date:20200317




> On Mar 17, 2020, at 10:43 , Keith Medcalf  wrote:
> 
> 
> On Tuesday, 17 March, 2020 03:31, Mark Tinka  wrote:
> 
>> On 16/Mar/20 21:08, Owen DeLong wrote:
> 
>>> For up to date local information, check with the local public health
>>> authority in your jurisdiction. In the US, that will usually
>>> be your county public health agency. In some cases, individual
>>> municipalities also have public health departments.
> 
>> It's the price we pay for hyper-connectedness (not trying to coin a
>> phrase, hehe).
> 
>> Everybody (especially the kids) lives on their device 99% of the time.
>> If you're not on their device, you are not relevant to them.
> 
> If by "device" you mean "computer", then you are correct.
> 

I think “device” is correct because it encompasses computer, smart phone, 
tablet, e-reader, whatever else with a screen, some form of input device(s), 
and network connectivity.

Owen

Re: AT is suspending broadband data caps for home internet customers due to coronavirus

2020-03-17 Thread Dan White


On 03/17/20 19:25 +0100, Alexandre Petrescu wrote:


Le 17/03/2020 à 19:17, Dan White a écrit :

Things have been eerily quiet where we are (Oklahoma). We're an eyeball
network and have had no noticeable changes in bandwidth usage that 
couldn't

be explained by statistical noise.

We keep game planning more and more contingency scenarios, waiting 
to jump when needed, but things have just been unexpectedly normal.


Perhaps we're behind the game in impact. I'd be curious to hear about
networks that are "ahead of us", and what the impact has been.


I am not a sysadmin of a Network, but a few hours in advance.

The bad news: I can ask you how many cases in Oklahoma?

The good news: there is news about medication.


By "ahead of us", I'm hoping to glean some operational experience from
European, or networks in larger cities with a more impactful lock
down.

We seem to be going down the same lines of lock downs, and shelf clean
outs, just a few days/weeks behind what I've been seeing in the news.

I get nervous anytime I hear a school administrator or public official
blast out "or binge-watch your favorite shows on Netflix, and of course,
wash your hands a lot!"

Fortunately the health impact has been minimal here.

--
Dan White
Network Admin Lead

Re: COVID-19 vs. our Networks

2020-03-17 Thread Rich Kulawiec

On Tue, Mar 17, 2020 at 08:38:28AM -0700, Mike Bolitho wrote:
> Anybody who works in the healthcare vertical will tell you just how
> bad medical devices are to work with from an IT perspective.

Medical devices are appallingly bad to work with from an IT perspective.

They're designed and built to work in idealized environments that don't
exist, they make unduly optimistic assumptions, they completely fail to
account for hostile actors, and whenever possible they are gratuitously
incompatible to ensure vendor lock-in.

That's the good news.   Here's the bad news: in about 2-3 weeks, when
our health care systems are stretched to the breaking point, there will
be a window of opportunity for adversaries to maximize the damage.

---rsk

RE: COVID-19 vs. our Networks

2020-03-17 Thread Keith Medcalf

On Tuesday, 17 March, 2020 11:04, Mike Bolitho  wrote:

>>The answer is don't shove application traffic that has tight service
>>level requirements onto the public internet at large and expect the same
>>performance as private circuits or other SLA protected services.

>I keep seeing this over and over again in this long thread. What's your
>suggestion? How does a hospital, with dozens of third party
>applications/devices across multiple cloud platforms do this?

Do what everyone else that has "critical infrastructure" does.  Put a 
requirement in the RFP that the thing you want to buy must continue to operate 
even when totally isolated from the outside world.  And then do not select to 
purchase products that do not meet this requirement.

It is quite simple actually.  We do this all the time with great success.

--
The fact that there's a Highway to Hell but only a Stairway to Heaven says a 
lot about anticipated traffic volume.

Re: COVID-19 vs. our Networks



> On Mar 17, 2020, at 10:03 , Mike Bolitho  wrote:
> 
> >The answer is don't shove application traffic that has tight service level 
> >requirements onto the public internet at large and expect the same 
> >performance as private circuits or other SLA protected services.
> 
> I keep seeing this over and over again in this long thread. What's your 
> suggestion? How does a hospital, with dozens of third party 
> applications/devices across multiple cloud platforms do this?

Step one:
Consumers _AND_ especially mission critical consumers must start 
refusing to purchase devices which have inherent dependency on a vendor-cloud 
(or any cloud for that matter).

> We have two redundant private lines out of each hospital connecting back to 
> primary and DR DCs and a metro connecting everything together in each region. 
> But for things we do not own that are not hosted locally, what are we 
> supposed to do? We have to go out DIA to get there. Everything we own is 
> connected via fully SLAed private lines. We have zero issues there. I think 
> people vastly underestimate just how much in the healthcare vertical is 
> outside of a medical providers control/ownership.

Stop treating things you don’t own and things that aren’t hosted locally as 
“reliable” and make sure that they are not in the mission critical chain of 
urgent patient care.

Anything in the healthcare vertical that is outside of the medical providers 
control/ownership is a result of the medical provider buying into that model on 
some level. STOP DOING THAT.
(How am I suddenly reminded of the old adage “Doctor, doctor, it hurts when I 
do this!”…)

I understand how the allure of lower costs and the frustration of “every vendor 
does this, we can’t find one who doesn’t” plays out. However, the only way 
“every vendor does it” will continue is if every vendor continues to be able to 
make sales without changing.

Owen

> 
> - Mike Bolitho
> 
> 
> On Tue, Mar 17, 2020 at 9:54 AM Tom Beecher  wrote:
> The answer is don't shove application traffic that has tight service level 
> requirements onto the public internet at large and expect the same 
> performance as private circuits or other SLA protected services.
> 
> 
> 
> On Tue, Mar 17, 2020 at 11:40 AM Mike Bolitho  > wrote:
> If an x-ray machine won't work because the Internet is down, I'm not sure 
> that is responsible. As inefficient as it may be to have a license server 
> on-prem if there is an option to check against one in the public cloud, for a 
> medical use-case, that would make more sense to me.
> 
> Totally agree with you. Unfortunately it's not a problem with the medical 
> providers, it's a problem with the medical devices. Anybody who works in the 
> healthcare vertical will tell you just how bad medical devices are to work 
> with from an IT perspective. And that is part of my original comments.
> 
> In your case, I am not sure I have an answer for you, unfortunately. The 
> public Internet is what it is, mostly best-effort. Your applications and 
> use-cases certainly deserve better than that. I'm not sure how to achieve 
> that as your industry shoves more and more activity into the public Internet 
> domain, for one reason or another.  
> 
> I don't know what it's going to take either. A general shift in mentality 
> from the vendors we use I guess. I'm not sure how you get a bunch of medical 
> providers to tell these companies they need to fix their stuff. You can't 
> exactly use your wallet to force change either. There are only a handful of 
> vendor options out there so there isn't a ton of choice. It's not like you 
> can buy one of 50 different models of CT machines or EHR systems.
> 
> Generally speaking it's not an issue. It's just in crazy times like these 
> where, if congestion on the public internet gets too crazy, that certain 
> platforms might need to be deemed "unnecessary". Is playing Fortnight a 
> right? Is streaming a movie in 4K a right? In cases like San Francisco they 
> have decided that leaving your home for anything other than work or medical 
> care is no longer a right because you're now infringing on other's rights by 
> potentially getting them sick. Maybe 4K Netflix fits into that category if 
> you're causing problems for first responders and hospitals trying to save 
> lives.
> 
> 
> - Mike Bolitho
> 
> 
> On Tue, Mar 17, 2020 at 2:22 AM Mark Tinka  > wrote:
> 
> 
> On 16/Mar/20 16:54, Carsten Bormann wrote:
> 
> > I recently had to reschedule an X-ray because the license manager for the 
> > X-ray machine was acting up.  I don’t think people have a grasp for how 
> > much of the medical infrastructure no longer works when the Internet is 
> > down.
> 
> I get this, to some extent. But also, there is a reason hospitals,
> airports and military installations are either put on special power
> grids or invest plenty of money in backup power.
> 
> If an x-ray machine won't work

