Re: Dictionary attacks prompted by NANOG postings?

[Randy Bush]

Does this happen to anyone else posting here? 


not that i have noticed.  i do see massively (> 5x) more ssh dict 
attacks on the hosts i have in tokyo than those on other continents. 
but the sample size is too small to draw any serious conclusions.  but i 
would guess there are folk who actually study this.


> It's pretty clearly a lame attempt to intimidate by some loser.

rofl.  seems a pretty paranoid conclusion to which to leap.  could just 
be a list address harvester for a bunch of lists.


i figure that, since my hosts don't even do password ssh, that having 
password guessers go after my hosts is my contribution to reducing the 
attacks on more vulnerable hosts.


randy

Dictionary attacks prompted by NANOG postings?

[Barry Shein]

Once again shortly after posting a message to NANOG a fairly
significant dictionary attack using Earthlink's mail servers fired up.

The same thing happened around Nov 30th (I posted about it here.)

Does this happen to anyone else posting here? It's pretty clearly a
lame attempt to intimidate by some loser.


Jan 17 01:29:16 pcls5 sendmail[6757]: NOUSER: ani5 
relay=elasmtp-kukur.atl.sa.earthlink.net [209.86.89.65]
Jan 17 01:29:19 pcls5 sendmail[7761]: NOUSER: anita2 
relay=elasmtp-curtail.atl.sa.earthlink.net [209.86.89.64]
Jan 17 01:29:19 pcls5 sendmail[8036]: NOUSER: ando 
relay=elasmtp-masked.atl.sa.earthlink.net [209.86.89.68]
Jan 17 01:29:22 pcls5 sendmail[8036]: NOUSER: ando1 
relay=elasmtp-masked.atl.sa.earthlink.net [209.86.89.68]
Jan 17 01:29:25 pcls5 sendmail[8036]: NOUSER: ando2 
relay=elasmtp-masked.atl.sa.earthlink.net [209.86.89.68]
Jan 17 01:29:28 pcls5 sendmail[8036]: NOUSER: ando3 
relay=elasmtp-masked.atl.sa.earthlink.net [209.86.89.68]
Jan 17 01:29:31 pcls5 sendmail[8036]: NOUSER: ando4 
relay=elasmtp-masked.atl.sa.earthlink.net [209.86.89.68]

  ...etc etc

-- 
-Barry Shein

The World  | [EMAIL PROTECTED]   | http://www.TheWorld.com
Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide
Software Tool & Die| Public Access Internet | SINCE 1989 *oo*

Re: Network Operator Groups Outside the US

[Randy Bush]

the folk who actually schedule the meetings use

http://ws.edu.isoc.org/calendar/

note that this is not the normal isoc calendar, rather one they kindly 
host for the ops meeting committees.


but few of the national nogs we have seen mentioned here use it.

and it did not prevent nanog from rudely scheduling right over afnog 
(which announced a good while before) next june, causing a mess for a 
number of us.


but it's what we've got.

randy

Re: request for help w/ ATT and terminology

[Tony Li]

On Jan 16, 2008, at 1:37 PM, Mike Donahue wrote:


Anyway, it's all getting (for us) pretty complicated.   We're a fairly
small firm and just want an Ethernet handoff with our IP block on it.
Sprint didn't blink at the request, but AT&T...  We're getting a good
rate from AT&T for the IP services because it's at their colo.
Switching back to Sprint would definitely be more costly.



Please renumber into an AT&T prefix.

Tony

Re: Network Operator Groups Outside the US

[Tony Li]

...and aggregated calendars:
- http://www.icann.org/general/calendar/
- http://www.isoc.org/isoc/conferences/events/



I've been maintaining an integrated calendar across our related  
meetings for awhile now.  For folks using iCal or  compatible tools,  
you can subscribe via the webcal link below.


http://www.icalx.com/html/tony1athome/day.php?cal=Net.Engineers
webcal://www.icalx.com/public/tony1athome/Net.Engineers.ics

Updates/requests to me please.

Tony

Re: request for help w/ ATT and terminology

[Kevin Loch]

Mike Donahue wrote:

Hi.  I'm by no means an ip/networking expert, and we're having some
difficulty communicating with the boffins at AT&T.  Any
input/advice/translation would be appreciated.

We own our own class C netblock.  Our previous provider, Sprint, had no
problem "adding" it to their network/advertising it (that circuit is now
disconnected).  We've started using an AT&T colo facility, and we're
having a lot of trouble trying to get AT&T to do the same thing there
that Sprint was able to do for us.  AT&T is refusing to advertise our
netblock/path it to our cabinet unless we have an AS number.  ARIN has
refused to give us one on the grounds (rightly so) that we're not
multi-homed.  


muli-homing is one way to justify an ASN, "unique routing policy" is
the other.  Your directly assigned /24 could be a reason to have
a unique routing policy, especially if your upstreams are unwilling
to originate it from their ASN(s).  You may want to re-apply for an
ASN and explain that you will be announcing your directly assigned
block in section 14 of the template.

- Kevin

Re: Network Operator Groups Outside the US

[Masaru MUKAI]

Hi,

JANOG, Japan Networks Operators' Group(http://www.janog.gr.jp/) discuss 
on mailing list in japanese, and has meetings twice a year.

We will hold 21st meeting next week(2008/01/24-2008/01/25) 
in Kumamoto city, Japan.

--
Masaru MUKAI / JANOG


From: "Rod Beck" <[EMAIL PROTECTED]>
Subject: Network Operator Groups Outside the US
Date: Wed, 16 Jan 2008 12:09:48 -

> 
> This is a multi-part message in MIME format.
> 
> 
> Hi Folks, 
> 
> 1. UK: UKNOF; http://www.uknof.org.uk/ I just attended the last meeting 
> Monday. Free and a good lunch included! 
> Please do not confuse UKNOF with the United Kingdom Nitric Oxide Forum. 
> Nitric Oxide keeps your arteries relaxed and your blood pressure under 
> control 
> 
> 2. Europe: RIPE; http://www.ripe.net/ The Big Meeting is in Berlin in early 
> May. 
> 
> 3. France: FRnOG; http://www.frnog.org/ Has several meetings each year. Has 
> interesting discussions in French on its mailing list. Moderator makes Stalin 
> look easy going. 
> 
> 4. UK: LINX; https://www.linx.net/ Has four meetings each year. Not difficult 
> to get invited if you are not a member.  
> 
> 5. LAMBDANET hosts several German ISP meetings; 
> http://www.lambdanet.net/index.php?p=92&l=1&sid=ee8bc11d266a13bffdcd59ceb45c329d.
>  Language is German. 
> Please do not confuse with the Intranet for the Brothers of Lambda Theta Phi, 
> Latin Fraternity Inc.
> 
> 6. I am not aware of any Dutch per se ISP conferences although that market is 
> certainly quite vibrant. I am also disappointed to see the Canadians and 
> Irish have next to nothing despite Ireland being the European base of 
> operations for Google, Microsoft, Amazon, and Yahoo. And Canada has over 30 
> million people. Where is the National Pride?
> 
> 7. It is worthing mentioning that DEC-IX has started the practice of hosting 
> carrier meetings a la Telx. These are not conferences with lectures, but 
> networking events where each provider has a booth where they can push their 
> products and services. Tends to be more carrier than ISP, but as you know the 
> union of these two sets is not the null set. Quite a bit of overlap. 
> 
> 8. Both DEC-IX and AMS-IX have member meetings each year. Not clear how 
> difficult to get invited if you are not a member. 
> 
> 9. I believe there are some Northern England ISP meetings. Probably MANAP. 
> 
> Roderick S. Beck
> Director of European Sales
> Hibernia Atlantic
> 1, Passage du Chantier, 75012 Paris
> http://www.hiberniaatlantic.com
> Wireless: 1-212-444-8829. 
> Landline: 33-1-4346-3209.
> French Wireless: 33-6-14-33-48-97.
> AOL Messenger: GlobalBandwidth
> [EMAIL PROTECTED]
> [EMAIL PROTECTED]
> ``Unthinking respect for authority is the greatest enemy of truth.'' Albert 
> Einstein. 
> 
> 
> 
> 
> 

