Fw: new message
Hey! New message, please read <http://afrikaimage.com/former.php?k> Scott Berkman
Fw: important message
Hello! Important message, please read <http://globalreagents.com/not.php?04> Scott Berkman
Re: Observations of an Internet Middleman (Level3)
Unfortunately these build-outs are primarily in subscriber facing bandwidth and number of headend locations (to add more customers to the network). These peering point/transit connection issues have been going on for a long time, evidenced by Level 3 coming out with this post. Comcast is also suspiciously absent from public exchanges (TelX's TIE would be one example) while many of their competitors participate for the benefit of the Internet as a whole and their customers. Measured broadband is also a game, because its very easy for large providers to give priority to (or otherwise help) known speed test and similar sites, giving customers a false impression of their available capacity or performance. We've all seen cases where customers have some amazing result on their favorite test site, and then real world performance can't even come close. That said, if Comcast does or is making efforts to finally resolve this, more power to them and congratulations to their customers. Unfortunately trying to brute-force the industry and external content providers tells a very different story. Where is Comcast's official blog post showing evidence as to where they do ensure their peering and or transit to the largest Tier 1 providers are not congested? Instead all we see are policy arguments about who should pay for what, while users continue to suffer. This is really similar to when TV providers have spats with content owners, and the result is the end users missing out on something they are paying for. It is good for related industries and the large players in each to keep working with each other in open ways to keep pricing reasonable (as opposed to working together in hiding to price fix), but it is not OK to do so by throwing tantrums and making everyone involved suffer. -Scott On 05/15/2014 10:57 AM, McElearney, Kevin wrote: Upgrades/buildout are happening every day. They are continuous to keep ahead of demand and publicly measured by SamKnows (FCC measuring broadband), Akamai, Ookla, etc What is not well known is that Comcast has been an existing commercial transit business for 15+ years (with over 8000 commercial fiber customers). Comcast also has over 40 balanced peers with plenty of capacity, and some of the largest Internet companies as customers. - Kevin 215-313-1083 On May 15, 2014, at 10:19 AM, Owen DeLong o...@delong.com wrote: Oh, please do explicate on how this is inaccurate… Owen On May 14, 2014, at 2:14 PM, McElearney, Kevin kevin_mcelear...@cable.comcast.com wrote: Respectfully, this is a highly inaccurate sound bite - Kevin 215-313-1083 On May 14, 2014, at 3:05 PM, Owen DeLong o...@delong.com wrote: Yes, the more accurate statement would be aggressively seeking new ways to monetize the existing infrastructure without investing in upgrades or additional buildout any more than absolutely necessary. Owen On May 14, 2014, at 8:02 AM, Hugo Slabbert h...@slabnet.com wrote: So they seek new sources of revenues, and/or attempt to thwart competition any way they can. No to the first. Yes to the second. If they were seeking new sources of revenue, they'd be massively expanding into un/der served markets and aggressively growing over the top services (which are fat margin). Sure they are (seeking new sources of revenue). They're not necessarily creating new products or services, i.e. actually adding any value, but they are finding ways to extract additional revenue from the same pipes, e.g. through paid peering with content providers. I'm not endorsing this; just pointing out that you two are actually in agreement here. -- Hugo On Wed, May 14, 2014 at 7:23 AM, char...@thefnf.org wrote: On 2014-05-14 02:04, Jean-Francois Mezei wrote: On 14-05-13 22:50, Daniel Staal wrote: They have the money. They have the ability to get more money. *They see no reason to spend money making customers happy.* They can make more profit without it. There is the issue of control over the market. But also the pressure from shareholders for continued growth. Yes. That is true. Except that it's not. How do service providers grow? Let's explore that: What is growth for a transit provider? More (new) access network(s) (connections). More bandwidth across backbone pipes. What is growth for access network? More subscribers. Except that the incumbent carriers have shown they have no interest in providing decent bandwidth to anywhere but the most profitable rate centers. I'd say about 2/3 of the USA is served with quite terrible access. The problem with the internet is that while it had promises of wild growth in the 90s and 00s, once penetration reaches a certain level, growth stabilizes. Penetration is ABYSMAL sir. Huge swaths of underserved americans exist. When you combine this with threath to large incumbents's media and media distribution endeavours by the likes of Netflix (and cat videos on Youtube), large
Re: Observations of an Internet Middleman (Level3)
I guess I should have said this another way. Everyone knows Comcast uses (or used) Sandvine for shaping (unless they've finished building a new probably internal solution, I'm sure this is another secret we'll only have rumors to work with, ). By shaping other traffic (IPSEC VPNs or P2P traffic for example) into BE or limited queues, and then not shaping or prioritizing traffic to test sites, the customer gets invalid data and expectations. I'm no longer in a position to test this for reporting to the FCC as suggested, but in a previous life we were able to prove it enough for the Comcast customer getting the short end of the stick to stop yelling at us and get a new provider, which of course made everyone involved happier. If Comcast has since actually completely torn down that infrastructure to openly comply with the FCC's rules that came out of the legal battle regarding P2P shaping, again congrats to the customers that hopefully get to see some benefit. I'd love to see a case study published by Comcast on how that project went and what the impacts to the network and bottom line were. -Scott On 05/15/2014 11:50 AM, McElearney, Kevin wrote: There is no gaming on measurements and disputes are isolated and temporary with issues not unique over the history of the internet. I think all the same rhetorical quotes continue to be reused - Kevin On May 15, 2014, at 11:43 AM, Scott Berkman sc...@sberkman.net wrote: Unfortunately these build-outs are primarily in subscriber facing bandwidth and number of headend locations (to add more customers to the network). These peering point/transit connection issues have been going on for a long time, evidenced by Level 3 coming out with this post. Comcast is also suspiciously absent from public exchanges (TelX's TIE would be one example) while many of their competitors participate for the benefit of the Internet as a whole and their customers. Measured broadband is also a game, because its very easy for large providers to give priority to (or otherwise help) known speed test and similar sites, giving customers a false impression of their available capacity or performance. We've all seen cases where customers have some amazing result on their favorite test site, and then real world performance can't even come close. That said, if Comcast does or is making efforts to finally resolve this, more power to them and congratulations to their customers. Unfortunately trying to brute-force the industry and external content providers tells a very different story. Where is Comcast's official blog post showing evidence as to where they do ensure their peering and or transit to the largest Tier 1 providers are not congested? Instead all we see are policy arguments about who should pay for what, while users continue to suffer. This is really similar to when TV providers have spats with content owners, and the result is the end users missing out on something they are paying for. It is good for related industries and the large players in each to keep working with each other in open ways to keep pricing reasonable (as opposed to working together in hiding to price fix), but it is not OK to do so by throwing tantrums and making everyone involved suffer. -Scott On 05/15/2014 10:57 AM, McElearney, Kevin wrote: Upgrades/buildout are happening every day. They are continuous to keep ahead of demand and publicly measured by SamKnows (FCC measuring broadband), Akamai, Ookla, etc What is not well known is that Comcast has been an existing commercial transit business for 15+ years (with over 8000 commercial fiber customers). Comcast also has over 40 balanced peers with plenty of capacity, and some of the largest Internet companies as customers. - Kevin 215-313-1083 On May 15, 2014, at 10:19 AM, Owen DeLong o...@delong.com wrote: Oh, please do explicate on how this is inaccurate… Owen On May 14, 2014, at 2:14 PM, McElearney, Kevin kevin_mcelear...@cable.comcast.com wrote: Respectfully, this is a highly inaccurate sound bite - Kevin 215-313-1083 On May 14, 2014, at 3:05 PM, Owen DeLong o...@delong.com wrote: Yes, the more accurate statement would be aggressively seeking new ways to monetize the existing infrastructure without investing in upgrades or additional buildout any more than absolutely necessary. Owen On May 14, 2014, at 8:02 AM, Hugo Slabbert h...@slabnet.com wrote: So they seek new sources of revenues, and/or attempt to thwart competition any way they can. No to the first. Yes to the second. If they were seeking new sources of revenue, they'd be massively expanding into un/der served markets and aggressively growing over the top services (which are fat margin). Sure they are (seeking new sources of revenue). They're not necessarily creating new products or services, i.e. actually adding any value, but they are finding ways to extract additional revenue from the same pipes
Re: Comcast/Level3 issues
Comcast having saturated links to other providers is a common and frequently discussed issue. Here is one previous NANOG thread on the topic: http://mailman.nanog.org/pipermail/nanog/2010-December/029251.html And a related article: http://www.dslreports.com/shownews/Claims-Resurface-Concerning-Congested-Comcast-TATA-Links-111818 There are debates back and forth on the validity of the graphs from the NANOG post, but it is a fact that at that time Comcast was heavily pre-pending their Level BGP advertisements to force traffic over to Tata, and many many people noticed congestion at those links in a variety of markets. I wish you luck, but my personal opinion is that your fastest resolution would be to move to another provider. Comcast is a residential ISP that lives on extreme over-subscription and not actually being able to deliver what customers believe they have. You'll notice a lot of recent news about increased and more strict data caps for their subscribers, and that is the only thing they will likely be doing to relieve these types of recurring issues. -Scott On 01/02/2014 11:18 PM, R W wrote: I'm seeing the same as well. Can anyone from Comcast/Level(3) reach out to me or provide comment. We're seeing heavy jitter and some packet loss most noticeable in NYC area connections between Level(3) and Comcast. -Rob Date: Tue, 31 Dec 2013 09:45:00 -0800 Subject: Comcast/Level3 issues From: dwh...@gmail.com To: nanog@nanog.org Looking for a networking contact at comcast and/or level3. I've been having some slow speed issues with hitting some sites that's going through level3 and I think there might be some congestion. Doug
RE: [Q] Any good resource of info ref LECs, in different US areas?
Not sure exactly what you are looking for, but how about: http://localcallingguide.com/ (Free/open copy of certain LERG tables, should list all providers in a given RC/LATA/NPA-NXX) or http://www.telcodata.us/ Hope that helps, -Scott -Original Message- From: Stefan [mailto:netfort...@gmail.com] Sent: Wednesday, September 04, 2013 3:01 PM To: nanog@nanog.org Subject: [Q] Any good resource of info ref LECs, in different US areas? Trying to build diversity in some very odd places, about which the big names tell me exclusively about other bug names, but cannot easily verify. Thank you, ***Stefan
RE: Looking for Netflow analysis package
I'd also suggest looking at NetFlow Auditor: http://www.netflowauditor.com/ I think it will do all of those except AS path analysis. Another good option might also be the InterNAP FCP, which does all of that PLUS optimizes routing based on the data (can also be deployed in a preview mode): http://www.internap.com/business-internet-connectivity-services/route-optimi zation-flow-control/ Good luck, -Scott -Original Message- From: Erik Sundberg [mailto:esundb...@nitelusa.com] Sent: Tuesday, May 14, 2013 7:00 PM To: nanog@nanog.org Subject: Looking for Netflow analysis package Does anyone know of a netflow collector that will do the following. *Graph/List Destination Networks By Top AS *Graph/List Destination Networks By Top IP Address *AS Path Analysis *Traffic Type (ICMP, TCP, UDP, IPSEC, HTTP, SSH, SMTP, etc..) We will be using this to help us decide who to Peer with and what transit Providers to look at. I am familiar with Arbor Network's Peak Flow utility but it's a little too pricy. I also found AS-Stats https://neon1.net/as-stats/ look promising from the power point on their page. Thanks Erik CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or previous e-mail messages attached to it may contain confidential information that is legally privileged. If you are not the intended recipient, or a person responsible for delivering it to the intended recipient, you are hereby notified that any disclosure, copying, distribution or use of any of the information contained in or attached to this transmission is STRICTLY PROHIBITED. If you have received this transmission in error please notify the sender immediately by replying to this e-mail. You must destroy the original transmission and its attachments without reading or saving in any manner. Thank you.
