Re: [AFMUG] is the list going to get fixed?

[Timothy D. McNabb via Af]

I clicked on the link and I liked it ☺

-Tim

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Chuck McCown via Af
Sent: Tuesday, December 30, 2014 12:50 PM
To: af@afmug.com
Subject: Re: [AFMUG] is the list going to get fixed?

I could try, but they are all over 18 and some of them outweigh me.
(I do have boxing gloves, hard to get them to spar with me for some reason.  
Fear, pity, respect, apathy?)


From: That One Guy via Af
Sent: Tuesday, December 30, 2014 1:42 PM
To: af@afmug.com
Subject: Re: [AFMUG] is the list going to get fixed?

Im so happy Im not even going to beat my kids tonite

On Tue, Dec 30, 2014 at 2:29 PM, Ken Hohhof via Af 
mailto:af@afmug.com>> wrote:
Well then obviously GMail is broken.

From: Josh Luthman via Af
Sent: Tuesday, December 30, 2014 2:14 PM
To: af@afmug.com
Subject: Re: [AFMUG] is the list going to get fixed?

Gmail is labeling it as spam - ouch!

Mine came at 1:24 PM


Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373

On Tue, Dec 30, 2014 at 3:10 PM, Jason McKemie via Af 
mailto:af@afmug.com>> wrote:
Read Paul's email.


On Tuesday, December 30, 2014, Dennis Burgess via Af 
mailto:af@afmug.com>> wrote:
I registered and/or clicked that link and its still coming from 
af@afmug.com ;)

Dennis Burgess, CTO, Link Technologies, Inc.
den...@linktechs.net – 
314-735-0270 – www.linktechs.net

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Mike Hammett via Af
Sent: Tuesday, December 30, 2014 2:05 PM
To: af@afmug.com
Subject: Re: [AFMUG] is the list going to get fixed?

The "From" was definitely broken.


-
Mike Hammett
Intelligent Computing Solutions
http://www.ics-il.com


From: "Josh Luthman via Af" mailto:af@afmug.com>>
To: af@afmug.com
Sent: Tuesday, December 30, 2014 1:56:25 PM
Subject: Re: [AFMUG] is the list going to get fixed?
Trick question, wasn't broken.


Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373

On Tue, Dec 30, 2014 at 2:40 PM, Paul McCall via Af 
mailto:af@afmug.com>> wrote:
Maybe ☺

From: Af [mailto:af-boun...@afmug.com] On Behalf Of That One Guy via Af
Sent: Tuesday, December 30, 2014 3:13 AM
To: af@afmug.com
Subject: [AFMUG] is the list going to get fixed?

a yes or a no


--
All parts should go together without forcing. You must remember that the parts 
you are reassembling were disassembled by you. Therefore, if you can't get them 
together again, there must be a reason. By all means, do not use a hammer. -- 
IBM maintenance manual, 1925






--
All parts should go together without forcing. You must remember that the parts 
you are reassembling were disassembled by you. Therefore, if you can't get them 
together again, there must be a reason. By all means, do not use a hammer. -- 
IBM maintenance manual, 1925

Re: [AFMUG] Micro cell with NAT mode FSK

[Timothy D. McNabb via Af]

This is how we fixed it as well.

-Tim

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Vince West via Af
Sent: Friday, December 26, 2014 10:39 AM
To: af@afmug.com
Subject: Re: [AFMUG] Micro cell with NAT mode FSK

The best way we found to combat this issue was set up the SM in bridged mode 
and provide the customer with a PPPoE connection.

Vince West
Tower Hand
Technical Support
Shelby Broadband
148 Citizens Blvd
Simpsonville, KY 40067
Phone: 1-888-364-4232

On Fri, Dec 26, 2014 at 1:29 PM, Ken Hohhof via Af 
mailto:af@afmug.com>> wrote:
Is LAN IP 192.168.100.x?

From: timothy steele via Af
Sent: Friday, December 26, 2014 12:13 PM
To: af@afmug.com
Subject: [AFMUG] Micro cell with NAT mode FSK

Just ran into a ATT microcell that would not work with the SM in NAT mode 
routers WAN was on a DMZ IP anyone else run into this?

Thanks

—
Sent from Mailbox

[AFMUG] Mikrotik crashing

[Timothy D. McNabb via Af]

We have a Mikrotik CCR that keeps crashing after sustaining ~500+ Mb/s for 
extended periods of time. No logs, just dumps iBGP connection and starts 
dropping all PPPoE connections (~1800 total), then locks up altogether. Was 
wondering if anyone else has seen this issue. I believe the firmware is 6.22 
but my cohort might be able to chime in on the exact release firmware we were 
using. We have tried older firmware with similar symptoms so I'm leaning 
towards an issue with the device itself.

We're back on our Imagestreams for the time being until we can sort this out, 
but thought it best to ask here with so many users on here that run MT's.

Planning on posting to MT forum as well but covering all bases. :) Any 
information is helpful right now.

Regards,

Timothy McNabb
Network Administrator
Velociter Wireless, Inc
(209)838-1221 x107

Re: [AFMUG] [OT] CentOS 7 optimized settings for VM

[Timothy D. McNabb via Af]

Hmm ya we’re using that too. CentOS 5 and 6 (though both 32bit variants) were 
nice and snappy to access. Even from CLI. SSH sometimes seems to lag a little 
even with 7. Not really sure why though.

Are you using 32 or 64bit Josh?

-Tim

PS – The android-like GUI interface is a bit annoying lol. GNOME slide-up to 
access logins? :-/

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Josh Luthman via Af
Sent: Thursday, December 18, 2014 2:04 PM
To: af@afmug.com
Subject: Re: [AFMUG] [OT] CentOS 7 optimized settings for VM


Esxi.  No problems.  Don't use a GUI at all, though.

Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373
On Dec 18, 2014 4:46 PM, "Timothy D. McNabb via Af" 
mailto:af@afmug.com>> wrote:
I know CentOS 7 has been mentioned here recently. Curious to know if anyone is 
running in a VM environment? Performance at least from the GUI seems pretty 
slow. What settings are you running to get it nice and snappy? We’re running 2 
cores and 4GB of memory on a 64bit environment. VMware tools are also installed.

Timothy McNabb
Network Administrator
Velociter Wireless, Inc
(209)838-1221 x107

[AFMUG] [OT] CentOS 7 optimized settings for VM

[Timothy D. McNabb via Af]

I know CentOS 7 has been mentioned here recently. Curious to know if anyone is 
running in a VM environment? Performance at least from the GUI seems pretty 
slow. What settings are you running to get it nice and snappy? We're running 2 
cores and 4GB of memory on a 64bit environment. VMware tools are also installed.

Timothy McNabb
Network Administrator
Velociter Wireless, Inc
(209)838-1221 x107

Re: [AFMUG] N00b question

[Timothy D. McNabb via Af]

8ft actually :)

-Tim

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Mark Radabaugh via Af
Sent: Wednesday, December 03, 2014 4:42 PM
To: af@afmug.com
Subject: Re: [AFMUG] N00b question


Do you need something longer than you can get from a 900Mhz SM?We just take 
them out of dead radios.

Mark


On Dec 3, 2014, at 7:35 PM, Timothy D. McNabb via Af 
mailto:af@afmug.com>> wrote:

So now that I know the cable, any recommendations for good cable builders for 
custom lengths? Needs to be UV rated, able to withstand the elements and low 
impedance (50ohm).

-Tim

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Timothy D. McNabb via Af
Sent: Wednesday, December 03, 2014 4:14 PM
To: af@afmug.com<mailto:af@afmug.com>
Subject: Re: [AFMUG] N00b question

Thanks George!

-Tim

From: Af [mailto:af-boun...@afmug.com] On Behalf Of George Skorup (Cyber 
Broadcasting) via Af
Sent: Wednesday, December 03, 2014 4:12 PM
To: af@afmug.com<mailto:af@afmug.com>
Subject: Re: [AFMUG] N00b question

MCX

On 12/3/2014 6:03 PM, Timothy D. McNabb via Af wrote:
For the connectorized FSK AP�s, what is the bulkhead connection type mounted 
on the AP? The opposite end is an N connector (that connects to the antenna) 
but I don�t what the connector type is used for the board -> pigtail? I think 
it is an SMP connector but wanted to ask to be sure.
�
For reference it is the same connector that attaches to the GPS module of a 
CMM4 to the N-connector passthrough box or whatever that silver block is.
�
Timothy McNabb
Network Administrator
Velociter Wireless, Inc
(209)838-1221 x107
�

Re: [AFMUG] N00b question

[Timothy D. McNabb via Af]

So now that I know the cable, any recommendations for good cable builders for 
custom lengths? Needs to be UV rated, able to withstand the elements and low 
impedance (50ohm).

-Tim

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Timothy D. McNabb via Af
Sent: Wednesday, December 03, 2014 4:14 PM
To: af@afmug.com
Subject: Re: [AFMUG] N00b question

Thanks George!

-Tim

From: Af [mailto:af-boun...@afmug.com] On Behalf Of George Skorup (Cyber 
Broadcasting) via Af
Sent: Wednesday, December 03, 2014 4:12 PM
To: af@afmug.com<mailto:af@afmug.com>
Subject: Re: [AFMUG] N00b question

MCX

On 12/3/2014 6:03 PM, Timothy D. McNabb via Af wrote:
For the connectorized FSK AP�s, what is the bulkhead connection type mounted 
on the AP? The opposite end is an N connector (that connects to the antenna) 
but I don�t what the connector type is used for the board -> pigtail? I think 
it is an SMP connector but wanted to ask to be sure.
�
For reference it is the same connector that attaches to the GPS module of a 
CMM4 to the N-connector passthrough box or whatever that silver block is.
�
Timothy McNabb
Network Administrator
Velociter Wireless, Inc
(209)838-1221 x107
�

Re: [AFMUG] N00b question

[Timothy D. McNabb via Af]

Thanks George!

-Tim

From: Af [mailto:af-boun...@afmug.com] On Behalf Of George Skorup (Cyber 
Broadcasting) via Af
Sent: Wednesday, December 03, 2014 4:12 PM
To: af@afmug.com
Subject: Re: [AFMUG] N00b question

MCX

On 12/3/2014 6:03 PM, Timothy D. McNabb via Af wrote:
For the connectorized FSK AP�s, what is the bulkhead connection type mounted 
on the AP? The opposite end is an N connector (that connects to the antenna) 
but I don�t what the connector type is used for the board -> pigtail? I think 
it is an SMP connector but wanted to ask to be sure.
�
For reference it is the same connector that attaches to the GPS module of a 
CMM4 to the N-connector passthrough box or whatever that silver block is.
�
Timothy McNabb
Network Administrator
Velociter Wireless, Inc
(209)838-1221 x107
�

Re: [AFMUG] N00b question

[Timothy D. McNabb via Af]

Or might be an MCX connector? :(

-Tim

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Timothy D. McNabb via Af
Sent: Wednesday, December 03, 2014 4:03 PM
To: af@afmug.com
Subject: [AFMUG] N00b question

For the connectorized FSK AP's, what is the bulkhead connection type mounted on 
the AP? The opposite end is an N connector (that connects to the antenna) but I 
don't what the connector type is used for the board -> pigtail? I think it is 
an SMP connector but wanted to ask to be sure.

For reference it is the same connector that attaches to the GPS module of a 
CMM4 to the N-connector passthrough box or whatever that silver block is.

Timothy McNabb
Network Administrator
Velociter Wireless, Inc
(209)838-1221 x107

[AFMUG] N00b question

[Timothy D. McNabb via Af]

For the connectorized FSK AP's, what is the bulkhead connection type mounted on 
the AP? The opposite end is an N connector (that connects to the antenna) but I 
don't what the connector type is used for the board -> pigtail? I think it is 
an SMP connector but wanted to ask to be sure.

For reference it is the same connector that attaches to the GPS module of a 
CMM4 to the N-connector passthrough box or whatever that silver block is.

Timothy McNabb
Network Administrator
Velociter Wireless, Inc
(209)838-1221 x107

[AFMUG] Router alternatives

[Timothy D. McNabb via Af]

Does anyone know of any decent medium-cost routing solutions out there that 
handle PPPoE, BGP etc that do not involve Mikrotik, Cisco, Juniper or 
Imagestream?

Before I start needle-searching through the haystack, I was curious to know 
what you guys have had experience with that works or worked well. We're not 
necessarily going to replace the equipment we have but I am investigating what 
is out there for the time being.

