Re: 5G roadblock: labor

2020-01-20 Thread Ben Cannon 
> 
> Why on earth would I want to send it anywhere at all over the Internet?
> 
> One already has to disassemble and inspect very closely almost all electronic 
> gadgets so that the internal embeded spyware microphone and camera and 
> wireless can be removed with pliers.  This is just another thing to inspect 
> for and forcibly disable.
> 

You realize that eventually your neighbors houses will all be wired and they’ll 
be able to get yours by differentiating the signals.

I’m not even half kidding.

-Ben Cannon
CEO 6x7 Networks & 6x7 Telecom, LLC 
b...@6by7.net

Re: 5G roadblock: labor

2020-01-20 Thread Christopher Morrow 
On Fri, Jan 17, 2020 at 3:07 PM Seth Mattinen  wrote:
>
> On 1/17/20 02:13, Alexandre Petrescu wrote:
> >  From the web: the band 48 (3550-3700MHz) is for CBRS in US (Citizens'
> > band broadband service; I suppose something like voice between trucks)
>
>
> CBRS (and the soon to be former NN band) doesn't have anything to do
> with CB radios.

cbrs is the 'overlaps with some navy usage' thing I think.. Oh yes
according to networkworld:
  
https://www.networkworld.com/article/3180615/faq-what-in-the-wireless-world-is-cbrs.html

I think one target for this band was 'in building' LTE network usage.

Re: Internet services in Antarctica

2020-01-20 Thread Eric Kuhnke 
It would be really hard to quantify antarctic IPs as actually being from
there. I know some of the people who've operated the geostationary links to
McMurdo and to the pole (inclined orbit satellite visible only part of the
day).

Their WAN links go through geostationary transponder capacity and earth
stations elsewhere on the planet within the same C-band hemispheric beams.
This means that the IPs which Antarctic research stations exit to the
internet from after often part of commercial teleport operators or
university/research groups, indistinguishable from ordinary ARIN or RIPE
blocks assigned to that entity.

For a while a number of links went through a teleport in Florida.

On Mon, Jan 20, 2020 at 2:14 AM Ask Bjørn Hansen  wrote:

> Hi,
>
> I have a hobby project running DNS service to people looking for NTP
> public servers. I noticed that the DNS servers apparently get ~5 thousand
> queries per day from IPs that the GeoIP database we use claim are in in
> Antarctica. It’s less than 0.0001% of the overall DNS queries, but it made
> me curious what it’d take to make the service work better there.
>
> I imagine the internet service is fragmented between the various stations
> with each being best connected to a particular country? Does anyone have
> contacts there that I could talk to?  I imagine (some of?) the stations
> would have a local NTP service as part of their compute facilities.
>
>
> Ask
>
>

Looking for topology mapping validation

2020-01-20 Thread Kévin Vermeulen 
Hi NANOG,

Our teams at Sorbonne Université and Naval Postgraduate School have
developed a new Internet topology mapping tool, Diamond-Miner.

Diamond-Miner[3] combines Paris Traceroute Multipath Detection Algorithm[1]
and high probing rate Yarrp[2] techniques to trace the load balanced paths
at Internet Scale.

We are seeking now some validation of our inferences, in particular the
traceroutes links that we have found.

We have developed a small website for operators to provide validation:
http://heartbeat.planet-lab.eu:8000

You can either publicly submit the validation on the website or send us an
email to kevin.vermeu...@sorbonne-universite.fr .

You will find all the details on the website, do not hesitate to ask if you
have further questions.

Thanks in advance,

Kevin

[1]: https://arxiv.org/pdf/1809.10070
[2]: http://rbeverly.net/research/papers/yarrp-imc16.pdf
[3]: https://www.usenix.org/conference/nsdi20/accepted-papers

Re: DDoS Mitigation Survey

2020-01-20 Thread Dobbins, Roland 
On 20 Jan 2020, at 23:34, Jean | ddostest.me wrote:

> so one of the best option to fight DDoS is not available through 
> public information.

