Re: Announcement: Critical Internet Infrastructure WG is now open to public participation

[Gadi Evron]

Gadi Evron wrote:
I can share personal examples of past uses relating to NANOG, which are 
public:




Oh, duh! The outages mailing list is part of the ISOTF, although clearly 
its own entity.


Gadi.

Re: Announcement: Critical Internet Infrastructure WG is now open to public participation

[Gadi Evron]

Jorge Amodio wrote:

Still you didn't answer the question.

What ISOTF stands for and who are "we" ?

What papers the "we" published ? where ?


This is off-topic, so while we give some thought as to what to put on 
the public web page in the future, here is a quick answer. Future 
responses, please off-list.


ISOTF stands for Internet Security Operations Task Force. It's a loosely 
affiliated group of people who respond to Internet-wide incident 
response, and sometimes, need an umbrella name.


I can share personal examples of past uses relating to NANOG, which are 
public. I realize you need a blurb-like answer rather than answer by 
example. Public is new for us, so give us time:


I can share personal examples of past uses relating to NANOG, which are 
public:


1. Monthly botnet C&C's report, posted for a while from 
c2repo...@isotf.org by Randy Vaughn and myself.


2. We also use it to host some papers such as I did the original DNS 
Amplification Attacks, which was released prior to being able to get 
academic credit or decent editing, due to operational needs of major 
attacks in the wild, with very little information known at the time by 
operators.


3. ISOI stands for Internet Security Operations and Intelligence. It is 
a non-profit and closed workshop for vetted and trusted individuals in 
communities such as MWP, NSP-SEC, MAAWG, and in government, law 
enforcement, industry and academia in North America and world-wide. In 
it sensitive subjects relating to the security of the Internet 
infrastructure, combating cyber crime, phishing, botnets and fraud are 
being discussed.


ISOI 1 was hosted by Cisco and supported by the ISC.
http://isotf.org/isoi.html

ISOI 2 was hosted by Microsoft and supported by Trend Micro.
http://isotf.org/isoi2.html

ISOI 3 was hosted by ICANN, ISOC and Afilias, and supported by Sunbelt 
Software.

http://isotf.org/isoi3.html

ISOI 4 was hosted by Yahoo! and supported by various local SF-bay companies.
http://isotf.org/isoi4.html

ISOI 5 was hosted by the Estonian CERT and supported by Norman.
http://isotf.org/isoi5.html

ISOI 6 was hosted by the University of Texas, Dallas, and supported by 
Baylor University.

http://isotf.org/isoi6.html

ISOI 7 was hosted by Websense and ESET, and supported by Facebook and 
Softlayer:

http://isotf.org/isoi7.html

Gadi.




Regards
Jorge




--
Gadi Evron,
g...@linuxbox.org.

Blog: http://gevron.livejournal.com/

Re: Password repository

[Dan White]

On 19/11/09 15:34 +0900, Randy Bush wrote:

Quick question, does anyone have software/combination of tools they
recommend on centrally store various passwords securely?




ascii text file, gpg encrypted, only opened with emacs crypt++.el


From the network administrator perspective, we prefer to use a 3rd
party/central authentication system where feasible, to reduce the number of
passwords entries in our network from Users*Systems to
Users*Security_Domains, and keep a gpg encrypted file (and a physical copy)
in a safe location of rarely used admin/root passwords that we only
need in an emergency (e.g. when RADIUS goes down).

--
Dan White

Re: Password repository

[Randy Bush]

> Quick question, does anyone have software/combination of tools they
> recommend on centrally store various passwords securely?



ascii text file, gpg encrypted, only opened with emacs crypt++.el

randy

RE: Password repository

[Darryl Dunkin]

http://keepass.info

Works great in a multi-user environment.

-Original Message-
From: Jay Nakamura [mailto:zeusda...@gmail.com] 
Sent: Wednesday, November 18, 2009 19:57
To: NANOG
Subject: Password repository

Quick question, does anyone have software/combination of tools they
recommend on centrally store various passwords securely?

Thanks.

Re: Password repository

[Darren Bolding]

Pwman

On 11/18/09, Jay Nakamura  wrote:
> Quick question, does anyone have software/combination of tools they
> recommend on centrally store various passwords securely?
>
> Thanks.
>
>

-- 
Sent from my mobile device

--  Darren Bolding  --
--  dar...@bolding.org   --

Re: Policy News

[Steve Meuse]

Bret Clark expunged (bcl...@spectraaccess.com):

> Want to get broadband out to people, then deal with duopolies that many
> of the regions in the country have...such as Verizon & Comcast

WRT to Comcast ...

