[AFMUG] Fiber Mapping - 2018

[Cassidy B. Larson]

Last topic I see on this was from 2014. So maybe it’s time to review and ask 
again? What are you guys using for fiber mapping, now in 2018?

In 2014 I read:
Craig was doing google earth and excel sheets.
Chuck Hogg was using Manifold (kinda), and some Google Maps Engine.
Mike H was using ArcMap for his clients.
A few other google sheets. 

What’s changed, what’s new, what’re you using today? Same as before?  Something 
different? Why?

-c

Re: [AFMUG] OT Moviepass

[Cassidy B. Larson]

Gotta take a picture of the ticket stub now as proof you’re buying the right 
one. 

> On May 1, 2018, at 8:38 PM, CBB - Jay Fuller <par...@cyberbroadband.net> 
> wrote:
> 
> 
> Saw that limitation of seeing only one time...not a deal breaker.  
> Sucks...but not a deal breaker
> 
> Plus why not tell MoviePass you're seeing a movie you have no desire to see 
> and buy the ticket for the movie you want to see again
> 
> They're just rules...right? 
> 
> Sent from my smartphone
> 
> - Reply message -
> From: "Cassidy B. Larson" <c...@infowest.com>
> To: <af@afmug.com>
> Subject: [AFMUG] OT Moviepass
> Date: Tue, May 1, 2018 8:20 PM
> 
> Also can’t see movies more than once now. Blows. 
> 
> On May 1, 2018, at 18:48, Chuck McCown <ch...@wbmfg.com 
> <mailto:ch...@wbmfg.com>> wrote:
> 
>> Notice that new subscribers only get one movie per week now.

Re: [AFMUG] OT Moviepass

[Cassidy B. Larson]

Also can’t see movies more than once now. Blows. 

> On May 1, 2018, at 18:48, Chuck McCown  wrote:
> 
> Notice that new subscribers only get one movie per week now.

Re: [AFMUG] unimus pricing? ouch

[Cassidy B. Larson]

Why not Oxidized or Rancid?  We use Oxidized in-house. Free. Does all my 
Ciscos, Netonix, Mikrotik, and more.



> On Apr 19, 2018, at 1:02 PM, Mike Hammett  wrote:
> 
> https://unimus.net/download/Changelog.txt 
> 
> 
> 
> 
> -
> Mike Hammett
> Intelligent Computing Solutions 
>   
>  
>  
> 
> Midwest Internet Exchange 
>   
>  
> 
> The Brothers WISP 
>  
> 
> 
>  
> From: "Steve Jones"  >
> To: af@afmug.com 
> Sent: Thursday, April 19, 2018 1:58:58 PM
> Subject: [AFMUG] unimus pricing? ouch
> 
> Unimus has been on my todo list for some time, had a site router croak out, 
> thought "self, you had set up that unimus test server some time ago, you got 
> this"
> 
> well, self had only purchased 10 perpetual devices and it wont start
> 
> so i scurry over to the website to get around to buying the whole shooting 
> match. I see they heeded my advice, the inexpensive perpetual licence model 
> just wasnt viable.
> 
> Prices are where I thought they should be back when I was concerned about how 
> cheap it was, but now cheap me is hitting me in the sack for not getting some 
> more of those perpetual keys
> 
> I assume this product has only gotten better (even though it was pretty 
> awesome at the time)?
> 
> 4.5 per device a year doesnt seem unreasonable for peace of mind. Am I wrong?

Re: [AFMUG] USF on interstate wave

[Cassidy B. Larson]

If the wave crosses state lines you get USF applied automatically unless you 
can get it waived.

Ask your carrier for a “USF exemption form” and see what they say.  They may 
have to find the one person in the dusty back corner that handles it. I had to 
educate my sales rep on it, he had no idea. 

If you pay >$10,000/year in USF direct via your voip offering you’re no longer 
“de minims” status, and can get it waived on your waves. 

https://www.usac.org/cont/filers/de-minimis.aspx



> On Apr 12, 2018, at 8:25 AM, Mark Radabaugh  wrote:
> 
> I believe the rule says if more than x percentage of traffic is interstate 
> then USF applies.   If it’s intrastate then it doesn’t apply.   
> 
> As far as I am concerned for my intrastate (in state) circuits the traffic is 
> coming from my router interface and going to my other router interface.  What 
> the ultimate source and destination of those packets are is pretty hard for 
> me to determine.   The header I’m looking at says it goes to the other end.
> 
> Mark
> 
>> On Apr 12, 2018, at 4:26 AM, Paul McCall > > wrote:
>> 
>> I am very interested in this question as well.  Looking to understand the 
>> rules of which USF taxes is not in place.  We have some fiber leases coming 
>> up where I want to structure things properly
>>  
>> From: Af > On Behalf Of 
>> Carl Peterson
>> Sent: Wednesday, April 11, 2018 7:45 PM
>> To: af@afmug.com 
>> Subject: [AFMUG] USF on interstate wave
>>  
>> I know this has been covered before...  Got hit with a pretty substantial 
>> USF surcharge on a wave by Centurylink even after getting all taxes and fees 
>> estimated ahead of time by Level3.  USF wasn't in there but now they are 
>> saying pound sand.   
>>  
>> This is a wave between data centers.  Just used for internet.  We don't sell 
>> VOIP.  
>>  
>> Is there a way out of this?  Is USF appropriate on a wave with no phone 
>> service is involved?  Its kind of crazy at 21% 
> 

Re: [AFMUG] Rfelements

[Cassidy B. Larson]

According to the RF Elements Animal Farm prezzo, gain isnt everything :)



> On Apr 11, 2018, at 9:30 AM, Mike Hammett  wrote:
> 
> The gain is too low only if you aren't cutting your noise by more than the 
> signal you lose.  :-)
> 
> 
> 
> -
> Mike Hammett
> Intelligent Computing Solutions 
>   
>  
>  
> 
> Midwest Internet Exchange 
>   
>  
> 
> The Brothers WISP 
>  
> 
> 
>  
> From: "Sean Heskett" >
> To: af@afmug.com 
> Sent: Tuesday, April 10, 2018 9:12:30 PM
> Subject: Re: [AFMUG] Rfelements
> 
> Low gain but no side lobes, just one spot beam.
> 
> The 30* unit is the only one with a decent gain. If you go any wider than 30* 
> then the gain is too low in my opinion.
> 
> But you can use lots of 30* antennas per tower and with GPS sync you can 
> Re-use channels if you need.
> 
> 2 cents
> 
> -Sean
> 
> 
> On Tue, Apr 10, 2018 at 7:43 PM Steve Jones  > wrote:
> Can i get some non fanboy real world on these guys? Btw, i hate facebook 
> groups almost as much as dslreports or the ubnt forums, this is literally the 
> only place to get legitimate product info. 

Re: [AFMUG] PCI Compliance scan rejecting wildcard cert (CN)

[Cassidy B. Larson]

Don’t you control the reverse DNS for 65.126.126.5?  You could just modify it 
to be the right manage.bluespring.me  hostname 
rather than the 65-126-126-5.dia.static.bluespring.me 
.

It shouldn’t matter though for PCI compliance.  I’ve never had any PCI 
compliance folks complain about reverse DNS not matching the certificate.. 
Otherwise on a shared hosting server with someone’s cert for: 
www.joesfishandships.com , the reverse DNS of 
that shared IP is hosting.myorg.com .



> On Apr 11, 2018, at 9:21 AM, Jeremy  wrote:
> 
> Just got a response back from a different tech: "For the SSL Certificate with 
> Wrong Hostname, I have been informed that you can submit an Exception Request 
> under that finding:
> 
> Check the “Invalid Finding” radio button."
> 
> That is what I thought.
> 
> On Wed, Apr 11, 2018 at 9:14 AM, Jeremy  > wrote:
> We keep failing our PCI compliance over what I believe is an error on their 
> side.  Our wildcard cert covers *.bluespring.me , 
> which is used on multiple servers.  They are wanting an exact match to our 
> domain on the CN, which is "65-126-126-5.dia.static.bluespring.me 
> ".  To me, *.bluesping.me 
>  IS a match.  If I change the CN to that specific 
> billing server then it will not match the website server.  It was my 
> understanding that this is the entire point of having a wildcard cert.  
> Anyone else ever gone through this?  Does their analysis that *.bluespring.me 
>  is NOT a match seem right to everyone here?
> 
> 

Re: [AFMUG] Rfelements

[Cassidy B. Larson]

We have 8 APs on a mountain top, 2000 feet above the valley we’re covering. 
We used to use 45 degree UBNT sectors here (with less APs due to space of the 
sectors).
Moved to primarily 30 degree horns, with a couple of 40s. 
We’re better off now.  You just have to plan in advance what you want to 
cover.. 
We have different APs for “close” and “far” due to the spot beam. 
Took a bit of fine tuning to get the coverage we wanted, but we’re better off 
because of it. 


> On Apr 11, 2018, at 7:45 AM, Mike Hammett  wrote:
> 
> You have that the other way around. A horn would be ideal in a mountain area.
> 
> 
> 
> -
> Mike Hammett
> Intelligent Computing Solutions 
>   
>  
>  
> 
> Midwest Internet Exchange 
>   
>  
> 
> The Brothers WISP 
>  
> 
> 
>  
> From: "Sean Heskett" >
> To: af@afmug.com 
> Sent: Tuesday, April 10, 2018 10:49:19 PM
> Subject: Re: [AFMUG] Rfelements
> 
> I Totally agree with josh.
> 
> They have a specific purpose so if you can deploy within those parameters 
> they are great.
> 
> Unfortunately our area isn’t conducive to that type of deployment because of 
> terrain.  In the mountains you need antennas with a wider vertical beam 
> because your towers are on mtn peaks and some clients are same height as the 
> tower and other clients are on the valley floor.  It’s hard to use a spot 
> beam to cover all that.
> 
> In the Midwest or other flat areas I could see them being useful to spot beam 
> the population centers.
> 
> -Sean
> 
> 
> On Tue, Apr 10, 2018 at 8:29 PM Josh Reynolds  > wrote:
> They are great for stuff like 30/40Mhz wide, gps sync, put 4-6 on a pole in a 
> subdivision  or on a tower leg kinda thing. 
> 
> 
> If anybody thought they were for something else (ie long range), they didn't 
> read the data sheets.
> 
> Lightweight, low size, low wind load, perfectly circular pattern - great spot 
> beams. Good F/B ratio.
> 
> On Tue, Apr 10, 2018, 9:12 PM Robert  > wrote:
> I recently did a couple of tests with RF horns.   I was hoping for a lot
> and was disappointed.   I was hoping that they could be colocated
> closer than regular sectors that I use and the crosstalk signal levels
> were just about the same as the shielded sectors.   As far as the
> signals at the CPE's they were pretty good but not amazingly better for
> as small as the target area got reduced to.
> 
> On 4/10/18 6:43 PM, Steve Jones wrote:
> > Can i get some non fanboy real world on these guys? Btw, i hate facebook
> > groups almost as much as dslreports or the ubnt forums, this is
> > literally the only place to get legitimate product info.

Re: [AFMUG] new DNS

[Cassidy B. Larson]

Wondering if Google is going to up their game and announce 8.8.8.8 from their 
GGC cache clusters so it’s faster/closer than the 1.1.1.1 Cloudflare clusters.



> On Apr 3, 2018, at 9:25 AM, Bill Prince  wrote:
> 
> We seem to be close to both 8.8.8.8 (3ms RTT), and 1.1.1.1 (2ms RTT).
> Might be inclined to do a blend.
> 
> 
> bp
> 
> 
> On 4/3/2018 8:21 AM, Matt Hoppes wrote:
>> Well then. I’ll put a few more routers in my network. So they have to put 
>> equipment in my datacenter. :)
>> 
>> On Apr 3, 2018, at 11:18, Darin Steffl > > wrote:
>> 
>>> Cloudflare has posted that their goal is to be within 10ms of every ISP in 
>>> the world. So they're adding their to gear to regional datacenter's and 
>>> peering exchanges, not just major ones.
>>> 
>>> On Tue, Apr 3, 2018, 10:16 AM Seth Mattinen >> > wrote:
>>> On 4/3/18 8:09 AM, Darin Steffl wrote:
>>> > I've seen cloudflare racks and they have a ton of gear and reliability
>>> > built in. They also host two of the root dns servers. Their cache rate
>>> > will be much higher than our own servers as well.
>>> 
>>> 
>>> Oh well I host 6 root servers for redundancy: D, E, F, J, K, and L
> 

Re: [AFMUG] Ubnt - fiber

[Cassidy B. Larson]

5. What third-party ONUs can I connect to the UFiber OLT?
The UFiber ONUs are the only supported ONU that is compatible with the UFiber 
OLT. Other third-party ONUs will not connect properly to the UFiber OLT.
https://help.ubnt.com/hc/en-us/articles/36301287-UFiber-GPON-FAQ



> On Mar 8, 2018, at 8:00 AM, Jason McKemie <j.mcke...@veloxinetbroadband.com> 
> wrote:
> 
> But does Ubiquiti's OLT support other manufacturer's ONTs?
> 
> On Thursday, March 8, 2018, Cassidy B. Larson <c...@infowest.com 
> <mailto:c...@infowest.com>> wrote:
> They announced it two wispapalooza shows ago I think..  started shipping a 
> year ago or so?
> 
> They support a bunch of different OLTs:
> 
> https://help.ubnt.com/hc/en-us/articles/115009335068-UFiber-GPON-Supported-Third-Party-OLTs
>  
> <https://help.ubnt.com/hc/en-us/articles/115009335068-UFiber-GPON-Supported-Third-Party-OLTs>
> 
> 
> 
>> On Mar 8, 2018, at 7:25 AM, CBB - Jay Fuller <par...@cyberbroadband.net 
>> <mailto:par...@cyberbroadband.net>> wrote:
>> 
>> 
>> When did they add like an entire product line?  Is any of it standards / 
>> complaint / compatible with anything else?
>> 
>> I don't hear anyone talking about this stuff..
>> 
>> Sent from my smartphone
>> 
> 

Re: [AFMUG] Ubnt - fiber

[Cassidy B. Larson]

They announced it two wispapalooza shows ago I think..  started shipping a year 
ago or so?

They support a bunch of different OLTs:

https://help.ubnt.com/hc/en-us/articles/115009335068-UFiber-GPON-Supported-Third-Party-OLTs



> On Mar 8, 2018, at 7:25 AM, CBB - Jay Fuller  
> wrote:
> 
> 
> When did they add like an entire product line?  Is any of it standards / 
> complaint / compatible with anything else?
> 
> I don't hear anyone talking about this stuff..
> 
> Sent from my smartphone
> 

Re: [AFMUG] Sonar Billing Portal

[Cassidy B. Larson]

I have had zero issues with their portal code. Just stock ubuntu VM then follow 
their install instructions and done. Easy peasy lemon squeezy.
I customized the logo and some text on the main page via the config file, but 
that was really it. I haven’t looked at it much since.

--

Cassidy B. Larson
CTO - InfoWest, Inc.
Voice: 435-773-6073
c...@infowest.com



> On Feb 27, 2018, at 12:12 PM, Sterling Jacobson <sterl...@avative.net> wrote:
> 
> Again, I'm completely flummoxed by Sonar.
> 
> Apparently their customer portal isn't really a part of their system.
> 
> Any Sonar customer has to purchase and maintain their own linux system to 
> host the web/portal system.
> Then that ties into their main system BUT isn't immediately synched up with 
> their main system on any changes.
> 
> I've had several times where I've been on the phone with customers and made a 
> billing change in Sonar and the customer can't see it in the portal until an 
> unspecified amount of time goes by and it updates magically.
> 
> NOW my portal is completely out of the blue not responding to web requests 
> and appears offline to my customers, for over a day now.
> 
> Sonar can't figure it out and want me to nuke it and start over, which if I 
> remember, cost me a few hours of time to arrange DNS, SSH access, IPv4/6 
> changes, firewall, SSL, logo placement etc beyond their initial load.
> 
> I blame myself for not having set up incremental backups of it.
> I'll definitely fix that this time.
> 
> But man it would have been so much more simpler if Sonar actually had 
> themselves a hosted client page I could slap my logo on and change a few CSS 
> color marks.
> 
> What a PITA.

Re: [AFMUG] OT VPN over PPPOE

[Cassidy B. Larson]

Sounds like a MTU issue (PMTUD perhaps?).  I’m guessing the other side of the 
VPN was wanting MTU to be 1500 bytes, but due to PPPoE overhead the client 
won’t ever be able to receive the full 1500 bytes. So it’s sad and won’t work.

We use PPPoE and had one customer that couldn’t get to a random vendors 
webpage. Turns out the webserver he was connecting to was incorrectly 
configured and always replied with 1500 byte MTUs even though the sender says 
“no, I can’t do 1500 bytes!”. Wireshark packet capture told us that.  I suspect 
something similar for your issue.

-c


> On Feb 26, 2018, at 5:06 PM, Chuck McCown  wrote:
> 
> Had a customer that works from home.  Could not make his VPN work.
> We thought perhaps it was a port issue.  Opened the ports on the Smart RG.  
> No good.
> 
> He spend $150 over the weekend on a geek squad type of service and they 
> pointed their finger at us.
> 
> So, just because we haven’t tried it, we switched him to DHCP and it started 
> working.
> We are in the process of converting everyone to DHCP.
> 
> He wants a credit in the amount of the money he paid the geek squad.
> 
> Wonder if it was truly our fault.  Still don’t know why it started working or 
> what the problem was.

Re: [AFMUG] UBNT buy?

[Cassidy B. Larson]

I bought some early this AM.. Now i’m up 7%. 


> On Feb 20, 2018, at 10:21 AM, Josh Reynolds  wrote:
> 
> I like what UBNT could be more than what they are. That said, they are
> no Google or Apple.
> 
> On Tue, Feb 20, 2018 at 10:39 AM, Timothy Steele
>  wrote:
>> Buy what stock? UBNT is a early Google or or apple I would get stock if I
>> could lots of very cool new stuff coming out soon I would hold on to the
>> stock for a year
>> 
>> 
>> On Tue, Feb 20, 2018, 9:59 AM Jon Langeler 
>> wrote:
>>> 
>>> Any thoughts?
>>> 
>>> Jon Langeler
>>> Michwave Technologies, Inc.
>>> 
>> 

Re: [AFMUG] Content filtering - Trustwave

[Cassidy B. Larson]

Ask them about IPv6. I’ve been asking for years. No movement, no plans. They 
say I can bridge v6 through it and block all v6.. but that’s not a solution.



> On Feb 8, 2018, at 9:30 AM, Adam Moffett  wrote:
> 
> Unrelated to Chuck's thread, we started talking internally about offering 
> content filtering as a value add.
> 
> An initial conversation with Trustwave seemed promising, and I'm supposed to 
> have a follow up to discuss tech details later.
> 
> But does anybody still do this?  Is there still consumer interest?  How much 
> are/were you selling it for?

Re: [AFMUG] OT MoviePass

[Cassidy B. Larson]

Here’s a random question I had about this.. Can I buy my seat really early for 
a premier, then go by the next day and the next to buy another seat as a 
“buffer” on each side and in front and back.
Then, could I give some of these tickets to friends and family if I wanted to 
fill in my buffer?


> On Jan 14, 2018, at 11:31 AM, Darin Steffl  wrote:
> 
> Chuck,
> 
> You sound like us millennials who want everything NOW! Haha ;)
> 
> I'm 26 and fine waiting for the card in the mail but I also knew I'd have to 
> wait so my expectations were already set. The FAQ spells it out pretty 
> clearly.
> 
> On Jan 14, 2018 10:37 AM, "Chuck McCown"  > wrote:
> I know nothing about Fandor... yet.
> Still bummed out that I have to wait for the card.  I really thought I could 
> sign up, get the app and use it immediately.
> 
> From: CBB - Jay Fuller <>
> Sent: Saturday, January 13, 2018 7:24 PM
> To: af@afmug.com <>
> Subject: Re: [AFMUG] OT MoviePass
> 
> 
> Got moviepass for my wife today through the costco website - it came with a 
> streaming service too.  Anyone else see that?
> Is it any good?  Appeared to be mostly for movies.
> 
> "FANDOR"
> 
> 
> 
> - Original Message -
> From: Chuck McCown <>
> To: af@afmug.com <>
> Sent: Saturday, January 13, 2018 4:06 PM
> Subject: Re: [AFMUG] OT MoviePass
> 
> Patience sometimes is hard to come by...
> 
> From: Darin Steffl <>
> Sent: Saturday, January 13, 2018 1:38 PM
> To: af@afmug.com <>
> Subject: Re: [AFMUG] OT MoviePass
> 
> Chuck,
> 
> I activated mine as well but the FAQ states we have to wait for the physical 
> card to arrive before we can activate it and use it. This is unless your 
> theater supports the e-ticket through movie pass which none of my theaters do.
> 
> Your billing date starts when you receive and activate the physical card for 
> the first time.
> 
> Mine shipped a couple days after I redeemed the Costco offer online.
> 
> On Jan 13, 2018 2:14 PM, "Jaime Solorza" > wrote:
> Sounds Big Brotherish
> 
> Jaime Solorza
> 
> On Jan 13, 2018 1:07 PM, "CBB - Jay Fuller" > 
> wrote:
> 
> That is correct.  Mine came in about a week (after my mom got it for me for 
> Christmas).
> I used it for the first time last night - saw the commuter.  The card is 
> actually a credit card (mastercard)
> The app "activates" the card for use for 30 minutes while you are at the 
> movie house.
> The app uses gps to verify where you are and will only activate the credit 
> card while you are there (within 100 yards)
> You buy the movie ticket with the "moviepass" credit card.
> 
> 
> - Original Message -
> From: Chuck McCown <>
> To: af@afmug.com <>
> Sent: Saturday, January 13, 2018 1:12 PM
> Subject: Re: [AFMUG] OT MoviePass
> 
> It appears I have to wait for the physical cards to arrive before I can 
> activate the app.
> It wants the last 4 digits off the card.
> 
> From: Joe Novak <>
> Sent: Saturday, January 13, 2018 12:08 PM
> To: af@afmug.com <>
> Subject: Re: [AFMUG] OT MoviePass
> 
> It may seem odd.. but have you poked Costco support? I believe they are 
> fairly good about what they sell.
> 
> On Sat, Jan 13, 2018 at 1:02 PM, Chuck McCown > wrote:
> My wife bought two of them online from Costco.
> Still cannot make the app work.
> MoviePass so far has not responded with any support.
> 

Re: [AFMUG] Sonar Migration from Platypus

[Cassidy B. Larson]

The Sonar portal instance stores individual accounts in Sonar. Under 
General->Contacts->drop down (Portal Credentials).
The Sonar portal doesn’t store anything locally, just like Platypus.  I’m not 
sure why this is an issue for you now as it is the same for Platypus.  Sonar 
portal connects back via API to your Sonar instance. You just run a VM with 
their code (which is more secure than the platypus one), which has a handy 
dandy installer and you’re done.  The platypus web portal was MUCH harder to 
setup than Sonar’s.

We went through the migration as well early last year and elected to have 
people re-create their accounts the first time they paid their bill or tried to 
login. They’d get an email to the email address on file in Sonar and they got 
in. Easy peasy.  This was so we didn’t keep insecure passwords that were stored 
in plain text in Platypus. Sure it sucked the first month, but it’s more secure 
and they get much better experience via the Sonar portal than they ever did via 
Platypus one. If you want to set all their credentials to the same as it was 
with Plat, I guess you could do that as well. We just put a banner on the 
portal the first few months saying “hey, we switched billing systems, click the 
button below and we’ll email you a new portal credentials login request”.

We did a lot of our data export from Plat and import into Sonar ourselves with 
help from Sonar (Simon) on the import.  It took a bunch of go’s to make sure it 
worked right and we got everything we needed. We kept working through what we 
needed to get of Plat and getting it validated into Sonar until it was more or 
less ready to go. Then one night we shut plat, did the export, import into 
sonar and the next morning all our users and staff used Sonar going forward.

