Re: We hit half-million: The Cidr Report
On 29 Apr 2014, at 12:39 pm, valdis.kletni...@vt.edu wrote: On Mon, 28 Apr 2014 21:59:43 -0400, Patrick W. Gilmore said: On Apr 28, 2014, at 19:41, Chris Boyd cb...@gizmopartners.com wrote: I'm in the middle of a physical move. I promise I'll take the 3 deagg'd /24s out as soon as I can. Do not laugh. If everyone who had 3 de-agg'ed prefixes fixed it, the table would drop precipitously. We all have to do our part. Do we have a handle on what percent of the de-aggrs are legitimate attempts at TE, and what percent are just whoopsies that should be re-aggregated? I made a shot at such a number in a presentation to NANOG in Feb this year (http://www.potaroo.net/presentations/2014-02-09-bgp2013.pdf) If you assume that Traffic Engineering more specifics share a common origin AS with the covering aggregate, then around 26% of more specifics are TE advertisements. This number (as a percentage) has gwon by 5% over the past three years If you assume that Hole Punching more specifics are more specifics that use a different origin AS, then these account for 30% of the more specifics in today's routing table. This number has fallen by 5% over the past three years. The remainder of the prefixes (45%) shares the same origin AS and the same path. The could be TE prefixes, but as they are identical to their covering aggregate its hard to appreciate exactly what the engineering intent may be. I could make a wild guess and call these 45% of more specifics to be an act of senseless routing vandalism. ( :-) ) This number has been steady as a % for the past three years. Interestingly, it's the hole punching more specifics that are less stable, and the senseless routing vandalism more specifics that are more stable than the average. thanks, Geoff
Re: Question for service providers regarding tenant use of public IPv4 on your infrastructure
On 4/28/2014 4:18 PM, Cliff Bowles wrote: (accidentally sent this to nanog-request earlier, sorry if there is a double post) We are an enterprise and we do not yet have a sophisticated service-provider model yet for billing, capacity-management, or infrastructure consumption. We have a few vBlocks that we consume internally for IT/business needs. Recently, the decision was made to start offering our infrastructure to partner businesses to deploy their apps on, which will then be made available to their customers. The ingress/egress, the virtualization and even the orchestration part are essentially covered. We've tackled the security part as well. However, we have some tenants that want to egress to the internet locally rather than backhaul the traffic to their premise. Naturally, we could ask each tenant to provide their own internet for this, but the business wants to explore a dedicated, customer-only internet and chargeback/showback. My question is: how are cloud providers handling the use of their IP space when they don't have full control over what their tenants are doing? More specifically, if you own a large block of IPs, how do you prevent business impact (or other tenant impact) if one tenant does something that causes an upstream ISP to blacklist/block? We don't want to put more controls in path between the tenant and the internet, we just want to know how to manage upstream relations. If you're allocating individual customers their own subnets, make sure you report these allocations to ARIN (via SWIP). This will make the whois results more accurate, so you'll hopefully just end up with the individual customer getting blacklisted, rather then your entire range. Make sure you actually respond to abuse complaints in a timely fashion. If you're actually responsive to abuse complaints, it's a lot less likely you'll end up with all of your subnets blacklisted. I'm guessing Amazon and other similar providers have some arrangements with peering ISPs and law-enforcement to ensure that there is consultation before action is taken? I doubt it. Most of Amazon's EC2 IP ranges are on various blacklists. There's really no feasible way for them to keep all their IPs off blacklists, so I suspect they've just given up trying. Or do ISPs put some level of security between their tenants and the internet to prevent this? I've been told that the majority do not have any intelligent filtering beyond bogon-lists. I'd imagine that would cause huge operational overhead and frustrate the tenants. You should try to block whatever abuse you can, especially if you're going to be offering 'cloud' servers to the public. Get some routine security scans going (start off with the basics, look for open resolvers, vulnerable NTP servers, open chargen servers, SNMP servers with default communities) and alert your customers whenever you detect something. It should go without saying, but make sure your users cannot spoof IP addresses.
