Re: Finding information about metro private line service in downtown SF
Can you get roof rights at both locations? If so, can you stand on one roof and see the other? If yes, go wireless. You will have the capital cost upfront but no monthly fees to pay to your friendly telco of choice each month. There are plenty of companies that manafacture telco quality radios for instances like this. Proxim, Alavarion, P-Com, RadioLAN, just to name a few. -Mike On Wed, 27 Oct 2004 19:41:29 -0700, Roy [EMAIL PROTECTED] wrote: Oops Forgot my Sig Roy Engehausen Roy wrote: I have used PacBell's GIGAMAN service at a number of locations. Its basically managed fiber running GigE. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Bill Garrison Sent: Wednesday, October 27, 2004 7:32 PM To: [EMAIL PROTECTED] Subject: Finding information about metro private line service in downtown SF Hello, I am investigating the options for linking up a new office to our (coincidentally) close datacenter in downtown San Francisco. Both locations are SOMA and within about 10 minutes walking of each other. Calling SBC provided me with a rather clueless person telling me all about ATM, Frame Relay and other options I don't want. To his credit, I believe I may have been defining what I want incorrectly. Since both areas are well within the same LATA (do people say that anymore?) I am simply looking for some sort of private line service be it fiber or copper. Who are the providers local to the area? Is there any way of finding what is in the ground around me? (I know UPN Networks is in between our offices so I am confident there is fiber or copper all around us.) What are the easiest options for this sort of thing? What kind of pricing might we be looking at? To give some perspective, we push a significant amount of bandwidth through our datacenter such that if the costs work out we would prefer a private line into our datacenter (for many reasons including cost, internet speed in the office, ability to have a backend entrance to our network for offsite backups, etc.). We would also then just setup a DSL line or T1 for emergencies/failover.[1] Please reply offlist, thanks for any insight, Bill [1]: Our alternative is too just get a T1 with a DSL for manual failover but piping into our datacenter would provide a substantial number of benefits. (this is a small office with about 10 people all of whom can handle cold-swapping to DSL if ever needed...)
Network Monitoring System - Recommendations?
Hi I was interested in finding out what software applications other ISPs are using for network monitoring? For example: 1) Overall network health uptime reports 2) Backup router config automatically 3) Bandwidth reporting (or integration with an MRTG-type app) 4) SNMP trap support (BGP/OSPF session drops emails out) 5) Database back end (port info into or over to other apps) Im just looking for something well rounded for a small ISP. Ive heard about OpenNMS and other apps but Id like to get everyones feedback. Thanks! -Charlie
Re: IPv6 support for com/net zones on October 19, 2004
On Wed, Oct 27, 2004 at 04:01:45PM -0400, Joe Abley [EMAIL PROTECTED] wrote a message of 42 lines which said: Since I mailed that, 3557 started receiving a covering /48 for A. a.gtld-servers.net works now for us. Verisign does not reply but may listen :-) b is still unreachable. We get a route but not everybody does.
Re: IPv6 support for com/net zones on October 19, 2004
* [EMAIL PROTECTED] (Stephane Bortzmeyer) [Thu 28 Oct 2004, 09:48 CEST]: On Wed, Oct 27, 2004 at 04:01:45PM -0400, Joe Abley [EMAIL PROTECTED] wrote a message of 42 lines which said: Since I mailed that, 3557 started receiving a covering /48 for A. a.gtld-servers.net works now for us. Verisign does not reply but may listen :-) Better than the other way around... b is still unreachable. We get a route but not everybody does. Both now work for me. But I've always seen both routes. -- Niels.
Re: IPv6 support for com/net zones on October 19, 2004
From AS1930 (Portugal, Europe): [it works...] ;; Query time: 544 msec ;; SERVER: 2001:503:231d::2:30#53(2001:503:231d::2:30) ;; WHEN: Thu Oct 28 12:11:40 2004 ;; MSG SIZE rcvd: 504 ;; Query time: 547 msec ;; SERVER: 2001:503:a83e::2:30#53(2001:503:a83e::2:30) ;; WHEN: Thu Oct 28 12:43:23 2004 ;; MSG SIZE rcvd: 504 ./Carlos --http://www.ip6.fccn.pt/nativeRCTS2.html Wide Area Network (WAN) Workgroup, CMF8-RIPE, CF596-ARIN FCCN - Fundacao para a Computacao Cientifica Nacional http://www.fccn.pt Internet is just routes (140068/465), naming (millions) and... people!
Re: IPv6 support for com/net zones on October 19, 2004
* [EMAIL PROTECTED] (Carlos Friacas) [Thu 28 Oct 2004, 13:38 CEST]: From AS1930 (Portugal, Europe): [it works...] ;; Query time: 544 msec ;; SERVER: 2001:503:231d::2:30#53(2001:503:231d::2:30) ;; WHEN: Thu Oct 28 12:11:40 2004 ;; MSG SIZE rcvd: 504 ;; Query time: 547 msec ;; SERVER: 2001:503:a83e::2:30#53(2001:503:a83e::2:30) ;; WHEN: Thu Oct 28 12:43:23 2004 ;; MSG SIZE rcvd: 504 Query times using IPv6 seem significantly higher than those for IPv4 to both a and b.gtld-servers.net, but as far as you can trust traceroute it doesn't seem as if the IPv4 and IPv6 addresses for each host end up in wildly different places... Anyone else care to comment? The hop count is suspiciously lower for IPv6 than for IPv4, and has twice the latency (coming from Europe too). But again, this is traceroute `wisdom'. -- Niels. -- Today's subliminal thought is:
Re: IPv6 support for com/net zones on October 19, 2004
On Thu, Oct 28, 2004 at 01:45:28PM +0200, Niels Bakker wrote: Anyone else care to comment? The hop count is suspiciously lower for IPv6 than for IPv4, and has twice the latency (coming from Europe too). But again, this is traceroute `wisdom'. One problem with IPv6 traceroute is, that Cisco got two things severly wrong in some versions: - TTL might not decremented when switching packets into GRE tunnels - ICMP TTL exceeded must be sourced from ingress interface. IOS violated that in some versions and used the EGRESS interface IP as source for the ICMP packets. Both bugs do severely hurt traceroutes and interpretation of them as you cannot be sure wether you are actually experiencing them or not. Unfortunately those IOS versions are still seen in the wild, and because the v6 world still uses (far too many senseless) tunnels. So interpreting traceroutes in v6 can sometimes really be considered guesswork, even more than in v4. :-Z Best regards, Daniel -- CLUE-RIPE -- Jabber: [EMAIL PROTECTED] -- [EMAIL PROTECTED] -- PGP: 0xA85C8AA0
RE: Network Monitoring System - Recommendations?
