Re: Need (to acquire or sell) IPv4? Come to SpaceMarket.

2012-05-31 Thread Ted Fischer 


I could probably gin up some cheap black market Class F's ... I'll 
match and beat any advertised or unadvertised route.


http://www.rfc-editor.org/rfc/rfc1365.txt

Ted



On 05/31/12 01:52, Robert Bonomi wrote:

I considered offering 172.24.0.0/14, in an attempt at in-CIDR humor.


Can we be arrested for in-CIDR trading?

--
Mr. Flibble
King of the Potato People

Re: Whois 172/12

2012-01-15 Thread Ted Fischer 
Thanks for the replies so far, but not what I was looking for.

I should have specified that I've done several ns & dig lookups just to
make sure.

We were supposed to have lit up the last of IPv4 last year.  I would have
presumed that meant that there was nothing left.  Since I can't find a
reference to 172/12 anywhere, one might be led to presume that it was
allocated somehow, to someone (perhaps inadvertently not recorded) since
there are - supposedly - no fresh IPv4 addresses left to allocate, and the
only reference to this block is that 172/8 is allocated to ARIN.  It
doesn't even appear in RFC 5735.

We all know about 172.16/12 - nothing left of that horse but glue.

My question is about 172/12.  Where is it, what is it's supposed purpose. 
I'm almost sure it's an internal box.  I just find it better to give a
professional answer to "why can't I use this" than just "you can't use
this and why is this address scanning you for udp/137 anyway".

If someone can point out to me what was done with 172/12 I'd appreciate it.


Patrick opined:
> Read RFC1918.

  I didn't remember seeing anything about 172/12 in RFC1918.  Looked at it
again.  Is there something about 172/12 I missed?  Thanks.

> Likely a machine on his local network (i.e. behind the same NAT box) is
> hitting him.
>
> But that is not guaranteed.  A packet with a source address of 172.0.x.x
> could be hitting his machine.  Depends on how well you filter.  Many
> networks only look at destination IP address, source can be anything -
> spoofed, un-NAT'ed, etc.  He just wouldn't be able to send anything back
> to it (unless it was on the local LAN, as I mention above).
>
> --
> TTFN,
> patrick
>
>
> On Jan 15, 2012, at 2:53 AM, Alex Ryu wrote:
>
>> As far as I know, 172.0.1.216 is not assigned, yet.
>>
>> whois -h whois.arin.net 172.0.1.216
>> [whois.arin.net]
>> #
>> # Query terms are ambiguous.  The query is assumed to be:
>> # "n 172.0.1.216"
>> #
>> # Use "?" to get help.
>> #
>>
>> No match found for 172.0.1.216.
>>
>>
>>
>> #
>> # ARIN WHOIS data and services are subject to the Terms of Use
>> # available at: https://www.arin.net/whois_tou.html
>> #
>>
>> Also, when you check BGP routing table, it is not routed at all.
>>
>> route-server.as3257.net>sh ip bgp 172.0.1.216
>> % Network not in table
>> route-server.as3257.net>
>>
>> So it seems like forged IP address.
>>
>> Alex
>>
>>
>> On Sun, Jan 15, 2012 at 1:37 AM, Ted Fischer  wrote:
>>> Hi all,
>>>
>>>   Tearing what's left of my hair out.
>>>
>>>   A customer is getting scanned by a host claiming to be "172.0.1.216".
>>>
>>>   I know this is bogus, but I want to go back to the customer with as
>>> much authoritative umph as I can (heaven forbid they just take my
>>> word).
>>>
>>>   I'm pretty sure I read somewhere once that 172/12 was "reserved" or
>>> something like that.  All I can find now is that 172/8 is "administered
>>> by
>>> ARIN".  Lots of information on 172.16/12, but not a peep about
>>> 172/12.
>>>
>>>   If anybody could provide some insight as to the
>>> allocation/non-allocation of this block, it would be much appreciated.
>>>
>>>   Thanks.
>>>
>>> Ted Fischer
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>
>
>
>

Whois 172/12

2012-01-14 Thread Ted Fischer 
Hi all,

   Tearing what's left of my hair out.

