Re: [Nanog-futures] Admission for Committee Members
On Fri, Sep 16, 2011 at 1:28 AM, Steven Feldman feld...@nanog.org wrote: [Apologies for cross-posting; it turns out many members are not on the nanog-futures list.] In our board meeting this week, we decided not to place this on this year's ballot. We feel that as with other decisions regarding conference fees and discounts, this is best left as an operational policy decision rather than a corporate governance issue. I lost the context in this thread related to this statement, but I'm not sure why you need a ballot question related to day to day operations of the organization. Less overhead == better. Allowing volunteers that are elected and appointed to committee to have their admission waived benefits the organization to some extent. It's likely to widen the gene pool and provide NANOG v2 with some fresh meat, something that we are sorely in need of and the main reason why I support this. Best, -M ___ Nanog-futures mailing list Nanog-futures@nanog.org https://mailman.nanog.org/mailman/listinfo/nanog-futures
Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network
On Tue, Sep 20, 2011 at 01:22:43AM -0400, Barton F Bruce wrote: Does anybody actually *have* a functional 7 track drive? The folks restoring at least one IBM 1401 probably have several. http://ibm-1401.info/ A few (dozen) years ago, I was treated to a interesting demonstration where a coworker poured an oily fluid containing tiny metallic flakes on a patch of tape. The bits on the tape could be clearly seen by the naked eye, and could be decoded (ever so slowly!) using a magnifying glass. -- Henry Yen Aegis Information Systems, Inc. Senior Systems Programmer Hicksville, New York
Re: Internet mauled by bears
On 9/19/11 18:49 , Richard Barnes wrote: And if they turn up the voltage on the fence high enough, dinner could be cooked by the time the crew gets there! montana experience says: cows have rather thick skin, sheep come with insulation, and bison will go through anything that gets in their way including 3 x 6 diameter corner posts and 4 strands of barbed and 2 hot wires. horses on the other hand are pansies. livestock always ends up on the other side of the fence... On Sep 19, 2011 9:34 PM, Suresh Ramasubramanian ops.li...@gmail.com wrote: On Tue, Sep 20, 2011 at 12:20 AM, John van Oppen jvanop...@spectrumnet.us wrote: We had a cow br... Your crews turning up there the next time a cow tries its luck are guaranteed a steak dinner then.
Re: SDH Fiber Problem
On 19 September 2011 10:20, jacob miller mmzi...@yahoo.com wrote: I have triend to do a ping with the DF bit set. Maximum am able to get to is 1600. This am guessing is because of the fact I have set the mtu size on My interface to 1600. You could extend this test by sending TCP packets across to simulate the HTTP flow, ideally looking at the packets as they come in at the other end. At least this way you're closer to replicating the problem than just using ICMP. If this doesn't get you anywhere, and as you can get ICMP packets of 1600byte across the link then have you thought about looking elsewhere for the problem? Potentially further up the path to the Internet? -- Daniel Holme
Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network
http://ibm-1401.info/ A few (dozen) years ago, I was treated to a interesting demonstration where a coworker poured an oily fluid containing tiny metallic flakes on a patch of tape. The bits on the tape could be clearly seen by the naked eye, and could be decoded (ever so slowly!) using a magnifying glass. standard ops procedure on those old tapes randy
Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network
On Tue, Sep 20, 2011 at 12:14:59AM -0400, valdis.kletni...@vt.edu wrote: On Tue, 20 Sep 2011 05:32:04 +0200, Randy Bush said: you left out one connection via a chevy full of hollerith cards and the second a canoe full of 7 track tape in waterproof containers. Does anybody actually *have* a functional 7 track drive? I remember seeing a story on PBS (may have been a Nova episode) where they discussed the fact that NASA had literally thousands of 7 track tapes of telemetry data and no way to read them because their last 7 track drive had died, and IBM had no 7 track read/write heads left either... (I admit we still have a rack of 9-track tapes in ez-loader seals in our tape library, though we got rid of our last IBM 3420 about a decade ago. I think most of them are tapes we've lost track of ownership info, and don't dare dispose of in case the owner turns up.. ;) I know of two sites that have them and there are folks who keep older kit running. its not cheap and they are not high volume. /bill
Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network
Date: Tue, 20 Sep 2011 00:07:06 -0400 (EDT) From: Jay Ashworth j...@baylink.com Subject: Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network From: Randy Bush ra...@psg.com you left out one connection via a chevy full of hollerith cards and the second a canoe full of 7 track tape in waterproof containers. That's a station wagon full of magtape. Henry would be disappointed. The zoo didn't use it. The station wagon transport layer -- which gave an entirely new meaning to 'jumbo packets' -- was a point-to-point link between a couple of North Carolina locations.
Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network
Randy Bush wrote: http://ibm-1401.info/ A few (dozen) years ago, I was treated to a interesting demonstration where a coworker poured an oily fluid containing tiny metallic flakes on a patch of tape. The bits on the tape could be clearly seen by the naked eye, and could be decoded (ever so slowly!) using a magnifying glass. standard ops procedure on those old tapes randy Yep. The method I was taught (IBM) was to loop the tape into the 'developing' solution container and see-saw it back and forth to make sure the mag. particles were distributed. Pull it out and wait until the medium evaporated. Lay it down and carefully place 'scotch-tape' over the record. Pull the scotch tape up and re-tape it to a white, blank, punched card. I still have the adjustable magnifier with the bit areas marked on the reticle. --Michael
Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network
From: valdis.kletni...@vt.edu Subject: Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network Date: Tue, 20 Sep 2011 00:14:59 -0400 Does anybody actually *have* a functional 7 track drive? I _think_ there's a guy in OZ that still has one or more. Haven't been in touch with him for several years though.
Re: Internet mauled by bears
On Tue, Sep 20, 2011 at 12:37:55AM -0700, Joel jaeggli wrote: cows have rather thick skin, sheep come with insulation, and bison will go through anything that gets in their way including 3 x 6 diameter corner posts and 4 strands of barbed and 2 hot wires. horses on the other hand are pansies. livestock always ends up on the other side of the fence... Man, whoever invents the Moebius fence will make a FORTUNE. -- David Cantrell | Official London Perl Mongers Bad Influence Deck of Cards: $1.29. 101 Solitaire Variations book: $6.59. Cheap replacement for the one thing Windows is good at: priceless -- Shane Lazarus
RE: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network
From: valdis.kletni...@vt.edu [mailto:valdis.kletni...@vt.edu] Sent: Tuesday, September 20, 2011 12:15 AM On Tue, 20 Sep 2011 05:32:04 +0200, Randy Bush said: you left out one connection via a chevy full of hollerith cards and the second a canoe full of 7 track tape in waterproof containers. Does anybody actually *have* a functional 7 track drive? I remember seeing a story on PBS (may have been a Nova episode) where they discussed the fact that NASA had literally thousands of 7 track tapes of telemetry data and no way to read them because their last 7 track drive had died, and IBM had no 7 track read/write heads left either... (I admit we still have a rack of 9-track tapes in ez-loader seals in our tape library, though we got rid of our last IBM 3420 about a decade ago. I think most of them are tapes we've lost track of ownership info, and don't dare dispose of in case the owner turns up.. ;) It's worse than that. I spent a little time working at NASA LaRC, and even if you had a functional drive, the tapes are mostly garbage (we had tens of thousands of 9 track spools that had spent decades in rooms with no temp or humidity controls). No point in trying to read data from a tape that's shedding the layer of magnetic material. We were not unique. Jamie
insurance
Curious if anyone out there is acting as an independent contractor, consultant, or small business, if so do you use professional liability insurance? What should I look out for and is there any good brokers that offer inexpensive yet reliable insurance? thanks as always, Mike
Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network
On Mon, 19 Sep 2011, Matthew Kaufman wrote: On 9/19/2011 6:02 PM, Jon Lewis wrote: On Sun, 18 Sep 2011, Frank Bulk wrote: I should have made myself more clear -- the policy amendment would make clear that multihoming requires only one facilities-based connection and that the other connections could be fulfilled via tunnels. This may be heresy for some. That's not multihoming. Really? Lets try these and see how you do: The ARIN NRPM actually defines it: 2.7. Multihomed An organization is multihomed if it receives full-time connectivity from more than one ISP and has one or more routing prefixes announced by at least two of its upstream ISPs. IMO, full-time connectivity would mean a leased line, ethernet, or even wireless connection, but not a GRE or other tunnel (which is entirely dependent on other connectivity). i.e. if you have a leased line connection to ISP-A, and a tunnel over that connection to ISP-B, and either A or your leased line fail, then you're down. That's not multihoming. Some of the scenarios you suggested are pretty unusual and would have to be considered on a case by case basis. i.e. a shared T1 to some common point over which you peer with 2 providers? I'd argue in that case, whoever provides or terminates the T1 in that case is your one transit provider, and again, you're really not multihomed...unless its your T1 and your router at the remote side, and that router has ethernet to the two providers...then that router is multihomed, and though most of your network is not, I'd argue that you have satisfied the requirement for being multihomed. -- Jon Lewis, MCP :) | I route Senior Network Engineer | therefore you are Atlantic Net| _ http://www.lewis.org/~jlewis/pgp for PGP public key_
Re: insurance
On Tue, 20 Sep 2011 07:59:00 EDT, harbor235 said: Curious if anyone out there is acting as an independent contractor, consultant, or small business, if so do you use professional liability insurance? I don't consult myself, but is *anybody* crazy enough to do consulting in the litigation-crazy US without carrying errors-and-omissions insurance? pgpKhwhMgkN0K.pgp Description: PGP signature
Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network
Once upon a time, Henry Yen he...@aegisinfosys.com said: A few (dozen) years ago, I was treated to a interesting demonstration where a coworker poured an oily fluid containing tiny metallic flakes on a patch of tape. The bits on the tape could be clearly seen by the naked eye, and could be decoded (ever so slowly!) using a magnifying glass. Dad has a little magnifying glass above a tray of metallic particles with a slot below that. He could pull a tape through the slot, tap the device, and the particles would line up with the bits. Of course, he also still has his NASA-issued slide rule still in his desk at work. :-) -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble.
