> On 28 Mar 2024, at 12:08, Rainer Duffner via swinog
> wrote:
>
> Hi,
>
> and specifically the hardware the company behind it (anapaya) sells.
Before looking at technologies, one should always first define what one's
current situation is, what one's problems with that are and then what
ublic list
;)
Mailman3 does not do the @via trick yet unfortunately; hence why folks use
custom remailers quite often :)
Greets,
Jeroen
> On 8 Jun 2023, at 12:06, Jeroen Massar wrote:
>
>
>
>> On 8 Jun 2023, at 11:47, Jonas Meier via swinog
>> wrote:
>>
> On 8 Jun 2023, at 11:47, Jonas Meier via swinog
> wrote:
>
> Hi Franco, Dear List
>
> Thank you for your feedback.
>
> 1) I configured mailman3 [1] dmarc_mitigate_action to "munge_from" (to
> replace the from header) and dmarc_mitigate_unconditionally to true. My
> thought was that
Alg 7 is ancient and deprecated...
When one has DNS issues, especially DNSSEC related, run dnsviz:
https://dnsviz.net/d/gkb.ch/ZDeung/dnssec/
as that will show you what is off:
```
• gkb.ch zone: The server(s) were not responsive to queries over UDP.
(2001:67c:2350:11::bad:babe)
•
> On 27 Apr 2023, at 04:04, Matthias Hertzog via swinog
> wrote:
>
> Dear colleagues
>
> As some of you already figured, i‘m about to dive into the ISP scene again.
> „What a surprise“ ;-)
>
> I‘m currently evaluating datacenter switches. Current need is at least 12
> 10gig SFP ports and
> On 7 Dec 2022, at 13:04, Hendrik Jäger via swinog
> wrote:
>
> Hi
>
>> And this is a problem if you rely on something you can not verify
>> immediately. For example if I use a big hammer I immedialtey see the
>> results. But a degaußed Disk does not looked destroyed - you can not verify
The real answer, net to using it for target practice, shredding and melting
down is much easier: Full Disk Encryption.
Just lose the encryption keys and the data is useless. If you then also do one
of the above for fun, just added bonus.
FDE helps for the "my disks got stolen" case, but also
Hi,
If you configure it (remarks and/or geofeeds: attribute in whois), they will
come.
I see a bit below a thousand IPs fetching my geofeed data over the last few days
Quick grep (with some filtering due to versions etc) of UAs; see below; quite
some normal web crawlers, but also dedicated it
Hi,
Did you check if the customer's network is maybe infected with some botnet or
spambot that triggers honeypots?
Clearly, if the IP changes and the customer gets blocked again, it is something
being caused by the source IP...
Netflow... Netflow all the things ;)
Greets,
Jeroen
--
> On
Of course OOB, depending on location and requirements various options:
- IPMI built-in to many hosts (SuperMicro >X10 have Redfish and thus HTML5 KVM)
then you can always fix that host and continue from there if serial connected
etc.
- PCEngines APU (https://pcengines.ch/apu2.htm
ill of course, no official word about this change...
Guess that fixing things is easier than communicating :)
Greets,
Jeroen
--
On 2021-06-03 08:47, Jeroen Massar wrote:
Hi Folks,
Is there an official announcement that I missed?
Seems that blocklist.gespa.ch is the new place, and that all of
They could simply take it down by:
- Contacting their own customer (for which they are proxying)
- Stop providing proxy services to any entity and often for 'free'...
Fun that they contact you, while they are exposing it to the Internet ;)
Greets,
Jeroen
> On 20210706, at 13:20, Benoit
On 2021-06-23 10:48, Franco wrote:
On 22.06.21 08:58, Jeroen Massar wrote:
I suggest using a mailhost that has proper spam filtering, considering it is
trivial to identify
that the sending host is not properly configured, why bother accepting mail
from it?