Timothy McNabb
Network Administrator
Velociter Wireless, Inc
(209)838-1221 x107

Re: [AFMUG] Cambium 450 13.2 issues

[Timothy D. McNabb via Af]

Fair enough. We don’t manually input the DNS into the radios to give us the 
flexibility of control over the SM’s DNS without having to mass edit in the 
future. Albeit we haven’t changed DNS server IP in several years, but in the 
off chance something needs to be put up temporarily, we’d like to be prepared.

I did notice changing a couple of SM’s to DNS Proxy enabled worked out well for 
the customers affected. It didn’t seem to be everyone but we had several. 
Disabled appears to be the default method when upgrading the firmware but I 
hadn’t been through enough SM’s prior to the rollback (where in I checked this 
particular setting) to confirm.

It was still pretty unsettling to see the decrease in modulation. Considering 
that the total throughput available on the AP is based on the modulation rate 
of the SM’s (we aspire to at least maintain a minimum of 8x/4x per SM), it’s 
disappointing to see the behavior of the radios as they were after the upgrade. 
We had a few SM’s that went from 8x/4x to 8x/2x, even a couple of 8x/6x that 
dropped lower.

-Tim

PS – OT, I hope everyone had a happy turkey-day and has hopefully avoided a 
good chunk of the BF shenanigans

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Bill Prince via Af
Sent: Wednesday, November 26, 2014 6:35 PM
To: af@afmug.com
Subject: Re: [AFMUG] Cambium 450 13.2 issues

We do similar and are not seeing any issues on 13.2.

When our SMs are in NAT mode, they get the DNS servers from their DHCP server, 
and propagate the DNS server addresses to their clients.  I have not seen one 
instance of this not working; and we have quite a few on 13.2 now.

Likewise, we also upgraded the SMs first, then the APs.  Works as advertised.



--

bp




On 11/26/2014 4:57 PM, Ken Hohhof via Af wrote:
It’s a choice you make, do you want the SM to hand its own address out via DHCP 
and act as the DNS server, or do you want the SM to hand out your DNS server IP 
addresses via DHCP?  We do the latter, and manually enter those DNS server 
addresses into the SM.  Most of our residential customers have their own WiFi 
router behind the SM, this way it gets handed our DNS server addresses and 
probably acts as a DNS proxy itself.

But that is just our preferred way of setting it up.  I don’t believe any of 
this has changed since many FW versions ago on PMP100.

The reason I asked was, if you are disabling DNS proxy on the SM, then you are 
using the same configuration we are and I am surprised that 13.2 broke it for 
you.  If you are enabling DNS proxy, I don’t think we do that anywhere, so I 
would be unaware if 13.2 broke it.


From: Timothy D. McNabb via Af<mailto:af@afmug.com>
Sent: Wednesday, November 26, 2014 6:27 PM
To: af@afmug.com<mailto:af@afmug.com>
Subject: Re: [AFMUG] Cambium 450 13.2 issues

It’s set to the default upon flashing, which appears to be disabled.

TBH if it is something that should be enabled, then it should have been by 
default with the release IMHO.

-Tim

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Ken Hohhof via Af
Sent: Wednesday, November 26, 2014 4:18 PM
To: af@afmug.com<mailto:af@afmug.com>
Subject: Re: [AFMUG] Cambium 450 13.2 issues

You have DNS Server Proxy enabled or disabled on the SM?

From: Timothy D. McNabb via Af<mailto:af@afmug.com>
Sent: Wednesday, November 26, 2014 6:09 PM
To: af@afmug.com<mailto:af@afmug.com>
Subject: [AFMUG] Cambium 450 13.2 issues

We’ve seen a few issues with the new 13.2 firmware for the 5.4/5.7 450 
equipment. Here is the bucket list –


· If an AP is on 13.2, but an SM is on 13.1.3, there is the possibility 
that the SM cannot update because it is stuck in 8x/1x mode and throughput is 
significantly decreased. Manually going to the customer site and updating can 
bring the radio back up

· In some cases, SM’s after the update come back online with a better 
signal but a decreased throughput and modulation rate than what was previously 
viewed on 13.1.3

· Behind a NAT’d SM, it does not appear that DNS is being properly 
passed by the SM to a customer’s router. Manually setting the customers router 
to our DNS servers (instead of relying on the NAT’d IP address) appears to 
resolve the issue. Manually setting the DNS IP address to the NAT’d SM’s IP 
does not resolve the issue.

We have since rolled back from 13.2 to 13.1.3 which was stable with our 
particular network configuration. I have no intention of rolling forward to 
13.2 again for Cambium testing purposes (sorry guys) however I would be able to 
answer any specific details to our configuration if it is helpful.

Timothy McNabb
Network Administrator
Velociter Wireless, Inc
(209)838-1221 x107

Re: [AFMUG] Cambium 450 13.2 issues

[Timothy D. McNabb via Af]

It’s set to the default upon flashing, which appears to be disabled.

TBH if it is something that should be enabled, then it should have been by 
default with the release IMHO.

-Tim

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Ken Hohhof via Af
Sent: Wednesday, November 26, 2014 4:18 PM
To: af@afmug.com
Subject: Re: [AFMUG] Cambium 450 13.2 issues

You have DNS Server Proxy enabled or disabled on the SM?

From: Timothy D. McNabb via Af<mailto:af@afmug.com>
Sent: Wednesday, November 26, 2014 6:09 PM
To: af@afmug.com<mailto:af@afmug.com>
Subject: [AFMUG] Cambium 450 13.2 issues

We’ve seen a few issues with the new 13.2 firmware for the 5.4/5.7 450 
equipment. Here is the bucket list –


· If an AP is on 13.2, but an SM is on 13.1.3, there is the possibility 
that the SM cannot update because it is stuck in 8x/1x mode and throughput is 
significantly decreased. Manually going to the customer site and updating can 
bring the radio back up

· In some cases, SM’s after the update come back online with a better 
signal but a decreased throughput and modulation rate than what was previously 
viewed on 13.1.3

· Behind a NAT’d SM, it does not appear that DNS is being properly 
passed by the SM to a customer’s router. Manually setting the customers router 
to our DNS servers (instead of relying on the NAT’d IP address) appears to 
resolve the issue. Manually setting the DNS IP address to the NAT’d SM’s IP 
does not resolve the issue.

We have since rolled back from 13.2 to 13.1.3 which was stable with our 
particular network configuration. I have no intention of rolling forward to 
13.2 again for Cambium testing purposes (sorry guys) however I would be able to 
answer any specific details to our configuration if it is helpful.

Timothy McNabb
Network Administrator
Velociter Wireless, Inc
(209)838-1221 x107

[AFMUG] Cambium 450 13.2 issues

[Timothy D. McNabb via Af]

We've seen a few issues with the new 13.2 firmware for the 5.4/5.7 450 
equipment. Here is the bucket list -


* If an AP is on 13.2, but an SM is on 13.1.3, there is the possibility 
that the SM cannot update because it is stuck in 8x/1x mode and throughput is 
significantly decreased. Manually going to the customer site and updating can 
bring the radio back up

* In some cases, SM's after the update come back online with a better 
signal but a decreased throughput and modulation rate than what was previously 
viewed on 13.1.3

* Behind a NAT'd SM, it does not appear that DNS is being properly 
passed by the SM to a customer's router. Manually setting the customers router 
to our DNS servers (instead of relying on the NAT'd IP address) appears to 
resolve the issue. Manually setting the DNS IP address to the NAT'd SM's IP 
does not resolve the issue.

We have since rolled back from 13.2 to 13.1.3 which was stable with our 
particular network configuration. I have no intention of rolling forward to 
13.2 again for Cambium testing purposes (sorry guys) however I would be able to 
answer any specific details to our configuration if it is helpful.

Timothy McNabb
Network Administrator
Velociter Wireless, Inc
(209)838-1221 x107

[AFMUG] 450 onBoard sync vs CMM4 sync

[Timothy D. McNabb via Af]

Is it possible that a 450 AP's internal GPS sync would/could conflict with the 
GPS sync of a CMM4? Shouldn't they continue to work together? I'm feeling out a 
problem we're seeing and I want to rule out sync as the cause.

Timothy McNabb
Network Administrator
Velociter Wireless, Inc
(209)838-1221 x107

Re: [AFMUG] UFO invades canopy link

[Timothy D. McNabb via Af]

I can’t tell if it is an African or European Swallow.

-Tim

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Jaime Solorza via Af
Sent: Thursday, November 13, 2014 12:34 PM
To: Animal Farm
Subject: Re: [AFMUG] UFO invades canopy link

Damn...I hope you have encryption...No free service...everyone payswhere 
was it taken

Jaime Solorza
Wireless Systems Architect
915-861-1390

On Thu, Nov 13, 2014 at 11:40 AM, Matt Jenkins via Af 
mailto:af@afmug.com>> wrote:
One of our installers took this picture. It looks like a UFO flying in the path.

[AFMUG] CMM4 Sats tracked issue

[Timothy D. McNabb via Af]

I have a CMM4 running 8 AP's (3 450 5.4/5.7, 5 FSK @ 5.7) and experiencing an 
odd issue. Satellites seen stays up, fluctuating between 7-9 sats but the 
tracking has trouble fluctuating between 5-1. It spends most of its time in 2D 
fix, will 3D fix when it's tracking 4 sats and will report bad geometry at 2 
sats. I suspect placement on the tower is the issue and it is having trouble 
maintaining the lock. It's on the latest firmware (3.0). I'm going to suggest 
we attempt to relocate the CMM4 to have a clearer view of the sky but wanted to 
ping you guys for some input.

What do you think? Is the CMM4 failing or is this an (n)LOS issue?

Timothy McNabb
Network Administrator
Velociter Wireless, Inc
(209)838-1221 x107

Re: [AFMUG] Dragonwave latency issues

[Timothy D. McNabb via Af]

I did some checking and there was a new firmware released in 2014 that 
specifically addresses the unmanageable/no ping issue we’re seeing specific to 
our model (J9660A). Takes care of some other stuff too (mentioned in release 
notes). We’ll be updating the firmware after a reboot off-peak. Latest revision 
is 1.18PK, I’m pretty sure the revision we are on is 1.15PK. Figured it was 
worth sharing if you’re running similar switches Josh.

-Tim

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Timothy D. McNabb via Af
Sent: Friday, October 24, 2014 2:32 PM
To: af@afmug.com
Subject: Re: [AFMUG] Dragonwave latency issues

Hard to say. It can’t be managed or pinged right now. But it is still active 
and working which is strange.

We had this happen once or twice before. Updated the firmware and haven’t had a 
problem in a while.

-Tim

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Josh Reynolds via Af
Sent: Friday, October 24, 2014 1:53 PM
To: af@afmug.com<mailto:af@afmug.com>
Subject: Re: [AFMUG] Dragonwave latency issues

Is it possible the v1810 is seeing large amounts of multicast or broadcast 
traffic that could saturate the CPU? You said you were unable to manage it, 
correct?

Josh Reynolds, Chief Information Officer
SPITwSPOTS, www.spitwspots.com<http://www.spitwspots.com>
On 10/24/2014 12:34 PM, Timothy D. McNabb via Af wrote:
The one malfunctioning is a V1810-48G. The one I put together to replace for 
the trunking as temp is a 2824. The other side is J4904A.

All of our switches of various models we have purchased are managed and support 
Dynamic LACP and link aggregation. The interfaces and cooling (fan vs fanless) 
are the only differences in the ones we have. The older units run a Java GUI 
whereas the newer units have an HTTP setup.

-Tim

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Josh Reynolds via Af
Sent: Friday, October 24, 2014 12:25 PM
To: af@afmug.com<mailto:af@afmug.com>
Subject: Re: [AFMUG] Dragonwave latency issues

Which model procurve? Many of them are very different.

Josh Reynolds, Chief Information Officer
SPITwSPOTS, www.spitwspots.com<http://www.spitwspots.com>
On 10/24/2014 11:13 AM, Timothy D. McNabb via Af wrote:
This is really cool. I’m going to check into this and see what I come up with ☺ 
Thanks for the input! I love what LACP does in theory, I know in some practices 
it’s not optimal and not everyone’s first choice. It is however the recommended 
method from DW and the only one they will support. :-P

A couple of things that continue to interest me is that the 48 port that is 
unmanageable. Assuming it is malfunctioning, by DEFAULT HP Procurve switches 
have dynamic LACP across all ports, preventing network loops automatically but 
also making it cumbersome to troubleshoot this particular issue. Knowing that, 
and the possibility of something running FUBAR on one of the switches, I think 
it’s quite possible that the LACP that was originally configured on the 
malfunctioning switch could be the culprit for the inbalance. I am programming 
a 24-port Procurve that we have as a spare to handle the trunk to test the 
theory.

