Paul,
This is the scenario. Peer B is send lots of outbound to Peer A.
Peer A depeers Peer (well former Peer) B. Why? Well, Peer A is having
ratio problems with other Peers C-F. Keep reading...
After depeering, some of (now former) Peer B's outbound traffic to
Peer A will now flow over
I don't know that NLayer was depeered yesteray for a fact, although
someone I trust did report that to me. I do know for a fact that
Limelight was. No offense to the good folk at nLayer, but most of the
people who I work for care a good bit more about Limelight
Didn't know about VW
On Jan 31, 2007, at 5:10 AM, matthew zeier wrote:
Steve Gibbard wrote:
If you actually want to do this, you've got four choices:
- Policy route, as mentioned below.
- Get the customer their own connection to Cogent.
- Have a border router that only talks to Cogent and doesn't
receive full
One interesting point - they plan to use Broadband over Power Line
(BPL) technology to do this. Meter monitoring is the killer app for
BPL, which can then also be used for home broadband, Meter reading is
one of the top costs and trickiest problems for utilities.
- Dan
On Jan 22, 2007,
On Jan 10, 2007, at 12:33 PM, William B. Norton wrote:
Why are folks turning away 10G orders?
Some of this depends on how much you are willing to pay. The issue is
as much 10G orders at today's transit prices as it is the capacity.
We're used to paying less per unit for greater
real science around this topic would be of great intellectual benefit.
- Daniel Golding
for
ownership of IP addressing and subsequently trading address space as a
commodity, with ARIN as a commodity exchange and clearinghouse.
Is this reaction people hating lawyers
more than ARIN, or what?
- Daniel Golding
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe
to
my upstreams, getting IP space, applying to ARIN for a /22 of PI space,
eventually numbering out of the PA space - how much money have I spent?
- Daniel Golding
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Michael Nicks
Sent: Friday, September 08
sure if you look really hard, you can find something else to be outraged
about. OpenDNS isn't it. I'm at a loss to explain why people are trying so
hard to condemn something like this.
- Daniel Golding
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
, is a Tier 2, but that's not a good reason to either buy
or not buy transit from them. There ARE good reasons (both ways) but that's
not one of them.
Daniel Golding
/anti-neutrality POV. Of course, an employee of Verizon or ATT, or
a smaller iLEC (or an MSO) would be wonderful, but not required. There will
be three other panelists with a variety of opinions.
Please email me if you are interested.
Thanks,
Daniel Golding
, please.
Daniel Golding
Marty Said...
At 08:11 PM 4/19/2006, Alex Rubenstein wrote:
On many of the public colo houses earnings calls, they told
analysts that they are trying to keep contracts to one year
so they can raise prices year over year, that power pricing is
fluid and many facilities are being expanded
or utilization!
--
Daniel Golding
transit RFP.
--
Daniel Golding
professors who are experts in commodity
market issues. As engineers, we grope in the dark concerning fairly well
established scientific principles we are unfamiliar with. Its like
reinventing the wheel. :(
--
Daniel Golding
On 3/6/06 6:14 PM, Stephen Sprunk [EMAIL PROTECTED] wrote:
Thus spake Daniel Golding [EMAIL PROTECTED]
On 3/6/06 10:25 AM, Stephen Sprunk [EMAIL PROTECTED] wrote:
So, unless there's policy change, most end-user orgs will have no
choice but to pay the market rate for IPv4 addresses. Spot
both the idea of an address market upon v4
exhaustion and the idea of clear title to address blocks. While I can't
state unequivocally that this is the answer, it does seem to merit further
study.
--
Daniel Golding
autoresponders and foolish AV software backscatter.
--
Daniel Golding
Money.
On 2/24/06 11:05 AM, Owen DeLong [EMAIL PROTECTED] wrote:
Because so far, DOC still thinks they control the oversight functions of
some aspects of what used to be under the NSF and the USG wants to continue
pretending that they control the internet.
Owen
--On February 24,
In terms of the larger question
ConEd Communications was recently acquired by RCN. I'm not sure if the
transaction has formally closed. I suspect there are serious transition
issues occurring. Financial Stability, Employee Churn, and Ownership
are, unfortunately, tough things to factor into
out of done deals is a sign of desperation
from companies that have lost the ability to innovate.
