Re: Verizon DSL moving to CGN
Huasong Zhou huas...@kalorama.com writes: We got this modem and router all in one box from Comcast directly. OK, so the NAT is taking place in the router you got from Comcast, not in Carrier Grade NAT in Comcast's network. A fine distinction but an important one. The external address of your router is (a) globally unique, and (b) not shared with any other customer. And by the way, home use routers don't assign 10.0.0.0 numbers. Who told you that? I offer you as a counterexample (all? maybe just every one I've owned?) the Airports from Apple. Default LAN address is 10.0.1.1. -r
Re: Verizon DSL moving to CGN
On 9-4-2013 1:10, Jay Ashworth wrote: - Original Message - From: Huasong Zhou huas...@kalorama.com We got this modem and router all in one box from Comcast directly. And by the way, home use routers don't assign 10.0.0.0 numbers. I have seen consumer NAT routers assign addresses in all three RFC1918 blocks, though I couldn't cite particular models for you. 10./ is less common than 172./, but not impossible. Early Alcatel/Lucent Speedtouch modems assigned 10/8 to the LAN, effectively breaking all VPN networking to our office. No fun to be had in that one. Luckily all these shipped without Wifi and have now all been replaced by Thomson wifi models that use 192.168.[01]/24 Some of the AlliedData Copperjet modems use 172.x Regards, Seth
Re: Verizon DSL moving to CGN
Quoting: Date: Sun, 7 Apr 2013 09:31:22 +0200 (CEST) From: Mikael Abrahamsson swm...@swm.pp.se To: nanog list nanog@nanog.org Subject: Re: Verizon DSL moving to CGN On Sun, 7 Apr 2013, Fabien Delmotte wrote: CGN is just a solution to save time, it is not a transition mechanism through IPv6 At the end (IPv6 at home) you will need at list : Dual stack or NAT64/ DNS64 CGN doesn't stop anyone deploying dual stack. NAT64/DNS64 is dead in the water without other mechanisms (464XLAT or alike). Defusing the dead-in-the-water phrase: An IPv4 solution with NAT64/DNS64 will still enable pure IPv6 SS devices without built-in NAT46 to still access the majority of the IPV4 world. (There are few IPV4-over-IPv6 technologies that can make a similar claim so thats already one step ahead of the competition on the IPv4 sunset path) XLAT464 (CLAT46+PLAT64) is now published as RFC6877. It is the most mature sunset technology - Is a single vendor offering out there that either does not already have a NAT64 function or doesn't have it in their roadmaps ? Greets Karl Pospisek from Melbourne AU.
Re: Open Resolver Dataset Update
Jared, If you mean there can be a referral with RCODE=0 and Recursion Available = 0, you'll need a third column actually documenting if there is a referral. This server is listed in ORP: $ dig www.google.be @195.160.166.139 ; DiG 9.7.3 www.google.be @195.160.166.139 ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 615 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;www.google.be. IN A ;; Query time: 6 msec ;; SERVER: 195.160.166.139#53(195.160.166.139) ;; WHEN: Tue Apr 9 14:58:21 2013 ;; MSG SIZE rcvd: 31 RCODE=0, Recursion available=0: http://openresolverproject.org/search.cgi?mode=search6search_for=195.160.166.0%2F24 Hence my question, what is it doing wrong? Tom On Mon, 2013-04-08 at 07:05 -0400, Jared Mauch wrote: The referral, including a referral to root can be quite large. Even larger than answering a normal query. I have broken the data out for the purpose of letting people identify the IPs that provide that. Jared Mauch On Apr 8, 2013, at 3:08 AM, Tom Laermans tom.laerm...@phyxia.net wrote: As far as I know, responding either NOERROR or REFUSED produces packets of the same size.
