[Nanog-futures] Information about upcoming transition of NANOG-Futures list ownership
Dear nanog-futures@nanog.org subscriber: This message is to let you know about an upcoming change in the ownership of this mailing list. As you may know, the ownership and management of NANOG has been been transferred from Merit Network to NewNOG, Inc., a non-profit led by members of the NANOG community (http://www.newnog.org). You can read more details of this change at http://nanog.org/governance/transition. As of Friday, February 25, this mailing list will be transferred to NewNOG's management. Because you are a current member of this list, your email address will be transferred from Merit to NewNOG. If you prefer that your address not be transferred, you may unsubscribe from the list before Friday, February 25, 2011. Instructions are available at: http://mailman.nanog.org/mailman/listinfo/nanog-futures It has been a privilege for Merit to serve the NANOG community since the formation of the group in 1994. We hope that you will choose to continue as a subscriber to this list under NewNOG's stewardship. Sincerely, Andy Rosenzweig Merit Network, Inc. ___ Nanog-futures mailing list Nanog-futures@nanog.org https://mailman.nanog.org/mailman/listinfo/nanog-futures
Re: To the people who answer tech questions on this list
As for LinkedIN, I have nothing against, it, but I don't use it. I don't have an account on it and not sure I ever want to. I'm already slightly on facebook, and very active on twitter, so nothing against linkedin, but there's just too many social media websites to keep track of There are no perfect solutions. It seems to me that Twitter is not conducive to technical QA and given the choice between Facebook and LinkedIn, it seems that the professional social network is more likely to gain traction. Nobody has to participate if they don't want to; it's just about adding a choice and seeing whether or not people really want this kind of thing. Hmm, wouldn't http://serverfault.com/ or http://www.quora.com/ be a more appropriate / efficient forum for technical questions ? Or does it have to be NANOG specific ? Never heard of Quora and that seems to be tied to Facebook, so not ideal. As for serverfault, that is a good idea but serverfault is not really for general IP networking questions related to routing and switching or ISP networking. Therefore, I have proposed that the operators of ServerFault and StackOverflow create a new site called NANOG (maybe it shouldn't be exactly that name). http://area51.stackexchange.com/proposals/29470/nanog If you have questions, comments, or want to commit to using the site for QA, please visit it and join in. It accepts Google, Yahoo, MyOpenID, AOL and Facebook credentials. --Michael Dillon http://www.linkedin.com/profile/view?id=13566587
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
On 11 feb 2011, at 17:51, William Herrin wrote: We can't backport ULA into IPv4 private addressing; there aren't enough addresses for the math to work. So we either make such folks jump through all kinds of hoops to get their networks to function, or we assign addresses that could otherwise be used on the big-I Internet. Not that it matters because it's too late now and it would only give us a few more months, but: Does the US government really need more than 150 million addresses, of which about half are not publically routed? Non-publically routed addresses can be reused by others as long as the stuff both users connect to doesn't overlap.
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
On Feb 17, 2011, at 7:39 AM, Iljitsch van Beijnum wrote: Not that it matters because it's too late now and it would only give us a few more months, but: Does the US government really need more than 150 million addresses, of which about half are not publically routed? Non-publically routed addresses can be reused by others as long as the stuff both users connect to doesn't overlap. Again, I note that we've collectively allocated the 95%+ of the address space which was made available outside of DoD's original blocks, and then considering that US DoD additionally returned 2 more /8's for the community (noted here: http://blog.icann.org/2008/02/recovering-ipv4-address-space/), I believe they've shown significant consideration to the Internet community. The fact that any particular prefix today isn't in your particular routing table does not imply that global uniqueness isn't desired. Rather than saying 240/4 is unusable for another three years, perhaps the service provider community could make plain that this space needs to be made usable (ala http://tools.ietf.org/html/draft-fuller-240space-02 or http://tools.ietf.org/html/draft-wilson-class-e-00, etc.) on a priority basis and work with the operating system and vendor community actually to make this happen? There's a chance that it could be made usable with sufficient focus to make that happen, but it is assured not to be usable if eternally delayed because it is too hard to accomplish. /John (my views alone; 100% recycled electrons used in this message)
Re: ATT MPLS / BIB Routers
On 02/17/2011 01:02 AM, George Bonser wrote: From: Mikeal Clark Sent: Wednesday, February 16, 2011 3:16 PM To: Jim Gettys Cc: nanog@nanog.org Subject: Re: ATT MPLS / BIB Routers I'm building up to 3000-4000ms latency with these BIB routers. We never had this issue on the old point to points using Cisco gear. Something I might try, assuming that the BIB unit plugs into a switch port, is to try bandwidth limiting that port to whatever the CIR is of the MPLS link. If buffering in that path is the problem, limiting the input bandwidth to the box to the maximum of the output bandwidth should eliminate any buffering in the path or the BIB box. Assuming your old Cisco gear was using the same network infrastructure, that might rule out excessive buffering in the MPLS path as the cause, unless ATT can't actually deliver the advertized bandwidth across the path they are selling. What is the CIR? If you have a 10Meg path and have a GigE jacked into the box, yeah, it's going to get into buffers pretty quick. Maybe even taking the ethernet port down to 10Meg might help, depending on what you are expecting the bandwidth of the path to be. Yes, bandwidth limiting is something to try. It's how you can deal with your home broadband connection to inject sanity. Note that you can have bufferbloat just upstream as well. For example, if you plug a GigE ethernet into a 100Mbps switch, if there is buffering upstream, it will fill. http://gettys.wordpress.com/2010/11/29/home-router-puzzle-piece-one-fun-with-your-switch/ In the test case in that post, the bloating is in the laptop plugged into the 100Mbps switch (in the device driver ring, and possibly transmit queue). - Jim
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
In message 54cc2b0d-eae0-4b79-af19-20bbd233a...@istaff.org, John Curran writes: On Feb 17, 2011, at 7:39 AM, Iljitsch van Beijnum wrote: Not that it matters because it's too late now and it would only give = us a few more months, but: =20 Does the US government really need more than 150 million addresses, of = which about half are not publically routed? Non-publically routed = addresses can be reused by others as long as the stuff both users = connect to doesn't overlap. Again, I note that we've collectively allocated the 95%+ of the address=20= space which was made available outside of DoD's original blocks, and = then considering that US DoD additionally returned 2 more /8's for the = community=20 (noted here: = http://blog.icann.org/2008/02/recovering-ipv4-address-space/),=20 I believe they've shown significant consideration to the Internet = community. The fact that any particular prefix today isn't in your particular = routing=20 table does not imply that global uniqueness isn't desired. Rather than saying 240/4 is unusable for another three years, perhaps = the service provider community could make plain that this space needs to be=20= made usable (ala http://tools.ietf.org/html/draft-fuller-240space-02 or=20= http://tools.ietf.org/html/draft-wilson-class-e-00, etc.) on a priority=20= basis and work with the operating system and vendor community actually to make this happen? There's a chance that it could be made usable with=20= sufficient focus to make that happen, but it is assured not to be usable if eternally delayed because it is too hard to accomplish. /John (my views alone; 100% recycled electrons used in this message) It's not usable as general purpose unicast. Both those drafts attempt to do that. It would be possible to use it as restricted purpose unicast, i.e. to connect from a cpe border router to a 6rd and/or LSN with the cpe border router signaling that it support the use of class E addresses when it requests a address from upstream. The upsteam only returns a class E address when it is sure that the network between the LSN/6rd supports class E traffic. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
RE: ATT MPLS / BIB Routers
What type of hardware are they using for this BIB router? Cheers Ryan -Original Message- From: Mikeal Clark [mailto:mikeal.cl...@gmail.com] Sent: Wednesday, February 16, 2011 6:16 PM To: Jim Gettys Cc: nanog@nanog.org Subject: Re: ATT MPLS / BIB Routers I'm building up to 3000-4000ms latency with these BIB routers. We never had this issue on the old point to points using Cisco gear. On Wed, Feb 16, 2011 at 5:09 PM, Jim Gettys j...@freedesktop.org wrote: On 02/16/2011 05:44 PM, Mikeal Clark wrote: We just put in a ATT MPLS and are having a pretty negative experience with the Business in a Box routers they are using for our smaller sites. We are seeing extremely high latency under load. Anyone have any experience with these devices that could shed some light on this? Are they really this bad? There is excessive buffering in all sorts of devices all over the Internet. This causes high latency under load (along with higher packet losses, and lots of other problems. It's what I've been blogging about on http://gettys.wordpress.com. These buffers fill; and they are so large they have defeated TCP congestion avoidance to boot, with horrifying consequences. So far, I've found this problem (almost) everywhere I've looked: o ICSI has good data that bufferbloat is endemic in DSL, Cable, and FIOS. Delays are often measured in seconds (rather than milliseconds). o some corporate and ISP networks run without AQM, in circumstances that they should. o Windows, Mac OSX and Linux all have bufferbloat in their network stacks, at a minimum on recent network device drivers, and often elsewhere. o Every home router I've tested is horrifyingly bad. o 3g networks 802.11 have this in spades. Why should ATT's MPLS be any different? My next topic will be transient bufferbloat, having to do with defeating slowstart. Come start helping fix this: please join us at bufferbloat.net, as we try to get people to fix it. Already there are some experimental patches for the Linux Intel wireless driver. Jim Gettys Bell Labs
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
On Feb 17, 2011, at 4:39 AM, Iljitsch van Beijnum wrote: On 11 feb 2011, at 17:51, William Herrin wrote: We can't backport ULA into IPv4 private addressing; there aren't enough addresses for the math to work. So we either make such folks jump through all kinds of hoops to get their networks to function, or we assign addresses that could otherwise be used on the big-I Internet. Not that it matters because it's too late now and it would only give us a few more months, but: Does the US government really need more than 150 million addresses, of which about half are not publically routed? Non-publically routed addresses can be reused by others as long as the stuff both users connect to doesn't overlap. The DoD does not seem particularly anxious to announce or explain their usage of those blocks to the rest of the community. They have much larger quantities of significantly more sophisticated armaments than ARIN. I agree it would be nice if they would voluntarily return whatever is appropriate to the community, but, as you say, there is little upside to them doing so anyway. Certainly not enough to make the risks of attempting to obtain it through any means other than voluntary return feasible or even worthy of consideration. Owen
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
On Thu, 17 Feb 2011 08:08:50 EST, John Curran said: Rather than saying 240/4 is unusable for another three years, perhaps the service provider community could make plain that this space needs to be made usable In other words, you're going to tell Granny she needs to upgrade to Windows 8 and/or replace her CPE because you couldn't get your act together and deploy IPv6 - even though her friends at the bridge club who are customers of your clued competitor didn't have to do a thing. And then she has to do something *else* 9 months later when you need to deploy IPv6 *anyhow*. I encourage my competitors to design their business plans that way. :) pgpckK4CUIHuj.pgp Description: PGP signature