Costa Rican Service providers?
I'm looking for any providers in Costa Rica that can service a location in San Pedro, San Jose, that can provide me 40Mbps service via Ethernet hand off, that does NOT use RACSA facilities. Please contact me off list.
Re: Internet mauled by bears
On 9/20/2011 2:37 AM, Joel jaeggli wrote: On 9/19/11 18:49 , Richard Barnes wrote: And if they turn up the voltage on the fence high enough, dinner could be cooked by the time the crew gets there! montana experience says: cows have rather thick skin, sheep come with insulation, and bison will go through anything that gets in their way including 3 x 6 diameter corner posts and 4 strands of barbed and 2 hot wires. horses on the other hand are pansies. livestock always ends up on the other side of the fence... In Illinois: Cows actually train to electric fence (hot wire) fairly well. They don't like being shocked too much. Once they get used to the fence, you can shut it off and they'll stay in for weeks because they won't even attempt it. That said, sometimes you get a cow that just really wants to be difficult and will go through anything. That cow is suddenly turned into hamburger. Pigs also train to electric fence well. As tough as their hide is, it shocks well. Sheep are difficult. Other than when they are recently sheared, they have a natural protection across 95% of their body. Unless it hits them in the head or lower leg, they aren't going to feel it. Even when sheared, they are a very stubborn animal. I've seen them standing facing a fence, swaying forward and backward, almost like they're trying to time the shock pulse. Then they go on through and tear up the wire and posts in the process. I've seen 4 strands of wire spaced about 10 inches apart and they won't stay in. Horses are okay, but you have to tie things to the wire so they can see it. They're too dumb to remember where it is, apparently. There is a big range of fence boxes. Some have a long pulse that isn't too hot. If you hold one of these, they make your hand and arm muscles clench up but they don't hurt too much. The other end of the range have a short hot pulse that will jump a good distance and will burn through green weeds. These hurt. On Sep 19, 2011 9:34 PM, Suresh Ramasubramanianops.li...@gmail.com wrote: On Tue, Sep 20, 2011 at 12:20 AM, John van Oppen jvanop...@spectrumnet.us wrote: We had a cow br... Your crews turning up there the next time a cow tries its luck are guaranteed a steak dinner then.
Re: insurance
So what is the difference with EO and professional insurance? Mike On Tue, Sep 20, 2011 at 10:20 AM, Dave Ellis d...@colo4.com wrote: My wife works for an insurance Agency and handles small business lines. Want me to have her contact you? On 09/20/2011 08:00 AM, harbor235 wrote: Than you for the responses, I want to clarify that I am talking about professional laibility and not general liability insurance. Professional liability being insurance that covers errors or omissions while executing professional work that may adversely impact a business your are contracting with. thanx, Mike On Tue, Sep 20, 2011 at 7:59 AM, harbor235harbor...@gmail.com wrote: Curious if anyone out there is acting as an independent contractor, consultant, or small business, if so do you use professional liability insurance? What should I look out for and is there any good brokers that offer inexpensive yet reliable insurance? thanks as always, Mike
Re: insurance
On 9/20/11 9:11 AM, valdis.kletni...@vt.edu valdis.kletni...@vt.edu wrote: On Tue, 20 Sep 2011 07:59:00 EDT, harbor235 said: Curious if anyone out there is acting as an independent contractor, consultant, or small business, if so do you use professional liability insurance? Many clients won't do business with you unless you provide the certificate indicating you have the appropriate level of coverage. In the networking business, this can often be 1 or 2 million dollars. I don't consult myself, but is *anybody* crazy enough to do consulting in the litigation-crazy US without carrying errors-and-omissions insurance? I'm sure there are some people who do, but I'd say they were stupid over crazy.
Re: insurance
Sameo sameo plus you'll need standard liability if you have clients that come to your office or if you work on their site. Usually your contract will dictate the minimum required. On Sep 20, 2011, at 10:31 AM, harbor235 wrote: So what is the difference with EO and professional insurance? Mike On Tue, Sep 20, 2011 at 10:20 AM, Dave Ellis d...@colo4.com wrote: My wife works for an insurance Agency and handles small business lines. Want me to have her contact you? On 09/20/2011 08:00 AM, harbor235 wrote: Than you for the responses, I want to clarify that I am talking about professional laibility and not general liability insurance. Professional liability being insurance that covers errors or omissions while executing professional work that may adversely impact a business your are contracting with. thanx, Mike On Tue, Sep 20, 2011 at 7:59 AM, harbor235harbor...@gmail.com wrote: Curious if anyone out there is acting as an independent contractor, consultant, or small business, if so do you use professional liability insurance? What should I look out for and is there any good brokers that offer inexpensive yet reliable insurance? thanks as always, Mike
RE: insurance
-Original Message- From: Brant I. Stevens [mailto:bra...@networking-architecture.com] Sent: Tuesday, September 20, 2011 10:33 AM To: valdis.kletni...@vt.edu; harbor235 Cc: NANOG list Subject: Re: insurance On 9/20/11 9:11 AM, valdis.kletni...@vt.edu valdis.kletni...@vt.edu wrote: On Tue, 20 Sep 2011 07:59:00 EDT, harbor235 said: Curious if anyone out there is acting as an independent contractor, consultant, or small business, if so do you use professional liability insurance? Many clients won't do business with you unless you provide the certificate indicating you have the appropriate level of coverage. In the networking business, this can often be 1 or 2 million dollars. I don't consult myself, but is *anybody* crazy enough to do consulting in the litigation-crazy US without carrying errors-and-omissions insurance? I'm sure there are some people who do, but I'd say they were stupid over crazy. [Ryan Finnesey] At one of the User Groups I run the pizza place needs 6 million dollars in insurance just to make a delivery to the building. Cheers Ryan
Re: insurance
- Original Message - On Tue, 20 Sep 2011 07:59:00 EDT, harbor235 said: Curious if anyone out there is acting as an independent contractor, consultant, or small business, if so do you use professional liability insurance? I don't consult myself, but is *anybody* crazy enough to do consulting in the litigation-crazy US without carrying errors-and-omissions insurance? The reality is that with the mega-insurance companies able to set whatever crazy premiums they feel like, and raise them every other month, the cost of being fully insured is sometimes more than what you can charge as a consultant. -Randy
Re: insurance
Randy, On 09/20/2011 08:10 AM, Randy Carpenter wrote: - Original Message - On Tue, 20 Sep 2011 07:59:00 EDT, harbor235 said: Curious if anyone out there is acting as an independent contractor, consultant, or small business, if so do you use professional liability insurance? I don't consult myself, but is *anybody* crazy enough to do consulting in the litigation-crazy US without carrying errors-and-omissions insurance? The reality is that with the mega-insurance companies able to set whatever crazy premiums they feel like, and raise them every other month, the cost of being fully insured is sometimes more than what you can charge as a consultant. This is just not true. Insurance companies are regulated by State Insurance boards. If an insurance company wants to raise rates, they have to submit a proposal to the their state insurance board. They can only raise rates for a class of customers. For example, all customers aged 50 - 62. -- Jack Morgan Pub 4096R/761D8E0A 2010-09-13 Jack Morgan j...@bonayri.com Fingerprint = DD42 EA48 D701 D520 C2CD 55BE BF53 C69B 761D 8E0A signature.asc Description: OpenPGP digital signature
Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network