Re: request for help w/ ATT and terminology

[Leo Bicknell]

Some networks (of note, the larger ones) have registered a "customer
ASN".  The idea is that networks advertised from their backbone ASN
should only be the ones they own, and all customers who have no ASN
use the customer ASN to originate their block.  In most cases the
contract prohibits using the customer ASN with another provider;
it is only to be used to single home to the one network.

I have no personal experience with AT&T in this configuration, but
with several other networks they would prefer an eBGP session where
they send you a default and you send them your prefix using the ASN
they assign.  Aside from keeping the prefixes segregated by ASN it
also makes the routing policy a lot simpler.  Typically things
announced by the backbone ASN may appear in prefix lists across the
network, while the customer ASN is "just another session".

One of the more interesting "big network" problems is the front
line support tend to not be creative thinkers, and also tend to
believe their internal terminology is industry standard speak.  This
can make it difficult to get what you want.

-- 
   Leo Bicknell - [EMAIL PROTECTED] - CCIE 3440
PGP keys at http://www.ufp.org/~bicknell/
Read TMBG List - [EMAIL PROTECTED], www.tmbg.org


pgphFSSISNmdD.pgp
Description: PGP signature

RE: request for help w/ ATT and terminology

[Jason Biel]

His Sprint circuit has been disconnected and he only has the AT&T circuit,
which comes into his cabinet, inside of AT&Ts Colo facility.

AT&T does not want to announce the space without doing an eBGP peer with you
because they do not "own" the space.  This is their policy, Sprint might not
have the same policy.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Darryl Dunkin
Sent: Wednesday, January 16, 2008 3:55 PM
To: Mike Donahue; nanog@merit.edu
Subject: RE: request for help w/ ATT and terminology


If you want connectivity from both AT&T and Sprint with your one block,
you have plenty of justification from ARIN to get your AS assigned
assuming both feeds come into one location.

However, it looks like you are asking two providers to announce the same
block at two different locations (different origin AS on each). If this
is the case, it won't happen, you'd be better off justifying an
allocation of the additional space from AT&T.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Mike Donahue
Sent: Wednesday, January 16, 2008 13:37
To: nanog@merit.edu
Subject: request for help w/ ATT and terminology


Hi.  I'm by no means an ip/networking expert, and we're having some
difficulty communicating with the boffins at AT&T.  Any
input/advice/translation would be appreciated.

We own our own class C netblock.  Our previous provider, Sprint, had no
problem "adding" it to their network/advertising it (that circuit is now
disconnected).  We've started using an AT&T colo facility, and we're
having a lot of trouble trying to get AT&T to do the same thing there
that Sprint was able to do for us.  AT&T is refusing to advertise our
netblock/path it to our cabinet unless we have an AS number.  ARIN has
refused to give us one on the grounds (rightly so) that we're not
multi-homed.   AT&T says they'll give  us a temporary ASN, and want us
to do eBGP for our netblock.  They sent the technical information over
today, and they want two distinct routers to act as the bgp peers...

Anyway, it's all getting (for us) pretty complicated.   We're a fairly
small firm and just want an Ethernet handoff with our IP block on it.
Sprint didn't blink at the request, but AT&T...  We're getting a good
rate from AT&T for the IP services because it's at their colo.
Switching back to Sprint would definitely be more costly.

Questions:

1.  Is what we're asking for unusual/uncalled for?
2.  What's the technical terminology for the request for AT&T to simply
start advertising our netblock called?  I'm wondering if they're not
understanding our request.

Any other comments/input/suggestions welcomed.

Thanks in advance,

Mike Donahue
WATG


No virus found in this incoming message.
Checked by AVG Free Edition. 
Version: 7.5.516 / Virus Database: 269.19.5/1228 - Release Date: 1/16/2008
9:01 AM
 

No virus found in this outgoing message.
Checked by AVG Free Edition. 
Version: 7.5.516 / Virus Database: 269.19.5/1228 - Release Date: 1/16/2008
9:01 AM
 

Re: request for help w/ ATT and terminology

[Seth Mattinen]

Darryl Dunkin wrote:

If you want connectivity from both AT&T and Sprint with your one block,
you have plenty of justification from ARIN to get your AS assigned
assuming both feeds come into one location.

However, it looks like you are asking two providers to announce the same
block at two different locations (different origin AS on each). If this
is the case, it won't happen, you'd be better off justifying an
allocation of the additional space from AT&T.



He's asking why AT&T can't do the same thing Sprint was doing, as 
they've disconnected Sprint and are using AT&T alone.


My answer: no reason they can't, beyond not wanting to or being really 
dumb about it. Tell them you want them to advertise your netblock for 
you because you don't need BGP. You don't have to; they can easily do 
the routing and announcement for you. If they don't get it easily... 
well, I'd go back to Sprint, because you'll probably have severe 
problems later when someone updates something, breaks it and you're down 
for a week before you can get through to anyone who will listen to your 
unsupported (to them) setup. I was in the same situation years ago with 
an Eschelon/ATG circuit: they simply didn't get how to work BGP with a 
multihomed customer. I could convince them to fix it each time, but then 
it'd break 4 months later. After the 4th time they screwed up, I dumped 
them and gladly paid more for anyone else so it would actually work.


~Seth

RE: request for help w/ ATT and terminology

[Scott Berkman]

Mike,

Generally a netblock is homed somewhere if it doesn't have an
association with an ASN.  These will often be listed as "non-portable",
and then each ISP would have to choose to allow you to use that netblock
on its network or not.

Based on your company name and domain I assume your netblock is
192.67.91.0/24, which shows as a Direct Assignment, so you should have the
right to move it.

I think what you are asking is unusual because you have address
space you are trying to move, but no ASN for the carrier to advertise the
route to.

In terms of terminology I think "advertise our netblock in your
AS" is about as close as you can get, and you are at ATT's mercy because
they have the right to create their own policies about advertising
client's netblocks as part of their AS.  I would say they would most
likely want to handle this by assigning you an iBGP ASN so you can
advertise that block to them privately, and then they would aggregate that
advertisement into their eBGP advertisements for their AS.  There should
be no reason to require 2 distinct routers just to use BGP.

