Re: Comment spammers chewing blogger bandwidth like crazy
For the benefit of those of us who have been lucky to Recover from ISP work and now herd blogs[0], would you be so kind as to share which blacklists are worthwhile and worth consulting on this front? Peter, I am not affiliated with any of these products :), but here is a good link and info on combating spam comments on blogs. I know of a number of people and organizations using akismet and have had great success with it http://akismet.com/ And though this link here is specifically for wordpress it gives a bit of good info on combating spam comments. http://codex.wordpress.org/Plugins/Spam_Tools Hope this helps a tad bit. -- -- Elijah Savage | AOL IM:layer3rules Senior Network Engineer | When it has to be switched or routed. http://www.digitalrage.org | The Information Technology News Center - http://www.digitalrage.org/?page_id=46 for pgp public key
Re: AS41961 not seen in many networks
Not seen from ASN7046
Routing Loop Strangeness
Anyone else see this from their paths? vader# whois -h whois.cymru.com -v 11.11.11.2 AS | IP | BGP Prefix | CC | Registry | Allocated | AS Name NA | 11.11.11.2 | NA | US | arin | 1984-01-19 | NA #trace Protocol [ip]: Target IP address: 66.80.187.122 Source address: Numeric display [n]: y 1 68.250.30.166 0 msec 2 68.250.30.131 0 msec 3 66.73.28.129 4 msec 4 65.43.25.116 4 msec 5 151.164.93.93 12 msec 6 151.164.43.195 16 msec 7 151.164.42.168 52 msec 8 151.164.191.174 16 msec 9 151.164.42.141 16 msec 10 4.68.110.197 20 msec 11 4.68.101.1 20 msec 12 209.247.8.65 28 msec 13 209.247.9.254 44 msec 14 4.78.164.11 28 msec 15 169.130.98.227 188 msec 16 199.72.43.250 52 msec 17 11.11.11.2 40 msec 18 11.11.11.1 40 msec 19 11.11.11.2 44 msec 20 11.11.11.1 40 msec 21 11.11.11.2 44 msec 22 11.11.11.1 40 msec 23 11.11.11.2 48 msec 24 11.11.11.1 44 msec 25 11.11.11.2 44 msec 26 11.11.11.1 48 msec 27 11.11.11.2 48 msec 28 11.11.11.1 48 msec
Re: UUNET issues?
Two different transits here as well and nothing out of the norm. -- Elijah Savage | AOL IM:layer3rules Senior Network Engineer | When it has to be switched or routed. http://www.digitalrage.org | The Information Technology News Center - http://www.digitalrage.org/?page_id=46 for pgp public key On Nov 4, 2006, at 7:54 PM, Herb Leong wrote: Hi, Anyone being impacted by UUNET? /herb
Re: Extreme Slowness
Adam,
Because of contractual issues it makes it very hard for me to
participate on this list hence the vague original post. I was just
asking a general question to see if anyone else was having issues. I
have peering points with Broadwing(now level3), Sprint, ATT and MCI
(now Verizon) that I can test for throughput from. This was not just
about home cable connectivity though when frontline starts to get
calls I often use wget (very low overhead) to test throughput between
my sites or to home my home box often times simulating the same sort
of connectivity that a customer may have. There were customers that
could not even get to level3.net yesterday which is their home page,
but it is always nice to get the refresher course on ICMP though :).
As for html posted messages truly my mistake I know better and thank
you for mentioning it. The new duo core 2 mac mail client which I am
still trying to get use to under preferences says it is set to plain
text hmmm something I need to look into.
Thank you
On Oct 27, 2006, at 12:22 AM, Adam Rothschild wrote:
Elijah,
On 2006-10-26-16:34:18, Elijah Savage [EMAIL PROTECTED] wrote:
[HTML mail stripped]
It seems anything traversing level3 has very high latency along with
what seems overloaded capacity as if they are running in a degraded
mode I have connections with Time Warner, ATT, and MCI [...]
On 2006-10-26-16:48:15, Elijah Savage [EMAIL PROTECTED] wrote:
[HTML mail stripped]
Say like this traceroute. This is from TW to a Broadwing DS3.
5 tenge-3-2.car1.Cincinnati1.Level3.net (4.78.216.13) 153.267 ms
207.125 ms
tenge-3-1.car1.Cincinnati1.Level3.net (4.78.216.9) 218.920 ms
6 ae-5-5.ebr2.Chicago1.Level3.net (4.69.132.206) 36.976 ms 26.923
ms 57.770 ms
7 ge-11-0.core2.Chicago1.Level3.net (4.68.101.37) 254.145 ms
ge-11-1.core2.Chicago1.Level3.net (4.68.101.101) 258.522 ms
ge-11-2.core2.Chicago1.Level3.net (4.68.101.165) 227.223 ms
8 broadwing-level3-oc12.Chicago1.Level3.net (209.0.225.10)
231.451 ms
9 so-1-1-0.c1.gnwd.broadwing.net (216.140.15.1) 53.269 ms 35.568
ms 22.511 ms
Your postings appear to be missing two key pieces of information which
would help with the community diagnosis requested: source and
destination IP addresses. From the information you did provide, one
can deduce that you're behind a TW/RoadRunner cable modem:
13.216.78.4.IN-ADDR.ARPA domain name pointer
tenge-3-2.car1.Cincinnati1.Level3.net
14.216.78.4.IN-ADDR.ARPA domain name pointer
ROADRUNNER.car1.Cincinnati1.Level3.net
9.216.78.4.IN-ADDR.ARPA domain name pointer
tenge-3-1.car1.Cincinnati1.Level3.net
10.216.78.4.IN-ADDR.ARPA domain name pointer
ROADRUNNER.car1.Cincinnati1.Level3.net
Now, the jitter and high latency you're seeing could be a result of
one or more factors, including but not limited to RF/plant issues, TWC
running their transport and/or Level(3) transit hot (which seems to be
a common occurrence these days), ECMP across two circuits of uneven
loading, or your neighbor might be jacking wifi and downloading a
bunch of torrents -- we, the readers, just don't know.
Of note when performing armchair troubleshooting across Level(3)'s
network: the 'ebr's (PTR record of ebr*.{pop}.level3.net == Force10
E1200; Experimental Backbone Router?) tend to drop a lot of diagnostic
traffic (such as, say, 'ping' and 'traceroute') as a part of overly
aggressive control-plane policers. This loss is, of course, strictly
cosmetic, and has no bearing on end-to-end performance. Hence, the
old to it, not through it rule applies.
smokeping[1] and iperf[2] (to end hosts) are your friends.
