Re: Cogent outage details?
My Gig-E Cogent link (Tyco Rd, Vienna Virginia) seems to be fine now. There was scheduled maintenance 3:00 AM - 7:00 AM, followed by a lot of ~ 5 second drops of packet transit. Haven't had any issues since ~ 9:00 AM EDT. Regards Marshall On Jul 27, 2007, at 11:10 AM, David Coulson wrote: It still says 11:00am *looks at watch* Matt Liotta wrote: They have been updating that ETR every 40 minutes. The first ETR was supposed to be 9:30. -Matt Mills, Charles wrote: Just saw an ETR of 11:00AM EDT from http://status.cogentco.com Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Scott Francis Sent: Friday, July 27, 2007 10:40 AM To: nanog@merit.edu Subject: Cogent outage details? am receiving word that Cogent has been the victim of "hardware problems on our backbone causing latency and packet loss to customers on the east coast". I did manage to get a master ticket number (608503), but I'm curious if anybody out there (perhaps an actual Cogent customer) has more details - backhoe? operator error? evaporating subatomic black hole?
RE: Why do we use facilities with EPO's?
On Fri, 2007-07-27 at 13:09 -0400, Barry Shein wrote: > > Also, NOT TO BE TOO LITERAL MINDED, but isn't the point of a UPS that > it has a lot of power even when it's not getting any externally? > > Doesn't hitting an EPO on a UPS at best only reduce the electrical > hazard of hitting it with water a little bit? Not an engineer, and not a firefighter, but I think I can answer this one. Yes, hitting the EPO would leave a lot of power potential stored in the batteries in the UPS. The point of the EPO is to isolate those batteries from both the external (possibly high voltage) feed coming into the UPS and to isolate them from the inverters, transformers, power points (plugs) and whatever else is used in the build-out getting the power out of the batteries and to the equipment. This achieves a couple things. * It potentially removes one of the requirements of combustion (heat/energy input). * If the fire is not within/around the UPS itself, the firefighters can avoid the power that is still in the room. * Removes the power from the wiring below your raised floor so water will not come in contact with the power present during normal operation. I'm sure that there are others out there that could give you even more reasons, but these are the ones that come to mind immediately. --- Tim Donahue
Re: Routing public traffic across county boundaries in Europe
--- [EMAIL PROTECTED] wrote: > What (if any) are the legal implications of taking internet destined > traffic in one country and egressing it in another (with an ip block > correctly marked for the correct country). > > Somebody mentioned to me the other day that they thought the Dutch > government didn't allow an ISP to take internet traffic from a Dutch > citizen and egress in another country because it makes it easy for the > local country to snoop. > -- > > > That's funny. I've always thought of the internet as a global, borderless > entity where ideas and information are shared without restraint. Perhaps > it's time to whap the gov't with a clue bat? > > scott > Yes, but laws dictate that not all information can be shared without restraint. The EU, for example, has laws preventing the export of personal information to countries deemed to have weaker privacy protection laws. -- Who has to stop this information from transversing countries? ISPs? It seems really strange that folks are required to stop this when stuff like SSL and all makes it a little hard to do so... scott
Re: Where did freeipdb IP utility site go?