The older Procurves have lots of options in regards to LACP (their console is 
very much like a Cisco) so I may be able to setup something similar to what 
you’re suggesting. I’ll update as I find out more.

Thanks for the discussion and I love the progression, getting lots of ideas 
from the conversation. ☺

Gino, unfortunately because of the Horizon Compact I don’t believe we have that 
option, at least not to get the full 800Mb/s (theoretical) from the radios ☹ 
It’s been awhile since I went through the manual for the setup, but I recall 
there were some negative aspects to linking the radios through port 2 or 
something along those lines.

And for Bill, since we’re running a large bridged network currently (but so 
happy we’re changing it soon!!) we’re not running any routers at the base of 
our towers. I agree totally if we were segmented that OSPF in combination with 
a few other protocols would handle the job and give us some other 
troubleshooting capabilities not available to us in our current config. Even 
packet captures would be cumbersome ☹

-Tim



From: Af [mailto:af-boun...@afmug.com] On Behalf Of Mark Radabaugh via Af
Sent: Friday, October 24, 2014 10:10 AM
To: af@afmug.com<mailto:af@afmug.com>
Subject: Re: [AFMUG] Dragonwave latency issues

Tim,

Obviously you want to fix the radio issue but I can give you a little advice on 
LACP.

The switch (or router) doing LACP can take various headers into account when 
doing the 'hashing' to decide how to send the flows.  If LACP is what you are 
stuck with (Gino suggested a layer 1 method) and you have control over the 
devices doing LACP take a look at the LACP Hashing options.   Typical options 
are MAC SRC/DST, MAC Src/Dst + L3 port, or some other options.If most of 
your traffic is flowing between two interfaces (a router at 

Re: [AFMUG] Dragonwave latency issues

[Timothy D. McNabb via Af]

Hard to say. It can’t be managed or pinged right now. But it is still active 
and working which is strange.

We had this happen once or twice before. Updated the firmware and haven’t had a 
problem in a while.

-Tim

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Josh Reynolds via Af
Sent: Friday, October 24, 2014 1:53 PM
To: af@afmug.com
Subject: Re: [AFMUG] Dragonwave latency issues

Is it possible the v1810 is seeing large amounts of multicast or broadcast 
traffic that could saturate the CPU? You said you were unable to manage it, 
correct?

Josh Reynolds, Chief Information Officer
SPITwSPOTS, www.spitwspots.com<http://www.spitwspots.com>
On 10/24/2014 12:34 PM, Timothy D. McNabb via Af wrote:
The one malfunctioning is a V1810-48G. The one I put together to replace for 
the trunking as temp is a 2824. The other side is J4904A.

All of our switches of various models we have purchased are managed and support 
Dynamic LACP and link aggregation. The interfaces and cooling (fan vs fanless) 
are the only differences in the ones we have. The older units run a Java GUI 
whereas the newer units have an HTTP setup.

-Tim

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Josh Reynolds via Af
Sent: Friday, October 24, 2014 12:25 PM
To: af@afmug.com<mailto:af@afmug.com>
Subject: Re: [AFMUG] Dragonwave latency issues

Which model procurve? Many of them are very different.

Josh Reynolds, Chief Information Officer
SPITwSPOTS, www.spitwspots.com<http://www.spitwspots.com>
On 10/24/2014 11:13 AM, Timothy D. McNabb via Af wrote:
This is really cool. I’m going to check into this and see what I come up with ☺ 
Thanks for the input! I love what LACP does in theory, I know in some practices 
it’s not optimal and not everyone’s first choice. It is however the recommended 
method from DW and the only one they will support. :-P

A couple of things that continue to interest me is that the 48 port that is 
unmanageable. Assuming it is malfunctioning, by DEFAULT HP Procurve switches 
have dynamic LACP across all ports, preventing network loops automatically but 
also making it cumbersome to troubleshoot this particular issue. Knowing that, 
and the possibility of something running FUBAR on one of the switches, I think 
it’s quite possible that the LACP that was originally configured on the 
malfunctioning switch could be the culprit for the inbalance. I am programming 
a 24-port Procurve that we have as a spare to handle the trunk to test the 
theory.

The older Procurves have lots of options in regards to LACP (their console is 
very much like a Cisco) so I may be able to setup something similar to what 
you’re suggesting. I’ll update as I find out more.

Thanks for the discussion and I love the progression, getting lots of ideas 
from the conversation. ☺

Gino, unfortunately because of the Horizon Compact I don’t believe we have that 
option, at least not to get the full 800Mb/s (theoretical) from the radios ☹ 
It’s been awhile since I went through the manual for the setup, but I recall 
there were some negative aspects to linking the radios through port 2 or 
something along those lines.

And for Bill, since we’re running a large bridged network currently (but so 
happy we’re changing it soon!!) we’re not running any routers at the base of 
our towers. I agree totally if we were segmented that OSPF in combination with 
a few other protocols would handle the job and give us some other 
troubleshooting capabilities not available to us in our current config. Even 
packet captures would be cumbersome ☹

-Tim



From: Af [mailto:af-boun...@afmug.com] On Behalf Of Mark Radabaugh via Af
Sent: Friday, October 24, 2014 10:10 AM
To: af@afmug.com<mailto:af@afmug.com>
Subject: Re: [AFMUG] Dragonwave latency issues

Tim,

Obviously you want to fix the radio issue but I can give you a little advice on 
LACP.

The switch (or router) doing LACP can take various headers into account when 
doing the 'hashing' to decide how to send the flows.  If LACP is what you are 
stuck with (Gino suggested a layer 1 method) and you have control over the 
devices doing LACP take a look at the LACP Hashing options.   Typical options 
are MAC SRC/DST, MAC Src/Dst + L3 port, or some other options.If most of 
your traffic is flowing between two interfaces (a router at each end) the MAC 
src/dst hashing sends everything over one of the links.   You want to find a 
hashing method that has more randomness to it.   In at least one case where we 
use that we had to resort to not using the LACP functionality the radio 
manufacturer provided and use the better LACP options in our Juniper and Cisco 
switches in order to make the traffic balance on the interfaces.

Mark


On 10/24/14, 12:38 PM, Timothy D. McNabb via Af wrote:
We have now been able to trace to the heart of the problem, though 
unfortunately still attempting to determine the cause. To give you a rough 
background, we have a main link that “bonds” 2 Dragonwaves

Re: [AFMUG] Dragonwave latency issues

[Timothy D. McNabb via Af]

Correction, the 2824 is a J4903A. Same thing, mostly…

-Tim

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Timothy D. McNabb via Af
Sent: Friday, October 24, 2014 1:35 PM
To: af@afmug.com
Subject: Re: [AFMUG] Dragonwave latency issues

The one malfunctioning is a V1810-48G. The one I put together to replace for 
the trunking as temp is a 2824. The other side is J4904A.

All of our switches of various models we have purchased are managed and support 
Dynamic LACP and link aggregation. The interfaces and cooling (fan vs fanless) 
are the only differences in the ones we have. The older units run a Java GUI 
whereas the newer units have an HTTP setup.

-Tim

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Josh Reynolds via Af
Sent: Friday, October 24, 2014 12:25 PM
To: af@afmug.com<mailto:af@afmug.com>
Subject: Re: [AFMUG] Dragonwave latency issues

Which model procurve? Many of them are very different.

Josh Reynolds, Chief Information Officer
SPITwSPOTS, www.spitwspots.com<http://www.spitwspots.com>
On 10/24/2014 11:13 AM, Timothy D. McNabb via Af wrote:
This is really cool. I’m going to check into this and see what I come up with ☺ 
Thanks for the input! I love what LACP does in theory, I know in some practices 
it’s not optimal and not everyone’s first choice. It is however the recommended 
method from DW and the only one they will support. :-P

A couple of things that continue to interest me is that the 48 port that is 
unmanageable. Assuming it is malfunctioning, by DEFAULT HP Procurve switches 
have dynamic LACP across all ports, preventing network loops automatically but 
also making it cumbersome to troubleshoot this particular issue. Knowing that, 
and the possibility of something running FUBAR on one of the switches, I think 
it’s quite possible that the LACP that was originally configured on the 
malfunctioning switch could be the culprit for the inbalance. I am programming 
a 24-port Procurve that we have as a spare to handle the trunk to test the 
theory.

The older Procurves have lots of options in regards to LACP (their console is 
very much like a Cisco) so I may be able to setup something similar to what 
you’re suggesting. I’ll update as I find out more.

Thanks for the discussion and I love the progression, getting lots of ideas 
from the conversation. ☺

Gino, unfortunately because of the Horizon Compact I don’t believe we have that 
option, at least not to get the full 800Mb/s (theoretical) from the radios ☹ 
It’s been awhile since I went through the manual for the setup, but I recall 
there were some negative aspects to linking the radios through port 2 or 
something along those lines.

And for Bill, since we’re running a large bridged network currently (but so 
happy we’re changing it soon!!) we’re not running any routers at the base of 
our towers. I agree totally if we were segmented that OSPF in combination with 
a few other protocols would handle the job and give us some other 
troubleshooting capabilities not available to us in our current config. Even 
packet captures would be cumbersome ☹

-Tim



From: Af [mailto:af-boun...@afmug.com] On Behalf Of Mark Radabaugh via Af
Sent: Friday, October 24, 2014 10:10 AM
To: af@afmug.com<mailto:af@afmug.com>
Subject: Re: [AFMUG] Dragonwave latency issues

Tim,

Obviously you want to fix the radio issue but I can give you a little advice on 
LACP.

The switch (or router) doing LACP can take various headers into account when 
doing the 'hashing' to decide how to send the flows.  If LACP is what you are 
stuck with (Gino suggested a layer 1 method) and you have control over the 
devices doing LACP take a look at the LACP Hashing options.   Typical options 
are MAC SRC/DST, MAC Src/Dst + L3 port, or some other options.If most of 
your traffic is flowing between two interfaces (a router at each end) the MAC 
src/dst hashing sends everything over one of the links.   You want to find a 
hashing method that has more randomness to it.   In at least one case where we 
use that we had to resort to not using the LACP functionality the radio 
manufacturer provided and use the better LACP options in our Juniper and Cisco 
switches in order to make the traffic balance on the interfaces.

Mark


On 10/24/14, 12:38 PM, Timothy D. McNabb via Af wrote:
We have now been able to trace to the heart of the problem, though 
unfortunately still attempting to determine the cause. To give you a rough 
background, we have a main link that “bonds” 2 Dragonwaves together to form one 
unit (using the dual radio mount). The DW manual states for this to work when 
doubling the throughput, it is required to use LACP trunking. We have this in 
place and it has been working fine up until recently. The trunk is still active 
(no network loop) however one radio is working more than the other, eventually 
saturating one of the two links and causing the latency. The second set of 
radios aren’t performing in terms of actual traffi

Re: [AFMUG] Dragonwave latency issues

[Timothy D. McNabb via Af]

The one malfunctioning is a V1810-48G. The one I put together to replace for 
the trunking as temp is a 2824. The other side is J4904A.

All of our switches of various models we have purchased are managed and support 
Dynamic LACP and link aggregation. The interfaces and cooling (fan vs fanless) 
are the only differences in the ones we have. The older units run a Java GUI 
whereas the newer units have an HTTP setup.

-Tim

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Josh Reynolds via Af
Sent: Friday, October 24, 2014 12:25 PM
To: af@afmug.com
Subject: Re: [AFMUG] Dragonwave latency issues

Which model procurve? Many of them are very different.

