Re: Typical last mile battery runtime (protecting against power cuts)

[Roy]

On 2/4/2023 9:31 PM, Mark Tinka wrote:



On 2/5/23 07:02, Roy wrote:



My all electric house is in a rural area.  The generator that came 
with the place is a 20KW Onan,  The bad news is in can't handle the 
house.  I think it is the Aux Heat on the heat pump that is the 
problem.  I have to also power the well pump and the septic pump.


Is your house single or 3-phase?


Single phase.  The house is 200A service and the barn is another 200A 
service




I'd be curious how much horsepower your well and septic pumps require. 
The most I've seen is 15hp @ 11kW, but that is pretty massive for an 
average home, even an off-grid one. Typical requirements would be in 
0.75kW - 5kW range, which is a wide range.


Do you know how much power the heat pump requires?


I don't know how much the pumps require.  The water well is about 100 
feet from the house and the pressure tank.


The septic pump has to pump uphill to the drainage field.  Distance is 
about 250 feet and elevation gain of 100 feet or so.


The heat pump doesn't seem to be a problem but the aux heat is on two 
20amp 220v circuits.   There is a switch on the fan enclosure to disable 
the aux heat.


Another biggie is the electric hot water heater.

On 1/30 it never broke 32 degrees and the house used 145KWHR (average 
was 6KWH).  Thank goodness I am not far from the Columbia River and the 
BPA has a major substation about 5 miles away so I pay less than 10 
cents per KWH


Over 2022, I lost power about 8 times.  The longest outage was 15 hours.




I'd struggle to see how a 20kW generator struggles to to run a home, 
unless you've also got heated floors, saunas, steam baths, water and 
space heaters, electric stoves and ovens all running at the same time 
:-).


Mark.

Re: Typical last mile battery runtime (protecting against power cuts)

[Roy]

On 2/4/2023 2:10 PM, Mark Tinka wrote:



On 2/4/23 23:58, Sabri Berisha wrote:

I'd say I have something in between. I have a WEN GN875i: 
https://www.amazon.com/WEN-GN875i-Transfer-Switch-Ready-8750-Watt-Generator/dp/B08STWSWLH/


That's 7kw rated and 8.75kw peak. More than enough to support my home.


Yeah, plenty of juice.




My all electric house is in a rural area.  The generator that came with 
the place is a 20KW Onan,  The bad news is in can't handle the house.  I 
think it is the Aux Heat on the heat pump that is the problem.  I have 
to also power the well pump and the septic pump.


The one thing I made sure of was remote monitoring of the Utility 
power.  I get an email and a text when the power goes out and when it 
comes back.  Unfortunately the generator is not Internet aware.

Re: "Permanent" DST

[Roy]

On 3/15/2022 1:19 PM, Andy Ringsmuth wrote:

On Mar 15, 2022, at 2:40 PM, Eric Kuhnke  wrote:

If Canada doesn't do the same thing at the same time, it'll be a real hassle, 
dealing with a change from -8 to -7 crossing the border between BC and WA, for 
instance. It has to be done consistently throughout North America.

Nah, not really a big deal. The transportation world has handled it just fine 
for Arizona, and previously, Indiana.

Heck, here’s where it gets real confusing.

Arizona does not observe DST as a state. However, freight railroads in Arizona 
DO. At least BNSF Railway does. So for a good chunk of the year, if you are 
involved with the railroad, you have to clarify if events are happening at 8 
a.m. city time or 8 a.m. railroad time.

At least that’s how it was last time I was down there as a railroad contractor.

-Andy.




Arizona time is supposedly MST all year but it is not consistent. The 
Indian nations adopt their own rules whether to use DST or not. Example:
the Navajo nations uses DST but Hopi nation doesn't.  You can plot a 
trip from east to west across AZ and have to change your clock seven times!

Re: "Permanent" DST

[Roy]

  
  
Actually I think the proposed bill
  leaves AZ and HI on standard time.  The bill's primary focus is on
  stopping the changing of the clock twice a year.
  
  Arizona time is supposedly MST all year but it is not consistent. 
  The Indian nations adopt their own rules whether to use DST or
  not.  Example: the Navajo nations uses DST but Hopi nation
  doesn't.  You can plot a trip from east to west across AZ and have
  to change your clock seven times!
  
  
  
  On 3/15/2022 12:44 PM, Mel Beckman wrote:


  
  We already have this problem with Arizona, which never changes
  time for the summer. 
  
  -mel via cell
  
On Mar 15, 2022, at 3:40 PM, Eric Kuhnke
   wrote:
  

  
  

  If Canada doesn't do the same thing at the same
time, it'll be a real hassle, dealing with a change from -8
to -7 crossing the border between BC and WA, for instance.
It has to be done consistently throughout North America.

  
  
  
On Tue, 15 Mar 2022 at
  12:35, Jay R. Ashworth 
  wrote:


  The bill is "permanently move all US time zones one hour
  earlier (-8 thru -5 is 
  replaced permanently with -7 thru -4).
  
  They are *calling it* "permanent DST", but that's not
  really what's happening, 
  in my engineering appraisal.  Or my geopolitical one, but
  I don't lay claim 
  to professional opinions there.
  -- jra
  
  - Original Message -
  > From: "Mel Beckman" 
  > To: "jra" 
  > Cc: "nanog@nanog.org
  list" 
  > Sent: Tuesday, March 15, 2022 3:19:11 PM
  > Subject: Re: "Permanent" DST
  
  > I don’t follow why cancelling DST has the effect of
  moving the US fifteen
  > degrees to the east. Also, your subject line reads
  “permanent DST”, but from
  > your language the bill will be permanent standard
  time.
  > 
  > I haven’t read the bill, but I’m hoping you can
  explain your position more
  > clearly.
  > 
  > -mel via cell
  > 
  >> On Mar 15, 2022, at 3:13 PM, Jay R. Ashworth 
  wrote:
  >> 
  >> In a unanimous vote today, the US Senate
  approved a bill which would
  >> 
  >> 1) Cancel DST permanently, and
  >> 2) Move every square inch of US territory 15
  degrees to the east.
  >> 
  >> My opinion of this ought to be obvious from my
  rhetoric.  Hopefully, it will
  >> fail, because it's likely to be the end of
  rational time worldwide, and even
  >> if you do log in UTC, it will still make your
  life difficult.
  >> 
  >> I'm poleaxed; I can't even decide which grounds
  to scream about this on...
  >> 
  >> Hopefully, the House or the White House will be
  more coherent in their
  >> decision on this engineering construct.
  >> 
  >> Cheers,
  >> -- jra
  >> 
  >> --
  >> Jay R. Ashworth                  Baylink         
               j...@baylink.com
  >> Designer                     The Things I Think 
                       RFC 2100
  >> Ashworth & Associates       http://www.bcp38.info 
          2000 Land Rover DII
  > > St Petersburg FL USA      BCP38: Ask For It By
  Name!           +1 727 647 1274
  
  -- 
  Jay R. Ashworth                  Baylink                 
       j...@baylink.com
  Designer                     The Things I Think           
             RFC 2100
  Ashworth & Associates       http://www.bcp38.info 
          2000 Land Rover DII
  St Petersburg FL USA      BCP38: Ask For It By Name!     
       +1 727 647 1274

  

  


  

Re: Never push the Big Red Button (New York City subway failure)

[Roy]

Miy story in the late 1970s I was working in a large computer facility 
with both mainframes and mil-spec 400hz computers.
Management decided that the EPO should be tested.  So we powered down 
the disk and tapes.  The electrician pressed

the EPO button and NOTHING.  Everything kept running.

Turns out a wire had come loose and the fuse in the EPO circuit had blown.

Roy

Re: FCC fines for unauthorized carrier changes and consumer billing

[Roy]

  
  

  
  There is a difference between fines and ordering restitution.  The FTC case was concerned with
"monetary relief"  The
  FTC and the FCC are allowed to impose civil penalties.
  
  On 4/23/2021 10:29 AM, Matt Erculiani wrote:


  
  > It just got harder for the FTC to fine people


Based on the unanimous US Supreme Court decision, they
  never could in the first place, at least in the particular
  manner that was challenged.


It'll be up to Congress to explicitly define how big the
  FTC's teeth are, not the unelected leadership of a regulatory
  body to decide for themselves. Working as Intended (despite
  the undesirable end result). 


-Matt
  
  
  
On Fri, Apr 23, 2021 at 11:00
  AM Patrick W. Gilmore  wrote:

On
  Apr 23, 2021, at 12:47 PM, Sean Donelan  wrote:
  > On Fri, 23 Apr 2021, Dan Hollis wrote:
  >> On Fri, 23 Apr 2021, Eric Kuhnke wrote:
  >>> Did the FCC ever collect its $50 million from
  "Sandwich Isles
  >>> Telecommunications" for blatant fraud?  At this
  scale I wonder how or why
  >>> certain people are not in federal prison.
  >> 
  >> FCC is not law enforcement. The FTC can send people
  to prison. The FCC can only send press releases.
  > 
  > Neither FCC nor FTC can send people to prison. Only the
  Department of Justice can criminally prosecute people (or
  corporations, i.e. WORLDCOM, ENRON, etc) in the U.S. Federal
  system.  States and other countries vary.
  > 
  > FCC can deny future licenses and make things difficult
  for long-term carriers. Most scammers declare bankruptcy or
  just never pay.
  > 
  > 
  > https://www.politico.com/story/2015/11/fcc-fine-enforcement-scrutiny-216121
  > FCC proposes millions in fines, collects $0
  > November 23, 2015
  
  It just got harder for the FTC to fine people: https://www.morningbrew.com/daily/stories/2021/04/22/supreme-court-limits-ftcs-ability-recoup-illgotten-gains
  
  -- 
  TTFN,
  patrick
  

  
  
  
  
  -- 
  
Matt Erculiani
  ERCUL-ARIN

  


  

Re: Massive Spectrum Outage

[Roy]

Northern CA is fine.  Cable and fiber both operating

On 7/29/2020 7:36 PM, Kenneth McRae via NANOG wrote:

Anyone outside of S. California affected?

Re: Reminiscing our first internet connections (WAS) Re: akamai yesterday - what in the world was that

[Roy]

Don't forget B8ZS which did way with the need for SFon copper data T1s

On 1/27/2020 10:43 AM, Lyle Giese wrote:


64k vs 56k was the result of changing T1 framing from SF to ESF.  SF 
utilized AMI(Alt Mark Inversion) required for copper T1 lines between 
Central Offices.  SF(Super Frame) robbed bits for signalling and 
limited each voice channel to 56k.  Conversion to fiber between TELCO 
offices allowed the conversion of SF to ESF, which dropped the AMI 
requirement and the resultant bit robbing, allowing 64k throughput per 
voice channel.


In other words, the limitation was in the inter-office T1's and the 
conversion of to fiber between TELCO offices cleared that hurdle.


Lyle Giese

LCR Computer Services, Inc.

Re: Reminiscing our first internet connections (WAS) Re: akamai yesterday - what in the world was that

[Roy]

On 1/27/2020 8:29 AM, Daniel Seagraves wrote:

On Jan 24, 2020, at 5:26 PM, Ben Cannon  wrote:

I started what became 6x7 with a 64k ISDN line.   And 9600 baud modems…

Hayes Smartmodem here, 1200 baud. Local BBS offered PPP service.

When I got my first sysadmin job, $work had a T1 and it felt like more speed 
than was fair…

.


1988 -- $work had 56 Kbps to BBN (I think).  Router was a Cisco AGS :-)

Re: Any technical-network issues? (was Re: Special Counsel Office report web site)

[Roy]

On 4/18/2019 3:44 PM, Sean Donelan wrote:

On Wed, 17 Apr 2019, Sean Donelan wrote:
The Special Counsel's report is expected to be posted on its website 
sometime between 11 a.m. and noon on Thursday, April 18, 2019.


Its been about 7 hours since the report was released on the SCO web 
site and to the news media.  Ignoring the content of the report, and 
looking only at technical network distribution issues:


1. I did not experience and did not see any reports of network 
distribution problems.


2. I did not experience and did not see any reports of malicious DDOS 
or attempts to disrupt the distribution.





I think every news website had a copy: CNN, Fox, Reuters, US Today, 
MSNBC etc.  Even aljazeera.com and BBC News had copies.  I don't know 
anyone who used a .gov website.

