Re: Working with Spamhaus
- Original Message - From: Jaren Angerbauer jarenangerba...@gmail.com To: nanog@nanog.org nanog@nanog.org Cc: Sent: Friday, July 31, 2015 2:28 PM Subject: Re: Working with Spamhaus Hi, As for SORBS, I'm not aware of anyone that uses it these days because of the extortion thing and the rather ..ahem .. eccentric nature of it's owner. and I see you've never had the pleasure of dealing with SORBS. All it takes is *ONE* message - EVER - to be instantly, and forever, listed in their spamtraps list. Getting on the list is automatic and immediate. There are no thresholds or limits; and there's expiration. The only way off that list is to PAY them to remove you. (which makes it illegal in most places. The corporate sharks flipped when I pointed them to that policy.) I work for Proofpoint -- we acquired SORBS back in 2011. There is obviously some incorrect / very outdated information / viewpoints here, so I thought it would make sense to clear the air a bit: Listings can happen a number of different ways, however the vast majority of these can be resolved, either through automatic delisting, or manual delisting (via SORBS support ticket). Additionally, there is NO CHARGE to be delisted. I'm happy to help mitigate any issues -- feel free to hit me up off list -- jangerba...@proofpoint.com Thanks --Jaren There is a very good reason as to why the .. some incorrect / very outdated information / viewpoints here..snip Matt/Michelle Sullivan did a lot of good things but a lot more *bad* in the name of SORBS - ergo the SORBS-Anathema. ...I have; just like many others on this list, have had to deal with this entity that had in essence turned into a joke. ./Randy ./Randy
Re: Working with Spamhaus
- Original Message - From: Randy randy_94...@yahoo.com To: Jaren Angerbauer jarenangerba...@gmail.com; nanog@nanog.org nanog@nanog.org Cc: Sent: Friday, July 31, 2015 9:53 PM Subject: Re: Working with Spamhaus - Original Message - From: Jaren Angerbauer jarenangerba...@gmail.com To: nanog@nanog.org nanog@nanog.org Cc: Sent: Friday, July 31, 2015 2:28 PM Subject: Re: Working with Spamhaus Hi, As for SORBS, I'm not aware of anyone that uses it these days because of the extortion thing and the rather ..ahem .. eccentric nature of it's owner. and I see you've never had the pleasure of dealing with SORBS. All it takes is *ONE* message - EVER - to be instantly, and forever, listed in their spamtraps list. Getting on the list is automatic and immediate. There are no thresholds or limits; and there's expiration. The only way off that list is to PAY them to remove you. (which makes it illegal in most places. The corporate sharks flipped when I pointed them to that policy.) I work for Proofpoint -- we acquired SORBS back in 2011. There is obviously some incorrect / very outdated information / viewpoints here, so I thought it would make sense to clear the air a bit: Listings can happen a number of different ways, however the vast majority of these can be resolved, either through automatic delisting, or manual delisting (via SORBS support ticket). Additionally, there is NO CHARGE to be delisted. I'm happy to help mitigate any issues -- feel free to hit me up off list -- jangerba...@proofpoint.com Thanks --Jaren There is a very good reason as to why the .. some incorrect / very outdated information / viewpoints here..snip Matt/Michelle Sullivan did a lot of good things but a lot more *bad* in the name of SORBS - ergo the SORBS-Anathema. ...I have; just like many others on this list, have had to deal with this entity that had in essence turned into a joke. ./Randy ./Randy and to echo OP ovservation: at my last $day-job: SORBS wanted payment ( payment options: paypal and other electronic-means; To a Fund to suppport the defense(in court in Australia) of (someone whose I name I don't remember..) Needless to say, the next exec-memo said: Anyone who uses SORBS is on their own. ./Randy
Re: Working with Spamhaus
It's what they call a free country Those that don't use it don't use it, and those who do are free to do so --srs On 31-Jul-2015, at 4:56 PM, Ricky Beam jfb...@gmail.com wrote: On Fri, 31 Jul 2015 17:28:34 -0400, Jaren Angerbauer jarenangerba...@gmail.com wrote: I work for Proofpoint -- we acquired SORBS back in 2011. Hint: The Internet has a LONG memory. The liberal and numerous dropping of for free makes me laugh. You knew the tainted nature of what you were buying. Nobody, to this day, places much trust at all in SORBS. I dare say there isn't anyone on NANOG (certainly any long hairs) that haven't had at least one interaction with SORBS, most likely due to spamtraps; that number drops to almost zero when you put the word good in that sentence. Maybe it's better now under new management; we (the royal we) moved on long ago.