-c


--

Cassidy B. Larson
CTO - InfoWest, Inc.
Voice: 435-773-6073
c...@infowest.com



> On Jan 12, 2018, at 10:50 AM, Sterling Jacobson <sterl...@avative.net> wrote:
> 
> Plat encrypts stuff, but you can see their account password if you elect to I 
> guess.
> So yeah, that could have carried over I think.
> 
> BUT it appears to be two different systems with Sonar at that point.
> There is the Sonar instance, and then a completely separate website portal 
> instance which stores it’s own username/password I guess.
> That’s different from Plat, where Plat does have a separate website instance, 
> but it just a front for the SQL database.
> Sonar appears to be more new in that it has it’s own published API fronting 
> the database and the portal instance uses that I guess.
> 
> Yes, I am paying them during the transition period, but I got them to just 
> charge me the base amount per month while we do it.
> Transition was ‘free’. Which in my case means I still spent about $1000 to 
> have Spencer Lambert use some half broken scripting to “mostly” move my data 
> over. It was still well worth that money to save me time transferring 
> accounts and preserving autopay information though.
> 
> 
> 
> From: Af [mailto:af-boun...@afmug.com <mailto:af-boun...@afmug.com>] On 
> Behalf Of Josh Luthman
> Sent: Friday, January 12, 2018 9:12 AM
> To: af@afmug.com <mailto:af@afmug.com>
> Subject: Re: [AFMUG] Sonar Migration from Platypus
> 
> So you're paying them monthly and being charged to migrate?  Seems harsh.
> 
> You're paying someone to migrate and fixing it yourself?  What are you paying 
> for?
> 
> 
> Josh Luthman
> Office: 937-552-2340
> Direct: 937-552-2343
> 1100 Wayne St
> Suite 1337
> Troy, OH 45373
> 
> On Fri, Jan 12, 2018 at 8:16 AM, Mike Hammett <af...@ics-il.net 
> <mailto:af...@ics-il.net>> wrote:
> Doesn't Plat store things in plaintext? Why can't that be carried over?
> 
> 
> 
> -
> Mike Hammett
> Intelligent Computing Solutions <http://www.ics-il.com/>
>  <https://www.facebook.com/ICSIL> 
> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> 
> <https://www.linkedin.com/company/intelligent-computing-solutions> 
> <https://twitter.com/ICSIL>
> Midwest Internet Exchange <http://www.midwest-ix.com/>
>  <https://www.facebook.com/mdwestix> 
> <https://www.linkedin.com/company/midwest-internet-exchange> 
> <https://twitter.com/mdwestix>
> The Brothers WISP <http://www.thebrotherswisp.com/>
>  <https://www.facebook.com/thebrotherswisp>
> 
> 
>  <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg>
> From: "Sterling Jacobson" <sterl...@avative.net <mailto:sterl...@avative.net>>
> To: af@afmug.com <mailto:af@afmug.com>
> Sent: Thursday, January 11, 2018 10:47:23 PM
> 
> Subject: Re: [AFMUG] Sonar Migration from Platypus
> 
> It gets worse.
> 
> I wasn’t aware 

[AFMUG] Licensed Links 2Gbps+?

[Cassidy B. Larson]

I have a need to get around a couple of ridges with 2Gbps+ using licensed 
links. Lets say fiber is out of the question.
Two hops, 14 miles and 30 miles. Want to get as much bandwidth as possible.

I’m thinking QTY2 11GHz 80MHz channels using XPIC.  Thoughts?  Radios that’d do 
that best?
I heard SAF has a new Integra coming out that’ll do XPIC, but it’s a whiles 
out.  Other ideas (besides fiber)?

Thanks,

-c

Re: [AFMUG] AC AND solar charge controller???

[Cassidy B. Larson]

I use an Outback Power FLEXower ONE at my cabin.  Solar charging, and AC input 
for generator when I need it. Automatic Generator Start via their “MATE3” unit 
(and reporting).   It has everything integrated, so you just hang the unit, but 
is probably overkill for what you want.




> On Dec 5, 2017, at 5:05 PM, Bill Prince  wrote:
> 
> Has anyone seen a charge controller that will take AC input AND solar input?
> 
> I know that I've seen ones that combine wind and solar, so there must be some 
> that will allow primary power on AC, and backup/simultaneous input with solar 
> panels?
> 
> Purpose is a remote site where we expect more than average AC power outages, 
> but is we could also charge the batteries via solar, we would be good.
> 
> 
> --
> bp
> part15sbs{at}gmail{dot}com

Re: [AFMUG] 11 mile 11ghz gigabitish

[Cassidy B. Larson]

For 2+0 you just use an OMT that splits the H and V polarities out separately.  
It’s a piece of hardware that you put on both sides attached to the dish.


> On Nov 28, 2017, at 3:01 PM, Steve Jones  wrote:
> 
> the most i could get on the integra in their calculator is 643, but it doesnt 
> have option for 2+0
> 
> On Tue, Nov 28, 2017 at 3:42 PM, Sean Heskett  > wrote:
> SAF Integra-GS 2+0
> 
> http://saftehnika.com/en/integrags 
> 
> -Sean
> 
> On Tue, Nov 28, 2017 at 1:28 PM Steve Jones  > wrote:
> We have a phenomenal saf lumina link we get 366 out of. I can 2+0 this to get 
> to 732. using the existing 3 and 4 foot antennas
> 
> I wouldnt mind seeing a little more of our gigabit upstream connectivity 
> utilized here, somewhere along the same price using the same antennas
> 
> Im not at all impressed with the mimosa gear, its not full duplex and putting 
> that much variable latency into the network bringing our bandwidth into the 
> core of our network just seems like moving backward.
> 
> before I give my blessing, for what its worth, to the boss to order the SAF 
> gear, I just want to make sure there isnt a better option. Lumina is older 
> and nearing EOL im guessing, we have other places the units can be used.
> 
> on the same note, we bring this bandwidth up from the fiber by AF24 700 feet, 
> so probably should ask about a 24ghz (or anything) short link solution. Im 
> assuming af24hd will meet that need
> 

Re: [AFMUG] Six port fiber switch

[Cassidy B. Larson]

Cisco 3750G-12S.. EOL and OLD, but it’d work for 1G…and they’re CHEAP.
Or the new ignite fiber switches?
Or a planet?
Or a Cisco ASR 901 used on eBay assuming you get the right licenses?



> On Oct 26, 2017, at 4:21 PM, Jaime Solorza  wrote:
> 
> Options? ...not a Mikrotik fan ..
> 
> On Oct 26, 2017 4:19 PM, "Colin Stanners"  > wrote:
> Be careful of that CRS212-1G-10S-1S+ or similar, some that I've seen have all 
> the SFPs in the same metal block and are passively cooled with little air 
> movement... in hot environments the SFP block will conserve heat up to the 
> point that packet loss will appear as the SFPs cook.
> 
> On Oct 26, 2017 5:13 PM, "Bill Prince"  > wrote:
> Possibly the lowest cost would be something like the Mikrotik 
> CRS212-1G-10S-1S+IN Cloud Router Switch. That has 10 SFP cages and one SFP+ 
> cage. Cane be a router or a switch,
> 
> -bp
> 
> --
> bp
> part15sbs{at}gmail{dot}com
> 
> On Thu, Oct 26, 2017 at 2:59 PM, Jaime Solorza  > wrote:
> Need a switch to connect 6 fiber feeds... any recommendations?
> 

Re: [AFMUG] DDoS protection vendor?

[Cassidy B. Larson]

How much do they run?


> On Jul 14, 2017, at 10:04 AM, Andreas Wiatowski  
> wrote:
> 
> We implemented Corero.  It works as advertised, all our traffic is scrubbed 
> on the fly and only bad traffic is dumped This is at our main core, 2 
> separate 10Gbps feeds.  We also have a secondary site with 10Gbps and it has 
> a corero as well.  It has allowed us to sleep at night!
>  
> 
> Cheers,
> Andreas Wiatowski, CEO
> Silo Wireless Inc.
> 1-866-727-4138 x-600
> http://www.silowireless.com  
> >
> Wireless | Fibre | VoIP | PBX | IPTV
> _
> The contents of this email message and any attachments are intended solely 
> for the addressee(s) and may contain confidential and/or privileged 
> information and may be legally protected from disclosure. If you are not the 
> intended recipient of this message or their agent, or if this message has 
> been addressed to you in error, please immediately alert the sender by reply 
> email and then delete this message and any attachments. If you are not the 
> intended recipient, you are hereby notified that any use, dissemination, 
> copying, or storage of this message or its attachments is strictly prohibited.
>  
>  
> On 2017-07-13, 9:22 AM, "Af on behalf of Christopher Tyler" 
>  on behalf of 
> ch...@totalhighspeed.net > wrote:
>  
> We weren't able to find a "cost-effective" solution.
> What we found is that the cost is going to be based on the amount of 
> traffic that you receive as well as the cost for setup and equipment to do 
> the BGP switch for you it was well into the tens of thousands of dollars up 
> front. With four different upstream providers in four separate data centers, 
> the costs for us weren't justifiable.
> A small caveat which wasn't a problem for us since we already do BGP with 
> all of our upstream providers, but if your upstream doesn't do BGP you are 
> out of luck.
> 
> -- 
> Christopher Tyler 
> MTCRE/MTCNA/MTCTCE/MTCWE 
> Total Highspeed Internet Services 
> 417.851.1107
> 
> - Original Message -
> From: "Dev" >
> To: af@afmug.com 
> Sent: Wednesday, July 12, 2017 7:32:53 PM
> Subject: [AFMUG] DDoS protection vendor?
> 
> Who is a good for cost-effective DDoS protection and what are you paying? 
> My upstream really doesn’t now to handle a DDoS, so I’m looking for someone 
> to help with some subnets.
> 

Re: [AFMUG] SAF lumina and mikrotik

[Cassidy B. Larson]

Maybe try an FPoE? We've had numerous issues with older SAFs deciding to drop 
down to 100M on copper ports. I usually blame it on the person making crappy 
ends.. :)

> On Jul 13, 2017, at 17:00, Steve Jones  wrote:
> 
> is there any known issue with these things talking to each other. the two 
> luminas on a link drop to 100mb on the ethernet, I have a script somebody 
> gave me here to flap the mikrotik port and bring it back up to full gig. They 
> both have the transtector SS that came with them. I locked the mikrotik to 
> 1000 but it still flaps like the SAF occasionally tries to renegotiate like 
> the donald. Saf only shows 100 as an option to lock it

Re: [AFMUG] OT air travel

[Cassidy B. Larson]

Yeah, you get free Pre-check if you get Global Entry. If you bought Pre-check 
before getting Global Entry nothing changes, you just get Global Entry.
Honestly, I’d not worry about Global Entry if your airport you fly into accepts 
the mobile boarding pass, which most do now. You literally walk by everybody at 
all the kiosks (global entry included).  Most have mobile passport in the same 
queue for CBP review as those with Global Entry. 



> On Jul 13, 2017, at 2:41 PM, Josh Luthman  wrote:
> 
> Are you saying TSA Precheck comes with Global Entry?  I have TSA Precheck but 
> never heard of Global Entry before today.
> 
> 
> Josh Luthman
> Office: 937-552-2340
> Direct: 937-552-2343
> 1100 Wayne St
> Suite 1337
> Troy, OH 45373
> 
> On Thu, Jul 13, 2017 at 2:59 PM, Layne Sisk  > wrote:
> I have Global Entry and love it, I am TSA Precheck (I think that pretty much 
> comes with GE and with status) and I have not seen a big difference between 
> that and Clear, interested to see what you think.  Also look into an app 
> called Mobile Pass.  It only works at certain airports but it basically lets 
> you do everything you would do at a kiosk ahead of time and walk straight up 
> to the Customs Agent. 
> 
>  
> 
> Layne Sisk
> 
> ServerPlus
> 
> 801.426.8283, ext 102 
>  
> 
>  
>  
>
> 
>  
> 
> From: Af [mailto:af-boun...@afmug.com ] On 
> Behalf Of Chuck McCown
> Sent: Thursday, July 13, 2017 12:53 PM
> To: af@afmug.com 
> Subject: [AFMUG] OT air travel
> 
>  
> 
> I have had a global entry card from the moment they became available.  I love 
> it.  Check yourself into the country when arriving from overseas.  Skip the 
> long lines.  No removal of belt, shoes, computers from bags etc.
> 
>  
> 
> I just now signed up for Clear.  So supposedly I can skip the lines and go 
> directly to the TSA guy.  Will see.  $79/year if you are a Delta skymiles 
> member.  $50 for spouse.  Could make the difference on making a flight if 
> running late. 
> 
>  
> 
> Will be trying it in a week or so. 
> 
> 

Re: [AFMUG] OT air travel

[Cassidy B. Larson]

Security depends on the country/airport you’re coming from. I know they have US 
security in certain international airports (LHR, EDI, etc)..which helps with 
that.
I just got back from Caymans on the 5th and had to go through TSA after the CBP 
guy scanned my mobile-passport code and there was no TSA pre-check. I have 
Global Entry, TSA pre-check and did the mobile-passport.   At CBP I was in the 
same line as the global-entry folks, I just didnt have to wait at the kiosk.  
Which didnt help anything really because ATL closed for a bit due to a storm 
and we couldn’t collect our bags for an hour anyway.


> On Jul 13, 2017, at 1:44 PM, Chuck McCown <ch...@wbmfg.com> wrote:
> 
> Talking about immigration.  No long lines.  You just go to a kiosk and let 
> yourself into the USA.  All by yourself.
> 
> No security at all.
> 
> When entering the country security was done before you got on the flight.
> 
> From: Cassidy B. Larson <>
> Sent: Thursday, July 13, 2017 1:42 PM
> To: af@afmug.com <>
> Subject: Re: [AFMUG] OT air travel
> 
> Pretty sure Global entry from international air travel still requires you to 
> pass through TSA security and there’s no TSA-pre on international arrivals, 
> so belt/shoes/laptop have to come off.  Trust me, I’ve asked.  Global Entry 
> is done by CBP which is different than TSA.
> 
> Honestly, I’ve found the new “Mobile Passport” app is faster at getting 
> through the lines than Global Entry.  More people are going to Global Entry 
> and limited number of kiosks means there’s a small line there if you’re not 
> first off the plane.   You can do the mobile passport app submission while 
> you’re waiting for the plane to taxi to the gate and then walk all the way 
> through. No stopping at the kiosk to do the global entry stuff.
> 
> I haven’t done Clear, but TSA-pre check is plenty fast for me. Never more 
> than 2 people in front of my at the guy checking boarding cards.
> 
> 
>> On Jul 13, 2017, at 12:53 PM, Chuck McCown <ch...@wbmfg.com <>> wrote:
>> 
>> I have had a global entry card from the moment they became available.  I 
>> love it.  Check yourself into the country when arriving from overseas.  Skip 
>> the long lines.  No removal of belt, shoes, computers from bags etc.
>> 
>> I just now signed up for Clear.  So supposedly I can skip the lines and go 
>> directly to the TSA guy.  Will see.  $79/year if you are a Delta skymiles 
>> member.  $50 for spouse.  Could make the difference on making a flight if 
>> running late.
>> 
>> Will be trying it in a week or so.
> 
> 

Re: [AFMUG] OT air travel

[Cassidy B. Larson]

Pretty sure Global entry from international air travel still requires you to 
pass through TSA security and there’s no TSA-pre on international arrivals, so 
belt/shoes/laptop have to come off.  Trust me, I’ve asked.  Global Entry is 
done by CBP which is different than TSA.

Honestly, I’ve found the new “Mobile Passport” app is faster at getting through 
the lines than Global Entry.  More people are going to Global Entry and limited 
number of kiosks means there’s a small line there if you’re not first off the 
plane.   You can do the mobile passport app submission while you’re waiting for 
the plane to taxi to the gate and then walk all the way through. No stopping at 
the kiosk to do the global entry stuff.

I haven’t done Clear, but TSA-pre check is plenty fast for me. Never more than 
2 people in front of my at the guy checking boarding cards.


> On Jul 13, 2017, at 12:53 PM, Chuck McCown  wrote:
> 
> I have had a global entry card from the moment they became available.  I love 
> it.  Check yourself into the country when arriving from overseas.  Skip the 
> long lines.  No removal of belt, shoes, computers from bags etc.
> 
> I just now signed up for Clear.  So supposedly I can skip the lines and go 
> directly to the TSA guy.  Will see.  $79/year if you are a Delta skymiles 
> member.  $50 for spouse.  Could make the difference on making a flight if 
> running late.
> 
> Will be trying it in a week or so.

Re: [AFMUG] Windstream BGP

[Cassidy B. Larson]

https://onestep.net/communities/as7029/

Sent from my iPhone

> On Jun 19, 2017, at 20:03, George Skorup  wrote:
> 
> Anybody have a doc with detailed Windstream BGP communities? I can't find 
> anything on teh google. Nothing on their business support site either. Really 
> I'm just looking for the "do not advertise to AS" community string to try 
> to get around what I suspect is an overload/packet loss issue with one of 
> their peers.

Re: [AFMUG] OT Garage

[Cassidy B. Larson]

Imagine all the food storage that can fit in there!!



> On May 26, 2017, at 12:20 PM,   wrote:
> 
> Well, it is Utah...
>  
> From: Cameron Crum <>
> Sent: Friday, May 26, 2017 12:14 PM
> To: af@afmug.com <>
> Subject: Re: [AFMUG] OT Garage
>  
> That looks more like  a bunker.
>  
> On Fri, May 26, 2017 at 12:41 PM, > wrote:
>> Slightly more than B deck but no posts or pillars underneath.  It gets a 3" 
>> cap of concrete poured over it.
>> 
>> -Original Message- From: Sterling Jacobson
>> Sent: Friday, May 26, 2017 11:26 AM
>> To: af@afmug.com <>
>> Subject: Re: [AFMUG] OT Garage
>> 
>> 
>> I'm totally doing that on my next house.
>> 
>> 
>> -Original Message-
>> From: Af [mailto:af-boun...@afmug.com <>] On Behalf Of ch...@wbmfg.com <>
>> Sent: Friday, May 26, 2017 11:04 AM
>> To: af@afmug.com <>
>> Subject: [AFMUG] OT Garage
>> 
>> Got my floor/ceiling installed this morning.  I do not understand why they 
>> did not start at one end and place them all in a sequence.  When they came 
>> to install this last slab, the hole was too large and they had to scootch 
>> everything around. 
> 
>  

Re: [AFMUG] AF11 Experiences

[Cassidy B. Larson]

Gino,

What dishes did you use for 3' and 4’?  Did they come with cables?
Our radio waves 3’ did not come with cables and pasternack wanted like $200/ea 
per cable for low-loss ones.
Kept getting finger pointing from UBNT, Streakwave and Radio Waves about who 
was supposed to supply cables.. good times.



> On May 25, 2017, at 1:28 PM, Gino A. Villarini  wrote:
> 
> 2,3 and 4.  No issues
> 
> From: Af > on behalf of 
> SmarterBroadband >
> Reply-To: "af@afmug.com "  >
> Date: Thursday, May 25, 2017 at 3:21 PM
> To: "af@afmug.com " >
> Subject: Re: [AFMUG] AF11 Experiences
> 
> Good to hear.
> Are you using 2 foot or 3 foot dishes?
> Any issues with the N connectors at all?
>  
> From: Af [mailto:af-boun...@afmug.com ] On 
> Behalf Of Gino A. Villarini
> Sent: Thursday, May 25, 2017 11:58 AM
> To: af@afmug.com 
> Subject: Re: [AFMUG] AF11 Experiences
>  
> We have about 5 deployed, no issues so far… 
>  
> From: Af > on behalf of 
> SmarterBroadband >
> Reply-To: "af@afmug.com "  >
> Date: Thursday, May 25, 2017 at 2:46 PM
> To: "af@afmug.com " >
> Subject: [AFMUG] AF11 Experiences
>  
> We are looking to add some more Licensed Links to our network.
>  
> Does anyone actually have the AF11 in service.  Is it worth a look?  How is 
> it performing for you?  Any issues?
>  
> Just not sure if it is worth considering or should I be looking at existing 
> companied like;
>  
> Exalt ?
> Dragonwave ?
> SAIE ?
>  
> Or newer ones like
>  
> Alcoma
> Cablefree FOR3
>  
> Anyone tried the last two?
>  
> Just looking for best bang for the buck in non core ring usage.
>  
> Gino A. Villarini
> President
> Metro Office Park #18 Suite 304 Guaynabo, Puerto Rico 00968
> 
>  
> 
> Gino A. Villarini
> 
> President
> Metro Office Park #18 Suite 304 Guaynabo, Puerto Rico 00968
> 
> 
> 

Re: [AFMUG] Most common towers

[Cassidy B. Larson]

We dont do ANY 25G anymore.  Mostly 45G/55G’s. 


> On May 2, 2017, at 9:48 AM, ch...@wbmfg.com wrote:
> 
> Building a new tower mount.  Wondering what are the most popular towers.  25G 
> is my guess for #1.
> Opinions please. 

Re: [AFMUG] Hosted Email for ISPs?

[Cassidy B. Larson]

We do our own in-house still, have since the beginning of time. Currently, we 
have ~10,000 mailboxes. Normally they're $1 per mailbox with 1GB quota. For a 
10GB quota, they gotta pay for our spam filter (another $1/mon), that way I 
know it’s not going to get full of just spam.  I have two backend ZFS servers 
that have plenty of storage I/O and live mailbox syncing between each other. 
Once the operation is fine tuned and you have built in redundancy, it’s pretty 
painless and no real headaches.  Well, at least that’s what I’m seeing.   



> On Apr 28, 2017, at 3:20 PM, Chris Wright  wrote:
> 
> In a world where anyone can get a free 15GB gmail address, what is an ISP to 
> do? Hosted services are unyielding with their price structure and equally 
> miserly with mailbox storage. Of course, they get to worry about a lot of 
> things I enjoy not worrying about – Spam policies, storage I/O, AV, and all 
> the other headaches inherent to hosting email for more than two people. Is 
> there any goldilocks solution out there?
>  
> Chris Wright
> Network Administrator

Re: [AFMUG] mikrotik port monitor script

[Cassidy B. Larson]

I have an old SAF Lumina 18ghz that is single copper only. Before I knew better.
Part of me wants to open it up and wire up the SFP with a fancy ODC so I have a 
fiber port.