Josh Reynolds, Chief Information Officer
SPITwSPOTS, www.spitwspots.com<http://www.spitwspots.com>
On 10/24/2014 11:13 AM, Timothy D. McNabb via Af wrote:
This is really cool. I’m going to check into this and see what I come up with ☺ 
Thanks for the input! I love what LACP does in theory, I know in some practices 
it’s not optimal and not everyone’s first choice. It is however the recommended 
method from DW and the only one they will support. :-P

A couple of things that continue to interest me is that the 48 port that is 
unmanageable. Assuming it is malfunctioning, by DEFAULT HP Procurve switches 
have dynamic LACP across all ports, preventing network loops automatically but 
also making it cumbersome to troubleshoot this particular issue. Knowing that, 
and the possibility of something running FUBAR on one of the switches, I think 
it’s quite possible that the LACP that was originally configured on the 
malfunctioning switch could be the culprit for the inbalance. I am programming 
a 24-port Procurve that we have as a spare to handle the trunk to test the 
theory.

The older Procurves have lots of options in regards to LACP (their console is 
very much like a Cisco) so I may be able to setup something similar to what 
you’re suggesting. I’ll update as I find out more.

Thanks for the discussion and I love the progression, getting lots of ideas 
from the conversation. ☺

Gino, unfortunately because of the Horizon Compact I don’t believe we have that 
option, at least not to get the full 800Mb/s (theoretical) from the radios ☹ 
It’s been awhile since I went through the manual for the setup, but I recall 
there were some negative aspects to linking the radios through port 2 or 
something along those lines.

And for Bill, since we’re running a large bridged network currently (but so 
happy we’re changing it soon!!) we’re not running any routers at the base of 
our towers. I agree totally if we were segmented that OSPF in combination with 
a few other protocols would handle the job and give us some other 
troubleshooting capabilities not available to us in our current config. Even 
packet captures would be cumbersome ☹

-Tim



From: Af [mailto:af-boun...@afmug.com] On Behalf Of Mark Radabaugh via Af
Sent: Friday, October 24, 2014 10:10 AM
To: af@afmug.com<mailto:af@afmug.com>
Subject: Re: [AFMUG] Dragonwave latency issues

Tim,

Obviously you want to fix the radio issue but I can give you a little advice on 
LACP.

The switch (or router) doing LACP can take various headers into account when 
doing the 'hashing' to decide how to send the flows.  If LACP is what you are 
stuck with (Gino suggested a layer 1 method) and you have control over the 
devices doing LACP take a look at the LACP Hashing options.   Typical options 
are MAC SRC/DST, MAC Src/Dst + L3 port, or some other options.If most of 
your traffic is flowing between two interfaces (a router at each end) the MAC 
src/dst hashing sends everything over one of the links.   You want to find a 
hashing method that has more randomness to it.   In at least one case where we 
use that we had to resort to not using the LACP functionality the radio 
manufacturer provided and use the better LACP options in our Juniper and Cisco 
switches in order to make the traffic balance on the interfaces.

Mark


On 10/24/14, 12:38 PM, Timothy D. McNabb via Af wrote:
We have now been able to trace to the heart of the problem, though 
unfortunately still attempting to determine the cause. To give you a rough 
background, we have a main link that “bonds” 2 Dragonwaves together to form one 
unit (using the dual radio mount). The DW manual states for this to work when 
doubling the throughput, it is required to use LACP trunking. We have this in 
place and it has been working fine up until recently. The trunk is still active 
(no network loop) however one radio is working more than the other, eventually 
saturating one of the two links and causing the latency. The second set of 
radios aren’t performing in terms of actual traffic (signal is ok) but at most 
they’ve moved 200Mb/s even though they are licensed for 400Mbs.

The link with the LACP has more or less load-balanced itself in the past, 
however they are now performing very asymmetrical at this point with over a 
200Mb/s difference. I underst

Re: [AFMUG] Dragonwave latency issues

[Timothy D. McNabb via Af]

This is really cool. I’m going to check into this and see what I come up with ☺ 
Thanks for the input! I love what LACP does in theory, I know in some practices 
it’s not optimal and not everyone’s first choice. It is however the recommended 
method from DW and the only one they will support. :-P

A couple of things that continue to interest me is that the 48 port that is 
unmanageable. Assuming it is malfunctioning, by DEFAULT HP Procurve switches 
have dynamic LACP across all ports, preventing network loops automatically but 
also making it cumbersome to troubleshoot this particular issue. Knowing that, 
and the possibility of something running FUBAR on one of the switches, I think 
it’s quite possible that the LACP that was originally configured on the 
malfunctioning switch could be the culprit for the inbalance. I am programming 
a 24-port Procurve that we have as a spare to handle the trunk to test the 
theory.

The older Procurves have lots of options in regards to LACP (their console is 
very much like a Cisco) so I may be able to setup something similar to what 
you’re suggesting. I’ll update as I find out more.

Thanks for the discussion and I love the progression, getting lots of ideas 
from the conversation. ☺

Gino, unfortunately because of the Horizon Compact I don’t believe we have that 
option, at least not to get the full 800Mb/s (theoretical) from the radios ☹ 
It’s been awhile since I went through the manual for the setup, but I recall 
there were some negative aspects to linking the radios through port 2 or 
something along those lines.

And for Bill, since we’re running a large bridged network currently (but so 
happy we’re changing it soon!!) we’re not running any routers at the base of 
our towers. I agree totally if we were segmented that OSPF in combination with 
a few other protocols would handle the job and give us some other 
troubleshooting capabilities not available to us in our current config. Even 
packet captures would be cumbersome ☹

-Tim



From: Af [mailto:af-boun...@afmug.com] On Behalf Of Mark Radabaugh via Af
Sent: Friday, October 24, 2014 10:10 AM
To: af@afmug.com
Subject: Re: [AFMUG] Dragonwave latency issues

Tim,

Obviously you want to fix the radio issue but I can give you a little advice on 
LACP.

The switch (or router) doing LACP can take various headers into account when 
doing the 'hashing' to decide how to send the flows.  If LACP is what you are 
stuck with (Gino suggested a layer 1 method) and you have control over the 
devices doing LACP take a look at the LACP Hashing options.   Typical options 
are MAC SRC/DST, MAC Src/Dst + L3 port, or some other options.If most of 
your traffic is flowing between two interfaces (a router at each end) the MAC 
src/dst hashing sends everything over one of the links.   You want to find a 
hashing method that has more randomness to it.   In at least one case where we 
use that we had to resort to not using the LACP functionality the radio 
manufacturer provided and use the better LACP options in our Juniper and Cisco 
switches in order to make the traffic balance on the interfaces.

Mark


On 10/24/14, 12:38 PM, Timothy D. McNabb via Af wrote:
We have now been able to trace to the heart of the problem, though 
unfortunately still attempting to determine the cause. To give you a rough 
background, we have a main link that “bonds” 2 Dragonwaves together to form one 
unit (using the dual radio mount). The DW manual states for this to work when 
doubling the throughput, it is required to use LACP trunking. We have this in 
place and it has been working fine up until recently. The trunk is still active 
(no network loop) however one radio is working more than the other, eventually 
saturating one of the two links and causing the latency. The second set of 
radios aren’t performing in terms of actual traffic (signal is ok) but at most 
they’ve moved 200Mb/s even though they are licensed for 400Mbs.

The link with the LACP has more or less load-balanced itself in the past, 
however they are now performing very asymmetrical at this point with over a 
200Mb/s difference. I understand that LACP does not actively load balance but 
that’s what has been observed in the past. I suspect the issue is being caused 
by one of the switches doing the trunking (we just discovered it is 
unmanageable but still operating, again no network loop). It’s either that or 
the one leg of the link itself with the low bandwidth usage is not working 
properly despite indications otherwise.

We’ll investigate our theories but always looking for additional input ☺

-Tim

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Josh Reynolds via Af
Sent: Thursday, October 23, 2014 1:47 PM
To: af@afmug.com<mailto:af@afmug.com>
Subject: Re: [AFMUG] Dragonwave latency issues

You can do a bit more with metro-e style NIDS... those have the layer2 tools to 
do proper testing.

Josh Reynolds, Chief Information Officer
SPITwSPOTS, www.spi

Re: [AFMUG] Dragonwave latency issues

[Timothy D. McNabb via Af]

We have now been able to trace to the heart of the problem, though 
unfortunately still attempting to determine the cause. To give you a rough 
background, we have a main link that “bonds” 2 Dragonwaves together to form one 
unit (using the dual radio mount). The DW manual states for this to work when 
doubling the throughput, it is required to use LACP trunking. We have this in 
place and it has been working fine up until recently. The trunk is still active 
(no network loop) however one radio is working more than the other, eventually 
saturating one of the two links and causing the latency. The second set of 
radios aren’t performing in terms of actual traffic (signal is ok) but at most 
they’ve moved 200Mb/s even though they are licensed for 400Mbs.

The link with the LACP has more or less load-balanced itself in the past, 
however they are now performing very asymmetrical at this point with over a 
200Mb/s difference. I understand that LACP does not actively load balance but 
that’s what has been observed in the past. I suspect the issue is being caused 
by one of the switches doing the trunking (we just discovered it is 
unmanageable but still operating, again no network loop). It’s either that or 
the one leg of the link itself with the low bandwidth usage is not working 
properly despite indications otherwise.

We’ll investigate our theories but always looking for additional input ☺

-Tim

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Josh Reynolds via Af
Sent: Thursday, October 23, 2014 1:47 PM
To: af@afmug.com
Subject: Re: [AFMUG] Dragonwave latency issues

You can do a bit more with metro-e style NIDS... those have the layer2 tools to 
do proper testing.

Josh Reynolds, Chief Information Officer
SPITwSPOTS, www.spitwspots.com<http://www.spitwspots.com>
On 10/23/2014 12:37 PM, Eric Kuhnke via Af wrote:
it's going to be really hard to do any meaningful diagnostics with a layer 2 
switch on each end, not routers...  you could be seeing a broadcast flood of 
some type.

On Thu, Oct 23, 2014 at 1:10 PM, Timothy D. McNabb via Af 
mailto:af@afmug.com>> wrote:
Unfortunately there is no QoS and flow control is off on the switches ☹

Dragonwave was contacted as well. No determination yet though.

-Tim

From: Af [mailto:af-boun...@afmug.com<mailto:af-boun...@afmug.com>] On Behalf 
Of Peter Kranz via Af
Sent: Wednesday, October 22, 2014 1:36 PM

To: af@afmug.com<mailto:af@afmug.com>
Subject: Re: [AFMUG] Dragonwave latency issues

Backpressure from the switches in terms of flow-control can show as latency on 
dragonwave links.

Disable any QOS features on the dragonwave if you are using them.

Email dragonwave support

Peter Kranz
Founder/CEO - Unwired Ltd
www.UnwiredLtd.com<http://www.unwiredltd.com/>
Desk: 510-868-1614 x100
Mobile: 510-207-
pkr...@unwiredltd.com<mailto:pkr...@unwiredltd.com>

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Timothy D. McNabb via Af
Sent: Wednesday, October 22, 2014 1:15 PM
To: af@afmug.com<mailto:af@afmug.com>
Subject: Re: [AFMUG] Dragonwave latency issues

No routers between, just switches.

-Tim

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Paul Conlin via Af
Sent: Wednesday, October 22, 2014 12:22 PM
To: af@afmug.com<mailto:af@afmug.com>
Subject: Re: [AFMUG] Dragonwave latency issues

Could the routers at each end be the limiting factor?  What is their CPU 
utilization when the link is loaded?  What happens to latency if you stress the 
link at 200 Mbps with a speed test?  Those radios should be able to do close to 
400 Mbps all day long with no latency.

PC
Blaze Broadband


From: Af [mailto:af-boun...@afmug.com] On Behalf Of Joshua Heide via Af
Sent: Wednesday, October 22, 2014 3:06 PM
To: af@afmug.com<mailto:af@afmug.com>
Subject: Re: [AFMUG] Dragonwave latency issues

Yes it’s a horizon compact
Bandwidth of the unit is 400mbs
Bandwidth usage between 150-200mbs during peak hours.
No QOS
Yes during non-peak hours its sits at 1ms
SNR35.00 dB

From our prtg graphs this issues has started end of September and latency has 
gotten worse during peak times as we have deployed more 450 gear to that tower.
I currently have HAAM enabled on the link and it stays at 256qam unless we have 
some bad weather.


Josh Heide
Velociter Wireless
(office) 209-838-1221
(fax) 209-838-1800
www.velociter.net<http://www.velociter.net/>

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Bill Prince via Af
Sent: Wednesday, October 22, 2014 11:47 AM
To: af@afmug.com<mailto:af@afmug.com>
Subject: Re: [AFMUG] Dragonwave latency issues

So it's a Horizon Compact?

