Re: Google DNS just disappeared
It appeared to be very brief, I just happened to be in a Google Plus Hangout when the chat died then my Gtalk died followed by my Google homepage. By the time I got done checking DNS and was getting on a trace-route server my chat reconnected and service was back to normal. Just thought it was unusual to see all my Google services go offline at the same time. Regards, Cody Rose NOC Sys Admin Website: www.killsudo.info email: c...@killsudo.info signature.asc Description: This is a digitally signed message part.
Re: NDP DoS attack (was Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?))
On Jul 14, 2011, at 8:24 PM, Jimmy Hess wrote: On Thu, Jul 14, 2011 at 9:35 PM, Jared Mauch ja...@puck.nether.net wrote: On Jul 14, 2011, at 10:06 PM, Fernando Gont ferna...@gont.com.ar wrote: Anyone on a layer-2 network can do something interesting like flood all f's and kill the lan. Trying to keep the majority of thoughts here for layer-3 originated attacks, even if the target is a layer2 item. - Jared In most cases if you have a DoS attack coming from the same Layer-2 network that a router is attached to, it would mean there was already a serious security incident that occured to give the attacker that special point to attack from. That's one possibility. The other likely possibility is that you are a University. Owen
RE: Enterprise Internet - Question
Thanks for the comments everyone. They are much appreciated. In regards to changing the address of our ARIN block to a US office addressare their any trades-offs in doing that? Just curious. -Original Message- From: Owen DeLong [mailto:o...@delong.com] Sent: Thursday, July 14, 2011 5:02 PM To: Jeff Cartier Cc: nanog@nanog.org Subject: Re: Enterprise Internet - Question On Jul 14, 2011, at 12:34 PM, Jeff Cartier wrote: Hi All, I just wanted to throw a question out to the list... In our data center we feed Internet to some of our US based offices and every now and again we receive complaints that they can't access some US based Internet content because they are coming from a Canadian based IP. This has sparked an interesting discussion around a few questionsof which I'd like to hear the lists opinions on. - How should/can an enterprise deal with accessibility to internet content issues? (ie. that whole coming from a Canadian IP accessing US content) This is an example of why content restriction based on IP address geolocation is such a bad idea in general. Frankly, the easiest thing to do (since most Canadian companies aren't as brain-dead) is to update your whois records with the address of the block allocated to your datacenter so that it looks like it's in one of your US offices. I realize this sounds silly for a variety of reasons, but, it solves the problem without expensive or configuration-intensive workarounds such as selective NAT, etc. o Side question on that - Could we simply obtain a US based IP address and selectively NAT? You can, but, you can also hit yourself over the head repeatedly with a hammer. Selective NAT will yield more content, but, the pain levels will probably be similar. - Does the idea of regional Internet locations make sense? If so, when do they make sense? For instance, having a hub site in South America (ie. Brazil) and having all offices in Venezuela, Peru and Argentina route through a local Internet feed in Brazil. Not really. The whole content-restriction by IP geolocation thing also doesn't make sense. Unfortunately, the fact that something is nonsensical does not prevent someone from doing it or worse, selling it. You should do what makes sense for the economics of the topology you need. The address geolocation issues can usually be best addressed by manipulating whois. If your address block from ARIN is an allocation, you can manipulate sub-block address registration issues through the use of SWIP, for example. - Does the idea of having local Internet at each site make more sense? If so why? That's really more of an economic and policy question within your organization than a technical one. Owen __ DISCLAIMER: This e-mail contains proprietary information some or all of which may be legally privileged. It is for the intended recipient only. If an addressing or transmission error has misdirected this e-mail, please notify the author by replying to this e-mail. If you are not the intended recipient you must not use, disclose, distribute, copy, print, or rely on this e-mail. This message has been scanned for the presence of computer viruses, Spam, and Explicit Content.