> On Apr 24, 2017, at 9:54 AM, Josh Luthman  wrote:
> 
> I thought it was Fiber or Fiber + Copper?  Can't remember for sure...
> 
> 
> Josh Luthman
> Office: 937-552-2340
> Direct: 937-552-2343
> 1100 Wayne St
> Suite 1337
> Troy, OH 45373
> 
> On Mon, Apr 24, 2017 at 11:13 AM, Mathew Howard  > wrote:
> Only if you ordered the SAF with a fiber port... I'm not sure if there's any 
> way they can be added if you got it with copper only. I made that mistake on 
> ours... but it was a long time ago, when I didn't know any better (it also 
> doesn't even cause any issue, so I don't really care, but still... ).
> 
> On Mon, Apr 24, 2017 at 9:50 AM, Josh Luthman  > wrote:
> Should have a "fiber port" with their badass connector on it.  Or an SFP.
> 
> 
> Josh Luthman
> Office: 937-552-2340 
> Direct: 937-552-2343 
> 1100 Wayne St
> Suite 1337
> Troy, OH 45373
> 
> On Mon, Apr 24, 2017 at 1:05 AM, Steve Jones  > wrote:
> do i drill a hole in the saf and push the fiber in the hole and the radio 
> mites will just make it work? :-)
> 
> 
> 
> On Sun, Apr 23, 2017 at 11:57 PM, Josh Luthman  > wrote:
> Best solution would be to do fiber IMO.  SFP right into the RB.
> 
> 
> Josh Luthman
> Office: 937-552-2340 
> Direct: 937-552-2343 
> 1100 Wayne St
> Suite 1337
> Troy, OH 45373
> 
> On Mon, Apr 24, 2017 at 12:32 AM, Steve Jones  > wrote:
> thanks man
> 
> i would lock it down but i dont know whats causing it, im fearful it would 
> just dump the link all together, which is fine if im on the network, but if 
> im off network (as i found out the hard way tonite) my remote access to the 
> shop drops and all the site routers ACLs limit access to the office IP. I had 
> to VPN into a contact services customer who is on our network and then 
> connect to our office so i could flip the port back on, this, btw is also why 
> i hate having to have static routes on our OSPF network,
> 
> On Sun, Apr 23, 2017 at 11:08 PM, Adam Moffett  > wrote:
> I'm 100% sure a script could do that.
> 
> :global interfacestats
> :global int "ether2"
> :set interfacestats value=[/interface ethernet monitor [find name=$int] 
> as-value]
> :if (($interfacestats->"rate")!="1000Mbps") do={/interface ethernet disable 
> [find name=$int]; :delay 3; /interface ethernet enable [find name=$int]}
> 
> That took me a strangely long time to figure out how to do because Mikrotik 
> scripts are friggin weird.   But there it is.  You could schedule that every 
> xx minutes if you wanted.
> :delay 3; might not be necessary.  I'm not sure.
> 
> On the other hand, what if you just disallow all auto-negotiation options 
> except for 1000/F ?
> 
> 
> -- Original Message --
> From: "Steve Jones"  >
> To: "af@afmug.com " >
> Sent: 4/23/2017 10:59:17 PM
> Subject: [AFMUG] mikrotik port monitor script
> 
>> we have a saf 11ghz primary link interconnecting our two upstream locations, 
>> about once every 6 or 7 months the mikrotik renegotiates to 100mbps. 
>> disable/enable the port fixes it.
>> 
>> Ive never been able to reproduce it because it only happens once or twice a 
>> year.
>> 
>> Is there a script i can run on the mikrotik that monitors that specific port 
>> and flaps it if it is ever not running 1gbps?
> 
> 
> 
> 
> 
> 

[AFMUG] Trango Apex

[Cassidy B. Larson]

I have a trango apex power supply that bit the dust. Says -48v on it. I don't 
have a spare -48v. Thoughts on quickest way to restore it to service? I got 
plenty of saf ones that show 48v. 

Re: [AFMUG] IgniteNet / Angie press release

[Cassidy B. Larson]

What’s this Tri-band Metrolinq?



> On Apr 19, 2017, at 9:45 AM, Harold Bledsoe  wrote:
> 
> In case some of you find it interesting.  :-)
> 
> http://www.prweb.com/releases/2017/04/prweb14251893.htm 
> 
> 
> Thanks,
> -Hal

Re: [AFMUG] Backhauling fiber 80 miles at 10Gig

[Cassidy B. Larson]

Not that you wont need them, but maybe someone else would and you can sell a 
channel to them?


> On Apr 14, 2017, at 12:07 PM, Paul McCall  wrote:
> 
> Wow, I can’t imagine needing that many channels of 10G anytime in the near 
> future.  But, I guess ya never know
>   <>
> From: Af [mailto:af-boun...@afmug.com ] On 
> Behalf Of Mike Hammett
> Sent: Friday, April 14, 2017 1:26 PM
> To: af@afmug.com 
> Subject: Re: [AFMUG] Backhauling fiber 80 miles at 10Gig
> 
> They do have smaller ones, but the cost of the mux isn't that much. Our 18 
> channel ones are about $1500 for the pair, IIRC.
> 
> 
> 
> -
> Mike Hammett
> Intelligent Computing Solutions 
>   
>  
>  
> 
> Midwest Internet Exchange 
>   
>  
> 
> The Brothers WISP 
>  
> 
> 
>  
> From: "Paul McCall" >
> To: af@afmug.com 
> Sent: Friday, April 14, 2017 11:16:21 AM
> Subject: Re: [AFMUG] Backhauling fiber 80 miles at 10Gig
> 
> This looks like it supports 40 channels, I really just need one (for now), 
> but if that is part of the HW config needed, 8 channel would be more than 
> sufficient.
> 
> Paul
> 
> From: Af [mailto:af-boun...@afmug.com ] On 
> Behalf Of Faisal Imtiaz
> Sent: Friday, April 14, 2017 8:35 AM
> To: af@afmug.com 
> Subject: Re: [AFMUG] Backhauling fiber 80 miles at 10Gig
> 
> Use this tool to help you understand and design LH fiber solutions.
> 
> http://www.fs.com/support/dwdm-edfa-amplifier-for-long-haul-applications-100 
> 
> 
> 
> Regards.
> 
> Faisal Imtiaz
> Snappy Internet & Telecom
> 7266 SW 48 Street
> Miami, FL 33155
> Tel: 305 663 5518 x 232
> 
> Help-desk: (305)663-5518 Option 2 or Email: supp...@snappytelecom.net 
> 
> 
> From: "Paul McCall" >
> To: af@afmug.com 
> Sent: Friday, April 14, 2017 2:45:54 AM
> Subject: [AFMUG] Backhauling fiber 80 miles at 10Gig
> What equipment can we use (cost efficient) to light up 80 miles of dark fiber 
> at 10gbit?
> 
> Paul, PDMNet

[AFMUG] FS: UBNT R5AC-PTMP + AM-5AC22-45

[Cassidy B. Larson]

I have a bunch of used UBNT R5AC-PTMP-US and AM-5AC22-45 (45 degree sector) 
with installed RF Armor shield kits.
Also have a number of other random UBNT sectors with shield kits collecting 
dust.  Any interest in any of it, hit me up off list.

Thanks!

Re: [AFMUG] Backhauling fiber 80 miles at 10Gig

[Cassidy B. Larson]

Bah it’s late.. 80 miles != 80 km..


> On Apr 14, 2017, at 12:55 AM, Cassidy B. Larson <c...@infowest.com> wrote:
> 
> Get some CWDM passive splitters on both sides:
> 
> https://www.fs.com/c/cwdm-mux-demux-177 
> <https://www.fs.com/c/cwdm-mux-demux-177>
> 
> Then color matching CWDM 10G SFP+ optics:
> 
> http://www.fs.com/c/cwdm-sfp-plus-65?70-80km=286 
> <http://www.fs.com/c/cwdm-sfp-plus-65?70-80km=286>
> 
> Looks like $600/ea end for CWDM 10G SFP+ and 8 channel CWDM for $330/ea end.
> 
> $1200 + $660 + shipping and you can add another 7x10G links later.
> 
> 
> 
>> On Apr 14, 2017, at 12:45 AM, Paul McCall <pa...@pdmnet.net 
>> <mailto:pa...@pdmnet.net>> wrote:
>> 
>> What equipment can we use (cost efficient) to light up 80 miles of dark 
>> fiber at 10gbit?
>> 
>> Paul, PDMNet
> 

Re: [AFMUG] Backhauling fiber 80 miles at 10Gig

[Cassidy B. Larson]

Get some CWDM passive splitters on both sides:

https://www.fs.com/c/cwdm-mux-demux-177

Then color matching CWDM 10G SFP+ optics:

http://www.fs.com/c/cwdm-sfp-plus-65?70-80km=286

Looks like $600/ea end for CWDM 10G SFP+ and 8 channel CWDM for $330/ea end.

$1200 + $660 + shipping and you can add another 7x10G links later.



> On Apr 14, 2017, at 12:45 AM, Paul McCall  wrote:
> 
> What equipment can we use (cost efficient) to light up 80 miles of dark fiber 
> at 10gbit?
> 
> Paul, PDMNet

Re: [AFMUG] OT Cisco LACP

[Cassidy B. Larson]

Treat them as Layer3 PTPs and use equal cost OSPF to load balance them.  Then 
use MPLS to transport your Layer2 VLANs between sites if you need to..


> On Apr 12, 2017, at 12:42 PM, Chuck McCown  wrote:
> 
> Our complications are having complications...
>  
> We have two 10G circuits.  One is on a ring and the other is direct.  Both 
> originate at the same point and terminate at the same point.  But one of them 
> has the ability for route diversity.
>  
> We are trying to bundle them.  Not happy.  How else can we load balance or 
> bond them or overflow to one when the other is at capacity?
>  
> From: Josh Baird <>
> Sent: Wednesday, April 12, 2017 12:40 PM
> To: af@afmug.com <>
> Subject: Re: [AFMUG] OT Cisco LACP
>  
> Don't know specifically, but I bet the answer is burred somewhere deep in 
> this document:
>  
> http://www.cisco.com/c/en/us/td/docs/routers/asr9000/software/asr9k_r4-2/interfaces/configuration/guide/hc42asr9kbook/hc42lbun.pdf
>  
> 
>  
> On Wed, Apr 12, 2017 at 2:34 PM, Chuck McCown > wrote:
>> asr9000
>>  
>> From: Josh Baird <>
>> Sent: Wednesday, April 12, 2017 12:32 PM
>> To: af@afmug.com <>
>> Subject: Re: [AFMUG] OT Cisco LACP
>>  
>> Totally dependent on the hardware/cards that you are using.
>>  
>> On Wed, Apr 12, 2017 at 2:24 PM, Chuck McCown > wrote:
>>> Trying to put two 10 Gig circuits into one bundle.  It appears the router 
>>> is not happy if they are on different cards.  Is it a requirement that 
>>> bundling circuits must be on the same interface pcb?
>> 
>>  
> 
>  

Re: [AFMUG] some more cisco vlan questions

[Cassidy B. Larson]

check your spanning-tree for that VLAN on both switches.

# sho spanning-tree vlan 1066

Gotta make sure it’s also created on the 2nd switch, but the above command will 
clue you into that if there isnt any spanning tree instances for that VLAN.



> On Apr 12, 2017, at 11:51 AM, Dave  wrote:
> 
> Ok,
>  I am not sure where I went wrong but I have 2 vlans coming over a trunk to 
> another switch 
> I configured both trunk interfaces on each switch to allow the 2 vlans I need.
> I configure 2 ports 1 with each access to the vlans I need to have access to.
> 
> one vlan passes with no issue and the other will not pass traffic at all. 
> VLAN1066 is the one with issue.
> The other switch has the same trunk config on its interface with another 
> trunk port to the router.
> 
> 
> here is a partial config of the main switch 
> lan internal allocation policy ascending
> !
> vlan 2,10,28,50,106,1000,1066,1100 
> !
> !
> !
> interface FastEthernet0/1
>  switchport access vlan 1066
>  switchport mode access
> !
> interface FastEthernet0/2
>  switchport access vlan 1100
>  switchport mode dynamic desirable
> !
> interface GigabitEthernet0/2
>  switchport trunk encapsulation dot1q
>  switchport trunk allowed vlan 1,1000,1066,1100
>  switchport mode trunk
> !
> 
> 
> Here is the main switch to router
> !
> interface GigabitEthernet1/0/1
>  switchport trunk encapsulation dot1q
>  switchport trunk allowed vlan 1000,1001,1066,1100,2000,2001,2400,2801,2825
>  switchport trunk allowed vlan add 3065
>  switchport mode trunk
> !
> 
> Any ideas or guidance would be great
> 
>  
> -- 
> 

Re: [AFMUG] CISCO VLAN question

[Cassidy B. Larson]

switchport trunk native vlan sounds like what you’re after?
It’ll pass an untagged vlan across a trunk port.

> On Apr 7, 2017, at 9:26 AM, Dave  wrote:
> 
> Ok,
> So I want to manage my radio link and provide public access over that link.
> How do I configure my Cisco for switchport trunk to allow the customer to 
> connect at the other end with a sonicwall for his public ip?
> So the topology of this is
> Vlan 1000 is a managed vlan
> Vlan 2400 is the public access vlan
> Cisco port is mode trunk dot1q to allow both vlans but since the customer 
> dont have a vlan to configure on his sonic wall I would need my radios to 
> allow
> switchport access of 2400
> 
> Is there a way to tell the cisco to allow switchport access for vlan2400 on 
> the same trunked port?
> 
> Any ideas will be helpful
> 
> Thanks
> Dave
> 
> --
> 

Re: [AFMUG] MPLS/VPLS MTU

[Cassidy B. Larson]

I always suggest you max out all your MTUs.  MTU sizes have to match on both 
sides of a MPLS tunnel as well.
It’s always nice to have equal or greater MTU available in between those two 
end points. 9200+ bytes or bust!  :)


> On Apr 5, 2017, at 1:36 PM, Jason McKemie  
> wrote:
> 
> Thanks.
> 
> So I want to set my Layer2 MTU on the Mikrotik Interface to something greater 
> than 1530, then the MTU on the interface to something greater than 1530, but 
> less than I have the Layer2 MTU set to?  Then just set the MPLS MTU to 1530?  
> Is there any rule of thumb for the gap between all of these?
> 
> On Wed, Apr 5, 2017 at 2:13 PM, Sterling Jacobson  > wrote:
> My MTU on all MPLS stuff is set for over 9000 so I can do jumbo.
> 
>  
> 
> If you don’t want fragmentation or problems, your native MTU on layer2 needs 
> to be larger probably.
> 
> Then the next layer up a bit smaller, and so on so that you can again pass 
> layer2 over the MPLS network at 1530.
> 
>  
> 
>  
> 
> From: Af [mailto:af-boun...@afmug.com ] On 
> Behalf Of Jason McKemie
> Sent: Wednesday, April 5, 2017 12:46 PM
> To: af@afmug.com 
> Subject: [AFMUG] MPLS/VPLS MTU
> 
>  
> 
> What is the best way to test a link to make sure you're not going to have 
> issues running MPLS over it?  Can the packets be fragmented, or will that 
> cause issues?  I'm able to ping the other end of a couple of links with 1530 
> byte packets, but when I disallow fragmentation, things stop working. 
> 
>  
> 
> -Jason
> 
> 

Re: [AFMUG] OT: anyone bought $SNAP ?

[Cassidy B. Larson]

Kinda like slack:

https://youtu.be/QiUaOkTFxoU




> On Mar 3, 2017, at 10:10 AM,   wrote:
> 
> I was too scared.  I don’t even really know what the company does. 
>  
> From: Gino Villarini <>
> Sent: Friday, March 3, 2017 9:57 AM
> To: af@afmug.com <>
> Subject: [AFMUG] OT: anyone bought $SNAP ?
>  
> Bought at $24, now at $28.. Not bad
>  
> 
> Gino Villarini
> 
> President
> Metro Office Park #18 Suite 304 Guaynabo, Puerto Rico 00968
> 
> 

Re: [AFMUG] OT: Google knows

[Cassidy B. Larson]

But then he goes on to say: "In the meantime, Green recommends that users 
update to iOS 9.3 and the latest version of OS X, which implement fixes that 
mitigate some, though not all, of the vulnerability.”.

Curious if this vulnerability is still around on iOS 10.2 as the article was 
written a year ago when 9.3 or whatever was out.



> On Feb 25, 2017, at 12:46 PM, Josh Reynolds <j...@kyneticwifi.com> wrote:
> 
> "Green complimented iMessage for using “end-to-end encryption” dating back to 
> 2011, but unfortunately it appears as though Apple uses the term quite 
> loosely. True end-to-end encryption would keep messaging conversations 
> between only those participating internally. Apple’s protection of iMessage 
> does not extend to the server, leaving a gap in its defenses."
> 
> Read more: 
> http://www.digitaltrends.com/computing/despite-apples-push-for-encryption-imessage-remains-insecure/#ixzz4ZjCRwCfI
>  
> <http://www.digitaltrends.com/computing/despite-apples-push-for-encryption-imessage-remains-insecure/#ixzz4ZjCRwCfI>
> Follow us: @digitaltrends on Twitter 
> <http://ec.tynt.com/b/rw?id=a4WNn6KVyr4yHaacwqm_6r=digitaltrends> | 
> DigitalTrends on Facebook 
> <http://ec.tynt.com/b/rf?id=a4WNn6KVyr4yHaacwqm_6r=DigitalTrends>
> 
> On Feb 25, 2017 1:43 PM, "Cassidy B. Larson" <c...@infowest.com 
> <mailto:c...@infowest.com>> wrote:
> I see nothing in that article that says iMessages are stored unencrypted on 
> Apples servers, which is what you initial stated.
> 
> I do see it state: "If a hacker were to take hold of the key server, they 
> would in turn be able to intercept messages as they are being typed — those 
> that have not already undergone the encryption process.”
> 
> However, the same with anything using a key encryption.  If someone has your 
> device key, wouldn’t they be able to decrypt your messages?
> 
> 
> 
>> On Feb 25, 2017, at 12:37 PM, Josh Reynolds <j...@kyneticwifi.com 
>> <mailto:j...@kyneticwifi.com>> wrote:
>> 
>> http://www.digitaltrends.com/computing/despite-apples-push-for-encryption-imessage-remains-insecure/
>>  
>> <http://www.digitaltrends.com/computing/despite-apples-push-for-encryption-imessage-remains-insecure/>
>> 
>> On Feb 25, 2017 1:35 PM, "Cassidy B. Larson" <c...@infowest.com 
>> <mailto:c...@infowest.com>> wrote:
>> I’m not sure I agree with that. Just reading up on this article from August 
>> of last year:
>> 
>> http://www.tomshardware.com/news/imessage-weak-encryption-matthew-green,32466.html
>>  
>> <http://www.tomshardware.com/news/imessage-weak-encryption-matthew-green,32466.html>
>> 
>> Couple of points from the article:
>> 
>> - Undelivered messages ARE stored encrypted on Apples servers for up to 30 
>> days.  Sure someone with the appropriate key can decrypt them. That’s 
>> nothing new.
>> - Cloud backups store your messages, they’re encrypted.. and supposedly 
>> Apple can decrypt them? Or not?  If you’re a terrorist and/or extra 
>> paranoid, turn them off or use WhatsApp.. Oh wait, don’t they have a 
>> backdoor? :)
>> - They say iMessage is “Not any better than normal TLS”.. well, it’s 
>> encrypted. Better than not!
>> -  From this it also appears Apple implemented most of their short-term 
>> vulnerability patches for old clients.
>> 
>> I assume if both sides of the conversation are running the latest iOS 
>> version, then they’re much more “secure” than running older un-patched ones.
>> Just be sure to patch both sides of your iOS devices before your 
>> terrorist-ing messages are sent! LOL
>> 
>> -c
>> 
>> 
>>> On Feb 25, 2017, at 12:05 PM, Josh Reynolds <j...@kyneticwifi.com 
>>> <mailto:j...@kyneticwifi.com>> wrote:
>>> 
>>> That's bullshit. iMessage is not encrypted on Apple servers, which the 
>>> messages pass through. This is why iMessage isn't considered true "end to 
>>> end" crypto. There have been several papers written on this.
>>> 
>>> On Feb 25, 2017 1:00 PM, "Travis Johnson" <t...@ida.net 
>>> <mailto:t...@ida.net>> wrote:
>>> Nope... iMessage is encrypted and not even Apple can read the messages.
>>> 
>>> Travis
>>> 
>>> On 2/25/2017 11:47 AM, Bill Prince wrote:
>>> Just like iMessage and Siri.
>>> 
>>> 
>>> bp
>>> <part15sbs{at}gmail{dot}com>
>>> 
>>> On 2/25/2017 8:12 AM, Travis Johnson wrote:
>>> Now Google will be reading all of your text messages as well... if you use 
>>> an Android phone that is... LOL
>>> 
>>> https://www.cnet.com/news/google-takes-on-apple-imessage-with-enhanced-sms-for-android-rcs/
>>>  
>>> <https://www.cnet.com/news/google-takes-on-apple-imessage-with-enhanced-sms-for-android-rcs/>
>>> 
>>> Travis
>>> 
>>> 
>>> 
>>> 
>> 
> 

Re: [AFMUG] OT: Google knows

[Cassidy B. Larson]

Dont get me wrong, I’m NOT saying iMessage is true end-to-end encryption, just 
that the messages aren’t stored unencrypted on the server.

> On Feb 25, 2017, at 12:43 PM, Cassidy B. Larson <c...@infowest.com> wrote:
> 
> I see nothing in that article that says iMessages are stored unencrypted on 
> Apples servers, which is what you initial stated.
> 
> I do see it state: "If a hacker were to take hold of the key server, they 
> would in turn be able to intercept messages as they are being typed — those 
> that have not already undergone the encryption process.”
> 
> However, the same with anything using a key encryption.  If someone has your 
> device key, wouldn’t they be able to decrypt your messages?
> 
> 
> 
>> On Feb 25, 2017, at 12:37 PM, Josh Reynolds <j...@kyneticwifi.com 
>> <mailto:j...@kyneticwifi.com>> wrote:
>> 
>> http://www.digitaltrends.com/computing/despite-apples-push-for-encryption-imessage-remains-insecure/
>>  
>> <http://www.digitaltrends.com/computing/despite-apples-push-for-encryption-imessage-remains-insecure/>
>> 
>> On Feb 25, 2017 1:35 PM, "Cassidy B. Larson" <c...@infowest.com 
>> <mailto:c...@infowest.com>> wrote:
>> I’m not sure I agree with that. Just reading up on this article from August 
>> of last year:
>> 
>> http://www.tomshardware.com/news/imessage-weak-encryption-matthew-green,32466.html
>>  
>> <http://www.tomshardware.com/news/imessage-weak-encryption-matthew-green,32466.html>
>> 
>> Couple of points from the article:
>> 
>> - Undelivered messages ARE stored encrypted on Apples servers for up to 30 
>> days.  Sure someone with the appropriate key can decrypt them. That’s 
>> nothing new.
>> - Cloud backups store your messages, they’re encrypted.. and supposedly 
>> Apple can decrypt them? Or not?  If you’re a terrorist and/or extra 
>> paranoid, turn them off or use WhatsApp.. Oh wait, don’t they have a 
>> backdoor? :)
>> - They say iMessage is “Not any better than normal TLS”.. well, it’s 
>> encrypted. Better than not!
>> -  From this it also appears Apple implemented most of their short-term 
>> vulnerability patches for old clients.
>> 
>> I assume if both sides of the conversation are running the latest iOS 
>> version, then they’re much more “secure” than running older un-patched ones.
>> Just be sure to patch both sides of your iOS devices before your 
>> terrorist-ing messages are sent! LOL
>> 
>> -c
>> 
>> 
>>> On Feb 25, 2017, at 12:05 PM, Josh Reynolds <j...@kyneticwifi.com 
>>> <mailto:j...@kyneticwifi.com>> wrote:
>>> 
>>> That's bullshit. iMessage is not encrypted on Apple servers, which the 
>>> messages pass through. This is why iMessage isn't considered true "end to 
>>> end" crypto. There have been several papers written on this.
>>> 
>>> On Feb 25, 2017 1:00 PM, "Travis Johnson" <t...@ida.net 
>>> <mailto:t...@ida.net>> wrote:
>>> Nope... iMessage is encrypted and not even Apple can read the messages.
>>> 
>>> Travis
>>> 
>>> On 2/25/2017 11:47 AM, Bill Prince wrote:
>>> Just like iMessage and Siri.
>>> 
>>> 
>>> bp
>>> <part15sbs{at}gmail{dot}com>
>>> 
>>> On 2/25/2017 8:12 AM, Travis Johnson wrote:
>>> Now Google will be reading all of your text messages as well... if you use 
>>> an Android phone that is... LOL
>>> 
>>> https://www.cnet.com/news/google-takes-on-apple-imessage-with-enhanced-sms-for-android-rcs/
>>>  
>>> <https://www.cnet.com/news/google-takes-on-apple-imessage-with-enhanced-sms-for-android-rcs/>
>>> 
>>> Travis
>>> 
>>> 
>>> 
>>> 
>> 
> 

Re: [AFMUG] OT: Google knows

[Cassidy B. Larson]

I see nothing in that article that says iMessages are stored unencrypted on 
Apples servers, which is what you initial stated.

I do see it state: "If a hacker were to take hold of the key server, they would 
in turn be able to intercept messages as they are being typed — those that have 
not already undergone the encryption process.”

However, the same with anything using a key encryption.  If someone has your 
device key, wouldn’t they be able to decrypt your messages?



