Re: AS6453 (Tata/Teleglobe/Globe Internet?) - various US ISP Outage?
Anyone else seeing problems reaching ATT/XO possibly others from AS6453 in Europe? Seems to work okay from Norway: traceroute to 140.239.191.10 (140.239.191.10), 64 hops max, 40 byte packets 1 ge0-0-0-3000.br1.fn3.no.catchbone.net (193.75.4.1) 0.165 ms 0.179 ms 0.235 ms 2 if-6-0-0.core2.OS1-Oslo.as6453.net (80.231.89.13) 0.357 ms 0.222 ms 0.237 ms 3 if-5-0-0.core1.AD1-Amsterdam.as6453.net (80.231.80.33) 25.598 ms 25.583 ms 25.605 ms 4 if-0-0.core2.AD1-Amsterdam.as6453.net (80.231.80.14) 25.710 ms 25.570 ms 25.598 ms 5 if-15-0-0.core3.NTO-NewYork.as6453.net (80.231.81.46) 147.779 ms 111.782 ms 111.807 ms 6 63.243.186.66 (63.243.186.66) 121.642 ms * 115.188 ms 7 ix-2-12.icore1.NTO-NewYork.as6453.net (209.58.26.70) 104.279 ms 103.886 ms 142.532 ms 8 vb2001.rar3.washington-dc.us.xo.net (207.88.13.50) 119.407 ms 130.336 ms 119.065 ms 9 te-3-0-0.rar3.atlanta-ga.us.xo.net (207.88.12.9) 172.006 ms 171.869 ms 171.997 ms 10 te-3-0-0.rar3.dallas-tx.us.xo.net (207.88.12.2) 172.136 ms 172.233 ms 172.256 ms 11 vb12.rar3.la-ca.us.xo.net (207.88.12.46) 171.863 ms 172.112 ms 171.890 ms 12 ae0d0.mcr1.la-ca.us.xo.net (216.156.0.114) 171.490 ms 171.477 ms 171.505 ms 13 207.88.81.198.ptr.us.xo.net (207.88.81.198) 173.491 ms 256.940 ms 173.369 ms 14 ip65-47-242-10.z242-47-65.customer.algx.net (65.47.242.10) 179.122 ms 179.613 ms 179.397 ms 15 140-239-191-10.dsis.net (140.239.191.10) 188.329 ms 192.338 ms 188.615 ms Steinar Haug, Nethelp consulting, sth...@nethelp.no
Network management software with high detailed traffic report
Does any one know the NMS (network management software) which can do the fallowing: 1. Monitor on Cisco Routers/Switches interface utilization every 5-10 seconds and send e-mail alarm when utilization low or high of predefined thresholds. 2. Collect net-flow statistics (at least src/dst) with granularity of 5-10- seconds. The main idea is to have detailed monitoring of the external links and to be able to know why (by what traffic type) and when link was highly utilized. Existing flow-collector can store netflow reports only with 1 minute granularity but we need 5-10 second. As about e-mail alarms - now I do it by embedded event manager on the router. But I think it would be better to use external SNMP software for that. As about detailed to 5-10 second netflow statistics there are 2 ways. 1st - Use port mirror and use some software which can analyze captured traffic and made a good reports. Do you know such software? 2nd - Use SNMP or telnet/ssh for access to the router/switch every 5-10 seconds and catch netflow counters. Do you now such software? thanks in advance for you help.
Re: Network management software with high detailed traffic report
Does any one know the NMS (network management software) which can do the fallowing: 1. Monitor on Cisco Routers/Switches interface utilization every 5-10 seconds and send e-mail alarm when utilization low or high of predefined thresholds. 2. Collect net-flow statistics (at least src/dst) with granularity of 5-10- seconds. The main idea is to have detailed monitoring of the external links and to be able to know why (by what traffic type) and when link was highly utilized. Your requirements are somewhat unrealistic. Even if your NMS can fetch SNMP counters / Netflow info every 5-10 seconds, you have no guarantee that the router *updates* the counters / Netflow info this often. Talk to your router vendor first. Steinar Haug, Nethelp consulting, sth...@nethelp.no
XO/AS2828 - Cogent/AS174 blackholing
Hi list, I'm seeing blackholing on my inbound traffic from XO and their downstreams (notably CNN) via Cogent. Prepending towards Cogent changes my inbound path from 2828 174 39029 to 2828 3549 3292 39029 and it works fine, even though the outbound path is still via Cogent: t...@cr3 traceroute 2610:18::3050 wait 2 no-resolve traceroute6 to 2610:18::3050 (2610:18::3050) from 2a02:c0:1000:1::2, 64 hops max, 12 byte packets 1 2a02:c0:1000:1::1 0.822 ms 1.290 ms 0.355 ms 2 2001:978:2:30::1 0.465 ms 0.477 ms 0.395 ms 3 * * * 4 * * * 5 2001:7f8:4::ae:1 582.740 ms * 82.538 ms 6 * * * 7 2001:504:f::c 106.967 ms 109.421 ms 107.129 ms 8 2001:550:3::11e 121.969 ms 103.842 ms 112.119 ms 9 2610:18::3050 143.462 ms 142.717 ms 145.179 ms 2610:18::3050 is the first hop in XO's network on the way to ipv6.cnn.com. If I stop prepending towards Cogent, 2001:550:3::11e is the last hop that gives me any replies. So it appears my announcements reach XO, but the packets gets lost somewhere along the line. Cogent told me they found nothing wrong with their end of the peering. Anyone in or behind XO with the same problem? 2001:978:1:326::2 is an example of a router in Cogent's network (in Stockholm) that should respond to pings if everything works fine. It seems like the problem happens with Cogent's own routes as well, as neither 2610:18::3050 nor 2620:0:2200:8::::8901 (ipv6.cnn.com) get any replies when pinging from Cogent's looking glass. Best regards, -- Tore Anderson Redpill Linpro AS - http://www.redpill-linpro.com Tel: +47 21 54 41 27
Re: Network management software with high detailed traffic report
Steinar, I'm sure that router updates its counter more often than 5 seconds. On 22 November 2010 12:46, sth...@nethelp.no wrote: Does any one know the NMS (network management software) which can do the fallowing: 1. Monitor on Cisco Routers/Switches interface utilization every 5-10 seconds and send e-mail alarm when utilization low or high of predefined thresholds. 2. Collect net-flow statistics (at least src/dst) with granularity of 5-10- seconds. The main idea is to have detailed monitoring of the external links and to be able to know why (by what traffic type) and when link was highly utilized. Your requirements are somewhat unrealistic. Even if your NMS can fetch SNMP counters / Netflow info every 5-10 seconds, you have no guarantee that the router *updates* the counters / Netflow info this often. Talk to your router vendor first. Steinar Haug, Nethelp consulting, sth...@nethelp.no
Re: Network management software with high detailed traffic report
IT depends on the manufacturer. Cisco can updates OIDs even on 1 second time basis (maybe less?). A long time ago I've made an real time monitor to troubleshooting problems at the WAN. IT was not a NMS, only visual graphs using PHP and RRDtool in one page showing IfOctests, IfDiscards, IfErrors, IfNUnicast and, in some cases, BECN and FECN for frame relay. 2010/11/22 Sergey Voropaev serge.devo...@gmail.com Steinar, I'm sure that router updates its counter more often than 5 seconds. On 22 November 2010 12:46, sth...@nethelp.no wrote: Does any one know the NMS (network management software) which can do the fallowing: 1. Monitor on Cisco Routers/Switches interface utilization every 5-10 seconds and send e-mail alarm when utilization low or high of predefined thresholds. 2. Collect net-flow statistics (at least src/dst) with granularity of 5-10- seconds. The main idea is to have detailed monitoring of the external links and to be able to know why (by what traffic type) and when link was highly utilized. Your requirements are somewhat unrealistic. Even if your NMS can fetch SNMP counters / Netflow info every 5-10 seconds, you have no guarantee that the router *updates* the counters / Netflow info this often. Talk to your router vendor first. Steinar Haug, Nethelp consulting, sth...@nethelp.no -- []'s Lívio Zanol Puppim
Re: Network management software with high detailed traffic report
On 22/11/2010 10:00, Sergey Voropaev wrote: I'm sure that router updates its counter more often than 5 seconds. some do, some don't. For example, sup720 snmp counters are updated every 9 seconds, while the show interface counters are updated every 30 seconds. Nick
Re: Introducing draft-denog-v6ops-addresspartnaming
On Sat, Nov 20, 2010 at 23:15, Owen DeLong o...@delong.com wrote: You seem to be indirectly answering the parent posting in much of what you say. That is fine, I just wanted to point it out. It's a commonly accepted, well-defined convention to save humans effort while not sacrificing readability. There are weirder things in technology. I don't think it's all that weird and it's a major savings in writing out IPv6 addresses and being able to read them (except in lists of varying sized addresses (please, when dumping routing tables and such, just keep the optional zeroes or give us a flag to choose). In practice, the :: usually ends up being placed between the network number and the host number for things with static addresses and rarely appears in EUI-64 based addresses, so, I don't see this as a problem. FWIW, I do not see it as weird or as a problem, either. There are weirder things does not mean the thing I am referring to is weird itself :) I don't see a problem with people not assigning customers /56s so long as they go in the correct direction and give /48s and not /60s or /64s. Many ISPs will end up handing their customers /64, /62 or other less-than-ideal prefixes. As soon as a customer needs to subnet their /64, the real fun starts. There is nothing we can do about it, other than trying to educated people and hope for the best. I honestly think I never explained (as in, after I understood the matter, myself) netmasks other than as a bit vector. Unless you mean write 255.255.255.0 in there cause that's what right for you. Then you are young and never had to deal with systems that didn't know about bit-vector syntax. I have had to explain the translation between bit-vector syntax (/n) and bit-field syntax (255.255.255.240) to many people. It's easy when n is a multiple of 8. After that, it can be quite hard for some mathematically challenged individuals unfamiliar with binary and BCD to wrap their heads around. I wish ;) Either the person can grasp that a dotted netmask can be transformed into a bit vector or I tell them use 255.255.255.0 everywhere, it will work for everything you will ever need. 80/20 and all that. Removing bitmath from operations where possible is a good thing that reduces outages caused by human factors. It's just good human factors engineering. We can't do so in IPv4, there aren't enough bits to do it. We seek to do so in IPv6 with ARIN draft policy 2010-8 and proposal 121. If by bitmath you mean ending netmasks not on full bytes only, I could not agree more. This will reduce a lot of useless overhead. I really wish the RIRs would get unique a name space for their respective drafts. If even my person object needs a -RIPE suffix, I don't see why drafts etc don't. Should we all sing kumbayah now? Only if you bring a tambourine. Basically, as I recall the earlier discussions of this and the IETF arriving at the decision to use colon (:), it boiled down to the simple fact that colon (:) is the worst choice except for all the others. Agreed. Richard
Re: Introducing draft-denog-v6ops-addresspartnaming
