Re: Dual stack IPv6 for IPv4 depletion

Hi, With RIPE you can get a /29 with no justification, so if you have any less it is because you did not bother logging in to ripe.net and hit the get more button. ARIN gives you the option to make a network scheme based on nibbles but RIPE does not, so do not go there. Why try to allocate by the

Re: Dual stack IPv6 for IPv4 depletion

In message , "Ricky Beam" writes: > On Wed, 08 Jul 2015 22:49:17 -0400, Karl Auer wrote: > > You, we, all of us have to stop using the present to limit the future. > > What IS should not be used to define what SHOULD BE. > > > > What people NOW HAVE in their homes should not be used to dictate to

Re: Dual stack IPv6 for IPv4 depletion

On Wed, 08 Jul 2015 22:49:17 -0400, Karl Auer wrote: You, we, all of us have to stop using the present to limit the future. What IS should not be used to define what SHOULD BE. What people NOW HAVE in their homes should not be used to dictate to them what they CAN HAVE in their homes, which is

Re: Dual stack IPv6 for IPv4 depletion

On Wed, 08 Jul 2015 22:32:35 -0400, Mel Beckman wrote: You have to draw the limbs somewhere. Why not 512 bits? 1024? The IETF engineers that thought about this long and hard and discussed the topic we've just had, and a thousands of other topics, decided on 128. I'm inclined to give them th

Re: Dual stack IPv6 for IPv4 depletion

On Wed, 08 Jul 2015 22:13:24 -0400, wrote: On Wed, 08 Jul 2015 20:19:52 -0500, Mike Hammett said: /56 even seems a bit excessive for a residential user, but *shrugs* It goes pretty quick when each WNDR3800 running CeroWRT will chew through 4 bits worth of subnets just by powering on, and even

Re: Dual stack IPv6 for IPv4 depletion

On Wed, 08 Jul 2015 21:19:52 -0400, Mike Hammett wrote: /56 even seems a bit excessive for a residential user, but *shrugs* That's why some hand out a /60, but only if you ask for it. Otherwise, you get only a single /64. Of course, HE will give you a /48 at the click of the mouse.

Re: Dual stack IPv6 for IPv4 depletion

On Wed, Jul 8, 2015 at 7:49 PM, Karl Auer wrote: > On Wed, 2015-07-08 at 21:03 -0500, Mike Hammett wrote: >> I wasn't aware that residential users had (intentionally) multiple >> layers of routing within the home. No, what they often have is multiple layers of nat. I was at a hotel once that had

Re: Dual stack IPv6 for IPv4 depletion

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 7/8/2015 7:49 PM, Karl Auer wrote: > On Wed, 2015-07-08 at 21:03 -0500, Mike Hammett wrote: >> I wasn't aware that residential users had (intentionally) >> multiple layers of routing within the home. > > You, we, all of us have to stop using the

Re: Dual stack IPv6 for IPv4 depletion

On Wed, 2015-07-08 at 21:03 -0500, Mike Hammett wrote: > I wasn't aware that residential users had (intentionally) multiple > layers of routing within the home. You, we, all of us have to stop using the present to limit the future. What IS should not be used to define what SHOULD BE. What people

Re: Dual stack IPv6 for IPv4 depletion

Draw the lines -mel via cell > On Jul 8, 2015, at 7:33 PM, Mel Beckman wrote: > > Israel, > > You have to draw the limbs somewhere. Why not 512 bits? 1024? The IETF > engineers that thought about this long and hard and discussed the topic we've > just had, and a thousands of other topics, d

Re: Dual stack IPv6 for IPv4 depletion

None of those applications benefit from address mapping. They can be done with IPv6 as it stands today. This is where the atoms argument you don't want us to make comes in :) -mel via cell > On Jul 8, 2015, at 7:27 PM, Israel G. Lugo wrote: > > I'm sorry Mel, I only now saw your email. > > I

Re: Dual stack IPv6 for IPv4 depletion

Israel, You have to draw the limbs somewhere. Why not 512 bits? 1024? The IETF engineers that thought about this long and hard and discussed the topic we've just had, and a thousands of other topics, decided on 128. I'm inclined to give them the benefit of the doubt. :) -mel via cell > On Jul

