Apologies for top posting, but my response is a little long long...
I wouldn't be too concerned about the multi-hop as there're many reasons why
they might do that, but a week out and it's still not working? It's all about
customer service. Are they giving you the appropriate level of servic
On Jan 21, 2009, at 12:25 AM, mike wrote:
So I am just wondering what my expecations should be in a bgp
peering scenario where I am multihomed with my own ASN and arin
assigned ip space. At issue is the fact that my backup isp forced me
to use ebgp multihop to peer with a router internal to
On Jan 20, 2009, at 7:40 PM, Adrian Chadd wrote:
On Tue, Jan 20, 2009, Patrick W. Gilmore wrote:
Define "cached".
For instance, most of the video today (which apparently had 12 zeros
in the bits per second number) was "cached", if you ask the CDNs
serving it.
Sounds to me like that is signifi
Hello,
So I am just wondering what my expecations should be in a bgp peering
scenario where I am multihomed with my own ASN and arin assigned ip
space. At issue is the fact that my backup isp forced me to use ebgp
multihop to peer with a router internal to their network and not the
border rou
During the inauguration our traffic was higher than normal, but levels only
reached our average daily peak. More specifically, we climbed to our
average daily peak earlier than normal, and it stayed at a sustained rate,
but it didn't break any records here.
Frank
-Original Message-
From:
Quoting Chris Adams :
Once upon a time, j...@miscreant.org said:
I've also noticed that on a server running BIND 9.3.4-P1 with
recursion disabled, they're still appear to be getting the list of
root NS's from cache, which is a 272-byte response to a 61-byte
request, which by my definition is a
In message <20090121140825.xwdzd4p64kgwo...@web1.nswh.com.au>, j...@miscreant.or
g writes:
> > On Tue, Jan 20, 2009 at 9:16 PM, Kameron Gasso wro=
> te:
>
> > We're also seeing a great number of these, but the idiots spoofing the
> > queries are hitting several non-recursive nameservers we host
Once upon a time, j...@miscreant.org said:
> I've also noticed that on a server running BIND 9.3.4-P1 with
> recursion disabled, they're still appear to be getting the list of
> root NS's from cache, which is a 272-byte response to a 61-byte
> request, which by my definition is an amplificat
On Tue, Jan 20, 2009 at 9:16 PM, Kameron Gasso wrote:
We're also seeing a great number of these, but the idiots spoofing the
queries are hitting several non-recursive nameservers we host - and only
generating 59-byte "REFUSED" replies.
Looks like they probably just grabbed a bunch of DNS host
Once upon a time, Kameron Gasso said:
> Fortunately, the spoofed queries are 60 bytes and my REFUSED responses
> are only 59, so it's a terribly inefficient way to DoS someone.
> However, I never said that the DDoS kiddies were smart - doesn't seem to
> be stopping them from trying. :(
Well, it s
On Tue, Jan 20, 2009 at 9:35 PM, Kameron Gasso wrote:
> Fortunately, the spoofed queries are 60 bytes and my REFUSED responses
> are only 59, so it's a terribly inefficient way to DoS someone.
bind has a 'blackhole' capabilty... which doesn't seem to reply with
anything (from my quick testing)
Christopher Morrow wrote:
> a point to bear in mind here is that... 'its working' is good enough
> for the bad folks :( no need to optimize when this works. Also, it's
> likely this isn't all of the problem the spoofed requestors are seeing
> these past few days :(
Unfortunately, I can't restrict
On Tue, Jan 20, 2009 at 9:16 PM, Kameron Gasso wrote:
> We're also seeing a great number of these, but the idiots spoofing the
> queries are hitting several non-recursive nameservers we host - and only
> generating 59-byte "REFUSED" replies.
>
> Looks like they probably just grabbed a bunch of DN
Wil Schultz wrote:
> Anyone else noticing "." requests coming in to your DNS servers?
>
> http://isc.sans.org/diary.html?storyid=5713
>
> I'm seeing them coming from the following addresses in my ns server logs.
>
> 69.50.142.110
> 69.50.142.11
> 76.9.16.171
> 66.230.128.15
> 66.230.160.1
We're
In message <20090120233128.gi15...@isc.org>, "David W. Hankins" writes:
>
> --J+eNKFoVC4T1DV3f
> Content-Type: text/plain; charset=us-ascii
> Content-Disposition: inline
> Content-Transfer-Encoding: quoted-printable
>
> On Tue, Jan 20, 2009 at 12:54:32PM -0800, Wil Schultz wrote:
> > Anyone else
On Tue, Jan 20, 2009, Patrick W. Gilmore wrote:
> Define "cached".
