Re: uunet ends newsfeed/newsreader in US
It's not pr0n that's killing Usenet, the problem is spam junk mail, chain letters I gather you haven't looked at usenet for a long time. The spam and chain letters have followed the crowd. I can't remember the last time I saw a chain letter, and there's surprisingly little spam. E-mail address harvesters (where you get bombarded with direct-emailed crap if you dare post a message to USENET). Spam sucks, but I've been posting to usenet with my real unmunged email address since 1981 and my inbox remains entirely usable. The idea that the way to avoid spam is to hide from spammers is so 1990s. Regards, John Levine, jo...@iecc.com, Primary Perpetrator of The Internet for Dummies, Please consider the environment before reading this e-mail. http://jl.ly
Re: uunet ends newsfeed/newsreader in US
On 31 Mar 2012 08:55:48 +0200, John R. Levine jo...@iecc.com wrote: Spam sucks, but I've been posting to usenet with my real unmunged email address since 1981 and my inbox remains entirely usable. The idea that the way to avoid spam is to hide from spammers is so 1990s. So desu, ne.
Re: uunet ends newsfeed/newsreader in US
On 31 Mar 2012 08:55:48 +0200, John R. Levine jo...@iecc.com wrote: Spam sucks, but I've been posting to usenet with my real unmunged email address since 1981 and my inbox remains entirely usable. The idea that the way to avoid spam is to hide from spammers is so 1990s. LOL yer not kidding. https://www.google.ca/search?sourceid=chromeie=UTF-8q=%22johnl%40iecc.com%22 -- About 60,800 results (0.27 seconds) -- Landon Stewart lstew...@superb.net Sr. Administrator Systems Engineering Superb Internet Corp - 888-354-6128 x 4199 Web hosting and more Ahead of the Rest: www.superb.net pgpBnE2GAQeQM.pgp Description: PGP signature
Re: airFiber
On Thu, Mar 29, 2012 at 2:01 PM, Nick Olsen n...@flhsi.com wrote: It will need perfect line of site. And won't deal with NLOS like most 2/5 ghz gear can. It's 24ghz. At least on the East Coast, it would be best to install it during the summer. Put it up in winter, and any leaves that sprout in the path will likely cause a failure come spring. (And, if you're brought in to trouble-shoot a broken link, and the local techs swear that all the gear checks out fine, demand to go up on the roof and look down the line of sight first. It is satisfying to fix things without having to actually touch the equipment.) Regards Marshall They claim 15Km. Maybe in the desert. In any climate with rain, Like our's here in Florida even 2 miles is going to be a stretch as 24ghz will rain fade easy. A great application for this would be like between two buildings requiring highspeed backhaul. (Were talking roof-top to roof-top of maybe a few thousand feet or more between them. Nick Olsen Network Operations (855) FLSPEED x106 From: Drew Weaver drew.wea...@thenap.com Sent: Thursday, March 29, 2012 1:27 PM To: Jared Mauch ja...@puck.nether.net, Eugen Leitl eu...@leitl.org Subject: RE: airFiber I've read that it requires perfect line of sight, which makes it sometimes tricky. Thanks, -Drew -Original Message- From: Jared Mauch [mailto:ja...@puck.nether.net] Sent: Thursday, March 29, 2012 12:45 PM To: Eugen Leitl Cc: NANOG list Subject: Re: airFiber On Thu, Mar 29, 2012 at 06:34:21PM +0200, Eugen Leitl wrote: Claim: 1.4 GBit/s over up to 13 km, 24 GHZ, @3 kUSD/link price point. http://www.ubnt.com/airfiber Yeah, I got this note the other day. I am very interested in hearing about folks experience with this hardware once it ships. I almost posted it in the last-mile thread. Even compared to other hardware in the space the price-performance of it for the bitrate is amazing. I also recommend watching the video they posted: http://www.ubnt.com/themes/ubiquiti/air-fiber-video.html You are leaving out that it's an unlicensed band, so you can use this to have a decent backhaul to your house just by rigging it yourself on each end. - Jared -- Jared Mauch | pgp key available via finger from ja...@puck.nether.net clue++; | http://puck.nether.net/~jared/ My statements are only mine.
Attack on the DNS ?
Anyone seen signs of this attack actually occurring ? http://www.nytimes.com/2012/03/31/technology/with-advance-warning-bracing-for-attack-on-internet-by-anonymous.html?_r=1 snip The message called it Operation Global Blackout, and rallied Anonymous supporters worldwide to attack the Domain Name System, which converts human-friendly domain names like google.com into numeric addresses that are more useful for computers. It declared when the attack would be carried out: March 31. And it detailed exactly how: by bombarding the Domain Name System with junk traffic in an effort to overwhelm it altogether. snip Regards Marshall
Outdoor Wireless Access Point
Hi there, I asked for a wireless solution for a university, in which they want indoor wireless solution for more than 5 building (at least two floor) and outdoor wireless solution for near 160m*280m garden. As I look for maps we need at least 3 or 4 outdoor radio, I think in these networks the best solution is to have only one SSID in whole network to give mobility for the network, is this called ad-hoc? or it has an other name? I do not know if I could ask question clearly or not, suppose we have 4 radio but only one SSID is broadcasting and when you are near the radio is near to you you will get service from that one, as this solution must be implement for indoor ones too. And if there is any good company which can both indoor and outdoor solution and they have shipping to Iran too or reseller in Iran please give me the url. Thanks -- Regards, Shahab Vahabzadeh, Network Engineer and System Administrator Cell Phone: +1 (415) 871 0742 PGP Key Fingerprint = 8E34 B335 D702 0CA7 5A81 C2EE 76A2 46C2 5367 BF90
Re: Attack on the DNS ?
