Re: Flexible OTN / fractional 100GbE

Unsure about those product lines, but I believe the Facebook (Adva?) "Voyager" fits the 'open' bill. Here's a PDF specific to running Cumulus on it: https://cumulusnetworks.com/documents/553/2018-03-07_DS_Voyager.pdf HTH, -- Tom

Re: Flexible OTN / fractional 100GbE

ent. > > I hope it's a bit more clear now ? Very clear. If you do find this veritable moon-on-a-stick device, please do let me know. Asking PacketLight to fix their software might not be a bad start, or perhaps asking their competition if they can do better (see Infinera, Coriant, Adva, Ciena, etc.) Regards, -- Tom

Re: CenturyLink/Level 3 combined AS

That '2000 peer ASN's' value is likely very, very inflated. I have prefixes that would look like I am peering with 3549 directly in many places that I do not. L3 has for some time had a partial as-merge community that you can set so that if you announce a prefix to 3356, they'll mirror it over to

Re: Cost effective time servers

This. I've had some timing issues ( unrelated to NTP ) with certain combinations of FlightAware RTLSDR USB sticks and Pi models. IIRC USB and Ethernet share the same bus on the Pis, and that can cause bumps. GPIOs run right off the SOC, avoiding that. On Fri, Jun 21, 2019 at 7:25 AM Denys Fedory

Re: Russian Anal Probing + Malware

I chuckle the most at the original twitter post from Greynoise : "We have revoked the benign tag for OpenPortStats[.]com" Did anyone actually think such a thing would be legitimate to start with? :) On Mon, Jun 24, 2019 at 12:26 AM Hank Nussbacher wrote: > On 24/06/2019 00:23, Randy Bush wrote

Re: CloudFlare issues?

Disclaimer : I am a Verizon employee via the Yahoo acquisition. I do not work on 701. My comments are my own opinions only. Respectfully, I believe Cloudflare’s public comments today have been a real disservice. This blog post, and your CEO on Twitter today, took every opportunity to say “DAMN TH

Re: CloudFlare issues?

wrote: > On 25/06/2019 08:17, Christopher Morrow wrote: > > On Tue, Jun 25, 2019 at 12:49 AM Hank Nussbacher > wrote: > >> On 25/06/2019 03:03, Tom Beecher wrote: > >>> Disclaimer : I am a Verizon employee via the Yahoo acquisition. I do > >>> not

Re: BGP filtering study resources (Was: CloudFlare issues?)

Job also enjoys having his ID checked. Can we get a best practices link added to the list for that? On Tue, Jun 25, 2019 at 10:27 AM Job Snijders wrote: > Dear Stephen, > > On Tue, Jun 25, 2019 at 07:04:12AM -0700, Stephen Satchell wrote: > > On 6/25/19 2:25 AM, Katie Holly wrote: > > > Disclaim

Re: Crowdfunding critical infrastructure

> > Encouraging folks to contribute to specific individuals directly may be a > little more difficult though, compared to, say, getting a legitimate > organization going that provides (likely objectively-determined > merit-based) payouts to the sort of folks you're talking about. > Adding an organ

Re: Crowdfunding critical infrastructure

> You know how to help. Take the Loadsharers pleadge and spread the word. > Or maybe suggest to some of these BDFL that they loosen their self imposed requirements to maintain absolute control of the code, and share the workload. It's not hard to work 50 hours a week for free. Don't! On Thu, Jun

Re: Ideas to products (Shark Tank(-ish) @ Austin)

Referencing our published presentation guidelines , https://nanog.org/participate/presentation-guidelines/ ( emphasis mine ) : While it is not our goal to censor presentation content, *we do ask that > speakers refrain from disclosing proprietary information, or using > presentations as a platfor

Re: Ideas to products (Shark Tank(-ish) @ Austin)

wrote: > On Sat, Jun 29, 2019 at 11:35 AM Mehmet Akcin wrote: > >> Great point ;-) thanks Tom >> >> On Sat, Jun 29, 2019 at 09:29 Tom Daly wrote: >> >>> Mehmet, >>> >>> Good idea, the opportunity for innovation and supporting ideas of oth

