Re: AWS Web Application Firewall blocks ISP ranges?
Yes. our network is a mix of content and eyeballs and they listed the whole thing. This has prevented the local school district from using their text to speech application (for their deaf students) as well as others. This has also affected the local library and residences. It's a PITA. Thanks Amazon. Aaron On 3/21/2024 12:16 PM, Jonathan Kalbfeld via NANOG wrote: Hi All, I just became aware that AWS has a list of hosting IP providers and that list is blocked by their WAF? (!?!?). None of my VM or colo customers can reach anything in AWS, such as Docker, Twilio, etc. I confirmed through source routing that when I access it using one of my peering partners as a source IP it is reachable, but using one of my net blocks, it is not reachable and times out. Checked all of my routing tables and those AWS blocks are definitely visible. Also confirmed from looking glass that my IP ranges are showing up. Has anyone else encountered that? If so, is there a way to get removed from that list? I have a very curated list of clients and I know all of them personally and none of them have been abusing AWS, so I was wondering if it was some kind of blanket ban? If you're internal to AWS, my ASN is 54380, IP ranges affected are 199.33.244.0/24, 199.79.202.0/24, 199.188.96.0/22, 45.59.144.0/22 and 206.197.110.0/24 Feel free to reach out off-list. Thanks, Jonathan Kalbfeld Jonathan Kalbfeld office: +1 310 317 7933 fax: +1 310 317 7901 home: +1 310 317 7909 mobile: +1 310 227 1662 ThoughtWave Technologies, Inc. Studio City, CA 91604 https://thoughtwave.com View our network at https://bgp.he.net/AS54380 +1 844 42-LINUX -- Aaron Wendel Chief Technical Officer Wholesale Internet, Inc. (AS 32097) http://www.wholesaleinternet.com aa...@wholesaleinternet.com
Re: Why are paper LOAs still used?
I don't have any examples of anyone still using paper LOAs except for Cogent. Aaron On 2/26/2024 12:57 PM, Seth Mattinen via NANOG wrote: Why do companies still insist on, or deploy new systems that rely on paper LOA for IP and ASN resources? How can this be considered more trustworthy than RIR based IRR records? And I'm not even talking about old companies, I have a situation right now where a VPS provider I'm using will no longer use IRR and only accepts new paper LOAs. In the year 2024. I don't understand how anyone can go backwards like that. ~Seth
Re: 165 Halsey recurring power issues
I toured The Planet years ago in Dallas and was told by the sales rep that A+B power was two circuits from the same PDU. :) I consider A+B power to be two distinct feeds, separate utility entrances, separate generators, separate UPS', PDU's, etc. Past that I consider things like firewall separation, rated chases and such to be customer specific requirements. Aaron On 10/23/2023 9:38 AM, Babak Pasdar wrote: Hello, I wanted to get some feedback as to what is considered standard A/B power setup when data centers sell redundant power. It has always been my understanding that A/B power means individually unique and preferably alternate path connections to disparate UPS units. A few months ago, 165 Halsey took us down for several hours. They claimed that a UPS failed causing this issue. Our natural reaction was that we have A/B redundant power so a failed UPS on the A circuit should not take down the cabinet. Joe the facility manager claimed that industry standard A/B power means two circuits to the same UPS, which makes no sense to me. They committed to move us to A/B power with redundant circuits to disparate UPS units. However, we had a multi-hour outage again in that site this weekend. At first glance it seems to be the same problem. We have checked with all of our other data center providers who have confirmed A/B power is in fact individually unique connections to disparate UPS units. 165 Halsey's definition of what constitutes redundant power seems unique. Why would anyone pay extra for a second connection to the same UPS? However, I wanted to get feedback to see if I am taking crazy pills here None-the-less, we have lost all confidence in this facility. Best Regards, Babak
Re: transit and peering costs projections
The issue in Houston is Dallas. I reached out to 30-40 networks and 90% of them all said they just back haul to Dallas and have no interest in peering in Houston. It’s a real hard town to get any traction in. If you’re local and have some insight, I’d be super happy to talk to you. Aaron > On Oct 14, 2023, at 8:48 PM, Tim Burke wrote: > > I would say that a 1Gbit IP transit in a carrier neutral DC can be had for a > good bit less than $900 on the wholesale market. > > Sadly, IXP’s are seemingly turning into a pay to play game, with rates almost > costing as much as transit in many cases after you factor in loop costs. > > For example, in the Houston market (one of the largest and fastest growing > regions in the US!), we do not have a major IX, so to get up to Dallas it’s > several thousand for a 100g wave, plus several thousand for a 100g port on > one of those major IXes. Or, a better option, we can get a 100g flat internet > transit for just a little bit more. > > Fortunately, for us as an eyeball network, there are a good number of major > content networks that are allowing for private peering in markets like > Houston for just the cost of a cross connect and a QSFP if you’re in the > right DC, with Google and some others being the outliers. > > So for now, we'll keep paying for transit to get to the others (since it’s > about as much as transporting IXP from Dallas), and hoping someone at Google > finally sees Houston as more than a third rate city hanging off of Dallas. > Or… someone finally brings a worthwhile IX to Houston that gets us more than > peering to Kansas City. Yeah, I think the former is more likely. > > See y’all in San Diego this week, > Tim > >> On Oct 14, 2023, at 18:04, Dave Taht wrote: >> >> This set of trendlines was very interesting. Unfortunately the data >> stops in 2015. Does anyone have more recent data? >> >> https://drpeering.net/white-papers/Internet-Transit-Pricing-Historical-And-Projected.php >> >> I believe a gbit circuit that an ISP can resell still runs at about >> $900 - $1.4k (?) in the usa? How about elsewhere? >> >> ... >> >> I am under the impression that many IXPs remain very successful, >> states without them suffer, and I also find the concept of doing micro >> IXPs at the city level, appealing, and now achievable with cheap gear. >> Finer grained cross connects between telco and ISP and IXP would lower >> latencies across town quite hugely... >> >> PS I hear ARIN is planning on dropping the price for, and bundling 3 >> BGP AS numbers at a time, as of the end of this year, also. >> >> >> >> -- >> Oct 30: https://netdevconf.info/0x17/news/the-maestro-and-the-music-bof.html >> Dave Täht CSO, LibreQos
Re: U.S. test of national alerts on Oct. 4 at 2:20pm EDT (1820 UTC)
I think this is what he was referring to: https://en.wikipedia.org/wiki/2018_Hawaii_false_missile_alert Apparently we don't "all remember". On 10/4/2023 1:39 PM, Sean Donelan wrote: On Wed, 4 Oct 2023, Sabri Berisha wrote: Makes me wonder what I have to do to opt out of this. We all remember what happened in Hawaii. Do you mean the 98 people (at least) who died due to the Maui Lahaina wildfires. Seems like the same people who complain about the testing of public warning systems also complain when they don't get a warning about something that personally affected them. Public warning systems are designed to get your attention, wake you up, interrupt what you are doing. Nevertheless, I understand some people will remove the batteries from smoke alarms and turn off public alerts.
Re: Your input sought on PeeringDB's Network Type field
I just left a couple sections blank. On 6/14/2023 3:31 PM, Justin Streiner wrote: Leo: The survey might also want to include response options along the lines of: "Don't know / N/A". Thank you jms On Wed, Jun 14, 2023 at 12:18 PM Leo Vegoda wrote: Hi, PeeringDB's Product Committee wants your input on whether the Network Type field is useful. Should it go? Should it change? We have published a very short blog post describing the options and linking to the survey. https://docs.peeringdb.com/blog/network_type_your_input_sought/ Your input will influence our decision. Thanks, Leo Vegoda for PeeringDB's Product Committee -- ======== Aaron Wendel Chief Technical Officer Wholesale Internet, Inc. (AS 32097) (816)550-9030 http://www.wholesaleinternet.com
Re: Spamhaus flags any IP announced by our ASN as a criminal network
The solution to your problem is to terminate the customer causing the abuse, in this case 62yun.com. Once you do that I'm sure Spamhaus will stop listing all your IPs. Aaron On 3/20/2023 6:54 AM, Brandon Zhi wrote: It seems you've reached the point that they ignore specific prefixes and set every prefix you are advertising as criminal. * * Our sponsor (LIR) 62yun.com <http://62yun.com>, they have 2 prefixes for VPS/Dedicated Server using our ASN.* * 62yun did receive a lot of complaints, but as far as I know they have been handling them (their head said their team is not good at English and so they did not reply emails) For me, I cannot reply to all emails for them, since I don't have that much time. I also need to work for my company. As I understand it, most things at Spamhaus are manual determinations. You click on "show details" and they give you a list of timestamped report IDs, each with a 1-line description of the reviewer's assessment of the fault. I checked https://check.spamhaus.org/listed/?searchterm=46.23.100.0 and the reason they gave us was simple, saying our not willing to handle abuse. but we stressed with them many times that we are 2 different companies. We also do not have the authority to handle these complaints, but we will alert 62yun.com <http://62yun.com>. But they still intend to blacklist all the prefixes under our ORG ID, even if the user is not us. Based on my past experiences, Spamhaus is rather gracious at first, but if you ignore them, they will start blocking you en masse. About 10 years ago, I worked for a datacenter/NSP and personally handled all Spamhaus complaints, and as soon as I left to go to another company (and the company stopped taking care of the complaints), Spamhaus blocked every single one of their IPs until they committed to actually handling the complaints again. This has little impact on 62yun.com <http://62yun.com>'s VPS business, and my feeling is that if someone uses their VPS to build a mail server those emails that are sent from this server may be rejected. However, we are recently building a CDN for one of our partners (a social media company), and we need to use a provider like vultr, which is not really an IP Transit provider, to announce prefixes, however, they reject prefixes on the Spamhaus list. I don't think any ISP would reject an IP that is on the Spamhaus list. *Brandon Zhi* HUIZE LTD www.huize.asia <https://huize.asia/>| www.ixp.su <https://www.ixp.su/> | Twitter This e-mail and any attachments or any reproduction of this e-mail in whatever manner are confidential and for the use of the addressee(s) only. HUIZE LTD can’t take any liability and guarantee of the text of the email message and virus. On Mon, 20 Mar 2023 at 02:29, Tim Burke wrote: Have you received complaints from Spamhaus in the past? If so, have you acted on them in a timely manner? Based on my past experiences, Spamhaus is rather gracious at first, but if you ignore them, they will start blocking you en masse. About 10 years ago, I worked for a datacenter/NSP and personally handled all Spamhaus complaints, and as soon as I left to go to another company (and the company stopped taking care of the complaints), Spamhaus blocked every single one of their IPs until they committed to actually handling the complaints again. V/r Tim On Mar 18, 2023, at 8:57 AM, Brandon Zhi wrote: Hello guy, We recently discovered that any IP address announced by our ASN is blacklisted by Spamhaus, even if we only announced it but not use it. I would like to ask if this is manually set by Spamhaus or is the system misjudgment? Has anyone encountered the same situation as us? Best, *Brandon Zhi* HUIZE LTD www.huize.asia <https://huize.asia/>| www.ixp.su <https://www.ixp.su/> | Twitter This e-mail and any attachments or any reproduction of this e-mail in whatever manner are confidential and for the use of the addressee(s) only. HUIZE LTD can’t take any liability and guarantee of the text of the email message and virus. -- ======== Aaron Wendel Chief Technical Officer Wholesale Internet, Inc. (AS 32097) (816)550-9030 http://www.wholesaleinternet.com
Re: [External] Normal ARIN registration service fees for LRSA entrants after 31 Dec 2023
I'm not trying to troll, this is a serious question: Is there a formal agreement that says that all legacy resources will receive free registry services forever and ever or is it just an informal "That's how it was done"? Aaron
Re: 2 Byte ASNs??
