Re: (newbie) BGP For Dummies?
There was excellent docuent on Cisco (better than book). I can search for it, if you want. Btw, BGP is not for dummies, too many possible consequencies of config errors are possible. - Original Message - From: David E. Smith [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, December 10, 2004 12:35 PM Subject: (newbie) BGP For Dummies? Hi, long-time listener, first-time caller... Can anyone recommend a good forum for BGP questions? I've got my copy of the O'Reilly book handy, but having never really worked with BGP before, I find it's not really the best novice-level work. (Or, if questions about weird inter-AS routing scenarios are on-topic here, I'd be glad to bounce my problems around on NANOG.) Thanks! David Smith MVN.net
Re: (newbie) BGP For Dummies?
On Sat, 11 Dec 2004 02:08:45 -0800, Alexei Roudnev [EMAIL PROTECTED] wrote: There was excellent docuent on Cisco (better than book). I can search for it, if you want. This one is not too bad .. Practical BGP (Russ White, Danny McPherson, Srihari Sangli) http://www.amazon.com/exec/obidos/tg/detail/-/0321127005/103-1122659-1873401?v=glance Btw, BGP is not for dummies, too many possible consequencies of config errors are possible. Sometimes that's the best way to learn .. when you have accidentally messed up configs on a router that's halfway across town once, have to drive over and fix the resulting mess, you learn quite fast not to repeat that mistake again :) If this guy was anywhere in the asiapac region I'd just have asked him to attend the workshops and tutorials at SANOG or APRICOT - there are a lot more teaching in those two events than you see in NANOG meetings. --srs -- Suresh Ramasubramanian ([EMAIL PROTECTED])
Re: anyone from GBLX ?
On Sat, 11 Dec 2004 20:34:57 +0800, Thomas Graham [EMAIL PROTECTED] wrote: anyone from global crossing internet linking company ? If you are on the inoc-dba phone system, it is as easy as picking up a phone and calling them. They're listed in https://www.pch.net/inoc-dba/console.cgi?op=show_pubdirlist=org -- Suresh Ramasubramanian ([EMAIL PROTECTED])
Re: anyone from GBLX ?
On Sat, 11 Dec 2004 21:37:16 +0800, Thomas Graham [EMAIL PROTECTED] wrote: but the main problem is I am not in US...e how could I report their network problem ? Depends. If you are their direct customer I guess you know how to get in touch with them. If your upstream provider gets connectivity from GBLX, you might want to get them to escalate the issue. --srs ps - You don't need to be in the USA to use the inoc-dba phone system. All you need is to be a network operator with your own AS. -- Suresh Ramasubramanian ([EMAIL PROTECTED])
Re: anyone from GBLX ?
but the main problem is I am not in US...e how could I report their network problem ? On Sat, 11 Dec 2004 18:21:25 +0530, Suresh Ramasubramanian [EMAIL PROTECTED] wrote: On Sat, 11 Dec 2004 20:34:57 +0800, Thomas Graham [EMAIL PROTECTED] wrote: anyone from global crossing internet linking company ? If you are on the inoc-dba phone system, it is as easy as picking up a phone and calling them. They're listed in https://www.pch.net/inoc-dba/console.cgi?op=show_pubdirlist=org -- Suresh Ramasubramanian ([EMAIL PROTECTED])
Re: normally CFP's are off-topic for NANOG but this one's *about* us
The Internet is under increasing attacks with unwanted traffic in the form of spam, distributed denial of service, virus, worms, etc. Does etc. include pornography and certain forms of poltical speech which do not conform to local community standards? not for this conference, no. this is about technology not politics/customs. Or are you folks conveniently ignoring the large-scale side effects of technological advances in this area? 8-) if those side effects are also technological then they are fair game.
RE: (newbie) BGP For Dummies?
Check this out... http://www.bgp4.as/books Good luck. -Charlie -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David E. Smith Sent: Friday, December 10, 2004 12:36 PM To: [EMAIL PROTECTED] Subject: (newbie) BGP For Dummies? Hi, long-time listener, first-time caller... Can anyone recommend a good forum for BGP questions? I've got my copy of the O'Reilly book handy, but having never really worked with BGP before, I find it's not really the best novice-level work. (Or, if questions about weird inter-AS routing scenarios are on-topic here, I'd be glad to bounce my problems around on NANOG.) Thanks! David Smith MVN.net
Re: no whois info ?
