Re: Third Party VoIP Over Xfinity

Yes. We run lots of SIP UDP over many networks without issue.I feel like bloat is exactly an application for using UDP? With TCP won't that cause more bloat/delay? That being said, we generally see about 3-6 ms between end points and our PBX systems, so I'm not really worried about dela

Re: Third Party VoIP Over Xfinity

roprietary gateway or customers on a CGNAT service with them? I have been a Comcast customer for years, with my own equipment, and have never had issues using Polycom SIP phones on RingCentral. This is getting a little concerning for me as we are planning to roll out SIP phones direct to u

Re: Third Party VoIP Over Xfinity

dwestix><https://www.linkedin.com/company/midwest-internet-exchange><https://twitter.com/mdwestix> The Brothers WISP <http://www.thebrotherswisp.com/> <https://www.facebook.com/thebrotherswisp><https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg> ---

Re: Third Party VoIP Over Xfinity

End user switched back to the old ISP. We couldn't have work stoppage any more for something as simple as SIP registration. On 9/10/24 5:57 PM, Norman Jester wrote: I did the same…. No progress at all. Norman Jester On Sep 10, 2024, at 1:00 PM, Matt Hoppes wrote: So not eve

Re: Third Party VoIP Over Xfinity

E doing SIP ALG when acting as a router. On Sep 10, 2024, at 2:17 PM, Matt Hoppes wrote: I have an employee who has recently switched to Xfinity cable service. Ever since they switched their internet service their work phones will not stay registered for more than about 3 minutes. These s

Re: Third Party VoIP Over Xfinity

tried TLS for the SIP transport by chance? I manage a few phones on comcast across the country and have no problems. On 9/10/2024 3:52 PM, Matt Hoppes wrote: Well this is curious Same issue... they are breaking something with registration.  What region are you in?  We are in North Central

Re: Third Party VoIP Over Xfinity

CGNAT, some saying they don't.  If they do, I wonder if their CGNAT routers have SIP ALG enabled or disabled.  Unfortunately, these are the sorts of questions I suspect first level support can't help you with. On Tue, 10 Sep 2024, Matt Hoppes wrote: So not even the same area then.

Re: Third Party VoIP Over Xfinity

2024, at 12:52 PM, Matt Hoppes wrote: Well this is curious Same issue... they are breaking something with registration. What region are you in? We are in North Central PA so we're routing On 9/10/24 3:25 PM, Norman Jester wrote: Your message is timely for me. I literally have the

Re: Third Party VoIP Over Xfinity

or my daughter’s home and she got Xfinity. Everything worked for a few minutes then I could not keep phones registered after. Norman Jester On Sep 10, 2024, at 12:18 PM, Matt Hoppes wrote: I have an employee who has recently switched to Xfinity cable service. Ever since they switched

Third Party VoIP Over Xfinity

I have an employee who has recently switched to Xfinity cable service. Ever since they switched their internet service their work phones will not stay registered for more than about 3 minutes. These same phones have been used on many ISPs without issues. The same config has been used behind m

Re: ATT contact

Doug, I'd recommend giving this a read: https://www.linode.com/docs/guides/diagnosing-network-issues-with-mtr/#verify-packet-loss Your trace shows nothing of concern. -Matt On Tue, Sep 10, 2024 at 10:28 AM Doug Barrett wrote: > We’re seeing 30-50% packet loss on a hop around what we

Re: Any ideas how long gmail cache DNS records ?

You might try posting this type of query to the mailop list at https://www.mailop.org/ There's at least one gmail person who responds every now and again over there. (keeping on-list since these kinds of queries come up every now and again and its useful for folks to see the pointer)

Re: pgp keyservers

eaningfully differs from the SKS keyserver network (which was exactly such a distributed system), you're not adding anything useful to the conversation. - Matt

Re: pgp keyservers

they upload. I think the hipster thing to do now, though, is --auto-locate-key with the Web Key Distribution or the DNSSEC Key Distribution mechanism. Matt On 7/21/24 7:25 PM, Randy Bush wrote: are there any old keyservers still working? or only the new hipster ones? i tried three and no

Re: Current diameter of the Internet?

n a little bufferbloat and you can easily get way more latency...I've definitely seen a minute+ pings on a plane, which is almost all queuing. I assume airplanes are not the only place with such horrendous queuing, even if most networks have done a good job at reducing that nonsense over the last decade. Matt

