Re: NANOG Thread

On Sun, 24 Sep 2006, Alexander Harrowell wrote: > Christopher L. Morrow: I think you have a point, Sean, but can you try > not to engage with this? ISSUE is definitely off topic. I don't think I've ever asked if something was off-topic on nanog... (and 'chris'

Re: tech support being flooded due to IE 0day

On Thu, 21 Sep 2006, Gadi Evron wrote: > > Are you telling me tech support overflow at this immense scale does not > affect the ISP and its network staff as well? define 'immense scale' ... no calls here... so 'immense scale' in this case is 'nothing'. No, one thing you might say is that increas

Re: Q on what IGP routing protocol to use for supplying only gateway address

On Thu, 14 Sep 2006, william(at)elan.net wrote: > > > I need to implement a sort-of failover-loadbalancing where systems > would receive gateway address from at least two routers (including > > Any suggestion as to what IGP protocol is best for this scenario? ipv6 and RA ? oh wait, no widescal

Re: TCP receive window set to 0; DoS or not?

On Thu, 7 Sep 2006 [EMAIL PROTECTED] wrote: > > On Thu, 7 Sep 2006, Joshua Brewer wrote: > > > What about when we're seeing this on port 25? > > Sand worms. > > In all seriousness, your guess is as good as mine, at that point. If > memory serves, the platforms we saw this on most, with web brows

Re: comast email issues, who else has them?

On Thu, 7 Sep 2006, S. Ryan wrote: > > > Christopher L. Morrow wroteth on 9/6/2006 5:11 PM: > > something truly wrong? So escalating every problem that seems even half > > baked isn't an option? > > You're probably right. However, if someone called my pla

Re: comast email issues, who else has them?

On Wed, 6 Sep 2006, Stephen Sprunk wrote: > > Because Comcast's tools are broken and when other mail admins or even > their own customers call them on it, they're not even competent enough > to understand the complaint and refuse to escalate? I hate to say this, and get involved in the melee, bu

Re: Router / Protocol Problem

On Wed, 6 Sep 2006, Rodney Dunn wrote: > > Get a sniffer trace. Packets on the wire prove what's going on. provided the packets get back to him, it seems his problem is traffic getting back to him :( so probably no packets will be on the wire (none in question atleast)...

RE: Amazon?

On Mon, 21 Aug 2006, Joseph Jackson wrote: > > That whois stuff is meaningless. When are people going to get it that > it really isn't a "hack". > color me embarassed for sans/isc-handler-on-duty that they didn't point out that these are not in anyway linked to 'amazon the company' so not rele

Re: Wikipedia/Cogent

On Fri, 18 Aug 2006, Geoffrey Pan wrote: > This space has been assigned to the same location, facility for years. > same location/facility doesn't mean that that place/people/thing still has authority to route the PA block... Like say the decided to stop having Cogent as a provider? or stopped

Re: Wikipedia/Cogent

On Fri, 18 Aug 2006, Jeremy Chadwick wrote: > > Looks like some others may have noticed... > > 207.142.131.0/24 *[BGP/170] 00:26:46, localpref 100 > AS path: 701 3356 30217 I so.. is the problem that wikipedia's ip address is in a block of PA space of Cogent's and they f

Re: AS 8437 announced a quarter of the net for half of an hour

On Tue, 15 Aug 2006, Gadi Evron wrote: > It sure would be interesting to see what traffic unallocated space gets > beyond some dark matter that floats into honey nets of sorts here and > there. if you route 127.0.0.0/8 to a host you sometimes get interesting syslog messages :) (sent to 127.0.0.1

nanog@merit.edu

On Sun, 13 Aug 2006, Michael Nicks wrote: > attack, and mitigate/stop the traffic. I think it certainly is possible > to accomplish this on a per-router level, but being able to have the > devices communicate and share information between one another is a > completely separate thing. (New protoc

Re: New Laptop Polices

On Fri, 11 Aug 2006, Laurence F. Sheldon, Jr. wrote: > > Christopher L. Morrow wrote: > > > On Fri, 11 Aug 2006, Joseph S D Yao wrote: > > > >>Do modern laptops have disk drives that are that hard to remove? > > > > one screw and 'pop' out com

