www.eftps.gov contact
The hostname www.eftps.gov has both A and records, but the site is only reachable via IPv4. Worse, the IPv6 connectivity is broken in such a way that Firefox and Internet Explorer do not fall back to IPv4. Tracing is broken for both protocols. The 10-net addresss in the IPv4 path were cute. Calling their technical support was an exercise in futility. Supposedly they forwarded messages on to the right people; but the site is still broken after over a week's wait. If someone knows the admins behind the EFTPS website and can forward this to them, the accounting firm for which I work would appreciate it. Thanks,
RE: William was raided for running a Tor exit node. Please help if you can.
In any event, I'm pretty sure that I'd rather get hit with tampering with evidence versus them retrieving data that may incriminate me. I believe this may be a the lesser of two evils game. -Original Message- From: Kyle Creyts [mailto:kyle.cre...@gmail.com] Sent: Monday, December 17, 2012 2:52 PM To: Jeroen van Aart Cc: nanog@nanog.org Subject: Re: William was raided for running a Tor exit node. Please help if you can. In most jurisdictions, wouldn't using a de-gaussing ring in the door frame to wipe any equipment being removed constitute tampering with evidence or interfering with an investigation if the authority in question is in possession of a warrant/subpoena? On Mon, Dec 17, 2012 at 11:33 AM, Jeroen van Aart jer...@mompl.net wrote: On 11/30/2012 02:02 PM, Naslund, Steve wrote: OK, there must be a lot more paranoid people out there than I thought for awhile? I am sure he will let you out to go to the bank, get your stuff, and leave town. I think you have seen way to many movies. So if the cops show up at his door tomorrow and say Here's all your stuff back, there was no evidence of a crime., you are OK with this guys keeping the defense fund? I for one vote for installing a de-gauging ring in your door frame. any removal of equipment you don't approve of will be wiped. That and encryption possibly combined with hiding the real OS (truecrypt can do that). Greetings, Jeroen -- Earthquake Magnitude: 5.1 Date: Monday, December 17, 2012 17:46:48 UTC Location: central East Pacific Rise Latitude: -3.9682; Longitude: -104.0375 Depth: 15.70 km -- Kyle Creyts Information Assurance Professional BSidesDetroit Organizer smime.p7s Description: S/MIME cryptographic signature
Re: Advisory — D-root is changing its IPv4 address on the 3rd of January.
For anyone who is worried that the root server change might impact them, they can go to http://www.iana.org/domains/root/files and download the root zone file. It probably won't need to be updated again until the next round of gTLDs is approved. --- -ITG (ITechGeek) i...@itechgeek.com https://itg.nu/ GPG Keys: https://itg.nu/contact/gpg-key Preferred GPG Key: Key ID: DCB1191A / Fingerprint: AB46B7E363DA7E04ABFA57852AA9910ADCB1191A Google Voice: +1-703-493-0128 / Twitter: ITechGeek / Facebook: http://fb.me/Jbwa.Net On Mon, Dec 17, 2012 at 8:53 PM, Keith Medcalf kmedc...@dessus.com wrote: Concomittant wirh reduced risk assessment capability? Sent from Samsung Mobile Original message From: Randy Bush ra...@psg.com Date: To: Lynda shr...@deaddrop.org Cc: North American Network Operators' Group nanog@nanog.org Subject: Re: Advisory — D-root is changing its IPv4 address on the 3rd of January.
