ASR9K xml agent vs netconf

[Jeremy]

Hi There!

I'm currently working on writing some automation around the ASR9K platform
and I've been looking at both the netconf and xml interfaces. Anyone have
experience with either?

It looks like the XML interface is much more feature rich, supporting both
config and operational state objects where netconf is limited to config
only.

Currently I'm leaning towards the xml interface, but netconf would come
with the appeal of using a standard and any libraries I write for it may be
usable with other platforms.

Thoughts? experiences? mistakes? wins?

Thanks!
Jeremy

Nexus 9k, packet loss through switch on vlan without SVI

[Jeremy]

Running into some weird issues with a Cisco Nexus9k.

We have a Cisco 3750X pair stacked, port channel (2x 1G) to a two different
blades on a Nexus9k. Isolating the links of the port channel , on one link
we can consistently get 800mbps (using iperf), or the other link we
consistently get ~34mbps.

we have seen this across multiple 3750X stacks.

The vlan we were on is just layer2 through the n9k, there are no IP
addresses. We were able to (apparently) resolve this issue by creating an
SVI on the n9k, with an empty config.

Now, even isolating links we can get ~800mbps across the n9k, through the
various 3750X stacks.

I am confused why creating the SVI would have an impact on this, and why it
wouldn't be consistent across both links. If the lack of SVI were at fault,
I would be less surprised if it just flat out didn't work, but this partial
working state feels very odd.

Anyone else seen this? Thoughts? Could traffic be hitting the CPU while
going across modules? This feels like quirky n9k internals...

Thanks!
Jeremy

PS: no CRC errors found on interfaces, all looked clean

Cloudflare reverse DNS SERVFAIL, normal?

[Jeremy]

We're seeing a huge uptick in reverse dns lookup failures across an app,
99% are all for Cloudflare ip addresses.

Instead of seeing a PTR or NXDOMAIN we're getting back SERVFAIL.

Does anyone know if this is a standard response from them? Do they not have
reverse DNS setup for their networks?

Trying to narrow this down to see if it's a result in a change in how our
application handles these errors or if there's an issue going on with
cloudflare's DNS setup.

Thanks!
Jeremy

DWDM on 250 Km dark fiber without re-amplification

[Jeremy]

Hi all,

First, i'm sorry for my english, i'm french and i don't have a good 
level in this language. But i want some informations and i'm sure, 
someone will be give the good anwser about my question.


So, i'm regarding to rent a dual dark fiber in France, the estimated 
distance is 225 Km, but i know there are a lot of optical switching on 
the highway where it's fiber is installed (in theory, all 80 Km). So, i 
used the bad scenario, in adding 25 Km on my need.


I would like to buy a amplificator and multiplexer DWDM to add some 
10Gb/s waves on this dark fiber. I've see that the amplification is 
better on 100 Gb/s synchronised ports, but we don't have enoug capacity 
on our router to add 100 Gb/s interfaces.


So, someone has installed this type of hardware on a dark fiber without 
regeneration  on 250 Km of distance ?
If yes, with what kind of hardware ? If you are commercial for this 
hardware, please contact me in private message.


Thanks you for your time,
Jérémy
AS197922

OADM spliting

[Jeremy]

Hello the nanog list,

I'm searching for a OADM CWDM splitting module which can be placed in a 
BEP outdoor box (this OADM module must have a EAST input and a WEST 
output, with the capacity to active the split for each waves or not)  
with the 2 mux/demux rack 19". Classics CWDM waves needs (1470-1610 nm 
with 8 channels).


If you know a good BPE which can accept 10 x 1.5 fibers opticals cables 
I/O and with SC connectors, we like it if you can add it in your quote.


Are there someone here who can send a quote for this hardware and who 
can send this hardware very quickly to France ?


Thanks,

Re: quietly....

[Jeremy]

Has there been any discussion about allocating the Class E blocks? If this
doesn't count as "future use" what does? (Yes, I realize this doesn't *fix*
the problem here)

-Jeremy

On Mon, Jan 31, 2011 at 10:15 PM, Jack Carrozzo  wrote:

> On Mon, Jan 31, 2011 at 9:55 PM, Jimmy Hess  wrote:
>
> >
> > IPv4's not dead yet;  even the first  RIR exhaustion probable in  3 -
> > 6 months  doesn't end the IPv4 ride.
> >
> > There is some hope more IPv4 organizations will start thinking about
> > their plans for establishing connectivity with IPv6;  so they can
> > commmunicate with IPv6-only hosts that will begin to emerge
> > later.
> >
>
> What organizations (eye networks) will do is layer NAT till the cows come
> home for some years to come. Buckle up!
>
> -Jack Carrozzo
>

Re: Level 3 blames Internet slowdowns on ISPsâ EURO(tm) re fusal to upgrade networks | Ars Technica

[Jeremy]

And of course that only last until someone else decides to buy the
competition, I mean "invest in other companies".
On Mar 20, 2014 7:58 PM, "Mike."  wrote:

> On 3/20/2014 at 4:17 PM Bryan Fields wrote:
>
> |On 3/20/14, 12:34 PM, Blake Hudson wrote:
> |> The solution seems to be competition or regulation.
> |I'd prefer competition to regulation.
>  =
>
> If real and true competition exists, yes.
>
>
>
>
>

Re: Google burp

[Jeremy]

I had my service go down and come back and when it came back i have
the new reply/compose features of the new gmail system

http://techcrunch.com/2012/10/30/googles-gmail-launches-new-compose-email-view-and-reply-experience-that-will-save-you-time/

It wasn't there before

On Wed, Oct 31, 2012 at 10:06 PM, Michael Sinatra
 wrote:
> On 10/31/12 2:55 PM, Blair Trosper wrote:
>> I guess I'll be the one to ask...what's going on over at Google?  Service
>> interruptions and front-end errors all over the place across what appears
>> to be all services, though Gmail seems to have bounced back up.  Google's
>> service disruption is about to bring Twitter's service to its knees as
>> people complain and try to figure out what's going on.
>>
>> Blair Trosper
>> Updraft Networks & The North Texas GigaPOP
>>
>
> It's back working for me (after just a few minutes of brokenness), but I
> have to say I really loved the "out of order" splash page I got when my
> calendar went down:
>
> "Sorry, there seems to be a problem.  The service you're looking for is
> temporarily unavailable.  Please try again in a few hours.  Thanks for
> your patience."
>
> Ahem, a few *hours*?
>
>
>

802.11 MAC Point Coordination Function

[Jeremy]

Hi All,
I'm doing some research on 802.11 quality of service, congestion control,
etc. I'm trying to find some information on the Point Coordination
Function, a polling based access control method, but I'm having a hard time
finding much in the way of vendor support. I have access to some cisco
1242's, 1140's and 1252's and I've been searching the Cisco's site and
can't find a real answer on whether or not it's supported let alone how to
configure it.

Does anyone have any experience with this? Does Cisco have some special
name for it aside from PCF? Any help would be appreciated!

Thanks,
Jeremy

Re: Comcast cable modem software update push

[Jeremy]

On 7/22/2012 2:56 PM, Dave Sotnick wrote:

Dear Nanog Users,

I have recently been plagued by intermittent lockups on my Motorola
BitSurfer 6121 cable modem, which I purchased based on Comcast's lists
of recommended devices, and having good experience with Motorola
products in the past. There's a good discussion on this topic here:
http://goo.gl/SfHdh

My technical question for the group is: When I finally talk to Comcast
Tier 2 this week, what do I need to tell them to convince them that
pushing out an update to SB6121 modems is a good idea? They seem
convinced the onus is on Motorola to provide updates. This is not how
DOCSIS 3.0 works!

FWIW, the installed OS is 1.0.3.3 dated Aug 12 2010. The most recent I
have heard of is 1.0.6.6. Apparently this fixes the lockups.

Any tips greatly appreciated.

-Dave



Dave,

/lurk mode off

Each MSO has its own procedures for reviewing and certifying firmware 
for their networks.  The various DOCSIS features work with varying 
levels of success on different code revisions, so the testing tends to 
be extensive.   When I worked at an MSO in my previous position, the 
process would be to lab test and then field soak for several months 
prior to releasing an update.  Even then, we would still be bitten by 
bugs with strange trigger conditions.  Assuming that process is the same 
at Comcast, you are likely to have little success in convincing them to 
speed up the deployment of new code, especially if the DOCSIS 
engineering group has not completed testing and fully vetted the code.


You best bet is simply to see if there is newer code available that they 
have approved.   Just for comparison, I have a Moto Surfboard 6121 
attached to TWC and I'm on firmware version 1.0.5.1 dated 12/21/2010 
(possibly installed when I was still a Cox customer).


/lurk on

Jeremy

MPLS Traffic Engineering Help

[Jeremy]

Hi Everyone,
I could use a little help on MPLS and Traffic Engineering. Right now I'm
just trying to wrap my head around it. I currently have a couple tunnels
going in either direction, those are working fine (but certainly took me
long enough to get them working!) and I can direct traffic over them easy
enough. Now I'm looking into allocating/reserving bandwidth for a given
tunnel and if possible have it react to increased network loads and
recalculate its path if need be.

(Poor) Example:
I have two paths that two different tunnels (A and B) that will go over a
T-1 and 100mbps ethernet. A is more important than B. When traffic is low,
I'd like them both to go over the 100mbps link so either tunnel can fill
the pipe, but if Tunnel A requires more bandwidth, Tunnel B should react
and move to the T-1. Is this possible? or am I horribly confused?

I'm not really looking for the exact commands or the 'answer' to this
problem, but some guidance would be greatly appreciated. I'm working with
Cisco gear, 2800's and such. This is purely an academic exercise.

Thanks!
Jeremy

ASR 1006 question

[Jeremy]

Hey All,

I think i may be noobing this one here, any help would be appreciated. We
have an ASR1006 with a SIP and a 2x1gbps SPA. Right now we have:

 2800 g0/0<- -> ASR1006 g1/0/0

All we're trying to do is set an IP address on each interface so we can ping
(192.168.1.1 on the 2800, 192.168.1.2 on the ASR). We have the IPs
configured on both but it's just not working. The 2800 is fine, if we attach
a laptop to it and ping it works as expected. However when we attach the
laptop to the ASR no ARP or ICMP messages are sent from the ASR, wireshark
shows no traffice what so ever. The Interface is up/up and it was a fresh
config, all we've done is add the IP address. Any thoughts? This shouldn't
be this hard so I must be overlooking something silly.

Thanks!
-Jeremy

Re: Rogers Canada using 7.0.0.0/8 for internal address space

[Jeremy]

Please excuse my ignorance on this and note that I am not condoning the
hijacking of IP address space.

As long as necessary precautions are taken (route filters, tunnels, VRF's)
shouldn't this be technically feasible without any negative ramifications?

These 7-NET address seem to be assigned to the modem itself, but surely they
aren't what the customer sees at thier WAN IP address right? So as long as
the modem is configured to send ALL traffic, regardless of destination
address (could be a 7NET dst) over a GRE tunnel to some aggregation point
via its acquired 7-net address and all routers were to keep the 7net on a
separate VRF, shouldn't they be able to avoid any IP collisions? Couldn't
you theoretically use anyone's IP space, advertised or not, for this
internal transit? I'm not saying it's a good idea, it's certainly more
complex which leads to its own issues, but shouldn't it be possible?

-Jeremy

On Tue, May 24, 2011 at 9:50 PM, Steven Bellovin wrote:

>
> On May 24, 2011, at 9:29 06PM, Jay Ashworth wrote:
>
> > - Original Message -
> >> From: "Jimmy Hess" 
> >
> >> On Tue, May 24, 2011 at 4:34 PM,  wrote:
> >>> I think those within the organization that deploy those vehicles or
> >>> are Navy SEALs might sit at different lunch tables than the guys
> worried
> >>> about IP address collisions. ;-)
> >>
> >> The F/A-18 Hornets, F/A-22 Raptors are well, and good, but that's old
> >> technology The folks in charge of the MQ-1 predator drones might sit
> closer to
> >> the guys worried about the IP addresses.
> >>
> >> And automated drone strikes can always be blamed on a malfunction
> >> caused by the hijacking
> >
> > If packets that control armed drones cross any router that has access
> even to
> > SIPRnet, much less the Internet, someone's getting relieved.
>
>
> http://www.eweek.com/c/a/Security/Militants-Hack-Unencrypted-Drone-Feeds-477219/
>
>--Steve Bellovin, https://www.cs.columbia.edu/~smb
>
>
>
>
>
>
>

Re: ICANN to allow commercial gTLDs

[Jeremy]

well, crap. That's all I have to say :(

On Fri, Jun 17, 2011 at 4:16 PM, mikea  wrote:

> On Fri, Jun 17, 2011 at 05:04:25PM -0400, Jay Ashworth wrote:
> > Aw, Jeezus.
> >
> > No.  Just, no.
> >
> >   http://tech.slashdot.org/story/11/06/17/202245/
>
> Yeah. Maybe ICANN needs its own special TLD: .idiots?
>
> --
> Mike Andrews, W5EGO
> mi...@mikea.ath.cx
> Tired old sysadmin
>
>

Re: unqualified domains, was ICANN to allow commercial gTLDs

[Jeremy]

"DK" may not be hierarchical, but "DK." is. If you try to resolve "DK" on
it's own, many (most? all?) DNS clients will attach the search string/domain
name of the local system in order to make it a FQDN. The same happens when
you try and resolve a non-existent domain. Such as
alskdiufwfeiuwdr3948dx.com, in wireshark I see the initial request followed
by  alskdiufwfeiuwdr3948dx.com.gateway.2wire.net. However if I qualify it
with the trailing dot, it stops after the first lookup. DK. is a valid FQDN
and should be considered hierarchical due to the dot being the root and
anything before that is a branch off of the root. see RFC1034

-Jeremy

On Sun, Jun 19, 2011 at 7:08 PM, Mark Andrews  wrote:

>
> In message , Paul Vixie writes:
> > Adam Atkinson  writes:
> >
> > > It was a very long time ago, but I seem to recall being shown
> http://dk,
> > > the home page of Denmark, some time in the mid 90s.
> > >
> > > Must I be recalling incorrectly?
> >
> > no you need not must be.  it would work as long as no dk.this or dk.that
> > would be found first in a search list containing 'this' and 'that', where
> > the default search list is normally the parent domain name of your own
> > hostname (so for me on six.vix.com the search list would be vix.com and
> > so as long as dk.vix.com did not exist then http://dk/ would reach
> "dk.")
> > --
> > Paul Vixie
> > KI6YSY
>
> DK should NOT be doing this.  DK is *not* a hierarchical host name
> and the address record should not exist, RFC 897.  The Internet
> stopped using simple host names in the early '80s.  In addition to
> that it is a security issue similar to that described in RFC 1535.
>
> Mark
> --
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
>
>

Re: What do you think about the Juniper MX line?

[Jeremy]

Heh, I spent about 3mo evaluating/testing SRX's and I agree they had
potential but left /a lot/ to be desired.

