Re: Network chatter generator

On 2024-02-23 17:33, Brandon Martin wrote: > Before I go to the trouble of making one myself, does anybody happen to > know of a pre-canned program to generate realistic and scalable amounts > of broadcast/broad-multicast network background "chatter" seen on > typical consumer and business

Re: TFTP over anycast

On Feb 22, 2024, at 10:47, Javier Gutierrez wrote:Hi, I'm working on some DR design and we want to not only have this site as a DR but also performing some active/active for some of the services we hosts and I was wondering if someone had some experience with using anycast for TFTP or DHCP

Re: Network chatter generator

I keep running into similar issues as far as stack validation goes. (And by stack I mean all the way up not just L2/L3). I know that my processor has an ethernet port it can't keep up with in all circumstances. Flooding it with more packets than it can handle isn't useful, other than to

Re: Network chatter generator

The replies I've gotten have been somewhat useful, but I think the purpose of what I'm seeking may not have been apparent. I'm not looking to perform volumetric or even known-vulneribility tests. I have some decent ways to do both and even know that I can make the device in question unhappy

Re: Network chatter generator

Here's some tools that I've used to stress test gear over the years. You may or may not find some of them useful for your use case: (1) T50 - be *really* careful with this one: - Source: https://gitlab.com/fredericopissarra/t50 (2) Yersina (can be used for DHCP stress testing) - Source:

Re: Network chatter generator

I came to suggest this. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest-IX http://www.midwest-ix.com - Original Message - From: "Jesse DuPont" To: "Brandon Martin" , nanog@nanog.org Sent: Friday, February 23, 2024 12:17:28 PM Subject: Re:

Re: Network chatter generator

Keysight’s Ixea Line of traffic generators with concurrent monitoring are industrial grade tools for certification testing. I’ve used them to simulate thousands of WiFi users to validate an 400 node access point deployment at a major airport. Not cheap but has all the knobs and dials you’re

Re: Network chatter generator

I believe you can do most of what you want using a Mikrotik and its Traffic Generator. Packet templates can be crafted mimic any of the popular protocols (L2, L3, L4), at least at the header level, with less flexibility on the payload legitimacy. On

Re: TFTP over anycast

The system Ask is describing is the traditional method of using anycast to geographically load-balance long-lived flows. The first time I did that was with FTP servers in Berkeley and Santa Cruz, in 1989. I did a bigger system, also load balancing FTP servers for Oracle, their public-facing

Re: TFTP over anycast

> On Feb 23, 2024, at 20:32, William Herrin wrote: > >> The relay server `dhcplb` could, maybe, help in that scenario >> (dhcplb runs on the anycast IP, the “real” DHCP servers on >> unicast IPs behind dhcplb). > > Although they used the word "anycast", they're just load balancing. The idea

Re: TFTP over anycast

On Fri, Feb 23, 2024 at 6:34 PM Ask Bjørn Hansen wrote: > The relay server `dhcplb` could, maybe, help in that scenario > (dhcplb runs on the anycast IP, the “real” DHCP servers on > unicast IPs behind dhcplb). Although they used the word "anycast", they're just load balancing. Devices behind a

Re: TFTP over anycast

> On Feb 22, 2024, at 12:52, Thomas Mieslinger wrote: > > It becomes tricky for DHCP if a location has the same cost to more than > one anycast Node. For this case we have setup a DHCP nodes in two > datacenters using different local-preferences to simulate a failover > active/passive setup.