On Fri, Jul 27, 2007 at 12:40:59PM -0400, Barry Shein wrote: > I know postgresql has an ipv6 type but I was hoping for something more > portable. I am a PostgreSQL weenie, I admit, but if you can at all use it, I strongly suggest you use the inet and cidr datatypes in PostgreSQL for this. Alternatives often give up the data rigour that you get from a datatype. Portability is often a target that forces you to give up all the nice features that you got when you chose your RDBMS. I suppose in other systems, you could put a trigger on a varchar() or whatever field that would validate the address on the way in. That's what I'd do if I had to give up the datatype. A -- Andrew Sullivan 204-4141 Yonge Street Afilias CanadaToronto, Ontario Canada <[EMAIL PROTECTED]> M2P 2A8 jabber: [EMAIL PROTECTED] +1 416 646 3304 x4110
Weekly Routing Table Report
This is an automated weekly mailing describing the state of the Internet Routing Table as seen from APNIC's router in Japan. Daily listings are sent to [EMAIL PROTECTED] For historical data, please see http://thyme.apnic.net. If you have any comments please contact Philip Smith <[EMAIL PROTECTED]>. Routing Table Report 04:00 +10GMT Sat 28 Jul, 2007 Report Website: http://thyme.apnic.net This report:http://thyme.apnic.net/ap-data/2007/07/28/0400 Analysis Summary BGP routing table entries examined: 226532 Prefixes after maximum aggregation: 119080 Deaggregation factor: 1.90 Unique aggregates announced to Internet: 110145 Total ASes present in the Internet Routing Table: 25797 Prefixes per ASN: 8.78 Origin-only ASes present in the Internet Routing Table: 22498 Origin ASes announcing only one prefix: 10979 Transit ASes present in the Internet Routing Table:3299 Transit-only ASes present in the Internet Routing Table: 75 Average AS path length visible in the Internet Routing Table: 3.6 Max AS path length visible: 20 Max AS path prepend of ASN (35389) 16 Prefixes from unregistered ASNs in the Routing Table:43 Unregistered ASNs in the Routing Table: 42 Prefixes from 32-bit ASNs in the Routing Table: 5 Special use prefixes present in the Routing Table:0 Prefixes being announced from unallocated address space: 13 Number of addresses announced to Internet: 1741416032 Equivalent to 103 /8s, 203 /16s and 230 /24s Percentage of available address space announced: 47.0 Percentage of allocated address space announced: 62.3 Percentage of available address space allocated: 75.5 Total number of prefixes smaller than registry allocations: 119302 APNIC Region Analysis Summary - Prefixes being announced by APNIC Region ASes:53152 Total APNIC prefixes after maximum aggregation: 20688 APNIC Deaggregation factor:2.57 Prefixes being announced from the APNIC address blocks: 50093 Unique aggregates announced from the APNIC address blocks:21971 APNIC Region origin ASes present in the Internet Routing Table:3018 APNIC Prefixes per ASN: 16.60 APNIC Region origin ASes announcing only one prefix:810 APNIC Region transit ASes present in the Internet Routing Table:456 Average APNIC Region AS path length visible:3.6 Max APNIC Region AS path length visible: 16 Number of APNIC addresses announced to Internet: 305578144 Equivalent to 18 /8s, 54 /16s and 192 /24s Percentage of available APNIC address space announced: 75.7 APNIC AS Blocks4608-4864, 7467-7722, 9216-10239, 17408-18431 (pre-ERX allocations) 23552-24575, 37888-38911 APNIC Address Blocks 58/7, 60/7, 116/6, 120/6, 124/7, 126/8, 202/7 210/7, 218/7, 220/7 and 222/8 ARIN Region Analysis Summary Prefixes being announced by ARIN Region ASes:107556 Total ARIN prefixes after maximum aggregation:62458 ARIN Deaggregation factor: 1.72 Prefixes being announced from the ARIN address blocks:79143 Unique aggregates announced from the ARIN address blocks: 31408 ARIN Region origin ASes present in the Internet Routing Table:11717 ARIN Prefixes per ASN: 6.75 ARIN Region origin ASes announcing only one prefix:4536 ARIN Region transit ASes present in the Internet Routing Table:1068 Average ARIN Region AS path length visible: 3.4 Max ARIN Region AS path length visible: 16 Number of ARIN addresses announced to Internet: 341064192 Equivalent to 20 /8s, 84 /16s and 58 /24s Percentage of available ARIN address space announced: 75.3 ARIN AS Blocks 1-1876, 1902-2042, 2044-2046, 2048-2106 (pre-ERX allocations) 2138-2584, 2615-2772, 2823-2829, 2880-3153 3354-4607, 4865-5119, 5632-6655, 6912-7466 7723-8191, 10240-12287, 13312-15359, 16384-17407 18432-20479, 21504-23551, 25600-26591, 26624-27647, 29696-30719, 31744-33791 35840-36863, 39936-40959 ARIN Address Blocks24/8, 63/
Re: Routing public traffic across county boundaries in Europe
On July 27, 2007 at 06:14 [EMAIL PROTECTED] (Lionel Elie Mamane) wrote: > > Also, I've heard that Canada had (maybe still has) this legislation > forbidding you to route intra-Canadian *telephone* traffic through > another country. Something about else nobody would build a > intercontinental coast-to-coast Canadian network, would just send > long-distance traffic to the USA, go to other coast and send it back > to Canada and being this dependent on a foreign country, that's bad. OTOH, the spirit of the Bretton Woods conferences at the end of WWII on preventing a repeat was that such critical industrial interdependencies were fundamental to dissuading nations from going to war on one another. So far the idea has worked pretty well, exceptions excepted. Obviously YMMV. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
ATT / Time-Warner problem?
