Re: CPE Ethernet switch suggestions
On Thu, 01 Apr 2010 11:04:25 -0400 ML m...@kenweb.org wrote: Lately I've been delivering triple play services over a single CAT5 drop from a IDF to customers. We have been using small SOHO switches but they've been turning into a bit of a hassle since we have to stage each switch before deployment. I want remove the initial staging step by allowing the installer to just plug the switch in and have the switch grab a config from a TFTP server noted by a DHCP option. Features that I would absolutely need for the switch to be viable: IGMP Snooping Dot1q VLAN tagging Preferably 8-ports A decent set of rate limiting options (5/10/20Mbps) Extra bonus if it can also be PoE powered Does anyone on list know of such a dream CPE device? ES 2108G goes close to your requirements. Don't have a wall wart because PS is built in, come with rack mount wings out of the box, have 64 bit interface traffic counters, rate limiting is in 64Kbps increments, Cisco link CLI, serial console as well as managment via HTTPs and CLI over SSH, 802.1X, port bonding/etherchannel, and are both cheap and reliable. Not sure about TFTP config support though. http://www.zyxel.com/web/product_category.php?PC1indexflag=20040520161143display=6857
Re: What is The Internet TCP/IP or UNIX-to-UNIX ?
i remember implementing quasi-QoS on uucp. after having our modem pool hogged too many times by a select few users, i put a script into our mail system. if the script determined an email was X bytes (100k?), the message body was rewritten with: Contents removed at LSUC, email is not a file transport protocol. and the mail was left to continue on its path. i kinda feel like adding the same script back into my servers. 8^) -- Jim Mercerj...@reptiles.org+92 336 520-4504 I'm Prime Minister of Canada, I live here and I'm going to take a leak. - Lester Pearson in 1967, during a meeting between himself and President Lyndon Johnson, whose Secret Service detail had taken over Pearson's cottage retreat. At one point, a Johnson guard asked Pearson, Who are you and where are you going?
Re: legacy /8
Do like the Chinese if you want a feature put out a billion dollar tender with the feature mandatory and they will rush to do it Toute connaissance est une réponse à une question On 5/04/2010, at 14:48, Christopher Morrow morrowc.li...@gmail.com wrote: On Sun, Apr 4, 2010 at 7:41 PM, joel jaeggli joe...@bogus.com wrote: On 4/4/2010 5:10 PM, Christopher Morrow wrote: On Sun, Apr 4, 2010 at 4:32 PM, joel jaegglijoe...@bogus.com wrote: Last time I checked, some of the state of the art 2004 era silicon I had laying around could forward v6 just fine in hardware. It's not so usefyl due to it's fib being a bit undersized for 330k routes plus v6, but hey, six years is long time. cough4948/cough (not 6yrs old, but... still forwards v6 in the slow-path, weee!) Yes it does. and the slow path is sloow on the that switch. but switches and routers did and do come in colors other than blue. but, but, but.. then it won't match! and seriously, I can't have another run in with the fashion police. In actual seriousness, my point is that plenty of this sort of gear is in the network, and will be for a time. It's sort of inexcusable that vendors put out gear 5 years ago that didn't do v6 in the fast path... oh well. -chris
Re: What is The Internet TCP/IP or UNIX-to-UNIX ?
It wasn't Moscow State U. It was privately-owned network (called RELCOM) from the day one (which was in 1990, not 1987... in 1987 connecting a dial-up modem to phone network was still illegal in the USSR), built by DEMOS co-op (that company is still alive, by the way). Moscow State U was one of the first customers (the guy responsible for connecting MSU later founded Stalker Inc. which makes hi-perf e-mail servers). It was UUCP-based initially, though I decided to avoid pathalias (it being a horrible kludge) and wrote UUCP message router which translated domain hostnames into UUCP next-hops - this is why email to .SU never used bang paths. The ability to build dirt-cheap networks over crappy phone lines and using some no-name PCs as message and packet routers was noticed, see for example: Developing Networks in Less Industrialized Nations by Larry Press (EEE Computer, vol 28, No 6, June, 1995, pp 66-71) http://som.csudh.edu/cis/lpress/ieee.htm --vadim On Sun, 4 Apr 2010, Barry Shein wrote: I remember around 1987 when Helsinki (Univ I believe) hooked up Talinn, Estonia via uucp (including usenet), who then hooked up MSU (Moscow State Univ) and the traffic began flowing. You could just about see the wide-eyed disbelief by some as they saw for example alt.politics, you people just say almost *anything!*, with your real name and location attached, and NOTHING HAPPENS??? I still believe that had as much to do with the collapse of the Soviet Union as the million other politicians who wish to take credit. It's arguable that UUCP (and Usenet, email, etc that it carried) was one of the most powerful forces for change in modern history. All you needed was some freely available software, a very modest computer, a modem, a phone line, and like so many things in life, a friend. And then once you got it, you looked towards connecting to the real internet, you knew just what you were after.