-Original Message- From: Charlie Khanna - NextWeb [mailto:[EMAIL PROTECTED] Subject: Network Monitoring System - Recommendations? Hi - I was interested in finding out what software applications other ISPs are using for network monitoring? For example: 1) Overall network health - uptime reports 2) Backup router config automatically 3) Bandwidth reporting (or integration with an MRTG-type app) 4) SNMP trap support (BGP/OSPF session drops - emails out) 5) Database back end (port info into or over to other apps) I've been using Argus - http://argus.tcp4me.com I've found this program more and more useful as time goes on... This should fit in with every point except #5. But, of course, the data has to be stored somewhere, so it should be fairly trivial to either write a parser, or modify the source to use a database. At any rate, I really like this program, it works wonderfully. I'm just looking for something well rounded for a small ISP. I've heard about OpenNMS and other apps but I'd like to get everyone's feedback. Thanks! -Charlie
Abuse Ticketing Systems
Are there any particularly useful ticketing systems for handling the sorts and volume of complaints an abuse desk sees? Currently my company has deployed Remedy internally and while it is particularly useful in managing work requests and our noc's incident response, it seems to be completely unsuited for our abuse desk needs. I've been recommended to Abacus and would be interested in anyone's experience with it. If someone has had a painless and successful experience using Remedy to handle abuse desk ticketing I'd love to hear a little about the overall engineering of the system to handle it. --- James Baldwin
Re: Abuse Ticketing Systems
Try Request Tracker, it's very flexible and free. http://www.bestpractical.com On Thu, 28 Oct 2004, James Baldwin wrote: Are there any particularly useful ticketing systems for handling the sorts and volume of complaints an abuse desk sees? Currently my company has deployed Remedy internally and while it is particularly useful in managing work requests and our noc's incident response, it seems to be completely unsuited for our abuse desk needs. I've been recommended to Abacus and would be interested in anyone's experience with it. If someone has had a painless and successful experience using Remedy to handle abuse desk ticketing I'd love to hear a little about the overall engineering of the system to handle it. --- James Baldwin Paul Khavkine Network Administrator DISTRIBUTEL Communications. 740 Notre Dame West, Suite 1135 Montreal, Quebec, Canada, H3C 3X6 1-514-877-5505 x 263 http://www.distributel.net
Re: [Insight?] OutPut Drops Cisco 7206VXR
It's a vendor specific troublehsooting question so let's move it over to the cisco-nsp alias. http://puck.nether.net/cisco-nsp/ The drops can be as others have said for various reasons (QOS, bursty traffic, etc...). The bus error is most likely software although it could be hardware. Yours does look like a software problem. Send the relevant interface configurations, sh stack, show region, and show version to the cisco-nsp alias. Rodney On Tue, Oct 26, 2004 at 10:49:22AM -0400, Gyorfy, Shawn wrote: Yeah - we have traffic shaping: policy-map Outbound-Transmission-To-Core (We have 10) class Expedited-Forwarding-To-Core priority percent 50 class Hanover_13364_14025_37272-TS-To-Core shape average 1536000 192000 15000 class Queller_3266_3268_30989-TS-To-Core shape average 70 87500 15000 . . . (10) FastEthernet0/0 is up, line protocol is up Hardware is DEC21140A, address is 0001.636e.1c00 (bia 0001.636e.1c00) Description: Connected to Extreme Summit48 Internet address is MTU 1500 bytes, BW 10 Kbit, DLY 100 usec, reliability 255/255, txload 12/255, rxload 3/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Full-duplex, 100Mb/s, 100BaseTX/FX ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:21, output 00:00:00, output hang never Last clearing of show interface counters 00:37:12 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 5397 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/82/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) Available Bandwidth 25000 kilobits/sec 5 minute input rate 1505000 bits/sec, 979 packets/sec 5 minute output rate 5084000 bits/sec, 1590 packets/sec 2028319 packets input, 434456929 bytes Received 3 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog 0 input packets with dribble condition detected 3453733 packets output, 1359654191 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out Serial2/0 is up, line protocol is up Hardware is M1T-T3+ pa Description: ny-0200 V#51HFGL605916 (DS3 to 39 Broadway POP) Internet address is MTU 4470 bytes, BW 44210 Kbit, DLY 200 usec, reliability 255/255, txload 8/255, rxload 29/255 Encapsulation PPP, LCP Open Open: CDPCP, IPCP, crc 16, loopback not set Keepalive set (10 sec) Restart-Delay is 0 secs Last input 00:00:00, output 00:00:00, output hang never Last clearing of show interface counters 00:37:49 Input queue: 1/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/10/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) Available Bandwidth 11052 kilobits/sec 5 minute input rate 5029000 bits/sec, 1584 packets/sec 5 minute output rate 1437000 bits/sec, 966 packets/sec 3460149 packets input, 1351120603 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 parity 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 2005303 packets output, 418156501 bytes, 0 underruns 0 output errors, 0 applique, 0 interface resets 0 output buffer failures, 0 output buffers swapped out 0 carrier transitions rxLOS inactive, rxLOF inactive, rxAIS inactive txAIS inactive, rxRAI inactive, txRAI inactive -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 26, 2004 10:55 AM To: Gyorfy, Shawn Subject: Re: [Insight?] OutPut Drops Cisco 7206VXR Do you have any rate limiting on the Ethernet interface? The bus error.. I would say let cisco just replace your gear... that dosen't sound good. How is the bandwidth usage soo different? That dosen't sound right -Justin On Tue, 26 Oct 2004, Gyorfy, Shawn wrote: What's up all, I have a question, maybe some have experienced this before- let me paint the picture for you first - We are running VoIP- customer's are experiencing static. I have a DS3 going for a Cisco 10k router to a Cisco 7206VXR M2T-T3+ pa Interface. As of right now, the current usage is about 5.5Mbps with an input rate of about 1425pps and output rate of 756. The Fast Ethernet is connected to an Extreme Switch. The FastE's usage right now is about 20Mbps with an input rate of 868pps and an output of 1541pps. On the FastE - we are seeing Output drops. They were at a constant interval, when we were running IOS c7200-p-mz.123-9a. As per
