Re: 44/8

[Owen DeLong]

> On Jul 18, 2019, at 21:31 , Christopher Morrow  
> wrote:
> 
> On Fri, Jul 19, 2019 at 12:28 AM Bryan Fields  wrote:
>> 
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA256
>> 
>> 
>> On 7/18/19 11:56 PM, Christopher Morrow wrote:
>>> Sure,but... that space has been an internet telescope supporting
>>> numerous research folk for a decade + (probably closer to 2 decades).
>>> the amazon prefix is longer by a bit so won't really use the /8 even
>>> if ucsd keeps the /8 up.
>> 
>> And one of the principal people in the network telescope project was KC, who
>> also weaseled herself onto the ARDC board without even holding an amateur
>> radio license.  Conflict of interest here, holy carp.
> 
> having a large user of the space (and perhaps even a partner to the
> org)  be a part of the board doesn't seem like a conflict.

There is some question as to the legitimacy of a large allocation of this space 
to
CAIDA as CAIDA has virtually nothing to do with Amateur Radio.

Putting someone without an Amateur Radio License who represents such an
organization does, actually, look like a COI to me.

Don’t get me wrong… I like KC and I think CAIDA does some great stuff.

I just don’t think it serves an Amateur Radio purpose and thus doesn’t really
belong in 44.0.0.0/8.

>> Caida has been using an amateur radio resource as far back as 2001, when we
>> couldn't even be blessed to get 44net space for our own legitimate radio use.
>> I'm sure I have the message from Brian denying it in my archives.
> 
> I'm sure you can pursue legal avenues if you feel this went super sideways.
> you should do that

I suspect that’s not unlikely, but I’m still trying to learn more about what 
and how
it happened first.

Owen
KB6MER

Re: Multi-day GNSS Galileo outage -- Civilization survives

[Mikael Abrahamsson]

On Fri, 19 Jul 2019, Sean Donelan wrote:

So much for the disaster scenarioes about a global clamity, planes falling 
out the sky, the end of civil society because a global navigation satellite 
system fails.  The European Galileo GNSS was down for days, and life went on.


It wasn't even in full production, and I am not aware of much equipment 
that solely relies on Galileo.


A lot of devices today can use multiple GNSS and this is great, as this 
incident shows that one of them can go offline. Relying on only one of 
them is risky.


This outage and its lack of ramifications doesn't imply that if GPS went 
offline there woulnd't be consequences. Galileo is just a few years old, 
and wasn't even in production. If GPS would go offline, you'd see a lot 
different fallout. Lots of things rely on GPS solely.


--
Mikael Abrahamssonemail: swm...@swm.pp.se

Multi-day GNSS Galileo outage -- Civilization survives

[Sean Donelan]

So much for the disaster scenarioes about a global clamity, planes 
falling out the sky, the end of civil society because a global navigation 
satellite system fails.  The European Galileo GNSS was down for days, and 
life went on.


I guess disasters exercise planners now need a new technical failure for 
table top exercises.



• NAGU number 2019025 on 2019-07-11 14:45 on the potential service 
degradation;

• NAGU number 2019026 on 2019-07-13 20:15 on the service outage;
• NAGU number 2019027 on 2019-07-18 08:20 on the service recovery;

https://www.gsa.europa.eu/newsroom/news/galileo-initial-services-have-now-been-restored

Re: 44/8

[William Herrin]

On Thu, Jul 18, 2019 at 8:48 PM Majdi S. Abbas  wrote:

> In order to sell something, you must own it...if you pop up,
> claim responsibility for it, sit on it a while, and then sell it..
> did you truly own it?
>

Yes, actually. The legal term is "adverse possession" or more colloquially
"squatters rights."

Regards,
Bill Herrin

-- 
William Herrin
b...@herrin.us
https://bill.herrin.us/

Re: 44/8

[Christopher Morrow]

On Fri, Jul 19, 2019 at 12:28 AM Bryan Fields  wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
>
> On 7/18/19 11:56 PM, Christopher Morrow wrote:
> > Sure,but... that space has been an internet telescope supporting
> > numerous research folk for a decade + (probably closer to 2 decades).
> > the amazon prefix is longer by a bit so won't really use the /8 even
> > if ucsd keeps the /8 up.
>
> And one of the principal people in the network telescope project was KC, who
> also weaseled herself onto the ARDC board without even holding an amateur
> radio license.  Conflict of interest here, holy carp.

having a large user of the space (and perhaps even a partner to the
org)  be a part of the board doesn't seem like a conflict.

> Caida has been using an amateur radio resource as far back as 2001, when we
> couldn't even be blessed to get 44net space for our own legitimate radio use.
>  I'm sure I have the message from Brian denying it in my archives.

I'm sure you can pursue legal avenues if you feel this went super sideways.
you should do that.
-chris

> - --
> Bryan Fields
>
> 727-409-1194 - Voice
> http://bryanfields.net
> -BEGIN PGP SIGNATURE-
>
> iQIzBAEBCAAdFiEEaESdNosUjpjcN/JhYTmgYVLGkUAFAl0xRoQACgkQYTmgYVLG
> kUBDmA//XOUz4PtyFktPm0Yi2jyA56y1QGLdZrgc+dfk8mPImjE3ipaJ+GgUEwEY
> a10TccbNuC9hWZv1n1F/pD/Kcn+An9uhHOOrIIb9DfST0eUq/qhlK00tbq/1WJtI
> SKOvJNhdE7815ucl4096e5fEOv7HQg9SxRpstLN/zZffFBL0R3fPtKEWbrgxA6lN
> Ldj3DnCie7tMG0ZXSTUkHBoumE7NlAcEolQhdu1SrnCbePtbEk/oSy0krT6xIoz5
> BoXKarFAh/Ti1LMTUnDt2g1XEKrTtUI40egSzAlBXGvLzkDqW5539ZY+X5HElZzM
> Kqo84qmupX04xW1QFyA0EtKIwc1RD0PtnN6xhqOQ04llXYp6q82MKlNfgrvC+A2+
> W2fq6EOZXAmRobNnfWt6g2k6I9Tc7fRc2xdMZNd8SU8BML/F3wfPPAnifaYqem2Z
> eoFtVhNr+yaAKUo7OumkfXI40Ab1AfP+r/iGiRg/S3oejhcVMyrZpd6mKAZ6OdiD
> lbi+lV4K2T0yKntRifqE/R1ASi7RjF379g63IOq1e2CpLbkRljNKx9gi/iU95PP2
> C4qxcmX2SRPPDoGiz7Wom9UtWO9NxSFWISVqNL3jdOkCi3388TpRiI4mKLopLgzz
> wS9FozypHtRFOBZM0D7+1yckxhsf1Q4lZ0WNIVGNlCl6PaU7CnU=
> =1JCu
> -END PGP SIGNATURE-

Re: 44/8

[Bryan Fields]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256


On 7/18/19 11:56 PM, Christopher Morrow wrote:
> Sure,but... that space has been an internet telescope supporting
> numerous research folk for a decade + (probably closer to 2 decades).
> the amazon prefix is longer by a bit so won't really use the /8 even
> if ucsd keeps the /8 up.

And one of the principal people in the network telescope project was KC, who
also weaseled herself onto the ARDC board without even holding an amateur
radio license.  Conflict of interest here, holy carp.

Caida has been using an amateur radio resource as far back as 2001, when we
couldn't even be blessed to get 44net space for our own legitimate radio use.
 I'm sure I have the message from Brian denying it in my archives.
- -- 
Bryan Fields

727-409-1194 - Voice
http://bryanfields.net
-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEaESdNosUjpjcN/JhYTmgYVLGkUAFAl0xRoQACgkQYTmgYVLG
kUBDmA//XOUz4PtyFktPm0Yi2jyA56y1QGLdZrgc+dfk8mPImjE3ipaJ+GgUEwEY
a10TccbNuC9hWZv1n1F/pD/Kcn+An9uhHOOrIIb9DfST0eUq/qhlK00tbq/1WJtI
SKOvJNhdE7815ucl4096e5fEOv7HQg9SxRpstLN/zZffFBL0R3fPtKEWbrgxA6lN
Ldj3DnCie7tMG0ZXSTUkHBoumE7NlAcEolQhdu1SrnCbePtbEk/oSy0krT6xIoz5
BoXKarFAh/Ti1LMTUnDt2g1XEKrTtUI40egSzAlBXGvLzkDqW5539ZY+X5HElZzM
Kqo84qmupX04xW1QFyA0EtKIwc1RD0PtnN6xhqOQ04llXYp6q82MKlNfgrvC+A2+
W2fq6EOZXAmRobNnfWt6g2k6I9Tc7fRc2xdMZNd8SU8BML/F3wfPPAnifaYqem2Z
eoFtVhNr+yaAKUo7OumkfXI40Ab1AfP+r/iGiRg/S3oejhcVMyrZpd6mKAZ6OdiD
lbi+lV4K2T0yKntRifqE/R1ASi7RjF379g63IOq1e2CpLbkRljNKx9gi/iU95PP2
C4qxcmX2SRPPDoGiz7Wom9UtWO9NxSFWISVqNL3jdOkCi3388TpRiI4mKLopLgzz
wS9FozypHtRFOBZM0D7+1yckxhsf1Q4lZ0WNIVGNlCl6PaU7CnU=
=1JCu
-END PGP SIGNATURE-

Re: 44/8

[Christopher Morrow]

On Thu, Jul 18, 2019 at 11:50 PM Majdi S. Abbas  wrote:
>
> On Thu, Jul 18, 2019 at 11:47:21PM -0400, Christopher Morrow wrote:
> > Also, who's this 'we'.. I don't live in california... I presume UC is
> > getting funding from california, not virginia. (mostly)
> > It seems though that 44/8 was being used in some research project at
> > UC so... maybe this is just that still at play.
> > less nefarious and more 'meh, why change if we don't have to?'
>
> [Off-NANOG]
>
> Chris,
>
> Remember that state college systems receive federal education
> funding; some of your dollars are in this pot, too.