Anyone aware of an issue with ATT / Time-Warner? We're seeing traceroutes from ATT to TW die around 24.95.x.x (*.columbus.rr.com) Thanks, Rich
RE: Why do we use facilities with EPO's?
On July 26, 2007 at 18:59 [EMAIL PROTECTED] (Randy Epstein) wrote: > > I guess my point was that it's safer to power off a UPS system as best you > can before you shoot water at it. :) Most likely you are doing this at > somewhat close proximity, with step-down transformers nearby, etc. If you can stroll into the room and look around etc., sure, why not. I said that in the previous msg. We agree. The note I was responding to asserted that it was necessary to hit an EPO before (direct) firefighting could commence, I wasn't saying it wouldn't be handy in some circumstances, just "not entirely necessary" (for firefighting.) But getting to an EPO could be difficult if the room is closed and it's looking like it might be somewhere in excess of 450F inside in which case the usual approach is to smash/open a window or door while the others stand ready with a fully charged hose. Which is why they'll usually shut down power from outside the building if needed. By definition a room on fire is a room out of control*. An important component of firefighting is working fast as fires don't usually get better by themselves. Well, actually they almost all do get better eventually on their own, when there's nothing left to burn, but that's not often an attractive option since the available fuel could be what you call your neighborhood. Also, NOT TO BE TOO LITERAL MINDED, but isn't the point of a UPS that it has a lot of power even when it's not getting any externally? Doesn't hitting an EPO on a UPS at best only reduce the electrical hazard of hitting it with water a little bit? * Interesting aside: In many venues, I know this is true in Boston, when a fire official declares a building on fire legal title to that building is automatically transferred to the fire dept until firefighting operations are declared ended. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Any Bellsouth.net email admins here
if there are any bellsouth.net email admins on the list, can you contact me offlist. Blocked domain issue. Thanks Guy Shepperd
Re: Where did freeipdb IP utility site go?
On Fri, Jul 27, 2007 at 12:40:59PM -0400, Barry Shein wrote: > > > > > > > Are there any "good" tools for IPv6 address management? > > > > Is there a "BCP" (convention, whatever) for storing IPv6 addresses > into SQL databases? Particularly where you need to mix them with IPv4 > addresses. PostgreSQL supports this. Check out the data types. (yes, 8.2 is the latest, but google to the first hit is easier) http://www.postgresql.org/docs/8.0/interactive/datatype-net-types.html#DATATYPE-INET > I know postgresql has an ipv6 type but I was hoping for something more > portable. The best I could come up with was packed decimal(39) and > assume that if more than 32 bits are set it's IPv6 (ignoring the > special case of all zeros etc.) The other would be to just use 4 > unsigned long ints similarly but it makes comparison and other ops > clunky. um, lots of folks have written modules for almost every language to do ip/subnet comparisons for both v4 and v6. While I can understand the desire to use locally derived code, etc.. it does make sense to not reinvent the wheel daily :) OT: Speaking of which, someone know of something like the multicast beacon software that works for unicast stuff that is "free"? I've wanted to make some udp-like probe matrix like this and with all the folks that are asking about cogent, l3, etc.. outages was thinking that a user community of this type of a test matrix could be interesting :) Think like the "internet health report" but with more sites (possibly hundreds). - jared -- Jared Mauch | pgp key available via finger from [EMAIL PROTECTED] clue++; | http://puck.nether.net/~jared/ My statements are only mine.
RE: Where did freeipdb IP utility site go?