Closing the gap to improve the capacity of existing fiber optic networks
http://www.gizmag.com/cudos-fiber-optic-network-capacity/26969/ Closing the gap to improve the capacity of existing fiber optic networks By Darren Quick April 7, 2013 Researchers claim to have increased the data capacity of optical networks to the point that all of the world’s internet traffic could be transmitted via a single fiber (Photo: Shutterstock) A team of researchers working through Australia’s Centre for Ultrahigh Bandwidth Devices for Optical Systems (CUDOS) has developed data encoding technology that increases the efficiency of existing fiber optic cable networks. The researchers claim their invention increases the data capacity of optical networks to the point that all of the world’s internet traffic could be transmitted via a single fiber. Compatible with existing networks, the data encoding technology involves making more efficient use of available data channels. Where existing networks transmit data with gaps between the channels, the new approach packs the data channels closer together, thereby allowing more lanes on the same super-highway. To demonstrate the system, the researchers re-programmed a LCoS (liquid crystal on silicon) Wavelength Selective Switch (WSS) to make more efficient use of available data channels. A WWS is a network component that uses different wavelengths of laser light to combine (or multiplex) multiple digital data streams onto a single optical fiber. The research team, which included Professor Arthur Lowery and Dr Liang Du of the Monash Department of Electrical and Computer Systems Engineering and Jochen Schroeder, Joel Carpenter and Ben Eggleton from the University of Sydney, managed to transmit a signal of 10 terabits per second (Tb/s) more than 850 km (528 miles) using the new technology. That’s still well short of the 26 Tb/s data transmission speeds achieved by scientists at Germany's Karlsruhe Institute of Technology (KIT), but is over a far greater distance than the 50 km (31 miles) that team achieved. Professor Lowry said that the switch could be used to squeeze signals into the gaps in data traffic that flows around large optical-ring networks between cities. Importantly, new traffic can be squeezed into the fiber at any location and added to any ‘lane’ of the fiber freeway even between existing lanes,” he said. Rather than laying hundreds of new parallel optical fibers to boost network capacity, we can make more efficient use of the existing network by tweaking the way data is transmitted over long distances. “Our approach is so flexible, network operators could adjust capacity to respond to increased demand, for example from people following big sport events like the Olympics, added Dr Schröder. The team believes the technology would allow existing infrastructure to cope with the rising demand for internet, which is expected to increase 1,000 fold over the coming decade, with minimal investment. Because we are have made use of equipment that is already on the market, this technology could be translated to the consumer quite quickly,” said Dr Du. The team’s findings were presented last month at the Optical Fiber Communication Conference in California. It was presented as a postdeadline paper, which are intended to give attendees the opportunity to hear breakthrough results in rapidly advancing areas. Source: CUDOS
cloudmark?
Hi, rant it seems that many large providers are using cloudmark services. As far as I can tell: their policy is unclear, they can hardly be reached, mails to support are bouncing (delayed, then bounce). yes, the mailserver from one of our customers was blocked and this was OK and rightful, because they had a problem (cracked account). After the problem was resolved we started removing their IPv4 address from blacklists and almost all lists removed the ban immediately. cloudmark CSI service (reset request form) wants a form to be filled ... and they claim that they send out an email ... but it doesn't make its way to my inbox (no, no filters ...) and support can't be reached. Where are the good old times when the 'net was controlled by techs and not by lawyers? I can't recommend cloudmark. /rant greetings, martin
ipfix analyzers
Can someone point me to IPFIX analysers that do automatic learning of traffic patterns, raise events as suspected dos, and when operator marked as false positive, won't trigger that pattern anymore? This should be without configuring any explicit network ranges anywhere. So when I do get new customer, I don't have to teach the system about it. At simplest, maybe it could be static n pps / n Mbps per IP, then keep hitting false positive button, until they disappear. Other thing I'm missing from Arbor, is as far as I can see, it does not really like IXP. I don't know how you can ask via webUI to show traffic from ASNX in IXP port Y. I can ask traffic in port X or traffic in ASNX, but not traffic in ASNX in port X. You can dig this out of IPFIX data really easily. Both of these seem really trivial issues, frankly not much more than full work day to produce in homegrown IPFIX analyzer if you don't have to worry about bigdata/scaling (which I do). But is there product I can buy, which satisfies these requirements? -- ++ytti
Re: cloudmark?
On 2013-04-09 10:27, Chris Conn wrote: Hi, rant it seems that many large providers are using cloudmark services. As far as I can tell: their policy is unclear, they can hardly be reached, mails to support are bouncing (delayed, then bounce). yes, the mailserver from one of our customers was blocked and this was OK and rightful, because they had a problem (cracked account). After the problem was resolved we started removing their IPv4 address from blacklists and almost all lists removed the ban immediately. cloudmark CSI service (reset request form) wants a form to be filled ... and they claim that they send out an email ... but it doesn't make its way to my inbox (no, no filters ...) and support can't be reached. Where are the good old times when the 'net was controlled by techs and not by lawyers? I can't recommend cloudmark. /rant Your experience does not mirror mine at all. I have less than 30 minutes of wait time for any support case, and they are few and far between. Reliability is high and FP rate is low. I have no idea what your reference to lawyers pertains to, however the only issue we have ever had was for them to take our money when we renewed for the umpteenth time. Maybe they cater to smaller providers more efficiently. Chris
Re: Verizon DSL moving to CGN
On 4/8/13 9:23 PM, Seth Mattinen se...@rollernet.us wrote: On 4/8/13 5:55 PM, Owen DeLong wrote: On Apr 7, 2013, at 18:45 , Huasong Zhou huas...@kalorama.com wrote: We got this modem and router all in one box from Comcast directly. And by the way, home use routers don't assign 10.0.0.0 numbers. Some do. ATT U-verse used to have 10.0.0.0/8 as an option until a firmware update removed that capability. My bet is on CGN prep work. No, we (Comcast) are not doing CGN prep work. Jason Livingood Comcast
Re: Verizon DSL moving to CGN
On 4/7/13 9:45 PM, Huasong Zhou huas...@kalorama.com wrote: We got this modem and router all in one box from Comcast directly. And by the way, home use routers don't assign 10.0.0.0 numbers. Sure they can. And I'm sure if you checked the WAN interface of the device it has a public IPv4 address. - Jason
Re: NANOG 58 - New Orleans - Call For Presentations is open!
