food. If not, that's very sad. :)

Re: Home computer rooms

On 08/12/2011 08:15 PM, Chaim Rieger wrote: > > Built one when I remodeled last year > Details? What kind of power/cooling? What kind/amount of gear?

Re: Home computer rooms

On 08/12/2011 09:02 PM, J wrote: > Charles N Wyble wrote: >> All, >> > Old IBM 32U cabinet in the unfinished basement, half a dozen older IBM > x-series and NAS, Cisco 2950/3550, old terminal server, UPS (have to > upgrade), bix patch panel, etc. Nice. I currently lack

Re: Home computer rooms

On 08/12/2011 07:49 PM, Alex Rubenstein wrote: > I am in the process of building a house. Cool. Will you have wire closets? What about home audio? Security? > I designed a room that can accommodate three 24 x 36 inch cabinets or four > post racks. Downstairs? Basement? > I will likely install

Re: NANOG Digest, Vol 43, Issue 53

On 08/12/2011 08:53 PM, Alex Rubenstein wrote: > > >> . > Trust me, if I could, I would certainly do dark to my house. The last house I was in, was 500 feet from AT&T fiber and easy walking distance to the CO. My sister in law lives there now. I'm considering putting a rack or two in the garage f

Re: Home computer rooms

On 08/13/2011 01:20 AM, Jari Arkko wrote: > 13.8.2011 3:18, Charles N Wyble kirjoitti: >> All, >> >> Related to my thread about home data centers, what are folks using to >> store compute gear in? >> >> Mine sits in two racks in my second bedroom. Cooled

Re: Home computer rooms

On 08/12/2011 10:56 PM, radhouan.all...@gmail.com wrote: > Check the ccnsp book. They have I think what you looking for. > Not sure what that is. Did some quick searching. Can you provide a bit more detail?

Re: Verizon Business - LTE?

* Ryan Finnesey *Cc:* nanog@nanog.org; Charles N Wyble *Subject:* RE: Verizon Business - LTE? On Aug 12, 2011 8:40 PM, "Ryan Finnesey" <mailto:rfinne...@gmail.com>> wrote: > > Well they are two completely separate companies . I would think that the > LTE netwo

Re: Verizon Business - LTE?

On 08/13/2011 01:09 PM, chris wrote: I'm in princeton, nj and I recently moved into a new place and had no internet for about a week and had my router in client mode grabbing hotspot from my phone and it worked surprisingly well. Of course latency can be a bit jumpy but my speeds overall were bet

Re: Verizon Business - LTE?

On 08/13/2011 11:52 PM, Ryan Finnesey wrote: The two problems I have with Clear is that it does not work well indoors Oh? The dongle you mean? Yes. The dongle is complete garbage. The Motorolla CPE has been top notch. Tried it various places in my apartment (near window, not near window). Ke

Re: Verizon Business - LTE?

On 08/13/2011 11:56 PM, Tammy A. Wisdom wrote: Clear is an absolutely horrible ISP. I've heard people say that. I've used them heavily in Los Angeles and Austin for over a year (almost two now actually). Never had a problem. It is quite common for it to go in and out Probably in fringe co

Re: Home computer rooms

sier to get in/out with gear without scratching > up the house and it also helps mute out some of the fan-noise. Excellent idea. Do you have a ramp of some sort to bring gear in? -- Charles N Wyble char...@knownelement.com @charlesnw on twitter http://blog.knownelement.com Building alternative,global scale,secure, cost effective bit moving platform for tomorrows alternate default free zone.

Re: How long is your rack?

ff. I like "crash box". Is that like a scratch system? > Hah -- Charles N Wyble char...@knownelement.com @charlesnw on twitter http://blog.knownelement.com Building alternative,global scale,secure, cost effective bit moving platform for tomorrows alternate default free zone.

Re: How long is your rack?

nal backups thread. I need to respond to that soon. That's pretty operational. I've always wondered if the next cisco/juniper 0 day will be delivered via a set of exploits delivered via a link posted to NANOG. :) Maybe I'll do a talk at DEFCON next year about that. > Fun.

Re: IPv6 Real World Maturity (was re: How long is your rack?)