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
On Feb 17, 2011, at 9:32 AM, valdis.kletni...@vt.edu wrote: On Thu, 17 Feb 2011 08:08:50 EST, John Curran said: Rather than saying 240/4 is unusable for another three years, perhaps the service provider community could make plain that this space needs to be made usable In other words, you're going to tell Granny she needs to upgrade to Windows 8 and/or replace her CPE because you couldn't get your act together and deploy IPv6 - even though her friends at the bridge club who are customers of your clued competitor didn't have to do a thing. Not, what I'm saying is that we've been considering this matter for more than 10 years, and as old as her machine is, it would have been patched once since then if we had bothered to note that Reserved for Future Use should be treated as unicast space. The same argument applies now: unless there is a reason to save 240/8, it should at least be redefined to be usable in some manner so that we don't repeat the same argument 5 years from now. /John
Re: To the people who answer tech questions on this list
- Original Message - From: Michael Dillon wavetos...@googlemail.com There are no perfect solutions. It seems to me that Twitter is not conducive to technical QA and given the choice between Facebook and LinkedIn, it seems that the professional social network is more likely to gain traction. Nobody has to participate if they don't want to; it's just about adding a choice and seeing whether or not people really want this kind of thing. They don't. The issue is *really* knowledge capture -- not the getting to the solutions, but the keeping of them for later. I set up a wikia for this, 3 and more years ago. Crickets. Cheers, -- jra
Re: ATT MPLS / BIB Routers
The routers are Edgemarc. P/N EM-4608T4 http://www.edgewaternetworks.com/edgemarc_overview_page.htm On Thu, Feb 17, 2011 at 8:19 AM, Ryan Finnesey ryan.finne...@harrierinvestments.com wrote: What type of hardware are they using for this BIB router? Cheers Ryan -Original Message- From: Mikeal Clark [mailto:mikeal.cl...@gmail.com] Sent: Wednesday, February 16, 2011 6:16 PM To: Jim Gettys Cc: nanog@nanog.org Subject: Re: ATT MPLS / BIB Routers I'm building up to 3000-4000ms latency with these BIB routers. We never had this issue on the old point to points using Cisco gear. On Wed, Feb 16, 2011 at 5:09 PM, Jim Gettys j...@freedesktop.org wrote: On 02/16/2011 05:44 PM, Mikeal Clark wrote: We just put in a ATT MPLS and are having a pretty negative experience with the Business in a Box routers they are using for our smaller sites. We are seeing extremely high latency under load. Anyone have any experience with these devices that could shed some light on this? Are they really this bad? There is excessive buffering in all sorts of devices all over the Internet. This causes high latency under load (along with higher packet losses, and lots of other problems. It's what I've been blogging about on http://gettys.wordpress.com. These buffers fill; and they are so large they have defeated TCP congestion avoidance to boot, with horrifying consequences. So far, I've found this problem (almost) everywhere I've looked: o ICSI has good data that bufferbloat is endemic in DSL, Cable, and FIOS. Delays are often measured in seconds (rather than milliseconds). o some corporate and ISP networks run without AQM, in circumstances that they should. o Windows, Mac OSX and Linux all have bufferbloat in their network stacks, at a minimum on recent network device drivers, and often elsewhere. o Every home router I've tested is horrifyingly bad. o 3g networks 802.11 have this in spades. Why should ATT's MPLS be any different? My next topic will be transient bufferbloat, having to do with defeating slowstart. Come start helping fix this: please join us at bufferbloat.net, as we try to get people to fix it. Already there are some experimental patches for the Linux Intel wireless driver. Jim Gettys Bell Labs
Re: Fwd: [arin-announce] IN-ADDR.ARPA Zone Transfer Complete
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, Relevant to another post today, I've noticed that neither the *.ip6-servers.arpa nor the *.in-addr-servers.arpa allow axfr. Which leads to the following questions: 1. Was that a conscious decision, and if so why? Speaking for the operator of f.in-addr-servers.arpa and f.ip6-servers.arpa this was simply not on our radar. 2. Is there any hope that axfr could be permitted in the future? Since we are also operating k.root-servers.net and have provided XFR from it for all this time we will do so for these servers as well. This has now been enabled on our systems. Regards, Wolfgang Nagele RIPE NCC DNS Group Manager -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk1dOrcACgkQjO7G63Byy8f5hACgmRBBPCYlPI4vVumvAwyWZAgJ t8MAoJs4BOwzKiKYwNjYY9oOIADlhTzs =aFMj -END PGP SIGNATURE-
ISDN BRI
Is it possible to order a ISDN BRI line from the LEC and have them look at the design of a DS1 and have them if possible design the ISDN BRI lineon a devurse path or at lest different equipment within the CO?
Re: ISDN BRI
- Original Message - From: Santino Codispoti santino.codisp...@gmail.com Is it possible to order a ISDN BRI line from the LEC and have them look at the design of a DS1 and have them if possible design the ISDN BRI line on a diverse path or at lest different equipment within the CO? Off hand, I wouldn't expect a carrier to do any special engineering on a BRI -- can you even *order* a BRI these days? :-) As old NANOG hands know, though, it doesn't matter *what* you ask for, few-to-no carriers properly manage physical diversity requests properly over the long haul, anyway, and the only way to do it yourself often requires that you ask the carrier for records they won't give you. Regularly. Like, monthly. Even if you're paying them extra for the diversity. Cheers, -- jra
Re: ISDN BRI
Is it possible to order a ISDN BRI line from the LEC and have them look at the design of a DS1 and have them if possible design the ISDN BRI lineon a devurse path or at lest different equipment within the CO? Effectively: No. You might find a salescritter willing to *sell* you such a thing, but it's not likely to have any basis in reality, at least long-term. In the general case, telcos try *not* to have diverse paths for end- user lines; for them, it's simpler to have one big mondo cable hauling lots of connections into an area than it is to have three or four that are running in separate directions. You can certainly find counterexamples where some level of diversity might be available (such as a different cable hanging on the same poles), but actual diversity from start to finish is tough. You would be slightly better off with a DS1 and a connection from the cable company; they may share a bunch of poles, but at some point it will diverge and you're largely guaranteed to be on somewhat different equipment in the CO/headend, heh. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again. - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.
Re: ISDN BRI
On Thu, 17 Feb 2011, Santino Codispoti wrote: Is it possible to order a ISDN BRI line from the LEC and have them look at the design of a DS1 and have them if possible design the ISDN BRI lineon a devurse path or at lest different equipment within the CO? I suspect that, particularly for something as small (in terms of revenue to the LEC) as a BRI circuit, you won't have much leverage to ask for anything 'off the menu', like diverse physical routing through the CO. When you get to the point of dealing with the copper in the ground/on the pole, your options for route diversity are usually extremely limited (read: nonexistent). Telco copper plant is usually based on large multipair cables from the CO on a specific route, so even if you managed to get them to commit to diverse routeing in the CO, the copper pairs will still be in the same cable bundle, entering your building and the CO at the same points. jms
Re: ISDN BRI
What you can do is (if you are important enough) apply for TSP (tsp.ncs.gov) in conjunction with provisioning of a circuit to actually have this type of engineering happen and persist, including emergency restoration. If your local carrier doesn't offer the redundancy you want, your only other choice is to build it yourself. Considering the cost of lighting a 10G or 1G strand of fiber for 10km or 20km, working with a BRI isn't that important anymore. - Jared (who has a BRI line for his POTS at home to get clean dial tone at his distance from the CO) On Feb 17, 2011, at 6:46 AM, Justin M. Streiner wrote: On Thu, 17 Feb 2011, Santino Codispoti wrote: Is it possible to order a ISDN BRI line from the LEC and have them look at the design of a DS1 and have them if possible design the ISDN BRI lineon a devurse path or at lest different equipment within the CO? I suspect that, particularly for something as small (in terms of revenue to the LEC) as a BRI circuit, you won't have much leverage to ask for anything 'off the menu', like diverse physical routing through the CO. When you get to the point of dealing with the copper in the ground/on the pole, your options for route diversity are usually extremely limited (read: nonexistent). Telco copper plant is usually based on large multipair cables from the CO on a specific route, so even if you managed to get them to commit to diverse routeing in the CO, the copper pairs will still be in the same cable bundle, entering your building and the CO at the same points. jms
RE: ISDN BRI
Unfortunate but very true seen that many of times where a special engineering fee has been charged specifically to carry a circuit in a diverse manner (or even reasonably diverse). Then it breaks and the excuses start as to why it was never done as promised - then a couple of years later it breaks and nobody has paperwork that shows it was *ever* supposed to be diverse in the first place ;) Paul -Original Message- From: Jay Ashworth [mailto:j...@baylink.com] Sent: Thursday, February 17, 2011 10:30 AM To: NANOG Subject: Re: ISDN BRI - Original Message - From: Santino Codispoti santino.codisp...@gmail.com Is it possible to order a ISDN BRI line from the LEC and have them look at the design of a DS1 and have them if possible design the ISDN BRI line on a diverse path or at lest different equipment within the CO? Off hand, I wouldn't expect a carrier to do any special engineering on a BRI -- can you even *order* a BRI these days? :-) As old NANOG hands know, though, it doesn't matter *what* you ask for, few-to-no carriers properly manage physical diversity requests properly over the long haul, anyway, and the only way to do it yourself often requires that you ask the carrier for records they won't give you. Regularly. Like, monthly. Even if you're paying them extra for the diversity. Cheers, -- jra
Solar flare to reach earth
These coronal mass ejections will slam into the Earth's magnetic shield. The biggest flares can disrupt technology, including power grids, communications systems and satellites. Our current view is that the effect of the solar flare is likely to reach Earth later today (Thursday GMT), possibly tomorrow morning, said Alan Thomson, head of geomagnetism at the British Geological Survey (BGS). http://www.bbc.co.uk/news/science-environment-12493980 Andrew
Re: [arin-announce] IN-ADDR.ARPA Zone Transfer Complete
On 2011-02-16, at 21:15, David Conrad wrote: Congrats to all on getting this done! It's been a long time in coming. Good to see it finally finished. You're very welcome :-) however, the work is not quiet yet done. Next steps are: week of 2011-02-21: IN-ADDR.ARPA zone dropped from B, C, E, G, I, M root servers week of 2011-02-28: IN-ADDR.ARPA zone dropped from A, D, F, H, K, L root servers week of 2011-03-06: DS record for IN-ADDR.ARPA inserted into ARPA zone At the end of this process every subdomain of ARPA will be fully DNSSEC-signed. Query rates on the new servers (those operated by the RIRs and ICANN) are currently low, but are expected to increase as the IN-ADDR.ARPA zone is dropped from root servers. Some stats on the ICANN-operated servers can be found here: http://dns.icann.org/services/inaddr-arpa/ http://dns.icann.org/services/ip6-arpa/ (click through on the graphs for more detail) Joe
Re: ISDN BRI