We've never had an issue requesting a 2-byte ASN from ARIN. Our last request was, maybe, a month ago. Aaron On 8/5/2022 10:16 AM, Justin Wilson (Lists) wrote: Whats the availability of two byte asns look like? Anyone able to obtain one recently? I have a network that is all Mikrotik and the route targets are messing with them. They can’t use communities with their 4 bytes asn. It’s one of those it really isn’t a big deal but I thought I would ask. Justin Wilson j...@mtin.net — https://j2sw.com (AS399332) https://blog.j2sw.com - Podcast and Blog
Re: FCC proposes higher speed goals (100/20 Mbps) for USF providers
On 5/24/2022 10:48 AM, Mitchell Tanenbaum via NANOG wrote: I have two fixed wireless Internet connections here. One is 25/5, the other is 35/5. There is no cable, no fiber, no cellular, not even DSL from the phone company. That is reality in metro Denver, CO (actually, the foothills, 25 miles from the state Capitol building). Regarding Starlink, no, you can’t get it. I paid my deposit a year and a half ago and I am still on the waiting list. Every time that I get close to the date they promise, they change the promise. Maybe I will get Starlink service some time in the future, but, not any time soon. Oh, yeah, and 25 meg down costs $75 a month. If you want VoIP, that is another $20+. So not only is it slow, it is expensive too. So yes, there still is a problem, right here in America. And not just in the boonies. Mitch This brings up another issues no one is really talking about and that's affordability. We're about to lower our price on 10G to the home to $50/mo because that was the number the FCC would pay people who qualified. Now they've lowered that subsidy to $30. The pandemic exposed the fact that there are a lot of people out there that just can't afford the current pricing structure. We give a gig away for free with a one time install fee and we had people calling us who's kids were at home for school and they couldn't afford the $25/mo we'd break their $300 install into. We ended up just waiving a ton of fees during those early COVID days. Aaron
Re: FCC proposes higher speed goals (100/20 Mbps) for USF providers
On 5/24/2022 9:57 AM, Forrest Christian (List Account) wrote: If the government is going to fund anything at all anymore, it needs to be fiber all the way to the home which is built and managed in a way that any provider can use it. This probably means a single strand from each home to some concentration point no more than 10km from the home and then a backbone/middle mile supporting several carriers from that point. The position of this concentration point to be determined by the density in the area. In an ideal world, yes, this is exactly how it would work although there would be some logistical issues. If you sit in these hearings the various government entities hold and listen to Charter's "Government Affairs Representative" then that is absolutely not true and coax is the wave of the future.
Re: FCC proposes higher speed goals (100/20 Mbps) for USF providers
The Fiber Broadband Association estimates that the average US household will need more than a gig within 5 years. Why not just jump it to a gig or more? On 5/23/2022 1:40 PM, Sean Donelan wrote: https://www.fcc.gov/document/fcc-proposes-higher-speed-goals-small-rural-broadband-providers-0 The Federal Communications Commission voted [May 19, 2022] to seek comment on a proposal to provide additional universal service support to certain rural carriers in exchange for increasing deployment to more locations at higher speeds. The proposal would make changes to the Alternative Connect America Cost Model (A-CAM) program, with the goal of achieving widespread deployment of faster 100/20 Mbps broadband service throughout the rural areas served by rural carriers currently receiving A-CAM support.
Re: Cogent ...
I've used Cogent for years and have never been asked to sign an NDA with them. Of the 4 providers I use regularly they are the second highest price so I wouldn't consider them cheap any more either. There's no better or worse than any transit provider these days. Aaron On 3/31/2022 10:38 AM, Laura Smith via NANOG wrote: Hmmm Spring has sprung and the waft of drivel from a new season Cogent salesdroid filled my telephone earpiece today. I've never liked the Cogent way of business and my understanding of their IP transit is that it falls into the "cheap for a reason" category. However, perhaps someone would care to elaborate (either on or off-list) what the deal is with the requirement to sign NDAs with Cogent before they'll discuss things like why they still charge for BGP, or indeed any other technical or pricing matters. Seems weird ?!? Laura -- ======== Aaron Wendel Chief Technical Officer Wholesale Internet, Inc. (AS 32097) (816)550-9030 http://www.wholesaleinternet.com
Re: Cogent cutting links to Russia?
I think you're reading it incorrectly. The US government and many other countries have imposed sanctions against Russia and barred businesses in those countries from doing business in Russia. Cogent is a US based company and, even if it operates on foreign jurisdictions through subsidiaries, has issues providing services to sanctioned entities. That's how I read the excerpt provided. Aaron On 3/4/2022 4:03 PM, Matthew Petach wrote: On Fri, Mar 4, 2022 at 12:55 PM Martin Hannigan wrote: I would argue they don't have much of a choice: "The economic sanctions put in place as a result of the invasion and the increasingly uncertain security situation make it impossible for Cogent to continue to provide you with service." I would expect to see others follow suit if that is the case. That's an interesting slope to slide along... I fully understand ISPs disconnecting customers for non-payment; we've all had to do that at one point or another in our careers, I'm sure. However, that's generally done *after* the customer has demonstrated an inability or unwillingness to pay their bills. This doesn't seem to indicate that any existing invoices have gone unpaid past their due date, but simply that there is *concern* that a future bill might go unpaid due to the economic sanctions. I'm not sure that's a good precedent for a service provider to create; "we may terminate your service at any point if we suspect that at an unspecified time in the future, you may become unable to pay future invoices." Shades of Minority Report. We'll imprison you today for a crime we suspect you will commit in the future. ^_^; If and when bills go unpaid, I fully support turning off customers. I worry about the precedent of disconnecting based on suspicions of what might happen in the future, however. Matt -- ======== Aaron Wendel Chief Technical Officer Wholesale Internet, Inc. (AS 32097) (816)550-9030 http://www.wholesaleinternet.com
Re: New minimum speed for US broadband connections
I have friends in significantly more rural areas than he lives in ( Niagara and Orleans county NYS , between Niagara Falls and Rochester ) who have the same 400Mb package from Spectrum that I do, living in the City of Niagara Falls. This is not to say that rural America is a mecca of connectivity; there is a long way to go all the way around regardless. But it is a direct example as you asked for. On Thu, Feb 10, 2022 at 3:57 PM Josh Luthman wrote: >There are plenty of urban and suburban areas in America that are far worse off from a broadband perspective than “rural America”. Can you provide examples? On Thu, Feb 10, 2022 at 3:51 PM Owen DeLong via NANOG wrote: > On Jun 2, 2021, at 02:10 , Mark Tinka wrote: > > > > On 6/2/21 11:04, Owen DeLong wrote: > >> I disagree… If it could be forced into a standardized format using a standardized approach to data acquisition and reliable comparable results across providers, it could be a very useful adjunct to real competition. > > If we can't even agree on what "minimum speed for U.S. broadband connections" actually means, fat chance having a "nutritional facts" at the back of the "Internet in a tea cup" dropped off at your door step. > > I'm not saying it's not useful, I'm just saying that easily goes down the "what color should we use for the bike shed" territory, while people in rural America still have no or poor Internet access. > > Mark. ROFLMAO… People in Rural America seem to be doing just fine. Most of the ones I know at least have GPON or better. Meanwhile, here in San Jose, a city that bills itself as “The Capital of Silicon Valley”, the best I can get is Comcast (which does finally purport to be Gig down), but rarely delivers that. Yes, anything involving the federal government will get the full bike shed treatment no matter what we do. There are plenty of urban and suburban areas in America that are far worse off from a broadband perspective than “rural America”. Owen -- Aaron Wendel Chief Technical Officer Wholesale Internet, Inc. (AS 32097) (816)550-9030 http://www.wholesaleinternet.com
Re: Authoritative Resources for Public DNS Pinging
I'd just like to mention that PornHub is always up. (Pun intended) Ping it. Aaron On 2/9/2022 2:43 PM, Tom Beecher wrote: I mean if you own it, it's your money. But I think I anyone else would have a difficult time making a business or technical case to justify setting up and maintaining a large scale echo-reply endpoint for... what exactly? On Wed, Feb 9, 2022 at 3:32 PM Lady Benjamin Cannon of Glencoe wrote: Perhaps owning a (small but global) cloud computing & telecom company has spoiled me, but it seems like a trivial amount of resources to me for any moderately sized company let alone a large tech/telecom like anything you’d have heard of. -LB Ms. Lady Benjamin PD Cannon of Glencoe, ASCE 6x7 Networks & 6x7 Telecom, LLC CEO b...@6by7.net "The only fully end-to-end encrypted global telecommunications company in the world.” ANNOUNCING: 6x7 GLOBAL MARITIME <https://alexmhoulton.wixsite.com/6x7networks> FCC License KJ6FJJ On Feb 9, 2022, at 12:15 PM, Tom Beecher wrote: Side note, am I missing something obvious where I can’t just have hardware routers strip ICMP, pipe it separately, put 500 VMs behind 4 vLBs and let the world ping the brains out of it? Seems like a lot of overhead for zero benefit. On Wed, Feb 9, 2022 at 2:11 PM Lady Benjamin Cannon of Glencoe wrote: ok that’s amazing. RFC1149 amazing. Side note, am I missing something obvious where I can’t just have hardware routers strip ICMP, pipe it separately, put 500 VMs behind 4 vLBs and let the world ping the brains out of it? Who owns 69.69.69.69 - collab? How naff is this? -LB Ms. Lady Benjamin PD Cannon of Glencoe, ASCE 6x7 Networks & 6x7 Telecom, LLC CEO b...@6by7.net "The only fully end-to-end encrypted global telecommunications company in the world.” ANNOUNCING: 6x7 GLOBAL MARITIME <https://alexmhoulton.wixsite.com/6x7networks> FCC License KJ6FJJ On Feb 9, 2022, at 9:38 AM, Jay Hennigan wrote: On 2/8/22 23:42, Stephane Bortzmeyer wrote: The only problem is the less friendly IP address (although this will be less and less a problem with IPv6, since 2001:4860:4860:: is not really friendly). Fun fact: Someone at Sprint had the same hobby as I did in the early 1970s. Their website resolves to 2600:: which I think is rather friendly. :-) Please don't use it for an IPv6 ping target, thanks. -- Jay Hennigan - j...@west.net Network Engineering - CCIE #7880 503 897-8550 - WB6RDV -- ======== Aaron Wendel Chief Technical Officer Wholesale Internet, Inc. (AS 32097) (816)550-9030 http://www.wholesaleinternet.com
Re: Fiber Network Equipment Commercial Norms
The building owner has no obligation to the provider. If it provides no value, call them and tell them to remove the equipment if you don't want it in your building. Aaron On 9/22/2021 11:23 AM, jra...@gmail.com wrote: A few of the buildings that my firm represents have the local telco’s fiber distribution and/or repeater equipment located on the premises. My understanding is that when one of these links go down, (we’ve occasionally had to interrupt circuit power to do maintenance in a building for one reason or another), a local engineering tech always comes running to restore the link. The tech has led our maintenance staff to believe that these repeaters are an integral part of the local ring, which fits my understanding. When a network operator has equipment located at a third party premises, what is the norm for commercial contractual terms regarding the siting of that equipment? Any network equipment on site pre-dates my client’s ownership of the buildings, and they have no record of any agreements or easements governing who is responsible for power, maintenance, liability, etc. My client has no philosophical objection to having the equipment on site, but he’s asked why he has had to pay to power and cool this equipment for almost 20 years when it serves him no benefit (he is not utilizing that company’s services). I figure some of you may be able to give me an insight as to what is normal and reasonable. Feel free to contact me directly if this message is not suitable for this distribution list. Appreciate the insight, *Jeff Ray* O: (956) 542-3642 C: (956) 592-2019 jra...@gmail.com This message has been sent as a part of a discussion between Jeff Ray and the intended recipient identified above. Some topics may be sensitive and subject to legal privilege, confidentiality, or other non-disclosure agreement. Should you receive this message by mistake, we would be most grateful if you informed us that the message has been sent to you. In that case, we also ask that you delete this message from your mailbox, and do not forward or speak of it (or its contents) to anyone else. Thank you for your cooperation and understanding. -- Aaron Wendel Chief Technical Officer Wholesale Internet, Inc. (AS 32097) (816)550-9030 http://www.wholesaleinternet.com
Re: An update on the AfriNIC situation
I suppose people who wanted to take a side could also block traffic to and from Cloud Innovations IP blocks. On 8/27/2021 10:36 AM, Bill Woodcock wrote: As many of you are aware, AfriNIC is under legal attack by Heng Lu / “Cloud Innovation.” John Curran just posted an excellent summary of the current state of affairs here: https://teamarin.net/2021/08/27/afrinic-and-the-stability-of-the-internet-number-registry-system/ If, like me, you feel like chipping in a little bit of money to help AfriNIC make payroll despite Heng having gotten their bank accounts frozen, some of the African ISP associations have put together a fund, which you can donate to here: https://www.tespok.co.ke/?page_id=14001 It’s an unfortunate situation, but the African Internet community has really pulled together to defend themselves, and they’ve got a lot less resources than most of us do. -Bill
Re: netflow in the core used for surveillance
You don't know that I don't know that. On 8/25/2021 4:32 PM, Paul Ebersman wrote: randy> https://www.vice.com/en/article/jg84yy/data-brokers-netflow-data-team-cymru randy> at, comcast, ... zayo, please tell us you do not do this. aaron> You know they do. No, you don't know that. The above all certainly collect this info. Not all sell it to anyone who asks.
