[OPINION] Best place in the US for NetAdmins
I've been trying to decide for a while what makes a good home for a Network Admin... access to physical, reliable upstream routes? good selection of local taverns? What, in your opinion, makes a good location for a Network Admin and where in the US would you find that? Also, I'd like to introduce myself [[ o/ ]] I've been watching the list for a while now and have found it helpful with picking up some best practices, getting use-case scenarios you might not see in text books. I attended Michigan Tech for Computer Networking and System Administration and have been bouncing around for a couple of years trying to find my calling. I've been working a lot with VoIP and that's been my interest ever since middle school. I've been mainly playing with stub networks for most of my life but have recently started working with larger routed networks, leading me to subscribe to the NANOG list. My latest endeavor was acquiring and ASN and a /24 from ARIN and multihoming a very small MSP. I've been fortunate enough to have really sharp mentors to help answer any questions I've had along the way. I know there must be quite a few people like myself that are lurking on the list and I just wanted to thank you guys for answering other questions and providing input on topics that have come through the list. TL;DR: Hi, see subject
RE: Residential CPE suggestions
We’ve had two of the ER3s in production. One of which has had no problems to date, the other one had several issues just staying online. It would randomly drop out from time to time (no ICMP, didn't pass traffic; basically a flashing brick). These were both single homed stub networks on older firmware so your results may vary. In my past experience the Ubiquiti release cycle is: Announce Product -- (1 year later) -- Reannounce Product /Start Shipping -- (4 months later) -- Claim it's still on the boat and will reach distributors soon -- (2 months later) -- Begin shipping from Distribution with defunct firmware -- (8 months later and a few firmware updates) -- Release a stable firmware version TL;DR: Ubiquiti has good, inexpensive equipment but it might not always be ready for production networks or very patient customers. For what you’re looking for though no one else can match that price point. -Original Message- From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Jimmy Hess Sent: Tuesday, May 6, 2014 9:13 PM To: sur...@mauigateway.com Cc: NANOG list Subject: Re: Residential CPE suggestions On Tue, May 6, 2014 at 2:31 PM, Scott Weeks sur...@mauigateway.com wrote: I wouldn't worry. A fancy GUI without intelligent engineering and design leveraged is just more rope for everyone to hang themselves with, esp. when something in the GUI inevitably doesn't work quite like it's supposed to. Network vendor GUIs never work 100% like they are supposed to; there's always eventually some bug or another, or limitation requiring some workaround. And IPv6 is a game-changer. It looks like everyone here should start looking for a new career: Next-generation user experience allows anyone to quickly become a routing expert. ;-) scott -- -JH
RE: Customer Support Ticketing
For what it's worth, I've actually heard the Intuit guys that sell Quickbase will build and customize your ticketing system for you. I haven't looked that heavily into other options since I've run a few RT instances I'm most comfortable there but I'm sure you know it doesn't integrate with other applications well unless you're a perl dev -Original Message- From: Paul Stewart [mailto:p...@paulstewart.org] Sent: Wednesday, March 19, 2014 10:01 AM To: nanog@nanog.org Subject: Customer Support Ticketing Hey folks…. We need a new customer ticketing system and I’m looking for input. I am still working on a scope document on everything we want to do with the new system. The most common problem I run across is that a system is either built for enterprise internal IT helpdesk or it is built like a CRM sales tracking system. We are an ISP among other things and are looking for a powerful and yet reasonable cost system to answer email inquiries, allow customers to open tickets via portal, mobile support, escalation/SLA support, and several other things. Solarwinds NPM integration would be a huge bonus but not a deal breaker. If anyone has a system that they have integrated