Re: Enterprise Internet - Question
Perhaps you have Canadian branches feeding off the same connection and they will have the reverse problem with geo-location? On Fri, Jul 15, 2011 at 6:29 AM, Jeff Cartier jeff.cart...@pernod-ricard.com wrote: Thanks for the comments everyone. They are much appreciated. In regards to changing the address of our ARIN block to a US office addressare their any trades-offs in doing that? Just curious. -Original Message- From: Owen DeLong [mailto:o...@delong.com] Sent: Thursday, July 14, 2011 5:02 PM To: Jeff Cartier Cc: nanog@nanog.org Subject: Re: Enterprise Internet - Question On Jul 14, 2011, at 12:34 PM, Jeff Cartier wrote: Hi All, I just wanted to throw a question out to the list... In our data center we feed Internet to some of our US based offices and every now and again we receive complaints that they can't access some US based Internet content because they are coming from a Canadian based IP. This has sparked an interesting discussion around a few questionsof which I'd like to hear the lists opinions on. - How should/can an enterprise deal with accessibility to internet content issues? (ie. that whole coming from a Canadian IP accessing US content) This is an example of why content restriction based on IP address geolocation is such a bad idea in general. Frankly, the easiest thing to do (since most Canadian companies aren't as brain-dead) is to update your whois records with the address of the block allocated to your datacenter so that it looks like it's in one of your US offices. I realize this sounds silly for a variety of reasons, but, it solves the problem without expensive or configuration-intensive workarounds such as selective NAT, etc. o Side question on that - Could we simply obtain a US based IP address and selectively NAT? You can, but, you can also hit yourself over the head repeatedly with a hammer. Selective NAT will yield more content, but, the pain levels will probably be similar. - Does the idea of regional Internet locations make sense? If so, when do they make sense? For instance, having a hub site in South America (ie. Brazil) and having all offices in Venezuela, Peru and Argentina route through a local Internet feed in Brazil. Not really. The whole content-restriction by IP geolocation thing also doesn't make sense. Unfortunately, the fact that something is nonsensical does not prevent someone from doing it or worse, selling it. You should do what makes sense for the economics of the topology you need. The address geolocation issues can usually be best addressed by manipulating whois. If your address block from ARIN is an allocation, you can manipulate sub-block address registration issues through the use of SWIP, for example. - Does the idea of having local Internet at each site make more sense? If so why? That's really more of an economic and policy question within your organization than a technical one. Owen __ DISCLAIMER: This e-mail contains proprietary information some or all of which may be legally privileged. It is for the intended recipient only. If an addressing or transmission error has misdirected this e-mail, please notify the author by replying to this e-mail. If you are not the intended recipient you must not use, disclose, distribute, copy, print, or rely on this e-mail. This message has been scanned for the presence of computer viruses, Spam, and Explicit Content.
London UK smart hands recommendations?
i have a bunch of fully-loaded network gear (nexus 7k's, asr 9k's, etc) that needs to be pulled out of racks, moved across a data centre floor, and re-racked. looking for success stories and recommendations for licensed, bonded, insured companies in London that can do it quickly and cost-effectively. so far i've come across technimove. thanks. .ryanL
Re: London UK smart hands recommendations?
On 15 Jul 2011, at 16:24, ryanL wrote: i have a bunch of fully-loaded network gear (nexus 7k's, asr 9k's, etc) that needs to be pulled out of racks, moved across a data centre floor, and re-racked. looking for success stories and recommendations for licensed, bonded, insured companies in London that can do it quickly and cost-effectively. In the unlikely event no one else suggests them, I'll point you at NetSumo, http://www.netsumo.com/ - Mark smime.p7s Description: S/MIME cryptographic signature
Re: London UK smart hands recommendations?
On Fri, 2011-07-15 at 16:30 +0100, Mark Blackman wrote: In the unlikely event no one else suggests them, I'll point you at NetSumo, http://www.netsumo.com/ +1, lots of clue available at Netsumo.
Re: NDP DoS attack (was Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?))
On Thu, 14 Jul 2011 23:13:03 PDT, Owen DeLong said: On Jul 14, 2011, at 8:24 PM, Jimmy Hess wrote: In most cases if you have a DoS attack coming from the same Layer-2 network that a router is attached to, it would mean there was already a serious security incident that occured to give the attacker that special point to attack from. That's one possibility. The other likely possibility is that you are a University. Nope. Unless you want to add or you are a cable provider, or you are a DSL provider, or you are a to that. (Hint - what percent of students launch DoS attacks that cut themselves off from the net? Compare to what percent of non-student machines out on cable and DSL are botted or pwned) Even if you're a university with resident students, if said students are on the same Layer-2 as anything you actually care about, you have a serious security incident. Student manages to DoS the router out of the dorm and strands 3 floors of dorm without internet is just as interesting as Joe Sixpack manages to DoS the router at the cable head end and strands 3 blocks of Comcast customers without internet, for the *exact same reasons*. If the student is able to play more level-2 games than Joe Sixpack can, you misdesigned your network. pgpiIx2FrZzn7.pgp Description: PGP signature
Re: London UK smart hands recommendations?