Re: New Laptop Polices

On Fri, 11 Aug 2006, Joseph S D Yao wrote: > Do modern laptops have disk drives that are that hard to remove? one screw and 'pop' out comes all dell laptop harddrives... or boot from cd, usb->copy all data, slide back into case and move on to next. you have 2 hours between baggage arrival and l

Re: New Laptop Polices

On Fri, 11 Aug 2006, David Lesher wrote: > It's also a great time to plant some file that POOF the authorities > will decrypt & show it's kiddie porn. {Or just hide same in your > browser cache.} Do YOU know what every frigging file on your > machine is? and here I was thinking: "Quick! buy sto

Re: weblog.disgu.st

On Thu, 10 Aug 2006, Bug Dave wrote: > > could someone please shed some light on what happened to http:// > weblog.disgu.st ? aside from: 1) traceroutes end in 'reflected.net' 2) traceroutes complete 3) tcp/80 isn't replying what other light did you want to know about? Asked it's owner yet? or

RE: SORBS Contact

r deliveries to unused addresses in your domain and blacklist based on that... but that's a little dicey at times as well :( > -Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of > Christopher L. Morrow > On Wed, 9 Aug 2006, Allan Poindexter

Re: SORBS Contact

On Wed, 9 Aug 2006, Allan Poindexter wrote: > moanings of the hand wringers. In the meantime my patience with email > "lost" silently due to blacklists, etc. is growing thin. don't let some third party you have no relation to determine the 'fate' of your email/messages? with all blacklists you

Re: Ultradns using anycast?

On Thu, 27 Jul 2006, Jeffrey Sharpe wrote: > Does anyone know if Ultradns uses anycast? Or how to get someone at > UltraDNS or PIR to take ownership of a issue and resolve it? anycast for which parts of their services? If you google the nanog archives you'll certainly see a bunch of questions r

Re: Hot weather and power outages continue

On Mon, 24 Jul 2006, Robert E. Seastrom wrote: > > "Christopher L. Morrow" <[EMAIL PROTECTED]> writes: > > > On Mon, 24 Jul 2006, Richard A Steenbergen wrote: > >> > >> Come on Sean, this "very few disruptions" stuff is below your usu

Re: Hot weather and power outages continue

On Mon, 24 Jul 2006, Richard A Steenbergen wrote: > > Come on Sean, this "very few disruptions" stuff is below your usual > standards. The least you can do to help us pass the time in this damn heat > is to recount a few good stories about routers you could scramble eggs on. > :) there is a funn

Re: Sitefinder II, the sequel...

On Thu, 13 Jul 2006, Patrick W. Gilmore wrote: > > just as your > > teacher would by allowing you to mis-spell words instead of > > learning the > > correct way > > I think that's going a bit far. > > By that token, we should lobby Microsoft to take spel chickers out of > MS Word. we should

Re: Sitefinder II, the sequel...

On Thu, 13 Jul 2006, Mark Jeftovic wrote: > Larry Smith wrote: > > > In > > school if you spell the word tree as tre - hopefully your teacher corrects > > this. > > Yes, hopefully a correction is made in a safe manner. As opposed to the > teacher smothering your face with a pornographic magazine

Re: Sitefinder II, the sequel...

On Thu, 13 Jul 2006, Patrick W. Gilmore wrote: > > That said, no one has yet said why it is necessary, or even > desirable, to have a completely homogenous view of the world. > I'd use one example reason of why: "Customer Service issues" So If grandma Jane goes to fobar.com (which gets correc

RE: Best practices inquiry: filtering 128/1

> > > Do you not prefix-list customers? That'd have solved this, eh? > > The problem is: the route is coming from our upstreams / peers. > that means they also did not filter it out... :( oh bummer ;( that's not us sending that is it? :) Honestly, prefix filtering should apply in both direc

Re: Best practices inquiry: filtering 128/1

On Tue, 11 Jul 2006, WONG, Yuen-Fung wrote: > > Sometimes earlier this year someone announced this 128/1 and caused > heavy loading to our routers to rebuild the CEF. Would anyone filter > out this route (and other similar routes such as 0/1, 128/1, 0/2, 64/2, > up to /4, for example) as b

Re: Sitefinder II, the sequel...

