Re: NAT Configuration for Dual WAN Router
Joe Johnson wrote: I've been trying over and over to figure this one out, but I'm just hitting the end of my wits. We have a remote office that can only get 768Kbps DSL, which they've not totally maxed out. So management's solution now is to buy a second DSL line, but they won't let me buy a dual WAN router (in case they add a 3rd DSL line). I've found some great articles on how to get the interfaces working with 2 default gateways (I used this: http://www.linuxquestions.org/linux/answers/Networking/Spanning_Multiple_DSL s) and that is all running fine. It alternates every few minutes which WAN port is used when I traceroute yahoo.com (which is fine) and everything is connecting fine from the router. However, I can't figure out how to get NAT running on the server for the 2 WAN ports for clients inside the LAN. I can NAT to 1 DSL, but that is useless. What I am looking for is a tutorial in how to do this or a pointer to someone who can help. Anyone know of a resource for this? Joe Johnson [EMAIL PROTECTED] I dont see how the router can NAT to more than one ip-address. So you need one NAT-router per DSL-line. Now use your linux, without NAT, to distribute the traffic. Make a guess where most of your goes. Get some vague ip-address ranges and divide them. E.g. send all traffic to microsoft via router-1 and all traffic to cnn via router-2. Both your clients and your linux router dont know about the NAT. The routers, up to 500 of them :) dont know nothing except NAT. If your clients are in 192.168.xxx.xxx then it might be a good idea to put the NAT-routers in 10.xxx.xxx.1 No need for the routers to talk to eachother. Your linux router needs a virtual interface on say 10.xxx.xxx.2 to talk to each router. It would be good to have a real interface for each router to the linux and to have a separate one for your clients. But the linux is intelligent enough and those 1 MBit dsl lines are slowly enough that you can put everything together on one switch. No need to bother which line is which... 10 MBit is fast enough to the outside. Another aproach: Can you split your costumers into separate networks that dont talk to eachother? Then give each group its own NAT-router and give your servers two or more interfaces to make them part of both networks. You must put the routers in different networks of course, say 192.168.1.xxx and 192.168.2.xxx Use an http://www-03.ibm.com/servers/eserver/bladecenter/ Then you run one linux for each dsl-line. Those linuxes know how to route internally too. Now you simply distribute the clients between the linuxes. Dont ask the price. Your management will be delighted :) This solution will allow you some 8 dsl-lines. If you need more buy another bladecenter and connect them. Cheers Peter and Karin Dambier -- Peter and Karin Dambier The Public-Root Consortium Graeffstrasse 14 D-64646 Heppenheim +49(6252)671-788 (Telekom) +49(179)108-3978 (O2 Genion) +49(6252)750-308 (VoIP: sipgate.de) mail: [EMAIL PROTECTED] mail: [EMAIL PROTECTED] http://iason.site.voila.fr
who's receiving comvalid/bgpsentinel spam? (Re: BGP )
is anybody else receiving this spam when they advertise a new AS nowadays? (i'm trying to figure out which whois information is being policy-violated and who to complain about, but if i'm the only one receiving it, i may JHD.) re: # From: Antony Gullusci [EMAIL PROTECTED] # To: [EMAIL PROTECTED] # Subject: BGP # Date: Thu, 15 Dec 2005 14:09:19 +0100 # X-Mailer: Microsoft Outlook Express 6.00.2900.2180 # # Hi! I am Antony Gullusci from Comvalid, and I'd like to give you some # additional information on Comvalid and what we can do for you, regarding # BGP. # # In the past 10 years, our mother company Inrete has made a good name # managing Autonomous System and BGP routers. # # Now Comvalid offers to the broader market the precious internal tools that # Inrete developed in order to manage the Autonomous System of its clients. # # Since you manage a newly announced AS, we propose you free of charge, the # use of our BGPsentinel service for one month. # BGPsentinel operates in the following way: # # 1) constantly sniffs in different points the BGP traffic between BGP router # receiving the full Internet mesh # 2) extracts and stores all the data regarding the AS numbers and NETs of # interest, and stores such data in a database # 3) generates intelligent and context rich alarms, on the base of the # detected and stored info # 4) makes all the history pertaining the collected data always available for # post-debug and forensic # # You will have a user password to access the data regarding you systems, # and will be able to define specific alarms to be sent to you by mail, after # one month the only thing we will ask you is to fill a short survey about the # service with your opinion and your advices. # # If you are interest in having a better control on what happens to your NETs # and ASes, just reply me back confirming that you are interested in having # the following AS and NET's : 24051 # 203.119.20.0/24 # # Checked by BGPsentinel # # Looking forward to hear from you! # # Antony Gullusci # Email [EMAIL PROTECTED] # # BGPsentinel Web http://www.comvalid.com/?pag=bs # __ # Comvalid USA # 35 Corporate Drive # Burlington, Massachusetts 01803 # Tel +1 (781) 583-7565 # http://www.comvalid.com #
Re: who's receiving comvalid/bgpsentinel spam? (Re: BGP )
your not the only one... --bill On Thu, Dec 15, 2005 at 02:04:16PM +, [EMAIL PROTECTED] wrote: is anybody else receiving this spam when they advertise a new AS nowadays? (i'm trying to figure out which whois information is being policy-violated and who to complain about, but if i'm the only one receiving it, i may JHD.) re: # From: Antony Gullusci [EMAIL PROTECTED] # To: [EMAIL PROTECTED] # Subject: BGP # Date: Thu, 15 Dec 2005 14:09:19 +0100 # X-Mailer: Microsoft Outlook Express 6.00.2900.2180 #
Re: who's receiving comvalid/bgpsentinel spam? (Re: BGP )
# your not the only one... do you think it's worth complaining, or is this another hey, you put your contact information out there, we're just using it, and the mail isn't spam, it's absolutely on-topic? spammer?
