Charter DNS servers returning invalid IP addresses

2023-10-25 Thread Sylvain BAYA 

Dear NANOG-er,

Hope this email finds you in good health!

Please see my comments below, inline...

Thanks,


Le 25/10/2023 à 18:50, Jason J. Gullickson via NANOG a écrit :


I've been working for a week or so to solve a problem with DNS 
resolution for Charter customers for our domain bonesinjars.com.  I've 
reached-out to Charter directly but since I'm not a customer I 
couldn't get any help from them.  I was directed by a friend to this 
list in hopes that there may be able to reach a Charter/Spectrum 
engineer who might be able to explain and/or resolve this one.


A dig against Google's DNS servers correctly returns 4 A records:


dig bonesinjars.com 8.8.8.8



...instead of the above, you could try the following command:

`dig bonesinjars.com. @9.9.9.9 +nsid +edns=0 +all +short`

Please, do note the sign `@` and the trailing dot `.`




[...]
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26879
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;8.8.8.8.   IN  A



...this is unexpected! given what you said.



;; Query time: 35 msec
;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP)
;; WHEN: Mon Oct 23 10:26:32 CDT 2023
;; MSG SIZE  rcvd: 36


Verizon, AT, Comcast and all other DNS servers we tested return the 
same 4 A records.  However the same dig against a Charter DNS 
(24.196.64.53) returns only 127.0.0.54:



dig bonesinjars.com 24.196.64.53




`dig cmnog.cm. @24.196.64.53 +nsid +edns=0 +all`

or

dig cmnog.cm. @`dig -x 24.196.64.53 +short` +nsid +edns=0 +all



; <<>> DiG 9.16.1-Ubuntu <<>> bonesinjars.com 24.196.64.53
[...]
;; QUESTION SECTION:
;bonesinjars.com.        IN    A

;; ANSWER SECTION:
bonesinjars.com.    60    IN    A    127.0.0.54

[...]

;; QUESTION SECTION:
;24.196.64.53.            IN    A




...it's not what you wanted to test!
`dig` understood it otherwise.

...associating the @ sign with the above IPv4 address
would have corrected the behavior of `dig`:
*@24.196.64.53*




;; ANSWER SECTION:
24.196.64.53.        86400    IN    A    24.196.64.53

;; Query time: 27 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
[...]


Any help understanding and addressing this is greatly appreciated!





Hi Jason,

Thanks for your email, brother.

...you should note that:

n#1. each of the command you shared above is not
producing the expected behavior. Please replace
it by the one i suggested, and observe the diff.

n#2. the DNS resolver you try to use appears to not
being, actually, available for any request.
Just try: `dig @24.196.64.53 cm.` or even:
`dig @24.196.64.53 ns1.charter.com.`

Maybe you should, first clarify what you needed to
achieve.

That said! maybe it's a simple matter of changing
a DNS resolver? have you ask to someone within
Charter's network to try with quad9, for example?
...or any other public DNS resolver, to be fair.

Hope this helps!

Shalom,
--sb.




Jason



--
Best Regards !

baya.sylvain [AT cmNOG DOT cm]
|cmNOG's Structure |cmNOG's 
Surveys |Subscribe to cmNOG's Mailing List 
|

__
#‎LASAINTEBIBLE‬|‪#‎Romains15‬:33«*Que LE ‪#‎DIEU‬ de ‪#‎Paix‬ soit avec 
vous tous! ‪#‎Amen‬!*» #‎MaPrière‬ est que tu naisses de 
nouveau.#Chrétiennement‬
«*Comme une biche soupire après des courants d’eau, ainsi mon âme 
soupire après TOI, ô DIEU!*» (#Psaumes42:2)


OpenPGP_0x0387408365AC8594.asc
Description: OpenPGP public key


OpenPGP_signature.asc
Description: OpenPGP digital signature

Guest Column: Kentik's Doug Madory, Last Call for Upcoming ISOC Course + More

2023-09-08 Thread Sylvain Baya 
Dear NANOG-ers,
Hope this email finds you in good health!

Le jeudi 7 septembre 2023, Anne Mitchell  a écrit :

>
> > [...]
> >
> > can we please get URLs without all the invasive tracking?
>
> list-manage.com is Mailchimp;


>
>
Hi Anne,
Thanks for your email.

