Re: charging for config changess

[heasley]

Sun, Jun 30, 2024 at 02:17:12PM -0700, Randy Bush:
> has charging for config changes a la
> https://www.arelion.com/customer-excellence/customer-support/online-technical-change-pricing
> become common while i was not looking?  admittedly, i have not looked
> for a long time.

Many of those things could be automated via a customer portal.

Re: Should FCC look at SS7 vulnerabilities or BGP vulnerabilities

[heasley]

Fri, May 17, 2024 at 12:01:14PM -0400, Sean Donelan:
> 
> The FCC's job isn't to solve technical problems.
> 
> Instead it is attempting to get CEOs, business managers and venture capital
> firms to include these public policy requirements as part of their business
> decision making.  Impact business budgets and decision making to fix public
> problems.
> 
> FCC is setting goals (and punishments).  It is up to industry how it wants
> to solve the technical problems to achieve the FCC's business requirements.

Because the FCC has done such a fantastic job regulating TV and radio or
managing their infrastructure investment tax dollars?  Perhaps they should
stick to comically-sized coffee cups.

FCC needs an overhaul, just to advance to the current century for the things
they already regulate.  For example; besides the power button, TVs now have
a channel selector that allows the viewer to choose what they want to watch,
so programming does not need to be regulated.  Let us stop them from
"helping" with the Internet.

Re: Small Internet border router options?

[Heasley]

>>> Best regards,
 On Mon, May 13, 2024 at 3:54 PM Tom Samplonius >>> > wrote:
>>>  What are using for small campus border routers?  So four to eight
>>>   10G ports with a FIB for full scale L3?
>>>   

vMX, XRv, vEOS, …. There are several virtual routers that might meet your 
requirements, since you did not specify traffic requirements, and you wouldnt 
have to deal with crap s/w. 

Probably cheaper than an 8xg too. 

Re: Whitebox Routers Beyond the Datasheet

[heasley]

Fri, Apr 12, 2024 at 08:03:49AM -0500, Mike Hammett:
> I'm looking at the suitability of whitebox routers for high through, low port 
> count, fast BGP performance applications. Power efficiency is important as 
> well. 
> 
> 
> What I've kind of come down to (based on little more than spec sheets) are 
> the EdgeCore AGR400 and the UfiSpace S9600-30DX. They can both accommodate at 
> least three directions of 400G for linking to other parts of my network and 
> then have enough 100G or slower ports to connect to transit, peers, and 
> customers as appropriate. Any other suggestions for platforms similar to 
> those would be appreciated. 

Most of the white boxes are same, in mpov, with small variations.  And
that is the whole idea.

I would choose the NOS you want first.  There are several, but few I would
want in production.  If it is a PoS or unmanageable, it does not matter
what the h/w capabilities are.  Was it created by seasoned engineers in
Internet-scale routing?  And, because each box will require some software
specific to it, though limited in scope, the NOS will dictate which boxes
are available to choose among.

Beyond the hardware capabilities, also consider with whom your NOS mfg
has the best working relationship.  That will dictate their ability to
quickly resolve h/w-specific issues in their s/w or even answer
h/w-specific questions for you.

Also consider what the h/w maintenance program is globally.  Is it
important for you to have 4hr replacements in Hong Kong?  That will
affect your decision greatly.

~1.5yr ago, it seemed like everyone was moving toward UfiSpace h/w,
away from EdgeCore.

Ask others about the reliability of the specific h/w you are considering.

Re: remembering abha

[Heasley]

How i (choose to) remember Abha. https:/shrubbery.net/~heas/colleagues/abha.jpghttps:/shrubbery.net/~heas/colleagues/abha2.jpg

Re: Internet Exchange Visualization

[heasley]

Mon, Aug 21, 2023 at 08:06:11AM +0200, Thomas Beer:
> Hi Matt,
> 
> 
> > You might mean "exchange inter-connections" as "how are the different
> > internet exchanges connected to each other?"
> > in which case the answer is generally "through the Internet".  ^_^;
> >
> 
> I meant ix internet exchange path visualization and an online tool to take
> a look at it in (near) real time!

