On 24/06/08 01:04, Martin Barry wrote:
> $quoted_author = "Bernard Becker" ;
>> Looking for recommendations for carrier neutral co-lo facility for Melbourne
>> Australia. Our searches so far seem to turn up sites either on Telstra or
>> Optus affiliated co-lo facilities. We need to be in a carrier
On 19/08/08 19:23, Jon Kibler wrote:
> I am looking at deploying an open source CA/PKI for a client. It would
> be only for internal users and systems. It would have to manage a few
> hundred certificates against the organization's self-signed root cert.
> It would be installed on a CentOS 5.x plat
On 10/11/08 17:36, Miya Kohno wrote:
>
>
> If we consider the phases in terms of IPv6 deployment,
>
> Ph-0: IPv4 only
> Ph-1: IPv4/v6 dual stack + v4/v6 coexistence technologies
> Ph-2: IPv6 only
Hmm, not quite. I'd say:
v4 only
v4/v6 dual stack, with v4 being primary (for network mana
A slightly nicer tool than just using "openssl s_client" is testssl.sh,
handles STARTTLS and some other non-trivial cases.
https://testssl.sh/
Back when I first used it I did read the source, these days at ~650k of
shell script, that's a little less practical.
On 12/4/21 10:58 pm, Bjørn Mork wro
On 19/4/21 2:36 pm, Mark Tinka wrote:
> On 4/19/21 05:05, Eric Kuhnke wrote:
[...]
>> In the pre covid19 era when people were actually traveling places,
>> imagine you've had reason to go somewhere weird and need access to a
>> thing (such as your online banking, perhaps?) protected by SMS 2FA,
On 23/9/21 3:01 am, Grant Taylor via NANOG wrote:
> On 9/22/21 10:45 AM, Lady Benjamin Cannon of Glencoe, ASCE wrote:
>> Half-penny pinching “mah powah” landlords are especially annoying in a
>> cosmic sense
>
> I know someone who had a bit of a different experience.
>
> Someone, purportedly t
On 14/1/22 2:45 am, Dave Taht wrote:
Thx. I started a thread over on the cerowrt-devel mailing list on this,
it was cool to find several linux based SFPs worth playing with, Finding
a set of "common" ONTs worth configuring in a way more suited for
an fq_codel'd router (and especially not using po
On 31/1/19 7:08 pm, Mark Tinka wrote:
> I believe most exchange points maintain both route servers and route
> collectors.
>
> Generally, most peers will connect to the RS, but not all. As you
> mention, some may connect but not send any routes.
>
> However, I believe all peers will connect to th
On 1/2/19 1:31 pm, Niels Bakker wrote:
> * br...@shout.net (Bryan Holloway) [Fri 01 Feb 2019, 02:00 CET]:
>> What do IXes do (or can do) to enforce the completion of a renumbering?
> - Be ready to move ports to a quarantine VLAN when they haven't
> renumbered in time, despite those previously m
On 27/2/19 3:10 am, John Levine wrote:
> In article you write:
>> We need to get switched over to DANE as quickly as possible, and stop
>> wasting effort trying to keep the CA system alive with
>> ever-hackier band-aids.
>
> What's the DANE version of a green-bar cert?
You mean the EV certif
On 1/4/19 11:25 pm, Robert Webb wrote:
> Maybe I am just a tad bit illiterate on the the way a word on that cake
> can be spelled/used, but maybe Cogent doesn't want to peer with a
> provider that cannot spell :-\
I like that theory. Explains why they don't peer with Google ("googol"
being th
On 30/4/19 10:38 am, Chris Adams wrote:
> I still refer to ASes by companies that haven't existed in ages... 701
> is UUNet, 3561 is MCI, 1 is BBN, etc. :) I don't handle name changes
> well (I also refer to one of the main roads where I live by a name it
> hasn't had in close to 20 years).
This
On 20/10/19 11:08 pm, Bjørn Mork wrote:
> Hank Nussbacher writes:
>> On 07/10/2019 17:42, Stephane Bortzmeyer wrote:
>>> On Fri, Oct 04, 2019 at 03:52:26PM -0400,
>>> Phil Pishioneri wrote
>>> a message of 9 lines which said:
>>>
Using Cloud Resources to Dramatically Improve Internet Rou
On 21/10/19 6:30 pm, Bjørn Mork wrote:
> Christopher Morrow writes:
>
>> isn't julien's idea more akin to DOT then DOH ?
