Re: NTP for ASBRs?

On Wed, 08 May 2019 14:00:11 -0700, "Scott Weeks" said: > From: Job Snijders > > on this topic, i strongly recommend to operate all > devices in the Etc/UTC timezone, this makes > coordination with external entities much easier. > > > > Yes, this! Holy cr

Re: BGP prefix filter list

On Thu, 30 May 2019 10:42:17 -0700, William Herrin said: > Heck, most networking courses still teach class A, B and C... definitions > which were explicitly invalidated a quarter of a century ago. If you had asked me back in 1993 if I was going to be retired before class A/B/C was gone from common

Re: BGP prefix filter list

On Thu, 30 May 2019 16:07:53 -0700, "Scott Weeks" said: > Having been on quite a few networks in my career, > (eyeball/enterprise) I'd say many struggle with > having a "single and clearly defined routing policy" Which part do they find problematic, the "single" part, or the "clearly defined" par

Re: BGP prefix filter list

On Fri, 31 May 2019 00:10:42 -, Mel Beckman said: > What are you talking about? Do you use multi homed BGP? If so, I’d expect > you > to know that an organization with multiple sites having their own Internet > still uses a single AS. They have IGP paths to route traffic between sites > (e.g

Re: someone is using my AS number

On Wed, 12 Jun 2019 16:10:00 -, David Guo via NANOG said: > Get Outlook for iOS Does it work better on XE or XR versions? /ducks ;) pgpCxfGZJGXxT.pgp Description: PGP signature

Re: someone is using my AS number

On Sat, 15 Jun 2019 05:38:23 -0700, Owen DeLong said: > What I heard you say is: “I’m not going to offer a solution to your > problem, > but you shouldn’t use the one you have that currently works because some > things > my friends and I are doing react poorly to it and you may suffer some

Re: Traffic ratio of an ISP

On Wed, 19 Jun 2019 11:05:40 -0400, Prasun Dey said: > I’ve seen from PeeringDB that every ISP reveals its traffic ratio as Heavy/ > Mostly Inbound or Balanced or Heavy/ Mostly Outbound. > I’m wondering if there is any specific ratio numbers for them If they're an ISP that sells to end user c

Re: Traffic ratio of an ISP

On Wed, 19 Jun 2019 16:20:37 -0400, Prasun Dey said: > So, my question was more like to understand when an ISP decides to claim > itself as any of these (Heavy Outbound/ Inbound or Balanced)? From an ISP’s > own > point of view, at what point, it says, my outbound:inbound is something, so > Iâ€

Re: Traffic ratio of an ISP

On Thu, 20 Jun 2019 10:16:03 -0600, "Keith Medcalf" said: > Having an inbound:outbound ration of 10:1 is known as a leech ... Just remember that without "leech" networks like Comcast, everybody who's selling transit to content providers would be having a hard sell indeed. pgpkFBQ_vWGng.pgp

Re: SHAKEN/STIR Robocall Summit - July 11 2019 at FCC

On Mon, 08 Jul 2019 17:58:17 -0700, Michael Thomas said: > On 7/8/19 5:54 PM, Keith Medcalf wrote: > > This is because DKIM was a solution to a problem that did not exist. > > > > > ::eyeroll:: pray tell, how do you "always" know the identity of the MTA > sending you a message? It's more subtle t

Re: QoS for Office365

On Tue, 09 Jul 2019 17:16:52 +0300, Saku Ytti said: > In previous life working with L3 MPLS VPN with deliveries far > exceeding on-net size we bought access from partners and had QoS > contracts in place, which were tested and enforced and they worked > after some ironing during field trials. I'l

Re: Colo in Africa

On Tue, 16 Jul 2019 10:11:48 -0600, Ken Gilmour said: > Speed is not the issue, it's IO. Also streaming 100Gbps of video is very > different to streaming 100Gbps of files smaller than 100kb (average of > about 30kb) the issue on the network level is the number of connections and > CPU, on the serv

Re: Colo in Africa

On Tue, 16 Jul 2019 10:39:59 -0600, Ken Gilmour said: > These are actual real problems we face. thousands of customers load and > reload TBs of data every few seconds on their dashboards. If they're reloading TBs of data every few seconds, you really should have been doing summaries during data i