On Mon, 10 Jul 2006, Gerry Boudreaux wrote: > > It is not VeriSign this time. > > For those who have not yet seen this: > > http://www.opendns.com/ > > They will 'correct' your spelling mistakes for you. > hurrah :( cause obviously everything in the world using dns is a browser? :( As a note, s

Re: MCI - Toronto Routing Issues

On Fri, 7 Jul 2006, Richard Danielli wrote: > > > Is anyone aware of routing problems within MCI/WC/UUNET? > > link shows packets going out, but nothing coming back ping off list please, unless someone already asked you to do same... perhaps we're not accepting your routes so we'd not send thi

Re: Best practices inquiry: tracking SSH host keys

On Thu, 6 Jul 2006, Jeremy Chadwick wrote: > On Thu, Jul 06, 2006 at 04:52:52PM -0400, Steven M. Bellovin wrote: > > On Thu, 29 Jun 2006 19:43:48 + (GMT), "Christopher L. Morrow" > > <[EMAIL PROTECTED]> wrote: > > > apparently kerberos scares peopl

Re: Best practices inquiry: tracking SSH host keys

On Thu, 6 Jul 2006, Steven M. Bellovin wrote: > On Thu, 29 Jun 2006 19:43:48 + (GMT), "Christopher L. Morrow" > <[EMAIL PROTECTED]> wrote: > > > > > On Thu, 29 Jun 2006, David W. Hankins wrote: > > > > > So, here's m

Re: ICANN at risk

On Tue, 4 Jul 2006, Fergie wrote: > > Interesting timing, indeed, considering the UK is beginning > (again?) to examine alternatives -- and Nominet playing a role > there, too: > > http://technology.guardian.co.uk/news/story/0,,1812343,00.html So, with ICANN 'now' starting to forge alliances a

Re: ICANN at risk

On Tue, 4 Jul 2006, Suresh Ramasubramanian wrote: > On 7/4/06, Christopher L. Morrow <[EMAIL PROTECTED]> wrote: > > note the notes already sent in: > > http://www.ntia.doc.gov/ntiahome/domainname/dnstransition.html > > > > note the multiple copies of email-onl

Re: ICANN at risk

On Mon, 3 Jul 2006, Jeremy Kister wrote: > > With three days left and no mention of it from the folks that matter, > I'm referring NANOG readers to: > > > http://www.ntia.doc.gov/ntiahome/frnotices/2006/NOI_DNS_Transition_0506.htm note the notes already sent in: http://www.ntia.doc.gov/ntiahome

RE: DNS Based Load Balancers

On Sun, 2 Jul 2006, David Temkin wrote: > > So, you guys have been pretty clear on what he shouldn't do. > > What should he do as an alternative to using DNS for a proximity based > solution? was it proximity or just loadbalancing he was trying to accomplish? I didn't hear/see which was the pur

Re: Best practices inquiry: tracking SSH host keys

On Thu, 29 Jun 2006, David W. Hankins wrote: > On Wed, Jun 28, 2006 at 06:07:33PM -0700, Allen Parker wrote: > > Why not, on a regular basis, use ssh-keyscan and diff or something > > similar, to scan your range of hosts that DO have ssh on them (maybe --snip-200-words-or-less--- > > _wow_. > > T

Re: Multihomed to 2 ISPs - Load Balance?

On Mon, 26 Jun 2006, Daniel Roesen wrote: > > On Mon, Jun 26, 2006 at 02:06:03AM +, Christopher L. Morrow wrote: > > There is a flag on one vendor I believe to force it to send 'all paths', > > How so? BGP as protocol doesn't allow that, unless you u

Re: Multihomed to 2 ISPs - Load Balance?

On Mon, 26 Jun 2006, John Smith wrote: > > Replying to what most of the offline replies that i received said: > > > >> We wish to load balance the traffic for a block/range of IP addresses > >> that we learn via BGP4 from our two upstream providers. The problem is > >> that my favorite vendor do

Re: h.gtld-servers.net offline...

On Thu, 15 Jun 2006, william(at)elan.net wrote: > > On Thu, 15 Jun 2006, Christopher L. Morrow wrote: > > > On Thu, 15 Jun 2006, Will Hargrave wrote: > >> > >> Joe Abley wrote: > >>> I think you're mistaken about the server being off-line, s

Re: h.gtld-servers.net offline...

