Re: getting the memo, Out-of-Bailiwick DNS? (Was: HE.net problem)

2024-07-06 Thread Jay Ashworth 
See how little it has been necessary for me to pay attention to them since my 
net handle was assigned back in the early 90s or maybe late 80s?  ;-)

Cheers,
-- jra3

On July 6, 2024 11:11:50 AM EDT, John Levine  wrote:
>According to Jay R. Ashworth :
>>data I heard that that *was* a registry-side hold (and hence it didn't matter
>>that it was NetSol).  Or perhaps that NetSol was still the registry for .net 
>>--
>>that's out of date now, isn't it?
>
>Uh, yeah, Verisign spun off the NetSol registrar over 20 years ago in late 
>2003.
>
>In early 2003 Verisign turned .ORG over to PIR, but they kept .NET and
>.COM which they stil have. They are also the registry for a bunch of
>small ccTLDs and new gTLDs. They paid $135 million in the auction for
>.WEB which they may eventually run once the legal challenges are
>settled.
>
>NetSol was bought and sold and merged several times and since 2011 has been
>part of web.com.

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: HE.net problem

2024-07-04 Thread Jay Ashworth 
I've been informed that the CEO of HE is on this as of 1512EDT.

I approve of the scale of this response. :-)

Cheers,
-- jra

On July 4, 2024 2:55:34 PM EDT, Jay Ashworth  wrote:
>We have a report on outages that he.net has been placed in ICANN client hold, 
>and people's DNS service is falling over on this Independence day. If you work 
>in DNS for HE, you might want to look into this.
>
>I have double checked the report, and I am seeing the status as well.
>
>Hurricane serves lots of dns, I would classify this as a P1 ticket.
>
>Cheers,
>-- jra
>-- 
>Sent from my Android device with K-9 Mail. Please excuse my brevity.
-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: HE.net problem

2024-07-04 Thread Jay Ashworth 
Cool, thanks. We had a couple of other reports of people making support calls 
and being asked to reboot their modems, so I wanted to make sure tier 3 had 
gotten it. 

And I figured tier 3 would be here. :-)

Cheers,
-- jra

On July 4, 2024 3:00:12 PM EDT, Ryan Hamel  wrote:
>I called their support when that outage thread came in, they're already aware 
>and taking a look now.
>
>Ryan Hamel
>
>
>From: NANOG  on behalf of Jay 
>Ashworth 
>Sent: Thursday, July 4, 2024 11:55 AM
>To: nanog@nanog.org 
>Subject: HE.net problem
>
>Caution: This is an external email and may be malicious. Please take care when 
>clicking links or opening attachments.
>
>We have a report on outages that he.net has been placed in ICANN client hold, 
>and people's DNS service is falling over on this Independence day. If you work 
>in DNS for HE, you might want to look into this.
>
>I have double checked the report, and I am seeing the status as well.
>
>Hurricane serves lots of dns, I would classify this as a P1 ticket.
>
>Cheers,
>-- jra
>--
>Sent from my Android device with K-9 Mail. Please excuse my brevity.

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

HE.net problem

2024-07-04 Thread Jay Ashworth 
We have a report on outages that he.net has been placed in ICANN client hold, 
and people's DNS service is falling over on this Independence day. If you work 
in DNS for HE, you might want to look into this.

I have double checked the report, and I am seeing the status as well.

Hurricane serves lots of dns, I would classify this as a P1 ticket.

Cheers,
-- jra
-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Steve Bellovin retires

2024-04-30 Thread Jay Ashworth 
Steve Bellovin retires:

https://mastodon.lawprofs.org/@SteveBellovin/112362015712050310
-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

RE: Meta outage

2024-03-05 Thread Jay Ashworth 
Yes: metastatus.com

It isn't happy.

On March 5, 2024 11:23:42 AM EST, "Kain, Becki (.)"  wrote:
>Does meta keep a board somewhere to tell the world it’s down?
>
>From: NANOG  On Behalf Of Jay Ashworth
>Sent: Tuesday, March 05, 2024 11:06 AM
>To: nanog@nanog.org
>Subject: Meta outage
>
>WARNING: This message originated outside of Ford Motor Company. Use caution 
>when opening attachments, clicking links, or responding.
>
>It's making the general press this hour so of course you already know about it 
>but my question is this: who peers with meta and have you seen BGP sessions 
>drop or the like? Do you operate meta CDN nodes in your network? Are they 
>screaming for help?
>
>This doesn't sound like it's a network layer problem but I'm curious.
>
>Cheers,
>-- jra
>--
>Sent from my Android device with K-9 Mail. Please excuse my brevity.

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Meta outage

2024-03-05 Thread Jay Ashworth 
It's making the general press this hour so of course you already know about it 
but my question is this: who peers with meta and have you seen BGP sessions 
drop or the like? Do you operate meta CDN nodes in your network? Are they 
screaming for help? 

This doesn't sound like it's a network layer problem but I'm curious.

Cheers,
-- jra
-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

RIP Dave Mills

2024-01-27 Thread Jay Ashworth 
The inventor of NTP, in the late 1970s, and recipient of the 2013 IEEE Internet 
Award “for significant leadership and sustained contributions in the research, 
development, standardization, and deployment of quality time synchronization 
capabilities for the Internet”, Dr. David Lennox Mills died in Delaware on 
January 17, at 85.

Rarely have I more wanted to say "perhaps we'll see him again later".

Cheerss,
-- jra
-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

RE: IERS ponders reverse leapsecond...

2022-08-03 Thread Jay Ashworth 
Sure.

ALL of this has been gamed out, and I had believed, handled, by the 8601 nerds, 
and we ignore that investment of work at our peril.

On August 3, 2022 11:33:09 AM EDT, Matthew Huff  wrote:
>True, 
>
>But it's hard enough to get developers to understand the need to code for 61 
>seconds in a minute, and now they would need to code for 59 seconds as well.
>
>If time systems simply skewed the time so that 60 seconds actually just took 
>61 seconds or 59 seconds, there would be other issues, but coders wouldn't be 
>involved.
>
>
>
>-Original Message-
>From: NANOG  On Behalf Of Stephane 
>Bortzmeyer
>Sent: Wednesday, August 3, 2022 11:19 AM
>To: Jay Ashworth 
>Cc: nanog@nanog.org
>Subject: Re: IERS ponders reverse leapsecond...
>
>On Wed, Aug 03, 2022 at 11:09:25AM -0400,  Jay Ashworth  
>wrote  a message of 32 lines which said:
>
>> General press loses its *mind*:
>
>Indeed, they seem not to know what they write about. "atomic time – the 
>universal way time is measured on Earth – may have to change" They don't even 
>know the difference between TAI and UTC.
>

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: Frontier Dark Fiber

2022-08-03 Thread Jay Ashworth 
I wouldn't have thought that Frontier was able to offer dark fiber, since air 
distribution fan out is all GPON, is it not?

If their fanout was active ethernet it might be a different story but...

Cheers,
-- jra

On July 13, 2022 7:40:47 AM EDT, Mike Hammett  wrote:
>I'm looking for a contact at Frontier that can discuss dark fiber. 
>
>
>My current account exec says they don't offer it, yet prior conversations with 
>him and a previous SE revealed that they very much did (just didn't have 
>availability on the paths I wanted at the time). 
>
>
>Their web site highlights it fairly proudly. 
>
>
>
>
>I'm aware that availability varies. 
>
>
>I'm aware that they likely don't want to sell it. 
>
>
>
>- 
>Mike Hammett 
>Intelligent Computing Solutions 
>
>Midwest Internet Exchange 
>
>The Brothers WISP 
>

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

IERS ponders reverse leapsecond...

2022-08-03 Thread Jay Ashworth 
General press loses its *mind*:

https://www.cbsnews.com/news/earth-spinning-faster-than-usual-shortest-day-ever/#app

Have you tested leap second handling, especially in reverse?  How do you 
simulate it? Are there existing test harnesses for simulating it?

Cheers, 
-- jra
-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: "Permanent" DST

2022-03-15 Thread Jay Ashworth 
And here's the NPR story which leads with "the Senate passed a bill":

https://www.npr.org/2022/03/15/1086773840/daylight-saving-time-permanent-senate

I really don't know why that site does not list it, because it certainly 
should. But here you are.

On March 15, 2022 6:07:36 PM EDT, Matthew Petach  wrote:
>Please provide a link documenting this claim.
>
>I have been reviewing the actions listed on congress.gov, and this is not
>an action listed as having taken place.
>
>https://www.congress.gov/bill/117th-congress/senate-bill/623/all-actions?overview=closed#tabs
>
>The last action shown for this bill was taken on March 9th, 2021, more than
>a year ago.
>
>Thanks!
>
>Matt
>
>On Tue, Mar 15, 2022, 12:14 Jay R. Ashworth  wrote:
>
>> In a unanimous vote today, the US Senate approved a bill which would
>>
>> 1) Cancel DST permanently, and
>> 2) Move every square inch of US territory 15 degrees to the east.
>>
>> My opinion of this ought to be obvious from my rhetoric.  Hopefully, it
>> will
>> fail, because it's likely to be the end of rational time worldwide, and
>> even
>> if you do log in UTC, it will still make your life difficult.
>>
>> I'm poleaxed; I can't even decide which grounds to scream about this on...
>>
>> Hopefully, the House or the White House will be more coherent in their
>> decision on this engineering construct.
>>
>> Cheers,
>> -- jra
>>
>> --
>> Jay R. Ashworth  Baylink
>> j...@baylink.com
>> Designer The Things I Think   RFC
>> 2100
>> Ashworth & Associates   http://www.bcp38.info  2000 Land
>> Rover DII
>> St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647
>> 1274
>>
>>

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: "Permanent" DST

2022-03-15 Thread Jay Ashworth 
S.623 as amended, literally hundreds of Tweets in the last 2 hours tell me. 
Yeah, this just happened today. That would be why NPR lead with it on the 4 
p.m. newscast.

On March 15, 2022 6:07:36 PM EDT, Matthew Petach  wrote:
>Please provide a link documenting this claim.
>
>I have been reviewing the actions listed on congress.gov, and this is not
>an action listed as having taken place.
>
>https://www.congress.gov/bill/117th-congress/senate-bill/623/all-actions?overview=closed#tabs
>
>The last action shown for this bill was taken on March 9th, 2021, more than
>a year ago.
>
>Thanks!
>
>Matt
>
>On Tue, Mar 15, 2022, 12:14 Jay R. Ashworth  wrote:
>
>> In a unanimous vote today, the US Senate approved a bill which would
>>
>> 1) Cancel DST permanently, and
>> 2) Move every square inch of US territory 15 degrees to the east.
>>
>> My opinion of this ought to be obvious from my rhetoric.  Hopefully, it
>> will
>> fail, because it's likely to be the end of rational time worldwide, and
>> even
>> if you do log in UTC, it will still make your life difficult.
>>
>> I'm poleaxed; I can't even decide which grounds to scream about this on...
>>
>> Hopefully, the House or the White House will be more coherent in their
>> decision on this engineering construct.
>>
>> Cheers,
>> -- jra
>>
>> --
>> Jay R. Ashworth  Baylink
>> j...@baylink.com
>> Designer The Things I Think   RFC
>> 2100
>> Ashworth & Associates   http://www.bcp38.info  2000 Land
>> Rover DII
>> St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647
>> 1274
>>
>>

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: "Permanent" DST

2022-03-15 Thread Jay Ashworth 
It has been bubbling under for some years-there are about I think it's 10 or 11 
states which have already passed state laws changing it, pending that the 
federal law blocking those be dropped-that's the Uniform Time Act of 1966 if I 
have the title correct.

And to reply to somebody else his comment, the exceptions to the 15 degree rule 
which already exists already caused problems, so there isn't any reason to 
believe that bumping this down to the state and local level won't make things 
even more confusing. 

I wonder how big the buffers in the Timezone Library are; is ADO on this list?

On March 15, 2022 4:24:50 PM EDT, "Elmar K. Bins"  wrote:
>dedel...@iname.com (Dave) wrote:
>
>> Folks for most systems, this is a change to a single file. Not a really hard 
>> thing to accomplish
>
>Well...
>
>1 - I'm surprised anybody is running local timezones on their systems at all
>
>2 - I like how american politics is capable of creating new problems; where
>did this bill come from in the first place? And who's lobbying?
>
>Elmar.
>

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: "Permanent" DST

2022-03-15 Thread Jay Ashworth 
Sure, but you imply that the proposed alternative=-going to permanent DST--is 
only a trivial change to, and it is not. It violates the international rule 
determining what your time zone should be based on what your longitude is. 

That is not trivial.