Re: COVID-19 vs. our Networks

Le 17/03/2020 à 19:26, Owen DeLong a écrit :

On Mar 17, 2020, at 02:41 , Alexandre Petrescu
mailto:alexandre.petre...@gmail.com>>
wrote:

On 16/Mar/20 21:08, Owen DeLong wrote:

This simply isn’t true…

Listen to qualified medical professionals, especially those who
specialize in infectious diseases and epidemiology.

YEs listen to them.

This morning they say: everyone can get it, there is no age or
pre-conditio.

They’ve always said “everyone can get it, there’s no age or
pre-condition”.

The age and pre-existing condition thing comes into play in defining
the probability that you will get a severe case of it. That advice
hasn’t changed.

Owen, we differ.

That advice changed.

I am not an immunologist, not a doctor of medicine, not medical.

I am not an official channel of information.

But that advice changed here: anyone can get it, anyone can get under
respiratory device because of it.

Also,

The good thing I heard today is China agency of press, saying they might
have treatment, some positive sign, not fully positive, just some positive.

Alex

---

https://www.cdc.gov/coronavirus/2019-nCoV/index.html

If You Are at Higher Risk

alert icon
Who is at higher risk?
Early information out of China, where COVID-19 first started, shows
that some people are at higher risk of getting very sick from this
illness. This includes:

* Older adults
* People who have serious chronic medical conditions like:
o Heart disease
o Diabetes

*
o Lung disease

Alex

That''s it. They dont know, and worse they dont say they dont know.

Actually, they do say they don’t know (about the things they don’t
know). For example:

https://www.cdc.gov/coronavirus/2019-ncov/prepare/transmission.html?CDC_AA_refVal=https%3A%2F%2Fwww.cdc.gov%2Fcoronavirus%2F2019-ncov%2Fabout%2Ftransmission.html

COVID-19 is a new disease and we are still learning how it spreads,
the severity of illness it causes, and to what extent it may spread in
the United States.

I am an engineer, I am not medical professional, my question is: is
there a device to detect the virus with the crown in the air and
light up a led?

No… No such device exists for Corona Virus at this time. Such a device
is not easily developed.

(we do have such devices for VOC, for CO2, PM2, PM10 pollution, and
many other things in the air; but about virus with a rcown?)

Detecting a virus in the air is much more complicated than detecting
VOC, CO2, PM2.5 (presumably what you meant by PM2), or PM10.

PM2.5 and PM10 are a simple size test. CO2 is a molecule that is easy
to detect through a simple electrochemical process. VOC are
a class of hydrocarbons that all share certain chemical properties
which are easily detected through a simple electrochemical process.

It should also be noted that such devices even for the chemicals they
can detect require a certain concentration of that chemical.

On the other hand, a single airborne virion can be enough to cause a
widespread epidemic. If that single virion is “lucky” enough to find
a compatible host cell and get the cell to start replicating it, then
you can quickly get lots more copies of that virion which then seek out

additional host cells and additional hosts to make even more, and so on.

Viruses are not. Viruses are very tiny intracellular parasites where
very subtle chemical differences cause massively different effects on
humans.

They consist of an RNA or DNA genome surrounded by a protective
virus-coded protein coat. More information here:
https://www.ncbi.nlm.nih.gov/books/NBK8174/

Currently, the best we can do is a test to detect coronavirus
infection in a person after they are infected and symptomatic.

So for now, stay indoors with your family and if you’ve got a sick
sense of humor like I do, play one or more of the Pandemic board games
(if you happen to own them).

Owen

Alex

The information on the CDC and WHO websites remains the primary source
of trustworthy information. It may be
incomplete, but if someone is contradicting something there, they’re
very likely to be wrong.

OTOH, anyone selling “survive COVID” or “cure COVID” etc. is
completely untrustworthy and guaranteed to be lying to
you in order to sell a product. Despicable, but common place.

There’s no authoritative way to get false information off the
internet, so we have to combat it as best we can with good
information and education. Even in my own household, this is a
constant battle as my GF continues to bring home
odd superstitious rumors and embellishments from a variety of
inaccurate sources and I constantly have to correct her
perspective.

For up to date local information, check with the local public health
authority in your jurisdiction. In the US, that will usually
be your county public health agency. In some cases, individual
municipalities also have public health departments.

It's the price we pay for hyper-connectedness

RE: COVID-19 vs. our Networks

2020-03-17 Thread Emille Blanc

> Why should there be a license server at all? Why should an X-ray machine have 
> an external dependency like that in the first place, even if it’s a local 
> server?

In a world where you can license device performance by the megabit/sec/day, or 
even have to purchase per-use factory reset keys since the manufacture has 
stripped product owners of that right too, this doesn't totally surprise me.

There would have to be a flip side to that coin - I would have to guess (read: 
guess) it's a 'n' x-rays/day to "cut costs to the end user." Great practice on 
paper for little guys, but beyond that...

-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Owen DeLong
Sent: Tuesday, March 17, 2020 11:06 AM
To: Mark Tinka
Cc: nanog@nanog.org
Subject: Re: COVID-19 vs. our Networks

> On Mar 17, 2020, at 02:20 , Mark Tinka  wrote:
> 
> 
> 
> On 16/Mar/20 16:54, Carsten Bormann wrote:
> 
>> I recently had to reschedule an X-ray because the license manager for the 
>> X-ray machine was acting up.  I don’t think people have a grasp for how much 
>> of the medical infrastructure no longer works when the Internet is down.
> 
> I get this, to some extent. But also, there is a reason hospitals,
> airports and military installations are either put on special power
> grids or invest plenty of money in backup power.

I don’t get this… X-Ray machines (and other critical medical equipment) should 
operate in a fail-safe mode where a license screw up doesn’t prevent the 
machine from operating.

If the hospital hasn’t paid up, find a way to go after the hospital, but don’t 
kill patients to collect your fee.

> If an x-ray machine won't work because the Internet is down, I'm not
> sure that is responsible. As inefficient as it may be to have a license
> server on-prem if there is an option to check against one in the public
> cloud, for a medical use-case, that would make more sense to me.

Why should there be a license server at all? Why should an X-ray machine have 
an external dependency like that in the first place, even if it’s a local 
server?