Re: Google Fiber

95% sure that Google Fiber only sells access, not point to point or wave services. On Tue, Jul 9, 2019 at 9:30 AM Robert DeVita wrote: > Does anyone have a sales contact at Google Fiber, looking for Dark fiber > in Pflugerville, TX back to Datafoundry TX1 > > > > Thanks > > > > Rob > > > > [imag

Re: QoS for Office365

> > At a previous employer (AOL, doing VoIP for customer service / call > centers, ~2004) we had a number of contractual agreements with > multiple providers to honor our QoS markings -- as far as I could tell > (marking test traffic under congestion events) only one of about seven > did anything a

Re: QoS for Office365

That's already been happening. OpenSSH pulled that stunt in 7.8. https://www.openssh.com/txt/release-7.8 ssh(1)/sshd(8): the default IPQoS used by ssh/sshd has changed. They will now use DSCP AF21 for interactive traffic and CS1 for bulk. For a detailed rationale, please see the commit me

Re: QoS for Office365

nfortunate choice. On Tue, Jul 9, 2019 at 11:22 AM Saku Ytti wrote: > Hey Tom > > > That's already been happening. OpenSSH pulled that stunt in 7.8. > > OpenSSH always coloured interactive and non-interactive SSH. They just > used original TOS definition, which no one has

Re: QoS for Office365

That's embarrassing, thank you for correcting me. On Tue, Jul 9, 2019 at 12:19 PM Saku Ytti wrote: > On Tue, 9 Jul 2019 at 18:50, Tom Beecher wrote: > > > I respectfully just don't agree on that. In my view, software should > default to not setting those bits to anythin

Re: Performance metrics used in commercial BGP route optimizers

The most important metric for a BGP optimizer is how much it physically weighs. That way you'll know if you can carry it to the trash pile yourself, or need to get help so you don't hurt your back. :) On Tue, Jul 16, 2019 at 9:21 AM Ryan Hamel wrote: > The answers which you seek would be consid

Re: Antennas in the data center

Being told "industry standard" seems like a cop out for "we don't want to do it". Which is a completely legitimate response, but ideally they'd just come out and say that. On Thu, Jul 18, 2019 at 11:54 AM Robert Webb wrote: > The is booster to only get an LTE signal from Verizon into the data >

Re: 44/8

> > Was ARIN not involved? If not, why not? 44/8 isn’t like a normal > assignment. It’s a legacy assignment likely with stipulations from when it > was originally assigned to the HAM group(s). > My recollection from some years ago was that the IANA assignments done before the RIR system were no

Re: 44/8

> > If they choose to they could have (in the ARIN region) signed a LRSA, > but that's even been removed, in favor > of the now much more watered down RSA. > I believe ARCD would have been required to sign an LRSA (if they had not previously) in order to transfer the block to Amazon. Also, a ques

Re: 44/8

Understood on specifics. But can you comment on the general ARIN policy on the topic? My understanding was that once a legacy resource was transferred , it was permanently removed as a legacy resource. On Fri, Jul 19, 2019 at 11:42 AM John Curran wrote: > On 19 Jul 2019, at 11:33 AM,

Re: 44/8

Good deal. Thanks John, have a great weekend! On Fri, Jul 19, 2019 at 11:52 AM John Curran wrote: > On 19 Jul 2019, at 11:46 AM, Tom Beecher wrote: > > > Understood on specifics. But can you comment on the general ARIN policy on > the topic? My understanding was that once a lega

Re: 44/8

So wall of text, but here is the RFC chain. Hank Magnuski was the original person marked as the 'reference', which is interpreted as 'responsible individual' in these documents. This changed in 1987, when Philip R. Karn was now reflected in that field. The last RFC I can find that explicitly cal

Re: Abuse from Vodaphone AS30722

urprised if Vodafone's domestic Italian network would spread traffic to your ASN over multiple paths, and so if it is coming in from multiple ingress points, you're probably looking at spoofed-source traffic. -- Tom

Re: UK, NL, & Asia LTE Providers for Opengear Console Servers

rgo, relative to the countries stated, permanently roaming? I'd love to know if you've found that reliable - it seems too good to be true. -- Tom

