Re: is it -really- global?

only intl links on which smokeping shows anything is ashburn to tokyo. but that only covers us, joburg, linx, tokyo <>

Re: Why not to use RPKI (Was Re: Argus: a hijacking alarm system)

2012/1/24 John Kemp > > > Minor correction there. If you are talking about our IX collectors > (LINX, PAIX, > EQIX Ashburn, SYDNEY, etc.) those are at exchanges and peering > directly. The > collectors at Univ of Oregon (rv,rv2,rv3,rv4, rv6), yeah, those are > multi-hop. > Doesn't detract from y

Re: LAw Enforcement Contact

Andrew , it does fail you. The 35+ employees that work for GigeNET would be really insulted by you insinuating that there job roles have no merit. The combination of all the things they do is what makes the company run. So no Paul does not run the company, put down the crack pipe. Why don't you fi

is it -really- global?

anyone keeping track of their RTTs? i'm finishing up some work on latency and all i have are my numbers. its going to be highly variable based on where you are and where you go, but it would be nice to have other sets of numbers. roughly my targets are :: 43% are "cloud" oriented - CBN stuff t

Re: Megaupload.com seized

On 21/01/12 11:20 PM, George Bonser wrote: This is what disaster simulations are for, to suss out these problems before a disaster and put in systems to avoid the mess. In the real world, while a city might keep the digital documents "in the cloud" they would also (always) have paper copies, bec

RE: AT&T and IPv6 Launch

-Original Message- From: Jared Mauch [mailto:ja...@puck.nether.net] Sent: Monday, January 23, 2012 5:52 PM To: Jared Mauch Cc: nanog@nanog.org Group Subject: Re: AT&T and IPv6 Launch So i have been privately referred to att.com/ipv6 where you can find supporting CPE devices. It sounds

Re: AT&T and IPv6 Launch

So i have been privately referred to att.com/ipv6 where you can find supporting CPE devices. It sounds like if you have equipment supporting ipv6 it may just appear one day "soon". Jared Mauch On Jan 23, 2012, at 2:23 PM, Jared Mauch wrote: > Is there someone who can talk about how to get

Re: How are you doing DHCPv6 ?

In message , Ray Soucy writes: > Thanks, Mark. > > The ISC website isn't very clear on how to make such requests unless > you have a support contract. For reference email to "dhcp-sugg...@isc.org" (or even "dhcp-b...@isc.org") well get it logged. > Also make note of my last response to the thr

Re: How are you doing DHCPv6 ?

On Mon, 2012-01-23 at 18:12 -0500, Randy Carpenter wrote: > Controlled by software = not constant. OK - fair point. But these days many MACs can be controlled by software too. In the world of virtual computing they don't exist in hardware at all. The world hasn't ended. Examples abound of codes t

Re: How are you doing DHCPv6 ?

Controlled by software = not constant. It is also not likely to be something that is knowable on a piece of electronic gear that is not a PC, nor will it be something that can be printed on the outside of the device, like most today. -Randy - Original Message - > Yes, DUID and IAID s

Re: How are you doing DHCPv6 ?

Yes, DUID and IAID should be persistent on systems. If they are not then they are not following the RFC. Note that bad practices, though, can remove that persistence (e.g. deleting the DUID, or replicating the DUID on other systems). On Mon, Jan 23, 2012 at 5:56 PM, Karl Auer wrote: > On Mon, 2

Re: How are you doing DHCPv6 ?

On Mon, 2012-01-23 at 17:26 -0500, Randy Carpenter wrote: > One major issue is that there is no way to associate a user's MAC (for > IPv4) with their DUID. I haven't been able to find a way to account > for this without making the user authenticate once for IPv4, and then > again for IPv6. This is

Re: How are you doing DHCPv6 ?

Thanks, Mark. The ISC website isn't very clear on how to make such requests unless you have a support contract. Also make note of my last response to the thread on logging and MAC awareness, as it may also be worth consideration. On Mon, Jan 23, 2012 at 5:05 PM, Mark Andrews wrote: > > In me

Re: How are you doing DHCPv6 ?

One major issue is that there is no way to associate a user's MAC (for IPv4) with their DUID. I haven't been able to find a way to account for this without making the user authenticate once for IPv4, and then again for IPv6. This is cumbersome to the user. Also, in the past there have been vari

Re: How are you doing DHCPv6 ?

The requirement of the DUID is a big hurdle to DHCPv6 adoption, I agree. Currently, a DUID can be generated in 1 of 3 ways, 2 of which include _any_ MAC address of the system at the time of generation.  After that, the DUID is stored in software. The idea is that the DUID identifies the system an

Re: How are you doing DHCPv6 ?

On Mon, 2012-01-23 at 14:44 -0500, Randy Carpenter wrote: > We have also recently realized that the DUID is pretty much completely > random, and there is no way to tie the MAC address to a client. This > pretty much makes it impossible to manage a large customer base. Not sure about that. The DUID

Re: How are you doing DHCPv6 ?

