Re: Increase in traffic to/from DSL subs since August?
On Thursday, November 20, 2003 10:00 PM, Jared B. Reimer [EMAIL PROTECTED] wrote: Greetings. Another independent ISP operator and I have noticed a pretty significant increase in traffic to and from our broadband (DSL) subscribers since August. It's been a fairly steady uptick, at least in my case, resulting in a doubling of overall average traffic to/from these folks since then. Have others seen a similar trend? Any thoughts as to what the cause may be? Our best guess a virus/worm, possibly being used as a spam relay or other proxy at this point... Traffic at LINX and AMS-IX started to grow again in Juli/August as well after having slowed down for months. At DE-CIX we see also a bis increase in traffic since August. No idea what this is. IMHO it's to much traffic for being virus/worm. Arnold
Re: Hijacked IP space.
On Tuesday, November 04, 2003 4:48 PM, Randy Bush [EMAIL PROTECTED] wrote: How should your peers certify that the routes you announce are reasonable for them to receive? completely orthogonal issue. but, if you have interest in the topic, you might look into sbgp. sBGP does don't protect you to pick up garbage ... Arnold
Re: ix's prefix registration
DE-CIX (http://www.de-cix.net) does (see 4.4 http://www.de-cix.net/info/DE-CIX_technical_requirements.pdf). And afaik that's also true for LINX, AMS-IX, Xchangepoint, ... Look at their policies as well. DE-CIX does not monitor this. However if you are using DE-CIX's routeserver your announcements are filtered against your policy (as path lists and ip filter lists). Regards, Arnold On Tuesday, October 14, 2003 6:28 PM, joshua sahala [EMAIL PROTECTED] wrote: hello to all i was wondering if there were some published docs online regarding the registration of route objects and membership at an ix - specifically, do ixp's around the world require that their members register all of their route objects prior to being allowed to exchange traffic at the ix? if so, how do you/they monitor this? is it left up to the other providers at the ix to verify that they are peering with someone who registers their objects? is this something that an ix could/should worry about? i know that many providers around the world are increasingly requiring registration, and that many build their filters from these registrations, but i have been unable to find anything wrt internet exchanges. replies on or off, i will summarize thanks /joshua Walk with me through the Universe, And along the way see how all of us are Connected. Feast the eyes of your Soul, On the Love that abounds. In all places at once, seemingly endless, Like your own existence. - Stephen Hawking -
Re: Extreme BlackDiamond
6500-NEBS has also vertical boards ... Arnold On Monday, October 13, 2003 10:37 PM, Robert A. Hayden [EMAIL PROTECTED] wrote: 7600 is also vertical boards whereas the 6500 is horizontal. On Mon, 13 Oct 2003, Simon Lockhart wrote: On Mon Oct 13, 2003 at 01:19:21PM -0700, Tom (UnitedLayer) wrote: On Mon, 13 Oct 2003, Michel Py wrote: Aren't most of the 6500 blades the same as the 7600 ones anyway? Between these two IMHO we are looking at a blurry distinction between a router with very good switching capabilities and a L3 switch with very good routing capabilities. Does the 7600 have the same BGP Scanner problem as the 6509 does? I've still yet to see anything that suggests that the difference between the 7600 and the 6500 is more than just a paint job and a marketting job. Simon
Re: Fun new policy at AOL
On Thursday, August 28, 2003 4:18 PM, Matthew Crocker [EMAIL PROTECTED] wrote: Shouldn't customers that purchase IP services from an ISP use the ISPs mail server as a smart host for outbound mail? At least here in DE there are resellers of DTAG which offer DSL connections without any SMTP relay. If you want relaying you also have to order a domain via them. More funny: you cannot deliver mails to DTAG (actually T-Online) as the resellers use address space of DTAG and hence the DTAG servers believe you are a customer of them and should use the internal relays ... Arnold
Re: North America not interested in IP V6
On Wednesday, July 30, 2003 9:00 AM, Peter Galbavy [EMAIL PROTECTED] wrote: Roy wrote: This article seems to imply that North American networks don't care about IP V6 while the rest of the world is suffering great hardship http://www.msnbc.com/news/945119.asp PS. Please don't shoot the messenger Regardless of the content of the above, let me say that with the exception of the academic community (including those in commercial orgs) no one in Europe is interested either. Here at DE-CIX (www.de-cix.net) I can see that more and more ISP are joining the IPv6 trial (http://www.de-cix.net/info/decix-ipv6/) . Currently already 20% of all ~120 ISP at DE-CIX have IPv6 enabled. Arnold
Re: Unique AS
Hola Gabriel, reading http://www.nanog.org/mtg-0302/merger.html might be very helpful. Regards, Arnold On Monday, July 14, 2003 3:47 AM, Adonaylo, Gabriel [EMAIL PROTECTED] wrote: Hello All, First of all, forgive my English writting please! I work for an Internet Carrier in Argentina which is in process of reorganizing its regional operations. We are also serving in other countries in South America. We currently have one AS per country and we are looking forward to migrate to a unique AS for all the organizations. Could anyone describe pros and cons of having a unique AS for this kind of networks rather than having one AS for each country. Regardless of the cons, we are facing migration process anytime soon, so I would appreciate very much to get more pros than cons to include in my papers which are almost finished! I would also be glad if you share your experience about this migration process. That is the real value of your answers. Thanks for your time. Regards, Gabriel.
