Re: Who has AS 1712?
* Jared Mauch: The issue of zone signing is going to be interesting as some nation-states (ccTLD) have been known to speak-up about their issues with the signing of the zone. Which ones? In most cases, ccTLDs don't represent nation states, and vice versa. -- Florian Weimerfwei...@bfk.de BFK edv-consulting GmbH http://www.bfk.de/ Kriegsstraße 100 tel: +49-721-96201-1 D-76133 Karlsruhe fax: +49-721-96201-99
Re: fight club :) richard bennett vs various nanogers, on paid peering
On Tue, Nov 24, 2009 at 10:00:52PM -0800, Richard Bennett wrote: I haven't found a good source who knows what's going on outside his own network. Mr. Bennett, You know when I first read your post, I assumed you were just ignorant and confused about the topic of peering on the Internet. Then I saw you actively refusing to listen to intelligent feedback by some of the most experienced network operators and peering managers in the industry, dismiss any idea that you didn't agree with as part of the Google conspiracy, and further embarrass yourself with comments which proved you lacked understanding of even the most basic concepts of peering or inter-network traffic exchange. Normally I would just write you off as another Dean Anderson style nutjob, but I'm afraid that your ramblings are so wrong and your closed-mindedness is so severe that you are actually dangerous to anyone who might happen to read your comments and think that they are in any way correct. Therefore, I think it is important for all of us that you be refuted. I'll start with a few points from your post and comments. You said: I'm not sure that your 'on-net routes' is the same product as the Paid Peering that Norton is interpreting; the Arbor study found a large increase in the traffic that moves through these transit bypass paths, and that's the actual story. While this service may have been available for a while, its use is radically increasing. That's data, BTW, not anecdote, so if you have a problem with the Arbor data, you'll need some data of your own to refute it. For starters, if you aren't sure what on-net routes and paid peering even are, maybe you shouldn't be trying to comment on them. Second, the Arbor study said absolutely NOTHING about an increase in traffic that moves via peering vs transit, to say nothing of paid vs settlement free peering. Arbor is completely and totally unable to identify anything about money exchanged for bits in general, and from a technical perspective there is absolute no difference between a paid and non-paid peering. You seem to be convoluting the purported increase in traffic between tier 2 networks with a completely absurd belief that all traffic between tier 1's was transit and all traffic between tier 2's is peering. In reality, tier 2's routinely buy from and sell to each other, peer with some tier 1's, and sell paid peering between themselves when the business opportunities arise. You later go on to state: The Arbor study is evidence that traffic is shifting, and the carrier-neutral peering site managers I've spoken with tell me they're making something like 300 cross-connects a month. Do you think all those cross-connnects are implementing settlement-free peering or conventional transit agreements? I'm surmising that they aren't. You have absolutely no basis to make the determination about what percentage of the crossconnects are peering and what percentage are transit. This is what we tried to explain to you with the you can't know this about any network but your own answer, which you seemed completely incapable of understanding. The reality is that no one can know the answer for anything but themselves. For my network, I'd say much less than 20% of our crossconnects are peering, with the vast majority being customers, and a significant amount being intra-network capacity (intra-pop, metro, and long-haul circuits) and transit. The number may vary between networks, but again you have absolutely zero basis to make any kind of claim about peering let alone settlement-free vs paid based on the number of crossconnects in a colo. Most of the other arguments are either meaningless or fall apart once you remove some of the fundamental misunderstandings above, but there are still plenty of other things which are completely absurd. For example, you said: Paid peering is a better level of access to an ISP's customers for a fee, but the fee is less than the price of generic access to the ISP via a transit network. The practice of paid peering also reduces the load on the Internet core, so what's not to like? Paid peering agreements should be offered for sale on a non-discriminatory basis, but they certainly shouldn't be banned. Paid peering (or peering of any kind) is absolutely no guarantee of better access to any network, nor is it guaranteed (or even likely) to reduce costs. There is also no such thing as load on the Internet core to reduce, and this further illustrates a complete failure to understand how the Internet works in general. Paid peering is simply another form of transit, where two networks agree to exchange money for the service of delivering connectivity. The only difference is that you're only selling a portion of the routing table rather than the whole thing, for a specific subset of routes which have different properties than the rest. In the case of paid peering, the different property is that you'll get to bill your customer on
Re: fight club :) richard bennett vs various nanogers, on paid peering
Thank you for your insights. Richard A Steenbergen wrote: On Tue, Nov 24, 2009 at 10:00:52PM -0800, Richard Bennett wrote: I haven't found a good source who knows what's going on outside his own network. Mr. Bennett, You know when I first read your post, I assumed you were just ignorant and confused about the topic of peering on the Internet. Then I saw you actively refusing to listen to intelligent feedback by some of the most experienced network operators and peering managers in the industry, dismiss any idea that you didn't agree with as part of the Google conspiracy, and further embarrass yourself with comments which proved you lacked understanding of even the most basic concepts of peering or inter-network traffic exchange. Normally I would just write you off as another Dean Anderson style nutjob, but I'm afraid that your ramblings are so wrong and your closed-mindedness is so severe that you are actually dangerous to anyone who might happen to read your comments and think that they are in any way correct. Therefore, I think it is important for all of us that you be refuted. I'll start with a few points from your post and comments. You said: I'm not sure that your 'on-net routes' is the same product as the Paid Peering that Norton is interpreting; the Arbor study found a large increase in the traffic that moves through these transit bypass paths, and that's the actual story. While this service may have been available for a while, its use is radically increasing. That's data, BTW, not anecdote, so if you have a problem with the Arbor data, you'll need some data of your own to refute it. For starters, if you aren't sure what on-net routes and paid peering even are, maybe you shouldn't be trying to comment on them. Second, the Arbor study said absolutely NOTHING about an increase in traffic that moves via peering vs transit, to say nothing of paid vs settlement free peering. Arbor is completely and totally unable to identify anything about money exchanged for bits in general, and from a technical perspective there is absolute no difference between a paid and non-paid peering. You seem to be convoluting the purported increase in traffic between tier 2 networks with a completely absurd belief that all traffic between tier 1's was transit and all traffic between tier 2's is peering. In reality, tier 2's routinely buy from and sell to each other, peer with some tier 1's, and sell paid peering between themselves when the business opportunities arise. You later go on to state: The Arbor study is evidence that traffic is shifting, and the carrier-neutral peering site managers I've spoken with tell me they're making something like 300 cross-connects a month. Do you think all those cross-connnects are implementing settlement-free peering or conventional transit agreements? I'm surmising that they aren't. You have absolutely no basis to make the determination about what percentage of the crossconnects are peering and what percentage are transit. This is what we tried to explain to you with the you can't know this about any network but your own answer, which you seemed completely incapable of understanding. The reality is that no one can know the answer for anything but themselves. For my network, I'd say much less than 20% of our crossconnects are peering, with the vast majority being customers, and a significant amount being intra-network capacity (intra-pop, metro, and long-haul circuits) and transit. The number may vary between networks, but again you have absolutely zero basis to make any kind of claim about peering let alone settlement-free vs paid based on the number of crossconnects in a colo. Most of the other arguments are either meaningless or fall apart once you remove some of the fundamental misunderstandings above, but there are still plenty of other things which are completely absurd. For example, you said: Paid peering is a better level of access to an ISP's customers for a fee, but the fee is less than the price of generic access to the ISP via a transit network. The practice of paid peering also reduces the load on the Internet core, so what's not to like? Paid peering agreements should be offered for sale on a non-discriminatory basis, but they certainly shouldn't be banned. Paid peering (or peering of any kind) is absolutely no guarantee of better access to any network, nor is it guaranteed (or even likely) to reduce costs. There is also no such thing as load on the Internet core to reduce, and this further illustrates a complete failure to understand how the Internet works in general. Paid peering is simply another form of transit, where two networks agree to exchange money for the service of delivering connectivity. The only difference is that you're only selling a portion of the routing table rather than the whole thing, for a specific subset of routes which have different properties than the rest. In the case of paid peering, the different property is that
Re: Who has AS 1712?