This may be a great options because the network will be going into air ports. On Thu, Feb 17, 2011 at 10:50 AM, Jared Mauch ja...@puck.nether.net wrote: What you can do is (if you are important enough) apply for TSP (tsp.ncs.gov) in conjunction with provisioning of a circuit to actually have this type of engineering happen and persist, including emergency restoration. If your local carrier doesn't offer the redundancy you want, your only other choice is to build it yourself. Considering the cost of lighting a 10G or 1G strand of fiber for 10km or 20km, working with a BRI isn't that important anymore. - Jared (who has a BRI line for his POTS at home to get clean dial tone at his distance from the CO) On Feb 17, 2011, at 6:46 AM, Justin M. Streiner wrote: On Thu, 17 Feb 2011, Santino Codispoti wrote: Is it possible to order a ISDN BRI line from the LEC and have them look at the design of a DS1 and have them if possible design the ISDN BRI lineon a devurse path or at lest different equipment within the CO? I suspect that, particularly for something as small (in terms of revenue to the LEC) as a BRI circuit, you won't have much leverage to ask for anything 'off the menu', like diverse physical routing through the CO. When you get to the point of dealing with the copper in the ground/on the pole, your options for route diversity are usually extremely limited (read: nonexistent). Telco copper plant is usually based on large multipair cables from the CO on a specific route, so even if you managed to get them to commit to diverse routeing in the CO, the copper pairs will still be in the same cable bundle, entering your building and the CO at the same points. jms
Re: To the people who answer tech questions on this list
On 2/17/2011 2:30 AM, Michael Dillon wrote: Never heard of Quora and that seems to be tied to Facebook, so not ideal. Did you just dis Facebook while plugging linked-in? Jack (continuing to ask stupid and redundant questions on NANOG)
Re: Solar flare to reach earth
On 2/17/2011 9:56 AM, andrew.wallace wrote: These coronal mass ejections will slam into the Earth's magnetic shield. The biggest flares can disrupt technology, including power grids, communications systems and satellites. Our current view is that the effect of the solar flare is likely to reach Earth later today (Thursday GMT), possibly tomorrow morning, said Alan Thomson, head of geomagnetism at the British Geological Survey (BGS). http://www.bbc.co.uk/news/science-environment-12493980 The sky is falling! The Sky is falling! We have been saved from dealing with IPv6 by solar flares! Everyone power off their computers and routers now. :) Jack (my bridge troll is very fat)
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
On 2/17/2011 10:24 AM, Steven Bellovin wrote: It might be worth doing for ISP backbones, and for things like tunnel endpoints. For anything else, it's not worth the effort -- and I suspect never was. I think several people's point is that it may be useful for the CGN/LSN numbering and other special case scenarios where a CPE might be compliant and the windows box would be ignorant. Jack
Re: Solar flare to reach earth
Huh, interesting how the media didn't panic. Leon Kaiser - Head of GNAA Public Relations - litera...@gnaa.eu || litera...@goatse.fr http://gnaa.eu || http://security.goatse.fr 7BEECD8D FCBED526 F7960173 459111CE F01F9923 The mask of anonymity is not intensely constructive. -- Andrew weev Auernheimer On Thu, 2011-02-17 at 10:20 -0600, Jack Bates wrote: On 2/17/2011 9:56 AM, andrew.wallace wrote: These coronal mass ejections will slam into the Earth's magnetic shield. The biggest flares can disrupt technology, including power grids, communications systems and satellites. Our current view is that the effect of the solar flare is likely to reach Earth later today (Thursday GMT), possibly tomorrow morning, said Alan Thomson, head of geomagnetism at the British Geological Survey (BGS). http://www.bbc.co.uk/news/science-environment-12493980 The sky is falling! The Sky is falling! We have been saved from dealing with IPv6 by solar flares! Everyone power off their computers and routers now. :) Jack (my bridge troll is very fat)
Re: Solar flare to reach earth
On Thu, 17 Feb 2011 07:56:19 PST, andrew.wallace said: The biggest flares can disrupt technology, including power grids, communications systems and satellites. http://www.bbc.co.uk/news/science-environment-12493980 Better references: http://www.spaceweather.com/ and http://www.swpc.noaa.gov/: 3-day Solar-Geophysical Forecast issued Feb 16 22:00 UTC Solar Activity Forecast: Solar activity is expected to be moderate with a chance for an isolated major flare for the next three days (17-19 February). Region 1158 is expected to produce more M-class flares and still has the potential for producing an M5 or greater x-ray event. There is a chance for isolated M-class activity from Region 1161. Geophysical Activity Forecast: The geomagnetic field is expected to be predominately quiet on day one (February 17). An increase to unsettled to active conditions, with a chance for minor storm periods is expected late on day one into day two (18 February). The increased activity is forecast due to the expected arrival of the CME associated with the X2 flare that occurred on 15/0156Z. Day three (19 February) is expected to be quiet to active as the disturbance subsides. *yawn*. active to minor storm. Move along, nothing much to see except some aurora. :) pgpumLwAaUXZt.pgp Description: PGP signature
RE: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
In other words, you're going to tell Granny she needs to upgrade to Windows 8 and/or replace her CPE because you couldn't get your act together and deploy IPv6 - even though her friends at the bridge club who are customers of your clued competitor didn't have to do a thing. Or tell her to run Windows Update and get the latest update for her existing OS which has the patch. And then she has to do something *else* 9 months later when you need to deploy IPv6 *anyhow*. Maybe, maybe not. It depends on how it is deployed. That something else might be as simple as reboot the computer. I encourage my competitors to design their business plans that way. :) Considering v4 is likely to be around for another decade or two, getting Class E into general use seems easy enough to do.
Re: [arin-announce] IN-ADDR.ARPA Zone Transfer Complete
On Feb 17, 2011, at 8:03 AM, Joe Abley wrote: At the end of this process every subdomain of ARPA will be fully DNSSEC-signed. Cool. Query rates on the new servers (those operated by the RIRs and ICANN) are currently low, but are expected to increase as the IN-ADDR.ARPA zone is dropped from root servers. It'll be interesting to see what the corresponding drop in traffic in the root servers will be... Regards, -drc
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
On Feb 17, 2011, at 11:28 AM, Jack Bates wrote: On 2/17/2011 10:24 AM, Steven Bellovin wrote: It might be worth doing for ISP backbones, and for things like tunnel endpoints. For anything else, it's not worth the effort -- and I suspect never was. I think several people's point is that it may be useful for the CGN/LSN numbering and other special case scenarios where a CPE might be compliant and the windows box would be ignorant. Jack - There's numerous applications, including expanding internal applications such as virtualized servers for which the address space might be useful, if it was actually defined as usable as unicast. Apparently, it is also the case that the operator community wouldn't recognize the usage restrictions that might apply due to the recent reclassification, and would badly hurt themselves by making use of the space inappropriately. Thus, it is deemed better that nobody have use of the 1/16 of the IPv4 space (even if your internal use is perfectly compatible) because some who won't understand might get hurt... ;-) /John
RE: Solar flare to reach earth
Solar Activity Forecast: Solar activity is expected to be moderate with a chance for an isolated major flare for the next three days (17-19 February). Region 1158 is expected to produce more M-class flares and still has the potential for producing an M5 or greater x-ray event. There is a chance for isolated M-class activity from Region 1161. 1158 is rotating away from facing directly to us so any flares at this point will not be aimed directly at Earth as the earlier M and X class flares were. Actually, I would be more worried if I earned my living in orbit or at high altitude. 1161 is rotating into an Earth-facing position but doesn't seem as active as 1158 was though that can change tomorrow. http://spaceweather.com/
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
On Thu, Feb 17, 2011 at 5:08 AM, John Curran jcur...@istaff.org wrote: On Feb 17, 2011, at 7:39 AM, Iljitsch van Beijnum wrote: Not that it matters because it's too late now and it would only give us a few more months, but: Does the US government really need more than 150 million addresses, of which about half are not publically routed? Non-publically routed addresses can be reused by others as long as the stuff both users connect to doesn't overlap. Again, I note that we've collectively allocated the 95%+ of the address space which was made available outside of DoD's original blocks, and then considering that US DoD additionally returned 2 more /8's for the community (noted here: http://blog.icann.org/2008/02/recovering-ipv4-address-space/), I believe they've shown significant consideration to the Internet community. The fact that any particular prefix today isn't in your particular routing table does not imply that global uniqueness isn't desired. Rather than saying 240/4 is unusable for another three years, perhaps the service provider community could make plain that this space needs to be made usable (ala http://tools.ietf.org/html/draft-fuller-240space-02 or http://tools.ietf.org/html/draft-wilson-class-e-00, etc.) on a priority basis and work with the operating system and vendor community actually to make this happen? There's a chance that it could be made usable with sufficient focus to make that happen, but it is assured not to be usable if eternally delayed because it is too hard to accomplish. +1 If you want to go on a wild goose chase, start chasing down 240/4 and you might make some progress. As i have mentioned before, it was only after i gave up on 240/4 for private network numbering that i really earnestly took on IPv6-only as a strategy. Seeing 240/4 actually work would be nice, but i have already concluded it does not fit my exhaustion timeline given how many edge devices will never support it. If i have to fork lift, it should be for ipv6. Cameron === http://groups.google.com/group/tmoipv6beta === /John (my views alone; 100% recycled electrons used in this message)
Re: [arin-announce] IN-ADDR.ARPA Zone Transfer Complete
Hi, It'll be interesting to see what the corresponding drop in traffic in the root servers will be... We expect it to be around 2000qps (or ~8% of the total traffic) for k.root-servers.net. PTR query rates are very steady and do not follow the general diurnal cycle. Regards, Wolfgang
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
Mark Andrews ma...@isc.org writes: It's not usable as general purpose unicast. Both those drafts attempt to do that. http://tools.ietf.org/html/draft-wilson-class-e-00 does not. Recommend you re-read. It would be possible to use it as restricted purpose unicast, i.e. to connect from a cpe border router to a 6rd and/or LSN with the cpe border router signaling that it support the use of class E addresses when it requests a address from upstream. The upsteam only returns a class E address when it is sure that the network between the LSN/6rd supports class E traffic. The contemporary discussions we had on this subject centered around management infrastructure for MSOs, not 6rd (which was still a twinkle in the Bad Idea Fairy's eye at the time). Not speaking for Paul here, but it was not our intention to box in possible use of this space, only to mark it as sufficiently toxic that end users and normal enterprises would stay away. Would be great for 6rd if that's what folks wanted to use it for and could get the CPE vendors to cooperate. -r
RE: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
If you want to go on a wild goose chase, start chasing down 240/4 and you might make some progress. As i have mentioned before, it was only after i gave up on 240/4 for private network numbering that i really earnestly took on IPv6-only as a strategy. Seeing 240/4 actually work would be nice, but i have already concluded it does not fit my exhaustion timeline given how many edge devices will never support it. If i have to fork lift, it should be for ipv6. 240/4 has been enabled in Linux since 2.6.25 (applied on January 21, 2008 by David Miller) so that's like three years already.