Re: Network chatter generator

On Fri, 23 Feb 2024 at 19:42, Brandon Martin wrote: > Before I go to the trouble of making one myself, does anybody happen to > know of a pre-canned program to generate realistic and scalable amounts > of broadcast/broad-multicast network background "chatter" seen on > typical consumer and

Weekly Global IPv4 Routing Table Report

This is an automated weekly mailing describing the state of the Global IPv4 Routing Table as seen from APNIC's router in Japan. The posting is sent to APOPS, NANOG, AfNOG, SANOG, PacNOG, SAFNOG UKNOF, TZNOG, MENOG, BJNOG, SDNOG, CMNOG, LACNOG and the RIPE Routing WG. Daily listings are sent to

Re: Network chatter generator

scapy? On 2024-02-23 10:33, Brandon Martin wrote: Before I go to the trouble of making one myself, does anybody happen to know of a pre-canned program to generate realistic and scalable amounts of broadcast/broad-multicast network background "chatter" seen on typical consumer and business

Network chatter generator

Before I go to the trouble of making one myself, does anybody happen to know of a pre-canned program to generate realistic and scalable amounts of broadcast/broad-multicast network background "chatter" seen on typical consumer and business networks? This would be things like lots of ARP

Looking for a Contact / Chat with someone at Microsoft

Looking for a Contact / Chat with someone at Microsoft as we are seeing a weird issue with a block of our IPs address not being able to bring up msn.com or hotmail.com -- *Jason Marshall* SERVICE SUPPORT TECHNICIAN\IT SUPPORT TOLL FREE 888-251-0920 EMAIL *ja...@vistabeam.net *

Re: Any info on AT Wireless Outage?

Could it be someone fat fingered in preparation of this? "Starting in March, FirstNet will be the first and only wireless network to provide America’s first responders with always-on priority and preemption across 5G, expanding to include all AT 5G commercial spectrum. "

RE: TFTP over anycast

Others have addressed some of the issues, but one easy win for DHCP (which is otherwise a PITA to make redundany in *any* way) is to (a) not block ICMP anywhere, including on the client devices, and (b) have the DHCP ping before assignment. That’s not always on by default, and it’ll eliminate

Re: Any info on AT Wireless Outage?

If it's AT wireless Home broadband Service then it would be affected just the same. It's still a cellular modem. It still has a SIM card. It's no different than a hotspot really, or just about any other cellular mobile device on the network. If it's wireline service though, that had nothing to

[NANOG-announce] WATCH NOW: NANOG 90 Playlist is on YouTube! + More

*Thank You to all NANOG 90 Sponsors! * *We Appreciate Your Investment in The Community* It truly takes a village. Thank you to all attendees, sponsors, vendors, + speakers. *SEE SPONSORS * *WATCH NOW: NANOG 90 Playlist is on YouTube!* Have you

WATCH NOW: NANOG 90 Playlist is on YouTube! + More

*Thank You to all NANOG 90 Sponsors! * *We Appreciate Your Investment in The Community* It truly takes a village. Thank you to all attendees, sponsors, vendors, + speakers. *SEE SPONSORS * *WATCH NOW: NANOG 90 Playlist is on YouTube!* Have you

Re: TFTP over anycast

I do NTP, DHCP, TFTP, DNS, HTTP anycast. NTP, DNS and HTTP with ECMP, TFTP and DHCP as active/active on a per Datacenter Basis. These are small Datacenters with less than 50k Servers each. In every datacenter an anycast node is active and the router just chooses the shortest path. It becomes

Re: Akamai AANP minimum traffic?

Yep, can confirm the same thing. Rather connect over PNI when possible instead of using caches anyway, less hardware that we have to keep in colos, not to mention the associated liabilities. > On Feb 22, 2024, at 12:55, John Stitt wrote: > > I can't speak with authority since I'm not with

Re: Any info on AT Wireless Outage?

I have several friends in the Nashville area who did not have AT Home broadband service this morning, could be unrelated but would point to a different issue than the SIMs. On Thu, Feb 22, 2024 at 1:16 PM John Councilman wrote: > From what I've read, they lost their database of SIM cards. I

Re: Akamai AANP minimum traffic?

We got our caches around 2000 or so. They pulled them a few years ago. If I recall, they couldn't put hardware with private keys loaded on them in ISP networks without them having physical security of the machines, and most of the content they were serving up seemed to need encryption.