What is the total bandwidth, and what percentage are you using?  Have you set 
up any QOS?  180 ms sounds like a lot; especially when ours are typically less 
than 1 ms.

-38 is right in the game. What are the other parameters besides signal level?

bp
On 10/22/2014 11:18 AM, Joshua Heide via Af wrote:
We have a dragonwave that has la

Re: [AFMUG] Dragonwave latency issues

[Timothy D. McNabb via Af]

Unfortunately there is no QoS and flow control is off on the switches :(

Dragonwave was contacted as well. No determination yet though.

-Tim

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Peter Kranz via Af
Sent: Wednesday, October 22, 2014 1:36 PM
To: af@afmug.com
Subject: Re: [AFMUG] Dragonwave latency issues

Backpressure from the switches in terms of flow-control can show as latency on 
dragonwave links.

Disable any QOS features on the dragonwave if you are using them.

Email dragonwave support

Peter Kranz
Founder/CEO - Unwired Ltd
www.UnwiredLtd.com<http://www.unwiredltd.com/>
Desk: 510-868-1614 x100
Mobile: 510-207-
pkr...@unwiredltd.com<mailto:pkr...@unwiredltd.com>

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Timothy D. McNabb via Af
Sent: Wednesday, October 22, 2014 1:15 PM
To: af@afmug.com<mailto:af@afmug.com>
Subject: Re: [AFMUG] Dragonwave latency issues

No routers between, just switches.

-Tim

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Paul Conlin via Af
Sent: Wednesday, October 22, 2014 12:22 PM
To: af@afmug.com<mailto:af@afmug.com>
Subject: Re: [AFMUG] Dragonwave latency issues

Could the routers at each end be the limiting factor?  What is their CPU 
utilization when the link is loaded?  What happens to latency if you stress the 
link at 200 Mbps with a speed test?  Those radios should be able to do close to 
400 Mbps all day long with no latency.

PC
Blaze Broadband


From: Af [mailto:af-boun...@afmug.com] On Behalf Of Joshua Heide via Af
Sent: Wednesday, October 22, 2014 3:06 PM
To: af@afmug.com<mailto:af@afmug.com>
Subject: Re: [AFMUG] Dragonwave latency issues

Yes it's a horizon compact
Bandwidth of the unit is 400mbs
Bandwidth usage between 150-200mbs during peak hours.
No QOS
Yes during non-peak hours its sits at 1ms
SNR35.00 dB

>From our prtg graphs this issues has started end of September and latency has 
>gotten worse during peak times as we have deployed more 450 gear to that tower.
I currently have HAAM enabled on the link and it stays at 256qam unless we have 
some bad weather.


Josh Heide
Velociter Wireless
(office) 209-838-1221
(fax) 209-838-1800
www.velociter.net<http://www.velociter.net/>

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Bill Prince via Af
Sent: Wednesday, October 22, 2014 11:47 AM
To: af@afmug.com<mailto:af@afmug.com>
Subject: Re: [AFMUG] Dragonwave latency issues

So it's a Horizon Compact?

What is the total bandwidth, and what percentage are you using?  Have you set 
up any QOS?  180 ms sounds like a lot; especially when ours are typically less 
than 1 ms.

-38 is right in the game. What are the other parameters besides signal level?

bp
On 10/22/2014 11:18 AM, Joshua Heide via Af wrote:
We have a dragonwave that has latency issues that coincide with traffic peak 
times. As our traffic peaks so does that latency at 180ms. Any ideas that could 
cause this?

Signal is -38
Current HAAM Mode   hc50_364_256qam

Thanks,

Josh Heide
Velociter Wireless
(office) 209-838-1221
(fax) 209-838-1800
www.velociter.net<http://www.velociter.net/>

Re: [AFMUG] Dragonwave latency issues

[Timothy D. McNabb via Af]

No routers between, just switches.

-Tim

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Paul Conlin via Af
Sent: Wednesday, October 22, 2014 12:22 PM
To: af@afmug.com
Subject: Re: [AFMUG] Dragonwave latency issues

Could the routers at each end be the limiting factor?  What is their CPU 
utilization when the link is loaded?  What happens to latency if you stress the 
link at 200 Mbps with a speed test?  Those radios should be able to do close to 
400 Mbps all day long with no latency.

PC
Blaze Broadband


From: Af [mailto:af-boun...@afmug.com] On Behalf Of Joshua Heide via Af
Sent: Wednesday, October 22, 2014 3:06 PM
To: af@afmug.com
Subject: Re: [AFMUG] Dragonwave latency issues

Yes it's a horizon compact
Bandwidth of the unit is 400mbs
Bandwidth usage between 150-200mbs during peak hours.
No QOS
Yes during non-peak hours its sits at 1ms
SNR35.00 dB

>From our prtg graphs this issues has started end of September and latency has 
>gotten worse during peak times as we have deployed more 450 gear to that tower.
I currently have HAAM enabled on the link and it stays at 256qam unless we have 
some bad weather.


Josh Heide
Velociter Wireless
(office) 209-838-1221
(fax) 209-838-1800
www.velociter.net

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Bill Prince via Af
Sent: Wednesday, October 22, 2014 11:47 AM
To: af@afmug.com
Subject: Re: [AFMUG] Dragonwave latency issues

So it's a Horizon Compact?

What is the total bandwidth, and what percentage are you using?  Have you set 
up any QOS?  180 ms sounds like a lot; especially when ours are typically less 
than 1 ms.

-38 is right in the game. What are the other parameters besides signal level?

bp
On 10/22/2014 11:18 AM, Joshua Heide via Af wrote:
We have a dragonwave that has latency issues that coincide with traffic peak 
times. As our traffic peaks so does that latency at 180ms. Any ideas that could 
cause this?

Signal is -38
Current HAAM Mode   hc50_364_256qam

Thanks,

Josh Heide
Velociter Wireless
(office) 209-838-1221
(fax) 209-838-1800
www.velociter.net

Re: [AFMUG] Speedtest replacements?

[Timothy D. McNabb via Af]

I would be interested in this as well Dennis. $500 seems fair.

-Tim

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Tushar Patel via Af
Sent: Wednesday, October 22, 2014 9:20 AM
To: af@afmug.com
Subject: Re: [AFMUG] Speedtest replacements?

Speedtest site has to sit on our network, so we eliminate any problem on the 
net and can show customer that it is performing within our network fine. 
Branable is must.

This is what ookla gives:


CLIENT IP ADDRESS

,CLIENT LOCATION,

TEST DATE

SERVER

,[download]DOWNLOAD

,[upload]UPLOAD

,[latency]LATENCY

,USER AGENT


Above is sufficient.

Thanks,
Tushar Patel
512-257-1077
www.westernbroadband.com<http://www.westernbroadband.com/>

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Dennis Burgess via Af
Sent: Wednesday, October 22, 2014 9:47 AM
To: af@afmug.com<mailto:af@afmug.com>
Subject: Re: [AFMUG] Speedtest replacements?

What kind of data do you want?  We were thinking a simple brandable speedtest 
site..

Dennis Burgess, CTO, Link Technologies, Inc.
den...@linktechs.net<mailto:den...@linktechs.net> – 314-735-0270 – 
www.linktechs.net<http://www.linktechs.net>

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Tushar Patel via Af
Sent: Wednesday, October 22, 2014 9:09 AM
To: af@afmug.com<mailto:af@afmug.com>
Subject: Re: [AFMUG] Speedtest replacements?

I would say one time price of about $500, all data saved on local mysql.  May 
charge operator for hosting if they want to do it that way. If you do come up 
with new upgrade then charge about $250 for upgrade.

Thanks,
Tushar Patel
512-257-1077
www.westernbroadband.com<http://www.westernbroadband.com/>

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Dennis Burgess via Af
Sent: Wednesday, October 22, 2014 7:28 AM
To: af@afmug.com<mailto:af@afmug.com>
Subject: Re: [AFMUG] Speedtest replacements?

It was, not anymore.  What would be a good cost that you would pay for? i.e. I 
was thinking of my team programming up one for WISPs ☺

Dennis Burgess, Link Technologies, Inc.
314-735-0270

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Jason McKemie via Af
Sent: Tuesday, October 21, 2014 10:38 PM
To: af@afmug.com<mailto:af@afmug.com>
Subject: Re: [AFMUG] Speedtest replacements?

Per the Mikrotik forums it looks like it is proprietary.

On Tue, Oct 21, 2014 at 9:18 PM, Bill Prince via Af 
mailto:af@afmug.com>> wrote:
Isn't the bandwidth test built into Mikrotik a variant of iperf?

bp
On 10/21/2014 7:00 PM, Keefe John via Af wrote:
We found speedtest.net<http://speedtest.net> to be very unreliable even though 
we have a server hosted in our datacenter.  We also run speedtest mini and it 
is not very reliable, especially for 25mbps or greater.  Iperf, however, works 
every time.
On 10/21/2014 7:09 PM, Jon Auer via Af wrote:
FWIW at one time we had three peers (no open internet/upstream to worry about) 
running speedtest.net<http://speedtest.net> servers and still saw a lot of 
variation in performance.
The server on a network run by a world-famous optimization nerd reported much 
higher speeds and more consistent results than the one run by the fellow WISP 
or the one run by a IT consultant...

On Tue, Oct 21, 2014 at 5:36 PM, Mike Hammett via Af 
mailto:af@afmug.com>> wrote:
If your upstreams suck, your customer's speedtests should reflect that  and 
be addressed.


-
Mike Hammett
Intelligent Computing Solutions
http://www.ics-il.com

[http://www.ics-il.com/images/fbicon.png]<https://www.facebook.com/ICSIL>[http://www.ics-il.com/images/googleicon.png]<https://plus.google.com/+IntelligentComputingSolutionsDeKalb>[http://www.ics-il.com/images/linkedinicon.png]<https://www.linkedin.com/company/intelligent-computing-solutions>[http://www.ics-il.com/images/twittericon.png]<https://twitter.com/ICSIL>

From: "Timothy D. McNabb via Af" mailto:af@afmug.com>>
To: af@afmug.com<mailto:af@afmug.com>
Sent: Tuesday, October 21, 2014 5:15:06 PM
Subject: Re: [AFMUG] Speedtest replacements?
I hate to necro an old thread, but has anyone devised an alternative? We’re 
looking at the same dilemma of our own speedtest. It’s always been nice to have 
the Ookla speedtest not just in terms of performance, but the ability to 
reference actual results as well (since customers sometimes misinterpret the 
results). From the other speedtests mentioned 
(speedtest.io<http://speedtest.io> and openspeedtest) it appears that neither 
are something you can install on a local machine. Our personal preference is so 
customers can see what their speeds are within our control (the speedtest 
server is right next to our upstreams).

-Tim

From: Af 
[mailto:af-bounces+tim<mailto:af-bounces%2Btim>=velociter@afmug.com<mailto:velociter@afmug.com>]
 On Behalf Of Tushar Patel via Af
Sent: Tuesday, September 23, 2014 7:55 PM
To: af@afmug.com<mai

Re: [AFMUG] Speedtest replacements?

[Timothy D. McNabb via Af]

I have seen this. Annoys me seeing them on the reports. Speedtest every 30 
seconds lol.

-Tim

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Jason McKemie via Af
Sent: Wednesday, October 22, 2014 9:01 AM
To: af@afmug.com
Subject: Re: [AFMUG] Speedtest replacements?

That would be nice as well.  I also like the idea of limiting how many times 
these can be run in a given time period, some people do have a tendency to sit 
there and test until they get the result they're looking for.

On Wed, Oct 22, 2014 at 10:52 AM, Mike Hammett via Af 
mailto:af@afmug.com>> wrote:
Forward and reverse traceroutes at the time of the test?


-
Mike Hammett
Intelligent Computing Solutions
http://www.ics-il.com

[http://www.ics-il.com/images/fbicon.png]<https://www.facebook.com/ICSIL>[http://www.ics-il.com/images/googleicon.png]<https://plus.google.com/+IntelligentComputingSolutionsDeKalb>[http://www.ics-il.com/images/linkedinicon.png]<https://www.linkedin.com/company/intelligent-computing-solutions>[http://www.ics-il.com/images/twittericon.png]<https://twitter.com/ICSIL>

From: "Jason McKemie via Af" mailto:af@afmug.com>>
To: af@afmug.com<mailto:af@afmug.com>
Sent: Wednesday, October 22, 2014 10:40:12 AM

Subject: Re: [AFMUG] Speedtest replacements?

