Re: Major Labels v. Backbones
--On Friday, August 16, 2002 10:03 PM -0400 John Ferriby <[EMAIL PROTECTED]> wrote: > If there are any legal eagles here, can a Common Carrier be a contributing > infringer? IANAL, but last I looked -- admittedly a long, long time ago -- ISPs were not afforded protection as common carriers (18 USC?), no matter how much they tried to act like them. Has this changed?
The Cidr Report
This is an auto-generated mail on Fri Aug 16 23:00:01 PDT 2002 It is not checked before it leaves my workstation. However, hopefully you will find this report interesting and will take the time to look through this to see if you can improve the amount of aggregation you perform. Check http://www.employees.org/~tbates/cidr-report.html for a daily update of this report. NEW: Check http://www.employees.org/~tbates/cidr-report-region.html for the regional version of this report. NEW: Check http://www.employees.org/~tbates/autnums.html for a complete list of autonomous system number to name mappings as used by the CIDR-Report. The report is split into sections: 0) General Status List the route table history for the last week, list any possibly bogus routes seen and give some status on ASes. 1) Gains by aggregating at the origin AS level This lists the "Top 30" players who if they decided to aggregate their announced classful prefixes at the origin AS level could make a significant difference in the reduction of the current size of the Internet routing table. This calculation does not take into account the inclusion of holes when forming an aggregate so it is possible even larger reduction should be possible. 2) Weekly Delta A summary of the last weeks changes in terms of withdrawn and added routes. Please note that this is only a snapshot but does give some indication of ASes participating in CIDR. Clearly, it is generally a good thing to see a large amount of withdrawls. 3) Interesting aggregates Interesting here means not an aggregate made as a set of classful routes. Thanks to GX Networks for giving me access to their routing tables once a day. Please send any comments about this report directly to CIDR Report <[EMAIL PROTECTED]>. -- CIDR REPORT for 16Aug02 0) General Status Table History - DatePrefixes 090802 112833 100802 112990 110802 112840 120802 112791 130802 112534 140802 112650 150802 112454 160802 112263 Check http://www.employees.org/~tbates/cidr.plot.html for a plot of the table history. Possible Bogus Routes - AS Summary -- Number of ASes in routing system: 13432 Number of ASes announcing only one prefix: 8161 (4608 cidr, 3553 classful) Largest number of cidr routes: 715 announced by AS3908 Largest number of classful routes: 1192 announced by AS701 1) Gains by aggregating at the origin AS level --- 16Aug02 --- ASnumNetsNow NetsCIDR NetGain % Gain Description AS701 1192 962 230 19.3% UUNET Technologies, Inc. AS1221 1043 824 219 21.0% Telstra Pty Ltd AS17557 265 94 171 64.5% Pakistan Telecom AS6595 227 58 169 74.4% DoD Education Activity Network As AS852515 378 137 26.6% Telus Advanced Communications AS7018 795 678 117 14.7% AT&T AS16473 178 73 105 59.0% Bell South AS4151 251 154 97 38.6% USDA AS19632 995 94 94.9% Metropolis Intercom S.A. AS12302 122 29 93 76.2% MobiFon S.A. AS16814 105 20 85 81.0% NSS, S.A. AS226170 89 81 47.6% Los Nettos AS1239 500 419 81 16.2% Sprint AS577268 194 74 27.6% Bell Advanced Communications Inc. AS7046 289 216 73 25.3% UUNET Technologies, Inc. AS4755 203 130 73 36.0% Videsh Sanchar Nigam Ltd. Autonom AS2048 179 106 73 40.8% State of Louisiana AS724214 152 62 29.0% DLA Systems Automation Center AS19834 644 60 93.8% NetForce, Inc. AS10620 85 25 60 70.6% TVCABLE BOGOTA AS3464 161 103 58 36.0% Alabama SuperComputer Network AS5515 243 186 57 23.5% Sonera Finland Autonomous System AS16758 636 57 90.5% IKON Office Solutions AS3908 283 228 55 19.4% Supernet, Inc. AS949885 31 54 63.5% BHARTI BT INTERNET LTD. AS905182 28 54 65.9% INCONET Autonomous System AS209286 232 54 18.9% Qwest AS653569 16 53 76.8% Chilesat Servicios Empresariales AS703276 225 51 18.5% UUNET Technologies, Inc. AS453887 36 51 58.6% China Education and Research Netw Total 549454238412561 22.9% For the rest of the previous weeks gain information please see http://www.employees.org:80/~tbates/cidr-report.html 2) Weekly Delta Please see http://www.employees.org:80/~t
