iscard" routes are still in the forwarding table
and are treated as a valid destination when it comes to loose-mode uRPF.
--
Chris Adams
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
han i trust 94.3% of all the
> other services you trust.
>
> randy
>
Probably so and it was not my intention to attack Vern, Berkley, ICIR
nor infer that they were not trustworthy. Just pointing out a
possible place for improvement from my view.
~Chris
other TOS in place but without it I
hesitate... So I figured I would bring it up.
~Chris
PS - if you are interested in TOS related stuff, might be worthwhile
to check out http://www.tosback.org/timeline.php a new project
launched by the EFF (no affiliation, just fyi)
Do you have a link to the information on how to get that setup?
---Chris
On Jun 10, 2009, at 1:05 PM, Chris Stone wrote:
Can someone please point me in the direction of an rwhoisd
solution to
be run on a CentOS Linux platform? ARIN is now punting rwhois
queries
to us and frankly i
so you may be hearing
> about reports your customers have gotten from it. You can see a sample
> report at:
>
> http://netalyzr.icsi.berkeley.edu/restore/id=example-session
>
> - Vern
>
>
Why no privacy policy? Or am I just partially blind? Is an answer in
a FAQ legally
he rwhoisd at
>> projects.arin.net but the documentation on it is ghastly to say the
>> least.
If you use IPPlan to manage your IP allocations, it comes with a whois
daemon that'll automagically use the information from your IPPlan sql
database.
Chris
I used this guide and it worked quite well. The writer was using
FreeBSD but I installed onto Ubuntu and ran into little to no issues.
http://www.unixadmin.cc/rwhois/
---Chris
On Jun 6, 2009, at 10:37 AM, Jeffrey Lyon wrote:
NANOGers,
Can someone please point me in the direction of an
dvice, but another way to link the two
sites is via a tunnel (GRE or IPIP). Use the upstream IP on each router
as the local endpoint, and then run some routing protocol over the
tunnel.
--
Chris Adams
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
only over a particular longitude. They move up and
down in latitude, so it isn't over a given point except twice per day
(or only once at the extremes).
--
Chris Adams
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
Once upon a time, Deepak Jain said:
> Which is why, if you have a satellite, you often position DIRECTLY
> over the antenna you are sending to
Unless your target is on the equator, you don't position a satellite
directly over anything.
--
Chris Adams
Systems and Network Administrat
Ok I appreciate it doesn't
get around security concerns but hey ho.
As far as as security, why have myDNS world-reachable at all? You can
have bind feed off of myDNS without having anyone on the outside ever
talk to the myDNS backend.
Chris
ed to create a custom graph
and click the appropriate checkbox. If you want to view a large number
of interfaces with their errors on a single page, you can create a
Custom View that includes errors for any number of selected interfaces.
-Chris
On May 28, 2009, at 12:03 PM, Ric Messier wrote:
o get two phases, neutral, and
ground (provides 1 208V circuit and/or 2 120V circuits) or a NEMA L21
(5 wire) connector to get all three phases, neutral, and ground
(provides 3 208V circuits and/or 3 120V circuits).
--
Chris Adams
Systems and Network Administrator - HiWAAY Internet Services
I don&
ince the fabric is likely to stay up when a peer has gone down,
and BFD would need to be negotiated peer-by-peer, is there a
recommendation other than the default 60-180?
Would going below 60-180 without first discussing it with your peers, tend
to piss them off?
Chris
Once upon a time, Bobby Kuzma said:
> Does anybody have any information on this? I've had 4 customers on Qwest for
> Internet connectivity in Florida drop off the net within a few minutes of
> each other.
I'm have Qwest via Atlanta and I'm not seeing any issues.
--
blicly and
privately - for the valuable input. (Even the posts that tore me up
were useful.)
I was surprised and pleased about both the quality of input that I
received, and the speed with which that input came.
Thanks NANOG!
Chris
Once upon a time, David Coulson said:
> Remember, Linux has no concept of downing an interface when the link
> goes away
Not true in several different ways. You can run netplugd or Network
Manager to control it.
--
Chris Adams
Systems and Network Administrator - HiWAAY Internet Serv
Once upon a time, Kevin Oberman said:
> > From: Chris Meidinger
> > For example, eth0 is 10.0.0.1/24 and eth1 is 10.0.0.2/24, nothing like
> > bonding going on. The customers usually have the idea of running one
> > interface for administration and another fo
didn't say it before: Thanks for the pointer!!
This is just what I was looking for to stop looking.