As an aside, I've noticed your string of postings today were all
HTML-tagged. While not expressly forbidden (or even discouraged) by
the current Mailing List AUP, this is generally regarded as bad form;
you might wish to reconfigure your mail client accordingly...
Hope this helps,
-a
[1] http://oss.oetiker.ch/smokeping/
[2] http://dast.nlanr.net/Projects/Iperf/
Re: Extreme Slowness
It seems anything traversing level3 has very high latency along with what seems overloaded capacity as if they are running in a degraded mode I have connections with Time Warner, ATT, and MCI. Though I know it is not concrete it seems as if something is going on according to this http://www.internetpulse.net/ -- Elijah Savage | AOL IM:layer3rules Senior Network Engineer | When it has to be switched or routed. http://www.digitalrage.org | The Information Technology News Center- http://www.digitalrage.org/?page_id=46 for pgp public key On Oct 26, 2006, at 4:30 PM, Brandon Galbraith wrote:Can you be more specific?-brandonOn 10/26/06, Elijah Savage [EMAIL PROTECTED] wrote: Looks like level3 is having issues. Anyone know what is going on? -- Elijah Savage | AOL IM:layer3rules Senior Network Engineer | When it has to be switched or routed. http://www.digitalrage.org | The Information Technology News Center- http://www.digitalrage.org/?page_id=46 for pgp public key -- Brandon GalbraithEmail: [EMAIL PROTECTED]AIM: brandong00Voice: 630.400.6992"A true pirate starts drinking before the sun hits the yard-arm. Ya. --thelost"
Re: Extreme Slowness
Say like this traceroute. This is from TW to a Broadwing DS3.5 tenge-3-2.car1.Cincinnati1.Level3.net (4.78.216.13) 153.267 ms 207.125 ms tenge-3-1.car1.Cincinnati1.Level3.net (4.78.216.9) 218.920 ms 6 ae-5-5.ebr2.Chicago1.Level3.net (4.69.132.206) 36.976 ms 26.923 ms 57.770 ms 7 ge-11-0.core2.Chicago1.Level3.net (4.68.101.37) 254.145 ms ge-11-1.core2.Chicago1.Level3.net (4.68.101.101) 258.522 ms ge-11-2.core2.Chicago1.Level3.net (4.68.101.165) 227.223 ms 8 broadwing-level3-oc12.Chicago1.Level3.net (209.0.225.10) 231.451 ms 9 so-1-1-0.c1.gnwd.broadwing.net (216.140.15.1) 53.269 ms 35.568 ms 22.511 ms10 216.140.14.17 (216.140.14.17) 34.751 ms 39.008 ms 46.644 ms11 p5-0-0.e0.cncn.broadwing.net (216.140.15.78) 32.065 ms 60.797 ms 54.766 ms12 67.98.17.122 (67.98.17.122) 44.772 ms 27.631 ms 30.655 ms13 * * * -- Elijah Savage | AOL IM:layer3rules Senior Network Engineer | When it has to be switched or routed. http://www.digitalrage.org | The Information Technology News Center- http://www.digitalrage.org/?page_id=46 for pgp public key On Oct 26, 2006, at 4:30 PM, Brandon Galbraith wrote:Can you be more specific?-brandonOn 10/26/06, Elijah Savage [EMAIL PROTECTED] wrote: Looks like level3 is having issues. Anyone know what is going on? -- Elijah Savage | AOL IM:layer3rules Senior Network Engineer | When it has to be switched or routed. http://www.digitalrage.org | The Information Technology News Center- http://www.digitalrage.org/?page_id=46 for pgp public key -- Brandon GalbraithEmail: [EMAIL PROTECTED]AIM: brandong00Voice: 630.400.6992"A true pirate starts drinking before the sun hits the yard-arm. Ya. --thelost"
Re: Extreme Slowness
Here is one from that browdwing ds3 to MCI well Verizon now. 5 tenge-3-1.car1.Cincinnati1.Level3.net (4.78.216.9) 157.795 ms 179.050 ms tenge-3-2.car1.Cincinnati1.Level3.net (4.78.216.13) 205.087 ms 6 * * ae-5-5.ebr2.Chicago1.Level3.net (4.69.132.206) 50.134 ms 7 * ae-1-100.ebr1.Chicago1.Level3.net (4.69.132.41) 45.873 ms * 8 ae-2.ebr2.NewYork1.Level3.net (4.69.132.66) 66.346 ms 72.509 ms * -- Elijah Savage | AOL IM:layer3rules Senior Network Engineer | When it has to be switched or routed. http://www.digitalrage.org | The Information Technology News Center- http://www.digitalrage.org/?page_id=46 for pgp public key On Oct 26, 2006, at 4:30 PM, Brandon Galbraith wrote:Can you be more specific?-brandonOn 10/26/06, Elijah Savage [EMAIL PROTECTED] wrote: Looks like level3 is having issues. Anyone know what is going on? -- Elijah Savage | AOL IM:layer3rules Senior Network Engineer | When it has to be switched or routed. http://www.digitalrage.org | The Information Technology News Center- http://www.digitalrage.org/?page_id=46 for pgp public key -- Brandon GalbraithEmail: [EMAIL PROTECTED]AIM: brandong00Voice: 630.400.6992"A true pirate starts drinking before the sun hits the yard-arm. Ya. --thelost"
Re: Extreme Slowness
Seems to be all cleared up now. I had a couple of my customers even try to pull up their home site and could not get to it. For FYI :) I realize that ICMP is not the best way to test and it is not a true indication of slowness or the presence of a problem. On Oct 26, 2006, at 5:14 PM, Elijah Savage wrote:Here is one from that browdwing ds3 to MCI well Verizon now. 5 tenge-3-1.car1.Cincinnati1.Level3.net (4.78.216.9) 157.795 ms 179.050 ms tenge-3-2.car1.Cincinnati1.Level3.net (4.78.216.13) 205.087 ms 6 * * ae-5-5.ebr2.Chicago1.Level3.net (4.69.132.206) 50.134 ms 7 * ae-1-100.ebr1.Chicago1.Level3.net (4.69.132.41) 45.873 ms * 8 ae-2.ebr2.NewYork1.Level3.net (4.69.132.66) 66.346 ms 72.509 ms * -- Elijah Savage | AOL IM:layer3rules Senior Network Engineer | When it has to be switched or routed. http://www.digitalrage.org | The Information Technology News Center- http://www.digitalrage.org/?page_id=46 for pgp public key On Oct 26, 2006, at 4:30 PM, Brandon Galbraith wrote:Can you be more specific?-brandonOn 10/26/06, Elijah Savage [EMAIL PROTECTED] wrote: Looks like level3 is having issues. Anyone know what is going on? -- Elijah Savage | AOL IM:layer3rules Senior Network Engineer | When it has to be switched or routed. http://www.digitalrage.org | The Information Technology News Center- http://www.digitalrage.org/?page_id=46 for pgp public key -- Brandon GalbraithEmail: [EMAIL PROTECTED]AIM: brandong00Voice: 630.400.6992"A true pirate starts drinking before the sun hits the yard-arm. Ya. --thelost"