Time, date, speed test results, IP address, etc.

On Wednesday, October 22, 2014, Dennis Burgess via Af 
mailto:af@afmug.com>> wrote:
What kind of data do you want?  We were thinking a simple brandable speedtest 
site..

Dennis Burgess, CTO, Link Technologies, Inc.
den...@linktechs.net<mailto:den...@linktechs.net> – 
314-735-0270 – www.linktechs.net<http://www.linktechs.net>

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Tushar Patel via Af
Sent: Wednesday, October 22, 2014 9:09 AM
To: af@afmug.com<mailto:af@afmug.com>
Subject: Re: [AFMUG] Speedtest replacements?

I would say one time price of about $500, all data saved on local mysql.  May 
charge operator for hosting if they want to do it that way. If you do come up 
with new upgrade then charge about $250 for upgrade.

Thanks,
Tushar Patel
512-257-1077
www.westernbroadband.com<http://www.westernbroadband.com/>

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Dennis Burgess via Af
Sent: Wednesday, October 22, 2014 7:28 AM
To: af@afmug.com<mailto:af@afmug.com>
Subject: Re: [AFMUG] Speedtest replacements?

It was, not anymore.  What would be a good cost that you would pay for? i.e. I 
was thinking of my team programming up one for WISPs ☺

Dennis Burgess, Link Technologies, Inc.
314-735-0270

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Jason McKemie via Af
Sent: Tuesday, October 21, 2014 10:38 PM
To: af@afmug.com<mailto:af@afmug.com>
Subject: Re: [AFMUG] Speedtest replacements?

Per the Mikrotik forums it looks like it is proprietary.

On Tue, Oct 21, 2014 at 9:18 PM, Bill Prince via Af 
mailto:af@afmug.com>> wrote:
Isn't the bandwidth test built into Mikrotik a variant of iperf?

bp
On 10/21/2014 7:00 PM, Keefe John via Af wrote:
We found speedtest.net<http://speedtest.net> to be very unreliable even though 
we have a server hosted in our datacenter.  We also run speedtest mini and it 
is not very reliable, especially for 25mbps or greater.  Iperf, however, works 
every time.
On 10/21/2014 7:09 PM, Jon Auer via Af wrote:
FWIW at one time we had three peers (no open internet/upstream to worry about) 
running speedtest.net<http://speedtest.net> servers and still saw a lot of 
variation in performance.
The server on a network run by a world-famous optimization nerd reported much 
higher speeds and more consistent results than the one run by the fellow WISP 
or the one run by a IT consultant...

On Tue, Oct 21, 2014 at 5:36 PM, Mike Hammett via Af 
mailto:af@afmug.com>> wrote:
If your upstreams suck, your customer's speedtests should reflect that  and 
be addressed.


-
Mike Hammett
Intelligent Computing Solutions
http://www.ics-il.com

[http://www.ics-il.com/images/fbicon.png]<https://www.facebook.com/ICSIL>[http://www.ics-il.com/images/googleicon.png]<https://plus.google.com/+IntelligentComputingSolutionsDeKalb>[http://www.ics-il.com/images/linkedinicon.png]<https://www.linkedin.com/company/intelligent-computing-solutions>[http://www.ics-il.com/images/twittericon.png]<https://twitter.com/ICSIL>

From: "Timothy D. McNabb via Af" mailto:af@afmug.com>>
To: af@afmug.com<mailto:af@afmug.com>
Sent: Tuesday, October 21, 2014 5:15:06 PM
Subject: Re: [AFMUG] Speedtest replacements?
I hate to necro an old thread, but has anyone devised an alternative? We’re 
looking at the same dilemma of our own speedtest. It’s always been nice to have 
the Ookla speedtest not just in terms of performance, but the ability to 
reference actual results as well (since customers some

Re: [AFMUG] Speedtest replacements?

[Timothy D. McNabb via Af]

I'm not sure why this diverted to upstream providers over a viable self-hosted 
speedtest?

Regardless if your upstream sucks or not, you cannot control the bandwidth 
availability (or reliability) of some anonymous speed test server you yourself 
do not control.

-Tim

-Original Message-
From: Af [mailto:af-boun...@afmug.com] On Behalf Of Seth Mattinen via Af
Sent: Tuesday, October 21, 2014 4:23 PM
To: af@afmug.com
Subject: Re: [AFMUG] Speedtest replacements?

On 10/21/14, 16:19, Ken Hohhof via Af wrote:
> 1)  You are responsible if your upstream sucks.


Why wouldn't you be?

https://www.youtube.com/watch?v=0H3rdfI28s0

Re: [AFMUG] Speedtest replacements?

[Timothy D. McNabb via Af]

I hate to necro an old thread, but has anyone devised an alternative? We’re 
looking at the same dilemma of our own speedtest. It’s always been nice to have 
the Ookla speedtest not just in terms of performance, but the ability to 
reference actual results as well (since customers sometimes misinterpret the 
results). From the other speedtests mentioned (speedtest.io and openspeedtest) 
it appears that neither are something you can install on a local machine. Our 
personal preference is so customers can see what their speeds are within our 
control (the speedtest server is right next to our upstreams).

-Tim

From: Af [mailto:af-bounces+tim=velociter@afmug.com] On Behalf Of Tushar 
Patel via Af
Sent: Tuesday, September 23, 2014 7:55 PM
To: af@afmug.com
Subject: Re: [AFMUG] Speedtest replacements?

May be we will try that. But as a speedtest product from ookla, I am surprised 
there isn't really good competing product in the market. One would think there 
should be market for such product. No wonder they are raising the price.

Tushar


On Sep 23, 2014, at 8:23 PM, "Forrest Christian (List Account) via Af" 
mailto:af@afmug.com>> wrote:
Why not just host a speedtest.net server and have your 
customers test to it?

-forrest

On Tue, Sep 23, 2014 at 8:34 AM, Darren Shea via Af 
mailto:af@afmug.com>> wrote:
We currently host our own speedtest server using Ookla's speedtest technology, 
but Ookla is discontinuing the version we run, and
the licensing fees for the new version are very steep. I'm looking at 
alternatives, such as OpenSpeedTest and speed.io, but would
like to get some feedback on these if anyone is using them.

We once tried using Brandon Checkett's Fancy Speed Test, but the results 
display was not really in line with what we wanted.

Does anyone hosting their own, non-Ookla, speedtest server have some success 
stories or horror stories about particular packages?


Thank you,
  Darren

[AFMUG] Fiber recommentations

[Timothy D. McNabb via Af]

We're going to need to deploy a fiber connection from a new collo to where we 
are mounting our equipment on the tower. Picking a specific fiber is new to me, 
I was wondering what you guys recommend using when you need to deploy fiber up 
a tower? Are you using single or multi mode? What do you recommend that has 
worked for you and can withstand an outdoor environment?

Any information is helpful.

Regards,

Timothy McNabb
Network Administrator
Velociter Wireless, Inc
(209)838-1221 x107

Re: [AFMUG] Accedian/Performant/R-Flo woes

[Timothy D. McNabb via Af]

Does anyone here on the list use Performant Nurons/Mind combination? What did 
you find worked best?

-Tim

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Chris Wright via Af
Sent: Wednesday, October 15, 2014 5:00 PM
To: af@afmug.com
Subject: [AFMUG] Accedian/Performant/R-Flo woes

We've been sitting on a Performant Mind and four Nurons for almost a year now. 
They sat for six months, then I spent another six months tinkering with them 
here and there. Regardless of their EOL, we're looking to implement - but I'm 
running into the silliest of issues. I can't even get traffic from the Mind to 
a Nuron to pass without 20% packet loss. This is without any routing, wireless 
backhauls, nothing. Just a VLAN-tagged NIC plugged straight into the Mind, 
Ethernet from Mind to a Nuron (where the vlan "pops"), then Ethernet to a 
second computer.

I've replaced the SFP adapters, the nuron, and verified none of the Ethernet 
cables are bad by literally coupling them all down a line and going straight 
from computer 1 to computer 2. No issue there.

This, combined with the fact that this stuff is going to be EOL in three years, 
is maddening. My boss was under the impression that this should be able to 
seamlessly integrate into our star topology (nuron at every tower making a 
ring), but we can't even get basic LAN functions to work reliably.

Chris Wright
Velociter Wireless

Re: [AFMUG] Trango coming back to unlicensed pmp/ptp with ACbased system

[Timothy D. McNabb via Af]

Hide yo kids, hide yo wife ‘cuz Trango trying to sell crapware again.

-Tim

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Ken Hohhof via Af
Sent: Tuesday, October 14, 2014 7:29 AM
To: af@afmug.com
Subject: Re: [AFMUG] Trango coming back to unlicensed pmp/ptp with ACbased 
system

Are they shipping product, or just datasheets and Powerpoints?  Is it like 
Mimosa, and Cambium PTP450, announced but not seen in the wild?  Are objects in 
mirror closer than they appear?

Our industry needs a Steve Jobs, someone who announces the product you didn’t 
even know yet that you desperately needed, and has it in stores the next day.  
No, not the product you could already buy, but at a disruptive new price.  That 
would be like the OnePlus One – the phone you want but now you can afford it.

From: Travis Johnson via Af
Sent: Monday, October 13, 2014 9:37 PM
To: af@afmug.com
Subject: Re: [AFMUG] Trango coming back to unlicensed pmp/ptp with ACbased 
system

I would buy it right now if I was in the business. New frequency band (5.15 to 
5.25) and up to 40 clients and 600Mbps of throughput. What other product on the 
market can do that right now?

Travis
On 10/13/2014 6:44 PM, Ken Hohhof via Af wrote:
Who are they going to sell it to, with their direct sales model?  Remember how 
they went back and forth on that?

From: Tyler Treat via Af
Sent: Monday, October 13, 2014 7:15 PM
To: af@afmug.com
Subject: Re: [AFMUG] Trango coming back to unlicensed pmp/ptp with ACbased 
system

…you would think.   I know a guy that still thinks it’s the greatest thing 
ever….

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Jason McKemie via Af
Sent: Monday, October 13, 2014 7:07 PM
To: af@afmug.com
Subject: Re: [AFMUG] Trango coming back to unlicensed pmp/ptp with AC based 
system

I would think people would have a bad taste in their mouths from the way Trango 
previously handled ptmp.


On Monday, October 13, 2014, Gino Villarini via Af 
mailto:af@afmug.com>> wrote:
https://www.trangosys.com/news/introducing-new-altum-ac-outdoor-5x-ghz-wireless-system-integrated-wi-fi



Gino A. Villarini
President
Aeronet Wireless Broadband Corp.
www.aeronetpr.com
@aeronetpr

Re: [AFMUG] 477 deadline

[Timothy D. McNabb via Af]

That’s the old tech. There was a big gov’mint contract not too long ago where 
they upgraded to Pentium 60MHz chips and 16MB of RAM for their database 
handlers. I’m guessing the issues are related to learning the new gear.

-Tim

From: Af [mailto:af-boun...@afmug.com] On Behalf Of That One Guy via Af
Sent: Tuesday, October 14, 2014 7:38 AM
To: af@afmug.com
Subject: Re: [AFMUG] 477 deadline

it happenned right after we filed, Im assuming that our huge customer database 
overloaded their 486dx server, or they ran out of 5 1/4 floppies to offload

On Tue, Oct 14, 2014 at 9:34 AM, Ken Hohhof via Af 
mailto:af@afmug.com>> wrote:
I believe Steve Coran posted something (probably over at the WISPA list) about 
November.  I think it was based on ~2 weeks more addressing the mystery issue, 
and then 2 weeks notice for filers.

It would be nice if they were a little more transparent about the 
issue/incident/anomaly.  Was the data hacked?  Corrupted or lost?  Ran out of 
room and had to order more hard drives?  First time a telco tried to upload a 
million line CSV file it choked?


-Original Message- From: Adam Moffett via Af
Sent: Tuesday, October 14, 2014 9:22 AM
To: Animal Farm
Subject: [AFMUG] 477 deadline


So I had actually forgotten about the 477 after the technical problem on
the FCC site.  It looks like it's still broken though, so I guess I
didn't miss the boat yet.

Has anybody heard when it will be back up?