Anyone seen signs of this attack actually occurring ? http://www.nytimes.com/2012/03/31/technology/with-advance-warning-bracing-for-attack-on-internet-by-anonymous.html?_r=1 From my vantage point in Oslo, Norway, there is no sign of any attack occurring. Steinar Haug, Nethelp consulting, sth...@nethelp.no
Re: airFiber
Is this any different than what GigaBeam tried before they went bankrupt. http://www.globenewswire.com/newsroom/news.html?d=177145 Their website only shows a control panel login now so I think they've gone completely out of business. The only reason I know about them is because one of my customers used two of their radios for a p2p 1G link and it was a disaster. The Gigabeam radios tried to transparently act as L1 devices.They were just converting optical energy to radio energy. They didn't act as bridges. So if you plugged a switch into either end each switch would think it had an L1 connection to the other switch. It would work with certain optics and certain firmware versions of certain switches. But if you changed anything you might get link and you might not. I hope these Ubiquity devices actually maintain link even if the radio connection goes down. On Sat, Mar 31, 2012 at 11:40 AM, Marshall Eubanks marshall.euba...@gmail.com wrote: On Thu, Mar 29, 2012 at 2:01 PM, Nick Olsen n...@flhsi.com wrote: It will need perfect line of site. And won't deal with NLOS like most 2/5 ghz gear can. It's 24ghz. At least on the East Coast, it would be best to install it during the summer. Put it up in winter, and any leaves that sprout in the path will likely cause a failure come spring. (And, if you're brought in to trouble-shoot a broken link, and the local techs swear that all the gear checks out fine, demand to go up on the roof and look down the line of sight first. It is satisfying to fix things without having to actually touch the equipment.) Regards Marshall They claim 15Km. Maybe in the desert. In any climate with rain, Like our's here in Florida even 2 miles is going to be a stretch as 24ghz will rain fade easy. A great application for this would be like between two buildings requiring highspeed backhaul. (Were talking roof-top to roof-top of maybe a few thousand feet or more between them. Nick Olsen Network Operations (855) FLSPEED x106 From: Drew Weaver drew.wea...@thenap.com Sent: Thursday, March 29, 2012 1:27 PM To: Jared Mauch ja...@puck.nether.net, Eugen Leitl eu...@leitl.org Subject: RE: airFiber I've read that it requires perfect line of sight, which makes it sometimes tricky. Thanks, -Drew -Original Message- From: Jared Mauch [mailto:ja...@puck.nether.net] Sent: Thursday, March 29, 2012 12:45 PM To: Eugen Leitl Cc: NANOG list Subject: Re: airFiber On Thu, Mar 29, 2012 at 06:34:21PM +0200, Eugen Leitl wrote: Claim: 1.4 GBit/s over up to 13 km, 24 GHZ, @3 kUSD/link price point. http://www.ubnt.com/airfiber Yeah, I got this note the other day. I am very interested in hearing about folks experience with this hardware once it ships. I almost posted it in the last-mile thread. Even compared to other hardware in the space the price-performance of it for the bitrate is amazing. I also recommend watching the video they posted: http://www.ubnt.com/themes/ubiquiti/air-fiber-video.html You are leaving out that it's an unlicensed band, so you can use this to have a decent backhaul to your house just by rigging it yourself on each end. - Jared -- Jared Mauch | pgp key available via finger from ja...@puck.nether.net clue++; | http://puck.nether.net/~jared/ My statements are only mine.
Re: Attack on the DNS ?
On Sat, Mar 31, 2012 at 05:05:46AM -0400, Marshall Eubanks marshall.euba...@gmail.com wrote a message of 17 lines which said: Anyone seen signs of this attack actually occurring ? For serious information about this issue, see: https://www.dns-oarc.net/wiki/mitigating-dns-denial-of-service-attacks http://www.cricketondns.com/post.cfm/could-a-ddos-attack-against-the-roots-succeed I do not repost here the various real-rime monitoring systems (which show no attack on the root name servers) because these systems will probably be the first victims of the attack, with all the people using them to watch the end of the world :-)
Re: airFiber
On Thu, Mar 29, 2012 at 1:34 PM, Eugen Leitl eu...@leitl.org wrote: Claim: 1.4 GBit/s over up to 13 km, 24 GHZ, @3 kUSD/link price point. http://www.ubnt.com/airfiber Claims are actually Up to 1.4 Gbps and Up to 13 km; those two conditions probably cannot be satisfied together. 1.4 Gbps is actually 700 Mbps per direction. Modulations are 64 QAM, 16 QAM and QPSK (all MIMO) and QPSK (SISO), so we can guess the throughput of each data rate as: 64QAM MIMO - 720 Mbps (changed from 700 Mbps for numerical convenience) 16QAM MIMO - 480 Mbps QPSK MIMO - 240 Mbps QPSK SISO - 120 Mbps Rubens
Re: airFiber
On 3/31/2012 6:12 AM, Andrew McConachie wrote: Is this any different than what GigaBeam tried before they went bankrupt. http://www.globenewswire.com/newsroom/news.html?d=177145 Their website only shows a control panel login now so I think they've gone completely out of business. The only reason I know about them is because one of my customers used two of their radios for a p2p 1G link and it was a disaster. The Gigabeam radios tried to transparently act as L1 devices.They were just converting optical energy to radio energy. They didn't act as bridges. So if you plugged a switch into either end each switch would think it had an L1 connection to the other switch. It would work with certain optics and certain firmware versions of certain switches. But if you changed anything you might get link and you might not. I hope these Ubiquity devices actually maintain link even if the radio connection goes down. Often such a feature is an option within the radio configuration. Where wired side link follows wireless link. To me that never seemed like a good idea because I need to get into the radio during a wireless link-down situation. Maybe if there was an OOB ethernet port it could work but I haven't seen them on any radio I've touched.