In message , Ray Soucy writes: > This is a problem that would be nice for ISC to resolve (or another > dependable FOSS implementation). > > For a while now (about 20 years I believe) we've used ISC DHCPd in a > distributed model for our public IPv4 space. In a nutshell, each DHCP > server is co

Re: AT&T and IPv6 Launch

On 1/23/12 11:23 AM, Jared Mauch wrote: > Is there someone who can talk about how to get IPv6 on AT&T residential:? > > Thanks, > > - Jared > > -- snip -- > ISPs participating in World IPv6 Launch will enable IPv6 for enough users so > that at least 1% of their wireline residential subscribers

Re: Populating BGP from Connected or IGP routes

On Mon, 23 Jan 2012, Eric C. Miller wrote: First, when running a small ISP with about the equivilent of a /18 or /19 in different blocks, how should you decide what should be in the IGP and what should be in BGP? I assume that it's somewhere between all and none, and one site that I found made

Re: Populating BGP from Connected or IGP routes

On Mon, 23 Jan 2012, Eric C. Miller wrote: I'm looking for a best practice sort of answer, plus maybe comments on why your network may or may not follow this. > First, when running a small ISP with about the equivilent of a /18 or /19 in different blocks, how should you decide what should be

Re: LAw Enforcement Contact

From memory Ameen Pishdadi is the owner of GIGENET, run by Paul Ashley (Aka XEROX), and comprised of the IP space and assets of FOONET. One would think that he has much contact with law enforcement. Or does my memory fail me? Andrew On 1/22/2012 8:16 PM, A. Pishdadi wrote: Hello, We recent

Re: LAw Enforcement Contact

On Jan 23, 2012, at 2:46 AM, Chris wrote: > The appropriately named SS mainly deals with counterfeit currency, > widespread ID theft (See also: Ryan1918) and threats to the President. Actually, they have statutory authority to deal with computer crime, too; see http://www.secretservice.gov/crimi

Re: Populating BGP from Connected or IGP routes

On Mon, Jan 23, 2012 at 12:46 PM, Eric C. Miller wrote: > Hi all, > > I'm looking for a best practice sort of answer, plus maybe comments on why > your network may or may not follow this. > > First, when running a small ISP with about the equivilent of a /18 or /19 in > different blocks, how sho

Re: Fiber outage in Miami

We are still impacted from what I understand. On 01/23/2012 10:02 AM, Jimmy Changa wrote: Was anyone impacted by a botched fiber move in Miami this weekend? I lost 2 pieces of dark fiber for over almost 24 hours due to a fiber move being performed by FiberLight. I'm curious if anyone else was

Populating BGP from Connected or IGP routes

Hi all, I'm looking for a best practice sort of answer, plus maybe comments on why your network may or may not follow this. First, when running a small ISP with about the equivilent of a /18 or /19 in different blocks, how should you decide what should be in the IGP and what should be in BGP?

Re: How are you doing DHCPv6 ?

We have also recently realized that the DUID is pretty much completely random, and there is no way to tie the MAC address to a client. This pretty much makes it impossible to manage a large customer base. -Randy - Original Message - > This is a problem that would be nice for ISC to re

AT&T and IPv6 Launch

Is there someone who can talk about how to get IPv6 on AT&T residential:? Thanks, - Jared -- snip -- ISPs participating in World IPv6 Launch will enable IPv6 for enough users so that at least 1% of their wireline residential subscribers who visit participating websites will do so using IPv6 by

Re: Why not to use RPKI (Was Re: Argus: a hijacking alarm system)

On 1/23/2012 7:28 AM, Christopher Morrow wrote: > On Mon, Jan 23, 2012 at 10:19 AM, Yang Xiang > wrote: >> Hi chris, >> >> 2012/1/23 Christopher Morrow >>> On Fri, Jan 20, 2012 at 8:08 AM, Yang Xiang >>> wrote: 2012/1/20 Arturo Servin >> while Argus can discover potential hijackings ca

Re: juniper mx80 vs cisco asr 1000

On Monday, January 23, 2012 11:29:57 PM ama...@gmail.com wrote: > ASR 1000 does not run XR. You probably mean XE. Indeed, I did, as I clarified in some private responses as well. I thought it would be obvious so I decided not to publicly correct it :-). > The high availability features that r

Re: Fiber outage in Miami

On 01/23/2012 10:02 AM, Jimmy Changa wrote: Was anyone impacted by a botched fiber move in Miami this weekend? I lost 2 pieces of dark fiber for over almost 24 hours due to a fiber move being performed by FiberLight. I'm curious if anyone else was impacted. Sent from mobile device Yes many p

Re: VZ FiOS DNS issues:

Jamie Bowden writes: > I don't care for the Actiontec boxes either, but the STB program > guides and other features don't work without it, so I have mine > forward all IP traffic unmolested to my own as the DMZ host Actually this can be worked around. My config has SA, er, Cisco STBs and a Net

Re: How are you doing DHCPv6 ?