On Tue, Sep 20, 2011 at 10:22 AM, Jon Lewis jle...@lewis.org wrote: On Tue, 20 Sep 2011, Dorn Hetzel wrote: If what you have is LEC frame relay service over which you have PVCs to two providers of IP transit service, then, IMO, you are multihomed. Are you protected against every single failure mode? No, but then neither are many folks with more traditional methods of multihoming. You are certainly afforded reasonable protection against routing issues on each of your two providers. I'd agree in that case that you do have connectivity to two providers and are multihomed, though in a very foolish way. Past experience has taught me that while Layer 2 LEC frame certainly fails, it may do so quite a bit less often than the rate of routing flaps, peering spats, and everything else that can go wrong at Layers 3..9 ... So while it's not physically diverse, it may still yield a significant reduction in downtime compared to that same T1 direct to a single Layer 3 provider... How about a hard T1 to provider A and a GRE tunnel over a 3G router for a backup? That's certainly physically diverse... If I was the ARIN auditor, I'd say that's borderline acceptable as multihomed. It's not much different from one of your connections being wireless, as long as that 3G connection is of sufficient bandwidth to of meaningful utility if the T1 is down. If your primary connection is T1/T3/ethernet/etc. and your second is a v.90 modem, then I'd probably call BS on the claim of being multihomed. So now you think ARIN should be judging how much bandwidth is enough, and how much is not? Perhaps I just have a corporate ASN, and my backup connection is the most I can afford to make sure at least email gets through when the primary is down. It's a slippery slope from v.90 not good enough to less than 2xOCn not good enough where n can be adjusted to suitably limit competition... -dorn
Re: Internet mauled by bears
On 09/20/11 00:37, Joel jaeggli wrote: livestock always ends up on the other side of the fence... Must be the greener pastures. -- END OF LINE --MCP
Re: insurance
On 9/20/2011 11:10, Randy Carpenter wrote: The reality is that with the mega-insurance companies able to set whatever crazy premiums they feel like, and raise them every other month, the cost of being fully insured is sometimes more than what you can charge as a consultant. This is sad, but true. Insurance was fully 1/4 of any income we made back when I owned an ISP around 2001-2004. -- Bryan Fields 727-409-1194 - Voice 727-214-2508 - Fax http://bryanfields.net
Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network
Benson Schliesser bens...@queuefull.net writes: For what it's worth, I agree that ARIN has a pretty good governance structure. (With the exception of NomCom this year, which is shamefully unbalanced.) ... as the chairman of the 2011 ARIN NomCom, i hope you'll explain further, either publically here, or privately, as you prefer. -- Paul Vixie KI6YSY
Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network
Hi, Paul. On Sep 20, 2011, at 11:43, Paul Vixie vi...@isc.org wrote: Benson Schliesser bens...@queuefull.net writes: For what it's worth, I agree that ARIN has a pretty good governance structure. (With the exception of NomCom this year, which is shamefully unbalanced.) ... as the chairman of the 2011 ARIN NomCom, i hope you'll explain further, either publically here, or privately, as you prefer. My understanding is that the NomCom consists of 7 people. Of those, 2 come from the board and 2 come from the AC. Together, those 4 members of the existing establishment choose the remaining 3 NomCom members. In the past, there was at least the appearance of random selection for some of the NomCom members. But in any case, due to its composition, the NomCom has the appearance of a body biased in favor of the existing establishment. Please correct any misunderstanding that I might have. Otherwise, I encourage an update to the structure of future NomComs. Cheers, -Benson
4.0.0.0/8?
Did Level3 withdraw 4.0.0.0/8 today and start announcing it as two /9s? -Hank
Re: old media (was: wannabe isp)
On Tue, Sep 20, 2011 at 12:20 AM, Randy Bush ra...@psg.com wrote: Does anybody actually *have* a functional 7 track drive? if you really need one, i know what trail i would start to follow. there are folk keeping old stuff alive and pulling arcane things off old media (like the besm-6 system). the text archive folks (talk at blackhat) may as well have a method to read these.
Re: 4.0.0.0/8?
On Sep 20, 2011, at 1:13 PM, Hank Nussbacher wrote: Did Level3 withdraw 4.0.0.0/8 today and start announcing it as two /9s? I don't know if it was today, but I see two /9s. -- TTFN, patrick
Re: 4.0.0.0/8?
On Tue, 20 Sep 2011, Patrick W. Gilmore wrote: Newbie question: If I do: route-viewssho ip bgp 4.0.0.0 BGP routing table entry for 4.0.0.0/9, version 821994 why do I see the /9 and not the /8 by default? If I do a specific lookup for 4.0.0.0/8 it is there as well. Thanks, Hank On Sep 20, 2011, at 1:13 PM, Hank Nussbacher wrote: Did Level3 withdraw 4.0.0.0/8 today and start announcing it as two /9s? I don't know if it was today, but I see two /9s.
Re: 4.0.0.0/8?
On Tue, Sep 20, 2011 at 08:13:09PM +0300, Hank Nussbacher wrote: Did Level3 withdraw 4.0.0.0/8 today and start announcing it as two /9s? Level3 has been announcing 2x /9's as well as the /8 for some time now, ever since Telefonica's unfortunate incident where they allowed a customer to hijack 12.0.0.0/8 because they don't prefix-list filter customers properly IIRC. -- Richard A Steenbergen r...@e-gerbil.net http://www.e-gerbil.net/ras GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
Re: 4.0.0.0/8?
On 9/20/11 10:22 , Hank Nussbacher wrote: On Tue, 20 Sep 2011, Patrick W. Gilmore wrote: Newbie question: If I do: route-viewssho ip bgp 4.0.0.0 BGP routing table entry for 4.0.0.0/9, version 821994 why do I see the /9 and not the /8 by default? If I do a specific lookup for 4.0.0.0/8 it is there as well. more-specific wins unless you specifically ask for all routes. Thanks, Hank On Sep 20, 2011, at 1:13 PM, Hank Nussbacher wrote: Did Level3 withdraw 4.0.0.0/8 today and start announcing it as two /9s? I don't know if it was today, but I see two /9s.
Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network
I plan to announce my ASN out of 3 physically diverse hops over 100mbps or gige. I believe that qualifies as multihoming under pretty much all definitions? On that note, is anyone familiar with peering fabrics in 60 Hudson and 600 West 7th (or peering fabrics that are fiber close in those locations)? Initial connectivity/peering will be with my initial ISP friend in 600, and with KCIX in KC MO. Would like to also peer with any peering exchanges in LA and NYC. I suppose peeringdb.com would be the place to look for this? (bringing this thread back on the original topic, though multihoming discussions definitely fall under the starting an isp category) :)
Re: 4.0.0.0/8?
On Tue, Sep 20, 2011 at 1:27 PM, Richard A Steenbergen r...@e-gerbil.net wrote: On Tue, Sep 20, 2011 at 08:13:09PM +0300, Hank Nussbacher wrote: Did Level3 withdraw 4.0.0.0/8 today and start announcing it as two /9s? Level3 has been announcing 2x /9's as well as the /8 for some time now, ever since Telefonica's unfortunate incident where they allowed a coughI think they still don't/cough -chris
FW: [arin-announce] Change to Whois Query Behavior
Apologies for the cross post from ARIN-Announce. Thought that many of you would be interested in hearing about the upcoming ARIN Whois change given the recent discussion on NANOG. Regards, Mark ARIN CTO On 9/19/11 2:00 PM, ARIN i...@arin.net wrote: ARIN announces a pending change to Whois query behavior on port 43. Prior to 25 June 2011, a query for an IP address in the ARIN region would return with that assignment/allocation within the ARIN region, and a query in the ARIN region for an IP address with no assignment/allocation would result in a ³no match² response. On 25 June, a change was misapplied. The intent of this change was to return ARIN¹s /8 for IP queries within ARIN¹s region for which there is no assignment/allocation, a behavior meant to align ARIN¹s Whois output with that of the other RIRs. However, this change introduced an unintended behavior of returning ARIN¹s /8, in addition to the desired results, in responses where IP addresses had been assigned or allocated. This change in behavior has created some confusion. On 2 October, ARIN will reinstate the previous behavior for Whois IP queries so that results are returned the way they were before 25 June. ARIN has provided two examples of a Whois query for reference: * Query with ARIN's /8 returned in the result set hierarchy: https://www.arin.net/announcements/2011/20110919.html#example1 * Query without ARIN's /8 returned in the result set: https://www.arin.net/announcements/2011/20110919.html#example2 Whois-RWS behavior will not change as it was not affected by the configuration change made on 25 June. We apologize for any confusion this has caused. Regards, Mark Kosters Chief Technical Officer American Registry for Internet Numbers (ARIN) ___ ARIN-Announce You are receiving this message because you are subscribed to the ARIN Announce Mailing List (arin-annou...@arin.net). Unsubscribe or manage your mailing list subscription at: http://lists.arin.net/mailman/listinfo/arin-announce Please contact i...@arin.net if you experience any issues.
Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network
On September 20, 2011 at 02:00 he...@aegisinfosys.com (Henry Yen) wrote: A few (dozen) years ago, I was treated to a interesting demonstration where a coworker poured an oily fluid containing tiny metallic flakes on a patch of tape. The bits on the tape could be clearly seen by the naked eye, and could be decoded (ever so slowly!) using a magnifying glass. Magnetic Tape Developer, you can still buy it (see link below). I remember playing with the stuff back in the days when punch cards were still your friend. I suppose it wouldn't be that hard to make your own but I think the liquid was a fast-drying light solvent or CFC, not oily, so it'd dry, you could read it, and then shake/wipe/dust it off. It was supposedly handy for recovering physically mangled tapes, it wasn't that rare for a tape to just get jammed in a drive and get so crumpled it wouldn't go thru a drive any more and you didn't have a backup tho usually at that point you dug out the original punch cards and re-created the data set or whatever, had the data re-keyed (that means punched back onto punchcards, or even key-to-tape, from its pencil+paper source) because using tape developer would be too expensive in terms of people-hours. Or you just applied to law school and hoped for the best. http://www.cardserv.asia/joomla/index.php?option=com_contentview=articleid=21Itemid=10 or http://tinyurl.com/6kak4o7 -b
Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network
On Sep 20, 2011, at 5:01 AM, Jon Lewis wrote: On Mon, 19 Sep 2011, Matthew Kaufman wrote: On 9/19/2011 6:02 PM, Jon Lewis wrote: On Sun, 18 Sep 2011, Frank Bulk wrote: I should have made myself more clear -- the policy amendment would make clear that multihoming requires only one facilities-based connection and that the other connections could be fulfilled via tunnels. This may be heresy for some. That's not multihoming. Really? Lets try these and see how you do: The ARIN NRPM actually defines it: 2.7. Multihomed An organization is multihomed if it receives full-time connectivity from more than one ISP and has one or more routing prefixes announced by at least two of its upstream ISPs. IMO, full-time connectivity would mean a leased line, ethernet, or even wireless connection, but not a GRE or other tunnel (which is entirely dependent on other connectivity). Why would you say that a GRE or other tunnel is not full-time connectivity? I have full-time GRE tunnels to two ISPs and they do actually constitute multihoming under the ARIN interpretation of NRPM 2.7. i.e. if you have a leased line connection to ISP-A, and a tunnel over that connection to ISP-B, and either A or your leased line fail, then you're down. That's not multihoming. In my case, I have full-time circuits to two entities that provide very limited IPv4 services. I use those two connections to route GRE tunnels to routers in colocation facilities. My AS consists of the routers in the colocation facilities combined with the routers at my primary location and the networks to which they are attached. The GRE tunnels provide OSPF and iBGP routing to the routers at my primary location and my prefixes are anchored on the routers at the primary location. The colo routers provide the eBGP border connectivity to the upstream routers at each of the colos. In what way is this not multihoming? Now, let's look at some alternatives... If I have only a single router at my primary location, is it still multihoming? I would say yes. Perhaps less reliable, but, that is not ARIN's concern. If I have only a single physical link over which the multiple tunnels are connected, am I still receiving full time connectivity from two providers over the multiple tunnels? Yes, actually, I am. Again, it's not as reliable, but, reliability is not ARIN's concern. Some of the scenarios you suggested are pretty unusual and would have to be considered on a case by case basis. i.e. a shared T1 to some common point over which you peer with 2 providers? I'd argue in that case, whoever provides or terminates the T1 in that case is your one transit provider, and again, you're really not multihomed...unless its your T1 and your router at the remote side, and that router has ethernet to the two providers...then that router is multihomed, and though most of your network is not, I'd argue that you have satisfied the requirement for being multihomed. I think you are delving much deeper into the internals of someones network than it is customary for ARIN to do in order to pass judgment on whether or not it is multihomed. Owen
Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network
On Sep 20, 2011, at 2:54 PM, Owen DeLong wrote: Why would you say that a GRE or other tunnel is not full-time connectivity? I have full-time GRE tunnels to two ISPs and they do actually constitute multihoming under the ARIN interpretation of NRPM 2.7. i.e. if you have a leased line connection to ISP-A, and a tunnel over that connection to ISP-B, and either A or your leased line fail, then you're down. That's not multihoming. In my case, I have full-time circuits to two entities that provide very limited IPv4 services. I use those two connections to route GRE tunnels to routers in colocation facilities. My AS consists of the routers in the colocation facilities combined with the routers at my primary location and the networks to which they are attached. The GRE tunnels provide OSPF and iBGP routing to the routers at my primary location and my prefixes are anchored on the routers at the primary location. The colo routers provide the eBGP border connectivity to the upstream routers at each of the colos. In what way is this not multihoming? In the way that you are apparently incapable of reading what was written. Jon very clearly states that if the GRE tunnel goes over the same physical infrastructure, it is not multihoming. Then you go on to explain how you have two physical lines. I'd tell you to stop trolling, but I honestly wonder if you are trolling. -- TTFN, patrick
DC74
If anyone here is using DC74 (www.dc74.com) for colocation and would like to share their experiences, I'm all ears. Thanks in advance. Robert
lots of latency on qwest to google?
Anyone else seeing a lot of latency to google via qwest? .. 11 2 ms 2 ms 2 ms min-edge-12.inet.qwest.net [207.225.128.1] 1215 ms13 ms12 ms chx-edge-03.inet.qwest.net [67.14.38.5] 1312 ms21 ms13 ms 72.14.214.78 1413 ms13 ms13 ms 72.14.236.178 1561 ms61 ms61 ms 216.239.43.80 1672 ms61 ms62 ms 66.249.94.200 17 152 ms 145 ms 144 ms 216.239.43.213 18 148 ms 149 ms 150 ms 64.233.175.2 19 149 ms 150 ms 149 ms 66.249.94.34 20 212 ms 221 ms 212 ms 66.249.94.105 21 244 ms 244 ms 245 ms 66.249.94.75 22 244 ms 244 ms 244 ms 209.85.241.33 23 244 ms 243 ms 243 ms 74.125.236.52
Re: lots of latency on qwest to google?
On 09/20/2011 03:06 PM, Chris Brookes wrote: Anyone else seeing a lot of latency to google via qwest? .. 11 2 ms 2 ms 2 ms min-edge-12.inet.qwest.net [207.225.128.1] 1215 ms13 ms12 ms chx-edge-03.inet.qwest.net [67.14.38.5] 1312 ms21 ms13 ms 72.14.214.78 1413 ms13 ms13 ms 72.14.236.178 1561 ms61 ms61 ms 216.239.43.80 1672 ms61 ms62 ms 66.249.94.200 17 152 ms 145 ms 144 ms 216.239.43.213 18 148 ms 149 ms 150 ms 64.233.175.2 19 149 ms 150 ms 149 ms 66.249.94.34 20 212 ms 221 ms 212 ms 66.249.94.105 21 244 ms 244 ms 245 ms 66.249.94.75 22 244 ms 244 ms 244 ms 209.85.241.33 23 244 ms 243 ms 243 ms 74.125.236.52 We are seeing a routing loop at Qwest at one of our sites. 5 ge-5-2-0-0.ATL01-BB-RTR1.verizon-gni.net (130.81.17.115) 16.142 ms 16.093 ms 16.101 ms 6 0.xe-7-1-0.BR3.ATL4.ALTER.NET (152.63.80.73) 16.682 ms 16.254 ms 16.232 ms 7 204.255.168.222 (204.255.168.222) 16.412 ms 22.460 ms 21.343 ms 8 eug-core-02.inet.qwest.net (67.14.32.33) 100.977 ms 99.921 ms 101.427 ms 9 eug-edge-04.inet.qwest.net (205.171.150.38) 99.565 ms 98.840 ms 100.322 ms 10 207.109.242.6 (207.109.242.6) 112.195 ms 110.977 ms 112.466 ms 11 eug-edge-04.inet.qwest.net (207.109.242.5) 110.768 ms 111.701 ms 111.362 ms 12 207.109.242.6 (207.109.242.6) 117.494 ms 113.060 ms 113.308 ms 13 eug-edge-04.inet.qwest.net (207.109.242.5) 120.939 ms 120.411 ms 119.971 ms 14 207.109.242.6 (207.109.242.6) 125.842 ms 122.599 ms 122.036 ms 15 eug-edge-04.inet.qwest.net (207.109.242.5) 120.446 ms 118.881 ms 119.204 ms 16 207.109.242.6 (207.109.242.6) 125.540 ms 125.478 ms 138.716 ms 17 eug-edge-04.inet.qwest.net (207.109.242.5) 138.225 ms 132.476 ms 131.683 ms 18 207.109.242.6 (207.109.242.6) 141.288 ms 142.909 ms 150.655 ms 19 eug-edge-04.inet.qwest.net (207.109.242.5) 148.538 ms 148.713 ms 148.130 ms 20 207.109.242.6 (207.109.242.6) 156.247 ms 152.812 ms 155.129 ms 21 eug-edge-04.inet.qwest.net (207.109.242.5) 156.888 ms 158.048 ms 156.072 ms 22 207.109.242.6 (207.109.242.6) 165.790 ms 165.101 ms 168.350 ms 23 eug-edge-04.inet.qwest.net (207.109.242.5) 166.783 ms 167.106 ms 165.928 ms 24 207.109.242.6 (207.109.242.6) 175.051 ms 176.857 ms 175.693 ms 25 eug-edge-04.inet.qwest.net (207.109.242.5) 176.788 ms 176.379 ms 175.867 ms 26 207.109.242.6 (207.109.242.6) 184.702 ms 184.590 ms 186.183 ms 27 eug-edge-04.inet.qwest.net (207.109.242.5) 186.509 ms 187.398 ms 185.913 ms 28 207.109.242.6 (207.109.242.6) 194.984 ms 196.161 ms 195.821 ms 29 eug-edge-04.inet.qwest.net (207.109.242.5) 196.193 ms 195.687 ms 196.331 ms 30 207.109.242.6 (207.109.242.6) 205.271 ms 205.732 ms 205.718 ms -- Stephen Clark *NetWolves* Sr. Software Engineer III Phone: 813-579-3200 Fax: 813-882-0209 Email: steve.cl...@netwolves.com http://www.netwolves.com
Re: insurance
On Sep 20, 2011, at 8:15 AM, Jack Morgan wrote: Randy, On 09/20/2011 08:10 AM, Randy Carpenter wrote: - Original Message - On Tue, 20 Sep 2011 07:59:00 EDT, harbor235 said: Curious if anyone out there is acting as an independent contractor, consultant, or small business, if so do you use professional liability insurance? I don't consult myself, but is *anybody* crazy enough to do consulting in the litigation-crazy US without carrying errors-and-omissions insurance? The reality is that with the mega-insurance companies able to set whatever crazy premiums they feel like, and raise them every other month, the cost of being fully insured is sometimes more than what you can charge as a consultant. This is just not true. Insurance companies are regulated by State Insurance boards. If an insurance company wants to raise rates, they have to submit a proposal to the their state insurance board. They can only raise rates for a class of customers. For example, all customers aged 50 - 62. This is generally NOT true for EO and Professional liability insurance. For the most part, that goes largely unregulated. The state insurance boards tend to focus on consumer-oriented forms of insurance (auto, home, life). Owen
Re: lots of latency on qwest to google?