RE: www.eftps.gov contact
I tried to this a month ago, no luck :( i.e. nothing back from them, just goes into no answer e-mail space! Dennis Burgess, Mikrotik Certified Trainer Author of Learn RouterOS- Second Edition Link Technologies, Inc -- Mikrotik WISP Support Services Office: 314-735-0270 Website: http://www.linktechs.net - Skype: linktechs -- Create Wireless Coverage's with www.towercoverage.com - 900Mhz - LTE - 3G - 3.65 - TV Whitespace -Original Message- From: Darren Pilgrim [mailto:na...@bitfreak.org] Sent: Tuesday, December 18, 2012 9:09 AM To: nanog@nanog.org Subject: www.eftps.gov contact The hostname www.eftps.gov has both A and records, but the site is only reachable via IPv4. Worse, the IPv6 connectivity is broken in such a way that Firefox and Internet Explorer do not fall back to IPv4. Tracing is broken for both protocols. The 10-net addresss in the IPv4 path were cute. Calling their technical support was an exercise in futility. Supposedly they forwarded messages on to the right people; but the site is still broken after over a week's wait. If someone knows the admins behind the EFTPS website and can forward this to them, the accounting firm for which I work would appreciate it. Thanks,
Re: www.eftps.gov contact
if only some us-gov folks read this mailing list... maybe someone form NIST could aim the right question to the right eftps.gov people? you'd think helping the taxman would be appreciated. On Tue, Dec 18, 2012 at 10:26 AM, Dennis Burgess dmburg...@linktechs.net wrote: I tried to this a month ago, no luck :( i.e. nothing back from them, just goes into no answer e-mail space! Dennis Burgess, Mikrotik Certified Trainer Author of Learn RouterOS- Second Edition Link Technologies, Inc -- Mikrotik WISP Support Services Office: 314-735-0270 Website: http://www.linktechs.net - Skype: linktechs -- Create Wireless Coverage's with www.towercoverage.com - 900Mhz - LTE - 3G - 3.65 - TV Whitespace -Original Message- From: Darren Pilgrim [mailto:na...@bitfreak.org] Sent: Tuesday, December 18, 2012 9:09 AM To: nanog@nanog.org Subject: www.eftps.gov contact The hostname www.eftps.gov has both A and records, but the site is only reachable via IPv4. Worse, the IPv6 connectivity is broken in such a way that Firefox and Internet Explorer do not fall back to IPv4. Tracing is broken for both protocols. The 10-net addresss in the IPv4 path were cute. Calling their technical support was an exercise in futility. Supposedly they forwarded messages on to the right people; but the site is still broken after over a week's wait. If someone knows the admins behind the EFTPS website and can forward this to them, the accounting firm for which I work would appreciate it. Thanks,
Re: www.eftps.gov contact
On Tue, Dec 18, 2012 at 10:33 AM, Christopher Morrow morrowc.li...@gmail.com wrote: if only some us-gov folks read this mailing list... maybe someone form NIST could aim the right question to the right eftps.gov people? you'd think helping the taxman would be appreciated. it's probably also fair to point out that ... it seems to be working. ( and A) On Tue, Dec 18, 2012 at 10:26 AM, Dennis Burgess dmburg...@linktechs.net wrote: I tried to this a month ago, no luck :( i.e. nothing back from them, just goes into no answer e-mail space! Dennis Burgess, Mikrotik Certified Trainer Author of Learn RouterOS- Second Edition Link Technologies, Inc -- Mikrotik WISP Support Services Office: 314-735-0270 Website: http://www.linktechs.net - Skype: linktechs -- Create Wireless Coverage's with www.towercoverage.com - 900Mhz - LTE - 3G - 3.65 - TV Whitespace -Original Message- From: Darren Pilgrim [mailto:na...@bitfreak.org] Sent: Tuesday, December 18, 2012 9:09 AM To: nanog@nanog.org Subject: www.eftps.gov contact The hostname www.eftps.gov has both A and records, but the site is only reachable via IPv4. Worse, the IPv6 connectivity is broken in such a way that Firefox and Internet Explorer do not fall back to IPv4. Tracing is broken for both protocols. The 10-net addresss in the IPv4 path were cute. Calling their technical support was an exercise in futility. Supposedly they forwarded messages on to the right people; but the site is still broken after over a week's wait. If someone knows the admins behind the EFTPS website and can forward this to them, the accounting firm for which I work would appreciate it. Thanks,
