Re: Apple updates - Affect on network
On Wed, Oct 12, 2011 at 11:05:45AM -1000, Paul wrote: There are a fair number of reports of Apple's update servers being down/intermittent. I imagine that's probably fairly inevitable on launch day. If people haven't already updated and are thinking about doing it, it's probably worth holding off a day or two just in case. That's always worth doing anyway. Let the early adopters test it first for you! -- David Cantrell | Cake Smuggler Extraordinaire You can't spell AWESOME without ME!
RE: [outages] News item: Blackberry services down worldwide
You are correct. The BES uses PSKs to talk to RIM's servers, which then uses them to talk to the devices over the carrier networks. All of this was in complete failure mode until sometime overnight when it appears to have all started flowing again. Someday either Google or Apple will get off their rear ends and roll out an end to end encrypted service that plugs into corporate email/calendar/workgroup services and we can all gladly toss these horrid little devices in the recycle bins where they belong. Jamie -Original Message- From: Joe Abley [mailto:jab...@hopcount.ca] Sent: Wednesday, October 12, 2011 6:06 PM To: Phil Regnauld Cc: nanog@nanog.org Subject: Re: [outages] News item: Blackberry services down worldwide On 2011-10-12, at 18:02, Phil Regnauld wrote: Joe Abley (jabley) writes: On 2011-10-12, at 13:05, Leigh Porter wrote: Email on my iPhone is working fine.. ;-) The blackberry message service is centralised with a lot of processing intelligence in the core. Messaging services that use the core as a simple transport and shift the processing intelligence to the edge have different, less-dramatic failure modes. This is not the case for corporate customers with dedicated servers, AFAIU. I'm no expert, but my understanding is that at some/most/all traffic between handhelds and a BES, carried from the handheld device through a cellular network, still flows through RIM. Joe
Re: RIP dmr
He will be sadly missed. On Thu, Oct 13, 2011 at 3:13 AM, Fred Heutte aoxomo...@sunlightdata.com wrote: The UNIX Time-Sharing System http://www.alcatel-lucent.com/bstj/vol57-1978/articles/bstj57-6-1905.pdf UNIX Time-Sharing System: A Retrospective http://www.alcatel-lucent.com/bstj/vol57-1978/articles/bstj57-6-1947.pdf UNIX Time-Sharing System: The C Programming Language http://www.alcatel-lucent.com/bstj/vol57-1978/articles/bstj57-6-1991.pdf -- -- = Carlos M. Martinez-Cagnazzo http://www.labs.lacnic.net =
Re: Apple updates - Effect on network
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 10/12/2011 5:41 PM, Chad Burnham wrote: HI, Our GigaPOP (Front Range GigaPOP) and our own Akamai cache server's traffic jumped significantly today. The theory (no data) is the Apple updates released today. Chad Burnham University of Denver -Original Message- From: Zachary McGibbon [mailto:zachary.mcgibbon+na...@gmail.com] Sent: Wednesday, October 12, 2011 2:10 PM To: nanog@nanog.org Subject: Apple updates - Affect on network With all of Apple's updates today (MacOS, iOS, Apps, etc) we saw a big increase on one of our links to our ISP at 1pm Eastern. Did anyone else notice significant traffic jumps on their networks? [image: image.png] Yesterday, around 1PM ET, we saw a nearly 40% increase in inbound traffic, almost all from Akamai. It continued until around 2AM this morning, though, at one point, the traffic switched providers. Interestingly enough, we are peered directly with Akamai at Equnix- Ashburn, and at no point did this traffic use that link. Last time we saw such discrete large inbound flows was the World Cup. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJOltybAAoJEBxhAh+LWUKil5UH/i1KvIWy7OrrKNhVjWFQ/VuH OUJg5hJFTns8wT8VkBLT0ANwODA4f8UI8AUJU6nhSeOPvHHor10gw9tytT6H5vh4 znDbxqVhOkCeSms+lKWiylKpVaLrenZ/L649as1ThkxZTogUhZfoRzbmQPJXXTw5 kTuwSrkPjOTmjJNffZ7bo7AvM/dyo56XI1TMsnCp3idRxpIGgvZZm0rlQ2GflVtj UhN205L+bLC0T4l1qZOYTs/62uZZLZn4Mb5aAp6kufzcfYIVi0RUqOwGjTYztfAe FytOdzQThZObQoHR253hov/Ogkf11+/vbP7gsGVd9kpjATVk4FbOM75vrcMGn9Q= =738W -END PGP SIGNATURE-
RE: [outages] News item: Blackberry services down worldwide
It's called Microsoft Exchange ActiveSync :) It works with Android, Apple and Microsoft devices. I believe both Lotus and Groupwise have licensed and support it as well. We have a few (but now, very few) blackberry users remaining. They won't let it go until we rip it out of their hands. -Original Message- From: Jamie Bowden [mailto:ja...@photon.com] Sent: Thursday, October 13, 2011 7:36 AM To: Joe Abley Cc: nanog@nanog.org Subject: RE: [outages] News item: Blackberry services down worldwide You are correct. The BES uses PSKs to talk to RIM's servers, which then uses them to talk to the devices over the carrier networks. All of this was in complete failure mode until sometime overnight when it appears to have all started flowing again. Someday either Google or Apple will get off their rear ends and roll out an end to end encrypted service that plugs into corporate email/calendar/workgroup services and we can all gladly toss these horrid little devices in the recycle bins where they belong. Jamie -Original Message- From: Joe Abley [mailto:jab...@hopcount.ca] Sent: Wednesday, October 12, 2011 6:06 PM To: Phil Regnauld Cc: nanog@nanog.org Subject: Re: [outages] News item: Blackberry services down worldwide On 2011-10-12, at 18:02, Phil Regnauld wrote: Joe Abley (jabley) writes: On 2011-10-12, at 13:05, Leigh Porter wrote: Email on my iPhone is working fine.. ;-) The blackberry message service is centralised with a lot of processing intelligence in the core. Messaging services that use the core as a simple transport and shift the processing intelligence to the edge have different, less-dramatic failure modes. This is not the case for corporate customers with dedicated servers, AFAIU. I'm no expert, but my understanding is that at some/most/all traffic between handhelds and a BES, carried from the handheld device through a cellular network, still flows through RIM. Joe