Sure,but... that space has been an internet telescope supporting
numerous research folk for a decade + (probably closer to 2 decades).
the amazon prefix is longer by a bit so won't really use the /8 even
if ucsd keeps the /8 up.

a bunch of this just sounds like grousing, which I guess is great...
but none of this is particularly un-predictable.
I find a bunch of the other sales far more sketchy :( I also find this
prefix hilarious:

  149.1.0.0/16  (not a sale, but surely available if you track down
the owner .. who owns a winery)

anyway, it'll be fun watching what happens with 44/8 I suppose.

Re: 44/8

[Majdi S. Abbas]

On Thu, Jul 18, 2019 at 11:47:21PM -0400, Christopher Morrow wrote:
> Also, who's this 'we'.. I don't live in california... I presume UC is
> getting funding from california, not virginia. (mostly)
> It seems though that 44/8 was being used in some research project at
> UC so... maybe this is just that still at play.
> less nefarious and more 'meh, why change if we don't have to?'

[Off-NANOG]

Chris,

Remember that state college systems receive federal education
funding; some of your dollars are in this pot, too.

--msa

Re: 44/8

[Matt Corallo]

I presume they'd be more than happy to if some HAM's were to file a lawsuit 
against ARIN (not entirely an un-serious suggestion), but, short that, what do 
they care if they cooperated in stealing some otherwise-unused IPs and giving 
them to Amazon?

Matt

> On Jul 18, 2019, at 23:44, William Waites  wrote:
> 
>> On 07/18, Christopher Morrow wrote:
>> 
>> My guess is that arin needed more than just: "can control routing for
>> a few bits of time".
>> I don't really know, but I hope they had more requirements than that :)
> 
> It certainly doesn't look like it...
> 
> My understanding is that 44/8 was, very much like different pieces of the 
> radio
> spectrum, collective common property of amateur radio operators. That an
> organisation was needed to operate a registry because of the nature of IP
> address allocation does not amount to ownership or the right to sell anything.
> This is exactly analogous to the fact that the ARRL (or RAC, or RSGB etc) does
> not own and cannot sell radio spectrum allocated for amateur use.
> 
> This is not a legitimate sale. ARIN should reverse the changes in its record,
> and the ARDC should give the "several million dollars" back to Amazon. 
> 
> Then we can decide, openly and transparently, if, for example, some piece of
> 44/8 should be returned to IANA for allocation to the RIRs.
> 
> Greetings,
> William Waites VE3HW

Re: 44/8

[Christopher Morrow]

On Thu, Jul 18, 2019 at 11:40 PM Majdi S. Abbas  wrote:
>
> On Thu, Jul 18, 2019 at 11:21:58PM -0400, Christopher Morrow wrote:
> > who knows? probably? not really my personal concern I guess.
>
> If they're using taxpayer supported networks to provide transit
> to a private, for profit entity, we should all care.

presumably 44/8 is shorter than the prefix AMZN is going to announce,
right? (the /10) so... either UC wll eat backscatter when/if AMZN
dorks u ptheir announcement/routing-config OR this isn't an issue.

Right?

Also, who's this 'we'.. I don't live in california... I presume UC is
getting funding from california, not virginia. (mostly)
It seems though that 44/8 was being used in some research project at
UC so... maybe this is just that still at play.
less nefarious and more 'meh, why change if we don't have to?'

>
> > I'm not sure how you're quite going in this direction...
>
> In order to sell something, you must own it...if you pop up,
> claim responsibility for it, sit on it a while, and then sell it..
> did you truly own it?
>

didn't the ardc thing come into existence ~10 yrs back? though what
looks like legit paths...

> If you represent a community, in theory, and sell something
> without prior discussion, are there ethical concerns around that?

it sounded like there were discussions though (based on what  Mr
Fields said earlier
Perhaps those weren't as upfront as some folk want? or perhaps they
were constrained by the legal process surrounding the sale event (and
negotiations leading up to that)

> There are some potential legal title questions around this,
> and if ARIN is facilitating transactions with questionable history,
> that is something the Internet community might be concerned about.
>

sure.

> Certainly, facilitating questionable transfers makes the idea
> of an RIR sponsored registry that controls routing less palatable to
> some individuals.
>
> And this is why I'd love some additional color from the
> participants.  Perhaps this is all explicable -- but that blog entry
> did not assuage my concerns.
>

perhaps they will pipe up now :)

-chris

> --msa

Re: 44/8

[William Waites]

On 07/18, Christopher Morrow wrote:

> My guess is that arin needed more than just: "can control routing for
> a few bits of time".
> I don't really know, but I hope they had more requirements than that :)

It certainly doesn't look like it...

My understanding is that 44/8 was, very much like different pieces of the radio
spectrum, collective common property of amateur radio operators. That an
organisation was needed to operate a registry because of the nature of IP
address allocation does not amount to ownership or the right to sell anything.
This is exactly analogous to the fact that the ARRL (or RAC, or RSGB etc) does
not own and cannot sell radio spectrum allocated for amateur use.

This is not a legitimate sale. ARIN should reverse the changes in its record,
and the ARDC should give the "several million dollars" back to Amazon. 

Then we can decide, openly and transparently, if, for example, some piece of
44/8 should be returned to IANA for allocation to the RIRs.

Greetings,
William Waites VE3HW

Re: 44/8

[Majdi S. Abbas]

On Thu, Jul 18, 2019 at 11:21:58PM -0400, Christopher Morrow wrote:
> who knows? probably? not really my personal concern I guess.

If they're using taxpayer supported networks to provide transit
to a private, for profit entity, we should all care.

> I'm not sure how you're quite going in this direction...

In order to sell something, you must own it...if you pop up,
claim responsibility for it, sit on it a while, and then sell it..
did you truly own it?

If you represent a community, in theory, and sell something
without prior discussion, are there ethical concerns around that?

There are some potential legal title questions around this,
and if ARIN is facilitating transactions with questionable history,
that is something the Internet community might be concerned about.

Certainly, facilitating questionable transfers makes the idea
of an RIR sponsored registry that controls routing less palatable to
some individuals.

And this is why I'd love some additional color from the
participants.  Perhaps this is all explicable -- but that blog entry
did not assuage my concerns.

--msa

Re: 44/8

[Job Snijders]

On Fri, Jul 19, 2019 at 3:16 AM Adam Korab  wrote:
>
> On 07/18/2019 at 23:08, Job Snijders wrote:
> > A potential upside is that hamnet operators maybe have access to some RPKI
> > services now!
>
> OK, I'll bitehow do you mean?

Ah, let me clarify, I didn't mean this as a tongue-in-cheek remark.

Previously no RIR "managed" the space in the conventional sense of the
word. In the case of 44.0.0.0/8, the consequences seemed to be that
none of the RIRs were in a position to provide RPKI services (ROAs)
for 44.0.0.0/8 or any more specific block within that /8.

I saw that the IANA registry was updated
https://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.xhtml
it now shows "Administered by ARIN". My interpretation is that now a
pathway exists towards ARIN facilitating the creation of RPKI ROAs
which cover (parts of) 44.0.0.0/8.

In order to get RPKI services in context of ARIN, it appears a RSA or
LRSA needs to exist. I suspect a LRSA-style agreement was
instantiated, opening the door for RPKI services.

Kind regards,

Job

Re: 44/8

[Christopher Morrow]

On Thu, Jul 18, 2019 at 11:13 PM Majdi S. Abbas  wrote:
>
> On Thu, Jul 18, 2019 at 11:02:40PM -0400, Christopher Morrow wrote:
> > So.. this is/was a legacy allocation, right?  with some 'not great'
> > contact/etc info...
>
> It's been announced by UCSD as a /8, consistently available,
> with tunnel services and rDNS available on a consistent basis, for a
> long time.
>
> The folks involved are not hard to find and never have been.
>
> Amusingly, they still seem to be advertising the covering
> aggregate, so I guess the Cal system is going to provide transit to
> Amazon?  Do the Regents know about this arrangement?

who knows? probably? not really my personal concern I guess.

> > the ARIN folk could have said: "Well sure! if the current folk who
> > control access can positively show they do AND they don't mind parting
> > with a /10... ok?"
>
> ... I'm not sure this would make the 44/8 allocation anything
> but a bogon, or ARIN WHOIS & RPKI a reliable resource for the community.
> Potentially quite the contrary.
>

I'm not sure how you're quite going in this direction...

> If I start advertising space, and can show I thusly "control"
> it, can I monetize it, too?  I could use "some millions."
>

My guess is that arin needed more than just: "can control routing for
a few bits of time".
I don't really know, but I hope they had more requirements than that :)

I suppose though, are you more upset that the radio folk now have some
endowment (or what-have-you) or that the block is getting somewhat
chopped up?
their blog seems to indicate that there is plenty of space left, more
than they'd allocated previously (though I don't see any actioal
records).

They also state that the trust which was setup previously controled
the space and dealt with ARIN + the buyer.
it SEEMS above board... more above board than some other transactions
I've seen in the last while :(

Does it serve the larger community to get the space under RSA and
potentially signed in the RPKI? or to leave it where it was before?

-chris

> --msa

Re: 44/8

[Bryan Fields]

On 7/18/19 10:57 PM, Majdi S. Abbas wrote:
> 
>   What's interesting about this is it was not an ARIN allocation,
> and the ARDC folks are not the original registrant.  This IANA /8 was
> initially delegated to a community, not an organization.
> 
>   So, to the individuals listed in the blog, that I've excerpted
> below, what do you have to say about this?
> 
>   Brian Kantor
>   kc claffy
>   Phil Karn
>   Paul Vixie

This is par for the course with ARDC.  I was a TAC committee member (I
resigned in disgust just 15 min ago), and the board has failed to inform
anyone this was happening.