Re: We hit half-million: The Cidr Report
The remainder of the prefixes (45%) shares the same origin AS and the same path. The could be TE prefixes, but as they are identical to their covering aggregate its hard to appreciate exactly what the engineering intent may be. I could make a wild guess and call these 45% of more specifics to be an act of senseless routing vandalism. ( :-) ) This number has been steady as a % for the past three years. This could easily be TE, and a type of TE which would be trivially fixed. Let's take a simple example of a network with a /22 and 4 POPs. They have the same transit provider(s) at all 4 POPs and a small backbone to connect them. Each POP gets a /24. A not-ridiculous way to force their transit provider to carry bits instead of clogging their backbone while still ensuring redundancy would be to announce the /22 at all four POPs and the individual /24 at each individual POP. This creates four /24s and a covering /22 with exactly the same path, but still has use as TE. Of course, it would be trivial for the network to clean up their act by attacking no-export to the /24s. But some people either do not know it exists, know how it works, or know BGP well enough to understand it would not harm them. Or maybe they are just lazy: What's 3 extra prefixes in half a million? The answer to the last question is, frankly, nothing. But 3 prefixes for 30K ASNs is an ass-ton. (That's a technical term meaning lots lots.) This is a good time for a marketing effort. Let's see if we can get the table back under 500K. Everyone check your announcements. Are you announcing more specifics and a covering aggregate with the same path? Can you delete the more specific? Can you add no-export or another community to keep the more specifics from the global table? If you are unsure, ask. I think it would be rather awesome if we saw a quick reversal in table growth and went back under 500K, even if it was short lived. ESPECIALLY if we can do it before we hit 512K prefixes. Would prove the community still cares about, well, the community, not just their own network. Because on the Internet, your network is part of the community, and things that harm the latter do harm the former, even if it is difficult for you to see sometimes. Who will be the first to pull back a few prefixes? -- TTFN, patrick On Apr 29, 2014, at 03:31 , Geoff Huston g...@apnic.net wrote: On 29 Apr 2014, at 12:39 pm, valdis.kletni...@vt.edu wrote: On Mon, 28 Apr 2014 21:59:43 -0400, Patrick W. Gilmore said: On Apr 28, 2014, at 19:41, Chris Boyd cb...@gizmopartners.com wrote: I'm in the middle of a physical move. I promise I'll take the 3 deagg'd /24s out as soon as I can. Do not laugh. If everyone who had 3 de-agg'ed prefixes fixed it, the table would drop precipitously. We all have to do our part. Do we have a handle on what percent of the de-aggrs are legitimate attempts at TE, and what percent are just whoopsies that should be re-aggregated? I made a shot at such a number in a presentation to NANOG in Feb this year (http://www.potaroo.net/presentations/2014-02-09-bgp2013.pdf) If you assume that Traffic Engineering more specifics share a common origin AS with the covering aggregate, then around 26% of more specifics are TE advertisements. This number (as a percentage) has gwon by 5% over the past three years If you assume that Hole Punching more specifics are more specifics that use a different origin AS, then these account for 30% of the more specifics in today's routing table. This number has fallen by 5% over the past three years. The remainder of the prefixes (45%) shares the same origin AS and the same path. The could be TE prefixes, but as they are identical to their covering aggregate its hard to appreciate exactly what the engineering intent may be. I could make a wild guess and call these 45% of more specifics to be an act of senseless routing vandalism. ( :-) ) This number has been steady as a % for the past three years. Interestingly, it's the hole punching more specifics that are less stable, and the senseless routing vandalism more specifics that are more stable than the average. thanks, Geoff
RE: We hit half-million: The Cidr Report
Already working on aggregating as much as I can. I was checking my tables the other day and I think I saw another provider advertising their /18 as /24s, it made me sick. -- Kate Gerry Network Manager k...@quadranet.com 1-888-5-QUADRA Ext 206 | www.QuadraNet.com Dedicated Servers, Colocation, Cloud Services and more. Datacenters in Los Angeles, Dallas and Miami. Follow us on: -Original Message- From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Patrick W. Gilmore Sent: Tuesday, April 29, 2014 9:23 AM To: NANOG list Subject: Re: We hit half-million: The Cidr Report The remainder of the prefixes (45%) shares the same origin AS and the same path. The could be TE prefixes, but as they are identical to their covering aggregate its hard to appreciate exactly what the engineering intent may be. I could make a wild guess and call these 45% of more specifics to be an act of senseless routing vandalism. ( :-) ) This number has been steady as a % for the past three years. This could easily be TE, and a type of TE which would be trivially fixed. Let's take a simple example of a network with a /22 and 4 POPs. They have the same transit provider(s) at all 4 POPs and a small backbone to connect them. Each POP gets a /24. A not-ridiculous way to force their transit provider to carry bits instead of clogging their backbone while still ensuring redundancy would be to announce the /22 at all four POPs and the individual /24 at each individual POP. This creates four /24s and a covering /22 with exactly the same