192.0.0.0/24
We recently were told to contact a client (via ftp) at 192.0.0.201. IANA lists this as Special Use, but refers to RFC 3330 for additional information. http://www.rfc-editor.org/rfc/rfc3330.txt;. This RFC says that it might be assigned in the future. So, did the folks who sent us the IP address fat-finger, or has this been assigned? There does not appear to be any route to it. -- -=[L]=- `is not a sentence' is not a sentence.
Re: IPv4 ANYCAST setup
I have talked to multiple security officers (who are generally not really knowledgeable on networks) who had 53/tcp blocked and none have yet agreed to change it. patience. when things really start to break, and the finger of fate points at them, clue may arise. 36 days until all root servers have DNSSEC data, at which point large replies become normal. are end user tools, i.e. a web click a button, available so they can test if they are behind a clueless security id10t? is there good simple end user docco they are somewhat likely to find when things break for them? i.e. what can we do to maximize the odds that the victim will quickly find the perp, as opposed to calling our our tech support lines? randy
Re: IPv4 ANYCAST setup
On Tue, 30 Mar 2010 15:59:08 +0900, Randy Bush said: I have talked to multiple security officers (who are generally not really knowledgeable on networks) who had 53/tcp blocked and none have yet agreed to change it. patience. when things really start to break, and the finger of fate points at them, clue may arise. How many years did it take for firewalls to quit screwing with the ECN bits? pgpQuHLCnf2II.pgp Description: PGP signature
Re: Useful URL for network operators
On Sat, Mar 27, 2010 at 11:36:52AM -0700, Randy Bush wrote: could you please keep a constant email address so we don't have to keep adding to our mail filters? thanks. he is invading other lists as well, looks like he is trying to become a net.kook. -- Date: Tue, 30 Mar 2010 08:10:32 +0200 From: Guillaume FORTAINE gforta...@live.com To: me...@menog.net Subject: Re: [menog] Useful URL for network operators Dear all, Once again, please ignore Jim Mercer. He should do more homeworks too. a) I have never heard of Randy Bush b) I didn't coin the term EDoS : ... c) I have never heard of him Really, I am a bit tired from quick and poor replies from NANOGers. Simply mediocre engineers. Best Regards, Guillaume FORTAINE -- -- Jim Mercerj...@reptiles.org+92 336 520-4504 I'm Prime Minister of Canada, I live here and I'm going to take a leak. - Lester Pearson in 1967, during a meeting between himself and President Lyndon Johnson, whose Secret Service detail had taken over Pearson's cottage retreat. At one point, a Johnson guard asked Pearson, Who are you and where are you going?
Re: DNSSEC deployment testing and awareness (Was: Re: IPv4 ANYCAST setup)
I must observe that these are not really the links you'd want to give your end users to check out. Their audience is very different. While the article on RIPE Labs comes close, they don't really answer the does it work or does it not? question with a green/red light, and they don't provide a good explanation to the audience Randy is referring to. Robert On 2010.03.30. 11:29, Phil Regnauld wrote: Randy Bush (randy) writes: i.e. what can we do to maximize the odds that the victim will quickly find the perp, as opposed to calling our our tech support lines? Ah yes, there was the second good reason for actually helping netops and security officers :) Tools: https://www.dns-oarc.net/oarc/services/replysizetest https://www.dnssec-deployment.org/wiki/index.php/Tools_and_Resources, under troubleshooting: http://labs.ripe.net/content/testing-your-resolver-dns-reply-size-issues http://secspider.cs.ucla.edu/ Info sheets: http://www.afnic.fr/actu/nouvelles/240/l-afnic-invite-les-responsables-techniques-reseaux-a-se-preparer-a-la-signature-de-la-racine-dns-en-mai-2010 (click English, top right) ... plenty of links there too. Cheers, Phil
Re: DNSSEC deployment testing and awareness (Was: Re: IPv4 ANYCAST setup)
Robert Kisteleki (robert) writes: I must observe that these are not really the links you'd want to give your end users to check out. Their audience is very different. While the article on RIPE Labs comes close, they don't really answer the does it work or does it not? question with a green/red light, and they don't provide a good explanation to the audience Randy is referring to. Fair enough. Some simple check your DNS reply size test [what is this ?] page ought to be set up, with a simple explanagtion. checkmydns.org is available. If I get 5 minutes... :)
Re: IPv4 ANYCAST setup
Kevin Oberman ober...@es.net writes: He said that if the protocols would not handle blocked 53/tcp, the protocols would have to be changed. Opening the port was simply not open to discussion. Do they also believe that all DNS replies are less than 512 bytes? :-) Tony. -- f.anthony.n.finch d...@dotat.at http://dotat.at/ GERMAN BIGHT HUMBER: SOUTHWEST 5 TO 7. MODERATE OR ROUGH. SQUALLY SHOWERS. MODERATE OR GOOD.
Re: Useful URL for network operators
On Tue, 30 Mar 2010 05:34:06 EDT, Jim Mercer said: Once again, please ignore Jim Mercer. He should do more homeworks too. He's said similar about a number of people who have more operations clue than he does. I'd comment, except Woody Allen already did it better: http://www.youtube.com/watch?v=9wWUc8BZgWE a) I have never heard of Randy Bush That's OK, I encoura.. oh nevermind, it's shooting fish in a barrel. ;) pgp25ExuCTJ6D.pgp Description: PGP signature
RE: Auto MDI/MDI-X + conference rooms + bored == loop
We had a school district that had a large number of dumb switches in each class room hanging off real ones. These would get looped when a student or staff member plugged a patch cable into two ports on the end switch, taking down large portions of the network. It seems Cisco 3500's ignore a BPDU that comes in the same port it comes out. We switched them to 3750's as part of other upgrades, which eliminated the BPDU problem (3560's and 3550's also work correctly), RSTP, enabled port fast, root guard, loop back detection, and storm control. Then set the switches to automatically come back in service from err-disable after 60 seconds or so. In every single test we did (looping off a dumb switch, looping two ports on the 3750, looping between two 3750 in different stacks), there was immediate blocking occurring that prevented any non-sense from effecting the network. Of course the little switches get taken out along with anything connected, but that's really just an indicator of the need for more drops from real switches. Additionally, turning on only one of the features at a time still shut down the port within a second or so. I don't really like BPDUGuard when rootguard is available, as I think other devices should be able to participate in STP so long as they aren't trying to reconverge the network by grabbing root or becoming a transit between two building switches. As for RSTP, it's on for every switch we deploy unless there is some compelling reason not to do so. I have yet to find another switch that will not work even if it only supports old STP. -WT -Original Message- From: Chuck Anderson [mailto:c...