> On Feb 25, 2017, at 12:37 PM, Josh Reynolds <j...@kyneticwifi.com> wrote:
> 
> http://www.digitaltrends.com/computing/despite-apples-push-for-encryption-imessage-remains-insecure/
>  
> <http://www.digitaltrends.com/computing/despite-apples-push-for-encryption-imessage-remains-insecure/>
> 
> On Feb 25, 2017 1:35 PM, "Cassidy B. Larson" <c...@infowest.com 
> <mailto:c...@infowest.com>> wrote:
> I’m not sure I agree with that. Just reading up on this article from August 
> of last year:
> 
> http://www.tomshardware.com/news/imessage-weak-encryption-matthew-green,32466.html
>  
> <http://www.tomshardware.com/news/imessage-weak-encryption-matthew-green,32466.html>
> 
> Couple of points from the article:
> 
> - Undelivered messages ARE stored encrypted on Apples servers for up to 30 
> days.  Sure someone with the appropriate key can decrypt them. That’s nothing 
> new.
> - Cloud backups store your messages, they’re encrypted.. and supposedly Apple 
> can decrypt them? Or not?  If you’re a terrorist and/or extra paranoid, turn 
> them off or use WhatsApp.. Oh wait, don’t they have a backdoor? :)
> - They say iMessage is “Not any better than normal TLS”.. well, it’s 
> encrypted. Better than not!
> -  From this it also appears Apple implemented most of their short-term 
> vulnerability patches for old clients.
> 
> I assume if both sides of the conversation are running the latest iOS 
> version, then they’re much more “secure” than running older un-patched ones.
> Just be sure to patch both sides of your iOS devices before your 
> terrorist-ing messages are sent! LOL
> 
> -c
> 
> 
>> On Feb 25, 2017, at 12:05 PM, Josh Reynolds <j...@kyneticwifi.com 
>> <mailto:j...@kyneticwifi.com>> wrote:
>> 
>> That's bullshit. iMessage is not encrypted on Apple servers, which the 
>> messages pass through. This is why iMessage isn't considered true "end to 
>> end" crypto. There have been several papers written on this.
>> 
>> On Feb 25, 2017 1:00 PM, "Travis Johnson" <t...@ida.net 
>> <mailto:t...@ida.net>> wrote:
>> Nope... iMessage is encrypted and not even Apple can read the messages.
>> 
>> Travis
>> 
>> On 2/25/2017 11:47 AM, Bill Prince wrote:
>> Just like iMessage and Siri.
>> 
>> 
>> bp
>> <part15sbs{at}gmail{dot}com>
>> 
>> On 2/25/2017 8:12 AM, Travis Johnson wrote:
>> Now Google will be reading all of your text messages as well... if you use 
>> an Android phone that is... LOL
>> 
>> https://www.cnet.com/news/google-takes-on-apple-imessage-with-enhanced-sms-for-android-rcs/
>>  
>> <https://www.cnet.com/news/google-takes-on-apple-imessage-with-enhanced-sms-for-android-rcs/>
>> 
>> Travis
>> 
>> 
>> 
>> 
> 

Re: [AFMUG] OT: Google knows

[Cassidy B. Larson]

I’m not sure I agree with that. Just reading up on this article from August of 
last year:

http://www.tomshardware.com/news/imessage-weak-encryption-matthew-green,32466.html
 


Couple of points from the article:

- Undelivered messages ARE stored encrypted on Apples servers for up to 30 
days.  Sure someone with the appropriate key can decrypt them. That’s nothing 
new.
- Cloud backups store your messages, they’re encrypted.. and supposedly Apple 
can decrypt them? Or not?  If you’re a terrorist and/or extra paranoid, turn 
them off or use WhatsApp.. Oh wait, don’t they have a backdoor? :)
- They say iMessage is “Not any better than normal TLS”.. well, it’s encrypted. 
Better than not!  
-  From this it also appears Apple implemented most of their short-term 
vulnerability patches for old clients. 

I assume if both sides of the conversation are running the latest iOS version, 
then they’re much more “secure” than running older un-patched ones. 
Just be sure to patch both sides of your iOS devices before your terrorist-ing 
messages are sent! LOL

-c


> On Feb 25, 2017, at 12:05 PM, Josh Reynolds  wrote:
> 
> That's bullshit. iMessage is not encrypted on Apple servers, which the 
> messages pass through. This is why iMessage isn't considered true "end to 
> end" crypto. There have been several papers written on this.
> 
> On Feb 25, 2017 1:00 PM, "Travis Johnson"  > wrote:
> Nope... iMessage is encrypted and not even Apple can read the messages.
> 
> Travis
> 
> On 2/25/2017 11:47 AM, Bill Prince wrote:
> Just like iMessage and Siri.
> 
> 
> bp
> 
> 
> On 2/25/2017 8:12 AM, Travis Johnson wrote:
> Now Google will be reading all of your text messages as well... if you use an 
> Android phone that is... LOL
> 
> https://www.cnet.com/news/google-takes-on-apple-imessage-with-enhanced-sms-for-android-rcs/
>  
> 
>  
> 
> Travis
> 
> 
> 
> 

Re: [AFMUG] SAF Lumina firmware

[Cassidy B. Larson]

You have to have registered an account. Once you login there will be firmware 
download options available for each device in their support section. 


> On Feb 18, 2017, at 10:51, Andreas Wiatowski  wrote:
> 
> Hi All,
>  
> Doing some upgrades.  I have absolutely no idea where to find the SAF Lumina 
> firmware.  Anyone have an archive they can share or a link?  Their website 
> has nothing.
>  
> Cheers,
> __
> Andreas Wiatowski | CEO
> Silo Wireless Inc.
> Email  andr...@silowireless.com
> 19 Sage Court
> Brantford, Ontario N3R 7T4 (CANADA)
> Tel +1.519.449.5656  Extension-600|Fax +1.519.449.5536 |Toll Free 
> +1.866.727.4138
>  

Re: [AFMUG] MPLS

[Cassidy B. Larson]

MPLS is supposed to be “faster” than pure IP routing.  It wont have to lookup 
the full route in the route table.. just match the appropriate label to the 
label table. 
If that is true on Mikrotik, I couldn’t tell you.


> On Feb 17, 2017, at 3:59 PM, Sterling Jacobson  wrote:
> 
> We use it for both and then a few more tags for business clients with 
> multiple POPs hanging off our network.
>  
> Works great.
>  
> Just want to push the envelope more with my capacity.
>  
>  
> From: Af [mailto:af-boun...@afmug.com ] On 
> Behalf Of Jason McKemie
> Sent: Friday, February 17, 2017 3:36 PM
> To: af@afmug.com 
> Subject: Re: [AFMUG] MPLS
>  
> I was debating on whether to just use VPLS for my management traffic and then 
> routing customer traffic as normal, or put both in separate VPLS instances.
> 
> On Friday, February 17, 2017, Sterling Jacobson  > wrote:
> I’m using it on 6.38 and so far so good.
>  
> I use it all over and at the core.
>  
> But I’m still experiencing ‘slow downs’ at the VPLS port where I don’t get 
> 9Gbps anymore, and it appears to be reduced to 5Gbps and 2Gbps for up/down.
>  
> So I’m thinking of reverting back to straight OSPF and VRRP for my main 
> customer end routing.
>  
> From: Af [mailto:  <>af-boun...@afmug.com 
> ] On Behalf Of Jason McKemie
> Sent: Friday, February 17, 2017 1:27 PM
> To:  <>af@afmug.com 
> Subject: [AFMUG] MPLS
>  
> I'm starting to utilize MPLS/VPLS at the edge of my network for a specific 
> location, but am wondering if there is any reason to not just use it all the 
> way back to the core.  What are the pros/cons of using MPLS?  I would think 
> that you could save some public IPs if nothing else.
>  
> Also, has anyone had any issues with MPLS/VPLS on the latest stable RouterOS 
> version (6.38.1)?
>  
> -Jason

Re: [AFMUG] Outdoor Fiber Jumpers

[Cassidy B. Larson]

I asked them before about it and they can make some:

LC/UPC to LC/UPC Duplex Singlemode Waterproof Fiber Patch Cable with PE (UV 
protected) jacket.
Length- 3m
Breakout Length-0.5m
Outlet: 2.4mm
 
Unit Price: $16.54

However, minimum order quantity is 1000 meters.. heh.

They also said the armored cable isn't recommended to be used outdoors. 

Speaking of outdoor pre-made cables.. anybody got a source for outdoor shielded 
cat6 patch cables? I’d like to try some of these F-POEs out. 



> On Feb 14, 2017, at 12:55 PM, Nate Burke  wrote:
> 
> Armored PVC (OFNR) Patch Cable?� Doesn't say anything out indoor/outdoor 
> rating.� Unless I'm not in the right place.� 
> 
> On 2/14/2017 1:34 PM, Gino Villarini wrote:
>> Fiberstore.com  ?
>> 
>> On 2/14/17, 3:20 PM, "Af on behalf of Nate Burke" >  on
>> �
>> 
>> Gino Villarini
>> 
>> President
>> Metro Office Park #18 Suite 304 Guaynabo, Puerto Rico 00968
>> 
>> 
>> behalf of n...@blastcomm.com > wrote:
>> 
>> >Does anyone have a source for outdoor rated patch fiber patch cables?
>> >Like 10' or 20' SC/LC cables to go from a fiber distribution box to a
>> >radio.� Or are all patch cables inherently UV resistant?� Or with Fiber
>> >does it not matter.
>> 
> 
> 

Re: [AFMUG] Netflow

[Cassidy B. Larson]

I have Calix and am currently demo’ing Kentik.   
Calix is awesome at drilling down to the customer level (but it’s got Java).
Kentik is awesome to look at the global picture and drilling down to AS, path 
or upstream interfaces.



> On Feb 7, 2017, at 10:17 AM, Mike Hammett <af...@ics-il.net> wrote:
> 
> I can't imagine Calix's solution to be the same type of product as Kentik, 
> good or bad.
> 
> 
> 
> -
> Mike Hammett
> Intelligent Computing Solutions <http://www.ics-il.com/>
>  <https://www.facebook.com/ICSIL> 
> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> 
> <https://www.linkedin.com/company/intelligent-computing-solutions> 
> <https://twitter.com/ICSIL>
> Midwest Internet Exchange <http://www.midwest-ix.com/>
>  <https://www.facebook.com/mdwestix> 
> <https://www.linkedin.com/company/midwest-internet-exchange> 
> <https://twitter.com/mdwestix>
> The Brothers WISP <http://www.thebrotherswisp.com/>
>  <https://www.facebook.com/thebrotherswisp>
> 
> 
>  <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg>
> From: "Jesse DuPont" <jesse.dup...@celeritycorp.net 
> <mailto:jesse.dup...@celeritycorp.net>>
> To: af@afmug.com <mailto:af@afmug.com>
> Sent: Tuesday, February 7, 2017 9:59:18 AM
> Subject: Re: [AFMUG] Netflow
> 
> Calix's Compass is actually really good. It's hosted, priced based on 
> endpoints (not quantity of exporters), great categorization (i.e. Netflix, 
> Youtube, etc). They also do endpoint to customer mapping from various sources 
> (DHCP option-82, RADIUS, their own management platform, etc.).
> 
> Jesse DuPont
> Network Architect
> email: jesse.dup...@celeritycorp.net <mailto:jesse.dup...@celeritycorp.net>
> Celerity Networks LLC
> Celerity Broadband LLC
> Like us! facebook.com <http://facebook.com/celeritynetworksllc>/ 
> <http://facebook.com/celeritynetworksllc>celeritynetworksllc 
> <http://facebook.com/celeritynetworksllc>
> Like us! facebook.com 
> <http://facebook.com/celeritybroadband>/celeritybroadband 
> <http://facebook.com/celeritybroadband>
> 
> On 2/7/17 8:51 AM, Paul Stewart wrote:
> Depends on flow volumes and stuff.. talked to them at NANOG and conference 
> calls … 
> 
> For a low volume shop they seem to have a slick solution - only seen a brief 
> demo.  However, depending on volume they do not scale “well” - we were told 
> that we would need several racks of servers to deal with volume :(
> 
> Arbor Peakflow is the best product out there hands down … but it’s well into 
> 6 figures so your budget may not support it ….
> 
> On Feb 6, 2017, at 9:05 PM, Mike Hammett <af...@ics-il.net 
> <mailto:af...@ics-il.net>> wrote:
> 
> I haven't received a quote myself, but I hear it's a few hundred a month.
> 
> 
> 
> -
> Mike Hammett
> Intelligent Computing Solutions <http://www.ics-il.com/>
>  <https://www.facebook.com/ICSIL> 
> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> 
> <https://www.linkedin.com/company/intelligent-computing-solutions> 
> <https://twitter.com/ICSIL>
> Midwest Internet Exchange <http://www.midwest-ix.com/>
>  <https://www.facebook.com/mdwestix> 
> <https://www.linkedin.com/company/midwest-internet-exchange> 
> <https://twitter.com/mdwestix>
> The Brothers WISP <http://www.thebrotherswisp.com/>
>  <https://www.facebook.com/thebrotherswisp>
> 
> 
>  <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg>
> From: "Cassidy B. Larson" <c...@infowest.com <mailto:c...@infowest.com>>
> To: af@afmug.com <mailto:af@afmug.com>
> Sent: Monday, February 6, 2017 8:04:14 PM
> Subject: Re: [AFMUG] Netflow
> 
> How much?
> 
> 
> 
> On Feb 6, 2017, at 7:00 PM, Mike Hammett <af...@ics-il.net 
> <mailto:af...@ics-il.net>> wrote:
> 
> Kentik is the cat's ass, though it's not a few bucks a month.
> 
> 
> 
> -
> Mike Hammett
> Intelligent Computing Solutions <http://www.ics-il.com/>
>  <https://www.facebook.com/ICSIL> 
> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> 
> <https://www.linkedin.com/company/intelligent-computing-solutions> 
> <https://twitter.com/ICSIL>
> Midwest Internet Exchange <http://www.midwest-ix.com/>
>  <https://www.facebook.com/mdwestix> 
> <https://www.linkedin.com/company/midwest-internet-exchange> 
> <https://twitter.com/mdwestix>
> The Brothers WISP <http://www.thebrotherswisp.com/>
>  <https://www.facebook.com/thebrotherswisp>

Re: [AFMUG] Netflow

[Cassidy B. Larson]

How much?



> On Feb 6, 2017, at 7:00 PM, Mike Hammett  wrote:
> 
> Kentik is the cat's ass, though it's not a few bucks a month.
> 
> 
> 
> -
> Mike Hammett
> Intelligent Computing Solutions 
>   
>  
>  
> 
> Midwest Internet Exchange 
>   
>  
> 
> The Brothers WISP 
>  
> 
> 
>  
> From: "Sterling Jacobson" >
> To: "af@afmug.com " >
> Sent: Monday, February 6, 2017 7:38:27 PM
> Subject: [AFMUG] Netflow
> 
> What are your opinions on Netflow servers/software?
> 
> I've been doing some research into using Netflow again.
> Long time ago I used NTOP, but it sucked.
> Not sure if that's changed or not.
> 
> Ideally would be a much newer improved interface type system that was hosted 
> for a few bucks a month.
> Then I could just sign up and point my Netflow streams to it.
> 
> I need one that is geared towards ISPs, not Datacenter/Servers.
> 
> I don't care about netflowing and optimizing web sites, I want to profile my 
> customer traffic.
> Ideally it would include features necessary for CALIA and law enforcement 
> requirements.
> 
> If it was also great at syslog management that would be a plus.
> 
> The Dude currently sucks for syslog IMO.

Re: [AFMUG] Best Way to implement dual stack IPv4/6

[Cassidy B. Larson]

The section on “reasons for using longer prefixes”, specifically: 

5.2 . Neighbor Cache 
Exhaustion Issue

Intrigues me.  How someone could exhaust my neighbor cache by targeting every 
address in my PTP /64 :)

I dont think you really need SLAAC for PTP links anyway if you’re manually 
configuring those sorts of interfaces, which I do. Or I can just use link-local 
on internal PTPs.  Other /64-ish features like RS/RA I don’t particularly need 
on PTP links. 

-c

> On Jan 15, 2017, at 9:55 AM, Justin Wilson  wrote:
> 
> But, as with anything, you have tradeoffs.
> 
> Routers MUST support the assignment of /127 prefixes on point-to-
>point inter-router links.  Routers MUST disable Subnet-Router anycast
>for the prefix when /127 prefixes are used.
> 
> 
> Anything longer than a /64 will break SLAAC, neighbor discovery, and other v6 
> “stuff”.  If you don’t need these then a /127 is for you. Just know the 
> downsides of a /64 vs a /127. The RFC says you can do it, but it conflicts 
> with the before mentioned V6 stuff.   Frankly I don’t care about conserving 
> IPV6 space.  
> 
> 
> 
> Justin Wilson
> j...@mtin.net 
> 
> ---
> http://www.mtin.net  Owner/CEO
> xISP Solutions- Consulting – Data Centers - Bandwidth
> 
> http://www.midwest-ix.com   COO/Chairman
> Internet Exchange - Peering - Distributed Fabric
> 
>> On Jan 15, 2017, at 11:28 AM, Seth Mattinen > > wrote:
>> 
>> On 1/15/17 8:08 AM, Justin Wilson wrote:
>>> -assign a /64 for point to point links (aka the equivalent of /30s).
>>> Again, don’t think in terms of host count.  anything smaller than /64’s
>>> breaks things.  Some providers out there assign smaller blocks, but it
>>> breaks things and isn’t RFC. Using a /128 is a hot debate at the moment.
>>> Some folks are willing to live with the stuff that is broken. The whole
>>> /127 or /128 debate came up due to security concerns mainly.
>> 
>> 
>> Use of /127 on router links is RFC 6164
>> 
>> https://tools.ietf.org/html/rfc6164 
>> 
> 

Re: [AFMUG] Planet Switch

[Cassidy B. Larson]

But 100Gig!!! 

I also really like this feature: 

It can also operate as an extension shelf of Cisco ASR 9000 Series Aggregation 
Services Routers using network virtualization (nV) technology, consolidating 
multiple layers in the network and dramatically reducing operational costs.





> On Jan 10, 2017, at 4:38 PM, Josh Reynolds <j...@kyneticwifi.com> wrote:
> 
> He probably spent a few hundred on the planet switch...
> 
> 10k is probably more than the worth of all gear at the site :)
> 
> On Jan 10, 2017 5:33 PM, "Cassidy B. Larson" <c...@infowest.com 
> <mailto:c...@infowest.com>> wrote:
> How about Cisco NCS 5000 series?
> 
> http://www.cisco.com/c/en/us/products/collateral/routers/network-convergence-system-5000-series/datasheet-c78-736153.html
>  
> <http://www.cisco.com/c/en/us/products/collateral/routers/network-convergence-system-5000-series/datasheet-c78-736153.html>
> 
> 40x1/10GE + 4x100GE in 1U.
> or 80x1/10GE + 4x100GE in 2U
> 
> Pricing is not too shabby either “NEW” when I got quoted..  
> 
> 5001 is ~8-10k..  5002 is ~15-16k.
> 
> 
> 
>> On Jan 10, 2017, at 4:27 PM, Sterling Jacobson <sterl...@avative.net 
>> <mailto:sterl...@avative.net>> wrote:
>> 
>> Is there any other switch out there with around 48 ports 1U of SFP ports?
>> 
>> I would use an IBM or Force10, but their power consumption is MUCH higher 
>> per 1U/Port than the Planet switch.
>> 
>> Was going for low power high port density SFP switch with a few SFP+ 
>> ports/access.
>> 
>> Maybe I should be looking at a plane/card system with shared power backplane?
>> 
>> -Original Message-
>> From: Af [mailto:af-boun...@afmug.com <mailto:af-boun...@afmug.com>] On 
>> Behalf Of George Skorup
>> Sent: Tuesday, January 10, 2017 1:44 PM
>> To: af@afmug.com <mailto:af@afmug.com>
>> Subject: Re: [AFMUG] Planet Switch
>> 
>> I would definitely lock the SFP+ interface(s) to 1G or 10G, whatever is 
>> installed in the slot. Auto might work the first time, but if the link goes 
>> down, it won't work again until you force it and then set back to auto, or 
>> reboot the switch. So just leave it forced.
>> 
>> On 1/10/2017 1:20 PM, Sterling Jacobson wrote:
>>> It's a GS-5220-46S2C4X 48 port SFP switch with four SFP+ ports.
>>> 
>>> So maybe I need to lock down the SFP+ port to 10Gbps.
>>> 
>>> Also, I can't seem to find updated firmware for this switch.
>>> 
>>> Is Planet actively supporting and updating firmware for their switches?
>>> 
>>> The original and only firmware appears to be from 2015.
>>> 
>>> 
>>> 
>>> -Original Message-
>>> From: Af [mailto:af-boun...@afmug.com <mailto:af-boun...@afmug.com>] On 
>>> Behalf Of George Skorup
>>> Sent: Tuesday, January 10, 2017 12:07 PM
>>> To: af@afmug.com <mailto:af@afmug.com>
>>> Subject: Re: [AFMUG] Planet Switch
>>> 
>>> What model Planet 48 SFP switch are you using? My experience is with the 
>>> MGSW-28240F. The SFP+ slots will work on auto... until they don't. Auto in 
>>> this case being 1G/10G module speed detection. I don't think there's 
>>> ethernet auto-negotiation on those interfaces at all. You have to set the 
>>> other end at 1G or 10G FDX or the link won't work. If the other end is a 
>>> MikroTik, the interface will show up, because it's dumb and simply sees 
>>> light and thinks it's good.
>>> 
>>> On 1/10/2017 8:24 AM, Sterling Jacobson wrote:
>>>> I have a 48 port SFP switch with four SFP+ ports that keeps losing 
>>>> connectivity randomly to my IBM switch.
>>>> 
>>>> It requires a reboot to fix.
>>>> 
>>>> Nothing in the logs or reported by either switch other than the link is 
>>>> down from the IBM switch.
>>>> 
>>>> Anyone seen or experienced this with Planet?
>>>> 
>> 
> 

Re: [AFMUG] Planet Switch

[Cassidy B. Larson]

How about Cisco NCS 5000 series?

http://www.cisco.com/c/en/us/products/collateral/routers/network-convergence-system-5000-series/datasheet-c78-736153.html
 


40x1/10GE + 4x100GE in 1U.
or 80x1/10GE + 4x100GE in 2U

Pricing is not too shabby either “NEW” when I got quoted..  

5001 is ~8-10k..  5002 is ~15-16k.



> On Jan 10, 2017, at 4:27 PM, Sterling Jacobson  wrote:
> 
> Is there any other switch out there with around 48 ports 1U of SFP ports?
> 
> I would use an IBM or Force10, but their power consumption is MUCH higher per 
> 1U/Port than the Planet switch.
> 
> Was going for low power high port density SFP switch with a few SFP+ 
> ports/access.
> 
> Maybe I should be looking at a plane/card system with shared power backplane?
> 
> -Original Message-
> From: Af [mailto:af-boun...@afmug.com] On Behalf Of George Skorup
> Sent: Tuesday, January 10, 2017 1:44 PM
> To: af@afmug.com
> Subject: Re: [AFMUG] Planet Switch
> 
> I would definitely lock the SFP+ interface(s) to 1G or 10G, whatever is 
> installed in the slot. Auto might work the first time, but if the link goes 
> down, it won't work again until you force it and then set back to auto, or 
> reboot the switch. So just leave it forced.
> 
> On 1/10/2017 1:20 PM, Sterling Jacobson wrote:
>> It's a GS-5220-46S2C4X 48 port SFP switch with four SFP+ ports.
>> 
>> So maybe I need to lock down the SFP+ port to 10Gbps.
>> 
>> Also, I can't seem to find updated firmware for this switch.
>> 
>> Is Planet actively supporting and updating firmware for their switches?
>> 
>> The original and only firmware appears to be from 2015.
>> 
>> 
>> 
>> -Original Message-
>> From: Af [mailto:af-boun...@afmug.com] On Behalf Of George Skorup
>> Sent: Tuesday, January 10, 2017 12:07 PM
>> To: af@afmug.com
>> Subject: Re: [AFMUG] Planet Switch
>> 
>> What model Planet 48 SFP switch are you using? My experience is with the 
>> MGSW-28240F. The SFP+ slots will work on auto... until they don't. Auto in 
>> this case being 1G/10G module speed detection. I don't think there's 
>> ethernet auto-negotiation on those interfaces at all. You have to set the 
>> other end at 1G or 10G FDX or the link won't work. If the other end is a 
>> MikroTik, the interface will show up, because it's dumb and simply sees 
>> light and thinks it's good.
>> 
>> On 1/10/2017 8:24 AM, Sterling Jacobson wrote:
>>> I have a 48 port SFP switch with four SFP+ ports that keeps losing 
>>> connectivity randomly to my IBM switch.
>>> 
>>> It requires a reboot to fix.
>>> 
>>> Nothing in the logs or reported by either switch other than the link is 
>>> down from the IBM switch.
>>> 
>>> Anyone seen or experienced this with Planet?
>>> 
> 

Re: [AFMUG] SAF SNMP and 64 bit counters.