That's not enough. In first place
ailin025.protonmail.ch; dkim=pass (2048-bit key)
> header.d=in3days.org header.i=@in3days.org header.b="pK1dKfuL"
> Authentication-Results: mailin025.protonmail.ch; spf=none
> smtp.mailfrom=in3d...@in3days.org
> Authentication-Results: mailin025.protonmail.ch; dmarc=no
Full headers would be rather useful to determine the real origin of that
message...
Greets,
Jeroen
> On 20210621, at 21:35, Serge Droz wrote:
>
> Hi all
>
> It seems there is a SWINOG member who should clean his computer.
>
> Happy hunting
> Serge
>
>
>
> Forwarded Message
Hi Folks,
Is there an official announcement that I missed?
Seems that blocklist.gespa.ch is the new place, and that all of
comlot.ch now points to gespa.ch, but filenames have been renamed too.
(see previous brokeness email in the mailarchive for old details).
Considering neither is under
On 2021-05-20 08:51, Gregor Riepl wrote:
the mailserver I use, does not support ACME setup. I can only do old
style SSL certificate requests.
for the webserver its not an issue though.
Why does the mail server need to support ACME?
Simply do periodic DNS verification and trigger a
On 2021-05-13 13:05, Andreas Fink wrote:
Jeroen Massar wrote on 13.05.21 10:46:
On 2021-05-13 11:29, Andreas Fink wrote:
Hello all,
I need to get some SSL certificates for some african country operations
and i can unfortunately not use letsencrypt for this.
Any reason? What are your
On 2021-05-13 11:29, Andreas Fink wrote:
Hello all,
I need to get some SSL certificates for some african country operations
and i can unfortunately not use letsencrypt for this.
Any reason? What are your requirements?
Would ZeroSSL (https://zerossl.com) who also do ACME work?
(yes people,
pull the directory and git and keep a watch
on it that way).
Greets,
Jeroen
--
> On 20210331, at 16:53, Jeroen Massar wrote:
>
> As it is 1 april tomorrow, some things expired yesterday:
>
>Not After : Mar 30 13:28:58 2021 GMT
>
> That thing is the
Hi Folks,
So there is the list:
https://www.swisscom.ch/dam/swisscom/en/ws/documents/E_BBCS-Documents/e_bbcs_supporting-documentprovedequipment.pdf
Anybody got a recommendation out of that for a bridge-only G.Fast modem?
Apparently FRITZ!Box 7582 does not do Bridge mode, but Zyxel XMG3927 does.
As it is 1 april tomorrow, some things expired yesterday:
Not After : Mar 30 13:28:58 2021 GMT
That thing is the COMLOT key to verify those Geldspielgesetz keys
for their fun list of worldwide casinos:
https://blacklist.comlot.ch/comlot_blacklist.txt
see full cert details
On 2021-03-16 21:04, Stefan Funke wrote:
Good afternoon SWINOG!
Since SWINOG is also a German-speaking network operator group, I wanted to take
the chance to invite you to the first DENOG Leadership Meetup.
ehh.. as the resident foreigner, I would like to point out that:
- You wrote
Follow-up: do not test with new tools.
So, as a few folks pointed me off-list rightly to it.. but my brain did not
click to this old issue... it is all because of the short key.
I think it was discussed on swinog before, but I'll add it again, as I found
the ticket where I reminded myself
On 2021-03-11 11:46, Jeroen Massar wrote:
So apparently there is a DNS entry for smtp.bluewin.ch, but that is not
the one to use as it was apparently EOLd in 2006 or so. Thanks for
offlist info that it is and this link[1] that describes:
smtpauths.bluewin.ch:465 so TLS only (which is good
Time: 1615459460
Timeout : 7200 (sec)
Verify return code: 0 (ok)
---
220 smtpauths.lb.bluewin.ch vimdzmsp-sfwd05.bluewin.ch Swisscom AG ESMTP
server ready
On 2021-03-11 09:25, Jeroen Massar wrote:
Hi,
(Possibly in relation to
http://lists.swinog.ch/public/swinog/2021-March/007457
Hi,
(Possibly in relation to
http://lists.swinog.ch/public/swinog/2021-March/007457.html, but in this case
not even a TCP ACK...)