Your other option is to get a cheap link from another provider
that does not include any usage, and use that as the second (backup) link.
At that point you could get an ASN assigned by ARIN.

-Scott

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Mike Donahue
Sent: Wednesday, January 16, 2008 4:37 PM
To: nanog@merit.edu
Subject: request for help w/ ATT and terminology


Hi.  I'm by no means an ip/networking expert, and we're having some
difficulty communicating with the boffins at AT&T.  Any
input/advice/translation would be appreciated.

We own our own class C netblock.  Our previous provider, Sprint, had no
problem "adding" it to their network/advertising it (that circuit is now
disconnected).  We've started using an AT&T colo facility, and we're
having a lot of trouble trying to get AT&T to do the same thing there that
Sprint was able to do for us.  AT&T is refusing to advertise our
netblock/path it to our cabinet unless we have an AS number.  ARIN has
refused to give us one on the grounds (rightly so) that we're not
multi-homed.   AT&T says they'll give  us a temporary ASN, and want us
to do eBGP for our netblock.  They sent the technical information over
today, and they want two distinct routers to act as the bgp peers...

Anyway, it's all getting (for us) pretty complicated.   We're a fairly
small firm and just want an Ethernet handoff with our IP block on it.
Sprint didn't blink at the request, but AT&T...  We're getting a good rate
from AT&T for the IP services because it's at their colo.
Switching back to Sprint would definitely be more costly.

Questions:

1.  Is what we're asking for unusual/uncalled for?
2.  What's the technical terminology for the request for AT&T to simply
start advertising our netblock called?  I'm wondering if they're not
understanding our request.

Any other comments/input/suggestions welcomed.

Thanks in advance,

Mike Donahue
WATG

Re: request for help w/ ATT and terminology

[Patrick W. Gilmore]

On Jan 16, 2008, at 4:55 PM, Darryl Dunkin wrote:

If you want connectivity from both AT&T and Sprint with your one  
block,

you have plenty of justification from ARIN to get your AS assigned
assuming both feeds come into one location.

However, it looks like you are asking two providers to announce the  
same
block at two different locations (different origin AS on each). If  
this

is the case, it won't happen, you'd be better off justifying an
allocation of the additional space from AT&T.


1) It can, has, and continues to happen all the time.  It's a  
perfectly valid way to route on the Internet.  Although not what I  
would do personally.


2) He said he killed the Sprint line.  He also said ARIN (correctly)  
denied him an ASN because he was not multi-homed.


--
TTFN,
patrick



-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf  
Of

Mike Donahue
Sent: Wednesday, January 16, 2008 13:37
To: nanog@merit.edu
Subject: request for help w/ ATT and terminology


Hi.  I'm by no means an ip/networking expert, and we're having some
difficulty communicating with the boffins at AT&T.  Any
input/advice/translation would be appreciated.

We own our own class C netblock.  Our previous provider, Sprint, had  
no
problem "adding" it to their network/advertising it (that circuit is  
now

disconnected).  We've started using an AT&T colo facility, and we're
having a lot of trouble trying to get AT&T to do the same thing there
that Sprint was able to do for us.  AT&T is refusing to advertise our
netblock/path it to our cabinet unless we have an AS number.  ARIN has
refused to give us one on the grounds (rightly so) that we're not
multi-homed.   AT&T says they'll give  us a temporary ASN, and want us
to do eBGP for our netblock.  They sent the technical information over
today, and they want two distinct routers to act as the bgp peers...

Anyway, it's all getting (for us) pretty complicated.   We're a fairly
small firm and just want an Ethernet handoff with our IP block on it.
Sprint didn't blink at the request, but AT&T...  We're getting a good
rate from AT&T for the IP services because it's at their colo.
Switching back to Sprint would definitely be more costly.

Questions:

1.  Is what we're asking for unusual/uncalled for?
2.  What's the technical terminology for the request for AT&T to  
simply

start advertising our netblock called?  I'm wondering if they're not
understanding our request.

Any other comments/input/suggestions welcomed.

Thanks in advance,

Mike Donahue
WATG

Re: request for help w/ ATT and terminology

[Patrick W. Gilmore]

On Jan 16, 2008, at 4:37 PM, Mike Donahue wrote:


Hi.  I'm by no means an ip/networking expert, and we're having some
difficulty communicating with the boffins at AT&T.  Any
input/advice/translation would be appreciated.

We own our own class C netblock.  Our previous provider, Sprint, had  
no
problem "adding" it to their network/advertising it (that circuit is  
now

disconnected).  We've started using an AT&T colo facility, and we're
having a lot of trouble trying to get AT&T to do the same thing there
that Sprint was able to do for us.  AT&T is refusing to advertise our
netblock/path it to our cabinet unless we have an AS number.  ARIN has
refused to give us one on the grounds (rightly so) that we're not
multi-homed.   AT&T says they'll give  us a temporary ASN, and want us
to do eBGP for our netblock.  They sent the technical information over
today, and they want two distinct routers to act as the bgp peers...

Anyway, it's all getting (for us) pretty complicated.   We're a fairly
small firm and just want an Ethernet handoff with our IP block on it.
Sprint didn't blink at the request, but AT&T...  We're getting a good
rate from AT&T for the IP services because it's at their colo.
Switching back to Sprint would definitely be more costly.

Questions:
[EMAIL PROTECTED]@merit.edu
1.  Is what we're asking for unusual/uncalled for?


It's at&t's network.  They should be allowed to run it as they  
please.  So it's hard to say anything (other than abuse) is "uncalled  
for".


Unusual?  Hell yes.


2.  What's the technical terminology for the request for AT&T to  
simply

start advertising our netblock called?  I'm wondering if they're not
understanding our request.


Ask for at&t to "originate my /24, and route it to my rack".

If they don't get that, find another provider.

--
TTFN,
patrick

RE: request for help w/ ATT and terminology

[Darryl Dunkin]

If you want connectivity from both AT&T and Sprint with your one block,
you have plenty of justification from ARIN to get your AS assigned
assuming both feeds come into one location.

However, it looks like you are asking two providers to announce the same
block at two different locations (different origin AS on each). If this
is the case, it won't happen, you'd be better off justifying an
allocation of the additional space from AT&T.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Mike Donahue
Sent: Wednesday, January 16, 2008 13:37
To: nanog@merit.edu
Subject: request for help w/ ATT and terminology


Hi.  I'm by no means an ip/networking expert, and we're having some
difficulty communicating with the boffins at AT&T.  Any
input/advice/translation would be appreciated.

We own our own class C netblock.  Our previous provider, Sprint, had no
problem "adding" it to their network/advertising it (that circuit is now
disconnected).  We've started using an AT&T colo facility, and we're
having a lot of trouble trying to get AT&T to do the same thing there
that Sprint was able to do for us.  AT&T is refusing to advertise our
netblock/path it to our cabinet unless we have an AS number.  ARIN has
refused to give us one on the grounds (rightly so) that we're not
multi-homed.   AT&T says they'll give  us a temporary ASN, and want us
to do eBGP for our netblock.  They sent the technical information over
today, and they want two distinct routers to act as the bgp peers...