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
Owen DeLong o...@delong.com writes: The DoD does not seem particularly anxious to announce or explain their usage of those blocks to the rest of the community. They have much larger quantities of significantly more sophisticated armaments than ARIN. I agree it would be nice if they would voluntarily return whatever is appropriate to the community, but, You mean like they already did with 49/8, 50/8 (both formerly Joint Technical Command), 10/8 (formerly ARPAnet), and 7/8 (DNIC)? As the biggest returner of IPv4 space by a fair margin, notwithstanding their current holdings I think the DoD is quite justified in saying I gave at the office and hanging up. -r
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
On Thu, Feb 17, 2011 at 9:46 AM, George Bonser gbon...@seven.com wrote: If you want to go on a wild goose chase, start chasing down 240/4 and you might make some progress. As i have mentioned before, it was only after i gave up on 240/4 for private network numbering that i really earnestly took on IPv6-only as a strategy. Seeing 240/4 actually work would be nice, but i have already concluded it does not fit my exhaustion timeline given how many edge devices will never support it. If i have to fork lift, it should be for ipv6. 240/4 has been enabled in Linux since 2.6.25 (applied on January 21, 2008 by David Miller) so that's like three years already. Yep, and that's great. Let me know when a Cisco 7600 will route a packet like this. Cameron
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
On Feb 17, 2011, at 12:48 PM, Cameron Byrne wrote: 240/4 has been enabled in Linux since 2.6.25 (applied on January 21, 2008 by David Miller) so that's like three years already. Yep, and that's great. Let me know when a Cisco 7600 will route a packet like this. So, it won't work for you. Is there any reason that it shouldn't be defined as unicast or private use (with warnings) rather than Future Use, so that those who might have a use for it can do so? /John
RE: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
240/4 has been enabled in Linux since 2.6.25 (applied on January 21, 2008 by David Miller) so that's like three years already. Yep, and that's great. Let me know when a Cisco 7600 will route a packet like this. Cameron Considering how small of a change it is, simply removing that net from the black list, they could do it at any time with a code update to any version of IOS, provided that black list isn't burned into hardware. George
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
On Thu, Feb 17, 2011 at 9:51 AM, John Curran jcur...@istaff.org wrote: On Feb 17, 2011, at 12:48 PM, Cameron Byrne wrote: 240/4 has been enabled in Linux since 2.6.25 (applied on January 21, 2008 by David Miller) so that's like three years already. Yep, and that's great. Let me know when a Cisco 7600 will route a packet like this. So, it won't work for you. Is there any reason that it shouldn't be defined as unicast or private use (with warnings) rather than Future Use, so that those who might have a use for it can do so? I am 100% pro making Class E defined as private unicast space. My only point is that people need to be realistic about the near term benefit. Yes, some linux may work. But, Microsoft and Cisco don't work today. Let's move it to not-reserved, but don't bet the farm on 240/4 solving any of your problems or in any way changing the need to for IPv6 migration. This is where the slipperly slope and expectation settings start. Cameron
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
On Feb 17, 2011, at 12:46 PM, Robert E. Seastrom wrote: Owen DeLong o...@delong.com writes: ... I agree it would be nice if they would voluntarily return whatever is appropriate to the community, but, You mean like they already did with 49/8, 50/8 (both formerly Joint Technical Command), 10/8 (formerly ARPAnet), and 7/8 (DNIC)? As the biggest returner of IPv4 space by a fair margin, notwithstanding their current holdings I think the DoD is quite justified in saying I gave at the office and hanging up. Actually, as I have noted before, the US DoD has contractually agreed to return to ARIN unneeded IPv4 address space if/when such becomes available, so that it may be used by the Internet community. /John John Curran President and CEO ARIN
RE: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
I am 100% pro making Class E defined as private unicast space. My only point is that people need to be realistic about the near term benefit. Yes, some linux may work. But, Microsoft and Cisco don't work today. Let's move it to not-reserved, but don't bet the farm on 240/4 solving any of your problems or in any way changing the need to for IPv6 migration. This is where the slipperly slope and expectation settings start. Cameron Considering the amount of linux-based CPE and other network hardware out there (including some Cisco gear), the extent to which it might be usable today could be surprising.
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
On Thu, Feb 17, 2011 at 9:52 AM, George Bonser gbon...@seven.com wrote: 240/4 has been enabled in Linux since 2.6.25 (applied on January 21, 2008 by David Miller) so that's like three years already. Yep, and that's great. Let me know when a Cisco 7600 will route a packet like this. Cameron Considering how small of a change it is, simply removing that net from the black list, they could do it at any time with a code update to any version of IOS, provided that black list isn't burned into hardware. I asked 2 years ago, and i was told it was not feasible. I escalated, still no-go, it was a deep problem. And they pointed to the IETF saying no on the above drafts as reason to not dig into the microcode or whatever to fix it. This is where i turned to the IPv6-only reality of the future near-term internet. I suggest you do the same. Cisco is just one example. The fact is it will likely not work in cell phones, home gateways, windows PCs, Mac's, I understand some progress has been made... but choose your scope wisely and pick your battles and know that the weight of the world is against you (cisco and msft) Let me remind you, i believe opening 240/4 for private unicast was a good ideas years ago. It is still not a bad idea, what's the harm? But ... the answer you will hear is that IPv6 has momentum, go with the flow. Using 240/4 is much better than providing a public allocation to private networks. It properly makes folks consider the reality of staying with broken ipv4 or making the much better long term investment in IPv6. @George Please don't speculating on when Cisco or Microsoft will support 240/4 on this list. Ask your account rep, then report back with facts. Arm-chair engineering accounts for too many emails on this list. Cameron = http://groups.google.com/group/tmoipv6beta =
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
On Thu, Feb 17, 2011 at 1:05 PM, Cameron Byrne cb.li...@gmail.com wrote: On Thu, Feb 17, 2011 at 9:52 AM, George Bonser gbon...@seven.com wrote: 240/4 has been enabled in Linux since 2.6.25 (applied on January 21, 2008 by David Miller) so that's like three years already. Yep, and that's great. Let me know when a Cisco 7600 will route a packet like this. Cameron Considering how small of a change it is, simply removing that net from the black list, they could do it at any time with a code update to any version of IOS, provided that black list isn't burned into hardware. I asked 2 years ago, and i was told it was not feasible. I escalated, still no-go, it was a deep problem. And they pointed to the IETF saying no on the above drafts as reason to not dig into the microcode or whatever to fix it. This is where i turned to the IPv6-only reality of the future near-term internet. I suggest you do the same. Cisco is just one example. The fact is it will likely not work in cell phones, home gateways, windows PCs, Mac's, I understand some progress has been made... but choose your scope wisely and pick your battles and know that the weight of the world is against you (cisco and msft) Let me remind you, i believe opening 240/4 for private unicast was a good ideas years ago. It is still not a bad idea, what's the harm? But ... the answer you will hear is that IPv6 has momentum, go with the flow. Using 240/4 is much better than providing a public allocation to private networks. It properly makes folks consider the reality of staying with broken ipv4 or making the much better long term investment in IPv6. @George Please don't speculating on when Cisco or Microsoft will support 240/4 on this list. Ask your account rep, then report back with facts. Arm-chair engineering accounts for too many emails on this list. Cameron = http://groups.google.com/group/tmoipv6beta = IPv6's momentum is a lot like a beach landing at Normandy. -- Jeffrey Lyon, Leadership Team jeffrey.l...@blacklotus.net | http://www.blacklotus.net Black Lotus Communications - AS32421 First and Leading in DDoS Protection Solutions
RE: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
I asked 2 years ago, and i was told it was not feasible. I escalated, still no-go, it was a deep problem. And they pointed to the IETF saying no on the above drafts as reason to not dig into the microcode or whatever to fix it. Ok, so that implies that it is burned into hardware and as it is ASIC-based hardware and not FPGA, they can't reprogram the hardware with a code update (one of the advantages of FPGA-based hardware). Cisco is just one example. The fact is it will likely not work in cell phones, home gateways, windows PCs, Mac's, I understand some progress has been made... but choose your scope wisely and pick your battles and know that the weight of the world is against you (cisco and msft) I don't think I had general usage in mind, more along the lines of the middle 4 in NAT444 that will be rolled out in many networks to conserve IP space. @George Please don't speculating on when Cisco or Microsoft will support 240/4 on this list. Ask your account rep, then report back with facts. Arm-chair engineering accounts for too many emails on this list. The usage I have in mind would be transparent to the end stations and, frankly, someone who produces provider gear and CPE that can take advantage of that space is going to have a great selling point. There is some gold under there for someone. 240/4 is a great big dig here sign if they want some of it.
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
On 2/17/2011 1:31 PM, Jeffrey Lyon wrote: IPv6's momentum is a lot like a beach landing at Normandy. As in, large, dedicated, and nigh unstoppable, but fraught with peril and with a lot of mess and destruction to get through before it is done, or as in mainly opposed by aging crazy Nazis who should have seen it coming but kept their attention in the wrong place?