Re: Auto MDI/MDI-X + conference rooms + bored == loop
On Mar 26, 2010, at 9:24 PM, Mark Foster blak...@blakjak.net wrote: or reboot is problematic in many cases. Many systems drop link- state during reboot for a long-enough period that the bridge-port restarts its spanning tree process, making results across reboots consistently bad. Interesting; Windows tends to bring link up well-prior to the login dialogue and ive never seen a dhcp lease fail such that the user has had no lease by the time they try to login... Easy to make happen with 802.1X, default IOS timers and an unconfigured supplicant
Re: legacy /8
On 2010.04.02 19:29, John Palmer (NANOG Acct) wrote: - Original Message - From: Majdi S. Abbas m...@latt.net To: John Palmer (NANOG Acct) nan...@adns.net Cc: NANOG list nanog@nanog.org Sent: Friday, April 02, 2010 5:52 PM Subject: Re: legacy /8 On Fri, Apr 02, 2010 at 05:48:44PM -0500, John Palmer (NANOG Acct) wrote: On the topic of IP4 exhaustion: 1/8, 2/8 and 5/8 have all been assigned in the last 3 months yet I don't see them being allocated out to customers (users) yet. Is this perhaps a bit of hoarding in advance of the complete depletion of /8's? Doubt it. 1/8 is still being evaluated to determine just how usable portions of it are, thanks to silly people of the world that decided 1.1.1.x and the like were 1918 space. As for the others, the RIR requests it when they are running low, but certainly not exhausted, and as slow as people are to update their bogon filters, it sounds like general good practice not to assign out of a new /8 until pre-existing resources are exhausted. Was looking for the allocated file on the ARIN website, but can't remember where it is. They used to have a file with one line per allocation that started like this arin|US|ipv4. Is that still public somewhere? If you are looking for what blocks have been allocated to ARIN by IANA, the file is maintained on the IANA site: http://www.iana.org/assignments/ipv4-address-space/ If you're referring to the IP space ARIN has issued out, I don't know if there is a single authoritative text list (at least I couldn't find one quickly). There is a mailing list maintained by ARIN that tracks daily issued blocks, but it appears to have archives going back only to late 2k8: http://lists.arin.net/mailman/listinfo/arin-issued Steve
Re: NANOG Digest, Vol 27, Issue 25
nanog-requ...@nanog.org nanog-requ...@nanog.org wrote: Send NANOG mailing list submissions to nanog@nanog.org To subscribe or unsubscribe via the World Wide Web, visit https://mailman.nanog.org/mailman/listinfo/nanog or, via email, send a message with subject or body 'help' to nanog-requ...@nanog.org You can reach the person managing the list at nanog-ow...@nanog.org When replying, please edit your Subject line so it is more specific than Re: Contents of NANOG digest... Today's Topics: 1. RE: legacy /8 (George Bonser) 2. Re: legacy /8 (Randy Bush) 3. RE: legacy /8 (Frank Bulk) 4. RE: legacy /8 (Frank Bulk) 5. Re: legacy /8 (David Conrad) 6. Re: legacy /8 (Zaid Ali) 7. Re: legacy /8 (Mark Smith) 8. Fw: legacy /8 (Mark Smith) -- Message: 1 Date: Sat, 3 Apr 2010 12:09:51 -0700 From: George Bonser gbon...@seven.com Subject: RE: legacy /8 To: ma...@isc.org Cc: nanog@nanog.org Message-ID: 5a6d953473350c4b9995546afe9939ee08fe6...@rwc-ex1.corp.seven.com Content-Type: text/plain; charset=us-ascii -Original Message- From: ma...@isc.org [mailto:ma...@isc.org] Sent: Saturday, April 03, 2010 11:42 AM To: George Bonser Cc: Larry Sheldon; nanog@nanog.org Subject: Re: legacy /8 And we would have still had the same problem of intercommunicating. We know how to talk from IPv6 to IPv4 and get the reply traffic back. The hard part is how to initiate connection from IPv4 to IPv6. The same problem would exist in your just expand the address bits world. Mark Actually, Mark, I hadn't said just expand the address, I said to tunnel v4 in v4 which we already know how to do and most routers are already capable of doing. But yes, in the case of legacy devices that don't speak the new protocol, some sort of state for the flow would have to be maintained in that unit's first hop (or close to first hop) gateway. Simply increasing the address header on v4 to 128 bits would have fixed this problem years ago and got rid of such problems as NAT and we wouldn't be having this issue (and it would have been completely backwards compatible as 0s would be inserted into the new expanded address bits to put the legacy space in a special address range. I wouldn't expect to work out all the details over email on a weekend but I don't think it would take 10 years, either. The fundamental issue to me is that v6 solves a lot of problems that aren't really problems for most people and to get the fix that solves the problem you do have, you must accept a bunch of additional fixes for problems you don't have that makes the whole thing some big unwieldy contraption. That having been said, once the world has migrated to v6, we should have an easier go of it in the future as v6 is more easily extensible. But in the meantime, we are stuck with both protocols for probably the next 20 years or so as there are going to be places that are going to run v4 internally even if they communicate v6 externally. So ... we are going to mandate that everyone use this new and better car but it will take different fuel, use different tires, won't fit in your garage and oh, it is incompatible with all existing roads unless you load it up on one of the old style vehicles piggy-back, but new roads are being built (here's a picture of one) and might someday be available where you live. And two years from now there will be none of the old cars left. But my daughter will need a car in three years and there are no such roads here. Oh well! The new way is much better, it is for your own good, you will see. Trust me. -- Message: 2 Date: Sun, 04 Apr 2010 05:36:26 +0900 From: Randy Bush ra...@psg.com Subject: Re: legacy /8 To: George Bonser gbon...@seven.com Cc: North American Network Operators Group nanog@nanog.org Message-ID: m2hbnsjmt1.wl%ra...@psg.com Content-Type: text/plain; charset=US-ASCII No. But that isn't the point. The point is that v6 was a bad solution to the problem. Rather than simply address the address depletion problem, it also solves a lot of problems that nobody has while creating a whole bunch more that we will have. it's known as second system syndrome. and you neglect to add that ipv6 did not deal with the routing problems, which are rather intimately connected with addressing in both the ipv4 and the ipv6 models. randy -- Message: 3 Date: Sat, 3 Apr 2010 16:22:12 -0500 From: Frank Bulk frnk...@iname.com Subject: RE: legacy /8 To: nanog@nanog.org Message-ID: !!AAAuAKTyXRN5/+lgvu59a+p7cfmban6gy+zg84bmpvqcabdh1iqtbsgaabba3wzhejvir45rbqpho5y5aqaaa...@iname.com Content-Type: text/plain; charset=iso-8859-1 If every significant router on the market supported IPv6 five years ago, why aren't transit links glowing with IPv6 connectivity? If it's not the hardware, than
Re: CPE Ethernet switch suggestions
Although also being a small SOHO switch, may be Netgear GS-108T can suit your needs. I want remove the initial staging step by allowing the installer to just plug the switch in and have the switch grab a config from a TFTP server noted by a DHCP option. Not quite, it can download config from TFTP but only thru the web interface. No CLI. One thought: writing a script that the DHCP server would run to log into a switch and grab a config. IGMP Snooping Dot1q VLAN tagging Preferably 8-ports Check check check. A decent set of rate limiting options (5/10/20Mbps) Humm... it has 4, 10 and 20 Mbps. In the future you can also have 40M/60M/100M/200M/400M/1000M. Extra bonus if it can also be PoE powered Not from factory, but you might build a PoE power adapter to replace the wall adapter it comes with. The annoying thing about it's the factory default button which users love to press when there is an outage to see if it works again. Cover it before sending such a unit to field. Rubens
Re: What is The Internet TCP/IP or UNIX-to-UNIX ?
