Re: Advertisement of Equinix Chicago IX Subnet

[Cummings, Chris]

Not too sure about your topology, but I’ve had something similar bite me, so we 
typically put a prefix list inbound to deny receiving our internal prefixes 
from our peers. This probably doesn’t work as well if your network is less 
“eyeballish” than ours, however.

/chris



On Wed, Mar 27, 2019 at 4:37 PM -0500, "Graham Johnston" 
mailto:johnst...@westmancom.com>> wrote:

This afternoon at around 12:17 central time today we began learning the subnet 
for the Equinix IX in Chicago via a transit provider; we are on the IX as well. 
The subnet in question is 208.115.136.0/23. Using 
stat.ripe.net
 I can see that this subnet is also being learned by others, see the snip 
below. On our network this caused a nasty routing loop until we figured out 
what was wrong. My current best understanding is that because the route was 
learned via eBGP it trumped the OSPF learned route. As soon as I filtered the 
advertisement from my transit provider everything returned to normal. What am I 
doing that isn’t best practices that would have prevented this?

Thanks,
graham


RIPE Info
1 RRCs see 1 peers announcing 208.115.136.0/23 originated by 
AS32703

· ▼RRC00 in Amsterdam, Netherlands sees 1 ASN orginating 
208.115.136.0/23.AS32703

o
▼AS32703
 is seen as the origin by 1 peer.192.102.254.1

§  
▼192.102.254.1
 is announcing route 
AS395152
 
AS63297
 
AS6327
 
AS36280AS32703.

§  Origin: IGP

§  Next Hop: 192.102.254.1

§  Peer: 192.102.254.1

§  Community: 63297:1000

§  AS Path: 395152 63297 6327 36280 32703

§  Last Updated: 2019-03-27T17:17:19


Route-views
route-views.chicago.routeviews.org>
 show ip bgp 208.115.136.0
BGP routing table entry for 208.115.136.0/23
Paths: (1 available, best #1, table Default-IP-Routing-Table)
  Not advertised to any peer
  32709 32703
208.115.136.134 from 208.115.136.134 (63.134.128.248)
  Origin IGP, localpref 100, valid, external, best
  AddPath ID: RX 0, TX 64414249
  Last update: Wed Mar 27 17:16:09 2019

Re: residential/smb internet access in 2019 - help?

[Forrest Christian (List Account)]

On Wed, Mar 27, 2019 at 2:05 PM Bryan Fields  wrote:
> Looking at the typical equipment used (64 QAM, 20 MHz channel), you're going
> to have a raw bitrate of around 80 mbit/s.  Couple this with overhead and some
> inevitable interference and an access point will have about 50 mbit's of large
> frame capacity.  This is not much, and every client added will slightly reduce
> this due to multicast and supervisory signaling losses.  Each system is going
> to be Time Division Duplex (using the same channel for transmit and receive),
> so you will split this say 75/25 down/up stream.  This means you have at best
> 37.5 Mbit/s available for all clients to share, which isn't much for a 90 or
> 120 degree sector out to 10 miles (or more) depending on density.

Ahh, and there's your misunderstanding.

Most good WISPS deploy equipment which is capable of much more, with
much smaller cell sizes anymore. 256QAM is the rule, 3 Miles is a
large cell size, and with MU-MIMO enabled AP's you can get aggregate
of around 500MB/s on a single 20Mhz wide channel.  If you can find
40Mhz, it's over 1GB/s.   Of course, this depends on the exact
equipment deployed.Even with lower-end equipment most operators
end up with 200Mb/s in 40Mhz - and will often limit the number of
customers on that 200Mb/s AP to a dozen or so.

You need to be aware that the industry has grown up a LOT in the last
4-5 years, but like in any industry there are bad and good operators.
 Some do fit into the category you're describing, but from what I can
see a large portion of them do know how to deliver a lot of bandwidth.

In addition, many WISP's are now also trenching fiber to the home
where it makes sense, and deploying fixed wireless where it doesn't.
Often the fiber trenching is being driven by those sites where the
aggregate customer bandwidth needs do outstrip the capability of the
wireless network.

--
- Forrest

Re: residential/smb internet access in 2019 - help?

[Valdis Klētnieks]

On Wed, 27 Mar 2019 17:18:02 -0400, Bradley Burch said:
> Wisp here.
>
> Our subscribers can get 100mbps bi directional. 
>
> But we also know what we are doing.

And being honest here - what percent of WISP operators out there are in your
category, as opposed to the under-capitalized and RF experienced challenged
group that Bryan was commenting in regards to?

I'll bet a large pizza with everything but anchovies that it's in the same 
ballpark
percentage as small copper/fiber base ISPs that have people who read NANOG.

In other words, really low.

RE: Advertisement of Equinix Chicago IX Subnet

[Graham Johnston]

Thank you Nick.