Re: Question about ISP billing procedures

[Roy]

  
  
On 2/27/2019 8:31 PM, Daniel Rohan
  wrote:


  
  Can anyone shed light on how ISPs handle missing
samples when calculating p95s for monthly billing cycles? Do
they fill null samples with zeros or leave them as null? 
  
  
  I’m working on a billing sanity tool and want to
make sure to cover my corner cases well. 
  
  
  Thanks!
  
  
  Dan
  -- 
  Thanks,
Dan


You have to be careful legally.  You can't bill something you
  cannot prove.  Unless you can extrapolate the data from the
  adjacent samples, you have to assume the best case for the user
  which is probably zero usage.
  

verizon AS701 looking glass sever

[Roy Hockett]

Does anyone have a bookmark for a looking glass server for Verizon/UUnet  
(AS701)?

If someone from Verizon/UUnet noc can contact me offline, that would also be 
helpful.

Re: Remote power cycle recommendations

[Roy]

We use Synaccess

https://www.synaccess-net.com/switched/

Re: Temp at Level 3 data centers

[Roy]

On 2017-10-13 14:10, Roy wrote:


The IBM 308x and 309x series mainframes were water cooled.


The bank I worked for had just installed one. A big change were noise
levels, the thing was really quiet. But servicing now required a plumber
too. (there was a separate cabinet for the water pumps as I recall.)

But in all cases, the issue is how long you can survive when your "heat
dump" is not available. If nobody is removing heat from your water loop
it will eventually fail too.


In the end, it is a lot easier to provide redundancy for HVAC in one
large room than splitting the DC into small suites that each have their
1 unit. Redundancy there would require 2 units per suite. And the
problem with having AC units that are capable of twice the load (in case
other one fails) is that it increases the on-off cycles and thus reduces
lifetime (increases likelyhood of failure).


The separate box was a heat exchanger. In the "old" days, buildings 
had central systems that provided chilled water.  Its similar to your 
house HVAC where an outside unit cools Freon and you have a heat 
exchanger that cools the inside air.  In the case of the water cooled 
mainframe, the same chilled water was connected  to the exchanger and 
not directly to the computer.  The water running through the computer 
was a closed system.

Re: Temp at Level 3 data centers

[Roy]

The IBM 308x and 309x series mainframes were water cooled.  They did 
have Thermal Conduction Modules which had a helium-filled metal cap, 
which contains one piston per chip; the piston presses against the back 
of each chip to provide a heat conduction path from the chip to the 
cap.  The cap was connected to the chilled water supply.


On 10/13/2017 10:51 AM, Chris Adams wrote:

Once upon a time, b...@theworld.com  said:

Also, the IBM 3090 at least, was cooled via helium-filled pipes kind
of like today's liquid cooled systems. It was full of plumbing. If you
opened it up some chips were right on copper junction boxes (maybe
they were just sensors but it looked cool.)

Cray supercomputers had Freon lines through them for cooling, up until
the last generation of the "old school" supercomputer.  That was not
sufficient to keep it cool, so they sealed the chassis (which was huge)
and pumped it full of 4 tons of Fluorinert.

Trump names new FCC chairman

[Roy]

Trump has picked Ajit Pai to serve as the next chairman of the Federal 
Communications Commission. Pai is currently the senior Republican 
commissioner at the FCC and does not require Senate approval.


http://money.cnn.com/2017/01/23/technology/trump-fcc-chairman/index.html

Re: nested prefixes in Internet

[Roy]

I don't think I ever said that ISP-B would announce the /19.  That would 
only be announced by ISP-A.  ISP-B would only announce the /24 that has 
been delegated to it.


If the ISP-A/ISP-B link goes down then the /24 would be seen only via 
ISP-C which is the desired result.






On 10/10/2016 9:16 AM, joel jaeggli wrote:

On 10/10/16 9:04 AM, Roy wrote:


The solution proposed allows ISP-B to use both paths at the same time,
needs ISP-C to minimal changes, and has low impact on the global
routing tables..  I have successfully used it in the past and my old
company is still using it today.

Having two parties in control of a prefix announcement is a bit of a
disaster. ISP A becomes partitioned from isp B isp B does not withdraw
the covering aggregate and black-holes the of ISP A that lands on it's
edge. bummer.

Re: nested prefixes in Internet

[Roy]

The solution proposed allows ISP-B to use both paths at the same time, 
needs ISP-C to minimal changes, and has low impact on the global routing 
tables..  I have successfully used it in the past and my old company is 
still using it today.


.On 10/9/2016 11:50 PM, Martin T wrote:

Florian:

as I told in my initial e-mail, ISP-B is multi-homed, i.e connected to
ISP-A(who leases the /24 to ISP-B from their /19 block) and also to
ISP-C. ISP-B wants to announce this /24 both to ISP-A and ISP-C.
That's the reason why either solution 1 or 2 in my initial e-mail is
needed.

However, I would like to hear from Roy and Mel why do they prefer a
third option where ISP A announces the /19 and the /24 while ISP B
does just the /24.


thanks,
Martin

On Wed, Oct 5, 2016 at 11:50 PM, Florian Weimer  wrote:

* Martin T.:


Florian:


Are the autonomous systems for the /19 and /24 connected directly?

Yes they are.

Then deaggregation really isn't necessary at all.


(1) can be better from B's perspective because it prevents certain
routing table optimizations (due to the lack of the covering prefix)

What kind of routing table optimizations are possible if covering /19
prefix is also present in global routing table?

The /24 prefix could arguably be dropped and ignored for routing
decisions.

Re: nested prefixes in Internet

[Roy]

Option 3?

ISP A announces the /19 and the /24 while ISP B does just the /24

On 9/27/2016 4:20 AM, Martin T wrote:

Hi,

let's assume that there is an ISP "A" operating in Europe region who
has /19 IPv4 allocation from RIPE. From this /19 they have leased /24
to ISP "B" who is multi-homed. This means that ISP "B" would like to
announce this /24 prefix to ISP "A" and also to ISP "C". AFAIK this
gives two possibilities:

1) Deaggregate /19 in ISP "A" network and create "inetnum" and "route"
objects for all those networks to RIPE database. This means that ISP
"A" announces around dozen IPv4 prefixes to Internet except this /24
and ISP "B" announces this specific /24 to Internet.

2) ISP "A" continues to announce this /19 to Internet and at the same
time ISP "B" starts to announce /24 to Internet. As this /24 is
more-specific than /19, then traffic to hosts in this /24 will end up
in ISP "B" network.


Which approach is better? To me the second one seems to be better
because it keeps the IPv4 routing-table smaller and requires ISP "A"
to make no deaggregation related configuration changes. Only bit weird
behavior I can see with the second option is that if ISP "B" stops for
some reason announcing this /24 network to Internet, then traffic to
hosts in this /24 gets to ISP "A" network and is blackholed there.


thanks,
Martin

Re: Oh dear, we've all been made redundant...

[Roy]

Here is an even better one.  This one recycles the power when it loses 
contact with the internet.


http://resetplug.com/

On 3/20/2016 10:22 AM, Mike wrote:


This is great, I now have something I can show to my customers to 
confirm that all this power cycling and such really is an 'accepted 
problem'...


On 03/19/2016 04:16 PM, Warren Kumari wrote:

Found on Staple's website:
http://www.staples.com/NetReset-Automated-Power-Cycler-for-Modems-and-Routers/product_1985686 



Fixes all issues, less downtime, less stress...
Improves performance, eliminates buffering...
It slices, it dices in teeny, tiny slices.
It makes mounds of julienne fries in just seconds.
...

Description - copied here for convenience:

All the issues associated with the Internet being down can be solved by
power cycling the modem and router. But that can be hard to do! NetReset
resolves network issues by offering sequential power cycling. This means
that when the modem and router are plugged into the device, they are
powered up at different times. The modem is powered up first, then a 
minute

later, the router is powered up. This rebooting will occur at initial
setup, every 24 hours and after a power failure. Do you have a 
modem/router
combo? No problem! NetReset will also power cycle the modem/router 
combo.



Automatically resets user's Internet every 24 hours
Maximizes Internet speed & reliability
Eliminates media stream buffering
Hands-free Internet reset
Resets hard-to-reach modem/router
Less Internet downtime
Less daily stress
No need to manually reset
Reset occurs at programmed time
Updated information from Internet service provider
Proper reboot after a power failure
Resetting allows equipment to auto-correct issues

Re: IPV6 availability

[Roy]

Thanks for the info

I have contacted my sales rep to she if she can get it turned on for my 
fiber connection.


Roy

On 12/17/2015 7:32 AM, Rampley Jr, Jim F wrote:

Hi Roy,

Charter has launched IPv6 for our commercial Fiber Internet customers. We
are also in EFT with IPv6 for Cable Modem Management and Dual Stack for
Resi HSI is in our PoC lab. Both of these are expected to launch mid-2016.

Hope this is helpful. Let me know if you have any questions.

Jim





On 12/17/15, 7:20 AM, "NANOG on behalf of White, Andrew"
 wrote:


Here's our page on IPv6 support:

http://www.charter.net/support/internet/ipv6/

TL;DR: Subscribers can only get ipv6 today via a 6rd tunnel.


Andrew White
Desk:  314.394-9594  | Cell:  314.452-4386
Systems Engineer III, DAS DNS group
Charter Communications
12405 Powerscourt Drive, St. Louis,  MO 63131



-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Roy
Sent: Wednesday, December 16, 2015 4:52 PM
To: nanog
Subject: IPV6 availability

Anyone know what the IPV6 availability is on Cable One or Charter
networks?

Last I heard from Charter was that they were in beta.  Its been in that
state for years.

I can't find anything on Cable One

IPV6 availability

[Roy]

Anyone know what the IPV6 availability is on Cable One or Charter networks?

Last I heard from Charter was that they were in beta.  Its been in that 
state for years.


I can't find anything on Cable One

Re: Updated Ookla Speedtest Server Requirements

[Roy]

On 11/10/2015 8:54 AM, Rich Brown wrote:

On Nov 10, 2015, at 7:00 AM, Hank Nussbacher wrote:

The value of Ookla dropped significantly so we just let our license lapse
and did what everyone else was doing and pointed our speedtest to:
http://uk2.testmy.net/SmarTest/combinedAuto
and manage with this free service just fine.

You might consider pointing people to the DSLReports Speed Test 
(www.dslreports.com/speedtest)

...


My home cable connection

testmynet  12/2.4
speedtest.net  94/3.3
dslreports 94/3.4


testmynet is not very accurate

Charter and IPV6?

[Roy]

Has Charter rolled out IPV6 yet?  I have both fiber and cable 
connections to Charter but I stopped asking them months ago.


Roy

Historical records of POCs

[Roy]

Is there an archive of POCs for some of the early netblocks (1985 or 
so)?  We are trying to figure out some corporate history.

Re: 100Gb/s TOR switch

[Hockett, Roy]

I did see these switches at SC14.

http://www.corsa.com/products/dp6440/

Thanks,
-Roy Hockett

Network Architect,
ITS Communications Systems and Data Centers
University of Michigan
Tel: (734) 763-7325
Fax: (734) 615-1727
email: roy...@umich.edu

On Apr 8, 2015, at 3:01 PM, Piotr  wrote:

> Hi,
> 
> There is something like this on market ? Looking for standalone switch, 1/2U, 
> ca 40 ports 10Gb/s and about 4 ports 100Gb/s fixed or as a module.
> 
> regards,
> Peter

Re: Charter/Comcast Enginner-Contact

[Roy]

The Charter engineers are all working on their IPV6 migration and have 
been for at least three years now :-(


.On 3/1/2015 6:25 PM, Lewis,Mitchell T. wrote:


Any Charter or Comcast Network Folks out there? I would appreciate a contact 
off-list. I am in the charter new england territory to be transferred to comcast 
& am seeing unusual network issues.