Re: TFTP over anycast

On Thu, Feb 22, 2024 at 10:47 AM Javier Gutierrez wrote: > I was wondering if someone had some experience with using anycast for TFTP > or DHCP services? Hi Javier, Anycast for TFTP is more or less the same as anycast for TCP-based protocols: it has corner cases which fail and fail hard, but

Re: Akamai AANP minimum traffic?

Akamai AANP was the first CDN in my network… ~2010’ish…I forget what the minimum requirement was back then, but wanted to let you know that around 2018/2019 they started telling me they wanted to pull the caches from my network. It wasn’t until like last year sometime that they were telling me

Re: Any info on AT Wireless Outage?

>From what I've read, they lost their database of SIM cards. I could be wrong of course. On Thu, Feb 22, 2024 at 2:02 PM Dorn Hetzel wrote: > As widespread as it seemed to be, it feels like it would be quite a trick > if it were a single piece of hardware. Firmware load that ended badly, I >

Re: Any info on AT Wireless Outage?

As widespread as it seemed to be, it feels like it would be quite a trick if it were a single piece of hardware. Firmware load that ended badly, I wonder? On Thu, Feb 22, 2024 at 1:51 PM Leato, Gary via NANOG wrote: > Do you have the ability to expand on this at all? Do you mean a hardware >

TFTP over anycast

Hi, I'm working on some DR design and we want to not only have this site as a DR but also performing some active/active for some of the services we hosts and I was wondering if someone had some experience with using anycast for TFTP or DHCP services? What are some of the pains/challenges you

RE: Akamai AANP minimum traffic?

I can't speak with authority since I'm not with Akamai, but I requested a cache maybe a year or so ago. At the time I was told they were moving away from caching unless you were doing well over 100Gbps consistently, just due to the massive scale of their data not lending itself well to caching

RE: Any info on AT Wireless Outage?

Do you have the ability to expand on this at all? Do you mean a hardware failure of some kind IE router, optitcs, etc? From: NANOG On Behalf Of R. Leigh Hennig Sent: Thursday, February 22, 2024 8:17 AM To: Robert DeVita Cc: nanog@nanog.org Subject: Re: Any info on AT Wireless Outage? Word

Akamai AANP minimum traffic?

Does anyone know what the minimum traffic is to qualify for an Akamai AANP cache? Tom

Re: Any info on AT Wireless Outage?

No issues on FirstNet here in Houston metro, but AT consumer core still appears to be non-functional. From: NANOG on behalf of Ryan A. Krenzischek via NANOG Sent: Thursday, February 22, 2024 8:03 AM To: Ray Orsini Cc: nanog@nanog.org Subject: Re: Any info on AT

RE: Any info on AT Wireless Outage?

I’ve got about 500 Cradlepoints with AT throughout the US. I saw about 20 of them go down, all different locations, all around the same time (around 5am CST). FWIW these are across 3 different AT OU’s… AT IoT (with a FirstNet APN), AT 4G Business Broadband, and straight AT Business/Retail 4G.

Re: Any info on AT Wireless Outage?

Word around the campfire is that it’s a Cisco issue. > On Feb 22, 2024, at 8:03 AM, Robert DeVita wrote: > > Reports have it starting at 4:30 a.m.. SOS on all phones.. > > > > > Robert DeVita > CEO and Founder > t: (469) 581-2160 > | > m: (469) 441-8864 > e:

Re: Any info on AT Wireless Outage?

The same as well for FirstNet but am now able to make calls. Others who are on AT are unable to receive or send calls. Enabling wifi calling on a regular AT phone (android) results in a 502 bad gateway error message. Ryan > On Feb 22, 2024, at 08:11, Ray Orsini via NANOG wrote: > >  >

Re: Any info on AT Wireless Outage?

Appears to have affected at least some FirstNet SIMS as well. On Thu, Feb 22, 2024, 08:10 Ray Orsini via NANOG wrote: > We're affected as well. Unable to dial out. I haven't found any official > statement though. > > [image: OIT Website] > Ray Orsini > Chief Executive

Re: Any info on AT Wireless Outage?