Re: Out-of-Bailiwick DNS?

th whatever's available and its all worked itself out. Matt

Re: 600,000 routers bricked

aw attention to the wider systemic issue: some ISPs not patching or life-cycling their CPEs. Depriving access to the Internet (and potentially 911) to 600k households is still wrong, no matter the intent. -Matt On Mon, Jun 3, 2024 at 11:10 AM Matthew Petach wrote: > > I'm sorry, but if yo

[Event] NetUK1 Call for Presentations open

Hi NANOG List, NetUK1 will take place on the 8th and 9th of July 2024 at IET London: Savoy Place in London, this will be an in-person meeting. Tickets are also available at: www.netuk.org/netuk1/ NetUK helps people learn at every stage of their career. Our tal

Re: constant FEC errors juniper mpc10e 400g

n and mind your bend radii. We won't get away with some of what we used to get away with. -Matt On Wed, Apr 17, 2024 at 1:49 PM Aaron Gould wrote: > fec cliff? is there a level of fec erros that i should be worried about > then? not sure what you mean. > > -Aaron > On 4/17/202

Re: constant FEC errors juniper mpc10e 400g

nt is alarming or not, but you've not yet hit your FEC cliff so you appear to be fine. -Matt On Wed, Apr 17, 2024 at 1:40 PM Dominik Dobrowolski < dobrowolski.dom...@gmail.com> wrote: > Open a JTAC case, > That looks like a work for them > > > Kind Regards, > Dominik

Re: Anyone got a contact at OpenAI. They have a spider problem.

ensnaring them. dig a deeper > hole. > > randy > "The world hates change, yet it is the only thing that has brought progress." -Charles Kettering You'll recall that the proliferation of the Internet was met with similar resistance. There's some fascinating irony here. -Matt -- Matt Erculiani

Re: Why are paper LOAs still used?

wyers to walk a judge (and jury) through the entire purpose and use of that system, as opposed to "here's a super important sheet of paper that they lied on case closed". -Matt On Mon, Feb 26, 2024 at 11:57 AM Seth Mattinen via NANOG wrote: > Why do companies still insist on

Re: Feds seek to seize funds from lv.net ISP bank accounts and allege $3+ million fraud in bitcoin

And for those who have had the misfortune of actually dealing with LV.Net, this doesn't come as a huge surprise. I once had an corporate rep from them tell me about how the owners "have a bunch of schemes to make money" going on. Matt On 12/21/23 5:28 AM, Eric Kuhn

Re: Am I the only one who thinks this is disconcerting?

On 11/13/23 12:57 PM, Matt Corallo wrote: I'd be very curious to see a lawsuit over an IP hijack that isn't interfering with the operation of any of Cogent's services and is restoring service to HE's customers. Doubly so if they prepend aggressively to avoid it being a pr

Re: Am I the only one who thinks this is disconcerting?

a /48 for the C root server, and I assume there's ~nothing else in that block, but dunno). IANAL and really have no idea what the basis for that would be? I guess if its legacy space you might argue its property and theft? Matt On 11/13/23 12:38 PM, Ryan Hamel wrote: Matt, Why would HE

Re: Am I the only one who thinks this is disconcerting?

ever going to change.  DNS will fail and select another to talk to, and things will still work. At what point does HE just host a second C root and announce the same IPv6s? Might irritate Cogent, but its not more "bad" than Cogent failing to uphold the requirements for running a root server. Matt

Re: Arelion/Telia AS1299 issues?

gt; Steve > > Matt Harris VP OF INFRASTRUCTURE Follow us on LinkedIn! matt.har...@netfire.net 816-256-5446 www.netfire.com > On Oct 24, 2023, at 8:20 AM, Elmar K. Bins wrote: > > > > We also observed this today, UTC morning, esp. across the pond, and our > > alternative p

Re: constraining RPKI Trust Anchors

consider further constraining RPKI, IMO, though how isn’t entirely clear. One further possible change would be for RIR allocation changes time to be delayed by validators such that any loss of address space by RPKI enforcement takes a few months, giving operators some time to respond. Matt >

Openstack modules for nx/juniper

ng with, but if it's actually the case that folks are just still running just fine with the older modules on modern openstack then that's fine too. What I really want to avoid is having to hire dev contractors to write code to deal with this. Thanks, Matt Matt Harris VP OF INFRASTRUCT