Graham Johnston
Manager, Network Services
Westman Communications Group
1906 Park Avenue | Brandon, MB | R7B 0R9
204-717-2829 |    
johnst...@westmancom.com



        

-Original Message-
From: Nick Hilliard  
Sent: March 27, 2019 4:50 PM
To: Graham Johnston 
Cc: nanog@nanog.org
Subject: Re: Advertisement of Equinix Chicago IX Subnet

CAUTION: This email is from an external source. Do not click links or open 
attachments unless you recognize the sender and know the content is safe.

Graham Johnston wrote on 27/03/2019 21:36:
> What am I doing that isn't best practices that would have prevented this?

you're setting the next-hop of the prefixes learned at the IXP to be
your own IP address from the IXP subnet (i.e. 208.115.136.0/23).

When your routers learn this address from an external source, that is
preferred to your internal OSPF route.  Ergo your IX traffic is sent out
via transit.

There are two things you should do:

1. change the bgp distance for ebgp to be higher than all your IGPs.  On
a cisco router, you would use something like:

router bgp xxx
  address-family ipv4
   distance bgp 200 200 200
  address-family ipv6
   distance bgp 200 200 200

2. use next-hop-self on internal ibgp sessions to ensure that when you
redistribute the eBGP routes learned from your IX towards the internals
of your network, the next-hop address is set to be the loopback address
of your peering router.  I.e. you remove the requirement for your
internal network to know anything about the IXP address range.

Nick

Re: Advertisement of Equinix Chicago IX Subnet

[Nick Hilliard]

Graham Johnston wrote on 27/03/2019 21:36:

What am I doing that isn’t best practices that would have prevented this?


you're setting the next-hop of the prefixes learned at the IXP to be  
your own IP address from the IXP subnet (i.e. 208.115.136.0/23).


When your routers learn this address from an external source, that is  
preferred to your internal OSPF route.  Ergo your IX traffic is sent out  
via transit.


There are two things you should do:

1. change the bgp distance for ebgp to be higher than all your IGPs.  On  
a cisco router, you would use something like:


router bgp xxx
 address-family ipv4
  distance bgp 200 200 200
 address-family ipv6
  distance bgp 200 200 200

2. use next-hop-self on internal ibgp sessions to ensure that when you  
redistribute the eBGP routes learned from your IX towards the internals  
of your network, the next-hop address is set to be the loopback address  
of your peering router.  I.e. you remove the requirement for your  
internal network to know anything about the IXP address range.


Nick

Re: Banned by Akamai (or some websites hosted with Akamai)

[Constantine A. Murenin]

I think it's a general problem with a lot of these application firewall
companies these days.

There's been a long time I couldn't access both staples.com and
officedepot.com, and officedepot.com is still broken for me to this day.
(Ironically, they're both using the same CDN — so much for the competition
and differentiation.)

I'm obviously a valid user, just as many others who get access denied, but
I'm pretty sure that all of these access attempts by customers who are
misclassified as bots and denied access are subsequently aggregated by
these CDNs back to their clients as bad bots, which — luckily! — have been
blocked to prevent $badThings from happening,
$giveUsMoreMoneyToProtectYouFromYourOwnCustomers.

Talking with these vendors at their booths at trade shows reveals that the
incentives and selling points in the application firewall business are just
wrong — they each boast about blocking more "bots" than their competition,
completely dismissing the fact that many of these "bots" are actual paying
customers that get denied access.

Cheers,
Constantine.



P.S. Below is the page I currently get when visiting officedepot.com — so
much for taking care of business!


OfficeDepot.com - Taking Care Of Business. Office Supplies, Furniture,
Technology & More!
We're Sorry. We are unable to process your last request.

Rest assured we are working diligently to resolve this issue. If you
would like to place an order by phone or speak with one of our Customer
Service representatives please contact us:

Call 1-800-GO-DEPOT
Reference Number: 18.34b51002.1553708764.397327

Copyright © 2012 by Office Depot, Inc. All rights reserved.



On Wed, 27 Mar 2019 at 10:57, Owen DeLong  wrote:

> Akamai will _NOT_ be helpful in this situation.
>
> They will tell you that it is their customers who set the policy for their
> “Web Application Firewall”.
>
> In reality, Akamai’s customers set certain things on “autopilot” where
> Akamai maintains a reputation database for various IP addresses and
> triggers actions
> set by their customers without their customers direct knowledge or
> intervention.
>
> Akamai’s process for dealing with this (or rather their refusal to create
> a process for dealing with it) is a horrible disservice to the internet and
> to their customers.
>
> I tried to push for changes to this process while I was there and had no
> significant success.
>
> I’ve also been the victim of these practices after I was laid off by
> Akamai (along with about 7% of their employees last year).
>
> Because of a variety of issues I’m not at liberty to elaborate, it isn’t
> an easy problem for Akamai to solve, but as a company that prides itself on
> tackling and solving difficult problems, they’ve certainly fallen short
> here.
>
> Owen
>
>
> > On Mar 27, 2019, at 08:46 , Siyuan Miao  wrote:
> >
> > Hi,
> >
> > I got some complaints from customers and found out that all IP addresses
> announced in one of our ASN are banned by Akamai or some websites hosted
> with Akamai.
> >
> > I've tried to contact one of the website owners but didn't get any
> response.
> >
> > Could someone from Akamai contact me off-list?
> >
> > Regards,
> > Siyuan Miao
>
>