On Thu, 15 Jun 2006, Will Hargrave wrote: > > Joe Abley wrote: > > I think you're mistaken about the server being off-line, since I can see > > it just fine from many places. The RIPE NCC dnsmon tool can also see it > > from its various probes: > I did (and do) check on multiple ASs that I run and

RE: Interesting new spam technique - getting a lot more popular.

On Wed, 14 Jun 2006, Church, Chuck wrote: > > Since this technique requires a IPinIP or GRE tunnel, wouldn't blocking > these two protocols to/from the hosts be sufficient? Assuming of course > the customer's host isn't using that normally. sure, but those are probably just convenience things,

Re: Interesting new spam technique - getting a lot more popular.

On Wed, 14 Jun 2006, Adam Rothschild wrote: > On 2006-06-14-00:23:15, "Christopher L. Morrow" <[EMAIL PROTECTED]> wrote: > [...] > > I assume that dedicated hosting folks don't just drop machines > > behind a switch on one big flat subnet? That's pro

Re: Interesting new spam technique - getting a lot more popular.

chines behind a switch on one big flat subnet? That's probably a naive assumption though :( Perhaps this is clue #12 that that is a 'less than good' option? :) > On 6/14/06, Christopher L. Morrow > <[EMAIL PROTECTED]> wrote: > > > > On Wed, 14 Jun 2006, Sure

Re: Interesting new spam technique - getting a lot more popular.

On Wed, 14 Jun 2006, Suresh Ramasubramanian wrote: > > http://thespamdiaries.blogspot.com/2006/02/new-host-cloaking-technique-used-by.html > > * Monitor your local network for interfaces transmitting ARP > responses they shouldn't be. how about just mac security on switch ports? limit the nu

Re: IP failover/migration question.

On Mon, 12 Jun 2006 [EMAIL PROTECTED] wrote: > > > clear understanding as to what is involved in terms of moving the IPs, > > and how fast it can potentially be done. > > I don't believe there is any way to get the IPs > moved in any kind of reasonable time frame for > an application that needs

Re: IP failover/migration question.

On Sun, 11 Jun 2006, Andrew Warfield wrote: > > I think there is some cisco magic you could do with 'dial backup'... you > > may even be able to rig this up with an ibgp session (even if that goes > > out over the external provider) to swing the routes. > > > > NOTE: this could make your site os

Re: IP failover/migration question.

On Sun, 11 Jun 2006, Randy Bush wrote: > > > I'm fairly sure that what I would like to do is to arrange what is > > effectively dual-homing, but with two geographically distinct homes: > > uh, that kinda inverts what we normally mean by 'multi-homing'. > that's usually two upstream providers for a

Re: a fun hijack: 1/8, 2/8, 3/8, 4/8, 5/8, 7/8, 8/8, 12/8 briefly announced by AS 23520 (today)

On Thu, 8 Jun 2006, Gadi Evron wrote: > > > I am happy folks like at RIPE and the IETF are looking at solutions, but > sBGP isn't a new idea, and well, how LONG have we been waiting for DNS-SEC > now? > which are completely orthogonal... and have seperate (very seperate) use cases, users, deplo

Re: 2006.06.05 NANOG-NOTES BGP tools BOF notes

On Wed, 7 Jun 2006, Bruno Quoitin wrote: > > Matthew Petach wrote: > > Q: Randy Bush. Common problem we all face. I'm at 42 > > peering points; my neighbors are X. I have route views > > dumps, I have my BGP dumps. I have my netflow data. > > Want a whatifatron that shows what happens to my >

Re: Notes from meeting [was: 2006.06.06 NANOG-NOTES CC1 ENUM LLC update]

On Thu, 8 Jun 2006, Patrick W. Gilmore wrote: > > On Jun 8, 2006, at 2:02 PM, Christopher L. Morrow wrote: > > On Thu, 8 Jun 2006, David Meyer wrote: > > > >> On Thu, Jun 08, 2006 at 01:39:41PM -0400, Alex Rubenstein wrote: > >>> > >>> > >&

Re: 2006.06.06 NANOG-NOTES CC1 ENUM LLC update

On Thu, 8 Jun 2006, David Meyer wrote: > On Thu, Jun 08, 2006 at 01:39:41PM -0400, Alex Rubenstein wrote: > > > > > > Tell you what -- I'd love to see this for every meeting, in some sore of > > official capacity. > > Seconded. I found the this especially useful as I was > unable to

Re: Is your ISP Influenza-ready?