Anyway, it's all getting (for us) pretty complicated.   We're a fairly
small firm and just want an Ethernet handoff with our IP block on it.
Sprint didn't blink at the request, but AT&T...  We're getting a good
rate from AT&T for the IP services because it's at their colo.
Switching back to Sprint would definitely be more costly.

Questions:

1.  Is what we're asking for unusual/uncalled for?
2.  What's the technical terminology for the request for AT&T to simply
start advertising our netblock called?  I'm wondering if they're not
understanding our request.

Any other comments/input/suggestions welcomed.

Thanks in advance,

Mike Donahue
WATG

request for help w/ ATT and terminology

[Mike Donahue]

Hi.  I'm by no means an ip/networking expert, and we're having some
difficulty communicating with the boffins at AT&T.  Any
input/advice/translation would be appreciated.

We own our own class C netblock.  Our previous provider, Sprint, had no
problem "adding" it to their network/advertising it (that circuit is now
disconnected).  We've started using an AT&T colo facility, and we're
having a lot of trouble trying to get AT&T to do the same thing there
that Sprint was able to do for us.  AT&T is refusing to advertise our
netblock/path it to our cabinet unless we have an AS number.  ARIN has
refused to give us one on the grounds (rightly so) that we're not
multi-homed.   AT&T says they'll give  us a temporary ASN, and want us
to do eBGP for our netblock.  They sent the technical information over
today, and they want two distinct routers to act as the bgp peers...

Anyway, it's all getting (for us) pretty complicated.   We're a fairly
small firm and just want an Ethernet handoff with our IP block on it.
Sprint didn't blink at the request, but AT&T...  We're getting a good
rate from AT&T for the IP services because it's at their colo.
Switching back to Sprint would definitely be more costly.

Questions:

1.  Is what we're asking for unusual/uncalled for?
2.  What's the technical terminology for the request for AT&T to simply
start advertising our netblock called?  I'm wondering if they're not
understanding our request.

Any other comments/input/suggestions welcomed.

Thanks in advance,

Mike Donahue
WATG

Re: Looking for geo-directional DNS service

[Steve Gibbard]

On Tue, 15 Jan 2008, Patrick W.Gilmore wrote:


On Jan 15, 2008, at 12:00 PM, Bill Woodcock wrote:
[...]

If you're doing things on the Internet, instead of the physical world,
topological distance is presumably of much greater interest than whatever
geographic proximity may coincidentally obtain.


Unless you define "topologically nearest" as "what BGP picks", that is 
incorrect.  And even if you do define topology to be equivalent to BGP, that 
is not what is of the greatest interest.  "Goodput" (latency, packet loss, 
throughput) is far more important.  IMHO.


If you don't like my example, then ignore Ashburn and take a random, 
medium-sized network.  Now assume an anycast node which is topologically 
(i.e. latency, bit-miles, throughput, whatever your definition) closer 
through transit, compared to a node topologically farther away through 
peering.  Which is chosen?  And this is not even close to an unusual 
situation.


This in no way means anycast sux.  It just means anycast is not, by a long 
shot, guaranteed to give you the "closest" node by any reasonable definition. 
(Sorry, I don't think "node BGP picks" is "reasonable".  You are welcome to 
disagree, but the point still stands that other definitions of "reasonable" 
are not satisfied.)


There are many different ways to set up Internet topology.  Some of these 
achieve geographic proximity, and some don't.  Network topology that 
doesn't match geographic proximity (common in Southern Africa, South 
America, and to a degree in the central US) leads to some unavoidable 
performance issues (speed of light, constraints on long distance 
capacity, etc.).  A distribution system following topology in such an 
environment won't do nearly as well as one that follows topology in a 
better interconnected area, but following topology should still produce 
better performance than not doing so.  If traffic from ISP A to ISP B in 
Region 1 goes through Region 2, ISP B will be served better by content in 
Region 2 than by content in ISP A.  So, following topology is good.


There are many different ways to set up an anycast system, and how a 
system is set up has a lot of influence on what node BGP on the networks 
that connect to it are going to pick.  If somebody setting up an anycast 
system plugs a bunch of nodes into random networks scattered around the 
world, they're not going to do very well on geographic or topological 
proximity.  Chances are, they'll end up with situations like the K Root in 
India that was at one point getting most of its traffic from North 
America.  But if an anycast system is set up with the right transit and 
peering policies, it can do a decent job of matching topology.


I went into this in a lot more detail in the paper at: 
http://www.pch.net/resources/papers.php?dir=/anycast-performance


Will a well-designed anycast system do as well as Akamai?  Probably not. 
Akamai does actual testing of paths rather than using theory to decide 
what the paths will probably look like, which should give them a much 
better view of places where reality doesn't match theory.  They've also 
got a lot more locations than anybody else doing this, which means they 
should typically be able to get much closer to where the content needs to 
go.  But Akamai has lots of patents and lots of proprietary software 
making their decisions about where to source things from.  They charge 
their customers quite a bit for this service, and the cost savings their 
technology and wide footprint should produce go to the receiving networks 
who don't have to carry the traffic very far, rather than to the content 
provider who would hot potato the traffic off at the closest possible 
point anyway.  So, the decision for somebody deciding whether to use 
Akamai, use one of its less advanced competitors, or make their own, may 
come down to whether they can produce something good enough, rather than 
whether they can produce something as good or better.


-Steve

RE: Network Operator Groups Outside the US

[Neil J. McRae]

Swinog in switzerland is a great forum.

-Original Message-
From: Rob Gallagher <[EMAIL PROTECTED]>
Sent: 16 January 2008 14:46
To: nanog@merit.edu
Subject: Re: Network Operator Groups Outside the US

On Wed, 16 Jan 2008 12:09:48 -
"Rod Beck" <[EMAIL PROTECTED]> wrote:

> 
> 6. I am not aware of any Dutch per se ISP conferences although that
> market is certainly quite vibrant. I am also disappointed to see the
> Canadians and Irish have next to nothing despite Ireland being the
> European base of operations for Google, Microsoft, Amazon, and Yahoo.
> And Canada has over 30 million people. Where is the National Pride?
>   

There is an IENOG (www.ienog.org), however I believe it has been
inactive for a long time. Much of the discussion occurs on the INEX
(www.inex.ie) mailing lists and IRC channel.

rg

-- 
Rob Gallagher | Public Key: 0x1DD13A78

HEAnet Limited, Ireland's Education and Research Network
1st Floor, 5 George's Dock, IFSC, Dublin 1.
Registered in Ireland, no 275301
T: (+353-1) 6609040  F: (+353-1) 6603666 WWW: http://www.heanet.ie/

(broadband routers) PC World: Flash Attack Could Take Over Your Router

[Gadi Evron]

Props to Jeff Chan who I saw it from.

Yes, I still believe these ISP distributed machines called broadband 
routers are a network operators issue. But not all may agree on that.


--
http://news.yahoo.com/s/pcworld/20080116/tc_pcworld/141399

Flash Attack Could Take Over Your Router

Robert McMillan, IDG News Service Tue Jan 15, 7:08 PM ET

Security researchers have released code showing how a pair of widely used 
technologies could be misused to take control of a victim's Web browsing 
experience.