On Sun, Nov 21, 2010 at 16:54, William Herrin b...@herrin.us wrote: Because in my version fd::/8 actually is the same as fd00::/8, which, as you rightly point out, is exactly what a normal human being would naturally expect. Which is against every expectation of anyone who ever learned Arabic numbers in a left-to-right system. As Owen pointed out, filling with zeros on the right-hand side would be, to put it lightly, a disaster. Maybe I should have worded that more strongly in my last reply. Imea nrea lly, what ifwe wrot eEng lish thew aywe writ eIPv 6add ress es? Looks pretty stupid without a floating separator, doesn't it? Reductio ad absurdum. We've gone too far down the wrong path to change it now; colons are going to separate every second byte in the v6 address. But from a human factors perspective, floating colons would have been better. No. See my, and Owen's, emails. From a computer parser perspective, a character other than a colon would have been better because colons are already claimed for many for other syntax elements that include an IP address, like the address/port separator in a URL. It's the least bad amongst a highly limited choice of even worse chars. There is a reason why the colon is used so often. Making the jump in logic, it would help mitigate the errant design if the two-byte groupings separated by the colons were intentionally and formally not named. That fits a training scenario which reinforces the idea that the colons are there for convenience but that there is nothing special about those two byte groupings. Personally, I have no interest whatsoever in limiting my efficiency and increasing the chance that I or others make mistakes because people who don't understand the matter at hand might misinterpret something. The question leads me to recall a fancy version of traceroute I once used. In addition to looking up the PTR record for each hop, it also looked up the org and AS number currently associated. If users found it valuable to have the router present variable colon placement, it's a doable albeit complex computing task. If you ever looked at the state of a lot of data in the RIR's whois databases, you know that's literally impossible. And a _lot_ of effort for little to no gain. And what if a LIR changes their numbering scheme, at some point? Attach parsing instructions to inetnum? Richard
Re: Introducing draft-denog-v6ops-addresspartnaming
On Sun, Nov 21, 2010 at 23:15, Owen DeLong o...@delong.com wrote: In fact, it would look pretty weird to most people if we started writing 951-21-42-33 (or I bet they wouldn't expect that was a zip code in any case). Similarly, if we start placing the separators in arbitrary places in phone numbers, people get confused. The complete uniformity of telephone numbers seems to be a North American phenomena, but as a German who is used to wildly different phone numbers, I would still prefer a common scheme for all of them, yes. I still disagree. While I noted the one pathology with the current system, that same pathology is present with floating colons and there are others which I also pointed out (difficulty in reproducing the correct placement of the floating colons in automated output, for example. Even worse, allowing floating colons will mean different groups will adapt different defaults. Not a desirable goal. The syntax for handling this was already present in IPv4 and is easily adapted to the problem in IPv6. Simply wrap the IPv6 address in square brackets (e.g. [2001:db8:feed::cafe]:80 is the ipv6 address 2001:db8:feed::cafe on port 80). Which is admittedly ugly, but I can't think of anything better, either. We did forego ::192.168.1.1. However, we still have :::192.168.1.1 and for good reason. This is a useful construct for allowing humans to see in log files that an IPv6-aware application on a dual-stack machine accepted an IPv4 connection on an IPv6 socket. Agreed. Ugly, but useful needed. Richard
Re: Introducing draft-denog-v6ops-addresspartnaming
Please don't group several emails into one. It breaks threads. And while I could not find anything about this in the NANOG FAQ, it's common netiquette not to do so. On Sun, Nov 21, 2010 at 23:50, William Herrin b...@herrin.us wrote: On Sun, Nov 21, 2010 at 11:40 AM, Joel Jaeggli joe...@bogus.com wrote: Looks like an ass-u-me. If you think the use if IPv4 addresses in URLs is infrequent, it's mostly u. Get out in the field some time. Ad hominem usually does not do much to maintain or improve the quality of a discussion. That server op is the kind of guy we're asking to understand that there's nothing special about the two bytes between the colons in the IPv6 address. He's gonna be trouble. As you described yourself, he is gonna be trouble anyway. People end up working around him anyway, so why bother to cater to his needs? Especially as the fixed colons are here to stay and a good thing, also. On Sun, Nov 21, 2010 at 1:42 PM, valdis.kletni...@vt.edu wrote: Whatever you want to do. That's the point of optional/movable separators. Principle of least surprise. On Sun, Nov 21, 2010 at 5:15 PM, Owen DeLong o...@delong.com wrote: That would be a more compelling argument if it accurately described phone number notation. It doesn't. +44 121 410 5228, for example, is the phone number for parking services at Heathrow airport, exactly as described on http://www.heathrowairport.com/'s contact us page. No dashes at all, and not 10 digits. The UK is not part of the USA nor of Canada. IPv6 is one of very few addressing schemes in which the separators intentionally have no greater meaning within the protocol or its use. As has been pointed out several times before, helping humans reduce errors is a highly desirable goal. _And_ the discussion is moot anyway. I think I am at a point where I will simply ignore any new occurrences of this theme. Richard
Re: Network management software with high detailed traffic report
On 22/11/2010 10:47, Livio Zanol Puppim wrote: Good to know. It such a dificult information to find in documentation. I should have wrapped up that statement with a ymmv. Because probably, your mileage will vary. Nick
Re: Introducing draft-denog-v6ops-addresspartnaming
[ Meant to send this to the list and not directly to Richard. ] On Fri, Nov 19, 2010 at 03:07:40AM +0100, Richard Hartmann wrote: If any of you have any additional suggestions, you are more than welcome to share them. I heard hexquad somewhere awhile back and have been using it since... looking over the other options present in your poll, I think I still prefer it, but I could live with either hextet or simply quad as well. --Jeff
Re: Introducing draft-denog-v6ops-addresspartnaming
For the sake of completeness, the relevant part of what I answered privately can be found below. On Mon, Nov 22, 2010 at 13:22, Jeff Aitken jait...@aitken.com wrote: [ Meant to send this to the list and not directly to Richard. ] On Fri, Nov 19, 2010 at 03:07:40AM +0100, Richard Hartmann wrote: If any of you have any additional suggestions, you are more than welcome to share them. I will add quad to -03 anyway. If you get a few +1 on hexquad, I am against adding that, as well. Richard
Re: Network management software with high detailed traffic report
On Mon, 22 Nov 2010, Nick Hilliard wrote: some do, some don't. For example, sup720 snmp counters are updated every 9 seconds, while the show interface counters are updated every 30 seconds. That is most certainly NOT true. The 'show interface' counters update at least once a second. Perhaps you are thinking about the rate counters that are often _configured_ to use the last 30 seconds of data to compute the average but also update much more often than every 30 seconds (and default to a 5 minute average). -- Brandon Ross AIM: BrandonNRoss ICQ: 2269442 Skype: brandonross Yahoo: BrandonNRoss
Re: Introducing draft-denog-v6ops-addresspartnaming
On Mon, Nov 22, 2010 at 6:40 AM, Richard Hartmann richih.mailingl...@gmail.com wrote: On Sun, Nov 21, 2010 at 16:54, William Herrin b...@herrin.us wrote: Because in my version fd::/8 actually is the same as fd00::/8, which, as you rightly point out, is exactly what a normal human being would naturally expect. Which is against every expectation of anyone who ever learned Arabic numbers in a left-to-right system. As Owen pointed out, filling with zeros on the right-hand side would be, to put it lightly, a disaster. Maybe I should have worded that more strongly in my last reply. Richard, A route prefix is always trimmed on the right. Always. That's why we call it a PREfix. Trimming zeros on both the left and the right, as the correctly written IPv6 notation 1::/16 would have us do, is confusing. It's like writing one million and one tenth as 1,,.1 instead of 1,000,000.1. Please don't group several emails into one. It breaks threads. And while I could not find anything about this in the NANOG FAQ, it's common netiquette not to do so. Six of one, half a dozen of the other. Flooding a list with half a dozen replies on the same thread at the same time is poor netiquette for its impact on unthreaded mail agents and if your mailer started a new thread for this message in spite of the identical subject and in-reply-to header then it's broken. On Sun, Nov 21, 2010 at 23:50, William Herrin b...@herrin.us wrote: Looks like an ass-u-me. If you think the use if IPv4 addresses in URLs is infrequent, it's mostly u. Get out in the field some time. Ad hominem usually does not do much to maintain or improve the quality of a discussion. Insolence alone does not rise to argumentum ad hominem. The predicate assumption is wrong. Here's several paragraphs about what's actually observed in the field, certainly isn't. If you want to call me out on a logical fallacy, at least call me out on one I've actually committed. Regards, Bill Herrin -- William D. Herrin her...@dirtside.com b...@herrin.us 3005 Crane Dr. .. Web: http://bill.herrin.us/ Falls Church, VA 22042-3004
Auditing a network to add Voice
Hi, My customer would like to add VoIP over their network and they asked us for an audit. the result of the audit would be simply you guys are ready for it Breaking it down [high level] for me sounds like : (suggestions are more than welcomed) : 1) Looking at hardware computation finite resources (cpu, memory...etc) 2) Looking at available bandwidth 3) QoS policy 4) High Availability and Fast Convergence Any thing else? They asked us to measure the KPIs (jitter, delay...etc) of their existing traffic, is there a way to do that? Thanks, Kim
Re: Auditing a network to add Voice
Sorry i forgot to add more detail. We are not looking for IP Telephony type of voice but RTP from Media Gateways. Cheers, Kim On Mon, Nov 22, 2010 at 4:59 PM, Kasper Adel karim.a...@gmail.com wrote: Hi, My customer would like to add VoIP over their network and they asked us for an audit. the result of the audit would be simply you guys are ready for it Breaking it down [high level] for me sounds like : (suggestions are more than welcomed) : 1) Looking at hardware computation finite resources (cpu, memory...etc) 2) Looking at available bandwidth 3) QoS policy 4) High Availability and Fast Convergence Any thing else? They asked us to measure the KPIs (jitter, delay...etc) of their existing traffic, is there a way to do that? Thanks, Kim
Re: AS6453 (Tata/Teleglobe/Globe Internet?) - various US ISP Outage?
