Re: [AFMUG] OSPF - How large can a flat network grow?

[Paul Stewart]

I’ve done a lot of work with that model in the past and it works very well …. 
Extremely flexible what you can then do for multi-service handoff as well 

 

-p

 

From: Af  on behalf of Carl Peterson 

Reply-To: 
Date: Friday, June 8, 2018 at 1:52 PM
To: 
Subject: Re: [AFMUG] OSPF - How large can a flat network grow?

 

I've been thinking a lot about the flat -> routed transition lately and my 
current thinking is that we over reacted and just went to routers everywhere.  
We have been trimming back a lot and moving to running QinQ over VPLS where 
every sub has their own CVLAN in an SVLAN.  As I get more comfortable with it, 
I'm thinking about expanding it and dropping more of the "core" locations with 
routers.  Instead of A--B--C all with routers, we would drop the router at B 
and just run B with a primary and secondary VPLS circuit, say primary through A 
and secondary through C.  Saves a ton on enclosures, batteries etc.  

 

On Fri, Jun 8, 2018 at 12:54 PM, Paul Stewart  wrote:

Can’t comment on “small iron” routers as limited experience but can tell you 
with larger gear (which in theory has a lot more CPU/processing capability) 
that large OSPF networks (100k routes) exist and work just fine.  One company I 
consulted for a number of years ago had over 600k routes in OSPF .. seriously … 
and yes they did experience some issues but they were not big enough issues to 
warrant changing til a few years later when they migrated everything to ISIS 
anyways.  That’s the most extreme example and not one I personally recommend 

 

As others have mentioned, it’s a hard question to answer as there is no “one 
size fits all” … often it’s more about how the network is designed then 
specific sizes of routes or numbers of routers… 

 

Paul

 

 

From: Af  on behalf of Eric Kuhnke 
Reply-To: 
Date: Thursday, June 7, 2018 at 6:06 PM
To: 
Subject: Re: [AFMUG] OSPF - How large can a flat network grow?

 

Also worth mentioning that a lot of OSPF documentation available on the 
Internet, makes assumptions that were valid in 2002 or so...  When a typical 
router had a lot less DRAM and CPU. Such as a Cisco 3725/3745 or even something 
smaller like a 2621. 

 

Probably still true if you're trying to do OSPF on very small Mikrotiks but not 
as much of a concern in the modern era. The main bottleneck in routing 
platforms is FIB size and RAM for BGP tables, not so much OSPF. 

 

 

 

On Thu, Jun 7, 2018 at 1:15 PM, Dennis Burgess  wrote:

This is a “unanswerable” question.  In honesty, you can have 20k routes in OSPF 
and it be responsive so the routing platform does not have a limit.  The number 
of routers, is another issue, if you have 500 routers all fiber connected and 
they don’t go up/down much, then no big deal, however, if they do go up down 
quite a bit or you don’t know how to manage them, then yes this can be a 
factor. The last thing is convergence time, if you have lots of fiber, and/or 
well connected routers, then that is not a major issue, break part of your 
network and see how long it takes for a reroute, if that is acceptable, then 
again no worries.

 

Now OSPF books, state that you should have no more than 75-100 routers, but I 
have read things that state no more than 50 and I have other networks that have 
more than 500. So..  Again, it’s not a good answerable question.  

 

However, my suggestion is to look at your network as a whole and see if there 
is some kind of logic, to splitting up your OSPF domains.  You can use OSPF 
areas, or you can use BGP between them.  But there needs to be a good, constant 
method to splitting your network like that.  Keep in mind that using defaults 
will cause traffic to shift, etc, so you need to plan plan plan…

 

Just my two cents.

 

 

 

Dennis Burgess, Mikrotik Certified Trainer 

Author of "Learn RouterOS- Second Edition” 

Link Technologies, Inc -- Mikrotik & WISP Support Services 

Office: 314-735-0270  Website: http://www.linktechs.net 

Create Wireless Coverage’s with www.towercoverage.com 

 

From: Af  On Behalf Of Brough Turner
Sent: Thursday, June 7, 2018 1:41 PM
To: af@afmug.com
Subject: [AFMUG] OSPF - How large can a flat network grow?

 

We're an urban WISP with a dense mesh of wireless links and a router per 
building. I am concerned that, without paying attention, we have grown to 600+ 
routers and ~2550 routes in one OSPF domain. This network has a diverse mix of 
routers from CCR1036s down to RB750UPs. We're not having any OSPF problems at 
this time and I have plenty of other things to worry about, but I'd hate to hit 
some limit and have the whole thing blow up.

Does anyone have experience (positive or negative) with large flat OSPF 
networks?
And, if you have had problems, what were the problems? 
Thanks,
Brough

Brough Turner
netBlazr Inc. – Free your Broadband!
Mobile:  617-285-0433   Skype:  brough
netBlazr Inc. | Google+ | Twitter | LinkedIn | Facebook | Blog | Personal 
website 

 

 

Re: [AFMUG] OSPF - How large can a flat network grow?

[Paul Stewart]

Can’t comment on “small iron” routers as limited experience but can tell you 
with larger gear (which in theory has a lot more CPU/processing capability) 
that large OSPF networks (100k routes) exist and work just fine.  One company I 
consulted for a number of years ago had over 600k routes in OSPF .. seriously … 
and yes they did experience some issues but they were not big enough issues to 
warrant changing til a few years later when they migrated everything to ISIS 
anyways.  That’s the most extreme example and not one I personally recommend 

 

As others have mentioned, it’s a hard question to answer as there is no “one 
size fits all” … often it’s more about how the network is designed then 
specific sizes of routes or numbers of routers… 

 

Paul

 

 

From: Af  on behalf of Eric Kuhnke 
Reply-To: 
Date: Thursday, June 7, 2018 at 6:06 PM
To: 
Subject: Re: [AFMUG] OSPF - How large can a flat network grow?

 

Also worth mentioning that a lot of OSPF documentation available on the 
Internet, makes assumptions that were valid in 2002 or so...  When a typical 
router had a lot less DRAM and CPU. Such as a Cisco 3725/3745 or even something 
smaller like a 2621. 

 

Probably still true if you're trying to do OSPF on very small Mikrotiks but not 
as much of a concern in the modern era. The main bottleneck in routing 
platforms is FIB size and RAM for BGP tables, not so much OSPF. 

 

 

 

On Thu, Jun 7, 2018 at 1:15 PM, Dennis Burgess  wrote:

This is a “unanswerable” question.  In honesty, you can have 20k routes in OSPF 
and it be responsive so the routing platform does not have a limit.  The number 
of routers, is another issue, if you have 500 routers all fiber connected and 
they don’t go up/down much, then no big deal, however, if they do go up down 
quite a bit or you don’t know how to manage them, then yes this can be a 
factor. The last thing is convergence time, if you have lots of fiber, and/or 
well connected routers, then that is not a major issue, break part of your 
network and see how long it takes for a reroute, if that is acceptable, then 
again no worries.

 

Now OSPF books, state that you should have no more than 75-100 routers, but I 
have read things that state no more than 50 and I have other networks that have 
more than 500. So..  Again, it’s not a good answerable question.  

 

However, my suggestion is to look at your network as a whole and see if there 
is some kind of logic, to splitting up your OSPF domains.  You can use OSPF 
areas, or you can use BGP between them.  But there needs to be a good, constant 
method to splitting your network like that.  Keep in mind that using defaults 
will cause traffic to shift, etc, so you need to plan plan plan…

 

Just my two cents.

 

 

 

Dennis Burgess, Mikrotik Certified Trainer 

Author of "Learn RouterOS- Second Edition” 

Link Technologies, Inc -- Mikrotik & WISP Support Services 

Office: 314-735-0270  Website: http://www.linktechs.net 

Create Wireless Coverage’s with www.towercoverage.com 

 

From: Af  On Behalf Of Brough Turner
Sent: Thursday, June 7, 2018 1:41 PM
To: af@afmug.com
Subject: [AFMUG] OSPF - How large can a flat network grow?

 

We're an urban WISP with a dense mesh of wireless links and a router per 
building. I am concerned that, without paying attention, we have grown to 600+ 
routers and ~2550 routes in one OSPF domain. This network has a diverse mix of 
routers from CCR1036s down to RB750UPs. We're not having any OSPF problems at 
this time and I have plenty of other things to worry about, but I'd hate to hit 
some limit and have the whole thing blow up.

Does anyone have experience (positive or negative) with large flat OSPF 
networks?
And, if you have had problems, what were the problems? 
Thanks,
Brough

Brough Turner
netBlazr Inc. – Free your Broadband!
Mobile:  617-285-0433   Skype:  brough
netBlazr Inc. | Google+ | Twitter | LinkedIn | Facebook | Blog | Personal 
website 

 

 

Re: [AFMUG] Fiber Mapping - 2018

[Paul Stewart]

We utilize Patch Manager - https://patchmanager.com

 

It started as a great way to DCIM – data center racks across many locations etc 
but with their GIS mapping add-on and other features we’re looking to utilize 
it for fiber builds and should work pretty nicely …. 

 

Paul

 

 

From: Af  on behalf of Brian Webster 

Reply-To: 
Date: Friday, June 1, 2018 at 10:46 PM
To: 
Subject: Re: [AFMUG] Fiber Mapping - 2018

 

Yes QGIS is a great program and since it is open source you will find a lot of 
support and how to articles. Not as simple as Google Earth Pro but it has a lot 
more power. A real professional GIS platform. The key to its flexibility are 
the plugins you can download. Plan on spending some time reading through each 
of those descriptions to see if there are features you want. It certainly has a 
learning curve as does any mapping program. On the higher level you can 
actually connect to most database platforms so if you plan on managing your 
plant with more than spreadsheets you can keep both the mapping and database 
tied together as one.

 

Thank You,

Brian Webster

www.wirelessmapping.com

www.Broadband-Mapping.com

 

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Mark Radabaugh
Sent: Friday, June 01, 2018 5:12 PM
To: af@afmug.com
Subject: Re: [AFMUG] Fiber Mapping - 2018

 

QGIS is very useful and open source (as in free).   

 

Nothing specific for fiber mapping in it but it could pretty easily be used for 
it if I was ambitious enough to put all the info in.

 

Mark




On Jun 1, 2018, at 5:06 PM, Eric Kuhnke  wrote:

 

For basic needs, the advantage of doing mapping using Google Earth Pro is that 
most "serious" GIS packages support import and export to/from the XML format 
Google Earth uses. A line on the map on Google Earth or a multi-segmented line 
is just a collection of vector placemarks in a XML file with lat/long 
coordinates, with metadata describing the thickness of the line, the color of 
the line, how many intermediate points are on the line, and so forth. 

 

The best organizational advice I can give is to use folders and subfolders in 
Google Earth Pro appropriately to sort projects, so that you don't end up with 
a single folder that contains 500 unnamed lines. Might look fine when viewed on 
a map but can become an organization nightmare.

 

On Fri, Jun 1, 2018 at 1:34 PM, Cassidy B. Larson  wrote:

Last topic I see on this was from 2014. So maybe it’s time to review and ask 
again? What are you guys using for fiber mapping, now in 2018?

 

In 2014 I read:

Craig was doing google earth and excel sheets.

Chuck Hogg was using Manifold (kinda), and some Google Maps Engine.

Mike H was using ArcMap for his clients.

A few other google sheets. 

 

What’s changed, what’s new, what’re you using today? Same as before?  Something 
different? Why?




-c




 

 

Re: [AFMUG] OT NOC server choice

[Paul Stewart]

We utilize a combination of blade systems and 1U/2U servers …. Wouldn’t say 
blade systems are going away.  Basically the biggest sell point for them is 
space/power (footprint).  If space/power is at a premium (ie. 3rd party data 
center) and you need to put many servers into it then it can make sense …. In 
our case this is exactly why we continue to deploy Cisco ACS blade systems in 
particular – they work well and footprint is small.

 

In areas where we have abundant space/power then 1U servers are preferred 

 

Paul

 

 

From: Af  on behalf of Josh Luthman 

Reply-To: 
Date: Tuesday, May 15, 2018 at 4:04 PM
To: 
Subject: Re: [AFMUG] OT NOC server choice

 

Servers for what?

 

Blades are kind of a thing of the past, I think.  It's way easier and cheaper 
to do something like HA with ESXi.


 

Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373

 

On Tue, May 15, 2018 at 2:03 PM,  wrote:

I need a pair of servers, prefer DC powered but not absolutely stuck on that.  
Like to have nice blade server system with hot standby etc.  Been some time 
since I spec’d out servers.  

 

Any suggestions?

 

Re: [AFMUG] After Hours Tech Support

[Paul Stewart]

If you answer calls and return voicemails after hours you set expectation that 
you always will … so if those calls are important enough (and only you would 
know) then why not offer extended hours instead?  What I’m suggesting is 
sticking to published business hours and/or adjusting them to meet your 
customers needs.

> On Apr 25, 2018, at 7:39 PM, Matt  wrote:
> 
> How or what do you pay an employee to either answer phone calls or
> return voicemails after hours or on weekends?

Re: [AFMUG] 2000’ tower collapsed here today

[Paul Stewart]

Ouch …. 

 

From: Af  on behalf of Josh Luthman 

Reply-To: 
Date: Friday, April 20, 2018 at 10:17 AM
To: 
Subject: Re: [AFMUG] 2000’ tower collapsed here today

 

Saw this on Facebook (in a comment, take it for what it's worth):

Apparently they were changing out cross bracing and didn’t mount any supports 
before removing the original.


 

Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373

 

On Thu, Apr 19, 2018 at 5:21 PM,  wrote:

I suppose some of the guy wires and the lower section could have survived or 
were the last to fall... slowly.
Seems like a miracle.

-Original Message- From: Robert
Sent: Thursday, April 19, 2018 2:47 PM
To: af@afmug.com
Subject: Re: [AFMUG] 2000’ tower collapsed here today

Three guys at 200 feet survived..  Either bad reporting or a miracle...
or on another device...

On 4/19/18 1:31 PM, ch...@wbmfg.com wrote:

Just looking at the amount of junk on the ground, just doesn’t seem like enough 
stuff there for 2000’.
I guess if the majority of it pancaked into that tangled mass, could be. Still, 
100 20’ sections is a bunch of stuff.
*From:* Craig House
*Sent:* Thursday, April 19, 2018 2:21 PM
*To:* af@afmug.com
*Subject:* Re: [AFMUG] 2000’ tower collapsed here today
Nope. I’ve been on the tower next to it many times.  It’s got an elevator. 2000’

Sent from my iPhone

On Apr 19, 2018, at 16:16,   wrote:

Does not look like it was 2000 feet tall.  The antenna is mostly intact.
I wonder if they meant 200’ tall.
*From:* Craig House
*Sent:* Thursday, April 19, 2018 2:12 PM
*To:* af@afmug.com
*Subject:* [AFMUG] 2000’ tower collapsed here today
http://www.ky3.com/content/news/DRONE-VIDEO-TV-Tower-collapses-in-Fordland-Mo-field-480285143.html

Sent from my iPhone 

 

 

Re: [AFMUG] PCI Compliance scan rejecting wildcard cert (CN)

[Paul Stewart]

Currently we still use some wildcards and have never had issues with PCI (level 
1) compliance from using them ….

 

Paul

 

 

From: Af  on behalf of Jeremy 
Reply-To: 
Date: Wednesday, April 11, 2018 at 11:14 AM
To: 
Subject: [AFMUG] PCI Compliance scan rejecting wildcard cert (CN)

 

We keep failing our PCI compliance over what I believe is an error on their 
side.  Our wildcard cert covers *.bluespring.me, which is used on multiple 
servers.  They are wanting an exact match to our domain on the CN, which is 
"65-126-126-5.dia.static.bluespring.me".  To me, *.bluesping.me IS a match.  If 
I change the CN to that specific billing server then it will not match the 
website server.  It was my understanding that this is the entire point of 
having a wildcard cert.  Anyone else ever gone through this?  Does their 
analysis that *.bluespring.me is NOT a match seem right to everyone here?

Re: [AFMUG] OT SIP issue

[Paul Stewart]

I would add that when SIP ALG is on with some routers it breaks things too … 
point being to try it both ways ☺

 

From: Af  on behalf of George Skorup 

Reply-To: 
Date: Sunday, April 8, 2018 at 5:29 PM
To: 
Subject: Re: [AFMUG] OT SIP issue

 

What kind of router/firewall are you working with? No audio is usually a SIP 
ALG thing. You need the ALG on to rewrite the SIP headers when behind NAT.

On 4/8/2018 2:30 PM, Chuck McCown wrote:

Tried both ways, no joy.

Sent from my iPhone


On Apr 8, 2018, at 1:23 PM, Forrest Christian (List Account) 
 wrote:

Are they behind nat? 

 

Sounds like it might be a reinvite issue, asterisk will try to get out of the 
audio path by telling the endpoints to talk directly to each other.   If nat is 
involved asterisk will often tell the endpoints to talk directly even if they 
have no direct connection between them.

 

Disabling reinvite may help if this is the case.

 

On Sun, Apr 8, 2018, 11:27 AM Chuck McCown  wrote:

Pulling our hair out.  The Aastra phones will call each other, we can send dtmf 
but no audio.  Linksys sip ata does the same thing.  These were working, very 
frustrating.  

Re: [AFMUG] DDOS protection

[Paul Stewart]

Not exactly like that but yes … we utilize Arbor Peakflow for detection (using 
Netflow data) and Arbor TMS for mitigation (using BGP offramping) … works very 
well but most would say it’s not cost effective .. 

 

 

 

From: Af  on behalf of Paul McCall 
Reply-To: 
Date: Monday, April 2, 2018 at 2:12 PM
To: "af@afmug.com" 
Subject: [AFMUG] DDOS protection

 

Anybody used a device like this at Layer 2 in between your core and an 
upstream?   Purpose: Protection / Mitigation of DDOS attacks.

 

http://www.serveru.us/en/

 

We have 1 Gbit interfaces currently, but that will jump up to 10Gbit interfaces 
soon.

 

Paul

 

Paul McCall, President

PDMNet, Inc. / Florida Broadband, Inc.

658 Old Dixie Highway

Vero Beach, FL 32962

772-564-6800  

pa...@pdmnet.net

www.pdmnet.com

www.floridabroadband.com

 

 

Re: [AFMUG] new DNS

[Paul Stewart]

I know there is often debates on here about running any servers, some servers, 
or doing everything in-house (mail, web, DNS etc).  Even if you outsource 
everything I would still run recursive caching DNS …. Performance and 
reliability the main reasons.  Some CDN’s and other services determine the path 
to send you content based on where the DNS look up occurs and in our case 
that’s a significant factor … 

 

We operate our own anycasted DNS …actually two of them.  One set of servers for 
recursive caching and another set for authoritative DNS.

 

Paul

 

 

From: Af  on behalf of "Forrest Christian (List Account)" 

Reply-To: 
Date: Tuesday, April 3, 2018 at 4:33 AM
To: af 
Subject: Re: [AFMUG] new DNS

 

Because it's good for your customers, and it should take very little time to 
set one up.

 

The main reason for this is so that websites serve data from the closest server 
due to the way that DNS anycast works.

 

And, the biggest one - to have control over a critical piece of infrastructure 
for your customers.  What happens if one of these public DNS services go down 
and you have hundreds of customers pointing at it?   

 

On Mon, Apr 2, 2018 at 11:33 PM, Adam Moffett  wrote:

Someone remind me again why I have my own recursive DNS.

 

 

-- Original Message --

From: "Josh Reynolds" 

To: af@afmug.com

Sent: 4/2/2018 3:22:57 PM

Subject: Re: [AFMUG] new DNS

 

Yes, bunch of discussions over the past few days on NANOG and some of the 
vendor mailing lists.

 

On Mon, Apr 2, 2018, 2:21 PM Travis Johnson  wrote:

https://gizmodo.com/how-to-speed-up-your-internet-and-protect-your-privacy-1824256587

Faster and more private than Google or others. :)

Travis



 

-- 

Forrest Christian CEO, PacketFlux Technologies, Inc.Tel: 406-449-3345 | 
Address: 3577 Countryside Road, Helena, MT 59602
forre...@imach.com | http://www.packetflux.com  

Re: [AFMUG] List Delay

[Paul Stewart]

Yeah .. I just had a posting come through from last week – originally thought 
it was because I was in Carribean with horrible service but now realizing that 
it was queued up somewhere …

 

 

From: Af  on behalf of Chuck McCown 
Reply-To: 
Date: Wednesday, March 21, 2018 at 7:12 PM
To: 
Subject: [AFMUG] List Delay

 

On one of my most recent postings there was a 40 hour delay between posting and 
listing.  

Re: [AFMUG] Require Recent Web Browser?

[Paul Stewart]

Ahhh… the good old days … 

 

From: Af  on behalf of "Forrest Christian (List Account)" 

Reply-To: 
Date: Wednesday, March 21, 2018 at 11:19 AM
To: af 
Subject: Re: [AFMUG] Require Recent Web Browser?

 

I remember when lynx was an acceptable Web browser.  But again I also remember 
when the Web didn't exist and it was email, ftp, telnet, and gopher.

 

On Mar 18, 2018 12:35 AM,  wrote:

As long as netscape still works I am good.  

 

From: Sean Heskett 

Sent: Thursday, March 15, 2018 11:14 PM

To: af@afmug.com 

Subject: Re: [AFMUG] Require Recent Web Browser?

 

Use modern technologies.  Your customer base is tech savvy enough and should 
not be using old browsers and if they are then too bad.

 

2 cents

 

-sean

 

 

On Wed, Mar 14, 2018 at 5:49 PM Forrest Christian (List Account) 
 wrote:

A bit of a survey here 

 

A couple of features I'm looking at for current/future products would be much 
easier to implement using a certain feature found only in relatively new web 
browsers, aka, Chrome/Firefox/Edge updated within the last year.

 

One specific browser feature I'm looking at is webassembly.  Various tools out 
there indicate that around 87% of the installed/active browsers on the internet 
are recent enough for native support.   Most of the browsers gained support for 
this feature early to mid last year.   With autoupdates being the rule instead 
of the exception, anyone on a recent auto-updating web browser should support 
this.  I'm mostly concerned about 'the rest'.

 

Support for the older browsers is possible, but it adds a level of complexity 
(specifically a level of testing) which I would prefer not to do if I could get 
away without it. 

 

To be clear:  Almost all of the functionality of the upcoming products won't 
require these functions.  A specific example of something that might require 
this is setting up the scripting functionality as I'm looking at various 
technologies which would work best if I could run a chunk of webassembly code 
in the browser as part of the code editor.  However, other than editing a 
script, the rest of the functionality would work fine.

 

Thoughts?

 

-- 

Forrest Christian CEO, PacketFlux Technologies, Inc.Tel: 406-449-3345 | 
Address: 3577 Countryside Road, Helena, MT 59602
forre...@imach.com | http://www.packetflux.com  

Re: [AFMUG] Require Recent Web Browser?

[Paul Stewart]

Yes – can’t stress enough what Sean is saying here…. Customers need to keep up, 
the applications/services/software should not need to slow down because of a 
small number of customers who won’t keep current.  Those same customers will be 
the one who call your technical support to complain that their online banking 
doesn’t work as well 

 

 

From: Sean Heskett 

Sent: Thursday, March 15, 2018 11:14 PM

To: af@afmug.com 

Subject: Re: [AFMUG] Require Recent Web Browser?

 

Use modern technologies.  Your customer base is tech savvy enough and should 
not be using old browsers and if they are then too bad.

 

2 cents

 

-sean

 

 

On Wed, Mar 14, 2018 at 5:49 PM Forrest Christian (List Account) 
 wrote:

A bit of a survey here 

 

A couple of features I'm looking at for current/future products would be much 
easier to implement using a certain feature found only in relatively new web 
browsers, aka, Chrome/Firefox/Edge updated within the last year.

 

One specific browser feature I'm looking at is webassembly.  Various tools out 
there indicate that around 87% of the installed/active browsers on the internet 
are recent enough for native support.   Most of the browsers gained support for 
this feature early to mid last year.   With autoupdates being the rule instead 
of the exception, anyone on a recent auto-updating web browser should support 
this.  I'm mostly concerned about 'the rest'.

 

Support for the older browsers is possible, but it adds a level of complexity 
(specifically a level of testing) which I would prefer not to do if I could get 
away without it. 

 

To be clear:  Almost all of the functionality of the upcoming products won't 
require these functions.  A specific example of something that might require 
this is setting up the scripting functionality as I'm looking at various 
technologies which would work best if I could run a chunk of webassembly code 
in the browser as part of the code editor.  However, other than editing a 
script, the rest of the functionality would work fine.

 

Thoughts?

 

-- 

Forrest Christian CEO, PacketFlux Technologies, Inc.Tel: 406-449-3345 | 
Address: 3577 Countryside Road, Helena, MT 59602
forre...@imach.com | http://www.packetflux.com  

Re: [AFMUG] OT VPN over PPPOE

[Paul Stewart]

Unless you specifically recommended he contact Geek Squad then I’d suggest you 
are not morally responsible…. Just my two cents worth… 

 

From: Af  on behalf of 
Reply-To: 
Date: Wednesday, February 28, 2018 at 11:02 AM
To: 
Subject: Re: [AFMUG] OT VPN over PPPOE

 

We are not sure as we don’t want to experiment on him now.  

 

Just trying to determine if we feel we have a moral duty to reimburse him for 
his geek squad expenses.  

If his VPN is not robust enough for PPPOE, I don’t feel much compulsion.

But if this is common problem and we should have known it, then that is a 
different kettle of kittens.  

 

From: Donnie McCorkle 

Sent: Wednesday, February 28, 2018 8:12 AM

To: af@afmug.com 

Subject: Re: [AFMUG] OT VPN over PPPOE

 

Was his MTU a factor?  He would manually have to set it on the router behind 
the PPPoE connection.

The limitation would have evaporated when converted to DHCP.

 

 

From: Af [mailto:af-boun...@afmug.com] On Behalf Of Jaime Solorza
Sent: Tuesday, February 27, 2018 8:44 PM
To: Animal Farm 
Subject: Re: [AFMUG] OT VPN over PPPOE

 

Yeah Chuck, we went back and forth with Time Warner getting them to open ports 
on router for cameras...upgraded NVR and used vendor platform access to finally 
give manager remote access and monitoring to camp cameras.  

Jaime Solorza

 

On Feb 27, 2018 7:31 PM, "Lewis Bergman"  wrote:

I think I would tell him to did off. Try getting a credit from quest, att, 
Verizon, etc. Of course I have had some drinks

On Mon, Feb 26, 2018, 4:06 PM Chuck McCown  wrote:

Had a customer that works from home.  Could not make his VPN work.  

