Re: How many others are nullrouting BT?
Yeah, I know. This is exactly why no ISPs have abuse help desks that respond, and nobody can get even the most trivial problems solved. Over generalization sucks and just proves to everyone else what an irrational individual you are. We do better. We answer *EVERY* abuse complaint. Which isn't much, because we do the job correctly. And we care about the reliability/usability of the 'Net as a whole. You do better because you are 1/1th the size of a company like BT and you handle colo only. So when the 'Net becomes partitioned by economics and politics, re-read this letter and know that "I told you so". Know that being a smart-ass wasn't worth the effort. It's already going there, and everyone whines but very few of us are doing the job in a manner appropriate to actually solving problems. *Yawn* while you are at it please null route Charter, Comcast, Cox, Verizon, Att, etc. so the list doesn't have to see you send in another email with you spouting your superiority while making nonsense generalizations. Now if you are done acting like a child you should have seen that Michael Dillon is a member of this list and could have been used as a resource to handle this problem before you sent in this nonsense to the list. I hope in the future you think before you send so you don't come across as the child stamping his feet when he doesn't get the attention he wants. -Ross
Re: Juniper M10i sufficient for BGP, or go with M20?
On Wed, May 16, 2007 at 12:16:03AM -0400, Warren Kumari wrote: > [0] -- You haven't lived until you have spent 4 hours in the middle > of the night trying to figure out why the command that you typed (and > that shows up in the config) doesn't work -- only to be told "Oh, > that doesn't exist in this train, you need to upgrade to new version that doesn't include the ability to actually forward > packets or something else equally critical>, we just reused the same > parser..." Oh, only 4 hours? We went thru this for two weeks with TAC for the exact same reason. In our case: QoS on MLPPP on ATM PVCs. You can configure that fine on 12.2S, but it's only supported in 12.2SB. After the recommended upgrade ("this version should be fine with your hardware/software/features combination"), MLPPP on ChSTM1 stopped working, yay! Not that they had "sh tech" outputs to double-check for such known bugs before recommending an upgrade, no... of course they did. First and foremost TAC job always seems to be "collect intellig^Wconfigs of our customers" as we all know. :-Z Now we're another step into upgrade-to-latest-greatest lala-land (31SB5). No obvious problems yet (except that we can't standardise on that version as PA-MC-8E1 stopped working [EOL, yay!], and we have those deployed in other boxes). Let's see wether we will encounter the mem leak problems other folks in the industry observed with 31SB*. [hardware is NPE-G1 btw] Shared Cisco trouble halves the pain. :-) > [1] -- If you haven't run into the "oh, we can either forward packets > *really* fast, or count them, but not both" answer then you haven't > been doing this long enough. To be fair, JNPR had bugs regarding that too. But they fixed them quickly. I'm not sure wether one can nowadays believe the counters on the dsc discard interface btw... > P.S: I neither work for, nor hold any stock of either of the above > companies. Dito :) Best regards, Daniel -- CLUE-RIPE -- Jabber: [EMAIL PROTECTED] -- [EMAIL PROTECTED] -- PGP: 0xA85C8AA0
Re: Directly contacting ISP's (Was: How many others are nullrouting BT?)
Will Hargrave wrote: Jo Rhett wrote: Oh, yes. Because BCPs are so very good at solving problems. I wanna go live in your happy universe. Because if BCP 38 were attended to more than 40% of my job would be irrelevant, and 12-15% of our traffic load would be reduced. ...one of the only colocation providers who does implement BCP 38. Is the alternative just to sit around, be sarcastic, and do nothing? In particular I was saying that going back to his employer and doing something about *their problem right now* would be much more useful than writing a BCP would. If someone has enthusiasm to write documents and provide advice that is available to the community this is a Good Thing; they shouldn't be And if they could instead focus on solving the real problem today... even better. BCPs would be largely unnecessary if everyone focused on their job. You can and should read "focused on their job" as also including "was allowed to focus on their job by their employer". -- Jo Rhett senior geek Silicon Valley Colocation
Re: Broadband routers and botnets - being proactive
Ross Hosman wrote: > > Gadi, > > I appreciate your well thought out email but I sit here and wonder > what exactly you are trying to accomplish with it? Are you just trying > to shame the two ISPs listed publicly or are you trying to spark a > discussion about something that many people here can't fix? > > Many businesses today are focused on driving revenue and fixing old > CPE equipment doesn't generate revenue, it only ties up money and > resources that can be used elsewhere to drive revenue. If I were you I > would try to spin this problem in a way where you can show large ISPs > by fixing CPE's it will free up network resources and staff which can > be used elsewhere. > > The people that can fix these problems are usually unaware of them so > try to educate those people. Write CEOs/CTOs/CSOs educating them and > push the security teams for these companies to escalate these issues > to their upper management (on that note I would say this type of > discussion would be better suited for a security mailing list for the > reason I stated before, many people here can't fix these problems). > > Simply stating that there is a problem and shunning ISPs with this > problem isn't a fix for the problem, it just makes them ignore you and > the problem. > > -Ross Hi Ross, Gadi is talking about DTAG.de our biggest ISP in germany and quasi a monopoly. Gadi has reached the ears of the Pirates Party, a political party that fights monopolies. The hardware is very likely a branded version from AVM. They have no updates for the branded version, but you can unbrand it. Then you have a hardware that accepts open source firmware. Kind regards Peter and Karin -- Peter and Karin Dambier Cesidian Root - Radice Cesidiana Rimbacher Strasse 16 D-69509 Moerlenbach-Bonsweiher +49(6209)795-816 (Telekom) +49(6252)750-308 (VoIP: sipgate.de) mail: [EMAIL PROTECTED] mail: [EMAIL PROTECTED] http://iason.site.voila.fr/ https://sourceforge.net/projects/iason/ http://www.cesidianroot.com/
