Re: VOIP and QOS across local network and the Internet

2007-05-15 Thread Neal Rauhauser
I've thought long and hard about this, mostly from the perspective of regional ILECs too small to implement MPLS. QoS should be sold in 80k 'channel' increments. You, the carrier, don't care what the customer is marking as DSCP EF, you just accept and accelerate the first 80k x number

oversubscribed ports for Juniper are a new feature

2007-05-14 Thread Neal Rauhauser
If you read up on juniper.net you'll see that in addition to the one gigabit port PIC there is now a card with four SFP ports but only a gigabit available via the backplane slot. This oversubscription of the slot is good when you have several little switches you wish to drive and don't

Juniper M10i sufficient for BGP, or go with M20?

2007-05-13 Thread Neal Rauhauser
I don't know much about Juniper but I'm about to learn with a new job. If I'm going to take full routes from a couple of upstreams and have a couple of peers will the M10i (768M max) be enough or is the M20 (2048M max) a better choice. Layout here is such that I'd expect to use a single

No Verizon ethernet @ 505 Marquette in ABQ?

2007-05-13 Thread Neal Rauhauser
There is really no ethernet connectivity to Verizon (UUNet) in the 505 Marquette building in ABQ? That seems very, very strange to me this late in the game ... can anyone confirm/deny this for me?

Re: Juniper M10i sufficient for BGP, or go with M20?

2007-05-13 Thread Neal Rauhauser
M7i is a very, very attractive lab/spare box, but this company wants carrier class - dual engine M10i are the minimum. John Crain wrote: You might even consider the m7i they can use the same cards JC On May 13, 2007, at 3:26 PM, Joe Abley wrote: On 13-May-2007, at 15:33, Neal

Sprint internal inconsistency?

2006-04-16 Thread neal rauhauser
AS16604 works fine, AS 22663 does not. I've picked at this for several hours this AM - looks very much like 22663's serial interface, 144.232.250.20/30, is blackholed somewhere inside Sprint. I got a tech who is trying to help, but he is the guy who got stuck with Easter Sunday ...

Re: Sprint internal inconsistency?

2006-04-16 Thread neal rauhauser
for that /30. Hopes this helps. -Justin On Sun, 16 Apr 2006, neal rauhauser wrote: AS16604 works fine, AS 22663 does not. I've picked at this for several hours this AM - looks very much like 22663's serial interface, 144.232.250.20/30, is blackholed somewhere inside Sprint. I got

BGP contact at McLeod?

2006-04-09 Thread neal rauhauser
I've got a customer terminating a McLead and a Sprint DS3 on a single 7507. I'm preparing to break this up into two border routers and I'm a little puzzled by the choice to force router ID to be the IP address of the customer's side of the McLeod DS3. The machine didn't have a loopback

Which Cisco 7500 OS for high availability

2006-04-09 Thread neal rauhauser
If I'm going to do high availability with Cisco 75xx running RSP4s which OS is the best? I picked 12.2.34 as being most stable for BGP features, but I'm just starting on the HA stuff and I don't see any of the redundancy knobs in this version of the OS. -- mailto:[EMAIL PROTECTED] //

Re: Fire in bakery fries fiber optic cable

2006-03-26 Thread neal rauhauser
The fiber cable hit by bullet was in New Jersey if I'm recalling correctly ... this was maybe four or five years ago. If memory serves (and forty *is* uncomfortably close) this was part of a cable modem plant. Mark Smith wrote: On Sat, 25 Mar 2006 18:16:34 -0500 Aaron Gagnier [EMAIL

my favorite DR story

2006-03-26 Thread neal rauhauser
http://www.flickr.com/photos/avyakata/67337020/ This is Manion's Auction House in Kansas City, Kansas. The photo was taken the day after an F3 tornado went over the top of the site. The smooth, gray rectangle just below the trailer is not parking ... that is the floor of what used to be

Re: Network graphics tools

2006-03-21 Thread neal rauhauser
Mechanical pencil, a sheet of paper for a straight edge, and a penny when you want to make a proffesional looking round object. I publish to Flickr using macro mode on my Fuji Finepix 5100 to make the picture. No little Cisco hockey puck stencils, but last year when I sketched a

eastern Nebraska regional service problem (Sprint, ATT, Qwest transport?)

2006-02-07 Thread neal rauhauser
I'm talking to an ISP in eastern Nebraska who has a DS3 to Sprint. They've got a peer they tie to with private fiber. That peer has a DS3 from ATT. Both normally see 20ms response times on pings from their border routers to the carrier router. Since last Thursday the Sprint connected

Re: Microwave link security.

2005-10-22 Thread Neal Rauhauser
If it is a high value target (government, banking, etc) you should deploy a layer 3 security solution such as IPsec between the end points. If the solution is based on a proprietary bridge radio where the only method of snooping is to have a development version of the radio ... well ...

Re: This may be stupid but..

2003-11-11 Thread neal rauhauser
Doug, Don't tease - you absolutely owe us the full text of the response from the fellow who was upset about your asking for a public SSH key as part of the interview process. Neal Doug Luce wrote: I rely on recruiters to funnel applicants to the company. I also

Re: This may be stupid but.

