Re: North Korean internet goes dark (yes, they had one)

[Marshall Eubanks]

On Mon, Dec 22, 2014 at 11:16 PM, Javier J 
wrote:

> But I can ping them.
>
> https://nknetobserver.github.io/
>
> And what would it matter if its offline, they already block their
> population. What exactly is offline?
>

The Kim of the moment, the elite, a few journalists, and the like. And,
assuming they actually did the exploit in country and didn't outsource it
to the Chaos Computer Club (or whomever), their crack team of Sony takedown
hackers.

There is a separate, inside DPRK only, network for the hoi polloi.

Regards
Marshall


>
> On Mon, Dec 22, 2014 at 9:05 PM, Valdis Kletnieks  >
> wrote:
>
> > Any of you guys want to fess up? :)
> >
> >
> >
> http://www.msnbc.com/the-ed-show/watch/north-koreas-internet-goes-dark-376097859903
> >
> > (Yes, I know, they're saying it's a DDoS, not a routing hack...)
> >
>

Re: North Korean internet goes dark (yes, they had one)

[Javier J]

But I can ping them.

https://nknetobserver.github.io/

And what would it matter if its offline, they already block their
population. What exactly is offline?

On Mon, Dec 22, 2014 at 9:05 PM, Valdis Kletnieks 
wrote:

> Any of you guys want to fess up? :)
>
>
> http://www.msnbc.com/the-ed-show/watch/north-koreas-internet-goes-dark-376097859903
>
> (Yes, I know, they're saying it's a DDoS, not a routing hack...)
>

North Korean internet goes dark (yes, they had one)

[Valdis Kletnieks]

Any of you guys want to fess up? :)

http://www.msnbc.com/the-ed-show/watch/north-koreas-internet-goes-dark-376097859903

(Yes, I know, they're saying it's a DDoS, not a routing hack...)


pgpz1qIjaFxGM.pgp
Description: PGP signature

CfP - Survey on Internet Routing Security

[Abt, Sebastian]

Dear NANOG.

Right to the year’s end I’d like to share the CfP below with you and ask for 
your participation.  The aim of this survey is to better understand what the 
operational community thinks about the state of Internet routing security 
(read: BGP security), associated risks and tentative solutions (IRR-based 
prefix filtering, RPKI origin validation).

I regard the outcome as highly interesting and am looking forward to it.  I 
would also appreciate you sharing the CfP via any relevant channel if you think 
it’s worth it.  Every vote counts in order to be able to capture a complete 
view of the community’s mindset.


Thanks and all the best,
sebastian


+--- Call for Participation ---+
|  Survey on Internet Routing Security |
+--+
|   opened from 15.12.14 - 09.01.15|
+> https://www.dasec.h-da.de/survey/ <-+

Prefix hijacking is a well-known problem of Internet routing.  As of 
today, a technique typically deployed to counter prefix hijacking is 
strict IRR-based peer filtering.  However, strict filtering may be 
challenging for various reasons and, hence, is unfortunately not 
entirely applied.

To improve Internet routing security and to overcome challenges of 
strict IRR-based peer filtering, RPKI has been proposed.  Currently,
RPKI origin validation is supported by most RIRs and modern router 
operating systems.  However, recent statistics show that only a limited
number of ASes actually deploy RPKI in any form.

With this survey, we aim at identifying issues and problems with IRR-
based filtering and RPKI from the operational community's point of
view and try to quantify the number of ASes actively participating in
RPKI.  Your input is highly appreciated!  Participating in the survey 
should not take longer than 10 minutes and is completely anonymous.

Aggregated results of this survey will be published on the da/sec -
Biometrics and Internet Security Research Group’s website [1].

If you have any questions in advance, please do not hesitate to get
in touch with Sebastian Abt 

Thank you for your participation!

[1] https://www.dasec.h-da.de/

+--+



smime.p7s
Description: S/MIME cryptographic signature

Re: Internet Service Providers in Bogota Colombia.

[Javier J]

Thanks guys, I appreciate the info greatly.

Happy Holidays and a Happy New Year.

On Mon, Dec 22, 2014 at 1:00 PM, Alessandro Martins <
alessandro.mart...@gmail.com> wrote:

> As Rubens said, ETB and Telmex Comlombia/Claro are the biggest players in
> Colombia.
>
> Other good options are Internexa, Level3 and Telefónica.
>
> Thanks,
>
> Alessandro Martins
>
> --
> Alessandro Martins
>
> On Sun, Dec 21, 2014 at 11:37 PM, Rubens Kuhl  wrote:
>
>> It's very likely that your family member has either ETB (local city-owned
>> access) or Telmex Colombia. Both players have multiple technology options
>> (ADSL and WiMAX for both, coax and fiber for Telmex Colombia), so besides
>> replacing one for the other, it might be possible to improve access by
>> using a different technology from the same vendor already in place.
>>
>> Knowing which technology options are available from each vendor at where
>> you will be will probably be key in defining a way forward.
>>
>>
>> Rubens
>>
>>
>>
>> On Sun, Dec 21, 2014 at 11:23 PM, Javier J 
>> wrote:
>>
>> > My apologies in advance If there is a better list, please let me know.
>> >
>> > I will be traveling to Bogota, Colombia for a few weeks in the spring
>> and a
>> > family member who is working there on a contract (where I will be
>> staying)
>> > has crappy internet. I want to kill 2 birds with one stone. Make sure I
>> > have reliable internet and improve what they have. I'm just not sure
>> what
>> > options are available there.
>> >
>> > I speak the language just not familiar with the options.
>> >
>> > Any help would be greatly appreciated.
>> >
>>
>
>

Re: How our young colleagues are being educated....