Re: Dual stack IPv6 for IPv4 depletion

I'm sorry Mel, I only now saw your email. I'll quote from my reply to Owen, for the motivation behind my question: > Speaking of IPv6's full potential: we're considering 32 subscriptions > per client. I've read people thinking of things like IPv6-aware soda > cans. Refrigerators. Wearables. Cars

Re: Dual stack IPv6 for IPv4 depletion

On 07/09/2015 02:31 AM, Owen DeLong wrote: > Here’s the problem… You started at the wrong end and worked in the wrong > direction in your planning. > > [...get larger allocation...] > > We are now left with only 1,041,888 /20s remaining. You still haven’t put a > dent in it. I am aware of the

Re: Re: Dual stack IPv6 for IPv4 depletion

9. Jul 2015 02:03 by na...@ics-il.net: > I wasn't aware that residential users had (intentionally) multiple layers > of routing within the home. >  Some (newer?) wireless routers have an option to create a seperate network for a guests (own IPv4 /24, own SSID, firewall between the two IPv4

Re: Dual stack IPv6 for IPv4 depletion

On Wed, 08 Jul 2015 20:19:52 -0500, Mike Hammett said: > /56 even seems a bit excessive for a residential user, but *shrugs* It goes pretty quick when each WNDR3800 running CeroWRT will chew through 4 bits worth of subnets just by powering on, and even more if you start doing any VLAN stuff an

Re: Dual stack IPv6 for IPv4 depletion

excise verb 1. To excise is defined as to cut out surgically. When a tumor is surgically cut out, this is an example of excise. Exercise wouldn't work. That would mean "repeatedly employ the fear". Exorcise (as in The Exorcist) might serve, except the IPv4 "fear of waste" is not a demon. It'

Re: Dual stack IPv6 for IPv4 depletion

I wasn't aware that residential users had (intentionally) multiple layers of routing within the home. I'm also not sure what address length has to do with routability, other than networks filtering prefix lengths. If that's an issue, that customer is covered by the ISP's larger allocation, or

Re: Dual stack IPv6 for IPv4 depletion

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 7/8/2015 6:51 PM, Mel Beckman wrote: > This is where we have to excise our IPv4 "fear of waste" reflex. Excise or exercise? I am partially serious. - - ferg - -- Paul Ferguson PGP Public Key ID: 0x54DC85B2 Key fingerprint: 19EC 2945 FEE8 D6C8

Re: Dual stack IPv6 for IPv4 depletion

On 07/09/2015 02:38 AM, Mark Andrews wrote: > A single /48 has enough space/subnets cover the entire infrastructure > of 99.% of ISPs even using /64's for p2p links rather than taking > one /64 and subdividing that for all of the p2p links. Treat the ISP > as a business customer of itself when

Re: Debian RWHOIS

On 09/07/15 00:31, Landon Stewart wrote: > On Jul 8, 2015, at 3:12 PM, Jeff Walter wrote: >> >> Without mincing words he basically told me RWHOIS was dead. > > Someone please tell Spamhaus. Not sure why they should care. As long as proper info about the assignee are provided, who cares if the i

RE: United Airlines is Down (!) due to network connectivity problems

> > Once is an accident; twice is a coincidence... > > > > Three times is enemy action. https://en.wikipedia.org/wiki/Poisson_clumping T

Re: Dual stack IPv6 for IPv4 depletion

Matthew, This is where we have to excise our IPv4 "fear of waste" reflex. A /64 subnet, for example, doesn't waste anything material -- these are just integers, after all. If the number of integers was scarce, as they are with IPv4, then yes, we must conserve. But IPv6 is well thought out and

Re: Dual stack IPv6 for IPv4 depletion

Israel, A better question is why bit-map your allocation plan at all? That seems ill advised, since you must arbitrarily allocate huge swaths of ip space equally between category classes when it's rarely efficient to do so. For example, two bits for network infrastructure because infrastructure

Re: Dual stack IPv6 for IPv4 depletion

In message <559dc43e.5020...@lugosys.com>, "Israel G. Lugo" writes: > > On 07/09/2015 12:59 AM, Mark Andrews wrote: > > In message <559db604.8060...@lugosys.com>, "Israel G. Lugo" writes: > >> Doesn't seem to make sense at all for the ISP side, though. Standard > >> allocation /32. Giving out /48

