Re: Reliable Cloud host ?

ot; but they're not ready yet, and they're not terribly cheap either. -Tom

Re: Trouble with IPv6 setup on Quagga

Juniper router when it comes to advertisements (this goes for both address families). > neighbor 2607:1b00:10:a::1 remote-as 54456 > neighbor 2607:1b00:10:a::1 next-hop-self > > address-family ipv6 > network 2607:1b00:d1::/48 > network 2607:1b00:d2::/48 > neighbor 2607:1b00:10:a::1 activate > exit-address-family TH: This looks fine otherwise. Tom

Re: next hop packet loss

any case, I won't be providing any further input following that response. Tom > It is a problem with http protocol regardless of ICMP. > > Sent from my iPhone > > On Aug 6, 2012, at 5:51 PM, "Tom Hill" wrote: > >> Hi Jim, >> >> On 06/08/12 22:27

Re: /. Terabit Ethernet is Dead, for Now

On 2012-10-01 08:57, Masataka Ohta wrote: Tom Hill wrote: Once you get your head (and wallet) around that, there becomes a case for running each of your waves at 2.5x the rate they're employed at now. The remaining question is then to decide if that's cheaper than running more f

Re: E1200i vs EX8200 in Large Deployment

lunch more than once recently, so you should probably figure out what you want first before you get in too deep :) -Tom

1slash8 pollution

:4d:cf:6f Perhaps someone should mention this to the hotel? :) -Tom

Re: 1slash8 pollution

On Mon, 14 Jun 2010, Elmar K. Bins wrote: I've senn DHCPACK from 1.1.1.1 I was told it's the default value of a Cisco WLAN Controller. There are more things broken in most hotel WLANs. We should go soft on the Westin. The wireless works surprisingly well. It does indeed, wasn't implying that

Re: Advice regarding Cisco/Juniper/HP

st and provides free software updates. -Tom

Re: Advice regarding Cisco/Juniper/HP

On Thu, 17 Jun 2010, Tom Ammon wrote: We've had a much different experience than what Tom is describing here. To be fair, each platform seems to vary quite a bit in quality and reliability. I have seen some HP installs work ok, but they were primarily edge switches or bladecenter switches.

Re: comcast

On Thu, 12 Jun 2008, Thompson, Taeko wrote: Does anybody heard if comcast is having problems today? I've got a customer in 73.72.92.0/24, and I don't see the prefix on the net.

Re: Virginia voter registration down due to cable cut

> > Again, hopefully Twitter won't > fall down again during the evening of November 3rd. The digeratti will > lose thier minds. > No offense towards our many friends at Twitter, but I think the best thing that could happen would be for Twitter to shut 'er down from November 1 through November 6.

Virginia voter registration down due to cable cut [ID #5475615x3]

DO NOT EDIT BELOW THIS LINE Assigned to: BuyGoods Support Again, hopefully Twitter won't fall down again during the evening of November 3rd. The digeratti will lose thier minds. No offense towards our many friends at Twitter, but I thi

Re: plea for comcast/sprint handoff debug help

Alex: When I follow the RFC rabbit hole : RFC6481 : A Profile for Resource Certificate Repository Structure The publication repository MUST be available using rsync > [RFC5781 ] [RSYNC > ]. Support of

Re: RSS Feed for this list?

Gossamer Threads was bought in 2019 and merged with Carbon60. Looks like they are still archiving the list, just at a different URL. https://lists.archive.carbon60.com/nanog/users/ On Mon, Nov 2, 2020 at 2:53 PM Timothy Brown wrote: > Hi, > > I noticed that now the old gossamer-threads.com ar

Re: Mellanox / Cumulus

changed it would be a fine software suite to investigate. Regards, -- Tom

Re: Mellanox / Cumulus

t does SP mean" debate, but I am not at all surprised that CDN providers would like the Spectrum ASICs: they're excellent at pushing lots of bits, quickly. Because they lack buffer-laden features (by design) a lot of SPs - say, access ISPs - will stop and say, "What? This is a DC switch!" -- Tom

Re: Technology risk without safeguards

> > The hypothesis that RF may cause damage to human DNA is not at all > conspiracy. The > fact that we haven't been able to identify a factual relationship, does > not mean > that there isn't any. For example: > If you are going to cite that American Cancer Society article, you should cite all th

