Re: Only 5x IPv4 /8 remaining at IANA

On 10/18/10 8:35 AM, Henning Brauer wrote: > * Owen DeLong [2010-10-18 17:27]: >> Have you done IPv6? >> I have... It's not even difficult(), let alone really().Really().Difficult(). > > maybe not from a users standpoint (that comes later when it misbehaves > again). from an implementors (I have

Re: Definitive Guide to IPv6 adoption

tion. >> >> Apparently I was wrong about the /64 as that should be /32 so thanks >> for that correction >> >> Thanks again especially on a Saturday weekend! >> >> >> >>> From: rdobb...@arbor.net >>> To: nanog@nanog.org >>&

Re: Definitive Guide to IPv6 adoption

On 10/18/10 10:10 AM, Jack Bates wrote: > On 10/18/2010 11:45 AM, Owen DeLong wrote: >> >> More accurately... A /48 per customer end-site... >> > > Define end0-site. Residential customers, for example, don't need more > than a /56. This is a matter of opinion not gospel. larger, this size, or sma

Re: Definitive Guide to IPv6 adoption - Sparse IPv6 allocation

On 10/18/10 12:42 PM, Randy Carpenter wrote: > > I have a few customers whose allocations are /29 away from their > nearest neighbor (half a nibble). That seems a little close > considering there is a lot of talk about doing nibble boundaries, and > there doesn't seem to be consensus yet. > > For

Re: Only 5x IPv4 /8 remaining at IANA

On 10/18/10 1:38 PM, Franck Martin wrote: > I'm an IPv6 pioneer, because I did it the year, you could really go > IPv6 only. That was when ICANN put IPv6 glue in the root zone, which > fell a few days before the IETF did an IPv4 blackout. > > I thank Russ to come up with this IPv4 blackout, becaus

Re: Only 5x IPv4 /8 remaining at IANA

On 10/19/10 9:24 PM, Mark Smith wrote: > On Tue, 19 Oct 2010 22:24:02 +0200 > Jens Link wrote: > >> valdis.kletni...@vt.edu writes: >> You are going to kill about 90% of all net-/sysadmins? >>> >>> Do you *really* want somebody working on your network that gets confused by >>> a >>> refere

Re: Only 5x IPv4 /8 remaining at IANA

On 10/20/10 12:51 PM, Jeroen van Aart wrote: > Jeroen Massar wrote: >> (And the spammers will take the rest...) > > I am afraid so too. > >> (PS: There seems to be a trend for people calling themselves"IPv6 >> Pioneers" as they recently did something with IPv6, if you didn't play >> in the 6bone/

Re: IPv6 fc00::/7 ? Unique local addresses

On 10/20/10 9:44 PM, Adrian Chadd wrote: > On Thu, Oct 21, 2010, Graham Beneke wrote: > >> I've seen this too. Once again small providers who pretty quickly get >> caught out by collisions. >> >> The difference is that ULA could take years or even decades to catch >> someone out with a collision

Re: ipv6 vs. LAMP

On 10/21/10 2:00 PM, Majdi S. Abbas wrote: > On Thu, Oct 21, 2010 at 01:53:49PM -0700, Christopher McCrory wrote: >> Network operations content: >> >> Will "We're running MySQL and Postgress servers that do not support >> IPv6" be a valid reason for rejecting IPv6 addresses from ISPs or >> hostin

Re: ipv6 vs. LAMP

On 10/21/10 2:59 PM, Brandon Galbraith wrote: > On Thu, Oct 21, 2010 at 4:53 PM, Dan White wrote: > >> On 21/10/10 14:43 -0700, Leo Bicknell wrote: >> >>> In a message written on Thu, Oct 21, 2010 at 01:53:49PM -0700, Christopher >>> McCrory wrote: >>> open to the world. After a few google

Re: Why ULA: low collision chance (Was: IPv6 fc00::/7 — Unique loc al addresses)

On 10/21/10 6:02 AM, William Herrin wrote: > On Thu, Oct 21, 2010 at 8:14 AM, Ray Soucy wrote: >> That's assuming ULA would be the primary addressing scheme used. If >> that became the norm, I agree, the extra uniqueness would be >> desirable, perhaps to the point that you should be asking an aut

Re: Why ULA: low collision chance (Was: IPv6 fc00::/7 — Unique loc al addresses)

On 10/21/10 6:38 PM, Owen DeLong wrote: > > On Oct 21, 2010, at 3:42 PM, Jack Bates wrote: > >> On 10/21/2010 5:27 PM, Joel Jaeggli wrote: >>> >>> Announce your gua and then blackhole it and monitor your prefix. >>> you can tell if you're lea