Advertisement of Equinix Chicago IX Subnet

[Graham Johnston]

This afternoon at around 12:17 central time today we began learning the subnet 
for the Equinix IX in Chicago via a transit provider; we are on the IX as well. 
The subnet in question is 208.115.136.0/23. Using stat.ripe.net I can see that 
this subnet is also being learned by others, see the snip below. On our network 
this caused a nasty routing loop until we figured out what was wrong. My 
current best understanding is that because the route was learned via eBGP it 
trumped the OSPF learned route. As soon as I filtered the advertisement from my 
transit provider everything returned to normal. What am I doing that isn’t best 
practices that would have prevented this?

Thanks,
graham


RIPE Info
1 RRCs see 1 peers announcing 208.115.136.0/23 originated by 
AS32703

* ▼RRC00 in Amsterdam, Netherlands sees 1 ASN orginating 
208.115.136.0/23.AS32703

o▼AS32703 is seen as the origin by 1 
peer.192.102.254.1

§  ▼192.102.254.1 is announcing route 
AS395152 AS63297 
AS6327 
AS36280AS32703.

§  Origin: IGP

§  Next Hop: 192.102.254.1

§  Peer: 192.102.254.1

§  Community: 63297:1000

§  AS Path: 395152 63297 6327 36280 32703

§  Last Updated: 2019-03-27T17:17:19


Route-views
route-views.chicago.routeviews.org> show ip bgp 208.115.136.0
BGP routing table entry for 208.115.136.0/23
Paths: (1 available, best #1, table Default-IP-Routing-Table)
  Not advertised to any peer
  32709 32703
208.115.136.134 from 208.115.136.134 (63.134.128.248)
  Origin IGP, localpref 100, valid, external, best
  AddPath ID: RX 0, TX 64414249
  Last update: Wed Mar 27 17:16:09 2019

Re: residential/smb internet access in 2019 - help?

[Bradley Burch]

Wisp here.

Our subscribers can get 100mbps bi directional. 

But we also know what we are doing. 

Technology is getting better, so speeds are getting better.   

> On Mar 27, 2019, at 4:04 PM, Bryan Fields  wrote:
> 
>> On 3/27/19 3:30 PM, TJ Trout wrote:
>> You are way out of line, and grouping a whole industry into your experience
>> with (probably) one hack
> 
> I don't think I'm out of line, I'm relating what I've seen time and time
> again.  Most WISP's are poorly capitalized and have to run extremely lean.
> Most WISP's cannot afford to employ experienced engineering staff.  This
> causes problems in any company, let alone one where a lightning strike can
> take out an entire tower of equipment. Couple this with a lack of RF savvy
> engineering and failures are inevitable.
> 
> Looking at the website of http://pcguys.us/services.html, one can see the
> highest service offered is "5.0Mbps" and pricing is 89.99/month for this
> service.  I've got 45 Mbit/s on my Tmobile LTE card, and fully unlimited is in
> the same ballpark.
> 
> Looking at the typical equipment used (64 QAM, 20 MHz channel), you're going
> to have a raw bitrate of around 80 mbit/s.  Couple this with overhead and some
> inevitable interference and an access point will have about 50 mbit's of large
> frame capacity.  This is not much, and every client added will slightly reduce
> this due to multicast and supervisory signaling losses.  Each system is going
> to be Time Division Duplex (using the same channel for transmit and receive),
> so you will split this say 75/25 down/up stream.  This means you have at best
> 37.5 Mbit/s available for all clients to share, which isn't much for a 90 or
> 120 degree sector out to 10 miles (or more) depending on density.
> 
> 802.16 WIMAX had several things to address these issues, but it's dead and
> slow.  In the US (as this is NANOG), few operators had the 3.65 GHz licenses
> for true wimax, and CBRS is eclipsing these licensed operators shortly.
> 
> Wireless has it's place, but Point-to-Multi-Point broadband on 5 GHz is not 
> it.
> 
> -- 
> Bryan Fields
> 
> 727-409-1194 - Voice
> http://bryanfields.net

Re: residential/smb internet access in 2019 - help?

[Joly MacFie]

>  and CBRS is eclipsing these licensed operators shortly.