On March 15, 2022 4:25:21 PM EDT, "james.cut...@consultant.com" 
 wrote:
>Folks, for most, this change removes the twice yearly disruption of their 
>circadian rhythm and consequent surge of accidents and injuries.
>
>My timely recommendation, which also require change to a single file, is to 
>stick to “standard” time year round making solar high noon closer to 12:00.
>
>   Jim
>
>> On Mar 15, 2022, at 4:10 PM, Dave  wrote:
>> 
>> Folks for most systems, this is a change to a single file. Not a really hard 
>> thing to accomplish
>> 
>> Dave
>

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: .bv ccTLD

2021-12-04 Thread Jay Ashworth 
Oh dear. They actually gave them .SS?

Wow.

On December 4, 2021 10:18:26 AM EST, "Cynthia Revström"  wrote:
>Hi,
>
>Not only is the ISO 3166-1 alpha-2 code assigned but the ccTLD is
>delegated to NORID's nameservers.
>NORID also makes it pretty clear that they are not interested in
>selling the TLD, and I suspect that might very well mirror the
>position of the Norwegian government.
>While something like another country is a different thing to just a
>company wanting to profit from a TLD, it still seems unlikely to me.
>
>Another example: back in 2011 when South Sudan gained independence,
>they got an ISO 3166-1 alpha-2 code which was "SS" which could
>understandably have some problems given historical context for that
>letter combination.[1]
>
>So not getting "BV" is a pretty minor thing in comparison to that, IMHO.
>There are many countries/geographical entities that have far from
>perfect ISO 3166-1 alpha-2 codes.
>I think pretty much all codes ending in an X is because there were no
>better ones available. (I am not certain on this part though)
>
>[1]: 
>https://www.reuters.com/article/us-sudan-independence-idUSTRE75S4A520110629
>
>-Cynthia
>
>On Sat, Dec 4, 2021 at 12:17 PM Jaap Akkerhuis  wrote:
>>
>>  "Jay R. Ashworth" writes:
>>
>>  > - Original Message -
>>  > > From: "David Conrad" 
>>  >
>>  > > Jay,
>>  > >
>>  > > On Dec 3, 2021, at 4:46 PM, Jay Ashworth  wrote:
>>  > >> In general I could I understand that, but it is my understanding that 
>> the domain
>>  > >> is still marked reserved at the Secretariat,
>>  > >
>>  > > Sorry, which secretariat?  As far as I know, the official status of ISO 
>> 3166-1
>>  > > Alpha 2 codes is specified by the ISO-3166 Maintenance Agency and 
>> listed on the
>>  > > ISO website (the “online browsing platform” output for BV being the URL 
>> I
>>  > > provided).
>>  >
>>  > The ISO 3166 secretariat, yes.
>>
>> It is no makred as reserved but assigned.
>>
>> jaap

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: .bv ccTLD

2021-12-03 Thread Jay Ashworth 
In general I could I understand that, but it is my understanding that the 
domain is still marked reserved at the Secretariat, which is to say they could 
not have assigned any domains in it yet, even if they were inclined to which we 
are told they are not. 

In short, I think this is a possibility not an impossibility or I wouldn't have 
asked.  

-- jra

On December 3, 2021 6:24:22 PM EST, David Conrad  wrote:
>On Dec 3, 2021, at 2:45 PM, Jay R. Ashworth  wrote:
>> So, what's the actual status of .bv?  Assigned, or reserved?
>
>Assigned: https://www.iso.org/obp/ui/#iso:code:3166:BV 
>
>
>> Anyone here got a buddy on the secretariat?  :-)
>
>Even if they did, transitioning codes is a long (99 year? I’ve forgotten) 
>process…
>
>Regards,
>-drc
>

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: This DNS over HTTP thing

2019-10-03 Thread Jay Ashworth 
You might recommend that to me if running DNS tunnelled through another 
protocol was a thing I wanted to do. 

But it's not. I think it's horrible Internet engineering hygiene, and I don't 
just not want to do it myself, I don't think anybody else ought to do it 
either. 

And I think that if end-users understood all of the concerns, they would agree 
with me on that - I get paid to know what end users would think.

On October 3, 2019 10:28:37 AM EDT, Curtis Maurand  wrote:
>Might I suggest using PowerDNS's dinsdist.  it's an ha proxy that you
>can
>put in front of your recursors and It implements dns over https if you
>want
>it to.  It's open sources and ensures that you're not limited to
>Google's
>or Cloudflare's servers which exist to drive advertising at you (I've
>seen
>infected ads pwn machines).  I have much more paranoid reasons for
>implementing, namely preventing 3rd parties from getting my histories.
>
>On Wed, Oct 2, 2019 at 5:28 PM Jay R. Ashworth  wrote:
>
>> - Original Message -
>> > From: "John Levine" 
>>
>> > In article
><804699748.1254612.1570037049931.javamail.zim...@baylink.com>
>> you
>> > write:
>> >>Tools. Are. Neutral.
>> >>
>> >>Any solution to a problem that involves outlawing or breaking tools
>will.
>> >>Not. Solve. Your. Problem.
>> >
>> > I think in the outside world you'll find very little support for an
>> argument
>> > that filtering DNS is fundamentally broken.
>> >
>> > Sure, you can do it in broken ways, but it's going to be really
>hard
>> > to persuade anyone that their lives are better if they have
>unfiltered
>> > access to the malware links in their spam.
>>
>> I expect I would.
>>
>> But this is not "filtering DNS".  It's "making a bodge-handed attempt
>to
>> REPLACE DNS (well, proxy it) for only one application/layer".
>>
>> My problem isn't what they're using it for; it's that they've
>implemented
>> it so poorly.
>>
>> I live down here in the trenches, John, where "it doesn't work" is
>the
>> calibre
>> of problem reports I get.  When my tools say that "yes, it does",
>*I'm*
>> the one
>> who takes it in the nads because Mozilla had a Better Fuckin' Idea.
>>
>> That it will likely cause lots of 50,000ft problems to is just a
>cherry on
>> the
>> top.
>>
>> Cheers,
>> -- jra
>>
>> --
>> Jay R. Ashworth  Baylink
>> j...@baylink.com
>> Designer The Things I Think  
>RFC
>> 2100
>> Ashworth & Associates   http://www.bcp38.info  2000 Land
>> Rover DII
>> St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727
>647
>> 1274
>>
>
>
>-- 
>--Curtis

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

RE: RFC 1918 network range choices

2017-10-05 Thread Jay Ashworth 
I have seen a number of versions of that in reading things people sent me and 
things I found myself, and all of them seem to depend on ASICs that didn't 
exist at the time the ranges were chosen, and probably also CIDR which also 
didn't exist. They sound good, but I'm not buying em. :-)

On October 5, 2017 1:32:19 PM EDT, Jerry Cloe  wrote:
>Several years ago I remember seeing a mathematical justification for
>it, and I remember thinking at the time it made a lot of sense, but now
>I can't find it.
>
> 
>I think the goal was to make it easier for routers to dump private
>ranges based on simple binary math, but not sure that concept ever got
>widely used.
>
> 
>Time to start writing  out all the binary.
>
>
> 
>-Original message-
>From:Jay R. Ashworth 
>Sent:Thu 10-05-2017 09:41 am
>Subject:RFC 1918 network range choices
>To:North American Network Operators‘ Group ; 
>Does anyone have a pointer to an *authoritative* source on why
>
>10/8
>172.16/12 and
>192.168/16 
>
>were the ranges chosen to enshrine in the RFC?  Came up elsewhere, and
>I can't 
>find a good citation either.
>
>To list or I'll summarize.
>
>Cheers,
>-- jra
>
> 

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: I recommend dslreports.com/speedtest these days (was Speedtest.net not accessible in Chrome due to deceptive ads)

2016-07-22 Thread Jay Ashworth 
Just a quick clarifying reply, I have had DSL test give me an A for bufferbloat 
and a C for Speed on a 75 Meg line.

On July 22, 2016 3:23:00 PM EDT, Jim Gettys  wrote:
>I don't read this list continually, but do archive it; your note was
>flagged for me to comment on.
>
>On Thu, Jul 21, 2016 at 8:11 PM, Eric Tykwinski 
>wrote:
>
>> This is probably for Jim Gettys directly, but I’m sure most others
>have
>> input.  I could of sworn that that there was some test made to detect
>it
>> directly on switches and routers?  Sort of like iperf, but to test
>> bufferbloat specifically given the OS stack which is going to have
>issues
>> as well, as shown on bufferbloat.net .
>>
>>
>​We recommend Toke Høiland-Jørgensen's
>​
> "flent" ​
>
>​https://flent.org/ for testing connections/devices/gear. It uses
>"netperf"
>transfers to load the link (by default with 4 simultaneous TCP
>connections
>in both directions, IIRC), and then runs another test (by default
>"ping")
>at the same time to test the connection under load.
>Turning on a netperf server is just as easy as turning on an iperf
>server
>(and the results are better, and netperf's maintainer responsive).​
>
>See the documentation/paper on Toke's web site.  The "RRUL" test
>("Real-Time Response Under Load") is the one we use most/is best shaken
>down.   I'm sure Toke would love help with other tests.
>​
>
>Gives you lots of useful graphs, will do diffserv marking, etc...​
>​
>
>> > On Jul 21, 2016, at 6:36 PM, Donn Lasher via NANOG
>
>> wrote:
>> >
>> > On 7/21/16, 2:19 PM, "NANOG on behalf of Jay R. Ashworth" <
>> nanog-boun...@nanog.org on behalf of j...@baylink.com> wrote:
>> >
>> >
>> >
>> >> - Original Message -
>> >>> From: "Janusz Jezowicz" 
>> >>
>> >>> Since this morning Speedtest.net is not accessible in Chrome
>> >>> Reason:
>> >>>
>>
>https://www.google.com/transparencyreport/safebrowsing/diagnostic/#url=c.speedtest.net
>> >>>
>> >>> For any ISPs/content providers linking to speedtest.net you may
>want
>> to
>> >>> swap links to a different website or host your own speed test.
>> >>
>> >> So far, I am very pleased with how it works, though I think it's
>letter
>> >> grades on speed are a bit pessimistic (65Mbps is a "C").
>>
>
>​
>Most applications are as sensitive/more sensitive to latency than to
>bandwidth
>​; see the research in the field, for example, for web browsing.  For
>web
>browsing, you are at the point of diminishing returns on bandwidth
>after a
>few megabits/second, for most use​
>.
>​  For telephony, the metric is always the lower the better, and not
>more
>than 100ms or so (continental delay).​
>
>So it is entirely appropriate in my view to give even "high speed"
>connections low grades; it's telling you that they suck under load
>​, like when your kid is downloading a video (or uploading one for
>their
>friends); your performance (e.g. web surfing) can go to hell in a
>hand-basket despite having a lot of bandwidth on the
>connection. For most use, I'll take a 20Mbps link without bloat to a
>200Mbps one with a half second of bloat any
>​ ​
>day.
>​ It will work reliably, I'll be able to make my phone calls without
>problems, I'll be able to frag my friends with the best of them, etc...
>Even video playback gets wonky with bad bufferbloat: the player's
>control
>loop is interacting with the (wildly excessive due to bloat) TCP
>control
>loop and can't find a good playback point; seeking also becomes slow,
>etc.
>
>Activities such as web browsing can/does cause transient latency on a
>link,
>since most links are not doing decent scheduling; the damage is done
>anytime the link gets used by anyone, for anything, including web
>surfing
>as well as background activities such as backup or system update.
>
>So no, I don't think dslreports grades pessimistically: it's just that
>bad
>bufferbloat is so *blinking* common and bad.  And I had nothing to do
>with
>setting the scoring system: that's the opinion of the dslreports test's
>author; but I think Justin has done a good job choosing the grades to
>boil
>down the quality of a connection to something mere mortals (your
>customer's) will understand.  So my hat is off to Justin for doing a
>great
>job.
>​
>
>
>> >>
>> >> Specifically, it measures bufferbloat, with both a realtime graph
>and a
>> >
>> >
>> > Are you talking about the dslreports speedtest? I like that one,
>very
>> detailed results.
>> >
>> > http://speedtest.dslreports.com/
>> >
>> >
>> > I’d agree with the pessimistic scoring.. 160Mbit was given a “B”
>grade.
>> >
>> >
>> >
>> >
>>
>>

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: New ICANN registrant change process

2016-07-04 Thread Jay Ashworth 
Seems to me that the proper thing to be done would have been for Registries to 
deauthorize registrars on the grounds of continuous streams of complaints.