Re: NTP Server

On 10/24/10 10:20 AM, Christopher Morrow wrote: > On Sun, Oct 24, 2010 at 10:44 AM, Peter Lothberg wrote: >>> 1) How necessary do you believe in local NTP servers? Do you really need th= >>> e logs to be perfectly accurate? >>> 2) If you do have a local NTP server=2C is it only for local internal

Re: NTP Server

On 10/24/10 10:25 AM, John Kristoff wrote: > The "perfect accuracy" of log files might be hard to justify and > quantify. more to the point what's the minimum resolution of a counter in a log file, if it's 1s or 1ms it's a bit different than if it's 1us.

Re: Mystery open source switching company claims top-of-rack price edge (was Re: Pica8 - Open Source Cloud Switch)

On Oct 31, 2010, at 19:25, bas wrote: > Hi Paul, > > On Mon, Nov 1, 2010 at 2:07 AM, Paul WALL wrote: >> I don't know what the big deal is. I've rolled at least 20 of these >> switches into my network, and not only are they more stable than the >> Centillion switches that they replaced, they o

Re: IPv6 fc00::/7 - Unique local addresses

On 11/1/10 9:42 PM, Nathan Eisenberg wrote: >> My guess is that the millions of residential users will be less and >> less enthused with (pure) PA each time they change service providers... Hi, almost everytime I open my laptop it gets a different ip address, sometimes I'm home and it gets that sa

Re: Low end, cool CPE.

On 11/12/10 11:30 PM, Eugen Leitl wrote: > On Fri, Nov 12, 2010 at 10:10:30AM -0500, Jason Lewis wrote: >> Everytime I'm in the market for a device like you describe, it comes >> down to the limitations of consumer devices. You can't get all those >> things in a low cost solution. I end up rollin

Re: IPv6

On 11/18/10 3:00 PM, Nick Olsen wrote: > That's what I'm hearing. Cogent refuses to peer with HE via IPv6. > So cogent IPv6 Customers currently can not hit things at HE. And they can't > do anything about it. Besides 6to4 tunneling and BGP peering with HE (or > native, If they can). Wait, a sett

Re: Introducing draft-denog-v6ops-addresspartnaming

On 11/19/10 10:56 AM, Owen DeLong wrote: >> It is always two bytes. A byte is not always an octet. Some machines do > > It is always two OCTETS. A byte is not always an octet... Assuming you have a v6 stack on your cdc6600 a v6 address fits in 22 bytes not 16. >> have byte sizes other than 8 bit

Re: Introducing draft-denog-v6ops-addresspartnaming

On 11/19/10 12:45 PM, William Herrin wrote: > On Thu, Nov 18, 2010 at 9:07 PM, Richard Hartmann > wrote: >> as most of you are aware, there is no definite, canonical name for the >> two bytes of IPv6 addresses between colons. This forces people to use >> a description like I just did instead of a

Re: Introducing draft-denog-v6ops-addresspartnaming

On 11/20/10 2:20 PM, Owen DeLong wrote: > > On Nov 20, 2010, at 9:12 AM, William Herrin wrote: > >> On Sat, Nov 20, 2010 at 5:05 AM, Richard Hartmann >> wrote: >>> On Fri, Nov 19, 2010 at 23:52, William Herrin wrote: >>> I thought about that. Have a "one colon rule" that IPv6 addresses in

Re: Introducing draft-denog-v6ops-addresspartnaming

On 11/21/10 7:54 AM, William Herrin wrote: > We've gone too far down the wrong path to change it now; colons are > going to separate every second byte in the v6 address. But from a > human factors perspective, floating colons would have been better. >>From a computer parser perspective, a character

Re: Introducing draft-denog-v6ops-addresspartnaming

On 11/21/10 2:50 PM, William Herrin wrote: > On Sun, Nov 21, 2010 at 11:40 AM, Joel Jaeggli wrote: >> There is a lot of assumption on the part of ipv6 that the use of ipv6 >> literals in uri's would be a rather infrequent occurrence, given how >> infrequent it is in

Re: switch about routing p

On 11/22/10 10:34 AM, Deric Kwok wrote: > Hi > > I read switch that supports PIM / ESRP / VRRP I assume you don't mean extreme standby routing protocol, if you do then you have your answer, you future is purple. > What are they? Most decent layer3 switch platforms will support PIM/VRRP. > Than

Re: Jumbo frame Question

10/100 switches and NICs pretty much universally do not support jumbos. Joel's widget number 2 On Nov 26, 2010, at 8:02, Brandon Kim wrote: > > Where would the world be if we weren't stuck at 1500 MTU? I've always kinda > thought, what if that was larger > from the start > > We keep get

Conclusions? - Introducing draft-denog-v6ops-addresspartnaming

Since 11/18/10 this discussion has generated something like 66 messages across five threads on this list, on nanog and elsewhere. While some suggestions are entertaining, I would think of this criticism and commentary on the document as useful if it winnowed the number of options down to fewer rat

Re: The scale of streaming video on the Internet.