>
> For instance, most of the video today (which apparently had 12 zeros
> in the bits per second number) was "cached", if you ask the CDNs
> serving it.
>
> Sounds to me like that is significant, no matter how big your netwo
Hum... whats the wholesale cost of 10G/byte connection?
And what would the cost of a zetabyte connection cost at todays rates?
me thinks Pres Obama's USD 825B package is way too small - or the cost
per G/Byte is going to drop a lot... if the traffic loads keep up.
--bill
On Tue, Jan 20, 2009 at 06:49:14PM -0500, Joe Abley wrote:
>
> On 2009-01-20, at 18:37, Marshall Eubanks wrote:
>
> >Less and less would be my estimate. How much video is cached ? How
> >much P2P is cached ?
>
> If you asked Akamai, Limelight and friends, they might tell you that
> 100% of i
On 2009-01-20, at 18:37, Marshall Eubanks wrote:
Less and less would be my estimate. How much video is cached ? How
much P2P is cached ?
If you asked Akamai, Limelight and friends, they might tell you that
100% of important video is cached. And viewed from some angles, every
peer who rec
On Jan 20, 2009, at 6:37 PM, Marshall Eubanks wrote:
to play devils advocate, how much impact does caching have
on the total traffic flow anyway?
Less and less would be my estimate. How much video is cached ? How
much P2P is cached ?
Define "cached".
For instance, most of
On Jan 20, 2009, at 6:31 PM, bmann...@vacation.karoshi.com wrote:
"Cisco VNI projections indicate that IP traffic will increase at a
combined
annual growth rate (CAGR) of 46 percent from 2007 to 2012, nearly
doubling
every two years. This will result in an annual bandwidth demand on
the
wo
> "Cisco VNI projections indicate that IP traffic will increase at a combined
> annual growth rate (CAGR) of 46 percent from 2007 to 2012, nearly doubling
> every two years. This will result in an annual bandwidth demand on the
> world's IP networks of approximately 522 exabytes2, or more than half
On Tue, Jan 20, 2009 at 12:54:32PM -0800, Wil Schultz wrote:
> Anyone else noticing "." requests coming in to your DNS servers?
>
> http://isc.sans.org/diary.html?storyid=5713
I was surprised to see 'amplification' in the subject line here, since
on my nameservers my replies are of equal length to
hi,
On 20.01.2009 21:54, Wil Schultz wrote:
http://isc.sans.org/diary.html?storyid=5713
I'm seeing them coming from the following addresses in my ns server logs.
69.50.142.110
69.50.142.11
76.9.16.171
66.230.128.15
66.230.160.1
counting 319149 denied queries for './NS/IN' since 2008-01-01, i
You guys might want to be aware that isprime.com (I am not affiliated or
representing them, just passing on info since friends and I noticed this)
is actively under a DOS where lots of people's dns servers around the world
are being queried with bogus sourced dns requests not from port 53 for
'NS?
Anyone else noticing "." requests coming in to your DNS servers?
http://isc.sans.org/diary.html?storyid=5713
I'm seeing them coming from the following addresses in my ns server
logs.
69.50.142.110
69.50.142.11
76.9.16.171
66.230.128.15
66.230.160.1
-wil
Alex H. Ryu wrote:
> Probably IP v4 address runout may not affect for traffic amount that much.
> Since people will use NATing for saving IP addresses, and IPv6 will be
> slowly take some traffic for that matter.
>
> It's more of the cost of bandwidth, and the application people uses.
>
>
As I
On Jan 20, 2009, at 2:58 PM, Mikael Abrahamsson wrote:
On Tue, 20 Jan 2009, Paul Vixie wrote:
"Cisco VNI projections indicate that IP traffic will increase at a
combined
annual growth rate (CAGR) of 46 percent from 2007 to 2012, nearly
doubling
every two years. This will result in an annual
On Jan 20, 2009, at 11:52 AM, Randy Bush wrote:
On 09.01.21 04:48, Paul Vixie wrote:
"Cisco VNI projections indicate that IP traffic will increase at a
combined
annual growth rate (CAGR) of 46 percent from 2007 to 2012
i.e. about the same as it has been. deep shock.
randy
With no bump
We wholesale to a lot of regional and local ISPs as well as several higher
education institutions here in Washington State. It was interesting to see
the breakdown of traffic increases between types of customers. We saw around
2.5x the amount of traffic towards most of these customers as nor
On Tue, Jan 20, 2009 at 12:50 PM, Ren Provo wrote:
> BitGravity did a great job.