Jim Mercer j...@reptiles.org wrote: if the script determined an email was X bytes (100k?), the message body was rewritten with: Contents removed at LSUC, email is not a file transport protocol. and the mail was left to continue on its path. i kinda feel like adding the same script back into my servers. I have my Sendmail configured to cut off anything past 256 KB in the collect phase. At first I had it configured to reject the whole message (close the SMTP connection while the junk is still spewing), but people started assuming that my E-mail address was bad instead of realizing that they were sending oversize junk, so I've changed it to cut off and discard the excess fat, but still let the first 256 KB through so I at least see that someone tried to send me something. Files are meant to be FTPed, not E-mailed. If someone is too stupid to use a real command line FTP client to upload a file to my FTP drop box, I make them use www.yousendit.com. MS
Re: What is The Internet TCP/IP or UNIX-to-UNIX ?
On Saturday 03 April 2010 09:38:46 pm IPv3.com wrote: What is The Internet TCP/IP or UNIX-to-UNIX ? 'The Internet' is a collective internetworking of several thousand autonomous systems, using a common protocol, that masquerades as a unified whole. Whether this protocol is 1822, NCP, or IPvX is irrelevant. -- On the UUCP memory lane side of this thread, I had a site in the uucp maps way back when, used smail on a Tandy 6000, then an ATT 3B1, took a stripped-down feed (a full feed at 9600 over InterLATA long distance was brutal, even when a full feed was only 40MB per day), and had both a '.uucp' pseudo-FQDN as well as a bang path from uunet as such. Ran C-News on both the T6K and the 3B1whew, that's a long time ago. My uucp upstream had leased line uucp links to more than one upstream. His upstream links were active pretty much all of the time, and I do for one remember doing multihop bang path uucp using HoneyDanBer on the 3B1 many moons ago. Sort of a poor-man's FTP archive access. He for a while took full feeds on Sun 3 gear, which was an upgrade from the Tandy 6000 that previously had had 9600bps leased line links, and was how I found him in the first place, being a T6K user. Many software archives were available with bang-path uucp; with pathalias and the uucp-maps loaded you could even do, IIRC, uunet-homed bang-path uucp. And when all but your own path were on leased lines, the transfer happened pretty much immediately, at least for small stuff. Then he got leased line SLIP links, and got his own real FQDN. He's still out there, and still offers UNIX shell accessnanook, you listening? There was business in uucp linkage back in the day; uunet made its start that way, remember? As to the sendmail 'hack;' well, uucp was and is just another email transport, like SMTP or Netmail/Echomail, is. Nothing really hackish about it. So, since, through uucp 'proxies' to ftp archives (a uucp to IP gateway of sorts), was I 'on the Internet' or not? Yes and no.but then I got SLIP access, thanks to Karn's KA9Q NOS ported to 3B1, and the rest, as they say, was history. Still have my first editions of 'Managing UUCP and Usenet' and 'Using UUCP and USenet' packed away somewhere
Re: what about 48 bits?
On Mon, Apr 5, 2010 at 12:05 AM, joel jaeggli joe...@bogus.com wrote: On 4/4/2010 7:57 PM, Richard A Steenbergen wrote: On Mon, Apr 05, 2010 at 10:57:46AM +0930, Mark Smith wrote: Has anybody considered lobbying the IEEE to do a point to point version of Ethernet to gets rid of addressing fields? Assuming an average 1024 byte packet size, on a 10Gbps link they're wasting 100+ Mbps. 100GE / 1TE starts to make it even more worth doing. If you're lobbying to have the IEEE do something intelligent to Ethernet why don't you start with a freaking standardization of jumbo frames. The lack of a real standard and any type of negotiation protocol for two devices under different administrative control are all but guaranteeing end to end jumbo frame support will never be practical. Not that I disagree, given that we use them rather a lot but 7.2usec (at 10Gbe) is sort of a long time to wait before a store and forward arch switch gets down to the task of figuring out what to do with the packet. The problem gets worse if mtu sizes bigger than 9k ever become popular, kind of like being stuck behind an elephant while boarding an elevator. I didn't run the numbers, but my guesstimate is that would be roughly half the latency that a max sized standard packet would have taken on a 1Gbe switch. It sound reasonable to me that at some point during the march from 10-100-1000-1 mbit/sec a decision could have been made that one of those upgrades would only decrease max. per hop packet latency by a factor of 2 rather then 10. Particularly since when first introduced, each speed increment was typically used for aggregating a bunch of slower speed links which meant that the actual minimum total latency was already being constrained by the latency on those slower links anyway. OTOH, I totally buy the argument on the difficulty of frame size negotiation and backward compatibility. I think that one of the reasons for the continuing success of Ethernet technologies has been implementation simplicity and 100% compatibility above the level of the NIC. Bill Bogstad
Re: what about 48 bits?
negotiation and backward compatibility. I think that one of the reasons for the continuing success of Ethernet technologies has been implementation simplicity and 100% compatibility above the level of the NIC. I would have attributed the success of Ethernet to price!
Re: What is The Internet TCP/IP or UNIX-to-UNIX ?