On 12/2/10 4:56 PM, Matthew Petach wrote: > On Thu, Dec 2, 2010 at 1:02 PM, Owen DeLong wrote: > ... >> As to the emergency broadcast system, yeah, that's going to lose. > > Didn't we already replace that with twitter? quake/tsunami warnings flow via email rather quickly. > Matt >

Re: ARIN space not accepted

Got an address we can ping? On 12/3/10 2:09 PM, Dustin Swinford wrote: > We have run into an issue with the 107.7.0.0/16 assigned to us several > months ago. It appears that many sites have not yet accepted this space. I > understand this is not a normal type post to NANOG, but hoped to get the

Re: Want to move to all 208V for server racks

On Dec 3, 2010, at 16:58, valdis.kletni...@vt.edu wrote: > On Fri, 03 Dec 2010 13:21:07 PST, Matthew Petach said: >> People are still feeding their gear with AC? Save on PS inefficiency, >> and feed direct 12/5vDC to the servers. Save space, save power, >> save cooling. > > What does that do to

Re: Want to move to all 208V for server racks

On Dec 3, 2010, at 19:25, Matthew Petach wrote: > On Fri, Dec 3, 2010 at 7:18 PM, Joel Jaeggli wrote: >> On Dec 3, 2010, at 16:58, valdis.kletni...@vt.edu wrote: >> >> On Fri, 03 Dec 2010 13:21:07 PST, Matthew Petach said: >> >> People are still feedin

Re: Want to move to all 208V for server racks

Your battery stack isn't like 12v either, unless it's one battery. Joel's widget number 2 On Dec 3, 2010, at 20:02, Jima wrote: > On 12/3/2010 9:25 PM, Matthew Petach wrote: >> (OK, so it's not as practical when you have other customers to worry >> about... but it might not be so crazy when you

Re: Pointer for documentation on actually delivering IPv6

On 12/7/10 5:18 AM, david raistrick wrote: > On Mon, 6 Dec 2010, Owen DeLong wrote: > >> Seriously, though, you're welcome to use fd00::/8 for exactly that >> purpose. The problem is that you (and hopefully it stays this way) >> won't have much luck finding a vendor that will provide the NAT for >

Re: Pointer for documentation on actually delivering IPv6

On 12/6/10 5:35 AM, Jeff Johnstone wrote: > > Speaking of IPV6 security, is there any movement towards any open source > IPV6 firewall solutions for the consumer / small business? > > Almost all the info I've managed to find to date indicates no support, nor > any planned support in upcoming rele

Re: [Operational] Internet Police

On 12/10/10 9:06 AM, valdis.kletni...@vt.edu wrote: > On Fri, 10 Dec 2010 11:08:00 EST, Lamar Owen said: > > I believe the word you wanted was "hooliganism". And we have a legal system > that has about 3,000 years of experience in dealing with *that*, thank you > very > much. The code of hamurab

Re: Over a decade of DDOS--any progress yet?

On 12/10/10 12:33 PM, Drew Weaver wrote: > Nobody has really driven the point home that yes you can purchase a > system from Arbor, RioRey, make your own mitigation system; what-have > you, but you still have to pay for the transit to digest the attack, > which is probably the main cost right now.

Re: Pointer for documentation on actually delivering IPv6

On 12/6/10 6:55 AM, Jared Mauch wrote: > > On Dec 6, 2010, at 8:35 AM, Jeff Johnstone wrote: > >> Speaking of IPV6 security, is there any movement towards any open >> source IPV6 firewall solutions for the consumer / small business? >> >> Almost all the info I've managed to find to date indicate

Re: Over a decade of DDOS--any progress yet?