On Tue, Nov 24, 2009 at 07:54:08PM -0800, Joe Abley jab...@hopcount.ca wrote a message of 13 lines which said: Are you suggesting that I should be able to block the assignment of particular ASNs by simply including them in an AS_PATH attribute on a route I originate, and making sure that route shows up in route-views? No one suggested a complete, blind and automatic blocking of the assignment. Just a suggestion to RIRs to check if the AS number they are ready to assign is used in an AS path somewhere and, if so, to raise a flag, to assign a physical person on the matter, to investigate, to check the databases, etc. This would have catched the AS 1712 issue.
Re: Who has AS 1712?
At 08:57 25/11/2009 +0100, Daniel Karrenberg wrote: shouting. This is all water under the bridge of course and we are moving on; I do not say everything is ideal now. However the RIRs are actively working to publish a complete set of stats files which also includes unallocated resources. This is the next best thing to full database synchronisation. APNIC and the RIPE NCC are driving this effort. Perhaps the RIRs could get together and agree on a common whois syntax so that when I check one RIR with one syntax - it would work on others as well? This issue has been around for over 7 years and I can't understand why the RIRs can't find common ground for the sake of the end users? Even if ARIN or APNIC won't accept -B -G, then at least let their whois engine just ignore those extra parameters it doesn't understand. To me it looks like minor software changes. -Hank
Re: Who has AS 1712?
Perhaps the RIRs could get together and agree on a common whois syntax so that when I check one RIR with one syntax - it would work on others as well? This issue has been around for over 7 years and I can't understand why the RIRs can't find common ground for the sake of the end users? s/7/15/ it was already feeling like brickmarks on my forhead at the first s'holm ietf in '95 randy
Re: Who has AS 1712?
* Hank Nussbacher: Perhaps the RIRs could get together and agree on a common whois syntax so that when I check one RIR with one syntax - it would work on others as well? This issue has been around for over 7 years and I can't understand why the RIRs can't find common ground for the sake of the end users? Even if ARIN or APNIC won't accept -B -G, then at least let their whois engine just ignore those extra parameters it doesn't understand. To me it looks like minor software changes. There's also the little-known issue that the correct syntax for querying ARIN's WHOIS for AS number is 23456, and not the AS23456 syntax encoded in multiple tools. *sigh* -- Florian Weimerfwei...@bfk.de BFK edv-consulting GmbH http://www.bfk.de/ Kriegsstraße 100 tel: +49-721-96201-1 D-76133 Karlsruhe fax: +49-721-96201-99
Re: fight club :) richard bennett vs various nanogers, on paid peering
Richard Bennett wrote: Speculation about how the money flows is a worthwhile activity. Sure, no problem. -- Richard Bennett Research Fellow Information Technology and Innovation Foundation Washington, DC In summary, Mr Bennett is an unregistered lobbyist, employed by other registered lobbyists. It's really a waste of time to engage him, as it's his full-time job to write his screed. We have neither the time nor manpower. It is difficult to get a man to understand something, when his salary depends upon his not understanding it! -- Upton Sinclair (1935) http://www.itif.org/index.php?s=staff He claims to have been involved in IEEE Wi-Fi for 15 years. Meaning he's one of those responsible for the bad security (WEP, etc.), and the stagnation of ad hoc networking -- because the industry has a centralized solution they want to sell, customer be damned. His bio also says he was vice-chair for the hub standard, so prevented jumbo frames from being formally adopted -- again, customer be damned. Now, he works for a think tank called Information Technology Innovation Foundation. Basically, he goes to conferences. He's not responsible for operating any networks or doing any actual engineering. ITIF doesn't give out information about its funding, which usually means it's industry lobbyist funded. Apparently in this case, big cable and probably big telco. They're opposed to net neutrality, and (based on his comments and several of the papers) still think the Internet is some kind of bastard child that needs adult supervision in the middle -- by which they mean themselves /in loco parentis/. Looking at the board, it's populated by ultra-conservative wing-nut Republicans, and some Conservadems (as we call them in political circles, they call themselves centrists) from the New Democrat Caucus for bi-partisan cover. And lots of lobbyists -- Federal lobbyists -- who seem to list their educational clients on their bio, but not whether they are also employed by a firm that represents other clients
Re: Who doesn't have AS 1712?
On Wed, Nov 25, 2009 at 06:36:13PM +0900, Randy Bush wrote: Perhaps the RIRs could get together and agree on a common whois syntax so that when I check one RIR with one syntax - it would work on others as well? This issue has been around for over 7 years and I can't understand why the RIRs can't find common ground for the sake of the end users? s/7/15/ it was already feeling like brickmarks on my forhead at the first s'holm ietf in '95 randy there are solutions, rwhois, iris, etc. some require changed behaviours from the actors, (why RIPE decided unilaterally to change the flags/syntax of whois escapes me at the mo), and some do not. basically we are stuck w/ things like whois, swip, ad-nausea, due to simple intertia. and here is a saving grace... IPv6. once, abt 8/9 years ago, I was talking w/ Richard Jimmerson about the wonderful opportunity the RIRs had to build a scalable, extensable resource tracking system that could be easily deployed by the RIR clients and seamlessly integrated into a heirarchy of resource management segments. the rational was/is that the RIRs are handing out functionally the entire IPv4 address pool to any and all comers. Thats the size of a /32, presuming one buys into the /64 chastity belt the IETF has wrapped around the lower 64 bits. How is a lowly ISP expected to track/manage address assignments over such a huge space w/o decent toolage? so we can let our collective interia drag us down into increasing chaos or we can use this one time chance to pull our collective bacon out of the fire. After SIDR - I think development and deployment of this type of thing would be a worthwhile use of my RIR fees. YMMV of course. --bill
Re: fight club :) richard bennett vs various nanogers, on paid peering
Now you've descended from Steenbergen's hair-splitting between on-net routes (the mechanism) vs. on-net access (the actual product) into Simpson's straight-up lying. ITIF is not opposed to network neutrality in principle, having released a paper on A Third Way on Network Neutrality, http://www.itif.org/index.php?id=63. There is not a single ultra-conservative on the ITIF board, they're all either moderate Democrats or moderate Republicans. I'm letting most of this childish venting slide, but I will point out the bald-faced lies. RB William Allen Simpson wrote: They're opposed to net neutrality, and (based on his comments and several of the papers) still think the Internet is some kind of bastard child that needs adult supervision in the middle -- by which they mean themselves /in loco parentis/. Looking at the board, it's populated by ultra-conservative wing-nut Republicans, and some Conservadems (as we call them in political circles, they call themselves centrists) from the New Democrat Caucus for bi-partisan cover. And lots of lobbyists -- Federal lobbyists -- who seem to list their educational clients on their bio, but not whether they are also employed by a firm that represents other clients -- Richard Bennett Research Fellow Information Technology and Innovation Foundation Washington, DC
Re: I got a live one! - Spam source
Interesting scenario ... but would be far more interesting to us if you share the /24? Truman On 25/11/2009, at 3:07 PM, Russell Myba wrote: I'm confused. Who are you billing and for what services? Let's say our direct customer is CustomerA. They seem to buy rackspace from BusinessB. CustomerA seem to retain BusinessC for IT Solutions even though all three entities purport to be IT solutions providers. BusinessC came into the picture after the spamming started saying a wholly different /24 (Different from the spam source) doesn't work. It routes fine on our end. I have a feeling they've been added to some RBLs but I haven't found them listed yet. Just a simple ethernet handoff in a colo. We delegated rDNS to the servers of their choice and haven't heard a peep out of them until now. Spamhaus is the first one that comes to mind. From what I understand of your description, this doesn't sound all that different from typical spammer behavior. Multiple layers of indirection seems to be the latest thing for spammers. -- Jon Lewis | I route Senior Network Engineer | therefore you are Atlantic Net| _ http://www.lewis.org/~jlewis/pgphttp://www.lewis.org/%7Ejlewis/pgpfor PGP public key_
Re: I got a live one! - Spam source
On Tue, Nov 24, 2009 at 10:22:36PM -0500, Russell Myba wrote: Looks like of our customers has decided to turn their /24 into a nice little space spewing machine. Doesn't seem like just one compromised host. 1. This is possibly/probably better on spam-l. 2. This is a very common operational model. Any number of spamgangs have been busy doing this with multiple /24's scattered over numerous providers in order to distribute the workload and minimize the impact of any takedown. 3. There is no point in reporting this to any law enforcment agency anywhere in the world *unless* child pornography is involved. Any action they take will be slow, inept, and ineffective. The best that you can probably do is (a) shut down them instantly and permanently and (b) publish all relevant details -- name names -- on spam-l so that workers and researchers can use the information. ---Rsk