Dave Farber comments on Re: Major Labels v. Backbones
On Fri, 16 Aug 2002, Richard A Steenbergen wrote: > Ok here's a question, why are they sueing AT&T, CW, and UU? I see > Listen4ever behind 4134 (China Telecom), who I only see buying transit > through InterNAP. Wouldn't it be simpler for them to sue InterNAP? I guess > it would sure be nice precedent, if they could make some big tier 1 > providers do their bidding to filter whoever they want whenever they want. The problem with BGP is you only see the "best" path more than one hop away. The network in question is reachable through transit providers other than InterNAP, such as Concert. http://www.nytimes.com/2002/08/17/business/media/17MUSI.html The New York Times says the companies named in the suit are AT&T Broadband (not AT&T's backbone?), Cable & Wireless, Sprint Corporation and UUNet technologies. "David Farber, a University of Pennsylvania computer scientist and an early architect of the Internet, filed an affidavit in the case, saying it would be relatively easy for the Internet companies to block the Internet address of the Web site without disrupting other traffic. "It's not a big hassle," Mr. Farber said. "There's no way to stop everybody, but a substantial number of people will not be able to get access."
Re: Major Labels v. Backbones
Might just be better to stand aside, and let them be Ddos'ed off the air...for thats whats coming to them... >Might I suggest filtering the websites of the offending "major labels" as >an appropriate retort?
Re: Major Labels v. Backbones
On Fri, Aug 16, 2002 at 10:03:37PM -0400, John Ferriby wrote: > A number of major music labels have joined forces and are seeking relief > from backbone providers, see: Ok here's a question, why are they sueing AT&T, CW, and UU? I see Listen4ever behind 4134 (China Telecom), who I only see buying transit through InterNAP. Wouldn't it be simpler for them to sue InterNAP? I guess it would sure be nice precedent, if they could make some big tier 1 providers do their bidding to filter whoever they want whenever they want. Might I suggest filtering the websites of the offending "major labels" as an appropriate retort? -- Richard A Steenbergen <[EMAIL PROTECTED]> http://www.e-gerbil.net/ras PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6)
Major Labels v. Backbones
A number of major music labels have joined forces and are seeking relief from backbone providers, see: http://story.news.yahoo.com/news?tmpl=story&ncid=582&e=2&cid=582&u=/nm/200 20816/wr_nm/media_copyright_dc_4 It sounds like the labels are alleging that the providers are, in some way, contributing infringers. If there are any legal eagles here, can a Common Carrier be a contributing infringer? Could a trucking firm be labeled a contributing infringer if it carries goods that violate patent/copyright law?Would Verizon/SBC/Qwest et al be construed this way if the service delivered copyrighted material over the voice network unencoded? -- John Ferriby - PGP Key: www.ferriby.com/pgpkey smime.p7s Description: application/pkcs7-signature
Re: Echo
Brad Knowles([EMAIL PROTECTED])@2002.08.16 23:46:51 +: > At 9:43 PM +0200 2002/08/16, Karsten W. Rohrbach wrote: > > > - scoreboard: one mail from one source addres in one minute time window > > Do you just queue messages from source addresses, so that you > don't generate more than one echo in a minute, or do you throw away > every message from that source address which was generated less than > one minute ago? please, see the other answer in this thread. > > Also, how do you handle echoes of echoes? For example, if I > forged e-mail as being from [EMAIL PROTECTED] and addressed that to > [EMAIL PROTECTED] (or whatever), would this generate an endless loop? X-Loop: > > What if I put "[EMAIL PROTECTED],[EMAIL PROTECTED]" as the return address? > Would you send back two copies? No. > Just curious. Thanks! regards, /k -- > Nuclear war can ruin your whole compile. --Karl Lehenbauer WebMonster Community Project -- Reliable and quick since 1998 -- All on BSD http://www.webmonster.de/ - ftp://ftp.webmonster.de/ - http://www.rohrbach.de/ GnuPG: 0xDEC948A6 D/E BF11 83E8 84A1 F996 68B4 A113 B393 6BF4 DEC9 48A6 REVOKED: 0x2964BF46 D/E 42F9 9FFF 50D4 2F38 DBEE DF22 3340 4F4E 2964 BF46 REVOKED: 0x4C44DA59 RSA F9 A0 DF 91 74 07 6A 1C 5F 0B E0 6B 4D CD 8C 44 My mail is GnuPG signed -- Unsigned ones are bogus -- http://www.gnupg.org/ Please do not remove my address from To: and Cc: fields in mailing lists. 10x msg04452/pgp0.pgp Description: PGP signature