Re: Technology risk without safeguards

> > The parts that Tom cited, are very much relevant, and > * only reinforce thenotion that at this time, we simply do not know > enough.* We do know, that > at the low doses we generally receive, there is no evidence for harmful > consequences. > > My point is that w

Re: AFRINIC IP Block Thefts -- The Saga Continues

I would like to formally request that Mr. Cohen's privileges to post to this list be revoked, or otherwise curtailed. It's one thing to dispute facts with evidence, or generally disagree on a topic. However , threats of legal action and personal attacks citing Old Testament mumbo jumbo, while crea

Re: Telia Not Withdrawing v6 Routes

> > I also put a lot of blame on C, it was a terrific language when > compiling had to be fast. Basically macro assembler. Now the utility > of being 'close to HW' is gone, as the CPU does so much C compiler has > no control over, it's not really even executing the same code > as-written anymore. M

Re: inspecting RPKI data: console.rpki-client.org

In before snark of "OMG "http" links to RPKI info HURF BLURF!" ( Just add the 's' yourself kids, Job is a good boy and does have this properly TLS'd. :) ) Thank you Job, excellent tool! On Fri, Nov 20, 2020 at 9:08 AM Job Snijders wrote: > Dear all, > > I'd like to introduce another tool to in

Re: Weather Service faces Internet bandwidth shortage, proposes limiting key data

I would say it's likely much larger. https://twitter.com/CoasterBGW/status/1336387160220569603/photo/1 Their design is to run everything from one datacenter? I am enjoying the level of irony that the rest of us consider catastrophic weather events in our datacenter planning, but the NWS does not.

Re: "Hacking" these days - purpose?

Questionable cloud / VPS / hosting companies are great for spammers and botnet C&C, but not so great for DDoS "ion cannons". You still need a large volume of geographically diverse endpoints for those to be effective. On Mon, Dec 14, 2020 at 9:52 AM Peter E. Fry wrote: > > Simple question: What'

Re: Are the days of the showpiece NOC office display gone forever?

> > Ideally configured to be actually useful for NOC purposes and also > something impressive looking for customer tours. > Call me crazy, but I have never cared about the second half of that. On Wed, Dec 16, 2020 at 3:51 PM Eric Kuhnke wrote: > With the covid19 situation, obviously lots of IS

Re: Are the days of the showpiece NOC office display gone forever?

> > I'm sure when the automation is perfect and widespread to the point that > it catches and alerts on every network event, the monitoring rooms will > disappear. > The chances of this happening are exactly 0%. > But unless you have an entire organization dedicated to automation > development o

Re: Unexplainable router log entries mentioning IPSEC from Yahoo IPs

Frank- I'll contact you directly about this. On Fri, Dec 18, 2020 at 1:20 PM Frank Bulk wrote: > Curious if someone can point me in the right direction. In the last three > days our core router (Cisco 7609) has logged the following events: > > Dec 16 19:04:59.027 CST: %CRYPTO-4-RECVD_PKT_INV_SP

Re: Nashville

That's not exceptionally uncommon. I have seen the same thing before in other sets of street view images. On Fri, Dec 25, 2020 at 3:15 PM cosmo wrote: > I see the logo now : > > https://www.google.com/maps/@36.1640386,-86.7765438,3a,34.8y,283.85h,92.88t/data=!3m6!1e1!3m4!1sle30GenlolagNX2ldhGc

Re: NDAA passed: Internet and Online Streaming Services Emergency Alert Study

> > Most civilized societies immensely value a great many things, and for > exactly zero of them is it acceptable for the government to kick down my > door, wake me up, and scrawl a message on my wall to make sure I hear > about it. Just because digital tools can save the government millions > of

Re: Alexandria Ocasio-Cortez' Office is on NANOG?? Or, what is the policy about sharing email offlist?

Everyone take a deep breath, calm down, and move on from this thread. On Tue, Jan 19, 2021 at 8:22 AM Jeff P wrote: > I contacted you (and others) off list to avoid a public discussion on a > board dedicated to the discussion of networking to call out your misogynist > comment in a previous post

Re: Hosting recommendations ... ?