I discussed this prior as we could lease it, do something with it, make some
money from it, and was 100% shot down.  This has always been Brian Kantor's
private little thing ever since he took over administration of it.   This take
over was before ARDC existed, and ARDC was never structured to be a proper
community focused organization.  I'd addressed this at TAPR meetings and NANOG
with Brian and KC before.  This also over looked the huge conflict of interest
in KC being a board member of ARDC and Network Telescope getting a feed of
44/8 direct at no cost.  This 44/8 announcement and UCSD routing broke
connectivity to directly connected BGP subnets for years.

My concern as an ARDC supporter an member is now no planning in the community
for this, many people assume 44/8 is going to be licensed amateurs (I have
many firewalls with permit 44/8 in them), and no accountability of what ARDC
is doing.  I believe with Brian retiring from UCSD he's looking for a job and
being a board member of a well funded 501(c)3 can be a lucrative job.

Also it's 100% broken reverse DNS for all of 44/8.  :golf clap:

This was theft from the community it was meant to serve.
-- 
Bryan Fields, W9CR
Former ARDC TAC member

727-409-1194 - Voice
http://bryanfields.net

Re: 44/8

[Majdi S. Abbas]

On Thu, Jul 18, 2019 at 11:02:40PM -0400, Christopher Morrow wrote:
> So.. this is/was a legacy allocation, right?  with some 'not great'
> contact/etc info...

It's been announced by UCSD as a /8, consistently available, 
with tunnel services and rDNS available on a consistent basis, for a
long time.

The folks involved are not hard to find and never have been.  

Amusingly, they still seem to be advertising the covering
aggregate, so I guess the Cal system is going to provide transit to 
Amazon?  Do the Regents know about this arrangement?

> the ARIN folk could have said: "Well sure! if the current folk who
> control access can positively show they do AND they don't mind parting
> with a /10... ok?"

... I'm not sure this would make the 44/8 allocation anything 
but a bogon, or ARIN WHOIS & RPKI a reliable resource for the community.
Potentially quite the contrary.

If I start advertising space, and can show I thusly "control"
it, can I monetize it, too?  I could use "some millions."

--msa

Re: 44/8

[David Guo via NANOG]

finally they start selling it.

Get Outlook for iOS

From: NANOG  on behalf of Siyuan Miao 

Sent: Friday, July 19, 2019 11:07:38 AM
To: Christopher Morrow 
Cc: nanog list 
Subject: Re: 44/8

Did a fast lookup via ARIN WHOIS:

44/8 is now 44/9 + 44.128/10

NetRange:   44.0.0.0 - 44.191.255.255
CIDR:   44.0.0.0/9, 
44.128.0.0/10
NetName:AMPRNET
NetHandle:  NET-44-0-0-0-1
Parent: NET44 (NET-44-0-0-0-0)
NetType:Direct Assignment
OriginAS:
Organization:   Amateur Radio Digital Communications (ARDC)
RegDate:1992-07-01
Updated:2019-07-18
Ref:https://rdap.arin.net/registry/ip/44.0.0.0



On Fri, Jul 19, 2019 at 11:04 AM Christopher Morrow 
mailto:morrowc.li...@gmail.com>> wrote:
On Thu, Jul 18, 2019 at 10:59 PM Majdi S. Abbas 
mailto:m...@latt.net>> wrote:
>
>
> What's interesting about this is it was not an ARIN allocation,

So.. this is/was a legacy allocation, right?  with some 'not great'
contact/etc info...
the ARIN folk could have said: "Well sure! if the current folk who
control access can positively show they do AND they don't mind parting
with a /10... ok?"

This ends up with a /10 of a /8 with better registration information
and MAYBE better records keeping over time, right?
that seems like a win to the ARIN community?

Re: 44/8

[Job Snijders]

A potential upside is that hamnet operators maybe have access to some RPKI
services now!

Re: 44/8

[Siyuan Miao]

Did a fast lookup via ARIN WHOIS:

44/8 is now 44/9 + 44.128/10

NetRange:   44.0.0.0 - 44.191.255.255
CIDR:   44.0.0.0/9, 44.128.0.0/10
NetName:AMPRNET
NetHandle:  NET-44-0-0-0-1
Parent: NET44 (NET-44-0-0-0-0)
NetType:Direct Assignment
OriginAS:
Organization:   Amateur Radio Digital Communications (ARDC)
RegDate:1992-07-01
Updated:2019-07-18
Ref:https://rdap.arin.net/registry/ip/44.0.0.0



On Fri, Jul 19, 2019 at 11:04 AM Christopher Morrow 
wrote:

> On Thu, Jul 18, 2019 at 10:59 PM Majdi S. Abbas  wrote:
> >
> >
> > What's interesting about this is it was not an ARIN allocation,
>
> So.. this is/was a legacy allocation, right?  with some 'not great'
> contact/etc info...
> the ARIN folk could have said: "Well sure! if the current folk who
> control access can positively show they do AND they don't mind parting
> with a /10... ok?"
>
> This ends up with a /10 of a /8 with better registration information
> and MAYBE better records keeping over time, right?
> that seems like a win to the ARIN community?
>

Re: 44/8

[Christopher Morrow]

On Thu, Jul 18, 2019 at 10:59 PM Majdi S. Abbas  wrote:
>
>
> What's interesting about this is it was not an ARIN allocation,

So.. this is/was a legacy allocation, right?  with some 'not great'
contact/etc info...
the ARIN folk could have said: "Well sure! if the current folk who
control access can positively show they do AND they don't mind parting
with a /10... ok?"

This ends up with a /10 of a /8 with better registration information
and MAYBE better records keeping over time, right?
that seems like a win to the ARIN community?

44/8

[Majdi S. Abbas]

Apparently isn't 44/8 anymore:

NetRange:   44.192.0.0 - 44.255.255.255
CIDR:   44.192.0.0/10
NetName:AT-88-Z
NetHandle:  NET-44-192-0-0-1
Parent: NET44 (NET-44-0-0-0-0)
NetType:Direct Allocation
OriginAS:
Organization:   Amazon Technologies Inc. (AT-88-Z)
RegDate:2019-07-18
Updated:2019-07-18
Ref:https://rdap.arin.net/registry/ip/44.192.0.0

Some additional color is available at:

https://www.ampr.org/amprnet/

What's interesting about this is it was not an ARIN allocation,
and the ARDC folks are not the original registrant.  This IANA /8 was
initially delegated to a community, not an organization.

So, to the individuals listed in the blog, that I've excerpted
below, what do you have to say about this?

Brian Kantor
kc claffy
Phil Karn
Paul Vixie

[I've omitted those I don't know to be NANOG familiar.]

ARIN also appears to have a role here.  Any comment, ARIN folks?

--msa

P.S.I've been licensed as a ham since prior to the organization of
ARDC in 1992 -- where's my check?

Re: SHAKEN/STIR Robocall Summit - July 11 2019 at FCC

[Michael Thomas]

On 7/18/19 3:15 PM, Jay R. Ashworth wrote:

- Original Message -

From: "Michael Thomas" 
On 7/15/19 12:07 PM, Jay R. Ashworth wrote:

Yes, of course we sent out calls with "spoofed" CNID.

But, even though only 2 or 3 or our 5 carriers* held *our* feet to the fire,
we held the clients' feet to the fire, requiring them to prove to our
satisfaction that they had adminstrative control over the numbers in question.

But it's the carrier's responsibility, properly, to do that work.

How do the clients prove that?

Do you know, I don't know; it was above my paygrade; the few times I stubbed
a toe on it, I threw it over a wall.

I presume that there was paperwork...




I still think this would be much easier to solve in the Internet domain 
instead of in the PSTN domain. That is, use SIP From: address instead of 
telephone numbers. We already have the ability to give with reasonable 
certainty that a message has been originated by a given domain. If we 
present that address in preference to caller ID, and I can filter based 
on that it puts a lot of positive pressure on legit callers to identify 
themselves (they already do it for their email), and negative pressure 
on the callerid holdouts. They'd have to use their own domain name and 
prove their control of it, and that's a good thing. You'd think this 
would be easier for the carriers too since they wouldn't have to vet 
shady clients... it's their domain they're trashing, not the carriers.


I for one would be perfectly happy with a UA that went straight to a 
quarantine if it only had callerid in it.


Mike

Re: netstat -s

[Joe Provo]

On Wed, Jul 17, 2019 at 05:54:49PM -0700, Randy Bush wrote:
> do folk use `netstat -s` to help diagnose on routers/switches?

Sometimes - it depends on the problems and visibility/lack thereof 
provided by other methods.  

In the netstat family of flags, what I *really* miss is DEC's 
'netstat -z', especially when having "application vs network"
arguments for poorly instrucmented applications.

Cheers,

Joe

-- 
Posted from my personal account - see X-Disclaimer header.
Joe Provo / Gweep / Earthling 

Re: SHAKEN/STIR Robocall Summit - July 11 2019 at FCC

[Jay R. Ashworth]

- Original Message -
> From: "Michael Thomas" 

> On 7/15/19 12:07 PM, Jay R. Ashworth wrote:
>> Yes, of course we sent out calls with "spoofed" CNID.
>>
>> But, even though only 2 or 3 or our 5 carriers* held *our* feet to the fire,
>> we held the clients' feet to the fire, requiring them to prove to our
>> satisfaction that they had adminstrative control over the numbers in 
>> question.
>>
>> But it's the carrier's responsibility, properly, to do that work.
> 
> How do the clients prove that?