We're affected as well. Unable to dial out. I haven't found any official statement though. [OIT Website] Ray Orsini Chief Executive Officer OIT, LLC [cid:c8519a01-d6f7-40e7-8376-cceab8183f23] 305.967.6756 x1009| [cid:4471b74c-1422-4b97-b14d-39a4abda62c8]

Any info on AT Wireless Outage?

Reports have it starting at 4:30 a.m.. SOS on all phones.. [cid:image001.jpg@01DA655D.39E82510] Robert DeVita CEO and Founder t: (469) 581-2160 | m: (469) 441-8864 e: radev...@mejeticks.com | w: mejeticks.com a: 2323 N Akard

[NANOG-announce] 2024 NANOG Committee Appointments

NANOG Community, I am excited to announce that 34 NANOG members accepted appointments to a committee. So many highly-qualified volunteers from the NANOG membership were nominated for this year’s committee selection, and we personally thank each NANOG member who offered their time. As an

2024 NANOG Committee Appointments

NANOG Community, I am excited to announce that 34 NANOG members accepted appointments to a committee. So many highly-qualified volunteers from the NANOG membership were nominated for this year’s committee selection, and we personally thank each NANOG member who offered their time. As an

Re: AWS WAF list

Here’s the usual problem: Victim is a customer Q of ISP A. WAF provided by provider X is chosen by website Y. A has no business relationship with X or Y. A’s requests to X are rebuffed because A is not a customer of X. A’s requests to Y are rebuffed because A is not a customer of Y. A tells

Re: AWS WAF list

> > and it's affecting our customers' access to various ===>> websites.<<=== > On Tue, Feb 20, 2024 at 6:15 PM Pui Ee Luun Edylie wrote: > There must be a reason why the web site chooses the WAF list to block out > the victim? If so why not the victim to contact the website to request them >

RE: AWS WAF list

There must be a reason why the web site chooses the WAF list to block out the victim? If so why not the victim to contact the website to request them to talk to the waf list provider to remove victim ip block? Edy From: NANOG On Behalf Of Owen DeLong via NANOG Sent: Wednesday, 21

Re: AWS WAF list

Unfortunately, the victim doesn’t chose the WAF list, the web site that is causing the victim grief chooses the WAF list. Owen > On Feb 20, 2024, at 14:15, j...@joelesler.net wrote: > > There are other WAF lists available on AWS besides their native one. Ones > that have support. > >> On

Re: AWS WAF list

There are other WAF lists available on AWS besides their native one. Ones that have support. > On Feb 20, 2024, at 16:18, George Herbert wrote: > > This is terrible advice, but you might need another netblock for the > eyeballs. Possibly a small one with enterprise NAT, but something

Re: AWS WAF list

This is terrible advice, but you might need another netblock for the eyeballs. Possibly a small one with enterprise NAT, but something outside the AWS list ranges... -George On Mon, Feb 19, 2024 at 7:35 PM Justin H. wrote: > That matches my experience with these types of problems in the

Re: NANOG 90 Attendance?

On Mon, Feb 19, 2024 at 7:37 PM, Randy Bush wrote: > We actually had an IETF "Help Desk" at NANOG 63 (San Antonio, 2015) and > NANOG 64 or 65 ― > https://www.internetsociety.org/blog/2015/01/ > chris-grundemann-nanog-63-talking-bcop-ietf-and-more/ and >

Re: Peering Contact at AS16509

We reached out to them using peeringdb contacts and got the whole thing setup in about 4 weeks. Two IX total about 5gbps peak traffic. So your mileage may vary. FYI that min peering 100gbps I think is just for PNI. They had no problems setting up sessions over the two IXs we share. On Mon, Feb

Re: Roku Network Contact

Looks like ocue...@roku.com (Oscar Cuevas) is listed as the NOC contact for their AS: https://whois.arin.net/rest/asn/AS394557/pft https://whois.arin.net/rest/poc/CUEVA24-ARIN Kind regards, Noah On 19/02/2024 15:47, Jason Canady wrote: Does anyone here have a network contact for Roku?  Need