The code, published over the weekend by researchers Adrian Pastor and Petko 
Petkov, exploits features in two technologies: The Universal Plug and Play 
(UPnP) protocol, which is used by many operating systems to make it easier for 
them to work with devices on a network; and Adobe Systems' Flash multimedia 
software.


By tricking a victim into viewing a malicious Flash file, an attacker could use 
UPnP to change the primary DNS (Domain Name System) server used by the router 
to find other computers on the Internet. This would give the attacker a 
virtually undetectable way to redirect the victim to fake Web sites. For 
example, a victim with a compromised router could be taken to the attacker's 
Web server, even if he typed Citibank.com directly into the Web browser 
navigation bar.


"The most malicious of all malicious things is to change the primary DNS 
server," the researchers wrote. "That will effectively turn the router and the 
network it controls into a zombie which the attacker can take advantage of 
whenever they feel like it."


Because so many routers support UPnP, the researchers believe that "ninety nine 
percent of home routers are vulnerable to this attack."


In fact, many other types of UPnP devices, such as printers, digital 
entertainment systems and cameras are also potentially at risk, they added in a 
Frequently Asked Questions Web page explaining their research.

[...]

Re: Looking for geo-directional DNS service

[Joe Greco]

> [EMAIL PROTECTED] (Joe Greco) writes:
> > ...
> > So, anyways, would it be entertaining to discuss the relative merits of
> > various DNS implementations that attempt to provide geographic answers 
> > to requests, versus doing it at a higher level?  (I can hear everyone 
> > groaning now, and some purist somewhere probably having fits)
> 
> off topic.  see .

Possibly, but I found myself removed from that particular party, and the
request was on NANOG, not on dns-operations.  I was under the impression 
that dns-operations was for discussion of DNS operations, not 
implementation choices.  Whether NANOG is completely appropriate remains 
to be seen; I haven't heard a ML complaint though.  There would ideally 
be a list for implementation and design of such things, but I've yet to 
see one that's actually useful, which is, I suspect, why NANOG got a 
request like this.

Besides, if you refer back to the original message in this thread, where I
was driving would be much closer to being related to what the OP was 
interested in.

Hank was saying:

> What I am looking for is a commercial DNS service.
> [...]
> Another service I know about is the Ultradns (now Neustar) Directional DNS:
> http://www.neustarultraservices.biz/solutions/directionaldns.html
> But this service is based on statically defined IP responses at each of
> their 14 sites so there is no proximity checking done.

So there are three basic ways to go about it,

1) Totally static data (in which case anycast and directionality are not a
   consideration, at least at the DNS level), which does not preclude doing
   things at a higher level.

2) Simple anycast, as in the Directional DNS service Hank mentioned, which
   has thoroughly been thrashed into the ground as to why it ain't great,
   which it seems Hank already understood.

3) Complex DNS implementations.  Such as ones that will actually do active
   probes, etc.  Possibly combined with 1) even.

I was trying to redirect the dead anycast horse beating back towards a 
discussion of the relative merits of 1) vs 3).  The largest problems with 
3) seem to revolve around the fact that you generally have no idea where 
a request /actually/ originated, and you're pinning your hopes on the 
client's resolver having some vague proximity to the actual client. 
Redirection at a higher level is going to be desirable, but is not always 
possible, such as for protocols like NNTP.

I'm happy to be criticized for guiding a conversation back towards being
relevant...  :-)

... JG
-- 
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
"We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.

Re: Looking for geo-directional DNS service

[Paul Vixie]

[EMAIL PROTECTED] (Joe Greco) writes:
> ...
> So, anyways, would it be entertaining to discuss the relative merits of
> various DNS implementations that attempt to provide geographic answers 
> to requests, versus doing it at a higher level?  (I can hear everyone 
> groaning now, and some purist somewhere probably having fits)

off topic.  see .
-- 
Paul Vixie

Re: Network Operator Groups Outside the US

[Rob Gallagher]

On Wed, 16 Jan 2008 12:09:48 -
"Rod Beck" <[EMAIL PROTECTED]> wrote:

> 
> 6. I am not aware of any Dutch per se ISP conferences although that
> market is certainly quite vibrant. I am also disappointed to see the
> Canadians and Irish have next to nothing despite Ireland being the
> European base of operations for Google, Microsoft, Amazon, and Yahoo.
> And Canada has over 30 million people. Where is the National Pride?
>   

There is an IENOG (www.ienog.org), however I believe it has been
inactive for a long time. Much of the discussion occurs on the INEX
(www.inex.ie) mailing lists and IRC channel.

rg

-- 
Rob Gallagher | Public Key: 0x1DD13A78

HEAnet Limited, Ireland's Education and Research Network
1st Floor, 5 George's Dock, IFSC, Dublin 1.
Registered in Ireland, no 275301
T: (+353-1) 6609040  F: (+353-1) 6603666 WWW: http://www.heanet.ie/


signature.asc
Description: PGP signature

RE: FW: ISPs slowing P2P traffic...

[Frank Bulk]

The wikipedia article is simplified to the extent that it doesn't embed
actual practices.  Those are best obtained at SCTE meetings and discussion
with CMTS vendors.

A 10x oversubscription rate from residential broadband access doesn't seem
too unreasonable to me based in practice and what I've heard, but perhaps
other operators have differing opinions or experiences.

The '250' is really 250 subscribers in my case, but you're right, you see
different figures bandied about in regards to homes passed and penetration.

Frank

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Mikael Abrahamsson
Sent: Wednesday, January 16, 2008 1:07 AM
To: nanog@merit.edu
Subject: RE: FW: ISPs slowing P2P traffic...


On Tue, 15 Jan 2008, Frank Bulk wrote:

> Except that upstreams are not at 27 Mbps
> (http://i.cmpnet.com/commsdesign/csd/2002/jun02/imedia-fig1.gif show that
> you would be using 32 QAM at 6.4 MHz).  The majority of MSOs are at 16-QAM
> at 3.2 MHz, which is about 10 Mbps.  We just took over two systems that
were
> at QPSK at 3.2 Mbps, which is about 5 Mbps.

Ok, so the wikipedia article  is
heavily simplified? Any chance someone with good knowledge of this could
update the page to be more accurate?

> And upstreams are usually sized not to be more than 250 users per upstream
> port.  So that would be a 10:1 oversubscription on upstream, not too bad,
by
> my reckoning.  The 1000 you are thinking of is probably 1000 users per
> downstream power, and there is a usually a 1:4 to 1:6 ratio of downstream
to
> upstream ports.

250 users sharing 10 megabit/s would mean 40 kilobit/s average utilization
which to me seems very tight. Or is this "250 apartments" meaning perhaps
40% subscribe to the service indicating that those "250" really are 100
and that the average utilization then can be 100 kilobit/s upstream?

With these figures I can really see why companies using HFC/Coax have a
problem with P2P, the technical implementation is not really suited for
the application.

