Cybersecurity, Lincoln Law School
Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal anti-spam law)
Board of Directors, Denver Internet Exchange
Chair Emeritus, Asilomar Microcomputer Workshop
Former Counsel: Mail Abuse Prevention System (MAPS)
------
, from the "69 space".
----------
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
me that
WCOM knew who was in there (due to the card access system), but refused to
tell us. I figured it was probably one of their own people.
------
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefor
.
--
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
i.e. IX peers, where you
have lots of peers)?
------
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
with an IX
partition event at Any2 Denver just a few weeks ago.
------
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
e savings will vary
depending on the device's connectivity, but I've seen >40%.
------
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
On Thu, 12 Aug 2021, Tom Hill wrote:
On 11/08/2021 14:09, Jon Lewis wrote:
What sort of hands-on experience is this opinion based on?
Having an upstream provider that did it, in a very aggressive fashion.
Odds are, they did it wrong, and you had no control and limited, if any,
visibility
On Thu, 12 Aug 2021, Nick Hilliard wrote:
Jon Lewis wrote on 12/08/2021 18:09:
Arista. They call it FIB compression. They mention it's a trade-off,
more memory and CPU utilization (keeping track of things) in exchange for
being able to keep hardware that might otherwise be out o
he subnets send traffic to C that C then has to send out via
transit to reach D, E, or F. I've been C :( We asked A to make it stop.
----------
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefore y
them immediately trip your
prefix-limit because they haven't updated peeringdb for "some time" and
advertise more routes than their suggested limits?
--
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
will
run out of pipe in a traffic event like yesterday's.
------
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
that certain "tier 1" providers don't even
have/provide a full v6 table?
If you're going to multihome, do it right, and get full routes from all
your providers.
------
Jon Lewis, MCP :) | I route
StackPat
cated
pre-ARIN?
------
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
NANOG, but no. I still get numerous
"last chance to renew my car warranty" and whatever the scam is from the
credit card callers per day on both my home and cell numbers.
------
Jon Lewis, MCP :) | I route
nt to trick you into giving them remote admin access to
your PC. I assume that's a dry well and the best you can hope to do is
waste as much of their time as yours and see how foul a mouth they have.
----------
Jon Lewis,
Flemming.
:0
* ^From:.*(jfleming(@anet\.com|unety\.net)|ipv6nog@gmail\.com)
/dev/null
:0
* (^TO|^From:).*
/dev/null
I'm out of this thread...I've already seen the above rule do its job.
----------
Jon Lewis,
"less than a full table". :(
i.e. I'm questioning whether the system is mature enough and properly used
widely enough for dropping RPKI invalids to be a good idea?
------
Jon Lewis, MCP :) | I route
S
hose using RPKI to verify routes "don't accept our customers' routes."
That might not be bad for "your network", but it's probably bad for
someone's.
----------
Jon Lewis, MCP :) | I route
and port 0).
------
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
plementation hard enough, and weird shit is likely to happen.
------
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
massive failure on the part of AfriNIC's
staff, or did their business model radically change after so much space
had been allocated?
----------
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefore you a
On Tue, 31 Aug 2021, Sabri Berisha wrote:
- On Aug 31, 2021, at 8:40 AM, Jon Lewis jle...@lewis.org wrote:
Hi,
[ I'm not affiliated with CI in any way, just playing the Devil's Advocate ]
"5.4.6.2 AFRINIC resources are for AFRINIC service region and any use
outside the r
ened? I really have no clue. It sounds like something
like this might have happened. Unless someone at Facebook shares an
actual detailed account of what they broke, most of us will never know
what really happened.
------
m odd that it would be intertwined with the DNS infrastructure?
People have been anycasting DNS server IPs for years (decades?). So, no.
------
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefo
etwork
rather completely, and that took out all of their DNS, which broke lots of
other things that depend on DNS.
----------
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefore you are
_ http://www.
On Wed, 6 Oct 2021, Michael Thomas wrote:
On 10/6/21 3:33 PM, Jon Lewis wrote:
On Wed, 6 Oct 2021, Michael Thomas wrote:
People have been anycasting DNS server IPs for years (decades?). So,
no.
But it wasn't just their DNS subnets that were pulled, I thought. I'm
obviou
quot;. They're running
an open resolver...not a lighthouse.
------
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
r
with lots of other networks that may or may not be ISPs in a non-ISP
relationship.
What's this "simplified BGP peering solution" you're [not] talking about?
----------
Jon Lewis, MCP :) | I route
test...i.e. a response means their
connection to their ISP is up, and the ISP's network works at least enough
to reach an internal 8.8.8.8, but the question of their connectivity to
the rest of the Internet would be unanswered.
--
, you probably wouldn't commit.
------
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
ort tool. There is an API, but it
doesn't accept data in rpsl format, so if I want to explore it farther,
I'll have to write something to convert rpsl route objects to either xml
or json.
------
Jon Lewis, MCP
Cogent least preferable by lowering the local
preference to it, that why
prepending from our side doesn't help.
>
> Maybe someone has experience or similar problems with ISPs in Asia
network ?