Do you know, I don't know; it was above my paygrade; the few times I stubbed
a toe on it, I threw it over a wall.

I presume that there was paperwork...

> Way back when when we were working on mipv6 we had to work through a
> somewhat similar problem for handoffs. The ultimate answer was a return
> routability test: that is, if you can answer on the address you're
> trying to claim "ownership" for, it's good enough.

Might have been a handshake like that; I suspect it was mostly just 
"here's a picture of the client's phone bill".

> But right you are, it's ultimately the carrier who needs to care about
> this problem at or nothing gets better.

Yup.

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: netstat -s, but off topic a bit

[James R Cutler]

> Ideally folks should be subshells (unless you're on a strange system or
> legacy system).
> 
I have never thought of myself as subshell, even on a low carbohydrate 
system

> netstat is now mostly obsolete. 
> Replacement for netstat is ss.  
> Replacement for  netstat -r is ip route.
> Replacement for netstat -i is ip -s link.
> Replacement for netstat -g is ip maddr.

Microsoft (Windows, that is) and Apple macOS have no knowledge of ss.

That is why I use netstat often, but never netstat -s to diagnose routing. (Hi, 
Randy.)

James R. Cutler
james.cut...@consultant.com
GPG keys: hkps://hkps.pool.sks-keyservers.net

Re: Spam

[Jay R. Ashworth]

- Original Message -
> From: "jra" 

> Someone tell Trevor Walford at ECG in Valdosta that scraping the list for
> addresses to spam is a suboptimal approach?

I have to apologize to Mr Walford.  

A search through my old mail archive shows mail from his organization from
a year and two years ago, also times when I was not especially active on 
NANOG.

I retract the accusation, and regret the error.

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: netstat -s

[Brett Watson]

> On Jul 17, 2019, at 6:54 PM, Randy Bush  wrote:
> 
> do folk use `netstat -s` to help diagnose on routers/switches?
> 

indeed.

Re: netstat -s

[Ross Tajvar]

> but could you answer my question?

Just seemed like there was some urgency so I was curious.

On Thu, Jul 18, 2019, 5:57 PM Randy Bush  wrote:

> > Why do you want to know?
>
> why do you want to know why i want to know?  :)
>
>

Re: Twitter security team?

[Rich Kulawiec]

On Thu, Jul 18, 2019 at 12:45:25PM -0600, Ken Gilmour wrote:
> I have evidence and can't contact anyone due to
> the lack of an appropriate form and the fact that the security@ email
> address doesn't work.

Of course I'm not surprised that the ignorant newbies running Twitter
can't manage this: who wouldn't be, given their atrocious track record?
But for everyone else:

[ engage soapbox ]

RFC 2142 was published in 1997, and most of the role addresses it
specifies were in relatively common use prior to that.

Yet -- nearly every day -- this list carries traffic from someone
attempting to help/warn/etc. some allegedly professional operation
that has its fingers firmly lodged in its ears in a desperate attempt
to prevent basic communication and expects people who are already
trying to provide them with free consulting services to jump through
various annoying  hoops in order to do so.

RTFRFC, folks, and implement it.  It's operations 101.  It's something you
should have done in the first hour of the first day, before you turned on
the rest of your stuff.  It's not hard.  And when a day like this comes
for your operation, which it will, it may save you considerable pain,
time, and/or money.

[ soapbox off - for now ;) ]

---rsk

Re: netstat -s

[Randy Bush]

> Why do you want to know?

why do you want to know why i want to know?  :)

Re: netstat -s

[Ross Tajvar]

Why do you want to know?

On Thu, Jul 18, 2019, 5:55 PM Randy Bush  wrote:

> > Ideally folks should be subshells (unless you're on a strange system or
> > legacy system).
> >
> > netstat is now mostly obsolete.
> > Replacement for netstat is ss.
> > Replacement for  netstat -r is ip route.
> > Replacement for netstat -i is ip -s link.
> > Replacement for netstat -g is ip maddr.
>
> on some vendors.  but could you answer my question?  do you use it?
>

Re: netstat -s

[Randy Bush]

> Ideally folks should be subshells (unless you're on a strange system or
> legacy system).
> 
> netstat is now mostly obsolete. 
> Replacement for netstat is ss.  
> Replacement for  netstat -r is ip route.
> Replacement for netstat -i is ip -s link.
> Replacement for netstat -g is ip maddr.

on some vendors.  but could you answer my question?  do you use it?

Re: netstat -s

[Steven M. Miano]

Ideally folks should be subshells (unless you're on a strange system or
legacy system).

netstat is now mostly obsolete. 
Replacement for netstat is ss.  
Replacement for  netstat -r is ip route.
Replacement for netstat -i is ip -s link.
Replacement for netstat -g is ip maddr.

https://www.linux.com/learn/intro-to-linux/2017/7/introduction-ss-command

r/s,

Steven M. Miano
(727)244-9990
http://stevenmiano.com
1811 C2CB 8219 4F52

On 7/17/19 20:54, Randy Bush wrote:
> do folk use `netstat -s` to help diagnose on routers/switches?
>
> randy



signature.asc
Description: OpenPGP digital signature

Re: netstat -s

[William Herrin]

On Thu, Jul 18, 2019 at 11:43 AM Chris Cariffe  wrote:

> [netstat] -rn and -an fan here!
>

Rarely use them. "ip route show" and "lsof +c 15 -nP | grep TCP" are
normally more useful.

-- 
William Herrin
b...@herrin.us
https://bill.herrin.us/

Re: Twitter security team?

[Gregori Parker]

https://hackerone.com/twitter is the correct means to report

-G


On Thu, Jul 18, 2019 at 2:04 PM J. Hellenthal via NANOG 
wrote:

> Or maybe a tweet to @twittersecurity
>
> > On Jul 18, 2019, at 13:59, J. Hellenthal  wrote:
> >
> >
> > Yes/No ?
> >
> >
> https://help.twitter.com/en/rules-and-policies/reporting-security-vulnerabilities
> >
> >> On Jul 18, 2019, at 13:45, Ken Gilmour  wrote:
> >>
> >> Anyone on the list know how to contact the Twitter Security team?
> >>
> >> Seems the new update allows an attacker to modify other people's
> tweets. The "Hackerone" form for reporting a vulnerability is the wrong
> form and the "My account has been hacked" form is also the wrong form. The
> whole site has been compromised, I have evidence and can't contact anyone
> due to the lack of an appropriate form and the fact that the security@
> email address doesn't work.
> >>
> >> Thanks!
> >
>
>

Re: Cisco wifi signal fluctuations

[Alan Buxey]

hi,

do you have any of the WLC settings on such as dynamic power
assignment (which allows the controller to work out neighbour cell
coverage
and reduce the signal to stop much overlap).  which 5GHz channels are
being used - if you're using those in DFS space then RADAR detection
means that DAC will kick in and the APs will be changing channel
(which of course, means they'll be doing some clear channel assessment
before
coming back.   is the SSID still doing WPA?  If so, any MAC check
failures from a dodgy client will cause the AP to enact counter
measures etc etc
really, I'd suggest turning on much logging for this area/building ,
slap it all into a simple ELK setup (just spin one up from available
docker compose
files if needed) - and then browse the resulting dataset with Kibana
etc to see whats going on.

or go and do a proper wireless survey and fix it from base level up  :)

alan

On Thu, 18 Jul 2019 at 19:46, Vikash Sorout via NANOG  wrote:
>
> On Cisco wifi, we started seeing signal fluctuations since 1-2 months. The 
> only change that was done to change windows user preference from 2.4 GHz 
> Radio to 5 GHz radio through a windows group policy change. But this was done 
> in response to the problem reported by certain users.We have lately 
> discovered that some of the neighboring APs opt for same frequency band at 
> 5.0 GHz and also at 2.4 GHz. Reboot of these APs have not helped to choose 
> different frequency band by these APs.Channel assignment is set to be auto 
> and we cannot change it to static though we are aware of definitive AP 
> positions at all floors in campus. The reason being that the controller 
> serves APAC and we do not know the definite / relative positions of different 
> APs.The wireless survey conducted before (when there was no complaint on 
> wifi) did show presence of co-channel interferences in certain areas, but SNR 
> was seen to be very good in all areas of all the floors.
>
> For skype, we have call drop or call noisy complain from users across the 
> three floors irrespective of if they are connected to wifi or LAN.
>
> We are using Cisco WLC 5520 controller.
>
>
>
> Regards,
> Vikash Sorout
> Hand-phone : +91-9013866229
> Email: vikash_sor...@yahoo.com

Re: Twitter security team?

[Ken Gilmour]

Because I didn't find the vulnerability, I'm not looking for a bug bounty
and I don't know what the vulnerability is, just seeing the effects of it.

On Thu, 18 Jul 2019 at 13:06, Ross Tajvar  wrote:

> Why is Hacker one wrong? Seems like this would be exactly what it's for.
>
> On Thu, Jul 18, 2019, 3:04 PM J. Hellenthal via NANOG 
> wrote:
>
>> Or maybe a tweet to @twittersecurity
>>
>> > On Jul 18, 2019, at 13:59, J. Hellenthal 
>> wrote:
>> >
>> >
>> > Yes/No ?
>> >
>> >
>> https://help.twitter.com/en/rules-and-policies/reporting-security-vulnerabilities
>> >
>> >> On Jul 18, 2019, at 13:45, Ken Gilmour  wrote:
>> >>
>> >> Anyone on the list know how to contact the Twitter Security team?
>> >>
>> >> Seems the new update allows an attacker to modify other people's
>> tweets. The "Hackerone" form for reporting a vulnerability is the wrong
>> form and the "My account has been hacked" form is also the wrong form. The
>> whole site has been compromised, I have evidence and can't contact anyone
>> due to the lack of an appropriate form and the fact that the security@
>> email address doesn't work.
>> >>
>> >> Thanks!
>> >
>>
>>

Re: Twitter security team?