Re: who's receiving comvalid/bgpsentinel spam? (Re: BGP )
On Thu, 15 Dec 2005 [EMAIL PROTECTED] wrote: is anybody else receiving this spam when they advertise a new AS nowadays? (i'm trying to figure out which whois information is being policy-violated and who to complain about, but if i'm the only one receiving it, i may JHD.) They are likely violating policy of their ISP in regarding to sending unsolicitied advertisement (if that is what it is), look at which mail server was used to send this email and complain. What they appear to have done is look at who is announcing what ip block and in that case it is 203.119.20.0/24. BGP table is free for use for whatever needs, so no violation there. But they do appear to have looked in apnic whois to find contact person afterwards. APNIC whois has what they call copyright terms at http://www.apnic.net/db/dbcopyright.html which says: ...Any use of this material to target advertising or similar activities are explicitly forbidden and will be prosecuted. APNIC requests to be notified of any such activities or suspicions thereof. As far as I know the address for complaints like this at APNIC is [EMAIL PROTECTED] Unfortunetly if they sent the same adveritsement to somebody who has ip block in ARIN whois, they would not be violating any policy because ARIN does not have terms of use for their WHOIS despite me trying to introduce it several years back... -- William Leibzon Elan Networks [EMAIL PROTECTED]
Re: NAT Configuration for Dual WAN Router
[ This is not a plug for a vendor, just operational experience ] On Thu, 2005-12-15 at 10:49:51 +0100, Peter Dambier proclaimed... I dont see how the router can NAT to more than one ip-address. So you need one NAT-router per DSL-line. I have some experience with the Xincom Twin WAN router. Basically, all it does is NAT RFC1918 address space (by default) and load balance stateless TCP traffic (ie. web traffic) over two outbound links. Established TCP sessions will not fail over, unfortunately, but the device is fairly reliable and does NAT-T fairly easy. Sure, there's cheaper ways to do this solution without paying for a blackbox, but there's no moving parts in the device and thus is good for small offices that have no clue built-in. - Eric
RE: NAT Configuration for Dual WAN Router
-Original Message- From: [EMAIL PROTECTED] I've been trying over and over to figure this one out, but I'm just hitting the end of my wits. We have a remote office that can only get 768Kbps DSL, which they've not totally maxed out. So management's solution now is to buy a second DSL line, but they won't let me buy a dual WAN router (in case they add a 3rd DSL line). Have you looked OpenBSD with pf? You can create rules that map outbound session to a different DSL router, interface, and/or gateway based on any number of rules. The man page pf.conf[1] and more precisely the ROUTING and POOL OPTIONS section will allow you to create very dynamic rules to define how to handle all outbound routing load sharing. NATing also comes along for the ride. A basic example is in their FAQ[2]. This type of setup is not the most common so a straight up HOWTO is most likely not going to be found. Sorry I am not able to give a more direct and Linux based answer. [1]: http://tinyurl.com/74yyx [2]: http://www.openbsd.org/faq/pf/pools.html -Jeremy This e-mail message is intended only for the named recipient(s) above. It may contain confidential information. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution or copying of this e-mail and any attachment(s) is strictly prohibited. D.B. Zwirn Co., L.P. reserves the right to archive and monitor all e-mail communications through its networks. If you have received this e-mail in error, please immediately notify the sender by replying to this e-mail and delete the message and any attachment(s) from your system. Thank you.
IPv6 transition to cost U.S. Government $75B
http://www.internetnews.com/infra/article.php/3570211 --Steven M. Bellovin, http://www.cs.columbia.edu/~smb
Re: NAT Configuration for Dual WAN Router
On Dec 15, 2005, at 06:54, Rossi, Jeremy wrote: Have you looked OpenBSD with pf? You can create rules that map outbound session to a different DSL router, interface, and/or gateway based on any number of rules. The man page pf.conf[1] and more precisely the FreeBSD with IPF \ IPNAT [1] or PF as well. You have a number of options but consider the long-term. I guess you've already bought the second DSL line ? The cost of the lines ( and routers ) combined might not be far away from another type of carrier that may work with your future requirements. Look into bonding T1's. If you don't already, it might help to start analyzing your traffic characteristics. -Jason [1] http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls- ipf.html
Re: IPv6 transition to cost U.S. Government $75B
http://www.internetnews.com/infra/article.php/3570211 Quote: There is an unreleased report by the Dept. of Commerce estimating it will take $25-$75 billion to pay for the transition $50 billion is a heck of a variance in estimates! I suppose they could have said that it will cost $50 billion, give or take $25 billion, and then the variance wouldn't seem to be so big... --Michael Dillon :-)
Re: IPv6 transition to cost U.S. Government $75B
Remember Senator Bentsen: A billion here, a billion there...and soon you're talking REAL money!On 12/15/05, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: http://www.internetnews.com/infra/article.php/3570211Quote: There is an unreleased report by the Dept. of Commerce estimating it will take $25-$75 billion to pay for the transition$50 billion is a heck of a variance in estimates!I suppose they could have said that it will cost$50 billion, give or take $25 billion, and then thevariance wouldn't seem to be so big... --Michael Dillon:-)
RE: who's receiving comvalid/bgpsentinel spam? (Re: BGP )
# your not the only one... do you think it's worth complaining, or is this another hey, you put your contact information out there, we're just using it, and the mail isn't spam, it's absolutely on-topic? spammer? In my experiencce, these are being originated from here i.e. that poster is a subscriber here and he is harvesting from here. I'll be shopping at the Burlington Mall late this afternoon. Their office is directly next door, on the way to Starbucks. I'll pop over and see if they have a valid podstal address (fraudulent domain complaint) and perhaps I will pop in and ask who is in charge of The Annoying Spam Department and request removal in person. -M
Re: IPv6 transition to cost U.S. Government $75B