Re: Zayo woes

uire a small Cloud Buy any small Clouds and you're guaranteed to acquire managed services for small companies. Now you've gone from being Layer 0 only catering whales, to dabbling in Layer 7 at Dr. Morris's Family dentistry. Spin off what you don't want, and repeat. -Matt

Re: *.au RRSIG Expired

I believe same for name.au where `name` has a DS record. Same for net.au./DS, etc. Matt On 9/17/23 5:48 PM, Matt Corallo wrote: Just in case anyone wonders why *.com.au isn't loading for their customers, the RRSIG covering .com.au/DS expired at 00:05:29 UTC (about 40 minutes ago now). Matt

.com.au RRSIG Expired

Just in case anyone wonders why *.com.au isn't loading for their customers, the RRSIG covering .com.au/DS expired at 00:05:29 UTC (about 40 minutes ago now). Matt

Re: MX204 Virtual Chassis Setup

Does Fusion not make sense in this case? I've not had a ton of experience with it, but it does well to add a crazy port count to an otherwise very port limited device. -Matt On Wed, Aug 23, 2023 at 9:01 AM Tom Beecher wrote: > What would have been nice is if Juniper oversubscribed

Re: malware warning

CC nanog@nanog, that seems to get rid of it. Matt On 7/18/23 5:02 PM, Randy Bush wrote: malware email is so common i normally do not warn of it. but, in this case, the attacker is extracting quotes from nanog and luring folk into clicking. e.g. From: takaha...@fukushitrust.com Subject: Re:

Re: Request for assistance with Verizon FIOS connection

g the problem carefully before escalating an issue. Hopefully everyone on this list knows the value of the tech on the other end of the line's time :) Matt On 7/14/23 9:07 PM, Mel Beckman wrote: Getting the FCC involved seems premature, since the OP hasn't yet ruled out a problem with

Re: Request for assistance with Verizon FIOS connection

milar process that tends to get very high priority tech attention as city council members will rake providers over the coals on individual complaints come contract-renewal time). Matt On 7/14/23 8:01 AM, Neil Hanlon wrote: Hi all - I apoligize for the not-necessarily-on-topic post, but I&#x

Re: My first ARIN Experience but probably not the last, unfortunately..

> If you can't afford $250 a year for ARIN, you probably shouldn't be starting a new business. That seems a little tone deaf and extremely insensitive to a lot of non-profit organizations who fight for every penny they can. -Matt On Fri, Jul 14, 2023 at 3:06 PM Darin Steffl w

Re: whois server

Loads for me and just has a "we're shutting down notice", copied below. But, like they say, modern whois knows where to look, no need to use anything else, I think as long as you're not stuck trying to use macOS or something else shipping weird ancient un-update

Re: New addresses for b.root-servers.net

On 6/20/23 10:20 PM, Masataka Ohta wrote: Matt Corallo wrote: So, let's recognize ISPs as trusted authorities and we are reasonably safe without excessive cost to support DNSSEC with all the untrustworthy hypes of HSMs and four-eyes principle. I think this list probably has a few t

Re: New addresses for b.root-servers.net

On 6/19/23 8:08 PM, Masataka Ohta wrote: Matt Corallo wrote: This is totally unrelated to the question at hand. There wasn't a question about whether a user relying on trusted authorities can maybe be whacked by said trusted authorities (though there's been a ton of work in this s

Re: New addresses for b.root-servers.net

On 6/19/23 2:08 AM, Masataka Ohta wrote: Matt Corallo wrote: Both in theory and practice, DNSSEC is not secure end to end Indeed, but (a) there's active work in the IETF to change that (DNSSEC stapling to TLS certs) TLS? What? As was demonstrated by diginotar, PKI i

Re: New addresses for b.root-servers.net

On 6/18/23 12:53 AM, Masataka Ohta wrote: Matt Corallo wrote: That's great in theory, and folks should be using DNSSEC [1], Wrong. Both in theory and practice, DNSSEC is not secure end to end Indeed, but (a) there's active work in the IETF to change that (DNSSEC stapling to

Re: New addresses for b.root-servers.net

folks with a cluestick [1] (we should), I'm saying we should also not bother making it easier for an attacker to hijack these poor misguided souls. Matt [1] $(dig +short pumpkey.net ds) returns nothing here, so I guess you are included in the set of folks who should really upgrade their DNS s

Re: New addresses for b.root-servers.net

announced in the DFZ after the previous renumbers, which would really be the point at which concern is warranted, not simply no longer responding. Matt