On 4/5/2010 10:21, Michael Sokolov wrote: Jim Mercer j...@reptiles.org wrote: if the script determined an email was X bytes (100k?), the message body was rewritten with: Contents removed at LSUC, email is not a file transport protocol. and the mail was left to continue on its path. i kinda feel like adding the same script back into my servers. I have my Sendmail configured to cut off anything past 256 KB in the collect phase. At first I had it configured to reject the whole message (close the SMTP connection while the junk is still spewing), but people started assuming that my E-mail address was bad instead of realizing that they were sending oversize junk, so I've changed it to cut off and discard the excess fat, but still let the first 256 KB through so I at least see that someone tried to send me something. Files are meant to be FTPed, not E-mailed. If someone is too stupid to use a real command line FTP client to upload a file to my FTP drop box, I make them use www.yousendit.com. At Creighton the VP for IT explained to me that the President of the University was too stupid to use FTP. So we had to rebuild the mail system to send his Power Point Presentation the 150 yards to the President's Office. (I don't remember how big it was--a two-hour presentation as I recall.) With CC's to most of the known universe. -- Democracy: Three wolves and a sheep voting on the dinner menu. Requiescas in pace o email Ex turpi causa non oritur actio Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs http://tinyurl.com/7tp8ml
Re: interop show network (was: legacy /8)
On Sun, 4 Apr 2010, Christopher Morrow wrote: also, see previous 12 episodes of this conversation.. 1 /8 == ~3months in ARIN allocation timeframes. Does a trade show really need 16M IPv4 addresses though? How many other /8's were assigned way back when IPv4 was being given out so freely that ARIN would laugh at if that org applied today for that /8? If we could recover them all, how many more years of IPv4 allocations would that buy us? -- Jon Lewis | I route Senior Network Engineer | therefore you are Atlantic Net| _ http://www.lewis.org/~jlewis/pgp for PGP public key_
Re: interop show network (was: legacy /8)
On Mon, Apr 5, 2010 at 11:13 AM, Jon Lewis jle...@lewis.org wrote: If we could recover them all, how many more years of IPv4 allocations would that buy us? Not enough. -- Jon Lewis | I route Senior Network Engineer | therefore you are Atlantic Net| _ http://www.lewis.org/~jlewis/pgphttp://www.lewis.org/%7Ejlewis/pgpfor PGP public key_ -- Brandon Galbraith Voice: 630.492.0464
RE: What is The Internet TCP/IP or UNIX-to-UNIX ?
I think its generally agreed that FTP is used for file transfers, but unfortunately the option exists to attach files within an email thanks in part to MS/AOL/Compuserve and numerous others long ago. I believe its due in part to ease of use for those that aren't technically inclined to know better, and make things easier for them (harder on others). Kind of like cattle, if you leave a hole (or make a hole) in the fence eventually it will be used and the only thing you can do is build a fence outside of the hole to keep the heard from getting to far. -Joe -Original Message- From: Michael Sokolov [mailto:msoko...@ivan.harhan.org] Sent: Monday, April 05, 2010 11:22 AM To: nanog@nanog.org Subject: Re: What is The Internet TCP/IP or UNIX-to-UNIX ? Jim Mercer j...@reptiles.org wrote: if the script determined an email was X bytes (100k?), the message body was rewritten with: Contents removed at LSUC, email is not a file transport protocol. and the mail was left to continue on its path. i kinda feel like adding the same script back into my servers. I have my Sendmail configured to cut off anything past 256 KB in the collect phase. At first I had it configured to reject the whole message (close the SMTP connection while the junk is still spewing), but people started assuming that my E-mail address was bad instead of realizing that they were sending oversize junk, so I've changed it to cut off and discard the excess fat, but still let the first 256 KB through so I at least see that someone tried to send me something. Files are meant to be FTPed, not E-mailed. If someone is too stupid to use a real command line FTP client to upload a file to my FTP drop box, I make them use www.yousendit.com. MS
RE: What is The Internet TCP/IP or UNIX-to-UNIX ? (Jim Mercer)
The ability to build dirt-cheap networks over crappy phone lines and using some no-name PCs as message and packet routers was noticed, see for example: Developing Networks in Less Industrialized Nations by Larry Press Heck, I even wrote my PhD dissertation (http://www.opus1.com/www/jms/diss.html) on it. And among the 848 references, this Antonov character (a...@hq.demos.su) even gets quoted three times (assuming you're not also V.S.Antonov who wrote Interfacing Tasks of Systems SM and ES Computers and Ways of Their Solution in 1983). jms -- Joel M Snyder, 1404 East Lind Road, Tucson, AZ, 85719 Senior Partner, Opus One Phone: +1 520 324 0494 j...@opus1.comhttp://www.opus1.com/jms
Re: what about 48 bits?
On Apr 5, 2010, at 12:09 02PM, Jay Nakamura wrote: negotiation and backward compatibility. I think that one of the reasons for the continuing success of Ethernet technologies has been implementation simplicity and 100% compatibility above the level of the NIC. I would have attributed the success of Ethernet to price! You've got the causality wrong -- it wasn't cheap, way back when. --Steve Bellovin, http://www.cs.columbia.edu/~smb
RE: Wireless bridge
Hi NANOG, I promised to post an update down the line on what happened with my wireless situation. Here it is. I purchased 2x Ubiquity Bullet2's (2.4 GHz) and utilized our existing antennas. It has been working extremely well, pushing a stable 54 Mbps over the link without issue. Signal strength is consistently -40 dBm +/- 2 dBm, from about -80 dBm before! Total cost included 2x Bullets, 2x PoE adaptors, and approx 40 ft of STP cat5: $120. I have yet to see what happens in a big thunderstorm, but I extrapolate that they will be able to handle the EMP without going haywire like before. They have worked very well through conditions that our last setup would not. Thanks again for the input everyone! Peter -Original Message- From: Peter Boone [mailto:na...