Thanks,







Mitchell T. Lewis
mle...@techcompute.net
LinkedIn Profile: www.linkedin.com/in/mlewiscc
Mobile: (203)816-0371

A computer will do what you tell it to do, but that may be much different from 
what you had in mind. ~Joseph Weizenbaum

Re: Facebook outage?

[Roy]

According to one joker, the crash was caused by too many pictures of the 
Northeast blizzard :-)

Re: Office 365 Expert - I am not. I have a customer that...

[Roy Hirst]

I found both these useful, all credit to the authors:

Application-Driven Bandwidth Guarantees in Data Centers 
www.hpl.hp.com/people/jklee/Sigcomm14-CloudMirror.pdf 
<http://www.hpl.hp.com/people/jklee/Sigcomm14-CloudMirror.pdf>


Surviving failures in Bandwidth-Constrained Datacenters 
http://research.microsoft.com/pubs/167565/fp285-bodikPS.pdf


Roy

**Roy Hirst* 425-556-5773
XKL LLC | 12020 113th Ave NE, Suite 100 | Kirkland, WA 98034 | USA

*
On 1/6/2015 12:49 PM, Roy Hirst wrote:

I know there is no such thing as a patient line of packets.
There was recently some research done on feedback from big early 
adopters (hosts) that I will try to dig out if you need it.
I remember that (1) user-to-data center bandwidth is much less than 
the resulting in-data-center bandwidth or dc-dc bandwidth (2) there 
are some useful metrics (ratios) for estimating bandwidth if you know 
the workload server GHz, installations need balance  (3) Many (most?) 
estimates underestimate fiber bandwidth actual requirements.

Roy

**Roy Hirst* 425-556-5773
XKL LLC | 12020 113th Ave NE, Suite 100 | Kirkland, WA 98034 | USA

*
On 1/6/2015 12:37 PM, Bob Evans wrote:
I have a customer that heavily uses Microsoft Office 365. It's 
hosted. All

the data I see about usage per user appears theoretical. In that the
formulas assume people are taking turns using the bandwidth as if 
there is
a patient line of packets at the Internet gas pump. Nobody is 
clicking at

the same time. We all know that is not the real world.

Does anyone have any experience with Office 365 hosted that can tell me
the practical bandwidth allocation (NOT in KB per month, but in
megabits/sec) for 100 users (during normal work hours) needs to be
available ?

Thank You in advance,
Bob Evans
CTO Fiber Internet Center

Re: Office 365 Expert - I am not. I have a customer that...

[Roy Hirst]

I know there is no such thing as a patient line of packets.
There was recently some research done on feedback from big early 
adopters (hosts) that I will try to dig out if you need it.
I remember that (1) user-to-data center bandwidth is much less than the 
resulting in-data-center bandwidth or dc-dc bandwidth (2) there are some 
useful metrics (ratios) for estimating bandwidth if you know the 
workload server GHz, installations need balance  (3) Many (most?) 
estimates underestimate fiber bandwidth actual requirements.

Roy

**Roy Hirst* 425-556-5773
XKL LLC | 12020 113th Ave NE, Suite 100 | Kirkland, WA 98034 | USA

*
On 1/6/2015 12:37 PM, Bob Evans wrote:

I have a customer that heavily uses Microsoft Office 365. It's hosted. All
the data I see about usage per user appears theoretical. In that the
formulas assume people are taking turns using the bandwidth as if there is
a patient line of packets at the Internet gas pump. Nobody is clicking at
the same time. We all know that is not the real world.

Does anyone have any experience with Office 365 hosted that can tell me
the practical bandwidth allocation (NOT in KB per month, but in
megabits/sec) for 100 users (during normal work hours) needs to be
available ?

Thank You in advance,
Bob Evans
CTO Fiber Internet Center

Re: Cisco AnyConnect speed woes!

[Roy Hirst]

Confidently based on no knowledge at all -

*Roy Hirst* | 425-556-5773 | 425-324-0941 cell
XKL LLC | 12020 113th Ave NE, Suite 100 | Kirkland, WA 98034 | USA



- We have noticed that in some instances that if a user is on a low
speed connection that their VPN speed gets cut by about 1/3.  
This doesn't

seem normal that the VPN would use this much overhead
No, sure, but are you sure that congestion is not dropping a packet 
somewhere in the end-to-end? If you offend TCP it will likely cut the 
sender's packet transmit rate, even if the "possible" VPN rate is much 
higher.
- We do not have the issue when connecting to VPN directly on our 
own

network, only connections from the Internet
Internet would mean maybe a proxy or firewall then, with too-small 
buffers or an old-time TCP/IP stack? Just a thought.


If you have any ideas on what we could try net, please let me know!

- Zachary


What OS builds?   At one point the code had an 8 packet hard coded 
window per tcp flow, which capped ssl over tcp window size to about 
5mbps depending on RTT. Recent 8 branches raised this to something 
more reasonable that capped around 20 mbps.DTLS over udp and IPSEC 
tunnels did not have this issue.

UDP traffic does not have this problem but TCP does? Hmmm...










The information contained in this e-mail message may be privileged, 
confidential and protected from disclosure.
If you are not the intended recipient, any dissemination, distribution or 
copying is strictly prohibited.
If you think that you have received this e-mail message in error, please e-mail 
the sender at the above e-mail address.

Re: Cisco AnyConnect speed woes!

[Roy Hirst]

Have you considered user protocol issues, higher up the stack where your 
NOC investigation can't see them? If TCP is not tuned, and detects TCP 
packets are dropping due to congestion, it drops (halves?) its transmit 
rate until all is well again. At a network operator level, you may have 
the L1 bandwidth ready and willing to tranport all the bits in sight, 
but just one poor TCP stack (old FTP? old SMB?)  in the TCP roundtrip 
will throttle bits presented way down. I have on my desk here a badly 
configured example where poor TCP buffering drops throughput to 5% of 
expected. Well known issue, for IT folks in enterprises. Wireshark etc 
will easily let you see how fast user traffic is arriving. Just a thought.

Roy

*Roy Hirst* | 425-556-5773 | 425-324-0941 cell
XKL LLC | 12020 113th Ave NE, Suite 100 | Kirkland, WA 98034 | USA

On 12/9/2014 12:02 PM, Darden, Patrick wrote:

MTU should be automatically managed by the AnyConnect client.  With that said, have 
you done PMTUd (e.g. nmap --script path-mtu  from one endpoint to the 
next)?

I'd do a network map, working with your upstream provider, to identify and 
isolate variables.  E.g. to find media changes (wrt MTU changes/mismatches).
--start with icmp traceroute
--next do a udp traceroute
--next do a tcp traceroute
--each traceroute will give you a slightly different picture, some hops 
will respond to one but not another
--try a vpn connection  from Upstream1 first, to see if it happens 
there.
--try a vpn connection  from Upstream2 next, to see if it happens there.
--try a vpn connection in reverse from Upstream2, then Upstream1, to 
see if the speed in one direction, via one or another portal, is faster.
--continue to isolate networks, network devices, until you can find the 
point (e.g. advertisement injector) or process (e.g. MTU LCD or asymmetric 
routing) which is causing this.

--p

-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Zachary McGibbon
Sent: Tuesday, December 09, 2014 1:42 PM
To: NANOG
Subject: [EXTERNAL]Cisco AnyConnect speed woes!

I'm looking for some input on a situation that has been plaguing our new 
AnyConnect VPN setup.  Any input would be valuable, we are at a loss for what 
the problem is.

We recently upgraded our VPN from our old Cisco 3000 VPN concentrators running 
PPTP and we are now running a pair of Cisco 5545x ASAs in an HA active/standby 
pair.

The big issue we are having is that many of our users are complaining of low 
speed when connected to the VPN.  We have done tons of troubleshooting with 
Cisco TAC and we still haven't found the root of our problem.

Some tests we have done:

- We have tested changing MTU values
- We have tried all combinations of encryption methods (SSL, TLS, IPSec,
L2TP) with similar results
- We have switched our active/standby boxes
- We have tested on our spare 5545x box
- We connected our spare box directly to our ISP with another IP address
- We have whitelisted our VPN IP on our shaper (Cisco SCE8000) and our
IPS (HP Tipping Point)
- We have bypassed our Shaper and our IPS
- We made sure that traffic from the routers talking to our ASAs is
synchronous, OSPF was configured to load balance but this has been changed
by changing the costs on the links to the ASAs
- We have verified with our two ISPs that they are not doing any kind of
filtering or shaping
- We have noticed that in some instances that if a user is on a low
speed connection that their VPN speed gets cut by about 1/3.  This doesn't
seem normal that the VPN would use this much overhead
- We do not have the issue when connecting to VPN directly on our own
network, only connections from the Internet

If you have any ideas on what we could try net, please let me know!

- Zachary





The information contained in this e-mail message may be privileged, 
confidential and protected from disclosure.
If you are not the intended recipient, any dissemination, distribution or 
copying is strictly prohibited.
If you think that you have received this e-mail message in error, please e-mail 
the sender at the above e-mail address.

Re: DWDM Documentation

[Roy Hirst]

Not found as much as I'd like.
I can see an architecture, can see the database and where it lives, but 
I can't see a data model that works.
if the problem is to track "dumb" infrastructure metadata, like 
port::cableID::cabletray, then I can't get an event (e.g. SNMP) to 
report a status change, and entropy eats at my data unless I spend 
people time keeping it up to date. It's not the rendering of racks, it's 
the quality of the data that's an issue.
I don't even know when (if?) this tracking becomes a problem. When is a 
hardcopy wallchart not enough? At 50 servers? At 500 servers?
I saw a while back a finance industry comment that it's config errors, 
not particularly backhoes, that are a significant source of their down 
time. So you'd expect some NOC attention on inventorying cableIDs etc., 
but it's hard to find.
Now we are seeing some affordable (100GE at 4x10GE) services popping up, 
I thought I'd like to see what the future reqs are for these interfaces 
- more eggs in one basket maybe adds importance.
You are yourself, maybe, sitting on a hidden store of use cases for 
infrastructure manageability? :-)

Roy

*Roy Hirst* | 425-556-5773 | 425-324-0941 cell
XKL LLC | 12020 113th Ave NE, Suite 100 | Kirkland, WA 98034 | USA

On 12/7/2014 7:46 PM, Colton Conor wrote:

What have you found so far?

On Thu, Dec 4, 2014 at 1:15 PM, Roy Hirst <mailto:rhi...@xkl.com>> wrote:


Replying offline to Theo. Schwer zu finden.
Roy

*Roy Hirst* | 425-556-5773  | 425-324-0941
 cell
XKL LLC | 12020 113th Ave NE, Suite 100 | Kirkland, WA 98034 | USA


On 12/4/2014 5:21 AM, Theo Voss wrote:

Hi guys,

we, a Berlin / Germany based carrier, are looking for a smart
documentation (shelfs, connections, fibers) and visualization
tool for our ADVA-based DWDM-enviroment. Do you have any
suggestions or  hints for me? We’re testing „cableScout“, the
only one I found, next week but. Unfortunately it isn’t easy
to get any information about such tools! :(

Thanks in advance!

Best regards,
Theo Voss (AS25291)





The information contained in this e-mail message may be
privileged, confidential and protected from disclosure.
If you are not the intended recipient, any dissemination,
distribution or copying is strictly prohibited.
If you think that you have received this e-mail message in error,
please e-mail the sender at the above e-mail address.







The information contained in this e-mail message may be privileged, 
confidential and protected from disclosure.
If you are not the intended recipient, any dissemination, distribution or 
copying is strictly prohibited.
If you think that you have received this e-mail message in error, please e-mail 
the sender at the above e-mail address.

Re: 10Gb iPerf kit?