--
All parts should go together without forcing. You must remember that the parts 
you are reassembling were disassembled by you. Therefore, if you can't get them 
together again, there must be a reason. By all means, do not use a hammer. -- 
IBM maintenance manual, 1925

Re: [AFMUG] Belkin routers going nuts

[Timothy D. McNabb via Af]

I'd say quality with Linksys has been down the pipe for a couple years now 
(prior to the Belkin acquisition). Ever since the iteration of the 
E900/1200/1500/2500/etc routers.

We stopped recommending Linksys for some time. Too many problems with the WAN 
port on them. After a while the port starts to flap, disconnecting and 
reconnecting more often than they should. Sometimes you see CRC errors on the 
eth port of the radio, sometimes not but you do see high disconnect/reconnect 
counts on the eth port from those routers over time. 90% of the issue is always 
the same with those.

The day we stopped recommending Linksys, I've cringed every time I tell 
customers they can buy a Netgear at BB. They don't carry D-link but the only 
other reliable SOHO alternative you can buy in the store (I've found) is ASUS.

-Tim

-Original Message-
From: Af [mailto:af-boun...@afmug.com] On Behalf Of Bill Prince via Af
Sent: Tuesday, October 07, 2014 3:04 PM
To: af@afmug.com
Subject: Re: [AFMUG] Belkin routers going nuts

You know Belkin bought Linksys from Cisco earlier this year.  So for all 
intents and purposes, Linksys=Belkin.

Sure they claim that they are treating Linksys as a "wholy owned, independent 
entity", but how long do you expect that to last?

bp

On 10/7/2014 2:12 PM, Matt via Af wrote:
> We typically recommend Linksys for a home router.  Actually have had 
> decent luck with them plus by having mostly one brand out there its 
> easier to walk customers through things.  Refuse to sell routers right 
> now.  If it quits 30 miles away they expect a service call to go fix 
> it.
>
> Started experimenting with these as a managed router.
>
> http://routerboard.com/RBmAP2n
>
> With a crossover cable they will power up a Canopy SM.  Less cords to 
> get plugged in wrong.  Anyone else tried them?
>
>
>> We did not implement the “loopback” fix. Nor walking customers 
>> through *HOW* to manually change their DNS. I’d rather my customers 
>> buy a halfway decent router than their $25 Belkin piece of crap on our 
>> network.
>>
>>
>>
>> When customers ask me what router I recommend, I just tell them I 
>> DON’T recommend Belkin or Linksys. This just adds fuel to that fire.
>>
>>
>>
>> D-link DIR-655 ftw.
>>
>>
>>
>> -Tim
>>
>>
>>
>> From: Af [mailto:af-boun...@afmug.com] On Behalf Of That One Guy via 
>> Af
>> Sent: Tuesday, October 07, 2014 11:31 AM
>> To: af@afmug.com
>> Subject: Re: [AFMUG] Belkin routers going nuts
>>
>>
>>
>> "We are aware of reports of an interruption to internet service when 
>> using some Belkin routers with several internet service providers. "
>>
>>
>>
>> Man, that burns me, they word it in such a way they still dont take 
>> responsibility for it, the word sever is powerful in that it 
>> indicates not all, as in if you are on a different ISP it might work, 
>> which is totally true, if its an ISP that backdoors solutions and 
>> redirects all DNS
>>
>>
>>
>> On Tue, Oct 7, 2014 at 1:10 PM, Sam Kirsch via Af  wrote:
>>
>> Belkin posted up a workaround.  Not much better then the loop but at 
>> least its something you can direct customers to that makes it clear 
>> its not *your*
>> problem: https://belkininternationalinc.statuspage.io/
>>
>>
>>
>> Regards,
>>
>>
>>
>> -- Samuel Kirsch, Tech Support/Web Development/Sales Plexicomm - 
>> Internet Solutions | www.plexicomm.net
>> Office: 1.866.759.4678 x109 | Fax: 1.866.852.4688
>>
>> Emergency Support: 1.866.759.9713 | sam...@plexicomm.net
>>
>>
>>
>>
>>
>>
>>
>> -- Original Message --
>>
>> From: "That One Guy via Af" 
>>
>> To: "af@afmug.com" 
>>
>> Sent: 10/7/2014 1:04:53 PM
>>
>> Subject: Re: [AFMUG] Belkin routers going nuts
>>
>> Its a matter of principle, we all know belkin is junk, today only 
>> proves it further.
>>
>> By fixing it on your end, your customers dont experience the junk 
>> first hand
>>
>> They sing the praises of their shit router because youre behind the 
>> scenes fixing belkins fuckup
>>
>>
>>
>> Now they recomend them to their friends.
>>
>>
>>
>> So yes, you are in fact training your customers to make it your 
>> problem everytime
>>
>>
>>
>> On Tue, Oct 7, 2014 at 11:52 AM, Mathew Howard via Af  wrote:
>>
>> odd... when I first tried pinging it, we had a customer on the phone 
>> with the issue (as well as a few after that). I wonder if the routers 
>> needed to be rebooted after it came back up before they work.
>>
>> As long as the customers don't know you fixed it, there shouldn't 
>> really be much of a worry that customers will make it your problem in the 
>> future.
>>
>> 
>>
>> From: Af [af-boun...@afmug.com] on behalf of Tushar Patel via Af 
>> [af@afmug.com]
>> Sent: Tuesday, October 07, 2014 11:38 AM
>> To: af@afmug.com
>> Subject: Re: [AFMUG] Belkin routers going nuts
>>
>> We did  “torch” (one of the Mikrotik tools), that allows me to see 
>> the destination address of 67.20.176.130,  with protocol and the 
>> number of source address accessing that

Re: [AFMUG] Belkin routers going nuts

[Timothy D. McNabb via Af]

We did not implement the “loopback” fix. Nor walking customers through *HOW* to 
manually change their DNS. I’d rather my customers buy a halfway decent router 
than their $25 Belkin piece of crap on our network.

When customers ask me what router I recommend, I just tell them I DON’T 
recommend Belkin or Linksys. This just adds fuel to that fire.

D-link DIR-655 ftw.

-Tim

From: Af [mailto:af-boun...@afmug.com] On Behalf Of That One Guy via Af
Sent: Tuesday, October 07, 2014 11:31 AM
To: af@afmug.com
Subject: Re: [AFMUG] Belkin routers going nuts

"We are aware of reports of an interruption to internet service when using some 
Belkin routers with several internet service providers. "

Man, that burns me, they word it in such a way they still dont take 
responsibility for it, the word sever is powerful in that it indicates not all, 
as in if you are on a different ISP it might work, which is totally true, if 
its an ISP that backdoors solutions and redirects all DNS

On Tue, Oct 7, 2014 at 1:10 PM, Sam Kirsch via Af 
mailto:af@afmug.com>> wrote:
Belkin posted up a workaround.  Not much better then the loop but at least its 
something you can direct customers to that makes it clear its not *your* 
problem: https://belkininternationalinc.statuspage.io/

Regards,

-- Samuel Kirsch, Tech Support/Web Development/Sales
Plexicomm - Internet Solutions | www.plexicomm.net
Office: 1.866.759.4678 x109 | Fax: 
1.866.852.4688
Emergency Support: 1.866.759.9713 | 
sam...@plexicomm.net



-- Original Message --
From: "That One Guy via Af" mailto:af@afmug.com>>
To: "af@afmug.com" mailto:af@afmug.com>>
Sent: 10/7/2014 1:04:53 PM
Subject: Re: [AFMUG] Belkin routers going nuts
Its a matter of principle, we all know belkin is junk, today only proves it 
further.
By fixing it on your end, your customers dont experience the junk first hand
They sing the praises of their shit router because youre behind the scenes 
fixing belkins fuckup

Now they recomend them to their friends.

So yes, you are in fact training your customers to make it your problem 
everytime

On Tue, Oct 7, 2014 at 11:52 AM, Mathew Howard via Af 
mailto:af@afmug.com>> wrote:
odd... when I first tried pinging it, we had a customer on the phone with the 
issue (as well as a few after that). I wonder if the routers needed to be 
rebooted after it came back up before they work.

As long as the customers don't know you fixed it, there shouldn't really be 
much of a worry that customers will make it your problem in the future.

From: Af [af-boun...@afmug.com] on behalf of 
Tushar Patel via Af [af@afmug.com]
Sent: Tuesday, October 07, 2014 11:38 AM
To: af@afmug.com
Subject: Re: [AFMUG] Belkin routers going nuts
We did  “torch” (one of the Mikrotik tools), that allows me to see the 
destination address of 67.20.176.130,  with protocol and the number of source 
address accessing that. The number of source address trying to access that was 
very high. Since morning we must have taken over 20 to 25 calls on the subject. 
So from the resource stand point it was more efficient for us to implement 
loopback response then to keep taking the call. We did not tell any customers 
what we did to fix it.

How it works: it appears that those Belkin routers were just trying to ping the 
that ip address, so by putting loop back on our network, we are essentially 
responding to that ip address and that make the Belkin router happy.

As you mentioned below that you were able to ping it, earlier we were not able 
to ping that ip address, may be they have already fix the problem.

Thanks,
Tushar Patel
512-257-1077
www.westernbroadband.com

From: Af [mailto:af-boun...@afmug.com] On Behalf 
Of Mathew Howard via Af
Sent: Tuesday, October 07, 2014 11:18 AM
To: af@afmug.com
Subject: Re: [AFMUG] Belkin routers going nuts

Yeah... if I were to do something like that, I wouldn't let any customers know 
I did it... but I don't like messing with the network to fix things that aren't 
really my problem anyway, it would be nice to make those calls stop, but it 
doesn't seem worth it.

I'm still a bit confused how that is making it work anyway though, since I can 
ping that IP... how does putting it on an internal router make it work? for 
those who have done it, is your router giving any HTTP response on that IP?

From: Af [af-boun...@afmug.com] on behalf of That 
One Guy via Af [af@afmug.com]
Sent: Tuesday, October 07, 2014 11:06 AM
To: af@afmug.com
Subject: Re: [AFMUG] Belkin routers going nuts
that sounds alot like doing Belkins job for them, and guarantees from that 
point forward everytime a customer has any issue. "just do th

Re: [AFMUG] Belkin routers going nuts

[Timothy D. McNabb via Af]

Just had a customer that has one of the affected Belkin’s call in and stated 
it’s working now. YMMV but I wanted to pass it on.

-Tim

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Adam Moffett via Af
Sent: Tuesday, October 07, 2014 1:19 PM
To: af@afmug.com
Subject: Re: [AFMUG] Belkin routers going nuts

[cid:image001.jpg@01CFE236.C5CCABF0]
On 10/7/2014 4:10 PM, Jaime Solorza via Af wrote:

Star Wars really? Star Trek yes..Star Wars is for kids.

Jaime Solorza
On Oct 7, 2014 8:46 AM, "Ken Hohhof via Af" mailto:af@afmug.com>> 
wrote:
Tell them it’s like the Battle of Naboo where Anakin destroys the control ship 
and the droid army stops dead in its tracks.  Customer is like Jar Jar with 
quizzical look on face.


From: That One Guy via Af
Sent: Tuesday, October 07, 2014 9:32 AM
To: af@afmug.com
Subject: Re: [AFMUG] Belkin routers going nuts

Im so looking forward to these calls

On Tue, Oct 7, 2014 at 9:24 AM, Cassidy B. Larson via Af 
mailto:af@afmug.com>> wrote:
Someone suggested it's the auto firmware that rolled out today?

The twitter-verse has a lot of fun posts about it. Oh and:

http://www.reddit.com/r/technology/comments/2ik43h/belkin_firmware_update_1072014_crashing_many/

Someone else said that replacing the DNS settings on the internal machine to 
not use the ones handed out by the Belkin fixed their issue.

-c


On Oct 7, 2014, at 8:11 AM, Mark Radabaugh via Af 
mailto:af@afmug.com>> wrote:

> 13 customers so far today - all Belkin.
>
> Powned?
>
> Mark
>
> On 10/7/14, 10:04 AM, Darren Shea via Af wrote:
>> Is anyone else getting inundated with a flood of customers who can't connect 
>> to the internet through their Belkin routers this
>> morning?
>>   What's the deal with that?,
>>   Darren
>>
>>
>>
>
>
> --
> Mark Radabaugh
> Amplex
>
> m...@amplex.net  419.837.5015 x 
> 1021
>



--
All parts should go together without forcing. You must remember that the parts 
you are reassembling were disassembled by you. Therefore, if you can't get them 
together again, there must be a reason. By all means, do not use a hammer. -- 
IBM maintenance manual, 1925

Re: [AFMUG] DNS server for guys who dont want to be gurus

[Timothy D. McNabb via Af]

I’ve never had a problem using yum and CentOS, you are right that the packages 
don’t tend to be latest and greatest. You can added repos that support CentOS 
5/6 with the packages you are looking for, simplifying the process. My 
preference is still to use CentOS 5, the GNOME and KDE interfaces are both 
laughable on 6 (sad that the interface + packages have moved so closely to a 
desktop computer anymore). I’m not one to use the minimal install, but then 
again I selectively select the packages I desire to get the machine going and 
then add/remove software once it’s configured with an internet connection.