Re: Echo
Brad Knowles([EMAIL PROTECTED])@2002.08.16 22:27:08 +: > At 9:43 PM +0200 2002/08/16, Karsten W. Rohrbach wrote: > > > Brad Knowles([EMAIL PROTECTED])@2002.08.16 19:48:10 +: > >>What kinds of anti-abuse protection methods have people used for > >> "echo" accounts that they have set up? > > > > - scoreboard: one mail from one source addres in one minute time window > > Yeah, but then abusers could easily generate elephantine > quantities of messages, simply by randomly generating return > addresses (if they wanted to DoS you or your network), or by randomly > generating the user portion of return addresses (if they wanted to > abuse you to DoS someone else). If they know that there are multiple > domains handled by the same servers, they could randomly generate > addresses within that set of domains. ...ip source address that is, thought it was obvious. a very logical algorithm would be ``n source ip adresses per /16 per minute'' which would catch at least the badly distributed DDoS attacks and does not impose large processing overhead in cycles and memory, i think. i don't think that an echo service would be this popular that it needs to process very many messages for the same /16 in a short period of time. > > > - gnupg: mail needs to be signed to fire a return mail. key of the > >signer must belong to the robot's gpg trust web. > > Ooh, so in order to use the echo server, they have to send a PGP > signed message? Wow, that's pretty expensive. That sounds like a > really excellent way to DoS your server. it was just a quick idea. but queueing and (rapidly) scheduled weedouts of those queues are nothing new, when you guard services with gpg/pgp. other soft capacity limitings can be done if the rate limiting described above lets through too much, such as deleting queue entries by random when hitting an excessive queue length. when measuring of link latency is done with it, the gpg approach might impose problems, since you need to rely on the outgoing mail timestamp of the echo relay because of variable queue length and gpg processing time. > > Thanks for sharing! > you're welcome. /k -- WebMonster Community Project -- Reliable and quick since 1998 -- All on BSD http://www.webmonster.de/ - ftp://ftp.webmonster.de/ - http://www.rohrbach.de/ GnuPG: 0xDEC948A6 D/E BF11 83E8 84A1 F996 68B4 A113 B393 6BF4 DEC9 48A6 REVOKED: 0x2964BF46 D/E 42F9 9FFF 50D4 2F38 DBEE DF22 3340 4F4E 2964 BF46 REVOKED: 0x4C44DA59 RSA F9 A0 DF 91 74 07 6A 1C 5F 0B E0 6B 4D CD 8C 44 My mail is GnuPG signed -- Unsigned ones are bogus -- http://www.gnupg.org/ Please do not remove my address from To: and Cc: fields in mailing lists. 10x msg04451/pgp0.pgp Description: PGP signature
Re: Echo
At 9:43 PM +0200 2002/08/16, Karsten W. Rohrbach wrote: > - scoreboard: one mail from one source addres in one minute time window Do you just queue messages from source addresses, so that you don't generate more than one echo in a minute, or do you throw away every message from that source address which was generated less than one minute ago? Also, how do you handle echoes of echoes? For example, if I forged e-mail as being from [EMAIL PROTECTED] and addressed that to [EMAIL PROTECTED] (or whatever), would this generate an endless loop? What if I put "[EMAIL PROTECTED],[EMAIL PROTECTED]" as the return address? Would you send back two copies? Just curious. Thanks! -- Brad Knowles, <[EMAIL PROTECTED]> "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin, Historical Review of Pennsylvania. GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI$ P+>++ L+ !E W+++(--) N+ !w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++) tv+(+++) b+() DI+() D+(++) G+() e++> h--- r---(+++)* z(+++)
Re: Echo