This is a problem that would be nice for ISC to resolve (or another dependable FOSS implementation). For a while now (about 20 years I believe) we've used ISC DHCPd in a distributed model for our public IPv4 space. In a nutshell, each DHCP server is configured only with static assignments, their

Re: Why not to use RPKI (Was Re: Argus: a hijacking alarm system)

2012/1/23 Christopher Morrow > > ok, that seems squirrelly still :( > > so, take routeviews for example, they peer almost exclusively > ebgp-multi-hop, so any 'best path' you see there isn't actually usable > by the route-server... all traffic has to take the local transport out > of the routevie

Re: juniper mx80 vs cisco asr 1000

On Friday, January 20, 2012 04:14:35 PM Saku Ytti wrote: > MX80 is not competing against ASR1k, and JNPR has no > product to compete with ASR1k. And this is something I've been telling Juniper for years (not that they don't already know). The M7i and M10i have really done all they can - but try

Re: juniper mx80 vs cisco asr 1000

ASR 1000 does not run XR. You probably mean XE. The high availability features that requires maintaining state and stateful switch over never seem to work out of the box on early releases and need some time until the feature gets mature. I've found this across different vendors. The dual IOS p

Re: Why not to use RPKI (Was Re: Argus: a hijacking alarm system)

On Mon, Jan 23, 2012 at 10:19 AM, Yang Xiang wrote: > Hi chris, > > 2012/1/23 Christopher Morrow >> >> On Fri, Jan 20, 2012 at 8:08 AM, Yang Xiang >> wrote: >> > 2012/1/20 Arturo Servin >> >> >> > while Argus can discover potential hijackings caused by anomalous AS >> >> path. >> >> reading the

Re: Fiber outage in Miami

Yes, quiet a few folks were affected, due to Fiberlight fiber cutover...event. But the effects were very localized Faisal Imtiaz Snappy Internet& Telecom 7266 SW 48 Street Miami, Fl 33155 Tel: 305 663 5518 x 232 Helpdesk: 305 663 5518 option 2 Email: supp...@snappydsl.net On 1/23/2012 10:0

Re: Why not to use RPKI (Was Re: Argus: a hijacking alarm system)

Hi chris, 2012/1/23 Christopher Morrow > On Fri, Jan 20, 2012 at 8:08 AM, Yang Xiang > wrote: > > 2012/1/20 Arturo Servin > > >> > while Argus can discover potential hijackings caused by anomalous AS > >> path. > > reading the preceding section (III.B) you check 3 things in the AMM > (anomaly

Re: juniper mx80 vs cisco asr 1000

On Friday, January 20, 2012 05:40:10 AM Leigh Porter wrote: > I have not used the asr1000 but it looks like a capable > box. You would do well to look at the MX80 fixed > chassis, it comes with 48 1G interfaces and 4 10G > interfaces. They are pretty good value, I think. The thing the MX80 has th

Fiber outage in Miami

Was anyone impacted by a botched fiber move in Miami this weekend? I lost 2 pieces of dark fiber for over almost 24 hours due to a fiber move being performed by FiberLight. I'm curious if anyone else was impacted. Sent from mobile device

Re: juniper mx80 vs cisco asr 1000

On Friday, January 20, 2012 04:34:56 AM Thomas Donnelly wrote: > The warm standby IOS is a nice > feature for in service upgrades and crash avoidance. Except that some times, it did lead to crash (for us anyway), because it eats up half the router's memory, and if you're running 3x full tables

Re: Megaupload.com seized

On Mon, 23 Jan 2012 13:28:49 GMT, Don Bowman said: > Given that filesonic cut off sharing, but still allows users to fetch > links they themself posted, one could make the assumption from the below > that there was negligible traffic due to people re-fetching their > own content. Note that the fil

RE: Megaupload.com seized

From: Joly MacFie [mailto:j...@punkcast.com] > > Incidentally, some traffic stats on > http://gigaom.com/2012/01/20/follow-the-traffic-what-megauploads- > downfall-did-to-the-web/

RE: VZ FiOS DNS issues:

I don't care for the Actiontec boxes either, but the STB program guides and other features don't work without it, so I have mine forward all IP traffic unmolested to my own as the DMZ host (thus the dual layer of [P|N]AT you see). It's just UDP/TCP 53 traffic that's not flowing for whatever rea

Re: VZ FiOS DNS issues:

Christopher Morrow writes: > On Sun, Jan 22, 2012 at 11:29 AM, Brandon Kim > wrote: >> >> I have FIOS and I have no issues. However I do know awhile back they had >> issues and I was affected by >> the outage >> >> Maybe it hasn't made its way to me yet >> > > there have been instances

Re: LAw Enforcement Contact

Depends where they are located. I found Europol and the NHTCU somewhat helpful (but slow) to deal with some botnets controlled in Macedonia and Latvia. NHTCU were contacted because of the location of one of the attacked hosts. -- Sent from my smart phone. Please excuse my brevity On Jan 23, 2012 1