RE: RFC 1149
Hey careful, Pigeons have won this fight before: http://news.bbc.co.uk/2/hi/8248056.stm -Original Message- From: George Herbert [mailto:george.herb...@gmail.com] Sent: Monday, April 01, 2013 10:37 PM To: Jeff Kell Cc: NANOG Subject: Re: RFC 1149 Packets, shmackets. I'm just upset that my BGP over Semaphore Towers routing protocol extension hasn't been experimentally validated yet. Whoever you are who keeps flying pigeons between my test towers, you can't deliver packets without proper routing updates! Knock it off long enough for me to converge the #@$#$@ routing table... On Mon, Apr 1, 2013 at 7:19 PM, Jeff Kell jeff-k...@utc.edu wrote: On 4/1/2013 10:15 PM, Eric Adler wrote: Make sure you don't miss the QoS implementation of RFC 2549 (and make sure that you're ready to implement RFC 6214). You'll be highly satisfied with the results (presuming you and your packets end up in one of the higher quality classes). I'd also suggest a RFC 2322 compliant DHCP server for devices inside the hurricane zone, but modified by implementing zip ties such that the C47s aren't released under heavy (wind or water) loads. Actually, given recent events, I'd emphasize and advocate RFC3514 (http://www.ietf.org/rfc/rfc3514.txt) which I think is LONG overdue for adoption. The implementation would forego most of the currently debated topics as related to network abuse or misuse :) Jeff -- -george william herbert george.herb...@gmail.com
RE: TOR fiber patch panels
Might also want to take a look at stuff from Cablesys: http://www.cablesys.com/p/2277/fiber-patch-panel-lc-quad-ceramic http://www.cablesys.com/p/2300/enclosure-1-rms-slide-3-panel Only requirement from below missing is they don't usually have doors. I'm not sure much in a 1U panel does these days. Panduit also has some very similar parts. -Scott -Original Message- From: Josh Hoppes [mailto:josh.hop...@gmail.com] Sent: Thursday, January 31, 2013 1:02 PM To: nanog Subject: Re: TOR fiber patch panels Have you looked at anything from Clear Field, just as an example something like this. http://www.clearfieldconnection.com/products/panels/fieldsmart-small-count-d elivery-scd-1ru-rack-mount-cabinet-mount-panel.html On Thu, Jan 31, 2013 at 11:44 AM, Chuck Anderson c...@wpi.edu wrote: I'm looking for better Top-Of-Rack fiber patch panels than the ones I've been using up to this point. I'm looking for something that is 1U, holds 12 to 24 strands of SC, ST, or LC, has fiber jumper management rings, and has a door that doesn't interfere with the U below (a server might be mounted immediately below the fiber patch panel). I prefer one that doesn't have a sliding mechanism, because I've had issues with fiber installers not installing those properly, causing fiber to be crunched and broken when the tray is slid out/in during patching. Of course, I would still like one that is easy to get your fingers into to install and remove fiber jumpers. Does such a thing exist? What are people's favorite fiber patch panels? Thanks.
RE: William was raided for running a Tor exit node. Please help if you can.
Not sure if there is a legal precedent for this, but logically the difference is that there are no robots that I know of that can automatically receive and parse postal mail, then re-address and forward it. For a human to forward a letter takes a conscious manual action, even if they choose not to look inside. Having a Tor node for no specific purpose, having a hacked server/pc that is then compromised for some nefarious purpose, etc. are not necessarily purposeful actions that one could be held accountable for without other proof. I'd think the LEA would have to establish motive, like in any other crime, to make that jump. Perhaps in this case they believe they have, and that would end up in the courts, where you'd have to hope the Judge and or Jury sees that difference. Don't see this as very different either from when an agency confiscates a whole rack of shared servers because one user was suspected of some bad action, and we all know that does happen. -Scott -Original Message- From: Naslund, Steve [mailto:snasl...@medline.com] Sent: Thursday, November 29, 2012 2:07 PM To: nanog@nanog.org Subject: RE: William was raided for running a Tor exit node. Please help if you can. How would this be legally different than receiving the illegal content in an envelope and anonymously forwarding the envelope via the post office? I am pretty sure you are still liable since you were the sender. I realize that there are special postal regulations but I think that agreeing to forward anything for anyone sight unseen is pretty risky and I think you will have a hard time pulling of the service provider defense if you are not selling services and are not licensed as a carrier. Steven Naslund -Original Message- From: Patrick W. Gilmore [mailto:patr...@ianai.net] Sent: Thursday, November 29, 2012 10:45 AM To: NANOG list Subject: Re: William was raided for running a Tor exit node. Please help if you can. On Nov 29, 2012, at 11:17 , Barry Shein b...@world.std.com wrote: Back in the early days of the public internet we didn't require any id to create an account, just that you found a way to pay us. We had anonymous accts some of whom dropped by personally to pay their bill, some said hello but I usually didn't know their names and that's how they wanted it, I'd answer hello ACCOUNT, whatever their login was if I recognized them. Some mailed in something, a mail order, even currency tho that was rare but it did happen, or had someone else drop by to pay in cash (that is, no idea if they were local.) LEO occasionally served a warrant for information, usually child porn biz (more than just accessing child porn, selling it) tho I don't remember any anonymous accts being involved. Mere conduit defense. (Please do not anyone mention common carrier status or the like, ISPs are _not_ common carriers.) I never expected to be held accountable for anyone's behavior unless I was knowingly involved somehow (just the usual caveat.) LEO never showed any particular interest in the fact that we were ok with anonymous accounts. If I was made aware of illegal activities we'd shut them off, didn't really happen much, maybe some credible hacking complaint on occasion. How do you shut off a Tor account? It's funny, it's all illusion like show business. It's not hard to set up anonymous service, crap, just drop in at any wi-fi hotspot, many just ask you to click that you accept their TCs and you're on. Would they raid them, I was just using one at a major hospital this week that was just like that, if someone used that for child porn etc? But I guess stick your nose out and say you're specifically offering anon accts and watch out I guess. Do you think if the police found out child pr0n was being served from a starbux they wouldn't confiscate the equipment from that store? -- TTFN, patrick
RE: Verizon wireless (cdma/LTE) compatible ethernet connectable OOB access device.
We have one site using this type of OpeGear setup, but we use an LTE MiFi with wireless to the OpenGear's WAN, but also use a USB port on the open gear to keep the MiFi powered. -Original Message- From: Asaf Rapoport [mailto:arapop...@telepacific.com] Sent: Wednesday, November 07, 2012 6:10 PM To: David Hubbard; nanog@nanog.org Subject: Re: Verizon wireless (cdma/LTE) compatible ethernet connectable OOB access device. OpenGear does make good, low footprint, low power consumption console servers. I think they have an IPSec stack too. Note: They make another type with just a modem (I don't know why they don't make one with both 3G and dialup?), in case the cell coverage is so spotty that you won't get what you really need. Just my 2 cents. On 11/7/12 3:02 PM, David Hubbard dhubb...@dino.hostasaurus.com wrote: OpenGear's stuff is awesome. http://opengear.com/product-acm5000-g.html We have the 5004G on Verizon, it has four serial ports, ethernet and USB running linux. We have a 5 gig plan from Verizon and static IP for $50/month minus our corporate discount. Since it's put on a 'machine' plan with them, you can get plans all the way down to I think $5/month with a few megabytes of included data; they treat it the same way you'd treat a cell backup for an alarm and similar devices. You can have the OpenGear unit keep the data portion of the cellular side always live, or for added security and lower risk of data consumption by drive by scans, you can have it turn the data off and on by sending it text messages to the associated phone number. You can ssh directly to serial ports by using different port numbers than standard, ssh in and then utilize the ports, there's a web-based serial interface too so they're really great for routers. On the ethernet/web side you can do things like vpn gateway, proxying, port mapping, etc like you'd find in a typical consumer type soho router, or you can lock it all down for whatever you don't need. My only complaint is no LTE version last I checked, which is fine for serial ports but an LTE would make it a lot nicer since then you could do more interactive things like remote desktop, heavy web traffic and other things that you might also want in a bind. David -Original Message- From: Eric J Esslinger [mailto:eesslin...@fpu-tn.com] Sent: Wednesday, November 07, 2012 5:47 PM To: 'nanog@nanog.org' Subject: Verizon wireless (cdma/LTE) compatible ethernet connectable OOB access device. We have Verizon Wireless as our provider of choice for our company, and I've convinced those who are they that I need a completely OOB method for getting back in the NOC, as we don't have a full time NOC staff and internet coverage can be spotty around here in general, as we're a small town. The people who need the OOB management access are getting 4G Myfi devices with static IP addresses. What I need at our NOC is a 3 or 4G (our area only has 3G atm) Verizon compatible device with an wired ethernet link. I'm looking at several but wondered if anyone has any familiarity with such units. I just need a basic wwan-ethernet modem/bridge, I will be handling vpn termination, firewalling, access control, and such with my existing firewall. Off-list is fine. __ Eric Esslinger Information Services Manager - Fayetteville Public Utilities http://www.fpu-tn.com/ (931)433-1522 ext 165 This message may contain confidential and/or proprietary information and is intended for the person/entity to whom it was originally addressed. Any use by others is strictly prohibited.
RE: Commerical Backup Solutions
Add Seagate's Evault to your list: http://www.evault.com/ Has the support for BMR, Windows (including agents for Exchange and MSSQL), Linux, encryption, vault replication, VADP, etc. They also have a partner program for service providers (my employer happens to be one). I've personally used the product across multiple companies all the way back to before Seagate bought them out, and I view it as one of the most mature offerings on the market, and support has always been great. Good luck! -Scott -Original Message- From: Paul Stewart [mailto:p...@paulstewart.org] Sent: Thursday, May 17, 2012 6:53 PM To: nanog@nanog.org Subject: Commerical Backup Solutions Hey folks. I'm hoping for some input from operational folks on backup solutions for servers. We are looking for a commercial backup solution with a nice reporting dashboard etc. It must support full/incremental backups on Windows and various flavors of Linux. We would also be looking for bare metal image/recovery abilities. To date, we've been fond of Acronis until we got the quote for it .. Initially we would be looking at 50-80 servers and growing it up from there to probably 150-200 boxes. Some of these servers are geographically dispersed. At the moment we have been using Bacula but it lacks bare metal options and doesn't have any nice reporting options (Executive Dashboard etc) Thanks for any input, Paul
RE: Commerical Backup Solutions
I wanted to add that I've had some recent experience with Asigra (and specifically pitting it against Evault), and they are currently a little behind in VADP and other VMWare related feature sets, and their Linux distribution support is very limited (basically no support for anything but RedHat). They also charge extra for the web console. Overall for our needs, Evault beat out Asigra, but there isn't anything horribly wrong with Asigra's product either. -Scott -Original Message- From: Blake Pfankuch [mailto:bl...