Sure! but the question could be:
Isn't why the mailinglist was chosen? :-/



> not sure it's possible to turn off tracking when using an ESP like that.
> :-(
>
>
It should be simply a matter of sharing an URI with
 a title and small intro...

The content of the email could be collected via a
FLOSS RSS [1] feed agregator and sent to the
mailinglist, in a regular basis.
__
[1]: 

No need to "over" track list-ers.
...that kind of MitM [2] isn't desirable/necessary!
__
[2]: 


Shalom,
--sb.



> Anne
>
> [...]



-- 

Best Regards !
__
baya.sylvain[AT cmNOG DOT cm]|
Subscribe to Mailing List: 
__
#‎LASAINTEBIBLE‬|#‎Romains15‬:33«Que LE ‪#‎DIEU‬ de ‪#‎Paix‬ soit avec vous
tous! ‪#‎Amen‬!»
‪#‎MaPrière‬ est que tu naisses de nouveau. #Chrétiennement‬
«Comme une biche soupire après des courants d’eau, ainsi mon âme soupire
après TOI, ô DIEU!»(#Psaumes42:2)

IP range for lease

2023-07-10 Thread Sylvain Baya 
Dear NANOG-ers,
Hope this email finds you in good health!

Please see my comments below, inline...

Le jeudi 6 juillet 2023, Owen DeLong via NANOG  a écrit :

> 
> 
> 
> 
> Karin,
>
> Opinions regarding leasing vary throughout the industry. In my opinion,
> since the shift to provider assigned addresses during the CIDR efforts in
> the mid 1990s, the majority of addresses have been leased in one form or
> another.
>
>

Hi Owen,
Thanks for your email, brother.
...do you mean that such activity was supported by
 a policy? or it was just a disruption of a principle
which is fundamental; in order to guarantee that
the common INRs (Internet Number Resources)
are fairly distributed and not easily stockpilled?


> The only thing novel here is the leasing of addresses independent of
> connectivity services.
>
>
So! it's a leasing of something not owned? and it
became worse with the idea of Monkey(ing it)-In-
The-middle (MITM)...

What's the difference, please?

Are you trying to change a definition, in order to
convince this community that this sad practice
was started at the very beginning of the INRs  distribution?

What's your understanding of "need-based"?
Why are they stocking INRs without any need to
properly use it?

...imho! the waiting list would be less longer with
those INRs withing the free pools.


>
> However, once the RIRs and their communities normalized the sale of
> addresses through directed transfer policies, I think this was an
>
>
Any RIR's policy you can share, to support your say?



>
> inevitable next step in the devolution of IPv4 into a monetized asset.
>
>
What's the relation between leasing INRs and
transfering it?

Brother, you know that:
* an INR transfer is a one time change in holdership
* where leasing INRs is a proof that there is no
longer any need of the community's resource held.

...imho! the communities chose a good approach
in support to those who maintain Internet services
 and build the Internet infrastructure. It should be
seen as an exceptional rule, not the usual...because
 it's an alternative when need ends.

...the other alternative, consistent with the principle,
 is not the leasing of INRs; but the returning.



>
> It doesn’t help that the earliest and most prolific adopters of this form
> of leasing have been snowshoe spammers.
>
>
It helps to better understand how bad is the thing :'(

...please, do consider the following scenario:

|1. you have a fundamental principle for INRs distribution within the
regional RIR
|2. for each resource holder, the RIR is responsible
to enforce the Policy Manual
|3. a resource holder receives some INRs from a
regional RIR
|4. that resource holder stops to comply to the
principle in "1"
|5. the INRs delegated to that resource holder are
not used according to the community-based Policy
 Manual
|6. in order to justify its use, that resource holder
assign part of the delegated INRs to its clients
|7. the clients are asked to comply the the Policy
Manual; including the fundamental principle in "1"
|8. .

How shall it end?



>
> However, there are leasing agencies that insist on getting proper
> justification from their customers and have strong anti-abuse policies.
>
>
Great! btw! what's their need? who need a MITM
in the process, when it's possible to simply transfer
the resource or simply send it back to the free pool?