Re: www.eftps.gov contact
On Tue, Dec 18, 2012 at 10:35 AM, Christopher Morrow morrowc.li...@gmail.com wrote: On Tue, Dec 18, 2012 at 10:33 AM, Christopher Morrow morrowc.li...@gmail.com wrote: if only some us-gov folks read this mailing list... maybe someone form NIST could aim the right question to the right eftps.gov people? you'd think helping the taxman would be appreciated. it's probably also fair to point out that ... it seems to be working. ( and A) and traceroute/traceroute6 seems to work to the prem... 6 cr1.attga.ip.att.net (12.122.1.173) 79.126 ms 71.722 ms 74.646 ms 7 cr2.dlstx.ip.att.net (12.122.28.174) 74.001 ms 74.127 ms 74.198 ms 8 cr1.dlstx.ip.att.net (12.122.1.209) 75.261 ms 75.305 ms 75.405 ms 9 cr1.phmaz.ip.att.net (12.122.28.182) 73.070 ms 73.381 ms 73.408 ms 10 12.123.206.173 (12.123.206.173) 71.586 ms 70.289 ms 70.048 ms 11 12.87.83.6 (12.87.83.6) 71.226 ms 71.290 ms 71.526 ms 12 * * * 6 2600:803:95f::d (2600:803:95f::d) 4.618 ms 4.951 ms * 7 2600:805:51f::12 (2600:805:51f::12) 49.616 ms 49.726 ms 49.672 ms 8 2600:805:51f::12 (2600:805:51f::12) 48.548 ms 48.561 ms 48.75 ms 9 2620:10f:400e:1::6 (2620:10f:400e:1::6) 50 ms 53.366 ms 50.704 ms 10 * * * so, what's broken? On Tue, Dec 18, 2012 at 10:26 AM, Dennis Burgess dmburg...@linktechs.net wrote: I tried to this a month ago, no luck :( i.e. nothing back from them, just goes into no answer e-mail space! Dennis Burgess, Mikrotik Certified Trainer Author of Learn RouterOS- Second Edition Link Technologies, Inc -- Mikrotik WISP Support Services Office: 314-735-0270 Website: http://www.linktechs.net - Skype: linktechs -- Create Wireless Coverage's with www.towercoverage.com - 900Mhz - LTE - 3G - 3.65 - TV Whitespace -Original Message- From: Darren Pilgrim [mailto:na...@bitfreak.org] Sent: Tuesday, December 18, 2012 9:09 AM To: nanog@nanog.org Subject: www.eftps.gov contact The hostname www.eftps.gov has both A and records, but the site is only reachable via IPv4. Worse, the IPv6 connectivity is broken in such a way that Firefox and Internet Explorer do not fall back to IPv4. Tracing is broken for both protocols. The 10-net addresss in the IPv4 path were cute. Calling their technical support was an exercise in futility. Supposedly they forwarded messages on to the right people; but the site is still broken after over a week's wait. If someone knows the admins behind the EFTPS website and can forward this to them, the accounting firm for which I work would appreciate it. Thanks,
Re: www.eftps.gov contact
On 2012-12-18 07:36, Christopher Morrow wrote: On Tue, Dec 18, 2012 at 10:35 AM, Christopher Morrow it's probably also fair to point out that ... it seems to be working. ( and A) so, what's broken? The end-user machines I tested on are behind 6in4 tunnels (MTU 1480). They open the TCP connection, but never load a page. They don't complete the HTTPS SSL handshake. On port 80, they send the HTTP request, but never get a response to GET /.
Re: www.eftps.gov contact
It works for me (http) Cannot ping, so maybe they filtered the whole ICMPv6 and you have a MTU problem. But that is only a guessing. as On 18/12/2012 13:36, Christopher Morrow wrote: On Tue, Dec 18, 2012 at 10:35 AM, Christopher Morrow morrowc.li...@gmail.com wrote: On Tue, Dec 18, 2012 at 10:33 AM, Christopher Morrow morrowc.li...@gmail.com wrote: if only some us-gov folks read this mailing list... maybe someone form NIST could aim the right question to the right eftps.gov people? you'd think helping the taxman would be appreciated. it's probably also fair to point out that ... it seems to be working. ( and A) and traceroute/traceroute6 seems to work to the prem... 6 cr1.attga.ip.att.net (12.122.1.173) 79.126 ms 71.722 ms 74.646 ms 7 cr2.dlstx.ip.att.net (12.122.28.174) 74.001 ms 74.127 ms 74.198 ms 8 cr1.dlstx.ip.att.net (12.122.1.209) 75.261 ms 75.305 ms 75.405 ms 9 cr1.phmaz.ip.att.net (12.122.28.182) 73.070 ms 73.381 ms 73.408 ms 10 12.123.206.173 (12.123.206.173) 71.586 ms 70.289 ms 70.048 ms 11 12.87.83.6 (12.87.83.6) 71.226 ms 71.290 ms 71.526 ms 12 * * * 6 2600:803:95f::d (2600:803:95f::d) 4.618 ms 4.951 ms * 7 2600:805:51f::12 (2600:805:51f::12) 49.616 ms 49.726 ms 49.672 ms 8 2600:805:51f::12 (2600:805:51f::12) 48.548 ms 48.561 ms 48.75 ms 9 2620:10f:400e:1::6 (2620:10f:400e:1::6) 50 ms 53.366 ms 50.704 ms 10 * * * so, what's broken? On Tue, Dec 18, 2012 at 10:26 AM, Dennis Burgess dmburg...