Re: FCC proposes higher speed goals (100/20 Mbps) for USF providers

[j k]

With this funding, does the FCC require IPv6 and/or dual stack?  If not, it
could cause a new IPv6 digital divide.

Joe Klein

On Tue, May 24, 2022, 9:21 AM Max Tulyev  wrote:

> Do they help with a local government ("we do not need your cables, go
> avway")?
>
> 23.05.22 21:56, Sean Donelan пише:
> >
> > Money, money, money.
> >
> >
> > On Mon, 23 May 2022, Aaron Wendel wrote:
> >
> >> The Fiber Broadband Association estimates that the average US
> >> household will need more than a gig within 5 years.  Why not just jump
> >> it to a gig or more?
> >>
> >>
> >> On 5/23/2022 1:40 PM, Sean Donelan wrote:
> >>>
> >>>
> https://www.fcc.gov/document/fcc-proposes-higher-speed-goals-small-rural-broadband-providers-0
> >>>
> >>> The Federal Communications Commission voted [May 19, 2022] to seek
> >>> comment on a proposal to provide additional universal service support
> >>> to certain rural carriers in exchange for increasing deployment to
> >>> more locations at higher speeds. The proposal would make changes to
> >>> the Alternative Connect America Cost Model (A-CAM) program, with the
> >>> goal of achieving widespread deployment of faster 100/20 Mbps
> >>> broadband service throughout the rural areas served by rural carriers
> >>> currently receiving A-CAM support.
> >>>
> >>
> >>
> >
>

Re: is ipv6 fast, was silly Redeploying

[j k]

When considering the IPv6 product, I would suggest you read
USGv6-Revision-1 (1) to define the specification you need for the product.
Then go to the USGv6 Registry (2), select the features and read the
Supplier Declaration of Conformity (SDOC) to ensure that the product meets
your requirements. Do this prior to having the discussion with the vendor
sales.

Also, ask for documents which provide details on performance and security
testing. It will save you hours of troubleshooting problems and patching
vulnerability.

Lessons learned from implementing IPv6 products.

(1) https://www.nist.gov/programs-projects/usgv6-program/usgv6-revision-1
(2) https://www.iol.unh.edu/registry/usgv6

Joe Klein

"inveniet viam, aut faciet" --- Seneca's Hercules Furens (Act II, Scene 1)
"*I skate to where the puck is going to be, not to where it has been."
-- *Wayne
Gretzky
"I never lose. I either win or learn" - Nelson Mandela


On Sat, Nov 20, 2021 at 2:36 AM John Lee  wrote:

> Cisco and Juniper routers have had v6 functionality for over 10 years.
> Lucent/Nokia, and others. Check UNL list at
> https://www.iol.unh.edu/registry/usgv6 for v6 compliant routers and
> switches.
>
> John Lee
>
> On Fri, Nov 19, 2021 at 5:48 PM John Levine  wrote:
>
>> It appears that Michael Thomas  said:
>> >And just as impossible since it would pop it out of the fast path. Does
>> >big iron support ipv6 these days?
>>
>> My research associate Ms. Google advises me that Juniper does:
>>
>>
>> https://www.juniper.net/documentation/us/en/software/junos/routing-overview/topics/concept/ipv6-technology-overview.html
>>
>> As does Cisco:
>>
>>
>> https://www.cisco.com/c/en/us/products/collateral/switches/catalyst-9600-series-switches/nb-06-cat9600-ser-sup-eng-data-sheet-cte-en.pdf
>>
>> R's,
>> John
>>
>

Re: DoD IP Space

[j k]

In the positive side of things, guess we will see IPv6 usage.

Joe Klein

On Sun, Apr 25, 2021, 6:11 PM John Curran  wrote:

> Sronan -
>
> I made no claims other than pointing out that IP address blocks in the
> ARIN registry are subject to ARIN policies.
>
> ARIN was formed specifically so that the Internet community could engage
> in self-regulation for IP number resources; to wit: "Creation of ARIN will
> give the users of IP numbers (mostly Internet service providers,
> corporations and other large institutions) a voice in the policies by which
> they are managed and allocated within the North American region” [1] – thus
> ARIN's policies for management of the registry apply to all resources in
> the registry because that was inherent to the purpose to which ARIN was
> formed.
>
> This includes having ARIN "assume full responsibility for Internet
> Protocol (IP) number assignments and related administrative tasks
> previously handled by NSI.”, whereby ARIN formally became the successor
> registry operator for organizational assignments in a long chain that
> includes USC/ISI, SRI, GSI, and NSI.
>
> The community wanted self-governance, and that’s exactly what it got…  the
> result is a fairly important reason to participate in ARIN policy
> development and/or governance if you feel strongly about these matters.
>
> Thanks!
> /John
>
> John Curran
> President and CEO
> American Registry for Internet Numbers
>
> [1] https://www.nsf.gov/news/news_summ.jsp?cntn_id=102819 - "Internet
> Moves Toward Privatization / IP numbers handled by non-profit”
>
>
> On Apr 25, 2021, at 11:38 AM, sro...@ronan-online.com wrote:
>
>  So you are claiming that ARIN has jurisdiction over DoD IP space?
>
> Sent from my iPhone
>
> On Apr 25, 2021, at 9:13 AM, John Curran  wrote:
>
>  Sronan -
>
> I’d suggest asking rather than making assertions when it comes to ARIN, as
> this will avoid propagating existing misinformation in the community.
>
> Many US government agencies, including the US Department of Defense, have
> signed registration services agreements with ARIN.
>
> From https://account.arin.net/public/member-list -
>
> United States Department of Defense (DoD)
>
> USDDD 
>
>
> Thanks!
> /John
>
> John Curran
> President and CEO
> American Registry for Internet Numbers
>
> On 25 Apr 2021, at 8:54 AM, sro...@ronan-online.com wrote:
>
> Except these DoD blocks don’t fall under ARIM justification, as they
> predate ARIN. It is very likely that the DoD has never and will never sign
> any sort of ARIN agreement.
>
> Sent from my iPhone
>
> On Apr 25, 2021, at 3:40 AM, Mel Beckman  wrote:
>
> Mark,
>
> ARIN rules require every IP space holder to publish accurate — and
> effective —  Admin, Tech, and Abuse POCs. The DOD hasn’t done this, as I
> pointed out, and as you can test for yourself. Your expectation that the
> DOD will “generally comply with all of the expected norms” is sorely naive,
> and already disproven.
>
> As far as “why does anyone on the Internet need to publish to your
> arbitrary standards”, you seem to forget that in the U.S., the government
> is accountable to the People. Where a private company may not have to
> explain its purposes, the government most certainly does in the private
> sector. With these IP spaces being thrust into the civilian realm, yes,
> they owe the citizenry an explanation of their actions, just as they would
> if they had started mounting missile launchers on highway overpasses. It’s
> a direct militarization of a civilian utility.
>
> Keep in mind that the U.S. Government — under all administrations — has
> shown that it will abuse every technical advantage it can, as long as it
> can do so in secret. Perhaps you’ve forgotten James Clapper, the former
> director of national intelligence, who falsely testified to Congress that
> the government does “not wittingly” collect the telephone records of
> millions of Americans. And he was just the tip of the iceberg. Before
> Clapper under Obama there was the Bush administration’s Stellar Wind"
> warrantless surveillance program. The list of government abuse of civilian
> resources is colossal .
>
> Fighting against that isn’t political. It’s patriotic.
>
> -mel
>
> On Apr 25, 2021, at 12:02 AM, Mark Foster  wrote:
>
> 
>
> On 25/04/2021 3:24 am, Mel Beckman wrote:
>
> This doesn’t sound good, no matter how you slice it. The lack of
> transparency with a civilian resource is troubling at a minimum. I’m going
> to bogon this space as a defensive measure, until its real — and detailed —
> purpose can be known. The secret places of our government have proven
> themselves untrustworthy in the protection of citizens’ data and networks.
> They tend to think they know “what’s good for” us.
>
> -mel
>
>
> Why does anyone on the Internet need to publish to your arbitrary
> standards, what they intend to do with their IP address ranges?
>
> Failure to advertise the IP address space to the 

Re: DoD IP Space

[j k]

Two questions...

1. How many on this list already have dual-stack or IPv6 only in operation?

2. If you are running IPv4 only, and a major service was to switch to IPv6
only,..
 a. How fast would you move to a dual-stack of IPv6 only?
 b. What would it impact your customers?
 c. How would it impact your business?