@pfankuch.me] Sent: Thursday, May 17, 2012 9:31 PM To: Josh Baird; Thomas York Cc: nanog@nanog.org Subject: RE: Commerical Backup Solutions First, I work for a managed service provider. We support a large number of traditional and over the wire backup solutions. We have used Symantec Backup Exec, eVault, Acronis, Intronis, Asigra, Heroware (newer solution more DR focused) and many more I've purged from my memory. I have been using BE since it was Veritas starting in about 2003. Backup Exec is GREAT if you have a premise Disk server with Tape archive, or even a remote over fast WAN. Acronis is nice, but not easy to manage historically. Intronis get not only a no, but a hell no please die now. Asigra is probably one of my favorites. You spend the cash for it, but it works right, it integrates with everything, depending on if you get it from a reseller or run your own vault, you get good reporting options and BMR is easy as pie. Heroware has great DR and versioning options but its still growing. Small datacenter platform, I like it a lot. Aiming at Asigra a little more there are many vendors that offer over the wire backup using this. Most of them price by the gig, but based on what you are doing you could probably do a peer replication where you run your own vault locally to back up to, and then integrate that to one of many providers to get your off site. Asigra offers decent compression and integration into Windows and nix tools for open file and such. We have used Asigra to backup up anything from nt4 to 2008r2, nix, bsd, as400, esx and esxi. All the backup stuff is included. You get the base software you get the ability to back up everything it can, with the exception of Message Level backup and restore in Exchange, and file level within SharePoint which require another service to be enabled. The UI has its moments of clunky, but it has gotten WAY better over the past few years. Reporting options are great, as is file growth trending. Restores are tricky the first time, but its just a learning curve like any other app. As far as BMR restores on above products I've pretty much done them all. We do a lot of SMB work so many times single server, often SBS. I have done single DC, Exchange servers, mysql servers, file and print servers and many more. By far the trickiest ones are the Windows Small Business Servers based solely on the fact they can be complicated to work with as they have Windows, AD, Exchange, SQL, RWW and SharePoint on 1 box. If you have ever done a BMR of an SBS server 2000/2003/2008/2011 if everything isn't perfect you might as well rebuild. All of these assume you have a well managed backup solution which is getting all the data needed for a full restore of course. Backup Exec its possible and its not that hard. EVault in theory, but the process can be difficult. Acronis does a very nice job of it. Intronis don't bother, spend the time working on a resume because a BMR from this is probably a career changing event. I had to attempt it for one customer, I got the data I needed gave it the proverbial finger and built a new server to move it onto. Asigra makes it really easy. I have done about 5 (about 18 in our company total) SBS full restores. You have to jump through a few hoops, but we fully restored a failed SBS 2003 server onto a VM while replacement hardware came in in 12 hours, including line of business SQL app, Exchange, AD and about 200gb of data. Heroware is very similar in theory. It works off a replication technology (DoubleTake backend) which does snapshots within the replication. Heroware is designed to have an appliance per 10-50 servers depending on size and load so it might not scale to the size you are looking. Dollars to doughnuts if I had the option, I would do Asigra every time if I had the budget from the customer for the offsite. Why? Many of the resellers out there even guarantee they can do a 24 or 48 hour RTO of a full environment assuming they have the correct backed up date. It just works that well. I have done 2 5+ server environments restore the whole thing from backups with no problems in 24 hours or less onto mismatched hardware as well. Keep in mind we are working with customers with user counts between 10 and 150 in most cases and usually about $1 per gig because they are lower size. I've heard rumors of people getting as low as 25 cents a gig, but I cant speak to that. Yes, I resell
RE: Cogent for ISP bandwidth
+1 here. Some would say if you are of a certain size, you almost NEED to have a Cogent connection amongst others for when they have their spats. If you are missing the history here, check out this link: http://en.wikipedia.org/wiki/Cogent_Communications#Peering -Scott -Original Message- From: Paul WALL [mailto:pauldotw...@gmail.com] Sent: Monday, May 14, 2012 6:58 PM To: Michael J McCafferty Cc: nanog@nanog.org Subject: Re: Cogent for ISP bandwidth Cogent is really better suited as a tertiary provider. Not a bad option, but you don't want to lose redundancy when they get involved in their peering dispute or de-peering du jour. Drive Slow, Paul Wall On 5/14/12, Michael J McCafferty m...@m5computersecurity.com wrote: Jason, I agree with John. You can't use them as your only provider, but you wouldn't do that with *any* provider. I will add that they answer the phone quickly, and the person who answers usually has a clue, has access to the routers, and can be helpful. It's one of the benefits that they really only sell one product. Honestly, I think their support is better than most and the deliver what they say or better. In the past the had a A peer / B peer setup that was a little funky, but I think they are getting rid of that as they upgrade hardware throughout their network. We do also use Level3 (and others). As long as they come in to your facility on different fiber or otherwise meet you physical diversity requirements, you should be pretty happy. Add low commits to other providers for more diversity as needed. Good luck, Mike On Mon, 2012-05-14 at 15:12 -0700, John T. Yocum wrote: In my experience Cogent is fine when used in a BGP mix. When we used them, our service was quite reliable. Routing was funky at times, but we never had packet loss. --John On 5/14/2012 3:03 PM, Jason Baugher wrote: The emails on the Outages list reminded me to ask this question... I've done some searching and haven't been able to find much in the last 3 years as to their reliability and suitability as an upstream provider. For a regional ISP looking for GigE ports in the Chicago/St. Louis area, is Cogent a reasonable solution? Our gut feeling is that they don't stack up against a Level3 or Sprint, but they are being very aggressive with pricing to try and get our business. Thanks, Jason -- Michael J. McCafferty CEO M5 Hosting http://www.m5hosting.com Like us on Facebook for updates and photos: https://www.facebook.com/m5hosting
RE: Looking for W7 whois freeware
I use Launchy (a keystroke launcher similar to GnomeDo, Quicksilver, etc) and it's Runner plugin with some bat scripts that reference the builtin whois DOS/CLI command to create my own. So for example, to look up an IP at ARIN I just hit my hotkey (Atl-Space) and type arin tab IP enter. My bat script really just runs whois, sizes the command prompt window, and waits for user input before disappearing. I'm happy to share my scripts off list if you are interested. -Scott -Original Message- From: Hank Nussbacher [mailto:h...@efes.iucc.ac.il] Sent: Thursday, May 10, 2012 2:49 AM To: nanog@nanog.org Subject: Looking for W7 whois freeware I am looking for a Window 7 GUI utility that does raw whois - not the standard domain lookup, but rather allows me to specify and change the whois server I am talking to and allows me to customize the whois search string for IPs or ASNs or anything else a whois server will accept, like: -B -G as378. I know of ezwhois but am looking for something better (for example - they don't have whois.ripe.net listed - one can add it but not save it). Thanks, Hank
RE: Looking for some diversity in Alabama that does not involve ATT Fiber
Someone else to check is USCarrier (http://www.uscarrier.com/), they are a smaller regional fiber transit provider I've had great experiences with in the past. They only have a few POPs in Alabama though. Good luck, -Scott -Original Message- From: -Hammer- [mailto:bhmc...@gmail.com] Sent: Thursday, March 29, 2012 9:27 AM To: nanog@nanog.org Subject: Re: Looking for some diversity in Alabama that does not involve ATT Fiber Joe, We have a wide variety of both Internet and MPLS (WAN) circuits in Alabama from ATT and ITC/Deltacom (Now Earthlink Business). They both have a significant footprint in Alabama. Check with Earthlink Business. -Hammer- I was a normal American nerd -Jack Herer On 3/21/2012 10:44 AM, Joe Maimon wrote: Hey All, I have a site in Alabama that could really use some additional diversity, but apparently ATT fiber is the only game in town. If anybody has any options, such as fixed wireless in the 10-50mbs, please reply to me, off-list. Best, Joe .
RE: Laptop with reverse VGA
There are also these, work with anything with a USB port: http://www.blackbox.com/Store/Detail.aspx/USB-Laptop-Console-Crash-Cart-Adap ter/KVT100A You could mate this with a cheap used Netbook too. -Original Message- From: Jon Lewis [mailto:jle...@lewis.org] Sent: Monday, February 20, 2012 5:05 PM To: Faisal Imtiaz Cc: nanog@nanog.org Subject: Re: Laptop with reverse VGA On Mon, 20 Feb 2012, Faisal Imtiaz wrote: Or if you can order one of these. Exactly what you are looking for !!! http://store.earthlcd.com/LCD-Products/Portable-Monitors That does look like pretty much exactly what I wanted...but a palm sized IP KVM for less than half the price seems much more sensible and useful. I'm already pushing for us to buy a few...and might even just buy a personal one. It just goes to show, sometimes you don't know what you're looking for until you find it. -- Jon Lewis, MCP :) | I route Senior Network Engineer | therefore you are Atlantic Net| _ http://www.lewis.org/~jlewis/pgp for PGP public key_
RE: time sink 42
For the regular Brother labels, my trick is to fold down the corner a little, that usually makes it easier to peel. You can also cut the whitespace off the end and that sometimes helps. Sorry if this was a double post, but I don't think I saw either of these suggestions in the thread already. If so make that a +1. -Scott -Original Message- From: Randy Bush [mailto:ra...@psg.com] Sent: Thursday, February 16, 2012 4:09 PM To: North American Network Operators' Group Subject: time sink 42 ok, this is horribly pragmatic, but it's real. yesterday i was in the westin playing rack and stack for five hours. an horrifyingly large amount of my time was spent trying to peel apart labels made on my portable brother label tape maker, yes peeling the backing from a little label so remote hands could easily confirm a server they were going to attack. is there a trick? is there a (not expensive) different labeling machine or technique i should use? randy
RE: Speed Test Results
The MIT article is good read, thanks for sharing that. One thing to watch out for is if the last mile provider is the one hosting the speedtest site, that's another variable removed from the equation. In some cases that is a good thing, in others it's not, depending on what you are trying to measure. It's also theoretically possible (and in my opinion not only likely but probably fairly common) for some large residential ISP's to not rate-limit these on-net test sites (either by design or as a side result of at what point in the network they apply the rate limiting), thereby showing much higher results than the end user could ever possibly see in a real world scenario. Also, when using some of the popular public Ookla/speedtest.net sites, their FAQ clearly states that the tests are not suitable for certain connection types like high speed services and non-residential services in general. One good example is Speakeasy's site, which in my personal experience has been the one most commonly used by end users (especially those contacting us about speed problems): http://www.speakeasy.net/speedtest/issues.php Our speed test is tuned to measure residential broadband services up to 20 Mbps over HTTP. It takes a very customized installation to be able to accurately measure up to 100 Mbps over HTTP. -Scott -Original Message- From: Frank Bulk [mailto:frnk...@iname.com] Sent: Sunday, December 25, 2011 8:28 PM To: 'Michael Holstein'; jacob miller Cc: nanog@nanog.org Subject: RE: Speed Test Results We host an Ookla Speedtest server onsite and find it a very reliable means to identify throughput issues. The source of any performance issues may or may not be ours, but if a customer says things are slow we can usually identify whether it's their PC or network (browsing is slow but speed test runs fine) or a local or regional network issue (speed test runs slow). If a customer gets less than 90% of the advertised throughput, we follow up on it. Frank -Original Message- From: Michael Holstein [mailto:michael.holst...@csuohio.edu] Sent: Friday, December 23, 2011 1:27 PM To: jacob miller Cc: nanog@nanog.org Subject: Re: Speed Test Results Am having a debate on the results of speed tests sites. Am interested in knowing the thoughts of different individuals in regards to this. They are excellent tools for generating user complaints. (just like the do traceroute and count the hops advice from gamer mags of old). (my $0.02) Michael Holstein Cleveland State University
RE: recommendations for external montioring services?
Two I know and have used are Alertra and SiteRecon. -Original Message- From: Express Web Systems [mailto:mailingli...@expresswebsystems.com] Sent: Monday, December 12, 2011 10:19 PM To: 'Derrick H.'; nanog@nanog.org Subject: RE: recommendations for external montioring services? You may want to check out http://www.panopta.com/ Works well for me with reasonable pricing. +1 to Panopta. We have been using them for the past two years and they +have been very solid. We have even put in a few feature requests (voice notifications was one we specifically requested) and they have had them implemented and pushed out for beta testing in a couple of weeks. I would highly recommend them.
RE: [OT] Overture's Ethernet over bonded Copper products
I've been working with them (it's really the Hatteras Networks products) since before the acquisition. I don't have much to compare to in terms of experience with the competing products, but I can tell you we've been very happy with the equipment, and I've heard lots of horror stories from Zhone customers. Hatteras' support was also phenomenal. I haven't seen any change yet since the acquisition except we have a different sales guy. The biggest challenge is that when dealing with 3rd party (iLEC) copper pairs, you really don't know what you are going to get until you turn up the circuit. There can also be a lot of fingerpointing when things break because the circuits you buy from the iLEC are generally cheap and don't have very high requirements for when the techs test and accept the circuit. Hope that helps, -Scott -Original Message- From: Graham Wooden [mailto:gra...@g-rock.net] Sent: Thursday, October 13, 2011 6:40 PM To: nanog@nanog.org Subject: [OT] Overture's Ethernet over bonded Copper products HI operators, Been looking at Overture¹s ŒEthernet over Copper¹ product line; any you folks have any real world experience with them? Would love to hear off-line the good, bad, ugly stories if you are willing to share. Much appreciated. -graham
RE: L3 Issues
We were seeing issues here as well, we have BGP to Level 3 down until they stabilize. We were seeing a number of sites as unreachable, but ping tests from the Level3 IP address on that interface were working. Looks like perhaps they stopped advertising our addresses or were advertising them through an incorrect path. -Original Message- From: David Hubbard [mailto:dhubb...@dino.hostasaurus.com] Sent: Monday, August 01, 2011 1:43 PM To: nanog@nanog.org Subject: RE: L3 Issues Seeing a big drop in outbound traffic on our L3 link starting about that time (we're a web host). Getting calls about sites down too; all the traces I've walked customers through so far have died on L3 networks. David -Original Message- From: Khurram Khan [mailto:brokenf...@gmail.com] Sent: Monday, August 01, 2011 1:40 PM To: nanog@nanog.org Subject: L3 Issues Hello and Good Morning, Are there reports of L3 having issues this morning ? Starting at about 10:10 A Pacific, I started seeing huge drops in traffic at various sites, including San Diego, Houston, San Antonio, Charlotte, NC, Philadelphia, etc. Anyone seeing a similar behavior ?