@linktechs.net wrote: I tried to this a month ago, no luck :( i.e. nothing back from them, just goes into no answer e-mail space! Dennis Burgess, Mikrotik Certified Trainer Author of Learn RouterOS- Second Edition Link Technologies, Inc -- Mikrotik WISP Support Services Office: 314-735-0270 Website: http://www.linktechs.net - Skype: linktechs -- Create Wireless Coverage's with www.towercoverage.com - 900Mhz - LTE - 3G - 3.65 - TV Whitespace -Original Message- From: Darren Pilgrim [mailto:na...@bitfreak.org] Sent: Tuesday, December 18, 2012 9:09 AM To: nanog@nanog.org Subject: www.eftps.gov contact The hostname www.eftps.gov has both A and records, but the site is only reachable via IPv4. Worse, the IPv6 connectivity is broken in such a way that Firefox and Internet Explorer do not fall back to IPv4. Tracing is broken for both protocols. The 10-net addresss in the IPv4 path were cute. Calling their technical support was an exercise in futility. Supposedly they forwarded messages on to the right people; but the site is still broken after over a week's wait. If someone knows the admins behind the EFTPS website and can forward this to them, the accounting firm for which I work would appreciate it. Thanks,
Re: www.eftps.gov contact
On Tue, Dec 18, 2012 at 10:49 AM, Darren Pilgrim na...@bitfreak.org wrote: On 2012-12-18 07:36, Christopher Morrow wrote: On Tue, Dec 18, 2012 at 10:35 AM, Christopher Morrow it's probably also fair to point out that ... it seems to be working. ( and A) so, what's broken? The end-user machines I tested on are behind 6in4 tunnels (MTU 1480). They open the TCP connection, but never load a page. They don't complete the HTTPS SSL handshake. On port 80, they send the HTTP request, but never get a response to GET /. see, now we're getting information that FDC/IRS could actually use! :) This looks like an MTU issue then?
Re: www.eftps.gov contact
On 2012-12-18 07:52, Christopher Morrow wrote: see, now we're getting information that FDC/IRS could actually use! :) This looks like an MTU issue then? I believe so.
Re: www.eftps.gov contact
On Tue, Dec 18, 2012 at 11:02 AM, Darren Pilgrim na...@bitfreak.org wrote: On 2012-12-18 07:52, Christopher Morrow wrote: see, now we're getting information that FDC/IRS could actually use! :) This looks like an MTU issue then? I believe so. so, a suggestion to eftps.gov/irs/fdc is to simply clamp MSS on their servers, no?
Re: Advisory — D-root is changing its IPv4 address on the 3rd of January.
On Dec 17, 2012, at 11:30 PM, ITechGeek i...@itechgeek.com wrote: For anyone who is worried that the root server change might impact them, they can go to http://www.iana.org/domains/root/files and download the root zone file. It probably won't need to be updated again until the next round of gTLDs is approved. Err, no. The root zone changes twice a day and its contents change quite frequently as TLD managers update their name servers, do key rollovers, etc. If you're going to copy the root zone, I'd recommend using a zone transfer from the name servers described in http://dns.icann.org/services/axfr/ or, at the very least, set up a cron job to pull the root zone twice a day. WRT the root _hints_ change, setting up a cron job to pull, verify, and install the root hints file periodically (once a month should probably be sufficient) would probably be a good idea. Regards, -drc
Re: www.eftps.gov contact
On 2012-12-18 08:08, Christopher Morrow wrote: On Tue, Dec 18, 2012 at 11:02 AM, Darren Pilgrimna...@bitfreak.org wrote: On 2012-12-18 07:52, Christopher Morrow wrote: see, now we're getting information that FDC/IRS could actually use! :) This looks like an MTU issue then? I believe so. so, a suggestion to eftps.gov/irs/fdc is to simply clamp MSS on their servers, no? I might instead suggest a read of RFC 4890. :)
Re: www.eftps.gov contact
On Tue, Dec 18, 2012 at 11:15 AM, Darren Pilgrim na...@bitfreak.org wrote: 4890 it might not be their (eftps.gov's) fault though... but sure.