Owen

Re: COVID-19 vs. our Networks

2020-03-17 Thread Shane Ronan

 Because the hospitals don't own the machines and the companies that do,
charge the hospital per x-ray. The hospitals moved to this model to reduce
their costs during "quiet" periods. And by doing so, put their patients in
jeopardy.

On Tue, Mar 17, 2020, 2:07 PM Owen DeLong  wrote:

>
>
> > On Mar 17, 2020, at 02:20 , Mark Tinka  wrote:
> >
> >
> >
> > On 16/Mar/20 16:54, Carsten Bormann wrote:
> >
> >> I recently had to reschedule an X-ray because the license manager for
> the X-ray machine was acting up.  I don’t think people have a grasp for how
> much of the medical infrastructure no longer works when the Internet is
> down.
> >
> > I get this, to some extent. But also, there is a reason hospitals,
> > airports and military installations are either put on special power
> > grids or invest plenty of money in backup power.
>
> I don’t get this… X-Ray machines (and other critical medical equipment)
> should operate in a fail-safe mode where a license screw up doesn’t prevent
> the machine from operating.
>
> If the hospital hasn’t paid up, find a way to go after the hospital, but
> don’t kill patients to collect your fee.
>
> > If an x-ray machine won't work because the Internet is down, I'm not
> > sure that is responsible. As inefficient as it may be to have a license
> > server on-prem if there is an option to check against one in the public
> > cloud, for a medical use-case, that would make more sense to me.
>
> Why should there be a license server at all? Why should an X-ray machine
> have an external dependency like that in the first place, even if it’s a
> local server?
>
> Owen
>
>

Re: COVID-19 vs. our Networks

> On Mar 17, 2020, at 02:41 , Alexandre Petrescu  
> wrote:
> 
> 
>> On 16/Mar/20 21:08, Owen DeLong wrote:
>> 
>>> This simply isn’t true…
>>> 
>>> Listen to qualified medical professionals, especially those who
>>> specialize in infectious diseases and epidemiology.
> 
> YEs listen to them.
> 
> This morning they say: everyone can get it, there is no age or pre-conditio.

They’ve always said “everyone can get it, there’s no age or pre-condition”.

The age and pre-existing condition thing comes into play in defining the 
probability that you will get a severe case of it. That advice hasn’t changed.

https://www.cdc.gov/coronavirus/2019-nCoV/index.html

If You Are at Higher Risk
alert icon
Who is at higher risk?
Early information out of China, where COVID-19 first started, shows that some 
people are at higher risk of getting very sick from this illness. This includes:
Older adults
People who have serious chronic medical conditions like:
Heart disease
Diabetes
Lung disease
> That''s it.  They dont know, and worse they dont say they dont know.

Actually, they do say they don’t know (about the things they don’t know). For 
example:

https://www.cdc.gov/coronavirus/2019-ncov/prepare/transmission.html?CDC_AA_refVal=https%3A%2F%2Fwww.cdc.gov%2Fcoronavirus%2F2019-ncov%2Fabout%2Ftransmission.html

COVID-19 is a new disease and we are still learning how it spreads, the 
severity of illness it causes, and to what extent it may spread in the United 
States.

> 
> I am an engineer, I am not medical professional, my question is: is there a 
> device to detect the virus with the crown in the air and light up a led?

No… No such device exists for Corona Virus at this time. Such a device is not 
easily developed.

> (we do have such devices for VOC, for CO2, PM2, PM10 pollution, and many 
> other things in the air; but about virus with a rcown?)

Detecting a virus in the air is much more complicated than detecting VOC, CO2, 
PM2.5 (presumably what you meant by PM2), or PM10.

PM2.5 and PM10 are a simple size test. CO2 is a molecule that is easy to detect 
through a simple electrochemical process. VOC are
a class of hydrocarbons that all share certain chemical properties which are 
easily detected through a simple electrochemical process.

It should also be noted that such devices even for the chemicals they can 
detect require a certain concentration of that chemical.

On the other hand, a single airborne virion can be enough to cause a widespread 
epidemic. If that single virion is “lucky” enough to find
a compatible host cell and get the cell to start replicating it, then you can 
quickly get lots more copies of that virion which then seek out
additional host cells and additional hosts to make even more, and so on.

Viruses are not. Viruses are very tiny intracellular parasites where very 
subtle chemical differences cause massively different effects on humans.

They consist of an RNA or DNA genome surrounded by a protective virus-coded 
protein coat. More information here: https://www.ncbi.nlm.nih.gov/books/NBK8174/

Currently, the best we can do is a test to detect coronavirus infection in a 
person after they are infected and symptomatic.

So for now, stay indoors with your family and if you’ve got a sick sense of 
humor like I do, play one or more of the Pandemic board games (if you happen to 
own them).

Owen

> 
> Alex
> 
>>> 
>>> The information on the CDC and WHO websites remains the primary source
>>> of trustworthy information. It may be
>>> incomplete, but if someone is contradicting something there, they’re
>>> very likely to be wrong.
>>> 
>>> OTOH, anyone selling “survive COVID” or “cure COVID” etc. is
>>> completely untrustworthy and guaranteed to be lying to
>>> you in order to sell a product. Despicable, but common place.
>>> 
>>> There’s no authoritative way to get false information off the
>>> internet, so we have to combat it as best we can with good
>>> information and education. Even in my own household, this is a
>>> constant battle as my GF continues to bring home
>>> odd superstitious rumors and embellishments from a variety of
>>> inaccurate sources and I constantly have to correct her
>>> perspective.
>>> 
>>> For up to date local information, check with the local public health
>>> authority in your jurisdiction. In the US, that will usually
>>> be your county public health agency. In some cases, individual
>>> municipalities also have public health departments.
>> It's the price we pay for hyper-connectedness (not trying to coin a
>> phrase, hehe).
>> 
>> Everybody (especially the kids) lives on their device 99% of the time.
>> If you're not on their device, you are not relevant to them.
>> 
>> When was the last time you bought a newspaper? How many times do your
>> kids watch the news, either on TV or their device? But they are all over
>> WhatsApp, Instagram, Twitter, SnapChat, WeChat, et al. And even if they
>> have the "News" app on their phone, they probably have never opened it.

Re: AT is suspending broadband data caps for home internet customers due to coronavirus




Le 17/03/2020 à 19:17, Dan White a écrit :

Things have been eerily quiet where we are (Oklahoma). We're an eyeball
network and have had no noticeable changes in bandwidth usage that 
couldn't

be explained by statistical noise.

We keep game planning more and more contingency scenarios, waiting to 
jump

when needed, but things have just been unexpectedly normal.

Perhaps we're behind the game in impact. I'd be curious to hear about
networks that are "ahead of us", and what the impact has been.


I am not a sysadmin of a Network, but a few hours in advance.

The bad news: I can ask you how many cases in Oklahoma?

The good news: there is news about medication.

Alex



On 03/15/20 02:30 +, John van Oppen wrote:
We are seeing the peak spread out…   we carry mostly pacific 
northwest residential networks…  we are also seeing new, slightly 
higher evening peaks.


From: NANOG  On Behalf Of Rishi Singh
Sent: Friday, March 13, 2020 8:25 AM
To: Jared Mauch 
Cc: nanog@nanog.org
Subject: Re: AT is suspending broadband data caps for home internet 
customers due to coronavirus


Curious if anyone here (especially at CenturyLink / AT/ Comcast) 
has seen any graphs of network traffic over time and could share 
details (redacted of course due to the sensitivity). Would love to 
hear if/how capacity is constrained with more people working form home.