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
On Feb 17, 2011, at 9:57 AM, John Curran wrote: On Feb 17, 2011, at 12:46 PM, Robert E. Seastrom wrote: Owen DeLong o...@delong.com writes: ... I agree it would be nice if they would voluntarily return whatever is appropriate to the community, but, You mean like they already did with 49/8, 50/8 (both formerly Joint Technical Command), 10/8 (formerly ARPAnet), and 7/8 (DNIC)? As the biggest returner of IPv4 space by a fair margin, notwithstanding their current holdings I think the DoD is quite justified in saying I gave at the office and hanging up. As they are also the biggest consumer of IPv4 space by a fair margin, that statement rings a bit hollow. Actually, as I have noted before, the US DoD has contractually agreed to return to ARIN unneeded IPv4 address space if/when such becomes available, so that it may be used by the Internet community. This statement, on the other hand, is a good thing. Owen
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
IPv6's momentum is a lot like a beach landing at Normandy. ?? Inevitably going to succeed, but, not without heavy losses in the process? Owen
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
On Thu, Feb 17, 2011 at 2:14 PM, Owen DeLong o...@delong.com wrote: IPv6's momentum is a lot like a beach landing at Normandy. ?? Inevitably going to succeed, but, not without heavy losses in the process? Owen Yes, and also with mass fear and confusion at the beginning. -- Jeffrey Lyon, Leadership Team jeffrey.l...@blacklotus.net | http://www.blacklotus.net Black Lotus Communications - AS32421 First and Leading in DDoS Protection Solutions
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
On 2/17/2011 1:25 PM, Jeffrey Lyon wrote: On Thu, Feb 17, 2011 at 2:14 PM, Owen DeLongo...@delong.com wrote: IPv6's momentum is a lot like a beach landing at Normandy. ?? Inevitably going to succeed, but, not without heavy losses in the process? Owen Yes, and also with mass fear and confusion at the beginning. Given the heavy losses and chaotic nature of the event, wasn't mass fear and confusion to be expected? Jack
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
On Thu, Feb 17, 2011 at 2:48 PM, Jack Bates jba...@brightok.net wrote: On 2/17/2011 1:25 PM, Jeffrey Lyon wrote: On Thu, Feb 17, 2011 at 2:14 PM, Owen DeLongo...@delong.com wrote: IPv6's momentum is a lot like a beach landing at Normandy. ?? Inevitably going to succeed, but, not without heavy losses in the process? Owen Yes, and also with mass fear and confusion at the beginning. Given the heavy losses and chaotic nature of the event, wasn't mass fear and confusion to be expected? Jack At Normandy or on 2/3/11? -- Jeffrey Lyon, Leadership Team jeffrey.l...@blacklotus.net | http://www.blacklotus.net Black Lotus Communications - AS32421 First and Leading in DDoS Protection Solutions
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
In message AANLkTi=uzeqb2dykxhvrxakfasphgfdmxjp1p-gj0...@mail.gmail.com, Came ron Byrne writes: On Thu, Feb 17, 2011 at 5:08 AM, John Curran jcur...@istaff.org wrote: On Feb 17, 2011, at 7:39 AM, Iljitsch van Beijnum wrote: Not that it matters because it's too late now and it would only give us = a few more months, but: Does the US government really need more than 150 million addresses, of w= hich about half are not publically routed? Non-publically routed addresses = can be reused by others as long as the stuff both users connect to doesn't = overlap. Again, I note that we've collectively allocated the 95%+ of the address space which was made available outside of DoD's original blocks, and then considering that US DoD additionally returned 2 more /8's for the communi= ty (noted here: http://blog.icann.org/2008/02/recovering-ipv4-address-space= /), I believe they've shown significant consideration to the Internet communi= ty. The fact that any particular prefix today isn't in your particular routin= g table does not imply that global uniqueness isn't desired. Rather than saying 240/4 is unusable for another three years, perhaps the service provider community could make plain that this space needs to be made usable (ala http://tools.ietf.org/html/draft-fuller-240space-02 or http://tools.ietf.org/html/draft-wilson-class-e-00, etc.) on a priority basis and work with the operating system and vendor community actually to make this happen? =A0There's a chance that it could be made usable wit= h sufficient focus to make that happen, but it is assured not to be usable if eternally delayed because it is too hard to accomplish. +1 If you want to go on a wild goose chase, start chasing down 240/4 and you might make some progress. As i have mentioned before, it was only after i gave up on 240/4 for private network numbering that i really earnestly took on IPv6-only as a strategy. Seeing 240/4 actually work would be nice, but i have already concluded it does not fit my exhaustion timeline given how many edge devices will never support it. If i have to fork lift, it should be for ipv6. You can reflash CPE devices to support this that you can't reflash to support IPv6 as there is no space in the flash for the extra code. This should be minimal. A extra PPP/DHCP option and a check box to enable (default) / disable setting it. It can be deployed incrementally. It enables IPv6 to be deployed over intermediate hardware that doesn't support IPv4. You still need lots of IPv4 to do that. It doesn't however have to be globally unique and it shouldn't be RFC 1918. Leave RFC 1918 for customers. You add IPv6 support to CPE devices where you can. It doesn't require the world to upgrade. It gives a well defined range that you don't use with 6to4. We also don't need all of class E. The first half would be more than enough for even the biggest ISP. It's big enough to give customers stable IPv6 addresses via 6rd. Mark Cameron =3D=3D=3D=3D=3D=3D=3D http://groups.google.com/group/tmoipv6beta =3D=3D=3D=3D=3D=3D=3D /John (my views alone; 100% recycled electrons used in this message) -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
In message 32ecc9cd-d927-4407-914c-751316c59...@istaff.org, John Curran write s: On Feb 17, 2011, at 12:48 PM, Cameron Byrne wrote: 240/4 has been enabled in Linux since 2.6.25 (applied on January 21, 2008 by David Miller) so that's like three years already. Yep, and that's great. Let me know when a Cisco 7600 will route a packet like this. So, it won't work for you. Is there any reason that it shouldn't be defined as unicast or private use (with warnings) rather than Future Use, so that those who might have a use for it can do so? /John Or to ask CISCO to fix the box so it can route it? In many cases it is a minimal change. I don't know whether it is in Cisco 7600 but it can't hurt to ask the vendors if it is technically possible. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
Mark Andrews expunged (ma...@isc.org): Or to ask CISCO to fix the box so it can route it? In many cases it is a minimal change. I don't know whether it is in Cisco 7600 They are in the business of selling new gear, not enabling features on EOL equipment :) -Steve
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
You can reflash CPE devices to support this that you can't reflash to support IPv6 as there is no space in the flash for the extra code. This should be minimal. A extra PPP/DHCP option and a check box to enable (default) / disable setting it. Reflashing most CPE amounts to forklifting. The difference between having them bring their CPE in to be reflashed or rolling a truck to do same vs. replacing the CPE will, in most cases, actually render replacing the CPE cheaper. It can be deployed incrementally. So can replacing the CPE, but, neither is a particularly attractive alternative for many providers. Owen
Re: ISDN BRI
On Thursday, February 17, 2011 10:30:12 am Jay Ashworth wrote: Off hand, I wouldn't expect a carrier to do any special engineering on a BRI -- can you even *order* a BRI these days? :-) Seems to still be in NECA Tariff5, at least the last copy I looked at. So the rurals still are tariffed for it.
Information about upcoming transition of mailing list ownership
Dear nanog@nanog.org subscriber: This message is to let you know about an upcoming change in the ownership of this mailing list. As you may know, the ownership and management of NANOG has been been transferred from Merit Network to NewNOG, Inc., a non-profit led by members of the NANOG community (http://www.newnog.org). You can read more details of this change at http://nanog.org/governance/transition. As of Friday, February 25, this mailing list will be transferred to NewNOG's management. Because you are a current member of this list, your email address will be transferred from Merit to NewNOG. If you prefer that your address not be transferred, you may unsubscribe from the list before Friday, February 25, 2011. Instructions are available at: http://mailman.nanog.org/mailman/listinfo/nanog It has been a privilege for Merit to serve the NANOG community since the formation of the group in 1994. We hope that you will choose to continue as a subscriber to this list under NewNOG's stewardship. Sincerely, Andy Rosenzweig Merit Network, Inc.
[NANOG-announce] Information about upcoming transition of NANOG-Announce list ownership
Dear nanog-annou...@nanog.org subscriber: This message is to let you know about an upcoming change in the ownership of this mailing list. As you may know, the ownership and management of NANOG has been been transferred from Merit Network to NewNOG, Inc., a non-profit led by members of the NANOG community (http://www.newnog.org). You can read more details of this change at http://nanog.org/governance/transition. As of Friday, February 25, this mailing list will be transferred to NewNOG's management. Because you are a current member of this list, your email address will be transferred from Merit to NewNOG. If you prefer that your address not be transferred, you may unsubscribe from the list before Friday, February 25, 2011. Instructions are available at: http://mailman.nanog.org/mailman/listinfo/nanog-announce It has been a privilege for Merit to serve the NANOG community since the formation of the group in 1994. We hope that you will choose to continue as a subscriber to this list under NewNOG's stewardship. Sincerely, Andy Rosenzweig Merit Network, Inc. ___ NANOG-announce mailing list nanog-annou...@nanog.org https://mailman.nanog.org/mailman/listinfo/nanog-announce
SFP vs. SFP+
I was asked today what the difference between SFP and SFP+ is. I did really know, so I looked it up and it seems that the SFP spec provides capabilities for data rates up to 4.25Gb/s, whereas SFP+ supports up to 10Gb/s. Naturally, this made me wonder whether or not an optic that supported 10GbE always conformed to the SFP+ standard inherently, or if there are cases where a 10GbE optic might only support the SFP standard, thus having a 4.25Gb/s bottleneck.
Re: SFP vs. SFP+
I'm curious also. Could you use a SFP in a ten gig port if you only need 4gb of throughput? Sent from my iPhone On Feb 17, 2011, at 6:25 PM, Sam Chesluk s...@networkhardware.com wrote: Jason - there are no SFP-10G parts based off of the original SFP; they all are based on the SFP+ standard, so there will be no issues with the optic not being able to work at the full 10Gbps it's rated for. Sam Chesluk Network Hardware Resale -Original Message- From: Jason Lixfeld [mailto:ja...@lixfeld.ca] Sent: Thursday, February 17, 2011 3:00 PM To: nanog@nanog.org Subject: SFP vs. SFP+ I was asked today what the difference between SFP and SFP+ is. I did really know, so I looked it up and it seems that the SFP spec provides capabilities for data rates up to 4.25Gb/s, whereas SFP+ supports up to 10Gb/s. Naturally, this made me wonder whether or not an optic that supported 10GbE always conformed to the SFP+ standard inherently, or if there are cases where a 10GbE optic might only support the SFP standard, thus having a 4.25Gb/s bottleneck.
RE: SFP vs. SFP+
Depends on the switch. Some, like the 2960S and 4948E, have 1G/10G ports. They will, however, not operate at 4Gbps (that particular speed was chosen to allow the core components to work for gigabit Ethernet, OC48, 2G FC, and 4G FC). Sam Chesluk Network Hardware Resale -Original Message- From: Jimmy Changa [mailto:jimmy.changa...@gmail.com] Sent: Thursday, February 17, 2011 3:39 PM To: Sam Chesluk Cc: Jason Lixfeld; nanog@nanog.org Subject: Re: SFP vs. SFP+ I'm curious also. Could you use a SFP in a ten gig port if you only need 4gb of throughput? Sent from my iPhone On Feb 17, 2011, at 6:25 PM, Sam Chesluk s...@networkhardware.com wrote: Jason - there are no SFP-10G parts based off of the original SFP; they all are based on the SFP+ standard, so there will be no issues with the optic not being able to work at the full 10Gbps it's rated for. Sam Chesluk Network Hardware Resale -Original Message- From: Jason Lixfeld [mailto:ja...@lixfeld.ca] Sent: Thursday, February 17, 2011 3:00 PM To: nanog@nanog.org Subject: SFP vs. SFP+ I was asked today what the difference between SFP and SFP+ is. I did really know, so I looked it up and it seems that the SFP spec provides capabilities for data rates up to 4.25Gb/s, whereas SFP+ supports up to 10Gb/s. Naturally, this made me wonder whether or not an optic that supported 10GbE always conformed to the SFP+ standard inherently, or if there are cases where a 10GbE optic might only support the SFP standard, thus having a 4.25Gb/s bottleneck.