We thought perhaps it was a port issue.  Opened the ports on the Smart RG.  No 
good.

 

He spend $150 over the weekend on a geek squad type of service and they pointed 
their finger at us.  

 

So, just because we haven’t tried it, we switched him to DHCP and it started 
working.

We are in the process of converting everyone to DHCP.

 

He wants a credit in the amount of the money he paid the geek squad.  

 

Wonder if it was truly our fault.  Still don’t know why it started working or 
what the problem was.  


Spam
Phish/Fraud
Not spam
Forget previous vote

Re: [AFMUG] IPv6 Status

[Paul Stewart]

Yeah interesting ... been a while since I've done that myself ... surprised on 
a few of them (Amazon for example) not working as they typically have 

We need more ISP's to get on the IPv6 bandwagon though .. 

Paul


On 2018-02-27, 6:43 PM, "Af on behalf of Sterling Jacobson" 
 wrote:

Just for the hell of it I turned off IPv4 and just left IPv6 running on my 
public interface on my computer.

It's interesting to see what actually loads.

My Exchange client still works, but office265.com doesn't.

The Microsoft store works though, so I guess there are priorities, lol!

Facebook works, most google stuff works.

I'm using google IPv6 DNS though, so maybe they are discriminating...

Most of my bank URLs do not work.

Ebay doesn't work either.

Amazon no worky.

Youtube works, but interestingly a lot of their inline ads don't, so maybe 
that's a bonus.

My own website doesn't work.

Sonar works, as does my front page of my billing portal since I enabled 
IPv6 myself on it.
DigitalOcean works.

My response and routing for things that do work seem a lot better.

Blizzard launcher doesn't connect at all, so online gaming is out for that 
set of games anyways.

Speedtest.net doesn't work.

Most of these are saying ERR_NAME_NOT_RESOLVED or something similar with 
DNS like DNS_PROBE_FINISHED_NXDOMAIN

Re: [AFMUG] OT VPN over PPPOE

[Paul Stewart]

For what it’s worth, I VPN over PPPOE very often …. Works very well.  However I 
did have a point in time where it was totally unstable and after some wireshark 
traces I found it to be an MTU issue for sure.  The client was Pulse Secure 
(former Juniper Pulse) and I was unknowingly running an older client … the 
client didn’t do path discovery correctly and sent all traffic with DF bit set 
…doh …

 

I upgraded the client and all is well since 

 

Paul

 

 

From: Af  on behalf of Mathew Howard 

Reply-To: 
Date: Monday, February 26, 2018 at 7:57 PM
To: af 
Subject: Re: [AFMUG] OT VPN over PPPOE

 

It's a pretty good bet that any Pppoe connection is going to have an MTU of 
1492 or less... But yeah, any decent VPN client should be able to handle that 
just fine... and most un-decent ones too, for that matter

 

On Mon, Feb 26, 2018, 6:28 PM Forrest Christian (List Account) 
 wrote:

Depending on the exact settings in PPPoE it may have a smaller MTU than 'normal 
ethernet'.

 

Any decent VPN should be able to handle this, however.

 

-forrest

 

On Mon, Feb 26, 2018 at 5:06 PM, Chuck McCown  wrote:

Had a customer that works from home.  Could not make his VPN work.  

We thought perhaps it was a port issue.  Opened the ports on the Smart RG.  No 
good.

 

He spend $150 over the weekend on a geek squad type of service and they pointed 
their finger at us.  

 

So, just because we haven’t tried it, we switched him to DHCP and it started 
working.

We are in the process of converting everyone to DHCP.

 

He wants a credit in the amount of the money he paid the geek squad.  

 

Wonder if it was truly our fault.  Still don’t know why it started working or 
what the problem was.  



 

-- 

Forrest Christian CEO, PacketFlux Technologies, Inc.Tel: 406-449-3345 | 
Address: 3577 Countryside Road, Helena, MT 59602
forre...@imach.com | http://www.packetflux.com  

Re: [AFMUG] Email Server

[Paul Stewart]

That definitely makes it easier when there is no expectation of providing the 
email service  in most I dealt with, their competition was doing it so 
there was a certain competitive obligation to do so  

On 2018-02-23, 1:19 PM, "Af on behalf of Seth Mattinen" <af-boun...@afmug.com 
on behalf of se...@rollernet.us> wrote:

On 2/23/18 8:22 AM, Paul Stewart wrote:
> +1 on that … good systems go a long ways to reduce support calls.  I’d 
> also support another response that says it gets better with scale – if 
> you have hundreds of users vs 10’s or 100’s of thousands then 
> perspective on this can change quite a bit especially if you’re 
> outsourcing.  Every ISP I’ve ever worked for or consulted with ran their 
> own email infrastructure mainly because it’s an expected service from 
> the ISP and because of “scales of economy” where they already had staff 
> in place to support other server related infrastructure and email was a 
> part of that.



I've been running an email service since like 2005-ish. It pretty much 
runs on autopilot at this point. But if I were starting today I wouldn't 
bother, and I've never included or offered email with ISP services.

~Seth

Re: [AFMUG] Email Server

[Paul Stewart]

+1 on that … good systems go a long ways to reduce support calls.  I’d also 
support another response that says it gets better with scale – if you have 
hundreds of users vs 10’s or 100’s of thousands then perspective on this can 
change quite a bit especially if you’re outsourcing.  Every ISP I’ve ever 
worked for or consulted with ran their own email infrastructure mainly because 
it’s an expected service from the ISP and because of “scales of economy” where 
they already had staff in place to support other server related infrastructure 
and email was a part of that.

 

Paul

 

 

From: Af  on behalf of Mike Hammett 
Reply-To: 
Date: Friday, February 23, 2018 at 8:47 AM
To: 
Subject: Re: [AFMUG] Email Server

 

Throwing up basic Dovecot and Postfix and that's it on a VM is a bit different 
of a system than if you actually put some care into it.

Put in some time to have a good system and spend less on support.



-
Mike Hammett
Intelligent Computing Solutions

Midwest Internet Exchange

The Brothers WISP



From: "Lewis Bergman" 
To: af@afmug.com
Sent: Friday, February 23, 2018 7:42:12 AM
Subject: Re: [AFMUG] Email Server

Never do your own mail if you don't already do it. Maybe everyone here doing it 
has found some magic solution but I doubt it. As discussed n this thread, the 
users get in the way no matter what your efforts.

I am cynical, but I doubt anyone here is charging enough to make up for even 
the support costs much less the per user fees if not doing it themselves. 
Having said that, I guess you can go tell your users to sod off but I doubt 
many here do that. I could have had 1/5 th the number of support people had I 
not had email. What a pile of steaming poo email is to support. My guess would 
be that you would have to have upwards of 50k paid mailboxes to start to get 
ahead on the expenses. I am not even sure stupid users would even let that work.

I probably tried to provide a higher quality service than anyone should for 
email. Email users, by their own actions, not their words, demand an extremely 
low level of support. Charge enough for the support they demand and they'll go 
elsewhere. They want gmail prices (free) but have someone to call and bug the 
crap out of when they are to stupid or lazy to configure their client no matter 
what it is installed on. I think maybe you just have a call flow that says "if 
you have email trouble push 1, If you ..." When they press one, refer them to a 
web site, tell them the settings, curse at them and hang up. If they call back 
and press 2 or something the tech immediately forwards them to the message they 
would hear if pressing one without saying a word.

I am glad those of you who still do it have figured it out or don't know enough 
about accounting or cost assignment to know how much money you are losing on it.

 

On Thu, Feb 22, 2018 at 11:28 PM Steve Jones  wrote:

We would probably do our own mail if we had enough emails to get a good enough 
rate at rackspace to get a good enough rate to do email.

Also, if we had some eggs we could have ham and eggs, if we had some ham

 

On Feb 22, 2018 11:23 PM, "Steve Jones"  wrote:

Youre probably on the dame grandfather pricing we are

On Feb 22, 2018 10:54 PM, "Rob Genovesi"  wrote:

That's their retail price.  You can do much better on a wholesale agreement - 
price will probably depend on your quantity.  We got in real early and got a 
very good price that may not be available anymore.

As for tech headaches:  yes we have autodiscover set up and that catches a lot. 
 The biggest headaches are the uber-non technical that are afraid to do 
anything without "professional guidance" (we use that term loosely around here) 
or hacked/disabled accounts that need a password reset.

We use Google Apps internally and I love Gmail - was considering switching to G 
(before they pulled the plug on the ISP edition).  I polled some customers 
about it and we had more than a few customers that were concerned with Google 
getting in their pants.

-Rob

On Wed, Feb 21, 2018 at 9:47 AM, Steve Jones  wrote:

https://www.rackspace.com/en-us/email-hosting/webmail looks like around 2 bucks 
now

 

On Wed, Feb 21, 2018 at 11:31 AM, Matt  wrote:

What is the pricing for rackspace email?

 

 

 

Re: [AFMUG] Email Server

[Paul Stewart]

We run Icewarp as well ... our customers like the webmail interface is what I 
hear.  I'd recommend it to other folks unless you have a very large number of 
mailboxes (over 100k) - that's where we ran into significant issues with the 
platform  however most of those issues got fixed over time and we continue 
to use it currently.  

Paul

On 2018-02-20, 11:42 AM, "Af on behalf of Nate Burke"  wrote:

It's expensive (now) but Icewarp mail server has just worked for us for 
like 15 years.

On 2/20/2018 10:34 AM, Matt wrote:
> For those of you still providing your users with an email account what
> platforms are you using?

Re: [AFMUG] Static IPv6

[Paul Stewart]

We only charge for Ipv4 today .. Ipv6 static assignments are free for the time 
being.  At some point we may charge for them as a way to recover the costs 
associated internally to building out automation/tracking as nothing is free ☺

 

 

From: Af  on behalf of Adam Moffett 
Reply-To: 
Date: Monday, February 5, 2018 at 1:32 PM
To: "af@afmug.com" 
Subject: [AFMUG] Static IPv6

 

Re: [AFMUG] IPv6

[Paul Stewart]

Dual stack for sure without a doubt ….

 

 

From: Af  on behalf of Adam Moffett 
Reply-To: 
Date: Friday, February 2, 2018 at 5:03 PM
To: "af@afmug.com" 
Subject: [AFMUG] IPv6

 

Re: [AFMUG] VDSL2 DSLAM options

[Paul Stewart]

We use TA5000 from Adtran along with SmartRG CPE devices … works well 

 

Paul

 

 

From: Af  on behalf of Sam Lambie 
Reply-To: 
Date: Tuesday, January 16, 2018 at 11:09 AM
To: 
Subject: Re: [AFMUG] VDSL2 DSLAM options

 

I spoke with versatek yesterday and they were pretty helpful. I have been 
buying their gear for a while now and am happy with them. The min 8 port DSLAM 
is about $800 and the 24 port is about $1400. 

 

 

On Mon, Jan 15, 2018 at 2:49 PM, Dave  wrote:

Curious about this as we too have an older Dslam that needs upgrading

On 01/15/2018 10:51 AM, Sam Lambie wrote:

Hey all, 

I am looking at replacing a very old DSLAM that we have had in operation for 
the past 13 years. It is slow and dying. Looking at VDSL2 and am wondering if 
any of you have had experience with them.

The building is an old 1980's concrete behemoth that is a wifi killer, hence 
the need for the DSLAM.

Versatek has been good to me with other adsl2+ locations, but since we now have 
100 mbps+ of FTTH available to many MDUs, it make sense to look into faster 
DSLAM.

 

What about modems as well? Any particular brands that work better than others?

 

Thanks

Sam

 

-- 

-- 
Sam Lambie
Taosnet Wireless Tech.
575-758-7598 Office
www.Taosnet.com

 

-- 



 

-- 

-- 
Sam Lambie
Taosnet Wireless Tech.
575-758-7598 Office
www.Taosnet.com

Re: [AFMUG] Fwd: OT: IOS vs Android

[Paul Stewart]

Valid points and well said …. The one thing I’ll mention about iTunes is that 
it’s not needed if you utilize more of the Mac ecosystem.  I’ve never been a 
fan of it neither and I’m a huge Apple fan in general – when I ran Windows day 
to day it was seriously  a major pain as you mention – no question there ….

 

When you are running their iCloud, Mac computers etc then iTunes if only useful 
to actually purchase music/movies etc … other than that it’s not needed and 
that’s one thing I really like ☺

 

 

 

From: Af  on behalf of Adam Moffett 
Reply-To: 
Date: Monday, December 18, 2017 at 7:53 AM
To: 
Subject: Re: [AFMUG] Fwd: OT: IOS vs Android

 

I used a Samsung Galaxy S6 for awhile.  As compared to the iPhone I found it 
was less useful as a phone, but more useful as a small computer.

 

My complaints about the Android:  

1. The phone app was laggy and sometimes even froze.  I once or twice actually 
had to kill the app and restart it so I could make a phone call.  Someone 
informed me that I could download a different app to make cell phone calls 
with, but I don't see why I should have to.  Why didn't the vendor ensure that 
the cell phone functioned well as a cell phone before anything else? 

2. The phone itself was a lot more physically flexible compared to the iPhone's 
rigid aluminum frame.  I bought one of those otter box cases for the Samsung, 
whereas I never had more than a rubber padded cover around the iPhone.

3.  In general, more likely to have frozen/crashed apps.

 

My complaints about the iPhone:

1. Apple's restrictions on loading external data are frustrating, and really 
limit the usefulness of the phone as a handheld computer.  I believe I 
understand their strategy behind it, but I don't like it.  I'm pretty sure with 
a keyboard and screen attached I could do 75% of my work from a Samsung phone.  
With iPhone I can do emails and calendars, and work with Google Docs or other 
approved cloud based data.  

2. Non-standard USB connector.  Why was that necessary?

3. Can I repeat number 1 because it's so goddamn annoying?  I can install the 
Google Earth app, but I can't load a KML?  BS.  I can't even copy a picture or 
MP3 from the PC to the phone without using iTunes?  FU Apple.

 

I'm still using iPhone because I have bought apps in the Apple Store that I'd 
be annoyed about re-purchasing, and I first and foremost need the phone to be a 
phone.  I have a laptop for doing real work.

 

As far as Apple bias, I have used Macs before at work and it was not bad at 
all.  OSX was useful and reliable, and I actually liked having the Unix tools 
available.  I haven't used one daily in years, and I wouldn't buy one for 
myself mostly because in my job there are Windows specific applications that I 
need, and it always seemed like Macs were overpriced.  I'm not paying extra 
just to have a prettier computer.and I can run BSD or Linux to get all the 
Unix tools I want.

 

-Adam

 

 

-- Original Message --

From: "Jason Wilson" 

To: af@afmug.com

Sent: 12/18/2017 2:27:41 AM

Subject: [AFMUG] Fwd: OT: IOS vs Android

 



Convince me not to give up my Pixel XL for any version of an iPhone.  All of my 
Computers are MacOS.

 

Jason

Jason Wilson

Remotely Located

Providing High Speed Internet to out of the way places.

530-651-1736 Office

530-748-9608 Cell

www.remotelylocated.com

 

 

Re: [AFMUG] Fwd: OT: IOS vs Android

[Paul Stewart]

Having used both Android and IPhones …. iPhones I found more reliable and less 
prone to software issues … neither is perfect but my wife/kids hated me when I 
came home one day with new Samsung’s running Android – in fact after three 
months I ended up breaking cellular contracts and moving them back to iPhones.

 

Anyone who knows me knows that I’m a fairly big Apple fan – so before you think 
I’m biased (because I probably am personally), then business wise, we have 90% 
iPhones in use, 9% Android, and 1% BB … again, the most reliable phones for us 
is Apple hands down and that’s a lot of phones in use … 

 

My two cents worth ☺

 

Paul

 

 

 

 

From: Af  on behalf of Mike Hammett 
Reply-To: 
Date: Monday, December 18, 2017 at 7:26 AM
To: 
Subject: Re: [AFMUG] Fwd: OT: IOS vs Android

 

I can't imagine any scenario where I would give up Android for iPhone.

Especially an IT person.

Especially a radio person.



-
Mike Hammett
Intelligent Computing Solutions

Midwest Internet Exchange

The Brothers WISP



From: "Jason Wilson" 
To: af@afmug.com
Sent: Monday, December 18, 2017 1:27:41 AM
Subject: [AFMUG] Fwd: OT: IOS vs Android

 

Convince me not to give up my Pixel XL for any version of an iPhone.  All of my 
Computers are MacOS.

 

Jason

Jason Wilson

Remotely Located

Providing High Speed Internet to out of the way places.

530-651-1736 Office

530-748-9608 Cell

www.remotelylocated.com

 

 

 

Re: [AFMUG] Residential router recommendation.

[Paul Stewart]

Personally use an Asus as my default router at home when I’m not playing with 
Cisco/Juniper/Fortigate “non-home” routers …

I have the RT-AC87R and an impressed …. Never lets me down and handles whatever 
I throw at it … the wireless is pretty good too IMHO

Netgear Nighthawk – bought one before the Asus and returned it within a few 
days … their tech support is absolutely horrible to deal with … 4 hours waiting 
on hold to be told that my router is “incompatible with Canadian Internet 
services” …. ROFL … issue ended up being poorly written code after pushing the 
issues for a couple of hours and finding out the firmware would be released (to 
solve the problem which was IPv6 related) – that release was slated for 
sometime in the next year ;(

-p

On 2017-12-02, 12:03 PM, "Af on behalf of Mitch Koep"  wrote:

We also recommend Asus now as the netgear have become undependable

The Asus have been rock solid

Mitch


On 12/2/2017 10:49 AM, Sterling Jacobson wrote:
> My main recommendations now are Asus and Netgear Nighthawk (NOT regular 
Netgear, those suck).
>
> I don't provide routers to our customers, so I'm thinking we now have 
hundreds of either brand/line of these routers and they seem to be the least 
failure prone.
>
> -Original Message-
> From: Af [mailto:af-boun...@afmug.com] On Behalf Of Jay Weekley
> Sent: Saturday, December 2, 2017 9:43 AM
> To: af@afmug.com
> Subject: [AFMUG] Residential router recommendation.
>
> I have a friend that is looking for a new router from a big box store
> like Best Buy, Walmart or Officemax.   Since I've been using Mikrotiks
> and the occasional Readynet and TPlink for the past several years I have 
no idea what to tell them to get.  It's not for a customer and I will hopefully 
have nothing to do with this router.  If you were me what would you tell them 
to get?

Re: [AFMUG] PPS limits

[Paul Stewart]

The top attacks we see daily are DNS amplification attacks and IP fragmentation 
attacks ….   SSDP and NTP based floods used to be really high at one point but 
dropped off quite a bit in past 6 months…

 

Typical IP fragmentation attack in the past 24 hours is upwards of 7.5mpps at 
16Gbps – often smaller and sometimes larger…. DNS amplification follows a 
similar stat 

 

 

 

From: Af  on behalf of Zach Underwood 

Reply-To: 
Date: Tuesday, November 14, 2017 at 9:30 PM
To: 
Subject: Re: [AFMUG] PPS limits

 

So far the last 30 days attacks has been dsl end users(we dont mitigate just 
pass traffic) in the evening and after hours. Then schools get attack during 
the school day we and mitigation for our clients and pass the traffic for the 
non clients of the ddos service. 

 

Thanks guys this has given an a few ideas for thresholds.

 

PS George The below attack was from today

159.6 Mbps/415.5 Kpps peak

Nov 14 07:01 – 13:26 (almost 6+1/2 hours)

all icmp

 

 

On Tue, Nov 14, 2017 at 9:13 PM, Josh Reynolds  wrote:

Imagine shit talking people with no repercussions. Imagine having a
lan party every day with hundreds or thousands of people.

That's what kids who play games online these days experience. It's not
exactly the same, but it's pretty close.


On Tue, Nov 14, 2017 at 8:11 PM, Dave  wrote:
> I really wish the kids would interact more personal like the 80's arcades
> that died.
> Maybe even a group over lan party with some DUKE NUKEM 3D LOL!
>
>
> On 11/14/2017 08:08 PM, George Skorup wrote:
>
> I've seen several DDoS attacks targeting the Xbox shit talking kids. The
> normal garbage UDP floods >100k PPS doesn't seem to affect CCRs all that
> much. The last time the CPU jumped from 3% to maybe 10%. But recently I saw
> an ICMP flood type attack (yet again targeting the Xbox dipshits). The
> CCR1036-12G-4S did not like that at all. The CPU load was around 90% and
> winbox was very sluggish.
>
> On 11/14/2017 8:00 PM, Sterling Jacobson wrote:
>
> Most standard routers would die on that much pps of that size.
>
>
>
> If you look on routerboard.com at the mikrotik stuff, they have charts at
> the bottom of most of their gear that show how much traffic they can move
> given the packet size and pps and Mbps etc.
>
>
>
> Compare that with the CPU and you can get an idea of what it takes to
> switch/router or packet inspect stuff with rules.
>
>
>
> From: Af [mailto:af-boun...@afmug.com] On Behalf Of Zach Underwood
> Sent: Tuesday, November 14, 2017 2:32 PM
> To: af@afmug.com
> Subject: [AFMUG] PPS limits
>
>
>
> I am trying to put some ddos attacks in perspective in terms of pps.
>
>
>
> Here are two examples
>
> 545.4 Mbps/2.4 Mpps udp packet size less than 150byte
>
> 2.0 Gbps/8.5 Mpps udp packet size less than 150byte
>
>
>
> What size router would fall over with 1+ Mpps of traffic.
>
> example ubnt ER-8 clams 2Mpps.
>
>
>
>
> --
>
> Zach Underwood (RHCE,RHCSA,RHCT,UACA)
>
> My website
>
> advance-networking.com
>
>
>



 

-- 

Zach Underwood (RHCE,RHCSA,RHCT,UACA)

My website

advance-networking.com

Re: [AFMUG] PPS limits

[Paul Stewart]

Not sure specific to ubnt routers – depends on how they handle exception 
traffic like that ….

 

But what I would suggest is when reading specs on routers, try to get real 
world feedback as it seems you are asking for.. Many spec sheets on routers 
have PPS ratings for IMIX traffic or large packets – small packets millions at 
a time are a whole different story ;)

 

Paul

 

 

From: Af  on behalf of Zach Underwood 

Reply-To: 
Date: Tuesday, November 14, 2017 at 4:32 PM
To: 
Subject: [AFMUG] PPS limits

 

I am trying to put some ddos attacks in perspective in terms of pps.

 

Here are two examples

545.4 Mbps/2.4 Mpps udp packet size less than 150byte

2.0 Gbps/8.5 Mpps udp packet size less than 150byte

 

What size router would fall over with 1+ Mpps of traffic.

example ubnt ER-8 clams 2Mpps.


 

-- 

Zach Underwood (RHCE,RHCSA,RHCT,UACA)

My website

advance-networking.com

Re: [AFMUG] IPv6 for management

[Paul Stewart]

+1 …  almost everything in our management networks (which are completely 
separate logically from any other networks) are dual stack.  Also for HTTPS 
it’s the only form of web based management permitted (and only on devices where 
web interface is the only way to manage it).

 

Paul

 

 

From: Af  on behalf of George Skorup 

Reply-To: 
Date: Thursday, October 19, 2017 at 7:34 PM
To: 
Subject: Re: [AFMUG] IPv6 for management

 

IMO, dual stack or forget IPv6 entirely.

On 10/19/2017 6:20 PM, Forrest Christian (List Account) wrote:

So, after the response to me mentioning https:// for device management, I 
figured I'd ask about the following: 

 

How about IPv6?   It's on my list as well to look at...Does anyone see any 
real need for having your management gear on IPv6 instead of IPv4, at least in 
the near term?
 

-- 

Forrest Christian CEO, PacketFlux Technologies, Inc.Tel: 406-449-3345 | 
Address: 3577 Countryside Road, Helena, MT 59602
forre...@imach.com | http://www.packetflux.com  

Re: [AFMUG] OT: Home Automation etc

[Paul Stewart]

Thanks!  I have been meaning to play around with some of that stuff myself .. 
I’m HomeKit focused but have seen some stuff Zwave and I think Zigbee oriented 
that runs open source under Linux - just never had a chance to play yet ;)

> On Sep 5, 2017, at 12:33 PM, Steve Jones <thatoneguyst...@gmail.com> wrote:
> 
> I just finally got around to spinning up my rasberry pi, I did osmc for a 
> kodi box. Super simple. I knew what these pis were, just little computers, 
> but i was thinking in my head like a cellphone. Came across some really cool 
> home automation projects for these things (i buy direct from china grade A 
> knockoffs on the cheap) you can get into pretty inexpensively with very low 
> power demand
> 
> On Mon, Sep 4, 2017 at 5:03 PM, Paul Stewart <p...@paulstewart.org 
> <mailto:p...@paulstewart.org>> wrote:
> Just a shameless plug for my new blog I started back up a few weeks back …. 
> It touches on home automation (which I know in previous discussions many 
> folks on here find interesting) and a bit of home improvement stuff etc….
> 
> https://paulstewart.org <https://paulstewart.org/> if you’re interested :)
> 
> Paul
> 
> 

Re: [AFMUG] shadowserver reports

[Paul Stewart]

Usually it means one of their honeypot servers (shadow servers) got hit with an 
attack signature from the IP they listed …. Usually that’s how they do the 
detection ….

> On Sep 5, 2017, at 10:40 AM, Steve Jones  wrote:
> 
> We get these reports, of yet i havent found any to be false positives, I 
> notify customers of s detected risk once then leave it on them.
> However we now have one thats reporting mirai botnet drone detection. We 
> notified the customer, it went away for a like a week and has resurfaced.
> hes got some ingenius gateway thing, looks like its an IP 
> camera/filesharing/gps location tracking deal.
> 
> Before I shut this customer off, I just want to be able to verify this isnt a 
> false positive. There are many scanners for this online but will only scan 
> the IP that originates, we did send him a link
> 
> The tools for scanning appears to limit to local subnet only.
> 
> shadowservers report isnt all that clear on whether its simply detected a 
> vulnerability, or has detected a fingerprint of the infection, If it didnt 
> specifically name the infection I would assume the former.

[AFMUG] OT: Home Automation etc

[Paul Stewart]

Just a shameless plug for my new blog I started back up a few weeks back …. It 
touches on home automation (which I know in previous discussions many folks on 
here find interesting) and a bit of home improvement stuff etc….

https://paulstewart.org if you’re interested :)

Paul

Re: [AFMUG] BGP Optimizers (Was: Validating possible BGP MITM attack)

[Paul Stewart]

I never found anything exciting about them … (and yes have wasted money on 
buying some of them a number of years ago) … they change outbound routing 
because that’s the only thing they can control (and perhaps the latest 
generation can influence your inbound routes) but I found they spit out fancy 
reports of all the things wrong that it fixed to save 1-2 ms on a bunch of 
routes…. 