[Roy Hirst]

For RFC2444, please read RFC2544, and forgive the spam.
*Roy Hirst* | 425-556-5773 | 425-324-0941 cell
XKL LLC | 12020 113th Ave NE, Suite 100 | Kirkland, WA 98034 | USA

On 12/8/2014 8:29 AM, Roy Hirst wrote:
Can't help with faster adapters, but I believe there are some 
underlying architectural issues here as to why the speeds are hard to 
achieve, and why some people can and others maybe can't achieve them.
For Carrier Ethernet, I believe most of these are covered in RFC2444 
and the related RFC6815. Even with bit speeds up to spec, traffic 
speeds are impacted non-linearly by customer protocols including the 
usual suspect, TCP. This is documented in ITU-T Y.1564, clearly enough 
for simple folk like me. A good example for your corkboard is slide 
(page) 28 of the excellent 
20140409-Tierney-100G-experience-Internet2-Summit.pdf, included as 
part of a report on 100GE performance test methodologies. Which is how 
I stumbled across it.

Roy

*Roy Hirst* | 425-556-5773 | 425-324-0941 cell
XKL LLC | 12020 113th Ave NE, Suite 100 | Kirkland, WA 98034 | USA

On 12/7/2014 8:48 AM, Teleric Team wrote:

From: p...@fiberphone.co.nz
Subject: Re: 10Gb iPerf kit?
Date: Sun, 7 Dec 2014 09:24:41 +1300
To: nanog@nanog.org

On 11/11/2014, at 1:35 PM, Randy Carpenter  
wrote:


I have not tried doing that myself, but the only thing that would 
even be possible that I know of is thunderbolt.
A new MacBook Pro and one of these maybe: 
http://www.sonnettech.com/product/echoexpresssel_10gbeadapter.html
Or one of these ones for dual-10Gbit links (one for out of band 
management or internet?):


http://www.sonnettech.com/product/twin10g.html

I haven't tried one myself, but they're relatively cheap (for 10gig) 
so not that much outlay to grab one and try it (esp if you already 
have an Apple laptop you can test with).


How would you use it? with iperf still?I don't think you will go 
nearly close to 14.8Mpps per port this way.Unless you are talking 
about bandwidth testing with full sized packet frames and low pps rate.
I personally tested a 1Gbit/s port over a MBP retina 15 thunderbot 
gbe with BCM5701 chipset. I had only 220kpps on a single TX 
flow.Later I tried another adapter with a marvel yukon mini port. Had 
better pps rate, but nothing beyond 260kpps.


I've done loads of 1Gbit testing using the entry-level MacBook Air 
and a Thunderbolt Gigabit Ethernet adapter though, and I disagree 
with Saku's statement of 'You cannot use UDPSocket like iperf does, 
it just does not work, you are lucky if you reliably test 1Gbps'. I 
find iperf testing at 1Gbit on Mac Air with Thunderbolt Eth 
extremely reliable (always 950+mbit/sec TCP on a good network, and 
easy to push right to the 1gbit limit with UDP.

Again, with 64byte packet size? Or are you talking MTU?
With MTU size you can try whatever you want and it will seem to be 
reliable. A wget/ftp download of a 1GB file will provide similar 
results, but I dont think this is useful anyway since it won't test 
anything close to rfc2544 or at least an ordinary internet traffic 
profile with a mix of 600bytes pkg size combined with a lower rate of 
smaller packets (icmp/udp, ping/dns/ntp/voice/video).
I am also interested in a cheap and reliable method to test 10GbE 
connections. So far I haven't found something I trust.

Pete








The information contained in this e-mail message may be privileged, 
confidential and protected from disclosure.
If you are not the intended recipient, any dissemination, distribution 
or copying is strictly prohibited.
If you think that you have received this e-mail message in error, 
please e-mail the sender at the above e-mail address.





The information contained in this e-mail message may be privileged, 
confidential and protected from disclosure.
If you are not the intended recipient, any dissemination, distribution or 
copying is strictly prohibited.
If you think that you have received this e-mail message in error, please e-mail 
the sender at the above e-mail address.

Re: 10Gb iPerf kit?

[Roy Hirst]

Can't help with faster adapters, but I believe there are some underlying 
architectural issues here as to why the speeds are hard to achieve, and 
why some people can and others maybe can't achieve them.
For Carrier Ethernet, I believe most of these are covered in RFC2444 and 
the related RFC6815. Even with bit speeds up to spec, traffic speeds are 
impacted non-linearly by customer protocols including the usual suspect, 
TCP. This is documented in ITU-T Y.1564, clearly enough for simple folk 
like me. A good example for your corkboard is slide (page) 28 of the 
excellent 20140409-Tierney-100G-experience-Internet2-Summit.pdf, 
included as part of a report on 100GE performance test methodologies. 
Which is how I stumbled across it.

Roy

*Roy Hirst* | 425-556-5773 | 425-324-0941 cell
XKL LLC | 12020 113th Ave NE, Suite 100 | Kirkland, WA 98034 | USA

On 12/7/2014 8:48 AM, Teleric Team wrote:

From: p...@fiberphone.co.nz
Subject: Re: 10Gb iPerf kit?
Date: Sun, 7 Dec 2014 09:24:41 +1300
To: nanog@nanog.org

On 11/11/2014, at 1:35 PM, Randy Carpenter  wrote:


I have not tried doing that myself, but the only thing that would even be 
possible that I know of is thunderbolt.
A new MacBook Pro and one of these maybe: 
http://www.sonnettech.com/product/echoexpresssel_10gbeadapter.html

Or one of these ones for dual-10Gbit links (one for out of band management or 
internet?):

http://www.sonnettech.com/product/twin10g.html

I haven't tried one myself, but they're relatively cheap (for 10gig) so not 
that much outlay to grab one and try it (esp if you already have an Apple 
laptop you can test with).


How would you use it? with iperf still?I don't think you will go nearly close 
to 14.8Mpps per port this way.Unless you are talking about bandwidth testing 
with full sized packet frames and low pps rate.
I personally tested a 1Gbit/s port over a MBP retina 15 thunderbot gbe with 
BCM5701 chipset. I had only 220kpps on a single TX flow.Later I tried another 
adapter with a marvel yukon mini port. Had better pps rate, but nothing beyond 
260kpps.


I've done loads of 1Gbit testing using the entry-level MacBook Air and a 
Thunderbolt Gigabit Ethernet adapter though, and I disagree with Saku's 
statement of 'You cannot use UDPSocket like iperf does, it just does not work, 
you are lucky if you reliably test 1Gbps'. I find iperf testing at 1Gbit on Mac 
Air with Thunderbolt Eth extremely reliable (always 950+mbit/sec TCP on a good 
network, and easy to push right to the 1gbit limit with UDP.

Again, with 64byte packet size? Or are you talking MTU?
With MTU size you can try whatever you want and it will seem to be reliable. A 
wget/ftp download of a 1GB file will provide similar results, but I dont think 
this is useful anyway since it won't test anything close to rfc2544 or at least 
an ordinary internet traffic profile with a mix of 600bytes pkg size combined 
with a lower rate of smaller packets (icmp/udp, ping/dns/ntp/voice/video).
I am also interested in a cheap and reliable method to test 10GbE connections. 
So far I haven't found something I trust.

Pete








The information contained in this e-mail message may be privileged, 
confidential and protected from disclosure.
If you are not the intended recipient, any dissemination, distribution or 
copying is strictly prohibited.
If you think that you have received this e-mail message in error, please e-mail 
the sender at the above e-mail address.

Re: DWDM Documentation

[Roy Hirst]

Replying offline to Theo. Schwer zu finden.
Roy

*Roy Hirst* | 425-556-5773 | 425-324-0941 cell
XKL LLC | 12020 113th Ave NE, Suite 100 | Kirkland, WA 98034 | USA

On 12/4/2014 5:21 AM, Theo Voss wrote:

Hi guys,

we, a Berlin / Germany based carrier, are looking for a smart documentation 
(shelfs, connections, fibers) and visualization tool for our ADVA-based 
DWDM-enviroment. Do you have any suggestions or  hints for me? We’re testing 
„cableScout“, the only one I found, next week but. Unfortunately it isn’t easy 
to get any information about such tools! :(

Thanks in advance!

Best regards,
Theo Voss (AS25291)





The information contained in this e-mail message may be privileged, 
confidential and protected from disclosure.
If you are not the intended recipient, any dissemination, distribution or 
copying is strictly prohibited.
If you think that you have received this e-mail message in error, please e-mail 
the sender at the above e-mail address.

Re: Tech Laptop with DB9

[Roy]

I had a cheap one.  Worked great but never worked on Windows 7

This is the one I recommend.

http://www.amazon.com/Manhattan-Serial-Converter-Connects-205146/dp/B0007OWNYA

On 11/10/2014 12:53 PM, Darden, Patrick wrote:

Get a cheap usb--serial converter.  Check amazon for trend usb rs-232 db9 
serial converter, tu-s9.  Then you can just use whatever laptop.

--p

-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Max Clark
Sent: Monday, November 10, 2014 2:39 PM
To: nanog@nanog.org
Subject: [EXTERNAL]Tech Laptop with DB9

Hi all,

DB9 ports seem to be a nearly extinct feature on laptops. Any suggestions on a 
cheap laptop for use in field support (with an onboard DB9)?

Thanks,
Max

Re: wifi blocking [was Re: Marriott wifi blocking]

[Roy]

On 10/7/2014 10:35 PM, Larry Sheldon wrote:

On 10/7/2014 23:44, valdis.kletni...@vt.edu wrote:

On Tue, 07 Oct 2014 23:10:15 -0500, Larry Sheldon said:
The cell service is not a requirement placed upon them, I am pretty 
sure.


However, once having chosen to provide it, and thus create an 
expectation

that cellular E911 is available, they're obligated to carry through on
that.


Obligated by what law, regulation, rule or contract?



Obligated by the FCC license

Re: wifi blocking [was Re: Marriott wifi blocking]

[Roy]

On 10/7/2014 7:34 PM, Larry Sheldon wrote:

On 10/7/2014 20:59, Roy wrote:


The SF Bay Area Rapid Transits System) turned off cellphones in 2011.

http://www.sfgate.com/news/article/BART-admits-halting-cell-service-to-stop-protests-2335114.php 




and the FCC emphasis that future actions "recognizes that any
interruption of cell phone service poses serious risks to public safety"

http://www.sfgate.com/bayarea/article/BART-cell-phone-shutdown-rules-adopted-2344326.php 



I see that as a fundamentally very different mater.

If I understand, they turned off repeaters ("towers") that they owned 
and provided, in tunnels and other structures they owned--equipment 
that they were under no obligation whatever to provide.


A reaction to "bright" marketing ideas that had not been thought-through.



BART's equipment was licensed by the FCC with a main reason being 911 
access.

Re: wifi blocking [was Re: Marriott wifi blocking]

[Roy]

The SF Bay Area Rapid Transits System) turned off cellphones in 2011.

http://www.sfgate.com/news/article/BART-admits-halting-cell-service-to-stop-protests-2335114.php

and the FCC emphasis that future actions "recognizes that any 
interruption of cell phone service poses serious risks to public safety"


http://www.sfgate.com/bayarea/article/BART-cell-phone-shutdown-rules-adopted-2344326.php


On 10/7/2014 6:36 PM, valdis.kletni...@vt.edu wrote:

On Tue, 07 Oct 2014 20:10:44 -0500, Jimmy Hess said:


The only way to legally block cell phone RF would likely be on behalf
of the licensee   In other words, possibly, persuade the cell
phone companies to allow this,   then  create an approved "special"
local cell tower  all their phones in the same building will by
default connect to  in preference to any other,  which will also  not
receive any calls or messages   or allow any to be sent.

I wonder how many customers the cell phone company will attract by doing that.

Re: Correspondence to the FCC re: preemption of local government as a source of regulation

[Roy]

I agree 100%.  If a municipality wants to provide service to its 
citizens and contracts it out, nothing prevents that.


On 7/24/2014 6:17 PM, William Herrin wrote:

On Thu, Jul 24, 2014 at 8:28 PM, Roy  wrote:

The question posed is whether or not a state can control where a local
governmental agencies can provide service.

Hi Roy,

If the answer is anything other than, "of course they can," then I
really want to read the judge's opinion. There are no shortage of
examples of one locality providing services to another (it happens all
the time with water systems) but I've not heard of such happening
contrary to the wishes of the respective state government.