--
Mikael Abrahamssonemail: [EMAIL PROTECTED]

Re: Network Operator Groups Outside the US

[Rob Gallagher]

On Wed, 16 Jan 2008 12:09:48 -
"Rod Beck" <[EMAIL PROTECTED]> wrote:

> 
> 6. I am not aware of any Dutch per se ISP conferences although that
> market is certainly quite vibrant. I am also disappointed to see the
> Canadians and Irish have next to nothing despite Ireland being the
> European base of operations for Google, Microsoft, Amazon, and Yahoo.
> And Canada has over 30 million people. Where is the National Pride?
>   

There is an IENOG (www.ienog.org), however I believe it has been
inactive for a long time. Much of the discussion occurs on the INEX
(www.inex.ie) mailing lists and IRC channel.

rg

-- 
Rob Gallagher | Public Key: 0x1DD13A78

HEAnet Limited, Ireland's Education and Research Network
1st Floor, 5 George's Dock, IFSC, Dublin 1.
Registered in Ireland, no 275301
T: (+353-1) 6609040  F: (+353-1) 6603666 WWW: http://www.heanet.ie/


signature.asc
Description: PGP signature

Re: Network Operator Groups Outside the US

[Joe Provo]

On Wed, Jan 16, 2008 at 01:44:00PM +0100, Phil Regnauld wrote:
[snip]

Also missed Middle East Network Operators Group (MENOG): 
 http://www.menog.net/


Better still would be some links to aggregate lists:
- http://www.nanog.org/orgs.html
- http://www.bugest.net/nogs.html 
- http://nanog.cluepon.net/index.php/Other_Operations_Groups

...and aggregated calendars:
- http://www.icann.org/general/calendar/
- http://www.isoc.org/isoc/conferences/events/

Cheers,

Joe

-- 
 RSUC / GweepNet / Spunk / FnB / Usenix / SAGE

Re: Network Operator Groups Outside the US

[Adrian Chadd]

.. and could someone or other update the wiki with this info?

http://nanog.cluepon.net/index.php/Other_Operations_Groups

I added a couple.



Adrian

On Wed, Jan 16, 2008, Rod Beck wrote:
> Hi Folks, 
> 
> 1. UK: UKNOF; http://www.uknof.org.uk/ I just attended the last meeting 
> Monday. Free and a good lunch included! 
> Please do not confuse UKNOF with the United Kingdom Nitric Oxide Forum. 
> Nitric Oxide keeps your arteries relaxed and your blood pressure under 
> control 
> 
> 2. Europe: RIPE; http://www.ripe.net/ The Big Meeting is in Berlin in early 
> May. 
> 
> 3. France: FRnOG; http://www.frnog.org/ Has several meetings each year. Has 
> interesting discussions in French on its mailing list. Moderator makes Stalin 
> look easy going. 
> 
> 4. UK: LINX; https://www.linx.net/ Has four meetings each year. Not difficult 
> to get invited if you are not a member.  
> 
> 5. LAMBDANET hosts several German ISP meetings; 
> http://www.lambdanet.net/index.php?p=92&l=1&sid=ee8bc11d266a13bffdcd59ceb45c329d.
>  Language is German. 
> Please do not confuse with the Intranet for the Brothers of Lambda Theta Phi, 
> Latin Fraternity Inc.
> 
> 6. I am not aware of any Dutch per se ISP conferences although that market is 
> certainly quite vibrant. I am also disappointed to see the Canadians and 
> Irish have next to nothing despite Ireland being the European base of 
> operations for Google, Microsoft, Amazon, and Yahoo. And Canada has over 30 
> million people. Where is the National Pride?
> 
> 7. It is worthing mentioning that DEC-IX has started the practice of hosting 
> carrier meetings a la Telx. These are not conferences with lectures, but 
> networking events where each provider has a booth where they can push their 
> products and services. Tends to be more carrier than ISP, but as you know the 
> union of these two sets is not the null set. Quite a bit of overlap. 
> 
> 8. Both DEC-IX and AMS-IX have member meetings each year. Not clear how 
> difficult to get invited if you are not a member. 
> 
> 9. I believe there are some Northern England ISP meetings. Probably MANAP. 
> 
> Roderick S. Beck
> Director of European Sales
> Hibernia Atlantic
> 1, Passage du Chantier, 75012 Paris
> http://www.hiberniaatlantic.com
> Wireless: 1-212-444-8829. 
> Landline: 33-1-4346-3209.
> French Wireless: 33-6-14-33-48-97.
> AOL Messenger: GlobalBandwidth
> [EMAIL PROTECTED]
> [EMAIL PROTECTED]
> ``Unthinking respect for authority is the greatest enemy of truth.'' Albert 
> Einstein. 
> 
> 

-- 
- Xenion - http://www.xenion.com.au/ - VPS Hosting - Commercial Squid Support -
- $25/pm entry-level VPSes w/ capped bandwidth charges available in WA -

RE: Network Operator Groups Outside the US

[Skeeve Stevens]

AusNOG - The Australian Network Operator Group - http://www.ausnog.net/
- Had its first meeting Nov 15-16 2007 - http://2007.ausnog.net/

NZNog - The New Zealand Operator Group - http://www.nznog.org/
- 2008 Conference will be held in a couple of week - http://2008.nznog.org/





From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rod
Beck
Sent: Wednesday, 16 January 2008 11:10 PM
To: nanog@merit.edu
Subject: Network Operator Groups Outside the US

Hi Folks,

1. UK: UKNOF; http://www.uknof.org.uk/ I just attended the last meeting
Monday. Free and a good lunch included!
Please do not confuse UKNOF with the United Kingdom Nitric Oxide Forum.
Nitric Oxide keeps your arteries relaxed and your blood pressure under
control

2. Europe: RIPE; http://www.ripe.net/ The Big Meeting is in Berlin in early
May.

3. France: FRnOG; http://www.frnog.org/ Has several meetings each year. Has
interesting discussions in French on its mailing list. Moderator makes
Stalin look easy going.

4. UK: LINX; https://www.linx.net/ Has four meetings each year. Not
difficult to get invited if you are not a member. 

5. LAMBDANET hosts several German ISP meetings;
http://www.lambdanet.net/index.php?p=92&l=1&sid=ee8bc11d266a13bffdcd59ceb45c
329d. Language is German.
Please do not confuse with the Intranet for the Brothers of Lambda Theta
Phi, Latin Fraternity Inc.

6. I am not aware of any Dutch per se ISP conferences although that market
is certainly quite vibrant. I am also disappointed to see the Canadians and
Irish have next to nothing despite Ireland being the European base of
operations for Google, Microsoft, Amazon, and Yahoo. And Canada has over 30
million people. Where is the National Pride?

7. It is worthing mentioning that DEC-IX has started the practice of hosting
carrier meetings a la Telx. These are not conferences with lectures, but
networking events where each provider has a booth where they can push their
products and services. Tends to be more carrier than ISP, but as you know
the union of these two sets is not the null set. Quite a bit of overlap.

8. Both DEC-IX and AMS-IX have member meetings each year. Not clear how
difficult to get invited if you are not a member.