On Mon, 17 Apr 2006, David W. Hankins wrote: > In a www.washingtonpost.com article: > > http://tinyurl.com/s2jpz > > It is said: > > President Bush is expected to approve soon a national pandemic > influenza response plan that identifies more than 300 specific > tasks fo

Re: OT: Xen

On Tue, 4 Apr 2006 [EMAIL PROTECTED] wrote: > On Mon, 03 Apr 2006 23:16:40 +0200, Peter Dambier said: > > > Best is: You dont run anything that is not needed. If you run only a > > single application, your system is not worth the time it takes to hack it :) > > For the benefit of people reading

Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow)

On Sat, 25 Mar 2006, Gadi Evron wrote: > > Brandon Butterworth wrote: > >>There are two exploit code samples I saw. There are two remote exploits > >>for one of them so far that are public that I know of. > > > > > > Please provide reference URLs or the code, if not then stop spreading FUD. > > N

Re: DNS TTL adherence

On Wed, 15 Mar 2006, Simon Waters wrote: > > > This behavior is unfortunately not unique. > > Alas what others peoples servers do, shouldn't be an issue for you. Your > problem is they can be coerced into a DoS attack, not that the data is stale. actually, dos-attack-aside, the interesting thin

Re: Wiltel has gone pink.

On Mon, 13 Mar 2006, Jo Rhett wrote: > I went through 4 levels of management, and was informed that they no longer > had an abuse team -- that this was disbanded in a recent reorganization. > > In short, it would appear that Wiltel is now selling pink contracts. > what? no more dave rossbach?

Re: Sales contact at MCI/UUNET?

pong I'll try to find you a sales-ish-person. On Wed, 8 Mar 2006, Drew Weaver wrote: > > I realize this is most likely off topic and is likely to get me > flamed but I am in desperate need of the contact information for someone > in sales or management at MCI/UUNET. We have been paying a r

RE: Italy orders ISPs to block sites

On Tue, 7 Mar 2006, Neil J. McRae wrote: > > Switzerland has made similar requests and ISPs in .CH have > deployed acl to block the sites and remove them from DNS. So long as there no criminal penalties associated with the half-assed solutions I suppose it doesn't really matter. Gov'ts will see

Re: Italy orders ISPs to block sites

On Mon, 6 Mar 2006, Owen DeLong wrote: > Singapore seems to force all of their ISPs to send all HTTP requests > through a proxy that has a set of rules defining sites you are not allowed > to visit. or comply in the other manner which is to null route the top 100 sites... but yes.

Re: Italy orders ISPs to block sites

On Tue, 7 Mar 2006, Marco d'Itri wrote: > > On Mar 06, Rodney Joffe <[EMAIL PROTECTED]> wrote: > > > It appears that Italy has ordered Italian ISPs to block access to a > > number of Internet Gambling sites. It would be interesting to see how > > the Italian ISPs are handling this, what with dyn

Re: shim6 @ NANOG

On Sun, 5 Mar 2006, Iljitsch van Beijnum wrote: > > Of course having a TCP session or the like change addresses halfway > through the session may throw stateful firewalls a bit. > I just love that shim6 basically == natv6... It WILL be implemented as such if available to folks in that manner. I d

Re: shim6 @ NANOG

(oh how I'm going to regret jumping into this conversation at point 'here' not at the beginning :( ) On Sun, 5 Mar 2006, Iljitsch van Beijnum wrote: > On 5-mrt-2006, at 5:48, Roland Dobbins wrote: > > > This fundamental misconception of the requirements of large > > enterprise customers should b

Re: DNS deluge for x.p.ctrc.cc

On Thu, 2 Mar 2006, Gadi Evron wrote: > apparently these amplification attacks have been going on for a while > now (i.e. "longer than we think"). yes, atleast 6 years... > > One good thing that may come out of this aside to dealing with badly > handled recursion is more attention to BCP38 now

Re: Quarantine your infected users spreading malware

On Wed, 1 Mar 2006, Jack Bates wrote: > Christopher L. Morrow wrote: > > > agreed, punting this problem to the helpdesk makes the helpdesk manager > > grab his gun(s) and find the security wonk that put a hurtin' on his > > numbers :) Also, it costs lots of money,