Re: Dual stack IPv6 for IPv4 depletion

What's excessive is >32 bits for a subnet. No reason subnets should have been as big as they are. Bad for local forwarding decisions, waste of bits, etc. Nobody has a physical subnet technology that works for more than a few thousand hosts anyway. Matthew Kaufman (Sent from my iPhone) > On J

Re: Dual stack IPv6 for IPv4 depletion

On 07/09/2015 02:15 AM, Owen DeLong wrote: > If you’re trying to build a decent sized ISP in a /32, you’re doing it > wrong. /32 is not the “standard size” — It’s the MINIMUM size. I've addressed this and most of what you said in my earlier reply to Mike Hammet (00:57:29 UTC). I was going to rep

Re: Dual stack IPv6 for IPv4 depletion

On Wed, 2015-07-08 at 19:57 -0500, Mike Hammett wrote: > Isn't /56 the standard end-user allocation? No - it's just a common one. And a bad one. /48s for all opens up a whole different world of end-user reachability, routability and flexibility that a mere /56 does not. Regards, K. --

Re: Dual stack IPv6 for IPv4 depletion

Only if you are trying to prevent IPv6 from reaching its full potential. Owen > On Jul 8, 2015, at 17:57 , Mike Hammett wrote: > > Isn't /56 the standard end-user allocation? > > > > > - > Mike Hammett > Intelligent Computing Solutions > http://www.ics-il.com > > > > Midwest Int

Re: Dual stack IPv6 for IPv4 depletion

> > Let's say I'm a national ISP, using 2001:db8::/32. I divide it like so: > > - I reserve 1 bit for future allocation schemes, leaving me a /33; > - 2 bits for network type (infrastructure, residential, business, LTE): /35 > - 3 bits for geographic region, state, whatever: /38 > - 5 bits for P

Re: Dual stack IPv6 for IPv4 depletion

/56 even seems a bit excessive for a residential user, but *shrugs* - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest Internet Exchange http://www.midwest-ix.com - Original Message - From: "Mel Beckman" To: "Mike Hammett" Cc: "NANOG" Sen

Re: Dual stack IPv6 for IPv4 depletion

> On Jul 8, 2015, at 15:34 , Israel G. Lugo wrote: > > > On 07/05/2015 06:26 PM, Owen DeLong wrote: >>> On Jul 4, 2015, at 23:51 , valdis.kletni...@vt.edu wrote: >>> >>> Put their IPv4 behind a NAT and a globally routed /56. >>> >>> There, FTFY. :) >> Or better yet globally routed /48. >> >>

Re: Dual stack IPv6 for IPv4 depletion

Yes. The v6 allocation standards are simple, but can alarming to old-schoolers who have not really thought through the math. A customer gets a /56, which gives them 256 /64 subnets for their own internal use. That accommodates all except the largest customers, and those have the option of get

Re: Dual stack IPv6 for IPv4 depletion

Isn't /56 the standard end-user allocation? - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest Internet Exchange http://www.midwest-ix.com - Original Message - From: "Israel G. Lugo" To: "Mark Andrews" Cc: "NANOG" Sent: Wednesday, July 8,

Re: Dual stack IPv6 for IPv4 depletion

On 07/09/2015 12:59 AM, Mark Andrews wrote: > In message <559db604.8060...@lugosys.com>, "Israel G. Lugo" writes: >> Doesn't seem to make sense at all for the ISP side, though. Standard >> allocation /32. Giving out /48s. Even if we leave out proper subnet >> organization and allocate fully densel

Re: Dual stack IPv6 for IPv4 depletion

When do we run out of MAC addresses? ;-) - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest Internet Exchange http://www.midwest-ix.com - Original Message - From: "Israel G. Lugo" To: "Owen DeLong" , "NANOG" Sent: Wednesday, July 8, 2015 6:

Re: Fwd: [ PRIVACY Forum ] Windows 10 will share your Wi-Fi key with

> On 7/7/2015 5:39 PM, Joe Greco wrote: > > Unclear at best. The way it is implemented, the user has the potential > > to go either way. A network might not want the user to have the > > choice, clearly, but there is certainly a subset of users who will opt > > out of the feature and I cannot se

Re: Debian RWHOIS

On 7/8/15, 7:05 PM, "NANOG on behalf of Ricky Beam" wrote: >On Wed, 08 Jul 2015 18:12:47 -0400, Jeff Walter >wrote: >> he basically told me RWHOIS was dead > >It is most certainly NOT dead. It is, and always has been, a very small >userbase. SWIP has always been a pain in the ass. Modern web-ize

Re: United Airlines is Down (!) due to network connectivity problems

I've been working at a trading firm for the last 18 years. Most of the Market traditionally rolls out changes out over the weekends, making every Monday an adventure. It's unusual that they would roll out anything during the week, but they could have had something that failed and had to be undon

Re: Debian RWHOIS

On Wed, 08 Jul 2015 18:12:47 -0400, Jeff Walter wrote: he basically told me RWHOIS was dead It is most certainly NOT dead. It is, and always has been, a very small userbase. SWIP has always been a pain in the ass. Modern web-ized methods are more acceptable, but still an ugly mess. But, th

Re: Dual stack IPv6 for IPv4 depletion

In message <559db604.8060...@lugosys.com>, "Israel G. Lugo" writes: > > On 07/05/2015 06:26 PM, Owen DeLong wrote: > >> On Jul 4, 2015, at 23:51 , valdis.kletni...@vt.edu wrote: > >> > >> Put their IPv4 behind a NAT and a globally routed /56. > >> > >> There, FTFY. :) > > Or better yet globally r

Re: Dual stack IPv6 for IPv4 depletion

On 07/05/2015 06:26 PM, Owen DeLong wrote: >> On Jul 4, 2015, at 23:51 , valdis.kletni...@vt.edu wrote: >> >> Put their IPv4 behind a NAT and a globally routed /56. >> >> There, FTFY. :) > Or better yet globally routed /48. > > /56 is still a bad idea. > > Owen I've read this many times and am awa

Re: Debian RWHOIS

And let ARIN know while you're at it. Ive heard similar ideas from them but have heard no path of upgrade on justification. On Wed, Jul 8, 2015 at 4:31 PM, Landon Stewart wrote: > On Jul 8, 2015, at 3:12 PM, Jeff Walter wrote: > > > > Without mincing words he basically told me RWHOIS was dead.

Re: Debian RWHOIS

On Jul 8, 2015, at 3:12 PM, Jeff Walter wrote: > > Without mincing words he basically told me RWHOIS was dead. Someone please tell Spamhaus. Landon Stewart landonstew...@gmail.com signature.asc Description: Message signed with OpenPGP using GPGMail

Re: Debian RWHOIS

I concur ... Mark told me the same at the ARIN/NANOG OTR in San Diego last year. The RESTful API is the way to go. On 7/8/15, 5:12 PM, "NANOG on behalf of Jeff Walter" wrote: >Few years back I wrote an RWHOIS daemon for HE and because of that got put >in touch with Mark Kosters, one of the RW

Re: Debian RWHOIS

If you know anyone with some basic coding experience. Check this out. https://www.npmjs.com/package/rwhois It works far easier than the ARIN provided daemons and we have been successful using it with ARIN. Thanks On Wed, Jul 8, 2015 at 4:12 PM, Jeff Walter wrote: > Few years back I wrote an

Re: Debian RWHOIS

Few years back I wrote an RWHOIS daemon for HE and because of that got put in touch with Mark Kosters, one of the RWHOIS RFC authors. Without mincing words he basically told me RWHOIS was dead. Honestly, unless you have a specific reason to use RWHOIS (privatizing records as allowed by ARIN policy)

Re: United Airlines is Down (!) due to network connectivity problems

Well that's a given. I am talking about organizations like the NYSE or MaBell, On Wed, Jul 8, 2015 at 5:44 PM, Keith Stokes wrote: > Who roles out software in the middle of the week and not on weekends? > People who have more business on the weekends than the week, such as > retail. > > On Jul

