Re: [EXTERNAL] DNS filtering in practice, Re: Charter DNS servers returning malware filtered IP addresses

2023-11-01 Thread Delong.com via NANOG
> On Nov 1, 2023, at 13:28, Michael Thomas wrote: > > > On 10/28/23 3:13 AM, John Levine wrote: >> It appears that Michael Thomas said: If you're one of the small minority of retail users that knows enough about the technology to pick your own resolver, go ahead. But it's a r

Re: [EXTERNAL] Charter DNS servers returning malware filtered IP addresses

2023-10-28 Thread Delong.com via NANOG
> On Oct 28, 2023, at 10:28, Jay R. Ashworth wrote: > > - Original Message - >> From: "Owen DeLong via NANOG" > >>> For a network feeding a data center, sure. For a network like >>> Charter's which is feeding unsophisticated nontechnical users, they >>> need all the messing they can

Re: MX204 tunnel services BW

2023-10-16 Thread Delong.com via NANOG
Looks like the MX204 Is a bit of an odd duck in the MX series. It probably shares some hardware characteristics under the hood (even the MX80 (mostly, there was a variant that had pre-installed interfaces) had MIC slots). The MX-204 appears to be an entirely fixed configuration chassis and looks

Re: ARIN whois contact abuse from ipv4depot aka Silicon Desert International Inc

2023-10-12 Thread Delong.com via NANOG
RIPE != ARIN RIPE has a very lessez faire attitude towards network abuse and always has. It’s rather unfortunate. ARIN, OTOH, has a clear understanding of their mandate, and they won’t pursue abuse outside of that mandate (e.g. general SPAM complaints, DDOS, etc.), but they will pursue complai

Re: maximum ipv4 bgp prefix length of /24 ?

2023-10-11 Thread Delong.com via NANOG
> On Oct 11, 2023, at 18:53, Willy Manga wrote: > > > . > On 11/10/2023 22:29, Delong.com wrote: >> [...] >>> Yes, but in that scenario any advertisements between /32 and /36 from that >>> prefix originated by AS65500 are *valid* . That's why "ROAs should be as >>> precise as possible, mean

Re: xfinity not working

2023-10-11 Thread Delong.com via NANOG
XFINITY will send you bursts of other peoples data constantly. That’s the nature of CMTS, it’s a broadcast network, acts like one giant ethernet. Owen > On Oct 11, 2023, at 15:00, William Herrin wrote: > > On Wed, Oct 11, 2023 at 12:32 PM Delong.com wrote: >> Nope… My Surfboard 8611 has tha

Re: maximum ipv4 bgp prefix length of /24 ?

2023-10-11 Thread Delong.com via NANOG
>> The point here is that at some point, even with translation, we run out of >> IPv4 addresses to use for this purpose. What then? > > You deliver the Internet over IPv6. A really large functional Internet > exists today if you only have IPv6. It is only getting bigger. Lots of (the > majo

Re: maximum ipv4 bgp prefix length of /24 ?

2023-10-11 Thread Delong.com via NANOG
; -- > Mark Andrews > >> On 12 Oct 2023, at 06:07, Delong.com wrote: >> >>  >> >>>> On Oct 10, 2023, at 17:20, Mark Andrews wrote: >>>> >>>> >>>> >>>>> On 11 Oct 2023, at 09:43, Delong.

Re: maximum ipv4 bgp prefix length of /24 ?

2023-10-11 Thread Delong.com via NANOG
> On Oct 11, 2023, at 11:50, Dale W. Carder wrote: > > Thus spake Delong.com via NANOG (nanog@nanog.org) on Tue, Oct 10, 2023 at > 04:52:07PM -0700: >> However, IF YY is paying attention, and YY wants to advertise 2001:db8::/32 >> as well as allow 2001:db8:8000::/3

Re: xfinity not working

2023-10-11 Thread Delong.com via NANOG
> On Oct 11, 2023, at 11:34, William Herrin wrote: > > On Wed, Oct 11, 2023 at 11:12 AM Delong.com wrote: >> There are still some knobs… >> >> e.g. bridge mode or not (usually) > > I'm guessing that's only if there's a built-in wifi router. My grand > experience with cable modems counts to

Re: constraining RPKI Trust Anchors

2023-10-11 Thread Delong.com via NANOG
Isn’t this sort of related to the AS-0 ROA effort a while back (except some of the RIRs rejected it, unfortunately)? I suspect that the same reasons behind rejection of AS-0 will also apply to RIR implementation of something like this, so plans to address that (and revive AS-0 perhaps) might al

Re: maximum ipv4 bgp prefix length of /24 ?