-Jeremy

On Mon, Jun 27, 2011 at 2:45 PM, Owen DeLong  wrote:

> Sorry... I misspoke. My comments related to the SRX series and not the MX.
>
> The MX is a fine product in my experience.
>
> Owen
>
> On Jun 25, 2011, at 10:03 PM, Howard Hart wrote:
>
> >
> > We have a couple installed as our edge routers.
> >
> > Pluses -  solid as a rock, easy to administer, and will take some
> extremely high packet rates for relatively low cost (important for us since
> we use them for VoIP traffic). If you're approaching the capacity of a 1GB
> uplink, I highly recommend these as your first step to 10 GB.
> >
> > Minuses - careful on your MX80 version. The MX80-48T includes a built in
> 48 port 1 GigE switch, but we've had compatibility issues with it and other
> vendors switches. The modular version that replaces the MX80-48T costs quite
> a bit more, but it does give you a lot more connection and compatibility
> options.
> >
> > Howard Hart
> >
> > On Jun 25, 2011, at 9:37 PM, "Ryan Finnesey"
>  wrote:
> >
> >> I would love to know the same I am looking at the MX line as well for a
> >> new network build-out
> >>
> >> Cheers
> >> Ryan
> >>
> >>
> >> -Original Message-
> >> From: Chris [mailto:behrnetwo...@gmail.com]
> >> Sent: Saturday, June 25, 2011 9:29 AM
> >> To: nanog@nanog.org
> >> Subject: What do you think about the Juniper MX line?
> >>
> >> Hello,
> >>
> >> I've been doing some research into using the MX line of Juniper routers
> >> and was interested in hearing people's experiences (the good, bad, and
> >> ugly). What do you like about them? What do you dislike?
> >> Where are you putting them in your network? Where are you not putting
> >> them? Why? What other platforms would you consider and why? I hope to
> >> hear some candid responses, but feel free to respond privately if you
> >> need to.
> >>
> >> Thanks!
> >>
> >>
>
>
>

Re: [policy] When Tech Meets Policy...

[Jeremy Hanmer]

On Aug 13, 2007, at 11:40 AM, Steve Atkins wrote:



A question to the registrars here: What fraction of legitimate
domain registrations are reversed because the customer
didn't know how to spell, and noticed that within the five
day "dictionary time"?


From what I've seen here, most customers notice within minutes or  
(in the worst cases, hours), not days.  And these are the same  
customers that might go 6-12 months without noticing that their  
domain has expired.

Re: BGP or MPLS issue AT&T in New York?

[Jeremy Falling]

We are in NH and I'm seeing issues with L3 and uunet. BGP seems fine but
our customers have having issues connecting to us from other providers.

Jeremy


On Fri, 2009-10-02 at 13:09 -0700, David Hiers wrote:
> We're getting weird approachability issues on some of out networks,
> losing IP path without BGP changes.
> 
> 
> 
> On Fri, Oct 2, 2009 at 1:00 PM, Christopher J. Pilkington
>  wrote:
> > Anyone notice anything bizarre with AT&T in New York?  We had our cage
> > at 811 10th Avenue (advertised by AS7018) unreachable from several
> > other providers for about 20 minutes, it just recently came back.
> >
> > At the same time, we lost MPLS service (not link, forwarding across
> > the cloud) at another site with AT&T.  Both issues resolved
> > simultaneously.
> >
> > Just curious...
> > Chris
> >
> >
> 

Re: qwest outage no notice

[Jeremy Rossi]

Give the nature of the issue from juniper I am guessing that a large number of 
companies were doing upgrades over the last few days as fast as they could. 
http://j.mp/8XaReK has the details I know of now.  

On Jan 7, 2010, at 5:14 AM, Steve Ryan wrote:

> Any other specifics?  Got a trouble ticket ID?
> 
> I'm located in the NW (Talent, Oregon, just over CA border..) and we have a 
> few customers on Qwest T1's and the like.  We also have a customer who gets 
> MPLS directly from Q.
> 
> We've yet to hear of any outages for our customers - but I suppose the night 
> is still young...
> 
> Any other information you got might be helpful..
> 
> Regards,
> 
> Steve
> 
> On 1/7/2010 2:04 AM, Mike wrote:
>> We just had a qwest outage of about 2 mins at 1:41am pst. When I called to 
>> report it I was told it was a 200+ emergency software upgrade due to a 
>> security concern, and that we will get a notice later after the fact. 
>> Normally we get notices in advance, even for software upgrades due to 
>> security or other important issues, so I am curious if other qwest customers 
>> had the same experience and wether this is how it's going to be from here on 
>> in? The affected platform was juniper and I'd love to know the specfic case 
>> being addressed here.
>> 
>> Mike-
>> 
> 

RE: Renumbering, was: [NANOG] Multihoming for small frys?

[McMasters, Jeremy]

I worked for an ISP that was bought by another ISP and had to assign all
new IP's roughly a /16 worth.  Good times.  Only one ASN thank goodness

-Original Message-
From: Deepak Jain [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, May 21, 2008 4:09 PM
To: nanog list
Subject: Re: Renumbering, was: [NANOG] Multihoming for small frys?


Can we all agree that while renumbering sucks, a /24 (or less) is a 
pretty low-pain thing to renumber (vs. say, renumbering a /20 or shorter

prefix?) In an ideal world, you never have to renumber because your 
allocations were perfect from the get-go.

We've all been to the other, more realistic place, no?

While we all feel pain for folks who have to do renumbers, even if EVERY

single host in there is a MAJOR dns server (which is my personal worst 
case) for MAJOR sites, even *that* has become much easier to address 
than it used to be.

This is probably rhetorical, but I feel like some threshold of 
materiality should be roughly described so Operators don't get whipsawed

  over variable length renumbers longer than a certain length.


DJ

Re: Power/temperature monitoring

[Jeremy Anderson]

http://akcp.com/company/sensorProbe8.htm

Everything you need.  

Jeremy


On Fri, 2008-05-30 at 09:58 -0500, Frank Bulk wrote:
> Hopefully monitoring the status of a network is on-topic.
> 
> I'm looking for temperature and power monitoring unit to install in some
> remote BWA cabinets.  We had two incidents where we lost power in a town and
> we weren't aware of it until the backup batter drained to empty, and another
> situation where the cabinet became too cold.  Because these cabinets are
> less than 19" wide and just 3-5" deep, I need something quite small.  I did
> find one product but it requires four components (unit with built-in
> temperature sensor, adapter, and AC power sensor, plus power supply)
> 
> Perhaps there's someone on this list who has gone down this road and can
> point me to a good product.
> 
> Required:
> - temperature sensor
> - 110 VAC power monitoring (on/off, not necessarily current)
> - Ethernet interface (at least SNMP, Web GUI and 
> 
> Optional:
> - fed via 12 VDC power
> - 12 VDC power monitoring (current)
> - humidity sensor
> 
> 
> Frank
> 
> 

Re: Sending vs requesting. Was: Re: Sprint / Cogent

[Jeremy Hartman]

On Sat, Nov 1, 2008 at 6:20 AM, bas <[EMAIL PROTECTED]> wrote:

> On Fri, Oct 31, 2008 at 7:03 PM, Patrick W. Gilmore <[EMAIL PROTECTED]>
> wrote:
> > If Sprint is upset that Cogent is sending Sprint much more traffic than
> > Sprint is sending Cogent, how does Sprint sending Cogent even less
> traffic
> > (and making the ratio even worse) help Sprint?  Why would Cogent care?
>
> Why does everyone keep referring to traffic flows as sendng?
> In this case it's not as if Cogent just randomly sends data to Sprint.
>
> Sprint customers are requesting content from Cogent customers right?
> So Sprint depeers Cogent because Sprint customers are requesting to
> much content from Cogents customers?
>
> I've heard eyeball networks refer to traffic flows as sending too..
> "You content hosters are sending us too much traffic, we want money to
> upgrade ports and transport all that traffic"  Complete reverse logic
> imho. It is always eyeball network customers that request data.
> (except for a small portion of iphone/blackberry push email, but that
> can't account for much.)
>
> Bastiaan
>
>
it makes little to no difference how you skin that cat... the traditional
model still plagues so called "content rich" networks and has been used,
shamelessly, by the eyeball networks with no end in sight.  i am by no means
defending cogent, nor do i claim to know that ratios are the only item on
the list of violated peering agreement clauses.

my particular complaint is that with the upswing of broadband in this
country it is continually less and less to do with "how many direct eyeballs
do i have" and more to do with "to which cable/dsl providers do i provide
transit."  the former was used as a cost-model basis for the eyeball
networks requiring ratios as it was far more expensive to establish a broad
presence to provide eyeball connectivity... the latter does not match that
logic and has yet to filter it's way into fair settlement-free peering
agreements.

/jer

Re: Advice/resources for setting up TACACS server

[Jeremy Hanmer]

We use tac_plus with good results:

http://www.shrubbery.net/tac_plus/

On Nov 7, 2008, at 2:56 PM, Leslie wrote:

Do you have any suggestions for a free tacacs server which will run  
on linux ? I have so far been unable to find any and the tacacs+  
source code hasn't been updated since around 2000


Leslie

On Nov 7, 2008, at 2:43 PM, Eddy Martinez wrote:


I second the TACACS+

Thats what you want. Same effort for the most part, to implement.

Eddy

On Nov 7, 2008, at 2:39 PM, Steven King wrote:


I disagree with the RADIUS suggestion. TACACS+ is a much more secure
protocol. It encrypts the packet contents and has a more secure
handshake procedure.

Leslie wrote:
The best answer actually does seem to be to use freeradius  
instead of
tacacs, so I will probably go with that (though if anyone has any  
good

tips on freeradius, please, let me know)

Leslie

On Nov 7, 2008, at 1:30 PM, Leslie wrote:


Hi --

We are currently trying to set up a TACACS server for  
authentication
to our network gear and have it run on suse linux hosts.  Does  
anyone

have any advice/good webpages or guides regarding this?

Thank you very much in advance!

Leslie





--
Steve King

Network Engineer - Liquid Web, Inc.
Cisco Certified Network Associate
CompTIA Linux+ Certified Professional
CompTIA A+ Certified Professional

Re: godaddy spam / abuse suspensions?

[Jeremy Jackson]

or how about using an NS that returns ICMP errors instead of NXDOMAIN,
perhaps using anycast for reducing network load?

Would that stop the timeout errors?  server is still lame, you just know
faster?

On Mon, 2008-11-17 at 05:15 +0530, Suresh Ramasubramanian wrote:
> On Mon, Nov 17, 2008 at 4:20 AM, James Hess <[EMAIL PROTECTED]> wrote:
> > One of the secondary/tertiary recursive resolvers may hand the client
> > a cached response that had been obtained before the registrar took any
> > action.
> 
> Yes, and that'd  make a good case for the good old ops practice of
> dialing down the TTL for a while before any NS change is made.
> 
> --srs
> 
-- 
Jeremy Jackson
Coplanar Networks
(519)489-4903
http://www.coplanar.net
[EMAIL PROTECTED]

Re: godaddy spam / abuse suspensions?

[Jeremy Jackson]

On Mon, 2008-11-17 at 05:15 +0530, Suresh Ramasubramanian wrote:
> On Mon, Nov 17, 2008 at 4:20 AM, James Hess <[EMAIL PROTECTED]> wrote:
> > One of the secondary/tertiary recursive resolvers may hand the client
> > a cached response that had been obtained before the registrar took any
> > action.
> 
> Yes, and that'd  make a good case for the good old ops practice of
> dialing down the TTL for a while before any NS change is made.

That would work only if Godaddy was considering suspending it for
greater than TTL time before actually suspending them...it takes the
same time to dial-down TTL (old TTL time) then change it, as it does to
just change it outright.

-- 
Jeremy Jackson
Coplanar Networks
(519)489-4903
http://www.coplanar.net
[EMAIL PROTECTED]

Re: TRIP deployment?

[Jeremy Jackson]

http://xconnect.net/ is the big ENUM provider, I think that's the method
that has gained popularity for VoIP Peering on the signaling end.  TRIP
sounds like it would be useful for finding QoS routes for media streams.

On Mon, 2008-11-24 at 15:20 +, [EMAIL PROTECTED] wrote:
> I'm not sure if this is the right mailing list for this question: how  
> widely is TRIP (Telephone Routing over IP [RFC3219]) deployed / used in  
> current networks?
-- 
Jeremy Jackson
Coplanar Networks
(519)489-4903
http://www.coplanar.net
[EMAIL PROTECTED]

Re: an over-the-top data center

[Jeremy Jackson]

On Sun, 2008-11-30 at 23:05 -0500, Patrick W. Gilmore wrote:

> Now compare that to forcing every single participant to use unknown  
> fiber paths into an unknown facility.  When are these fibers groomed,  
> and onto which unknown paths?  Which fiber maintenance schedules might  
> impact me without my knowledge?  Which construction projects elsewhere  
> in the city might take me down and there's no way for me to even  
> predict that?  Etc., etc.
> 
> I would prefer to take my chances with the known quantity,  
> thankyouverymuch.  Feel free to do with your network as you please.
> 

I wonder if there is a solution, in general to diverse physical
routing... if you buy from multiple carriers, they might very well share
the same fibre condo, or the same dark fibre vendor.  if you buy
diversity from one vendor, with only handwaving as the guarantee, you
end up with Bell Canada's CO fire a couple years ago, that took down
things which were *supposed* to be redundant.

What are people's experience with knowing the physical routing?  NetNod
may be over-the-top secrecy wise, but are *any* carriers/facility
providers any more "free" with information about the details of where
their infrastructure is that supports the services you are buying?

It seems the general practice is to claim everything is on a
need-to-know basis, with the unspoken/unwritten caveat that nobody's
needs will ever be considered valid?

-- 
Jeremy Jackson
Coplanar Networks
(519)489-4903
http://www.coplanar.net
[EMAIL PROTECTED]

RE: an over-the-top data center

[Jeremy Jackson]

On Tue, 2008-12-02 at 10:33 +0100, Måns Nilsson wrote:

> > 4) With all of that fog and plant life, I wonder how they critically
> > manage humidity. [Or if they even do].
> 
> I have been told by people who have been working with the construction of
> this very site that it is an unusually dry cave. It is pretty high up by
> Stockholm standards, which helps. 
> 

Seems like dry-ice was used to make the "tropical fog" in the photos,
not water poured over hot rocks like a sauna/bath house.

-- 
Jeremy Jackson
Coplanar Networks
(519)489-4903
http://www.coplanar.net
[EMAIL PROTECTED]

Re: an over-the-top data center

[Jeremy Jackson]

On Tue, 2008-12-02 at 21:49 +, Nick Hilliard wrote:
> chuck goolsbee wrote:
> > would look, other than the granite walls
> 
> On the subject of suitability problems, unless there is good air
> circulation in these bunkers from the outside, radon seepage from the
> surrounding granite has the potential to cause a lot of health problems for
> any unlucky punter who happens to work in there, although it's unlikely
> that it would have any effect on any equipment housed in the facility.

So control systems in nuclear power plants don't need any extra
shielding to prevent "glitches"?  

VoIP E911 - was: Telecom Collapse?

[Jeremy Jackson]

With one provider in Canada at least, the E911 address to phone number
registration is a large bureaucratic manual process, likely involving
fax machines.  

Meanwhile, the ILEC presumably has an address in a database for the
loop...

So, I wonder about more direct access to PSAPs by CLEC, anywhere from
dark fibre to database API?