Yeah what about that?

https://www.fiercewireless.com/wireless/google-courts-wisps-tailored-cbrs-solutions

-- 
---
Joly MacFie  218 565 9365 Skype:punkcast
--
-

Re: residential/smb internet access in 2019 - help?

[Bryan Fields]

On 3/27/19 3:30 PM, TJ Trout wrote:
> You are way out of line, and grouping a whole industry into your experience
> with (probably) one hack

I don't think I'm out of line, I'm relating what I've seen time and time
again.  Most WISP's are poorly capitalized and have to run extremely lean.
Most WISP's cannot afford to employ experienced engineering staff.  This
causes problems in any company, let alone one where a lightning strike can
take out an entire tower of equipment. Couple this with a lack of RF savvy
engineering and failures are inevitable.

Looking at the website of http://pcguys.us/services.html, one can see the
highest service offered is "5.0Mbps" and pricing is 89.99/month for this
service.  I've got 45 Mbit/s on my Tmobile LTE card, and fully unlimited is in
the same ballpark.

Looking at the typical equipment used (64 QAM, 20 MHz channel), you're going
to have a raw bitrate of around 80 mbit/s.  Couple this with overhead and some
inevitable interference and an access point will have about 50 mbit's of large
frame capacity.  This is not much, and every client added will slightly reduce
this due to multicast and supervisory signaling losses.  Each system is going
to be Time Division Duplex (using the same channel for transmit and receive),
so you will split this say 75/25 down/up stream.  This means you have at best
37.5 Mbit/s available for all clients to share, which isn't much for a 90 or
120 degree sector out to 10 miles (or more) depending on density.

802.16 WIMAX had several things to address these issues, but it's dead and
slow.  In the US (as this is NANOG), few operators had the 3.65 GHz licenses
for true wimax, and CBRS is eclipsing these licensed operators shortly.

Wireless has it's place, but Point-to-Multi-Point broadband on 5 GHz is not it.

-- 
Bryan Fields

727-409-1194 - Voice
http://bryanfields.net

TestIT app to measure rural broadband access

[Courtney Smith]

Saw this today in a press release from my county.  


https://www.naco.org/resources/press/naco-rural-lisc-and-rcap-launch-mobile-app-and-announce-bridging-economic-divide

Washington, DC (February 26, 2019) – The National Association of Counties 
(NACo), the Rural Community Assistance Partnership (RCAP) and Rural LISC (Local 
Initiatives Support Corporation) have partnered to address the critical need 
for affordable high-speed internet for rural communities across the country. 
Together, the three organizations developed a mobile app that gives mobile 
phone users the power to accurately identify areas with low or no internet 
connectivity and share that information to push for change. Armed with that 
data, the organizations will advocate for adequate funding for broadband 
infrastructure across the country.

Re: residential/smb internet access in 2019 - help?

[TJ Trout]

You are way out of line, and grouping a whole industry into your experience
with (probably) one hack

On Wed, Mar 27, 2019 at 12:28 PM Bryan Fields  wrote:

> On 3/27/19 7:50 AM, Mike Hammett wrote:
> > https://broadbandnow.com/Florida/Micanopy?zip=32667#
> >
> > You might want to try neighboring ZIP codes to see what other fixed
> > wireless providers might be convinced to expand.
> >
> > http://svic.net/wireless-broadband-north-florida/
>
> You really want to weigh what wireless can offer as many of the local
> players
> doing wireless lack the depth of network knowledge and are completely
> ignorant
> of what it takes to run an RF network.  I'd independently verify your
> circuits
> up-time if you decide to go with a wireless ISP.
>
> The other sad part is the PtMP wireless technology is likely slower than an
> LTE modem with external antenna.
>
> The WISP's had a great time circa 2005 or so, but now that the licensed
> players have surpassed what they can offer it's hard to justify the lower
> availability of the typical WISP vs. cost.
>
> --
> Bryan Fields
>
> 727-409-1194 - Voice
> http://bryanfields.net
>

Re: residential/smb internet access in 2019 - help?

[Bryan Fields]

On 3/27/19 7:50 AM, Mike Hammett wrote:
> https://broadbandnow.com/Florida/Micanopy?zip=32667#
> 
> You might want to try neighboring ZIP codes to see what other fixed
> wireless providers might be convinced to expand.
> 
> http://svic.net/wireless-broadband-north-florida/

You really want to weigh what wireless can offer as many of the local players
doing wireless lack the depth of network knowledge and are completely ignorant
of what it takes to run an RF network.  I'd independently verify your circuits
up-time if you decide to go with a wireless ISP.

The other sad part is the PtMP wireless technology is likely slower than an
LTE modem with external antenna.

The WISP's had a great time circa 2005 or so, but now that the licensed
players have surpassed what they can offer it's hard to justify the lower
availability of the typical WISP vs. cost.

