Equinix IX Dallas Legacy Route Servers Decommissioning - Subnet Expansion

A Status page is published at the following link https://ix.equinix.com/home/ip-migration/da/ " -- ______ David Miller dmil...@tiggee.com

Re: Network Naming

On 1/25/2011 8:15 PM, Gary Steers wrote: James makes a good point... Pick a scheme which: 1. Uses simple memorable names. 2. Makes business sense to you. 3. You know how to manage (database, publication, updates, etc. If I had to weight these criteria, I would weight 3 most heavily. The

Re: BCP38.info

On 1/28/2014 2:16 PM, Jared Mauch wrote: > > On Jan 28, 2014, at 1:50 PM, valdis.kletni...@vt.edu wrote: > >> On Tue, 28 Jan 2014 08:06:31 -0500, Jared Mauch said: >> >>> 52731 ASN7922 >> >>> It includes IP address where you send a DNS packet to it and another IP >>> address responds to the q

Re: Blocking of domain strings in iptables

On 02/08/2014 09:40 AM, William Herrin wrote: > On Sat, Feb 8, 2014 at 3:34 AM, Jonathan Lassoff wrote: >> This is going to be tricky to do, as DNS packets don't necessarily contain >> entire query values or FQDNs as complete strings due to packet label >> compression (remember, original DNS only

Re: NTP DRDos Blog post

On 2/20/2014 7:05 PM, Mr. James W. Laferriere wrote: > Hello Harlen , > > On Wed, 19 Feb 2014, Harlan Stenn wrote: >> Folks, >> I just posted http://nwtime.org/ntp-winter-2013-network-drdos-attacks/ . > wget http://nwtime.org/ntp-winter-2013-network-drdos-attacks/ > --2014-02-20 15:03:13

Re: AS path not optimal

On 03/03/2014 10:16 PM, ku po wrote: > One of my client has peering with nlayer and a provider from Asia. It seems > from one major ISP in US, the best path is through this Asia provider, > instead of through nlayer which we want it to be. > > It seems this major ISP does not have a direct peerin

Re: Level 3 blames Internet slowdowns on Technica

Unless I am reading the tea leaves wrong "competition" will require "regulation". Original message From: "Mike." Date: 03/20/2014 21:56 (GMT-05:00) To: nanog@nanog.org Subject: Re: Level 3 blames Internet slowdowns on Technica On 3/20/2014 at 4:17 PM Bryan Field

Re: Verizon Public Policy on Netflix

On 7/16/2014 8:14 PM, Miles Fidelman wrote: > Owen DeLong wrote: >> On Jul 13, 2014, at 16:00 , Brett Glass wrote: >> >>> At 10:25 AM 7/13/2014, Charles Gucker wrote: >>> ALL ISPs are in the business of providing access to the Internet.If you feel the need to rebel, then I suggest

Re: Address Assignment Question

On 6/20/2011 9:52 AM, valdis.kletni...@vt.edu wrote: On Mon, 20 Jun 2011 09:26:30 EDT, Steve Richardson said: *definitely* concerns me. One thing they do say is that they need several IPs per block to assign to their MTAs to handle such a large amount of email (3 to 5 million per day). Being

Re: Address Assignment Question

On 6/20/2011 11:26 AM, Jérôme Nicolle wrote: < SNIP /> Unless many contiguous blocks are assigned as different objects : a RBL must NOT presume of one end-user's inetnum unless it has been cathed doing nasty things AND didn't comply to abuse@ requests. An RBL *can* do whatever an RBL wants to d

Re: Why is IPv6 broken?

On 7/10/2011 10:14 AM, Jeff Wheeler wrote: On Sat, Jul 9, 2011 at 5:25 PM, Bob Network wrote: Why is IPv6 broken? You should have titled your thread, "my own personal rant about Hurricane Electric's IPv6 strategy." You may also have left out the dodgy explanation of peering policies and techn

Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?)

On 7/10/2011 12:16 PM, Jeroen Massar wrote: On 2011-07-10 17:56 , David Miller wrote: [..] +1 The lack of will on the part of the IETF to attract input from and involve operators in their processes (which I would posit is a critical element in the process). Eh ANYBODY, including you, can

Re: Verizon Business - LTE?