[Ken Gilmour]

no

On Thu, 18 Jul 2019 at 12:59, J. Hellenthal  wrote:

>
> Yes/No ?
>
>
> https://help.twitter.com/en/rules-and-policies/reporting-security-vulnerabilities
>
> > On Jul 18, 2019, at 13:45, Ken Gilmour  wrote:
> >
> > Anyone on the list know how to contact the Twitter Security team?
> >
> > Seems the new update allows an attacker to modify other people's tweets.
> The "Hackerone" form for reporting a vulnerability is the wrong form and
> the "My account has been hacked" form is also the wrong form. The whole
> site has been compromised, I have evidence and can't contact anyone due to
> the lack of an appropriate form and the fact that the security@ email
> address doesn't work.
> >
> > Thanks!
>
>

RE: Twitter security team?

[Eric Tykwinski]

They also have a bug bounty program on HackerOne:
https://hackerone.com/twitter

> -Original Message-
> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of J. Hellenthal
> via NANOG
> Sent: Thursday, July 18, 2019 3:01 PM
> To: Ken Gilmour
> Cc: North Group
> Subject: Re: Twitter security team?
> 
> Or maybe a tweet to @twittersecurity
> 
> > On Jul 18, 2019, at 13:59, J. Hellenthal  wrote:
> >
> >
> > Yes/No ?
> >
> > https://help.twitter.com/en/rules-and-policies/reporting-security-
> vulnerabilities
> >
> >> On Jul 18, 2019, at 13:45, Ken Gilmour  wrote:
> >>
> >> Anyone on the list know how to contact the Twitter Security team?
> >>
> >> Seems the new update allows an attacker to modify other people's
tweets.
> The "Hackerone" form for reporting a vulnerability is the wrong form and
the
> "My account has been hacked" form is also the wrong form. The whole site
> has been compromised, I have evidence and can't contact anyone due to the
> lack of an appropriate form and the fact that the security@ email address
> doesn't work.
> >>
> >> Thanks!
> >

Re: Twitter security team?

[Ross Tajvar]

Why is Hacker one wrong? Seems like this would be exactly what it's for.

On Thu, Jul 18, 2019, 3:04 PM J. Hellenthal via NANOG 
wrote:

> Or maybe a tweet to @twittersecurity
>
> > On Jul 18, 2019, at 13:59, J. Hellenthal  wrote:
> >
> >
> > Yes/No ?
> >
> >
> https://help.twitter.com/en/rules-and-policies/reporting-security-vulnerabilities
> >
> >> On Jul 18, 2019, at 13:45, Ken Gilmour  wrote:
> >>
> >> Anyone on the list know how to contact the Twitter Security team?
> >>
> >> Seems the new update allows an attacker to modify other people's
> tweets. The "Hackerone" form for reporting a vulnerability is the wrong
> form and the "My account has been hacked" form is also the wrong form. The
> whole site has been compromised, I have evidence and can't contact anyone
> due to the lack of an appropriate form and the fact that the security@
> email address doesn't work.
> >>
> >> Thanks!
> >
>
>

Re: Twitter security team?

[J. Hellenthal via NANOG]

Or maybe a tweet to @twittersecurity

> On Jul 18, 2019, at 13:59, J. Hellenthal  wrote:
> 
> 
> Yes/No ?
> 
> https://help.twitter.com/en/rules-and-policies/reporting-security-vulnerabilities
> 
>> On Jul 18, 2019, at 13:45, Ken Gilmour  wrote:
>> 
>> Anyone on the list know how to contact the Twitter Security team?
>> 
>> Seems the new update allows an attacker to modify other people's tweets. The 
>> "Hackerone" form for reporting a vulnerability is the wrong form and the "My 
>> account has been hacked" form is also the wrong form. The whole site has 
>> been compromised, I have evidence and can't contact anyone due to the lack 
>> of an appropriate form and the fact that the security@ email address doesn't 
>> work.
>> 
>> Thanks!
> 

Re: Twitter security team?

[J. Hellenthal via NANOG]

Yes/No ?

https://help.twitter.com/en/rules-and-policies/reporting-security-vulnerabilities

> On Jul 18, 2019, at 13:45, Ken Gilmour  wrote:
> 
> Anyone on the list know how to contact the Twitter Security team?
> 
> Seems the new update allows an attacker to modify other people's tweets. The 
> "Hackerone" form for reporting a vulnerability is the wrong form and the "My 
> account has been hacked" form is also the wrong form. The whole site has been 
> compromised, I have evidence and can't contact anyone due to the lack of an 
> appropriate form and the fact that the security@ email address doesn't work.
> 
> Thanks!

Twitter security team?

[Ken Gilmour]

Anyone on the list know how to contact the Twitter Security team?

Seems the new update allows an attacker to modify other people's tweets.
The "Hackerone" form for reporting a vulnerability is the wrong form and
the "My account has been hacked" form is also the wrong form. The whole
site has been compromised, I have evidence and can't contact anyone due to
the lack of an appropriate form and the fact that the security@ email
address doesn't work.

Thanks!

Cisco wifi signal fluctuations

[Vikash Sorout via NANOG]

On Cisco wifi, we started seeing signal fluctuations since 1-2 months. The only 
change that was done to change windows user preference from 2.4 GHz Radio to 5 
GHz radio through a windows group policy change. But this was done in response 
to the problem reported by certain users.We have lately discovered that some of 
the neighboring APs opt for same frequency band at 5.0 GHz and also at 2.4 GHz. 
Reboot of these APs have not helped to choose different frequency band by these 
APs.Channel assignment is set to be auto and we cannot change it to static 
though we are aware of definitive AP positions at all floors in campus. The 
reason being that the controller serves APAC and we do not know the definite / 
relative positions of different APs.The wireless survey conducted before (when 
there was no complaint on wifi) did show presence of co-channel interferences 
in certain areas, but SNR was seen to be very good in all areas of all the 
floors.
For skype, we have call drop or call noisy complain from users across the three 
floors irrespective of if they are connected to wifi or LAN.
We are using Cisco WLC 5520 controller.


Regards,Vikash SoroutHand-phone : +91-9013866229Email: vikash_sor...@yahoo.com

Re: netstat -s

[Chris Cariffe]

-rn and -an fan here!

On Wed, Jul 17, 2019 at 8:56 PM Randy Bush  wrote:

> do folk use `netstat -s` to help diagnose on routers/switches?
>
> randy
>

Re: Bgpmon alternatives?

[Saunders, D'Wayne]

We moved to Thousandeyes for this function


D'Wayne Saunders

From: NANOG  on behalf of TJ Trout 
Date: Thursday, 18 July 2019 at 10:15 am
To: Matt Corallo 
Cc: nanog 
Subject: Re: Bgpmon alternatives?

[External Email] This email was sent from outside the organisation – be 
cautious, particularly with links and attachments.
Anyone know of a hosted alternative to bgpmon? I'm testing Qrator but I can't 
determine if it will notify in real-time of a prefix hijack?

On Sun, Jun 16, 2019 at 9:23 AM Matt Corallo 
mailto:na...@as397444.net>> wrote:
There's also https://github.com/NLNOG/bgpalerter (which I believe they're 
trying to turn into a website frontend based on RIS, but I run it with patches 
for as_path regexes and it works pretty well).

On Jun 16, 2019, at 07:40, Michael Hallgren 
mailto:m...@xalto.net>> wrote:
RIS Live API is a choice for this.
mh
Le 16 juin 2019, à 13:21, Brian Kantor mailto:br...@ampr.org>> 
a écrit:

That would be wonderful.  Thank you!
 - Brian


On Sun, Jun 16, 2019 at 03:59:29AM -0700, Mike Leber wrote:

 I'm sure if it doesn't do exactly that already, we can add it shortly.

 Some of planned functionality for hijack detection is already live.
 That's one of the main reasons for creating this service.

 Mike.

 On 6/16/19 2:48 AM, Brian Kantor wrote:

 On Sun, Jun 16, 2019 at 02:25:40AM -0700, Mike Leber wrote:

 As a beta service you can try out rt-bgp.he.net.  This 
is a real time
 bgp monitoring service we are developing.

 It's interesting, but I don't see any way to do what I primarily
 use the existing BGPMon for: watch for hijacks.

 That is, set up one or more prefixes to be continuously monitored
 and have the monitor send me an email alert when that prefix or a
 subnet of it begins to be announced by someone new.

 For example, if I have told it to monitor 44.0.0.0/8 and 
someone
 somewhere begins announcing it, or perhaps 44.1.0.0/16, 
I'd very
 much like to know about that, along with details of who and where.

 Then if that announcement is authorized, I can tell the monitoring
 service that this new entry is NOT a hijack, and it won't bug me
 about it again.

 Can it be persuaded to do this?
  - Brian

Re: Bgpmon alternatives?

[TJ Trout]

I also cannot find a way to subscribe to your hijack notifications?

On Wed, Jul 17, 2019, 10:45 PM Töma Gavrichenkov  wrote:

> On Thu, Jul 18, 2019 at 3:16 AM TJ Trout  wrote:
> > Anyone know of a hosted alternative to bgpmon? I'm testing
> > Qrator but I can't determine if it will notify in real-time of a
> > prefix hijack?
>
> Qrator guy there.
> Real-time notifications are there but are only available on a
> commercial basis, because basically real time is expensive to compute.
> The rest is free.
>
> --
> Töma
>

Re: Colo in Africa

[Joly MacFie]

You might want to consider attending AfPIF in Mauritius 20-22 Aug

https://www.afpif.org/


-- 
---
Joly MacFie  218 565 9365 Skype:punkcast
--
-

Re: Fiber providers - Englewood / Centennial Colorado

[JASON BOTHE via NANOG]

Thanks Mike

I hit up crown and they have some segments, just not quite enough. I’ll try 
Windstream and see what I can find. 