@wpi.edu] Sent: Friday, March 26, 2010 6:09 PM To: nanog@nanog.org Subject: Auto MDI/MDI-X + conference rooms + bored == loop Anyone have suggestions on Ethernet LAN loop-prevention? With the advent of Auto MDI/MDI-X ports on switches, it seems way too easy to accidentally or maliciously create loops between network jacks. We have bored or inattentive people plugging in patch cords between adjacent network jacks. STP for loop-prevention isn't working so well for us. STP edge or portfast or faststart modes are required for end-station ports (with normal STP, DHCP often times out after 30+ seconds it takes to go into Forwarding state). Since the edge STP mode goes into Forwarding state immediately, there is a period when loops will form, causing havok with upstream gear until STP blocks the port (if it ever does see below). Desktop switches. You know, those 4 or 5 port Gigabit Ethernet switches. Apparently, many of them don't do any kind of STP at all. Recommendations on ones that do STP? RSTP: is it any better than traditional STP in regards to edge ports and blocking before a loop gets out of hand? Or perhaps blocking for 5-10 seconds before going into Forwarding state, hopefully preventing loops before they happen but also allowing DHCP clients to get an address without timeouts? Recommendations on Desktop switches that do RSTP? Thanks for your suggestions/discussion. -- - Chuck (354 Days until IPv4 depletion: http://ipv4depletion.com/)
RE: NANOG Digest, Vol 26, Issue 142
:27 + From: bmann...@vacation.karoshi.com Subject: Re: IPv4 ANYCAST setup To: Randy Bush ra...@psg.com Cc: nanog@nanog.org nanog@nanog.org Message-ID: 20100330100527.gc30...@vacation.karoshi.com. Content-Type: text/plain; charset=us-ascii On Tue, Mar 30, 2010 at 05:43:25PM +0900, Randy Bush wrote: I have talked to multiple security officers (who are generally not really knowledgeable on networks) who had 53/tcp blocked and none have yet agreed to change it. patience. when things really start to break, and the finger of fate points at them, clue may arise. 36 days until all root servers have DNSSEC data, at which point large replies become normal. are end user tools, i.e. a web click a button, available so they can test if they are behind a clueless security id10t? no - in part because using a browser to debug DNS involves a third app (and likly a third/forth) platform. the nifty OARC testpoint is nearly worthless for real operations, since its not located at/near a DNS authoritative source. the K testpoint is good, I should prolly put back the one off B. is there good simple end user docco they are somewhat likely to find when things break for them? not yet. in part because out of the few simple parts, many, many combinations of failure can occur. ) MTU strictures: v6/v4 tunneling v6/v4 MTU clamping ) Fragmenation UDP ) Port blocking ) Resolver Behaviour EDNS awareness i.e. what can we do to maximize the odds that the victim will quickly find the perp, as opposed to calling our our tech support lines? thats a tough call. as tech support staff, we are almost always an outside observer on the path btwn the victim and the perp. troubleshooting is going to be problematic. randy -- Message: 5 Date: Tue, 30 Mar 2010 11:53:12 +0100 From: Tony Finch d...@dotat.at Subject: Re: IPv4 ANYCAST setup To: nanog@nanog.org Message-ID: alpine.lsu.2.00.1003301152280.1...@hermes-2.csi.cam.ac.uk Content-Type: TEXT/PLAIN; charset=US-ASCII Kevin Oberman ober...@es.net writes: He said that if the protocols would not handle blocked 53/tcp, the protocols would have to be changed. Opening the port was simply not open to discussion. Do they also believe that all DNS replies are less than 512 bytes? :-) Tony. -- f.anthony.n.finch d...@dotat.at http://dotat.at/ GERMAN BIGHT HUMBER: SOUTHWEST 5 TO 7. MODERATE OR ROUGH. SQUALLY SHOWERS. MODERATE OR GOOD. -- Message: 6 Date: Tue, 30 Mar 2010 07:33:39 -0400 From: valdis.kletni...@vt.edu Subject: Re: Useful URL for network operators To: Jim Mercer j...@reptiles.org Cc: nanog@nanog.org Message-ID: 1191.1269948...@localhost Content-Type: text/plain; charset=us-ascii On Tue, 30 Mar 2010 05:34:06 EDT, Jim Mercer said: Once again, please ignore Jim Mercer. He should do more homeworks too. He's said similar about a number of people who have more operations clue than he does. I'd comment, except Woody Allen already did it better: http://www.youtube.com/watch?v=9wWUc8BZgWE a) I have never heard of Randy Bush That's OK, I encoura.. oh nevermind, it's shooting fish in a barrel. ;) -- next part -- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 227 bytes Desc: not available Url : http://mailman.nanog.org/mailman/nanog/attachments/20100330/dfea2bda/attachment-0001.pgp -- Message: 7 Date: Tue, 30 Mar 2010 07:36:04 -0400 From: William Mullaney wmulla...@annese.com Subject: RE: Auto MDI/MDI-X + conference rooms + bored == loop To: Chuck Anderson c...@wpi.edu,nanog@nanog.org Message-ID: cb659fef50324640b503095da13fa9f4f65...@comm02.annese.local Content-Type: text/plain; charset=us-ascii We had a school district that had a large number of dumb switches in each class room hanging off real ones. These would get looped when a student or staff member plugged a patch cable into two ports on the end switch, taking down large portions of the network. It seems Cisco 3500's ignore a BPDU that comes in the same port it comes out. We switched them to 3750's as part of other upgrades, which eliminated the BPDU problem (3560's and 3550's also work correctly), RSTP, enabled port fast, root guard, loop back detection, and storm control. Then set the switches to automatically come back in service from err-disable after 60 seconds or so. In every single test we did (looping off a dumb switch, looping two ports on the 3750, looping between two 3750 in different stacks), there was immediate blocking occurring that prevented any non-sense from effecting the network. Of course the little switches get taken out along with anything connected
FTC / Nexband
Hi Wondering if anyone has some contact with FTC or Nexband or whoever. I can't find Someone without clue has decided it's a good idea to make almost all of 66.211.112.0/20 share the same PTR record. This has bad consequences, and is beginning to irritate me. [coffee ~]$ host 66.211.118.239 239.118.211.66.in-addr.arpa domain name pointer adsl.fultontelephone.net. [coffee ~]$ host 66.211.118.221 221.118.211.66.in-addr.arpa domain name pointer adsl.fultontelephone.net. [coffee ~]$ host adsl.fultontelephone.net | wc -l 4044 In the real world, the result is more like: [coffee ~]$ dig +short adsl.fultontelephone.net A ;; Truncated, retrying in TCP mode. dig: dns_rdata_totext: ran out of space So yeah... if someone wants to correct that, it would be great. And if everyone else in the world can please not EVER do something like this, that would also be good.