Re: Fwd: [arin-announce] IN-ADDR.ARPA Zone Transfer Complete
On 02/17/2011 07:11, Wolfgang Nagele wrote: Hi, Relevant to another post today, I've noticed that neither the *.ip6-servers.arpa nor the *.in-addr-servers.arpa allow axfr. Which leads to the following questions: 1. Was that a conscious decision, and if so why? Speaking for the operator of f.in-addr-servers.arpa and f.ip6-servers.arpa this was simply not on our radar. 2. Is there any hope that axfr could be permitted in the future? Since we are also operating k.root-servers.net and have provided XFR from it for all this time we will do so for these servers as well. This has now been enabled on our systems. Thanks! I sort of suspected that this was the case at least for the servers operated by RIPE NCC because of the history with K as you pointed out above. I appreciate your quick attention to this issue, and my (admittedly non-comprehensive) tests indicate that f.ip6-servers.arpa and f.in-addr-servers.arpa are indeed now allowing transfers. Best Regards, Doug -- Nothin' ever doesn't change, but nothin' changes much. -- OK Go Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
In message 5f90644c-5457-460f-9bc3-70802b13a...@delong.com, Owen DeLong write s: Cisco is just one example. The fact is it will likely not work in cell phones, home gateways, windows PCs, Mac's, I understand some progress has been made... but choose your scope wisely and pick your battles and know that the weight of the world is against you (cisco and msft) I don't think I had general usage in mind, more along the lines of the middle 4 in NAT444 that will be rolled out in many networks to conserve IP space. Infeasible. NAT444 is primarily needed to avoid doing a CPE forklift for nearly every subscriber. To deploy these addresses in that space would require a CPE forklift for nearly every subscriber. Firstly it is entirely possible to do this incrementally. Secondly it doesn't require a fork lift upgrade. A minimal upgrade is all that is required. For modern Linux boxes just setting a DHCP option would be enough. A two line fix in a config file. @George Please don't speculating on when Cisco or Microsoft will support 240/4 on this list. Ask your account rep, then report back with facts. Arm-chair engineering accounts for too many emails on this list. The usage I have in mind would be transparent to the end stations and, frankly, someone who produces provider gear and CPE that can take advantage of that space is going to have a great selling point. There is some gold under there for someone. 240/4 is a great big dig here sign if they want some of it. Maybe, but, CPE is rarely a unified solution, even within the same carrier. Owen -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
Re: SFP vs. SFP+
On Thu, Feb 17, 2011 at 03:41:28PM -0800, Sam Chesluk wrote: Depends on the switch. Some, like the 2960S and 4948E, have 1G/10G ports. They will, however, not operate at 4Gbps (that particular speed was chosen to allow the core components to work for gigabit Ethernet, OC48, 2G FC, and 4G FC). 4G SFPs are relatively rare, and only for fibre channel. Multi-rate SFPs that do up to 2.5G (for OC48) are a lot more common, but they cost more than just a simple 1GE SFP. Since all you can do with Ethernet is 1G or 10G anyways, most SFPs you'll encounter in the field will be the cheaper non-multirate kind. For more information about SFP+, as well as some comparisons between different 10G optic types, take a look at: http://www.nanog.org/meetings/nanog42/presentations/pluggables.pdf As an update (since this presentation is from Feb 2008), SFP+ is just now finally starting to get into 40km/ER reach territory. Supplies are limited, as they just very recently started shipping, but they do exist. Of course since they moved the electronic dispersion compensation (EDC) off the optic and onto the host board, the exact distances you'll be able to achieve are still based on the quality of the device you're plugging them into. SFP+ is still mostly an enterprise box or high density / short reach offering, and XFP is still required for full functionality. -- Richard A Steenbergen r...@e-gerbil.net http://www.e-gerbil.net/ras GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
In message 20110217203922.gb3...@mara.org, Steve Meuse writes: Mark Andrews expunged (ma...@isc.org): Or to ask CISCO to fix the box so it can route it? In many cases it is a minimal change. I don't know whether it is in Cisco 7600 They are in the business of selling new gear, not enabling features on EOL eq uipment :) -Steve Sometime the good will generated is worth the minor expense. Remember a lot of this problem is the direct result of vendors not acting soon enough and that includes CISCO. Asking those vendors to do a bit of work to fixup the results of their bad decisions is not unreasonable. They can't fix hardware limitations but they can definitely fix software limitations. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
On Feb 17, 2011, at 4:57 PM, Mark Andrews wrote: In message 20110217203639.ga3...@mara.org, Steve Meuse writes: George Bonser expunged (gbon...@seven.com): Considering the amount of linux-based CPE and other network hardware out there (including some Cisco gear), the extent to which it might be usable today could be surprising. An how many of those embedded linux devices are running a 2.4 kernel? Just lo ok at xx-wrt as an example. If you have a certain chipset, 2.4 is your only o ption. And the work to patch that kernel is minimal if it doesn't already support it. It would take less time to fix the kernel than to argue over whether to fix it. -Steve -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org But way way way more time to deploy the patched kernel than to forklift the devices with IPv6 capable ones which don't require patching the kernel, either. The kernel patch is, at best, an expensive stop gap. At worst, it is a counter productive waste of time. At best it's slightly short of break-even. At worst, it's a huge $negative. Owen
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
In message 1dbdca5f-16ec-428d-bc46-3bd59a6f4...@delong.com, Owen DeLong write s: You can reflash CPE devices to support this that you can't reflash to support IPv6 as there is no space in the flash for the extra code. This should be minimal. A extra PPP/DHCP option and a check box to enable (default) / disable setting it. Reflashing most CPE amounts to forklifting. The difference between having them bring their CPE in to be reflashed or rolling a truck to do same vs. replacing the CPE will, in most cases, actually render replacing the CPE cheaper. It depends on the CPE device. Lots of CPE devices can be re-flashed in place. It just requires the will to make the images available. It can be deployed incrementally. So can replacing the CPE, but, neither is a particularly attractive alternative for many providers. And further indecision is going to make this worse not better. Owen -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
On Feb 17, 2011, at 5:18 PM, Mark Andrews wrote: In message 1dbdca5f-16ec-428d-bc46-3bd59a6f4...@delong.com, Owen DeLong write s: You can reflash CPE devices to support this that you can't reflash to support IPv6 as there is no space in the flash for the extra code. This should be minimal. A extra PPP/DHCP option and a check box to enable (default) / disable setting it. Reflashing most CPE amounts to forklifting. The difference between having them bring their CPE in to be reflashed or rolling a truck to do same vs. replacing the CPE will, in most cases, actually render replacing the CPE cheaper. It depends on the CPE device. Lots of CPE devices can be re-flashed in place. It just requires the will to make the images available. Who do you think is going to do this reflashing? If you think that Grandma is going to download an image and reflash her linksys, you're at least slightly divorced from reality. If you think she's going to do it and not have about a 10% brick rate (10% of devices going from router to brick) as a result, then, you're optimistic to say the least. It can be deployed incrementally. So can replacing the CPE, but, neither is a particularly attractive alternative for many providers. And further indecision is going to make this worse not better. On this we agree... Which is why we should decide to move to IPv6 and get on with it instead of continuing to pursue rat-holes like 240/4. Owen
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
On Feb 17, 2011, at 4:52 PM, Mark Andrews wrote: In message 5f90644c-5457-460f-9bc3-70802b13a...@delong.com, Owen DeLong write s: Cisco is just one example. The fact is it will likely not work in cell phones, home gateways, windows PCs, Mac's, I understand some progress has been made... but choose your scope wisely and pick your battles and know that the weight of the world is against you (cisco and msft) I don't think I had general usage in mind, more along the lines of the middle 4 in NAT444 that will be rolled out in many networks to conserve IP space. Infeasible. NAT444 is primarily needed to avoid doing a CPE forklift for nearly every subscriber. To deploy these addresses in that space would require a CPE forklift for nearly every subscriber. Firstly it is entirely possible to do this incrementally. Secondly it doesn't require a fork lift upgrade. A minimal upgrade is all that is required. For modern Linux boxes just setting a DHCP option would be enough. A two line fix in a config file. Whether you do it incrementally or not, you have to upgrade every affected device eventually. You can roll out IPv6 incrementally, too. Most CPE is _NOT_ within the description of modern linux boxes so does not apply to the discussion of the middle 4 in NAT444. It may not require an actual forklift upgrade, but, in the real world, it will require ISP efforts that are equivalent to a forklift upgrade, so, if you're going to that much trouble, it's cheaper (and in many cases easier) to go ahead and forklift your way to IPv6. Ideally in the next round of CPE, the need for NAT444 is a non-issue. It should support at least DS-Lite or 6rd. Anything earlier than the next round of equipment will need to be at least re-flashed. Owen
RE: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
But way way way more time to deploy the patched kernel than to forklift the devices with IPv6 capable ones which don't require patching the kernel, either. The kernel patch is, at best, an expensive stop gap. At worst, it is a counter productive waste of time. At best it's slightly short of break-even. At worst, it's a huge $negative. Owen I don't think anyone was proposing it as an alternative to v6. It is more along the lines of keeping the existing v4 net working as people migrate over. Freeing up WAN IPs can make them available for v6 migration purposes. The ironic thing about v6 is that it will require some additional v4 addresses during the migration period.
Re: [arin-ppml] NAT444 rumors (was Re: Looking for an IPv6 naysayer...)