Re: Extreme Slowness
Yes sir I did. This is now resolved. But thank you for noticing. On Oct 26, 2006, at 7:11 PM, Aaron Glenn wrote:On 10/26/06, Elijah Savage [EMAIL PROTECTED] wrote: Say like this traceroute. This is from TW to a Broadwing DS3.5 tenge-3-2.car1.Cincinnati1.Level3.net (4.78.216.13)153.267 ms 207.125 ms tenge-3-1.car1.Cincinnati1.Level3.net (4.78.216.9)218.920 ms 6 ae-5-5.ebr2.Chicago1.Level3.net (4.69.132.206) 36.976 ms 26.923 ms57.770 ms 7 ge-11-0.core2.Chicago1.Level3.net (4.68.101.37)254.145 ms ge-11-1.core2.Chicago1.Level3.net (4.68.101.101)258.522 ms ge-11-2.core2.Chicago1.Level3.net (4.68.101.165)227.223 ms 8 broadwing-level3-oc12.Chicago1.Level3.net(209.0.225.10) 231.451 ms 9 so-1-1-0.c1.gnwd.broadwing.net (216.140.15.1) 53.269 ms 35.568 ms22.511 ms10 216.140.14.17 (216.140.14.17) 34.751 ms 39.008 ms 46.644 ms11 p5-0-0.e0.cncn.broadwing.net (216.140.15.78) 32.065 ms 60.797 ms54.766 ms12 67.98.17.122 (67.98.17.122) 44.772 ms 27.631 ms 30.655 ms13 * * * Uhh, you do realize the end to end latency there (to hop 12, at least)is ~30ms...not the 250ms+ you see on intermediate hops, right?
Anyone From totalchoicehosting.com
Is there anyone here on the list from totalchoicehosting.com or someone that can point me to someone that may be able to troubleshoot with me. We have a very large customer base that is not able to get to some of your hosting services at this time. We can traceroute to and even ping this server in your hosting facility but can't get to the server via port 80 so there may be some filtering in place. I have sent an email via your web form to the web hosting support group twice now and have not been able to get anyone to return an email or give me a call. Your customers website whom you are hosting knows about this as well and is also waiting for someone to give him a call because he is loosing business. Any help would be greatly appreciated. Thank you
Google Outage Yesterday
http://www.ipdemocracy.com/archives/2006/09/27/#001985I have not seen this show up on the list yet neither have I seen anypublic statements released.It is being passed on as a comcast problem but I know of others with connectivity as well as myself hat has no connectivity at all with comcast. -- Elijah Savage | AOL IM:layer3rules Senior Network Engineer | When it has to be switched or routed. http://www.digitalrage.org | The Information Technology News Center- http://www.digitalrage.org/?page_id=46 for pgp public key
Re: Google Outage Yesterday
From a DS3 of mine it was very sporadic and DNS was resolving fine for me which is why I asked about it. -- Elijah Savage | AOL IM:layer3rules Senior Network Engineer | When it has to be switched or routed. http://www.digitalrage.org | The Information Technology News Center- http://www.digitalrage.org/?page_id=46 for pgp public key On Sep 27, 2006, at 7:49 PM, Brandon Galbraith wrote:Reports were saying it was a DNS issue, as putting the IP address in to get to Gmail as well as other Google services would work without incident.-brandonOn 9/27/06, Elijah Savage [EMAIL PROTECTED] wrote: http://www.ipdemocracy.com/archives/2006/09/27/#001985 I have not seen this show up on the list yet neither have I seen anypublic statements released. It is being passed on as a comcast problem but I know of others with connectivity as well as myself hat has no connectivity at all with comcast. -- Elijah Savage | AOL IM:layer3rules Senior Network Engineer | When it has to be switched or routed. http://www.digitalrage.org | The Information Technology News Center- http://www.digitalrage.org/?page_id=46 for pgp public key -- Brandon GalbraithEmail: [EMAIL PROTECTED]AIM: brandong00Voice: 630.400.6992"A true pirate starts drinking before the sun hits the yard-arm. Ya. --thelost"
Re: Google Outage Yesterday
Fergie,I am aware of this but this is what's so confusing as we run our own nameservers in our own facilities for a very large number of customers so we do not rely on any of Comcast services at all. I do not even have Comcast for a provider at home :) I also know of other AS's that were affected that do not rely on any of comcast services.Plus I would never bring a home broadband issue as such to NANOG I know a lot better that that :) -- Elijah Savage | AOL IM:layer3rules Senior Network Engineer | When it has to be switched or routed. http://www.digitalrage.org | The Information Technology News Center- http://www.digitalrage.org/?page_id=46 for pgp public key On Sep 28, 2006, at 12:25 AM, Fergie wrote:Elijah: http://www.macworld.com/news/2006/09/27/comcast/index.php- ferg-- Elijah Savage [EMAIL PROTECTED] wrote:http://www.ipdemocracy.com/archives/2006/09/27/#001985I have not seen this show up on the list yet neither have I seen anypublic statements released.It is being passed on as a comcast problem but I know of others withconnectivity as well as myself hat has no connectivity at all with comcast.[snip]--"Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/
Re: Why is RFC1918 space in public DNS evil?