Thanks

J~

> On Jul 18, 2019, at 08:57, Mike Hammett  wrote:
> 
> Depending on what you're trying to do, you might find some bits and pieces 
> from Windstream, Crown Castle, UPN, and XO. They're all in that Englewood - 
> Centennial area in different ways with different capabilities.
> 
> 
> 
> -
> Mike Hammett
> Intelligent Computing Solutions
> 
> Midwest Internet Exchange
> 
> The Brothers WISP
> 
> From: "JASON BOTHE via NANOG" 
> To: nanog@nanog.org
> Sent: Wednesday, July 17, 2019 6:10:42 PM
> Subject: Fiber providers - Englewood / Centennial Colorado 
> 
> Hi all 
> 
> Just curious if you know of any fiber providers other than CL or Zayo in the 
> Englewood/Centennial area. Having a really tough time finding routes that 
> avoid the Solarium at Quebec / E Orchard as well as 910 15th St. Seems there 
> are so many single points of failure and collapsed routes that all lead to 
> these two locations to get diverse long haul. 
> 
> Many thanks. 
> 
> J~ 
> 

Re: Colo in Africa

[Mark Tinka]

On 18/Jul/19 11:04, Denys Fedoryshchenko wrote:

> Africa, Russia...
>
> You can take as example Lebanon.
> Capital and major city in tiny country, ~40km away from each other,
> and only way you can get 2 points connected over microwaves(due
> mountains - several hops), over "licensed" providers, DSP, who hook
> this points for $10-$30/mbps/month. And many of them don't have
> support at evenings and weekend. Of course, due crappy electricity in
> country and economical situation, discharged batteries and outages at
> evening/night at "licensed" DSP sites - common case.
> The laws of the country are so cool, that it is even forbidden to lay
> optics from the building standing next to other building, unless you
> are government monopoly (and they don't sell fiber connectivity).

There is no shortage of countries around the world that stifle the
development of their telecommunications industry because they don't
understand how different the Internet is from POTS.

Countries such as Djibouti land a tremendous amount of submarine cable
systems, and yet it makes very little sense to the average operator to
deploy meaningful network there. The Middle East, Asia, Europe and Latin
America all have their own examples of the same. North America is no
exception in some parts of those countries.

You need to remember that Africa is not one country. Observing an
assessment in one country has nothing to do with the the situation in
the other 54.

>
> In Africa, many people do not have electricity at all and cook on open
> fire, i imagine what difficulties they have with connectivity.

Cooking with firewood is not a linear basis for the depth of
connectivity in Africa. Traditional views don't always work, which is
how Africa is the fastest growing mobile phone economy in the world. It
shouldn't be, but it is.

You'll need to open your mind to how differently folk get by this side
of the world.


> The last time when I worked with a team on study to invest in telecom
> in Africa - results discouraged even trying to engage in telecom
> subject there.

I'm curious where this team was based...

We have no shortage of "consultants" that desktop Africa from an office
in New York.

I can send you my consulting contract if you like. I live in Africa :-).


> I think the only ones who are interested in decent connectivity there
> - mobile operators. Maybe worth to find connections and talk to them.

Perhaps it's time I went and got my mobile operator license :-).

Mark.

Re: Antennas in the data center

[Tom Beecher]

Being told "industry standard" seems like a cop out for "we don't want to
do it". Which is a completely legitimate response, but ideally they'd just
come out and say that.

On Thu, Jul 18, 2019 at 11:54 AM Robert Webb  wrote:

> The is booster to only get an LTE signal from Verizon into the data
> center..
>
> For our purpose of needing it, we have a cisco router with LTE for our
> system as a back management access in case of loss to the system by normal
> means.
>
> On Thu, Jul 18, 2019 at 11:39 AM Andrew Latham  wrote:
>
>> I agree with Miles that this is more of an infiltration and or
>> ex-filtration of data issue. Can you firewall at the booster? Out of Band
>> management is tricky when LTE bandwidth is so high that one could export
>> large quantities of data.
>>
>> On Thu, Jul 18, 2019 at 9:28 AM Miles Fidelman <
>> mfidel...@meetinghouse.net> wrote:
>>
>>> It's not quite clear what you mean by "NIST controls" - NIST publishes
>>> standards & guidelines, they don't regulate.
>>>
>>> Now, if you're running a Federal data center, or one for a government
>>> contractor - perhaps you're referring to "NIST Compliance" under FISMA (the
>>> Federal Information Security Management Act) - which involves compliance
>>> with a bunch of FIPS (Federal Information Processing Standards).  See
>>> https://csrc.nist.gov/topics/laws-and-regulations/laws/fisma &
>>> https://digitalguardian.com/blog/what-nist-compliance for some
>>> background.
>>>
>>> Now if I had to guess - I expect that there are some security standards
>>> that would prohibit placing an antenna inside a data center handling any
>>> kind of sensitive or classified data.
>>>
>>> If you have any systems, in the data center, that require security
>>> certification & accreditation, I expect your accreditation authority would
>>> be the person to talk to.  Or your information security officer.
>>> On 7/18/19 9:30 AM, Robert Webb wrote:
>>>
>>> So I have a situation where I am trying to get LTE to an out of band
>>> router and there is no signal available in the data center. There was a
>>> booster setup purchased and I have a manager telling me that standards,
>>> industry and not local, prohibit the installation.
>>>
>>> He has yet to produce any documented industry standard so I thought I
>>> would reach out to see if anyone here has heard of this.
>>>
>>> We fall under NIST controls and I haven't found anything there and have
>>> also looked at TIA and not found anything.
>>>
>>> Thanks...
>>>
>>> On Thu, Jul 18, 2019 at 9:09 AM Matt Harris  wrote:
>>>
 On Thu, Jul 18, 2019 at 8:01 AM Robert Webb 
 wrote:

> Anyone out there deal with data center design?
>
> Looking for any info available which provides guidelines on putting
> antennas, like LTE booster, in the data center.
>

 Not quite sure what you're looking for here Robert. As far as placing
 something like an LTE booster in a data center, you'd just use common sense
 (place it in the best possible place from a connectivity standpoint). Is
 this something you're considering in order to provide service to folks who
 run LTE backup connections on their gear (like serial concentrators)?
 Wireless/RF site surveys and how to do them effectively are pretty
 well-documented at this point.

 Or are you asking about roof access/deploying antennas on a rooftop
 safely/securely?

 --
>>> In theory, there is no difference between theory and practice.
>>> In practice, there is.   Yogi Berra
>>>
>>> Theory is when you know everything but nothing works.
>>> Practice is when everything works but no one knows why.
>>> In our lab, theory and practice are combined:
>>> nothing works and no one knows why.  ... unknown
>>>
>>>
>>
>> --
>> - Andrew "lathama" Latham -
>>
>

Re: Antennas in the data center

[Robert Webb]

The is booster to only get an LTE signal from Verizon into the data center..

For our purpose of needing it, we have a cisco router with LTE for our
system as a back management access in case of loss to the system by normal
means.

On Thu, Jul 18, 2019 at 11:39 AM Andrew Latham  wrote:

> I agree with Miles that this is more of an infiltration and or
> ex-filtration of data issue. Can you firewall at the booster? Out of Band
> management is tricky when LTE bandwidth is so high that one could export
> large quantities of data.
>
> On Thu, Jul 18, 2019 at 9:28 AM Miles Fidelman 
> wrote:
>
>> It's not quite clear what you mean by "NIST controls" - NIST publishes
>> standards & guidelines, they don't regulate.
>>
>> Now, if you're running a Federal data center, or one for a government
>> contractor - perhaps you're referring to "NIST Compliance" under FISMA (the
>> Federal Information Security Management Act) - which involves compliance
>> with a bunch of FIPS (Federal Information Processing Standards).  See
>> https://csrc.nist.gov/topics/laws-and-regulations/laws/fisma &
>> https://digitalguardian.com/blog/what-nist-compliance for some
>> background.
>>
>> Now if I had to guess - I expect that there are some security standards
>> that would prohibit placing an antenna inside a data center handling any
>> kind of sensitive or classified data.
>>
>> If you have any systems, in the data center, that require security
>> certification & accreditation, I expect your accreditation authority would
>> be the person to talk to.  Or your information security officer.
>> On 7/18/19 9:30 AM, Robert Webb wrote:
>>
>> So I have a situation where I am trying to get LTE to an out of band
>> router and there is no signal available in the data center. There was a
>> booster setup purchased and I have a manager telling me that standards,
>> industry and not local, prohibit the installation.
>>
>> He has yet to produce any documented industry standard so I thought I
>> would reach out to see if anyone here has heard of this.
>>
>> We fall under NIST controls and I haven't found anything there and have
>> also looked at TIA and not found anything.
>>
>> Thanks...
>>
>> On Thu, Jul 18, 2019 at 9:09 AM Matt Harris  wrote:
>>
>>> On Thu, Jul 18, 2019 at 8:01 AM Robert Webb 
>>> wrote:
>>>
 Anyone out there deal with data center design?

 Looking for any info available which provides guidelines on putting
 antennas, like LTE booster, in the data center.