On Tue, Aug 16, 2011 at 10:53 AM, Christopher Morrow < morrowc.li...@gmail.com> wrote: On Tue, Aug 16, 2011 at 10:37 AM, Leo Bicknell wrote: In a message written on Tue, Aug 16, 2011 at 10:29:13AM -0400, Christopher Morrow wrote: PCMag did the math, you can use up the 5GB alotment in 32 minut

Re: Cogent --> Google Public DNS routing issue

On 8/17/2011 9:13 AM, Patrick W. Gilmore wrote: On Aug 17, 2011, at 1:07 AM, Christopher Morrow wrote: On Wed, Aug 17, 2011 at 12:09 AM, Robert Glover wrote: Hello, We have noticed that from our Cogent link (as well as from ALL U.S. based points we tested via the Cogent Looking Glass: http://

Re: Nxdomain redirect revenue

On 9/27/2011 11:41 AM, Rubens Kuhl wrote: On Tue, Sep 27, 2011 at 11:48 AM, wrote: On Tue, 27 Sep 2011 10:20:25 EDT, William Allen Simpson said: It's not legal for an ISP to modify computer data. Especially digitally signed data. That's a criminal offense. Citation? Could tampering with D

Re: Issues with level3?

e past 12/18 months has been terminate them. The washington1.level3 site was unfortunately the last on my list of DCs. -- -__________ David Miller dmil...@tiggee.com

Re: Juniper MX10 and dual stack BGP

On 1/30/2013 5:16 PM, Justin M. Streiner wrote: > On Wed, 30 Jan 2013, Christopher Rogers wrote: > >> Does anyone have any sort of performance numbers for the jnpr MX10 series >> running dual stack ipv4/ipv6? I'm specifically interested in how many >> BGP >> prefixes it can handle in dual stack

Re: looking for terminology recommendations concerning non-rooted FQDNs

and not just getaddrinfo(), then, it is a bug. Owen -- -______ David Miller dmil...@tiggee.com

Re: Tier1 blackholing policy?

On 05/01/2013 05:40 AM, Thomas Schmid wrote: > Joel, > > Am 30.04.2013 18:00, schrieb joel jaeggli: >> On 4/30/13 8:23 AM, Thomas Schmid wrote: >>> On 30.04.2013 17:07, Chris Boyd wrote: On Tue, 2013-04-30 at 10:59 -0400, ML wrote: > 1) Do nothing - They're supposed deliver any and all bit

Re: recommendations for external montioring services?

On 12/13/2011 5:11 AM, Michiel Klaver wrote: At 22-07-2011 20:59, Eric J Esslinger wrote: I'm not looking to monitor a massive infrastructure: 3 web sites, 2 mail servers (pop,imap,submission port, https webmail), 4 dns servers (including lookups to ensure they're not listening but not talking

Re: Any tools to help network security

On 12/21/2011 2:03 PM, sth...@nethelp.no wrote: We discover there are so many (source) ip not belonging to our network to go to outside. We can block it but don't know how to locate the source. Any tools can be easily found out. http://lmgtfy.com/?q=unicast+rpf Steinar Haug, Nethelp consultin

Re: public scalable vpn?

On 2/18/2012 6:27 PM, Randy Bush wrote: academics in ontario are gonna need a scalable vpn service until they find jobs elsewhere. http://www.cautbulletin.ca/en_article.asp?SectionID=1386&SectionName=News&VolID=336&VolumeName=No%202&VolumeStartDate=2/10/2012&EditionID=36&EditionName=Vol%2059&Edi

Re: Reliable Cloud host ?

On 2/27/2012 10:25 AM, Jason Gurtz wrote: >> [...] For DNS, >> EasyDNS (https://web.easydns.com/DNS_hosting.php) are rather good and >> not too expensive, and you can get a 100% up-time guarantee if you >> want. A review of them regarding availability is at >> http://www.theregister.co.uk/2012/01

Re: IPv6 routing table incomplete!

On 3/9/2012 3:22 PM, ML wrote: > Not so shocking for people on this list..However after playing around > with a single-homed v6 connection to Cogent I was a little surprised > to not be missing just HE routes. > > Apparently Google and Cogent aren't playing nice as I've been unable > to reach a num

Re: SORBS?!

On 4/6/2012 12:35 PM, Michael Thomas wrote: > On 04/06/2012 09:17 AM, Brielle Bruns wrote: >> On 4/6/12 10:02 AM, Michael Thomas wrote: >>> >>> I wonder how long a popularish blacklist operator would last if they, >>> oh say, blacklisted all of google or microsoft before they got some >>> very thre

FYI Coresite xconn price increases

Just as an FYI, anyone with space and xconns in a Coresite facility (e.g. OW) might want to double check their recent invoices. Coresite more than doubled our MRC on existing and new fiber xconns. I have heard from others that they also had the same increase across the board for all xconns at al

Re: Squeezing IPs out of ARIN

On 4/25/2012 12:57 AM, Jack Bates wrote: > On 4/24/2012 2:00 PM, Owen DeLong wrote: >> I know that the ARIN process can, on occasion be tricky to navigate >> if you don't >> understand the subtleties of how some of the terminology is defined >> and that people >> often use terms which have very spe

Re: CDNs should pay eyeball networks, too.