   A customer is getting scanned by a host claiming to be "172.0.1.216".

   I know this is bogus, but I want to go back to the customer with as
much authoritative umph as I can (heaven forbid they just take my
word).

   I'm pretty sure I read somewhere once that 172/12 was "reserved" or
something like that.  All I can find now is that 172/8 is "administered by
ARIN".  Lots of information on 172.16/12, but not a peep about
172/12.

   If anybody could provide some insight as to the
allocation/non-allocation of this block, it would be much appreciated.

   Thanks.

Ted Fischer

Re: IPv6 - real vs theoretical problems

2011-01-12 Thread Ted Fischer 

At 11:59 AM 1/12/2011, Jim postulated wrote:


On 01/11/2011 01:31 PM, Owen DeLong wrote:
> It's not about the number of devices. That's IPv4-think. It's 
about the number

> of segments. I see a world where each home-entertainment cluster would
> be a separate segment (today, few things use IP, but, future HE solutions
> will include Monitors, Amps, Blu-Ray players, and other Media gateways
> that ALL have ethernet ports for control and software update).

 Your future is now, Owen.  I have four network devices at my primary
television -- the TV itself, TiVo, PS3, and Wii (using the wired
adapter).  All told, I have seven networked home entertainment devices
in my house, with another (Blu-Ray player) likely coming soon.  I feel
confident in saying that my use case isn't unusual these days.

 While a lot of the scalability concerns are blown off as "not applying
to typical consumers," we're quickly getting to the point where your
average joe IS somewhat likely to have different classes of devices that
might benefit from being on separate subnets.

 Jima


I helped a friend setup his "home network" recently.  He is using an 
old Linksys Router with no v6 support.  I like to be conservative and 
only allocate what might be needed ... part of my "Defense in Depth" 
strategy to provide some layer of "security" with NAT (yes, I know - 
my security by obscurity is to use something from 172.16) and a 
limited amount of addresses to allocate (not to mention WPA2 - he had 
default no security when I first got there).  Used to be a /29 would 
be sufficient for any home.  But, before I knew it, he had a wireless 
printer, laptop, and 4 iPhones all needing the new wireless 
passphrase to connect, plus he was anticipating 2 more laptops (one 
each for his children - to whom 2 of the iPhones belonged), and 
addresses set aside for guests and the occasional business visitor 
(he works from home).  I left him configured with a /28, and told him 
to call me if he anticipated more.


As a side security note - we lost the laptop on the "new" secured 
network before I tracked down that it had automatically logged in to 
his neighbor's (also unprotected) network on reboot.


Ted

RE: thoughts?

2010-05-27 Thread Ted Fischer 


pssst ...

Anybody wanna buy a block of 240 ... I got /8s, /16s, /24s, even a 
/32 if you want just one to "frame" ... or you can have the whole 
240/4 for such a deal
No guarantees they will work, but they are one of those {soon to be 
rare} unassigned IPv4 addresses you've heard so much about



At 12:41 PM 5/27/2010, you wrote:



> -Original Message-
> From: Roy
> Sent: Thursday, May 27, 2010 8:59 AM
> To: nanog@nanog.org
> Subject: Re: thoughts?
>
> On 5/27/2010 8:46 AM, George Bonser wrote:
> >> -Original Message-
> >> From: Dorn Hetzel
> >> Sent: Thursday, May 27, 2010 4:11 AM
> >> To: nanog@nanog.org
> >> Subject: thoughts?
>
> Don't worry.  Obama will appoint a bipartisan committee to investigate
> which will report back in two years.  Congress will hold hearings.  A
> bill will be proposed to tax IP addresses.
>