- Original Message - From: Matthew Palmer [EMAIL PROTECTED] To: nanog@merit.edu Sent: Monday, September 18, 2006 2:40:04 AM GMT-0500 Subject: Why is RFC1918 space in public DNS evil? I've been directed to put all of the internal hosts and such into the public DNS zone for a client. My typical policy is to have a subdomain of the zone served internally, and leave only the publically-reachable hosts in the public zone. But this client, having a large number of hosts on RFC1918 space and a VPN for external people to get to it, is pushing against this somewhat. Their reasoning is that there's no guarantee that forwarding DNS down the VPN will work nicely, and it's overhead. I know the common wisdom is that putting 192.168 addresses in a public zonefile is right up there with kicking babies who have just had their candy stolen, but I'm really struggling to come up with anything more authoritative than just because, now eat your brussel sprouts. My Google-fu isn't working, and none of the reasons I can come up with myself sound particularly convincing. Can someone give a lucid technical explanation, or a link, that explains it to me so I can explain it to Those In Power? Thanks, - Matt Matt, Why can't you use views in Bind this solved my issue? I basically have a external view and an internal view. When my vpn clients vpn in they are given an ip from the internal/vpn DHCP range that the core routes, which also hands out the internal dns server with the internal view. Of course I prefer to have a set of name servers on different LANs internal and external but you can accomplish the same with good security by using views and not having to expose your rfc1918 ip's to the world. Elijah
Re: Why is RFC1918 space in public DNS evil?
- Original Message - From: Roland Dobbins [EMAIL PROTECTED] To: nanog@merit.edu Sent: Monday, September 18, 2006 3:17:01 PM GMT-0500 Subject: Re: Why is RFC1918 space in public DNS evil? On Sep 18, 2006, at 12:12 PM, Elijah Savage wrote: I've been directed to put all of the internal hosts and such into the public DNS zone for a client. Another option is split-horizon DNS for the internal stuff, if it never needs to be publicly visible. Yes, that's what views will give you. You have an internal view only your vpn and lan users can see. Then you have a public view for all others that do not mix. All can be run on the same servers vice having 2 external and 2 internal name servers and also without having to run multiple instances of bind.
Re: NNTP feed.
From: Richard A Steenbergen [EMAIL PROTECTED] Date: Wed, 6 Sep 2006 01:24:07 -0400 To: nanog@merit.edu nanog@merit.edu Subject: Re: NNTP feed. On Wed, Sep 06, 2006 at 04:29:54AM +0200, Daniel Roesen wrote: If folks would end abusing NNTP for file distribution via flooding, the matter would quickly be resolved. Am i naive? There is a reason Usenet hasn't gone the way of Gopher, and I assure you it isn't because of the the copious spam, net kooks, and trolls. There is a certain type of content that people want, and I'll give you one guess what that is... If you don't carry that content, you'll probably be doing more traffic in backscatter on the IP space then you will in NNTP. :) -- Richard A Steenbergen [EMAIL PROTECTED] http://www.e-gerbil.net/ras GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC) Richard, What type of content is that :) Just pulling your chain. But seriously there are many of us that use NNTP for legal matters and the pleasure of communicating with one another with something other than email for many reasons. If you are looking to get into the NNTP business and use it as a revenue generator I think you would be better of outsourcing to some of the companies that already has been mentioned and some that I know of that provide an awesome service that has not been mentioned :) I subscribe to many groups that I try to read daily some health related, political, and of course technology focused. But if this is something you want as a value added service I have yet to see anyone be able to maintain the infrastructure. I have went through the process of outsourcing to a news provider previously and if you would like could make recommendations offline.
ICG Experience
Hopefully this will be my last time querying the group for provider experience. My previous experience with them was a while back when they filed for bankruptcy and cut back on support, but a coworker just informed me they have since been purchased by Level3. Is there anyone here that has any cross connects or any type of connectivity to them and wish to share their experience offline I would appreciate it. Thank you
Re: Amazon?
Thats strange I am not having any issues at all and I have tested it from 3 different peering points. - Original Message -From: Brandon Galbraith [EMAIL PROTECTED]To: Steven M. Bellovin [EMAIL PROTECTED]Cc: Jon R. Kibler [EMAIL PROTECTED], [EMAIL PROTECTED]Sent: Monday, August 21, 2006 3:42:21 PM GMT-0500Subject: Re: Amazon?Intermittent application/load balancer issues perhaps?-brandonOn 8/21/06, Steven M. Bellovin [EMAIL PROTECTED] wrote:On Mon, 21 Aug 2006 15:21:40 -0400, "Jon R. Kibler" [EMAIL PROTECTED]wrote: Hi, Anyone know what is up with Amazon? They appear to be down. Doesn't appear to be a network issue... tried from two different ISP's networks. That's odd.When I try from one path, I get the same error you get; whenI try another, it works.A tcptraceroute shows that both are ending up atthe same IP address at Amazon, too.--Steven M. Bellovin, http://www.cs.columbia.edu/~smb-- Brandon GalbraithEmail: [EMAIL PROTECTED] AIM: brandong00Voice: 630.400.6992"A true pirate starts drinking before the sun hits the yard-arm. Ya. --thelost"
Comments on Yipes as a Provider?
Has anyone on the list ever conduct business with Yipes http://www.yipes.com/about/yipes_about.shtml? If anyone has any comments and wishes to contact me off list with any specific comments it would be greatly appreciated.
AOL Email Contact me offline please
It is not about spam or being blocked I actually would like to speak with someone about services provided. This is very important as I can not find my answers on the postmasters website. Thank you
SBC Lost of connectivty to Canada?
On our SBC peering links we lost connectivty to our Canadian customers for about 20 minutes. I have escalated this up through SBC but was wondering if anyone on the list as any knowledge of what may have caused the outage. Our Canadian customers come in through different Canadian providers so from my perspective it wasn't just one AS or prefix that was lost it was many. Thank You
Comcast.net, Usa.net, Verizon
Are there anyone on the list from these organizations that could possibly put me in contact with the postmasters please? Thank you
Crystal Tech
Is there anyone on the list from crystaltech.com if so can someone contact me off list. Your customers are having problems reaching my mx record and mail from you all to our domains are bouncing.