Yes, I was able to reach Tata (they actually have done something very good I encourage others to follow, see below) and they resolved the issue within 15 minutes of my phone call. What Tata has done with as6453.net is that there is a website there which provides NOC contact info and the phone is answered by semi-clueful people who upon realizing that the caller is clueful and has an actual legitimate problem are able to rapidly transfer to clueful people with the ability to fix things. I applaud Tata for: 1. Making their NOC contact info easy to find from traceroutes. It should have occurred to me to try www.as6453.net first, but, instead I went digging through whois and when that proved fruitless, tapped NANOG. My bad. 2. Having people answer the phone (promptly) who are able to do the right thing with the phone call. 3. Having engineers readily available for calls that are escalated immediately. Owen On Nov 22, 2010, at 12:17 AM, sth...@nethelp.no wrote: Anyone else seeing problems reaching ATT/XO possibly others from AS6453 in Europe? Seems to work okay from Norway: traceroute to 140.239.191.10 (140.239.191.10), 64 hops max, 40 byte packets 1 ge0-0-0-3000.br1.fn3.no.catchbone.net (193.75.4.1) 0.165 ms 0.179 ms 0.235 ms 2 if-6-0-0.core2.OS1-Oslo.as6453.net (80.231.89.13) 0.357 ms 0.222 ms 0.237 ms 3 if-5-0-0.core1.AD1-Amsterdam.as6453.net (80.231.80.33) 25.598 ms 25.583 ms 25.605 ms 4 if-0-0.core2.AD1-Amsterdam.as6453.net (80.231.80.14) 25.710 ms 25.570 ms 25.598 ms 5 if-15-0-0.core3.NTO-NewYork.as6453.net (80.231.81.46) 147.779 ms 111.782 ms 111.807 ms 6 63.243.186.66 (63.243.186.66) 121.642 ms * 115.188 ms 7 ix-2-12.icore1.NTO-NewYork.as6453.net (209.58.26.70) 104.279 ms 103.886 ms 142.532 ms 8 vb2001.rar3.washington-dc.us.xo.net (207.88.13.50) 119.407 ms 130.336 ms 119.065 ms 9 te-3-0-0.rar3.atlanta-ga.us.xo.net (207.88.12.9) 172.006 ms 171.869 ms 171.997 ms 10 te-3-0-0.rar3.dallas-tx.us.xo.net (207.88.12.2) 172.136 ms 172.233 ms 172.256 ms 11 vb12.rar3.la-ca.us.xo.net (207.88.12.46) 171.863 ms 172.112 ms 171.890 ms 12 ae0d0.mcr1.la-ca.us.xo.net (216.156.0.114) 171.490 ms 171.477 ms 171.505 ms 13 207.88.81.198.ptr.us.xo.net (207.88.81.198) 173.491 ms 256.940 ms 173.369 ms 14 ip65-47-242-10.z242-47-65.customer.algx.net (65.47.242.10) 179.122 ms 179.613 ms 179.397 ms 15 140-239-191-10.dsis.net (140.239.191.10) 188.329 ms 192.338 ms 188.615 ms Steinar Haug, Nethelp consulting, sth...@nethelp.no
Re: Introducing draft-denog-v6ops-addresspartnaming
I don't see a problem with people not assigning customers /56s so long as they go in the correct direction and give /48s and not /60s or /64s. Many ISPs will end up handing their customers /64, /62 or other less-than-ideal prefixes. As soon as a customer needs to subnet their /64, the real fun starts. There is nothing we can do about it, other than trying to educated people and hope for the best. If we educate a sufficient percentage of ISPs and solve the perception problems of the RIR policies that are driving some ISPs to be overly conservative (see proposal 121 in the ARIN region for an example of what I think represents a reasonable solution), then, the other ISPs will eventually find themselves at a competitive disadvantage as their customers start to ask Why can't I have a /48 like my friend Bob got from provider Z? This is a good thing, but, it means we need to do what we can to educate as many ISPs as possible as quickly as possible during this critical phase of deployment. I honestly think I never explained (as in, after I understood the matter, myself) netmasks other than as a bit vector. Unless you mean write 255.255.255.0 in there cause that's what right for you. Then you are young and never had to deal with systems that didn't know about bit-vector syntax. I have had to explain the translation between bit-vector syntax (/n) and bit-field syntax (255.255.255.240) to many people. It's easy when n is a multiple of 8. After that, it can be quite hard for some mathematically challenged individuals unfamiliar with binary and BCD to wrap their heads around. I wish ;) Either the person can grasp that a dotted netmask can be transformed into a bit vector or I tell them use 255.255.255.0 everywhere, it will work for everything you will ever need. 80/20 and all that. Ah... OK... Sorry, I'm the guy that had to deal with all of your users when they found themselves on one of my /27s and tried to use 255.255.255.0 there. :p So... Don't worry, I ended up picking up the educational task where you left off. (OK, maybe not the exact same set of users, but, honest, you're not the only one who took this approach and it did lead to interesting breakages by users so educated in a number of places I have worked.) Removing bitmath from operations where possible is a good thing that reduces outages caused by human factors. It's just good human factors engineering. We can't do so in IPv4, there aren't enough bits to do it. We seek to do so in IPv6 with ARIN draft policy 2010-8 and proposal 121. If by bitmath you mean ending netmasks not on full bytes only, I could not agree more. This will reduce a lot of useless overhead. I really wish the RIRs would get unique a name space for their respective drafts. If even my person object needs a -RIPE suffix, I don't see why drafts etc don't. Well, in IPv6, I think ending them on nibbles is fine. Specifically, see ARIN Policy Proposal 121 (as mentioned above). Should we all sing kumbayah now? Only if you bring a tambourine. LoL Sorry, I don't own a tambourine. Owen
Re: Blocking International DNS
On 2010-11-22, at 00:00, Jeffrey Lyon wrote: Indeed, offshore resolvers, offshore DNS infrastructure and the progressive's futile attempts at interference with free markets is once again thwarted. We all know that U.S. law helps keep the internet safe /sarcasm You don't think (i) a service provider, as that term is defined in section 512(k)(1) of title 17, United States Code, or other operator of a domain name system server shall take reasonable steps that will prevent a domain name from resolving to that domain name’s Internet protocol address; could be taken as a requirement for providers to intercept attempts to use off-network DNS resolvers and manage such requests to meet the end goal above? Given that many providers already do this (for whatever reason), it's not much of a stretch to see someone declaring that such behaviour falls under the umbrella of reasonable steps. I'm not suggesting that I think any of this is reasonable or sensible, but it does seem to imply an operational burden on service providers. Joe
Re: Blocking International DNS
On 11/22/2010 10:25 AM, Joe Abley wrote: You don't think (i) a service provider, as that term is defined in section 512(k)(1) of title 17, United States Code, or other operator of a domain name system server shall take reasonable steps that will prevent a domain name from resolving to that domain name’s Internet protocol address; could be taken as a requirement for providers to intercept attempts to use off-network DNS resolvers and manage such requests to meet the end goal above? Given that many providers already do this (for whatever reason), it's not much of a stretch to see someone declaring that such behaviour falls under the umbrella of reasonable steps. I'm not suggesting that I think any of this is reasonable or sensible, but it does seem to imply an operational burden on service providers. And where would the list that we need to block be gotten from? --Curtis
Re: Blocking International DNS
You don't think (i) a service provider, as that term is defined in section 512(k)(1) of = title 17, United States Code, or other operator of a domain name system = server shall take reasonable steps that will prevent a domain name from = resolving to that domain name=92s Internet protocol address; could be taken as a requirement for providers to intercept attempts to = use off-network DNS resolvers and manage such requests to meet the end = goal above? Given that many providers already do this (for whatever reason), it's = not much of a stretch to see someone declaring that such behaviour falls = under the umbrella of reasonable steps. I'm not suggesting that I think any of this is reasonable or sensible, = but it does seem to imply an operational burden on service providers. It's funny, isn't it, didn't we just finish convincing the government of the need for DNSSEC, making the DNS system more resistant to some forms of tampering? ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again. - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.
starwars.com subdomain hijacked?
It seems the subdomain shop.starwars.com is being redirected. Anybody else seeing this?