There is nothing preventing *any* company from building a cable network in any 
existing MSO territory. Each license is negotiated town-by-town, 
county-by-county, there aren't any exclusivity agreements, which allow 
companies like RCN to compete. 

The reason why there isn't more local competition is, well, it's kinda 
seriously captial inte$ive. You ever notice why RCN doesn't overbuild in East 
Nowheresville, MI (where Jared lives apparently :)??? Because it's not 
profitable! 

-Steve (Comcast employee, speaking on my own behalf)

Re: Password repository

[David Storandt]

On a small scale, PasswordSafe from Sourceforge.


On Wed, Nov 18, 2009 at 10:56 PM, Jay Nakamura  wrote:
> Quick question, does anyone have software/combination of tools they
> recommend on centrally store various passwords securely?
>
> Thanks.
>
>



-- 
--
David Storandt
CTO
TelJet Longhaul LLC
802-922-9503 (new DID)
802-264-3003 (fax)
dstora...@teljet.com

Re: Announcement: Critical Internet Infrastructure WG is now open to public participation

[Jorge Amodio]

Still you didn't answer the question.

What ISOTF stands for and who are "we" ?

What papers the "we" published ? where ?

Regards
Jorge

Password repository

[Jay Nakamura]

Quick question, does anyone have software/combination of tools they
recommend on centrally store various passwords securely?

Thanks.

Re: Juniper M120 Alternatives

[Tony Varriale]

As a side note that many may be aware of, there are other Cisco 
products/code bases that have these nice features.


tv
- Original Message - 
From: "Paul Cosgrove" 

To: "Richard A Steenbergen" 
Cc: 
Sent: Wednesday, November 18, 2009 8:04 AM
Subject: Re: Juniper M120 Alternatives

The design differences you describe there relate more to traditional IOS 
vs

JUNOS, rather than IOS XR vs JUNOS.  IOS XR uses candidate configurations,
commit, rollback etc.

Paul. 

AT&T BGP Setup

[Shon Elliott]

Hey everyone. I didn't really want to ask this out here, but wasn't sure
who else I could ask, but does anyone here have BGP setup with AT&T as
well as to other providers? Could you give me a phone number for a rep?
Our AT&T reps are telling us they won't allow us to announce IP we get
from AT&T and our own IP out our other connections, and vice versa where
we cannot announce our IP address and IP addresses we have from AT&T out
to through their circuit via like an Optiman setup. So basically, if you
have a rep that some answers, could you forward me their phone number
off-list? 

Thanks!

-S

Re: Announcement: Critical Internet Infrastructure WG is now open to public participation

[Gadi Evron]

Youssef Ghorbal wrote:

Off topic, but are you serious about the "Admin Interface" Link
(http://www.isotf.org/?page_value=13223) or is it just a joke ?



hehe, thanks for noticing. I'm sure Randy Vaughn gets excited every 
single time someone does.


Reddit had fun with our admin interface a while back:
http://www.reddit.com/r/reddit.com/comments/6a32u/please_enter_the_first_1178_digits_of_pi_wait/

As to if it's a joke... one way to find out. :)

Gadi.




--
Gadi Evron,
g...@linuxbox.org.

Blog: http://gevron.livejournal.com/

Re: Juniper M120 Alternatives

[sthaug]

> That's excellent news - any word on when Cisco will be back-porting these
> truly useful features from XR to that platform which so many of us are still
> running on (ie "traditional IOS")?

Obviously not speaking for Cisco here - but as a significant customer
we have had no indication that this will happen, ever.

Steinar Haug, Nethelp consulting, sth...@nethelp.no

Re: Policy News

[Chris Meidinger]

On 18.11.2009, at 20:08, Jeff Saxe wrote:

> I don't think Steve meant a way to stop the CPU / process thread of 
> retrieving email if it is hung talking to an email server, although thank you 
> for that. I believe Steve meant "I want to keep reading the NANOG mailing 
> list in general, but this particular message thread has zero interest to me, 
> so as any new emails come in that are replies to replies to replies to this 
> thread, just suppress them so I don't have to even hit Delete.". Something 
> like that.