Re: 192.0.0.0/24
On Mar 30, 2010, at 2:17 AM, Lou Katz wrote: We recently were told to contact a client (via ftp) at 192.0.0.201. IANA lists this as Special Use, but refers to RFC 3330 for additional information. http://www.rfc-editor.org/rfc/rfc3330.txt;. This RFC says that it might be assigned in the future. My guess is your client is using it that IP internally, perhaps mistakenly thinking it is RFC1918 space? I've seen this a lot when dealing with the less clued. -Patrick -- Patrick Muldoon Network/Software Engineer INOC (http://www.inoc.net) PGPKEY (http://www.inoc.net/~doon) Key ID: 0x370D752C /* Don't meddle in the affairs of sysadmins, * for they are subtle and quick to anger. */
RE: NANOG Digest, Vol 26, Issue 142
:27 + From: bmann...@vacation.karoshi.com Subject: Re: IPv4 ANYCAST setup To: Randy Bush ra...@psg.com Cc: nanog@nanog.org nanog@nanog.org Message-ID: 20100330100527.gc30...@vacation.karoshi.com. Content-Type: text/plain; charset=us-ascii On Tue, Mar 30, 2010 at 05:43:25PM +0900, Randy Bush wrote: I have talked to multiple security officers (who are generally not really knowledgeable on networks) who had 53/tcp blocked and none have yet agreed to change it. patience. when things really start to break, and the finger of fate points at them, clue may arise. 36 days until all root servers have DNSSEC data, at which point large replies become normal. are end user tools, i.e. a web click a button, available so they can test if they are behind a clueless security id10t? no - in part because using a browser to debug DNS involves a third app (and likly a third/forth) platform. the nifty OARC testpoint is nearly worthless for real operations, since its not located at/near a DNS authoritative source. the K testpoint is good, I should prolly put back the one off B. is there good simple end user docco they are somewhat likely to find when things break for them? not yet. in part because out of the few simple parts, many, many combinations of failure can occur. ) MTU strictures: v6/v4 tunneling v6/v4 MTU clamping ) Fragmenation UDP ) Port blocking ) Resolver Behaviour EDNS awareness i.e. what can we do to maximize the odds that the victim will quickly find the perp, as opposed to calling our our tech support lines? thats a tough call. as tech support staff, we are almost always an outside observer on the path btwn the victim and the perp. troubleshooting is going to be problematic. randy -- Message: 5 Date: Tue, 30 Mar 2010 11:53:12 +0100 From: Tony Finch d...@dotat.at Subject: Re: IPv4 ANYCAST setup To: nanog@nanog.org Message-ID: alpine.lsu.2.00.1003301152280.1...@hermes-2.csi.cam.ac.uk Content-Type: TEXT/PLAIN; charset=US-ASCII Kevin Oberman ober...@es.net writes: He said that if the protocols would not handle blocked 53/tcp, the protocols would have to be changed. Opening the port was simply not open to discussion. Do they also believe that all DNS replies are less than 512 bytes? :-) Tony. -- f.anthony.n.finch d...@dotat.at http://dotat.at/ GERMAN BIGHT HUMBER: SOUTHWEST 5 TO 7. MODERATE OR ROUGH. SQUALLY SHOWERS. MODERATE OR GOOD. -- Message: 6 Date: Tue, 30 Mar 2010 07:33:39 -0400 From: valdis.kletni...@vt.edu Subject: Re: Useful URL for network operators To: Jim Mercer j...@reptiles.org Cc: nanog@nanog.org Message-ID: 1191.1269948...@localhost Content-Type: text/plain; charset=us-ascii On Tue, 30 Mar 2010 05:34:06 EDT, Jim Mercer said: Once again, please ignore Jim Mercer. He should do more homeworks too. He's said similar about a number of people who have more operations clue than he does. I'd comment, except Woody Allen already did it better: http://www.youtube.com/watch?v=9wWUc8BZgWE a) I have never heard of Randy Bush That's OK, I encoura.. oh nevermind, it's shooting fish in a barrel. ;) -- next part -- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 227 bytes Desc: not available Url : http://mailman.nanog.org/mailman/nanog/attachments/20100330/dfea2bda/attachment-0001.pgp -- Message: 7 Date: Tue, 30 Mar 2010 07:36:04 -0400 From: William Mullaney wmulla...@annese.com Subject: RE: Auto MDI/MDI-X + conference rooms + bored == loop To: Chuck Anderson c...@wpi.edu,nanog@nanog.org Message-ID: cb659fef50324640b503095da13fa9f4f65...@comm02.annese.local Content-Type: text/plain; charset=us-ascii We had a school district that had a large number of dumb switches in each class room hanging off real ones. These would get looped when a student or staff member plugged a patch cable into two ports on the end switch, taking down large portions of the network. It seems Cisco 3500's ignore a BPDU that comes in the same port it comes out. We switched them to 3750's as part of other upgrades, which eliminated the BPDU problem (3560's and 3550's also work correctly), RSTP, enabled port fast, root guard, loop back detection, and storm control. Then set the switches to automatically come back in service from err-disable after 60 seconds or so. In every single test we did (looping off a dumb switch, looping two ports on the 3750, looping between two 3750 in different stacks), there was immediate blocking occurring that prevented any non-sense from effecting the network. Of course the little switches get taken out along with anything connected
Re: FTC / Nexband
On Tue, Mar 30, 2010 at 03:03:48PM +0200, Colin Alston wrote: In the real world, the result is more like: [coffee ~]$ dig +short adsl.fultontelephone.net A ;; Truncated, retrying in TCP mode. dig: dns_rdata_totext: ran out of space So yeah... if someone wants to correct that, it would be great. And if everyone else in the world can please not EVER do something like this, that would also be good. anyone for reverse mapping an IPv6 /32? --bill
BER performance on fiber links
Hi all, What is the bit error rate that can be expected from a modern hi capacity mostly optical point to point circuits ? 10 E-7 would be too conservative or too agressive? What if the circuit is in fact Ethernet LAN to LAN transport? How many frames can one expect to be discarded due to link errors? Thank you in advance. A.B.
Re: Useful URL for network operators
On 3/30/2010 04:34, Jim Mercer wrote: he is invading other lists as well, looks like he is trying to become a net.kook. EXPN 'become' -- Democracy: Three wolves and a sheep voting on the dinner menu. Requiescas in pace o email Ex turpi causa non oritur actio Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs http://tinyurl.com/7tp8ml
Re: NANOG Digest, Vol 26, Issue 142
On 3/30/2010 08:09, Stephen Tandy wrote: Sent from my Windows® phone. -Original Message- From: nanog-requ...@nanog.org nanog-requ...@nanog.org Sent: 30 March 2010 13:00 To: nanog@nanog.org nanog@nanog.org Subject: NANOG Digest, Vol 26, Issue 142 Send NANOG mailing list submissions to nanog@nanog.org To subscribe or unsubscribe via the World Wide Web, visit https://mailman.nanog.org/mailman/listinfo/nanog or, via email, send a message with subject or body 'help' to nanog-requ...@nanog.org You can reach the person managing the list at nanog-ow...@nanog.org When replying, please edit your Subject line so it is more specific than Re: Contents of NANOG digest... [Snip] I keep seeing these. Is there a point? You can find clueless people everywhere. Jens -- Democracy: Three wolves and a sheep voting on the dinner menu. Requiescas in pace o email Ex turpi causa non oritur actio Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs http://tinyurl.com/7tp8ml
Re: IP4 Space
On Monday 29 March 2010 07:17:28 pm Doug Barton wrote: However, none of that is relevant to the fact that a change IS coming, whether you're ready for it or not. The questions are, what will the change(s) be, how soon, and how will it/they affect me? [snip] So the question is not, Can I afford to make a change? The questions are as above, what, and how soon? This is why we have been telling people for years to work IPv6 requirements into all NEW stuff (networking hardware, end-user systems, b/w contracts) so that WHEN the changes start to affect you you won't have to do a forklift upgrade. The nature of these changes (what, how soon, how will I be affected) will be entirely determined by how many can afford the costs of the implementation, and how soon they can afford it, as well as how quickly others can afford it; the more 'others' that can afford it, the more desirable affording it becomes to that set of all 'others' severally. One problem I see is one of marketing; marketing towards a negative is typically much less effective than marketing a positive. Market what people can do with IPv6, not what they can't do without IPv6. The 'IPv4 address space is running out' line is much weaker than it should be (with CxO's), because it's marketing a negative. The 'wow, here's valuable stuff you can do only with IPv6' is much more compelling. What is that 'valuable stuff?' (rhetorical question, I've seen some lists, they're not a compelling as they could be) The biggest problem with using the IPv4 allocation shortage as a negative is that it's not even a hard negative, really, not like Y2K, the most successful negative marketing example that I can think of, was. But this is different; when the IPv4 space is fully allocated, my existing services won't just up and quit. I'll have to do something other than get more IPv4, of course, and I'll start by being creative with how the existing services are allocated their IPv4 space, work my way up to some NAT-PT to overlap multiple services on a single IP, all the while looking at what the IPv6 addition will cost me, and will gain me. I mean, really: address space doesn't technically run out; it just all gets allocated; IP addresses are not consumables, but to a degree they're capital. But what the RIR's give, the RIR's can take away, or rearrange. And you asymptotically approach having 4 billion AS's running /32 networks with multi- layer NAT on the eyeballs and deep name-based virtual hosting (usable since HTTP v1.1) on the content side. And an enhancement to DNS allowing a port number to be part of an A record. But if no one (or close enough to 'no one') can afford to do IPv6, then IPv6 won't happen and the above scenario becomes more likely. Likewise, if everyone (or close enough to 'everyone') can afford to do IPv6, then IPv6 will happen quickly. Those are the two ends of the 'affordability' vs. 'implementation speed' continuum. Tactically, can I afford to do IPv6? No; and it's mostly a labor issue, even though hardware and software upgrades must be purchased. Tactically, can I afford to not do IPv6? Yes. The cost of not implementing in the tactical short-term is not yet enough to offset the cost of implementing, although both costs go up the longer the delay is. Strategically, can I afford to do IPv6? Hopefully, but it might require some creative budgeting (hmm, IPv6, or replace the batteries in the UPS's). Strategically, can I afford to not do IPv6? Of course not; my strategic plan must involve IPv6 in some way; it's been in the strategic plan for a while, now, in both Porsche and Volkswagen editions (flat 6 vs flat 4...sorry for the arcane pun). But I've got to keep my fiscal head above water before I can implement the strategic plan, otherwise there won't be a strategic plan or even a need for a strategic plan.