RE: [outages] News item: Blackberry services down worldwide
Any idea of when Apple's ActiveSync Implementation will close the gap with what BES does? Like maybe having Important message notifications? Categories? Filters? I use an iPhone, but mail handling on it is lacking. -Original Message- From: Matthew Huff [mailto:mh...@ox.com] Sent: Thursday, October 13, 2011 8:44 AM To: 'Jamie Bowden'; 'Joe Abley' Cc: 'nanog@nanog.org' Subject: RE: [outages] News item: Blackberry services down worldwide It's called Microsoft Exchange ActiveSync :) It works with Android, Apple and Microsoft devices. I believe both Lotus and Groupwise have licensed and support it as well. We have a few (but now, very few) blackberry users remaining. They won't let it go until we rip it out of their hands. -Original Message- From: Jamie Bowden [mailto:ja...@photon.com] Sent: Thursday, October 13, 2011 7:36 AM To: Joe Abley Cc: nanog@nanog.org Subject: RE: [outages] News item: Blackberry services down worldwide You are correct. The BES uses PSKs to talk to RIM's servers, which then uses them to talk to the devices over the carrier networks. All of this was in complete failure mode until sometime overnight when it appears to have all started flowing again. Someday either Google or Apple will get off their rear ends and roll out an end to end encrypted service that plugs into corporate email/calendar/workgroup services and we can all gladly toss these horrid little devices in the recycle bins where they belong. Jamie -Original Message- From: Joe Abley [mailto:jab...@hopcount.ca] Sent: Wednesday, October 12, 2011 6:06 PM To: Phil Regnauld Cc: nanog@nanog.org Subject: Re: [outages] News item: Blackberry services down worldwide On 2011-10-12, at 18:02, Phil Regnauld wrote: Joe Abley (jabley) writes: On 2011-10-12, at 13:05, Leigh Porter wrote: Email on my iPhone is working fine.. ;-) The blackberry message service is centralised with a lot of processing intelligence in the core. Messaging services that use the core as a simple transport and shift the processing intelligence to the edge have different, less-dramatic failure modes. This is not the case for corporate customers with dedicated servers, AFAIU. I'm no expert, but my understanding is that at some/most/all traffic between handhelds and a BES, carried from the handheld device through a cellular network, still flows through RIM. Joe
RE: [outages] News item: Blackberry services down worldwide
Agreed. Had a customer during the timeframe of this week ditch 90 blackberries for iPhone/android devices. He actually sent me a video after BES finished uninstalling and he shut the server down so help me I'm never getting another one of these damn coasters. One user said when they got the phone where is the silly wheelie clicky thing. IT manager said oh no you just touch the screen. I'm told it was like watching an 8 year old with a box of fireworks and matches For those who complain about security on windows mobile, iPhone or android... you can do l2tp vpn and then ActiveSync on top of that over https. Mobile device policies in Exchange for user experience control. Overall much easier than Blackberry, not dependent on someone else's equipment for things like mail delivery and internet browsing, and one less server to care about. -Original Message- From: Matthew Huff [mailto:mh...@ox.com] Sent: Thursday, October 13, 2011 6:44 AM To: 'Jamie Bowden'; 'Joe Abley' Cc: 'nanog@nanog.org' Subject: RE: [outages] News item: Blackberry services down worldwide It's called Microsoft Exchange ActiveSync :) It works with Android, Apple and Microsoft devices. I believe both Lotus and Groupwise have licensed and support it as well. We have a few (but now, very few) blackberry users remaining. They won't let it go until we rip it out of their hands. -Original Message- From: Jamie Bowden [mailto:ja...@photon.com] Sent: Thursday, October 13, 2011 7:36 AM To: Joe Abley Cc: nanog@nanog.org Subject: RE: [outages] News item: Blackberry services down worldwide You are correct. The BES uses PSKs to talk to RIM's servers, which then uses them to talk to the devices over the carrier networks. All of this was in complete failure mode until sometime overnight when it appears to have all started flowing again. Someday either Google or Apple will get off their rear ends and roll out an end to end encrypted service that plugs into corporate email/calendar/workgroup services and we can all gladly toss these horrid little devices in the recycle bins where they belong. Jamie -Original Message- From: Joe Abley [mailto:jab...@hopcount.ca] Sent: Wednesday, October 12, 2011 6:06 PM To: Phil Regnauld Cc: nanog@nanog.org Subject: Re: [outages] News item: Blackberry services down worldwide On 2011-10-12, at 18:02, Phil Regnauld wrote: Joe Abley (jabley) writes: On 2011-10-12, at 13:05, Leigh Porter wrote: Email on my iPhone is working fine.. ;-) The blackberry message service is centralised with a lot of processing intelligence in the core. Messaging services that use the core as a simple transport and shift the processing intelligence to the edge have different, less-dramatic failure modes. This is not the case for corporate customers with dedicated servers, AFAIU. I'm no expert, but my understanding is that at some/most/all traffic between handhelds and a BES, carried from the handheld device through a cellular network, still flows through RIM. Joe
