Re: Routing Insecurity (Re: BGP in the Washington Post)
On 5 Jun 2015, at 10:56, David Mandelberg wrote: Could you elaborate on your enumeration and DDoS concerns? Crypto = more overhead. Less priority to crypto plus DDoS = routing update issues. One can infer peering relationships in a way not possible before. What about bogus signatures? --- Roland Dobbins rdobb...@arbor.net
Re: FastNetMon 1.1.2 - open source solution for DoS/DDoS mitigation
Hello, folks! Due to huge interest about VM's I have prepared VyOS based ISO image with FastNetMon: https://github.com/FastVPSEestiOu/fastnetmon/blob/master/docs/VYOS_BINARY_ISO_IMAGE.md You could run it with any virtual machine and just aim your sflow/netflow targets to it! :) On Thu, Jun 4, 2015 at 9:26 PM, Rafael Possamai raf...@gav.ufsc.br wrote: You could look into LXD for that type of deployment. On Thu, Jun 4, 2015 at 12:55 PM, Pavel Odintsov pavel.odint...@gmail.com wrote: Brilliant idea! But in Docker we could offer only sflow and sflow. Port mirror capture need support from the kernel side. Will try shortly! On Thursday, June 4, 2015, Roberto Bertó roberto.be...@gmail.com wrote: What about we build a Docker? 2015-06-04 14:47 GMT-03:00 Alexander Maassen outsi...@scarynet.org javascript:;: It's a security tool. So ppl using it want to publicly hide the fact they use it in case you screw up and it contains leaks ;) Oorspronkelijk bericht Van: Pavel Odintsov pavel.odint...@gmail.com javascript:; Datum: Aan: Jim Popovitch jim...@gmail.com javascript:; Cc: nanog@nanog.org javascript:; Onderwerp: Re: FastNetMon 1.1.2 - open source solution for DoS/DDoS mitigation Looks like many folks want hide company emails ;) I'm good guy and will not spam or offer slmething ;))) But I'm impressed about amount of off list requests. Really huge interest in tool. On Thursday, June 4, 2015, Jim Popovitch jim...@gmail.com javascript:; wrote: There's a surprising amount of GMail (yes, including me) and new-ness in this thread.Should I be impressed with the freshness or concerned about astroturfing? :-) Bah Humbug! -Jim P. -- Sincerely yours, Pavel Odintsov -- Sincerely yours, Pavel Odintsov -- Sincerely yours, Pavel Odintsov
Re: AWS Elastic IP architecture
On Jun 4, 2015, at 6:16 PM, Christopher Morrow morrowc.li...@gmail.com wrote: On Thu, Jun 4, 2015 at 5:11 AM, Owen DeLong o...@delong.com wrote: I’d argue that SSH is several thousand, not a few hundred. In any case, I suppose you can make the argument that only a few people are trying to access their home network resources remotely other than via some sort of proxy/rendezvous service. However, I would argue that such services exist solely to provide a workaround for the deficiencies in the network introduced by NAT. Get rid of the stupid NAT and you no longer need such services. This is an interesting argument/point, but if you remove the rendevous service then how do you find the thing in your house? now the user has to manage DNS, or the service in question has to manage a dns entry for the customer, right? DNS is pretty easy. There are dozen’s of free web-UI based DNS services out there. Some of them even run by registrars. you'll be moving the (some of the) pain from 'nat' to 'dns' (or more generally naming and identification). I think though that in a better world, a service related to the thing you want to prod from outside would manage this stuff for you. I’m unconvinced. Perhaps I prefer to create an entry once vs. pay for some other service to do this and charge me on a monthly basis for a one-time action. It's important (I think) to not simplify the discussion as: Oh, with ipv6 magic happens! because there are still problems and design things to overcome even with unhindered end-to-end connectivity. I made no attempt to declare that there was any magic with IPv6. Indeed, my claim is that less magic is required. Owen
Re: AWS Elastic IP architecture
On Jun 4, 2015, at 6:10 PM, Christopher Morrow morrowc.li...@gmail.com wrote: On Thu, Jun 4, 2015 at 5:16 AM, Owen DeLong o...@delong.com wrote: On Jun 3, 2015, at 9:24 PM, Christopher Morrow morrowc.li...@gmail.com wrote: let's skip all NAT discussions on this topic from here on out, yes? Only if you can promise me 100% that the NAT in question will not break anything. :) people don't seem to be bothered today. People seem to tolerate it today. It is not clear to what extent they are not bothered vs. to what extent they suffer in silence because they do not know of any viable alternative. Owen
Weekly Routing Table Report
This is an automated weekly mailing describing the state of the Internet Routing Table as seen from APNIC's router in Japan. The posting is sent to APOPS, NANOG, AfNOG, AusNOG, SANOG, PacNOG, CaribNOG and the RIPE Routing Working Group. Daily listings are sent to bgp-st...@lists.apnic.net For historical data, please see http://thyme.rand.apnic.net. If you have any comments please contact Philip Smith pfsi...@gmail.com. Routing Table Report 04:00 +10GMT Sat 06 Jun, 2015 Report Website: http://thyme.rand.apnic.net Detailed Analysis: http://thyme.rand.apnic.net/current/ Analysis Summary BGP routing table entries examined: 547692 Prefixes after maximum aggregation (per Origin AS): 207937 Deaggregation factor: 2.63 Unique aggregates announced (without unneeded subnets): 266421 Total ASes present in the Internet Routing Table: 50534 Prefixes per ASN: 10.84 Origin-only ASes present in the Internet Routing Table: 36693 Origin ASes announcing only one prefix: 16281 Transit ASes present in the Internet Routing Table:6318 Transit-only ASes present in the Internet Routing Table:164 Average AS path length visible in the Internet Routing Table: 4.5 Max AS path length visible: 41 Max AS path prepend of ASN ( 12486) 32 Prefixes from unregistered ASNs in the Routing Table: 1186 Unregistered ASNs in the Routing Table: 419 Number of 32-bit ASNs allocated by the RIRs: 9729 Number of 32-bit ASNs visible in the Routing Table:7523 