>
> I would strongly encourage you to seek out such an organization to partner
> with if you choose to lease your addresses as there are a number of
> pitfalls you can encounter otherwise.
>
>
...risks are either ways! would you recommend
to someone to put its private keys within one
else personal's computer?

Hi Karim,
To summarise, if there is no longer a need, please
do either one of the following three things:

1| send it back to the RIR;
2| change the word *lease* to *transfer* and
announce your willing to transfer the INRs you hold.
3| do not hesitate to discuss your alternatives with
the RIR's Staff. They are paid to support you!

Thanks.

Shalom,
--sb.



>
> Owen
>
>
> On Jul 3, 2023, at 08:25, Noah  wrote:
>
> 
> Hi KARIM,
>
> Considering the fact that IPs are requested on need-basis by resource
> holders to number your own networks/systems and that of your clients?
>
> Any reason why MEKTEL would want to offer IPs for lease?
>
> Cheers,
> *.**/noah*
>
>
>
> On Mon, Jul 3, 2023 at 6:16 PM KARIM MEKKAOUI  wrote:
>
>> [...]
>>
>

-- 

Best Regards !
__
baya.sylvain[AT cmNOG DOT cm]|
Subscribe to Mailing List: 
__
#‎LASAINTEBIBLE‬|#‎Romains15‬:33«Que LE ‪#‎DIEU‬ de ‪#‎Paix‬ soit avec vous
tous! ‪#‎Amen‬!»
‪#‎MaPrière‬ est que tu naisses de nouveau. #Chrétiennement‬
«Comme une biche soupire après des courants d’eau, ainsi mon âme soupire
après TOI, ô DIEU!»(#Psaumes42:2)

ipv4/25s and above

2022-11-19 Thread Sylvain Baya 
Dear NANOG-ers,
Hope this email finds you in good health!
Please see my comments below, inline...
Thanks.

Le samedi 19 novembre 2022, Owen DeLong via NANOG  a
écrit :

> >
> >> Either you have lots of fallow ground or very few customers.
> >
> > A bit of both.
>
> Regarding the former, perhaps you should return some of that to AFRINIC as
> required in your RSA before throwing stones at other providers in the
> region.


>
Hi Owen,
Thanks for your email, brother!

Please, could you elaborate on the above?
Remark! you may need to start a separate thread :-/
...yes! i have already read your next email.

Shalom,
--sb.



> Owen
>
>

-- 

Best Regards !
__
baya.sylvain[AT cmNOG DOT cm]|
Subscribe to Mailing List: 
__
#‎LASAINTEBIBLE‬|#‎Romains15‬:33«Que LE ‪#‎DIEU‬ de ‪#‎Paix‬ soit avec vous
tous! ‪#‎Amen‬!»
‪#‎MaPrière‬ est que tu naisses de nouveau. #Chrétiennement‬
«Comme une biche soupire après des courants d’eau, ainsi mon âme soupire
après TOI, ô DIEU!»(#Psaumes42:2)

ICANN

2022-07-08 Thread Sylvain Baya 
Dear NANOG-ers,

Hopefully, this email finds you in good health!

Please see my comments below, inline...

Le vendredi 8 juillet 2022, Rubens Kuhl  a écrit :

> If you believe in everything an email says, I have an island to sell
> that you might be interested in.
>
> That said, ICANN has a compliance department:
> https://www.icann.org/compliance/complaint
>
>
>
Hi Rubens,
Thanks for your email, brother.

...maybe he should start by the Ombudsman [1]?
__
[1]: Ombudsman - ICANN


Shalom,
--sb.



> Rubens
>
> On Fri, Jul 8, 2022 at 12:22 PM Keith Medcalf  wrote:
> >
> >
> > [...]
> >
>


-- 

Best Regards !
__
baya.sylvain[AT cmNOG DOT cm]|
Subscribe to Mailing List: 
__
#‎LASAINTEBIBLE‬|#‎Romains15‬:33«Que LE ‪#‎DIEU‬ de ‪#‎Paix‬ soit avec vous
tous! ‪#‎Amen‬!»
‪#‎MaPrière‬ est que tu naisses de nouveau. #Chrétiennement‬
«Comme une biche soupire après des courants d’eau, ainsi mon âme soupire
après TOI, ô DIEU!»(#Psaumes42:2)

Not Making Use of 240/4 NetBlock

2022-03-15 Thread Sylvain Baya 
Dear NANOG-ers,
Hope this email finds you in good health!
Please see my comments below, inline...