>
> Yes, and I really like Julien's proposal. It even looks pretty
> complete. There are just a few details missing around how to make the
> MD5 => TLS transition smooth.
On 22/10/19 4:04 am, Jared Mauch wrote:
>
>
>> On Oct 21, 2019, at 12:30 PM, Joe Abley wrote:
>>
>> On 21 Oct 2019, at 12:05, Keith Medcalf wrote:
>>
>>> On Monday, 21 October, 2019 09:44, Robert McKay wrote:
>>>
The MD5 authentication is built into TCP options.. not obvious how you
>>
On 22/10/19 5:42 am, Jakob Heitz (jheitz) via NANOG wrote:
> The article linked says no mainstream BGP implementation supports TCP-AO.
> IOS-XE and IOS-XR support it.
>
> While I do not represent the Cisco view, personally I like the idea of BGP
> over TLS.
Excellent, that's news to me.
I had b
On 27/01/16 06:30, Mike Hammett wrote:
Google or Facebook are exactly who you would want to connect with and I'm
fairly sure they're on the route servers.
Google (AS15169) should be present on route servers at all exchanges
they're present at that have them. Generally as missing cases are
no
On 27/04/16 09:16, Owen DeLong wrote:
> One thing I always found particularly amusing was that it used to be a toll
> call to call from San Jose East (408238) to Sunnyvale (I forget the NPA/NXX),
> but that there were several prefixes in San Jose West (e.g. 408360 IIRC)
> where it was free to ca
On 01/12/17 07:27, Job Snijders wrote:
> Someone suggested I should clarify what 'aggregate6' actually does :-)
>
> aggregate6 takes a list of IPv4 and/or IPv6 prefixes in conventional
> format, and performs two optimisations to attempt to reduce the length
> of the prefix list.
>
> The first opt
Internet Exchange route servers would be another case that would appear
unused to the broader internet, but shouldn't use a private ASN.
On 03/01/18 14:40, Christopher Morrow wrote:
> On Tue, Jan 2, 2018 at 5:46 PM, James Breeden wrote:
>
>>
>> I'm amazed at the number of AS numbers that are ass
On 27/04/18 04:33, Timothy Manito via NANOG wrote:
> Is this some sort of BGP AS Path Visualization like what ThousandEyes are
> doing?
I wrote something like that last year using all AS15169 peerings,
sourcing data from BMP, then rendering out all the various paths just
using graphviz.
The most
On 19/07/18 00:27, Mark Tinka wrote:
> All the peering in the world doesn't help if the latency is well over
> 100ms+. That's what we need to fix.
Living in Australia this is an every day experience, especially for
content served out of Europe (or for that matter, Africa).
TCP & below are rarely
On 01/11/18 09:55, Brandon Martin wrote:
> On 10/31/18 6:37 PM, Christopher Morrow wrote:
>> If you buy brocade, be sure to also by a license for securecrt so that
>> backspace works over ssh...
>> also, just don't do brocade... ever.
>
> Works fine for me using OpenSSH in most Linux-y terminal em
On 29/07/14 22:22, Owen DeLong wrote:
> On Jul 29, 2014, at 4:13 PM, Mark Andrews wrote:
>> In message <20140729225352.go7...@hezmatt.org>, Matt Palmer writes:
>>> On Wed, Jul 30, 2014 at 09:28:53AM +1200, Tony Wicks wrote:
2. IPv6 is nice (dual stack) but the internet without IPv4 is not a v
On 28/08/17 18:34, Job Snijders wrote:
> Finally, it may be worthwhile exploring if we can standardize and
> promote maximum prefix limits applied on the the _sending_ side. This
> way you protect your neighbor (and the Internet at large) by
> self-destructing when you inadvertently announce more t
On 29/09/17 06:47, Bob Evans wrote:
> Train and Bus travel is not worth considering. However, there are airport
> shuttle van services like supershuttle 4-5 passengers being dropped off on
> your way south.
I'm arriving on Sunday morning, so have plenty of time, and will take
Caltrain down (BART t
On 30/09/10 13:42, Mark Smith wrote:
> One of the large delays you see in OSPF is election of the designated
> router on multi-access links such as ethernets. As ethernet is being
> very commonly used for point-to-point non-edge links, you can eliminate
> that delay and also the corresponding netwo
On 20/10/10 01:52, Matthew Walster wrote:
> No, and neither can anyone else... What's more is that they'll not use
> .0, .255, .1 (because apparently only routers are supposed to use
> that), .254 (who knows...)