Re: Abuse Ticketing Systems
On Thu, Oct 28, 2004 at 10:12:45AM -0400, James Baldwin wrote: experience with it. If someone has had a painless and successful experience using Remedy to handle abuse desk ticketing I'd love to hear a little about the overall engineering of the system to handle it. If anyone has had a painless and successful experience with Remedy, I'd love to hear about that, as well. ;) I second the RT route. Budget half a day to get it up on a test box and it's pretty easy from there. In particular you may want to look at the version of RT tuned for Incident Response - http://bestpractical.com/rtir/ John
Re: IPv6 support for com/net zones on October 19, 2004
On Thu, 28 Oct 2004, Niels Bakker wrote: * [EMAIL PROTECTED] (Carlos Friacas) [Thu 28 Oct 2004, 13:38 CEST]: From AS1930 (Portugal, Europe): [it works...] ;; Query time: 544 msec ;; SERVER: 2001:503:231d::2:30#53(2001:503:231d::2:30) ;; WHEN: Thu Oct 28 12:11:40 2004 ;; MSG SIZE rcvd: 504 ;; Query time: 547 msec ;; SERVER: 2001:503:a83e::2:30#53(2001:503:a83e::2:30) ;; WHEN: Thu Oct 28 12:43:23 2004 ;; MSG SIZE rcvd: 504 Query times using IPv6 seem significantly higher than those for IPv4 to both a and b.gtld-servers.net, but as far as you can trust traceroute it doesn't seem as if the IPv4 and IPv6 addresses for each host end up in wildly different places... Anyone else care to comment? The hop count is suspiciously lower for IPv6 than for IPv4, and has twice the latency (coming from Europe too). But again, this is traceroute `wisdom'. Yes. Definitely there are tunnels in the path... For now, i dont care about query times, i only wish to guarantee reachability. The next phase will only happen when *more* tier-1s start to sell ipv6 transit on the same basis they sell ipv4 transit for years. -- Niels. -- Today's subliminal thought is: ./Carlos --http://www.ip6.fccn.pt/nativeRCTS2.html Wide Area Network (WAN) Workgroup, CMF8-RIPE, CF596-ARIN FCCN - Fundacao para a Computacao Cientifica Nacional http://www.fccn.pt Internet is just routes (140068/465), naming (millions) and... people!
Re: Abuse Ticketing Systems
On 28/10/2004 8:12 AM James Baldwin wrote: Are there any particularly useful ticketing systems for handling the sorts and volume of complaints an abuse desk sees? Aside from RT, you may also want to take a look at OTRS - http://otrs.org/. Todd
Re: Finding information about metro private line service in downtown SF
The Corning, FreeLink Optical Transport System looked pretty good as well if you have the money for it. Handles most weather, with the exception of fog. http://www.corningcablesystems.com/web/news/press97.nsf/ehtml|ehtml/bc1e7d41f445a29d85256c07004a4b67?opendocument On Wed, 27 Oct 2004, Mike Lyon wrote: Can you get roof rights at both locations? If so, can you stand on one roof and see the other? If yes, go wireless. You will have the capital cost upfront but no monthly fees to pay to your friendly telco of choice each month. There are plenty of companies that manafacture telco quality radios for instances like this. Proxim, Alavarion, P-Com, RadioLAN, just to name a few. -Mike On Wed, 27 Oct 2004 19:41:29 -0700, Roy [EMAIL PROTECTED] wrote: Oops Forgot my Sig Roy Engehausen Roy wrote: I have used PacBell's GIGAMAN service at a number of locations. Its basically managed fiber running GigE. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Bill Garrison Sent: Wednesday, October 27, 2004 7:32 PM To: [EMAIL PROTECTED] Subject: Finding information about metro private line service in downtown SF Hello, I am investigating the options for linking up a new office to our (coincidentally) close datacenter in downtown San Francisco. Both locations are SOMA and within about 10 minutes walking of each other. Calling SBC provided me with a rather clueless person telling me all about ATM, Frame Relay and other options I don't want. To his credit, I believe I may have been defining what I want incorrectly. Since both areas are well within the same LATA (do people say that anymore?) I am simply looking for some sort of private line service be it fiber or copper. Who are the providers local to the area? Is there any way of finding what is in the ground around me? (I know UPN Networks is in between our offices so I am confident there is fiber or copper all around us.) What are the easiest options for this sort of thing? What kind of pricing might we be looking at? To give some perspective, we push a significant amount of bandwidth through our datacenter such that if the costs work out we would prefer a private line into our datacenter (for many reasons including cost, internet speed in the office, ability to have a backend entrance to our network for offsite backups, etc.). We would also then just setup a DSL line or T1 for emergencies/failover.[1] Please reply offlist, thanks for any insight, Bill [1]: Our alternative is too just get a T1 with a DSL for manual failover but piping into our datacenter would provide a substantial number of benefits. (this is a small office with about 10 people all of whom can handle cold-swapping to DSL if ever needed...)