On Thu, Mar 12, 2020 at 4:36 PM Jared Mauch 
mailto:ja...@puck.nether.net>> wrote:
I do worry if the broadband networks have the capacity. WFH traffic 
is usually different from regular consumer traffic. My neighbors were 
telling me about the mandatory work from home they had today and how 
the VPN struggled to work.


To those upgrading those things, keep at it. You will get there.

Sent from my iCar

On Mar 12, 2020, at 6:29 PM, Sean Donelan 
mailto:s...@donelan.com>> wrote:



The first data cap waiver I've seen due to coronavirus.  I expect 
other ISPs to quickly follow.


https://www.vice.com/en_us/article/v74qzb/atandt-suspends-broadband-usage-caps-during-coronavirus-crisis 



AT is the first major ISP to confirm that it will be suspending 
all broadband usage caps as millions of Americans bunker down in a 
bid to slow the rate of COVID-19 expansion. Consumer groups and a 
coalition of Senators are now pressuring other ISPs to follow suit.

Re: AT is suspending broadband data caps for home internet customers due to coronavirus

2020-03-17 Thread Dan White


Things have been eerily quiet where we are (Oklahoma). We're an eyeball
network and have had no noticeable changes in bandwidth usage that couldn't
be explained by statistical noise.

We keep game planning more and more contingency scenarios, waiting to jump
when needed, but things have just been unexpectedly normal.

Perhaps we're behind the game in impact. I'd be curious to hear about
networks that are "ahead of us", and what the impact has been.

On 03/15/20 02:30 +, John van Oppen wrote:

We are seeing the peak spread out…   we carry mostly pacific northwest 
residential networks…  we are also seeing new, slightly higher evening peaks.

From: NANOG  On Behalf Of Rishi Singh
Sent: Friday, March 13, 2020 8:25 AM
To: Jared Mauch 
Cc: nanog@nanog.org
Subject: Re: AT is suspending broadband data caps for home internet customers 
due to coronavirus

Curious if anyone here (especially at CenturyLink / AT/ Comcast) has seen any 
graphs of network traffic over time and could share details (redacted of course due 
to the sensitivity). Would love to hear if/how capacity is constrained with more 
people working form home.

On Thu, Mar 12, 2020 at 4:36 PM Jared Mauch 
mailto:ja...@puck.nether.net>> wrote:
I do worry if the broadband networks have the capacity. WFH traffic is usually 
different from regular consumer traffic. My neighbors were telling me about the 
mandatory work from home they had today and how the VPN struggled to work.

To those upgrading those things, keep at it. You will get there.

Sent from my iCar


On Mar 12, 2020, at 6:29 PM, Sean Donelan 
mailto:s...@donelan.com>> wrote:


The first data cap waiver I've seen due to coronavirus.  I expect other ISPs to 
quickly follow.

https://www.vice.com/en_us/article/v74qzb/atandt-suspends-broadband-usage-caps-during-coronavirus-crisis

AT is the first major ISP to confirm that it will be suspending all broadband 
usage caps as millions of Americans bunker down in a bid to slow the rate of 
COVID-19 expansion. Consumer groups and a coalition of Senators are now pressuring 
other ISPs to follow suit.


--
Dan White
Network Admin Lead

Re: COVID-19 vs. our Networks

> On Mar 17, 2020, at 02:20 , Mark Tinka  wrote:
> 
> 
> 
> On 16/Mar/20 16:54, Carsten Bormann wrote:
> 
>> I recently had to reschedule an X-ray because the license manager for the 
>> X-ray machine was acting up.  I don’t think people have a grasp for how much 
>> of the medical infrastructure no longer works when the Internet is down.
> 
> I get this, to some extent. But also, there is a reason hospitals,
> airports and military installations are either put on special power
> grids or invest plenty of money in backup power.

I don’t get this… X-Ray machines (and other critical medical equipment) should 
operate in a fail-safe mode where a license screw up doesn’t prevent the 
machine from operating.

If the hospital hasn’t paid up, find a way to go after the hospital, but don’t 
kill patients to collect your fee.

> If an x-ray machine won't work because the Internet is down, I'm not
> sure that is responsible. As inefficient as it may be to have a license
> server on-prem if there is an option to check against one in the public
> cloud, for a medical use-case, that would make more sense to me.

Why should there be a license server at all? Why should an X-ray machine have 
an external dependency like that in the first place, even if it’s a local 
server?

Owen

Re: COVID-19 vs. our Networks




Le 17/03/2020 à 18:43, Keith Medcalf a écrit :

On Tuesday, 17 March, 2020 03:31, Mark Tinka  wrote:


On 16/Mar/20 21:08, Owen DeLong wrote:

For up to date local information, check with the local public health
authority in your jurisdiction. In the US, that will usually
be your county public health agency. In some cases, individual
municipalities also have public health departments.

It's the price we pay for hyper-connectedness (not trying to coin a
phrase, hehe).
Everybody (especially the kids) lives on their device 99% of the time.
If you're not on their device, you are not relevant to them.

If by "device" you mean "computer", then you are correct.


When was the last time you bought a newspaper?

Never in 57 years.


I buy newspaper every Saturday and every Tuesday since some time now.  
In addition to local news and The Economist, I include NYTimes 
International edition because thats the only USA thing in my very small 
local news stand in small city.  Different places in the world have 
different options for USA newspapers .


It might be that yesterday (a Tuesday) was the last time I could get 
that.  I hope not.


Alex




How many times do your kids watch the news, either on TV or their device?

Never because I don't have any.  But I don't either.  Babbling idiots don't do 
anything for me.

And before you ask, I get "important news" directly.  If the building next door falls 
over, I notice.  Otherwise I don't think there *IS* such a thing as *important news*, or I can only 
think of a couple of "important news" that have happened in my entire lifetime on one 
hand.  In no case was a babbling idiot or propaganda purveyor of any particular use.


But they are all over WhatsApp, Instagram, Twitter, SnapChat, WeChat, et al.

Never used any of those.  They are just hangouts for yet more babbling idiots.  
Some of them are even named appropriately -- like Twitter -- which as I 
understand it is the place where all the twits congregate.


And even if they have the "News" app on their phone, they probably have never 
opened it.
If they opened it, they didn't find value in it.

Correct.  No value there.  Just more babbling idiots.


On average, the we (and the kids) will give your app two tries; if we
don't like it, you're out - which explains why we all have 3,000 apps on
our phones, but only use 2 or 3 of them most consistently.

I have an e-mail app on my phone that is connected to my (not someone else's) e-mail 
server that handles e-mail, contacts, and calendaring in a distributed fashion that is 
the same on every "device" I own.  If a device will not work with my e-mail 
server, does not function as I need it to function, or is not safe and secure to my 
requirements, I do not buy that device (that means that the list of devices that I refuse 
to buy and will not permit in the same room as me is VERY VERY VERY long).  Most of the 
other rubbish has been banished because it is nothing more than yet more piles of 
babbling idiots.