Re: netflow in the core used for surveillance
You know they do. On 8/25/2021 4:13 PM, Randy Bush wrote: https://www.vice.com/en/article/jg84yy/data-brokers-netflow-data-team-cymru used to get dissidents, activists, and journos killed at, comcast, ... zayo, please tell us you do not do this. randy
Re: 10g residential CPE
It does have wireless. That doesn't prevent people from trying to use their old equipment in addition. ("My dad's uncle's cousin's former roommate works in IT and told me I just needed to plug my old router into your new router.") On 12/29/2020 10:53 AM, Michael Thomas wrote: On 12/29/20 8:42 AM, Aaron Wendel wrote: Oh, we still get calls about speed issues. It's always wonderful when someone puts their own 10 year old Linksys WRT54G and double NATs behind our CPE then sends in a speed test wondering why they're only getting 10Mbits on their Gbit line. We get those ALL the time. :) Does your CPE not have wireless? If it's double NAT'ing it's at least a router. If it doesn't have wireless, wouldn't it be cheaper to add it so you don't get the support calls? Mike -- ======== Aaron Wendel Chief Technical Officer Wholesale Internet, Inc. (AS 32097) (816)550-9030 http://www.wholesaleinternet.com
Re: 10g residential CPE
The majority of our customers are still on Brocade MLXs. We're in the process of upgrading all our equipment to Arista switches to accommodate the increased demand for 40G and 100G ports as well as implement 400G ports. Aaron On 12/29/2020 3:33 AM, Jonathon Exley wrote: Hi Aaron, Just out of interest, what switch gear are you using? You must have a pretty good cost per port. Jonathon. On 29/12/2020 9:38 AM, Aaron Wendel wrote: We prioritize calls based on severity. If both Google and Grandma call and say they have a cut then we have people to service both at the same time. If Google, Century Link, Verizon, AT and Grandma all call then Grandma gets to wait a day. That being the case, it's not dependent on revenue. Emergency Services (911 and Police radio feeds) gets #1 priority even though they're non-paying. But yes, in extreme situations the residential customers would be delayed to service the paying customers. We do have people cross trained from other parts of our businesses so we can allocate internally in emergencies. In almost a decade though I can't think of a situation where someone had to wait for service because we didn't have the resources to service them. Aaron On 12/28/2020 2:02 PM, Mel Beckman wrote: > Darin, > > Surely you at least give the paying customers priority over the > non-paying? It’s one thing to say “I have to write paychecks no matter > what”. It’s another to say “I’ll give away my support to free > customers AND degrade support for paying customers as a result.” Your > tech support guy “walking Grandma through getting her email” is > necessarily not accessible for the duration to paying customers. > > This means your staffing must be large enough to never have any > queuing, or you’re giving away your paying customers' time to > non-paying customers. Neither approach is scalable in a competitive > business environment, because SOMEBODY is paying for all those > resources, and if it’s your customers, they will buy elsewhere. Your > approach only work until you run out of other people’s money. > > -mel > >> On Dec 28, 2020, at 11:50 AM, Baldur Norddahl >> mailto:baldur.nordd...@gmail.com>> wrote: >> >> I applaud your commitment to helping your local community. Just want >> to point out that this is a charity because it does not scale. Nobody >> could build out a FTTH network and make it free as a business case. >> But there are plenty of people that made a network for their >> neighbors and provided that for free. Maybe a person had a commercial >> fiber to his home and thought he could just as well share it. This >> might be on a bigger scale but it is the same. >> >> Regards, >> >> Baldur >> >> >> On Mon, Dec 28, 2020 at 8:27 PM Aaron Wendel >> mailto:aa...@wholesaleinternet.net>> wrote: >> >> Darin, >> >> Our business support and residential support is the same >> department. I >> have to pay those people to be in the office either way so it >> doesn't >> cost me any "more" to provide support for the residences. Yes, >> walking >> Grandma through getting her email can sometimes be a chore but that >> person is on the payroll whether he/she is helping Grandma or >> sitting >> there chatting with his/her co-worker. If we dumped all the >> residential >> customers we would still have the same cost structure we do now. >> >> Again, it's been free for the last 7 years at this point. I've >> never >> been one to really do what I "should" anyway. >> >> Aaron >> >> >> On 12/28/2020 11:48 AM, Darin Steffl wrote: >> > Aaron, >> > >> > The "Free" service doesn't cover your cost of support which is >> much >> > higher for residential than any business customer. Our residential >> > customers call at least 15x more often compared to business >> customers >> > compared on a 1:1 ratio. >> > >> > I honestly can't fathom providing free residential service >> because we >> > make enough money on the business side of things. You should be >> > charging something, at least $20-30 per month. >> > >> > On Mon, Dec 28, 2020 at 11:15 AM Aaron Wendel >> > > <mailto:aa...@wholesaleinternet.net> >> <mailto:aa...@wholesaleinternet.net >> <mailto:aa...@wholesaleinternet.net>>> wrote: >> > >> > The $300 covers the equipment and the time to send someone >> out to a >> > house to install it. If $300 is too much you can pay in 12 >> > installments >> > of $25. >> > >> > The TIK al
Re: 10g residential CPE
Oh, we still get calls about speed issues. It's always wonderful when someone puts their own 10 year old Linksys WRT54G and double NATs behind our CPE then sends in a speed test wondering why they're only getting 10Mbits on their Gbit line. We get those ALL the time. :) On 12/29/2020 1:28 AM, Mark Tinka wrote: On 12/29/20 04:41, Keith Medcalf wrote: Are you sure that is not related to "residential services" being of a generally lower quality than business services? It has been my experience that shoddy service generates higher need for "support" than does "non-shoddy" service. In this regard, the price for "business" services should be less than "residential service" by a couple of orders of magnitude since it costs orders of magnitude more money to "support" shoddy services than non-shoddy services. Considering that Aaron said 98% of their residential customers are on the free plan, and that they use Active-E with every 1Gbps customer getting a proper switch port, I'd hazard the bulk of their support queries to be non-techie customers needing software support (grandma, et al), or fibres being cut. It wouldn't seem like they'd be getting calls about "speed" issues, which are most annoying ones :-). Mark. -- ==== Aaron Wendel Chief Technical Officer Wholesale Internet, Inc. (AS 32097) (816)550-9030 http://www.wholesaleinternet.com
Re: 10g residential CPE
We prioritize calls based on severity. If both Google and Grandma call and say they have a cut then we have people to service both at the same time. If Google, Century Link, Verizon, AT and Grandma all call then Grandma gets to wait a day. That being the case, it's not dependent on revenue. Emergency Services (911 and Police radio feeds) gets #1 priority even though they're non-paying. But yes, in extreme situations the residential customers would be delayed to service the paying customers. We do have people cross trained from other parts of our businesses so we can allocate internally in emergencies. In almost a decade though I can't think of a situation where someone had to wait for service because we didn't have the resources to service them. Aaron On 12/28/2020 2:02 PM, Mel Beckman wrote: Darin, Surely you at least give the paying customers priority over the non-paying? It’s one thing to say “I have to write paychecks no matter what”. It’s another to say “I’ll give away my support to free customers AND degrade support for paying customers as a result.” Your tech support guy “walking Grandma through getting her email” is necessarily not accessible for the duration to paying customers. This means your staffing must be large enough to never have any queuing, or you’re giving away your paying customers' time to non-paying customers. Neither approach is scalable in a competitive business environment, because SOMEBODY is paying for all those resources, and if it’s your customers, they will buy elsewhere. Your approach only work until you run out of other people’s money. -mel On Dec 28, 2020, at 11:50 AM, Baldur Norddahl mailto:baldur.nordd...@gmail.com>> wrote: I applaud your commitment to helping your local community. Just want to point out that this is a charity because it does not scale. Nobody could build out a FTTH network and make it free as a business case. But there are plenty of people that made a network for their neighbors and provided that for free. Maybe a person had a commercial fiber to his home and thought he could just as well share it. This might be on a bigger scale but it is the same. Regards, Baldur On Mon, Dec 28, 2020 at 8:27 PM Aaron Wendel mailto:aa...@wholesaleinternet.net>> wrote: Darin, Our business support and residential support is the same department. I have to pay those people to be in the office either way so it doesn't cost me any "more" to provide support for the residences. Yes, walking Grandma through getting her email can sometimes be a chore but that person is on the payroll whether he/she is helping Grandma or sitting there chatting with his/her co-worker. If we dumped all the residential customers we would still have the same cost structure we do now. Again, it's been free for the last 7 years at this point. I've never been one to really do what I "should" anyway. Aaron On 12/28/2020 11:48 AM, Darin Steffl wrote: > Aaron, > > The "Free" service doesn't cover your cost of support which is much > higher for residential than any business customer. Our residential > customers call at least 15x more often compared to business customers > compared on a 1:1 ratio. > > I honestly can't fathom providing free residential service because we > make enough money on the business side of things. You should be > charging something, at least $20-30 per month. > > On Mon, Dec 28, 2020 at 11:15 AM Aaron Wendel > mailto:aa...@wholesaleinternet.net> <mailto:aa...@wholesaleinternet.net <mailto:aa...@wholesaleinternet.net>>> wrote: > > The $300 covers the equipment and the time to send someone out to a > house to install it. If $300 is too much you can pay in 12 > installments > of $25. > > The TIK alone costs us about $250. > > Aaron > > > On 12/27/2020 5:04 AM, Mark Tinka wrote: > > > > > > On 12/26/20 20:48, Darin Steffl wrote: > > > >> Aaron, > >> > >> One simple question. Why on earth would you offer free internet > >> service? How and why? Your site show 1 Gig symmetrical for free > when > >> you should be a minimum of $65 per month to be competitive. > > > > They also ask for no monthly fee after a single payment of US$300. > > > > Considering the 2Gbps package costs US$49.95, you'd guess they'd > value > > the 1Gbps service at, say US$27/month, give or take. > > > > So that US$300 provide
Re: 10g residential CPE