Nearly every major CDN or web host was involved with the inauguration
in some manner, with no reported issues to speak of.
Some "facilities-based" providers even placed infrastructure with
their competitors to be ex
On Tue, 20 Jan 2009, Paul Vixie wrote:
"Cisco VNI projections indicate that IP traffic will increase at a combined
annual growth rate (CAGR) of 46 percent from 2007 to 2012, nearly doubling
every two years. This will result in an annual bandwidth demand on the
world's IP networks of approximatel
Thanks, I've been bounced between that number and another customer
service line for a week.
I believe I've received enough replies from the community that I might
get somewhere this month :)
Thanks all for the replies and assistance.
-Original Message-
From: Paul Wall [mailto:pauldotw...
On Tue, Jan 20, 2009 at 1:35 PM, Darryl Dunkin wrote:
> Their support has been really giving me the run-around and is cluelessly
> sending me from department to department. Does anyone have a good NOC
> contact for them? I have one of their downstream customers hijacking
> some of my IP space and
On 09.01.21 04:48, Paul Vixie wrote:
"Cisco VNI projections indicate that IP traffic will increase at a combined
annual growth rate (CAGR) of 46 percent from 2007 to 2012
i.e. about the same as it has been. deep shock.
randy
Cell networks held up reasonably well for voice, though SMS and MMS
delivery times approached an hour during the event. Switch load in
almost the entire US was higher than midnight on New Years (which is
generally the highest load of the year).
Our network has been preparing since June, and I assu
"Cisco VNI projections indicate that IP traffic will increase at a combined
annual growth rate (CAGR) of 46 percent from 2007 to 2012, nearly doubling
every two years. This will result in an annual bandwidth demand on the
world's IP networks of approximately 522 exabytes2, or more than half a
zetta
Better question is how well the cell systems are holding up in DC today???
But, that is slightly OT.
-Mike
On Tue, Jan 20, 2009 at 11:24 AM, Fred Heutte wrote:
> Normally I wouldn't do this but given that it's of-the-moment...
>
> fh
>
> -
>
>
> http://www.salon.com/tec
Normally I wouldn't do this but given that it's of-the-moment...
fh
-
http://www.salon.com/tech/giga_om/online_video/2009/01/20/a_quick_review_of_obamas_inauguration_streams/
Tuesday, January 20, 2009 08:02 PST
A Quick Review of Obamas Inauguration Streams
By Chris Albr
Their support has been really giving me the run-around and is cluelessly
sending me from department to department. Does anyone have a good NOC
contact for them? I have one of their downstream customers hijacking
some of my IP space and they don't really care as I am not a direct
customer of theirs.
On Tue, Jan 20, 2009 at 4:23 PM, Jeff Kell wrote:
>
> Mostly udp/8247 for the streaming (CNN). But oddly enough, for a given
> client, more outbound traffic than inbound. Streaming gone peer-to-peer?
>
> Jeff
CNN is using Octoshape's P2P plug-in with Flash.
Marcello Azambuja
--- j...@west.net wrote: ---
From: Jay Hennigan
We're a regional ISP, about 80% SMB 20% residential. We're seeing
almost double our normal downstream traffic right now. Anyone else?
Not much of a traffic boost here in Hawaii as it happened at 7
Jay Hennigan wrote:
> We're a regional ISP, about 80% SMB 20% residential. We're seeing
> almost double our normal downstream traffic right now. Anyone else?
Yes, tres beaucoups.
Mostly udp/8247 for the streaming (CNN). But oddly enough, for a given
client, more outbound traffic than inbound.
> >
> > We're a regional ISP, about 80% SMB 20% residential. We're seeing
> > almost double our normal downstream traffic right now. Anyone
> else?
> >
> > --
> > Jay Hennigan - CCIE #7880 - Network Engineering - j...@impulse.net
> > Impulse Internet Service - http://www.impulse.net/
> > Your
Thank you both. Strict mode uRPF was indeed the problem. Took awhile for
them to fix it for me, but at least it's fixed.
-- am
Anders Lindbäck wrote:
On 7 jan 2009, at 21.05, Niels Bakker wrote:
* aaron.milli...@bright.net (Aaron Millisor) [Wed 07 Jan 2009, 20:53
CET]:
[..]
