Re: anycast load balancing issue
On 6 Jan 2012, at 07:33, Måns Nilsson mansa...@besserwisser.org wrote: Thanks all who made me think a second round and solve this. Hence why people prefer to ask people and not GOOG et-al. -- Leigh Porter __ This email has been scanned by the Symantec Email Security.cloud service. For more information please visit http://www.symanteccloud.com __
Re: question regarding US requirements for journaling public email (possible legislation?)
On Jan 5, 2012, at 11:05 37PM, Suresh Ramasubramanian wrote: There's no shortage of stuff that reaches you 80..90 days after the fact The UK voluntary retention rules make a lot more sense, compared to a few days, which is entirely impractical On Fri, Jan 6, 2012 at 9:30 AM, valdis.kletni...@vt.edu wrote: You need to track down a miscreant user *right now*? You got the last 48 hours of logs right at hand. It's been a week? Meh, if somebody's been getting hit by a DDoS for a week and is just now calling you, the fact they have a DDoS is the least of their problems. Toss the logs. :) The answer from the EFF is the same: retain what *you* have an operational or administrative need for. This is very different from a legislative mandate for multiyear retention. --Steve Bellovin, https://www.cs.columbia.edu/~smb
SSL Certificates
Looking for a recommendation on who to buy affordable and reputable SSL certificates from? Symantec, Thawte, and Comodo are the names that come to mind, just wondering if there are others folks use. Thanks, -- Michael D. Carey KINBER Network Engineer mca...@kinber.org M: 814.777.5027 GV: (814) 205-6773 https://www.google.com/voice#phones Skype: KINBER.Mike.Carey KINBER - Keystone Initiative for Network Based Education and Research - www.kinber.org PennREN - Pennsylvania's Research and Education Network
Re: SSL Certificates
AlphaSSL is pretty solid, priced right too. -- Alexander McMillen Chief Executive Officer Sliqua Enterprise Hosting, Inc. - AS32740 Serving up scale and service since 2002. Is your mission critical?™ 1-877-4-SLIQUA - http://www.sliqua.com - http://www.isyourmissioncritical.com On Jan 6, 2012, at 9:15 AM, Michael Carey wrote: Looking for a recommendation on who to buy affordable and reputable SSL certificates from? Symantec, Thawte, and Comodo are the names that come to mind, just wondering if there are others folks use. Thanks, -- Michael D. Carey KINBER Network Engineer mca...@kinber.org M: 814.777.5027 GV: (814) 205-6773 https://www.google.com/voice#phones Skype: KINBER.Mike.Carey KINBER - Keystone Initiative for Network Based Education and Research - www.kinber.org PennREN - Pennsylvania's Research and Education Network
Re: SSL Certificates
We typically stick with Network Solutions, and DigiCert for SANcertificates. VeriSign's prices are just insane. On Fri, Jan 6, 2012 at 9:15 AM, Michael Carey mca...@kinber.org wrote: Looking for a recommendation on who to buy affordable and reputable SSL certificates from? Symantec, Thawte, and Comodo are the names that come to mind, just wondering if there are others folks use. Thanks, -- Michael D. Carey KINBER Network Engineer mca...@kinber.org M: 814.777.5027 GV: (814) 205-6773 https://www.google.com/voice#phones Skype: KINBER.Mike.Carey KINBER - Keystone Initiative for Network Based Education and Research - www.kinber.org PennREN - Pennsylvania's Research and Education Network
RE: SSL Certificates
I've had good experience with Entrust. One thing to be careful with is some mobile devices (especially older Android ones) have limited root certificates. Network Solutions and Entrust work, some others, not so much. From my experience Android 2.3+ has most of the common root certs, but previous versions don't. I wonder if someone has a list comparing root certificate support across platforms? Matthew Huff | 1 Manhattanville Rd Director of Operations | Purchase, NY 10577 OTA Management LLC | Phone: 914-460-4039 aim: matthewbhuff | Fax: 914-460-4139 -Original Message- From: Michael Carey [mailto:mca...@kinber.org] Sent: Friday, January 06, 2012 9:15 AM To: nanog@nanog.org Subject: SSL Certificates Looking for a recommendation on who to buy affordable and reputable SSL certificates from? Symantec, Thawte, and Comodo are the names that come to mind, just wondering if there are others folks use. Thanks, -- Michael D. Carey KINBER Network Engineer mca...@kinber.org M: 814.777.5027 GV: (814) 205-6773 https://www.google.com/voice#phones Skype: KINBER.Mike.Carey KINBER - Keystone Initiative for Network Based Education and Research - www.kinber.org PennREN - Pennsylvania's Research and Education Network