ISTR caida has some IX visualisation tools?

https://catalog.caida.org/search?query=t%20links%3Dtag%3Acaida%20internet%20exchange

Re: Reverse DNS for eyeballs?

[heasley]

Fri, Apr 21, 2023 at 07:37:49AM -0500, Chris Adams:
> Once upon a time, Forrest Christian (List Account)  
> said:
> > I have a feeling that I might be stepping into a can of worms by asking
> > this,  but..
> > 
> > What's the current thinking around reverse DNS on IPs used by typical
> > residential/ small business customers.
> 
> I don't see any benefit to programmatically-generated reverse DNS.  I
> stopped setting it up a long time ago now.  Really, reverse DNS these
> days is mostly only useful for:
> 
> - mail servers (where it shows a modicum of control and clue)
> - infrastructure/router IPs (so mtr/traceroute can show useful info)

I view complete DNS coverage to be a basic function.  All used addresses
should have forward and matching reverse records.  This is not difficult
stuff.  Bonus points for including a clli code or similar indicating the
general location of use for uses like network device interfaces, commodity
end-users, etc; also not difficult stuff.

You are tracking your allocations, right?  Programmatically generating
your device configurations?  So, generate DNS from that same database(s).

Re: Can rr.ntt.net have a AAAA record please?

[heasley]

Mon, Feb 06, 2023 at 04:45:29PM +0100, Massimo Candela:
> Hi Willy,
> 
> On 05/02/2023 19:36, Willy Manga wrote:
> > Dear admin of rr.ntt.net ,
> > 
> > I'm not one of your customers, but can you please enable IPv6 on your 
> > routing registry?
> 
> This is fixed. Thanks for reporting it.

perhaps report issues directly next time?

https://lmgtfy.app/?q=internet+routing+registry+administrator

Re: Large prefix lists/sets on IOS-XR

[heasley]

Fri, Dec 09, 2022 at 05:33:09PM +0200, Saku Ytti:
> If you read carefully, that is what Steffann is doing. He is doing
> 'load location:file' + 'commit'. He is not punching anything by hand.
> 
> So the answer we are looking for is how to make that go faster.
> 
> In Junos answer would be 'ephemeral config', but in IOS-XR as far as I
> know, the only thing you can do is improve the 'load' part by moving
> the server closer, other than that, you get what you get.

set the tcp default mss higher
use rcpd
remove unnecessary whitespace; ios parser is slow as are the bits behind it
remove comments

Re: AS3356 Announcing 2000::/12

[Heasley]

Am 12/7/22 um 22:25 schrieb Don Beal :How can RPKI / OV prevent such a leak when there is no ROA for 2000::/12,If all ASes participated, no „unknowns“, unknowns could be dropped, …. what would 6762|2914|174|* invalidate against? Until a future where everything is 'valid', RPKI is unable to pare out less-specific conflicts.It does look like 3356 pulled the announcement, which is good.On Thu, Dec 8, 2022 at 4:48 AM Christopher Morrow  wrote:On Wed, Dec 7, 2022 at 11:25 PM Ryan Hamel  wrote:
>
> AS3356 has been announcing 2000::/12 for about 3 hours now, an aggregate covering over 23K prefixes (just over 25%) of the IPv6 DFZ.
>
>

interesting that this is leaking outside supposed RPKI OV boundaries as well.
For example:
  6762 3356
  2914 3356
  174 3356 (apologies to 174, I forget if they signed up to the 'doin
ov now' plan)

Re: Understanding impact of RPKI and ROA on existing advertisements

[heasley]

Tue, Nov 01, 2022 at 06:24:50PM -0700, Owen DeLong via NANOG:
> RPKI/ROA is a way to cryptographically prove what someone needs to prepend if 
> they want to hijack your addresses.

Operators should not be deterred by that comment.  Owen seems to be ignoring
what it does achieve and that this is part of a larger system that is still
emerging.  See IETF sidrops wg.  In the interim, do your part to improve
DFZ hygiene.