On 5/1/2012 5:20 PM, valdis.kletni...@vt.edu wrote: > On Tue, 01 May 2012 14:13:01 -0700, Mike Hale said: > >>> "But you *may not* tie your >>> price to the hours used to produce it for the first." > The above was William Herrin's comment (quoting level fixed by me). > > Mike - please get mail soft

Re: Network diagram app that shows realtime link utilizatin

On 5/4/2012 6:53 PM, Jeroen van Aart wrote: > Anurag Bhatia wrote: >> I have been using Zenoss quite a bit. It does not shows exact real time >> stat of interface but close to real time + it has ton more options for > > I remember someone here saying that real time monitoring gives you > useless re

Re: DNS poisoning at Google?

On 6/27/2012 1:13 AM, Matthew Black wrote: > I'm not familiar with curl and don't understand what I type and what are > results. Are you suggesting that when google refers to our website, we pick > that up and redirect to couchtarts? > > matthew black > information technology services > californi

Re: Is Hotmail in the habit of ignoring MX records?

On 7/27/2012 9:00 PM, Jimmy Hess wrote: > On 7/27/12, Tony Finch wrote: >> That would be a seriously broken violation of the SMTP specification. > I would definitely agree it would be quite broken behavior, but you > know, I never said Hotmail's processing wasn't broken -- only that > they seem

Re: Bell Canada outage?

On 8/8/2012 4:14 PM, Steve Dalberg wrote: > CPU's were pegged for a customer of mine in California. tracked it > down to 2 events that went down at that time with a large message > volume. > > 1) Peering between GLBX and Level3 dopped somewhere, causing many > prefixes to shift away from L3 paths

Re: 172.0.0.0/12 has been Allocated

On 8/23/2012 1:29 AM, Otis L. Surratt, Jr. wrote: > Dan, > > Can you provide a link to support this? http://whois.arin.net/rest/nets;q=172.0.0.0?showDetails=true > If this is true, I wonder how this will work. > > Otis > -Original Message- > From: Dan White [mailto:dwh...@olp.net]

Re: The End-To-End Internet (was Re: Blocking MX query)

On 9/4/2012 2:22 PM, Jay Ashworth wrote: > - Original Message - >> From: "Owen DeLong" > >> I am confused... I don't understand your comment. > > It is regularly alleged, on this mailing list, that NAT is bad *because it > violates the end-to-end principle of the Internet*, where each

Re: Big Temporary Networks

On 9/19/2012 11:33 PM, Masataka Ohta wrote: > TJ wrote: > >>> >> A single counter example is enough to deny IPv6 operational. >> > Really? > With the Internet wide scope, yes, of course. So, a single example of IPv4 behaving in a suboptimal manner would be enough to declare IPv4 not operational?

Re: max-prefix and platform tcam limits: they are things

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 10/5/2012 8:17 PM, valdis.kletni...@vt.edu wrote: > On Fri, 05 Oct 2012 21:05:07 -0300, jim deleskie said: > >> But here goes, 210x the size of normal really? 210% I'd have a >> hard time believing. Did anyone else anywhere see a route leak >> e

Re: IPv4 address length technical design

On 10/5/2012 9:11 PM, Michael Thomas wrote: > On 10/05/2012 05:25 PM, Barry Shein wrote: >> 5. Bits is bits. >> >> I don't know how to say that more clearly. >> >> An ipv6 address is a string of 128 bits with some segmentation >> implications (net part, host part.) >> >> A host name is a string o

Re: IPv6 Netowrk Device Numbering BP

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 11/1/2012 1:59 PM, valdis.kletni...@vt.edu wrote: > On Thu, 01 Nov 2012 14:28:48 +0100, "Miquel van Smoorenburg" said: > >> We use a /120 subnet for servers to prevent the NDP cache >> exhaustion attack. We do maintain a mapping between IPv4 and

Re: Indonesian ISP Moratel announces Google's prefixes

On 11/7/2012 5:05 AM, Anurag Bhatia wrote: > OK one quick question here - Moratel leaked route and thus for a portion of > internet route to Google was via Moratel but was a path. What caused 100% > outage I.e all four authoritative DNS servers and open resolver service too > ? Can we just guess t

Re: Verizon Policy Statement on Net Neutrality

This PR reminds me of a story I heard about a few telegraph operators in the early 1930s. Mr. Nathan 'Nat' Flax and Mr. Hu Toob were telegraph operators for the mighty VerizonTelegraph Corporation. Misters Flax and Toob were able, through natural abilities and long practice, able to send telegra

Re: PRISM: NSA/FBI Internet data mining project

On 06/08/2013 01:47 PM, Jay Ashworth wrote: > - Original Message - >> From: "Wayne E Bouchard" >> Remember that part of the issue is the fact that, thanks to the >> Patriot Act and FISA, not only can you be given a warrant that does >> not proceed through normal channels, you are forbidden

Re: MTR for Android?