Re: Unified table of AS names?
On Tuesday, June 03, 2003 8:12 AM, Mike Leber [EMAIL PROTECTED] wrote: I'm looking for a unified table of AS names or a tool that could be used to generate such a table. When a check of RIPE shows: # whois AS3320 -h whois.ripe.net % This is the RIPE Whois server. % The objects are in RPSL format. % % Rights restricted by copyright. % See http://www.ripe.net/ripencc/pub-services/db/copyright.html as-block: AS3154 - AS3353 descr:RIPE NCC ASN block Which while you could write a hacked up script that scans for the first description line after finding an aut-num line that was an exact match, leave you wondering questions like is the as-name field unused in the RIPE database (unlike the ARIN database)? I figure there are several people out that that all must have solved this problem independently, perhaps one of them would share? :) :) :) whois -T aut-num -r AS3320 -h whois.ripe.net should do. Arnold -- Arnold Nipper / DE-CIX, the German Internet Exchange e-mail: [EMAIL PROTECTED] phone/mob: +49 172 265 0958 fax: +49 6224 9259 333 http://www.de-cix.net pgp-fingerprint: e533 5cc5 be27 27ae 04b7 0adc 2603 f8a9 1b59 3bd4
Re: What? : Delivery Status Notification (Failure) (fwd)
me 2. About 16 messages starting 2002/10/04 to 2002/11/07. Arnold - Original Message - From: Stephen J. Wilcox [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Saturday, November 16, 2002 1:28 PM Subject: What? : Delivery Status Notification (Failure) (fwd) anyone else receiving a large number of bounces from nanog deliveries to the below address dated over the past 3 months? anyone at shure.com care to stop it as they're still coming! -- Forwarded message -- Date: Fri, 11 Oct 2002 20:01:45 -0500 From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Delivery Status Notification (Failure) This is an automatically generated Delivery Status Notification. Unable to deliver message to the following recipients, due to being unable to connect successfully to the destination mail server. [EMAIL PROTECTED]
Re: Peerings
Did you already check http://www.euro-ix.net/isp/choosing/search/form.php. This DB lists all ASN connected to any Euro-IX member (currently 23). Regards, Arnold - Original Message - From: Petri Helenius [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, November 05, 2002 8:07 AM Subject: Peerings Is there a standardized depository of information where lists of which AS´s are present in which exchange(s)? RADB does not really cut it since it only lists the participants of the interconnect, not really identifying the facility. Obviously I´m aware that most IXn list their participants on a web site but I´m looking for more machine readable data. Pete
Re: IP Address Allocations in Germany
Gawie, what do you mean by ... onto the Internet? If you just want to enable each site with Internet go for http://www.ripe.net/ripencc/mem-services/general/indices/DE.html and pick one (or more) of the ISPs offering services in Germany. Otherwise pls explain in more detail. Regards, Arnold btw: didn't know that you still are able to buy Class C ... - Original Message - From: Gawie Marais (Home) [EMAIL PROTECTED] To: 'nanog' [EMAIL PROTECTED] Sent: Tuesday, November 05, 2002 2:10 AM Subject: IP Address Allocations in Germany Hi, This is a long shot, but I'm hoping someone can help me out here... I was wondering if it would be possible to purchase an entire Class C address range for use in Germany. I have a Infrastructure company based in south africa that is looking to connect some 80 sites throughout Germany onto the Internet. At this stage I'm not quite sure exactly what and how they are going to do it but I received a request from them to try and locate an entire class c for them. Any suggestions on how to go about doing this ?? Regards, Gawie J Marais Technical Member inX - Internet eXchange SA Tel: +27 11 956 6935 Fax: +27 11 956 6851 Mail: [EMAIL PROTECTED] Web: http://www.inx.co.za/