> Owen
> 
> 
> > On Oct 28, 2022, at 08:00, Samuel Jackson  wrote:
> > 
> > Hello,
> > I am new to RPKI/ROA and still learning about RPKI. From all my reading on 
> > ARIN's documents I am not able to answer some of my questions.
> > We have a public ARIN block and advertise smaller subnets from that to our 
> > ISP's. We do not have any RPKI configs. 
> > We need to setup ROA's to take another subnet from the ARIN block to AWS. 
> > Reading ARIN's docs, it seems I need to get setup on their Hosted RPKI 
> > service after which I can configure ROA's for the networks I am taking to 
> > AWS.
> > 
> > My question is, will this impact my existing advertisements to my ISP's. 
> > The current advertisements do not have ROA's.
> > Will having RPKI for my ARIN network, without ROA's for the existing 
> > advertisements impact me?
> > 
> > Thanks for your help.
> > 
> > Ref:
> > https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html 
> > https://www.arin.net/resources/manage/rpki/roa_request/ 
> > https://www.arin.net/resources/manage/rpki/hosted/
> 

Re: Understanding impact of RPKI and ROA on existing advertisements

[heasley]

Tue, Nov 01, 2022 at 12:01:46PM -0400, Jon Lewis:
> One danger with RPKI, is shooting yourself (or customers) in the foot by 
> creating too general a ROA.  i.e. Suppose you have an ARIN /20.  You have 
> a multihomed customer to whom you've assigned a /24 from your /20.  You 
> create a ROA for the /20 saying your ASN is authorized to originate your 
> /20.  Now that customer /24 has become an RPKI-invalid, and the customer 
> may find that their other provider is filtering their /24 advertisement.

ie: you must also create roa(s) for your bgp customer's more specific(s) of
your aggregate.

Re: Router ID on IPv6-Only

[heasley]

Thu, Sep 08, 2022 at 10:18:13AM -0700, Randy Bush:
> > A question Dorian and I discussed but never answered is, how are open
> > collisions handled if two speakers, presumably an external AS, happen
> > to have the RID?
> 
> the uniqueness is supposed to be on the tuple {AS,RID}

I thought that was only for AGGREGATOR?

> so an RID 'collision' with a foreign AS should not be possible
> 
> randy

Re: Router ID on IPv6-Only

[heasley]

Thu, Sep 08, 2022 at 08:13:33AM -0700, Randy Bush:
> > During some IPv6 numbering discussions at work today, someone had a
> > question that I hadn't really considered before. How to choose 32-bit
> > router IDs for IPv6-only routers.
> 
> arbitrary 32 bit number unique in the autonomous system.  even in an
> ipv4 world it does not need to match any configured interface address.

A question Dorian and I discussed but never answered is, how are open
collisions handled if two speakers, presumably an external AS, happen
to have the RID?  Which would be possible if an AS chose their RIDs
randomly or intentionally used low numbers (eg: 0/24) to attract traffic
as a result of the BGP path selection process.

4172:
Based on the value of the BGP Identifier, a convention is established
for detecting which BGP connection is to be preserved when a
collision occurs.  The convention is to compare the BGP Identifiers
of the peers involved in the collision and to retain only the
connection initiated by the BGP speaker with the higher-valued BGP
Identifier.

Easily answered by testing, and could yield fun results (bugs).  I
presume both would (should) close and reconnect later, possibly repeatedly
before success, thereby delaying session establishment.

Re: HE.net and BGP Communities

[Heasley]

> Am 7/25/22 um 12:45 schrieb Forrest Christian (List Account) 
> :
> 
> 
> I wish they'd add one more that turns off their "prefer routes learned from a 
> customer" rule.   I'm having to split my blocks in half and announce them 
> that way to get them to send my traffic directly to me through our IX peering 
> session as opposed to one of my transit providers.

When you buy from the lowest bidder, this what you receive. You know how to fix 
it. 