path, but still has use as TE. Of course, it would be trivial for the network to clean up their act by attacking no-export to the /24s. But some people either do not know it exists, know how it works, or know BGP well enough to understand it would not harm them. Or maybe they are just lazy: What's 3 extra prefixes in half a million? The answer to the last question is, frankly, nothing. But 3 prefixes for 30K ASNs is an ass-ton. (That's a technical term meaning lots lots.) This is a good time for a marketing effort. Let's see if we can get the table back under 500K. Everyone check your announcements. Are you announcing more specifics and a covering aggregate with the same path? Can you delete the more specific? Can you add no-export or another community to keep the more specifics from the global table? If you are unsure, ask. I think it would be rather awesome if we saw a quick reversal in table growth and went back under 500K, even if it was short lived. ESPECIALLY if we can do it before we hit 512K prefixes. Would prove the community still cares about, well, the community, not just their own network. Because on the Internet, your network is part of the community, and things that harm the latter do harm the former, even if it is difficult for you to see sometimes. Who will be the first to pull back a few prefixes? -- TTFN, patrick On Apr 29, 2014, at 03:31 , Geoff Huston g...@apnic.net wrote: On 29 Apr 2014, at 12:39 pm, valdis.kletni...@vt.edu wrote: On Mon, 28 Apr 2014 21:59:43 -0400, Patrick W. Gilmore said: On Apr 28, 2014, at 19:41, Chris Boyd cb...@gizmopartners.com wrote: I'm in the middle of a physical move. I promise I'll take the 3 deagg'd /24s out as soon as I can. Do not laugh. If everyone who had 3 de-agg'ed prefixes fixed it, the table would drop precipitously. We all have to do our part. Do we have a handle on what percent of the de-aggrs are legitimate attempts at TE, and what percent are just whoopsies that should be re-aggregated? I made a shot at such a number in a presentation to NANOG in Feb this year (http://www.potaroo.net/presentations/2014-02-09-bgp2013.pdf) If you assume that Traffic Engineering more specifics share a common origin AS with the covering aggregate, then around 26% of more specifics are TE advertisements. This number (as a percentage) has gwon by 5% over the past three years If you assume that Hole Punching more specifics are more specifics that use a different origin AS, then these account for 30% of the more specifics in today's routing table. This number has fallen by 5% over the past three years. The remainder of the prefixes (45%) shares the same origin AS and the same path. The could be TE prefixes, but as they are identical to their covering aggregate its hard to appreciate exactly what the engineering intent may be. I could make a wild guess and call these 45% of more specifics to be an act of senseless routing vandalism. ( :-) ) This number has been steady as a % for the past three years. Interestingly, it's the hole punching more specifics that are less stable, and the senseless routing vandalism more specifics that are more stable than the average. thanks, Geoff
Re: What Net Neutrality should and should not cover
On Apr 28, 2014, at 12:13 PM, Miles Fidelman mfidel...@meetinghouse.net wrote: Barry Shein wrote: I think the problem is simply a lack of competition and the rise of, in effect, vertical trusts. That is, content providers also controlling last-mile services. What exists is rife with conflict of interest and unfair market power. Particularly in that wire-plants are generally protected monopolies or small-N oligopolies. The wire-plant* operators and content providers need to be separated and competition needs to be mandated by allowing easy and fair access to wire-plants. Wire-plant operators should be closely regulated. Content providers should not, in general, be regulated. * Which of course may not involve any actual wires but it's a term of art, L1/L2 if you prefer. I kind of think Layer 3 - metropolitan area IP carriage seems to be where the issues converge. Somehow the notion of multiple IP providers, operating across unbundled fiber, doesn’t seem to work out in practice. It’s working quite well in areas where it’s been tried in earnest. Yes, there are a few municipal networks that provide Ethernet VPNs as the basic block of unbundled service - with multiple players providing various Internet (IP), video, and voice services on their own VPNs; and there are some networks, particularly in Canada, where the unit of unbundling is a wavelength, on a common fiber/conduit plant; but in most cases, economies of scale seem to dictate a single IP-layer fabric for a geographic area. (Think campus and enterprise networks.) If you build out a fiber plant with home runs to colocation facilities where providers can meet subscriber lines, the economies of scale can generally work and do in some areas. While active ethernet to the subscriber isn’t necessarily viable, GPON with the splitter at the MMR is just as viable as GPON with the splitter in the neighborhood. This was, in fact, discussed at length a while back on this very list. Owen
Re: We hit half-million: The Cidr Report
