from:"Jason Kuehl"

Xfinity Engineer

2024-04-19 Thread Jason Kuehl

My company has many issues with Xfinity users using global protection on
the Xfinity network, not Comcast.

Does anyone have a contact email list or phone number I can use to reach a
real person or engineer who is not in support?

Thanks
Jason.
-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Re: Hawaiian ILEC infrastructure and fire

2023-08-16 Thread Jason Kuehl

I would be willing to travel down to help restore infra; I did this back
around Sandy as well. Is there anyone we can contact?

On Wed, Aug 16, 2023 at 10:51 PM scott via NANOG  wrote:

>
>
> On 8/17/23 2:03 AM, John Levine wrote:
> > According to Eric Kuhnke :
> >> -=-=-=-=-=-
> >>
> >> It's my understanding that the Hawaiian ILEC is now owned by Cincinnati
> >> Bell, which is also a unique historical artifact, as it was its own
> >> independent corporation/operating entity in the region of Cincinnati
> during
> >> the era of the pre-1984 Bell system.
> >
> > Not that unique, SNET was also a Bell affiliate in most of Connecticut.
> >
> > Hawaiian Tel has a very painful history. It was independent until
> > 1967, then bought by GTE, then merged into Verizon along with the rest
> > of GTE in 2000, then sold to a hedge fund in 2004 which knew nothing
> > about telephony and ran it into bankruptcy, then an independent public
> > company from 2010 to 2017, when it was bought by Cincinnati Bell,
> > which in turn was bought in 2021 by Australian conglomerate Macquarie.
>
> Yep, that's it.  And the hedge fund (The Carlyle Group) thing was a
> complete disaster.  I was here for all that.  Fugly is all I can say.
>
>
>
> > Running phone systems on islands is very expensive. There's only
> > 160,000 people on Maui, about the same as Salinas CA, but separated
> > from the rest of the world by a lot of water.
>
> We have a lot of undersea fiber and it is all connected into one big
> MPLS network for the internet stuff.  There is still SS7 stuff out
> there, too.  I am unfamiliar with that part.
>
> scott
>


-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Re: ICANN Response (Re: Ukraine request yikes)

2022-03-03 Thread Jason Kuehl

Yep, I completely agree. I also think if they had done anything else, it
would have been a reputation-ending.

On Thu, Mar 3, 2022 at 8:19 AM Jorge Amodio  wrote:

>
> I believe it is a proper response, besides that it is not right for ICANN
> to get in the middle of this type of conflict, in situations like this,
> increasing the flow of real information counters the flow of misinformation.
>
> -J
>
> On Thu, Mar 3, 2022 at 7:05 AM John Curran  wrote:
>
>> ICANN response request from the Ukraine regarding various DNS
>> interventions –
>> https://www.icann.org/en/system/files/correspondence/marby-to-fedorov-02mar22-en.pdf
>>
>> FYI,
>> /John
>>
>> John Curran
>> President and CEO
>> American Registry for Internet Numbers
>>
>>
>> On 2 Mar 2022, at 1:01 AM, John Curran  wrote:
>>
>> Regarding the portion of the request to the RIPE NCC to withdraw the
>> relevant Russia registered IP address blocks, it appears that the RIPE NCC
>> has reiterated their position on such disputes -
>>
>>
>> https://www.ripe.net/publications/news/announcements/ripe-ncc-executive-board-resolution-on-provision-of-critical-services
>>
>>
>> FYI,
>> /John
>>
>> John Curran
>> President and CEO
>> American Registry for Internet Numbers
>>
>> On 1 Mar 2022, at 3:25 AM, Ryan Hamel  wrote:
>>
>> It’s already spread to the news -
>> https://www.rollingstone.com/politics/politics-news/ukraine-icann-russia-internet-runet-disconnection-1314278/
>>
>> Ryan
>>
>> *From:* NANOG  *On Behalf Of 
>> *George
>> Herbert
>> *Sent:* Tuesday, March 1, 2022 12:17 AM
>> *To:* Nanog 
>> *Subject:* Ukraine request yikes
>>
>> Posted by Bill Woodcock on Twitter…
>> https://twitter.com/woodyatpch/status/1498472865301098500?s=21
>>
>> https://pastebin.com/DLbmYahS
>>
>> Ukraine (I think I read as) want ICANN to turn root nameservers off,
>> revoke address delegations, and turn off TLDs for Russia.
>>
>> Seems… instability creating…
>>
>>
>> -george
>> Sent from my iPhone
>>
>>
>>
>>

-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Re: massive facebook outage presently

2021-10-04 Thread Jason Kuehl

https://twitter.com/disclosetv/status/1445100931947892736?s=20

On Mon, Oct 4, 2021 at 3:01 PM Tony Wicks  wrote:

> Didn't write that part of the automation script and that coder left...
>
> > I got a mail that Facebook was leaving NLIX. Maybe someone botched the
> > script so they took down all BGP sessions instead of just NLIX and now
> > they can't access the equipment to put it back... :-)
>
>
>

-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Re: massive facebook outage presently

2021-10-04 Thread Jason Kuehl

I mean, you're an idiot if you post that public on the internet about
your own place of work. What do you think would happen? Nothing? He should
never of said anything, but now the Facebook hitman got him.

Facebook will have to send out a Reason For Outage with all the services
it's effecting, like login

On Mon, Oct 4, 2021 at 2:46 PM Blake Dunlap  wrote:

> You laugh but that kind of sounds like what happened so far as oops we
> isolated prod and are scrambling on DR. There was someone supposedly live
> tweeting from their incident response for a bit before their account panic
> deleted.
>
> On Mon, Oct 4, 2021, 13:42 Baldur Norddahl 
> wrote:
>
>> I got a mail that Facebook was leaving NLIX. Maybe someone botched the
>> script so they took down all BGP sessions instead of just NLIX and now they
>> can't access the equipment to put it back... :-)
>>
>>
>> man. 4. okt. 2021 20.31 skrev Billy Croan :
>>
>>> I know what this is.  They forgot to update the credit card on their
>>> godaddy account and the domain lapsed.  I guess it will be facebook.info
>>> when they get it back online.  The post mortem should be an interesting
>>> read.
>>>
>>> On Mon, Oct 4, 2021 at 11:46 AM Jason Kuehl 
>>> wrote:
>>>
>>>> Looks like they run there own nameservers and I see the soa records are
>>>> even missing.
>>>>
>>>> On Mon, Oct 4, 2021, 12:23 PM Mel Beckman  wrote:
>>>>
>>>>> Here’s a screenshot:
>>>>>
>>>>>
>>>>>
>>>>>  -mel beckman
>>>>>
>>>>> On Oct 4, 2021, at 9:06 AM, Eric Kuhnke  wrote:
>>>>>
>>>>> 
>>>>> https://downdetector.com/status/facebook/
>>>>>
>>>>> Normally not worth mentioning random $service having an outage here,
>>>>> but this will undoubtedly generate a large volume of customer service
>>>>> calls.
>>>>>
>>>>> Appears to be failure in DNS resolution.
>>>>>
>>>>>

-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Re: massive facebook outage presently

2021-10-04 Thread Jason Kuehl

Yeah it looks like there dns servers are just dead. I can't get an response
from them.

On Mon, Oct 4, 2021, 12:26 PM Dmitry Sherman  wrote:

> same problem in Israel
>
>
>
>
>
> *From:* NANOG [mailto:nanog-bounces+dmitry=interhost@nanog.org] *On
> Behalf Of *Eric Kuhnke
> *Sent:* Monday, 4 October 2021 19:03
> *To:* nanog@nanog.org list 
> *Subject:* massive facebook outage presently
>
>
>
> https://downdetector.com/status/facebook/
>
>
>
> Normally not worth mentioning random $service having an outage here, but
> this will undoubtedly generate a large volume of customer service calls.
>
>
>
> Appears to be failure in DNS resolution.
>
>
>

Re: massive facebook outage presently

2021-10-04 Thread Jason Kuehl

Looks like they run there own nameservers and I see the soa records are
even missing.

On Mon, Oct 4, 2021, 12:23 PM Mel Beckman  wrote:

> Here’s a screenshot:
>
>
>
>  -mel beckman
>
> On Oct 4, 2021, at 9:06 AM, Eric Kuhnke  wrote:
>
> 
> https://downdetector.com/status/facebook/
>
> Normally not worth mentioning random $service having an outage here, but
> this will undoubtedly generate a large volume of customer service calls.
>
> Appears to be failure in DNS resolution.
>
>

Re: Xfi Advances Security (comcast)

2021-09-10 Thread Jason Kuehl

This is an SSL VPN that is being blocked. This is what failure looks like.
Curl is the same.

