RE: hbo max geolocation issue

2024-08-27 Thread Howard, Lee via NANOG 
My source for geolocation updates is 
https://thebrotherswisp.com/index.php/geo-and-vpn and they say:

HBO: ctiaengine...@hbo.com

Lee

From: NANOG  On Behalf 
Of Mehmet
Sent: Tuesday, August 27, 2024 12:00 PM
To: nanog 
Subject: hbo max geolocation issue

You don't often get email from meh...@akcin.net. Learn 
why this is important
This message is from an EXTERNAL SENDER - be CAUTIOUS, particularly with links 
and attachments.


hello there

i am dealing with hbo max geolocation issue, is there anyone on the list from 
HBO team who can assist (or point me where i can look for a solution)

thank you

Norms and Standards

2024-08-02 Thread Howard, Lee via NANOG 
Last October at NANOG89 in San Diego, John Curran exhorted us to work 
together to document best 
practices before governments developed their own.

John pointed out that in many industries, technical requirements and standards 
inform public policy goals, and vice versa. Then, when regulation is enacted, 
it refers to the standards developed by those technical experts. For example, 
the policy goal of protecting people from house fires is promoted through 
building codes (laws) which reference fire and electrical codes developed by 
standards bodies.

Governments are instituted by people to provide national defense, perform 
public services, protect children and vulnerable people, safeguard privacy and 
freedom, and prosecute those who transgress the above[1]. However, governments 
don't operate the Internet, so when there are threats to or violations of the 
governmental role, they look to us. As John notes, they are increasingly 
looking at their roles with respect to the Internet.

If we don't work together to provide tools to enable governments to fulfill 
their legitimate role, they will do what they think is best.

If we have agreed on some norms and standards, then they can point to those and 
say, "This looks like best practice." In many cases, that gives us a safe 
harbor against additional action from governments-if I can show I'm following 
accepted best practices, I'm less of a target than my non-compliant competitors.

What should we work on together?

  *   We already have MANRS, KINDNS, some anti-spam (no open relays, block port 
25, etc.).
  *   DDoS mitigation. BCP38, communities for RTBH, packet scrubbing, etc. What 
can we do collectively?
  *   Infrastructure protection. Best practices for protecting your devices and 
services.
  *   Critical infrastructure protection. Do we have a role in protecting power 
plants, hospitals, etc., more than others?
  *   Net neutrality. Is there more than just "don't inspect above L3"? Do CDNs 
or caches privilege some content unfairly?
  *   IPv6? The government angle is mostly anti-CGN, but this is a greater 
problem outside this region.
  *   Other ideas?

If a group of people can pick one topic and start documenting best practices, 
we may be able to do something good. I'm not worried about process yet: content 
first.

Is there a topic above, or another one, on which folks would like to 
collaborate to describe best practices?

Lee

[1] Even if you disagree that there is a legitimate role for governments, they 
think they have these roles, and they have the power to compel.

RE: 600,000 routers bricked

2024-06-03 Thread Howard, Lee via NANOG 
In the second paragraph, he cites his source: 
https://blog.lumen.com/the-pumpkin-eclipse/

Lumen’s Black Lotus Labs detected the event; the post answers all of your 
concerns. Further, they remark that this was an especially sophisticated 
infection, that hid its tracks well.

Lee

From: NANOG  On Behalf 
Of Tom Beecher
Sent: Sunday, June 2, 2024 4:23 PM
To: Dave Taht 
Cc: NANOG 
Subject: Re: 600,000 routers bricked

This message is from an EXTERNAL SENDER - be CAUTIOUS, particularly with links 
and attachments.


That post from Mr. Perens about this is honestly really shitty.

1. Is he right that Lumen has to shoulder blame for not keeping CPE updated 
with exploit free software? Certainly.
2. Making a claim that all 600k of these routers were being used as botnet 
zombies without any supporting evidence is really poor form.
3. Even if we assert that 50% of these devices were exploited for botnet 
activity, that means 50% WEREN'T.  We shouldn't be applauding 300k 
people/businesses that just had their internet connectivity yeeted away from 
them through zero fault or their own.
4. "I've never heard of these router manufactures" is exceptionally ignorant. 
ActionTec has been around since the early 90s. Sagemcom wasn't someone I've 
heard of before , but so what.

Yes, CPE provided by ISPs can be a problem. But applauding asshats who bricked 
all this stuff as some noble event that should be "applauded" as he says is 
really, really stupid. It's not going to meaningfully move the needle with how 
ISPs handle this stuff, and all it did was inconvenience a LOT of end users.