REMINDER: Include as much detail as you have on problem reports (was eftps.gov)
Aside from the fact that it helps unrelated people aid you in diagnosing the problem, there's another, more practical reason to do it: When you do, problems you're having will sometimes magically disappear, because someone who a) is in a position to fix it, but b) is not in a position to *talk about it* will see the report, do a facepalm, and twist the proper knob to make it go away. While this isn't as optimal in the global sense as a full dialogue on the problem would be, it's a helluva lot better than it still doesn't work, a week later. And the shorter the thread, the higher the odds this might happen. One posting is optimal. :-) Just a thought. Cheers, -- jr 'Happy Chriskwanzukkah, and a Cool Yule' a -- Jay R. Ashworth Baylink j...@baylink.com Designer The Things I Think RFC 2100 Ashworth Associates http://baylink.pitas.com 2000 Land Rover DII St Petersburg FL USA #natog +1 727 647 1274
Re: Fiber only in DataCenters?
- Original Message - From: James Wininger jwinin...@ifncom.net Are there data centers out there that are fiber only? That is to say that the cross connects are fiber only and no copper cross connects are available? I have not personally run across any DCs that do not permit copper Xcon, but I am young, and not well-travelled. Cheers, -- jra -- Jay R. Ashworth Baylink j...@baylink.com Designer The Things I Think RFC 2100 Ashworth Associates http://baylink.pitas.com 2000 Land Rover DII St Petersburg FL USA #natog +1 727 647 1274
Simple/best tool to verify PMTUD?
I'm looking for a simple tool to verify PMTUD is usable along a particular path. Ideally this tool would be cross-platform, or run on Linux or Windows. I've done some testing of my own by hand, but hoping a tool would help the admin on the other side be able to test for themselves.
Re: Simple/best tool to verify PMTUD?
On Tue, Dec 18, 2012 at 12:59 PM, Christopher J. Pilkington c...@0x1.net wrote: I'm looking for a simple tool to verify PMTUD is usable along a particular path. Ideally this tool would be cross-platform, or run on Linux or Windows. tracepath (Linux), mturoute (Windows) -- Darius Jahandarie
Re: www.eftps.gov contact
In message cal9jlabwe_e+vfzwybtbrp50eicbvq7z3xuq3qwf3fhmidl...@mail.gmail.com, Christopher Morrow writes: On Tue, Dec 18, 2012 at 11:15 AM, Darren Pilgrim na...@bitfreak.org wrote: 4890 it might not be their (eftps.gov's) fault though... but sure. If you run a server you should be expecting PTB for both IPv4 and IPv6. If you have broken equipement in front of the server you can set IPV6_USE_MIN_MTU to 1 on IPv6 sockets. There is no excuse to have connections broken due to PMTUD. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
Re: www.eftps.gov contact
On Tue, Dec 18, 2012 at 3:19 PM, Mark Andrews ma...@isc.org wrote: In message cal9jlabwe_e+vfzwybtbrp50eicbvq7z3xuq3qwf3fhmidl...@mail.gmail.com, Christopher Morrow writes: On Tue, Dec 18, 2012 at 11:15 AM, Darren Pilgrim na...@bitfreak.org wrote: 4890 it might not be their (eftps.gov's) fault though... but sure. If you run a server you should be expecting PTB for both IPv4 and IPv6. If you have broken equipement in front of the server you can set IPV6_USE_MIN_MTU to 1 on IPv6 sockets. There is no excuse to have connections broken due to PMTUD. sure there is! my isp filters icmp
Re: www.eftps.gov contact
