Re: mtu mis-match
On Wed, 19 Mar 2008, ann kok wrote: Some DSL clients, some are working fine. (browsing...ping ...) Some DSL clients have this problem they can't browse the sites. they can ssh the host but couldn't run the command in the shell prompt ping packet are working fine (no packet lost) Seems like that when the first packet that exceeds MTU (I guess 1492) on the path is sent, you get a PMTU blackhole. You will see the same problem if you ping with big packets. As to why some clients work and others do not -- a good question. I have some theories on this point (different behaviour wrt setting DF bit; no MSS clamping and some DSL clients have MTU=1492 exposed to the user, others have a middlebox router which shows MTU=1500; some others). You may want to check that both ends are receiving ICMP packet too big messages (i.e. a firewall doesn't filter them out). -- Pekka Savola You each name yourselves king, yet the Netcore Oykingdom bleeds. Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
Re: mtu mis-match
On Wed, Mar 19, 2008 at 12:05:19PM -0700, ann kok wrote: Some DSL clients, some are working fine. (browsing...ping ...) Some DSL clients have this problem they can't browse the sites. they can ssh the host but couldn't run the command in the shell prompt ping packet are working fine (no packet lost) Why? but I still don't know why mtu can cause this problem Path MTU discovery failures are one of the possible causes for what you're seeing. (For example, you can establish an ssh connection to a host, because none of the packets exceed the path MTU. But as soon as you run a command that generates a substantial amount of output, the connection will appear to hang because the remote host is repeatedly retrying to send the same data because it doesn't see an ack while the local host is never seeing the data because it exceeds the MTU). This is often caused by overly-aggressive filtering of ICMP. I recommend taking a look at http://www.znep.com/~marcs/mtu/ as well as http://www.cymru.com/Documents/icmp-messages.html and then checking the configurations of network devices to make sure that ICMP type 3 code 4 traffic isn't being blocked. ---Rsk
Re: mtu mis-match
but I still don't know why mtu can cause this problem Blocking ICMP (specifically type 3,code 4) can also cause this .. because it breaks path MTU discovery (pmtud). The first part of this doc helps explain the issue : http://www.cisco.com/warp/public/105/pmtud_ipfrag.html Cheers, Michael Holstein Cleveland State University
BANDCON Contact
If someone from BANDCON is on list, please contact me off list. Thank you. Jon Kibler -- Jon R. Kibler Chief Technical Officer Advanced Systems Engineering Technology, Inc. Charleston, SC USA (843) 849-8214 == Filtered by: TRUSTEM.COM's Email Filtering Service http://www.trustem.com/ No Spam. No Viruses. Just Good Clean Email.
NXDOMAIN data needed for survey
We are looking to purchase NXDOMAIN data for an internet survey. We prefer to receive the data on an hourly basis so it is as fresh as possible. Our system receives the data from you via ftp that you provide. Its hard to value the data until we have taken a look at it. As one example, we pay a current partner $4000 per month for 100,000 records per day. If you would like to setup a test so we can determine the value of your data please contact me at [EMAIL PROTECTED] Please note that if you can also bring in other partners we will pay a 10% recurring finders fee. Ray
Re: NXDOMAIN data needed for survey
On Thu, Mar 20, 2008 at 12:22 PM, Ray Demain wrote: We are looking to purchase NXDOMAIN data for an internet survey. We prefer to receive the data on an hourly basis so it is as fresh as possible. Our system receives the data from you via ftp that you provide. Its hard to value the data until we have taken a look at it. As one example, we pay a current partner $4000 per month for 100,000 records per day. If you would like to setup a test so we can determine the value of your data please contact me at What company would this be for? -M
Re: NXDOMAIN data needed for survey
[EMAIL PROTECTED] (Ray Demain) writes: We are looking to purchase NXDOMAIN data for an internet survey. your survey sounds more like an ongoing typosquatting business venture. We prefer to receive the data on an hourly basis so it is as fresh as possible. Our system receives the data from you via ftp that you provide. Its hard to value the data until we have taken a look at it. As one example, we pay a current partner $4000 per month for 100,000 records per day. If you would like to setup a test so we can determine the value of your data please contact me at [EMAIL PROTECTED] Please note that if you can also bring in other partners we will pay a 10% recurring finders fee. thanks for clarifying my purpose in never collecting NXDOMAIN data in ISC SIE (see http://sie.isc.org/). several folks told me i was out to lunch, but now i've got http://www.merit.edu/mail.archives/nanog/msg06810.html to point at. -- Paul Vixie
default routes question or any way to do the rebundant
