RE: End of 2017 hurricane season
Any idea what their pre and post traffic levels are? John John Souvestre - New Orleans LA -Original Message- From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Sean Donelan Sent: 2017 November 30, Thu 21:35 To: nanog@nanog.org Subject: End of 2017 hurricane season November 30 is the official end of hurricane season in North America. Puerto Rico's Internet routing announcements are 95% of pre-Maria levels. US Virgin Islands Internet routing announcements are 80% of pre-Maria levels. The #(provider name)sucks tweets on twitter in South Florida and South Texas have essentially stopped. I assume this means that providers have repaired almost all Hurricane Harvey and Hurricane Irma damage.
RE: NIST NTP servers
>>> I know it's supposed to have better range and signal quality, but I thought accuracy was about the same. The variables that affect accuracy are mostly external to the signal itself (propagation delay affected by atmospheric conditions). You are correct, but the what I read from NIST is that the Enhanced (PM) format " will allow faster and more accurate synchronization, as well as further address reception at particularly low SNIR." So perhaps I should have said better "resolution" rather than "accuracy". :) John John Souvestre - New Orleans LA -Original Message- From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Chris Adams Sent: 2016 May 12, Thu 21:21 To: nanog@nanog.org Subject: Re: NIST NTP servers Once upon a time, John Souvestre <j...@souvestre.com> said: > The Enhanced WWVB signal has better range and more accuracy, but I don't know if any receivers are available yet. I know it's supposed to have better range and signal quality, but I thought accuracy was about the same. The variables that affect accuracy are mostly external to the signal itself (propagation delay affected by atmospheric conditions). At one point, they were going to put a second transmitter closer to the east coast, and it was going to be at the Army's Redstone Arsenal, next to Huntsville, AL, where I live; I probably could have put a receiver in a steel box and still had good signal! NASA vetoed it though. -- Chris Adams <c...@cmadams.net>
RE: NIST NTP servers
> ... a dedicated WWVB receiver.
The Enhanced WWVB signal has better range and more accuracy, but I don't know
if any receivers are available yet.
John
John Souvestre - New Orleans LA
-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Jon Meek
Sent: 2016 May 11, Wed 10:40
To: nanog@nanog.org list
Subject: Re: NIST NTP servers
A note on using a Raspberry Pi as a NTP server. In my limited home lab
testing the RPi server had enough instability that Internet time sources
were always preferred by my workstation after ntpd had been running for a
while. Presumably this was due to the RPi's clock frequency drifting. At
some point I will look at it again.
If you do want to build your own Stratum 1 server you might want to glance
at:
https://github.com/meekj/ntp/blob/master/jon_meek_ntp_poster2009a.pdf
and the references there.
I had hoped to use the very low cost RPi Stratum 1 servers at $DAY_JOB, but
the test device was clearly not up to the job. At some point I hope to
revisit this and do some more testing like I did for that poster. I'll add
in a CDMA server and a dedicated WWVB receiver.
Jon
RE: gmail security is a joke
I was thinking about using the last 2 digits of the year as the cost factor, but that might not scale with hardware linearly. How about: 2 ^ (last 2 digits of year / 2) This would track per Moore's Law. John John Souvestre - New Orleans LA
RE: Akamai charges for IPv6 support?