Re: Quarantine your infected users spreading malware

On Wed, 1 Mar 2006, JP Velders wrote: > > > Date: Tue, 28 Feb 2006 18:50:29 + (GMT) > > From: Christopher L. Morrow <[EMAIL PROTECTED]> > > To: nanog@merit.edu > > Subject: Re: Quarantine your infected users spreading malware > > &

Re: Quarantine your infected users spreading malware

ess even one way. So, saying 'it works' and 'it works for carriers' and 'yea us!' is not helpful, without some example of 'how' :( > - billn > > On Tue, 28 Feb 2006, Christopher L. Morrow wrote: > > > > > > > On Tue, 28 Feb 2006, Jim

Re: Quarantine your infected users spreading malware

On Tue, 28 Feb 2006, Jim Segrave wrote: > > www.quarantainenet.nl > > It puts them in a protected environment where they can get cleaned up > on-line without serious risk of re-infection. They can pop their > e-mail, reply via webmail, but they can't connect to anywhere except a > list of update

Re: DNS deluge for x.p.ctrc.cc

On Sun, 26 Feb 2006, Joe Abley wrote: > As a temporary mitigation tool today, when the volume of legitimate, > large-packet EDNS0 traffic is near-zero, blocking big 53/udp packets > might *sound* reasonable. However, we all know how permanent how are you certain that the udp/53 1500 byte packet

RE: Transit LAN vs. Individual LANs

On Sat, 25 Feb 2006, Neil J. McRae wrote: > > > An argument could be made for individual VLANs to keep things > > like b- cast storms isolated. But I think the additional > > complexity will cause more problems than it will solve. > > Vlans will not stop all typres of broadcast storm. > So, p

Re: anybody here from verizon's e-mail department?

On Wed, 22 Feb 2006, Suresh Ramasubramanian wrote: > > http://www.irbs.net/internet/nanog/0312/0009.html message 2 on that page is interesting: (and apropos to previous threads) http://www.irbs.net/internet/nanog/0312/0008.html

Re: and here are some answers [was: Quarantine your infected users spreading malware]

On Mon, 20 Feb 2006, Rob Thomas wrote: > > Hey, Bill. > > ] wht is the mean-time-to-infection for a stock windows XP system > ] when plugged intot he net?... 2-5minutes? you can't get patches > ] down that fast. > > The same case can be made for Linux and Unix-based web servers with

Re: Disaster recovery using as-prepend?

On Fri, 17 Feb 2006, Warren Kumari wrote: > On Feb 17, 2006, at 1:25 PM, Christopher L. Morrow wrote: > > > I might be crazy, but couldn't you just prepend the route enough to > > effectively poison it at ingress to 'backup-isp' ? so they kept > > chosi

Re: Disaster recovery using as-prepend?

On Fri, 17 Feb 2006, Todd Vierling wrote: > > On Thu, 16 Feb 2006, Warren Kumari wrote: > > > If your primary is connected to ISP_A and the backup is connected to ISP_B, > > customers connected to ISP_B MAY still flow to your backup DC (ISP_B will > > probably set local preference on all customer

Re: (OT) VERIZON NOC CONTACT PLEASE!!!

On Wed, 15 Feb 2006, Rich Sena wrote: > > All other flame away... http://puck.nether.net/netops/nocs.cgi?ispname=Verizon or did this not work? or were you looking for the fUUNET NOC?

Re: IRS goes IPv6!

On Tue, 14 Feb 2006, Jeroen Massar wrote: > I Ar Es, > > At least they have received the 2610:30::/32 allocation from ARIN. > Lets see if they how taxing they find IPv6 ;) so.. this is surprising why? the us-gov mandate for ipv6 uptake will mean lots of us-gov folks will be spinning up justific

Re: AT&T (AS7018) customer triggered blackhole routing?

On Thu, 9 Feb 2006, Jon Lewis wrote: > > On Wed, 8 Feb 2006, A Satisfied Mind wrote: > > > Does anyone know if AT&T (the old one, AS7018) has customer trigged > > blackhole routing? I looked in the copy of the BGP policy I have > > from 04/2005, and see nothing about it, and cannot find the up

Re: So -- what did happen to Panix?

On Tue, 7 Feb 2006, Nick Feamster wrote: > As an aside, another question occurred to me about delaying unusual > announcements. Boeing Connexion offers another example of unorthodox > prefix announcements. Wouldn't the tactic of delaying unusual > announcements would cause problems for this s

Re: CAUTION: Potentially Dumb Question...