Re: UK, NL, & Asia LTE Providers for Opengear Console Servers

ntly, I'll admit. It does look like they're aiming to address that, however. More re-farming 3G frequencies to 4G, additional bands: https://www.ispreview.co.uk/index.php/2019/08/three-uk-in-l-band-rollout-as-mobile-data-usage-per-user-hits-9-1gb.html -- Tom

Re: Mx204 alternative

t; Min 6-8 10G ports are required > 1G support required No-one has mentioned it yet, so for completeness big C have the ASR 9901 (not 9001) with traditional router bits in it. A portion of the 10G ports on it are capable of 1/10G. Regards, -- Tom

Re: [j-nsp] MX10003 rack size

can now do 3x800 racks in 4x600 footprints. Fewer snowflake racks messing up the rack/footprint alignment, and you get more room per rack. -- Tom

Re: This DNS over HTTP thing

ith that claim? :) -- Tom

Re: This DNS over HTTP thing

> > In UK, they are very successful. Sources, please. (Disclaimer: I'm in the UK.) -- Tom

Re: This DNS over HTTP thing

in the UK we are very successful in making money from child pornography *by censoring* child pornography? -- Tom

Re: This DNS over HTTP thing

me to think about it without your tinfoil hat. ;) -- Tom

Re: Comcast outages continue even in areas with PG&E power restored

It's very difficult to properly build a resilient infrastructure when those shareholders must get their value! On Fri, Oct 11, 2019 at 7:33 PM Sean Donelan wrote: > The FCC asked a half-dozen carriers about their network resilience plans > last month. Comcast was not one of the service provider

Re: Viability of GNS3 network simulation for testing features/configurations.

GNS3 can do a heck of a lot, and the price is definitely right. I have used it extensively for initial fleshing out of designs or ideas, protocol nerding, automation interaction testing, etc. There certainly other tools out there, but being able to visually draw a topology out, connect the dots, a

Re: Viability of GNS3 network simulation for testing features/configurations.

> > Said that I haven’t played with GNS3, EVE-NG, VIRL,… recently so I don’t > know if any of these would allow me to create these massive “spreadsheets” > for programmatic generation of labs. > GNS3 you can, they have a fairly well documented JSON based API that you can use to script up all the

Re: Is anybody else getting spam from cytranet.com?

Seems likely that they scraped the list, yes. Two more names to my Never Do Business With list I guess. :) On Tue, Oct 22, 2019 at 8:43 AM Rich Kulawiec wrote: > I'm guessing -- because spammer Ben Reynolds (breyno...@cytranet.com) > wrote to me about voice/data services -- that it's possible t

Re: DoD IP Space

Yeah, check with the DoD NIC 100% of the time. Probably a pretty safe bet that unless they are a US government agency, they're not authorized. For anyone who did not attend NANOG last week, representatives from NCIS and the FBI reminded the audience in no uncertain terms that "industry standard sq

Re: DoD IP Space

Using the generally accepted definition of a bogon ( RFC 1918 / 5735 / 6598 + netblock not allocated by an RiR ), 22/8 is not a bogon and shouldn't be treated as one. The DoD does not announce it to the DFZ, as is their choice, but nothing says they may not change that position tomorrow. There are

Re: Disney+ Streaming

> > I guess the question is, will Disney content compel users who are not > already streaming to start streaming? > Maybe, maybe not. But what is 100% certain is that Disney knows how to make content that people want to watch a LOT of , and Disney+ is going to be the only place to get that conten

ATT Mobile V6 / Central US Issues?

Anyone from ATT aware of any V6 issues in your network , central US, ongoing for about 24 hours - ish? If so , offlist ping would be swell. Thanks!

Re: Recommended DDoS mitigation appliance?

ihood that they escalate the attack to the authorities (because who's got the time to do that for an individual subscriber?) The shift to "just enough to knock the customer off without killing the whole network" happened around ~2015 in my capacity, at least. -- Tom

Re: Recommended DDoS mitigation appliance?

It's a logical evolution as botnets became less of a tool for lulz and more of a economic asset to certain segments of the world. No sense launching an orbital strike where a garden hose will do the job just as well. On Mon, Nov 18, 2019 at 9:05 AM Tom Hill wrote: > On 18/11/2019 13:

Re: Hulu thinks all my IP addresses are "business class", how to reach them?