Ah, I thought you meant threads were blocking Mail.app from processing messages 
in other mailboxes. I subscribe to several imap boxes with over half a million 
messages in them, so I use activity monitor to kill sync all the time. Mail.app 
seems to not process anything else on the same account as long as it's busy 
processing a subscription for a particular mailbox, which can take forever in 
some cases.

As to the actual question, I use Mail.app in threaded mode anyway. When I'm not 
interested in a thread, I just let it collect messages and mark it as read 
every couple of days. I'm not aware of any way to tell Mail.app to quit showing 
messages from a particular thread.

Chris

Re: Juniper M120 Alternatives

[Phil Pierotti]

That's excellent news - any word on when Cisco will be back-porting these
truly useful features from XR to that platform which so many of us are still
running on (ie "traditional IOS")?

Phil P

On Thu, Nov 19, 2009 at 1:04 AM, Paul Cosgrove <
paul.cosgrove.na...@gmail.com> wrote:

> On Tue, Nov 17, 2009 at 5:32 PM, Richard A Steenbergen  >wrote:
> The design differences you describe there relate more to traditional IOS vs
> JUNOS, rather than IOS XR vs JUNOS.  IOS XR uses candidate configurations,
> commit, rollback etc.
>
> Paul.
>

Re: Mail.app threading (was Re: Policy News)

[David Andersen]

On Nov 18, 2009, at 2:52 PM, Dobbins, Roland wrote:



On Nov 19, 2009, at 2:13 AM, Matthew Dodd wrote:


Sadly I don't know of any feature that does this in Mail.app, b


If you set the Mail.app GUI to use 'threaded view', it's easy to zap  
a whole thread.


I believe that Steve's desire was to kill *future* messages in the  
same thread.  e.g., a rule that says 'delete all mail from nanog with  
the subject line 'Policy News' until December 1, 2010'.


This would be a marvelous feature indeed.  Sadly, I don't know how to  
do it in Mail.app. :)


  -Dave

Re: Policy News

[Owen DeLong]

There isn't a thread-kill per se, but, you can create a rule and add  
the threads you want

to it fairly easily...

MAIL->Preferences, then go to the "Rules" tab.

Owen

On Nov 18, 2009, at 11:13 AM, Matthew Dodd wrote:

I think he meant being able to easily delete an entire thread of  
emails, like you might be able to if you were using Gmail. Sadly I  
don't know of any feature that does this in Mail.app, but you can  
always make a Smart Mailbox with the rule Any Recipient : Contains :  
"na...@merit.edu" and delete things within that mailbox.


Best,

-Matt Dodd

On Nov 18, 2009, at 2:01 PM, Chris Meidinger wrote:


Command+0 for the activity viewer - then click on the stop sign

Sent from my iPhone. Please execute spelling errors.

On 18.11.2009, at 17:43, Steven Bellovin  wrote:

Does anyone know an easy way to do "kill thread" in MacOS's  
Mail.App?  It's getting increasingly hard to read the NANOG list  
on my Mac without such a capability.  (Yes, the question is  
serious on its own, apart from any other meanings you may choose  
to read into it.)

Mail.app threading (was Re: Policy News)

[Dobbins, Roland]

On Nov 19, 2009, at 2:13 AM, Matthew Dodd wrote:

> Sadly I don't know of any feature that does this in Mail.app, b

If you set the Mail.app GUI to use 'threaded view', it's easy to zap a whole 
thread.

---
Roland Dobbins  // 

Injustice is relatively easy to bear; what stings is justice.

-- H.L. Mencken

Re: Policy News

[Charles Wyble]

View -> Organize by thread.

Then just hit the little circle, which selects all messages. Then  
delete.



On Nov 18, 2009, at 11:13 AM, Matthew Dodd wrote:

I think he meant being able to easily delete an entire thread of  
emails, like you might be able to if you were using Gmail. Sadly I  
don't know of any feature that does this in Mail.app, but you can  
always make a Smart Mailbox with the rule Any Recipient : Contains :  
"na...@merit.edu" and delete things within that mailbox.


Best,

-Matt Dodd

On Nov 18, 2009, at 2:01 PM, Chris Meidinger wrote:


Command+0 for the activity viewer - then click on the stop sign

Sent from my iPhone. Please execute spelling errors.

On 18.11.2009, at 17:43, Steven Bellovin  wrote:

Does anyone know an easy way to do "kill thread" in MacOS's  
Mail.App?  It's getting increasingly hard to read the NANOG list  
on my Mac without such a capability.  (Yes, the question is  
serious on its own, apart from any other meanings you may choose  
to read into it.)