Proxmox specifically isn't much more than a wrapper for standard Linux KVM, which can support nested virtualization. In my limited experience with nesting, it doesn't work half bad as one would expect, but I haven't used it in a stressed environment with anything substantial running that way. On

Re: Nice work Ron

DDOS-Guard is only hosting a temporary static page for Parler, they are not hosting the full Parler application. (Source : Quote from Parler's CEO, NYT, 1/19/21, https://www.nytimes.com/2021/01/19/technology/parler-russian-company.html) On Thu, Jan 21, 2021 at 12:55 PM Matt Erculiani wrote: > I'

Re: Nice work Ron

> > am I the only one to believe that (given that LACNIC had allocated an IP > block to a company that doesn't conform to the LACNIC policies) what we > urgently need to see next is the complete audit of the LACNIC operations, > so that this doesn't look like selective enforcement? > LACNIC recei

Re: Nice work Ron

e. Calling for a complete audit of LACNIC feels quite extreme absent a pattern of issues, which doesn't seem to have been presented. On Thu, Jan 21, 2021 at 1:37 PM Töma Gavrichenkov wrote: > Peace, > > On Thu, Jan 21, 2021, 9:29 PM Tom Beecher wrote: > >> am I the onl

Re: DoD IP Space

My opinion is that such recommendations are short sighted, and simply creating tech debt and future support issues for themselves, and in some cases, intermediaries. That example you linked though is pretty specific to one "smart" TV OS ; it's possible that there is a V6 specific issue with that TV

Re: gofundme Medical Expenses - Ed Hew

Guys, let's maybe turn the temperature down a bit. On Mon, Jan 25, 2021 at 1:04 PM Mel Beckman wrote: > Bill, > > So, we can only mention in this forum the actual death of Internet > pioneers, such as Mark Crispin, Jon Postel, and Jeanette Symons? > > What if the person’s health is tied to a maj

Re: gofundme Medical Expenses - Ed Hew

I personally have no issue with the OP, or the idea of recognizing the work of those who have come before. I just don't want to see this devolve into a pissing match that ends up requiring a rule to be created about such things. On Mon, Jan 25, 2021 at 1:31 PM Mel Beckman wrote: > To

Re: Verizon FiOS/Google Peering Issues in Northeast?

https://twitter.com/VerizonSupport/status/1354109889572982786 Fiber cut in Brooklyn, sounds related. On Tue, Jan 26, 2021 at 12:08 PM Brian Loveland wrote: > Is this well known? Getting lots of reports of 50% packet loss to > anything behind AS15169 from FiOS, including 8.8.8.8 >

Re: Verizon DC/NOVA Issues?

Could be knock on effects from their NYC issue in Brooklyn. On Tue, Jan 26, 2021 at 12:13 PM Robert Webb wrote: > Any hearing of Verizon internet issues affecting the DC, Northern > Virginia, and surrounding areas? > > Just got a flood of complaints about work VPN connections keep dropping > and

Re: RTBH and Flowspec Measurements - Stop guessing when the attack will over

Personally, I would absolutely, positively, never ever under any circumstances provide access to a 3rd party company to push a FlowSpec rule or trigger RTBH on my networks. No way. You would be handing over a nuclear trigger and saying "Please break me at my earliest inconvenience." On Tue, Feb 2

Re: RTBH and Flowspec Measurements - Stop guessing when the attack will over

last, and start to define the end of a flowspec/RTBH action > based on real information related to that. > I want to close the feedback loop. > > > Em ter., 2 de fev. de 2021 às 13:07, Tom Beecher > escreveu: > >> Personally, I would absolutely, positively, never ever un

Re: RTBH and Flowspec Measurements - Stop guessing when the attack will over

-Hank > > > > > > But, this still does not helps to find a solution do an organization A > that sends some flowspec our RTBH to organization B(presuming organization > B will accept that), and organization B do some reports of what is match > with that flowspec or RTBH.