@aquillar.com] Sent: June-18-09 9:46 PM To: nanog@nanog.org Subject: RE: Wireless bridge OK, from reading all the excellent feedback I've got on and off list I've attempted to compile a quick summary of findings/ideas/products so far. - RouterBoard is no good for this type of application. - Get a unit with radio/antenna integrated, PoE from inside the building (outdoor rated cat5, shielded I assume), lightning suppression for the PoE (properly grounded), and ensure the mast is properly grounded. - Get off the 2.4 GHz range. Move up to 5. As for licensed vs. unlicensed, I'm getting mixed input. I'm fairly certain that if the price is right and the frequency is 5GHz+, it won't be a factor. Also, I'll be very glad to separate the bridge from the client access points so that allows for more options. Every solution at this range can easily do 20+ Mbps so throughput is no longer a factor. - Products that support ARQ are highly recommended. - I'm hearing the same products mentioned over and over: - Motorola - Ubiquiti - Aironet (Cisco) - Aruba A number of individuals recommended products from other brands at low cost that meet these mentioned requirements too. I'm not going to bother with a spectrum analyzer. In the current implementation we tried channels 1, 6 and 11 for a few days at a time and found 1 to be the most reliable. Done. At this point an analyzer will tell me what I already suspect: there's a problem. I've researched the Fresnel zones and calculated out a few things with rough numbers and worst case. For one, the Fresnel zone is disrupted most if the obstruction is closer to the endpoints (e.g. antennas). In this case, this is fine as the antenna are mounted at the outermost corner of the buildings as close as possible to the other buildings, approximately 3 floors in the air. Other buildings become a factor near the middle. Based on channel 1's wavelength of 0.12438 m, and assuming 1 km apart (for simplicity sake. It's actually less), the Fresnel zone is largest in the center at approx 5.6 m radius. That could definitely be obstructed by rooftops, I'll have to take another look though. This radius cuts in half when the frequency is doubled, thus more evidence in favour of the 5 GHz+ range. Cool. Or we could just go with a good line of sight optical solution but they look too expensive, and this area can have very unforgiving fog/wind to disrupt things further. What if we tilt each existing antenna up towards the sky 10-20 degrees? Please correct me if I'm wrong. The current antennas are plates. I'm pretty sure they are polarized. I used to have a product sheet on these but a Google search doesn't turn up any useful results anymore (SmartAnt PCW24-03014-BFL). The way they are mounted to the poles might make it difficult to try rotating them 90 degrees, but worth another look. The coax between the AP and antennas are no longer than 30 feet. I've often wondered if a Pringle or Coffee Cantenna would work better than these! For right now I'll have the coax line and ends inspected for damage/softspots, check the grounding, and cover/re-cover the ends in large amounts of rubber/electric tape. I think we might try the Ubiquiti Bullet2 for approx $100 per side (PoE supply/lightning suppression, wiring included) and see what happens! If that doesn't work, no major loss and we'll move up to something more serious (the PoE and wiring will already be ready to go). I will have to look into pricing on some of these suggestions and figure out if we should even bother getting a Bullet but instead go straight to a better all-in-one solution. Thank you guys very much for the tips. Feel free to keep them coming! Peter
Re: What is The Internet TCP/IP or UNIX-to-UNIX ?
On Apr 4, 2010, at 12:18 PM, Steven Bellovin wrote: On Apr 4, 2010, at 3:08 16PM, Lyndon Nerenberg wrote: File transfer wasn't multihop It was, for at least some versions (V2 and later?), if the intermediate site(s) allowed execution of the uucp command. 25 years on the brain is fuzzy on the details ... You could certainly add uux and uux to the list of legal remote commands, but I confess that my memory is also dim about whether uucp file a!b!c would be translated automatically. It has indeed been a while... IIRC, uucp file a!b!c did not work, only uucp file a!b. Email, OTOH, was roughly translated automatically to uucp {qf,df} b!{qf,df} and the other side knew to unpack qf/df and do the right thing. Owen
Re: Juniper's artificial feature blocking (was legacy /8)
On Apr 4, 2010, at 2:07 PM, James Hess wrote: On Sun, Apr 4, 2010 at 2:33 PM, Michael Sokolov msoko...@ivan.harhan.org wrote: feature blocking seems to negate that. I mean, how could their disabled-until-you-pay blocking of premium features be effective if a user can get to the underlying Unix OS, shell, file system, processes, Probably signed binaries, veriexec with a signature list of allowed executables, proprietary system daemons, hardware drivers, and read-only filesystems. Protections may be in hardware, and you do not have source code. You can in JunOS start shell user root as much as you like and get a root shell on various platforms, but some functions are limited. Most of their license keys are implemented as nag-ware. If you don't mind logs full of Use of this feature requires a license... messages, then, it's between you and your lawyers as long as you don't get caught. Owen
Re: Juniper's artificial feature blocking (was legacy /8)
On Sun, Apr 4, 2010 at 4:33 PM, Michael Sokolov msoko...@ivan.harhan.org wrote: Tore Anderson tore.ander...@redpill-linpro.com wrote: Juniper. If you want to run OSPFv3 on their layer 3 switches, you need a quite expensive advanced licence. OSPFv2, on the other hand, is included in the base licence. Really? My level of respect for Juniper has just dropped a few notches after reading this NANOG post - I didn't know that they were engaged in such DRM-like feature blocking practices. (...) The reason I ask is because I've been considering building my own PIM for their J-series, a PIM that would terminate Nokia/Covad's flavor of SDSL/2B1Q at the physical layer and present an ATM interface to JunOS, optionally supporting NxSDSL bonding with MLPPPoA. I have no love for routers that aren't 100% FOSS, but I couldn't find any other existing router platform which could be extended with 3rd-party physical interface modules, and designing and building my own base router chassis is not a viable option if I want to actually have something built before the Sun swells into a red giant and engulfs the Earth. At least for IPv6 features, that feature gap only happens with Juniper EX. All other Juniper gear has, according to them, IPv6 feature parity within all license levels and packages. Rubens
Re: what about 48 bits?
I would have attributed the success of Ethernet to price! You've got the causality wrong -- it wasn't cheap, way back when. I remember back in '93~94ish (I think) you could get a off brand 10BT card for less than $100, as oppose to Token Ring which was $300~400. I can't remember anything else that was cheaper back then. If you go back before that, I don't know. -Jay
Re: what about 48 bits?
On Mon, 05 Apr 2010 13:29:20 EDT, Jay Nakamura said: I would have attributed the success of Ethernet to price! You've got the causality wrong -- it wasn't cheap, way back when. I remember back in '93~94ish (I think) you could get a off brand 10BT card for less than $100, as oppose to Token Ring which was $300~400. I can't remember anything else that was cheaper back then. If you go back before that, I don't know. Steve is talking mid-80s pricing, not mid-90s. By '93 or so, the fact that Ethernet was becoming ubiquitous had already forced the price down. pgp4RHlf8PxU7.pgp Description: PGP signature
Re: what about 48 bits?