They are essentially equating 'business' with 'VPN provider'. On Tue, Nov 19, 2019 at 1:25 PM Matt Hoppes < mattli...@rivervalleyinternet.net> wrote: > Why are "businesses" not allowed to watch HULU? > > On 11/19/19 1:17 PM, Doug McIntyre wrote: > > On Mon, Nov 18, 2019 at 10:55:01AM -0600, Blake

Re: Hulu thinks all my IP addresses are "business class", how to reach them?

rtunately the more common decision in this age of worship at the Altar of Maximum Shareholder Value. On Wed, Nov 20, 2019 at 12:20 AM Valdis Klētnieks wrote: > On Tue, 19 Nov 2019 13:39:56 -0500, Tom Beecher said: > > > They are essentially equating 'business' with 'VPN

Re: Hulu thinks all my IP addresses are "business class", how to reach them?

> > If I, as a UK citizen, buy region 2 DVDs at home, take them on my trip to > the US and watch them on my laptop, no-one is screaming that I'm violating > someone's geographic distribution rights by doing so. If a US citizen is > paying for Hulu, from a US billing address, on a US credit card, b

Re: Question about normal ops - BGP Flaps nightly

I agree that this sounds like an automated process in some way. I would suspect that either a vendor code update changed something such that a given command that would not cause session reset now does, or they changed their automation to include a command that would cause a reset without realizing

Re: AWS re:Invent

Oliver- Although I'm sure many appreciate the offer, this is not appropriate content for the NANOG mailing list. On Thu, Nov 28, 2019 at 5:46 PM Oliver O'Boyle wrote: > Just a reminder. The ticket remains unclaimed. If it makes you feel > better, I'll raise the price from free to $10 :) > > $1

Re: Software Defined Networks

SDN originally meant 'separate the forwarding plane from the control plane, and do wacky stuff with the CP'. It's been applied over the years as a nice buzzwordy marketing term for just about anything that involves software interacting with network hardware in any way. Not correct of course, but t

Re: power to the internet

> > Same story again different colors. PG&E making a mint while people get > screwed > I'm not quite sure that's an accurate statement. In 2000-2001, PG&E got screwed by Enron's market manipulation. ( Good job those who pushed so hard for deregulation of public utility services! ) PG&E is curren

Re: power to the internet

If that was a reference to my comments, it was certainly not my intention. I was striving to avoid it being seen as that, but apparently fell short. To reanswer the question posed though, is still the same ; $$$. If network operators take the position that the electric utility supply should be mor

Re: power to the internet

To be hyper pedantic, lithium / li-on batteries are recyclable. It’s just not being done today on a substantive scale today for mostly economic reasons. On Sat, Dec 28, 2019 at 14:51 Dan Hollis wrote: > Nothing. > > It is extremely cheap, extremely durable, and nearly 100% recyclable. All > the

Re: power to the internet

It helps that we have a 2.6GW pumped storage generation facility near Niagara Falls. :) On Thu, Jan 2, 2020 at 5:05 PM Scott Weeks wrote: > > - > > I don't know where you live, but I pay around 38 cents/KWh. Depending > > on your rate, that can go up to 53 cents/KWh during pe

Re: power to the internet

I'm familiar with the Sir Adam Beck plant, I grew up in and live in Niagara County. Not everything produced by the NYPA goes to munis. There is a lot sold direct to businesses; last I checked roughly 5% of the generation from the Niagara Power Project is allocated for businesses in WNY in a 30 mil

Re: Wikipedia drops support for old Android smartphones; mandates TLSv1.2 to read

Wikipedia deprecated 1.0 and 1.1 on Jan 1, 2020. Apple, Google, Microsoft, and Mozilla are all deprecating 1.0 and 1.1 in their browsers by March 2020. Chrome will start showing warnings about 1.0 and 1.1 I think next week? This isn't an assault on the free flow of information. On Tue, Dec 31, 2

Re: Cost Recovery Surcharge & Va Personal Property Tax Recovery for IP Transit

Both are quite likely to be negotiable. FCC Cost Recovery fees are the federally mandated ones they are allowed to pass on to you. Most anything else named 'Cost Recovery' is optional, and so named to try and confuse you into thinking it's the mandatory stuff. "Property Tax Recovery" charges are

Re: GPS Sync Outage

GPS != GLONASS On Mon, Jan 6, 2020 at 1:32 PM Andy Ringsmuth wrote: > “It’s a glitch in the Matrix.” > > Momentarily donning my tinfoil hat here, as I certainly don’t claim to > know the nitty gritty of how GPS timing works, but… > > What if, since the GPS system is operated by the US Air Force,

Re: Arista Routing Solutions

just skim-read the vendor PDF. -- Tom

Re: NCS5K?

ts better buffers than the NCS 5001 & 5002 (which also already exist). -- Tom

Re: NCS5K?