On Thu, Dec 15, 2005 at 09:32:05AM -0500, Steven M. Bellovin wrote: http://www.internetnews.com/infra/article.php/3570211 Well, vendors like Juniper were quick to add extra charges for IPv6 to get more out of this budget. :-) or better :-( Vendors know that .gov HAS to buy the IPv6 license, they have no option when purchasing anymore (if I understood that correctly). Best regards, Daniel -- CLUE-RIPE -- Jabber: [EMAIL PROTECTED] -- [EMAIL PROTECTED] -- PGP: 0xA85C8AA0
RE: Two Tiered Internet
[ SNIP ] This is not directed at Sean, but please -- as a fomer Cisco engineering flunky, I can distinguish between marketing fluff (even when disguised as a 'case study') and real figures, and the truth is, there are no figures, because there is dismal adoption of the services. Go figure. Whatever. Sean recently joined Cisco marketing hence the quoting of vendor cruft as policy. It would be nice to fess up to that with an @cisco or at least an I work for Cisco Marketing disclaimer. -M
Re: Two Tiered Internet
The whole QoS/2 tier Internet thing I find deeply, deeply suspicious...here in the mobile space, everyone is getting obsessed by IMS (IP Multimedia Subsystem) and explaining to each other that they need it so they can offer Better QoS, like the subscribers want. What they really mean, I suspect, is killing third party applications that compete with their own. IMS=I Mash Skype. And, I suspect, QoS for SBC customer broadband will mean the speed we advertise so long as you are paying us for VoIP/video/whatever, shite if you aren't. On 12/15/05, Hannigan, Martin [EMAIL PROTECTED] wrote: [ SNIP ] This is not directed at Sean, but please -- as a fomer Cisco engineering flunky, I can distinguish between marketing fluff (even when disguised as a 'case study') and real figures, and the truth is, there are no figures, because there is dismal adoption of the services. Go figure. Whatever.Sean recently joined Cisco marketing hence the quoting ofvendor cruft as policy. It would be nice to fess up to that with an @cisco or at least an I work for Cisco Marketingdisclaimer.-M
Re: Two Tiered Internet
Bingo. What they are really saying is: We're _telling_ you that you need it because we need new ways to generate additional revenue. ;-) Cheers, - ferg -- Alexander Harrowell [EMAIL PROTECTED] wrote: The whole QoS/2 tier Internet thing I find deeply, deeply suspicious...here in the mobile space, everyone is getting obsessed by IMS (IP Multimedia Subsystem) and explaining to each other that they need it so they can offer Better QoS, like the subscribers want. What they really mean, I suspect, is killing third party applications that compete with their own. IMS=I Mash Skype. And, I suspect, QoS for SBC customer broadband will mean the speed we advertise so long as you are paying us for VoIP/video/whatever, shite if you aren't. [snip] -- Fergie, a.k.a. Paul Ferguson Engineering Architecture for the Internet [EMAIL PROTECTED] or [EMAIL PROTECTED] ferg's tech blog: http://fergdawg.blogspot.com/
Re: Two Tiered Internet
And not by offering you anything you might want to buy, either, but by setting up wanky little tollbooths.On 12/15/05, Fergie [EMAIL PROTECTED] wrote:Bingo.What they are really saying is: We're _telling_ you that you need it because we need newways to generate additional revenue.;-)Cheers,- ferg-- Alexander Harrowell [EMAIL PROTECTED] wrote:The whole QoS/2 tier Internet thing I find deeply, deeplysuspicious...here in the mobile space, everyone is gettingobsessed by IMS (IP Multimedia Subsystem) and explaining to each other that they need it so they can offer Better QoS,like the subscribers want. What they really mean, I suspect,is killing third party applications that compete with theirown. IMS=I Mash Skype. And, I suspect, QoS for SBC customer broadband will mean the speed we advertise solong as you are paying us for VoIP/video/whatever, shiteif you aren't.[snip]--Fergie, a.k.a. Paul Ferguson Engineering Architecture for the Internet [EMAIL PROTECTED] or [EMAIL PROTECTED] ferg's tech blog: http://fergdawg.blogspot.com/
BTW, have I mentioned my perfect storm hypothesis?
Long story short (excerpt from an email I sent to Tony Bates and Larry Lang): --- In our discussion yesterday on the Service Exchange Architecture (SEA) list, I mentioned a kind of a Telecommunications Perfect Storm (TPS) that we should at least be considering as a hedge against our current strategy. Recall that my perfect storm scenario was something like: (i).Someone, say google (or ebay/skype), learns how to run a profitable, low margin packet carriage business. Remember that the hypothesis is that packet carriage will always be a low margin business as a direct consequence of the end-to-end principle. Add to this the fiber (some say bandwidth) glut, and you can see scenarios under which there is a non-zero (or even significant) probability of this outcome. (ii). The access monopolies are somehow broken (say, by a technology like WiMAX), and finally, (iii). You get a set of peer-to-peer (p2p) applications that attack the incumbent revenue stream (starting with voice, but including presence, IM, video, ..). How many of these are in place today? Well, clearly google is building out, so there is potential for (i). to occur any day now. Likewise (ii) (linksys gear with 4 tunable radios, North-South WiMAX, east west 802.11bag, and you're there). Finally, (iii). has an existence proof that has all but wiped out the recording industry, plus gtalk, skype, vonage, ... So is the telco industry far behind? --- As you might imagine, in a complexity rich environment you find at most vendors these days, its a hard sell (hence the hedge mumbo-jumbo). All that being said, I have had a bit of success pushing the simplicity agenda. But its an uphill battle (again, as you might imagine). Dave On Thu, Dec 15, 2005 at 05:30:08PM +, Alexander Harrowell wrote: And not by offering you anything you might want to buy, either, but by setting up wanky little tollbooths. On 12/15/05, Fergie [EMAIL PROTECTED] wrote: Bingo. What they are really saying is: We're _telling_ you that you need it because we need new ways to generate additional revenue. ;-) Cheers, - ferg -- Alexander Harrowell [EMAIL PROTECTED] wrote: The whole QoS/2 tier Internet thing I find deeply, deeply suspicious...here in the mobile space, everyone is getting obsessed by IMS (IP Multimedia Subsystem) and explaining to each other that they need it so they can offer Better QoS, like the subscribers want. What they really mean, I suspect, is killing third party applications that compete with their own. IMS=I Mash Skype. And, I suspect, QoS for SBC customer broadband will mean the speed we advertise so long as you are paying us for VoIP/video/whatever, shite if you aren't. [snip] -- Fergie, a.k.a. Paul Ferguson Engineering Architecture for the Internet [EMAIL PROTECTED] or [EMAIL PROTECTED] ferg's tech blog: http://fergdawg.blogspot.com/ pgpJ5goeqt7U8.pgp Description: PGP signature
Re: BTW, have I mentioned my perfect storm hypothesis?