Re: RIP dmr
I started with UNIX back when it arrived at school, on reel to reel tapes, and it was loaded on to the PDP 11/45. I learned to write C from the original KR (which I still have, of course). Same here! Dennis was one of the good ones. A kind and generous person, who changed all our worlds. Dennis always answered my email queries. I asked him all sorts of silly programming and Unix questions early in my career, and he patiently answered them all. I wouldn't have my career without both his contributions and his guidance. His memory is for blessing. -- Rob Thomas Team Cymru https://www.team-cymru.org/ Say little and do much. M Avot 1:15
Re: Apple updates - Effect on network
Would love to see some bandwidth graphs. :) Matt. On 13/10/2011 11:42 PM, Andrew Gallo wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 10/12/2011 5:41 PM, Chad Burnham wrote: HI, Our GigaPOP (Front Range GigaPOP) and our own Akamai cache server's traffic jumped significantly today. The theory (no data) is the Apple updates released today. Chad Burnham University of Denver -Original Message- From: Zachary McGibbon [mailto:zachary.mcgibbon+na...@gmail.com] Sent: Wednesday, October 12, 2011 2:10 PM To: nanog@nanog.org Subject: Apple updates - Affect on network With all of Apple's updates today (MacOS, iOS, Apps, etc) we saw a big increase on one of our links to our ISP at 1pm Eastern. Did anyone else notice significant traffic jumps on their networks? [image: image.png] Yesterday, around 1PM ET, we saw a nearly 40% increase in inbound traffic, almost all from Akamai. It continued until around 2AM this morning, though, at one point, the traffic switched providers. Interestingly enough, we are peered directly with Akamai at Equnix- Ashburn, and at no point did this traffic use that link. Last time we saw such discrete large inbound flows was the World Cup. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJOltybAAoJEBxhAh+LWUKil5UH/i1KvIWy7OrrKNhVjWFQ/VuH OUJg5hJFTns8wT8VkBLT0ANwODA4f8UI8AUJU6nhSeOPvHHor10gw9tytT6H5vh4 znDbxqVhOkCeSms+lKWiylKpVaLrenZ/L649as1ThkxZTogUhZfoRzbmQPJXXTw5 kTuwSrkPjOTmjJNffZ7bo7AvM/dyo56XI1TMsnCp3idRxpIGgvZZm0rlQ2GflVtj UhN205L+bLC0T4l1qZOYTs/62uZZLZn4Mb5aAp6kufzcfYIVi0RUqOwGjTYztfAe FytOdzQThZObQoHR253hov/Ogkf11+/vbP7gsGVd9kpjATVk4FbOM75vrcMGn9Q= =738W -END PGP SIGNATURE-
RE: [outages] News item: Blackberry services down worldwide
Like Blake mentioned, I for one will also be ditching Blackberry devices due to the poor, irregular service which Blackberry users continue to be subject to due to RIM's inability to provide a stable and reliable service. To add further insult to injury, it just simply is unacceptable to be subject to RIM's high service and licensing costs for BES to ultimately rely on a second-rate infrastructure that causes regular 'blackouts'. Time to more to a standalone device that then relies only on the carriers, which in most cases are just as unreliable. None the less, I for one can't justify paying for an 'enterprise service' to subject to incompetence and instability of the provider. These situations simply arise to often with RIM, yet as a service provider they chose to ignore that impact these outages have on their customers in the corporate arena. Real-time communications in the corporate/enterprise world have no become one of the primary methods of communication, due to the technology RIM et al offer. It is indeed a shame that the likes of Apple iOS Google Android are yet to provide features that compete with BlackBerrys, such as encryption etc. (I am not particular clued up with regards to Windows Mobile however...) All of which, to date, are features which are leveraged in terms of justifying the cost of implementing a Blackberry solution. Furthermore, I found RIM's somewhat patronising updates from RIM's CIOs and CEOs quite insulting, particularly when an official statement had already been released stating the issues were 'resolved' to later contradict this statement and simple refer to it as some kind of 'mistake'. Unacceptable, as I am sure many of you would agree. Regards, P. -Original Message- From: Blake T. Pfankuch [mailto:bl...@pfankuch.me] Sent: 13 October 2011 14:08 To: Matthew Huff; 'Jamie Bowden'; 'Joe Abley' Cc: 'nanog@nanog.org' Subject: RE: [outages] News item: Blackberry services down worldwide Agreed. Had a customer during the timeframe of this week ditch 90 blackberries for iPhone/android devices. He actually sent me a video after BES finished uninstalling and he shut the server down so help me I'm never getting another one of these damn coasters. One user said when they got the phone where is the silly wheelie clicky thing. IT manager said oh no you just touch the screen. I'm told it was like watching an 8 year old with a box of fireworks and matches For those who complain about security on windows mobile, iPhone or android... you can do l2tp vpn and then ActiveSync on top of that over https. Mobile device policies in Exchange for user experience control. Overall much easier than Blackberry, not dependent on someone else's equipment for things like mail delivery and internet browsing, and one less server to care about.