Re: United Airlines is Down (!) due to network connectivity problems

Who roles out software in the middle of the week and not on weekends? People who have more business on the weekends than the week, such as retail. On Jul 8, 2015, at 4:40 PM, Dovid Bender mailto:do...@telecurve.com>> wrote: Other than for an emergency repair who roles out a software update in m

Re: United Airlines is Down (!) due to network connectivity problems

I've been in UA's datacenter and while I'm no expert on their setup I can say with some confidence that it's most likely NOT related to anything else going on. I don't want to violate any NDA I may or may not have signed but I think I can safely say its all one big private network. Whatever's hap

Re: United Airlines is Down (!) due to network connectivity problems

Other than for an emergency repair who roles out a software update in middle of the week? We test, test and then test some more and only then roll out on weekends. Our maintenance window is 00:00 - 01:00 Sunday mornings for sw updates etc. On Wed, Jul 8, 2015 at 3:02 PM, Matthew Huff wrote: > T

Re: United Airlines is Down (!) due to network connectivity problems

Jay Ashworth writes: > UA, WSJ /and/ NYSE all in the same day? > > Once is an accident; twice is a coincidence... > > Three times is enemy action. Or common factors. In this case, I think it's probably enough to point out it's the first Tuesday of the fiscal year. For a 24x7 organization, e

Re: How to build an IPv6-only internal network?

Over the years, I’ve had pretty good success with the IVI package. RFC 6219 lays out how it works and some folks experiences with v6-only networks. manning bmann...@karoshi.com PO Box 12317 Marina del Rey, CA 90295 310.322.8102 On 8July2015Wednesday, at 12:53, Cryptographrix wrote: > Hypoth

Re: How to build an IPv6-only internal network?

> On Jul 8, 2015, at 12:53 PM, Cryptographrix wrote: > > Hypothetically, I want to build an internal network that runs just IPv6 and > apply stateless ACLs at redundant external connections. > > How do users access the current v4 address space? There are two short answers: (1) they don't (2)

Canada'a broadband technoogies

The CRTC is embarking on a multi year study/consultation of what to do with our lagging broadband deployment. Just yesterday, the government bragged about a multi milliuon subsidy to give a community 3mbps service. Can't help but to participate ... So I would like some feedback/sanity checks on a

Re: Dual stack IPv6 for IPv4 depletion

Tell a start-up ISP it'll be $10k - $25k for PI IPs and they'll laugh in your face. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest Internet Exchange http://www.midwest-ix.com - Original Message - From: "Mel Beckman" To: "Owen DeLong" C

Re: Debian RWHOIS

We ran it for a while, then gave up and just updated the info on Arin. -Original Message- From: "Josh Luthman" Sent: Wednesday, July 8, 2015 3:56pm To: "Dan White" Cc: "Josh Moore" , "nanog@nanog.org" Subject: Re: Debian RWHOIS I think this is what you're asking for: http://projec

RE: Debian RWHOIS

I'm looking more for specific use case examples from the real world. How do you interact with the RWHOIS? Do you use RWHOIS or Email SWIP or RESTful? Joshua Moore Network Engineer ATC Broadband 912.632.3161 - O | 912.218.3720 - M -Original Message- From: Christopher Dye [mailto:chri

RE: Debian RWHOIS

I'd recommend you use the official RWHOIS project from ARIN. http://projects.arin.net/rwhois/ It will run after compilation on Debian. Christopher Dye Paragon Solutions Group, Inc. -Original Message- From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Dan White Sent: Wednesda

Re: Debian RWHOIS

I think this is what you're asking for: http://projects.arin.net/rwhois Should be a ./configure && make && make install #per this http://projects.arin.net/rwhois/docs/installation.html Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Wed, Jul 8,

How to build an IPv6-only internal network?

Hypothetically, I want to build an internal network that runs just IPv6 and apply stateless ACLs at redundant external connections. How do users access the current v4 address space?

