RE: Co-lo best practices on IP allocations

2003-03-19 Thread McBurnett, Jim

One more thought:
If the company is a SPAM or other less than popular type, 
I would keep a watch on SPAM-L and spamhaus.org
Look for you IP block.. Some networks flat out put 
IP Access lists to block ranges for SPAM/..


J
>-Original Message-
>From: Daniel Abbey [mailto:[EMAIL PROTECTED]
>Sent: Tuesday, March 18, 2003 11:57 AM
>To: [EMAIL PROTECTED]
>Subject: Co-lo best practices on IP allocations
>
>
>
>Are there any suggestions/ideas on best practices when it 
>comes to co-lo
>allocation of addresses to its customers? Is there any site 
>that may have
>some pointers? The dilemma is whether to charge or no to 
>charge separate for
>the IPs. Should it be a cause built into their overall 
>contract? Any ideas?
>
>


nanog@merit.edu

2003-03-19 Thread German Martinez

Anybody here seeing problems with AS7018 ?

Thanks
German

-- 
"The man who fights for his ideals is the man who is alive."

   --CERVANTES author of DON QUIJOTE



69/8 revisited

2003-03-19 Thread Rick Ernst



We were just allocated a /17 out of 69/8.  With all off the recent traffic on
69/8 reachability problems, I asked ARIN if the allocation could come from a
different block.

Their answer was basically that 69/8 (only) is where they are allocating from
and that "from reading NANOG, it appears that much of the problem has been
resolved."

I haven't seen any updated information that 69/8 is now working for people.
Is everyone just quiet about it, or have filters actually been updated making
this a non-issue?

Thanks,
Rick





RE: OpenSSL

2003-03-19 Thread Matt Ryan

lol - I promise in future to read to the bottom of messages. In fact if I
didn't top post I would have noticed, but that's a different can of worms
8-)


Matt.

-Original Message-
From: Petri Helenius [mailto:[EMAIL PROTECTED]
Sent: 18 March 2003 17:52
To: Matt Ryan; [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: OpenSSL



Note the smiley 10 lines down. You have been had.

Pete

- Original Message -
From: "Matt Ryan" <[EMAIL PROTECTED]>
To: "'Petri Helenius'" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>;
<[EMAIL PROTECTED]>
Sent: Tuesday, March 18, 2003 5:58 PM
Subject: RE: OpenSSL


MPLS (on its own) gives you jack-squat in terms of delay and jitter. All the
clever queuing can do it for you - but then it can for IP (because its the
same thing!).


Matt.

-Original Message-
From: Petri Helenius [mailto:[EMAIL PROTECTED]
Sent: 18 March 2003 15:10
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: OpenSSL



>
> While the timing attack is the attack against the SSL server, it is my
> reading of the paper that the attacks' success largely depends on ability
to
> tightly control the time it takes to communicate with a service using SSL.
> Currently, such control is rather difficult to achive on links other than
> ethernet.
>
Doesn´t MPLS provide consistent delay and minimal jitter and thus SSL
servers connected to MPLS networks are more suspectible to attack?










:-)

Pete

--
Live Life in Broadband
www.telewest.co.uk


The information transmitted is intended only for the person or entity to which it is 
addressed and may contain confidential and/or privileged material.
Statements and opinions expressed in this e-mail may not represent those of the 
company. Any review, retransmission, dissemination or other use of, or taking of any 
action in reliance upon, this information by persons or entities other than the 
intended recipient is prohibited. If you received this in error, please contact the 
sender immediately and delete the material from any computer.