On Sun, Jun 2, 2024 at 4:04 PM Dave Taht 
mailto:dave.t...@gmail.com>> wrote:


https://www.linkedin.com/pulse/60-families-using-one-internet-provider-have-routers-bruce-perens-geedc/


--
https://www.youtube.com/watch?v=BVFWSyMp3xg&t=1098s Waves Podcast
Dave Täht CSO, LibreQos

RE: IPv6 uptake (was: The Reg does 240/4)

2024-02-19 Thread Howard, Lee via NANOG 
Bottom-posted with old school formatting by hand.

-Original Message-
From: NANOG  On Behalf 
Of William Herrin
Sent: Friday, February 16, 2024 8:05 PM
To: Michael Thomas 
Cc: nanog@nanog.org
Subject: Re: IPv6 uptake (was: The Reg does 240/4)

> On the firewall, I program it to do NAT translation from
> 192.168.55.0/24 to 199.33.225.1 when sending packets outbound, which also has 
> the effect of disallowing 
> inbound packets to 192.168.55.0/24 which are not part of an established 
> connection.
> 
> Someone tries to telnet to 192.168.55.4. What happens? The packet never even 
> reaches my firewall because 
> that IP address doesn't go anywhere on the Internet.

Most NATs I've seen in the last 10-15 years are "full cone" NATs: they are 
configured so that once there is an 
outbound flow, and inbound datagram to that address+port will be forwarded to 
the inside address, regardless
of source.

Most devices now have a more or less constant flow of heartbeats or updates to 
somewhere on the Internet.
In practice, NAPT just increases the size of the space to scan: just dump your 
crafted packets to every address
+ every port at your target.

If that increased scanning target is your security, you're better off with the 
increased target of IPv6.

IT administrators don't usually know what kind of NAT they have deployed.

FWIW, the other enterprise IT security hole I often see: if your VPN is 
IPv6-unaware, but your users have IPv6
at home (like most in the U.S.), your VPN is now split-tunnel, regardless of 
policy. You may think all your
packets are going through the VPN to be inspected by the corporate firewall, 
but any web site with IPv6
(about half) will use the local residential route, not the VPN.

Lee

RE: IPv6 uptake (was: The Reg does 240/4)

2024-02-19 Thread Howard, Lee via NANOG 
If you ever want to know which providers in a country are lagging, Geoff Huston 
is here to help:

https://stats.labs.apnic.net/ipv6/US

In the U.S., the largest operators without IPv6 are (in order by size):
Verizon FiOS (they deployed to 50%, discovered a bug, and rolled back)
Frontier
Lumen (CenturyLink)
CableVision
CableOne
Suddenlink
Windstream
US Cellular
Brightspeed

Comcast, Charter, and Cox each have fully deployed IPv6, along with AT&T and 
all of the mobile carriers.

Lee

-Original Message-
From: NANOG  On Behalf 
Of Michael Thomas
Sent: Sunday, February 18, 2024 3:29 PM
To: nanog@nanog.org
Subject: Re: IPv6 uptake (was: The Reg does 240/4)

[You don't often get email from m...@mtcc.com. Learn why this is important at 
https://aka.ms/LearnAboutSenderIdentification ]

This message is from an EXTERNAL SENDER - be CAUTIOUS, particularly with links 
and attachments.



On 2/18/24 8:47 AM, Greg Skinner via NANOG wrote:
> On Feb 17, 2024, at 11:27 AM, William Herrin  wrote:
>> On Sat, Feb 17, 2024 at 10:34?AM Michael Thomas  wrote:
>>
>>> Funny, I don't recall Bellovin and Cheswick's Firewall book 
>>> discussing NAT.
>> And mine too, since I hadn't heard of "Firewalls and Internet
>> Security: Repelling the Wily Hacker" and have not read it.
> For what it's worth, both editions of Bellovin and Cheswick's 
> Firewalls book are online. [1]  Also, there are discussions about NAT 
> and how it influenced IPng (eventually IPv6) on the big-internet list. 
> [2]

FWIW, while at Cisco I started to get wind of some NAT-like proposal being 
floated by 3COM at Packetcable back in the late 90's, early 2000's (sorry, I 
have no memory of the specifics now). That was pretty horrifying to me and 
others as the implication was that we'd have to implement it in our routers, 
which I'm sure 3COM viewed as a feature, not a bug. We pushed back that 
implementing IPv6 was a far better option if it came down to that. That sent me 
and Steve Deering off on an adventure to figure out how we might actually make 
good on that alternative in the various service provider BU's. Unsurprisingly 
the BU's were not very receptive not just because of the problems with v6 vs 
hardware forwarding, but mostly because providers weren't asking for it.
They weren't asking for CGNAT like things either though so it was mostly the 
status quo. IOS on the other hand was taking IPv6 much more seriously so that 
providers could at least deploy it in the small for testing, pilots, etc even 
if it was a patchwork in the various platforms.