Re: Outdoor Wireless Access Point
I understand Ubiquity gear is very common, in use and available in Iran ... Look at their unifi product line. Faisal On Mar 31, 2012, at 5:38 AM, Shahab Vahabzadeh sh.vahabza...@gmail.com wrote: Hi there, I asked for a wireless solution for a university, in which they want indoor wireless solution for more than 5 building (at least two floor) and outdoor wireless solution for near 160m*280m garden. As I look for maps we need at least 3 or 4 outdoor radio, I think in these networks the best solution is to have only one SSID in whole network to give mobility for the network, is this called ad-hoc? or it has an other name? I do not know if I could ask question clearly or not, suppose we have 4 radio but only one SSID is broadcasting and when you are near the radio is near to you you will get service from that one, as this solution must be implement for indoor ones too. And if there is any good company which can both indoor and outdoor solution and they have shipping to Iran too or reseller in Iran please give me the url. Thanks -- Regards, Shahab Vahabzadeh, Network Engineer and System Administrator Cell Phone: +1 (415) 871 0742 PGP Key Fingerprint = 8E34 B335 D702 0CA7 5A81 C2EE 76A2 46C2 5367 BF90
Re: uunet ends newsfeed/newsreader in US
On Fri, 30 Mar 2012, Joe Greco wrote: Oddly enough, I'd think that bits on the wire are kind of expensive. Ports, circuits, etc. and those are on routers you own and circuits you lease. I can pick up a 4TB hard drive for $229. And that's currently an inflated price; back in September, 3TB drives were around $100. With traffic rates steady around 6TB/day for the past few years, IIRC, it isn't too fantastically expensive to store two weeks of binaries. Certainly cheaper than your average Cisco router. I would agree. When I still worked for an ISP, we outsourced our way out of the NNTP business around 2001 or so. Disk was much more expensive at that time, as was bandwidth. While I was successful in the mandate I got from the CEO in 1997 (Our news server sucks. I want you to make it kick ass.) and got our feeder up into the 300 range on the Freenix top 1000, it became apparent pretty quickly that the amount of money we were spending on bandwidth to sling all of that NNTP traffic around the net, and the $$ we would've had to spend on a larger disk array to keep retention times on the warez/por--- er... 'alt.binaries.*' groups would have been impossible to justify. Like most ISPs, we didn't charge a separate fee for access to the news server, so it was essentially a non-revenue service. Sure, there were a very small handful of die-hard news users who bought their service from us solely because our news server was good, but there were not enough of those users to justify the continued expense of running it, so we got out of that game. I think we outsourced to Remarq, or whatever their name was before it became Remarq, and as far as I knew, some of the die-hard users didn't know the difference, or didn't care enough to switch providers. jms
Re: airFiber
On 3/31/2012 6:14 AM, ML wrote: Often such a feature is an option within the radio configuration. Where wired side link follows wireless link. To me that never seemed like a good idea because I need to get into the radio during a wireless link-down situation. Maybe if there was an OOB ethernet port it could work but I haven't seen them on any radio I've touched. The Exalt radios, both licensed and unlicensed, have an OOB port. Quite handy for exactly this reason. I've had one of their EX-5r-c GigE pairs running at full rate on a 14 mile path for years now with no problems except when the garbage truck parks in front of the path briefly once a week. Matthew Kaufman
RFC 2410: NULL is not a joke (nor an April Fools joke)
In 2007 when Peter H. Salus and I published all the April Fools RFCs in one book we also included the poetry RFCs and the funny RFCs published outside of April Fools timeframe. Speaking of which... we included RFC 2410: The NULL Encryption Algorithm and Its Use With IPsec because, well, I thought it was funny. Specifying an encryption scheme for IPsec that does not encrypt the bytes is, well, funny. It turns out it wasn't published as a joke. Oops. No offense meant to the authors R. Glenn and S. Kent. Nobody pointed this out to me until years after the book was printed. Sadly because this book is printed on dead trees we can't take it back. We don't have a new edition that includes the 2008-2013 RFCs but those are pretty easy to find online. The book does include some commentary that isn't available on-line including forewords by Mike O'Dell, Scott Bradner, and Brad Templeton. I re-read them today and was impressed at how they have stood the test of time. More about the book here: http://rfchumor.com/ Order it on Amazon here: http://www.amazon.com/o/ASIN/1573980420/tomontime-20 Tom Limoncelli -- http://EverythingSysadmin.com -- my blog http://www.TomOnTime.com -- my videos
Re: Outdoor Wireless Access Point
On 3/31/2012 9:41 AM, Faisal Imtiaz wrote: I understand Ubiquity gear is very common, in use and available in Iran ... Look at their unifi product line. Faisal On Mar 31, 2012, at 5:38 AM, Shahab Vahabzadehsh.vahabza...@gmail.com wrote: Hi there, I asked for a wireless solution for a university, in which they want indoor wireless solution for more than 5 building (at least two floor) and outdoor wireless solution for near 160m*280m garden. As I look for maps we need at least 3 or 4 outdoor radio, I think in these networks the best solution is to have only one SSID in whole network to give mobility for the network, is this called ad-hoc? or it has an other name? I do not know if I could ask question clearly or not, suppose we have 4 radio but only one SSID is broadcasting and when you are near the radio is near to you you will get service from that one, as this solution must be implement for indoor ones too. And if there is any good company which can both indoor and outdoor solution and they have shipping to Iran too or reseller in Iran please give me the url. Thanks -- Regards, Shahab Vahabzadeh, Network Engineer and System Administrator Cell Phone: +1 (415) 871 0742 PGP Key Fingerprint = 8E34 B335 D702 0CA7 5A81 C2EE 76A2 46C2 5367 BF90 As far as I know Ubiquiti's UniFi product doesn't yet have a single SSID across multiple APs. Ruckus does have indoor and outdoor APs that when used in conjuction with their ZoneDirector product will provide a seemless SSID. I do not know if it is available in Iran though.