Prefixes from 32-bit ASNs in the Routing Table: 27427 Number of bogon 32-bit ASNs visible in the Routing Table:12 Special use prefixes present in the Routing Table:0 Prefixes being announced from unallocated address space:384 Number of addresses announced to Internet: 2770664672 Equivalent to 165 /8s, 36 /16s and 252 /24s Percentage of available address space announced: 74.8 Percentage of allocated address space announced: 74.8 Percentage of available address space allocated: 100.0 Percentage of address space in use by end-sites: 97.4 Total number of prefixes smaller than registry allocations: 183256 APNIC Region Analysis Summary - Prefixes being announced by APNIC Region ASes: 135256 Total APNIC prefixes after maximum aggregation: 39207 APNIC Deaggregation factor:3.45 Prefixes being announced from the APNIC address blocks: 141679 Unique aggregates announced from the APNIC address blocks:56816 APNIC Region origin ASes present in the Internet Routing Table:5059 APNIC Prefixes per ASN: 28.01 APNIC Region origin ASes announcing only one prefix: 1201 APNIC Region transit ASes present in the Internet Routing Table:876 Average APNIC Region AS path length visible:4.4 Max APNIC Region AS path length visible: 24 Number of APNIC region 32-bit ASNs visible in the Routing Table: 1478 Number of APNIC addresses announced to Internet: 749103296 Equivalent to 44 /8s, 166 /16s and 104 /24s Percentage of available APNIC address space announced: 87.5 APNIC AS Blocks4608-4864, 7467-7722, 9216-10239, 17408-18431 (pre-ERX allocations) 23552-24575, 37888-38911, 45056-46079, 55296-56319, 58368-59391, 63488-64098, 131072-135580 APNIC Address Blocks 1/8, 14/8, 27/8, 36/8, 39/8, 42/8, 43/8, 49/8, 58/8, 59/8, 60/8, 61/8, 101/8, 103/8, 106/8, 110/8, 111/8, 112/8, 113/8, 114/8, 115/8, 116/8, 117/8, 118/8, 119/8, 120/8, 121/8, 122/8, 123/8, 124/8, 125/8, 126/8, 133/8, 150/8, 153/8, 163/8, 171/8, 175/8, 180/8, 182/8, 183/8, 202/8, 203/8, 210/8, 211/8, 218/8, 219/8, 220/8, 221/8, 222/8, 223/8, ARIN Region Analysis Summary Prefixes being announced by ARIN Region ASes:179934 Total ARIN prefixes after maximum aggregation:88238 ARIN Deaggregation factor: 2.04 Prefixes being announced from the ARIN address blocks: 182237 Unique aggregates announced from the ARIN address blocks: 85060 ARIN Region origin ASes present in the Internet Routing Table:16629 ARIN Prefixes per
Re: stacking pdu
Rob Seastrom wrote on 6/4/2015 4:52 PM: William Herrin b...@herrin.us writes: Isn't it against the NEC and the fire code to stack power strips? We all do it, but isn't it against code? ... As always, when someone asserts that X is against code whether in the form of a statement or a question, the proper response is Citation, please! -r The fire marshal that regularly inspects our building will cite us if he sees an extension cord in use - even temporarily - or sees a temporary power tap/surge suppressor connected to another. Meanwhile, in another city, I see government and commercial buildings violating these rules for years. Perhaps there's some amount of interpretation allowed or some inspectors are more aggressive than others. --Blake
100G DWDM FEC standard
Hi, I just watched the evolution of ethernet speeds presentation from NANOG meeting. There was a statement that there was vendor secret sauce in the 100G DWDM space. Yes, that is true, but: http://www.stupi.se/Standards/100G-long-haul4.pdf There actually is a standard for 100G DWDM that has support from multiple router vendors. When you buy new gear, make sure your vendors support the above standard, so we can connect our routers over longer distances between vendors, without needing transponders. We in the Deutsche Telecom Terastream project have Huawei, Cisco, Juniper and ALU routers that natively (DWDM colored interfaces in the routers) talk directly to each other over 1500 km amplified DWDM system (no transponders), and we can also talk from these routers interfaces to Cisco and ALU transponders if we want to. https://jeffloughridge.wordpress.com/2013/10/16/peter-lothbergs-terastream-presentation-at-ripe-67/ if you want to know more about the project. Next time you purchase 100G DWDM equipment, make sure you buy equipment that follows this standard to be certain that it interoperates to combat vendor secret sauce. -- Mikael Abrahamssonemail: swm...@swm.pp.se
Re: NANOG 64 recordings
Working to find out and track down missing video. We will keep you posted. All best. Betty On Thu, Jun 4, 2015 at 7:31 PM, Pete Baldridge petebaldri...@gmail.com wrote: On June 4, 2015 10:11:02 AM PDT, Victor Zakharyev victor.zakhar...@gmail.com wrote: Does anyone have videos from Google presentations on Telemetry? Thanks! Victor чт, 4 июня 2015 г. в 9:51, Jay Ashworth j...@baylink.com: - Original Message - From: Sadiq Saif li...@sadiqs.com For those that missed them: https://www.youtube.com/playlist?list=PLO8DR5ZGla8ju3ftZv_S6L12jBkZKEJVZ Oh, outstanding. Thanks. Cheers, -- jra -- Jay R. Ashworth Baylink j...@baylink.com Designer The Things I Think RFC 2100 Ashworth Associates http://www.bcp38.info 2000 Land Rover DII St Petersburg FL USA BCP38: Ask For It By Name! +1 727 647 1274 Can anyone comment on what was in the video that's been removed? Is there somewhere else that it can be found? -- Pete Sent from mobile.
Re: stacking pdu
On 06/05/2015 11:47 AM, Blake Hudson wrote: The fire marshal that regularly inspects our building will cite us if he sees an extension cord in use - even temporarily - or sees a temporary power tap/surge suppressor connected to another. Meanwhile, in another city, I see government and commercial buildings violating these rules for years. Perhaps there's some amount of interpretation allowed or some inspectors are more aggressive than others. Or the local ordinances block daisy-chaining. I've run into this in several parts of the country, while other parts don't have local regulations -- particularly in commercial spaces, which include offices.