Re: Colo in Africa

On Tue, 16 Jul 2019 11:13:45 -0700, Seth Mattinen said: > On 7/16/19 10:53 AM, Akshay Kumar via NANOG wrote: > > Then you are "doing it wrong(tm). Good luck. > > > Are you saying that anyone choosing not to use "the cloud" is simply > wrong because "cloud" is always right? No, he's saying that if

Re: Colo in Africa

On Tue, 16 Jul 2019 15:54:10 -0600, Ken Gilmour said: > We have a different use case to traditional analytics - We're aimed at > consumers and small businesses, so instead of a SOC with one big screen > refreshing 1 rows of only alert data every 30 seconds, we have > thousands of individuals r

Re: 44/8

On Mon, 22 Jul 2019 20:36:40 -, John Curran said: > There is no such creature as a “special purpose” RIR; Regional Internet > Registries serve the general community in a particular geographic regions as > described by ICANN ICP-2. OK, I'll bite then. Which RIR allocates address space to

Re: User Unknown (WAS: really amazon?)

On Tue, 30 Jul 2019 16:02:58 +0300, T�ma Gavrichenkov said: > On Tue, Jul 30, 2019 at 1:20 PM Christoffer Hansen > wrote: > > Imagine ARIN did a take from RIPE NCC [Policy Proposal Idea?] and a > > policy came into effect of validating ALL 'OrgAbuseEmail' objects listed > > in the ARIN database.

Re: really amazon?

On Wed, 31 Jul 2019 16:36:08 -, Richard Williams via NANOG said: > To contact AWS SES about spam or abuse the correct email address is > ab...@amazonaws.com You know that, and I know that, but why doesn't the person at AWS whose job it is to keep the ARIN info correct and up to date know th

Re: OT: Tech bag

On Fri, 02 Aug 2019 14:54:49 -0400, Christopher Morrow said: > 'server has no ip address' . > $ ping www.tombin.com > PING www.tombin.com (127.0.0.1) > > good try to get us all infected by malware... Anybody who gets infected by malware from that IP address has bigger problems pgpsAR

Re: The future of transport in the metro area

On Sat, 03 Aug 2019 12:58:01 +0200, Mark Tinka said: > On 3/Aug/19 03:14, Brandon Martin wrote: > > � I've inquired with a few metro operators in my area about something > > like this, albeit a few years ago, and I got a pretty hard "no way > > we'd ever do that" out of them presumably for the reas

Re: MAP-E

On Mon, 05 Aug 2019 06:42:30 +0900, Masataka Ohta said: > JORDI PALET MARTINEZ via NANOG wrote: > > A problem of dynamic sharing is that logging information to be used > > for such purposes as crime investigation becomes huge. > > > -> Of course, everything has good and bad things, but with NAT444

Re: What can ISPs do better? Removing racism out of internet

On Mon, 05 Aug 2019 18:19:06 -, Mel Beckman said: > I notice you didn’t provide any actual data to support your position. What, > for example, outside of copyright violations, could ISPs conceivably be liable > for? You get caught with nuclear weapons data, terrorism-related info, or kiddie

Re: What can ISPs do better? Removing racism out of internet

On Mon, 05 Aug 2019 20:40:43 -, Mel Beckman said: > The key misunderstanding on your part is the phrase “on your servers”. > ISPs > acting as conduits do not, by definition (in the DMCA), store anything on > servers. Note that ISPs whose business is 100% "acting as conduits" are in the mi

Re: What can ISPs do better? Removing racism out of internet

On Tue, 06 Aug 2019 02:27:30 -, Mel Beckman said: > A CDN is very much an ISP. It is providing transport for its customers from > arbitrary Internet destinations, to the customer’s content. The caching > done by > a CDN is incidental to this transport, in accordance with the DMCA. Just bec

Re: What can ISPs do better? Removing racism out of internet

On Tue, 06 Aug 2019 06:15:36 -, Mel Beckman said: > Not really. The customer provides the content on its own servers. The CDN > simply redistributes the content via temporary caching. It’s not a web > hosting > provider. The CDN _customer_ hosts the content. That's an... interesting.. inte