Regards,
Bill Herrin

Re: Correspondence to the FCC re: preemption of local government as a source of regulation

[Roy]

The question posed is whether or not a state can control where a local 
governmental agencies can provide service.  In the document below, the 
Electric Power Board of Chattanooga (EPB)  wants to expand its internet 
into a location that outside it's authorized area.





On 7/24/2014 3:28 PM, William Herrin wrote:

On Thu, Jul 24, 2014 at 6:10 PM, Jay Ashworth  wrote:

For the record, Eric, I'm certain that states can preempt municipalities.

Howdy,

Actually, it usually stands on its head: states determine the scope of
what local governments are -permitted- and required to do rather than
what they're forbidden.

Traditionally, sanctioning the local cable TV company has been one of
the activities the states assign to individual localities while
sanctioning the local telephone company has been kept up at the state
corporation commission or public utilities commission.

With the convergence of cable TV and telephone into Internet, it's
anybody's guess which regulation goes where. Everybody wants the
power. Nobody wants the responsibility.



The question is can FCC preempt States?

Generally yes, as long as there is some aspect of the activity that
moves it into the realm of interstate commerce. The FCC would have
trouble preempting the states on a pure layer-1 fiber build but it is
within the federal government's authority to preempt state regulation
on general Internet access and any infrastructure not meticulously
separated from the same.

For example, the FCC preempts all state and local regulation of
sub-meter satellite dishes on the grounds that satellite
communications is fundamentally interstate in nature. They even
preempt homeowners' association rules.

There's also the question of whether the FCC already has the authority
or if they'd need an act of congress to get it. On that question, I
have no idea.

Regards,
Bill Herrin

Re: IPV6 and Charter Cable

[Roy]

On 6/14/2014 2:27 PM, Seth Mattinen wrote:

On 6/13/14, 12:39, Roy wrote:

Does Charter Cable have IPV6 for businesses yet?  If so can someone
point me in the right direction.  Their NOC seems to be clueless on
their IPV6 plans



I have native IPv6 with BGP on Charter (AS20115) since January 2013.

Coax is probably still "no".

~Seth




My clients are both on Charter Business fiber circuits.   I am on the 
West Coast

IPV6 and Charter Cable

[Roy]

Does Charter Cable have IPV6 for businesses yet?  If so can someone 
point me in the right direction.  Their NOC seems to be clueless on 
their IPV6 plans

Re: Need trusted NTP Sources

[Roy]

On 2/7/2014 3:35 AM, Saku Ytti wrote:

On (2014-02-06 21:14 -0500), Jay Ashworth wrote:


My usual practice is to set up two in house servers, each of which
talks to:

And then point everyone in house to both of them, assuming they accept
multiple server names.

Two is worst possible amount of NTP servers to have. Either one fails and your
timing is wrong, because you cannot vote false ticker. And chance of either of
two failing is higher than one specific of them.



"A man with a watch knows what time it is. A man with two watches is 
never sure."

Re: OT: Below grade fiber interconnect points

[Roy Hockett]

Thank you for comments. Let me clarify the situation.  We have a building that 
has been fiber cross connect
location and is being demolished.  This location has about 20 fiber cable 
entering where we patch between
fiber paths.  If we relocated these cross connect field to another building and 
that build is demolished we have
to do this all over again, so the desire was to have an independent facility 
for the fiber cross connect field, but
I am guessing due to esthetics the below ground vault was selected, we just 
learned of this selection and thus
my query to this group to find other that have dealt with similar situations 
and if so, experience base recommendations, 
and things to be aware of.

Thanks,
-Roy Hockett

Network Architect,
ITS Communications Systems and Data Centers
University of Michigan
Tel: (734) 763-7325
Fax: (734) 615-1727
email: roy...@umich.edu

On Nov 13, 2013, at 8:32 PM, Jeff Kell  wrote:

> You can stick a "splice" in a manhole.  You don't want a "patch panel"
> or cross-connect in that sort of environment, keep that housed inside,
> somewhere.
> 
> Jeff
> 
> On 11/13/2013 7:53 PM, Thomas wrote:
>> Usually it would spliced outside at the manhole where the fiber meet to go 
>> in the building.  Depends on the way you want to connect them etc.
>> 
>> Thomas L Graves
>> Sent from my IPhone 
>> 
>> 
>>> On Nov 13, 2013, at 2:05 PM, "Justin M. Streiner"  
>>> wrote:
>>> 
>>>> On Wed, 13 Nov 2013, Roy hockett wrote:
>>>> 
>>>> Has anyone ever used a below grade vault for housing fiber cross connects?
>>>> 
>>>> We have to move a fiber interconnect facility due to the current building 
>>>> being demolished.  If you have I would be interested in talking to you.  
>>>> If there are more appropriate lists, I would appreciate any suggestions.
>>> When you say "below grade vault", do you mean something that's only 
>>> accessible through a manhole?
>>> 
>>> I haven't done this specifically, however if the vault does not have a 
>>> controlled environment, you could be dealing with massive headaches related 
>>> to dust/dirt contamination, moisture penetration, etc.  I work in a 
>>> large-campus .edu environment, so I'm some of the headaches you're probably 
>>> trying to avoid.  Also, be aware that access to the vault could be an 
>>> issue.  There are OSHA regs related to what sort of training and safety 
>>> equipment someone who will be working in an underground vault must have.
>>> 
>>> I'm assuming that the fiber will be cross-connected to a new location prior 
>>> to the building being demolished.
>>> 
>>> Not knowing your outside plant or circumstances, would it be feasible to 
>>> fusion-splice a new tail onto the fiber that was going to the building 
>>> that's being demolished, or (ideally) pulling a new piece of fiber to the 
>>> new building, so you don't have to deal with potentially dodgy splices?
>>> 
>>> jms
>>> 
>> 
> 
> 
> 

OT: Below grade fiber interconnect points

[Roy hockett]

Has anyone ever used a below grade vault for housing fiber cross connects?

We have to move a fiber interconnect facility due to the current building being 
demolished.
If you have I would be interested in talking to you.  If there are more 
appropriate lists, I would appreciate any suggestions.

Thanks,
-Roy Hockett

Network Architect,
ITS Communication Systems
University of Michigan
Tel: (734) 763-7325
Fax: (734) 615-1727
email: roy...@umich.edu

Re: Possible DNS issues at Networksolutions aka WORLDNIC.COM?

[Roy]

On 10/22/2013 10:10 AM, Roy wrote:

On 10/22/2013 9:59 AM, Mark Keymer wrote:

Hi,

Anyone else seeing resolving issues on WORLDNIC.COM DNS servers?

Sincerely,



Yep.  One of my clients domains seems to be gone.



I am getting very slow responses from their DNS servers.  Maybe a DDOS 
against their DNS?

Re: Possible DNS issues at Networksolutions aka WORLDNIC.COM?

[Roy]

On 10/22/2013 9:59 AM, Mark Keymer wrote:

Hi,

Anyone else seeing resolving issues on WORLDNIC.COM DNS servers?

Sincerely,



Yep.  One of my clients domains seems to be gone.

SORBS email

[Roy]

I sent an email to SORBS some time ago and I received this yesterday

Reason: unable to deliver this message after 135 days

Got to admit that SORBS email servers aren't timely but they are persistent.

Re: How big is the Internet?

[Roy]

On 8/14/2013 11:29 AM, Scott Howard wrote:

To paraphrase Douglas Adams...

"The Internet is big. Really big. You just won't believe how vastly,
hugely, mind- bogglingly big it is. I mean, you may think it's a long way
down the road to the chemist's, but that's just peanuts to space!"

   Scott



So the correct answer is 42?





On Wed, Aug 14, 2013 at 10:32 AM, Sean Donelan  wrote:


Researchers have complained for years about the lack of good
statistics about the internet for a couple fo decades, since the
end of NSFNET statistics.

What are the current estimates about the size of the Internet, all IP
networks including managed IP and private IP, and all telecommunications
including analog voice, video, sensor data, etc?

CAIDA, ITU, Telegeography and some vendors like Cisco have released
forecasts and estimates.  There are occasional pieces of information
stated by companies in their investor documents (SEC 10-K, etc).




.

Re: Friday Hosing

[Roy]

On 7/17/2013 1:59 PM, Alex Harrowell wrote:

On 15/07/13 01:09, Tony Patti wrote:
TWELVE years ago (press release March 20 2001), Comcast deployed 
Linux-based

Sun Cobalt Qube appliances as CPE with their business-class Internet
service,
these provided firewall security, web caching, optional content 
filtering,

an e-mail server, a web server, file and print servers.


This is a good idea.


.



Whistle Interjet --  circa 1995

Re: Canadian Hosting Providers - how do you handle copyright and trademark complaints

[Roy]

On 6/6/2013 11:07 AM, Owen DeLong wrote:

On Jun 5, 2013, at 22:30 , Roy  wrote:


On 6/5/2013 4:40 PM, Nick Khamis wrote:

On 6/5/13, Sameer Khosla  wrote:

My personal favorite is the number of notices that we receive as DMCA
takedown notices, citing the specific laws.


I'm not sure US copyright laws even apply to us here in Canada?
What countries have no internet laws?

N.



US laws apply where ever the US says they apply.


How do you figure that?


A government can say anything it wants to



The US power to enforce US law is limited to:

1.  US Citizens (pretty much wherever they are, unfortunately)
2.  Things that happen within the borders of the united states
3.  Transactions involving entities within the borders of the 
united states or
citizens of the US.

Beyond that, their power is supposed to be pretty limited.


Limited by who?

A government can pass any law that it wants to and apply it to anyone.  
It then becomes a question of how it enforces that law and that is 
limited by its ability to project power.  See


http://en.wikipedia.org/wiki/The_Mouse_That_Roared



...

Re: Canadian Hosting Providers - how do you handle copyright and trademark complaints

[Roy]

On 6/5/2013 4:40 PM, Nick Khamis wrote:

On 6/5/13, Sameer Khosla  wrote:

My personal favorite is the number of notices that we receive as DMCA
takedown notices, citing the specific laws.


I'm not sure US copyright laws even apply to us here in Canada?
What countries have no internet laws?

N.




US laws apply where ever the US says they apply.

The question is how enforceable the US law is your country.  There is 
probably a Hollywood lobbyist who is insisting on drone strikes on 
servers that offend the DMCA  :-)

Re: NANOG58 parking

[Roy]

On 5/5/2013 11:12 AM, Jeff Wheeler wrote:

I noticed that some folks were unhappy with the parking fee in Orlando.

The Roosevelt New Orleans, for NANOG 58, tells me that the only
on-site parking is valet for $42/day.  Anyone planning to drive or
stay at a different hotel may want to consider that in advance.



Its the airline pricing scheme.  Show cheap prices and then make it up 
in fees :-)

Re: Fiber cut in SF Bay Area?

[Roy]

I heard of a fiber cut in Texas where the thieves thought it was copper :-)

On 4/16/2013 10:26 AM, Zaid Ali Kahn wrote:

Level3 is also impacted. This cut seems to be vandalism but only heard this 
from one source.

Zaid

Sent from my iPhone

On Apr 16, 2013, at 12:51 PM, Ravi Pina  wrote:


Our Zayo provided ETR is 11:00 - 11:30 PDT.

XO is one of the impacted providers as well.

-r

On Tue, Apr 16, 2013 at 08:55:56AM -0700, Raul Rodriguez wrote:

Lost a Zayo circuit from Palo Alto to Los Angeles. ETR was given as 11AM PDT.

-RR

.

Re: home network monitoring and shaping

[Roy]

On 2/12/2013 4:10 PM, James Harrison wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1


On 12/02/2013 21:56, Michael Thomas wrote:

It seems that there really ought to be a better way here to manage
my home network. Like, for example, the ability to get stats from
router and tell it to shape various devices/flows to play nice.
Right now, it seems to me that the state of the art is pretty bad
-- static-y kinds of setups for static-y kinds of flows that
people-y kind of users don't understand or touch on their home
routers.


I've been using per-connection queues on a Mikrotik 450G; this permits
shaping based on the destination/source IP, so no one device can nom
all of the bandwidth on the link unless it's uncontested; should more
than one device want all the bandwidth they both get half, and so on
(in a typical config). It's not flawless but it's a massive
improvement on no shaping whatsoever.