RE: Windows 10 Release
It takes no effort at all. You just do the same thing as has been done with every previous version of windows: When it asks for a LOCAL account and password, give it one. When it asks if you want to do a Microsoft Account, say no thank-you. Mind you, it does ask you about 8 times if you are REALLY REALLY REALLY REALLY sure you don't want to create or use a Microsoft account (obviously because that must be worth a LOT of money to microsoft). But you do not have to do it. And it is not difficult to avoid creating/using a microsoft account. Nor does not having a Microsoft Account have any adverse effect. It just means that you cannot use the crappy apps or the crappy app store. The only failing that I find is that there is no way to actually get rid of all the cruft -- to say I do not want to use a Microsoft Account so please permanently remove anything which requires it, or which cannot be maintained without it. It is not as bad, however, as their propensity for turning the firewall off (and diddling the rules) everytime you get even the slightest update such that you have to go into the firewall settings on a daily basis and make sure they are still set the way YOU want them set and not the way Microsoft wants them set (Microsoft wants them completely disabled). -Original Message- From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Scott Helms Sent: Thursday, 30 July, 2015 10:35 To: Justin Mckillican Cc: nanog@nanog.org list Subject: Re: Windows 10 Release Justin, That's true, but it takes effort for people to either set up a local account or change to one, and very few consumers will do that or have. Scott Helms Vice President of Technology ZCorum (678) 507-5000 http://twitter.com/kscotthelms On Thu, Jul 30, 2015 at 10:28 AM, Justin Mckillican jus...@mckill.ca wrote: Nope. For the upgrade the only piece of information MSFT needed was your email if you chose email notification once the upgrade was ready for you. After it's installed it will ask to finish up the install the 'Express' method which enabled a bunch of things like WIFI password sharing to friends and whatever else or if you chose the manual option like I did you can disable everything. It will also inherit your existing user settings, so if your user is a local one instead of a cloud one it will continue to be that way. It does install One Drive but again, if you never configured it or used it then you'll simply see it in your task bar with the welcome or signup screen. -justin On Jul 30, 2015, at 10:19 AM, Scott Helms khe...@zcorum.com wrote: Since the requirement is that users are upgrading from Win 7, 8, or 8.1 they've already had to create at least a minimal MS ID which means either creating an email account on Outlook.com or providing an existing email address and a password for MS. Scott Helms Vice President of Technology ZCorum (678) 507-5000 http://twitter.com/kscotthelms On Thu, Jul 30, 2015 at 10:15 AM, Matthew Black matthew.bl...@csulb.edu wrote: Are users required to create any type of Microsoft cloud account (e.g., OneDrive, Office365, et alil) in order to install and use Windows 10? Of Office? Is it possible to simply use Windows 10 without any Microsoft or Google or Yahoo accounts? Is the unique identifier available to advertisers only through IE (or its successor) OR will it also be available through Firefox/Chrome? matthew black california state university, long beach
Re: [BULK] Verizon exiting California
Can anyone else back that up (or refute it)? - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com - Original Message - From: Colton Conor colton.co...@gmail.com To: Robert Glover robe...@garlic.com Cc: North American Network Operators' Group (nanog@nanog.org) nanog@nanog.org Sent: Friday, July 31, 2015 7:43:01 AM Subject: Re: [BULK] Verizon exiting California Word on the street is that Verizon business/enterprise is about to be sold to Centrylink as well. Seems Verizon soon will only be Verizon Wireless. On Thu, Jul 30, 2015 at 12:05 PM, Robert Glover robe...@garlic.com wrote: On 7/30/2015 9:26 AM, Matthew Black wrote: Verizon sent me a letter the other day stating that they are selling their landline business to Frontier Communications. It was a very terse letter and as a customer I don't know if it affects me. While stating they aren't exiting the Wireless business, I want to know which parts are being sold off. Just the copper lines, POTS, DSL, FIOS (TV, Internet, phone)? Some clarity would be great. I am a FIOS only customer. Can anyone recall if GTE was blocked from doing the same thing a few decades ago? matthew black california state university, long beach All wireline assets in the Verizon West footprint (California, Texas, and Tampa, FL area) are being aquired by Frontier Here's the Press Release from Frontier: http://investor.frontier.com/releasedetail.cfm?ReleaseID=895055 All wireless assets remain with Verizon.
Re: Working with Spamhaus
Le sigh .. Hotmail/Outlook/Live https://support.microsoft.com/en-us/getsupport?oaspworkflow=start_1.0.0.0wfname=capsubproductkey=edfsmsbl3locale=en-us Google/Gmail https://support.google.com/mail/contact/bulk_send_new?rd=1 AOL https://postmaster.aol.com/trouble-ticket Yahoo https://io.help.yahoo.com/contact/index?page=contactlocale=en_USy=PROD_MAIL_ML# As for SORBS, I'm not aware of anyone that uses it these days because of the extortion thing and the rather ..ahem .. eccentric nature of it's owner. Regards, Michael Holstein Cleveland State University From: Ricky Beam jfb...@gmail.com Sent: Thursday, July 30, 2015 6:41 PM To: Michael O Holstein Subject: Re: Working with Spamhaus On Thu, 30 Jul 2015 09:59:55 -0400, Michael O Holstein michael.holst...@csuohio.edu wrote: 100 spammy messages isn't enough to get you in trouble, as long as it stops there. I see you've never had the pleasure of dealing with SORBS. All it takes is *ONE* message - EVER - to be instantly, and forever, listed in their spamtraps list. Getting on the list is automatic and immediate. There are no thresholds or limits; and there's expiration. The only way off that list is to PAY them to remove you. (which makes it illegal in most places. The corporate sharks flipped when I pointed them to that policy.) as were the other major players (MS, Google, AOL, Yahoo) by just filling out their postmaster forms. What postmaster forms? Those 4 are the most *impossible* companies with whom I've ever tried to interact. I *know* there are people at Google but I'll be damned if there's a way to reach any of them.
Re: [BULK] Verizon exiting California
Word on the street is that Verizon business/enterprise is about to be sold to Centrylink as well. Seems Verizon soon will only be Verizon Wireless. On Thu, Jul 30, 2015 at 12:05 PM, Robert Glover robe...@garlic.com wrote: On 7/30/2015 9:26 AM, Matthew Black wrote: Verizon sent me a letter the other day stating that they are selling their landline business to Frontier Communications. It was a very terse letter and as a customer I don't know if it affects me. While stating they aren't exiting the Wireless business, I want to know which parts are being sold off. Just the copper lines, POTS, DSL, FIOS (TV, Internet, phone)? Some clarity would be great. I am a FIOS only customer. Can anyone recall if GTE was blocked from doing the same thing a few decades ago? matthew black california state university, long beach All wireline assets in the Verizon West footprint (California, Texas, and Tampa, FL area) are being aquired by Frontier Here's the Press Release from Frontier: http://investor.frontier.com/releasedetail.cfm?ReleaseID=895055 All wireless assets remain with Verizon.