Is there an equivalent discount for not using IPv4 anymore? :) John John Souvestre - New Orleans LA -Original Message- From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Aaron Hopkins Sent: 2014 August 18, Mon 11:38 To: nanog@nanog.org Subject: Akamai charges for IPv6 support? Is it normal to bill for IPv6 service as a separate product? I was surprised to hear from from my Akamai rep they they do: Hi Aaron, We can add the IPV6 service to the contract at an additional cost of $XXX/month. Please let me know if you would like to go ahead with the service and I can create the contract and send it for your review. I've been working on adding IPv6 support to my current project on my own time, and am now ready to enable it. But as soon as there is a recurring cost associated with IPv6 support, I need to be able to justify it. And I'm afraid that I can't currently explain a benefit of enabling IPv6 for our users. I'll likely end up not doing so while we're still an Akamai customer. It's Akamai's network, so it's their choice. But big players adding friction to enabling IPv6 certainly doesn't seem in everyone's best interests in the long-term. -- Aaron
RE: latest Snowden docs show NSA intercepts all Google and Yahoo DC-to-DC traffic
Money. The better the encryption the more it costs to crack. With forward security you can even protect against your private key leaking. In short, you can raise the stakes and make it economically unfeasible for even the NSA. John John Souvestre - New Orleans LA - (504) 454-0899 -Original Message- From: Mike Lyon [mailto:mike.l...@gmail.com] Sent: Fri, November 01, 2013 9:19 pm To: Harry Hoffman Cc: Niels Bakker; nanog@nanog.org Subject: Re: latest Snowden docs show NSA intercepts all Google and Yahoo DC-to-DC traffic So even if Goog or Yahoo encrypt their data between DCs, what stops the NSA from decrypting that data? Or would it be done simply to make their lives a bit more of a PiTA to get the data they want? -Mike On Nov 1, 2013, at 19:08, Harry Hoffman hhoff...@ip-solutions.net wrote: That's with a recommendation of using RC4. Head on over to the Wikipedia page for SSL/TLS and then decide if you want rc4 to be your preference when trying to defend against a adversary with the resources of a nation-state. Cheers, Harry Niels Bakker niels=na...@bakker.net wrote: * mi...@stillhq.com (Michael Still) [Fri 01 Nov 2013, 05:27 CET]: Its about the CPU cost of the crypto. I was once told the number of CPUs required to do SSL on web search (which I have now forgotten) and it was a bigger number than you'd expect -- certainly hundreds. False: https://www.imperialviolet.org/2010/06/25/overclocking-ssl.html On our production frontend machines, SSL/TLS accounts for less than 1% of the CPU load, less than 10KB of memory per connection and less than 2% of network overhead. Many people believe that SSL takes a lot of CPU time and we hope the above numbers (public for the first time) will help to dispel that. -- Niels. smime.p7s Description: S/MIME cryptographic signature
RE: iOS 7 update traffic
Hi Jared. The attitude in this email I have encountered elsewhere. Apple pays for bandwidth, customers pay for access. Not sure why their release strategy is so highly critiqued. Because it impacts other, non-Apple customers. Or, it costs the ISP more (passed through to all customers) to add capacity to handle an infrequent peak load. Question/suggestion: Could Apple perhaps shift their release to a Saturday morning? I would think that this would go a long way to diluting the peak. John John Souvestre - New Orleans LA - (504) 454-0899 smime.p7s Description: S/MIME cryptographic signature
RE: iOS 7 update traffic
Bah! That was a take-home convenience. How about the old ASR TeleType with the 110-baud link to get a hardcopy listing? Model 15, 45.5 baud. :) John John Souvestre - New Orleans LA - (504) 454-0899 smime.p7s Description: S/MIME cryptographic signature
RE: A split window multi ping program
Hello Sharon. At the passing month, i looked for some small program that can ping to multiply servers in a split window or a program with a split dos windows, i did not found it, So i developed one :) Take a look at MultiPing, from Nessoft: http://www.nessoft.com/multiping/ John John Souvestre - New Orleans LA - (504) 454-0899 smime.p7s Description: S/MIME cryptographic signature
RE: This is a coordinated hacking. (Was Re: Need help in flushing DNS)
Hi Shawn. Or you could vote with your feet, and wish then a fine g'day. John John Souvestre - New Orleans LA - (504) 454-0899 -Original Message- From: shawn wilson [mailto:ag4ve...@gmail.com] Sent: Thursday, June 20, 2013 10:42 pm To: Hal Murray Cc: North American Network Operators Group Subject: Re: This is a coordinated hacking. (Was Re: Need help in flushing DNS) I think ICANN would have to add a delay in where a request was sent out to make sure everyone was on the same page and then what happens the couple thousand (more) times a day that someone isn't updated or is misconfigured? I think Netsol should be fined. Maybe even a class action suite filed against them for lost business. And that's it. On Jun 20, 2013 11:28 PM, Hal Murray hmur...@megapathdsl.net wrote:
RE: Managing free pairs to prevent DSL sync. loss
Hello Anurag. I have not heard of this problem before, but I imagine that the non-terminated pairs could be acting like antennas and picking up noise. Have you considered grounding one end (or both) of the free pairs? Perhaps this would reduce the amount of noise they pick up. Regards, John John Souvestre - New Orleans LA - (504) 454-0899 -Original Message- From: Anurag Bhatia [mailto:m...@anuragbhatia.com] Sent: Tuesday, July 17, 2012 5:19 am To: NANOG Mailing List Subject: Managing free pairs to prevent DSL sync. loss Hello everyone. I am having some very bad time due to my ISP's poor last mile (in India). DSL is loosing sync. consistently and this time problem seems quite interesting so I though to ask how ISPs across world managing it. Problem is high attenuation low SNR because of lot of free pairs in the cable. My connection is coming from something like 100 pair 50 pair 20 pair 5 pair. Now 100 pair has less then 30 active lines but based on testing it seems like at 100 pair DP there's very low noise and everything is pretty good (usual BSNL pillars in India have 100 pair terminations). Next 20 pair has just 4 active lines (and 16 free lines causing issues for those 4 working lines) and at the end my line comes from 20 5 with only one (which is my) line active on one of 5 pairs. Now argument of my ISP (BSNL) is that due to excessive number of free pairs, they are causing huge noise and they likely need to reduce these DP's by putting 1-2 line wire from my home till 100 pair pillar termination (which is down in other street and so needs effort in digging and putting new wire). But I just never heard about this problem anywhere else. Do DSL providers really suffer due to free pairs? Assuming other pairs are all crossed/shorted, can they still produce significant noise in other working lines? Also, what exactly was bonding used by ATT in US? I thought it was actually making use of free pairs, bonding them together and having more bandwidth for end user, isn't it? If someone can pass me some detailed whitepaper or document explaining about this noise, it will be very much helpful. Thanks. -- Anurag Bhatia Web: anuragbhatia.com Skype: anuragbhatia.com Linkedin http://in.linkedin.com/in/anuragbhatia21 | Twitterhttps://twitter.com/anurag_bhatia| Google+ https://plus.google.com/118280168625121532854
RE: Managing free pairs to prevent DSL sync. loss
Yes, but would this result in more or less noise than an open end acting like an antenna? And would the ground loop noise be in the DSL spectrum? John John Souvestre - New Orleans LA - (504) 454-0899 -Original Message- From: Matlock, Kenneth L [mailto:matlo...@exempla.org] Sent: Tuesday, July 17, 2012 10:14 am To: valdis.kletni...@vt.edu; John Souvestre Cc: NANOG Mailing List Subject: RE: Managing free pairs to prevent DSL sync. loss Yeah, grounding both ends will result in some current traversing across the pairs all the time because of differences in ground potential over long-ish distances. Ken Matlock Network Analyst 303-467-4671 matlo...@exempla.org -Original Message- From: valdis.kletni...@vt.edu [mailto:valdis.kletni...@vt.edu] Sent: Tuesday, July 17, 2012 9:00 AM To: John Souvestre Cc: 'NANOG Mailing List' Subject: Re: Managing free pairs to prevent DSL sync. loss On Tue, 17 Jul 2012 09:15:59 -0500, John Souvestre said: Have you considered grounding one end (or both) of the free pairs? Perhaps this would reduce the amount of noise they pick up. Grounding both ends will probably result in hilarity ensues. And I suspect that Anurag can't ground the free pairs, because the copper belongs to the provider. *** SCLHS Confidentiality Notice *** The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any other dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify me immediately by replying to the message and deleting it from your computer. Thank you. *** SCLHS Confidentiality Notice ***
RE: Managing free pairs to prevent DSL sync. loss
You could ground then via some small capacitors. This would block DC and the low frequency power line trash and even act somewhat as a fuse should there be a lightning strike. John John Souvestre - New Orleans LA - (504) 454-0899 -Original Message- From: Mike Andrews [mailto:mi...@mikea.ath.cx] Sent: Tuesday, July 17, 2012 12:46 pm To: NANOG Mailing List Subject: Re: Managing free pairs to prevent DSL sync. loss On Tue, Jul 17, 2012 at 11:16:07AM -0600, Matlock, Kenneth L wrote: That brings up an interesting question. I assumed the ground potential stays the same between 2 points, but have there been any studies to see if it's actually DC, or if there's an AC component to it? Thaat's not a safe assumption, since most power companies use earth grounds for their distribution systems. That means that potential between two points, and the current through the ground between those two points, may vary depending on what's happening in the electrically-near parts of the power distribution system. That's not a happy thought, but it is Real Life. It's one of the reasons we went to fiber between widely-separated buildings in our field sites. In my experience, there are AC and DC components both. They're generally -- but not always -- negligible, unless something goes wrong or one end of the line takes a lightning strike, in which case ground can rise to bunchty KV. If there's an AC component in the ground at either end (or both) that may introduce EM into adjacent pairs across the cable. And are they more or less than the EM ungrounded pairs would pick up? Whatever is picked up by ungrounded pairs should be common-mode -- the same on both wires in the pair. Even if it is induced into the live pairs in the bundle, it shouldn't affect signalling. In theory, that is. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