The gotcha is that you need to configure your link speed in the router
for it to be aware of the capacity it has to play with, but that's not
something you have to touch very often most of the time (though if
your connection speed/upstream capacity varies, there's not a lot
that'll help you at that point. But it does most of the time stop the
"X is watching HD YouTube videos and now I can't check my email" sort
of problems. It's a nice set-and-forget solution.

ntop or similar on a Linux boxen in concert with flows from said
Mikrotik tends to help more than anything for analysis of usage etc,
but it's still an inelelegant solution to the problem of analyzing
links in this scenario. I'd be interested in what other people are
using for home connection debugging.

Cheers,
James



For Mikrotik routers, use the Winbox application and the Torch function 
on the interface.  You can set it to show flows by various criteria such 
as source IP.  That will tell you which client is chewing up the 
bandwidth at any instant.


Another way to go that I have not tried with Mikrotik is the Solarwinds 
Netflow analyzer.  It tracks 60 minutes of data.


http://www.solarwinds.com/products/freetools/netflow_analyzer.aspx

Re: Problem with email to Hawaiilink.net email

[Roy hockett]

http://www.staradvertiser.com/news/breaking/186990051.html

Thanks,
-Roy Hockett

Network Architect,
ITS Communication Systems
University of Michigan
Tel: (734) 763-7325
Fax: (734) 615-1727
email: roy...@umich.edu

On Jan 15, 2013, at 3:26 PM, joel jaeggli  wrote:

> hawaiiantel is reporting a fibercut which I imagine explains most of this.
> 
> On 1/15/13 4:32 PM, Bacon Zombie wrote:
>> Looks like you are not the only one with issues connecting to Hawaii:
>> 
>> http://permalink.gmane.org/gmane.org.operators.isotf.outages/5231
>> 
>> On 16 January 2013 00:19, david peahi  wrote:
>>> Does anyone know of any problems in Hawaii with email or DNS problems?
>>> Sending from gmail.com and pacbell.net domains, I get:
>>> 
>>> 
>>> host mail.hawaiilink.net[24.43.223.114] said: 553
>>> 5.1.8 emailaddr...@pacbell.net ... Domain of sender address
>>> emailaddr...@pacbell.net does not exist (in reply to MAIL FROM command)
>>> 
>>> Regards,
>>> 
>>> David
>> 
>> 
>> --
>> 
>> 
>> BaconZombie
>> 
>> LOAD "*",8,1
>> 
>> ฦ ฮ้ Ỏ̷͖͈̞̩͎̻̫̫̜͉̠̫͕̭̭̫̫̹̗̹͈̼̠̖͍͚̥͈
>> ฦ้็้็็
> 
> 

Re: The Verge article about Verizon's Sandy Cleanup Efforts in Manhattan

[Roy]

On 11/26/2012 8:04 AM, Miles Fidelman wrote:

Justin M. Streiner wrote:

On Tue, 20 Nov 2012, Miles Fidelman wrote:


Christopher Morrow wrote:
 apologies, I forgot the emoticons after my last comment. i really 
did mean

 it in jest... I don't think VZ has harnessed weather-changing-powers.
 (yet). 


Well, they ARE The Phone Company!


Makes me want to watch "The President's Analyst" again ;)


Finally.  Someone got the reference. :-)

Cheers,

Miles




I alway go for WKRP

http://www.youtube.com/watch?v=cTPzTG1Lx60

Sandy seen costing telco, cable hundreds of millions of dollars

[Roy]

http://www.reuters.com/article/2012/11/01/storm-sandy-telecoms-idUSL1E8M1L9Z20121101 

Re: Detection of Rogue Access Points

[Roy]

Why not give them wireless Internet access only?  That will keep all the 
smartphone users happy.




On 10/15/2012 8:12 AM, Jonathan Rogers wrote:

Well, quite frankly they have the tools they need. Our remote sites do not
have any devices that require wireless. They don't have company-issued
laptops, and personal laptops are not allowed. The policy is on the books
but it isn't my department to make sure people know about it and follow it.
Our end users at these branch offices are typically not very technically
inclined and have no idea what a security risk this is (especially
considering that we have EPHI on our network, although I can't really say
more in detail than that). The person who put in the WAP I discovered
doesn't even work for us any more.

Port-based security might work, but our edge switches are total garbage
(don't get me started, not in my control). I didn't find this WAP via
nmap...it didn't show up. I believe it probably didn't have a valid
management interface IP for some reason. We saw suspicious entries in the
router's ARP table and starting looking around the office from there.

--JR

...

Re: Detection of Rogue Access Points

[Roy]

On 10/14/2012 1:59 PM, Jonathan Rogers wrote:

Gentlemen,

>
> An issue has come up in my organization recently with rogue access
> points. So far it has manifested itself two ways:
>
> 1. A WAP that was set up specifically to be transparent and provided
> unprotected wireless access to our network.
>
> 2. A consumer-grade wireless router that was plugged in and "just
> worked" because it got an address from DHCP and then handed out
> addresses on its own little network.
>
> These are at remote sites that are on their own subnets
> (10.100.x.0/24; about 130 of them so far). Each site has a decent
> Cisco router at the demarc that we control. The edge is relatively
> low-quality managed layer 2 switches that we could turn off ports on
> if we needed to, but we have to know where to look, first.
>
> I'm looking for innovative ideas on how to find such a rogue device,
> ideally as soon as it is plugged in to the network. With situation #2
> we may be able to detect NAT going on that should not be there.
> Situation #1 is much more difficult, although I've seen some research
> material on how frames that originate from 802.11 networks look
> different from regular ethernet frames. Installation of an advanced
> monitoring device at each site is not really practical, but we may be
> able to run some software on a Windows PC in each office. One idea
> put forth was checking for NTP traffic that was not going to our
> authorized NTP server, but NTP isn't necessarily turned on by
> default, especially on consumer-grade hardware.
>
> Any ideas?
>
> Thank you for your time,
>
> Jonathan Rogers
>


Install your own Access Points for official use and have them scan for 
SSIDs in the vicinity.  Kills two birds.  One you now have official 
wireless access and your AP can detect rogue SSIDs.

Re: US House to ITU: Hands off the Internet

[Roy]

On 8/3/2012 9:26 PM, valdis.kletni...@vt.edu wrote:

On Fri, 03 Aug 2012 14:06:19 -0400, "Patrick W. Gilmore" said:

The vote was unanimous: 414-0

Unanimous?  I didn't think this congress could agree the earth is round 
unanimously.

And in fact, they didn't - there's 435 Representatives.


Actually 430.  There were 16 "Not Voting".  Five seats must be empty.

Republican229  10
Democratic185  6
TOTALS414  16

Re: DNS Changer items

[Roy]

On 7/6/2012 1:15 PM, Andrew Fried wrote:

Cameron,

That idea had been brought up.  Also discussed was short durations of
random blackouts of dns resolution to impress upon the infected users
that they needed to take action.  Unfortunately, taking either of those
actions would have exceeded the authorization of the court order.

We're coming up with a pretty detailed list of "lesson's learned" from
this operation and being able to implement ideas like yours will
hopefully be considered in advance "next time".

Andy

Andrew Fried
andrew.fr...@gmail.com





Doesn't the court order expire as of Monday?  What happens to those IP 
ranges then?

Re: DNS Changer items

[Roy]

On 7/6/2012 11:06 AM, valdis.kletni...@vt.edu wrote:

On Fri, 06 Jul 2012 10:52:56 -0700, Cameron Byrne said:

So insteading of turning the servers off, would it not have been helpful to
have the servers return a "captive portal" type of reponse

Not all DNS lookups are for HTTP.


If you turn the servers off, then everything fails.  The user sits there 
bewildered and calls his/her ISP to report the Internet is down.


If HTTP was pointed to a server that had a page that said what the 
problem is and what to do, it would be a lot better.  Any tech support 
these users call can diagnose the problem in a few seconds.

Re: DNS Changer items

[Roy]

On 7/6/2012 10:44 AM, valdis.kletni...@vt.edu wrote:

On Fri, 06 Jul 2012 13:20:55 -0400, Andrew Fried said:

The dns-ok.us site is getting crushed from all the sudden media
interest.

One wonders why it's so hard to get the media interested when it
would be *helpful*.  DNS Changer gets traction like 3 days before the
drop dead date, IPv6 gets on the radar *after* we run out of v4 /8's
to give to regionals, etc...
Where you been?  Its been in and out of the news for months. Examples:  
ABC covered it on April 11th, CBS on Feb 21st

Re: F-ckin Leap Seconds, how do they work?

[Roy]

On 7/5/2012 10:42 AM, Steve Allen wrote:

On Thu 2012-07-05T10:26:22 -0700, Roy hath writ:

Lets see.  There have been nine leap seconds in 20 years.  So at the
start of the next century the difference will probably be less than a minute

There is no predicting how large the decadal variations in LOD will be,
but the difference should be somewhere between 1 minute and 3 minutes.
Please see these charts and tables for how unpredictable it is.
http://www.ucolick.org/~sla/leapsecs/dutc.html


Remember OpenTime is only for people who want their system clocks to
ignore leap seconds.  I don't include myself among the possible users of
OpenTime.

Anyone who needs that can already do that using existing, deployed,
and tested code and hardware and the GPS system time scale.  Please
see this worked example.  Please do not invent yet another private
time scale.
http://www.ucolick.org/~sla/leapsecs/right+gps.html

...


So basically the concept of OpenTime is already implemented.  All that's 
needed is a list of Stratum-1 servers that anyone can use.

Re: F-ckin Leap Seconds, how do they work?

[Roy]

On 7/5/2012 5:54 PM, Peter Lothberg wrote:

Rather than discussing the pros and cons of UTC and leap seconds, just
create your own time system.

You could call it OpenTime.  OpenTime will use NTP servers where the
Stratum 1 servers are synced to some time standard that doesn't care
about leap seconds.  That way the consumer can chose to connect his
machines to UTC or OpenTime.

And what do you do if "OpenTime" and "UTC" differs so that it matters?

Do the fligt leave at 1200 UTC or 1200 OpenTime?

...


Lets see.  There have been nine leap seconds in 20 years.  So at the 
start of the next century the difference will probably be less than a minute


Remember OpenTime is only for people who want their system clocks to 
ignore leap seconds.  I don't include myself among the possible users of 
OpenTime.

Re: F-ckin Leap Seconds, how do they work?

[Roy]

On 7/4/2012 10:06 PM, Peter Kristolaitis wrote:

On 7/5/2012 12:47 AM, Roy wrote:
Rather than discussing the pros and cons of UTC and leap seconds, 
just create your own time system.


You could call it OpenTime.  OpenTime will use NTP servers where the 
Stratum 1 servers are synced to some time standard that doesn't care 
about leap seconds.  That way the consumer can chose to connect his 
machines to UTC or OpenTime.




Oblig:  http://xkcd.com/927/

- Pete




Right on!

Re: F-ckin Leap Seconds, how do they work?

[Roy]

Rather than discussing the pros and cons of UTC and leap seconds, just 
create your own time system.


You could call it OpenTime.  OpenTime will use NTP servers where the 
Stratum 1 servers are synced to some time standard that doesn't care 
about leap seconds.  That way the consumer can chose to connect his 
machines to UTC or OpenTime.

Re: F-ckin Leap Seconds, how do they work?

[Roy]

Talk about people not testing things, leap seconds have been around 
since 1961.  There have been nine leap seconds in the last twenty 
years.  Any system that can't handle a leap second is seriously flawed.

Re: FYI Netflix is down

[Roy]

On 6/30/2012 12:11 AM, Tyler Haske wrote:

I am not a computer science guy but been around a long time.  Data centers
and clouds are like software.  Once they reach a certain size, its
impossible to keep the bugs out.  You can test and test your heart out and
something will slip by.  You can say the same thing about nuclear reactors,
Apollo moon missions, the NorthEast power grid, and most other technology
disasters.

How to run a datacenter 101. Have more then one location, preferably
far apart. It being Amazon I would expect more. :/
.



It doesn't change my theory.  You add that complexity, something happens 
and the failover routing doesn't work as planned.  Been there, done 
that, have the T-shirt.

