Re: DSL Operators Mailing List?
In other words, status quo ante? On 05/08/2018 10:16 AM, Mike Hammett wrote: Then don't participate and move on? - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest-IX http://www.midwest-ix.com - Original Message - From: "Stephen Satchell" To: nanog@nanog.org Sent: Tuesday, May 8, 2018 11:19:30 AM Subject: Re: DSL Operators Mailing List? On 05/08/2018 07:12 AM, Mike Hammett wrote: I made a Facebook group for xLEC-related things. (Not useful for those of us not on Facebook.)
Re: DSL Operators Mailing List?
Then don't participate and move on? - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest-IX http://www.midwest-ix.com - Original Message - From: "Stephen Satchell" To: nanog@nanog.org Sent: Tuesday, May 8, 2018 11:19:30 AM Subject: Re: DSL Operators Mailing List? On 05/08/2018 07:12 AM, Mike Hammett wrote: > I made a Facebook group for xLEC-related things. (Not useful for those of us not on Facebook.)
Re: DSL Operators Mailing List?
> On May 8, 2018, at 11:19 AM, Stephen Satchell wrote: > > (Not useful for those of us not on Facebook.) LIKE
Re: DSL Operators Mailing List?
On 05/08/2018 07:12 AM, Mike Hammett wrote: I made a Facebook group for xLEC-related things. (Not useful for those of us not on Facebook.)
Re: DSL Operators Mailing List?
I made a Facebook group for xLEC-related things. https://www.facebook.com/groups/198986590901754/ - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest-IX http://www.midwest-ix.com - Original Message - From: "Mike Hammett" To: "NANOG" Sent: Sunday, January 7, 2018 11:10:11 AM Subject: DSL Operators Mailing List? Is there a good mailing list for DSL operators? A cursory search really only came up with DSL Reports, which is far from what I'm looking for. - Mike Hammett Intelligent Computing Solutions Midwest Internet Exchange The Brothers WISP
would someone from AS7363 contact me off list please
RE: Catalyst 4500 listening on TCP 6154 on all interfaces
This has not been my experience. TAC specifically has an option when opening a case to "Ask a question". It's purpose is for non-outage queries such as these. I've asked them things such as "How many ARP entries does an ASA 5585X support?" Sometimes I find conflicting information so I need to ask TAC or I'm just too busy to find the answer. I've learned not to be hesitant to engage them, we pay for the support after all. Yes, sometimes you will get an engineer who is not helpful. Let them close the case and open another case or insist that the case be moved to another engineer. -Original Message- From: NANOG On Behalf Of frederic.jut...@sig-telecom.net Sent: Monday, May 7, 2018 10:45 AM To: Jay Farrell ; nanog@nanog.org Subject: Re: Catalyst 4500 listening on TCP 6154 on all interfaces I've been told that the TAC center will not take the time to answer as it's not a 'real' problem, service affecting issue. And the Cisco community forum on that topic was useless (nobody answer to a person which already open a topic about this issue 10 months ago). But you are the 4rd person to tell me to open a TAC, I could have tried first. In the meantime Cisco contact me off-list, so I will try with them. On 07.05.2018 16:59, Jay Farrell via NANOG wrote: > Just a wild thought – why not open a TAC case with Cisco and ask them? > > On Mon, May 7, 2018 at 3:06 AM, frederic.jut...@sig-telecom.net < > frederic.jut...