The problem with v6 uptake has always been on the provider side. BU's wouldn't 
have wanted to respin silicon but if providers were asking for it and it gave 
them a competitive advantage, they'd have done it in a heartbeat. It's 
heartening to hear that a lot of big providers and orgs are using IPv6 
internally to simplify management along with LTE's use of v6. I don't know 
what's happening in MSO land these days, but it would be good to hear if they 
too are pushing a LTE-like solution. I do know that Cablelabs pretty early on 
-- around the time I mentioned above -- has been pushing for v6. Maybe Jason 
Livingood can clue us in. Getting cable operators onboard too would certainly 
be a good thing, though LTE doesn't have to deal with things like brain dead 
v4-only wireless routers on their network.

Mike

RE: The Reg does 240/4

2024-02-16 Thread Howard, Lee via NANOG 
It seems we’re the marketplace of record.

We do have some private transactions, that is, sales that take place outside of 
our marketplace and therefore don’t appear on the prior-sales page. That’s 
generally for /16 or larger, where one or both parties want custom terms that 
differ from our standard Terms of Use.

It’s true that prices for /16 and larger have held steadier than smaller 
blocks. My guess is that there has been a lot more supply of smaller blocks 
than /16+, driving prices down for the smaller blocks. Supply for /16s and 
larger is fine, but not enormous. I don’t assume that prices will remain the 
same.

So, what about 240/4?  The IPv4 market moves about 40 million addresses per 
year. A /4 is 268 million addresses, so if that supply became available (IETF 
telling IANA to distribute it to the RIRs, I assume) it would definitely affect 
the market for a long time. The RIRs would have to look at their 
post-exhaustion policies and figure out whether they still applied, or if 
pre-exhaustion policies should be used. I don’t have a strong opinion on this, 
and give credit to the authors of the proposal for working to identify any 
places where 240/4 would not work.

I still think the Internet works better when everyone uses the same protocol, 
so everyone should deploy IPv6. At this point, the consumer electronics and 
corporate IT sectors are the major holdouts. There are still ISPs and web sites 
that don’t have IPv6, but it’s no longer reasonable to assert that those are 
failures as a group, IMHO.


Lee Howard | Senior Vice President, IPv4.Global
[Inline image]

t: 646.651.1950
email: leehow...@hilcostreambank.com
web: www.ipv4.global
twitter: twitter.com/ipv4g





From: NANOG  On Behalf 
Of Mike Hammett
Sent: Friday, February 16, 2024 10:28 AM
To: Tom Beecher 
Cc: nanog@nanog.org
Subject: Re: The Reg does 240/4

This message is from an EXTERNAL SENDER - be CAUTIOUS, particularly with links 
and attachments.


Evidence to support Tom's statement:

https://auctions.ipv4.global/prior-sales


-
Mike Hammett
Intelligent Computing Solutions
http://www.ics-il.com

Midwest-IX
http://www.midwest-ix.com


From: "Tom Beecher" mailto:beec...@beecher.cc>>
To: "Brian Knight" mailto:m...@knight-networks.com>>
Cc: nanog@nanog.org
Sent: Thursday, February 15, 2024 5:31:42 PM
Subject: Re: The Reg does 240/4
$/IPv4 address peaked in 2021, and has been declining since.

On Thu, Feb 15, 2024 at 16:05 Brian Knight via NANOG 
mailto:nanog@nanog.org>> wrote:
On 2024-02-15 13:10, Lyndon Nerenberg (VE7TFX/VE6BBM) wrote:
> I've said it before, and I'll say it again:
>
>   The only thing stopping global IPv6 deployment is
>   Netflix continuing to offer services over IPv4.
>
> If Netflix dropped IPv4, you would see IPv6 available *everywhere*
> within a month.

As others have noted, and to paraphrase a long-ago quote from this
mailing list, I'm sure all of Netflix's competitors hope Netflix does
that.

I remain hopeful that the climbing price of unique, available IPv4
addresses eventually forces migration to v6. From my armchair, only
through economics will this situation will be resolved.

> --lyndon

-Brian

RE: NANOG 90 Attendance?

2024-02-15 Thread Howard, Lee via NANOG 


From: Tom Beecher 
Sent: Thursday, February 15, 2024 10:53 AM
To: Howard, Lee 
Cc: Warren Kumari ; nanog 
Subject: Re: NANOG 90 Attendance?

This message is from an EXTERNAL SENDER - be CAUTIOUS, particularly with links 
and attachments.



Maybe this should have gone to the members mailing list, but I couldn’t find 
one.


memb...@nanog.org


Thank you, Tom. I was unable to find that piece of information to find by:

  *   Searching “Member list” on the NANOG web page
  *   Browsing the options under “Members” on the site
  *   Reading the list of mailing lists at 
https://nanog.org/nanog-mailing-list/nanog-mailing-lists/
  *   Googling “NANOG members mailing list”

Lee

RE: NANOG 90 Attendance?