- Daniel Golding
On 1/19/06 6:44 PM, Paul Vixie [EMAIL PROTECTED] wrote:
proving once again that peering ratios only matter if the other guy's
customers can live without your assymetric content
Sean,
This is a question of hierarchy of risk and scarce resource allocation.
Fiber infrastructure is relatively well protected (by the ground), hard to
damage (requires big machines), and has service restoration capabilities
(routing protocols, optical ring protection, et al). A large scale
On 1/6/06 9:54 PM, Steve Gibbard [EMAIL PROTECTED] wrote:
On Fri, 6 Jan 2006, william(at)elan.net wrote:
On Fri, 6 Jan 2006, Wil Schultz wrote:
Apparently they have lost two authoritative servers. ETA is unknown.
You forgot to mention that they only have two authoritative servers for
during the past 'months' ? yikes... is that noted on your site so users of
the 'service' will know what sorts of 'problems' they might be
encountering due to their reliance on this 'service'?
I wonder how many problems cymru has had in that period? I'm guess not so
many...
--
Daniel Golding
on SFI
relationships in North America? I realize this is more like a consent decree
than true regulation, but its an interesting move by the regulators.
Regulation is generally a bad thing, but publishing SFI requirements - and
even SFI relationships - won't hurt anyone, IMHO.
--
Daniel Golding
for access to Google
and Yahoo. Broadband gets a lot less compelling without content, so don't
push it.
--
Daniel Golding
On 10/28/05 5:45 PM, JC Dill [EMAIL PROTECTED] wrote:
Christopher Woodfield wrote:
...the companies have agreed to the settlement-free exchange of
traffic subject to specific payments if certain obligations are not met.
So it does look like Cogent bent somwhat...I'm guessing they
On 10/28/05 7:37 PM, Crist Clark [EMAIL PROTECTED] wrote:
Eric Louie wrote:
Now, one really needs to wonder why the agreement could not be reached
*prior* to the depeering on 10/5
It's not rocket science.
As people have pointed out repeatedly, this was surely not rocket science
since
On 10/12/05 3:13 PM, Randy Bush [EMAIL PROTECTED] wrote:
geoff's predictions for a very lively market in v4 space will
seriously come into play.
Maybe its time to have a serious talk about IPv4 commodity trading schemes.
Anyone interested in this enough to have a BOF at ARIN/NANOG?
This
On 10/6/05 10:30 AM, Randy Bush [EMAIL PROTECTED] wrote:
Is being a tier-1 now a good or bad sales argument when
selling internet access ?
Its a great sales argument. That's why everyone claims to be
one. It just sounds SO good. And its not like the Peering
Police are going to enforce it.
On 10/6/05 10:37 AM, Patrick W. Gilmore [EMAIL PROTECTED] wrote:
On Oct 6, 2005, at 10:19 AM, tony sarendal wrote:
This is not the first and certainly not the last time we see this kind
of event happen.
Purchasing a single-homed service from a Tier-1 provider will
guarantee that you
, unregulated Internet.
Shame on them. Google is not suffering at all from this.
Ross Hosman
--
Daniel Golding
On 10/6/05 1:41 AM, Patrick W. Gilmore [EMAIL PROTECTED] wrote:
On Oct 5, 2005, at 4:13 PM, Daniel Golding wrote:
They can. Cogent has transit and is preventing traffic from
traversing its
transit connection to reach Level(3). Level(3) does not have
transit - they
are in a condition
On 10/6/05 6:43 AM, tony sarendal [EMAIL PROTECTED] wrote:
Is being a tier-1 now a good or bad sales argument when selling
internet access ?
Its a great sales argument. That's why everyone claims to be one. It just
sounds SO good. And its not like the Peering Police are going to enforce
On 10/5/05 3:02 PM, Matthew Crocker [EMAIL PROTECTED] wrote:
Is it really that hard to understand?
As a paying Cogent customer I expect to be able to get to the
Internet through them. Isn't that the business they are in?
Break your contract for non-performance and call it a day.