Re: the CLOUD Act (was What can ISPs do better? Removing racism out of internet)

On Tue, 06 Aug 2019 12:54:55 -0600, "Keith Medcalf" said: > I realize that the purpose of the terms "serve a demand" if legal > globedey-glook phrased to pompously instill in the reader some feeling of the > majesty and due regard for the process (etc), but in reality it is just > pompous > for "s

Re: Research project on blacklists

On Thu, 08 Aug 2019 13:31:03 -0600, "Keith Medcalf" said: > Cannot access your website. Just has a spinning colostomy bag. I'm almost afraid to ask if that's the site itself doing javascript/CSS, or the browser, or a browser extension, or if the Unicode guys have totally gone off the deep end on

Re: RPKI adoption (was: Re: Corporate Identity Theft: Azuki, LLC -- AS13389, 216.179.128.0/17)

On Wed, 14 Aug 2019 02:42:09 -, John Curran said: > You might want want to ask them why they are now a problem when they weren’t > before (Also worth noting that many of these ISP's own contracts with their > customers have rather similar indemnification clauses.) Actually, it's probably AR

Re: RPKI adoption (was: Re: Corporate Identity Theft: Azuki, LLC -- AS13389, 216.179.128.0/17)

On Wed, 14 Aug 2019 16:07:49 -, John Curran said: > > But I suspect a lot of companies are reading it as: "If a spammer sues you > > for using > > a block list that prevents them from spamming your customers, you can't end > > up > > owing money to the block list maintainers. But if you rel

Re: new BGP hijack & visibility tool “BGPalerter”

On Fri, 16 Aug 2019 11:02:41 +0200, Robert Kisteleki said: > Hi, > > On 2019-08-15 17:38, Christopher Morrow wrote: > > This looks like fun! > > (a few questions for the RIPE folk, I think though below) > > > > What is the expected load of streaming clients on the RIPE service? (I > > wonder becaus

Re: syn flood attacks from NL-based netblocks

On Mon, 19 Aug 2019 20:44:47 +0300, T�ma Gavrichenkov said: > Not in a typical DC/ISP environment! With the solution you propose, a > perfect routing symmetry is a hard requirement, b/c you need to make > sure a returning SYN/ACK hits the very same machine as the initial > SYN. If your load bala

Re: syn flood attacks from NL-based netblocks

On Mon, 19 Aug 2019 21:18:49 +0300, T�ma Gavrichenkov said: > If you're doing load balancing for *outgoing* traffic — and in exactly the > same manner as you do with incoming — then maybe. On the other hand, your servers should probably be doing non-loadbalanced outbound on a different IP address

Re: Weekly Routing Table Report

On Fri, 30 Aug 2019 20:27:10 -0600, Paul Ebersman said: > BGP when under 2k-ish and CLNP for sins in past lives... CLNP? Now there's a name I've not heard in a long time... (Go ahead, admit it, you read that in Alec Guiness's voice :) pgp6ZxG8xNXvp.pgp Description: PGP signature

Re: Weekly Routing Table Report

On Sat, 31 Aug 2019 18:51:16 +0900, Masataka Ohta said: > Owen DeLong wrote: > >> With the current routing practice, the number will increase to 14M > >> with IPv4 and a lot more than that with IPv6. > > > > I$B!G(Bm curious as to why you think that the number is bounded at 14M fo r > > IPv4 and

Re: Weekly Routing Table Report

On Sat, 31 Aug 2019 12:04:43 +0900, Masataka Ohta said: > The solution is: > > https://tools.ietf.org/html/draft-ohta-e2e-multihoming-03 All I see there is some handwaving about separating something from something else, without even a description of why it was better than what was available

Re: Weekly Routing Table Report

On Sun, 01 Sep 2019 09:04:03 +0900, Masataka Ohta said: > > All I see there is some handwaving about separating something from > > something else, without even a description of why it was better than > > what was available when you wrote the draft. > > Read the first three paragraphs of abstract o

Re: Weekly Routing Table Report

On Mon, 02 Sep 2019 14:02:43 +0900, Masataka Ohta said: > If you think we should blindly believe your unfounded statement > not supported by any verifiable reference, that is the > condescending behavior. Well Masataka... If "Owen DeLong, who was widely known to have been in an actual job position