On July 4, 2016 2:35:37 PM EDT, Mel Beckman  wrote:
>I've worked behind the scenes for more than one of these outfits. I can
>tell you that domain registrars are basically printing money. On the
>other hand, I've also been the victim of domain hijacking. I can tell
>you that the domain registrars involved were less than useless in
>reversing the obviously fraudulent transactions. They basically said
>"Not our problem. Deal with it."
>
>That's on top of the other obviously unethical practices by registrars,
>such as seizing nonexistent domain names following a prospective
>buyer's whois search, sluggardly unlocking of domains, etc.
>
>Something had to be done. Now it has been.   
>
>To the registers whining about this change: 
>
>   Not my problem. Deal with it. 
>
> -mel beckman
>
>> On Jul 4, 2016, at 10:55 AM, Jay R. Ashworth  wrote:
>> 
>> I'll go ahead and assume I wasn't the last person to get this memo
>(courtesy
>> Lauren Weinstein's PRIVACY Digest):
>> 
>>
>https://opensrs.com/blog/2016/06/icanns-new-transfer-policy-will-impact-business-customers/
>> 
>> It does seem that this is going to make life difficult for a bunch of
>pretty
>> normal business processes.
>> 
>> If you didn't know about it either... ask yourself why not.
>> 
>> Cheers,
>> -- jra
>> 
>> -- 
>> Jay R. Ashworth  Baylink  
>j...@baylink.com
>> Designer The Things I Think  
>RFC 2100
>> Ashworth & Associates   http://www.bcp38.info  2000 Land
>Rover DII
>> St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727
>647 1274

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

RIP Marvin Minsky

2016-01-25 Thread Jay Ashworth 
Lauren Weinstein passes along that AI pioneer Minsky died Sunday night in New 
York.  He was 88.

Condolences to those who knew him.

http://www.nytimes.com/2016/01/26/business/marvin-minsky-pioneer-in-artificial-intelligence-dies-at-88.html
-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

John McAfee: Massive DDoS attack on the internet was from smartphone botnet on popular app

2015-12-11 Thread Jay Ashworth 
Is McAfee just talking to dry his teeth here? This isn't actually practical, is 
it? Carriers would notice, right?

http://www.ibtimes.co.uk/john-mcafee-massive-ddos-attack-internet-was-smartphone-botnet-popular-app-1532993
-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Gmail spam filtering

2015-11-22 Thread Jay Ashworth 
Bout a month ago, I had someone crack a POP password on my private mail server,
and got a couple days of spam out through it before I caught it on Sunday 
afternoon.

I locked it down, and am this weekend replacing that mail server with one
of current vintage, serving the same domain from a linode instance on a
different IP and, obviously, transport network.

I'm finding, though, that gmail is spam-filing the emails I send out,
presumably because they're on the same domain name in the envelope.

Anyone got a pointer to where I go to assure Google I'm on top of it now?

The mail delivers to their inbound MX ok, it just ends up in the spam folder,
even on my business GoogleApps account.  Delivers to Yahoomail just fine.

I checked the new IP in the MXtoolbox RBL checker, and no hits, but does
gmail know what ranges are assigned to VPS providers, like with the cable
swamp, and bias its spamchecking accordingly?

Cheers,
-- jra

-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: Binge On! - And So This is Net Neutrality?

2015-11-20 Thread Jay Ashworth 
- Original Message -
> From: "Scott Brim" 

> What I read was that as long as a video offerer marks its traffic and
> is certified in a few other ways, anyone can send video content
> cap-free. No I don't know what the criteria are. Does anyone here? I
> also think I remember that there is no significant cost to
> certification, i.e. this is not a paid fast lane. If this is all
> true, this doesn't bother me, and could do everyone a favor by getting
> definitions clearer and getting traffic marked.

Izzat so.

If that's true, then more power to them.  I hadn't seen that deep a dive
in any of the coverage I'd read.

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Binge On! - And So This is Net Neutrality?

2015-11-20 Thread Jay Ashworth 
According to:

  
http://www.engadget.com/2015/11/20/fcc-chairman-gives-t-mobiles-binge-on-the-thumbs-up/

Chairman Wheeler thinks that T-mob's new "customers can get uncapped media
stream data, but only from the people we like" service called Binge On
is pro-competition.

My take on this is that the service is *precisely* what Net Neutrality
was supposed to prevent -- carriers offering paid fast-lanes to content 
providers -- and that this is anti-competitive to the sort of "upstart 
YouTube" entities that NN was supposed to protect...

and that *that* is the competition that NN was supposed to protect.

And I just said the same thing two different ways.

Cause does anyone here think that T-mob is giving those *carriers* pride
of place *for free*?

Corporations don't - in my experience - give away lots of money out of 
the goodness of their hearts.

Cheers,
-- jr 'whacky weekend' a
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Is anyone tracking the "Fw: New Message" joe-job spammer?

2015-10-26 Thread Jay Ashworth 
Cause if so I got about 100 examples from last night I can send you if
you think they'll help.  :-)

Cheers,
-- jra

-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: Google IMAP (with k9mail)

2015-10-23 Thread Jay Ashworth 
- Original Message -
> From: "Christopher Morrow" 

> Incoming settings
> IMAP server: imap.gmail.com
> Port: 993
> Security type: SSL (always)
> 
> Outgoing settings
> SMTP server: smtp.gmail.com
> Port: 465
> Security type: SSL (always)

Hijack: to use k9mail with gmail IMAP, I have to enable "allow less secure 
clients" in the gmail web UI, but neither the Gmail people nor the k9mail
people seem to want to actually document which protocol is disliked or
required.

Anyone have any actual facts on this point?

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: VPS in DC/VA on L3?

2015-10-23 Thread Jay Ashworth 
- Original Message -
> From: "Christopher Morrow" 

> On Fri, Oct 23, 2015 at 11:02 AM, Jay Ashworth 
> wrote:
> > We need to do host-mode IPSEC out of AWS to a company in the DC/VA area that
> > is on L3; AWS apparently will only do network mode IPSEC, and they won't 
> > take
> > that, so we'll need to hop.
> 
> 'will only do network mode'  because the VM you run in aws can't
> do ipsec to your pix?

Pick your problem:

AWS's productized IPSEC VPC gateway won't do host-mode, or so I am told, and

Our customer won't do network mode, and

Our customer also won't accept IPSEC traffic that's been NATted, so we can't do
it from an AWS host cause EIPs are natted; there is, TTBOMK *no* way to get a
non-natted IP on an EC2/VPC host.

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

VPS in DC/VA on L3?

2015-10-23 Thread Jay Ashworth 
We need to do host-mode IPSEC out of AWS to a company in the DC/VA area that
is on L3; AWS apparently will only do network mode IPSEC, and they won't take
that, so we'll need to hop.

Anyone got a VPS provider in that area they like so we can set up the 
bank-shot?

Cheers,
-- jra

-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: [outages] Akamai Cert Issues today

2015-10-04 Thread Jay Ashworth 
- Original Message -
> From: "coolhandluke via Outages" 

> > -We're wondering what happened yesterday to break all these
> > disparate
> > websites

> note that this is *by design*, as sean pointed out.
> 
> the "fix" is simple: don't use https on www.irs.gov. any ssl pages
> served by the irs as served on different hostnames.
> 
> as to why your users just started it, nfi. my best guess is that they
> weren't using https previously.

Well, "more people may be using HTTPS-Anywhere" may have something to 
do with it.

Or, it might be that some new browser release just enabled HTTP/2.0, which
in many implementations *requires* SSL and might also trip this, as noted
in a posting on the topic which I just inadvertantly posted to this same
mailing list 5 minutes ago.  :-)

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Disregard: HTTP/2.0 to ship in weeks

2015-10-04 Thread Jay Ashworth 
Damnit.  

Apologies everyone; no clue why Ars was pushing that *now*, 6 months after
its dateline.

- Original Message -
> From: "Jay Ashworth" 
> To: "NANOG" 
> Sent: Sunday, October 4, 2015 2:30:00 PM
> Subject: HTTP/2.0 to ship in weeks
> We all knew about this, right?
> 
> http://arstechnica.com/information-technology/2015/02/http2-finished-coming-to-browsers-within-weeks/
> 
> One - few - many - all? What's that?
> 
> Cheers,
> -- jra
> 
> --
> Jay R. Ashworth Baylink j...@baylink.com
> Designer The Things I Think RFC 2100
> Ashworth & Associates http://www.bcp38.info 2000 Land Rover DII
> St Petersburg FL USA BCP38: Ask For It By Name! +1 727 647 1274

-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

HTTP/2.0 to ship in weeks

2015-10-04 Thread Jay Ashworth 
We all knew about this, right?

http://arstechnica.com/information-technology/2015/02/http2-finished-coming-to-browsers-within-weeks/

One - few - many - all?  What's that?

Cheers,
-- jra

-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: Quick Update on the North American BCOP Efforts

2015-09-30 Thread Jay Ashworth 
- Original Message -
> From: "Chris Grundemann" 

> After receiving several off-line inquiries about the status of BCOP in
> North America I think it's appropriate to send a general announcement
> here.
> 
> The biggest news here is that the current NANOG Board of Directors has
> disbanded the NANOG BCOP Committee. The stated rationale for this
> decision can be found in the minutes from their 2 February 2015 meeting.

I tried it 5 or 6 years ago:

  http://bestpractices.wikia.com

I didn't get any traction either.

Guessing no one cares.

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: PCH.net questions and thoughts - Re: Prefix hijacking by AS20115

2015-09-29 Thread Jay Ashworth 
Well, there *is* outa...@outages.org... :-)

- Original Message -
> From: "Royce Williams" 
> To: nanog@nanog.org
> Sent: Tuesday, September 29, 2015 11:31:54 AM
> Subject: Re: PCH.net questions and thoughts - Re: Prefix hijacking by AS20115
> On Tue, Sep 29, 2015 at 7:12 AM, Job Snijders 
> wrote:
> >
> > Hi Bob,
> >
> > On Tue, Sep 29, 2015 at 08:05:45AM -0700, Bob Evans wrote:
> > > This seems like a very good proper civil approach - maybe this or
> > > something like it ARIN might help promote and endorse as a benefit
> > > to
> > > the community ? Be nice if with the cash they did something simple
> > > like this and got all of us to use it? Special line forwarding ? A
> > > Emergency Only NOC App for our phones for just this kind of
> > > situation
> > > - one that registers a specific ASN and pin code we set on the
> > > registration page ?
> >
> > In this day and age people use IRC or Facebook to quickly get to a
> > friend of a friend of a friend to get to a good contact. Get on with
> > the
> > times :-)
> 
> This seems lossy and unscriptable to me. There are maxint different
> flavors of $social, so it's not suitable for escalation, IMO. Also,
> many people opt out of half of them when they're not on the clock.
> And, many of them have "I don't know you so I'll bury your message"
> options, which makes being tickled by a stranger for emergency
> purposes hard. And their "APIs", so to speak, are constantly
> shifting.
> 
> But we already have a reliable, widespread, high-SNR channel: this
> list. It's the place that people go when they can't get an answer any
> other way. Email works when many other things are broken.
> 
> What if all NOCs used their NOC email distro/alias to subscribe,
> filter for posts containing their own ASes/admin-domains/prefixes,
> plus the string "problem|issue|etc", and flag them as higher priority.
> A junior NOCling could check it manually every couple of hours, and
> maybe a public web archive of the list, in case of filter failures.
> 
> I would expect most NOCs worth their salt to be monitoring nanog
> anyway. Why not leverage it?
> 
> A sibling list could be spun off -- nanog-panic-button? ;) -- if that
> would be preferable.
> 
> Royce

-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Do you have INOC-DBA set up? (was: Re: PCH.net questions and thoughts - Re: Prefix hijacking by AS20115)

2015-09-29 Thread Jay Ashworth 
I entirely disagree, Job.

The idea of a private tieline network that is connected, by SIP, to a line 
appearance in the NOC of each AS, and no one else is on it, seems like a
fine idea to me.

And that was INOC-DBA's original goal, as I understand it:

You're having a problem?  It's coming from some specific AS?

Pick up the phone, mash the red INOC line button, dial the AS 
number, and you're talking to their NOC.

And that's *authenticated*: since it's low enough churn to set up
by hand, it's authenticated by humans.

Show of hands: who has it set up, correctly, right now?

- Original Message -
> From: "Job Snijders" 
> To: "Bob Evans" 
> Cc: nanog@nanog.org
> Sent: Tuesday, September 29, 2015 11:12:43 AM
> Subject: Re: PCH.net questions and thoughts - Re: Prefix hijacking by AS20115
> Hi Bob,
> 
> On Tue, Sep 29, 2015 at 08:05:45AM -0700, Bob Evans wrote:
> > This seems like a very good proper civil approach - maybe this or
> > something like it ARIN might help promote and endorse as a benefit
> > to
> > the community ? Be nice if with the cash they did something simple
> > like this and got all of us to use it? Special line forwarding ? A
> > Emergency Only NOC App for our phones for just this kind of
> > situation
> > - one that registers a specific ASN and pin code we set on the
> > registration page ?
> 
> In this day and age people use IRC or Facebook to quickly get to a
> friend of a friend of a friend to get to a good contact. Get on with
> the
> times :-)
> 
> Kind regards,
> 
> Job

-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: Data Center operations mail list?