Re: FYI Netflix is down

[Roy]

On 6/29/2012 10:38 PM, jamie rishaw wrote:

you know what's happening even more?

..Amazon not learning their lesson.

they just had an outage quite similar.. they "performed a full audit" on
electrical systems worldwide, according to the rfo/post mortem.

looks like they need to perform a "full and we mean it" audit, and like
I've been doing/participating in at dot coms for a decade plus: Actually Do
Regular Load tests..

Related/equally to blame: companies that rely heavily on one aws zone, or
arguably "one cloud" (period), are asking for it.

Please stop these crappy practices, people.  Do real world DR testing.
  Play "What If This City Dropped Off The Map" games, because tonight, parts
of VA infact did.

...


I am not a computer science guy but been around a long time.  Data 
centers and clouds are like software.  Once they reach a certain size, 
its impossible to keep the bugs out.  You can test and test your heart 
out and something will slip by.  You can say the same thing about 
nuclear reactors, Apollo moon missions, the NorthEast power grid, and 
most other technology disasters.

Re: pbx recco

[Roy]

Trixbox is basically stagnated.  The last update was in 2010

On 5/15/2012 11:29 AM, Wayne Wenthin wrote:

Randy,

Greets from 105/102!
Now that I've said that I have had some luck with Trixbox.   His fun will
be getting the Cisco phones talking sip and liking it.

Wayne

On Tue, May 15, 2012 at 10:00 AM, Randy Bush  wrote:


have a friend who is a penguinista and wants to run a simple soft pbx.
support of soft phones, 7960s, connect to a commercial sip gate, ...
reccos for a packaged solution.

i run a raw asterisk and would not wish it on my worst enemy.

randy

Re: enterprise 802.11

[Roy]

On 1/15/2012 11:30 AM, Ken King wrote:

I need to choose a wireless solution for a new office.

up to 600 devices will connect.  most devices are mac books and mobile phones.

we can see hundreds of access points in close proximity to our new office space.

what are the thoughts these days on the best enterprise solution/vendor?

Thanks for your replies.


Ken King







How about Unifi?

http://www.ubnt.com/unifi

Re: Query : seeking a (low cost & secure) turnkey plug-and-play

[Roy]

On 11/19/2011 4:04 PM, Joe Greco wrote:

On Thu, Nov 17, 2011 at 6:58 AM, A. Chase Turner  wrote:

I am seeking a $100 turnkey micro hardware appliance to plug into a LAN

hub...

Why micro?  Just get a pile of free for the carting-off old Pentium
machines and run them headless with a BSD.  Set them up to heartbeat to a
cacti box.  Why buy new when you have a good use for the old stuff that is
going to a dump anyway?

As long as you're not paying the electric bill.  But quite frankly, some
of the stuff that's been put out over the years is better off in a dump.

... JG


They also have moving parts like disk drives and fans that will wear out
and need replacement.

Re: Query : seeking a (low cost & secure) turnkey plug-and-play appliance to report network outages

[Roy]

I will second the WRT54GL with OpenWRT.  I have a number of them 
deployed.   I run an OpenVPN tunnel from the WRT54GL to a Linux server 
at our shop so I can remotely log into the box and carry out any tests 
or changes needed.



On 11/17/2011 6:21 AM, Jon Lewis wrote:

On Thu, 17 Nov 2011, A. Chase Turner wrote:

I am seeking a $100 turnkey micro hardware appliance to plug into a 
LAN hub (behind a consumer-level cable modem) whose only purpose in 
life is to send heartbeat (and simple quality of service metrics) to 
a pre-configured central aggregation service on the WAN.


It sounds like all you need is a preconfigured device that can boot 
up, be plugged into their LAN, do DHCP, and then talk to a "remote 
monitoring station" at configured intervals.  If you're willing to do 
a bit of work pre-deployment, you could probably pick out an 
inexpensive DD-WRT/OpenWRT compatible device (i.e. WRT54GL, or maybe a 
more modern variant with more RAM/Flash) and with a tiny bit of 
scripting, you're done.


Appneta looks even more appropriate, but I couldn't find anything 
about pricing on them.  The WRT54GL is definitely sub $100.  The 
trouble with this sort of thing is that from the docs, it seems alot 
of the hardware kind of sort of works mostly, and the manufacturers 
like to make serious enough changes with product revisions, such that 
you can't be sure a device will work based solely on the model 
number...you need to know what revision it is.


--
 Jon Lewis, MCP :)   |  I route
 Senior Network Engineer |  therefore you are
 Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_

Re: old media

[Roy]

On 9/19/2011 9:20 PM, Randy Bush wrote:

Does anybody actually *have* a functional 7 track drive?

if you really need one, i know what trail i would start to follow.
there are folk keeping old stuff alive and pulling arcane things
off old media (like the besm-6 system).

randy





I haven't heard about te BESM-6 since the 1970s when I was studying 
Warsaw Pact Computers!


The BESM-6 was delivered from the factory without any software.

Re: Mailing list/group for datacenter facilities folks

[Roy]

On 9/8/2011 7:52 AM, Chris Boyd wrote:

On Sep 7, 2011, at 8:03 PM, Jimmy Hess wrote:


Probably with all air removed from the environment, and a sound
thermal medium such as oil
pumped in in its place (make sure to use SSDs for all storage and no
mechanical devices).

There are ways to submerge spinning disks.

http://www.grcooling.com/
http://www.midasgreentech.com/

:-)

--Chris




IBM was making water cooled disk drives for special customers in the 
early 70s

Re: East Coast Earthquake 8-23-2011

[Roy]

On 8/24/2011 7:18 PM, Sean Donelan wrote:

On Wed, 24 Aug 2011, Leigh Porter wrote:
Indeed, we are not going to be building earthquake proof buildings in 
London for example.


Of course there is no such thing as earthquake proof.  The Earth is 
still a single point of failure :-)


Essential facilty design usally takes the "standard" design 
probabilities for various hazards (heat, cold, wind, rain, earthquake, 
etc) and multiplies it by a larger safety factor.  It doesn't mean 
designing for

the most extreme situation possible anywhere.  You've got to rely on the
geologists and structual engineers to know their stuff.

In any case, its still just a probability.  No matter how small the 
probability, any facility can still have a failure.  Have a backup plan

somewhere else with a different set of hazards.




Many years ago I was taught that "earthquake proof" means the building 
doesn't kill the occupants and not that the structure survives 
unscathed..As examples, they used a hospital that was damaged in the 
magnitude 6.6 Sylmar quake of 1971  The building was basically destroyed 
but only four people were killed.

Re: East Coast Earthquake 8-23-2011

[Roy]

On 8/23/2011 12:43 PM, PC wrote:

Based on a sampling of thousands of cable modems, dsl, and cellular sites in
the DC area:

With a 10 second keepalive/30 second holdtime, I only saw, maybe, 2-3 sites
disappear per thousand based on an endpoint in Ashburn, VA.  I do see some
delay cellular side, but it looks to be solely congestion (high pings,
etc.).  However, it was minimal and was a 15 minute occurrence which
gradually peaked then dropped down to normal levels.  I'm guessing it's
usage based.

The DSL/cable had no drops that I can find.

Largely, it has had little to no effect for me.



On Tue, Aug 23, 2011 at 1:10 PM, Chris  wrote:


A friend about 80 miles near the epicenter says phones are down but
Comcast Internet, by way of some miracle, is up



I was watching the news reports on TV here in California.  People were 
either being evacuated or elf-evacuating from building in DC, NYC, etc.  
As the cameras panned over the crowds, I would estimate 75% of the 
people had their phones out.  Within fifteen minutes of the event, my 
wife either called or received a call from her family in VA and NY.

Re: Yup; the Internet is screwed up.

[Roy]

On 6/11/2011 4:29 PM, Christopher Pilkington wrote:

On Jun 11, 2011, at 19:00, TR Shaw  wrote:


I'm not sure where this thread is going but rural america and rural canada are 
rolling their own broadband connectivity in places.

This is my eventual goal where I'm moving. (Oswego Co., NY).

I'm well aware that I'm moving outside of "broadband-land", and while
I'm not happy about this, the pros of moving there outweighed this
con.

Options seem to be limited to HughesNet and dial for the moment, but
things may change if I put a tower on the property. HughesNet seems to
relax it's bandwidth cap between 2am and 7am, which is helpful, but
still a great shift from what I'm used to at the current residence
(15/2).



No 3G cellphone service?



It would be great to get neighbors in on some sort of community
solution, but it will take some time to feel out where they are on
this.

Netflix Is Eating Up More Of North America's Bandwidth Than Any Other Company

[Roy]

http://e.businessinsider.com/public/184962

Re: corporations using BGP for advertising prefixes in mid-1990s

[Roy]

On 5/12/2011 4:03 PM, George Herbert wrote:
> 
> Large end-user companies generally multihomed by that time, and you
> generally did that by BGP4 at the time (post-1994), and before that
> BGP3, and before that EGP, and before that... well, there was little
> "commercial ISPness" other than NSFNet connectivity and the regional
> networks back then so multihoming was somewhat of a moot point.
>
> Thank you again, UUNet/Alternet and PSI!
>

The management of the large end-user company I worked for could barely 
spell Internet at the beginning of 1995.  A few connections to the 
Internet existed and the lab where I worked was experimenting with a 
socks-server.  There was a large intranet allocated from the company's 
class A space.

Re: gmail issues ?

[Roy]

The pop server had some problems today for my account.  Cleared about an 
hour later.  The web version of the email worked fine.


Roy

On 3/15/2011 5:43 PM, Joe Renwick wrote:

I have a personal gmail account and several Google Apps accounts for email
and other services for my business.  Been using them constantly without
issue.  Please follow up if you find an issue on their end...

Joe

On Tue, Mar 15, 2011 at 5:15 PM, Atticus  wrote:


Odd. I haven't had any problems at all.

Re: help needed - state of california needs a benchmark

[Roy]

On 1/29/2011 10:00 AM, Mike wrote:

Hello,

My company is small clec / broadband provider serving rural 
communities in northern California, and we are the recipient of a 
small grant from the state thru our public utilities commission. We 
went out to 'middle of nowhere' and deployed adsl2+ in fact (chalk one 
up for the good guys!), and now that we're done, our state puc wants 
to gather performance data to evaluate the result of our project and 
ensure we delivered what we said we were going to. Bigger picture, our 
state is actively attempting to map broadband availability and service 
levels available and this data will factor into this overall picture, 
to be used for future grant/loan programs and other support 
mechanisms, so this really is going to touch every provider who serves 
end users in the state.


The rub is, that they want to legislate that web based 
'speedtest.com' is the ONLY and MOST AUTHORITATIVE metric that trumps 
all other considerations and that the provider is %100 at fault and 
responsible for making fraudulent claims if speedtest.com doesn't 
agree. No discussion is allowed or permitted about sync rates, packet 
loss, internet congestion, provider route diversity, end user computer 
performance problems, far end congestion issues, far end server issues 
or cpu loading, latency/rtt, or the like. They are going to decide 
that the quality of any provider service, is solely and exclusively 
resting on the numbers returned from 'speedtest.com' alone, period.


All of you in this audience, I think, probably immediately 
understand the various problems with such an assertion. Its one of 
these situations where - to the uninitiated - it SEEMS LIKE this is 
the right way to do this, and it SEEMS LIKE there's some validity to 
whats going on - but in practice, we engineering types know it's a far 
different animal and should not be used for real live benchmarking of 
any kind where there is a demand for statistical validity.


My feeling is that - if there is a need for the state to do 
benchmarking, then it outta be using statistically significant 
methodologies for same along the same lines as any other benchmark or 
test done by other government agencies and national standards bodies 
that are reproducible and dependable. The question is, as a hotbutton 
issue, how do we go about getting 'the message' across, how do we go 
about engineering something that could be considered statistically 
relevant, and most importantly, how do we get this to be accepted by 
non-technical legislators and regulators?