Re: Blocking International DNS
On 2010-11-22, at 10:43, Joe Greco wrote: It's funny, isn't it, didn't we just finish convincing the government of the need for DNSSEC, making the DNS system more resistant to some forms of tampering? I guess if the manner of the interception was to send back SERVFAIL to DNS clients whose queries were (in some sense) objectionable, the result would be that the clients were not able to resolve the (in some sense) bad names. This would in effect be a selective denial of service attack to DNS clients. DNSSEC provides no integrity protection over that type of interference -- you need to get an answer for the answer to have a signature, and without a signature there's nothing to check. Joe
Re: Auditing a network to add Voice
Iperf can be used to measure jitter and delay as well as simulate a quasi VoIP call. You can also use mtr under Linux which provides jitter and delay measurements from one point to another point. A g.729 call (lower quality) takes about ~40kbps and a g.711 (high quality) used about ~100Kbps of bandwidth. With most of today's networks, the problem isn't bandwidth related, but more with jitter, delay, and packet loss through the network...personally I'm a big fan of deploying QoS through out an infrastructure...well at least in our WAN infrastructure. Bret On 11/22/2010 09:59 AM, Kasper Adel wrote: Hi, My customer would like to add VoIP over their network and they asked us for an audit. the result of the audit would be simply you guys are ready for it Breaking it down [high level] for me sounds like : (suggestions are more than welcomed) : 1) Looking at hardware computation finite resources (cpu, memory...etc) 2) Looking at available bandwidth 3) QoS policy 4) High Availability and Fast Convergence Any thing else? They asked us to measure the KPIs (jitter, delay...etc) of their existing traffic, is there a way to do that? Thanks, Kim
Re: Auditing a network to add Voice
Most VoIP solutions are RTP whether internal or via SIP solution from a service provider. On 11/22/2010 10:04 AM, Kasper Adel wrote: Sorry i forgot to add more detail. We are not looking for IP Telephony type of voice but RTP from Media Gateways. Cheers, Kim On Mon, Nov 22, 2010 at 4:59 PM, Kasper Adelkarim.a...@gmail.com wrote: Hi, My customer would like to add VoIP over their network and they asked us for an audit. the result of the audit would be simply you guys are ready for it Breaking it down [high level] for me sounds like : (suggestions are more than welcomed) : 1) Looking at hardware computation finite resources (cpu, memory...etc) 2) Looking at available bandwidth 3) QoS policy 4) High Availability and Fast Convergence Any thing else? They asked us to measure the KPIs (jitter, delay...etc) of their existing traffic, is there a way to do that? Thanks, Kim
Re: Blocking International DNS
On Nov 22, 2010, at 7:25 AM, Joe Abley wrote: On 2010-11-22, at 00:00, Jeffrey Lyon wrote: Indeed, offshore resolvers, offshore DNS infrastructure and the progressive's futile attempts at interference with free markets is once again thwarted. We all know that U.S. law helps keep the internet safe /sarcasm You don't think (i) a service provider, as that term is defined in section 512(k)(1) of title 17, United States Code, or other operator of a domain name system server shall take reasonable steps that will prevent a domain name from resolving to that domain name’s Internet protocol address; could be taken as a requirement for providers to intercept attempts to use off-network DNS resolvers and manage such requests to meet the end goal above? Given that many providers already do this (for whatever reason), it's not much of a stretch to see someone declaring that such behaviour falls under the umbrella of reasonable steps. I'm not suggesting that I think any of this is reasonable or sensible, but it does seem to imply an operational burden on service providers. If it does, then, you'll find open tunnel servers providing tunnels to off-shore DNS services. Sigh. I really wish congress had better things to do than getting into a technology arms race with the people of the united states. Oh, wait, they do have better things to do, they just aren't doing them. Owen
Re: Network management software with high detailed traffic report
On 22/11/2010 14:02, Brandon Ross wrote: That is most certainly NOT true. You're correct that I'm mistaken. It's 9 second updates for both snmp and the interface (packets / bytes) counters, at least on 6700 cards / SXI. Are you getting different measurements? Nick
Re: Blocking International DNS
On 2010-11-22, at 10:35, Curtis Maurand wrote: And where would the list that we need to block be gotten from? bittorrent? :-)
Re: Auditing a network to add Voice
Hi Bret, These guys are not looking for measuring traffic generated by a tool, they want to measure what they have running now (not only Voice). I am not sue if measuring what they have or generating traffic and measuring it is the same thing. what do u think? thanks, Kim On Mon, Nov 22, 2010 at 5:54 PM, Bret Clark bcl...@spectraaccess.comwrote: Iperf can be used to measure jitter and delay as well as simulate a quasi VoIP call. You can also use mtr under Linux which provides jitter and delay measurements from one point to another point. A g.729 call (lower quality) takes about ~40kbps and a g.711 (high quality) used about ~100Kbps of bandwidth. With most of today's networks, the problem isn't bandwidth related, but more with jitter, delay, and packet loss through the network...personally I'm a big fan of deploying QoS through out an infrastructure...well at least in our WAN infrastructure. Bret On 11/22/2010 09:59 AM, Kasper Adel wrote: Hi, My customer would like to add VoIP over their network and they asked us for an audit. the result of the audit would be simply you guys are ready for it Breaking it down [high level] for me sounds like : (suggestions are more than welcomed) : 1) Looking at hardware computation finite resources (cpu, memory...etc) 2) Looking at available bandwidth 3) QoS policy 4) High Availability and Fast Convergence Any thing else? They asked us to measure the KPIs (jitter, delay...etc) of their existing traffic, is there a way to do that? Thanks, Kim
Re: Introducing draft-denog-v6ops-addresspartnaming
On Mon, Nov 22, 2010 at 15:07, William Herrin b...@herrin.us wrote: Trimming zeros on both the left and the right, as the correctly written IPv6 notation 1::/16 would have us do, is confusing. It's like writing one million and one tenth as 1,,.1 instead of 1,000,000.1. No, there are simply two mechanisms at work: I start with 0001:::::::/16 then, I remove leading zeros as they are not needed 1:::::::/16 which I can further reduce by the same mechanism to 1:0:0:0:0:0:0/16 Finally, the accepted convention for IPv6 addresses is that I can drop a continuous block of zeros which means I end up with 1::/16 Makes perfect sense to me. Six of one, half a dozen of the other. Flooding a list with half a dozen replies on the same thread at the same time is poor netiquette for its impact on unthreaded mail agents and if your mailer started a new thread for this message in spite of the identical subject and in-reply-to header then it's broken. I disagree, but if you want to continue this part of the discussion, we should do so off-list. I do apologize that I wrote this in-line and did not poke you off-list in the first place. Insolence alone does not rise to argumentum ad hominem. The predicate assumption is wrong. Here's several paragraphs about what's actually observed in the field, certainly isn't. If you want to call me out on a logical fallacy, at least call me out on one I've actually committed. I called out a social, not a logical, fallacy. As per the rest, see above. Richard
RE: starwars.com subdomain hijacked?
It seems the subdomain shop.starwars.com is being redirected. Anybody else seeing this? HTML served up looks official, albeit different NS servers and IP Range from main site. Resolves to 209.20.19.60 (shop.starwars.novator2.com.). Couldn't tell you if that's where it's meant to go mind... [r...@...]# dig shop.starwars.com ; DiG shop.starwars.com ;; Got answer: ;; QUESTION SECTION: ;shop.starwars.com. IN A ;; ANSWER SECTION: shop.starwars.com. 3600IN CNAME shop.starwars.novator2.com. shop.starwars.novator2.com. 600 IN A 209.20.19.60 ;; AUTHORITY SECTION: novator2.com. 600 IN NS ns2.novator.com. novator2.com. 600 IN NS ns3.novator.com. novator2.com. 600 IN NS ns1.novator.com. ;; Query time: 406 msec ;; WHEN: Mon Nov 22 16:33:40 2010 ;; MSG SIZE rcvd: 150 [r...@...]# dig starwars.com ; DiG starwars.com ;; Got answer: ;; QUESTION SECTION: ;starwars.com. IN A ;; ANSWER SECTION: starwars.com. 3600IN A 208.72.12.228 ;; AUTHORITY SECTION: starwars.com. 3600IN NS dns.lucasfilm.com. starwars.com. 3600IN NS sbdns3.cscdns.net. ;; ADDITIONAL SECTION: sbdns3.cscdns.net. 9515IN A 165.160.12.22 ;; Query time: 249 msec ;; WHEN: Mon Nov 22 16:34:39 2010 ;; MSG SIZE rcvd: 121 -Original Message- From: Matt Disuko [mailto:gourmetci...@hotmail.com] Sent: 22 November 2010 15:47 To: nanog@nanog.org Subject: starwars.com subdomain hijacked? It seems the subdomain shop.starwars.com is being redirected. Anybody else seeing this?
Re: Auditing a network to add Voice
I'm not sure if Wireshark will let you do this...at least with TCP, we do use Wireshark to analyze RTP traffic which provides jitter/loss data, maybe a vendor provided LAN analyzer would provide this information I still think you're better of on using some type of tools and do the measurement in their network's live at various times of the day. Every path through the network is going to have different delays/jitter/loss at various times of the the day. You can probably get loss via RMON statistics in switches/routers, but delays/jitter requires that you are monitoring a data conversation at the TCP/IP layer and I'm not aware of network equipment (switches/routers) that watch individual TCP/IP layers to provide jitter/delay...that would require quite a bit of a devices resources. If you run the apps on their network live, they you are basically going to get the information you need about the overall quality of their network they have in place today. Bret On 11/22/2010 11:17 AM, Kasper Adel wrote: Hi Bret, These guys are not looking for measuring traffic generated by a tool, they want to measure what they have running now (not only Voice). I am not sue if measuring what they have or generating traffic and measuring it is the same thing. what do u think? thanks, Kim On Mon, Nov 22, 2010 at 5:54 PM, Bret Clark bcl...@spectraaccess.com mailto:bcl...@spectraaccess.com wrote: Iperf can be used to measure jitter and delay as well as simulate a quasi VoIP call. You can also use mtr under Linux which provides jitter and delay measurements from one point to another point. A g.729 call (lower quality) takes about ~40kbps and a g.711 (high quality) used about ~100Kbps of bandwidth. With most of today's networks, the problem isn't bandwidth related, but more with jitter, delay, and packet loss through the network...personally I'm a big fan of deploying QoS through out an infrastructure...well at least in our WAN infrastructure. Bret On 11/22/2010 09:59 AM, Kasper Adel wrote: Hi, My customer would like to add VoIP over their network and they asked us for an audit. the result of the audit would be simply you guys are ready for it Breaking it down [high level] for me sounds like : (suggestions are more than welcomed) : 1) Looking at hardware computation finite resources (cpu, memory...etc) 2) Looking at available bandwidth 3) QoS policy 4) High Availability and Fast Convergence Any thing else? They asked us to measure the KPIs (jitter, delay...etc) of their existing traffic, is there a way to do that? Thanks, Kim
Re: starwars.com subdomain hijacked?