In message CAL9jLaY5=ftw8qfhypqh91okh2p90hu-xaoqjk57ihssrzu...@mail.gmail.com, Christopher Morrow writes: On Tue, Dec 18, 2012 at 3:19 PM, Mark Andrews ma...@isc.org wrote: In message cal9jlabwe_e+vfzwybtbrp50eicbvq7z3xuq3qwf3fhmidl...@mail.gmail.com, Christopher Morrow writes: On Tue, Dec 18, 2012 at 11:15 AM, Darren Pilgrim na...@bitfreak.org wrote: 4890 it might not be their (eftps.gov's) fault though... but sure. If you run a server you should be expecting PTB for both IPv4 and IPv6. If you have broken equipement in front of the server you can set IPV6_USE_MIN_MTU to 1 on IPv6 sockets. There is no excuse to have connections broken due to PMTUD. sure there is! my isp filters icmp You don't have a ISP then. You have a fraudster. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
Re: www.eftps.gov contact
On Dec 18, 2012, at 12:22 , Christopher Morrow morrowc.li...@gmail.com wrote: On Tue, Dec 18, 2012 at 3:19 PM, Mark Andrews ma...@isc.org wrote: In message cal9jlabwe_e+vfzwybtbrp50eicbvq7z3xuq3qwf3fhmidl...@mail.gmail.com, Christopher Morrow writes: On Tue, Dec 18, 2012 at 11:15 AM, Darren Pilgrim na...@bitfreak.org wrote: 4890 it might not be their (eftps.gov's) fault though... but sure. If you run a server you should be expecting PTB for both IPv4 and IPv6. If you have broken equipement in front of the server you can set IPV6_USE_MIN_MTU to 1 on IPv6 sockets. There is no excuse to have connections broken due to PMTUD. sure there is! my isp filters icmp Get a better ISP. Owen
Re: www.eftps.gov contact
On Tue, Dec 18, 2012 at 3:35 PM, Owen DeLong o...@delong.com wrote: On Dec 18, 2012, at 12:22 , Christopher Morrow morrowc.li...@gmail.com wrote: On Tue, Dec 18, 2012 at 3:19 PM, Mark Andrews ma...@isc.org wrote: In message cal9jlabwe_e+vfzwybtbrp50eicbvq7z3xuq3qwf3fhmidl...@mail.gmail.com, Christopher Morrow writes: On Tue, Dec 18, 2012 at 11:15 AM, Darren Pilgrim na...@bitfreak.org wrote: 4890 it might not be their (eftps.gov's) fault though... but sure. If you run a server you should be expecting PTB for both IPv4 and IPv6. If you have broken equipement in front of the server you can set IPV6_USE_MIN_MTU to 1 on IPv6 sockets. There is no excuse to have connections broken due to PMTUD. sure there is! my isp filters icmp Get a better ISP. both of you crack me up.
Re: www.eftps.gov contact
In message CAL9jLaZMV9yo7Yzsydcj7U0o+DjHACEJ7z0ypN_00f+iM=j...@mail.gmail.com, Christopher Morrow writes: On Tue, Dec 18, 2012 at 3:35 PM, Owen DeLong o...@delong.com wrote: On Dec 18, 2012, at 12:22 , Christopher Morrow morrowc.li...@gmail.com wrote: On Tue, Dec 18, 2012 at 3:19 PM, Mark Andrews ma...@isc.org wrote: In message cal9jlabwe_e+vfzwybtbrp50eicbvq7z3xuq3qwf3fhmidl...@mail.gmail.com, Christopher Morrow writes: On Tue, Dec 18, 2012 at 11:15 AM, Darren Pilgrim na...@bitfreak.org wrote: 4890 it might not be their (eftps.gov's) fault though... but sure. If you run a server you should be expecting PTB for both IPv4 and IPv6. If you have broken equipement in front of the server you can set IPV6_USE_MIN_MTU to 1 on IPv6 sockets. There is no excuse to have connections broken due to PMTUD. sure there is! my isp filters icmp Get a better ISP. both of you crack me up. Setting IPV6_USE_MIN_MTU on a IPv6 socket is a couple of lines of code in the http server. Been there, done that. If you can't do that then set the interface MTU to 1280. I repeat there is no excuse to have connection broken due to PMTU issues. A compentent sys admin can work around upstream problems. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
Re: 32-bit ASes at routeviews