At one time Covad stated they announce everything as /24 to make hijacking more difficult. Looks like Covad (now MEGAPATH) hasn't changed that policy. On 4/29/2014 12:29 PM, Kate Gerry wrote: Already working on aggregating as much as I can. I was checking my tables the other day and I think I saw another provider advertising their /18 as /24s, it made me sick. -- Kate Gerry Network Manager k...@quadranet.com 1-888-5-QUADRA Ext 206 | www.QuadraNet.com Dedicated Servers, Colocation, Cloud Services and more. Datacenters in Los Angeles, Dallas and Miami. Follow us on: -Original Message- From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Patrick W. Gilmore Sent: Tuesday, April 29, 2014 9:23 AM To: NANOG list Subject: Re: We hit half-million: The Cidr Report The remainder of the prefixes (45%) shares the same origin AS and the same path. The could be TE prefixes, but as they are identical to their covering aggregate its hard to appreciate exactly what the engineering intent may be. I could make a wild guess and call these 45% of more specifics to be an act of senseless routing vandalism. ( :-) ) This number has been steady as a % for the past three years. This could easily be TE, and a type of TE which would be trivially fixed. Let's take a simple example of a network with a /22 and 4 POPs. They have the same transit provider(s) at all 4 POPs and a small backbone to connect them. Each POP gets a /24. A not-ridiculous way to force their transit provider to carry bits instead of clogging their backbone while still ensuring redundancy would be to announce the /22 at all four POPs and the individual /24 at each individual POP. This creates four /24s and a covering /22 with exactly the same path, but still has use as TE. Of course, it would be trivial for the network to clean up their act by attacking no-export to the /24s. But some people either do not know it exists, know how it works, or know BGP well enough to understand it would not harm them. Or maybe they are just lazy: What's 3 extra prefixes in half a million? The answer to the last question is, frankly, nothing. But 3 prefixes for 30K ASNs is an ass-ton. (That's a technical term meaning lots lots.) This is a good time for a marketing effort. Let's see if we can get the table back under 500K. Everyone check your announcements. Are you announcing more specifics and a covering aggregate with the same path? Can you delete the more specific? Can you add no-export or another community to keep the more specifics from the global table? If you are unsure, ask. I think it would be rather awesome if we saw a quick reversal in table growth and went back under 500K, even if it was short lived. ESPECIALLY if we can do it before we hit 512K prefixes. Would prove the community still cares about, well, the community, not just their own network. Because on the Internet, your network is part of the community, and things that harm the latter do harm the former, even if it is difficult for you to see sometimes. Who will be the first to pull back a few prefixes? -- TTFN, patrick On Apr 29, 2014, at 03:31 , Geoff Huston g...@apnic.net wrote: On 29 Apr 2014, at 12:39 pm, valdis.kletni...@vt.edu wrote: On Mon, 28 Apr 2014 21:59:43 -0400, Patrick W. Gilmore said: On Apr 28, 2014, at 19:41, Chris Boyd cb...@gizmopartners.com wrote: I'm in the middle of a physical move. I promise I'll take the 3 deagg'd /24s out as soon as I can. Do not laugh. If everyone who had 3 de-agg'ed prefixes fixed it, the table would drop precipitously. We all have to do our part. Do we have a handle on what percent of the de-aggrs are legitimate attempts at TE, and what percent are just whoopsies that should be re-aggregated? I made a shot at such a number in a presentation to NANOG in Feb this year (http://www.potaroo.net/presentations/2014-02-09-bgp2013.pdf) If you assume that Traffic Engineering more specifics share a common origin AS with the covering aggregate, then around 26% of more specifics are TE advertisements. This number (as a percentage) has gwon by 5% over the past three years If you assume that Hole Punching more specifics are more specifics that use a different origin AS, then these account for 30% of the more specifics in today's routing table. This number has fallen by 5% over the past three years. The remainder of the prefixes (45%) shares the same origin AS and the same path. The could be TE prefixes, but as they are identical to their covering aggregate its hard to appreciate exactly what the engineering intent may be. I could make a wild guess and call these 45% of more specifics to be an act of senseless routing vandalism. ( :-) ) This number has been steady as a % for the past three years. Interestingly, it's the hole punching more specifics that are less stable, and the senseless routing vandalism more specifics that are more stable than the average. thanks, Geoff
Re: We hit half-million: The Cidr Report
There are many actually doing this, to be honest. From the top of my head, in the greater Dallas area, 54540 comes to mind. http://bgp.he.net/AS54540#_asinfo For large ASNs like these, aggregation would really help the table size. That said, working on reducing our own as well. On 4/29/2014 10:29 PM, Kate Gerry wrote: Already working on aggregating as much as I can. I was checking my tables the other day and I think I saw another provider advertising their /18 as /24s, it made me sick. -- Kate Gerry Network Manager k...