It seems smtp.bluewin.ch (25 and 465 tested) is unreachable from all places I
checked (Init7, Quickline, BIT.nl).
Is that service normally open for Bluewin
I have your answer :)
$ telnet -6 www.swisscom.ch 80
Trying 2a02:a90:c400:5001::2...
telnet: Unable to connect to remote host: Connection refused
same for 443. It takes a while for it to respond with a RST... which is a
really cool one:
52 54 00 b2 ca 34 cc 4e 24 45 ef 00 86 dd 60
> On 20210225, at 16:52, Jean-Pierre Schwickerath wrote:
>
> Hi Jeroen
>> that "sinkhole" is just a misconfigured/internet-ignorant "load
>> balancer": those things do not care about ICMP...
>>
>> you are thus reaching the dest, it is just misconfigured: the Internet
>> is just HTTP for
On 2021-02-25 15:45, Jean-Pierre Schwickerath wrote:
Dear Swisscom Routing-Experts
Are you not peeing at swissIX anymore?
Your webserver www.swisscom.ch (2a02:a90:c400:4001::2) gives me a hard
time to be reached. Either it wants it traffic to be routed from Berne
via NL, UK, US and ends in a
On 2020-10-27 13:15, Gert Doering wrote:
Hi,
On Tue, Oct 27, 2020 at 01:00:59PM +0100, Jeroen Massar wrote:
Making sure one only egress mail that one is supposed to send
(SPF/DKIM/DMARC/ARC) is the only way to do that and would mean being a
good citizen on the Internet,
Much easier said than
On 2020-10-27 09:04, Gert Doering wrote:
Hi,
On Tue, Oct 27, 2020 at 08:40:39AM +0100, Jeroen Massar wrote:
Mail server admin can do a SPF check (or have a list of allowed source
email domains) before outbound and reject forwarding these emails.
I read this and I wonder "which of the
On 2020-10-27 08:01, Silvan M. Gebhardt wrote:
I assume this swiss provider has never allowed any customer to leave.
Every customer who changes DNS providers becuase their marketing decides on a
new website and not telling anyone and then their marketing department
hijacking the DNS, and
On 2020-10-27 00:01, Mueller Urs SBB CFF FFS wrote:
Thank you guys
well, technically, they (UCEProtect) are correct.
If an IP sends a mail with the From: header indicating a domain for
which an SPF record exists, and the sending IP is not supposed to send
it, then it is a misconfiguration
On 20201008, at 17:49, Maxim Samo wrote:
>
> Last time I looked ubs.com does use DKIM, SPF, and DMARC.
Easy to look:
There is SPF:
$ dig +short ubs.com txt|grep v=spf
"v=spf1 include:spf-a.ubs.com include:spf-hosted.ubs.com
include:spf.protection.outlook.com -all"
There is definitely
On 20201008, at 15:53, Markus Wild wrote:
>
> Hey Jeroen,
>
>> SPF is only a part of a solution to the battle of spam.
>
> SPF isn't suited to combat SPAM at all (including the whole other DKIM etc
> enchilada), since it's quite trivial for
> spammers to define these records correctly in
On 20201008, at 09:14, Markus Wild wrote:
> My take on your problem is the following:
> - SPF is bad and breaks mail delivery, don't use it. But, if someone defines
> SPF records, and they thus declare they
> want to shoot themselves into their feet, by all means, I encourage to block
> mails
On 2020-08-27 17:16, Benoit Panizzon wrote:
Hi List
A customer complained, he cannot reach the website of chinese embassy in
Switzerland.
CH.CHINA-EMBASSY.ORG
The DNS Servers are hosted under 125.208.4[567].0/24 and none of our
peers do announce those routes to us.