Re: [cacti-announce] Cacti 0.8.6j Released (fwd)
ASN.1 is quite concrete, and specifys several encoding methods (I prefer BER myself) :) I'm not saying everyone would consider it pretty, but it's quite concrete ... Check out http://lionet.info/asn1c/ On 5/17/07, Travis H. <[EMAIL PROTECTED]> wrote: On Wed, May 09, 2007 at 10:25:14AM +0100, [EMAIL PROTECTED] wrote: > A MIB is the database schema for an object-oriented hierarchical > database. The key words there are schema and hierarchical. A-ha! So when they say "object" as in "OID", they are referring to stuff in the MIB database? Okay, now many things are beginning to make more sense. By itself, that word gives no clue as to what it refers to. For that matter, it'd be nice if someone defined LDAP's use of the word "attribute", too. Drift: LDAP too uses ASN.1, in fact the same OIDs used by SNMP, and in the O'Reilly book it mentions that it is possible to define different matching rules for each class. Now, do they mean that somehow, this MIB syntax can actually encode an algorithm in some kind of hideous turing-machine-gone-mad, and that I've got to worry about malicious MIBs, or does it just refer to a routine implemented elsewhere? > Schema means > that it describes how the data is organized Should read: ``Schemata describe how the data are organized'' Stigma, stigmata; schema, schemata :-) Forgive me if I digress into ASN.1 very briefly; it apparently rears its ugly head in numerous places in cryptography as well as networking, and I have struggled with it a bit. Based on what I have read, this syntax is "abstract" in the sense that it says something like "class C is composed of a DATE object, TIME object, and BLARG object", without specifying how to encode or decode any of those objects into some concrete form either for the user or to put in a packet to send to another system. The encoding and decoding is done with a "transfer syntax", and interpreting it for a human (that is, figuring out a way to represent it) is yet another unsolved problem. Sounds a lot like stone soup (or XML) to me. > That would work but it can be tricky to get the RIGHT MIBs that match > the data actually available in your device. Also, reading MIBs can be > misleading because you will see things that look great, but don't work > because they are deprecated Those of you who use this word frequently may be amused at its definition: To pray against, as an evil; to seek to avert by prayer; to seek deliverance from; to express deep regret for; to desire the removal of. [archaic] > Now you see where the SNMP alligator swamp lies. If you are building > your own network management applications, you may be happier only > putting the MIBs on the development machines, and putting the numeric > keys into your application code, or better yet, into your application's > config file. MIBs have lots of stuff that you probably don't need unless > you are allowing users to browse through and query arbitrary data. Yeah, at this point I'm just playing around and exploring, and so want the MIBs to make sense of the numbers. -- Kill dash nine, and its no more CPU time, kill dash nine, and that process is mine. -><- http://www.subspacefield.org/~travis/> For a good time on my UBE blacklist, email [EMAIL PROTECTED]
Re: Colocation facilities in Britain
[EMAIL PROTECTED] wrote: > England really needs more data centres to locate well away from London, > closer to power generation sources. Perhaps s/England/The UK/ (our Scottish, Welsh and NI countrymen run bits of the internet too ;) ). The real issue is not power. This seems like a self-perpetuating myth grown out of some whimsical excuse given for a lack of short-term expansion in the London Docklands area (a major economic development zone with significant infrastructure development underway.) As you yourself say, the UK is small, but moreover has a dense, reliable power grid. The biggest single base-load power station in the UK is only 100mi from London, but even then it's not anywhere you'd want to put a datacentre. IMO the real issue is going to be more related to the sustained economic growth in London which has driven up property prices there and in the South East of England, coupled with the same commercial growth requiring more colo space in itself. This is a situation which several colo operators seem well on the way to addressing. :-) Will
Re: Directly contacting ISP's (Was: How many others are nullrouting BT?)
Jo Rhett wrote: > Oh, yes. Because BCPs are so very good at solving problems. > I wanna go live in your happy universe. Because if BCP 38 were attended > to more than 40% of my job would be irrelevant, and 12-15% of our > traffic load would be reduced. > ...one of the only colocation providers who does implement BCP 38. Is the alternative just to sit around, be sarcastic, and do nothing? If someone has enthusiasm to write documents and provide advice that is available to the community this is a Good Thing; they shouldn't be discouraged from it. It is enormously helpful to have a document to point people at - most ignorance is just that rather than wilful malfeasance.