>>>
>>> Not quite sure what you're looking for here Robert. As far as placing
>>> something like an LTE booster in a data center, you'd just use common sense
>>> (place it in the best possible place from a connectivity standpoint). Is
>>> this something you're considering in order to provide service to folks who
>>> run LTE backup connections on their gear (like serial concentrators)?
>>> Wireless/RF site surveys and how to do them effectively are pretty
>>> well-documented at this point.
>>>
>>> Or are you asking about roof access/deploying antennas on a rooftop
>>> safely/securely?
>>>
>>> --
>> In theory, there is no difference between theory and practice.
>> In practice, there is.   Yogi Berra
>>
>> Theory is when you know everything but nothing works.
>> Practice is when everything works but no one knows why.
>> In our lab, theory and practice are combined:
>> nothing works and no one knows why.  ... unknown
>>
>>
>
> --
> - Andrew "lathama" Latham -
>

Re: Antennas in the data center

[Alain Hebert]

    Hi,

    Some PCI auditors (loaded words right there) will freak out and 
you're stuck explaining the concept of life all over again...


    Anyway, those works in a DC (25k') built inside a support structure 
for a train station =D.


    https://www.wilsonamplifiers.com/
    Wilson Pro 70 Plus Select (50 Ohm) Omni/Dome Kit | 462327
    SKU: WA462327

On 2019-07-18 09:35, Matt Harris wrote:
On Thu, Jul 18, 2019 at 8:30 AM Robert Webb > wrote:


So I have a situation where I am trying to get LTE to an out of
band router and there is no signal available in the data center.
There was a booster setup purchased and I have a manager telling
me that standards, industry and not local, prohibit the installation.

He has yet to produce any documented industry standard so I
thought I would reach out to see if anyone here has heard of this.

We fall under NIST controls and I haven't found anything there and
have also looked at TIA and not found anything.


I've never heard of any industry standard preventing such a thing. 
There are a few questions this raises though. The first and most 
obvious being, are you sure that a "booster setup" will actually help? 
Have you done a site survey to figure out how to actually accomplish 
what you need to accomplish? The other question is whether perhaps the 
issue he has is with the specific "booster setup" chosen. Perhaps 
there's something naughty about it, in particular, that has caused him 
to not want it in his facility (cheap Chinese radios are known, for 
example, for polluting the spectrum outside of the frequencies that 
they are designed to operate within.) Maybe he has other folks doing 
legit RF stuff in there and doesn't want to risk that pollution?

Re: Antennas in the data center

[Andrew Latham]

I agree with Miles that this is more of an infiltration and or
ex-filtration of data issue. Can you firewall at the booster? Out of Band
management is tricky when LTE bandwidth is so high that one could export
large quantities of data.

On Thu, Jul 18, 2019 at 9:28 AM Miles Fidelman 
wrote:

> It's not quite clear what you mean by "NIST controls" - NIST publishes
> standards & guidelines, they don't regulate.
>
> Now, if you're running a Federal data center, or one for a government
> contractor - perhaps you're referring to "NIST Compliance" under FISMA (the
> Federal Information Security Management Act) - which involves compliance
> with a bunch of FIPS (Federal Information Processing Standards).  See
> https://csrc.nist.gov/topics/laws-and-regulations/laws/fisma &
> https://digitalguardian.com/blog/what-nist-compliance for some background.
>
> Now if I had to guess - I expect that there are some security standards
> that would prohibit placing an antenna inside a data center handling any
> kind of sensitive or classified data.
>
> If you have any systems, in the data center, that require security
> certification & accreditation, I expect your accreditation authority would
> be the person to talk to.  Or your information security officer.
> On 7/18/19 9:30 AM, Robert Webb wrote:
>
> So I have a situation where I am trying to get LTE to an out of band
> router and there is no signal available in the data center. There was a
> booster setup purchased and I have a manager telling me that standards,
> industry and not local, prohibit the installation.
>
> He has yet to produce any documented industry standard so I thought I
> would reach out to see if anyone here has heard of this.
>
> We fall under NIST controls and I haven't found anything there and have
> also looked at TIA and not found anything.
>
> Thanks...
>
> On Thu, Jul 18, 2019 at 9:09 AM Matt Harris  wrote:
>
>> On Thu, Jul 18, 2019 at 8:01 AM Robert Webb  wrote:
>>
>>> Anyone out there deal with data center design?
>>>
>>> Looking for any info available which provides guidelines on putting
>>> antennas, like LTE booster, in the data center.
>>>
>>
>> Not quite sure what you're looking for here Robert. As far as placing
>> something like an LTE booster in a data center, you'd just use common sense
>> (place it in the best possible place from a connectivity standpoint). Is
>> this something you're considering in order to provide service to folks who
>> run LTE backup connections on their gear (like serial concentrators)?
>> Wireless/RF site surveys and how to do them effectively are pretty
>> well-documented at this point.
>>
>> Or are you asking about roof access/deploying antennas on a rooftop
>> safely/securely?
>>
>> --
> In theory, there is no difference between theory and practice.
> In practice, there is.   Yogi Berra
>
> Theory is when you know everything but nothing works.
> Practice is when everything works but no one knows why.
> In our lab, theory and practice are combined:
> nothing works and no one knows why.  ... unknown
>
>

-- 
- Andrew "lathama" Latham -

Re: Antennas in the data center

[John Schiel]

On 7/18/19 7:54 AM, Robert Webb wrote:

Thanks for the info on the standards portion.

The booster configuration has been setup in a test scenario where the 
external antenna has been placed outside with line of site to the 
tower, less than a tenth of a mile away, with the feed cable run down 
a hallway indoors, the booster connected, and the indoor antenna 
connected (not in the data center though).


Test with LTE equipment, ie. cell phones, has brought the signal from 
barely a single bar of 1x to 4 bars of LTE with good speeds.


Manager has no issue with equipment purchased and has polled the other 
tenants in the same data center and they are also OK with it. He has 
just cited that there is some standard but has not been forthcoming 
with any documentation.


I figured if there was such a standard then someone here would 
probably have run across it at some time.



Is he denying on some industry "LTE" standard or some other data center 
or security standard?





I am getting the feeling this is just something he has heard or been 
told in the past and really doesn't know.




On Thu, Jul 18, 2019 at 9:35 AM Matt Harris > wrote:


On Thu, Jul 18, 2019 at 8:30 AM Robert Webb mailto:rwfireg...@gmail.com>> wrote:

So I have a situation where I am trying to get LTE to an out
of band router and there is no signal available in the data
center. There was a booster setup purchased and I have a
manager telling me that standards, industry and not local,
prohibit the installation.

He has yet to produce any documented industry standard so I
thought I would reach out to see if anyone here has heard of this.

We fall under NIST controls and I haven't found anything there
and have also looked at TIA and not found anything.


I've never heard of any industry standard preventing such a thing.
There are a few questions this raises though. The first and most
obvious being, are you sure that a "booster setup" will actually
help? Have you done a site survey to figure out how to actually
accomplish what you need to accomplish? The other question is
whether perhaps the issue he has is with the specific "booster
setup" chosen. Perhaps there's something naughty about it, in
particular, that has caused him to not want it in his facility
(cheap Chinese radios are known, for example, for polluting the
spectrum outside of the frequencies that they are designed to
operate within.) Maybe he has other folks doing legit RF stuff in
there and doesn't want to risk that pollution?

Re: Antennas in the data center

[Miles Fidelman]

It's not quite clear what you mean by "NIST controls" - NIST publishes 
standards & guidelines, they don't regulate.


Now, if you're running a Federal data center, or one for a government 
contractor - perhaps you're referring to "NIST Compliance" under FISMA 
(the Federal Information Security Management Act) - which involves 
compliance with a bunch of FIPS (Federal Information Processing 
Standards).  See 
https://csrc.nist.gov/topics/laws-and-regulations/laws/fisma & 
https://digitalguardian.com/blog/what-nist-compliance for some background.


Now if I had to guess - I expect that there are some security standards 
that would prohibit placing an antenna inside a data center handling any 
kind of sensitive or classified data.


If you have any systems, in the data center, that require security 
certification & accreditation, I expect your accreditation authority 
would be the person to talk to.  Or your information security officer.


On 7/18/19 9:30 AM, Robert Webb wrote:
So I have a situation where I am trying to get LTE to an out of band 
router and there is no signal available in the data center. There was 
a booster setup purchased and I have a manager telling me that 
standards, industry and not local, prohibit the installation.


He has yet to produce any documented industry standard so I thought I 
would reach out to see if anyone here has heard of this.


We fall under NIST controls and I haven't found anything there and 
have also looked at TIA and not found anything.


Thanks...

On Thu, Jul 18, 2019 at 9:09 AM Matt Harris > wrote:


On Thu, Jul 18, 2019 at 8:01 AM Robert Webb mailto:rwfireg...@gmail.com>> wrote:

Anyone out there deal with data center design?

Looking for any info available which provides guidelines on
putting antennas, like LTE booster, in the data center.


Not quite sure what you're looking for here Robert. As far as
placing something like an LTE booster in a data center, you'd just
use common sense (place it in the best possible place from a
connectivity standpoint). Is this something you're considering in
order to provide service to folks who run LTE backup connections
on their gear (like serial concentrators)? Wireless/RF site
surveys and how to do them effectively are pretty well-documented
at this point.

Or are you asking about roof access/deploying antennas on a
rooftop safely/securely?


--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: Antennas in the data center

[Seth Mattinen]

On 7/18/19 6:54 AM, Robert Webb wrote:


Manager has no issue with equipment purchased and has polled the other 
tenants in the same data center and they are also OK with it. He has 
just cited that there is some standard but has not been forthcoming with 
any documentation.





Never heard of such a "standard". Data centers usually either allow 
antennas or they don't as a policy of their own.

Re: Fiber providers - Englewood / Centennial Colorado

[Mike Hammett]

Depending on what you're trying to do, you might find some bits and pieces from 
Windstream, Crown Castle, UPN, and XO. They're all in that Englewood - 
Centennial area in different ways with different capabilities. 