Re: Policy News

[Steven Bellovin]

On Nov 18, 2009, at 2:13 PM, Matthew Dodd wrote:

> I think he meant being able to easily delete an entire thread of emails, like 
> you might be able to if you were using Gmail.

Yup, precisely.

> Sadly I don't know of any feature that does this in Mail.app, but you can 
> always make a Smart Mailbox with the rule Any Recipient : Contains : 
> "na...@merit.edu" and delete things within that mailbox.


Or a rule to at least mark the messages as read.  I can do that -- I do do 
that, for threads that have gotten too annoying for too long, but it takes many 
mouse clicks to add each new offending subject line.

--Steve Bellovin, http://www.cs.columbia.edu/~smb

Re: Policy News

[Henry Linneweh]

Well, I was reading this https://mozillalabs.com/raindrop  and it could have 
the potential
to solve these problems for non gmail users and policy issues surrounding email 
itself.
This is not intended to rain on anyones parade.

-henry





From: Matthew Dodd 
To: Chris Meidinger 
Cc: Nanog 
Sent: Wed, November 18, 2009 11:13:27 AM
Subject: Re: Policy News

I think he meant being able to easily delete an entire thread of emails, like 
you might be able to if you were using Gmail. Sadly I don't know of any feature 
that does this in Mail.app, but you can always make a Smart Mailbox with the 
rule Any Recipient : Contains : "na...@merit.edu" and delete things within that 
mailbox.

Best,

-Matt Dodd

On Nov 18, 2009, at 2:01 PM, Chris Meidinger wrote:

> Command+0 for the activity viewer - then click on the stop sign
> 
> Sent from my iPhone. Please execute spelling errors.
> 
> On 18.11.2009, at 17:43, Steven Bellovin  wrote:
> 
>> Does anyone know an easy way to do "kill thread" in MacOS's Mail.App?  It's 
>> getting increasingly hard to read the NANOG list on my Mac without such a 
>> capability.  (Yes, the question is serious on its own, apart from any other 
>> meanings you may choose to read into it.)
>

Re: Policy News

[Matthew Dodd]

I think he meant being able to easily delete an entire thread of emails, like 
you might be able to if you were using Gmail. Sadly I don't know of any feature 
that does this in Mail.app, but you can always make a Smart Mailbox with the 
rule Any Recipient : Contains : "na...@merit.edu" and delete things within that 
mailbox.

Best,

-Matt Dodd

On Nov 18, 2009, at 2:01 PM, Chris Meidinger wrote:

> Command+0 for the activity viewer - then click on the stop sign
> 
> Sent from my iPhone. Please execute spelling errors.
> 
> On 18.11.2009, at 17:43, Steven Bellovin  wrote:
> 
>> Does anyone know an easy way to do "kill thread" in MacOS's Mail.App?  It's 
>> getting increasingly hard to read the NANOG list on my Mac without such a 
>> capability.  (Yes, the question is serious on its own, apart from any other 
>> meanings you may choose to read into it.)
> 

Re: Policy News

[Chris Meidinger]

Command+0 for the activity viewer - then click on the stop sign

Sent from my iPhone. Please execute spelling errors.

On 18.11.2009, at 17:43, Steven Bellovin  wrote:

Does anyone know an easy way to do "kill thread" in MacOS's  
Mail.App?  It's getting increasingly hard to read the NANOG list on  
my Mac without such a capability.  (Yes, the question is serious on  
its own, apart from any other meanings you may choose to read into  
it.)

Re: Announcement: Critical Internet Infrastructure WG is now open to public participation

[Youssef Ghorbal]

Off topic, but are you serious about the "Admin Interface" Link
(http://www.isotf.org/?page_value=13223) or is it just a joke ?