- particularly if that's Arista's game. The NCS 55k is obviously being targeted at dense MPLS P roles, and/or simple BGP edge routers, which may be of enough use to you, in your environment - it may not. -- Tom

Re: NCS5K?

5001 & 5002 (which also >> already exist). > > Does the NCS 5508 support VPLS? I don't recall looking closely, but I very much doubt it due to the reasons mentioned above. -- Tom

Re: Network traffic simulator

raffic simulator which can simulate 40 gbps of > traffic. I am looking for a simulator with sfp+ ports. > I am interested in any input as to brands to look at, build one myself etc. > Thanks,Mitchell -- Kindest regards, Tom Smyth Mobile: +353 87 6193172 -

Re: Traffic engineering and peering for CDNs

comming from and determine what ip address / what network that the cdn has nearest to your network... ff you use 3rd party dns servers for your clients... you may not get an optimal ip answer for your dns queries from the CDNS involved I hope this helps Tom Smyth On Mon, Jun 6, 2016 at 6:53 PM

Re: NANOG67 - Tipping point of community and sponsor bashing?

off just saying it outright. Definitely do not be surprised when anyone's confused as to this fact, however. -- Tom

Re: Google Geolocation issue

I see your maxmind DB points to a right location as well as traceroute goes to Austin. Are you a member of their peering project? What you can see there? Anyway, I still think that there are guys from google here that can be a better help than me :) Good luck. Tom 2016-06-21 21:25 GMT+03:00

Re: IPv4 Legacy assignment frustration

, Thanks Tom Smyth On Thu, Jun 23, 2016 at 4:09 PM, Ray Soucy wrote: > Regardless of whether or not people "should" do this, I think the horse has > already left the barn on this one. I don't see any way of getting people > who decided to filter all of APNIC to make ch

Re: Cisco 2 factor authentication

The radius protocol traffic can be encrypted with ipsec policies...if confidentiality of the radius traffic is a concern ( particularly if traversing untrusted networks) On 26 Jun 2016 3:48 a.m., "Jimmy Hess" wrote: > On Wed, Jun 22, 2016 at 9:38 PM, Chris Lawrence > wrote: > > Any radius based

Re: Real world power consumption of a 7604-S or 7606-S

tive but not overly so: http://cpc.cloudapps.cisco.com/cpc/launch.jsp -- Tom

Re: NAT firewall for IPv6?

Not to belabor the point, because it will likely be made frequently in responses, but every legitimate service _should_ have both IPv4 and IPv6 addresses. Get Palo Alto on the horn, and get access to that box. Get it configured properly. I won't hammer you since you're just trying to solve a prob

Re: Yahoo Postmaster or Email Admin

*https://postmaster.yahoo.com * *https://help.yahoo.com/kb/postmaster/postmaster-sending-issues-sln22608.html * On Wed, Jul 27, 2016 at 12:30 PM, Tony Finch wrote: > For this kind of que

Re: Yahoo Postmaster or Email Admin

To quote Elizabeth... "but I can help people who have filed tickets there and not had any luck can contact me, specifying a) what IP addresses and From: line they're talking about and b) exactly what error message they are getting when they try to send us mail." On Wed, Jul 27, 2016 at 1:05 PM, M

Re: Optical Wave Providers

erver though; it should give a good idea of how this fits together. Of course, I'm sure more comprehensive muxponder solutions are available for the [inter]national carriers. :) -- Tom

Re: PlayStationNetwork blocking of CGNAT public addresses

hat we could > either > block it, or use it to identify the rogue users ourselves. > > Has anyone else come up against the problem, and/or have any suggestions on > how best to resolve it? > > Many thanks in advance, > > Simon > > -- Kindest regards, Tom Smyth Mobil