On Wed, 2008-12-03 at 23:10 -0800, Mike Lyon wrote:
> That makes two of us...
> 
> Anyways, for residential VOIP, where are we these days with E911? Are
> providers like Vonage and such providing reliable E911 when people
> call 911? That is one of the major problems I see with the residential
> realm going with VOIP offerings...
> 
> -Mike

-- 
Jeremy Jackson
Coplanar Networks
(519)489-4903
http://www.coplanar.net
[EMAIL PROTECTED]

RE: List Help

[Furr, Jeremy]

If you can't see posts to the list or responses, why would you go to the
list for help?


P Go Green! Print this email only when necessary. Thank you for helping Time 
Warner Cable be environmentally responsible.
 
 
-Original Message-
From: Dennis Dayman [mailto:den...@thenose.net] 
Sent: Thursday, January 08, 2009 5:48 PM
To: Nanog
Subject: List Help

So I apologize for that test, but I can no longer see posts to the  
list. I can send to the list, but I don't get a copy of my posts or  
anyone else's. My MTA is not blocking anything nor does it ever get a  
connection from MERIT mail servers to send me a copy of the posts. I  
also don't receive PSWD reset emails.

Anyone know who I can talk to?

-Dennis


This E-mail and any of its attachments may contain Time Warner
Cable proprietary information, which is privileged, confidential,
or subject to copyright belonging to Time Warner Cable. This E-mail
is intended solely for the use of the individual or entity to which
it is addressed. If you are not the intended recipient of this
E-mail, you are hereby notified that any dissemination,
distribution, copying, or action taken in relation to the contents
of and attachments to this E-mail is strictly prohibited and may be
unlawful. If you have received this E-mail in error, please notify
the sender immediately and permanently delete the original and any
copy of this E-mail and any printout.

Re: Any twitter admins here?

[Jeremy Gaddis]

On Fri, Feb 20, 2009 at 7:58 AM, ed  wrote:
> Unfortunately our network has been blocked from accessing Twitter and
> their support cases require twitter for updates, so any contact details
> would be gratefully received.

http://twitter.zendesk.com/requests/portal/new  ?

-- 
Jeremy L. Gaddis
http://evilrouters.net/

Anybody from Godaddy abuse?

[Jeremy Hanmer]

Can somebody from Godaddy contact me off-list about a malicious domain  
errantly listing our network as its DNS servers?  Email to  
ab...@godaddy has gone unanswered and we're getting hit pretty hard.

Re: ALTDB.NET DNS?

[Jeremy Gaddis]

On Mon, Mar 9, 2009 at 2:26 AM, Jeff S Wheeler  wrote:
> I notice the ALTDB.NET DNS has been updated, and WWW.ALTDB.NET goes to a
> GoDaddy "parked domain" landing page, and also, email bounces.  Jacked?

$ whois altdb.net | grep Expiration
   Expiration Date: 08-mar-2009

-- 
Jeremy L. Gaddis
http://evilrouters.net/

Re: Minnesota to block online gambling sites?

[Jeremy McDermond]

On May 4, 2009, at 11:53 AM, Matthew Black wrote:

Instead of huffing and puffing your libertarian perspective (you  
called the AG's letter garbage), you might make a quick Google  
search of "18USC1084(d)," which provides a wealth of information on  
the legality of such enforcement actions.


http://openjurist.org/325/f2d/148



But the Seventh Circuit specifically refuses to rule on any  
Constitutional issues surrounding the statute, instead choosing to  
rely on the district court's order that the defendants activities did  
not violate the law under 18 USC §1084(d).  The statute, as applied by  
Minnesota, could very well be unconstitutional and unenforceable in  
the manner that Minnesota seeks.  In this case the First Amendment may  
be applicable because this seems to be a prior restraint on speech.   
Additionally, it is content based because it seeks to restrict speech  
due to its transmission or reception of gambling information.  This  
means that the courts will apply a "strict scrutiny" test to it,  
requiring that the government have compelling reason to restrict the  
speech, and that they are applying the least restrictive method of  
controlling the speech.  This is usually a difficult burden for them  
to sustain.


In this case, the gambling issue seems much like the pornography  
issue.  In _Center for Democracy and Technology v. Pappert_, 337  
F.Supp 606 (W.D. Pa. 2004), the Eastern District of Pennsylvania  
looked at a Pennsylvania state law that looks much like this federal  
law and required ISPs operating in the state to block based on a  
letter from the state attorney general.  In trying to determine  
whether the law provided the least restrictive method, the court  
looked to the types of blocking that the ISPs could employ.   
Specifically they examined DNS blocking, IP blocking, and URL  
filtering.  The court decided that DNS blocking wasn't particularly  
effective and would require ISPs to deploy additional equipment.   
Additionally, URL filtering was impractical because of the deployment  
costs as well.  The only practical alternative the court recognized  
was IP blocking, but they said that because it could severely  
overblock (because of name based virtual hosting) that it wasn't  
narrowly tailored enough block to pass Constitutional muster.


The situation in _Center for Democracy_ seems remarkably similar to  
what Minnesota seems to be trying to do with the federal statute.   
There's certainly the chance that the federal district courts in  
Minnesota, or the appeals courts will disagree with the Western  
District of Pennsylvania's assessment of the situation, but as long as  
the strict scrutiny standard is applied, and there's a danger of  
overblocking, then I would expect the Supreme Court to uphold any as  
applied challenges to the statute.


Disclaimer:  I am not a lawyer.  This is not legal advice.  If you  
need legal advice, you should hire a real lawyer licensed in your  
jurisdiction.



matthew black
speaking only for myself and not my employer
california state university, long beach


--
Jeremy McDermond
Xenotropic Systems
mcde...@xenotropic.com

Re: The actual value, from a security standpoint, of using a proxy domain registrar?

[Jeremy Hanmer]

Not everybody charges for the service.  Shop around.

On Jul 15, 2009, at 3:37 PM, Mike Lyon wrote:


I still think it's a huge waste of money.


On Wed, Jul 15, 2009 at 3:34 PM, Ray Sanders <
ray.sand...@villagevoicemedia.com> wrote:


And that falls right into some of the scare tactic sales pitches the
domain registrars use.

"they can look up your domain and find your home address!"

Heck, even a p.o box could leave someone open to a stalker, if said
stalker is determined enough.

so yes, I'll concede that point to a certain extent.


On Wed, 2009-07-15 at 17:18 -0500, David E. Smith wrote:

Mike Lyon wrote:
I am curious what others in the industry think on this topic.  
When one
registers a domain they can put in their real information or they  
can

use a

proxy, like Go-Daddy's Domains By Proxy.


If you're using it for your business, the value is pretty slim. You
probably want your business to be reachable by the public.

Individuals, especially those using their domains to publish  
anything

controversial, could benefit somewhat from the increased privacy.

David Smith
MVN.net



--
"Prediction is very difficult, especially about the future." Niels  
Bohr

--
Ray Sanders
Linux Administrator
Village Voice Media
Office: 602-744-6547
Cell: 602-300-4344

Re: Unimus Network Automation https://unimus.net/

[Jeremy Austin]

To be precise, Unimus allows some mass config push but is not a templating
system. It's superb for config pull. It's decent for simple, static config
pushes or on-the-box scripting pushes.

Tomas has mentioned publicly that he has built templated config systems in
the past, but I don't believe that work has been turned into a shipping
product yet.

I'm a happy paid user and have also met Tomas in person. I'm no expert, but
he and his team write what appears (by performance) to be beautiful java.

Jeremy Austin


On Tue, Jan 12, 2021 at 9:39 PM James Braunegg 
wrote:

> Dear All
>
>
>
> Anyone using Unimus for Network Automation ? https://unimus.net/
>
>
>
> i.e. mass configuration / push / pull configurations looking for something
> more powerful than rconfig for a Cisco Nexus and Juniper environment.
>
>
>
> And or happy with any other suggestions
>
>
>
> Kindest Regards
>
>
>
> *James Braunegg*
>
> [image: cid:image001.png@01D280A4.01865B60]
>
> 1300 769 972 / 0488 997 207 <1300%20769%20972>
>
> *ja...@micron21.com *
>
> www.micron21.com/
>
> [image: cid:image002.png@01D280A4.01865B60] <http://www.micron21.com/>
>
> [image: cid:image003.png@01D280A4.01865B60]
> <https://www.facebook.com/micron21/>
>
> [image: cid:image004.png@01D280A4.01865B60] <https://twitter.com/micron21>
>
> Follow us on Twitter <https://twitter.com/micron21> for important service
> and system updates.
>
> This message is intended for the addressee named above. It may contain
> privileged or confidential information. If you are not the intended
> recipient of this message you must not use, copy, distribute or disclose it
> to anyone other than the addressee. If you have received this message in
> error please return the message to the sender by replying to it and then
> delete the message from your computer.
>
>
>
>
>


-- 
Jeremy Austin
jhaus...@gmail.com

Re: Verizon DC/NOVA Issues?

[Jeremy Knapp]

Is this affecting email servers? We have started to see sporadic failures
to yahoo and aol with messages tied to
https://postmaster.verizonmedia.com/error-codes

On Tue, Jan 26, 2021 at 12:03 PM Andy Ringsmuth  wrote:

> Axios is reporting:
>
> What's happening: The widespread issues are unrelated to a FiOS fiber
> internet cable getting cut in Brooklyn, contrary to reports circulating
> widely on social media linking the two, a Verizon spokesperson said.
>
>
> https://www.axios.com/east-coast-internet-outages-494451f9-73bb-4025-9730-36ab5a6ad5d6.html
>
> 
> Andy Ringsmuth
> 5609 Harding Drive
> Lincoln, NE 68521-5831
> (402) 304-0083
> a...@andyring.com
>
> “Better even die free, than to live slaves.” - Frederick Douglas, 1863
>
> > On Jan 26, 2021, at 11:23 AM, Andrew Schaefer 
> wrote:
> >
> > Yes, Verizon FiOS is having major issues in Philadelphia getting to
> Amazon and Google networks, among others. Starting around 11:30 AM Eastern.
> >
> > On Tue, Jan 26, 2021 at 12:15 PM Robert Webb 
> wrote:
> > Any hearing of Verizon internet issues affecting the DC, Northern
> Virginia, and surrounding areas?
> >
> > Just got a flood of complaints about work VPN connections keep dropping
> and all users appear to be using Verizon internet and other users on
> Comcast are not having issues.
> >
> > Started maybe around 11:30AM EST..
> >
> > Thanks..
> >
> > Robert Webb
> >
> >
>
>

Re: bufferbloat-beating customer shaping via LibreQoS

[Jeremy Austin]

Thanks for the shoutout, Norman. Preseem isn’t at 50Gbps in 1U yet, but we
will get there.

I hope more folks listen to Dave, open vs. closed source solutions aside —
AQM makes a shocking amount of difference to quality of experience.

Jeremy



On Sun, Sep 18, 2022 at 2:14 PM Norman Jester  wrote:

>
> > On Sep 18, 2022, at 12:25 PM, Dave Taht  wrote:
> >
> > There's been a huge uptake in interest lately in doing better per
> > device and per customer shaping, especially for
> > ISPs, in the libreQoS.io project, which is leveraging the best ideas
> > bufferbloat project members have had over the
> > past decade (cake, bpf, xdp) to push an x86 middlebox well past the
> > 10Gbit barrier, on sub-2k boxes, with really
> > good stats on backlogs, drops, and ecn marks. I've long primarily
> > tried to get fq_codel and cake running on the CPE (most recently
> > mikrotik), and that's been taking too long.
> >
> > I have no idea to what extent members of this list have interest in
> > this, but if you know of a smaller ISP with bad bufferbloat,
> > please pass that link along? It's got ridiculously easier to set up as
> > a vm of late.
> >
> > There is presently a design discussion going on over here:
> >
> > https://github.com/rchac/LibreQoS/issues/57
> >
> > And by mentioning it here, today, I'm mostly asking what other real
> > life use cases we should try to tackle? What backend tools should we
> > try to integrate with?
> >
> > --
> > FQ World Domination pending:
> https://blog.cerowrt.org/post/state_of_fq_codel/
> > Dave Täht CEO, TekLibre, LLC
>
> Take a look at Preseem as the features it has and graphs are great. WISPs
> need this type of system and would show added interest if it has those
> charts and metrics. The integrations are good also. HubSpot integration is
> a plus so we can pull user data out of it and add it to their HubSpot
> profiles.
>
> --
Jeremy Austin
jhaus...@gmail.com

Re: WISPA (was Making Use of 240/4 NetBlock)

[Jeremy Austin]

I'm in.

Jeremy Austin

On Wed, Mar 9, 2022 at 11:38 AM Dennis Burgess 
wrote:

> Let me know where and when 😊
>
>
>
> Dennis Burgess
>
> Author of "Learn RouterOS- Second Edition”
> Link Technologies, Inc -- Mikrotik & WISP Support Services
> Office: 314-735-0270  Website: http://www.linktechs.net
> Create Wireless Coverage’s with www.towercoverage.com
> Need MikroTik Cloud Management: https://cloud.linktechs.net
>
> -Original Message-
> From: NANOG  On Behalf
> Of Travis Garrison
> Sent: Wednesday, March 9, 2022 2:12 PM
> To: Dave Taht 
> Cc: NANOG 
> Subject: RE: WISPA (was Making Use of 240/4 NetBlock)
>
> I will be attending also. We should try to do a meetup of the NANOG members
>
> Thank you
> Travis Garrison
>
>
>
> -Original Message-
> From: NANOG  On Behalf
> Of Dave Taht
> Sent: Wednesday, March 9, 2022 1:25 PM
> To: Tim Howe 
> Cc: NANOG 
> Subject: Re: V6 still not supported (was Making Use of 240/4 NetBlock)
>
> I am going to attend the WISPA conference in New Orleans next week.
> (anyone going)
>


-- 
Jeremy Austin
jhaus...@gmail.com

Re: cf is down?

[Jeremy Chequer]

Global API Outage - https://www.cloudflarestatus.com/

I look forward to hearing back from you.

Cheers

Jeremy Chequer
Chief Operating Officer

Resolver Group

P: 1800 497 152 | D: 07 3819 0483
E: jer...@resolvergroup.com.au

Resolver Group is a Division of Check Technology Group

Please consider the environment before printing this email.

From: NANOG  on behalf of 
Dmitry Sherman 
Sent: Tuesday, June 21, 2022 4:53:38 PM
To: nanog@nanog.org list 
Subject: cf is down?


[External Sender] Be cautious of any links or attachments within this email as 
it has come from an External Sender.







Dmitry Sherman

Interhost Networks

T:

+972.74.702.9881

M:

+972.54.318.1182

E:

dmi...@interhost.net<mailto:dmi...@interhost.net>

W:

interhost.co.il<https://www.interhost.co.il/>



[Logo]<https://www.interhost.co.il/>

Re: cf is down?

[Jeremy Chequer]

Hi All

Sorry for the noise. Issue is long since resolved, I sent that email over 5 
hours ago and it must have gotten caught in moderation.

I look forward to hearing back from you.

Cheers

Jeremy Chequer
Chief Operating Officer

Resolver Group

P: 1800 497 152 | D: 07 3819 0483
E: jer...@resolvergroup.com.au

Resolver Group is a Division of Check Technology Group

Please consider the environment before printing this email.