If I were to pre
> -Original Message-
> From: Jay Hennigan [mailto:j...@west.net]
> Sent: Tuesday, January 20, 2009 12:21 PM
> To: nanog@nanog.org
> Subject: Inauguration streaming traffic
>
> We're a regional ISP, about 80% SMB 20% residential. We're seeing
> almost double our normal downstream traffic r
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
We're seeing more TCP1935 than UDP8247.
http://ct-mail.cites.uiuc.edu/~hardenrm/graphs/Peakflow-1.png
/Ryan
Harry Hoffman wrote:
> Yep, most seems to be port 8247. Which seems to be CNN streaming
> service.
>
> And yay for the p2p options now in fl
BitGravity did a great job.
On Tue, Jan 20, 2009 at 12:38 PM, Christopher Morrow <
morrowc.li...@gmail.com> wrote:
> As an aside... thanks to BBC for streaming this, I couldn't find
> another source that wasn't overloaded/jerky/ugly :(
>
> Thanks Brandon.
>
> -Chris
>
>
On Tue, Jan 20, 2009 at 12:26 PM, Brian Wallingford wrote:
> On Tue, 20 Jan 2009, Jay Hennigan wrote:
>
> :We're a regional ISP, about 80% SMB 20% residential. We're seeing
> :almost double our normal downstream traffic right now. Anyone else?
>
> We're seeing traffic levels nearly 2x normal. O
Yep, most seems to be port 8247. Which seems to be CNN streaming
service.
And yay for the p2p options now in flash... nothing like that to make it
look like a comp'd system/attack.
--Harry
On Tue, 2009-01-20 at 12:24 -0500, Patrick Muldoon wrote:
> On Jan 20, 2009, at 12:20 PM, Jay Hennigan wro
On Tue, 20 Jan 2009, Jay Hennigan wrote:
:We're a regional ISP, about 80% SMB 20% residential. We're seeing
:almost double our normal downstream traffic right now. Anyone else?
We're seeing traffic levels nearly 2x normal. On 9/11/01, we were
probably only about 50% higher than the norm. Of c
Jay Hennigan wrote:
We're a regional ISP, about 80% SMB 20% residential. We're seeing
almost double our normal downstream traffic right now. Anyone else?
Ditto. I'm suddenly glad we paid for that "burstable" option :)
David Smith
MVN.net
On Jan 20, 2009, at 12:20 PM, Jay Hennigan wrote:
We're a regional ISP, about 80% SMB 20% residential. We're seeing
almost double our normal downstream traffic right now. Anyone else?
We are seeing about 150% increase in traffic as well.
-Patrick
--
Patrick Muldoon
Network/Software Engi
At 12:20 PM 1/20/2009, Jay Hennigan wrote:
We're a regional ISP, about 80% SMB 20% residential. We're seeing
almost double our normal downstream traffic right now. Anyone else?
Yes, close to double normal traffic here in south-west Ontario, Canada.
---Mike
Yes, pretty well everyone else. :-)
On Tue, Jan 20, 2009 at 09:20:40AM -0800, Jay Hennigan wrote:
> We're a regional ISP, about 80% SMB 20% residential. We're seeing
> almost double our normal downstream traffic right now. Anyone else?
>
> --
> Jay Hennigan - CCIE #7880 - Network Engineering
We're a regional ISP, about 80% SMB 20% residential. We're seeing
almost double our normal downstream traffic right now. Anyone else?
--
Jay Hennigan - CCIE #7880 - Network Engineering - j...@impulse.net
Impulse Internet Service - http://www.impulse.net/
Your local telephone and internet com
On Tue, Jan 20, 2009 at 01:01:03PM +0100, Mikael Abrahamsson wrote:
>> have been able to demonstrate that a device running Cisco IOS release
>> 12.0(32)S12 behaves as per this description.
>
> Has anyone looked into IOS XR behaviour, if it's the same as 12.0(32)S12?
Mikael,
Pierfrancesco Caci w
have been able to demonstrate that a device running Cisco IOS release
12.0(32)S12 behaves as per this description.
Has anyone looked into IOS XR behaviour, if it's the same as 12.0(32)S12?
--
Mikael Abrahamssonemail: swm...@swm.pp.se
On Mon, Jan 19, 2009 at 03:58:17PM +, Jonathan Oddy wrote:
> As mentioned in both [1] and [2] this is especially critical as at
> present Cisco IOS will tear down sessions when receiving an AS4_PATH
> containing an AS_CONFED_SET/SEQUENCE.
Hi,
Whilst this is behaviour is RFC compliant, as prev
59 matches
Mail list logo