Re: Peering Contact at AS16509

Even if you don’t meet the port speed requirements for a PNI, there is likely something that could work via an IX. On Tue, Feb 20, 2024 at 12:57 PM Tim Burke wrote: > We reached out some time ago using the contact on PeeringDB and had no > issue, but the amount of transit consumed to get to

EU Gigabit Infrastructure Act agreement - in-building infrastructure access

While I'm still asking a builder in the USA about pre-wiring new construction house The EU has included in-building infrastructure and fiber ready requirements in its new Gigabit Infrastructure act.

Re: Peering Contact at AS16509

Meant to reply to this thread earlier today, but a contact from 16509 reached out directly and got everything squared away for us. On Mon, Feb 19, 2024 at 8:56 PM Tim Burke wrote: > We reached out some time ago using the contact on PeeringDB and had no > issue, but the amount of transit

Re: Verizon Business Contact

Based on the ASName of both AS, including CELLCO which is the actual name of the corporate entity known as Verizon Wireless, I would agree that both are in fact Verizon Wireless. The contacts are just corporate standard entities. Shane > On Feb 19, 2024, at 9:01 PM, Richard Laager wrote: > >

Re: Verizon Business Contact

I see the route originated by two different ASNs. I agree that when I use the AS6167 path, it is broken (for the destinations where it is broken; 63.59.166.100 was working despite using the AS6167 path). BGP routing table entry for 63.59.0.0/16 Paths: 2 available 6939 701 22394

Re: Peering Contact at AS16509

We reached out some time ago using the contact on PeeringDB and had no issue, but the amount of transit consumed to get to 16509 is substantial enough to make responding worth their while. Their minimum peering is 100G, with 400G preferred, so it’s very possible that if you’re not consuming

Re: NANOG 90 Attendance?

> We actually had an IETF "Help Desk" at NANOG 63 (San Antonio, 2015) and > NANOG 64 or 65 ― > https://www.internetsociety.org/blog/2015/01/chris-grundemann-nanog-63-talking-bcop-ietf-and-more/ > and > https://www.internetsociety.org/blog/2014/11/operators-and-the-ietf-update-from-ietf-91/ > > We

RE: NANOG 90 Attendance?

On Thu, Feb 15, 2024 at 10:30 AM, Lee Howard wrote: > > > I’m jumping on an earlier part of the thread. > > > > Based on what I heard at the Members Meeting and several follow up hallway > conversations, I think: > > > >- NANOG needs a focus group on attendees. A survey won’t do it, we >

Re: Verizon Business Contact

No, Verizon Wireless has their own AS # and doesn’t actually use Verizon Business as their primary provider.ShaneOn Feb 19, 2024, at 2:58 PM, Mike Hammett wrote:But then MCI is the one running fiber to all of the Verizon Wireless sites, so that doesn't help in de-muddying the waters.-Mike

Re: Verizon Business Contact

But then MCI is the one running fiber to all of the Verizon Wireless sites, so that doesn't help in de-muddying the waters. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest-IX http://www.midwest-ix.com - Original Message - From:

Re: Verizon Business Contact

Verizon Business is the fixed line business focused entity, formerly MCI and UUNET. Verizon Wireless is the wireless business entity.ShaneOn Feb 19, 2024, at 2:44 PM, Justin Krejci wrote: For me it is some AS 6167 destinations. WHOIS for that ASN says this is Verizon Business. AS Number:

Re: Verizon Business Contact

For me it is some AS 6167 destinations. WHOIS for that ASN says this is Verizon Business. AS Number: 6167 Org Name: Verizon Business I am not sure how I am supposed to accurately or authoritatively discern the differences in specific IP prefixes (or ASNs) as to whether they are