On Tue, Sep 20, 2011 at 02:06:18PM -0500, Chris Brookes wrote: Anyone else seeing a lot of latency to google via qwest? .. 11 2 ms 2 ms 2 ms min-edge-12.inet.qwest.net [207.225.128.1] 1215 ms13 ms12 ms chx-edge-03.inet.qwest.net [67.14.38.5] 1312 ms21 ms13 ms 72.14.214.78 The above address is is in Google IP space 1413 ms13 ms13 ms 72.14.236.178 The above address is is in Google IP space 1561 ms61 ms61 ms 216.239.43.80 The above address is is in Google IP space 1672 ms61 ms62 ms 66.249.94.200 The above address is is in Google IP space 17 152 ms 145 ms 144 ms 216.239.43.213 The above address is is in Google IP space 18 148 ms 149 ms 150 ms 64.233.175.2 The above address is is in Google IP space 19 149 ms 150 ms 149 ms 66.249.94.34 The above address is is in Google IP space 20 212 ms 221 ms 212 ms 66.249.94.105 The above address is is in Google IP space 21 244 ms 244 ms 245 ms 66.249.94.75 The above address is is in Google IP space 22 244 ms 244 ms 244 ms 209.85.241.33 The above address is is in Google IP space 23 244 ms 243 ms 243 ms 74.125.236.52 The above address is is in Google IP space Looks to me like the latency from Qwest to Google (chx-edge-03.inet.qwest.net [67.14.38.5] to 72.14.214.78) is quite tolerable, but the delay(s) inside Google are a tad bit high. I see much the same thing from work and from home to 74.125.236.52. As soon as I jump from my provider's upstream (Qwest at work, Cox at home) to Google, the times go up sharply along the route to 74.125.236.52. -- Mike Andrews, W5EGO mi...@mikea.ath.cx Tired old sysadmin
Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network
Once upon a time, Patrick W. Gilmore patr...@ianai.net said: In the way that you are apparently incapable of reading what was written. Jon very clearly states that if the GRE tunnel goes over the same physical infrastructure, it is not multihoming. Then you go on to explain how you have two physical lines. Devil's advocate: if you have links to two carriers, but they are delivered via the same LEC on the same fiber, are you multihomed? What about if you have two LECs at your facility, but the two circuits share a common path elsewhere (outside of your knowledge)? -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble.
Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network
If you open the door to that sort of interpretation, then every org with a T1 and a backup dial-up connection can claim to be multihomed. You say that like it's a bad thing. In either of these cases, it's not enough to just have the connection. The ARIN NRPM definition of Multihomed includes has one or more routing prefixes announced by at least two of its upstream ISPs. Are you really going to announce your prefix[es] to both your real provider _and_ your ridiculously low bandwidth provider? Even if you prepend the latter considerably, you're likely to receive some traffic via that path. If you have a GRE tunnel to each of 2 ISPs and announce your route over BGP to them, or, have some other configuration with them and they both announce your prefix to the rest of the world, that meets the ARIN test. The rest is an issue for the network administrator and not a matter for ARIN policy. ARIN policy does not require your network to be functional or even useful. It's up to each administrator to decide how they want to operate their network and what level of dysfunction/lost packets they consider acceptable. It's a slippery slope from v.90 not good enough to less than 2xOCn not good enough where n can be adjusted to suitably limit competition... Perhaps the manual should be updated to replace full-time connectivity with something a bit more fleshed out specifying that the full-time connectivity be via dedicated circuit [frame-relay permanent virtual circuits included, if you can still find a LEC willing to sell them] or PTP wireless. I would oppose such a policy change. I believe it is out of scope for ARIN's mission of address administration. Owen
Re: insurance
The reality is that with the mega-insurance companies able to set whatever crazy premiums they feel like, and raise them every other month, the cost of being fully insured is sometimes more than what you can charge as a consultant. This is just not true. Insurance companies are regulated by State Insurance boards. If an insurance company wants to raise rates, they have to submit a proposal to the their state insurance board. They can only raise rates for a class of customers. For example, all customers aged 50 - 62. This is generally NOT true for EO and Professional liability insurance. For the most part, that goes largely unregulated. The state insurance boards tend to focus on consumer-oriented forms of insurance (auto, home, life). Owen Yep. I don't remember the specifics, but our quote was ridiculous (like $thousands per month). Our health insurance premiums also goes up 30+% nearly every year. So much for regulation there... -Randy
Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network
On Sep 20, 2011 3:21 PM, Owen DeLong o...@delong.com wrote: If you open the door to that sort of interpretation, then every org with a T1 and a backup dial-up connection can claim to be multihomed. You say that like it's a bad thing. In either of these cases, it's not enough to just have the connection. The ARIN NRPM definition of Multihomed includes has one or more routing prefixes announced by at least two of its upstream ISPs. Are you really going to announce your prefix[es] to both your real provider _and_ your ridiculously low bandwidth provider? Even if you prepend the latter considerably, you're likely to receive some traffic via that path. If you have a GRE tunnel to each of 2 ISPs and announce your route over BGP to them, or, have some other configuration with them and they both announce your prefix to the rest of the world, that meets the ARIN test. The rest is an issue for the network administrator and not a matter for ARIN policy. ARIN policy does not require your network to be functional or even useful. It's up to each administrator to decide how they want to operate their network and what level of dysfunction/lost packets they consider acceptable. It's a slippery slope from v.90 not good enough to less than 2xOCn not good enough where n can be adjusted to suitably limit competition... Perhaps the manual should be updated to replace full-time connectivity with something a bit more fleshed out specifying that the full-time connectivity be via dedicated circuit [frame-relay permanent virtual circuits included, if you can still find a LEC willing to sell them] or PTP wireless. I would oppose such a policy change. I believe it is out of scope for ARIN's mission of address administration. It should be opposed because it would smack of restraint of trade, and that is not a good place to be.
Re: lots of latency on qwest to google?