Best,
Chris
On 11.05.2009, at 23:48, Ben Scott wrote:
On Mon, May 11, 2009 at 5:38 PM, Chris Meidinger
wrote:
For example, eth0 is 10.0.0.1/24 and eth1 is 10.0.0.2/24, nothing
like
bonding going on. The customers usually have the idea of running one
interface for administration and another for
d to a
connection that comes in to the first interface should go back out
that interface, and anything related to a connection that came into
the second interface should go back out there. (All this without any
specific routing etc.)
I think we both know that that's not going to happen automagically.
Chris
On 11.05.2009, at 23:31, Dan White wrote:
Chris Meidinger wrote:
Hi,
This is a pretty moronic question, but I've been searching RFC's on-
and-off for a couple of weeks and can't find an answer. So I'm
hoping someone here will know it offhand.
I've been looking thr
milar standards document, to show to customers to
convince them to stop trying to hack things to make it work.
Chris
On 11.05.2009, at 23:00, Charles Wyble wrote:
What does two interfaces in one subnet mean?
Two NICs? Or virtual interfaces?
Two NICs, as in physical interfaces.
On 11.05.2009, at 22:34, Patrick W. Gilmore wrote:
On May 11, 2009, at 4:29 PM, Chris Meidinger wrote:
I would be grateful for a pointer to such an RFC statement,
assuming it exists.
Why would an RFC prohibit this?
Most _implementations_ do, but as far as network "rules" in ge
e grateful for a pointer to such an RFC statement, assuming
it exists.
Thanks!
Chris
On 05.05.2009, at 09:33, Seth Mattinen wrote:
Tim Tuppence wrote:
Hello,
I am seeing that www.google.cat resolves from three different
networks.
It even resolves from here: http://www.squish.net/dnscheck/
What is going on?
Why are you expecting it not to?
I think the real question her
Oddly, none of the courses in the event discuss IPv6.
http://www.intelembeddedevent.com/
Intel® Embedded eVent We’re standing at the forefront of the Embedded
Internet Era. The opportunities are yours.
The networked world is growing at a tremendous pace. In just six
years, it’s expected that
gt; Senior Network Engineer | therefore you are
> Atlantic Net |
> _ http://www.lewis.org/~jlewis/pgp for PGP public key_
>
>
I assume you checked route-server.twtelecom.net for the route?
--
Chris Grundemann
weblog.chrisgrundemann.com
s://www.caputo.com/foss/quagga-0.99.11-BGP-4-byte-ASN-bug-fixes.patch
(the patches are identical. naming is just for clarity.)
Chris
ns between the servers.
That depends on the devices on each end. For example, some switches can
only hash on MAC addresses, some can look at IPs, and some can look at
ports.
--
Chris Adams
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
officers will sign anything put in front of them is not very
convincing to me. I have a hard time accepting incompetence or
laziness as a valid rational for any argument at all really.
~Chris (speaking for myself)
(1) - https://www.arin.net/knowledge/pdp/
(2) - https://www.arin.net/participate/
Once upon a time, Ricky Beam said:
> On Tue, 21 Apr 2009 18:40:30 -0400, Chris Adams wrote:
> >SSL and FTP are techincal justifications for an IP per site.
>
> No they aren't. SSL will work just fine as a name-based virtual host with
> any modern webserver / browser.
Once upon a time, Jo Rhett said:
> Since
> virtual web hosting has no technical justification for IP space, I
> refuse it.
SSL and FTP are techincal justifications for an IP per site.
--
Chris Adams
Systems and Network Administrator - HiWAAY Internet Services
I don't speak f
134 for 47 full time employees. That is an average
salary of $121,428 across all employees.
Internet Research and Support is $164,500
Travel (which includes travel for board members, etc) is $1,315,349.
There is more detail but older data at:
https://www.arin.net/about_us/corp_docs/annual/2007
es any time in the past 8 years.
Chris
- ------
Chris Owen - Garden City (620) 275-1900 - Lottery (noun):
President - Wichita (316) 858-3000 -A stupidity tax
Hubris Communication
submitting the request. If ARIN
really
wants to get the interest of CEOs, raise the price!
And punish those that do play by the rules? ARIN's prices are already
crazy high for what they actually do.
Chris
- --
nouncement this morning I couldn't help but think "Too little, too
late".
Chris
- ------
Chris Owen - Garden City (620) 275-1900 - Lottery (noun):
President - Wichita (316) 858-3000 -A
gue packets are just
dropped/logged rather than answered with a shutdown, but that is rare.
Chris
SIX Janitor
You beat me to it.