-- 
Bryan Fields

727-409-1194 - Voice
http://bryanfields.net

RE: Banned by Akamai (or some websites hosted with Akamai)

[Keith Medcalf]

>https://www.akamai.com/us/en/clientrep-lookup/?language=en_US

Well, isn't that just jammed up with malicious third-party javascript ...

---
The fact that there's a Highway to Hell but only a Stairway to Heaven says a 
lot about anticipated traffic volume.

Re: Banned by Akamai (or some websites hosted with Akamai)

[Jared Mauch]

On Wed, Mar 27, 2019 at 11:46:21PM +0800, Siyuan Miao wrote:
> Hi,
> 
> I got some complaints from customers and found out that all IP addresses
> announced in one of our ASN are banned by Akamai or some websites hosted
> with Akamai.
> 
> I've tried to contact one of the website owners but didn't get any response.

FYI: you can look things up here if you think something is blocking
you:

https://www.akamai.com/us/en/clientrep-lookup/?language=en_US

- Jared


-- 
Jared Mauch  | pgp key available via finger from ja...@puck.nether.net
clue++;  | http://puck.nether.net/~jared/  My statements are only mine.

Re: Banned by Akamai (or some websites hosted with Akamai)

[Jared Mauch]

All companies have unique challenges in trying to mitigate abuse and serve 
customers well.  

Miao I’ll collect details from you in private to see if there is something that 
can be done. 

Sent from my iCar

> On Mar 27, 2019, at 4:56 PM, Owen DeLong  wrote:
> 
> Akamai will _NOT_ be helpful in this situation.
> 
> They will tell you that it is their customers who set the policy for their 
> “Web Application Firewall”.
> 
> In reality, Akamai’s customers set certain things on “autopilot” where Akamai 
> maintains a reputation database for various IP addresses and triggers actions
> set by their customers without their customers direct knowledge or 
> intervention.
> 
> Akamai’s process for dealing with this (or rather their refusal to create a 
> process for dealing with it) is a horrible disservice to the internet and to 
> their customers.
> 
> I tried to push for changes to this process while I was there and had no 
> significant success.
> 
> I’ve also been the victim of these practices after I was laid off by Akamai 
> (along with about 7% of their employees last year).
> 
> Because of a variety of issues I’m not at liberty to elaborate, it isn’t an 
> easy problem for Akamai to solve, but as a company that prides itself on 
> tackling and solving difficult problems, they’ve certainly fallen short here.
> 
> Owen
> 
> 
>> On Mar 27, 2019, at 08:46 , Siyuan Miao  wrote:
>> 
>> Hi,
>> 
>> I got some complaints from customers and found out that all IP addresses 
>> announced in one of our ASN are banned by Akamai or some websites hosted 
>> with Akamai.
>> 
>> I've tried to contact one of the website owners but didn't get any response.
>> 
>> Could someone from Akamai contact me off-list?
>> 
>> Regards,
>> Siyuan Miao

Re: Banned by Akamai (or some websites hosted with Akamai)

[Owen DeLong]

Akamai will _NOT_ be helpful in this situation.

They will tell you that it is their customers who set the policy for their “Web 
Application Firewall”.

In reality, Akamai’s customers set certain things on “autopilot” where Akamai 
maintains a reputation database for various IP addresses and triggers actions
set by their customers without their customers direct knowledge or intervention.

Akamai’s process for dealing with this (or rather their refusal to create a 
process for dealing with it) is a horrible disservice to the internet and to 
their customers.

I tried to push for changes to this process while I was there and had no 
significant success.

I’ve also been the victim of these practices after I was laid off by Akamai 
(along with about 7% of their employees last year).

Because of a variety of issues I’m not at liberty to elaborate, it isn’t an 
easy problem for Akamai to solve, but as a company that prides itself on 
tackling and solving difficult problems, they’ve certainly fallen short here.

Owen


> On Mar 27, 2019, at 08:46 , Siyuan Miao  wrote:
> 
> Hi,
> 
> I got some complaints from customers and found out that all IP addresses 
> announced in one of our ASN are banned by Akamai or some websites hosted with 
> Akamai.
> 
> I've tried to contact one of the website owners but didn't get any response.
> 
> Could someone from Akamai contact me off-list?
> 
> Regards,
> Siyuan Miao

Banned by Akamai (or some websites hosted with Akamai)

[Siyuan Miao]

Hi,

I got some complaints from customers and found out that all IP addresses
announced in one of our ASN are banned by Akamai or some websites hosted
with Akamai.

I've tried to contact one of the website owners but didn't get any response.

Could someone from Akamai contact me off-list?