I don't want to turn this into a domain policy discussion, but here are a few comments (in some semblance of order) which relate to the operational aspects. 1. Anyone controlling an operational resource (such as a domain) can't be anonymous. This _in no way_ prevents anyone from doing things anonymously on the Internet: it just means that they can't control an operational resource, because that way lies madness. 2. If someone wants to remain anonymous -- say, as in the example Janet cited, of sexual abuse victims -- then one of the very LAST things they should do is register a domain. Doing so creates a record (in the registrar's billing department if nowhere else) that clearly traces back to them. Further, an anonymously-registered domain isn't much good without services such as DNS and web hosting: and those, of course, represent still more potential information leaks. Anyone who thinks their anonymous registration is truly anonymous is in for a rude awakening: if the data isn't already in the wild, it will be as soon as the spammers find it useful to make it so. It's much better, if anonymity is the goal, not to begin by causing this data to exist. 3. Anonymous domain registration, like free email services, is an abuse magnet. [Almost] nobody offering either has yet demonstrated the ability to properly deal with the ensuing abuse: they've simply forced the costs of doing so onto the entire rest of the Internet. It's thus not surprising that a pretty good working hypothesis is to presume that any domain which either (a) has anonymous registration or (b) has contact addresses at freemail providers is owned by people intent on abusing the Internet. No, it's not always true, but as a first-cut approximation it works quite well. Doubly so if the domain is in a TLD known to be spammer-infested (e.g., .biz) and triply so if the domain name itself screams spam (e.g. cheap-phentermine-online.biz). [1] 4. Spammers have a myriad of ways of harvesting mail addresses that yield the same data but without requiring WHOIS output. For example, some of the malware they've released prowls through all the sent/received mail on infected systems...which means that if anyone using their brand-new anonymously-registered domain happens to send a single message to someone else -- who is already or subsequently infected -- then the address in question will shortly be in the wild, bought and sold and used by spammers. Note that some of the infected systems are mail servers, so even if the sender and recipient are secure from infection, the address in question may still be acquired. And no doubt some of them are inside registrars and DNS hosts and web hosts, just like they're [nearly] everywhere else. And this is just one way that addresses are harvested. 5. Spam is about far more than than merely SMTP these days. SPIM (IM spam) and SPIT (VOIP spam) and adware and all kinds of other things are being used -- and by _the same people_, e.g. Spamford, to do exactly the same thing: put content in front of eyeballs. Even if we could throw a switch and cut off all SMTP spam, the respite would only be temporary. So just trying to hide from SMTP spam, although it might provide the comfortable illusion of accomplishing something in the short term, is useless in the long term. 6. Spam is a problem for everyone, and so it's everyone's responsibility to fight it. Those who want the privilege of controlling operational resources must also accept the responsibility of doing their part. ---Rsk [1] To save you the trouble of looking it up: Domain Name: CHEAP-PHENTERMINE-ONLINE.BIZ Domain ID: D3193600-BIZ Sponsoring Registrar:DOTSTER Domain Status: ok Registrant ID: DOTS-1025016423 Registrant Name: N K Registrant Organization: Registrant Address1: - Registrant Address2: n/a Registrant City: - Registrant State/Province: - Registrant Postal Code: - Registrant Country: United States Registrant Country Code: US Registrant Phone Number: +1.311212 Registrant Facsimile Number: +1.311212 Registrant Email:[EMAIL PROTECTED] and so on. A 200-foot-high billboard would only be slightly more obvious.
Re: Sheesh, regulators
On Tue, 14 Sep 2004 09:49:27 +0530, Suresh Ramasubramanian [EMAIL PROTECTED] wrote: http://www.thehindubusinessline.com/2004/09/11/stories/2004091102660400.htm ISPs may be stopped from offering private leased line services [...] The telecom regulator has also sought the views of the Department of Telecom (DoT) on the issue and would give its final directive in the next few weeks. DoT officials said that the department was looking at allowing ISPs to offer VPN services but only after paying an entry fee to level the playing field with long distance players. The TRAI (indian telecom regulator) seems to be making a (belated) protest about the DoT (department of telecom, govt of India)'s attempt to tax VPNs, effectively creating a new type of ISP - ISP offering VPN services http://www.thehindubusinessline.com/2004/12/10/stories/2004121003090300.htm TRAI wants to be heard on licence fees for ISPs Thomas K. Thomas New Delhi , Dec. 9 IN what could become the next big controversy in communications sector, the Telecom Regulatory Authority of India (TRAI) has asked the Department of Telecom (DoT) to seek its recommendations on the policy decision to impose entry fee and licence fee on Internet Service Providers. This is the first time that the telecom regulator has made such a request after the DoT has already announced its decision. In a letter written to Mr Nripendra Misra, Secretary, DoT, the telecom regulator has said that the Government should have in the first place sought the views of TRAI since it involved creation of a new category of licence called ISPs with Virtual Private Network. Since TRAI's recommendations are required for issuing the terms of a licence, it is logical that they should also be obtained at the time of modification of a licence earlier granted. I would request you to refer the issue to TRAI for opinion before finalising the Government decision in this matter, said the letter by its Chairman, Mr Pradip Baijal. The telecom regulator has said that the ISP with VPN licence is a new licence for the service provider, especially since this will be distinct from the current ISP licence. The DoT had announced its decision last month to impose a licence fee of 8 per cent of the annual revenues on ISPs apart from an entry fee ranging between Rs 1 crore and Rs 10 crore. The department had not taken the recommendations of the telecom regulator before announcing the decision, which irked not only the TRAI but also the ISPs. DoT on its part said that it was not required to seek the telecom regulator's recommendations, since it was a decision which sought to expand the scope of the existing ISP licence. TRAI had earlier sent a letter to DoT suggesting an entry fee of Rs 25 lakh. Meanwhile, the ISPs are chalking out their strategy to challenge the DoT decision which includes legal recourse. We will await the final guidelines of the policy from DoT before finalising our next move, said Mr Amitabh Singhal, President, Internet Service Providers Association.