At 4:33 PM -0400 2002/08/16, Martin Hannigan wrote: > I'm not sure why this is such a worry since a lot of these > responders have been working for over a decade, and they've > all been just fine operating the way they are. Most security holes are not anything to worry about -- until someone takes advantage of them. -- Brad Knowles, <[EMAIL PROTECTED]> "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin, Historical Review of Pennsylvania. GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI$ P+>++ L+ !E W+++(--) N+ !w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++) tv+(+++) b+() DI+() D+(++) G+() e++> h--- r---(+++)* z(+++)
Re: Echo
I'm not sure why this is such a worry since a lot of these responders have been working for over a decade, and they've all been just fine operating the way they are. -M On Fri, 16 Aug 2002, Brad Knowles wrote: > At 9:43 PM +0200 2002/08/16, Karsten W. Rohrbach wrote: > > > Brad Knowles([EMAIL PROTECTED])@2002.08.16 19:48:10 +: > >>What kinds of anti-abuse protection methods have people used for > >> "echo" accounts that they have set up? > > > > - scoreboard: one mail from one source addres in one minute time window > > Yeah, but then abusers could easily generate elephantine > quantities of messages, simply by randomly generating return > addresses (if they wanted to DoS you or your network), or by randomly > generating the user portion of return addresses (if they wanted to > abuse you to DoS someone else). If they know that there are multiple > domains handled by the same servers, they could randomly generate > addresses within that set of domains. > > > - gnupg: mail needs to be signed to fire a return mail. key of the > >signer must belong to the robot's gpg trust web. > > Ooh, so in order to use the echo server, they have to send a PGP > signed message? Wow, that's pretty expensive. That sounds like a > really excellent way to DoS your server. > > > Thanks for sharing! > > -- > Brad Knowles, <[EMAIL PROTECTED]> > > "They that can give up essential liberty to obtain a little temporary > safety deserve neither liberty nor safety." > -Benjamin Franklin, Historical Review of Pennsylvania. > > GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI$ P+>++ L+ !E W+++(--) N+ !w--- > O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++) > tv+(+++) b+() DI+() D+(++) G+() e++> h--- r---(+++)* z(+++) >
Re: Echo
At 9:43 PM +0200 2002/08/16, Karsten W. Rohrbach wrote: > Brad Knowles([EMAIL PROTECTED])@2002.08.16 19:48:10 +: >> What kinds of anti-abuse protection methods have people used for >> "echo" accounts that they have set up? > > - scoreboard: one mail from one source addres in one minute time window Yeah, but then abusers could easily generate elephantine quantities of messages, simply by randomly generating return addresses (if they wanted to DoS you or your network), or by randomly generating the user portion of return addresses (if they wanted to abuse you to DoS someone else). If they know that there are multiple domains handled by the same servers, they could randomly generate addresses within that set of domains. > - gnupg: mail needs to be signed to fire a return mail. key of the >signer must belong to the robot's gpg trust web. Ooh, so in order to use the echo server, they have to send a PGP signed message? Wow, that's pretty expensive. That sounds like a really excellent way to DoS your server. Thanks for sharing! -- Brad Knowles, <[EMAIL PROTECTED]> "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin, Historical Review of Pennsylvania. GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI$ P+>++ L+ !E W+++(--) N+ !w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++) tv+(+++) b+() DI+() D+(++) G+() e++> h--- r---(+++)* z(+++)
Re: Telus outage in Toronto, Ont Canada (AS852) ?
This started just before noon Toronto time (EDT) (my BGP session to them went idle at 11:41). Supposedly a sprinkler pipe broke and soaked a few optical transport shelves. The last updated I had was that it will be a few hours still. The master ticket is 895-126. This is all third hand. Perhaps some of the Telus folks here can provide more official info. ---Mike At 03:33 PM 16/08/2002 -0400, batz wrote: >I wonder if that would have anything to do with the subway between >Union and Spadina (under University Ave.)being shut down for part >of the morning. Transit service was restored by about 9:45. > >What about Telus? > >-- >batz
Re: Telus outage in Toronto, Ont Canada (AS852) ?