Re: [External] Re: IPv6 uptake

On Mon, Feb 19, 2024 at 10:31 AM Tim Howe wrote: > On Mon, 19 Feb 2024 10:01:06 -0800 > William Herrin wrote: > > So when the user wants to run a home server, their IPv4 options are to > > create a TCP or UDP port forward for a single service port or perhaps > > create a generic port forward for

Re: [External] Re: IPv6 uptake

Some responses below. On Mon, 19 Feb 2024 10:01:06 -0800 William Herrin wrote: > > I've never once seen a device > > that has v6 support and didn't have a stateful v6 firewall on by > > default (if v6 was "on"). > > Acknowledged. > > So when the user wants to run a home server, their IPv4

Re: [External] Re: IPv6 uptake

On Mon, Feb 19, 2024 at 9:44 AM Tim Howe wrote: > FWIW, in the decade we have been providing dual-stack by default, I > have made a bit of a hobby out of testing every CPE and SOHO router > that I get may hands on in my PON lab. Hi Tim, I have not, so I'll defer to your experience. > I've

Re: [External] Re: IPv6 uptake

OpenWrt, from which much is derived, is default deny on ipv4 and ipv6. The ipv6 firewall on most cable devices prior to the XB6 is very, very limited. On Mon, Feb 19, 2024 at 12:44 PM William Herrin wrote: > > On Mon, Feb 19, 2024 at 9:23 AM Hunter Fuller wrote: > > On Mon, Feb 19, 2024 at

Re: [External] Re: IPv6 uptake

On Mon, 19 Feb 2024 09:16:00 -0800 William Herrin wrote: > I disagree with that one. Limiting discussion to the original security > context (rather than the wider world of how useful IPv6 is without > IPv4), IPv6 is typically delivered to "most people" without border > security, while IPv4 is

Re: [External] Re: IPv6 uptake

On Mon, Feb 19, 2024 at 9:23 AM Hunter Fuller wrote: > On Mon, Feb 19, 2024 at 11:16 AM William Herrin wrote: > > > There isn't really an advantage to using v4 NAT. > > I disagree with that one. Limiting discussion to the original security > > context (rather than the wider world of how useful

Re: AWS WAF list

That matches my experience with these types of problems in the past.  Especially when the end-users don't have a process for white-listing.  We actually got a response from one WAF user to "connect to another network to log in, then you should be able to use the site, because it's just the

Re: [External] Re: IPv6 uptake

On Mon, Feb 19, 2024 at 11:16 AM William Herrin wrote: > > There isn't really an advantage to using v4 NAT. > I disagree with that one. Limiting discussion to the original security > context (rather than the wider world of how useful IPv6 is without > IPv4), IPv6 is typically delivered to "most

Re: [External] Re: IPv6 uptake

On Mon, Feb 19, 2024 at 9:00 AM Hunter Fuller wrote: > I guess the point I'm making is, the methods we are using today for v6 > dual WAN, work fine for most people. Hi Hunter, I accept that point. It's wobbly on some of the details, but you're talking "most" people, not everyone. > There

Re: [External] Re: IPv6 uptake

On Mon, Feb 19, 2024 at 10:22 AM William Herrin wrote: > Yes and no. The client application has to be programmed to understand > link-local addresses or it can't use them at all. You can't just say > "connect to fe80::1." Even if there's an fe80::1 on your network, it > doesn't work. The client

Re: [External] Re: IPv6 uptake

On Mon, Feb 19, 2024 at 8:08 AM Hunter Fuller wrote: > On Mon, Feb 19, 2024 at 9:17 AM William Herrin wrote: > > There's also the double-ISP loss scenario that causes Joe to lose all > > global-scope IP addresses. He can overcome that by deploying ULA > > addresses (a third set of IPv6

Re: [External] Re: IPv6 uptake

On Mon, Feb 19, 2024 at 11:13 AM Hunter Fuller via NANOG wrote: > > On Mon, Feb 19, 2024 at 9:29 AM Mike Hammett wrote: > > "In IPv6's default operation, if Joe has two connections then each of > > his computers has two IPv6 addresses and two default routes. If one > > connection goes down, one