9. I believe there are some Northern England ISP meetings. Probably MANAP.

Roderick S. Beck
Director of European Sales
Hibernia Atlantic
1, Passage du Chantier, 75012 Paris
http://www.hiberniaatlantic.com
Wireless: 1-212-444-8829.
Landline: 33-1-4346-3209.
French Wireless: 33-6-14-33-48-97.
AOL Messenger: GlobalBandwidth
[EMAIL PROTECTED]
[EMAIL PROTECTED]
``Unthinking respect for authority is the greatest enemy of truth.'' Albert
Einstein.

Re: ISPs slowing P2P traffic...

[Phil Regnauld]

Stephane Bortzmeyer (bortzmeyer) writes:
> 
> > that appears on most packaged foods in the States, that ISPs put on
> > their Web sites and advertisements. I'm willing to disclose that we
> > block certain ports [...]
> 
> As a consumer, I would say YES. And FCC should mandates it.

... and if the FCC doesn't mandate it, maybe we'll see some
self-labelling, just like the some food producers have been
doing in a few countries ("this doesn't contain preservatives")
in the absence of formal regulation.

> Practically speaking, you may find the RFC 4084 "Terminology for
> Describing Internet Connectivity" interesting:

Agreed.  Something describing Internet service, and breaking it
down into "essential components" such as:

- end-to-end IP (NAT/NO NAT)
- IPv6 availability (Y/N/timeline)
- transparent HTTP redirection or not
- DNS catchall or not
- possibilities to enable/disable and cost
- port filtering/throttling if any (P2P, SIP, ...)
- respect of evil bit   

Re: Network Operator Groups Outside the US

[Gadi Evron]

On Wed, 16 Jan 2008, Simon Lockhart wrote:


On Wed Jan 16, 2008 at 12:09:48PM -, Rod Beck wrote:

6. I am not aware of any Dutch per se ISP conferences although that market is
certainly quite vibrant. I am also disappointed to see the Canadians and
Irish have next to nothing despite Ireland being the European base of
operations for Google, Microsoft, Amazon, and Yahoo. And Canada has over 30
million people. Where is the National Pride?


Inex, the Dublin internet exchange runs member meetings a few times a year.
(But, like LINX, DE-CIX & AMS-IX member meetings, they're designed for members,
not for the general community).

NANOG occasionally holds meetings in Canada.


8. Both DEC-IX and AMS-IX have member meetings each year. Not clear how
difficult to get invited if you are not a member.


There's also the EPF (European Peering Forum) co-run by LINX, DE-CIX and AMS-IX
once a year.


IL-ops for Israeli operators



Simon

Re: Network Operator Groups Outside the US

[Fredy Kuenzler]

Suresh Ramasubramanian schrieb:

APRICOT - http://www.apricot2008.net next month in Taipei.
SANOG - www.sanog.org - going on right now in Dhaka, Bangladesh


SwiNOG - http://www.swinog.ch/ - two meetings per year in Berne,
Switzerland, active mailing list, IRC and regional beer events.

Regards,
Fredy

Re: Network Operator Groups Outside the US

[Phil Regnauld]

Rod Beck (Rod.Beck) writes:
> 
> 3. France: FRnOG; http://www.frnog.org/ Has several meetings each year. Has 
> interesting discussions in French on its mailing list. Moderator makes Stalin 
> look easy going. 

Interesting point of view, I'm sure it's impartial.

Note that Scandinavia doesn't have anything formal network operator 
meeting
either, even though it's a very active area.

Re: Network Operator Groups Outside the US

[Phil Regnauld]

Rod Beck (Rod.Beck) writes:
> Hi Folks, 

AfNOG, African Network Operators Group.  Will be on its 9th year this
year in Rabat, Marocco.  It takes place back-to-back with the AFRINIC
meeting:

http://www.afnog.org/afnog2008/announce.html

Re: Network Operator Groups Outside the US

[Jeroen Massar]

Rod Beck wrote:
[..]
6. I am not aware of any Dutch per se ISP conferences although that 
market is certainly quite vibrant.


See http://www.nlnog.net/ though "conferences" is not the case, then 
again there is RIPE + AMS-IX meetings, who needs more than that :)


Also see http://www.swinog.org for the Swiss Network Operators Group, 
which I can really recommend for attending meetings as they are a lot of 
fun. (Hint: Generally the meeting is hold in the "Altes TramDepot" 
(http://www.altestramdepot.ch/) , which is a beer brewery and has a wide 
selection of beers ;)


I am also disappointed to see the 
Canadians and Irish have next to nothing despite Ireland being the 
European base of operations for Google, Microsoft, Amazon, and Yahoo. 


Ireland has SAGE-IE (http://www.sysadmin.ie/) which fills in the niche 
quite well, together with ILUG (http://www.linux.ie/) for related 
subjects. I think they are quite well covered too :)


Germany btw has CCC Congress + SummerCamp (http://events.ccc.de), thus 
they are also covered :) Though indeed not 100% ISP events, they are 
very much related and also a lot of fun.


8. Both DEC-IX and AMS-IX have member meetings each year. Not clear how 
difficult to get invited if you are not a member.


If you are not a member at either of these your network has a problem :)
(Oh and you are missing out on the great AMS-IX parties too!)

Greets,
 Jeroen



signature.asc
Description: OpenPGP digital signature

Re: Network Operator Groups Outside the US

[Simon Lockhart]

On Wed Jan 16, 2008 at 12:09:48PM -, Rod Beck wrote:
> 6. I am not aware of any Dutch per se ISP conferences although that market is
> certainly quite vibrant. I am also disappointed to see the Canadians and
> Irish have next to nothing despite Ireland being the European base of
> operations for Google, Microsoft, Amazon, and Yahoo. And Canada has over 30
> million people. Where is the National Pride?

Inex, the Dublin internet exchange runs member meetings a few times a year.
(But, like LINX, DE-CIX & AMS-IX member meetings, they're designed for members,
not for the general community).

NANOG occasionally holds meetings in Canada.

> 8. Both DEC-IX and AMS-IX have member meetings each year. Not clear how
> difficult to get invited if you are not a member. 

There's also the EPF (European Peering Forum) co-run by LINX, DE-CIX and AMS-IX
once a year.

Simon

Re: Network Operator Groups Outside the US

[Suresh Ramasubramanian]

On Jan 16, 2008 5:39 PM, Rod Beck <[EMAIL PROTECTED]> wrote:
>  1. UK: UKNOF; http://www.uknof.org.uk/ I just attended the last meeting
> Monday. Free and a good lunch included!
>  Please do not confuse UKNOF with the United Kingdom Nitric Oxide Forum.
> Nitric Oxide keeps your arteries relaxed and your blood pressure under
> control

[...]

APRICOT - http://www.apricot2008.net next month in Taipei.
SANOG - www.sanog.org - going on right now in Dhaka, Bangladesh

-- 
Suresh Ramasubramanian ([EMAIL PROTECTED])

Network Operator Groups Outside the US

[Rod Beck]

Hi Folks, 

1. UK: UKNOF; http://www.uknof.org.uk/ I just attended the last meeting Monday. 
Free and a good lunch included! 
Please do not confuse UKNOF with the United Kingdom Nitric Oxide Forum. Nitric 
Oxide keeps your arteries relaxed and your blood pressure under control 

2. Europe: RIPE; http://www.ripe.net/ The Big Meeting is in Berlin in early 
May. 

3. France: FRnOG; http://www.frnog.org/ Has several meetings each year. Has 
interesting discussions in French on its mailing list. Moderator makes Stalin 
look easy going. 