Re: Useful URL for network operators
On Tuesday 30 March 2010 05:34:06 am Jim Mercer wrote: he is invading other lists as well, looks like he is trying to become a net.kook. Kibo did it with more taste.
Re: 192.0.0.0/24
On 29 Mar 2010, at 11:17, Lou Katz wrote: We recently were told to contact a client (via ftp) at 192.0.0.201. IANA lists this as Special Use, but refers to RFC 3330 for additional information. http://www.rfc-editor.org/rfc/rfc3330.txt;. This RFC says that it might be assigned in the future. RFC 3330 was obsoleted with the publication of RFC 5735. I thought I'd updated all the references we made to RFC 3330 but if I've missed one I'd be grateful if you could point me to it. So, did the folks who sent us the IP address fat-finger, or has this been assigned? There does not appear to be any route to it. 192.0.0.0/24 is used for the IANA IPv4 Special Purpose Address Registry: http://www.iana.org/assignments/iana-ipv4-special-registry/iana-ipv4-special-registry.xhtml No assignments have been made yet but I'd strongly advise people not to use addresses in this range as a substitute for the space reserved in RFC 1918. It's likely to cause operational problems at some point in the future. Regards, Leo Vegoda
Internet Society IPv6 Workshop
The Internet Society is hosting an IPv6 Deployment Day on April 22 in Seattle, Washington. The meeting is intended for operators who have deployed, are deploying, or are planning to deploy IPv6 in their networks. The proposed topics include business related issues for IPv6 deployment, discussion of pitfalls in IPv6 deployment, and specific technical issues due to IPv6 deployment that potentially affect the whole Internet. This is an open meeting and all are welcome, but space is limited so you will need to register: https://www.isoc.org/isoc/conferences/registration/?id=7ce20e4c88b7e328. If you have any questions please feel free to contact me, Phil Roberts (robe...@isoc.org), or Mat Ford (f...@isoc.org).
RE: Auto MDI/MDI-X + conference rooms + bored == loop
I had a similar issue in which someone had accidentally looked a Cisco VoIP phone back into the network. However, I found it strange how often this would occur and eventually came across this field notice that might apply to others on the list: http://www.cisco.com/en/US/ts/fn/610/fn61863.html Problem Description Disconnecting power from a locally powered Cisco IP Phone connected to a non-Power Over Ethernet (POE) Cisco switch may expose the customer's network to loop back storms that destabalize the virtual local area network (VLAN). This exposure can be mitigated by configuring the switches with automatic loop detection and port recovery. Notes indicate this normally applies onto to 10Mb connections, but that there have been reported cases on a 100Mbit network when the VoIP phone is connected to a highly sensitive uplink switch. Trey signature.asc Description: This is a digitally signed message part
Disable IPv4 routing for routing-instance?
Hello list, Junos provice a method to disable isis ipv4 routing support like this: isis { no-ipv4-routing; } However,we want to disable ipv4 routing for an VRF like that,is there any method for us to do so? Thanks a lot.
Re: 192.0.0.0/24
At 8:24 -0700 3/30/10, Leo Vegoda wrote: 192.0.0.0/24 is used for the IANA IPv4 Special Purpose Address Registry: For the record, there's an RFC dedicated to that range (which Leo co-edited): http://www.rfc-editor.org/in-notes/rfc5736.txt -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis NeuStarYou can leave a voice message at +1-571-434-5468 New pithy statement under construction...
Hotmail/MSN/Live.com Abuse contact
As I have not been contacted after filling out the web form and any mail I try and send to ab...@hotmail.com or postmas...@live.com is being blocked can someone in the Abuse department contact me at ab...@rhemasound.org Thanks. Sorry about making noise on the list but all other attempts have failed. -- -- Brian Raaen Network Engineer
Re: [Fwd: [members-discuss] [ncc-announce] RIPE NCC Position On The ITU IPv6 Group]
You can speak for yourself :) Some of us are watching the lists on the appropriate mailing list(s) hosted by the US State Department. I know I facilitated a few people joining them. - Jared On Mar 30, 2010, at 7:50 PM, Martin Hannigan wrote: None. On 3/11/10, Eric Brunner-Williams brun...@nic-naa.net wrote: What NANOG contributors, if any, are invited by a government, to join their national delegation to the initial meeting of the ITU's IPv6 Group in Geneva next week? -- Sent from my mobile device Martin Hannigan mar...@theicelandguy.com p: +16178216079 Power, Network, and Costs Consulting for Iceland Datacenters and Occupants
Re: [Fwd: [members-discuss] [ncc-announce] RIPE NCC Position On The ITU IPv6 Group]
There were a few representatives of the Internet community at the meeting. All five RIRs were represented, as was ISOC. The notable absence was ICANN. Of course, this sample is by no means representative of the entire community, but it's more than None. On Tue, Mar 30, 2010 at 7:50 PM, Martin Hannigan mar...@theicelandguy.com wrote: None. On 3/11/10, Eric Brunner-Williams brun...@nic-naa.net wrote: What NANOG contributors, if any, are invited by a government, to join their national delegation to the initial meeting of the ITU's IPv6 Group in Geneva next week? -- Sent from my mobile device Martin Hannigan mar...@theicelandguy.com p: +16178216079 Power, Network, and Costs Consulting for Iceland Datacenters and Occupants
Re: [Fwd: [members-discuss] [ncc-announce] RIPE NCC Position On The ITU IPv6 Group]
Well, actually, ICANN was in Geneva specifically for the meeting, but we weren't allowed into the room. Quite annoying, actually. Regards, -drc On Mar 30, 2010, at 2:05 PM, Richard Barnes wrote: There were a few representatives of the Internet community at the meeting. All five RIRs were represented, as was ISOC. The notable absence was ICANN. Of course, this sample is by no means representative of the entire community, but it's more than None. On Tue, Mar 30, 2010 at 7:50 PM, Martin Hannigan mar...@theicelandguy.com wrote: None. On 3/11/10, Eric Brunner-Williams brun...@nic-naa.net wrote: What NANOG contributors, if any, are invited by a government, to join their national delegation to the initial meeting of the ITU's IPv6 Group in Geneva next week? -- Sent from my mobile device Martin Hannigan mar...@theicelandguy.com p: +16178216079 Power, Network, and Costs Consulting for Iceland Datacenters and Occupants
Re: [Fwd: [members-discuss] [ncc-announce] RIPE NCC Position On The ITU IPv6 Group]
Eric asked who was invited by a government to join a delegation. I think that the ITU invited the RIR's. Jared. Mailing lists don't count :) Best, Marty On 3/30/10, Richard Barnes richard.bar...@gmail.com wrote: There were a few representatives of the Internet community at the meeting. All five RIRs were represented, as was ISOC. The notable absence was ICANN. Of course, this sample is by no means representative of the entire community, but it's more than None. On Tue, Mar 30, 2010 at 7:50 PM, Martin Hannigan mar...@theicelandguy.com wrote: None. On 3/11/10, Eric Brunner-Williams brun...@nic-naa.net wrote: What NANOG contributors, if any, are invited by a government, to join their national delegation to the initial meeting of the ITU's IPv6 Group in Geneva next week? -- Sent from my mobile device Martin Hannigan mar...@theicelandguy.com p: +16178216079 Power, Network, and Costs Consulting for Iceland Datacenters and Occupants -- Martin Hannigan mar...@theicelandguy.com p: +16178216079 Power, Network, and Costs Consulting for Iceland Datacenters and Occupants
Re: [Fwd: [members-discuss] [ncc-announce] RIPE NCC Position On The ITU IPv6 Group]
On Mar 30, 2010, at 8:25 PM, Martin Hannigan wrote: Eric asked who was invited by a government to join a delegation. I think that the ITU invited the RIR's. Jared. Mailing lists don't count :) When the invitation goes out to the list membership saying Who is going to be at X and needs creds/whatnot that certainly counts. Sorry you don't see it that way. - Jared
Re: [Fwd: [members-discuss] [ncc-announce] RIPE NCC Position On The ITU IPv6 Group]