From: NANOG  on behalf of 
Jeremy Chequer 
Sent: Tuesday, June 21, 2022 4:56:52 PM
To: Dmitry Sherman ; nanog@nanog.org list 

Subject: Re: cf is down?


[External Sender] Be cautious of any links or attachments within this email as 
it has come from an External Sender.

Global API Outage - https://www.cloudflarestatus.com/

I look forward to hearing back from you.

Cheers

Jeremy Chequer
Chief Operating Officer

Resolver Group

P: 1800 497 152 | D: 07 3819 0483
E: jer...@resolvergroup.com.au

Resolver Group is a Division of Check Technology Group

Please consider the environment before printing this email.

From: NANOG  on behalf of 
Dmitry Sherman 
Sent: Tuesday, June 21, 2022 4:53:38 PM
To: nanog@nanog.org list 
Subject: cf is down?


[External Sender] Be cautious of any links or attachments within this email as 
it has come from an External Sender.







Dmitry Sherman

Interhost Networks

T:

+972.74.702.9881

M:

+972.54.318.1182

E:

dmi...@interhost.net<mailto:dmi...@interhost.net>

W:

interhost.co.il<https://www.interhost.co.il/>



[Logo]<https://www.interhost.co.il/>

Re: if you make the peace today i will call mr.obama

[Jeremy Chequer]

If you have beef with Cognet or HE why not just take it up with them instead of 
involving the whole list in your spam every few days? You rehashed a thread 
that hadn't seen any activity in 9 years and now just keep spamming everyone 
trying to get your point across.

Yes, it is annoying that Cognet and HE don't peer with each other. You're not 
the only one who doesn't like it and Cognet has previously cut off other peers 
as well based on their internal policies. If you are a Cognet or HE customer, 
take it up with your Account Manager and if they aren't willing to do anything 
than talk with your wallet and take the business elsewhere if it is such a big 
issue for you.

Spamming the list isn't going to result in any change, it is just going to piss 
people off. Neither company is going to care about one person complaining about 
it on a mailing list when both are bringing on new customers daily.

Re your trolling comment, if I was to hazard a guess and I am not a moderator 
so not this is nothing but a guess, I'd say you have crossed the line now and 
am hoping the moderators take action soon so that the 10s of thousands who get 
these emails don't need to keep putting up with your spam.

Cheers

Jeremy Chequer
Chief Operating Officer

Resolver Group | Check Networks

Resolver Group is a Division of Check Technology Group

Please consider the environment before printing this email.

From: NANOG  on behalf of 
VOLKAN KIRIK 
Sent: Sunday, August 21, 2022 12:28:04 PM
To: dschaef...@cogentco.com ; Mike Leber 

Cc: nanog list 
Subject: if you make the peace today i will call mr.obama


[External Sender] Be cautious of any links or attachments within this email as 
it has come from an External Sender.

if you make the peace today i will call mr.obama

i mean the biden. and shut down your operations both

white house should call me immediately.

ps. turkish translator is required.

however i may correct him/her in case of bad translation

isnt this list moderated or.. trolling allowed!??

RE: email spam

[Jeremy Chequer]

Or at the bare minimum, require a response. Just assuming the email went 
through and then blaming that for a pedo keeping their job for another year and 
a half is just bad on the officials side. With scams increasing, measures need 
to be in place. Unfortunately, several agencies seem to think that you should 
just trust anything that comes from their address but that's how we end up with 
email spoofing. The agencies need to ensure they have the right setup in place 
to avoid ending up in spam and also ensure they are following up in some form, 
especially when its to do with child safety.

- Jeremy

From: NANOG  On Behalf Of 
Suresh Ramasubramanian
Sent: Wednesday, 24 August 2022 12:52 PM
To: Eric Tykwinski 
Cc: nanog@nanog.org
Subject: Re: email spam

[External Sender] Be cautious of any links or attachments within this email as 
it has come from an External Sender.
100%. Also - there's no way to offer a delivery sla for email.  If you have 
something business critical, let alone anything that affects child safety, pick 
up a phone and call, or send an officer over to the school.

--srs

From: Eric Tykwinski mailto:eric-l...@truenet.com>>
Sent: Wednesday, August 24, 2022 8:14:16 AM
To: Suresh Ramasubramanian mailto:ops.li...@gmail.com>>
Cc: nanog@nanog.org<mailto:nanog@nanog.org> 
mailto:nanog@nanog.org>>
Subject: Re: email spam

Sorry about the bad examples, but I remember contacting both about issues with 
SPF multiple times.  They both have seemed have to fixed things at least 
searching my logs for the last week.  Most of my customers have had to 
whitelist them though for past issues. It's also 
ezpassnj.com<http://ezpassnj.com> for the NJ collection.  Point still stands, 
assume incompetence over malice.

Sincerely,

Eric Tykwinski
TrueNet, Inc.
P: 610-429-8300


On Aug 23, 2022, at 10:20 PM, Eric Tykwinski 
mailto:eric-l...@truenet.com>> wrote:

Bill,

Not only that, did they even follow their own rules, I've been fighting with 
septa.org<http://septa.org/>, the Pennsylvania train authority, and 
easypassnj.com<http://easypassnj.com/>, the New Jersey transit toll collectors 
about invalid SPF records for years, and they literally don't give a shit.  If 
they say to put it in spam, well than that is their own fault.

Sincerely,

Eric Tykwinski
TrueNet, Inc.
P: 610-429-8300


On Aug 23, 2022, at 10:00 PM, Suresh Ramasubramanian 
mailto:ops.li...@gmail.com>> wrote:

Without saying why the mail was blocked (dumb content filter looking for porn? 
a spamhaus listing because the police server was hacked? something else?) 
that's not going to help too much.

I've been spam filtering stuff at large providers since the late 90s and it 
never gets any easier to block 100% spam or let 100% legit mail through.

-srs

--srs

From: NANOG 
mailto:nanog-bounces+ops.lists=gmail@nanog.org>>
 on behalf of William Herrin mailto:b...@herrin.us>>
Sent: Wednesday, August 24, 2022 7:03:52 AM
To: nanog@nanog.org<mailto:nanog@nanog.org> 
mailto:nanog@nanog.org>>
Subject: email spam

Hello,

To folks at places like Google and Godaddy which have gotten, shall we
say, overzealous about preventing spam from entering their systems,
consider the risk:

https://www.washingtonpost.com/education/2022/08/23/fairfax-county-counselor-solicitation-minor/

"Chesterfield County police said emails notifying Fairfax County
Public Schools that an employee was arrested and charged with
soliciting prostitution from a minor were not delivered to the school
system."

Long story short, the pedo kept his school job another year and a half.

There was once a time when both the outbound emails and the bounce
messages when they failed... worked. It was a spammy place but the
important emails got through.

Regards,
Bill Herrin

Re: IS-IS on FRR - Is Anyone Running It?

[Jeremy Austin]

Mark,

I suggest you ask this directly on the FRR slack:

https://frrouting.slack.com/

I’m also interested to know who’s been trying FRR IS-IS in the wild. At
last check your former guess seemed to be correct and it wasn’t under
active development.

Regards
Jeremy Austin

On Thu, Apr 2, 2020 at 11:32 PM Mark Tinka  wrote:

> Hi all.
>
> So I finally decided to start messing around with FRR for a native IS-IS
> deployment for some of our FreeBSD-based Anycast services.
>
> I hit an issue that I posted to the FRR list that hasn't progressed beyond
> identifying a bug:
>
> 2020/03/21 03:12:36 ISIS: isis_send_pdu_bcast: sock_buff size 8192 is less
> than output pdu size 9014 on circuit em0
> 2020/03/21 03:12:36 ISIS: [EC 67108865] ISIS-Adj (1): Send L2 IIH on em0
> failed
>
> This is being addressed here:
>
> https://github.com/FRRouting/frr/pull/6066
>
> But my main question was if there was a command or setting in zebra.conf
> and/or isisd.conf that I can use to define the MTU IS-IS should use to set
> itself up, rather than being informed by what the interface currently runs
> at. I've tried everything that is documented as well as stuff that isn't,
> but nothing is accepted or recognized.
>
> Either no one runs IS-IS on FRR, or much of the implementation is still
> being developed and/or hasn't been tested in the wild, i.e., no traction.
>
> I'm hoping there is someone on this list that has played with IS-IS on FRR
> to point me in the right direction.
>
> The setup is FRR 7.3 on FreeBSD-12.1. Thanks.
>
>
> Mark.
>
-- 
Jeremy Austin
jhaus...@gmail.com

Re: alternative to voip gateways

[Jeremy Austin]

What’s the average loop length? Grandstream is probably OK to 5+ kfeet but
you will lose CID before that.

As the low cost option don’t expect them to be trouble-free (or have
particularly good vendor support), but they might work in your application
if cheap is what makes sense.

My $.02

Jeremy Austin

On Fri, May 1, 2020 at 10:11 PM Andrey Slastenov 
wrote:

> Look at MSAN solution. Like Huawei UA5000 or similar solutions from other
> vendors.
>
>
> Regards,
> Andrey
>
> > 2 мая 2020 г., в 07:21, Nick Edwards 
> написал(а):
> >
> > I'm looking at a new sister company we just took over, their remote
> > village has 1700 analogue phone lines to the workers huts, but they go
> > nowhere past the MDF.
> >
> > The office runs voip, now i'm told i have to get phones to the workers
> > because the  AKA previous owners of that
> > business  stopped the build when they ran into financial problems.
> >
> > So my plan is to utilize the existing many miles worth of copper pairs.
> >
> > I'm looking at throwing them into Versa Dslams that use pppoe pass
> > through, throw in a mikoTik 1036 as pppoe server, and we got spare
> > R710 i can use as radius server, and by my limited knowledge this
> > works.
> >
> > OK data done, but... now all those pots out lines need to go somewhere
> > that can handle 1700 or more lines, I am looking at either grandstream
> > 48 port FXS gateways or sangoma vega 50 ports (which Ill use as 48 so
> > theres a 1:1 match with dslams) the vega 3050 probably wont be used
> > because they are more than twice the price of grandstream.
> >
> > But this all results in a sh1te load of 48 port gateways (power is not
> > a concern), but wondering if there is another solution that is more
> > cost effective? Seems the regular NEC's Siemens and so on might have
> > an option but I can imagine it will be far more expensive than a bunch
> > of individual gateways.
> >
> > This project is in my mind workable, but i've not done such a thing on
> > a large scale.
> > Those who have experience in this field care to chime in? is my method
> > acceptable or not for such a project size?
> >
> > most pbx's I've done are only few hundred analogue lines where
> > gateways are more suited and definitely more cost effective, at all
> > our locations we use freepbx which works perfectly, and we know the
> > beefyness of the box we'll need to install to handle this load, thats
> > not a problem if we go down the gateway method.
> >
> > thoughts?
>
-- 
Jeremy Austin
jhaus...@gmail.com

Re: IP addresses on subnet edge (/24)

[Jeremy Visser]

On Tue, Sep 15, 2020 at 8:26 AM Töma Gavrichenkov  wrote:

> Also .0 and .1.
>
> Yes, there was some kind of a strange behavior with those addresses
> before.  We excluded those from rotation back in 2011 when that was really
> biting us.  There's an impression that this issue has become much less
> troubling over the years, didn't have time to investigate though.
>

Yep, I once had a customer (circa 2013–2014) who couldn't load
https://www.stgeorge.com.au/ because they (a PPP–based user, where
addressing is point to point, effectively /32 each end if you like) had an
IP address ending in .0, despite it being in the middle of an otherwise
larger pool. Some middlebox forming opinions about an address it has no
business forming an opinion about.

Re: Gaming Consoles and IPv4

[Jeremy Bresley]

I'm outside of Tampa (18th largest MSA in the US).  The two providers 
here, Spectrum (former Brighthouse area) and Frontier (bought out 
Verizon's FIOS offering) are both IPv4 only (including on their SOHO/SMB 
offerings).



Every time I've called in, I've asked if they are offering IPv6 yet.  
Most of the time I've had to follow that up with explaining what IPv6 
is, even to the technical support people.



So I'm stuck with doing an HE tunnel still for my IPv6 access. If 
anybody has a petition to change this with these providers, let me know, 
happy to sign it.



Jeremy


On 9/28/20 08:44, Mike Hammett wrote:

Are non-ISP-provided routers all that common anymore?

Aren't there enough IPv6-enabled operators with critical mass of IPv6 
deployments that IPv4-only networks can be treated like the 
second-tier citizens they are?




-
Mike Hammett
Intelligent Computing Solutions <http://www.ics-il.com/>
<https://www.facebook.com/ICSIL><https://plus.google.com/+IntelligentComputingSolutionsDeKalb><https://www.linkedin.com/company/intelligent-computing-solutions><https://twitter.com/ICSIL>
Midwest Internet Exchange <http://www.midwest-ix.com/>
<https://www.facebook.com/mdwestix><https://www.linkedin.com/company/midwest-internet-exchange><https://twitter.com/mdwestix>
The Brothers WISP <http://www.thebrotherswisp.com/>
<https://www.facebook.com/thebrotherswisp><https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg>

*From: *"Matt Hoppes" 
*To: *"Mike Hammett" , "Daniel Sterling" 


*Cc: *"North American Network Operators' Group" 
*Sent: *Monday, September 28, 2020 7:42:16 AM
*Subject: *Re: Gaming Consoles and IPv4

Many... but not all... and just because the operator is doesn't mean the
person you want to play with is.  And just because the operator is
doesn't mean the router you or the other person is using supports it.

On 9/28/20 8:20 AM, Mike Hammett wrote:
> Aren't most of the major operators using IPv6?
>
>
>
> -
> Mike Hammett
> Intelligent Computing Solutions <http://www.ics-il.com/>
> 
<https://www.facebook.com/ICSIL><https://plus.google.com/+IntelligentComputingSolutionsDeKalb><https://www.linkedin.com/company/intelligent-computing-solutions><https://twitter.com/ICSIL>

> Midwest Internet Exchange <http://www.midwest-ix.com/>
> 
<https://www.facebook.com/mdwestix><https://www.linkedin.com/company/midwest-internet-exchange><https://twitter.com/mdwestix>

> The Brothers WISP <http://www.thebrotherswisp.com/>
> 
<https://www.facebook.com/thebrotherswisp><https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg>

> 
> *From: *"Daniel Sterling" 
> *To: *"Mike Hammett" 
> *Cc: *"Matt Hoppes" , "North 
American

> Network Operators' Group" 
> *Sent: *Sunday, September 27, 2020 8:33:56 PM
> *Subject: *Re: Gaming Consoles and IPv4
>
> Matt Hoppes raises an interesting question,
>
> At the risk of this being off-topic, in the latest call of duty games
> I've played, their UDP-NAT-breaking algorithm seems to work rather well
> and should function fine even behind CGNAT. Ironically turning on upnp
> makes this *worse*, because when their algorithm probes to see what
> ports to use, upnp sends all traffic from the "magical xbox port" to 
one

> box instead of letting NAT control the ports. This does cause problems
> when multiple xboxes are behind one NAT doing upnp. If upnp is on and
> both xboxes are fully powered off and then turned on one at a time,
> things do work. But when upnp is off everything works w/o having to 
do that.