-ChrisAM
On Fri, Apr 17, 2009 at 6:31 PM, Paul Ferguson wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On Fri, Apr 17, 2009 at 3:15 PM, Paul Ferguson
> wrote:
>
>>
>> On Fri, Apr 17, 2009 at 3:06 PM, Chris Mills
>> wrote:
&g
I took a quick look at the code... formatted it in a pastebin here:
http://pastebin.com/m7b50be54
That javascript writes this to the page (URL obscured):
document.write("");
The 1.2.3.4 in the URL is my public IP address (I changed that).
Below the javascript, it grabs a PDF:
That PDF is on th
one every mile or two. How large is the fiber plant?
Miles and miles of continuous fiber, every inch of which is equally
important. A lot of it here is even on poles, not buried.
--
Chris Adams
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
On 10/04/09 03:32, John Martinez wrote:
BT Americas?
Oh dear, and just after BT suffered a big cut in London. Who needs
vandals when there's contractors about?
http://www.theregister.co.uk/2009/04/08/bt_hole_hits_vodafone/
http://www.flickr.com/photos/23919...@n00/3426407496/
Monterey Road just north of Blossom Hill, San Jose
On Thu, Apr 9, 2009 at 11:11 AM, Mike Lyon wrote:
> Anyone know where the actual cut is?
>
> On 4/9/09, David W. Hankins wrote:
>> On Thu, Apr 09, 2009 at 08:14:15AM -0700, Craig Holland wrote:
>>> Just dropping a note that there is a fiber cut
Yeah, I had just found that site after I posted to the list. I found
it through an old dslreports forum thread...
---Chris
On Mar 27, 2009, at 11:37 AM, David Ulevitch wrote:
On 3/27/09 8:23 AM, Chris Wallace wrote:
Can someone from ATT contact off-list with the contact for the mail
up on other mail servers but I can't get a hold of ATT.
Any help would be greatly appreciated!
---Chris
On 18.03.2009, at 12:20, Saqib Ilyas wrote:
I'm back! Thanks again to all those who replied. I am wondering how a
service provider might assess availability or reliability figures
using
active measurements. Granted that one could set up traffic generators
between the two PoPs which will be co
scan; what if it was a DoS attack, spamming bot, etc.?
Do you think Covad would respond to a DMCA complaint like that?
--
Chris Adams
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
sts
that connection. However, IPSLA is the wrong tool for a one-off test
of whether you can push a Mbps from site A to site B, because you need
to saturate the link to do that test. IPSLA is great for monitoring
things like jitter.
HTH,
Chris
Thanks and best regards
On Mon, Feb 23, 2009
t around to doing it for Juniper firewall policers, but I
pretty sure the info is in a MIB.
--
Chris Adams
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
Once upon a time, Matthew Petach said:
> On 3/3/09, Chris Adams wrote:
> > Can a Yahoo postmaster ping me off list? I've got a couple of servers
> > that appear to be mis-categorized.
>
> Contact information for the Yahoo postmasters is listed at
> http://postma
Can a Yahoo postmaster ping me off list? I've got a couple of servers
that appear to be mis-categorized.
--
Chris Adams
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
How much "scheduled" downtime was there?
---Chris
On Feb 23, 2009, at 11:46 AM, Justin Wilson - MTIN wrote:
In a "Former Life" we used Comcast for transport for a school
corporation.
In the 3 years we used them we have 10 minutes of unscheduled
downtime.
Justin
ut. Broadcast, multicast,
flooding for unknown MACs (or switching failures), ...
--
Chris Adams
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
'No ip domain lookup' will solve your problem instance below. Eg dns resolution
attempt on typos.
-Original Message-
From: "Tom Storey"
Date: Tue, 24 Feb 2009 09:32:28
To: Bruce Grobler
Cc:
Subject: RE: FW: Ctrl+Shift+6 then X
FWIW Ive rarely had a problem breaking out of ping/tracer
hose moving parts as well. ;-)
Yeah, I was going to say the same thing. Show me a "real" router
without a fan; even the old Cisco 2501 had a fan in it.
Most "real" routers can be heard outside the room!
--
Chris Adams
Systems and Network Administrator - HiWAAY Internet
iders have changes in their network conditions as
testing is done.
I really appreciate all the input and have learnt loads, possibly just not
in the way I would have liked to :-)
Doubles all round,
Chris
think of is removing that from the equation.
It's definitely only _outbound_ TCP getting buffered though ! I've pushed
92Mbps on a FE link with UDP and uploaded at 16Mbps on a 16Mbps link.
Any last ideas appreciated before causing headaches removing switches would
be appreciated.