RE: Dear Linkedin,
On 6/10/12, Joel jaeggli joe...@bogus.com wrote: How good does a password/phrase have to be in order to protect against brute-force or dictionary attacks against the password itself? ? Entropy in language. A typical english sentence has 1.2 bits of entropy per character, you need 107 characters to get a statistically random md5 hash. Using totally random english characters you need 28 characters. Using a random distribution of all 95 printable ascii characters you need 20 characters. ? Observation, good passwords are hard to come by. I don't disagree, except regarding dictionary attacks. If the attack isn't random then math based on random events doesn't apply. In the case of a purely dictionary attack if you choose a non-dictionary word and you are 100.000% safe. :) John John Souvestre - New Orleans LA - (504) 454-0899
RE: Spamhaus and Barracuda Networks BRBL
Hello Joel. I have some objective data based on our testing here. Over the past 18 months, Barracuda's block rate is 81.9%, while Spamhaus' is 83.3%. For whatever measurement error you want to include, that says that they are roughly equivalent. Over the past 6 months, BRBL is actually getting better: their block rate is 87%, while Spamhaus is 82%. There is, of course, a catch. BRBL gets a higher rate, but at a substantially higher false positive (FP) rate. We normalize FPs per 10,000 messages our measurements. Over the last 18 months, BRBL was 4.1 FP/10K messages; Spamhaus 0.2 FP/10K messages. Again, BRBL is getting better: over the past 6 months, BRBL went down to 1.6 FP/10K messages, while Spamhaus is about the same at 0.3 FP/10K messages. Your numbers reflect what I see, too. One other thing to note is that the two services don't catch exactly the same spam, so using both results in better trapping than either one alone. John John Souvestre - New Orleans LA
RE: ITU G.992.5 Annex M - ADSL2+M Questions
Hi Luke. We offer it, along with bonded ADSL. We don't do it often but it is very useful sometimes. Regards, John John Souvestre - New Orleans LA -Original Message- From: Luke Marrott [mailto:luke.marr...@gmail.com] Sent: Monday, January 04, 2010 4:03 PM To: nanog@nanog.org Subject: ITU G.992.5 Annex M - ADSL2+M Questions I've been looking up information on the Annex M Standard today and am unable to find any ISPs in the US offering this. Can anyone tell me if there are providers in the US using the Annex M standards and increased upstream with it, or if not is there a good reason why its not being done yet? Thanks! :Luke Marrott
RE: Historical traceroute logging
Hello Jeroen. I very much like Ping Plotter. http://www.pingplotter.com/ John John Souvestre - New Orleans LA -Original Message- From: Jeroen Massar [mailto:jer...@unfix.org] Sent: Thursday, December 03, 2009 3:16 PM To: Justin Shore Cc: NANOG list Subject: Re: Historical traceroute logging Justin Shore wrote: Does anyone know of any tools that can do repeated traceroutes over time to a remote IP and log the results for later viewing/comparison? RIPE TTM @ http://www.ripe.net/ttm/ Greets, Jeroen
RE: Can someone from SORBS contact me offlist?
Hi Brielle. Do they take two weeks to put a spammer on the list? Regards, John John Souvestre - New Orleans LA -Original Message- From: Brielle Bruns [mailto:br...@2mbit.com] Sent: Saturday, July 11, 2009 12:12 PM To: nanog@nanog.org Subject: Re: Can someone from SORBS contact me offlist? On 7/11/09 11:05 AM, Ronald Cotoni wrote: Yes, they are really bad. It is actually quite silly that a blacklisting service is that slow on responding to problems. I find it unacceptable that people demand instant service from a company they don't have prior business arrangements/relationship with. Average turn around time for the AHBL is around two weeks if we don't have an established contact and procedure with. How would you like it if a non-customer came to you demanding resolution to a problem with a free service you provide? Would you drop everything, and give that non-customer the same service you give a paying customer? -- Brielle Bruns The Summit Open Source Development Group http://www.sosdg.org/ http://www.ahbl.org
Radius Tacacs+ Clients
Hi all. Does anyone have any recommendations for Radius and Tacacs+ clients (not servers) to run on Linux and Windows? Thanks, John John Souvestre - Integrated Data Systems - (504) 355-0609