We still build when needed. We're in the process of building to 700 new apartments so we can provide them with free service. We're actually pulling 576 strands into the basement of one building to backhaul each apartment to it's own switch port in the new hut we just deployed to service that new development. (we don't use a PON system. Everyone has a dedicated switch port.) Also, keep in mind that this isn't all we do. This is a very small part of a much bigger pie. So I agree with you. If this was it then it would make no sense. When you look at all the pieces together it makes perfect sense. Aaron On 12/28/2020 1:50 PM, Baldur Norddahl wrote: I applaud your commitment to helping your local community. Just want to point out that this is a charity because it does not scale. Nobody could build out a FTTH network and make it free as a business case. But there are plenty of people that made a network for their neighbors and provided that for free. Maybe a person had a commercial fiber to his home and thought he could just as well share it. This might be on a bigger scale but it is the same. Regards, Baldur On Mon, Dec 28, 2020 at 8:27 PM Aaron Wendel mailto:aa...@wholesaleinternet.net>> wrote: Darin, Our business support and residential support is the same department. I have to pay those people to be in the office either way so it doesn't cost me any "more" to provide support for the residences. Yes, walking Grandma through getting her email can sometimes be a chore but that person is on the payroll whether he/she is helping Grandma or sitting there chatting with his/her co-worker. If we dumped all the residential customers we would still have the same cost structure we do now. Again, it's been free for the last 7 years at this point. I've never been one to really do what I "should" anyway. Aaron On 12/28/2020 11:48 AM, Darin Steffl wrote: > Aaron, > > The "Free" service doesn't cover your cost of support which is much > higher for residential than any business customer. Our residential > customers call at least 15x more often compared to business customers > compared on a 1:1 ratio. > > I honestly can't fathom providing free residential service because we > make enough money on the business side of things. You should be > charging something, at least $20-30 per month. > > On Mon, Dec 28, 2020 at 11:15 AM Aaron Wendel > mailto:aa...@wholesaleinternet.net> <mailto:aa...@wholesaleinternet.net <mailto:aa...@wholesaleinternet.net>>> wrote: > > The $300 covers the equipment and the time to send someone out to a > house to install it. If $300 is too much you can pay in 12 > installments > of $25. > > The TIK alone costs us about $250. > > Aaron > > > On 12/27/2020 5:04 AM, Mark Tinka wrote: > > > > > > On 12/26/20 20:48, Darin Steffl wrote: > > > >> Aaron, > >> > >> One simple question. Why on earth would you offer free internet > >> service? How and why? Your site show 1 Gig symmetrical for free > when > >> you should be a minimum of $65 per month to be competitive. > > > > They also ask for no monthly fee after a single payment of US$300. > > > > Considering the 2Gbps package costs US$49.95, you'd guess they'd > value > > the 1Gbps service at, say US$27/month, give or take. > > > > So that US$300 provides a bit of coverage, perhaps 1 year, in which > > time they'd have likely upgraded the customer. > > > > Mark. > > -- > > Aaron Wendel > Chief Technical Officer > Wholesale Internet, Inc. (AS 32097) > (816)550-9030 > http://www.wholesaleinternet.com <http://www.wholesaleinternet.com> <http://www.wholesaleinternet.com <http://www.wholesaleinternet.com>> > > > > > -- > Darin Steffl > Minnesota WiFi > www.mnwifi.com <http://www.mnwifi.com> <http://www.mnwifi.com/ <http://www.mnwifi.com/>> > 507-634-WiFi > Like us on Facebook <http://www.facebook.com/minnesotawifi <http://www.facebook.com/minnesotawifi>> -- ======== Aaron
Re: 10g residential CPE
Darin, Our business support and residential support is the same department. I have to pay those people to be in the office either way so it doesn't cost me any "more" to provide support for the residences. Yes, walking Grandma through getting her email can sometimes be a chore but that person is on the payroll whether he/she is helping Grandma or sitting there chatting with his/her co-worker. If we dumped all the residential customers we would still have the same cost structure we do now. Again, it's been free for the last 7 years at this point. I've never been one to really do what I "should" anyway. Aaron On 12/28/2020 11:48 AM, Darin Steffl wrote: Aaron, The "Free" service doesn't cover your cost of support which is much higher for residential than any business customer. Our residential customers call at least 15x more often compared to business customers compared on a 1:1 ratio. I honestly can't fathom providing free residential service because we make enough money on the business side of things. You should be charging something, at least $20-30 per month. On Mon, Dec 28, 2020 at 11:15 AM Aaron Wendel mailto:aa...@wholesaleinternet.net>> wrote: The $300 covers the equipment and the time to send someone out to a house to install it. If $300 is too much you can pay in 12 installments of $25. The TIK alone costs us about $250. Aaron On 12/27/2020 5:04 AM, Mark Tinka wrote: > > > On 12/26/20 20:48, Darin Steffl wrote: > >> Aaron, >> >> One simple question. Why on earth would you offer free internet >> service? How and why? Your site show 1 Gig symmetrical for free when >> you should be a minimum of $65 per month to be competitive. > > They also ask for no monthly fee after a single payment of US$300. > > Considering the 2Gbps package costs US$49.95, you'd guess they'd value > the 1Gbps service at, say US$27/month, give or take. > > So that US$300 provides a bit of coverage, perhaps 1 year, in which > time they'd have likely upgraded the customer. > > Mark. -- Aaron Wendel Chief Technical Officer Wholesale Internet, Inc. (AS 32097) (816)550-9030 http://www.wholesaleinternet.com <http://www.wholesaleinternet.com> -- Darin Steffl Minnesota WiFi www.mnwifi.com <http://www.mnwifi.com/> 507-634-WiFi Like us on Facebook <http://www.facebook.com/minnesotawifi> -- Aaron Wendel Chief Technical Officer Wholesale Internet, Inc. (AS 32097) (816)550-9030 http://www.wholesaleinternet.com
Re: 10g residential CPE
The $300 covers the equipment and the time to send someone out to a house to install it. If $300 is too much you can pay in 12 installments of $25. The TIK alone costs us about $250. Aaron On 12/27/2020 5:04 AM, Mark Tinka wrote: On 12/26/20 20:48, Darin Steffl wrote: Aaron, One simple question. Why on earth would you offer free internet service? How and why? Your site show 1 Gig symmetrical for free when you should be a minimum of $65 per month to be competitive. They also ask for no monthly fee after a single payment of US$300. Considering the 2Gbps package costs US$49.95, you'd guess they'd value the 1Gbps service at, say US$27/month, give or take. So that US$300 provides a bit of coverage, perhaps 1 year, in which time they'd have likely upgraded the customer. Mark. -- Aaron Wendel Chief Technical Officer Wholesale Internet, Inc. (AS 32097) (816)550-9030 http://www.wholesaleinternet.com
Re: 10g residential CPE
Actually our free service doesn't have limitations, has an SLA, no time/term restrictions, a CPE, support, etc. I explained the "why" in a different post so I won't go over it again. 98% of our residential customers are on the free plan. Aaron On 12/27/2020 4:38 AM, Mark Tinka wrote: On 12/26/20 20:48, Darin Steffl wrote: Aaron, One simple question. Why on earth would you offer free internet service? How and why? Your site show 1 Gig symmetrical for free when you should be a minimum of $65 per month to be competitive. For me, looks like a loss-leader to reel customers in, perhaps with some limitations, no guarantees, time/term restrictions, no CPE, no support, e.t.c., that make a "smooth" upgrade to 2Gbps or 3Gbps more sensible. My theory would be that getting customers on to the platform is the hardest step. Once they're on, pivoting them isn't difficult, particularly if you nabbed them from a competitor that was charging them some $$ for 10Mbps. Think about it, they don't offer a "Multi-Gigabit Wireless Router" with the 1Gbps service. Chances are the customers who choose this package either have a crappy device, or will likely buy a crappy device on their own. They'd never trouble the 1Gbps product, probably call KC Fiber for to complain about not getting 1Gbps, upon which KC Fiber recommend their own CPE, a more guaranteed package, e.t.c., and in comes the 2Gbps or higher, revenue-generating service. One the network side, it's just the same port, different (cheap) optic. A cheap port in use for free is better than an unused port, if the switch and fibre are already installed, and at less than 60% take-up. It's creative, I like it! Mark. -- ======== Aaron Wendel Chief Technical Officer Wholesale Internet, Inc. (AS 32097) (816)550-9030 http://www.wholesaleinternet.com
Re: 10g residential CPE
No. Google still operates their plant in the KC area. Aaron On 12/27/2020 4:06 AM, Mark Tinka wrote: On 12/26/20 20:30, Aaron Wendel wrote: https://www.kcfiber.com/residential <https://www.kcfiber.com/residential> Curious, any chance you took over Google's fibre project :-)? Mark. -- ==== Aaron Wendel Chief Technical Officer Wholesale Internet, Inc. (AS 32097) (816)550-9030 http://www.wholesaleinternet.com
Re: 10g residential CPE
One. For an employee. Primarily just to say we had done it. :) Aaron On 12/26/2020 4:15 PM, Lady Benjamin PD Cannon wrote: Have you done any 100g Residential connections? —L.B. Lady Benjamin PD Cannon, ASCE 6x7 Networks & 6x7 Telecom, LLC CEO b...@6by7.net <mailto:b...@6by7.net> "The only fully end-to-end encrypted global telecommunications company in the world.” FCC License KJ6FJJ On Dec 26, 2020, at 10:30 AM, Aaron Wendel mailto:aa...@wholesaleinternet.net>> wrote: We run MikroTik RB4011s for residential speeds between 1G and 10G or just supply a media converter. For residential 40G and 100G we just drop in Arista or Extreme switches. SMBs are normally just a media converter or direct fiber handoff. https://mikrotik.com/product/rb4011igs_5hacq2hnd_in <https://mikrotik.com/product/rb4011igs_5hacq2hnd_in> There are not a lot of options for good, off the shelf 10G CPE equipment. The handful of 10G residential customers we have seem to be happy with the tik. The couple that don’t use it have rolled their own solution. Like anything, I’m sure once the major home broadband providers start to catch up with us smaller guys the vendors will catch up as well. https://www.kcfiber.com/residential <https://www.kcfiber.com/residential> Aaron On Dec 26, 2020, at 11:53 AM, Mel Beckman <mailto:m...@beckman.org>> wrote: i really don't get what the problem is. it's like they're being deliberately obtuse. Michael, If vendors saw a 10GbE CPE market, they would serve it. Obviously they don’t see a market. Why don’t people insisting vendors build their hobby horse see that? It’s like they’re being deliberately obtuse :) -mel via cell On Dec 26, 2020, at 9:16 AM, Michael Thomas <mailto:m...@mtcc.com>> wrote: On 12/26/20 8:00 AM, Valdis Klētnieks wrote: Anybody got a feel for what percent of the third-party gear currently sold to consumers has sane bufferbloat support in 2020, when we've *known* that de-bufferbloated gear is a viable differentiatior if marketed right (consider the percent of families that have at least one gamer who cares)? I don't know percentages, but just trying to find cpe that support it in their specs is depressingly small. considering that they're all using linux and queuing discipline software is ages old, i really don't get what the problem is. it's like they're being deliberately obtuse. given all of the zoom'ing happening now you think that somebody would hit them with the clue-bat that this is a marketing opportunity. Mike -- ======== Aaron Wendel Chief Technical Officer Wholesale Internet, Inc. (AS 32097) (816)550-9030 http://www.wholesaleinternet.com
Re: 10g residential CPE