> 
> I'd rather they just let shortest path selection work. 
> 
>> On Sun, Jul 24, 2022, 1:43 PM Siyuan Miao  wrote:
>> They do have BGP communities ... but for black-hole only :-(
>> 
>>> On Sun, Jul 24, 2022 at 9:39 PM Ryan Hamel  
>>> wrote:
>>> Yes.
>>> 
>>> Ryan
>>> 
>>> -Original Message-
>>> From: NANOG  On Behalf Of Rubens 
>>> Kuhl
>>> Sent: Sunday, July 24, 2022 12:36 PM
>>> To: Nanog 
>>> Subject: HE.net and BGP Communities
>>> 
>>> The last mention I found on NANOG about HE.net and BGP communities for 
>>> traffic engineering is from April 2021 and said they provided none.
>>> 
>>> Is that still the case a year later ?
>>> 
>>> 
>>> Rubens
>>> 

Re: Mystery MAC address

[heasley]

Fri, Jul 08, 2022 at 12:43:49PM -0400, Christopher Morrow:
> mac addresses can be lies... and they can repeat... joy!
> 

eg; 
https://www.extremenetworks.com/extreme-networks-blog/wi-fi-mac-randomization-privacy-and-collateral-damage/

> On Fri, Jul 8, 2022 at 12:22 PM JoeSox  wrote:
> 
> > Hello,
> >
> > I have something I have never seen before and was wondering if anyone in
> > the community has seen something like this?
> >
> > So some active directory accounts are getting locked intermittently and I
> > had to do some sniffing and I have an IP address showing up in a non-used
> > subnet 10.1.2.x
> > And it shows an unrecognized MAC address. This virtual machine is in a
> > Nutanix environment.
> >
> > I am trying to figure this out without bringing in paid outside help.
> > Thanks in advance for any responses.
> > c2:ea:e4:c5:57:e6
> > is the MAC in question. I don't fully understand this request. 10.1.2.18
> > is the mystery ip that doesn't ping, 10.1.3.9 is the DC.
> > AD Audit provides nonexistent machines making the requests and even blank.
> > "User account 'Administrator' was locked from computer ''."
> >
> > [image: image.png]
> >
> > --
> > Thank You,
> > Joe
> >

Re: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) and upstream(s)

[heasley]

Wed, May 11, 2022 at 09:36:36PM +0200, Lukas Tribus:
> True and the amount of memory used per prefix also depends on things
> like BGP communities.
> 
> When I tested this, on 32 bit XR I had a memory increase of about 400
> MB for a full feed 2 years ago.

it depends on the architechture, the variance in paths and attributes,
and how much your policy alters those, what is being sent vs filtered,
AND the number of peers and add-path, etc etc.  eg: if your policy
alters attributes, space for both the old and new attributes is needed.

Whether you need 64bit depends on the total memory usage exceeding,
iirc, 3.2GB.

Re: Newbie x Cisco IOS-XR x ROV: BCP to not harassing peer(s) and upstream(s)

[heasley]

Wed, May 11, 2022 at 07:29:04PM +0200, Mark Tinka:
> On 5/11/22 18:53, Job Snijders via NANOG wrote:
> > In current versions I think enabling “soft-reconfiguration-inbound 
> > always” (also described at
> > https://bgpfilterguide.nlnog.net/guides/reject_invalids/#cisco-ios-xr 
> > ) should be enough.
> >
> > Make sure to enable it on every EBGP peer you apply ROV to, or just 
> > all EBGP peers.
> >
> > This knob slightly increase your own memory consumption, but makes 
> > your router more “neighbourly”! :-)
> 
> Just to add that this is useful on all eBGP speakers based on IOS XR.

any IOS, not just XR.

Re: 10 Do's + Don'ts for Visiting Québec + Register Now for N85!

[heasley]

Sun, May 08, 2022 at 02:28:56PM +, Laura Smith via NANOG:
> On Friday, May 6th, 2022 at 13:59, J EMail <70ford...@gmail.com> wrote:
> 
> > poutine should be on this list.
> 
> 
> God no ! 
> There are many great things about Canada and Québec  but poutine most 
> certainly is not. A culinary abomination that deserves to be confined to the 
> history books.