[Valdis . Kletnieks]

On Mon, 22 Dec 2014 15:31:52 -0500, Ken Chase said:

> Why is CIDR such an important coursework component? Or is it just a shibboleth

It's partially like a brown M&M backstage at a Van Halen concert - if their
coursework was so pitifully out of date it wasn't covered, you better start
wondering what *else* is lacking.


pgpBNS8NqKIP8.pgp
Description: PGP signature

Re: How our young colleagues are being educated....

[Ken Chase]

Learning how to do CIDR math is a major core component of the coursework? Im
thinking that this is about a 30 minute module in the material, once you know
binary, powers of 2 and some addition and subtraction (all of which is taught
in most schools by when, first year highschool?) you should be done with it.

Why is CIDR such an important coursework component? Or is it just a shibboleth
to filter out people who cant do simple gradeschool math in their heads or
just memorize the subnets (there's only 7.. I've only used supernets twice in
the last 10 years..) (I admit I slow down a little when I do wildcard
netmasks, but other than that.. ?)

I heard tales of kids (ie under 25) learning partial differential equations in
university or college as well (which I myself had trouble with but eventually
got, at least long enough to write the exam!) so why is the
mathematics/symbolics manipulation bar set so low in modern courses in any
sci/tech stream?

/kc


On Mon, Dec 22, 2014 at 01:22:45PM -0500, Sadiq Saif said:
  >On 12/22/2014 11:11, valdis.kletni...@vt.edu wrote:
  >> Did the standard packaged Cisco curriculum finally drop mention of
  >> "Class A/B/C" and go CIDR?
  >
  >For the most part yes. They still reference it for historical purposes
  >but otherwise it is all VLSM/CIDR.
  >
  >-- 
  >Sadiq Saif

-- 
Ken Chase - k...@heavycomputing.ca skype:kenchase23 +1 416 897 6284 Toronto 
Canada
Heavy Computing - Clued bandwidth, colocation and managed linux VPS @151 Front 
St. W.

Re: How our young colleagues are being educated....

[Sadiq Saif]

On 12/22/2014 11:11, valdis.kletni...@vt.edu wrote:
> Did the standard packaged Cisco curriculum finally drop mention of
> "Class A/B/C" and go CIDR?

For the most part yes. They still reference it for historical purposes
but otherwise it is all VLSM/CIDR.

-- 
Sadiq Saif

Re: How our young colleagues are being educated....

[Florian Weimer]

* Valdis Kletnieks:

> On Mon, 22 Dec 2014 04:13:42 -0500, Javier J said:
>
>> student graduates. They are teaching classful routing and skimming over
>> CIDR. Is this indicative of the state of our education system as a whole?
>
> Did the standard packaged Cisco curriculum finally drop mention of
> "Class A/B/C" and go CIDR?

Has the output format been changed so that you do not know about
address classes anymore?

Re: Internet Service Providers in Bogota Colombia.

[Alessandro Martins]

As Rubens said, ETB and Telmex Comlombia/Claro are the biggest players in
Colombia.

Other good options are Internexa, Level3 and Telefónica.

Thanks,

Alessandro Martins

--
Alessandro Martins

On Sun, Dec 21, 2014 at 11:37 PM, Rubens Kuhl  wrote:

> It's very likely that your family member has either ETB (local city-owned
> access) or Telmex Colombia. Both players have multiple technology options
> (ADSL and WiMAX for both, coax and fiber for Telmex Colombia), so besides
> replacing one for the other, it might be possible to improve access by
> using a different technology from the same vendor already in place.
>
> Knowing which technology options are available from each vendor at where
> you will be will probably be key in defining a way forward.
>
>
> Rubens
>
>
>
> On Sun, Dec 21, 2014 at 11:23 PM, Javier J 
> wrote:
>
> > My apologies in advance If there is a better list, please let me know.
> >
> > I will be traveling to Bogota, Colombia for a few weeks in the spring
> and a
> > family member who is working there on a contract (where I will be
> staying)
> > has crappy internet. I want to kill 2 birds with one stone. Make sure I
> > have reliable internet and improve what they have. I'm just not sure what
> > options are available there.
> >
> > I speak the language just not familiar with the options.
> >
> > Any help would be greatly appreciated.
> >
>

Re: in-case anyone is interested, the pirate flag flies again.

[Josh Luthman]

They're all mirrors (old backups) besides thepiratebay.se


Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373

On Mon, Dec 22, 2014 at 12:26 PM, Yucong Sun  wrote:
>
> CR one is fake, isn't it?
>
> On Mon, Dec 22, 2014 at 3:55 AM, Nicolás  wrote:
> > You could try this one:
> > https://thepiratebay.cr/
> >
> > El 22/12/14 00:28, Miles Fidelman escribió:
> >> Javier J wrote:
> >>> http://www.thepiratebay.se/
> >>
> >> Doesn't seem to be reachable, though.
> >>
> >
>

Re: in-case anyone is interested, the pirate flag flies again.

[Yucong Sun]

CR one is fake, isn't it?

On Mon, Dec 22, 2014 at 3:55 AM, Nicolás  wrote:
> You could try this one:
> https://thepiratebay.cr/
>
> El 22/12/14 00:28, Miles Fidelman escribió:
>> Javier J wrote:
>>> http://www.thepiratebay.se/
>>
>> Doesn't seem to be reachable, though.
>>
>

Re: How our young colleagues are being educated....