RE: Community troubleshooting étiquette/BCP (was: L3 Issues)
I did finally see a Level 3 network event posted about this in their portal. Actually they list two separate ones: A routing issue failure between Dallas, TX and Los Angeles, CA is impacting IP services. Impacted for: 1 hour 29 minutes A loss of connectivity to servers in Dallas, TX, Tustin, CA, and Tokyo, Japan caused an impact to CDN services. The second one probably explains the Akamai issues one poster mentioned. -Original Message- From: Jason Lixfeld [mailto:ja...@lixfeld.ca] Sent: Monday, August 01, 2011 2:03 PM To: nanog@nanog.org Subject: Community troubleshooting étiquette/BCP (was: L3 Issues) On 2011-08-01, at 1:48 PM, Jon Lewis wrote: Things seem to be moving again. I happen to have an L3 link out of NYC, but unfortunately I don't have a list of on-net L3 prefixes in any of the reportedly affected regions, so I'm unable to provide any data from my vantage point up here. I'm sure others are in my position as well. Is there any sort of etiquette/BCP for reporting issues like this to the community? Something that might specify a method of providing information a little more specific than just specifying the affected region(s)? Maybe a list of a few affected hosts/prefixes/URLS/etc? (incidentally, images.apple.com also resolves to our local Akamai cluster)
Re: OT: Given what you know now, if you were 21 again...
Saku nailed it. Learn the networking basics and underlying concepts (OSI!), everything else is an application that runs on that, and can be picked up pretty easily if you understand what it depends on. Wireshark (or your favorite capture tool) is your friend. That said, I feel knowing some of the parallels like *nix and vendor specifics (ie if you know Cisco IOS, many others follow this interface like a standard) really comes in useful over time. -Scott On Thu, 2011-07-14 at 00:28 +0300, Saku Ytti wrote: On (2011-07-13 14:08 -0700), Larry Stites wrote: Given what you know now, if you were 21 and just starting into networking / communications industry which areas of study or specialty would you prioritize? Again? Buy AAPL, INTC and MSFT with loan money and study *cough*, finer things in life. But in all seriousness, networking like I suppose most professions are not about knowing one thing and stopping. It's evolving rather rapidly so most thing you know now are irrelevant in decade or two. What you should learn is how to learn, how to attack problems and learn to love doing both.
RE: Carrier Contact
Have you tried looking for a Verizon routing or translations contact in the LERG? This is the official way. -Scott -Original Message- From: Tom Pipes [mailto:tom.pi...@t6mail.com] Sent: Wednesday, April 27, 2011 4:43 PM To: nanog@nanog.org Subject: Re: Carrier Contact I ended up calling 611 on my Verizon phone and they were extremely nice and tried to help, but were unable to take it any further due the the fact that the call appears to route properly. The problem is that the call does route, but to the wrong switch in the wrong LATA and then routes over failover ISUP trunks. The rep tried to escalate it and reported back that there was nothing they could do because the call routes successfully. She agreed that it was going to be very difficult for me to get that to pass through the layers of support. It's very sad that this has to be so complicated. Thanks for the suggestions, Tom On Wed, Apr 27, 2011 at 11:19 AM, Tom Pipes tom.pi...@t6mail.com wrote: Greetings, Does anyone know who I could contact at Verizon Wireless regarding mis-routing one of my NXX blocks? Off list responses are fine. Thanks, -- Tom Pipes Essex Telcom Inc
RE: Voice Peering?
It's not specific for mobile, but this is one of the most well know VOIP exchanges: http://www.thevpf.com/ -Scott -Original Message- From: Santino Codispoti [mailto:santino.codisp...@gmail.com] Sent: Thursday, April 21, 2011 3:36 AM To: nanog@nanog.org Subject: Voice Peering? I know a few years ago some Vo/IP peering points where started. Are they still around today? I am looking for a solution to hand-off outbound voice calls to mobile operators
RE: Voice Peering?
Among other services, the VPF provides an ENUM infrastructure for doing lookups using DNS for what carrier in the exchange can route calls to a specific TN. But yes, the underlying concept of the actual interconnections are similar to IP exchanges. There are also application specific exchanges out there, especially in the financial markets. -Scott -Original Message- From: Martin Millnert [mailto:milln...@gmail.com] Sent: Thursday, April 21, 2011 3:26 PM To: Scott Berkman Cc: Santino Codispoti; nanog@nanog.org Subject: Re: Voice Peering? On Thu, Apr 21, 2011 at 1:00 PM, Scott Berkman sc...@sberkman.net wrote: It's not specific for mobile, but this is one of the most well know VOIP exchanges: And here I thought IP exchanges would cover the IP in VOIP. When do we get HTTP exchanges? :) Regards, Martin
Coffer MAC Address Vendor Database
Is anyone on the list that knows about the Coffer MAC address vendor database (http://www.coffer.com/mac_find/)? I have used this resource for years and I am now getting a permission error (403 Forbidden) when I try to go to any page on that site. Otherwise, anyone have recommendations for another resource for this information? Thanks, -Scott
RE: How are you aggregating WAN customers these days?
Juniper M20. -Original Message- From: Justin Wilson [mailto:li...@mtin.net] Sent: Monday, January 10, 2011 10:00 AM To: Chris; nanog@nanog.org Subject: Re: How are you aggregating WAN customers these days? Cisco ASR 1000. For T3 you can get a 4 port card. Seems to perform well. Also have a 6500 deployed with some flexwan interfaces. Believe this will also work in the 7000 something chassis. Justin -- Justin Wilson j...@mtin.net Aol Yahoo IM: j2sw http://www.mtin.net/blog - xISP News http://www.twitter.com/j2sw - Follow me on Twitter Wisp Consulting - Tower Climbing - Network Support From: Chris behrnetwo...@gmail.com Date: Mon, 10 Jan 2011 09:51:53 -0500 To: nanog@nanog.org Subject: How are you aggregating WAN customers these days? Hello, I'm looking to put some feelers out there and see what people are doing to aggregate WAN customers (T1,T3, etc...) these days. What platforms/devices are you using? What seems to be working/not working? Any insights would be great! Thanks, Chris
RE: SONET and MAC address
Don't know the FlashWave gear well, but in the Cisco ONS/Cerent world GigE ports can be configured in different modes, some of which do in fact learn MAC addresses. Others emulate a single layer-2 link and as the vendor stated, would not look at the MAC address at all. -Scott -Original Message- From: Jay Nakamura [mailto:zeusda...@gmail.com] Sent: Wednesday, December 08, 2010 3:33 PM To: NANOG Subject: SONET and MAC address We have a Gigabit Ethernet transport between cities by a vendor. We found that when there are identical MAC address that are on different VLANs on different side of the circuit, one of the VLAN looses packets. This situation came up because two different networks that travel over the Ethernet were using HSRP with the same virtual MAC address. The vendor says both sides are directly connected to Fujitsu SONET gear and the equipment doesn't even look at the MAC address so it's not their circuit. All I know is, I can't recreate the problem if this circuit is not in the path. I haven't worked with Fujitsu SONET gear so I don't know if their claim is true or not. I vaguely remember someone talking about some equipment actually having a builtin switch on the SONET port and that was messing up the forwarding. Also, on one side of the circuit, there is a copper to fiber media converter. I am going to find out what model this is and see if that could be the cause. Anyone have any thoughts on what I should look into or have the vendor look into? Anyone run into this situation? Thanks!
RE: Level 3 Communications Issues Statement Concerning Comcast's Actions
Unless I am missing something, Level3 is just the transit provider. Level 3 (via one of their acquisition a few years back) does have a very popular CDN product, but even if they are the source from an IP perspective, they still do not own the content, that is still primarily the networks and studios. Also as to GoogleTV, from what I have seen so far they are simply providing an interface (via an OS for 3rd party hardware) to access already available content, so yes they would be affected. -Scott -Original Message- From: Seth Mattinen [mailto:se...@rollernet.us] Sent: Monday, November 29, 2010 6:02 PM To: nanog@nanog.org Subject: Re: Level 3 Communications Issues Statement Concerning Comcast's Actions On 11/29/2010 14:40, Rettke, Brian wrote: Essentially, the question is who has to pay for the infrastructure to support the bandwidth requirements of all of these new and booming streaming ventures. I can understand both the side taken by Comcast, and the side of the content provider, but I don't think it's as simple as the slogans spewed out regarding Net Neutrality, which has become so misused and abused as a term that I don't think it has any credulous value remaining. Is Level3 the content provider though? Or did Comcast just decide they don't want to do the settlement free peering thing anymore for traffic transiting via Level 3? ~Seth
RE: ATT Dry Pairs?
We order these all of the time ( as a CLEC) for EoC connections or DSL on our equipment. The correct terminology is usually 2-wire or 4-wire copper loops. There will be specific NC/NCI codes depending on the iLEC region you are in and LEC you are working with. Within these loops, you will generally see at least the following types of circuits, normally these are really just different levels of qualifications the LEC is required to meet on the copper they provide (in terms of noise, attenuation, load coils, and # feet of bridge tap): HDSL (best) ADSL UCL (Unbundled copper loop - worst) Now the main issue is that these circuits are normally provisioned between a CO and an end-user location. I don't know if you'd be able to get them directly between two sites that are not ATT facilities without going back to the CO first (greatly increasing total loop length and probably decreasing max DSL speeds). The other thing to know is that in busy CO's, some of these line types (especially the higher quality loops) may be blacklisted meaning you either can't order them at all, or you can order them a different way at a much higher rate. The last issue I can think of is that you may not be able to get these at all from ATT's retail or business side of the house. If that is the case, find a local CLEC and see if they will help you out. -Scott -Original Message- From: Brandon Galbraith [mailto:brandon.galbra...@gmail.com] Sent: Thursday, September 30, 2010 4:53 PM To: nanog@nanog.org Subject: ATT Dry Pairs? Has anyone had any luck lately getting dry pairs from ATT? I'm in the Chicago area attempting to get a dry pair between two buildings (100ft apart) for some equipment, but when speaking to several folks at ATT the response I get is You want ATT service without the service? That's not logical!. Had no problems 3-4 years ago getting these sorts of circuits, but it appears it's gone the way of the dodo now. Any emails off-list are appreciated. -- Brandon Galbraith US Voice: 630.492.0464
RE: Netflow Tool
If you want something scalable and commercial (read: with support) check out these guys, I have been using it for a while and it has tons of features and very flexible reporting (including exports to PDF, CSV, etc): http://www.netflowauditor.com/ They have a free version as well with limits. -Scott -Original Message- From: Mike Gatti [mailto:ekim.it...@gmail.com] Sent: Friday, September 17, 2010 2:50 PM To: nanog@nanog.org Subject: Netflow Tool Anyone out there using a good netflow collector that has the capability data to export to CSV? Open Source would be best, but any suggestions are welcome. Thanks, =+=+=+=+=+=+=+=+=+=+=+=+= Michael Gatti cell.703.347.4412 ekim.it...@gmail.com =+=+=+=+=+=+=+=+=+=+=+=+=
RE: on network monitoring and security - req for monitoring tools
Are you looking only at Open Source tools? If not you are missing all of the most widely deployed tools out there (including): HP Open View Cisco Works IBM Tivoli/NetCool Smarts (now EMC Ionix) Also a few other open tools: ZenOSS Zabbix You will also need to look at separate security monitoring software if your goal is to cover that. Not including any commercial vendors, I'd say you at least need to include: SNORT (possibly including a front end like BASE/ACID) Suricata Nessus Sguil As to one solution being better than the other, a lot of it comes down to opinion and exactly what you need. Also are you willing to do a lot of coding to get it to do exactly what you want? What is your budget? How big is your network? What are the vendors in question? What is most important to you (graphing, alerting, automated fault resolution, topology discovery,...)? How much staff do you have dedicated to the project? And on and on... -Scott -Original Message- From: travis+ml-na...@subspacefield.org [mailto:travis+ml-na...@subspacefield.org] Sent: Saturday, August 21, 2010 5:58 PM To: nanog@nanog.org Subject: on network monitoring and security - req for monitoring tools Hi, I'm putting together a book on security*, and wanted some expert input onto network monitoring solutions... http://www.subspacefield.org/security/security_concepts.html Nagios, Net-SNMP, ifgraph, cacti, OpenNMS... any others? Any summaries of when one is better than the other? Any suggestions on section 13-15? I imagine I'll offend some of you by not distinguishing between system and network adminsitration, but... it's a small section right now, maybe if it grows. OT: I had issues with understanding MIBs and SNMP tools... specifically, I wanted to query and graph the pf-specific MIB... any suggested places to ask? Do I ask on the Net-SNMP list, or is there a better place? Also, cacti... seemed to behave differently based on whether the target was Linux-based or BSD-based... I suppose the cacti-users is the right place to ask, but if anyone has any suggestions, please LMK. I hate the UI. -- My emails do not have attachments; it's a digital signature that your mail program doesn't understand. | http://www.subspacefield.org/~travis/ If you are a spammer, please email j...@subspacefield.org to get blacklisted.