Re: airFiber
On Sat, Mar 31, 2012 at 7:14 AM, ML m...@kenweb.org wrote: Often such a feature is an option within the radio configuration. Where wired side link follows wireless link. To me that never seemed like a good idea because I need to get into the radio during a wireless link-down situation. Maybe if there was an OOB ethernet port it could work but I haven't seen them on any radio I've touched. These have an 100MB OOB management port, a 1GigE port, and a RJ45 for a speaker/tone device for aiding alignment. -- Genius might be described as a supreme capacity for getting its possessors into trouble of all kinds. -- Samuel Butler
Re: uunet ends newsfeed/newsreader in US
On Fri, Mar 30, 2012 at 09:48:58PM -0500, Jimmy Hess wrote: E-mail address harvesters (where you get bombarded with direct-emailed crap if you dare post a message to USENET). Insignificant: email address harvesting activity, in toto, on Usenet, is tiny compared to that conducted elsewhere. (A few moments' thought will suggest why.) The advantage 'forum sites' have is, you don't reveal your e-mail address to the public when posting. That's a bug, not a feature. And forum sites lack the far more important features that I enumerated in another message in this thread. And automated spam sending can be mitigated through the use of CAPTCHAs. Captchas have been quite, quite thoroughly beaten for some time. ---rsk p.s. Before anyone says but *my* captchas appear to be working, let me suggest this exchange as guidance: Londo, they could've killed me! Nonsense, you are not important enough to kill.
Re: airFiber
Often such a feature is an option within the radio configuration. Where wired side link follows wireless link. To me that never seemed like a good idea because I need to get into the radio during a wireless link-down situation. Maybe if there was an OOB ethernet port it could work but I haven't seen them on any radio I've touched. I have Trango, DragonWave, Motorola SAF Tehnika PTP gear in my network. All of them have OOB Ethernet. This feature is common, if not standard, for modern microwave backhaul. -- Blake Covarrubias
Re: Outdoor Wireless Access Point
On Mar 31, 2012, at 3:38 AM, Shahab Vahabzadeh sh.vahabza...@gmail.com wrote: As I look for maps we need at least 3 or 4 outdoor radio, I think in these networks the best solution is to have only one SSID in whole network to give mobility for the network, is this called ad-hoc? or it has an other name? No, it's still infrastructure mode, not ad-hoc. Ad-hoc means no access point. All you need to do is set the APs up to use the same SSID and authentication methods, keys, etc. It's pretty simple and can even be done with consumer gear (with less stable performance of course). If you don't put the APs all on the same layer 3 LAN (same subnet), you'll need some sort of controller-based solutions so that a user's IP address still makes sense to their computer when they move from one AP to another. If you can keep all the APs on one subnet, you won't need that. It gets a bit more complex if you are using radio to link buildings together and/or backhaul to the access point. There's plenty of good references on the internet. Note that the wireless handoffs aren't perfect on basic 802.11 gear. Your laptop might not pick the best AP if it can hear multiple APs. And you might lose a few packets when you hand-off between APs, but it's typically no big deal. Your ssh session would stay connected across those hand-offs just fine. If you plan on doing VoIP on the wireless, it gets more complex yet - you have to worry about the time it takes handoffs and that can be more complex. You have to implement WMM and DSCP. You need to worry about low-speed users (1mbps, 2mbps, etc) on the same link. It's a lot harder to build a VoIP wireless solution than a web browsing wireless solution, but still plentty possible to do without expensive equipment. In summary: you probably should find a guide on how to build wireless networks, preferably a vendor agnostic one. You will either be the hero of your organization or the enemy, depending on how well your network works.
Re: Outdoor Wireless Access Point
On Saturday, 31 March 2012, ML wrote: On 3/31/2012 9:41 AM, Faisal Imtiaz wrote: I understand Ubiquity gear is very common, in use and available in Iran ... Look at their unifi product line. Faisal On Mar 31, 2012, at 5:38 AM, Shahab Vahabzadehsh.vahabza...@gmail.com wrote: Hi there, I asked for a wireless solution for a university, in which they want indoor wireless solution for more than 5 building (at least two floor) and outdoor wireless solution for near 160m*280m garden. As I look for maps we need at least 3 or 4 outdoor radio, I think in these networks the best solution is to have only one SSID in whole network to give mobility for the network, is this called ad-hoc? or it has an other name? I do not know if I could ask question clearly or not, suppose we have 4 radio but only one SSID is broadcasting and when you are near the radio is near to you you will get service from that one, as this solution must be implement for indoor ones too. And if there is any good company which can both indoor and outdoor solution and they have shipping to Iran too or reseller in Iran please give me the url. Thanks -- Regards, Shahab Vahabzadeh, Network Engineer and System Administrator Cell Phone: +1 (415) 871 0742 PGP Key Fingerprint = 8E34 B335 D702 0CA7 5A81 C2EE 76A2 46C2 5367 BF90 As far as I know Ubiquiti's UniFi product doesn't yet have a single SSID across multiple APs. Ruckus does have indoor and outdoor APs that when used in conjuction with their ZoneDirector product will provide a seemless SSID. I do not know if it is available in Iran though. Yes it does and can have a guest SSID as well along with hand off to a ticket server http://www.ubnt.com/unifi Check out the specs Nice and cheap compared to others on the market too -- Martin -- -- Martin Hepworth Oxford, UK
Re: Outdoor Wireless Access Point
As far as I know Ubiquiti's UniFi product doesn't yet have a single SSID across multiple APs. Unifi does use the same SSID's across many AP's. It actually does that by default, unless you specifically disable an SSID on a particular AP. Oliver