Re: stacking pdu
APC does make some 'half rack' PDU's that take a C20 inlet so they could hang off a C19 outlet on another PDU: http://www.apc.com/resource/include/techspec_index.cfm?base_sku=AP8858displayList=ALLpage_type=displaybasicprinter_friendly=yes http://www.apc.com/resource/include/techspec_index.cfm?base_sku=AP7821displayList=ALLpage_type=displaybasicprinter_friendly=yes On the software side, just use a master PDU with metering. These sub ones are also metered but you would want to look at the total utilization on the master. No comment if its to code... On Fri, Jun 5, 2015 at 12:51 AM, shawn wilson ag4ve...@gmail.com wrote: Well, I was kinda thinking this would turn out to be a dumb question / have an obvious answer. Apparently not. But it seems I can't go buy a solution either. I guess there isn't much of a market (though I am just talking software - maybe someone could make an update :) ).
Re: stacking pdu
On Fri, 5 Jun 2015, Blake Hudson wrote: The fire marshal that regularly inspects our building will cite us if he sees an extension cord in use - even temporarily - or sees a temporary power tap/surge suppressor connected to another. Meanwhile, in another city, I see government and commercial buildings violating these rules for years. Perhaps there's some amount of interpretation allowed or some inspectors are more aggressive than others. Every Authority Having Jurisdiction (AHJ) is their own fiefdom. Although there are a few model national codes, its the locally enacted law and AHJ interpretation that rules. And, yes, the effectiveness and knowledge of AHJs varies greatly. It wouldn't surprise me if there were some places with no building codes or inspectors.
The Cidr Report
This report has been generated at Fri Jun 5 21:14:36 2015 AEST. The report analyses the BGP Routing Table of AS2.0 router and generates a report on aggregation potential within the table. Check http://www.cidr-report.org/2.0 for a current version of this report. Recent Table History Date PrefixesCIDR Agg 29-05-15554940 306130 30-05-15555224 305988 31-05-15555285 303956 01-06-15555184 304348 02-06-15555140 304122 03-06-15555349 304869 04-06-15555053 304962 05-06-15555774 304969 AS Summary 50788 Number of ASes in routing system 20205 Number of ASes announcing only one prefix 3247 Largest number of prefixes announced by an AS AS10620: Telmex Colombia S.A.,CO 120824832 Largest address span announced by an AS (/32s) AS4134 : CHINANET-BACKBONE No.31,Jin-rong Street,CN Aggregation Summary The algorithm used in this report proposes aggregation only when there is a precise match using the AS path, so as to preserve traffic transit policies. Aggregation is also proposed across non-advertised address space ('holes'). --- 05Jun15 --- ASnumNetsNow NetsAggr NetGain % Gain Description Table 556726 305104 25162245.2% All ASes AS22773 3094 172 292294.4% ASN-CXA-ALL-CCI-22773-RDC - Cox Communications Inc.,US AS6389 2795 99 269696.5% BELLSOUTH-NET-BLK - BellSouth.net Inc.,US AS9394 2923 316 260789.2% CTTNET China TieTong Telecommunications Corporation,CN AS17974 2688 81 260797.0% TELKOMNET-AS2-AP PT Telekomunikasi Indonesia,ID AS39891 2473 34 243998.6% ALJAWWALSTC-AS Saudi Telecom Company JSC,SA AS28573 2256 288 196887.2% NET Serviços de Comunicação S.A.,BR AS3356 2571 776 179569.8% LEVEL3 - Level 3 Communications, Inc.,US AS4755 2021 260 176187.1% TATACOMM-AS TATA Communications formerly VSNL is Leading ISP,IN AS4766 2923 1303 162055.4% KIXS-AS-KR Korea Telecom,KR AS9808 1584 67 151795.8% CMNET-GD Guangdong Mobile Communication Co.Ltd.,CN AS6983 1747 247 150085.9% ITCDELTA - Earthlink, Inc.,US AS10620 3247 1828 141943.7% Telmex Colombia S.A.,CO AS20115 1883 489 139474.0% CHARTER-NET-HKY-NC - Charter Communications,US AS7303 1666 287 137982.8% Telecom Argentina S.A.,AR AS6147 1617 281 133682.6% Telefonica del Peru S.A.A.,PE AS9498 1336 117 121991.2% BBIL-AP BHARTI Airtel Ltd.,IN AS4323 1614 411 120374.5% TWTC - tw telecom holdings, inc.,US AS18566 2047 895 115256.3% MEGAPATH5-US - MegaPath Corporation,US AS7545 2646 1498 114843.4% TPG-INTERNET-AP TPG Telecom Limited,AU AS22561 1365 260 110581.0% CENTURYLINK-LEGACY-LIGHTCORE - CenturyTel Internet Holdings, Inc.,US AS7552 1155 59 109694.9% VIETEL-AS-AP Viettel Corporation,VN AS8402 1033 26 100797.5% CORBINA-AS OJSC Vimpelcom,RU AS6849 1210 221 98981.7% UKRTELNET JSC UKRTELECOM,UA AS8151 1696 733 96356.8% Uninet S.A. de C.V.,MX AS4538 1953 1037 91646.9% ERX-CERNET-BKB China Education and Research Network Center,CN AS7738 999 83 91691.7% Telemar Norte Leste S.A.,BR AS26615 1072 173 89983.9% Tim Celular S.A.,BR AS38285 979 126 85387.1% M2TELECOMMUNICATIONS-AU M2 Telecommunications Group Ltd,AU AS18881 869 33 83696.2% Global Village Telecom,BR AS4780 1112 299 81373.1% SEEDNET Digital United Inc.,TW Total 56574
Re: stacking pdu
I was pretty much thinking the same, get a switched/metered outlet PDU. APC, ServerTech, et al have them, then daisy chain something like a Dell AP6015 off the outlet. No clue about NEC/local laws, but the Dells are pretty much setup for that type of setup. On Jun 5, 2015, at 5:20 PM, Brian Loveland br...@bloveland.com wrote: APC does make some 'half rack' PDU's that take a C20 inlet so they could hang off a C19 outlet on another PDU: http://www.apc.com/resource/include/techspec_index.cfm?base_sku=AP8858displayList=ALLpage_type=displaybasicprinter_friendly=yes http://www.apc.com/resource/include/techspec_index.cfm?base_sku=AP7821displayList=ALLpage_type=displaybasicprinter_friendly=yes On the software side, just use a master PDU with metering. These sub ones are also metered but you would want to look at the total utilization on the master. No comment if its to code... On Fri, Jun 5, 2015 at 12:51 AM, shawn wilson ag4ve...@gmail.com wrote: Well, I was kinda thinking this would turn out to be a dumb question / have an obvious answer. Apparently not. But it seems I can't go buy a solution either. I guess there isn't much of a market (though I am just talking software - maybe someone could make an update :) ).