Regards,
Siyuan Miao

Re: Contacts wanted: OVH, DigitalOcean, and Microsoft (Deutschland)

[Rich Kulawiec]

On Mon, Mar 18, 2019 at 05:02:38PM -0700, Ronald F. Guilmette wrote:
> I generated the following survey, on the fly, last night,
> based on a simple reverse DNS scan of the evidently relevant addrdess
> ranges:
> 
> https://pastebin.com/raw/WtM0Y5yC
> 
> As anyone who isn't as blind as a bat can easily see, there's a bit of a
> pattern here.  

I finally found time to check this out.  And I have to ask: how in the
heck did anybody accept this operation as a customer?  Because it's
obvious on inspection -- of the information in that paste -- that they're
abusers.  Let me 'splain.

First, domains in certain TLDs should be considered as -- at best --
dubious until proven otherwise, because those TLDs are well-known as
abuse magnets.  Every domain in this sample falls in that category.
Anyone making mass use of domains in those TLDs is up to something
abusive.

Second, anyone making mass requests for PTR records for random subdomains 
is up to something abusive.

Third, anyone mass-registering domains whose names are permutations of
each other is up to something abusive.  (I'm not talking about someone
registering a couple of domains that are plausible typos of a primary one
or engaging in defensive registrations across a few TLDs.  Look at the
list, this is obviously quite different from those cases.)

Fourth, anyone mass-registering domains whose names are intended
to be typo'd and/or misread is up to something abusive.

Anybody doing all of the above is not only up to something abusive,
but they're standing on a rooftop screaming it through a bullhorn.

The word "mass" is key throughout not only because it is a highly reliable
indicator of ensuing abuse but because its nature makes detecting this
up front quite easy.  Once I got to it, it took me less than a minute
of scanning that list to determine that there is absolutely no way I
would accept this operation as a customer.  I recognize that not everyone
everyone has my experience in this area, but surely every operation should
have someone equipped with modest experience and and a skeptical eye who
screens new customers, and, at *minimum*, puts them on hold while some
due diligence takes place.  It's much easier (and cheaper) to refuse
service to operations like this than to deal with the fallout that
will inevitably ensue.  It's also much better for the rest of us.

So: how did these people ever get in the door?

---rsk

Re: residential.smb internet access in 2019 - help?

[Kovich Greg]

Good luck David.
Even up here in the Chicagoland Comcast footprint, I had a horror story when I 
moved into my home in 2002 wrt ATT.

Anyway, I’m not sure how far you are from Ocala, but they do offer residential 
internet via their municipal fiber.
https://www.ocalafl.org/government/city-departments/telecommunications/residential

$60/month for 300 Mbps…

---

Greg Kovich
Director, Global Education Sales

Alcatel-Lucent Enterprise
ALE USA
3015 Abby Lane | Suite 301-B
Schererville, IN 46375
t:  +1-818-878-4667 m:  
+1-219-276-2320
e:  greg.kov...@al-enterprise.comw:  
www.al-enterprise.com
@ALUEnterprise
[LinkedIn]
[Twitter]    [YouTube] 
  [Facebook] 
 [Rainbow] 



[https://www.al-enterprise.com/en/-/media/assets/internet/images/logo.png]


The Alcatel-Lucent name and logo are trademarks of Nokia used under license by 
ALE.
This communication is intended to be received only by the individual or entity 
to whom or to which it is addressed and may contain information that is 
privileged/confidential or subject to copyright. Any unauthorized use, copying, 
review or disclosure of this communication is strictly prohibited. If you have 
received this communication in error, please delete this message from your 
e-mail box and information system (including all files and documents attached) 
and notify the sender by reply email.








On Mar 27, 2019, at 7:00 AM, 
nanog-requ...@nanog.org wrote:

Message: 7
Date: Wed, 27 Mar 2019 01:30:34 -0400
From: Ross Tajvar mailto:r...@tajvar.io>>
To: Mike Bolitho mailto:mikeboli...@gmail.com>>
Cc: david raistrick mailto:dr...@icantclick.org>>,  
"North American Network
   Operators' Group" mailto:nanog@nanog.org>>
Subject: Re: residential/smb internet access in 2019 - help?
Message-ID:
   
mailto:ca+fdddr-8teofrgcuwgzn4wwdjv8zgjsukufamj8qo2m7c+...@mail.gmail.com>>
Content-Type: text/plain; charset="utf-8"

On Wed, Mar 27, 2019, 12:30 AM Mike Bolitho 
mailto:mikeboli...@gmail.com>> wrote:

Agreedthis is why monopolies are bad and municipal fiber is good.


It's not like municipal fiber has some magic spell to make last mile
affordable though. On OP's instance he would run into the same issue and
would be paying that five figure amount to bring FTTP. Municipal fiber is
only good if you happen to live where a municipality has already buried
conduit.

I'm not saying we should support monopolistic practices, but "municipal
fiber everywhere!" isn't necessarily the answer either.