@quadranet.com 1-888-5-QUADRA Ext 206 | www.QuadraNet.com Dedicated Servers, Colocation, Cloud Services and more. Datacenters in Los Angeles, Dallas and Miami. Follow us on: -Original Message- From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Patrick W. Gilmore Sent: Tuesday, April 29, 2014 9:23 AM To: NANOG list Subject: Re: We hit half-million: The Cidr Report The remainder of the prefixes (45%) shares the same origin AS and the same path. The could be TE prefixes, but as they are identical to their covering aggregate its hard to appreciate exactly what the engineering intent may be. I could make a wild guess and call these 45% of more specifics to be an act of senseless routing vandalism. ( :-) ) This number has been steady as a % for the past three years. This could easily be TE, and a type of TE which would be trivially fixed. Let's take a simple example of a network with a /22 and 4 POPs. They have the same transit provider(s) at all 4 POPs and a small backbone to connect them. Each POP gets a /24. A not-ridiculous way to force their transit provider to carry bits instead of clogging their backbone while still ensuring redundancy would be to announce the /22 at all four POPs and the individual /24 at each individual POP. This creates four /24s and a covering /22 with exactly the same path, but still has use as TE. Of course, it would be trivial for the network to clean up their act by attacking no-export to the /24s. But some people either do not know it exists, know how it works, or know BGP well enough to understand it would not harm them. Or maybe they are just lazy: What's 3 extra prefixes in half a million? The answer to the last question is, frankly, nothing. But 3 prefixes for 30K ASNs is an ass-ton. (That's a technical term meaning lots lots.) This is a good time for a marketing effort. Let's see if we can get the table back under 500K. Everyone check your announcements. Are you announcing more specifics and a covering aggregate with the same path? Can you delete the more specific? Can you add no-export or another community to keep the more specifics from the global table? If you are unsure, ask. I think it would be rather awesome if we saw a quick reversal in table growth and went back under 500K, even if it was short lived. ESPECIALLY if we can do it before we hit 512K prefixes. Would prove the community still cares about, well, the community, not just their own network. Because on the Internet, your network is part of the community, and things that harm the latter do harm the former, even if it is difficult for you to see sometimes. Who will be the first to pull back a few prefixes? -- TTFN, patrick On Apr 29, 2014, at 03:31 , Geoff Huston g...@apnic.net wrote: On 29 Apr 2014, at 12:39 pm, valdis.kletni...@vt.edu wrote: On Mon, 28 Apr 2014 21:59:43 -0400, Patrick W. Gilmore said: On Apr 28, 2014, at 19:41, Chris Boyd cb...@gizmopartners.com wrote: I'm in the middle of a physical move. I promise I'll take the 3 deagg'd /24s out as soon as I can. Do not laugh. If everyone who had 3 de-agg'ed prefixes fixed it, the table would drop precipitously. We all have to do our part. Do we have a handle on what percent of the de-aggrs are legitimate attempts at TE, and what percent are just whoopsies that should be re-aggregated? I made a shot at such a number in a presentation to NANOG in Feb this year (http://www.potaroo.net/presentations/2014-02-09-bgp2013.pdf) If you assume that Traffic Engineering more specifics share a common origin AS with the covering aggregate, then around 26% of more specifics are TE advertisements. This number (as a percentage) has gwon by 5% over the past three years If you assume that Hole Punching more specifics are more specifics that use a different origin AS, then these account for 30% of the more specifics in today's routing table. This number has fallen by 5% over the past three years. The remainder of the prefixes (45%) shares the same origin AS and the same path. The could be TE prefixes, but as they are identical to their covering aggregate its hard to appreciate exactly what the engineering intent may be. I could make a wild guess and call these 45% of more specifics to be an act of senseless routing vandalism. ( :-) ) This number has been steady as a % for the past three years. Interestingly, it's the hole punching more specifics that are less stable, and the
Re: The FCC is planning new net neutrality rules. And they could enshrine pay-for-play. - The Washington Post
- Original Message - From: Owen DeLong o...@delong.com What is absolutely contrary to the public interest is allowing $CABLECO to leverage their position as a monopoly or oligopoly ISP to create an operational disadvantage in access for that competing product. I was with you right up til here. The so-called “internet fast lane” is a euphemism for allowing $CABLECO to put competing video products into a newly developed slow-lane while limiting the existing path to their own products and those content providers that are able to and choose to pay these additional fees. So, how do you explain, and justify -- if you do -- cablecos who use IPTV to deliver their mainline video, and supply VoIP telephone... and use DOCSIS to put that traffic on separate pipes to the end terminal from their IP service, an advantage which providers who might compete with them don't have -- *even*, I think, if they are FCC mandated alternative IP providers who get aggregated access to the cablemodem, as do Earthlink and the local Internet Junction in my market, which can (at least in theory) still be provisioned as your cablemodem supplier for Bright House (Advance/Newhouse) customers. Those are fast lanes for TV and Voice traffic, are they not? They are (largely) anticompetitive, and unavailable to other providers. Cheers, -- jra -- Jay R. Ashworth Baylink j...@baylink.com Designer The Things I Think RFC 2100 Ashworth Associates http://www.bcp38.info 2000 Land Rover DII St Petersburg FL USA BCP38: Ask For It By Name! +1 727 647 1274
dedicated server providers in Mexico?
Hi everyone, I am currently not happy with out MX server provider, and so, inquiring with anyone that can give a recommendation based on experience? I found this list via google. http://www.webhostingsearch.com/dedicated-server/mexico.php I wondering if anyone can speak to any of the providers on this list (outside of 1n1). offlist.. Feedback as always greatly appreciated. Cheers, Carlos.
Re: dedicated server providers in Mexico?