[...] How many of these are in place today? Well, clearly google is building out, so there is potential for (i). to occur any day now. Likewise (ii) (linksys gear with 4 tunable radios, North-South WiMAX, east west 802.11bag, and you're there). Finally, (iii). has an existence proof that has all but wiped out the recording industry, plus gtalk, skype, vonage, ... So is the telco industry far behind? A few folks have mentioned that wiped out might be too strong (which I agree with), and I had changed that to restructuring, but some how that didn't get into the note I sent. So to those who send those corrections on wiped out, thanks, and I'll update with your suggestions. Dave pgplk5hTrtAwQ.pgp Description: PGP signature
Re: [ppml] Fw: : - Re: Proposed Policy: 4-Byte AS Number Policy Proposal
On Wed, 14 Dec 2005, Robert Bonomi wrote: That's an example of the lack of plain English in the proposal. Why don't we just talk about AS numbers greater than 65535 or AS numbers less than 65536? Because there is more to it than just that. :) No, there isn't. AS numbers are integers. It just so happens that there are now two representations of said integers with different domain bounds. Any other interpretation simply adds too much confusion. After all, 2 byte AS2 vs. 4 byte AS2 implies *more than* 4 bytes -- because you have to use metadata beyond the 4 bytes to represent which type of AS you have. -- -- Todd Vierling [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
Re: Two Tiered Internet
[ SNIP ] This is not directed at Sean, but please -- as a fomer Cisco engineering flunky, I can distinguish between marketing fluff (even when disguised as a 'case study') and real figures, and the truth is, there are no figures, because there is dismal adoption of the services. Go figure. Whatever. Sean recently joined Cisco marketing hence the quoting of vendor cruft as policy. It would be nice to fess up to that with an @cisco or at least an I work for Cisco Marketing disclaimer. Just because Sean works at Cisco doesn't mean we can't like him though! grin. I still like you Sean. Even if you work for a hardware vendor. Defecting to the hardware vendor side certainly doesn't give you cooties. Well, at least not permanent cooties. Regards, Blaine
Re: NAT Configuration for Dual WAN Router
On Thu, Dec 15, 2005 at 08:33:55AM -0600, eric wrote: [ This is not a plug for a vendor, just operational experience ] On Thu, 2005-12-15 at 10:49:51 +0100, Peter Dambier proclaimed... I dont see how the router can NAT to more than one ip-address. So you need one NAT-router per DSL-line. I have some experience with the Xincom Twin WAN router. Basically, all it does is NAT RFC1918 address space (by default) and load balance stateless TCP traffic (ie. web traffic) over two outbound links. Established TCP sessions will not fail over, unfortunately, but the device is fairly reliable and does NAT-T fairly easy. Interesting in that I was talking with a customer about something similar to that today. How can you do nat and failover but keep the existing TCP sessions alive. Given the two upstreams were doing uRPF we couldn't come up with a solution. Rodney Sure, there's cheaper ways to do this solution without paying for a blackbox, but there's no moving parts in the device and thus is good for small offices that have no clue built-in. - Eric
monitoring Huawei routers with Cacti.
Fellow Nanogers, In one of our WAN circuits we have a Huawei Quidway router. Has anyone developed a Cacti template for monitoring that kind of device? Configuring it to be seen as a Cisco router doesn't work. Abraços, Marlon Borba, CISSP. -- Se você acha que a criptografia pode resolver todos os seus problemas de segurança, então você não conhece os seus problemas e nem a criptografia. (Bruce Schneier) --
RE: monitoring Huawei routers with Cacti.
Fellow Nanogers, In one of our WAN circuits we have a Huawei Quidway router. Has anyone developed a Cacti template for monitoring that kind of device? Configuring it to be seen as a Cisco router doesn't work. Abraços, Marlon Borba, CISSP. http://forums.cacti.net/about9702.htmlhighlight=huawei You could also drop a number off the snmp OID string and see what is being returned for values you can poll. At least you should be able to. -M
RE: The Qos PipeDream [Was: RE: Two Tiered Internet]
Randy- I don't think your bank analogy is very strong, but never mind that. I agree with what you're saying in principle, that if a user/customer buys bit delivery at a fixed rate then we should deliver it. But as ISPs we don't sell this. As a network operator, I do sell various kinds of point-to-point connections with fixed/guaranteed rates. But when I sell Internet, or L3VPN, etc., I'm selling end-to-end packet-switched full-mesh connectivity. In this service, not all endpoints are equal and traffic patterns are not fixed. I.e., the service is flexible. QoS is about giving the customer control over what/how traffic gets treated/dropped. It's not false advertising. That said, if QoS controls are used to enforce the provider's preferences and not the customers' then I might agree with the false advertising label. If the result is to have anti-competitive effects then I might have some harsher labels for it, too. Cheers, -Benson -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Randy Bush Sent: Wednesday, 14 December, 2005 22:32 To: Hannigan, Martin Cc: Fergie; nanog@merit.edu Subject: RE: The Qos PipeDream [Was: RE: Two Tiered Internet] Can we build, pay for, and sustain an Internet that never has congestion or is never busy. s/never/when there are not multiple serious cuts/ would we build a bank where only some of the customers can get their money back? we're selling delivery of packets at some bandwidth. we should deliver it. otherwise, it's called false advertising. randy
RE: The Qos PipeDream [Was: RE: Two Tiered Internet]
Randy- I don't think your bank analogy is very strong, but never mind that. I agree with what you're saying in principle, that if a user/customer buys bit delivery at a fixed rate then we should deliver it. But isn't that the point. You can't guarantee delivery, just as you can't guarantee you won't get a busy signal when you make a call. -M
Re: who's receiving comvalid/bgpsentinel spam? (Re: BGP )
- Original Message Follows - From: [EMAIL PROTECTED] To: nanog@merit.edu Subject: who's receiving comvalid/bgpsentinel spam? (Re: BGP ) Date: Thu, 15 Dec 2005 14:04:16 + is anybody else receiving this spam when they advertise a new AS nowadays? (i'm trying to figure out which whois information is being policy-violated and who to complain about, but if i'm the only one receiving it, i may JHD.) I got one also. AS36149 scott re: # From: Antony Gullusci [EMAIL PROTECTED] # To: [EMAIL PROTECTED] # Subject: BGP # Date: Thu, 15 Dec 2005 14:09:19 +0100 # X-Mailer: Microsoft Outlook Express 6.00.2900.2180 # # Hi! I am Antony Gullusci from Comvalid, and I'd like to give you some # additional information on Comvalid and what we can do for you, regarding # BGP. # # In the past 10 years, our mother company Inrete has made a good name # managing Autonomous System and BGP routers. # # Now Comvalid offers to the broader market the precious internal tools that # Inrete developed in order to manage the Autonomous System of its clients. # # Since you manage a newly announced AS, we propose you free of charge, the # use of our BGPsentinel service for one month. # BGPsentinel operates in the following way: # # 1) constantly sniffs in different points the BGP traffic between BGP router # receiving the full Internet mesh # 2) extracts and stores all the data regarding the AS numbers and NETs of # interest, and stores such data in a database # 3) generates intelligent and context rich alarms, on the base of the # detected and stored info # 4) makes all the history pertaining the collected data always available for # post-debug and forensic # # You will have a user password to access the data regarding you systems, # and will be able to define specific alarms to be sent to you by mail, after # one month the only thing we will ask you is to fill a short survey about the # service with your opinion and your advices. # # If you are interest in having a better control on what happens to your NETs # and ASes, just reply me back confirming that you are interested in having # the following AS and NET's : 24051 # 203.119.20.0/24 # # Checked by BGPsentinel # # Looking forward to hear from you! # # Antony Gullusci # Email [EMAIL PROTECTED] # # BGPsentinel Web http://www.comvalid.com/?pag=bs # __ # Comvalid USA # 35 Corporate Drive # Burlington, Massachusetts 01803 # Tel +1 (781) 583-7565 # http://www.comvalid.com #
RE: NAT Configuration for Dual WAN Router