RE: SSL Certificates
We have been using GoDaddy for quite some time as they offer good deals if you call them in and buy in bulk. Mind you we manage certs for about 50-100 customers as well. Haven't had any issues with them not being trusted on mobile devices except for old windows mobile 5 and early 6 devices. -Original Message- From: Matthew Huff [mailto:mh...@ox.com] Sent: Friday, January 06, 2012 7:32 AM To: 'Michael Carey'; nanog@nanog.org Subject: RE: SSL Certificates I've had good experience with Entrust. One thing to be careful with is some mobile devices (especially older Android ones) have limited root certificates. Network Solutions and Entrust work, some others, not so much. From my experience Android 2.3+ has most of the common root certs, but previous versions don't. I wonder if someone has a list comparing root certificate support across platforms? Matthew Huff | 1 Manhattanville Rd Director of Operations | Purchase, NY 10577 OTA Management LLC | Phone: 914-460-4039 aim: matthewbhuff | Fax: 914-460-4139 -Original Message- From: Michael Carey [mailto:mca...@kinber.org] Sent: Friday, January 06, 2012 9:15 AM To: nanog@nanog.org Subject: SSL Certificates Looking for a recommendation on who to buy affordable and reputable SSL certificates from? Symantec, Thawte, and Comodo are the names that come to mind, just wondering if there are others folks use. Thanks, -- Michael D. Carey KINBER Network Engineer mca...@kinber.org M: 814.777.5027 GV: (814) 205-6773 https://www.google.com/voice#phones Skype: KINBER.Mike.Carey KINBER - Keystone Initiative for Network Based Education and Research - www.kinber.org PennREN - Pennsylvania's Research and Education Network
Re: SSL Certificates
We use rapidssl. Seems to be ok across the board. No reports otherwise. Sent from my HTC on the Now Network from Sprint! - Reply message - From: Michael Carey mca...@kinber.org Date: Fri, Jan 6, 2012 8:15 am Subject: SSL Certificates To: nanog@nanog.org Looking for a recommendation on who to buy affordable and reputable SSL certificates from? Symantec, Thawte, and Comodo are the names that come to mind, just wondering if there are others folks use. Thanks, -- Michael D. Carey KINBER Network Engineer mca...@kinber.org M: 814.777.5027 GV: (814) 205-6773 https://www.google.com/voice#phones Skype: KINBER.Mike.Carey KINBER - Keystone Initiative for Network Based Education and Research - www.kinber.org PennREN - Pennsylvania's Research and Education Network
Re: SSL Certificates
From: Michael Carey [mailto:mca...@kinber.org] Sent: Friday, January 06, 2012 9:15 AM To: nanog@nanog.org Subject: SSL Certificates Looking for a recommendation on who to buy affordable and reputable SSL certificates from? Symantec, Thawte, and Comodo are the names that come to mind, just wondering if there are others folks use. startssl.com - free certs that work in apple-mail, chrome, ff, ie, tbird, across mac/linux/windows... you can't beat free. (you do have to update yearly, but it's not painful, and is probably worth doing as practice anyway) -chris
looking for traffic sources aimed at 192.153.154.124
If anyone has some spare cycles and wants to help disrupt a DDoS, if you can look for traffic sourced within your network, destination 192.153.154.124 port 80, I'd appreciate it. I've been under attack for about the last 12 hours. Other pointers to resources to trace the miscreants responsible would also be appreciated. Thanks, AlanC -- a...@clegg.com | acl...@infoblox.com 1.919.355.8851 signature.asc Description: OpenPGP digital signature