2015-08-11 Thread Jay Ashworth 
Absolutely feel free to use it; I haven't seen a single message on it in...
well, it was 3 years ago I was in datacenters regularly, so I'm goin with
"3 years".  :-)

Cheers,
-- jra

- Original Message -
> From: "Jared Mauch" 
> To: "Chris Boyd" 
> Cc: "NANOG" 
> Sent: Tuesday, August 11, 2015 11:46:45 AM
> Subject: Re: Data Center operations mail list?
> There is a DC-ops list hosted at puck I setup for people awhile ago.
> Feel free to use that.
> 
> Jared Mauch
> 
> > On Aug 6, 2015, at 1:01 PM, Chris Boyd 
> > wrote:
> >
> > Is there a mail list that’s analogous to NANOG, but focused on the
> > data center infrastructure and operations? The shorty.com hosted
> > list is defunct.
> >
> > Thanks, and apologies for the tangential topic.
> >
> > —Chris

-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: RES: Exploits start against flaw that could hamstring huge swaths of

2015-08-04 Thread Jay Ashworth 
- Original Message -
> From: "Scott Helms" 

> On Aug 4, 2015 9:38 AM, "Christopher Morrow" 
> wrote:
> 
> > On Tue, Aug 4, 2015 at 11:29 AM, Scott Helms 
> > wrote:
> > > With the (large) caveat that heterogenous networks are more
> > > subject to human error in many cases.
> >
> > automate!

> Automation just means your mistake goes many more places more quickly.

Not necessarily.

The sort of failure you're talking about, Scott, is "user did the wrong 
thing", and sure, automation makes it easier for that to spread.

Chris was, though, I think, suggesting automating around "user tries to do
the right thing on disjoint devices, and fails *because they're disjoint*";
that is, clearly, a problem automation can help with.

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Exploits start against flaw that could hamstring huge swaths of Internet | Ars Technica

2015-08-04 Thread Jay Ashworth 
Everyone got BIND updated?

http://arstechnica.com/security/2015/08/exploits-start-against-flaw-that-could-hamstring-huge-swaths-of-internet/
-- 
Sent from my Android phone with K-9 Mail. Please excuse my brevity.

Did *bufferbloat* cause the 2010 flashcrash?

2015-08-02 Thread Jay Ashworth 
This guy seems to think so, and his arguments seem pretty convincing to me, but 
I don't understand the financial system as well as I might.

yarchive.net/blog/computers/flash_crash.html

Gettys is namechecked in the piece.

Cheers,
-- jra
-- 
Sent from my Android phone with K-9 Mail. Please excuse my brevity.

RE: Windows 10 Release

2015-08-02 Thread Jay Ashworth 
An article in VARGuy said they'd booked 40 Tb/s of capacity from Akamai, 
Limelight, and four or five other CDNs that I did not recognize by name.

I presume each machine will have to contact at least one machine at 
microsoft.com to confirm signatures on downloaded packages, et alia.

- jra

On July 28, 2015 8:09:52 PM EDT, Erik Sundberg  wrote:
>Does anyone know if Microsoft will be hosting the downloads from there
>ASN 8075 or from an CDN Provider like Akamai?
>
>
>
>-Original Message-
>From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Curtis
>Maurand
>Sent: Tuesday, July 28, 2015 6:43 PM
>To: Niels Bakker ; nanog@nanog.org
>Subject: Re: Windows 10 Release
>
>Microsoft tells me 3.2 GB for win 10 pro 64 bit.
>
>On July 28, 2015 6:04:04 PM EDT, Niels Bakker 
>wrote:
>>* n...@flhsi.com (Nick Olsen) [Tue 28 Jul 2015, 22:46 CEST]:
>>>Being a 3-4GB download. Each device is moving more data than any
>Apple
>>
>>>update ever did.
>>
>>I'm not so sure of that.  The 10.9 install image clocked in at 4.9 GB,
>>and the Mac App Store for 10.10 Yosemite says "Size: 5.67 GB";
>>http://www.microsoft.com/en-us/windows/features says "3GB download
>>required" in the small print at the bottom.
>>
>>
>>   -- Niels.
>
>--
>Sent from my Android device with K-9 Mail. Please excuse my brevity.
>
>
>
>CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents,
>files or previous e-mail messages attached to it may contain
>confidential information that is legally privileged. If you are not the
>intended recipient, or a person responsible for delivering it to the
>intended recipient, you are hereby notified that any disclosure,
>copying, distribution or use of any of the information contained in or
>attached to this transmission is STRICTLY PROHIBITED. If you have
>received this transmission in error please notify the sender
>immediately by replying to this e-mail. You must destroy the original
>transmission and its attachments without reading or saving in any
>manner. Thank you.

-- 
Sent from my Android phone with K-9 Mail. Please excuse my brevity.

RE: Bright House IMAP highwater warning real?

2015-08-02 Thread Jay Ashworth 
I think the body text of the message should identify it as coming from the 
Bright House email system? I think it should be written in standard USAdian 
English, which that is decidedly not.

Or perhaps the problem is that that subject line was supposed to be 
parameterized, and the number of bytes is missing for some reason. But in any 
event that is a common message to spoof, and the more bits of identity that are 
in it the harder it is to do so. That message format has almost zero bit of 
provider-identifiable data.

"""
Your Bright House Networks IMAP email storage for u...@domain.com is at 490MB, 
approaching your quota of 500MB.

IMAP email permits you to access all your mail folders by storing them on the 
mail server, but because of this, all mail in your folders contributes to your 
storage limit.

You can delete messages to reduce your storage, or move them to your PC. If you 
delete them, or have already deleted them, you usually must 'compact' each 
folder to reclaim the extra space.

Alternatively, you can contact Customer Care to see about having your quota 
increased.
"""

Cheers,
-- jra

On August 2, 2015 3:44:35 PM EDT, Frank Bulk  wrote:
>What do you think their message should say?  We struggled over this,
>too, and settled on some soft language, included information on how to
>purchase more storage, and also provided our email address and phone
>numbers.
>
>Frank
>
>-Original Message-----
>From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Jay Ashworth
>Sent: Sunday, August 02, 2015 1:55 PM
>To: nanog@nanog.org
>Subject: Bright House IMAP highwater warning real?
>
>Any brighthouse email admins on the list? My sister got the following
>high water warning message, with the included headers which, since they
>appear to include no Received: headers, look like they actually came
>from brighthouse's email cluster. 
>
>If this is a real Bright House warning message, somebody should be
>flogged. Teaching people which messages is to believe is hard enough...
>
>Cheers,
>-- jra
>
>
> Original Message 
>Subject: Re: Fwd: ATTENTION: High Water Mark Notification, bytes in the
>mailbox!
>
>I lied. The header to yours - which I finally found - is nice and long.
> the header on this one is
>
>Return-Path: <>
>From: admin
>Subject: ATTENTION: High Water Mark Notification, bytes in the mailbox!
>Date: Sun, 2 Aug 2015 06:22:44 +
>Message-ID: e31468ce-38de-11e5-b0a6-17507733086b
>
>>>-Original Message-
>>>From: admin
>>>Sent: Sun, 02 Aug 2015 2:22 AM
>>>Subject: ATTENTION: High Water Mark Notification, bytes in the
>>mailbox!
>>>
>>>Your mailbox is over the high water mark.
>>>Please delete some messages from your mailbox.
>-- 
>Sent from my Android phone with K-9 Mail. Please excuse my brevity.

-- 
Sent from my Android phone with K-9 Mail. Please excuse my brevity.

Bright House IMAP highwater warning real?

2015-08-02 Thread Jay Ashworth 
Any brighthouse email admins on the list? My sister got the following high 
water warning message, with the included headers which, since they appear to 
include no Received: headers, look like they actually came from brighthouse's 
email cluster. 

If this is a real Bright House warning message, somebody should be flogged. 
Teaching people which messages is to believe is hard enough...

Cheers,
-- jra


 Original Message 
Subject: Re: Fwd: ATTENTION: High Water Mark Notification, bytes in the mailbox!

I lied. The header to yours - which I finally found - is nice and long.
 the header on this one is

Return-Path: <>
From: admin
Subject: ATTENTION: High Water Mark Notification, bytes in the mailbox!
Date: Sun, 2 Aug 2015 06:22:44 +
Message-ID: e31468ce-38de-11e5-b0a6-17507733086b

>>-Original Message-
>>From: admin
>>Sent: Sun, 02 Aug 2015 2:22 AM
>>Subject: ATTENTION: High Water Mark Notification, bytes in the
>mailbox!
>>
>>Your mailbox is over the high water mark.
>>Please delete some messages from your mailbox.
-- 
Sent from my Android phone with K-9 Mail. Please excuse my brevity.

Re: United Airlines is Down (!) due to network connectivity problems

2015-07-08 Thread Jay Ashworth 
UA, WSJ /and/ NYSE all in the same day?

Once is an accident;  twice is a coincidence...

Three times is enemy action.

On July 8, 2015 1:18:47 PM EDT, Paul Ferguson  wrote:
>-BEGIN PGP SIGNED MESSAGE-
>Hash: SHA256
>
>Given that the Internet is held together with paper clips, bailing
>twine, and bubblegum, I'd prefer to take theses organizations' initial
>word for the fact that there is nothing obviously malicious in these
>outages.
>
>The mainstream press, on the other hand, seems to want it to be a hack
>or data breach or... something other than a "glitch". :-)
>
>- - ferg
>
>
>On 7/8/2015 10:15 AM, Mel Beckman wrote:
>
>> It's important to not form an opinion too early, especially anyone 
>> involved with forensic analysis of these systems. This is a
>> classic fault in amateur investigation: an early opinion will lead
>> you into confirmation bias, irrationally accepting data agreeing
>> with your opinions and rejecting that disproving it.
>> 
>> -mel beckman
>> 
>>> On Jul 8, 2015, at 10:07 AM, Paul Ferguson 
>>>  wrote:
>>> 
>> NYSE: "The issue we are experiencing is an internal technical issue
>> and is not the result of a cyber breach."
>> 
>> https://twitter.com/NYSE/status/618818929906085888
>> 
>> United Air statement CNBC: “An issue with a router degraded network
>> connectivity for various applications. We fixed the router."
>> 
>> https://twitter.com/barronstechblog/status/618816643821633536
>> 
>> - ferg
>> 
>
>
>- -- 
>Paul Ferguson
>PGP Public Key ID: 0x54DC85B2
>Key fingerprint: 19EC 2945 FEE8 D6C8 58A1 CE53 2896 AC75 54DC 85B2
>-BEGIN PGP SIGNATURE-
>Version: GnuPG v2
>
>iF4EAREIAAYFAlWdW3cACgkQKJasdVTchbLr/wD/aBNnLFv+MU+QI1ja7dd9LiSN
>Zkum4lSIutxFn1NmaYoBAIgO/Ig7FxD4vRzQK8bUturn4YGw9FXMT+EzVTKhIbVG
>=/yYp
>-END PGP SIGNATURE-

-- 
Sent from my Android phone with K-9 Mail. Please excuse my brevity.

Fwd: [ PRIVACY Forum ] Windows 10 will share your Wi-Fi key with your friends' friends

2015-07-06 Thread Jay Ashworth 
>From Lauren, a new "feature" in Windows 10 I think this community probably
wants to know about, to the extent you don't already.