On 12/8/10 6:30 AM, Drew Weaver wrote: > Yes, but this obviously completes the 'DDoS attack' and sends the signal that > the bully will win. it's part of a valid mitigation strategy. shifting the target out from underneath the blackholed address is also part of the activity. that's easier in some

Re: Some truth about Comcast - WikiLeaks style

On 12/15/10 2:37 PM, Randy Epstein wrote: > Jon, > If ratios are really a concern and you really need to maximize your port > capacity, there are ways to balance this; balance your customer base. Start > hosting content. Now, this might not help on private peering interconnects, > but if you peer

Re: TCP congestion control and large router buffers

On 12/9/10 7:20 AM, Mikael Abrahamsson wrote: > On Thu, 9 Dec 2010, Vasil Kolev wrote: > >> I wonder why this hasn't made the rounds here. From what I see, a >> change in this part (e.g. lower buffers in customer routers, or a >> change (yet another) to the congestion control algorithms) would do

Re: Mastercard problems

On 12/9/10 8:11 AM, Marshall Eubanks wrote: > By the way, I was amused that a Twitter spokesman boasted that > > "The company is not overly concerned about hackers’ attacking > Twitter’s site, he said, explaining that it faces security issues all > the time and has technology to deal with the situ

Re: Some truth about Comcast - WikiLeaks style

On 12/23/10 9:19 AM, Jay Ashworth wrote: > And that's just another argument in favor of muni fiber -- since it's > municipal, > it will by definition serve every address, and since it's monopoly, it will > enable competition by making it practical for competitors to start up, since > they'll have

Re: IPv6 BGP table size comparisons

On 12/23/10 6:02 PM, Scott Taylor wrote: > On Thu, Dec 23, 2010 at 20:37, Seth Mattinen wrote: >> On 12/21/10 2:18 PM, Frank Bulk wrote: >>> There are 4,035 routes in the global IPv6 routing table. This is what one >>> provider passed on to me for routes (/48 or larger prefixes), extracted from >

Re: Wake on LAN in the enterprise

On 12/13/10 8:32 AM, Jack Bates wrote: > On 12/13/2010 10:20 AM, Owen DeLong wrote: >> WOL is unfortunately terribly deficient in that the spec. never >> envisioned the possibility >> of a need for wake on WAN. >> >> Bottom line, it's a non-routeable layer 2 protocol. Your choices boil >> down to t

Re: Muni Fiber Last Mile - a contrary opinion

On 12/26/10 10:04 PM, Owen DeLong wrote: > > On Dec 26, 2010, at 7:35 PM, Frank Bulk - iName.com wrote: >> [Frank Bulk] >> Some MSOs (including ourselves) have power systems (e.g. Alpha) in place >> throughout the plant to provide backup power for at least some time. >> > > Does that back up the

Re: Wireless IPv6

On 12/28/10 10:35 AM, Richard Barnes wrote: > FWIW, the same does not appear to be true of the Verizon 3G network. (Not > that anyone expected it to be.) My VZW device has a NATted v4 address and > only link-local v6. lack of a chipset support is a notable problem there joel > On Dec 28, 2

Re: 5.7/5.8 GHz 802.11n dual polarity MIMO through office building glass, 1.5 km distance

On 12/28/10 8:48 PM, Anonymous List User wrote: > For architectural and building management reasons we cannot mount our > antennas in a rooftop or outdoor location at either end. The distance > between two buildings is 1.5 km, and the fresnel zone is clear. Antennas > need to be located indoors a

Re: NIST IPv6 document

On 1/5/11 8:49 AM, Jeff Wheeler wrote: > On Wed, Jan 5, 2011 at 9:39 AM, Iljitsch van Beijnum > wrote: >>> that a lot of smart people agree is a serious design flaw in any IPv6 >>> network where /64 LANs are used >> >> It's not a design flaw, it's an implementation flaw. The same one that's in

Re: NIST IPv6 document

On 1/5/11 11:03 PM, Matthew Petach wrote: > On Wed, Jan 5, 2011 at 10:51 PM, Joe Greco wrote: > Hi Joe, > > I think what people are trying to say is that it doesn't matter whether > or not your host is easily findable or not, if I can trivially take out your > upstream router. With your upstream

Re: NIST IPv6 document

On 1/5/11 10:36 PM, Dobbins, Roland wrote: > > On Jan 6, 2011, at 1:26 PM, Joe Greco wrote: > >> A bunch of very smart people have worked on IPv6 for a very long >> time, and justification for /64's was hashed out at extended >> length over the period of years. > > Very smart people can and do c

Re: NIST IPv6 document

On 1/6/11 12:24 AM, Jeff Wheeler wrote: > On Thu, Jan 6, 2011 at 2:42 AM, Joel Jaeggli wrote: >> icmp6 rate limiting both reciept and origination is not rocket science. >> The attack that's being described wasn't exactly dreamed up last week, >> is as observed