>
> There are many other games and many CPE NAT boxes that may do horrible
> things, but CGNAT by itself shouldn't cause problems for any recent
> device / gaming system.
>
> It is true that I've yet to see any FPS game use ipv6. I assume that's
> cuz they can't count on users having v6, so they have to support v4, 
and

> it wouldn't be worth their while to have their gaming host support
> dual-stack. just a guess there
>
> -- Dan
>
>
>
> On Sun, Sep 27, 2020 at 7:29 PM Mike Hammett  <mailto:na...@ics-il.net>> wrote:
>
>     Actually, uPNP is the only way to get two devices to work behind one
>     public IP, at least with XBox 360s. I haven't kept up in that realm.
>
>
>
>     -
>     Mike Hammett
>     Intelligent Computing Solutions <http://www.ics-il.com/>
> 
<https://www.facebook.com

RE: AS16509 (Amazon) peering contact

[Jeremy McMasters]

Good luck we are the 9th largest MSO and still have not gotten a response back 
from Amazon.

-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Stephen Fultpn
Sent: Friday, June 28, 2019 3:50 PM
To: Kody Vicknair ; nanog@nanog.org
Subject: RE: AS16509 (Amazon) peering contact

Hi Kody,

Contact information on PeeringDB is not normally accessible without an account 
and that information is not indexed by search engines, unlike this and other 
mailing lists.

My point remains if you want to share a non-role contact, especially for 
someone at an organization as large as Amazon, due so privately.  Otherwise 
such contacts might become so bogged down by the increased amount of email from 
world plus dog, they no longer are able to be as helpful or prompt.  
Alternatively, you could ask the person whose contact you wish to share 
publicly for consent first.  If you did, my apologies.


On June 28, 2019 15:03:13 Kody Vicknair  wrote:

> No private information was shared.
>
> See for yourself:
> https://www.peeringdb.com/net/1418
>
>
> -Original Message-
> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Stephen 
> Fulton
> Sent: Thursday, June 27, 2019 5:22 PM
> To: nanog@nanog.org
> Subject: Re: AS16509 (Amazon) peering contact
>
> Hi Kody,
>
> Please don't share a person's e-mail account on a mailing list.  Role 
> accounts are one thing, but not this.  If you want to, send it 
> privately.Â
>
> Cheers,
>
> Stephen
>
> On 2019-06-27 17:47, Kody Vicknair wrote:
>> I've always worked with Tim Bates. They were exceptionally quick with 
>> standing up my session. like same day quick...
>>
>> x...@amazon.com
>>
>>
>>
>>
>>
>> Kody Vicknair
>> Network Engineer
>>
>> Tel:985.536.1214
>> Fax:985.536.0300
>> Email:  kvickn...@reservetele.com
>>
>> Reserve Telecommunications
>> 100 RTC Dr
>> Reserve, LA 70084
>>
>> _
>> _
>> ___
>>
>> Disclaimer:
>> The information transmitted, including attachments, is intended only 
>> for the person(s) or entity to which it is addressed and may contain 
>> confidential and/or privileged material which should not disseminate, 
>> distribute or be copied. Please notify Kody Vicknair immediately by 
>> e-mail if you have received this e-mail by mistake and delete this 
>> e-mail from your system. E-mail transmission cannot be guaranteed to 
>> be secure or error-free as information could be intercepted, 
>> corrupted, lost, destroyed, arrive late or incomplete, or contain 
>> viruses. Kody Vicknair therefore does not accept liability for any 
>> errors or omissions in the contents of this message, which arise as a result 
>> of e-mail transmission. .
>>
>> -Original Message-
>> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Hansen, 
>> Christoffer
>> Sent: Thursday, June 27, 2019 2:45 PM
>> To: nanog@nanog.org
>> Subject: Re: AS16509 (Amazon) peering contact
>>
>>
>> On 27/06/2019 20:55, Andras Toth wrote:
>>> Including at least an ASN in the peering request usually helps to 
>>> expedite the process :)
>> & keeping your peeringdb entry up-to-date is usually helpful, too.
>> Depending on who you want to peer with(!)
>>
>> Some networks require you to have up-to-date peeringdb information 
>> for your network. Including which facilities and/or internet 
>> exchanges you are either connected to and/or present on/in.
>> This will often be the case if $peering_partner have either partial 
>> or fully automated peering configuration management.
>>
>> /Christoffer

Re: Cat 5 hurricane -- How are the Bahamas doing?

[Jeremy Parr]

Things are bad in some places, fine in others. I can provide a more
thorough update this evening.

On Wed, Sep 4, 2019, 15:27 Sean Donelan  wrote:

> On Mon, 2 Sep 2019, Sean Donelan wrote:
> > It is too early for damage assessments.  BTC, local Bahama
> telecommunications
> > company, is reporting widespread power outages, and intermittent mobile
> and
> > wireline telephone service. The Abaco Islands in northern Bahamas seem
> to be
> > taking the worst of it.
>
> Folks asking for updates on Bahamas.  The simple answer is I'm not hearing
> any information out of the Bahamas, which is concerning in itself.
>
>
> My big secret how I do network outage reports is people send me the
> information.  Usually, I get lots of random emails from network people
> about problems all over the U.S. and other places in the world. But
> Bahamas has gone very quiet.
>
>

Re: /27 the new /24

[Jeremy Austin]

On Thu, Oct 8, 2015 at 3:25 PM, James Jun  wrote:

>
> If you want choices in your transit providers, you should get a transport
> circuit (dark, wave or EPL) to a nearby carrier hotel/data center.  Once
> you do that, you will suddenly find that virtually almost everyone in the
> competitive IP transit market will provide you with dual-stacked IPv4/IPv6
> service.
>

The future is here, but it isn't evenly distributed yet. I'm in North
America, but there are no IXPs in my *state*, let alone in my *continent*
-- from an undersea fiber perspective. There is no truly competitive IP
transit market within Alaska that I am aware of. Would love to be proved
wrong. Heck, GCI and ACS (the two providers with such fiber) only directly
peered a handful of years ago.


> If you are buying DIA circuit from some $isp to your rural location that
> you call "head-end" and are expecting to receive a competitive service,
> and support for IPv6, well, then your expectations are either unreasonable,
> ignorant or both.
>

Interestingly both statewide providers *do* provide both IPv4 and IPv6
peering. The trick is to find a spot where there's true price competition.
The 3 largest statewide ISPs have fiber that meets a mere three city blocks
from one of my POPs, but there's no allowable IX. I'm looking at you, AT&T.

-- 
Jeremy Austin
Whitestone Power & Communications, Alaska

Re: /27 the new /24

[Jeremy Austin]

On Fri, Oct 9, 2015 at 12:04 PM, Owen DeLong  wrote:

>
>
> The future is here, but it isn't evenly distributed yet. I'm in North
> America, but there are no IXPs in my *state*, let alone in my *continent*
> -- from an undersea fiber perspective. There is no truly competitive IP
> transit market within Alaska that I am aware of. Would love to be proved
> wrong. Heck, GCI and ACS (the two providers with such fiber) only directly
> peered a handful of years ago.
>
>
> Alaska is in the same continent as Canda and the Contiguous US.
>

Geographically yes, but not IP-topologically. It may strictly speaking be
an exaggeration to speak of continental latencies, but we do feel a bit cut
off up here. From me to Ohio is just about twice as far as from me to CA.
The distance from the eastern US to Portugal is only about twice as long as
the Anchorage to Seattle route.


> VANIX (Vancouver), CIX (Calgary), Manitoba-IX (Winnipeg), WPGIX
> (WInnipeg), TORIX (Toronto),
> and an exchange in Montreal (I forget the name) exist as well as a few
> others in Canada (I think
> there’s even one out in the maritimes).
>

If there were ever an Alaska-to-Canada pipeline or gas line built, no doubt
there could be fiber. To my knowledge no non-Arctic Alaska to Yukon route
exists or is in public planning. I think AT&T may have some microwave. The
Yukon has less overall population than the city of Fairbanks, AK, and it
would be difficult to justify a fiber build, say, from Tok to Whitehorse,
without other reasons. I'm not looking at great circle routes at the
moment, but an overland route would probably be *longer* from Anchorage to
Vancouver than the current undersea routes.


> There are tons of exchanges all over the contiguous US.
>

Exactly. Now imagine an area — Alaska not including Anchorage — twice the
size of Texas, with the population of Pittsburgh, in tiny clumps far apart.
It is *possible* that the lack of IX in Alaska is due solely to geography
and not, say, to an inadequately competitive ISP environment.

I’m surprised that there isn’t yet an exchange point in Juneau or
> Anchorage, but that
> does, indeed, appear to be the case. Perhaps you should work with some
> other ISPs
> in your state to form one.
>

Juneau, I'm not so surprised; how many other cities that small and isolated
have IXes? I'm curious. It's an interesting prospect, at least for some
value of $location. Anyone interested, hit me up.

According to this:
> http://www.alaskaunited.com
>
> There is subsea fiber to several points in AK from Seattle and beyond.
>

Said undersea fiber is owned by GCI and ACS. There are some pending routes
west and north, I believe.


>
> And on a continental basis, quite a bit of undersea fiber in other landing
> stations
> around the coastal areas of the contiguous 48.
>
> If you are buying DIA circuit from some $isp to your rural location that
> you call "head-end" and are expecting to receive a competitive service,
> and support for IPv6, well, then your expectations are either unreasonable,
> ignorant or both.
>
> Interestingly both statewide providers *do* provide both IPv4 and IPv6
> peering. The trick is to find a spot where there's true price competition.
> The 3 largest statewide ISPs have fiber that meets a mere three city blocks
> from one of my POPs, but there's no allowable IX. I'm looking at you, AT&T.
>
>
> I’m not sure what you mean by “allowable IX”, to the best of my knowledge,
> anyone
> can build an IX anywhere.
>

 I should have been more clear. No allowable IX *at the nearest fiber
meetup to me*.

It would be illuminating to see what minimum peak hour per-capita bw is
necessary to make rural IX pay, and for what value of $rural.

"Alaska suffers from… an abject lack of density." —Joe Freddoso, Mighty
River/USAC

Re: /27 the new /24

[Jeremy Austin]

On Sat, Oct 10, 2015 at 12:51 PM, Todd Underwood 
wrote:

>
> you already know that that's not how the internet in the rural west works.
>  it's fine.  smile and nod and pretend that they are making sensible claims
> and move back to trying to figure out how to make things work on your own
> network.
>

Thank you, Todd. While I must take some exception to your use of the word
'hinterlands' [1] rather than 'frontier', you're right on the mark
everywhere else. :)

With all the talk around updating BCPs, perhaps we also need IUPs --
Interesting Uncommon Practices: the edge cases which contrast to, but do
not invalidate, the middle.

-J

[1] Kleinfeld, "The Frontier Romance"
http://www.newsminer.com/features/sundays/book_reviews/kleinfeld-s-book-explores-the-romance-of-the-frontier/article_57da7bda-e15c-11e2-9281-0019bb30f31a.html

Are there any ATT postmasters in the house?

[Jeremy Parr]

I have a mail server that is repeatedly getting blacklisted, but is not
sending anything spammy or bulk.

Re: Modem as a service?

[Jeremy Austin]

On Sun, Dec 6, 2015 at 4:03 PM, Karl Auer  wrote:

>
> There might be a product idea here, if no-one's done it already:
> Something like a RaspBerry Pi, running off a lithium battery, with a
> recharge circuit and something to detect a power outage. Add a 3G/4G
> card to send an SMS alert, put it all in a box, plug it into power. Only
> configuration needed is setting the SMS target(s)... If you made it
> network addressable (on 3G/4G) it could send emails as well.


Almost exactly my scenario.

While you're at it, add IP/serial links to console servers and tunnel in.
I've got this as the only OOB option for sites with no copper. Low
bandwidth 3G plan.

-- 
Jeremy Austin
Whitestone Power & Communications
(907) 895-2311
(907) 803-5422
jhaus...@gmail.com

Re: Devices with only USB console port - Need a Console Server Solution

[Jeremy Bresley]

Looks like what you want is the A920-CONS-KIT-S part.  Description on it 
is "ASR 920 Serial Console Cabling Kit"  This is a $0 item when ordered 
with the ASR920s.  The other option is the A900-CONS-KIT-U which is the 
USB-USB console kit.


http://www.cisco.com/c/en/us/td/docs/routers/asr920/hardware/installation/guide/ASR920_HIG/hw_installation.html#pgfId-114

Shows the adapter which I'm assuming is what's included in the kit, they 
mention needing the RJ-45 to DB9 cable (normal Cisco console cable) in 
addition to this ASR9XX specific adapter.  Should be able to plug your 
normal terminal server cables into the adapter cable listed above.


Hope this is helpful.

Jeremy "TheBrez" Bresley
b...@brezworks.com

On 12/7/2015 4:15 PM, Erik Sundberg wrote:

We have one of these nice new and fancy Cisco ASR920-24SZ, just realized it 
doesn't have an RJ45 Console port only USB. When we deploy devices at our pop 
we wire the console port to a terminal\console server, well that doesn't work 
for a usb console device.

So what is everyone doing for out of band management via the console when it's 
a usb only device?
Is there something I am missing?
Is there a console server for USB?
Does cisco make an USB to RJ45 Jack adapter?



CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

Re: Binge On! - get your umbrellas out, stuff's hitting the fan.

[Jeremy Austin]

On Sat, Jan 9, 2016 at 5:06 AM, Mike Hammett  wrote:

>
> The best solution for everybody is the solution most consumers are adverse
> to, which is usage based billing. Granted, many times the providers have
> shot themselves in the foot by making the charges punitive instead of based
> on cost plus margin. Reasonable $/gig for everybody! :-)


I'm tempted to make an analogy to health care, insurance, and universal
coverage, but I'll abstain.

Usage based billing alters the typical hockey stick graph: the 10% of users
using 80% of the bandwidth are otherwise subsidized by the long tail.

As an ISP, usage-based billing is more sensible, because I would no longer
have to stress about oversubscription ratios and keeping the long tail
happy. But usage-based models are more stressful for the consumer; I think
I disagree that it's the best model for everybody.

Let me be a consumer advocate for a moment. One of the reasons consumers
are averse to usage-based billing is that the tech industry has not put
good tools into their hands. While it is possible to disable automatic
updates, set Windows 10's network settings to "metered", and micromanage
your bandwidth, in general:

The Internet (from the non-eyeball side) is designed around a free-feeding
usage model. Can you imagine if the App store of your choice showed two
prices, one for the app and one for the download? The permission-based
model on Android would have requests like, "This app is likely to cost you
$4/week. Is this OK?"

I don't know all the reasons that satellite provider Starband shut down,
but that was a usage-based billing market; and it would never have been a
'reasonable' $/gig.  I'm working to step into the hole they left, and
you're right that customers don't want a usage-based model to replace it.

In addition, let's say I know of an ISP that makes 10% of its revenue from
overage charges. Moving to a purely usage-based model would lower ACR, as
it would have to charge a more reasonable price/gig; that top 10% of users
won't replace the lost revenue. So even providers may have little incentive
to change models, particularly if they have a vested interest in inhibiting
the growth of video or usage in general.

-- 
Jeremy Austin

Re: Binge On! - get your umbrellas out, stuff's hitting the fan.