Darin, We charge a $300 one time install charge to cover our costs on the 1G service (which can be paid out at $25/mo if you can't afford $300 all at once). The area we serve is mainly lower and lower-middle-class income with an 80% transient population. Seven years ago, when "digital divide" and "digital literacy" were the buzz words, we instituted our "free" 1G service in an effort to level the playing field for the population who, otherwise, can't afford internet at all, let alone at that speed. Until recently we didn't charge for residential service at any tier. Rather than putting in "income tiers", making people fill out applications for assistance, etc. we just made it free for everyone. We also provide free 100G service to the local school district as well as free service to local government, police, fire stations (Firemen (and women) had to pay for their own internet to use while they were on duty before us), library, churches and other non-profits. That's the why. The how is that we control a LOT of fiber in the metro area that is in use by a lot of very large providers that everyone's heard of. We make enough money doing that so we don't feel the need to charge the residences for a basic level of service. Aaron On 12/26/2020 12:48 PM, Darin Steffl wrote: Aaron, One simple question. Why on earth would you offer free internet service? How and why? Your site show 1 Gig symmetrical for free when you should be a minimum of $65 per month to be competitive. On Sat, Dec 26, 2020, 12:31 PM Aaron Wendel mailto:aa...@wholesaleinternet.net>> wrote: We run MikroTik RB4011s for residential speeds between 1G and 10G or just supply a media converter. For residential 40G and 100G we just drop in Arista or Extreme switches. SMBs are normally just a media converter or direct fiber handoff. https://mikrotik.com/product/rb4011igs_5hacq2hnd_in <https://mikrotik.com/product/rb4011igs_5hacq2hnd_in> There are not a lot of options for good, off the shelf 10G CPE equipment. The handful of 10G residential customers we have seem to be happy with the tik. The couple that don’t use it have rolled their own solution. Like anything, I’m sure once the major home broadband providers start to catch up with us smaller guys the vendors will catch up as well. https://www.kcfiber.com/residential <https://www.kcfiber.com/residential> Aaron On Dec 26, 2020, at 11:53 AM, Mel Beckman mailto:m...@beckman.org>> wrote: i really don't get what the problem is. it's like they're being deliberately obtuse. Michael, If vendors saw a 10GbE CPE market, they would serve it. Obviously they don’t see a market. Why don’t people insisting vendors build their hobby horse see that? It’s like they’re being deliberately obtuse :) -mel via cell On Dec 26, 2020, at 9:16 AM, Michael Thomas mailto:m...@mtcc.com>> wrote: On 12/26/20 8:00 AM, Valdis Klētnieks wrote: Anybody got a feel for what percent of the third-party gear currently sold to consumers has sane bufferbloat support in 2020, when we've *known* that de-bufferbloated gear is a viable differentiatior if marketed right (consider the percent of families that have at least one gamer who cares)? I don't know percentages, but just trying to find cpe that support it in their specs is depressingly small. considering that they're all using linux and queuing discipline software is ages old, i really don't get what the problem is. it's like they're being deliberately obtuse. given all of the zoom'ing happening now you think that somebody would hit them with the clue-bat that this is a marketing opportunity. Mike -- ==== Aaron Wendel Chief Technical Officer Wholesale Internet, Inc. (AS 32097) (816)550-9030 http://www.wholesaleinternet.com
Re: 10g residential CPE
We run MikroTik RB4011s for residential speeds between 1G and 10G or just supply a media converter. For residential 40G and 100G we just drop in Arista or Extreme switches. SMBs are normally just a media converter or direct fiber handoff. https://mikrotik.com/product/rb4011igs_5hacq2hnd_in There are not a lot of options for good, off the shelf 10G CPE equipment. The handful of 10G residential customers we have seem to be happy with the tik. The couple that don’t use it have rolled their own solution. Like anything, I’m sure once the major home broadband providers start to catch up with us smaller guys the vendors will catch up as well. https://www.kcfiber.com/residential Aaron > On Dec 26, 2020, at 11:53 AM, Mel Beckman wrote: > > >> >> i really don't get what the problem is. it's like they're being deliberately >> obtuse. > > Michael, > > If vendors saw a 10GbE CPE market, they would serve it. Obviously they don’t > see a market. Why don’t people insisting vendors build their hobby horse see > that? It’s like they’re being deliberately obtuse :) > > -mel via cell > >> On Dec 26, 2020, at 9:16 AM, Michael Thomas wrote: >> >> On 12/26/20 8:00 AM, Valdis Klētnieks wrote: >>> >>> Anybody got a feel for what percent of the third-party gear currently sold >>> to >>> consumers has sane bufferbloat support in 2020, when we've *known* that >>> de-bufferbloated gear is a viable differentiatior if marketed right >>> (consider the >>> percent of families that have at least one gamer who cares)? >>> >> I don't know percentages, but just trying to find cpe that support it in >> their specs is depressingly small. considering that they're all using linux >> and queuing discipline software is ages old, i really don't get what the >> problem is. it's like they're being deliberately obtuse. given all of the >> zoom'ing happening now you think that somebody would hit them with the >> clue-bat that this is a marketing opportunity. >> >> Mike >>
Re: Clever use of a decommissioned Datacenter
We decommissioned 200,000 sq ft of DC space this year to turn into a marijuana grow. Very similar power and cooling requirements. Aaron On 7/23/2020 12:09 PM, Norman Jester wrote: I’ve got a fiber rich datacenter that was decommissioned adjacent to One Wilshire. Pipe to coresite and equinix and other fiber as well. The datacenter shuttered due to changing market conditions It wasn’t ready to adapt to. Anyway, wondering if you have any cool ideas on how to raise it up again from scratch. I was thinking renting the whole place out to someone or open to other ideas. Maybe something other than colo? Norman Jester 619-319-7055 -- Aaron Wendel Chief Technical Officer Wholesale Internet, Inc. (AS 32097) (816)550-9030 http://www.wholesaleinternet.com
Re: fs.com dwdm equipment
We use it. A lot of it. No problems. Never a need for warranty support. Aaron Sent from my iPad > On Feb 17, 2019, at 12:42 PM, Samir Rana wrote: > > Hello All, > > Does anybody have experience with fs.com dwdm equipment in their production > environment? Are you they working without any issue? How's their warranty > support if the issue arises? > > Thanks in advance for all the answers and help. > >
Re: Internet Surveillance and Boomerang Routing: A Call for Canadian Network Sovereignty
Not just a Canadian issue but one we should look at in the US as well. Deploying more IXs and routing our traffic direct instead of through the big guys can secure our own communications from our own government until we change who we have in office. Aaron On 9/7/2013 4:08 PM, Paul Ferguson wrote: A Canadian ISP colleague of mine suggested that the NANOG constituency might be interested in this, given some recent 'revelations', so I forward it here for you perusal. Preliminary analysis of more than 25,000 traceroutes reveals a phenomenon we call ‘boomerang routing’ whereby Canadian-to-Canadian internet transmissions are routinely routed through the United States. Canadian originated transmissions that travel to a Canadian destination via a U.S. switching centre or carrier are subject to U.S. law - including the USA Patriot Act and FISAA. As a result, these transmissions expose Canadians to potential U.S. surveillance activities – a violation of Canadian network sovereignty. http://lawprofessors.typepad.com/media_law_prof_blog/2013/09/routing-internet-transmission-across-the-canada-us-border-and-us-surveillance-activities.html Cheers, - ferg
Re: Office 365..? how Microsoft handed the NSA access to encrypted messages
On 7/14/2013 3:37 PM, Richard Golodner wrote: On Sun, 2013-07-14 at 09:36 -1000, Randy Bush wrote: in fact, they were all likely in the same rotten boat. Why I love open source. Look at my mail, track my web site visits. None of this should come as any surprise, especially to the members of this list. Now for the guy down the street that is working on his 69 Camaro at two in the morning it may have come as a shock. Richard We (ISPs) are all compelled to provide information from time to time under a court order. The PRISM program is voluntary. These companies gave the NSA access to their systems voluntarily. To me there is a big difference. I would be interested to know what they got out of it.
Re: Noction?
It's like the Internap FCP. I think it's been on the market about a year. They're a nice group of guys and the product does what they say it does. Aaron On 4/10/2013 4:30 PM, Ray Wong wrote: gotten a few cold calls from Noction. All I see is some PR about BGP happiness and good feelings with no technical hints about what they actually have to offer. They haven't even hit me directly, rather seem to be chasing us down via corporate listings, so are giving me not-confident feelings I should even return a call to them. Anyone know anything about them? -R
Re: 365x24x7
My guys work 12 hour shifts. 2 days on, 2 days off, 3 days on, 2 days off, 2 on 3 off. The three days on is always friday-sunday so every other weekend they either have a 3 day weekend or 3 days of work. In a pay period, with 30 minute lunch per shift it comes to 80.5 hours. I keep my guys on the same shifts for consistancy. Aaron Sent via DROID on Verizon Wireless -Original message- From: Steven Bellovin s...@cs.columbia.edu To: frnk...@iname.com Cc: NANOG nanog@nanog.org, dcroc...@bbiw.net Sent: Mon, Apr 18, 2011 04:12:04 GMT+00:00 Subject: Re: 365x24x7 On Apr 17, 2011, at 11:47 20PM, Frank Bulk wrote: Timely article on the FAA's involvement with sleep schedules: http://www.ajc.com/news/air-traffic-controller-scheduling-913244.html Union spokesman Doug Church said up to now, 25 percent of the nation's air traffic controllers work what he called a 2-2-1″ schedule, working afternoon to night the first two days, followed by a mandatory minimum of eight hours for rest before starting two morning-to-afternoon shifts, another eight or more hours for sleep, then a final shift starting between 10 p.m. to midnight. Maybe we need to work in more time for rest, Church said. You’re forcing yourself to work at a time when the body is used to sleeping. Also see http://www.google.com/hostednews/ap/article/ALeqM5hstTegGafIYTakRavF4WEEPblz-Q?docId=f174db27ddb44dadbcad8419dfe138a7 People who change shifts every few days are going to have all kinds of problems related to memory and learning, Fishbein said. This kind of schedule especially affects what he called relational memories, which involve the ability to understand how one thing is related to another. ... Controllers are often scheduled for a week of midnight shifts followed by a week of morning shifts and then a week on swing shifts. This pattern, sleep scientists say, interrupts the body's natural sleep cycles. --Steve Bellovin, https://www.cs.columbia.edu/~smb
Re: Nortel, in bankruptcy, sells IPv4 address block for $7.5 million
That's a good question. Maybe they can't qualify under Arin rules. Another question will be: how is Arin going to handle it? Im pretty sure that the RSA says that in the event of bankruptcy ips revert to the Arin pool. I understand that these were legacy addresses but... Aaron Sent via DROID on Verizon Wireless -Original message- From: Leo Bicknell bickn...@ufp.org To: nanog@nanog.org Sent: Thu, Mar 24, 2011 14:08:21 GMT+00:00 Subject: Re: Nortel, in bankruptcy, sells IPv4 address block for $7.5 million In a message written on Thu, Mar 24, 2011 at 09:32:21AM -0400, Bret Clark wrote: Why would Microsoft need this many IP's? I could see the benefiting service providers much more. I think the more interesting question is why would Microsoft pay $7.5 million for something they can, at least for the moment, get for free. -- Leo Bicknell - bickn...@ufp.org - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/
RE: Interesting google redirects.