RE: Finding information about metro private line service in downtown SF
Wireless is a great option, if it's an option at all - I would just make sure to get a licensed link so you don't worry about getting knocked of the air by some rogue interferer. In fact, I've found a source for 39-gig radios (if the shot is less than 1.5 miles over the air) for about $3K. Contact me off-list for that information (or wireless in general). -Charlie -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jeff Rosowski Sent: Thursday, October 28, 2004 8:37 AM To: Mike Lyon Cc: Roy; North American Network Operators Group Subject: Re: Finding information about metro private line service in downtown SF The Corning, FreeLink Optical Transport System looked pretty good as well if you have the money for it. Handles most weather, with the exception of fog. http://www.corningcablesystems.com/web/news/press97.nsf/ehtml|ehtml/bc1e7d41 f445a29d85256c07004a4b67?opendocument On Wed, 27 Oct 2004, Mike Lyon wrote: Can you get roof rights at both locations? If so, can you stand on one roof and see the other? If yes, go wireless. You will have the capital cost upfront but no monthly fees to pay to your friendly telco of choice each month. There are plenty of companies that manafacture telco quality radios for instances like this. Proxim, Alavarion, P-Com, RadioLAN, just to name a few. -Mike On Wed, 27 Oct 2004 19:41:29 -0700, Roy [EMAIL PROTECTED] wrote: Oops Forgot my Sig Roy Engehausen Roy wrote: I have used PacBell's GIGAMAN service at a number of locations. Its basically managed fiber running GigE. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Bill Garrison Sent: Wednesday, October 27, 2004 7:32 PM To: [EMAIL PROTECTED] Subject: Finding information about metro private line service in downtown SF Hello, I am investigating the options for linking up a new office to our (coincidentally) close datacenter in downtown San Francisco. Both locations are SOMA and within about 10 minutes walking of each other. Calling SBC provided me with a rather clueless person telling me all about ATM, Frame Relay and other options I don't want. To his credit, I believe I may have been defining what I want incorrectly. Since both areas are well within the same LATA (do people say that anymore?) I am simply looking for some sort of private line service be it fiber or copper. Who are the providers local to the area? Is there any way of finding what is in the ground around me? (I know UPN Networks is in between our offices so I am confident there is fiber or copper all around us.) What are the easiest options for this sort of thing? What kind of pricing might we be looking at? To give some perspective, we push a significant amount of bandwidth through our datacenter such that if the costs work out we would prefer a private line into our datacenter (for many reasons including cost, internet speed in the office, ability to have a backend entrance to our network for offsite backups, etc.). We would also then just setup a DSL line or T1 for emergencies/failover.[1] Please reply offlist, thanks for any insight, Bill [1]: Our alternative is too just get a T1 with a DSL for manual failover but piping into our datacenter would provide a substantial number of benefits. (this is a small office with about 10 people all of whom can handle cold-swapping to DSL if ever needed...)
Big List of network owners?
I have been looking around, but haven't found it yet.. Is there a text list of who owns what netblock worldwide? ISP/Location/Contact. I am not looking for anything searchable, but rather, a large, up to date list that I can import to a database.. Thanks John
Re: Big List of network owners?
On 28 Oct 2004, at 13:00, John Underhill wrote: I have been looking around, but haven't found it yet.. Is there a text list of who owns what netblock worldwide? ISP/Location/Contact. I am not looking for anything searchable, but rather, a large, up to date list that I can import to a database.. Poke around the ftp sites of the four RIRs until you find address registration data. Don't expect to see a single dump format across RIRs. Joe
Re: Big List of network owners?
On Thu, 28 Oct 2004 13:12:39 EDT, Joe Abley said: Poke around the ftp sites of the four RIRs until you find address registration data. Don't expect to see a single dump format across RIRs. For bonus points, does anybody have a good estimate of what percentage of the registration data doesn't match reality, due to missing SWIPs and the infamous allocated to a reseller who allocated to a re-re-seller who... issues? (Not talking actively hijacked, just all the forgot to file the paperwork allocations...) pgpJPSbrz8Q3L.pgp Description: PGP signature
Re: Big List of network owners?
I have been looking around, but haven't found it yet.. Is there a text list of who owns what netblock worldwide? ISP/Location/Contact. I am not looking for anything searchable, but rather, a large, up to date list that I can import to a database.. in general, we try not to make life that easy for spammers and scammers randy
Re: Big List of network owners?
On Oct 28, 2004, at 1:25 PM, [EMAIL PROTECTED] wrote: On Thu, 28 Oct 2004 13:12:39 EDT, Joe Abley said: Poke around the ftp sites of the four RIRs until you find address registration data. Don't expect to see a single dump format across RIRs. For bonus points, does anybody have a good estimate of what percentage of the registration data doesn't match reality, due to missing SWIPs and the infamous allocated to a reseller who allocated to a re-re-seller who... issues? (Not talking actively hijacked, just all the forgot to file the paperwork allocations...) We're working on this question at the operator (ASN) level for a couple of projects. I can't produce a list immediately, but there seem to be at least 600-700 ASNs that were consistently routed between Oct 01 and Oct 03 that have no easily matchable whois data in any registry. Probably the best you can come up with the the converse; the percentage of operators who take the (varied kinds of) trouble to identify themselves broadly to the community, thereby making themselves at least implicitly available for large-scale event management, etc. I think if you sum up the unique users of various extra-whois tools (nsp-sec, INOC-DBA, Jared's NOC list, etc.), you come up something like 3-4k operators. For those 3000+/- you can be reasonably confident that their whois data is correct; the other 15.5k actively routed ASNs (much less the routed netblocks, and less still the idled ASNs and netblocks) are anyone's guess... Tom
Re: Big List of network owners?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Yo Randy! On Thu, 28 Oct 2004, Randy Bush wrote: in general, we try not to make life that easy for spammers and scammers Too late. That horse ran out the barn when Verisgn sold their whois data. At this point keeping the data hard to get just makes it harder on abuse admins. RGDS GARY - --- Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701 [EMAIL PROTECTED] Tel:+1(541)382-8588 Fax: +1(541)382-8676 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFBgTuA8KZibdeR3qURAmPcAJkBi4c4szOnNXrh0GJJdpvrhf+mrwCdFtoQ ED7OtcZFcxoVkSuUhnsFOOI= =EMDd -END PGP SIGNATURE-
Re: Network Monitoring System - Recommendations?