On 12/16/12 2:48 PM, Iljitsch van Beijnum wrote: Looking for 32-bit AS numbers, I get some strange results from routeviews: route-viewssh ip bgp regexp _23456_ BGP table version is 2393809200, local router ID is 128.223.51.103 Status codes: s suppressed, d damped, h history, * valid, best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next HopMetric LocPrf Weight Path * 31.177.16.0/22 128.223.253.10 0 3582 3701 3356 23456 3.1043 i * 46.29.72.0/21129.250.0.11 285 0 2914 12389 12389 12389 12389 23456 3.627 i * 46.243.96.0/21 154.11.11.1130 0 852 174 39704 39704 23456 3.787 i * 91.208.62.0/24 154.11.11.1130 0 852 174 39704 39704 23456 3.787 i * 91.217.87.0/24 194.85.40.15 0 3267 174 23456 3.661 i * 91.230.169.0/24 208.51.134.254 13905 0 3549 29152 29152 29152 29152 23456 23456 23456 23456 3.1426 i * 91.238.8.0/24194.85.40.15 0 3267 8220 23456 3.2040 i * 111.235.148.0/22 194.85.40.15 0 3267 9498 9730 23456 i * 141.0.176.0/21 129.250.0.11 285 0 2914 12389 12389 12389 12389 23456 3.627 i Unless I missed something, AS 23456 is supposed to show up as a stand-in for 32-bit ASNs on 16-bit BGP implementations, not in _addition_ to 32-bit ASNs. So the penultimate line would make sense if the other lines weren't there and the others don't make sense period. Maybe a bug in the IOS they're running? route-viewssh ver Cisco IOS Software, 7200 Software (C7200P-ADVENTERPRISEK9-M), Version 12.4(24)T2, RELEASE SOFTWARE (fc2) Or is something else going on? Off topic, this reminds me I would rather have ASPLAIN again. We switched a couple of years ago on a particular user request. If there is no objection, I would love to switch back ASAP. This would be on route-views, and on route-views3. Just asking if others concur? -- John Kemp (k...@routeviews.org) RouteViews Engineer NOC: n...@routeviews.org MAIL: h...@routeviews.org WWW: http://www.routeviews.org
Re: 32-bit ASes at routeviews
On 18/12/2012 22:24, John Kemp wrote: If there is no objection, I would love to switch back ASAP. This would be on route-views, and on route-views3. Just asking if others concur? rfc5396. I'd say go for it. Nick
Re: Fiber only in DataCenters?
On Tue, Dec 18, 2012 at 9:25 AM, Jay Ashworth j...@baylink.com wrote: - Original Message - From: James Wininger jwinin...@ifncom.net Are there data centers out there that are fiber only? That is to say that the cross connects are fiber only and no copper cross connects are available? I have not personally run across any DCs that do not permit copper Xcon, but I am young, and not well-travelled. I believe all datacenter allow copper cross connections but maybe not actually provisioned by copper. Most of my copper cross connections are actually provisioned by in-house fibers plus FOT on both end. Hence the hand-off looks like copper. -- Michel~
Re: 32-bit ASes at routeviews
Off topic, this reminds me I would rather have ASPLAIN again. We switched a couple of years ago on a particular user request. listening to those pesky users, eh? If there is no objection, I would love to switch back ASAP. This would be on route-views, and on route-views3. Just asking if others concur? makes sense to me randy
Re: 32-bit ASes at routeviews
+1 On Tue, Dec 18, 2012 at 9:23 PM, Randy Bush ra...@psg.com wrote: Off topic, this reminds me I would rather have ASPLAIN again. We switched a couple of years ago on a particular user request. listening to those pesky users, eh? If there is no objection, I would love to switch back ASAP. This would be on route-views, and on route-views3. Just asking if others concur? makes sense to me randy
Re: IP Address Management IPAM software for small ISP
Infoblox just started offering the IPAM portion of their software for free, http://www.infoblox.com/en/resources/software-downloads/ip-address-management-freeware.html We've been using the full-blown commercial appliances (IPAM, DHCP, and DNS), not the freeware. I don't know exactly how it works without the other pieces integrated, but it may be worth a look.