On Apr 5, 2010, at 1:43 52PM, valdis.kletni...@vt.edu wrote: On Mon, 05 Apr 2010 13:29:20 EDT, Jay Nakamura said: I would have attributed the success of Ethernet to price! You've got the causality wrong -- it wasn't cheap, way back when. I remember back in '93~94ish (I think) you could get a off brand 10BT card for less than $100, as oppose to Token Ring which was $300~400. I can't remember anything else that was cheaper back then. If you go back before that, I don't know. Steve is talking mid-80s pricing, not mid-90s. By '93 or so, the fact that Ethernet was becoming ubiquitous had already forced the price down. Yup. 10 years earlier, a 3Com Ethernet card for a Vax cost about $1500, if memory serves. --Steve Bellovin, http://www.cs.columbia.edu/~smb
Re: Wireless bridge
Peter Boone wrote: I purchased 2x Ubiquity Bullet2's (2.4 GHz) and utilized our existing antennas. It has been working extremely well, pushing a stable 54 Mbps over the link without issue. Signal strength is consistently -40 dBm +/- 2 dBm, from about -80 dBm before! Total cost included 2x Bullets, 2x PoE adaptors, and approx 40 ft of STP cat5: $120. I have yet to see what happens in a big thunderstorm, but I extrapolate that they will be able to handle the EMP without going haywire like before. They have worked very well through conditions that our last setup would not. Thanks again for the input everyone! Peter More an FYI as I'm not overly familiar with Ubiquity's, but I believe -40dBm is kind of a hot signal which means they are screaming at each other, are you seeing any physical errors, specifically CRC's?. Won't necessarily affect overall throughput, but -60dBm is the sweet spot...too much of a signal is just as bad as not enough...sort of like that Sienfield episode of the the close talker :). Bret
Re: interop show network (was: legacy /8)
On 5 Apr 2010, at 9:13, Jon Lewis wrote: On Sun, 4 Apr 2010, Christopher Morrow wrote: [...] If we could recover them all, how many more years of IPv4 allocations would that buy us? We allocate RIRs approximately one /8 per month. So you'd have to reclaim 12 /8s to extend the allocation pool by one year. Regards, Leo
Re: what about 48 bits?
On 05/04/2010 18:51, Steven Bellovin wrote: Yup. 10 years earlier, a 3Com Ethernet card for a Vax cost about $1500, if memory serves. To be fair, everything for a vax was somewhat pricey. And slow. On an even more unrelated note, does anyone remember the day that CMU-TEK tcp/ip stopped working some time in the early 1990s? That was a load of fun. Nick
Common statistics from your NOC
Hello, I want to collect experience from the Gurus on this mailer on how they make use of the data they can get from NOC. what i mean by data, trouble tickets opened internally or with vendors. I wonder what would be common or even uncommon type of statistics that a network operator would like to poll from their NOC to help them in: 1) Optimizing and tuning operations 2) Optimizing and tuning engineering Example on point 1: If we were to put all tickets in an excel sheet and take a holistic look at the type of technology or product, we can see that out of 100 incidents, there were 50 cases related to routing protocols, this would yield that either more training is needed for operations team or that the design is flawed. Example on point 2: 20 incidents appeared to be related to new configuration lines that when added, a conflict was seen, so the take away would be that engineering needs a lab. Excuse my poor English, unicast replies are welcomed. Regards, Kim
Re: Wireless bridge
No, you are not pushing a stable '54mbps over the link without issue'. More likely, if you cared to look, you are getting somewhere around 30-35mbps, HALF DUPLEX. The '54mbps' advertised on the shiny sales brochure, is a signaling rate and not a measure of thruput. Mike- Bret Clark wrote: Peter Boone wrote: I purchased 2x Ubiquity Bullet2's (2.4 GHz) and utilized our existing antennas. It has been working extremely well, pushing a stable 54 Mbps over the link without issue. Signal strength is consistently -40 dBm +/- 2 dBm, from about -80 dBm before! Total cost included 2x Bullets, 2x PoE adaptors, and approx 40 ft of STP cat5: $120. I have yet to see what happens in a big thunderstorm, but I extrapolate that they will be able to handle the EMP without going haywire like before. They have worked very well through conditions that our last setup would not. Thanks again for the input everyone! Peter More an FYI as I'm not overly familiar with Ubiquity's, but I believe -40dBm is kind of a hot signal which means they are screaming at each other, are you seeing any physical errors, specifically CRC's?. Won't necessarily affect overall throughput, but -60dBm is the sweet spot...too much of a signal is just as bad as not enough...sort of like that Sienfield episode of the the close talker :). Bret
Re: what about 48 bits?
On Sun, 4 Apr 2010, A.B. Jr. wrote: Hi, Lots of traffic recently about 64 bits being too short or too long. What about mac addresses? Aren't they close to exhaustion? Should be. Or it is assumed that mac addresses are being widely reused throughout the world? All those low cost switches and wifi adapters DO use unique mac addresses? Since they only really need to be unique per broadcast domain, it doesn't really matter. You can I could use the same MAC addresses on all our home gear, and never know it. For manufacturers, it's probably reasonably safe to reuse MAC addresses they put on 10mbit ISA ethernet cards...if they were a manufacturer back then. -- Jon Lewis | I route Senior Network Engineer | therefore you are Atlantic Net| _ http://www.lewis.org/~jlewis/pgp for PGP public key_
Re: what about 48 bits?
On April 5, 2010 at 13:51 s...@cs.columbia.edu (Steven Bellovin) wrote: Yup. 10 years earlier, a 3Com Ethernet card for a Vax cost about $1500, if memory serves. Early-mid 80s? I'd say at least twice that, I don't think there were too many cards for Vaxes and similar for less than $5K. An NIU20 for DECSYSTEM-20 was a 3U box, it was just a single ethernet interface, and cost around $15-20K. About the same price for an IBM370 (specifically, 3090) ethernet box which included a PC/AT and sat on a box about the size of a dorm cube refrigerator which, if you opened it up, contained a chunk of Unibus backplane in which was a (I think 3COM?) ethernet board (and power supply etc.), some common Vax ethernet card. Weird, the whole thing was basically a kludged together Unibus to bus/tag channel adapter or maybe even 3274 using something like an IRMA board? I knew it well because it crashed a lot and operations decided I was the only one who had the magic voodoo to bring it back to life which as I remember was to POWER-CYCLE IT! Well, sometimes you had to power-cycle it more than once to get it all to synch. And we had to put coins in those boxes to get our packets through! If you wanted an email it cost a dime, FTP was 75cents for the first 100KB and 10c for each KB thereafter...ok, that may not be entirely accurate. -b
Re: what about 48 bits?