Level(3) threatened them with depeering. This is
so that a) the partition is less painful and/or b) they'll have to buy less
transit.
We will now return this thread to the normal stream of why is Cogent
broken, Level(3) is a bunch of meanies, and my traceroutes feel FUNNY.
;)
- Daniel Golding
Getting back on-topic - how can this be? I thought only service providers
(with downstream customers) could get PI v6 space. Isn't this what policy
proposal 2005-1 is about? Can someone (from ARIN?) explain the current
policy?
- Daniel Golding
On 9/9/05 2:16 PM, Steven J. Sobol [EMAIL
occurred, so we must act without that knowledge.
This is a great book for two audiences: enterprise network engineers who are
getting asked if their new MPLS VPN is secure (for some definition of
secure) and carrier network engineers trying to answer that question.
- Daniel Golding
On 8/28/05 8:28
to bring out design problems.) So yes, it's
worth hearing about, but not worth delaying publication for. And
since the IETF only has one way to publish documents for periods
extending six months...
--
Daniel Golding
Network and Telecommunications Strategies
Burton Group
.
Not that this necessarily means anything, but I thought your
sentiments above could do with some numbers. I don't see a strong
correlation between broadband penetration and population density here.
Joe
--
Daniel Golding
, Abhishek. Just remember that the
inmates of this particular asylum get testy now and again :)
Thanks,
Daniel Golding
(*There are additional questions on where you should do this blocking.
That's an entirely separate can of worms)
On 8/18/05 6:38 AM, Abhishek Verma [EMAIL PROTECTED] wrote:
coz
On 8/7/05 4:54 PM, Christopher L. Morrow [EMAIL PROTECTED]
wrote:
On Sun, 7 Aug 2005, William Warren wrote:
I think i did not make myself clear. The corrections off-list are
valid..:) However the modems are accessed by the providers using
RFC1918 space and not public IP space. This
a
broken record). When prices get too high, you know its time for v6.
Regards,
Daniel
--
Daniel Golding
On 8/4/05 6:49 PM, Steve Feldman [EMAIL PROTECTED] wrote:
I meant to ask this at a nanog or this IETF... why don't some of the
larger content providers (google, msn, yahoo, to name 3 examples) put
records in for their maint content pieces? why don't they get v6
connectivity from
On 7/29/05 12:56 PM, John C. A. Bambenek [EMAIL PROTECTED] wrote:
Remind me why I bother with information security when industry and the
government seems to want to ensure things can be pwn3d as easily as
possible...
If the digital pearl harbor does come to pass, this won't be
.
That being said, their policy of offering free updates for certain bug fixes
to those who don't pay them for support is generous. See that hand feeding
you? Don't bite it.
--
Daniel Golding
a vendor.
Take it from Ice-T - don't hate the player, hate the game. Words to live
by.
[snip]
Geo.
George Roettger
Netlink Services
Daniel Golding
Since the talk was actually delivered - does anyone have a transcript or a
torrent for audio/video?
- Dan
On 7/27/05 8:10 PM, Jeff Kell [EMAIL PROTECTED] wrote:
Cisco's response thus far:
http://www.cisco.com/en/US/about/security/intelligence/MySDN_CiscoIOS.html
Jeff
There are a couple possibilities.
Mice and Men and INS both make software that can front-end BIND servers
via a secure web interface. You can also utilize a secure DNS appliance to
serve your customer DNS - Infoblox, Bluecat, and INS all make these. They
generally have a pretty rich multi-user
when people holding big blocks of address
space start holding on to it because they expect to make more money
that way in the future...
--
Daniel Golding
Network and Telecommunications Strategies
Burton Group
required.
- Daniel Golding
On 7/6/05 11:41 AM, Scott McGrath [EMAIL PROTECTED] wrote:
You do make some good points as IPv6 does not address routing scalability
or multi-homing which would indeed make a contribution to lower OPEX and
be easier to 'sell' to the financial people.
As I read
on the appropriate NSP lists...