I have no experience with dedicated hosting providers in Mexico, but that list is incorrect. I know that Steadfast does not have servers located in Mexico. I believe other providers are also incorrectly listed. You should search for providers on Web Hosting Talk, http://www.webhostingtalk.com Regards, Jason On 4/29/14, 2:06 PM, Carlos Kamtha wrote: Hi everyone, I am currently not happy with out MX server provider, and so, inquiring with anyone that can give a recommendation based on experience? I found this list via google. http://www.webhostingsearch.com/dedicated-server/mexico.php I wondering if anyone can speak to any of the providers on this list (outside of 1n1). offlist.. Feedback as always greatly appreciated. Cheers, Carlos.
Re: The FCC is planning new net neutrality rules. And they could enshrine pay-for-play. - The Washington Post
On 14-04-29 13:48, Jay Ashworth wrote: So, how do you explain, and justify -- if you do -- cablecos who use IPTV to deliver their mainline video, and supply VoIP telephone... In Canada, our net neutrality rules are called the ITMP, for Internet Traffic Management Practices which occured as a result of Bell Canada throttling P2P and then wanting to charge UBB *solely to manage traffic* (since the UBB rates had nothing to do with costs, they had to do with moderating usage to reduce congestion). The ITMP rules as well as section 27(2) of the Telecommunications Act prevent undue preference and basically states thart if if apply an ITMP (either throttling or UBB) it must be applied evenly to all content. The apply evenly was even argued by the incumbents who stated that everyonr had to pay the same UBB rate for all access in order to ensure that the UBB ITMP plays an equal role in moderating usage. (users with ower UBB rates or with some content exempt would then use mroe of the network capacity and cause disproporaionate congestion which would hurt those paying the higher UBB rates) When an incumbent argues that its *broadcasting* service is on different capacity and does not cause congestion to the telecom side of things, then the broadcasting service does not have to play by those rules. In the case of cablecos, their TV service uses different frequencies on the coax, so they do not affect data transfers. For Telcos, in the case of Bell, proper use of semantics and propaganda convinced the CRTC that it FibeTV service was on totally different network capacity right up to the DSLAM, and since there was no congestion on the DSL last copper mile, the fact that the two shared the last mile didn't matter because the congestion happened in the aggregation network where FibeTV was already on a separate network. So both cablecos and telcos get their wireline broadcasting execpt from the net neutrality rules in Canada. Currently, there is a complaint about wireless TV where the incumbents do not charge UBB for their own TV service, while charging UBB for competing services such as Netflix, or accessing content from a TV station's web site etc. In the last round, they basically admitted that in the case of wireless, those service co-exist with other internet traffic on the same pipe to the handsets. The TV on mobile phones is the first true test of network neutrality under the 2009 ITMP rules. Previous complaints had to do with fautly throttling which singled out certain applications like games. The Mobile TV service is one where the incumbents give their own TV service an undue preference. Bell Canada argues that because their TV service is broadcasting, it is under a different law (Boradcasting Act) and not bound by ITMP rules.
Re: The FCC is planning new net neutrality rules. And they could enshrine pay-for-play. - The Washington Post
It was pointed out privately to me that I may have caused some confusion here with my variable substitution. $BB_provider was intended to be BroadBand provider, *not* BackBone provider, as some people have (understandably) misread it. So--to clarify, this was not meant as any type of characterization of backbone providers, but rather of broadband providers. I hope this helps clear up any confusion. Thanks! Matt On Sun, Apr 27, 2014 at 11:44 AM, Matthew Petach mpet...@netflight.comwrote: On Thu, Apr 24, 2014 at 5:15 AM, Patrick W. Gilmore patr...@ianai.netwrote: Anyone afraid what will happen when companies which have monopolies can charge content providers or guarantee packet loss? In a normal free market, if two companies with a mutual consumer have a tiff, the consumer decides which to support. Where I live, I have one broadband provider. If they get upset with, say, a streaming provider, I cannot choose another BB company because I like the streaming company. I MUST pick another streaming company, as that is the only thing I can choose. [I speak only for myself here; any use of the word we should be taken to represent only my sense of inclusion with the rest of humanity, and not with any commercial entity or organization. Any other characterization of the following words is patently incorrect, and grounds for possible actions, up to and including litigation. Please don't be an ass, and quote me out of context, or as representing something I'm not. Original post edited slightly, with specific entity names replaced with variables; you may do your own substitution back into the variables as you feel appropriate. --MNP] What if we turn the picture around slightly, and look at it like the negotiations between broadcast networks and cable companies? 