> > > Are there any "good" tools for IPv6 address management? > Is there a "BCP" (convention, whatever) for storing IPv6 addresses into SQL databases? Particularly where you need to mix them with IPv4 addresses. I know postgresql has an ipv6 type but I was hoping for something more portable. The best I could come up with was packed decimal(39) and assume that if more than 32 bits are set it's IPv6 (ignoring the special case of all zeros etc.) The other would be to just use 4 unsigned long ints similarly but it makes comparison and other ops clunky. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: Why do we use facilities with EPO's?
On Jul 26, 2007, at 6:59 PM, Randy Epstein wrote: I guess my point was that it's safer to power off a UPS system as best you can before you shoot water at it. :) Most likely you are doing this at somewhat close proximity, with step-down transformers nearby, etc. Somewhat true. An EPO not only shuts down the power feed to the UPS, but the UPS as well. Which is a good thing. The batteries still make pretty colors when you hit them and start bridging things that shouldn't be bridged. But if it's not on fire, it is usually avoided by the fire department. I'm posting on this as a 17 year volunteer fire department member as well as a professional (albeit part-time, with the rest of my time spent in network ops) fire marshal for a town in PA. EPOs are great, and as a fire marshal I like them (preventative) but they really don't figure in to the picture when I've got my firefighter hat (ok, helmet) on - because we just cut mains to everything, and generally know what we're looking at and how to handle it. Any building in any reasonably juristiction that has any "real" sized UPS most likely has not only a pre-plan so the FD knows what is where, but also at least annual inspections. Chances are good the facility also has to hold a permit for the number/capacity of the batteries in the unit (per IFC 105.7.2) and most likely the fuel storage for the generators (IFC 105.6.16). Even in your jurisdiction doesn't use that code, IFC and/or it's ancestors provide the model code that most of the US operates on, so chances are high there are similar restrictions/procedures/permitting requirements. Daryl
Re: Cogent outage details?
It still says 11:00am *looks at watch* Matt Liotta wrote: They have been updating that ETR every 40 minutes. The first ETR was supposed to be 9:30. -Matt Mills, Charles wrote: Just saw an ETR of 11:00AM EDT from http://status.cogentco.com Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Scott Francis Sent: Friday, July 27, 2007 10:40 AM To: nanog@merit.edu Subject: Cogent outage details? am receiving word that Cogent has been the victim of "hardware problems on our backbone causing latency and packet loss to customers on the east coast". I did manage to get a master ticket number (608503), but I'm curious if anybody out there (perhaps an actual Cogent customer) has more details - backhoe? operator error? evaporating subatomic black hole?
Re: Cogent outage details?
They have been updating that ETR every 40 minutes. The first ETR was supposed to be 9:30. -Matt Mills, Charles wrote: Just saw an ETR of 11:00AM EDT from http://status.cogentco.com Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Scott Francis Sent: Friday, July 27, 2007 10:40 AM To: nanog@merit.edu Subject: Cogent outage details? am receiving word that Cogent has been the victim of "hardware problems on our backbone causing latency and packet loss to customers on the east coast". I did manage to get a master ticket number (608503), but I'm curious if anybody out there (perhaps an actual Cogent customer) has more details - backhoe? operator error? evaporating subatomic black hole?
Re: Cogent outage details?
On Fri, 2007-07-27 at 11:10 -0400, David Coulson wrote: > It still says 11:00am > > *looks at watch* could you possibly be looking at cached data? I see no current problems listed at http://status.cogentco.com (last updated at 11:10 EDT) -Jim P.
RE: Cogent outage details?
Just saw an ETR of 11:00AM EDT from http://status.cogentco.com Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Scott Francis Sent: Friday, July 27, 2007 10:40 AM To: nanog@merit.edu Subject: Cogent outage details? am receiving word that Cogent has been the victim of "hardware problems on our backbone causing latency and packet loss to customers on the east coast". I did manage to get a master ticket number (608503), but I'm curious if anybody out there (perhaps an actual Cogent customer) has more details - backhoe? operator error? evaporating subatomic black hole? -- [EMAIL PROTECTED],darkuncle.net} || 0x5537F527 encrypted email to the latter address please http://darkuncle.net/pubkey.asc for public key This e-mail message and any files transmitted with it contain confidential information intended only for the person(s) to whom this email message is addressed. If you have received this e-mail message in error, please notify the sender immediately by telephone or e-mail and destroy the original message without making a copy. Thank you. Neither this information block, the typed name of the sender, nor anything else in this message is intended to constitute an electronic signature unless a specific statement to the contrary is included in this message.