[Cassidy B. Larson]

You have to be registered and login to see the firmware downloads. Just sign up 
and they should create you a login

> On Dec 22, 2016, at 13:00, Sam Lambie <samtaos...@gmail.com> wrote:
> 
> Ok dumb question. where does one get the firmware? SAF Site doesn't have 
> it
> 
>> On Thu, Dec 22, 2016 at 12:20 PM, Sam Lambie <samtaos...@gmail.com> wrote:
>> Thanks guys. I'll upgrade tomorrow morning and let you know what happens.
>> 
>> 
>>> On Thu, Dec 22, 2016 at 9:26 AM, Kerry <kpenl...@bigtube.net> wrote:
>>> I got a SAF newsletter today touting new firmware. Read it here
>>> 
>>> http://us7.campaign-archive1.com/?u=4e62570a1e355fa4501c44a4a=8b5b302a36=26fe4b655f
>>> 
>>>> On 12/22/2016 12:10 AM, George Skorup wrote:
>>>> Isn't the Freemile a 100Mb radio though? 32-bit counters and 5 minute 
>>>> polling gets you 114Mbps.
>>>> 
>>>>> On 12/21/2016 11:00 PM, Cassidy B. Larson wrote:
>>>>> Actually looks like SAF Freemile v1.70.14 firmware is out (10/24/2016) 
>>>>> and it supports 64-bit counters via SNMP:
>>>>> 
>>>>> - SNMP: All counters are 64bit
>>>>> - GENERAL: All counters are 64bit
>>>>> 
>>>>> Only been four years since the last release :)
>>>>> 
>>>>> -c
>>>>> 
>>>>> 
>>>>> 
>>>>>> On Dec 21, 2016, at 2:46 PM, Sam Lambie   
>>>>>> <samtaos...@gmail.com> wrote:
>>>>>> 
>>>>>> Yeah, Lumina and Intregra handle 64 bit fine. Freemile, not so sure.
>>>>>> 
>>>>>>> On Wed, Dec 21, 2016 at 2:40 PM, George Skorup <geo...@cbcast.com> 
>>>>>>> wrote:
>>>>>> 
>>>>>>> I'm polling 64bit interface counters from a Lumina link running 2.64.33.
>>>>>>> 
>>>>>>> 
>>>>>>>> On 12/21/2016 3:36 PM, Cassidy B. Larson wrote:
>>>>>>>> If I remember right recent firmwares on Lumina’s will do 64 bit 
>>>>>>>> counters.
>>>>>>>> 
>>>>>>>> Freemiles, I’m doubtful.
>>>>>>>> 
>>>>>>>>> On Dec 21, 2016, at 2:35 PM, Matt <matt.mailingli...@gmail.com> wrote:
>>>>>>>>> 
>>>>>>>>> We monitor about everything with MRTG graphs and scripts doing SNMP.
>>>>>>>>> With our SAF licensed links we had to update from pulling stats every
>>>>>>>>> 5 minutes to every 1 minute due to counters rolling over.
>>>>>>>>> Aggravating.
>>>>>>>>> 
>>>>>>>>> 
>>>>>>>>> 
>>>>>>>>> 
>>>>>>>>>> On Wed, Dec 21, 2016 at 3:26 PM, Sam Lambie <samtaos...@gmail.com> 
>>>>>>>>>> wrote:
>>>>>>>>>> We can't seem to get a Freemile link to report properly, or actually 
>>>>>>>>>> at all.
>>>>>>>>>> Does anyone know if SAF Freemiles support 64 bit counters?
>>>>>>>>>> Thanks
>>>>>>>>>> 
>>>>>>>>>> --
>>>>>>>>>> --
>>>>>>>>>> Sam Lambie
>>>>>>>>>> Taosnet Wireless Tech.
>>>>>>>>>> 575-758-7598 Office
>>>>>>>>>> www.Taosnet.com
>>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> -- 
>>>>>> -- 
>>>>>> Sam Lambie
>>>>>> Taosnet Wireless Tech.
>>>>>> 575-758-7598 Office
>>>>>> www.Taosnet.com
>>>>> 
>>>> 
>>> 
>> 
>> 
>> 
>> -- 
>> -- 
>> Sam Lambie
>> Taosnet Wireless Tech.
>> 575-758-7598 Office
>> www.Taosnet.com
> 
> 
> 
> -- 
> -- 
> Sam Lambie
> Taosnet Wireless Tech.
> 575-758-7598 Office
> www.Taosnet.com

Re: [AFMUG] SAF SNMP and 64 bit counters.

[Cassidy B. Larson]

Actually looks like SAF Freemile v1.70.14 firmware is out (10/24/2016) and it 
supports 64-bit counters via SNMP:

- SNMP: All counters are 64bit
- GENERAL: All counters are 64bit

Only been four years since the last release :)

-c



> On Dec 21, 2016, at 2:46 PM, Sam Lambie <samtaos...@gmail.com> wrote:
> 
> Yeah, Lumina and Intregra handle 64 bit fine. Freemile, not so sure.
> 
> On Wed, Dec 21, 2016 at 2:40 PM, George Skorup <geo...@cbcast.com 
> <mailto:geo...@cbcast.com>> wrote:
> I'm polling 64bit interface counters from a Lumina link running 2.64.33.
> 
> 
> On 12/21/2016 3:36 PM, Cassidy B. Larson wrote:
> If I remember right recent firmwares on Lumina’s will do 64 bit counters.
> 
> Freemiles, I’m doubtful.
> 
> On Dec 21, 2016, at 2:35 PM, Matt <matt.mailingli...@gmail.com 
> <mailto:matt.mailingli...@gmail.com>> wrote:
> 
> We monitor about everything with MRTG graphs and scripts doing SNMP.
> With our SAF licensed links we had to update from pulling stats every
> 5 minutes to every 1 minute due to counters rolling over.
> Aggravating.
> 
> 
> 
> 
> On Wed, Dec 21, 2016 at 3:26 PM, Sam Lambie <samtaos...@gmail.com 
> <mailto:samtaos...@gmail.com>> wrote:
> We can't seem to get a Freemile link to report properly, or actually at all.
> Does anyone know if SAF Freemiles support 64 bit counters?
> Thanks
> 
> --
> --
> Sam Lambie
> Taosnet Wireless Tech.
> 575-758-7598  Office
> www.Taosnet.com <http://www.taosnet.com/>
> 
> 
> 
> 
> -- 
> -- 
> Sam Lambie
> Taosnet Wireless Tech.
> 575-758-7598 Office
> www.Taosnet.com <http://www.newmex.com/>

Re: [AFMUG] SAF SNMP and 64 bit counters.

[Cassidy B. Larson]

They’re easy. Just do the far side first like anything.


> On Dec 21, 2016, at 2:46 PM, Matt  wrote:
> 
>> I'm polling 64bit interface counters from a Lumina link running 2.64.33.
> 
> Hmm, running CFIP Lumina FODU - v2.63.45 and I know I had counter
> issues.  How scary is updating firmware on SAF?  Settings lost?
> 
> 
>>> If I remember right recent firmwares on Lumina’s will do 64 bit counters.
>>> 
>>> Freemiles, I’m doubtful.
>>> 
 On Dec 21, 2016, at 2:35 PM, Matt  wrote:
 
 We monitor about everything with MRTG graphs and scripts doing SNMP.
 With our SAF licensed links we had to update from pulling stats every
 5 minutes to every 1 minute due to counters rolling over.
 Aggravating.
 
 
 
 
 On Wed, Dec 21, 2016 at 3:26 PM, Sam Lambie  wrote:
> 
> We can't seem to get a Freemile link to report properly, or actually at
> all.
> Does anyone know if SAF Freemiles support 64 bit counters?
> Thanks

Re: [AFMUG] SAF SNMP and 64 bit counters.

[Cassidy B. Larson]

If I remember right recent firmwares on Lumina’s will do 64 bit counters.

Freemiles, I’m doubtful.

> On Dec 21, 2016, at 2:35 PM, Matt  wrote:
> 
> We monitor about everything with MRTG graphs and scripts doing SNMP.
> With our SAF licensed links we had to update from pulling stats every
> 5 minutes to every 1 minute due to counters rolling over.
> Aggravating.
> 
> 
> 
> 
> On Wed, Dec 21, 2016 at 3:26 PM, Sam Lambie  wrote:
>> We can't seem to get a Freemile link to report properly, or actually at all.
>> Does anyone know if SAF Freemiles support 64 bit counters?
>> Thanks
>> 
>> --
>> --
>> Sam Lambie
>> Taosnet Wireless Tech.
>> 575-758-7598 Office
>> www.Taosnet.com

Re: [AFMUG] IPv4 auction alternatives?

[Cassidy B. Larson]

Wonder if I could offer an “IPv6-Only” type of account at a discounted rate.
They'd get their Netflix, their Facebook and everything else that’s v6 
reachable.  
If they can’t get to a v4 only site/service, then they can be the vocal ones 
complaining to the site owners to get their act in gear. 

> On Nov 12, 2016, at 10:47 PM, Sterling Jacobson  wrote:
> 
> Except that you literally cannot ‘move to IPv6’ and have happy clients yet.
>  
> From: Af [mailto:af-boun...@afmug.com ] On 
> Behalf Of Kurt Fankhauser
> Sent: Saturday, November 12, 2016 7:17 PM
> To: af@afmug.com 
> Subject: Re: [AFMUG] IPv4 auction alternatives?
>  
> Wow, didn't know that /24's were going for that high. I would move to IPv6 as 
> fast as I can!
>  
> On Fri, Nov 11, 2016 at 9:32 PM, Josh Reynolds  > wrote:
> That's actually a pretty good price.
> 
>  
> On Nov 11, 2016 6:42 PM, "Dev"  > wrote:
> Are there any other alternatives than the ipv4auctions.com 
>  style websites, which seem like highway robbery at 
> $3584 current bid for a /24?

Re: [AFMUG] OT: early reporting on Election Day

[Cassidy B. Larson]

Fry Sauce!

> On Nov 7, 2016, at 4:17 PM, Chuck McCown  wrote:
> 
> Egg McMuffin only offered green jello with carrot shavings.
> 
> -Original Message- From: Ken Hohhof
> Sent: Monday, November 07, 2016 4:13 PM
> To: af@afmug.com
> Subject: Re: [AFMUG] OT: early reporting on Election Day
> 
> What was Evan McMullin offering?  A stick of gum and pocket lint should have
> been a persuasive offer.
> 
> And if you want to get your blood pressure up, someone just showed me this.
> Who knew Keith Olbermann was still a thing.
> http://www.gq.com/story/watch-the-closer-keith-olbermann
> 
> 
> -Original Message-
> From: Af [mailto:af-boun...@afmug.com] On Behalf Of Chuck McCown
> Sent: Monday, November 7, 2016 4:42 PM
> To: af@afmug.com
> Subject: Re: [AFMUG] OT: early reporting on Election Day
> 
> Stock options in a casino!
> 
> -Original Message-
> From: Ken Hohhof
> Sent: Monday, November 07, 2016 3:39 PM
> To: af@afmug.com
> Subject: Re: [AFMUG] OT: early reporting on Election Day
> 
> I hope you got cash up front.
> 
> -Original Message-
> From: Af [mailto:af-boun...@afmug.com] On Behalf Of Chuck McCown
> Sent: Monday, November 7, 2016 4:26 PM
> To: af@afmug.com
> Subject: Re: [AFMUG] OT: early reporting on Election Day
> 
> Well, I know how I preprogrammed the voting machines in Utah.  Trumps offer
> was sweeter than Hillary's.
> 
> -Original Message-
> From: Tushar Patel
> Sent: Monday, November 07, 2016 3:25 PM
> To: af@afmug.com
> Subject: [AFMUG] OT: early reporting on Election Day
> 
> Anybody interested in the early reporting on the results check following
> article and for results minute by minute go to website listed
> 
> http://www.nytimes.com/2016/09/11/us/politics/election-results-voting.html
> 
> http://votecastr.us/
> 
> Tushar
> 
> 
> 
> 
> 
> 

Re: [AFMUG] OT: SAF Lumina Power supply

[Cassidy B. Larson]

I’ve used an UBNT AF24 power supply and a Netonix on 48vH to power SAF Luminas 
before.



> On Nov 1, 2016, at 8:40 AM, Paul McCall  wrote:
> 
> In February 2013, we purchased some SAF Lumina 11 Ghz radios and used their 
> 48v power supplies with it.  They have been running all this time without 
> incident, but I think we have a power supply issue at one of the sites.
>  
> I need to buy a couple replacements and can’t remember if there was anything 
> different about them.  We tried to use the purple cube power supplies that we 
> use with CMM4s etc., and it blew the Polyphaser so thinking there might be 
> something different we need.
>  
> Paul
>  
> Paul McCall, President
> PDMNet, Inc. / Florida Broadband, Inc.
> 658 Old Dixie Highway
> Vero Beach, FL 32962
> 772-564-6800  
> pa...@pdmnet.net 
> www.pdmnet.com 
> www.floridabroadband.com 

Re: [AFMUG] PTP 60 miles 400Mbps

[Cassidy B. Larson]

Did SAF try 6GHz? Or did they only try 5GHz?
Seems a 2+0 at 6 would probably work at that distance.. although seawater is a 
factor I dunno about


> On Oct 31, 2016, at 18:32, Charles Regan  wrote:
> 
> Well here's SAF response:
> My link planning team confirmed SAF does not have a viable 5GHz radio that 
> can achieve your objective for this path.
> 
> Trango:
> rough calculation suggests that even using space diversity will yield a 3 - 4 
> 'nines' link (predicted reliability) at around 200Mbps FDX.  The use of space 
> diversity will also add considerably to the cost (a complete link might be 
> upwards of $50K).
> 
> I'll ask SIAE...
> 
> 
>> On Oct 31, 2016 9:19 PM, "Eric Kuhnke"  wrote:
>> 20k?
>> 
>> SIAE AlfoPlus2 6 GHz 1024QAM dual polarity link. Or two pairs of alfoplus1 
>> 1024qam (single polarity) radios running in parallel, opposite polarities, 
>> equal OSPF cost between routers.
>> 
>> Or Trango's 1024QAM 6GHz radios. 
>> 
>> Why not SAF?  I thought there was a 6 GHz version of the Integra now.
>> 
>> 
>> 
>>> On Mon, Oct 31, 2016 at 5:10 PM, Charles Regan  
>>> wrote:
>>> Hello everyone,
>>> 
>>> What would you guys use for a 60 miles PTP link? 400Mbps. Oh and it's over 
>>> seawater... 20k$ budget.
>>> 
>>> SAF, Trango both said sorry, can't do.
>>> Mimosa B5C with space diversity and 3k$ maybe.
>>> 
>>> We do have a working AF5x with a 34dbi dish doing 150Mbps aggregate.
>>> The link gets bad sometimes because of ducting/reflection.
>>> 
>>> How could I use two parabolics dish on different polarity with the AF5x for 
>>> space diversity? Splitter?
>>> 
>>> Should a B5C perform better or worse ?
>>> 
>>> Charles
>>> 
>> 

Re: [AFMUG] Fwd: [WISPA] IPV6 deploymernt

[Cassidy B. Larson]

Normally it’s up to and including a /48 that most providers will accept.


> On Oct 27, 2016, at 10:20 AM, Chris Wright  wrote:
> 
> Would be nice. I can’t even get a straight answer from AT what the smallest 
> public ipv6 prefix I can send them via BGP is. I’m hearing /32 from one guy 
> and /48 from the next.
>  
> This is reminiscent of my moment of enlightenment when I realized the best 
> kept secret of adulthood is that we’re all just taller children and most of 
> us are assumptively credited intelligence simply because we survived puberty.
>  
> Chris Wright
> Network Administrator
>  
> From: Af [mailto:af-boun...@afmug.com ] On 
> Behalf Of Chuck McCown
> Sent: Thursday, October 27, 2016 9:00 AM
> To: af@afmug.com 
> Subject: Re: [AFMUG] Fwd: [WISPA] IPV6 deploymernt
>  
> Some consultant needs to specialize in this and help folks provision, 
> configure, deploy, test etc. 
> We all need this or will need this. 
>  
> From: Faisal Imtiaz
> Sent: Wednesday, October 26, 2016 8:31 PM
> To: af
> Subject: [AFMUG] Fwd: [WISPA] IPV6 deploymernt
>  
> An excellent detailed solution  (from one of the other forums).
>  
> Faisal Imtiaz
> Snappy Internet & Telecom
> 7266 SW 48 Street
> Miami, FL 33155
> Tel: 305 663 5518 x 232
> 
> Help-desk: (305)663-5518 Option 2 or Email: supp...@snappytelecom.net 
> 
>  
> From: "Tim Way" >
> To: "WISPA General List" >
> Sent: Tuesday, October 25, 2016 9:01:51 PM
> Subject: Re: [WISPA] IPV6 deploymernt
> Art,
> So I know of two solid methods that could solve your problem. Neither are 
> super awesome and both would involve NAT.
>  
> 1. IPv6 only to the client with NAT64 and DNS64 to handle IPv4 only 
> connectivity
> 2. IPv4 CGN Shared Address Space, RFC 6598 100.64.0.0/10 
> , and IPv6 Global Unicast running in Dual Stack
>  
> Either one would work. I apologize in advance for the long post that follows.
>  
> I've only done the configurations on Cisco routers with the radios just 
> passing traffic at layer 2. I'd have to check the feature set of your routers 
> routing wise but it shouldn't be hard. It also could be built in a lab with 
> static routing largely. I think Mikrotik supports NAT64 but again for a lab 
> environment any recent Cisco device could be used with IP Services licensing.
>  
> Your address plan for your global unicast IPv6 space comes into play. This is 
> how I would lab it up including moving routing to the tower with the CPE in 
> bridge mode:
>  
> Your fictional IPv6 prefix: :::/32
>  
> Your NAT64 Prefix: ::cc00::/96
>  
> Customer DHCPv6-PD Allocation Prefix: ::aa00::/40
> Your fictional customer #1: The Johnson Family, ::aa00:0100::/56
> Your fictional customer #2: The Billings' Family, ::aa00:0200::/56
>  
> Fictional Tower 1
> ISP Mgmt VLAN of CPE: 11, ::bb00:0011::/64
> ISP Customer VLAN of CPE: 12, ::bb00:0012::/64
> ISP Router at the tower on VLAN 11: ::bb00:0011::1/64
> ISP Router at the tower on VLAN 12: ::bb00:0012::1/64
>  
> The Johnson Family Setup:
> ISP CPE VLAN 11 IP: ::bb00:0011::f/64
> Customer's Netgear WAN Interface: ::bb00:0012::f/64
> Customer's Netgear LAN Interface: ::aa00:010a::1/64
> Customer's Netgear Guest WiFi: ::aa00:010b::1/64
>  
> The Billings' Family Setup:
> ISP CPE VLAN 11 IP: ::bb00:0011::e/64
> Customer's Netgear WAN Interface: ::bb00:0012::e/64
> Customer's Netgear LAN Interface: ::aa00:020a::1/64
> Customer's Netgear Guest WiFi: ::aa00:020b::1/64
>  
> 1. You'd bridge VLAN 12 through the CPE to customer's WAN interface as the 
> native VLAN and put the IP on VLAN 11.
> 2. If you use static routing and manual address assignment to eliminate 
> variables in the lab you'll want to add static routes on the tower router for 
> the ::/56 prefixes that would be allocated to each customer. Normally these 
> routes will be injected into the routing table at the DHCPv6 router and could 
> be distributed from there.
> 3. The last piece of the puzzle will be adding in the NAT64 and DNS64 
> devices. BIND can do DNS64 and you could use a Cisco router to do the NAT64. 
> You'd want the "Customer's Netgear" to use the DNS64 server as it's upstream 
> DNS server to ensure that it receives  records for sites that only have A 
> records. This is the fragile component of the DNS64 and NAT64 deployment 
> because it requires the customers computer or router uses your resolver. You 
> will want to ensure the router performing NAT64 is advertising the prefix it 
> is using for NAT64 into your IGP or that your default routed traffic lands on 
> that NAT64 to ensure it is routed correctly.
> 
> This should get you a functional IPv6 only customer network that only returns 
>  

Re: [AFMUG] Another large DDoS, Stop Being a Dick

[Cassidy B. Larson]

IPv6 has “Temporary” outbound IPs for different outbound sessions. These temp 
IPv6 IPs expire over time and change.
I had four or five at one time on my mac for existing TCP sessions that were 
still open, but new traffic wouldn’t be allowed to talk to them.
There's also a fixed inbound IPv6 address, but the possibility of guessing the 
single IPv6 IP on a /64 subnet of 18 quintillion IPv6 IPs is a bit harder.
Well, a lot harder than script kiddies just scanning each port on each public 
IPv4 IP. 
So I guess it’s more like security through obscurity, but still nothing beats a 
properly configured firewall. 



> On Oct 22, 2016, at 9:39 AM, Ken Hohhof  wrote:
> 
> Takeaway quote:  the Internet is “vulnerable to toasters”.
>  
> I’ve got to suspect most of these cheap Chinese webcams (i.e. 90% of them) 
> and other devices are only accessible via a public IP address because of 
> UPnP.  And apparently they are forwarding not just HTTP and HTTPS through the 
> router but also telnet and SSH.  Death to  UPnP!  We don’t enable it when 
> customers lease routers from us.  These cams should be using some sort of 
> proxy in the cloud to relay the video, not port forwarding on the customer’s 
> router.
>  
> I also suspect a lot of these are outside the US.  At the risk of opening up 
> the dreaded “NAT is not a firewall” and “IPv6 is great/terrible” debates, how 
> does IPv6 not increase the IoT threat?  What is the typical setup for an IPv6 
> enabled customer with toasters and webcams that get public IPs?  Does the 
> router from the ISP or supplied by the customer still implement a stateful 
> firewall so that inbound traffic is blocked unless a connection has been 
> established by outbound traffic or a port forwarding rule?  Or are there IPv6 
> toasters with web and CLI access wide open?  Does UPnP still exist with IPv6? 
>  Maybe it’s no more of a problem with IPv6, but then I still wonder, why are 
> so many IoT devices accessible via telnet to exploit the hardcoded default 
> passwords?  Maybe it’s not our customers buying cheap webcams at Costco, 
> maybe it’s really businesses putting their security cameras directly on 
> public IP addresses?
>  
>   <>
> From: Af [mailto:af-boun...@afmug.com] On Behalf Of Jaime Solorza
> Sent: Saturday, October 22, 2016 9:57 AM
> To: Animal Farm 
> Subject: Re: [AFMUG] Another large DDoS, Stop Being a Dick
>  
> 'Smart' home devices used as weapons in website attack
> http://www.bbc.com/news/technology-37738823 
> 
>  
> On Oct 22, 2016 8:14 AM, "Mike Hammett"  > wrote:
>> Here's a tested config that works with standard IP Firewall. Once I get a 
>> chance, I'll make and test a version that uses raw.
>> 
>> /ip firewall address-list
>> add address=x.x.x.x/yy comment="My IPs" list=Public_Networks
>> add address=x.x.x.x/yy comment="Upstream /30" list=Public_Networks
>> add address=x.x.x.x/yy comment="Customer ABC's ARIN allocation" 
>> list=Public_Networks
>> 
>> /ip firewall filter
>> add action=drop chain=forward comment="Block Spoofed Traffic" 
>> out-interface=[upstream interface] src-address-list=!Public_Networks
>> 
>> 
>> 
>> 
>> -
>> Mike Hammett
>> Intelligent Computing Solutions 
>>   
>>  
>>  
>> 
>> Midwest Internet Exchange 
>>   
>>  
>> 
>> The Brothers WISP 
>>  
>> 
>> 
>>  
>> From: "Mike Hammett" >
>> To: af@afmug.com 
>> Sent: Friday, October 21, 2016 12:17:13 PM
>> Subject: Re: [AFMUG] Another large DDoS, Stop Being a Dick
>> 
>> /ip firewall address-list
>> add list="Public-IPs" address=x.x.x.x/yy disabled=no comment="My IPs"
>> add list="Public-IPs" address=x.x.x.x/yy disabled=no comment="Downstream 
>> customer X IPs"
>> 
>> /ip firewall filter
>> add action=drop chain=forward comment="Drop spoofed traffic" disabled=no 
>> out-interface="To-Upstream" dst-address-list=!"Public-IPs"
>> 
>> That was largely composed off of the top of my head and typed on my phone, 
>> so it may not be completely accurate.
>> 
>> 
>> You should also do it on customer-facing ports not allowing anything to come 
>> in, but that would be best approached once Mikrotik and the per interface 
>> setting for unicast reverse path filtering. You would then said customer 
>> facing interfaces to strict and all other interfaces to loose. They accepted 
>> the feature request, just haven't implemented 

Re: [AFMUG] communicating with customers without untraining them

[Cassidy B. Larson]

Can’t you watch for outbound netflow data for remote port 25’s from your 
customers you’re going to drop port 25 on?
Then proactively call/email them saying it’s going away.