Re: Outdoor Wireless Access Point
Yes Its VoIP over wireless, mostly this university need this wireless network for their professions and students which carry their IP Phones and I care about this. Thanks On Sat, Mar 31, 2012 at 9:26 PM, Joel Maslak jmas...@antelope.net wrote: On Mar 31, 2012, at 3:38 AM, Shahab Vahabzadeh sh.vahabza...@gmail.com wrote: As I look for maps we need at least 3 or 4 outdoor radio, I think in these networks the best solution is to have only one SSID in whole network to give mobility for the network, is this called ad-hoc? or it has an other name? No, it's still infrastructure mode, not ad-hoc. Ad-hoc means no access point. All you need to do is set the APs up to use the same SSID and authentication methods, keys, etc. It's pretty simple and can even be done with consumer gear (with less stable performance of course). If you don't put the APs all on the same layer 3 LAN (same subnet), you'll need some sort of controller-based solutions so that a user's IP address still makes sense to their computer when they move from one AP to another. If you can keep all the APs on one subnet, you won't need that. It gets a bit more complex if you are using radio to link buildings together and/or backhaul to the access point. There's plenty of good references on the internet. Note that the wireless handoffs aren't perfect on basic 802.11 gear. Your laptop might not pick the best AP if it can hear multiple APs. And you might lose a few packets when you hand-off between APs, but it's typically no big deal. Your ssh session would stay connected across those hand-offs just fine. If you plan on doing VoIP on the wireless, it gets more complex yet - you have to worry about the time it takes handoffs and that can be more complex. You have to implement WMM and DSCP. You need to worry about low-speed users (1mbps, 2mbps, etc) on the same link. It's a lot harder to build a VoIP wireless solution than a web browsing wireless solution, but still plentty possible to do without expensive equipment. In summary: you probably should find a guide on how to build wireless networks, preferably a vendor agnostic one. You will either be the hero of your organization or the enemy, depending on how well your network works. -- Regards, Shahab Vahabzadeh, Network Engineer and System Administrator Cell Phone: +1 (415) 871 0742 PGP Key Fingerprint = 8E34 B335 D702 0CA7 5A81 C2EE 76A2 46C2 5367 BF90
Re: uunet ends newsfeed/newsreader in US
USENET is definitely not dead. I wrote a search engine and aggregator for multipart articles posted to USENET binary groups over the course of a year and a half at the largest providor of USENET services in the world -- just a couple years ago. The data rates of incoming articles was just staggering...and growing by the day. One of the members of my development team on the USENET binary search engine project had been a principal at UUNET, so I do have a pretty good idea what happened to that outfit, organisationally. The details are unimportant. I do not think that the closing of a service that's undergone multiple acquisitions by actual competitors is at all surprising. Did the closing of Alta Vista a couple years ago after its acquisition by Yahoo! spell the death of internet search? No.
RE: airFiber
We actually have a lot of the old gigabeam radios in service, they are faster than the published specs of the airfiber links (1G full duplex vs 750 mbit/sec fd) and lower latency due to their very simplistic design. To be honest, from a network engineering standpoint, the gigabeams were conveninet as path issues would show up as ethernet errors that can be used to trigger reroutes or other events.That being said, we did not have a large variety of switches as the microwave side of our house is made up entirely of just a couple of cisco models.The gigabeams also have a pure OOB management setup. John
Re: Attack on the DNS ?
We already have this type of attack in Bucharest/Romania since last Friday. The targets where IP's of some local webhosters, but at one moment we event saw IP's from Go Daddy. Tcpdump will show something like: 11:10:41.447079 IP target open_resolver_ip.53: 80+ [1au] ANY? isc.org. (37) 11:10:41.447082 IP target open_resolver_ip.53: 59147+ [1au] ANY? isc.org. (37) 11:10:41.447084 IP target open_resolver_ip.53: 13885+ [1au] ANY? isc.org. (37) After one week the attack has been mostly mitigated, and the remaining open resolvers are probably windows servers. Apparently in bill'g world is impossible to restrict the recursion.
Re: Outdoor Wireless Access Point
Another +1 on unifi. Very happy with price and performance. Jared Mauch On Mar 31, 2012, at 1:09 PM, Oliver Garraux oli...@g.garraux.net wrote: As far as I know Ubiquiti's UniFi product doesn't yet have a single SSID across multiple APs. Unifi does use the same SSID's across many AP's. It actually does that by default, unless you specifically disable an SSID on a particular AP. Oliver
Re: Attack on the DNS ?
On Sat, 31 Mar 2012 05:05:46 -0400, Marshall Eubanks said: Anyone seen signs of this attack actually occurring ? http://www.nytimes.com/2012/03/31/technology/with-advance-warning-bracing-for-attack-on-internet-by-anonymous.html?_r=1 more snip Those preparations turned into a fast-track, multimillion-dollar global effort to beef up the Domain Name System. They offer a glimpse into the largely unknown forces that keep the Internet running in the face of unpredictable, potentially devastating threats. Was there *really* that much of a reaction to *this* threat, over and above the continual 24x7x365 ongoing effort to add resiliency and mitigation to the DNS? pgpb8duJFgus9.pgp Description: PGP signature
Re: Outdoor Wireless Access Point
On 3/31/2012 1:09 PM, Oliver Garraux wrote: As far as I know Ubiquiti's UniFi product doesn't yet have a single SSID across multiple APs. Unifi does use the same SSID's across many AP's. It actually does that by default, unless you specifically disable an SSID on a particular AP. Oliver Well I know UBNT is always improving their firmware so good. A year back I got the impression their software didn't support roaming and wireless clients would see multiple SSIDs with the same name instead of just one.