That One Guy, the honest and absolutely EASIEST way to setup BIND is grab 
CentOS 5, then install the Server package BIND. Additionally adding to the 
super-easiness, install a package called “system-config-bind”. You can use the 
search function to find it easy enough. Once everything is installed, go to 
terminal through the GUI and run “system-config-bind” by just typing and hit 
enter. It will bring up a pretty nifty and easy interface to allow you to 
customize a lot of your DNS server. Anything super-granular and you will need 
to run through manually editing config files, but this is enough to get brand 
new machines up and running.

We don’t run a slave-master setup so I can’t help you there. Both of ours are 
listed as authorative caching open recursion servers (ie they are both Masters) 
with an ACL that allows only our 3 /22’s to talk to them via udp.

AFAIK the package for system-config-bind is still non-existent as of this 
writing for CentOS 6.

-Tim


From: Af [mailto:af-boun...@afmug.com] On Behalf Of That One Guy via Af
Sent: Thursday, October 02, 2014 4:10 PM
To: af@afmug.com
Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus

I already have installed bind through webmin, it is a newer version, just by a 
couple revisions but the ubuntu one wont update any more
its BIND version 9.8.2
I can manually add the slave zone and test the transfer it updates from the 
master, I just assumed I should be able to add it as another slave and have it 
populate all the way

On Thu, Oct 2, 2014 at 5:30 PM, Ken Hohhof via Af 
mailto:af@afmug.com>> wrote:
You need a named.conf that defines the slave zones and the IP address of the 
master.

But first step is to download/compile/install the latest version of BIND, it’s 
actually quite easy.  I doubt you can get the version you want via yum update 
because CentOS is based on RHEL which is always a few steps behind.  Given the 
DNS attacks, you want the latest BIND.  You might then want to lock out the 
package from being updated by yum.


From: That One Guy via Af
Sent: Thursday, October 02, 2014 4:36 PM
To: af@afmug.com
Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus

So Im at a new Centos with webmin fresh bind install.
We have one master, one slave server
I have never set up bind, this was done before me.
If I were to take down the old slave server and bring this one up on its IP 
will the master update this one, or is there a config I need to move over. Im 
more comfotable doing the slave first.
These are all webmin, but the original is ubuntu and the new is centos

On Thu, Oct 2, 2014 at 2:00 PM, Paul Stewart via Af 
mailto:af@afmug.com>> wrote:
I always install CentOS bare bones …. “minimal server” is what the installation 
will call it.  This way you can install whatever you like after installation 
and not worry about removing many dozen packages you don’t need…

Just my preference anyways….

From: Af [mailto:af-boun...@afmug.com] On Behalf 
Of That One Guy via Af
Sent: Thursday, October 02, 2014 2:24 PM
To: af@afmug.com
Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus

2 questions in this
1. when running through the current centos installation, what do i select for 
the server type, for powercode it says select basic server
2. is there a guide for building dedicated centos servers based on server 
purpose? I assume there are packages I dont need to install if its only got 
this purpose

On Thu, Oct 2, 2014 at 1:13 PM, Paul Stewart via Af 
mailto:af@afmug.com>> wrote:
CentOS+BIND+Webmin ☺  I can’t remember but Usermin might be the part you’re 
looking for specific to users updating their own DNS…..



From: Af [mailto:af-boun...@afmug.com] On Behalf 
Of That One Guy via Af
Sent: Thursday, October 02, 2014 1:21 PM
To: af@afmug.com
Subject: [AFMUG] DNS server for guys who dont want to be gurus

Is there a good, simple package for locally hosted DNS Servers for people like 
me who dont want to get too far into managing the linux at a granular level? we 
are used to the webmin interface. It would be nice if it had the option to set 
up client accounts for some clients to manage their own DNS but not view 
others, but thats in no way a deal breaker

--
All pa

Re: [AFMUG] DNS server for guys who dont want to be gurus

[Timothy D. McNabb via Af]

This is how we do it as well. I tried doing it via iptables on the DNS servers 
and it cause more problems than it was worth. You can technically skip the 
iptables part and do the ACL which I thought was a ton easier.

-Tim

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Eric Kuhnke via Af
Sent: Thursday, October 02, 2014 10:49 AM
To: af@afmug.com
Subject: Re: [AFMUG] DNS server for guys who dont want to be gurus


not just iptables, you can do it in bind9
in your named.conf.options:

acl allowedclients {
10.20.20.0/24;
localhost;
localnets;
};

put your different netblocks in there, 10.20.20.0/24 is 
an example

then further down in the same file, this is an example from my ns1

options {
directory "/var/cache/bind";

// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk.  See http://www.kb.cert.org/vuls/id/800113

// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.

recursion yes;
notify yes;
allow-query { allowedclients; };
allow-transfer { ip.address.of.my.ns2; };

On Thu, Oct 2, 2014 at 10:27 AM, Sean Heskett via Af 
mailto:af@afmug.com>> wrote:
BIND is your friend.

i'd also set iptables to only allow queries from your network.



On Thu, Oct 2, 2014 at 11:20 AM, That One Guy via Af 
mailto:af@afmug.com>> wrote:
Is there a good, simple package for locally hosted DNS Servers for people like 
me who dont want to get too far into managing the linux at a granular level? we 
are used to the webmin interface. It would be nice if it had the option to set 
up client accounts for some clients to manage their own DNS but not view 
others, but thats in no way a deal breaker

--
All parts should go together without forcing. You must remember that the parts 
you are reassembling were disassembled by you. Therefore, if you can't get them 
together again, there must be a reason. By all means, do not use a hammer. -- 
IBM maintenance manual, 1925

Re: [AFMUG] Bash specially-crafted environment variablescodeinjection attack

[Timothy D. McNabb via Af]

TBH there is one thing I love most about a CentOS distro over Windows. 
IPTables. Windows firewall is pretty lame in comparison, with open ports you 
will “possibly” use. At least IP tables initially comes with a “block all” 
setup and you just go in and poke the tiny holes you need. Obviously a 
security-conscious person is going to shutdown system services you don’t need, 
but for the initial setup IPtables is pretty badass (and far more simple).

@Ken, I am in the same boat as you. We applied updates Thursday and again 
Friday for bash on our CentOS 5/6 boxes. So far so good though, I’ve been 
monitoring the logs of our boxes running httpd and so far nothing out of the 
ordinary has appeared.

-Tim

From: Af [mailto:af-bounces+tim=velociter@afmug.com] On Behalf Of Shayne 
Lebrun via Af
Sent: Monday, September 29, 2014 4:51 AM
To: af@afmug.com
Subject: Re: [AFMUG] Bash specially-crafted environment variablescodeinjection 
attack

Originally, I responded to this:

Ø  “I think the articles have maybe overstated the risk a bit, since you would 
need to either authenticate (at least as a regular user) to get to a shell, or 
find a publicly exposed script that will pass an environment variable to bash 
for you.
And asked you not to think about security in those terms.  Don’t assume you 
understand all the possible attack vectors, don’t assume that because certain 
other things need to happen, you’re invulnerable, etc etc.  When you get right 
down to it, though, UNIX really wants to land you at a shell, and bash is the 
default shell in a lot of places.

You’re certainly listed a whole bunch of issues in the software world at large, 
dedicated applicances, etc etc and I certainly sympathize with a lot of the 
issues you’ve raised.

Of course, the slightly less empathetic sysadmin in me says ‘too bad; you put 
public-facing server on the Internet, you have an obligation, and a 
responsibility to maintain it properly.’  I argue in my head with him A LOT.

Yes, absolutely, you can mitigate the issues you raised in your last email to a 
very reasonable degree with proper firewalling, internal processes, etc etc.  
And it sounds like you’re cognizant of the need to do that, so that’s great too.


From: Af [mailto:af-bounces+slebrun=muskoka@afmug.com] On Behalf Of Ken 
Hohhof via Af
Sent: Sunday, September 28, 2014 9:55 PM
To: af@afmug.com
Subject: Re: [AFMUG] Bash specially-crafted environment variablescodeinjection 
attack

You are preaching rather than listening.

What if it is an appliance with a distribution that is frozen in time on 
CentOS4 with no updates.  Note that RHEL4 updates are only available via paid 
extended support, and CentOS4 is EOL.  Doing a yum update on a CentOS4 box 
won’t get you anywhere, and I don’t believe RHEL4 even used yum, it used Redhat 
Network to get RPMs.  All my new stuff on CentOS5 and 6 has been updated.

What I was asking for an opinion on was whether the RPM that Oracle made 
available was likely to work, or to brick the box.  Keep in mind that bricking 
your command shell could be difficult to recover from, especially on a headless 
appliance at a remote site.  I’m guessing that creating another user with a 
different shell like csh or ksh might offer a failsafe.  I would have to see 
what other shells are available on the device.

So this is a Tyan kiosk type server with BlueQuartz installed, long ago 
defunct.  Nuonce was maintaining repositories but stopped a long time ago.

Other people are going to face similar situations.  Not every server is built 
from scratch loading the OS and then the applications.  Sometimes you use an 
all-in-one install disk, like CactiEZ or some of the Asterisk/FreePBX 
distributions.  I’m evaluating the PBX appliances from Grandstream, clearly 
they run Asterisk and probably Linux under the hood, but you can’t even get to 
the command line, so any software updates would have to be from the web GUI 
with updates from Grandstream.  So I’m thinking if that’s a problem, being 
totally dependent on the vendor, I guess stuff like routers are the same.  But 
you can’t just go and do a yum update on everything that has Linux inside, or 
recompile the source code with the patch and install it yourself, even assuming 
you feel comfortable doing that.


From: Shayne Lebrun via Af
Sent: Sunday, September 28, 2014 7:00 PM
To: af@afmug.com
Subject: Re: [AFMUG] Bash specially-crafted environment variablescodeinjection 
attack

Quite honestly, who cares?  There’s zero downside to closing the security hole.

Hopefully you’re closing all your other security holes too, especially for 
things like DNS or NTP that are almost public facing by default.  Why not close 
this one at the same time?

What happens in six months when you, or somebody, stick another service on that 
machine?


From: Af [mailto:af-bounces+slebrun=muskoka@afmug.com] On Behalf Of Ken 
Hohhof via Af
Sent: Sunday, September 28, 2014 10:38 

Re: [AFMUG] DDoS via Dlink DIR-655 router?

[Timothy D. McNabb via Af]

We received that notice as well (we sell the routers to customers so plenty on 
our network). Updating to latest firmware seems to fix. Most of the routers we 
have sold are Revision B and the latest firmware is 2.11NA.

-Tim

From: Af [mailto:af-bounces+tim=velociter@afmug.com] On Behalf Of Josh 
Reynolds via Af
Sent: Friday, September 26, 2014 10:44 AM
To: af@afmug.com
Subject: Re: [AFMUG] DDoS via Dlink DIR-655 router?

Could be a part of the bash-exploit botnet that's going around.

(Yes, this could affect home routers as well)

Josh Reynolds, Chief Information Officer
SPITwSPOTS, www.spitwspots.com
On 09/26/2014 09:41 AM, Bill Prince via Af wrote:

Got a report from someone that had traced a DDoS attack coming from one of our 
subscribers.� It claimed the IP was going out on port 1900 to various and 
sundry IPs as part of a distributed attack.

I ran a torch on the IP, and sure enough, a bunch of connections were going out 
on port 1900.

Talked to the customer, and eliminated all their PCs/phones/etc. one by one, at 
which point it was only their Dlink router connected to the net.

Turning it off stopped the outbound traffic.� Just to be sure, we 
re-connected the customer's wired PC, and no traffic.

So at this point, it appears that there was some sort of malware loaded on 
their Dlink.�� It's a DIR-655.

Anyone else seeing this?� Seen it?� Other comments?