2023-10-11 Thread Delong.com via NANOG
> On Oct 10, 2023, at 17:20, Mark Andrews wrote: > > > >> On 11 Oct 2023, at 09:43, Delong.com via NANOG wrote: >> >>> As a community, we have failed, because we never acknowledged and addressed >>> the need for backward compatibility between

Re: maximum ipv4 bgp prefix length of /24 ?

2023-10-11 Thread Delong.com via NANOG
> On Oct 10, 2023, at 22:44, Willy Manga wrote: > > > > > On 11/10/2023 03:52, Delong.com wrote: >> >>> On Oct 10, 2023, at 13:36, Matthew Petach wrote: >>> [...] >>> Owen, >>> >>> RPKI only addresses accidental hijackings. >>> It does not help prevent intentional hijackings. >> OK, but a

Re: xfinity not working

2023-10-11 Thread Delong.com via NANOG
There are still some knobs… e.g. bridge mode or not (usually) Owen > On Oct 10, 2023, at 23:01, William Herrin wrote: > > On Tue, Oct 10, 2023 at 6:07 PM Al Whaley wrote: >> My understanding is that the internal web page in the consumer modems is >> gone. App or nothing. > > With xfinity,

Re: xfinity not working

2023-10-10 Thread Delong.com via NANOG
I didn’t have a problem with it a couple of months ago, but that was when I installed Comcast Business, so likely a different user experience from residential. I had to call them on the phone to turn off my residential after the business install was completed and operational. Owen > On Oct 10

Re: maximum ipv4 bgp prefix length of /24 ?

2023-10-10 Thread Delong.com via NANOG
> On Oct 10, 2023, at 13:36, Matthew Petach wrote: > > > > On Tue, Oct 10, 2023 at 12:58 PM Delong.com via NANOG <mailto:nanog@nanog.org>> wrote: >> Isn’t this supposed to be one of the few ACTUAL benefits of RPKI — You can >> specify the maximum pr

Re: maximum ipv4 bgp prefix length of /24 ?

2023-10-10 Thread Delong.com via NANOG
> > The questions you ask Owen are obviously answerable by anyone with access to > a BGP routing table dump (which is pretty much anyone!). > > BGP is many things - it is a topology maintenance protocol, but its a traffic > engineering protocol and an attack mitigation protocol. In the latter t

Re: maximum ipv4 bgp prefix length of /24 ?

2023-10-10 Thread Delong.com via NANOG
> As a community, we have failed, because we never acknowledged and addressed > the need for backward compatibility between IPv6 and IPv4, and instead > counted on magic handwaving about tipping points and transition dates where > suddenly there would be "enough" IPv6-connected resources that ne

Re: maximum ipv4 bgp prefix length of /24 ?

2023-10-10 Thread Delong.com via NANOG
Isn’t this supposed to be one of the few ACTUAL benefits of RPKI — You can specify the maximum prefix length allowed to be advertised within a shorter prefix and those (theoretically) block hijackers taking advantage of advertising more specifics to cut you off? While I recognize that RPKI is n

Re: maximum ipv4 bgp prefix length of /24 ?

2023-10-09 Thread Delong.com via NANOG
> On Oct 5, 2023, at 15:51, Geoff Huston wrote: > >> On 6 Oct 2023, at 6:13 am, Owen DeLong wrote: >> >> Ratio of FIB to RIB is only part of the equation. >> >> IPv6 is NOT under the disaggregation pressure that IPv4 is under because >> there is no pressure (other than perhaps scarcity men

Re: cogent spamming directly from ARIN records?

2023-10-04 Thread Delong.com via NANOG
My best guess is “Life As We Know It Will Be Over”, but that’s just a guess. Owen > On Oct 2, 2023, at 17:32, Collider wrote: > > So is LAWKIWBO, which is the correct acronym mentioned downthread. > > > Le 3 octobre 2023 00:29:08 UTC, Collider a > écrit : >> Congrats! LIOAWKI is a hapax le

Re: maximum ipv4 bgp prefix length of /24 ?