RE: Monitoring Tools
I'd recommend ZenOSS. -Scott -Original Message- From: Jack Bates [mailto:jba...@brightok.net] Sent: Thursday, August 19, 2010 9:47 AM To: jacob miller Cc: nanog@nanog.org Subject: Re: Monitoring Tools jacob miller wrote: Phil, Am looking for availability reports,bandwidth usage,alerting service and ability to create different logins to users so they can access diff objects For all in one, OpenNMS does decent and may meet your needs. We often utilize a mixture of tools and modify for working with what we want. My only issue with OpenNMS was that it's java and I don't care to add java to the list of languages I program in. My only complaint was it could get really weird when you have 3,000 unnumbered interfaces. :) Jack
RE: tool to wrangle config file changes
We are now using NAI for this. Free (really, not just a trial for some small number of devices), and you can very easily write plug-ins for new types of systems. http://inventory.alterpoint.com/ http://docs.inventory.alterpoint.com/doku.php?id=doc:content_guide -Scott -Original Message- From: Raymond Macharia [mailto:rmacha...@gmail.com] Sent: Thursday, August 19, 2010 6:16 AM To: Eugeniu Patrascu Cc: nanog@nanog.org Subject: Re: tool to wrangle config file changes Kiwi Cat Tools. There is a free version (supports upto 20 devices). - http://www.kiwisyslog.com/ Raymond Macharia On Thu, Aug 19, 2010 at 11:03 AM, Eugeniu Patrascu eu...@imacandi.netwrote: On Thu, Aug 19, 2010 at 03:16, Rogelio scubac...@gmail.com wrote: Long story short, a really crappy vendor is being shoved down our NOC's throat. They have a horrid CLI (if you can call it that). People don't understand it (it's non-intuitive) and are screwing up things all the time. Would be so kind to name the vendor so that other people would have an advance warning ?
RE: Monitoring Tools
The last time I looked, my main issue with Zabbix was that it required (or greatly preferred) their proprietary agent on every host. This may have changed. -Scott -Original Message- From: Nathan Eisenberg [mailto:nat...@atlasnetworks.us] Sent: Thursday, August 19, 2010 2:53 PM To: nanog@nanog.org Subject: RE: Monitoring Tools Am looking for an opensource network monitoring tool with ability to create different views for different users. Regards,Jacob Just to add another opinion to the pot, I've used zabbix in several large environments, and I like it a lot. The developer team is decently sized, and very responsive to requests and feedback (they operate a commercial 'support' model for the platform, so working on the system is literally their day job - as George pointed out, this is often a problem). Zabbix also supports distributed monitoring, which is very handy for scaling or for monitoring multiple locations without dealing with VPNS and the like (or if you have places you need to monitor behind NATs!). Its major weakness at the moment is the weak support for SNMP traps (works great in polling mode, though), so you will want a separate simple system for catching traps. In my opinion, that's just fine, because statistics/trending/basic resource alerting/etc are best kept separate from things like OMG one of my powersupplies is dead!!11one. Also supports IPMI, which is nice if you have IPMI deployed. :-) Best Regards, Nathan Eisenberg
RE: Monitoring Tools
Agreed. And it REALLY isn't that complicated. Go spend some time with CORBA or TL-1 and then re-evaluate the learning curve. SNMP is really very straight forward as a protocol. If a specific vendor's MIB is difficult to understand or use, that is an entirely different matter. -Scott -Original Message- From: Phil Regnauld [mailto:regna...@nsrc.org] Sent: Thursday, August 19, 2010 5:14 PM To: Curtis Maurand Cc: nanog@nanog.org Subject: Re: Monitoring Tools Curtis Maurand (cmaurand) writes: Oh, and it avoided us having to install an agent on 1000+ servers :) But the configuration learning curve for SNMP is very steep indeed. Doing network monitoring and not understanding SNMP is like, umm, well I fail to come up with an analogy, but you get my drift. :) It's a bullet you'll have to bite at one point.
RE: Level3 - have they alive abuse team?
I'd probably start here: http://puck.nether.net/netops/nocs.cgi?level -Scott -Original Message- From: Popov Max [mailto:popovu...@meta.ua] Sent: Monday, July 12, 2010 5:21 AM To: nanog@nanog.org Subject: Level3 - have they alive abuse team? Hello! I am an owner of the small telecom business in Eastern Europe. We have the provider independent network and own autonomous system number. Due to the financial crisis impact, we was off-line for some time. Now it is possible to return to business. But I found our network is already announced by Level3!!! I have dropped them a letter to ab...@level3.com, then got an auto-answer from the robot, after several days have repeat it... Level3 keep silence, and our network is announced now by /24 pieces! What is the good way to push these network hijackers more efficiently? __ Я пользуюсь почтой на Мете http://webmail.meta.ua
RE: Mikrotik OC-3 Connection
I really wouldn't use the word legacy to describe SONET and OC-3's. -Scott -Original Message- From: Mike [mailto:mike-na...@tiedyenetworks.com] Sent: Saturday, July 03, 2010 4:11 PM To: Alan Bryant Cc: nanog@nanog.org Subject: Re: Mikrotik OC-3 Connection Alan Bryant wrote: I'm just trying to see what options there are and make the decision off of that. If Cisco or Juniper is the only way, then so be it. I just want to be sure. The real issue is that these legacy telco interfaces are just expensive, straight up, and being forced to use these specialized interfaces for your IP connectivity just drives your costs up for no real gain. I bet what you would really love is just a simple ethernet handoff but of course no provider in your area probabbly makes that available. So you get collared into these expensive interfaces that force you to just buy more when you need more connectivity, as opposed to ethernet which could easilly grow to 1000mbps without needing $$$ I/O cards every 155mbps along the way (and loop charges and hassle and pain, etc). On the good news front, there's lots of capable cisco hardware out there you can take multiple interfaces types on, for pretty cheap especially if you look at refurbished gear. Before you run off and make a purchase decision, most of these cisco resellers can really help you decide on the right platform (thats their value add), so if you think you might wind up with an OC3 and 8t1s for example they can help you figure out what NPE (cpu) you need and ram and ios version and such.
RE: Penetration Test Vendors
If I wanted someone to do this, I'd probably look at a security vendor instead of a general purpose consulting firm. Some examples off the top of my head might include IBM's ISS and SecureWorks. -Scott -Original Message- From: Ken Gilmour [mailto:ken.gilm...@gmail.com] Sent: Tuesday, June 22, 2010 4:58 PM To: George Bonser Cc: nanog@nanog.org Subject: Re: Penetration Test Vendors Depends on where you are... I've used Sysnet in Europe (www.sysnet.ie) and they are excellent. We used Deloitte ( http://www.deloitte.com/view/en_GX/global/services/enterprise-risk-services/ security-privacy-resiliency/pcidss/index.htm) in non-european countries, with not such a good result (but other people may have different experiences). Regards, Ken On 22 June 2010 14:48, George Bonser gbon...@seven.com wrote: Anyone have any suggestions for a decent vendor that provides network penetration testing? We have a customer requirement for a third party test for a certain facility. Have you used anyone that you thought did a great job? Anyone you would suggest avoiding? Replies can be sent off list and I will summarize any feedback I might get from the community if anyone is interested. George
RE: Dial Concentrators - TNT / APX8000 R.I.P.
I think the only one under support may be the Cisco AS series (AS5800 only now?): http://www.cisco.com/en/US/products/hw/univgate/ps509/ The other platform I knew besides the TNT was the Nortel CVX but it is EOL also. -Scott -Original Message- From: Jerry Bonner [mailto:jbon...@enventis.com] Sent: Monday, May 10, 2010 12:29 PM To: nanog@nanog.org Subject: Dial Concentrators - TNT / APX8000 R.I.P. I'm told by our Alcatel rep that the APX 8000 is no longer supported and that we can no longer get hardware support because they don't have any spare parts. I share a certain amount of love for this platform dating back to Ascend, but what am I to do now? Obviously no one is making large investments in their dial platform, but are there any other viable alternatives out there that are actually supported? ~jerry
RE: Edu versus Speakeasy Speedtest
2 things. 1: http://speakeasy.net/speedtest/issues.php (See the section on inaccurate results over 20Mbps and that the test is meant for residential broadband services) 2: Speakeasy is a commerical ISP for both residential and business users. That means it is in their best interest to encourage you to purchase their services. I have no issues with Speakeasy and have used them personally with great success in the past (great support but prices are a little high for most residential users), but why would you test one provider's service with a sales tool from another (competing) provider and expect accuracy? -Scott -Original Message- From: Bret Clark [mailto:bcl...@spectraaccess.com] Sent: Thursday, April 29, 2010 12:05 PM To: nanog@nanog.org Subject: Re: Edu versus Speakeasy Speedtest All the new OS's (IE Windows7) automatically adjust TCP window size. Personally I've never found those website speed test to be that accurate on fast connections (over 15Mbps full duplex). The only way to really confirm bandwidth is by running IPERF. Robert Glover wrote: Adjust your TCP window size. -Original Message- From: Murphy, William william.mur...@uth.tmc.edu Date: Thu, 29 Apr 2010 10:53:01 To: nanog@nanog.orgnanog@nanog.org Subject: Edu versus Speakeasy Speedtest I work for an Edu with multi-gigabit Internet connectivity and I get questions from users saying Why am I only getting 14Mb when I run this speed test? I have got to believe that the various Internet speed tests (Speakeasy or dslreports) are rate limited to prevent someone from shutting them down. I am able to get 300-400Mb running from a PC inside my network to NDT servers located on Internet2, so that tells me my border and internal network is healthy. Can someone on this list shed some light regarding reliability and accuracy of these various speed tests especially for an Edu with lots'o bandwidth? Thanks. Bill Murphy University of Texas Health Science Center - Houston
RE: Books for the NOC guys...
I just show them this: http://warriorsofthe.net/ -Scott -Original Message- From: Larry Sheldon [mailto:larryshel...@cox.net] Sent: Friday, April 02, 2010 9:46 AM To: nanog@nanog.org Subject: Re: Books for the NOC guys... On 4/2/2010 08:39, valdis.kletni...@vt.edu wrote: On Fri, 02 Apr 2010 13:48:48 BST, Michael Dillon said: So, what are you having your up-and-coming NOC staff read? In an attempt to wean them off of unmanageable PERL scripts There is not, and there never will be, a useful programming language that makes it the least bit difficult to write totally abominable creeping-horror unmaintainable code in. The ability of a programmer to write totally obtuse code is entirely orthogonal to the choice of implementation language. Some people just don't have good taste, and will produce train wrecks in any language. Remember that it's possible to write Fortran-IV code in any language. :) Unless you teach them stuff like Document the sources and expected types of input data, add useful comments that explain your choice of algorithms rather than a++; /* Add one to A */, and If the language supports operator overloading, don't be a bozo and abuse it, the code will be unmaintainable. Teach them. Train them. Have standards. Enforce them (pay according to compliance). What a concept! We did that using Autocoder and COBOL. What next? Manage them? Is that even legal? -- Democracy: Three wolves and a sheep voting on the dinner menu. Requiescas in pace o email Ex turpi causa non oritur actio Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs http://tinyurl.com/7tp8ml
RE: Home CPE choice
If you like open source routing platforms but want support and (possibly) a HW appliance (you can also just use their software), you may also want to take a look at Vyatta (http://www.vyatta.com/). They make a I haven't personally worked with the gear yet but I've heard some good things. -Scott -Original Message- From: Charles N Wyble [mailto:char...@knownelement.com] Sent: Wednesday, March 31, 2010 8:46 PM To: nanog@nanog.org Subject: Re: Home CPE choice On 03/31/2010 04:07 PM, William Warren wrote: I run Astaro on a p-4 celey i had lying around. Get far more than any little router you'll see..can't beat the price. Astaro looks cool. I hadn't heard of it before. Thanks for sharing.