On Wed, Nov 18, 2009 at 6:29 PM, Gadi Evron  wrote:
> Simon Lockhart wrote:
>>
>> On Wed Nov 18, 2009 at 07:08:31PM +0200, Gadi Evron wrote:
>>>
>>> ISOTF Critical Internet Infrastructure WG is now open to public
>>> participation.
>>
>> Sorry, who is ISOTF?
>>
>> I tried looking on the website, but the "About ISOTF" page is blank...
>>
>>        http://www.isotf.org/?page_value=0
>
> It's the blanket name we use to host meetings, publish papers, or give a
> home on the web for task forces of volunteers for global incident response
> and similar matters.
>
> We don't like the idea of formalizing it, and thus not much data is
> available on the official web page. Perhaps that needs to be fixed.
>
> Thanks for bringing it to our attention.
>
>        Gadi.
>
>
>>
>> Simon
>>
>
>
> --
> Gadi Evron,
> g...@linuxbox.org.
>
> Blog: http://gevron.livejournal.com/
>
>

Re: Announcement: Critical Internet Infrastructure WG is now open to public participation

[Gadi Evron]

Simon Lockhart wrote:

On Wed Nov 18, 2009 at 07:08:31PM +0200, Gadi Evron wrote:

ISOTF Critical Internet Infrastructure WG is now open to public
participation.


Sorry, who is ISOTF?

I tried looking on the website, but the "About ISOTF" page is blank...

http://www.isotf.org/?page_value=0


It's the blanket name we use to host meetings, publish papers, or give a 
home on the web for task forces of volunteers for global incident 
response and similar matters.


We don't like the idea of formalizing it, and thus not much data is 
available on the official web page. Perhaps that needs to be fixed.


Thanks for bringing it to our attention.

Gadi.




Simon




--
Gadi Evron,
g...@linuxbox.org.

Blog: http://gevron.livejournal.com/

Re: Announcement: Critical Internet Infrastructure WG is now open to public participation

[Simon Lockhart]

On Wed Nov 18, 2009 at 07:08:31PM +0200, Gadi Evron wrote:
> ISOTF Critical Internet Infrastructure WG is now open to public
> participation.

Sorry, who is ISOTF?

I tried looking on the website, but the "About ISOTF" page is blank...

http://www.isotf.org/?page_value=0

Simon

Announcement: Critical Internet Infrastructure WG is now open to public participation

[Gadi Evron]

ISOTF Critical Internet Infrastructure WG is now open to public
participation.

The group holds top experts on internet technology, critical
infrastructure, and internet governance, from around the globe.

Together, we discuss definitions, problems, challenges and solutions in
securing and assuring the reliability of the global internet
infrastructure, which is critical infrastructure for a growing number of
nations, corporations and indeed, individuals -- world wide.

The group started as a closed and private forum, to discuss technical
and operational risks, as other venues limited discussion of critical
internet resources to politically charged subjects such ascontrol of
ICANN and ARIN, thus overshadowing other important aspects.

As of November 18th 2009, the list is open for public access, to advance
public awareness of the issues, and bring new talent on board.

The group is hosted by the ISOTF, but is governed by members.

Note: SCADA, network operations, and other related issues should be
discussed in the appropriate forums, elsewhere. This group deals with
the internet.

To subscribe:
http://isotf.org/mailman/listinfo/cii

Gadi Evron for ISOTF-CII-WG.

Re: Policy News

[Steven Bellovin]

Does anyone know an easy way to do "kill thread" in MacOS's Mail.App?  It's 
getting increasingly hard to read the NANOG list on my Mac without such a 
capability.  (Yes, the question is serious on its own, apart from any other 
meanings you may choose to read into it.)

[mild flamage] Re: Policy News

[Mike]

Jared Mauch wrote:
How about just mandating that it's illegal to build anything but fiber/gpon for services. 
I would expand on this and say we should make it illegal for any telecom 
carrier to refuse to put their assets into service wherever they may be, 
and going forward we should force conditions on all telecom carriers to 
sell to all at any technical feasible point to all comers, and further 
to require planned points of interconnection for competitors and rules 
about how much overbuild is required (minimum fiber counts that should 
be reserved for 'the public interest') and so forth. We saw how the 
telecoms gamed the 96 telecom act, so now we know and we can do better 
and design in indefeasble rules that take away the game playing and 
replace it with service that actually gets to people who need it.