Re: Mx204 alternative

On Mon, 02 Sep 2019 10:02:55 +0100, Aled Morris via NANOG said: > The forthcoming Juniper ACX700 sounds like a good fit for metro Ethernet > with 4x100G and 24x10G in a shallow 1U hardened form factor. Hardened? Is this just "will survive in a not-well-cooled telco closet" hardening, or somethi

Re: IPAM recommendations

On Thu, 05 Sep 2019 21:20:19 +0900, Mehmet Akcin said: > I was using another product till few days ago (i won’t mention name) i am > not happy and decided to go with something open source Can you mention why you're unhappy with the product? Price, a critical feature that was lacking, something e

Re: This DNS over HTTP thing

On Tue, 01 Oct 2019 16:24:30 -0400, Warren Kumari said: > "More concretely, the experiment in Chrome 78 will **check if the > user’s current DNS provider** is among a list of DoH-compatible > providers, and upgrade to the equivalent DoH service **from the same > provider**. If the DNS provider isn

Re: This DNS over HTTP thing

On Wed, 02 Oct 2019 01:55:13 -0600, "Keith Medcalf" said: > It is a common fallacy that TLS connections are authenticated. The vast > majority of them are not authenticated in any meaningful fashion and all that > can be said about TLS is that it provides an encrypted connection between the > two

Re: IPv6 Pain Experiment

On Thu, 03 Oct 2019 20:11:23 +0100, Alan Buxey said: > trivial-ish (these days) - you have so much choice...and eventually > decent routers doing SLAAC will finally be able to serve > other details such as DNS/time/etc via SLAAC - servers? give them Well... if you want that... > that gets me on

Re: Update to BCP-38?

On Thu, 03 Oct 2019 15:28:30 -0600, "Keith Medcalf" said: > On Thursday, 3 October, 2019 11:50, Fred Baker > wrote: > > A security geek would be all over me - "too many clues!". > Anyone who says something like that is not a "security geek". They are a > "security poser", interested primarily i

Re: Update to BCP-38?

On Fri, 04 Oct 2019 08:20:22 +0900, Masataka Ohta said: > As for requirements for IPv6 routers, how do you think about the > following requirement by rfc4443? 3 Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) Specification. A. Conta, S. Deering, M. G

Re: Update to BCP-38?

On Sat, 05 Oct 2019 07:01:58 +0900, Masataka Ohta said: > One of a stupidity, among many, of IPv6 is that it assumes > links have millions or billions of mostly immobile hosts Can somebody hand me a match? There's a straw man argument that needs to be set afire here. pgp1MMtG4U3Ba.pgp Descrip

Re: IPv6 Pain Experiment

On Sun, 06 Oct 2019 17:47:24 -0400, b...@theworld.com said: > All a strictly IPv4 only host/router would need to understand in that > case is the IHL, which it does already, and how to interpret whatever > flag/option is used to indicate the presence of additional address > bits mostly to ignore i

Re: IPv6 Pain Experiment

On Mon, 07 Oct 2019 03:03:45 -0400, Rob McEwen said: > Likewise for spam filtering - spam filtering would be knocked back to > the stone ages if IPv4 disappeared overnight. IPv6 is a spam sender's > dream come true, since IPv6 DNSBLs are practically worthless. Riddle me this: Why then have spamme

Re: Update to BCP-38?

On Tue, 08 Oct 2019 11:53:33 -0600, "Keith Medcalf" said: > So while the cost of doing the thing may be near-zero, it is not zero. And in fact, there's more than just the costs of doing it. There's also the costs of having done it. Obfuscating your OpenSSH versions is a *really* good way to mak

Re: IPv6 Pain Experiment

On Tue, 08 Oct 2019 19:12:30 -, Nicholas Warren said: > Sweet deals, would you kindly share your vendor? Well, I just type "128G DIMM" into google, and the very first hit tells me that I can get a 128G DIMM for $1,398, that and 8 DiMM slots gets me to 1T just over $11K. If I have 16 DIMM sl