On Thu, 28 Oct 2004, Charlie Khanna - NextWeb wrote: Hi - I was interested in finding out what software applications other ISPs are using for network monitoring? For example: 1) Overall network health - uptime reports http://www.nagios.org 2) Backup router config automatically http://www.shrubbery.net/rancid/ 3) Bandwidth reporting (or integration with an MRTG-type app) http://cricket.sourceforge.net/ 4) SNMP trap support (BGP/OSPF session drops - emails out) http://www.snmptt.org/ http://www.nagios.org 5) Database back end (port info into or over to other apps) I'm just looking for something well rounded for a small ISP. I've heard about OpenNMS and other apps but I'd like to get everyone's feedback. Thanks! Nothing all in one place, that I'm aware of. But with a little work, you could probably integrate it all into nagios. After all, you can make the host names or descriptions URLs that link to bandwidth and error graphs or other tools. Andy --- Andy Dills Xecunet, Inc. www.xecu.net 301-682-9972 ---
Re: Big List of network owners?
On Thu, 28 Oct 2004 14:17:14 EDT, Tom Vest said: operators. For those 3000+/- you can be reasonably confident that their whois data is correct; the other 15.5k actively routed ASNs (much less the routed netblocks, and less still the idled ASNs and netblocks) are anyone's guess... Certainly matches up with what my gut feeling was telling me And of course, the irony is that those 3K ASNs will probably exchange billions of packets with us on total autopilot, and I'll almost never need to find the owner, but the fact that I'm unable to identify who's *really* responsible for a given specific /24 makes an address in that /24 all the more desirable to the sort of people who will end up making me look for the /24's owner, when I'd much rather never have had any conscious knowledge of that particular /24 being routable at all... pgp6zaN1fPVYh.pgp Description: PGP signature
Meeting Stats from Reston
Greetings - here's some information about our joint NANOG/ARIN meeting in Reston: = NANOG 32/ARIN XIV October 17-22, 2004 Reston VA Hosts: AOL Time Warner Cable Total NANOG Attendees: 600 Total ARIN Attendees:185 NANOG - Women attending8% Men attending 92% NAPs represented 13 Non-US/Canada attendees 86 Maximum concurrent RealMedia viewers: 93 Attendee occupation breakdown: ISPs/NetOps 50% Hardware vendors 17% Software vendors 2% RE 11% Government 2% Consultant 4% Content2% Other 12% SUPPORT FOR NANOG - Meeting coordination: Merit Network Squid, DNS, DHCP: Table23 Multicast: University of Oregon /IPv6 feed:Merit Sponsors: Arbinet, Arbor, Cariden, Cisco, Cloudshield, Foundry, Force10, Juniper, Packet Design
Re: Big List of network owners?
--On 28 October 2004 11:33 -0700 Gary E. Miller [EMAIL PROTECTED] wrote: in general, we try not to make life that easy for spammers and scammers Too late. That horse ran out the barn when Verisgn sold their whois data. At this point keeping the data hard to get just makes it harder on abuse admins. Last time I looked, VRSN did not have whois data on netblock owners. Alex
Re: Finding information about metro private line service in downtown SF
Charlie Khanna - NextWeb [EMAIL PROTECTED] writes: Wireless is a great option, if it's an option at all - I would just make sure to get a licensed link so you don't worry about getting knocked of the air by some rogue interferer. Licensed offers no such guarantee; all it offers is some degree of recourse if/when you encounter interference. The onus for finding and tracking down the interferer, identifying them, and filing a complaint with the FCC still rests with the licensee. Hope you remembered to fill out the coordination responses during the comment period (and depending on the band you're operating on, you could get a lot of 'em)... A site survey with appropriate spectrum analysis equipment (preferably connected to antennas that have similar gain characteristics to the one you propose to use, pointed in the direction of your path) is a good first step. You may discover that UNII serves your needs completely. No, it's not a guarantee that things won't change in the future, In fact, I've found a source for 39-gig radios (if the shot is less than 1.5 miles over the air) for about $3K. Thanks to our pals at Winstar's demise and Advanced Radio Telecom's reorganization, such things are commonplace. Intrepid souls with friends in the real estate business may be able to get 'em for the cost of removal. Don't forget to coordinate your licensing (these are NOT part-15 radios as Charlie pointed out); ART's successor organization First Avenue Networks does licensing for $500/link/year. http://www.firstavenet.com/ ---Rob
Re: Big List of network owners?