Cogent outage details?
am receiving word that Cogent has been the victim of "hardware problems on our backbone causing latency and packet loss to customers on the east coast". I did manage to get a master ticket number (608503), but I'm curious if anybody out there (perhaps an actual Cogent customer) has more details - backhoe? operator error? evaporating subatomic black hole? -- [EMAIL PROTECTED],darkuncle.net} || 0x5537F527 encrypted email to the latter address please http://darkuncle.net/pubkey.asc for public key
NIST Bulletins and publications
I read a lot of mailing lists. Some of them are actually just collections of others, which mercifully allows me to reduce the traffic oh, so slightly. On one of them, InfoSec News, I see bulletins coming in from NIST (National Institute of Standards and Technology), and they're always comprised of reasonable, yet wordy, documents. This month is especially interesting. "ITL Bulletin for July 2007: Border Gateway Protocol Security (all caps removed to protect the innocent)." I wonder how many here actually read these things, or find them useful. I read the announcement, and have glanced briefly at the PDF it points to, and find it generally useful. Nice guidelines, sensible stuff all, and probably of great help if this is all new to you (perhaps helpful even if you've been around a while). For those overwhelmed with too much work and too little time, there's even an Executive Summary with actual useful information in it. http://www.infosecnews.org/hypermail/0707/13525.html http://csrc.nist.gov/publications/nistpubs/800-54/SP800-54.pdf -- Beware of the man who works hard to learn something, learns it, and finds himself no wiser than before. He is full of murderous resentment of people who are ignorant without having come by their ignorance the hard way. --Bokonen
The Cidr Report
This report has been generated at Fri Jul 27 21:17:55 2007 AEST.
The report analyses the BGP Routing Table of AS2.0 router
and generates a report on aggregation potential within the table.
Check http://www.cidr-report.org for a current version of this report.
Recent Table History
Date PrefixesCIDR Agg
20-07-07229565 149939
21-07-07229797 150747
22-07-07229674 150913
23-07-07229687 151087
24-07-07229789 151254
25-07-07229683 151779
26-07-07229840 152208
27-07-07229936 152410
AS Summary
25893 Number of ASes in routing system
10960 Number of ASes announcing only one prefix
1487 Largest number of prefixes announced by an AS
AS7018 : ATT-INTERNET4 - AT&T WorldNet Services
88891136 Largest address span announced by an AS (/32s)
AS721 : DISA-ASNBLK - DoD Network Information Center
Aggregation Summary
The algorithm used in this report proposes aggregation only
when there is a precise match using the AS path, so as
to preserve traffic transit policies. Aggregation is also
proposed across non-advertised address space ('holes').
--- 27Jul07 ---
ASnumNetsNow NetsAggr NetGain % Gain Description
Table 229961 1524567750533.7% All ASes
AS4134 1362 476 88665.1% CHINANET-BACKBONE
No.31,Jin-rong Street
AS4755 1299 432 86766.7% VSNL-AS Videsh Sanchar Nigam
Ltd. Autonomous System
AS4323 1318 499 81962.1% TWTC - Time Warner Telecom,
Inc.
AS6478 1119 333 78670.2% ATT-INTERNET3 - AT&T WorldNet
Services
AS11492 1108 376 73266.1% CABLEONE - CABLE ONE
AS22773 746 64 68291.4% CCINET-2 - Cox Communications
Inc.
AS9498 996 362 63463.7% BBIL-AP BHARTI BT INTERNET
LTD.
AS18566 1016 387 62961.9% COVAD - Covad Communications
Co.
AS19262 765 193 57274.8% VZGNI-TRANSIT - Verizon
Internet Services Inc.