Re: [External] Re: IPv6 uptake

mdns can still be "fun" in a wide variety of situations. https://www.reddit.com/r/k12sysadmin/comments/9yghdx/chromebooks_and_peer_to_peer_updates_can_be/ I do not know to what extent the upgrade to unicast feature long gestating in the IETF has been adopted. On Mon, Feb 19, 2024 at 11:10 AM

Re: [External] Re: IPv6 uptake

On Mon, Feb 19, 2024 at 9:29 AM Mike Hammett wrote: > "In IPv6's default operation, if Joe has two connections then each of > his computers has two IPv6 addresses and two default routes. If one > connection goes down, one of the routes and sets of IP addresses goes > away." > > This sounds like a

Re: [External] Re: IPv6 uptake

On Mon, Feb 19, 2024 at 9:17 AM William Herrin wrote: > There's also the double-ISP loss scenario that causes Joe to lose all > global-scope IP addresses. He can overcome that by deploying ULA > addresses (a third set of IPv6 addresses) on the internal hosts, but > convincing the internal network

Re: IPv6 uptake

> > I'm not going to participate in the security conversation, but we do > absolutely need something to fill the role of NAT in v6. If it's already > there or not, I don't know. Use case: Joe's Taco Shop. Joe doesn't want a > down Internet connection to prevent transactions from completing, so he

Re: IPv6 uptake (was: The Reg does 240/4)

On Mon, Feb 19, 2024 at 6:02 AM Howard, Lee wrote: > Most NATs I've seen in the last 10-15 years are "full cone" NATs: they are > configured so that once there is an > outbound flow, and inbound datagram to that address+port will be forwarded to > the inside address, regardless > of source. Hi

Re: IPv6 uptake

" In IPv6's default operation, if Joe has two connections then each of his computers has two IPv6 addresses and two default routes. If one connection goes down, one of the routes and sets of IP addresses goes away." This sounds like a disaster. - Mike Hammett Intelligent Computing

Re: IPv6 uptake

On Mon, Feb 19, 2024 at 6:52 AM Mike Hammett wrote: > "We can seriously lose NAT for v6 and not lose > anything of worth." > > I'm not going to participate in the security conversation, but we > do absolutely need something to fill the role of NAT in v6. If it's > already there or not, I don't

Re: IPv6 uptake

" We can seriously lose NAT for v6 and not lose anything of worth." I'm not going to participate in the security conversation, but we do absolutely need something to fill the role of NAT in v6. If it's already there or not, I don't know. Use case: Joe's Taco Shop. Joe doesn't want a down

Roku Network Contact

Does anyone here have a network contact for Roku?  Need some assistance.  Thank you! Best Regards, Jason

Re: IPv6 uptake (was: The Reg does 240/4)

On Mon, Feb 19, 2024 at 5:29 AM Howard, Lee via NANOG wrote: > In the U.S., the largest operators without IPv6 are (in order by size): > Lumen (CenturyLink) CenturyLink has IPv6 using 6rd. It works fine. Regards, Bill Herrin -- William Herrin b...@herrin.us https://bill.herrin.us/

RE: IPv6 uptake (was: The Reg does 240/4)

Bottom-posted with old school formatting by hand. -Original Message- From: NANOG On Behalf Of William Herrin Sent: Friday, February 16, 2024 8:05 PM To: Michael Thomas Cc: nanog@nanog.org Subject: Re: IPv6 uptake (was: The Reg does 240/4) > On the firewall, I program it to do NAT

RE: IPv6 uptake (was: The Reg does 240/4)

If you ever want to know which providers in a country are lagging, Geoff Huston is here to help: https://stats.labs.apnic.net/ipv6/US In the U.S., the largest operators without IPv6 are (in order by size): Verizon FiOS (they deployed to 50%, discovered a bug, and rolled back) Frontier Lumen

Re: IPv6 uptake (was: The Reg does 240/4)

On Sun, 18 Feb 2024, 05:29 Owen DeLong via NANOG, wrote: > Most firewalls are default deny. Routers are default allow unless you put > a filter on the interface. > This is not relevant though. NAT when doing port overloading, as is the case for most CPE, is not default-deny or default-allow.