There's actually a good reason for that.
MS Windows (at least 2k3 server) will simply
On 03/11/10 13:11, Express Web Systems wrote:
>>> The network I am using to compose and post this message right now is
>> a
>>> coaxial Ethernet.
>>>
>>> MS
>>
>> Thick or Thin?
>
> Bonus points for 10-Base-5.
Super bonus points (and presumably therapy) for 10-broad-36.
On 06/01/11 16:01, John Levine wrote:
>> Still, the idea that "nobody will scan a /64" reminds me of the days
>> when 640K ought to be enough for anybody, ...
>
> We really need to wrap our heads around the orders of magnitude
> involved here. If you could scan an address every nanosecond, which
On 04/04/14 17:29, Saku Ytti wrote:
> On (2014-04-03 21:25 -0700), Will Orton wrote:
>
>> There are commercially available NTP servers with GPS + Rb oscillators...
>> for NTP
>> use you could basically let it sync up a couple days, disconnect the GPS and
>> let
>> it freerun. You'd still be wi
On 04/04/14 10:16, Majdi S. Abbas wrote:
> On Thu, Apr 03, 2014 at 06:55:02PM -0400, David Hubbard wrote:
>> Anyone have recommendations on NTP appliances; i.e. make, model, gps vs
>> cell, etc.? Roof/outdoor/window access not available. Would ideally
>> need to be able to handle bursts of up to
On 04/04/14 21:48, Saku Ytti wrote:
> On (2014-04-04 20:37 +1100), Julien Goodwin wrote:
>
>>> Meinberg[0] pegs rubidium at ±8ms per year, if you need NTP to do say single
>>> direction backbone SLA measurement you want to have microsecond precision.
>>
>> Th
On 26/04/14 14:00, Mikael Abrahamsson wrote:
> On Fri, 25 Apr 2014, Phil Bedard wrote:
>
>> What are you trying to do? Why do you need the receive side to be tuned
>> to a specific narrowband wavelength?
>
> Because he doesn't want to use filters. A coherent receiver s like a FM
> radio, you can
On 26/04/14 16:02, Mikael Abrahamsson wrote:
> On Sat, 26 Apr 2014, Julien Goodwin wrote:
>
>> But you'd never send it all the waves anyway, that's far too much loss
>> across the band.
>
> Please elaborate.
At 3dB loss per split you'd very quickly need a
On 23/05/14 11:21, Jared Mauch wrote:
> You can't cater to everyones broken network. I can't reach 1.1.1.1 from here
> either, but sometimes when I travel I can, even with TTL=1. At some point
> folks have to fix what's broken.
1.1.1.1 is not private IP space.
BGP routing table entry for 1.1.
On 15/07/14 10:39, Matt Palmer wrote:
> On Mon, Jul 14, 2014 at 10:25:22AM -0400, Jay Ashworth wrote:
>> - Original Message -
>>> From: "Matthew Petach"
>>
>>> It's now called "Any2 Denver":
>>>
>>> Annoyingly enough, I can't find a street
>>> address for it anywhere among their literature
On 07/09/12 02:38, Will Orton wrote:
> Having much more experience with ethernet/packet/MPLS setups, we are trying
> to
> get the client to admit that 1g/10g waves running ethernet with QoS would be
> as
> good as or better in terms of latency, jitter, and loss for their packet
> data.
> So f
On 15/12/12 06:03, Jean-Francois Mezei wrote:
> There are also a number of much older systems which no longer get
> software updates (such as VAX-VMS) so it is good practice to manually
> maintain the root.hints files so that over time, you don't accumulate
> more than a couple of disused root serv
Another (somewhat cheaper) Juniper option if you meet its limits is the
EX[34]200's which now do GRE in hardware:
http://www.juniper.net/techpubs/en_US/junos12.1/topics/concept/gre-tunnel-services.html
On 19/01/13 05:36, PC wrote:
> mx80 (or similar) or ASR. The MX would probably be my preferenc
On 18/02/12 18:42, Matthew Palmer wrote:
> On Fri, Feb 17, 2012 at 05:39:34PM -0800, Owen DeLong wrote:
>> In such cases, I will occasionally stop by the colo without going home to
>> retrieve the laptop. 90% of the time it works out OK. 10% of the time I
>> end up leaving the colo, going home, r
On 25/02/12 13:12, Dobbins, Roland wrote:
>
> On Feb 25, 2012, at 8:59 AM, Christopher Morrow wrote:
>
>> max-prefix already exists... sometimes it works, sometimes it's a burden.