I happen to be an operator in a rural area and the realities are that 
prices are waaa high (over $100/mbps), where you can get any sort of 
bigname telco service at all. At the same time however, there is plenty 
of fiber in the ground, on the poles and passing thru regeneration huts 
all thru the area that is doing absolutely no good for the local 
populations. There are plenty of already existing possible points of 
interconnection, but there's no requirement that they be forced to sell 
to you at these points. An example in my area is Level3 communications, 
who has an international fiber route running thru my county and 2 
regeneration huts and at least one of these confirmed as having all 
necessary gear to sell ethernet/tdm handoff services. I have a 
competitor who was able to get into this one before l3 bought it (former 
Wiltel sites) and enjoys $20/mbps but since then although there's been 
plenty of discussion the bottom line is l3 simply isn't _interested_ in 
selling _us_ service, leaving us (and our county) at the mercy of att 
for all connectivity, making att a single point of failure, empowering 
att to charge outlandish prices for connectivity services since 
everything has to go at least 100 miles away (triggering those 'loop 
charges' we're all so fond of, since they won't dare put in opteman or 
other advanced distance insensitive options, oh heavens no you need 
those old expensive copper tdm services and anything you want to connect 
to is gonna be a long, long ways away)


What really burns me up is that L3 had the odacity to apply for federal 
BTOP dollars for creating exactly the problem they are proposing to 
resolve. Gee what an original idea - get federal grant money to sell a 
service that we're already sellling at a zero cost!


Ok Im don't spewing now, thanks for letting me vent.

Re: Policy News

[Justin M. Streiner]

On Wed, 18 Nov 2009, Bret Clark wrote:


Yeah...because when the economy is sucking wind why not raise fees to
the consumer?!?!


And one of the points of my original response was that consumers in large 
part have not received any additional value out of the fees they've paying 
(directly or indirectly) for the past several years.  Throwing yet more 
cash into the hog trough doesn't make much sense.



Want to get broadband out to people, then deal with duopolies that many
of the regions in the country have...such as Verizon & Comcast! They are
the main barriers that cause grief in deployment, giving a chance there
are any number of small businesses that could respond to a broadband
deployment faster, quicker and cheaper! Talk with any CLEC and they have
countless stories regarding the horrors of dealing with an ILEC.


Having worked much more closely with many ILECs in a previous life than I 
do now, I have plenty of horror stories of my own.


jms

Re: Layer 2 vs. Layer 3 to TOR

[Chuck Anderson]

On Wed, Nov 18, 2009 at 04:34:11PM +0200, Eugeniu Patrascu wrote:
> On Wed, Nov 18, 2009 at 4:04 PM, Kinkie  wrote:
> > On Thu, Nov 12, 2009 at 9:40 PM, Bulger, Tim  wrote:
> >> If you use stackable switches, you can stack across cabinets (up to 3 with 
> >> 1 meter Cisco 3750 Stackwise), and uplink on the ends.  It's a pretty 
> >> solid layout if you plan your port needs properly based on NIC density and 
> >> cabinet size, plus you can cable cleanly to an adjacent cabinet's switch 
> >> if necessary.
> >
> >
> >
> > Juniper claims their switches can do clustering using ethernet
> > cabling, yet a cluster behaves as a single-system-image
> > configuration-wise. Should allow for very flexible cabling and
> > operations-wise for TOR switches. I have never tried it however.
> >
> 
> The Ex4200 can be stacked by the ethernet expansion ports, either 4 x
> 1G or 2 x 10G.
> And yes, it behaves as single switch with multiple line cards.

Yes, up to 10 EX4200 switches can be interconnected into a "Virtual 
Chassis" using either the rear Virtual Chassis Ports (32 Gbps ingress 
+ 32 Gbps egress for each of the 2 ports) with up to 5-meter VCP 
cables, or using SFP, XFP or SFP+ fiber links (not sure if it works 
with copper SFP, but might).  You can mix/match each type of 
interconnection within the same VC.

Re: Policy News

[Bret Clark]

Yeah...because when the economy is sucking wind why not raise fees to
the consumer?!?!

Want to get broadband out to people, then deal with duopolies that many
of the regions in the country have...such as Verizon & Comcast! They are
the main barriers that cause grief in deployment, giving a chance there
are any number of small businesses that could respond to a broadband
deployment faster, quicker and cheaper! Talk with any CLEC and they have
countless stories regarding the horrors of dealing with an ILEC. 

Bret

On Wed, 2009-11-18 at 10:00 -0500, Justin M. Streiner wrote:

> 
> > The Federal Communications Commission Wednesday will lay out the
> case for
> > expanding broadband Internet service, outlining current obstacles to
> making
> > it widely available. The agency is considering whether to force
> Internet
> > providers to share their networks with rivals and raise fees charged
> on
> > consumer phone bills to pay for the broader access."

Re: Policy News

[Jerry Dixon]

While we're at it why not charge taxes for having security bolted on
tooI'm waiting for my Internet EZ-Pass to come in the mail to mount on
my cable modem :-O

I'm wondering where they come up with these schemes...I didn't see any
mention of tax breaks to encourage the roll out.  Just more charges.