Re: Attack on the DNS ?
We already have this type of attack in Bucharest/Romania since last Friday. The targets where IP's of some local webhosters, but at one moment we event saw IP's from Go Daddy. Tcpdump will show something like: 11:10:41.447079 IP target open_resolver_ip.53: 80+ [1au] ANY? isc.org. (37) 11:10:41.447082 IP target open_resolver_ip.53: 59147+ [1au] ANY? isc.org. (37) 11:10:41.447084 IP target open_resolver_ip.53: 13885+ [1au] ANY? isc.org. (37) After one week the attack has been mostly mitigated, and the remaining open resolvers are probably windows servers. Apparently in bill'g world is impossible to restrict the recursion. This is a spoofed source amplification/reflection attack, and is really going on all the time. It has nothing to do with any possible Anonymous attack on the root name servers. ANY queries for isc.org and ripe.net are popular (ietf.org has also been seen), since they give a potentially large amplification factor. Steinar Haug, Nethelp consulting, sth...@nethelp.no
Re: uunet ends newsfeed/newsreader in US
Seems perfectly reasonable to me. The NNTP protocol can be used for lots of things and not just public newsgroup discussions. For a company that has a lot of offices distributed around the world there could be many applications for it. Microsoft uses it for support of their semi-public product betas. I think they also use it for internal support. R's, John
Re: uunet ends newsfeed/newsreader in US
John Levine wrote: Microsoft uses it for support of their semi-public product betas. I think they also use it for internal support. R's, John I just did a quick count and there are ~460 microsoft.public newsgroups. --Michael
Re: uunet ends newsfeed/newsreader in US
On Sat, 31 Mar 2012, John Levine wrote: Seems perfectly reasonable to me. The NNTP protocol can be used for lots of things and not just public newsgroup discussions. For a company that has a lot of offices distributed around the world there could be many applications for it. Microsoft uses it for support of their semi-public product betas. I think they also use it for internal support. We used it at work for many years for that same purpose, however all of those support functions were migrated to mailing lists over the past few years, and the news server itself was finally de-commissioned last year. jms
RE: Outdoor Wireless Access Point
Hi...How do I do it! I'm utterly amazed how many people give away free consultant work. We need to keep people working... not giving it away. Ethics... Security... etc... Does the university give away free diploma's? I don't think so. Must be another copy paste e^%$#?r too! Google is your friend... ;^) Cheers! Ephesians 4:32Cheers!!! A password is like a... toothbrush ;^) Choose a good one, change it regularly and don't share it. -Original Message- From: Shahab Vahabzadeh [mailto:sh.vahabza...@gmail.com] Sent: Saturday, March 31, 2012 2:39 AM To: nanog@nanog.org Subject: Outdoor Wireless Access Point Hi there, I asked for a wireless solution for a university, in which they want indoor wireless solution for more than 5 building (at least two floor) and outdoor wireless solution for near 160m*280m garden. As I look for maps we need at least 3 or 4 outdoor radio, I think in these networks the best solution is to have only one SSID in whole network to give mobility for the network, is this called ad-hoc? or it has an other name? I do not know if I could ask question clearly or not, suppose we have 4 radio but only one SSID is broadcasting and when you are near the radio is near to you you will get service from that one, as this solution must be implement for indoor ones too. And if there is any good company which can both indoor and outdoor solution and they have shipping to Iran too or reseller in Iran please give me the url. Thanks -- Regards, Shahab Vahabzadeh, Network Engineer and System Administrator Cell Phone: +1 (415) 871 0742 PGP Key Fingerprint = 8E34 B335 D702 0CA7 5A81 C2EE 76A2 46C2 5367 BF90
Re: Outdoor Wireless Access Point
On Sat, 31 Mar 2012 15:48:37 -0700, Network IP Dog said: I'm utterly amazed how many people give away free consultant work. A lot of us are quite busy with $DAYJOB and not in a position to take on a consulting engagement - and there's no good micropayment infrastructure to deal with 20-minute consulting gigs anyway. So we give away 5 minute chunks of our time for the benefit of the networking community. It's a large chunk of what makes 'best common practices' evolve. (Hint - that consultant you hired? How much of *their* knowledge did they aquire from other people's free advice?) And those of us who *do* go looking for consulting gigs often need to market ourselves as somebody clued. You read NANOG for a while, you get a good idea of who is clued and who isn't. And thus you decide who gets the gig. Google is your friend... ;^) http://www.xckd.com/979/ pgpWQ9rB5RjMm.pgp Description: PGP signature
ipv6 classful addressing with mesh?