> On Sep 1, 2017, at 8:59 AM, Mike Hammett  wrote:
> 
> There are appliances that receive your traffic information through various 
> ways (traffic flows, port mirroring, etc.) and see who you're communicating 
> with remotely. They then do tests to that destination out each of your 
> upstream interfaces. They determine which upstream has the best performance 
> to that destination and then adjust your BGP settings (advertised and 
> received) such as prefix length, communities, local pref, MED, etc. to move 
> that traffic to that upstream.
> 
> They do this to work around congestion, long AS paths that may be better than 
> short AS paths for whatever reason, etc.
> 
> 
> 
> -
> Mike Hammett
> Intelligent Computing Solutions 
>   
>  
>  
> 
> Midwest Internet Exchange 
>   
>  
> 
> The Brothers WISP 
>  
> 
> 
>  
> From: "Steve Jones"  >
> To: af@afmug.com 
> Sent: Thursday, August 31, 2017 10:45:03 PM
> Subject: [AFMUG] Fwd: Re: BGP Optimizers (Was: Validating possible BGP MITM   
>  attack)
> 
> Please convert this to a guy who just got into bgp. What are rhey talking 
> about exactly?
> -- Forwarded message --
> From: "Mike Hammett" >
> Date: Aug 31, 2017 9:06 PM
> Subject: Re: BGP Optimizers (Was: Validating possible BGP MITM attack)
> To: 
> Cc: >
> 
> Sorry for now taking up 1/4 of this thread
> 
> 
> My words in the last message don't match what I was thinking, but I think you 
> all get the point. I'm sick, maybe I should be in bed instead of on NANOG.
> 
> 
> 
> 
> -
> Mike Hammett
> Intelligent Computing Solutions
> http://www.ics-il.com 
> 
> Midwest-IX
> http://www.midwest-ix.com 
> 
> - Original Message -
> 
> From: "Mike Hammett" >
> Cc: na...@nanog.org 
> Sent: Thursday, August 31, 2017 9:02:07 PM
> Subject: Re: BGP Optimizers (Was: Validating possible BGP MITM attack)
> 
> Actually, I do remember that one of them would optimize inbound routes, but 
> only billed on outbound usage (as it was content-focused). My in is over 8x 
> my out, so hrm... maybe I'm on to something.
> 
> 
> 
> 
> -
> Mike Hammett
> Intelligent Computing Solutions
> http://www.ics-il.com 
> 
> Midwest-IX
> http://www.midwest-ix.com 
> 
> - Original Message -
> 
> From: "Mike Hammett" >
> Cc: na...@nanog.org 
> Sent: Thursday, August 31, 2017 8:55:46 PM
> Subject: Re: BGP Optimizers (Was: Validating possible BGP MITM attack)
> 
> I would like to use a BGP optimizer, but I'm too poor. :-\
> 
> That said, I'm also an eyeball network, so modifications of my own 
> advertisements are what affects the desired traffic, not so much the outbound 
> routes. I know the BGP optimization industry is weighted towards content 
> networks.
> 
> 
> 
> 
> -
> Mike Hammett
> Intelligent Computing Solutions
> http://www.ics-il.com 
> 
> Midwest-IX
> http://www.midwest-ix.com 
> 
> - Original Message -
> 
> From: "Job Snijders" >
> To: na...@nanog.org 
> Sent: Thursday, August 31, 2017 3:06:49 PM
> Subject: BGP Optimizers (Was: Validating possible BGP MITM attack)
> 
> Dear all,
> 
> disclaimer:
> 
> [ The following is targetted at the context where a BGP optimizer
> generates BGP announcement that are ordinarily not seen in the
> Default-Free Zone. The OP indicated they announce a /23, and were
> unpleasantly surprised to see two unauthorized announcements for /24
> more-specifics pop up in their alerting system. No permission was
> granted to create and announce these more-specifics. The AS_PATH
> for those /24 announcements was entirely fabricated. Original thread
> 

Re: [AFMUG] Who did what?

[Paul Stewart]

This is why you never give employees advance notice that their job is ending - 
too many grey areas in my opinion.

Prepare their exit package, meet with them first thing when they arrive at work 
that day, give them the package and explain things briefly, then walk them out 
the door.  It’s the simplest way to do it and best for the staff member and 
yourself.  Don’t let emotions and questions run into letting someone go - that 
never works out for anyone …. 

Paul


> On Aug 18, 2017, at 1:45 AM, Matt Hoppes  
> wrote:
> 
> I'm curious on opinions on a scenario...
> 
> Now, the way this plays out is somewhat like the AT call center from a few 
> weeks ago, but ignore that...
> 
> If an employee is told their last day is today, please complete the tasks 
> assigned to you and then go on your way.
> 
> BUT... the employee refuses to complete any of the jobs assigned to them and 
> instead immediately walks off the job telling you "find someone else to do 
> those tasks, I need to go look for work".
> 
> Did the employee get fired... or quit their job?

Re: [AFMUG] how far and much

[Paul Stewart]

Great questions … and something I should have elaborated on for sure…

Yes - each portion of the tower had it’s own isolated grounds besides the tower 
itself.  These went into a grounding grid built around the base of the site.  
The guy wires were of course all grounded out into their own grids as well.

The top of the tower was grounded and the bottom portion of the tower was 
grounded - both on separate isolated runs.

The point of entry including the raceway to hold the cables were grounded - the 
cabling (Heliax, LMR, and ethernet) all had grounded surge suppression in that 
section on the building exterior.  On the building interior, there was an exact 
replication of the outside (everything surge surpressed and grounded away from 
building itself).

The building itself was elevated on concrete posts and two grounds for the 
building itself were tied to the grid as I recall.  The concrete was made from 
a special mixture - wish I could remember the name of this stuff but it’s 
supposed to provide for additional protection going out to the grounding grids 
around the building… 

Each raceway, and portion of the lineups were tied into an interior grounding 
block which was then ran outside.

This is all by memory …. It was literally at $2mil site with equipment and 
tower.  There was a company brought in for the engineering aspects and another 
company specific to the grounding portions.  

Thanks,
Paul


> On Aug 16, 2017, at 10:21 AM, Chuck McCown <ch...@wbmfg.com> wrote:
> 
> So, was the tower mounted equipment isolated with its own ground wire?
> Curious about the improper isolation at the entry point. 
> What was the proper way and what did the improper installation do to violate 
> that?
>  
> From: Paul Stewart <>
> Sent: Wednesday, August 16, 2017 8:05 AM
> To: af@afmug.com <>
> Subject: Re: [AFMUG] how far and much
>  
> I’ve only ever encountered one tower (at former job) that was pretty 
> “bulletproof” … 
>  
> The tower was 350ft and located on the highest elevation for about 100 square 
> KM area … so it was a prime target for lightning strikes.  I don’t know 
> exactly how many times a year it took a hit but would guess at 8-10 times per 
> year it would have a direct hit.  There was only one time where any damage 
> occurred and it was because of some shoddy updates by a 3rd party contractor 
> whom didn’t do proper isolation at an entry point (effectively bypassing some 
> layers of protection).
>  
> That site had a full cellular deployment along with several PTP600’s for 
> backhaul and PMP320/PMP100 - with the cellular being at the very top and the 
> Cambium gear further down.
>  
> Paul
>  
>  
>> On Aug 16, 2017, at 9:11 AM, Eric Muehleisen <ericm...@gmail.com <>> wrote:
>>  
>> No such thing as a bullet proof tower. At least not in my area. All the 
>> over-engineering in the world can't stop a direct strike. Some days you get 
>> lucky, some days not. It's a roll of the dice.
>>  
>> On Wed, Aug 16, 2017 at 7:29 AM, David Milholen <dmilho...@wletc.com <>> 
>> wrote:
>>> I am asking for pure simple curiosity.
>>> How far would you go and how much would you spend to have a bullet proof 
>>> Tower site?
>>> I am looking for answers in small class tower to super duty types or leases.
>>> What I mean by bullet proof is How many time a year are you replacing gear 
>>> due to weather complications 
>>> or how many times are you going to back to the site to reboot something . 
>>> How many times are you remoting into a 
>>> site to adj power or channels to avoid interference. How many times are you 
>>> having to make adjustments to ethernet ports.
>>> All these tasks add up in time.
>>> Our team this year has only had to visit 2 sites unexpectedly due to 
>>> weather and take the next step in making it bullet proof.
>>>  
>>> 
>>> -- 
>>> 
>> 
>>  
> 
>  

Re: [AFMUG] how far and much

[Paul Stewart]

I’ve only ever encountered one tower (at former job) that was pretty 
“bulletproof” … 

The tower was 350ft and located on the highest elevation for about 100 square 
KM area … so it was a prime target for lightning strikes.  I don’t know exactly 
how many times a year it took a hit but would guess at 8-10 times per year it 
would have a direct hit.  There was only one time where any damage occurred and 
it was because of some shoddy updates by a 3rd party contractor whom didn’t do 
proper isolation at an entry point (effectively bypassing some layers of 
protection).

That site had a full cellular deployment along with several PTP600’s for 
backhaul and PMP320/PMP100 - with the cellular being at the very top and the 
Cambium gear further down.

Paul


> On Aug 16, 2017, at 9:11 AM, Eric Muehleisen  wrote:
> 
> No such thing as a bullet proof tower. At least not in my area. All the 
> over-engineering in the world can't stop a direct strike. Some days you get 
> lucky, some days not. It's a roll of the dice.
> 
> On Wed, Aug 16, 2017 at 7:29 AM, David Milholen  > wrote:
> I am asking for pure simple curiosity.
> 
> How far would you go and how much would you spend to have a bullet proof 
> Tower site?
> 
> I am looking for answers in small class tower to super duty types or leases.
> 
> What I mean by bullet proof is How many time a year are you replacing gear 
> due to weather complications 
> or how many times are you going to back to the site to reboot something . How 
> many times are you remoting into a 
> site to adj power or channels to avoid interference. How many times are you 
> having to make adjustments to ethernet ports.
> 
> All these tasks add up in time.
> 
> Our team this year has only had to visit 2 sites unexpectedly due to weather 
> and take the next step in making it bullet proof.
> 
> 
> 
> -- 
> 
> 

Re: [AFMUG] Toughswitch/low cost ethernet forwarding failure reminder?

[Paul Stewart]

We tested this extensively and experienced a lot of random issues with their 
switches …. Random forwarding issues was one but the larger issue was simply 
hardware failure.  Inherited some of them through acquirement (a few) and then 
also in our wireless network they were the original “goto” switch and pretty 
much all replaced now last I heard (again due to hardware failures)


> On Aug 15, 2017, at 7:56 AM, Josh Reynolds  wrote:
> 
> Yes, that is a huge issue with them. It started the Great WISP Buffer Debate 
> of $YEAR of which nothing ever came. One of the longest threads in UBNT Forum 
> History.
> 
> On Aug 15, 2017 6:51 AM, "Mike Hammett"  > wrote:
> Some were related to inadequate buffer sizes causing mixing 100 meg and 1 gig 
> interfaces to have issues.
> 
> 
> 
> -
> Mike Hammett
> Intelligent Computing Solutions 
>   
>  
>  
> 
> Midwest Internet Exchange 
>   
>  
> 
> The Brothers WISP 
>  
> 
> 
>  
> From: "Forrest Christian (List Account)"  >
> To: "af" >
> Sent: Monday, August 14, 2017 4:13:54 PM
> Subject: Re: [AFMUG] Toughswitch/low cost ethernet forwarding failure
> reminder?
> 
> 
> The old archived emails I've found on the toughswitch problem was random 
> packetloss.   But I remember someone had figured out more details, just don't 
> remember what they were and haven't found an email which contains the 
> discussion.  I vaguely think it might have been load or pps related, but 
> before what you'd think was full load.
> 
> On Mon, Aug 14, 2017 at 1:41 PM, Josh Reynolds  > wrote:
> Fill up the bridge table and see how it responds, for one.
> 
> Not forwarding though, sounds like a chipset bug you'd need to catch.
> 
> On Aug 14, 2017 3:39 PM, "Forrest Christian (List Account)" 
> > wrote:
> Let me phrase this differently:  I am evaluating a new switch platform that I 
> am skeptical of.   I want to construct a test that the toughswitch would fail 
> (but a properly operating switch should pass) to ensure that this platform 
> hasn't made a similar error.
> 
> If there are other known bad platforms I would like to include those in this 
> test suite as well.
>  
>  
> 
> On Mon, Aug 14, 2017 at 12:12 PM, Josh Luthman  > wrote:
> Symptom of Toughswitch is you installed one in the network.  Get rid of it.
> 
> Use a PowerBox or Netonix.
> 
> Josh Luthman
> Office: 937-552-2340 
> Direct: 937-552-2343 
> 1100 Wayne St
> Suite 1337
> Troy, OH 45373
> 
> On Aug 14, 2017 1:18 PM, "Forrest Christian (List Account)" 
> > wrote:
> Could someone who is familiar with the problem with a the packet forwarding 
> problems that were seen with a toughswitch remind me about the details of the 
> symptoms/cause?
> 
> I also remember similar problems with certain other switches.
> 
> I am evaluating a couple of switches and want to make sure I can validate 
> that this problem doesn't occur.
> 
> -- 
> Forrest Christian CEO, PacketFlux Technologies, Inc.
> Tel: 406-449-3345 <> | Address: 3577 Countryside Road, Helena, MT 59602
> forre...@imach.com  | http://www.packetflux.com 
> 
>      
> 
> 
> 
> 
> 
> -- 
> Forrest Christian CEO, PacketFlux Technologies, Inc.
> Tel: 406-449-3345 <> | Address: 3577 Countryside Road, Helena, MT 59602
> forre...@imach.com  | http://www.packetflux.com 
> 
>      
> 
> 
> 
> 
> 
> 
> -- 
> Forrest Christian CEO, PacketFlux Technologies, Inc.
> Tel: 406-449-3345 <> | Address: 3577 Countryside Road, Helena, MT 59602
> forre...@imach.com  | http://www.packetflux.com 
> 
>      
> 
> 
> 

Re: [AFMUG] Document scanners

[Paul Stewart]

For what it’s worth, a friend of mine’s company does scanning on large scale.  
They work with medical and legal outfits the most where they take thousands and 
thousands of documents, scan them, and through their software system created a 
fully searchable database application.  Neat business really ….

Anyways, they use nothing but high end Fujistu scanners and swear by them …. 
something like $4k a piece the units they are using but their more economical 
units are supposed to be pretty good too especially if you’re not doing many 
thousands daily kind of thing …

Paul

> On Aug 10, 2017, at 2:55 PM, Lewis Bergman  wrote:
> 
> I'll second the Fujitsu ScanSnap iX500 Wireless Desktop Scanner. We have both 
> it and 2 neats. While I like the simplicity of the neat scanners for a couple 
> of reasons the Fujitsu seems to scan anything you can cram in it while the 
> neat often refuses to scan a perfect piece of paper for some mystery reason.
> On Thu, Aug 10, 2017, 10:52 AM SmarterBroadband  > wrote:
> I like my
> 
>  
> 
> Fujitsu ScanSnap iX500 Wireless Desktop Scanner
> 
>  
> 
> Auto feed, scans both sides, scans to PDF, straightens crooked scans, OCRs so 
> fully searchable PDF.
> 
>  
> 
> Adam
> 
>  
> 
> From: Af [mailto:af-boun...@afmug.com ] On 
> Behalf Of Jason McKemie
> Sent: Thursday, August 10, 2017 7:50 AM
> To: af@afmug.com 
> Subject: [AFMUG] Document scanners
> 
>  
> 
> Any recommendations on these? There is a 5 year old thread I found where Neat 
> and Fujitsu were recommended - nothing newer though.
> 

Re: [AFMUG] Matt Hoppes and Missouri IX

[Paul Stewart]

> 
> I'm not sure IX employees ever really work in the MMR, rarely in the data 
> center at all. Once a month? Once every other month?

Depends on the IX (as I get off topic here) … some of them are daily in MMR’s.  
As for DC’s themselves, I can speak personally about one IX in particular where 
it’s 2-3 times a week I’d estimate and another one that is manned within the DC 
24x7.  
> 
>  An MMR not maintained by volunteers, but the paid building management. No 
> one's volunteered blood, sweat and tears went into it. Someone paid to do it 
> was.
> 
True … but lots of volunteers from IX’s sometimes have access to the MMR’s to 
do their work. It varies of course… quite a number of IX’s use colo providers 
whom are paid to do that MMR work but that’s not alway the case ….

Anyways - moot points here and I’m dropping from the conversation as probably 
not helping here :)  


> 
> 
> -
> Mike Hammett
> Intelligent Computing Solutions <http://www.ics-il.com/>
>  <https://www.facebook.com/ICSIL> 
> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> 
> <https://www.linkedin.com/company/intelligent-computing-solutions> 
> <https://twitter.com/ICSIL>
> Midwest Internet Exchange <http://www.midwest-ix.com/>
>  <https://www.facebook.com/mdwestix> 
> <https://www.linkedin.com/company/midwest-internet-exchange> 
> <https://twitter.com/mdwestix>
> The Brothers WISP <http://www.thebrotherswisp.com/>
>  <https://www.facebook.com/thebrotherswisp>
> 
> 
>  <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg>
> From: "Paul Stewart" <p...@paulstewart.org <mailto:p...@paulstewart.org>>
> To: "Animal Farm" <af@afmug.com <mailto:af@afmug.com>>
> Sent: Sunday, August 6, 2017 6:56:15 AM
> Subject: Re: [AFMUG] Matt Hoppes and Missouri IX
> 
> I believe the issue is that the picture may not represent the actual IX in 
> question (or MMR of the building where the IX is located might be more 
> accurate).  Basically, and pardon me possibly putting words in some people’s 
> mouthes here, when a group of people put a lot of work into something and 
> then a picture of that work is used elsewhere to possibly resemble where a 
> potential employee would work then it’s just misleading and could be 
> considered offensive to the people who did all the work originally ….. make 
> sense?
> 
> You’ll notice my choice of words here because I’m making assumptions about 
> why the folks involved are upset and try to put myself in their shoes, at 
> which point, if I have all my facts straight, I would be quite upset as well 
> because it would look like someone else is taking complete credit for someone 
> else’s work …. In the world of IX’s (something I do know a lot about) there 
> is often people who don’t get pay checks as they volunteer however they get 
> the rewards to contributing towards a great thing for the community … if you 
> haven’t been involved at that level you may not understand anything I’m 
> suggesting here ….
> 
> Paul
> 
> 
> On Aug 5, 2017, at 8:42 PM, Mitch Koep <af...@abwisp.com 
> <mailto:af...@abwisp.com>> wrote:
> 
> Question??
> Eric
> Why are you so upset?
> Did you have a bad dealing with someone and this is get back at them time?
> I agree with Faisal it's a picture
> Mitch
> On 8/5/2017 11:29 AM, Faisal Imtiaz wrote:
> Share with you a related story
> 
> I was in a Conf. room of one of our Colo Facilities Providers, they had some 
> pictures on their Conf. Room wall, which all were nice.. but there was one 
> picture that caught eye and appeared to be very familiar.. it was a picture 
> of cluster of antennas mounted on the roof of that facility...
> 
> Upon a closer look, I recognized that that cluster was our antennas ! ... so 
> instantly two emotions came to mind... one was .. Hey that is a nice picture 
> ! I know to whom that stuff belongs to !... and the second... How dare you 
> take pictures of my equipment and hang it your conf. room (we don't buy roof 
> access from them)  !...
> 
> To me personally, the former feeling overcame the latter reaction... and I 
> actually felt proud of our little Cluster that someone viewed presentable 
> enough to put in their conf. room.
> 
> Having said that.. if you are not the copyright owner of the photo.. then why 
> does it bother you at all ? Hopefully you should feel proud that picture of 
> an actual facility you know is being liked by others and being promoted on 
> the net... 
> 
> and that is IMHO !
> 
> Of course everyone is entitled to their opinions and your mileage may vary !.
> 
> :)
> 
> Faisal Imtiaz
> Snappy Inter

Re: [AFMUG] Matt Hoppes and Missouri IX

[Paul Stewart]

I believe the issue is that the picture may not represent the actual IX in 
question (or MMR of the building where the IX is located might be more 
accurate).  Basically, and pardon me possibly putting words in some people’s 
mouthes here, when a group of people put a lot of work into something and then 
a picture of that work is used elsewhere to possibly resemble where a potential 
employee would work then it’s just misleading and could be considered offensive 
to the people who did all the work originally ….. make sense?

You’ll notice my choice of words here because I’m making assumptions about why 
the folks involved are upset and try to put myself in their shoes, at which 
point, if I have all my facts straight, I would be quite upset as well because 
it would look like someone else is taking complete credit for someone else’s 
work …. In the world of IX’s (something I do know a lot about) there is often 
people who don’t get pay checks as they volunteer however they get the rewards 
to contributing towards a great thing for the community … if you haven’t been 
involved at that level you may not understand anything I’m suggesting here ….

Paul


> On Aug 5, 2017, at 8:42 PM, Mitch Koep  wrote:
> 
> Question??
> 
> Eric
> 
> Why are you so upset?
> 
> Did you have a bad dealing with someone and this is get back at them time?
> 
> I agree with Faisal it's a picture
> 
> Mitch
> On 8/5/2017 11:29 AM, Faisal Imtiaz wrote:
>> Share with you a related story
>> 
>> I was in a Conf. room of one of our Colo Facilities Providers, they had some 
>> pictures on their Conf. Room wall, which all were nice.. but there was one 
>> picture that caught eye and appeared to be very familiar.. it was a picture 
>> of cluster of antennas mounted on the roof of that facility...
>> 
>> Upon a closer look, I recognized that that cluster was our antennas ! ... so 
>> instantly two emotions came to mind... one was .. Hey that is a nice picture 
>> ! I know to whom that stuff belongs to !... and the second... How dare you 
>> take pictures of my equipment and hang it your conf. room (we don't buy roof 
>> access from them)  !...
>> 
>> To me personally, the former feeling overcame the latter reaction... and I 
>> actually felt proud of our little Cluster that someone viewed presentable 
>> enough to put in their conf. room.
>> 
>> Having said that.. if you are not the copyright owner of the photo.. then 
>> why does it bother you at all ? Hopefully you should feel proud that picture 
>> of an actual facility you know is being liked by others and being promoted 
>> on the net... 
>> 
>> and that is IMHO !
>> 
>> Of course everyone is entitled to their opinions and your mileage may vary !.
>> 
>> :)
>> 
>> Faisal Imtiaz
>> Snappy Internet & Telecom
>> 7266 SW 48 Street
>> Miami, FL 33155
>> Tel: 305 663 5518 x 232
>> 
>> Help-desk: (305)663-5518 Option 2 or Email: supp...@snappytelecom.net 
>> 
>> 
>> From: "Eric Kuhnke"  
>> To: af@afmug.com 
>> Sent: Friday, August 4, 2017 7:38:33 PM
>> Subject: [AFMUG] Matt Hoppes and Missouri IX
>> I am not the copyright owner of the photo in question. This is only a 
>> request. 
>> Please stop using the photo of the Westin Building 1901 fiber meet-me room 
>> to advertise the Missouri IX. 
>> 
>> Property owners and ISPs in the Pacific Northwest have spent a great deal of 
>> time, money and effort building traffic exchange infrastructure.
>> 
>> In my opinion is not an accurate or factual depiction of whatever facilities 
>> may currently exist in Missouri to use a photograph from a carrier hotel in 
>> downtown Seattle.
>> 
>> 
>> 
> 

Re: [AFMUG] How do I decide if we need more technicians?

[Paul Stewart]

The number I used to get from folks from 1 tech per 1000 subs starting with 2 
techs on day one … but that can vary for financial and business reasons (ie. 
are these techs only doing install/repair or are they also tech 
support/billing/jack of all trades) especially when starting out …

Paul

> On Aug 3, 2017, at 5:15 PM, CBB - Jay Fuller  
> wrote:
> 
>  
> When did you take your last vacation? lol
>  
>> - Original Message -
>> From: Donnie McCorkle 
>> To: af@afmug.com 
>> Sent: Thursday, August 3, 2017 3:18 PM
>> Subject: [AFMUG] How do I decide if we need more technicians?
>> 
>> This question was posed by one of my managers this week.
>>  
>> I told him I’d ask the animal farm and he gave me a strange look…. 
>>  
>> Is there any ratio of technicians to subscriber that seem to be standard or 
>> has worked for you?
>> Any other rational your company uses to decide if your manpower is 
>> sufficient?
>>  
>> We read an article recently were a startup WISP had 2000 customers before he 
>> hired his first employee.. and that sounded pretty wild.
>>  
>>  
>>  

Re: [AFMUG] OT: Linkedin

[Paul Stewart]

I tried Premium for a while and didn't find it useful  I like LinkedIn 
though a lot 

If you are job hunting then probably upgrading is worth it for a period of time 


Sent from my iPhone

> On Jul 24, 2017, at 8:07 PM, Mike Hammett  wrote:
> 
> If you don't know what you'd use it for at all, I would probably shy away 
> from paying for it.
> 
> 
> 
> -
> Mike Hammett
> Intelligent Computing Solutions
> 
> Midwest Internet Exchange
> 
> The Brothers WISP
> 
> 
> 
> 
> From: "Jay Weekley" 
> To: af@afmug.com
> Sent: Monday, July 24, 2017 6:06:10 PM
> Subject: Re: [AFMUG] OT: Linkedin
> 
> Is the premium account worth it?
> 
> Josh Reynolds wrote:
> > I agree 100%. It is by far the best business to business and 
> > professional networking tool.
> >
> > On Jul 24, 2017 6:02 PM, "Mike Hammett"  > > wrote:
> >
> > It's certainly more useful in business than any other social media.
> >
> >
> >
> > -
> > Mike Hammett
> > Intelligent Computing Solutions 
> > 
> > 
> > Midwest Internet Exchange 
> > 
> > 
> > The Brothers WISP 
> > 
> >
> >
> > 
> > 
> > *From: *"Jay Weekley"  > >
> > *To: *af@afmug.com 
> > *Sent: *Monday, July 24, 2017 6:01:04 PM
> > *Subject: *[AFMUG] OT: Linkedin
> >
> > Is Linkedin actually worth the time and effort to use?   Honestly, I
> > don't even know what it's for.
> >
> >
> > 
> >  
> > Virus-free. www.avg.com 
> > 
> >  
> >
> >
> > <#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
> 
> 

Re: [AFMUG] linux help

[Paul Stewart]

Another one here since kernel 0.98 I think going by memory ... :)

Sent from my iPhone

> On Jul 22, 2017, at 9:36 PM, David Milholen  wrote:
> 
> WOW! another LINUX user...
> 
> Ive been running and working unix/linux since 94
> 
> I only handle a handfull of vms though.
> 
> I love my bullet proof core using all linux to do my bidding. 
> Finally finished my upgrade for ntopng/dpi. Not as good as sand vine but does 
> the job.
> 
>> On 7/22/2017 11:38 AM, Josh Reynolds wrote:
>> Jay if nobody responds in the next day or two let me know.
>> 
>> I've been running Linux for various things since 1998 or so, and currently 
>> handle over 3000 Linux VMs + IaaS devices.
>> 
>>> On Jul 22, 2017 10:36 AM, "CBB - Jay Fuller"  
>>> wrote:
>>>  
>>> We run a server that is on a vm with several other vms.  This particular vm 
>>> was configured for 40 gigabytes HDD but we have outgrown that.  We've 
>>> already changed the vm size to 60 gig but I don't feel comfortable running 
>>> the steps I found on google to resize the actual physical partition.
>>>  
>>> Is anyone willing to do this for us remotely for a fee?   We'd be happy to 
>>> pay you to do it - especially if you've done it a few times before (cause 
>>> we haven't)
>>>  
>>> Let me know off list.
>>>  
>>> thanks :)
>>>  
>>>  
> 
> -- 
> 

Re: [AFMUG] Network MTU?