Perhaps I should have made my inquiry/intentions a little more specific. Just in the thinking out loud stage here, but.. I would like to put an interactive help system together. One where, the user would have the option to forward some types of complaints directly to the hosting provider/ISP through a web portal. Form data would be collected, trends analyzed, if a particular address space is consistently behaving irresponsibly, it would be forwarded to an agent for further investigation. At which point, depending on the type of, and number of problems, further steps could be taken to correct the problem, ex administrative contact, resolving a hijack site to a warning page, or worst case: filtering that network entirely. We already do this to some degree, but I am looking for a way to make it more reflexive, automated, and give the users a more direct course of action that releases our help desk from some of the burden.. John - Original Message - From: Gary E. Miller [EMAIL PROTECTED] To: Randy Bush [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Thursday, October 28, 2004 2:33 PM Subject: Re: Big List of network owners? -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Yo Randy! On Thu, 28 Oct 2004, Randy Bush wrote: in general, we try not to make life that easy for spammers and scammers Too late. That horse ran out the barn when Verisgn sold their whois data. At this point keeping the data hard to get just makes it harder on abuse admins. RGDS GARY - --- Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701 [EMAIL PROTECTED] Tel:+1(541)382-8588 Fax: +1(541)382-8676 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFBgTuA8KZibdeR3qURAmPcAJkBi4c4szOnNXrh0GJJdpvrhf+mrwCdFtoQ ED7OtcZFcxoVkSuUhnsFOOI= =EMDd -END PGP SIGNATURE-
Re: Big List of network owners?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Yo John! On Thu, 28 Oct 2004, John Underhill wrote: ... but I am looking for a way to make it more reflexive, automated, and give the users a more direct course of action that releases our help desk from some of the burden.. And that is exactly why it will not happen. A lot of the registrars have gone over to the other side. Ever try to get any domain contact info out of nameking? RGDS GARY - --- Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701 [EMAIL PROTECTED] Tel:+1(541)382-8588 Fax: +1(541)382-8676 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFBgWGE8KZibdeR3qURAhOxAJ95psP3g0yjv1Wr6vz5yPQPuCaE4gCdEP/e erE90DWlIxpcUFLljcMW98k= =dvcd -END PGP SIGNATURE-
Re: Big List of network owners?
I realize that there may be no way to contact many of these people, but, it is a step towards identifying problem networks. If badhosting.com is responsible for a given percentage of the garbage that comes through our pipes, and I can leverage user input to identify this, then I can use this to create more responsive filtering policies.. - Original Message - From: Gary E. Miller [EMAIL PROTECTED] To: John Underhill [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Thursday, October 28, 2004 5:15 PM Subject: Re: Big List of network owners? -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Yo John! On Thu, 28 Oct 2004, John Underhill wrote: ... but I am looking for a way to make it more reflexive, automated, and give the users a more direct course of action that releases our help desk from some of the burden.. And that is exactly why it will not happen. A lot of the registrars have gone over to the other side. Ever try to get any domain contact info out of nameking? RGDS GARY - --- Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701 [EMAIL PROTECTED] Tel:+1(541)382-8588 Fax: +1(541)382-8676 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFBgWGE8KZibdeR3qURAhOxAJ95psP3g0yjv1Wr6vz5yPQPuCaE4gCdEP/e erE90DWlIxpcUFLljcMW98k= =dvcd -END PGP SIGNATURE-
Re: Big List of network owners?
On Oct 28, 2004, at 2:56 PM, [EMAIL PROTECTED] wrote: On Thu, 28 Oct 2004 14:17:14 EDT, Tom Vest said: operators. For those 3000+/- you can be reasonably confident that their whois data is correct; the other 15.5k actively routed ASNs (much less the routed netblocks, and less still the idled ASNs and netblocks) are anyone's guess... Certainly matches up with what my gut feeling was telling me And of course, the irony is that those 3K ASNs will probably exchange billions of packets with us on total autopilot, and I'll almost never need to find the owner, but the fact that I'm unable to identify who's *really* responsible for a given specific /24 makes an address in that /24 all the more desirable to the sort of people who will end up making me look for the /24's owner, when I'd much rather never have had any conscious knowledge of that particular /24 being routable at all... That irony may disappear soon, but perhaps not in a good way. Observing the general policy trend across the registries, it seems that all are moving toward a system where publicly available contact information for any/all assigned numbers is optimized for resource management, while preserving maximum flexibility for anonymous operation. That is to say, operators may eventually provide visible whois entries that include only a workable email address (e.g., [EMAIL PROTECTED]) and a cell phone number. So long as these contacts are sufficient to request/remit annual registry renewal fees, the whois requirement will be satisfied. Opinions vary as to whether this is a good thing or a bad thing. Some advocates suggest that anonymity will help mitigate some security issues, although it seems to me a little incongruous that security through obscurity is advocated in this sphere at the same time that it is ridiculed in other contexts. Anyway, during the ARIN public forum last week there were repeated suggestions that the scope and purpose of whois database be clarified once and for all, at least at the institutional (ARIN) level. I for one would hate to see operator identity (i.e., as you say who's *really* responsible for a given number) disappear from that that scope and purpose, especially without considering that change and all of its implications very very carefully. Tom
Re: Big List of network owners?