Reminder- the RFP closed yesterday but we will continue to accept submissions through the end of the week. Regards, -Dave On Mon, Mar 25, 2013 at 9:47 AM, David Temkin d...@temk.in wrote: Just a reminder that the RFP is still open for NANOG 58! Regards, -Dave On Fri, Mar 1, 2013 at 12:02 PM, David Temkin d...@temk.in wrote: *Fresh off of a great NANOG 57 in Orlando, your program committee is already working hard to provide a world-class program for NANOG 58 in NOLA - New Orleans, Louisiana - one of my favorite destinations in the world.* * * *As a reminder, we will be following the same Monday-Wednesday program that we started at NANOG 57, with Tutorials beginning Monday morning and closing with the Peering Track (and potentially a social) on Wednesday evening. * * * *We look forward to seeing everyone in The Big Easy!* * The North American Network Operators' Group (NANOG) will hold its 58th meeting in New Orleans on June 3rd - 5th, 2013 Verizon Terremark will host NANOG 58. The NANOG Program Committee is now seeking proposals for presentations, panels, tutorials, tracks sessions, keynote materials, and the NOGLab experience for the NANOG 58 program. We invite presentations highlighting issues relating to technology already deployed or soon-to-be deployed in the Internet. Vendors are encouraged to work with operators to present real-world deployment experiences with the vendor's products and interoperability via the program and as part of the NOGLab. NANOG 58 submissions are welcome at http://pc.nanog.org. About NANOG NANOG is the premier meeting for network operators in North America. Meetings provide a forum for information exchange among network operators, engineers, and researchers. NANOG meets three times each year, and includes panels, presentations, tutorial sessions, tracks, informal BOFs, and a NOGLab which features interoperability demonstrations. NANOG attendees include operators from networks of all sizes, enterprise operators, peering coordinators, transport and switching equipment vendors, and network researchers. NANOG attendees will share ideas and interact with leaders in the field of network operations, discuss current operational events and issues, and learn about state-of-the-art operational techniques. Materials from NANOG 58 will be archived at: http://www.nanog.org/meetings/nanog58/http://www.nanog.org/meetings/nanog55/ http://www.nanog.org/meetings/nanog55/ Key Dates for NANOG 58 • CFP Opens for NANOG 58: 25-February-2013 • CFP Deadline #1: Presentation Abstracts Due: 8-April-2013 • CFP Deadline #2: Presentation Slides Due: 29-April-2013 • NANOG Highlights Page Posted: 22-April-2013 • Preliminary Topic List Posted: 26-April-2013 • Meeting Agenda Published: 13-May-2013 • Meeting Agenda Final sent to printer: 20-May-2013 • Lightning Talk Submissions Open (Abstracts Only): 2-June-2013 • Speaker FINAL presentations to PCTool or speaker-support: 31-May-2013 • On-Site Registration: 31-May-2013 The NANOG Program Committee seeks proposals for presentations, panels, tutorial sessions, tracks, and BOFs in all areas of network operations, including (but not limited to): - Power and facilities - Topics may include power reliability and engineering, green power, power efficiency, cooling, and facilities management. - Interconnections - Topics may include IXes, intra-building, MMR, metro-wide connections, peering, and transit purchasing tactics and strategies. - Security - Topics may include routing security, route filtering of large peers/customers, and inter-AS security and cooperation. - DNS - Topics may include using DNS data for network metrics, botnet discovery, and geolocation. - IPv6 - Topics may include real-world deployment challenges, Carrier Grade NAT, NAT-PT implementations that work and scale, and allocation strategies. - Content - Topics may include Distribution (p2p, IPTV), content payment models, content distribution technologies and networks, and storage/archiving. - Disaster recovery - Topics may include risk analysis, training, agencies, planning methods, hardware portability, key tools, transport audits, and other lessons learned. In general, presentations are being sought by and for network operators of all sizes. Presentations about difficult problems (and interesting solutions) that you encounter in the course of your job are encouraged. In addition, the Program Committee, through participation with other organizations and vendor’s, will be programming a NOGLab experience. The topic of the NOGLab will be timely and feature real-world experiences faced by operators of today’s Internet. If you think you have an interesting topic but want some feedback or assistance working it into a presentation, please email the Program Committee chair (ch...@pc.nanog.org), and a representative on the
Re: Closing the gap to improve the capacity of existing fiber optic networks
On 9 April 2013 15:09, Eugen Leitl eu...@leitl.org wrote: ... “Our approach is so flexible, network operators could adjust capacity to respond to increased demand, for example from people following big sport events like the Olympics, added Dr Schröder. As a Internet user: We want more bandwidth every second and every minute of the day. We don't want to wait for youtube videos to stream, games to download, we don't want lag in our videogames while other member of the family is streaming a movie. Give me 2 tera/s, and I will have lag in my mmorpg game while my dad watch 4K video from Netflix. It will not be enough. Never enough is enough. Theres only one answer More, and is all the time 365 days every year. +1 a leap year. I suppose the line is to try to explain it to no-internet users. But is still weird. -- -- ℱin del ℳensaje.