RE: [SPAM-HEADER] - Re: fight club :) richard bennett vs various nanogers, on paid peering - Email has different SMTP TO: and MIME TO: fields in the email addresses
Hi Richard, I am late to this dicussion. So I don't have a full understanding of the context or history of this debate. It is clear to many of us that Telcos lost the content wars and this is their way of trying to get a slice of the content providers (Google, Microsoft, etc.) add revenues. It's a power play and way of trying to change the rules in the fourth quarter. Needless to say, these are my own personal opinions. Roderick S. Beck Director of European Sales Hibernia Atlantic Budapest, New York, and Paris http://www.hiberniaatlantic.com
Re: fight club :) richard bennett vs various nanogers, on paid peering
RB- Where can we find data on your group's funding sources? If we're to continue this discussion, we need to establish bias and motive, which you've not covered on your own accord. Drive Slow, Paul Wall On 11/25/09, Richard Bennett rich...@bennett.com wrote: Now you've descended from Steenbergen's hair-splitting between on-net routes (the mechanism) vs. on-net access (the actual product) into Simpson's straight-up lying. ITIF is not opposed to network neutrality in principle, having released a paper on A Third Way on Network Neutrality, http://www.itif.org/index.php?id=63. There is not a single ultra-conservative on the ITIF board, they're all either moderate Democrats or moderate Republicans. I'm letting most of this childish venting slide, but I will point out the bald-faced lies. RB William Allen Simpson wrote: They're opposed to net neutrality, and (based on his comments and several of the papers) still think the Internet is some kind of bastard child that needs adult supervision in the middle -- by which they mean themselves /in loco parentis/. Looking at the board, it's populated by ultra-conservative wing-nut Republicans, and some Conservadems (as we call them in political circles, they call themselves centrists) from the New Democrat Caucus for bi-partisan cover. And lots of lobbyists -- Federal lobbyists -- who seem to list their educational clients on their bio, but not whether they are also employed by a firm that represents other clients -- Richard Bennett Research Fellow Information Technology and Innovation Foundation Washington, DC -- Sent from my mobile device
Re: fight club :) richard bennett vs various nanogers, on paid peering
Would you care to elaborate on how the investigation of someones funding sources is operationally relevant to the rest of the list? Aaron Cossey aaron.cos...@gmail.com On Wed, Nov 25, 2009 at 1:25 PM, Paul Wall pauldotw...@gmail.com wrote: RB- Where can we find data on your group's funding sources? If we're to continue this discussion, we need to establish bias and motive, which you've not covered on your own accord. Drive Slow, Paul Wall On 11/25/09, Richard Bennett rich...@bennett.com wrote: Now you've descended from Steenbergen's hair-splitting between on-net routes (the mechanism) vs. on-net access (the actual product) into Simpson's straight-up lying. ITIF is not opposed to network neutrality in principle, having released a paper on A Third Way on Network Neutrality, http://www.itif.org/index.php?id=63. There is not a single ultra-conservative on the ITIF board, they're all either moderate Democrats or moderate Republicans. I'm letting most of this childish venting slide, but I will point out the bald-faced lies. RB William Allen Simpson wrote: They're opposed to net neutrality, and (based on his comments and several of the papers) still think the Internet is some kind of bastard child that needs adult supervision in the middle -- by which they mean themselves /in loco parentis/. Looking at the board, it's populated by ultra-conservative wing-nut Republicans, and some Conservadems (as we call them in political circles, they call themselves centrists) from the New Democrat Caucus for bi-partisan cover. And lots of lobbyists -- Federal lobbyists -- who seem to list their educational clients on their bio, but not whether they are also employed by a firm that represents other clients -- Richard Bennett Research Fellow Information Technology and Innovation Foundation Washington, DC -- Sent from my mobile device
Re: fight club :) richard bennett vs various nanogers, on paid peering
Would you care to elaborate on how the investigation of someones funding sources is operationally relevant to the rest of the list? please no we have a greedy troll. stop feeding it. procmail is your friend. randy
Re: I got a live one! - Spam source
Russell, My personal inclination would be to look for what legit entities are provisioning them with critical resources and what margins they appear to be paying. For DNS resources, the domains, to identify registry preference, probably a simple volume correlation, and the registrars, which may corollate better to other primary characteristics than simple volume, to RRset data, which may have interesting corollates to other, provisioned, critical resources. I'm not the registrar police, I'm simply interested in ICANN having a policy towards registrars that looks beyond failure to respond to email, failure to pay $0.25/domain/year, and failure to escrow registrant data, which seem to be the only basis for breach of contract proceedings against, or non-renewals of its registrars. Whack-a-mole has been discussed lots of times, and as Gadi confirms at the end of his note, he's still mostly in the Whack-a-camp, though he does mention gathering information. When they stop providing you (and you could include parties who are paying you to look over your shoulder at this petri dish and its cultured agar) with data of value then their existence is of no value. Eric Gadi Evron wrote: Russell Myba wrote: Looks like of our customers has decided to turn their /24 into a nice little space spewing machine. Doesn't seem like just one compromised host. Reverse DNS for most of the /24 are suspicious domains. Each domain used in the message-id forwards to a single .net which lists their mailing address as a PO box an single link to an unsubscribe field. I've contacted at least three known contacts for the customer about the abuse without a single response. It would seem there are many layers to this entity: The domains are registered to one business Our billing information for the customer has one name, they colo with another person (whom the cross connect reaches) Our customer has an IT solutions person working for them (Strange since our customer and their colo provider are IT solutions people themselves. Abuse handle phone #s are supposedly incorrect (I called it) Besides the obvious of me at the minimum filtering port tcp/25 is their an organization that tracks businesses like these who seem like they are building a web of insulation in which to move? I think this case might interest them. From principle, I want to jump up and down and say zap `em!. However, I also make several assumption which need to be clearned, pragmatically. I assume you have authority over the decision of what to do with them, and I also assume that your contract with them does not bind you in some fashion, can get you in trouble with the business side of the business, or can introduce *liability* issues. And naturally, that if you are not the decision maker, that you are synched with whomever it is. These assumptions aside, kicking them might not be the best solution. Starving them out by blocking port 25, as an example you gave, or following some of the other suggestions in this thread, may be workable. Which brings me three very important questions: 1. How much intelligence can you collect if you let them stay? 2. Have you considered legal action against them? 3. Did you consult with legal about possible law enforcement involvement? As to the intricate web of who they are and where their resources lie, these are usually cases where the more you dig, the more you find -- ad infinitum. Me? I'd just kick them after verifying they are not victims themselves. I hope this helps, Gadi.
Re: I got a live one! - Spam source
On Wed, 25 Nov 2009, Rich Kulawiec wrote: On Tue, Nov 24, 2009 at 10:22:36PM -0500, Russell Myba wrote: Looks like of our customers has decided to turn their /24 into a nice little space spewing machine. Doesn't seem like just one compromised host. 1. This is possibly/probably better on spam-l. 2. This is a very common operational model. Any number of spamgangs have been busy doing this with multiple /24's scattered over numerous providers in order to distribute the workload and minimize the impact of any takedown. One of them actually patented it. Further proof that you can patent just about anything in the US. http://www.faqs.org/patents/app/20090271475 -- Jon Lewis | I route Senior Network Engineer | therefore you are Atlantic Net| _ http://www.lewis.org/~jlewis/pgp for PGP public key_
Re: fight club :) richard bennett vs various nanogers, on paid peering
I didn't bring this discussion over here, hippie. Randy Bush wrote: Would you care to elaborate on how the investigation of someones funding sources is operationally relevant to the rest of the list? please no we have a greedy troll. stop feeding it. procmail is your friend. randy -- Richard Bennett Research Fellow Information Technology and Innovation Foundation Washington, DC
Re: I got a live one! - Spam source
On Wed, Nov 25, 2009 at 2:17 AM, Paul Ferguson fergdawgs...@gmail.com wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, Nov 24, 2009 at 10:55 PM, Michael Peddemors mich...@linuxmagic.com wrote: Depends on the activity, but this re-iterates the importance of maintaining correct SWIP, so that only the offenders get listed, and not bordering customers. Right. There are *so many* loopholes in this entire process, Bad Guys are waltzing through it. - - ferg -BEGIN PGP SIGNATURE- Version: PGP Desktop 9.5.3 (Build 5003) wj8DBQFLDNofq1pz9mNUZTMRAgNrAKDz6JwFqBG3gvXEIKo1UVrJSTmxDQCfadqV Ph3qt/qPDze8Z5tsRP7LgSw= =gQrR -END PGP SIGNATURE- -- Fergie, a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/ Could you elaborate on what constitutes correct swip information?