On 08/14/2011 07:43 PM, Tim Wilde wrote: > On 8/14/2011 8:36 PM, Charles N Wyble wrote: > > > Yes, they prove that IPv6 is not a viable technology as it currently > stands and we should be working on the next big thing, of course! > IPv42, here I come! :) It certainly is bein

Infection vectors

On 08/15/2011 10:31 AM, Steven Bellovin wrote: On Aug 15, 2011, at 10:12 21AM, Randy Bush wrote: I've always wondered if the next cisco/juniper 0 day will be delivered via a set of exploits delivered via a link posted to NANOG. :) Maybe I'll do a talk at DEFCON next year about that. more likel

Re: Exploiting a non-facilities CLEC relationship

just pay per mb or something? > > Someone looking to start this model now, I'd say is about 10 years > late, 5 years too late. Yeah. Building ones own network is a bit... difficult. At least to serve on a competitive basis. -- Charles N Wyble char...@knownelement.com @charle

Re: TDM voice DOS

On 08/16/2011 11:46 AM, harbor235 wrote: Anyone been involved with TDM voice DOS attacks? My thoughts are that if the phone call originates as an IP call somewhere in the wild, then typical abuse security incident notifications may help in the interim. Indeed. Though I suppose it depends on whe

Re: NANOGers home data centers - What's in your closet?

On 08/16/2011 03:28 PM, William Warren wrote: > On 8/12/2011 7:28 PM, Charles N Wyble wrote: >> Hey all, >> > I have one rack of stuff..:) Not Enough! We will be removing you now from the list that is. :) > I then have my tower(custom build) and ups on another she

Re: How long is your rack?

months project. > I took on some ideas for backup though, so I am sorting out a backblaze > account and using Randy's fantastic sync thing that he mentioned. I really do > not want 18 months of research to vanish. Indeed. -- Charles N Wyble char...@knownelement.com @charles

Re: New Natural Disaster! 8/27/2011 Hurricane Irene

On 08/26/2011 09:51 PM, Scott Morris wrote: > Did you have backup tomatoes? Indeed. Multi gardening is all the rage. Can't be too safe. -- Charles N Wyble char...@knownelement.com @charlesnw on twitter http://blog.knownelement.com Building alternative,global scale,secure, cost effec

Re: How to begin making my own ISP?

e provider network together. Starting with three points of presence (Los Angeles, Kansas City, ). I'm in the process of securing an AS, IP space etc. Already have all the necessary networking gear. Working on getting it configured and deployed. I'm a data center guy coming into the WAN wor

wet-behind-the-ears whippersnapper seeking advice on building a nationwide network

Wow this turned into a very long post On 09/16/2011 01:10 PM, hass...@hushmail.com wrote: No one replied with any useful information. I guess no one wants competition on this list? Pretty poor tactic. On Sat, 10 Sep 2011 21:55:01 -0400 hass...@hushmail.com wrote: Mr hass...@husmail.com

Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network

On 09/16/2011 02:58 PM, Leigh Porter wrote: -Original Message- From: Charles N Wyble [mailto:char...@knownelement.com] Sent: 16 September 2011 20:47 To: nanog@nanog.org Subject: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network Wow this turned into a

Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network

On 09/16/2011 03:09 PM, Randy Carpenter wrote: As an ISP, ARIN will not give you any space if you are new. You have to already have an equivalent amount of space from another provider. I think it is really stupid, and encourages wasting IP space, but that is what the current policy is. Ah y

Re: How to begin making my own ISP?

esponse). You'll need some hefty capital to attract customers. Plus if you can only compete on price, the established players will just cut costs to match you. That's all my opinion of course. -- Charles N Wyble char...@knownelement.com @charlesnw on twitter http://blog.knownelement.com

Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network

fair. Easy enough to get some big chunks of v6 space from up streams and then justify the PI space. I shall have to do that then. -- Charles N Wyble char...@knownelement.com @charlesnw on twitter http://blog.knownelement.com Building alternative,global scale,secure, cost effective bit moving platform for tomorrows alternate default free zone.

Re: Disappointing ARIN - A great advertisement for the USA ?

Does whois have a bug tracker somewhere? That seems to be the place to file these sort of things.

Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network

On 09/17/2011 01:19 PM, John Curran wrote: On Sep 16, 2011, at 3:45 PM, Charles N Wyble wrote: 2) Obtain ipv6 space from ARIN (inquired about getting space and ran into some issues. need to speak with my co founder and get details. evidently getting brand new v6 space for a brand new network

Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network

t; Noted, and planned :-) I look forward to those discussions. I'm kind of intrigued by policy now, after starting this process. At first I was a bit irritated but now after John/Owen posted links and comments, it's a walk in the park. Just waiting on an LOA from my buddy and I should be

Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network

you really truly want policy changes. I greatly appreciate the clarification of policy and relevant docs etc. Seems really straightforward to me now. Now let's get back to technical / nuts and bolts discussion of building an ISP shall we? -- Charles N Wyble char...@knownelement.com @charle

Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network

trants to the ISP >> business to get their own v4 space. >> > > Isn't that the point? That's what I'm thinking. :) I don't plan on requesting any v4 space from ARIN. Just using provider space for the small v4 traffic needs. -- Charles N Wyble char...@knowneleme

Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network

I plan to announce my ASN out of 3 physically diverse hops over 100mbps or gige. I believe that qualifies as multihoming under pretty much all definitions? On that note, is anyone familiar with peering fabrics in 60 Hudson and 600 West 7th (or peering fabrics that are fiber close in those loca

Re: vyatta for bgp

On 09/21/2011 06:14 PM, Andreas Echavez wrote: btw, you guys might find PacketShadera pretty interesting concept -Andreas Excellent! I was wondering how far along this was. Good to see. Very exciting. I've got a couple parallel systems sitting around l

Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network -- ENOUGH ALREADY!

My apologies to all. I was hoping the conversation would be of an operational nature. I deleted the vast majority of messages in the thread as they weren't relevant. If anyone wants I can post smaller scope subject threads. Or a summary of the operationally relevant bits in the thread. Br

Re: vyatta for bgp

On 09/22/2011 05:37 AM, Pierce Lynch wrote: Andreas Echavez [mailto:andr...@livejournalinc.com] originally wrote: Ultimately, the network is as reliable as you build it. With software, it's much cheaper to divide and scale horizontally. Hardware devices are expensive and usually horizontal sca

Re: FCC - with Klezmer backup

ow it? > > /bill > What does "commercial terms of their broadband services." mean? Peering arrangements? Transit pricing? -- Charles N Wyble char...@knownelement.com @charlesnw on twitter http://blog.knownelement.com Building alternative,global scale,secure, cost effect

Re: Synology Disk DS211J

: Matthew Palmer [mailto:mpal...@hezmatt.org] > Sent: Friday, September 30, 2011 12:19 AM > To: nanog@nanog.org > Subject: Re: Synology Disk DS211J > > On Thu, Sep 29, 2011 at 07:10:10PM -0700, Joel jaeggli wrote: > -- Charles N Wyble char...@knownelement.com @charlesnw on twitter http://blog.knownelement.com Building alternative,global scale,secure, cost effective bit moving platform for tomorrows alternate default free zone.

Re: Enterprise WiFi list recommendations?

On 10/10/2011 10:04 AM, James M Keller wrote: On 10/10/2011 11:01 AM, James M Keller wrote: All, I'm looking for some mailing list recommendations for wifi operations community, any commendations? Checkout wispa.org Let us know what you decide to subscribe to.

Re: [routing-wg] BGP Update Report

the data and stay up to date. -- Charles N Wyble char...@knownelement.com @charlesnw on twitter http://blog.knownelement.com Building alternative,global scale,secure, cost effective bit moving platform for tomorrows alternate default free zone.

Re: Network Asset/Service Track/Management

On 11/01/2011 02:38 AM, Babak Farrokhi wrote: > Hi, > > I would suggest you use the element management software provided by your > vendor. But you may want to take a look at www.ziptie.org for an alternative. Also nocproject.org

Re: Logs Bank

ork and can >do graphical presentations based on.the frequency or content os the >logs. > >Thank you > >Joshua > >-- >Sent from my Nokia N9 -- Charles N Wyble @charlesnw char...@knownelement.com Building a cost effective, open, secure bit moving platform for tomorrows default free zone.