Hazmat at 400 N Tampa
WFLA TV reports that Tampa Fire is working a hazmat call at 400 N Tampa. http://www.wfla.com/story/21920646/hazmat-situation-in-downtown-tampa Park Tower is the carrier hotel for Tampa Bay; there are about 13 carriers in that building, at least 9 of which have major POPs and xconn there. Depending on what the actual problem is, Tampa Bay, Florida, or the Southeast may see repercussions from this. Followups to outages-discuss...@outages.org, please (except for actual further outage data). (I would set followups, but Zimbra 6 sucks.) Cheers, -- jra -- Jay R. Ashworth Baylink j...@baylink.com Designer The Things I Think RFC 2100 Ashworth Associates http://baylink.pitas.com 2000 Land Rover DII St Petersburg FL USA #natog +1 727 647 1274
Re: cloudmark?
Date: Tue, 09 Apr 2013 10:31:08 -0400 From: Chris Conn cc...@b2b2c.ca To: nanog@nanog.org Subject: Re: cloudmark? Message-ID: 5164262c.3070...@b2b2c.ca Content-Type: text/plain; charset=ISO-8859-1; format=flowed On 2013-04-09 10:27, Chris Conn wrote: (...) Your experience does not mirror mine at all. I have less than 30 good for you. :-) minutes of wait time for any support case, and they are few and far between. Reliability is high and FP rate is low. I have no idea what your reference to lawyers pertains to, however the only issue we have ever had was for them to take our money when we renewed for the umpteenth time. We are not a paying cloudmark customer. We just want to get one of our IPv4 address off of their list. #m
Re: Quad-A records in Network Solutions ?
Hi Carlos, list, Today I entered to networksolutions.com and I remembered this thread. I had to administer a domain name and I sadly found they have done nothing in IPv6 during the last 12 month. Regards, ^Ao$ On 3/28/12, Carlos Martinez-Cagnazzo carlosm3...@gmail.com wrote: Hello all, I just received a heads-up from a friend telling me that Network Solutions is unable/unwilling to configure 's for .com/.net domains. He works for a large media outlet who will be enabling IPv6 on their sites for World IPv6 Launch Day. I hope it's just a misunderstanding. If it's not, I would love to know if there is a reason for this, and if they have a timeline for supporting 's. It's ok to contact me privately. regards Carlos
Re: Quad-A records in Network Solutions ?
Hi, At least I know the infrastructure is not ready to accept IPv6 for NS registration. I tried with NetSol and GoD. Which remind me... I'm still waiting on my NSx.BCP38.ORG from GoD? Grr... (hate when someone is right) - Alain Hebertaheb...@pubnix.net PubNIX Inc. 50 boul. St-Charles P.O. Box 26770 Beaconsfield, Quebec H9W 6G7 Tel: 514-990-5911 http://www.pubnix.netFax: 514-990-9443 On 04/09/13 14:42, Alejandro Acosta wrote: Hi Carlos, list, Today I entered to networksolutions.com and I remembered this thread. I had to administer a domain name and I sadly found they have done nothing in IPv6 during the last 12 month. Regards, ^Ao$ On 3/28/12, Carlos Martinez-Cagnazzo carlosm3...@gmail.com wrote: Hello all, I just received a heads-up from a friend telling me that Network Solutions is unable/unwilling to configure 's for .com/.net domains. He works for a large media outlet who will be enabling IPv6 on their sites for World IPv6 Launch Day. I hope it's just a misunderstanding. If it's not, I would love to know if there is a reason for this, and if they have a timeline for supporting 's. It's ok to contact me privately. regards Carlos
Re: Quad-A records in Network Solutions ?