Hi ls it possible to have 2 default routes? or how can I do the rebundant when the route is still working either eth1 or eth2 down? Router2 192.168.0.2/20 eth1 192.168.0.18/20 eth2 10.0.0.1 eth3 ip route 0.0.0.0/0 192.168.0.1 ip route 0.0.0.0/0 192.168.0.17 or ip route 0.0.0.0/0 192.168.0.1 ip route 0.0.0.0/0 192.168.0.17 2 Router1 192.168.0.1 eth 192.168.0.17 eth2 172.16.0.1 eth3 host1 10.0.0.2 connects R2 couldn't ping host2 172.16.0.2 connects R1 when the link 192.168.0.1 is down host1-R1--Switch---R2-host2 --Switch--- i am using freebsd router Thank you for your help Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ
RE: NXDOMAIN data needed for survey
We are looking to purchase NXDOMAIN data for an internet survey. your survey sounds more like an ongoing typosquatting business venture. Doing a Google search with the keywords pay nxdomain data turns up some interesting information. --Michael Dillon
Re: NXDOMAIN data needed for survey
On Mar 20, 2008, at 9:56 AM, Martin Hannigan wrote: On Thu, Mar 20, 2008 at 12:22 PM, Ray Demain wrote: We are looking to purchase NXDOMAIN data for an internet survey. We prefer to receive the data on an hourly basis so it is as fresh as possible. Our system receives the data from you via ftp that you provide. Its hard to value the data until we have taken a look at it. As one example, we pay a current partner $4000 per month for 100,000 records per day. If you would like to setup a test so we can determine the value of your data please contact me at What company would this be for? A domain squatting company, presumably. The same pseudonym has been trolling web hosting forums to buy the same data today. He's Marlon Phillips, [EMAIL PROTECTED], I'm pretty sure, though which particular squatter company he represents, I've no idea. Cheers, Steve
RE: NXDOMAIN data needed for survey
What's even more interesting is that googling Ray Demain shows nothing, except this message. I'd say that M. Demain does not exist, and his money will be as real as his on-line presence. I always love commissions promised from entities whose revenues you can't audit. Never mind that the purpose of this is, most likely, to register domains as link-farms. I think it's best that we let David Ulevitch and the crew @ OpenDNS make the money that is to be made off this. He's doing good while doing well. BTW: If someone legitimate needs NXDOMAIN data, I do have a bunch. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Thursday, March 20, 2008 10:25 AM To: nanog@merit.edu Subject: RE: NXDOMAIN data needed for survey We are looking to purchase NXDOMAIN data for an internet survey. your survey sounds more like an ongoing typosquatting business venture. Doing a Google search with the keywords pay nxdomain data turns up some interesting information. --Michael Dillon
noop Re: NXDOMAIN data needed for survey
I'm about as offended from this post as I was when Canter Siegel happened. The inevitable forced realization that the our little world is indeed filled with evil, evil people that want to abuse it (or in this case, those associated with its operation) for their own ventures. I suppose we've all known that people like this exist, but after this post, i feel ... dirty. meh. -j On 20 Mar 2008 17:06:49 +, Paul Vixie [EMAIL PROTECTED] wrote: [EMAIL PROTECTED] (Ray Demain) writes: We are looking to purchase NXDOMAIN data for an internet survey. your survey sounds more like an ongoing typosquatting business venture. We prefer to receive the data on an hourly basis so it is as fresh as possible. Our system receives the data from you via ftp that you provide. Its hard to value the data until we have taken a look at it. As one example, we pay a current partner $4000 per month for 100,000 records per day. If you would like to setup a test so we can determine the value of your data please contact me at [EMAIL PROTECTED] Please note that if you can also bring in other partners we will pay a 10% recurring finders fee. thanks for clarifying my purpose in never collecting NXDOMAIN data in ISC SIE (see http://sie.isc.org/). several folks told me i was out to lunch, but now i've got http://www.merit.edu/mail.archives/nanog/msg06810.html to point at. -- Paul Vixie -- .. ( i void warranties. )
Re: NXDOMAIN data needed for survey
On Mar 20, 2008, at 12:04 PM, Martin Hannigan wrote: On Thu, Mar 20, 2008 at 1:33 PM, Steve Atkins [EMAIL PROTECTED] wrote: On Mar 20, 2008, at 9:56 AM, Martin Hannigan wrote: On Thu, Mar 20, 2008 at 12:22 PM, Ray Demain wrote: We are looking to purchase NXDOMAIN data for an internet survey. We prefer to receive the data on an hourly basis so it is as fresh as possible. Our system receives the data from you via ftp that you provide. Its hard to value the data until we have taken a look at it. As one example, we pay a current partner $4000 per month for 100,000 records per day. If you would like to setup a test so we can determine the value of your data please contact me at What company would this be for? A domain squatting company, presumably. Thanks, I know. I wanted to stimulate a thread that was archived for others historical reference. Yeah, me too. He's also apparently Mr Domain Investments LLC, Mr herbalclicks.com, was typosquatting on a bunch of t-mobile domains until they took them away from him - http://www.wipo.int/amc/en/domains/decisions/html/2007/d2007-0919.html - and was sued by Microsoft for sending CAN-SPAM violating spam to hotmail users a couple of years back in the myauctionbiz.biz case - http://spamkings.oreilly.com/MSFT-vs-Myauctionbizbiz.pdf . I wonder who he's paying for his nxdomain data, and whether that someone is authorized to sell it. It strikes me that it's just a small step for someone with access to ISP internal data to go from selling DNS logs to selling usernames too. Cheers, Steve