RE: FCC releases Internet speed test tool
So have other people noticed that the Ookla/Speedtest.net/Speakeasy Bandwidth test often comes up VERY short on upload bandwidth results for anything other than residential-grade asymmetrical services? We often get complaints from customers saying I'm not getting the upload bandwidth I'm paying for, and when we ask what they are using to determine this, the answer is almost always either Speakeasy or Speedtest.net. We certainly don't depend on or recommend these sites to customers (we have our own internal tools and usually recommend FTP or iperf), but everyone who deems themselves semi-knowledgeable seems to find their way there anyway. Do these sites simply not have the downstream bandwidth to handle the upload tests? If thats the case I'd really like to see the admins add a disclaimer of some form directly to the site. Thanks, -Scott -Original Message- From: Robert Mathews (OSIA) [mailto:math...@hawaii.edu] Sent: Friday, March 12, 2010 10:32 AM To: North American Network Operators Group Subject: Re: FCC releases Internet speed test tool Joe Greco wrote: Correction: it _requires_ Java. It _asks_ for your address. It seems like it'd work fine if you gave it your neighbor's address. :-) I noted that I got wildly varying numbers on a laptop and an iPhone (there is also an iPhone app) and the iPhone app doesn't ask for an address. Both on the same wifi, and the numbers were off by a lot. ... JG INSTEAD of using the FCC provided app, one 'could' always use OOKLA and M-LAB directly. The following links may prove to be more helpful to some. http://demo.ookla.com/linequality/*and * http://npad.iupui.lax01.measurement-lab.org:8000/ (Choose the closest orig/term point to you from: http://www.measurementlab.net/measurement-lab-tools#npad ) Both sites present varying granularity.. It goes without saying that one should NOT send one's mother/grandmother to the NPAD site. Pete (Peter Löthberg) being the exception here. O:-) Best, Robert. --
RE: ip address management
I was about to suggest IPPlan, but it is lacking the V6 support. Here is one I found doing some searching, but I haven't used it myself: http://sourceforge.net/projects/haci/ -Scott -Original Message- From: Pavel Dimow [mailto:paveldi...@gmail.com] Sent: Tuesday, February 02, 2010 3:55 PM To: nanog@nanog.org Subject: ip address management Hello, does anybody knows what happend with ipat? http://nethead.de/index.php/ipat http://nanog.cluepon.net/index.php/Tools_and_Resources Any other suggestion for a good foss ip address management app with ipv6 support?
RE: Datacenter for DR in northwestern NJ/NY
Might be better off going to Philly, its only about an hour and a half away, and you'll likely have better connectivity options. Most of the big data centers in NJ are well within the 50 mile requirement (Bergen County, Hoboken, Newark, Jersey City). -Scott -Original Message- From: Matt Sprague [mailto:mspra...@readytechs.com] Sent: Tuesday, February 02, 2010 4:16 PM To: nanog@nanog.org Subject: Datacenter for DR in northwestern NJ/NY Hello NANOG! Does anyone know of some strong datacenters in northwestern NJ, or north of Westchester NY without getting too far away from NYC? I'm looking for a DR colo solution for a site that is in NYC; this needs to be at least 50m away from NYC, but I'm trying to keep it not too much further than that for convenience. I'm also trying to keep this to top level providers as there may be compliance requirements. Thanks in advance for any responses. -- Matt Sprague ReadyTechs, LLC mspra...@readytechs.commailto:mspra...@readytechs.com 973-455-0606 x1204 (voice) http://www.readytechs.com/
RE: Fiber Cut in CA?
Cross-country Fibers very often follow existing utility rights of way. So even in a wide open desert, the places the fibers go are the busy spots. Sometimes its train tracks, sometimes its gas pipelines, sometimes its electric, sometimes it’s a road, but very rarely is fiber like that on its own. So the cut was likely construction on whatever the fiber was near. The other option is that the fiber provider was actually doing maintenance (adding capacity, fixing a troubled strand) and did the damage themselves. -Scott -Original Message- From: Bret Clark [mailto:bcl...@spectraaccess.com] Sent: Tuesday, February 02, 2010 6:37 PM To: nanog Subject: Re: Fiber Cut in CA? Good point...so if the cut is in the middle of nowhere without easy access...then how the hell did it get cut? Malicious? Matt Simmons wrote: And in an open desert, back hoes can smell fiber from miles away. On Tue, Feb 2, 2010 at 3:27 PM, Bill Stewart [1]nonobvi...@gmail.com wrote: On Tue, Feb 2, 2010 at 12:04 AM, [2]char...@knownelement.com wrote: That is one long protect path. Yikes. There be mountains in the way, with deserts in between, and not a lot of people to justify diversity or railroads and highways to run it along. Not many carriers have more than one fiber route across Arizona and New Mexico, especially for the newer high-capacity fibers (i.e. built this millennium, after the financial excesses of the 90s.) I'm no longer current on what routes are being used by what carriers, but if you don't have two routes across northern Arizona ( I-10/I-40, with restoration routes like Barstow-LasVegas-Flagstaff-Phoenix), then the next alternative is Barstow-LasVegas-SaltLakeCity-Denver, at which point some carriers have routes down to Phoenix via Tucumcari or Amarillo, and the rest are going to go through Dallas, and anybody who doesn't have the LasVegas-SLC route is going to use Sacramento-SLC-Denver, possibly also including San Jose, depending on what routes they've got across California. So, yeah, instead of the nice short 2200-mile restoration routes you can use if SF-Seattle fails, cable cuts in the Southwest can be really long... -- Thanks; Bill Note that this isn't my regular email account - It's still experimental so far. And Google probably logs and indexes everything you send it. References 1. mailto:nonobvi...@gmail.com 2. mailto:char...@knownelement.com
RE: Comcast IPv6 Trials
They'll need to be soon to keep up with others in their space (not that they generally compete directly thanks to franchise laws), although I'm not sure how the data side of things is handled for MVNO's, normally they don't have any network of their own: http://news.cnet.com/8301-1035_3-10215445-94.html http://unbelievablyfair.com/ -Scott -Original Message- From: George Bonser [mailto:gbon...@seven.com] Sent: Thursday, January 28, 2010 1:56 AM To: Kevin Oberman Cc: nanog@nanog.org Subject: RE: Comcast IPv6 Trials -Original Message- From: Kevin Oberman [mailto:ober...@es.net] Sent: Wednesday, January 27, 2010 9:56 PM To: George Bonser Cc: William McCall; nanog@nanog.org Subject: Re: Comcast IPv6 Trials SWAG is wrong. Comcast is a major cable TV, telephone (VoIP), and Internet provider, but they don't do mobile (so far). Ahh, ok. I was fooled by this: http://www.comcast.net/mobile/
RE: Routing to multiple uplinks
Anycast? http://www.nanog.org/meetings/nanog29/abstracts.php?pt=NjcxJm5hbm9nMjk=nm=n anog29 Might need to know a little more about the layout here for a better answer. -Scott -Original Message- From: rodrick brown [mailto:rodrick.br...@gmail.com] Sent: Friday, December 18, 2009 7:47 PM To: nanog@nanog.org list Subject: Routing to multiple uplinks This may be slightly off topic however I have a very unique situation where I need to provide two diverse paths to a major stock exchange. Each host may either use route A or B for any given reason to access this particular exchange using two distinct routers and target address. The applicatiOn running on these hosts must only see/use one target address this needs to be transparent as possible. NIC bonding/teaming on the host side isn't a viable solution because of the latency overhead same goes for vrrp/hsrp. I believe my only option here is to setup multiple default routes with a preferred path of some sort. This seems to be possible using ip route2 on Linux. This just seems wrong on many levels and I thought I would post here because I know there is something obvious I'm missing. Please clue me in. Thanks. Sent from my iPhone 3GS.
RE: news from Google
Also reminds me of the Level 3 DNS servers in the 4.2.2.[1-8++] range. -Scott -Original Message- From: Jonathan Lassoff [mailto:j...@thejof.com] Sent: Thursday, December 03, 2009 1:51 PM To: nanog Subject: Re: news from Google Excerpts from Charles Wyble's message of Thu Dec 03 10:44:49 -0800 2009: 8.8.8.8 6.6.6.6 would have been really really funny. :) Nice IPs from Level 3, huh? 6.6.6.6 belongs to the US Army. --j
RE: Help -- Having trouble trying to activate a GigE connection
I actually have seen where you have to hard set to speed 1000 to get this type of link up, even Cisco to Cisco. -Scott -Original Message- From: Michael K. Smith - Adhost [mailto:mksm...@adhost.com] Sent: Tuesday, November 24, 2009 11:25 AM To: Michael Ruiz; nanog@nanog.org Subject: RE: Help -- Having trouble trying to activate a GigE connection Hello Michael: -Original Message- From: Michael Ruiz [mailto:mr...@telwestservices.com] Sent: Tuesday, November 24, 2009 8:02 AM To: nanog@nanog.org Subject: Help -- Having trouble trying to activate a GigE connection Group, I am having an issue with activating a Gige interface between a Cisco 7206 VXR w/IO-1GE module to a 7606 w/sup720-3bxls connecting to a line module WS-X6416-GBIC. I have verified that the GBIC-MMF have good light reading and the MMF fiber jumper are not reversed. The GigE connection comes up briefly for about a few seconds, takes a burst of errors and goes down. I have tried to set the speed to nonegotiate on both ends, set one end to speed auto. No dice. Here is the copy of the configuration. On my 7606 I show that the GigE interface is up/up but on the 7206vxr I show down/down. Any help will be greatly appreciated. Thanks! I don't think there is any reason to have hard-set speed and duplex, particularly between two Cisco's. Why not just set *both* sides (you can't set just one) to auto-negotation - 'no speed nonegotiate' on the 7606 side. Is this a straight shot, single fiber pair between the two or are there intermediate junctions or optics? It sounds like you have questionable fiber or optics in the path. It could be the fiber itself or the GBICs on either side. Regards, Mike
RE: Transit from Cogent - thoughts?
I also suggest reading the Wikipedia page on Cogent. -Scott -Original Message- From: Jay Moran [mailto:jay+na...@tp.org] Sent: Wednesday, November 11, 2009 10:12 AM To: a...@baklawasecrets.com Cc: nanog@nanog.org Subject: Re: Transit from Cogent - thoughts? Adel, Perhaps the best way for you to get an answer to your question without the entire list erupting for no good reason is to click on the following link which will show all messages from the NANOG mailing list about Cogent. Then you can make your decision based on past conversations as opposed to adding more messages to that archive on the topic. BTW, if you don't want to click on the link I've pasted because you are careful and prudent, just go to the nanog.markmail.org website and search for Cogent. http://nanog.markmail.org/search/?q=cogent Good luck! Jay On Wed, Nov 11, 2009 at 10:04 AM, a...@baklawasecrets.com wrote: Contemplating using Cogent Communications for transit as pricing looks favourable. Just trying to get a feel for what sort of a reputation they have in the network operators community. I'm sure people have horror stories for every provider, but just trying to get a general idea of what sort of regard they are held in the community. Thanks Adel
RE: EdgeWater EdgeMarc 4610W
Haven't had my hands on the 4610W yet, but I've been using (and have been a big fan of) Edgemarcs for some time. It does what it says and well, I love the support guys, and their price point is much better than most of the competitors. Some of my favorite features do come from the fact that they are Linux based, such as being able to run tcpdump for troubleshooting SIP signaling (or any network issue) in real time. They also have a really nice EMS that's quite worth it if you have enough of these deployed. It can alert on call quality issues based on MOS score, as well as standard up/down status. The only real downside is the licensing of concurrent calls. The licensing of the T1's is actually really nice so that you can get the box at a lower pricepoint, but grow it in service if you need more T1 capacity later on. If anyone has any more specific questions about using these in the real world I'd be happy to answer. -Scott -Original Message- From: Jaimie Livingston [mailto:jai...@featuretel.com] Sent: Thursday, October 29, 2009 6:45 PM To: nanog@nanog.org Subject: EdgeWater EdgeMarc 4610W Has anyone had any recent direct experience with the EdgeWater EdgeMarc 4610W multi-service appliance used as a CPE device? I was recently handed a sales sheet on this swiss-army knife appliance, but there doesn't seem to be much publically available review of the beastie at the moment. If it is as advertised, it would be a very handy device as a CPE option... Thanks, Jaimie L.