Le mardi 15 mars 2022,  a écrit :

>
>
Hi Barry,
Thanks for your email, brother!



> But the RIRs are the ones fielding requests for IPv4 space, and have
> some notion of how policy implementation might work in practice, so
> should have a lot of useful input.
>
>
...of course, it appears that RIRs have the opportunity
 to add their useful inputs, as Impact Analysis Report
 (IAR); during the Policy Development Process (PDP)
 initiated by the *appropriate* [1] Internet community.
They explain it themselves here [2].
__
[1]: 
[2]: 

Shalom,
--sb.



> On March 14, 2022 at 00:45 niels=na...@bakker.net (Niels Bakker) wrote:
>  > * b...@theworld.com (b...@theworld.com) [Mon 14 Mar 2022, 00:31 CET]:
>  > >Personally I'd rather hear from the RIRs regarding the value or not
>  > >of making more IPv4 space such as 240/4 available. They're on the
>  > >front lines of this.
>  >
>  > You've got your policy development process diagram upside down. The
>  > community decides what the RIRs implement. They're not in touch with
>  > merchant silicon manufacturers.
>  >
>  >
>  >  -- Niels.
>
> --
> -Barry Shein
>
> Software Tool & Die| b...@theworld.com |
> http://www.TheWorld.com
> Purveyors to the Trade | Voice: +1 617-STD-WRLD   | 800-THE-WRLD
> The World: Since 1989  | A Public Information Utility | *oo*
>


-- 

Best Regards !
__
baya.sylvain[AT cmNOG DOT cm]|
Subscribe to Mailing List: 
__
#‎LASAINTEBIBLE‬|#‎Romains15‬:33«Que LE ‪#‎DIEU‬ de ‪#‎Paix‬ soit avec vous
tous! ‪#‎Amen‬!»
‪#‎MaPrière‬ est que tu naisses de nouveau. #Chrétiennement‬
«Comme une biche soupire après des courants d’eau, ainsi mon âme soupire
après TOI, ô DIEU!»(#Psaumes42:2)

The role of Internet governance in sanctions

2022-03-11 Thread Sylvain Baya 
Dear NANOG-ers,
Hope this email finds you in good health!

Please see my comments below, inline...

Le vendredi 11 mars 2022, Brandon Price  a
écrit :

>
>
> -Original Message-
> From: NANOG  On Behalf
> Of Bill Woodcock
> Sent: Thursday, March 10, 2022 11:37 AM
> To: nanog@nanog.org
> Subject: Re: The role of Internet governance in sanctions
>
>
>
>
> >Perhaps not.  My goal is to minimize Internet disconnection.  Maybe
> that’s not your goal.  I was trying to give what you wrote the most
> generous possible interpretation.
>
> There is no realistic way for these disconnects to happen now, as
> acknowledged by the fifth principal in the draft. How does creating a
> framework to accomplish this do anything other than increase the
> disconnects?
>
>
Hi Brandon,

Thanks for your email, brother!

You put forward a good objection for this proposal.

...i think the proposal is a wise idea, but imho it can
 not touch the root-causes of the problem at hand.

It seems to be the same approach as the anti-shutdown
 DPP (Draft Policy Proposal) [1].
__
[1]: 

Applying sanctions to a country has side effects... :'-(

To figure it out, one should look at the below scenario:

~°~
1] This draft proposal reaches a rough consensus
2] A selection is done to build the Operational Team (OT)
3] The OT agrees on a rough consensus on the
decision to apply specific sanctions on a given
country government's Internet infrastructure used
to spread their "propaganda" globaly...
4] The OT implements the consensual decision
5] The Internet's infrastructure of that ccGov is
shutdown. No more trafic from it to the Internet!
6] That ccGov decides to cut the rest of the
Internet's interconnexions of their country to the
Internet...
7] The whole country is unreacheable from the Internet
8] That ccGov is the only source of "information"
 within their country boundaries
9] ...
~°~

As the draft proposal seems to target cc Governments,
 practically speaking, then what if the policy-decision
 to be implemented concerns the usGov?

Thanks.

Shalom,
--sb.