Re: UDP clamped on service provider links
On Fri, Jul 31, 2015 at 8:07 AM, John Kristoff j...@cymru.com wrote: On Thu, 30 Jul 2015 21:18:10 -0500 Jason Baugher ja...@thebaughers.com wrote: In one case, when we were having an issue with a SIP trunk, we re-numbered our end to another IP in the same subnet. Same path from A to Z, but the packet loss mysteriously disappeared using the new IP. It sure seems like they are throttling somewhere. Not knowing how you evaluated the two paths, but if MPLS was not considered, it may have perhaps been due in part to ECMP behavior. While not ruling out UDP limits, it is plausible that the changed source IP address resulted in a less congested path to be chosen. ding! this sounds like the most plausible answer... I wouldn't expect L3 to limit udp/5060/6061/SIP traffic, as a common carrier that also runs a SIP trunking service they: 1) probably know what SIP traffic is 2) don't want to get bitten being seen as preferring their own network offerings over other external ones (or perhaps accidentally impacting actual customers).
Re: [BULK] Verizon exiting California
On 07/31/2015 06:27 AM, Mike Hammett wrote: Can anyone else back that up (or refute it)? I am a CLEC operating in California west, and I collocate with verizon. Yes, Verizon is proposing to sell it's wireline assets to Frontier and become effectively an all-wireless carrier. Frontier is going to get a patchwork of ancient switches and poorly maintained outside plant, in rural areas that would require tens of millions of dollars in upgrades for sparely populaed areas it could never turn a profit on. I seriously wonder about the viability of taking on the debt to get those areas and even just maintain them, vz itself has done a very poor job and it presently operates a network where E911 routinely fails along with pots for many, for weeks at a time. And somehow, Verizon has been allowed to skate along without being held to the fire for it's mandated utility / carrier of last resort obligations. I worry that Frontier, with all the new added debt obligations, will not able to swallow this pill. Mike-
Re: [BULK] Verizon exiting California
On Fri, Jul 31, 2015 at 10:32 AM, Mike mike-na...@tiedyenetworks.com wrote: I am a CLEC operating in California west, and I collocate with verizon. Yes, Verizon is proposing to sell it's wireline assets to Frontier and become effectively an all-wireless carrier. clec functions don't necessarily equate to 'verizon business' work though... nor, typically, does 'wireline assets' (typically this denotes pstn or it's equivalent these days). it'd be very funny to see 701 sold to 209 though :)
Re: UDP clamped on service provider links
On Fri, 31 Jul 2015, Christopher Morrow wrote: On Fri, Jul 31, 2015 at 8:07 AM, John Kristoff j...@cymru.com wrote: On Thu, 30 Jul 2015 21:18:10 -0500 Jason Baugher ja...@thebaughers.com wrote: In one case, when we were having an issue with a SIP trunk, we re-numbered our end to another IP in the same subnet. Same path from A to Z, but the packet loss mysteriously disappeared using the new IP. It sure seems like they are throttling somewhere. Not knowing how you evaluated the two paths, but if MPLS was not considered, it may have perhaps been due in part to ECMP behavior. While not ruling out UDP limits, it is plausible that the changed source IP address resulted in a less congested path to be chosen. ding! this sounds like the most plausible answer... I wouldn't expect L3 to limit udp/5060/6061/SIP traffic, as a common carrier that also runs a SIP trunking service they: Jason said it was the RTP traffic that was lossy over L3...so that's not UDP/5060, but [at least commonly] UDP/1:2. i.e. to a network engineer trying to harden the network against DDoS attacks, just random UDP traffic. Someone writing a stateless UDP filter/policer not thinking about RTP might easily implement a filter that doesn't allow all RTP packets to pass. -- Jon Lewis, MCP :) | I route | therefore you are _ http://www.lewis.org/~jlewis/pgp for PGP public key_
Re: [BULK] Verizon exiting California
Well, I meant the VZB network. The landline network transaction is confirmed by their press release. Frontier knows what they're getting into. They bought our Verizon landline operations years ago. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com - Original Message - From: Mike mike-na...@tiedyenetworks.com To: nanog@nanog.org Sent: Friday, July 31, 2015 9:32:49 AM Subject: Re: [BULK] Verizon exiting California On 07/31/2015 06:27 AM, Mike Hammett wrote: Can anyone else back that up (or refute it)? I am a CLEC operating in California west, and I collocate with verizon. Yes, Verizon is proposing to sell it's wireline assets to Frontier and become effectively an all-wireless carrier. Frontier is going to get a patchwork of ancient switches and poorly maintained outside plant, in rural areas that would require tens of millions of dollars in upgrades for sparely populaed areas it could never turn a profit on. I seriously wonder about the viability of taking on the debt to get those areas and even just maintain them, vz itself has done a very poor job and it presently operates a network where E911 routinely fails along with pots for many, for weeks at a time. And somehow, Verizon has been allowed to skate along without being held to the fire for it's mandated utility / carrier of last resort obligations. I worry that Frontier, with all the new added debt obligations, will not able to swallow this pill. Mike-
Re: Mac compatible SFP+/XFP programmer
A couple of months ago I purchased a Flexbox V3 and a pile of SFP and SFP+ for $dayjob. The parts arrived in less than a week and the Flexbox V3 (and webapp) works well with our Macs. We are a satisfied customer. Eriks --- Eriks Rugelis Sr. Consultant Netidea Inc. T: +1.416.876.0740 On Jul 30, 2015, at 14:48, Youssef Bengelloun-Zahr yous...@720.fr wrote: Hi, Flexoptics seems to do the trick but via a Web browser : https://www.flexoptix.net/en/flexbox-v3-transceiver-programmer.html From what I've heard, this thing does the Job. Best regards. Le 30 juil. 2015 à 20:28, Jason Lixfeld ja...@lixfeld.ca a écrit : Does anyone know where I might find a SFP+/XFP programmer with a Mac compatible programmer application? Thanks!