New Edge Brokenness?
Has anyone else noticed an increase in layer 3 downtime in newedges network since the big meltdown? I'm now losing connectivity several times a day, and only layer 3. Attempts to go through the normal support channels have resulted in runarounds and layer one/two tests. Jason -- Jason Slagle - CCNP - CCDP /\ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . \ / ASCII Ribbon Campaign . X - NO HTML/RTF in e-mail . / \ - NO Word docs in e-mail .
Re: no whois info ?
Rich Kulawiec wrote: 1. Anyone controlling an operational resource (such as a domain) can't be anonymous. This _in no way_ prevents anyone from doing things anonymously on the Internet: it just means that they can't control an operational resource, because that way lies madness. As long as that person is contactable, why should it matter if they are anonymous? If you get a quick response to [EMAIL PROTECTED], does it REALLY matter to you if the person's name is Tom, John, or Susan? There seem to be two definitions of anonymous floating around here. One seems to equal no working contact information, and one seems to equal private registration ala domainsbyproxy.net. I can understand why people might want to take non-existent whois records into account, but I just don't see the argument against anonymous records. Killing anonymous records won't stop spammers. It can however harm a vulnerable section of the Internet. 2. If someone wants to remain anonymous -- say, as in the example Janet cited, of sexual abuse victims -- then one of the very LAST things they should do is register a domain. Doing so creates a record (in the registrar's billing department if nowhere else) that clearly traces back to them. Further, an anonymously-registered domain isn't much good without services such as DNS and web hosting: and those, of course, represent still more potential information leaks. There are layers of privacy. Let's say a person has a restraining order against an ex-husband, ex-girlfriend, etc. That person has moved and doesn't want to be easily found. Now, which will be easier for the ex - typing in whois, or somehow getting the billing records from the registrar? As for DNS web hosting - there are sites out there that offer anonymous hosting DNS to groups like abuse survivors, etc. It's much better, if anonymity is the goal, not to begin by causing this data to exist. Great! So, if you are a vulnerable minority, don't use the internet. Don't have political free speech in your country? Don't talk. You have an abusive ex? Sorry, can't help you. Whistle blower? The hell with you. Pissed off a drug dealer by turning them in? Good for you! Sorry, we have to take away your internet access now. 100% Anonymity is not possible, true. Neither is 100% security. But does that mean you give up running any kind of firewall? 3. Anonymous domain registration, like free email services, is an abuse magnet. [Almost] nobody offering either has yet demonstrated the ability to properly deal with the ensuing abuse: they've simply forced the costs of doing so onto the entire rest of the Internet. OK, how many anonymous domains (ala domainsbyproxy) have you been unable to contact? Real numbers, please. I'm not talking about missing or false whois records. It's thus not surprising that a pretty good working hypothesis is to presume that any domain which either (a) has anonymous registration or (b) has contact addresses at freemail providers is owned by people intent on abusing the Internet. No, it's not always true, but as a first-cut approximation it works quite well. I'm sorry, I guess I'm still one of those innocent until proven guilty folks. Yes, it means first run spammers get me. That's a price I'm willing to pay. If, as an end user, you want more aggressive filtering, that should be up to you. I have no problem with that. If decisions start impacting innocents on the Internet at large, THAT's a problem. 4. Spammers have a myriad of ways of harvesting mail addresses that yield the same data but without requiring WHOIS output. Yes, they do. But, I get less spam, and MUCH less snail mail, with anonymous registrations. 6. Spam is a problem for everyone, and so it's everyone's responsibility to fight it. Those who want the privilege of controlling operational resources must also accept the responsibility of doing their part. I agree. But why should it matter if you know the name of the person controlling an operational resource if they are responsible net citizens?
Re: (newbie) BGP For Dummies?
This is a bit dated, but a good place to start.. BGP4 Case Studies - Sam Halabi http://www.cs.fsu.edu/courses/netdesign/halabi/halabi-bgp4-case-studies-tutorial.pdf#search='halabi%20bgp%20cisco' For a forum try: http://isp-lists.isp-planet.com/isp-routing/ Internet.com has a number of forums in this genre, just poke around their website a bit.. John - Original Message - From: David E. Smith [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, December 10, 2004 3:35 PM Subject: (newbie) BGP For Dummies? Hi, long-time listener, first-time caller... Can anyone recommend a good forum for BGP questions? I've got my copy of the O'Reilly book handy, but having never really worked with BGP before, I find it's not really the best novice-level work. (Or, if questions about weird inter-AS routing scenarios are on-topic here, I'd be glad to bounce my problems around on NANOG.) Thanks! David Smith MVN.net