- 
Mike Hammett 
Intelligent Computing Solutions 

Midwest Internet Exchange 

The Brothers WISP 

- Original Message -

From: "JASON BOTHE via NANOG"  
To: nanog@nanog.org 
Sent: Wednesday, July 17, 2019 6:10:42 PM 
Subject: Fiber providers - Englewood / Centennial Colorado 

Hi all 

Just curious if you know of any fiber providers other than CL or Zayo in the 
Englewood/Centennial area. Having a really tough time finding routes that avoid 
the Solarium at Quebec / E Orchard as well as 910 15th St. Seems there are so 
many single points of failure and collapsed routes that all lead to these two 
locations to get diverse long haul. 

Many thanks. 

J~ 

Re: Antennas in the data center

[Robert Webb]

Thanks for the info on the standards portion.

The booster configuration has been setup in a test scenario where the
external antenna has been placed outside with line of site to the tower,
less than a tenth of a mile away, with the feed cable run down a hallway
indoors, the booster connected, and the indoor antenna connected (not in
the data center though).

Test with LTE equipment, ie. cell phones, has brought the signal from
barely a single bar of 1x to 4 bars of LTE with good speeds.

Manager has no issue with equipment purchased and has polled the other
tenants in the same data center and they are also OK with it. He has just
cited that there is some standard but has not been forthcoming with any
documentation.

I figured if there was such a standard then someone here would probably
have run across it at some time.

I am getting the feeling this is just something he has heard or been told
in the past and really doesn't know.



On Thu, Jul 18, 2019 at 9:35 AM Matt Harris  wrote:

> On Thu, Jul 18, 2019 at 8:30 AM Robert Webb  wrote:
>
>> So I have a situation where I am trying to get LTE to an out of band
>> router and there is no signal available in the data center. There was a
>> booster setup purchased and I have a manager telling me that standards,
>> industry and not local, prohibit the installation.
>>
>> He has yet to produce any documented industry standard so I thought I
>> would reach out to see if anyone here has heard of this.
>>
>> We fall under NIST controls and I haven't found anything there and have
>> also looked at TIA and not found anything.
>>
>
> I've never heard of any industry standard preventing such a thing. There
> are a few questions this raises though. The first and most obvious being,
> are you sure that a "booster setup" will actually help? Have you done a
> site survey to figure out how to actually accomplish what you need to
> accomplish? The other question is whether perhaps the issue he has is with
> the specific "booster setup" chosen. Perhaps there's something naughty
> about it, in particular, that has caused him to not want it in his facility
> (cheap Chinese radios are known, for example, for polluting the spectrum
> outside of the frequencies that they are designed to operate within.) Maybe
> he has other folks doing legit RF stuff in there and doesn't want to risk
> that pollution?
>
>

Re: Antennas in the data center

[Matt Harris]

On Thu, Jul 18, 2019 at 8:30 AM Robert Webb  wrote:

> So I have a situation where I am trying to get LTE to an out of band
> router and there is no signal available in the data center. There was a
> booster setup purchased and I have a manager telling me that standards,
> industry and not local, prohibit the installation.
>
> He has yet to produce any documented industry standard so I thought I
> would reach out to see if anyone here has heard of this.
>
> We fall under NIST controls and I haven't found anything there and have
> also looked at TIA and not found anything.
>

I've never heard of any industry standard preventing such a thing. There
are a few questions this raises though. The first and most obvious being,
are you sure that a "booster setup" will actually help? Have you done a
site survey to figure out how to actually accomplish what you need to
accomplish? The other question is whether perhaps the issue he has is with
the specific "booster setup" chosen. Perhaps there's something naughty
about it, in particular, that has caused him to not want it in his facility
(cheap Chinese radios are known, for example, for polluting the spectrum
outside of the frequencies that they are designed to operate within.) Maybe
he has other folks doing legit RF stuff in there and doesn't want to risk
that pollution?

Re: Antennas in the data center

[Robert Webb]

So I have a situation where I am trying to get LTE to an out of band router
and there is no signal available in the data center. There was a booster
setup purchased and I have a manager telling me that standards, industry
and not local, prohibit the installation.

He has yet to produce any documented industry standard so I thought I would
reach out to see if anyone here has heard of this.

We fall under NIST controls and I haven't found anything there and have
also looked at TIA and not found anything.

Thanks...

On Thu, Jul 18, 2019 at 9:09 AM Matt Harris  wrote:

> On Thu, Jul 18, 2019 at 8:01 AM Robert Webb  wrote:
>
>> Anyone out there deal with data center design?
>>
>> Looking for any info available which provides guidelines on putting
>> antennas, like LTE booster, in the data center.
>>
>
> Not quite sure what you're looking for here Robert. As far as placing
> something like an LTE booster in a data center, you'd just use common sense
> (place it in the best possible place from a connectivity standpoint). Is
> this something you're considering in order to provide service to folks who
> run LTE backup connections on their gear (like serial concentrators)?
> Wireless/RF site surveys and how to do them effectively are pretty
> well-documented at this point.
>
> Or are you asking about roof access/deploying antennas on a rooftop
> safely/securely?
>
>

Re: Antennas in the data center

[Matt Harris]

On Thu, Jul 18, 2019 at 8:01 AM Robert Webb  wrote:

> Anyone out there deal with data center design?
>
> Looking for any info available which provides guidelines on putting
> antennas, like LTE booster, in the data center.
>

Not quite sure what you're looking for here Robert. As far as placing
something like an LTE booster in a data center, you'd just use common sense
(place it in the best possible place from a connectivity standpoint). Is
this something you're considering in order to provide service to folks who
run LTE backup connections on their gear (like serial concentrators)?
Wireless/RF site surveys and how to do them effectively are pretty
well-documented at this point.

Or are you asking about roof access/deploying antennas on a rooftop
safely/securely?

Antennas in the data center

[Robert Webb]

Anyone out there deal with data center design?

Looking for any info available which provides guidelines on putting
antennas, like LTE booster, in the data center.

Re: netstat -s

[J. Hellenthal via NANOG]

I know I have a few times after seeing SNMP bumps of errors but mainly just so 
I could get up to the moment error rates or stats.

Other than that though it’s a very minor usage IMO


-- 
 J. Hellenthal

The fact that there's a highway to Hell but only a stairway to Heaven says a 
lot about anticipated traffic volume.

> On Jul 17, 2019, at 19:55, Randy Bush  wrote:
> 
> do folk use `netstat -s` to help diagnose on routers/switches?
> 
> randy


smime.p7s
Description: S/MIME cryptographic signature

Re: Bgpmon alternatives?

[Hank Nussbacher]

On 18/07/2019 08:44, Töma Gavrichenkov wrote:

On Thu, Jul 18, 2019 at 3:16 AM TJ Trout  wrote:

Anyone know of a hosted alternative to bgpmon? I'm testing
Qrator but I can't determine if it will notify in real-time of a
prefix hijack?

Qrator guy there.
Real-time notifications are there but are only available on a
commercial basis, because basically real time is expensive to compute.
The rest is free.

--
Töma

What about once a day notification of BGP hijack?  Is that also 
expensive to compute?  I have an account and cannot find any 
documentation of realtime notifications nor its cost.  All I found was 
this - https://qrator.net/en/pricing .   Can you send links to the BGP 
hijack notification service and its cost?


Thanks,
-Hank

Re: Colo in Africa

[Denys Fedoryshchenko]

Africa, Russia...

You can take as example Lebanon.
Capital and major city in tiny country, ~40km away from each other, and 
only way you can get 2 points connected over microwaves(due mountains - 
several hops), over "licensed" providers, DSP, who hook this points for 
$10-$30/mbps/month. And many of them don't have support at evenings and 
weekend. Of course, due crappy electricity in country and economical 
situation, discharged batteries and outages at evening/night at 
"licensed" DSP sites - common case.
The laws of the country are so cool, that it is even forbidden to lay 
optics from the building standing next to other building, unless you are 
government monopoly (and they don't sell fiber connectivity).


In Africa, many people do not have electricity at all and cook on open 
fire, i imagine what difficulties they have with connectivity.
The last time when I worked with a team on study to invest in telecom in 
Africa - results discouraged even trying to engage in telecom subject 
there.
I think the only ones who are interested in decent connectivity there - 
mobile operators. Maybe worth to find connections and talk to them.



On 2019-07-17 20:16, Mark Tinka wrote:

On 17/Jul/19 17:04, Rod Beck wrote:


The cross continent connectivity is not going to be particularly
reliable. Prone to cuts due to wars and regional turmoil. And
imagine how it takes to repair problems at the physical layer.


I think that view is too myopic... you make it sound like Namibia,
Botswana, Zimbabwe and Zambia are at war. Just like all other
continents, unrest exists in some states, not all of them.

For the regions the OP is interested in, there isn't any conflict
there that would prevent him from deploying network.

Terrestrial connectivity is not a viable solution because:

* It costs too much.
* Different countries (even direct neighbors) do not share social,
economic or political values.
* Most of the available network is in the hands of incumbents,
typically controlled by the gubbermint.
* It costs too much.
* There isn't sufficient capacity to drive prices down when crossing
2 or more countries.
* It costs too much.
* Many markets are closed off and it's impossible to obtain licenses
to compete.
* It costs too much.
* Much of the network is old and has barely been upgraded.
* It costs too much.
* For those bold enough to build, the terrain in some parts is not a
walkover.

* It costs too much.

Mark.

Re: Colo in Africa

[Mark Tinka]

On 18/Jul/19 00:04, Rod Beck wrote:

> Circuits linking Asia & Europe via Siberia have proven highly
> unreliable. Repairs are long and difficult. And arguably Russia is a
> better case scenario than Africa. More politically stable. Better
> finances. Better basic infrastructure. 

Wasn't aware Russia was a continent...

Mark.