Re: looking for traffic sources aimed at 192.153.154.124
On Fri, 06 Jan 2012 10:12:37 EST, Alan Clegg said: I've been under attack for about the last 12 hours. Other pointers to resources to trace the miscreants responsible would also be appreciated. To tie this in to another thread - Alan is somebody who understands you probably have operational logs going back 12 hours, but won't have them 90 days from now, so he's asking now. :) pgp6eXDXQ3gyX.pgp Description: PGP signature
Re: SSL Certificates
theSSLstore has good reseller pricing on a variety of certs. ~ $10 domain validated rapidssl certs in about 5 minutes. More expensive and time consuming certs are available, Verisign, Geotrust, Thawte, greenbars, wildcards, etc.. Ken On 1/6/2012 8:15 AM, Michael Carey wrote: Looking for a recommendation on who to buy affordable and reputable SSL certificates from? Symantec, Thawte, and Comodo are the names that come to mind, just wondering if there are others folks use. Thanks, -- Ken Anderson Pacific Internet - http://www.pacific.net
Re: Router Assessment Tool
I think it is actually Router Audit Tool rather than assessment no? I'm not sure that NMAP is an appropriate substitute for for a configuration audit tool, but it's not a bad idea to do some accounting of what ports are open for business on your devices. I have had some limited success with RAT at prior jobs, and in fact at UUNet/VzB, but IIRC it really was not a tool which could be readily used to build new audit rules. Although it is an okay starting point for some generic audits, you may be best served by rolling your own, which is what I did there. On Thu, Jan 5, 2012 at 4:09 PM, Christopher Morrow morrowc.li...@gmail.comwrote: On Thu, Jan 5, 2012 at 12:11 PM, Green, Timothy timothy.gr...@mantech.com wrote: Happy New Year All!!! I'm trying to perform STIG compliancy on various Cisco equipment. Has anybody used the Router Assessment Tool (RAT) for routers and switches? Any cheap (free) recommendations? As a last ditch effort I could use NMAP. uunet did for a time use a variant of RAT... you may get some mileage asking George Jones about it.
Re: incoming smtp from v6 addresses
Randy Bush ra...@psg.com wrote: for incoming mail that is *accepted*, i.e. not stuff like 2012-01-04 00:37:28 REJECT because 118.39.80.118 listed in rbl-plus.mail-abuse.org 2012-01-04 00:37:28 H=(nexo.es) [118.39.80.118] F=ped...@nexo.es rejected RCPT owner-radius...@ops.ietf.org: blocked because 118.39.80.118 is in blacklist at rbl-plus.mail-abuse.org: Mail from 118.39.80.118 blocked using Trend Micro Email Reputation database. Please see http://www.mail-abuse.com/cgi-bin/lookup?118.39.80.118 2012-01-04 00:37:28 no host name found for IP address 118.39.80.118 2012-01-04 00:37:29 REJECT 118.39.80.118 too many bad recip 2012-01-04 00:37:29 REJECT because 118.39.80.118 listed in rbl-plus.mail-abuse.org 7.8% is over ipv6 transport but only 2% of outgoing deliveries are over ipv6. what do other folk see? Main inbound MX for a large educational institution sees around 5% of mails coming in via IPv6. Might be a bit biased due to holiday season. Outbound is mostly running on legacy servers without IPv6, yet :-( Bernhard
Weekly Routing Table Report
This is an automated weekly mailing describing the state of the Internet Routing Table as seen from APNIC's router in Japan. The posting is sent to APOPS, NANOG, AfNOG, AusNOG, SANOG, PacNOG, LacNOG, TRNOG, CaribNOG and the RIPE Routing Working Group. Daily listings are sent to bgp-st...@lists.apnic.net For historical data, please see http://thyme.rand.apnic.net. If you have any comments please contact Philip Smith pfsi...