[Jeremy Austin]

On Sun, Jan 10, 2016 at 7:12 PM, Owen DeLong  wrote:

>
> For $x/month you get Y GB of LTE speed data and after that you drop to
> 128kbps.
>
> You don’t pay an overage charge, but your data slows way down.
>
> If you want to make it fast again, you can for $reasonable purchase
> additional
> data within that month on a one-time basis.
>
> I would like to encourage other carriers to adopt this model, actually. If
> Verizon had a model like this, I would probably switch tomorrow assuming
> their prices weren’t too far out of line compared to T-Mo.
>
>
This is similar to Hughesnet's FAP (unfortunately named Fair Access Policy).

I've had some consumer success with this model. There are other fairness
models that can augment it, however; it's not my favorite.


> >
> > The Internet (from the non-eyeball side) is designed around a
> free-feeding
> > usage model. Can you imagine if the App store of your choice showed two
> > prices, one for the app and one for the download? The permission-based
> > model on Android would have requests like, "This app is likely to cost
> you
> > $4/week. Is this OK?”
>
> Kind of an interesting idea, but to me, the reason usage charges induce
> stress has ore to do with the fact that they are kind of out of control
> pricey first of all and second of all that you start incurring them without
> warning and without any real ability to say no on most networks.
>
> That’s why I actually like the T-Mo strategy here. With existing tools,
> the customer has full choice and control about “overage” costs even if
> their data usage remains somewhat opaque.
>

>From what I understand, the controversy around T-Mo is that the technique
itself was opaque, correct? If the Internet as a whole *had* an "SD" knob,
like Netflix on AppleTV/etc., usage-billed customers would benefit — as
long as it was plainly spelled out.


>
>
> > In addition, let's say I know of an ISP that makes 10% of its revenue
> from
> > overage charges. Moving to a purely usage-based model would lower ACR, as
> > it would have to charge a more reasonable price/gig; that top 10% of
> users
> > won't replace the lost revenue. So even providers may have little
> incentive
> > to change models, particularly if they have a vested interest in
> inhibiting
> > the growth of video or usage in general.
>
> How can an ISP make 10% of its money from overage charges unless they are
> doing usage-based billing? If you’ve got an AYCE plan, you don’t have
> overages. If you don’t, then you have some form of usage based billing.
>
> The varieties of usage based billing that are available are a far less
> interesting exercise.
>
> Owen
>
>
On a continuum, AYCE at one end, pay-by-the-bit at the other, and in
between, usage caps. For the majority of customers on $provider network,
caps are unnecessary; for them, the flat rate they pay is effectively an
AYCE. Smaller stomachs, and they are paying a higher $/bit as they use
less. Those who incur overages are experiencing usage-based billing.

I agree it is uninteresting, but there it is.

How much uncapped LTE spectrum is needed before we can hit that 2Mbps per
customer referred to recently?

Re: Binge On! - get your umbrellas out, stuff's hitting the fan.

[Jeremy Austin]

On Mon, Jan 11, 2016 at 9:15 AM, Owen DeLong  wrote:

>
>
>>
>>
> This is similar to Hughesnet's FAP (unfortunately named Fair Access
> Policy).
>
> I've had some consumer success with this model. There are other fairness
> models that can augment it, however; it's not my favorite.
>
>
> What is your favorite?
>

Does a dog have the Buddha nature?

My favorite is actually having enough bandwidth to meet demand. What a
concept. Ought to work for terrestrial; where we run out of
spectrum/bandwidth is in shared-medium last-mile.

Pre-Title II classification, I had excellent success with per-flow
equalization/fairness, but this is expensive and makes bandwidth guarantees
difficult to manage.

After, I've also had success with a) maintaining sane oversubscription
ratios and b) using per-customer-class fairness balancing, and c) some
experimentation with FQ-CODEL, although this is less neutral and still a
gray area — at least until I understand it better.



>
>
> However, as I said, I consider everything to the right of AYCE on your
> “continuum” to be simply variations of usage-based billing.
>
> Sure, to a consumer who stays within their usage tier, their tier looks
> like AYCE (until it doesn’t), but it certainly isn’t actually.
>

I agree.


>
>
>
> How much uncapped LTE spectrum is needed before we can hit that 2Mbps per
> customer referred to recently?
>
>
> I would assume quite a bit. There are 7 billion potential subscribers, so
> that’s 14 billion Mbps or 14 Petabits per second world wide.
>

Heh. Gary said it better — it's about user density. All 7 billion aren't on
one set of sectors.

The architecture for "repeaters", as Gary pointed out, is suboptimal, which
is why we rely so heavily on Wifi, and why the WISP world is up in arms
over LTE-U. Or so it seems to me.

And NYC is just now getting wifi in the tunnels?

I apologize if this has grown off-topic.

Re: Binge On! - get your umbrellas out, stuff's hitting the fan.

[Jeremy Austin]

On Mon, Jan 11, 2016 at 9:40 AM, Owen DeLong  wrote:

>
>
>
> My favorite is actually having enough bandwidth to meet demand. What a
> concept. Ought to work for terrestrial; where we run out of
> spectrum/bandwidth is in shared-medium last-mile.
>
>
> That’s not a billing model… We were talking about billing models.
>
> What’s your favorite billing model?
>

Heh. I had said "fairness" — perhaps we both support unfair billing but
fair supply?

Two sides of the same tarnished coin, supply and demand.

Which model I prefer… Diogenes, when asked what kind of wine he liked best,
replied "The wine of others."

As a user in that top 10%, I like my bandwidth subsidized by my unwitting
peers. As an ISP, I'm managing to sell it AYCE, but I'm small potatoes. My
opinions are my own but largely informed by what I observe for customer
satisfaction, contrasting models in an uncompetitive market.

Re: Best Source for ARIN Region /24

[Jeremy Austin]

On Mon, Jan 11, 2016 at 11:10 AM, Mike Hammett  wrote:

> Some expansions under my ISP hat may lead to needing some address space,
> so I'd be interested in where people are getting space from as well.
> Smaller blocks, though, /22 and smaller.
>

Me too, but "will" instead of "may".

Jeremy Austin

Re: small automatic transfer switches

[Jeremy Austin]

On Wed, Jan 27, 2016 at 11:33 AM, Josh Reynolds 
wrote:
>
> better yet, $134
>
http://www.amazon.com/CyberPower-PDU20MHVT10AT-Metered-Power-Distribution/dp/B00NEHXESQ/ref=sr_1_17?s=electronics&ie=UTF8&qid=1453926782&sr=1-17&keywords=cyberpower+ats


That unit is 220V. I bought it once by mistake. Josh' first link is the
15A/120V version.

If all you need is a single port (still 15A limit), and can handle a 70ms
switching time, I've had success with this marine transfer switch:

http://www.amazon.com/Xantrex-Inline-Transfer-Relay-PROwatt/dp/B00JGXAE62/ref=sr_1_1?ie=UTF8&qid=1453927515&sr=8-1&keywords=xantrex+in-line+transfer

You'll have to add your own ends/outlets, as it is intended to be hardwired
in place.

Re: Fiber to the home specialists/consultants?

[Jeremy Austin]

Ditto.
On Wed, Feb 10, 2016 at 4:04 PM Daniel Rohan  wrote:

> Can anyone point me at a firm that does or consults on FTTH from a
> technical *and* business perspective?
>
> Off-list responses would be appreciated.
>
> Thanks,
>
> Dan
>

Any ATT.net mail admins here?

[Jeremy Parr]

I have two spam filters that relay outbound mail for a few dozen companies,
and as such generate a fair amount of traffic. We are fairly strict with
the spam filtering on outbound mail, but somehow end up blacklisted by
ATT/Prodigy/Bellsouth a few times a year.

Re: GeoIP database issues and the real world consequences

[Jeremy Austin]

On Tue, Apr 12, 2016 at 3:55 AM, John Levine  wrote:

>
> Please don't guess (like, you know, MaxMind does.)  USPS has its own
> database of all of the deliverable addresses in the country.  They
> have their problems, but give or take data staleness as buildings
> are built or demolished, that's not one of them.


A qualifier.

USPS has a database of *most* of the deliverable addresses in the country.

I'm in an unorganized borough. The USPS actually has no mandate, funding or
lever that I can pull (that I can find) to keep their database up to date.
Easily 30% of the legitimate addresses in my area are not geocodable nor in
the USPS database.

I suspect that there are areas of my state with an even worse percentage of
unavailable data.

UPS and FedEx rely on the USPS database, but will not lift a finger to fix
this gap.

Even as a municipal body there is no available federal mechanism for
updating the database. I've tried multiple times over 15+ years.



So yeah, USPS' database does have its problems.

-- 
Jeremy Austin

(907) 895-2311
(907) 803-5422
jhaus...@gmail.com

Heritage NetWorks
Whitestone Power & Communications
Vertical Broadband, LLC

Schedule a meeting: http://doodle.com/jermudgeon

Re: Juniper vMX evaluation - how?

[Jeremy Austin]

On Wed, Apr 13, 2016 at 12:54 PM, Bruce Simpson  wrote:

>
> Is some special magic required to acquire an evaluation copy? The 60 day
> trial license is directly downloadable from the above link, but the tarball
> is not. $CLIENT was just referred to it by $RESELLER.


I'd be interested as well — I submitted a form, nothing but crickets.


-- 
Jeremy Austin

(907) 895-2311
(907) 803-5422
jhaus...@gmail.com

Heritage NetWorks
Whitestone Power & Communications
Vertical Broadband, LLC

Schedule a meeting: http://doodle.com/jermudgeon

Re: GeoIP database issues and the real world consequences

[Jeremy McDermond]

> On Apr 11, 2016, at 10:02 AM, Ken Chase  wrote:
> 
> Cant believe law enforcement is using this kind of info to execute searches.
> Wouldnt that undermine the credibility of any evidence brought up in trials
> for any geoip locates?

What overworked and underpaid public defender is going to know enough to 
challenge the “evidence?”  What judge is going to know enough to call BS on the 
search warrant affidavit?  A good number of the judges in Oregon used to work 
for one of the DA’s offices, you think they question law enforcement affidavits 
very aggressively?

> /kc
--
Jeremy McDermond (NH6Z)
Xenotropic Systems
mcde...@xenotropic.com

Re: CALEA

[Jeremy Austin]

On Thu, May 5, 2016 at 4:43 PM, Justin Wilson  wrote:

> What is the community hearing about CALEA?
>

Crickets?


-- 
Jeremy Austin

(907) 895-2311
(907) 803-5422
jhaus...@gmail.com

Heritage NetWorks
Whitestone Power & Communications
Vertical Broadband, LLC

Schedule a meeting: http://doodle.com/jermudgeon

An open letter to security researchers and practitioners

[Jeremy Gillula]

An open letter to security researchers and practitioners:

We need you to take a stand to protect security researchers who report
defects in browsers, before it's too late.

Earlier this month, the World Wide Web Consortium's Encrypted Media
Extensions (EME) spec progressed to Draft Recommendation phase. This is
a controversial standard for transmitting DRM-encumbered videos, and it
marks the very first time that the W3C has attempted to standardize a
DRM system.

This means that for the first time, W3C standards for browsers will fall
under laws like the DMCA (and its international equivalents, which the
US Trade Representative has spread all over the world). These laws allow
companies to threaten security researchers who disclose vulnerabilities
in DRM systems, on the grounds that these disclosures make it easier to
figure out how to bypass the DRM.

Last summer, the Copyright Office heard from security researchers about
the effect that DRM has on their work; those filings detail showstopper
bugs in consumer devices, cars, agricultural equipment, medical
implants, and voting machines that researchers felt they couldn't
readily publish about, lest they face punitive lawsuits from the
companies they embarrassed.

EFF has asked the W3C to take a minimal step to insulate their
stakeholders from the legal fallout from the inclusion of DRM in their
standards. Our proposal asks the W3C to bind its members to legal
promises not to use the DMCA or laws like it against security
researchers or implementers.

https://www.eff.org/deeplinks/2016/06/w3c-eme-and-eff-frequently-asked-questions

So far, the W3C executive has failed to act on this proposal, despite
diverse support from a number of W3C members.

We are hosting an open letter from security, privacy and technology
experts to the W3C's director, Tim Berners-Lee; and its CEO, Jeff Jaffe,
asking them to make any further work on EME contingent on adopting rules
to protect the open web from these bad laws.

https://www.eff.org/deeplinks/2016/03/security-researchers-tell-w3c-protect-researchers-who-investigate-browsers

Will you sign this letter? Some of security's leading lights have
already put their names to it. We can't afford to make widely used tools
like browsers off-limits to security research and disclosure, especially
not as HTML5 is being positioned as a UI environment to replace apps as
the primary way of interacting with sensors, actuators, embedded systems
and the whole Internet of Things.

If you're willing to sign on, please send an email to c...@eff.org with
your country of residence and your institutional affiliation (if any).

Thank you,

Cory Doctorow
Apollo 1201 Project
Electronic Frontier Foundation




signature.asc
Description: OpenPGP digital signature

University of Alaska AS7774 NOC?

[Jeremy Austin]

If there's anyone on call at network operations for the University of
Alaska, AS7774, please contact me or ACS NOC, who have an open trouble
ticket.

We appear to be having BPG reachability issues on your ACS peering.

Thank you,

-- 
Jeremy Austin

(907) 895-2311
(907) 803-5422
jhaus...@gmail.com

Heritage NetWorks
Whitestone Power & Communications
Vertical Broadband, LLC

Schedule a meeting: http://doodle.com/jermudgeon

Re: University of Alaska AS7774 NOC?

[Jeremy Austin]

On Sun, Jul 17, 2016 at 3:50 PM, Jeremy Austin  wrote:

> If there's anyone on call at network operations for the University of
> Alaska, AS7774, please contact me or ACS NOC, who have an open trouble
> ticket.
>
> We appear to be having BPG reachability issues on your ACS peering.
>

I want to extend thanks to the folks at University of Alaska, several of
whom contacted me immediately.

The issue turned out to be with ACS (AS7782), whose network engineers are
also on NANOG and called me almost right away, even the one on leave whom
the NOC couldn't reach.

That's what I call service. Thanks again, you deserve a shout out.


-- 
Jeremy Austin

(907) 895-2311
(907) 803-5422
jhaus...@gmail.com

Heritage NetWorks
Whitestone Power & Communications
Vertical Broadband, LLC

Schedule a meeting: http://doodle.com/jermudgeon

Re: Temp at Level 3 data centers

[Jeremy Austin]

My 0.041 BTC:

1) For small facilities, without separate temperature-controlled UPS zones,
the optimum temperature for lead-acid batteries may be the lower bound.
77°F is optimal, with significant reduction in battery life even 15°F above
that. Given that batteries' internal temperature will be higher than
ambient, 80° set point is not stupid. I run cooler, FWIW.

2) Headroom. I try to have documented for each facility the climb in
degrees per hour (determined empirically) as a backup so I know required
response times when AC failure occurs.

On Wed, Oct 11, 2017 at 10:09 AM, Naslund, Steve 
wrote:

>
> Bottom line 80 F input air is too hot in my opinion and apparently the
> equipment's opinion as well.
>
> --
Jeremy Austin
jhaus...@gmail.co m

(907) 895-2311 office
(907) 803-5422 cell

Heritage NetWorks <https://heritagenet.works/> - Whitestone Power &
Communications - Vertical Broadband, LLC <http://verticalbroadband.com/>

Akamai caches hammering Sophos XG firewalls

[Jeremy Parr]

Somewhat OT, but before I was a jack of all trades enterprise
sysadmin, I was a jack of all trades ISP sysadmin.