The table linens were starchy white.  The cutlery gleamed.  The menus
were sumptuous.  My hosts and I, in one of the better restaurants in
the Netherlands, pored over the abundance that was on offer.  I made
my choice, a straightforward one: a steak.

"And how would you like that done, sir?" asked the somewhat severe waiter.

"Well done," I replied.

He looked blankly at me.

"That is not possible," he said.  "Choose something else.  Fish, perhaps."

Possibly the English accent was a give-away.  At least he had taken one
step back from "Fish and chips, perhaps."

Herein lies one of the great realities on this earth, one that this pompous
waiter and all too many in our world fail to grasp.  Beauty truly is in
the eye of the beholder.  What is nectar to one palate may truly seem as
poison to another.



To each his or her own.  And so in the world of food I dismay at the
invariable sneer that accompanies the words "British food."  It happens
all too often here in the US, a nation that of course have the world such
sophiscated dishes as peanut butter and jelly sandwiches and the hamburger.
...

Dr. Charles Bamforth
Beer Is Proof God Loves Us: Reaching for the Soul of Beer and Brewing

Re: Juniper vMX Trial - fake news?

[heasley]

Mon, Mar 14, 2022 at 01:29:41PM -0500, Matt Harris:
> On Mon, Mar 14, 2022 at 1:23 PM Daryl G. Jurbala 
> wrote:
> 
> > The last time I worked with vMX was several years ago.  The image was
> > outdated to the point of having to fire up an older version of VMWare to
> > export the two VMs so I could import them back into 6.  The
> > documentation barely existed.  I had to figure out which vmware adapters
> > corresponded to which vMX adapters.  No one really seemed to be able to
> > help at Juniper, even though we ended up licensing the things so we were
> > "real" customers of this product.
> >
> > It looked a lot lot an abandoned project.  So unless something has
> > changed in the last few years it's not looking good.
> >
> 
> Interesting. I haven't had an opportunity to try vMX because of its lack of
> Hyper-V support, but we do run vSRX in production quite a bit including
> junos versions from 17.x up to 21.x. It's kind of janky on Hyper-V but
> works overall (the main issue being very very long boot times - 15+ minutes
> to get up and running), but we also run it on KVM on Linux with the "vSRX3"
> images, and that works a lot better. The vSRX3 images on KVM, I personally
> haven't run into any issues with. The licensing costs are pretty
> reasonable, too, imho.
> 
> Good luck with what you're trying to accomplish: maybe give the vSRX series
> a shot if you're running on KVM.

vMX has not been abandoned; latest I have is 20.2B1, obviously not the
current relaease.  It works well on esxi, though I am not sure if this is
officially supported yet, and is no longer slow to boot or sync with the
vfpc.

afaiu, vfpc adapters are mgmt, vRE/vfpc internal, intf1 ...
vRE adapaters are mgmt, vRE/vfpx internal.

vSRX is a different animal, afaik.

Contact your sales rep for eval license if the webform isnt working.

Re: [EXTERNAL] Re: Flow collection and analysis

[heasley]

Wed, Jan 26, 2022 at 07:21:19AM -0600, Mike Hammett:
> Why is it [TLS] even necessary for such a function? 

confidentiality and integrity, even if you do not care about authentication.
I am surprised that question is asked.

The fewer things that are left unprotected, the better for everyone.  those
with concern about erosion of their privacy and human rights benefit from
everything being protected, everywhere for everyone.

Re: ARIN customers / members (was: Re: questions about ARIN ipv6 allocation)

[heasley]