Re: Proxy/Caching Servers
Hey all, I need some recommendations on proxy servers for enterprise environments. Our current product can't handle the load is no longer being supported by the vendor. The devices need to handle at least 1000+ concurrent connections at about 20 Mbit/s. Websites, Streaming, etc, etc Not sure if there's one product that does what I'm looking for: 1. Appliance based (preferred, but not required) 2. Clusterable/VRRP Setup or can be used behind a load balancer 3. Web/FTP virus checking 4. Caching 5. Web content filtering (include ability to add manually to a deny list) 6. Logging and user auditing (via name or client IP address) 7. Real-time traffic monitoring 8. Grant/Deny access to particular websites from individual/grouped client IP addresses Thanks This is always a touch subject caching customers content. :) Look at the bluecoat products.http://www.bluecoat.com/resources/technology/proxycaching.html
Re: Network Solutions outage?
Here is the scoop. Dear Valued Partner, This morning our collocation provider suffered a global outage from 7:56 a.m. to 10:02 a.m. (eastern) that impacted the Network Solutions systems. The providers outage affected access to Network Solutions products and services. The provider has resolved the issues with their systems and access to our services has been restored. We appreciate your patience and apologize for the inconvenience. Please note, you may experience latency today as we continue to restore our services to full capacity. If you have any questions regarding this message, please contact your Partner Support Representative or e-mail us at
Peering Issues with Global Crossing and SBC?
All, I have well over 150 vpn customers but this past week I have had 7 customers ipsec tunnels constantly bouncing all day. The common ground for all 7 of these customers are traversing the SBC and Global Crossing links you see below, the ultimate common ground being 64.208.110.29. 9 151.164.191.134 16 msec 16 msec 16 msec 10 64.208.110.29 16 msec 16 msec 16 msec 9 151.164.40.49 16 msec 16 msec 16 msec 10 64.208.110.29 12 msec 20 msec 12 msec When tracing to these 7 customers all 7 hit one or the other of the trace's you see above. I have opened a ticket with SBC but no answer from them yet. All of the other customers have been very stable and of course non of the other customers traverse either of these links either. Anyone from Global Crossing or SBC that could contact me off list or lend a hand it would greatly appreciate it. Thank you -- -- Elijah Savage | AOL IM:layer3rules Senior Network Engineer | When it has to be switched or routed. http://www.digitalrage.org | The Information Technology News Center - http://www.digitalrage.org/?page_id=46 for pgp public key
Re: T1 bonding
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Matt Bazan wrote: Can someone shed some technical light on the details of how two T1's are bonded (typically). We've got two sets of T's at two different location with vendor 'X' (name starts w/ an 'A') and it appears that we're really only getting about 1 full T's worth of bandwidth and maybe 20% of the second. Seems like they're bonded perhaps using destination IP? It's a vendor managed solution and I need to get some answers faster than they're coming in. Thanks. Matt More than likely they are not bonded t1's they are just load balanced by the router which by default on Cisco is per session. Meaning pc1 to t1#1, pc2to t1#2, pc3 to t1#1. If they are truly bonded with some sort of MUX for a 3 meg port then you would not see the results you are seeing. - -- http://www.digitalrage.org/ The Information Technology News Center -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFD1sXyt06NWq3hlzkRAvi4AJ0R4RVii+Wrxzs5WI5es+FYhxHD0ACgioFW /UHUMapXnmuPFSpKrXzD3JU= =MqxV -END PGP SIGNATURE-
Re: T1 bonding
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Scott Morris wrote: If you're treating them as two separate links (e.g. two POPs, etc.) then that's correct, it'll be done by the routers choice of load-balancing (L3). If you are going to the same POP (or box potentially) you can do MLPPP and have a more effective L2 load balancing. Otherwise, it's possible to get an iMux DSU (Digital Link is a vendor as I recall, but there may be others) that allow that magical bonding to occur prior to the router seeing the link. At that point, the router just sees a bigger line coming in (some do 6xT-1 and have a 10meg ethernet output to your router). If you're seeing the balancing the way that you are, most likely that vendor (I have no specific knowledge about the A-vendor) is doing usage-based aggregation which isn't exactly a balancing act. The ones at some of my sites are MLPPP which is a vendor-agnostic approach for the most part. Scott -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Elijah Savage Sent: Tuesday, January 24, 2006 7:28 PM To: Matt Bazan Cc: nanog@merit.edu Subject: Re: T1 bonding Matt Bazan wrote: Can someone shed some technical light on the details of how two T1's are bonded (typically). We've got two sets of T's at two different location with vendor 'X' (name starts w/ an 'A') and it appears that we're really only getting about 1 full T's worth of bandwidth and maybe 20% of the second. Seems like they're bonded perhaps using destination IP? It's a vendor managed solution and I need to get some answers faster than they're coming in. Thanks. Matt More than likely they are not bonded t1's they are just load balanced by the router which by default on Cisco is per session. Meaning pc1 to t1#1, pc2to t1#2, pc3 to t1#1. If they are truly bonded with some sort of MUX for a 3 meg port then you would not see the results you are seeing. -- http://www.digitalrage.org/ The Information Technology News Center Remember he said both t1's are coming from different vendors, which would only leave the Mux route which is why I said what I said :) - -- http://www.digitalrage.org/ The Information Technology News Center -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFD1tJWt06NWq3hlzkRApDsAJ9nq+J+26EKYy9cwlFRmN3zhT/EFQCfdf2v IX2wkyZvsGM1sPvcEMSyK+0= =WINE -END PGP SIGNATURE-
Re: T1 bonding