On Fri, 16 Aug 2002, Mike Tancsa wrote: :I cant get a hold of anyone in the NOC, but my local field tech says :several large circuits got knocked out as a result of a broken pipe in :their CO on University Ave. Does anyone else have any more details ? All :the 1 800#s I have for them are still fast busy. I wonder if that would have anything to do with the subway between Union and Spadina (under University Ave.)being shut down for part of the morning. Transit service was restored by about 9:45. What about Telus? -- batz
Re: Echo
Brad Knowles([EMAIL PROTECTED])@2002.08.16 19:48:10 +: > What kinds of anti-abuse protection methods have people used for > "echo" accounts that they have set up? - scoreboard: one mail from one source addres in one minute time window - gnupg: mail needs to be signed to fire a return mail. key of the signer must belong to the robot's gpg trust web. regards, /k -- > To avoid criticism, do nothing, say nothing, be nothing. --Elbert Hubbard WebMonster Community Project -- Reliable and quick since 1998 -- All on BSD http://www.webmonster.de/ - ftp://ftp.webmonster.de/ - http://www.rohrbach.de/ GnuPG: 0xDEC948A6 D/E BF11 83E8 84A1 F996 68B4 A113 B393 6BF4 DEC9 48A6 REVOKED: 0x2964BF46 D/E 42F9 9FFF 50D4 2F38 DBEE DF22 3340 4F4E 2964 BF46 REVOKED: 0x4C44DA59 RSA F9 A0 DF 91 74 07 6A 1C 5F 0B E0 6B 4D CD 8C 44 My mail is GnuPG signed -- Unsigned ones are bogus -- http://www.gnupg.org/ Please do not remove my address from To: and Cc: fields in mailing lists. 10x msg0/pgp0.pgp Description: PGP signature
Re: an itty bitty survey...
> I'm curious as to how you configure your routers (whatever they may be). >In particular, what tools do you use? Home grown? Rancid? Vendor > provided? telnet and ssh
an itty bitty survey...
Hi all, [This may sound like a perennial question.] I'm curious as to how you configure your routers (whatever they may be). In particular, what tools do you use? Home grown? Rancid? Vendor provided? I'll summarize. Thanks in advance, Eliot
Re: Maybe just slightly operational Palladium information
Bruce Schneier seems to confirm the worst expected about Pd. At 11:13 8/16/02 -0700, you wrote: >OK. This is a bit beyond the charter, but there was a long and >annoying thread on Microsoft Palladium last week and I just read an >interesting article that seems to minimize the FUD I have been seeing. > >http://www.counterpane.com/crypto-gram-0208.html > >The author is Bruce Schneier, one of the best known crypto and >security experts out there. He is also not a Microsoft fan (or hater) >and that makes him one of the best sources for information on computer >security issues. > >Over all, I found the article excellent. It might at least make some >of the silly messages on the subject seem even sillier and point out >the real concerns and possible benefits of Pd. > >R. Kevin Oberman, Network Engineer >Energy Sciences Network (ESnet) >Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) >E-mail: [EMAIL PROTECTED] Phone: +1 510 486-8634
Maybe just slightly operational Palladium information
OK. This is a bit beyond the charter, but there was a long and annoying thread on Microsoft Palladium last week and I just read an interesting article that seems to minimize the FUD I have been seeing. http://www.counterpane.com/crypto-gram-0208.html The author is Bruce Schneier, one of the best known crypto and security experts out there. He is also not a Microsoft fan (or hater) and that makes him one of the best sources for information on computer security issues. Over all, I found the article excellent. It might at least make some of the silly messages on the subject seem even sillier and point out the real concerns and possible benefits of Pd. R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: [EMAIL PROTECTED] Phone: +1 510 486-8634
Re: Echo
At 12:53 PM -0400 2002/08/16, Martin Hannigan wrote: > It basically allow you to "bounce" mail off of the address and > returns a copy of your mail replete with headers. Useful for > testing mail configuration, latency, etc. We built systems like this for AOL (to monitor the latency of the Internet mail gateway system), but we didn't bother using "echo" accounts at other providers. We simply set up accounts at other sites and had them set up to forward everything they got back to a central monitoring account. For those systems we wanted to test against but where we couldn't set up our own account, we'd just send a message to an obviously non-existant address, and make sure that the envelope sender address was set correctly to direct the bounces to that same central account. Indeed, I had not considered the usefulness of setting up "echo" accounts. Seems to me that they could be easily abused. What kinds of anti-abuse protection methods have people used for "echo" accounts that they have set up? -- Brad Knowles, <[EMAIL PROTECTED]> "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin, Historical Review of Pennsylvania. GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI$ P+>++ L+ !E W+++(--) N+ !w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++) tv+(+++) b+() DI+() D+(++) G+() e++> h--- r---(+++)* z(+++)
Telus outage in Toronto, Ont Canada (AS852) ?