==



Re: 69/8 revisited

2003-03-19 Thread Jared Mauch

On Wed, Mar 19, 2003 at 09:42:46AM -0800, Rick Ernst wrote:
> We were just allocated a /17 out of 69/8.  With all off the recent traffic on
> 69/8 reachability problems, I asked ARIN if the allocation could come from a
> different block.
> 
> Their answer was basically that 69/8 (only) is where they are allocating from
> and that "from reading NANOG, it appears that much of the problem has been
> resolved."
> 
> I haven't seen any updated information that 69/8 is now working for people.
> Is everyone just quiet about it, or have filters actually been updated making
> this a non-issue?

i'm in the midst of writting a brief article about 69/8
reachability that i inted to post on /. and as a result hopefully
it will become a more publically visible issue as places like
news.google pick up /. articles.  If you have a server that is
in 69/8 that you want referenced by it, perhaps a test machine
saying "your network appears to be working ok" that you want listed
let me know.

I also am going to allow people to submit urls for a "wall
of shame" that still show 69/8 (amongst others) as something to block.
obviously we won't accept messages to mailing lists that are older
but anyones current "use these filters to help secure your network"
pages should get listed.

I encourage people who find networks that are blocking
69/8 that you get them to fix to ask them if they continue to
use such filtering to subscribe to Rob's bogon-announce list
that is hosted on my machine.

http://puck.nether.net/mailman/listinfo/bogon-announce

- jared

-- 
Jared Mauch  | pgp key available via finger from [EMAIL PROTECTED]
clue++;  | http://puck.nether.net/~jared/  My statements are only mine.


nanog@merit.edu

2003-03-19 Thread Charles E. Youse


On Wed, 19 Mar 2003, German Martinez wrote:
>
> Anybody here seeing problems with AS7018 ?
>

I peer with AT&T's hosting AS, AS4264, which uses AS7018 for all of its
transit- not seeing any issues from here.  What've you got going on?

C.




Re: 69/8 revisited

2003-03-19 Thread jlewis

On Wed, 19 Mar 2003, Rick Ernst wrote:

> Their answer was basically that 69/8 (only) is where they are allocating from
> and that "from reading NANOG, it appears that much of the problem has been
> resolved."

I wonder what they based that ASSumption on?

The thread just sort of died...and now you've revived it.

> I haven't seen any updated information that 69/8 is now working for people.
> Is everyone just quiet about it, or have filters actually been updated making
> this a non-issue?

I've been busy with other things, so I haven't been able to spend as much
time on my 69/8 reachability project as I did the first few days.  I still
have a list of about 700 destinations reachable from 209.208/17 but not
from 69/8.  That's down from about 1000 when I did the first ping sweep.  
I know I've personally gotten half a dozen or so networks to update their
filtering.  I've also had several messages apparently go ignored (1 week
with no response and no filter update), two of which are US military
/16's.

A bunch of the remaining affected networks are in other countries where 
I'm afraid language is going to be a barrier.  This issue will likely 
never be entirely resolved.  Just hope your customers don't care about 
reaching the remaining affected networks.
 
--
 Jon Lewis [EMAIL PROTECTED]|  I route
 System Administrator|  therefore you are
 Atlantic Net|  
_ http://www.lewis.org/~jlewis/pgp for PGP public key_



Re: 69/8 revisited

2003-03-19 Thread Scott Granados

I've definitely noticed the steady decline in complaints in reachability.  I
think though at some point it will be resolved, after all all the other
blocks got squared away it seems, or is that an incorrect assumption?


- Original Message -
From: <[EMAIL PROTECTED]>
To: "Rick Ernst" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Wednesday, March 19, 2003 10:26 AM
Subject: Re: 69/8 revisited