You can traceroute from all their POPS here if you'd like: https://kai02.centurylink.com/PtapRpts/Public/BackboneReport.aspx Having said that, that IP has similar horrible latency from my non-qwest connection. Additionally, google does not resolve to that IP for me, which is expected. It does look like poor routing on google's network. There's one hop counting for 100 latency, then another adding another 100ms latency, with little latency increases at other intermediary hops. I suspect something heading overseas and back between hop 5-6 and 7-8. 3. google.com.any2ix.coresite.com 0.0%971.0 4.0 0.7 67.1 12.1 4. 64.233.174.31 0.0%970.9 7.7 0.8 87.2 19.1 5. 64.233.174.192 0.0%971.2 1.5 1.0 10.8 1.3 6. 64.233.174.177 0.0%96 108.0 113.6 107.8 201.0 13.4 7. 66.249.94.107 0.0%96 108.7 113.7 108.4 157.9 9.8 8. 66.249.94.105 0.0%96 171.8 175.3 171.6 247.9 12.8 9. 66.249.94.75 0.0%96 203.4 204.5 203.1 251.7 6.9 10. 209.85.241.33 0.0%96 204.7 203.9 203.4 206.6 0.5 11. 74.125.236.52 0.0%96 204.2 203.8 203.2 204.7 0.4 On Tue, Sep 20, 2011 at 1:06 PM, Chris Brookes cbroo...@gmail.com wrote: Anyone else seeing a lot of latency to google via qwest? .. 11 2 ms 2 ms 2 ms min-edge-12.inet.qwest.net [207.225.128.1] 1215 ms13 ms12 ms chx-edge-03.inet.qwest.net [67.14.38.5] 1312 ms21 ms13 ms 72.14.214.78 1413 ms13 ms13 ms 72.14.236.178 1561 ms61 ms61 ms 216.239.43.80 1672 ms61 ms62 ms 66.249.94.200 17 152 ms 145 ms 144 ms 216.239.43.213 18 148 ms 149 ms 150 ms 64.233.175.2 19 149 ms 150 ms 149 ms 66.249.94.34 20 212 ms 221 ms 212 ms 66.249.94.105 21 244 ms 244 ms 245 ms 66.249.94.75 22 244 ms 244 ms 244 ms 209.85.241.33 23 244 ms 243 ms 243 ms 74.125.236.52
Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network
On 9/20/11 12:24 PM, Dorn Hetzel wrote: On Sep 20, 2011 3:21 PM, Owen DeLong o...@delong.com wrote: If you open the door to that sort of interpretation, then every org with a T1 and a backup dial-up connection can claim to be multihomed. You say that like it's a bad thing. In either of these cases, it's not enough to just have the connection. The ARIN NRPM definition of Multihomed includes has one or more routing prefixes announced by at least two of its upstream ISPs. Are you really going to announce your prefix[es] to both your real provider _and_ your ridiculously low bandwidth provider? Even if you prepend the latter considerably, you're likely to receive some traffic via that path. Yes. I've done it before. As long as the provider supports BGP communities to tweak localperf you won't get any traffic over it and you won't even need to prepend once. Prepending is really only a last resort if you got stuck with a dud provider that doesn't support communities. ~Seth
Re: lots of latency on qwest to google?
On 20 September 2011 14:24, PC paul4...@gmail.com wrote: Having said that, that IP has similar horrible latency from my non-qwest connection. Additionally, google does not resolve to that IP for me, which is expected. It does look like poor routing on google's network. There's I mentioned qwest because when I checked via another path (HE) it was fine. Does appear to be a google issue, I guess, based on further testing. Ho hum..
Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network
On Sep 20, 2011, at 3:18 PM, Chris Adams wrote: Once upon a time, Patrick W. Gilmore patr...@ianai.net said: In the way that you are apparently incapable of reading what was written. Jon very clearly states that if the GRE tunnel goes over the same physical infrastructure, it is not multihoming. Then you go on to explain how you have two physical lines. Devil's advocate: if you have links to two carriers, but they are delivered via the same LEC on the same fiber, are you multihomed? What about if you have two LECs at your facility, but the two circuits share a common path elsewhere (outside of your knowledge)? Fair question. As a customer, if your two transit circuits are in the same conduit, I do not consider that redundant. However, I believe the spirit of the NRPM is clear. Two circuits in the same conduit would qualify, one circuit with two BGP sessions does not. As has been famously and repeatedly mentioned here and just about everywhere else John is subscribed, ARIN is a VERY open organization. If you disagree with the NRPM, or even with an interpretation of it, feel free to offer up new language that would better fit your view. If the community agrees, POOF!, you have a new rule. -- TTFN, patrick
Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network
On Tue, Sep 20, 2011 at 4:05 PM, Patrick W. Gilmore patr...@ianai.netwrote: On Sep 20, 2011, at 3:18 PM, Chris Adams wrote: Once upon a time, Patrick W. Gilmore patr...@ianai.net said: In the way that you are apparently incapable of reading what was written. Jon very clearly states that if the GRE tunnel goes over the same physical infrastructure, it is not multihoming. Then you go on to explain how you have two physical lines. Devil's advocate: if you have links to two carriers, but they are delivered via the same LEC on the same fiber, are you multihomed? What about if you have two LECs at your facility, but the two circuits share a common path elsewhere (outside of your knowledge)? Fair question. As a customer, if your two transit circuits are in the same conduit, I do not consider that redundant. However, I believe the spirit of the NRPM is clear. Two circuits in the same conduit would qualify, one circuit with two BGP sessions does not. As has been famously and repeatedly mentioned here and just about everywhere else John is subscribed, ARIN is a VERY open organization. If you disagree with the NRPM, or even with an interpretation of it, feel free to offer up new language that would better fit your view. If the community agrees, POOF!, you have a new rule. Ok, I would propose something like: full time connection to two or more providers should be satisfied when the network involved has (or has contracted for and will have) two or more connections that are diverse from each other at ANY point in their path between the end network location or locations and the far end BGP peers, whether or not the two or more connections are exposed to one or more common points of failure, as long as their are any failure modes for which one connection can provide protection against that failure mode somewhere in the other connection. Whew :) I am sure someone can say it better! -Dorn
Re: lots of latency on qwest to google?
--- paul4...@gmail.com wrote: From: PC paul4...@gmail.com You can traceroute from all their POPS here if you'd like: https://kai02.centurylink.com/PtapRpts/Public/BackboneReport.aspx - Hmmm, it seems to work with only one vendor's browser. Anyone else notice that? scott
Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network
On Tue, 20 Sep 2011, Chris Adams wrote: Devil's advocate: if you have links to two carriers, but they are delivered via the same LEC on the same fiber, are you multihomed? What about if you have two LECs at your facility, but the two circuits share a common path elsewhere (outside of your knowledge)? I'd say you are. End users frequently don't know the layout of their carrier's networks, and I certainly wouldn't expect ARIN to be interested in that level of detail. What's next? Are you going to ask if I'd require that your router have dual power supplies from different UPS's, or that if they don't have dual power, you have a router per transit connection? It's a shame ARIN's auditors don't hang out here (or if they do, that they don't jump in and end these sorts of what if circle-jerks). It's a simple enough question...have they already seen applications for IP/ASN resources where the applicant was required to be multihomed and their connectivity was one leased line and a GRE tunnel with BGP to a second provider. Was the request approved? How many providers will even provision such a service? -- Jon Lewis, MCP :) | I route Senior Network Engineer | therefore you are Atlantic Net| _ http://www.lewis.org/~jlewis/pgp for PGP public key_
Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network
On Tue, 20 Sep 2011 16:13:57 EDT, Dorn Hetzel said: full time connection to two or more providers should be satisfied when the network involved has (or has contracted for and will have) two or more connections that are diverse from each other at ANY point in their path between the end network location or locations and the far end BGP peers, I'm reading your statement as if you got the logic backwards - because this doesn't rule out pipe from one provider and tunnel across same pipe to another provider, because the tunnel is diverse after it emerges from the first provider's pipe. But since you know *up front* that the two connections have fate sharing, it's not clear that it's good enough multihoming to count as two *real* full time connections. points of failure, as long as their are any failure modes for which one connection can provide protection against that failure mode somewhere in the other connection. As long as there is *A* failure mode? Hmm. invents a movie-plot failure mode involving crazed ninjas with katanas loose in a switch room at one provider. Yep, it's unlikely crazed ninjas will attack the switch rooms at both providers. I'm pretty sure what you intended to say there isn't what I read it as... pgpSabwnyLdn2.pgp Description: PGP signature
Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network
On 9/20/11 1:05 PM, Patrick W. Gilmore wrote: However, I believe the spirit of the NRPM is clear. Two circuits in the same conduit would qualify, one circuit with two BGP sessions does not. Totally disagree. If I have a metro ethernet circuit and can see both my transit providers over the same circuit, that's clearly multihoming. As is a single DS3 over which I run two T-1s to different providers. Or two ATM or Frame Relay VCs. Matthew Kaufman
Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network
On Tue, Sep 20, 2011 at 04:13:57PM -0400, Dorn Hetzel wrote: full time connection to two or more providers should be satisfied when the network involved has (or has contracted for and will have) two or more connections that are diverse from each other at ANY point in their path between the end network location or locations and the far end BGP peers, whether or not the two or more connections are exposed to one or more common points of failure, as long as their are any failure modes for which one connection can provide protection against that failure mode somewhere in the other connection. The GRE tunnel configuration being discussed in this thread passes this test. Consider the following: ISP #1 has transit connections to upstream A and B. ISP #2 has transit connections to upstream C and D ISP 1 and ISP 2 peer. Customer gets a connection to ISP #1 and runs BGP, and, over that connection, establishes a GRE tunnel to ISP #2, and runs BGP over that also. I assume your last clause requires that each connection provide protection against a failure more in the other connection (not just that one of the two provide protection against a failure mode on the other). This is satisfied. In my example: ISP #1 provides protection against ISP #2 having a complete meltdown. ISP #2 provides protection against ISP #1 losing both its upstream connections. -- Brett
Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network -- ENOUGH ALREADY!