Thu, Dec 09, 2021 at 12:52:45PM +, John Curran:
> So we’re approximately here at the beginning of December 2021 -
> 
>7500 ISPs  (i.e. services under an RSA / Members)
>8500 End-users (i.e. services under an RSA / Not Members Today)
>  15250 Legacy non-contracted (receiving services w/o fee or agreement / 
> Not Members)
> 
> In a month (January 2022) it will become -
> 
>  16000 ARIN IPv4/IPv6 customers  (i.e. services under an RSA and with 
> membership rights)
>  15250 Legacy non-contracted (receiving services w/o fee or agreement / 
> Not Members)
> 
> Hi John,
> 
> What happened to the count of ASN-only customers who, as you've
> previously mentioned, are under an RSA but are not converting to
> having membership rights?
> 
> Bill -
> 
> There are approximately 8000 ASN-only customers – they all have RSAs with 
> ARIN, pay a $150 annual maintenance fee per ASN and are not ARIN members.   
> Neither their fees nor relationship to ARIN changes in 2022.
> 
> (ARIN customers with IPv4 or IPv6 number resources simply pay their annual 
> registration plan based on total size of their number resource holdings but 
> have no ASN maintenance fees  – this is one reason why many smaller end-user 
> customers see their overall ARIN fees drop with the 2022 fee schedule change.)

So, fees will be reduced, given all this new income?  

Re: BGP - Traffic Management

[heasley]

Thu, Aug 19, 2021 at 08:40:21PM +0200, Lukas Tribus:
> On Thu, 19 Aug 2021 at 19:21, Ryan Hamel  wrote:
> > Does anyone know of any US carriers that will accept more
> > specific routes other than what’s required for the DFZ, like
> > “le 31” or “upto /31” (junos speak)?
> 
> NTT was mentioned just a few days ago here:
> https://mailman.nanog.org/pipermail/nanog/2021-August/214536.html

it used to be the case that peers would not accept routes >/24 from eachother.
i have not audited.

Re: Global Akamai Outage

[heasley]

Mon, Jul 26, 2021 at 07:04:41PM +0200, Lukas Tribus:
> Hello!
> 
> On Mon, 26 Jul 2021 at 17:50, heasley  wrote:
> >
> > Mon, Jul 26, 2021 at 02:20:39PM +0200, Lukas Tribus:
> > > rpki-client 7.1 emits a new per VRP attribute: expires, which makes it
> > > possible for RTR servers to stop considering outdated VRP's:
> > > https://github.com/rpki-client/rpki-client-openbsd/commit/9e48b3b6ad416f40ac3b5b265351ae0bb13ca925
> >
> > Since rpki-client removes "outdated" (expired) VRPs, how does an RTR
> > server "stop considering" something that does not exist from its PoV?
> 
> rpki-client can only remove outdated VRP's, if it a) actually runs and
> b) if it successfully completes a validation cycle. It also needs to
> do this BEFORE the RTR server distributes data.
> 
> If rpki-client for whatever reason doesn't complete a validation cycle
> [doesn't start, crashes, cannot write to the file] it will not be able
> to update the file, which stayrtr reads and distributes.
> 
> If your VM went down with both rpki-client and stayrtr, and it stays
> down for 2 days (maybe a nasty storage or virtualization problem or
> maybe this just a PSU failure in a SPOF server), when the VM comes
> backup, stayrtr will read and distribute 2 days old data - after all -
> rpki-client is a periodic cronjob while stayrtr will start
> immediately, so there will be plenty of time to distribute obsolete
> VRP's. Just because you have another validator and RTR server in
> another region that was always available, doesn't mean that the
> erroneous and obsolete data served by this server will be ignored.
> 
> There are more reasons and failure scenarios why this 2 piece setup
> (periodic RPKI validation, separate RTR daemon) can become a "split
> brain". As you implement more complicated setups (a single global RPKI
> validation result is distributed to regional RTR servers - the
> cloudflare approach), things get even more complicated. Generally I
> prefer the all in one approach for these reasons (FORT validator).
> 
> At least if it crashes, it takes down the RTR server with it:
> 
> https://github.com/NICMx/FORT-validator/issues/40#issuecomment-695054163
> 
> 
> But I have to emphasize that all those are just examples. Unknown bugs
> or corner cases can lead to similar behavior in "all in one" daemons
> like Fort and Routinator. That's why specific improvements absolutely
> do not mean we don't have to monitor the RTR servers.

I am not convinced that I want the RTR server to be any smarter than
necessary, and I think expiration handling is too smart.  I want it to
the load the VRPs provided and serve them, no more.