Re: Who has AS 1712?
On Nov 25, 2009, at 1:33 AM, Hank Nussbacher wrote: At 08:57 25/11/2009 +0100, Daniel Karrenberg wrote: shouting. This is all water under the bridge of course and we are moving on; I do not say everything is ideal now. However the RIRs are actively working to publish a complete set of stats files which also includes unallocated resources. I would've thought IANA would be responsible for unallocated resources. This is the next best thing to full database synchronisation. APNIC and the RIPE NCC are driving this effort. Perhaps the RIRs could get together and agree on a common whois syntax so that when I check one RIR with one syntax - it would work on others as well? http://www.rfc-editor.org/rfc/rfc4698.txt More seriously, the theory is that the RIRs are bottom-up driven. If you think a unified whois schema across all RIRs (or even IRIS deployment) would be a good thing to have, there are likely better venues to raise the issue than NANOG. Regards, -drc
Re: fight club :) richard bennett vs various nanogers, on paid peering
On Wed, 25 Nov 2009 03:32:02 PST, Richard Bennett said: ITIF is not opposed to network neutrality in principle, having released a paper on A Third Way on Network Neutrality, http://www.itif.org/index.php?id=63. All of four paragraphs, which don't in fact address what the provider is or is not providing to Joe Sixpack - point 1 says discriminatory plans are OK as long as the discriminatory are on display in the cellar of the ISP office, with no stairs, in the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying Beware of the Leopard. And points 2 and 3 are saying that this should all be overseen by the same agencies that oversaw the previous decade's massive buildout of fiber to the home that was financed by massive multi-billion dollar incentives. Oh wait, those billions got pocketed - if the massive fiber buildout had happened, we'd have so much bandwidth that neutrality wouldn't be an issue... But then, the Republicans keep saying they are not opposed to health care reform in principle either... pgpRq7aOS0atP.pgp Description: PGP signature
Re: fight club :) richard bennett vs various nanogers, on paid peering
On Nov 25, 2009, at 10:13 AM, valdis.kletni...@vt.edu wrote: On Wed, 25 Nov 2009 03:32:02 PST, Richard Bennett said: ITIF is not opposed to network neutrality in principle, having released a paper on A Third Way on Network Neutrality, http://www.itif.org/index.php?id=63. All of four paragraphs, which don't in fact address what the provider is or is not providing to Joe Sixpack - point 1 says discriminatory plans are OK as long as the discriminatory are on display in the cellar of the ISP office, with no stairs, in the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying Beware of the Leopard. And points 2 and 3 are saying that this should all be overseen by the same agencies that oversaw the previous decade's massive buildout of fiber to the home that was financed by massive multi-billion dollar incentives. Oh wait, those billions got pocketed - if the massive fiber buildout had happened, we'd have so much bandwidth that neutrality wouldn't be an issue... But then, the Republicans keep saying they are not opposed to health care reform in principle either... Me, I'm reminded of the fact that those on the edge of suburban areas have fewer choices than those in purely rural areas. Some carriers have been formed just to solve the basic telephony access issues of PSTN recently, eg: http://telephonyonline.com/mag/telecom_dont_mad_ilec/ Me? I want to see a ban on replacing copper based networking as part of the outside plant. - Jared http://www.allband.org/
Re: [c-nsp] is a DWDM SFP a DWDM SFP?
Bill Blackford wrote: I do not believe that Juniper keys their optics. My experience with this is limited though. I am able to get third-party optics to work just fine in EX switches. bblackf...@wsc-asw-02-1 show chassis hardware Hardware inventory: Item Version Part number Serial number Description ChassisBH0208188142 EX3200-24T FPC 0REV 07 750-021261 BH0208188142 EX3200-24T, 8 POE CPU BUILTIN BUILTIN FPC CPU PIC 0 BUILTIN BUILTIN 24x 10/100/1000 Base-T PIC 1 REV 04 711-021270 AR0209216364 4x GE SFP Xcvr 0NON-JNPR FFX20H700284 SFP-SX Power Supply 0 REV 02 740-020957 AT0508119769 PS 320W AC Fan Tray Fan Tray As you can see it identifies the Xcvr as non-Juniper. On the Cisco side, I have a Vertex 1310M GLC-LH-SM that is working fine in a 3560G. -b Correct me if I'm wrong but there are good and bad 3rd party SFPs. The good ones being the SFPs with their EEPROM set to appear to be Cisco kit.
RE: fight club :) richard bennett vs various nanogers, on paid peering
Oh wait, those billions got pocketed - if the massive fiber buildout had happened, we'd have so much bandwidth that neutrality wouldn't be an issue... Maybe this is how the fiber got used :)) http://en.wikipedia.org/wiki/RFoG
Re: Tishman Neutral Exchange space
On 2009-11-25-09:42:29, Marshall Eubanks t...@americafree.tv wrote: There is a new carrier neutral exchange space opening up December 1st at 165 Halsey in Newark, NJ. This space will be operated by Tishman Hotel Realty LP : http://www.datacentermap.com/usa/new-jersey/newark/165-halsey.html I am thinking of moving into there and I would be curious to hear feedback from anyone with experience in being in a Tishman operated exchange space. I've not seen the finished product, though I am familiar with its development. This is basically an annex of the building's meet-me area on the 9th floor. Depending on your specific reach objectives and density, you might find that a successful deployment in this building hinges on a build to both the Equinix suite on 8 (which is rich in carriers), and the MMR 9 (which has fewer carriers, but has some not built out to 8, and more favorable economics on cross-connection when amortized over a multi-year term). I hold a high regard for the building and its landlord as a whole. Just be careful at night... -a
Re: I got a live one! - Spam source
Could you elaborate on what constitutes correct swip information? Sure, you just opened the door to my opinions on this :) -- WRONG -- OrgName:FortressITX OrgID: FORTR-5 Address:100 Delawanna Ave City: Clifton StateProv: NJ PostalCode: 07014 Country:US Found a referral to rwhois.fortressitx.com:4443. Timeout. -- - The argument that whois information should not be made public, is ridiculous. I here people saying that they don't publish whois information because they don't want the email's made public. Okay, at least the registered company name, or individual who presented the ID should be there. -- WRONG -- OrgName:Peer 1 Dedicated Hosting OrgID: P1DH-1 Address:101 Marietta Street Address:Suite 500 City: Atlanta StateProv: GA PostalCode: 30303 Country:US NetRange: 216.150.0.0 - 216.150.31.255 CIDR: 216.150.0.0/19 -- Okay, you REALLY want people to get tired of playing whack a mole? This is why many list operators block large ranges.. according to this listing, one responsible party for the whole list.. (oh, and don't get me started on reporting.. the quote i heard here was .. 'Oh, we don't do anything about spammers unless it affects other customers') So, how big a range should you block when you start seeing a pattern? Remember, organizations like UCE-PROTECT tend to base a reputation on /24 This is probably because in a lot of cases, you cannot tell does the person own the whole range, or just the top /25 -- RIGHT -- OrgName:Network Operations Center Inc. OrgID: NOC Address:PO Box 591 City: Scranton network:Network-Name:NET-96.9.145.224/28 network:IP-Network:96.9.145.224/28 network:Organization;I:org--6898 network:Org-Name:ServerPlaceNet c/o Network Operations Center, Inc. -- Simple, if the IP's reflect some behavior we don't like, we know exactly which ranges should be affected. Basically, if you absolve yourself of the responsibility for the conduct of part of your networks, to a 3rd party.. you should SWIP it. Some hosting companies are really good about this, even as far as SWIP'ing down to the /32. There is a chain of responsbilitly, and when a hosting company has a known offender using portion(s) of their space, it makes it much easier to decide how much of that space should be blocked. Should we block the whole /24 or only a portion? Say you see... 66.104.246.36: mail1.clubdelivery.net 66.104.246.37: mail1.deliverydirect.info 66.104.246.38: mail1.deliverymobile.net 66.104.246.39: mail1.deliveryonline.info 66.104.246.40: mail1.deliveryrama.net 66.104.246.41: mail1.deliveryusa.net 66.104.246.42: mail1.deliveryzilla.net 66.104.246.43: mail1.godelivery.info 66.104.246.44: mail1.instantdelivery.info 66.104.246.45: mail1.date-meet.net 66.104.246.46: mail1.uchatfree.net 66.104.246.47: mail1.secureeasypay.net 66.104.246.48: mail1.idevelopthings.com 66.104.246.49: mail1.whocanvote.com 66.104.246.50: mail1.freedvdz.net 66.104.246.51: mail1.freecybercam.com 66.104.246.53: mail2.clubdelivery.net 