The all, according to the
that with a 'via' address:
When an incoming mail has a DKIM-Signature header, trident rewrites
From: to:
From: "Jeroen Massar [jer...@massar.ch]"
This so that it is clear what the From is; noting that many MUAs store
emails automatically in the addressbook; thus using e.g.
l.
On 2020-07-06 12:13, Steven Glogger wrote:
Hi community
We’re currently in discussion if we will proceed with our SwiNOG #27
plans or if not…
We would like to get your opinion.
Please help us and provide an honest answer to our really short
questinaire (will take 30sec to fill in):
See offlist reply for a direct contact.
Noting that here: if people have a problem, do make your problem known
on SwiNOG so that we can help each other in resolving problems ;)
Sometimes the right person at a company can make things move along.
Greets,
Jeroen
--
On 2020-06-18 15:26, Adrien
On 2020-06-12 20:16, Fredy Künzler wrote:
Dear all,
Please see below my communication with BAKOM (OFCOM) regarding the
official speed test measurement system which is proposed in the FDV
(Fernmeldedienstverordnung).
So I guess that all these providers will apply nice "QoS" to the well
known
Fredy,
Congratulations with such an amazing win!
This might just provide the possibility of smaller ISPs to actually have an
honest competition to the big established market monopolies.
The future will tell what this will change.
That this took 7 years though, could have been a killer for a
On 2020-03-31 10:13, Andreas Fink wrote:
> your reverse DNS is not matching for 157.161.57.26 as it returns
> aleka.scout.ch.
>
> list.scout.ch. is not the same as aleka.scout.ch
> You could do instead
>
>
> list.scout.ch MX 50 aleka.scout.ch
>
> or
>
> list.scout.ch CNAME aleka.scout.ch.
On 2020-01-28 17:24, Marco Kälin wrote:
Hi list,
Someone from Quickline mx ord dns team here?
You send VPBX Fax2Mail Messages from faxser...@business.quickline.ch.
Can you please check your spf record on business.quickline.ch?
root@localhost:~# dig @8.8.8.8 business.quickline.ch txt +short
On 2020-01-11 16:15, Jeroen Massar wrote:
As mentioned on Swinog IRC (yes we are alive there, join us! :):
admin.ch is unreachable due to broken DNSSEC.
And apparently fixed:
https://twitter.com/BIT_OFIT/status/1216035755350511619?s=20
8<-
Das @BIT_OFIT geht davon aus, dass
As mentioned on Swinog IRC (yes we are alive there, join us! :):
admin.ch is unreachable due to broken DNSSEC.
See:
https://dnsviz.net/d/admin.ch/dnssec/
8<
ch to admin.ch: No valid RRSIGs made by a key corresponding to a DS RR
were found covering the DNSKEY RRset, resulting in no secure
On 2019-11-12 21:51, Simon Ryf wrote:
Dear SwiNOG Community,
Please find general information about the SwiNOG #36 meeting below.
https://www.swinog.ch/meetings/swinog36/
Date: 14.10.2018 - Registration 08h15 - 09h15
Back to the future!
I can only assume 14.11.2019 aka 'tomorrow'
On 2019-10-31 08:47, Gregor Riepl wrote:
> Addendum, a possible solution for better collaboration between privately
> hosted Git platforms could be something like this:
> https://github.com/forgefed/forgefed
> (also based on https://github.com/go-gitea/gitea/issues/184 )
You might want to look
On 2019-10-31 08:27, Gregor Riepl wrote:
Git repo is only part of that solution.
The primary reason for difficulty switching to another 'git host' (gitlab,
github, https://git.sr.ht/, or self hosted) is issue tracking...
That is true, but it's also not something that is essential or needs to
On 2019-10-30 22:09, Gregor Riepl wrote:
Gregor, if I understand you correctly, you are implicitly saying "please
put your stuff on one of the big sites like github/gitlab/bitbucket".