>
> On Wed, 19 Mar 2003, Rick Ernst wrote:
>
> > Their answer was basically that 69/8 (only) is where they are allocating
from
> > and that "from reading NANOG, it appears that much of the problem has
been
> > resolved."
>
> I wonder what they based that ASSumption on?
>
> The thread just sort of died...and now you've revived it.
>
> > I haven't seen any updated information that 69/8 is now working for
people.
> > Is everyone just quiet about it, or have filters actually been updated
making
> > this a non-issue?
>
> I've been busy with other things, so I haven't been able to spend as much
> time on my 69/8 reachability project as I did the first few days.  I still
> have a list of about 700 destinations reachable from 209.208/17 but not
> from 69/8.  That's down from about 1000 when I did the first ping sweep.
> I know I've personally gotten half a dozen or so networks to update their
> filtering.  I've also had several messages apparently go ignored (1 week
> with no response and no filter update), two of which are US military
> /16's.
>
> A bunch of the remaining affected networks are in other countries where
> I'm afraid language is going to be a barrier.  This issue will likely
> never be entirely resolved.  Just hope your customers don't care about
> reaching the remaining affected networks.
>
> --
>  Jon Lewis [EMAIL PROTECTED]|  I route
>  System Administrator|  therefore you are
>  Atlantic Net|
> _ http://www.lewis.org/~jlewis/pgp for PGP public key_
>
>



Re: 69/8 revisited

2003-03-19 Thread jlewis

On Wed, 19 Mar 2003, Scott Granados wrote:

> I've definitely noticed the steady decline in complaints in reachability.  I
> think though at some point it will be resolved, after all all the other
> blocks got squared away it seems, or is that an incorrect assumption?

I'd bet they're not all resolved...just mostly to the point that nobody 
cares.  Does anyone have a traceroute web page from another (not 69/8) 
block that recently went from reserved to RIR allocated?  I'd be 
interesting to see how many of the 69/8 unreachable IPs are unreachable 
from other reserved->RIR allocated blocks.

By the end of the week, I expect to have a system setup (big system with
lots of available bandwidth) where people can do simultaneous traceroutes
from 69 and !69 IPs and see the results side by side.  I've got this now
on my workstation and have included a link to it in most of the filter
update request messages I've sent, but I don't want all of nanog (much
less /.) hitting my workstation.  I also plan to put the reachability
database on that system and make the unreachable IPs viewable.
 
--
 Jon Lewis [EMAIL PROTECTED]|  I route
 System Administrator|  therefore you are
 Atlantic Net|  
_ http://www.lewis.org/~jlewis/pgp for PGP public key_



Draft client notice for 69/8 problems

2003-03-19 Thread Matt Martini

Nanog:

Below is a draft of a letter that we will be sending to clients who
experience 69.0.0.0/8 connectivity problems. I am making it available to
help those ISPs that are confronted by clients with connectivity issues
due to assigning them 69.0.0.0/8 addresses. It can be adapted to suit an
ISP's specific needs.

I welcome commments and advice. (I know I'm gonna hate myself for saying
that around here ;^)

Matt

__ http://www.invision.net/ ___

 Matthew E. Martini, PEInVision.com, Inc.   (631) 543-1000 x104
 Chief Technology Officer  [EMAIL PROTECTED](631) 864-8896 Fax
___pgp_




___

   NOTICE REGUARDING NETWORK REACHABLITY
___

Dear Customer:

This document discusses problems connecting to/from your site over the
Internet due to outdated filtering by your ISP or IT Department. It will
give a high level explanation of the problem and offer a solution. It
will then discuss the issue in detail at a technical level sufficient
for network administrators to fix the problem.

's Customer Service will work with you to help your ISP/IT
Department resolve these issues. You can contact us at
tech-support@ or (555) 555- x555.







Problem Description
___

Certain computers cannot reach and/or be reached by other computers on
the Internet. Symptoms of this would be the inability to go to certain
web sites, or the inability to send/receive email from certain sites.

The cause of this is outdated IP filters on routers and/or firewalls.
These filters are put into place by network administrators to prevent
malicious use of unallocated IP addresses. However, the list of
allocated addresses changes over time and so the filters must be updated
to avoid blocking legitimate, albeit newly valid IP addresses.

Every few months a new block of IP addresses are released by the IP
registries to ISPs and then in turn to end users. The IP block
69.0.0.0/8 was allocated to ARIN as a usable block in August 2002.
Before this time these addresses were unallocated and invalid for use on
the Internet.  Network administrators before this time may have filtered
this block of IPs, along with all of the other unallocated blocks, in
their routers and firewalls.  If these filters were not updated since
August 2002, they would improperly filter traffic to and from these
addresses and thus cause the connectivity problems you are experiencing.