You have a choice of registrars. If you don't like the one you are using right now, choose a different one. There are lots to choose from. http://www.icann.org/registrar-reports/accredited-list.html Joe Sent from my Ono-Sendai Cyberspace 7 On 2013-04-10, at 2:42, Alejandro Acosta alejandroacostaal...@gmail.com wrote: Hi Carlos, list, Today I entered to networksolutions.com and I remembered this thread. I had to administer a domain name and I sadly found they have done nothing in IPv6 during the last 12 month. Regards, ^Ao$ On 3/28/12, Carlos Martinez-Cagnazzo carlosm3...@gmail.com wrote: Hello all, I just received a heads-up from a friend telling me that Network Solutions is unable/unwilling to configure 's for .com/.net domains. He works for a large media outlet who will be enabling IPv6 on their sites for World IPv6 Launch Day. I hope it's just a misunderstanding. If it's not, I would love to know if there is a reason for this, and if they have a timeline for supporting 's. It's ok to contact me privately. regards Carlos
Re: Open Resolver Dataset Update
Tom, The main criteria is the RCODE=0 vs RCODE=5 refused. I exposed the Recursion Available bit this last week to cover more of the use cases, but many servers provide a very large referral to root. You are correct in that your system doesn't provide that so should be less visible as a result. I haven't coded everything to pull out that level of data from the responses. Of the responding IPs, a fair percentage 89% respond with the RA bit set. I'm working to close the gap on exposing the direct data of those last 11% in a more detailed bit of information, including if it provides a root referral or otherwise. Hope this helps, - Jared On Apr 9, 2013, at 8:59 AM, Tom Laermans tom.laerm...@phyxia.net wrote: Jared, If you mean there can be a referral with RCODE=0 and Recursion Available = 0, you'll need a third column actually documenting if there is a referral. This server is listed in ORP: $ dig www.google.be @195.160.166.139 ; DiG 9.7.3 www.google.be @195.160.166.139 ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 615 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;www.google.be. IN A ;; Query time: 6 msec ;; SERVER: 195.160.166.139#53(195.160.166.139) ;; WHEN: Tue Apr 9 14:58:21 2013 ;; MSG SIZE rcvd: 31 RCODE=0, Recursion available=0: http://openresolverproject.org/search.cgi?mode=search6search_for=195.160.166.0%2F24 Hence my question, what is it doing wrong? Tom On Mon, 2013-04-08 at 07:05 -0400, Jared Mauch wrote: The referral, including a referral to root can be quite large. Even larger than answering a normal query. I have broken the data out for the purpose of letting people identify the IPs that provide that. Jared Mauch On Apr 8, 2013, at 3:08 AM, Tom Laermans tom.laerm...@phyxia.net wrote: As far as I know, responding either NOERROR or REFUSED produces packets of the same size.
Re: Open Resolver Dataset Update
In the last 2 weeks we have seen double the amount of ddos attacks, and way bigger then normal. All of them being amplification attacks. I think the media whoring done during the spamhaus debacle motivated more people to invest time building up there openresolver list, since really no one has disclosed attacks of that size and gave the blueprints of how to do it. Now we know the attack has been around for awhile but no one really knew how big they could take it until a couple weeks ago.. Now I know your openresolver DB is meant to get them closed but it would take only a small amount of someones day to write a script to crawl your database.. You go to fixedorbit.com or something of the sort, look up the as's of the biggest hosting companies, plop there list of ip allocaitons in to a text file, run the script and boom i now have the biggest open resolver list to feed my botnet.. Maybe you should require some sort of CAPTCHA or registration to view that database. While im sure people have other ways of gathering up the open resolvers , you just took away all the work and handed it to them on a silver platter. While i am and others surely are greatful for the data, i think a little more thought should be put in how you are going to deliver the data to who should have it, and that would be the network / AS they are hanging off of. just my 2 cents.. P.S. I would like to get a list for our AS off list if you can reply back directly. On Tue, Apr 9, 2013 at 3:15 PM, Jared Mauch ja...@puck.nether.net wrote: Tom, The main criteria is the RCODE=0 vs RCODE=5 refused. I exposed the Recursion Available bit this last week to cover more of the use cases, but many servers provide a very large referral to root. You are correct in that your system doesn't provide that so should be less visible as a result. I haven't coded everything to pull out that level of data from the responses. Of the responding IPs, a fair percentage 89% respond with the RA bit set. I'm working to close the gap on exposing the direct data of those last 11% in a more detailed bit of information, including if it provides a root referral or otherwise. Hope this helps, - Jared On Apr 9, 2013, at 8:59 AM, Tom Laermans tom.laerm...@phyxia.net wrote: Jared, If you mean there can be a referral with RCODE=0 and Recursion Available = 0, you'll need a third column actually documenting if there is a referral. This server is listed in ORP: $ dig www.google.be @195.160.166.139 ; DiG 9.7.3 www.google.be @195.160.166.139 ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 615 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;www.google.be. IN A ;; Query time: 6 msec ;; SERVER: 195.160.166.139#53(195.160.166.139) ;; WHEN: Tue Apr 9 14:58:21 2013 ;; MSG SIZE rcvd: 31 RCODE=0, Recursion available=0: http://openresolverproject.org/search.cgi?mode=search6search_for=195.160.166.0%2F24 Hence my question, what is it doing wrong? Tom On Mon, 2013-04-08 at 07:05 -0400, Jared Mauch wrote: The referral, including a referral to root can be quite large. Even larger than answering a normal query. I have broken the data out for the purpose of letting people identify the IPs that provide that. Jared Mauch On Apr 8, 2013, at 3:08 AM, Tom Laermans tom.laerm...@phyxia.net wrote: As far as I know, responding either NOERROR or REFUSED produces packets of the same size.
Re: Quad-A records in Network Solutions ?