@sig-telecom.net> wrote: > >>> - a nsa backdoor :-) >> it would be a very bad backdoor as it's really easy to see the port >> listening... >> >> >>> - a default active service >> Maybe, but a service which is not officially registered: >> https://www.iana.org/assignments/service-names-port-numbers/service-n >> ames- >> port-numbers.xhtml?search=6154 >> >> in contrary to the SMI (zero touch feature on tcp 4786) which is >> registered since almost 10y: >> https://www.iana.org/assignments/service-names-port-numbers/service-n >> ames- >> port-numbers.xhtml?search=4786 >> >> >> >> Could it be possible that this kind of tcp port is not registered by >> Iana because it meant to be used for internal communication only >> (internal to the device), or should you register any port usage (even >> 'private') ? >> >> >> And yes I've tried to reset to default the config, shutdown all >> interface, remove all L3 ip/feature (no ip blabla), and I still see >> by default 2 TCP ports on listening state: >> >> Cat4500-SUP7L-E#sh ip prot >> *** IP Routing is NSF aware *** >> >> Cat4500-SUP7L-E# >> Cat4500-SUP7L-E#sh run | in ip >> address-family ipv4 >> address-family ipv6 >> no ip routing >> ip vrf Liin-vrf >> no ip mfib >> no ip bootp server >> no ip dhcp-client broadcast-flag >> no ip igmp snooping >> no ipv6 traffic interface-statistics >> no ip address >> no ip route-cache >> no ip address >> no ip route-cache >> no ip forward-protocol nd >> no ip http server >> no ip http secure-server >> Cat4500-SUP7L-E# >> Cat4500-SUP7L-E# >> Cat4500-SUP7L-E#show tcp br all >> TCB Local Address Foreign Address (state) >> 5B40BB30 0.0.0.0.4786 *.* LISTEN >> 5CD5D2D8 0.0.0.0.6154 *.* LISTEN >> Cat4500-SUP7L-E# >> >> >> >> I will now try to negate all potential active service from the 'show >> run all' config but it's not optimal as for example 'vstack' (port >> 4786) does not appear in the default config so it would not be >> disable by this trivial method. >> >> >> Fred >> >> >> On 05.05.2018 13:22, marcel.durega...@yahoo.fr wrote: >>> As the zero touch feature is on TCP 4786 (SMI), I vote for either: >>> >>> - a nsa backdoor :-) >>> - a default active service >>> >>> Have you tried to zeroize the config and restart then check if TCP >>> 6154 is still on LISTEN state ? >>> >>> >>> - >>> Marcel >>> >>> >>> >>> On 03.05.2018 06:51, frederic.jut...@sig-telecom.net wrote: Hi, We have Cat 4500 series on SUP7L-E with IOS/XE 03.06.02.E/152(2).E2 which have TCP port 6154 listening on all interfaces. Any idea what it could be ? #show tcp brief all TCB Local Address Foreign Address >> (state) ... 5A529430 0.0.0.0.6154 #show tcp tcb 5A529430 Connection state is LISTEN, I/O status: 1, unread input bytes: 0 Connection is ECN Disabled, Mininum incoming TTL 0, Outgoing TTL 255 Local host: 0.0.0.0, Local port: 6154 Foreign host: UNKNOWN, Foreign port: 0 Connection tableid (VRF): 1 Maximum output segment queue size: 50 Enqueued packets for retransmit: 0, input: 0 mis-ordered: 0 (0 bytes) Event Timers (current time is 0xF58354): Timer StartsWakeupsNext Retrans 0 0 0x0 TimeWait0 0 0x0 AckHold 0 0 0x
Re: Catalyst 4500 listening on TCP 6154 on all interfaces
Cisco contact me off-line and ask me to share my datas. They will open a bug id and investigate. Nothing to say, very pro active. The bug id is CSCvj35885 Cisco also confirmed that this tcp port is for internal communication (internal to the device) only and should not be exposed. Next time I will follow your recommendation about opening a tac case for information request, and not bother the community. Thank to all for your tips and ideas. Best regards, Fred On 07.05.2018 21:22, Spaans, Joel H wrote: > This has not been my experience. TAC specifically has an option when opening > a case to "Ask a question". It's purpose is for non-outage queries such as > these. I've asked them things such as "How many ARP entries does an ASA 5585X > support?" Sometimes I find conflicting information so I need to ask TAC or > I'm just too busy to find the answer. > > I've learned not to be hesitant to engage them, we pay for the support after > all. > > Yes, sometimes you will get an engineer who is not helpful. Let them close > the case and open another case or insist that the case be moved to another > engineer. > > -Original Message- > From: NANOG On Behalf Of > frederic.jut...