Jerry

On Wed, Nov 18, 2009 at 9:50 AM, Jared Mauch  wrote:

> How about just mandating that it's illegal to build anything but fiber/gpon
> for services.  If something fails, it needs to be replaced with modern
> technology.
>
> I know here they replaced copper cable in the middle of the winter last
> year, it would have made more sense to just use the conduit they were
> replacing and put fiber in.
>
> But the fiber union guys != copper union guys so that is harder to do.
>
> Oh well, stuck in the 70's with my ISDN.
>
>- Jared
>
> On Nov 18, 2009, at 9:39 AM, Jerry Dixon wrote:
>
> > If you can make it they can tax it :/
> >
> > Article in today's Wall Street Journal:
> >
> > "WASHINGTON -- Federal regulators are considering whether the government
> > should take greater control of the Internet and ask consumers to pay
> higher
> > phone charges in order to provide all Americans with cheaper access to
> > broadband Internet service.
> >
> > The Federal Communications Commission Wednesday will lay out the case for
> > expanding broadband Internet service, outlining current obstacles to
> making
> > it widely available. The agency is considering whether to force Internet
> > providers to share their networks with rivals and raise fees charged on
> > consumer phone bills to pay for the broader access."
> >
> > Schatz, A. *Feds mull rules, fees to spur net access - WSJ.com.*
> Retrieved
> > 11/18/2009, 2009, from
> > http://online.wsj.com/article/SB125850641299752981.html
> >
> > -Jerry
> > --
> > je...@jdixon.com
>
>


-- 
je...@jdixon.com
(443) 295-3779

Re: Policy News

[Justin M. Streiner]

On Wed, 18 Nov 2009, Jerry Dixon wrote:


The Federal Communications Commission Wednesday will lay out the case for
expanding broadband Internet service, outlining current obstacles to making
it widely available. The agency is considering whether to force Internet
providers to share their networks with rivals and raise fees charged on
consumer phone bills to pay for the broader access."


The telcos are asking for more taxpayer-funded goodie--er... incentives 
to expand broadband coverage.  Given that the incentives (entry into 
additional markets, additional fees tacked onto customer bills, 
reduction/elimination of various other regulatory hurdles, etc) that have 
been handed to them over the past 10+ years have largely failed to 
produce that expanded coverage and improved service, doing more of the 
same is pretty much throwing good money after bad.


jms

Re: Policy News

[Jared Mauch]

How about just mandating that it's illegal to build anything but fiber/gpon for 
services.  If something fails, it needs to be replaced with modern technology.

I know here they replaced copper cable in the middle of the winter last year, 
it would have made more sense to just use the conduit they were replacing and 
put fiber in.

But the fiber union guys != copper union guys so that is harder to do.

Oh well, stuck in the 70's with my ISDN.

- Jared

On Nov 18, 2009, at 9:39 AM, Jerry Dixon wrote:

> If you can make it they can tax it :/
> 
> Article in today's Wall Street Journal:
> 
> "WASHINGTON -- Federal regulators are considering whether the government
> should take greater control of the Internet and ask consumers to pay higher
> phone charges in order to provide all Americans with cheaper access to
> broadband Internet service.
> 
> The Federal Communications Commission Wednesday will lay out the case for
> expanding broadband Internet service, outlining current obstacles to making
> it widely available. The agency is considering whether to force Internet
> providers to share their networks with rivals and raise fees charged on
> consumer phone bills to pay for the broader access."
> 
> Schatz, A. *Feds mull rules, fees to spur net access - WSJ.com.* Retrieved
> 11/18/2009, 2009, from
> http://online.wsj.com/article/SB125850641299752981.html
> 
> -Jerry
> -- 
> je...@jdixon.com

Policy News

[Jerry Dixon]

If you can make it they can tax it :/

Article in today's Wall Street Journal:

"WASHINGTON -- Federal regulators are considering whether the government
should take greater control of the Internet and ask consumers to pay higher
phone charges in order to provide all Americans with cheaper access to
broadband Internet service.

The Federal Communications Commission Wednesday will lay out the case for
expanding broadband Internet service, outlining current obstacles to making
it widely available. The agency is considering whether to force Internet
providers to share their networks with rivals and raise fees charged on
consumer phone bills to pay for the broader access."