Re: stacking pdu
On Fri, Jun 5, 2015 at 2:47 PM, Blake Hudson bl...@ispn.net wrote: William Herrin b...@herrin.us writes: Isn't it against the NEC and the fire code to stack power strips? We all do it, but isn't it against code? The fire marshal that regularly inspects our building will cite us if he sees an extension cord in use - even temporarily - or sees a temporary power tap/surge suppressor connected to another. I was dinged for power strips connected to a cube tap. I don't have the citation handy, but I looked it up at the time and it was definitely against code. Regards, Bill Herrin -- William Herrin her...@dirtside.com b...@herrin.us Owner, Dirtside Systems . Web: http://www.dirtside.com/
BGP Update Report
BGP Update Report Interval: 28-May-15 -to- 04-Jun-15 (7 days) Observation Point: BGP Peering with AS131072 TOP 20 Unstable Origin AS Rank ASNUpds % Upds/PfxAS-Name 1 - AS23752 303258 5.1%1849.1 -- NPTELECOM-NP-AS Nepal Telecommunications Corporation, Internet Services,NP 2 - AS9829 211796 3.6% 124.2 -- BSNL-NIB National Internet Backbone,IN 3 - AS22059 118918 2.0% 16988.3 -- APVIO-1 - Apvio, Inc.,US 4 - AS45899 92287 1.6% 141.8 -- VNPT-AS-VN VNPT Corp,VN 5 - AS36947 86629 1.5% 444.3 -- ALGTEL-AS,DZ 6 - AS605784636 1.4% 148.7 -- Administracion Nacional de Telecomunicaciones,UY 7 - AS54169 76305 1.3% 25435.0 -- MGH-ION-1 - Marin General Hospital,US 8 - AS755268403 1.1% 52.4 -- VIETEL-AS-AP Viettel Corporation,VN 9 - AS370963454 1.1%2350.1 -- NET-CITY-SA - City of San Antonio,US 10 - AS45609 62338 1.1% 98.9 -- BHARTI-MOBILITY-AS-AP Bharti Airtel Ltd. AS for GPRS Service,IN 11 - AS17451 46776 0.8% 113.5 -- BIZNET-AS-AP BIZNET NETWORKS,ID 12 - AS39891 45386 0.8% 18.4 -- ALJAWWALSTC-AS Saudi Telecom Company JSC,SA 13 - AS22368 42626 0.7% 246.4 -- TELEBUCARAMANGA S.A. E.S.P.,CO 14 - AS381631516 0.5% 33.0 -- COLOMBIA TELECOMUNICACIONES S.A. ESP,CO 15 - AS840231238 0.5% 25.4 -- CORBINA-AS OJSC Vimpelcom,RU 16 - AS18051 30007 0.5% 535.8 -- JARDIKNAS-AS-AP Pustekkom,ID 17 - AS132220 27786 0.5% 524.3 -- JPRDIGITAL-IN JPR Digital Pvt. Ltd.,IN 18 - AS764327258 0.5% 86.5 -- VNPT-AS-VN Vietnam Posts and Telecommunications (VNPT),VN 19 - AS33659 27102 0.5% 934.6 -- CMCS - Comcast Cable Communications, Inc.,US 20 - AS24560 26680 0.5% 21.5 -- AIRTELBROADBAND-AS-AP Bharti Airtel Ltd., Telemedia Services,IN TOP 20 Unstable Origin AS (Updates per announced prefix) Rank ASNUpds % Upds/PfxAS-Name 1 - AS54169 76305 1.3% 25435.0 -- MGH-ION-1 - Marin General Hospital,US 2 - AS22059 118918 2.0% 16988.3 -- APVIO-1 - Apvio, Inc.,US 3 - AS33287 22472 0.4% 11236.0 -- COMCAST-33287 - Comcast Cable Communications, Inc.,US 4 - AS3935889572 0.2%9572.0 -- MUBEA-FLO - Mubea,US 5 - AS610399307 0.2%9307.0 -- ZMZ OAO ZMZ,RU 6 - AS37515 14872 0.2%7436.0 -- iCONNECT,ZA 7 - AS55350 26186 0.4%6546.5 -- VSCGT-HK Virtual Switching Consultancy Limited (C/O VXRoutes Ltd),HK 8 - AS195025435 0.1%5435.0 -- CRANEWAREINSIGHT-AS - Craneware Insight, Inc.,US 9 - AS32005 14462 0.2%3615.5 -- THE-CHURCH-PENSION-GROUP - CHURCH PENSION GROUP SERVICES CORPORATION,US 10 - AS2637302432 0.0%2432.0 -- TELECABLE SABANETA SRL,DO 11 - AS334409569 0.2%2392.2 -- WEBRULON-NETWORK - webRulon, LLC,US 12 - AS370963454 1.1%2350.1 -- NET-CITY-SA - City of San Antonio,US 13 - AS31357 12274 0.2%2045.7 -- TOMICA-AS Tomsk Information and Consulting Agency,RU 14 - AS23752 303258 5.1%1849.1 -- NPTELECOM-NP-AS Nepal Telecommunications Corporation, Internet Services,NP 15 - AS210731712 0.0%1712.0 -- ZORANET-AS Zoranet Internetdiensten,NL 16 - AS1466 6747 0.1%1686.8 -- DNIC-AS-01466 - Headquarters, USAISC,US 17 - AS15835 11343 0.2%1620.4 -- MAP Moscow Network Access Point,RU 18 - AS380006408 0.1%1602.0 -- CRISIL-AS [CRISIL Limited.Autonomous System],IN 19 - AS476807834 0.1%1566.8 -- NHCS EOBO Limited,IE 20 - AS1979144421 0.1%1473.7 -- STOCKHO-AS Stockho Hosting SARL,FR TOP 20 Unstable Prefixes Rank Prefix Upds % Origin AS -- AS Name 1 - 202.70.88.0/21 150875 2.5% AS23752 -- NPTELECOM-NP-AS Nepal Telecommunications Corporation, Internet Services,NP 2 - 202.70.64.0/21 149557 2.5% AS23752 -- NPTELECOM-NP-AS Nepal Telecommunications Corporation, Internet Services,NP 3 - 105.96.0.0/22 84979 1.4% AS36947 -- ALGTEL-AS,DZ 4 - 204.80.242.0/24 76299 1.2% AS54169 -- MGH-ION-1 - Marin General Hospital,US 5 - 64.34.125.0/2459532 1.0% AS22059 -- APVIO-1 - Apvio, Inc.,US 6 - 76.191.107.0/24 59381 1.0% AS22059 -- APVIO-1 - Apvio, Inc.,US 7 - 199.204.107.0/24 49538 0.8% AS13338 -- HAYGROUP-ASN - HAY GROUP INC,US AS33287 -- COMCAST-33287 - Comcast Cable Communications, Inc.,US AS33659 -- CMCS - Comcast Cable Communications, Inc.,US 8 - 103.4.244.0/2213178 0.2% AS55350 -- VSCGT-HK Virtual Switching Consultancy Limited (C/O VXRoutes Ltd),HK 9 - 175.100.164.0/22 12969 0.2% AS55350 -- VSCGT-HK Virtual Switching Consultancy Limited (C/O VXRoutes
eBay is looking for network heavies...