On Apr 5, 2010, at 4:58 59PM, Barry Shein wrote: On April 5, 2010 at 13:51 s...@cs.columbia.edu (Steven Bellovin) wrote: Yup. 10 years earlier, a 3Com Ethernet card for a Vax cost about $1500, if memory serves. Early-mid 80s? I'd say at least twice that, I don't think there were too many cards for Vaxes and similar for less than $5K. It could have been $3K, but I don't think it was higher. An NIU20 for DECSYSTEM-20 was a 3U box, it was just a single ethernet interface, and cost around $15-20K. About the same price for an IBM370 (specifically, 3090) ethernet box which included a PC/AT and sat on a box about the size of a dorm cube refrigerator which, if you opened it up, contained a chunk of Unibus backplane in which was a (I think 3COM?) ethernet board (and power supply etc.), some common Vax ethernet card. Weird, the whole thing was basically a kludged together Unibus to bus/tag channel adapter or maybe even 3274 using something like an IRMA board? I knew it well because it crashed a lot and operations decided I was the only one who had the magic voodoo to bring it back to life which as I remember was to POWER-CYCLE IT! Well, sometimes you had to power-cycle it more than once to get it all to synch. I remember the design, but never used it. And we had to put coins in those boxes to get our packets through! If you wanted an email it cost a dime, FTP was 75cents for the first 100KB and 10c for each KB thereafter...ok, that may not be entirely accurate. Of course not -- you forgot about the credit card reader option. --Steve Bellovin, http://www.cs.columbia.edu/~smb
Re: what about 48 bits?
On Mon, 05 Apr 2010 16:36:26 EDT, Jon Lewis said: Since they only really need to be unique per broadcast domain, it doesn't really matter. You can I could use the same MAC addresses on all our home gear, and never know it. For manufacturers, it's probably reasonably safe to reuse MAC addresses they put on 10mbit ISA ethernet cards...if they were a manufacturer back then. Until you buy 25 cards with the same MAC address and deploy them all across your enterprise - the problem can go un-noticed for *weeks* as long as two boxes aren't squawking on the same subnet at the same time(*). Of course, you never stop to actually *check* that two cards in different machines have the same address, because That Never Happens, and you spin your wheels trying to figure out why your switching gear is confused about the MAC addresses it's seeing (and it always takes 3 or 4 tickets before one actually includes the message Duplicate MAC address detected in the problem report..) (*) And as Murphy predicts, whenever it happens, one of the two offenders will give up in disgust, power off the machine, and go on coffee break so the arp cache has timed out by the time you start trying to work the trouble ticket. ;) (Yes, we're mostly older and wiser now, and more willing to include the damned hardware is posessed by an Imp of Perversity in our troubleshooting analysis. Had an SL8500 tape library last week that reported 'Drive State: Unpowered' and 'Drive Status: Not Communicating' and still reported 'Drive Health: Good'. pgpXz7joTNrD8.pgp Description: PGP signature
Re: what about 48 bits?
On Mon, Apr 5, 2010 at 10:51 AM, Steven Bellovin s...@cs.columbia.edu wrote: On Apr 5, 2010, at 1:43 52PM, valdis.kletni...@vt.edu wrote: Steve is talking mid-80s pricing, not mid-90s. By '93 or so, the fact that Ethernet was becoming ubiquitous had already forced the price down. Yup. 10 years earlier, a 3Com Ethernet card for a Vax cost about $1500, if memory serves. $1500 is what I remember also (forget if that was the Interlan NI1010 or the DEUNA / DELUA), plus of course the cost of whatever Unibus you're burning the bandwidth on. Serial was cheaper, but most of the competition wasn't. I assume Datakit boards had a regular list price for customers other than intra-Bell? -- Thanks; Bill Note that this isn't my regular email account - It's still experimental so far. And Google probably logs and indexes everything you send it.
Re: what about 48 bits?
On Apr 5, 2010, at 5:08 PM, valdis.kletni...@vt.edu wrote: On Mon, 05 Apr 2010 16:36:26 EDT, Jon Lewis said: Since they only really need to be unique per broadcast domain, it doesn't really matter. You can I could use the same MAC addresses on all our home gear, and never know it. For manufacturers, it's probably reasonably safe to reuse MAC addresses they put on 10mbit ISA ethernet cards...if they were a manufacturer back then. Until you buy 25 cards with the same MAC address and deploy them all across your enterprise I don't think that's possible given that Jon was suggesting. I'm 3COM, I made ISA 10Base2 / 10Base5 cards in the 90s. I run out of MAC addresses. Instead of going to get more - if I even can! - I recycle those MAC addresses, figuring the 10GE PCI-X cards I'm making now have 0.000% chance of being on the same b-cast domain as one of those old ISA cards. Even if I am wrong, the max collision possibility is 2, not 25. Seems reasonable. If I am wrong, I'll apologize profusely, refund the price of the 10G card I gave the customer, ship him a new one free, so he gets two he can use (assuming he has more than one b-cast domain), which would probably make the customer happy. Wanna bet how many times 3COM would have to ship free 10GE cards? -- TTFN, patrick - the problem can go un-noticed for *weeks* as long as two boxes aren't squawking on the same subnet at the same time(*). Of course, you never stop to actually *check* that two cards in different machines have the same address, because That Never Happens, and you spin your wheels trying to figure out why your switching gear is confused about the MAC addresses it's seeing (and it always takes 3 or 4 tickets before one actually includes the message Duplicate MAC address detected in the problem report..) (*) And as Murphy predicts, whenever it happens, one of the two offenders will give up in disgust, power off the machine, and go on coffee break so the arp cache has timed out by the time you start trying to work the trouble ticket. ;) (Yes, we're mostly older and wiser now, and more willing to include the damned hardware is posessed by an Imp of Perversity in our troubleshooting analysis. Had an SL8500 tape library last week that reported 'Drive State: Unpowered' and 'Drive Status: Not Communicating' and still reported 'Drive Health: Good'.
Re: what about 48 bits?