Schatz, A. *Feds mull rules, fees to spur net access - WSJ.com.* Retrieved
11/18/2009, 2009, from
http://online.wsj.com/article/SB125850641299752981.html

-Jerry
-- 
je...@jdixon.com

Re: Layer 2 vs. Layer 3 to TOR

[Eugeniu Patrascu]

On Wed, Nov 18, 2009 at 4:04 PM, Kinkie  wrote:
> On Thu, Nov 12, 2009 at 9:40 PM, Bulger, Tim  wrote:
>> If you use stackable switches, you can stack across cabinets (up to 3 with 1 
>> meter Cisco 3750 Stackwise), and uplink on the ends.  It's a pretty solid 
>> layout if you plan your port needs properly based on NIC density and cabinet 
>> size, plus you can cable cleanly to an adjacent cabinet's switch if 
>> necessary.
>
>
>
> Juniper claims their switches can do clustering using ethernet
> cabling, yet a cluster behaves as a single-system-image
> configuration-wise. Should allow for very flexible cabling and
> operations-wise for TOR switches. I have never tried it however.
>

The Ex4200 can be stacked by the ethernet expansion ports, either 4 x
1G or 2 x 10G.
And yes, it behaves as single switch with multiple line cards.

Re: Layer 2 vs. Layer 3 to TOR

[Kinkie]

On Thu, Nov 12, 2009 at 9:40 PM, Bulger, Tim  wrote:
> If you use stackable switches, you can stack across cabinets (up to 3 with 1 
> meter Cisco 3750 Stackwise), and uplink on the ends.  It's a pretty solid 
> layout if you plan your port needs properly based on NIC density and cabinet 
> size, plus you can cable cleanly to an adjacent cabinet's switch if necessary.



Juniper claims their switches can do clustering using ethernet
cabling, yet a cluster behaves as a single-system-image
configuration-wise. Should allow for very flexible cabling and
operations-wise for TOR switches. I have never tried it however.

  /Kinkie

Re: Juniper M120 Alternatives

[Paul Cosgrove]

On Tue, Nov 17, 2009 at 5:32 PM, Richard A Steenbergen wrote:

> On Tue, Nov 17, 2009 at 09:24:24AM -0600, Jack Bates wrote:
> > Richard A Steenbergen wrote:
> > >They've definitely been improving it over the years though, so much that
> > >I almost never trigger a session reset on me unintentionally any more.
> >
> > They must have. This was new to me and came as a shock. I don't think
> > I've ever seen my m120 behave any different than my cisco when it comes
> > to flapping BGP. Things have just worked as I expected them to. Not that
> > I go screwing with underlying interface configs or changing a peer from
> > one group to another or changing the asn; at least not on a live
> > session. These things would seem to indicate that the session might be
> > subject to reset.
> >
> > Perhaps it just behaves for normal users and not power users. :)
>
> But those things won't trigger session resets on Cisco, so it often comes
> as a shock. Also, one might very well expect that changing the peer-as on
> a neighbor is going to cause a reset, but if you didn't know from
> experience you might not expect that renaming a group or changing an
> underlying interface MTU would do it too.
>
> The issue is that there is a fundamental design difference between Cisco
> and Juniper. Cisco lets you configure anything you want in a line by line
> basis, but it doesn't immediately apply those changes until you command
> it to do so. Juniper's philosophy is that you make a bunch of changes to
> a candiate configuration, "commit" to apply those changes, and then you
> can expect those changes to take effect (or at least begin trying to take
> effect) immediately.
>
> Personally I think the Juniper design philosophy is "better". Besides the
> obvious stuff like being able to rollback your config, think about how
> non-deterministic it is when you update a route-map but forget to soft
> clear the BGP session. The routes that have been exchanged so far will
> retain their old policy, while any new updates you receive after the
> route-map change will receive the new policy, leaving the session in an
> inconsistent state that will slowly and unpredictably change over time as
> routing updates come in. The trade-off is that you lose the ability to do
> non-impacting changes, where you make a change but know that it hasn't
> actually taken effect yet, and won't until the next time the session
> bounces. What Juniper is trying to do really is a good thing, I just wish
> it could tell me before I commit what is and isn't going to flap. :)
>
>
>
The design differences you describe there relate more to traditional IOS vs
JUNOS, rather than IOS XR vs JUNOS.  IOS XR uses candidate configurations,
commit, rollback etc.

Paul.