[Paul Stewart]

We do 9192 everywhere possible in the core … jumbo frames etc… last mile access 
1540-1600 we try to achieve if equipment along the path supports it ….

Mainly this is to support VLAN tags, MPLS paths where applicable etc etc….


> On Jul 19, 2017, at 12:35 PM, Jon Langeler  wrote:
> 
> What's everyone setting there networks at? The internet is at 1500 byte, so 
> if using vlans and such we want to be at say 1528 or more on all our 
> equipment. Does this sound correct?
> 
> Jon Langeler
> Michwave Technologies, Inc.
> 

Re: [AFMUG] DDoS box with iptables?

[Paul Stewart]

Apples to oranges comparison to commercial appliances ... too much to list when 
mobile unfortunately 

Sent from my iPhone

> On Jul 19, 2017, at 10:56 AM, Dev <d...@logicalwebhost.com> wrote:
> 
> It seems MT is setting up rate limits like:
> 
> dst-limit=32,32,src-and-dst-addresses/10s
> 
> and then adding them to a blacklist which the firewall queries, or routing 
> them to a tarpit like:
> 
> connection-limit=3,32 action=tarpit
> 
> to hopefully slow them down. Or limit SYN connections like:
> 
> tcp-flags=syn limit=400,5
> 
> But you could do the same with a combination of iptables, kernel mods, and 
> SYNPROXY  that would rate limit, but also block a host malformed packets, 
> spoofing, establish whether you’re just getting hit with bogus SYN, etc. So 
> in a way, native kernel + iptables has a more full-featured set of tools than 
> MT? You could also extend this as needed, rather than waiting for MT to get 
> around to it. 
> 
> You could buy a really expensive appliance, but they’d be largely doing the 
> same things, so is there some other secret sauce they have that stops DDoS in 
> interesting ways? It seems like this would cost less than a Lexus. 
> 
> I guess a commercial appliance would have a nice GUI that would be expensive 
> and time-consuming to build, which I don’t care about, I’d mostly monitor 
> through centralized syslog and then just watch that enterprise-wide to see 
> problems, which we’re already doing in other contexts.
> 
> 
> 
>> Depending on what you are trying to do, MT can do that, it's just a matter 
>> of creating the firewall rules. :)  
> 
>> -Original Message——
>> From: Af [mailto:af-boun...@afmug.com] On Behalf Of Paul Stewart
>> Sent: Tuesday, July 18, 2017 8:27 PM
>> To: af@afmug.com
>> Subject: Re: [AFMUG] DIY DDoS box with iptables?
> 
>> I guess it depends on what you are trying to accomplish here ?. are you 
>> looking to scrub the traffic clean or just block dirty traffic?  > How will 
>> you determine what traffic is dirty and apply rules on the fly?
> 
>> Sorry - many questions come to mind here and don?t mean to sound negative 
>> but it seriously comes down to expectations.  I?m > aware of one company 
>> that I?ve seen that built their own - they spent three years developing it 
>> to their needs with 4 developers > working on nothing but it ? at the end of 
>> the day they spend more money than just buying an Arbor system and still 
>> spend > considerable dollars trying to maintain it ?.
> 
> 
>> On Jul 18, 2017, at 5:21 PM, Dev <d...@logicalwebhost.com> wrote:
>> 
>> What is the feasibility of building a DDoS protection box out of a bare 
>> Linux server running a dual-10G/40G NIC inline with iptables handling junk 
>> traffic, and then a third eth for management? Seems like the 10G/40G card 
>> could help scrub traffic before it hits your core? Has anyone built one? 
>> I?ve heard about CCR?s, but my experience with MT has been...weird, they 
>> just do weird stuff from time to time, YMMV, etc. etc., but I?ve had better 
>> luck with Cisco and the usual suspects. It seems like a purpose built 
>> vanilla Linux box would be easily upgradeable, universally supported with 
>> vanilla kernel support, etc. and you could just tweak stuff until you got it 
>> dialed, no?

Re: [AFMUG] DIY DDoS box with iptables?

[Paul Stewart]

I guess it depends on what you are trying to accomplish here …. are you looking 
to scrub the traffic clean or just block dirty traffic?  How will you determine 
what traffic is dirty and apply rules on the fly?

Sorry - many questions come to mind here and don’t mean to sound negative but 
it seriously comes down to expectations.  I’m aware of one company that I’ve 
seen that built their own - they spent three years developing it to their needs 
with 4 developers working on nothing but it … at the end of the day they spend 
more money than just buying an Arbor system and still spend considerable 
dollars trying to maintain it ….


> On Jul 18, 2017, at 5:21 PM, Dev  wrote:
> 
> What is the feasibility of building a DDoS protection box out of a bare Linux 
> server running a dual-10G/40G NIC inline with iptables handling junk traffic, 
> and then a third eth for management? Seems like the 10G/40G card could help 
> scrub traffic before it hits your core? Has anyone built one? I’ve heard 
> about CCR’s, but my experience with MT has been...weird, they just do weird 
> stuff from time to time, YMMV, etc. etc., but I’ve had better luck with Cisco 
> and the usual suspects. It seems like a purpose built vanilla Linux box would 
> be easily upgradeable, universally supported with vanilla kernel support, 
> etc. and you could just tweak stuff until you got it dialed, no?

Re: [AFMUG] DDoS protection vendor?

[Paul Stewart]

Procera boxes can do some neat tricks as you mention for sure… just be sure you 
don’t topple over the box(es) in doing so though as it’s not hard to do (as 
their boxes are not designed for it so understandable) 

Paul


> On Jul 14, 2017, at 6:42 AM, Steve  wrote:
> 
> Procera has some tricks in dealing with DDOS too.  I had one of their 
> engineers send me over some ideas a while back.  I have never needed to use 
> it however. But the one good thing about it was that if something happens 
> you'll see where the target of the DDOS is going pretty fast.  At times it is 
> difficult to find when your routers are overloaded.  
> 
> Steven Kenney
> Network Operations Manager
> WaveDirect Telecommunications
> http://www.wavedirect.net
> (519)737-WAVE (9283)
> 
> - Original Message -
> From: "Simon Westlake" 
> To: "af" 
> Sent: Thursday, July 13, 2017 12:29:15 PM
> Subject: Re: [AFMUG] DDoS protection vendor?
> 
> There are companies where you can have them announce your IP space, and 
> they only send you the 'good' traffic. But it costs a hell of a lot more 
> than just upgrading your upstream for most smaller ISPs.
> 
> On 7/13/2017 10:19 AM, Kurt Fankhauser wrote:
>> Is there a way to do DDOS protection that doesn't involve buying a 
>> bigger bandwidth pipe or initiating some sort of blackhole with your 
>> upstream?
>> 
>> On Thu, Jul 13, 2017 at 10:10 AM, Mike Hammett > > wrote:
>> 
>>I'm going to be implementing some on-net scrubbing boxes.
>>Obviously limited by upstream capacity, simply acquire more
>>upstream capacity.  ;-)
>> 
>> 
>> 
>>-
>>Mike Hammett
>>Intelligent Computing Solutions 
>>
>> 
>>Midwest Internet Exchange 
>>
>> 
>>The Brothers WISP 
>>
>> 
>> 
>>
>>
>>*From: *"Dev" >
>>*To: *af@afmug.com 
>>*Sent: *Wednesday, July 12, 2017 7:32:53 PM
>>*Subject: *[AFMUG] DDoS protection vendor?
>> 
>>Who is a good for cost-effective DDoS protection and what are you
>>paying? My upstream really doesn’t now to handle a DDoS, so I’m
>>looking for someone to help with some subnets.
>> 
>> 
> 
> -- 
> Simon Westlake
> Email: simon@sonar.software
> Phone: (702) 447-1247 US / (780) 900-1180 CA
> ---
> Sonar Software Inc
> The future of ISP billing and OSS
> https://sonar.software

Re: [AFMUG] Transit Providers

[Paul Stewart]

LOL .. yeah I know I set myself up there hehe… 

For what’s left on traffic and going via transit most of the popular 
destinations are all ties from that perspective (ties on AS hops, often close 
on performance)…. Spend more time than I’ll admit looking at that stuff haha

I think it’ll come down to prices, locations, communities support, customer 
service etc… but always game to hear favourites from folks too 

-p

> On Jun 9, 2017, at 3:34 PM, Mike Hammett <af...@ics-il.net> wrote:
> 
> I know you know better.  ;-)
> 
> Look at your flows, find what AS best serves where your traffic goes.  ;-)
> 
> 
> 
> -
> Mike Hammett
> Intelligent Computing Solutions <http://www.ics-il.com/>
>  <https://www.facebook.com/ICSIL> 
> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> 
> <https://www.linkedin.com/company/intelligent-computing-solutions> 
> <https://twitter.com/ICSIL>
> Midwest Internet Exchange <http://www.midwest-ix.com/>
>  <https://www.facebook.com/mdwestix> 
> <https://www.linkedin.com/company/midwest-internet-exchange> 
> <https://twitter.com/mdwestix>
> The Brothers WISP <http://www.thebrotherswisp.com/>
>  <https://www.facebook.com/thebrotherswisp>
> 
> 
>  <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg>
> From: "Paul Stewart" <p...@paulstewart.org <mailto:p...@paulstewart.org>>
> To: "Animal Farm" <af@afmug.com <mailto:af@afmug.com>>
> Sent: Friday, June 9, 2017 2:31:03 PM
> Subject: [AFMUG] Transit Providers
> 
> Wide open question … what you use and why you like them?  Looking to shake 
> things up a bit …. :)
> 
> Thanks,
> Paul

[AFMUG] Transit Providers

[Paul Stewart]

Wide open question … what you use and why you like them?  Looking to shake 
things up a bit …. :)

Thanks,
Paul

Re: [AFMUG] BGP Prefix Withdraw

[Paul Stewart]

Unfortunately pretty common at times …. You shouldn’t see it disappear for long 
periods though normally …. Nature of the Internet backbone though ;)

> On Jun 7, 2017, at 3:08 PM, Jason McKemie <j.mcke...@veloxinetbroadband.com> 
> wrote:
> 
> I think that is it, yes. Thanks.
> 
> On Wednesday, June 7, 2017, Paul Stewart <p...@paulstewart.org 
> <mailto:p...@paulstewart.org>> wrote:
> You mean your prefixes have disappeared somewhere in those countries for a 
> period of time?  If so, yeah pretty normal with backbone shifts, upgrades, 
> outages etc etc
> 
> Paul
> 
> > On Jun 7, 2017, at 2:20 PM, Jason McKemie <j.mcke...@veloxinetbroadband.com 
> > <javascript:;>> wrote:
> >
> > In the past couple of weeks I've seen 3 prefix withdraws per BGPmon, 2 in 
> > Brazil and one in Italy. Is this normal behavior?
> 

Re: [AFMUG] BGP Prefix Withdraw

[Paul Stewart]

You mean your prefixes have disappeared somewhere in those countries for a 
period of time?  If so, yeah pretty normal with backbone shifts, upgrades, 
outages etc etc

Paul

> On Jun 7, 2017, at 2:20 PM, Jason McKemie  
> wrote:
> 
> In the past couple of weeks I've seen 3 prefix withdraws per BGPmon, 2 in 
> Brazil and one in Italy. Is this normal behavior?

Re: [AFMUG] IP Architects

[Paul Stewart]

Something sounds seriously broken there as OSPF should always have a lower 
route preference on any router (not sure what you’re using here) so any lookups 
within your network will always be preferred.

I get your point though .. if these guys are “experts” then for them it should 
be pretty trivial to diagnose… actually sounds like you have too many filters 
in place that are causing the problem (just a guess but no reason to use 
filters in OSPF typically)

> On Jun 1, 2017, at 4:58 PM, Chris Wright  wrote:
> 
> Any reason you don't drop those subnets on your upstream-bgp-in filters?
> 
> Chris Wright
> Network Administrator
> 
> 
> -Original Message-
> From: Af [mailto:af-boun...@afmug.com] On Behalf Of Sterling Jacobson
> Sent: Thursday, June 01, 2017 1:45 PM
> To: af@afmug.com
> Subject: Re: [AFMUG] IP Architects
> 
> It is a routing problem, probably a BGP change outside of us.
> 
> But I have internal BGP and several /24 subnets that I don't want to route 
> around the internet and back to myself, just to hop directly between my two 
> Mikrotik BGP instances.
> 
> That seems to be the major hangup right now.
> 
> I have a single static entry to route a specific block from one Mikrotik to 
> the other, but need a more general policy BGP related that gets automatically 
> filtered down to my OSPF network and MPLS to keep all of my own inter-subnet 
> communications internal instead of trying to roam all over creation and back 
> to myself.
> 
> 
> 
> -Original Message-
> From: Af [mailto:af-boun...@afmug.com] On Behalf Of Faisal Imtiaz
> Sent: Thursday, June 1, 2017 12:02 PM
> To: af@afmug.com
> Subject: Re: [AFMUG] IP Architects
> 
> on-list of off-list
> 
> Care to share what is the problem you are trying or needing to solve ? 
> 
> Faisal Imtiaz
> Snappy Internet & Telecom
> 7266 SW 48 Street
> Miami, FL 33155
> Tel: 305 663 5518 x 232
> 
> Help-desk: (305)663-5518 Option 2 or Email: supp...@snappytelecom.net
> 
> - Original Message -
>> From: "Sterling Jacobson" 
>> To: "af@afmug.com" 
>> Sent: Thursday, June 1, 2017 11:53:32 AM
>> Subject: [AFMUG] IP Architects
> 
>> So far, not so good with them.
>> 
>> I've spent about $340 for an hour and a half time to have them modify 
>> one temporary route rule in fifteen seconds.
>> Rest of the time appeared to be them attempting to figure things out 
>> on BGP/eBGP and OSPF.
>> 
>> That didn't fix my problem, just a patch to get some traffic 
>> re-routed, but left me with a bunch of other problems.
>> 
>> When I asked them about the charge, they wouldn't work with me.
>> 
>> I expect a lot more out of a team that charges top dollar for being 
>> the top experts.
>> 
>> I'm having problems communicating and scheduling time now to get that 
>> permanently fixed.
>> It appears they want to create an entire lab with separate equipment, 
>> spending hours of my money, to understand the problem.
>> 
>> So, yeah, not what I was expecting out of them at all.
> 

Re: [AFMUG] Thanks to our service men and women

[Paul Stewart]

Thank you to the service people from the various countries represented on this 
list … 

Paul

> On May 28, 2017, at 12:43 PM, Larry Smith  wrote:
> 
> On Sun May 28 2017 10:32, Jaime Solorza wrote:
>> God bless and thanks for serving...Jaime
> 
> +100 and thank you.
> 
> -- 
> Larry Smith
> lesm...@ecsis.net

Re: [AFMUG] kodi?

[Paul Stewart]

A lot of the free content comes from pawned servers and computers that are on 
high speed links …. the paid services are typically dedicated servers rented 
with flat rate bandwidth … at least with that I’ve figured out ...

>  
> From: Af [mailto:af-boun...@afmug.com ] On 
> Behalf Of Kurt Fankhauser
> Sent: Friday, May 26, 2017 2:53 PM
> To: af@afmug.com 
> Subject: Re: [AFMUG] kodi?
>  
> Who is paying for all this bandwidth that the *servers* are providing for 
> "ill-legitimate" content?
>  
> On Fri, May 26, 2017 at 3:44 PM, Mark - Myakka Technologies  > wrote:
> Mark,
> 
> Here is the link I was talking about
> 
> http://blog.skystreamx.com/fix-kodi-buffering/ 
> 
> 
> -- 
> Best regards,
> Markmailto:m...@mailmt.com 
> 
> 
> Myakka Technologies, Inc.
> www.MyakkaTech.com 
> 
> Proud Sponsor of the Myakka City Relay For Life
> http://www.RelayForLife.org/MyakkaCityFL 
> 
> 
> Please Donate at Please Donate at http://www.myakkatech.com/RFL.html 
> 
> --
> 
> Thursday, May 25, 2017, 10:52:39 PM, you wrote:
> 
> Kurt,
> 
> I read somewhere that kodi needs about 10-15meg connection to work correctly. 
>  Not sure if that was for live tv or everything.  Think I have the article 
> bookmarked at the office.  I'll check in the morning and post it if I find it.
> 
> -- 
> Best regards,
> Markmailto:m...@mailmt.com 
> 
> 
> Myakka Technologies, Inc.
> www.MyakkaTech.com 
> 
> Proud Sponsor of the Myakka City Relay For Life
> http://www.RelayForLife.org/MyakkaCityFL 
> 
> 
> Please Donate at Please Donate at http://www.myakkatech.com/RFL.html 
> 
> --
> 
> Thursday, May 25, 2017, 12:50:45 PM, you wrote:
> 
> I am getting more and more calls every week from clients saying that their 
> "streaming isn't working." Upon investigating each one of these cases the 
> customer always has purchased a "jailbroken" firestick loaded with KODI and 
> they are expecting to watch all kinds of movies for free. From what I can 
> tell this is very un-reliable compared to just paying for Netflix. Sometimes 
> the streams work and sometimes they don't. I basically have been telling 
> customers that what their doing is no different than the old satellite days 
> where people put the hacked cards into their set top boxes and get all the 
> satellite channels for free. But those cards were always getting "zapped" and 
> you were constantly having to get new cards and re-program cards so your 
> spending so much time dealing with the "un-reliable' TV watching experience 
> that it would have just been cheaper to pay for the service legally in the 
> first place. My solution for these customers has been to just tell them to 
> pay $10 for Netflix and be done with it.
> 
> On Thu, May 25, 2017 at 11:02 AM, CBB - Jay Fuller <
> par...@cyberbroadband.net > wrote:
> 
> 
> haven't been able to reach him yet.
> 
> - Original Message - 
> From: Jeremy 
> To: af@afmug.com 
> Sent: Thursday, May 25, 2017 9:26 AM
> Subject: Re: [AFMUG] kodi?
> 
> Why don't you ask him?
> 
> On Thu, May 25, 2017 at 8:21 AM, CBB - Jay Fuller  > wrote:
> 
> 
> out of the 250 or so "warnings" received through this morning, about 80% 
> appear to be tv shows and random episodes of such tv shows.  that is why i 
> was thinking kodi.  perhaps he browsed around just to see what would work and 
> what wouldn't.  i've never played with kodi but if this guy has this volume 
> of entertainment on his hard drive i would be surprised and would say he has 
> no life.  plus he has been a customer for a while - he isn't anyone new :)
> 
> 
> - Original Message - 
> From: Tim Reichhart 
> To: af@afmug.com 
> Sent: Thursday, May 25, 2017 9:18 AM
> Subject: Re: [AFMUG] kodi?
> 
> with kodi you can download/add on for like utorrent to download movies or you 
> can also download exodus.
> 
> -Original Message-
> From: "Joe Novak" >
> To: af@afmug.com 
> Date: 05/25/17 10:14 AM
> Subject: Re: [AFMUG] kodi?
> 
> To be honest, unless he is using some odd P2P addon for Kodi it's unlikely. 
> Most of the addons comb the net for the videos and aggregate the links for 
> you to watch on Kodi - which means your not sharing it back. Some kind of 
> popcorn time variant which is built on bittorrent is more likely, but I don't 
> know 

Re: [AFMUG] kodi?

[Paul Stewart]

I’ve spent more time than I’ll admit looking into a lot of this stuff … various 
kodi based packages that provide “questionable content”  via streaming.  This 
includes some of the common free ones but also several different paid services 
to see if they are worth it.  Almost all of the traffic through various 
services for on-demand and live TV was coming from proxies based in Europe and 
in a few situations in Asia.  They are usually a dedicated server rented 
somewhere (NL is popular for this) that someone is feeding from a few different 
sources (UK, US, and Canadian TV are most common).

Most on demand stuff is 4-5 Mb/s MPG4 based and a bit of it is now HEVC at 
4Mb/s or so (for HD).  Obviously varies with the content source etc…   never 
seen anything that needed 10-15 meg though 




> On May 25, 2017, at 10:52 PM, Mark - Myakka Technologies  
> wrote:
> 
> Kurt,
> 
> I read somewhere that kodi needs about 10-15meg connection to work correctly. 
>  Not sure if that was for live tv or everything.  Think I have the article 
> bookmarked at the office.  I'll check in the morning and post it if I find it.
> 
> -- 
> Best regards,
> Markmailto:m...@mailmt.com 
> 
> 
> Myakka Technologies, Inc.
> www.MyakkaTech.com 
> 
> Proud Sponsor of the Myakka City Relay For Life
> http://www.RelayForLife.org/MyakkaCityFL 
> 
> 
> Please Donate at Please Donate at http://www.myakkatech.com/RFL.html 
> 
> --
> 
> Thursday, May 25, 2017, 12:50:45 PM, you wrote:
> 
> 
> I am getting more and more calls every week from clients saying that their 
> "streaming isn't working." Upon investigating each one of these cases the 
> customer always has purchased a "jailbroken" firestick loaded with KODI and 
> they are expecting to watch all kinds of movies for free. From what I can 
> tell this is very un-reliable compared to just paying for Netflix. Sometimes 
> the streams work and sometimes they don't. I basically have been telling 
> customers that what their doing is no different than the old satellite days 
> where people put the hacked cards into their set top boxes and get all the 
> satellite channels for free. But those cards were always getting "zapped" and 
> you were constantly having to get new cards and re-program cards so your 
> spending so much time dealing with the "un-reliable' TV watching experience 
> that it would have just been cheaper to pay for the service legally in the 
> first place. My solution for these customers has been to just tell them to 
> pay $10 for Netflix and be done with it.
> 
> On Thu, May 25, 2017 at 11:02 AM, CBB - Jay Fuller  > wrote:
> 
> 
> haven't been able to reach him yet.
> 
> 
> - Original Message - 
> From: Jeremy 
> To: af@afmug.com 
> Sent: Thursday, May 25, 2017 9:26 AM
> Subject: Re: [AFMUG] kodi?
> 
> Why don't you ask him?
> 
> On Thu, May 25, 2017 at 8:21 AM, CBB - Jay Fuller  > wrote:
> 
> 
> out of the 250 or so "warnings" received through this morning, about 80% 
> appear to be tv shows and random episodes of such tv shows.  that is why i 
> was thinking kodi.  perhaps he browsed around just to see what would work and 
> what wouldn't.  i've never played with kodi but if this guy has this volume 
> of entertainment on his hard drive i would be surprised and would say he has 
> no life.  plus he has been a customer for a while - he isn't anyone new :)
> 
> 
> 
> - Original Message - 
> From: Tim Reichhart 
> To: af@afmug.com 
> Sent: Thursday, May 25, 2017 9:18 AM
> Subject: Re: [AFMUG] kodi?
> 
> with kodi you can download/add on for like utorrent to download movies or you 
> can also download exodus.
> 
> 
> -Original Message-
> From: "Joe Novak" >
> To: af@afmug.com 
> Date: 05/25/17 10:14 AM
> Subject: Re: [AFMUG] kodi?
> 
> To be honest, unless he is using some odd P2P addon for Kodi it's unlikely. 
> Most of the addons comb the net for the videos and aggregate the links for 
> you to watch on Kodi - which means your not sharing it back. Some kind of 
> popcorn time variant which is built on bittorrent is more likely, but I don't 
> know if any of those still exist. 
> 
> 
> Joe
> 
> 
> On Thu, May 25, 2017 at 9:09 AM, CBB - Jay Fuller  > wrote:
> 
>  
> 
> we have a customer who literally has gotten no fewer than 150 complaints from 
> both fox and ip-echelon ? (sp) in the last 24 hours.
> either he has downloaded half the internet or perhaps he has one of these new 
> illegal kodi boxes.
> 
> 

Re: [AFMUG] GTT as a Tier 1 provider - feedback?

[Paul Stewart]

Just in the process of dropping them from our mix … however …. they have always 
been solid provider with very little issues.

How they get utilized in the network and participate in your overall mix is 
always a challenge .. I much prefer to avoid Tier1 providers in general to be 
honest - prefer Tier2 in comparison.

They don’t “play well” in our mix of providers hence why we are dropping them.  
The only area of failure is calling them to say we won’t be renewing followed 
by “ok, no problem - thank you” …. usually this turns into heavy sales tactics 
to keep you onboard - they didn’t seem to care….

Paul


> On May 16, 2017, at 10:36 AM, Paul McCall  wrote:
> 
> Looking at bandwidth options in Miami.  
>  
> Investigating GTT today.  Anybody, besides Faisal , have any feedback on 
> them ?
> (Faisal speaks highly of them)
>  
> Paul
>  
> Paul McCall, President
> PDMNet, Inc. / Florida Broadband, Inc.
> 658 Old Dixie Highway
> Vero Beach, FL 32962
> 772-564-6800  
> pa...@pdmnet.net 
> www.pdmnet.com 
> www.floridabroadband.com 

[AFMUG] IPv4 Market

[Paul Stewart]

I was searching around for something and came across this article (in light of 
discussions around IPv4 etc and CGNAT recently)

http://www.trefor.net/2017/05/12/ipv4-address-market/ 

Re: [AFMUG] NAT and CDN Services

[Paul Stewart]

If you can avoid NAT (goes without saying) then take that route for sure….