Once we disable the Xfi  Advanced Security everyone can connect.

[image: image.png]

On Fri, Sep 10, 2021 at 11:01 AM Jim Popovitch via NANOG 
wrote:

> On Fri, 2021-09-10 at 10:31 -0400, Jason Kuehl wrote:
> > For whatever reason Comcast Xfinity is blocking my VPN URL.
>
> Not certain that this applies, but Concast Advanced Security (setup in
> your Comcast gateway) only allows outbound VPN connections to UDP ports
> 500, 4500, and 62515 and TCP port 1723.
>
> -Jim P.
>
>

-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Re: Xfi Advances Security (comcast)

2021-09-10 Thread Jason Kuehl

By default, the cable modems from Comcast have Xfi Advanced
security-enabled which is a layer 3 URL blocker.

We can access our URL via that IP fine, but the URL fails.

The fix we're telling users is to 1st allow to unblock the URL in the APP,
then disable the service. Which does fix the issue.

I'm trying to find out why Comcast why they did the block to start with and
how to white list.

On Fri, Sep 10, 2021 at 10:57 AM Chris Boyd  wrote:

>
>
> > On Sep 10, 2021, at 9:31 AM, Jason Kuehl 
> wrote:
> >
> > For whatever reason Comcast Xfinity is blocking my VPN URL. I've started
> the process to unblock, and I'm trying to get a hold of their security team
> to resolve this. I've been bounced around all morning.
> >
> > Does anyone have a contact at Comcast that can whitelist a URL or get me
> to a team that can understand what is going on for the block to happen?
>
> Why is Comcast blocking things? That seems like it’s out of scope for an
> ISP.
>
> —Chris

-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Xfi Advances Security (comcast)

2021-09-10 Thread Jason Kuehl

For whatever reason Comcast Xfinity is blocking my VPN URL. I've started
the process to unblock, and I'm trying to get a hold of their security team
to resolve this. I've been bounced around all morning.

Does anyone have a contact at Comcast that can whitelist a URL or get me to
a team that can understand what is going on for the block to happen?

-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Re: Google Geo Location Issues

2021-06-30 Thread Jason Kuehl

This is want I'm working on setting up, here is hoping they approve my
account.

On Wed, Jun 30, 2021 at 10:30 AM Benjamin Hatton  wrote:

> If they are your subnets, and you have your own AS (and possibly enough
> traffic to Google, I'm not sure what exactly their criteria is but we were
> able to make an account with ~2Gbps peak and no peering relationships) you
> can create an account with the Google ISP Portal (isp.google.com) which
> has a self service tool to upload a csv that will update your prefixes in
> the Google IP Geolocation database.  Took ~2 weeks after upload for it to
> be reflected in live data.
>
> *Ben Hatton*
> *Network Engineer | Haefele Connect*
> d:(607)589-8000 | b...@haefeleconnect.com
>
> * <https://www.htva.net>*
>
>
> On Wed, Jun 30, 2021 at 10:21 AM Nate Burke  wrote:
>
>> Same here, YoutubeTV Geolocation problem, has one of my subnets in Tulsa
>> instead of Chicago.  Ticket open for 8 months.  Every reply was that it was
>> 'with engineering' and no ETA.  I just got a notice from them last week
>> that they're closing the ticket and sent a survey to fill out to rate the
>> support received.  I told them that the issue was still not resolved and
>> never heard back from them.
>>
>> On 6/30/2021 8:55 AM, Josh Luthman wrote:
>>
>> Been months since I was told they'd get it fixed.  To be fair they did
>> say they weren't sure on how long it would take.  I feel like I've been
>> forgotten about.
>>
>> Josh Luthman
>> 24/7 Help Desk: 937-552-2340
>> Direct: 937-552-2343
>> 1100 Wayne St
>> Suite 1337
>> Troy, OH 45373
>>
>>
>> On Wed, Jun 30, 2021 at 9:18 AM Mike Hammett  wrote:
>>
>>> I've discovered that if you *CAN* get a Google ISP account, you can
>>> manage it all there.
>>>
>>> If you can't, well, you're up shit creek without a paddle.
>>>
>>>
>>>
>>> -
>>> Mike Hammett
>>> Intelligent Computing Solutions
>>> http://www.ics-il.com
>>>
>>> Midwest-IX
>>> http://www.midwest-ix.com
>>>
>>> --
>>> *From: *"Jason Kuehl" 
>>> *To: *"NANOG" 
>>> *Sent: *Tuesday, June 29, 2021 6:25:06 PM
>>> *Subject: *Google Geo Location Issues
>>>
>>> I'm looking for a contact, email, number, smoke signals for someone at
>>> Google I can talk to on geolocation issue. For some reason Google has
>>> labeled our IP ranges as Belarus when we're located in the states. If
>>> anyone can point me at any contact I would be really happy..
>>>
>>> .
>>>
>>> --
>>> Sincerely,
>>>
>>> Jason W Kuehl
>>> Cell 920-419-8983
>>> jason.w.ku...@gmail.com
>>>
>>>
>>

-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Google Geo Location Issues

2021-06-29 Thread Jason Kuehl

I'm looking for a contact, email, number, smoke signals for someone at
Google I can talk to on geolocation issue. For some reason Google has
labeled our IP ranges as Belarus when we're located in the states. If
anyone can point me at any contact I would be really happy..

.

-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Re: Comcast Burp in Mass/Boston Area

2021-02-24 Thread Jason Kuehl

Comcast's Outage id number OE118864040



On Wed, Feb 24, 2021 at 11:42 PM Jason Kuehl 
wrote:

> From Comcast's own charts. Looks like something did happen over their
> ethernet internet and private ethernet.
>
> [image: image.png]
>
> On Wed, Feb 24, 2021 at 11:37 PM Neil Hanlon  wrote:
>
>> Yeah, had several test nodes transiting to me fail via Comcast it seems.
>>
>> On Wed, Feb 24, 2021, 23:31 Jason Kuehl  wrote:
>>
>>> Anyone else with Comcast have a small outage? About 5-7 minutes?
>>>
>>> --
>>> Sincerely,
>>>
>>> Jason W Kuehl
>>> Cell 920-419-8983
>>> jason.w.ku...@gmail.com
>>>
>>
>
> --
> Sincerely,
>
> Jason W Kuehl
> Cell 920-419-8983
> jason.w.ku...@gmail.com
>


-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Re: Comcast Burp in Mass/Boston Area

2021-02-24 Thread Jason Kuehl

>From Comcast's own charts. Looks like something did happen over their
ethernet internet and private ethernet.

[image: image.png]

On Wed, Feb 24, 2021 at 11:37 PM Neil Hanlon  wrote:

> Yeah, had several test nodes transiting to me fail via Comcast it seems.
>
> On Wed, Feb 24, 2021, 23:31 Jason Kuehl  wrote:
>
>> Anyone else with Comcast have a small outage? About 5-7 minutes?
>>
>> --
>> Sincerely,
>>
>> Jason W Kuehl
>> Cell 920-419-8983
>> jason.w.ku...@gmail.com
>>
>

-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Comcast Burp in Mass/Boston Area

2021-02-24 Thread Jason Kuehl

Anyone else with Comcast have a small outage? About 5-7 minutes?

-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Re: Unimus Network Automation https://unimus.net/

2021-01-13 Thread Jason Kuehl

Sorry, RANCID is open source.  rConfig  is not.