Hello All, eBay is looking for folks to join our Site Network Engineering team. eBay Site Network Engineering is responsible for the eBay SITE network from ToR to Peering Edge. You won't be bored. You will be challenged. You will have fun! This position is located in San Jose, California @ eBay HQ although exception may be made for extremely well qualified candidates. *Qualifications:* - 7+ years of experience in network design and implementation - 7+ years working at the highest level of technical escalation - Expert level multi-vendor experience in routing switching with Arista, Cisco, Juniper, Nexus platforms - Expert level understanding of IPv4 IPv6. Bonus points if you can tell me about IPv8. (The old guard will get that joke.) - Expert level BGP and OSPF - Understanding of multicast technologies such as PIM-SM and PIM-BiDir - Understanding of QoS and implementation strategies - Experience with L2 technologies such as MLAG and VPC - Experience with cloud architectures and network automation - Experience with SDN technologies such as VXLAN, NVGRE and Open vSwitch - Expert level troubleshooting skills - Functional knowledge of and comfort working in *nix environments - Ability to script in Bash, Perl, or other relevant languages. (Bonus for Python) - Excellent communications and documentation skills Head of line for CCIE / JNCIE but knowledge and experience trumps a piece of paper every time! BSCS or other 4-year degree desired - may be substituted with relevant work experience Translation of the above: Are you considered an expert by your industry peers? We know your family thinks you're a genius. Do your peers in the networking community agree? Do you want work on the bleeding edge of technology, playing with the biggest, baddest and bestest toys? Are you a team player who can also work alone providing creative solutions to complex problems using your out of the box thinking? Are you tired of being the smartest guy in the room when you're at work? Well then, I've got the job you're looking for! The above qualifications are the wish list. That should give you a feel of whether or not you're qualified for this position though. You know your own skill set better than anyone else. Just be advised: Please don't be a buzzword bandit on your CV. If you list a skill or experience, its fair game to ask you about these - in depth - during your phone screen and any subsequent in-person interviews. Interested and Qualified candidates, please forward your CVs to jfraizer at ebay dot com. eBay, Inc is an Equal Opportunity Employer -- John Fraizer MTS2 - eBay Site Network Engineering
Re: eBay is looking for network heavies...
On Jun 5, 2015, at 7:13 PM, John Fraizer j...@op-sec.us wrote: Head of line for CCIE / JNCIE but knowledge and experience trumps a piece of paper every time! Can you please put these at the back of the line? My experience is that the cisco certification (at least) is evidence of the absence of actual troubleshooting skills. (or my standards of what defines “expert” are different than the rest of the world). - Jared
Re: eBay is looking for network heavies...
On 06 Jun 2015, at 02:26, Jared Mauch ja...@puck.nether.net wrote: On Jun 5, 2015, at 7:13 PM, John Fraizer j...@op-sec.us wrote: Head of line for CCIE / JNCIE but knowledge and experience trumps a piece of paper every time! Can you please put these at the back of the line? My experience is that the cisco certification (at least) is evidence of the absence of actual troubleshooting skills. (or my standards of what defines “expert” are different than the rest of the world). Jared, don’t generalize. True - there are people that are ‘paper’ CCIE/JNCIEs - but let’s not start a rant unless you've met tens of CCIEs/JNCIEs and all of them didn’t know a jack. About troubleshooting. — CCIE #15929 RS/SP, CCDE #2012::17 (not that I’d know anything about troubleshooting of course)
Re: eBay is looking for network heavies...
--- j...@op-sec.us wrote: From: John Fraizer j...@op-sec.us Bonus points if you can tell me about IPv8. (The old guard will get that joke.) Long live Jim! U...Never mind... :-) scott
Re: eBay is looking for network heavies...
we're allowed to recruit on nanog?... On Fri, Jun 5, 2015 at 4:19 PM John Fraizer j...@op-sec.us wrote: Hello All, eBay is looking for folks to join our Site Network Engineering team. eBay Site Network Engineering is responsible for the eBay SITE network from ToR to Peering Edge. You won't be bored. You will be challenged. You will have fun! This position is located in San Jose, California @ eBay HQ although exception may be made for extremely well qualified candidates. *Qualifications:* - 7+ years of experience in network design and implementation - 7+ years working at the highest level of technical escalation - Expert level multi-vendor experience in routing switching with Arista, Cisco, Juniper, Nexus platforms - Expert level understanding of IPv4 IPv6. Bonus points if you can tell me about IPv8. (The old guard will get that joke.) - Expert level BGP and OSPF - Understanding of multicast technologies such as PIM-SM and PIM-BiDir - Understanding of QoS and implementation strategies - Experience with L2 technologies such as MLAG and VPC - Experience with cloud architectures and network automation - Experience with SDN technologies such as VXLAN, NVGRE and Open vSwitch - Expert level troubleshooting skills - Functional knowledge of and comfort working in *nix environments - Ability to script in Bash, Perl, or other relevant languages. (Bonus for Python) - Excellent communications and documentation skills Head of line for CCIE / JNCIE but knowledge and experience trumps a piece of paper every time! BSCS or other 4-year degree desired - may be substituted with relevant work experience Translation of the above: Are you considered an expert by your industry peers? We know your family thinks you're a genius. Do your peers in the networking community agree? Do you want work on the bleeding edge of technology, playing with the biggest, baddest and bestest toys? Are you a team player who can also work alone providing creative solutions to complex problems using your out of the box thinking? Are you tired of being the smartest guy in the room when you're at work? Well then, I've got the job you're looking for! The above qualifications are the wish list. That should give you a feel of whether or not you're qualified for this position though. You know your own skill set better than anyone else. Just be advised: Please don't be a buzzword bandit on your CV. If you list a skill or experience, its fair game to ask you about these - in depth - during your phone screen and any subsequent in-person interviews. Interested and Qualified candidates, please forward your CVs to jfraizer at ebay dot com. eBay, Inc is an Equal Opportunity Employer -- John Fraizer MTS2 - eBay Site Network Engineering
Re: eBay is looking for network heavies...