Joe Klein

"inveniet viam, aut faciet" --- Seneca's Hercules Furens (Act II, Scene 1)
"*I skate to where the puck is going to be, not to where it has been."
-- *Wayne
Gretzky
"I never lose. I either win or learn" - Nelson Mandela


On Thu, Feb 11, 2021 at 12:56 PM William Herrin  wrote:

> On Thu, Feb 11, 2021 at 6:13 AM Izaac  wrote:
> > On Wed, Feb 10, 2021 at 10:38:00AM -0800, William Herrin wrote:
> > > None whatsoever. You just have to be really big.
> >
> > Hi Beel,
>
> That was unnecessary. Sorry I used an S instead of a Z.
>
> > Thanks for backing me up with an example of an organization with
> > competent network engineering.  Their ability to almost infinitely
> > leverage the existing rfc1918 address space to serve an appreciable
> > fraction of all Internet attached hosts is a real demonstration of the
> > possible.
>
> Except they don't. One of the reasons you can't put vms in multiple
> regions into the same VPC is they don't have enough IP addresses to
> uniquely address the backend hosts in every region. They end up with a
> squirrelly VPC peering thing they relies on multiple gateway hosts to
> overcome the address partitioning from overlapping RFC1918.
>
> In other words, it proves the exact opposite of your assertion.
>
> Regards,
> Bill Herrin
>
>
>
> --
> William Herrin
> b...@herrin.us
> https://bill.herrin.us/
>

Re: DoD IP Space

[j k]

Organizations I have worked with for IPv6 transition, reduced CAPex and
OPex by leveraging the IT refresh cycle, and by ensuring there investment
included leveraging the USGv6 (
https://www.nist.gov/programs-projects/usgv6-program) or IPv6Ready (
https://www.ipv6ready.org/) to mitigate the "We sell IPv6 products, and
want to you to pay for the debugging costs".

Can I assume other organizations don't leverage the IT refresh cycle?

Joe Klein

"inveniet viam, aut faciet" --- Seneca's Hercules Furens (Act II, Scene 1)
"*I skate to where the puck is going to be, not to where it has been."
-- *Wayne
Gretzky
"I never lose. I either win or learn" - Nelson Mandela


On Thu, Jan 21, 2021 at 2:34 PM Brandon Svec 
wrote:

> That's a good one.  Perhaps you don't live/work in the US and can be
> excused for not knowing that US corporations don't pay taxes.  In many
> cases we subsidize them by giving tax credits to the point that the money
> is flowing in the opposite direction entirely. It would be hard to give
> them any more of a break ;)
>
>>
>>
>> Financial incentives also work. Perhaps we can convince Mr. Biden to give
>> a .5%
>> tax cut to corporations that fully implement v6. That will create some
>> bonus
>> targets.
>>
>> Thanks,
>>
>> Sabri
>>
>

Re: DoD IP Space

[j k]

My question becomes, what level of risk are these companies taking on by
using the DoD ranges on their internal networks? And have they
quantified the costs of this outage against moving to IPv6?

Joe Klein

"inveniet viam, aut faciet" --- Seneca's Hercules Furens (Act II, Scene 1)
"*I skate to where the puck is going to be, not to where it has been."
-- *Wayne
Gretzky
"I never lose. I either win or learn" - Nelson Mandela


On Wed, Jan 20, 2021 at 9:06 AM John Curran  wrote:

> Indeed.
> /John
>
> > On Jan 20, 2021, at 8:47 AM, Cynthia Revström  wrote:
> >
> > But if you do this, make sure you keep track of where you might have put
> policies like this in, in case the DoD sells some the space or whatever in
> the future.
>
>

Re: FCC Announces All Of Puerto Rico To Have Access To High-Speed Broadband Service

[j k]

Skeptical about the timing and scoping of the project.

Joe Klein

"inveniet viam, aut faciet" --- Seneca's Hercules Furens (Act II, Scene 1)
"*I skate to where the puck is going to be, not to where it has been."
-- *Wayne
Gretzky
"I never lose. I either win or learn" - Nelson Mandela


On Mon, Nov 2, 2020 at 11:48 AM Brandon Svec 
wrote:

> This seems like very good news. I am quite skeptical this can be
> accomplished per the provided numbers though.
>
> > On Nov 2, 2020, at 8:24 AM, Sean Donelan  wrote:
> >
> > $127.1 million in funding over 10 years covering more than 1.2 million
> locations
>

Re: 60ms cross continent

[j k]

Any idea what network protocol(s) used with Starlink?

On Tue, Jul 7, 2020, 5:08 AM Saku Ytti  wrote:

> On Tue, 7 Jul 2020 at 06:35, Harry McGregor 
> wrote:
>
> > Once the laser based inter-sat links are running (Starlink 2.0?), it
> should be lower latency vs Fiber.
>
> I understood it's not clear if this will ever happen. In local
> constellation it might, but supposedly technology does not currently
> actually exist to do it between constellations. I don't understand the
> topic at all, but I got impression that the precision of timing and
> accuracy of aiming needed is actually a very hard problem.
>
> But agreed, should sat2sat communication become possible, there are
> many legs where starlink latency will improve upon terrestrial.
>
> --
>   ++ytti
>

Contact at Ubiquiti Networks?