Not accepting is just about as bad as not accepting A records. You wouldn't certify a registrar if they couldn't update A records. It's about time certification was lost for failure to handle records. The same should also apply for DS records. In message 6d7961e1-f0fe-4674-8f8e-49cb5226d...@hopcount.ca, Joe Abley writes : You have a choice of registrars. If you don't like the one you are using rig= ht now, choose a different one. There are lots to choose from. http://www.icann.org/registrar-reports/accredited-list.html Joe Sent from my Ono-Sendai Cyberspace 7 On 2013-04-10, at 2:42, Alejandro Acosta alejandroacostaal...@gmail.com wr= ote: Hi Carlos, list, Today I entered to networksolutions.com and I remembered this thread. I had to administer a domain name and I sadly found they have done nothing in IPv6 during the last 12 month. =20 Regards, =20 ^Ao$ =20 On 3/28/12, Carlos Martinez-Cagnazzo carlosm3...@gmail.com wrote: Hello all, =20 I just received a heads-up from a friend telling me that Network Solutions is unable/unwilling to configure 's for .com/.net domains. He works for a large media outlet who will be enabling IPv6 on their sites for World IPv6 Launch Day. =20 I hope it's just a misunderstanding. If it's not, I would love to know if there is a reason for this, and if they have a timeline for supporting 's. =20 It's ok to contact me privately. =20 regards =20 Carlos =20 -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
Re: Quad-A records in Network Solutions ?
Yo Mark! On Wed, 10 Apr 2013 09:23:34 +1000 Mark Andrews ma...@isc.org wrote: Not accepting is just about as bad as not accepting A records. You wouldn't certify a registrar if they couldn't update A records. It's about time certification was lost for failure to handle records. The same should also apply for DS records. +1 RGDS GARY --- Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97701 g...@rellim.com Tel:+1(541)382-8588 signature.asc Description: PGP signature
Re: Quad-A records in Network Solutions ?
On 4/9/13 4:23 PM, Mark Andrews wrote: It's about time certification was lost for failure to handle records. The same should also apply for DS records. You can suggest this to the compliance team. It seems to me (registrar hat == on) that in 2.5 years time, when Staff next conducts a registrar audit, that this is a reasonable expectation of an accreditation holding contracted party. It simply needs to be added to the base RAA agreement. Joe _may_ be in a position to encourage the compliance team to develop a metric and a test mechanism, but at present, the compliance team appears to be capable of WHOIS:43 harvesting (via Kent's boxen) and occasional WHOIS:80 scraping, and little else beyond records reconciliation for a limited sample. NB, investing equal oversight labor in all current (and former) RAA holders is (a) a significant duplication of effort for little possible benefit where shell registrars are concerned, and (b) treats registrars (and their registrants' interests in fair dealing) with a few hundreds of domains and registrars (and their registrants' interests) with 10% or more of the total gTLD registry market indifferently by policy and enforcement tool design. The latter means most registrants (those with performance contracts from registrars with 10% market share) receive several orders of magnitude less contractual oversight protections than registrants using registrars with a few hundred names under management. IMHO, that's a problem that could be fixed. Eric
IANA AS Numbers registry update
The IANA AS Numbers registry has been updated to reflect the allocation of 1 block to LACNIC in 2013-04-08: 61440-62463 You can find the IANA AS Numbers registry at: http://www.iana.org/assignments/as-numbers/as-numbers.xml Regards, Selina Harrington IANA Request Specialist ICANN
Re: need help about free bandwidth graph program
There's also bandwidthd which can be added to the list. Nfsen is the front end for nfdump (much like SiLK) with graphs and it has plugins to graph port usage, etc. On Apr 9, 2013, at 4:51 AM, Deric Kwok deric.kwok2...@gmail.com wrote: Hi all Do you know any opensource program bandwidthgraph by ipaddess? Thank you
Re: Quad-A records in Network Solutions ?
I said all of this years ago as a suggestion for the next round of contract renewals (since I was told that it had to be added to the contracts first). Best of luck. Personally, I think it should have been a requirement at least 5 years ago. Owen On Apr 9, 2013, at 16:48 , Eric Brunner-Williams brun...@nic-naa.net wrote: On 4/9/13 4:23 PM, Mark Andrews wrote: It's about time certification was lost for failure to handle records. The same should also apply for DS records. You can suggest this to the compliance team. It seems to me (registrar hat == on) that in 2.5 years time, when Staff next conducts a registrar audit, that this is a reasonable expectation of an accreditation holding contracted party. It simply needs to be added to the base RAA agreement. Joe _may_ be in a position to encourage the compliance team to develop a metric and a test mechanism, but at present, the compliance team appears to be capable of WHOIS:43 harvesting (via Kent's boxen) and occasional WHOIS:80 scraping, and little else beyond records reconciliation for a limited sample. NB, investing equal oversight labor in all current (and former) RAA holders is (a) a significant duplication of effort for little possible benefit where shell registrars are concerned, and (b) treats registrars (and their registrants' interests in fair dealing) with a few hundreds of domains and registrars (and their registrants' interests) with 10% or more of the total gTLD registry market indifferently by policy and enforcement tool design. The latter means most registrants (those with performance contracts from registrars with 10% market share) receive several orders of magnitude less contractual oversight protections than registrants using registrars with a few hundred names under management. IMHO, that's a problem that could be fixed. Eric
Re: Quad-A records in Network Solutions ?