Re: Debian RWHOIS

On 07/08/15 19:38 +, Josh Moore wrote: Hello guys, What do you use for ARIN resource assignments? I am looking to setup a Debian-based RWHOIS server but don't see much information on it. As of a couple of years ago when I looked around, there were no recent packaged versions of rwhoisd f

Debian RWHOIS

Hello guys, What do you use for ARIN resource assignments? I am looking to setup a Debian-based RWHOIS server but don't see much information on it. Joshua Moore Network Engineer ATC Broadband 912.632.3161 - O | 912.218.3720 - M

Re: Dual stack IPv6 for IPv4 depletion

Owen, Paying for IPv4 space definitely raises the capital requirements for any new provider startup. It's not so bad right now, when deals are plentiful in the $10k to $20k range for /24s. But when a /24 hits $100K, bootstrapping a new ISP will be impossible. -mel beckman > On Jul 8, 2015,

Re: Dual stack IPv6 for IPv4 depletion

I think the “THING” that people are starting to worry about is how to deploy a network when you can’t get IPv4 space for it at a reasonable price. Owen > On Jul 8, 2015, at 11:47 , Mark Tinka wrote: > > > > On 8/Jul/15 17:59, Mel Beckman wrote: >> Greg, >> >> After investigating what a prev

Re: United Airlines is Down (!) due to network connectivity problems

I’m with Ferg-dog. I can’t tell you the number of times someone (yes, including me) has designed, purchased, and installed a system with multiple backups, failovers, redundancies, etc., and some vital piece fails in a weird way which sends the whole thing into a tailspin. Taking UA as an examp

Re: Possible Sudden Uptick in ASA DOS?

On 9 Jul 2015, at 0:43, Mark Mayfield wrote: However, this makes me consider the need to more aggressively ACL inbound traffic at the router level before these particular firewalls, which I can do, and may help mitigate such events, Spot-on - reduce the state-surface as much as possible. so

Re: United Airlines is Down (!) due to network connectivity problems

Traders on the floor are being told that it’s a software glitch from new software that was rolled out Tuesday night. Nothing official has been said. The only thing I know for sure is that if the NYSE was hacked, they wouldn’t tell anyone the details for a long time, if ever. The impact of the

Re: United Airlines is Down (!) due to network connectivity problems

UA, WSJ /and/ NYSE all in the same day? Once is an accident; twice is a coincidence... Three times is enemy action. On July 8, 2015 1:18:47 PM EDT, Paul Ferguson wrote: >-BEGIN PGP SIGNED MESSAGE- >Hash: SHA256 > >Given that the Internet is held together with paper clips, bailing >twin

Re: Dual stack IPv6 for IPv4 depletion

On 8/Jul/15 17:59, Mel Beckman wrote: > Greg, > > After investigating what a previous poster said about Cisco and Juniper, I'm > getting the feeling that not all major impediments to running MPLS over > IPv6-only networks have been addressed. > > Your comment mentions LDP IPv6 support. Do you

Re: United Airlines is Down (!) due to network connectivity problems

I noticed there are days when different nets has no links with each other became faultly. It magically happens. We usually stop all our planned works this days. On 08.07.15 19:50, Matthew Huff wrote: > Once is happenstance > Twice is coincidence > Three times is enemy action… > > Serious, could a

Re: United Airlines is Down (!) due to network connectivity problems

On Wed, Jul 08, 2015 at 01:55:43PM -0400, valdis.kletni...@vt.edu wrote: > On Wed, 08 Jul 2015 17:42:52 -, Matthew Huff said: > > Given that the technical resources at the NYSE are significant and > > the lengthy duration of the outage, I believe this is more serious > > than is being reported

Re: Possible Sudden Uptick in ASA DOS?

We call all relax. The Commander-in-Chief of the USA has declared this to be a technical glitch, and not a security breach or attack. -- Todd Williams Network Engineer Tactical Network Operations Rackspace Hosting On Wed, Jul 08, 2015 at 05:45:55PM +, Klimakhin, Kirill wrote: > This is pr

Re: United Airlines is Down (!) due to network connectivity problems

I did say significant…not brilliant :) Still, it’s possible that Valdis is correct, something got changed that wasn’t easy to undo. Might be a combination of network/software changes that will require significant overnight downtime. On Jul 8, 2015, at 1:46 PM, Shane Ronan mailto:sh...@rona

Re: Possible Sudden Uptick in ASA DOS?