Re: UDP clamped on service provider links
In one case, when we were having an issue with a SIP trunk, we re-numbered our end to another IP in the same subnet. Same path from A to Z, but the packet loss mysteriously disappeared using the new IP. lag hash put you on a congested fiber? Or perhaps a switch fabric module geeked out and impacted 1/3rd or 1/4th of the flows through the box? We’ve seen that exact scenario more times then I want to admit with our old equipment vendor.
A perl script to assist with summarizing QoS counts on Cisco Catalyst 37xx and 35xx series switches
https://github.com/jlmcgraw/networkUtilities/blob/master/parseMlsQosInterfaceStatistics.pl
I whipped up this perl script as part of some troubleshooting I was
doing and I'd thought I send it out to NANOG in case anyone else might
find it useful (Note that you may need to install some additional perl
libraries, see the setup.sh file in that repository for installing
them). I've only tested this with Ubuntu flavors of Linux, your OS
might not work out of the bag.
What it does is take the output of show mls qos interface statistics,
which lists COS/DSCP/Queue counters by individual interface, from a file
and summarize all of those numbers into overall totals.
This will (theoretically) give you a more holistic view of the markings
of traffic in/out of the switch along with which queues are dropping
packets. This will hopefully assist in more intelligent allocation of
queue buffers and thresholds etc.
If you have any thoughts on improvements or bug fixes I'd love to hear them
-Jesse
Output should look something like this:
'cos:incoming ( Tag - Packets )' = {
'0' = '13378773318',
'6' = 1192965355,
'5' = 241414642,
'7' = 93307502,
'3' = 32812572,
'1' = 705042,
'4' = 5812
},
'cos:outgoing ( Tag - Packets )' = {
'0' = '18309565892',
'6' = 4725226136,
'7' = 2016871236,
'5' = 1937646890,
'3' = 423068898,
'2' = 41422754,
'1' = 11665393,
'4' = 567635
},
'dscp:incoming ( Tag - Packets )' = {
'0' = '11778685571',
'46' = 2184094729,
'26' = 394305418,
'40' = 131328936,
'48' = 84660939,
'18' = 42501678,
'24' = 32812572,
'12' = 8553900,
'56' = 6240271,
'10' = 3500510,
'44' = 502413,
'34' = 463741,
'4' = 247044,
'52' = 113496,
'32' = 103896,
'28' = 29765,
'53' = 11408,
'20' = 243,
'49' = 152,
'54' = 7,
'2' = 6,
'50' = 3
},
'dscp:outgoing ( Tag - Packets )' = {
'0' = '16977173711',
'48' = 4360459601,
'46' = 1862171624,
'26' = 390223766,
'40' = 75123620,
'18' = 41422531,
'24' = 32812591,
'56' = 9411197,
'12' = 8258740,
'10' = 3406653,
'52' = 491103,
'34' = 463739,
'44' = 351642,
'4' = 228762,
'32' = 103896,
'53' = 47290,
'28' = 32541,
'20' =
Re: [BULK] Verizon exiting California
I work on E911 systems and the infrastructure that monitors E911 call distribution and integrity. California E911 is part of a nationwide management system operated out of the DC area. California’s E911 exceeds all the mandated reliability requirements. The most problematic part of E911 is cellular call handling, because of geolocation factors that make calls more complex to dispatch. and that part of the system is staying with Verizon. So your claim that E911 “routinely fails…for weeks at a time” isn’t borne out by monitoring records, unless you have some unpublished data to share. -mel On Jul 31, 2015, at 7:32 AM, Mike mike-na...@tiedyenetworks.com wrote: On 07/31/2015 06:27 AM, Mike Hammett wrote: Can anyone else back that up (or refute it)? I am a CLEC operating in California west, and I collocate with verizon. Yes, Verizon is proposing to sell it's wireline assets to Frontier and become effectively an all-wireless carrier. Frontier is going to get a patchwork of ancient switches and poorly maintained outside plant, in rural areas that would require tens of millions of dollars in upgrades for sparely populaed areas it could never turn a profit on. I seriously wonder about the viability of taking on the debt to get those areas and even just maintain them, vz itself has done a very poor job and it presently operates a network where E911 routinely fails along with pots for many, for weeks at a time. And somehow, Verizon has been allowed to skate along without being held to the fire for it's mandated utility / carrier of last resort obligations. I worry that Frontier, with all the new added debt obligations, will not able to swallow this pill. Mike-
Re: UDP clamped on service provider links
On Thu, Jul 30, 2015 at 2:31 PM, Ca By cb.li...@gmail.com wrote: On Thu, Jul 30, 2015 at 2:04 PM, Ted Hardie ted.i...@gmail.com wrote: On Thu, Jul 30, 2015 at 1:45 PM, John Kristoff j...@cymru.com wrote: On Mon, 27 Jul 2015 19:42:46 +0530 Glen Kent glen.k...@gmail.com wrote: Is there a reason why this is often done so? Is this because UDP is stateless and any script kiddie could launch a DOS attack with a UDP stream? State, some form of sender verification and that it and most other commonly used protocols besides TCP do not generally react to implicit congestion signals (drops usually). Hmmm. The WebRTC stack has a pretty explicit form of getting and then maintaining consent; it also rides on top of UDP (SRTP/UDP for media and SCTP/DTLS/UDP for data channels). Because both media and data channels go from peer to peer, it has no preset group of server addresses to white list (the only way I can see to do that would be to force the use of TURN and white list the TURN server, but that would be problematic for performance). How will you support it if the default is to throttle UDP? Clue welcome, Ted We will install a middlebox to strip off the UDP and expose the SCTP natively as the transport protocol ! Patent pending! Yeah, it's SCTP over DTLS over UDP, so stripping the UDP is going to give you: nothing. This may be WAI for some networks, of course. RTCweb made a series of trade offs. Encapsulating SCTP in UDP is one of them... the idea at the time was the this is only WebRTC 1.0, so we'll do a few silly things to ship it early. As i am sure you know :) All of engineering is trade-offs. But I'm asking about a different one here: media traffic often runs over udp when RTP/SRTP is involved and with WebRTC some datachannel traffic will as well. John's work in university environment he cited was used fixed limits for all protocols other than TCP, based on the idea that the others either had no congestion control or limited consent. Those issues shouldn't hit WebRTC which has robust consent and some congestion control (circuit breakers at the moment and more soon). How do we balance that out? regards, Ted