My IPs have been redirecting to google bk for several days. I thought it was just me. Sent via DROID on Verizon Wireless -Original message- From: Skywing skyw...@valhallalegends.com To: Wil Schultz wschu...@bsdboy.com, nanog nanog@nanog.org Sent: Thu, Mar 3, 2011 15:53:36 GMT+00:00 Subject: RE: Interesting google redirects. (Apologies for the top-post.) I've been experiencing the same. Seems like their geolocation data is busted (since last morning at least), if I had to take a guess. - S -Original Message- From: Wil Schultz wschu...@bsdboy.com Sent: Thursday, March 03, 2011 7:25 To: NANOG Operators Group nanog@nanog.org Subject: Interesting google redirects. Has anyone else had complaints that www.google.com is occasionally redirecting (http 302) to www.google.com.hk this morning? -wil
RE: Leasing of space via non-connectivity providers
How can someone steal something from you that you don’t own? From: John Levine [mailto:jo...@iecc.com] Sent: Saturday, February 05, 2011 5:06 PM To: nanog@nanog.org Subject: Re: Leasing of space via non-connectivity providers Your right to use a particular set of addresses on a particular network is not granted by any RIR. As far as I know, there's no case law about address space assignments. There's been a bunch of cases where someone stole address space by pretending to be the original assignee, like the SF Bay Packet Radio case in 2008, but as far as I know, the ones that have been resolved were resolved without a court's help. There's also plenty of stolen address space still in use by the party that stole it. If there have been cases with a willing seller and a willing buyer where ARIN has refused to update WHOIS or rDNS, I'd be interested to hear about them. R's, John _ No virus found in this message. Checked by AVG - www.avg.com Version: 10.0.1204 / Virus Database: 1435/3424 - Release Date: 02/05/11
RE: Some truth about Comcast - WikiLeaks style
To what end? And who's calling the shots there these days? Comcast has been nothing but shady for the last couple years. Spoofing resets, The L3 issue, etc. What's the speculation on the end game? From: Richard A Steenbergen [mailto:r...@e-gerbil.net] Sent: Tuesday, December 14, 2010 3:30 PM To: Craig L Uebringer Cc: nanog@nanog.org; Rettke, Brian Subject: Re: Some truth about Comcast - WikiLeaks style On Tue, Dec 14, 2010 at 11:24:45AM -0500, Craig L Uebringer wrote: Yeah, the 30 day looks like a classic uptick in traffic toward the holidays. Some bellhead beancounter maybe took out capacity in the summer lull and ignored the engineers. Or they just have stupidly-slow install intervals. Same crap I've seen on loads of provider networks. Except that they seem to be busy actively turning down other capacity, and forcing extra traffic through their Tata ports by blocking other paths with BGP no-export communities. For example, we've been observing Comcast turning down some of their Global Crossing capacity in recent days, causing new congestion during peak traffic times. I've even seen people contact the various NOCs involved, and they've been told explicitly and by multiple parties that Comcast is intentionally turning down extra capacity and running their existing ports hot. Everybody who deals with interconnection capacity in this industry knows what's going on, but the graphs and interconnection details are all under NDA, so it takes an inside source secretly leaking graphs to the public to expose this kind of activity. Even then you'll still have people who claim that it proves nothing because the graphs can't be positively associated to a specific customer port, but realistically these kinds of leaks are probably the best public info you'll ever see. -- Richard A Steenbergen r...@e-gerbil.net http://www.e-gerbil.net/ras GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC) _ No virus found in this message. Checked by AVG - www.avg.com Version: 10.0.1170 / Virus Database: 426/3315 - Release Date: 12/14/10
Re: Cacti Bandwidth Monitoring
Do you have it set for 64 bit counters? Sent via DROID on Verizon Wireless -Original message- From: Peter Rudasingwa peter.rudasin...@altechstream.rw To: nanog@nanog.org Sent: Mon, Nov 29, 2010 14:24:22 GMT+00:00 Subject: Cacti Bandwidth Monitoring Hi, I have a cacti server running and it has been working fine so far except for one interface which has an average of 150Mbps going through it now. Before when I had less than 120Mbps I got proper graphs but of late it gives me graphs of 20Mbps when it should be giving me the correct reading (150Mbps). Is there a maximum bandwidth it graphs or can this be edited so that I get proper graphs? -- Best Regards, Peter Rudasingwa *ALTECH STREAM RWANDA Ltd* ICT Park Boulevard de L'Umuganda P.O.Box 6098 Kigali, Rwanda Telephone: (+250) 580532/5 Mobile: (+250) 0788406685 *Affordable Broadband Solutions*
RE: Level 3 Communications Issues Statement Concerning Comcast's Actions
A customer pays them for access to the Internet. If that access demands more infrastructure then Comcast needs to build out the infrastructure and pass on the costs to the customers demanding it. I think it sets a very bad precedent that Level3 agreed to their terms. How long would it have lasted with Comcast subscribers asking why they couldn't download their movies? Aaron From: Rettke, Brian [mailto:brian.ret...@cableone.biz] Sent: Monday, November 29, 2010 4:41 PM To: Patrick W. Gilmore; NANOG list Subject: RE: Level 3 Communications Issues Statement Concerning Comcast's Actions Essentially, the question is who has to pay for the infrastructure to support the bandwidth requirements of all of these new and booming streaming ventures. I can understand both the side taken by Comcast, and the side of the content provider, but I don't think it's as simple as the slogans spewed out regarding Net Neutrality, which has become so misused and abused as a term that I don't think it has any credulous value remaining. I'm hoping that there is an eventual meeting of the minds wherein some sort of collaboration takes place. If this gets additional government regulations I fear no one will like the result. Sincerely, Brian A . Rettke RHCT, CCDP, CCNP, CCIP Network Engineer, CableONE Internet Services -Original Message- From: Patrick W. Gilmore [mailto:patr...@ianai.net] Sent: Monday, November 29, 2010 3:28 PM To: NANOG list Subject: Level 3 Communications Issues Statement Concerning Comcast's Actions http://www.marketwatch.com/story/level-3-communications-issues-statement-co ncerning-comcasts-actions-2010-11-29?reflink=MW_news_stmp I understand that politics is off-topic, but this policy affects operational aspects of the 'Net. Just to be clear, L3 is saying content providers should not have to pay to deliver content to broadband providers who have their own product which has content as well. I am certain all the content providers on this list are happy to hear L3's change of heart and will be applying for settlement free peering tomorrow. (L3 wouldn't want other providers to claim the Vyvx or CDN or other content services provided by L3 are competing and L3 is putting up a toll booth on the Internet, would they?) -- TTFN, patrick _ No virus found in this message. Checked by AVG - www.avg.com Version: 10.0.1170 / Virus Database: 426/3287 - Release Date: 11/29/10
RE: Level 3 Communications Issues Statement Concerning Comcast's Actions
Netflix pays someone to get access to the internet and that someone has some sort of relationship with Comcast, or gets to Comcast through a third party who has that relationship. No one is getting anything for free. I don't think it's unreasonable to expect customers to bear the cost of their provider doing business. If that business calls for the buildout of additional infrastructure to remain competitive then so be it. Comcast customers pay their provider, Netflix pays its provider. I think what this really boils down to is an effect of shoddy marketing. Access providers want to offer unlimited everything and don't want to have to go back to their customer base and say, oh, sorry, we didn't really mean unlimited. We didn't think you'd really use that much. So they are looking for ways of making up for the increased costs without having to look like idiots to their customers. My problem is, what happens if this becomes the new model? What if Comcast comes to me and says, Oh, we've noticed X Mbits originating from your network coming through ours. Here's the bill of $X per bit. What happens when I counter with, Ok, and I see X bits originating from your network. Here's my bill, too. Do they agree to an exchange of money for an exchange of bits or do I get an F you. Pay your bill to us and we're not giving you crap. Aaron From: Rettke, Brian [mailto:brian.ret...@cableone.biz] Sent: Monday, November 29, 2010 5:21 PM To: Jack Bates; Aaron Wendel Cc: 'Patrick W. Gilmore'; 'NANOG list' Subject: RE: Level 3 Communications Issues Statement Concerning Comcast's Actions On 11/29/2010 4:49 PM, Aaron Wendel wrote: A customer pays them for access to the Internet. If that access demands more infrastructure then Comcast needs to build out the infrastructure and pass on the costs to the customers demanding it. I'd change this to A customer pays for SHARED access to the Internet. Unless your customer is paying for a direct fiber or internet circuit (~$500 - $10,000 per month) they aren't paying for independent and sole access to the internet. It's another term that I think has lost its actual meaning, Unlimited access. I don't have a problem, as a customer or as a Service Provider, passing along the bill to the top 5% that are using a disproportionate amount of bandwidth. I can see the Internet reaching a fair-use model, as opposed to a free-use model that is unsustainable, as was previously said. Here's one specific example I can think of to discuss: Netflix uses about a third of Internet bandwidth, in some cases going over the HTTP traffic use for most customers. Netflix charges customers a fee to use their service, but they don't pay the providers required to supply the bandwidth for the customer leg. I don't think ISPs charging Netflix is a sustainable model either. A mutual endeavor involving shared interconnect costs and intelligent placement of proxies would be something I could think of to make the process beneficial for all parties. The end goal would be that the Shared Media Customer has no idea what we are doing, but does not see performance degradation in their HTTP or Netflix traffic, and that it does not pass along additional cost to them. After all, to both Netflix and the ISP, it is in their best interests to keep that customer a happy and paying customer. Sincerely, Brian A . Rettke RHCT, CCDP, CCNP, CCIP Network Engineer, CableONE Internet Services -Original Message- From: Jack Bates [mailto:jba...@brightok.net] Sent: Monday, November 29, 2010 4:11 PM To: Aaron Wendel Cc: Rettke, Brian; 'Patrick W. Gilmore'; 'NANOG list' Subject: Re: Level 3 Communications Issues Statement Concerning Comcast's Actions On 11/29/2010 4:49 PM, Aaron Wendel wrote: A customer pays them for access to the Internet. If that access demands more infrastructure then Comcast needs to build out the infrastructure and pass on the costs to the customers demanding it. I agree. This type of maneuver is no different than ESPN3 charging the ISP for the ISP customers to access the content. Both are unscalable models that threaten the foundation of an open Internet. As an ISP, I could care less what is in the packets my customers send and receive. The exception to this, of course, is malicious packets but they keep refusing to set the evil bit. Jack _ No virus found in this message. Checked by AVG - www.avg.com Version: 10.0.1170 / Virus Database: 426/3287 - Release Date: 11/29/10
Re: Level 3 Communications Issues Statement Concerning Comcast's Actions
You and I both know that. I'll bet the vast majority of comcast customers don't. Sent via DROID on Verizon Wireless -Original message- From: William Warren hescomins...@emmanuelcomputerconsulting.com To: 'NANOG list' nanog@nanog.org Sent: Tue, Nov 30, 2010 01:24:40 GMT+00:00 Subject: Re: Level 3 Communications Issues Statement Concerning Comcast's Actions On 11/29/2010 6:45 PM, Aaron Wendel wrote: I think what this really boils down to is an effect of shoddy marketing. Access providers want to offer unlimited everything and don't want to have to go back to their customer base and say, oh, sorry, we didn't really mean unlimited. We didn't think you'd really use that much. So they are looking for ways of making up for the increased costs without having to look like idiots to their customers. Unlimited access is already NOT unlimited access. A transfer cap isn't unlimited..while Comcast has a generous cap..it's still a transfer cap. My problem is, what happens if this becomes the new model? What if Comcast comes to me and says, Oh, we've noticed X Mbits originating from your network coming through ours. Here's the bill of $X per bit. What happens when I counter with, Ok, and I see X bits originating from your network. Here's my bill, too. Do they agree to an exchange of money for an exchange of bits or do I get an F you. Pay your bill to us and we're not giving you crap.