2010's battle between Fox television and cablevision comes to mind, where the content holder blacked out access to their content for specific cable companies unless they agree to pay the demanded fees. It would be interesting to have seen $content_CEO take a hard line stance; it wouldn't be hard to send a BGP feed to video streaming servers, and if the requestor's IP was from a prefix seen behind AS$foo, put up a message informing the subscriber that their access to $company's content would cease on such-and-such a date, due to $BB_provider's unwillingness to agree to increase interconnect capacity, and that if subscribers wished to continue to see $company's content, they should consider switching to a different network provider. Basically, follow the same model News Corp used against Cablevision, Viacom used against Time Warner, or Disney used against Cablevision. How long would $BB_provider be able to hold out against the howls of its users, if there was a scrolling banner across the top of the screen during their favorite show, or favorite movie alerting them that they would soon be unable to see that content unless they switched to a different service provider? It's easy to forget that the sword can be swung both ways. Right now, $BB_provider is swinging the sharp edge at $content; but $content is not without its own influence in the market, and could swing the sword the other way, cutting back at $BB_provider. Yes, it comes at some great risk to $content, in terms of potential customer loss; but no great wins come without great risks (unless you cheat, and use the government to get you a big win at no risk--but none of us like that model). I think it's high time for content players to flex their power, and push back on the eyeball networks that attempt to use their customer base as hostages to extract additional revenue from the content being requested by their users. If the content providers simply make it clearly visible to the end users that they cannot watch the requested content on that network, or that they can only watch in reduced resolution from that network, it will have a two-fold effect: a) traffic volume from the content provider to the contentious network will be reduced, limiting the need for the upgrades in the first place, and b) customers of the provider will be informed of their status as hostage cannon fodder on the battlefield, allowing them to vote with their wallets. One could potentially even insert suggestions for alternate connectivity options they might consider into the content feed, to help the users vote with their wallets more easily. Or, provide the phone number of the local municipal office that granted the franchise rights to the BB provider, along with instructions on what to say when calling (Hi--I'm a registered voter in your district. If you'd like to get re-elected next term, you need to repeal the cable franchise agreement with broadband provider such-and-so, as their monopolistic practices are hampering my ability to freely choose what content I can consume.) We're not powerless in this fight. We
Re: dedicated server providers in Mexico?
RedIT -- Paul Norton Carlos Kamtha wrote: Hi everyone, I am currently not happy with out MX server provider, and so, inquiring with anyone that can give a recommendation based on experience? I found this list via google. http://www.webhostingsearch.com/dedicated-server/mexico.php I wondering if anyone can speak to any of the providers on this list (outside of 1n1). offlist.. Feedback as always greatly appreciated. Cheers, Carlos.
Re: We hit half-million: The Cidr Report
On Apr 28, 2014, at 6:59 PM, Patrick W. Gilmore patr...@ianai.net wrote: Composed on a virtual keyboard, please forgive typos. On Apr 28, 2014, at 19:41, Chris Boyd cb...@gizmopartners.com wrote: On Apr 28, 2014, at 2:27 AM, Andy Davidson wrote: now aggregate it back down again, please. :-) I'm in the middle of a physical move. I promise I'll take the 3 deagg'd /24s out as soon as I can. Do not laugh. If everyone who had 3 de-agg'ed prefixes fixed it, the table would drop precipitously. We all have to do our part. If everyone who had 30+ inaggregable IPv4 prefixes replaced them with 1 (or even 3) IPv6 prefixes… As a bonus, we could get rid of NAT, too. ;-) /me ducks (but you know I had to say it) Owen
Re: The FCC is planning new net neutrality rules. And they could enshrine pay-for-play. - The Washington Post
On Apr 29, 2014, at 10:48 AM, Jay Ashworth j...@baylink.com wrote: - Original Message - From: Owen DeLong o...@delong.com What is absolutely contrary to the public interest is allowing $CABLECO to leverage their position as a monopoly or oligopoly ISP to create an operational disadvantage in access for that competing product. I was with you right up til here. The so-called “internet fast lane” is a euphemism for allowing $CABLECO to put competing video products into a newly developed slow-lane while limiting the existing path to their own products and those content providers that are able to and choose to pay these additional fees. So, how do you explain, and justify -- if you do -- cablecos who use IPTV to deliver their mainline video, and supply VoIP telephone... and use DOCSIS to put that traffic on separate pipes to the end terminal from their IP service, an advantage which providers who might compete with them don't have -- *even*, I think, if they are FCC mandated alternative IP providers who get aggregated