Joe - Linux can do this, check out: http://www.lartc.org/ More specifically: http://www.lartc.org/howto/lartc.rpdb.multiple-links.html and http://www.ssi.bg/~ja/#routes I am working on a redhat project that requires QoS over multiple VLAN's. I was reading up on tc and imq devices when I came across this information. Haven't tried this config, but it look like it should do what you want. McLean -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Joe Johnson Sent: Wednesday, December 14, 2005 8:44 PM To: nanog@merit.edu Subject: NAT Configuration for Dual WAN Router I've been trying over and over to figure this one out, but I'm just hitting the end of my wits. We have a remote office that can only get 768Kbps DSL, which they've not totally maxed out. So management's solution now is to buy a second DSL line, but they won't let me buy a dual WAN router (in case they add a 3rd DSL line). I've found some great articles on how to get the interfaces working with 2 default gateways (I used this: http://www.linuxquestions.org/linux/answers/Networking/Spanning_Multiple _DSL s) and that is all running fine. It alternates every few minutes which WAN port is used when I traceroute yahoo.com (which is fine) and everything is connecting fine from the router. However, I can't figure out how to get NAT running on the server for the 2 WAN ports for clients inside the LAN. I can NAT to 1 DSL, but that is useless. What I am looking for is a tutorial in how to do this or a pointer to someone who can help. Anyone know of a resource for this? Joe Johnson [EMAIL PROTECTED]
RE: The Qos PipeDream [Was: RE: Two Tiered Internet]
If the core is well run (not normally over-utilized) and the endpoints have adequate capacity, then you *can* guarantee the call. (where guarantee represents a quality *approaching* 100%, as defined in SLAs...) I assume we're not talking about poorly-run cores here. So what I think you're getting at is, when you don't control both endpoints (i.e., to ensure they have adequate capacity) then you can't make end-to-end guarantees. This is clearly true, in telephone networks as well as packet networks. But it doesn't lessen the value of QoS mechanisms. To reluctantly further the telephone analogy: If all 23 bearers on my PRI are busy I still might want to allow certain sources to complete calls to me, even if that means dropping an existing call. This is a local function that I can guarantee, which benefits end to end communication even if it doesn't guarantee it. And if I coordinate this local function at both endpoints then I'm back to my first statement, that you can guarantee end to end. Are you suggesting that QoS has no value unless it can do more than this? Or am I misunderstanding you? A more interesting question is how to make end-to-end guarantees between endpoints that are on different cores, assuming the endpoints themselves are under a common control. If the provider overrides customer QoS preferences, is this possible? Cheers, -Benson -Original Message- From: Hannigan, Martin [mailto:[EMAIL PROTECTED] Sent: Thursday, 15 December, 2005 16:00 To: Schliesser, Benson; Randy Bush Cc: nanog@merit.edu Subject: RE: The Qos PipeDream [Was: RE: Two Tiered Internet] Randy- I don't think your bank analogy is very strong, but never mind that. I agree with what you're saying in principle, that if a user/customer buys bit delivery at a fixed rate then we should deliver it. But isn't that the point. You can't guarantee delivery, just as you can't guarantee you won't get a busy signal when you make a call. -M
Re: The Qos PipeDream [Was: RE: Two Tiered Internet]
On 12/15/05, Hannigan, Martin [EMAIL PROTECTED] wrote: But isn't that the point. You can't guarantee delivery, just as you can't guarantee you won't get a busy signal when you make a call. Absolutely. But if the carrier tunes their network so you will never get a busy signal when calling into 900 numbers from which they receive a kickback (hosted on their network or just preferred partners), at the cost of a greater likelihood of busy signals for calls which are not as profitable for them, this is enforcing the provider's preferences and not the customers. When carriers start to tune their network so not only do VOIP connections to their own servers get a higher QoS, but also in a manner which tends to *induce* jitter and other 'Q'uality degradation for Skype and Vonage, then it's time for them to lose common carrier protection. Kevin Kadow -- Disclaimer: I no longer am a contractor for SBC, nor any _for-profit_ ISP.
RE: The Qos PipeDream [Was: RE: Two Tiered Internet]
Hi Benson, Okay -- forget about banks, forget about other comparative analogies -- let's talk about the Internet. I think Bill Manning hit on it a couple of days ago; Bill said something about the Internet being about best effort and QoS should be (various) levels of 'better-than-best effort' -- and anything less that best effort is _not_ the Internet. I completely agree with this, and I would also add that anything less than best effort is not a QoS frob, it is penalization, no matter what you want to call, and is a Bad Thing (tm). I really don't want to get into a debate on service-level semantics (e.g. WRED, etc.) but I think most reasonable people can understand what I'm trying to illustrate. This thread has gone one far enough as it stands. :-) I think that the knobs are already 'out there' for service providers, etc. to create real 'services', but to create arbitrary services just to protect one's walled garden, and/or to generate revenue (while also penalizing some customers) is something that the market will have to sort out. It always does. Vote with your dollar$. Cheers, - ferg ps. Having looked at QoS issues from the inside-out, outside-in, and various other persepctives, I do know a thing or two about it. :-) -- Schliesser, Benson [EMAIL PROTECTED] wrote: Randy- I don't think your bank analogy is very strong, but never mind that. I agree with what you're saying in principle, that if a user/customer buys bit delivery at a fixed rate then we should deliver it. But as ISPs we don't sell this. As a network operator, I do sell various kinds of point-to-point connections with fixed/guaranteed rates. But when I sell Internet, or L3VPN, etc., I'm selling end-to-end packet-switched full-mesh connectivity. In this service, not all endpoints are equal and traffic patterns are not fixed. I.e., the service is flexible. QoS is about giving the customer control over what/how traffic gets treated/dropped. It's not false advertising. That said, if QoS controls are used to enforce the provider's preferences and not the customers' then I might agree with the false advertising label. If the result is to have anti-competitive effects then I might have some harsher labels for it, too. Cheers, -Benson [snip] -- Fergie, a.k.a. Paul Ferguson Engineering Architecture for the Internet [EMAIL PROTECTED] or [EMAIL PROTECTED] ferg's tech blog: http://fergdawg.blogspot.com/
RE: The Qos PipeDream [Was: RE: Two Tiered Internet]
On Thu, 15 Dec 2005, Fergie wrote: I think Bill Manning hit on it a couple of days ago; Bill said something about the Internet being about best effort and QoS should be (various) levels of 'better-than-best effort' -- and anything less that best effort is _not_ the Internet. ATT, Global Crossing, Level3, MCI, Savvis, Sprint, etc have sold QOS services for years. Level3 says 20% of the traffic over its backbone is better than Best-Effort. Ok, maybe they aren't the Internet. Internet2 gave up on premium QOS and deployed less-than Best Effort scavenger class. Ok, may they aren't the Internet either. I think that the knobs are already 'out there' for service providers, etc. to create real 'services', but to create arbitrary services just to protect one's walled garden, and/or to generate revenue (while also penalizing some customers) is something that the market will have to sort out. It always does. Vote with your dollar$. Ah, good to see that you agree with Bill Smith from BellSouth. William Smith, chief technology officer at BellSouth, argues that competitive forces, rather than regulation, are all that's needed to prevent the totalitarian online environment that the web camp fears. We have no intention whatsoever of saying 'You can't go here, you can't go there, you can't go somewhere else', Smith said. We have a very competitive situation with cable. If we start trying to restrict where our customers can go on the internet, we would see our DSL customers defect to cable in droves. But, he added, If I go to the airport, I can buy a coach standby ticket or I can buy a first class ticket from Delta. I've made a choice as to which experience I want. But also realize all companies are acting in their own self-interest, even the companies that have hire lobbyists claiming to be saving the Internet. The enemy of your enemy isn't always your friend. I agree QOS as defined by marketeers isn't very useful. But that is a strawman argument. Of course, I understand you think its just politics. On the other hand, those same QOS tools are very useful to the network engineer for managing all sorts of network problems such as DOS attacks and disaster recovery as well as more efficiently using all the available network paths. I have no idea how all this will turn out or if there are some dark smoke-filled rooms somewhere I don't know about where the henchmen are plotting. But I would really hate to see the network engineer's hands tied by a law preventing them from managing the network because of some people spreading a lot of FUD. The news articles are filled with lots of speculation about what could happen, but very few facts.