Re: L3 announces new peering policy
On Wed, Oct 12, 2011 at 7:39 PM, Scott Weeks sur...@mauigateway.com wrote: Isn't it just more of the same, or am I brainnumb today? What's changed is the introduction of bit miles as a means of calculating equality, where traffic ratios might previously have been used. Explained further, as pointed out on-list earlier: http://fjallfoss.fcc.gov/ecfs/document/view?id=7021703819 http://fjallfoss.fcc.gov/ecfs/document/view?id=7021703818 What will be interesting is whether new peering adjacencies crop up as a result of the new policy (I can think of several smaller global networks which now qualify, as it's written), or if this is just posturing on Level 3's part. The next few months will be interesting for sure... -a
Re: RIP dmr
- Original Message - From: Fred Heutte aoxomo...@sunlightdata.com The UNIX Time-Sharing System http://www.alcatel-lucent.com/bstj/vol57-1978/articles/bstj57-6-1905.pdf UNIX Time-Sharing System: A Retrospective http://www.alcatel-lucent.com/bstj/vol57-1978/articles/bstj57-6-1947.pdf UNIX Time-Sharing System: The C Programming Language http://www.alcatel-lucent.com/bstj/vol57-1978/articles/bstj57-6-1991.pdf Indeed: *the entire BSTJ* is available at that site as PDFs; kudos to the Alcatel-Lucent people who made that happen. Really big ones. Cheers, -- jra -- Jay R. Ashworth Baylink j...@baylink.com Designer The Things I Think RFC 2100 Ashworth Associates http://baylink.pitas.com 2000 Land Rover DII St Petersburg FL USA http://photo.imageinc.us +1 727 647 1274
Re: [outages] News item: Blackberry services down worldwide
- Original Message - From: Jamie Bowden ja...@photon.com Someday either Google or Apple will get off their rear ends and roll out an end to end encrypted service that plugs into corporate email/calendar/workgroup services and we can all gladly toss these horrid little devices in the recycle bins where they belong. plugI'm fairly sure K-9 does GPG, at least for the email/plug Cheers, -- jr 'just a doco writer' a -- Jay R. Ashworth Baylink j...@baylink.com Designer The Things I Think RFC 2100 Ashworth Associates http://baylink.pitas.com 2000 Land Rover DII St Petersburg FL USA http://photo.imageinc.us +1 727 647 1274
Re: [outages] News item: Blackberry services down worldwide
On Thu, Oct 13, 2011 at 11:13 AM, Jay Ashworth j...@baylink.com wrote: - Original Message - From: Jamie Bowden ja...@photon.com Someday either Google or Apple will get off their rear ends and roll out an end to end encrypted service that plugs into corporate email/calendar/workgroup services and we can all gladly toss these horrid little devices in the recycle bins where they belong. plugI'm fairly sure K-9 does GPG, at least for the email/plug plus normal mail + k9 will do TLS on SMTP and IMAP... or they both do with my mail server just fine. (idevices seeem to also do this well enough) It's possible that the 'encryption' comment from Jamie is really about encrypting the actual device... which I believe Android[0] will do, I don't know if idevices do though. -chris 0: http://googleenterprise.blogspot.com/2011/04/putting-android-to-work-for-your.html
Re: [outages] News item: Blackberry services down worldwide
On Oct 13, 2011, at 11:35 AM, Christopher Morrow wrote: It's possible that the 'encryption' comment from Jamie is really about encrypting the actual device... which I believe Android[0] will do, I don't know if idevices do though. I think the big problem is that rev1 of iDevice did not include on-device crypto, and there was a case where they also 'lied' about their crypto capability to the servers. Rebuilding this trust can take some time. I do expect that with the iMessage stuff that was released yesterday (SMS/MMSoIP to email/phone#) many more companies will shift to using that instead as the value of BBM is decreased. I also wonder what the impact of iMessage and others will be on places like hotel networks as the devices camp out longer/more often on the wifi, etc. We observed the impact to a hotel of the NANOG crowd this week (i wonder if there will be lessons learned on the part of lodgenet, etc?) I know personally I've observed the attwifi ssid expanding to more places (including hilton branded properties) in the past 6 months to offload cellular data. - Jared
RE: [outages] News item: Blackberry services down worldwide
-Original Message- From: Christopher Morrow [mailto:morrowc.li...@gmail.com] Sent: Thursday, October 13, 2011 11:36 AM To: Jay Ashworth Cc: NANOG Subject: Re: [outages] News item: Blackberry services down worldwide On Thu, Oct 13, 2011 at 11:13 AM, Jay Ashworth j...@baylink.com wrote: - Original Message - From: Jamie Bowden ja...@photon.com Someday either Google or Apple will get off their rear ends and roll out an end to end encrypted service that plugs into corporate email/calendar/workgroup services and we can all gladly toss these horrid little devices in the recycle bins where they belong. plugI'm fairly sure K-9 does GPG, at least for the email/plug plus normal mail + k9 will do TLS on SMTP and IMAP... or they both do with my mail server just fine. (idevices seeem to also do this well enough) It's possible that the 'encryption' comment from Jamie is really about encrypting the actual device... which I believe Android[0] will do, I don't know if idevices do though. As of 2.3[.x?] (can't remember if it's a sub release that intro'd this), Android devices can be wholly encrypted, though I don't know if they are by default. All these kludges are great on a small scale, but the BES does end to end encryption for transmission, plugs into Exchange, Lotus, Sametime, proxies internal http[s], and lets us manage policies and push out software updates from a central management point. When it works, it's also scalable, which matters when you have thousands of devices to manage. Jamie
RE: [outages] News item: Blackberry services down worldwide
Pierce, Actually with Windows Mobile and Exchange Enterprise, you can force handheld encryption :) -Original Message- From: Pierce Lynch [mailto:p.ly...@netappliant.com] Sent: Thursday, October 13, 2011 8:35 AM To: 'nanog@nanog.org' Subject: RE: [outages] News item: Blackberry services down worldwide Like Blake mentioned, I for one will also be ditching Blackberry devices due to the poor, irregular service which Blackberry users continue to be subject to due to RIM's inability to provide a stable and reliable service. To add further insult to injury, it just simply is unacceptable to be subject to RIM's high service and licensing costs for BES to ultimately rely on a second-rate infrastructure that causes regular 'blackouts'. Time to more to a standalone device that then relies only on the carriers, which in most cases are just as unreliable. None the less, I for one can't justify paying for an 'enterprise service' to subject to incompetence and instability of the provider. These situations simply arise to often with RIM, yet as a service provider they chose to ignore that impact these outages have on their customers in the corporate arena. Real-time communications in the corporate/enterprise world have no become one of the primary methods of communication, due to the technology RIM et al offer. It is indeed a shame that the likes of Apple iOS Google Android are yet to provide features that compete with BlackBerrys, such as encryption etc. (I am not particular clued up with regards to Windows Mobile however...) All of which, to date, are features which are leveraged in terms of justifying the cost of implementing a Blackberry solution. Furthermore, I found RIM's somewhat patronising updates from RIM's CIOs and CEOs quite insulting, particularly when an official statement had already been released stating the issues were 'resolved' to later contradict this statement and simple refer to it as some kind of 'mistake'. Unacceptable, as I am sure many of you would agree. Regards, P. -Original Message- From: Blake T. Pfankuch [mailto:bl...@pfankuch.me] Sent: 13 October 2011 14:08 To: Matthew Huff; 'Jamie Bowden'; 'Joe Abley' Cc: 'nanog@nanog.org' Subject: RE: [outages] News item: Blackberry services down worldwide Agreed. Had a customer during the timeframe of this week ditch 90 blackberries for iPhone/android devices. He actually sent me a video after BES finished uninstalling and he shut the server down so help me I'm never getting another one of these damn coasters. One user said when they got the phone where is the silly wheelie clicky thing. IT manager said oh no you just touch the screen. I'm told it was like watching an 8 year old with a box of fireworks and matches For those who complain about security on windows mobile, iPhone or android... you can do l2tp vpn and then ActiveSync on top of that over https. Mobile device policies in Exchange for user experience control. Overall much easier than Blackberry, not dependent on someone else's equipment for things like mail delivery and internet browsing, and one less server to care about.