On Mon, Nov 22, 2010 at 8:46 AM, Matt Disuko gourmetci...@hotmail.com wrote: It seems the subdomain shop.starwars.com is being redirected. Anybody else seeing this? Redirected to where? Looks like it is working as expected...? --Jaren
Re: Auditing a network to add Voice
On Mon, 22 Nov 2010 16:59:54 +0200, Kasper Adel said: Breaking it down [high level] for me sounds like : (suggestions are more than welcomed) : 1) Looking at hardware computation finite resources (cpu, memory...etc) 2) Looking at available bandwidth 3) QoS policy 4) High Availability and Fast Convergence Any thing else? You forgot the most important thing, which ends up driving all the rest: 0) How much VoIP are they planning to do? VoIP for 25 people and VoIP for 25,000 people are two totally different beasts. pgpQT0NjzLVtf.pgp Description: PGP signature
RE: starwars.com subdomain hijacked?
I'm surprised by the sequence of events here..
domain novator2.com is registered with DomainsAtCost.ca.
domain novator2.com expires...
gets picked up by the administrators of yourdomainhasexpired.com - Rebel.com?
1550507.ca?
;; ANSWER SECTION:
shop.starwars.com. 1655IN CNAME shop.starwars.novator2.com.
shop.starwars.novator2.com. 1655 IN A 74.54.152.75
;; AUTHORITY SECTION:
novator2.com. 160201 IN NS dns2.yourdomainhasexpired.com.
novator2.com. 160201 IN NS dns.yourdomainhasexpired.com.
Redir'd to a advert site, instead of a default DomainsAtCost.ca holding page
or...nowhere.
Apparently quickly renewed and given back to the original owners.
Who's at play here? Does DomainsAtCost have a deal with Rebel.com? Or are
they the same company?
It all seems fishy to me. Is this normal practice?
Date: Mon, 22 Nov 2010 12:05:21 -0500
From: k...@sizone.org
To: nanog@nanog.org
Subject: Re: starwars.com subdomain hijacked?
On Mon, Nov 22, 2010 at 08:49:48AM -0800, Wil Schultz said:
Appears that it's a CNAME for shop.starwars.novator2.com.
The expiry day is 11/22/2011, so if I were to guess I would think that the
domain expired, sent to an advert page, and was just renewed.
-wil
Smartest attack is to put up a page that looks exactly the same as the
legit site, but with your own cheaper crappier knockoff starwars paraphenalia
('duke', 'tewey', 'princess luba') that you sell instead and make the huge
profits.
Not to give anyone any ideas that werent obvious like 15 years ago.
How anyone can tell the internet is legit at a glance is beyond me. Need
to hookup firefox's security warning to my speakers to get a modicum of
alert that SSL is busted, to start, nevermind anything more creative.
That phishers manage to fake sites that look wrong is also beyond me, what's
so hard about 'save page as'?
/kc
--
Ken Chase - k...@heavycomputing.ca - +1 416 897 6284 - Toronto CANADA
Heavy Computing - Clued bandwidth, colocation and managed linux VPS @151
Front St. W.
Re: Introducing draft-denog-v6ops-addresspartnaming
Richard Hartmann richih.mailingl...@gmail.com writes:
I will add quad to -03 anyway. If you get a few +1 on hexquad, I am
against adding that, as well.
Quad is a standard term for 64 bit integer in C/C++. For
example:
$ grep -c quad /usr/src/sys/netinet6/*|awk -F: '{tot+=$2} END{print tot}'
171
which is to say, the kame derived ipv6 stack on this machine uses
one of the *quad_t types 171 times.
Ambiguating usages like Take the least signifigant quad of that
ipv6 address to mean either 16 bits or 64 bits, when it currently is
unamibigously 64 bits won't make the lives of C/C++ programmers
writing IPv6 code any easier.
RE: Auditing a network to add Voice
One of the best active measurement products is the BRIX monitoring system, now owned by EXFO. Active measurement systems have the capability of sending out emulated application probes (for instance G.711 calls), or alternatively simple ping tests to gather round trip times (RTT), jitter, and packet loss. The tests are run, and the data is gathered at random intervals over an extended time period, thus providing a statistically accurate picture of network performance at different times, and under various traffic blends and loads. Using queuing theory, it can be shown that only 3 variables are required to accurately predict network performance: RTT, jitter, and packet loss. Designing a network which will produce the right combination of these 3 variables, mitigates the need for QoS, except as a failsafe to be used in emergency cases such as DoS attacks. QoS-free networks (FIFO queuing only) have been designed and implemented which easily support MPEG4 video, HD videoconferencing, and VoIP. -Original Message- From: Bret Clark [mailto:bcl...@spectraaccess.com] Sent: Monday, November 22, 2010 8:42 AM To: Kasper Adel Cc: nanog@nanog.org Subject: Re: Auditing a network to add Voice I'm not sure if Wireshark will let you do this...at least with TCP, we do use Wireshark to analyze RTP traffic which provides jitter/loss data, maybe a vendor provided LAN analyzer would provide this information I still think you're better of on using some type of tools and do the measurement in their network's live at various times of the day. Every path through the network is going to have different delays/jitter/loss at various times of the the day. You can probably get loss via RMON statistics in switches/routers, but delays/jitter requires that you are monitoring a data conversation at the TCP/IP layer and I'm not aware of network equipment (switches/routers) that watch individual TCP/IP layers to provide jitter/delay...that would require quite a bit of a devices resources. If you run the apps on their network live, they you are basically going to get the information you need about the overall quality of their network they have in place today. Bret On 11/22/2010 11:17 AM, Kasper Adel wrote: Hi Bret, These guys are not looking for measuring traffic generated by a tool, they want to measure what they have running now (not only Voice). I am not sue if measuring what they have or generating traffic and measuring it is the same thing. what do u think? thanks, Kim On Mon, Nov 22, 2010 at 5:54 PM, Bret Clark bcl...@spectraaccess.com mailto:bcl...@spectraaccess.com wrote: Iperf can be used to measure jitter and delay as well as simulate a quasi VoIP call. You can also use mtr under Linux which provides jitter and delay measurements from one point to another point. A g.729 call (lower quality) takes about ~40kbps and a g.711 (high quality) used about ~100Kbps of bandwidth. With most of today's networks, the problem isn't bandwidth related, but more with jitter, delay, and packet loss through the network...personally I'm a big fan of deploying QoS through out an infrastructure...well at least in our WAN infrastructure. Bret On 11/22/2010 09:59 AM, Kasper Adel wrote: Hi, My customer would like to add VoIP over their network and they asked us for an audit. the result of the audit would be simply you guys are ready for it Breaking it down [high level] for me sounds like : (suggestions are more than welcomed) : 1) Looking at hardware computation finite resources (cpu, memory...etc) 2) Looking at available bandwidth 3) QoS policy 4) High Availability and Fast Convergence Any thing else? They asked us to measure the KPIs (jitter, delay...etc) of their existing traffic, is there a way to do that? Thanks, Kim
Re: starwars.com subdomain hijacked?
On 11/22/10 9:05 AM, Ken Chase wrote: That phishers manage to fake sites that look wrong is also beyond me, what's so hard about 'save page as'? Probably because there's no need to try that hard - they'll catch enough people no matter how crappy the phish. ~Seth
Re: starwars.com subdomain hijacked?
On Mon, Nov 22, 2010 at 1:46 PM, Matt Disuko gourmetci...@hotmail.com wrote: It seems the subdomain shop.starwars.com is being redirected. Anybody else seeing this? The Rebel Alliance managed to hit that site, but the Empire struck back and it's back online again. Rubens
Re: IPv6
We have had Cogent and recently added TWC (not TWT) and have had no problems. We still see the majority of our IPv6 traffic go though the NOX (I2), though. On Thu, Nov 18, 2010 at 4:39 PM, Nick Olsen n...@flhsi.com wrote: Curious as to who is running IPv6 with TW Telecom or Cogent. I'm wanting to turn up native IPv6 with them, And wanted to hear thoughts/experiences. I assume it should be a non-event. We've already got a prefix from arin that we are going to announce. Nick Olsen Network Operations (855) FLSPEED x106 -- Ray Soucy Epic Communications Specialist Phone: +1 (207) 561-3526 Networkmaine, a Unit of the University of Maine System http://www.networkmaine.net/
Re: Introducing draft-denog-v6ops-addresspartnaming
Given that a meal is often comprised of several mouthfuls, wouldn't it stand to reason that the entire address would suffice there? ;) Scott On 11/19/10 11:06 AM, Richard Hartmann wrote: On Fri, Nov 19, 2010 at 14:14, Scott Morris s...@emanon.com wrote: If 8 bits is a byte, then 16 bits should be a mouthful. When does it become a meal and, more importantly, do you want to supper (sic) size? RIchard
switch about routing p
Hi I read switch that supports PIM / ESRP / VRRP What are they? Thank you
Re: switch about routing p
On 11/22/10 10:34 AM, Deric Kwok wrote: Hi I read switch that supports PIM / ESRP / VRRP I assume you don't mean extreme standby routing protocol, if you do then you have your answer, you future is purple. What are they? Most decent layer3 switch platforms will support PIM/VRRP. Thank you
non operational question related to IP
i was pinging a host from a windows machine and made a typo which seemed harmless. the end result was it interpreted my input differently than what I had intended. thinking this was a m$ issue I quickly took the opportunity to poke fun at windows as the senior m$ admin was near by. look at how brain dead this os is, it can't even do simple math! He is now looking at my screen scratching his head….. watch, i'll open a shell on os x and show you how it can add 0 +10 I open a shell on os x, same behavior as windows. ok so apple is brain dead too, watch, it'll work on linux! same deal… long story short, it does work as expected on all our hardware routing gear. still not sure what is happening here… osx-gwhynott:~ gwhynott$ ping 10.010.10.1 PING 10.010.10.1 (10.8.10.1): 56 data bytes gwhyn...@ops:~$ ping 10.010.10.1 PING 10.010.10.1 (10.8.10.1) 56(84) bytes of data. CORE1ping 10.010.10.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.10.10.1, timeout is 2 seconds: ! anyone happen to know how the OS's are interpreting the 010? doesn't appear work out in base[2-10] (1010,101,22,20,14,13,12,11,10,A) thanks! greg -- This message and any attachments may contain confidential and/or privileged information for the sole use of the intended recipient. Any review or distribution by anyone other than the person for whom it was originally intended is strictly prohibited. If you have received this message in error, please contact the sender and delete all copies. Opinions, conclusions or other information contained in this message may not be that of the organization.