This has deviated so far from a useful technical discussion, it isn't even amusing anymore. From http://www.nanog.org/mailinglist/ Our pre-posting guide for messages to the NANOG e-mail list: Does my email have operational/technical content? ANSWER: NO. Would I be interested in reading this email? ANSWER: YES, obviously (unless it wasn't me posting it.) I am also the guy at work who everyone avoids because I am the annoying talker who never shuts up. I often get confused when people just walk off in the middle of a conversation (ie: when I won't shut the hell up and/or let anyone else talk.) Would 10,000 other Internet engineers want to read this? NO. STOP. -bill ps. Those who chime in with a witty comment or yet another opinion just when the thread seems to be slowing down are just as guilty as the ones who keep it doing by writing paragraph after paragraph refuting what the others have said. (When neither side has an inkling of wanting to acquiesce to the other side.) ObGodwin: Hitler. Can we be done now?
Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network -- ENOUGH ALREADY!
Thank you! 112 Emails on this subject, I am sick of it. On Sep 20, 2011, at 3:25 PM, Bill P wrote: This has deviated so far from a useful technical discussion, it isn't even amusing anymore. From http://www.nanog.org/mailinglist/ Our pre-posting guide for messages to the NANOG e-mail list: Does my email have operational/technical content? ANSWER: NO. Would I be interested in reading this email? ANSWER: YES, obviously (unless it wasn't me posting it.) I am also the guy at work who everyone avoids because I am the annoying talker who never shuts up. I often get confused when people just walk off in the middle of a conversation (ie: when I won't shut the hell up and/or let anyone else talk.) Would 10,000 other Internet engineers want to read this? NO. STOP. -bill ps. Those who chime in with a witty comment or yet another opinion just when the thread seems to be slowing down are just as guilty as the ones who keep it doing by writing paragraph after paragraph refuting what the others have said. (When neither side has an inkling of wanting to acquiesce to the other side.) ObGodwin: Hitler. Can we be done now?
Re: lots of latency on qwest to google?
I tried two vendors without issue (firefox 5 + IE 9). The only nuance I saw is the enter key didn't work in IE9 for when I entered in the domain to initiate the traceroute. Clicking run test instead works fine. On Tue, Sep 20, 2011 at 2:41 PM, Scott Weeks sur...@mauigateway.com wrote: --- paul4...@gmail.com wrote: From: PC paul4...@gmail.com You can traceroute from all their POPS here if you'd like: https://kai02.centurylink.com/PtapRpts/Public/BackboneReport.aspx - Hmmm, it seems to work with only one vendor's browser. Anyone else notice that? scott
Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network
Ok, I would propose something like: full time connection to two or more providers should be satisfied when the network involved has (or has contracted for and will have) two or more connections that are diverse from each other at ANY point in their path between the end network location or locations and the far end BGP peers, whether or not the two or more connections are exposed to one or more common points of failure, as long as their are any failure modes for which one connection can provide protection against that failure mode somewhere in the other connection. Whew :) I am sure someone can say it better! -Dorn FWIW, two GRE tunnels over the same physical tail circuit to different providers on the other side would satisfy that condition. Frankly, I don't believe that your expanded definition changes anything from the current state of affairs. Owen
Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network
On Sep 20, 2011, at 2:02 PM, Jon Lewis wrote: On Tue, 20 Sep 2011, Chris Adams wrote: Devil's advocate: if you have links to two carriers, but they are delivered via the same LEC on the same fiber, are you multihomed? What about if you have two LECs at your facility, but the two circuits share a common path elsewhere (outside of your knowledge)? I'd say you are. End users frequently don't know the layout of their carrier's networks, and I certainly wouldn't expect ARIN to be interested in that level of detail. What's next? Are you going to ask if I'd require that your router have dual power supplies from different UPS's, or that if they don't have dual power, you have a router per transit connection? It's a shame ARIN's auditors don't hang out here (or if they do, that they don't jump in and end these sorts of what if circle-jerks). It's a simple enough question...have they already seen applications for IP/ASN resources where the applicant was required to be multihomed and their connectivity was one leased line and a GRE tunnel with BGP to a second provider. Was the request approved? How many providers will even provision such a service? I know for a fact that ARIN has received and approved such requests. I do not know whether ARIN was aware of the exact details of the underlying topology in question at the time they approved the request or not. I was a consultant filling out the applications for my clients at the time. It wasn't quite exactly what you describe, it was 2 GRE tunnels to different providers over a tail circuit from a third provider. As long as you can show transit and/or peering with two ASNs (usually through a peering contract or letter of intent from the peer/transit provider), ARIN considers you to be multihomed for policy purposes. The underlying physical or logical mechanisms by which you reach those two (or more) neighbor ASNs are not ARIN's concern. Owen
Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network
On Tue, Sep 20, 2011 at 5:19 PM, Brett Frankenberger rbf+na...@panix.comwrote: On Tue, Sep 20, 2011 at 04:13:57PM -0400, Dorn Hetzel wrote: full time connection to two or more providers should be satisfied when the network involved has (or has contracted for and will have) two or more connections that are diverse from each other at ANY point in their path between the end network location or locations and the far end BGP peers, whether or not the two or more connections are exposed to one or more common points of failure, as long as their are any failure modes for which one connection can provide protection against that failure mode somewhere in the other connection. The GRE tunnel configuration being discussed in this thread passes this test. Consider the following: ISP #1 has transit connections to upstream A and B. ISP #2 has transit connections to upstream C and D ISP 1 and ISP 2 peer. Customer gets a connection to ISP #1 and runs BGP, and, over that connection, establishes a GRE tunnel to ISP #2, and runs BGP over that also. I assume your last clause requires that each connection provide protection against a failure more in the other connection (not just that one of the two provide protection against a failure mode on the other). This is satisfied. In my example: ISP #1 provides protection against ISP #2 having a complete meltdown. ISP #2 provides protection against ISP #1 losing both its upstream connections. -- Brett Yes, that is what I was trying to say, that there are at least k providers, k=2, and that at least 2 of those k providers offer at least some redundancy for some possible failure modes in the other provider. Your example is especially plausible if it happens that the router from which ISP #1 provides me service is the same router, or at least close in the same POP, to the router from which they peer with ISP#2. ISP#1 might then have a complete backbone meltdown, but retain their local peering session with ISP#2, which would allow me to still reach my tunnel endpoint in ISP#2 and the BGP session resulting. -Dorn
Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network
Randy is right that ARIN has missed a step here. It is unfortunate that there is no tool in existence that would test conformance of a whois server, and with hindsight, it would have been a good idea for ARIN to sponsor such a tool on one of the open source repo sites like github or googlecode. Instead, various people have encoded bits of the knowledge of how whois should work, into their own private and closed source systems so nobody, including ARIN, has a good way to test conformance of any system changes that they make. We can only hope that in future, protocol definitions and protocol testing tools will be developed in a more open fashion so that there is, in fact, an issue tracker where anyone can open a ticket and complain about something that appears to be a bug. I don't think ARIN should be doing issue tracking like this, or closed source development, when there are so many open source tools available. Bitbucket and Codeplex are another couple that come to mind. -- Michael Dillon On 18 September 2011 07:49, Randy Bush ra...@psg.com wrote: one to post overly aggressive defensive messages on nanog I am not convinced that Mr. Bush is best placed to comment on this particular issue. you seem to have a problem differentiating defense from offense. i recommend you not play chess. :) Randy is perfectly right in expressing his concerns about the registry system that we've built (as long as its on a mailing list which supports the topic), since we're doing a function on behalf of the entire Internet community and spending everyone's money in the process. While it may not matter to him a bit, I'll defend his (and anyone's else right) to critique the quality and cost effectiveness of the job we're doing. thanks. :) i suspect some folk may be missing a few clues here. first is that you and i have been friends since the late '80s. second is that i was a founding board member of arin. and third, there is the concept of the loyal opposition. i just think that we, as a culture, have let things get wy out of whack. john is paid to defend the status grow. randy
Re: How to begin making my own ISP?