Re: IP Address Management IPAM software for small ISP

Zenoss works very well as a cmdb. George Herbert wrote: >On Thu, Dec 20, 2012 at 7:48 PM, Jimmy Hess wrote: >... >> >> But is there a decently scalable open source application for building >> a CMDB, that is visually appealing and efficient for humans to use, >> without a ton of manual devel

Re: OOB core router connectivity wish list

I have a Cyclades acs-48 console server. Direct power and Ethernet drop from the ceiling with a public ip. In my subnet, but not through my routers/switches or pdus. Completely out of band, except for relying on colo power/net, which if that's not up then oob is worthless to me anyway. I have e

Re: Monitoring other people's sites (Was: Website for ipv6.level3.com returns "HTTP/1.1 500 Internal Server Error")

On 03/20/2012 09:54 AM, Jeroen Massar wrote: > On 2012-03-20 15:40 , vinny_abe...@dell.com wrote: > > For everybody who is "monitoring" other people's websites, please please > please, monitor something static like /robots.txt as that can be > statically served and is kinda appropriate as it is int

ipv6 classful addressing with mesh?

So I came across this post the other day and wanted to see what folks think about it. https://plus.google.com/u/0/109418153881180057361/posts/AvjZbbK6T7X Here is the relevant portion: *Got anything more specific than that to go on?* Actually, yes. Although I still want community feedback on how

Re: IPv6 support via Charter | Ideas on BGP Tunnel via HE

On 04/11/2012 02:34 PM, Seth Mos wrote: > > > I'm getting about 40mbit through the IPv6 tunnel, so i'd say it works well, > although the throughput has slowly been dropping to the 30's range over the > last 6 months. But that's probably because of the latency. > > For something that is provided f

Re: EFF gets into the CPE router software business..

Well yes. :) Plenty of relatively inexpensive x86 based kit out there. Maybe with TPM? Never looked. Atom can push a good amount of packets. I am in the process of building an HCL for the various bits of the FreedomStack. (CPE/distribution/core etc). My family is a very heavy internet user.

Re: Incident notification

Pushover and email to sms from both an inband and off site monitoring vm. On November 21, 2014 9:52:00 AM CST, Thijs Stuurman wrote: >Nanog list members, > >I was looking at some statistic and noticed we are sending out a >massive amount of SMS messages from our monitoring systems. >This left m

Re: DDOS solution recommendation

Also how are folks testing ddos protection? What lab gear,tools,methods are you using to determine effectiveness of the mitigation. On January 8, 2015 11:01:47 AM CST, "Manuel Marín" wrote: >Nanog group > >I was wondering what are are using for DDOS protection in your >networks. We >are current

Re: gamer "lag" dashboard

SSL is no problem. We just had a whole thread about breaking it. :-) On January 19, 2015 5:16:43 PM CST, George Herbert wrote: >Emulating game traffic... Good luck with that. You'll probably have >to figure it out and build your own models per service, though a lot is >encapsulated in https.

Re: gamer "lag" dashboard

As a zenoss plugin, I agree. On January 19, 2015 7:22:36 PM CST, Roland Dobbins wrote: > >On 20 Jan 2015, at 5:10, Michael O Holstein wrote: > >> I need something that emulates the actual game traffic as would be >> classified by all the network crap that endeavors to mess with it. > >That soun

Re: gamer "lag" dashboard

Ixia is very very expensive and has its own sets of "fun", though it is a nice appliance for playing with packets. Though its more for protocol compliance testing and load generation. You'll find that protocol exploration and... h... exploitation is an incredibly mature field in floss. ht

Re: scaling linux-based router hardware recommendations

There is no free lunch. If you want " tools that end users can just use" then buy Cisco. Otherwise you need to roll up your sleeves and take the pieces and put them together. Or hire people like me to do it for you. It isn't overly complicated in my opinion. Also you'll find plenty of reason

Re: Intrusion Detection recommendations

Checkout security onion. Its got a pretty nice suite of tools and can run a (or many) dedicated sensor system and communicate back to a central system. As for SSL MITM, see the recent nanog thread for a full layer 2 to layer 8 ramifications of that activity. For ssh mitm, I don't know of any t

Re: [OT] Looking for dhs / fbi contact

They are in the phone book. Call them. Or walk into a field office near you. Don't bother nanog with such a generic / teasing question, its incredibly annoying. No one is going to provide you with a contact of any seriousness with such a generic query. On February 26, 2015 5:41:52 PM CST, jam

Re: What happened to Schprokits?