Re: The Qos PipeDream [Was: RE: Two Tiered Internet]
On Thu, 15 Dec 2005 19:15:49 -0500 (EST) Sean Donelan [EMAIL PROTECTED] wrote: ATT, Global Crossing, Level3, MCI, Savvis, Sprint, etc have sold QOS services for years. Level3 says 20% of the traffic over its What do they mean by QoS? Is it IntServ, DiffServ, PVCs, the law of averages or something else? I've had to deploy it on a campus network and in doing so it seems like I've tread into territory where few if any big networks are to be found. Nortel apparently removed DiffServ capability for their ISP customers from one of their VoIP product offerings specifically because the customers didn't want it. My impression is that DiffServ is not used by those types of networks you mentioned, but I'd be interested to hear that I'm mistaken. backbone is better than Best-Effort. Ok, maybe they aren't the Internet. Internet2 gave up on premium QOS and deployed less-than Best Effort scavenger class. Ok, may they aren't the Internet either. Scavenger is not currently enabled on Abielene. In fact, no QoS mechanisms are. On the other hand, those same QOS tools are very useful to the network engineer for managing all sorts of network problems such as DOS attacks and disaster recovery as well as more efficiently using all the available network paths. In my experience that is easier said than done. However, you remind me of what I think is what most who say they want QoS are really after. DoS protection. By focusing on DoS mitigation instead of trying to provide service differentiation, things begin to make more sense and actually become much more practical and deployable. John
Re: The Qos PipeDream [Was: RE: Two Tiered Internet]
On Thu, 15 Dec 2005, John Kristoff wrote: On Thu, 15 Dec 2005 19:15:49 -0500 (EST) Sean Donelan [EMAIL PROTECTED] wrote: ATT, Global Crossing, Level3, MCI, Savvis, Sprint, etc have sold QOS services for years. Level3 says 20% of the traffic over its What do they mean by QoS? Is it IntServ, DiffServ, PVCs, the law of I think also mostly this applies to private network things as well... which mostly ends up being: backups get 20% of the pipe and oracle-forms gets 70% (or some variation on that mix... what with 8 queues or whatever on the private network you can just go to town :) ) Speaking to MCI's offering on the public network it's (not sold much) just qos on the end link to the customer... It's supposed to help VOIP or other jitter prone things behave 'better'. I'm not sure that we do much in the way of qos towards the customer aside from respecting the bits on the packets that arrive (no remarking as I recall). So, what does this get you aside from 'feeling better' ? averages or something else? I've had to deploy it on a campus network and in doing so it seems like I've tread into territory where few if any big networks are to be found. Nortel apparently removed DiffServ most large networks (as was said a few times I think) don't really need it in their cores. I think I've seen a nice presentation regarding the queuing delay induced on 'large pipe' networks, basically showing that qos is pointless if your links are +ds3 and not 100% full. Someone might have a pointer handy for that? capability for their ISP customers from one of their VoIP product offerings specifically because the customers didn't want it. My impression is that DiffServ is not used by those types of networks you mentioned, but I'd be interested to hear that I'm mistaken. diffserv is the devil... and I think the voip product(s) in question aren't meant to be used in places where bandwidth is the constraint :) when you back that rack-sized (not kidding) PVG15000 up to your multi-oc-12 connection area you aren't really worried about bandwidth constraints. You may, however, want to heed the documentation provided which says to never, ever, ever connect the equipment to the public network... or not. On the other hand, those same QOS tools are very useful to the network engineer for managing all sorts of network problems such as DOS attacks and disaster recovery as well as more efficiently using all the available network paths. WRED comes to mind for this... sure. stop the sawtooth, make it smooth baby! In my experience that is easier said than done. However, you remind me of what I think is what most who say they want QoS are really after. DoS protection. By focusing on DoS mitigation instead of trying to provide service differentiation, things begin to make more sense and actually become much more practical and deployable. how does qos help with a dos attack? I've struggled with this several times internally, unless you remark everyone (in which case you'll be remarking good and bad and not getting any benefit) I'm not sure it does help... I'd be happy to be shown the error of my ways/thoughts though. Oh, and don't say: Well we qos icmp down to stop the icmp flood damage, silly! of course you do, and your attacker says: Gee icmp isn't working, what about UDP? What about TCP? What about I make my bots make full tcp/80 connections? Oh.. doh! no qos helps that eh? :( I could be wrong though.