I just posted a link to a public presentation which describes how to 
enable it on one's own network.

Giving end-customers the ability to block using S/RTBH on an upstream 
transit network can be challenging because of the risk of overblocking.  
It's easy to constrain D/RTBH to the end-customer's own prefixes.


Roland Dobbins

Re: DDoS Mitigation Survey

2020-01-20 Thread Rubens Kuhl 
On Mon, Jan 20, 2020 at 12:49 PM Jean | ddostest.me via NANOG <
nanog@nanog.org> wrote:

> uRPF loose or strict.
>
> Which ISP supports it?
>
> So far, I found none through public information.
>
>
With all IPv4 space converging to being allocated, loose uRPF is almost
useless at this point, or will be soon.

Rubens

Re: DDoS Mitigation Survey

2020-01-20 Thread Jean | ddostest.me via NANOG 

Exactly,

so one of the best option to fight DDoS is not available through public 
information.


@Lumin: You should start your investigation with uRPF loose.

Best regards,

Jean

On 2020-01-20 11:31, Dobbins, Roland wrote:

On 20 Jan 2020, at 22:49, Jean | ddostest.me wrote:


uRPF loose or strict.

Either.


Which ISP supports it?

Some operators use it themselves.  I don't know of any who allow
customer-triggered S/RTBH; several offer customer-triggered D/RTBH.


Roland Dobbins

Re: DDoS Mitigation Survey

2020-01-20 Thread Dobbins, Roland 


On 20 Jan 2020, at 22:49, Jean | ddostest.me wrote:

> uRPF loose or strict.

Either.

> Which ISP supports it?

Some operators use it themselves.  I don't know of any who allow 
customer-triggered S/RTBH; several offer customer-triggered D/RTBH.


Roland Dobbins

Re: Internet services in Antarctica

2020-01-20 Thread william manning 
from 1995-1996, i placed a DNS root server in Antarctica.  Funding for the
bandwidth cost was high enough that I pulled the service.  Never really
delved into the actual requirement for "real-time" interactions that could
not be localized.   caching  and batch transfers cover most of the need.
for more recent work on high bandwidth delay environments, check out:
http://ipnsig.org/

/wm

On Mon, Jan 20, 2020 at 2:15 AM Ask Bjørn Hansen  wrote:

> Hi,
>
> I have a hobby project running DNS service to people looking for NTP
> public servers. I noticed that the DNS servers apparently get ~5 thousand
> queries per day from IPs that the GeoIP database we use claim are in in
> Antarctica. It’s less than 0.0001% of the overall DNS queries, but it made
> me curious what it’d take to make the service work better there.
>
> I imagine the internet service is fragmented between the various stations
> with each being best connected to a particular country? Does anyone have
> contacts there that I could talk to?  I imagine (some of?) the stations
> would have a local NTP service as part of their compute facilities.
>
>
> Ask
>
>

Re: DDoS Mitigation Survey

2020-01-20 Thread Jean | ddostest.me via NANOG 

uRPF loose or strict.

Which ISP supports it?

So far, I found none through public information.


On 2020-01-20 10:38, Dobbins, Roland wrote:

On 20 Jan 2020, at 19:59, Jean | ddostest.me via NANOG wrote:


Where can we find public information on how to use S/RTBH

This .pdf preso on mitigation techniques describes how it works:




Roland Dobbins

Re: DDoS Mitigation Survey

2020-01-20 Thread Dobbins, Roland 


On 20 Jan 2020, at 19:59, Jean | ddostest.me via NANOG wrote:

> Where can we find public information on how to use S/RTBH

This .pdf preso on mitigation techniques describes how it works:




Roland Dobbins

Re: Internet services in Antarctica

2020-01-20 Thread Mike Bolitho 
One of my buddies was a network engineer at Palmer Station for a winter.
Let me reach out to him.