@gmail.com. Routing Table Report 04:00 +10GMT Sat 07 Jan, 2012 Report Website: http://thyme.rand.apnic.net Detailed Analysis: http://thyme.rand.apnic.net/current/ Analysis Summary BGP routing table entries examined: 388994 Prefixes after maximum aggregation: 168547 Deaggregation factor: 2.31 Unique aggregates announced to Internet: 190697 Total ASes present in the Internet Routing Table: 39774 Prefixes per ASN: 9.78 Origin-only ASes present in the Internet Routing Table: 32587 Origin ASes announcing only one prefix: 15529 Transit ASes present in the Internet Routing Table:5365 Transit-only ASes present in the Internet Routing Table:140 Average AS path length visible in the Internet Routing Table: 4.3 Max AS path length visible: 33 Max AS path prepend of ASN (48687) 24 Prefixes from unregistered ASNs in the Routing Table: 2082 Unregistered ASNs in the Routing Table:1044 Number of 32-bit ASNs allocated by the RIRs: 2160 Number of 32-bit ASNs visible in the Routing Table:1822 Prefixes from 32-bit ASNs in the Routing Table:4340 Special use prefixes present in the Routing Table:2 Prefixes being announced from unallocated address space:120 Number of addresses announced to Internet: 2506673712 Equivalent to 149 /8s, 104 /16s and 206 /24s Percentage of available address space announced: 67.6 Percentage of allocated address space announced: 67.6 Percentage of available address space allocated: 100.0 Percentage of address space in use by end-sites: 91.9 Total number of prefixes smaller than registry allocations: 164906 APNIC Region Analysis Summary - Prefixes being announced by APNIC Region ASes:96263 Total APNIC prefixes after maximum aggregation: 31431 APNIC Deaggregation factor:3.06 Prefixes being announced from the APNIC address blocks: 92611 Unique aggregates announced from the APNIC address blocks:38795 APNIC Region origin ASes present in the Internet Routing Table:4630 APNIC Prefixes per ASN: 20.00 APNIC Region origin ASes announcing only one prefix: 1254 APNIC Region transit ASes present in the Internet Routing Table:730 Average APNIC Region AS path length visible:4.3 Max APNIC Region AS path length visible: 18 Number of APNIC region 32-bit ASNs visible in the Routing Table:125 Number of APNIC addresses announced to Internet: 633118080 Equivalent to 37 /8s, 188 /16s and 157 /24s Percentage of available APNIC address space announced: 80.3 APNIC AS Blocks4608-4864, 7467-7722, 9216-10239, 17408-18431 (pre-ERX allocations) 23552-24575, 37888-38911, 45056-46079, 55296-56319, 58368-59391, 131072-132095, 132096-133119 APNIC Address Blocks 1/8, 14/8, 27/8, 36/8, 39/8, 42/8, 43/8, 49/8, 58/8, 59/8, 60/8, 61/8, 101/8, 103/8, 106/8, 110/8, 111/8, 112/8, 113/8, 114/8, 115/8, 116/8, 117/8, 118/8, 119/8, 120/8, 121/8, 122/8, 123/8, 124/8, 125/8, 126/8, 133/8, 175/8, 180/8, 182/8, 183/8, 202/8, 203/8, 210/8, 211/8, 218/8, 219/8, 220/8, 221/8, 222/8, 223/8, ARIN Region Analysis Summary Prefixes being announced by ARIN Region ASes:147034 Total ARIN prefixes after maximum aggregation:74945 ARIN Deaggregation factor: 1.96 Prefixes being announced from the ARIN address blocks: 119074 Unique aggregates announced from the ARIN address blocks: 49000 ARIN Region origin ASes present in the Internet Routing Table:14841 ARIN Prefixes per ASN: 8.02 ARIN Region origin ASes announcing only one prefix:
Automate Peering Maintenance
Hello list, Want to ping the list and see how the operational community automates peering maintenance. I've spoken to a few folks and this seem completely foreign to them. By 'automate' I mean creating and updating dynamically (runs periodically) prefix and/ord AS-Path filters from IRR data and directly applying configuration to routers. I'm currently looking at bgpq, RtConfig, and IRRToolSet for generating the prefix and AS-Path filters but haven't been able to find anything that does the automatic re-provisioning/re-configuration on the peering sessions. Would be looking for tool(s) that's Junos friendly. Thanks! Cheers, RR
QinQ switch or similar
Hi, We need to purchase some switch that support 1gbit QinQ. Any suggestions ? We need to connect 9 schools together in layer2. All 9 schools have 1gb link from our provider, provider gaves us 5 vlan to work with. We have around 35 vlan in-house. We are low budget. Any recommendation beside QinQ ?