[Christopher Morrow]

On Mon, Dec 22, 2014 at 4:13 AM, Javier J  wrote:

> Not only are they skimming over new technologies such as BGP, MPLS and the
> fundamentals of TCP/IP that run the internet and the networks of the world,
> they were focusing on ATM , Frame Relay and other technologies that are on
> their way out the door and will probably be extinct by the time this

These sound like 'standard enterprise networking technologies' (still,
yes some other options are coming around, but .. there's still a
shed-load of atm/frame wan stuff to be bought, and really the 'mpls'
for enterprises is gussied up frame/atm without per-site ptp link
management at each site, no knowledge of MPLS is required on the
enterprise side of the connection)

> student graduates. They are teaching classful routing and skimming over
> CIDR. Is this indicative of the state of our education system as a whole?
> How is it this student doesn't know about OSPF and has never heard of RIP?

enterprise people hide in 10/8  ... why would they need to care about
/26 or 27 ? everythign in their world is a /24.

> If your network hardware is so old you need a crossover cable, it's time to
> upgrade. In this case, it’s time to upgrade our education system.

but, the cross-over cable means my network gear still works and I
don't have to spend on replacement gear (yet). Remember, enterprise
network.

> I didn't write this email on the sole experience of my conversation with
> one student, I wrote this email because I have noticed a pattern emerging
> over the years with other university students at other schools across the
> country. It’s just the countless times I have crossed paths with a young IT
> professional and was literally in shock listening to the things they were
> being taught. Teaching old technologies instead of teaching what is
> currently being used benefits no one. Teaching classful and skipping CIDR
> is another thing that really gets my blood boiling.

you must require a large cooling vat then.

> Are colleges teaching what an RFC is? Are colleges teaching what IPv6 is?

enterprise networking... the name of the degree says enough to know
what's going to come out of the program :(

> What about unicast and multicast? I confirmed with one student half way
> through their studies that they were not properly taught how DNS works, and
> had no clue what the term “root servers” meant.
>
> Am I crazy? Am I ranting? Doesn't this need to be addressed? …..and if not
> by us, then by whom? How can we fix this?

you are getting a bit ranty, if you keep in mind the target of the
coursework (enterprise people) then basically nothing in your mail is
shocking.

Re: How our young colleagues are being educated....

[Valdis . Kletnieks]

On Mon, 22 Dec 2014 04:13:42 -0500, Javier J said:

> student graduates. They are teaching classful routing and skimming over
> CIDR. Is this indicative of the state of our education system as a whole?

Did the standard packaged Cisco curriculum finally drop mention of
"Class A/B/C" and go CIDR?


pgpspyRKWIcKF.pgp
Description: PGP signature

Re: Is there list of IXPs (containing the information of the AS# of the IXP)

[Nick Hilliard]

On 22/12/2014 14:50, Niels Bakker wrote:
> As long as they don't count it for their total connected parties
> statistics, I'm good with it being included in the list, to help
> people find missing or since-disconnected peers at the IXP in an
> automated fashion.

it is inappropriate to include it in the number of connected parties, but
there's no problem including the IXP ASN in the list of connected parties
so long as it's made clear that they're not standard IXP participants.

Nick

RE: OT - Verizon/ATT Cell/4G Signal Booster/Repeater

[Alex Rubenstein]

Correct. I've used T-Mo WiFi calling in numerous countries on three continents, 
and they are all treated as is you are in your 'home' country.


 
> That is my understanding. Wifi calling is treated as on-net "home" calling.

> > Just a question on T-Mobile and wifi.  If you are traveling to a roaming 
> > country
> will wifi calls to #s back home be treated as non roaming calls?
> >
> > Tom
> >

Re: Estonian IPv6 deployment report

[Pavel Odintsov]

Hello, folks!

Tere from your customer FastVPS Eesti OU/AS198068! :)