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Scott Morris wrote: I'm re-reading it, and slowly, but I don't see mention of having two different vendors. Perhaps I need to put the beer a bit further away, but he talks about generic vendor 'x' and notes that it starts with letter 'A' as further definition, not as two separate vendors. *shrug* Scott -Original Message- From: Elijah Savage [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 24, 2006 8:20 PM To: [EMAIL PROTECTED] Cc: 'Matt Bazan'; nanog@merit.edu Subject: Re: T1 bonding Scott Morris wrote: If you're treating them as two separate links (e.g. two POPs, etc.) then that's correct, it'll be done by the routers choice of load-balancing (L3). If you are going to the same POP (or box potentially) you can do MLPPP and have a more effective L2 load balancing. Otherwise, it's possible to get an iMux DSU (Digital Link is a vendor as I recall, but there may be others) that allow that magical bonding to occur prior to the router seeing the link. At that point, the router just sees a bigger line coming in (some do 6xT-1 and have a 10meg ethernet output to your router). If you're seeing the balancing the way that you are, most likely that vendor (I have no specific knowledge about the A-vendor) is doing usage-based aggregation which isn't exactly a balancing act. The ones at some of my sites are MLPPP which is a vendor-agnostic approach for the most part. Scott -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Elijah Savage Sent: Tuesday, January 24, 2006 7:28 PM To: Matt Bazan Cc: nanog@merit.edu Subject: Re: T1 bonding Matt Bazan wrote: Can someone shed some technical light on the details of how two T1's are bonded (typically). We've got two sets of T's at two different location with vendor 'X' (name starts w/ an 'A') and it appears that we're really only getting about 1 full T's worth of bandwidth and maybe 20% of the second. Seems like they're bonded perhaps using destination IP? It's a vendor managed solution and I need to get some answers faster than they're coming in. Thanks. Matt More than likely they are not bonded t1's they are just load balanced by the router which by default on Cisco is per session. Meaning pc1 to t1#1, pc2to t1#2, pc3 to t1#1. If they are truly bonded with some sort of MUX for a 3 meg port then you would not see the results you are seeing. -- http://www.digitalrage.org/ The Information Technology News Center Remember he said both t1's are coming from different vendors, which would only leave the Mux route which is why I said what I said :) -- http://www.digitalrage.org/ The Information Technology News Center Uh Scott I think it is I whom by the way is getting up right now and going to put the rest of the beer back in the fridge. PS - -- http://www.digitalrage.org/ The Information Technology News Center -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFD1tPCt06NWq3hlzkRAqTUAJ44ss3rZxpxv20zXab94GbIbRoudgCaA1J9 3dTi8Msj+xp6qkJvfrSylsY= =CTM7 -END PGP SIGNATURE-
Re: ORDB.ORG Outage
Joseph W. Breu wrote: I am seeing the same here. We have disabled these lookups on our mail servers. On Thu, 19 Jan 2006, Jon R. Kibler wrote: Anyone else having ORDB.ORG Temp lookup failures? Seems to have been going on since about 1900 UTC today. Using web site to do lookups also fails or is VERY slow. Anyone know what is going on here? THANKS! Jon Kibler We have had to do the same was slowing down a bunch of mail. -- http://www.digitalrage.org/ The Information Technology News Center
Re: ORDB.ORG Outage [Suggested Procedures]
Alain Hebert wrote: Suggested Procedures: We use a script that validate the blacklisted services for: . reachability . delay . if any of our subnet is blacklisted And we also run a named exclusivly for caching requests... This way the mail system gets back on its feet by itself... Queries to loaded BL service are temporary disabled automatically... until the service become more responsive. And we know, quite fast, if a client breach its contract and start spamming... Not every antispam system are that open... But if you have one... It might be worth the 8 man hours to do a patch. Have fun... Elijah Savage wrote: Joseph W. Breu wrote: I am seeing the same here. We have disabled these lookups on our mail servers. On Thu, 19 Jan 2006, Jon R. Kibler wrote: Anyone else having ORDB.ORG Temp lookup failures? Seems to have been going on since about 1900 UTC today. Using web site to do lookups also fails or is VERY slow. Anyone know what is going on here? THANKS! Jon Kibler We have had to do the same was slowing down a bunch of mail. I do run my own caching name server on the same exact box as a matter of fact. But I hear one of their servers is under DOS uttack but that is nothing official, still awaiting word. -- http://www.digitalrage.org/ The Information Technology News Center
GoDaddy.com shuts down entire data center?
Any validatity to this and if so I am suprised that our team has got no calls on not be able to get to certain websites. http://webhostingtalk.com/showthread.php?t=477562 -- http://www.digitalrage.org/ The Information Technology News Center
Re: GoDaddy.com shuts down entire data center?
Elijah Savage wrote: Any validatity to this and if so I am suprised that our team has got no calls on not be able to get to certain websites. http://webhostingtalk.com/showthread.php?t=477562 WOW trying to do to many things at once. What a horrible email LOL. Any validity to this? Because I am suprised that we have not received any phone calls/tickets of customers complaining that they can't get to any of these domains. LOL -- http://www.digitalrage.org/ The Information Technology News Center
Re: Problems connectivity GE on Foundry BigIron to Cisco 2950T
Sam Stickland wrote: Replying to my own email.. I've found some sites that suggest it's not possible to disable auto-negotiation on 1000Base-T since other operational parameters are negotiated including selection of the master clock signal. I was aware that flow control was negotiated, but not the clock signal. Can anyone elaborate? Sam On Sun, 15 Jan 2006, Sam Stickland wrote: Hi, On Sun, 15 Jan 2006, Paul G wrote: - Original Message - From: Farrell,Bob [EMAIL PROTECTED] To: Randy Bush [EMAIL PROTECTED]; David Hubbard [EMAIL PROTECTED] Cc: Sam Stickland [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Sunday, January 15, 2006 4:45 PM Subject: RE: Problems connectivity GE on Foundry BigIron to Cisco 2950T Cisco commands- speed 1000 duplex full the bigiron wants (iirc): spe 1000-full i strongly suggest you peruse the cli reference for both devices. On the foundry GBIC blades you can't configure the speed and duplex settings, they only support 1000-full. (config-if-e1000-1/2)#speed-duplex 1000-full Error - can't change speed and duplex mode I've dug through as much information as I can about the cisco 2950T and 802.3z/802.3ab and disabling the auto-negiation. There appears to be no command at all available to do this. The cabling arrangement is: Foundry -- Straight -- Patch -- Underfloor -- Patch -- Crossover -- Cisco GBIC Cable Panel Straight Panel Cable If I replace the final crossover cable with a straight, change the foundry to a 10/100 port, and plug the final end into a host NIC instead of the cisco I get a connection. Crossover cable has been changed twice now, and the RJ45 GBIC was previously working in a cisco 6500. I am extensively familar (at least I believe I am) with both these models, and this one has me stumped. If nobody else can see any configuration errors I guess I'm down to hardware issues. Sam Cisco Infrastructure Port Recommendation Configuring auto-negotiation is much more critical in a GE environment than in a 10/100 environment. In fact, auto-negotiation should only be disabled on switch ports that attach to devices not capable of supporting negotiation, or where connectivity issues arise from interoperability issues. Cisco recommends that Gigabit negotiation be enabled (default) on all switch-to-switch links and generally all GE devices. The default value on Gigabit interfaces it auto-negotiation, but is still a good general practice to issue the following command to insure that auto-negotiation is enabled: switch(config)#interface type slot/port switch(config-If)#no speed !--- Sets the port to auto-negotiate Gigabit parameters. I have not looked at the RFC in a while but I thought when it first came out that auto negotiation had to be used on GigE. -- http://www.digitalrage.org/ The Information Technology News Center