On Fri, 2011-07-15 at 16:30 +0100, Mark Blackman wrote: In the unlikely event no one else suggests them, I'll point you at NetSumo, http://www.netsumo.com/ +1, lots of clue available at Netsumo. +2 for Netsumo Wayne
Re: NDP DoS attack (was Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?))
On Thu, Jul 14, 2011 at 9:47 PM, Owen DeLong o...@delong.com wrote: Very true. This is where Mr. Wheeler's arguments depart from reality. He's right in that the problem can't be truly fixed without some very complicated code added to lots of devices, but, it can be mitigated relatively easily and mitigation really is good enough for most real world purposes. ok,I'll bite, what's the solution?
Weekly Routing Table Report
This is an automated weekly mailing describing the state of the Internet Routing Table as seen from APNIC's router in Japan. The posting is sent to APOPS, NANOG, AfNOG, AusNOG, SANOG, PacNOG, LacNOG, CaribNOG and the RIPE Routing Working Group. Daily listings are sent to bgp-st...@lists.apnic.net For historical data, please see http://thyme.rand.apnic.net. If you have any comments please contact Philip Smith pfsi...@gmail.com. Routing Table Report 04:00 +10GMT Sat 16 Jul, 2011 Report Website: http://thyme.rand.apnic.net Detailed Analysis: http://thyme.rand.apnic.net/current/ Analysis Summary BGP routing table entries examined: 363652 Prefixes after maximum aggregation: 165367 Deaggregation factor: 2.20 Unique aggregates announced to Internet: 180640 Total ASes present in the Internet Routing Table: 38198 Prefixes per ASN: 9.52 Origin-only ASes present in the Internet Routing Table: 31741 Origin ASes announcing only one prefix: 15260 Transit ASes present in the Internet Routing Table:5195 Transit-only ASes present in the Internet Routing Table:132 Average AS path length visible in the Internet Routing Table: 4.3 Max AS path length visible: 33 Max AS path prepend of ASN (22394) 27 Prefixes from unregistered ASNs in the Routing Table: 917 Unregistered ASNs in the Routing Table: 532 Number of 32-bit ASNs allocated by the RIRs: 1559 Number of 32-bit ASNs visible in the Routing Table:1262 Prefixes from 32-bit ASNs in the Routing Table:2910 Special use prefixes present in the Routing Table:0 Prefixes being announced from unallocated address space:122 Number of addresses announced to Internet: 2477764128 Equivalent to 147 /8s, 175 /16s and 174 /24s Percentage of available address space announced: 66.8 Percentage of allocated address space announced: 66.9 Percentage of available address space allocated: 100.0 Percentage of address space in use by end-sites: 91.1 Total number of prefixes smaller than registry allocations: 151592 APNIC Region Analysis Summary - Prefixes being announced by APNIC Region ASes:90715 Total APNIC prefixes after maximum aggregation: 30300 APNIC Deaggregation factor:2.99 Prefixes being announced from the APNIC address blocks: 87321 Unique aggregates announced from the APNIC address blocks:37425 APNIC Region origin ASes present in the Internet Routing Table:4519 APNIC Prefixes per ASN: 19.32 APNIC Region origin ASes announcing only one prefix: 1253 APNIC Region transit ASes present in the Internet Routing Table:716 Average APNIC Region AS path length visible:4.5 Max APNIC Region AS path length visible: 18 Number of APNIC region 32-bit ASNs visible in the Routing Table: 61 Number of APNIC addresses announced to Internet: 622188352 Equivalent to 37 /8s, 21 /16s and 215 /24s Percentage of available APNIC address space announced: 78.9 APNIC AS Blocks4608-4864, 