Whoever wants to get professional and verified information out (to the
kids who live on their devices) needs to find a way to do so in a manner
we find relevant, otherwise we'll simply keep trading mis-information
for whatever reason we feel gives us value.

Send e-mail.  Or provide an e-mail list.  I will not fiddle faddle with going 
to websites chock full of malicious websites nor will I let any Tom Dickhead 
send their malicious crap to me.  By the time the malicious crap infestation is 
filtered out, there is nothing left.

Then again I am an old fart.

Re: COVID-19 vs. our Networks

2020-03-17 Thread Mike Bolitho

>You're facing essentially the same issue as many in non-healthcare do ;
how to best talk to applications in Magic Cloud Land. Reaching the major
cloud providers does not require DIA ; they all have presences on the major
IXes, and direct peering could be an option too depending on your needs and
traffic.

I totally agree and 99.999% of the time, congestion on the Internet is a
nuisance, not a critical problem. I'm not sitting here complaining that my
public internet circuits don't have SLAs or that we run into some packet
loss and latency here and there under normal operations. That's obviously
to be expected. But this whole topic is around what to do when a once in a
lifetime pandemic hits and we're faced with unseen levels of congestion
across the country's infrastructure. I mean the thread is titled COVID-19
Vs Our Networks. That's why I brought up the possible application of TSP to
tell some of the big CDNs that maybe they should limit 4K streaming or big
DLCs during a pandemic. That's it. And yet I'm getting chastised (not
necessarily by you) for suggesting that hospitals, governments, water
treatment plants, power plants, first responders, etc are actually more
important during times like this.

- Mike Bolitho

On Tue, Mar 17, 2020 at 10:35 AM Tom Beecher  wrote:

> You're facing essentially the same issue as many in non-healthcare do ;
> how to best talk to applications in Magic Cloud Land. Reaching the major
> cloud providers does not require DIA ; they all have presences on the major
> IXes, and direct peering could be an option too depending on your needs and
> traffic.
>
> I don't mean to be dismissive of the issues you face, I apologize if
> that's how it comes off. What you describe is certainly challenging, but I
> think that you will have better success with some of the options that are
> out there already than hoping for any resolution of intermittent congestion
> issues in the wild west of the DFZ.
>
> On Tue, Mar 17, 2020 at 1:03 PM Mike Bolitho 
> wrote:
>
>> >The answer is don't shove application traffic that has tight service
>> level requirements onto the public internet at large and expect the same
>> performance as private circuits or other SLA protected services.
>>
>> I keep seeing this over and over again in this long thread. What's your
>> suggestion? How does a hospital, with dozens of third party
>> applications/devices across multiple cloud platforms do this?
>>
>> We have two redundant private lines out of each hospital connecting back
>> to primary and DR DCs and a metro connecting everything together in each
>> region. But for things we do not own that are not hosted locally, what are
>> we supposed to do? We have to go out DIA to get there. Everything we own is
>> connected via fully SLAed private lines. We have zero issues there. I think
>> people vastly underestimate just how much in the healthcare vertical is
>> outside of a medical providers control/ownership.
>>
>> - Mike Bolitho
>>
>>
>> On Tue, Mar 17, 2020 at 9:54 AM Tom Beecher  wrote:
>>
>>> The answer is don't shove application traffic that has tight service
>>> level requirements onto the public internet at large and expect the same
>>> performance as private circuits or other SLA protected services.
>>>
>>>
>>>
>>> On Tue, Mar 17, 2020 at 11:40 AM Mike Bolitho 
>>> wrote:
>>>
 If an x-ray machine won't work because the Internet is down, I'm not sure
> that is responsible. As inefficient as it may be to have a license server
> on-prem if there is an option to check against one in the public cloud,
> for a medical use-case, that would make more sense to me.

 Totally agree with you. Unfortunately it's not a problem with the
 medical providers, it's a problem with the medical devices. Anybody who
 works in the healthcare vertical will tell you just how bad medical devices
 are to work with from an IT perspective. And that is part of my
 original comments.

 In your case, I am not sure I have an answer for you, unfortunately.
> The public Internet is what it is, mostly best-effort. Your applications
> and use-cases certainly deserve better than that. I'm not sure how to
> achieve that as your industry shoves more and more activity into the 
> public
> Internet domain, for one reason or another.

 I don't know what it's going to take either. A general shift in
 mentality from the vendors we use I guess. I'm not sure how you get a bunch
 of medical providers to tell these companies they need to fix their stuff.
 You can't exactly use your wallet to force change either. There are only a
 handful of vendor options out there so there isn't a ton of choice. It's
 not like you can buy one of 50 different models of CT machines or EHR
 systems.

 Generally speaking it's not an issue. It's just in crazy times like
 these where, if congestion on the public internet gets too crazy, that
 certain

RE: COVID-19 vs. our Networks

2020-03-17 Thread Keith Medcalf

On Tuesday, 17 March, 2020 03:31, Mark Tinka  wrote:

>On 16/Mar/20 21:08, Owen DeLong wrote:

>> For up to date local information, check with the local public health
>> authority in your jurisdiction. In the US, that will usually
>> be your county public health agency. In some cases, individual
>> municipalities also have public health departments.

>It's the price we pay for hyper-connectedness (not trying to coin a
>phrase, hehe).

>Everybody (especially the kids) lives on their device 99% of the time.
>If you're not on their device, you are not relevant to them.

If by "device" you mean "computer", then you are correct.

>When was the last time you bought a newspaper?

Never in 57 years.

>How many times do your kids watch the news, either on TV or their device?

Never because I don't have any.  But I don't either.  Babbling idiots don't do 
anything for me.

And before you ask, I get "important news" directly.  If the building next door 
falls over, I notice.  Otherwise I don't think there *IS* such a thing as 
*important news*, or I can only think of a couple of "important news" that have 
happened in my entire lifetime on one hand.  In no case was a babbling idiot or 
propaganda purveyor of any particular use.

>But they are all over WhatsApp, Instagram, Twitter, SnapChat, WeChat, et al.

Never used any of those.  They are just hangouts for yet more babbling idiots.  
Some of them are even named appropriately -- like Twitter -- which as I 
understand it is the place where all the twits congregate.

>And even if they have the "News" app on their phone, they probably have never 
>opened it.
>If they opened it, they didn't find value in it.

Correct.  No value there.  Just more babbling idiots.

>On average, the we (and the kids) will give your app two tries; if we
>don't like it, you're out - which explains why we all have 3,000 apps on
>our phones, but only use 2 or 3 of them most consistently.

I have an e-mail app on my phone that is connected to my (not someone else's) 
e-mail server that handles e-mail, contacts, and calendaring in a distributed 
fashion that is the same on every "device" I own.  If a device will not work 
with my e-mail server, does not function as I need it to function, or is not 
safe and secure to my requirements, I do not buy that device (that means that 
the list of devices that I refuse to buy and will not permit in the same room 
as me is VERY VERY VERY long).  Most of the other rubbish has been banished 
because it is nothing more than yet more piles of babbling idiots.

>Whoever wants to get professional and verified information out (to the
>kids who live on their devices) needs to find a way to do so in a manner
>we find relevant, otherwise we'll simply keep trading mis-information
>for whatever reason we feel gives us value.