66.104.246.54: mail2.deliverydirect.info 66.104.246.55: mail2.deliverymobile.net 66.104.246.56: mail2.deliveryonline.info 66.104.246.57: mail2.deliveryrama.net 66.104.246.58: mail2.deliveryusa.net 66.104.246.59: mail2.deliveryzilla.net 66.104.246.60: mail2.godelivery.info 66.104.246.61: mail2.instantdelivery.info 66.104.246.62: mail2.date-meet.net It's listed as.. network:Organization;I:Precision Technology, Inc (286563-1) network:IP-Network:66.104.244.0/22 Well, we don't have to affect the whole XO block.. but who is the operator responsible for the activities of these servers? The SWIP should reflect that. Also, it makes it easier to see relevant activities from other ranges that the customer might own.. Like older IP Ranges... -- Precision Technology INC mycouponsavingsmailcom MYCOUPONSAVINGSMAILCOM 24.155.144.16 - 24.155.144.31 # 24.155.144.16/28 Guess business was good.. but now of course, with proper SWIP, we know that those IP's are no longer controlled by the same party . (we hope) Of course, it can still be abused.. if the hosting provider is in colusion.. changes the SWIP regularly to hide that it is the same operator.. but even then, we will see such patterns.. if a hosting company 'constantly' gets a new 'problem customer' sic then we can see that as well. -- -- Catch the Magic of Linux... Michael Peddemors - President/CEO - LinuxMagic Products, Services, Support and Development Visit us at http://www.linuxmagic.com A Wizard IT Company - For More Info http://www.wizard.ca LinuxMagic is a Registered TradeMark of Wizard
Re: I got a live one! - Spam source
On Wed, 25 Nov 2009 09:25:27 -0800 Michael Peddemors mich...@linuxmagic.com wrote: Could you elaborate on what constitutes correct swip information? Sure, you just opened the door to my opinions on this :) hmmm - odd that the 2 you chose to show as wrong, both feature highly in my postfix reject_clients map. -- John
iGlass CMTS monitoring solution
We've been looking at the iGlass's cable system monitoring solution for monitoring our cable system; It integrates with billing to give the ability, at a csr level, to allow them to directly lookup the status of a customer's cable modem (for example, online, offline, negotiationg, flapping), history, and also integrates with the CMTS and will make SNMP polls of the modems to see signal levels, CPE's attached, configured speed vs current actual speed, etc. I was wondering if anyone had any comments for or against them, or of alternative companies or even open source alternatives. I'm perfectly fine with 'roll your own' but Nagios/cacti type monitoring really just doesn't cut it where this is concerned. We're 10k customers. Contacting me offlist is fine. Thanks. __ Eric Esslinger Information Services Manager - Fayetteville Public Utilities http://www.fpu-tn.com/ (931)433-1522 ext 165 This message may contain confidential and/or proprietary information and is intended for the person/entity to whom it was originally addressed. Any use by others is strictly prohibited. attachment: Eric J Esslinger.vcf
Re: Help -- Having trouble trying to activate a GigE connection
I have seen this behavior caused by a mismatch of SFPs, SX on one side and LX on the other. /p On Tue, Nov 24, 2009 at 9:04 AM, Michael Ruiz mr...@telwestservices.com wrote: I don't think there is any reason to have hard-set speed and duplex, particularly between two Cisco's. Why not just set *both* sides (you can't set just one) to auto-negotation - 'no speed nonegotiate' on the 7606 side. Is this a straight shot, single fiber pair between the two or are there intermediate junctions or optics? It sounds like you have questionable fiber or optics in the path. It could be the fiber itself or the GBICs on either side. Mike, I tried setting the 7206 to auto, and the 7606 to nonnegtiate, however, no dice. We put light meter on both ends of the GBIC and light readings are at -20, which are applicable. Between the two routers are MMF and it is straight shot with no transport equipment in between. -Original Message- From: Michael K. Smith - Adhost [mailto:mksm...@adhost.com] Sent: Tuesday, November 24, 2009 10:25 AM To: Michael Ruiz; nanog@nanog.org Subject: RE: Help -- Having trouble trying to activate a GigE connection Hello Michael: -Original Message- From: Michael Ruiz [mailto:mr...@telwestservices.com] Sent: Tuesday, November 24, 2009 8:02 AM To: nanog@nanog.org Subject: Help -- Having trouble trying to activate a GigE connection Group, I am having an issue with activating a Gige interface between a Cisco 7206 VXR w/IO-1GE module to a 7606 w/sup720-3bxls connecting to a line module WS-X6416-GBIC. I have verified that the GBIC-MMF have good light reading and the MMF fiber jumper are not reversed. The GigE connection comes up briefly for about a few seconds, takes a burst of errors and goes down. I have tried to set the speed to nonegotiate on both ends, set one end to speed auto. No dice. Here is the copy of the configuration. On my 7606 I show that the GigE interface is up/up but on the 7206vxr I show down/down. Any help will be greatly appreciated. Thanks! I don't think there is any reason to have hard-set speed and duplex, particularly between two Cisco's. Why not just set *both* sides (you can't set just one) to auto-negotation - 'no speed nonegotiate' on the 7606 side. Is this a straight shot, single fiber pair between the two or are there intermediate junctions or optics? It sounds like you have questionable fiber or optics in the path. It could be the fiber itself or the GBICs on either side. Regards, Mike -- Peter Sandström Head of Operations, Stardoll AB phone: +46 (0)70 456 05 28 e-mail: pe...@stardoll.com | stardoll: pj0tr mail/visit: Hudiksvallsgatan 8, 113 30 Stockholm, Sweden www.stardoll.com - Fame, fashion and friends
RE: Help -- Having trouble trying to activate a GigE connection
I have seen this behavior caused by a mismatch of SFPs, SX on one side and LX on the other. We found the problem. After going through 5 MMF GBICS we found one that worked. -Original Message- From: Peter Sandström [mailto:pe...@stardoll.com] Sent: Wednesday, November 25, 2009 12:39 PM To: Michael Ruiz Cc: Michael K. Smith - Adhost; nanog@nanog.org Subject: Re: Help -- Having trouble trying to activate a GigE connection I have seen this behavior caused by a mismatch of SFPs, SX on one side and LX on the other. /p On Tue, Nov 24, 2009 at 9:04 AM, Michael Ruiz mr...@telwestservices.com wrote: I don't think there is any reason to have hard-set speed and duplex, particularly between two Cisco's. Why not just set *both* sides (you can't set just one) to auto-negotation - 'no speed nonegotiate' on the 7606 side. Is this a straight shot, single fiber pair between the two or are there intermediate junctions or optics? It sounds like you have questionable fiber or optics in the path. It could be the fiber itself or the GBICs on either side. Mike, I tried setting the 7206 to auto, and the 7606 to nonnegtiate, however, no dice. We put light meter on both ends of the GBIC and light readings are at -20, which are applicable. Between the two routers are MMF and it is straight shot with no transport equipment in between. -Original Message- From: Michael K. Smith - Adhost [mailto:mksm...@adhost.com] Sent: Tuesday, November 24, 2009 10:25 AM To: Michael Ruiz; nanog@nanog.org Subject: RE: Help -- Having trouble trying to activate a GigE connection Hello Michael: -Original Message- From: Michael Ruiz [mailto:mr...@telwestservices.com] Sent: Tuesday, November 24, 2009 8:02 AM To: nanog@nanog.org Subject: Help -- Having trouble trying to activate a GigE connection Group, I am having an issue with activating a Gige interface between a Cisco 7206 VXR w/IO-1GE module to a 7606 w/sup720-3bxls connecting to a line module WS-X6416-GBIC. I have verified that the GBIC-MMF have good light reading and the MMF fiber jumper are not reversed. The GigE connection comes up briefly for about a few seconds, takes a burst of errors and goes down. I have tried to set the speed to nonegotiate on both ends, set one end to speed auto. No dice. Here is the copy of the configuration. On my 7606 I show that the GigE interface is up/up but on the 7206vxr I show down/down. Any help will be greatly appreciated. Thanks! I don't think there is any reason to have hard-set speed and duplex, particularly between two Cisco's. Why not just set *both* sides (you can't set just one) to auto-negotation - 'no speed nonegotiate' on the 7606 side. Is this a straight shot, single fiber pair between the two or are there intermediate junctions or optics? It sounds like you have questionable fiber or optics in the path. It could be the fiber itself or the GBICs on either side. Regards, Mike -- Peter Sandström Head of Operations, Stardoll AB phone: +46 (0)70 456 05 28 e-mail: pe...@stardoll.com | stardoll: pj0tr mail/visit: Hudiksvallsgatan 8, 113 30 Stockholm, Sweden www.stardoll.com - Fame, fashion and friends
Re: Who has AS 1712?