Comcast Business Account Website Broken

For the last two weeks we have been unable to pay any bills on the business Comcast website. Clicking on any billing link results in: 400 Bad Request Request Header Or Cookie Too Large This is going to the URL of: https://business.comcast.com/oauth/oauth2/authorize?client_id=comcast-business-m

Re: BGP routing ARIN space in APNIC region

Matt Harris VP OF INFRASTRUCTURE Follow us on LinkedIn! matt.har...@netfire.net 816-256-5446 www.netfire.com On Fri, Jun 9, 2023 at 2:49 PM Matthew Petach wrote: > > Hi Mike, > > In general, no, there's nothing that prevents you from doing that. > In days gone by, some netw

Re: New addresses for b.root-servers.net

On 6/3/23 4:17 PM, William Herrin wrote: On Sat, Jun 3, 2023 at 12:46 PM Matt Corallo wrote: I assume RHEL would ship a root hints update during that time, but such things can slip through pretty easily as its not a security update. Hi Matt, It *is* a security update. That's a r

Re: New addresses for b.root-servers.net

n if you don't respond to them. Not a bad idea, you could also put a nice warning page up informing them that their DNS resolver is broken and not enforcing DNSSEC while you're at it :) Matt

Re: Aptum refuses to SWIP

whois data to enable proper routing of abuse reports. So for an eyeball network, you probably want those routed to your organization since most of your customers won't have IT staff capable of dealing with them. - mdh Matt Harris VP OF INFRASTRUCTURE Follow us on LinkedIn! matt.har...@netfire.net 816-256-5446 www.netfire.com

Re: Best Linux (or BSD) hosted BGP?

pmacctd, which can split out flowspec which you can consume with whatever you're comfortable with). Setting up everything short of the actual flowspec inspection should be a half-hour endeavor, maybe three hours if you have to fight with the VM provider to get BGP filters working right :). Ma

Re: Routed optical networks

its constituent technologies. -Matt On Mon, May 1, 2023 at 12:30 PM Etienne-Victor Depasquale via NANOG < nanog@nanog.org> wrote: > Hello folks, > > Simple question: does "routed optical networks" have a clear meaning in > the metro area context, or not? > > Put

Re: Caveat emptor: avoid Inseego 5G products unless you still believe in classful routing

avoid the Inseego line of 5G products, as they're > woefully behind the times in their understanding of IPv4 subnetting as it > exists in 2023. ^_^; > > Thanks! > > Matt > But how is their IPv6 support? ;) Matt Harris VP OF INFRASTRUCTURE Follow us on LinkedIn! matt.har...@netfire.net 816-256-5446 www.netfire.com

Re: ElastiFlow Getting Started?

-maintained Akvorado at https://github.com/akvorado/akvorado I haven't had a chance to play with it yet, curious if anyone else has. Matt On 3/19/23 1:53 PM, Mike Hammett wrote: Does anyone know of a getting started guide for the latest release of ElastiFlow? I went the docker path because I r

Re: 1.1.1.1 support?

Matt Harris VP OF INFRASTRUCTURE Follow us on LinkedIn! matt.har...@netfire.net 816-256-5446 www.netfire.com On Wed, Mar 22, 2023 at 3:36 AM Saku Ytti wrote: > Am I correct to understand that 1.1.1.1 only does support via community > forum? > > They had just enough interest in th

Re: A blatant podcast plug

On 3/5/23 7:00 PM, Matt Corallo wrote: On 3/5/23 12:34 PM, Dave Taht wrote: I rather enjoyed doing this podcast a few weeks ago, (and enjoy this podcast a lot, generally), and it talks to what I've been up to for the past year or so on fixing bufferbloat for ISPs.

Re: A blatant podcast plug

acket reading), but incredibly powerful when you need to do something dirty (or more performant, in the cloudflare case, dunno if they're doing the in-hardware XDP stuff or not). Matt [1] I tried to change it, the constant literally predates linux-in-git but, hey, apparently sat links a

Re: Yahoo Mail admin assistance

You might try the Mailop list at https://www.mailop.org/, they're definitely active over there. Matt On 12/14/22 11:54 AM, Sam Roche wrote: If someone from the Yahoo mail admin team is on the list, could you please reach out to me privately? We had an issue where our customer SMTP serve

Re: the ipv4 vs ipv6 growth debate

nd connections. Thos have been hampered IME by github not serving git over v6. Supposedly it's coming soon but so much modern software fetches stuff from Github that that's a major blocker. Matt On 11/27/22 7:44 PM, Jorge Amodio wrote: I use the same extension on Chrome. I'm

Re: Random shower thought: GBIC with LC connector...