On Tue, 30 Mar 2010, Jared Mauch wrote: You can speak for yourself :) Some of us are watching the lists on the appropriate mailing list(s) hosted by the US State Department. I know I facilitated a few people joining them. Yep, I would agree that the Internet technical community, as they like to pigeonhole us, were well-represented at the meeting, and in the process running up to the meeting. -Bill
Re: [Fwd: [members-discuss] [ncc-announce] RIPE NCC Position On The ITU IPv6 Group]
I'm not disagreeing. But see DRC's comment. Best, -M On 3/30/10, Jared Mauch ja...@puck.nether.net wrote: On Mar 30, 2010, at 8:25 PM, Martin Hannigan wrote: Eric asked who was invited by a government to join a delegation. I think that the ITU invited the RIR's. Jared. Mailing lists don't count :) When the invitation goes out to the list membership saying Who is going to be at X and needs creds/whatnot that certainly counts. Sorry you don't see it that way. - Jared -- Martin Hannigan mar...@theicelandguy.com p: +16178216079 Power, Network, and Costs Consulting for Iceland Datacenters and Occupants
Re: Finding content in your job title
On Tue, Mar 30, 2010 at 11:14:52PM -0400, Steve Bertrand wrote: Hi all, This is perhaps a rather silly question, but one that I'd like to have answered. I'm young in the game, and over the years I've imagined numerous job titles that should go on my business card. They went from cool, to high-priority, to plain unimaginable. Now, after 10 years, I reflect back on what I've done, and what I do now. To me, if a business is loose-knit with no clear job descriptions or titles (ie. too small to have CXO etc), I feel that a business card should reflect what one feels is the primary job responsibility, or what they do the most (or love the most). For instance, I like to present myself as a 'network engineer'. I have never taken formal education, don't hold any certifications (well, since 2001), and can't necessarily prove my worth. How does the ops community feel about using this designation? Is it intrusive or offensive to those who hold real engineering degrees? I'm content with 'network manager', given that I still do perform (in my sleep) numerous system tasks and have to sometimes deal with front-line helpdesk stuff. Instead of acting like I'm trying to sell myself out, I'll leave out what I actually do and ask those who sig themselves with 'network engineer' what they do day-to-day to acquire that title, and if they feel comfortable with having it. Steve well, there are communities which use the term engineer as a term of art adn frown on this group co-opting the term network enginer ... maybe you really don't want to go there (even if it is what you do). I've used memorable terms in the past, gadfly, plumber, chief bottle-washer, and have seen goddess, evangelist, and more. --bill
Re: BGP Update Report
It's not just AS_PATH, a lot of the reason so many duplicate updates occur (nearly 50% of all updates at times, and often more during the busiest times) is because on the other end implementations don't keep egress advertisement state per attribute (e.g., if cluster_list length just triggered an internal transition then a new update is sent to external peers with no new information because the determining internal attributes are stripped before transmitting the new update), yet those *prefixes* might well be suppressed as a result of the implementation and/or network architecture on the other end of the BGP connection. Then you couple what Joe was pointing out, where intermediate nodes with consistently unstable links or paths result in penalizing an entire prefix, not just the unstable paths, and it makes for more brokenness than benefit when route flap damping is employed. It's not that people haven't studied and understand why this occurs, the issue is that implementation optimizations seem to always win out today over systemic state effects (i.e., that be conservative in what you send thing doesn't seem to apply in practice, unfortunately). might some of this be that the implementations use router-id to fill in an unconfigured rr cluster-id? randy
Re: Finding content in your job title
On 31/03/2010, at 4:26 PM, Steve Bertrand wrote: On 2010.03.30 23:20, Jorge Amodio wrote: I'd say that probably around here for those like me that have been in operations/engineering management positions we don't give a squat about what title your biz card says you have, your actions and performance speak by themselves. There are no kings around here so titles most of the time are worthless. By asking what title may impress others is sort of a -1 to start. It isn't about impression. I'd put 'janitor' on my business card for all I really care. I'm pretty sure Jonny Martin was Chief Internet Janitor in his previous role. He cleaned the tubes so the sewage could flow. -- Nathan Ward
Re: Finding content in your job title
On 2010.03.30 23:22, bmann...@vacation.karoshi.com wrote: On Tue, Mar 30, 2010 at 11:14:52PM -0400, Steve Bertrand wrote: Hi all, This is perhaps a rather silly question, but one that I'd like to have answered. I'm young in the game, and over the years I've imagined numerous job titles that should go on my business card. They went from cool, to high-priority, to plain unimaginable. Now, after 10 years, I reflect back on what I've done, and what I do now. To me, if a business is loose-knit with no clear job descriptions or titles (ie. too small to have CXO etc), I feel that a business card should reflect what one feels is the primary job responsibility, or what they do the most (or love the most). For instance, I like to present myself as a 'network engineer'. I have never taken formal education, don't hold any certifications (well, since 2001), and can't necessarily prove my worth. How does the ops community feel about using this designation? Is it intrusive or offensive to those who hold real engineering degrees? I'm content with 'network manager', given that I still do perform (in my sleep) numerous system tasks and have to sometimes deal with front-line helpdesk stuff. Instead of acting like I'm trying to sell myself out, I'll leave out what I actually do and ask those who sig themselves with 'network engineer' what they do day-to-day to acquire that title, and if they feel comfortable with having it. Steve well, there are communities which use the term engineer as a term of art adn frown on this group co-opting the term network enginer ... maybe you really don't want to go there (even if it is what you do). I've used memorable terms in the past, gadfly, plumber, chief bottle-washer, and have seen goddess, evangelist, and more. heh. Plumber is good. Electrician would be better considering I'm about 120 hours away from writing my resi ticket ;) I did not mean to initiate a thread that turns into a joke. I'm quite serious. I guess I'm curious to get an understanding from others who work in a small environment that have no choice but to 'classify' themselves. Steve
Re: Finding content in your job title
Ok, let see. In several countries the use of the title engineer applies to people that achieved a certain technical degree, I'm not sure that applies uniformly but in Latin America using the engineer title without having achieved that degree is illegal. In other places such Italy it does not only require that you completed the technical degree, you also must achieve certain level of certifications. Here in the US there are some particular type of engineers for which the title is regulated, for example civil engineer. The IEEE says: The title, Engineer, and its derivatives should be reserved for those individuals whose education and experience qualify them to practice in a manner that protects public safety. Strict use of the title serves the interest of both the IEEE-USA and the public by providing a recognized designation by which those qualified to practice engineering may be identified. The education and experience needed for the title, Engineer, is evidenced by - Graduation with an Engineering degree from an ABET/EAC accredited program of engineering (or equivalent*), coupled with sufficient experience in the field in which the term, Engineer, is used; and/or - Licensure by any jurisdiction as a Professional Engineer. - A degree from a foreign institution (or the total education when one person holds a graduate degree in engineering but no accredited B.S. in engineering) can be evaluated through a service offered by ABET. Not sure if there similar regulations that apply in Canada. My .02 Jorge On Tue, Mar 30, 2010 at 10:26 PM, Steve Bertrand st...