Re: Suspicious IP reporting

I think it's pretty poor form to ask people to report an IP for doing something they are not seeing themselves, and may not even be abuse. What does "hitting devices" mean? Pings? SNMP? This sort of thing contributes to abuse reponses being poor; lots of noise, not much signal. On Thu, Feb 4, 202

Re: Suspicious IP reporting

he Internet is full of both good and bad actors that probe and >> scan anything and everything. >> >> >> >> While some appreciate the notification here, others will find it >> annoying. We cannot report anything malicious about an IP address on the >> Internet

Re: DoD IP Space

> > For most networks there is almost no pain in enabling IPv6. > A startup vendor, formed by long time industry veterans, released brand new products inside of the last 8 years that did not yet have IPv6 support because their software, also created by them from scratch, did not yet support it. It

Re: CGNAT

n 00,000's of subs, I'm sure the benefits aren't trivial when viewed through the lens of the number of connections that a single Chrome tab can happily chew through. -- Tom

Re: Famous operational issues

don't want to spoil the ending, but ... I later discovered that Cumulus' then VP of Engineering had elevated me to a veritable 'Hall of Infamy' for the support ticket attached to that particular tale. One day I'll be able to buy the guy that handled it a *lot* of whisky. He deserved it. -- Tom

Re: Texas internet connectivity declining due to blackouts

The issue is that while there are lots of information out there detailing the risks of variable rate supply plans, the majority of consumers are not equipped to properly understand that risk; these are complex markets in the best of times. Many of these companies are also borderline predatory in ho

Re: Is there an established method for reporting/getting removed a company with 100% false peeringdb entries?

supp...@peeringdb.com is fairly prominently displayed at the bottom of every page that peeringdb displays. On Thu, Mar 4, 2021 at 7:16 PM Eric Kuhnke wrote: > First, take a look at this: > > https://www.peeringdb.com/asn/18894 > > > Now look at these (or use your own BGP table analysis tools

Re: DPDK and energy efficiency

On 04/03/2021 18:20, Etienne-Victor Depasquale wrote: > *SECTION 2: Survey results* I don't see the embedded images, and there's no way to show them inline. For the sake of simplicity/sharing, are these results presented anywhere on a web page? :) Regards, -- Tom

Re: DPDK and energy efficiency

at your CPU is wasting power while not actually forwarding any packets. -- Tom

Re: How to Fix IP GEO for google/youtube tv

> > Based on how difficult it is to correct their data for them at no charge, > I'm not sure he's entirely wrong in that statement. > No, it's still wrong. Stating that Google's team 'doesn't want to improve things' , while also having zero knowledge of the reasons why the current issues are pres

Re: DOD prefixes and AS8003 / GRSCORP

> > However, it appears that a Certificate of Good Standing is not required or > ARIN didn't validate it in this case. > You don't know what ARIN did or did not do, or really anything about the circumstances surrounding this other than what is gleanable from public records. It's not a good look to

Re: DOD prefixes and AS8003 / GRSCORP

> > I think it’s a general matter of public interest how this reassignment of > a massive government-owned block of well over sixteen million IP addresses > happened. Even if not fraudulent, the public has a right to know who is > behind this huge transfer of wealth. > > Don’t you? > I wasn't awar

Re: ASE - 100 Gig Wave

CC back to the mailing list for visibility, since I ate the CC list. On Thu, Mar 18, 2021 at 1:31 PM Tom Beecher wrote: > Rod- > > Please refer to the usage guidelines found here. > https://nanog.org/resources/usage-guidelines/ > > 14. Posts that encourage or facilitate an a

Re: Perhaps it's time to think about enhancements to the NANOG list...?

that would help them? They are not. On Thu, Mar 18, 2021 at 6:28 PM Matthew Petach wrote: > > > On Thu, Mar 18, 2021 at 10:37 AM Tom Beecher wrote: >> >> CC back to the mailing list for visibility, since I ate the CC list. >> >> On Thu, Mar 18, 2021 at 1:31 PM Tom Bee

Re: Perhaps it's time to think about enhancements to the NANOG list...?

> > why not confine the effort to the one need that seems > to clearly exist: a place for network engineers to solicit vendors of > the goods and services that network engineers buy? > If there's a real need for that ( which my voicemail and email might say is debatable :) ) , then someone could s

Re: Peering and Caching for Epic Games, Fortnite, et al

> > For an industry (online gaming) with the most "sensitive" customers to > latency, packet loss, throughput, etc., the online gaming industry is > terrible at peering. That's because they often don't really need to. Content and patch distribution is generally handled via a CDN. For companies t

Re: Perhaps it's time to think about enhancements to the NANOG list...?