Checkout trigger for what seems to be the most viable system: https://trigger.readthedocs.org/en/latest/ On March 13, 2015 7:59:13 PM CDT, Pablo Lucena wrote: >I have great hopes for Schprokits. The idea behind it is outstanding - >an >Ansible for networking. It must be tough though, integrat

Re: BCOP appeals numbering scheme -- feedback requested

Use a git repository. Make tagged releases. This enables far easier distributed editing, translating, mirroring etc. And you can still do whatever release engineering you want. A wiki is a horrible solution for something like this. On March 15, 2015 8:24:49 AM CDT, Rob Seastrom wrote: > >Wi

Re: 48V DC Terminal server recommendations

I just use SSH to ip:portnum . Used the web ui for initial setup. Never used an applet. Didn't know one existed. This is on an acs48 model. I forget the pdu model (cyclades i something), they just daisychain off the acs and you can hit a key combo to powercycle. david peahi wrote: >We have u

RE: which firewall product?

Not sure how bsd handles ipip connections. If it breaks them out as a dedicated interface (like it does for openvpn connections) , then rules can be applied and pfsense would be quite useful. The UI is very simple. Warren Bailey wrote: >Look into pfsense. It's rock solid and bad based, and can

Re: WaPo writes about vulnerabilities in Supermicro IPMIs

If you are OK with USB ether net for one interface, check out the tplink wr703n. Its powered via USB, has a USB and rj45 jack. Runs OpenWrt. Leo Bicknell wrote: > >On Aug 15, 2013, at 9:18 PM, Brandon Martin >wrote: > >> As to why people wouldn't put them behind dedicated firewalls, >imagine

Re: Parsing Syslog and Acting on it, using other input too

Yes. Logstash shipper on your syslog proxy, forward to elasticsearch. Graylog2 is very cool. Tried kibana and didn't care for it. Actually setting up graylog2 right now to do AD authentication. So workflow is End device -> syslog-ng vm -> graylog2/elasticsearch vm and other destinations (it

Re: subrate SFP?

On hp proliant gen8 servers with management and ilo on same port, with the server off the ports show up as 100mbps. Jimmy Hess wrote: >On Fri, Aug 30, 2013 at 6:42 AM, Jamie Bowden wrote: > >> > From: Saku Ytti [mailto:s...@ytti.fi] >> Considering that Dell and HP at least are shipping brand n

Re: on network monitoring and security - req for monitoring tools

On 08/23/2010 07:40 AM, Scott Berkman wrote: Are you looking only at Open Source tools? If not you are missing all of the most widely deployed tools out there (including): You will also need to look at separate security monitoring software if your goal is to cover that. Not including any comm

Re: Specifications for Internet services on public frequency

Check out the openbts and tier wireless projects. "Georges-Keny PAUL" wrote: >Hello all, > >My team is working on technical and technological specifications of a >document for the deployment of Internet service on public frequencies in >rural areas. We welcome your thoughts on the topic in term

Re: PPPoE over L2TP over GigE questions

This has been a very informative thread. All sorts of acronyms to research and so forth. :) The mention of TR-101 took me down another rabbit hole, and I discovered http://www.dslforum.org/trlist/trlist.php. Very interesting info. Charles -- Charles N Wyble (818) 280-7059 http

Re: Building a BGP test network

ning on looking into this problem in a few weeks anyway. I'm building a network test bed and having full BGP tables is a part of my testing. When I figure it out I'll post to the list unless its figured out before then. -- Charles N Wyble (818) 280-7059 http://charlesnw.blogspot.com

Google to offer fiber to end users

g00g could decide to never leave the announce phase. - -- Charles N Wyble Linux Systems Engineer (818)280-7059 char...@knownelement.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozde

  1   2   >