On Mon, Dec 22, 2014 at 6:27 PM, Tarko Tikan  wrote:
> hey,
>
> Some time ago, many people noticed rapid IPv6 deployment growth in Estonia
> (from 0% to 5% in 4 weeks). We at 3249/Elion/Estonian Telecom were behind
> this, other operators don't have any serious IPv6 deployments at the moment.
> We rolled out v6 to everyone (both business and residential customers) with
> last-gen CPE, there was no hop-in our hop-out program - aim was to do it
> perfectly and without customers even noticing. I'm happy to say that we
> achieved this goal :)
>
> To satisfy general interest, I promised small (somehow it turned out longer
> than I expected) technical writeup how we enabled v6 for our subscribers. If
> you have any other questions, feel free to ask and I do my best to answer
> them. You can also skip the technical content and there are some statistics
> below.
>
>
> Our access network is mix of DSL/GPON/wimax/p2p-ETH and broadband service is
> deployed in shared service vlans. IPv6 traffic shares vlan with IPv4.
>
> Service vlans are transported over MPLS metro network using pseudowires and
> terminated in geo-clustered Alcatel 7750 BNG routers.
>
> Each subscriber is allocated up to 4 mixed v4 and v6 IP hosts. For v4 we are
> using the usual DHCP, for IPv6 we are using DHCPv6 with IA_PD only, no IA_NA
> is provided. Unfortunately DHCPv6 provides no way to signal IPv6
> default-route thus we have to fall back to RA for default-route. RA does not
> include any on-link prefixes or DNS information. RAs are L2 unicasted to CPE
> MAC so no other CPE in service vlan picks up those RAs. To ensure rapid
> switchover between BNG routers, we are signalling virtual link-local address
> as default-route.
>
> We are using ALU internal DHCP/DHCPv6 servers to allocate leases but we also
> signal IP information from radius (in such case BNG "fakes" DHCP server) for
> static IP customers. Provided IPv6 prefix is always /56 and we keep the old
> lease for 24h even if the CPE is turned off (actual lease time is 30min).
>
> Unfortunately, IPv6 LDRA is not available on most of our access platforms so
> we have to rely on IPv4 session information for authentication. This linking
> is done in the radius server during subscriber authentication (excellent
> radiator + quite awful SQL queries :) - if subscriber has IPv4 session (that
> has been authenticated using DHCP opt82), same MAC address is allowed to
> have IPv6 session on exactly the same virtual BNG port. IPv4 and v6 session
> are both tied to same subscriber and share shapers, QOS etc.
>
> We were able to enable IPv6 only on our last-gen Inteno CPEs. They run
> modified OpenWrt and because it's linux - everything is possible :)
>
> In CPE, /56 is divided up to /64s, first one is currently reserved but we
> will configure it on loopback interface and use it for CPE management.
> Second /64 is configured on LAN and third is configured on public wifi SSID
> (if you choose to enable this option).
>
> In the LAN, IPv6 config is provided by RAs, we also support RDNSS and
> stateless DHCPv6 for DNS. There is also ingress IPv6 firewall in the CPE and
> configuration is modifiable by user.
>
> To make deployment as smooth as possible, we rolled out IPv6 capable CPE
> software first. Then, during the BNG platform refresh, we deployed L2 ACLs
> that dropped all IPv6 traffic based on 0x86dd ethertype. We then deployed
> IPv6 config to all BNGs and could verify everything before single v6 lease
> was handed out to the subscribers.
>
> Then, interface by interface, we replaced L2 ACL with one that only allowed
> 0x86dd for certain, supported, OUIs. This is the current situation and we
> are investigating ways to support 3rd party CPEs - main problem is
> unreliable IPv6 config in CPEs. Many don't enable DHCPv6 (or enable NA but
> no PD) but still pick up default-route from RA and happily signal it to LAN.
> Some others hammer our BNGs with NA request every 0.1 seconds etc.
>
>
> As statistics go, there are 3+ active IPv6 subscribers (almost 15% of
> our customer base, based on our public numbers), 81% of them have have at
> least one IPv6 enabled device in the LAN, 70% have more than one. Most IPv6
> traffic is generated by Google+Youtube, Facebook and Akamai. Not bad for a
> country with 1.3M people.
>
> Next up: mobile network :)
>
> --
> tarko



-- 
Sincerely yours, Pavel Odintsov

Estonian IPv6 deployment report

[Tarko Tikan]

hey,

Some time ago, many people noticed rapid IPv6 deployment growth in 
Estonia (from 0% to 5% in 4 weeks). We at 3249/Elion/Estonian Telecom 
were behind this, other operators don't have any serious IPv6 
deployments at the moment. We rolled out v6 to everyone (both business 
and residential customers) with last-gen CPE, there was no hop-in our 
hop-out program - aim was to do it perfectly and without customers even 
noticing. I'm happy to say that we achieved this goal :)


To satisfy general interest, I promised small (somehow it turned out 
longer than I expected) technical writeup how we enabled v6 for our 
subscribers. If you have any other questions, feel free to ask and I do 
my best to answer them. You can also skip the technical content and 
there are some statistics below.



Our access network is mix of DSL/GPON/wimax/p2p-ETH and broadband 
service is deployed in shared service vlans. IPv6 traffic shares vlan 
with IPv4.


Service vlans are transported over MPLS metro network using pseudowires 
and terminated in geo-clustered Alcatel 7750 BNG routers.


Each subscriber is allocated up to 4 mixed v4 and v6 IP hosts. For v4 we 
are using the usual DHCP, for IPv6 we are using DHCPv6 with IA_PD only, 
no IA_NA is provided. Unfortunately DHCPv6 provides no way to signal 
IPv6 default-route thus we have to fall back to RA for default-route. RA 
does not include any on-link prefixes or DNS information. RAs are L2 
unicasted to CPE MAC so no other CPE in service vlan picks up those RAs. 
To ensure rapid switchover between BNG routers, we are signalling 
virtual link-local address as default-route.


We are using ALU internal DHCP/DHCPv6 servers to allocate leases but we 
also signal IP information from radius (in such case BNG "fakes" DHCP 
server) for static IP customers. Provided IPv6 prefix is always /56 and 
we keep the old lease for 24h even if the CPE is turned off (actual 
lease time is 30min).


Unfortunately, IPv6 LDRA is not available on most of our access 
platforms so we have to rely on IPv4 session information for 
authentication. This linking is done in the radius server during 
subscriber authentication (excellent radiator + quite awful SQL queries 
:) - if subscriber has IPv4 session (that has been authenticated using 
DHCP opt82), same MAC address is allowed to have IPv6 session on exactly 
the same virtual BNG port. IPv4 and v6 session are both tied to same 
subscriber and share shapers, QOS etc.


We were able to enable IPv6 only on our last-gen Inteno CPEs. They run 
modified OpenWrt and because it's linux - everything is possible :)


In CPE, /56 is divided up to /64s, first one is currently reserved but 
we will configure it on loopback interface and use it for CPE 
management. Second /64 is configured on LAN and third is configured on 
public wifi SSID (if you choose to enable this option).