Send e-mail.  Or provide an e-mail list.  I will not fiddle faddle with going 
to websites chock full of malicious websites nor will I let any Tom Dickhead 
send their malicious crap to me.  By the time the malicious crap infestation is 
filtered out, there is nothing left.

Then again I am an old fart.

--
The fact that there's a Highway to Hell but only a Stairway to Heaven says a 
lot about anticipated traffic volume.

Re: Quagga for production?

2020-03-17 Thread Jens Link

Dmitry Sherman  writes:

> Hello,
>
> Anybody working with Quagga for production peering with multiple peers
> and dynamic eBGP/iBGP announcement?

https://frrouting.org/ is a quagga fork and most (all) developers of
quagga mode to frr.

Jens, using frr for quite some time now without any problems
-- 

| Delbrueckstr. 41| 12051 Berlin, Germany   | +49-151-18721264 |
| http://blog.quux.de | jabber: jensl...@quux.de| ---  |

Re: DHS letters for fuel and facility access


At my work place there is enough generators, fuel generators.

There is enough time to power things down properly.

The IT infra seems to be working ok, although some remote workers 
complain about a few things about VPN.


There is however worry that the IT infra might not keep up, or that not 
all employees might have access to emails.  To address that, they have 
built a website facing to the Internet with internal announcement info 
to employees. They have also created a registry where the employees 
record their external email addresses so we receive internal 
announcements but on external email addresses, a thing which was more or 
less prohibited in normal times by IT policy.


The internal emergency phone number (two digit phone number only 
available to internals only by landline) has just been shut down.  The 
info circulated announcing it so.  IT is standard procedure in case of 
issues.


My desk voicemail is still active and I can consult it remotely, but not 
sure for how long.  The re-start of desk power typically resets the 
phone and I lose voicemail forever.  I expect that re-start of desk 
power in a few weeks or so, part of standard procedure to re-start power 
routinely.  But I dont expect me to go to my desk any time since now in 
one month to press the button on the phone to set the voicemail active.


Alex

Le 17/03/2020 à 18:21, Hiers, David a écrit :

Good reminder to test, test, test...


-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Warren Kumari
Sent: Tuesday, March 17, 2020 10:08 AM
To: Paul Nash 
Cc: Untitled 3 
Subject: Re: DHS letters for fuel and facility access

On Tue, Mar 17, 2020 at 12:44 PM Paul Nash  wrote:

September 2001.  Just after the 9/11 attacks, all of lower Manhattan was shut 
down.  Out link (IIRC) was to a satellite farm on Staten island, across the bay 
to 60 Hudson.  Power went off, diesels kicked in, fuel trucks was not allowed 
in, and a few days later we lost all international connectivity.

We had some interesting failures during 9/11 as well -- for some reason, the 
UPS didn't kick in, so everything went down - and then came back a few minutes 
later as the generators came online -- and then went down again ~2 hours later 
-- turns out that the genset air filters got clogged with dust, and suffocated 
the diesel.
This was "fixed" a few days later by brushing them off with brooms and 
paintbrushes -- by this point they had completely discharged the 24V starter batteries, 
and so someone (not me!) had to lug a pair of car batteries and jumper cables. They 
restarted, and ran for a while, and then stopped again.

It turns out that getting a permit to store lots of diesel on the roof is hard 
(fair enough), and so there was only a small holding tank on the roof, and the 
primary tanks were in the basement -- and the transfer pump from the basement 
to roof storage was not, as we had been told, on generator power

We had specified that the transfer pump be on the generator feed, there was a schematic 
showing at is being on the generator feed, there was even a breaker with a cable marked  
"Transfer Pump (HP4,5)" --- but it turned out to just be a ~3ft piece of cable 
stuffed into a conduit, and not actually, you know, running all the way down to the 
basement and connected to the transfer pump.

W




Lots of important people lost power as well, so the feds decided to let the 
diesel tankers in after a few days’ deliberations.

 paul


On Mar 17, 2020, at 11:21 AM, Mark Tinka  wrote:



On 17/Mar/20 17:15, Paul Nash wrote:


That same fuel shortage killed all Internet traffic to sub-Saharan Africa.  
Took us a while to figure out what was wrong with the satellite link to the US.

What year was that :-)?

Mark.


--
I don't think the execution is relevant when it was obviously a bad idea in the 
first place.
This is like putting rabid weasels in your pants, and later expressing regret 
at having chosen those particular rabid weasels and that pair of pants.
---maf

--
This message and any attachments are intended only for the use of the addressee 
and may contain information that is privileged and confidential. If the reader 
of the message is not the intended recipient or an authorized representative of 
the intended recipient, you are hereby notified that any dissemination of this 
communication is strictly prohibited. If you have received this communication 
in error, notify the sender immediately by return email and delete the message 
and any attachments from your system.

Re: COVID-19 vs. our Networks

2020-03-17 Thread Tom Beecher

You're facing essentially the same issue as many in non-healthcare do ; how
to best talk to applications in Magic Cloud Land. Reaching the major cloud
providers does not require DIA ; they all have presences on the major IXes,
and direct peering could be an option too depending on your needs and
traffic.

I don't mean to be dismissive of the issues you face, I apologize if that's
how it comes off. What you describe is certainly challenging, but I think
that you will have better success with some of the options that are out
there already than hoping for any resolution of intermittent congestion
issues in the wild west of the DFZ.

On Tue, Mar 17, 2020 at 1:03 PM Mike Bolitho  wrote:

> >The answer is don't shove application traffic that has tight service
> level requirements onto the public internet at large and expect the same
> performance as private circuits or other SLA protected services.
>
> I keep seeing this over and over again in this long thread. What's your
> suggestion? How does a hospital, with dozens of third party
> applications/devices across multiple cloud platforms do this?
>
> We have two redundant private lines out of each hospital connecting back
> to primary and DR DCs and a metro connecting everything together in each
> region. But for things we do not own that are not hosted locally, what are
> we supposed to do? We have to go out DIA to get there. Everything we own is
> connected via fully SLAed private lines. We have zero issues there. I think
> people vastly underestimate just how much in the healthcare vertical is
> outside of a medical providers control/ownership.
>
> - Mike Bolitho
>
>
> On Tue, Mar 17, 2020 at 9:54 AM Tom Beecher  wrote:
>
>> The answer is don't shove application traffic that has tight service
>> level requirements onto the public internet at large and expect the same
>> performance as private circuits or other SLA protected services.
>>
>>
>>
>> On Tue, Mar 17, 2020 at 11:40 AM Mike Bolitho 
>> wrote:
>>
>>> If an x-ray machine won't work because the Internet is down, I'm not sure
 that is responsible. As inefficient as it may be to have a license server
 on-prem if there is an option to check against one in the public cloud,
 for a medical use-case, that would make more sense to me.
>>>
>>>
>>> Totally agree with you. Unfortunately it's not a problem with the
>>> medical providers, it's a problem with the medical devices. Anybody who
>>> works in the healthcare vertical will tell you just how bad medical devices
>>> are to work with from an IT perspective. And that is part of my
>>> original comments.
>>>
>>> In your case, I am not sure I have an answer for you, unfortunately. The
 public Internet is what it is, mostly best-effort. Your applications and
 use-cases certainly deserve better than that. I'm not sure how to achieve
 that as your industry shoves more and more activity into the public
 Internet domain, for one reason or another.
>>>
>>>
>>> I don't know what it's going to take either. A general shift in
>>> mentality from the vendors we use I guess. I'm not sure how you get a bunch
>>> of medical providers to tell these companies they need to fix their stuff.
>>> You can't exactly use your wallet to force change either. There are only a
>>> handful of vendor options out there so there isn't a ton of choice. It's
>>> not like you can buy one of 50 different models of CT machines or EHR
>>> systems.
>>>
>>> Generally speaking it's not an issue. It's just in crazy times like
>>> these where, if congestion on the public internet gets too crazy, that
>>> certain platforms might need to be deemed "unnecessary". Is playing
>>> Fortnight a right? Is streaming a movie in 4K a right? In cases like San
>>> Francisco they have decided that leaving your home for anything other than
>>> work or medical care is no longer a right because you're now infringing on
>>> other's rights by potentially getting them sick. Maybe 4K Netflix fits into
>>> that category if you're causing problems for first responders and hospitals
>>> trying to save lives.
>>>
>>>
>>> - Mike Bolitho
>>>
>>>
>>> On Tue, Mar 17, 2020 at 2:22 AM Mark Tinka  wrote:
>>>