>
>
--
f
instances of their ASN their router is willing to put on an advertised
route.
--
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
lly do ROV.
------
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
IRR's to use, but it seems now that all the RIRs provide authoratative IRR
service (and some networks are deprecating the non-auth ones), it's time
for us to move our records to the appropriate RIR IRRs.
--
Jon Lewi
harge to deprecate non-auth
IRRs, or if there are other notable networks with similar policies?
--
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
ues.
I wonder how Tata deals with that...or how they will after August 2023?
--
------
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
for your
review.
Target Industry: ??
Target Geography: ??
Waiting for your response.
Regards,
Julie Levay
Demand Generation Specialists.
--
Jon Sands
MFI Labs
https://fohdeesha.com/
----------
and have no
incentive to cooperate with enforcement against each other.
----------
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
ecated non-auth sources, causing us to migrate away from RADB.
------
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
cts of "big telco can't
help / won't let you even talk to someone who can understand your
explanation of the issue" and "I don't care how I solve this, as long as I
can make the issue go away."
--------
te their lack of BGP routing to 182.61.200.0/24, which hosts Baidu
Wangpan at
pan.baidu.com (Baidu's cloud services/equivalent of Google Drive).
Easily verified through Verizon's Looking Glass.
We all know Verizon's BGP routing is a disaster, but does anyone have any
On Thu, 21 Jul 2022, Paul Rolland wrote:
Hello,
On Thu, 21 Jul 2022 12:20:37 -0400 (EDT)
Jon Lewis wrote:
I looked at this a little last night, but didn't have time to write an
email about it. Verizon has a lookingglass:
https://www.verizon.com/business/why-verizon/looking-glass/
It's just traffic you don't want that they
don't care about. Block it at your edge and move on.
----------
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefore you are
_ http://www.lewi
"why is server X's IP the router-id for these routes?"
------
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
You’ll need to be very selective about the IP ranges you apply that filter to,
or more likely, just do it and make sure have one or more default routes to
devices/providers that carry full tables.
As for alternate devices, have you looked at Arista 7280, particularly the
Jericho >1 versions.
dless of whether or
not more specifics exist." You have no business demanding what routes
someone else's network receives/accepts. All you can reasonably control
is what you advertise and what you accept.
--
Jon Lewis,
ve prepends would
get that path rejected, keeping it from being used.
------
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
uest/
https://www.arin.net/resources/manage/rpki/hosted/
------
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
ble long enough that I wouldn't want to be dependent on that changing.
----------
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
On Tue, 24 Jan 2023, William Herrin wrote:
On Tue, Jan 24, 2023 at 11:04 AM Jon Lewis wrote:
The "other problem" is, every day more gear receiving full routes gets
closer to (or farther past) the point where the resources to hold either
the FIB or RIB just aren't there. For th
140 Set customer route local preference to
140
(above customer default)
You get the idea. Everyone likely does it "their own way", so you need to
find the BGP community support info for the upstream with which you want
non-default behavior / localpref.
-
On Wed, 1 Mar 2023, Dmitry Sherman via NANOG wrote:
gtt/level3 is down?
Those are two totally different global networks...so asking if they're
both "down" is kind of a silly question. Down where?
------
fi AP blocked me two different ways, but once I got around that,
I was able to determine that Spectrum cable Internet does appear to block
spoofed source traffic. :)
------
Jon Lewis, MCP :) | I route
StackPath, Sr. N
Tier 1 NOC
please check and remove the blackhole if any exists?
Normally when ReliableSite announced my prior (then-leased) IPv4 space it
gets propagated via BGP almost immediately. This time it's not going through
at all.
Best,
Neel Chauhan
------
.
--
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
e, and have IPs/accounts/memberships with
ARIN/RIPE/APNIC/Registro.br.
----------
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
ehavior at the address-family level. If the provider isn't willing
to make a change like this, we may have to ask APNIC for a few ASNs...and
it may be time to stop the practice of using the same ASN in all our
islands.
--
ll still only owe $250/year for the IPv6 space until this "deal"
expires at the end of 2026.
----------
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
accusations aren't familiar with Hanlon's
razor.
------
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
ather than later.
------
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
hanks
------
Jon Lewis, MCP :) | I route
| therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
, the issue is easily ignored.
--
Jon Lewis, MCP :) | I route
| therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
y, and
perhaps they wouldn't do this today without one?
------
Jon Lewis, MCP :) | I route
| therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
entry and maybe not fully built out the network infrastructure
yet. A CDN, with everything coming from one POP in NY is not going to cut
it.
----------
Jon Lewis, MCP :) | I route
| therefo
once they get tired of investigating allegations, what then?
------
Jon Lewis, MCP :) | I route
| therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
.
This may be too old to be terribly useful other than as a starting point,
but we went through essentially the same thing a little more than 10 years
ago:
http://jonsblog.lewis.org/2008/01/19#bgp
--
Jon Lewis, MCP
ore router. :)
------
Jon Lewis, MCP :) | I route
| therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
me
something changes...like a new customer with their own IPs.