Re: NXDOMAIN data needed for survey
On Thu, Mar 20, 2008 at 1:33 PM, Steve Atkins [EMAIL PROTECTED] wrote: On Mar 20, 2008, at 9:56 AM, Martin Hannigan wrote: On Thu, Mar 20, 2008 at 12:22 PM, Ray Demain wrote: We are looking to purchase NXDOMAIN data for an internet survey. We prefer to receive the data on an hourly basis so it is as fresh as possible. Our system receives the data from you via ftp that you provide. Its hard to value the data until we have taken a look at it. As one example, we pay a current partner $4000 per month for 100,000 records per day. If you would like to setup a test so we can determine the value of your data please contact me at What company would this be for? A domain squatting company, presumably. Thanks, I know. I wanted to stimulate a thread that was archived for others historical reference. -M
Re: default routes question or any way to do the rebundant
NANOG is not a general purpose router help mailing list. Issues discussed here are supposed to be relevant to the North American ISP community. Please take this question to a FreeBSD mailing list. Thanks, -Don ls it possible to have 2 default routes? or how can I do the rebundant when the route is still working either eth1 or eth2 down? Router2 192.168.0.2/20 eth1 192.168.0.18/20 eth2 10.0.0.1 eth3 ip route 0.0.0.0/0 192.168.0.1 ip route 0.0.0.0/0 192.168.0.17 or ip route 0.0.0.0/0 192.168.0.1 ip route 0.0.0.0/0 192.168.0.17 2 Router1 192.168.0.1 eth 192.168.0.17 eth2 172.16.0.1 eth3 host1 10.0.0.2 connects R2 couldn't ping host2 172.16.0.2 connects R1 when the link 192.168.0.1 is down host1-R1--Switch---R2-host2 --Switch--- i am using freebsd router Thank you for your help Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ
Re: NXDOMAIN data needed for survey
On Thu, Mar 20, 2008 at 1:33 PM, Steve Atkins [EMAIL PROTECTED] wrote: He's Marlon Phillips, [EMAIL PROTECTED], I'm pretty sure, though which particular squatter company he represents, I've no idea. where does mapcom.net go? bizland.net ... registered through verisign and hosted at ipowerweb? Their website (www.mapcom.net) has a sedo-parking park-page, perhaps marlon works for sedoparking? -Chris
Re: default routes question or any way to do the rebundant
Donald Stahl wrote: NANOG is not a general purpose router help mailing list. Issues discussed here are supposed to be relevant to the North American ISP community. excuse? configuring routers is not operational in north america? have you gone completely layer 2 over there? randy
Re: default routes question or any way to do the rebundant
ls it possible to have 2 default routes? No .. not in the literal sense. or how can I do the rebundant when the route is still working either eth1 or eth2 down? What you do in this case is create an equal weighted preference for each of the two routes, along with tests to ensure each link is up and modify your pf rules accordingly. example1 (this is for netfilter) : http://lartc.org/howto/lartc.rpdb.multiple-links.html example2 (freebsd specific) : http://www.freebsddiary.org/phorum/read.php?f=6i=79t=79 As others have mentioned, this is a question for the various FreeBSD mailing lists .. Cheers, Michael Holstein Cleveland State University
Re: default routes question or any way to do the rebundant
NANOG is not a general purpose router help mailing list. Issues discussed here are supposed to be relevant to the North American ISP community. excuse? configuring routers is not operational in north america? have you gone completely layer 2 over there? Are you seriously going to sit there and claim that someone asking about how to set up 2 default routes on a FreeBSD box is operationally or technically relevant to the NANOG community at large? I believe their email fails the NANOG pre-posting guide (specifically #3) and furthermore that it would be far better answered on a FreeBSD specific mailing list. This same person posted a question on Wednesday about MTU's stating Why? but I still don't know why mtu can cause this problem. I seriously doubt this was relevant to the thousands of people who read this list but I could be wrong about that one too. Perhaps someone from the MLC can comment on whether these sorts of posts qualify as relevant. On the other hand, if you really want to answer these sorts of questions then perhaps people can email you directly? I personally think NANOG has enough noise as it is. -Don
Re: default routes question or any way to do the rebundant
[EMAIL PROTECTED] (ann kok) writes: Hi ls it possible to have 2 default routes? or how can I do the rebundant when the route is still working either eth1 or eth2 down? ... i am using freebsd router see http://www.cctec.com/maillists/nanog/historical/9706/msg00237.html and http://gatekeeper.hpl.hp.com/archive/pub/misc/vixie/ifdefault/ -- Paul Vixie