AS18101 578 66 51288.6% RIL-IDC Reliance Infocom Ltd
Internet Data Centre,
AS7545 718 227 49168.4% TPG-INTERNET-AP TPG Internet
Pty Ltd
AS15270 561 75 48686.6% AS-PAETEC-NET - PaeTec.net -a
division of
PaeTecCommunications, Inc.
AS17488 734 254 48065.4% HATHWAY-NET-AP Hathway IP Over
Cable Internet
AS7018 1487 1010 47732.1% ATT-INTERNET4 - AT&T WorldNet
Services
AS2386 1216 757 45937.7% INS-AS - AT&T Data
Communications Services
AS4766 793 361 43254.5% KIXS-AS-KR Korea Telecom
AS6197 1024 597 42741.7% BATI-ATL - BellSouth Network
Solutions, Inc
AS4812 528 111 41779.0% CHINANET-SH-AP China Telecom
(Group)
AS17676 504 91 41381.9% JPNIC-JP-ASN-BLOCK Japan
Network Information Center
AS8151 893 485 40845.7% Uninet S.A. de C.V.
AS9443 480 82 39882.9% INTERNETPRIMUS-AS-AP Primus
Telecommunications
AS7029 568 193 37566.0% WINDSTREAM - Windstream
Communications Inc
AS19916 568 205 36363.9% ASTRUM-0001 - OLM LLC
AS4668 512 168 34467.2% LGNET-AS-KR LG CNS
AS16852 400 88 31278.0% BROADWING-FOCAL - Broadwing
Communications Services, Inc.
AS3602 390 84 30678.5% AS3602-RTI - Rogers Telecom
Inc.
AS33588 456 156 30065.8% BRESNAN-AS - Bresnan
Communications, LLC.
AS7011 901 606 29532.7% FRONTIER-AND-CITIZENS -
Frontier Communications of
America, Inc.
AS6198
BGP Update Report
BGP Update Report Interval: 26-Jun-07 -to- 26-Jul-07 (31 days) Observation Point: BGP Peering with AS2.0 TOP 20 Unstable Origin AS Rank ASNUpds % Upds/PfxAS-Name 1 - AS14906 163544 1.7% 32708.8 -- 2 - AS9583 148797 1.6% 127.0 -- SIFY-AS-IN Sify Limited 3 - AS21452 130141 1.4% 13014.1 -- skannet-ibadan 4 - AS462192124 1.0% 618.3 -- UNSPECIFIED UNINET-TH 5 - AS24731 79426 0.8%1557.4 -- ASN-NESMA National Engineering Services and Marketing Company Ltd. (NESMA) 6 - AS30850 60725 0.7% 30362.5 -- DESMIE-AS Hellenic Trasmission System Operator S.A. 7 - AS12879 58264 0.6%9710.7 -- OJSC-STN-AS Svyaztransneft Autonomus System 8 - AS477557838 0.6% 354.8 -- GLOBE-TELECOM-AS Telecom Carrier / ISP Plus + 9 - AS815156075 0.6% 62.7 -- Uninet S.A. de C.V. 10 - AS632553467 0.6% 954.8 -- ILLINOIS-CENTURY - Illinois Century Network 11 - AS760452580 0.6%1947.4 -- HWY1-AS Highway 1 12 - AS24326 47242 0.5% 268.4 -- TTT-AS-AP Maxnet, Internet Service Provider, Bangkok 13 - AS13285 46528 0.5%6646.9 -- OPALTELECOM-AS Opal Telecom 14 - AS24863 45187 0.5% 98.9 -- LINKdotNET-AS 15 - AS791043927 0.5% 283.4 -- COLDECON 16 - AS702 43920 0.5% 65.2 -- AS702 Verizon Business EMEA - Commercial IP service provider in Europe 17 - AS30763 43132 0.5%4792.4 -- IOS-SECONDARY-AS Internet of Siberia ISP 18 - AS701841096 0.4% 26.5 -- ATT-INTERNET4 - AT&T WorldNet Services 19 - AS19444 39998 0.4% 645.1 -- CHARTER-STL - CHARTER COMMUNICATIONS 20 - AS27685 38579 0.4%2269.4 -- PEOPLE ONLINE TOP 20 Unstable Origin AS (Updates per announced prefix) Rank ASNUpds % Upds/PfxAS-Name 1 - AS14906 163544 1.7% 32708.8 -- 2 - AS30850 60725 0.7% 30362.5 -- DESMIE-AS Hellenic Trasmission System Operator S.A. 3 - AS22433 28937 0.3% 28937.0 -- HRMC - Human Resource Management Center, Inc. 4 - AS21452 130141 1.4% 13014.1 -- skannet-ibadan 5 - AS12879 58264 0.6%9710.7 -- OJSC-STN-AS Svyaztransneft Autonomus System 6 - AS21348 13357 0.1%6678.5 -- KOPTERIFI KOPTERIFI is autonomous system. Located in Vammala Finland 7 - AS13285 46528 0.5%6646.9 -- OPALTELECOM-AS Opal Telecom 8 - AS11725 12915 