Re: NMS/OSS commercial software : short summary from NANOG replies
Expansion of nothing is still nothing. Others call it insert your favorite OS ... Arnold That is very short summary, would you care to expand a little bit? Pete Hello, First of all, thanks for all the answers that I received from the list. Some of you asked me a feedback on the answers received, so here it is :
Re: AMS-IX problems
Iljitsch van Beijnum wrote: There seem to be large scale problems at the AMS-IX. BGP sessions with peers keep oscillating. Since their own addresses keep jumping all over the place, it is not possible to reach anyone over the AMS-IX tech list. I have disabled all AMS-IX peerings for the networks I manage, and I suggest everyone who is present there looks in to doing the same. According to Henk Steenman (CTO AMS-IX) everything is back to normal operations. AMS-IX is still investigating what happened. -- Arnold
Re: AMS-IX problems
Stephen J. Wilcox: It's very interesting to see the traffic stats at http://www.ams-ix.net/hugegraph.html Usually, incoming and outgoing traffic is the same. But during this problem, much more traffic went out than came in. Curious, as the exchange sources no traffic that shouldnt really be possible ;) (unless the graphs are inaccurate) I guess you get the same graph when you are missing data of some ports. I.e. you only have Sum(output) = Sum(input) when taking all ports into account. Multicast and broadcast are another story as this are different counters. -- Arnold
Re: question concerning traceroute?
[EMAIL PROTECTED] wrote: According to definition, is should take the same path, but are there any other cases that I should be aware of? According to the definition, it is going to show you the path the packets took from you to the destination, not from the destination back. Unless you did - g, Arnold
Re: Is the PAIX Palo Alto taking a dump?
Lane Patterson wrote: Of course what I really want for Xmas is a Force10 box ;-) Cheers, -Lane For sure! But how likely is it that they don't take the same road as Pluris did? Or to rephrase it: technically it sounds very sound, but does this hold also commercial wise? Regards, Arnold
Re: Identifying DoS sources quickly (was: Bogon list or Dshield.org type list)
Hank Nussbacher wrote: So, to restate the problem, how do we identify some of the sources of a DoS attack quickly, maybe even while the attack is still in progress? Not a complete solution but a start: IP Source Tracker: http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120 limit/120s/120s21/ipst.htm Available as of 12.0(22)S for 7500 and 12000 series Cisco routers. Hank, one major flaw with this is that you can't track back further when you are on an (ethernet based) IXP. IIRC older versions of IOS gave L2 information (MAC address) as well which helped you to identify the last hop. -- Arnold -- Arnold Nipper / nIPper consulting e-mail: [EMAIL PROTECTED] phone/mob: +49 172 265 0958 fax: +49 6224 9259 333
Re: Re: KPNQwest ns.eu.net server.