On Mon, 6 Feb 2006, Randy Bush wrote: > > > I'm interested in responses to this ... MPLS is still a four letter word > > .. :) > > > here's me hiding this article from 'management' who are again chasing the 'converged' network :( In some c

Re: Interesting netflow entry

On Tue, 7 Feb 2006, Bill Nash wrote: > Erm, that seems kind of low. Flow volume for two 6509s in what I consider > a small to medium size hosting site, with about 6+ gigs of differentiated > egress generates more than 8 to 9 *thousand* flows per second, and that's > after discard incomplete tcp

Re: So -- what did happen to Panix?

On Fri, 3 Feb 2006, Josh Karlin wrote: > > Our primary concern is with keeping BGP stable until its replacement > (e.g. sBGP) is ready for deployment. > veering off course for a tick: "I wonder how well sbgp/sobgp will behave in a world of 1million routes in the DFZ? 5 million? 10? 20?... " Som

Re: So -- what did happen to Panix?

On Mon, 30 Jan 2006 [EMAIL PROTECTED] wrote: > > > > Wouldn't a well-operated network of IRRs used by 95% of > > > network operators be able to meet all three of your > > > requirements? > > > > We have such a database (used by Verio and others), but the Panix > incident > > happened anyway due

RE: Anyone heard of INOC-DBA?

On Sat, 4 Feb 2006, Henry Linneweh wrote: > > The only reference I see to this, is this non profit > research org > www.pch.net/inoc-dba/ > and a Nanog reference page to the same thing > http://www.nanog.org/mtg-0505/upadhaya.html > that would be it... I'm sure that, aside from the presentation

Re: Anyone heard of INOC-DBA?

On Fri, 3 Feb 2006, Richard A Steenbergen wrote: > And then of course there is that whole "using the IP network to contact > someone about an IP network issue" thing that doesn't seem terribly well > thought out... Admittedly I haven't looked at the INOC-DBA stuff in a > while, there could have

Re: Yahoo, Google, Microsoft contact?

On Fri, 3 Feb 2006, Richard Cox wrote: > > On Fri, 03 Feb 2006 12:42:04 -0500 > Martin Hannigan <[EMAIL PROTECTED]> wrote: > > > I'd like to see evidence that there is a problem. For example, don't > > see why these worm lists couldn't have just gone to the abuse address. > > Of course that's th

RE: Yahoo, Google, Microsoft contact?

On Fri, 3 Feb 2006, Ivan Groenewald wrote: > > Earlier, Valdis scribbled: > > There's also the deeper question: Why do we let the situation persist? > Why do we tolerate the continued problems from unreachable companies? > >(And yes, this *is* an operational issue - what did that 4 hours on the

Re: Yahoo, Google, Microsoft contact?

On Fri, 3 Feb 2006, Per Heldal wrote: > > On Thu, 02 Feb 2006 22:39:59 -0500, [EMAIL PROTECTED] said: > > On the other hand, he *does* have a valid point. Why *do* we keep seeing > > queries for the same networks? > > Because no-one has the balls to punish them in a way that really hurt > their

Re: Split flows across Domains

On Tue, 24 Jan 2006, Joe Abley wrote: > > On 24-Jan-2006, at 12:07, Robert E.Seastrom wrote: > > > He said "via two different autonomous domains", which I took to mean > > two upstreams... and my understanding is that (on ciscos anyway) > > you're talking per-packet, not per-flow load balancing.

Re: Split flows across Domains

On Tue, 24 Jan 2006, Robert E.Seastrom wrote: > > > Glen Kent <[EMAIL PROTECTED]> writes: > > > For example, an ISP can learn two different equal cost routes to a > > foo.com server via two different autonomous domains. It can thus split > > different flows (based on src-dest IP, src-dest Port,

Re: AW: Odd policy question.

On Fri, 13 Jan 2006, Jeffrey I. Schiller wrote: > > Let me attempt to bring this back to the policy question. > > Does someone have the *right* to put one of your IP addresses as an NS > record for their domain even if you do not agree? Probably this is a multifaceted question :( So.. If I unde

Re: BLS FastAccess internal tech needed

On Fri, 13 Jan 2006, Fergie wrote: > > RFC2827/BCP38? > not exactly... though most likely 2827 would have helped. Our abuse folks called it 'fantasy mail' ... Spammer signs up for 'fast' link with someone, uses a farm of juno dial (or netzero or... you get the point) accounts to make a large n

Re: Is my router owned? How would I know?

