Jay Ashworth wrote:
sniip
And, quite aside from broadcast networks protecting the ad revenues
of their contracted affiliates -- the primary reason for most of the
(from an engineering standpoint) stupidity surrounding the intersection
of broadcasting and new technology -- social networking is be
On Jun 10, 2013 7:50 PM, "Jayram A. Deshpande" wrote:
>
> Hello,
>
>
> With IPv4 being almost exhausted[1] , I am curious to know how many net
admins have the Bogon filtering ACLs still hanging around ?
>
No bogon filters here. Retiring bogon filters is great, one less process to
maintain.
> G
This draft is now RFC6441 and BCP 171
http://tools.ietf.org/html/rfc6441
.as
On 6/10/13 11:49 PM, Jayram A. Deshpande wrote:
> Hello,
>
>
> With IPv4 being almost exhausted[1] , I am curious to know how many net
> admins have the Bogon filtering ACLs still hanging around ?
>
> Goo
Well, there's this from 2012:
https://www.team-cymru.org/Services/Bogons/
- ferg
On Mon, Jun 10, 2013 at 7:49 PM, Jayram A. Deshpande wrote:
Hello,
>
>
> With IPv4 being almost exhausted[1] , I am curious to know how many net
> admins have the Bogon filtering ACLs still hanging around ?
>
>
Hello,
With IPv4 being almost exhausted[1] , I am curious to know how many net admins
have the Bogon filtering ACLs still hanging around ?
Google even gave me this expired Internet Draft [2] that seems to have been
intended as a BCP.
Regards,
-Jay.
[1] https://www.arin.net/resources/req
On Thu, 6 Jun 2013, Alex Rubenstein wrote:
I've always just assumed that if it's in electronic form, someone else is either
reading it now, has already read it, or will read it as soon as I walk away from
the screen.
So, you are comfortable just giving up your right to privacy? It's just the w
On Mon, Jun 10, 2013 at 04:36:32PM -0700, Scott Weeks wrote:
> NSA claims know-how to ensure no illegal spying:
> http://thegardenisland.com/news/state-and-regional/nsa-claims-know-how-to-ensure-no-illegal-spying/article_ec623964-d23a-53c6-aeb0-14bf325a7f3c.html
>
> scott
"We're the government. T
Funny, sort of. The guy was residing in Hawaii. Apologies
for the long URLs...
Report: NSA contract worker is surveillance source:
http://thegardenisland.com/news/state-and-regional/report-nsa-contract-worker-is-surveillance-source/article_2a88ec60-f99c-54a7-8c13-13f6852ccca6.html
Hawaii rea
Just to update everyone.. Already had the allowas-in setup, the end result is
that the ISPs in question tier2 team did not know that they block inbound
updates from their upstream(peers) from known ranges inside their network. So,
the upstream was blocking the customer prefix as they thought th
On Mon, 10 Jun 2013, Patrick W. Gilmore wrote:
Ever tried to get a single peer set up sessions in 50+ places with 50+ ASNs?
I would submit that it's very likely that someone setting up 50+ places
will have gained expert level knowledge of BGP and will understand the
compromises they are maki
On Jun 10, 2013, at 2:22 PM, Patrick W. Gilmore wrote:
> Is it enough to keep the standard? Or should the standard have a specific
> carve out, e.g. for stub networks only, not allowing islands to provide
> transit. Just a straw man.
For the moment I'm not going to make a statement one way or
On Mon, Jun 10, 2013 at 03:22:41PM -0400, Patrick W. Gilmore wrote:
> On Jun 10, 2013, at 14:14 , Joe Provo wrote:
> > On Mon, Jun 10, 2013 at 01:18:04PM -0400, Patrick W. Gilmore wrote:
> >> On Jun 10, 2013, at 12:54 , Joe Provo wrote:
> >>> On Mon, Jun 10, 2013 at 11:36:44AM -0500, Dennis Burg
On Jun 10, 2013, at 15:23 , Job Snijders wrote:
>> The alternative is to expect "networks" with 100s or 1000s of locations to
>> burn 100s or 1000s of ASNs. Which I think is a bit silly. Hence my question
>> about possibly changing the rules.
