Hey!
New message, please read
<http://internetmarketing.onnet.com.vn/knowing.php?ljhy>
Sam Stickland
Slightly off topic, but has there ever been a proposed protocol where hosts
can register their L2/L3 binding with their connected switch (which could
then propagate the binding to other switches in the Layer 2 domain)?
Further discovery requests (e.g. ARP, ND) from other attached hosts could
then a
Apologies for the off-topic post, but I thought some of you might get
enjoyment out of this...
After four and a half years and around 5,000 man hours we finally
finished our feature film comedy about networking. If nothing else I
think this must be the only film in existence that has eight CCIEs i
On 9 Feb 2011, at 09:48, sth...@nethelp.no wrote:
>> Is there a NANOG FAQ we can add this to?
>>
>>> 1- Use Public Ipv6 with /122 and do not advertise to Internet
>>> 2- Use Public Ipv6 with /127 and do not advertise to Internet
>>
>> The all zeros address is the all routers anycast address
On 9 Feb 2011, at 02:43, "R. Benjamin Kessler" wrote:
>>> From: George Herbert [mailto:george.herb...@gmail.com]
>
>>> "Let's just grab 2/8, it's not routed on the Internet..."
>
> +1
>
> I was consulting for a financial services firm in the late '90s that was
> acquired by a large east-co
I've worked in plenty of places where registered address was used on private
interconnections between organisations to avoid overlaps, but never announced
globally.
S
On 8 Feb 2011, at 14:35, gb10hkzo-na...@yahoo.co.uk wrote:
>> Hint: even IPs not pingable from the Internet are being used. Not
On Sat, Jan 8, 2011 at 2:00 AM, Dobbins, Roland wrote:
>
>
> If it's inappropriately placed in front of servers, where's there's no
> state to inspect and were the stateful nature of the device in and of itself
> forms a DoS vector, it has negative security value; i.e., it makes things
> far worse
On 21 Dec 2010, at 07:18, Mikael Abrahamsson wrote:
On Mon, 20 Dec 2010, Jim Gettys wrote:
Common knowledge among whom? I'm hardly a naive Internet user.
Anyone actually looking into the matter. The Cisco "fair-queue" command was
introduced in IOS 11.0 according to <
http://www.cisco.com/en/
Jon Lewis wrote:
On Thu, 5 Mar 2009, Rodriguez, Mauricio wrote:
Looking at possibilities for an implementation of usage-based
billing, it seems that the same techniques and tools always come up.
I'm looking for some feedback from the list on experiences with these
tools and techniques as wel
Hi,
It's looking like running all of our traps and syslog through a couple
of relay devices (and then onwards to the various NMS's) would be quite
a win for us.
These relay devices just need to be "dumb" forwarders (we don't require
any filtering or storing, just reflection), but we need an
Niels Bakker wrote:
* sam_mailingli...@spacething.org (Sam Stickland) [Tue 03 Feb 2009,
13:04 CET]:
For what it's worth, TCP will negiogate MSS and will work with
mismatched MTU in a single LAN segment.
No
Machine 1 -- switch with 1500 byte MTU -- switch with smaller MTU --
switch with
Ricky Beam wrote:
On Fri, 30 Jan 2009 17:00:00 -0500, Saku Ytti wrote:
Which standard are you referring to? AFAIK, nothing above 1500 is
standardised
None that have ever been accepted. From a quick google for
manufacturer support, 9216 looks like the most popular number. But,
as I said, i
Jo Rhett wrote:
That's the surprising thing -- no scenario. Very basic
configuration. Enabling uRPF and then hitting it with a few gig of
non-routable packets consistently caused the sup module to stop
talking on the console, and various other problems to persist
throughout the unit, ie no a
Jon Lewis wrote:
Do you utilize the IRR, have an as-set, and put all customer AS/CIDR's
into the IRR? I've honestly never heard from LVL3 about our
advertisements. Other providers have varied from just needing a web
form, email, phone call, or those combined with faxed LOAs. The
latter gets
Randy Bush wrote:
and consider matsuzaki-san's dos vulnerability on a /64 p2p link. the
prudent operational advice today is to use a /127.
randy
Can you provide some more information on this vulnerability? My
google-fu appears to be weak.
Sam
Iljitsch van Beijnum wrote:
On 20 aug 2008, at 20:04, [EMAIL PROTECTED] wrote:
Hypothetically true. Unfortunately, enough places do bozo
firewalling and drop
the ICMP Frag Needed packets to severely limit the utility of PMTU
Discovery.
Yet all OSes have it enabled and there is no fallback t
Pete Templin wrote:
Jared Mauch wrote:
On a router with full routes (ie: no default) the command
is:
Router(config-if)#ip verify unicast source reachable-via any
None of these suggestions (including the wisecrack "ACLs") provide
full filtering:
If a miscreant originates a route in bo
mode transparent
!
vlan 555
remote-span
!
interface range Fa 0/1 - 3
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk allowed vlan 555
switchport trunk native vlan 555
Sam
Sam Stickland wrote:
Lynda wrote:
Warren Kumari wrote:
What I am looking for is: Small enough to
Skywing wrote:
Then again, it does make Team Cymru an attractive target for DoS or even
compromise if they can control routing policy to a degree for a large number of
disparate networks. Especially if it gets in the way of for-profit spammers.