Re: Problems with removing NAT from a network

On 1/6/11 5:48 PM, Owen DeLong wrote: > Doesn't all of this become moot if Skype just develops a dual-stack capable > client > and servers? Really, only some fraction of the supernodes and the login servers need to be dual stack. > Owen > > On Jan 6, 2011, at 1:32 PM, Matthew Kaufman wrote: >

Re: Problems with removing NAT from a network

nce v4 over time? > > Frank > > -Original Message- > From: Matthew Kaufman [mailto:matt...@matthew.at] > Sent: Thursday, January 06, 2011 8:57 PM > To: Joel Jaeggli > Cc: Nanog Operators' Group > Subject: Re: Problems with removing NAT from a network > > O

Re: IPv6 prefix lengths

if you have multiple sites you should request a direct assignmnet later than /48. previous $employer recieved a /44 direct assignment on the basis of north american footprint. On 1/13/11 4:49 AM, Richard Barnes wrote: > Hi all, > > What IPv6 prefix lengths are people accepting in BGP from > peer

Re: co-location and access to your server

On 1/13/11 11:30 PM, Jeroen van Aart wrote: > JC Dill wrote: >> Scruz is ~30-45 minutes from the heart of the internet on the west >> coast (Silicon Valley). If your $dayjob isn't in scruz, then it's >> most likely IN Silicon Valley. So locate your 1U server in Silicon >> Valley, where > > Yes

Re: Is NAT can provide some kind of protection?

On 1/15/11 1:24 PM, Leen Besselink wrote: > I'm a full supported for getting rid of NAT when deploying IPv6, but > have to say the alternative is not all that great either. > > Because what do people want, they want privacy, so they use the > IPv6 privacy extensions. Which are enabled by default

Re: Single AS Number for multiple prefixes in different country

On 1/15/11 8:51 PM, Graham Wooden wrote: > Not to budge in here ... but I have always been curious of this type of > setup, as in all my past BGP deployments its always been that all edges > belong in the same ibgp peering group. > > Ryan, does the other edge(s) get confused when they see their sa

Re: Network Simulators

On 1/17/11 12:12 PM, Randy Bush wrote: >> Are there any good Network Simulators/Trainers out there that support >> IPv6? I want play around with some IPv6 setup. > > what are you trying to simulate? > o control plane? > o traffic? > o interfaces and layers 1-3? > o ... products which I'

Re: anyone running GPS clocks in Southeastern Georgia?

On 1/21/11 2:26 PM, Robert E. Seastrom wrote: > > Michael Holstein writes: > >>> I'd be curious to see what effects (if any) those who use >>> GPS-disciplined NTP references in Southeastern Georgia see from this >>> experiment. >> >> Aren't CDMA BTS clocked off GPS? >> >> NTP isn't going to be

Re: IPv6 - real vs theoretical problems

On 1/11/11 11:15 AM, Jack Bates wrote: > > > On 1/11/2011 1:05 PM, George Bonser wrote: >> Many of us are looking at things from today's >> perspective. Maybe each room of my house will have its own subnet with >> a low power access point and I can find which room something is in by >> the IP ad

Re: Future of the IPv6 CPE survey on RIPE Labs - Your Input Needed

On 1/27/11 7:33 AM, Jack Bates wrote: > > > On 1/27/2011 9:25 AM, Dan White wrote: >> >> The DIR-825(Rev B) running firmware 2.05NA does. From the status screen: >> >> IPv6 Connection Type : Autoconfiguration (SLAAC/DHCPv6) > > Nice. New love for D-Link then. I've had DSL modem vendors s

Re: Future of the IPv6 CPE survey on RIPE Labs - Your Input Needed

On 1/27/11 10:01 AM, Jim Gettys wrote: > > For god's sake, stay away from the DIR-825(Rev A), which has been > effectively abandoned by DLINK support and has no IPv6 support at all. pretty sure you can't find those on the shelf... The current model I bought on a lark for someone for christmas 2

Re: Future of the IPv6 CPE survey on RIPE Labs - Your Input Needed

unlike a simpler device you can actually turn that off. in fact it has more knobs than you've likely seen in a consumer cpe... joel On 1/27/11 10:40 AM, Scott Weeks wrote: > > > --- frnk...@iname.com wrote: > From: "Frank Bulk" > > Have you looked at D-Link's DIR-825? It has most of the thi

Re: Connectivity status for Egypt

On 1/27/11 10:49 PM, Roy wrote: > On 1/27/2011 9:36 PM, Craig Labovitz wrote: >> >> And to add to this thread, an graph of Egyptian Internet traffic >> across a large number of geographically / topologically diverse >> providers yesterday (Jan 27): >> >> http://farm6.static.flickr.com/5291/5395027