with Ivue from NISC (our billing platform) I would be really interested in hearing more as well. So my question is meant high level. For those folks that are ISP’s supporting business customers (including managed customers) along with residential eyeball traffic what system(s) do you use and what do you like/dislike? I’ve looked so far at WHD (Solarwinds product), OTRS, RT, RemedyForce, ZenDesk, HappyFox, Kayako and several others. All of them so far would require a fair amount of configuration or modifications based on our still developing wish list. Also worth noting is that we have no full time development staff so hoping to find something that has a lot of promise and then work with the vendor to evolve it into what we feel we need. **This is not an invitation for sales folks to call on me** Thanks, Paul
RE: Vyatta to VyOS
I wonder how Ubiquiti Networks is going to react to this since their EdgeMax Routers run a fork of the Vyatta code (EdgeOS). http://community.ubnt.com/t5/EdgeMAX/Vyatta-Community-Edition-dead/m-p/591487/highlight/true#M16059 It looks like there is a post in the form where a UBNT Employee said that they were working directly with the VyOS guys. In this case I wonder what other commercial vendor is going to jump on the open source bandwagon. -Original Message- From: Scott Howard [mailto:sc...@doc.net.au] Sent: Monday, December 23, 2013 1:45 PM To: Ray Soucy Cc: NANOG Subject: Re: Vyatta to VyOS Who wants to tell them that it's really 2013? News 22 Dec *2012* Version 1.0.0 (hydrogen) released. Scott On Mon, Dec 23, 2013 at 7:18 AM, Ray Soucy r...@maine.edu wrote: Many here might be interested, In response to Brocade not giving the community edition of Vyatta much attention recently, some of the more active community members have created a fork of the GPL code used in Vyatta. It's called VyOS, and yesterday they released 1.0. http://vyos.net/ I've been playing with the development builds and it seems to be every bit as stable as the Vyatta releases. Will be interesting to see how the project unfolds :-) -- Ray Patrick Soucy Network Engineer University of Maine System T: 207-561-3526 F: 207-561-3531 MaineREN, Maine's Research and Education Network www.maineren.net
Reverse DNS RFCs and Recommendations
I've been (probably needlessly) pouring over the Reverse DNS RFCs for long enough to actually have questions about a subject that should be relatively unimportant. I do want to make sure that we set up our reverse DNS correctly and most efficiently the first time so that we don't irritate other network operators with difficult regex based filtering ( http://www.gossamer-threads.com/lists/nanog/users/113633 ) and we don't have to change things as per a recommendation down the road. RFC draft-msullivan-dnsop-generic-naming-schemes-00.txt states: When using IP addresses in host names, their numbers SHOULD be separated by '.'s (dots) rather than any meta character such as a '-' (dash) and expressed in decimal. Host names SHOULD NOT use the '_' (underscore) character, host names for hosts with any form of SMTP mail service MUST NOT use the '_' (underscore) character. It is preferable to use the IP address in reverse format in the same way the the IN-ADDR.ARPA. domain is defined. Now since it is only a first revision draft I'm taking what it has to say with a grain of salt and it seems has taken quite a bit of criticism on forums. I'm also not singling out on Time Warner, WOW, Comcast or Charter for their naming conventions nor do I think they are bad, I'm just using them as examples because they are local, well-known ISPs. Actual Examples: cpe-67-XX-XX-XX.stny.res.rr.com - 67.XX.XX.XX d28-XX-XX-XX.dim.wideopenwest.com - 28.XX.XX.XX c-68-XX-XX-XX.hsd1.mi.comcast.net - 68.XX.XX.XX 24-XX-XX-XX.static.bycy.mi.charter.com - 24.XX.XX.XX *Most ISP Reverse DNS Hostnames (from what I've observed) seem to use the dash - character with the forward format, as opposed to the reverse IN-ADDR.ARPA. dotted scheme as recommended in the draft *Comcast and Charter all have geographic based furthest-right-hand tokens. *Charter, WideOpenWest, Time Warner, and Comcast all have some acronym that is not immediately clear, at least to me (HSD - High Speed Data?, BYCY - Bay City, MI?, DIM - Dynamic IP Mapping?, STNY - Southern Tier New York?) Which finally brings me to my questions: It seems like the unspoken de facto that mail admins appreciate given the IP 203.0.113.15 is 203-0-113-15.