(Not trying to knock them, just providing a for
Lynda wrote:
Warren Kumari wrote:
What I am looking for is: Small enough to live in my notebook bag
(e.g.: 4 port with a wall wart.) Cheap Simple 10/100/1000Mbps
I don't believe that such a thing ever existed. Hubs that did 10/100,
certainly, but I've never ever seen a hub that did gig speed
Steven M. Bellovin wrote:
As for CPU time -- remember that most web site visits are very short;
this in turn means that you have to amortize the SSL setup expense over
very few pages. I talked once with a competent system designer who
really wanted to use https but couldn't -- his total system c
Matt Cable wrote:
Kevin Oberman es.net> writes
tcptrace is old and pretty basic, but it can provide a LOT if
information. Combined with xplot, the graphs often point to the exact
nature of a TCP problem, but you need a really good understanding of TCP
to figure anything out.
Wireshark al
A bit more googling has found the Web100 projects NDT
(http://e2epi.internet2.edu/ndt/). I'm currently making a Linux VM that
can run it. It's useful, but I'm still really after something that can
do it's type of analysis from a packet capture.
Sam
Sam Stickland wrote:
Hi,
Are there any packages (or Wireshark options that I've missed) that can
follow a TCP stream and determine the limiting factor on throughput. E.g
Latency, packet loss, out of sequence packets, window size, or even just
the senders rate onto the wire. I know how to analyse a trace by hand
f
Even if they are decrementing TTL inside of their MPLS core, the TTL
expired message still has to traverse the entire MPLS LSP (tunnel), so
the latency reported for each "hop" is in fact the latency of the last
hop in the MPLS network. Always.
Sam
Robert Richardson wrote:
They probably don't
Deepak Jain wrote:
Quite a few times it has been mentioned to me that some peering
agreements require support for the IPv4 source routing options. I was
wondering whether this is still the case for some ISPs, or it is not
the case anymore.
Before we decommissioned our last open peering fabric
Joe Abley wrote:
On 22 May 2008, at 23:16, James R. Cutler wrote:
The announcement was made to nanog-announce, but not to nanog. I
would expect that there are scads more readers of nanog than of nanog
announce.
When I was sending things to nanog-announce, it was the case that mail
to nanog
Andy Dills wrote:
On Mon, 9 Jul 2007, Cat Okita wrote:
As far as "needing a verification system", is there something deeply
problematic about filtering your customers? It's a fine example of
thinking globally and acting locally.
That's what I'm curious about...this boils down to L3
People are asking me to port a summary back to the list, but as I'm
still getting replies coming in I'm going to leave this until tomorrow.
S
Sam Stickland wrote:
All,
Thanks for the replies that have started rolling in. They've made me
realise I should have added an addi
Joe Abley wrote:
On 14-Jun-2007, at 02:32, Sam Stickland wrote:
Does anyone have any CCIE (or equivalent technical ability) staff on
a 24x7 shift? What about CCIE level staff on an on-call rota with a
garanteed response time? How about CCNP?
Does anybody actually put any stock in the
nteed response time? How about CCNP?
If people could also give an identication of the size of their
organisation/network it would be useful.
Sam
Sam Stickland wrote:
Hi,
I'm wondering how different organisations structure their 24x7 network
operations? We are undergoing some restructuring h
Hi,
I'm wondering how different organisations structure their 24x7 network
operations? We are undergoing some restructuring here and it would be
interesting for us to know how other large enterprises and service
providers arrange this. We are particulary interested in service
providers. (Cur
m Mom, you can tell them to turn off the NAT and try again.
Precisely.
I don't think anyone is suggesting that you should put NAPT in an IPv6
gateway. A few days ago it was suggested by Sam Stickland that a
blocker to moving to IPv6 was the lack of NAPT, and the security
features t
Joe Abley wrote:
On 4-Jun-2007, at 14:32, Jim Shankland wrote:
Shall I do the experiment again where I set up a Linux box
at an RFC1918 address, behind a NAT device, publish the root
password of the Linux box and its RFC1918 address, and invite
all comers to prove me wrong by showing evidenc
Sander Steffann wrote:
Hi,
In fact, and call me crazy, but I can't help but wonder how
many enterprises
out there will see IPv6 and its concept of "real IPs for all machines,
internal and external!" and respond with "Hell No."
Anyone got any numbers for that? I'm happy to admit I don't.
Jared Mauch wrote:
On Fri, Jun 01, 2007 at 02:28:34PM +0100, Jeroen Massar wrote:
Hi,
As more and more cool IPv6 applications and services are becoming
available, I converted the former FAQ entry we had on this into a more
easily found/remembered page.
I was doing some search
36 matches
Mail list logo