And ensure access to IP addresses by the homeless.  The are also
rumblings about taking portions of 10/8 and making a national IP address
preserve where the addresses must remain unused and in their natural
state while a monument to 196.168/16 is planned for the lobby of UN
Headquarters in New York.  It is hoped that the 10/8 IPs in reserve will
return to their original state despite the hard use they have
experienced over recent decades.  But beware, North Korea has been
issuing counterfeit ARIN IP addresses and some third world countries
have been found to be trafficking in 0/8 which is extremely dangerous.
Addresses recently imported by ARIN from APNIC have been found to
actually be 127/8 IPs that have simply had the original numbers scraped
off and new numbers so skillfully applied that it is difficult to tell
them from the original. Be careful out there.

Where does one get an IP address degree?

Re: FCCs RFC for the Definition of Broadband

2009-08-26 Thread Ted Fischer 



Paul Timmins wrote:

Fred Baker wrote:


On Aug 24, 2009, at 9:17 AM, Luke Marrott wrote:

What are your thoughts on what the definition of Broadband should be 
going
forward? I would assume this will be the standard definition for a 
number of

years to come.



Historically, narrowband was circuit switched (ISDN etc) and broadband 
was packet switched. Narrowband was therefore tied to the digital 
signaling hierarchy and was in some way a multiple of 64 KBPS. As the 
term was used then, broadband delivery options of course included 
virtual circuits bearing packets, like Frame Relay and ATM.
of or relating to or being a communications network in which the 
bandwidth can be divided and shared by multiple simultaneous signals (as 
for voice or data or video)


That's my humble opinion. Let them use a new term, like "High Speed 
Internet".




Seconded

Re: [Nanog] ATT VP: Internet to hit capacity by 2010

2008-04-20 Thread Ted Fischer 
All,

Interesting AT&T project ... the IP (and voice) world according 
to AT&T, from a New York State of Mind:

http://senseable.mit.edu/nyte/index.html

Ted


At 03:16 PM 4/19/2008, Sean wrote:
>On Fri, 18 Apr 2008, Scott Weeks wrote:
> > Does anybody know what the basis for Mr. Cicconi's claims were (if
> > they even had a basis at all)?
>
>Have there been an second reporting sources, or does anyone have a Youtube
>link of Mr. Cicconi's actual statement in context?  So far there seems to
>only be a single reporter's account, echoed in the bloggerdome.
>
>
>___
>NANOG mailing list
>NANOG@nanog.org
>http://mailman.nanog.org/mailman/listinfo/nanog

___
NANOG mailing list
NANOG@nanog.org
http://mailman.nanog.org/mailman/listinfo/nanog

Re: Comcast problems?

2008-04-05 Thread Ted Fischer 


I didn't save any of my Wireshark traces, but this is what I observed 
(I'm behind Charter at home but visiting my brother in NJ - Comcast territory).


All attempts to check my e-mail (neither Charter nor Comcast) showed 
the syns going out but no syn acks coming back.  Then, after a few 
minutes (pop server time outs I guess) I started seeing fins coming 
back from the pop server that matched my connection requests.  Saw 
that occur with various http connection attempts as well.


Of course, the only reason I can send this reply out is that they 
appear to be back up.  Any chance of getting a non-nonsensical RFO 
from someone?


Ted

At 02:16 PM 4/5/2008, you wrote:

On Sat, Apr 5, 2008 at 1:44 PM, Steven M. Bellovin 
<[EMAIL PROTECTED]> wrote:


>  The fact that I get different behavior for different protocols makes me
>  suspect they're having trouble with equipment designed to control p2p
>  traffic.  Their help phone line simply speaks of an outage.  Service
>  has come back occasionally, but not for long.  The problem has been
>  going on since about 6am.
>
>  Does anyone have any data?

wasn't it sandvine last time? did you try calling them as well? All
joking aside, one hopes that these sorts of things show that the 'p2p
control' soutions are far from perfect and far from 'well baked' and
likely still very ill-advised.

-Chris