2003-11-11 Thread neal rauhauser
Position so you want my public ssh key or you won't consider me for you're position?? FUCK YOU!!! how's that On Mon, 10 Nov 2003, neal rauhauser wrote: Doug, Don't tease - you absolutely owe us the full text of the response from the fellow who was upset about your asking

Blacklisting: obvious P2P app

2003-09-24 Thread neal rauhauser
It has been mentioned in other places on the net (ok, yammerings on slashdot, but this made a bit of sense) that blacklisting is a perfect P2P application. Each mailserver could keep a cryptographically verified list, the list is distributed via some P2P mechanism, and DoS directed at

Re: VeriSign SMTP reject server updated

2003-09-20 Thread neal rauhauser
Oh come on people, this guy *implements* stuff. Here he is on the list describing how he has implemented something to alleviate the problems caused by PHBs at Verisign. ISC bind mods, ICANN displeasure, and other sources of pressure will either remove this issue or make it irrelevant.

Re: Worst design decisions? (Cisco 4x00 rails)

2003-09-18 Thread neal rauhauser
Cisco 4x00 frame rails are the king - bend 'em and you'll be using a chisel to open the metal chassis so you can remove the NPs. I've still got a 4000 around here somewhere that was shuffled to lab duty after I did surgery on it with a large cold chisel mallet. Matt wrote: Hello all,

Sprint NOC? Are you awake now?

2003-08-29 Thread neal rauhauser
I've just upgraded a Cisco 7206 for a customer with a DS3 and we're now ready to take full routes. No one is answering at support, email has gone unanswered for thirty minutes - if someone at the Sprint NOC is awake please call Neal or Mike at 402-426-6136 - we'd really like to get this done

Re: Sprint NOC? Are you awake now?

2003-08-29 Thread neal rauhauser
: On Fri Aug 29, 2003 at 04:10:27AM -0500, neal rauhauser wrote: I've just upgraded a Cisco 7206 for a customer with a DS3 and we're now ready to take full routes. No one is answering at support, email has gone unanswered for thirty minutes - if someone at the Sprint NOC is awake please

OK! Its fixed! Sprint folks - can you help?

2003-08-27 Thread neal rauhauser
Geez, all I wanted was a little help, and I get pounced on by a platoon of eager Sprint BGP gurus. The desired filter change, it is done, and Sprint, who has always been my first choice as a provider, just lengthened their lead a little more. neal rauhauser wrote: I could

Sprint folks - can you help?

2003-08-27 Thread neal rauhauser
I could really use an assist from someone at Sprint - I'm a consultant for an AS that receives service from two ISPs who peer with Sprint. One of them is a healthy regional who listens to me about BGP, the other, well, I wish them the best of luck, but we really, really, really want to put a

Re: Cisco OC-3c card question

2003-08-22 Thread neal rauhauser
PA-POS for OC3-c can be pretty expensive - $3000 or so. If you don't mind the cell tax the PA-A1-OC3 are only $500 or so but I'm not sure if they ever made a VXR model of this card. The PA-A3-OC3 are about $1000. The difference between the PA-A1 and PA-A3, besides the possible VXR/non VXR

email virus == over the top

2003-08-21 Thread neal rauhauser
No one loves me and I don't get much email from the folks who tolerate me. I just got back from having lunch with some guys who tolerate me and I found scads of messages from all over -the funniest among the bunch for our Nanog readers: user@cisco.com user@tacnet.com user@wcom.com

Re: email virus == over the top

2003-08-21 Thread neal rauhauser
I prefer to think of it as having evolved to a higher plane of existence :-) [EMAIL PROTECTED] wrote: On Thu, 21 Aug 2003 10:10:12 CDT, neal rauhauser [EMAIL PROTECTED] said: No one loves me and I don't get much email from the folks who tolerate me. I just got back from having

firewall == network diaper, ranting in HTML

2003-08-14 Thread neal rauhauser 402-301-9555
perfectly functional adult alternatives exist. I'd really like to get down and roll in the muck with you guys, but I'm busying replacing M$ systems with FreeBSD 4.8 ... - Original Message - From: neal rauhauser 402-301-9555 To: Måns Nilsson ; [EMAIL PROTECTED] Sent: Wednesday

Re: a list of hosts in a RPC BOTNET, mostly 209.x.x.x,

2003-08-14 Thread neal rauhauser 402-301-9555
Someone has changed the channel topic to CLOSED, Thanks for the post to NANOG :-( But I don't see hosts being k-lined - I imagine if IRCops took an interest in this they'd be lopping off heads. The controlling node for this problem seems to be: spaley [EMAIL PROTECTED] But the

Re: Port blocking last resort in fight against virus

2003-08-14 Thread neal rauhauser 402-301-9555
Måns Nilsson wrote: Firewalls are a patch to broken network application architechture. If your applications would have been properly designed, you would not have the need for firewalls. They are for perimeter defence only anyway. Right on - if you can't plug a machine directly in to