On Fri, 5 Jun 2015, Scott Weeks wrote: --- j...@op-sec.us wrote: From: John Fraizer j...@op-sec.us Bonus points if you can tell me about IPv8. (The old guard will get that joke.) Long live Jim! U...Never mind... Who? Get off my stargate. :) :0 * ^From:.*(jfleming@anet\.com|ipv6nog@gmail\.com|*fleming@unety\.net) /dev/null -- Jon Lewis, MCP :) | I route | therefore you are _ http://www.lewis.org/~jlewis/pgp for PGP public key_
Re: eBay is looking for network heavies...
Folks, It's just a piece of paper in my opinion. A person either knows their stuff or they don't. Less than 5min on a phone screen and I will know if they bought their certification(s) or earned them. Sadly, I've spoken to far too many who give some validation to Jared's comment. I'm wondering how many proctors have been paid off or if people are buying fake id's for smart people and paying them to sit for the tests posing as them. John Fraizer --Sent from my Android phone. Please excuse any typos. On Jun 5, 2015 5:45 PM, Łukasz Bromirski luk...@bromirski.net wrote: On 06 Jun 2015, at 02:26, Jared Mauch ja...@puck.nether.net wrote: On Jun 5, 2015, at 7:13 PM, John Fraizer j...@op-sec.us wrote: Head of line for CCIE / JNCIE but knowledge and experience trumps a piece of paper every time! Can you please put these at the back of the line? My experience is that the cisco certification (at least) is evidence of the absence of actual troubleshooting skills. (or my standards of what defines “expert” are different than the rest of the world). Jared, don’t generalize. True - there are people that are ‘paper’ CCIE/JNCIEs - but let’s not start a rant unless you've met tens of CCIEs/JNCIEs and all of them didn’t know a jack. About troubleshooting. — CCIE #15929 RS/SP, CCDE #2012::17 (not that I’d know anything about troubleshooting of course)
Re: eBay is looking for network heavies...
Please use below mailing list for job posting http://mailman.nanog.org/mailman/listinfo/jobs Mehmet On Jun 5, 2015, at 19:13, John Fraizer j...@op-sec.us wrote: Hello All, eBay is looking for folks to join our Site Network Engineering team. eBay Site Network Engineering is responsible for the eBay SITE network from ToR to Peering Edge. You won't be bored. You will be challenged. You will have fun! This position is located in San Jose, California @ eBay HQ although exception may be made for extremely well qualified candidates. *Qualifications:* - 7+ years of experience in network design and implementation - 7+ years working at the highest level of technical escalation - Expert level multi-vendor experience in routing switching with Arista, Cisco, Juniper, Nexus platforms - Expert level understanding of IPv4 IPv6. Bonus points if you can tell me about IPv8. (The old guard will get that joke.) - Expert level BGP and OSPF - Understanding of multicast technologies such as PIM-SM and PIM-BiDir - Understanding of QoS and implementation strategies - Experience with L2 technologies such as MLAG and VPC - Experience with cloud architectures and network automation - Experience with SDN technologies such as VXLAN, NVGRE and Open vSwitch - Expert level troubleshooting skills - Functional knowledge of and comfort working in *nix environments - Ability to script in Bash, Perl, or other relevant languages. (Bonus for Python) - Excellent communications and documentation skills Head of line for CCIE / JNCIE but knowledge and experience trumps a piece of paper every time! BSCS or other 4-year degree desired - may be substituted with relevant work experience Translation of the above: Are you considered an expert by your industry peers? We know your family thinks you're a genius. Do your peers in the networking community agree? Do you want work on the bleeding edge of technology, playing with the biggest, baddest and bestest toys? Are you a team player who can also work alone providing creative solutions to complex problems using your out of the box thinking? Are you tired of being the smartest guy in the room when you're at work? Well then, I've got the job you're looking for! The above qualifications are the wish list. That should give you a feel of whether or not you're qualified for this position though. You know your own skill set better than anyone else. Just be advised: Please don't be a buzzword bandit on your CV. If you list a skill or experience, its fair game to ask you about these - in depth - during your phone screen and any subsequent in-person interviews. Interested and Qualified candidates, please forward your CVs to jfraizer at ebay dot com. eBay, Inc is an Equal Opportunity Employer -- John Fraizer MTS2 - eBay Site Network Engineering
Re: eBay is looking for network heavies...