That's fair. What I really meant, and didn't take the time to think through
and express properly, was this: financing a large fiber buildout like it's
a long-term investment, rather than something that should make back its
capital cost in 1-3 years, gets fiber to more people. Most commercial ISPs
do not want to do this because they want immediate profit. Municipalities
are used to making long-term infrastructure investments (like bridges,
etc.) and are more amenable to doing it with fiber.

Even if there were a municipality which had done a fiber buildout near OP's
desired house, he may have still run into the same issue of no fiber being
close enough to be financially viable. But the more fiber plant there is,
the less likely that scenario becomes.

Re: criterio

[Matthias Waehlisch]

ASN 19750
ASN 44788
ASN 55569

On Wed, 27 Mar 2019, Christopher Morrow wrote:

> criterio ASN == ? (I'm sure folk may be able to find more useful into with 
> ASN)
> 
> On Wed, Mar 27, 2019 at 6:33 AM Randy Bush  wrote:
> >
> > a bit of research has led us to wonder about some (non-hostile or
> > worrisome) net activity of criterio autonomous systems.  do any friends
> > of the family know these folk and could introduce me so i can try to
> > learn a bit of ground truth?
> >
> > thanks.
> >
> > randy
> 


-- 
Matthias Waehlisch
.  Freie Universitaet Berlin, Computer Science
.. http://www.cs.fu-berlin.de/~waehl

Re: criterio

[Christopher Morrow]

criterio ASN == ? (I'm sure folk may be able to find more useful into with ASN)

On Wed, Mar 27, 2019 at 6:33 AM Randy Bush  wrote:
>
> a bit of research has led us to wonder about some (non-hostile or
> worrisome) net activity of criterio autonomous systems.  do any friends
> of the family know these folk and could introduce me so i can try to
> learn a bit of ground truth?
>
> thanks.
>
> randy

Re: residential/smb internet access in 2019 - help?

[Mike Hammett]

If you're looking to start an ISP, talk to Windstream and Uniti for transport. 
I can put you in touch with people, should you be interested in going down that 
route. 




- 
Mike Hammett 
Intelligent Computing Solutions 

Midwest Internet Exchange 

The Brothers WISP 

- Original Message -

From: "david raistrick"  
To: "NANOG List"  
Sent: Tuesday, March 26, 2019 9:41:30 PM 
Subject: residential/smb internet access in 2019 - help? 


folks, 


I've been away from nanog for a long time - and away from the ISP world for 
longer. 


Looking at a house in a new area, at copper splice box out front, bellsouth 
fiber markers as well (yes, that's usually just passing by. but it's there). 
Owners since '82 said the telephone company was AT - but the New AT 
apparently no longer offers phone or internet service there. 


This is located in a semi-rural area between Ocala and Gainesville Florida 
(Micanopy, specifically). 


I knew the state of residential service was in sorry shape - but from what I'm 
reading, it seems to be worse than I'd though possible. 


Anyone have any suggestions for service options? I'm cool with dark fiber, if 
it comes down to that (and can be price sanely and terminated somewhere 
useful), but it seems like there -should- still be CLEC/DLECs or just plain 
resellers in business who still have access to resources that are in the 
ground. 


My business operates from home - so obviously quality service is a priority, 
and I'm willing to pay for it within reason. Business plans are certainly an 
option as well. 


I've confirmed with all of the known players via their front channels - att, 
windstream, centurylink, frontier, cox/comcast/spectre. 


Via backchannels I've confirmed that cox has fiber in the ground 1.4 miles away 
- straight shot down a dirt road (same one with the BS fiber markers). I have a 
lead on a couple of tower shots - but there's a big (for florida) ridge between 
us, and I might have to build 3-400ft to hit anything (speculatively). 


Anyone have local area or other knowledge that might be helpful? 


I'd hate to miss out on this house - it's a lot of things we love - but cell or 
sat only for internet access just isn't going to fly. 




thanks guys. 


...david 

criterio

[Randy Bush]

a bit of research has led us to wonder about some (non-hostile or
worrisome) net activity of criterio autonomous systems.  do any friends
of the family know these folk and could introduce me so i can try to
learn a bit of ground truth?

thanks.

randy

Re: residential/smb internet access in 2019 - help?

[Mike Bolitho]

>
> Agreedthis is why monopolies are bad and municipal fiber is good.
>

It's not like municipal fiber has some magic spell to make last mile
affordable though. On OP's instance he would run into the same issue and
would be paying that five figure amount to bring FTTP. Municipal fiber is
only good if you happen to live where a municipality has already buried
conduit.

I'm not saying we should support monopolistic practices, but "municipal
fiber everywhere!" isn't necessarily the answer either.

>

A variety of opportunities to sponsor NANOG 76 and beyond!

[NANOG Support]

Our 76th community-wide gathering is June 9-12 in Washington, DC. As one of
the largest communities of network engineers, architects, and operators in
North America, a NANOG sponsorship provides the greatest level of exposure
to our industry’s innovators — all in one place.