I *knew* I didn't like W10.  :-)

Cheers,
-- jra

- Forwarded Message -
> From: "PRIVACY Forum mailing list" 
> To: privacy-l...@vortex.com
> Sent: Wednesday, July 1, 2015 8:03:06 PM
> Subject: [ PRIVACY Forum ] Windows 10 will share your Wi-Fi key with your 
> friends' friends
> Windows 10 will share your Wi-Fi key with your friends' friends
> 
> http://www.theregister.co.uk/2015/06/30/windows_10_wi_fi_sense/
> 
> In an attempt to address the security hole it has created, Microsoft
> offers a kludge of a workaround: you must add _optout to the SSID (the
> name of your network) to prevent it from working with Wi-Fi Sense. (So
> if you want to opt out of Google Maps and Wi-Fi Sense at the same
> time,
> you must change your SSID of, say, myhouse to myhouse_optout_nomap.
> Technology is great.) Microsoft enables Windows 10's Wi-Fi Sense by
> default, and access to password-protected networks are shared with
> contacts unless the user remembers to uncheck a box when they first
> connect. Choosing to switch it off may make it a lot less useful, but
> would make for a more secure IT environment.
> 
> - - -
> 
> --Lauren--
> Lauren Weinstein (lau...@vortex.com): http://www.vortex.com/lauren
> Founder:
> - Network Neutrality Squad: http://www.nnsquad.org
> - PRIVACY Forum: http://www.vortex.com/privacy-info
> Co-Founder: People For Internet Responsibility:
> http://www.pfir.org/pfir-info
> Member: ACM Committee on Computers and Public Policy
> Lauren's Blog: http://lauren.vortex.com
> Google+: http://google.com/+LaurenWeinstein
> Twitter: http://twitter.com/laurenweinstein
> Tel: +1 (818) 225-2800 / Skype: vortex.com
> ___
> privacy mailing list
> http://lists.vortex.com/mailman/listinfo/privacy

-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

The Internet Is Now Officially Too Big as IP Addresses Run Out - NBC News

2015-07-02 Thread Jay Ashworth 
John Curran gets a quote; NBC gets the etymology of "IPv4" wrong.  

Just keep them away from Jim Fleming.

http://www.nbcnews.com/news/us-news/internet-now-officially-too-big-ip-addresses-run-out-n386081
-- 
Sent from my Android phone with K-9 Mail. Please excuse my brevity.

Leap Second Folo/After Action

2015-07-01 Thread Jay Ashworth 
Here's LWN's piece on the then-upcoming event from last week, presumably
with comments trailing into today.

  http://lwn.net/Articles/648313/

How'd it go for everyone?  Did the world end?

Cheers,
-- jra

-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

ICYMI: SSLv3 is now formally dead. MUST NOT.

2015-06-27 Thread Jay Ashworth 
http://www.rfc-editor.org/rfc/rfc7568.txt
-- 
Sent from my Android phone with K-9 Mail. Please excuse my brevity.

ARIN just subdivided their last /17, /18, /19, /20, /21 and /22. Down to only /23s and /24s now. : ipv6

2015-06-26 Thread Jay Ashworth 
And that's the ballgame.

http://www.reddit.com/r/ipv6/comments/3b5p3i/arin_just_subdivided_their_last_1718192021_and_22/
-- 
Sent from my Android phone with K-9 Mail. Please excuse my brevity.

FOLO: Leap Seconds

2015-06-23 Thread Jay Ashworth 
Herewith, for your amusement in the copious free time I hope you have from
having smoothly humming networks that don't demand your attention:

Falsehoods programers believe about time:

  
http://infiniteundo.com/post/25326999628/falsehoods-programmers-believe-about-time

and More Falsehoods programmers believe about time:

  
http://infiniteundo.com/post/25509354022/more-falsehoods-programmers-believe-about-time

If your heads explode, *I* am not wiping up after.

Cheers,
-- jra

-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: REMINDER: LEAP SECOND

2015-06-23 Thread Jay Ashworth 
- Original Message -
> From: "Harlan Stenn" 

> > You misunderstand the problem. :) The problem is not "clock skips
> > backward one second," because most of the time that's not what
> > happens. The problem is that most software does not handle it well
> > when the clock ticks ... :59 :60 :00 instead of ticking directly
> > from
> > :59 to :00.
> 
> POSIX NEVER shows :60.

Then I hope POSIX does not claim to represent UTC, because UTC does, no?

(IE: somewhere between "a bit" and "a lot" more expansion was called for
there; most of us don't have ntp.org email addresses.  :-)

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: REMINDER: LEAP SECOND

2015-06-21 Thread Jay Ashworth 
- Original Message -
> From: "Jimmy Hess" 

> On Sun, Jun 21, 2015 at 1:06 AM,  wrote:
> > On Sat, 20 Jun 2015 19:06:29 -0400, Jay Ashworth said:
> [snip]
> > I'll let the perpetrator, Richard Stallman, explain. It was a
> > kerfluffle
> > regarding whether /bin/du should use units of 1,000 or 1024.
> >
> > http://karmak.org/archive/2003/01/12-14-99.epl.html
> 
> It's not 1024 vs 1000; it's 1024 vs 512.
> 
> If it's "du" or "df"; the display is supposed to be the number of
> 512-Byte blocks.
[ ... ]
> If you set POSIXLY_CORRECT in the environment, they will show in 512
> byte blocks, or the disk sector size in bytes, instead, like they
> are "supposed to"

Yes, but Valdis' "politically correct" reference goes to the original
name of the environment variable, which I once knew, but had forgotten,
was POSIX_ME_HARDER.

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: REMINDER: LEAP SECOND

2015-06-20 Thread Jay Ashworth 
- Original Message -
> From: "Valdis Kletnieks" 

> On Sat, 20 Jun 2015 11:32:53 -0400, Jay Ashworth said:
> > - Original Message -
> >
> > > - use the posix-right timezone files
> >
> > What; not posixly-correct?
> 
> I wonder how many of us are old enough to remember what that environment
> variable *used* to be called before political correctness became
> important.

There are so many layers in that observation that I'm lost.

Was posixly-correct a purposeful pun on politically correct, and I've
missed it all these decades?

Or was it named something else earlier than that, which wasn't itself
politically correct?

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: REMINDER: LEAP SECOND

2015-06-20 Thread Jay Ashworth 
- Original Message -

> - use the posix-right timezone files

What; not posixly-correct?

Cheers,
-- jr ':-)' a
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

REMINDER: LEAP SECOND

2015-06-19 Thread Jay Ashworth 
The IERS will be adding a second to time again on my birthday; 

2015-06-30T23:59:59 
2015-06-30T23:59:60
2015-07-01T00:00:00

Have fun, everyone.  :-)

Cheers,
-- jra

-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: Hardware monitoring

2015-06-14 Thread Jay Ashworth 
> I know this is slightly off-topic, but since it's still related to the
> list, I thought I'd give it a try. I am wondering what systems are out
> there (open source, preferably) for data collection and processing of
> hardware health data (temperature, CPU clock, fan speeds, etc).
> Ideally brand agnostic and location agnostic as well.
> 
> I know of Cacti, but it would require SNMP enabled devices AFAIK, so
> room/generator/misc monitors wouldn't necessarily be included.

You're going to find that the most commonly recommended solution, I think,
will be proxy SNMP, and let your SNMP monitor log it; there are *lots* of
reasons not to want to run two infrastructures for that.

Cheers,
- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

DC Circuit denies stay on Neutrality

2015-06-12 Thread Jay Ashworth 
Here is a delightful wacky weekend starter culture for you: a backgrounder on 
exactly what it means that the DC Circuit denied Verizon et alia a stay of 
execution on Title II reclassification.

Complete with bonus brony references.

http://www.wetmachine.com/tales-of-the-sausage-factory/net-neutrality-litigation-round-1-goes-to-the-fcc/

Cheers,
--jra
-- 
Sent from my Android phone with K-9 Mail. Please excuse my brevity.

OT Fiber contractors?

2015-06-10 Thread Jay Ashworth 
I have a client needs a couple outside under-parkinglot runs installed*, and
I'm so long out of that market I have no idea where to go.  Offlist recs 
for Tampa metro cheerfully accepted.  :-)

Cheers,
-- jra

[ * Pulled and terminated; we'll supply the switches and do the interconnect ]
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: eBay is looking for network heavies...

2015-06-10 Thread Jay Ashworth 
- Original Message -
> From: "Shane Ronan" 

> When I was asked the default BGP timers across three different vendor
> platforms as measure of my networking ability during an interview, I
> replied saying I'd look them up if needed them.
> 
> I was told I didn't understand BGP in enough detail, despite being able to
> describe all the steps of BGP session establishment and route
> exchange.
> 
> Certs have ruined the industry.

Maybe.  But they certainly saved you from having to work for an asshole
with misplaced priorities...

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: eBay is looking for network heavies...

2015-06-07 Thread Jay Ashworth 
- Original Message -
> From: "Larry Sheldon" 

> I find it interesting that I have not note a mention of people like
> Radia Pearlman and [name advancing years have stolen from me] that wrote
> a 3 volume set (I think it was) (that I can not find in the
> post-great-downsizing-bookshelves-disarray at the moment*).
> 
> *did a little Binging--Not W. Richard Stevens although the
> subconscious thinks "steven" might have been the first name.
> 
> NO! Douglas E. Comer "Internetworking with TCP/IP"
> (Nice try subconscious! Volume 3 is co-authored by David L. Stevens.)

No, W Richard was a layer up the stack:

http://www.kohala.com/start/

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: eBay is looking for network heavies...

2015-06-07 Thread Jay Ashworth 
> Here's the topper: who was (is) Al Gore, and what part did he play in
> the birth of the Internet as we know it today? Try not to howl as some
> of the answers you will get.

Advocated for the funding of NREN while in Congress; later misquoted as
saying he'd "invented the Internet" at some length, no?

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: eBay is looking for network heavies...

2015-06-07 Thread Jay Ashworth 
- Original Message -
> From: "Joe Hamelin" 

> Back in 2000 at Amazon, HR somehow decided to have me do the phone
> interviews for neteng. I'd go through questions on routing and what not,
> then at the end I would ask questions like, "Who was Jon Postel? Who
> is Larry Wall? Who is Paul Vixie? What are layers 8 & 9? Explain the RTFM
> protocol. What is NANOG?" Those answers (or long silences) told me
> more about the candidate than most of the technical questions.

Original RFC editor.  Invented Perl, among other things.  Co-designed DNS
(did I get that right?)  I personally always label layers 8, 9, and 10
as money, management and inside counsel, but I know views differ.  I don't 
RTFM, I google.  It's often faster, so many of TFMs are online now.

And this... is NANOG!

What's my starting rate?  :-)

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: eBay is looking for network heavies...

2015-06-07 Thread Jay Ashworth 
- Original Message -
> From: "John Fraizer" 

> It's been over a decade since I was an active participant on NANOG. I
> didn't know that the NANOG-JOBS list existed. Sometimes it's easier to
> ask for forgiveness than permission though. I guess it's a good thing
> Susan H. isn't here to throw me in NANOG jail, huh?

It's horrible.  I got thrown in there after Katrina.  Just an accident 
that I discovered later they'd left the door unlocked.  And they don't 
feed you either.

Now that the humor's out of the way, I've been on NANOG since the mid-90s
and I didn't know we had a -jobs list at all...

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Should I Reboot, and Why? (was Re: [RDD] No Play out on Cart Wall)

2015-06-04 Thread Jay Ashworth 
- Original Message -
> From: "Cowboy" 

> On Sunday 31 May 2015 03:49:10 pm Graham Wilman wrote:

> > after getting the play out working on clienta terminal for the past
> > 6 days
> > the decision was taken today to get clientb terminal working which
> > it now partially is
> > unfortunately once all 3 terminals the server.clienta and clientb
> > were rebooted I could
> > not get play out to work on clienta again
> 
> Re-booted why ?
> I've often said that rebooting a *nix machine is usually a bad idea.

And, again, a good to recap some of Good Sysadmin Practice:

In the Windows world, it's often recommended that you reboot a machine that
is acting -- as we say in support -- hincky.  That's because Windows is
sufficiently complicated and fragile that things can get corrupt at
runtime, and the simple fact you rebooted it can fix a problem.

That's traditionally not been true in the *nix world; particularly on 
purpose-built single function servers, there simply isn't enough code
running at once to allow for the sort of complicated, multiplicative
complexity failures that you see in many Windows machines.

But does that mean you should never reboot a Linux box, just because
you usually don't *have* to, to fix your problem?

No, it doesn't, and here's why:

Some of the things you might change in your configuration can affect
how things start *when* you boot up, and if you've adjusted one of them,
the time to boot it and find out *is right now, when you've just made the
change and it's fresh in your mind*, not 6 months from now at 3 in the 
morning, when you don't remember what you did.

Well, I suppose you could look in your logbook.  Or check your ticketing
system.  :-)

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: NANOG 64 recordings

2015-06-04 Thread Jay Ashworth 
- Original Message -
> From: "Sadiq Saif" 

> For those that missed them:
> https://www.youtube.com/playlist?list=PLO8DR5ZGla8ju3ftZv_S6L12jBkZKEJVZ

Oh, outstanding.  Thanks.

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Verizon FiOS outbound mail TLS problem - Superpages people here?

2015-06-04 Thread Jay Ashworth 
Anyone on the list who does outbound delivery for Verizon (which I think
is actually Superpages)?  A client has smart-hosted outbounds to *one* 
of his customers bouncing suddenly with 

  Deferred: 403 4.7.0 TLS handshake failed.