NANOG members: Hi there. This is Dario Ciccarone from the Cisco PSIRT - the Product Security Incident Response Team. This is to acknowledge we're aware of this issue, and we're working with all the appropriate parties. Indeed, it seems the culprit is Cisco bug ID CSCul36176 - which was re

Re: United Airlines is Down (!) due to network connectivity problems

On Wed, 08 Jul 2015 17:42:52 -, Matthew Huff said: > Given that the technical resources at the NYSE are significant and the > lengthy duration of the outage, I believe this is more serious than is being > reported. My personal, totally zero-info suspicion: Some chuckleheaded NOC banana-eater

Re: United Airlines is Down (!) due to network connectivity problems

I think you are over estimating the technical resources at NYSE. On Jul 8, 2015 1:44 PM, "Matthew Huff" wrote: > Given that the technical resources at the NYSE are significant and the > lengthy duration of the outage, I believe this is more serious than is > being reported. OTOH, the fact that th

RE: Possible Sudden Uptick in ASA DOS?

This is pretty scary when you take into account that the NYSE is still down. Kirill Klimakhin Principal Consultant 120 Seventh Street Suite 202 Garden City, NY 11530 (C) 631-707-3303 (F) 631-982-0174 kirill.klimak...@corebts.com www.corebts.com -Original Message- From: NANOG [mailto:nan

RE: Possible Sudden Uptick in ASA DOS?

Thank you sir. I read your presentation quite some time ago, probably one of the first times you posted to the list. It has definitely informed many of my design processes; particularly with regard to server publishing, and been a major part of my supporting documentation in arguments with oth

Re: United Airlines is Down (!) due to network connectivity problems

Given that the technical resources at the NYSE are significant and the lengthy duration of the outage, I believe this is more serious than is being reported. OTOH, the fact that the market is now mostly decentralized and instruments are multiply listed, the impact of the NYSE is much less seriou

Re: United Airlines is Down (!) due to network connectivity problems

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Given that the Internet is held together with paper clips, bailing twine, and bubblegum, I'd prefer to take theses organizations' initial word for the fact that there is nothing obviously malicious in these outages. The mainstream press, on the othe

Re: Possible Sudden Uptick in ASA DOS?

On 8 Jul 2015, at 23:58, Mark Mayfield wrote: Come in this morning to find one failover pair of ASA's had the primary crash and failover, then a couple hours later, the secondary crash and failover, back to the primary. See this preso: -

Re: Possible Sudden Uptick in ASA DOS?

> On 08 Jul 2015, at 18:58, Mark Mayfield > wrote: > > Come in this morning to find one failover pair of ASA's had the primary crash > and failover, then a couple hours later, the secondary crash and failover, > back to the primary. Not sure it’s related but I’ve read reports on FRNoG of ASA

Re: United Airlines is Down (!) due to network connectivity problems

It's important to not form an opinion too early, especially anyone involved with forensic analysis of these systems. This is a classic fault in amateur investigation: an early opinion will lead you into confirmation bias, irrationally accepting data agreeing with your opinions and rejecting that

Re: Fwd: [ PRIVACY Forum ] Windows 10 will share your Wi-Fi key with

On 7/7/2015 5:39 PM, Joe Greco wrote: Unclear at best. The way it is implemented, the user has the potential to go either way. A network might not want the user to have the choice, clearly, but there is certainly a subset of users who will opt out of the feature and I cannot see how those wou

Re: Possible Sudden Uptick in ASA DOS?

On Wed 2015-Jul-08 16:58:24 +, Mark Mayfield wrote: Come in this morning to find one failover pair of ASA's had the primary crash and failover, then a couple hours later, the secondary crash and failover, back to the primary. Another pair running the same code had the primary crash and

Re: United Airlines is Down (!) due to network connectivity problems

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 NYSE: "The issue we are experiencing is an internal technical issue and is not the result of a cyber breach." https://twitter.com/NYSE/status/618818929906085888 United Air statement CNBC: “An issue with a router degraded network connectivity for va

Possible Sudden Uptick in ASA DOS?