In the LAN, IPv6 config is provided by RAs, we also support RDNSS and 
stateless DHCPv6 for DNS. There is also ingress IPv6 firewall in the CPE 
and configuration is modifiable by user.


To make deployment as smooth as possible, we rolled out IPv6 capable CPE 
software first. Then, during the BNG platform refresh, we deployed L2 
ACLs that dropped all IPv6 traffic based on 0x86dd ethertype. We then 
deployed IPv6 config to all BNGs and could verify everything before 
single v6 lease was handed out to the subscribers.


Then, interface by interface, we replaced L2 ACL with one that only 
allowed 0x86dd for certain, supported, OUIs. This is the current 
situation and we are investigating ways to support 3rd party CPEs - main 
problem is unreliable IPv6 config in CPEs. Many don't enable DHCPv6 (or 
enable NA but no PD) but still pick up default-route from RA and happily 
signal it to LAN. Some others hammer our BNGs with NA request every 0.1 
seconds etc.



As statistics go, there are 3+ active IPv6 subscribers (almost 15% 
of our customer base, based on our public numbers), 81% of them have 
have at least one IPv6 enabled device in the LAN, 70% have more than 
one. Most IPv6 traffic is generated by Google+Youtube, Facebook and 
Akamai. Not bad for a country with 1.3M people.


Next up: mobile network :)

--
tarko

Re: OT - Verizon/ATT Cell/4G Signal Booster/Repeater

[Jay Ashworth]

- Original Message -
> From: "Stephen Sprunk" 

> On 16-Dec-14 12:27, John Schiel wrote:
> > One thing you might also want to consider are any calls you make to
> > 911 whilst using a repeater.
> >
> > I use a repeater supplied by T-Mobile and they made it very clear,
> > and
> > I had to specifically acknowledge a statement, that using such a
> > repeater takes away from emergency services being able to find out
> > where you are if you make a 911 call from your mobile.
> >
> > Some may refer to this as a feature, depending on how much tin foil
> > you have laying about, but the users of such device may need to be
> > warned about emergency calls. They'll need to be able to describe
> > where they are to the responding sirens.
> 
> With any reasonably modern phone, wouldn't this problem only apply to
> areas where GPS isn't available (e.g. basements) and the system tries
> to fall back to using tower triangulation?
> 
> AIUI, part of the registration process's purpose is to give a default
> location for your new "tower" so that emergency responders at least
> know where to start looking if no better location information is available,
> e.g. because the caller can't speak or is disoriented.

A friend of mine has a Sprint Airave picocell in her house, and it came with
an external GPS antenna; if the cell can't lock a GPS position, it doesn't 
come online for calls.

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

RE: How our young colleagues are being educated....

[Shaw, Matthew]

Thankfully only about 30 minutes north of SNHU is my alma mater, the New 
Hampshire Technical Institute, a technical school which is fairly well known 
(locally at least) for its nursing, electrical engineering, and IT programs. 
The school's invested in a modern lab with a dozen or so equipment pods and 
borrows elements from the Cisco Net Academy program as well. They offer CCNP 
related courses every few years dependent on interest and just last year 
started a VMWare VCP program. We did touch on those old technologies, which to 
some degree do still exist in the area, but also covered all the good stuff too.

I'm under the impression SNHU has a couple programs it's good at, but to Mr. 
Herrin's point IT isn't one of them. It's fairly common to see IT folks around 
here go to NHTI for skills and an AS, and then SNHU or others to fill in the 
checkboxes for a semi related BS. The alternative is typically a more expensive 
school in and around Boston.

As far as the larger issue is concerned Javier, I believe it's a cultural 
problem where we're still encouraging our high school graduates to attend 4 
year programs no matter what.  The demand is still incredibly high (as is the 
resulting price!) for even not so great programs like the one in question. 
Unfortunately if potential attendees don't do their research to find out how 
graduates of the programs they're considering are doing in the real world, 
they'll end up like this.

Matthew Shaw

-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of William Herrin
Sent: Monday, December 22, 2014 6:54 AM
To: Javier J
Cc: nanog@nanog.org
Subject: Re: How our young colleagues are being educated

On Mon, Dec 22, 2014 at 4:13 AM, Javier J  wrote:
> I recently ran into a student of Southern New Hampshire University 
> enrolled in the Networking/Telecom Management course and was shocked 
> by what I learned.
>
> Am I crazy? Am I ranting? Doesn't this need to be addressed? …..and if 
> not by us, then by whom? How can we fix this?

SNHU offers -online- bachelor's and master's degrees in such well known 
programs as "IT Management" and "Information Security." You can even pick 
whether you want a Bachelor of Arts or a Bachelor of Science.

It's a -degree mill-. What level of quality did you expect in the coursework?

Regards,
Bill Herrin

--
William Herrin  her...@dirtside.com  b...@herrin.us Owner, 
Dirtside Systems . Web:  May I solve your 
unusual networking challenges?

___


This e-mail message and its attachments are for the sole use of the intended 
recipients.  They may contain confidential information, legally privileged 
information or other information subject to legal restrictions.  If you are not 
the intended recipient of this message, please do not read, copy, use or 
disclose this message or its attachments, notify the sender by replying to this 
message and delete or destroy all copies of this message and attachments in all 
media.

Re: Fibre optic patch cables in Toronto area

[Kauto Huopio]

It would be handy to have a list of shops in major cities that stock standard
network components available at odd hours. For Helsinki, Finland I can
recommend Verkkokauppa.com kiosk - the whole stock of a Fry's -size
outlet is available through a 24/7 kiosk at the ground floor. Orders
over 200 euros have to be paid in their webstore, but you can do that
with a terminal in the lobby. :) Yes, you *can* buy 10 4T disks at
4.30 am and there is no markup on regular daytime prices whatsoever.