Weekly Routing Table Report
This is an automated weekly mailing describing the state of the Internet Routing Table as seen from APNIC's router in Japan. The posting is sent to APOPS, NANOG, AfNOG, AusNOG, SANOG, PacNOG, CaribNOG and the RIPE Routing Working Group. Daily listings are sent to bgp-st...@lists.apnic.net For historical data, please see http://thyme.rand.apnic.net. If you have any comments please contact Philip Smith pfsi...@gmail.com. Routing Table Report 04:00 +10GMT Sat 01 Aug, 2015 Report Website: http://thyme.rand.apnic.net Detailed Analysis: http://thyme.rand.apnic.net/current/ Analysis Summary BGP routing table entries examined: 553519 Prefixes after maximum aggregation (per Origin AS): 209389 Deaggregation factor: 2.64 Unique aggregates announced (without unneeded subnets): 270136 Total ASes present in the Internet Routing Table: 51034 Prefixes per ASN: 10.85 Origin-only ASes present in the Internet Routing Table: 36679 Origin ASes announcing only one prefix: 16170 Transit ASes present in the Internet Routing Table:6353 Transit-only ASes present in the Internet Routing Table:174 Average AS path length visible in the Internet Routing Table: 4.5 Max AS path length visible: 39 Max AS path prepend of ASN ( 12486) 32 Prefixes from unregistered ASNs in the Routing Table: 1159 Unregistered ASNs in the Routing Table: 426 Number of 32-bit ASNs allocated by the RIRs: 10415 Number of 32-bit ASNs visible in the Routing Table:8002 Prefixes from 32-bit ASNs in the Routing Table: 29602 Number of bogon 32-bit ASNs visible in the Routing Table:17 Special use prefixes present in the Routing Table:3 Prefixes being announced from unallocated address space:410 Number of addresses announced to Internet: 2791199648 Equivalent to 166 /8s, 94 /16s and 83 /24s Percentage of available address space announced: 75.4 Percentage of allocated address space announced: 75.4 Percentage of available address space allocated: 100.0 Percentage of address space in use by end-sites: 97.6 Total number of prefixes smaller than registry allocations: 185310 APNIC Region Analysis Summary - Prefixes being announced by APNIC Region ASes: 136680 Total APNIC prefixes after maximum aggregation: 39845 APNIC Deaggregation factor:3.43 Prefixes being announced from the APNIC address blocks: 143686 Unique aggregates announced from the APNIC address blocks:58429 APNIC Region origin ASes present in the Internet Routing Table:5074 APNIC Prefixes per ASN: 28.32 APNIC Region origin ASes announcing only one prefix: 1198 APNIC Region transit ASes present in the Internet Routing Table:884 Average APNIC Region AS path length visible:4.4 Max APNIC Region AS path length visible: 39 Number of APNIC region 32-bit ASNs visible in the Routing Table: 1571 Number of APNIC addresses announced to Internet: 751597504 Equivalent to 44 /8s, 204 /16s and 119 /24s Percentage of available APNIC address space announced: 87.8 APNIC AS Blocks4608-4864, 7467-7722, 9216-10239, 17408-18431 (pre-ERX allocations) 23552-24575, 37888-38911, 45056-46079, 55296-56319, 58368-59391, 63488-64098, 131072-135580 APNIC Address Blocks 1/8, 14/8, 27/8, 36/8, 39/8, 42/8, 43/8, 49/8, 58/8, 59/8, 60/8, 61/8, 101/8, 103/8, 106/8, 110/8, 111/8, 112/8, 113/8, 114/8, 115/8, 116/8, 117/8, 118/8, 119/8, 120/8, 121/8, 122/8, 123/8, 124/8, 125/8, 126/8, 133/8, 150/8, 153/8, 163/8, 171/8, 175/8, 180/8, 182/8, 183/8, 202/8, 203/8, 210/8, 211/8, 218/8, 219/8, 220/8, 221/8, 222/8, 223/8, ARIN Region Analysis Summary Prefixes being announced by ARIN Region ASes:179814 Total ARIN prefixes after maximum aggregation:87974 ARIN Deaggregation factor: 2.04 Prefixes being announced from the ARIN address blocks: 182558 Unique aggregates announced from the ARIN address blocks: 85393 ARIN Region origin ASes present in the Internet Routing Table:16588 ARIN Prefixes per
Re: Working with Spamhaus
As for SORBS, I'm not aware of anyone that uses it these days many folk do randy
Re: Working with Spamhaus
On Sat, 01 Aug 2015 04:48:11 +0900, Randy Bush said: As for SORBS, I'm not aware of anyone that uses it these days many folk do Many of them your competitors? :) (Sorry, couldn't resist :) pgpO2jdXrpYvy.pgp Description: PGP signature
Re: Working with Spamhaus
Hi, As for SORBS, I'm not aware of anyone that uses it these days because of the extortion thing and the rather ..ahem .. eccentric nature of it's owner. and I see you've never had the pleasure of dealing with SORBS. All it takes is *ONE* message - EVER - to be instantly, and forever, listed in their spamtraps list. Getting on the list is automatic and immediate. There are no thresholds or limits; and there's expiration. The only way off that list is to PAY them to remove you. (which makes it illegal in most places. The corporate sharks flipped when I pointed them to that policy.) I work for Proofpoint -- we acquired SORBS back in 2011. There is obviously some incorrect / very outdated information / viewpoints here, so I thought it would make sense to clear the air a bit: Listings can happen a number of different ways, however the vast majority of these can be resolved, either through automatic delisting, or manual delisting (via SORBS support ticket). Additionally, there is NO CHARGE to be delisted. I'm happy to help mitigate any issues -- feel free to hit me up off list -- jangerba...@proofpoint.com Thanks --Jaren
The Cidr Report
This report has been generated at Fri Jul 31 21:14:46 2015 AEST.