7467-7722, 9216-10239, 17408-18431 (pre-ERX allocations) 23552-24575, 37888-38911, 45056-46079 55296-56319, 131072-132095 APNIC Address Blocks 1/8, 14/8, 27/8, 36/8, 39/8, 42/8, 43/8, 49/8, 58/8, 59/8, 60/8, 61/8, 101/8, 103/8, 106/8, 110/8, 111/8, 112/8, 113/8, 114/8, 115/8, 116/8, 117/8, 118/8, 119/8, 120/8, 121/8, 122/8, 123/8, 124/8, 125/8, 126/8, 133/8, 175/8, 180/8, 182/8, 183/8, 202/8, 203/8, 210/8, 211/8, 218/8, 219/8, 220/8, 221/8, 222/8, 223/8, ARIN Region Analysis Summary Prefixes being announced by ARIN Region ASes:141554 Total ARIN prefixes after maximum aggregation:73093 ARIN Deaggregation factor: 1.94 Prefixes being announced from the ARIN address blocks: 113475 Unique aggregates announced from the ARIN address blocks: 46690 ARIN Region origin ASes present in the Internet Routing Table:14485 ARIN Prefixes per ASN: 7.83 ARIN Region origin ASes announcing only one prefix:5538 ARIN Region transit
Re: Enterprise Internet - Question
There are fewer companies in Canada that have brain-dead attitudes about US customers than there are US companies with brain-dead attitudes towards Canadian customers. Probably not so much of an issue. Owen On Jul 15, 2011, at 6:51 AM, PC wrote: Perhaps you have Canadian branches feeding off the same connection and they will have the reverse problem with geo-location? On Fri, Jul 15, 2011 at 6:29 AM, Jeff Cartier jeff.cart...@pernod-ricard.com wrote: Thanks for the comments everyone. They are much appreciated. In regards to changing the address of our ARIN block to a US office addressare their any trades-offs in doing that? Just curious. -Original Message- From: Owen DeLong [mailto:o...@delong.com] Sent: Thursday, July 14, 2011 5:02 PM To: Jeff Cartier Cc: nanog@nanog.org Subject: Re: Enterprise Internet - Question On Jul 14, 2011, at 12:34 PM, Jeff Cartier wrote: Hi All, I just wanted to throw a question out to the list... In our data center we feed Internet to some of our US based offices and every now and again we receive complaints that they can't access some US based Internet content because they are coming from a Canadian based IP. This has sparked an interesting discussion around a few questionsof which I'd like to hear the lists opinions on. - How should/can an enterprise deal with accessibility to internet content issues? (ie. that whole coming from a Canadian IP accessing US content) This is an example of why content restriction based on IP address geolocation is such a bad idea in general. Frankly, the easiest thing to do (since most Canadian companies aren't as brain-dead) is to update your whois records with the address of the block allocated to your datacenter so that it looks like it's in one of your US offices. I realize this sounds silly for a variety of reasons, but, it solves the problem without expensive or configuration-intensive workarounds such as selective NAT, etc. o Side question on that - Could we simply obtain a US based IP address and selectively NAT? You can, but, you can also hit yourself over the head repeatedly with a hammer. Selective NAT will yield more content, but, the pain levels will probably be similar. - Does the idea of regional Internet locations make sense? If so, when do they make sense? For instance, having a hub site in South America (ie. Brazil) and having all offices in Venezuela, Peru and Argentina route through a local Internet feed in Brazil. Not really. The whole content-restriction by IP geolocation thing also doesn't make sense. Unfortunately, the fact that something is