Re: NANOG:RE: [outages] News item: Blackberry services down worldwide
Can't but agree with Jamie. The ability to centralize management for all Blackberry users and _force_ them to comply with company policy (it's an investment bank) saved us lot of hassle when, and it happens regularly, people lose their handsets. Otherwise, it would be all unencrypted, unmonitored and unprotected access points to customer's private data. Some of our representatives recently switched to iphones, but nobody from management will ever be allowed anything than a Blackberry. Andrea On 10/13/11 5:55 PM, Jamie Bowden ja...@photon.com wrote: -Original Message- From: Christopher Morrow [mailto:morrowc.li...@gmail.com] Sent: Thursday, October 13, 2011 11:36 AM To: Jay Ashworth Cc: NANOG Subject: Re: [outages] News item: Blackberry services down worldwide On Thu, Oct 13, 2011 at 11:13 AM, Jay Ashworth j...@baylink.com wrote: - Original Message - From: Jamie Bowden ja...@photon.com Someday either Google or Apple will get off their rear ends and roll out an end to end encrypted service that plugs into corporate email/calendar/workgroup services and we can all gladly toss these horrid little devices in the recycle bins where they belong. plugI'm fairly sure K-9 does GPG, at least for the email/plug plus normal mail + k9 will do TLS on SMTP and IMAP... or they both do with my mail server just fine. (idevices seeem to also do this well enough) It's possible that the 'encryption' comment from Jamie is really about encrypting the actual device... which I believe Android[0] will do, I don't know if idevices do though. As of 2.3[.x?] (can't remember if it's a sub release that intro'd this), Android devices can be wholly encrypted, though I don't know if they are by default. All these kludges are great on a small scale, but the BES does end to end encryption for transmission, plugs into Exchange, Lotus, Sametime, proxies internal http[s], and lets us manage policies and push out software updates from a central management point. When it works, it's also scalable, which matters when you have thousands of devices to manage. Jamie
Re: L3 announces new peering policy
--- a...@latency.net wrote: From: Adam Rothschild a...@latency.net On Wed, Oct 12, 2011 at 7:39 PM, Scott Weeks sur...@mauigateway.com wrote: Isn't it just more of the same, or am I brainnumb today? What's changed is the introduction of bit miles as a means of calculating equality, where traffic ratios might previously have been used. Explained further, as pointed out on-list earlier: http://fjallfoss.fcc.gov/ecfs/document/view?id=7021703819 http://fjallfoss.fcc.gov/ecfs/document/view?id=7021703818 What will be interesting is whether new peering adjacencies crop up as a result of the new policy (I can think of several smaller global networks which now qualify, as it's written), or if this is just posturing on Level 3's part. The next few months will be interesting for sure... I do recall the bit-miles conversations, but didn't tie that into this. doh! Thanks for the links. That kind of detail is what I should've been looking for and it explains everything. scott
Re: L3 announces new peering policy
Note the distinction in the new peering relationship requirement -- only direct adjacencies with other transit-providing ASes count. ...or did that change happen some time ago and I'm just noticing it now (?) TV On Oct 13, 2011, at 2:13 PM, Scott Weeks wrote: --- a...@latency.net wrote: From: Adam Rothschild a...@latency.net On Wed, Oct 12, 2011 at 7:39 PM, Scott Weeks sur...@mauigateway.com wrote: Isn't it just more of the same, or am I brainnumb today? What's changed is the introduction of bit miles as a means of calculating equality, where traffic ratios might previously have been used. Explained further, as pointed out on-list earlier: http://fjallfoss.fcc.gov/ecfs/document/view?id=7021703819 http://fjallfoss.fcc.gov/ecfs/document/view?id=7021703818 What will be interesting is whether new peering adjacencies crop up as a result of the new policy (I can think of several smaller global networks which now qualify, as it's written), or if this is just posturing on Level 3's part. The next few months will be interesting for sure... I do recall the bit-miles conversations, but didn't tie that into this. doh! Thanks for the links. That kind of detail is what I should've been looking for and it explains everything. scott smime.p7s Description: S/MIME cryptographic signature
Re: L3 announces new peering policy
On Oct 13, 2011, at 2:19 PM, Tom Vest wrote: Note the distinction in the new peering relationship requirement -- only direct adjacencies with other transit-providing ASes count. ...or did that change happen some time ago and I'm just noticing it now (?) It is new. I'm unclear how that has anything to do with what they need as a business other than to carve out potential customers from the pool. Actually, we are all very clear -- TTFN, patrick On Oct 13, 2011, at 2:13 PM, Scott Weeks wrote: --- a...@latency.net wrote: From: Adam Rothschild a...@latency.net On Wed, Oct 12, 2011 at 7:39 PM, Scott Weeks sur...@mauigateway.com wrote: Isn't it just more of the same, or am I brainnumb today? What's changed is the introduction of bit miles as a means of calculating equality, where traffic ratios might previously have been used. Explained further, as pointed out on-list earlier: http://fjallfoss.fcc.gov/ecfs/document/view?id=7021703819 http://fjallfoss.fcc.gov/ecfs/document/view?id=7021703818 What will be interesting is whether new peering adjacencies crop up as a result of the new policy (I can think of several smaller global networks which now qualify, as it's written), or if this is just posturing on Level 3's part. The next few months will be interesting for sure... I do recall the bit-miles conversations, but didn't tie that into this. doh! Thanks for the links. That kind of detail is what I should've been looking for and it explains everything. scott
OT: ISPs in Brazil and Chile
Hi Group, A little off topic, but I was looking for a recommendation on an ISP in both Brazil and Chile. Thanks!! __ DISCLAIMER: This e-mail contains proprietary information some or all of which may be legally privileged. It is for the intended recipient only. If an addressing or transmission error has misdirected this e-mail, please notify the author by replying to this e-mail. If you are not the intended recipient you must not use, disclose, distribute, copy, print, or rely on this e-mail. This message has been scanned for the presence of computer viruses, Spam, and Explicit Content.