Re: QinQ switch or similar
Checkout the Milrotik Routerboards. Low cost and extremely versatile. Www.mikrotik.com Cheers, Mike Sent from my iPhone On Jan 6, 2012, at 12:32, Bonald bon...@gmail.com wrote: Hi, We need to purchase some switch that support 1gbit QinQ. Any suggestions ? We need to connect 9 schools together in layer2. All 9 schools have 1gb link from our provider, provider gaves us 5 vlan to work with. We have around 35 vlan in-house. We are low budget. Any recommendation beside QinQ ?
The Cidr Report
This report has been generated at Fri Jan 6 21:12:32 2012 AEST.
The report analyses the BGP Routing Table of AS2.0 router
and generates a report on aggregation potential within the table.
Check http://www.cidr-report.org for a current version of this report.
Recent Table History
Date PrefixesCIDR Agg
30-12-11390109 227812
31-12-11390100 227934
01-01-12390038 227925
02-01-12390086 227921
03-01-12390131 228113
04-01-12390399 228366
05-01-12390766 228275
06-01-12391121 228173
AS Summary
39862 Number of ASes in routing system
16752 Number of ASes announcing only one prefix
3476 Largest number of prefixes announced by an AS
AS6389 : BELLSOUTH-NET-BLK - BellSouth.net Inc.
109506048 Largest address span announced by an AS (/32s)
AS4134 : CHINANET-BACKBONE No.31,Jin-rong Street
Aggregation Summary
The algorithm used in this report proposes aggregation only
when there is a precise match using the AS path, so as
to preserve traffic transit policies. Aggregation is also
proposed across non-advertised address space ('holes').
--- 06Jan12 ---
ASnumNetsNow NetsAggr NetGain % Gain Description
Table 391113 228127 16298641.7% All ASes
AS6389 3476 220 325693.7% BELLSOUTH-NET-BLK -
BellSouth.net Inc.
AS7029 3202 1486 171653.6% WINDSTREAM - Windstream
Communications Inc
AS18566 2093 413 168080.3% COVAD - Covad Communications
Co.
AS4766 2475 992 148359.9% KIXS-AS-KR Korea Telecom
AS22773 1518 116 140292.4% ASN-CXA-ALL-CCI-22773-RDC -
Cox Communications Inc.
AS4755 1514 198 131686.9% TATACOMM-AS TATA
Communications formerly VSNL
is Leading ISP
AS4323 1621 387 123476.1% TWTC - tw telecom holdings,
inc.
AS28573 1573 394 117975.0% NET Servicos de Comunicao S.A.
AS1785 1867 784 108358.0% AS-PAETEC-NET - PaeTec
Communications, Inc.
AS7552 1409 419 99070.3% VIETEL-AS-AP Vietel
Corporation
AS19262 1389 402 98771.1% VZGNI-TRANSIT - Verizon Online
LLC
AS10620 1721 760 96155.8% Telmex Colombia S.A.