On Wed, Jan 13, 2021 at 8:46 AM Jason Kuehl  wrote:

> unimus is great I've used it for simple sites. rConfig is better as there
> is no licensing and open source. It's more involved at setting up but worth
> it.
>
> On Wed, Jan 13, 2021 at 8:20 AM Mike Hammett  wrote:
>
>> I've been using Unimus since before 0.3.0 (as I see it contains a number
>> of additions I would have contributed).
>>
>> Great product.
>>
>> They are very responsive to feature requests.
>>
>> They have been very responsive to the few support requests I've had.
>>
>> Very cost effective.
>>
>> Very easy to install and update.
>>
>>
>>
>> -
>> Mike Hammett
>> Intelligent Computing Solutions
>> http://www.ics-il.com
>>
>> Midwest-IX
>> http://www.midwest-ix.com
>>
>> --
>> *From: *"James Braunegg" 
>> *To: *nanog@nanog.org
>> *Sent: *Wednesday, January 13, 2021 12:38:53 AM
>> *Subject: *Unimus Network Automation https://unimus.net/
>>
>> Dear All
>>
>>
>>
>> Anyone using Unimus for Network Automation ? https://unimus.net/
>>
>>
>>
>> i.e. mass configuration / push / pull configurations looking for
>> something more powerful than rconfig for a Cisco Nexus and Juniper
>> environment.
>>
>>
>>
>> And or happy with any other suggestions
>>
>>
>>
>> Kindest Regards
>>
>>
>>
>> *James Braunegg*
>>
>> [image: cid:image001.png@01D280A4.01865B60]
>>
>> 1300 769 972 / 0488 997 207 <1300%20769%20972>
>>
>> *ja...@micron21.com *
>>
>> www.micron21.com/
>>
>> [image: cid:image002.png@01D280A4.01865B60] <http://www.micron21.com/>
>>
>> [image: cid:image003.png@01D280A4.01865B60]
>> <https://www.facebook.com/micron21/>
>>
>> [image: cid:image004.png@01D280A4.01865B60]
>> <https://twitter.com/micron21>
>>
>> Follow us on Twitter <https://twitter.com/micron21> for important
>> service and system updates.
>>
>> This message is intended for the addressee named above. It may contain
>> privileged or confidential information. If you are not the intended
>> recipient of this message you must not use, copy, distribute or disclose it
>> to anyone other than the addressee. If you have received this message in
>> error please return the message to the sender by replying to it and then
>> delete the message from your computer.
>>
>>
>>
>>
>>
>>
>
> --
> Sincerely,
>
> Jason W Kuehl
> Cell 920-419-8983
> jason.w.ku...@gmail.com
>


-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Re: Unimus Network Automation https://unimus.net/

2021-01-13 Thread Jason Kuehl

unimus is great I've used it for simple sites. rConfig is better as there
is no licensing and open source. It's more involved at setting up but worth
it.

On Wed, Jan 13, 2021 at 8:20 AM Mike Hammett  wrote:

> I've been using Unimus since before 0.3.0 (as I see it contains a number
> of additions I would have contributed).
>
> Great product.
>
> They are very responsive to feature requests.
>
> They have been very responsive to the few support requests I've had.
>
> Very cost effective.
>
> Very easy to install and update.
>
>
>
> -
> Mike Hammett
> Intelligent Computing Solutions
> http://www.ics-il.com
>
> Midwest-IX
> http://www.midwest-ix.com
>
> --
> *From: *"James Braunegg" 
> *To: *nanog@nanog.org
> *Sent: *Wednesday, January 13, 2021 12:38:53 AM
> *Subject: *Unimus Network Automation https://unimus.net/
>
> Dear All
>
>
>
> Anyone using Unimus for Network Automation ? https://unimus.net/
>
>
>
> i.e. mass configuration / push / pull configurations looking for something
> more powerful than rconfig for a Cisco Nexus and Juniper environment.
>
>
>
> And or happy with any other suggestions
>
>
>
> Kindest Regards
>
>
>
> *James Braunegg*
>
> [image: cid:image001.png@01D280A4.01865B60]
>
> 1300 769 972 / 0488 997 207 <1300%20769%20972>
>
> *ja...@micron21.com *
>
> www.micron21.com/
>
> [image: cid:image002.png@01D280A4.01865B60] 
>
> [image: cid:image003.png@01D280A4.01865B60]
> 
>
> [image: cid:image004.png@01D280A4.01865B60] 
>
> Follow us on Twitter  for important service
> and system updates.
>
> This message is intended for the addressee named above. It may contain
> privileged or confidential information. If you are not the intended
> recipient of this message you must not use, copy, distribute or disclose it
> to anyone other than the addressee. If you have received this message in
> error please return the message to the sender by replying to it and then
> delete the message from your computer.
>
>
>
>
>
>

-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Re: Parler

2021-01-11 Thread Jason Kuehl

  S3 objects in Parler are now showing  " All access to this object has
been disabled"

This error means you are trying to access a bucket that has been locked
down by AWS so that nobody can access it, regardless of permissions -- all
access has been disabled.



On Mon, Jan 11, 2021 at 9:06 AM Michael Thomas  wrote:

>
> On 1/10/21 10:33 PM, Randy Bush wrote:
> >> In article <474fe6a6-9aa8-47a7-82c6-860a21b0e...@ronan-online.com> you
> write:
> >>> When I actively hosted USENET servers, I was repeatedly warned by
> in-house and external counsel, not to moderate which groups I hosted
> >>> based on content, less I become responsible for moderating all groups,
> shouldn’t that same principal apply to platforms like AWS and
> >>> Twitter?
> >> If this was in the US and it was after the CDA was passed in 1996,
> >> your lawyers were just wrong.
> > it is really annoying that you leave not the slightest clue to who the
> > hell you are replying
> >
> +1
>
> Mike
>
>

-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Re: Wildfires: Reminder smart devices don't include emergency warnings while streaming

2020-09-11 Thread Jason Kuehl

Amazon Fire TV, Apple TV and Alphabet Android TV executives don't see a
need to support emergency alerts on their products.

You can enable severe weather alerts on both google home and Alexia. But I
get the point.

On Fri, Sep 11, 2020 at 2:58 PM Sean Donelan  wrote:

>
> As some of the largest wildfires burn along the West Coast, and over
> 500,000 people evacuate, a reminder that streaming devices do not
> include local emergency alerts. Cord-cutters using Alphabet Android TV,
> Amazon Fire TV, Apple TV "smart" devices should remember they don't have
> emergency alerts while streaming.
>
> FCC requires cellular phones support Wireless Emergency Alerts, including
> when using streaming Apps. But not in-home "smart" devices like smart TVs
> and smart speakers.
>
> You should also have an traditional AM/FM or weather radio at home. And
> your DTV may still have a connection for an over-the-air antenna.
> Nevertheless, while you are watching Netflix or listening to Spotify on
> a non-cell phone smart device, you won't get emergency alerts on those
> streaming devices.
>
> Amazon Fire TV, Apple TV and Alphabet Android TV executives don't see a
> need to support emergency alerts on their products.
>
>

-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Re: Centurylink having a bad morning?

2020-09-02 Thread Jason Kuehl

If the client pays me a shit ton of money to make sure the server
won't turn off, and they pay for the hardware to make it happen. I;d think
about it. It's a like a colo move on hardmode.

Its extremely stupid, and I would advise not doing it.

Hell even when I migrated e911 server, we had a 20 minutes outage to move
the physical server. If that server can't be shut off, something was built
wrong.

On Wed, Sep 2, 2020 at 9:33 AM Bryan Holloway  wrote:

>
> On 9/2/20 1:49 PM, Nick Hilliard wrote:
> > Shawn L via NANOG wrote on 02/09/2020 12:15:
> >> We once moved a 3u server 30 miles between data centers this way.
> >> Plug redundant psu into a ups and 2 people carried it out and put
> >> them in a vehicle.
> >
> > hopefully none of these server moves that people have been talking about
> > involved spinning disks.  If they did, kit damage is one of the likely
> > outcomes - you seriously do not want to bump active spindles:
> >
> > www.google.com/search?q=disk+platter+damage&tbm=isch
> >
> > SSDs are a different story. In that case it's just a bit odd as to why
> > you wouldn't want to power down a system to physically move it - in the
> > sense that if your service delivery model can't withstand periodic
> > maintenance and loss of availability of individual components,
> > rethinking the model might be productive.
> >
> > Nick
> >
>
> If it's your server, moving beyond (very) local facilities, and time is
> not of the essence, then sure: power down.
>
> If you're law-enforcement mid-raid, or trying to preserve your Frogger
> high-score, well, ...
>


-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Re: Centurylink having a bad morning?

2020-08-31 Thread Jason Kuehl

At the end of the day, the business needs to besides to take that cost. All
you can do is document, and talk about the risks.