nonsensical does not prevent someone from doing it or worse, selling it. You should do what makes sense for the economics of the topology you need. The address geolocation issues can usually be best addressed by manipulating whois. If your address block from ARIN is an allocation, you can manipulate sub-block address registration issues through the use of SWIP, for example. - Does the idea of having local Internet at each site make more sense? If so why? That's really more of an economic and policy question within your organization than a technical one. Owen __ DISCLAIMER: This e-mail contains proprietary information some or all of which may be legally privileged. It is for the intended recipient only. If an addressing or transmission error has misdirected this e-mail, please notify the author by replying to this e-mail. If you are not the intended recipient you must not use, disclose, distribute, copy, print, or rely on this e-mail. This message has been scanned for the presence of computer viruses, Spam, and Explicit Content. _ NANOG mailing list NANOG@nanog.org https://mailman.nanog.org/mailman/listinfo/nanog
Call for ARIN XXVIII Meeting Fellowship Applicants
ARIN is pleased to offer a Meetings Fellowship Program to bring new voices and ideas to public policy discussions. This call is for Fellows to attend ARIN XXVIII in Philadelphia from 12-14 October 2011. If you have never attended an ARIN meeting and are interested in participating in the program, please submit your application by 26 August. The application link, submission instructions, and a detailed description of the program can be found at: https://www.arin.net/participate/meetings/fellowship.html Note that this ARIN meeting follows NANOG 53 to round out the week. Three Fellows within ARIN's service region will be selected. Fellows receive financial support to attend the Public Policy and Members Meetings, and ARIN Advisory Council representatives will serve as mentors to the Fellows to help maximize their meeting experience. Individuals selected for the fellowship receive: Free meeting registration Round-trip economy class airfare to the meeting, booked directly by ARIN Hotel accommodations at the venue hotel, booked directly by ARIN A stipend to cover meals and incidental travel expenses Please contact i...@arin.net if you have any questions concerning the program and the application process. Feel free to share this opportunity within others who may be interested. Regards, Susan Hamlin Director, Communications and Member Services American Registry for Internet Numbers (ARIN) Office – 1.703.227.9851 www.arin.net _ NANOG mailing list NANOG@nanog.org https://mailman.nanog.org/mailman/listinfo/nanog
BGP Update Report
BGP Update Report Interval: 07-Jul-11 -to- 14-Jul-11 (7 days) Observation Point: BGP Peering with AS131072 TOP 20 Unstable Origin AS Rank ASNUpds % Upds/PfxAS-Name 1 - AS982948539 3.8% 66.9 -- BSNL-NIB National Internet Backbone 2 - AS17974 29134 2.3% 21.1 -- TELKOMNET-AS2-AP PT Telekomunikasi Indonesia 3 - AS51460 24734 1.9%8244.7 -- SINA-AS Sina bank 4 - AS23966 24075 1.9% 72.5 -- LDN-AS-PK LINKdotNET Telecom Limited 5 - AS22646 17089 1.3% 136.7 -- HARCOM1 - Hargray Communications Group, Inc. 6 - AS631616896 1.3% 183.7 -- AS-PAETEC-NET - PaeTec Communications, Inc. 7 - AS32528 16423 1.3%3284.6 -- ABBOTT Abbot Labs 8 - AS949812779 1.0% 17.7 -- BBIL-AP BHARTI Airtel Ltd. 9 - AS27738 12365 1.0% 36.5 -- Ecuadortelecom S.A. 10 - AS45595 11772 0.9% 51.2 -- PKTELECOM-AS-PK Pakistan Telecom Company Limited 11 - AS625611720 0.9%5860.0 -- ALLTEL - ALLTEL Corporation 12 - AS815110635 0.8% 10.4 -- Uninet S.A. de C.V. 13 - AS245609363 0.7% 8.3 -- AIRTELBROADBAND-AS-AP Bharti Airtel Ltd., Telemedia Services 14 - AS446098163 0.6%2721.0 -- FNA Fars News Agency Cultural Arts Institute 15 - AS3454 7456 0.6%2485.3 -- Universidad Autonoma de Nuevo Leon 16 - AS144207073 0.6% 10.3 -- CORPORACION NACIONAL DE TELECOMUNICACIONES - CNT EP 17 - AS181016311 0.5% 6.7 -- RELIANCE-COMMUNICATIONS-IN Reliance Communications Ltd.DAKC MUMBAI 18 - AS5416 6104 0.5% 56.5 -- BATELCO-BH 19 - AS2697 6051 0.5% 30.1 -- ERX-ERNET-AS Education and Research Network 20 - AS4755 5681 0.4% 48.6 -- TATACOMM-AS TATA Communications formerly VSNL is Leading ISP TOP 20 Unstable Origin AS (Updates per announced prefix) Rank ASNUpds % Upds/PfxAS-Name 1 - AS51460 24734 1.9%8244.7 -- SINA-AS Sina bank 2 - AS625611720 0.9%5860.0 -- ALLTEL - ALLTEL Corporation 3 - AS32528 16423 1.3%3284.6 -- ABBOTT Abbot Labs 4 - AS446098163 0.6%2721.0 -- FNA Fars News Agency Cultural Arts Institute 5 - AS3454 7456 0.6%2485.3 -- Universidad Autonoma de Nuevo Leon 6 - AS467781367 0.1%1367.0 -- PHSI-1996 - Prevea Health Services Inc 7 - AS49600 957 0.1% 957.0 -- LASEDA La Seda de Barcelona, S.A 8 - AS3 889 0.1% 735.0 -- DCOMAS Didgicom LLC 9 - AS27322 793 0.1% 793.0 -- ISC-JNB1 Internet Systems Consortium, Inc. 10 - AS33314 710 0.1% 710.0 -- VCC - Vancouver Community College 11 - AS174083222 0.2% 537.0 -- ABOVE-AS-AP AboveNet Communications Taiwan 12 - AS48068 445 0.0% 445.0 -- VISONIC Visonic Ltd 13 - AS104452206 0.2% 441.2 -- HTG - Huntleigh Telcom 14 - AS3 762 0.1% 559.0 -- DCOMAS Didgicom LLC 15 - AS23364 328 0.0% 328.0 -- SECOTOOLS-US - Seco Tools Inc. 16 - AS260012586 0.2% 323.2 -- BLUIP - BLUIP INC 17 - AS22793 306 0.0% 306.0 -- CASSOCORP - CASSO Corporation 18 - AS49674 584 0.1% 292.0 -- DJEMBA-AS S.C. Djemba ITC S.R.L. 19 - AS25352 283 0.0% 283.0 -- GUARDIAN-NETWORKS Guardian Networks 20 - AS404621128 0.1% 282.0 -- DATAFRAMELO - Dataframe Logistics, Inc. TOP 20 Unstable Prefixes Rank Prefix Upds % Origin AS -- AS Name 1 - 91.217.64.0/2312241 0.9% AS51460 -- SINA-AS Sina bank 2 - 91.217.64.0/2412238 0.9% AS51460 -- SINA-AS Sina bank 3 - 202.92.235.0/24 10828 0.8% AS9498 -- BBIL-AP BHARTI Airtel Ltd. 4 - 130.36.35.0/24 8207 0.6% AS32528 -- ABBOTT Abbot Labs 5 - 130.36.34.0/24 8206 0.6% AS32528 -- ABBOTT Abbot Labs 6 - 178.22.72.0/21 8043 0.6% AS44609 -- FNA Fars News Agency Cultural Arts Institute 7 - 200.23.202.0/247430 0.5% AS3454 -- Universidad Autonoma de Nuevo Leon 8 - 198.133.100.0/24 5860 0.4% AS6256 -- ALLTEL - ALLTEL Corporation 9 - 198.133.99.0/245860 0.4% AS6256 -- ALLTEL - ALLTEL Corporation 10 - 66.248.120.0/215441 0.4% AS6316 -- AS-PAETEC-NET - PaeTec Communications, Inc. 11 - 202.54.86.0/24 4936 0.4% AS4755 -- TATACOMM-AS TATA Communications formerly VSNL is Leading ISP 12 - 66.248.104.0/214818 0.3% AS6316 -- AS-PAETEC-NET - PaeTec Communications, Inc. 13 - 66.248.96.0/21 4751 0.3% AS6316 -- AS-PAETEC-NET - PaeTec Communications, Inc. 14 - 202.153.174.0/24 3215 0.2% AS17408 -- ABOVE-AS-AP AboveNet Communications Taiwan 15 - 193.8.250.0/24 3168 0.2% AS35753 -- ITC ITC AS number AS41176 -- SAHARANET-AS Sahara Net Main NOC
The Cidr Report