So I came across this post the other day and wanted to see what folks think about it. https://plus.google.com/u/0/109418153881180057361/posts/AvjZbbK6T7X Here is the relevant portion: *Got anything more specific than that to go on?* Actually, yes. Although I still want community feedback on how the idea can be improved. Most mesh systems have pretty arbitrary ways of handing out IP addresses, so I say, put a little logic into 'em, in a consistent way that works well for routing between networks and across the existing internet. An IPv6 address is composed of 8 chunks, each of which is 4 hex digits long. The first chunk should be something arbitrary but unclaimed - anybody know if 00fd is taken? - which is used consistently to indicate that this is a mesh-global address. The next two chunks are the longitude and latitude, respectively, in whatever precision a chunk affords across its respective scope. These first three chunks make up the network prefix that defines one network as distinct from another. How much geographical accuracy does this imply? Just enough to indicate where the heart of a network is, or was traditionally. A chunk can represent any number from 0-65534, because it can represent up to 65535 unique numbers and we start at 0. So, longitude can be expressed as a number of degrees moved east of the prime meridian from 0-360. This means the difference between each integer in a longitude chunk is 360°/65535, or .005493°. At the equator, where a degree represents the longest distance, that works out to about .4 miles [1]. For any other latitude, however, precision is better than that. Latitude, which goes from -90 to +90, can be represented as a 0-180 number where the equator is at 90, which works out to .002747° precision. So, competing networks in the same area can have slightly different network prefixes, while still each being more or less accurate (because networks are big and amorphous) while the precision isn't enough to pinpoint any individual node of the network, which I'd say is a happy medium. Longitude comes first for easier routing, since inter-network send it east or send it west questions seem more likely to me to come up for most switches based on the geography of the continents and the nature of the existing backbone ring of the internet. The remaining chunks can be chosen according to whatever algorithm the network administrators feel like. Idiot devices that aren't consciously part of the mesh will generally just put up and shut up with whatever DHCP gives them anyways, so that's not too concerning. If you decide to use client MAC address as part of it, that only leaves chunk 4 left to be set, and you can use the first four digits of the md5 hash of the MAC for that if you need something arbitrary yet deterministic. Every network can have its gateways to the corporate internet, and be accessible from the outside through them. That way, you can have inter-mesh communication over existing internet in a lightweight way: your packet routes to a gateway in your network, then across the tubes, through a gateway at the destination network, and to the ultimate destination. No packet encapsulation, no complex routing bullshit, just point A to point B. That's a simplistic overview, of course. It doesn't include shortcuts like nodes that act as part of multiple, neighboring networks, thus acting as gateways between the two. It doesn't consider IPv4 requests and service, which will probably require an AYIYA-based tunnel negotiation between the client and a gateway. But as a basic pattern, it provides consistency and efficiency between independent networks, which as far as I can see, is a vast deal more important than making one mesh to rule them all. I'm not sure what to make of it. Seems like someone trying to re establish classful addressing and not understanding routing, subnets, managed networks etc.
Re: Attack on the DNS ?
I manage a tiny network in the Amazon, a satellite internet connection and decent sized wireless network. All of my users started complaining yesterday about lost connectivity except for Skype. I had no problems. I checked from the users' computers and could not resolve domain names (when Skype connects and nothing else does it's always been a DNS issue). After much troubleshooting I finally fired up Wireshark and saw that the DNS servers (or someone appearing to have their IP addresses) were replying to our queries with no such name. The reason I was having no problems is I'm using OpenDNS' DNSCrypt. With DNSCrypt on we have no problems. With good old fashioned unencrypted DNS (Googles, OpenDNS', our ISPs) we're barely able to communicate. Is DNS traffic being directed to bogus servers? Are the real servers being overloaded? Am I seeing the results of some kind of DDOS mitigation technique? Is anyone else seeing this? Greg Ihnen
Re: Attack on the DNS ?
I manage a tiny network in the Amazon, a satellite internet connection and decent sized wireless network. All of my users started complaining yesterday about lost connectivity except for Skype. I had no problems. I checked from the users' computers and could not resolve domain names (when Skype connects and nothing else does it's always been a DNS issue). After much troubleshooting I finally fired up Wireshark and saw that the DNS servers (or someone appearing to have their IP addresses) were replying to our queries with no such name. The reason I was having no problems is I'm using OpenDNS' DNSCrypt. With DNSCrypt on we have no problems. With good old fashioned unencrypted DNS (Googles, OpenDNS', our ISPs) we're barely able to communicate. Is DNS traffic being directed to bogus servers? Are the real servers being overloaded? Am I seeing the results of some kind of DDOS mitigation technique? Is anyone else seeing this? Greg Ihnen
Re: Attack on the DNS ?
I manage a tiny network in the Amazon, a satellite internet connection and decent sized wireless network. All of my users started complaining yesterday about lost connectivity except for Skype. I had no problems. I checked from the users' computers and could not resolve domain names (when Skype connects and nothing else does it's always been a DNS issue). After much troubleshooting I finally fired up Wireshark and saw that the DNS servers (or someone appearing to have their IP addresses) were replying to our queries with no such name. The reason I was having no problems is I'm using OpenDNS' DNSCrypt. With DNSCrypt on we have no problems. With good old fashioned unencrypted DNS (Googles, OpenDNS', our ISPs) we're barely able to communicate. Is DNS traffic being directed to bogus servers? Are the real servers being overloaded? Am I seeing the results of some kind of DDOS mitigation technique? Is anyone else seeing this? Greg Ihnen
Re: ipv6 classful addressing with mesh?