I feel like I've seen GBIC sleeves that accept SFP modules very similar to QSFP+ CVRs, but I can't seem to find any evidence of these ever existing, so perhaps I'm misremembering. -Matt On Tue, Nov 15, 2022 at 9:23 AM Mel Beckman wrote: > Oh. And it’s not “OCD”. It’s “CDO

Re: BCP38 For BGP Customers

;? Are you putting in some kind of fall back > filter > in based on something like IRR data? > > Thanks! > > -- > Charles Rumford (he/his/him) > Network Engineer | Deft > 1-312-268-9342 | charl...@deft.com > deft.com > Matt Harris VP OF INFRASTRUCTURE Follow us on LinkedIn! matt.har...@netfire.net 816-256-5446 www.netfire.com

Re: rsync CVE-2022-29154 and RPKI Validation

On 9/9/22 1:58 PM, Vincent Bernat wrote: On 2022-09-09 19:36, Matt Corallo wrote: The attacker is still limited to the target directory. The attacker can send files that were excluded or not requested, but they still end up in the target directory. RPKI validators download stuff in a

Re: rsync CVE-2022-29154 and RPKI Validation

, its a shame that wasn't included in any of the disclosure posts I managed to find :( (but it may be shared with several peers) I assume I'm mis-reading this - RPKI servers aren't able to overwrite output from other RPKI servers, so it shouldn't be shared, no? Thanks, Matt

rsync CVE-2022-29154 and RPKI Validation

c in their release/security package streams. Are rsync-based (or rsync-fallback, which I believe is still required for all RPKI validators?) RPKI validators all vulnerable to takeover from this, or is there some reason why this doesn't apply to RPKI validation? Thanks, Matt [1] h

Re: IPv6 internet broken, cogent/hurricane not peering

[Removing peer...@he.net from this because there's no reason to spam them.] Matt Harris|VP of Infrastructure 816-256-5446|Direct Looking for help? Helpdesk|Email Support We build customized end-to-end technology solutions powered by NetFire Cloud. On Thu, Aug 11, 2022 at 9:21 AM VOLKAN

iCloud/Apple Mail contact.

fruitless. The autofilled info now points to a long dead email server. Thanks, Matt Hohman Technical Director New Heights Foundation

Re: Scanning the Internet for Vulnerabilities

ople with nefarious intent trying to open your doors and windows every night, someone doing the same thing with altruistic intent might not be such a bad thing. - Matt

Re: FYI - 2FA to be come mandatory for ARIN Online? (was: Fwd: [arin-announce] Consultation on Requiring Two-Factor Authentication (2FA) for ARIN Online Accounts

ers of us have discussed options which may be superior for a variety of reasons. - mdh Matt Harris|VP of Infrastructure 816-256-5446|Direct Looking for help? Helpdesk|Email Support We build customized end-to-end technology solutions powered by NetFire Cloud.

Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.)

next-month-with-company-X. Matt [1] https://twitter.com/joshfraser/status/1524093111349166080

Re: PoE, Comcast Modems, and Service Outages

to isolate/troubleshoot/fix it. Thanks, Matt Matt Ertle Manager - Network Operations Eastern Shore of Virginia Broadband Authority (w) 757 414.0304 (f) 757 656.7066 mer...@esvba.com

Re: IPv6 "bloat"

HCPv6 Option 79 https://datatracker.ietf.org/doc/html/rfc6939 On Sat, Mar 19, 2022 at 6:58 PM Matt Hoppes wrote: On 3/19/22 6:50 PM, Michael Thomas wrote: > > On 3/19/22 3:47 PM, Matt Hoppes wrote: >> It has "features" which are at a minimum problem

Re: IPv6 "bloat"

the interfaces of a host really so bad? I can't help but feel that it would have been nice for DHCPv6 to send DUID and MAC. On 3/19/22 7:03 PM, Michael Thomas wrote: On 3/19/22 3:56 PM, Matt Hoppes wrote: On 3/19/22 6:50 PM, Michael Thomas wrote: On 3/19/22 3:47 PM, Matt Hoppes wrote:

Re: IPv6 "bloat"