Nope. https://www.discourse.org/ != https://discord.com/ On Tue, Mar 23, 2021 at 2:35 PM scott wrote: > > Well, now we are likely find out what happens when Discord is bought: > > > "Microsoft in talks to buy Discord messaging platform - sources" > > > https://www.reuters.com/article/us-discord

Re: OT: Re: Younger generations preferring social media(esque) interactions.

Thanks for chiming in Phineas. Just for the sake of clarity, the platform that NANOG is considering is Discourse ( https://www.discourse.org/ ) , not Discord ( https://discord.com/ ) . They are different use cases, for sure. Primary difference being one is for real time communication, and one is

Re: Reinventing the wheel on a path to deeper learning

Matt- The Program Committee is definitely aware of the imbalance towards complexity in topics. We have been working on some ways to try and bring back more '101' style content to help fill that gap. If you have any specific requests for content, or feedback you would like to share on what comes

Re: Best practice for ptp/loopback numbering for "small" enterprise multihome setup

> > i take real addresses out of the /24 for p2p > i take 1918 addresses for ibgp loopbacks > This. On Fri, Mar 26, 2021 at 2:22 PM Randy Bush wrote: > > tl;dr - If I only have a /24 PI - is there any way to use this and not > > “chop it up / deagg” to use for ptp/loopbacks ? > > i take real ad

Re: wow, lots of akamai

There are a couple things going on that all combine together. - Competition between CDNs has pushed $/byte numbers down a lot. (Good or bad, depending on which side you're on. :) ) - Game developers are under constant pressure to deliver content to users quicker - Games are graphically much higher

Re: wow, lots of akamai

> > Does Akamai bear some burden here to make these rollouts less troublesome > for the ISPs they traverse through the last mile(s)? IMO yes, yes they do. > When you're doing something new and unprecedented, as Akamai frequently > brags about on Twitter, like having rapid, bursty growth of traffic,

Re: wow, lots of akamai

le" in the sense that when you look at a graph of traffic before and > after a large push such as this makes the rest of the week's traffic look > like a horizontal line at the bottom, admittedly poor word choice, yes, but > far from "confused" as to what CDNs do under r

Re: wow, lots of akamai

Lots of publishers will allow for new stuff to be pre-downloaded before a specified release time. There was a time that it was probably helpful in spreading the load out over time, but today it doesn't help much because either everyone starts the preload at the same time, or people don't have enoug

Re: wow, lots of akamai

burden on the ISP, but it's a burden created by the usage created by their subscribers. On Thu, Apr 1, 2021 at 4:57 PM Matt Erculiani wrote: > Tom, > > All due respect, but there is a massive difference between one user > downloading 50G and thousands of users each downloading 50G

Re: My First BGP-Hijacking Explanation

Very well done , especially for a layman. His snark level is excellent too. I've definitely shared this around to some people, pointing out that he seems to know BGP better than they do, and they get paid for it. MY snark is going over about as good as you might expect. :) On Thu, Apr 8, 2021 at

Re: My First BGP-Hijacking Explanation

> > As an anecdotal data point, the only effect this has had is teaching > random 14 year olds how to use ordinary consumer grade VPNs, which work > just fine. > Or, perhaps some kid watched that and said "Oh that's cool, I want to know more about how that works!" , and planted a seed for a future

Re: Trident3 vs Jericho2

There is no easy, one side fits all answer to this question. It's a complex subject, and the answer will often be different depending on the environment and traffic profile. On Fri, Apr 9, 2021 at 8:58 AM Dmitry Sherman wrote: > Once again, which is better shared buffer featurerich or fat buffer

Re: Trident3 vs Jericho2

> > If you have all the same port speed, small buffers are fine. If you have > 100G and 1G ports, you'll need big buffers wherever the transition to the > smaller port speed is located. While the larger buffer there you are likely to be severely impacting application throughput. On Fri, Apr 9, 2

Re: Texas ERCOT power shortages (again) April 13

> Funny how this obsession with a green grid has made the grid > unreliable, resulting in sales of gas-burning generators and > perishable fuel. Dare I say it's not been worth it? Yes, desire for renewable power sources is totally the reason that power generators neglect proper preventative maint

Re: Texas ERCOT power shortages (again) April 13

Brian- I am aware. That's also not relevant at all to the point. On Wed, Apr 14, 2021 at 9:22 AM Brian Johnson wrote: > Tom, > > You do realize that ERCOT is a non-profit organization…. > > On Apr 14, 2021, at 8:04 AM, Tom Beecher wrote: > > > Funny how this ob