Re: DSL options in NYC for OOB access

On 1/29/11 9:30 PM, Ryan Finnesey wrote: > All this out of band management talk is making me think it is an > opportunity for a supper low cost DSL offering. Maybe a good way to get > read of some capacity we have. The key of course is that it not be coupled to the physical plant that the other c

Re: EPC backhaul networks

On 1/30/11 1:13 PM, Ping Pan wrote: > On Sun, Jan 30, 2011 at 12:55 PM, Cameron Byrne wrote: > >> Yep. I hate L2. It is a total nightmare. But, it is literally the >> only game in town. I blame the MEF for spreading propaganda that >> MetroEis the best solution for backhaul ... most people don

Re: quietly....

On 1/31/11 10:43 PM, George Bonser wrote: >> >> 3. Busting out 16 more /8s only delays the IPv4 endgame by about a >> year. >> >> jms > > If used for general assignment, sure. But if used for what people have > been begging for NAT444 middle-4 space. Well, that might work. Code > update on the

Re: ipv4's last graph

On 2/1/11 1:08 PM, Randy Bush wrote: >> FWIW: the Jan. 2011 global burn rate (outbound from the RIRs) for >> /24-equivlents was 18.97 seconds. At the Jan. rate, APnic won't last >> to June and Ripe might make to the end of August, then chaos ensues. > > this is not the murdoch press or fox news.

Re: Terremark Miami

On 1/28/14, 5:29 PM, Faisal Imtiaz wrote: > So essentially, you are looking for a 'direct' x-connect to AWS ? > and not wanting to go thru a peering fabric or any other network ? just as an aside amazon peer routes are in my experience regional so if the goal is to offload traffic in miami bound f

Re: Is there such a thing as a 10GBase-T SFP+ transciever

On 1/30/14, 5:26 PM, james jones wrote: > I would like to know if anyone has seen one of these? If so where? Also if > they don't exist why? It would seem to me that it would make it a lot > easier to play mix and match with fiber in the DC if they did. Would be so > hard to make the 1G SFPs faster

Re: Is there such a thing as a 10GBase-T SFP+ transciever

On 2/1/14, 1:18 PM, Jared Mauch wrote: > > On Feb 1, 2014, at 4:05 PM, Phil Bedard wrote: > >> As for 10GBase-T in a transceiver, I haven't seen that on anyone's >> roadmap. It will probably come eventually but not for awhile. > > It must exist, as there is this: Nah that's a 10G-base-t pci e

Re: Twinax trivia check (was Re: Is there such a thing as a 10GBase-T SFP+ transciever)

On 2/2/14, 7:30 AM, Larry Sheldon wrote: > On 2/1/2014 10:40 PM, Jima wrote: >> +1. Cisco calls them Twinax, HP calls them DACs. I don't know what >> anyone else calls them as it hasn't come up in conversation for me. > > I thought "Twinax" was an IBMish MILSPEC term. twinax could refer to a

Re: BCP38 [Was: Re: TWC (AS11351) blocking all NTP?]

On 2/5/14, 1:24 PM, Jay Ashworth wrote: > - Original Message - >> From: "Octavio Alvarez" > >> Maybe I'm oversimplifying things but I'm really curious to know why >> can't the nearest-to-end-user ACL-enabled router simply have an ACL to >> only allows packets from end-users that has a val

Re: BCP38 is hard; let's go shopping!

On 2/5/14, 1:46 PM, Jay Ashworth wrote: > - Original Message - >> From: "joel jaeggli" > >>> As I've noted, I'm not sure I believe that's true of current generation >>> gear, and if it *is*, then it should cost manufacturers busin

Re: 7206 VXR NPE-G1 throughput

On 2/10/14, 7:17 AM, Vlade Ristevski wrote: > We are looking to double the bandwidth on one of our circuits from > 300Mbps to 600Mbps. We currently use a Cisco 7206VXR with an NPE-G1 > card. These seem like very popular routers so I'm hoping a few people on > this list have them deployed. If you or

Re: 7206 VXR NPE-G1 throughput

On 2/10/14, 7:43 AM, Vlade Ristevski wrote: > We're still on the 12.4 train. I do use an ACL with less than 100 > entries which handle BCP38 and block a few bad actors and private IPs on > the Internet. I will be moving the BCP38 ACL closer to the hosts before > the upgrade so the ACL will be a bit

Re: 7206 VXR NPE-G1 throughput

he > traffic through the 7206). so those pps numbers are worst case (small packet) but the acl count /distribution and so on are going to impact what you actually get in the downward direction. > > On 2/10/2014 10:41 AM, joel jaeggli wrote: >> On 2/10/14, 7:17 AM, Vlade Ristevski

Re: ddos attack blog

On 2/14/14, 3:00 PM, Hal Murray wrote: > >> I was being a bit extreme, I don't expect UDP to be blocked and there are >> valid uses for NTP and it needs to pass. Can you imagine the trading >> servers not having access to NTP? > > Sure. > > They could setup internal NTP servers listening to GP

Re: Filter NTP traffic by packet size?