I cant get a hold of anyone in the NOC, but my local field tech says several large circuits got knocked out as a result of a broken pipe in their CO on University Ave. Does anyone else have any more details ? All the 1 800#s I have for them are still fast busy. ---Mike Mike Tancsa, tel +1 519 651 3400 Sentex Communications,[EMAIL PROTECTED] Providing Internet since 1994www.sentex.net Cambridge, Ontario Canada www.sentex.net/mike
Re: Max Prefixes Configured on Customer BGP
That's why you make sure that any incidents where max-prefix is tripped is caught by a syslog watcher and brought to the immediate attention of whoever's sitting in your NOC. Honestly, if all you're dealing with is customer BGP session, I would propose that 90% of them don't advertise more than 10 prefixes, so a max-prefix number higher than, say, 100 should do for most cases. And for that last 10%, max-prefix is a per-session configuration, so that number can always be set higher. IMO, advertising 100 routes for 30 seconds is far less damaging than 8000 routes. Also, don't forget about the warn option - if a customer's organic growth puts them close to the prefix limit, you should get a heads-up in most cases. I recall an incident where we brought up a customer advertising around 600 routes, and sent the prefix list our upstream, who dutifully added all 600 routes to the prefix list, but neglected to raise their maximum-prefix limit from 300. This, of course, had predictable results. Doh. -C > This isn't a terribly cisco-specific reply so I'll keep it here. > > The problem with restart systems (btw thank you cisco for finally adding > this) is, think about how much damage can be done by announcing 8k routes > for the 30 seconds (or 5-10 minutes if there is a Foundry in the mix :P) > before you get to the limit and kill the session. Now add in the damage > caused by this happening every 15 minutes, and the dampening. Or even > worse, someone who turns up more routes and happens to hit right around > the exact number or close to it. Imagine a session which goes over by 1 > route, trips, stays down for 15 minutes, comes back up and this time has 1 > less route, and noone notices the prefix limit needs to be raised. You > should make sure that the restart time exceeds the number/length of flaps > necessary to trigger dampening, which on a connect you transit is pretty > darn hard to accurately guess. > > IMHO, using only prefix limits on a customer is actually doing them (and > the rest of the internet that listens to your announcements) a disservice. > > A better system might be where the session is kept up (or periodically > polled, if you want to make it obvious to the other party that there is a > problem) without installing the routes, and kept in a "quarantine" state > for X amount of time to make sure that things stay below a configured > number. This would be at least a slightly better way of recovering quickly > once the "problem" has passed, without mucking things up every 15 minutes > in the process. > > -- > Richard A Steenbergen <[EMAIL PROTECTED]> http://www.e-gerbil.net/ras > PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6) msg04437/pgp0.pgp Description: PGP signature
Re: Echo
> Hi, Martin. > > What is an "echo mail reflector?" Is this something I could provide? > It basically allow you to "bounce" mail off of the address and returns a copy of your mail replete with headers. Useful for testing mail configuration, latency, etc. Someone just pinged me and said that [EMAIL PROTECTED]<- is still operational.