I personally think that this is the wrong direction to move, as it
makes the Internet more dependent on a few
So instead of waiting for all that and never fixing a known issue:
They could just take a little Linux box with nginx (which is F5 now ...
funnily), assign the IPv6 address to that and proxy with that. Voila. Solved.
No need to have a load balancer for that as I doubt that sbb.ch gets more
On 2019-03-12 11:17, Alarig Le Lay wrote:
> Hi,
>
> I’m not from sbb, but it seems to work from here:
try a tracepath6, you likely have a 1500 MTUand yeah then it "works", not when
PtB gets involved though.
ICMPv6 (and other packets, 40% on one hop), are obviously being dropped...
Greets,
On 2019-03-12 10:32, Nico Schottelius wrote:
>
> Good morning,
>
> is anyone from sbb.ch reading here?
>
> https://sbb.ch does not load on IPv6 for us.
> It seems that packets > 1420 bytes are dropped inside the SBB network,
>
> Local PMTU / fragmentation seems to work, my local outgoing
> MTU
On 2019-01-11 13:26, Tobias Goeller wrote:
Hi All,
Anyone else having problems with customers using mail.protection.outlook.com or
spf.protection.outlook.com in their SPF Records?
Just asking (both records seem to be not resolvable at the moment...)
$ dig +short
As per twitter https://twitter.com/i/web/status/1057297710305435648
"See you on May 8th 2019 for #SwINOG35!"
That is teh answ3r! May the 8th be with us!
Greets,
Jeroen
On 2018-11-04 22:01, Jeroen Massar wrote:
On 2018-11-04 21:48, Simon Ryf wrote:
Dear SwiNOG’ers
Save the
On 2018-11-04 21:48, Simon Ryf wrote:
Dear SwiNOG’ers
Save the Date ! Put it in your Calendar - NOW :)
*Wednesday May 5^th 2019*is SwiNOG #35
May the 5th be with us, as that is a Sunday, not a Wednesday!? :)
Which is the real date we need to put in our calendars?
Greets,
Jeroen
On 2018-11-01 21:53, Rainer Duffner wrote:
Am 01.11.2018 um 21:26 schrieb Jeroen Massar :
TLDR:
On a related note:
Does anyone run a resolver with QNAME-minimization enabled?
Any problems, common or specific to certain domains?
At least everybody running unbound is (as it is the default
On 2018-11-01 09:18, Bill Woodcock wrote:
[..]
No, that’s false. Please read RFCs 7816 and 7871. Quad9 implements
the former and not the latter
And because of the latter instead of going to the local ISP netflix
cache one might go to the country-level cache or because it does not
know
l interest in the
data... somebody has to pay for it, and that can mostly only be solved
with the personal data collection nothing is for free in the end and
bills (and woody's :) have to be paid.
On 2018-11-01 06:24, Bill Woodcock wrote:
On Oct 29, 2018, at 11:38 PM, Jeroen Massar wro
On 2018-10-30 10:19, Fredy Kuenzler wrote:
As SWITCH has announced the sunset of http://mirror.switch.ch/ a while
ago we are happy to announce a successor mirror.init7.net.
https://mirror.init7.net
Awesome Freddy, thanks!
And of course, also a big thanks to SWITCH for hosting the original
On 2018-10-30 00:25, Bill Woodcock wrote:
On Oct 29, 2018, at 1:16 AM, Gregor Riepl wrote:
It seems like Salt is no longer supplying their own DNS servers when
establishing an LTE connection. Instead, the network responds with
Google DNS
servers (8.8.8.8 8.8.4.4).
I'd rather not send all my
On 2018-07-02 12:25, Manuel Schweizer wrote:
> Hey Tobi
>
> Not seeing what you are seeing, but I can really recommend Fail2Ban if you
> are not using it already.
[..]
> Failed attempts will now be logged and source IPs will be banned after
> several failed attempts.