2023-10-02 Thread Delong.com via NANOG
> On Oct 2, 2023, at 12:19, Mark Tinka wrote: > > > > On 10/2/23 20:44, Tim Franklin wrote: > >> Had NOT considered the looping - that's what you get for writing in public >> without thinking it all the way through *blush*. >> >> Thanks for poking holes appropriately, >> > > Like I said

Re: MX204 tunnel services BW

2023-10-02 Thread Delong.com via NANOG
AIUI, with Trio, you don’t have to disable a physical port, but that comes at the cost of “Tunnel gets whatever bandwidth is left after physical port packets are processed” and likely some additional overhead for managing the sharing. Could that be what’s happening to you? Owen > On Oct 2, 20

Re: SMTP-friendly VPS provider where I can also get a BGP feed

2023-09-26 Thread Delong.com via NANOG
I’ve had great luck with Netactuate. Their pricing is decent, but not super cheap, but they provide excellent customer service and are very friendly and responsive. Their network is also top notch and trouble free. Owen > On Sep 26, 2023, at 11:50, Mel Beckman wrote: > > Tony, > > BGP is h

Re: Zayo woes

2023-09-19 Thread Delong.com via NANOG
It can be even less customer-facing and more entrenched than that… A uses ISIS and MPLS, B uses OSPF and native circuits. Putting (e)BGP sessions across the border between those two is pretty quick and easy. Integration would essentially require shifting one system onto the other methodology

Re: Zayo woes

2023-09-19 Thread Delong.com via NANOG
You’ve got the blame right, but the fact that the cost savings don’t materialize quickly seems to get forgiven more easily than a sudden (albeit one-time, temporary) increase in costs to accelerate that transition. Result: In general, no additional money, limp along and realize the cost savings

Re: AFRINIC placed in receivership

2023-09-15 Thread Delong.com via NANOG
Noe… You are conflating two completely different cases, sir. CI submitted legitimate applications and their addresses were issued prior to Ernest’s activities. You’re mixing Lu Heng up with Elad Cohen. Owen > On Sep 15, 2023, at 16:32, Eric Kuhnke wrote: > > https://www.devdiscourse.com/art

Re: AFRINIC placed in receivership

2023-09-15 Thread Delong.com via NANOG
> On Sep 15, 2023, at 15:05, Eric Kuhnke wrote: > > A much better explanation of the situation can be found at: > > https://www.theregister.com/2023/07/03/nrs_afrinic_review/ > > I also recommend that everyone who is not yet familiar with the issue google > Lu Heng and Cloud Innovations, the

Re: IP range for lease

2023-07-11 Thread Delong.com via NANOG
> On Jul 10, 2023, at 06:58, Sylvain Baya wrote: > > Dear NANOG-ers, > Hope this email finds you in good health! > > Please see my comments below, inline... > > Le jeudi 6 juillet 2023, Owen DeLong via NANOG > a écrit : >>  >>  >>  >>  >> Karin, >> >> Opinions re

Re: Northern Virginia has had enough with data centers

2023-06-23 Thread Delong.com via NANOG
> On Jun 23, 2023, at 15:17, Sean Donelan wrote: > > > Northern Virginia has about 275 data centers There’s probably close to that number in the South Bay Area of California as well. > The noise complaints are about HVAC fan noise (24-hour droning) from cooling > towers or roof top farms

Re: Northern Virginia has had enough with data centers

2023-06-23 Thread Delong.com via NANOG
> On Jun 23, 2023, at 12:19, Christopher Morrow wrote: > > On Fri, Jun 23, 2023 at 9:16 AM Mike Hammett > wrote: >> >> I view throwing everything into NOVA as being lazy. Throwing so many at one >> place isn't good for resiliency. > > there's nyc and chicago and cal

Re: FCC Chair Rosenworcel Proposes to Investigate Impact of Data Caps

2023-06-16 Thread Delong.com via NANOG
I went over often enough that it was easier (and cheaper) to just give them an extra $30/month for unlimited. I also cancelled other Comcast services at the same time that were costing me more than $30/month, so for me, It was a net gain and for Comcast, a net loss. I did this immediately when t