Can you point is at the right address or form to submit regarding this? Seems like its time for both on and DS. Jared Mauch On Apr 9, 2013, at 7:48 PM, Eric Brunner-Williams brun...@nic-naa.net wrote: On 4/9/13 4:23 PM, Mark Andrews wrote: It's about time certification was lost for failure to handle records. The same should also apply for DS records. You can suggest this to the compliance team. It seems to me (registrar hat == on) that in 2.5 years time, when Staff next conducts a registrar audit, that this is a reasonable expectation of an accreditation holding contracted party. It simply needs to be added to the base RAA agreement.
NANOG - csi reset request
Martin, I sent you this email from our corporate email, and haven't heard back. Did you receive this? Regards, Bryan Williams Sr. Solutions Architect Cloudmark, Inc From: Bryan Williams bwilli...@cloudmark.commailto:bwilli...@cloudmark.com Date: Tuesday, April 9, 2013 12:58 PM To: m.ho...@hotze.commailto:m.ho...@hotze.com m.ho...@hotze.commailto:m.ho...@hotze.com Subject: NANOG - csi reset request I searched through the recent requests, and couldn't find any with your email address as the contact email. Can you give me the IP you tried to unblock? Or, try it again and let us know that you did it so we can watch. If there's a bug, we'd like to fix it. Regards, Bryan Williams Sr. Solutions Architect Message: 4 Date: Tue, 9 Apr 2013 14:24:17 + From: Martin Hotze m.ho...@hotze.commailto:m.ho...@hotze.com To: nanog@nanog.orgmailto:nanog@nanog.org nanog@nanog.orgmailto:nanog@nanog.org Subject: cloudmark? Message-ID: f02a0931e2e6254680832d6a24940c2dec5...@hx01.srv.hotze.commailto:f02a0931e2e6254680832d6a24940c2dec5...@hx01.srv.hotze.com Content-Type: text/plain; charset=us-ascii Hi, rant it seems that many large providers are using cloudmark services. As far as I can tell: their policy is unclear, they can hardly be reached, mails to support are bouncing (delayed, then bounce). yes, the mailserver from one of our customers was blocked and this was OK and rightful, because they had a problem (cracked account). After the problem was resolved we started removing their IPv4 address from blacklists and almost all lists removed the ban immediately. cloudmark CSI service (reset request form) wants a form to be filled ... and they claim that they send out an email ... but it doesn't make its way to my inbox (no, no filters ...) and support can't be reached. Where are the good old times when the 'net was controlled by techs and not by lawyers? I can't recommend cloudmark. /rant greetings, martin
Re: Quad-A records in Network Solutions ?
On 4/9/13 5:39 PM, Owen DeLong wrote: I said all of this years ago as a suggestion for the next round of contract renewals (since I was told that it had to be added to the contracts first). Best of luck. Personally, I think it should have been a requirement at least 5 years ago. And exactly where were you in ICANN process and politics in 2008?
Re: Quad-A records in Network Solutions ?
On 4/9/13 5:47 PM, Jared Mauch wrote: Can you point is at the right address or form to submit regarding this? Seems like its time for both on and DS. Jared, Joe is an employee of the corporation, a rather high ranking one. As I mentioned in my response to Mark, he _may_ be in a position to encourage both legal to develop new language for future addition to the RAA, and the Registrar Liaison to socialize the issue to those RAA parties who are members of the Registrar Stakeholder Group within the Contracted Parties House of the GNSO, and the Compliance team. As a matter of policy development you should expect that Registrars (recall hat) have been presented with ... proposed new terms and conditions that ... are not universally appreciated, and so one must either (a) impose new conditions unilaterally upon counter-parties, arguing some theory of necessity, or (b) negotiate a mutually agreeable modification. There is a lot of heat lost in the ICANN system, so to re-purpose the off-hand observation of John Curran made recently, operators having some rough consensus on desirable features of RRSet editors may be a necessary predicate to policy intervention. As I observed to John, the ISP Constituency within the ICANN GNSO has been an effective advocate of trademark policy, and no other policy area, since the Montevideo General meeting, in 2001. Eric P.S. I may be turning in my Registrar hat in the near future.
RE: Quad-A records in Network Solutions ?