On Thu, 12 Jan 2006, Martin Hannigan wrote: > If we accept the "clue" problem as the solution, I think we > accept the fact that we condone the vendor not having secure > solutions. That may be fine for our new colleague the 'security vendors should always, or be beatten about the head/shoulder

Re: QWest is having some pretty nice DNS issues right now

On Mon, 9 Jan 2006, Randy Bush wrote: > > It seems like maybe that is all too common. Are the 'best practices' > > documented for Authoritative DNS somewhere central? > > 2182 yes, yes.. people who care (a lot) have read this I'm sure... I was aiming a little lower :) like folks that have enter

Re: QWest is having some pretty nice DNS issues right now

On Mon, 9 Jan 2006 [EMAIL PROTECTED] wrote: > On Mon, Jan 09, 2006 at 05:30:12PM +0000, Christopher L. Morrow wrote: > > > > On Mon, 9 Jan 2006, Simon Waters wrote: > > > > > > > > On Saturday 07 Jan 2006 02:54, you wrote: > > > > &g

Re: QWest is having some pretty nice DNS issues right now

On Mon, 9 Jan 2006, Simon Waters wrote: > > On Saturday 07 Jan 2006 02:54, you wrote: > > > > While it's tempting to make fun of Qwest here, variations on this theme - > > I do agree the management issue with DNS are far harder, and here longer TTL > are a double edged sword. But it is hard to

Re: QWest is having some pretty nice DNS issues right now

On Fri, 6 Jan 2006, Wil Schultz wrote: > > Well, that would explain it, make me feel better that they took > themselves out as well: > > -bash-2.05b$ dig qwest.com > ; <<>> DiG 9.3.1 <<>> qwest.com > ;; global options: printcmd > ;; connection timed out; no servers could be reached > not anyca

Re: Fwd: [OCCAID] 6bone addresses going away in June

On Fri, 6 Jan 2006, eric wrote: > > Enough talk about viruses and unpatched hosts! Maybe if we try hard > enough, we can create a Y2K syndrome for the removal of 3ffe:: from global > routing? > guess terado services will get a facelift then too? (since they require/use the 3ffe range for comms)

Re: Sprint routing issue

On Tue, 3 Jan 2006, Joseph W. Breu wrote: > > Can someone from Sprint NOC contact me offlist regarding a routing issue? > one presumes you already tried: http://puck.nether.net/netops/nocs.cgi?ispname=sprint and I'm guessing you have a customer contact number since you appear to be a sprint c

Re: Bogon stupidity... warning... operational post.

On Thu, 22 Dec 2005, Daniel Golding wrote: > On 12/22/05 1:35 PM, "Christopher L. Morrow" <[EMAIL PROTECTED]> > wrote: > > > > > 'most serious problem in months' ... this has happened in smaller chunks > > during the past 'months&

Re: Bogon stupidity... warning... operational post.

On Thu, 22 Dec 2005, william(at)elan.net wrote: > > > On Thu, 22 Dec 2005, Robert Boyle wrote: > > > At 12:56 PM 12/22/2005, you wrote: > > P.S. 204/8 was not the only problem, there were problems with 128/8 and > >> 133/8 as well so my apologies to people who may have noticed problems > >> over

RE: The Qos PipeDream [Was: RE: Two Tiered Internet]

On Fri, 16 Dec 2005, Min Qiu wrote: > Hi Chris, > hey :) > > -Original Message- > From: [EMAIL PROTECTED] on behalf of Christopher L. Morrow > Sent: Thu 12/15/2005 10:29 PM > To: John Kristoff > Cc: nanog@merit.edu > Subject: Re: The Qos PipeDream [W

Re: The Qos PipeDream [Was: RE: Two Tiered Internet]

On Fri, 16 Dec 2005, Christopher L. Morrow wrote: > > http://www.secsup.org/files/dmm-queuing.pdf > oh firstgrad spelling where ahve you gone? also at: http://www.secsup.org/files/dmm-queueing.pdf incase you type not paste.

  1   2   3   4   5   6   7   8   >