Hasserw, First I must apologise for not responding, I did see this message and did mean to attempt to help you out as I am currently working though this exact process in a very small proof of concept network with an even smaller budget. To address our question, a good starting point is a Cisco CCNA. If you review the list archive for the past month you will find a very interesting thread linking to guys who are running massive home networks just for their learning, that in turn will link you to detailed public CVs showing the sort of stuff that these guys are trained and training in. You also need some business training to understand how to structure the business aspects of your project. An MBA is a good qualification but there are many less high level courses you could look at as well. NA Nog is an operational list (with a lot of rant and fun stuff) and not really a business focused or educational list, so your initial query simply ran under the radar. D On 17/09/2011 6:10 a.m., hass...@hushmail.com wrote: No one replied with any useful information. I guess no one wants competition on this list? Pretty poor tactic. On Sat, 10 Sep 2011 21:55:01 -0400 hass...@hushmail.com wrote: I want to begin making my own ISP, mainly for high speed servers and such, but also branching out to residential customers. I'm going to be in Germany for the next school year (probably either Frankfurt am Main or Berlin); any suggestions on what sort of classes I can take there that will be in English and will teach me all I need to know on how to build and manage my own ISP, AS, etc? Thanks. -- Don Gould 31 Acheson Ave Mairehau Christchurch, New Zealand Ph: + 64 3 348 7235 Mobile: + 64 21 114 0699
Re: insurance
On Tue, Sep 20, 2011 at 03:21:51PM -0400, Randy Carpenter wrote: The reality is that with the mega-insurance companies able to set whatever crazy premiums they feel like, and raise them every other month, the cost of being fully insured is sometimes more than what you can charge as a consultant. This is just not true. Insurance companies are regulated by State Insurance boards. If an insurance company wants to raise rates, they have to submit a proposal to the their state insurance board. They can only raise rates for a class of customers. For example, all customers aged 50 - 62. This is generally NOT true for EO and Professional liability insurance. For the most part, that goes largely unregulated. The state insurance boards tend to focus on consumer-oriented forms of insurance (auto, home, life). Owen Yep. I don't remember the specifics, but our quote was ridiculous (like $thousands per month). Our health insurance premiums also goes up 30+% nearly every year. So much for regulation there... -Randy Back n the day - I used Hartford for insurance. It was very reasonable. Premiums went up once in the 15yrs we were active. /bill
Re: wet-behind-the-ears whippersnapper seeking advice on building a nationwide network
- Original Message - From: Chris Adams cmad...@hiwaay.net What about if you have two LECs at your facility, but the two circuits share a common path elsewhere (outside of your knowledge)? p=1.0, *even* if you're paying for guaranteed physical diversity. Cheers, -- jra -- Jay R. Ashworth Baylink j...@baylink.com Designer The Things I Think RFC 2100 Ashworth Associates http://baylink.pitas.com 2000 Land Rover DII St Petersburg FL USA http://photo.imageinc.us +1 727 647 1274
What's a reasonable attack surface? (was: Re: wet-behind-the-ears whippersnapper yada yada)
- Original Message - From: Valdis Kletnieks valdis.kletni...@vt.edu As long as there is *A* failure mode? Hmm. invents a movie-plot failure mode involving crazed ninjas with katanas loose in a switch room at one provider. Yep, it's unlikely crazed ninjas will attack the switch rooms at both providers. I too am a Schneier fan. But terrorists watch movies, too. Cheers, -- jr 'Once is happenstance...' a -- Jay R. Ashworth Baylink j...@baylink.com Designer The Things I Think RFC 2100 Ashworth Associates http://baylink.pitas.com 2000 Land Rover DII St Petersburg FL USA http://photo.imageinc.us +1 727 647 1274
akamai rate limiting?
Does anyone know if Akamai edgesuite servers rate limits or blacklists caching servers that query it too often? It appears that queries are timing out if we exceed a query load to edgesuite. Does anyone at Akamai know if there are any changes to rate limiting or an abnormally high load? Joseph Gersch Chief Operating Officer Secure64 Software Corporation smime.p7s Description: S/MIME cryptographic signature
Re: akamai rate limiting?
On Sep 20, 2011 7:54 PM, Joseph Gersch joe.ger...@secure64.com wrote: Does anyone know if Akamai edgesuite servers rate limits or blacklists caching servers that query it too often? It appears that queries are timing out if we exceed a query load to edgesuite. Does anyone at Akamai know if there are any changes to rate limiting or an abnormally high load? Akamai traffic is dropping on my network now. Emailed their noc, no eta on fix Cb Joseph Gersch Chief Operating Officer Secure64 Software Corporation
Re: Internet mauled by bears
On the other hand, I've been told that during a power outage cattle can sometimes smell that the electricity is gone... all their noses start sniffing after one in the pasture starts... and make a run for it... Probably is an old wives tale... Yeah, Sheep or Goat proof fence? Good luck. Here they just let them roam and the sheep herders follow them... until they bring them out of the mountains for the winter. On Tue, Sep 20, 2011 at 8:15 AM, Jason Baugher ja...@thebaughers.comwrote: On 9/20/2011 2:37 AM, Joel jaeggli wrote: On 9/19/11 18:49 , Richard Barnes wrote: And if they turn up the voltage on the fence high enough, dinner could be cooked by the time the crew gets there! montana experience says: cows have rather thick skin, sheep come with insulation, and bison will go through anything that gets in their way including 3 x 6 diameter corner posts and 4 strands of barbed and 2 hot wires. horses on the other hand are pansies. livestock always ends up on the other side of the fence... In Illinois: Cows actually train to electric fence (hot wire) fairly well. They don't like being shocked too much. Once they get used to the fence, you can shut it off and they'll stay in for weeks because they won't even attempt it. That said, sometimes you get a cow that just really wants to be difficult and will go through anything. That cow is suddenly turned into hamburger. Pigs also train to electric fence well. As tough as their hide is, it shocks well. Sheep are difficult. Other than when they are recently sheared, they have a natural protection across 95% of their body. Unless it hits them in the head or lower leg, they aren't going to feel it. Even when sheared, they are a very stubborn animal. I've seen them standing facing a fence, swaying forward and backward, almost like they're trying to time the shock pulse. Then they go on through and tear up the wire and posts in the process. I've seen 4 strands of wire spaced about 10 inches apart and they won't stay in. Horses are okay, but you have to tie things to the wire so they can see it. They're too dumb to remember where it is, apparently. There is a big range of fence boxes. Some have a long pulse that isn't too hot. If you hold one of these, they make your hand and arm muscles clench up but they don't hurt too much. The other end of the range have a short hot pulse that will jump a good distance and will burn through green weeds. These hurt. On Sep 19, 2011 9:34 PM, Suresh Ramasubramanianops.lists@**gmail.comops.li...@gmail.com wrote: On Tue, Sep 20, 2011 at 12:20 AM, John van Oppen jvanop...@spectrumnet.us wrote: We had a cow br... Your crews turning up there the next time a cow tries its luck are guaranteed a steak dinner then.
Re: Internet mauled by bears
One more problem: Many of these rural mountain small WISP towers (such as Idaho from this article), do not have electricity. Winter access is via snow machine, snow-shoe, or helicopter, -- and power is obtained via solar panels and batteries. They are often placed on forest service or BLM land, or other private property leases without facilities. On Tue, Sep 20, 2011 at 11:25 PM, PC paul4...@gmail.com wrote: On the other hand, I've been told that during a power outage cattle can sometimes smell that the electricity is gone... all their noses start sniffing after one in the pasture starts... and make a run for it... Probably is an old wives tale... Yeah, Sheep or Goat proof fence? Good luck. Here they just let them roam and the sheep herders follow them... until they bring them out of the mountains for the winter. On Tue, Sep 20, 2011 at 8:15 AM, Jason Baugher ja...@thebaughers.comwrote: On 9/20/2011 2:37 AM, Joel jaeggli wrote: On 9/19/11 18:49 , Richard Barnes wrote: And if they turn up the voltage on the fence high enough, dinner could be cooked by the time the crew gets there! montana experience says: cows have rather thick skin, sheep come with insulation, and bison will go through anything that gets in their way including 3 x 6 diameter corner posts and 4 strands of barbed and 2 hot wires. horses on the other hand are pansies. livestock always ends up on the other side of the fence... In Illinois: Cows actually train to electric fence (hot wire) fairly well. They don't like being shocked too much. Once they get used to the fence, you can shut it off and they'll stay in for weeks because they won't even attempt it. That said, sometimes you get a cow that just really wants to be difficult and will go through anything. That cow is suddenly turned into hamburger. Pigs also train to electric fence well. As tough as their hide is, it shocks well. Sheep are difficult. Other than when they are recently sheared, they have a natural protection across 95% of their body. Unless it hits them in the head or lower leg, they aren't going to feel it. Even when sheared, they are a very stubborn animal. I've seen them standing facing a fence, swaying forward and backward, almost like they're trying to time the shock pulse. Then they go on through and tear up the wire and posts in the process. I've seen 4 strands of wire spaced about 10 inches apart and they won't stay in. Horses are okay, but you have to tie things to the wire so they can see it. They're too dumb to remember where it is, apparently. There is a big range of fence boxes. Some have a long pulse that isn't too hot. If you hold one of these, they make your hand and arm muscles clench up but they don't hurt too much. The other end of the range have a short hot pulse that will jump a good distance and will burn through green weeds. These hurt. On Sep 19, 2011 9:34 PM, Suresh Ramasubramanianops.lists@**gmail.comops.li...@gmail.com wrote: On Tue, Sep 20, 2011 at 12:20 AM, John van Oppen jvanop...@spectrumnet.us wrote: We had a cow br... Your crews turning up there the next time a cow tries its luck are guaranteed a steak dinner then.