[j k]

Does anyone have a good contact at Ubiquity Networks? Finding a pattern I
don't like.

Joe Klein

"inveniet viam, aut faciet" --- Seneca's Hercules Furens (Act II, Scene 1)
"I never lose. I either win or learn" - Nelson Mandela

Re: Phishing and telemarketing telephone calls

[j k]

Mike,

Except in this case the flaw was acknowledged back in the 80' and it room
the FCC almost 40 years to do something about it.

Joe Klein

On Sat, Apr 25, 2020, 8:54 AM Mike Hammett  wrote:

> No different than any other network abuse mechanism and regulatory and
> legislative measures meant to control it.
>
>
>
> -
> Mike Hammett
> Intelligent Computing Solutions
> http://www.ics-il.com
>
> Midwest-IX
> http://www.midwest-ix.com
>
> --
> *From: *"Jon Lewis" 
> *To: *"Matthew Black" 
> *Cc: *"North American Network Operators' Group" 
> *Sent: *Friday, April 24, 2020 6:36:28 PM
> *Subject: *Re: Phishing and telemarketing telephone calls
>
> On Fri, 24 Apr 2020, Matthew Black wrote:
>
> >
> > Has anyone else noticed a steep decline in annoying phone calls since
> the FCC threatened legal action against three major VOIP gateways if they
> didn’t make efforts to prevent
> > Caller ID spoofing from scammers?
>
> Not that it's at all on-topic for NANOG, but no.  I still get numerous
> "last chance to renew my car warranty" and whatever the scam is from the
> credit card callers per day on both my home and cell numbers.
>
> --
>   Jon Lewis, MCP :)   |  I route
>   StackPath, Sr. Neteng   |  therefore you are
> _ http://www.lewis.org/~jlewis/pgp for PGP public key_
>
>

Re: IPv6 for Verizon FIOS

[j k]

In Ashburn, VA, Dynamic user, with Ubiquity router performing a proper
DHCPv6 request for over 3 years. Documented on my Security Onion server
showing no response.

Joe Klein


On Wed, Feb 26, 2020 at 1:07 PM Christopher Morrow 
wrote:

> On Wed, Feb 26, 2020 at 12:42 PM Brian Ellwood  wrote:
> >
> > https://www.dslreports.com/forum/r32136440-Networking-IPv6-working
>
> this is from 2yrs ago.
> there's no evidence this is either progressing or actually working for
> anything but some test sets.
>
>
>
> > Enjoy the read
> >
> > TLDR they are doing some test deployments in:
> >
> > - Ashburn, VA
> > - Richmond/Midlothian, VA
> > - Spotsylvania, VA
> > - Waltham, MA
> >
> > “It’s Coming (TM)"
> >
> > —
> > Brian Ellwood
> > Senior Systems Engineer
> > INOC Data Centers
> > O: 518-689-4350
> >
> > > On Feb 26, 2020, at 12:05, j k  wrote:
> > >
> > > Does anyone have a contact at Verizon FIOS?
> > >
> > > Please respond off list.
> > >
> > > V/R,
> > >
> > > Joe Klein
> > > "inveniet viam, aut faciet" --- Seneca's Hercules Furens (Act II,
> Scene 1)
> > > "I never lose. I either win or learn" - Nelson Mandela
> > >
> >
>

IPv6 for Verizon FIOS

[j k]

Does anyone have a contact at Verizon FIOS?

Please respond off list.

V/R,

Joe Klein

"inveniet viam, aut faciet" --- Seneca's Hercules Furens (Act II, Scene 1)
"I never lose. I either win or learn" - Nelson Mandela

Re: FCC proposes $10 Million fine for spoofed robocalls

[j k]

~ $204 per spoofed call.

On Thu, Dec 19, 2019, 10:09 AM Kain, Becki (.)  wrote:

> Would be nice to have these stopped.  I received 10 of them yesterday,
> pretending to be apple icloud support
>
>
>
> *From:* NANOG  *On Behalf Of *Javier J
> *Sent:* Wednesday, December 18, 2019 8:38 PM
> *To:* Sean Donelan 
> *Cc:* nanog 
> *Subject:* Re: FCC proposes $10 Million fine for spoofed robocalls
>
>
>
> It is so bad that I am not above us bribing politicians in
> foreign countries to crack down on this.
>
>
>
>
>
>
>
> On Thu, Dec 12, 2019 at 3:37 PM Sean Donelan  wrote:
>
>
> On Monday, U.S. FCC Chairman Pai and Canadian CRTC Chairperson Scott made
> the first official cross-border SHAKEN/STIR call.
>
> https://www.fcc.gov/document/pai-scott-make-first-official-cross-border-shakenstir-call
>
>
> Today, the U.S. FCC announced a proposed nearly $10 million fine for
> spoofed robocalls.
>
> https://www.fcc.gov/document/fcc-proposes-nearly-10-million-fine-spoofed-robocalls
>
> A U.S. telemarketing firm spoofed the caller-id of a competitor to make
> approximately 47,610 political robocalls shortly before a California State
> Assembly primary election.
>
> I think this case is somewhat unusual for robocall spoofing, because the
> alleged perpetrator, victims, and 'crime scene' occured within the same
> jurisdiction.
>
> While the FCC likes to announce large enforcement actions in splashy
> press releases, its actually bad about collecting fines. The FCC must
> rely on the Justice Department to initiate separate prosecution to
> enforce payment from non-license holders because the FCC can't do that
> itself.  So don't expect anyone to actually pay soon (or ever).
>
>

Re: FCC workshop: Security vulnerabilities within our communications networks

[j k]

Not bad, only took 15 years.

On Wed, Jun 26, 2019, 6:29 PM Christopher Morrow 
wrote:

> On Wed, Jun 26, 2019 at 1:17 PM Sean Donelan  wrote:
> >
> > On Tue, 25 Jun 2019, Christopher Morrow wrote:
> > > looks like our best and brightest have the problem resolved, phew!
> > > we're all safe now.
> >
> > The success rate of most groups has been low in this area, so I' willing
> > let new groups try.
> >
> > I mostly just to keep an eye on new groups in case they do stupid things.
> >
> > If they come up with a better idea, that's great.  I'll take good ideas
> > from anywere.
>
> sure, good ideas would be nice.
> I'm skeptical of the panel's members being able to actually do that in
> this (and really many) case.
>
> who knows, maybe today is the day! :)
>

Re: Time to add 2002::/16 to bogon filters?

[j k]

This week I began mapping IPv6 SPAM headers "Received:" and "X-Received:"
and have discovered over 50% are from:

10.0.0.0 – 10.255.255.255
2002:0a00:: - 2002:aff::::::

172.16.0.0 – 172.31.255.255
2002:ac10:: - 2002:ac10::::::

192.168.0.0 – 192.168.255.255
2002:c0A8:: - 2002:c0A8::::::

Can anyone else confirm my findings?

Joe Klein

"inveniet viam, aut faciet" --- Seneca's Hercules Furens (Act II, Scene 1)
PGP Fingerprint: 295E 2691 F377 C87D 2841 00C1 4174 FEDF 8ECF 0CC8

On Mon, Jun 18, 2018 at 9:18 PM, Jared Mauch  wrote:

>
>
> > On Jun 18, 2018, at 8:31 PM, Mark Andrews  wrote:
> >
> > If you are using 2002::/16 you know are relying on third parties.  Not
> that it is much
> > different to any other address where you are relying on third parties.
> >
> > If one is going to filter 2002::/16 from BGP then install your own
> gateway to preserve
> > the functionality.
>
> It does not appear the functionality is working at present, which I think
> is the more critical point.  Taking a quick sampling of where I see the
> packets going from two different networks, it doesn’t seem to be going
> where it’s expected, nor is it working as expected.  These appear to be at
> best routing leaks similar to leaking rfc6761 space that should be under
> your local control.  They could also be seen as a privacy issue by taking
> packets destined to 2002::/16 somewhere unexpected and off-continent.
>
> I would expect even in the cases where it does work, it would be subject
> to the same challenges faced by people using VPN services (being blocked
> from your kids favorite streaming services) and much poorer performance
> than native IPv4.
>
> There is also the problem noted by Wes George with 6to4 being used in DNS
> amplification, which may be interesting..
>
> http://iepg.org/2018-03-18-ietf101/wes.pdf
>
> I don’t believe most providers are intending to offer 6to4 as a global
> service.  Even the large providers (eg: Comcast) seem to have disabled it
> ~4+ years ago.  While I know there’s people on the internet that like to
> hang on to legacy things, this is one that should end.  The networks and
> devices today no longer require this sort of transition technology, and the
> networks where it’s left won’t want it as it will be used for various bad
> things(tm).
>
> - Jared

Google Email Contact --- security issue

[j k]

Can anyone send me a contact to Gmail security --- off list?  Found
something bad, that need to be resolved.


Joe Klein

"inveniet viam, aut faciet" --- Seneca's Hercules Furens (Act II, Scene 1)
PGP Fingerprint: 295E 2691 F377 C87D 2841 00C1 4174 FEDF 8ECF 0CC8