The report analyses the BGP Routing Table of AS2.0 router
and generates a report on aggregation potential within the table.
Check http://www.cidr-report.org/2.0 for a current version of this report.
Recent Table History
Date PrefixesCIDR Agg
24-07-15561972 308324
25-07-15561940 308367
26-07-15561948 308309
27-07-15561810 308356
28-07-15562237 308578
29-07-15562339 308849
30-07-15561310 308826
31-07-15561435 308694
AS Summary
51298 Number of ASes in routing system
20373 Number of ASes announcing only one prefix
3322 Largest number of prefixes announced by an AS
AS10620: Telmex Colombia S.A.,CO
120757504 Largest address span announced by an AS (/32s)
AS4134 : CHINANET-BACKBONE No.31,Jin-rong Street,CN
Aggregation Summary
The algorithm used in this report proposes aggregation only
when there is a precise match using the AS path, so as
to preserve traffic transit policies. Aggregation is also
proposed across non-advertised address space ('holes').
--- 31Jul15 ---
ASnumNetsNow NetsAggr NetGain % Gain Description
Table 561857 308639 25321845.1% All ASes
AS22773 3182 168 301494.7% ASN-CXA-ALL-CCI-22773-RDC -
Cox Communications Inc.,US
AS17974 2702 80 262297.0% TELKOMNET-AS2-AP PT
Telekomunikasi Indonesia,ID
AS39891 2473 35 243898.6% ALJAWWALSTC-AS Saudi Telecom
Company JSC,SA
AS28573 2300 118 218294.9% NET Serviços de Comunicação
S.A.,BR
AS6389 2734 709 202574.1% BELLSOUTH-NET-BLK -
BellSouth.net Inc.,US
AS9394 2269 315 195486.1% CTTNET China TieTong
Telecommunications
Corporation,CN
AS3356 2558 782 177669.4% LEVEL3 - Level 3
Communications, Inc.,US
AS7545 2698 1004 169462.8% TPG-INTERNET-AP TPG Telecom
Limited,AU
AS10620 3322 1673 164949.6% Telmex Colombia S.A.,CO
AS4766 2964 1423 154152.0% KIXS-AS-KR Korea Telecom,KR
AS9808 1582 63 151996.0% CMNET-GD Guangdong Mobile
Communication Co.Ltd.,CN
AS6983 1750 248 150285.8% ITCDELTA - Earthlink, Inc.,US
AS20115 1872 423 144977.4% CHARTER-NET-HKY-NC - Charter
Communications,US
AS4755 2027 708 131965.1% TATACOMM-AS TATA
Communications formerly VSNL
is Leading ISP,IN
AS9498 1363 119 124491.3% BBIL-AP BHARTI Airtel Ltd.,IN
AS4323 1614 418 119674.1% TWTC - tw telecom holdings,
inc.,US
AS18566 2069 898 117156.6% MEGAPATH5-US - MegaPath
Corporation,US
AS6147 1445 278 116780.8% Telefonica del Peru S.A.A.,PE
AS7303 1636 529 110767.7% Telecom Argentina S.A.,AR
AS22561 1375 310 106577.5% CENTURYLINK-LEGACY-LIGHTCORE -
CenturyTel Internet Holdings,
Inc.,US
AS4808 1537 509 102866.9% CHINA169-BJ CNCGROUP IP
network China169 Beijing
Province Network,CN
AS7552 1143 152 99186.7% VIETEL-AS-AP Viettel
Corporation,VN
AS26615 1112 132 98088.1% Tim Celular S.A.,BR
AS8402 965 21 94497.8% CORBINA-AS OJSC Vimpelcom,RU
AS8151 1673 734 93956.1% Uninet S.A. de C.V.,MX
AS7738 995 75 92092.5% Telemar Norte Leste S.A.,BR
AS38285 977 130 84786.7% M2TELECOMMUNICATIONS-AU M2
Telecommunications Group
Ltd,AU
AS6849 1206 414 79265.7% UKRTELNET JSC UKRTELECOM,UA
AS24560 1247 459 78863.2% AIRTELBROADBAND-AS-AP Bharti
Airtel Ltd., Telemedia
[NANOG-announce] 2015 NANOG Elections General Information
Hello NANOG members! We are once again approaching the annual NANOG election and appointment time. In addition to the call for nominations message at the opening of the process, the following is an overview and timeline of the actual election process. We encourage those in the community who are not currently NANOG members to consider becoming members of NANOG and to consider standing for a position in our leadership. Through membership and voting, you will be an active participant in directing all NANOG activities. Only NANOG members are eligible to vote and serve in the 2015 election process. *Click here* https://www.nanog.org/membership to become a member today! *At the December 15, 2014, NANOG Board meeting, the Board of Directors voted to extend the term of all current Communications and Program Committee members through February 2016. In early January 2015, all members of the committees agreed to the extension. Therefore, in this 2015 annual election process, there will be no committee member vacancies. * Ø Monday, August 3, 2015 the Call for Board Candidate Nominations begin Ø Bylaws discussed, proposed changes explored August 10, 2015 Ø Board nominations close on September 14, 2015 Ø Bylaws amendments posted September 21, 2015 Ø *Voting for the 2015 NANOG Board Candidate Elections will begin on Monday, October 5, 2015 at 8am ET and close on Wednesday, October 7, 2015 at 12pm ET.* Only NANOG members in good standing are allowed to vote. ü ***If you are not a member and wish to vote in this election, your membership must be received by 12:00 p.m. Eastern Time on Friday October 2, 2015.