--Kauto

On Mon, Dec 22, 2014 at 4:45 PM, Casey Baranoski
 wrote:
> +1 for Sayal.  They've got a few locations, depending on where you are in the 
> GTA.  http://www.sayal.com/zinc/zinc_contactus.asp#TOR
>
> -Original Message-
> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Michael Brown
> Sent: Saturday, December 20, 2014 6:31 PM
> To: Miguel Hernandez; nanog@nanog.org
> Subject: Re: Fibre optic patch cables in Toronto area
>
> ‎At this time of day?
>
> Or in general?
>
> In general there's Ingram Micro (distributor) whom we use, not sure what 
> retail outlets would carry them.
>
> You could try Sayal Electronics, that'd be a good bet.
>
> M.‎
>   Original Message
> From: Miguel Hernandez
> Sent: Saturday, December 20, 2014 17:03
> To: nanog@nanog.org
> Subject: Fibre optic patch cables in Toronto area
>
> Hello list,
>
> I'm looking to source some various fibre patch cables (LC to SC, 1-2M 
> lengths) in the Toronto, Ontario area.
>
>
> Could you please point me to some shops were we could drop by to pick them up?
>
>
>
> Thanks!
>
> Miguel Hernandez
>
>
>
>
> 
> This communication is confidential. We only send and receive email on the 
> basis of the terms set out at 
> www.rogers.com/web/content/emailnotice
>
>
>
> Ce message est confidentiel. Notre transmission et réception de courriels se 
> fait strictement suivant les modalités énoncées dans l’avis publié à 
> www.rogers.com/aviscourriel 
> 



-- 
Kauto Huopio - ka...@huopio.fi

Re: Is there list of IXPs (containing the information of the AS# of the IXP)

[Jeroen Massar]

On 2014-12-22 15:45, Song Li wrote:
> 在 2014/12/22 22:26, Nick Hilliard 写道:
>> On 22/12/2014 13:50, Jeroen Massar wrote:
>>> IXs themselves do not have ASNs, as they are Layer 2 providers.
>>
>> most modern IXPs will have an ASN for their route server, and possibly a
>> separate asn for their mgmt infrastructure.
>>
>> Not sure how useful the mgmt ASN is, although most IXPs will
>> paradoxically
>> include this on their list of members.
>>
>> Nick
>>
>>
> Thanks for your help!
> 
> I studied all the AS-Path in the routing table (from routeviews and
> RIPE), and found that some ASN of IXPs were included in some AS-Path.

You are likely seeing IP addresses from the peering LAN, which typically
have addresses that are under the ASN from an IX.

Quite a few IXes state that the peering prefixes should not be announced
world-wide.

> I think that under normal circumstances they should not appear in the
> AS-Path, hence i want to filter out them.

"Filtering them out" will have fun results when a valid ICMP is being
returned. Something about "Packet Too Big"...

What is the reason for thinking you need to filter these?

Greets,
 Jeroen

Re: Is there list of IXPs (containing the information of the AS# of the IXP)

[Niels Bakker]

* n...@foobar.org (Nick Hilliard) [Mon 22 Dec 2014, 15:28 CET]:
Not sure how useful the mgmt ASN is, although most IXPs will 
paradoxically include this on their list of members.


As long as they don't count it for their total connected parties
statistics, I'm good with it being included in the list, to help
people find missing or since-disconnected peers at the IXP in an
automated fashion.


-- Niels.

RE: Fibre optic patch cables in Toronto area

[Casey Baranoski]

+1 for Sayal.  They've got a few locations, depending on where you are in the 
GTA.  http://www.sayal.com/zinc/zinc_contactus.asp#TOR

-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Michael Brown
Sent: Saturday, December 20, 2014 6:31 PM
To: Miguel Hernandez; nanog@nanog.org
Subject: Re: Fibre optic patch cables in Toronto area

‎At this time of day?

Or in general?

In general there's Ingram Micro (distributor) whom we use, not sure what retail 
outlets would carry them.

You could try Sayal Electronics, that'd be a good bet.

M.‎
  Original Message
From: Miguel Hernandez
Sent: Saturday, December 20, 2014 17:03
To: nanog@nanog.org
Subject: Fibre optic patch cables in Toronto area

Hello list,

I'm looking to source some various fibre patch cables (LC to SC, 1-2M lengths) 
in the Toronto, Ontario area.


Could you please point me to some shops were we could drop by to pick them up?



Thanks!

Miguel Hernandez





This communication is confidential. We only send and receive email on the basis 
of the terms set out at 
www.rogers.com/web/content/emailnotice



Ce message est confidentiel. Notre transmission et réception de courriels se 
fait strictement suivant les modalités énoncées dans l’avis publié à 
www.rogers.com/aviscourriel 

Re: Is there list of IXPs (containing the information of the AS# of the IXP)

[Song Li]

在 2014/12/22 22:26, Nick Hilliard 写道:

On 22/12/2014 13:50, Jeroen Massar wrote:

IXs themselves do not have ASNs, as they are Layer 2 providers.


most modern IXPs will have an ASN for their route server, and possibly a
separate asn for their mgmt infrastructure.

Not sure how useful the mgmt ASN is, although most IXPs will paradoxically
include this on their list of members.

Nick



Thanks for your help!