Or if you want to keep up with the antiphishing then tell them to contact you 
back at the known good number/email they have for you or is published on your 
website.


> On Oct 14, 2016, at 11:13 AM, That One Guy /sarcasm 
>  wrote:
> 
> I think this has been discussed in the past.
> 
> As part of our overall security implementation we will be dropping outbound 
> port 25 for non business customers and business customers dont have an email 
> rserver on record with an appropriately configured SPF record.
> 
> I know which customers havent gotten with the times. The problem is how best 
> to communicate with them. I am thinking its best to just drop it for a few 
> hours at a time to drive support calls from those who notice it during that 
> window periodically until we implement it permanently to limit a flood of 
> support calls all at once. And maybe a notice on our website of what is going 
> on.
> 
> The issue I have is if we reach out in any way, directly, we circumvent all 
> the antiphishing propaganda. If we email, then spoofed emails are trusted, if 
> we email with a link, then they start trusting spoofed emails with links, 
> same with our telephone number. If we reach out directly via telephone, well 
> then they start paying IRS fines to John from india.
> 
> anybody else implemented this and handled it responsibly?
> 
> -- 
> If you only see yourself as part of the team but you don't see your team as 
> part of yourself you have already failed as part of the team.

Re: [AFMUG] OT England NHS & Tax

[Cassidy B. Larson]

Wonder if that’ll still be going down with the devaluation of the pound. 


> On Oct 11, 2016, at 4:57 PM, Chuck McCown  wrote:
> 
> From my daughter:
>  
> We pay an effective rate of 8.5% in direct tax on our combined household 
> income.
> This is income tax (which pays for government services including the NHS) and 
> National Insurance which pays for pensions and benefits.
> 
> The largest indirect tax is VAT (sales tax) which is 20%. This is less 
> noticeable than sales tax in the USA because prices in the shops include this 
> in the price rather than being added when checking out.
> 
> Corporation tax (tax on business profits) is currently 20% (this is being 
> reduced to 19% in 2017 and is planned to go down to 17% in 2020).
>  

Re: [AFMUG] OT Domain Names

[Cassidy B. Larson]

Haha, that reminded me of this from 8 years ago:

http://www.ksl.com/?nid=148=2839356



> On Oct 10, 2016, at 7:40 PM, That One Guy /sarcasm 
>  wrote:
> 
> ive been buying domains that small businesses i dont like might want and 
> pointing them to https://www.donaldjtrump.com/ 
>   like ayerslanding.com 
> 
> they should make domains alot more expensive
> 
> 
> 
> On Mon, Oct 10, 2016 at 8:23 PM, Josh Reynolds  > wrote:
> They will, simply because most of the good .org/.net/.com are being squatted 
> on, sometimes for millions per domain.
> 
> 
> On Oct 10, 2016 7:59 PM, "Bruce Robertson"  > wrote:
> I think those silly long TLDs aren't going to catch on anyway.  I could be 
> wrong of course, but at least for now I don't plan on spending a penny on 
> them.  Gimme the old-school 2 or 3 letter TLDs.
> 
> On 10/10/16 5:56 PM, Seth Mattinen wrote:
> On 10/10/16 14:27, Chuck McCown wrote:
> I am going to scoop up a few domain names and point them to my site.
> Things like surgeprotectors.com  are gone.  
> Someone is camping on them.
> 
> So, looking at variations like surge-protection
> Adding a plural.  Not sure what non alphanumeric typographical
> characters are allowed other than the hyphen.
> 
> Is there any prohibitions against using any TLD like .org?
> Is a .org or .info equivalent to a .com when you are looking for stuff?
> 
> Lots of .co, .us and .biz out there.  Should be equivalent but perhaps not?
> 
> Need opinions.
> 
> 
> There's a metric ass ton of TLDs now so none of that matters anymore. Except 
> like gov and edu.
> 
> You could probably even do surge.protection since that's a TLD now.
> 
> I have a customer that's a contractor that started using the "contractors" 
> TLD instead of the traditional ones.
> 
> I registered roller.network a while back since minus the dot it's literally 
> the company name. Haven't started using it because I'm not sure people are 
> used to seeing TLDs like that yet.
> 
> ~Seth
> 
> 
> !DSPAM:2,57fc115690055790173396!
> 
> 
> 
> 
> 
> 
> -- 
> If you only see yourself as part of the team but you don't see your team as 
> part of yourself you have already failed as part of the team.

Re: [AFMUG] OT: Italy trip

[Cassidy B. Larson]

I was riding on the back of a scooter through the madness in Marrakech.. and 
mentioned the craziness to the guy driving and all he said was "welcome to 
Africa".



> On Oct 6, 2016, at 13:39, Robert Andrews <i...@avantwireless.com> wrote:
> 
> You just broke my brain...   Sounds like that video of the intersection in, I 
> think, Kenya with 8 lanes from 5 different directions and absolutely no---  
> lights, signs, lanes, or other aides to travel, oh and pedestrians trying to 
> get across the whole mess...
> 
>> On 10/06/2016 12:34 PM, Cassidy B. Larson wrote:
>> Try driving in Marrakech. I just got back in August.. Imagine Italy driving, 
>> and multiply it by a million.
>> 
>> 
>>> On Oct 6, 2016, at 1:32 PM, Robert Andrews <i...@avantwireless.com> wrote:
>>> 
>>> We did that with Mercedes in Germany and had a blast..  But driving in 
>>> Germany is nothing like driving in Italy...   NOTHING...
>>> 
>>>> On 10/06/2016 11:11 AM, Sean Heskett wrote:
>>>> step 1. land in Munich and pickup newly purchased BMW from the factory
>>>> 
>>>> step 2. drive all over the place and enjoy!
>>>> 
>>>> seriously though I did just that with a friend who purchased an M3 in
>>>> 2011 and had a blast!  you drop it back off in Munich and they ship it
>>>> back to you in the states.  All along our travels we'd see the busses
>>>> full of tourists and thought "thank god we didn't do that!"
>>>> 
>>>> we had a few hotels pre-booked along our route but the best places were
>>>> random stops that we just decided to on a whim and explore.
>>>> 
>>>> I know you like BMWs so this will kill 2 birds with 1 stone lol ;-)
>>>> 
>>>> -sean
>>>> 
>>>> 
>>>> On Thu, Oct 6, 2016 at 11:47 AM, Travis Johnson <t...@ida.net
>>>> <mailto:t...@ida.net>> wrote:
>>>> 
>>>>Hey,
>>>> 
>>>>We are considering a trip to Italy this next summer. We would prefer
>>>>some type of tour/travel group or company to help with the trip.
>>>>What have people used and been happy with?
>>>> 
>>>>Travis
>>>> 
>>>> 
>> 
>> 

Re: [AFMUG] OT: Italy trip

[Cassidy B. Larson]

Try driving in Marrakech. I just got back in August.. Imagine Italy driving, 
and multiply it by a million. 


> On Oct 6, 2016, at 1:32 PM, Robert Andrews  wrote:
> 
> We did that with Mercedes in Germany and had a blast..  But driving in 
> Germany is nothing like driving in Italy...   NOTHING...
> 
> On 10/06/2016 11:11 AM, Sean Heskett wrote:
>> step 1. land in Munich and pickup newly purchased BMW from the factory
>> 
>> step 2. drive all over the place and enjoy!
>> 
>> seriously though I did just that with a friend who purchased an M3 in
>> 2011 and had a blast!  you drop it back off in Munich and they ship it
>> back to you in the states.  All along our travels we'd see the busses
>> full of tourists and thought "thank god we didn't do that!"
>> 
>> we had a few hotels pre-booked along our route but the best places were
>> random stops that we just decided to on a whim and explore.
>> 
>> I know you like BMWs so this will kill 2 birds with 1 stone lol ;-)
>> 
>> -sean
>> 
>> 
>> On Thu, Oct 6, 2016 at 11:47 AM, Travis Johnson > > wrote:
>> 
>>Hey,
>> 
>>We are considering a trip to Italy this next summer. We would prefer
>>some type of tour/travel group or company to help with the trip.
>>What have people used and been happy with?
>> 
>>Travis
>> 
>> 

Re: [AFMUG] OT: Italy trip

[Cassidy B. Larson]

At the Vatican, sign up for the Scavi tour to see the underground excavations.. 
but email them EARLY.
It fills up fast in summer months and it’s a lot less people on each tour (only 
12) with only 250 people per day able to visit.

http://www.vatican.va/roman_curia/institutions_connected/uffscavi/documents/rc_ic_uffscavi_doc_gen-information_20090216_en.html



> On Oct 6, 2016, at 11:47 AM, Travis Johnson  wrote:
> 
> Hey,
> 
> We are considering a trip to Italy this next summer. We would prefer some 
> type of tour/travel group or company to help with the trip. What have people 
> used and been happy with?
> 
> Travis
> 

Re: [AFMUG] IOS SSH Client

[Cassidy B. Larson]

I like Serverauditor




> On Oct 6, 2016, at 1:07 PM, Matt  wrote:
> 
> What is everyone's favorite SSH client for iphone and ipad?

Re: [AFMUG] Google wants to be Apple

[Cassidy B. Larson]

I usually don’t get involved in the holy war, but figured I’d comment on my 
experience on this one.

I myself am a bit technically inclined and do everything Josh mentioned in his 
email from my iPhone.
I’m able to focus less on "rooting my phone" and more time fixing problems, 
making money and enjoying life.
I’ve jailbroken an old iPhone 4 back when I wanted to play around with it, but 
I’ve grown out of that mentality and just want something that works.
Maybe I’m getting old? Hah.
 
I’ve also converted my immediate family away from Windows to Macs years ago and 
time with my family 
has become much less stressful as a result…but that’s another whole set of holy 
wars to discuss.

Again, not the same situation applies to everybody, but you CAN do technically 
inclined things with an iPhone, and I do. 

For me, I’m not trying to convert or shame.  Use whatever works best for you. 
For me and mine, an iPhone does the job. 

> On Oct 6, 2016, at 9:33 AM, Mike Hammett  wrote:
> 
> I never pretended to be typical or normal. I did reference "simple shit" 
> users in my last message.
> 
> As a tool, the iPhone is much more limited than Android platforms. As a 
> fashion accessory, it's excellent. I'm not even sure how a technically 
> inclined person can use an iPhone.
> 
> 
> 
> -
> Mike Hammett
> Intelligent Computing Solutions 
>   
>  
>  
> 
> Midwest Internet Exchange 
>   
>  
> 
> The Brothers WISP 
>  
> 
> 
>  
> From: "Ken Hohhof" >
> To: af@afmug.com 
> Sent: Thursday, October 6, 2016 10:29:44 AM
> Subject: Re: [AFMUG] Google wants to be Apple
> 
> You people who brag about first thing you  do is jailbreaking and rooting, 
> that’s great for you, but that’s hardly the typical cellphone customer.
>  
> That’s the problem with discussing a mass market device on a list like this.  
> I remember from the Marketing 101 course I had to take in business school, 
> the professor said remember, your target market is not people like you.  This 
> goes double for techies.  Think of the boys on Big Bang Theory designing 
> their killer app to recognize equations,  certainly that’s something 
> everyone needs .
>  
> Even on this list, can I be the only person who views my phone as just a tool 
> like a drill or wrench?  I don’t want to modify it, I just want it to make 
> calls and run apps.  My phone is not a hobby.  Is it too much to ask that a 
> phone be useful with the factory software?
>  
>   <>
> From: Af [mailto:af-boun...@afmug.com ] On 
> Behalf Of Mike Hammett
> Sent: Thursday, October 6, 2016 9:52 AM
> To: af@afmug.com 
> Subject: Re: [AFMUG] Google wants to be Apple
>  
> Text messaging hardly counts as heavy usage. It's a single, low impact app.
> 
> If you upgrade once a year, you never have had the device long enough to need 
> to reset it to factory. If they're so great, why are you replacing them so 
> often?
> 
> Of course if you think texting is heavy usage, you've never found a need to 
> do more with your phone (like jailbreaking or rooting). I root immediately 
> for better control over and information from the radios, for one. That's not 
> even possible on Apple.
> 
> For a "simple shit" user, there is no major difference between an iPhone and 
> a mainstream Galaxy S or an iPad and a Galaxy Tab. All four do Chrome, 
> Facebook and Instagram.
> 
> 
> 
> -
> Mike Hammett
> Intelligent Computing Solutions 
>   
>  
>  
> 
> Midwest Internet Exchange 
>   
>  
> 
> The Brothers WISP 
>  
> 
> 
>  
> From: "Travis Johnson" >
> To: af@afmug.com 
> Sent: Thursday, October 6, 2016 9:45:10 AM
> Subject: Re: [AFMUG] Google wants to be Apple
> 
> I agree that your phone probably works "very, very well"... but you said 
> yourself you have never used an Apple product... so what are you 
> comparing to? I've had an iPhone since 

Re: [AFMUG] IPv6 Multicast STOHP!

[Cassidy B. Larson]

Broadcast isn’t the same as Multicast.
IPv6 uses multicast exclusively for identifying things that IPv4 uses 
Broadcasts for.
If you provide what Multicast addresses are the most talkative we can identify 
what it is.


> On Sep 16, 2016, at 5:11 PM, Sterling Jacobson  wrote:
> 
> I'm not getting what all this chatter is on IPv6 on a segment of network.
> 
> I know I only have about 10-20 IPv6 client routers actually grabbing an 
> address on any given segment of my network.
> 
> But this 5-10Mbps of broadcast traffic seems very excessive.
> 
> Any way to stop this?
> 
> My IPv6 stuff is all running on Mikrotik

Re: [AFMUG] Playstation 4 software update

[Cassidy B. Larson]

macOS sierra is next tuesday (20th)..  Nice of Apple to give us two big 
download Tuesdays in row though :)


> On Sep 16, 2016, at 4:49 PM, Sean Heskett  wrote:
> 
> iOS 10 and Mac OSX Sierra came out on tuesday the 13th
> 
> On Fri, Sep 16, 2016 at 4:18 PM, Sam Kirsch  > wrote:
> Looks like this PS4 update was released on Sept 13th -- as was a 500MB update 
> for Windows 10 and some sort of El Capitan OS X Update.  We didn't start 
> seeing real issues with the Windows 10 Update until the last 48 hours, since 
> then its been a shit show of complaints :( 
>  
>  
> -- Samuel Kirsch, Network Support
> Plexicomm - Internet Solutions | www.plexicomm.net 
> Office: 1.866.759.4678 x109  | Fax: 1.866.852.4688 
> 
> Emergency Support: 1.866.759.9713  | sam...@plexicomm.net 
> 
>  
>  
>  
> -- Original Message --
> From: "Mathew Howard" >
> To: "af" >
> Sent: 9/16/2016 2:57:55 PM
> Subject: Re: [AFMUG] Playstation 4 software update
>  
>> I suspect the majority of them are already actually done... mine updated a 
>> few days ago.
>> 
>> On Fri, Sep 16, 2016 at 1:47 PM, Eric Kuhnke > > wrote:
>> In the very near future all PS4 with an internet connection are going to 
>> automatically download a large whole operating system update... 
>> 
>> https://www.google.com/search?hl=en=us=nws=0=playstation+4+update
>>  
>> 
>> 
>> 
>> 
> 

Re: [AFMUG] Playstation 4 software update

[Cassidy B. Larson]

But... will it have IPv6?



> On Sep 16, 2016, at 12:47 PM, Eric Kuhnke  wrote:
> 
> In the very near future all PS4 with an internet connection are going to 
> automatically download a large whole operating system update...
> 
> https://www.google.com/search?hl=en=us=nws=0=playstation+4+update
>  
> 
> 
> 

Re: [AFMUG] Billing system survey rehash

[Cassidy B. Larson]

phpipam is developed still. I see plenty of commits this month:

https://github.com/phpipam/phpipam

It’s just slowed down a bit for actual releases.



> On Sep 16, 2016, at 9:49 AM, That One Guy /sarcasm 
>  wrote:
> 
> phpipam isnt developed anymore
> I have an idle racktables server ready for production, its ugly/sexy and has 
> everything I want except that its got a learning curve I havent sobered up 
> enough to get a full grasp on, but its got all the documentory and reporting 
> features I want, would love it if Bertram bought it out and integrated it, id 
> be so exited Id get the vapors.
> 
> On Fri, Sep 16, 2016 at 10:43 AM, Josh Reynolds  > wrote:
> Check out phpipam
> 
> 
> On Sep 16, 2016 10:39 AM, "That One Guy /sarcasm"  > wrote:
> We use Powercode, they ebb and flow. Other than simon who escaped by the skin 
> of his teeth after murdering the guy before him I think they have gladiator 
> fights for the lead role because every time a new lead comes in the last one 
> disappears off the face of the earth. I imagine being in the office up there 
> looks like something out of mad max.
> 
> But overall, its a satisfying product, the inventory component is absolutely 
> useless, but the rest is pretty reliable. Customers like the feel of the 
> portal interface, I would prefer we had the ability to manipulate it more, 
> but I also want my own pony named Miguel.
> Support responsiveness is normally pretty good, occasionally it gets meh, but 
> I think you have that with any company depending on the work load.
> 
> What I do like about it, is that I dont have to know much to manage it, The 
> server build is down to a cut and past CLI job if it needs rebuilt. It 
> performs well in a decent VM host.
> 
> It really appears they are moving away from user driven development (there 
> used to be constant interaction) toward more of a programmed development 
> cycle, which is good and bad, but mostly a positive move.
> 
> It would be nice if they had clean IPAM, i still have a set of excel 
> spreadsheets for master subnet documentation, but I dont think there is such 
> a beast in IPAM that would satisfy everyone.
> 
> The ticketing system became super useful once they added external email 
> accounts, it allowed us to decommission a secondary ticketing system. Its 
> only good for our ISP side, not our contract services side however because it 
> doesnt offer clean time tracking or multiple tech separation
> 
> My boss is very frugal when it comes to anything that generates a recurring 
> cost, and he sees Powercode as a beneficial recurring cost, so that does say 
> something about the product.
> 
> I cuss them every couple months over something or other, its usually 50/50 
> whether its something I screwed up, or a bug in their system, but it always 
> gets resolved. We have an ongoing issue with email fetching that happens, but 
> they gave me a cli tool to resolve it, and its caused by something external 
> and outside their control, so I cant hold it against them.
> 
> There is currently no way to easily reset the tracking metrics on tickets and 
> times, but thats no deal breaker, they will eventually clean it up.
> 
> If youre looking for actual inventory management with any type of valuation, 
> its definetly not the product. Azotel had that when we were looking into 
> them, and I think you could tie in crystal reports to get some really amazing 
> data, but it seems like Azotel went to sleep
> 
> 
> On Fri, Sep 16, 2016 at 9:50 AM, Vlad Sedov  > wrote:
> We've been running Freeside for the last 10 years. It takes a bit of perl and 
> linux knowledge to get it running (or just download the VM), but hey, what do 
> you want for nothing?
> 
> Feature-wise, freeside is on par with the big boys these days.. Can't think 
> of anything it doesn't have that an ISP billing system should have.
> The new version even has tower coverage mapping... very WISP-friendly.
> 
> 
> peace
> 
> Vlad
> 
> 
> 
> On 9/16/2016 12:50 AM, TJ Trout wrote:
> 
> Could I trouble you all for a quick survey / recommendation on billing 
> systems?
> 
> I've been looking at;
> 
> Power code ( seems like too many red flags with this company)
> 
> Platypus ( good price, but I don't want to become a dev just to bill my 
> customers)
> 
> Visp seems like a decent option?
> 
> Wisp Mon? Don't know much about them, prices seem high, haven't heard 
> anything bad so that's a good sign?
> 
> Swift fox? ( Seems like unpopular option maybe because they're new?)
> 
> Sonar? Maybe that's the one?
> 
> 
> 
> 
> 
> 
> 
> --
> If you only see yourself as part of the team but you don't see your team as 
> part of yourself you have already failed as part of the team.
> 
> 
> 
> --
> If you only see yourself as part of the team but you don't see your team 

Re: [AFMUG] Billing system survey rehash

[Cassidy B. Larson]

We have been using Platypus for the past 16 years.  It hasn’t changed much in 
all that time.
Client is still windows-only based. Still runs on SQL server.  There’s an API 
exposed now, but it’s still clunky.  I don’t want to run a VM just for 
Platypus! Give me a web client!

We’ve wanted to change for years, but Powercode never ticked all the right 
boxes for me. I’m a UI snob and want something that looks like it had some time 
put into the user interface.
For me, Powercode felt like it was still using the same design from the early 
days and they were just hacking in features on the same backend code.
Every year at wispapalooza we’d walk the floor, seeing what billing systems 
were out there.. hoping and praying something better was coming around but 
never found anything until Sonar started development.

Sonar looks to be built with Web 3.0 (is that a thing now?) in mind.  I’ve been 
eagerly awaiting their features being pushed out each month so we can finally 
bite the bullet and migrate.
They expose web hooks, publish their APIs and all the methods you can use to 
integrate with your own systems (critical to us). Integrations with Slack for 
ticketing is a big plus.
We’re finally excited again about a billing system and I’m planning on 
converting by end of year.

We’ve had demo’s from all the ones you’ve listed.  Most wouldn’t scale to what 
we needed. I think one had Java client (ugh).

I suggest checking out Sonar.. it’s how a billing system in 2016 should look, 
operate and perform.

> On Sep 15, 2016, at 11:50 PM, TJ Trout  wrote:
> 
> Could I trouble you all for a quick survey / recommendation on billing 
> systems?
> 
> I've been looking at;
> 
> Power code ( seems like too many red flags with this company)
> 
> Platypus ( good price, but I don't want to become a dev just to bill my 
> customers)
> 
> Visp seems like a decent option?
> 
> Wisp Mon? Don't know much about them, prices seem high, haven't heard 
> anything bad so that's a good sign?
> 
> Swift fox? ( Seems like unpopular option maybe because they're new?)
> 
> Sonar? Maybe that's the one?
> 
> 
> 
> 

Re: [AFMUG] Upstream, going beyond 1 gig

[Cassidy B. Larson]

It’s cheaper for me to have ours on-net rather than on the IX. Also more 
redundant. I have our netflix cluster spread between two separate on-net 
facilities, so I don’t need a costly protected path to the IX.