Leave expiration to the validator and monitoring of both to the NMS and
other means.  The delegations should not be changing quickly[1] enough
for me to prefer expiration over the grace period to correct a validator
problem.  That does not prevent an operator from using other means to
share fate; eg: if the validator does fails completely for 2 hours, stop
the RTR server.

I perceive this to be choosing stability in the RTR sessions over
timeliness of updates.  And, if a 15 - 30 minute polling interval is
reasonable, why isnt 8 - 24 hours.

I too prefer an approach where the validator and RTR are separate but
co-habitated, but this naturally increases the possibility that the two
might serve different data due to reachability, validator run-time, 
To what extend differences occur, I have not measured.


[1] The NIST ROA graph confirms the rate of change is low, as I would
expect.  But, I have no statistic for ROA stability, considering only
the prefix and origin.

Re: Global Akamai Outage

[heasley]

Mon, Jul 26, 2021 at 02:20:39PM +0200, Lukas Tribus:
> rpki-client 7.1 emits a new per VRP attribute: expires, which makes it
> possible for RTR servers to stop considering outdated VRP's:
> https://github.com/rpki-client/rpki-client-openbsd/commit/9e48b3b6ad416f40ac3b5b265351ae0bb13ca925

Since rpki-client removes "outdated" (expired) VRPs, how does an RTR
server "stop considering" something that does not exist from its PoV?

Did you mean that it can warn about impending expiration?

Re: New minimum speed for US broadband connections

[heasley]

Wed, Jun 02, 2021 at 03:25:01PM -0400, Josh Luthman:
> CAF/RDOF *requires phone service*.  The internet was a happy byproduct.

the way that i interpret it, it does not require phone service but does
still offer grants for phone service.

anyway, that is irrelevant.  the point is that grants are offered for
internet services infrastructure (and they are poorly managed).

Re: New minimum speed for US broadband connections

[heasley]

Wed, Jun 02, 2021 at 01:02:00PM -0400, Josh Luthman:
> Phone is telecom.  Internet is not telecom.  Generally speaking.
> 
> If you think both of those services are US funded, why do you think we have
> this current situation where not everyone has fiber?
> 
> To answer your question, there is some assistance to those big companies
> (AT&T, Frontier, CenturyLink).  Did you notice that two of them have filed
> bankruptcy recently?  They also wrote letters apologizing they didn't
> deploy the services they were paid to do.
> 
> USF is for phone.  Not internet.

I believe that is incorrect.  afaik, 4 Internet connectivity programs have
been created within the USF.  iirc, that occured 7 - 10 years ago.  I think
CAF granted ~1.5T in its last phase.

All support/subsidy for traditional dial-tone from the USF should be
redirected to voip and internet.

A significant problem with USF grants is that grantees are not required
to serve an entire FCC census tract (an area much smaller than a USPS
zip code) when they accept a grant to service it.  Meaning that if just a
portion, the most convenient portion, of a census tract is serviced, the
FCC is satisfied and then considers the entire tract served.  Which is
exactly what happened to my area, thanks FCC & Comcast - who also will not
discuss extending it the ~.5 mile to reach me and neighbors.

I'd be delighted to have 25M symmetrical.  What I can buy at consumer
prices (~$55 MRC) is .8M/.8M DSL (MTR > 30 days for a few neighbors after
the last storm).  If I were located about 1.5 in any direction, I could
buy 100M/100M or 1G/100M.  No viable 4G or 5G options.  There is Sprint
fiber about 300 feet away, but I'm told it is voice only.  There is
Zayo fiber about .5 miles away, 100M for ~$1k MRC lit or ~$4k dark to
the telco hotel, but it also has other challanges.

Re: ROVv6 does not behave the same way as ROVv4: What rookie mistake(s) did I make?

[heasley]

Tue, Mar 02, 2021 at 09:18:06PM +0700, Pirawat WATANAPONGSE via NANOG:
> For a “second validator”, which choice is better: second copy of the same
> software, or different software altogether?

Arrcus ArcIQ has a validator, RTR server, and has monitoring capabilities
and support.