AS7303 1255 367 88870.8% Telecom Argentina S.A.
AS18101 976 157 81983.9% RELIANCE-COMMUNICATIONS-IN
Reliance Communications
Ltd.DAKC MUMBAI
AS8151 1461 660 80154.8% Uninet S.A. de C.V.
AS8402 1523 732 79151.9% CORBINA-AS OJSC Vimpelcom
AS30036 1484 699 78552.9% MEDIACOM-ENTERPRISE-BUSINESS -
Mediacom Communications Corp
AS4808 1091 341 75068.7% CHINA169-BJ CNCGROUP IP
network China169 Beijing
Province Network
AS15557 1096 368 72866.4% LDCOMNET Societe Francaise du
Radiotelephone S.A
AS24560 985 271 71472.5% AIRTELBROADBAND-AS-AP Bharti
Airtel Ltd., Telemedia
Services
AS7545 1630 948 68241.8% TPG-INTERNET-AP TPG Internet
Pty Ltd
AS3356 1104 458 64658.5% LEVEL3 Level 3 Communications
AS2118 672 61 61190.9% RELCOM-AS OOO NPO Relcom
AS17974 1720 1109 61135.5% TELKOMNET-AS2-AP PT
Telekomunikasi Indonesia
AS17676 677 74 60389.1% GIGAINFRA Softbank BB Corp.
AS4804 662 95 56785.6% MPX-AS Microplex PTY LTD
AS9498 862 300 56265.2% BBIL-AP BHARTI Airtel Ltd.
AS20115 1616 1059 55734.5% CHARTER-NET-HKY-NC - Charter
Communications
AS4780 786 235 55170.1% SEEDNET Digital United Inc.
AS3549 969 420 54956.7% GBLX Global Crossing Ltd.
Total 44427149252950266.4% Top 30 total
Possible Bogus Routes
BGP Update Report
BGP Update Report Interval: 29-Dec-11 -to- 05-Jan-12 (7 days) Observation Point: BGP Peering with AS131072 TOP 20 Unstable Origin AS Rank ASNUpds % Upds/PfxAS-Name 1 - AS17665 166462 12.0%2107.1 -- IN2CABLE-AP AS Number of In2cable.com (India) Ltd. 2 - AS42116 99564 7.2%1914.7 -- ERTH-NCHLN-AS CJSC ER-Telecom Holding 3 - AS840238327 2.8% 58.4 -- CORBINA-AS OJSC Vimpelcom 4 - AS982937920 2.7% 66.5 -- BSNL-NIB National Internet Backbone 5 - AS32528 24000 1.7% 12000.0 -- ABBOTT Abbot Labs 6 - AS755221159 1.5% 21.4 -- VIETEL-AS-AP Vietel Corporation 7 - AS24560 20453 1.5% 21.0 -- AIRTELBROADBAND-AS-AP Bharti Airtel Ltd., Telemedia Services 8 - AS20632 20290 1.5% 20290.0 -- PETERSTAR-AS PeterStar 9 - AS607216016 1.2%1144.0 -- UNISYS-6072 For routing issues, email hostmas...@unisys.com 10 - AS19223 12809 0.9% 12809.0 -- NTEGRATED-SOLUTIONS - Ntegrated Solutions 11 - AS580011895 0.9% 42.5 -- DNIC-ASBLK-05800-06055 - DoD Network Information Center 12 - AS17639 10537 0.8% 114.5 -- COMCLARK-AS ComClark Network Technology Corp. 13 - AS28885 10272 0.7% 79.0 -- OMANTEL-NAP-AS OmanTel NAP 14 - AS9498 9372 0.7% 8.7 -- BBIL-AP BHARTI Airtel Ltd. 15 - AS277389066 0.7% 26.6 -- Ecuadortelecom S.A. 16 - AS279478433 0.6% 15.2 -- Telconet S.A 17 - AS270517814 0.6% 244.2 -- DNIC-ASBLK-27032-27159 - DoD Network Information Center 18 - AS5089 7793 0.6% 185.5 -- NTL Virgin Media Limited 19 - AS145227792 0.6% 29.1 -- Satnet 20 - AS300367403 0.5% 7.1 -- MEDIACOM-ENTERPRISE-BUSINESS - Mediacom Communications Corp TOP 20 Unstable Origin AS (Updates per announced prefix) Rank ASNUpds % Upds/PfxAS-Name 1 - AS20632 20290 