Which is quite useless
On 2018-07-02 11:25, Tobias Oetiker wrote:
> Good Morning
>
> are you running an ssh daemon on non standard ports to avoid some of the
> drive-by-scanning ? we have been doing that for quite some time now with
> great reduction of scanning noise ...
I suggest running SSH always behind white-list
On 2018-07-02 09:45, Benoit Panizzon wrote:
[..]
> Also, such domains usually quite quickly get a bad reputation as hiding
> the whois data is something the 'bad guys' do. Also it becomes a bit
> more difficult, to verify if a domain is legit or not to decide upon
> well crafted phishing emails.
On 2018-05-31 17:55, Ralph Krämer wrote:
> Per,
>
> I just want to throw in the following:
>
> In case you want to subdelegate a part of a PTR zone, this seems to be the
> recommended way to do it:
>
> https://simpledns.com/kb/77/how-to-sub-delegate-a-reverse-zone
>
> jeroen, any comment on
On 2018-05-30 17:35, Per Jessen wrote:
> Jeroen Massar wrote:
>
>> On 2018-05-30 16:44, Per Jessen wrote:
>>> According to RFC1034 and 2181, a PTR record using a CNAME is not
>>> permitted. I believe this to still be correct, postfix certainly
>>> doesn't w
On 2018-05-30 16:44, Per Jessen wrote:
> According to RFC1034 and 2181, a PTR record using a CNAME is not
> permitted. I believe this to still be correct, postfix certainly
> doesn't work with a CNAME when it does a reverse lookup.
Postfix certainly does as:
$ dig +short
On 2018-02-19 12:57, Markus Wild wrote:
> Hi there,
>
> I've just come across a weird mail reception problem of some mails from
> Microsoft. Our servers insist that
> a specified MAIL FROM address can be resolved correctly, and this usually
> boils down to the following checks
> on the
On 2017-07-06 09:26, Viktor Steinmann wrote:
> Guys... is there any news on this topic?
Over the years the ML is slowly pacing down, likely having to do with
merging companies and people getting more busy with their private lives.
But if you like beer... http://www.beerontuesday.ch/ ;)
On 2017-03-01 23:49, Jeroen Massar wrote:
> On 2017-03-01 17:02, Franziska Lichtblau wrote:
[..]
Related paper:
http://www.caida.org/publications/papers/2017/using_loops_observed_traceroute/
Using Loops Observed in Traceroute to Infer the Ability to Spoof
8<---
Despite source IP a
On 2017-03-01 17:02, Franziska Lichtblau wrote:
> On Wed, Mar 01, 2017 at 12:50:49PM +0100, Jeroen Massar wrote:
>> On 2017-03-01 11:59, Franziska Lichtblau wrote:
>> [..]
>>>> Oh, and indeed, Switzerland is a bad place for BCP38, most networks
>>>&g
On 2017-03-01 11:59, Franziska Lichtblau wrote:
[..]
>> Oh, and indeed, Switzerland is a bad place for BCP38, most networks
>> allow spoofing on both IPv4 and IPv6.
>
> Which is "kinda good" for me cause only answers from people who are
> implementing
> all of that won't help us much
On 2017-03-01 09:58, Franziska Lichtblau wrote:
> Hi,
>
> we are a team of researchers from TU Berlin [1] working on a measurement
> project
> to assess the ramifications of traffic with spoofed source IP addresses in
> the
> Internet.
>
> To better understand the operational challenges that
On 2016-12-20 16:49, Viktor Steinmann wrote:
> On 20.12.2016 15:37, Gregor Riepl wrote:
>> How about Bern, Lausanne, Basel, St. Gallen, or somewhere else once in
>> a while?
>
> The original idea of the beer event was, to meet with a smaller group of
> geeks more often than during the "official"
[ Dear awesome folks from MELANI: Please present on this subject "being
a good netizen" / "What to report to MELANI" at next SWINOG :) ]
On 2016-12-16 08:44, Benoit Panizzon wrote:
[..]