NANOG Website and ARO Maintenance
Hello All: There will be maintenance performed to the NANOG Website and ARO system on Saturday, October 22, 2011, starting at 4 PM Pacific (2300 GMT) and lasting approximately 4 hours. During the window there will be brief periods where the website and ARO system are unavailable. Please note this outage will not affect any of the NANOG mailing lists. If you have any questions feel free to let me know. Regards, Mike -- Michael K. Smith - CISSP, GSEC, GISP Chief Technical Officer - Adhost Internet LLC mksm...@adhost.com w: +1 (206) 404-9500 f: +1 (206) 404-9050 PGP: B49A DDF5 8611 27F3 08B9 84BB E61E 38C0 (Key ID: 0x9A96777D)
Re: OT: ISPs in Brazil and Chile
I work in Claro. Claro has ISP in both countries. If you need more information contact me off list. Regards 2011/10/13, Jeff Cartier jeff.cart...@pernod-ricard.com: Hi Group, A little off topic, but I was looking for a recommendation on an ISP in both Brazil and Chile. Thanks!! __ DISCLAIMER: This e-mail contains proprietary information some or all of which may be legally privileged. It is for the intended recipient only. If an addressing or transmission error has misdirected this e-mail, please notify the author by replying to this e-mail. If you are not the intended recipient you must not use, disclose, distribute, copy, print, or rely on this e-mail. This message has been scanned for the presence of computer viruses, Spam, and Explicit Content. -- Enviado desde mi dispositivo móvil
Re: NANOG:RE: [outages] News item: Blackberry services down worldwide
ActiveSync on Android allows corporate to force compliance with security policy and allow remote wipe. User cannot complete the exchange account setup without permitting the controls. If the user doesn't agree their sync isn't enabled. Moreover, if corporate requirements change sync is disabled until you approve again. That seems like it covers all the bases to me. Sent from my Verizon Wireless Phone -Original message- From: Andrea Gozzi m...@vp44.net To: Jamie Bowden ja...@photon.com, Christopher Morrow morrowc.li...@gmail.com, Jay Ashworth j...@baylink.com Cc: NANOG nanog@nanog.org Sent: Thu, Oct 13, 2011 17:02:53 GMT+00:00 Subject: Re: NANOG:RE: [outages] News item: Blackberry services down worldwide Can't but agree with Jamie. The ability to centralize management for all Blackberry users and _force_ them to comply with company policy (it's an investment bank) saved us lot of hassle when, and it happens regularly, people lose their handsets. Otherwise, it would be all unencrypted, unmonitored and unprotected access points to customer's private data. Some of our representatives recently switched to iphones, but nobody from management will ever be allowed anything than a Blackberry. Andrea On 10/13/11 5:55 PM, Jamie Bowden wrote: -Original Message- From: Christopher Morrow [mailto:morrowc.li...@gmail.com] Sent: Thursday, October 13, 2011 11:36 AM To: Jay Ashworth Cc: NANOG Subject: Re: [outages] News item: Blackberry services down worldwide On Thu, Oct 13, 2011 at 11:13 AM, Jay Ashworth wrote: - Original Message - From: Jamie Bowden Someday either Google or Apple will get off their rear ends and roll out an end to end encrypted service that plugs into corporate email/calendar/workgroup services and we can all gladly toss these horrid little devices in the recycle bins where they belong. I'm fairly sure K-9 does GPG, at least for the email plus normal mail + k9 will do TLS on SMTP and IMAP... or they both do with my mail server just fine. (idevices seeem to also do this well enough) It's possible that the 'encryption' comment from Jamie is really about encrypting the actual device... which I believe Android[0] will do, I don't know if idevices do though. As of 2.3[.x?] (can't remember if it's a sub release that intro'd this), Android devices can be wholly encrypted, though I don't know if they are by default. All these kludges are great on a small scale, but the BES does end to end encryption for transmission, plugs into Exchange, Lotus, Sametime, proxies internal http[s], and lets us manage policies and push out software updates from a central management point. When it works, it's also scalable, which matters when you have thousands of devices to manage. Jamie
Re: [outages] News item: Blackberry services down worldwide
On Oct 13, 2011, at 3:21 PM, McCall, Gabriel wrote: ActiveSync on Android allows corporate to force compliance with security policy and allow remote wipe. User cannot complete the exchange account setup without permitting the controls. If the user doesn't agree their sync isn't enabled. Moreover, if corporate requirements change sync is disabled until you approve again. That seems like it covers all the bases to me. Same on iThings, plus SSL, wipe if 10 incorrect pass codes entered, enforcement of more than a 4-digit PIN pass code, auto-lock timeout, etc., etc. Any device that doesn't do this is likely old and / or going out of biz. I like Jared's attempt to bring this back on topic, though. :) So going down that path, exactly why is iMessage any different from Skype, AIM, Jabber, etc.? I mean other than likely being part of the OS / seamlessly integrated. (I haven't tried it yet, so I am just assuming Apple has done their standard UI magic on this.) In fact, Skype, just as a for instance, is worse on hotel wifi as launching the app on a laptop makes you a middle node for some conversations. Does Skype on $HANDHELD have the same property? -- TTFN, patrick -Original message- From: Andrea Gozzi m...@vp44.net To: Jamie Bowden ja...@photon.com, Christopher Morrow morrowc.li...@gmail.com, Jay Ashworth j...@baylink.com Cc: NANOG nanog@nanog.org Sent: Thu, Oct 13, 2011 17:02:53 GMT+00:00 Subject: Re: NANOG:RE: [outages] News item: Blackberry services down worldwide Can't but agree with Jamie. The ability to centralize management for all Blackberry users and _force_ them to comply with company policy (it's an investment bank) saved us lot of hassle when, and it happens regularly, people lose their handsets. Otherwise, it would be all unencrypted, unmonitored and unprotected access points to customer's private data. Some of our representatives recently switched to iphones, but nobody from management will ever be allowed anything than a Blackberry. Andrea On 10/13/11 5:55 PM, Jamie Bowden wrote: -Original Message- From: Christopher Morrow [mailto:morrowc.li...