Save that email for that "I told you so moment"

On Mon, Aug 31, 2020 at 10:50 AM Mike Bolitho  wrote:

> That's all we can do. Thankfully I work for an org that understands this
> and has *at least* two fully redundant circuits. Sometimes a third
> smaller carrier if we can prove that it is diverse, but that isn't the case
> very often.
>
> - Mike Bolitho
>
>
> On Mon, Aug 31, 2020 at 7:35 AM Tomas Lynch  wrote:
>
>> Maybe we are idealizing these so-called tier-1 carriers and we, tier-ns,
>> should treat them as what they really are: another AS. Accept that they are
>> going to fail and do our best to mitigate the impact on our own networks,
>> i.e. more peering.
>>
>> On Mon, Aug 31, 2020 at 9:54 AM Martijn Schmidt via NANOG <
>> nanog@nanog.org> wrote:
>>
>>> At this point you don't even know whether it's a human error (example:
>>> generating a flowspec rule for port TCP/179), a filtering issue (example:
>>> accepting a flowspec rule for port TCP/179), or a software issue (example:
>>> certain flowspec update crashes the BGP daemon). And in the third scenario
>>> I think that at least some portion of the blame shifts from the carrier to
>>> its vendors, assuming the thing that crashed was not a home-grown BGP
>>> implementation.
>>>
>>> With the route optimizer incidents - because let's face it, Honest
>>> Networker is on the money as usual
>>> https://honestnetworker.net/2020/08/06/as10990-routing/ - there is
>>> really no excuse for any tier-1 carrier, they should at the very least have
>>> strict prefix-list based filtering in place for customer-facing EBGP
>>> sessions. In those cases it's much easier to state who's not taking care of
>>> their proverbial lawn.
>>>
>>> Best regards,
>>> Martijn
>>>
>>> On 8/31/20 3:25 PM, Tom Beecher wrote:
>>>
>>>
 https://blog.cloudflare.com/analysis-of-todays-centurylink-level-3-outage/
>>>
>>>
>>> I definitely found Mr. Prince's writing about yesterday's events
>>> fascinating.
>>>
>>> Verizon makes a mistake with BGP filters that allows a secondary mistake
>>> from leaked "optimizer" routes to propagate, and Mr. Prince takes every
>>> opportunity to lob large chunks of granite about how terrible they are.
>>>
>>> L3 allows an erroneous flowspec announcement to cause massive global
>>> connectivity issues, and Mr. Prince shrugs and says "Incidents happen."
>>>
>>>
>>>
>>>
>>>
>>> On Mon, Aug 31, 2020 at 1:15 AM Hank Nussbacher 
>>> wrote:
>>>
 On 30/08/2020 20:08, Baldur Norddahl wrote:


 https://blog.cloudflare.com/analysis-of-todays-centurylink-level-3-outage/

 Sounds like Flowspec possibly blocking tcp/179 might be the cause.

 But that is Cloudflare speculation.

 Regards,
 Hank
 Caveat: The views expressed above are solely my own and do not express
 the views or opinions of my employer

 An outage is what it is. I am not worried about outages. We have
 multiple transits to deal with that.

 It is the keep announcing prefixes after withdrawal from peers and
 customers that is the huge problem here. That is killing all the effort and
 money I put into having redundancy. It is sabotage of my network after I
 cut the ties. I do not want to be a customer at an outlet who has a system
 that will do that. Luckily we do not currently have a contract and now they
 will have to convince me it is safe for me to make a contract with them. If
 that is impossible I guess I won't be getting a contract with them.

 But I disagree in that it would be impossible. They need to make a good
 report telling exactly what went wrong and how they changed the design, so
 something like this can not happen again. The basic design of BGP is such
 that this should not happen easily if at all. They did something unwise.
 Did they make a route reflector based on a database or something?

 Regards,

 Baldur

 On Sun, Aug 30, 2020 at 5:13 PM Mike Bolitho 
 wrote:

> Exactly. And asking that they somehow prove this won't happen again is
> impossible.
>
> - Mike Bolitho
>
> On Sun, Aug 30, 2020, 8:10 AM Drew Weaver 
> wrote:
>
>> I’m not defending them but I am sure it isn’t intentional.
>>
>>
>>
>> *From:* NANOG  *On
>> Behalf Of *Baldur Norddahl
>> *Sent:* Sunday, August 30, 2020 9:28 AM
>> *To:* nanog@nanog.org
>> *Subject:* Re: Centurylink having a bad morning?
>>
>>
>>
>> How is that acceptable behaviour? I shall remember never to make a
>> contract with these guys until they can prove that they won't advertise 
>> my
>> prefixes after I pull them. Under any circumstances.
>>
>>
>>
>> søn. 30. aug. 2020 15.14 skrev Joseph Jenkins <
>> j...@breathe-underwater.com>:
>>
>> Finally got th

Re: Centurylink having a bad morning?

2020-08-30 Thread Jason Kuehl

I've been burning before. I'll wait at least an hour before turning my
links back on.

On Sun, Aug 30, 2020 at 11:31 AM Job Snijders  wrote:

> I believe from this moment forward things are converging back to normal.
>
> Kind regards,
>
> Job
>

-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Re: Centurylink having a bad morning?

2020-08-30 Thread Jason Kuehl

How is that acceptable behavior?

It's not, the best part. There RCA will be terrible.  "Bad Regex" or the
best I ever got was "Bad cable" just two words... My contact is ending
soon...

On Sun, Aug 30, 2020 at 10:29 AM Antonios Chariton 
wrote:

> Reporting from Europe, any IP with them in the path is unreachable from
> various providers. I guess they wanted to try IPv6-only.. :P IPv6 is fine,
> working fine, IPv4 not at all..
>
> Antonis
>
> > On 30 Aug 2020, at 14:58, Tomas Lynch  wrote:
> >
> > Flapping in Miami, Dallas, Atlanta, Los Angeles, Seattle and San Jose.
> It is also affecting some data centers in Europe too. but haven't seen
> flaps there, just suboptimal routing.
> >
> > On Sun, Aug 30, 2020 at 8:53 AM Drew Weaver 
> wrote:
> > Saw the flapping in Cleveland but not in Cincinnatti or Ashburn…
> >
> >
> >
> > From: Tomas Lynch 
> > Sent: Sunday, August 30, 2020 8:45 AM
> > To: Mel Beckman 
> > Cc: Drew Weaver ; nanog@nanog.org
> > Subject: Re: Centurylink having a bad morning?
> >
> >
> >
> > BGP sessions randomly flapping or having routing issues in different
> cities since ~5AM EST
> >
> >
> >
> > On Sun, Aug 30, 2020 at 8:42 AM Mel Beckman  wrote:
> >
> > The CL portal loads for me, and I can log in, but it is slower than
> usual. Not seeing traffic issues on our CL circuits.
> >
> > -mel via cell
> >
> >
> >
> >
> > On Aug 30, 2020, at 5:23 AM, Drew Weaver via NANOG 
> wrote:
> >
> > 
> >
> > Hello,
> >
> >
> >
> > Woke up this morning to a bunch of reports of issues with connectivity
> had to shut down some Level3/CTL connections to get it to return to normal.
> >
> >
> >
> > As of right now their support portal won’t load:
> https://www.centurylink.com/business/login/
> >
> >
> >
> > Just wondering what others are seeing.
> >
> >
> >
>
>

-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Re: Centurylink having a bad morning?

2020-08-30 Thread Jason Kuehl

People are rebooting ghosting now.

[image: image.png]
https://twitter.com/ir_kujoe/status/1300066569645707265

Seeing other reports of this too.

On Sun, Aug 30, 2020 at 9:45 AM Drew Weaver  wrote:

> That site seems to be just for their cloud products, is there one of these
> for their actual network?
>
>
>
> *From:* R. Leigh Hennig 
> *Sent:* Sunday, August 30, 2020 8:54 AM
> *To:* Drew Weaver ; nanog@nanog.org
> *Subject:* Re: Centurylink having a bad morning?
>
>
>
> Global impact with issues reported by Fastly, Cloudflare, OpenDNS.
>
>
>
> https://status.ctl.io/
>
>
> STARTED
>
> Sun Aug 30 2020 08:13 (EDT)
> Sun Aug 30 2020 12:13 (UTC)
> AFFECTED SERVICES
>
> External Cloud Network (CA3)
> DATE
> LATEST UPDATE
>
> Sun Aug 30 2020 08:13 (EDT)
> Sun Aug 30 2020 12:13 (UTC) Our technical teams are investigating an issue
> affecting some services in the CA3 data center. Ensuring the reliability of
> our services is our top priority. We will continue to provide status
> updates as this incident progresses. If you need further support, please
> contact us at h...@ctl.io.
>
>
>
>
>
>
>
> Sent from ProtonMail Mobile
>
>
>
>
>
> On Sun, Aug 30, 2020 at 8:14 AM, Drew Weaver via NANOG 
> wrote:
>
> Hello,
>
>
>
> Woke up this morning to a bunch of reports of issues with connectivity had
> to shut down some Level3/CTL connections to get it to return to normal.
>
>
>
> As of right now their support portal won’t load:
> https://www.centurylink.com/business/login/
>
>
>
> Just wondering what others are seeing.
>
>
>
>
>
>
>


-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Re: Centurylink having a bad morning?