But I’d suggest a pool of IP addresses at a minimum for NAT … for 1000 users, 
at least a /27 to avoid running into issues with, not just CDN, but other 
things as well …

Also, if possible, consider IPv6 for the event - will take a lot of this out of 
play (ie. Google, Netflix, Facebook, Amazon etc etc)

> On May 11, 2017, at 8:05 PM, Nate Burke  wrote:
> 
> I'm getting ready to work on a temporary event with lots of People. Is there 
> a rule-of-thumb for number of NAT Devices behind a public address?  I've 
> heard of issues with getting blacklisted by Google and the likes thinking 
> that there is an attack happening because of the amount of requests from a 
> single IP.  Can I put 1000 devices behind a single WAN Address?  Just trying 
> to avoid the crisis if someone can't check their GMail or watch Netflix.

Re: [AFMUG] Putting on big boy IPv6 pants

[Paul Stewart]

Absolutely …I think Facebook or someone like that should do it… that’ll fix 
things in a hurry ;)

> On May 11, 2017, at 4:24 AM, Forrest Christian (List Account) 
> <li...@packetflux.com> wrote:
> 
> What will force the transition is the moment that google and/or some other 
> large provider starts to provide certain services only via IPv6.   
> 
> It would not surprise me to see this start occurring by certain providers for 
> certain desirable but not-core-business services.   
> 
> On Wed, May 10, 2017 at 9:10 PM, Sterling Jacobson <sterl...@avative.net 
> <mailto:sterl...@avative.net>> wrote:
> I want there to be a two day world wide event where we disable all hosted 
> IPv4 routing.
> 
>  
> 
> Then we’ll see which hosting services are stuck in the 1990’s and need to 
> upgrade immediately to IPv6.
> 
>  
> 
> That is what is stopping us.
> 
>  
> 
> And ISP, upstream providers not handling IPv6 transport or BGP IPv6…
> 
>  
> 
> From: Af [mailto:af-boun...@afmug.com <mailto:af-boun...@afmug.com>] On 
> Behalf Of Chuck McCown
> Sent: Wednesday, May 10, 2017 8:19 PM
> To: af@afmug.com <mailto:af@afmug.com>
> Subject: Re: [AFMUG] Putting on big boy IPv6 pants
> 
>  
> 
> I want to just give the customer a V6 and the edge appliance will nat the v4 
> only destinations. 
> 
>  
> 
> From: Paul Stewart
> 
> Sent: Wednesday, May 10, 2017 6:45 PM
> 
> To: af@afmug.com <mailto:af@afmug.com>
> Subject: Re: [AFMUG] Putting on big boy IPv6 pants
> 
>  
> 
> We dual stack and will continue as long as possible …   really hoping to 
> avoid transition stuff but who knows for sure if that’s just a pipe dream or 
> not ;)
> 
>  
> 
>  
> 
> On May 10, 2017, at 6:50 PM, Chris Wright <ch...@velociter.net 
> <mailto:ch...@velociter.net>> wrote:
> 
>  
> 
> I’m weighing the pros/cons of purchasing another block of IPv4 at auction or 
> finding a NAT64 solution that will enable me to start handing IPv6 addresses 
> to customers and know they’ll be able to get to IPv4 internet without issue. 
> Mikrotik doesn’t seem too concerned with implementing NAT64, so I’d be 
> looking at adding complexity to my network if I go that direction. On the 
> other hand, I don’t like spending thousands of dollars on antiquated address 
> space if I can help it. I’d rather do my part in moving IP standards forward 
> instead of staying stuck in the past.
> 
>  
> 
> What’s working for you all?
> 
>  
> 
> Chris Wright
> 
> Network Administrator
> 
>  
> 
> 
> 
> 
> -- 
> Forrest Christian CEO, PacketFlux Technologies, Inc.
> Tel: 406-449-3345 <> | Address: 3577 Countryside Road, Helena, MT 59602
> forre...@imach.com <mailto:forre...@imach.com> | http://www.packetflux.com 
> <http://www.packetflux.com/>
>  <http://www.linkedin.com/in/fwchristian>  <http://facebook.com/packetflux>  
> <http://twitter.com/@packetflux>
> 

Re: [AFMUG] Employee Retention - Benefits, Insurance, etc.

[Paul Stewart]

Here it’s law re: vacation and two weeks is the norm in first year.  For some 
senior folks, when recruiting them we do three weeks vacation to start which is 
a really nice perk.

> On May 11, 2017, at 10:16 AM, Jeremy  wrote:
> 
> I would assume that you already provide paid holidays and paid vacation.  I 
> only have one employee and I provide this benefit.  Paid holidays after 90 
> days, one week of paid vacation after one year of employment.
> 
> On Thu, May 11, 2017 at 7:19 AM, Paul McCall  > wrote:
> OK,
> 
>  
> 
> Our WISP, Florida Broadband, has reached the point where we need to start 
> addressing employee needs for the long term.  I have some good “guys” and 
> don’t want to lose them because of not taking good care of them.  Most of 
> them are relatively young and health insurance hasn’t been needed, but its 
> still nice to have if I can find any way to afford it.  Plus there are many 
> other considerations rattling around in my cranial vault.
> 
>  
> 
> So, my points of concern are:
> 
>  
> 
> Health Insurance – what creative options can be used?, what % 
> of coverage is employee contributed?, what levels of coverage are typically 
> offered?
> 
> 401Ks – same type questions, is at a % contribution that the 
> company would match?, other create elements ?
> 
> Life Insurance – I understand some tower companies (we are 
> not one) – purchase a small life insurance policy for the employer as a 
> benefit
> 
> (one employee who climbs occasionally) used 
> to work for a tower company that had a $ 50K policy for each person
> 
> Other benefits or perks – I feel this can be a big one – 
> interested to see what creative things can be done in this area.
> 
>  
> 
> Thanks in advance for sharing what you have found successful
> 
>  
> 
> Paul
> 
>  
> 
>  
> 
> Paul McCall, President
> 
> PDMNet, Inc. / Florida Broadband, Inc.
> 
> 658 Old Dixie Highway
> 
> Vero Beach, FL 32962
> 
> 772-564-6800  
> 
> pa...@pdmnet.net 
> www.pdmnet.com 
> www.floridabroadband.com 
>  
> 
>  
> 
> 

Re: [AFMUG] Employee Retention - Benefits, Insurance, etc.

[Paul Stewart]

This is an area that I think every employer can always do better … and i mean 
that respectively, because if you’re always looking for better ways that means 
you are doing more and more for staff.  Sometimes it’s the small things that 
really mean more than big things … more than just money etc

We do things like:

free soda beverages
free fruit and snacks
lunch areas that have big screen TV, game consoles, lounge area etc
discounted Internet and other services at home (some staff are free depending 
on their role)
lots of different theme days .. pizza days, hot dog days, etc where food is 
brought in for everyone
senior management taking various folks out for lunch or dinner … different 
groups, not even people who work in their teams
some teams have fun days a couple of times a year - taking the afternoon off 
and going to archery range, or going bowling ..that kind of stuff

Everyone has health insurance package (benefits package including dental, 
vision, prescription etc)
No retirement option is one area lacking
Life insurance - standard as part of benefits

Paul


> On May 11, 2017, at 9:19 AM, Paul McCall  wrote:
> 
> OK, 
>  
> Our WISP, Florida Broadband, has reached the point where we need to start 
> addressing employee needs for the long term.  I have some good “guys” and 
> don’t want to lose them because of not taking good care of them.  Most of 
> them are relatively young and health insurance hasn’t been needed, but its 
> still nice to have if I can find any way to afford it.  Plus there are many 
> other considerations rattling around in my cranial vault.
>  
> So, my points of concern are:
>  
> Health Insurance – what creative options can be used?, what % 
> of coverage is employee contributed?, what levels of coverage are typically 
> offered?
> 401Ks – same type questions, is at a % contribution that the 
> company would match?, other create elements ?
> Life Insurance – I understand some tower companies (we are 
> not one) – purchase a small life insurance policy for the employer as a 
> benefit
> (one employee who climbs occasionally) used 
> to work for a tower company that had a $ 50K policy for each person
> Other benefits or perks – I feel this can be a big one – 
> interested to see what creative things can be done in this area.
>  
> Thanks in advance for sharing what you have found successful
>  
> Paul
>  
>  
> Paul McCall, President
> PDMNet, Inc. / Florida Broadband, Inc.
> 658 Old Dixie Highway
> Vero Beach, FL 32962
> 772-564-6800  
> pa...@pdmnet.net 
> www.pdmnet.com 
> www.floridabroadband.com 

Re: [AFMUG] Putting on big boy IPv6 pants

[Paul Stewart]

We dual stack and will continue as long as possible …   really hoping to avoid 
transition stuff but who knows for sure if that’s just a pipe dream or not ;)


> On May 10, 2017, at 6:50 PM, Chris Wright  wrote:
> 
> I’m weighing the pros/cons of purchasing another block of IPv4 at auction or 
> finding a NAT64 solution that will enable me to start handing IPv6 addresses 
> to customers and know they’ll be able to get to IPv4 internet without issue. 
> Mikrotik doesn’t seem too concerned with implementing NAT64, so I’d be 
> looking at adding complexity to my network if I go that direction. On the 
> other hand, I don’t like spending thousands of dollars on antiquated address 
> space if I can help it. I’d rather do my part in moving IP standards forward 
> instead of staying stuck in the past.
>  
> What’s working for you all?
>  
> Chris Wright
> Network Administrator

Re: [AFMUG] Serverplus

[Paul Stewart]

I hope you’re kidding right ? ;)

> On May 8, 2017, at 2:28 PM, Josh Luthman  wrote:
> 
> Hold on Dlink makes some pretty good switches...
> 
> 
> Josh Luthman
> Office: 937-552-2340
> Direct: 937-552-2343
> 1100 Wayne St
> Suite 1337
> Troy, OH 45373
> 
> On Mon, May 8, 2017 at 2:19 PM, Chuck McCown  > wrote:
> Nah, they are totally D-Link based.
>  
> From: Steve Jones <>
> Sent: Monday, May 08, 2017 12:16 PM
> To: af@afmug.com <>
> Subject: Re: [AFMUG] Serverplus
>  
> It was a terrible timing, we sat down for a company meeting to go over the 
> initial sheets at ten am, it went dead at like 10:10. I wonder if somebody 
> unplugged their core linksy box
>  
>  
> On Mon, May 8, 2017 at 12:56 PM, Josh Luthman  <>> wrote:
> First time that I can recall.  We started in November 2012.
> 
>  
> Josh Luthman
> Office: 937-552-2340 
> Direct: 937-552-2343 
> 1100 Wayne St
> Suite 1337
> Troy, OH 45373
> 
> On Mon, May 8, 2017 at 1:28 PM, Chuck McCown > wrote:
> Very uncommon. 
>  
> From: Steve Jones <>
> Sent: Monday, May 08, 2017 11:11 AM
> To: af@afmug.com <>
> Subject: Re: [AFMUG] Serverplus
>  
> is it safe to assume this is uncommon?
>  
> On Mon, May 8, 2017 at 11:13 AM, Josh Luthman  <>> wrote:
> Website just came back up.
>  
> I'm on hold with the supervisors desk.
> 
>  
> Josh Luthman
> Office: 937-552-2340 
> Direct: 937-552-2343 
> 1100 Wayne St
> Suite 1337
> Troy, OH 45373
> 
> On Mon, May 8, 2017 at 12:12 PM, Josh Luthman  <>> wrote:
> Their website is down as well...
> 
>  
> Josh Luthman
> Office: 937-552-2340 
> Direct: 937-552-2343 
> 1100 Wayne St
> Suite 1337
> Troy, OH 45373
> 
> On Mon, May 8, 2017 at 12:11 PM, Josh Luthman  <>> wrote:
> I have the same issue, glad someone else posted.
> 
>  
> Josh Luthman
> Office: 937-552-2340 
> Direct: 937-552-2343 
> 1100 Wayne St
> Suite 1337
> Troy, OH 45373
> 
> On Mon, May 8, 2017 at 11:50 AM, Steve Jones > 
> wrote:
> Are they down, website went down, their phones are non responsive
> 
>  
>  
>  
>  
>  
> 

Re: [AFMUG] New competition in town

[Paul Stewart]

LOL ….

A number of years back we had some contracted tower crews working in very harsh 
conditions …. it was almost -40C, winds steady at about 25MPH and visibility at 
less then 50ft …. 4 guys went up the tower at daylight and were up on the tower 
until nightfall… three days in a row.

The first day they recommended that nobody go to the east of the tower where 
there was a treeline and of course anyone on the ground to ensure they had 
their hard hats on at all times etc… lots of tools, parts etc going up and down 
the tower and accidents happen.  I didn’t quite understand the reference to not 
heading to the east of the tower (which was of course the direction of the 
wind)…. after early afternoon came around, some of us were sitting around the 
base of the tower when suddenly it “clicked”… “umm, the guys are not coming 
down at all - what happens after they have had some drinks to stay hydrated and 
… well…. they gotta go?”  - answer was pretty simple … “don’t be to the east of 
the tower”…. I laughed… the day went on, nightfall came around and the guys 
returned to the bottom exhausted….

The second day, I noticed that a bucket of tools were being sent up in the 
morning as expected along with other parts/tools etc … but then I noticed the 
same thing as the day before… an empty bucket except for two things in it …. 
toilet paper wrapped in plastic and the daily newspaper …. at that point I sure 
as shit didn’t ask (yes pun intended) ….. ;)

Paul


> On Apr 27, 2017, at 8:35 AM, Harold Bledsoe  wrote:
> 
> One thing I learned fast growing up helping my dad build build houses 
> is...never open the bucket.  ;-)
> 
> On Thu, Apr 27, 2017 at 8:25 AM Jon Langeler  > wrote:
> Ha! The bucket serves as the climate controlled data center I assume.
> 
> Jon Langeler
> Michwave Technologies, Inc.
> 
> 
> > On Apr 27, 2017, at 12:42 AM, Sean Heskett  > > wrote:
> >
> > Seems legit to me...
> > 
> > 
> >

Re: [AFMUG] Certification for basic networking

[Paul Stewart]

I found offering folks $1000 in cash (not via payroll with deductions and crap) 
was a motivator to do certain certifications …. 

> On Apr 26, 2017, at 9:28 PM, Steve Jones  wrote:
> 
> what amazes me is we have had one of those a+ cert sets we have renewed twice 
> (the training self paced videos and a CompTIA test voucher) 50 cent or dollar 
> raise, don't recall, upon completion, not a single tech did it... idiots, 
> plain idiots
> 
> On Wed, Apr 26, 2017 at 8:18 PM, Mark - Myakka Technologies  > wrote:
> Steve,
> 
> Saw the A+ one.  Thinking about offering a bonus if they pass the test.
> 
> -- 
> Best regards,
> Markmailto:m...@mailmt.com 
> 
> 
> Myakka Technologies, Inc.
> www.MyakkaTech.com 
> 
> Proud Sponsor of the Myakka City Relay For Life
> http://www.RelayForLife.org/MyakkaCityFL 
> 
> 
> Please Donate at Please Donate at http://www.myakkatech.com/RFL.html 
> 
> --
> 
> Wednesday, April 26, 2017, 9:00:24 PM, you wrote:
> 
> 
> Sams has a 24 hour teach yourself book as well for Network+
> I use the TCP/IP one as a tool to guage a new guys drive, most failed and 
> never read the book
> 
> the TCP/IP one covers the gist of what you list, its a good start. Its what I 
> used to jump into this job, excellent foundation
> 
> On Wed, Apr 26, 2017 at 7:16 PM, Lewis Bergman  > wrote:
> 
> Network+ is a good cert for all the stuff a WISP uses except the RF part. 
> There are some topics that are not applicable but I found it a very practical 
> test.
> 
> On Wed, Apr 26, 2017 at 6:04 PM Steve Jones  > wrote:
> 
> Sams Teach yourself TCP/IP in 24 hours is a freaking excellent starter 
> resource
> 
> On Wed, Apr 26, 2017 at 6:00 PM, Mark - Myakka Technologies  > wrote:
> 
> I want to begin grooming someone to help me with the day to day
> maintenance of our system with the goal of giving them control over
> the system in the future.  Basically, I want to train my replacement.
> 
> I have someone in mind that has basic computer and customer service
> skills that I want to start moving along.
> 
> First thing would be the network basics.  I don't need anything like
> cisco training.  Just looking at starting them with the basics.
> Bridged vs. Routing,  Subnet masks, DNS, etc.  Just what they need for
> basic networking.
> 
> Are there any online certification classes like that out there?
> 
> 
> 
> --
> Thanks,
> Mark  mailto:m...@mailmt.com 
> 
> Myakka Technologies, Inc.
> www.MyakkaTech.com 
> 
> Proud Sponsor of the Myakka City Relay For Life
> http://www.RelayForLife.org/MyakkaCityFL 
> 
> 
> Please Donate at http://www.myakkatech.com/RFL.html 
> 
> 

Re: [AFMUG] installer hire / training process.

[Paul Stewart]

Ouch … 6 people for an interview …. that would be tough! :)

At most, we have 3 people when hiring …. fast paced, keep it informal to 
increase comfort zone with the person being interviewed as you would be amazed 
what some of them say out loud when it’s “just the boys sitting around talking” 
kind of thing …

Had one about a month ago that the first question was “what does this job pay?” 
which is a major red flag for me …. needless to say the conversation ended 
shortly and cut that person loose as that was their only priority …


> On Apr 25, 2017, at 10:06 AM, Chuck McCown  wrote:
> 
> I once had two job candidates interview before a panel of about 6 of us for 
> the same job at the same time.  That was FUN!
>  
> Talk about competition!
>  
> Then we hired both of them.  Had already decided to hire both of them before 
> the meeting, but was feeling a bit sporting that day.  
>  
> From: CBB - Jay Fuller <>
> Sent: Tuesday, April 25, 2017 3:22 AM
> To:  <>af@afmug.com 
> Subject: Re: [AFMUG] installer hire / training process.
>  
>  
>  
> I've always enjoyed hearing about the competition type programs at WISPA 
> shows.  Layne Sisk has one at Serverplus and some of the larger WISPS have 
> them.  I wish we had enough employees to do something like that.  We have 3 
> or 4 installers now but they work as teams (or alone), so it isn't really 
> fair to "judge them against one another..."
>  
>  
>> And I personally, just my opinion, believe it is a cultural thing.  I’m not 
>> looking down on anyone by saying that, just stating that the modern 
>> generation has been taught that there are more shortcuts than there are 
>> challenges to face and build character.  I’ve also seen it with my own eyes 
>> as I have 4 young children.  The things they teach kids now, and the way 
>> they teach them, is way different than what I was raised to know, and even 
>> more disconnected from our fathers and their fathers before them.  Every 
>> generation will have the youthful ones, but I think the current youthful 
>> generation is being raised in a world where they are taught everyone gets a 
>> trophy or nobody does, and that hurts the employer, because you no longer 
>> have people competing for position and pride, instead you have groups of 
>> folks getting together saying, hey, Dan makes $15, we ALL should make 
>> $15 but Dan does more. Yeah, but Dan is my equal because we share 
>> the same title, and therefor should share the same pay. but Dan has also 
>> been here for 5 years, you just started... I don’t care, Dan and I work 
>> right next to each other, and I deserve the same benefits he has 
>> guarantee that argument has been had by many business owners lately with at 
>> least one employee.  Not trying to start a long drawn out debate about the 
>> youth or culture, just giving an example of what I’ve personally seen in our 
>> area.
>>  
>>  

Re: [AFMUG] Calix E7-2 vs AdTran, Zhone, or?

[Paul Stewart]

Thanks …

The model we tested was the ZTE H268A specifically … the answer for the DMTF 
tones was that there wasn’t anyone in North America using the voice portion yet 
and they could develop it but I was a bit shocked they would send it to us when 
only “half” of it works .. 

The unit wasn’t horrible or anything …. the UI was a bit flaky and stuff….. but 
when compared to others that we use today it just simply didn’t perform as well 
(short version)

Paul


> On Apr 15, 2017, at 7:06 PM, PE R <hillrunner...@yahoo.com> wrote:
> 
> Doesn't hurt to give the newer stuff a shot and possibly save some CAPEX.  :) 
>   (And the newer ZTE VDSL2 products are deployed and/or in trials along with 
> the G.fast products with operators throughout the US.)  
> 
> The DTMF tones are simply a matter of getting the software updated if the 
> product's going to be sold in the US.  ZTE's deployed by Tier 1s in EU along 
> APAC, etc. -- a couple of the analyst groups rank them as the #1 HGW vendor 
> worldwide.
> 
> Do you remember what RG you were using?  An ADSL RG?  Only a handful of 
> vendors did triple play on those products and they all had issues for the 
> first few years of the technology without naming names.
> 
> An ATA was typically -- for most ADSL RGs -- a separate device where the 
> triple play boxes had the FXS (analog) chip integrated into the system.  
> 
> Since everything on a PON system, outside of the customer LAN 
> (Wifi/POTS/GigE), is EMS based, the EMS is pretty much 1:1 with other systems 
> based on feedback since you're managing the L2/L3 network WAN traffic, the 
> PON and the PON & Layer 2 portion of the ONT.
> 
> 
> 
> 
> 
> 
> From: Paul Stewart <p...@paulstewart.org>
> To: af@afmug.com 
> Sent: Saturday, April 15, 2017 3:39 PM
> Subject: Re: [AFMUG] Calix E7-2 vs AdTran, Zhone, or?
> 
> Much prefer Adtran TA5000 stuff personally …. haven’t used ZTE for FTTH but 
> tested some of their other gear such as ATA combo modem (dsl) and ran into a 
> lot of grief with it.  It “feels” super cheap and the UI had a lot to be 
> desired (and simply lacked needed features like North American DTMF tones etc)
> 
> Calix I liked better when it was Occam …. newer stuff though (E7) I have 
> talked to several folks and they like it …
> 
>> On Apr 14, 2017, at 7:48 PM, PE R <hillrunner...@yahoo.com 
>> <mailto:hillrunner...@yahoo.com>> wrote:
>> 
>> Or ZTE.  Just came away from the NTCA show and our products compete 
>> exceptionally well. 
>> 
>> Options include indoor ONT w/ BBU or outdoor.
>> 
>> 
>> From: Chuck McCown <ch...@wbmfg.com <mailto:ch...@wbmfg.com>>
>> To: af@afmug.com <mailto:af@afmug.com> 
>> Sent: Friday, April 14, 2017 6:02 PM
>> Subject: Re: [AFMUG] Calix E7-2 vs AdTran, Zhone, or?
>> 
>> Like to compare with outdoor ONT with a battery backed power supply at the 
>> home with 1 POTS line.
>> 
>> -Original Message- 
>> From: Mark - Myakka Technologies
>> Sent: Friday, April 14, 2017 2:07 PM
>> To: af@afmug.com <mailto:af@afmug.com>
>> Subject: Re: [AFMUG] Calix E7-2 vs AdTran, Zhone, or?
>> 
>> Chuck,
>> 
>> On the OLT side it will vary depending on how many cards we put in the
>> cage and how many people we actually put on a port.
>> 
>> Best case fully populate cage with 32 users per port that will handle
>> 1792 customers about $34 per user.
>> 
>> In reality, a cage with 3 slots and an average of 25 users per port for
>> a total of about 600 users would be about $29 per user.
>> 
>> This does not include a 48v power plant to run the cage.  But as you
>> know the price per user on a port is not very much at all and slightly
>> varis based on density.
>> 
>> Hardware on the customer side for an ONT, BBU, splice case, etc.  Not
>> including labor or drop will range from a low of about $250 to about
>> $450 depending on if we use an indoor verses outdoor ONT, 2 vs 4 pots,
>> etc.
>> 
>> -- 
>> Best regards,
>> Markmailto:m...@mailmt.com 
>> <mailto:m...@mailmt.com>
>> 
>> Myakka Technologies, Inc.
>> www.MyakkaTech.com <http://www.myakkatech.com/>
>> 
>> Proud Sponsor of the Myakka City Relay For Life
>> http://www.RelayForLife.org/MyakkaCityFL 
>> <http://www.relayforlife.org/MyakkaCityFL>
>> 
>> Please Donate at Please Donate at http://www.myakkatech.com/RFL.html 
>> <http://www.myakkatech.com/RFL.html>
>> --
>> 
>> Friday, April 14, 2017, 3:38:54 PM, you wrote:
>> 
>> cwc> Just lik

Re: [AFMUG] Calix E7-2 vs AdTran, Zhone, or?

[Paul Stewart]

Much prefer Adtran TA5000 stuff personally …. haven’t used ZTE for FTTH but 
tested some of their other gear such as ATA combo modem (dsl) and ran into a 
lot of grief with it.  It “feels” super cheap and the UI had a lot to be 
desired (and simply lacked needed features like North American DTMF tones etc)

Calix I liked better when it was Occam …. newer stuff though (E7) I have talked 
to several folks and they like it …

> On Apr 14, 2017, at 7:48 PM, PE R  wrote:
> 
> Or ZTE.  Just came away from the NTCA show and our products compete 
> exceptionally well. 
> 
> Options include indoor ONT w/ BBU or outdoor.
> 
> 
> From: Chuck McCown 
> To: af@afmug.com 
> Sent: Friday, April 14, 2017 6:02 PM
> Subject: Re: [AFMUG] Calix E7-2 vs AdTran, Zhone, or?
> 
> Like to compare with outdoor ONT with a battery backed power supply at the 
> home with 1 POTS line.
> 
> -Original Message- 
> From: Mark - Myakka Technologies
> Sent: Friday, April 14, 2017 2:07 PM
> To: af@afmug.com 
> Subject: Re: [AFMUG] Calix E7-2 vs AdTran, Zhone, or?
> 
> Chuck,
> 
> On the OLT side it will vary depending on how many cards we put in the
> cage and how many people we actually put on a port.
> 
> Best case fully populate cage with 32 users per port that will handle
> 1792 customers about $34 per user.
> 
> In reality, a cage with 3 slots and an average of 25 users per port for
> a total of about 600 users would be about $29 per user.
> 
> This does not include a 48v power plant to run the cage.  But as you
> know the price per user on a port is not very much at all and slightly
> varis based on density.
> 
> Hardware on the customer side for an ONT, BBU, splice case, etc.  Not
> including labor or drop will range from a low of about $250 to about
> $450 depending on if we use an indoor verses outdoor ONT, 2 vs 4 pots,
> etc.
> 
> -- 
> Best regards,
> Markmailto:m...@mailmt.com 
> 
> 
> Myakka Technologies, Inc.
> www.MyakkaTech.com
> 
> Proud Sponsor of the Myakka City Relay For Life
> http://www.RelayForLife.org/MyakkaCityFL 
> 
> 
> Please Donate at Please Donate at http://www.myakkatech.com/RFL.html 
> 
> --
> 
> Friday, April 14, 2017, 3:38:54 PM, you wrote:
> 
> cwc> Just like to compare apples to apples with Calix.
> 
> cwc> -Original Message- 
> cwc> From: Mark - Myakka Technologies
> cwc> Sent: Friday, April 14, 2017 1:19 PM
> cwc> To: af@afmug.com 
> cwc> Subject: Re: [AFMUG] Calix E7-2 vs AdTran, Zhone, or?
> 
> cwc> Chuck,
> 
> cwc> not personally.  Those numbers are available to me.  I've been so
> cwc> busy lately, I haven't had time to look at them.  I know the numbers
> cwc> are reasonable.  We are about 4 months from finishing the project we
> cwc> are working on now.  When that is done, I'm going to sit down and
> cwc> compare estimated to actual.
> 
> 
> 

[AFMUG] Windows 10 Creators update

[Paul Stewart]

Starts tomorrow …. been working on capacity planning stuff for 3 months now to 
prepare - should be interesting to see if it breaks traffic records in our 
network….