 On 16/Mar/20 16:54, Carsten Bormann wrote:

 > I recently had to reschedule an X-ray because the license manager for
 the X-ray machine was acting up.  I don’t think people have a grasp for how
 much of the medical infrastructure no longer works when the Internet is
 down.

 I get this, to some extent. But also, there is a reason hospitals,
 airports and military installations are either put on special power
 grids or invest plenty of money in backup power.

 If an x-ray machine won't work because the Internet is down, I'm not
 sure that is responsible. As inefficient as it may be to have a license
 server on-prem if there is an option to check against one in the public
 cloud, for a medical use-case, that would make more sense to

Re: DHS letters for fuel and facility access

2020-03-17 Thread Warren Kumari

On Tue, Mar 17, 2020 at 1:21 PM Hiers, David  wrote:
>
> Good reminder to test, test, test...

Indeed -- and we had tested, multiple times. Unfortunately, the only
realistic way we would have found this would have been to kill power
to the building and run on generators for many hours, and then,
likely, we would only have discovered it when the gensets ran out of
power and fell over. IIRC, there is (or was) some noise and pollution
regulations in NYC where you could only run generators for short
periods of time (30min?) unless it was an actual emergency. I also
seem to remember something about having to test at night, probably
also for noise...

But, yes, regular testing is clearly a good practice - but so is
having a good BCP/DR plan (which you also test :-)
W


>
>
> -Original Message-
> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Warren Kumari
> Sent: Tuesday, March 17, 2020 10:08 AM
> To: Paul Nash 
> Cc: Untitled 3 
> Subject: Re: DHS letters for fuel and facility access
>
> On Tue, Mar 17, 2020 at 12:44 PM Paul Nash  wrote:
> >
> > September 2001.  Just after the 9/11 attacks, all of lower Manhattan was 
> > shut down.  Out link (IIRC) was to a satellite farm on Staten island, 
> > across the bay to 60 Hudson.  Power went off, diesels kicked in, fuel 
> > trucks was not allowed in, and a few days later we lost all international 
> > connectivity.
>
> We had some interesting failures during 9/11 as well -- for some reason, the 
> UPS didn't kick in, so everything went down - and then came back a few 
> minutes later as the generators came online -- and then went down again ~2 
> hours later -- turns out that the genset air filters got clogged with dust, 
> and suffocated the diesel.
> This was "fixed" a few days later by brushing them off with brooms and 
> paintbrushes -- by this point they had completely discharged the 24V starter 
> batteries, and so someone (not me!) had to lug a pair of car batteries and 
> jumper cables. They restarted, and ran for a while, and then stopped again.
>
> It turns out that getting a permit to store lots of diesel on the roof is 
> hard (fair enough), and so there was only a small holding tank on the roof, 
> and the primary tanks were in the basement -- and the transfer pump from the 
> basement to roof storage was not, as we had been told, on generator power
>
> We had specified that the transfer pump be on the generator feed, there was a 
> schematic showing at is being on the generator feed, there was even a breaker 
> with a cable marked  "Transfer Pump (HP4,5)" --- but it turned out to just be 
> a ~3ft piece of cable stuffed into a conduit, and not actually, you know, 
> running all the way down to the basement and connected to the transfer pump.
>
> W
>
>
>
> >
> > Lots of important people lost power as well, so the feds decided to let the 
> > diesel tankers in after a few days’ deliberations.
> >
> > paul
> >
> > > On Mar 17, 2020, at 11:21 AM, Mark Tinka  wrote:
> > >
> > >
> > >
> > > On 17/Mar/20 17:15, Paul Nash wrote:
> > >
> > >> That same fuel shortage killed all Internet traffic to sub-Saharan 
> > >> Africa.  Took us a while to figure out what was wrong with the satellite 
> > >> link to the US.
> > >
> > > What year was that :-)?
> > >
> > > Mark.
> >
>
>
> --
> I don't think the execution is relevant when it was obviously a bad idea in 
> the first place.
> This is like putting rabid weasels in your pants, and later expressing regret 
> at having chosen those particular rabid weasels and that pair of pants.
>---maf
>
> --
> This message and any attachments are intended only for the use of the 
> addressee and may contain information that is privileged and confidential. If 
> the reader of the message is not the intended recipient or an authorized 
> representative of the intended recipient, you are hereby notified that any 
> dissemination of this communication is strictly prohibited. If you have 
> received this communication in error, notify the sender immediately by return 
> email and delete the message and any attachments from your system.



-- 
I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.
   ---maf

Power outage LA 600 W 7th - TELX

2020-03-17 Thread A. Pishdadi

Greetings,


We got an email last night after some alerts from monitoring system. Power
on the B UPS feed has been offline till this second and going.

Apparently they can not bypass UPS and put the load on the generator. Which
is crazy in itself being that it's a data center..

Luckily we have everything on redundant power.

Does anyone from DRT or Telx subscribe here that can look into this more
for me? Message me off list if possible.


Thanks
AP

RE: DHS letters for fuel and facility access

2020-03-17 Thread Hiers, David

Good reminder to test, test, test...


-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Warren Kumari
Sent: Tuesday, March 17, 2020 10:08 AM
To: Paul Nash 
Cc: Untitled 3 
Subject: Re: DHS letters for fuel and facility access

On Tue, Mar 17, 2020 at 12:44 PM Paul Nash  wrote:
>
> September 2001.  Just after the 9/11 attacks, all of lower Manhattan was shut 
> down.  Out link (IIRC) was to a satellite farm on Staten island, across the 
> bay to 60 Hudson.  Power went off, diesels kicked in, fuel trucks was not 
> allowed in, and a few days later we lost all international connectivity.

We had some interesting failures during 9/11 as well -- for some reason, the 
UPS didn't kick in, so everything went down - and then came back a few minutes 
later as the generators came online -- and then went down again ~2 hours later 
-- turns out that the genset air filters got clogged with dust, and suffocated 
the diesel.
This was "fixed" a few days later by brushing them off with brooms and 
paintbrushes -- by this point they had completely discharged the 24V starter 
batteries, and so someone (not me!) had to lug a pair of car batteries and 
jumper cables. They restarted, and ran for a while, and then stopped again.