Re: PlayStationNetwork blocking of CGNAT public addresses

ction,and when we crawled THOSE servers, Bad Things Happened for them. We were doing nothing wrong ; they just refused to look, and found it easier to blame us. Simon's getting screwed because he's not being given any information to try and solve the problem, and because his customers ar

Re: PlayStationNetwork blocking of CGNAT public addresses

uring these times. We're not quite sure what it is, but it's causing [problem X].' It would still be a question of maliciousness or not, but it would be something to work with. Providing nothing just perpetuates this finger pointing game, and nothing gets solved. On Sun,

Re: "Defensive" BGP hijacking?

So after reading your explanation of things... Your technical protections for your client proved sufficient to handle the attack. You took OFFENSIVE action by hijacking the IP space. By your own statements, it was only in response to threats against your company. You were no longer providing DDoS

Re: "Defensive" BGP hijacking?

.com/2016/09/ddos-mitigation-firm- > has-history-of-hijacks/ > > > > -- > > Hugo Slabbert | email, xmpp/jabber: h...@slabnet.com > > pgp key: B178313E | also on Signal > > > >> On Sun 2016-Sep-18 22:25:44 -0400, Tom Beecher > wrote: > >&g

Re: PlayStationNetwork blocking of CGNAT public addresses

I have a hard time accepting that service providers should re-engineer their networks because other companies cannot properly engineer their abuse tooling. On Tue, Sep 20, 2016 at 11:33 AM, Justin Wilson wrote: > PSN is one reason I am not a fan of CGNAT. All they see are tons of > connections f

Re: PlayStationNetwork blocking of CGNAT public addresses

The format of the abuse complaint doesn't mean anything if it still doesn't contain any relevant data to say what the abuse IS. (Or, even if it IS abuse at all.) On Thu, Sep 22, 2016 at 9:37 AM, Brian Rak wrote: > Single IP per email: automated, zero time at all. > > Multiple IPs per email: m

Re: Providing transit to unallocated networks

I've seen this with increasing frequency in the last 8-12 months, more with ASNs that were either expired/unallocated. Spammers seem to be snatching them up and hijacking IPs via bilateral peering to make it harder to notice. I've found it very difficult in some cases to get traction from IXes or

Re: Another day, another illicit SQUAT - WebNX (AS18450) 103.11.67.0/24

Spammers are doing a great job abusing the gaps in the systems. Another common pattern in the last 12-14 months has been a combination of squatting on an AS, forging some business documentation, buying transit to an IX, and proceeding to hijack prefixes over bilateral peering sessions. Pain in the

Re: Spitballing IoT Security

"That means the motive was prep for terrorism or cyberwar by a state-level actor. " Or, quite possibly ( I would argue probably) it was marketing. Show off the capabilities of the botnet to garner more interest amongst those who pay for use of such things. On Sat, Oct 29, 2016 at 2:07 PM, Eric S.

JP Morgan contact

Would anyone from JP Morgan just so happen to be lurking on the list? If so, would you mind contacting me off-list regarding a reachability issue that some of my customers are experiencing with your website(s), specifically jpmpb.com. Thanks Tom

Re: Not a representative of gmx.com but their emails are being blocked by those who subscribe to the SORBS RBL.

I tend to scratch my head at anyone still using SORBS at this point. On Sun, Dec 18, 2016 at 8:27 AM Ken O'Driscoll wrote: > On Sat, 2016-12-17 at 20:15 -0800, Large Hadron Collider wrote: > > > Does anyone have information on why this is, and if you represent SORBS > > > and/or GMX and/or both

Re: [Tier1 ISP]: Vulnerable to a new DDoS amplification attack

NTP Monlist was what, 200x? 100x amplification attacks are s 2013. :) I doubt many will fall for your Rolodex expanding exercise though, sorry. ( Do people still have Rolodexes? ) On Wed, Dec 21, 2016 at 11:05 AM, Jean | ddostest.me via NANOG < nanog@nanog.org> wrote: > Hello all, I'm a firs

Re: [Tier1 ISP]: Vulnerable to a new DDoS amplification attack

You're claiming to be able to generate more than 10 times as much traffic as the largest DDoS ever seen in the wild whilst 3 months into a position at a company that sells 'self-DDoS' services for testing purposes. In that absence of anything more than 'GUYZ THIS IS SERIOUS' , with no technical de