@gmail.com] Sent: Thursday, October 13, 2011 11:36 AM To: Jay Ashworth Cc: NANOG Subject: Re: [outages] News item: Blackberry services down worldwide On Thu, Oct 13, 2011 at 11:13 AM, Jay Ashworth wrote: - Original Message - From: Jamie Bowden Someday either Google or Apple will get off their rear ends and roll out an end to end encrypted service that plugs into corporate email/calendar/workgroup services and we can all gladly toss these horrid little devices in the recycle bins where they belong. I'm fairly sure K-9 does GPG, at least for the email plus normal mail + k9 will do TLS on SMTP and IMAP... or they both do with my mail server just fine. (idevices seeem to also do this well enough) It's possible that the 'encryption' comment from Jamie is really about encrypting the actual device... which I believe Android[0] will do, I don't know if idevices do though. As of 2.3[.x?] (can't remember if it's a sub release that intro'd this), Android devices can be wholly encrypted, though I don't know if they are by default. All these kludges are great on a small scale, but the BES does end to end encryption for transmission, plugs into Exchange, Lotus, Sametime, proxies internal http[s], and lets us manage policies and push out software updates from a central management point. When it works, it's also scalable, which matters when you have thousands of devices to manage. Jamie
Re: NANOG:RE: [outages] News item: Blackberry services down worldwide
On Thu, Oct 13, 2011 at 12:21 PM, McCall, Gabriel gabriel.mcc...@thyssenkrupp.com wrote: ActiveSync on Android allows corporate to force compliance with security policy and allow remote wipe. User cannot complete the exchange account setup without permitting the controls. If the user doesn't agree their sync isn't enabled. Moreover, if corporate requirements change sync is disabled until you approve again. That seems like it covers all the bases to me. There's two key differences between ActiveSync and BES. The first is that ActiveSync implementations vary widely between different manufacturers/implementations/versions/etc. There is a core set of features that all manufacturers must implement, but it's a very small percentage of the full feature set of controls that ActiveSync supports. Things like enforcing a PIN code fit into this category, but other options like disabling the camera and (from memory) device encryption or even remote wipe are NOT in this category. As a result, even if you enable these features on your Exchange/ActiveSync server, you can't be sure that they are actually being enforced as you can't readily control which devices are being used with ActiveSync, and (realistically) you can't stop a user from changing devices so that even if you gave them a handset that supported all the features you wanted, they could simply move over to a new device that didn't. The second key difference is inbound v's outbound. ActiveSync requires you to allow connections into your network from outside, where BES doesn't. In todays world that's not really an issue - especially as most people will have their email servers accessible from the Internet in some way or other - but in BB's heyday this alone was one of the key differientators for Blackberry v's anything else (be that ActiveSync, POP/IMAP/etc, or any other protocols) With so many companies today working on the entire concept of Mobile Device Management (MDM), Blackberry will fade into insignificance in the not too distant future if they don't come out with something better than the competition - but even today they still allow far better control over handsets than ActiveSync alone does. Scott.
RE: NANOG:RE: [outages] News item: Blackberry services down worldwide
Exchange administration is not my primary job, but in my past experience on Exchange and the iPhone, if I enforced a security policy that the phone could not meet then the user would not be able to sync with the server and setup their account. I remember having to tone back the security policy to a point where the iPhone would actually sync. So effectively they are enforced. You can also simply limit what ActiveSync devices are allowed. If you don't like iPhones but Android is ok, you can do that... at least in Exchange 2010 I can. -Vinny -Original Message- From: Scott Howard [mailto:sc...@doc.net.au] Sent: Thursday, October 13, 2011 5:42 PM To: McCall, Gabriel Cc: NANOG Subject: Re: NANOG:RE: [outages] News item: Blackberry services down worldwide On Thu, Oct 13, 2011 at 12:21 PM, McCall, Gabriel gabriel.mcc...@thyssenkrupp.com wrote: ActiveSync on Android allows corporate to force compliance with security policy and allow remote wipe. User cannot complete the exchange account setup without permitting the controls. If the user doesn't agree their sync isn't enabled. Moreover, if corporate requirements change sync is disabled until you approve again. That seems like it covers all the bases to me. There's two key differences between ActiveSync and BES. The first is that ActiveSync implementations vary widely between different manufacturers/implementations/versions/etc. There is a core set of features that all manufacturers must implement, but it's a very small percentage of the full feature set of controls that ActiveSync supports. Things like enforcing a PIN code fit into this category, but other options like disabling the camera and (from memory) device encryption or even remote wipe are NOT in this category. As a result, even if you enable these features on your Exchange/ActiveSync server, you can't be sure that they are actually being enforced as you can't readily control which devices are being used with ActiveSync, and (realistically) you can't stop a user from changing devices so that even if you gave them a handset that supported all the features you wanted, they could simply move over to a new device that didn't. The second key difference is inbound v's outbound. ActiveSync requires you to allow connections into your network from outside, where BES doesn't. In todays world that's not really an issue - especially as most people will have their email servers accessible from the Internet in some way or other - but in BB's heyday this alone was one of the key differientators for Blackberry v's anything else (be that ActiveSync, POP/IMAP/etc, or any other protocols) With so many companies today working on the entire concept of Mobile Device Management (MDM), Blackberry will fade into insignificance in the not too distant future if they don't come out with something better than the competition - but even today they still allow far better control over handsets than ActiveSync alone does. Scott.