I studied all the AS-Path in the routing table (from routeviews and 
RIPE), and found that some ASN of IXPs were included in some AS-Path. I 
think that under normal circumstances they should not appear in the 
AS-Path, hence i want to filter out them.


Best!
--
Song Li
Room 4-204, FIT Building,
Network Security,
Department of Electronic Engineering,
Tsinghua University, Beijing 100084, China
Tel:( +86) 010-62446440
E-mail: refresh.ls...@gmail.com

Re: Is there list of IXPs (containing the information of the AS# of the IXP)

[Nick Hilliard]

On 22/12/2014 13:50, Jeroen Massar wrote:
> IXs themselves do not have ASNs, as they are Layer 2 providers.

most modern IXPs will have an ASN for their route server, and possibly a
separate asn for their mgmt infrastructure.

Not sure how useful the mgmt ASN is, although most IXPs will paradoxically
include this on their list of members.

Nick

Re: Is there list of IXPs (containing the information of the AS# of the IXP)

[Niels Bakker]

I'm searching for a list of IXPS which contains the information of 
the ASN of the IXP.


* ra...@psg.com (Randy Bush) [Mon 22 Dec 2014, 14:54 CET]:

the best source is https://www.peeringdb.com/


It's not.  Let's take an example, AMS-IX: 
https://www.peeringdb.com/private/exchange_view.php?id=26
That record doesn't say AS1200 anywhere.  You'll have to search for 
"Amsterdam Internet Exchange" to find AS1200; a search for "AMS-IX" 
will lead you only to its route server ASN.  There is no way to filter 
participants by IXP as "Network Type" doesn't offer that option.


Euro-IX will give you most serious IXPs globally.  For example, 
https://www.euro-ix.net/ixps/2-AMS-IX#network is AMS-IX's entry 
and it lists all pertinent information.



-- Niels.

Re: in-case anyone is interested, the pirate flag flies again.

[Nicolás]

You could try this one:
https://thepiratebay.cr/

El 22/12/14 00:28, Miles Fidelman escribió:
> Javier J wrote:
>> http://www.thepiratebay.se/
>
> Doesn't seem to be reachable, though.
>

Re: Is there list of IXPs (containing the information of the AS# of the IXP)

[Randy Bush]

> I'm searching for a list of IXPS which contains the information of the 
> ASN of the IXP.

the best source is https://www.peeringdb.com/

[ i was amused to find CIX (http://www.cix.org/, the one which used to be
  in the bay) still in my ix bookmarks. ]

randy

Re: Is there list of IXPs (containing the information of the AS# of the IXP)

[Jeroen Massar]

On 2014-12-22 14:30, Song Li wrote:
> Hi everyone,
> 
> I'm searching for a list of IXPS which contains the information of the
> ASN of the IXP. Some resources are good:
> 
> https://prefix.pch.net/applications/ixpdir/?show_active_only=0&sort=traffic&order=desc
> 
> https://www.telegeography.com/products/internet-exchange-directory/profiles-by-name/index.html
> 
> 
> but they do not contain the AS# of the IXP. Can anybody help me?

IXs themselves do not have ASNs, as they are Layer 2 providers.

The prefixes used for the peering fabric might be part of some ASN
though (eg AMS-IX uses 1200).

Check http://www.peeringdb.com for most likely the info you are really
looking for.

Greets,
 Jeroen

Is there list of IXPs (containing the information of the AS# of the IXP)

[Song Li]

Hi everyone,

I'm searching for a list of IXPS which contains the information of the 
ASN of the IXP. Some resources are good:


https://prefix.pch.net/applications/ixpdir/?show_active_only=0&sort=traffic&order=desc
https://www.telegeography.com/products/internet-exchange-directory/profiles-by-name/index.html

but they do not contain the AS# of the IXP. Can anybody help me?

Thanks!

Best!

--
Song Li
Room 4-204, FIT Building,
Network Security,
Department of Electronic Engineering,
Tsinghua University, Beijing 100084, China
Tel:( +86) 010-62446440
E-mail: refresh.ls...@gmail.com

Re: How our young colleagues are being educated....

[William Herrin]

On Mon, Dec 22, 2014 at 4:13 AM, Javier J  wrote:
> I recently ran into a student of Southern New Hampshire University enrolled
> in the Networking/Telecom Management course and was shocked by what I
> learned.
>
> Am I crazy? Am I ranting? Doesn't this need to be addressed? …..and if not
> by us, then by whom? How can we fix this?

SNHU offers -online- bachelor's and master's degrees in such well
known programs as "IT Management" and "Information Security." You can
even pick whether you want a Bachelor of Arts or a Bachelor of
Science.

It's a -degree mill-. What level of quality did you expect in the coursework?

Regards,
Bill Herrin

-- 
William Herrin  her...@dirtside.com  b...@herrin.us
Owner, Dirtside Systems . Web: 
May I solve your unusual networking challenges?

Re: How our young colleagues are being educated....

[Daniël W . Crompton]

*shameless plug*

Usually not a topic for this list, and together with two co-founders we
started an online university last to address some of the issues we saw with
higher education. We currently have approval from the state of Vermont to
give college credit, credits earned through Oplerno courses are
transferable to other institutions of higher learning at the discretion of
the receiving institution.

If you think that this subject should be addressed at a college level and
are interested in teaching it you are welcome to apply as a faculty member
to teach an improved course.