On 3/19/22 6:50 PM, Michael Thomas wrote: On 3/19/22 3:47 PM, Matt Hoppes wrote: It has "features" which are at a minimum problematic and at a maximum show stoppers for network operators. IPv6 seems like it was designed to be a private network communication stack, and how an

Re: IPv6 "bloat"

It has "features" which are at a minimum problematic and at a maximum show stoppers for network operators. IPv6 seems like it was designed to be a private network communication stack, and how an ISP would use and distribute it was a second though. On 3/19/22 5:29 PM, Michael Thomas wrote: S

Re: V6 still not supported

nus the high probability of collision when merging two networks. Just my 2 cents again ;) I think you have over-valued it. Owen ------ Original message -- From: Matt Hoppes To: Joe Maimon , b...@theworld.com, Tom Beecher Cc: NANOG Subject: Re: V6 still not supported Dat

Re: V6 still not supported

At this point I would *love* to see IPv4 get extended, a software patch applied to devices, and IPv6 die a quick painless death. Its not impossible to envision that IPv4 does not ever go away but actually gets extended in such a way that it obsoletes IPv6. The longer this drags out the less

Network Policies Towards Software Supply Chain Compromise

ption, and are there any open source projects to do so that smaller operators should be looking at using as well? Matt [1] eg https://github.com/vorner/log-reroute could edit your RPKI feed if, vorner wanted to.

Re: Juniper vMX Trial - fake news?

issues with. The licensing costs are pretty reasonable, too, imho. Good luck with what you're trying to accomplish: maybe give the vSRX series a shot if you're running on KVM. - mdh Matt Harris|Infrastructure Lead 816-256-5446|Direct Looking for help? Helpdesk|Email Support We build customized end-to-end technology solutions powered by NetFire Cloud.

Re: Ukraine request yikes

ne-- I will only say that I find the request by the government there to be "extremely consistent with Ukrainian values". -Original Message- From: NANOG On Behalf Of Matt Hoppes Sent: Wednesday, March 2, 2022 5:54 PM To: George Herbert ; Nanog Subject: Re: Ukraine request yikes

Re: Ukraine request yikes

ired.com/story/ghostwriter-hackers-belarus-russia-misinformationo/ Matt

Re: Ukraine request yikes

My (unpopular opinion) Russia does not deserve any amenities of the modern world. They have made their bed and now they have to sleep in it. On 3/1/22 3:16 AM, George Herbert wrote: Posted by Bill Woodcock on Twitter… https://twitter.com/woodyatpch/status/1498472865301098500?s=21 https://pas

ASN in use, but no whois data?

old PSINET block, though, and I'm seeing them in the global routing table. Anyone have any idea how this could happen where an ASN is in use, transiting several major providers to the internet, but no whois data as if it didn't exist? Thanks, Matt Matt Harris|Infrastructure Lead 8

Re: VPN recommendations?

Matt Harris|Infrastructure Lead 816-256-5446|Direct Looking for help? Helpdesk|Email Support We build customized end-to-end technology solutions powered by NetFire Cloud. On Thu, Feb 10, 2022 at 12:03 PM William Herrin wrote: > Hi folks, > > Do you have any recommendations for VPN a

Re: Request to participate in 2-min study survey on IPv6 Adoption

Matt Harris|Infrastructure Lead 816-256-5446|Direct Looking for help? Helpdesk|Email Support We build customized end-to-end technology solutions powered by NetFire Cloud. On Sun, Jan 30, 2022 at 7:07 PM Töma Gavrichenkov wrote: > Peace, > > On Thu, Jan 27, 2022, 4:38 PM Smahena Amakran

Re: Incrementally deployable secure Internet routing: operator survey

Matt Harris|Infrastructure Lead 816-256-5446|Direct Looking for help? Helpdesk|Email Support We build customized end-to-end technology solutions powered by NetFire Cloud. On Fri, Dec 17, 2021 at 12:51 PM Adrian Perrig wrote: > Dear Nanog, > > Knowing how challenging it is to

Re: IP tracking system

y web UI, including an API you can easily use from tooling to do stuff like auto-generate NAT configs, DNS zones, DHCP configs, etc. - mdh Matt Harris|Infrastructure Lead 816-256-5446|Direct Looking for help? Helpdesk|Email Support We build customized end-to-end technology solutions powered by NetFire Cloud.