I'm seeing an issue at a few sites where I have Sophos XG firewalls
deployed where the XG gets hammered on it's WAN interface by Akamai
hosts with TCP re-transmissions. Anyone at Akamai who may have some
background on this issue please reach out to me. The hosts currently
in question are 24.244.145.137 and 24.244.145.139, but I suspect that
is only due to these being closest to me, colocated at my ISP AS15146.

Re: What are people using for IPAM these days?

[Jeremy Malli]

PHP/Mysql app we wrote a while back for this purpose.  Support v4/v6 and we 
like it :)

https://github.com/seankndy/subnetsmngr 
<https://github.com/seankndy/subnetsmngr>

Jeremy

> On Jun 13, 2018, at 11:38 AM, Brian Kantor  <mailto:br...@ampr.org>> wrote:
> 
> On Wed, Jun 13, 2018 at 11:25:47AM -0700, Randy Bush wrote:
>>>>>>>>>> emacs!
>>>>>>>>> vim!
>>>>>>>> ed!
>>>>>>> TECO!
>>>>>> cat
>>>>> IBM 029.
>>>> Youngster.  IBM 026.
>>> Infants!  Hollerith (IBM Type 1). I still own it.
>> 
>> but i actually do use emacs
> 
> For IP address management, I use a homebrew Perl web application
> that is a front end to a postgres database and allows entry, update,
> deletion and display.  There is a 'C' program which acts as a back
> end, and builds the Bind zone files and the dhcp table from the
> contents of the database when there is a change in the DB, as sampled
> every 15 minutes.  There is also a batch update program to make
> multiple changes to the database when that becomes necessary.
>   - Brian
> 

Re: IPv6 faster/better proof? was Re: Need /24 (arin) asap

[Jeremy Austin]

On Tue, Jun 19, 2018 at 7:56 PM Seth Mattinen  wrote:
>
> On 6/19/18 8:48 PM, Jared Mauch wrote:
> > MikroTik is getting there but most people are just not enabling it either.
>
>
> RouterOS still has "will not fix" IPv6 bugs, so that doesn't help shops
> dependent on Mikrotik want to move forward with deploying it.

Quick, somebody port FRR to Tile…



-- 
Jeremy Austin
jhaus...@gmail.com

(907) 895-2311 office
(907) 803-5422 cell

Heritage NetWorks - Whitestone Power & Communications - Vertical Broadband, LLC

Re: Console Servers

[Jeremy Bresley]

On 9/19/18 04:40, James Bensley wrote:

On Tue, 18 Sep 2018 at 14:38, Alan Hannan  wrote:

I'd like your input on suggestions for an alternate serial port manager.

Long ago I used Cisco 2511/2611 and was fairly happy.  A little later I used 
portmaster and was less so.  Recently I've been using Opengear and they work 
fairly well but the price is fairly high.   I use the CM7100 and IM7100.

General specs I'm looking for are:

  * 8 to 48 or more rs232 serial ports on rj45
  * nice-to-have software selectable pinouts (cisco v. straight)
  * gig-e ethernet port (100mbps ok)
  * 1U form factor
  * redundant AC power
  * access physical serial connections via local port #
  * access physical serial connections via local IP alias (nice to have)


Hi Alan,

I'd be reluctant to deploy Cisco 2800s (or similar) today unless there
is a newer variant, is there an ISGv2 variant with serial connectivity
that Cisco will be supporting for a few more years? I know OpenGrear
are expensive but in my current outfit, they do "just work" and the
few we had at my old place, again they did "just work".
The ISR G2s do have several options for async available as do the 
current generation ISR4Ks.


The ISR G2s (1900/2900/3900s) can take the HWIC-8A, HWIC-16A, or SM-32A 
for 8/16/32 ports (SM-32A only in 2911 and higher due to being a Service 
Module form factor)


Data sheet: 
https://www.cisco.com/c/en/us/products/collateral/interfaces-modules/1800-2800-3800-series-16-port-async-high-speed-wan-interface-card/product_data_sheet0900aecd80274416.html


The ISR G2 routers were all announced for End-of-Sale a while back, the 
modules for them were also announced recently, but are still available 
for sale until Feb 2019.  They'll still be supported until Feb 2024.


EOL Announcement: 
https://www.cisco.com/c/en/us/products/collateral/interfaces-modules/network-modules/eos-eol-notice-c51-741231.html


The ISR 4Ks have the NIM-16A, NIM-24A, and the SM-X-64A (16/24/64 
ports).  The SM-X is only supported in 4331 and higher due to the SM-X 
form factor, the 16/24 port ones support at least 2 modules in all 
ISR4Ks even the low-end 4221.  The NIM-16A and the SM-X-64A can use the 
same cables as the older async modules, the NIM-24A requires the newer 
low profile cable for 1 of the ports (can use it for all ports).


Data sheet: 
https://www.cisco.com/c/en/us/products/collateral/routers/4000-series-integrated-services-routers-isr/datasheet-c78-739968.html


Talk to your favorite SE or partner for more info and pricing.

Jeremy

Disclaimer, I do work for Cisco, this info is provided to the list as it 
was requested and hoping to clarify what's available.


My personal $0.02: I've also used some of the older Opengear boxes in 
the past, they're solid, and Opengear are very good with customer 
suggestions/feedback.  Lantronix SLCs work once you get them configured, 
but their configuration web interface was intolerably slow (page 
refreshes would eat whatever you input into a second option box you 
clicked to change) and their built-in terminal required Java.  Benefit 
of Opengear is the other "things" you can do with them since they're 
Linux based (TFTP/syslog/etc). Benefit of a Cisco ISR is they're 
straight IOS (G2s)/IOS-XE (4Ks) so any configuration tool that can 
handle a Cisco box can work with them.

Re: Oct. 3, 2018 EAS Presidential Alert test

[Jeremy Austin]

I received it. On AT&T, but not on AT&T Wifi Calling — I got it about :30
EDT, when I went outside within range of a 4G signal.

On Wed, Oct 3, 2018 at 11:22 AM Andy Ringsmuth  wrote:

> Did anyone on AT&T or an iPhone receive the test today? I believe it was
> supposed to happen at 2:18 EDT, followed by one on broadcast radio at 2:20
> EDT.
>
> I’m in CDT, so 1:18 and 1:20 p.m. CDT.
>
> Message was heard on my desk radio at 1:21:35 p.m. CDT but as of the
> sending of this at 1:52 p.m. CDT, nothing on phones. I have an office full
> of AT&T iPhones and not a single one of them alerted.
>
> FEMA says https://www.fema.gov/emergency-alert-test
>
> "Cell towers will broadcast the WEA test for approximately 30 minutes
> beginning at 2:18 p.m. EDT. During this time, WEA compatible cell phones
> that are switched on, within range of an active cell tower, and whose
> wireless provider participates in WEA should be capable of receiving the
> test message. Some cell phones will not receive the test message, and cell
> phones should only receive the message once."
>
> My wife, with a Sprint iPhone, received the test.
>
>
> 
> Andy Ringsmuth
> 5609 Harding Drive
> Lincoln, NE 68521-5831
> (402) 304-0083
> a...@andyring.com
>
>

-- 
Jeremy Austin
jhaus...@gmail.com

(907) 895-2311 office
(907) 803-5422 cell

Heritage NetWorks <https://heritagenet.works/> - Whitestone Power &
Communications - Vertical Broadband, LLC <http://verticalbroadband.com/>

Re: Any Gmail Admins on here?

[Jeremy Parr]

Not only that, but I just tried signing up, and the confirmation email was
marked as spam by GMail. Does not inspire confidence.

On Thu, Oct 25, 2018 at 1:26 PM Harald Koch  wrote:

> chilli.nosignal.org has an SSL certificate that expired in *July*.
>
> --
> Harald
>
>
> On Thu, 25 Oct 2018 at 12:48, Mike Hammett  wrote:
>
>> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
>>
>>
>>
>> -
>> Mike Hammett
>> Intelligent Computing Solutions 
>> 
>> 
>> 
>> 
>> Midwest Internet Exchange 
>> 
>> 
>> 
>> The Brothers WISP 
>> 
>> 
>> --
>> *From: *"Art Plato" 
>> *To: *"nanog" 
>> *Sent: *Thursday, October 25, 2018 11:39:36 AM
>> *Subject: *Any Gmail Admins on here?
>>
>> I apologize for putting this out in this forum but I have attempted to
>> reach Google/Gmail for several weeks with no response. Their servers have
>> flagged my domain with bad reputation even thought he stats say no spam has
>> been sent from my domain for the past several months that I can see. Please
>> PM me if you are out there.
>>
>> Thanks,
>> Art Plato
>>
>>
>>

Measurements of Internet traffic by protocol?

[Jeremy Gillula]

Hi all,

Are there statistics out there for the relative "popularity" of
different application-layer protocols by network traffic (i.e. HTTP(S)
vs SMTP(S) vs other protocols)? I realize it will be different from
different vantage points (e.g. a transit provider vs a small residential
ISP), but we'd love to find *any* sources of hard numbers out there.

I've tried to search for data, but the best I could come up with is at
least ten years out of date.

Thanks in advance!

-- 

| Jeremy Gillula, Ph.D.
| Tech Projects Director
| Electronic Frontier Foundation
| (415) 436-9333 x158
| jer...@eff.org
| @the_zeroth_law
| Want to support EFF? Donate! <https://supporters.eff.org/donate/>

Re: Extending network over a dry pair

[Jeremy Austin]

For a comparison of distance to capacity on copper, see
http://www.impulse-corp.co.uk/knowledge-base/transmission-distance-and-speed-differences-between-shdsl-and-vdsl2.htm

You might be able to pair bond -- if you had more than one pair.

If wireless isn't possible, you're likely needing satellite.

On Wed, Dec 12, 2018 at 12:35 PM Andrew Latham  wrote:

> On Wed, Dec 12, 2018 at 3:27 PM Nick Bogle  wrote:
>
>> A quick question for you guys;
>>
>> If you had a single dry pair (pair of copper wires originally for phones)
>> to a remote site that was around 6 miles away, what would you use? We
>> currently are just extending a T1 line to this site, but 1.5Mbps isn't
>> cutting it anymore. Unfortunately it's a research site on a federally
>> protected wildlife preserve so we can't run any new infrastructure (fiber
>> etc) and it isn't in a geographical place where point to point wireless is
>> practical. We were thinking there is some sort of network extender that
>> uses some form of DSL for higher bandwidth capacity.
>>
>> Any suggestions?
>>
>
> Look for an SHDSL Ethernet Extender
>
> --
> - Andrew "lathama" Latham -
>


-- 
Jeremy Austin
jhaus...@gmail.com

(907) 895-2311 office
(907) 803-5422 cell

Re: Stupid Question maybe?

[Jeremy Austin]

You may find this helpful in your search for knowledge:

https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing

"Classful" networking is rarely useful other than for understanding How We
Got Here.

There's a handy table in the linked article which expresses each IPv4 mask
length in relation to how many A, B, or C networks it is.

jermudgeon

On Mon, Dec 17, 2018 at 8:37 PM Joe  wrote:

>
> Apologizes in advance for a simple question. I am finding conflicting
> definitions of Class networks. I was always under the impression that a
> class "A" network was a /8 a class "B" network was a /16 and a class "C"
> network was a /24. Recently, I was made aware that a class "A" was indeed a
> /8 and a class "B" was actually a /12 (172.16/172.31.255.255) while a
> class "C" is actually a /16.
>
> Is this different depending on the IP segment, i.e. if it is part of a
> RC1918 group it is classed differently (maybe a course I missed?) Or aren't
> all IP's classed the same.
> I was always under the impression, /8 = A, /16 = B, /24=C, so rightly, or
> wrongly I've always seen 10.x.x.x as "A", and 192.168.x.x as "B", with
> 172.16/12 as one that just a VLSM between the two.
>
> Again, apologizes for the simple question, just can't seem to find a solid
> answer.
>
> Happy holidays all the same!
> -Joe
>


-- 
Jeremy Austin
jhaus...@gmail.com

(907) 895-2311 office
(907) 803-5422 cell

Megapath contact

[Jeremy Parr]

Could someone from Megapath contact me offlist? I'm fighting with some very
strange routing for a customer.

t-mobile help

[Jeremy Knapp]

Would someone from T-Mobile be willing to contact me offline about
some abuse issues we are having?

Any help would be greatly appreciated.

Thanks,

Jeremy

Re: Cisco CCNA Training

[Jeremy Knapp]

https://learningnetwork.cisco.com/docs/DOC-20499

The learning lab looks like very good option.
On Nov 3, 2014 5:52 AM, "Alex Brooks"  wrote:

> Hi,
>
> On Mon, Nov 3, 2014 at 2:38 AM, Joel Maslak  wrote:
> > You might look at your local community college's offerings.  Probably
> > better bang for the buck than many other offerings.
> >
> > On Sun, Nov 2, 2014 at 10:02 AM, Colton Conor 
> > wrote:
> >
> >> We have a couple of techs that want to learn cisco and networking in
> >> general. What do you recommend for learning and getting certified on
> Cisco?
> >> There seems to be a million different training courses, books, etc out
> >> there.
> >>
>
> I would agree with considering face-to-face offerings; especially if
> it is run with evening classes or at times the employee can access
> without affecting work.  It's how I first started my CCNA and I really
> appreciated having access to a real physical lab, library, instructors
> and other students. Though this was way back before Cisco's
> all-singing all-dancing website with it's 'online' lab.
>
> Quite often you can also use CCNA courses at a real college as part of
> a more general qualification and they often offer other courses that
> it can be handy for staff to have, like CompTIA's Security+ if you are
> doing any MOD or Federal contracting.  And as has been said they are
> normally quite cheap for what you get.
>
> However, have you considered actually asking the techs how they learn best?
>
> Alex
>

Re: TWC IPv6 access ...

[Jeremy Sliwinski]

On 11/14/2014 11:11 AM, Alan Clegg wrote:

On 11/14/14, 7:12 AM, Jorge Amodio wrote:

Hi There,

anybody seeing problems with TWC broadband access and IPv6?

After a brief outage this morning I no longer have IPv6 in my residential
line and don't see any IPv6 neighbor at the other end of the coax :-(

Apex, NC.  Been out for about a week.  I get a /128 for my router, but
no prefix delegation.

AlanC



Raleigh, NC.I saw the same issue here.   Restarted the IPv6 DHCP 
client on our Cisco router and PD came back immediately.


-jay

Outdoor ADSL2+/VDSL/G.Fast NIU

[Jeremy Malli]

I'm hoping somebody on the list has a recommendation for an outdoor 
ADSL2+/VDSL/G.Fast NIU.  Been doing so some research into this and have come up 
empty so far.


My thinking is that by housing the DSL CPE outside the residence in an 
enclosure we can reduce the issues with IW (since we would only need a small 
jumper from the LEC handoff to the NIU) and also gain access to the DSL CPE 
remotely for management and troubleshooting.  We would then hand off ethernet 
to the customer using existing wiring or running cat5.