Just a friendly reminder about it coming ;)

Paul

Re: [AFMUG] CISCO VLAN question

[Paul Stewart]

haha.. yeah and I’ll take something that is reliable too ;)


> On Apr 8, 2017, at 9:00 AM, Josh Baird  wrote:
> 
> 5 clicks or one command?  I'll take Cisco's one command.
> 
> On Fri, Apr 7, 2017 at 11:19 PM, Timothy Steele  > wrote:
> All you Cisco lovers will hate me but just get a unfi setup what you are 
> doing would literally be like 5 clicks and done
> 
> 
> On Fri, Apr 7, 2017, 12:38 PM Josh Luthman  > wrote:
> VLAN is 1998 - wow!
> 
> 
> Josh Luthman
> Office: 937-552-2340 
> Direct: 937-552-2343 
> 1100 Wayne St
> Suite 1337
> Troy, OH 45373
> 
> On Fri, Apr 7, 2017 at 11:39 AM, Dave  > wrote:
> Yes.. 
>  I come from the 1990 era of Cisco LOL 
> 
> 
> 
> On 04/07/2017 10:29 AM, Cassidy B. Larson wrote:
>>  switchport trunk native vlan sounds like what you’re after?
>> It’ll pass an untagged vlan across a trunk port.
>> 
>>> On Apr 7, 2017, at 9:26 AM, Dave  
>>>  wrote:
>>> 
>>> Ok,
>>> So I want to manage my radio link and provide public access over that link.
>>> How do I configure my Cisco for switchport trunk to allow the customer to 
>>> connect at the other end with a sonicwall for his public ip?
>>> So the topology of this is
>>> Vlan 1000 is a managed vlan
>>> Vlan 2400 is the public access vlan
>>> Cisco port is mode trunk dot1q to allow both vlans but since the customer 
>>> dont have a vlan to configure on his sonic wall I would need my radios to 
>>> allow
>>> switchport access of 2400
>>> 
>>> Is there a way to tell the cisco to allow switchport access for vlan2400 on 
>>> the same trunked port?
>>> 
>>> Any ideas will be helpful
>>> 
>>> Thanks
>>> Dave
>>> 
>>> --
>>> 
> 
> -- 
> 
> 
> 

Re: [AFMUG] anybody else having issues with google dns?

[Paul Stewart]

Well said … I’m a big fan of this topic as you might tell … ;)

We run unbound for recursive caching resolvers … each POP has several of them 
and they all participate with anycast.  This way customers will get DNS lookups 
from the closest set of resolvers in the network at all times. Should there be 
an issue with those resolvers then the next closest POP will continue to answer 
customers etc.

For authoritative DNS we use PowerDNS … mainly because we like the ability to 
do direct database updates via automation tools that build things like reverse 
DNS for interfaces etc.  This system is not anycasted today but secondary is a 
3rd party doing so.  Plan is to move this to our own anycasted instance over 
the next while.

Paul

> On Apr 6, 2017, at 12:15 AM, Steve Jones <thatoneguyst...@gmail.com> wrote:
> 
> We have run bind authoritative since I got here. They were both virtual 
> appliances when I took over, an Ubuntu variant that was no longer supported, 
> so I moved them to centos with webmin for gui management. We added on net 
> recursive last year, centos with webmin, all our Linux is webmin, clustered 
> so all the Linux infrastructure is centrally managed. Still bind 9, but 
> solid. 
> It's made a huge difference for reverse lookups on our rfc1918 space to 
> verify what our ospf is doing. A simple set of acls isolates out dns from the 
> world, some policies protect us from on net bot net or otherwise malicious 
> dns traffic that would compromise our servers. It does make a huge difference 
> being on net recursive cached. Overall dns traffic actually decreased. And 
> considering the huge hassles we had handing out opendns that forced us to 
> move to Google dns as primary, it's like jesus became erect and spat joy 
> across us. Turns out to be a whole lot less complicated than expected, and 
> super easy to add redundancies.
> 
> On Apr 5, 2017 7:47 PM, "Paul Stewart" <p...@paulstewart.org 
> <mailto:p...@paulstewart.org>> wrote:
> Very correct….  run across this often on a mid/large scale where CDN traffic 
> getting served from a different country in a lot of cases because folks are 
> using public DNS servers vs directly on-net
> 
> 
>> On Mar 30, 2017, at 12:10 PM, Mike Hammett <af...@ics-il.net 
>> <mailto:af...@ics-il.net>> wrote:
>> 
>> Until they throttle your DNS traffic...  or worse.
>> 
>> Also, having off-net DNS resolvers means you're potentially not being served 
>> by the best CDN nodes for your network. That makes the performance of much 
>> of the Internet shit.
>> 
>> 
>> 
>> -
>> Mike Hammett
>> Intelligent Computing Solutions <http://www.ics-il.com/>
>>  <https://www.facebook.com/ICSIL> 
>> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> 
>> <https://www.linkedin.com/company/intelligent-computing-solutions> 
>> <https://twitter.com/ICSIL>
>> Midwest Internet Exchange <http://www.midwest-ix.com/>
>>  <https://www.facebook.com/mdwestix> 
>> <https://www.linkedin.com/company/midwest-internet-exchange> 
>> <https://twitter.com/mdwestix>
>> The Brothers WISP <http://www.thebrotherswisp.com/>
>>  <https://www.facebook.com/thebrotherswisp>
>> 
>> 
>>  <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg>
>> From: "Jon Langeler" <jon-ispli...@michwave.net 
>> <mailto:jon-ispli...@michwave.net>>
>> To: af@afmug.com <mailto:af@afmug.com>
>> Sent: Thursday, March 30, 2017 11:04:46 AM
>> Subject: Re: [AFMUG] anybody else having issues with google dns?
>> 
>> On the flip side. It's tough to beat the reliability of a DNS server managed 
>> by a mega billion $$ company with specialized IT guys babysitting 
>> everything. 
>> 
>> Jon Langeler
>> Michwave Technologies, Inc.
>> 
>> 
>> > On Mar 30, 2017, at 11:31 AM, Dennis Burgess <dmburg...@linktechs.net 
>> > <mailto:dmburg...@linktechs.net>> wrote:
>> > 
>> > Why you should have your own DNS servers :)  
>> > 
>> > 
>> > Dennis Burgess – Network Solution Engineer – Consultant 
>> > MikroTik Certified Trainer/Consultant – MTCNA, MTCRE, MTCWE, MTCTCE, MTCINE
>> > 
>> > For Wireless Hardware/Routers visit www.linktechs.net 
>> > <http://www.linktechs.net/>
>> > Radio Frequency Coverages: www.towercoverage.com 
>> > <http://www.towercoverage.com/> 
>> > Office: 314-735-0270 <tel:(314)%20735-0270>
>> > E-Mail: dmburg...@linktechs.net <mailto:dmburg...@linktechs.net> 
>> > 
>> > 
>> > -Original Message-
>> > From: Af [mailto:af-boun...@afmug.com <mailto:af-boun...@afmug.com>] On 
>> > Behalf Of Tim Reichhart
>> > Sent: Thursday, March 30, 2017 10:19 AM
>> > To: af@afmug.com <mailto:af@afmug.com>
>> > Subject: [AFMUG] anybody else having issues with google dns?
>> > 
>> > Is anybody else having issues with google dns? because when I ping 8.8.8.8 
>> > I get timedout or takes forever to load google.com <http://google.com/>
>> > 
>> > 
>> > 
> 

Re: [AFMUG] anybody else having issues with google dns?

[Paul Stewart]

Very correct….  run across this often on a mid/large scale where CDN traffic 
getting served from a different country in a lot of cases because folks are 
using public DNS servers vs directly on-net


> On Mar 30, 2017, at 12:10 PM, Mike Hammett  wrote:
> 
> Until they throttle your DNS traffic...  or worse.
> 
> Also, having off-net DNS resolvers means you're potentially not being served 
> by the best CDN nodes for your network. That makes the performance of much of 
> the Internet shit.
> 
> 
> 
> -
> Mike Hammett
> Intelligent Computing Solutions 
>   
>  
>  
> 
> Midwest Internet Exchange 
>   
>  
> 
> The Brothers WISP 
>  
> 
> 
>  
> From: "Jon Langeler"  >
> To: af@afmug.com 
> Sent: Thursday, March 30, 2017 11:04:46 AM
> Subject: Re: [AFMUG] anybody else having issues with google dns?
> 
> On the flip side. It's tough to beat the reliability of a DNS server managed 
> by a mega billion $$ company with specialized IT guys babysitting everything. 
> 
> Jon Langeler
> Michwave Technologies, Inc.
> 
> 
> > On Mar 30, 2017, at 11:31 AM, Dennis Burgess  > > wrote:
> > 
> > Why you should have your own DNS servers :)  
> > 
> > 
> > Dennis Burgess – Network Solution Engineer – Consultant 
> > MikroTik Certified Trainer/Consultant – MTCNA, MTCRE, MTCWE, MTCTCE, MTCINE
> > 
> > For Wireless Hardware/Routers visit www.linktechs.net 
> > 
> > Radio Frequency Coverages: www.towercoverage.com 
> >  
> > Office: 314-735-0270
> > E-Mail: dmburg...@linktechs.net  
> > 
> > 
> > -Original Message-
> > From: Af [mailto:af-boun...@afmug.com ] On 
> > Behalf Of Tim Reichhart
> > Sent: Thursday, March 30, 2017 10:19 AM
> > To: af@afmug.com 
> > Subject: [AFMUG] anybody else having issues with google dns?
> > 
> > Is anybody else having issues with google dns? because when I ping 8.8.8.8 
> > I get timedout or takes forever to load google.com 
> > 
> > 
> > 

Re: [AFMUG] VDSL question

[Paul Stewart]

Calix or Adtran ….

> On Mar 31, 2017, at 4:55 PM, Josh Luthman  wrote:
> 
> Awesome sauce, thanks!
> 
> Anyone have a recommendation for a VDSL dslam? =)
> 
> 
> Josh Luthman
> Office: 937-552-2340
> Direct: 937-552-2343
> 1100 Wayne St
> Suite 1337
> Troy, OH 45373
> 
> On Fri, Mar 31, 2017 at 2:19 PM, > 
> wrote:
> VDSL modems are standards based and should work with other dslams. 
>  
> From: Josh Luthman <>
> Sent: Friday, March 31, 2017 12:16 PM
> To: af@afmug.com <>
> Subject: [AFMUG] VDSL question
>  
> I've had an old old old Zyxel VES 1000 dslam that I inherited from the 
> building.  How interchangeable are dslam and vdsl modems?  I just pulled up 
> my last spare and the replacement looks to be $1900 on ebay.
>  
> All 12 ports are mode "10baseS".  They have various up/down rates.  I think 
> we have Zyxel and SMC VDSL modems through out the customer base.
> 
> Can I just get any VDSL dslam and expect it to work?
>  
> Josh Luthman
> Office: 937-552-2340 
> Direct: 937-552-2343 
> 1100 Wayne St
> Suite 1337
> Troy, OH 45373
> 

Re: [AFMUG] Adtran TA5000 Pricing

[Paul Stewart]

Thanks … I had seen that before but missed the tab that has TA5000

Thanks,
Paul


> On Mar 22, 2017, at 8:13 PM, Colin Stanners <cstann...@gmail.com> wrote:
> 
> From Google, look at 
> https://s3-us-west-2.amazonaws.com/wsca-uploads/1420828908_Adtran%20Price%20List.xls
>  
> <https://s3-us-west-2.amazonaws.com/wsca-uploads/1420828908_Adtran%20Price%20List.xls>
>tab 5.2.4. 
> 
> On Wed, Mar 22, 2017 at 6:55 PM, Paul Stewart <p...@paulstewart.org 
> <mailto:p...@paulstewart.org>> wrote:
> Does anyone have pricing on TA5000 platform that they can share offline?
> 
> I’m looking for the largest chassis with all the standard controller cards + 
> DWDM + Ethernet ports to start.  Yes, a bit vague I realize.  If the list has 
> GPON line cards that would be awesome too..
> 
> USD List Prices are fine .. just need to put some options together and short 
> on time - calling Adtran rep will probably take a week to hammer out … just 
> need budgetary stuff to work from
> 
> Thanks :)
> 
> Paul
> 
> 
> 

Re: [AFMUG] Small-scale GPON

[Paul Stewart]

some folks were saying how great Alphion is .. why are you selling?


> On Mar 22, 2017, at 8:09 AM, Chuck Hogg <ch...@shelbybb.com> wrote:
> 
> I am replacing my Alphion shelf if anyone is interested in it and ~30 ONTs.  
> 
> On Wed, Mar 22, 2017 at 8:07 AM Chuck Hogg <ch...@shelbybb.com 
> <mailto:ch...@shelbybb.com>> wrote:
> No, I've got multiple brands working.
> 
> On Tue, Mar 21, 2017 at 9:49 PM George Skorup <george.sko...@cbcast.com 
> <mailto:george.sko...@cbcast.com>> wrote:
> I assume ZTE doesn't care about SFP branding?
> 
> 
> On 3/21/2017 7:05 PM, Chuck Hogg wrote:
>> It's not open standard.  They key their optics like calix.
> 
>> On Tue, Mar 7, 2017 at 12:11 AM Josh Reynolds <j...@kyneticwifi.com 
>> <mailto:j...@kyneticwifi.com>> wrote:
> 
>> Seriously though... Alphion obviously doesn't have the level of software 
>> toys/tools that Calix does obviously, but when the cost is like 1/8th, you 
>> can spend that money on contractors and OLTs and ONTs and get way more subs 
>> installed much faster - and it's something that is still based on open 
>> standards.
>> 
>> That's a hard business proposition to ignore.
>> 
>> On Mar 6, 2017 6:59 PM, "Paul Stewart" <p...@paulstewart.org 
>> <mailto:p...@paulstewart.org>> wrote:
>> haha… yeah fair enough ;)  
>>> On Mar 6, 2017, at 7:04 PM, Josh Reynolds <j...@kyneticwifi.com 
>>> <mailto:j...@kyneticwifi.com>> wrote:
>>> 
>> 
>>> It can be different when you're the one paying for it :)
>> 
>>> On Mar 6, 2017 5:13 PM, "Paul Stewart" <p...@paulstewart.org 
>>> <mailto:p...@paulstewart.org>> wrote:
>> 
>>> Interesting …. do they work ok?
>>> 
>>> I came from Calix and Adtran world for GPON/ONT stuff … considerably more 
>>> than that.  I did look at some DWDM stuff from China and it was total junk 
>>> in my opinion - some people like it .. not my thing.
>>> 
>> 
>>>> On Mar 6, 2017, at 2:48 PM, Chuck Hogg <ch...@shelbybb.com 
>>>> <mailto:ch...@shelbybb.com>> wrote:
>>>> 
>> 
>>>> I'm importing direct from China.  16Port OLT with Class Optics and Power 
>>>> Supply for $3200.  ONT's for $25.  PLC's from $2-10 depending on the 
>>>> split.  Check Alibaba.
>> 
>>>> 
>>>> Regards,
>>>> Chuck
>>>> 
>> 
>>>> On Mon, Mar 6, 2017 at 2:31 PM, George Skorup <george.sko...@cbcast.com 
>>>> <mailto:george.sko...@cbcast.com>> wrote:
>> 
>>>> Yup. My plan is to start 32:1 and knock it down to 16:1 and throw in 
>>>> another OLT if needed.
>>>> 
>>>> On 3/6/2017 12:01 PM, Josh Reynolds wrote:
>>>>> Google did 32x1. Common at the time of their initial deployment was 64x1. 
>>>>> The company I just got off the ground did 16x1.
>>>>> 
>>>>> On Mar 6, 2017 11:47 AM, "Sterling Jacobson" <sterl...@avative.net 
>>>>> <mailto:sterl...@avative.net>> wrote:
>>>>> AE gets to be a headache with power costs and heat control in cabinets.
>>>>> 
>>>>>  
>>>>> Low oversub GPON is plenty good for now and probably well into the future.
>>>>> 
>>>>>  
>>>>> I believe that is what Google did, maybe 8:1 max split?
>>>>> 
>>>>>  
>>>>> The temptation with GPON is to stretch it to the limits, which might 
>>>>> cause some re-splicing down the road if you want super high FDX.
>>>>> 
>>>>>  
>>>>> AE doesn’t have that problem even with equipment a decade old I can still 
>>>>> supply the same SFP+ switch with 180Gbps each if I want to carry that 
>>>>> much on the backhaul. Equipment is super cheap, and it’s essentially 
>>>>> backwards compatible with GPON if your neighborhood runs are short like 
>>>>> mine. But again, lots of power is required.
>>>>> 
>>>>>  
>>>>> From: Af [mailto:af-boun...@afmug.com <mailto:af-boun...@afmug.com>] On 
>>>>> Behalf Of Chuck McCown
>>>>> Sent: Sunday, March 5, 2017 8:08 AM
>>>>> To: af@afmug.com <mailto:af@afmug.com>
>>>>> Subject: Re: [AFMUG] Small-scale GPON
>>>>> 
>>>>>  
>>>>> Calix has NG PON2 which does 10 Gbps per wavelength

Re: [AFMUG] OT Tesla

[Paul Stewart]

I’d have to double check the exact amount but here in Ontario, the power you 
sell back at something like 90 cents Kwh … very inflated to encourage more 
people to generate their own power and sell it back to the “system” - in my 
opinion it’s driven the price of purchasing/consuming power artificially high 
as well … real problem here….



> On Mar 20, 2017, at 1:46 PM, Robert  wrote:
> 
> My solar system stores energy in the form of gravity potential...
> 
> On 3/20/17 5:59 AM, Chuck McCown wrote:
>> My solar system stores excess energy as credit on the bill.  So I can
>> use it anytime of day.
>> 
>> *From:* Rory Conaway
>> *Sent:* Monday, March 20, 2017 3:21 AM
>> *To:* af@afmug.com
>> *Subject:* Re: [AFMUG] OT Tesla
>> 
>> 
>> Our rate is 5.9 cents per kWh under a special program for electric car
>> owners.
>> 
>> 
>> 
>> Most of my wife’s driving is 70mph or less and more city driving than
>> what you probably do.  We probably charge 50 miles per day average and
>> the car gets about 3.5-4m per kWh.
>> 
>> 
>> 
>> Our worst rate is about 10.1 cents per kWh on peak during the week.
>> Solar doesn’t help us in charging since the care is gone at 7:30am and
>> doesn’t get home until after 6:30.
>> 
>> 
>> 
>> Rory
>> 
>> 
>> 
>> 
>> 
>> *From:*Af [mailto:af-boun...@afmug.com] *On Behalf Of *Chuck McCown
>> *Sent:* Sunday, March 19, 2017 9:50 PM
>> *To:* af@afmug.com
>> *Subject:* Re: [AFMUG] OT Tesla
>> 
>> 
>> 
>> I am getting about 1 mile per percent.  I never trust that display, I
>> always use battery percentage.  But I drive 80 mph everywhere, freeway.
>> 
>> 
>> 
>> I am solar powered at my house and other people pay for the power other
>> places I charge.   So there is no cost of energy for me.
>> 
>> 
>> 
>> But if I was paying, it would be about 12 cents per kWh  (it can go as
>> low as 8 cents depending on how you do  it).  So $3.60/charge or 3 cents
>> per mile.  (2.4 cents per mile at the lower tariff)
>> 
>> 
>> 
>> Hyundai was getting 34 mpg.  So 7.4 cents per mile.
>> 
>> 
>> 
>> *From:*Rory Conaway
>> 
>> *Sent:*Sunday, March 19, 2017 9:57 PM
>> 
>> *To:*af@afmug.com
>> 
>> *Subject:*Re: [AFMUG] OT Tesla
>> 
>> 
>> 
>> So after 2 days with the Leaf and the 30Kw battery, our estimate is that
>> it’s actually underrated or they have found other ways to save power.  I
>> definitely notice more aggressive regen control on eco mode but we are
>> seeing 120-125 mile on the display even after using 5-8% of the
>> battery.   Considering you can drive one for about $4K a year, almost no
>> maintenance, and about ¼ of the cost of gas, it’s got to be one of the
>> best values out there.
>> 
>> 
>> 
>> Rory
>> 
>> 
>> 
>> *From:*Af [mailto:af-boun...@afmug.com] *On Behalf Of *Chuck McCown
>> *Sent:* Saturday, March 18, 2017 9:08 AM
>> *To:* af@afmug.com
>> *Subject:* Re: [AFMUG] OT Tesla
>> 
>> 
>> 
>> I find it interesting they can upgrade a battery with software...
>> 
>> 
>> 
>> *From:*can...@believewireless.net
>> 
>> *Sent:*Saturday, March 18, 2017 10:06 AM
>> 
>> *To:*af@afmug.com
>> 
>> *Subject:*Re: [AFMUG] OT Tesla
>> 
>> 
>> 
>> I highly doubt people were just buying the 75 as they say. Think this
>> will hurt sales? They already did this to the Model X.
>> 
>> Or are they hoping the Model 3 will fill the gap?
>> 
>> 
>> 
>> On Sat, Mar 18, 2017 at 11:33 AM, Chuck McCown  wrote:
>> 
>> Interesting note from Tesla this morning:
>> 
>> 
>> 
>> Customers who still want the opportunity to own a 60 kWh Model S will
>> have until April 16, 2017 to place their order. Any 60 kWh Model S will
>> have the ability to upgrade their battery to 75 kWh via an over the air
>> update.
>> 
>> 
>> 
>> 
>> 
>> 
>> 

Re: [AFMUG] Speaking of banks and banking

[Paul Stewart]

It became such and issue for me with another company i was involved with that 
we ended up using a service that (conveniently or ironically) the bank offers 
to protect against this kind of stuff.  The name varies bank to bank but 
basically when you do check runs, you upload that information to the bank and 
only those checks will be honoured and within a certain timeframe.it was 
quite expensive but having to deal with fraud issues all the time is too …


> On Mar 17, 2017, at 11:31 PM, Chuck McCown  wrote:
> 
> Also, I found out if you have a double signature requirement on checks and 
> someone sends one through with only one signature, the bank does not give a 
> crap.
> 
> -Original Message- From: Rory Conaway
> Sent: Friday, March 17, 2017 2:26 PM
> To: af@afmug.com
> Subject: Re: [AFMUG] Speaking of banks and banking
> 
> I believe you have about 60 days maximum to file claims.  After that you are 
> basically screwed with the way the laws are written.  I tell you this from 
> experience.
> 
> Rory
> 
> -Original Message-
> From: Af [mailto:af-boun...@afmug.com] On Behalf Of Chuck McCown
> Sent: Friday, March 17, 2017 1:02 PM
> To: af@afmug.com
> Subject: Re: [AFMUG] Speaking of banks and banking
> 
> Yeah, the one guy that signed his own name to one of the checks signed it 
> with a decent enough signature that the graphologists can match it up to many 
> other examples of his signature that are available in public records.
> 
> -Original Message-
> From: Adam Moffett
> Sent: Friday, March 17, 2017 2:00 PM
> To: af@afmug.com
> Subject: Re: [AFMUG] Speaking of banks and banking
> 
> Yeah, I'm guessing if they wrote checks to themselves then you know exactly 
> who to make a claim against.  I'm sure Chuck has weighed the options though.
> 
> 
>> 
>> 
>> Surely that's some kind of crime with a statute of limitations of more
>> than
>> 60 days.
>> 
>> ~Seth
> 

Re: [AFMUG] IPV6 Address planning

[Paul Stewart]

This answer varies of course …. one thing with ICMPv6 though is to make sure 
you allow more than just echo/reply … take a look at 
https://www.ietf.org/rfc/rfc4890.txt 


> On Mar 17, 2017, at 4:44 AM, Stefan Englhardt  wrote:
> 
> Yes we are late but none of our customer needed/wanted ipv6 until now.
> So now we are considering our address planning for our infrastructure.
> With IPV4 we use private addresses with small subnets between routers.
>  
> With IPV6 we are considering using official unicast adresses and a /120 for 
> each subnet. 
> A packetfilter at the Border routers allowing only icmp echo/reply to the /56 
> containing
> this infrastructure subnets.
>  
> What is best practice for a IPV6 addressing in a WISP network? 

Re: [AFMUG] Windows 10 update speed

[Paul Stewart]

Depends on where the updates are coming from ….

> On Mar 16, 2017, at 10:20 AM, Nate Burke  wrote:
> 
> So it seems like when a customer wants to update a windows 10 machine, it 
> will gladly and readily take all available bandwidth (and more).  I'm 
> updating 2 brand new windows 10 machines in the NOC, plugged into gigabit 
> Ethernet, and they're downloading the windows updates at <2mb/s.  I would 
> have expected them to just fly.

Re: [AFMUG] Fiber Build Time Question

[Paul Stewart]

Oooh I like that way of thinking .. makes complete sense for sure… appreciate 
that!