RE: experience with equinix exchange
According to pch they don't run most of them. I would say they run very few compared to how many there actually are. Sent via DROID on Verizon Wireless -Original message- From: Ryan Finnesey ryan.finne...@harrierinvestments.com To: nanog@nanog.org Sent: Sun, Nov 28, 2010 21:45:28 GMT+00:00 Subject: RE: experience with equinix exchange Would it be fair to say they run most of the peering points within the States? I find that peering within Europe is much more open than in the States. Does the group feel that is because most of the exchange points are run as nonprofits? -Original Message- From: George Bonser [mailto:gbon...@seven.com] Sent: Saturday, November 20, 2010 4:48 AM To: Ryan Finnesey Cc: nanog@nanog.org Subject: RE: experience with equinix exchange I haven't had any specific problems with them but they are a bit retentive when it comes to doing certain things. There was the RMA module that arrived one day. You have to initiate a shipping ticket when you think something might arrive. In other words, you must open a ticket with them BEFORE something arrives there which can sometimes be a bit difficult when you are building out a new facility as you have no idea who is going to ship what when. They have eased up on that a little in the past few months, at least at 11 Great Oaks. Not a showstopper, just a bit of a pain in the hips, one more little thing that needs doing and is easily overlooked. After I replaced that module I went to drop it off at the shipping area, it came with a return shipper so there wasn't really anything needed beyond them handing the box to the UPS guy next time he came by ... another remote hands ticket required for me to hand them a box and for them to hand the box to someone else. I suppose I could have dropped it off myself at a UPS bin on the way home. BUT, I am overall very pleased with the facility and the operation. There are little quirky things that make it somewhat of a pain but in my experience each provider has their own quirks. At least I can take my modules in there in the cardboard box, unlike Savvis at 4700 Old Ironsides where they have a box cop who won't allow a speck of cardboard past the sign-in window. -Original Message- From: Ryan Finnesey [mailto:ryan.finne...@harrierinvestments.com] Sent: Friday, November 19, 2010 7:42 PM To: Robert E. Seastrom; Justin Horstman Cc: Mehmet Akcin; nanog@nanog.org Subject: RE: experience with equinix exchange I would like to know the issues as well because we are looking to going into at least 4 of their centers. Cheers Ryan -Original Message- From: Robert E. Seastrom [mailto:r...@seastrom.com] Sent: Friday, November 19, 2010 3:30 AM To: Justin Horstman Cc: nanog@nanog.org; Mehmet Akcin Subject: Re: experience with equinix exchange Paul is pretty clueful; I think he was asking for specifics as to what the layer 8/9 issues are at Equinix, rather than an explanation of what layer 8 and 9 means. Fly Fast, -r Justin Horstman justin.horst...@gorillanation.com writes: 8 users 9 politics and policies -Original Message- From: Paul WALL [mailto:pauldotw...@gmail.com] Sent: Thursday, November 18, 2010 10:55 AM To: Mehmet Akcin Cc: nanog@nanog.org Subject: Re: experience with equinix exchange What are the layer 8-9 issues? Drive Slow, Paul Wall On Thu, Nov 18, 2010 at 12:50 AM, Mehmet Akcin meh...@akcin.net wrote: On Nov 18, 2010, at 12:48 PM, Shacolby Jackson wrote: Has anyone had any experience (good or bad) with their exchange at any of their major datacenters, especially Great Oaks? We're wondering if people really love or hate it. -shac Equinix does a fair job running 7 layers , however the layer8 and layer9 seem the lacking part which could have been improved greatly. in Great Oaks / SJC , they seem to be the largest IX per https://www.peeringdb.com/private/exchange_view.php?id=5peerParticip an tsPublicsOrder=Sorter_policypeerParticipantsPublicsDir=DESC so being there while you are in that location seems good, and they are reliable. mehmet
RE: Lightly used IP addresses
On Aug 13, 2010, at 10:36 AM, John Levine wrote: http://www.circleid.com/posts/psst_interested_in_some_lightly_used_ip_addres ses/ Discuss. :-) I don't entirely understand the process. Here's the flow chart as far as I've figured it out: 1. A sells a /20 of IPv4 space to B for, say, $5,000 2. A tells ARIN to transfer the chunk to B 3. ARIN says no, B hasn't shown that they need it 4. A and B say screw it, and B announces the space anyway 5. ??? R's, John Owen Said: 6. ARIN receives a fraud/abuse complaint that A's space is being used by B. 7. ARIN discovers that A is no longer using the space in accordance with their RSA 8. ARIN reclaims the space and A and B are left to figure out who owes what to whom. You know I love you Owen. :) 9. A sues ARIN for tortuous contract interference. 10. B sues ARIN for same. 11. C and D join the law suit. 12. Judges step in. 13. ARIN gets mired in lawsuit after lawsuit 14. Dogs and cats start living together
RE: Inquiries to Acquire IPs
I sent an inquiry in to ARIN yesterday for a certain ASN that was available and was told that management won't allow them to issue requested numbers. :( Aaron -Original Message- From: Dan White [mailto:dwh...@olp.net] Sent: Friday, July 02, 2010 4:36 PM To: Michael Loftis Cc: nanog@nanog.org Subject: Re: Inquiries to Acquire IPs On 02/07/10 15:21 -0600, Michael Loftis wrote: Makes one wonder what dead:beef::/32 and c0ff:ee00::/32 will go for? :) Even more off topic: No match found for cafe:d00d:4:cafe:babe::/32 -- Dan White No virus found in this incoming message. Checked by AVG - www.avg.com Version: 9.0.830 / Virus Database: 271.1.1/2977 - Release Date: 07/02/10 01:35:00
RE: Nato warns of strike against cyber attackers
Actually I was thinking of my neighbor's noisy dog and what a predator strike to his house would do. :) -Original Message- From: valdis.kletni...@vt.edu [mailto:valdis.kletni...@vt.edu] Sent: Tuesday, June 08, 2010 8:32 PM To: Jorge Amodio Cc: na...@merit.edu Subject: Re: Nato warns of strike against cyber attackers On Tue, 08 Jun 2010 19:23:17 CDT, Jorge Amodio said: So let's say a cyber-attack originates from Chinese script kiddie. Albania, Belgium, Bulgaria, Canada, Croatia, Czech Republic, Denmark, Estonia, France, Germany, Greece, Hungary, Iceland, Italy, Latvia, Lithuania, Luxembourg, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Turkey, the United Kingdom, and the United States will all respond by invading China? Is NATO trying to start a war here? Bigger tin hats required then ... Buy 10,000 shares of every South Korean company you can find, short them, then launch an attack from Seoul. Then sit back and profit. Oh, quit looking at me like that. You know you were all thinking it. ;) No virus found in this incoming message. Checked by AVG - www.avg.com Version: 9.0.829 / Virus Database: 271.1.1/2926 - Release Date: 06/08/10 13:35:00
RE: Peering Exchange Configurations
I operate the exchange point in the Kansas City area so I'll answer your questions based on how we do it. 1) Is a private AS typically used for the exchange side of the session? No. Each participant uses their own ASN. 2) Are RFC1918 IPs typically used for the p2p links into the exchange? No. Exchanges typically have their own IPs assigned by their RIR and pass them out to the members for connections to the exchange. 3) Do peering exchanges typically remove their AS from the path advertised to exchange participants? There is no peering directly with the exchange in a private link. In the case of peering with a route server on the exchange then it is considered best practices to do so. 3a) If no: Do participants typically preference exchange-learned routes over other sources? Yes. As far as I know all our members set routes learned through the exchange fabric higher than anything else. That's kind of the point as exchange traffic is free so you always want to use it first. 4) Do exchanges typically support the following address families? IPv4 Multicast IPv6 Unicast IPv6 Multicast No Yes No In exchanges where a route server is employed: 4) Do participants have a p2p link into a simple routing environment then multi-hop to a route server? No. The route server is typically accessed like any other peer on the fabric. 5) I see that Bird, OpenBDGd, and Quagga are all options for route server software. Does one of those packages stand out as the clear current choice for production peering exchanges? We use Quagga. It's what we we're most familiar with and we haven't had any issues. I very much appreciate any responses. No Problem. Feel free to stop by and check out our fabric for yourself. Aaron
RE: Peering Exchange Configurations
-Original Message- On Apr 8, 2010, at 2:08 PM, Owen DeLong wrote: 3a) If no: Do participants typically preference exchange-learned routes over other sources? Yes. As far as I know all our members set routes learned through the exchange fabric higher than anything else. That's kind of the point as exchange traffic is free so you always want to use it first. Actually, the order of preference is usually: Where 'usually' here is rather nebulous. I am not trying to say Owen is wrong, just don't think the way any network uses interconnectivity is somehow standard. Every network is different, and even similar links in the same network are different. IXPs are standard ('usually' :), networks are not. -- TTFN, patrick 1.Private Interconnects (direct private peering) 2.Non-metered paid peering/transit 3.Exchange Points 4.Metered paid peering/transit Owen --- My answers were based on what I know about members of our exchange. In our market there is little to no private peering. Everyone connects through the exchange so that's their only source of peering. Although we don't require our members to use the route server, all of them do.
RE: BGP hijack from 23724 - 4134 China?
Please. -Original Message- From: Will Clayton [mailto:w.d.clay...@gmail.com] Sent: Thursday, April 08, 2010 8:43 PM To: Beavis Cc: nanog@nanog.org Subject: Re: BGP hijack from 23724 - 4134 China? Do share! On Thu, Apr 8, 2010 at 7:29 PM, Beavis pfu...@gmail.com wrote: Is it possible for you to share that filter list you have for china? im getting bogged down by those ssh-bruts as well coming in from china. -B On Thu, Apr 8, 2010 at 2:36 PM, Brielle Bruns br...@2mbit.com wrote: On 4/8/10 2:23 PM, Jay Hennigan wrote: We just got Cyclops alerts showing several of our prefixes sourced from AS23474 propagating through AS4134. Anyone else? aut-num: AS23724 as-name: CHINANET-IDC-BJ-AP descr:IDC, China Telecommunications Corporation country: CN aut-num: AS4134 as-name: CHINANET-BACKBONE descr:No.31,Jin-rong Street descr:Beijing descr:100032 country: CN -- Jay Hennigan - CCIE #7880 - Network Engineering - j...@impulse.net Impulse Internet Service - http://www.impulse.net/ Your local telephone and internet company - 805 884-6323 - WB6RDV I'm starting to wonder if someone is 'testing the waters' in China to see what they can get away with. I hate to be like this, but there's a reason why I have all of China filtered on my routers. Amazing how much SSH hammering, spam, and other nastiness went away within minutes of the filtering going in place. There comes a point where 'accidental' and 'isolated incident' become we no care and spam not illegal. And no, i'm not quoting that to mock, but rather repeat exactly what admins in China send to me in response to abuse reports and blocking in the AHBL. -- Brielle Bruns The Summit Open Source Development Group http://www.sosdg.org/ http://www.ahbl.org -- () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments No virus found in this incoming message. Checked by AVG - www.avg.com Version: 9.0.801 / Virus Database: 271.1.1/2796 - Release Date: 04/08/10 13:32:00
RE: ARIN IP6 policy for those with legacy IP4 Space
There was talk a little while ago about a fee waiver for legacy holders who had signed an RSA but I think it's still in the suggestion phase. To get v6 space now you would need to sign an RSA for the v6 space and pay the v6 fee's. There is a partial fee waiver in effect for ISP v6 allocations. No fee waiver for end user v6 allocations. As for being a disincentive, only you can answer whether your network needs justify a v6 allocation or whether or not v4 will service you. Aaron -Original Message- From: John Palmer (NANOG Acct) [mailto:nan...@adns.net] Sent: Wednesday, April 07, 2010 11:10 AM To: NANOG list Subject: ARIN IP6 policy for those with legacy IP4 Space Was looking at the ARIN IP6 policy and cannot find any reference to those who have IP4 legacy space. Isn't there an automatic allocation for those of us who have legacy IP space. If not, is ARIN saying we have to pay them a fee to use IP6? Isn't this a disincentive for us to move up to IP6? Those with legacy IP4 space should have the equivalent IP6 space under the same terms. Or am I missing something? No virus found in this incoming message. Checked by AVG - www.avg.com Version: 9.0.800 / Virus Database: 271.1.1/2792 - Release Date: 04/07/10 01:32:00
RE: Alaska IXP?
We have very similar issues in Kansas City. A couple years ago we set up a local exchange point but it's had issues gaining traction due to a lack of understanding more than anything else. In these smaller markets people have a hard time understanding how connecting to a competitor benefits them. The key is to get a few solid players on board and cross your fingers that others will follow. Aaron -Original Message- From: Jay Hanke [mailto:jha...@myclearwave.net] Sent: Thursday, March 04, 2010 10:33 AM To: 'Andrew Hoyos'; 'Jared Mauch'; 'Sean Donelan' Cc: nanog@nanog.org Subject: RE: Alaska IXP? On 3/4/10 8:57 AM, Jay Hanke jha...@myclearwave.net wrote: snip We've seen the same issues in Minnesota. Locally referred to as the Chicago . Problem. Adding on to point 3, there is also a lack of neutral facilities with a sufficient amount of traffic to justify the next carrier connecting. In rural areas many times the two ISPs that provide services are enemies at the business level. A couple of us have started to talk about starting an exchange point. With transit being so cheap it is sometimes difficult to justify paying for the x-connects for a small piece of the routing table. Have you considered starting your own exchange point with some of the local players? Just having the connectivity in place may help with DR situations in addition to all of the benefits of an exchange point. Any interest by other anchor tenants in the area, such as the higher education facilities? In Madison, we have MadIX[1], an exchange point hosted by the University of Wisconsin-Madison, with a presence in one of the neutral carrier hotels in Madison. That eliminates the carrier to carrier issues you run into in the smaller cities, also helps with the Chicago Problem which we are very familiar with here as well. [1] http://kb.wisc.edu/ns/page.php?id=6636 Andrew From the looks of the link it looks like there is a bit of traction at the MadIX. One of the other interested carriers has talked to the University of MN and they showed some interest in participating. The trick is getting the first couple of participants to get to critical mass. Is the MadIX using a route server or is it strictly layer2? Thanks, Jay No virus found in this incoming message. Checked by AVG - www.avg.com Version: 9.0.733 / Virus Database: 271.1.1/2720 - Release Date: 03/03/10 13:34:00
RE: Cogent Outage?