*** Ø Call for Committee Member Nominations will be on January 1, 2016 Ø Committee nominations will close on February 1, 2016 *Why?* If you care about NANOG and think that you would like to take a turn at volunteering your time to help make it better please consider joining as a member and running for a position. If you know someone else that you believe would be interested, nominate them by completing the *Online Process**.* https://www.nanog.org/node/http//www.bigoulse.com/signin Any questions should be submitted to *electi...@nanog.org.* electi...@nanog.org As NANOG continues to evolve, our Board of Directors and Committees will continue to play an increasingly important role in our success. By joining now, you can be an integral part of the process. For more information about the role of a Board of Director or any Committee Member, or to find out more about what's involved in serving, please consult the current NANOG Bylaws http://nanog.org/sites/default/files/sites/default/files/NANOG-Bylaws-%20October2014.pdf or review the information found at https://www.nanog.org/elections/2015/general. If you have any questions, please do not hesitate to contact me. Best regards, *Daniel Golding, ChairFor the NANOG Board of Directors* ___ NANOG-announce mailing list nanog-annou...@mailman.nanog.org http://mailman.nanog.org/mailman/listinfo/nanog-announce
Re: UDP clamped on service provider links
On Thu, 30 Jul 2015 21:18:10 -0500 Jason Baugher ja...@thebaughers.com wrote: In one case, when we were having an issue with a SIP trunk, we re-numbered our end to another IP in the same subnet. Same path from A to Z, but the packet loss mysteriously disappeared using the new IP. It sure seems like they are throttling somewhere. Not knowing how you evaluated the two paths, but if MPLS was not considered, it may have perhaps been due in part to ECMP behavior. While not ruling out UDP limits, it is plausible that the changed source IP address resulted in a less congested path to be chosen. John
Level3 packet loss
Anyone again seeing level3 packet loss tonight leaving the east coast going west bound? In my case to Dallas.
Re: Working with Spamhaus
On Fri, Jul 31, 2015 at 5:28 PM, Jaren Angerbauer jarenangerba...@gmail.com wrote: I work for Proofpoint -- we acquired SORBS back in 2011. There is delisting (via SORBS support ticket). Additionally, there is NO CHARGE to be delisted. Hi Jaren, The big problem I remember with SORBS from my ISP days was that if they tested an open relay at IP address A and the return message came from IP address B, they listed IP address B. This put me in an impossible situation as an ISP providing an SMTP smarthost to my authenticated customers. If just one of them screwed up their mail programming, not trying to spam mind you, just screwed up their configuration, my entire relay was hit with a block. Practically speaking, to keep my mail server off SORBS I was required to employ SORBS on my relay to block any customers whose IP appear as an input into SORBS. If I wanted to stay off their list then I MUST use them. Bad ethics there IMO. Is itstill SORBS practice to list both input and output IP addresses of an open relay, regardless of detected spam activity and without any attempt to notify the mail op of the problem? Regards, Bill Herrin -- William Herrin her...@dirtside.com b...@herrin.us Owner, Dirtside Systems . Web: http://www.dirtside.com/
Re: Working with Spamhaus
On Fri, 31 Jul 2015 valdis.kletni...@vt.edu wrote: On Sat, 01 Aug 2015 04:48:11 +0900, Randy Bush said: As for SORBS, I'm not aware of anyone that uses it these days many folk do Many of them your competitors? :) (Sorry, couldn't resist :) Is that to be encouraged? :) -- Jon Lewis, MCP :) | I route | therefore you are _ http://www.lewis.org/~jlewis/pgp for PGP public key_
Re: Working with Spamhaus
On Fri, 31 Jul 2015 17:28:34 -0400, Jaren Angerbauer jarenangerba...@gmail.com wrote: I work for Proofpoint -- we acquired SORBS back in 2011. Hint: The Internet has a LONG memory. The liberal and numerous dropping of for free makes me laugh. You knew the tainted nature of what you were buying. Nobody, to this day, places much trust at all in SORBS. I dare say there isn't anyone on NANOG (certainly any long hairs) that haven't had at least one interaction with SORBS, most likely due to spamtraps; that number drops to almost zero when you put the word good in that sentence. Maybe it's better now under new management; we (the royal we) moved on long ago.