>
> I see no issue with that, we have an ASN pool o
Hi,
> The alternative is to expect "networks" with 100s or 1000s of locations to
> burn 100s or 1000s of ASNs. Which I think is a bit silly. Hence my question
> about possibly changing the rules.
I see no issue with that, we have an ASN pool of roughly 4294967280 ASNs. There
is no shortage. Al
On Jun 10, 2013, at 14:14 , Joe Provo wrote:
> On Mon, Jun 10, 2013 at 01:18:04PM -0400, Patrick W. Gilmore wrote:
>> On Jun 10, 2013, at 12:54 , Joe Provo wrote:
>>> On Mon, Jun 10, 2013 at 11:36:44AM -0500, Dennis Burgess wrote:
I have a network that has three peers, two are at one site
On Mon, 10 Jun 2013, Joe Provo wrote:
I would submit that not knowing loop detection is a default and valuable
feature might indicate the person should understand why and how it
affects them.
And I would further submit that the lack of deep protocol knowledge is a
good reason to NOT F**K wit
On Jun 10, 2013, at 14:07 , Bruce Pinsky wrote:
> Patrick W. Gilmore wrote:
> > On Jun 10, 2013, at 13:36 , Bruce Pinsky wrote:
> >> Or maintain "standard" behavior by running a GRE tunnel between the two
> >> discontinuous sites and run iBGP over the tunnel.
> >
> > Standard how? I don't remem
On Jun 10, 2013, at 12:08 PM, Patrick W. Gilmore wrote:
>> however, providers a/b at site1 do not send us the two /24s from
>> site b..
>
> This is probably incorrect.
>
> The providers are almost certainly sending you the prefixes, but your router
> is dropping them due to loop detection. To
I wouldn't look at allowing a route in with the same AS as being non-standard.
Protocol behavior has to be managed by the administrator based on their own
network needs and requirements. One very common tweak that comes to mind is
setting next hop self for advertising ebgp learned routes to ibgp
On Mon, Jun 10, 2013 at 01:18:04PM -0400, Patrick W. Gilmore wrote:
> On Jun 10, 2013, at 12:54 , Joe Provo wrote:
> > On Mon, Jun 10, 2013 at 11:36:44AM -0500, Dennis Burgess wrote:
>
> >> I have a network that has three peers, two are at one site and the third
> >> is geographically diverse, a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Patrick W. Gilmore wrote:
> On Jun 10, 2013, at 13:36 , Bruce Pinsky wrote:
>> Patrick W. Gilmore wrote:
>
however, providers a/b at site1 do not send us the two /24s from
site b..
>>>
>>> This is probably incorrect.
>>>
>>> The providers
On Mon, Jun 10, 2013 at 10:08 AM, Patrick W. Gilmore wrote:
> > however, providers a/b at site1 do not send us the two /24s from
> > site b..
>
> This is probably incorrect.
>
> The providers are almost certainly sending you the prefixes, but your
> router is dropping them due to loop detection.
On Jun 10, 2013, at 13:36 , Bruce Pinsky wrote:
> Patrick W. Gilmore wrote:
> >> however, providers a/b at site1 do not send us the two /24s from
> >> site b..
> >
> > This is probably incorrect.
> >
> > The providers are almost certainly sending you the prefixes, but your
> > router is dropp
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Patrick W. Gilmore wrote:
>> however, providers a/b at site1 do not send us the two /24s from
>> site b..
>
> This is probably incorrect.
>
> The providers are almost certainly sending you the prefixes, but your router
> is dropping them due to loop
On Jun 10, 2013, at 12:54 , Joe Provo wrote:
> On Mon, Jun 10, 2013 at 11:36:44AM -0500, Dennis Burgess wrote:
>> I have a network that has three peers, two are at one site and the third
>> is geographically diverse, and there is NO connection between the two
>> separate networks.
>
> So, you h
> however, providers a/b at site1 do not send us the two /24s from
> site b..
This is probably incorrect.
The providers are almost certainly sending you the prefixes, but your router is
dropping them due to loop detection. To answer your later question, this is the
definition of 'standard' as i
On Mon, Jun 10, 2013 at 9:43 AM, Joe Abley wrote:
>
> On 2013-06-10, at 18:36, "Dennis Burgess" wrote:
>
> > I have a network that has three peers, two are at one site and the third
> > is geographically diverse, and there is NO connection between the two
> > separate networks.