*My* inclination is to think that a cert expired somewhere, but his non-tech
contact there tells him that the tech people think things are ok.

I'm trying to get a mailer log fragment from them.  

Cheers,
-- jra

-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: Peering and Network Cost

2015-05-23 Thread Jay Ashworth 
- Original Message -
> From: "Dave Taht" 

> Two things I am curious about are 1) What is the measured benefit of
> moving a netflix server into your local ISP network
> 
> and 2) does anyone measure "cross town latency". If we lived in a
> world where skype/voip/etc transited the local town only,
> what sort of latencies would be see within an ISP and within a
> cross-connect from, say a gfiber to a comcast?
> 
> Once upon a time I'd heard that most phone calls were within 6 miles
> of the person's home, but I don't remember the breakdown of those call
> percentages (?), and certainly the old-style phone system was
> achieving very low latencies for those kinds of traffic.

The lack of decent geographic locality of reference on the Internet has
bothered me for some time; it's often presented as an *effect* of the 
eyeballs/servers nature of the net, but I'm not at all sure it's not more
a cause of it -- at least at this late date.

The problem, of course, is that carriers make money off transit; it's not in
their commercial best interest to unload those links; it's very similar to
the reason my best friend's second semester pre-law textbooks cost her nearly 
$1000; the people selecting them have no interest in the price, since they
don't pay it.

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: symmetric vs. asymmetric [was: Verizon Policy Statement on Net Neutrality]

2015-04-23 Thread Jay Ashworth 
I wasn't being funny. :-)

That was about a quarter to a third of a /wonderful/ #takethat to the *AA...

On April 23, 2015 10:17:51 AM EDT, Ray Soucy  wrote:
>Sorry, I know I get long-winded.  That's why I don't post as much as I
>used
>to. ;-)
>
>On Thu, Apr 23, 2015 at 10:09 AM, Jay Ashworth  wrote:
>
>> There's an op-ed piece in this posting, Ray. Do you want to write it,
>or
>> should I?
>>
>> :-)
>>
>>
>> On April 23, 2015 10:06:42 AM EDT, Ray Soucy  wrote:
>>>
>>> It's amazing, really.
>>>
>>> Netflix and YouTube now overtake BitTorrent and all other file
>sharing
>>> peer-to-peer traffic combined, even on academic networks, by
>order(s) of
>>> magnitude.  The amount of peer-to-peer traffic is not even
>significant in
>>> comparison.  It might as well be IRC from our perspective.
>>>
>>> Internet usage habits have shifted quite a bit in the past decade. 
>I
>>> think the takeaway is that if you provide content in a way that is
>fairly
>>> priced and convenient to access (e.g. DRM doesn't get in your way),
>most
>>> people will opt for the legal route.  Something we were trying to
>explain
>>> to the MPAA and RIAA years ago when they shoved the DMCA down our
>throats.
>>>
>>> I'm certainly in favor of symmetrical service.  I think there is a
>widely
>>> held myth that DOS attacks will take down the Internet when everyone
>has
>>> more bandwidth.  The fact is that DOS attacks are a problem
>regardless of
>>> bandwidth, and throttling people isn't a solution.  The other
>(somewhat
>>> insulting) argument that people will use greater upload speeds for
>illegal
>>> activity is pretty bogus as well.
>>>
>>> The limit on upload bandwidth for most people is a roadblock to a
>lot of
>>> the services that people will take for granted a decade from now;
>cloud
>>> backup, residential video surveillance over IP, peer-to-peer high
>>> definition video conferencing.  And likely a lot of things that we
>haven't
>>> imagined yet.
>>>
>>> As funny as it sounds, I think Twitch (streaming video games) has
>been
>>> the application that has made the younger generation care about
>their
>>> upload speed more than anything else.  They now have a use case
>where their
>>> limited upload is a real problem for them, and when they find out
>their ISP
>>> can't provide anything good enough they get pretty upset about it.
>>>
>>>
>>>
>>>
>>>
>>> On Wed, Apr 22, 2015 at 6:02 PM, Jay Ashworth 
>wrote:
>>>
>>>> - Original Message -
>>>> > From: "Frank Bulk" 
>>>>
>>>> > Those are measured at the campus boundary. I don't have
>visibility
>>>> inside
>>>> > the school's network to know who much intra-campus traffic there
>may
>>>> be .
>>>> > but we know that peer-to-peer is a small percentage of overall
>Internet
>>>> > traffic flows, and streaming video remains the largets.
>>>>
>>>> BitTorrent makes special efforts to keep as much traffic local as
>>>> possible,
>>>> I understand; that probably isn't too helpful... except at scales
>like
>>>> that
>>>> on a resnet at a sizable campus.
>>>>
>>>> Cheers,
>>>> -- jra
>>>> --
>>>> Jay R. Ashworth  Baylink
>>>> j...@baylink.com
>>>> Designer The Things I Think
>>>>  RFC 2100
>>>> Ashworth & Associates   http://www.bcp38.info  2000
>Land
>>>> Rover DII
>>>> St Petersburg FL USA  BCP38: Ask For It By Name!   +1
>727
>>>> 647 1274
>>>>
>>>
>>>
>>>
>>> --
>>> Ray Patrick Soucy
>>> Network Engineer
>>> University of Maine System
>>>
>>> T: 207-561-3526
>>> F: 207-561-3531
>>>
>>> MaineREN, Maine's Research and Education Network
>>> www.maineren.net
>>>
>>
>> --
>> Sent from my Android phone with K-9 Mail. Please excuse my brevity.
>>
>
>
>
>-- 
>Ray Patrick Soucy
>Network Engineer
>University of Maine System
>
>T: 207-561-3526
>F: 207-561-3531
>
>MaineREN, Maine's Research and Education Network
>www.maineren.net

-- 
Sent from my Android phone with K-9 Mail. Please excuse my brevity.

Re: symmetric vs. asymmetric [was: Verizon Policy Statement on Net Neutrality]

2015-04-23 Thread Jay Ashworth 
There's an op-ed piece in this posting, Ray. Do you want to write it, or should 
I?

:-)

On April 23, 2015 10:06:42 AM EDT, Ray Soucy  wrote:
>It's amazing, really.
>
>Netflix and YouTube now overtake BitTorrent and all other file sharing
>peer-to-peer traffic combined, even on academic networks, by order(s)
>of
>magnitude.  The amount of peer-to-peer traffic is not even significant
>in
>comparison.  It might as well be IRC from our perspective.
>
>Internet usage habits have shifted quite a bit in the past decade.  I
>think
>the takeaway is that if you provide content in a way that is fairly
>priced
>and convenient to access (e.g. DRM doesn't get in your way), most
>people
>will opt for the legal route.  Something we were trying to explain to
>the
>MPAA and RIAA years ago when they shoved the DMCA down our throats.
>
>I'm certainly in favor of symmetrical service.  I think there is a
>widely
>held myth that DOS attacks will take down the Internet when everyone
>has
>more bandwidth.  The fact is that DOS attacks are a problem regardless
>of
>bandwidth, and throttling people isn't a solution.  The other (somewhat
>insulting) argument that people will use greater upload speeds for
>illegal
>activity is pretty bogus as well.
>
>The limit on upload bandwidth for most people is a roadblock to a lot
>of
>the services that people will take for granted a decade from now; cloud
>backup, residential video surveillance over IP, peer-to-peer high
>definition video conferencing.  And likely a lot of things that we
>haven't
>imagined yet.
>
>As funny as it sounds, I think Twitch (streaming video games) has been
>the
>application that has made the younger generation care about their
>upload
>speed more than anything else.  They now have a use case where their
>limited upload is a real problem for them, and when they find out their
>ISP
>can't provide anything good enough they get pretty upset about it.
>
>
>
>
>
>On Wed, Apr 22, 2015 at 6:02 PM, Jay Ashworth  wrote:
>
>> - Original Message -
>> > From: "Frank Bulk" 
>>
>> > Those are measured at the campus boundary. I don't have visibility
>inside
>> > the school's network to know who much intra-campus traffic there
>may be .
>> > but we know that peer-to-peer is a small percentage of overall
>Internet
>> > traffic flows, and streaming video remains the largets.
>>
>> BitTorrent makes special efforts to keep as much traffic local as
>possible,
>> I understand; that probably isn't too helpful... except at scales
>like that
>> on a resnet at a sizable campus.
>>
>> Cheers,
>> -- jra
>> --
>> Jay R. Ashworth  Baylink
>> j...@baylink.com
>> Designer The Things I Think  
>RFC
>> 2100
>> Ashworth & Associates   http://www.bcp38.info  2000 Land
>> Rover DII
>> St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727
>647
>> 1274
>>
>
>
>
>-- 
>Ray Patrick Soucy
>Network Engineer
>University of Maine System
>
>T: 207-561-3526
>F: 207-561-3531
>
>MaineREN, Maine's Research and Education Network
>www.maineren.net

-- 
Sent from my Android phone with K-9 Mail. Please excuse my brevity.

Re: symmetric vs. asymmetric [was: Verizon Policy Statement on Net Neutrality]

2015-04-22 Thread Jay Ashworth 
- Original Message -
> From: "Frank Bulk" 

> Those are measured at the campus boundary. I don't have visibility inside
> the school's network to know who much intra-campus traffic there may be .
> but we know that peer-to-peer is a small percentage of overall Internet
> traffic flows, and streaming video remains the largets.

BitTorrent makes special efforts to keep as much traffic local as possible,
I understand; that probably isn't too helpful... except at scales like that
on a resnet at a sizable campus.

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: Comcast Support (from NANOG Digest, Vol 84, Issue 23)

2015-02-24 Thread Jay Ashworth 
I thought you were just supposed to give your Geek License number.  :-)

#nothingScales

- Original Message -
> From: "Kevin McElearney" 
> To: "Peter Loron" , "John Brzozowski" 
> 
> Cc: nanog@nanog.org
> Sent: Monday, February 23, 2015 9:16:37 AM
> Subject: Re: Comcast Support (from NANOG Digest, Vol 84, Issue 23)
> You forgot to use the word “Shibboleet” when you called care.
> Contacted
> Peter off-list
> 
> 
> - Kevin
> 
> On 2/23/15, 1:25 AM, "Peter Loron"  wrote:
> 
> >Apologies for a bit off topic, but I’m trying to get an issue
> >resolved
> >and am having trouble reaching anybody who seems clue positive.
> >
> >From home via Comcast cable, I’m having trouble reaching some
> >destinations. According to mtr, there is a particular node
> >(be-11-pe02.11greatoaks.ca.ibone.comcast.net) which is suffering >
> >30%
> >loss. Contacting the Comcast consumer support folks is useless (what
> >are
> >the lights on your modem doing? Did you power cycle it?). When this
> >is
> >happening, I usually am told they need to send a tech to my house.
> >.
> >
> >Is there a way to drop a note to the NOC or other folks who would
> >understand the info and be able to act on it?
> >
> >Thanks!
> >
> >-Pete
> >> On Jan 23, 2015, at 09:14, Brzozowski, John
> >> wrote:
> >>
> >> Folks,
> >>
> >> The thread below was sent to me a few times, apologies for not
> >> catching
> >>it sooner.
> >>
> >> Janet,
> >>
> >> I sent you mail unicast with a request for some information. I am
> >>happy to help you out.
> >>
> >> For the larger NANOG audience, Comcast has recently launched IPv6
> >>support for our BCI products, these are our DOCSIS based commercial
> >>offerings. This means that if you gateway device is in fact in RG
> >>mode
> >>you will be delegated a dynamic IPv6 prefix, by default customers
> >>are
> >>delegated a /56 prefix along with a single IPv6 address that is
> >>assigned
> >>to the WAN of the gateway device. IPv6 support applies to the
> >>following
> >>makes and models:
> >>
> >> SMC D3G CCR (http://mydeviceinfo.comcast.net/device.php?devid=216)
> >> Cisco BWG (http://mydeviceinfo.comcast.net/device.php?devid=347)
> >> Netgear CG3000D
> >> (http://mydeviceinfo.comcast.net/device.php?devid=347)
> >>
> >> For customers where you bring your own cable modem or have one of
> >> the
> >>above in bridge mode we have enabled IPv6 support for you as well.
> >>However, your router behind the modem must be running software and
> >>configured with IPv6 support. Specifically, your router needs to be
> >>support stateful DHCPv6 for IPv6 address and prefix acquisition. We
> >>have received a number of reports from customers that the Juniper
> >>SRX
> >>does not appear to properly support IPv6. We are working with
> >>Juniper
> >>and also recommend that you reach out to Juniper as well.
> >>
> >> Please keep checking http://www.comcast6.net for updates, we will
> >> post
> >>some additional information here in the next week or so. In the mean
> >>time if you have questions feel free to send me mail or post them
> >>here
> >>on the NANOG list.
> >>
> >> HTH,
> >>
> >> John
> >> =
> >> John Jason Brzozowski
> >> Comcast Cable
> >> p) 484-962-0060
> >> w) www.comcast6.net
> >> e) john_brzozow...@cable.comcast.com
> >> =
> >>
> >>
> >>
> >> -Original Message-
> >> From: "nanog-requ...@nanog.org"
> >>mailto:nanog-requ...@nanog.org>>
> >> Reply-To: NANOG mailto:nanog@nanog.org>>
> >> Date: Friday, January 23, 2015 at 07:00
> >> To: NANOG mailto:nanog@nanog.org>>
> >> Subject: NANOG Digest, Vol 84, Issue 23
> >>
> >> Date: Thu, 22 Jan 2015 22:42:17 +
> >> From: Janet Sullivan
> >> mailto:jan...@nairial.net>>
> >> To: "'nanog@nanog.org'"
> >>mailto:nanog@nanog.org>>
> >> Subject: Comcast Support
> >> Message-ID:
> >>
> >> >>utlook.com >>4.namprd07.prod.outlook.com>>
> >> Content-Type: text/plain; charset="us-ascii"
> >>
> >> I hate to use NANOG for this, but support has now ended a chat with
> >> me
> >>twice without fixing anything, they just kicked me off.
> >>
> >> I'm not getting an IPv6 address on the Comcast provided cable
> >>modem/router. I'm not getting a PD. My machines thus have no IPv6.
> >>I've hard reset my router 4 times while working with Comcast, and
> >>I've
> >>been told to do things like switch to a static IPv4 address, which
> >>shows
> >>a level of clue that is scary. And before that they were convinced
> >>it
> >>was a wireless problem even though I have a wired connection, and
> >>told
> >>them that multiple times. I've wasted two hours with Comcast today,
> >>and
> >>even when I asked for escalation I got nothing. Just hung up on.
> >>It's
> >>honestly the worst customer support I've ever received. I don't
> >>think I
> >>ever got them to understand the difference between IPv4 and IPv6.
> >
> >