--
Daniel Golding
On 6/24/05 5:55 PM, Aaron Glenn [EMAIL PROTECTED] wrote:
I apologize for the off-topic post, but I'm at my wits end trying to
rediscover a peice of equipment I came across a few months ago but
some how lost the datasheet/bookmark too. The appliance
responding or posting to this thread or others which are
similar, please include a non-op tag in the subject line so that folks who
don't want to read about political machinations can procmail us efficiently)
- Daniel Golding
On 6/21/05 3:03 AM, Steve Gibbard [EMAIL PROTECTED] wrote:
On Mon, 20
by all these authentication schemes.
Regards,
John Levine, [EMAIL PROTECTED], Primary Perpetrator of The Internet for
Dummies,
Information Superhighwayman wanna-be, http://www.johnlevine.com, Mayor
More Wiener schnitzel, please, said Tom, revealingly.
--
Daniel Golding
Network
On a related note, those interested in NOC display technology may also want
to check out the recent Wall Street Journal article (sorry, I don't have a
link) that suggests that we are about to see a huge drop in large LCD/Plasma
display pricing as several new factories are coming on-line.
I'm
people's behavior. Federal laws do not.
--Michael Dillon
--
Daniel Golding
Network and Telecommunications Strategies
Burton Group
general.
t.
--
Daniel Golding
Network and Telecommunications Strategies
Burton Group
I suspect the right thing to do is to ask why soBGP and sBGP have failed?
And yes, they've failed. Just like DNSSec, we aren't seeing even limited
adoption. Why? Too complex, too many moving parts, too much reliance on iffy
third parties and requires mass adoption.
I suggest that the community
% of the effort.
- Dan
On 5/23/05 2:33 PM, Edward Lewis [EMAIL PROTECTED] wrote:
At 14:00 -0400 5/23/05, Daniel Golding wrote:
My reply is mostly tongue-in-cheek. I think it's always healthy to
explore alternatives.
Why not do something simple? The in-addr.arpa reverse delegation tree is
pretty
On that note, I suggest that folks from the NANOG community get involved
with CircleID. Its a great site with articles on everything from DNS and
addressing issues to domain naming and ICANN. It sometimes misses the
network operator perspective - a few articles or comments by some of the
folks
Do all of Comcast's markets block port 25? Is there a correlation between
spam volume and the ones that do (or don't)?
In any event the malware is already ahead of port 25 blocking and is
leveraging ISP smarthosting. SMTP-Auth is the pill to ease this pain/
- Dan
On 4/26/05 2:49 PM, Hank
://story.news.yahoo.com/news?tmpl=storyncid=1212e=3u=/washpost/2005041
6
/tc_washpost/a56223_2005apr15sid=96168964
At least in my neighborhood, Comcast appears to be running BIND 9.2.4rc6
--Prof. Steven M. Bellovin, http://www.cs.columbia.edu/~smb
--
Daniel Golding
Network and Telecommunications
Aside from individual OS behavior, doesn't this seem like very bad advice?
What sort of DNS cache poisoning attack could possibly work against a
workstation that has a caching resolver but no DNS server? If a hacker
really wished to do a name resolution attack against workstations, wouldn't
on the roots and TLD servers.
It might be interesting to pull query data on a root server and correlate it
with known dynamic IP address pools to spot a trend.
- Dan
On 4/15/05 9:54 AM, Patrick W Gilmore [EMAIL PROTECTED] wrote:
On Apr 15, 2005, at 8:59 AM, Daniel Golding wrote:
Too late. Every Mac
This is a matter of human nature, I suppose. Everyone is terribly pleasant
when they hear what they want. The true test is what happens when folk hear
the wrong answer.
I've depeered and I've been depeered. I've seen folks on the receiving end
of bad peering news handle it with consummate
they took
the step, though.
Well, FT took the step as you say.. they are the instigator here.
But, they are in their right to do so and would have given proper written
notice
to Cogent so this isnt as much a surprise to them as is being suggested
either.
Steve
--
Daniel Golding
And I appreciate Gadi's efforts. I hope they will soon be willing to make
this methodology public, as their work continues. And to take down some
phishing sites of course :)
- Dan
On 3/29/05 8:12 AM, Gadi Evron [EMAIL PROTECTED] wrote:
We provided Daniel with all the information he requested
organizations to help them in the future (especially the
attacked eCommerce sites and the hosting service providers).