Please describe exactly what you want to do with the data. If its specific action based on some network name or per their ASN, I can probably deliver it (assuming this function has community value for more then just your needs). But providing entire list - is too open for abuse and also may violate RIR policies for not redistributing bulk whois data in bulk form. If you want to do it yourself - feel free to contact every RIR (its only 4 of them) and sign for bulk whois agreements (and RIPE and APNIC already provide their whois database free actually if you look around) and write scripts and program to put it all in the database format that you want. On Thu, 28 Oct 2004, John Underhill wrote: I realize that there may be no way to contact many of these people, but, it is a step towards identifying problem networks. If badhosting.com is responsible for a given percentage of the garbage that comes through our pipes, and I can leverage user input to identify this, then I can use this to create more responsive filtering policies.. - Original Message - From: Gary E. Miller [EMAIL PROTECTED] To: John Underhill [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Thursday, October 28, 2004 5:15 PM Subject: Re: Big List of network owners? -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Yo John! On Thu, 28 Oct 2004, John Underhill wrote: ... but I am looking for a way to make it more reflexive, automated, and give the users a more direct course of action that releases our help desk from some of the burden.. And that is exactly why it will not happen. A lot of the registrars have gone over to the other side. Ever try to get any domain contact info out of nameking? RGDS GARY - --- Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701 [EMAIL PROTECTED] Tel:+1(541)382-8588 Fax: +1(541)382-8676 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFBgWGE8KZibdeR3qURAhOxAJ95psP3g0yjv1Wr6vz5yPQPuCaE4gCdEP/e erE90DWlIxpcUFLljcMW98k= =dvcd -END PGP SIGNATURE-
Final Stage: Early Registration Transfer Project (ERX)
Dear Colleagues, The four Regional Internet Registries (RIRs) are about to enter the final stage of the Early Registration Transfer (ERX) project. This project is a coordinated effort to move whois records for address space registered before the advent of the RIRs to the whois database of the RIR in whose region the registrant is based. In this final stage of the project, whois records for registrations within 192.0.0.0/8 are being moved from the ARIN database. If you operate a network in 192.0.0.0/8 and have: - registration information in more than one RIR database, or - have a postal address that lies outside the RIR's service region you will receive a mail regarding its registration. The mail explains in which database we believe the registration is meant to reside. The message also explains how to indicate which contact information should be recorded. You can find out more about the ERX project at the following URLs: http://www.apnic.net/db/erx/ http://www.arin.net/registration/erx/ http://www.lacnic.net/en/erx.html http://www.ripe.net/projects/erx/ Regards, Paul Rendek Head of Member Services and Communications RIPE NCC
Re: Big List of network owners?
Again guys.. just in the thinking out loud stage.. But it does surprise me that this information is not freely available, and accessible to all without hindrance, registration or obligations of any kind. There is the argument that this information could be used by the wrong people to do the wrong thing, but I am guessing many of those people already have this data. Arguably, the people most likely to be causing problems, are the very ones who seek anonymity through a process that is apparently not as defined and regulated as it needs to be in order to assure proper identification and subsequent accountability. It is all about that accountability, action and response. If badhosting.com insists on harboring CWS, spam engines, and the like, wouldn't it be better if everyone knew, down to the last host, every address they own? If this information were freely available, posted in plain view, script friendly, and a dynamic resource, I suspect a lot of problems could, (at least in part), be made to disappear, or at the very least, automated tracking systems, and abuse reports could be made to be more reliable. Every enterprise is absolutely dependent on its financial viability, if the owner of badhosting.com woke up on Monday morning to find half of north america was no longer visible to his clients, he would either a) grow a conscience, or, b) go out of business - either one would be just fine with me. John - Original Message - From: william(at)elan.net [EMAIL PROTECTED] To: John Underhill [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Thursday, October 28, 2004 6:02 PM Subject: Re: Big List of network owners? Please describe exactly what you want to do with the data. If its specific action based on some network name or per their ASN, I can probably deliver it (assuming this function has community value for more then just your needs). But providing entire list - is too open for abuse and also may violate RIR policies for not redistributing bulk whois data in bulk form. If you want to do it yourself - feel free to contact every RIR (its only 4 of them) and sign for bulk whois agreements (and RIPE and APNIC already provide their whois database free actually if you look around) and write scripts and program to put it all in the database format that you want. On Thu, 28 Oct 2004, John Underhill wrote: I realize that there may be no way to contact many of these people, but, it is a step towards identifying problem networks. If badhosting.com is responsible for a given percentage of the garbage that comes through our pipes, and I can leverage user input to identify this, then I can use this to create more responsive filtering policies.. - Original Message - From: Gary E. Miller [EMAIL PROTECTED] To: John Underhill [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Thursday, October 28, 2004 5:15 PM Subject: Re: Big List of network owners? -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Yo John! On Thu, 28 Oct 2004, John Underhill wrote: ... but I am looking for a way to make it more reflexive, automated, and give the users a more direct course of action that releases our help desk from some of the burden.. And that is exactly why it will not happen. A lot of the registrars have gone over to the other side. Ever try to get any domain contact info out of nameking? RGDS GARY - --- Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701 [EMAIL PROTECTED] Tel:+1(541)382-8588 Fax: +1(541)382-8676 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFBgWGE8KZibdeR3qURAhOxAJ95psP3g0yjv1Wr6vz5yPQPuCaE4gCdEP/e erE90DWlIxpcUFLljcMW98k= =dvcd -END PGP SIGNATURE-
Re: Big List of network owners?