Re: default routes question or any way to do the rebundant
On Thu, Mar 20, 2008 at 2:25 PM, Donald Stahl [EMAIL PROTECTED] wrote: On the other hand, if you really want to answer these sorts of questions then perhaps people can email you directly? I personally think NANOG has enough noise as it is. I've always been under the impression NANOG's primary goal is to foster learning and best practices for operating networks. just because a question is simplistic doesn't mean it isn't on topic and helpful towards promoting best practices at large. my two cents, aaron
Re: default routes question or any way to do the rebundant
Sorry all. i don't want to make any argument For me, i really want to get mailling list about networking to help. and I heard there are professional networking guys in nanog. they might help me. I still have many networking questions. for the mtu issue, I couldn't find out until I know someone changes the mtu. it really made me panic before. honestly, telecom company couldn't help me. I still don't know how they setup the jumbo frame in their side but DSL clients are only using mtu1492. Another question about private address, my router upstream interface can listen many private address. I asked the upstream ISP but they said they don't have any private address export. we have /30 connect to them. where is the private addresses coming? have you encountered this problem? if you think my question is not good, please ignore it Thank you again --- Donald Stahl [EMAIL PROTECTED] wrote: NANOG is not a general purpose router help mailing list. Issues discussed here are supposed to be relevant to the North American ISP community. excuse? configuring routers is not operational in north america? have you gone completely layer 2 over there? Are you seriously going to sit there and claim that someone asking about how to set up 2 default routes on a FreeBSD box is operationally or technically relevant to the NANOG community at large? I believe their email fails the NANOG pre-posting guide (specifically #3) and furthermore that it would be far better answered on a FreeBSD specific mailing list. This same person posted a question on Wednesday about MTU's stating Why? but I still don't know why mtu can cause this problem. I seriously doubt this was relevant to the thousands of people who read this list but I could be wrong about that one too. Perhaps someone from the MLC can comment on whether these sorts of posts qualify as relevant. On the other hand, if you really want to answer these sorts of questions then perhaps people can email you directly? I personally think NANOG has enough noise as it is. -Don Looking for last minute shopping deals? Find them fast with Yahoo! Search. http://tools.search.yahoo.com/newsearch/category.php?category=shopping
Re: default routes question or any way to do the rebundant
On Thu, Mar 20, 2008, ann kok wrote: Sorry all. i don't want to make any argument Don't worry, the argument is elsewhere. :) For me, i really want to get mailling list about networking to help. and I heard there are professional networking guys in nanog. they might help me. There's certainly a lot of clue here. Its just coloured by 15+ years of jaded network and systems support. :) I still have many networking questions. for the mtu issue, I couldn't find out until I know someone changes the mtu. it really made me panic before. honestly, telecom company couldn't help me. I still don't know how they setup the jumbo frame in their side but DSL clients are only using mtu1492. Approach it scientifically. The trouble with not having exposure to low-level stuff as a pre-requisite for doing higher-level stuff is that you've probably missed out on all of the boring details that you could feed into solving the issue methodically. Path MTU discovery pops up as one of those things you'd think about after you learn about ICMP and PMTU in an intro networking course or book. (Or in my case, junior sysadmin, IRC and hanging around NANOG/RIPE meetings..) A lot of modern CPEs will actually rewrite the MSS of the TCP connection to make sure frames aren't bigger than the ISP provided MTU, thus trying to avoid PMTU. The trouble is that devices -other than the ISP/CPE- could be filtering PMTU, and sometimes its unavoidable to run MTU 1500 to the client. (in fact, on a completely side note, sometimes you -want- to run small client-facing MTUs.) Another question about private address, my router upstream interface can listen many private address. I asked the upstream ISP but they said they don't have any private address export. we have /30 connect to them. where is the private addresses coming? have you encountered this problem? Which private addresses? A number of ISPs will use RFC1918 addresses on PtP links to clients (and their dial infrastructure!), assigning real public IPs on the PPP end-points. Some others (like my 3G mobile broadband provider) run their entire dial infrastructure and end-user addressing on RFC1918 and do NAT elsewhere. Private address export needs defining too? Adrian