On Sat, 31 Mar 2012 19:35:05 -0500, Charles N Wyble said: How much geographical accuracy does this imply? Just enough to indicate where the heart of a network is, or was traditionally. A chunk can represent any number from 0-65534, because it can represent up to 65535 unique numbers and we start at 0. So, longitude can be expressed as a number of degrees moved east of the prime meridian from 0-360. This means the difference between each integer in a longitude chunk is 360°/65535, or .005493°. At the equator, where a degree represents the longest distance, that works out to about .4 miles [1]. For any other latitude, however, precision is better than that. Latitude, which goes from -90 to +90, can be represented as a 0-180 number where the equator is at 90, which works out to .002747° precision. I'll bite. Is 60 Hudson 0.4 miles wide? I'm not sure what to make of it. Seems like someone trying to re establish classful addressing and not understanding routing, subnets, managed networks etc. No, it's somebody trying to re-invent geographical routing and not understanding yadda yadda yadda. The traceroute from my apartment to my office, a 20 minute bike ride iin the real world: traceroute -A 192.70.187.198 traceroute to 192.70.187.198 (192.70.187.198), 30 hops max, 60 byte packets 1 192.168.2.1 (192.168.2.1) [AS8151/AS28513] 1.491 ms 1.452 ms 3.909 ms 2 71.62.120.1 (71.62.120.1) [AS21508] 18.133 ms 18.203 ms 37.221 ms 3 te-8-2-ur01.blacksburg.va.richmond.comcast.net (68.85.71.97) [AS20214] 18.002 ms 17.986 ms 17.959 ms 4 te-8-3-ar01.staunton.va.richmond.comcast.net (69.139.165.161) [AS33287] 21.101 ms 21.075 ms 21.047 ms 5 te-8-1-ar01.chesterfield.va.richmond.comcast.net (68.86.173.165) [AS21508] 29.087 ms 29.089 ms 29.029 ms 6 te-0-1-0-0-cr01.charlotte.nc.ibone.comcast.net (68.86.91.113) [AS7922] 38.882 ms 46.911 ms 46.916 ms 7 pos-3-14-0-0-cr01.atlanta.ga.ibone.comcast.net (68.86.85.213) [AS7922] 43.328 ms 45.617 ms 45.602 ms 8 nyc-e5.nyc.us.net.dtag.de (68.86.88.186) [AS7922] 45.585 ms 45.563 ms 45.540 ms 9 te4-2.ccr01.atl02.atlas.cogentco.com (154.54.10.233) [AS174] 42.049 ms 42.978 ms 42.959 ms 10 te0-0-0-1.ccr21.atl01.atlas.cogentco.com (154.54.0.165) [AS174] 41.061 ms 41.088 ms 41.097 ms 11 te0-5-0-7.ccr21.dca01.atlas.cogentco.com (154.54.42.193) [AS174] 40.750 ms te0-0-0-7.ccr21.dca01.atlas.cogentco.com (154.54.28.213) [AS174] 40.914 ms te0-0-0-3.ccr21.dca01.atlas.cogentco.com (154.54.28.201) [AS174] 40.878 ms 12 te0-1-0-5.ccr21.iad02.atlas.cogentco.com (154.54.2.50) [AS174] 40.638 ms te0-1-0-1.ccr21.iad02.atlas.cogentco.com (154.54.26.130) [AS174] 40.195 ms te0-3-0-5.ccr21.iad02.atlas.cogentco.com (154.54.41.230) [AS174] 43.299 ms 13 38.127.193.146 (38.127.193.146) [AS174] 43.281 ms 43.171 ms 43.208 ms 14 isb-7606-1.vl155.cns.vt.edu (192.70.187.148) [AS1312] 48.902 ms * * Quite the little trip - north to Staunton, south to Atlanta, north to DC, south to B'burg again, and I dunno WHAT happened at hop 8. :) Every single person who suggests geographically-based routing or addressing fails to understand that there's no cable connecting AS21508 to AS1312. And there's likely to never be one (we invited all the local providers to peer, several did accept because it lowered their upstream transit costs, Comcast apparently didn't see the added complexity as being worth the infinitesmal savings it would get them at their Cogent interconnect). So sending packets to 21508 because it's geographically close and hoping it will get to 1312 (or vice versa) is a fool's errand. And if you're not basing routing decisions based on the geographic address, who *cares* if the address reflects location? At that point, you're much better off basing my IP address off the fact that I'm a Comcast customer and Comcast probably knows how to get packets to me. I'll overlook the little detail that trying to use latitude and longitude as the basis for IPv6 addresses ends up wasting literally an entire Pacific's worth of address space. ;) pgpmQkOH08Ayl.pgp Description: PGP signature
Re: Attack on the DNS ?
Looks like your network has a user or two participating in this retarded attempt to drop the Internet. Thanks, Ameen Pishdadi On Mar 31, 2012, at 8:30 PM, Greg Ihnen os10ru...@gmail.com wrote: I manage a tiny network in the Amazon, a satellite internet connection and decent sized wireless network. All of my users started complaining yesterday about lost connectivity except for Skype. I had no problems. I checked from the users' computers and could not resolve domain names (when Skype connects and nothing else does it's always been a DNS issue). After much troubleshooting I finally fired up Wireshark and saw that the DNS servers (or someone appearing to have their IP addresses) were replying to our queries with no such name. The reason I was having no problems is I'm using OpenDNS' DNSCrypt. With DNSCrypt on we have no problems. With good old fashioned unencrypted DNS (Googles, OpenDNS', our ISPs) we're barely able to communicate. Is DNS traffic being directed to bogus servers? Are the real servers being overloaded? Am I seeing the results of some kind of DDOS mitigation technique? Is anyone else seeing this? Greg Ihnen
RE: Outdoor Wireless Access Point
Hi...How do I do it! I'm utterly amazed how many people give away free consultant work. We need to keep people working... not giving it away. Ethics... Security... etc... Does the university give away free diploma's? I don't think so. I don't expect a free diploma, but many universities are offering free internet videos of various classes. If you want a sample, here are a few good starting points: http://ocw.mit.edu/ http://oyc.yale.edu/ http://webcast.berkeley.edu/ -- These are my opinions, not necessarily my employer's. I hate spam.
Re: Outdoor Wireless Access Point
On 01/04/12 09:49, valdis.kletni...@vt.edu wrote: On Sat, 31 Mar 2012 15:48:37 -0700, Network IP Dog said: I'm utterly amazed how many people give away free consultant work. A lot of us are quite busy with $DAYJOB and not in a position to take on a consulting engagement - and there's no good micropayment infrastructure to deal with 20-minute consulting gigs anyway. So we give away 5 minute chunks of our time for the benefit of the networking community. It's a large chunk of what makes 'best common practices' evolve. (Hint - that consultant you hired? How much of *their* knowledge did they aquire from other people's free advice?) Also if it's something that makes you go huh, good question the time spent to research it can often pay off later (several times now I've spent hours thinking over a list question, and had something similar asked of me in my day job only a few days or weeks later).