Re: non operational question related to IP
Prefixing the octet with 0 makes it interpret it as octal, not decimal. Pretty typical on a UNIX system. On 11/22/2010 2:52 PM, Greg Whynott wrote: i was pinging a host from a windows machine and made a typo which seemed harmless. the end result was it interpreted my input differently than what I had intended. thinking this was a m$ issue I quickly took the opportunity to poke fun at windows as the senior m$ admin was near by. look at how brain dead this os is, it can't even do simple math! He is now looking at my screen scratching his head….. watch, i'll open a shell on os x and show you how it can add 0 +10 I open a shell on os x, same behavior as windows. ok so apple is brain dead too, watch, it'll work on linux! same deal… long story short, it does work as expected on all our hardware routing gear. still not sure what is happening here… osx-gwhynott:~ gwhynott$ ping 10.010.10.1 PING 10.010.10.1 (10.8.10.1): 56 data bytes gwhyn...@ops:~$ ping 10.010.10.1 PING 10.010.10.1 (10.8.10.1) 56(84) bytes of data. CORE1ping 10.010.10.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.10.10.1, timeout is 2 seconds: ! anyone happen to know how the OS's are interpreting the 010? doesn't appear work out in base[2-10] (1010,101,22,20,14,13,12,11,10,A) thanks! greg -- This message and any attachments may contain confidential and/or privileged information for the sole use of the intended recipient. Any review or distribution by anyone other than the person for whom it was originally intended is strictly prohibited. If you have received this message in error, please contact the sender and delete all copies. Opinions, conclusions or other information contained in this message may not be that of the organization.
RE: non operational question related to IP
'Octal' (Base-8) :) The leading '0' is telling the box to interpret it as octal instead of decimal or hex. Ken Matlock Network Analyst Exempla Healthcare (303) 467-4671 matlo...@exempla.org -Original Message- From: Greg Whynott [mailto:greg.whyn...@oicr.on.ca] Sent: Monday, November 22, 2010 12:53 PM To: nanog list Subject: non operational question related to IP i was pinging a host from a windows machine and made a typo which seemed harmless. the end result was it interpreted my input differently than what I had intended. thinking this was a m$ issue I quickly took the opportunity to poke fun at windows as the senior m$ admin was near by. look at how brain dead this os is, it can't even do simple math! He is now looking at my screen scratching his head. watch, i'll open a shell on os x and show you how it can add 0 +10 I open a shell on os x, same behavior as windows. ok so apple is brain dead too, watch, it'll work on linux! same deal... long story short, it does work as expected on all our hardware routing gear.still not sure what is happening here... osx-gwhynott:~ gwhynott$ ping 10.010.10.1 PING 10.010.10.1 (10.8.10.1): 56 data bytes gwhyn...@ops:~$ ping 10.010.10.1 PING 10.010.10.1 (10.8.10.1) 56(84) bytes of data. CORE1ping 10.010.10.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.10.10.1, timeout is 2 seconds: ! anyone happen to know how the OS's are interpreting the 010? doesn't appear work out in base[2-10] (1010,101,22,20,14,13,12,11,10,A) thanks! greg -- This message and any attachments may contain confidential and/or privileged information for the sole use of the intended recipient. Any review or distribution by anyone other than the person for whom it was originally intended is strictly prohibited. If you have received this message in error, please contact the sender and delete all copies. Opinions, conclusions or other information contained in this message may not be that of the organization.
Re: non operational question related to IP
On Nov 22, 2010, at 11:52 AM, Greg Whynott wrote: anyone happen to know how the OS's are interpreting the 010? doesn't appear work out in base[2-10] (1010,101,22,20,14,13,12,11,10,A) Looks base 8 to me. -j
Re: non operational question related to IP
On Nov 22, 2010, at 2:52 52PM, Greg Whynott wrote: i was pinging a host from a windows machine and made a typo which seemed harmless. the end result was it interpreted my input differently than what I had intended. thinking this was a m$ issue I quickly took the opportunity to poke fun at windows as the senior m$ admin was near by. look at how brain dead this os is, it can't even do simple math! He is now looking at my screen scratching his head….. watch, i'll open a shell on os x and show you how it can add 0 +10 I open a shell on os x, same behavior as windows. ok so apple is brain dead too, watch, it'll work on linux! same deal… long story short, it does work as expected on all our hardware routing gear. still not sure what is happening here… osx-gwhynott:~ gwhynott$ ping 10.010.10.1 PING 10.010.10.1 (10.8.10.1): 56 data bytes gwhyn...@ops:~$ ping 10.010.10.1 PING 10.010.10.1 (10.8.10.1) 56(84) bytes of data. CORE1ping 10.010.10.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.10.10.1, timeout is 2 seconds: ! anyone happen to know how the OS's are interpreting the 010? doesn't appear work out in base[2-10] (1010,101,22,20,14,13,12,11,10,A) 010 is how C represents an octal number. This one is known in decimal as 8. $ bc bc 1.06 Copyright 1991-1994, 1997, 1998, 2000 Free Software Foundation, Inc. This is free software with ABSOLUTELY NO WARRANTY. For details type `warranty'. ibase=8 10 8 --Steve Bellovin, http://www.cs.columbia.edu/~smb
Re: non operational question related to IP
thanks guys. I should of paid more attention in school. interesting cisco understands what we meant. 8) -g On Nov 22, 2010, at 2:56 PM, Matlock, Kenneth L wrote: 'Octal' (Base-8) :) The leading '0' is telling the box to interpret it as octal instead of decimal or hex. Ken Matlock Network Analyst Exempla Healthcare (303) 467-4671 matlo...@exempla.org -Original Message- From: Greg Whynott [mailto:greg.whyn...@oicr.on.ca] Sent: Monday, November 22, 2010 12:53 PM To: nanog list Subject: non operational question related to IP i was pinging a host from a windows machine and made a typo which seemed harmless. the end result was it interpreted my input differently than what I had intended. thinking this was a m$ issue I quickly took the opportunity to poke fun at windows as the senior m$ admin was near by. look at how brain dead this os is, it can't even do simple math! He is now looking at my screen scratching his head. watch, i'll open a shell on os x and show you how it can add 0 +10 I open a shell on os x, same behavior as windows. ok so apple is brain dead too, watch, it'll work on linux! same deal... long story short, it does work as expected on all our hardware routing gear.still not sure what is happening here... osx-gwhynott:~ gwhynott$ ping 10.010.10.1 PING 10.010.10.1 (10.8.10.1): 56 data bytes gwhyn...@ops:~$ ping 10.010.10.1 PING 10.010.10.1 (10.8.10.1) 56(84) bytes of data. CORE1ping 10.010.10.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.10.10.1, timeout is 2 seconds: ! anyone happen to know how the OS's are interpreting the 010? doesn't appear work out in base[2-10] (1010,101,22,20,14,13,12,11,10,A) thanks! greg -- This message and any attachments may contain confidential and/or privileged information for the sole use of the intended recipient. Any review or distribution by anyone other than the person for whom it was originally intended is strictly prohibited. If you have received this message in error, please contact the sender and delete all copies. Opinions, conclusions or other information contained in this message may not be that of the organization. -- This message and any attachments may contain confidential and/or privileged information for the sole use of the intended recipient. Any review or distribution by anyone other than the person for whom it was originally intended is strictly prohibited. If you have received this message in error, please contact the sender and delete all copies. Opinions, conclusions or other information contained in this message may not be that of the organization.
id.apple.com
Would a mail-op from id.apple.com please contact me off-list?