On Thu, Feb 10, 2011 at 14:17, Benson Schliesser bens...@queuefull.net wrote: If you have more experience (not including rumors) that suggests otherwise, I'd very much like to hear about it. I'm open to the possibility that NAT444 breaks stuff - that feels right in my gut - but I haven't found any valid evidence of this. In case you have not already found this: http://tools.ietf.org/html/draft-donley-nat444-impacts-01 Cheers, ~Chris Regardless, I think we can agree that IPv6 is the way to avoid NAT-related growing pains. We've known this for a long time. Cheers, -Benson ___ PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List (arin-p...@arin.net). Unsubscribe or manage your mailing list subscription at: http://lists.arin.net/mailman/listinfo/arin-ppml Please contact i...@arin.net if you experience any issues. -- @ChrisGrundemann weblog.chrisgrundemann.com www.burningwiththebush.com www.theIPv6experts.net www.coisoc.org
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
In message c02476ce-0544-430e-bb70-b752406ad...@delong.com, Owen DeLong write s: On Feb 17, 2011, at 5:18 PM, Mark Andrews wrote: =20 In message 1dbdca5f-16ec-428d-bc46-3bd59a6f4...@delong.com, Owen = DeLong write s: =20 You can reflash CPE devices to support this that you can't reflash to support IPv6 as there is no space in the flash for the extra code. This should be minimal. A extra PPP/DHCP option and a check box to enable (default) / disable setting it. =20 Reflashing most CPE amounts to forklifting. The difference between having them bring their CPE in to be reflashed or rolling a truck to do same vs. replacing the CPE will, in most cases, actually render replacing the CPE cheaper. =20 It depends on the CPE device. Lots of CPE devices can be re-flashed in place. It just requires the will to make the images available. =20 Who do you think is going to do this reflashing? If you think that = Grandma is going to download an image and reflash her linksys, you're at least slightly divorced from reality. I think grandma is quite capable of doing it. She just needs to be informed that it needs to be done. Most people that are scared of doing it themselves have someone that they can call on to do it for them. It also doesn't have to be 100%. If you think she's going to do it and not have about a 10% brick rate (10% of devices going from router to brick) as a result, then, you're optimistic to say the least. Reflashing with manufacture supplied images doesn't have a 10% brick rate. It can be deployed incrementally. =20 So can replacing the CPE, but, neither is a particularly attractive alternative for many providers. =20 And further indecision is going to make this worse not better. =20 On this we agree... Which is why we should decide to move to IPv6 and get on with it instead of continuing to pursue rat-holes like 240/4. 240/4 is actually an enabler for IPv6. It allows the operator to give the customer a stable IPv4 address which can be used for stable IPv6 addresses via 6rd. Different parts upgrade at different times and we need to de-couple all those upgrades if we can. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
Re: Information about upcoming transition of mailing list ownership
It has been a privilege for Merit to serve the NANOG community since the formation of the group in 1994. the merit folk have done a great job since nanog happened out of techs. you held the community together and helped move the internet forward. deep thanks. and you're still family. randy
Internet Exchange Point(IXP) questions
I'm doing some research on multiple origin AS problems of IXPs. As I know, generally there are two types of IXPs type 1: use exchange routers, which works in layer 3 type 2: use switches and Ethernet topology, which works in layer 2. So I have a couple of qustions: 1. For type 1, the exchange routers may use several IP prefixes for routing, how often does the IP prefixes have their own AS? 2. For type 2, all peers connected to the IXP must work in the same subnet required by Ethernet rules. Is possible that the subnet IP prefixes belong to some private IP address space, such as 192.168.x.x? How often does this happen? If the subnet only contains public IP addresses, how are the addresses announced? Thanks, Yaoqing
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
Mark Andrews expunged (ma...@isc.org): An how many of those embedded linux devices are running a 2.4 kernel? Just lo ok at xx-wrt as an example. If you have a certain chipset, 2.4 is your only o ption. And the work to patch that kernel is minimal if it doesn't already support it. It would take less time to fix the kernel than to argue over whether to fix it. The point is just because it's running linux doesn't make it any more likely to get upgraded than joe six pack is going to update/patch his windows XP. -Steve
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
Mark Andrews expunged (ma...@isc.org): Remember a lot of this problem is the direct result of vendors not acting soon enough and that includes CISCO. Asking those vendors to do a bit of work to fixup the results of their bad decisions is not unreasonable. They can't fix hardware limitations but they can definitely fix software limitations. Vendors have finite resources. I'm not going to ask them to waste time fixing something that buys us a short amount of time vs. asking them to work on a feature that has immediate impact to my ability to generate revenue. Yah, I'm one of those dirty capitalists. What's Randy's quote? I highly recommend my competitors do this... -Steve
RE: Internet Exchange Point(IXP) questions
-Original Message- From: Yaoqing(Joey) Liu [mailto:joey.li...@gmail.com] Sent: Thursday, February 17, 2011 6:03 PM To: nanog@nanog.org Subject: Internet Exchange Point(IXP) questions I'm doing some research on multiple origin AS problems of IXPs. As I know, generally there are two types of IXPs type 1: use exchange routers, which works in layer 3 type 2: use switches and Ethernet topology, which works in layer 2. So I have a couple of qustions: 1. For type 1, the exchange routers may use several IP prefixes for routing, how often does the IP prefixes have their own AS? 2. For type 2, all peers connected to the IXP must work in the same subnet required by Ethernet rules. Is possible that the subnet IP prefixes belong to some private IP address space, such as 192.168.x.x? How often does this happen? If the subnet only contains public IP addresses, how are the addresses announced? Thanks, Yaoqing Hello: On the Seattle Internet Exchange (SIX) we have ARIN-assigned addresses that we use on the Layer 2 fabric (your type 2 above). Hopefully the addresses aren't being announced at all, although we sometimes have to chase down people that announce it. Those addresses aren't the destination for any traffic, they are merely part of the transport to a destination, so there is no need for them to be in the DFZ. Regards, Mike -- Michael K. Smith - CISSP, GSEC, GISP Chief Technical Officer - Adhost Internet LLC mksm...@adhost.com w: +1 (206) 404-9500 f: +1 (206) 404-9050 PGP: B49A DDF5 8611 27F3 08B9 84BB E61E 38C0 (Key ID: 0x9A96777D)
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
In message 20110218020622.ga10...@mara.org, Steve Meuse writes: Mark Andrews expunged (ma...@isc.org): An how many of those embedded linux devices are running a 2.4 kernel? Jus t lo ok at xx-wrt as an example. If you have a certain chipset, 2.4 is your on ly o ption. And the work to patch that kernel is minimal if it doesn't already support it. It would take less time to fix the kernel than to argue over whether to fix it. The point is just because it's running linux doesn't make it any more likel y to get upgraded than joe six pack is going to update/patch his windows XP. Joe 6 pack does upgrade his XP box. It companies that don't. There too worried about things breaking. -Steve -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
Mark Andrews expunged (ma...@isc.org): I think grandma is quite capable of doing it. She just needs to be informed that it needs to be done. On my planet (Earth), this isn't likely ever happen. -Steve
Re: Internet Exchange Point(IXP) questions
In a message written on Fri, Feb 18, 2011 at 02:17:48AM +, Michael K. Smith - Adhost wrote: On the Seattle Internet Exchange (SIX) we have ARIN-assigned addresses that we use on the Layer 2 fabric (your type 2 above). Hopefully the addresses aren't being announced at all, although we sometimes have to chase down people that announce it. Those addresses aren't the destination for any traffic, they are merely part of the transport to a destination, so there is no need for them to be in the DFZ. I've had to deal with exchanges like this in the past, and frankly they have always been a pain for the support organization. You see, customers use tools like mtr or Visual Traceroute that do a traceroute and then continuously ping each hop. Many of these customers don't have a default route, or default to their _other_ provider. These tools end up showing 100% loss at the exchange, as they get the traceroute response and then can't ping it. They then open a ticket, and your support organization has to explain to them how all of this works and why it isn't the real cause of their problem. My preference is that the exchange get an ASN, peer with everyone (e.g. from the route server) and announce the exchange prefix. That way it's consistently announced. For exchange that don't do this, I've always put the prefix into BGP in such a way that I will announce it but only to my customers to work around this problem. Please get your own ASN and announce the route, for the sake of all of your members. -- Leo Bicknell - bickn...@ufp.org - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/ pgpS29tga2NQ5.pgp Description: PGP signature
Re: Internet Exchange Point(IXP) questions
On the Seattle Internet Exchange (SIX) we have ARIN-assigned addresses that we use on the Layer 2 fabric (your type 2 above). Hopefully the addresses aren't being announced at all, although we sometimes have to chase down people that announce it. I've had to deal with exchanges like this in the past, and frankly they have always been a pain for the support organization. You see, customers use tools like mtr or Visual Traceroute that do a traceroute and then continuously ping each hop. Many of these customers don't have a default route, or default to their _other_ provider. These tools end up showing 100% loss at the exchange, as they get the traceroute response and then can't ping it. They then open a ticket, and your support organization has to explain to them how all of this works and why it isn't the real cause of their problem. aol My preference is that the exchange get an ASN, peer with everyone (e.g. from the route server) and announce the exchange prefix. i do not like route servers or peering with strange things. treat the exchange as an internal route and announce it within your net and to your customer cone. randy
Re: ipv6 transit over tunneled connection
We pick up v6 from HE currently (like the rest of the world). L3 offered us dual stack also, but they wanted money to set it up plus MRC. None of our Bits That Matter (tm) go over v6 anyhow. (I guess the right phrase would be revenue producing bits). -Jack Carrozzo On Mon, May 17, 2010 at 9:51 AM, Eric Van Tol e...@atlantech.net wrote: -Original Message- From: Jared Mauch [mailto:ja...@puck.nether.net] Sent: Friday, May 14, 2010 2:49 PM To: Jack Carrozzo Cc: nanog@nanog.org Subject: Re: ipv6 transit over tunneled connection I'm curious what providers have not gotten their IPv6 plans/networks/customer ports enabled. I know that Comcast is doing their trials now (Thanks John!) and will be presenting at the upcoming NANOG about their experiences. What parts of the big I Internet are not enabled or ready? We don't see Savvis, Level3, or AboveNet with IPv6 capabilities in our region (DC). Two years ago, neither Verizon or ATT had IPv6, either. Not sure about them now, as we no longer use them for transit. One would think everyone would have v6 capabilities in the heart of government territory, but okay. For whatever reason, Verio actually charges (or used to) for their IPv6 separately from IPv4 and to top it all off, it wasn't significantly discounted. -evt
Re: Internet Exchange Point(IXP) questions
On Thu, Feb 17, 2011 at 8:17 PM, Michael K. Smith - Adhost mksm...@adhost.com wrote: -Original Message- From: Yaoqing(Joey) Liu [mailto:joey.li...@gmail.com] Sent: Thursday, February 17, 2011 6:03 PM To: nanog@nanog.org Subject: Internet Exchange Point(IXP) questions I'm doing some research on multiple origin AS problems of IXPs. As I know, generally there are two types of IXPs type 1: use exchange routers, which works in layer 3 type 2: use switches and Ethernet topology, which works in layer 2. So I have a couple of qustions: 1. For type 1, the exchange routers may use several IP prefixes for routing, how often does the IP prefixes have their own AS? 2. For type 2, all peers connected to the IXP must work in the same subnet required by Ethernet rules. Is possible that the subnet IP prefixes belong to some private IP address space, such as 192.168.x.x? How often does this happen? If the subnet only contains public IP addresses, how are the addresses announced? Thanks, Yaoqing Hello: On the Seattle Internet Exchange (SIX) we have ARIN-assigned addresses that we use on the Layer 2 fabric (your type 2 above). Hopefully the addresses aren't being announced at all, although we sometimes have to chase down people that announce it. Those addresses aren't the destination for any traffic, they are merely part of the transport to a destination, so there is no need for them to be in the DFZ. But I just checked the IXP prefix list, and found SIX owns prefix 206.81.80.0/23. And it has been announced by three ASNs, AS11537(Internet 2), AS3130(RGnet, LLC) and AS25973(Mzima Networks, Inc). I'm not sure if my info is correct. Does SIX own its own ASN other than the three above? Yaoqing Regards, Mike -- Michael K. Smith - CISSP, GSEC, GISP Chief Technical Officer - Adhost Internet LLC mksm...@adhost.com w: +1 (206) 404-9500 f: +1 (206) 404-9050 PGP: B49A DDF5 8611 27F3 08B9 84BB E61E 38C0 (Key ID: 0x9A96777D)