On Mon, 05 Apr 2010 17:26:53 EDT, Patrick W. Gilmore said: I'm 3COM, I made ISA 10Base2 / 10Base5 cards in the 90s. I run out of MAC addresses. Instead of going to get more - if I even can! - I recycle those MAC addresses There were several cases of production run errors from multiple vendors, where the MAC address went 14, 15, 16, 17, 17, 17, 17, *thwack*, 18, 19 pgpCbbW5s5guV.pgp Description: PGP signature
Re: what about 48 bits?
- Valdis Kletnieks valdis.kletni...@vt.edu wrote: On Mon, 05 Apr 2010 17:26:53 EDT, Patrick W. Gilmore said: I'm 3COM, I made ISA 10Base2 / 10Base5 cards in the 90s. I run out of MAC addresses. Instead of going to get more - if I even can! - I recycle those MAC addresses There were several cases of production run errors from multiple vendors, where the MAC address went 14, 15, 16, 17, 17, 17, 17, *thwack*, 18, 19 And to make the problem worse, they are likely to end up in the same shop, and you get them when you purchase several of them.
RE: Wireless bridge
Hi Mike, Sorry for the misunderstanding, allow me to paraphrase: the link does not drop, actual throughput is now faster than our internet connection, and transfers have not been interrupted, so we are happy. As I mentioned, our previous setup could only work reliably when locked at 6 Mbps, and even then there were interruptions and mysterious downtime, so a 54 Mbps theoretical max rate has been a godsend. Also, there were no shiny sales brochures involved in the decision, the Bullet2's were the most cost-effective solution to get the job done, and at minimal loss if the odd problems were not actually solved (see the archive of this thread from June 2009 for details). Bret, You are correct, the Bullets are on max output power right now so they are loud, and I just found that Ubiquiti recommends aiming for -50 to -70 dBm for stable links. I always looked at the hot signal issue like a bad quality speaker turned up too loud; where in this case the speaker is the wireless radio. Since there have been no wireless errors and (aside from a small number of expected Invalid Network ID errors) and the dBm is high I figure the signal is loud and clear on each end, but I'll be sure to tweak the power output. There have actually been more error packets on the wire than in the air (0.01% of LAN packets). Regards, Peter -Original Message- From: Mike [mailto:mike-na...@tiedyenetworks.com] Sent: April-05-10 4:02 PM To: Bret Clark Cc: nanog@nanog.org Subject: Re: Wireless bridge No, you are not pushing a stable '54mbps over the link without issue'. More likely, if you cared to look, you are getting somewhere around 30-35mbps, HALF DUPLEX. The '54mbps' advertised on the shiny sales brochure, is a signaling rate and not a measure of thruput. Mike- Bret Clark wrote: Peter Boone wrote: I purchased 2x Ubiquity Bullet2's (2.4 GHz) and utilized our existing antennas. It has been working extremely well, pushing a stable 54 Mbps over the link without issue. Signal strength is consistently -40 dBm +/- 2 dBm, from about -80 dBm before! Total cost included 2x Bullets, 2x PoE adaptors, and approx 40 ft of STP cat5: $120. I have yet to see what happens in a big thunderstorm, but I extrapolate that they will be able to handle the EMP without going haywire like before. They have worked very well through conditions that our last setup would not. Thanks again for the input everyone! Peter More an FYI as I'm not overly familiar with Ubiquity's, but I believe -40dBm is kind of a hot signal which means they are screaming at each other, are you seeing any physical errors, specifically CRC's?. Won't necessarily affect overall throughput, but -60dBm is the sweet spot...too much of a signal is just as bad as not enough...sort of like that Sienfield episode of the the close talker :). Bret
Re: legacy /8
On 2010.04.05 09:20, Steve Bertrand wrote: On 2010.04.02 19:29, John Palmer (NANOG Acct) wrote: Was looking for the allocated file on the ARIN website, but can't remember where it is. They used to have a file with one line per allocation that started like this arin|US|ipv4. Is that still public somewhere? If you are looking for what blocks have been allocated to ARIN by IANA, the file is maintained on the IANA site: http://www.iana.org/assignments/ipv4-address-space/ After digging a little bit more, and to further my own post, ARIN does maintain a list within its website that contains its IANA allocated blocks for both IPv4 and IPv6: https://www.arin.net/knowledge/ip_blocks.html After a quick review, it seems as though there are numerous blocks left out of this list when comparing it to the aforementioned IANA list. Perhaps it is due to certain blocks being legacy (?). If ARIN does have a single text file, I haven't found it. Should be trivial to copy/dump though. Steve
Re: what about 48 bits?
On 4/5/2010 5:26 PM, Patrick W. Gilmore wrote: On Apr 5, 2010, at 5:08 PM, valdis.kletni...@vt.edu wrote: On Mon, 05 Apr 2010 16:36:26 EDT, Jon Lewis said: Since they only really need to be unique per broadcast domain, it doesn't really matter. You can I could use the same MAC addresses on all our home gear, and never know it. For manufacturers, it's probably reasonably safe to reuse MAC addresses they put on 10mbit ISA ethernet cards...if they were a manufacturer back then. Until you buy 25 cards with the same MAC address and deploy them all across your enterprise I don't think that's possible given that Jon was suggesting. I'm 3COM, I made ISA 10Base2 / 10Base5 cards in the 90s. I run out of MAC addresses. Instead of going to get more - if I even can! - I recycle those MAC addresses, figuring the 10GE PCI-X cards I'm making now have 0.000% chance of being on the same b-cast domain as one of those old ISA cards. Even if I am wrong, the max collision possibility is 2, not 25. Seems reasonable. If I am wrong, I'll apologize profusely, refund the price of the 10G card I gave the customer, ship him a new one free, so he gets two he can use (assuming he has more than one b-cast domain), which would probably make the customer happy. Wanna bet how many times 3COM would have to ship free 10GE cards? 3com is now HP and i doubt very much that either company would bother with that approach... That said, the volume production run for a circa 1992 isa bus ethernet nic (or the enitre sun microsystems product line for that matter) is propably two orders of magnitude lower than say the minimum volume production of mini-pci-express wireless card that goes into a laptop, and laptops might have two or three mac addresses.