As a lot of people are offering secondary services: may be it's a good idea to place infrastructural services at IXP. IXP seem to be more stable than any ISPs and often more neutral than ISPs. Comments? Arnold -- Arnold Nipper, DE-CIX, the German Internet Exchange email: [EMAIL PROTECTED] mobile: +49 172 2650958 handle: an6695-ripe - Original Message - From: Sabine Dolderer/Denic [EMAIL PROTECTED] To: Jan-Ahrent Czmok [EMAIL PROTECTED] Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Thursday, June 06, 2002 9:43 AM Subject: Re: Re: KPNQwest ns.eu.net server. Hello, DENIC runs currently several secondarys (not only DE but also for some other TLDs) in different places worldwide. We are willing to offer secondary service for other ccTLDs. But there will be because of security/stability reasons a limit on the number of ccTLDs we want to run on a single machine. Sabine -- Sabine Dolderer DENIC eG Wiesenhüttenplatz 26 D-60329 Frankfurt eMail: [EMAIL PROTECTED] Fon: +49 69 27235 0 Fax: +49 69 27235 235 Jan-Ahrent CzmokAn: Joao Luis Silva Damas [EMAIL PROTECTED] czmok@gatel.Kopie: [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], net [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], Gesendet von:[EMAIL PROTECTED], [EMAIL PROTECTED] owner-lir-wg@Thema: Re: KPNQwest ns.eu.net server. ripe.net 06.06.2002 01:29 PostedDate: 06.06.2002 01:29:37 $MessageID: [EMAIL PROTECTED] From: [EMAIL PROTECTED] SendTo: Joao Luis Silva Damas [EMAIL PROTECTED] CopyTo: [EMAIL PROTECTED];[EMAIL PROTECTED];[EMAIL PROTECTED];[EMAIL PROTECTED];tech-l@ams- ix.net;[EMAIL PROTECTED];[EMAIL PROTECTED];[EMAIL PROTECTED] Subject: Re: KPNQwest ns.eu.net server. Received: from smtp.denic.de ([194.246.96.22]) by notes.denic.de (Lotus Domino Release 5.0.8) with ESMTP id 2002060601283597:15602 ; Thu, 6 Jun 2002 01:28:35 +0200 Received: from postman.ripe.net (postman.ripe.net [193.0.0.199]) by smtp.denic.de with smtp id 17FkCg-0004uX-00; Thu, 6 Jun 2002 01:28:34 +0200 Received: (qmail 11455 invoked by alias); 5 Jun 2002 23:28:15 - Received: (qmail 11452 invoked by uid 66); 5 Jun 2002 23:28:15 - Delivered_To: [EMAIL PROTECTED] PRINCIPAL: Jan-Ahrent Czmok [EMAIL PROTECTED] In_Reply_To: p05111700b92449b9ddee@[193.0.1.81] References: [EMAIL PROTECTED] [EMAIL PROTECTED] p05111700b92449b9ddee@[193.0.1.81] Organization: Global Access Telecommunications Inc. $Mailer: Sylpheed version 0.7.6claws16 (GTK+ 1.2.10; i386-debian-linux-gnu) X_Ncc_RegID: de.gatel MIME_Version: 1.0 Precedence: bulk X_Loop_Detect: RIPE NCC SMTPOriginator: [EMAIL PROTECTED] RouteServers: CN=notes/O=Denic RouteTimes: 06.06.2002 01:28:36-06.06.2002 01:28:38 DeliveredDate: 06.06.2002 01:28:38 DENICDOCOPENCOUNT: 1 $MIMETrack: Itemize by SMTP Server on notes/Denic(Release 5.0.8 |June 18, 2001) at 06.06.2002 01:28:36;MIME-CD by Notes Client on Sabine Dolderer/Denic(Release 5.0.6a |January 17, 2001) at 06.06.2002 09:32:28;MIME-CD complete at 06.06.2002 09:32:28 BlindCopyTo: WebSubject: Re: KPNQwest ns.eu.net server. On Thu, 6 Jun 2002 01:08:46 +0200 Joao Luis Silva Damas [EMAIL PROTECTED] wrote: At 11:04 -0700 5/6/02, Randy Bush wrote: Given the current situation of KPNQwest and the possibility of its services going offline sometime soon, the RIPE NCC in agreement with KPNQwest will be temporally hosting this server (ns.eu.net) in its premises. nice emergency hack and sorry to whine. but i used them both to get diversity. Hi Randy, there are 16 ccTLDs for which ns.ripe.net and ns.eu.net are both secondary. So we will definitely request those ccTLDs to look for a new host as soon as possible. Hi Randy, hi Joao, dear routing-wg, probably my Company (GATEL, AS13129) is able to host a secondary server for the ccTLDs. The question is rather what are the hardware requirements for the secondary server. We have sufficient bandwidth capacity available and rack space as well. The rest can take bit more time to think what they want to do since ns.eu.net will keep running. Well done ! Congrats for the good ideas and coordination work. We are offering secondary service on ns.ripe.net for any ccTLD that we weren't sencodaring for, as are other people. The idea is not to have ns.eu.net running for ever, just to enable people to have time to take rational decisions, without the fear of having the server going away because of some unexpected turn of events. when in less of a panic, please move it to moscow or something. Panic? what panic? this is just common sense right. it's not panic. --jan -- Jan