>From espresso/breakfast/lunch/breaks and evening socials, to a presence at
our coveted Beer ‘N Gear event, sponsorships start at just $3,000, and
provide a variety of opportunities for you to connect and engage with our
community.

View premium partnerships


View individual meeting sponsorships


Have questions? Contact Shawn Winstead, Business Development Specialist:

swinst...@nanog.org

+1.866.902.1336 ext. 108

[NANOG-announce] A variety of opportunities to sponsor NANOG 76 and beyond!

[NANOG Support]

Our 76th community-wide gathering is June 9-12 in Washington, DC. As one of
the largest communities of network engineers, architects, and operators in
North America, a NANOG sponsorship provides the greatest level of exposure
to our industry’s innovators — all in one place.

>From espresso/breakfast/lunch/breaks and evening socials, to a presence at
our coveted Beer ‘N Gear event, sponsorships start at just $3,000, and
provide a variety of opportunities for you to connect and engage with our
community.

View premium partnerships


View individual meeting sponsorships


Have questions? Contact Shawn Winstead, Business Development Specialist:

swinst...@nanog.org

+1.866.902.1336 ext. 108
___
NANOG-announce mailing list
NANOG-announce@nanog.org
https://mailman.nanog.org/mailman/listinfo/nanog-announce

Re: residential/smb internet access in 2019 - help?

[Mike Hammett]

https://broadbandnow.com/Florida/Micanopy?zip=32667# 

You might want to try neighboring ZIP codes to see what other fixed wireless 
providers might be convinced to expand. 

http://svic.net/wireless-broadband-north-florida/ 







- 
Mike Hammett 
Intelligent Computing Solutions 

Midwest Internet Exchange 

The Brothers WISP 

- Original Message -

From: "david raistrick"  
To: "NANOG List"  
Sent: Tuesday, March 26, 2019 9:41:30 PM 
Subject: residential/smb internet access in 2019 - help? 


folks, 


I've been away from nanog for a long time - and away from the ISP world for 
longer. 


Looking at a house in a new area, at copper splice box out front, bellsouth 
fiber markers as well (yes, that's usually just passing by. but it's there). 
Owners since '82 said the telephone company was AT - but the New AT 
apparently no longer offers phone or internet service there. 


This is located in a semi-rural area between Ocala and Gainesville Florida 
(Micanopy, specifically). 


I knew the state of residential service was in sorry shape - but from what I'm 
reading, it seems to be worse than I'd though possible. 


Anyone have any suggestions for service options? I'm cool with dark fiber, if 
it comes down to that (and can be price sanely and terminated somewhere 
useful), but it seems like there -should- still be CLEC/DLECs or just plain 
resellers in business who still have access to resources that are in the 
ground. 


My business operates from home - so obviously quality service is a priority, 
and I'm willing to pay for it within reason. Business plans are certainly an 
option as well. 


I've confirmed with all of the known players via their front channels - att, 
windstream, centurylink, frontier, cox/comcast/spectre. 


Via backchannels I've confirmed that cox has fiber in the ground 1.4 miles away 
- straight shot down a dirt road (same one with the BS fiber markers). I have a 
lead on a couple of tower shots - but there's a big (for florida) ridge between 
us, and I might have to build 3-400ft to hit anything (speculatively). 


Anyone have local area or other knowledge that might be helpful? 


I'd hate to miss out on this house - it's a lot of things we love - but cell or 
sat only for internet access just isn't going to fly. 




thanks guys. 


...david 

Re: residential/smb internet access in 2019 - help?

[Bryan Fields]

On 3/26/19 10:41 PM, david raistrick wrote:

> Looking at a house in a new area, at copper splice box out front,
> bellsouth fiber markers as well (yes, that's usually just passing by. but
> it's there).  Owners since '82 said the telephone company was AT - but
> the New AT apparently no longer offers phone or internet service there.
> 
> This is located in a semi-rural area between Ocala and Gainesville Florida
> (Micanopy, specifically).
>
> I'd hate to miss out on this house - it's a lot of things we love - but
> cell or sat only for internet access just isn't going to fly.

Order the service and have it installed before you close.  Test it and ensure
it's good.  If the buyer won't allow it, walk.

You _cannot_ trust some carrier to tell you what you have available before
it's actually turned up.  Time and time again I see people close on a home
where Frontier or Cox or whoever says they have fiber there, and then after
the move in, 4-8 week later you find out they don't have anything.  Across the
road, yes, but all you can get is POTS and IDSL/ISDN.

Yep, is 2019 ISDN/IDSL is the only broadband service some people can get.
It's also going to be 100+ USD per month.

-- 
Bryan Fields

727-409-1194 - Voice
http://bryanfields.net