1.5% 20290.0 -- PETERSTAR-AS PeterStar 2 - AS19223 12809 0.9% 12809.0 -- NTEGRATED-SOLUTIONS - Ntegrated Solutions 3 - AS32528 24000 1.7% 12000.0 -- ABBOTT Abbot Labs 4 - AS272956636 0.5%6636.0 -- GENICA - Genica Corporation 5 - AS393535728 0.4%5728.0 -- PRINCAST-AS Gobierno del Principado de Asturias 6 - AS102094914 0.4%4914.0 -- SYNOPSYS-AS-JP-AP Japan HUB and Data Center 7 - AS457233797 0.3%3797.0 -- OMADATA-AS-ID Omadata Indonesia, PT 8 - AS174083277 0.2%3277.0 -- ABOVE-AS-AP AboveNet Communications Taiwan 9 - AS17665 166462 12.0%2107.1 -- IN2CABLE-AP AS Number of In2cable.com (India) Ltd. 10 - AS42116 99564 7.2%1914.7 -- ERTH-NCHLN-AS CJSC ER-Telecom Holding 11 - AS607216016 1.2%1144.0 -- UNISYS-6072 For routing issues, email hostmas...@unisys.com 12 - AS457042031 0.1%1015.5 -- INTERDATA-AS-ID MEDIA INTERDATA, PT 13 - AS142401910 0.1% 955.0 -- PMC-AS-1 - PMC-Sierra, INC. 14 - AS53362 938 0.1% 938.0 -- MIXIT-AS - Mixit, Inc. 15 - AS3 743 0.1%1587.0 -- FIRSTEASY-AS 1st Easy Limited 16 - AS56939 602 0.0% 602.0 -- CREDOS Credo-S Ltd. 17 - AS21271 572 0.0% 572.0 -- SOTELMABGP 18 - AS17370 565 0.0% 565.0 -- MCAFEE-COM - McAfee, Inc. 19 - AS188041061 0.1% 530.5 -- AKCIN - AKCIN INC. 20 - AS46510 530 0.0% 530.0 -- ACS-EDUCATION-SERVICES - ACS Education Services TOP 20 Unstable Prefixes Rank Prefix Upds % Origin AS -- AS Name 1 - 84.204.132.0/24 20290 1.4% AS20632 -- PETERSTAR-AS PeterStar 2 - 67.97.156.0/2412809 0.9% AS19223 -- NTEGRATED-SOLUTIONS - Ntegrated Solutions 3 - 130.36.34.0/2412000 0.8% AS32528 -- ABBOTT Abbot Labs 4 - 130.36.35.0/2412000 0.8% AS32528 -- ABBOTT Abbot Labs 5 - 203.192.248.0/23 10339 0.7% AS17665 -- IN2CABLE-AP AS Number of In2cable.com (India) Ltd. 6 - 203.194.96.0/20 10223 0.7% AS17665 -- IN2CABLE-AP AS Number of In2cable.com (India) Ltd. 7 - 202.56.215.0/247441 0.5% AS24560 -- AIRTELBROADBAND-AS-AP Bharti Airtel Ltd., Telemedia Services 8 - 12.202.99.0/24 6636 0.5% AS27295 -- GENICA - Genica Corporation 9 - 46.147.124.0/226574 0.5% AS42116 -- ERTH-NCHLN-AS CJSC ER-Telecom Holding 10 - 46.147.108.0/226570 0.5% AS42116 -- ERTH-NCHLN-AS CJSC ER-Telecom Holding 11 - 46.147.120.0/226563 0.5% AS42116 -- ERTH-NCHLN-AS CJSC ER-Telecom Holding 12 - 95.78.4.0/22 6556 0.5% AS42116 -- ERTH-NCHLN-AS CJSC ER-Telecom Holding 13 - 95.78.84.0/22 6544 0.5% AS42116 -- ERTH-NCHLN-AS CJSC ER-Telecom Holding 14 - 95.78.20.0/22 6537 0.5% AS42116 -- ERTH-NCHLN-AS CJSC ER-Telecom Holding 15 - 95.78.88.0/22 6525 0.4% AS42116 -- ERTH-NCHLN-AS CJSC
Re: QinQ switch or similar