Re: IPv6
On Nov 21, 2010, at 4:31 PM, Cameron Byrne wrote: On Thu, Nov 18, 2010 at 3:17 PM, Cameron Byrne cb.li...@gmail.com wrote: On Thu, Nov 18, 2010 at 2:44 PM, Mike Tancsa m...@sentex.net wrote: On 11/18/2010 5:14 PM, Lee Riemer wrote: Try tracerouting to 2001:500:4:13::81 (www.arin.net) or 2001:470:0:76::2 (www.he.net) via Cogent. Interesting. I noticed a similar issue with ipv6.cnn.com today. I dont see it via TATA, but see it via Cogent. So whats the story behind it and ARIN not being seen through cogent ? Is it due to no v6 relation bewtween he.net and Cogent ? 2620:0:2200:8::::8901 (whats with the crazy 8s?) Wow. CNN now has IPv6. That's awesome. I guess i missed the memo. So, major players with IPv6 are? ipv6.cnn.com (just book marked it) ipv6.comcast.net ipv6.google.com (or you can have it all with a white-list) www.ipv6.cisco.com www.v6.facebook.com m.v6.facebook.com ipv6.t-mobile.com (admittedly, not major a major content source, but it's mine) Yahoo just dropped in on the IPv6 content party http://ipv6.weather.yahoo.com/ I just bookmarked it. Well done Yahoos. Cameron === http://groups.google.com/group/tmoipv6beta === Don't forget ipv6.netflix.com... John And, then debunking the dual-stack is too risky notion is www.ucla.edu (which is a big business by most measures) and serves and A records without a white-list or special FQDN. I have predicted that by the end of 2011 nearly ~50% of my network traffic (mobile provider) can be served by IPv6 natively end to end. I think a lot of folks that measure Facebook and Google (including YouTube) traffic today can see how that is feasible given current volumes and rates of growth. Hence, the viability of IPv6-only endpoints (especially mobile) with NAT64/DNS64 as truly connecting the IPv4 long-tail remaining 50% that will continue to shrink as more major sites follow the CNN's path. Cameron === http://groups.google.com/group/tmoipv6beta ===
Re: non operational question related to IP
On 11/22/2010 02:58 PM, Steven Bellovin wrote: 010 is how C represents an octal number. This one is known in decimal as 8. Obviously, what Greg meant to type was: $ ping 012.0xA.10.1 PING 012.0xA.10.1 (10.10.10.1) 56(84) bytes of data. M. -- Michael Brown | The true sysadmin does not adjust his behavior Systems Administrator | to fit the machine. He adjusts the machine mich...@supermathie.net | until it behaves properly. With a hammer, | if necessary. - Brian
Re: XO/AS2828 - Cogent/AS174 blackholing
Problem solved. The culprit turned out to be a Cogent router in Dallas. Many thanks to Jason Beasley from XO for helping out with troubleshooting and escalating the issue. * Tore Anderson I'm seeing blackholing on my inbound traffic from XO and their downstreams (notably CNN) via Cogent. Prepending towards Cogent changes my inbound path from 2828 174 39029 to 2828 3549 3292 39029 and it works fine, even though the outbound path is still via Cogent: -- Tore Anderson Redpill Linpro AS - http://www.redpill-linpro.com/ Tel: +47 21 54 41 27
RE: Network management software with high detailed traffic report
Well, on the RSP720, the show interface byte counters are definitely not every second, though I can't say it's been as long as 9 seconds. I typically look at them while making changes and they definitely stand still for a few seconds. Frank -Original Message- From: Brandon Ross [mailto:br...@pobox.com] Sent: Monday, November 22, 2010 8:03 AM To: Nick Hilliard Cc: nanog@nanog.org Subject: Re: Network management software with high detailed traffic report On Mon, 22 Nov 2010, Nick Hilliard wrote: some do, some don't. For example, sup720 snmp counters are updated every 9 seconds, while the show interface counters are updated every 30 seconds. That is most certainly NOT true. The 'show interface' counters update at least once a second. Perhaps you are thinking about the rate counters that are often _configured_ to use the last 30 seconds of data to compute the average but also update much more often than every 30 seconds (and default to a 5 minute average). -- Brandon Ross AIM: BrandonNRoss ICQ: 2269442 Skype: brandonross Yahoo: BrandonNRoss
Re: non operational question related to IP
On Mon, Nov 22, 2010 at 3:09 PM, Michael Brown mich...@supermathie.net wrote: On 11/22/2010 02:58 PM, Steven Bellovin wrote: 010 is how C represents an octal number. This one is known in decimal as 8. Obviously, what Greg meant to type was: $ ping 012.0xA.10.1 PING 012.0xA.10.1 (10.10.10.1) 56(84) bytes of data. He was on Windows, so he might have intended: C:\ping 168430081 Pinging 10.10.10.1 with 32 bytes of data: -Bill -- William D. Herrin her...@dirtside.com b...@herrin.us 3005 Crane Dr. .. Web: http://bill.herrin.us/ Falls Church, VA 22042-3004
Re: Introducing draft-denog-v6ops-addresspartnaming
On Mon, Nov 22, 2010 at 16:23, Owen DeLong o...@delong.com wrote: then, the other ISPs will eventually find themselves at a competitive disadvantage as their customers start to ask Why can't I have a /48 like my friend Bob got from provider Z? I kinda implied that, but yes, I should have written it out. Thanks :) So... Don't worry, I ended up picking up the educational task where you left off. Even though this is getting kinda off topic: In my private life, I either explain what a bit vector is or I tell them to use a /24. In my professional life, I either deal with people who can grasp the bit vector thing or they bought the complete care package anyway, meaning that we tell them where to click on the CMS to make the colourful overload they call a website go bling. In the latter case, I don't have to explain anything because a) that part is handled by someone else b) they have no interest whatsoever in learning what an IP address is, let alone a netmask. (OK, maybe not the exact same set of users, but, honest, you're not the only one who took this approach and it did lead to interesting breakages by users so educated in a number of places I have worked.) The question is: Would those users have acted any differently if someone went to the trouble of explaining in depth what they would have forgotten within days? Well, in IPv6, I think ending them on nibbles is fine. Hmm, true. That's fine, too. Richard
Re: non operational question related to IP
On Mon, Nov 22, 2010 at 12:56:00PM -0700, Matlock, Kenneth L wrote: 'Octal' (Base-8) :) The leading '0' is telling the box to interpret it as octal instead of decimal or hex. My guess you're seeing an interface that uses inet_addr() instead of inet_pton(); the latter is used more nowadays at it supports both IPv4 and IPv6 addressing schemes. Whereas I've seen this behavior with a lot of vendors, I'm tempted to call it a bug: The Open Group Base Specifications Issue 6 IEEE Std 1003.1, 2004 Edition http://www.opengroup.org/onlinepubs/009695399/functions/inet_ntop.html inet_pton(): If the af argument of inet_pton() is AF_INET, the src string shall be in the standard IPv4 dotted-decimal form: ddd.ddd.ddd.ddd where ddd is a one to three digit decimal number between 0 and 255 (see inet_addr()). No mention of dotted quad being anything other than 'decimal', much less getting cute about guessing the radix. The *BSD manpages for inet_pton() call out a similar constraint: http://www.freebsd.org/cgi/man.cgi?query=inet_atonapropos=0sektion=0manpath=FreeBSD+8.1-RELEASEformat=html STANDARDS The inet_ntop() and inet_pton() functions conform to X/Open Networking Services Issue 5.2 (``XNS5.2''). Note that inet_pton() does not accept 1-, 2-, or 3-part dotted addresses; all four parts must be specified and are interpreted only as decimal values. This is a narrower input set than that accepted by inet_aton(). As does Linux(): http://www.kernel.org/doc/man-pages/online/pages/man3/inet_pton.3.html AF_INET src points to a character string containing an IPv4 network address in dotted-decimal format, ddd.ddd.ddd.ddd, ... RFC 2553 also calls out the non-decimal interpretation as being 'non-standard': http://www.ietf.org/rfc/rfc2553.txt If the af argument is AF_INET, the function accepts a string in the standard IPv4 dotted-decimal form: ddd.ddd.ddd.ddd where ddd is a one to three digit decimal number between 0 and 255. Note that many implementations of the existing inet_addr() and inet_aton() functions accept nonstandard input: octal numbers, hexadecimal numbers, and fewer than four numbers. inet_pton() does not accept these formats. Etc. I've never been happy with inconsistencies in serializing data structures... Ken Matlock Network Analyst Exempla Healthcare (303) 467-4671 matlo...@exempla.org -- Brian Reichert reich...@numachi.com 55 Crystal Ave. #286 Derry NH 03038-1725 USA BSD admin/developer at large
Re: Introducing draft-denog-v6ops-addresspartnaming
On Mon, Nov 22, 2010 at 18:33, Daniel Hagerty h...@linnaean.org wrote: Ambiguating usages like Take the least signifigant quad of that ipv6 address to mean either 16 bits or 64 bits, when it currently is unamibigously 64 bits won't make the lives of C/C++ programmers writing IPv6 code any easier. Agreed. Thanks a lot for pointing this out. Comments like this are incredibly valuable to me. I think I will still add quad to -03 as it has been requested a lot of times, but more to point out and document that there is a significant problem with it than anything else. Thanks again, Richard
Re: Introducing draft-denog-v6ops-addresspartnaming
On Friday, November 19, 2010 08:14:52 am Scott Morris wrote: If 8 bits is a byte, then 16 bits should be a mouthful. I thought the Jargon File settled that long ago: 4 bits = nybble, 8 bits = byte, 16 bits = playte, 32-bits = dynner. See http://dictionary.die.net/nybble Since the zeros between double colons are indefinite length, call it the voyd and be done.