Mike-





You took the state's money so you are stuck with their dumb rules.  
Furthermore the CPUC people aren't stupid.  They have highly paid 
consultants as well as professors from colleges in California that are 
advising them.  Unless you have some plan for a very inexpensive 
alternative, don't think you are going to make any headway

Re: Connectivity status for Egypt

[Roy]

On 1/27/2011 9:36 PM, Craig Labovitz wrote:


And to add to this thread, an  graph of Egyptian Internet traffic across a 
large number of geographically / topologically diverse providers yesterday (Jan 
27):

http://farm6.static.flickr.com/5291/5395027368_7d97b74c0b_b.jpg

Traffic drops to a handful of megabits following the withdrawal of most 
Egyptian ISP BGP routes.

- Craig



I don't think there is any doubt in anyone's mind on the fact that the 
service is being interrupted somehow.  The question is why.


Being an old fart, I tend to dig up stories that explain my point.

Almost two years ago, I woke up one morning and got on my trusty 
computer to read email, etc.  I couldn't reach the Internet.  My 
microwave to my ISP was up but their uplinks were either down or just 
went a few hops and died.  I tried to dial in but that just got a fast 
busy signal.  Calls to the ISP help desks involved via my land line also 
got fast busy or "your call could not be completed".  Now getting a bit 
worried, I dug out my cellphone and had no bars.  Usually I got all of 
them here.


I immediately thought of 9/11 and was speculating that some terrorist 
attack had struck.  I quickly went to the family room and powered up the 
satellite TV.  Everything seemed normal.  No attacks.


You probably know the rest.  30 miles away in San Jose, someone went 
down a manhole and severed some fiber cables.  It turns out that all the 
services involved (AT&T, Verizon, Qwest, Cogent, etc) all were in that 
manhole. Almost 200,000 people had no communications for most of the day.


Moral of the story: Separate facts from assumptions and guesses.  I did 
some Google searches and that region has had large scale disruptions in 
the past.  Several cables follow the same path to the Suez canal and 
were hit.


https://secure.wikimedia.org/wikipedia/en/wiki/2008_submarine_cable_disruption

Re: Connectivity status for Egypt

[Roy]

On 1/27/2011 3:47 PM, Danny O'Brien wrote:

Around 2236 UCT, we lost all Internet connectivity with our contacts in
Egypt, and I'm hearing reports of (in declining order of confirmability):

1) Internet connectivity loss on major (broadband) ISPs
2) No SMS
4) Intermittent connectivity with smaller (dialup?) ISPs
5) No mobile service in major cities -- Cairo, Alexandria

The working assumption here is that the Egyptian government has made the
decision to shut down all external, and perhaps internal electronic
communication as a reaction to the ongoing protests in that country.

If anyone can provide more details as to what they're seeing, the extent,
plus times and dates, it would be very useful. In moments like this there
are often many unconfirmed rumors: I'm seeking concrete reliable
confirmation which I can pass onto the press and those working to bring some
communications back up (if you have a ham radio license, there is some very
early work to provide emergency connectivity. Info at:
http://pastebin.com/fHHBqZ7Q )

Thank you,

I suggest that you confine your information to the press on what you 
know rather than speculation on the cause.


"Never attribute to malice that which can be adequately explained by 
stupidity, but don't rule out malice"


https://secure.wikimedia.org/wikipedia/en/wiki/Hanlon%27s_razor

Re: Routing Suggestions

[Roy]

On 1/12/2011 4:13 PM, Lars Carter wrote:

Hi NANOG list,

I have a simple, hypothetical question regarding preferred connectivity
methods for you guys that I would like to get the hive mind opinion about.


There are two companies, Company A and Company B, that are planning to
continuously exchange a large amount of sensitive data and are located in a
mutual datacenter. They decide to order a cross connect and peer privately
for the obvious reasons. Company A has a small but knowledgable engineering
staff and it's network is running BGP as its only routing protocol with
multiple transit vendors and a handful of other larger peers. Company B is a
smaller shop that is single homed behind one ISP through a default static
route, they have hardware that can handle advanced routing protocols but
have not had the need to implement them as of yet. There is a single prefix
on both sides that will need to be routed to the other party. It is rare
that prefixes would need to change or for additional prefixes to be added.


> From an technical, operational, and security standpoint what would be the
preferred way to route traffic between these two networks?


Cheers,

Lars



Apply the KISS principle.  Use a static route

Re: 5.7/5.8 GHz 802.11n dual polarity MIMO through office building glass, 1.5 km distance

[Roy]

On 12/29/2010 5:47 PM, Jared Mauch wrote:

On Dec 29, 2010, at 11:24 AM, Josh Smith wrote:


While certainly not the best stuff made I've found the ubiquiti
equipment to be very nice for the price and have a few of their AP's
which have been in service 24x7 for a couple of years now.

Same here.

The price performance is hard (impossible?) to beat.

Combine that with the Linux/SDK stuff and you can do some interesting things 
with it that you can't do with other devices.

- Jared




With prices so low, you can even afford redundant links :-)

Re: Monitoring Tools

[Roy]

 On 8/19/2010 4:36 AM, jacob miller wrote:

Phil,

Am looking for availability reports,bandwidth usage,alerting service and 
ability to create different logins to users so they can access diff objects

Thnks,

Jacob

--- On Thu, 8/19/10, Phil Regnauld  wrote:


From: Phil Regnauld
Subject: Re: Monitoring Tools
To: "jacob miller"
Cc: nanog@nanog.org
Date: Thursday, August 19, 2010, 3:23 AM
jacob miller (mmzinyi) writes:

Am looking for an opensource network monitoring tool

with ability to create different views for different users.
 Hi Jacob,

 What kind of network monitoring ? 
Bandwidth utilization, service

 availability, RTT, statistics data
collection, ... ?

 There are tons of open source software tools
out there:

 Nagios (www.nagios.org)
 Zabbix (www.zabbix.com)
 OpenNMS (www.opennms.org)
 ZenOSS (www.zenoss.com)
 SmokePing (http://oss.oetiker.ch/smokeping/)
 Cacti (www.cacti.netl)
 NetFlow Dashboard (http://trac.netflowdashboard.com/netflowdashboard/)
 NFSen (http://nfsen.sourceforge.net/)


 etc...

 Depends on what you want to achieve!

 Cheers,
 Phil



Opsview.  http://www.opsview.com

Re: North Korea conflict with US and South Korea could spark cyber war

[Roy]

 On 7/24/2010 2:10 PM, Justin M. Streiner wrote:

...
It does indeed seem to be tool/net.kook day here on NANOG.  I didn't 
check to see if there is supposed to be a full moon tonight.


jms




Close!  Full Moon on 25 July 2010 at 9:37 p.m. Eastern Daylight Time.

Re: Customer Interface Reporting / Portal

[Roy]

On 6/17/2010 10:50 AM, Serge Vautour wrote:

Hello,

What are people using to provide customer interface usage reports to customers? 
There seems to be lots of RRD based tools that can gather the data and store it 
for long term viewing. We use ZenOSS for internal purposes for example.

How do we go about providing each customer access to their data in a secure 
way? A portal type access. Is anyone aware of a tool that includes a front end 
that can partition the data on a per customer basis? Each customer would have 
their own login ID and only see their data? How do we link the data to that 
customer? Some customer ID on the interface description?

Thanks,
Serge




   


Opsview will allow you to have groups and assign users to a group

Re: Todd Underwood was a little late

[Roy]

On 6/16/2010 7:43 PM, Jon Lewis wrote:

On Thu, 17 Jun 2010, Mark Andrews wrote:

Why was this traffic hitting your DNS server in the first place?  It 
should
have been rejected by the ingress filters preventing spoofing of the 
local

network.


When I ran a smaller simpler network, I did have input filters on our 
transit providers rejecting packets from our IP space.  With a larger 
network, multiple IP blocks, numerous multihomed customers, some of 
which use IP's we've assigned them, it gets a little more complicated 
to do.


I could reject at our border, packets sourced from our IP ranges with 
exceptions for any of the IP blocks we've assigned to multihomed 
customers.  The ACLs wouldn't be that long, or that hard to maintain.  
Is this common practice?


-


Sounds like a good use of URPF.

Re: Monitoring Tool

[Roy]

On 6/14/2010 11:52 AM, Phil Regnauld wrote:

Joshua William Klubi (joshua.klubi) writes:
   

Hi
I have been tasked to develop a good network for a Bank and i have also been
tasked to get a good monitoring tool for the Bank's local network and
Service providers network. i would like to ask the community
to help recommend the best tool out there that can help me do this
 

Hi Joshua,

What kind of monitoring are we talking about ?  Network services,
performance, traffic, latency, ... ?

You might want to take a look at some popular Open Source tools, such 
as:

http://www.nagios.org/
http://www.zabbix.com/
http://www.hyperic.com/
http://www.opennms.org/wiki/Main_Page
http://www.cacti.net/
http://oss.oetiker.ch/smokeping/

... to get an idea of what's possible.

Cheers,
Phil


   


Don't forget Opsview

Re: thoughts?

[Roy]

On 5/27/2010 8:46 AM, George Bonser wrote:

-Original Message-
From: Dorn Hetzel
Sent: Thursday, May 27, 2010 4:11 AM
To: nanog@nanog.org
Subject: thoughts?


 

http://www.cnn.com/2010/TECH/05/27/internet.crunch.2012/index.html?hpt=
   

T2
 

Somebody should do something!


   


Don't worry.  Obama will appoint a bipartisan committee to investigate 
which will report back in two years.  Congress will hold hearings.  A 
bill will be proposed to tax IP addresses.

Re: Off-Topic: use laptop only as USB power supply

[Roy]

Why carry a laptop?  Here are some examples

http://www.walmart.com/ip/Belkin-Mini-Notebook-Surge-Portector-with-Built-In-USB-Charger/10248165?sourceid=1503142050&ci_src=14110944&ci_sku=10248165

http://www.cyberguys.com/product-details/?productid=39338

http://www.cyberguys.com/product-details/?productid=29278

Re: Rugged wireless bridge

[Roy]

Lots of good stuff here

http://www.wlanparts.com/

I have had good luck with the Ez-Bridge Lite



On 5/11/2010 6:36 AM, Andrey Khomyakov wrote:

Hi all,

I need to provide IP connectivity to an outdoor parking lot for security
devices like a camera, and emergency phone and a gate. Does anyone have any
suggestions on a wireless bridge and an outdoor rated switch if such exists?
How do people provide IP to outdoor locations like a surface parking lot?

Thanks,
Andrey

   

Re: DHCP Use (was Re: )

[Roy]

On 4/25/2010 5:11 PM, Seth Mattinen wrote:

On 4/25/10 4:33 PM, Tony Hoyle wrote:
   

On 25/04/2010 22:06, Larry Sheldon wrote:

 

The whole idea that DHCP should only be used for (and is absolute proof
of the status of) despised-class customers is just nuts.
   


I've never seen DHCP used on residential DSL circuits.. it's all PPP (oA
mostly, and oE if you want) in this country (which the telco picks up
and sends as L2TP to the DSL provider).  I get alocated my /26 and it
doesn't matter which LNS I connect to or how I get there (indeed I can
talk L2TP directly to the provider to connect over 3G etc.).

 

I have, once, with routed bridged encapsulation instead of PPP.

~Seth


   



My old company does it this way.   Made life very easy.  Most consumer 
grade routers come set for DHCP out of the box so it is plug and play.

Re: Network Naming Conventions

[Roy]

On 3/13/2010 10:12 AM, Tim Sanderson wrote:

...Types of coffee and donuts

Tim

-Original Message-
From: James Bensley [mailto:jwbens...@gmail.com]
Sent: Saturday, March 13, 2010 12:27 PM
To: NANOG list
Subject: Re: Network Naming Conventions

On 13 March 2010 16:06, James Jones  wrote:
   

On my last network I named all the routers after simpsons characters.
 

We use ancient Greek gods.

   


At various times:

trees (redwood, spruce, ash)
animals indigenous to the area (coyote, eagle, hawk, falcon)
wines (pinot, chianiti)
area keywords (shaky was a router in an earthquake prone area)
colors (red, blue, green)
places in star wars (dantooine)

I found the wines and star wars stuff too hard to remember how to spell :-)