@ibctech.ca wrote: On 2010.03.30 23:20, Jorge Amodio wrote: I'd say that probably around here for those like me that have been in operations/engineering management positions we don't give a squat about what title your biz card says you have, your actions and performance speak by themselves. There are no kings around here so titles most of the time are worthless. By asking what title may impress others is sort of a -1 to start. It isn't about impression. I'd put 'janitor' on my business card for all I really care. I know what I love to do, and I know what I am great at. 10 years in the industry now. The only person who I try to impress is myself... by staying current on BCP and better ways to do things. My curiosity has the best of me, so I am looking for opinions. You have one ;) Those who know me know what I can do, and in reality, that is all I care about. I'm not out to impress anyone. I just want to be a good netizen like the rest. Impression isn't what I'm after. What I'm curious about is the potential over-use of the term 'engineer'. Cheers, Steve
Re: Finding content in your job title
On 2010.03.30 23:34, Jorge Amodio wrote: Ok, let see. In several countries the use of the title engineer applies to people that achieved a certain technical degree, I'm not sure that applies uniformly but in Latin America using the engineer title without having achieved that degree is illegal. In other places such Italy it does not only require that you completed the technical degree, you also must achieve certain level of certifications. Here in the US there are some particular type of engineers for which the title is regulated, for example civil engineer. The IEEE says: The title, Engineer, and its derivatives should be reserved for those individuals whose education and experience qualify them to practice in a manner that protects public safety. Strict use of the title serves the interest of both the IEEE-USA and the public by providing a recognized designation by which those qualified to practice engineering may be identified. The education and experience needed for the title, Engineer, is evidenced by - Graduation with an Engineering degree from an ABET/EAC accredited program of engineering (or equivalent*), coupled with sufficient experience in the field in which the term, Engineer, is used; and/or - Licensure by any jurisdiction as a Professional Engineer. - A degree from a foreign institution (or the total education when one person holds a graduate degree in engineering but no accredited B.S. in engineering) can be evaluated through a service offered by ABET. Not sure if there similar regulations that apply in Canada. Cheers Jorge, This is pretty much what I was after. Thanks for digging it up for me. Steve
Re: Finding content in your job title
On Mar 30, 2010, at 11:33 PM, Steve Bertrand wrote: I did not mean to initiate a thread that turns into a joke. I'm quite serious. I guess I'm curious to get an understanding from others who work in a small environment that have no choice but to 'classify' themselves. Unless we're talking about converting hydrocarbons to heat/energy or driving trains, the term Engineer is over-applied. To borrow an old phrase, What's in a Title? -Tk
Posting from freebie E-mail Accounts
Is there anyone here who is legitimate using a freebie webmail account? I am proposing that the NANOG administration drop everything originating from commonly used webmail providers, and add further RHS filters as additional providers are identified as problems. Andrew
Re: Finding content in your job title
Steve Bertrand wrote: I did not mean to initiate a thread that turns into a joke. I'm quite serious. I guess I'm curious to get an understanding from others who work in a small environment that have no choice but to 'classify' themselves. When I was in a similar role and situation to yourself my cards said network manager. These days, working in an organisation big enough to restructure weekly, I removed the title from my business cards - now I have a blank space where I can write one in if I really *need* it. But mostly I don't. aj
Re: Finding content in your job title
that's right Steve, as I said before, what you do and how you do it, and in particular what do you contribute to the networking community will speak much better of yourself than any title you can imagine. Do you think that folks like Tim Berners-Lee, Vint Cerf, Jon Postel, etc, etc, need a title ? Focus on the substance not on the appearance. J The feedback that I've received off-list has led me to believe that I just need to scratch the title, and have my name and number. Who cares what I do. Those who want to call/email me will have a purpose for doing so anyway ;) Steve
Re: Finding content in your job title
On 3/30/2010 22:35, Steve Bertrand wrote: The feedback that I've received off-list has led me to believe that I just need to scratch the title, and have my name and number. Who cares what I do. Those who want to call/email me will have a purpose for doing so anyway ;) Post University I identify myself by name, three phone numbers and email address. Ifv I still carried a pager, its number might have been there, although when I last carried a pager, the telephone system we had would page me if somebody left a message. -- Democracy: Three wolves and a sheep voting on the dinner menu. Requiescas in pace o email Ex turpi causa non oritur actio Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs http://tinyurl.com/7tp8ml
Re: Finding content in your job title
On Mar 30, 2010, at 11:34 PM, Jorge Amodio wrote: The title, Engineer, and its derivatives should be reserved for those individuals whose education and experience qualify them to practice in a manner that protects public safety. Strict use of the title serves ...fortunately for us (and CCIE's around the globe) running the Internet doesn't involve much public trust. Does it? In a few states in the US, working for the same engineering firm for some number of years (usually 6 or more) counts similarly as passing a state-administered professional engineering exam. It would be with some significant precedent, then, that a job or other professional experience does indeed equate to state-sponsored public trust. So, back to Steve's first question: How does the ops community feel about using this designation? If you've been doing it for a while, and not been chased out, I would argue there is ample precedent to support don'ing the title. I guess the sticky-bits here include, potentially, a derth of colleges and graduate study calling itself network engineering. Failing that, perhaps nanog-l could take a vote: Does Steve deserve the title of Network Train Driver, list? -Tk
Re: Posting from freebie E-mail Accounts
On Mar 30, 2010, at 11:42 PM, Andrew D Kirch wrote: Is there anyone here who is legitimate using a freebie webmail account? I'm implicitly legit; further, gmail auto-threads all of the run-on posts automatically (much unlike mail.app, outlook 2k8, etc). What's the beef? -Tk
Re: Posting from freebie E-mail Accounts
On 3/30/2010 22:42, Andrew D Kirch wrote: Is there anyone here who is legitimate using a freebie webmail account? I am proposing that the NANOG administration drop everything originating from commonly used webmail providers, and add further RHS filters as additional providers are identified as problems. I have mixed feelings--I use a gmail account for some things. As a moderator on other lists, I'm more comfortable with taking a quick hammer to miscreants with any debate off line. -- Democracy: Three wolves and a sheep voting on the dinner menu. Requiescas in pace o email Ex turpi causa non oritur actio Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs http://tinyurl.com/7tp8ml
Re: Finding content in your job title