[type].[static/dynamic].yourdomain.tld. This seems perfectly acceptable, it's short, detailed and to the point. Is there really anything bad about this? What, if any would you name a network, gateway, broadcast address? Should the PTR be empty? tinfoilhat I've seen a lot about naming what type of technology it is (wireless, adsl, cable, etc.) in order to filter out the high speed spammers. It seems to me that this would open up the likelihood of a targeted attack. We've all heard of security though obscurity and of course no one relies on it but we have to face the fact there are CVEs every day for various networking hardware/firmware. If an attacker can query DNS and find out that the IP is for wireless they could filter all wireless gear exploits. Is this still a good practice given the abundance of high speed data connections or is this just opening yourself up to reconnaissance?/tinfoilhat There is a Merit Network mailing list discussion that outlines most of what I've read that can be found here ( http://www.merit.edu/mail.archives/nanog/msg06843.html ) Nolan Rollo VoIP Engineer Main: 517.223.3610x114 Fax: 517.223.4120 www.kw-corp.comhttp://www.kw-corp.com/
RE: Reverse DNS RFCs and Recommendations
So in the four examples below, 3 of them preface the IP with an alpha character. Charter however, starts the rDNS off with a number. I'm not arguing with anyone but what potential problems could that cause with DNS? I'm also thinking of the famous www.1and1.com, where the number 1 starts off one of the sections. snip 3. Start each section of the name with a letter, not a number or hyphen. snip Actual Examples: cpe-67-XX-XX-XX.stny.res.rr.com - 67.XX.XX.XX d28-XX-XX-XX.dim.wideopenwest.com - 28.XX.XX.XX c-68-XX-XX-XX.hsd1.mi.comcast.net - 68.XX.XX.XX 24-XX-XX-XX.static.bycy.mi.charter.com - 24.XX.XX.XX
RE: Network configuration archiving
Puppet, Chef, cfEngine, etc... the list goes on and on, it's a matter of taste (no chef pun intended) and what you're familiar with as well as what works for your device configurations and the management team -Original Message- From: Kenneth McRae [mailto:kenneth.mc...@dreamhost.com] Sent: Thursday, October 24, 2013 11:45 PM To: Jimmy Hess Cc: nanog@nanog.org Subject: Re: Network configuration archiving Hiw about SolarWinds Config Mgmt software? On Oct 24, 2013 8:38 PM, Jimmy Hess mysi...@gmail.com wrote: On Thu, Oct 24, 2013 at 4:25 PM, Job Snijders job.snijd...@hibernianetworks.com wrote: Dear all, I am unsure what we as networkers have done in the past, but I am sure we've done our fair share of atonement and don't have to keep using RANCID. Does the nature of the codebase and future development matter all that much?Not to dismiss it as a factor, but I think other criteria should be more important :) Nrmally when I would want to compare software I would be concerned first and foremost, (1) What does it do/what makes it unique -- is something special about package X over package Y?; (2) Does it meet all the minimum needs I have right now to be a viable solution? Does it grab all my configs and put them in a permanent revision control system? :) (3) How reliable is it, can I trust it? Is it very secure and safe to use?It's no good if it breaks, fails, or does something dangerous. How much care and feeding will it need to keep working? If it needs complex repair work every few weeks, I don't like it. (4) How easy is it to get up and running, and to perform any required ongoing maintenance (5) What extra nice to have functionality does it have? (6) Maybe other stuff like what language its written in, if extra features need to be added -- -JH
car2.Detroit1.Level3.net
Does anyone know of an issue involving car2.Detroit1.Level3.net and its handoffs? We have been experiencing about 25% packet loss this week which resulted in an outage from 19/Sep/2013 13:52 to 19/Sep/2013 14:01 Tracing route to google-public-dns-a.google.com [8.8.8.8] over a maximum of 30 hops: 11 ms1 ms1 ms 192.168.0.1 2 3 ms 2 ms 2 ms d233-64-65-227.dim.wideopenwest.com [64.233.227.65] 3 666 ms 705 ms 530 ms ge-7-43.car2.Detroit1.Level3.net [4.53.74.109] 4 *** Request timed out. 5 *** Request timed out. Nolan Rollo VoIP Engineer Main: 517.223.3610x114 Fax: 517.223.4120 www.kw-corp.comhttp://www.kw-corp.com/