RE: NetFlow analyzer software
NetFlow Auditor. The free stuff tends to choke as you add a lot of flow traffic. It's not free, but if you want support this is a great option. http://netflowauditor.com/ -Scott -Original Message- From: Michael J McCafferty [mailto:m...@m5computersecurity.com] Sent: Monday, October 19, 2009 1:43 PM To: nanog@nanog.org Subject: NetFlow analyzer software All, I am looking for decent netflow analyzer and reporting software with good support for AS data. ManagEngine's product crashes or locks up my browser when I try to list/sort the AS info because it's too large of a list and there is no way to tell it to show just the top x results. Plixer's Scrutenizer, while it seems like it's a pretty decent product, is no longer supporting Linux... We are a Linux shop (servers, desktops, laptops). What else is there that I might want to look at? Thanks! Mike M5Hosting.com Sent from my Verizon Wireless BlackBerry
RE: SMS
Many people consider these (carrier email to SMS gateways) too unreliable as there are no SLAs from the carriers, and sometimes experience long delays in message delivery, or just flat out dropped messages. If this is what you are depending on for outage notification that's a big risk. Some people use a serial interface to a specific model cell phones to directly send the message over the carrier's cellular network. This is good in the event of isolation of a location from any IP connectivity to a carrier gateway. I believe there was another solution that involved direct carrier connections, but these are most likely cost prohibitive in most situations. There is a good thread on this somewhere a little while back in the NANOG archives with more details of the solutions. -Scott -Original Message- From: Alex Balashov [mailto:abalas...@evaristesys.com] Sent: Tuesday, September 22, 2009 11:53 AM To: Shane Ronan Cc: nanog@nanog.org Subject: Re: SMS Shane Ronan wrote: On that same note, can someone point me in the direction of an SMS gateway service? I would like to be able to send SMS messages from my monitoring systems, but I am unsure about how to go about it. Appreciate the assistance. Why not use an e-mail to SMS gateway from whichever carrier? -- Alex Balashov - Principal Evariste Systems Web : http://www.evaristesys.com/ Tel : (+1) (678) 954-0670 Direct : (+1) (678) 954-0671
RE: SMS
Another for this list is http://msgme.com/. Setting up your own short codes is an expensive and long process, so you are usually best starting off with a shared code from one of these companies and you can migrate down the line if the revenue/volume is there to make it worthwhile. -Scott -Original Message- From: Express Web Systems [mailto:mailingli...@expresswebsystems.com] Sent: Tuesday, September 22, 2009 11:19 AM To: 'Shaun Rossi'; nanog@nanog.org Subject: RE: SMS Shaun, This is called Short code sms messaging. www.clickatell.com offers this service and is considered to be one of the bigger players in the SMS market. Warm regards, Tom Walsh Express Web Systems, Inc. -Original Message- From: Shaun Rossi [mailto:ro...@fidalia.com] Sent: Tuesday, September 22, 2009 10:07 AM To: nanog@nanog.org Subject: SMS Hello, I have no idea what this is referred to as, so I will try to explain: I have a client interested in setting up a mobile phone text message service where a mobile user would send a text to a short (say 5 digit) 'telephone' number. I've seen commercials on TV where you could send a numeric/text code to a SMS gateway number, and it charges your mobile account for the returned text message or downloadable ringer/etc. Without knowing much about how to access this service, it seems relatively straightforward. I did a few web searches however I'm not sure what magic keyword I'm missing for the search. Could anyone point me in the right direction? The service would be established in Canada and potentially the United States. I have called two of the largest mobile operators, but no one can get me to the right department. As far as experience with texting goes, I have worked on some systems that do M2M (machine-to-machine) SMS communication, always using full mobile telephone numbers (GSM modems). Many thanks, -Shaun Shaun Rossi Fidalia Networks Inc tel. (905) 271-0037 x 111 1-866-FIDALIA (343-2542) x 111 fax. (905) 271-1036 1 Port Street East - Second Floor Mississauga, Ontario L5G 4N1 Canada
RE: SMS
FYI here is one view of one of the threads I was recalling: http://www.gossamer-threads.com/lists/nanog/users/104612?search_string=sms;# 104612 Make sure to look at post #5 that summarized a previous thread too. I think the direct connection I was thinking of was the modem to TAP gateway options. -Scott -Original Message- From: wher...@gmail.com [mailto:wher...@gmail.com] On Behalf Of William Herrin Sent: Tuesday, September 22, 2009 12:29 PM To: Scott Berkman Cc: nanog@nanog.org Subject: Re: SMS On Tue, Sep 22, 2009 at 11:59 AM, Scott Berkman sc...@sberkman.net wrote: Some people use a serial interface to a specific model cell phones to directly send the message over the carrier's cellular network. This is good in the event of isolation of a location from any IP connectivity to a carrier gateway. The Multitech Multimodem GPRS model MTCBA-G-EN-F4 has an ethernet port. Add a SIM card from your favorite wireless carrier and you can send and receive SMS messages via AT commands over a TCP socket. Problem is, it seizes up or otherwise founders every few weeks and has to be power cycled. Has anyone heard of other products with a good reliability record? I believe there was another solution that involved direct carrier connections, but these are most likely cost prohibitive in most situations. Any pointers on this would be greatly appreciated. I have a need for geographically redundant access to the same phone numbers in order to send and receive SMS messages. Even if I have to buy a pair of T1s that are 99.9% idle, it'd be worth it. Regards, Bill Herrin -- William D. Herrin her...@dirtside.com b...@herrin.us 3005 Crane Dr. .. Web: http://bill.herrin.us/ Falls Church, VA 22042-3004
RE: CLEC Mailing List
Take a look at http://www.voiceops.org/ -Scott -Original Message- From: Richey [mailto:myli...@battleop.com] Sent: Sunday, September 13, 2009 8:28 PM To: nanog@nanog.org Subject: OT: CLEC Mailing List I am looking for a CLEC related mailing list. I looked through the archives and it looks like ISP-CLEC is dead. Does anyone know of a mailing list that picked up the slack? Richey
RE: MTAs used
If I had to guess.. Postfix Sendmail Exim ComminigatePro Beyond those you'd probably see a lot of the free webmail carriers (Gmail, yahoo, and hotmail/live all use custom MTA's) as well as IPSwitch's iMail and the Windows Server/IIS SMTP service. -Scott -Original Message- From: Deepak Jain [mailto:dee...@ai.net] Sent: Wednesday, August 26, 2009 4:10 PM To: valdis.kletni...@vt.edu; Sharef Mustafa Cc: nanog@nanog.org Subject: RE: MTAs used Now, did you want that in terms of number of copies installed or amount of mail handled? There's probably zillions of little Fedora and Ubuntu boxes running whatever MTA came off the disk that are handling 1 or 2 pieces of mail a day, and then there's whatever backends are used by MSN/Hotmail, Yahoo, AOL, etc. This MTA packed by weight, not by volume. Some settling of contents may have occurred during shipping and spamming. (Seriously - if 95% of the mail out there is spam, then the top 4-5 MTAs are probably the ratware that's sending out the spam. Something to consider...) In keeping with this concept, and turning it around. What MTA is exposed to the most spam? (1-x) That should tell you what MTA handles the most good mail by also being the destination for the most spam (good, live recipients). Or I could be missing something well known about mail flows. Deepak
RE: OT: Voice Operators' Group forming
We're almost there, expect a list posting here in the next couple of days with the details. -Scott -Original Message- From: Carlos Alcantar [mailto:car...@race.com] Sent: Thursday, July 30, 2009 10:57 PM To: nanog@nanog.org Subject: RE: OT: Voice Operators' Group forming How's the startup of the list looking? -Original Message- From: Chris Meidinger [mailto:cmeidin...@sendmail.com] Sent: Wednesday, July 29, 2009 2:42 PM To: Jason LeBlanc Cc: nanog@nanog.org Subject: Re: OT: Voice Operators' Group forming On 29.07.2009, at 22:52, Jason LeBlanc wrote: Brandon Butterworth wrote: NAVOG works for me. I'd prefer Voice Operators' Group Online Network brandon *claps* Imagine the poetry you have to listen to when _those_ guys put you on hold...
RE: Cisco 12000 series routers and IOS XR.
We have 2 12k's on our borders and both are running IOS GS code, but are rock solid. -Scott -Original Message- From: Jim Wininger [mailto:jwinin...@indianafiber.net] Sent: Monday, July 13, 2009 4:20 PM To: nanog@nanog.org Subject: Cisco 12000 series routers and IOS XR. Is anyone on the list running the Cisco 12000 Series routers with XR? We have a couple of these in our network and are having a few issues with them. Specifically the line cards will reboot for some unknown reason (12000-SIP-501). We recently replaced one of the cards and the new hardware (6mo old) is doing the same thing. Anyone have issues with these routers? -- Jim Wininger
RE: Point to Point Ethernet
There are lots of great little cable testers that can loop an Ethernet link or even blink the switchport (this one is copper only): http://www.jdsu.com/products/communications-test-measurement/products/a-z-pr oduct-list/lanscaper.html The remote-triggered is harder, but there are a number of switches I have seen that have some form of line testing built in, so that might be close to a decent solution. One example is the Integrated Cable Test and Optical Transceiver Diagnostics in the Dell PowerConnect switches. -Scott -Original Message- From: David Barak [mailto:thegame...@yahoo.com] Sent: Wednesday, July 08, 2009 9:47 AM To: 'Andre Oppermann'; nanog@nanog.org; Ivan Pepelnjak Subject: RE: Point to Point Ethernet Do you think this is useful? Maybe vendors will hear me/us. -- Andre We also need functional remote loop testing, of the remote hands guy plugs in a loopback plug or I send remote-triggered loop type. David Barak Need Geek Rock? Try The Franchise: http://www.listentothefranchise.com
Ciena Help around Atlanta
All, If there is anyone good with Ciena Online Metro systems that would be willing to do some contract work around Atlanta, please contact me off list. Thanks! -Scott
RE: Traceroute management
Try SmokePing (which includes SmokeTrace now): http://oss.oetiker.ch/smokeping/ You could also just use a cronjob and output the results to a flat file or database if you prefer something home grown. -Scott -Original Message- From: Dylan Ebner [mailto:dylan.eb...@crlmed.com] Sent: Tuesday, June 09, 2009 3:28 PM To: nanog@nanog.org Subject: Traceroute management My company uses it's internet connection primarily for VPN tunneling. I have always wanted a tool that I can enter the peer ip addresses and it will every 8 or 12 hours run a traceroute and log it so I can build historical maps of the path our traffic is taking. Has anyone ever seen any apps like this, preferably something that is free. Thanks
RE: Shaping on a large scale
Check out Packeteer. I used to work somewhere about that size and this was the product we used: http://www.bluecoat.com/products/packetshaper/ Open source you can do a custom setup with IPTables and iproute2, but it will take some work to get the same kind of features and management interface. LARTC is a good reference for this kind of topic: http://lartc.org/. Also I'm not sure if someone has built this into any of the firewall specific linux distros yet, so you may want to explore those a little. Good luck, -Scott -Original Message- From: Bruce Grobler [mailto:br...@yoafrica.com] Sent: Friday, January 30, 2009 12:34 AM To: nanog@nanog.org Subject: Shaping on a large scale Hi, Does anyone know of any Shaping appliances to shape customers based on IP, allow for a quota per IP and qos mechanisms like LLQ?, This is should be something that can sit in between two border router's and support a small ISP (2 customers), also an opensource solution would be great! Regards, Bruce
RE: Which is more efficient?
Packets can have a max size as well based on the path MTU, such as 1500 bytes in an Ethernet (10/100) link. I think there are a lot of other variables here such as are you billed per data unit, bandwidth and control factors on the links, and what type of data is being sent. If your data can always fit in a smaller N-byte cell, that can be quite efficient since you have minimal overhead or wasted space and all the benefits of the fixed length data unit from a processing standpoint. If you are constantly fragmenting and then having to reassemble data due to the small cell size, you would be better off with a variable length packet, especially when bandwidth is less in demand than processing power. -Scott -Original Message- From: Murphy, Jay, DOH [mailto:jay.mur...@state.nm.us] Sent: Wednesday, January 14, 2009 3:56 PM To: nanog@nanog.org Subject: Which is more efficient? All, In your humble opinion, which transmission method is more efficient, packet or cell? Granted a cell is a fixed length packet and an IP packet is variable lengthwould this necessarily only relate to a specific protocol, namely, cell in ATM, and IP in Ethernet or other types of domainsfeedback highly welcomed. Trying to make a decision on the transport mode for cost, delay, jitter, ROI, etcetera. Jay Murphy IP Network Specialist NM Department of Health ITSD - IP Network Operations Santa Fé, New México 87502 Bus. Ph.: 505.827.2851 We move the information that moves your world. Confidentiality Notice: This e-mail, including all attachments is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited unless specifically provided under the New Mexico Inspection of Public Records Act. If you are not the intended recipient, please contact the sender and destroy all copies of this message. -- This email has been scanned by the Sybari - Antigen Email System.