2020-08-30 Thread Jason Kuehl

I'm over in MA in a CL building, it's very much still broken. I shut down
the interfaces to CL and now just using Comcast.

On Sun, Aug 30, 2020 at 9:20 AM Andy Brezinsky  wrote:

> Started about 5:05am central, started clearing up for me about 7:15am.
> My route from ATT in Chicago is still going through NYC to get back to
> Chicago but at least packet loss isn't 70-100% anymore.
>
> I also tried turning down sessions and still was seeing stale
> announcements on other LGs.
>
> On 08/30/2020 07:27 AM, David Hubbard wrote:
>
> Same.  Also, as reported on outages list, what’s even worse is that they
> appear to be continuing to propagate advertisements from circuits whose
> sessions have been turned down.  I validated ours still were via a couple
> looking glass portals.  Down Detector shows nearly every major service
> provider impacted.
>
>
>
> They’re not reachable so who knows if they’re even working on it.  I feel
> like they’ve been cutting heavily on the network ops side in recent years…
>
>
>
> *From: *NANOG 
>  on behalf of Drew
> Weaver via NANOG  
> *Reply-To: *Drew Weaver  
> *Date: *Sunday, August 30, 2020 at 8:23 AM
> *To: *"nanog@nanog.org"  
> 
> *Subject: *Centurylink having a bad morning?
>
>
>
> Hello,
>
>
>
> Woke up this morning to a bunch of reports of issues with connectivity had
> to shut down some Level3/CTL connections to get it to return to normal.
>
>
>
> As of right now their support portal won’t load:
> https://www.centurylink.com/business/login/
>
>
>
> Just wondering what others are seeing.
>
>
>
>
>

-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Re: Centurylink having a bad morning?

2020-08-30 Thread Jason Kuehl

Well, When I tried calling I got a fast busy, so that's nice.

On Sun, Aug 30, 2020 at 8:33 AM David Hubbard 
wrote:

> Same.  Also, as reported on outages list, what’s even worse is that they
> appear to be continuing to propagate advertisements from circuits whose
> sessions have been turned down.  I validated ours still were via a couple
> looking glass portals.  Down Detector shows nearly every major service
> provider impacted.
>
>
>
> They’re not reachable so who knows if they’re even working on it.  I feel
> like they’ve been cutting heavily on the network ops side in recent years…
>
>
>
> *From: *NANOG  on
> behalf of Drew Weaver via NANOG 
> *Reply-To: *Drew Weaver 
> *Date: *Sunday, August 30, 2020 at 8:23 AM
> *To: *"nanog@nanog.org" 
> *Subject: *Centurylink having a bad morning?
>
>
>
> Hello,
>
>
>
> Woke up this morning to a bunch of reports of issues with connectivity had
> to shut down some Level3/CTL connections to get it to return to normal.
>
>
>
> As of right now their support portal won’t load:
> https://www.centurylink.com/business/login/
>
>
>
> Just wondering what others are seeing.
>
>
>


-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Re: Centurylink having a bad morning?

2020-08-30 Thread Jason Kuehl

Its dead JIM. I also can't get in starting around 7 est

On Sun, Aug 30, 2020 at 8:19 AM Drew Weaver via NANOG 
wrote:

> Hello,
>
>
>
> Woke up this morning to a bunch of reports of issues with connectivity had
> to shut down some Level3/CTL connections to get it to return to normal.
>
>
>
> As of right now their support portal won’t load:
> https://www.centurylink.com/business/login/
>
>
>
> Just wondering what others are seeing.
>
>
>


-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Re: Boston Telecom Hotels

2020-08-19 Thread Jason Kuehl

One Summer is overdue for its annual fire.

On Wed, Aug 19, 2020 at 4:14 PM Rod Beck 
wrote:

> Does everyone agree that the 4 most important data centers are 1 Summer,
> Coresite, INAP, and 300 Bent Street. Both 1 Summer and Coresite clearly
> below in that group. Not sure about INAP and 300 Bent Street.
>
> Regards,
>
> Roderick.
>
> Roderick Beck
> VP of Business Development
>
> United Cable Company
>
> www.unitedcablecompany.com
>
> New York City & Budapest
>
> rod.b...@unitedcablecompany.com
>
> Budapest: 36-70-605-5144
>
> NJ: 908-452-8183
>
>
> [image: 1467221477350_image005.png]
>


-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Looking for a Secuirty Contact at Vmware.

2020-05-19 Thread Jason Kuehl

If you have a contact at VMware in their security department please contact
me off-list.

Or if you know of the good email to send  security-related issues to send
that over as well.

-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Re: Measuring packet loss and Latency Between eastern Europe and north america

2020-03-30 Thread Jason Kuehl

Smokeping

On Mon, Mar 30, 2020 at 4:19 PM Matt Erculiani  wrote:

> Don’t forget you can use any port/protocol for MTR and traceroute, which
> is basically all the fancy apps will do, just automatically.
>
> $ mtr -T -P 443  den01.example.com
>
> This will send 443 tcp syn packets that should bypass icmp filtering or
> rate limiting. Note this does not help if icmp responses are rate limited
> at intermediate hops, but then again, nothing would.
>
> As always, our good friend MANuel is here to help:
> https://linux.die.net/man/8/mtr
>
> -M
>
> On Sun, Mar 29, 2020 at 5:02 PM LTGJAMAICA  wrote:
>
>> I have a customer in eastern Europe accessing a SAAS application hosted
>> in one of Azure's north America datacenters. for the past few days every
>> morning between 3am and 6am est performance slows to crawl. This is person
>> is like 8am to 11am locally so they cant get much done.
>>
>> The local ISP is providing 100mbps up/down.
>>
>> So far speed test to Saas providers speed test page is slow 0.02mbps down
>> 6 mbps up
>>
>> Speedtest.net to north American ISPs like Verizon in New York slow
>>
>> Speedtest to servers in Easter europe 100 up 100 down
>>
>> Traceroutes/MTR dont help because a lot of hops seem to drop icmp packets
>>
>> Need a tool or service that can detect packet loss/latency between
>> provider in eastern europe and a north american service provider. Any help
>> is appreciated
>>
>>
>>
>>
>>
>>
>> --
> Matt Erculiani
> ERCUL-ARIN
>


-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Re: Work from Home and other dynamics

2020-03-09 Thread Jason Kuehl

The one thing we did since we run full tunnel was moving our conference
solution off the full tunnel requirements. We did this for a few other
heavy hitters as well. (Youtube, Spotify.)

On Mon, Mar 9, 2020 at 9:35 AM Jared Mauch  wrote:

> I’m wondering what general trends people have seen with the recent
> reduction in travel and increased work from home activities.
>
> I’m expecting that a number of networks are seeing increased traffic
> demand.  Enterprises are likely adding VPN licenses for staff that are now
> remote, etc..
>
> I would expect increase (and decreases) similar to weekend traffic
> patterns.
>
> I’m expecting there will be more IPv6 traffic similar to what is seen
> during the Christmas/New Years holiday on this traffic as well:
>
> https://www.google.com/intl/en/ipv6/statistics.html
>
> What interesting dynamics are you seeing?
>
> - Jared
>
>
>

-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Re: AWS Network Engineering contact?

2020-01-14 Thread Jason Kuehl

Log a ticket in the console. No one will help you until the ticket is in.
Contact your TAM if you have one and give them the ticket number.

On Tue, Jan 14, 2020 at 2:36 PM Hugo Slabbert  wrote:

> If you have Direct Connects you should be able to log a ticket in the AWS
> console, no? And/or the customer with the AWS VPCs should be able to? That
> seems like the most logical starting point, yea?
>
> On Tue., Jan. 14, 2020, 11:28 Peter Serwe  wrote:
>
>> I have a direct connect via Coresite LA1 over to AWS via US West 1,
>> and a customer with VPC's in the east that are getting really bad
>> throughput transferring files via the direct connect.  We've isolated
>> it to being an issue behind AWS's PE over a barely utilized 10G XC.
>>
>> Would anyone happen to know what the right starting point to contact
>> someone in AWS Network Engineering?  We can replicate the issue at
>> will.  Current discussions are to see if we can get anywhere with AWS
>> Network folks, or potentially go rebuild the direct connect / VPC's
>> over in US West 1 to bypass most of the cross-country AWS backbone,
>> but that's a fair amount of work to *maybe* resolve the issue?
>>
>> Peter
>>
>>
>> --
>> Peter Serwe
>> http://truthlightway.blogspot.com/
>>
>

-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Re: AWS/Route53 Issues?