BGP Update Report
BGP Update Report Interval: 23-Jul-15 -to- 30-Jul-15 (7 days) Observation Point: BGP Peering with AS131072 TOP 20 Unstable Origin AS Rank ASNUpds % Upds/PfxAS-Name 1 - AS9829 271611 6.5% 247.4 -- BSNL-NIB National Internet Backbone,IN 2 - AS38197 132507 3.2% 152.3 -- SUNHK-DATA-AS-AP Sun Network (Hong Kong) Limited,HK 3 - AS22059 129201 3.1% 64600.5 -- -Reserved AS-,ZZ 4 - AS21669 122440 2.9% 122440.0 -- NJ-STATEWIDE-LIBRARY-NETWORK - New Jersey State Library,US 5 - AS11056 119630 2.9% 119630.0 -- BERGERMONTAGUE - Berger Montague, P.C,US 6 - AS36947 86349 2.1%1136.2 -- ALGTEL-AS,DZ 7 - AS54169 81118 1.9% 40559.0 -- MGH-ION-1 - Marin General Hospital,US 8 - AS370957313 1.4%2122.7 -- NET-CITY-SA - City of San Antonio,US 9 - AS24138 52884 1.3% 290.6 -- CRNET_BJ_IDC-CNNIC-AP China Tietong Telecommunication Corporation,CN 10 - AS958333748 0.8% 27.5 -- SIFY-AS-IN Sify Limited,IN 11 - AS30295 33202 0.8%8300.5 -- 2ICSYSTEMSINC - 2iC Systems Inc.,CA 12 - AS25563 32547 0.8% 10849.0 -- WEBLAND-AS Webland AG,CH 13 - AS24560 31454 0.8% 27.7 -- AIRTELBROADBAND-AS-AP Bharti Airtel Ltd., Telemedia Services,IN 14 - AS840227995 0.7% 126.7 -- CORBINA-AS OJSC Vimpelcom,RU 15 - AS39891 27254 0.7% 22.9 -- ALJAWWALSTC-AS Saudi Telecom Company JSC,SA 16 - AS131090 27046 0.7% 71.6 -- CAT-IDC-4BYTENET-AS-AP CAT TELECOM Public Company Ltd,CAT ,TH 17 - AS59943 26971 0.6% 26971.0 -- RADAR-AS Radar LLC,RU 18 - AS10620 22902 0.6% 9.3 -- Telmex Colombia S.A.,CO 19 - AS45899 21513 0.5% 74.2 -- VNPT-AS-VN VNPT Corp,VN 20 - AS46687 21177 0.5% 605.1 -- AS46687 - BCI Mississippi Broadband,LLC,US TOP 20 Unstable Origin AS (Updates per announced prefix) Rank ASNUpds % Upds/PfxAS-Name 1 - AS21669 122440 2.9% 122440.0 -- NJ-STATEWIDE-LIBRARY-NETWORK - New Jersey State Library,US 2 - AS11056 119630 2.9% 119630.0 -- BERGERMONTAGUE - Berger Montague, P.C,US 3 - AS22059 129201 3.1% 64600.5 -- -Reserved AS-,ZZ 4 - AS54169 81118 1.9% 40559.0 -- MGH-ION-1 - Marin General Hospital,US 5 - AS59943 26971 0.6% 26971.0 -- RADAR-AS Radar LLC,RU 6 - AS262741 13871 0.3% 13871.0 -- CONECTSUL - COMERCIO E SERVICOS LTDA,BR 7 - AS40637 11867 0.3% 11867.0 -- MAILROUTE - MailRoute, Inc.,US 8 - AS40493 11354 0.3% 11354.0 -- FACILITYSOURCEINC - FacilitySource,US 9 - AS25563 32547 0.8% 10849.0 -- WEBLAND-AS Webland AG,CH 10 - AS3935889534 0.2%9534.0 -- MUBEA-FLO - Mubea,US 11 - AS30295 33202 0.8%8300.5 -- 2ICSYSTEMSINC - 2iC Systems Inc.,CA 12 - AS375905015 0.1%5015.0 -- BCA-ASN,AO 13 - AS337314659 0.1%4659.0 -- -Reserved AS-,ZZ 14 - AS1979144261 0.1%4261.0 -- STOCKHO-AS Stockho Hosting SARL,FR 15 - AS380006166 0.1%3083.0 -- CRISIL-AS [CRISIL Limited.Autonomous System],IN 16 - AS313579035 0.2%3011.7 -- TOMICA-AS Tomsk Information and Consulting Agency,RU 17 - AS566362684 0.1%2684.0 -- ASVEDARU VEDA Ltd.,RU 18 - AS631610264 0.2%2566.0 -- AS-PAETEC-NET - PaeTec Communications, Inc.,US 19 - AS350934395 0.1%2197.5 -- RO-HTPASSPORT High Tech Passport Ltd SUA California San Jose SUCURSALA BUCURESTI ROMANIA,RO 20 - AS370957313 1.4%2122.7 -- NET-CITY-SA - City of San Antonio,US TOP 20 Unstable Prefixes Rank Prefix Upds % Origin AS -- AS Name 1 - 209.212.8.0/24 122440 2.8% AS21669 -- NJ-STATEWIDE-LIBRARY-NETWORK - New Jersey State Library,US 2 - 50.202.59.0/24 119630 2.8% AS11056 -- BERGERMONTAGUE - Berger Montague, P.C,US 3 - 105.96.0.0/22 85008 1.9% AS36947 -- ALGTEL-AS,DZ 4 - 204.80.242.0/24 81115 1.9% AS54169 -- MGH-ION-1 - Marin General Hospital,US 5 - 64.34.125.0/2467377 1.6% AS22059 -- -Reserved AS-,ZZ 6 - 76.191.107.0/24 61824 1.4% AS22059 -- -Reserved AS-,ZZ 7 - 185.65.148.0/24 26971 0.6% AS59943 -- RADAR-AS Radar LLC,RU 8 - 61.7.155.0/24 25772 0.6% AS131090 -- CAT-IDC-4BYTENET-AS-AP CAT TELECOM Public Company Ltd,CAT ,TH 9 - 186.208.186.0/24 13871 0.3% AS262741 -- CONECTSUL - COMERCIO E SERVICOS LTDA,BR 10 - 199.89.0.0/21 11867 0.3% AS40637 -- MAILROUTE - MailRoute, Inc.,US 11 - 199.60.236.0/24 11717 0.3% AS30295 -- 2ICSYSTEMSINC - 2iC Systems Inc.,CA 12 - 8.17.26.0/24 11354 0.3% AS40493 -- FACILITYSOURCEINC - FacilitySource,US 13 - 199.60.234.0/23 11255 0.3% AS30295 -- 2ICSYSTEMSINC - 2iC Systems Inc.,CA 14 - 92.43.216.0/2111050 0.2% AS25563 -- WEBLAND-AS Webland AG,CH