2024-02-15 Thread Howard, Lee via NANOG 
I'm jumping on an earlier part of the thread.

Based on what I heard at the Members Meeting and several follow up hallway 
conversations, I think:

  *   NANOG needs a focus group on attendees. A survey won't do it, we need a 
deep dive into roles, interests, career level, and why they attend.
  *   Somebody or somebodies should be specifically tasked with following up 
with every one of the 120 newcomer attendees to ask what it would take to get 
them to come back. Our conversion rate to repeat attendee is a key performance 
indicator. There's a great Newcomer Orientation just before conference opening; 
let's have a Newcomer Lessons Learned at the end.
  *   Poll attendees on relative importance of location, registration fee, 
programming, side meeting space. Iterate based on comments (location = airport? 
Hotel? Nearby amenities? Proximity to home?)
  *   Survey sponsors. I give feedback to staff and occasional board members, 
but there's no clear way to gather information.
  *   These should be sent to the Members in advance of a Members Meeting to 
discuss. Needs more than 20 minutes of a 45 minute meeting before main 
programming.
  *   Consider empaneling a Mission Committee to review NANOG's mission and how 
to fulfill it.

Other thoughts, which I couldn't submit in a survey or find another way to send 
to the board or staff:

  *   I suggested in San Diego and now bring to the list: the last item on the 
agenda should be 15-30 minutes of "What are you taking home from this NANOG?"
 *   Helps remind people what value they got
 *   Lets us know what people found most valuable (Specific sessions? deals 
done? Trends in hallway topics?)
 *   Solidifies for people what they can offer their boss as the value of 
sending them to NANOG
  *   We should look into cooperating with other network organizations for 
meetings. WISPAmerica, NRECA, NTCA, Fiber Connect, SCTE, IETF
  *   ARIN has a help desk in the main hall. Allow other sponsors to put up a 
Help Desk. Put up a sign showing which company will be there for which half-day 
increment. I think a lot of attendees would find value in the ability to sit 
down with a senior sales engineer at their favorite router, optical, or 
intelligence vendor to say, "Here's my problem," even if many of those 
conversations resulted in "Let's schedule time to discuss in more depth."
 *   Price it like BnG-you're getting ½ day of visibility, less distraction 
than meal/break sponsors
 *   Require swag to be incidentals like pens and stickers-if you're 
getting a mad rush of people, you're missing the point


This can't all be done in time for Kansas City, but maybe some of it can be. 
Given that hotel contracts are negotiated two years in advance, I figure we 
have about two years to get this right before it's too late to steer the ship 
away from the rocks.

Let me close with: I think we have an excellent board, all of whom love this 
community and have spent years thinking about this. The lack of a CEO is a 
problem soon to be resolved, and that will help support the already excellent 
staff. There are themes we've been hearing for several meetings in a row, and I 
know the board is giving them a lot of thought, and I'm just trying to support 
those efforts from outside the board.

Maybe this should have gone to the members mailing list, but I couldn't find 
one.

Lee


From: NANOG  On Behalf 
Of Warren Kumari
Sent: Sunday, February 11, 2024 2:50 PM
To: Mike Hammett 
Cc: nanog 
Subject: Re: NANOG 90 Attendance?

You don't often get email from war...@kumari.net. 
Learn why this is important
This message is from an EXTERNAL SENDER - be CAUTIOUS, particularly with links 
and attachments.






On Sun, Feb 11, 2024 at 8:31 AM, Mike Hammett 
mailto:na...@ics-il.net>> wrote:
I haven't been to a NANOG meeting in a while. While going through the attendee 
list for NANOG 90 to try to book meetings with people, I noticed a lack of (or 
extremely minimal) attendance by several organizations that have traditionally 
had several employees attend. I've also noticed that some organizations I had 
an interest in were only sending sales people, not technical people.


There have been a few changes - part of this is driven by post-pandemic 
decreased travel budget in many organizations, part by industry changes and 
consolidation, but also a fair bit seems to be because the tone of NANOG has 
changed and become much more of a polished, sales-y feeling event than it used 
to be

Here is the current NANOG agenda:
https://www.nanog.org/events/nanog-90/agenda/

Here is the agenda from 20 years ago:
https://www.nanog.org/events/nanog-30/nanog-30-agenda-2/

This time I've received at least 6 phone calls along this line of "Hi, I'm 
[person] from [company]. We are a NANOG sponsor and we'd like to personally 
invite you to a very special [breakfast/lunch/dinner] with our [CEO/CTO]. 
They'd love to