Re: Malicious SS7 activity and why SMS should never by used for 2FA

> > As far as I know, authenticators on cell phone apps don’t require the > Internet. For example, the Google Authenticator mobile app doesn't require > any Internet or cellular connection > Lots of people still use feature phones that are not capable of running applications such as this. On Sun,

Re: Malicious SS7 activity and why SMS should never by used for 2FA

kman wrote: > Then they can buy a hardware token. Using SMS is provably insecure, and > for people being spear-phished (a much more common occurrence now that so > much net worth data has been breached), a huge risk > > -mel > > On Apr 19, 2021, at 5:44 AM, Tom Beecher wrote: &g

Re: Malicious SS7 activity and why SMS should never by used for 2FA

9:33 AM Mel Beckman wrote: > Tom, > > Well, yes, not everyone can afford all technology options. That’s life. > One has to wonder how someone who needs to protect online accounts cannot > afford a $30 hardware token (which can be shared across several accounts). > These low-inc

Re: Malicious SS7 activity and why SMS should never by used for 2FA

hey are”? > > -mel via cell > > On Apr 19, 2021, at 7:01 AM, Tom Beecher wrote: > >  > >> These low-income people are not the targets of identity thieves, spear >> fishers, or data ransomers. >> > > This is patently false. Low-income / disabled / minority

Re: Malicious SS7 activity and why SMS should never by used for 2FA

Account > access attacks. Can you point out the specific data you think supports your > claim? > > -mel via cell > > On Apr 19, 2021, at 7:33 AM, Tom Beecher wrote: > >  > > https://www.ftc.gov/system/files/documents/reports/consumer-sentinel-network-data-book-202

Re: Submitting Fake Geolocation for blocks to Data Brokers and RIRs

> > If the endpoint (e.g. web server) is physically located in Germany and > you're helping a client misrepresent that it's located in Estonia in > order to evade a legal requirement that it be located in Estonia then > you've made yourself a party to criminal fraud. > While I agree with the overa

Re: DoD IP Space

> > As long as that IP space was isolated to the .mil network, it was private > space, as far as the Internet was concerned. > The DoD allocation of 11/8 predates the concept of 'private network space'. 11/8 was first assigned to the DoD in RFC 943 in April of 1985. The concept of IPv4 space for

Re: DoD IP Space

chnology/2021/04/24/pentagon-internet-address-mystery/#click=https://t.co/mVh26yBq9G >> >> FYI, >> /John >> >> John Curran >> President and CEO >> American Registry for Internet Numbers >> >> On Jan 20, 2021, at 8:35 AM, John Curran wrote: >&

TLD .so Partial Outage?

Hello NANOG'ers! I'm observing a near global outage of DNS services from d.nic.so. This appears to be an AfriNIC anycast DNS service. Does anyone have contacts at AfriNIC for their DNS systems available? e.nic.so seems to be responding (hosted behind PCH, thanks Woody!). Tom --

Re: TLD .so Partial Outage?

Hi Bill, Improved for sure. Thanks for the outreach. Looks to me like there may still be some lingering issues: https://p.catchpoint.com/ui/Entry/PC/V/ASNc-D-D-BHL40FjZF_2McMAA. I've asked the AfriNIC folks to continue to have a look. Thanks, Tom -- Tom Daly t...@q7.io On Sun, May 16,

Re: Google uploading your plain text passwords

> > They > snuck it on me. > "I didn't notice this until now" != "They snuck one by the goalie." On Sat, Jun 12, 2021 at 10:30 AM William Herrin wrote: > On Sat, Jun 12, 2021 at 5:11 AM K. Scott Helms > wrote: > > Encryption != plain text, just because it's not a hash doesn't mean it's > pro

Re: Google uploading your plain text passwords

> > So, you're not describing all of the possible ways to decrypt data. > What's happening is that the keys to decrypt the passwords are handed to > your client (with some checks like a local admin password or pin) when you > attempt to decrypt a given password. The passwords _are_ decrypted on yo

Re: Google uploading your plain text passwords

> > There's a problem with your theory. The browser I viewed the passwords > from Google in wasn't Chrome. And it didn't have a local copy of any > Google passwords or keys. The only place they could have come from was > Google's server. > Yes. The *encrypted* blob of login/password data was retri

Re: Can somebody explain these ransomwear attacks?