Re: Echo
Martin yeah - massive 'outage' yesterday (over 6 hours) as they changed all sorts of stuff from PSI to cogent. No notice, just a 'fiber cut', cough :-( Typical Cogent. -- Martin Hepworth Senior Systems Administrator Solid State Logic Ltd +44 (0)1865 842300 Martin Hannigan wrote: > > Looks like the echo mail reflectors at PSI are now gone. > Must've happened today as I use these frequently. > > > --SNARF > Your message > > To: [EMAIL PROTECTED] > Subject: test foo test bar test foo test bar > Sent:Fri, 16 Aug 2002 12:29:27 -0400 > > did not reach the following recipient(s): > > [EMAIL PROTECTED] on Fri, 16 Aug 2002 12:29:41 -0400 > The recipient name is not recognized > The MTS-ID of the original message is: c=us;a= ;p=cogent > > > > --END > > Regards, > > -- > Martin Hannigan [EMAIL PROTECTED] > Boston, MAhttp://www.fugawi.net > > > > ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses. www.mimesweeper.com **
Re: Echo
On Fri, Aug 16, 2002 at 12:38:26PM -0400, Martin Hannigan wrote: > > > Looks like the echo mail reflectors at PSI are now gone. > Must've happened today as I use these frequently. > > [EMAIL PROTECTED] on Fri, 16 Aug 2002 12:29:41 -0400 [EMAIL PROTECTED] still works -j
Echo
Looks like the echo mail reflectors at PSI are now gone. Must've happened today as I use these frequently. --SNARF Your message To: [EMAIL PROTECTED] Subject: test foo test bar test foo test bar Sent:Fri, 16 Aug 2002 12:29:27 -0400 did not reach the following recipient(s): [EMAIL PROTECTED] on Fri, 16 Aug 2002 12:29:41 -0400 The recipient name is not recognized The MTS-ID of the original message is: c=us;a= ;p=cogent --END Regards, -- Martin Hannigan [EMAIL PROTECTED] Boston, MA http://www.fugawi.net
Re: Max Prefixes Configured on Customer BGP
In a message written on Thu, Aug 15, 2002 at 11:41:17PM -0400, Richard A Steenbergen wrote: > IMHO, using only prefix limits on a customer is actually doing them (and > the rest of the internet that listens to your announcements) a disservice. I think you might be missing a highly useful case of using max-prefix with customers. Many customers will want to deaggregate their blocks, and/or leak more specifics. While I don't want to argue if that is good or not, the end result is most ISP's allow this in some form. Consider the difference between: Case 1: a.b.0.0/16 exact match prefix filter Customer calls in, asks for change. a.b.0.0/17 + a.b.128.0/17 exact match prefix filter. Case 2: a.b.0.0/16 le 19, max prefix 6 The second case allows customers to make changes with no delays, and reduces the amount of work for the ISP. It still enforces some level of aggregation automatically to protect the system, but also gives the customer some flexability. Generally I'd recomend something around twice the number of prefixes, with some sort of floor. So, if you registered 200 prefixes, you could announce 400 routes from them, with a maximum length as set by your ISP. -- Leo Bicknell - [EMAIL PROTECTED] - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/ Read TMBG List - [EMAIL PROTECTED], www.tmbg.org
Re: Qwest Outage?
Sorry about that - apparently there was a Broadwing fiber cut 1 mile west of Dallas that affected Fort Worth and Houston. All is back up now (after doing my share of freaking out!). Thanks! Original Message Follows From: Peter van Dijk To: [EMAIL PROTECTED] Subject: Re: Qwest Outage? Date: Fri, 16 Aug 2002 09:26:52 +0200 On Fri, Aug 16, 2002 at 02:23:56AM -0500, James Ferris wrote: Interesting. No text/plain content. Please disable HTML in your mailer and we may be able to read what you are saying :) Greetz, Peter -- MegaBIT - open air networking event - http://www.megabit.nl/ _ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx
Re: Qwest Outage?
On Fri, Aug 16, 2002 at 02:23:56AM -0500, James Ferris wrote: Interesting. No text/plain content. Please disable HTML in your mailer and we may be able to read what you are saying :) Greetz, Peter -- MegaBIT - open air networking event - http://www.megabit.nl/
Qwest Outage?
Can anyone confirm or explain the Qwest outage in Dallas/Fort Worth? Fiber cut maybe?Send and receive Hotmail on your mobile device: Click Here