On 3/30/2010 22:44, Alastair Johnson wrote: Steve Bertrand wrote: I did not mean to initiate a thread that turns into a joke. I'm quite serious. I guess I'm curious to get an understanding from others who work in a small environment that have no choice but to 'classify' themselves. When I was in a similar role and situation to yourself my cards said network manager. These days, working in an organisation big enough to restructure weekly, I removed the title from my business cards - now I have a blank space where I can write one in if I really *need* it. But mostly I don't. I've done that--the most useful information (IMHO) is connector (telno or email) and reason why they want to contact me. -- Democracy: Three wolves and a sheep voting on the dinner menu. Requiescas in pace o email Ex turpi causa non oritur actio Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs http://tinyurl.com/7tp8ml
Re: Posting from freebie E-mail Accounts
I'm betting more then a few of use free mail accts to keep this separate from our work mail. If your really having that much issue, config your mail server to drop it yourself or unsub Seriously -jim yes posted from gmail acct. On Wed, Mar 31, 2010 at 12:42 AM, Andrew D Kirch trel...@trelane.net wrote: Is there anyone here who is legitimate using a freebie webmail account? I am proposing that the NANOG administration drop everything originating from commonly used webmail providers, and add further RHS filters as additional providers are identified as problems. Andrew
Re: Posting from freebie E-mail Accounts
On Wed, March 31, 2010 4:42 pm, Andrew D Kirch wrote: Is there anyone here who is legitimate using a freebie webmail account? I am proposing that the NANOG administration drop everything originating from commonly used webmail providers, and add further RHS filters as additional providers are identified as problems. I've found that most folks administering mailing lists tend to advocate that folks use a personal email address on them, not a professional one, as it tends to free the list from a glut of 'Out of Office' notices, rediculously long disclaimer footers, and other such things; this seems particularly relevant for NANOG. With that in mind and noting a goodly number of folks using gmail, among others, i'm not sure the cost:benefit would be there? There's other ways to moderate content on a mailing list
Re: Posting from freebie E-mail Accounts
I keep all of my mailing list stuff in gmail. I suppose I could move it, but this list has so little trouble (unless gmail is doing a fantastic job of shielding me) that I don't see the point. On Tue, Mar 30, 2010 at 10:42 PM, Andrew D Kirch trel...@trelane.netwrote: Is there anyone here who is legitimate using a freebie webmail account? I am proposing that the NANOG administration drop everything originating from commonly used webmail providers, and add further RHS filters as additional providers are identified as problems. Andrew -- mailto:n...@layer3arts.com // GoogleTalk: nrauhau...@gmail.com GV: 202-642-1717
Re: Finding content in your job title
On 2010.03.30 23:47, Jorge Amodio wrote: that's right Steve, as I said before, what you do and how you do it, and in particular what do you contribute to the networking community will speak much better of yourself than any title you can imagine. Do you think that folks like Tim Berners-Lee, Vint Cerf, Jon Postel, etc, etc, need a title ? Focus on the substance not on the appearance. grazie, I capire. My post was two fold... and I received a *lot* of off-list feedback that I'll have to respond to tomorrow. Generally, I know that a title isn't relevant, especially in the small little area that I'm in. I was just very curious, as it came up in discussion today. I like to think that I do everything possible to do my part. To be honest, I have as much or more interest in protecting other ASs than I do our own clients (shhh ;) Thanks very much Jorge. Although this was a fast-paced thread that was very entertaining, you've enlightened me. Cheers, Steve -- new sig - stevieb - senior master of disaster - wrongly null-routing client bgp communities, and allowing x-vlan sniffing since 1998
Re: Posting from freebie E-mail Accounts
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, Mar 30, 2010 at 9:00 PM, jim deleskie deles...@gmail.com wrote: I'm betting more then a few of use free mail accts to keep this separate from our work mail. If your really having that much issue, config your mail server to drop it yourself or unsub Seriously -jim yes posted from gmail acct. Ditto. - - ferg -BEGIN PGP SIGNATURE- Version: PGP Desktop 9.5.3 (Build 5003) wj8DBQFLssujq1pz9mNUZTMRAjWSAJ4hkP0RWOVcd3I1gKz1yns46oVNIQCg1Mgo vSQUjEXmqmQBfraDy+gfsgw= =W1My -END PGP SIGNATURE- -- Fergie, a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/
Re: Finding content in your job title
On 2010.03.30 23:50, Anton Kapela wrote: On Mar 30, 2010, at 11:34 PM, Jorge Amodio wrote: The title, Engineer, and its derivatives should be reserved for those individuals whose education and experience qualify them to practice in a manner that protects public safety. Strict use of the title serves ...fortunately for us (and CCIE's around the globe) running the Internet doesn't involve much public trust. Does it? In a few states in the US, working for the same engineering firm for some number of years (usually 6 or more) counts similarly as passing a state-administered professional engineering exam. It would be with some significant precedent, then, that a job or other professional experience does indeed equate to state-sponsored public trust. So, back to Steve's first question: How does the ops community feel about using this designation? If you've been doing it for a while, and not been chased out, I would argue there is ample precedent to support don'ing the title. I guess the sticky-bits here include, potentially, a derth of colleges and graduate study calling itself network engineering. Failing that, perhaps nanog-l could take a vote: Does Steve deserve the title of Network Train Driver, list? Not acceptable. I do not want this. I read and review messages and documents from people who have *much* more experience than I do every single day, and whom I respect to the n'th degree. This isn't a vote count. I am _not_ an engineer, and do not need or desire the title. Thanks anyway though ;) Steve
Re: Posting from freebie E-mail Accounts
Andrew D Kirch wrote: Is there anyone here who is legitimate using a freebie webmail account? I am proposing that the NANOG administration drop everything originating from commonly used webmail providers, and add further RHS filters as additional providers are identified as problems. Andrew Ok, point made. Andrew
Re: Posting from freebie E-mail Accounts
I use gmail for all mailing lists. It's easier for me to organize my work flow and catch up on threads on my BB when I have a spare idle moment. On 3/31/10, neal rauhauser nrauhau...@gmail.com wrote: I keep all of my mailing list stuff in gmail. I suppose I could move it, but this list has so little trouble (unless gmail is doing a fantastic job of shielding me) that I don't see the point. On Tue, Mar 30, 2010 at 10:42 PM, Andrew D Kirch trel...@trelane.netwrote: Is there anyone here who is legitimate using a freebie webmail account? I am proposing that the NANOG administration drop everything originating from commonly used webmail providers, and add further RHS filters as additional providers are identified as problems. Andrew -- mailto:n...@layer3arts.com // GoogleTalk: nrauhau...@gmail.com GV: 202-642-1717
Re: Posting from freebie E-mail Accounts
On 2010.03.30 23:42, Andrew D Kirch wrote: I am proposing that the NANOG administration drop everything originating from commonly used webmail providers, I oppose this proposal. There are very legitimate (and legal) reasons why people may want to post to an operational list, using an address that can not tie them to the location or business that they are posting from. This list does not see much spam (or at least I don't). That said, let the list maintainers decide. Steve
Re: Finding content in your job title