Kindest regards,
Daniël



Oplerno is built upon empowering faculty and students

-- 
Daniël W. Crompton 




http://specialbrands.net/

    
 


On 22 December 2014 at 10:13, Javier J  wrote:
>
> Dear NANOG Members,
>
> It has come to my attention, that higher learning institutions in North
> America are doing our young future colleagues a disservice.
>
> I recently ran into a student of Southern New Hampshire University enrolled
> in the Networking/Telecom Management course and was shocked by what I
> learned.
>
> Not only are they skimming over new technologies such as BGP, MPLS and the
> fundamentals of TCP/IP that run the internet and the networks of the world,
> they were focusing on ATM , Frame Relay and other technologies that are on
> their way out the door and will probably be extinct by the time this
> student graduates. They are teaching classful routing and skimming over
> CIDR. Is this indicative of the state of our education system as a whole?
> How is it this student doesn't know about OSPF and has never heard of RIP?
>
> If your network hardware is so old you need a crossover cable, it's time to
> upgrade. In this case, it’s time to upgrade our education system.
>
> I didn't write this email on the sole experience of my conversation with
> one student, I wrote this email because I have noticed a pattern emerging
> over the years with other university students at other schools across the
> country. It’s just the countless times I have crossed paths with a young IT
> professional and was literally in shock listening to the things they were
> being taught. Teaching old technologies instead of teaching what is
> currently being used benefits no one. Teaching classful and skipping CIDR
> is another thing that really gets my blood boiling.
>
> Are colleges teaching what an RFC is? Are colleges teaching what IPv6 is?
>
> What about unicast and multicast? I confirmed with one student half way
> through their studies that they were not properly taught how DNS works, and
> had no clue what the term “root servers” meant.
>
> Am I crazy? Am I ranting? Doesn't this need to be addressed? …..and if not
> by us, then by whom? How can we fix this?
>

Re: How our young colleagues are being educated....

[Måns Nilsson]

Subject: How our young colleagues are being educated Date: Mon, Dec 22, 
2014 at 04:13:42AM -0500 Quoting Javier J (jav...@advancedmachines.us):
> Dear NANOG Members,
> 
> It has come to my attention, that higher learning institutions in North
> America are doing our young future colleagues a disservice.

Yes. Although, as long as they don't teach people that _every_ router
does NAT, we'll be fine.
 
> Are colleges teaching what an RFC is? Are colleges teaching what IPv6 is?

At the university I taught, yes.  But that is in Europe, on the Royal
Institute of Technology in Stockholm, Sweden, for 3rd year in a MsC
programme in EE, Physics or CS. I am seeing similar cluelessness at
smaller proto-universities in Sweden, where they have bought a branded
course. Lots of Flame Delay. And EIGRP. Branded course. Our trainee that
came out of that did prove to be highly trainable, though.
 
> What about unicast and multicast? I confirmed with one student half way
> through their studies that they were not properly taught how DNS works, and
> had no clue what the term “root servers” meant.

Multicast, check. 
DNS, check. 

> Am I crazy? Am I ranting? Doesn't this need to be addressed? …..and if not
> by us, then by whom? How can we fix this?

People who enter academentia in networking, especially to teach at
rural colleges, tend to freeze in time and stick to whatever fad was
"in" when they were young. Especially ATM is popular, since it has,
for all its uselessness, a nice theoretical undercarriage and stands
on the shoulders of decades of telco style "Warum einfach wenns auch
kompliziert geht?" (you will have to translate that yourself, it's German
and describes engineering well)

In Sweden, universities (where tuition is 0 for all citizens and can be
made 0 for all citizens of the EU) the universities have a third task
besides undergraduate production and research, and that is to interact
with greater society. The key to good education that fulfils the needs
of society is to ensure the interaction is two-way. Each course, get a 
industry lecturer in for at least one lecture. This, if chosen well, will
make it impossible to teach Flame Delay in 2014. 

-- 
Måns Nilsson primary/secondary/besserwisser/machina
MN-1334-RIPE +46 705 989668
We have DIFFERENT amounts of HAIR --


signature.asc
Description: Digital signature

How our young colleagues are being educated....

[Javier J]

Dear NANOG Members,

It has come to my attention, that higher learning institutions in North
America are doing our young future colleagues a disservice.

I recently ran into a student of Southern New Hampshire University enrolled
in the Networking/Telecom Management course and was shocked by what I
learned.

Not only are they skimming over new technologies such as BGP, MPLS and the
fundamentals of TCP/IP that run the internet and the networks of the world,
they were focusing on ATM , Frame Relay and other technologies that are on
their way out the door and will probably be extinct by the time this
student graduates. They are teaching classful routing and skimming over
CIDR. Is this indicative of the state of our education system as a whole?
How is it this student doesn't know about OSPF and has never heard of RIP?

If your network hardware is so old you need a crossover cable, it's time to
upgrade. In this case, it’s time to upgrade our education system.

I didn't write this email on the sole experience of my conversation with
one student, I wrote this email because I have noticed a pattern emerging
over the years with other university students at other schools across the
country. It’s just the countless times I have crossed paths with a young IT
professional and was literally in shock listening to the things they were
being taught. Teaching old technologies instead of teaching what is
currently being used benefits no one. Teaching classful and skipping CIDR
is another thing that really gets my blood boiling.

Are colleges teaching what an RFC is? Are colleges teaching what IPv6 is?

What about unicast and multicast? I confirmed with one student half way
through their studies that they were not properly taught how DNS works, and
had no clue what the term “root servers” meant.

Am I crazy? Am I ranting? Doesn't this need to be addressed? …..and if not
by us, then by whom? How can we fix this?