* By previous requests here is an explanation of what ASN is, by Joe
St Sauver:
http://darkwing.uoregon.edu/~joe/one-pager-asn.pdf
--
Daniel Golding
Network
is insufficient when ISPs
and hosters are being called out by name.
- Dan
On 3/28/05 2:19 PM, Gadi Evron [EMAIL PROTECTED] wrote:
Daniel Golding wrote:
Forgive me for being skeptical, but...
I would prefer you being skeptical. Please don't take my word on any of
this.
How do you come up
that their clients
can't get the best deal as I need to raise my fees to client to cover
the small residual payment going to Bandwidth Advisors.
Tim
--
Daniel Golding
Network and Telecommunications Strategies
Burton Group
Was it part of a plea agreement?!
Maybe this is like the FBI employing forgers and burglars to get advice on
stopping crime?
Well, probably not... :(
- Dan
On 2/24/05 9:30 AM, [EMAIL PROTECTED]
[EMAIL PROTECTED] wrote:
Former chief privacy officer of Gator has been appointed to the Data
of some VoIP providers. Of course, even
paranoids have enemies, as they say :)
--
Daniel Golding
Network and Telecommunications Strategies
Burton Group
On 2/15/05 1:22 PM, Majdi Abbas [EMAIL PROTECTED] wrote:
On Tue, Feb 15, 2005 at 11:53:59AM -0600, Adi Linden wrote:
How is this any
solutions to fix the problem which may not exist. (Mac Anti-virus
software, anyone? ;)
Is anyone aware of actual pharming in the wild? Please reply off-list and
I will summarize answers to the list.
Thanks,
--
Daniel Golding
Network and Telecommunications Strategies
Burton Group
Why block TFTP at your borders? To keep people from loading new versions of
IOS on your routers? ;)
Not trying to be flippant, but what's the basis for this?
- Dan
On 2/15/05 1:45 PM, Eric Gauthier [EMAIL PROTECTED] wrote:
On Tue, Feb 15, 2005 at 11:53:59AM -0600, Adi Linden wrote:
How
Considering the fairly high quality security guides that have come out of
the NSA in recent years, this is probably the right choice.
- Dan
On 2/15/05 3:30 PM, Fergie (Paul Ferguson) [EMAIL PROTECTED] wrote:
...and following up on my last post, it would appear that the
U.S. gummint is
I've gotten a couple emails on this. To summarize:
1) some malware uses tftp. However much malware now uses other ports, such
as 80
2) There are numerous buffer overflow bugs with tftp. This would seem to be
better resolved with rACLs or ACLs towards loopback/interface blocks. (and,
of course,
. I didn't see it. I agree in general
and think that providers shouldn't block tftp, IMHO.
--
Daniel Golding
Network and Telecommunications Strategies
Burton Group
works well.
587 running SMTP auth (and relaying for authenticated users) and port 25 for
local (non relay) delivery without authentication should be the default on
all servers.
--
Daniel Golding
Network and Telecommunications Strategies
Burton Group
-reform.org. If you
agree with the contents, please endorse it by signing.
Thanks. We will now return to our regularly scheduled thread, which seems to
be intent on convincing people to violate their NDA's with a major network
equipment vendor :)
Thanks,
Daniel Golding
Additional information on MAC accounting from Hakan Lindholm...
(specifically, the SNMPv2c object to pull 64bit MAC accounting counters)
- Dan
-- Forwarded Message
From: Hakan Lindholm [EMAIL PROTECTED]
Date: Fri, 21 Jan 2005 20:36:45 +0100 (CET)
To: Daniel Golding [EMAIL PROTECTED]
Cc
Is there an RFC or other standards document that clearly states that static
bogon filter lists are a bad idea? While this seems like common sense, there
was just an RFC published on why IP addresses for specific purposes (like
NTP) shouldn't be encoded into hardware.