0.1%6457.5 -- MUELLER-NET - Mueller Industries, Inc. 9 - AS30707 16478 0.2%5492.7 -- 10 - AS9833 5173 0.1%5173.0 -- HICOM-AS-AP http://www.plexus.net 11 - AS30763 43132 0.5%4792.4 -- IOS-SECONDARY-AS Internet of Siberia ISP 12 - AS11169 24595 0.3%4099.2 -- NET-WEIRNET-US-01 - Weirnet LLC 13 - AS5956 4085 0.0%4085.0 -- DDN-ASNBLK - DoD Network Information Center 14 - AS190017771 0.1%3885.5 -- AVENTCOMMTECH - Aventure Communications 15 - AS319493679 0.0%3679.0 -- APEXDIGITAL - Apex Digital 16 - AS701312926 0.1%3231.5 -- NETSELECT - Health Sciences Libraries Consortium 17 - AS382813005 0.0%3005.0 -- ASN-ABSYSTEMS-PH ABSystems Inc 18 - AS343782735 0.0%2735.0 -- RUG-AS Razguliay-UKRROS Group 19 - AS410272595 0.0%2595.0 -- NETEX-AS NETEX Company, Kyiv, Ukraine 20 - AS330782531 0.0%2531.0 -- ISC-CAI1 ISC, Cairo, Egypt TOP 20 Unstable Prefixes Rank Prefix Upds % Origin AS -- AS Name 1 - 194.110.73.0/24 60644 0.6% AS30850 -- DESMIE-AS Hellenic Trasmission System Operator S.A. 2 - 203.23.208.0/24 51525 0.5% AS7604 -- HWY1-AS Highway 1 3 - 62.24.238.0/2446427 0.5% AS13285 -- OPALTELECOM-AS Opal Telecom 4 - 80.250.36.0/2343557 0.5% AS21452 -- skannet-ibadan 5 - 80.250.44.0/2243416 0.5% AS21452 -- skannet-ibadan 6 - 80.250.40.0/2242733 0.4% AS21452 -- skannet-ibadan 7 - 212.109.192.0/20 42406 0.4% AS30763 -- IOS-SECONDARY-AS Internet of Siberia ISP 8 - 80.243.64.0/2035298 0.4% AS21332 -- NTC-AS New Telephone Company 9 - 12.27.91.0/24 33934 0.3% AS14906 -- 10 - 12.27.90.0/24 33933 0.3% AS14906 -- 11 - 12.27.88.0/24 33855 0.3% AS14906 -- 12 - 12.27.89.0/24 33760 0.3% AS14906 -- 13 - 64.215.207.0/24 28937 0.3% AS22433 -- HRMC - Human Resource Management Center, Inc. 14 - 124.7.139.0/2428892 0.3% AS9583 -- SIFY-AS-IN Sify Limited 15 - 212.73.122.0/24 28749 0.3% AS12879 -- OJSC-STN-AS Svyaztransneft Autonomus System 16 - 212.73.123.0/24 28741 0.3% AS12879 -- OJSC-STN-AS Svyaztransneft Autonomus System 17 - 221.135.253.0/24 28323 0.3% AS9583 -- SIFY-AS-IN Sify Limited 18 - 12.27.88.0/22 28062 0.3% AS14906 -- 19 - 203.177.10.0/24 26783 0.3% AS4775
Re: Routing public traffic across county boundaries in Europe
On Jul 27, 2007, at 6:14 AM, Lionel Elie Mamane wrote: [...] (And I've repeatedly heard that in the Netherlands, for some time in the past at least, the way the ISPs got rid of the lawful intercept obligation was to have the AMS-IX send a copy of *all* the traffic to the government black box. Not that they had to do that, but it was the easiest / cheapest way.) [...] That is complete and utter nonsens. That never ever happend. As everybody can see in the public member list [1] on the AMS-IX website, the Dutch police (AS16147) is connected via 100Mbit/s port. They are just another member, nothing more nothing less. Encrypted and signed tapped traffic from lawful interceptions may be send from the Dutch ISPs to the police via peering. That traffic may go over AMS-IX indeed. The Dutch ISP are obligated to apply these taps on *access-lines* after some form of legal order. They have to have the the right procedures and equipment to do that (at their own costs) [2]. -- Arien -- Arien Vijn Amsterdam Internet Exchange [1] http://www.ams-ix.net/connected/?expanded=1 [2] (In Dutch) http://www.agentschap-telecom.nl/informatie/aftappen/ paginas/faq.html
Re: Routing public traffic across county boundaries in Europe