> On Sep 11, 2016, at 8:25 PM, Mike Hammett <af...@ics-il.net> wrote:
> 
> Which doesn't make sense. Put one on the IX and everyone benefits more than 
> each having their own.
> 
> 
> 
> -
> Mike Hammett
> Intelligent Computing Solutions <http://www.ics-il.com/>
>  <https://www.facebook.com/ICSIL> 
> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> 
> <https://www.linkedin.com/company/intelligent-computing-solutions> 
> <https://twitter.com/ICSIL>
> Midwest Internet Exchange <http://www.midwest-ix.com/>
>  <https://www.facebook.com/mdwestix> 
> <https://www.linkedin.com/company/midwest-internet-exchange> 
> <https://twitter.com/mdwestix>
> The Brothers WISP <http://www.thebrotherswisp.com/>
>  <https://www.facebook.com/thebrotherswisp>
> 
> 
>  <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg>
> From: "Cassidy B. Larson" <c...@infowest.com <mailto:c...@infowest.com>>
> To: af@afmug.com <mailto:af@afmug.com>
> Sent: Sunday, September 11, 2016 9:23:43 PM
> Subject: Re: [AFMUG] Upstream, going beyond 1 gig
> 
> I know three of the eyeball networks there already have their own Netflix and 
> Akamai clusters.
> 
> 
> On Sep 11, 2016, at 8:21 PM, Mike Hammett <af...@ics-il.net 
> <mailto:af...@ics-il.net>> wrote:
> 
> I'm surprised SLIX doesn't have Akamai.
> 
> https://www.peeringdb.com/ix/829 <https://www.peeringdb.com/ix/829>
> 
> It doesn't surprise me that Netflix isn't there. There isn't a lot of eyeball 
> networks. Then again, maybe I don't appreciate the scale of those networks.
> 
> 
> 
> -
> Mike Hammett
> Intelligent Computing Solutions <http://www.ics-il.com/>
>  <https://www.facebook.com/ICSIL> 
> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> 
> <https://www.linkedin.com/company/intelligent-computing-solutions> 
> <https://twitter.com/ICSIL>
> Midwest Internet Exchange <http://www.midwest-ix.com/>
>  <https://www.facebook.com/mdwestix> 
> <https://www.linkedin.com/company/midwest-internet-exchange> 
> <https://twitter.com/mdwestix>
> The Brothers WISP <http://www.thebrotherswisp.com/>
>  <https://www.facebook.com/thebrotherswisp>
> 
> 
>  <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg>
> From: "Chuck McCown" <ch...@wbmfg.com <mailto:ch...@wbmfg.com>>
> To: af@afmug.com <mailto:af@afmug.com>
> Sent: Sunday, September 11, 2016 9:16:44 PM
> Subject: Re: [AFMUG] Upstream, going beyond 1 gig
> 
> So ideally you would want to interconnect at your shop?
>  
> From: Roger Timmerman <mailto:timmer...@gmail.com>
> Sent: Sunday, September 11, 2016 8:05 PM
> To: af@afmug.com <mailto:af@afmug.com>
> Subject: Re: [AFMUG] Upstream, going beyond 1 gig
>  
> SLIX started with Xmission and UTOPIA Fiber.  They (Xmission) kept track of 
> the peering relationships and provided the IP subnet, UTOPIA Fiber provided a 
> VPLS across its network so that anyone could connect to it at any of the 
> major data centers in Utah or even at their place of business if it had a 
> UTOPIA Fiber connection.  It has definitely grown over the years, and several 
> connect to it outside of UTOPIA, but I think most of it still rides across 
> UTOPIA. 
>  
> Roger
>  
> On Sun, Sep 11, 2016 at 5:23 PM, Chuck McCown <ch...@wbmfg.com 
> <mailto:ch...@wbmfg.com>> wrote:
> I seriously doubt you can beat the price I pay.  
>  
> From: Cassidy B. Larson <mailto:c...@infowest.com>
> Sent: Sunday, September 11, 2016 5:13 PM
> To: af@afmug.com <mailto:af@afmug.com>
> Subject: Re: [AFMUG] Upstream, going beyond 1 gig
>  
> The SIX extension Xmission/DCIP run. Not sure where they’re at, but I can 
> pick them up at Delong. 
> SLIX we connect to at Delong St.. but I know others interconnect elsewhere.
> Honestly, it’s not too expensive to get a 10G to San Jose from SLC and get on 
> the Equinix IX there… or even LA.
> I got plenty of capacity I can sell ya if you’re interested? :)
>  
> On Sep 11, 2016, at 4:50 PM, Chuck McCown <ch...@wbmfg.com 
> <mailto:ch...@wbmfg.com>> wrote:
>  
> Are these things physically located in a single data center?
> 
> -Original Message- From: Ivan Kohler Sent: Sunday, September 11, 2016 
> 4:38 PM To: af@afmug.com <mailto:af@afmug.com> Subject: Re: [A

Re: [AFMUG] Upstream, going beyond 1 gig

[Cassidy B. Larson]

I know three of the eyeball networks there already have their own Netflix and 
Akamai clusters.


> On Sep 11, 2016, at 8:21 PM, Mike Hammett <af...@ics-il.net> wrote:
> 
> I'm surprised SLIX doesn't have Akamai.
> 
> https://www.peeringdb.com/ix/829 <https://www.peeringdb.com/ix/829>
> 
> It doesn't surprise me that Netflix isn't there. There isn't a lot of eyeball 
> networks. Then again, maybe I don't appreciate the scale of those networks.
> 
> 
> 
> -
> Mike Hammett
> Intelligent Computing Solutions <http://www.ics-il.com/>
>  <https://www.facebook.com/ICSIL> 
> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> 
> <https://www.linkedin.com/company/intelligent-computing-solutions> 
> <https://twitter.com/ICSIL>
> Midwest Internet Exchange <http://www.midwest-ix.com/>
>  <https://www.facebook.com/mdwestix> 
> <https://www.linkedin.com/company/midwest-internet-exchange> 
> <https://twitter.com/mdwestix>
> The Brothers WISP <http://www.thebrotherswisp.com/>
>  <https://www.facebook.com/thebrotherswisp>
> 
> 
>  <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg>
> From: "Chuck McCown" <ch...@wbmfg.com <mailto:ch...@wbmfg.com>>
> To: af@afmug.com <mailto:af@afmug.com>
> Sent: Sunday, September 11, 2016 9:16:44 PM
> Subject: Re: [AFMUG] Upstream, going beyond 1 gig
> 
> So ideally you would want to interconnect at your shop?
>  
> From: Roger Timmerman <mailto:timmer...@gmail.com>
> Sent: Sunday, September 11, 2016 8:05 PM
> To: af@afmug.com <mailto:af@afmug.com>
> Subject: Re: [AFMUG] Upstream, going beyond 1 gig
>  
> SLIX started with Xmission and UTOPIA Fiber.  They (Xmission) kept track of 
> the peering relationships and provided the IP subnet, UTOPIA Fiber provided a 
> VPLS across its network so that anyone could connect to it at any of the 
> major data centers in Utah or even at their place of business if it had a 
> UTOPIA Fiber connection.  It has definitely grown over the years, and several 
> connect to it outside of UTOPIA, but I think most of it still rides across 
> UTOPIA. 
>  
> Roger
>  
> On Sun, Sep 11, 2016 at 5:23 PM, Chuck McCown <ch...@wbmfg.com 
> <mailto:ch...@wbmfg.com>> wrote:
> I seriously doubt you can beat the price I pay.  
>  
> From: Cassidy B. Larson <mailto:c...@infowest.com>
> Sent: Sunday, September 11, 2016 5:13 PM
> To: af@afmug.com <mailto:af@afmug.com>
> Subject: Re: [AFMUG] Upstream, going beyond 1 gig
>  
> The SIX extension Xmission/DCIP run. Not sure where they’re at, but I can 
> pick them up at Delong. 
> SLIX we connect to at Delong St.. but I know others interconnect elsewhere.
> Honestly, it’s not too expensive to get a 10G to San Jose from SLC and get on 
> the Equinix IX there… or even LA.
> I got plenty of capacity I can sell ya if you’re interested? :)
>  
> On Sep 11, 2016, at 4:50 PM, Chuck McCown <ch...@wbmfg.com 
> <mailto:ch...@wbmfg.com>> wrote:
>  
> Are these things physically located in a single data center?
> 
> -Original Message- From: Ivan Kohler Sent: Sunday, September 11, 2016 
> 4:38 PM To: af@afmug.com <mailto:af@afmug.com> Subject: Re: [AFMUG] Upstream, 
> going beyond 1 gig 
> On Sun, Sep 11, 2016 at 09:07:20PM +, Chuck McCown wrote:
> Like to get an IX in SLC.
> 
> Given SLC's size I'd expect there's already an IX.  Indeed, the internet says 
> there's SLIX - http://slix.net/ <http://slix.net/>
> 
> Recently I was surprised to find there a new IX here in Reno/Tahoe - 
> http://tahoeix.org/ <http://tahoeix.org/>
> 
> -- 
> Ivan Kohler, President and Head Geek, Freeside Internet Services, Inc.
> Open-source billing, ticketing and provisioning
> for ISPs, VoIP providers and online businesses
> http://www.freeside.biz/freeside/ <http://www.freeside.biz/freeside/>

Re: [AFMUG] Upstream, going beyond 1 gig

[Cassidy B. Larson]

You have 1Gbps minimum of MS traffic alone?
Or have they lowered their minimum requirements for deploying an appliance?
It’s been a year or so.. maybe I need to hit them up again.


> On Sep 11, 2016, at 5:53 PM, Mike Hammett <af...@ics-il.net> wrote:
> 
> I met MS's justification, but they couldn't meet mine, at least not yet.
> 
> 
> 
> -
> Mike Hammett
> Intelligent Computing Solutions <http://www.ics-il.com/>
>  <https://www.facebook.com/ICSIL> 
> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> 
> <https://www.linkedin.com/company/intelligent-computing-solutions> 
> <https://twitter.com/ICSIL>
> Midwest Internet Exchange <http://www.midwest-ix.com/>
>  <https://www.facebook.com/mdwestix> 
> <https://www.linkedin.com/company/midwest-internet-exchange> 
> <https://twitter.com/mdwestix>
> The Brothers WISP <http://www.thebrotherswisp.com/>
>  <https://www.facebook.com/thebrotherswisp>
> 
> 
>  <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg>
> From: "Cassidy B. Larson" <c...@infowest.com <mailto:c...@infowest.com>>
> To: af@afmug.com <mailto:af@afmug.com>
> Sent: Sunday, September 11, 2016 6:50:15 PM
> Subject: Re: [AFMUG] Upstream, going beyond 1 gig
> 
> Is this killer price only to SLC or can you get it to San Jose/LA?
> That’s where you’ll probably want to be.. or get some Netflix/Google caches.
> They help me save a ton on transport/upstreams.
> Microsoft has caches too, but I’m not at the level “yet” for them to justify 
> sending me one.
> 
> 
> 
> On Sep 11, 2016, at 5:42 PM, Chuck McCown <ch...@wbmfg.com 
> <mailto:ch...@wbmfg.com>> wrote:
> 
> ...
> (if I tell, she might not kiss me again)
> 
> From: Josh Reynolds <mailto:j...@kyneticwifi.com>
> Sent: Sunday, September 11, 2016 5:33 PM
> To: af@afmug.com <mailto:af@afmug.com>
> Subject: Re: [AFMUG] Upstream, going beyond 1 gig
> 
> Are you paying less than 0.20/Mbps on a 10G port?
> 
> On Sep 11, 2016 6:23 PM, "Chuck McCown" <ch...@wbmfg.com 
> <mailto:ch...@wbmfg.com>> wrote:
> I seriously doubt you can beat the price I pay.
> 
> From: Cassidy B. Larson <mailto:c...@infowest.com>
> Sent: Sunday, September 11, 2016 5:13 PM
> To: af@afmug.com <mailto:af@afmug.com>
> Subject: Re: [AFMUG] Upstream, going beyond 1 gig
> 
> The SIX extension Xmission/DCIP run. Not sure where they’re at, but I can 
> pick them up at Delong.
> SLIX we connect to at Delong St.. but I know others interconnect elsewhere.
> Honestly, it’s not too expensive to get a 10G to San Jose from SLC and get on 
> the Equinix IX there… or even LA.
> I got plenty of capacity I can sell ya if you’re interested? :)
> 
> On Sep 11, 2016, at 4:50 PM, Chuck McCown <ch...@wbmfg.com 
> <mailto:ch...@wbmfg.com>> wrote:
> 
> Are these things physically located in a single data center?
> 
> -Original Message- From: Ivan Kohler Sent: Sunday, September 11, 2016 
> 4:38 PM To: af@afmug.com <mailto:af@afmug.com> Subject: Re: [AFMUG] Upstream, 
> going beyond 1 gig
> On Sun, Sep 11, 2016 at 09:07:20PM +, Chuck McCown wrote:
> Like to get an IX in SLC.
> 
> Given SLC's size I'd expect there's already an IX.  Indeed, the internet says 
> there's SLIX - http://slix.net/ <http://slix.net/>
> 
> Recently I was surprised to find there a new IX here in Reno/Tahoe - 
> http://tahoeix.org/ <http://tahoeix.org/>
> 
> --
> Ivan Kohler, President and Head Geek, Freeside Internet Services, Inc.
> Open-source billing, ticketing and provisioning
> for ISPs, VoIP providers and online businesses
> http://www.freeside.biz/freeside/ <http://www.freeside.biz/freeside/>

Re: [AFMUG] Upstream, going beyond 1 gig

[Cassidy B. Larson]

Is this killer price only to SLC or can you get it to San Jose/LA? 
That’s where you’ll probably want to be.. or get some Netflix/Google caches. 
They help me save a ton on transport/upstreams.
Microsoft has caches too, but I’m not at the level “yet” for them to justify 
sending me one.



> On Sep 11, 2016, at 5:42 PM, Chuck McCown <ch...@wbmfg.com> wrote:
> 
> ...
> (if I tell, she might not kiss me again)
>  
> From: Josh Reynolds <mailto:j...@kyneticwifi.com>
> Sent: Sunday, September 11, 2016 5:33 PM
> To: af@afmug.com <mailto:af@afmug.com>
> Subject: Re: [AFMUG] Upstream, going beyond 1 gig
>  
> Are you paying less than 0.20/Mbps on a 10G port?
>  
> On Sep 11, 2016 6:23 PM, "Chuck McCown" <ch...@wbmfg.com 
> <mailto:ch...@wbmfg.com>> wrote:
>> I seriously doubt you can beat the price I pay. 
>>  
>> From: Cassidy B. Larson <mailto:c...@infowest.com>
>> Sent: Sunday, September 11, 2016 5:13 PM
>> To: af@afmug.com <mailto:af@afmug.com>
>> Subject: Re: [AFMUG] Upstream, going beyond 1 gig
>>  
>> The SIX extension Xmission/DCIP run. Not sure where they’re at, but I can 
>> pick them up at Delong.
>> SLIX we connect to at Delong St.. but I know others interconnect elsewhere.
>> Honestly, it’s not too expensive to get a 10G to San Jose from SLC and get 
>> on the Equinix IX there… or even LA.
>> I got plenty of capacity I can sell ya if you’re interested? :)
>>  
>>> On Sep 11, 2016, at 4:50 PM, Chuck McCown <ch...@wbmfg.com 
>>> <mailto:ch...@wbmfg.com>> wrote:
>>>  
>>> Are these things physically located in a single data center?
>>> 
>>> -Original Message- From: Ivan Kohler Sent: Sunday, September 11, 
>>> 2016 4:38 PM To: af@afmug.com <mailto:af@afmug.com> Subject: Re: [AFMUG] 
>>> Upstream, going beyond 1 gig 
>>> On Sun, Sep 11, 2016 at 09:07:20PM +, Chuck McCown wrote:
>>>> Like to get an IX in SLC.
>>> 
>>> Given SLC's size I'd expect there's already an IX.  Indeed, the internet 
>>> says there's SLIX - http://slix.net/ <http://slix.net/>
>>> 
>>> Recently I was surprised to find there a new IX here in Reno/Tahoe - 
>>> http://tahoeix.org/ <http://tahoeix.org/>
>>> 
>>> -- 
>>> Ivan Kohler, President and Head Geek, Freeside Internet Services, Inc.
>>> Open-source billing, ticketing and provisioning
>>> for ISPs, VoIP providers and online businesses
>>> http://www.freeside.biz/freeside/ <http://www.freeside.biz/freeside/>
>>> 
>> 
>>  

Re: [AFMUG] Upstream, going beyond 1 gig

[Cassidy B. Larson]

The SIX extension Xmission/DCIP run. Not sure where they’re at, but I can pick 
them up at Delong.
SLIX we connect to at Delong St.. but I know others interconnect elsewhere.
Honestly, it’s not too expensive to get a 10G to San Jose from SLC and get on 
the Equinix IX there… or even LA.
I got plenty of capacity I can sell ya if you’re interested? :)

> On Sep 11, 2016, at 4:50 PM, Chuck McCown  wrote:
> 
> Are these things physically located in a single data center?
> 
> -Original Message- From: Ivan Kohler Sent: Sunday, September 11, 2016 
> 4:38 PM To: af@afmug.com Subject: Re: [AFMUG] Upstream, going beyond 1 gig 
> On Sun, Sep 11, 2016 at 09:07:20PM +, Chuck McCown wrote:
>> Like to get an IX in SLC.
> 
> Given SLC's size I'd expect there's already an IX.  Indeed, the internet says 
> there's SLIX - http://slix.net/
> 
> Recently I was surprised to find there a new IX here in Reno/Tahoe - 
> http://tahoeix.org/
> 
> -- 
> Ivan Kohler, President and Head Geek, Freeside Internet Services, Inc.
> Open-source billing, ticketing and provisioning
> for ISPs, VoIP providers and online businesses
> http://www.freeside.biz/freeside/
> 

Re: [AFMUG] Upstream, going beyond 1 gig

[Cassidy B. Larson]

There’s an IX in SLC already, http://slix.net/ <http://slix.net/>. We peer on 
it.  No Netflix though. 
There is a SIX extension in SLC though. 

> On Sep 11, 2016, at 4:11 PM, Josh Reynolds <j...@kyneticwifi.com> wrote:
> 
> O really...
> 
> 
> On Sep 11, 2016 4:07 PM, "Chuck McCown" <ch...@wbmfg.com 
> <mailto:ch...@wbmfg.com>> wrote:
> Like to get an IX in SLC.
>  
> From: Cassidy B. Larson <mailto:c...@infowest.com>
> Sent: Sunday, September 11, 2016 2:58 PM
> To: af@afmug.com <mailto:af@afmug.com>
> Subject: Re: [AFMUG] Upstream, going beyond 1 gig
>  
> Do you have a connection to the closest internet exchange? Usually it's 
> cheaper to get a 10G pipe to the exchange and pick up free bandwidth from 
> Netflix/Google/Akamai/etc rather then upgrade your upstream pipes. Plus once 
> you're at the IX with a router/switch you could easily pick up an inexpensive 
> upstream carrier there rather than paying for multiple big pipes back to your 
> area. This is what we do. Saves a lot. 
> 
> Sent from my iPhone
> 
> On Sep 11, 2016, at 14:46, TJ Trout <t...@voltbb.com 
> <mailto:t...@voltbb.com>> wrote:
> 
>> I currently have two 1g upstreams and quickly running out of capacity, how 
>> have you guys handled this in the past for those that have been through 
>> this? Do you upgrade one pipe and hope it doesn't go down? Upgrade them both 
>> to the same speed ?
>> 
>> Also for these two providers its super expensive for a 10g port even with 1g 
>> bandwidth, looks like I'll have to get multiple 1g pipes before it makes 
>> since to go with a single 10g port, how have you done this? Just multiple 
>> bgp sessions?
>> 
>> I don't understand the logic of charging so much more for a 10g interface 
>> when it's lighting the same glass?
>> 

Re: [AFMUG] Upstream, going beyond 1 gig

[Cassidy B. Larson]

Do you have a connection to the closest internet exchange? Usually it's cheaper 
to get a 10G pipe to the exchange and pick up free bandwidth from 
Netflix/Google/Akamai/etc rather then upgrade your upstream pipes. Plus once 
you're at the IX with a router/switch you could easily pick up an inexpensive 
upstream carrier there rather than paying for multiple big pipes back to your 
area. This is what we do. Saves a lot. 

Sent from my iPhone

> On Sep 11, 2016, at 14:46, TJ Trout  wrote:
> 
> I currently have two 1g upstreams and quickly running out of capacity, how 
> have you guys handled this in the past for those that have been through this? 
> Do you upgrade one pipe and hope it doesn't go down? Upgrade them both to the 
> same speed ?
> 
> Also for these two providers its super expensive for a 10g port even with 1g 
> bandwidth, looks like I'll have to get multiple 1g pipes before it makes 
> since to go with a single 10g port, how have you done this? Just multiple bgp 
> sessions?
> 
> I don't understand the logic of charging so much more for a 10g interface 
> when it's lighting the same glass?

Re: [AFMUG] Apple stock

[Cassidy B. Larson]

So the big question is, are you gonna sell the stock?

> On Sep 8, 2016, at 3:54 PM, Travis Johnson  wrote:
> 
> The shares were originally purchased through an actual stock broker in town. 
> They went out of business probably 15-20 years ago. About four years ago, I 
> received contact from a company called Computershare claiming they had been 
> put in charge of shares of technology companies that had not been claimed or 
> updated. My parents have probably moved six times during the last 29 years, 
> so any mail was being bounced back.
> 
> We filled out their required paper application (along with a notary 
> signature) and sent it back to them. I never heard anything more, and 
> honestly figured it was a scam of some type. I made attempts over the last 
> few years to contact them (via the telephone number on the form), but it was 
> always voicemail and I never got a call back. I tried their website many 
> times as well, but without knowing an account number, I was never able to 
> login to their online system.
> 
> Today when I checked, they had a new feature to request your account number 
> if you could provide all kinds of personal information... so after a few 
> guesses (like zip code, etc), I was finally able to get into the account.
> 
> Travis
> 
> 
> 
> On 9/8/2016 3:40 PM, Josh Luthman wrote:
>> That's a very interesting give from your parents, for sure.  Definitely 
>> worked out to say the least.
>> 
>> Why did it take years to get access to it?
>> 
>> 
>> Josh Luthman
>> Office: 937-552-2340
>> Direct: 937-552-2343
>> 1100 Wayne St
>> Suite 1337
>> Troy, OH 45373
>> 
>> On Thu, Sep 8, 2016 at 5:37 PM, Travis Johnson > > wrote:
>> Hi,
>> 
>> So today, I was finally able to login to a brokerage account that was setup 
>> by my parents in 1987. They had given me four shares of Apple stock for my 
>> birthday, but because I was a minor, they had to be put under one of my 
>> parent's names as well. I think they spent about $200 for the shares at that 
>> time.
>> 
>> I logged in to the account (that has literally taken me YEARS to get access 
>> to) and discovered I now have $8,800 worth of Apple stock. It was a great 
>> surprise, and the bonus was the $670 worth of dividend checks that were just 
>> sitting in the account because they didn't have a current address.
>> 
>> Doing some quick math, that works out to about 13% interest over the last 29 
>> years. Apple just paid for my new iPhone 7. :)
>> 
>> Travis
>> 
>> 
> 

Re: [AFMUG] 48v and -48v

[Cassidy B. Larson]

Is this doable in reverse? We have a -48v UPS/battery bank, want to convert to 
traditional 48v on the load side?  Looking at putting a Netonix at this site.