I do not say everything is ideal now. However the RIRs are actively working to publish a complete set of stats files which also includes unallocated resources. I would've thought IANA would be responsible for unallocated resources. history shows that rirs would rather fight the iana and among themselves than be equals in the internet community. how they do not see that this leads to the itu is beyond me. More seriously, the theory is that the RIRs are bottom-up driven. If you think a unified whois schema across all RIRs (or even IRIS deployment) would be a good thing to have, there are likely better venues to raise the issue than NANOG. have the tee shirt. did not work. nih is not just a us govt agency. why we needed to regionalize irs in the first place is lost on me. fiefdoms. randy
Re: fight club :) richard bennett vs various nanogers, on paid peering
Click through to the PDF, it's a 16 page paper. RB [1]valdis.kletni...@vt.edu wrote: On Wed, 25 Nov 2009 03:32:02 PST, Richard Bennett said: ITIF is not opposed to network neutrality in principle, having released a paper on A Third Way on Network Neutrality, [2]http://www.itif.org/index.php?id=63. All of four paragraphs, which don't in fact address what the provider is or is not providing to Joe Sixpack - point 1 says discriminatory plans are OK as long as the discriminatory are on display in the cellar of the ISP office, with no stairs, in the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying Beware of the Leopard. And points 2 and 3 are saying that this should all be overseen by the same agencies that oversaw the previous decade's massive buildout of fiber to the home that was financed by massive multi-billion dollar incentives. Oh wait, those billions got pocketed - if the massive fiber buildout had happened, we'd have so much bandwidth that neutrality wouldn't be an issue... But then, the Republicans keep saying they are not opposed to health care reform in principle either... -- Richard Bennett Research Fellow Information Technology and Innovation Foundation Washington, DC References 1. mailto:valdis.kletni...@vt.edu 2. http://www.itif.org/index.php?id=63
Re: What DNS Is Not
Paul's article What DNS Is Not published in December's Issue of Communications of the ACM. Also ICANN publishes memorandum about Harms and Concerns Posed by NXDOMAIN Substitution: http://www.icann.org/en/topics/new-gtlds/nxdomain-substitution-harms-24nov09-en.pdf What needs to be done to have ISPs and other service providers stop tampering with DNS ? Cheers Jorge
Re: fight club :) richard bennett vs various nanogers, on paid peering
Whether or not Mr Bennett has any idea what he is talking about- and I have started to develop an opinion on that subject myself- I really would rather not see Nanog become a forum for partisan political discussion. There are _lots_ of places for that, which as a political junkie I read regularly. I like Nanog in part because it typically steers clear of this sort of thing (and you know the mailing list charter sez) and in some way serves as a refreshing change between reading Daily Kos and Powerline blogs. I will also say that while Mr Bennett's affiliation and paycheck have some relevance to interpreting what he says, it isn't justification for tossing everything he says out. If he seems to have no idea what he is talking about, that is reason for tossing out what he says. One final point- referring to conservadems is about as telling about perspective as certain people referring to RINO's. Bennett hasn't said anything blatantly partisan (perhaps he is to polished for that), his critics certainly have. You diminish your argument by doing so. I say all this even though some of the people getting engaged in this are people I've known for a while and respect a great deal, and others are ones I've read on Nanog for a number of years. I'm actually intersted in the substantive content, but I'd rather avoid the rest if you wouldn't mind. Thanks for listening, --D On Wed, Nov 25, 2009 at 7:13 AM, valdis.kletni...@vt.edu wrote: On Wed, 25 Nov 2009 03:32:02 PST, Richard Bennett said: ITIF is not opposed to network neutrality in principle, having released a paper on A Third Way on Network Neutrality, http://www.itif.org/index.php?id=63. All of four paragraphs, which don't in fact address what the provider is or is not providing to Joe Sixpack - point 1 says discriminatory plans are OK as long as the discriminatory are on display in the cellar of the ISP office, with no stairs, in the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying Beware of the Leopard. And points 2 and 3 are saying that this should all be overseen by the same agencies that oversaw the previous decade's massive buildout of fiber to the home that was financed by massive multi-billion dollar incentives. Oh wait, those billions got pocketed - if the massive fiber buildout had happened, we'd have so much bandwidth that neutrality wouldn't be an issue... But then, the Republicans keep saying they are not opposed to health care reform in principle either... -- -- Darren Bolding -- -- dar...@bolding.org --
Re: What DNS Is Not
On 25/11/09 14:58 -0600, Jorge Amodio wrote: Paul's article What DNS Is Not published in December's Issue of Communications of the ACM. Also ICANN publishes memorandum about Harms and Concerns Posed by NXDOMAIN Substitution: http://www.icann.org/en/topics/new-gtlds/nxdomain-substitution-harms-24nov09-en.pdf What needs to be done to have ISPs and other service providers stop tampering with DNS ? Some options: Contact your local, state and federal legislators and convince them it's in the public interest for them to draft legislation to outlaw this practice - and hope among all hope that the end result resembles something technically benevolent. Contact ICANN/IANA and plead with them to stop assigning any more resources to said ISP. Publicize what said ISP is doing and let its customers decide if it's a significantly deplorable enough practice for them to find another ISP. -- Dan White
Re: What DNS Is Not
On November 25, 2009, Jorge Amodio wrote: What needs to be done to have ISPs and other service providers stop tampering with DNS ? Cheers Jorge And what is needed to have a consistant 'whois' reporting format :) Keeping adding to the list? -- -- Catch the Magic of Linux... Michael Peddemors - President/CEO - LinuxMagic Products, Services, Support and Development Visit us at http://www.linuxmagic.com A Wizard IT Company - For More Info http://www.wizard.ca LinuxMagic is a Registered TradeMark of Wizard Tower TechnoServices Ltd. 604-589-0037 Beautiful British Columbia, Canada This email and any electronic data contained are confidential and intended solely for the use of the individual or entity to which they are addressed. Please note that any views or opinions presented in this email are solely those of the author and are not intended to represent those of the company.