Re: IPv6 Pain Experiment

On Wed, 09 Oct 2019 18:51:12 +0900, Masataka Ohta said: > Owen DeLong wrote: > > Yes, thanks for yet another condescending comment proving that > > you completely missed the point of my post. It's always a pleasure. > You should really feel indebted to me because it's not a pleasure > for me to a

Re: worse than IPv6 Pain Experiment

On Wed, 09 Oct 2019 17:43:00 -0400, b...@theworld.com said: > URLs are an obvious candidate to consider because they're in use, seem > to basically work to identify routing endpoints, and are far from a > random, out of thin air, choice. So explain in detail how a router gets from "URL" to "which

Re: "Using Cloud Resources to Dramatically Improve Internet Routing"

On Fri, 11 Oct 2019 12:02:30 +0200, Warren Kumari said: > I haven't found the actual work that is being referenced here, and I > *am* quite skeptical based upon the title / premise -- but, I suspect > (well, hope) that this is just another instance of complex technical > material being munged by m

Re: IP Geolocation

On Wed, 16 Oct 2019 12:50:17 -, Ryland Kremeier said: > >I believe we have found 1 customer that is infected with a botnet or malware. > I've dealt with plenty of botnets working as a repair technician in the past > but never had one change the public IP address of the user. Not entirely sure

Re: Request comment: list of IPs to block outbound

On Wed, 23 Oct 2019 09:09:05 -0600, Grant Taylor via NANOG said: > > Easing the operation of CGN at scale serves no purpose except stalling > > necessary change. It is like installing an electric blanket to cure the > > chill from bed-wetting. > > Much like humans can move passenter plains, even an

Re: Russian government’s disconnection test

On Sat, 02 Nov 2019 14:49:58 -0400, Christopher Morrow said: > I think the disconnect idea is actually a good one... I don't know > that I want to DO IT, but :) it certainly seems like a reasonable > disaster recovery planning exercise :) (likely doing it is the only > way to really suss out the pr

Re: all major US carriers received text messages overnight that appear to have been sent around Valentine's Day 2019

On Fri, 08 Nov 2019 11:23:17 -0800, Jared Geiger said: > What likely happened is that messages were queued on host to go out, SMPP > binds go down, queue fills up, host crashes. Then someone realizes the host > is down and brings it back up and the queue empties when the load is low. What I've se

Re: Disney+ Streaming

On Tue, 12 Nov 2019 14:58:34 -0500, "Brian J. Murrell" said: > I guess the question is, will Disney content compel users who are not > already streaming to start streaming? I can foresee a lot of families subscribing to Netflix *and* Disney+ because neither one has all the content the family want

Re: Hulu thinks all my IP addresses are "business class", how to reach them?

On Tue, 19 Nov 2019 13:39:56 -0500, Tom Beecher said: > They are essentially equating 'business' with 'VPN provider'. Not at all surprised. Many moons ago, I had a Tor *relay* running on one machine in my home network, and Hulu decided that my connections from a *different* home machine were "VP

Re: RIPE our of IPv4

On Tue, 26 Nov 2019 06:46:52 +1100, Mark Andrews said: > > On 26 Nov 2019, at 03:53, Dmitry Sherman wrote: > > > >  I believe it’s Eyeball network’s matter to free IPv4 blocks and > > move to v6. > It requires both sides to move to IPv6. Why should the cost of maintaining > working netwo

Re: replaying captured traffic

On Tue, 26 Nov 2019 13:29:21 -0500, harbor235 said: > I am with you on the easy google fu, however, weeding through the > challenges and a real implementation I was hoping to leverage some > lessons learned and best practices. Well, it's going to depend a *lot* on why exactly you're doing the rep

Re: RIPE our of IPv4

On Fri, 29 Nov 2019 23:26:04 -0500, Brandon Martin said: > definitely the lagging factor, here. I suspect it's at least partially > because high-ratio NAT44 has been the norm for enterprise deployments > for some time, and, among those who might otherwise be willing to > support first-class dual

Re: RIPE our of IPv4

On Sat, 30 Nov 2019 13:47:36 -0800, Matthew Kaufman said: > User apps prefer IPv6, Netflix stops, users complain And fallback to IPv4 fails to happen, why, exactly? pgphoWWsRXmVA.pgp Description: PGP signature