Re: net-op: traffic loads as the result of patching
Vicky Røde wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 hmm..I thought (correct me if I wrong) wsus followed a mirror (distributed) model say if a group of servers were pegged the update process would provide remote clients access to the closet and min latency host(s) in order to distribute the load prevent bandwidth saturation. regards, /virendra Elijah Savage wrote: Sean Donelan wrote: So, maybe an operational question. What are people seeing as far as network traffic loads due to WMF patching activity, e.g. auto-update and manual downloads? Microsoft has used several CDNs in addition to its own servers to distribute the load in the past. WSUS servers are being pounded right now. Usually 5 to 7% CPU now 72% -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDvqLlpbZvCIJx1bcRAoF4AJ9pi/xlNkX8mSMT4ogZcVccrJ9ijACg854X JhwaWYg6bEmVf4yHVmY6mQI= =3oZt -END PGP SIGNATURE- You are correct and with BITS2.0 or really any version of BITS which any updated system should have BITS2.0 it will use only the available bandwidth given. So say you are using 70% of your bandwidth, BITS on XP will only use the other 30%. So Bandwidth should not be an issue, but what I have noticed with WSUS is multiple clients connecting to the server will drive cpu utilization up only in peak form though like on initial connection. For us this is one service that was not built redundant because if for some reason like maintenance and our server is down the clients will then failover to Micro$ofts servers to get them directly. -- http://www.digitalrage.org/ The Information Technology News Center
Re: net-op: traffic loads as the result of patching
Sean Donelan wrote: So, maybe an operational question. What are people seeing as far as network traffic loads due to WMF patching activity, e.g. auto-update and manual downloads? Microsoft has used several CDNs in addition to its own servers to distribute the load in the past. WSUS servers are being pounded right now. Usually 5 to 7% CPU now 72% -- http://www.digitalrage.org/ The Information Technology News Center
Sober Z virus
Can anyone confirm this I got this from a security partner of ours. The source code for the Sober.Z worm, which began infecting computers worldwide on Nov. 21, indicates that the author(s) are planning to launch another attack on Thursday, Jan. 5 and Friday 6, to coincide with the 87th anniversary of the founding of the Nazi Party. On these dates, PCs infected with Sober.Z will be instructed to connect to numerous servers to download malicious code that will likely send out German and English language email hate messages. Uknown Company (my edit)encourages network administrators to protect themselves by blocking domains believed to host the malicious code. These domains are: http://people.freenet.de/ http://scifi.pages.at/ http://home.pages.at/ http://free.pages.at/ http://home.arcor.de/ -- http://www.digitalrage.org/ The Information Technology News Center
Re: Sober Z virus
Fergie wrote: See: http://www.f-secure.com/weblog/archives/archive-122005.html#0729 - ferg -- Elijah Savage [EMAIL PROTECTED] wrote: Can anyone confirm this I got this from a security partner of ours. The source code for the Sober.Z worm, which began infecting computers worldwide on Nov. 21, indicates that the author(s) are planning to launch another attack on Thursday, Jan. 5 and Friday 6, to coincide with the 87th anniversary of the founding of the Nazi Party. On these dates, PCs infected with Sober.Z will be instructed to connect to numerous servers to download malicious code that will likely send out German and English language email hate messages. Uknown Company (my edit)encourages network administrators to protect themselves by blocking domains believed to host the malicious code. These domains are: http://people.freenet.de/ http://scifi.pages.at/ http://home.pages.at/ http://free.pages.at/ http://home.arcor.de/ Thank you I always forget about f secure and they did not post as musch info on symantecs site or I missed it some how. -- http://www.digitalrage.org/ The Information Technology News Center
MSN admins Mails disappears into ether
Is there any MSN admins on the list that can help. We have a customer that sends mail to an msn account and sometimes it goes and sometimes it does not and they are getting very frustrated with our service of course blaming us. I have logs that show we sent the mail and it was accepted for delivery but the person on the other end never gets it. This customer can send the same mail 5 minutes apart for testing and we show it being delivered and accepted both times but the guy on the other end will get 1 out of the 2 messages so we do not think it is being marked as spam on your end and dropped. If anyone can please contact me off list or if anyone has had any success with contacting a MSN admin that info would be greatly appreciated. Thank you -- http://www.digitalrage.org/ The Information Technology News Center
ATTMPLS Issues?
All, I had about 20 customer down today which connect back to me via vpn connectivity across the internet, but we also have a private Sprint MPLS conection that was down at this time. My VPN tunnels all started to come up at about 2:20pm today at the same time and at exactly that time my private Sprint MPLS connectivity came back up which was weird. Below you will find traceroutes that stops in Sprints address space but then after it all came back up the very next hop is ATTMPLS. I then did some correlation and found out that all my tunnels that were down the peering address belongs to ATT all were 12.x addresses. Were there some sort of routing issue between ATT and Sprint between Noon and 2:30 today? I do not peer with ATT or Sprint so I am sure they will not give me any info if I called in. But I do have a ticket open with my provider to see if they can get info out of them. Incomplete 1 68.250.30.130 4 msec\par 2 66.73.28.97 0 msec\par 3 65.43.25.116 4 msec\par 4 151.164.188.201 12 msec\par 5 151.164.242.129 20 msec\par 6 151.164.42.168 20 msec\par 7 151.164.191.114 20 msec\par 8 151.164.42.139 20 msec\par 9 144.223.241.57 24 msec\par Complete 1 68.250.30.130 0 msec\par 2 66.73.28.97 4 msec\par 3 65.43.25.116 0 msec\par 4 151.164.188.201 12 msec\par 5 151.164.242.129 180 msec\par 6 151.164.42.168 20 msec\par 7 151.164.191.114 20 msec\par 8 151.164.42.139 20 msec\par 9 144.223.241.57 20 msec\par 10 192.205.32.141 236 msec\par 11 ATT[MPLS: Label 32752 Exp 0] 52 msec\par 12 12.122.10.46 [MPLS: Label 32451 Exp 0] 52 msec\par 13 12.122.9.141 [MPLS: Label 32326 Exp 0] 52 msec\par 14 12.122.10.90 [MPLS: Label 32259 Exp 0] 52 msec\par 15 12.122.9.161 [MPLS: Label 32279 Exp 0] 52 msec\par 16 12.122.10.130 [MPLS: Label 32761 Exp 0] 52 msec\par 17 12.122.12.150 [MPLS: Label 450 Exp 0] 56 msec\par
Re: ATTMPLS Issues?