This report has been generated at Fri Jul 15 21:12:24 2011 AEST. The report analyses the BGP Routing Table of AS2.0 router and generates a report on aggregation potential within the table. Check http://www.cidr-report.org for a current version of this report. Recent Table History Date PrefixesCIDR Agg 08-07-11366112 215481 09-07-11366207 215736 10-07-11366401 215635 11-07-11366352 215558 12-07-11366478 215748 13-07-11366636 215591 14-07-11366443 216081 15-07-11366674 216542 AS Summary 38311 Number of ASes in routing system 16161 Number of ASes announcing only one prefix 3598 Largest number of prefixes announced by an AS AS6389 : BELLSOUTH-NET-BLK - BellSouth.net Inc. 109933792 Largest address span announced by an AS (/32s) AS4134 : CHINANET-BACKBONE No.31,Jin-rong Street Aggregation Summary The algorithm used in this report proposes aggregation only when there is a precise match using the AS path, so as to preserve traffic transit policies. Aggregation is also proposed across non-advertised address space ('holes'). --- 15Jul11 --- ASnumNetsNow NetsAggr NetGain % Gain Description Table 367374 216493 15088141.1% All ASes AS6389 3598 245 335393.2% BELLSOUTH-NET-BLK - BellSouth.net Inc. AS4766 2470 956 151461.3% KIXS-AS-KR Korea Telecom AS18566 1913 497 141674.0% COVAD - Covad Communications Co. AS4755 1506 219 128785.5% TATACOMM-AS TATA Communications formerly VSNL is Leading ISP AS4323 1658 402 125675.8% TWTC - tw telecom holdings, inc. AS22773 1351 97 125492.8% ASN-CXA-ALL-CCI-22773-RDC - Cox Communications Inc. AS10620 1557 485 107268.9% Telmex Colombia S.A. AS1785 1809 764 104557.8% AS-PAETEC-NET - PaeTec Communications, Inc. AS19262 1427 406 102171.5% VZGNI-TRANSIT - Verizon Online LLC AS7552 1288 370 91871.3% VIETEL-AS-AP Vietel Corporation AS28573 1276 388 88869.6% NET Servicos de Comunicao S.A. AS7545 1554 712 84254.2% TPG-INTERNET-AP TPG Internet Pty Ltd AS18101 933 146 78784.4% RELIANCE-COMMUNICATIONS-IN Reliance Communications Ltd.DAKC MUMBAI AS24560 1155 383 77266.8% AIRTELBROADBAND-AS-AP Bharti Airtel Ltd., Telemedia Services AS8151 1447 691 75652.2% Uninet S.A. de C.V. AS4808 1050 335 71568.1% CHINA169-BJ CNCGROUP IP network China169 Beijing Province Network AS7303 1009 326 68367.7% Telecom Argentina S.A. AS3356 1118 459 65958.9% LEVEL3 Level 3 Communications AS17488 966 331 63565.7% HATHWAY-NET-AP Hathway IP Over Cable Internet AS14420 690 88 60287.2% CORPORACION NACIONAL DE TELECOMUNICACIONES - CNT EP AS20115 1633 1032 60136.8% CHARTER-NET-HKY-NC - Charter Communications AS22561 963 362 60162.4% DIGITAL-TELEPORT - Digital Teleport Inc. AS17676 670 71 59989.4% GIGAINFRA Softbank BB Corp. AS3549 991 425 56657.1% GBLX Global Crossing Ltd. AS22047 578 32 54694.5% VTR BANDA ANCHA S.A. AS7011 1158 623 53546.2% FRONTIER-AND-CITIZENS - Frontier Communications of America, Inc. AS4804 620 86 53486.1% MPX-AS Microplex PTY LTD AS4780 748 217 53171.0% SEEDNET Digital United Inc. AS17974 1544 1034 51033.0% TELKOMNET-AS2-AP PT Telekomunikasi Indonesia AS15475 5139 50498.2% NOL Total
Re: Enterprise Internet - Question
On 7/14/2011 7:37 PM, Owen DeLong wrote: To the best of my knowledge, while this person reset my account so that I could log in (from my house), I don't think Wells Fargo has any intention of rethinking their geo-IP based restrictions on logging in. So, if you travel, consider carefully whether to try and log into something directly vs. doing so over VNC. For precisely this reason I always ensure that my banking traffic goes via a VPN through a relatively consistent set of origin IPs to the wider Internet. Solves a lot of headaches, although PayPal were confused that I could be in California and have my traffic come from Chicago (which they thought was New Jersey...). _ NANOG mailing list NANOG@nanog.org https://mailman.nanog.org/mailman/listinfo/nanog