- Mike Bolitho


On Mon, Jan 20, 2020 at 3:15 AM Ask Bjørn Hansen  wrote:

> Hi,
>
> I have a hobby project running DNS service to people looking for NTP
> public servers. I noticed that the DNS servers apparently get ~5 thousand
> queries per day from IPs that the GeoIP database we use claim are in in
> Antarctica. It’s less than 0.0001% of the overall DNS queries, but it made
> me curious what it’d take to make the service work better there.
>
> I imagine the internet service is fragmented between the various stations
> with each being best connected to a particular country? Does anyone have
> contacts there that I could talk to?  I imagine (some of?) the stations
> would have a local NTP service as part of their compute facilities.
>
>
> Ask
>
>

Re: DDoS Mitigation Survey

2020-01-20 Thread Jean | ddostest.me via NANOG 

Where can we find public information on how to use S/RTBH

and which providers support it.

Thanks
Jean

On 2020-01-14 17:31, Dobbins, Roland wrote:

There are literally decades of information on these topics available
publicly.  Router and switch ACLs (both static and dynamically-updated
via flow spec), D/RTBH, S/RTBH

Re: Internet services in Antarctica

2020-01-20 Thread Alejandro Acosta 
Hello,

On 1/20/20 6:13 AM, Ask Bjørn Hansen wrote:
> Hi,
>
> I have a hobby project running DNS service to people looking for NTP public 
> servers. I noticed that the DNS servers apparently get ~5 thousand queries 
> per day from IPs that the GeoIP database we use claim are in in Antarctica. 
> It’s less than 0.0001% of the overall DNS queries, 


My apologies for my sideline question, where did you get the number of
the overall DNS queries? or just said a random number to the air?


Thanks,

Alejandro,


> but it made me curious what it’d take to make the service work better there.
>
> I imagine the internet service is fragmented between the various stations 
> with each being best connected to a particular country? Does anyone have 
> contacts there that I could talk to?  I imagine (some of?) the stations would 
> have a local NTP service as part of their compute facilities.
>
>
> Ask
>


pEpkey.asc
Description: application/pgp-keys

Re: Internet services in Antarctica

2020-01-20 Thread Karl Auer 
On Mon, 2020-01-20 at 02:13 -0800, Ask Bjørn Hansen wrote:
> I have a hobby project running DNS service to people looking for NTP
> public servers. I noticed that the DNS servers apparently get ~5
> thousand queries per day from IPs that the GeoIP database we use
> claim are in in Antarctica. It’s less than 0.0001% of the overall DNS
> queries, but it made me curious what it’d take to make the service
> work better there.
> 
> I imagine the internet service is fragmented between the various
> stations with each being best connected to a particular country? Does
> anyone have contacts there that I could talk to?  I imagine (some
> of?) the stations would have a local NTP service as part of their
> compute facilities.

Back in the early nineties Andrew Tridgell (Samba, rsync etc) put at
least three Linux-based satellite receivers into Antarctica at the
behest of the Oz government. Dunno if they were or are NTP servers. 

Regards, K.

-- 
~~~
Karl Auer (ka...@biplane.com.au)
http://www.biplane.com.au/kauer
http://twitter.com/kauer389

GPG fingerprint: 8D08 9CAA 649A AFEF E862 062A 2E97 42D4 A2A0 616D
Old fingerprint: A0CD 28F0 10BE FC21 C57C 67C1 19A6 83A4 9B0B 1D75

Internet services in Antarctica

2020-01-20 Thread Ask Bjørn Hansen 
Hi,

I have a hobby project running DNS service to people looking for NTP public 
servers. I noticed that the DNS servers apparently get ~5 thousand queries per 
day from IPs that the GeoIP database we use claim are in in Antarctica. It’s 
less than 0.0001% of the overall DNS queries, but it made me curious what it’d 
take to make the service work better there.

I imagine the internet service is fragmented between the various stations with 
each being best connected to a particular country? Does anyone have contacts 
there that I could talk to?  I imagine (some of?) the stations would have a 
local NTP service as part of their compute facilities.


Ask