2019-11-22 Thread Jason Kuehl

Contact your TAM with your AWS ticket number and let them know about your
issue. I haven't seen anything as of yet but I'm still on my way into the
office. (No Friday alerts yet)

On Fri, Nov 22, 2019, 8:02 AM John Von Essen  wrote:

> Anyone else seeing major issues in Europe? Starting midnight, 70% of our
> Europe traffic got redirected to the US. AWS Dashboard says “no issues” but
> when we called im we got a vague answer that there is a none issue they are
> working on. Not sure if its another Route53 DDoS, or something else.
>
> John

Re: Viability of GNS3 network simulation for testing features/configurations.

2019-10-16 Thread Jason Kuehl

I use the server version of GNS and I love it.  I just need to VPN into my
DC and use my client to connect to GNS.

On Wed, Oct 16, 2019 at 2:22 PM Mike Bolitho  wrote:

> EVE-NG is also really good. Just an FYI, GNS3 went through a major refresh
> about 18 months ago or so and it's so much better now. Either way, you
> can't go wrong with GNS3 or EVE-NG.
>
> - Mike Bolitho
>
>
> On Wed, Oct 16, 2019 at 11:18 AM Aaron Gould  wrote:
>
>> Oh, forgot the links…
>>
>>
>>
>> http://www.eve-ng.net/
>>
>>
>>
>> http://www.eve-ng.net/documentation/howto-s
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> *From:* NANOG [mailto:nanog-boun...@nanog.org] *On Behalf Of *Aaron Gould
>> *Sent:* Wednesday, October 16, 2019 1:14 PM
>> *To:* 'Mike Bolitho'; 'Tom Beecher'; 'Ryland Kremeier'
>> *Cc:* nanog@nanog.org
>> *Subject:* RE: Viability of GNS3 network simulation for testing
>> features/configurations.
>>
>>
>>
>> I’ve used GNS3 some years ago for a lot of simulation and testing.  But,
>> I’m blown away at how much more I like EVE-NG (emulated virtual environment
>> next-gen)
>>
>>
>>
>> I use the community free version… lots of vendor OS support… of which,
>> I’ve actually work with the following….
>>
>> -XRv
>>
>> -IOS virtual
>>
>> -vMX
>>
>> -vSRX
>>
>> -vQFX
>>
>>
>>
>> …check your in-box for a screen shot of my current environment.
>>
>>
>>
>> -Aaron
>>
>>
>>
>> *From:* NANOG [mailto:nanog-boun...@nanog.org] *On Behalf Of *Mike
>> Bolitho
>> *Sent:* Wednesday, October 16, 2019 12:02 PM
>> *To:* Tom Beecher
>> *Cc:* 
>> *Subject:* Re: Viability of GNS3 network simulation for testing
>> features/configurations.
>>
>>
>>
>> Totally agree with Tom here. It's going to work really well for most
>> things. But if you're testing code for bugs you NEED to do it on the same
>> hardware you have in your environment in an actual lab.
>>
>>
>> - Mike Bolitho
>>
>>
>>
>>
>>
>> On Wed, Oct 16, 2019 at 9:56 AM Tom Beecher  wrote:
>>
>> GNS3 can do a heck of a lot, and the price is definitely right.
>>
>>
>>
>> I have used it extensively for initial fleshing out of designs or ideas,
>> protocol nerding, automation interaction testing, etc. There certainly
>> other tools out there, but being able to visually draw a topology out,
>> connect the dots, and have an environment to test in about 10 minutes is
>> very nice. There is an API you can hook into to do some of that for you if
>> you are so inclined, but that would depend on your use case and resources.
>> For how I've used it, never been required.
>>
>>
>>
>> Some of the VMs from vendors can be pretty CPU and/or RAM intensive, so
>> I've had the best experience running them all on a dedicated server, not
>> locally. Again, use case dependent. For code testing I would always run the
>> test set on hardware as well for likely obvious reasons.
>>
>>
>>
>> If you really get into the weeds with it you can do quite a lot.
>>
>>
>>
>> On Wed, Oct 16, 2019 at 11:52 AM Ryland Kremeier <
>> rkreme...@barryelectric.com> wrote:
>>
>> Hello,
>>
>>
>>
>> I’m currently in the process of setting up a near identical network to
>> our own in GNS3 for testing purposes. Has anyone here tried this before to
>> any success? We need to buy the Cisco IOSv image to continue with the sim
>> so I figured I would inquire here first before diving in.
>>
>>
>>
>> All info is appreciated,
>>
>> --
>>
>> Ryland Kremeier
>>
>>

-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Re: Viability of GNS3 network simulation for testing features/configurations.

2019-10-16 Thread Jason Kuehl

I did this at my current company with also using VM Palo Alto.

Greeting of testing out a plan to make sure its insane.

The key it keeping its all up todate down to the firmware version (I know
its not possible for some because virtual)

The things this wont find are hardware related faults or issues.

On Wed, Oct 16, 2019 at 11:52 AM Ryland Kremeier <
rkreme...@barryelectric.com> wrote:

> Hello,
>
>
>
> I’m currently in the process of setting up a near identical network to our
> own in GNS3 for testing purposes. Has anyone here tried this before to any
> success? We need to buy the Cisco IOSv image to continue with the sim so I
> figured I would inquire here first before diving in.
>
>
>
> All info is appreciated,
>
> --
>
> Ryland Kremeier
>


-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Re: Must have ISP Open Source & tools

2019-07-08 Thread Jason Kuehl

We use https://cbackup.me/en/ over Rancid

On Sun, Jul 7, 2019 at 11:38 PM Mehmet Akcin  wrote:

> Awesome list
>
> On Sun, Jul 7, 2019 at 19:42 Ryan Hamel  wrote:
>
>> My List:
>>
>> Oxidized as a replacement for RANCID
>> Telegraf + InfluxDB = Tons of Grafana Dashboards
>> (Open Source Slack Alternative)
>> Ansible or Python Knowledge with Paramiko or netmiko for network
>> automation.
>>
>> BGP:
>>
>> FRRouting - Mimics Cisco CLI
>> BIRD - Programming style config format.
>> Exabgp - Mostly used for API driven applications, monitoring with
>> heartbeat scripts.
>> (many others)
>>
>> DDoS detection and/or filtering:
>>
>> Fastnetmon - Supports many methods for packet processing.
>> Ddosdetector (IPv4 Only) - Uses netmap for packet processing.
>>
>> Top Talkers + Other Creativeness (like fib compressing, or route
>> optimization):
>>
>> pmacct - sflow/netflow combined with BGP, and a database backend
>>
>> Servers:
>>
>> Sensu or LibreNMS for Nagios type monitoring.
>>
>> Diagnostics:
>>
>> MTR - ...and knowing how to interpret it's output.
>>
>> -Ryan
>>
>> --
> Mehmet
> +1-424-298-1903
>


-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Re: Intermittent "bad gateway"

2019-07-02 Thread Jason Kuehl

Unknown but this looks very different from before.

https://www.cloudflarestatus.com/

On Tue, Jul 2, 2019 at 10:18 AM Stephen Satchell  wrote:

> Are we having another BGP problem this morning?
>


-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Re: PSA: change your fedex.com account logins

2019-05-31 Thread Jason Kuehl

Is it possible, yes. I've seen it several times now at my place of work.
Targeted attacks are a thing.