Interested in how this problem may have already been addressed in the provider 
community.


Thanks,


-----

Jeremy Malli

jer...@vcn.com

Re: buying a /24 ipv4

[Jeremy Austin]

Hilco Streambank is ipv4auctions.com

They are reasonably competent.
On Fri, Nov 4, 2016 at 12:42 PM Javier J  wrote:

> What are the going rates these days in north america.
>
> What are some good sites to get a block?
>
>
> In the process now of setting up an Org and AS with Arin for a client.
>
> Thanks in advance for your help.
>
> - Javier
>

198.154.60.0/22 bogon/hijacked?

[Jeremy Parsons]

Re: External BGP Controller for L3 Switch BGP routing

[Jeremy Austin]

Tore Anderson:

https://www.redpill-linpro.com/sysadvent/2016/12/09/slimming-routing-table.html

On Fri, Jan 13, 2017 at 8:24 PM, Faisal Imtiaz 
wrote:

> Hello,
>
> A while back there was a discussion on how to do optimized (dynamic) BGP
> routing on a L3 switch which is only capable of handing a subset of BGP
> Routing table.
>
> Someone has pointed out that there was a project to do just that, and had
> posted a link to a presentation on a European operator (Ireland ? ) who had
> done some code to take Exabgp and create such a setup..
>
> (I am going by memory... )... Needless to say I am trying to find that
> link, or name of that project.
>
> Anyone who can help in refreshing my memory with the link (my search skill
> are failing to find that presentation !)
> would be greatly appreciated.
>
> Many Thanks in Advance.
>
> Faisal Imtiaz
>



-- 
Jeremy Austin

(907) 895-2311
(907) 803-5422
jhaus...@gmail.com

Heritage NetWorks
Whitestone Power & Communications
Vertical Broadband, LLC

Schedule a meeting: http://doodle.com/jermudgeon

Re: google ipv6 routes via cogent

[Jeremy Austin]

On Fri, Mar 3, 2017 at 5:05 PM, Job Snijders  wrote:

> > There are, of course, corner cases. But in general, single-homed
> > people shouldn’t be using BGP.
>
> There are numerous reasons to use BGP when single-homed:
>
> - as preparation to multi-home in the (near) future
> - ability to quickly change providers
> - to use BGP based blackholing features
> - to save time on provisioning work (adding new prefixes becomes a
>   matter of just announcing and updating IRR/RPKI).
> - loadbalanacing / loadsharing across multiple links
> - ability to use bgp communities for traffic engineering
>
> In other words, if you have your own IP space, I'd recommend to get your
> own ASN and use BGP.


I concur with Job.

If you are single-homed but care about having proper L3 redundancy (not
just VRRP or equivalent), BGP is a must.

ARIN has a policy to allow this, but it is not spelled out with an excess
of clarity. I suspect it is not often used; see NRPM section 5.

-- 
Jeremy Austin

Re: RFC2544 Testing Equipment

[Jeremy Austin]

JW, have you moved on to EtherSAM? That's what I'd be looking for myself.
On Tue, May 30, 2017 at 7:28 AM James Breeden  wrote:

> When we had to do this once in a blue moon, we just bought a pair of old
> Agilent Framescopes off ebay. They worked great but we had issues getting
> reporting out of them. They had RJ45 and SFP on them.
>
> -Original Message-
> From: NANOG [mailto:nanog-bounces+james=arenalgroup...@nanog.org] On
> Behalf Of Nick Olsen
> Sent: Tuesday, May 30, 2017 10:23 AM
> To: nanog@nanog.org
> Subject: RFC2544 Testing Equipment
>
>  Greetings all,
>
>  Looking for a good test set. Primary use will be testing L2 circuits
> (It'll technically be VPLS, But the test set will just see L2). Being able
> to test routed L3 would also be useful. Most of the sets I've seen are two
> sided, A "reflector" at the remote side, And the test set in hand run by
> the technician.
>
>  Looking to test up to 1Gb/s at various packet sizes, Measure Packet loss,
> Jitter..etc. Primarily Copper, But if it had some form of optical port, I
> wouldn't complain. Outputting a report that we can provide to the customer
> would be useful, But isn't mandatory. Doesn't need anything fancy, Like
> MPLS awareness, VLAN ID's..etc.
>
>
>Nick Olsen
>  Sr. Network Engineer
>  Florida High Speed Internet
>  (321) 205-1100 x106
>
>
>
>
>
>
>
>

Re: Net neutrality filing

[Jeremy Austin]

On Sat, Jun 17, 2017 at 9:54 AM, Stephen Satchell  wrote:

>
> It does have a few color pictures, though.  And one comic strip.
>

Upvote for use of 'caisson'.

There is at least one thing that Sen. Ted Stevens got right; in the fiber
era, the Internet really *is* a series of tubes.

I appreciate that a target of 35,000 per county or "county equivalent"
(parish, borough?) is just a number — but I believe I would prefer a metric
keyed to actual geographic population density rather than to political or
municipal boundaries qua boundaries. At least it seems to me that you are
wanting to encourage rural development, given that the current broadband
'divide' is largely a rural vs. urban one, according to the 2016 Broadband
Progress Report.

Natural monopolies worked for electrification. Do you anticipate Title I
providers as being sufficient to the task of narrowing this divide, with or
without a federal incentives program? Historically, federal incentives have
largely gone to Title II providers or their affiliated ISPs, if I
understand the math correctly.

https://www.brookings.edu/blog/the-avenue/2017/02/13/in-infrastructure-plan-a-big-opening-for-rural-broadband/

Jeremy Austin

Re: EdgeRouter Infinity as medium-sized "IXP Peering Router"?

[Jeremy Austin]

On Mon, Jul 3, 2017 at 2:44 PM, Seth Mattinen  wrote:

>
> EdgeRouter is... meh. If I was looking at that class of gear I'd go with a
> Mikrotik.


Job,

There is a bit of a price differential here, depending on whether you need
SFP+; the Infinity is "dead cheap", and has fairly opaque BGP
daemon+debugging tools. Also still technically a beta product. Not sure if
it meets your automation requirements. I wouldn't want to be deploying them
in a redundant pair, myself, but just when you say something can't be done…

Mikrotik's CCR1072: 10-gig router (shipping, not anything that's just been
announced) has an API, can certainly handle a few tens of thousands of
routes fine (single core BGP though), but I can't vouch for its ability to
do IMIX or *flow at line rate. This has probably been stress tested by
somebody. I doubt the sampling is in hardware.

If you don't need 10G ports then your options expand considerably. Do you
have a target throughput?

-- 
Jeremy Austin

(907) 895-2311 office
(907) 803-5422 cell
jhaus...@gmail.com

Heritage NetWorks
Whitestone Power & Communications
Vertical Broadband, LLC

Re: Puerto Rico Internet Exchange

[Jeremy Austin]

On Sun, Aug 13, 2017 at 2:04 PM, Martin Hannigan  wrote:

> Hi Arturo,
>
> Good call. I believe the funds are coming from the USF? (Mike Hammet knows
> more about this than me). I had conversations with multiple congressional
> staffers about using USF funds for IXP development. They're in for good
> projects. The USG and US congress is more than willing to fund IXPs using
> USF funds. Commercial or otherwise, depending on the bnenefits and commits.
>
>
Hi Martin

I'm curious about the mechanism for funding such a thing. Historically the
majority of USF funds have gone to telcos rather than ISPs, if I am not
mistaken.

I'd love to continue this discussion off list if necessary.

-- 
Jeremy Austin

(907) 895-2311 office
(907) 803-5422 cell
jhaus...@gmail.com

Heritage NetWorks
Whitestone Power & Communications
Vertical Broadband, LLC

Re: Want to move to all 208V for server racks

[Jeremy Bresley]

On 12/2/2010 9:58 AM, Jay Nakamura wrote:

I really want to move all newly installed internal and customer racks
over to all 208v power instead of 120v.  As far as I can remember, I
can't remember any server/switch/router or any other equipment that
didn't run on 208v AC.  (Other than you may need a different cable)
Anyone have any experience where some oddball equipment that couldn't
do 208v and regret going 208v?  We won't have any TDM or SONET
equipment, all Ethernet switches, routers and servers.  I have control
over internal equipment but sometimes customers surprises you.

Biggest issue we see with people still needing 120V outlets is external 
modems for out of band access.  Most of the time these modems are 
attached to the console of carrier managed routers.


Or as others in the thread have mentioned, wall-warts for things like 
USB hard drives, low-end KVMs, etc often are NEMA 5-15P plugs hardwired 
to them.  ASA5505s have this problem with the cable as well, but their 
power supplies will work on 208V with the necessary adapter.


Jeremy

Re: Some truth about Comcast - WikiLeaks style

[Jeremy Bresley]

On 12/20/2010 1:30 PM, Owen DeLong wrote:

On Dec 20, 2010, at 11:16 AM, Leo Bicknell wrote:

And yet, I don't know of any location in the US with two cable
operators.  You see, these rules weren't changed to provide for a
second cable TV plant to be put in the ground, even in the FCC knew
that cost too much.  Rather, if  you read carefully the problem was
that Verizon, AT&T, and Bell South (all mentioned by name in the
article) wanted to deliver video over FIOS/DSL.  Most areas had
coverage rules, to be a cable provider you had to pass 95%+ of the
houses or such, and these folks didn't meet many of the local rules
and went to the government for help.


I think that I recall encountering one or two such places in the past,
but, I cannot recall them to make a specific citation. Certainly it is the
exception and not the rule.

Owen



Cedar Rapids, IA is served by both Mediacom (incumbent/original cable 
company) and Imon (spinoff from McLeodUSA where they used to be called 
McLeodUSA ATS).  As well as having Qwest for telco service.


ATS started as an overbuild to compete at the local level in MCLD's 
hometown.  They were started circa 1997, and are still in business 
today, so they survived the last 2 bubbles.  And they caused Mediacom to 
keep prices down, and compete to offer additional services in Cedar 
Rapids long before they were available in other cities in their footprint.


So examples of competitive overbuilds being successful do exist.  Maybe 
Google's fiber build will inspire some other companies to try to compete 
in this fashion.


Full disclosure: I worked for MCLD from 98-05, and in the ATS division 
from 00-05.


Jeremy

Re: Skype info

[Jeremy Parr]

Skype downtime today

Earlier today, we noticed that the number of people online on Skype
was falling, which wasn’t typical or expected, so we began to
investigate.

Skype isn’t a network like a conventional phone or IM network –
instead, it relies on millions of individual connections between
computers and phones to keep things up and running. Some of these
computers are what we call ‘supernodes’ – they act a bit like phone
directories for Skype. If you want to talk to someone, and your Skype
app can’t find them immediately (for example, because they’re
connecting from a different location or from a different device) your
computer or phone will first try to find a supernode to figure out how
to reach them.

Under normal circumstances, there are a large number of supernodes
available. Unfortunately, today, many of them were taken offline by a
problem affecting some versions of Skype. As Skype relies on being
able to maintain contact with supernodes, it may appear offline for
some of you.

What are we doing to help? Our engineers are creating new
‘mega-supernodes’ as fast as they can, which should gradually return
things to normal. This may take a few hours, and we sincerely
apologise for the disruption to your conversations. Some features,
like group video calling, may take longer to return to normal.

Stay tuned to @skype on Twitter for the latest updates on the
situation – and many thanks for your continued patience in the
meantime.

On 22 December 2010 15:46, Jack Carrozzo  wrote:
>
> On Wed, Dec 22, 2010 at 3:29 PM, Paul Graydon wrote:
> >
> >
> >>  Details are on their blog: http://bit.ly/edtjxB
>
>
> %wget http://blogs.skype.com/ -O/dev/null
> --2010-12-22 20:45:36--  http://blogs.skype.com/
> Resolving blogs.skype.com... 204.9.163.155
> Connecting to blogs.skype.com|204.9.163.155|:80... failed: Operation timed
> out.
>
> ...
>
> -Jack

Re: NSA able to compromise Cisco, Juniper, Huawei switches

[Jeremy Bresley]

On 12/30/2013 9:05 AM, Warren Bailey wrote:

I'd love to know how they were getting in flight wifi.


Sent from my Mobile Device.


 Original message 
From: sten rulz 
Date: 12/30/2013 12:32 AM (GMT-09:00)
To: nanog@nanog.org
Subject: NSA able to compromise Cisco, Juniper, Huawei switches


Found some interesting news on one of the Australia news websites.

http://www.scmagazine.com.au/News/368527,nsa-able-to-compromise-cisco-juniper-huawei-switches.aspx

Regards,
Steven.
Simple.  Grab it from where it hits the base stations.  One of the two 
big in-flight Wifi carriers in the US uses Sprint towers, I believe the 
other used satellite.


They have to get back to a ground station somewhere in order to get 
network access.  Easy to tap it there and send it wherever you want.


Grabbing an ad-hoc signal between two endpoints in the air is probably 
significantly more involved.  Implementation of this is left as an 
exercise for the VERY well-funded reader.  ;-)


Jeremy "TheBrez" Bresley
b...@brezworks.com

Re: out of band management gear

[Jeremy Bresley]

On 2/21/2014 2:27 PM, Randy Carpenter wrote:

OpenGear's newer stuff is Gigabit (SFP even).

I've not seen any real switch made in the last decade that has a problem with 
100Mb/s connections. Ancient cisco, maybe had issues.

There's several devices that are 1/10Gb and do NOT support 10/100Mb.  
Cisco Nexus 5000/5500s, Brocade VDX series stuff, etc.


In our new data center, the only 10/100 ports are a couple blades in our 
Nexus 7018s put there just to provide these lower-speed connections to 
devices that needed them.  Expensive options in a fully loaded chassis 
just for a couple lower-end devices that could easily justify a couple 
dollars more to get a Gig PHY instead of the older 100Mb PHY chip.


Jeremy "TheBrez" Bresley

Re: L6-20P -> L6-30R

[Jeremy Bresley]

On 3/18/2014 6:11 PM, Jay Ashworth wrote:

From: "Randy" 

I have a situation where a 208v/20A PDU (L6-20P) is supposedly hooked to
a 208v/30A circuit (L6-30R). Before I order the correct PDU's and whip
cords...sanity check...are connectors 'similar' enough that this is
possible (with force) or am I going to find we've actually got
L6-20R's on the provider side?

As it happens, the chart at

   http://www.stayonline.com/reference-nema-locking.aspx

suggests that the L6-20 and L6-30 are less different than you'd expect.

I *think* those are on different diameters, and a datacenter employee ought
to friggin' know better... but I don't think it's 100% impossible that this
has happened.

If it did, you're gonna replace the plug anyway...

As long as there's a 20A breaker on the PDU, you're safe, if not within
code.
From experience with some electricians who couldn't follow simple 
written instructions, it is physically possible to put an L6-20 plug 
into an L6-30 receptacle.  But it won't lock into place.  Beyond all the 
other reasons it's not recommended, the slightest bump of the cable will 
likely knock it loose causing whatever is on there to drop.  (Cue 
electricans knocking the production 6506E's offline 3 times in 20 
minutes while they were replacing the breakers and the supposedly 
redundant power cords...)


If you can unplug it to look, every one I've ever seen has had the 
voltage and amperage clearly molded into the face of it.


Jeremy "TheBrez" Bresley
b...@brezworks.com