Re: IPv6 uptake

It appears that Nick Hilliard said: >full control of all modems and they're all relatively recent, properly >supported units, fully managed by the cable operator. If you start >adding poor quality cheap units into the mix, it can cause service problems. The cablecos I've dealt with have a list

Re: IPv6 uptake

Michael Thomas wrote on 18/02/2024 21:18: So it has its own wireless? I seem to recall that there were some economic reasons to use their CPE as little as possible to avoid rent. Has that changed? Or can I run down and just buy a Cablelabs certified router/modem these days? There's no short

Re: IPv6 uptake

On 2/18/24 1:10 PM, Nick Hilliard wrote: Michael Thomas wrote on 18/02/2024 20:56: That's really great to hear. Of course there is still the problem with CPE that doesn't speak v6, but that's not their fault and gives some reason to use their CPE. Already solved: cable modem ipv6 support

Re: IPv6 uptake

Michael Thomas wrote on 18/02/2024 20:56: That's really great to hear. Of course there is still the problem with CPE that doesn't speak v6, but that's not their fault and gives some reason to use their CPE. Already solved: cable modem ipv6 support is usually also excellent, both in terms of

Re: IPv6 uptake

On 2/18/24 12:50 PM, Nick Hilliard wrote: Michael Thomas wrote on 18/02/2024 20:28: I do know that Cablelabs pretty early on -- around the time I mentioned above -- has been pushing for v6. Maybe Jason Livingood can clue us in. Getting cable operators onboard too would certainly be a good

Re: IPv6 uptake

Michael Thomas wrote on 18/02/2024 20:28: I do know that Cablelabs pretty early on -- around the time I mentioned above -- has been pushing for v6. Maybe Jason Livingood can clue us in. Getting cable operators onboard too would certainly be a good thing, availability of provider-side ipv6

Re: IPv6 uptake (was: The Reg does 240/4)

On 2/18/24 8:47 AM, Greg Skinner via NANOG wrote: On Feb 17, 2024, at 11:27 AM, William Herrin wrote: On Sat, Feb 17, 2024 at 10:34?AM Michael Thomas wrote: Funny, I don't recall Bellovin and Cheswick's Firewall book discussing NAT. And mine too, since I hadn't heard of "Firewalls and

Re: IPv6 uptake (was: The Reg does 240/4)

On 2/17/24 11:27 AM, William Herrin wrote: On Sat, Feb 17, 2024 at 10:34 AM Michael Thomas wrote: I didn't hear about NAT until the late 90's, iirc. I've definitely not heard of Gauntlet. Then there are gaps in your knowledge. Funny, I don't recall Bellovin and Cheswick's Firewall book

Peering Contact at AS16509

If a contact who manages North American peering at AS16509 could reach out off-list, that would be appreciated. Myself and a few colleagues have attempted to reach out via the contacts listed on PeeringDB on multiple occasions over the last couple of months and have not been successful in reaching

Re: AWS WAF list

The whole situation with these WAF as a service setups is a nightmare for the affected (afflicted) parties. I saw this problem from both sides when I was at Akamai. It’s not great from the service provider side, but it’s an absolute shit show for anyone on the wrong side of a block. There’s

Re: IPv6 uptake (was: The Reg does 240/4)

On Feb 17, 2024, at 11:27 AM, William Herrin wrote: > > On Sat, Feb 17, 2024 at 10:34?AM Michael Thomas wrote: > >> Funny, I don't recall Bellovin and Cheswick's Firewall book discussing >> NAT. > > And mine too, since I hadn't heard of "Firewalls and Internet > Security: Repelling the Wily

<    5   6   7   8   9   10   11   12   13   14   >