> > The payment to ransomware gangs is now tax-deductible. > It's not new. In the US, losses due to theft have been at least partly deductible for a very long time. By IRS definitions ( https://www.irs.gov/publications/p547), blackmail and extortion both qualify as theft, and it's fairly safe to s

Re: Can somebody explain these ransomwear attacks?

> > Incompetent insurance companies combined with incompetent IT staff and > under-funded IT departments are the nexus of the problem. > Nah, it's even simpler. It's just dollars all around. Always is. >From this company's point of view, the cost to RECOVER from the problems is so much smaller th

Re: shadowserver.org

Shadowserver is constantly doing all kinds of port scanning and penetration attempts globally, have been for many years. On a residential connection as you describe, have something in place that drops anything from them, and move on with your day. On Mon, Jun 28, 2021 at 8:59 AM Scott Aldrich

Re: Scanning activity from 2620:96:a000::/48

As mentioned, rando traffic is part and parcel of being internet connected. There isn't much 'ok' or 'not ok' to it. At this point of the internet's lifecycle, it is incumbent on all operators to protect themselves as much as possible from potential malfeasance or unintended technical oopsies. Tha

Re: Do you care about "gray" failures? Can we (network academics) help? A 10-min survey

> > If there is a network which does not > experience these, then it's likely due to lack of visibility rather > than issues not existing. > This. Full stop. I believe there are very few, if any, production networks in existence in which have a 0% rate of drops or 'weird shit'. Monitoring for s

Re: T-Mobile RF contact

It's more likely to be someone in the area. Friend of mine who runs a small WISP has had similar problems with other companies who haven't been able to upgrade equipment to Part 96 capable, yet still operate and walk all over everyone else in the area. The only somewhat sketchy licensing up your w

Re: Abuse Contact Handling

> > If you’re complaining about having to maintain an abuse desk or putting a > dummy address into your whois records, sturgeons law says most of the time > you’re the sort of provider who doesn’t want to staff an abuse desk. At my previous job for an ISP, I was the abuse desk among my other resp

Re: Where to get IPv4 block these day

> > IPhones handsets this part of the world are not common handsets to > majority of the end-users who are not middle class folk and even most > middle class folk still settle for cost effective Android handsets. > Android has had IPv6 support for what,10 years now? (Ignoring the SLAAC vs DHCPv6 H

Re: "Tactical" /24 announcements

Folks can announce longer than 24 masks all day. They're unlikely to propagate very far though, since most won't accept longer than 24 from the world at large. To the OP, there are some valid reasons to strategically deaggregate here and there, but a blanket "yolo my entire allocation into /24s" s

Re: "Tactical" /24 announcements

e referred to it as a 'sneaky backhaul', believe. Given that there's no default in 2914, I guess that counts? :D -- I'm really not being serious. A nice feature by NTT, but please let's never make it OK to populate the _actual_ DFZ with an IPv4 prefix greater than a /24. -- Tom

Re: "Tactical" /24 announcements

king the question: "who told you this was a good idea?" -- Tom

Re: "Tactical" /24 announcements

specific prefixes, and likely why the attempts to do this caused the problems that I'm referring to. I'm glad to hear a vendor has implemented a useful knob. Which vendor? -- Tom

Re: "Tactical" /24 announcements

rogance). > Arista. They call it FIB compression. They mention it's a > trade-off, more memory and CPU utilization (keeping track of things) > in exchange for being able to keep hardware that might otherwise be > out of FIB space able to cope with full tables. Ah, thank you, noted. -- Tom

Re: "Tactical" /24 announcements

> > I think that the NANOG (or in general, operators) community may do well to > state the `/24 rule' clearly in a BCP, preferably an RFC. > https://datatracker.ietf.org/doc/html/rfc7454 6.1.3 . > Prefixes That Are Too Specific > Most I

Re: "Tactical" /24 announcements

Broadly speaking, I would say if you announce a prefix to the DFZ, then you are saying "I can deliver anything in this range where it is supposed to go." That being said, there are moments like Bill said that an outage or other issue prevents that from happening, and also circumstances that a lack

  1   2   3   4   5   6   7   8   9   10   >