RE: automatic rtbh trigger using flow data

2018-09-02 Thread Ryan Hamel
is going to offer such filtering services for free when DDoS mitigation is a cash cow. Ryan Hamel From: NANOG On Behalf Of Baldur Norddahl Sent: Sunday, September 02, 2018 1:42 AM To: nanog@nanog.org Subject: Re: automatic rtbh trigger using flow data This is not true. Some of our transits do RTBH

RE: automatic rtbh trigger using flow data

2018-09-01 Thread Ryan Hamel
No ISP is in the business of filtering traffic unless the client pays the hefty fee since someone still has to tank the attack. I also don’t think there is destination prefix IP filtering in flowspec, which could seriously cause problems. From: NANOG On Behalf Of Baldur Norddahl Sent:

RE: automatic rtbh trigger using flow data

2018-08-31 Thread Ryan Hamel
From experience, sflows are horribly inaccurate for DDoS detection, since the volume could disrupt the control plane and render the process useless, thus not giving data to the external system to act upon it. You can't get any better than mirroring your inbound transit, and sampling the output

RE: automatic rtbh trigger using flow data

2018-08-30 Thread Ryan Hamel
Exactly Aaron. No provider will allow a customer to null route a source IP address. I could only assume that a null route on Michel's network is tanking the packets at their edge to 192.0.2.1 (discard/null0). -- Ryan Hamel Senior Support Engineer ryan.ha...@quadranet.com | +1 (888) 578-2372

RE: automatic rtbh trigger using flow data

2018-08-30 Thread Ryan Hamel
There are software that combine your needs altogether. I'm sure there are others. WANGuard from Andrisoft (https://www.andrisoft.com/software/wanguard) Fastnetmon (https://fastnetmon.com/) From: NANOG On Behalf Of Aaron Gould Sent: Thursday, August 30, 2018 12:53 PM To: Nanog@nanog.org

RE: Web UI DHCP Option 82

2018-08-19 Thread Ryan Hamel
no GUI but I'll second the Kea recommendation. At 09:36 AM 8/18/2018, Colton Conor wrote: >Mike, I am looking for the same thing. Does Mikrotik have the ability >to do what you are requesting? > >On Fri, Aug 17, 2018 at 5:11 PM Ryan Hamel ><<mailto:ryan.ha...@

RE: Web UI DHCP Option 82

2018-08-17 Thread Ryan Hamel
Mike, Take a look into Kea from ISC. The config is JSON based, which allows for nearly any scripting language to make changes, or you can dig into how it works with MySQL for dynamic operation (https://kea.isc.org/wiki/HostReservationsHowTo). Ryan From: NANOG On Behalf Of Mike Hammett Sent:

RE: unwise filtering policy on abuse mailboxes

2018-07-27 Thread Ryan Hamel
All, My colleague has already contacted their friend at Psychz when I received the first message. Not everyone has to be on the list to get the message relayed to them. Rich, shall we all drop your email? It would achieve the same effect, and make this email thread more productive. Ryan

RE: AS3266: BitCanal hijack factory, courtesy of Cogent, GTT, and Level3

2018-06-27 Thread Ryan Hamel
Why would we need an RFC for Comic Sans? -Original Message- From: NANOG On Behalf Of Alain Hebert Sent: Wednesday, June 27, 2018 1:50 PM To: nanog@nanog.org Subject: Re: AS3266: BitCanal hijack factory, courtesy of Cogent, GTT, and Level3     I ain't friday, but: There is no RFC for

Intuit - IP Block - Connection Timed Out

2018-05-09 Thread Ryan Hamel
. Thanks! -- Ryan Hamel ryan.ha...@quadranet.com | +1 (888) 578-2372 QuadraNet, Inc. | Dedicated Servers, Colocation, Cloud

Re: Attacks on BGP Routing Ranges

2018-04-18 Thread Ryan Hamel
lve my issue? I am not sure how this would work. Thanks for your input! Ryan Hamel From: Saku Ytti <s...@ytti.fi> Sent: Wednesday, April 18, 2018 3:48 AM To: Ryan Hamel Cc: nanog@nanog.org Subject: Re: Attacks on BGP Routing Ranges Hey Ryan, I'm

Re: Attacks on BGP Routing Ranges

2018-04-18 Thread Ryan Hamel
Job, Unfortunately, with my current situation, we have stopped exporting our prefixes with the tier-1 carrier and still use the outbound bandwidth. I highly doubt they will implement such a solution, but is something to keep in mind for the future. Thanks for the tip! Ryan Hamel

Attacks on BGP Routing Ranges

2018-04-18 Thread Ryan Hamel
suggestions. Ryan Hamel

Re: Question about great firewall of China

2018-03-23 Thread Ryan Hamel
On Mar 23 2018, at 12:28 am, Jean-Francois Mezei wrote: > > Asking in a sanity check context. > > As you may have heard, Bell Canada has gathered a group called Fairplay > Canada to force all ISPs in Canada to block web sites Fairplay has > decided infringe on

Re: Static Routing 172.16.0.0/32

2017-12-08 Thread Ryan Hamel
> At some point, some chucklehead is going to look at that .0.0 and mentally > think /16, and things will go pear-shaped pretty quickly Same for a /12, which is RFC1918. Original message From: valdis.kletni...@vt.edu Date: 12/8/17 1:46 PM (GMT-08:00) To: Ryan

Re: Static Routing 172.16.0.0/32

2017-12-08 Thread Ryan Hamel
). Original message From: William Herrin <b...@herrin.us> Date: 12/8/17 1:45 PM (GMT-08:00) To: Ryan Hamel <ryan.ha...@quadranet.com> Cc: nanog@nanog.org Subject: Re: Static Routing 172.16.0.0/32 On Fri, Dec 8, 2017 at 4:37 PM, Ryan Hamel <ryan.ha...@quadranet.com

Re: Static Routing 172.16.0.0/32

2017-12-08 Thread Ryan Hamel
.us> Date: 12/8/17 1:34 PM (GMT-08:00) To: Ryan Hamel <ryan.ha...@quadranet.com> Cc: nanog@nanog.org Subject: Re: Static Routing 172.16.0.0/32 On Thu, Dec 7, 2017 at 10:13 PM, Ryan Hamel <ryan.ha...@quadranet.com<mailto:ryan.ha...@quadranet.com>> wrote: A colleague of mine has

Static Routing 172.16.0.0/32

2017-12-08 Thread Ryan Hamel
, but something more feasible like a usable IP in a dedicated range (172.31.0.0/24 for example). I would to hear everyone's thoughts on this, as this the first IP address in an RFC1918 range. Thanks, -- Ryan Hamel ryan.ha...@quadranet.com | +1 (888) 578-2372 QuadraNet, Inc. | Dedicated Servers

<    1   2