RE: SFP vs. SFP+
Are there are any optics that plug into 10G ports but have a copper or optical 1G interface? There's some equipment that I'm specing where it is $10K for a multi-port 1G card, even while I really may only *occasionally* need a single 1G port and there's a free 10G port for me to use. Frank -Original Message- From: Richard A Steenbergen [mailto:r...@e-gerbil.net] Sent: Thursday, February 17, 2011 7:00 PM To: Jason Lixfeld Cc: nanog@nanog.org Subject: Re: SFP vs. SFP+ On Thu, Feb 17, 2011 at 03:41:28PM -0800, Sam Chesluk wrote: Depends on the switch. Some, like the 2960S and 4948E, have 1G/10G ports. They will, however, not operate at 4Gbps (that particular speed was chosen to allow the core components to work for gigabit Ethernet, OC48, 2G FC, and 4G FC). 4G SFPs are relatively rare, and only for fibre channel. Multi-rate SFPs that do up to 2.5G (for OC48) are a lot more common, but they cost more than just a simple 1GE SFP. Since all you can do with Ethernet is 1G or 10G anyways, most SFPs you'll encounter in the field will be the cheaper non-multirate kind. For more information about SFP+, as well as some comparisons between different 10G optic types, take a look at: http://www.nanog.org/meetings/nanog42/presentations/pluggables.pdf As an update (since this presentation is from Feb 2008), SFP+ is just now finally starting to get into 40km/ER reach territory. Supplies are limited, as they just very recently started shipping, but they do exist. Of course since they moved the electronic dispersion compensation (EDC) off the optic and onto the host board, the exact distances you'll be able to achieve are still based on the quality of the device you're plugging them into. SFP+ is still mostly an enterprise box or high density / short reach offering, and XFP is still required for full functionality. -- Richard A Steenbergen r...@e-gerbil.net http://www.e-gerbil.net/ras GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
RE: ipv6 transit over tunneled connection
ATT has told us that they will have IPv6 on their MIS circuits Q2 2011. Deltacom has told us the same. We will be testing native IPv6 with both these carriers on GE Internet circuits sometime around Q3. -Hammer- I was a normal American nerd. -Jack Herer -Original Message- From: Jack Carrozzo [mailto:j...@crepinc.com] Sent: Thursday, February 17, 2011 9:01 PM To: Eric Van Tol Cc: nanog@nanog.org Subject: Re: ipv6 transit over tunneled connection We pick up v6 from HE currently (like the rest of the world). L3 offered us dual stack also, but they wanted money to set it up plus MRC. None of our Bits That Matter (tm) go over v6 anyhow. (I guess the right phrase would be revenue producing bits). -Jack Carrozzo On Mon, May 17, 2010 at 9:51 AM, Eric Van Tol e...@atlantech.net wrote: -Original Message- From: Jared Mauch [mailto:ja...@puck.nether.net] Sent: Friday, May 14, 2010 2:49 PM To: Jack Carrozzo Cc: nanog@nanog.org Subject: Re: ipv6 transit over tunneled connection I'm curious what providers have not gotten their IPv6 plans/networks/customer ports enabled. I know that Comcast is doing their trials now (Thanks John!) and will be presenting at the upcoming NANOG about their experiences. What parts of the big I Internet are not enabled or ready? We don't see Savvis, Level3, or AboveNet with IPv6 capabilities in our region (DC). Two years ago, neither Verizon or ATT had IPv6, either. Not sure about them now, as we no longer use them for transit. One would think everyone would have v6 capabilities in the heart of government territory, but okay. For whatever reason, Verio actually charges (or used to) for their IPv6 separately from IPv4 and to top it all off, it wasn't significantly discounted. -evt
RE: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
You're invited to work my helpdesk for a week. I'd even pay you. It's not just flashing, it's reconfiguring every wireless device in the home (printer, Wii, Kindle, laptop (that's not home right, will be when Sally visits for the weekend), etc). If you can come up with an online tool that downloads the correct firmware image, backs up the settings, upgrades the firmware, and restores the configuration, with 99% success, I'd consider buying it to the tune $10/upgraded device. Frank -Original Message- From: Mark Andrews [mailto:ma...@isc.org] Sent: Thursday, February 17, 2011 7:56 PM To: Owen DeLong Cc: NANOG list; John Curran Subject: Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer... snip I think grandma is quite capable of doing it. She just needs to be informed that it needs to be done. Most people that are scared of doing it themselves have someone that they can call on to do it for them. It also doesn't have to be 100%. snip Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
Re: Internet Exchange Point(IXP) questions
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Feb 17, 2011, at 6:03 PM, Yaoqing(Joey) Liu wrote: As I know, generally there are two types of IXPs This is incorrect. type 1: use exchange routers, which works in layer 3 This is not an IXP. This is a router. That router would be owned by someone, who would have some sort of policy in the router, which would make it an Internet service provider, not an Internet exchange point. type 2: use switches and Ethernet topology, which works in layer 2. This is an IXP. Routers belonging to Internet service providers, communicating with each other across a switch fabric, which is an Internet exchange point. 1. For type 1, the exchange routers may use several IP prefixes for routing, how often does the IP prefixes have their own AS? Since this is not an IXP, I think the question is irrelevant to your research. If an ISP wants to participate in BGP routing, and originate an IP prefix, that ISP must have an AS. 2. For type 2, all peers connected to the IXP must work in the same subnet required by Ethernet rules. Generally, yes, though some IXPs are not that prescriptive, and would allow a subset of the ISPs to peer on a different subnet if they wished. Is possible that the subnet IP prefixes belong to some private IP address space, such as 192.168.x.x? It is possible, but it does not follow best-practices, because it breaks traceroute and other diagnostic tools. How often does this happen? Very very rarely. Only two IXPs out of more than three hundred are using FRC1918 space at this point: Maputo and Santiago de Compostela. This used to be a more common mistake, but as communications with the operators of new IXPs has improved over time, it's become very rare. If the subnet only contains public IP addresses, how are the addresses announced? They are generally not announced. Occasionally they're announced by one or more participating ISPs at the IXP. Sometimes that's purposeful, other times it's accidental. Some IXPs have rules prohibiting the announcement of the exchange subnet, others actively seek out sources of transit for the exchange subnet. -Bill Woodcock Research Director Packet Clearing House -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (Darwin) iEYEARECAAYFAk1d5I8ACgkQGvQy4xTRsBFXOwCfbsutsSyYHHwQu5W06BgasXQm QNgAoMScxNcjOLQNdJC5mz4enD1/839f =6iFI -END PGP SIGNATURE-
Re: SFP vs. SFP+
On Thu, Feb 17, 2011 at 09:04:29PM -0600, Frank Bulk wrote: Are there are any optics that plug into 10G ports but have a copper or optical 1G interface? There's some equipment that I'm specing where it is $10K for a multi-port 1G card, even while I really may only *occasionally* need a single 1G port and there's a free 10G port for me to use. It doesn't work that way. The closest you can get is that the device can support either 1G or 10G in the same port (since SFP and SFP+ are physically and electrically the same), but it requires support from the device (since both PHYs have to be implemented). -- Richard A Steenbergen r...@e-gerbil.net http://www.e-gerbil.net/ras GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
Re: Internet Exchange Point(IXP) questions
type 1: use exchange routers, which works in layer 3 This is not an IXP. This is a router. That router would be owned by someone, who would have some sort of policy in the router, which would make it an Internet service provider, not an Internet exchange point. this from the guy who pushed layer three exchange points for years? rofl!
Re: IPv6 mistakes, was: Re: Looking for an IPv6 naysayer...
In message 00bc01cbcf19$8b3f13d0$a1bd3b70$@iname.com, Frank Bulk writes: You're invited to work my helpdesk for a week. I'd even pay you. It's not just flashing, it's reconfiguring every wireless device in the home (printer, Wii, Kindle, laptop (that's not home right, will be when Sally visits for the weekend), etc). Every device doesn't need to know the address. The CPE device still uses RFC 1918 internally. This is for the external address. If you can come up with an online tool that downloads the correct firmware image, backs up the settings, upgrades the firmware, and restores the configuration, with 99% success, I'd consider buying it to the tune $10/upgraded device. Frank -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
history repeats
i am getting nanog list mail repeats from last may randy
Re: history repeats
On Fri, 18 Feb 2011, Randy Bush wrote: i am getting nanog list mail repeats from last may I'm down with Shirley Bassey http://www.youtube.com/watch?v=bE_1tCasi_Q randy
Re: history repeats
On Thu, Feb 17, 2011 at 9:25 PM, Randy Bush ra...@psg.com wrote: i am getting nanog list mail repeats from last may ME2 -J
Re: ISDN BRI
Yes that is my goal. I guess I will be dealing with Verizon and ATT mostly as the LEC On Thu, Feb 17, 2011 at 4:20 PM, Lamar Owen lo...@pari.edu wrote: On Thursday, February 17, 2011 10:21:18 am Santino Codispoti wrote: Is it possible to order a ISDN BRI line from the LEC and have them look at the design of a DS1 and have them if possible design the ISDN BRI lineon a devurse path or at lest different equipment within the CO? As I understand the question, you want the BRI to be path diverse to the DS1's path, correct? It would depend upon how well you know the tech folk at the telco, and whether there is existing or planned transport in multiple directions from your site. Even if you order bona fide protected circuits, you're not likely to be guaranteed physical path diversity. Having said that, lots of telcos will work with you if you know the people to work with, and some will quote you a term agreement for the physical plant provisioning as an additional cost, and probably for three to five years terms.
Re: Internet Exchange Point(IXP) questions
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Feb 17, 2011, at 7:24 PM, Randy Bush wrote: this from the guy who pushed layer three exchange points for years? rofl! I was one of the people who built one in 1994, and used it quite happily for a few years, until it had outlasted its need. Do you have something else in mind? Or are you just trying to keep your blood pressure up? -Bill -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (Darwin) iEYEARECAAYFAk1eAPEACgkQGvQy4xTRsBFWSwCfcmER1ApNJDCYxUh34tTTBd/e e8sAoLxQ4Q3U1//nOuBF6KLSsQS2K0MD =Rgi7 -END PGP SIGNATURE-
Re: Information about upcoming transition of mailing list ownership
Most sincere thanks to Merit for their long time support to the network community, Cheers Jorge
RE: SFP vs. SFP+
You can plug SFP module (copper or fiber) into any SFP+ port. So, on 10G port you can run either 1GE or 10GE. Peter Nowak _ From: Frank Bulk [mailto:frnk...@iname.com] To: 'Richard A Steenbergen' [mailto:r...@e-gerbil.net] Cc: nanog@nanog.org Sent: Thu, 17 Feb 2011 22:04:29 -0500 Subject: RE: SFP vs. SFP+ Are there are any optics that plug into 10G ports but have a copper or optical 1G interface? There's some equipment that I'm specing where it is $10K for a multi-port 1G card, even while I really may only *occasionally* need a single 1G port and there's a free 10G port for me to use. Frank -Original Message- From: Richard A Steenbergen [mailto:r...@e-gerbil.net] Sent: Thursday, February 17, 2011 7:00 PM To: Jason Lixfeld Cc: nanog@nanog.org Subject: Re: SFP vs. SFP+ On Thu, Feb 17, 2011 at 03:41:28PM -0800, Sam Chesluk wrote: Depends on the switch. Some, like the 2960S and 4948E, have 1G/10G ports. They will, however, not operate at 4Gbps (that particular speed was chosen to allow the core components to work for gigabit Ethernet, OC48, 2G FC, and 4G FC). 4G SFPs are relatively rare, and only for fibre channel. Multi-rate SFPs that do up to 2.5G (for OC48) are a lot more common, but they cost more than just a simple 1GE SFP. Since all you can do with Ethernet is 1G or 10G anyways, most SFPs you'll encounter in the field will be the cheaper non-multirate kind. For more information about SFP+, as well as some comparisons between different 10G optic types, take a look at: http://www.nanog.org/meetings/nanog42/presentations/pluggables.pdf As an update (since this presentation is from Feb 2008), SFP+ is just now finally starting to get into 40km/ER reach territory. Supplies are limited, as they just very recently started shipping, but they do exist. Of course since they moved the electronic dispersion compensation (EDC) off the optic and onto the host board, the exact distances you'll be able to achieve are still based on the quality of the device you're plugging them into. SFP+ is still mostly an enterprise box or high density / short reach offering, and XFP is still required for full functionality. -- Richard A Steenbergen r...@e-gerbil.net http://www.e-gerbil.net/ras GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
Re: SFP vs. SFP+
On Fri, Feb 18, 2011 at 12:55:45AM -0500, Peter Nowak wrote: You can plug SFP module (copper or fiber) into any SFP+ port. So, on 10G port you can run either 1GE or 10GE. Not true. Some devices support this, since SFP and SFP+ are physically and electrically compatible, but not all. The device must be specifically designed to support both PHYs, which is NOT a given. -- Richard A Steenbergen r...@e-gerbil.net http://www.e-gerbil.net/ras GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)