Again so what is it you'are asking: 1. Function to list ip blocks for the same organization that often causes abuse reports for your customers? - see spews and spamhaus lists, for biggest abusers they do pretty good job of tracking any ip blocks assigned to them 2. Function to list ip blocks announced by the same organization per ASN? - you can already do it yourself - sh ip bgp regexp _asn_) And yes if somebody wants to abuse public database, they'll find a way to get the data they want - but at least on the surface it should not be easy. So even if one bad guy already has this data, I'm not interested in making it easy for another bad guy to get it. On Thu, 28 Oct 2004, John Underhill wrote: Again guys.. just in the thinking out loud stage.. But it does surprise me that this information is not freely available, and accessible to all without hindrance, registration or obligations of any kind. There is the argument that this information could be used by the wrong people to do the wrong thing, but I am guessing many of those people already have this data. Arguably, the people most likely to be causing problems, are the very ones who seek anonymity through a process that is apparently not as defined and regulated as it needs to be in order to assure proper identification and subsequent accountability. It is all about that accountability, action and response. If badhosting.com insists on harboring CWS, spam engines, and the like, wouldn't it be better if everyone knew, down to the last host, every address they own? If this information were freely available, posted in plain view, script friendly, and a dynamic resource, I suspect a lot of problems could, (at least in part), be made to disappear, or at the very least, automated tracking systems, and abuse reports could be made to be more reliable. Every enterprise is absolutely dependent on its financial viability, if the owner of badhosting.com woke up on Monday morning to find half of north america was no longer visible to his clients, he would either a) grow a conscience, or, b) go out of business - either one would be just fine with me. John - Original Message - From: william(at)elan.net [EMAIL PROTECTED] To: John Underhill [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Thursday, October 28, 2004 6:02 PM Subject: Re: Big List of network owners? Please describe exactly what you want to do with the data. If its specific action based on some network name or per their ASN, I can probably deliver it (assuming this function has community value for more then just your needs). But providing entire list - is too open for abuse and also may violate RIR policies for not redistributing bulk whois data in bulk form. If you want to do it yourself - feel free to contact every RIR (its only 4 of them) and sign for bulk whois agreements (and RIPE and APNIC already provide their whois database free actually if you look around) and write scripts and program to put it all in the database format that you want. On Thu, 28 Oct 2004, John Underhill wrote: I realize that there may be no way to contact many of these people, but, it is a step towards identifying problem networks. If badhosting.com is responsible for a given percentage of the garbage that comes through our pipes, and I can leverage user input to identify this, then I can use this to create more responsive filtering policies.. - Original Message - From: Gary E. Miller [EMAIL PROTECTED] To: John Underhill [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Thursday, October 28, 2004 5:15 PM Subject: Re: Big List of network owners? -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Yo John! On Thu, 28 Oct 2004, John Underhill wrote: ... but I am looking for a way to make it more reflexive, automated, and give the users a more direct course of action that releases our help desk from some of the burden.. And that is exactly why it will not happen. A lot of the registrars have gone over to the other side. Ever try to get any domain contact info out of nameking? RGDS GARY - --- Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701 [EMAIL PROTECTED] Tel:+1(541)382-8588 Fax: +1(541)382-8676 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFBgWGE8KZibdeR3qURAhOxAJ95psP3g0yjv1Wr6vz5yPQPuCaE4gCdEP/e erE90DWlIxpcUFLljcMW98k= =dvcd -END PGP SIGNATURE-
Re: Big List of network owners?
tom, i happen to have kept the internet manager's phonebook, the August 1990 bbn/nnsc publication of the whois data. you're welcome to ocr it and see how many of the contact data are still valid. on a spot check: for my own entry only the email address still is still correct, sob's phone and email are as current (but i am not sure about snail), ohta-san's data are different, john schnizlein sure has moved, and only jis's email is the same. the introduction, among other things, says Many of the network administrators listed in this book expressed concern about receiving additional solicitations, advertisements, and junk fax as a result of being listed. We are asking companies to respect the administrators' wishes, and not use this book for marketing purposes. Thank you! so such abuses of the whois data were of concern then. note the word additional. sigh my rotting memory says i was receiving uce when i was using an arpanet addresses, uucp !path, and a fidonet node number. i don't think i got uce on telenet's telemail service, but now you're back to the '70s. and attempts at automation of problem reporting have a similarly long history. their accuracy has not improved significantly, and the number of garbage emails i get from them is about the same as the direct spam. the best thing about them is that they are easier to procmail. i wish i could remember which beatles' (i think it was) song had the refrain we have all been here before. randy
Re: Big List of network owners?
On Thu, 28 Oct 2004, Randy Bush wrote: i wish i could remember which beatles' (i think it was) song had the refrain we have all been here before. close, but California, harmony Deja Vu (David Crosby) If I had ever been here before I would probably know just what to do Don't you? If I had ever been here before On another time around the wheel I would probably know just how to deal With all of you And I feel like I've been here before Feel like I've been here before And you know it makes me wonder What's going on under the ground - mmh Do you know? Don't you wonder? What's going on down under you Na na na na na We have all been here before We have all been here before We have all been here before We have all been here before We have all been here before We have all been here before from DeJaVu (1970)
Re: Big List of network owners?
i wish i could remember which beatles' (i think it was) song had the refrain we have all been here before. close, but California, harmony well, at least we learn who has a better memory than i :-) the winners are, in order of appearance in my mailbox, Joe Abley, Charles Cala, and, of course, Queen Lucy. and yes, it was csny. and i even have the cd. i think i'll unearth it for the drive to town to get some missing ingredients for a chile verde which i have a major hankering to make for dinner. randy
Re: Network Monitoring System - Recommendations?
On Thu, 28 Oct 2004 14:46:31 -0400 (EDT), Andy Dills [EMAIL PROTECTED] said: 1) Overall network health - uptime reports 2) Backup router config automatically 3) Bandwidth reporting (or integration with an MRTG-type app) 4) SNMP trap support (BGP/OSPF session drops - emails out) 5) Database back end (port info into or over to other apps) Andy Nothing all in one place, that I'm aware of. But with a little work, you Andy could probably integrate it all into nagios. After all, you can make the Andy host names or descriptions URLs that link to bandwidth and error graphs or Andy other tools. Net-Policy does 1, 3, and 5... It collects traps and lets you view them, but doesn't currently email (trivial addition though). #2 isn't done, though it does collect data and put it in a postgres database, thus you could say it collects it, just not in a way in which you can send it back out again :-/ -- In the bathtub of history the truth is harder to hold than the soap, and much more difficult to find. -- Terry Pratchett
Re: Network Monitoring System - Recommendations?
3) Bandwidth reporting (or integration with an MRTG-type app) http://cricket.sourceforge.net/ You can also do this with Nagios now too.. with APAN. http://apan.sourceforge.net/ It's kind of cool. :D -Jonathan
Re: Finding information about metro private line service in downtown SF
On Thu, 28 Oct 2004, Jeff Rosowski wrote: The Corning, FreeLink Optical Transport System looked pretty good as well if you have the money for it. Handles most weather, with the exception of fog. Using FSO in San Francisco is almost impossible :) There are way too many foggy days, I've watched links go up and down when fog rolls down the street. If you're looking at wireless, the only real option is 38Ghz (if you can get the license) because of all of the 802.11x pollution.