Sitting on hold with them now. We lost them completely in Kansas City for about 5 minutes. We're back but connectivity through them is spotty. Can't even resolve google.com. Same with other DCs in the area. -Original Message- From: Joe Johnson [mailto:j...@riversidecg.com] Sent: Thursday, January 14, 2010 11:31 AM To: nanog@nanog.org Subject: Cogent Outage? We just lost Cogent across the country, along with several sister companies. Can't get through to a support person. Any idea what's going on? Joe Johnson Chief Information Officer Riverside Consulting Group, Ltd. Phone: 708.442.6033 x3456 Fax: 708.442.9722 j...@riversidecg.com www.riversidecg.com No virus found in this incoming message. Checked by AVG - www.avg.com Version: 9.0.725 / Virus Database: 270.14.140/2621 - Release Date: 01/14/10 06:39:00
RE: New SPAM DOS
Yep. I've been receiving them from several of my domains for a couple weeks. I've been sending the normal complaints to the provider of the IP space in the header but other than that I have no good ideas about combating it. Aaron -Original Message- From: Owen DeLong [mailto:o...@delong.com] Sent: Friday, January 08, 2010 1:22 PM To: Nanog list Subject: New SPAM DOS At least this is new for me... I host scvrs.org on one of my servers, and, it does not have any outlook or owa services. For some reason, someone decided to try and send this message out to various internet recipients: Dear user of the scvrs.org mailing service! We are informing you that because of the security upgrade of the mailing service your mailbox (x) settings were changed. In order to apply the new set of settings click on the following link: http://scvrs.org/owa/service_directory/settings.php?email=xfrom= scvrs.orgfromname=wa2ibm Best regards, scvrs.org Technical Support. An now I'm having to clean up various blacklistings thinking that my server is a spamvertised web site. Anyone seen this before? Any good techniques for combatting it? Owen No virus found in this incoming message. Checked by AVG - www.avg.com Version: 9.0.725 / Virus Database: 270.14.123/2592 - Release Date: 01/08/10 01:35:00
ATT Admin
Ok, guess we'll see if this really works or not. Would an ATT mail admin contact me offlist? I have an issue I need to start moving up the chain since I'm getting nowhere fast with normal channels. Thanks, Aaron
RE: American Fiber Systems
I have experiences with AFS going back 5 years. None of them good. Where would you like me to start? Aaron -Original Message- From: Marian Stasney [mailto:mar...@stasney.org] Sent: Wednesday, September 23, 2009 4:40 PM To: nanog@nanog.org Subject: American Fiber Systems If any HTTP or last mile providers have worked with this provider, please contact me off-list at the addresses below. Your quick response is greatly appreciated. mks Marian Stasney Desk: 512-853-9598 Cell: 512-845-1546 mar...@stasney.org
RE: Repeated Blacklisting / IP reputation
The mailing sent daily contains both. -Original Message- From: Justin Shore [mailto:jus...@justinshore.com] Sent: Tuesday, September 15, 2009 11:18 AM To: Martin Hannigan Cc: NANOG list Subject: Re: Repeated Blacklisting / IP reputation Martin Hannigan wrote: Well, I haven't even had coffee yet and... Get the removals: curl -ls http://lists.arin.net/pipermail/arin-issued/2009-September/000270.html | grep Remove | grep -v PRE Get the additions: mahannig$ curl -ls http://lists.arin.net/pipermail/arin-issued/2009-September/000270.html | grep Add | grep -v PRE That appears to be it. I've also been told that there is a RSS feed of the same thing. My understanding is that a posting is made to the mailing list or RSS feed when a new subnet is assigned. I'd like to see them do something with the assignment is first returned to ARIN, not months later when the assignment is ready to be handed out again. I think the extra time would help those people that download copies of the DNSBL zone files and manually import them once a week or less often. Lots of place still use the zone files. Personally I prefer to do so too, rather than tie my mail system reliability on an outside source that may or may not tell me when they have problems that affect my service. GoDaddy and their hosted mail service would be a great example since they can't be bothered to update their DNSBL zone files. Their mail admins are using a copy of SORBS that is 3 years old. 3 damn years old. How do I know this? 3 years ago a mistake in a Squid configuration turned one of my services into an open proxy for about a week. Even today mail from that server to a domain with mail hosted at GoDaddy results in a bounce citing the ancient SORBS listing as the reason. Thanks for the pointer. Looks like they've already thought of what I suggested and implemented a solution. I still voice for announcing returned assignment instead of announcing when an old assignment gets reassigned. Thanks Justin
AOL Postmaster
Is anyone from AOL lurking on the list that could contact me of-list? I'm having some issues with mail being rejected because AOL believes our IPs are dynamic. Aaron
RE: AOL Postmaster
Yes. For the last 2 months I've been getting the nice auto reply/ticket number but no other contact. Aaron -Original Message- From: Mike Walter [mailto:mwal...@3z.net] Sent: Monday, June 01, 2009 12:23 PM To: nanog@nanog.org Subject: RE: AOL Postmaster Have you been through http://postmaster.aol.com/? Mike -Original Message- From: Aaron Wendel [mailto:aa...@wholesaleinternet.com] Sent: Monday, June 01, 2009 12:48 PM To: nanog@nanog.org Subject: AOL Postmaster Is anyone from AOL lurking on the list that could contact me of-list? I'm having some issues with mail being rejected because AOL believes our IPs are dynamic. Aaron
RE: Why choose 120 volts?
Our power is handed to us at 480v. We then deliver it to the customer at whatever they need. The nice thing about 120v is that everything uses it. No odd cords (as mentioned before) or expensive PDUs. I've had a lot of people suggest that running our servers at 240v would save us money because we'd use less amps. Last time I looked at my bill I was being billed by the kWh, not amp and 240v at half the amps is still the same wattage. I've been told this so many times though that I'm starting to doubt myself. If anyone can present a reason for me to switch to 240v I'd like to hear it. Aaron -Original Message- From: Seth Mattinen [mailto:se...@rollernet.us] Sent: Tuesday, May 26, 2009 2:39 PM To: nanog@nanog.org Subject: Why choose 120 volts? I have a pure curiosity question for the NANOG crowd here. If you run your facility/datacenter/cage/rack on 120 volts, why? I've been running my facility at 208 for years because I can get away with lower amperage circuits. I'm curious about the reasons for using high-amp 120 volt circuits to drive racks of equipment instead of low-amp 208 or 240 volt circuits. ~Seth
RE: UCEProtect Level 3
Yes. Is that a problem? -Original Message- From: Raleigh Apple [mailto:rap...@rapidlink.com] Sent: Thursday, May 07, 2009 1:34 PM To: nanog@nanog.org Subject: UCEProtect Level 3 Is anyone else out there aware that the UCEProtect Level 3 email blacklist blocks entire AS? r
RE: Important New Requirement for IPv4 Requests
I think this needlessly involves people who probably don't have a clue in an area we may not really want them involved in. I can hear the conversation now: Officer: Why do I have to sign this thing? Tech: Well your graciousness. We are coming to the end of the available address space and the gods at ARIN want to make you aware of that so you might approve that request I made for new equipment to deploy IPv6 with. Officer: Huh? Do we need it? Tech: Yes, we need the address space. Officer: And they're running out? Tech: Well out of the v4 space which is what we use now but we can move to v6 space and... Officer: Hell, request 10x as much space! I'll sign anything as long as we don't run out and have to spend money! For me, I request all the allocations and I'm also an officer of the company so I'll just attest to my own stuff but I can see this would be a nightmare in a larger company. There was also an e-mail about outreach to the CEOs of all the companies with resources. At my company the CEO will hand it to me without even opening it. I assume that in many larger companies it might get glanced at by the CEO or CEOs secretary before it gets shredded. While I completely understand the reasons behind both initiatives I don't think they'll have the desired effect. Aaron -Original Message- From: Matthew Moyle-Croft [mailto:m...@internode.com.au] Sent: Monday, April 20, 2009 9:56 PM To: Joe Greco Cc: nanog@nanog.org Subject: Re: Important New Requirement for IPv4 Requests ARIN should ask companies to demonstrate: - demonstration of routing of an IPv6 range/using IPv6 address space - demonstration of services being offered over IPv6 - a plan to migrate customers to IPv6 - automatic allocation of IPv6 range instead of IPv4 for those who can't do so. ie. No more IPv4 for you until you've shown IPv6 clue. Then people can't just get away with driving into the brick wall of IPv4-allocation fail. (Not sure if I'm serious about this suggestion, but it's there now). MMC On 21/04/2009, at 9:09 AM, Joe Greco wrote: Let me see if I can understand this. We're running out of IPv4 space. Knowing that blatant lying about IP space justifications has been an ongoing game in the community, ARIN has decided to do something about it. So now they're going to require an attestation. Which means that they are going to require an officer to attest to the validity of the information. So the officer, most likely not being a technical person, is going to contact ... probably the same people who made the request, ask them if they need the space. Right? And why would the answer be any different, now? ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again. - Direct Marketing Ass'n position on e- mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples. -- Matthew Moyle-Croft Networks, Internode/Agile Level 5, 162 Grenfell Street, Adelaide, SA 5000 Australia Email: m...@internode.com.auWeb: http://www.on.net Direct: +61-8-8228-2909 Mobile: +61-419-900-366 Reception: +61-8-8228-2999Fax: +61-8-8235-6909
RE: Cogent Haiku v2.0
NANOG has admins They waste a lot of time now Maybe paid to much -Original Message- From: Murphy, Jay, DOH [mailto:jay.mur...@state.nm.us] Sent: Monday, January 12, 2009 11:57 AM To: Mike Bartz; neal rauhauser Cc: nanog@nanog.org Subject: RE: Cogent Haiku v2.0 Level 3 has gear. Bleeding edge technology. Get huge pipes right now. Jay Murphy IP Network Specialist NM Department of Health ITSD - IP Network Operations Santa Fe, New Mexico 87502 Bus. Ph.: 505.827.2851 We move the information that moves your world. -Original Message- From: Mike Bartz [mailto:m...@bartzfamily.net] Sent: Monday, January 12, 2009 10:54 AM To: neal rauhauser Cc: nanog@nanog.org Subject: Re: Cogent Haiku v2.0 I like the haiku! On a serious note, we are considering getting a connection from Cogent. We currently have connections to att, Level 3 and TW Telecom. The low cost and high number of peer AS number's seems appealing to us. Every carrier has its issues, so I don't know what to make of the apparent negativity that I am seeing in these haiku threads. I am looking for some first hand experiences to help me make this decision. Thanks for any assistance! Mike On Sun, Jan 11, 2009 at 9:59 PM, neal rauhauser nrauhau...@gmail.com wrote: Cogent makes a mess My phone rings and rings Unfornicate this! -- Mike Bartz m...@bartzfamily.net __ This inbound email has been scanned by the MessageLabs Email Security System. __ Confidentiality Notice: This e-mail, including all attachments is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited unless specifically provided under the New Mexico Inspection of Public Records Act. If you are not the intended recipient, please contact the sender and destroy all copies of this message. -- This email has been scanned by the Sybari - Antigen Email System.