> But what can the hoster/registrar do next? Can he contact his
> government's CERT team or the authorities and
On 2016-10-27 20:13, Christian Fahrni wrote:
> Hi Julien
>
> Yes, we are experiencing the same issues recently with ptr-requests
> forwarded to the iana blackhole nameservers.
>
> # dig -x 10.0.0.100 @blackhole-1.iana.org
Traceroute? :)
Those nodes are anycasted. See previous answer or google
On 2016-10-27 16:13, m...@mbuf.net wrote:
> Hi,
> are there some people experiencing issues on some AS when using
> iana blackhole nameservers for localnets?
That is a AS112 project (https://www.as112.net/) which is heavily anycasted.
You really want to do a traceroute for that destination.
On 2016-10-02 05:27, Rabbi Rob Thomas wrote:
> Dear team,
>
>> Since we see >1Tbps DDOS attacs in the wild, I suppose
>> out-of-the-box DDOS mitigation suppliers have lost this race. There
>> is no operator in Switzerland which can handle 1Tbps DDOS attacks.
>
>> When we saw DDOS against
On 2016-10-01 20:24, Patrick Albrecht wrote:
> Hi
>
> I'm a employee of a good known E-Commerce site here in switzerland and I
> would like to share some thoughts from my side if that's okay for all. I
> hope I understood well enough what you plan. Otherwise just ignore what
> I just wrote :)
>>
https://krebsonsecurity.com/2016/10/source-code-for-iot-botnet-mirai-released/
And now the script kiddies have their hands on it...
Enjoy that Internet...
Greets,
Jeroen
___
swinog mailing list
swinog@lists.swinog.ch
On 2016-10-01 16:51, Fredy Kuenzler wrote:
[..]
> To achieve this I think we need a collaborative community effort setting
> up a common procedure and define a BGP communitiy with the effect "do
> not announce beyond Switzerland".
Great initiative! If you need extra hands, don't hesitate to
On 2016-09-20 19:40, Gregor Riepl wrote:
>> That does not make IPv6 broken though, that makes people who think they
>> have to filter the wrong things broken.
>>
>> Misconfigurations is not something a protocol can solve.
>
> There's an RFC for that: https://www.ietf.org/rfc/rfc4890.txt
> Great
On 2016-09-20 15:58, Jim Romaguera wrote:
>
> On 20.09.2016 15:40, Jeroen Massar wrote:
>>
>>>> Anybody has a proper excuse? :)
>
> No I don't have an excuse but interested in the communities (& your)
> opinion re your challenge...
>
> o DHCPv6
On 2016-09-20 15:29, Gert Doering wrote:
> Hi,
>
> On Tue, Sep 20, 2016 at 03:20:56PM +0200, Jeroen Massar wrote:
>> On 2016-09-20 14:56, René Gallati wrote:
>> [..]
>>> I've activate IPv6 in my home network in 2011
>>
>> 2011, thus 5 years after
On 2016-09-20 13:00, Roger Schmid wrote:
> Just one .. Dropping MTU handling and point to layer7 should handle that
> doesnt let you feel strange ? So how could an app handle packet size
> thru L4 ?
Both IPv4 and IPv6 have this little protocol called ICMP (+ICMPv6) it is
very useful and for IPv6
On 2016-09-19 23:53, Roger Schmid wrote:
> |Come on folks, it is 2016! IPv6 is
> |*20 years* old...
> But still not matured enough to put on public usage
According to Google 10% of their traffic is IPv6.
Apple requires it for IOS.
How is it not 'mature'?
> beside of some
> design flaw it is in
On 2016-09-15 20:04, Gert Doering wrote:
> Hi,
>
> On Thu, Sep 15, 2016 at 12:11:44PM +0200, Jeroen Massar wrote:
>> Oh and note: Dual-stack IPv4 + IPv6, along with a /56 per user.