------
Jon Lewis, MCP :) | I route
| therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
le filters at the transit-free club,
poisoning the path may result in a large outage for your prefix rather than
a clever optimization. Poisoning paths is bad for all parties involved.
Kind regards,
Job
--
Jon Lewis, MCP :) | I route
| therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
"rogue" networks.
I think they have enough clue to notice "screwy as-paths".
------
Jon Lewis, MCP :) | I route
| therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
you wanted them
to take.
------
Jon Lewis, MCP :) | I route
| therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
ng as-path poisoning would have non-poisoned
covering aggregates, that "everyone" would use in the cases of rejection
or failures causing no non-poisoned route to be available.
--
Jon Lewis, MCP :)
work by packaging and
selling it or things based on it.
------
Jon Lewis, MCP :) | I route
| therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
with no printed name, using an illegible signature.
How does an organization incorporated years after 44/8 was set aside for
amatuer radio use end up "owning" it enough to have the right to sell a
portion of it?
--------
't seem to find anyone who knows what rr.level3.com is, much less knows
who to talk to about troubleshooting. Anyone know who (if anyone) keeps
the wheels spinning on the Level3 IRR?
------
Jon Lewis, MCP :)
On Thu, 5 Sep 2019, Jon Lewis wrote:
I was doing some IRR clean-up and after a few successful updates, I'm no
longer able to alter or delete our objects in rr.level3.com.
Emails to r...@level3.com result in no action and no response. I've tried
reaching out to the Level3 (Centur
aning
the buyer, in addition to paying the seller, would have to justify their
need to the appropriate RIR and get the RIR's blessing on the transfer.
----------
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng
iding that is the whole point of doing
the flow-based hashing in the first place.
Anycast "only" turns a potential degradation of TCP performance into a hard
failure... :)
-Toke
------
Jon Lewis, MCP :)
peering traffic over both PNI and IX evenly.
----------
Jon Lewis, MCP :) | I route
| therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
e who can't get it
natively from their own ISP. Ideally, HE's v6 tunnel service should
become more or less redundant as more service provider networks dual-stack
their customers.
----------
Jon Lewis, MC
agement) to direct peer with a
network with which there's virtually no traffic being exchanged, just
because we're on the same IX(s). 1-2G to peer seems kind of high. Some
might insist that you move peering to PNI if you're doing >1-2G across an
IX.
------
s cheaper and less damaging
A Zayo victim and a NANOG Member
----------
Jon Lewis, MCP :) | I route
| therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
people pinged
one of their servers constantly.
------
Jon Lewis, MCP :) | I route
| therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
ng that they're delivering the
bits too fast (or at least faster than you'd like them to).
----------
Jon Lewis, MCP :) | I route
| therefore you are
_ http://www.lewis.org/~
7, how are
you going to ÿÿstep in front of the cannonÿÿ? Would you just pass
through all the traffic?
Anycast + load balancers + high powered varnish?
--
Jon Lewis, MCP :) | I route
On Fri, 23 Sep 2016, Christopher Morrow wrote:
On Fri, Sep 23, 2016 at 9:24 PM, Jon Lewis wrote:
On Fri, 23 Sep 2016, Patrick W. Gilmore wrote:
Is CloudFlare able to filter Layer 7 these days? I was under the
impression CloudFlare was not able to do that.
There have been a lot of rumors
on that supports my device?" A cloud controlled networked device,
with no cloud, is not terribly useful.
--
Jon Lewis, MCP :) | I route
| therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
tables into the RIB.
------
Jon Lewis, MCP :) | I route
| therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
possible.
------
Jon Lewis, MCP :) | I route
| therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
f| Fax: 914-694-5669
----------
Jon Lewis, MCP :) | I route
| therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
just noise.
------
Jon Lewis, MCP :) | I route
| therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
, too complicated for my mom to use, and such a crappy
delivery of the idea that I can't imagine anyone will get through the
entire pitch (to tell you what the other flaws are).
----------
Jon Lewis, MCP :) | I route
y by replying to this message, and
then delete all copies of it from your system. Thank you!...
----------
Jon Lewis, MCP :) | I route
| therefore you are
_ http://www.lewis.org/~jlew
ars sooner.
------
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
y from: n...@meta.com
----------
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
Sent from my iPhone
> On Dec 10, 2023, at 2:17 AM, Stephane Bortzmeyer wrote:
>
> On Sat, Dec 09, 2023 at 09:55:31PM -0800,
> Owen DeLong via NANOG wrote
> a message of 1136 lines which said:
>
>> But why would AliExpress be redirecting to DDN space? Is this
>> legitimate? Ali hoping to get
cept to those networks (i.e. Centurylink) that you need
to see them to get them off your backup paths.
----------
Jon Lewis, MCP :) | I route
Blue Stream Fiber, Sr. Neteng | therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_
last one,
I pay to use."
Which path would you pick (assuming you're trying to maximize revenue
from your network)?
----------
Jon Lewis, MCP :) | I route
Blue Stream Fiber, Sr. Neteng | therefore you are
1 - 100 of 474 matches
Mail list logo