Re: What DNS Is Not
Hi, On Nov 25, 2009, at 1:22 PM, Dan White wrote: Contact ICANN/IANA and plead with them to stop assigning any more resources to said ISP. ICANN/IANA doesn't assign resources to ISPs. Regards, -drc
Re: fight club :) richard bennett vs various nanogers, on paid peering
(pardon me if this message is not formatted correctly, T-bird doesn't like this list) I agree that this is not the proper venue for discussion of the politics of Internet regulation; the post I wrote for GigaOm has comments enabled, and many people with an anti-capitalist bone to pick have already availed themselves of that forum to advocate for the people's revolution. There are some technical issues that might be of more interest and relevance to operators, however. * One claim I made in my blog post is that traffic increases on the Internet aren't measured by MINTS very well. MINTS uses data from Meet-me switches, but IX's and colos are pulling x-connects like mad so more and more traffic is passing directly through the x-connects and therefore not being captured by MINTS. Rate of traffic increase is important for regulators as it relates to the cost of running an ISP and the need for traffic shaping. Seems to me that MINTS understates traffic growth, and people are dealing with it by lighting more dark fiber, pulling more fiber, and the x-connects are the tip of the iceberg that says this is going on. * A number of people said I have no basis for the claim that paid peering is on the increase, and it's true that the empirical data is slim due to the secretive nature of peering and transit agreements. This claim is based on hearsay and on the observation that Comcast now has a nationwide network and a very open policy regarding peering and paid peering. So if paid peering is only increasing at Comcast, now a top 10 network, it's increasing overall. * Some other people said I'm not entitled to have an opinion; so much for democracy and free speech. I'd be glad to hear from anyone who has data or informed opinions on these subjects, on-list of off-. The reason you should share is that people in Washington and Brussels listen to me, so it's in everybody's interest for me to be well-informed; I don't really have an ax to grind one way or another, but I do want law and regulation to be based on fact, not speculation and ideology. Thanks and have a nice day. RB Darren Bolding wrote: Whether or not Mr Bennett has any idea what he is talking about- and I have started to develop an opinion on that subject myself- I really would rather not see Nanog become a forum for partisan political discussion. There are _lots_ of places for that, which as a political junkie I read regularly. I like Nanog in part because it typically steers clear of this sort of thing (and you know the mailing list charter sez) and in some way serves as a refreshing change between reading Daily Kos and Powerline blogs. I will also say that while Mr Bennett's affiliation and paycheck have some relevance to interpreting what he says, it isn't justification for tossing everything he says out. If he seems to have no idea what he is talking about, that is reason for tossing out what he says. One final point- referring to conservadems is about as telling about perspective as certain people referring to RINO's. Bennett hasn't said anything blatantly partisan (perhaps he is to polished for that), his critics certainly have. You diminish your argument by doing so. I say all this even though some of the people getting engaged in this are people I've known for a while and respect a great deal, and others are ones I've read on Nanog for a number of years. I'm actually intersted in the substantive content, but I'd rather avoid the rest if you wouldn't mind. Thanks for listening, --D On Wed, Nov 25, 2009 at 7:13 AM, valdis.kletni...@vt.edu mailto:valdis.kletni...@vt.edu wrote: On Wed, 25 Nov 2009 03:32:02 PST, Richard Bennett said: ITIF is not opposed to network neutrality in principle, having released a paper on A Third Way on Network Neutrality, http://www.itif.org/index.php?id=63. All of four paragraphs, which don't in fact address what the provider is or is not providing to Joe Sixpack - point 1 says discriminatory plans are OK as long as the discriminatory are on display in the cellar of the ISP office, with no stairs, in the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying Beware of the Leopard. And points 2 and 3 are saying that this should all be overseen by the same agencies that oversaw the previous decade's massive buildout of fiber to the home that was financed by massive multi-billion dollar incentives. Oh wait, those billions got pocketed - if the massive fiber buildout had happened, we'd have so much bandwidth that neutrality wouldn't be an issue... But then, the Republicans keep saying they are not opposed to health care reform in principle either... -- -- Darren Bolding -- -- dar...@bolding.org mailto:dar...@bolding.org -- -- Richard Bennett Research
Re: fight club :) richard bennett vs various nanogers, on paid peering
On Wed, Nov 25, 2009 at 02:29:33PM -0800, Richard Bennett wrote: (pardon me if this message is not formatted correctly, T-bird doesn't like this list) I agree that this is not the proper venue for discussion of the politics of Internet regulation; the post I wrote for GigaOm has comments enabled, and many people with an anti-capitalist bone to pick have already availed themselves of that forum to advocate for the people's revolution. There are some technical issues that might be of more interest and relevance to operators, however. So now anyone who points out the massive flaws in your statements are part of an anti-capitalist movement? Any more conspiracy theories you'd like to put forward? I can't speak for anyone else, but personally I consider myself very pro-capitalism and it has absolutely no impact on how I feel about the blatantly wrong and baseless crap you are spewing. * One claim I made in my blog post is that traffic increases on the Internet aren't measured by MINTS very well. MINTS uses data from Meet-me switches, but IX's and colos are pulling x-connects like mad so more and more traffic is passing directly through the x-connects and therefore not being captured by MINTS. Rate of traffic increase is important for regulators as it relates to the cost of running an ISP and the need for traffic shaping. Seems to me that MINTS understates traffic growth, and people are dealing with it by lighting more dark fiber, pulling more fiber, and the x-connects are the tip of the iceberg that says this is going on. This is all completely irrelevent to everything else that has been discussed so far, but what the hell I'll bite. Traffic on the Internet is indeed growing rapidly, while the predominate technology for cost effectively interconnecting the vast majority of the bits (10 Gigabit Ethernet) has remained relatively static in recent years. Without a cost effective technology for interconnecting devices in 10Gbps increments (40Gbps OC-768 has existed for a while, but is far more expensive than simply doing 4x10GbE), the only reasonable way to scale a network is to build your links out of Nx10G bundles. In places with reasonable crossconnect pricing, it is far cheaper to simply order multiple crossconnects than it is to pay for DWDM gear, and thus you see a rapid increase in fiber crossconnects. * A number of people said I have no basis for the claim that paid peering is on the increase, and it's true that the empirical data is slim due to the secretive nature of peering and transit agreements. This claim is based on hearsay and on the observation that Comcast now has a nationwide network and a very open policy regarding peering and paid peering. So if paid peering is only increasing at Comcast, now a top 10 network, it's increasing overall. So in other words, you're admitting that you have absolutely no basis for your claim, and you're simply making it up based on indirect hearsay modified with your own ill-informed conclusions? First intelligent thing you've said so far. If you actually bothered to ask anyone in the industry with experience dealing with Comcast, they would tell you that while Comcast initially entered the market primarily trying to sell paid peering, they have since switched their efforts to primarily selling full transit. There are only a certain number of networks who even know what to DO with a paid peering product, and a vastly larger number who know what to do with a transit product, so it makes perfect sense really. * Some other people said I'm not entitled to have an opinion; so much for democracy and free speech. You are not entitled to opine an opinion on a subject matter which you do not understand, without being called out for it. Sane and rational people understand when they are talking out their ass and are being corrected by knowledgable experts, and will shut the hell up and listen. Sadly this seems to be a skill you lack. I'd be glad to hear from anyone who has data or informed opinions on these subjects, on-list of off-. The reason you should share is that people in Washington and Brussels listen to me, so it's in everybody's interest for me to be well-informed; I don't really have an ax to grind one way or another, but I do want law and regulation to be based on fact, not speculation and ideology. So far none of the above statements seem to be true. -- Richard A Steenbergen r...@e-gerbil.net http://www.e-gerbil.net/ras GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
Re: What DNS Is Not
What needs to be done to have ISPs and other service providers stop tampering with DNS ? Some options: Contact your local, state and federal legislators and convince them it's in the public interest for them to draft legislation to outlaw this practice - and hope among all hope that the end result resembles something technically benevolent. Do we really want big brother sniffing around ? What about net neutrality ? Contact ICANN/IANA and plead with them to stop assigning any more resources to said ISP. ICANN has no contractual relationship with the service providers abusing the DNS, but a far reaching idea could claim ICANN responsibility and commitment to preserve and enhance the operational stability, reliability, security, and global interoperability of the Internet, stated in one of its core values on its bylaws. Publicize what said ISP is doing and let its customers decide if it's a significantly deplorable enough practice for them to find another ISP. Well Time Warner/Road Runner does it at least here in San Antonio, at least the don't filter DNS traffic if you choose to use other name servers and don't have a nasty proxy like the guys from Telefonica in Argentina. Anyway some of this nasty behavior will go away when as Mark said DNSSEC is fully deployed (someday). Regards Jorge
Re: fight club :) richard bennett vs various nanogers, on paid peering
On Wed, Nov 25, 2009 at 02:29:33PM -0800, Richard Bennett wrote: * One claim I made in my blog post is that traffic increases on the Internet aren't measured by MINTS very well. MINTS uses data from Meet-me switches, but IX's and colos are pulling x-connects like mad so more and more traffic is passing directly through the x-connects and therefore not being captured by MINTS. Rate of traffic increase is important for regulators as it relates to the cost of running an ISP and the need for traffic shaping. Seems to me that MINTS understates traffic growth, and people are dealing with it by lighting more dark fiber, pulling more fiber, and the x-connects are the tip of the iceberg that says this is going on. Oh also I forgot to mention that trying to map a direct relationship between IX traffic growth and total IP traffic growth is completely bogus. There is a significant modifier you're missing, and it's called price. Two years ago the price for an IX port at the large commercial exchange points in the US (which account for the vast majority of the traffic, no offense to the small non-comercial exchanges out there) was between 4-7x higher than the price for the same ports today. The reason for the price drop had nothing to do with changing economics of providing the service, but rather it was because of a wide-spread price war between the two largest IX operators in the US. Such a massive change in the economics for the IP network operators will obviously result in major changes to the amount of traffic delivered over IX fabrics vs private interconnection. Again, something you could have actually asked operators about rather than making up conclusons in your head. -- Richard A Steenbergen r...@e-gerbil.net http://www.e-gerbil.net/ras GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
Re: I got a live one! - Spam source
On Wed, Nov 25, 2009 at 10:55 PM, Michael Peddemors mich...@linuxmagic.com wrote: Could you elaborate on what constitutes correct swip information? Sure, you just opened the door to my opinions on this :) Dysfunctional rwhois servers sounds more like general brokenness than malice. The other interesting (!) characteristic of thie sort of bulk mailer discussed in this thread is that the netblock is most likely swipped / rwhois'd to a brand new shell company LLC, headquartered in what looks like a UPS store maildrop.