[OT] Overture's Ethernet over bonded Copper products
HI operators, Been looking at Overture¹s Ethernet over Copper¹ product line; any you folks have any real world experience with them? Would love to hear off-line the good, bad, ugly stories if you are willing to share. Much appreciated. -graham
Re: [outages] News item: Blackberry services down worldwide
I have been following this thread for a while and I will have to say I am a tad confused. Remote wipe has been in the iPhone since iOS3.1.3 And if your phone is locked it will wipe after 10 (if I remember correctly) failed unlock attempts. My iPhone communicates completely encrypted. It is set to VPN back to our office. And if we didn't wan't to do that we could could use TLS on our mail to keep that traffic encrypted. But encrypt all is the best approach for us. Personally, I hate mail push. I watch folks in meetings constantly looking down or typing some response and never fully listening to the speakers and not fully engaged in the meeting. Additionally, mail push is indiscriminate and just interrupts my train of thought when I am working. If a communique is truly important whomever can iMessage,SMS,jabber/POTS me; otherwise the mail can just wait till I check my inbox. I understand others feel differently. On an iPhone today you can get push from exchange, iCloud/iMap, Gmail/GCloud, Yahoo, OSX Server (I believe) or set your phone the check every x minutes (after all what could be so important that 15 latency minutes would cause a catastrophe? (During many catastrophe situations sms could take hours or the voice cell network could be tied up and are you that close to whatever to be able to react). If you need instant response... script it. As for filtering, its one of my issues about my iPhone. However, iOS5 supports message flagging and a filter script back on your desktop (where Mail does accept/process message push via IDLE) can flag a message which will sync to your iPhone. Lastly I have never liked RIM's model. It basically inculcates the idea that man in the middle is a good thing which it is not. Just my 2¢ Tom On Oct 13, 2011, at 8:49 AM, Erik Soosalu wrote: Any idea of when Apple's ActiveSync Implementation will close the gap with what BES does? Like maybe having Important message notifications? Categories? Filters? I use an iPhone, but mail handling on it is lacking. -Original Message- From: Matthew Huff [mailto:mh...@ox.com] Sent: Thursday, October 13, 2011 8:44 AM To: 'Jamie Bowden'; 'Joe Abley' Cc: 'nanog@nanog.org' Subject: RE: [outages] News item: Blackberry services down worldwide It's called Microsoft Exchange ActiveSync :) It works with Android, Apple and Microsoft devices. I believe both Lotus and Groupwise have licensed and support it as well. We have a few (but now, very few) blackberry users remaining. They won't let it go until we rip it out of their hands. -Original Message- From: Jamie Bowden [mailto:ja...@photon.com] Sent: Thursday, October 13, 2011 7:36 AM To: Joe Abley Cc: nanog@nanog.org Subject: RE: [outages] News item: Blackberry services down worldwide You are correct. The BES uses PSKs to talk to RIM's servers, which then uses them to talk to the devices over the carrier networks. All of this was in complete failure mode until sometime overnight when it appears to have all started flowing again. Someday either Google or Apple will get off their rear ends and roll out an end to end encrypted service that plugs into corporate email/calendar/workgroup services and we can all gladly toss these horrid little devices in the recycle bins where they belong. Jamie -Original Message- From: Joe Abley [mailto:jab...@hopcount.ca] Sent: Wednesday, October 12, 2011 6:06 PM To: Phil Regnauld Cc: nanog@nanog.org Subject: Re: [outages] News item: Blackberry services down worldwide On 2011-10-12, at 18:02, Phil Regnauld wrote: Joe Abley (jabley) writes: On 2011-10-12, at 13:05, Leigh Porter wrote: Email on my iPhone is working fine.. ;-) The blackberry message service is centralised with a lot of processing intelligence in the core. Messaging services that use the core as a simple transport and shift the processing intelligence to the edge have different, less-dramatic failure modes. This is not the case for corporate customers with dedicated servers, AFAIU. I'm no expert, but my understanding is that at some/most/all traffic between handhelds and a BES, carried from the handheld device through a cellular network, still flows through RIM. Joe
Re: [outages] News item: Blackberry services down worldwide
On 10/13/11 3:30 PM, Patrick W. Gilmore wrote: In fact, Skype, just as a for instance, is worse on hotel wifi as launching the app on a laptop makes you a middle node for some conversations. Per the Skype IT administrator guide, a Skype node will not become a supernode unless it has a public IP address and meets the memory, bandwidth, and uptime requirements. It will not become a relay node unless it has a public IP address and is directly reachable from the Internet. It is very unlikely that launching the Skype app on a laptop on hotel wi-fi would meet these requirements. Does Skype on $HANDHELD have the same property? Not as far as I know, for the obvious reason that handheld devices have network connections that are suboptimal for this. Matthew Kaufman
Re: [OT] Overture's Ethernet over bonded Copper products
Can't speak to Overture, but at my last gig, Aktino/Positron gear worked well for us. -RR On 10/13/11, Graham Wooden gra...@g-rock.net wrote: HI operators, Been looking at Overture¹s ŒEthernet over Copper¹ product line; any you folks have any real world experience with them? Would love to hear off-line the good, bad, ugly stories if you are willing to share. Much appreciated. -graham