On 2/23/14, 12:11 PM, Royce Williams wrote: > On Sun, Feb 23, 2014 at 10:48 AM, Royce Williams > wrote: >> Newb question ... other than retrofitting, what stands in the way of >> making BCP38 a condition of peering? Peering is frequently but harldy exclusively on a best effort basis, e.g. you ag

Re: out of band management gear

On 2/21/14, 12:27 PM, Randy Carpenter wrote: > > OpenGear's newer stuff is Gigabit (SFP even). > > I've not seen any real switch made in the last decade that has a problem with > 100Mb/s connections. Ancient cisco, maybe had issues. > there are a substantial number of 10Gb/s switch that cannot

Re: AS path not optimal

On 3/4/14, 3:16 AM, ku po wrote: > One of my client has peering with nlayer and a provider from Asia. It seems > from one major ISP in US, the best path is through this Asia provider, > instead of through nlayer which we want it to be. > > It seems this major ISP does not have a direct peering wi

Re: fiber optics patchcords - supplier nearby Atlanta,GA

On 3/6/14, 1:00 PM, Jiri Prochazka wrote: > Hello list, > > we're deploying a new rack/technology in Atlanta,GA and we are out of > reserves of optical patchcords. > > We need to get another few pieces (combinations of most used connectors > like LC/SC/E2000 and lenghts). > > > Could you please

Re: How to catch a cracker in the US?

On 3/13/14, 11:09 AM, valdis.kletni...@vt.edu wrote: > On Thu, 13 Mar 2014 12:46:06 -0400, William Herrin said: > (Contemplate for a bit why Kirk > wasn't bounced out on his butt from the Academy) Apparently the thinking about hacking was a little more permissive in 1966. > > signature.asc

Re: open source with flowspec ?

exabgp from ripe labs can inject flowspec routes. typically some helper app would generate the policy for exabgp and then exabgp would do the heavy lifting. joel On 3/13/14, 3:42 PM, Piotr wrote: > Hi, > > There is some open source sflow collector wich can talk via flowspec > with juniper route

Re: NetBSD as a TimeCapsule?

On 3/18/14, 11:53 AM, Rob Seastrom wrote: > > Atticus writes: > >> Use avahi. > > Isn't that built into netatalk3? netatalk does the mdns for my afp shares and seems to work. > -r > > signature.asc Description: OpenPGP digital signature

Re: why IPv6 isn't ready for prime time, SMTP edition

On 3/30/14, 10:03 AM, Barry Shein wrote: > > The problem is the world is a very sloppy place and tends to function > in spite of proofs that "bumblebees can't fly" etc. when there's a > need. which is fortunately, mythology based on catastrophically bad modeling so your analogy is spot on. > >

Re: Prefix hijack by AS4761 (was Re: BGPMON Alert Questions)

yeah you're seeing the impact of a pretty broad prefix injection indosat's upstream filters seem to be working for the most part. On 4/2/14, 12:10 PM, Stephen Fulton wrote: > I'm seeing the same hijack of prefixes by multiple networks under my > watch, at 18:40 UTC and 19:06 UTC. > > -- Stephen

Re: BGPMON Alert Questions

On 4/2/14, 11:59 AM, Justin M. Streiner wrote: > Two things need to happen: > 1. Indosat needs to clean their mess up. > 2. Indosat's upstreams need to apply some BGP clue to Indosat's > announcements. > > It's pretty clear that both parties have dropped the ball in a big way, > in terms of sane

Re: Requirements for IPv6 Firewalls

On 4/18/14, 7:04 PM, Jeff Kell wrote: > PCI requirement 1.3.8 pretty much requires RFC1918 > addressing of the computers in scope... It does not 1.3.8 Do not disclose private IP addresses and routing information to unauthorized parties. Note : Methods to obscure IP addressing may include, but a

Re: AOL Mail updates DMARC policy to 'reject'

On 4/25/14, 9:04 AM, Steven Saner wrote: > On 04/25/2014 10:59 AM, Royce Williams wrote: >> On Fri, Apr 25, 2014 at 7:43 AM, Shrdlu wrote: >>> On 4/25/2014 8:00 AM, Leo Bicknell wrote: On Apr 23, 2014, at 12:45 AM, Grant Ridder wrote: > Thought i would throw this out t