-- 
Jay R. Ashworth

Re: Looking for a Consolidated Communications (AS5742) contact

2015-02-06 Thread Jay Ashworth 
- Original Message -
> From: "Mike Hammett" 

> This is the third or fourth request I've seen lately. I'm assuming
> they don't have anyone on here.

Not necessarily.

Some people reply privately, so as not to come out of the closet. 

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: Network ops lists.

2015-01-31 Thread Jay Ashworth 
- Original Message -
> From: "Alex Brooks" 

> As has been mentioned, there are also a few special purpose
> non-geographic lists around. Voiceops for VoIP
> (http://www.voiceops.org/), DC-Ops for Data Centre operation
> discussion (https://puck.nether.net/mailman/listinfo/dc-ops),

Wouldn't it be pretty to think so.  

DC-ops, while a wonderful idea, has had no live traffic in the last
2 years...

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: Facebook outage?

2015-01-27 Thread Jay Ashworth 
- Original Message -
> From: "Larry Sheldon" 

> On 1/27/2015 00:47, Damien Burke wrote:
> > Facebook outage? Everyone panic!
> >
> > https://twitter.com/search?q=facebook&src=typd
> 
> Let the record show that I noticed it quite a while ago, but did NOT
> go for first NANOG mention.

Proud of you, Larry.

Let the record show that *I* haven't seen any outages all day, from Sprint
LTE.

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

REMINDER: Leap Second

2015-01-25 Thread Jay Ashworth 
This June 30th, 235959UTC will be followed immediately by 235960UTC.

What will /your/ devices do?

http://www.marketplace.org/topics/world/leap-second-deep-space-and-how-we-keep-time

Cheers,
-- jra
-- 
Sent from my Android phone with K-9 Mail. Please excuse my brevity.

Re: Charter ARP Leak

2014-12-29 Thread Jay Ashworth 
- Original Message -
> From: "David Coulson" 

> We all knows it's easier to add another secondary IP to the interface
> and add a new DHCP scope than to try to expand a subnet.

>From an intermediate routing standpoint, though, it would be easier to 
add an *adjacent* block, not one halfway across the address space, no?

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: Charter ARP Leak

2014-12-29 Thread Jay Ashworth 
- Original Message -
> From: "Brett Frankenberger" 

> On Mon, Dec 29, 2014 at 12:27:04PM -0500, Jay Ashworth wrote:
> > >
> > > Valdis, you are correct. What your seeing is caused by multiple IP
> > > blocks being assigned to the same CMTS interface.
> >
> > Am I incorrect, though, in believing that ARP packets should only be
> > visible
> > within a broadcast domain,
> 
> broadcast domain != subnet

Yeah; I didn't use the right term.  That's why my networks are small.  :-)

> > and that because of that, they should not be
> > being passed through a cablemodem attached to such a CMTS interface
> > unless
> > they're within the IP network in which that interface lives (which
> > is
> > probably not 0/0)?
> >
> > This sounds like a firmware bug in either the CMTS or the
> > cablemodem.
> 
> int ethernet 0/0
> ip address 10.0.0.1 255.255.0.0
> ip address 11.0.0.1 255.255.0.0 secondary
> ip address 12.0.0.1 255.255.0.0 secondary
> 
> The broadcast domain will have ARP broadcasts for all three subnets.
> 
> Doing it over a CMTS doesn't change that.

Ok.  But the interface to which the cablemodem is attached, in the general
single-DHCP-IP case, is a /24, is it not?

The example Valdis posted had 5 or 6 different /24s from all over the v4
address space; that seems exceptionally sloppy routing...

I have seen ARP-traffic-not-for-me come through a cablemodem in the past as
well, but it was *uniformly* for the /24 in which my modem's address lived
that day.

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: Charter ARP Leak

2014-12-29 Thread Jay Ashworth 
- Original Message -
> From: "Rampley Jr, Jim F" 

> On 12/29/14, 10:49 AM, "valdis.kletni...@vt.edu"
> 
> wrote:
> 
> >On Mon, 29 Dec 2014 03:44:48 +, "Stephen R. Carter" said:
> >> Here is a small excerpt I am seeing.
> >>
> >> 06:04:04.760869 In 00:21:a0:fb:53:d9 > ff:ff:ff:ff:ff:ff, ethertype
> >>ARP (0x0806), length 60: arp who-has 97.85.59.219 tell 97.85.58.1
> >> 06:04:04.761950 In 00:21:a0:fb:53:d9 > ff:ff:ff:ff:ff:ff, ethertype
> >>ARP (0x0806), length 60: arp who-has 75.135.155.27 tell 75.135.152.1
> >
> >The interesting thing is that they're all .1 addresses. It's almost
> >as if
> >the one broadcast domain has at least 7 different address spaces on
> >it.
> 
> Valdis, you are correct. What your seeing is caused by multiple IP
> blocks being assigned to the same CMTS interface.

Am I incorrect, though, in believing that ARP packets should only be visible
within a broadcast domain, and that because of that, they should not be
being passed through a cablemodem attached to such a CMTS interface unless
they're within the IP network in which that interface lives (which is
probably not 0/0)? 

This sounds like a firmware bug in either the CMTS or the cablemodem.

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: OT - Verizon/ATT Cell/4G Signal Booster/Repeater

2014-12-22 Thread Jay Ashworth 
- Original Message -
> From: "Stephen Sprunk" 

> On 16-Dec-14 12:27, John Schiel wrote:
> > One thing you might also want to consider are any calls you make to
> > 911 whilst using a repeater.
> >
> > I use a repeater supplied by T-Mobile and they made it very clear,
> > and
> > I had to specifically acknowledge a statement, that using such a
> > repeater takes away from emergency services being able to find out
> > where you are if you make a 911 call from your mobile.
> >
> > Some may refer to this as a feature, depending on how much tin foil
> > you have laying about, but the users of such device may need to be
> > warned about emergency calls. They'll need to be able to describe
> > where they are to the responding sirens.
> 
> With any reasonably modern phone, wouldn't this problem only apply to
> areas where GPS isn't available (e.g. basements) and the system tries
> to fall back to using tower triangulation?
> 
> AIUI, part of the registration process's purpose is to give a default
> location for your new "tower" so that emergency responders at least
> know where to start looking if no better location information is available,
> e.g. because the caller can't speak or is disoriented.

A friend of mine has a Sprint Airave picocell in her house, and it came with
an external GPS antenna; if the cell can't lock a GPS position, it doesn't 
come online for calls.

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

They have the Internet in North Korea now?

2014-12-21 Thread Jay Ashworth 
Well, kind of:

  https://nknetobserver.github.io/

Cheers,
-- jra

-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Ars breaks Misfortune Cookie vulnerability news to public

2014-12-19 Thread Jay Ashworth 
While the flaw is 12 years old and the fix 9, the article suggests that
firmware for consumer routers may yet be being built with the vulnerable
webserver code baked in.

If you are responsible for lots of eyeballs you might want to look at this.

http://arstechnica.com/security/2014/12/12-million-home-and-business-routers-vulnerable-to-critical-hijacking-hack/

Have a nice Christmas weekend.  :-)

Cheers,
-- jra

-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: Relative cost of ONT and UPS for FTTP

2014-12-14 Thread Jay Ashworth 
- Original Message -
> From: "Jean-Francois Mezei" 

> Thanks to everyone who provided some valuable info in my query. based
> on a number of responses and some documents my buddy mr Google found
> for me, the cost for the drop to home including CPE ranges between $650 to
> $800. But most of those have full "bundle" deployments that include TV
> service.

I didn't realize that was what you were looking for; that's about the 
numbers I got 2 years ago for a 12,000 passing 100% deployment over a
3 sq mi city.  There was a lot of good information in those threads if
you're contemplating doing this from scratch; look for a couple threads
started by me in late 2012; July or on, I think.  Can't remember the
titles, but they oughtta stick out.

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: Comcast thinks it ok to install public wifi in your house

2014-12-11 Thread Jay Ashworth 
- Original Message -
> From: "Mark Andrews" 

> > Now, had Comcast pitched it as the Wi-Fi benefiting YOU because your
> > freinds you use their Comcast credentials to access your Wi-Fi, then
> > customers would not see this as Comcast using your hardware for its
> > own
> > benefit.
> 
> They do. Your friends don't even need to be Comcast customers.

They do?  They don't?  That's not the assumption that's been being made
here...

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: Comcast thinks it ok to install public wifi in your house

2014-12-11 Thread Jay Ashworth 
- Original Message -
> From: "Owen DeLong" 

> Does an 802.11 transmitter that was already being used to support
> their own WiFi network that they are paying for really consume vastly
> more electricity to support a second SSID? In my experience, that
> claim is hard to fathom.

If popular, the radio might have a higher transmit duty cycle, but as I
suggest in another post, maybe watthours per month.

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: Comcast thinks it ok to install public wifi in your house

2014-12-11 Thread Jay Ashworth 
- Original Message -
> From: "Larry Sheldon" 

> On 12/11/2014 07:10, William Herrin wrote:
> 
> > What Comcast is stealing is electricity. Pennies per customer times
> > a boatload of customers.
> 
> .and floorspace, physical security, air conditioning, and all
> sorts of labor overheads.

Nope; at that stage, Larry, you're makin it up.

In the particular case we're talking about here, Comcast -- who are not my
favorite people by any means -- have *enabled a feature built into the 
terminal device they're provisioning*.  It *might* increase the overall 
power consumption of that device by as much as 5-10 Wh/*month*.  The
increase in A/C won't register on the chart.  Physical security is no different
than it was otherwise: none.  And floorspace and labor?  It is, as they say,
to laugh.

If we want to diss Comcast, let us not descend to things they *are not* doing;
there are plenty of dissable things they *are* doing.

Cheers,
-- jr 'credibility: it matters' a
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: Comcast thinks it ok to install public wifi in your house

2014-12-11 Thread Jay Ashworth 
- Original Message -
> From: "Christopher Morrow" 

> On Thu, Dec 11, 2014 at 2:11 PM, George, Wes
>  wrote:
> > Their intended use is to give
> > access to visitors in your house and/or yard without you needing to
> > set up
> > a dedicated guest network or giving them your wifi password.
> 
> this seems like the key point here... comcast isn't actually
> benefiting (except perhaps in less calls about: "Someone reconfigured
> my AP ... now it's all screwy"
> 
> folk need to relax just a tad, and consider the technical implications
> here, outside of the conspiracy theories.

Alas, I cannot accept George's assertion (which is quite a different thing
from my thinking it's a conspiracy): In residential areas (non-multi-unit),
this is only going to help out *Comcast subscribers*.  If you have random
visitors over, it won't help them, as they can't get authed to the service.