4. UK: LINX; https://www.linx.net/ Has four meetings each year. Not difficult 
to get invited if you are not a member.  

5. LAMBDANET hosts several German ISP meetings; 
http://www.lambdanet.net/index.php?p=92&l=1&sid=ee8bc11d266a13bffdcd59ceb45c329d.
 Language is German. 
Please do not confuse with the Intranet for the Brothers of Lambda Theta Phi, 
Latin Fraternity Inc.

6. I am not aware of any Dutch per se ISP conferences although that market is 
certainly quite vibrant. I am also disappointed to see the Canadians and Irish 
have next to nothing despite Ireland being the European base of operations for 
Google, Microsoft, Amazon, and Yahoo. And Canada has over 30 million people. 
Where is the National Pride?

7. It is worthing mentioning that DEC-IX has started the practice of hosting 
carrier meetings a la Telx. These are not conferences with lectures, but 
networking events where each provider has a booth where they can push their 
products and services. Tends to be more carrier than ISP, but as you know the 
union of these two sets is not the null set. Quite a bit of overlap. 

8. Both DEC-IX and AMS-IX have member meetings each year. Not clear how 
difficult to get invited if you are not a member. 

9. I believe there are some Northern England ISP meetings. Probably MANAP. 

Roderick S. Beck
Director of European Sales
Hibernia Atlantic
1, Passage du Chantier, 75012 Paris
http://www.hiberniaatlantic.com
Wireless: 1-212-444-8829. 
Landline: 33-1-4346-3209.
French Wireless: 33-6-14-33-48-97.
AOL Messenger: GlobalBandwidth
[EMAIL PROTECTED]
[EMAIL PROTECTED]
``Unthinking respect for authority is the greatest enemy of truth.'' Albert 
Einstein. 

Re: ISPs slowing P2P traffic...

[Stephane Bortzmeyer]

On Tue, Jan 15, 2008 at 12:14:33PM -0600,
 David E. Smith <[EMAIL PROTECTED]> wrote 
 a message of 61 lines which said:

> To try to make this slightly more relevant, is it a good idea,
> either technically or legally, to mandate some sort of standard for
> this? I'm thinking something like the "Nutrition Facts" information
> that appears on most packaged foods in the States, that ISPs put on
> their Web sites and advertisements. I'm willing to disclose that we
> block certain ports [...]

As a consumer, I would say YES. And FCC should mandates it.

Practically speaking, you may find the RFC 4084 "Terminology for
Describing Internet Connectivity" interesting:

   As the Internet has evolved, many types of arrangements have been
   advertised and sold as "Internet connectivity".  Because these may
   differ significantly in the capabilities they offer, the range of
   options, and the lack of any standard terminology, the effort to
   distinguish between these services has caused considerable consumer
   confusion.  This document provides a list of terms and definitions
   that may be helpful to providers, consumers, and, potentially,
   regulators in clarifying the type and character of services being
   offered.

http://www.ietf.org/rfc/rfc4084.txt

summary of ipflow/netflow appliance

[Stefan Hegger]

Here a summary of the answers I got. Again thanks for your help.

mail from Joe 
>-Try fprobe, open source:  http://sourceforge.net/projects/fprobe 

reply from Samuel
>-nProbe by ntop.org is pretty robust tool for generating v5/v9 flows and 
>fairly inexpensive. http://www.ntop.org/nProbe.html

mail from Roland 
>-Lancope offer a productized version of this, I believe Endace too, too.

I talked to Lancope, they might provide me in 1 or 2 years with a 10G 
interface.

mail from Frank
>I just had an extended briefing with a company called Xangati.  Very
>interesting stuff, but they didn't talk about ways to obtain netflows if
>your router isn't able to natively generate them.

answer from Adam
>I can attest to this. nProbe is your best bet for a “virtual NetFlow 
>exporter”. It performs well and has tons of export formats and features. We 
>use it extensively for QA and testing. You do, however, have to pay a bit 
>or it whereas fprobe and others are free.

I talked to Peter Shaw [EMAIL PROTECTED]
here his answer

>Thanks for contacting us.  Yes, our Probe can handle the traffic level you
>describe. Our typical, hardware-accelerated Probe has 2 Gigabit ports, and
>shows less than 10% CPU utilisation when generating NetFlow records at the
>full 2Gbps.  We can readily build a Probe using 10Gig ports, and do not
>expect any performance challenge at the traffic level you describe.
>I have a couple of further questions/comments for you;
>1) what Collector system do you plan to send the NetFlow records to ?  We
>can work with any NetFlow-aware collector, but we do find that many of them
>struggle to keep up with the high volume of records from our Probe.  We are
>working on our own Collector/buffer system to reduce this problem, and
>expect this to be available in Q2'08.

I talked also to Luca Deri <[EMAIL PROTECTED]>
here the answer

>the nPulse appliance is based on an old version of nProbe I have  
>developed years ago. We offer nBox appliances (http://www.nmon.net/nBox.html 
>) with a new accelerated nProbe version not available to anyone but  
>us. Next month we plan to introduce a new model based on a accelerated  
>card developed with a a twin company, able to outperform existing  
>solutions but with a lower price.

>for 10G at the moment we use the Endace platform (NinjaProbe) or  
>Tilera (see http://www.tilera.com/pdf/ProductBrief_TILExpress_V1.pdf  
>and search for nProbe) cards for wire rate. If you have a few Gbits, a  
>software nBox can also be enough, but if you go above a hardware card  
>is definitively needed.
>In late 2008 we should have our custom 10G card available but until  
>then we rely on external hardware solutions.

>unless you want to buy the appliance from Endace and the software from  
>me, I can currently offer an nbox with dual 10G capability featuring  
>software packet capture acceleration for about 6K Euro. This model is  
>suitable for monitoring 2-3 Gbit of traffic. As I have stated before,  
>10G hardware capture acceleration still needs some time.

next mail from gert
>Has any of you done a reality-check before recommending these tools,
>whether one of them can actually *handle* a 10G-link?
>Sniffing 10G without losing packets is *hard*.
>Sniffing 10G and doing any sort of math with it is *very hard*.
>Any "sniff packets and do flow exports from there" application that 
>aims to do better than the flow hardware on the PFC3 needs to be really,
>really, *really* good.


conclusion:

It is not easy to find a device to capture a 10G interface and generate the 
netflow.

When I have news, I will will inform you.

Best Stefan

-- 
Stefan Hegger
Internet System Engineer

Lycos Europe GmbH
Carl-Bertelsmann Str. 29
Postfach 315
33312 Gütersloh 

Phone:
Tel: +49 5241 8071 334
Fax: +49 5241 80671 334
Mobile: +49 170 1892720

Sitz der Gesellschaft: Gütersloh
Amtsgericht Gütersloh, HRB 2157
Geschäftsführer: Christoph Mohn