>
> Brandon
>


-- 

Best Regards !
__
baya.sylvain[AT cmNOG DOT cm]|
Subscribe to Mailing List: 
__
#‎LASAINTEBIBLE‬|#‎Romains15‬:33«Que LE ‪#‎DIEU‬ de ‪#‎Paix‬ soit avec vous
tous! ‪#‎Amen‬!»
‪#‎MaPrière‬ est que tu naisses de nouveau. #Chrétiennement‬
«Comme une biche soupire après des courants d’eau, ainsi mon âme soupire
après TOI, ô DIEU!»(#Psaumes42:2)

.bv ccTLD

2021-12-06 Thread Sylvain Baya 
Dear NANOGers,
Hope this email finds you in good health.
Please find my comment below, inline...

Le samedi 4 décembre 2021, Jaap Akkerhuis  a écrit :

>
>  > > [...]
>  >
>  > Quite a while ago I met a guy at an ICANN meeting who'd made a deal with
>  > American Samoa to sell .AS domains since AS is the corporate
> abbreviation in
>  > several European countries.  It went nowhere, the Samoans took it back.
>
> Similar ideas where held for MD and TM but didn'y seem to work
> out. Furthermore, an indepent Bougainville mighs change the name
> to something else (as Zimbabwe did).
>


Hi Jaap,
Thanks for your email, brother.
It's, imho, exactly the right compromise to do.

...still available ISO 3166-1 Alpha-2 codes: bc, bk, bp
and: vb

All those names are not yet delegated zones within
the DNS; therefore they are all available to be used
as ccTLD: .bc ? .bk ? .bp ? .vb ?
...bougainvilleans [1] should just pick one to start
the processes of securing both Alpha-2 & ccTLD.
__
[1]: 

Shalom,
--sb.



> jaap
>


-- 

Best Regards !
__
baya.sylvain[AT cmNOG DOT cm]|
Subscribe to Mailing List: 
__
#‎LASAINTEBIBLE‬|#‎Romains15‬:33«Que LE ‪#‎DIEU‬ de ‪#‎Paix‬ soit avec vous
tous! ‪#‎Amen‬!»
‪#‎MaPrière‬ est que tu naisses de nouveau. #Chrétiennement‬
«Comme une biche soupire après des courants d’eau, ainsi mon âme soupire
après TOI, ô DIEU!»(#Psaumes42:2)

Any info on devices that are running eBGP on the Internet?

2019-11-11 Thread Sylvain Baya 
Hi all,

Le mercredi 6 novembre 2019, Compton, Rich A  a
écrit :

> Hi, I am working with MANRS (https://www.manrs.org) on a tool for
> checking router configs for BGP security / spoofing prevention (e.g. uRPF)
> https://github.com/manrs-tools/MANRS-validator
>
> We are wondering if there is any research on the percentages of different
> types of devices running BGP on the Internet.
>

...why not launch a survey ? in collaboration with all the IXPs and the
MANRS's actors
(who have already signed the MANRS Routing Manifesto) ; asking them to
provide only three
informations :

•—
• Name (or Real OUI) of the device they are running BGP on ;
• IXP where the device is located ;
• Org's name (optional)
•—

Shalom,
--sb.

Something like:
>
> Cisco IOS 30%
>
> Junos 30%
>
> Mikrotik 20%
>
> etc…
>
> We are looking to focus our tool on the most prevalent types of devices
> doing BGP (and the most prevalent with BGP security/spoofing issues) so
> that we can have the greatest impact.  Does anyone have any information on
> this or know where I can obtain this information?  Thanks in advance!
>
>  -Rich
> [..,]
>


-- 

--
Best Regards !
baya.sylvain [AT cmNOG DOT cm] |  | <
https://survey.cmnog.cm>
Subscribe to Mailing List : 
__
#‎LASAINTEBIBLE‬|‪#‎Romains15‬:33«*Que LE ‪#‎DIEU‬ de ‪#‎Paix‬ soit avec
vous tous! ‪#‎Amen‬!*»
‪#‎MaPrière‬ est que tu naisses de nouveau. #Chrétiennement‬
«*Comme une biche soupire après des courants d’eau, ainsi mon âme soupire
après TOI, ô DIEU!*» (#Psaumes42:2)