On Fri, May 31, 2019 at 2:53 AM Mike Hale  wrote:

> Oh for fucks sake.
>
> Really?
>
> You two are questioning someone who subscribes to Nanog over Fedex?
> You really think it's more likely that someone is targeting Dan Hollis
> (whoever he is) instead of Fedex leaving something else exposed?
>
> On Thu, May 30, 2019 at 11:39 PM Scott Christopher  wrote:
> >
> > Dan Hollis wrote:
> >
> > Phishing scheme didn't happen.
> >
> > fedex has had a number of major compromises so it's not a stretch that
> > their user database was stolen and sold to spammers.
> >
> >
> > The other possibility is that your one-off email scheme is predictable,
> and someone knows you use FedEx, and that someone is targeting specifically
> you, and this obvious phishing email is a red herring for the exploit you
> didn't see.
> >
> > Be concerned.
> >
> > -- S.C.
>
>
>
> --
> 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
>


-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Re: Youtube Outage

2018-10-16 Thread Jason Kuehl

Nothing on the homepage but search is working. (boston)

On Tue, Oct 16, 2018 at 10:17 PM Charles Mills  wrote:

> The reports I've seen showing it as a worldwide outage.
>
> On Tue, Oct 16, 2018 at 10:14 PM Nathan Brookfield <
> nathan.brookfi...@simtronic.com.au> wrote:
>
>> Australia too….
>>
>>
>>
>> *From:* NANOG  *On Behalf Of *Oliver O'Boyle
>> *Sent:* Wednesday, October 17, 2018 1:08 PM
>> *To:* marshall.euba...@gmail.com
>> *Cc:* North American Network Operators' Group 
>> *Subject:* Re: Youtube Outage
>>
>>
>>
>> Same in Montreal.
>>
>>
>>
>> On Tue, Oct 16, 2018 at 9:52 PM Marshall Eubanks <
>> marshall.euba...@gmail.com> wrote:
>>
>> Reports (and humor) are flooding twitter.
>> On Tue, Oct 16, 2018 at 9:44 PM Ross Tajvar  wrote:
>> >
>> > You beat my email by seconds. Yes, it is widespread.
>> >
>> > On Tue, Oct 16, 2018 at 9:39 PM, Kenneth McRae via NANOG <
>> nanog@nanog.org> wrote:
>> >>
>> >> Is this widespread?
>> >
>> >
>>
>>
>>
>>
>> --
>>
>> :o@>
>>
>>
>>
>

-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Re: Rising sea levels are going to mess with the internet

2018-07-26 Thread Jason Kuehl

Science https://climate.nasa.gov/vital-signs/sea-level/

Give the data yourself.

On Thu, Jul 26, 2018 at 12:50 PM Rod Beck 
wrote:

> Unfortunately, the science community disagrees with Rob and you.
>
>
> Have a great day, big guy.
>
>
> Regards,
>
>
> Roderick.
>
>
> 
> From: Mel Beckman 
> Sent: Thursday, July 26, 2018 6:16 PM
> To: Rod Beck
> Cc: Rob McEwen; nanog@nanog.org
> Subject: Re: Rising sea levels are going to mess with the internet
>
> Well, Rod, you just made a claim with zero support, while Rob provided
> accurate citations proving every one of his statements.
>
> But it’s not wasting our time with the Fiber Optic Networks Are Doomed by
> Sea Level Rise society :)
>
> See what I did there? I brought the discussion back to the original claim,
> which I think has now been finally thoroughly debunked. Sea levels no more
> threaten the Internet than marshmallows. Less, probably :)
>
>  -mel
>
> > On Jul 26, 2018, at 9:08 AM, Rod Beck 
> wrote:
> >
> > Well, Rob, you are wrong on almost every point. But it is not wasting
> our time with the Flat Earth society.
> >
> >
> > Regards,
> >
> >
> > Roderick.
> >
> >
> > 
> > From: NANOG  on behalf of Rob McEwen <
> r...@invaluement.com>
> > Sent: Monday, July 23, 2018 4:52 AM
> > To: nanog@nanog.org
> > Subject: Re: Rising sea levels are going to mess with the internet
> >
> > For the past 100+ years, the sea levels have been rising by about 2-4 mm
> > per year. If you go to the following two sites:
> >
> > https://oceanservice.noaa.gov/facts/sealevel.html
> [http://oceanservice.noaa.gov/apple-icon-144x144.png]<
> https://oceanservice.noaa.gov/facts/sealevel.html>
>
> Is sea level rising? - NOAA's National Ocean Service<
> https://oceanservice.noaa.gov/facts/sealevel.html>
> oceanservice.noaa.gov
> There is strong evidence that sea level is rising and will continue to
> rise this century at increasing rates.
>
>
> > [http://oceanservice.noaa.gov/apple-icon-144x144.png]<
> https://oceanservice.noaa.gov/facts/sealevel.html>
> >
> > Is sea level rising? - NOAA's National Ocean Service<
> https://oceanservice.noaa.gov/facts/sealevel.html>
> > oceanservice.noaa.gov
> > There is strong evidence that sea level is rising and will continue to
> rise this century at increasing rates.
> >
> >
> > https://climate.nasa.gov/vital-signs/sea-level/
> >
> > You'll see all kinds of scary language about dire predictions about how
> > the sea levels are rising and accelerating. And you'll see SCARY charts
> > that look like Mt. Everest. But when you dig into the actual data,
> > you'll find that there MIGHT have been (at most!) a CUMULATIVE 1mm/year
> > acceleration... but even that took about 4 decades to materialize, it
> > could be somewhat within the margin of error, and it might be a part of
> > the fake data that often drives this debate. Meanwhile, global warming
> > alarmists have ALREADY made MANY dire predictions about oceans levels
> > rising - that ALREADY didn't even come close to true.
> >
> > The bottom line is that there is no trend of recently observed sea level
> > rising data that is even close to being on track to hit all these dire
> > predictions within the foreseeable future. And even as the West has
> > reduced (or lessened the acceleration of) CO2 emissions - this has been
> > easily made up for by the CO2 emission increases caused by the
> > modernization of China and India in recent decades.
> >
> > And, again, there were articles like this 10, 15, and even 20 years ago
> > that made very similar predictions - that didn't happen. So, it is hard
> > to believe that the dire predictions in this article could come true in
> > 15 years.
> >
> > But I suppose that it might be a good idea to take inventory of the
> > absolute lowest altitude cables and make sure that they are not
> > vulnerable to the type of flooding that might happen more often after a
> > few decades from now after the ocean has further risen about 2 inches?
> > But the sky is not falling anytime soon.
> >
> > Rob McEwen
> >
> >
> >> On 7/22/2018 9:01 PM, Sean Donelan wrote:
> >> https://www.popsci.com/sea-level-rise-internet-infrastructure
> >>
> >> Rising sea levels are going to mess with the internet, sooner than you
> >> think
> >>
> >> [...]
> >> Despite its magnitude, this network is increasingly vulnerable to sea
> >> levels inching their way higher, according to research presented at an
> >> academic conference in Montreal this week. The findings estimate that
> >> within 15 years, thousands of miles of what should be land-bound
> >> cables in the United States will be submerged underwater.
> >>
> >> “Most of the climate change-related impacts are going to happen very
> >> soon,” says Paul Barford, a computer scientist at the University of
> >> Wisconsin and lead author of the paper.
> >> [...]
> >>
> >
> > --
> > Rob McEwen
> >
>


-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Re: Cloudflare 1.1.1.1 public DNS broken w/ AT&T CPE

2018-04-02 Thread Jason Kuehl

Not saying you're wrong. But people did it for whatever reason.

On Mon, Apr 2, 2018 at 11:12 AM, Justin Wilson  wrote:

> 1.0.0.0/8 was assigned to APNIC in 2010.  Those who used it as a
> placeholder were doing it wrong.  It is valid IP space. It just was not
> assigned until 2010.
>
>
> Justin Wilson
> j...@mtin.net
>
> www.mtin.net
> www.midwest-ix.com
>
> > On Apr 2, 2018, at 11:05 AM, Matt Hoppes  rivervalleyinternet.net> wrote:
> >
> > Seeing as how 1.1.1.1 isn’t suppose to be routed I’m not surprised this
> is causing odd issues.
> >
> >> On Apr 2, 2018, at 11:03, Darin Steffl  wrote:
> >>
> >> I am behind a Calix router at home for my ISP and 1.1.1.1 goes to my
> router
> >> and not any further. When I enter the IP into my browser, it opens the
> >> login page for my router. So it appears 1.1.1.1 is used as a loopback
> in my
> >> Calix router.
> >>
> >> 1.0.0.1 goes to the proper place fine.
> >>
> >> On Sun, Apr 1, 2018 at 3:59 PM, Jeremy L. Gaddis 
> >> wrote:
> >>
> >>> Greetings,
> >>>
> >>> If anyone at 7018 wants to pass a message along to the correct folks,
> >>> please let them know that Cloudflare's new public DNS service (1.1.1.1)
> >>> is completely unusable for at least some of AT&T's customers.
> >>>
> >>> There is apparently a bug with some CPE (including the 5268AC). From
> >>> behind such CPE, the services at 1.1.1.1 are completely unreachable,
> >>> whether via (ICMP) ping, DNS, or HTTPS.
> >>>
> >>> Using the 5268AC's web-based diagnostic tools, pinging 1.1.1.1 returns
> >>> the following results:
> >>>
> >>> ping successful: icmp seq:0, time=2.364 ms
> >>> ping successful: icmp seq:1, time=1.085 ms
> >>> ping successful: icmp seq:2, time=1.160 ms
> >>> ping successful: icmp seq:3, time=1.245 ms
> >>> ping successful: icmp seq:4, time=0.739 ms
> >>>
> >>> RTTs to the CPE's default gateway are, at minimum, ~20 ms.
> >>>
> >>> A traceroute (using the same web-based diagnostic tool built-in to the
> >>> CPE) reports, simply:
> >>>
> >>> traceroute 1.1.1.1 with: 64 bytes of data
> >>>
> >>> 1: 1.1.1.1(1dot1dot1dot1.cloudflare-dns.com), time=0 ms
> >>>
> >>> I haven't bothered to report this to AT&T through the standard customer
> >>> support channels (for reasons that should be obvious to anyone who has
> >>> ever called AT&T's consumer/residential technical support) but if
> anyone
> >>> at AT&T wants to pass the info along to the appropriate group, it would
> >>> certainly be appreciated.
> >>>
> >>> Thanks,
> >>> -Jeremy
> >>>
> >>> --
> >>> Jeremy L. Gaddis
> >>>
> >>>
> >>> "The total budget at all receivers for solving senders' problems is
> >>> $0. If you want them to accept your mail and manage it the way you
> >>> want, send it the way the spec says to."  --John Levine
> >>>
> >>>
> >>
> >>
> >> --
> >> Darin Steffl
> >> Minnesota WiFi
> >> www.mnwifi.com
> >> 507-634-WiFi
> >>  Like us on Facebook
> >> 
> >
>
>


-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Re: Cloudflare 1.1.1.1 public DNS broken w/ AT&T CPE

2018-04-02 Thread Jason Kuehl

Just like "S3 dependency check day" Thus begins "National 1.1.1.1 change
week" I've already around a few peaces of equipment sets with 1.1.1.1

On Mon, Apr 2, 2018 at 11:05 AM, Matt Hoppes <
mattli...@rivervalleyinternet.net> wrote:

> Seeing as how 1.1.1.1 isn’t suppose to be routed I’m not surprised this is
> causing odd issues.
>
> > On Apr 2, 2018, at 11:03, Darin Steffl  wrote:
> >
> > I am behind a Calix router at home for my ISP and 1.1.1.1 goes to my
> router
> > and not any further. When I enter the IP into my browser, it opens the
> > login page for my router. So it appears 1.1.1.1 is used as a loopback in
> my
> > Calix router.
> >
> > 1.0.0.1 goes to the proper place fine.
> >
> > On Sun, Apr 1, 2018 at 3:59 PM, Jeremy L. Gaddis 
> > wrote:
> >
> >> Greetings,
> >>
> >> If anyone at 7018 wants to pass a message along to the correct folks,
> >> please let them know that Cloudflare's new public DNS service (1.1.1.1)
> >> is completely unusable for at least some of AT&T's customers.
> >>
> >> There is apparently a bug with some CPE (including the 5268AC). From
> >> behind such CPE, the services at 1.1.1.1 are completely unreachable,
> >> whether via (ICMP) ping, DNS, or HTTPS.
> >>
> >> Using the 5268AC's web-based diagnostic tools, pinging 1.1.1.1 returns
> >> the following results:
> >>
> >>  ping successful: icmp seq:0, time=2.364 ms
> >>  ping successful: icmp seq:1, time=1.085 ms
> >>  ping successful: icmp seq:2, time=1.160 ms
> >>  ping successful: icmp seq:3, time=1.245 ms
> >>  ping successful: icmp seq:4, time=0.739 ms
> >>
> >> RTTs to the CPE's default gateway are, at minimum, ~20 ms.
> >>
> >> A traceroute (using the same web-based diagnostic tool built-in to the
> >> CPE) reports, simply:
> >>
> >>  traceroute 1.1.1.1 with: 64 bytes of data
> >>
> >>  1: 1.1.1.1(1dot1dot1dot1.cloudflare-dns.com), time=0 ms
> >>
> >> I haven't bothered to report this to AT&T through the standard customer
> >> support channels (for reasons that should be obvious to anyone who has
> >> ever called AT&T's consumer/residential technical support) but if anyone
> >> at AT&T wants to pass the info along to the appropriate group, it would
> >> certainly be appreciated.
> >>
> >> Thanks,
> >> -Jeremy
> >>
> >> --
> >> Jeremy L. Gaddis
> >>
> >>
> >> "The total budget at all receivers for solving senders' problems is
> >> $0. If you want them to accept your mail and manage it the way you
> >> want, send it the way the spec says to."  --John Levine
> >>
> >>
> >
> >
> > --
> > Darin Steffl
> > Minnesota WiFi
> > www.mnwifi.com
> > 507-634-WiFi
> >  Like us on Facebook
> > 
>



-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

Re: How does ER Infinity Hold up?

2018-03-27 Thread Jason Kuehl

UBNT’s recent hostility to the open source community

What do you mean by that?

On Tue, Mar 27, 2018, 12:02 PM Owen DeLong  wrote:

> I don’t know about the device itself, but given UBNT’s recent hostility to
> the
> open source community, I won’t be buying their products anyway.
>
> Owen
>
> > On Mar 27, 2018, at 00:16 , howard stearn  wrote:
> >
> > I've seen this list looking for inexpensive routers before, so i'm
> > wondering. . . Since this was released rather recently, Is anyone using
> > ER-8-XG to receive a full bgp table yet? (Yes BGP and are you neighbored
> > with 1, 2, 10, 40 peers?)
> > https://dl.ubnt.com/datasheets/edgemax/EdgeRouter_ER-8-XG_DS.pdf
> >
> > How does it stack up against Cisco, or your other previous router?
> >
> > What's the lookup time on a new unknown destination?
>
>

Re: Amazon peering peeps on the list?

2018-03-09 Thread Jason Kuehl

The better way to go ahead and get a hold of Amazon for peering issues is
to open a ticket with them via AWS account with business support.

This is how I resolved issues with peering in the past.

On Mar 9, 2018 8:27 AM, "Joe Nelson"  wrote:

> I've all but given up on trying to get a response from peer...@amazon.com.
> If you do end up getting a contact, please share.
>
> On Wed, Mar 7, 2018 at 8:19 PM, Mike Lyon  wrote:
>
> > Anyone on the list from Amazon peering? Have sent multiple emails to
> > peer...@amazon.com over the past couple of weeks with no reply.
> >
> > Any help would be appreciated.
> >
> > Thank You,
> > Mike
> >
> >
> > --
> > Mike Lyon
> > mike.l...@gmail.com
> > http://www.linkedin.com/in/mlyon
> >
>

Re: Static Routing 172.16.0.0/32

2017-12-08 Thread Jason Kuehl

+1 for gross comment.

On Fri, Dec 8, 2017 at 2:57 PM, Hunter Fuller  wrote:

> I think I'd rate this one as "gross but technically not breaking any rules
> I suppose." (I couldn't find any at first glance, anyway.)
>
> On Fri, Dec 8, 2017 at 1:55 PM Ryan Hamel 
> wrote:
>
> > Greetings,
> >
> > A colleague of mine has static routed 172.16.0.0/32 to a usable IP
> > address, to have a single known IP address be static routed to a regions
> > closest server. While I understand the IP address does work (pings and
> what
> > not), I don't feel this should be the proper IP address used, but
> something
> > more feasible like a usable IP in a dedicated range (172.31.0.0/24 for
> > example).
> >
> > I would to hear everyone's thoughts on this, as this the first IP address
> > in an RFC1918 range.
> >
> > Thanks,
> >
> > --
> > Ryan Hamel
> > ryan.ha...@quadranet.com | +1 (888) 578-2372 <(888)%20578-2372>
> > QuadraNet, Inc. | Dedicated Servers, Colocation, Cloud
> >
> > --
>
> --
> Hunter Fuller
> Network Engineer
> VBH Annex B-5
> +1 256 824 5331
>
> Office of Information Technology
> The University of Alabama in Huntsville
> Systems and Infrastructure
>



-- 
Sincerely,

Jason W Kuehl
Cell 920-419-8983
jason.w.ku...@gmail.com

45 matches

Mail list logo