Re: The Qos PipeDream [Was: RE: Two Tiered Internet]
On Fri, 16 Dec 2005 03:29:29 + (GMT) Christopher L. Morrow [EMAIL PROTECTED] wrote: In my experience that is easier said than done. However, you remind me of what I think is what most who say they want QoS are really after. DoS protection. By focusing on DoS mitigation instead of trying to provide service differentiation, things begin to make more sense and actually become much more practical and deployable. how does qos help with a dos attack? My point is that it's not QoS, it's DoS mitigation. Whatever that means to you, that is the solution I think most people may ultimately be looking for when they say they want QoS. John
Re: The Qos PipeDream [Was: RE: Two Tiered Internet]
On Thu, Dec 15, 2005 at 07:34:56PM -0800, David Meyer wrote: On Fri, Dec 16, 2005 at 03:29:29AM +, Christopher L. Morrow wrote: On Thu, 15 Dec 2005, John Kristoff wrote: On Thu, 15 Dec 2005 19:15:49 -0500 (EST) Sean Donelan [EMAIL PROTECTED] wrote: ATT, Global Crossing, Level3, MCI, Savvis, Sprint, etc have sold QOS services for years. Level3 says 20% of the traffic over its What do they mean by QoS? Is it IntServ, DiffServ, PVCs, the law of I think also mostly this applies to private network things as well... which mostly ends up being: backups get 20% of the pipe and oracle-forms gets 70% (or some variation on that mix... what with 8 queues or whatever on the private network you can just go to town :) ) Speaking to MCI's offering on the public network it's (not sold much) just qos on the end link to the customer... It's supposed to help VOIP or other jitter prone things behave 'better'. I'm not sure that we do much in the way of qos towards the customer aside from respecting the bits on the packets that arrive (no remarking as I recall). So, what does this get you aside from 'feeling better' ? averages or something else? I've had to deploy it on a campus network and in doing so it seems like I've tread into territory where few if any big networks are to be found. Nortel apparently removed DiffServ most large networks (as was said a few times I think) don't really need it in their cores. I think I've seen a nice presentation regarding the queuing delay induced on 'large pipe' networks, basically showing that qos is pointless if your links are +ds3 and not 100% full. Someone might have a pointer handy for that? You might check slides 35-38 in http://www.1-4-5.net/~dmm/sprintlink_and_mpls.ppt Dave pgpwYFugkpI8h.pgp Description: PGP signature
Re: The Qos PipeDream [Was: RE: Two Tiered Internet]
On Thu, 15 Dec 2005, John Kristoff wrote: On Fri, 16 Dec 2005 03:29:29 + (GMT) Christopher L. Morrow [EMAIL PROTECTED] wrote: In my experience that is easier said than done. However, you remind me of what I think is what most who say they want QoS are really after. DoS protection. By focusing on DoS mitigation instead of trying to provide service differentiation, things begin to make more sense and actually become much more practical and deployable. how does qos help with a dos attack? My point is that it's not QoS, it's DoS mitigation. Whatever that means to you, that is the solution I think most people may ultimately be looking for when they say they want QoS. ah-ha! and here I thought they wanted buzzword compliance :) From what sales/customers say it seems like they have a perception that 'qos will let me use MORE of my too-small pipe' (or not spend as fast on more pipe) more than anything else.
Re: The Qos PipeDream [Was: RE: Two Tiered Internet]
Hello Dave; This won't open for me. Do you have a pdf of these slides ? Regards; Marshall On Dec 15, 2005, at 10:39 PM, David Meyer wrote: On Thu, Dec 15, 2005 at 07:34:56PM -0800, David Meyer wrote: On Fri, Dec 16, 2005 at 03:29:29AM +, Christopher L. Morrow wrote: On Thu, 15 Dec 2005, John Kristoff wrote: On Thu, 15 Dec 2005 19:15:49 -0500 (EST) Sean Donelan [EMAIL PROTECTED] wrote: ATT, Global Crossing, Level3, MCI, Savvis, Sprint, etc have sold QOS services for years. Level3 says 20% of the traffic over its What do they mean by QoS? Is it IntServ, DiffServ, PVCs, the law of I think also mostly this applies to private network things as well... which mostly ends up being: backups get 20% of the pipe and oracle-forms gets 70% (or some variation on that mix... what with 8 queues or whatever on the private network you can just go to town :) ) Speaking to MCI's offering on the public network it's (not sold much) just qos on the end link to the customer... It's supposed to help VOIP or other jitter prone things behave 'better'. I'm not sure that we do much in the way of qos towards the customer aside from respecting the bits on the packets that arrive (no remarking as I recall). So, what does this get you aside from 'feeling better' ? averages or something else? I've had to deploy it on a campus network and in doing so it seems like I've tread into territory where few if any big networks are to be found. Nortel apparently removed DiffServ most large networks (as was said a few times I think) don't really need it in their cores. I think I've seen a nice presentation regarding the queuing delay induced on 'large pipe' networks, basically showing that qos is pointless if your links are +ds3 and not 100% full. Someone might have a pointer handy for that? You might check slides 35-38 in http://www.1-4-5.net/~dmm/sprintlink_and_mpls.ppt Dave
Re: The Qos PipeDream [Was: RE: Two Tiered Internet]
ah-ha! and here I thought they wanted buzzword compliance :) From what sales/customers say it seems like they have a perception that 'qos will let me use MORE of my too-small pipe' (or not spend as fast on more pipe) more than anything else. and i wonder who is selling that need? randy
Re: The Qos PipeDream [Was: RE: Two Tiered Internet]
On Thu, 15 Dec 2005, Marshall Eubanks wrote: Hello Dave; This won't open for me. Do you have a pdf of these slides ? On Dec 15, 2005, at 10:39 PM, David Meyer wrote: On Thu, Dec 15, 2005 at 07:34:56PM -0800, David Meyer wrote: On Fri, Dec 16, 2005 at 03:29:29AM +, Christopher L. Morrow wrote: that qos is pointless if your links are +ds3 and not 100% full. Someone might have a pointer handy for that? You might check slides 35-38 in http://www.1-4-5.net/~dmm/sprintlink_and_mpls.ppt those would be them.. and dave can grab just the 3 slides in pdf from: http://www.secsup.org/files/dmm-queuing.pdf (or of course anyone else can grab them, but it's dave presentation so :) ) -Chris
Re: The Qos PipeDream [Was: RE: Two Tiered Internet]
On Fri, 16 Dec 2005, Randy Bush wrote: ah-ha! and here I thought they wanted buzzword compliance :) From what sales/customers say it seems like they have a perception that 'qos will let me use MORE of my too-small pipe' (or not spend as fast on more pipe) more than anything else. and i wonder who is selling that need? the wierd thing is you'd think the telco would just say: Well gosh, sorry we can't help you squeeze 10lbs of poo into your 5lb bag, wanna by a shiney new 10lb bag? or maybe you meant equipment vendors? :)
Re: The Qos PipeDream [Was: RE: Two Tiered Internet]