Recommended Solution


The solution is rather a simple one. All that has to be done is to
update these router and firewall filters to allow the 69.0.0.0/8 block
of addresses. This is usually a matter of a fairly simple configuration
change that can be accomplished by your Network Administrators, IT
Department, or ISP.

Finding the correct person to implement these changes can be somewhat
more challenging than the problem itself.  Customer Service can
help you track down the place where the filtering is taking place. It
may be taking place at your ISP's boundary, or a corporate firewall.
Once the place is identified you can then have the responsible party
make the changes. Once again  will be there to explain the
technical details of this issue.

Please let us know if we can assist in any way to help you fix this
problem.


Action Items for Network Administrators and ISPs
___

Please update your BGP ingress filters and firewall rules to allow
69.0.0.0/8 routes and traffic as these addresses became valid IPs
allocated by ARIN in August 2002.

Please contact tech-support@ for assistance.


Detailed Explanation


The Internet Assigned Numbers Authority (IANA) allocates Internet
Protocol version 4 (IPv4) address space to Registries including ARIN,
RIPE, and APNIC. These registries in turn allocate address space to ISPs
who in-turn allocate addresses for end-users. This is documented in RFC
1466. See: http://www.iana.org/assignments/ipv4-address-space

All of the addresses that are not allocated by the above process should
never appear in the Internet routing table. These unallocated addresses
are dubbed "Bogons". A packet routed over the public Internet should
never have a source address in a bogon range. These are commonly found
as the source addresses of DDoS attacks.

As such a network administrator may filter these IP addresses from their
routing tables and block them from entering their network via firewall
rules. This behavior is actually encouraged because it helps to limit
Denial of Service attacks.

However, these filters must be kept up to date to avoid filtering newly
released and valid IPs. The IANA allocations change fairly often,
sometimes in as little as every four months. Administrators who elect
to engage in strict f

nanog@merit.edu

2003-03-19 Thread Sean Donelan

On Wed, 19 Mar 2003, German Martinez wrote:
> Anybody here seeing problems with AS7018 ?

Folks have been reporting various weird problems with AS7018 for the last
2-3 weeks.  It seems to affect some types of packets, but not other types
of packets (i.e. you can ping or get some web pages, but not other web
pages).  If you report it to AT&T, they seem to get it fixed; but then
the problems re-appear a few days later.  I'm guessing that packet size
is relevant, but I haven't spent much time trying to troubleshoot it.




Re: scope of the 69/8 problem

2003-03-19 Thread bdragon

This discussion falls into a pattern we've seen before:

1) Operators doing the right thing experience a problem created by
operators doing the wrong thing.
2) It is not possible to isolate the pain to only the operators
doing the wrong thing.
3) The only way to solve the problem is to raise the level of pain across
the board so as to force those ultimately causeing the pain to
self-marginalize.
4) No one is willing to accept any pain they don't absolutely _have_ to
even if it would save them pain in the future
5) Therefore the islands of pain remain indefinately, but as long as
I'm not affected, I don't care.

The above can be applied to:
1) filtering of 69/8
2) excessive deaggregation of routes
3) RPF
4) Use of RFC1918 in ways which violate RFC1918 (packets crossing
enterprise boundaries)
5) Actually using .0 and .255 for networks with masks which allow
this.
6) IPv6
7) Multicast
8) etc

To bring back around to the issue of 69/8, yes, the only way to
solve the problem is to bring a set of "important" things into that
network. No one who controls any "important" thing would actually
do such a thing. So those folks in 69/8 will likely go out of business,
or find ways around their problem which will likely involve other
"bad operator" activity, continuing to advance our problems indefinately
and in new and interesting ways.



nanog@merit.edu

2003-03-19 Thread brett watson
On Wednesday, Mar 19, 2003, at 12:28 America/Phoenix, Sean Donelan 
wrote:

On Wed, 19 Mar 2003, German Martinez wrote:
Anybody here seeing problems with AS7018 ?
...
...
 If you report it to AT&T, they seem to get it fixed; but then
the problems re-appear a few days later.  I'm guessing that packet size
is relevant, but I haven't spent much time trying to troubleshoot it.
isn't at&t heavily MPLSed?  maybe something to do with mpls tunnels, or 
diff-serv marking?



nanog@merit.edu

2003-03-19 Thread Truman, Michelle, SALES

If someone can identify what you are actually seeing, I'll check into
it.
If you are experiencing drops or slow traces, only through the core,
there is an issue with excessive de-prioritization of ICMP control
message with a particular router type (vendcor) in the core. End to end
data flow has not seemed to be affected but trace and ping core
latencies are looking very wierd. I've been asking customers to use
trace only for path detail and to use end to end ping for any
performance data. 

Yes, the core is MPLS enabled. Diffserv acted on only at the edges
though. 

Michelle

Michelle Truman   CCIE # 8098
Principal Technical Consultant
AT&T Solutions Center
mailto:[EMAIL PROTECTED]
VO: 651-998-0949 
w 612-376-5137 




-Original Message-
From: brett watson [mailto:[EMAIL PROTECTED]
Sent: Wednesday, March 19, 2003 1:48 PM
To: [EMAIL PROTECTED]
Subject: Re: Problems with AT&T 



On Wednesday, Mar 19, 2003, at 12:28 America/Phoenix, Sean Donelan 
wrote:

>
> On Wed, 19 Mar 2003, German Martinez wrote:
>> Anybody here seeing problems with AS7018 ?
>
> ...
...
>  If you report it to AT&T, they seem to get it fixed; but then
> the problems re-appear a few days later.  I'm guessing that packet
size
> is relevant, but I haven't spent much time trying to troubleshoot it.

isn't at&t heavily MPLSed?  maybe something to do with mpls tunnels, or 
diff-serv marking?



Re: 69/8 revisited

2003-03-19 Thread Stephen Sprunk

Thus spake <[EMAIL PROTECTED]>
> On Wed, 19 Mar 2003, Scott Granados wrote:
> I'd bet they're not all resolved...just mostly to the point that nobody
> cares.  Does anyone have a traceroute web page from another (not 69/8)
> block that recently went from reserved to RIR allocated?  I'd be
> interesting to see how many of the 69/8 unreachable IPs are unreachable
> from other reserved->RIR allocated blocks.

I'm wondering if there's something special about 69/8...  I can't recall
this sort of discussion for 61/8 through 68/8, at least after CIDR in the
former Class A space was initially validated.

S

Stephen Sprunk "God does not play dice."  --Albert Einstein
CCIE #3723 "God is an inveterate gambler, and He throws the
K5SSSdice at every possible opportunity." --Stephen Hawking



Re: 69/8 revisited

2003-03-19 Thread jlewis

On Wed, 19 Mar 2003, Stephen Sprunk wrote:

> I'm wondering if there's something special about 69/8...  I can't recall
> this sort of discussion for 61/8 through 68/8, at least after CIDR in the
> former Class A space was initially validated.

For a very interesting comparison, do groups.google.com searches for 
69.0.0.0/8 and then for 61.0.0.0/8.  While the first is several pages of 
hits saying to block 69.0.0.0/8 as a bogon, all the links for 61.0.0.0/8 
seem to suggest blocking that /8 due to spam.
 