> On Mar 6, 2017, at 8:31 PM, Craig Schmaderer <cr...@skywaveconnect.com> wrote:
> 
> This might only answer half your question but we don't install a customer 
> until the entire pon cabinet is done, main line all done and main cross 
> splice cases are done.  (About 250 houses usually is the size) So if its a 
> new install drop and that handhole doesn't have a splice in yet (because this 
> is the first of 4-6 drop handhole) so I would say it takes at least 4-6 man 
> hours to do this.  We usually will have a drop crew install the drop a day 
> before and splice everything up to the house. Than our wireless installers 
> install inside the house the next days. Drop guys get durty and usually its 
> hard to guess how long a drop will take so we have found it easier for the 
> inside installer to come later.  
> 
> 
> From: Af <af-boun...@afmug.com <mailto:af-boun...@afmug.com>> on behalf of 
> Paul Stewart <p...@paulstewart.org <mailto:p...@paulstewart.org>>
> Sent: Monday, March 6, 2017 7:03:15 PM
> To: af@afmug.com <mailto:af@afmug.com>
> Subject: Re: [AFMUG] Fiber Build Time Question
>  
> Thanks - that helps for sure…. I came up with 4 hours per dwelling on average 
> from start to finish to have the service on the curb and ready to pull in …
> 
> Basically, in a situation where have permits, locates, engineering and 
> everything in place - now guys go! :)  Then as orders come in, then 
> “installation” happens and I figured 4 hours there as well doing one off 
> installs
> 
> Really rough and as you know lots of factors but it doesn’t seem my estimate 
> is far off 
> 
> Thanks,
> Paul
> 
> 
> 
> > On Mar 6, 2017, at 6:37 PM, Chuck McCown <ch...@wbmfg.com 
> > <mailto:ch...@wbmfg.com>> wrote:
> > 
> > That's what happens when you don't actually read the post
> > 
> > We provide the duct if the developer provides the trench, so that part is 
> > pretty quick.  Handholes are installed later.  Probably a half hour per 
> > dwelling for empty duct and handholes.
> > 
> > Then we pull and splice.  Add another hour per dwelling.
> > 
> > Then we hang the ONT and install.  Probably 3 hours per dwelling.  But that 
> > is doing them in volume with a crew of 4-6 guys.
> > 
> > 
> > -Original Message- From: Paul Stewart
> > Sent: Monday, March 06, 2017 4:21 PM
> > To: af@afmug.com
> > Subject: Re: [AFMUG] Fiber Build Time Question
> > 
> > 80% of what? :)  I’m trying to calculate man hours …
> > 
> > Thanks,
> > Paul
> > 
> >> On Mar 6, 2017, at 6:18 PM, Chuck McCown <ch...@wbmfg.com> wrote:
> >> 
> >> 80%
> >> 
> >> -Original Message- From: Paul Stewart
> >> Sent: Monday, March 06, 2017 4:15 PM
> >> To: Animal Farm
> >> Subject: [AFMUG] Fiber Build Time Question
> >> 
> >> I checked around and can’t come up with a number so asking the list …. 
> >> it’s an open ended question I realize…
> >> 
> >> For every 1000 homes passed, assuming a medium density deployment (meaning 
> >> primarily houses in subdivisions but limited MDU) - how much time to 
> >> trench the fiber and have connectivity ready to then run the drop to a 
> >> customer premise when they order service?  I’m trying to calculate the man 
> >> hours involved with going down a street and having everything ready for 
> >> service leaving out the CPE/drop side of things.
> >> 
> >> Cheers,
> >> Paul
> >> 
> >> 
> > 
> > 

Re: [AFMUG] Fiber Build Time Question

[Paul Stewart]

Thanks - that helps for sure…. I came up with 4 hours per dwelling on average 
from start to finish to have the service on the curb and ready to pull in …

Basically, in a situation where have permits, locates, engineering and 
everything in place - now guys go! :)  Then as orders come in, then 
“installation” happens and I figured 4 hours there as well doing one off 
installs

Really rough and as you know lots of factors but it doesn’t seem my estimate is 
far off 

Thanks,
Paul



> On Mar 6, 2017, at 6:37 PM, Chuck McCown <ch...@wbmfg.com> wrote:
> 
> That's what happens when you don't actually read the post
> 
> We provide the duct if the developer provides the trench, so that part is 
> pretty quick.  Handholes are installed later.  Probably a half hour per 
> dwelling for empty duct and handholes.
> 
> Then we pull and splice.  Add another hour per dwelling.
> 
> Then we hang the ONT and install.  Probably 3 hours per dwelling.  But that 
> is doing them in volume with a crew of 4-6 guys.
> 
> 
> -Original Message- From: Paul Stewart
> Sent: Monday, March 06, 2017 4:21 PM
> To: af@afmug.com
> Subject: Re: [AFMUG] Fiber Build Time Question
> 
> 80% of what? :)  I’m trying to calculate man hours …
> 
> Thanks,
> Paul
> 
>> On Mar 6, 2017, at 6:18 PM, Chuck McCown <ch...@wbmfg.com> wrote:
>> 
>> 80%
>> 
>> -Original Message- From: Paul Stewart
>> Sent: Monday, March 06, 2017 4:15 PM
>> To: Animal Farm
>> Subject: [AFMUG] Fiber Build Time Question
>> 
>> I checked around and can’t come up with a number so asking the list …. it’s 
>> an open ended question I realize…
>> 
>> For every 1000 homes passed, assuming a medium density deployment (meaning 
>> primarily houses in subdivisions but limited MDU) - how much time to trench 
>> the fiber and have connectivity ready to then run the drop to a customer 
>> premise when they order service?  I’m trying to calculate the man hours 
>> involved with going down a street and having everything ready for service 
>> leaving out the CPE/drop side of things.
>> 
>> Cheers,
>> Paul
>> 
>> 
> 
> 

Re: [AFMUG] Small-scale GPON

[Paul Stewart]

haha… yeah fair enough ;)  

> On Mar 6, 2017, at 7:04 PM, Josh Reynolds <j...@kyneticwifi.com> wrote:
> 
> It can be different when you're the one paying for it :)
> 
> On Mar 6, 2017 5:13 PM, "Paul Stewart" <p...@paulstewart.org 
> <mailto:p...@paulstewart.org>> wrote:
> Interesting …. do they work ok?
> 
> I came from Calix and Adtran world for GPON/ONT stuff … considerably more 
> than that.  I did look at some DWDM stuff from China and it was total junk in 
> my opinion - some people like it .. not my thing.
> 
> 
>> On Mar 6, 2017, at 2:48 PM, Chuck Hogg <ch...@shelbybb.com 
>> <mailto:ch...@shelbybb.com>> wrote:
>> 
>> I'm importing direct from China.  16Port OLT with Class Optics and Power 
>> Supply for $3200.  ONT's for $25.  PLC's from $2-10 depending on the split.  
>> Check Alibaba.
>> 
>> Regards,
>> Chuck
>> 
>> On Mon, Mar 6, 2017 at 2:31 PM, George Skorup <george.sko...@cbcast.com 
>> <mailto:george.sko...@cbcast.com>> wrote:
>> Yup. My plan is to start 32:1 and knock it down to 16:1 and throw in another 
>> OLT if needed.
>> 
>> On 3/6/2017 12:01 PM, Josh Reynolds wrote:
>>> Google did 32x1. Common at the time of their initial deployment was 64x1. 
>>> The company I just got off the ground did 16x1.
>>> 
>>> On Mar 6, 2017 11:47 AM, "Sterling Jacobson" <sterl...@avative.net 
>>> <mailto:sterl...@avative.net>> wrote:
>>> AE gets to be a headache with power costs and heat control in cabinets.
>>> 
>>>  
>>> Low oversub GPON is plenty good for now and probably well into the future.
>>> 
>>>  
>>> I believe that is what Google did, maybe 8:1 max split?
>>> 
>>>  
>>> The temptation with GPON is to stretch it to the limits, which might cause 
>>> some re-splicing down the road if you want super high FDX.
>>> 
>>>  
>>> AE doesn’t have that problem even with equipment a decade old I can still 
>>> supply the same SFP+ switch with 180Gbps each if I want to carry that much 
>>> on the backhaul. Equipment is super cheap, and it’s essentially backwards 
>>> compatible with GPON if your neighborhood runs are short like mine. But 
>>> again, lots of power is required.
>>> 
>>>  
>>> From: Af [mailto:af-boun...@afmug.com <mailto:af-boun...@afmug.com>] On 
>>> Behalf Of Chuck McCown
>>> Sent: Sunday, March 5, 2017 8:08 AM
>>> To: af@afmug.com <mailto:af@afmug.com>
>>> Subject: Re: [AFMUG] Small-scale GPON
>>> 
>>>  
>>> Calix has NG PON2 which does 10 Gbps per wavelength and multiple 
>>> wavelengths all overlaid on GPON so nothing in the OSP has to change.  All 
>>> the splitters etc still work.  That will give everyone on the PON 312.5 
>>> Mbps symmetrical all at the same time.  So oversubscribing 3:1 you could 
>>> sell 1G symmetrical to everyone and probably not run out of headroom. 
>>> 
>>>  
>>> From: Carlos Alcantar
>>> 
>>> Sent: Sunday, March 05, 2017 3:35 AM
>>> 
>>> To: af@afmug.com <mailto:af@afmug.com>
>>> Subject: Re: [AFMUG] Small-scale GPON
>>> 
>>>  
>>> to add to this post with the new PON technologies being released this year 
>>> giving everyone 1G FDX is going to be a non issue.
>>> 
>>>  
>>>  
>>> Carlos Alcantar
>>> 
>>> Race Communications / Race Team Member
>>> 
>>> 1325 Howard Ave. #604, Burlingame, CA. 94010
>>> 
>>> Phone: +1 415 376 3314 <tel:%28415%29%20376-3314> / car...@race.com 
>>> <mailto:car...@race.com> / http://www.race.com <http://www.race.com/>
>>>  
>>> From: Af <af-boun...@afmug.com <mailto:af-boun...@afmug.com>> on behalf of 
>>> George Skorup <george.sko...@cbcast.com <mailto:george.sko...@cbcast.com>>
>>> Sent: Saturday, March 4, 2017 8:44:29 PM
>>> To: af@afmug.com <mailto:af@afmug.com>
>>> Subject: Re: [AFMUG] Small-scale GPON
>>> 
>>>  
>>> I'm not really worried about POTS and RF. Everyone is using cell phones and 
>>> watching Netflix.
>>> 
>>> The AE deployment is a total waste of equipment and resources for the 
>>> utilization we're seeing. I have to go there next week and turn up another 
>>> switch. The 1Gbps feed is averaging less than 100Mbps every night. The 
>>> network owner was convinced that everyone h

Re: [AFMUG] Fiber Build Time Question

[Paul Stewart]

80% of what? :)  I’m trying to calculate man hours …

Thanks,
Paul

> On Mar 6, 2017, at 6:18 PM, Chuck McCown <ch...@wbmfg.com> wrote:
> 
> 80%
> 
> -Original Message----- From: Paul Stewart
> Sent: Monday, March 06, 2017 4:15 PM
> To: Animal Farm
> Subject: [AFMUG] Fiber Build Time Question
> 
> I checked around and can’t come up with a number so asking the list …. it’s 
> an open ended question I realize…
> 
> For every 1000 homes passed, assuming a medium density deployment (meaning 
> primarily houses in subdivisions but limited MDU) - how much time to trench 
> the fiber and have connectivity ready to then run the drop to a customer 
> premise when they order service?  I’m trying to calculate the man hours 
> involved with going down a street and having everything ready for service 
> leaving out the CPE/drop side of things.
> 
> Cheers,
> Paul
> 
> 

[AFMUG] Fiber Build Time Question

[Paul Stewart]

I checked around and can’t come up with a number so asking the list …. it’s an 
open ended question I realize…

For every 1000 homes passed, assuming a medium density deployment (meaning 
primarily houses in subdivisions but limited MDU) - how much time to trench the 
fiber and have connectivity ready to then run the drop to a customer premise 
when they order service?  I’m trying to calculate the man hours involved with 
going down a street and having everything ready for service leaving out the 
CPE/drop side of things.

Cheers,
Paul

Re: [AFMUG] Small-scale GPON

[Paul Stewart]

Interesting …. do they work ok?

I came from Calix and Adtran world for GPON/ONT stuff … considerably more than 
that.  I did look at some DWDM stuff from China and it was total junk in my 
opinion - some people like it .. not my thing.


> On Mar 6, 2017, at 2:48 PM, Chuck Hogg  wrote:
> 
> I'm importing direct from China.  16Port OLT with Class Optics and Power 
> Supply for $3200.  ONT's for $25.  PLC's from $2-10 depending on the split.  
> Check Alibaba.
> 
> Regards,
> Chuck
> 
> On Mon, Mar 6, 2017 at 2:31 PM, George Skorup  > wrote:
> Yup. My plan is to start 32:1 and knock it down to 16:1 and throw in another 
> OLT if needed.
> 
> On 3/6/2017 12:01 PM, Josh Reynolds wrote:
>> Google did 32x1. Common at the time of their initial deployment was 64x1. 
>> The company I just got off the ground did 16x1.
>> 
>> On Mar 6, 2017 11:47 AM, "Sterling Jacobson" > > wrote:
>> AE gets to be a headache with power costs and heat control in cabinets.
>> 
>>  
>> Low oversub GPON is plenty good for now and probably well into the future.
>> 
>>  
>> I believe that is what Google did, maybe 8:1 max split?
>> 
>>  
>> The temptation with GPON is to stretch it to the limits, which might cause 
>> some re-splicing down the road if you want super high FDX.
>> 
>>  
>> AE doesn’t have that problem even with equipment a decade old I can still 
>> supply the same SFP+ switch with 180Gbps each if I want to carry that much 
>> on the backhaul. Equipment is super cheap, and it’s essentially backwards 
>> compatible with GPON if your neighborhood runs are short like mine. But 
>> again, lots of power is required.
>> 
>>  
>> From: Af [mailto:af-boun...@afmug.com ] On 
>> Behalf Of Chuck McCown
>> Sent: Sunday, March 5, 2017 8:08 AM
>> To: af@afmug.com 
>> Subject: Re: [AFMUG] Small-scale GPON
>> 
>>  
>> Calix has NG PON2 which does 10 Gbps per wavelength and multiple wavelengths 
>> all overlaid on GPON so nothing in the OSP has to change.  All the splitters 
>> etc still work.  That will give everyone on the PON 312.5 Mbps symmetrical 
>> all at the same time.  So oversubscribing 3:1 you could sell 1G symmetrical 
>> to everyone and probably not run out of headroom. 
>> 
>>  
>> From: Carlos Alcantar
>> 
>> Sent: Sunday, March 05, 2017 3:35 AM
>> 
>> To: af@afmug.com 
>> Subject: Re: [AFMUG] Small-scale GPON
>> 
>>  
>> to add to this post with the new PON technologies being released this year 
>> giving everyone 1G FDX is going to be a non issue.
>> 
>>  
>>  
>> Carlos Alcantar
>> 
>> Race Communications / Race Team Member
>> 
>> 1325 Howard Ave. #604, Burlingame, CA. 94010
>> 
>> Phone: +1 415 376 3314  / car...@race.com 
>>  / http://www.race.com 
>>  
>> From: Af > on behalf of 
>> George Skorup >
>> Sent: Saturday, March 4, 2017 8:44:29 PM
>> To: af@afmug.com 
>> Subject: Re: [AFMUG] Small-scale GPON
>> 
>>  
>> I'm not really worried about POTS and RF. Everyone is using cell phones and 
>> watching Netflix.
>> 
>> The AE deployment is a total waste of equipment and resources for the 
>> utilization we're seeing. I have to go there next week and turn up another 
>> switch. The 1Gbps feed is averaging less than 100Mbps every night. The 
>> network owner was convinced that everyone had to have 1G FDX. They just 
>> don't realize how much electronics and power is required for 1k ports. 
>> There's less than 100 customers so far, so please, for the love of god, lets 
>> fix this now! We'll see what happens.
>> 
>> Anyway.. this project we're looking to do on our own is a neighborhood of 
>> rich bitches. We already have PMP450 there and it works fine. They "want 
>> more speed" and if they're willing to put up some cash for it, then we'll 
>> build it.
>> 
>> On 3/4/2017 9:55 PM, Josh Reynolds wrote:
>> 
>> Alphion does, yes.
>> 
>>  
>> On Mar 4, 2017 9:53 PM, "Chuck McCown" > > wrote:
>> 
>> What kind of costs are you talking?
>> Does  it talk to ONTs?  ONTs with POTS ports?
>> 
>> Sterling is AE, I know his costs are pretty low.  
>> -Original Message- From: George Skorup Sent: Saturday, March 04, 
>> 2017 8:39 PM To: af@afmug.com  ; memb...@wispa.org 
>>  Subject: [AFMUG] Small-scale GPON
>> 
>> We're looking to do another "fiberhood" with GPON instead of AE this time 
>> around. I remember Chuck Hogg mentioned Alphion. Has anyone deployed the 
>> AOLT-4200? Looks like a good solution. Or what else have you used for small  
>>  deployments?
>> 
>>  
>>  
> 
> 

Re: [AFMUG] Paul's SUMMARY: List topics and verboseness of non-WISP non-business related discussions

[Paul Stewart]

Hey Paul …. thanks for the clarification and apologies if I suggested that this 
was around cost…. I know I do and many folks on this list appreciate the work 
being done here to support the list.

I like a list that is self policing and low on formal policies … yes, every 
mailing list needs some rules for sure but keeping it “loose” works well for a 
group like this IMHO

Personally, I like this list a lot - it’s a “goto” list for me even though day 
to day I don’t work with a lot of wireless (our company has a WISP operation 
but I’m only involved from the distance).  I like the list because it’s mainly 
WISP folks who often come up with the absolute most creative ways to approach 
problems … that’s just my take.

thanks,
Paul



> On Mar 2, 2017, at 11:27 AM, Paul McCall <pa...@pdmnet.net> wrote:
> 
> My comment truly was NOT about cost.  I GLADLY did this to support Chuck and 
> support the valued members that found the list a great resource.  PDMNet 
> wanted to give back to the WISP community.
>  
> Just for the record, the list costs about $ 150 /month (varies slightly by 
> traffic) on an AWS server, plus $ 99 /month for medium priority support.  I 
> could cut out the support probably because we haven’t needed it now for at 
> least 6 months.  At the time, there was a LOT of setup, and I mean a LOT to 
> fully integrate properly with AWS.  They are very particular to how email 
> flows, their API etc.  We had this discussion early on, and I believe we made 
> the right decision.  After the lng setup, we haven’t deal with a server 
> based delivery issue in over a year.  No getting blacklisted, no other drama. 
>  We wanted simple and stable and relatively maintenance free.  I love 
> maintenance free. 
>  
> I love the light-hearted nature of the members and until the political season 
> came, the “extra stuff” didn’t phase me (or others).  I absolutely LOVE hear 
> about Travis other business efforts, or stocks people are investing or 
> anything like that.  That’s what USED TO BE labeled as OT: I wouldn’t want to 
> filter that.  I love hearing what this groups other opinions are on a 
> multitude of OT subjects.   On the flip side, I can’t stand the absolute 
> garbage that gets spewed (JMO) over and over…  and over.  We get it.  You 
> don’t like the president AT ALL.  You want to continue to trash him ALL the 
> time.  We get it.  We truly do.  You have fully expressed yourself.  You 
> won’t change anybody’s mind who does hatse the president or his policies.  
> Ever.  Move on.  PLEASE.  JMO
>  
> As Forrest said, the better we get at running our business, the less 
> technical questions get asked and the group has a social feel.While it 
> does take just a while to delete the obvious junk by its title, it seems to 
> creep into many other “normal threads” also.  The last 6 months, good 
> contributing members have become distant or gone completely.  Some people do 
> not want to have to sort through the muck.  Same reason I chose to never 
> watch CNN or FoxNews on TV.  It’s mostly garbage.Sometimes people don’t 
> complain.  They just go away.  I chose to say something.
>  
> Chuck wants the list to be self-policing.  Create a new subject header like 
> PRS: for blatantly Political, Religious, and Social) or something similar and 
> then we can truly filter that “stuff” so we never see it.   
>  
> Paul
>  
>  
>   <>
> From: Af [mailto:af-boun...@afmug.com <mailto:af-boun...@afmug.com>] On 
> Behalf Of Paul Stewart
> Sent: Thursday, March 2, 2017 6:57 AM
> To: Animal Farm <af@afmug.com <mailto:af@afmug.com>>
> Subject: Re: [AFMUG] List topics and verboseness of non-WISP non-business 
> related discussions
>  
> I offered before to run it for free …. just saying .. and I know there were 
> others too …
>  
> Running mailing lists isn’t a major investment especially if you already have 
> the infrastructure (which I do) 
>  
> Paul
>  
>  
>  
> On Mar 1, 2017, at 3:12 PM, Bill Prince <part15...@gmail.com 
> <mailto:part15...@gmail.com>> wrote:
>  
> I agree. The list keeps me out of the bar. I know it's too far to drive 
> anyway, but it's my excuse. I would be happy to through in something to avoid 
> draining Paul's bank account. There are plenty of us. Couldn't be more than 
> $100/month each.
>  
> bp
>  
> 
> On Wednesday, March 1, 2017 12:09 PM, Josh Luthman 
> <j...@imaginenetworksllc.com <mailto:j...@imaginenetworksllc.com>> wrote:
>  
> 
> I can two click delete emails from this list, last few weeks have been utter 
> garbage for sure.
>  
> What's the monthly cost of the list?  I think those of us that have benefited 
> from it could throw a few bucks to help you

Re: [AFMUG] OT: Youtube Data Storage

[Paul Stewart]

That sounds about right ….. highly distributed well connected storage is their 
key … 

It truly is staggering though when you think about it…

> On Mar 1, 2017, at 12:08 PM, Nate Burke  wrote:
> 
> I was reading an article the other day that referenced that youtube users 
> upload 400 hours of video every minute, or 65 years of video every day.  Is 
> my math right in showing that at an average of 2.5mb/s for the video size, 
> that's 600 TB of data per day being uploaded?  Given redundant copies being 
> made, Youtube is bringing online over a Petabyte per day of storage.
> 
> Since I've only been involved with Small businesses, wrapping my head around 
> this amount of storage and $$$ is hard.
> 
> Realizing that Google is custom, I'll use Backblaze for some math.
> Backblaze will do 45 drives in 4U@600w power draw  47U rack height = 11 4U 
> boxes = 495HD /rack  If they're 8tb drives, that's 4PB/rack. If Google is 
> paying 1/2 retail cost for drives, that's $175/drive, or $90k per rack (+ 
> Hardware)  6.6kw power draw (+ Cooling).
> 
> So every 4 Days, they spend $100k in Hardware, and increases their electric 
> bill by 8kw?
> 
> I guess when you're dealing with Billions of Dollars, a $100k every couple 
> days' isn't such a big deal.

Re: [AFMUG] OT Streaming

[Paul Stewart]

I understand it will be the same network, same systems etc….. 

> On Mar 1, 2017, at 12:33 PM, Seth Mattinen  wrote:
> 
> On 3/1/17 08:17, Chuck McCown wrote:
>> “YouTube’s service will cost $35 a month, similar to the cheapest deals
>> from AT& T’s DirecTV Now and Sony’s PlayStation Vue, but more expensive
>> than Dish’s Sling TV. It comes with unlimited storage in a cloud DVR; “
> 
> 
> Hmm, I wonder if they'll leverage the existing CDN infrastructure that 
> already feeds YouTube, especially at internet exchanges. If I have to build 
> transport somewhere for a competing TV service that's more costly than 
> YouTube coming off a peering I already have.
> 
> ~Seth

Re: [AFMUG] List topics and verboseness of non-WISP non-business related discussions

[Paul Stewart]

I offered before to run it for free …. just saying .. and I know there were 
others too …

Running mailing lists isn’t a major investment especially if you already have 
the infrastructure (which I do) 

Paul



> On Mar 1, 2017, at 3:12 PM, Bill Prince  wrote:
> 
> I agree. The list keeps me out of the bar. I know it's too far to drive 
> anyway, but it's my excuse. I would be happy to through in something to avoid 
> draining Paul's bank account. There are plenty of us. Couldn't be more than 
> $100/month each.
> 
> bp
> 
> 
> On Wednesday, March 1, 2017 12:09 PM, Josh Luthman 
>  wrote:
> 
> 
> I can two click delete emails from this list, last few weeks have been utter 
> garbage for sure.
> 
> What's the monthly cost of the list?  I think those of us that have benefited 
> from it could throw a few bucks to help you out.
> 
> 
> Josh Luthman
> Office: 937-552-2340
> Direct: 937-552-2343
> 1100 Wayne St
> Suite 1337
> Troy, OH 45373
> 
> On Wed, Mar 1, 2017 at 2:25 PM, Paul McCall  > wrote:
> I shared this with Chuck McCown, and he suggested I share this with the list 
> directly, so here goes.
>  
> Just FYI, in my normal business conversations with WISPs,  I get one or two 
> people a week tell me they no longer look at the list because of all the BS, 
> politics, etc.  I also don’t use AFMUG nearly as much as I used to because of 
> that. 
>  
> While it costs me $$ for every email sent (I have never complained), AWS is 
> very solid and reliable, so it was a great choice.  That’s not the point of 
> my comment.
>  
> People need to take that junk to some other venue, so we can focus on 
> important technology and business needs, IMO. 
>  
> It probably won’t change but it’s my 2 cents.
>  
> Paul
>  
>  
> Paul McCall, President
> PDMNet, Inc. / Florida Broadband, Inc.
> 658 Old Dixie Highway
> Vero Beach, FL 32962
> 772-564-6800  
> pa...@pdmnet.net 
> www.pdmnet.com 
> www.floridabroadband.com 
>  
>  
> 
> 
> 

Re: [AFMUG] OT Home Office Cleanup

[Paul Stewart]

Ah cool .. I remember playing Bard’s Tale - loved that game.  There was a 
Remote Access BBS door game adopted after it as well … now I’m dating myself 
haha


> On Feb 19, 2017, at 11:14 PM, Rex-List Account  wrote:
> 
> Brings back memories of late nights and pizza. 
> I have done all the Ultima series, Zork, Bard's Tale, Dungeon Master, and 
> many others.
> Good old days. Boy I miss them.
> 
> -Original Message-
> From: Af [mailto:af-boun...@afmug.com] On Behalf Of Sterling Jacobson
> Sent: Sunday, February 19, 2017 5:15 PM
> To: af@afmug.com
> Subject: Re: [AFMUG] OT Home Office Cleanup
> 
> Well, I played the Ultima Games as they were released, so that gives away my 
> age.
> 
> Grew up on Apple II+ and Ultima and Wizardry.
> 
> -Original Message-
> From: Af [mailto:af-boun...@afmug.com] On Behalf Of Adam Moffett
> Sent: Sunday, February 19, 2017 9:36 AM
> To: af@afmug.com
> Subject: Re: [AFMUG] OT Home Office Cleanup
> 
> I like your vintage games display.
> 
> Ultima...holy crap.  That was already old when I was a kid.
> 
> 
> -- Original Message --
> From: "Sterling Jacobson" 
> To: "af@afmug.com" 
> Sent: 2/18/2017 11:55:55 PM
> Subject: Re: [AFMUG] OT Home Office Cleanup
> 
>> I guess the jpeg was too large...
>> 
>> -Original Message-
>> From: Af [mailto:af-boun...@afmug.com] On Behalf Of Sterling Jacobson
>> Sent: Saturday, February 18, 2017 9:36 PM
>> To: 'af@afmug.com' 
>> Subject: [AFMUG] OT Home Office Cleanup
>> 
>> Tidied up my home office and played a little Overwatch this evening.
> 
> 
> -
> No virus found in this message.
> Checked by AVG - www.avg.com
> Version: 2016.0.7998 / Virus Database: 4756/13965 - Release Date: 02/17/17
> 