On Fri, Dec 16, 2005 at 03:52:20AM +, Christopher L. Morrow wrote: On Thu, 15 Dec 2005, Marshall Eubanks wrote: Hello Dave; This won't open for me. Do you have a pdf of these slides ? On Dec 15, 2005, at 10:39 PM, David Meyer wrote: On Thu, Dec 15, 2005 at 07:34:56PM -0800, David Meyer wrote: On Fri, Dec 16, 2005 at 03:29:29AM +, Christopher L. Morrow wrote: that qos is pointless if your links are +ds3 and not 100% full. Someone might have a pointer handy for that? You might check slides 35-38 in http://www.1-4-5.net/~dmm/sprintlink_and_mpls.ppt those would be them.. and dave can grab just the 3 slides in pdf from: http://www.secsup.org/files/dmm-queuing.pdf (or of course anyone else can grab them, but it's dave presentation so :) ) Thanks Chris. Dave pgpeiPMsDxxG6.pgp Description: PGP signature
Re: The Qos PipeDream [Was: RE: Two Tiered Internet]
ah-ha! and here I thought they wanted buzzword compliance :) From what sales/customers say it seems like they have a perception that 'qos will let me use MORE of my too-small pipe' (or not spend as fast on more pipe) more than anything else. and i wonder who is selling that need? the wierd thing is you'd think the telco would just say: Well gosh, sorry we can't help you squeeze 10lbs of poo into your 5lb bag, wanna by a shiney new 10lb bag? or maybe you meant equipment vendors? :) bingo! buy more, and more complex, hardware and you can charge more. what they forget to mention is that income will get blown in opex and capex (with the vendors getting the latter). randy
Re: The Qos PipeDream [Was: RE: Two Tiered Internet]
On Fri, 16 Dec 2005, Randy Bush wrote: ah-ha! and here I thought they wanted buzzword compliance :) From what sales/customers say it seems like they have a perception that 'qos will let me use MORE of my too-small pipe' (or not spend as fast on more pipe) more than anything else. and i wonder who is selling that need? the wierd thing is you'd think the telco would just say: Well gosh, sorry we can't help you squeeze 10lbs of poo into your 5lb bag, wanna by a shiney new 10lb bag? or maybe you meant equipment vendors? :) bingo! buy more, and more complex, hardware and you can charge more. what they forget to mention is that income will get blown in opex and capex (with the vendors getting the latter). charge more you say?? I need to talk to our marketting dept!!! :) The world of marketting and sales is so incestuously intertwined among consumers and consumee's ... it's an amazing thing.
Re: The Qos PipeDream [Was: RE: Two Tiered Internet]
On Fri, 16 Dec 2005, Christopher L. Morrow wrote: http://www.secsup.org/files/dmm-queuing.pdf oh firstgrad spelling where ahve you gone? also at: http://www.secsup.org/files/dmm-queueing.pdf incase you type not paste.
Man Charged With Stealing Costner's Laptop
This story was sent to you by: Fergie Man Charged With Stealing Costner's Laptop By Associated Press December 15, 2005, 10:49 PM EST ASPEN, Colo. -- An internationally known hairstylist is due in court Monday to face felony charges in the theft of Kevin Costner's laptop computer, which had private photos of the actor's wedding. Pascal Bensimon, 44, surrendered to sheriff's officials this week after a 14-month investigation. He was released on $5,000 bond. The computer contained photos of Costner's Sept. 25, 2004, wedding to Christine Baumgartner, which took place at his Aspen-area ranch. Bensimon, who has a salon in Aspen, had been hired to style hair for some of the wedding guests. He told the Aspen Daily News that someone put drugs into his drink at the wedding, and that he never stole Costner's $1,500 Apple Powerbook or a digital camera. Bensimon, who was born in Morocco and raised in Israel and France, worked in salons in Paris, New York and Atlanta before moving to Aspen, according to the Aspen Times. Costner, 50, is a veteran of such films as Bull Durham, Field of Dreams and Dances with Wolves. His latest movie -- Rumor Has It, co-starring Jennifer Aniston, Shirley MacLaine and Mark Ruffalo -- opens Christmas Day. Copyright (c) 2005, The Associated Press This article originally appeared at: http://www.newsday.com/entertainment/news/wire/sns-ap-people-costner,0,539750.story Visit Newsday online at http://www.newsday.com
Google to Open Research Facility in Pa.
This story was sent to you by: Fergie Google to Open Research Facility in Pa. By DANIEL LOVERING AP Business Writer December 15, 2005, 10:27 PM EST PITTSBURGH -- Google Inc., the leading online search engine company, will open a new engineering and research office in Pittsburgh next year to be headed by a Carnegie Mellon University professor, the company said Thursday. The facility will be charged with creating software search tools for Google. It is expected to create as many as 100 new high-tech jobs in the Pittsburgh area over the next few years, said Craig Nevill-Manning, director of Google's New York engineering office. The office will be headed by Andrew Moore, a Carnegie Mellon professor of computer science and robotics who currently runs a research laboratory of 30 students, programmers and faculty members. Moore, 40, is an expert in data mining and artificial intelligence. Andrew Moore has built his career on the twin challenges of developing techniques to extract patterns from large data sets and applying these machine learning methods to real-life problems, said Randal Bryant, the dean of Carnegie Mellon's computer science school. The office will be one of several Google has opened near universities. The company recently joined Microsoft Corp. and Sun Microsystems Inc. in backing a $7.5 million Internet research laboratory at the University of California, Berkeley. It also has facilities in New York, Phoenix, Santa Monica, Calif., and Mountain View, Calif., where the company is based. Google has overseas offices in Japan, Switzerland and India. * __ On the Net: Google: http://www.google.com Carnegie Mellon University: http://www.cmu.edu Copyright (c) 2005, The Associated Press This article originally appeared at: http://www.newsday.com/technology/wire/sns-ap-google-carnegie-mellon,0,328151.story Visit Newsday online at http://www.newsday.com
Re: [ppml] Fw: : - Re: Proposed Policy: 4-Byte AS Number Policy Proposal
Actually, for actual implementation, there are subtle differences between AS 0x0002 ans AS 0x0002. True, they are the same AS in 16 and 32 bit representation, and, for allocation policy, they are the same, but, in actual router guts, there are limited circumstances where you might actually care which one you are talking about. Owen --On December 15, 2005 1:45:20 PM -0500 Todd Vierling [EMAIL PROTECTED] wrote: On Wed, 14 Dec 2005, Robert Bonomi wrote: That's an example of the lack of plain English in the proposal. Why don't we just talk about AS numbers greater than 65535 or AS numbers less than 65536? Because there is more to it than just that. :) No, there isn't. AS numbers are integers. It just so happens that there are now two representations of said integers with different domain bounds. Any other interpretation simply adds too much confusion. After all, 2 byte AS2 vs. 4 byte AS2 implies *more than* 4 bytes -- because you have to use metadata beyond the 4 bytes to represent which type of AS you have. -- If this message was not signed with gpg key 0FE2AA3D, it's probably a forgery. pgprNAWP0YkJt.pgp Description: PGP signature