--
 Jon Lewis [EMAIL PROTECTED]|  I route
 System Administrator|  therefore you are
 Atlantic Net|  
_ http://www.lewis.org/~jlewis/pgp for PGP public key_



Re: Co-lo best practices on IP allocations

2003-03-19 Thread Steve Gibbard

On Tue, 18 Mar 2003, Andy Dills wrote:

> 
> On Tue, 18 Mar 2003, Daniel Abbey wrote:
> 
> >
> > Are there any suggestions/ideas on best practices when it comes to co-lo
> > allocation of addresses to its customers? Is there any site that may have
> > some pointers? The dilemma is whether to charge or no to charge separate for
> > the IPs. Should it be a cause built into their overall contract? Any ideas?
>
> [...]
> 
> But only give them what they can justify, unless they are potentially a
> huge revenue customer, to who you would give whatever they want (within
> reason).

I would be extremely cautious about following that advice.  It's pretty
simple to get more IP addresses from ARIN if you follow their processes,
do your allocations according to their guidelines, and keep good
documentation.  Those who don't follow the ARIN guidelines tend to run
into a lot of trouble when it comes time to get more IP addresses,
especially when the customers for whom they ignore the guidelines stand
out as their really big allocations.

As far as whether to charge goes, that's really a business decision rather
than an operational one.  Arin charges somewhere between 60 cents and a
tenth of a cent per IP address, depending on how big you are.  The process
of obtaining the IP address blocks costs you something, as does processing
the paperwork associated with the justifications, setting up and
maintaining the routing, and so forth.  Meanwhile, you're also charging
your customers for various other services.  You may or may not be making a
sufficient amount to cover your costs in dealing with IP address
allocation, and you may or may not be in a situation where your customers
would be willing to pay you more.

-Steve

--
Steve Gibbard
Steve Gibbard Consulting -- IP network consulting services
Office: 510 528-1263
Cell: 415 717-7842
http://www.gibcons.com/



NJ: Red alert? Stay home, await word

2003-03-19 Thread Jeff Wasilko

http://www.southjerseynews.com/issues/march/m031603e.htm

If the nation escalates to "red alert," which is the highest in
the color-coded readiness against terror, you will be assumed by
authorities to be the enemy if you so much as venture outside
your home, the state's anti-terror czar says.

...


RE: 69/8 revisited

2003-03-19 Thread McBurnett, Jim

look at the location too... 61/8 is APNIC and 69 ARIN..

J

>-Original Message-
>From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
>Sent: Wednesday, March 19, 2003 5:02 PM
>To: Stephen Sprunk
>Cc: Scott Granados; Rick Ernst; North American Noise and Off-topic
>Gripes
>Subject: Re: 69/8 revisited
>
>
>
>On Wed, 19 Mar 2003, Stephen Sprunk wrote:
>
>> I'm wondering if there's something special about 69/8...  I 
>can't recall
>> this sort of discussion for 61/8 through 68/8, at least 
>after CIDR in the
>> former Class A space was initially validated.
>
>For a very interesting comparison, do groups.google.com searches for 
>69.0.0.0/8 and then for 61.0.0.0/8.  While the first is 
>several pages of 
>hits saying to block 69.0.0.0/8 as a bogon, all the links for 
>61.0.0.0/8 
>seem to suggest blocking that /8 due to spam.
> 
>--
> Jon Lewis [EMAIL PROTECTED]|  I route
> System Administrator|  therefore you are
> Atlantic Net|  
>_ http://www.lewis.org/~jlewis/pgp for PGP public key_
>
>


Re: NJ: Red alert? Stay home, await word

2003-03-19 Thread J.A. Terranson


On Wed, 19 Mar 2003, Jeff Wasilko wrote:

> http://www.southjerseynews.com/issues/march/m031603e.htm
> 
> If the nation escalates to "red alert," which is the highest in
> the color-coded readiness against terror, you will be assumed by
> authorities to be the enemy if you so much as venture outside
> your home, the state's anti-terror czar says.
> 
> ...

"You literally are staying home, is what happens, unless you are required to 
be out. No different than if you had a state of emergency with a
snowstorm." 


Except that in a snow storm, I can go out if I want to, and not face criminal
liability.  Are they planning to at least go through the farce of declaring
martial law first? 