@sig-telecom.net > Sent: Monday, May 7, 2018 10:45 AM > To: Jay Farrell ; nanog@nanog.org > Subject: Re: Catalyst 4500 listening on TCP 6154 on all interfaces > > I've been told that the TAC center will not take the time to answer as it's > not a 'real' problem, service affecting issue. > And the Cisco community forum on that topic was useless (nobody answer to a > person which already open a topic about this issue 10 months ago). > But you are the 4rd person to tell me to open a TAC, I could have tried first. > In the meantime Cisco contact me off-list, so I will try with them. > > > > > On 07.05.2018 16:59, Jay Farrell via NANOG wrote: >> Just a wild thought – why not open a TAC case with Cisco and ask them? >> >> On Mon, May 7, 2018 at 3:06 AM, frederic.jut...@sig-telecom.net < >> frederic.jut...@sig-telecom.net> wrote: >> - a nsa backdoor :-) >>> it would be a very bad backdoor as it's really easy to see the port >>> listening... >>> >>> - a default active service >>> Maybe, but a service which is not officially registered: >>> https://www.iana.org/assignments/service-names-port-numbers/service-n >>> ames- >>> port-numbers.xhtml?search=6154 >>> >>> in contrary to the SMI (zero touch feature on tcp 4786) which is >>> registered since almost 10y: >>> https://www.iana.org/assignments/service-names-port-numbers/service-n >>> ames- >>> port-numbers.xhtml?search=4786 >>> >>> >>> >>> Could it be possible that this kind of tcp port is not registered by >>> Iana because it meant to be used for internal communication only >>> (internal to the device), or should you register any port usage (even >>> 'private') ? >>> >>> >>> And yes I've tried to reset to default the config, shutdown all >>> interface, remove all L3 ip/feature (no ip blabla), and I still see >>> by default 2 TCP ports on listening state: >>> >>> Cat4500-SUP7L-E#sh ip prot >>> *** IP Routing is NSF aware *** >>> >>> Cat4500-SUP7L-E# >>> Cat4500-SUP7L-E#sh run | in ip >>> address-family ipv4 >>> address-family ipv6 >>> no ip routing >>> ip vrf Liin-vrf >>> no ip mfib >>> no ip bootp server >>> no ip dhcp-client broadcast-flag >>> no ip igmp snooping >>> no ipv6 traffic interface-statistics >>> no ip address >>> no ip route-cache >>> no ip address >>> no ip route-cache >>> no ip forward-protocol nd >>> no ip http server >>> no ip http secure-server >>> Cat4500-SUP7L-E# >>> Cat4500-SUP7L-E# >>> Cat4500-SUP7L-E#show tcp br all >>> TCB Local Address Foreign Address (state) >>> 5B40BB30 0.0.0.0.4786 *.* LISTEN >>> 5CD5D2D8 0.0.0.0.6154 *.* LISTEN >>> Cat4500-SUP7L-E# >>> >>> >>> >>> I will now try to negate all potential active service from the 'show >>> run all' config but it's not optimal as for example 'vstack' (port >>> 4786) does not appear in the default config so it would not be >>> disable by this trivial method. >>> >>> >>> Fred >>> >>> >>> On 05.05.2018 13:22, marcel.durega...@yahoo.fr wrote: As the zero touch feature is on TCP 4786 (SMI), I vote for either: - a nsa backdoor :-) - a default active service Have you tried to zeroize the config and restart then check if TCP 6154 is still on LISTEN state ? - Marcel On 03.05.2018 06:51, frederic.jut...@sig-telecom.net wrote: > Hi, > > We have Cat 4500 series on SUP7L-E with IOS/XE 03.06.02.E/152(2).E2 > which have TCP port 6154 listening on all interfaces. > > Any idea what it could be ? > > #show tcp brief all > TCB Local Address Foreign Address >>> (state) > ... > 5A529430 0.0.0.0.6154 > > > #show tc
Hulu Contact
Is there a good Hulu contact for situations where IP addresses are being incorrectly flagged as anonymous proxy? I see 'ipadmin@hulu' but suspect that's not exactly what I need. Thanks, David. -- David Brain - MCNC - 919.248.1998