>
> What do you want this IPv4 stuff for? That's even, like, 40+ years old.
To access t
As there is an upcoming SwiNOG lets throw some people under the bus
before they arrive. Or at least allow them time to come up with more
excuses.
Some quotes from Swiss ISPs from the Call Your ISP page:
https://www.sixxs.net/wiki/Call_Your_ISP_for_IPv6
8<
"Currently, as demand for
On 2016-09-14 18:13, Andreas Fink wrote:
> I could do a presentation on the SCTP networking protocol which combines
> some features of TCP and UDP and offers some unique features neither TCP
> nor UDP have.
Is there any tool that actually uses SCTP ? :)
IPFIX is supposed to use it, but everybody
http://m.sfgate.com/business/article/40-years-on-the-Internet-transmits-every-aspect-9187484.php
For the people who like 'our history' ;)
Greets,
Jeroen
___
swinog mailing list
swinog@lists.swinog.ch
On 2016-08-28 14:11, Julien Sansonnens wrote:
> Just the kind of condescending and stupidly aggressive message that
> makes the charm of this type of list :)
Just a simple reality check, which you should have known about the
moment you where able to fill in the paperwork to get an ASN and a
On 2016-08-27 19:58, Julien Sansonnens wrote:
> Hello,
>
> Zaledia.com is a small not-for-profit organisation. We
> are a group of some interested technicians, IP networks
> enthusiasts. We like development and open protocols.
>
> We operate AS207149, and provide IPv6 connectivity to
> our
On 2016-05-17 12:03, Markus Meier wrote:
> Hello everybody
>
>
> We moved our equipment to a new location and a new IP range. In the
> first few days a lot of outgoing email where blocked from various
> reputation filters. In the meantime we could fix most of the issues.
> Phuh... ;-)
>
> Since
On 2016-03-22 14:39, Fredy Kuenzler wrote:
> In case you missed it: Swisscom now peering with Netflix after big
> shitstorm in social media and general media yesterday and today.
>
> http://pastebin.com/sgwD3qfh
>
> I suppose the peering policy of Swisscom is now obsolete, as well as
> their
On 2016-03-22 08:12, Charles Buckley wrote:
> I have also been having trouble with my Swiss provider (hosttech) making
> such insane spam rejections.
[..]
Have you considered choosing with your money?
Just like when you do not get IPv6[1] from your ISP or any other
feature, somebody else will
On 2016-03-18 08:44, Benoit Panizzon wrote:
[..]
> Wie sieht die Zukunft von ARF / X-ARF Complaints aus? Macht es
> überhaupt noch Sinn, solche zu versenden, oder soll man die betroffenen
> ISP und Hoster einfach sperren, da viele sowieso nicht mehr auf Spam
> Complaints reagieren?
Ich sage dir
On 2016-03-18 09:47, Franco Hug wrote:
> Hoi zaema,
>
> Ich beobachte das gleiche Verhalten mit contabo.de, aus dem Netz
> 178.238.224.0/22, evtl. gar 178.238.224.0/20 ...
>
>> DE-GIGA-HOSTING-20100728 178.238.224.0 - 178.238.239.255
>> CONTABO
On 2016-03-18 06:36, Klaus Ethgen wrote:
[..]
> Die IP 5.9.7.51 ist meine Outgoing-Adresse und ist seit Jahren der
> valide Mailserver meiner Domains. Ich kann auch ausschließen, daß über
> die Domain auch nur die geringste Spam oder andere Malware versendet
> wird.
Hetzner steht bei viele ISPs
On 2016-03-10 17:12, Andre Keller wrote:
> Dear fellow SwiNOGers,
>
> in the last few months we had several security audits and all of them
> proposed to disable tcp timestamps.
Did they also state why? :)
> (i.e. on Linux
> net.ipv4.tcp_timestamps=0). AFAIK roundtrip time calculation in tcp
>
1 - 100 von 273 matches
Mail list logo