Re: [Tier1 ISP]: Vulnerable to a new DDoS amplification attack

Cert-CC is also aware and they are also working out something on their > side. > > I am in good faith here and time is not against us. I discover something > new that I want to share properly and I am not here to make business. > > > Sincerely, > Jean St-Laurent > > > On

Re: [Tier1 ISP]: Vulnerable to a new DDoS amplification attack

Jean sent me details. I won't share the link or password to it based on his request, but he hasn't found anything new, and it's not even amplification at all. What he did was send 1500 byte ICMP packets with a max TTL at an IP address that is not reachable due to a routing loop. No amplification i

Re: Netflow/sFlow generator for Linux with BGP support

On 29/01/17 06:43, Peter Phaal wrote: > You might want to try pmacct: > http://www.pmacct.net/ That's definitely a good idea. +1 -- Tom

Re: East coast outage

I see a couple things that leads me to believe there's something afoot in NOVA as well. But not done with my first coffee, so unable to process any specifics yet. :) On Wed, Feb 1, 2017 at 9:25 AM, Raymond Dijkxhoorn wrote: > Hello Ben, > > > Is anyone else seeing connectivity issues along the

Re: East coast outage

That'll do it. /refills coffee On Wed, Feb 1, 2017 at 9:26 AM, Jeroen Wunnink wrote: > There’s a major fiber outage between Ashburn, VA and Philadelphia, PA. > > > > Jeroen Wunnink > IP Engineering manager > office: +31.208.200.622 ext. 1011 > Amsterdam Office > www.gtt.net

Re: Telia network quality

At the risk of sounding exceptionally snarky here, I don't think it really makes sense to judge a carrier's performance based on the short term status of a single BGP session. On Tue, Feb 7, 2017 at 7:24 AM, Dmitry Sherman wrote: > Same here 2 BGP flaps in past week. > > Dmitry Sherman > dmi..

Re: IoT security

" any IoT device must _by default_ emit a UDP packet to an anycast address reserved for the purpose which identifies the device model and software build. " Any semi-competent attacker will simply alter the way the network stack on the device works to make it _not_ look like an IoT device for the p

Re: Curiosity about AS3356 L3/CenturyLink network resiliency (in general)

our customers, and the right features/TCAM/CP performance, for a price that permits you to buy a lot of them. -- Tom

Re: Curiosity about AS3356 L3/CenturyLink network resiliency (in general)

On 19/05/18 21:51, Ben Cannon wrote: > Isn’t that the ASR9010? (And before that 7609?) I can't tell if you're taking the piss or not. -- Tom

Re: Curiosity about AS3356 L3/CenturyLink network resiliency (in general)

ou thought someone was going to build you a tailored device of that ilk then you're surely going to need to commit to buying a lot more than you actually need... Whilst small-to-medium providers still need to play in the DFZ, they don't often buy hundreds (let alone thousands) of small edge routers. -- Tom

Re: Curiosity about AS3356 L3/CenturyLink network resiliency (in general)

On 21/05/18 17:10, Large Hadron Collider wrote: > I would go as far as to say that Tier 1 is a derogatory designation, but > I have a beef with Cogent because they're expecting otherwise Tier 1 > IPv6 ISP Hurricane Electric to bow to the altar of Cogent. Owen, is dat yew?! -- Tom

Re: Broadcom vs Mellanox based platforms

oftware vendors are the ones that get access to the people at both companies that /really/ know where the limitations are, so you're more likely to find the best information dealing with one of them. HTH, -- Tom

Re: 3rd party QSFP-100G-LR4-S for Cisco

er's SFP is reliable or has good performance. FlexOptix (.net) are an excellent third-party provider for your first foray into non-vendor optics. Tom

Re: BGP in a containers

before put into production. There was a talk about an experimental system like this at the February 2017 meetup: https://developers.google.com/events/sre/nyc Title: "DevOps to NetworkOps" Speaker: Xavier Nicollet, Stack Overflow Tom On Thu, Jun 14, 2018 at 2:56 PM, james jones wrot

<    1   2   3   4   5   6   7   8   9   10   >