Re: RIPE our of IPv4

On Mon, 02 Dec 2019 11:04:24 -0800, Fred Baker said: > > I believe that Dmitry's point is that we will still require IPv4 addresses > > for new > > organizations deploying dual-stack > > I think I understood what you meant, but not what you said. > If someone is dual stack, they are IPv6-capable

Re: RIPE our of IPv4

On Tue, 03 Dec 2019 14:12:27 +1100, Mark Andrews said: > Email is often out sourced so you don’t need your own IPv4 addresses for > that. > Then there is in the cloud for other services, again you don’t need your > own IPv4 > addresses. Are you seriously trying to say "If you're a new compa

Re: RIPE our of IPv4

On Wed, 04 Dec 2019 07:47:25 +1100, Mark Andrews said: > Why not use someone else’s IPv4 addresses? Really. What is wrong with > using > someone else’s IPv4 addresses if it achieves the need? As far as I can tell > nothing. Other than the fact that a /24 is being advertised out of one AS

Re: RIPE our of IPv4

On Tue, 03 Dec 2019 14:58:59 -0800, FREDERICK BAKER said: > I think he is saying that companies like Reliance JIO have started with a /22 > of IPv4 and a /32 (or more) of IPv6, As I said - you need IPv4 space to dual-stack. How does Reliance do this without any v4 address space? pgpZzt54PJqbb.p

Re: Software Defined Networks

On Wed, 04 Dec 2019 17:56:10 +, Rod Beck said: > Can someone explain what is all the fuss? SDN is like the latest telecom > craze but the articles do a poor job of explaining the advantages. I seek > concrete examples. It's called the "cycle of reincarnation". Way back when, a "router" was a

Re: Elephant in the room - Akamai

On Thu, 05 Dec 2019 14:41:30 -0600, "Aaron Gould" said: > Tarko. wow, gaming again ! It's not going away. gaming traffic is growing > in a big way it seems. And it's only going to get worse. Sony has already announced that the Playstation 5 will have a (probably) 1-2 terabyte SSD. And even wit

Re: Elephant in the room - Akamai

On Thu, 05 Dec 2019 14:18:07 -0800, Michael Thomas said: > My suspicion is that the root problem was buffer bloat -- i flashed a > new router with openwrt and was a little dismayed that the bufferbloat > code is a plugin you have to enable. The buffer bloat got a lot better Friends don't let frie

Re: Short-circuited traceroutes on FIOS

On Wed, 11 Dec 2019 19:26:09 +0200, Saku Ytti said: > On Wed, 11 Dec 2019 at 19:14, Rob Foehl wrote: > > > Support claims that it was a mistake, but it's also been 15+ months and > > it's pretty deliberate behavior. Draw your own conclusions... > > TTL decrement issues are fairly common across mu

Re: Software Defined Networks

On Thu, 12 Dec 2019 18:47:29 -0800, Large Hadron Collider said: > Tcl still exists, though I don't think they use it for this anymore. At least on Fedora, expect 5.45.4 is linked against libtcl8.6.so. pgpW5_X20d9ag.pgp Description: PGP signature

Re: FCC proposes $10 Million fine for spoofed robocalls

On Thu, 19 Dec 2019 13:59:00 -0800, Jeff Shultz said: > I've occasionally thought that a tactical air strike on a couple of > call centers might just convince the others of the errors of their > ways. Having a US-owned A10 strafe a Philippines-based call center is probably a bad idea diplomatical

Re: FCC proposes $10 Million fine for spoofed robocalls

On Thu, 19 Dec 2019 16:02:42 -0700, "Keith Medcalf" said: > That stupid people do stupid things has no bearing on me. If there is a > legal requirement for these people to be "notifying" then they are required to > notify. > I do not want to receive robocalls period. End of Line. No Exception.

Re: FCC proposes $10 Million fine for spoofed robocalls

On Fri, 20 Dec 2019 00:14:33 -0800, Large Hadron Collider said: > Is it legally a spoofed robo-call if I robo-call someone who has > consented to be robo-called, with the caller-ID of a number that is > affiliated with me but not with the telco I'm calling from? Every 8 weeks, the vampires at the

<    1   2