It's been over a decade since I was an active participant on NANOG. I didn't know that the NANOG-JOBS list existed. Sometimes it's easier to ask for forgiveness than permission though. I guess it's a good thing Susan H. isn't here to throw me in NANOG jail, huh? John Fraizer --Sent from my Android phone. Please excuse any typos. On Jun 5, 2015 6:23 PM, ryanL ryan.lan...@gmail.com wrote: we're allowed to recruit on nanog?... On Fri, Jun 5, 2015 at 4:19 PM John Fraizer j...@op-sec.us wrote: Hello All, eBay is looking for folks to join our Site Network Engineering team. eBay Site Network Engineering is responsible for the eBay SITE network from ToR to Peering Edge. You won't be bored. You will be challenged. You will have fun! This position is located in San Jose, California @ eBay HQ although exception may be made for extremely well qualified candidates. *Qualifications:* - 7+ years of experience in network design and implementation - 7+ years working at the highest level of technical escalation - Expert level multi-vendor experience in routing switching with Arista, Cisco, Juniper, Nexus platforms - Expert level understanding of IPv4 IPv6. Bonus points if you can tell me about IPv8. (The old guard will get that joke.) - Expert level BGP and OSPF - Understanding of multicast technologies such as PIM-SM and PIM-BiDir - Understanding of QoS and implementation strategies - Experience with L2 technologies such as MLAG and VPC - Experience with cloud architectures and network automation - Experience with SDN technologies such as VXLAN, NVGRE and Open vSwitch - Expert level troubleshooting skills - Functional knowledge of and comfort working in *nix environments - Ability to script in Bash, Perl, or other relevant languages. (Bonus for Python) - Excellent communications and documentation skills Head of line for CCIE / JNCIE but knowledge and experience trumps a piece of paper every time! BSCS or other 4-year degree desired - may be substituted with relevant work experience Translation of the above: Are you considered an expert by your industry peers? We know your family thinks you're a genius. Do your peers in the networking community agree? Do you want work on the bleeding edge of technology, playing with the biggest, baddest and bestest toys? Are you a team player who can also work alone providing creative solutions to complex problems using your out of the box thinking? Are you tired of being the smartest guy in the room when you're at work? Well then, I've got the job you're looking for! The above qualifications are the wish list. That should give you a feel of whether or not you're qualified for this position though. You know your own skill set better than anyone else. Just be advised: Please don't be a buzzword bandit on your CV. If you list a skill or experience, its fair game to ask you about these - in depth - during your phone screen and any subsequent in-person interviews. Interested and Qualified candidates, please forward your CVs to jfraizer at ebay dot com. eBay, Inc is an Equal Opportunity Employer -- John Fraizer MTS2 - eBay Site Network Engineering
Re: eBay is looking for network heavies...
On 06/05/2015 06:38 PM, Mike Hale wrote: We need a pool on what percentage of readers just googled traceroute. I didn't google traceroute. Didn't need to. Instead, I drew on the knowledge I gained when Clifford and I wrote _Linux IP Stacks Commentary_. Unfortunately, the Steven's books are not required reading in CCIE prep.
Re: eBay is looking for network heavies...
Based on the number of certified people I've interviewed over the last 20yr, my default view lines up with Jared's 100% On Fri, Jun 5, 2015 at 10:38 PM, Mike Hale eyeronic.des...@gmail.com wrote: We need a pool on what percentage of readers just googled traceroute. On Jun 5, 2015 6:28 PM, na...@cdl.asgaard.org wrote: On 5 Jun 2015, at 17:45, Łukasz Bromirski wrote: On 06 Jun 2015, at 02:26, Jared Mauch ja...@puck.nether.net wrote: On Jun 5, 2015, at 7:13 PM, John Fraizer j...@op-sec.us wrote: Head of line for CCIE / JNCIE but knowledge and experience trumps a piece of paper every time! Can you please put these at the back of the line? My experience is that the cisco certification (at least) is evidence of the absence of actual troubleshooting skills. (or my standards of what defines “expert” are different than the rest of the world). Jared, don’t generalize. True - there are people that are ‘paper’ CCIE/JNCIEs - but let’s not start a rant unless you've met tens of CCIEs/JNCIEs and all of them didn’t know a jack. About troubleshooting. 't We had one CCIE at a previous job who just didn't click no matter how much we tried to train on the architecture. Eventually in one backbone event, he kept saying that the problem couldn't be with a given router because traceroute worked. When it was pointed out that the potential fault wouldn't cause traceroute to fail, we got a very puzzled look. We then asked him to explain how traceroute worked. He spectacularly failed. It became a tongue-in-cheek interview question. What was boggling was the number of *IE's that failed trying to explain traceroute's mechanics. My test, as crass as it is. If your CV headlines with a JCIE/CCIE, I am pretty certain that you have very little real-world experience. If it's a footnote somewhere, that's ok. Christopher — CCIE #15929 RS/SP, CCDE #2012::17 (not that I’d know anything about troubleshooting of course) -- 李柯睿 Avt tace, avt loqvere meliora silentio Check my PGP key here: http://www.asgaard.org/cdl/cdl.asc Current vCard here: http://www.asgaard.org/cdl/cdl.vcf keybase: https://keybase.io/liljenstolpe
Re: eBay is looking for network heavies...
'pathping' . learned something new today... Did not know such a command existed in windows.. Been working with computers for over 30 years, while I don't care as to what it says about how much I know, but it sure reminds me that that their is always something more that one can learn ! Thank You. :) Faisal Imtiaz Snappy Internet Telecom 7266 SW 48 Street Miami, FL 33155 Tel: 305 663 5518 x 232 Help-desk: (305)663-5518 Option 2 or Email: supp...@snappytelecom.net - Original Message - From: James Laszko jam...@mythostech.com To: Mike Hale eyeronic.des...@gmail.com Cc: NANOG Operators' Group nanog@nanog.org Sent: Friday, June 5, 2015 9:57:38 PM Subject: Re: eBay is looking for network heavies... I asked one of my guys to tracert in windows for something and he executed pathping. I have never seen that in 25 years Go figure! James Laszko Mythos Technology Inc jam...@mythostech.com Sent from my iPhone On Jun 5, 2015, at 18:40, Mike Hale eyeronic.des...@gmail.com wrote: We need a pool on what percentage of readers just googled traceroute. On Jun 5, 2015 6:28 PM, na...@cdl.asgaard.org wrote: On 5 Jun 2015, at 17:45, Łukasz Bromirski wrote: On 06 Jun 2015, at 02:26, Jared Mauch ja...@puck.nether.net wrote: On Jun 5, 2015, at 7:13 PM, John Fraizer j...@op-sec.us wrote: Head of line for CCIE / JNCIE but knowledge and experience trumps a piece of paper every time! Can you please put these at the back of the line? My experience is that the cisco certification (at least) is evidence of the absence of actual troubleshooting skills. (or my standards of what defines “expert” are different than the rest of the world). Jared, don’t generalize. True - there are people that are ‘paper’ CCIE/JNCIEs - but let’s not start a rant unless you've met tens of CCIEs/JNCIEs and all of them didn’t know a jack. About troubleshooting. 't We had one CCIE at a previous job who just didn't click no matter how much we tried to train on the architecture. Eventually in one backbone event, he kept saying that the problem couldn't be with a given router because traceroute worked. When it was pointed out that the potential fault wouldn't cause traceroute to fail, we got a very puzzled look. We then asked him to explain how traceroute worked. He spectacularly failed. It became a tongue-in-cheek interview question. What was boggling was the number of *IE's that failed trying to explain traceroute's mechanics. My test, as crass as it is. If your CV headlines with a JCIE/CCIE, I am pretty certain that you have very little real-world experience. If it's a footnote somewhere, that's ok. Christopher — CCIE #15929 RS/SP, CCDE #2012::17 (not that I’d know anything about troubleshooting of course) -- 李柯睿 Avt tace, avt loqvere meliora silentio Check my PGP key here: http://www.asgaard.org/cdl/cdl.asc Current vCard here: http://www.asgaard.org/cdl/cdl.vcf keybase: https://keybase.io/liljenstolpe
Re: eBay is looking for network heavies...