Got it figured out shortly after I sent this message. Sorry and Thank you. Elijah Savage wrote: All, I had about 20 customer down today which connect back to me via vpn connectivity across the internet, but we also have a private Sprint MPLS conection that was down at this time. My VPN tunnels all started to come up at about 2:20pm today at the same time and at exactly that time my private Sprint MPLS connectivity came back up which was weird. Below you will find traceroutes that stops in Sprints address space but then after it all came back up the very next hop is ATTMPLS. I then did some correlation and found out that all my tunnels that were down the peering address belongs to ATT all were 12.x addresses. Were there some sort of routing issue between ATT and Sprint between Noon and 2:30 today? I do not peer with ATT or Sprint so I am sure they will not give me any info if I called in. But I do have a ticket open with my provider to see if they can get info out of them. Incomplete 1 68.250.30.130 4 msec\par 2 66.73.28.97 0 msec\par 3 65.43.25.116 4 msec\par 4 151.164.188.201 12 msec\par 5 151.164.242.129 20 msec\par 6 151.164.42.168 20 msec\par 7 151.164.191.114 20 msec\par 8 151.164.42.139 20 msec\par 9 144.223.241.57 24 msec\par Complete 1 68.250.30.130 0 msec\par 2 66.73.28.97 4 msec\par 3 65.43.25.116 0 msec\par 4 151.164.188.201 12 msec\par 5 151.164.242.129 180 msec\par 6 151.164.42.168 20 msec\par 7 151.164.191.114 20 msec\par 8 151.164.42.139 20 msec\par 9 144.223.241.57 20 msec\par 10 192.205.32.141 236 msec\par 11 ATT[MPLS: Label 32752 Exp 0] 52 msec\par 12 12.122.10.46 [MPLS: Label 32451 Exp 0] 52 msec\par 13 12.122.9.141 [MPLS: Label 32326 Exp 0] 52 msec\par 14 12.122.10.90 [MPLS: Label 32259 Exp 0] 52 msec\par 15 12.122.9.161 [MPLS: Label 32279 Exp 0] 52 msec\par 16 12.122.10.130 [MPLS: Label 32761 Exp 0] 52 msec\par 17 12.122.12.150 [MPLS: Label 450 Exp 0] 56 msec\par
Re: ATTMPLS Issues?
Oh yeah and it was not my issue :) It was as I suspected. Elijah Savage wrote: Got it figured out shortly after I sent this message. Sorry and Thank you. Elijah Savage wrote: All, I had about 20 customer down today which connect back to me via vpn connectivity across the internet, but we also have a private Sprint MPLS conection that was down at this time. My VPN tunnels all started to come up at about 2:20pm today at the same time and at exactly that time my private Sprint MPLS connectivity came back up which was weird. Below you will find traceroutes that stops in Sprints address space but then after it all came back up the very next hop is ATTMPLS. I then did some correlation and found out that all my tunnels that were down the peering address belongs to ATT all were 12.x addresses. Were there some sort of routing issue between ATT and Sprint between Noon and 2:30 today? I do not peer with ATT or Sprint so I am sure they will not give me any info if I called in. But I do have a ticket open with my provider to see if they can get info out of them. Incomplete 1 68.250.30.130 4 msec\par 2 66.73.28.97 0 msec\par 3 65.43.25.116 4 msec\par 4 151.164.188.201 12 msec\par 5 151.164.242.129 20 msec\par 6 151.164.42.168 20 msec\par 7 151.164.191.114 20 msec\par 8 151.164.42.139 20 msec\par 9 144.223.241.57 24 msec\par Complete 1 68.250.30.130 0 msec\par 2 66.73.28.97 4 msec\par 3 65.43.25.116 0 msec\par 4 151.164.188.201 12 msec\par 5 151.164.242.129 180 msec\par 6 151.164.42.168 20 msec\par 7 151.164.191.114 20 msec\par 8 151.164.42.139 20 msec\par 9 144.223.241.57 20 msec\par 10 192.205.32.141 236 msec\par 11 ATT[MPLS: Label 32752 Exp 0] 52 msec\par 12 12.122.10.46 [MPLS: Label 32451 Exp 0] 52 msec\par 13 12.122.9.141 [MPLS: Label 32326 Exp 0] 52 msec\par 14 12.122.10.90 [MPLS: Label 32259 Exp 0] 52 msec\par 15 12.122.9.161 [MPLS: Label 32279 Exp 0] 52 msec\par 16 12.122.10.130 [MPLS: Label 32761 Exp 0] 52 msec\par 17 12.122.12.150 [MPLS: Label 450 Exp 0] 56 msec\par
Re: L3 having issues on the west coast?
Jon Lewis wrote: I was trying to get some IOS and compare a few images in FN, and found I cisco.com was being sluggish, and FN wouldn't load at all. Packets Pings Hostname%Loss Rcv Snt Last Best Avg Worst ... 6. ge-6-2-0.mp1.Orlando1.Level3.net 0% 44 44 54 13120 7. ae-0-0.bbr1.SanJose1.Level3.net 14% 38 4475 74 75 77 8. ge-11-1.ipcolo1.SanJose1.Level3.net 23% 34 4475 75 75 76 9. p1-0.cisco.bbnplanet.net 10% 40 4475 75 81160 10. sjce-dmzbb-gw1.cisco.com 0% 44 4477 75 82292 11. sjck-dmzdc-gw2.cisco.com 25% 33 4476 76 76 77 12. www.cisco.com 59% 18 4476 76 77 78 That doesn't look right. Anyone know what's going on out there? I am not sure what is going on there, but Cisco has been this way for a month or more for me. I do not have problems bringing up their website but I do notice that ICMP packet loss to them has been horrible the last month or so.