-- 
Yours, 
J.A. Terranson
[EMAIL PROTECTED]






Re: NJ: Red alert? Stay home, await word

2003-03-19 Thread ed

> be out. No different than if you had a state of emergency with a
> snowstorm."
>
>
> Except that in a snow storm, I can go out if I want to, and not face criminal
> liability.  Are they planning to at least go through the farce of declaring
> martial law first?

Are you kidding me?  Of course not.  That might give the ACLU ammunition.
It might give the gun toting, meat eaters an excuse

-ed
-
[EMAIL PROTECTED]



Re: NJ: Red alert? Stay home, await word

2003-03-19 Thread Jack Bates

Deepak Jain wrote:
>
> Seems like a pretty steep step between "Orange" and "Red".
>
> Are other states taking this position?
>
I hope Oklahoma doesn't (highly doubtful). I'd be ordered to the CO and
forced to stay there and make sure the network kept running. no
transportation != no work.

--
-Jack



Re: NJ: Red alert? Stay home, await word

2003-03-19 Thread Vadim Antonov


There's only thing worse than government full of idiots: government
full of scared idiots.

--vadim


On Wed, 19 Mar 2003, J.A. Terranson wrote:

> 
> On Wed, 19 Mar 2003, Jeff Wasilko wrote:
> 
> > http://www.southjerseynews.com/issues/march/m031603e.htm
> > 
> > If the nation escalates to "red alert," which is the highest in
> > the color-coded readiness against terror, you will be assumed by
> > authorities to be the enemy if you so much as venture outside
> > your home, the state's anti-terror czar says.
> > 
> > ...
> 
> "You literally are staying home, is what happens, unless you are required to 
> be out. No different than if you had a state of emergency with a
> snowstorm." 
> 
> 
> Except that in a snow storm, I can go out if I want to, and not face criminal
> liability.  Are they planning to at least go through the farce of declaring
> martial law first? 
> 
> 



Re: Your message to ""

2003-03-19 Thread Jack Bates

Hmmm. Would have thought turning off a nanog subscription would be
considered on the list of things to do when closing an email account.

[EMAIL PROTECTED] wrote:
> Your message to the National Science Foundation is being returned to
> you because the address (sgoldste) is no longer valid.  A copy of
> your message is attached.
>
> The person you addressed is no longer at the Foundation, and the
> Postmaster has no forwarding information.  For more information,
> please call our Information Center at 703-292-5111, or by email at:
> [EMAIL PROTECTED]

--
-Jack



Re: NJ: Red alert? Stay home, await word

2003-03-19 Thread ed

> There's only thing worse than government full of idiots: government
> full of scared idiots.

Depends on who they are afraid of.

If they fear the people, perfect and all the better.

If they fear $random_third_party at the cost of the people, very bad.

-ed
-
[EMAIL PROTECTED]



Initial network impacts post-US attack 3/19/03

2003-03-19 Thread Sean Donelan

Some major new web sites such as CNN.COM, MSNBC.COM, etc have dropped most
advertisements from their main web pages.  CNN.COM has switched to its
"breaking news" format with a truncated main page.

I have not had any difficulty reaching any major US news web site.  Matrix
and Keynote public graphs show normal latency, drops, etc.  BGP, ASN data
sources show normal number of prefixes, announcements, withdrawals.

AT&T and Cable&Wireless public network statistic pages show almost all
major links within normal levels.

However, tonight I am not able to reach the few Iraq servers I know about.
The servers were reachable on Monday, but I wasn't keeping constant track
of those servers.  So I don't know when I could no longer reach them.  This
may just be normal network flakiness, the Iraqi networks aren't very
reliable on a normal day.



Re: Initial network impacts post-US attack 3/19/03

2003-03-19 Thread Stretch

I've noticed a small upswing in traffic over the last hour or two, and not
to the usual "midnight browsing frenzy" locations.

CNN, Yahoo, MSN, etc., all seem to be responding as usual (CNN had more
latency at noon. Go figure.)