Re: AWS and IPv6

ses (v4 or v6) assigned to an AWS VPC. Which is, fundamentally, half the problem with IPv6 in AWS. I'd have much preferred that they'd added the ability to do actually-useful IPv6 routing rather than IPv6-only subnets, which strikes me as more of a toy than something *actually* useful. - Matt

Re: Redploying most of 127/8 as unicast public

ents on it, so maybe it's just > me. So many things are just me. I didn't comment because I was laughing too hard to be able to reliably use the keyboard. - Matt

Re: Redploying most of 127/8 as unicast public

; Some of these are hardcoded in ASICs, I believe.  Change that! ;) Probably easier to change the ASICs than it'll be to get those "tested patches" they've apparently written deployed to the millions of Windows XP boxes still out there. - Matt

Re: Anyone else getting the 'spam' bomb threat?

30 AM Miles Fidelman mailto:mfidel...@meetinghouse.net>> wrote: Matt Hoppes wrote: > I've now heard from several operators - our selves included - about > getting an e-mail bomb threat to our datacenters asking for $5,000 USD > or the "bomb will be

Re: Anyone else getting the 'spam' bomb threat?

:* Matt Hoppes *Cc:* North American Network Operators' Group *Subject:* RE: Anyone else getting the 'spam' bomb threat? we received it as well -Original Message----- From: "Matt Hoppes" <mailto:mattli...@rivervalleyinternet.net>> Sent: Tuesday, October 1

Anyone else getting the 'spam' bomb threat?

I've now heard from several operators - our selves included - about getting an e-mail bomb threat to our datacenters asking for $5,000 USD or the "bomb will be detonated". Is this being seen on a wide spread e-mail blast to the RIR contacts, or am I just unlucky to know like 6 other data cente

Re: massive facebook outage presently

Yes, We've seen that. On 10/4/21 4:33 PM, Eric Kuhnke wrote: I am starting to see reports that in ISPs with very large numbers of residential users, customers are starting to press the factory-reset buttons on their home routers/modems/whatever, in an attempt to make Facebook work. This is res

Re: Fiber Network Equipment Commercial Norms

ipment owner to address the problem, or at least > respond with an acceptable time line, lest the building electrician > would remove the batteries as a health and safety concern. > > The equipment owner materialized and removed the batteries within 72 > hours. The bulk of the equipment was removed the following month. > > > > -- > Grant. . . . > unix || die > > -- Matt Erculiani ERCUL-ARIN

Re: Xfi Advances Security (comcast)

employees was getting blocked and was able to help us debug. We submitted the url to https://spa.xfinity.com/report to get whitelisted, but haven’t heard back yet, the form said estimated three business days. Matt Goldman Backend Engineer matt at carsandbids dot com

Re: IPv6 woes - RFC

that "ip_address" *means* "ipv4_address"? What about in the future, when you have the first device that is IPv6-only... what goes into that "ip_address" field? - Matt

Re: netflow in the core used for surveillance

er hand, would likely have much better luck, were they to pursue such a thing. Matt Harris|Infrastructure Lead 816-256-5446|Direct Looking for help? Helpdesk|Email Support We build customized end-to-end technology solutions powered by NetFire Cloud.

Re: Reminder: Never connect a generator to home wiring without transfer switch

per safety precautions, so one or more safety layers may have been removed, making the risk/impact of any single mistake much greater than it should be. -Matt On Wed, Aug 25, 2021 at 11:25 AM Mel Beckman wrote: > Jay, > > No, because transformers work in both directions :) > > Plus, to th

Re: Abuse Contact Handling

? There’s lots of things that could be done that are productive here. Matt > On Aug 6, 2021, at 08:08, Mike Hammett wrote: >  > I suppose if they did a better job of policing their own network, they > wouldn't have as much hitting their e-mail boxes. > > > > -

Re: Abuse Contact Handling

ing a human on an abuse contact is much too high. I'm not sure what the answer is here, but I totally get why large providers just say "we can better protect a web form with a captcha than an email box, go use that if there's real abuse". Matt On 8/5/21 09:14, Mike Hammett wrot

Re: Anycast but for egress

Matt Harris|Infrastructure Lead 816-256-5446|Direct Looking for help? Helpdesk|Email Support We build customized end-to-end technology solutions powered by NetFire Cloud. On Tue, Jul 27, 2021 at 1:29 PM Vimal wrote: > (Unsure if this is the right forum to ask this question, but here g

  1   2   3   4   5   6   7   8   9   >