Sent from my mobile device, so please excuse any horrible misspellings. On Jan 6, 2012, at 15:32, Bonald bon...@gmail.com wrote: Hi, We need to purchase some switch that support 1gbit QinQ. Any suggestions ? We need to connect 9 schools together in layer2. All 9 schools have 1gb link from our provider, provider gaves us 5 vlan to work with. We have around 35 vlan in-house. We are low budget. Any recommendation beside QinQ ? Your provider won't do QinQ for you? Have you verified they support the appropriate MTU for you to do your own QinQ under their tag (at least 1502)? As far as equipment, most Cisco kit from 3550 on up will do QinQ. Other alternatives would be to light it with routers and do EoMPLS or VPLS, but it'll be more expensive than just doing QinQ but potentially more scalable/stable.
Misreporting abuse, it's not actually helpful: r...@fireslayer.maxihost.com.br
[ABUSE] Attack comming from IP 90.185.110.92 to 189.1.164.138 So... FireSlayer, did you get a cold? or perhaps have too much to drink? sending reports of what looks like CoD4: 16:36:58.728250 IP 90.185.110.92.27005 189.1.172.238.28960: UDP, length 14 16:36:58.741473 IP 90.185.110.92.27005 189.1.169.243.28922: UDP, length 14 16:36:58.754083 IP 90.185.110.92.27005 189.1.164.56.28947: UDP, length 14 server traffic to your customers is cool, it's not so cool if you send the reports to the wrong origin asn... AS15169 doesn't actually originate 90.185.110.0/24, it looks to me like: AS39554 | 90.185.110.0 | FULLRATE Fullrate A/S probably does though... I'm not sure what math tricks you may have tried, but 39554 is in no way like 15169. Could you take some time to disable your report generation canon and fix it before re-enabling it? I'm not the only person getting mis-fired reports, if you want to help everyone please turn off the canon. thnx! -chris (note, we've asked privately, you don't seem to respond/listen, perhaps publicly noting this will get: 1) your attention 2) you to stop the insanity)
Re: SSL Certificates
I second The SSL Store (http://www.thesslstore.com/) -- Paul Norton Systems Administrator Neoverve - www.neoverve.com Neoverve Blog - http://blog.neoverve.com/ On 1/6/2012 7:31 AM, Ken A wrote: theSSLstore has good reseller pricing on a variety of certs. ~ $10 domain validated rapidssl certs in about 5 minutes. More expensive and time consuming certs are available, Verisign, Geotrust, Thawte, greenbars, wildcards, etc.. Ken On 1/6/2012 8:15 AM, Michael Carey wrote: Looking for a recommendation on who to buy affordable and reputable SSL certificates from? Symantec, Thawte, and Comodo are the names that come to mind, just wondering if there are others folks use. Thanks,
Re: Misreporting abuse, it's not actually helpful: r...@fireslayer.maxihost.com.br
probably does though... I'm not sure what math tricks you may have tried, but 39554 is in no way like 15169. Could you take some time to disable your report generation canon and fix it before re-enabling it? I'm not the only person getting mis-fired reports, if you want to help everyone please turn off the canon. procmail them back to the ceo or c.o of the idiots. randy