As for sites in Iraq... I feel for the poor tech who pulled "cable rat" duty
this week on whatever colo/CO facilities they have. or had. :-(

- Original Message -
From: "Sean Donelan" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, March 19, 2003 11:03 PM
Subject: Initial network impacts post-US attack 3/19/03


>
> Some major new web sites such as CNN.COM, MSNBC.COM, etc have dropped most
> advertisements from their main web pages.  CNN.COM has switched to its
> "breaking news" format with a truncated main page.
>
> I have not had any difficulty reaching any major US news web site.  Matrix
> and Keynote public graphs show normal latency, drops, etc.  BGP, ASN data
> sources show normal number of prefixes, announcements, withdrawals.
>
> AT&T and Cable&Wireless public network statistic pages show almost all
> major links within normal levels.
>
> However, tonight I am not able to reach the few Iraq servers I know about.
> The servers were reachable on Monday, but I wasn't keeping constant track
> of those servers.  So I don't know when I could no longer reach them.
This
> may just be normal network flakiness, the Iraqi networks aren't very
> reliable on a normal day.
>



Re: Initial network impacts post-US attack 3/19/03

2003-03-19 Thread Richard A Steenbergen

On Thu, Mar 20, 2003 at 12:03:13AM -0500, Sean Donelan wrote:
> 
> However, tonight I am not able to reach the few Iraq servers I know
> about. The servers were reachable on Monday, but I wasn't keeping
> constant track of those servers.  So I don't know when I could no longer
> reach them.  This may just be normal network flakiness, the Iraqi
> networks aren't very reliable on a normal day.

http://www.seastrom.com/www.centcom.mil/galleries/leaflets/Images/izd-009.jpg

US Backhoe Operators - Your country needs you.

-- 
Richard A Steenbergen <[EMAIL PROTECTED]>   http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)


RE: NJ: Red alert? Stay home, await word

2003-03-19 Thread Deepak Jain

> > http://www.southjerseynews.com/issues/march/m031603e.htm
> > 
> > If the nation escalates to "red alert," which is the highest in
> > the color-coded readiness against terror, you will be assumed by
> > authorities to be the enemy if you so much as venture outside
> > your home, the state's anti-terror czar says.
> > 
> > ...
> 
> "You literally are staying home, is what happens, unless you are 
> required to 
> be out. No different than if you had a state of emergency with a
> snowstorm." 
> 
> 
> Except that in a snow storm, I can go out if I want to, and not 
> face criminal
> liability.  Are they planning to at least go through the farce of 
> declaring
> martial law first? 
> 

Seems like a pretty steep step between "Orange" and "Red".

Are other states taking this position?

Deepak Jain
AiNET


RE: NJ: Red alert? Stay home, await word

2003-03-19 Thread ed

> Seems like a pretty steep step between "Orange" and "Red".
>
> Are other states taking this position?

As an amateur radio op in the bay area, I've been involved with local OES,
specifically in the SF Bay Area.  San Francisco's stance, apparently mimed
by the State of CA is that "we'll change what we do as the situation
itself changes".  In other words react, rather than proact.  This is about
2 hour old info from the head of Emergency Services in SF.

-ed
-
[EMAIL PROTECTED]



Re: NJ: Red alert? Stay home, await word

2003-03-19 Thread Joe

Yes, the State of insanity.
LOL

Cheers,
-Joe


- Original Message - 
From: "Deepak Jain" <[EMAIL PROTECTED]>
To: "J.A. Terranson" <[EMAIL PROTECTED]>; "Jeff Wasilko" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Wednesday, March 19, 2003 8:52 PM
Subject: RE: NJ: Red alert? Stay home, await word


> > 
> > Except that in a snow storm, I can go out if I want to, and not 
> > face criminal
> > liability.  Are they planning to at least go through the farce of 
> > declaring
> > martial law first? 
> > 
> 
> Seems like a pretty steep step between "Orange" and "Red".
> 
> Are other states taking this position?
> 
> Deepak Jain
> AiNET