Re: What DNS Is Not
In message 202705b0911251526n75194c46m30cdfcb4809b6...@mail.gmail.com, Jorge Amodio writes: What needs to be done to have ISPs and other service providers stop tampering with DNS ? Some options: Contact your local, state and federal legislators and convince them it's in the public interest for them to draft legislation to outlaw this practice - and hope among all hope that the end result resembles something technically benevolent. Do we really want big brother sniffing around ? What about net neutrality ? It's fraud, theft or both. The ISP's doing this don't own these names and they are pretending to be someone they are not. Just because lots of them are doing it doesn't make it right. You should be able to go to your local police and report this and have action taken. Contact ICANN/IANA and plead with them to stop assigning any more resources to said ISP. ICANN has no contractual relationship with the service providers abusing the DNS, but a far reaching idea could claim ICANN responsibility and commitment to preserve and enhance the operational stability, reliability, security, and global interoperability of the Internet, stated in one of its core values on its bylaws. Publicize what said ISP is doing and let its customers decide if it's a significantly deplorable enough practice for them to find another ISP. Well Time Warner/Road Runner does it at least here in San Antonio, at least the don't filter DNS traffic if you choose to use other name servers and don't have a nasty proxy like the guys from Telefonica in Argentina. Anyway some of this nasty behavior will go away when as Mark said DNSSEC is fully deployed (someday). Regards Jorge -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
Re: What DNS Is Not
On 25/11/09 14:17 -0800, David Conrad wrote: Hi, On Nov 25, 2009, at 1:22 PM, Dan White wrote: Contact ICANN/IANA and plead with them to stop assigning any more resources to said ISP. ICANN/IANA doesn't assign resources to ISPs. Indirectly they're responsible for assignment of IP address, enterprise numbers, domain names etc. Of course you're not going to get very far with that approach. My point was there isn't really an authority to enforce rules on ISPs when it comes to how they manage their DNS servers. Government and IANA won't be interested in fielding such complaints. Shining a flash light on the problem publicly is going to be the best best. -- Dan White
AUTO: Lumír Srch ml. is out of office
I am out of the office until 30.11.2009. Na Vas e-mail odpovim co nejdrive. V pripade urgentnich problemu prosim kontaktujte helpdesk. I will answer your e-mail as soon as possible. Your e-mail will not be forwarded. Please contact helpdesk for urgent issues. Dekuji za pochopení Lumir Srch ml. Note: This is an automated response to your message Re: I got a live one! - Spam source sent on 26.11.09 1:16:53. This is the only notification you will receive while this person is away.
Re: What DNS Is Not
Jorge Amodio jmamo...@gmail.com writes: What needs to be done to have ISPs and other service providers stop tampering with DNS ? we have to fix DNS so that provider-in-the-middle attacks no longer work. (this is why in spite of its technical excellence i am not a DNSCURVE fan, and also why in spite of its technical suckitude i'm working on DNSSEC.) http://queue.acm.org/detail.cfm?id=1647302 lays out this case. -- Paul Vixie KI6YSY
Re: What DNS Is Not
On Wed, Nov 25, 2009 at 02:17:37PM -0800, David Conrad wrote: Hi, On Nov 25, 2009, at 1:22 PM, Dan White wrote: Contact ICANN/IANA and plead with them to stop assigning any more resources to said ISP. ICANN/IANA doesn't assign resources to ISPs. Regards, -drc any more :) --bill
Multicast LDP or P2MP RSVP LDP
Hi All, I just want to know about the deployment of Multicast LDP or P2MP RSVP and LDP is available from any vendor or they are still in draft status? Also it will be great if some one can give me an idea of Multicast VPN deployment in service providers; are they deployed with draft Rosen GRE based solution or BGP auto discovery mechanism? Thanks in advance for help... regards, Devang
Re: Multicast LDP or P2MP RSVP LDP
On 26 Nov 2009, at 06:27, devang patel wrote: Hi All, I just want to know about the deployment of Multicast LDP or P2MP RSVP and LDP is available from any vendor or they are still in draft status? Hi Devang, To the best of my knowledge, the only current P2MP LSP implementation available is in JunOS [0]. The guys at Juniper wrote a draft relating to their experience with scaling and implementing P2MP MVPN [1], which is worth a look -- this draft mentions that IOS XR has an implementation, although I struggled to find any documentation that confirms this. Both the LDP-based [2] P2MP standard are still in draft status, but the extensions required in RSVP-TE for signalling P2MP paths are in RFC4875 [3]. From a couple of discussions I've had, there are not very many people using this functionality -- with most common application being IPTV. For traditional transport of multicast over an SP core, it's often easier to provide some AToM/L2VPN service. Hope this helps somewhat. Kind regards, Rob [0]: http://www.juniper.net/techpubs/software/junos/junos91/feature-guide/configuring-traffic-engineering-p2mp-lsps-in-provider-tunnels.html [1]: http://tools.ietf.org/html/draft-joseph-p2mp-mvpn-experience-00 [2]: http://tools.ietf.org/html/draft-ietf-mpls-ldp-p2mp-08 [3]: http://tools.ietf.org/html/rfc4875 -- Rob Shakir r...@eng.gxn.net Network Development EngineerGX Networks/Vialtus Solutions ddi: +44208 587 6077mob: +44797 155 4098 pgp: 0xc07e6deb nic-hdl: RJS-RIPE This email is subject to: http://www.vialtus.com/disclaimer.html
Re: Multicast LDP or P2MP RSVP LDP
Rob, Can you share some documentation with me on how to configure as well as any kind of configuration example will be great help. Thanks, Devang On Thu, Nov 26, 2009 at 12:46 AM, Rob Shakir r...@eng.gxn.net wrote: On 26 Nov 2009, at 06:27, devang patel wrote: Hi All, I just want to know about the deployment of Multicast LDP or P2MP RSVP and LDP is available from any vendor or they are still in draft status? Hi Devang, To the best of my knowledge, the only current P2MP LSP implementation available is in JunOS [0]. The guys at Juniper wrote a draft relating to their experience with scaling and implementing P2MP MVPN [1], which is worth a look -- this draft mentions that IOS XR has an implementation, although I struggled to find any documentation that confirms this. Both the LDP-based [2] P2MP standard are still in draft status, but the extensions required in RSVP-TE for signalling P2MP paths are in RFC4875 [3]. From a couple of discussions I've had, there are not very many people using this functionality -- with most common application being IPTV. For traditional transport of multicast over an SP core, it's often easier to provide some AToM/L2VPN service. Hope this helps somewhat. Kind regards, Rob [0]: http://www.juniper.net/techpubs/software/junos/junos91/feature-guide/configuring-traffic-engineering-p2mp-lsps-in-provider-tunnels.html [1]: http://tools.ietf.org/html/draft-joseph-p2mp-mvpn-experience-00 [2]: http://tools.ietf.org/html/draft-ietf-mpls-ldp-p2mp-08 [3]: http://tools.ietf.org/html/rfc4875 -- Rob Shakir r...@eng.gxn.net Network Development EngineerGX Networks/Vialtus Solutions ddi: +44208 587 6077mob: +44797 155 4098 pgp: 0xc07e6deb nic-hdl: RJS-RIPE This email is subject to: http://www.vialtus.com/disclaimer.html