Unless you give them your credentials, at which point they can use it 
everywhere, not just at your house.

And it doesn't let you help your neighbors for the same reason: if they
have their own creds for it, then they don't need your AP since they have 
one.

No, I'm having a hard time figuring out what the use case *is* for this service
as deployed against *residential* hardware, myself...

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: Comcast thinks it ok to install public wifi in your house

2014-12-11 Thread Jay Ashworth 
- Original Message -
> From: "Valdis Kletnieks" 

> On Thu, 11 Dec 2014 18:04:20 +, "Livingood, Jason" said:
> 
> > Right, so user name & password + MAC address. As more devices
> > support things like Passpoint, this will get more sophisticated.
> 
> OK, so it *does* do .1x authentication with the name/password, not
> just mac address. That's a lot less scary.. :)

Well, if we're still talking about Bright House customer wifi, the user/pass
auth is only on the first connection, and it's in-band.  Any device can 
associate to any of their APs, you just don't get anywhere until you auth the
first time, after which it just looks like open wifi to you.  So I don't think
it is .1x; that won't even let you associate if you can't authenticate, 
will it?  Or do I misunderstand .1x/.11?

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: Comcast thinks it ok to install public wifi in your house

2014-12-11 Thread Jay Ashworth 
- Original Message -
> From: "Scott Helms" 

> On Thu, Dec 11, 2014 at 9:24 AM,  wrote:
> 
> > On Thu, 11 Dec 2014 00:11:07 -0500, Jay Ashworth said:
> > > I will give them their props: I only had to sign in *once*, last
> > > year;
> > > their auth controller has recognized my MAC address at every spot
> > > I've
> > > used since.
> >
> > Actually, that's sort of scary if you think about it too hard.
> > Shared-secret
> > authentication has its flaws, but it still beats shared-nonsecret
> > auth.
> >
> > I really hope it's something on your laptop other than the mac
> > address

> It's very scary, and something I'm doing a paper on. It _is_ just MAC
> recognition, at least until you try and use a MAC address that's
> already active somewhere else.

MAC cloning isn't all *that* common, at least not for that usage.

The fact that it is *possible* provides some nice cover in certain
circumstances, I would guess.

As for "something else on my laptop", I'm not sure what else they could
see; I'd be surprised if they could get anything to run on SuSE 12.2. :-)

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: Comcast thinks it ok to install public wifi in your house

2014-12-10 Thread Jay Ashworth 
- Original Message -
> From: "Jeroen van Aart" 

> Comcast-supplied routers broadcast an encrypted, private wireless
> network for people at home, plus a non-encrypted network called
> XfinityWiFi that can be used by nearby subscribers. So if you're passing
> by a fellow user's home, you can lock onto their public Wi-Fi, log in
> using your Comcast username and password, and use that home's
> bandwidth.

Bright House/RoadRunner has been doing this in Tampa Bay for a couple years
now -- but they only do it on business installs.  It's how the Bright House
Wifi and CableWifi SSID services are provisioned.

Interestingly, they *do* do it with a separate cablemodem and a tee, and
a separate high-power access point; it's not built into the cablemodem 
provisioned for the business customer proper.  So space and power *would*
be an issue for these users, though I don't know that anyone's complained.

As another commenter noted, you do have to be a subscriber for their 
auth network to recognize you.

I will give them their props: I only had to sign in *once*, last year;
their auth controller has recognized my MAC address at every spot I've 
used since.

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: ARIN's RPKI Relying agreement

2014-12-04 Thread Jay Ashworth 
- Original Message -
> From: "Ca By" 

> On Thu, Dec 4, 2014 at 7:51 AM, Bill Woodcock  wrote:

> > All the specific legal feedback I’ve heard is that this is a
> > liability
> > nightmare, and that everyone wants ARIN to take on all the
> > liability, but
> > nobody wants to pay for it. Are you hearing something more useful
> > than that?

> This is the same legal feedback most lawyers will give you about
> settlement free peering as well.

And this delightfully illustrates what IMG's Mark MacCormack is pleased
to call "the Terrible Truth About Lawyers", to wit:

Lawyers believe that their job is to tell you what not to do.

Their *actual job* is to tell where risks lie, so that you can make 
informed business decisions about which risks to take, and how to
allow for them.

If you as a businessman believe the lawyers' point of view, though,
you will never accomplish anything.

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: Low-numbered ASes being hijacked? [Re: BGP Update Report]

2014-11-30 Thread Jay Ashworth 
- Original Message -
> From: "Joe Provo" 

> On Mon, Dec 01, 2014 at 12:53:07AM +0900, Paul S. wrote:
> > Do these people never check what exactly they end up originating
> > outbound due to a config change, if that's really the case?
> 
> Of course not because their neighbors are allowing it to
> pass; so as with all hijacks, deaggregation, and other
> unfiltered noise, the only care is traffic going in and
> out. QA (let alone automated sanity checks) are alien
> concepts to many, and "well it works" is the answer from
> some when contacted.

That's sort of the BGP equivalent to BCP38 filtering, isn't it?

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: Phasing out of telco TDM Backbones (was: Phasing out of copper)

2014-11-29 Thread Jay Ashworth 
- Original Message -
> From: "Nathan Anderson" 

kbones (was: Phasing out of copper)
> On Saturday, November 29, 2014 9:10 PM, Jay Ashworth <> wrote:
> > But let us not conflate being ok with telcos replacing analog copper
> > last-mile with being ok with telcos replacing PCM with VoIP,
> > especially
> > in trunking applications, ... [snip]
> 
> Let's also not conflate audio codecs with L2. "PCM" and "VoIP" are not
> mutually-exclusive things by any stretch.

Oh, sure.  But my point is this:

How many Erlangs can you fit through that clear-channel T-3?

There's man-centuries of engineering in the design of the TDM backbone,
and the people making the decisions about abandoning that design weren't
even alive, in some cases, when that work was done, and don't know what
"Notes On The Networks" is.

Cheers,
-- jr 'I can lay hands on my copy in 60 seconds' a
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Phasing out of telco TDM Backbones (was: Phasing out of copper)

2014-11-29 Thread Jay Ashworth 
- Original Message -
> From: "Måns Nilsson" 

> Maintaining copper plant is expensive. It will be retired as soon as
> buy-in on FTTH is high enough. Telia Sonera is doing it in Sweden,
> so the trend is global. (OTOH, in Sweden, young people moving out from
> their parents, if they can find somewhere to rent, usually only get a
> fixed connection for Internet access. Telephony is all mobile.)

Absolutely: maintaining analog copper last-mile is expensive.

But let us not conflate being ok with telcos replacing analog copper last-mile
with being ok with telcos replacing PCM with VoIP, especially in trunking
applications, and *especially* using non-dedicated backbones, as these are the
directions the RBOCs appear to be going in, and those are much less acceptable
ideas than the former.

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: Phasing out of copper

2014-11-28 Thread Jay Ashworth 
- Original Message -
> From: "Chuck Anderson" 

> Verizon in MA removes copper upon FiOS installation.

They do, and that's caused problems for some people who had competitive DSL
on their Verizontal copper POTS: They've had FiOS installed, and had the DSL
circuit mysteriously quit, only to find VZN had physically yanked the demarc
off the outside wall and reclaimed the drop.

I think there mighta been some lawsuits...

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: Transparent hijacking of SMTP submission...

2014-11-27 Thread Jay Ashworth 
- Original Message -
> From: "William Herrin" 

> I'm not sure I follow your complaint here. Are you saying that Comcast
> or a
> Comcast customer in Washington state stripped the STARTTLS verb from
> the
> IPv4 port 587 SMTP submission connection between you and a third
> party?

And, of course, *just* as I hit send, I remembered it was in RISKS, linking
to EFF:

  https://www.eff.org/deeplinks/2014/11/starttls-downgrade-attacks

Note that's dated 11 November, so this is a couple weeks old now.

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: Transparent hijacking of SMTP submission...

2014-11-27 Thread Jay Ashworth 
- Original Message -
> From: "William Herrin" 

> > that's essentially a downgrade attack on my ability to use
> > encryption
> > which seems to be in pretty poor taste frankly.

> 
> I'm not sure I follow your complaint here. Are you saying that Comcast
> or a
> Comcast customer in Washington state stripped the STARTTLS verb from
> the
> IPv4 port 587 SMTP submission connection between you and a third
> party?

Yup; that's what he's saying.  This was in the technical press earlier this
week -- or the end of last.

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

It's 7pm. Do you know where *your* domains are? (was Re: Craigslist hacked?)

2014-11-24 Thread Jay Ashworth 
In light of the CL domain hijacking, it seems like a good time to ask
if everyone has an inventory system that keeps track of all the details
(including renewal dates) for their domain registy and SSL certificate
accounts.

If you use a tool to keep track of this, which one?

Do you have things set up in your monitoring system to watch for changes
in this stuff?

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Anyone heard from Jared lately?

2014-11-20 Thread Jay Ashworth 
He generally provides same-day service on email, but...

Hope all is well.

Cheers,
-- jra
Moderator @ outages
-- 
Sent from my Android phone with K-9 Mail. Please excuse my brevity.

Re: Brian Krebs' new book is out.

2014-11-19 Thread Jay Ashworth 
- Original Message -
> From: "Roland Dobbins" 

> This is an important book - well worth your time, and, more
> importantly, accessible to non-specialists (such as BDMs):
> 
> 
> 
> 
> It's not about spam, per se. It's about the global underground economy,
> and includes a lot of insight into internecine warfare amongst online
> criminals, including DDoS attacks with huge collateral damage
> footprints; and also talks about the origins of the Blue Security fiasco
> and subsequent DDoS, DDoS attacks against Spamhaus, etc.

Krebs is pressing the book, of course; here's a link to Terry Gross' Fresh Air
interview with him from earlier this week.

http://www.npr.org/blogs/alltechconsidered/2014/11/18/364730954/how-a-feud-between-two-russian-companies-fueled-a-spam-nation

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Fwd: Level 3 Acquires tw telecom

2014-11-03 Thread Jay Ashworth 
L3 announcement from this morning's mail.

Cheers,
-- jra


 Original Message 
From: Level 3 Communications 
Sent: November 3, 2014 12:15:41 PM EST
To: j...@baylink.com
Subject: Level 3 Acquires tw telecom



View  on Mobile Phone 

 

View  as Web Page 





A special message to our valued customers,

We are excited to bring tw telecom and Level 3 together as we work to become 
the premier provider of communications services globally. The combination of tw 
telecom and Level 3 offers our customers, an advanced operating environment 
that delivers local to global advanced network solutions.

Current Level 3 customers will benefit from thousands of new connected 
buildings, which will enable a higher quality, more reliable on-net experience. 
And tw telecom customers will benefit from Level 3’s extensive local-to-global 
footprint in more than 60 countries, substantial undersea networks and access 
to our data centers around the world.

Along with the additions to our global infrastructure, existing and prospective 
customers will benefit from an expanded product portfolio, targeted at helping 
enterprises, government agencies and carriers manage their networks efficiently 
and securely.

There will be some changes ahead, but one thing you can be assured won’t change 
is our commitment to you. Whether you are a tw telecom customer, a Level 3 
customer, or both -- we remain intensely focused on solving the challenges you 
face as your business’ communications requirements grow.

As we work to integrate our teams, your current account teams will remain the 
same. I encourage you to connect with your account team if you have any 
questions or concerns about day-to-day business. 
Moving forward, any changes that affect you will be communicated to you in a 
clear and timely manner. 
Our commitment is that we will continue to take end-to-end responsibility for 
the secure, reliable network experience we provide to you. That means we will 
be easy to do business with, responsive and will deliver on our promises.

We appreciate your business and confidence, and look forward to serving your 
needs now and in the future. Welcome to the new Level 3 Communications.

To learn more about the acquisition click here 
.

Sincerely,

John Blount
Regional President, North America and APAC


This email message may be considered an advertisement or solicitation.

Level 3 Communications, 1025 Eldorado Blvd., Broomfield, CO, 80021

Unsubscribe
http://app.your.level3.com/e/u.aspx?s=2310&elq=6703751e689f4b9299d28410aaaea5c7

Privacy
http://www.level3.com/en/privacy/?elq=6703751e689f4b9299d28410aaaea5c7&elqCampaignId=1328

Legal
http://www.level3.com/en/legal/?elq=6703751e689f4b9299d28410aaaea5c7&elqCampaignId=1328

© by Level 3 Communications, LLC. All rights reserved
-- 
Sent from my Android phone with K-9 Mail. Please excuse my brevity.

  1   2   3   4   5   6   7   8   9   10   >