Come in this morning to find one failover pair of ASA's had the primary crash and failover, then a couple hours later, the secondary crash and failover, back to the primary. Another pair running the same code had the primary crash and fail in the same time window. So, three crashes in 4 hours

Re: United Airlines is Down (!) due to network connectivity problems

Once is happenstance Twice is coincidence Three times is enemy action… Serious, could all be just everyone having a bad day. On the other hand, the WSJ has to deal with DOS/DDOS all the time, and usually if the NYSE has issues, it’s normally on a Monday. > On Jul 8, 2015, at 12:36 PM, Paul Fe

Re: United Airlines is Down (!) due to network connectivity problems

And now trading has been halted at the NYSE. http://www.npr.org/sections/thetwo-way/2015/07/08/421153353/trading-halted-on-new-york-stock-exchange Again undisclosed technical issue > On Jul 8, 2015, at 12:36 PM, Paul Ferguson wrote: > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Al

Re: United Airlines is Down (!) due to network connectivity problems

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 All completely coincidental networking issues, not related to anything malicious. - - ferg On 7/8/2015 9:26 AM, Matthew Huff wrote: > Hmmm, > > Wall Street Journal and NYSE both down…. > > WSJ has a static page up… > > DDOS ??? > > > >> On

Re: United Airlines is Down (!) due to network connectivity problems

Hmmm, Wall Street Journal and NYSE both down…. WSJ has a static page up… DDOS ??? > On Jul 8, 2015, at 10:51 AM, Patrick W. Gilmore wrote: > > > Lifted as of 0920 EDT. > >

Re: NANOG Digest, Vol 90, Issue 1

On 8 Jul 2015, at 22:26, Roland Dobbins wrote: Hardware-based GRE processing is required on both ends for anything other than trivial speeds; in general, the day of software-based Internet routers is long gone, and any organization still running software-based routers on their transit/peerin

Re: Dual stack IPv6 for IPv4 depletion

Greg, After investigating what a previous poster said about Cisco and Juniper, I'm getting the feeling that not all major impediments to running MPLS over IPv6-only networks have been addressed. Your comment mentions LDP IPv6 support. Do you now handle all the major gaps identified the the I

Re: Dual stack IPv6 for IPv4 depletion

We added LDP IPv6 support in SR OS 13.0.R1 for Alcatel-Lucent 7x50 platforms earlier this year. Regards, Greg -- Greg Hankins -Original Message- Date: Wed, 8 Jul 2015 06:50:27 +0200 From: Mark Tinka To: Mel Beckman , andrew Cc: Josh Moore , "nanog@nanog.org" Subject: Re: Dua

Re: NANOG Digest, Vol 90, Issue 1

On 8 Jul 2015, at 21:26, Ramy Hashish wrote: I am very happy because somebody is on the same page. This is not what you were asking about in your original post on this topic - you were talking about BGP sessions inside GRE tunnels, which is not how most (any?) DDoS mitigation services opera

Re: Dual stack IPv6 for IPv4 depletion

That's good to hear! -mel beckman > On Jul 7, 2015, at 9:50 PM, Mark Tinka wrote: > > > >> On 6/Jul/15 16:49, Mel Beckman wrote: >> MPLS requires an IPv4 core. You can't run an IPv6-only infrastructure >> because neither CSCO or JNPR have implemented LDP to distribute labels for >> IPV6 p

Re: United Airlines is Down (!) due to network connectivity problems

Lifted as of 0920 EDT. -- TTFN, patrick > On Jul 08, 2015, at 10:06 , Marshall Eubanks > wrote: > > http://www.reuters.com/article/2015/07/08/us-ual-flights-idUSKCN0PI1IX2

Re: NANOG Digest, Vol 90, Issue 1

Hello Dennis, I am very happy because somebody is on the same page. > Message: 20 > Date: Tue, 30 Jun 2015 14:37:55 -0400 > From: Dennis B > To: Roland Dobbins > Cc: nanog@nanog.org > Subject: Re: GRE performance over the Internet - DDoS cloud mitigation > Message-ID: > < > capr+j8j4vs

Re: World's Fastest Internet™ in Canadaland

You also pay those utilities for usage. You don't do that for Internet. Well, most don't. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest Internet Exchange http://www.midwest-ix.com - Original Message - From: "Jussi Peltola" To: nanog@nan

  1   2   >