On 7/27/07, Lionel Elie Mamane <[EMAIL PROTECTED]> wrote: > > What I would expect is that you still have to obey lawful intercept > legislation, so you need to interconnect with the government "black > box" rooms, and these are at the major IXs in the country. (And I've > repeatedly heard that in the Netherlands, for some time in the past at > least, the way the ISPs got rid of the lawful intercept obligation was > to have the AMS-IX send a copy of *all* the traffic to the government > black box. Not that they had to do that, but it was the easiest / > cheapest way.) Easiest/cheapest for the Dutch ISPs. Not for the government though! AMS-IX can be 200GBits a second, so I wonder if this was an exercise in killing the snoopers with kindness. If there were any such obligation, I'd expect the real reason not to > be "the egress country can snoop", but "it is harder for the > originating country to snoop". Perhaps. The French and German govts are not keen on their officials using Blackberrys 'cos all European BlackBerry traffic goes via a building near my house (single point of failure? we don't need no stinkin' redundancy!) in London.
Re: Why do we use facilities with EPO's?
>I fail to see why one couldn't have TWO buttons of the same type This is done on quite a few lumps of industrial machinery. >While one of the priest-theologians meant >well, we learned what happened when holy water is sprinkled into the high >voltage supply of a gas chromatograph That's a literal example of what happens when faith and science collide. More broadly, quote of note from Royal Marine officer after recent floods in the UK - they were shoring up the walls of a major power-grid switching station, with water inside the facility and much more outside. "I remembered electricity and water don't mix, but it wasn't a good moment to think that.." With 600,000 customers hanging off it, needs must when the devil drives.
Re: Routing public traffic across county boundaries in Europe
Scott Weeks wrote: --- [EMAIL PROTECTED] wrote: What (if any) are the legal implications of taking internet destined traffic in one country and egressing it in another (with an ip block correctly marked for the correct country). Somebody mentioned to me the other day that they thought the Dutch government didn't allow an ISP to take internet traffic from a Dutch citizen and egress in another country because it makes it easy for the local country to snoop. -- That's funny. I've always thought of the internet as a global, borderless entity where ideas and information are shared without restraint. Perhaps it's time to whap the gov't with a clue bat? scott Yes, but laws dictate that not all information can be shared without restraint. The EU, for example, has laws preventing the export of personal information to countries deemed to have weaker privacy protection laws. There's also grey areas (that may simply result from legal departments not having enough technical knowledge). For example, I've worked with companies before that have had the rights to stream certain sporting events to certain countries only. Even if you were only streaming to UK ISPs and UK IP addresses (via what ever checking mechanisms were deemed adequate), legal departments tend to have quite a lot to say on the matter if you were egressing that traffic, at say, AMS-IX. Sam