> >
> > Currently
On Mon, Jun 10, 2013 at 11:36:44AM -0500, Dennis Burgess wrote:
> I have a network that has three peers, two are at one site and the third
> is geographically diverse, and there is NO connection between the two
> separate networks.
So, you have two islands? Technically, that would be separate
ASN
On 2013-06-10, at 18:43, Joe Abley wrote:
> [...] neigh x.x.x.x allowas-in" on JunOS.
Actually, I think that's JunOSe. Or however you capitalise it.
Joe
On 6/10/13 6:48 PM, joel jaeggli wrote:
On 6/10/13 6:36 PM, Dennis Burgess wrote:
I have a network that has three peers, two are at one site and the third
is geographically diverse, and there is NO connection between the two
separate networks.
Currently we are announcing several /24s out one n
On 6/10/13 6:36 PM, Dennis Burgess wrote:
I have a network that has three peers, two are at one site and the third
is geographically diverse, and there is NO connection between the two
separate networks.
Currently we are announcing several /24s out one network and other /24s
out the second
On 2013-06-10, at 18:36, "Dennis Burgess" wrote:
> I have a network that has three peers, two are at one site and the third
> is geographically diverse, and there is NO connection between the two
> separate networks.
>
>
>
> Currently we are announcing several /24s out one network and other /
I have a network that has three peers, two are at one site and the third
is geographically diverse, and there is NO connection between the two
separate networks.
Currently we are announcing several /24s out one network and other /24s
out the second network, they do not overlap. To the internet
> How would you tap a few TBit/s so that you can filter it down to where you
can look it at layer 7 in ASICs, and filter out something to a more
manageable data rate?
Well "lawful-intercept" is on by default.
And you don't get to worry about the L7 and filtering/parsing -that's done
by the black b
>Happily, none of the companies listed are transport networks:
I believe it's logical that government turned to biggest US based ISPs with
request to help monitoring communication channels after 2001 events, as back in
those days facebook was not around and google was not as prevalent.
But to b
The only calea intercept I watched take place was with a system made by
Sandvine.. And it was pretty shocking.
Sent from my Mobile Device.
Original message
From: Dennis Burgess
Date: 06/10/2013 6:25 AM (GMT-08:00)
To: Randy Fischer ,nanog@nanog.org
Subject: RE: Mechanics of
On 6/10/2013 11:00 AM, Larry Stites wrote:
Too many of us look upon Americans as dollar chasers.
As an Objectivist, I resemble this. I still hate having to agree with a
spammer though :(
Andrew
On Fri, Jun 7, 2013 at 8:25 AM, Joe Abley wrote:
>
> On 2013-06-07, at 11:14, Jeroen Massar wrote:
>
> > On 2013-06-07 06:50, Dan White wrote:
> > [..]
> >
> > A nice 'it is Friday' kind of thought
> >
> >> OpenPGP and other end-to-end protocols protect against all nefarious
> >> actors, inc
While its possible to do this, you would have to have a device that would not
impact performance typically at every exit point, but in a perfect world it
would be on the clients CPE device!Our wireless CPE's can do this.I
would not that a business model to not bill until a request is com
On 2013-06-07, at 11:14, Jeroen Massar wrote:
> On 2013-06-07 06:50, Dan White wrote:
> [..]
>
> A nice 'it is Friday' kind of thought
>
>> OpenPGP and other end-to-end protocols protect against all nefarious
>> actors, including state entities.
>
> If you can't trust the entities where y
On Mon, Jun 10, 2013 at 11:10:57AM +0300, Kauto Huopio wrote:
> I would add opportunistic STARTTLS to all SMTP processing devices.
What we actually need is working opportunistic encryption
in IPv6, something like
http://www.inrialpes.fr/planete/people/chneuman/OE.html
I would add opportunistic STARTTLS to all SMTP processing devices.
--Kauto
On Mon, Jun 10, 2013 at 12:23 AM, William Herrin wrote:
> On Thu, Jun 6, 2013 at 9:28 PM, Leo Bicknell wrote:
> > While there's a whole political aspect of electing people who pass
> > better laws, NANOG is not a polit
42 matches
Mail list logo