Thanks,
Chris
back" ! That's the last change to the box. If I can rule
out the logging of traffic from conntrack is slowing down
the forwarding then I can look into hardware further ;-)
Chris
back" ! That's the last change to the box. If I can rule
out the logging of traffic from conntrack is slowing down
the forwarding then I can look into hardware further ;-)
Chris
Hi Mikael,
I just realised that I didn't respond to your post.
The RTTs vary massively because the router is forwarding from websites on
the LAN to visitors worldwide. Is that what you meant ?
Disabling TSO didn't work unfortunately.
Thanks again,
Chris
Thanks a lot, Lee.
ring a quiet network moment.
I've just discovered the netstat -s command which gives loads more info than
anything else I've come across. Any pointers about window size or TSO from
the output appreciated :-)
Thanks again,
Chris
ion offload: on
Thanks again,
Chris
s errors. Auto Neg has taken 1Gbps,
Full. Can Auto Neg cause these symptoms do you think ?
Thanks again,
Chris
at am I missing ? Is NAPI that essential for such low
traffic ? A very similar build moved far higher throughput on cheap NICs.
MTU is at 1500, txqueuelen is 1000.
Any help would be massively appreciated !
Chris
have their own time64_t and
time64() call), so I expect *BSD and Linux on Alpha stayed with 32 bit
time_t for compatibility (Linux at least could run many Tru64 binaries).
--
Chris Adams
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
32 bit time_t for compatibility.
However, it does appear that at some point, 64 bit Linux systems
switched to a 64 bit time_t, so I can only assume others are switching
as well. Hopefully, the 32 bit systems (at least that have to count
seconds) will be mostly gone in another 29 years.
--
Chris Adams
S
rsenne number (31) is also a Mersenne
prime (2^5 - 1).
You can always count on numerology. This means something!
--
Chris Adams
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
Listen online to my favorite hip hop radio station http://www.Jellyradio.com
On Feb 13, 2009, at 9:35 AM, Paul Vixie wrote:
blackholing victims is an interesting economics proposition. you're
saying
the attacker must always win but that they must not be allowed to
affect the
infrastruct
I'm surprised no one has mentioned NetBrain. It can automatically (via
discovery, or device configs) create Network diagrams that can be exported to
Visio.
http://www.netbraintech.com/web_08/solutions/na.php
Chris
Quoting Mathias Wolkert :
> I'd like to know what softwa
u use?
OmniGraffle is the better Visio.
Agree fully, I use OmniGraffle extensively and have for a long time.
It's worth mentioning that OG can export to Visio-XML format, so you
don't lock yourself into the .graffle format forever.
Chris
gling, it would be much
easier to drop the packet mangling and just use a stateful firewall.
You are just reinforcing the incorrect belief that "NAT == security,
no-NAT == no-security".
--
Chris Adams
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for any
ones, so it raises your
chances of not having to get into heavy natting down the road. My
theory on this is that most people who don't deal with CIDR on a daily
basis find the /12 netmask a bit confusing and just avoid the block at
all.
Cheers,
Chris
Anyone seeing phishing alerts for senders in this thread?
http://farm4.static.flickr.com/3080/3243440012_d1f6f1e5e7_o.png
-Chris
On Sat, Jan 31, 2009 at 4:40 PM, Henry Linneweh wrote:
> I think they clarify what happened here and are pretty straight up about
> it.
> http://www.nytimes
Wayne E. Bouchard wrote:
I've never been happy with 'deinstall' fees of any sort. To me, this
is just a cost of doing business. The time necessary to remove such is
just accepted. It is assumed that the terms of the contract are long
enough that such costs become insignificant and should not be
s
10
>
> ## limit a.b.c.d to 3mbit/sec:
> U32="tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32"
> $U32 match ip src a.b.c.d/32 flowid 1:10
> $U32 match ip dst a.b.c.d/32 flowid 1:10
>
> tc -s -d qdisc show dev eth0
tcng - Traffic Control Next Generation (http://tcng.sourceforge.net/)
provides a configuration language that abstracts the gnarliness above.
Chris
On Wed, Jan 28, 2009 at 09:45, Antonio Querubin wrote:
> Anyone else noticing Google's logo has been scrambled?
If you click on it you will see that it is a Jackson Pollack inspired
image, most likely a tribute to his birthday today.
~Chris
>
> Antonio Querubin
>
. If somebody
is serving cached data to the world (even if they aren't recursing for
the world), there are any number of things that are likely in the cache.
And, since most people have SMTP servers, it is often easy to "prime"
somebody's cache, since the SMTP servers often u
We [AS3491] null0'd the IP earlier. Rest-of-world encouraged to do the same :/
On Fri, Jan 23, 2009 at 3:20 PM, Luke Sheldrick wrote:
>
> Looks to me like the target has moved, anyone else seeing similar?