On 9/5/2013 6:33 PM, Jay Ashworth wrote: > Does anybody know if the program has been ported, or re-created there? > > I have searched the market, but not found anything... at least nothing whose > description includes the letters mtr. > - jra > I am not aware of a port of MTR, but I have used

Re: The block message is 521 DNSRBL: Blocked for abuse

On 9/18/2013 7:30 PM, Andrew D Kirch wrote: > On 9/18/2013 7:15 PM, Tammy Firefly wrote: >> On 9/18/13 5:07 PM, Andrew D Kirch wrote: >>> On 9/18/2013 6:55 PM, Tammy Firefly wrote: > I used to run the AHBL and ARIN used to contact us when they > recycled IP > space. We always removed

Re: The block message is 521 DNSRBL: Blocked for abuse

On 9/18/2013 8:16 PM, Tammy Firefly wrote: > On 9/18/13 6:10 PM, David Miller wrote: > > >> On 9/18/2013 7:30 PM, Andrew D Kirch wrote: >>> On 9/18/2013 7:15 PM, Tammy Firefly wrote: >>>> On 9/18/13 5:07 PM, Andrew D Kirch wrote: >>>>> On 9/1

Re: latest Snowden docs show NSA intercepts all Google and Yahoo DC-to-DC traffic

On 11/01/2013 01:08 PM, Gary Buhrmaster wrote: > On Fri, Nov 1, 2013 at 4:43 AM, Anthony Junk wrote: > ... >> It seems as if both Yahoo and Google assumed that since they were private >> circuits that they didn't have to encrypt. > > I actually cannot see them assuming that. Google > and Yahoo e

Re: ARIN Fraud Reporting Form ... Don't waste your time

As to what ARIN can 'do' about addresses that are unused/abandoned and later hijacked... ARIN delegates Reverse DNS for every allocation that they make. Address blocks that are reported, investigated, and determined to be unused/abandoned could be delegated to special ARIN name servers that

Re: ARIN Fraud Reporting Form ... Don't waste your time

On 10/1/2010 9:07 AM, bmann...@vacation.karoshi.com wrote: On Fri, Oct 01, 2010 at 08:47:29AM -0400, David Miller wrote: As to what ARIN can 'do' about addresses that are unused/abandoned and later hijacked... ARIN delegates Reverse DNS for every allocation that they make. Addr

Re: ARIN Fraud Reporting Form ... Don't waste your time

On 10/1/2010 2:17 PM, William Herrin wrote: On Fri, Oct 1, 2010 at 10:32 AM, David Miller wrote: I am merely refuting the statement, which I have heard many times in many different forums, that ARIN (or any RIR) makes address allocations and then walks away with no further active involvement

Re: Why does abuse handling take so long ?

On 3/14/2011 12:11 PM, William Allen Simpson wrote: On 3/13/11 9:35 PM, goe...@anime.net wrote: the real cesspool is POC registries. i wish arin would start revoking allocations for entities with invalid POCs. Hear, hear! Leo's remembering the old days (80s - early '90s), when we checked wh

Re: Suspecious anycast prefixes

On 5/3/2011 6:17 AM, Bill Woodcock wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On May 2, 2011, at 12:35 PM, Joe Abley wrote: It's perhaps worth noting that there is work in the IETF to recommend that every prefix originated as part of an anycast cloud uses a unique origin AS (see

Re: Suspecious anycast prefixes

On 5/5/2011 8:59 AM, Danny McPherson wrote: On May 3, 2011, at 6:17 AM, Bill Woodcock wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On May 2, 2011, at 12:35 PM, Joe Abley wrote: It's perhaps worth noting that there is work in the IETF to recommend that every prefix originated as part

Re: Suspecious anycast prefixes

On 5/5/2011 11:39 AM, Danny McPherson wrote: On May 5, 2011, at 9:43 AM, David Miller wrote: In a properly functioning system - folks that consume the service don't need to know which node they are utilizing. Right, it doesn't matter IF things are functioning properly. If t

Re: Yahoo and IPv6

On 5/16/2011 3:13 PM, Paul Vixie wrote: Date: Mon, 16 May 2011 14:37:46 -0400 From: Jim Gettys perhaps i'm too close to the problem because that solution looks quite viable to me. dns providers who don't keep up with the market (which means ipv6+dnssec in this context) will lose business to th