> On Aug 18, 2016, at 7:34 PM, George Skorup  wrote:
> 
> Mean Well RSD200C-48 will work just fine. Put it between your 48v UPS load 
> side and -48 gear. The output of the RSD is floating and you should have no 
> problem tying the + side to ground.
> 
> On 8/18/2016 8:19 PM, Gilbert T. Gutierrez, Jr. wrote:
>> I have a site that I am converting to DC from AC. All of the gear powers at 
>> traditional 48v with a negative ground. I have a PTP800 though that I am 
>> told is -48v (ground tied to positive). How do I get -48v for the PTP800?
>> 
>> The site has a NewMar DIN-UPS 48-10. It states that the outputs are isolated 
>> (it has 2) but I do not think they are isolated from each other, just from 
>> ground. To tell you the truth I am lost. I was thinking maybe a DC to DC 
>> converter of some sort.
>> 
>> Thank you,
>> 
>> Gilbert
>> 
> 

Re: [AFMUG] AirControl

[Cassidy B. Larson]

Can the original Aircontrol handle configuring/monitoring/updating latest 
firmwares or latest devices? I thought it wasnt capable of anything past 5.5.x? 
  In which case maybe you’re running vulnerable firmwares if you’re still on 
AC1? 




> On Aug 13, 2016, at 9:16 AM, Paul Stewart  wrote:
> 
> Thanks for that note… appreciate it…
>  
> Guess I should check in $$$job to see what we’re doing too .. pretty sure we 
> utilize original AC there too …
>  
> Paul
>  
>  
> From: Af [mailto:af-boun...@afmug.com ] On 
> Behalf Of Jeremy
> Sent: August 13, 2016 10:40 AM
> To: af@afmug.com 
> Subject: Re: [AFMUG] AirControl
>  
> That being saidthe upgrade process from AC1 to AC2 left a lot to be 
> desired.  I followed many tutorials trying to get the database to transfer, 
> but I lost it all.  Had to rescan the network and add every device back in.  
> If historical data in AC is important...be aware that you may lose it all.
>  
> On Sat, Aug 13, 2016 at 8:06 AM, Jeremy  > wrote:
>> AC2 is awesome.
>>  
>> On Sat, Aug 13, 2016 at 7:00 AM, Stefan Englhardt > > wrote:
>>> They changed strategy and declared AC2 the winner. There is a RC which runs 
>>> quite good. Does a quite good job to keep Firmware up to date and follow 
>>> cpe signals over time.
>>> Mapping is included but uses bing. There is only a java client at the 
>>> moment which does not scale with higher resolution PCs.
>>>  
>>> They promised an API and a webinterface (integration with UCRM Control 
>>> which is seized).
>>> Should run on CRM Point in the future.
>>> 
>>> 
>>>  Ursprüngliche Nachricht 
>>> Von: Mike Hammett > 
>>> Datum: 13.08.2016 14:06 (GMT+01:00) 
>>> An: af@afmug.com  
>>> Betreff: Re: [AFMUG] AirControl 
>>> 

Re: [AFMUG] Access Both Sides of Downed Link Using OSPF?

[Cassidy B. Larson]

A lot of times we want to login to side “B” when the link between A and B is 
down…but we can’t unless each side is advertised as a /30..but I want the two 
radio’s to see each other when they’re up. 

So what I’ve done most recently is:
.1 = Router A (configured as /30)
.2 = Radio A (configured as /29, GW set to .1)
.5 = Radio B (configured as /29 GW set to .6)
.6 = Router B (configured as /30)

Then I just run OSPF on a separate /30 across that path on a separate VLAN.  
The above is just for MGMT of the radios. 



> On Aug 11, 2016, at 3:02 PM, Christopher Gray  
> wrote:
> 
> How do you setup radio addresses so both ends of a link can be accessed (via 
> loop) when the link is down?
> 
> What I've been doing... and how it doesn't work:
> I've been setting up OSPF links using a /29.
> 
> Router A -- Radio A ~~ Radio B -- Router B
> 
> Devices get addresses:
> .1 - Router A
> .2 - Router B
> .3 - Radio A (Gateway set to .1)
> .4 - Radio B (Gateway set to .2)
> .5 - Spare (used when swapping links)
> .6 - Spare (used when swapping links)
> This feels very clean, and works nicely when the link is up or when there is 
> no network loop. However, when the link goes down, if I am connected near 
> Router A, all traffic for that /29 is routed through Router A, and I have no 
> access to the B side. Then, I can only access the B side if I connect closer 
> to Router B.
> 
> Suggestions?
> 
> Thanks - Chris

Re: [AFMUG] IRR

[Cassidy B. Larson]

We use http://altdb.net/ and it’s free.  Merit’s RADb mirrors it.


> On Aug 1, 2016, at 12:08 PM, George Skorup  wrote:
> 
> Lots of major carriers use Merit RAdb (not free). They mirror ARIN's RR 
> (free).
> 
> On 8/1/2016 11:18 AM, Justin Wilson wrote:
>> Many folks use Level3 if they are wanting to access other registries.
>> https://nets.ucar.edu/nets/docs/procs/routing-registries/routing_registry_guide_2012.pdf
>>  
>> 
>> 
>> 
>> Obvious choice for most of us is ARIN.
>> https://www.arin.net/resources/routing/ 
>> 
>> 
>> 
>> I did a post on registries last year.
>> http://www.mtin.net/blog/?p=245 
>> 
>> 
>> 
>> Justin Wilson
>> j...@mtin.net 
>> 
>> ---
>> http://www.mtin.net  Owner/CEO
>> xISP Solutions- Consulting – Data Centers - Bandwidth
>> 
>> http://www.midwest-ix.com   COO/Chairman
>> Internet Exchange - Peering - Distributed Fabric
>> 
>>> On Aug 1, 2016, at 11:35 AM, Butch Evans >> > wrote:
>>> 
>>> So I have a customer who is wanting to peer with Netflix.  They require
>>> registration of routes in a route server.  I have never done this sort
>>> of work before and am interested to hear what preferred registry you
>>> all use and why.
>>> 
>>> 
>>> --
>>> Butch Evans
>>> Training and Support for WISPs
>>> 702-537-0979
>>> http://store.wispgear.net/ 
>>> http://www.butchevans.com/ 
>>> 
>> 
> 

Re: [AFMUG] international MW Links?

[Cassidy B. Larson]

Maybe Trump can get Mexico to build that into the wall too?


> On Jul 27, 2016, at 1:52 PM, Cameron Crum  wrote:
> 
> I'm sure they didn't intentionally transmit data on those links either. I'm 
> calling for a border faraday cage! 
> 

Re: [AFMUG] is there a way to sniff the subnet a customer has configured

[Cassidy B. Larson]

You could always change your gateway IP and hand out the new gateway IP via 
DHCP and then see if he breaks :)


> On Jul 14, 2016, at 11:47 AM, That One Guy /sarcasm 
>  wrote:
> 
> We have a customer, I suspect hes being dishonest and statically configured 
> his device, but says hes DHCP, we have an ARP matching his MAC and correct IP 
> on our mikrotik, but im guessing he just assumed it to be a /24 or something
> 
> Is there any way to tell if this is the case? I see no DHCP request coming 
> from his connection
> 
> 
> his device is a sonicwall
> 
> --
> If you only see yourself as part of the team but you don't see your team as 
> part of yourself you have already failed as part of the team.

Re: [AFMUG] GPRO

[Cassidy B. Larson]

I bought in..now I'm debating how long to let it ride..  got any more hot tips? 
:)


> On Jul 14, 2016, at 10:35 AM, Travis Johnson  wrote:
> 
> Hopefully people that invested in GPRO when I suggested a few months ago are 
> making some money this week?? :)
> 
> I still think it will go to $14-$15 over the next 3-4 months... but you never 
> want to get greedy with the stock market either... LOL
> 
> Travis
> 

Re: [AFMUG] Hardened Cisco router suggestions.

[Cassidy B. Larson]

The IE3000 and IE3010 would work. We have a few of the IE3000’s out there..

However, if you want MPLS, check out the ASR901S.  I got a few units to test of 
those to replace some of the IE3000’s.


> On Jun 28, 2016, at 1:14 PM, Steve Utick  wrote:
> 
> Maybe something like one of their Industrial Ethernet switches:
> 
> http://www.cisco.com/c/en/us/products/collateral/switches/industrial-ethernet-3010-series-switches/datasheet_c78-637080.html
>  
> 
> 
> On Tue, Jun 28, 2016 at 1:06 PM, Erich Kaiser  > wrote:
> What are guys recommending/using for a hardened Cisco router that can do the 
> basics, OSPF, gigabit Interfaces, DHCP?
> 
> Possibly 1G SFP ports
> 
> 
> 
> Erich Kaiser
> North Central Tower
> er...@northcentraltower.com 
> Office: 630-621-4804 
> Cell: 630-777-9291 
> 
> 

Re: [AFMUG] OT Private Sale of Domain Name

[Cassidy B. Larson]

What about Square’s Cash app? it’s instantaneous right into your bank account 
and free for debit cards.   But personally I’d use an escrow if it’s anything 
of value.


> On Jun 22, 2016, at 5:05 PM, Sterling Jacobson  wrote:
> 
> I think with PayPal I get the money immediately in my PayPal account, then I 
> transfer it asap to my bank.
> Once that clears, THEN I allow the domain transfer.
> 
> Does that sound more reliable?
> 
> 
> From: Af [mailto:af-boun...@afmug.com ] On 
> Behalf Of Josh Luthman
> Sent: Wednesday, June 22, 2016 5:03 PM
> To: af@afmug.com 
> Subject: Re: [AFMUG] OT Private Sale of Domain Name
> 
> In case the buyer says "I never got the domain" and then your money is tied 
> up for weeks or monthsor you never get it and lose your domain.
> 
> 
> Josh Luthman
> Office: 937-552-2340
> Direct: 937-552-2343
> 1100 Wayne St
> Suite 1337
> Troy, OH 45373
> 
> On Wed, Jun 22, 2016 at 6:45 PM, Rory Conaway  > wrote:
> Why avoid paypal other than the fees?
> 
> Rory
> 
> From: Af [mailto:af-boun...@afmug.com ] On 
> Behalf Of Josh Luthman
> Sent: Wednesday, June 22, 2016 3:44 PM
> To: af@afmug.com 
> Subject: Re: [AFMUG] OT Private Sale of Domain Name
> 
> Can you do a check instead of PayPal?  Or ACH?
> 
> I would avoid PayPal, even with a personal transfer.
> 
> Josh Luthman
> Office: 937-552-2340 
> Direct: 937-552-2343 
> 1100 Wayne St
> Suite 1337
> Troy, OH 45373
> 
> On Jun 22, 2016 6:42 PM, "Sterling Jacobson"  > wrote:
> I have a buyer for one of my defunct domain names I own.
> 
> I was thinking I would just have them process the domain transfer request.
> 
> Then when I received that, have them pay me via PayPal personal transfer so I 
> don't have to pay fees on the funds.
> 
> Then process the transfer request.
> 
> Anyone see anything wrong with that?
> 
> They seem legit.
> 

Re: [AFMUG] traffic priorities

[Cassidy B. Larson]

Couldn’t you just run it in Xen on a 1U with 2x10G NICs? Then duplicate as you 
see fit.  I assume you could get that rolling for cheap. 

> On Jun 21, 2016, at 1:33 PM, Simon Westlake  wrote:
> 
> Nope, you deploy it into your virtualized environment and away you go. Any 
> traffic has to pass through the interfaces associated with the VM though. I 
> personally don't think it's a wonderful solution for a WISP, if you want a 
> PRE for some massive virtualized deployment of servers, it probably makes 
> sense, but you're just eating a ton of resources in your VMWare/whatever 
> environment, and I doubt it is significantly cheaper to purchase.
> 
> On 6/21/2016 2:29 PM, Jason McKemie wrote:
>> How does the VM work? Is there still hardware that sits on the network?
>> 
>> On Tuesday, June 21, 2016, Simon Westlake  
>>  wrote:
>> I haven't priced one yet, but I can get a quote if you're interested, just 
>> hit me off list. 
>> 
>> On 6/21/2016 2:02 PM, Craig Schmaderer wrote:
>>> Any ideas on how cheap you can get in on the vm. �Thats a nice way to go 
>>> for most people i would assume.�
>>> 
>>> Craig Schmaderer
>>> Cell 402-380-1245
>>> Skywave Wireless, Inc.
>>> 
>>> 
>>> 
>>> 
>>> On Tue, Jun 21, 2016 at 12:47 PM -0500, "Simon Westlake" < 
>>> simon@sonar.software 
>>> > wrote:
>>> 
>>> They do have a virtualized appliance now, but if you want the hardware 
>>> appliance, you still have to buy it. My understanding of why they stop 
>>> selling the software is that it still has to be validated to function on 
>>> older devices - some of become unusable because of lack of memory as 
>>> signatures expanded. Some of it is lack of desire to continue to support 
>>> hardware that they themselves can't source anymore as well, I'm sure - it's 
>>> all just x86 stuff.
>>> 
>>> I don't remember the whole history of the company, they were a different 
>>> company name previously and acquired a Swedish corporation, in the 
>>> restructure, they became Procera.
>>> 
>>> On 6/21/2016 12:33 PM, Mike Hammett wrote:
 If their product is the subscription service, they don't hesitate selling 
 the subscription service. $2,500/year is better than $0/year.
 
 Okay, so then don't cover the hardware anymore, software only. They should 
 sell software-only to anyone at any time.
 
 Procera has been around for 10 years? Hrm. I'da guessed four or five.
 
 
 
 -
 Mike Hammett
 Intelligent Computing Solutions 
   
  
  
 
 Midwest Internet Exchange 
   
  
 
 The Brothers WISP 
  
 
 
  
 From: "Simon Westlake"  
 
  
 To: af@afmug.com 
 Sent: Tuesday, June 21, 2016 12:29:50 PM
 Subject: Re: [AFMUG] traffic priorities
 
 Well, one of the things to bear in mind with Procera is that you are 
 essentially buying the subscription service. Even though the box isn't 
 cheap, the value of the product is really the subscription. One of the 
 things that the support/subscription covers is next day air replacement on 
 the hardware. So now, you bought some old beat up box off Ebay, and you 
 want to put it under a support contract, and things get messy when the 
 hardware fails.
 
 So, I understand their reluctance - but they will do it. I'm mostly just 
 advising caution because it's a complex arrangement - you want to make 
 sure the box isn't EOL, you need to make sure it works, that you can still 
 get expansion cards for it, etc. Sometimes these boxes on eBay look like a 
 good deal, but there is a lot of factors to look at before you buy it, 
 it's not a simple purchase. That being said, there are some deals to be 
 had, and I've helped people navigate it, but I've also had to give people 
 bad news after they snapped up some 10 year old, EOL unit for a 'steal'.
 
 On 6/21/2016 12:09 PM, Jason McKemie wrote:
 I don't understand this mentality from some companies.� I mean, someone 
 bought this new, and may have at least hesitated if they knew that the 
 resale value would immediately be zero.
 
 I guess at least 

Re: [AFMUG] Trango StrataPro Xi

[Cassidy B. Larson]

Cisco has an OC-48 SPA that has modular optics… SPA-1XOC48-POS. I’ve seen this 
one in use before.


> On Jun 15, 2016, at 5:08 AM, Eric Kuhnke <eric.kuh...@gmail.com> wrote:
> 
> Now that I think about it I am actually not sure I have ever seen a modular 
> SFP sized optic used for an OC-48, all of the interfaces I've personally 
> handled have the optic soldered onto the board. SC duplex connectors in the 
> faceplate of, for example, a Juniper PB-OC48 in a FPC2.
> 
> http://i.ebayimg.com/images/g/VTYAAOxydgZTHcbQ/s-l300.jpg 
> <http://i.ebayimg.com/images/g/VTYAAOxydgZTHcbQ/s-l300.jpg>
> 
> 
> On Wed, Jun 15, 2016 at 3:50 AM, Faisal Imtiaz <fai...@snappytelecom.net 
> <mailto:fai...@snappytelecom.net>> wrote:
> FWIW,   2.5g optics came from the TDM world, typically used for OC-48 ports, 
> and yes all of the major router platforms support it  (not necessarily under 
> ethernet). Then because of this, there were a lot of 'waves' fiber channels 
> available, as in LH transport, for 2.5g. Today due to cost, ROI and 
> popularity 2.5g is fading into the background in favor of SFP+.
> 
> Getting back to, arm chair quarterbacking the Trango product, I can think of 
> a couple of reasons why they might have choosen 2.5g SFP module slot, 
> considinger 1G/2.5G modules use the same Slot, chips etc, and SFP+ are not 
> necessarily 1G/10G , also realizing their background with TDM it is quite 
> possible that this product has a shared heritage with another of their TDM 
> radio, or at some point in time (it may possibly be even now) it was intended 
> as  wireless OC48 transport.
> 
> :)
> 
> Faisal Imtiaz
> Snappy Internet & Telecom
> 7266 SW 48 Street
> Miami, FL 33155
> Tel: 305 663 5518 x 232
> 
> Help-desk: (305)663-5518 Option 2 or Email: supp...@snappytelecom.net
> 
> From: "Eric Kuhnke" <eric.kuh...@gmail.com <mailto:eric.kuh...@gmail.com>>
> To: af@afmug.com <mailto:af@afmug.com>
> Sent: Monday, June 13, 2016 9:49:53 PM
> Subject: Re: [AFMUG] Trango StrataPro Xi
> Yeah, sure, if your design goal is to make your L3 backbone harder to 
> troubleshoot and more failure prone in chains of non-redundant devices. I 
> suppose I could put a 48 port 1000BaseT switch in front of each router and 
> put the microwave PTP linked OSPF /30 BB interfaces each on their own vlan, 
> with one 10GbE from router to switch, but I'd be silly to do so.
> 
> On Jun 13, 2016 6:26 PM, "Josh Baird" <joshba...@gmail.com 
> <mailto:joshba...@gmail.com>> wrote:
> There -could- be a router doing L3 behind the switch.  It's not that 
> uncommon, right?
> 
> On Mon, Jun 13, 2016 at 9:17 PM, Eric Kuhnke <eric.kuh...@gmail.com 
> <mailto:eric.kuh...@gmail.com>> wrote:
> Switch?  If people do layer 2 over $6,000+ microwave for backbone links 
> between two POPs, that is a really bad idea in my opinion. WISPs love to 
> build layer 2 clusterfucks because a lot of small ones start with basically 
> no OSPF or BGP knowledge.
> 
> Show me a real router platform that is in common use that supports 2.5 Gbps 
> SFP (not SFP+ on a rate limited port).
> 
> On Jun 11, 2016 10:29 AM, "Jon Auer" <j...@tapodi.net 
> <mailto:j...@tapodi.net>> wrote:
> Adtran NetVanta 1544 Ethernet switches (24xGigE, 4xSFP) have been 2.5G 
> capable since 2009.
> 
> On Thu, Jun 9, 2016 at 4:17 PM, Eric Kuhnke <eric.kuh...@gmail.com 
> <mailto:eric.kuh...@gmail.com>> wrote:
> There are such things as 2.5 Gbps SFPs used for fiber channel storage array 
> applications (example: Cisco MDS9000) but you will not see them used in 
> ethernet speaking routers/switches.
> 
> On Thu, Jun 9, 2016 at 2:10 PM, Erich Kaiser <er...@northcentraltower.com 
> <mailto:er...@northcentraltower.com>> wrote:
> Check with John, but I thought he said something about a 2.5Gbps SFP, not 
> sure why they did not go 10G
> 
> 
> Erich Kaiser
> North Central Tower
> er...@northcentraltower.com <mailto:er...@northcentraltower.com>
> Office: 630-621-4804 
> Cell: 630-777-9291 
> 
> On Thu, Jun 9, 2016 at 12:41 PM, Cassidy B. Larson <c...@infowest.com 
> <mailto:c...@infowest.com>> wrote:
> So I’m checking out the new Trango StrataPro data sheets… The Xi model 
> appears to do 4Gbps full-duplex.. but no 10G SFP+.. So I’d have to use all 
> three SFPs, and one copper gig to get it?
> 
> Other notes: it appears they’re keying it up.. so you get to pay extra to 
> unlock capacity to 1100Mbps and again to unlock max capacity to 2200Mbps.
> Oh and if you want AES-256, you get to pay again.  The 1MB packet buffer.. 
> seems low.
> 
> Anybody else have any thoughts?  Anybody got one yet?
> 
> -c
> 
> 
> 
> 
> 

Re: [AFMUG] Trango StrataPro Xi

[Cassidy B. Larson]

The NetVana 1544 is also a L3 Switch and does OSPF/BGP too! Heh.


> On Jun 13, 2016, at 7:26 PM, Josh Baird <joshba...@gmail.com> wrote:
> 
> There -could- be a router doing L3 behind the switch.  It's not that 
> uncommon, right?
> 
> On Mon, Jun 13, 2016 at 9:17 PM, Eric Kuhnke <eric.kuh...@gmail.com 
> <mailto:eric.kuh...@gmail.com>> wrote:
> Switch?  If people do layer 2 over $6,000+ microwave for backbone links 
> between two POPs, that is a really bad idea in my opinion. WISPs love to 
> build layer 2 clusterfucks because a lot of small ones start with basically 
> no OSPF or BGP knowledge.
> 
> Show me a real router platform that is in common use that supports 2.5 Gbps 
> SFP (not SFP+ on a rate limited port).
> 
> On Jun 11, 2016 10:29 AM, "Jon Auer" <j...@tapodi.net 
> <mailto:j...@tapodi.net>> wrote:
> Adtran NetVanta 1544 Ethernet switches (24xGigE, 4xSFP) have been 2.5G 
> capable since 2009.
> 
> On Thu, Jun 9, 2016 at 4:17 PM, Eric Kuhnke <eric.kuh...@gmail.com 
> <mailto:eric.kuh...@gmail.com>> wrote:
> There are such things as 2.5 Gbps SFPs used for fiber channel storage array 
> applications (example: Cisco MDS9000) but you will not see them used in 
> ethernet speaking routers/switches.
> 
> On Thu, Jun 9, 2016 at 2:10 PM, Erich Kaiser <er...@northcentraltower.com 
> <mailto:er...@northcentraltower.com>> wrote:
> Check with John, but I thought he said something about a 2.5Gbps SFP, not 
> sure why they did not go 10G
> 
> 
> Erich Kaiser
> North Central Tower
> er...@northcentraltower.com <mailto:er...@northcentraltower.com>
> Office: 630-621-4804 
> Cell: 630-777-9291 
> 
> 
> On Thu, Jun 9, 2016 at 12:41 PM, Cassidy B. Larson <c...@infowest.com 
> <mailto:c...@infowest.com>> wrote:
> So I’m checking out the new Trango StrataPro data sheets… The Xi model 
> appears to do 4Gbps full-duplex.. but no 10G SFP+.. So I’d have to use all 
> three SFPs, and one copper gig to get it?
> 
> Other notes: it appears they’re keying it up.. so you get to pay extra to 
> unlock capacity to 1100Mbps and again to unlock max capacity to 2200Mbps.
> Oh and if you want AES-256, you get to pay again.  The 1MB packet buffer.. 
> seems low.
> 
> Anybody else have any thoughts?  Anybody got one yet?
> 
> -c
> 
> 
> 
> 

Re: [AFMUG] IPV6 here we come

[Cassidy B. Larson]

What’re you using for DNS64/NAT64 or whatever else you’re using to get back to 
v4 land?

> On Jun 13, 2016, at 10:01 AM, Chuck McCown  wrote:
> 
> Only when the end is V4 only.  We hear stats that all US domains are already 
> 60-80% V6.
> 
> From: Joe Novak 
> Sent: Monday, June 13, 2016 9:56 AM
> To: af@afmug.com 
> Subject: Re: [AFMUG] IPV6 here we come
> 
> are you going to be natting IPV6 > IPV4 at the edge?
> 
> On Mon, Jun 13, 2016 at 10:54 AM, Chuck McCown  > wrote:
>> Commencing new project:
>> Going to attempt to provision all new customers on V6 only.
>> This is gonna hurt.
> 
> 

Re: [AFMUG] tower guys have the best views!

[Cassidy B. Larson]

When I was up there it was socked in.  Glad you got a good view.
Make sure and take the train up to the Jungfraujoch!


> On Jun 10, 2016, at 7:53 AM, Gino Villarini  wrote:
> 
> from Mt. Pilatus, Swiss Alps
> 
> 
>