>
> Some sort of throttle - i.e., allow only X number of routing updates within Y
> number of [seconds? millisecon
On 01/04/12 09:49, valdis.kletni...@vt.edu wrote:
> On Sat, 31 Mar 2012 15:48:37 -0700, Network IP Dog said:
>> I'm utterly amazed how many people give away free consultant work.
>
> A lot of us are quite busy with $DAYJOB and not in a position to take on a
> consulting engagement - and there's no
On 10/04/12 14:31, Steven King wrote:
> I am tasked with replacing an old linux router setup with Juniper gear
> in the near future. Though I am a Cisco guy myself.
>
> Does anyone know of any older cheap Juniper gear I might find on Ebay so
> that I may build a home lab without going broke?
A sl
On 12/04/12 09:47, Robert E. Seastrom wrote:
> We tried running on 9.3 but - surprise - 9.3 won't do 32 bit ASNs.
> That came in 10.1 or something. As a member of the ARIN Advisory
> Council, I felt compelled to eat the same dog food that I was selling,
> and we found ourselves at an impasse.
Er,
On 13/04/12 06:25, Maverick wrote:
> Can you please comment on what is best solution for storing network
> traffic. We have been graciously granted access by our network
> administrator to capture traffic but the one Tera byte disk space is
> no match with the data that we are seeing, so it fills u
On 25/01/12 02:50, Matt Craig wrote:
> Actually something as an alternative to both I am researching is the
> Brocade MLX series. They have different, more efficient, and refreshing
> architecture; and phenomenal cost (half the cost of ASR1000/MX or
> less). Gonna do a trial shortly to see if it
On 19/02/11 01:37, Jeffrey Lyon wrote:
> On Fri, Feb 18, 2011 at 9:30 AM, Matt Newsom
> wrote:
>>I am looking for a switch with a minimum of 12 X 10GE ports
>> on it, that can has routing protocol support and can do GRE in hardware.
>> Does anyone have a suggestion that might f
On 09/03/11 11:57, Chris Enger wrote:
> I did look at a Juniper J6350, and the documentation states it can handle
> 400k routes with 1GB of memory, or 1 million with 2GB. However it doesn’t
> spell out how that is divvyed up between the two based on a profile setting
> or some other mechanism.
On 09/03/11 12:08, Julien Goodwin wrote:
> On 09/03/11 11:57, Chris Enger wrote:
>> I did look at a Juniper J6350, and the documentation states it can handle
>> 400k routes with 1GB of memory, or 1 million with 2GB. However it doesn’t
>> spell out how that is divvyed up bet
On 06/04/13 21:50, Thomas Weible - FLEXOPTIX wrote:
> Matt Addison [mailto:matt.addi...@lists.evilgeni.us] wrote:
>>
>> How much spare margin do you have? Could you roll your own with a pair
>> of mismatched (C|D)WDM XFPs and a mux on each end?
> Typically you have 23dB powerbudget for the ZR (CWDM
On 07/04/13 12:11, Constantine A. Murenin wrote:
> On 6 April 2013 18:24, cb.list6 wrote:
>> Interesting.
>>
>> http://www22.verizon.com/support/residential/internet/highspeedinternet/networking/troubleshooting/portforwarding/123897.htm
>
>
...
>> ...CGN will not impact the access,
>> reliabilit
On 11/07/15 08:25, Shane Ronan wrote:
1.1.1.1 is usually a good bet
Sadly yes, even though it's valid public IP space Cisco still have it
documented as their suggested captive portal address.
Despite it (and 1.2.3.0/24) being advertised by $ORK for years at this
point on behalf of APNIC.
On 12/07/15 13:17, Harlan Stenn wrote:
Dovid,
Thanks, and I'm kinda stunned that folks are running such ancient
versions of NTP.
https://support.ntp.org/bin/view/Dev/ReleaseTimeline
4.2.0 was EOL'd in June of 2006, and we've fixed about 3,000 issues in
the codebase since then.
Juniper have r
54 matches
Mail list logo