access to the cablemodem, as do Earthlink and the local Internet Junction in my market, which can (at least in theory) still be provisioned as your cablemodem supplier for Bright House (Advance/Newhouse) customers. I don’t explain it, don’t justify it, don’t support it. Those are “fast lanes for TV and Voice traffic, are they not? Carving the pipe up into lanes to begin with is kind of questionable IMHO. I realize it’s tradition, but if you think about it, it was only necessary when things were TDM/FDM. Once everything is IP, dividing the IP up among different TDM/FDM is just a way to take one large fast lane and turn it into slow lanes (some slower than others, perhaps) where some traffic can be given preferential treatment. They are (largely) anticompetitive, and unavailable to other providers. Agreed… I thought that’s what I said above. Owen
Re: We hit half-million: The Cidr Report
On 4/29/2014 2:06 PM, Owen DeLong wrote: If everyone who had 30+ inaggregable IPv4 prefixes replaced them with 1 (or even 3) IPv6 prefixes… As a bonus, we could get rid of NAT, too. ;-) /me ducks (but you know I had to say it) Yeah, just when we thought Slammer / Blaster / Nachi / Welchia / etc / etc had been eliminated by process of can't get there from here... we expose millions more endpoints... /me ducks too (but you know *I* had to say it)
Re: We hit half-million: The Cidr Report
On Tue, Apr 29, 2014 at 7:54 PM, Jeff Kell jeff-k...@utc.edu wrote: On 4/29/2014 2:06 PM, Owen DeLong wrote: If everyone who had 30+ inaggregable IPv4 prefixes replaced them with 1 (or even 3) IPv6 prefixes… As a bonus, we could get rid of NAT, too. ;-) /me ducks (but you know I had to say it) Yeah, just when we thought Slammer / Blaster / Nachi / Welchia / etc / etc had been eliminated by process of can't get there from here... we expose millions more endpoints... /me ducks too (but you know *I* had to say it) No ducking here. You forgot Nimda. Do you have an example from the last 10 years of this class ? Windows XP SP3 with a default host firewall on really did solve most of this, not NAT. Not stateful firewalls in networks. In fact, jogging my memory, i clearly remember Blaster taking out enterprise networks with network firewalls and stateful inspection... because people manually move their laptops between security zones. Right? They got infected on one LAN and then attached and spread the worm to other LANs. I also remember the folks saying we just spent $100k on a pair of super Netscreen firewalls, why is our network crashing? Right? And then the infection scanning from hacked hosts... of course, overloaded the firewall, and that crashed the entire campus... because the firewall was a single point of failure sitting on the internet boarder... and it has the 0-day flaw of too many sessions = crash. Most firewalls have this 0-day, it's a feature. This really happened to me in 2003, where a network based attack had a broad impact on hosts. But, never again after Win XP SP3. Now, i just have DDoS from purposefully publicly (poorly) run NTP and DNS servers. And, hacks from users clicking on links they know they should not click on. Oh, and anything made with Java or Adobe or IE. Those things are impossible to run securely, so secure systems don't run them. And, every now and then a server gets cracked, right through the stateful firewall... because there was a rule allowing ANY to TCP 80. CB
Re: We hit half-million: The Cidr Report
On 4/29/2014 11:37 PM, TheIpv6guy . wrote: On Tue, Apr 29, 2014 at 7:54 PM, Jeff Kell jeff-k...@utc.edu wrote: On 4/29/2014 2:06 PM, Owen DeLong wrote: If everyone who had 30+ inaggregable IPv4 prefixes replaced them with 1 (or even 3) IPv6 prefixes… As a bonus, we could get rid of NAT, too. ;-) /me ducks (but you know I had to say it) Yeah, just when we thought Slammer / Blaster / Nachi / Welchia / etc / etc had been eliminated by process of can't get there from here... we expose millions more endpoints... /me ducks too (but you know *I* had to say it) No ducking here. You forgot Nimda. Do you have an example from the last 10 years of this class ? Oh? Anything hitting portmapper (tcp/135), or CIFS (tcp/445), or RDP (tdp/3389 -- CVE-2012-0002 ring any bells?). The vulnerabilities never stop. We just stop paying attention because most of us have blocked 135-139 and 445 and 3389 at the border long ago. Now granted that 80/443 (server-side) are more dangerous these days :) But that doesn't eliminate the original risks. These are ports that were originally open by default... and if you don't have a perimeter policy, you're wrong (policy, compliance, regulation, etc). Not to mention that PCI compliance requires you are RFC1918 (non-routed) at your endpoints, but I digress... Jeff
Re: We hit half-million: The Cidr Report
On Apr 29, 2014, at 7:54 PM, Jeff Kell jeff-k...@utc.edu wrote: On 4/29/2014 2:06 PM, Owen DeLong wrote: If everyone who had 30+ inaggregable IPv4 prefixes replaced them with 1 (or even 3) IPv6 prefixes… As a bonus, we could get rid of NAT, too. ;-) /me ducks (but you know I had to say it) Yeah, just when we thought Slammer / Blaster / Nachi / Welchia / etc / etc had been eliminated by process of can't get there from here... we expose millions more endpoints... /me ducks too (but you know *I* had to say it) Pretending that endpoints are not exposed to those things with NAT is kind of like putting a screen door in front of a bank vault and saying “now safe from tornadoes”. Owen