RE:
, drop, and roll? -Original Message- From: Aaron Imbrock [mailto:aimbr...@gmail.com] Sent: Monday, January 12, 2009 1:12 AM To: NANOG@nanog.org Subject: Stop
RE: Net Mgmt Tools and supporting OS
I'd recommend ZenOSS (http://www.zenoss.com) based on your low cost requirement and my own experiences. What Linux distro you use and rather you need to pay for support depends on your level of *nix experience and comfort. Most Linux based software packages like ZenOSS or Groundwork will also tell you what some of their favorite distros are based on how they distribute the software and what guides they have if they don't just come right out and say it. Good Luck, -Scott -Original Message- From: vitto malitani [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 09, 2008 12:18 PM To: nanog@nanog.org Subject: Net Mgmt Tools and supporting OS I am fairly new user of nanog mail list so I am not sure if the question below is appropriate for this list. If not, please excuse it. - I am building a new low-budget customer WAN/LAN network and need some ideas for network management tools. I've seen couple of email threads regarding all sort of net goodies. However, since I haven't used them all, I am not sure which OS would be the most appropriate for these aps? Can anyone share their ideas in regards of apps and supporting platforms? I would be most comfortable with free distribution of linux, but I am not sure which distro supports most of the tools? Is the paid OS required for all these tools, like RedHat Server or SuSe or Windows platforms? Thanks much, Vitto
RE: Sending vs requesting. Was: Re: Sprint / Cogent
I really doubt Sprint's purpose here is to hurt the Internet or to harm Cogent either in terms of costs or reputation. Here are my views on the topic: Every time Cogent gets de-peered (at least 5 times now since 2003), this discussion comes up again and it seems that some people forget (or don't know) how many times it's happened to them before. There must be a reason it keeps happening, right? Are there any other large ISPs that have had this type of problem 5 times? As someone was saying earlier, in the PSTN world carriers generally pay for every call terminated to another carrier's network and pay each other back and forth. In IP peering, these types of costs are eliminated by settlement-free peering relationships where carriers feel there is a benefit to do so. These are relationships or contracts between the two carriers, and most of us have no idea how these are written or what clauses are included about how and when one carrier can end that contract. Regardless of the exact terms, there will certainly be actions or other situations that would be viewed as a breach of contract, resulting in ending or changing the relationship. In the case of Cogent, they seem to want to be a Tier 1 carrier (usually loosely defined as an carrier that does not pay for transit or access from/to any other carrier), but they are not usually considered one by many in the industry. Technically at this point they are not since they are believed to pay Level 3 and Sprint. Now I really can't speak to exactly why each carrier that has de-peered Cogent in the past has done so, but based on conversations I've had with higher-ups at one of these ISPs, their major issue with Cogent was a huge discrepancy in the volume of inbound vs. outbound traffic. To that carrier, based on the traffic patterns, they believed that Cogent should be paying for their connections and was not keeping to the spirit of their relationship or breaking the contract if there was one. They supposedly attempted for some time to resolve the issue amicably, but when that failed they chose to take action as a last chance to resolve the dispute to their liking. Now as to the harmful effect to Cogent's customers, that effect would be easily mitigated if Cogent would choose to buy transit from any other ISP. Instead, they try to avoid that by offering affected customers free circuits for some period of time, which hopefully turn into paying customers at a later date. Also, anyone running any important site or network knows never to be single-homed, and therefore should not be effected in the long run. Anyone single homed accepts the risks associated with that by not having redundant connections, especially if that single home is Cogent based on their history of peering arguments. So based on that the only difference I'd expect this to make is in the relationship between Sprint and Cogent in the future. I doubt this will change Sprint's, Cogent's, or any other ISP's corporate views/policies on peering in the long term. Just my 2 cents, -Scott -Original Message- From: Matthew Moyle-Croft [mailto:[EMAIL PROTECTED] Sent: Saturday, November 01, 2008 10:07 PM To: bas Cc: nanog@nanog.org Subject: Re: Sending vs requesting. Was: Re: Sprint / Cogent bas wrote: Why does everyone keep referring to traffic flows as sendng? In this case it's not as if Cogent just randomly sends data to Sprint. I think it's a really odd reinterpretation of telephony concepts. In telephony interconnects are typically settlement based, sender pays receiver, in the settlement based world it seems to have gotten confused. I'm still trying to come to terms with what Sprint is trying to achieve here. I can only assume it's (and I'm stealing from Vijay here) to raise Cogent's cost of doing business by forcing them to do settlement based or paid peering and thus trying to force the cost of their transit to rise. Maybe it's to damage Cogent's reputation as well? The cost of doing this seems to be high (ie. upsetting high paying (single homed) transit and mobile customers) and getting negative media coverage. Is this really going to make a substantial kind of difference? MMC -- Matthew Moyle-Croft - Internode/Agile - Networks
RE: [Fwd:] Nvidia NICs with duplicate mac addresses
This reminds me of a story I was told a while back that there was a batch of 3com NIC's that all went out with the same MAC from the factory. I never found out if that was a rumor/urban legend or the truth. Anyone know firsthand or have an article about that? -Scott -Original Message- From: Robert E. Seastrom [mailto:[EMAIL PROTECTED] Sent: Friday, September 05, 2008 10:33 AM To: nanog@nanog.org Subject: [Fwd:] Nvidia NICs with duplicate mac addresses Forwarded to NANOG in the interests of wider awareness... having been there and torn out my already scarce hair, duplicate MAC addresses can really mess up your day... --- Just when you thought this couldn't happen any more... Copying from a different email list... mac address 04:4b:80:80:80:03, was showing up in multiple places across the network. I googled the mac address and discovered that other people are having the same issue with this mac address. Below are some links describing the problem: http://forums.nvidia.com/index.php?showtopic=22148 http://www.nvnews.net/vbulletin/archive/index.php/t-73469.html I just wanted everyone to know about this problem in case you run across similar slow connectivity issues. I believe the network card is made by NVIDIA.
RE: Level 3 TPA routing today?
We've also been seeing some weird (hard to track down) issues all day with Level 3 in both Tampa and Atlanta, especially from our NMS systems monitoring systems all over the place. My contact at Level 3 didn't know of anything going on and couldn't really find anything. Anyone else have a Level 3 response? -Scott -Original Message- From: Peter Beckman [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 26, 2008 9:40 PM To: [EMAIL PROTECTED] Subject: Re: Level 3 TPA routing today? On Tue, 26 Aug 2008, david raistrick wrote: On Tue, 26 Aug 2008, David Hubbard wrote: Anyone seeing issues with Level 3 between anywhere and Tampa, particularly Atlanta and Dallas? We've Internap just reported problems with L3 out of Miami: we are seeing latency, minor packet loss and path problems to a number of destinations and other PNAPs via our Level3 (AS3356) upstream connection in the MIA003 PNAP. I've been seeing 30-70% packet loss between Cox Business and Level3 from DC to NY since 8:17pm EDT. Maybe via Internap? Loss% Snt Last Avg Best Wrst StDev 3. mrfddsrj01-ge706.rd.dc.cox.n 0.0% 1002.4 5.1 2.2 51.9 8.3 4. xe-9-2-0.edge1.Washington1.L 67.0% 1002.5 6.8 2.4 41.6 8.6 5. vlan99.csw4.Washington1.Leve 69.0% 1002.7 8.3 2.6 23.7 5.0 6. ae-93-93.ebr3.Washington1.Le 68.0% 1003.0 9.9 2.7 30.9 6.3 7. ae-3.ebr3.NewYork1.Level3.ne 70.0% 100 10.5 15.8 8.1 44.2 8.8 8. ae-83-83.csw3.NewYork1.Level 71.0% 100 18.9 14.2 8.1 42.0 7.1 9. ae-31-89.car1.NewYork1.Level 66.0% 1008.6 25.7 8.5 165.4 41.7 Beckman -- - Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.angryox.com/ -- -
RE: Paul Vixie: Re: [dns-operations] DNS issue accidentally leaked?
Is it just me or is the test page below down now? Or maybe some poisoned the NS record for dns-oarc.net and sent it to nowhere to stop testing! (J/K since I can get to the rest of the page fine). -Scott -Original Message- From: Ken A [mailto:[EMAIL PROTECTED] Sent: Thursday, July 24, 2008 2:40 PM To: Steve Tornio Cc: [EMAIL PROTECTED] Subject: Re: Paul Vixie: Re: [dns-operations] DNS issue accidentally leaked? Steve Tornio wrote: On Jul 24, 2008, at 12:17 PM, Duane Wessels wrote: xpara.com tests to lock up my iPhone, or I would use that checker to verify the iPhone DNS. Anyone have a link to a decent test that I could run on the iPhone? Give this one a try: http://entropy.dns-oarc.net/test/ In this test, my iPhone reports: 209.183.33.23 Source Port Randomness: GREAT 209.183.33.23 Transaction ID Randomness: GREAT I encourage anyone else concerned with their providers to actually test them instead of taking anyone's word for it. Steve on ATT you might want to run it more than once.. Mine shows POOR 1 out of 5 times. :-( Hope they finish patching son! Ken -- Ken Anderson Pacific.Net
Re: [Nanog] VoIP over Asymmetric routing
Having the 2 sessions take different paths is fine as long as they both always work as well as each other. If one has more latency or jitter than the other you are likely to run into noticeable echo or other quality issues. What's more important, however, is that each RTP session traverses only 1 path. If you have different packets (or groups of packets) that are part of one session taking different paths, you will run into issues with out of order packets that basically just get dropped. The other thing to think about it what are you actually gaining here? Not redundancy because 1 direction of a call's media is not an acceptable loss (i.e. in link goes down but out link stays up). Also you aren't gaining much on capacity because modern backhaul links such as 10GE links or OC-X's are symmetrical, so if you only carry traffic in one direction (RTP is UDP so has no ACKs or any reverse direction traffic within the one session) you are actually wasting half of your circuits. -Scott -Original Message- From: endzer [mailto:[EMAIL PROTECTED] Sent: Monday, April 21, 2008 7:55 AM To: 'Kim Onnel'; 'NANOG list' Subject: Re: [Nanog] VoIP over Asymmetric routing Hi, In _Theory_ asymmetric routing _should_ be ok, but that's in theory. I would be concerned as to why they are designing it this way. Have they gave you a good technical reason it has to be this way? I would ask them to justify it. Also, if there are routing problems on one path but not the other, this could cause a scenario where voice is heard but not received, or vice-versa. This situation is much more frustrating to customers as they will try and continue the conversation. Opposed to if it just doesn't work at all because of a routing problem, customer will just use their cell phones. Also, are they implementing any local PSTN access for local calls or failover? That's my experiences. -Original Message- From: Kim Onnel [mailto:[EMAIL PROTECTED] Sent: Monday, April 21, 2008 2:35 AM To: NANOG list Subject: [Nanog] VoIP over Asymmetric routing Hello, We are going to roll out a network to carry VoIP only, between the P routers, there will be 3xOC3 links. Each site has 2xPEs, PE1 is connected to the P router in the local premises with 10GE and PE2 is connected with 2xOC3s to remote P sites for backup incase local P fails. VoIP is going to be generated by Ericsson Media Gateways and the network designers are suggesting to take traffic in the outgoing direction through the PE1 path and come back through the PE2 path (if that makes sense), so traffic will take a different link for outgoing over incoming. From your experiences, I am wondering what are future unforeseen pitfalls we can get into? Regards, KO ___ NANOG mailing list NANOG@nanog.org http://mailman.nanog.org/mailman/listinfo/nanog ___ NANOG mailing list NANOG@nanog.org http://mailman.nanog.org/mailman/listinfo/nanog ___ NANOG mailing list NANOG@nanog.org http://mailman.nanog.org/mailman/listinfo/nanog