On 5 Jun 2015, at 17:45, Łukasz Bromirski wrote: On 06 Jun 2015, at 02:26, Jared Mauch ja...@puck.nether.net wrote: On Jun 5, 2015, at 7:13 PM, John Fraizer j...@op-sec.us wrote: Head of line for CCIE / JNCIE but knowledge and experience trumps a piece of paper every time! Can you please put these at the back of the line? My experience is that the cisco certification (at least) is evidence of the absence of actual troubleshooting skills. (or my standards of what defines “expert” are different than the rest of the world). Jared, don’t generalize. True - there are people that are ‘paper’ CCIE/JNCIEs - but let’s not start a rant unless you've met tens of CCIEs/JNCIEs and all of them didn’t know a jack. About troubleshooting. 't We had one CCIE at a previous job who just didn't click no matter how much we tried to train on the architecture. Eventually in one backbone event, he kept saying that the problem couldn't be with a given router because traceroute worked. When it was pointed out that the potential fault wouldn't cause traceroute to fail, we got a very puzzled look. We then asked him to explain how traceroute worked. He spectacularly failed. It became a tongue-in-cheek interview question. What was boggling was the number of *IE's that failed trying to explain traceroute's mechanics. My test, as crass as it is. If your CV headlines with a JCIE/CCIE, I am pretty certain that you have very little real-world experience. If it's a footnote somewhere, that's ok. Christopher — CCIE #15929 RS/SP, CCDE #2012::17 (not that I’d know anything about troubleshooting of course) -- 李柯睿 Avt tace, avt loqvere meliora silentio Check my PGP key here: http://www.asgaard.org/cdl/cdl.asc Current vCard here: http://www.asgaard.org/cdl/cdl.vcf keybase: https://keybase.io/liljenstolpe
Re: eBay is looking for network heavies...
whois traceroute … manning On 5June2015Friday, at 18:38, Mike Hale eyeronic.des...@gmail.com wrote: We need a pool on what percentage of readers just googled traceroute.
interviewing [was] Re: eBay is looking for network heavies...
- It became a tongue-in-cheek interview question. What was boggling was the number of *IE's that failed trying to explain traceroute's mechanics. One thing I have done in the past is encourage the person to succeed at the interview, rather than see how they fail. I do this because some folks don't interview well, but they really know their stuff or have other attributes that make them desirable, such as a great work ethic and a desire to learn. One way to do this is find out how they'd go about solving a problem, rather than what find out what they've memorized. :: We need a pool on what percentage of readers just :: googled traceroute. Exactly. I've read ras' paper several times, but I don't memorize it. If I need to look something about it up for some reason, I know where to go: https://www.nanog.org/meetings/nanog47/presentations/Sunday/RAS_Traceroute_N47_Sun.pdf Ask me in an interview when I'm nervous and I stumble like a nerd asking a girl out on a date. Say something a little silly then try to recover only to say something more dumb finally trying to recover from both only to say something stupid and finally throwing up my hands in disgust knowing I'm not going to get the date/job. :-) This happened to me around 6-8 months ago. scott
Re: eBay is looking for network heavies...
I asked one of my guys to tracert in windows for something and he executed pathping. I have never seen that in 25 years Go figure! James Laszko Mythos Technology Inc jam...@mythostech.com Sent from my iPhone On Jun 5, 2015, at 18:40, Mike Hale eyeronic.des...@gmail.com wrote: We need a pool on what percentage of readers just googled traceroute. On Jun 5, 2015 6:28 PM, na...@cdl.asgaard.org wrote: On 5 Jun 2015, at 17:45, Łukasz Bromirski wrote: On 06 Jun 2015, at 02:26, Jared Mauch ja...@puck.nether.net wrote: On Jun 5, 2015, at 7:13 PM, John Fraizer j...@op-sec.us wrote: Head of line for CCIE / JNCIE but knowledge and experience trumps a piece of paper every time! Can you please put these at the back of the line? My experience is that the cisco certification (at least) is evidence of the absence of actual troubleshooting skills. (or my standards of what defines “expert” are different than the rest of the world). Jared, don’t generalize. True - there are people that are ‘paper’ CCIE/JNCIEs - but let’s not start a rant unless you've met tens of CCIEs/JNCIEs and all of them didn’t know a jack. About troubleshooting. 't We had one CCIE at a previous job who just didn't click no matter how much we tried to train on the architecture. Eventually in one backbone event, he kept saying that the problem couldn't be with a given router because traceroute worked. When it was pointed out that the potential fault wouldn't cause traceroute to fail, we got a very puzzled look. We then asked him to explain how traceroute worked. He spectacularly failed. It became a tongue-in-cheek interview question. What was boggling was the number of *IE's that failed trying to explain traceroute's mechanics. My test, as crass as it is. If your CV headlines with a JCIE/CCIE, I am pretty certain that you have very little real-world experience. If it's a footnote somewhere, that's ok. Christopher — CCIE #15929 RS/SP, CCDE #2012::17 (not that I’d know anything about troubleshooting of course) -- 李柯睿 Avt tace, avt loqvere meliora silentio Check my PGP key here: http://www.asgaard.org/cdl/cdl.asc Current vCard here: http://www.asgaard.org/cdl/cdl.vcf keybase: https://keybase.io/liljenstolpe