>
> Jan 23 20:19:08 LND02 named[9611]: client 63.217.28.226#39489: view
> external: qu
here?
BIND has had the hints compiled in for some time as a fall-back, but for
an auth-only server, "additional-from-cache no;" will kill such
responses.
--
Chris Adams
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
hich by my definition is an amplification.
Add "additional-from-cache no;" to the options{} section of your
named.conf.
--
Chris Adams
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
m trying. :(
Well, it still makes a DDoS, since they can (theoretically) have a bunch
of sources spoofing the IPs, and the packets to the targets have
legitimate source addresses (so they can't easily be blocked by the
target).
--
Chris Adams
Systems and Network Administrator - HiWAAY Inte
oints such as edge to backbone, backbone
to peers, etc.
~Chris
> I was thinking of having one /24 for each block size, and then do the divide
> and conquer approach by allocating the first /30, for example, as 0 and 128,
> then next two at 64 and 192, etc. Once there's only one /30 fr
else's IP space being announced with your ASN
> prepended?
The threat that it is the first prefix like that and maybe not the last.
It could be an accidental (or intentional) mistake, and should be
tracked down ASAP to make sure that is the only such prefix.
--
Chris Adams
Systems and
On 03/01/09 07:31, Martin Hannigan wrote:
Overall, geo location has turned out to be a somewhat valuable tool in terms
of language, fraud, and localization. I think that it's important to
continue to urge improvements in this technology, not divestment.
Is it really that difficult to check the
leap second.
There have been some messages on the NTP list referencing posts on a
Debian list about leap second crashes, and there's a post on /. about a
similar problem with Fedora 8.
--
Chris Adams
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
Conditional advertisements might be what you're looking for:
http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a0080094309.shtml
Regards,
Chris Ely
On Wed, 31 Dec 2008, Naveen Nathan wrote:
Hi,
I would appreciate insight and experience for the following situ
What all good advertised, unallocated prefixes do... send mail...
(senderbase shows a fair amount of volume)
On Tue, Dec 23, 2008 at 12:09 PM, Adrian Chadd wrote:
> On Tue, Dec 23, 2008, sth...@nethelp.no wrote:
>
> > Axtel is announcing 100.10.10.0/24, which is within the 100.0.0.0/8block,
> > w
CID-Howto.htm
http://homepage.mac.com/duling/halfdozen/RANCID-Howto.html
Chris
- ------
Chris Owen - Garden City (620) 275-1900 - Lottery (noun):
President - Wichita (316) 858-3000 -A stupidity tax
H
es (BGP, for example, and controlling the
> hardware that actually does packet switching/routing).
Well, the J-series are fully software-based routers. Still, they have
their own routing daemons and such.
--
Chris Adams
Systems and Network Administrator - HiWAAY Internet Services
I don't s
this post useful, n...@rcn.com is always available.
-cj
--
Chris Jackman
RCN Internet Systems
s before I commit ? Or any other
comments ? I'll start trawling their specs too.
Thanks again to all that responded,
Chris
ces seem
to perform well in the throughput tests.
Now to look at very affordable layer 2, Gigabit 3com switches with good pps.
Chris
l mix of packet sizes on the
network but the vast majority is outbound on port 80 so hopefully that'll
help.
Any more input will of course be considered. I may post the NIC models for
approval if I'm scratching my head again :)
Thanks,
Chris
2008/12/17 Jim Shankland
> Chris wrote:
&
You've given me lots to think about ! Thanks for all the input so far.
A few queries for the replies if I may. My brain is whirring.
Chris: You're right and I'm tempted. I've almost had my arm twisted to go
down the proprietory route as I have some Cisco experience bu
shaping.
We're in the UK if it makes any difference.
Any help massively appreciated, ideally from those doing the same in
production environments.
Thanks,
Chris
"analogue-digital-analogue" service so well that the customer doesn't
realize it then the originating comment that started this tangent is
moot. They are providing a reliable E911 service over IP.
If they're not providing a more reliable service than we're back to the
same point. E911 over ip (and VOIP) are generally less reliable than
true POTS.
Regards,
Chris
e. You're assuming a lot. I find
it surprising that many people replying haven't kept a 911 only POTS line.
Regards,
Chris
27;ll keep a POTS line in the home, if for nothing more than
emergencies, until VOIP and Cell providers can consistently offer the
same level of services I've had with a traditional phone.
Regards,
Chris
1101 - 1200 of 1321 matches
Mail list logo