Eric Brunner-Williams wrote: [...] Joe is an employee of the corporation, a rather high ranking one. As I mentioned in my response to Mark, he _may_ be in a position to encourage both legal to develop new language for future addition to the RAA, and the Registrar Liaison to socialize the issue to those RAA parties who are members of the Registrar Stakeholder Group within the Contracted Parties House of the GNSO, and the Compliance team. As a matter of policy development you should expect that Registrars (recall hat) have been presented with ... proposed new terms and conditions that ... are not universally appreciated, and so one must either (a) impose new conditions unilaterally upon counter-parties, arguing some theory of necessity, or (b) negotiate a mutually agreeable modification. IPv6 was on the table from the start of the RAA negotiations, as I understand it. When I scanned the draft RAA posted a few weeks back I noticed language like: 3.3.1 At its expense, Registrar shall provide an interactive web page and a port 43 Whois service (each accessible via both IPv4 and IPv6) [...] and 2. IPv6 - To the extent that Registrar offers registrants the ability to register nameserver addresses, Registrar must allow both IPv4 addresses and IPv6 addresses to be specified. There are multiple documents to read and you can find them all here. https://www.icann.org/en/news/public-comment/proposed-raa-07mar13-en.htm If anyone has specific questions about the draft RAA, they should contact Samantha Eisner, whose contact details are on that page. Regards, Leo smime.p7s Description: S/MIME cryptographic signature
RE: NANOG Digest, Vol 63, Issue 45
Bryan, nope, it didn't make it through to my inbox . I try to contact you through other channels. Martin Date: Wed, 10 Apr 2013 02:41:42 + From: Bryan Williams bwilli...@cloudmark.com To: nanog@nanog.org nanog@nanog.org Subject: NANOG - csi reset request Message-ID: cd8a4959.62cfa%bwilli...@cloudmark.com Content-Type: text/plain; charset=us-ascii Martin, I sent you this email from our corporate email, and haven't heard back. Did you receive this? Regards, Bryan Williams Sr. Solutions Architect Cloudmark, Inc From: Bryan Williams bwilli...@cloudmark.commailto:bwilli...@cloudmark.com Date: Tuesday, April 9, 2013 12:58 PM To: m.ho...@hotze.commailto:m.ho...@hotze.com m.ho...@hotze.commailto:m.ho...@hotze.com Subject: NANOG - csi reset request I searched through the recent requests, and couldn't find any with your email address as the contact email. Can you give me the IP you tried to unblock? Or, try it again and let us know that you did it so we can watch. If there's a bug, we'd like to fix it. Regards, Bryan Williams Sr. Solutions Architect
Re: Quad-A records in Network Solutions ?
In message 5648a8908ccb564ebf46e2bc904a75b15ff1684...@exvpmbx100-1.exc.icann.o rg, Leo Vegoda writes: Eric Brunner-Williams wrote: [...] Joe is an employee of the corporation, a rather high ranking one. As I mentioned in my response to Mark, he _may_ be in a position to encourage both legal to develop new language for future addition to the RAA, and the Registrar Liaison to socialize the issue to those RAA parties who are members of the Registrar Stakeholder Group within the Contracted Parties House of the GNSO, and the Compliance team. As a matter of policy development you should expect that Registrars (recall hat) have been presented with ... proposed new terms and conditions that ... are not universally appreciated, and so one must either (a) impose new conditions unilaterally upon counter-parties, arguing some theory of necessity, or (b) negotiate a mutually agreeable modification. IPv6 was on the table from the start of the RAA negotiations, as I understand it. When I scanned the draft RAA posted a few weeks back I noticed language like: 3.3.1 At its expense, Registrar shall provide an interactive web page and a port 43 Whois service (each accessible via both IPv4 and IPv6) [...] and 2. IPv6 - To the extent that Registrar offers registrants the ability to register nameserver addresses, Registrar must allow both IPv4 addresses and IPv6 addresses to be specified. There are multiple documents to read and you can find them all here. https://www.icann.org/en/news/public-comment/proposed-raa-07mar13-en.htm If anyone has specific questions about the draft RAA, they should contact Samantha Eisner, whose contact details are on that page. Regards, Leo Looking at https://www.icann.org/en/resources/registrars/raa/proposed-additional-operation-07mar13-en.pdf there is nothing which requires registrars to support on the web pages when A records are supported on web pages. and DS updates currently often required registrants to jump through all sorts of hoops compared to adding A and NS records. Maintenance of A, , NS and DS records are core functionality and need to be treated as such. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
Re: Quad-A records in Network Solutions ?
On Apr 9, 2013, at 8:56 pm, Mark Andrews ma...@isc.org wrote: […] There are multiple documents to read and you can find them all here. https://www.icann.org/en/news/public-comment/proposed-raa-07mar13-en.htm If anyone has specific questions about the draft RAA, they should contact Samantha Eisner, whose contact details are on that page. Regards, Leo Looking at https://www.icann.org/en/resources/registrars/raa/proposed-additional-operation-07mar13-en.pdf there is nothing which requires registrars to support on the web pages when A records are supported on web pages. and DS updates currently often required registrants to jump through all sorts of hoops compared to adding A and NS records. Maintenance of A, , NS and DS records are core functionality and need to be treated as such. That is exactly the kind of input that is valuable to the consultation. I encourage you to submit it there so it is considered. Regards, Leo smime.p7s Description: S/MIME cryptographic signature