Re: We hit half-million: The Cidr Report

On 4/30/14, 9:30 AM, valdis.kletni...@vt.edu wrote: > On Wed, 30 Apr 2014 15:40:43 -, Jamie Bowden said: > >> You're not funny. And if you're not joking, you're wrong. We just went over >> this on this very list two weeks ago. > > And in that discussion, we ascertained that what the PCI sta

Re: Shared Transition Space VS. BGP Next Hop [was: Re: Best practices IPv4/IPv6 BGP (dual stack)]

On 5/3/14, 10:36 AM, Chris Grundemann wrote: > On Sat, May 3, 2014 at 3:58 AM, Randy Bush wrote: >> a good number of us use that kinky /10 behind home nats and encourage >> everyone to do so. it was a sick deal and should be treated as such, >> just more 1918. > > A good number of folks use othe

Please moderate yourselves, was: Re: US patent 5473599

Notwithstanding any legitimate or illegitimate grievance associated with the sordid history of carp / vrrp / the us patent system / BSD forks and their respective participants. It's time to take a long weekend. thanks joel On 5/7/14, 8:47 PM, Rob Seastrom wrote: > > Matt Palmer writes: > >>

Re: Observations of an Internet Middleman (Level3) (was: RIP Network Neutrality

On 5/12/14, 7:07 AM, Owen DeLong wrote: > > On May 12, 2014, at 6:02 AM, Nick Hilliard wrote: > >> On 10/05/2014 22:34, Randy Bush wrote: >>> imiho think vi hart has it down simply and understandable by a lay >>> person. . my >>> friends in

Re: Getting pretty close to default IPv4 route maximum for 6500/7600 routers.

On 6/10/14, 10:15 AM, Łukasz Bromirski wrote: > Hi Blake, > > On 10 Jun 2014, at 19:04, Blake Hudson wrote: > >> In this case, does the 512k limit of the 6500/7600 refer to the RIB or the >> FIB? And does it even matter since the BGP prefix table can automatically be >> reduced to ~300k routes

Re: Getting pretty close to default IPv4 route maximum for 6500/7600 routers.

On 6/10/14, 10:39 AM, Blake Hudson wrote: > > Łukasz Bromirski wrote the following on 6/10/2014 12:15 PM: >> Hi Blake, >> >> On 10 Jun 2014, at 19:04, Blake Hudson wrote: >> >>> In this case, does the 512k limit of the 6500/7600 refer to the RIB >>> or the FIB? And does it even matter since the B

Re: Time Warner IPv6 Reverse DNS?

On 6/13/14, 8:26 AM, James R Cutler wrote: > On Jun 13, 2014, at 10:39 AM, Lee Howard wrote: > >> We've corresponded offline. >> >> I documented the difficulties in providing reverse DNS for IPv6 >> residential users in http://tools.ietf.org/html/draft-howard-isp-ip6rdns-06 >> It's a long-expired

Re: routing issues to AWS via 2914(NTT)

On 6/13/14, 2:28 PM, Matt Palmer wrote: > On Fri, Jun 13, 2014 at 11:44:51AM +, Paul WALL wrote: >> Amazon peers at many key exchanges, with dozens of hosting shops >> (where customers might share mutual infrastructure) like yours: >> >> https://www.peeringdb.com/view.php?asn=16509 >> >> Rather

Re: Ars Technica on IPv4 exhaustion

On 6/18/14, 1:09 PM, Owen DeLong wrote: >> >> However, I also don't think consumer education is the answer: >> http://www.wleecoyote.com/blog/consumeraction.htm Summary: Until it >> is perfectly clear why a consumer needs IPv6, and what they need to >> do about it, consumer education will only ca

Re: Help with route latency between TATA and Comcast

On 6/24/14 10:49 AM, rw...@ropeguru.com wrote: > I am doing some testing between my Comcast Business connection and a > Singapore server that I have just setup. I am seeing high latency to the > server but it appears it is the Comcast to TATA link and not the link > between the U.S. and Singapore.

Re: No topic -- Photo in its context might be interesting...

On 7/9/14 7:24 PM, William Herrin wrote: > On Wed, Jul 9, 2014 at 8:53 PM, Scott Weeks wrote: >> Just to be fast, the article said 1.5Mbps >> Also, I completely missed that there was a page 2. It looks like they use >> Iridium. Here is some pricing. Just the first thing I found: >> >> http://ww

<    1   2   3   4   5   6   7   8   9   10   >