Re: [AFMUG] Juniper facing fatal clock flaw that impacts Cisco routers, switches | Network World

[Paul Stewart]

We have been going through everything we have and so far only found one set of 
hardware affected … Lanner boxes we use for a specific service to some 
customers as a managed CPE …. last I heard we’re probably dumping Lanner 
anyways due to high rate of hardware failures so this is easy to digest :)

None of our Cisco or Juniper (or anything else “core” related) has the C2000 
series in it thankfully …. we’re still looking though …


> On Feb 18, 2017, at 4:50 PM, Josh Reynolds  wrote:
> 
> http://www.reddit.com/r/networking/comments/5rmsw0/-/dd8kbvz 
> 
> 
> http://www.cisco.com/c/en/us/support/web/clock-signal.html#~faqs 
> ,
> 
> "Cisco is not alone – Dell is also affected, users of Synology storage 
> devices have been talking about it.  HP, NEC, NetGear, SuperMicro, and the 
> list goes on and on.
> HP MoonShot M300/M350,   Dell FX,  Segate home NAS products,  PFSense NetGate"
> 
> https://cantechit.com/2017/02/07/clockgate-2017-the-intel-atom-c2000/ 
> 
> "In January 2017 in the Intel Atom C2000 Series spec revision Intel published 
> information about a flaw “System May Experience Inability to Boot or May 
> Cease Operation”and potential high rate of failures after 18 months of use 
> because of a faulty clock component.
> 
> The official errata says the B0 stepping of C2xxx Atoms are vulnerable to 
> failure, and these parts began shipping in 2013. The specific SKUs are: 
> C2308, C2338, C2350, C2358, C2508, C2518, C2530, C2538, C2550, C2558, C2718, 
> C2730, C2738, C2750, and C2758."
> https://gixtools.net/2017/02/hardware-affected-clock-flaw-intel-avotonrangeley-complete-list/
>  
> 
> 
> Juniper Networks list attached
> 
> 
> 
> 
> On Feb 18, 2017 2:33 PM, "Ken Hohhof"  > wrote:
> That’s good.  The linked article was very vague however.
> 
>  
> 
> What is the component at the heart of this, and who makes it?
> 
>  
> 
> If it affects lowly Intel Atom boxes, it can’t be much more than a crystal 
> oscillator?
> 
>  
> 
>   <>
> From: Af [mailto:af-boun...@afmug.com ] On 
> Behalf Of Josh Reynolds
> Sent: Saturday, February 18, 2017 2:22 PM
> 
> 
> To: af@afmug.com 
> Subject: Re: [AFMUG] Juniper facing fatal clock flaw that impacts Cisco 
> routers, switches | Network World
> 
>  
> 
> Huh? I've seen full product listings from both vendors. They were posted to 
> NANOG almost a week ago.
> 
>  
> 
> On Feb 18, 2017 2:19 PM, "Ken Hohhof"  > wrote:
> 
> Or maybe more than 18 months.  And only if you have certain models, which we 
> won’t tell you.  And it’s due to a certain component from a certain vendor, 
> which we won’t tell you.  And you can maybe get an advance replacement before 
> it bricks, but only if you have a maintenance contract.  And there’s probably 
> no diagnostic to tell you ahead of time that it’s about to brick.
> 
>  
> 
> The only good news seems to be that apparently it’s 2016 production that’s 
> affected, and given the tendency of WISPs to only buy Juniper or Cisco stuff 
> on the used market once the price has come down out of the stratosphere, we 
> probably aren’t affected.  More of a first world problem.
> 
>  
> 
> Maybe the CIA will leak the information to the dishonest media and we’ll find 
> out via CNN.  Or should I be checking Breitbart and Infowars?  Maybe the 
> National Enquirer.
> 
>  
> 
>   <>
> From: Af [mailto:af-boun...@afmug.com ] On 
> Behalf Of Josh Reynolds
> Sent: Saturday, February 18, 2017 1:28 PM
> To: af@afmug.com 
> Subject: Re: [AFMUG] Juniper facing fatal clock flaw that impacts Cisco 
> routers, switches | Network World
> 
>  
> 
> TLDR: After ~18 months, the devices brick.
> 
>  
> 
> On Feb 18, 2017 10:55 AM, "Ken Hohhof"  > wrote:
> 
> Seldom have so many words been used to convey so little information.
> 
>   <>
> From: Af [mailto:af-boun...@afmug.com ] On 
> Behalf Of Jaime Solorza
> Sent: Saturday, February 18, 2017 7:06 AM
> To: Animal Farm >
> Subject: [AFMUG] Juniper facing fatal clock flaw that impacts Cisco routers, 
> switches | Network World
> 
>  
> 
> http://www.networkworld.com/article/3170065/router/juniper-facing-fatal-clock-flaw-that-impacts-cisco-routers-switches.html?google_editors_picks=true
>  
> 
> 

Re: [AFMUG] Netflow

[Paul Stewart]

Yes there are ways to build something yourselves …. some open source options 
that may fit your needs….

One thing to note with traditional net flow is to set a reasonable sampling 
rate - this impacts the flows per minute that will hit your collector platform. 
 I’ve seen lots of folks use sampling like 1:10 and ultimately kill their 
platform with the load - more commonly is 1:100 or 1:1000 sampling rates… 


> On Feb 14, 2017, at 9:45 AM, Travis Johnson <t...@ida.net> wrote:
> 
> Hi,
> 
> This would have been about 5-6 years ago, but we found a free PHP based 
> Netflow analysis program that run under Linux. We ran that on a high-end PC 
> based system we build (i7 processor with 16GB of RAM at the time) and it was 
> able to handle over 1Gbps of traffic. The user interface was a little rough, 
> but it provided what we needed at the time... mainly tracking down infected 
> and high-usage customers and traffic patterns.
> 
> Travis
> 
> 
> On 2/14/2017 4:08 AM, Paul Stewart wrote:
>> I don’t know which one has longer data retention … Arbor is at least a year. 
>>  However, most products in this space will start summarizing the data after 
>> a certain point in time so understanding how long the data is stored for may 
>> be of importantance but also understanding the level of that detailed data 
>> may be important as well.
>> 
>> For us, history is nice to have to check back over time for recurring 
>> patterns and stuff but not something we use a lot of … past 30-60 days most 
>> often … going back a year ago typically don’t care much about.
>> 
>> I didn’t spend a lot of time looking at their solution and yes they might 
>> have an offering worth looking into (not sure) … I like Arbor best for 
>> features, scaling, and integration with DDOS mitigation.
>> 
>> Attached picture is one of our Arbor systems … top box is Peakflow SP which 
>> does the flow analysis/reporting for 20 core routers, bottom box is a threat 
>> mitigation box that does surgical traffic scrubbing of dirty traffic and can 
>> handle 100G of attack traffic.
>> 
>> 
>> 
>>> On Feb 7, 2017, at 12:13 PM, Mike Hammett <af...@ics-il.net 
>>> <mailto:af...@ics-il.net>> wrote:
>>> 
>>> Best in what way? It sounds like Kentik has a longer retention policy than 
>>> Arbor, which would explain the higher space requirements.
>>> 
>>> 
>>> So are you saying it may be worth a small shop asking about pricing?
>>> 
>>> 
>>> 
>>> -
>>> Mike Hammett
>>> Intelligent Computing Solutions <http://www.ics-il.com/>
>>>  <https://www.facebook.com/ICSIL> 
>>> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> 
>>> <https://www.linkedin.com/company/intelligent-computing-solutions> 
>>> <https://twitter.com/ICSIL>
>>> Midwest Internet Exchange <http://www.midwest-ix.com/>
>>>  <https://www.facebook.com/mdwestix> 
>>> <https://www.linkedin.com/company/midwest-internet-exchange> 
>>> <https://twitter.com/mdwestix>
>>> The Brothers WISP <http://www.thebrotherswisp.com/>
>>>  <https://www.facebook.com/thebrotherswisp>
>>> 
>>> 
>>>  <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg>
>>> From: "Paul Stewart" <p...@paulstewart.org <mailto:p...@paulstewart.org>>
>>> To: af@afmug.com <mailto:af@afmug.com>
>>> Sent: Tuesday, February 7, 2017 9:51:38 AM
>>> Subject: Re: [AFMUG] Netflow
>>> 
>>> Depends on flow volumes and stuff.. talked to them at NANOG and conference 
>>> calls … 
>>> 
>>> For a low volume shop they seem to have a slick solution - only seen a 
>>> brief demo.  However, depending on volume they do not scale “well” - we 
>>> were told that we would need several racks of servers to deal with volume :(
>>> 
>>> Arbor Peakflow is the best product out there hands down … but it’s well 
>>> into 6 figures so your budget may not support it ….
>>> 
>>> On Feb 6, 2017, at 9:05 PM, Mike Hammett <af...@ics-il.net 
>>> <mailto:af...@ics-il.net>> wrote:
>>> 
>>> I haven't received a quote myself, but I hear it's a few hundred a month.
>>> 
>>> 
>>> 
>>> -
>>> Mike Hammett
>>> Intelligent Computing Solutions <http://www.ics-il.com/>
>>>  <https://www.facebook.com/ICSIL> 
>>> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> 
>

Re: [AFMUG] Anyone familiar with IDS/IPS systems

[Paul Stewart]

Cisco is good stuff … as long as you don’t mind dealing with Cisco …

Home built stuff with Snort/Suricata is pretty awesome ….

Tippingpoint makes good stuff I hear - limited hands on with their stuff

Really like Juniper for this kind of stuff as we are a heavy Juniper shop

The key question though with IDS is a question around where are you deploying 
it?  


> On Feb 9, 2017, at 12:29 AM, Josh Reynolds  wrote:
> 
> Suricata > Snort
> 
> On Feb 8, 2017 10:27 PM, "Jordan Gregory"  > wrote:
> Call me a glutton for punishment, but I've always been a Cisco IPS/IDS guy 
> although Snort is really starting to grow in me these days.
> 
> On Feb 8, 2017 10:06 PM, "Jesse DuPont"  > wrote:
> I think it is a managed service, but it does involve hardware appliances they 
> provide. May not be what you're after...
> 
> Jesse DuPont
> 
> Network Architect
> email: jesse.dup...@celeritycorp.net 
> Celerity Networks LLC
> 
> Celerity Broadband LLC
> Like us! facebook.com /celeritynetworksllc
> 
> Like us! facebook.com /celeritybroadband
> 
> 
> On 2/8/17 9:03 PM, Rory Conaway wrote:
>> This looks like managed services, not hardware/software.  Am I missing 
>> something?
>> 
>>  
>> 
>> Rory
>> 
>>  
>> 
>> From: Af [mailto:af-boun...@afmug.com ] On 
>> Behalf Of Jesse DuPont
>> Sent: Wednesday, February 8, 2017 8:31 PM
>> To: af@afmug.com 
>> Subject: Re: [AFMUG] Anyone familiar with IDS/IPS systems
>> 
>>  
>> 
>> Dell SecureWorks.
>> 
>> Jesse DuPont
>> 
>> Network Architect
>> email: jesse.dup...@celeritycorp.net 
>> Celerity Networks LLC
>> 
>> Celerity Broadband LLC
>> Like us! facebook.com/celeritynetworksllc 
>> 
>> Like us! facebook.com/celeritybroadband 
>> 
>> 
>> 
>> On 2/8/17 6:28 PM, Rory Conaway wrote:
>> 
>> Apparently Extreme Networking is getting out of the IDS/IPS business.  Does 
>> anyone have any suggestions who might have similar products they could 
>> recommend?
>> 
>>  
>> 
>>  
>> 
>> Rory Conaway • Triad Wireless • CEO
>> 
>> 4226 S. 37th Street • Phoenix • AZ 85040
>> 
>> 602-426-0542 
>> r...@triadwireless.net 
>> www.triadwireless.net 
>>  
>> 
>> “First rule of Racing, whats behind you does not count.” – Gregory White
>> 
>>  
>> 
>>  
>> 
> 

Re: [AFMUG] Netflow

[Paul Stewart]

Yeah fair enough … figured there’s also others that are WISP’s but their main 
“bread and butter” is other services …. 

> On Feb 7, 2017, at 10:57 AM, Josh Reynolds <j...@kyneticwifi.com> wrote:
> 
> You could probably count true WISPs with 6 figures of disposable income with 
> one hand.
> 
> On Feb 7, 2017 9:51 AM, "Paul Stewart" <p...@paulstewart.org 
> <mailto:p...@paulstewart.org>> wrote:
> Depends on flow volumes and stuff.. talked to them at NANOG and conference 
> calls … 
> 
> For a low volume shop they seem to have a slick solution - only seen a brief 
> demo.  However, depending on volume they do not scale “well” - we were told 
> that we would need several racks of servers to deal with volume :(
> 
> Arbor Peakflow is the best product out there hands down … but it’s well into 
> 6 figures so your budget may not support it ….
> 
>> On Feb 6, 2017, at 9:05 PM, Mike Hammett <af...@ics-il.net 
>> <mailto:af...@ics-il.net>> wrote:
>> 
>> I haven't received a quote myself, but I hear it's a few hundred a month.
>> 
>> 
>> 
>> -
>> Mike Hammett
>> Intelligent Computing Solutions <http://www.ics-il.com/>
>>  <https://www.facebook.com/ICSIL> 
>> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> 
>> <https://www.linkedin.com/company/intelligent-computing-solutions> 
>> <https://twitter.com/ICSIL>
>> Midwest Internet Exchange <http://www.midwest-ix.com/>
>>  <https://www.facebook.com/mdwestix> 
>> <https://www.linkedin.com/company/midwest-internet-exchange> 
>> <https://twitter.com/mdwestix>
>> The Brothers WISP <http://www.thebrotherswisp.com/>
>>  <https://www.facebook.com/thebrotherswisp>
>> 
>> 
>>  <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg>
>> From: "Cassidy B. Larson" <c...@infowest.com <mailto:c...@infowest.com>>
>> To: af@afmug.com <mailto:af@afmug.com>
>> Sent: Monday, February 6, 2017 8:04:14 PM
>> Subject: Re: [AFMUG] Netflow
>> 
>> How much?
>> 
>> 
>> 
>> On Feb 6, 2017, at 7:00 PM, Mike Hammett <af...@ics-il.net 
>> <mailto:af...@ics-il.net>> wrote:
>> 
>> Kentik is the cat's ass, though it's not a few bucks a month.
>> 
>> 
>> 
>> -
>> Mike Hammett
>> Intelligent Computing Solutions <http://www.ics-il.com/>
>>  <https://www.facebook.com/ICSIL> 
>> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> 
>> <https://www.linkedin.com/company/intelligent-computing-solutions> 
>> <https://twitter.com/ICSIL>
>> Midwest Internet Exchange <http://www.midwest-ix.com/>
>>  <https://www.facebook.com/mdwestix> 
>> <https://www.linkedin.com/company/midwest-internet-exchange> 
>> <https://twitter.com/mdwestix>
>> The Brothers WISP <http://www.thebrotherswisp.com/>
>>  <https://www.facebook.com/thebrotherswisp>
>> 
>> 
>>  <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg>
>> From: "Sterling Jacobson" <sterl...@avative.net 
>> <mailto:sterl...@avative.net>>
>> To: "af@afmug.com <mailto:af@afmug.com>" <af@afmug.com <mailto:af@afmug.com>>
>> Sent: Monday, February 6, 2017 7:38:27 PM
>> Subject: [AFMUG] Netflow
>> 
>> What are your opinions on Netflow servers/software?
>> 
>> I've been doing some research into using Netflow again.
>> Long time ago I used NTOP, but it sucked.
>> Not sure if that's changed or not.
>> 
>> Ideally would be a much newer improved interface type system that was hosted 
>> for a few bucks a month.
>> Then I could just sign up and point my Netflow streams to it.
>> 
>> I need one that is geared towards ISPs, not Datacenter/Servers.
>> 
>> I don't care about netflowing and optimizing web sites, I want to profile my 
>> customer traffic.
>> Ideally it would include features necessary for CALIA and law enforcement 
>> requirements.
>> 
>> If it was also great at syslog management that would be a plus.
>> 
>> The Dude currently sucks for syslog IMO.
> 

Re: [AFMUG] Netflow

[Paul Stewart]

Depends on flow volumes and stuff.. talked to them at NANOG and conference 
calls … 

For a low volume shop they seem to have a slick solution - only seen a brief 
demo.  However, depending on volume they do not scale “well” - we were told 
that we would need several racks of servers to deal with volume :(

Arbor Peakflow is the best product out there hands down … but it’s well into 6 
figures so your budget may not support it ….

> On Feb 6, 2017, at 9:05 PM, Mike Hammett  wrote:
> 
> I haven't received a quote myself, but I hear it's a few hundred a month.
> 
> 
> 
> -
> Mike Hammett
> Intelligent Computing Solutions 
>   
>  
>  
> 
> Midwest Internet Exchange 
>   
>  
> 
> The Brothers WISP 
>  
> 
> 
>  
> From: "Cassidy B. Larson" >
> To: af@afmug.com 
> Sent: Monday, February 6, 2017 8:04:14 PM
> Subject: Re: [AFMUG] Netflow
> 
> How much?
> 
> 
> 
> On Feb 6, 2017, at 7:00 PM, Mike Hammett  > wrote:
> 
> Kentik is the cat's ass, though it's not a few bucks a month.
> 
> 
> 
> -
> Mike Hammett
> Intelligent Computing Solutions 
>   
>  
>  
> 
> Midwest Internet Exchange 
>   
>  
> 
> The Brothers WISP 
>  
> 
> 
>  
> From: "Sterling Jacobson" >
> To: "af@afmug.com " >
> Sent: Monday, February 6, 2017 7:38:27 PM
> Subject: [AFMUG] Netflow
> 
> What are your opinions on Netflow servers/software?
> 
> I've been doing some research into using Netflow again.
> Long time ago I used NTOP, but it sucked.
> Not sure if that's changed or not.
> 
> Ideally would be a much newer improved interface type system that was hosted 
> for a few bucks a month.
> Then I could just sign up and point my Netflow streams to it.
> 
> I need one that is geared towards ISPs, not Datacenter/Servers.
> 
> I don't care about netflowing and optimizing web sites, I want to profile my 
> customer traffic.
> Ideally it would include features necessary for CALIA and law enforcement 
> requirements.
> 
> If it was also great at syslog management that would be a plus.
> 
> The Dude currently sucks for syslog IMO.

Re: [AFMUG] CanWisp Conference

[Paul Stewart]

ROFL .. Mormons … Ferengis … 

> On Feb 6, 2017, at 2:07 PM, Stefan Englhardt  wrote:
> 
> And Ferengis ;-)
> 
> 
>  Ursprüngliche Nachricht 
> Von: Chuck McCown 
> Datum: 06.02.17 20:01 (GMT+01:00)
> An: af@afmug.com
> Betreff: Re: [AFMUG] CanWisp Conference
> 

Re: [AFMUG] CanWisp Conference

[Paul Stewart]

LOL .. if Canada is banning Americans from coming in I’d be shocked - it’s 
always the other way around ;)


> On Feb 6, 2017, at 1:48 PM, Chuck McCown <ch...@wbmfg.com> wrote:
> 
> Can’t go travel ban...
>  
> From: Simon Westlake <>
> Sent: Monday, February 06, 2017 11:43 AM
> To: af@afmug.com <>
> Subject: Re: [AFMUG] CanWisp Conference
>  
> Hopefully it'll keep growing, a good chunk of our bigger customers are in 
> Canada, so there's definitely a good WISP industry up there!
> 
> On 2/6/2017 12:40 PM, Paul Stewart wrote:
>> Great - glad to hear it … I’ve heard it’s not a very big event or anything 
>> but nice to see something nearby going on ….
>>  
>> One of our offices is 5 minutes away from there :)
>>  
>>> On Feb 6, 2017, at 12:56 PM, Rick Harnish <rick.harn...@baicells.com <>> 
>>> wrote:
>>>  
>>> Me too!
>>>  
>>> Respectively,
>>> 
>>> Rick Harnish
>>> Director of WISP Markets
>>> Direct: 972.922.1443
>>> Baicells Technologies N.A. Inc.
>>> 
>>> Sent from my Verizon Wireless 4G LTE Droid
>>> On Feb 6, 2017 12:41 PM, Paul Stewart <p...@paulstewart.org <>> wrote:
>>>> Excellent … see you there! :)
>>>>  
>>>> Paul
>>>>  
>>>>> On Feb 6, 2017, at 9:55 AM, Simon Westlake <simon@sonar.software <>> 
>>>>> wrote:
>>>>>  
>>>>> I'm going to the conference in Ottawa next week.
>>>>> 
>>>>> On 2/4/2017 6:33 AM, Paul Stewart wrote:
>>>>>> Anyone from AF attending the CanWisp conference coming up soon in 
>>>>>> Gatineau, QC (Canada)?
>>>>>> �
>>>>>> Thanks,
>>>>>> Paul
>>>>>> �
>>>>> 
>>>>> -- 
>>>>> Simon Westlake
>>>>> Email: simon@sonar.software <>
>>>>> Phone: (702) 447-1247
>>>>> ---
>>>>> Sonar Software Inc
>>>>> The future of ISP billing and OSS
>>>>> https://sonar.software <https://sonar.software/>
>>>>  
>> 
>>  
> 
> -- 
> Simon Westlake
> Email: simon@sonar.software <>
> Phone: (702) 447-1247
> ---
> Sonar Software Inc
> The future of ISP billing and OSS
> https://sonar.software <https://sonar.software/>

Re: [AFMUG] CanWisp Conference

[Paul Stewart]

Great - glad to hear it … I’ve heard it’s not a very big event or anything but 
nice to see something nearby going on ….

One of our offices is 5 minutes away from there :)

> On Feb 6, 2017, at 12:56 PM, Rick Harnish <rick.harn...@baicells.com> wrote:
> 
> Me too!
> 
> Respectively,
> 
> Rick Harnish
> Director of WISP Markets
> Direct: 972.922.1443
> Baicells Technologies N.A. Inc.
> 
> Sent from my Verizon Wireless 4G LTE Droid
> On Feb 6, 2017 12:41 PM, Paul Stewart <p...@paulstewart.org> wrote:
> Excellent … see you there! :)
> 
> Paul
> 
> On Feb 6, 2017, at 9:55 AM, Simon Westlake <simon@sonar.software 
> <mailto:simon@sonar.software>> wrote:
> 
> I'm going to the conference in Ottawa next week.
> 
> On 2/4/2017 6:33 AM, Paul Stewart wrote:
> Anyone from AF attending the CanWisp conference coming up soon in Gatineau, 
> QC (Canada)?
> �
> Thanks,
> Paul
> �
> 
> -- 
> Simon Westlake
> Email: simon@sonar.software <mailto:simon@sonar.software>
> Phone: (702) 447-1247
> ---
> Sonar Software Inc
> The future of ISP billing and OSS
> https://sonar.software <https://sonar.software/>

Re: [AFMUG] CanWisp Conference

[Paul Stewart]

Excellent … see you there! :)

Paul

> On Feb 6, 2017, at 9:55 AM, Simon Westlake <simon@sonar.software> wrote:
> 
> I'm going to the conference in Ottawa next week.
> 
> On 2/4/2017 6:33 AM, Paul Stewart wrote:
>> Anyone from AF attending the CanWisp conference coming up soon in Gatineau, 
>> QC (Canada)?
>> �
>> Thanks,
>> Paul
>> �
> 
> -- 
> Simon Westlake
> Email: simon@sonar.software <mailto:simon@sonar.software>
> Phone: (702) 447-1247
> ---
> Sonar Software Inc
> The future of ISP billing and OSS
> https://sonar.software <https://sonar.software/>

Re: [AFMUG] Cisco Nexus Switch / Mikrotik CCR

[Paul Stewart]

Unless it’s 100 meg connection then it should be just to auto/auto and work 99% 
of the time … 

> On Feb 6, 2017, at 9:54 AM, Chuck McCown  wrote:
> 
> I have had Cisco products not negotiate to the highest possible connection 
> before.  So I always locked one end down.  
>  
> From: Ken Hohhof <>
> Sent: Monday, February 06, 2017 7:52 AM
> To:  <>af@afmug.com 
> Subject: Re: [AFMUG] Cisco Nexus Switch / Mikrotik CCR
>  
> Why do some people always say “turn off auto speed and duplex” when they see 
> Cisco?  This goes against my experience and training.  All my Cisco routers 
> and switches are set for auto.  The world has not ended AFAIK.
>  
> Is this something unique to the Nexus product line?
>  
>  <> 
> From: Af [mailto:af-boun...@afmug.com ] On 
> Behalf Of Carlos Alcantar
> Sent: Monday, February 6, 2017 2:01 AM
> To: af@afmug.com 
> Subject: Re: [AFMUG] Cisco Nexus Switch / Mikrotik CCR
>  
> make sure you turn off any auto duplex and speed settings and hard set both 
> sides.  make sure your also checking all your stp settings those could be fun 
> and shutting down ports if you have any type of vlan mismatches ect happening.
>  
>  
>  
> Carlos Alcantar
> Race Communications / Race Team Member 
> 1325 Howard Ave. #604, Burlingame, CA. 94010
> Phone: +1 415 376 3314 /  <>car...@race.com  / 
> http://www.race.com 
>  
> From: Af < <>af-boun...@afmug.com > on behalf of 
> Jason McKemie < <>j.mcke...@veloxinetbroadband.com 
> >
> Sent: Sunday, February 5, 2017 11:11:48 PM
> To:  <>af@afmug.com 
> Subject: [AFMUG] Cisco Nexus Switch / Mikrotik CCR
>  
> Has anyone had any success with linking these two via fiber? We were unable 
> to get the link to work, so I ended up using a Cisco router as an 
> intermediary.  I'd like to get rid of that extra hardware if possible. 
>  
> -Jason

[AFMUG] CanWisp Conference

[Paul Stewart]

Anyone from AF attending the CanWisp conference coming up soon in Gatineau,
QC (Canada)?

 

Thanks,

Paul