On Tue, Mar 30, 2010 at 10:20:25PM -0500, Jorge Amodio said: I'd say that probably around here for those like me that have been in operations/engineering management positions we don't give a squat about what title your biz card says you have, your actions and performance speak by themselves. There are no kings around here so titles most of the time are worthless. By asking what title may impress others is sort of a -1 to start. But you are wrong. Titles do speak and impress just not how you might expect. Having a 'jokey' title signifies to other equally free-to-operate-within-the-org people that you have the necessary freedom to act outside the standard procedures when required. If you get away with chief evangelist (as Mike Shaver had for a while at mozilla), not to mention his other card which was international incident (possibly referring to a crypto export situation?), you obviously have some independent (freedom from?) authority and autonomy. I managed to have Grizzled Internet Prospector on my card for a while at my previous firm. It was as accurate as anything else I could put and indicated to my peers that I was actually, well, an owner, eschewing a stuffy CEO or COO title. (I had other sub companies with stuffy titles on them in case someone outside the clued area needed to be placated.) Another friend had minister of fear as his title at a network security firm. At an exodus sponsored event which featured both Sun's XML accelerator platform (?) and Bruce Schneier (the main attraction), he was originally banned due to his joke title. The local industry slapped back through the clued peoples' oldboys-n-girls network, and they backpedalled and he was admitted at the last minute. It bit the exodus event organizer in the ass hard, and had her eating crow for him in front of 30 of his peers at the event, and handing over a free signed copy of Schneier's book. He really gained notoriety and street cred from the situation, as silly as it was. Besting the established order is worth something in most circles, still. (Google anyone?) She obviously didnt understand the new business rules in effect: the jokey title signified that titles didnt matter, reputation and ability did. Being able to have a joke title indicates you dont need a real one. And so they're important in a reverse-psychology kind of way :) /kc (grizzled tube plumber) Cheers Jorge On Tue, Mar 30, 2010 at 10:14 PM, Steve Bertrand st...@ibctech.ca wrote: Hi all, This is perhaps a rather silly question, but one that I'd like to have answered. I'm young in the game, and over the years I've imagined numerous job titles that should go on my business card. They went from cool, to high-priority, to plain unimaginable. Now, after 10 years, I reflect back on what I've done, and what I do now. To me, if a business is loose-knit with no clear job descriptions or titles (ie. too small to have CXO etc), I feel that a business card should reflect what one feels is the primary job responsibility, or what they do the most (or love the most). For instance, I like to present myself as a 'network engineer'. I have never taken formal education, don't hold any certifications (well, since 2001), and can't necessarily prove my worth. How does the ops community feel about using this designation? Is it intrusive or offensive to those who hold real engineering degrees? I'm content with 'network manager', given that I still do perform (in my sleep) numerous system tasks and have to sometimes deal with front-line helpdesk stuff. Instead of acting like I'm trying to sell myself out, I'll leave out what I actually do and ask those who sig themselves with 'network engineer' what they do day-to-day to acquire that title, and if they feel comfortable with having it. Steve -- Ken Chase - k...@heavycomputing.ca - +1 416 897 6284 - Toronto CANADA Heavy Computing - Clued bandwidth, colocation and managed linux VPS @151 Front St. W.
Re: Finding content in your job title
Steve Bertrand wrote: Not acceptable. I do not want this. I read and review messages and documents from people who have *much* more experience than I do every single day, and whom I respect to the n'th degree. This isn't a vote count. I am _not_ an engineer, and do not need or desire the title. Thanks anyway though ;) Steve Back at IBM ('64 to '71) we were officially called Customer Engineer. When the 'System 360' was released, it was changed to Field Engineer.s --Michael
RE: Finding content in your job title
What I find most amusing in the field of networking is the terms and titles various companies place upon them. Titles like Infrastructure specialist, Network analyst, and Senior Specialist often have me giggling as to the real meaning/position in a job posting. I think the funniest postings I see are the ones where obviously someone in a HR role posts the position and lumps together different aspects of the role trying to be filled, such as Cisco MS Exchange expert or Firewall SQL Expert. Needless to say those are not titles I would be boasting about or would care to advertise. In short the last business card I handed out simply had the title MIS Dept. Its hard enough to explain some of the aspects of network engineering to my wife let alone a description of such on a business card. On one occasion my mother in law asked if I could get a discount on large amounts of food, I asked why she thought I could do such and her reply was well you work with Sysco, a food services company. Needless to say it took a bit of time to explain that sysco was not cisco. Perhaps a brief description on the back of the card? Lol... Regards. -Joe
Re: BGP Update Report
On Mar 30, 2010, at 9:30 PM, Randy Bush wrote: might some of this be that the implementations use router-id to fill in an unconfigured rr cluster-id? Yep! So intermediate nodes in an iBGP topology with varying cluster IDs per RR with a common client set can certainly result in duplicate eBGP updates (not to mention lots of *useless* adj-RIB-In memory on those RRs for storing routes that are completely useless and would otherwise be discarded). That said, even with common cluster IDs within a client set, and even a single level (or completely flat) iBGP hierarchy, coupled with any jitter, variable propagation delay along a path, asymmetric or not, depending on transport connection dynamics, or variance in update arrival rates, and BGP speaker MRAI interactions with each, all can result in these duplicate updates at egress, and subsequent suppression via flap damping if employed. And, of course, this is compounded by external interconnection denseness on ingress and even non-adjacent downstream ASNs. I.e., there's room for protocol, implementation, and network architecture variables here, and operators should expressly factor systemic effects of each in their operating environment - they can have considerable impact. -danny
Re: Posting from freebie E-mail Accounts
On Wed, 31 Mar 2010, Steve Bertrand wrote: On 2010.03.30 23:42, Andrew D Kirch wrote: I am proposing that the NANOG administration drop everything originating from commonly used webmail providers, I oppose this proposal. There are very legitimate (and legal) reasons why people may want to post to an operational list, using an address that can not tie them to the location or business that they are posting from. This list does not see much spam (or at least I don't). That said, let the list maintainers decide. I would much prefer if EVERYBODY used freebie email accounts as opposed to their corporate ones, as this would make it more likely that they would quote correctly and we would get less silly legal disclaimers and out of office messages. I don't use my work account for any mailing lists because it's totally useless for that purpose. I also will participate in these mailing lists regardless of my employer, thus I never understood why someone would want to post from their corporate accounts. -- Mikael Abrahamssonemail: swm...@swm.pp.se
Re: Posting from freebie E-mail Accounts
On 3/30/10 10:41 PM, Mikael Abrahamsson wrote: I would much prefer if EVERYBODY used freebie email accounts as opposed to their corporate ones, as this would make it more likely that they would quote correctly and we would get less silly legal disclaimers and out of office messages. I don't use my work account for any mailing lists because it's totally useless for that purpose. I also will participate in these mailing lists regardless of my employer, thus I never understood why someone would want to post from their corporate accounts. That's an exact opposite of silly from the OP's request; my corporate account works just fine. ~Seth