Re: Network management software with high detailed traffic report
Does service counters max age help in any way?* *According to Cisco, setting it too low might upset the snmp counters.* * -- Tassos Jon Lewis wrote on 23/11/2010 00:19: On Mon, 22 Nov 2010, Brandon Ross wrote: On Mon, 22 Nov 2010, Nick Hilliard wrote: some do, some don't. For example, sup720 snmp counters are updated every 9 seconds, while the show interface counters are updated every 30 seconds. That is most certainly NOT true. The 'show interface' counters update at least once a second. Perhaps you are thinking about the rate counters that are often _configured_ to use the last 30 seconds of data to compute the average but also update much more often than every 30 seconds (and default to a 5 minute average). I didn't think it was true either...but after reading Nick's message I checked a X6408A interface on one of our sup720's running relatively recent code (SXI1), and there definitely is some time between updates both the packet counters and the time averaged rates. Just repeating the command and looking at my watch, I'd say Nick is right. It's easy to test yourself. Pick an int, and repeat sh int int name | inc packets. The numbers really don't change but every 9 seconds or so. Same goes for the avg numbers...mine are set to 30 sec load interval, and they only change every ~9 seconds. This does vary by platform. 3550 swiches and 7200 routers both seem to update the counters about 1/s. Maybe the delayed updates are just a 6500 thing. -- Jon Lewis, MCP :) | I route Senior Network Engineer | therefore you are Atlantic Net| _ http://www.lewis.org/~jlewis/pgp for PGP public key_
Re: Introducing draft-denog-v6ops-addresspartnaming
On Mon, Nov 22, 2010 at 14:05, Richard Hartmann richih.mailingl...@gmail.com wrote: I will add quad to -03 anyway. If you get a few +1 on hexquad, I am against adding that, as well. Erm. Belated, but I am _not_ against adding etc pp. Richard
Re: non operational question related to IP
See man inet. All numbers supplied as ``parts'' in a `.' notation may be decimal, octal, or hexadecimal, as specified in the C language (i.e., a leading 0x or 0X implies hexadecimal; otherwise, a leading 0 implies octal; other- wise, the number is interpreted as decimal). Note: inet_pton is supposed to only take dotted decimal quad (no leading zeros). This was a design decision Paul and I made at the time. Some OS vendors have incorrectly extended it. Mark In message 0a3857a2-b215-4592-a288-a534d460c...@oicr.on.ca, Greg Whynott writ es: i was pinging a host from a windows machine and made a typo which seemed ha= rmless. the end result was it interpreted my input differently than what I= had intended. thinking this was a m$ issue I quickly took the opportunit= y to poke fun at windows as the senior m$ admin was near by. look at how brain dead this os is, it can't even do simple math! He is now looking at my screen scratching his head=85.. watch, i'll open a shell on os x and show you how it can add 0 +10 I open a shell on os x, same behavior as windows. ok so apple is brain dead too, watch, it'll work on linux! same deal=85 long story short, it does work as expected on all our hardware routing gea= r.still not sure what is happening here=85 osx-gwhynott:~ gwhynott$ ping 10.010.10.1 PING 10.010.10.1 (10.8.10.1): 56 data bytes gwhyn...@ops:~$ ping 10.010.10.1 PING 10.010.10.1 (10.8.10.1) 56(84) bytes of data. CORE1ping 10.010.10.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.10.10.1, timeout is 2 seconds: ! anyone happen to know how the OS's are interpreting the 010? doesn't appe= ar work out in base[2-10] (1010,101,22,20,14,13,12,11,10,A) thanks! greg -- This message and any attachments may contain confidential and/or privileged= information for the sole use of the intended recipient. Any review or dist= ribution by anyone other than the person for whom it was originally intende= d is strictly prohibited. If you have received this message in error, pleas= e contact the sender and delete all copies. Opinions, conclusions or other = information contained in this message may not be that of the organization. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
Re: Network management software with high detailed traffic report
On 22/11/2010 22:56, Tassos Chatzithomaoglou wrote: Does service counters max age help in any way?* *According to Cisco, setting it too low might upset the snmp counters.* https://www.cisco.com/en/US/docs/ios/fundamentals/command/reference/cf_r1.html#wp1067159 The Usage Guidelines are instructive. :-) Although the update interval defaults to 5 seconds, it still appears to update every 9 seconds on my boxes. Nick
Re: Introducing draft-denog-v6ops-addresspartnaming
From nanog-bounces+bonomi=mail.r-bonomi@nanog.org Fri Nov 19 11:05:33 2010 Subject: Re: Introducing draft-denog-v6ops-addresspartnaming From: Owen DeLong o...@delong.com Date: Fri, 19 Nov 2010 08:58:45 -0800 To: Richard Hartmann richih.mailingl...@gmail.com Cc: bmann...@vacation.karoshi.com, nanog@nanog.org On Nov 19, 2010, at 12:57 AM, Richard Hartmann wrote: On Fri, Nov 19, 2010 at 07:00, bmann...@vacation.karoshi.com wrote: problem is, its not alwas ggoig to be two bytes... It's always two bytes, but people may choose to omit them. That is a social, not a (purely) technical, syntax, though. It is always two bytes. A byte is not always an octet. Some machines do have byte sizes other than 8 bits, although few of them are likely to have IPv6 stacks, so, this may be an academic distinction at this point. I suppose one could call the explicitly-present fields 'bi-bytes', and the compressed-out sequence the 'bye-bytes'.
Re: Blocking International DNS
On Nov 22, 2010, at 10:48 PM, Joe Abley wrote: I guess if the manner of the interception was to send back SERVFAIL to DNS clients whose queries were (in some sense) objectionable, the result would be that the clients were not able to resolve the (in some sense) bad names. Quantifying the negative performance impact of SERVFAIL on various stub resolvers might provide some useful data points in any 'official' discussions which arise on this topic. --- Roland Dobbins rdobb...@arbor.net // http://www.arbornetworks.com Sell your computer and buy a guitar.
Re: Introducing draft-denog-v6ops-addresspartnaming
From nanog-bounces+bonomi=mail.r-bonomi@nanog.org Fri Nov 19 14:18:02 2010 Date: Fri, 19 Nov 2010 12:19:34 -0800 From: Joel Jaeggli joe...@bogus.com To: Owen DeLong o...@delong.com Subject: Re: Introducing draft-denog-v6ops-addresspartnaming Cc: bmann...@vacation.karoshi.com, nanog@nanog.org On 11/19/10 10:56 AM, Owen DeLong wrote: It is always two bytes. A byte is not always an octet. Some machines do It is always two OCTETS. A byte is not always an octet... Assuming you have a v6 stack on your cdc6600 a v6 address fits in 22 bytes not 16. pedant 3 words of CPU memory (with 50+ bits available to possibly pack 'something else useful' in.) One could get away with 11 words of PPU memory, but that would require pack/unpack on every move between CPU-PPU address-spaces. /pedant just implementing a KR 'C' compiler was a real challenge on that hardware. :) One can define that byte size for the purposes of the human reading of addresses ipv6 as 8 bits, without getting into machine specific details. what's important to the machine isn't the division of the address into parts (they aren't divided in the machine representation it's just one long row of bits) but rather where the mask falls. Yup. When talking IP, the 'network byte size' is fixed at 8 bits. This is 'cast in stone', as is 'network byte order', and 'bit order'. If the 'scope' of the term is restricted to Internet protocol/connectivity contexts, one can use 'byte' unambiguously as a referant to an 8-bit qty.
Re: Blocking International DNS
The more I think about this COICA deal the more I can't even fathom how it could be implemented. If an upstream server won't resolve, what's to stop a network admin from using an offshored DNS server, or even the root servers? Unless we're talking about keeping DNS traffic confined to the ISP's network. Then what's to stop a global HOSTS.TXT from circulating via torrent? It's shortsighted and problematic, which is usually what happens when technical discussions are dictated by politics. -wil On Nov 22, 2010, at 4:21 PM, Dobbins, Roland wrote: On Nov 22, 2010, at 10:48 PM, Joe Abley wrote: I guess if the manner of the interception was to send back SERVFAIL to DNS clients whose queries were (in some sense) objectionable, the result would be that the clients were not able to resolve the (in some sense) bad names. Quantifying the negative performance impact of SERVFAIL on various stub resolvers might provide some useful data points in any 'official' discussions which arise on this topic. --- Roland Dobbins rdobb...@arbor.net // http://www.arbornetworks.com Sell your computer and buy a guitar.
Re: Introducing draft-denog-v6ops-addresspartnaming
On Fri, Nov 19, 2010 at 08:14, Scott Morris s...@emanon.com wrote: If 8 bits is a byte, then 16 bits should be a mouthful. ;) Scott If we can't choose mouthful (which for some reason sounds thematically correct), chunk gets my vote. *(Chunk = Maybe not the most technical, but has been working for me all along ...)* /TJ
Re: Blocking International DNS
On 11/22/2010 07:47 PM, Wil Schultz wrote: The more I think about this COICA deal the more I can't even fathom how it could be implemented. If an upstream server won't resolve, what's to stop a network admin from using an offshored DNS server, or even the root servers? The way I read it its specifically aimed at whoever is running the resolver, ISP or otherwise. Querying recursively starting at the root would be a violation then. (hence my comment earlier about taking my recursor from my cold dead hands.) So, short of actually searching out and confiscating or destroying uncensored resolvers (like the ones, 5th amendment notwithstanding, that will continue to run each of my notebooks, even if just for spite if the law passes.), or raiding ICANN guns drawn and ordering removal of non compliant ccTLDs from the root, IMHO enforcement would be pretty much impossible. Unless we're talking about keeping DNS traffic confined to the ISP's network. tunneled connections. unless all IP traffic is kept to a specific ISP, in which case the I would become a misnomer, and would be easier said done. Then what's to stop a global HOSTS.TXT from circulating via torrent? Hey as long is its not a DNS server. :P It's shortsighted and problematic, which is usually what happens when technical discussions are dictated by politics. Yup. -- Joe Sniderman joseph.snider...@thoroquel.org
Re: IPv6 6to4 and dns
- Original Message - From: Kevin Oberman ober...@es.net To: Franck Martin fra...@genius.com Cc: Jeroen van Aart jer...@mompl.net, NANOG list nanog@nanog.org Sent: Tuesday, 23 November, 2010 12:31:47 PM Subject: Re: IPv6 6to4 and dns Date: Sat, 20 Nov 2010 09:36:28 +1300 (FJST) From: Franck Martin fra...@genius.com I use HE.NET in a few installations (with BGP) and they have good support (which is quite awesome for a free service). As people pointed out avoid 6to4, Apple just rendered it nearly useless in its latest OS-X. - Original Message - From: Jeroen van Aart jer...@mompl.net To: NANOG list nanog@nanog.org Sent: Saturday, 20 November, 2010 9:07:53 AM Subject: Re: IPv6 6to4 and dns Mark Andrews wrote: Firstly I would use a tunnel broker instead of 6to4. Easier to debug failures. Thanks all for the helpful response. Using the same names for IPv6 and IPv4 doesn't appear to be much of a problem, especially considering this is a trial which concerns office/home ISP connectivity, for now. Which IPv6 tunnel broker is preferable, or does it really matter? I'm afraid that announcements of 2002::/16 by places with non-functional or poorly connected 6to4 had already rendered it close enough to useless that I quit caring. And the main issues, it is a hell to debug to find out which one needs to be fixed or taken out.