Using a dynamic feed needs
Andrew,
The 32 bit counters are a significant problem when using gigabit ethernet
public peering interfaces. Needless to say, MAC accounting was not designed
for gigabit speeds. Frequent polling is, sadly the only solution. If you
write your own scripts, make sure to account for counter
peering on a cisco router? I'm
using mrtg and i did mac address accounting but the numbers are off.
do you mean how to graph traffic to each host on a lan..?
what platform do you have?
Steve
--
Daniel Golding
Network and Telecommunications Strategies
Burton Group
On 1/12/05 8:46 AM, Erik Haagsman [EMAIL PROTECTED] wrote:
On Wed, 2005-01-12 at 12:37, David Gethings wrote:
On Wed, 2005-01-12 at 12:25 +0100, Iljitsch van Beijnum wrote:
IPv6 is also very useful in providing non-IPv4 management.
Well if we're offering protocols other than IP(v4) for OOB
On 1/12/05 12:05 PM, Joe Abley [EMAIL PROTECTED] wrote:
On 12 Jan 2005, at 11:53, Hannigan, Martin wrote:
You mean you'd *request* a different path from different providers.
Provisioning a circuit from two different ^providers^, other than
your OC3 provider.
I realise that's what
Kim,
Its terribly important that your routers' management traffic be encrypted
all the way to the device. For this reason, the best practice is to use
ssh2. There are some other hacks that can be used, but they are hacks, and
are not scalable.
Bastion hosts are a good thing and can be a great
It would be fairly useful if Cisco had a published document that detailed
the minimum configuration for each major router line to support BGP with 1
to 4 full views. Of course, this would have to be periodically updated. By
this, I mean a separate overlay document for their entire router product
The (many) authors of the NANOG-Reform proposal would like to put out this
brief clarification to address some concerns from the community...
Clarification: There has been concern that this proposal would limit NANOG
mailing list reading/posting privileges or meeting attendance
that he's speaking not moderating.)
(we've not heard yet whether betty or susan from merit will also be speaking.)
--
paul vixie
martin hannigan
(moderators)
--
Daniel Golding
Network and Telecommunications Strategies
Burton Group
How much has the second number changed? Is this the result of worsening
aggregation or simply more address space being advertised?
Core routers won't even blink at 200k routes. I wonder how many enterprise
3x00/7x00 routers will fall over due to memory issues.
Also, as we have learned
isn't set in stone. Susan? Can we get it ratified to reflect a
more visible interaction for adjusting off topic threads, and begin using
it that way?
- billn
--
Daniel Golding
Network and Telecommunications Strategies
Burton Group
I'm under the impression that a discussion of that sort will occur in Los
Vegas. There has been significant off-list chatter regarding this.
Its entirely possible for nanog-l to be self policing, or, failing that, for
users to simply use procmail on those who wander off-topic (for some
helicopters
randy
--
Daniel Golding
Network and Telecommunications Strategies
Burton Group
, at this point in
time. Using humans (dedicated staff person) to stop spam isn't scalable -
automated processes are sending this stuff, we need systematic ways to fight
it - black/white lists, SPF, port 25 filtering, bayesian filtering and other
tools.
--
Daniel Golding
Network and Telecommunications
sort of electronic
catastrophe is, dare we hope, imminent.
In the mean time, I've decided to enjoy the Internet in the precious little
time it has left. (yes, that was sarcasm)
--
Daniel Golding
Network and Telecommunications Strategies
Burton Group
On 8/23/04 9:12 AM, Irwin Lazar [EMAIL PROTECTED] wrote:
One other word of advice, hotel space in this area has been pretty hard to
come by in recent months, book early or you may find that the closest
available room is in Maryland or at a resort like Landsdowne.
Also, there are lots of
Gee. If one takes this approach, all research is criminal. The fact is, some
amount of important science and research and some larger amount of silly
research is going on as a result of these probes.
An earlier response stated that a web server should be run on the
transmitting host. This is
.
Michel.
--
Daniel Golding
Network and Telecommunications Strategies
Burton Group
peering link sizes or
locations on RFP's, but they never ask about peering utilization or packet
loss. The former is both NDA and meaningless - the latter is terribly
important.
--
Daniel Golding
Network and Telecommunications Strategies
Burton Group
1 - 100 of 170 matches
Mail list logo