It turns out that getting a permit to store lots of diesel on the roof is hard 
(fair enough), and so there was only a small holding tank on the roof, and the 
primary tanks were in the basement -- and the transfer pump from the basement 
to roof storage was not, as we had been told, on generator power

We had specified that the transfer pump be on the generator feed, there was a 
schematic showing at is being on the generator feed, there was even a breaker 
with a cable marked  "Transfer Pump (HP4,5)" --- but it turned out to just be a 
~3ft piece of cable stuffed into a conduit, and not actually, you know, running 
all the way down to the basement and connected to the transfer pump.

W



>
> Lots of important people lost power as well, so the feds decided to let the 
> diesel tankers in after a few days’ deliberations.
>
> paul
>
> > On Mar 17, 2020, at 11:21 AM, Mark Tinka  wrote:
> >
> >
> >
> > On 17/Mar/20 17:15, Paul Nash wrote:
> >
> >> That same fuel shortage killed all Internet traffic to sub-Saharan Africa. 
> >>  Took us a while to figure out what was wrong with the satellite link to 
> >> the US.
> >
> > What year was that :-)?
> >
> > Mark.
>


--
I don't think the execution is relevant when it was obviously a bad idea in the 
first place.
This is like putting rabid weasels in your pants, and later expressing regret 
at having chosen those particular rabid weasels and that pair of pants.
   ---maf

--
This message and any attachments are intended only for the use of the addressee 
and may contain information that is privileged and confidential. If the reader 
of the message is not the intended recipient or an authorized representative of 
the intended recipient, you are hereby notified that any dissemination of this 
communication is strictly prohibited. If you have received this communication 
in error, notify the sender immediately by return email and delete the message 
and any attachments from your system.

RE: Quagga for production?

2020-03-17 Thread Hiers, David

Quagga is built into one of our core products, works great.   That particular 
vendor a sponsor of frr, and is replacing quagga with frr soon.

Maybe look at the vendor/partner list for quagga and frr, and decide which 
project has better long-term prospects.

David


From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Nathan Brookfield
Sent: Sunday, February 23, 2020 4:41 AM
To: Dmitry Sherman 
Cc: nanog@nanog.org
Subject: Re: Quagga for production?

Hi Mate,

Yep on and off for about 15 years, very solid, very reliable.  I tend to use 
Bird this hmorning we rays for this task but Zebra and Quagga are rock solid.
Kindest Regards,


Nathan Brookfield (VK2NAB)
Simtronic Technologies Pty Ltd



On 23 Feb 2020, at 23:29, Dmitry Sherman 
mailto:dmi...@interhost.net>> wrote:


Hello,

Anybody working with Quagga for production peering with multiple peers and 
dynamic eBGP/iBGP announcement?



Thanks.

Dmitry


--
This message and any attachments are intended only for the use of the addressee 
and may contain information that is privileged and confidential. If the reader 
of the message is not the intended recipient or an authorized representative of 
the intended recipient, you are hereby notified that any dissemination of this 
communication is strictly prohibited. If you have received this communication 
in error, notify the sender immediately by return email and delete the message 
and any attachments from your system.

Re: DHS letters for fuel and facility access

2020-03-17 Thread Warren Kumari

On Tue, Mar 17, 2020 at 12:44 PM Paul Nash  wrote:
>
> September 2001.  Just after the 9/11 attacks, all of lower Manhattan was shut 
> down.  Out link (IIRC) was to a satellite farm on Staten island, across the 
> bay to 60 Hudson.  Power went off, diesels kicked in, fuel trucks was not 
> allowed in, and a few days later we lost all international connectivity.

We had some interesting failures during 9/11 as well -- for some
reason, the UPS didn't kick in, so everything went down - and then
came back a few minutes later as the generators came online -- and
then went down again ~2 hours later -- turns out that the genset air
filters got clogged with dust, and suffocated the diesel.
This was "fixed" a few days later by brushing them off with brooms and
paintbrushes -- by this point they had completely discharged the 24V
starter batteries, and so someone (not me!) had to lug a pair of car
batteries and jumper cables. They restarted, and ran for a while, and
then stopped again.

It turns out that getting a permit to store lots of diesel on the roof
is hard (fair enough), and so there was only a small holding tank on
the roof, and the primary tanks were in the basement -- and the
transfer pump from the basement to roof storage was not, as we had
been told, on generator power

We had specified that the transfer pump be on the generator feed,
there was a schematic showing at is being on the generator feed, there
was even a breaker with a cable marked  "Transfer Pump (HP4,5)" ---
but it turned out to just be a ~3ft piece of cable stuffed into a
conduit, and not actually, you know, running all the way down to the
basement and connected to the transfer pump.

W

>
> Lots of important people lost power as well, so the feds decided to let the 
> diesel tankers in after a few days’ deliberations.
>
> paul
>
> > On Mar 17, 2020, at 11:21 AM, Mark Tinka  wrote:
> >
> >
> >
> > On 17/Mar/20 17:15, Paul Nash wrote:
> >
> >> That same fuel shortage killed all Internet traffic to sub-Saharan Africa. 
> >>  Took us a while to figure out what was wrong with the satellite link to 
> >> the US.
> >
> > What year was that :-)?
> >
> > Mark.
>

-- 
I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.
   ---maf

Re: COVID-19 vs. our Networks

2020-03-17 Thread Mike Bolitho

>The answer is don't shove application traffic that has tight service level
requirements onto the public internet at large and expect the same
performance as private circuits or other SLA protected services.

I keep seeing this over and over again in this long thread. What's your
suggestion? How does a hospital, with dozens of third party
applications/devices across multiple cloud platforms do this?

We have two redundant private lines out of each hospital connecting back to
primary and DR DCs and a metro connecting everything together in each
region. But for things we do not own that are not hosted locally, what are
we supposed to do? We have to go out DIA to get there. Everything we own is
connected via fully SLAed private lines. We have zero issues there. I think
people vastly underestimate just how much in the healthcare vertical is
outside of a medical providers control/ownership.

- Mike Bolitho


On Tue, Mar 17, 2020 at 9:54 AM Tom Beecher  wrote:

> The answer is don't shove application traffic that has tight service level
> requirements onto the public internet at large and expect the same
> performance as private circuits or other SLA protected services.
>
>
>
> On Tue, Mar 17, 2020 at 11:40 AM Mike Bolitho 
> wrote:
>
>> If an x-ray machine won't work because the Internet is down, I'm not sure
>>> that is responsible. As inefficient as it may be to have a license server
>>> on-prem if there is an option to check against one in the public cloud,
>>> for a medical use-case, that would make more sense to me.
>>
>>
>> Totally agree with you. Unfortunately it's not a problem with the medical
>> providers, it's a problem with the medical devices. Anybody who works in
>> the healthcare vertical will tell you just how bad medical devices are to
>> work with from an IT perspective. And that is part of my original comments.
>>
>> In your case, I am not sure I have an answer for you, unfortunately. The
>>> public Internet is what it is, mostly best-effort. Your applications and
>>> use-cases certainly deserve better than that. I'm not sure how to achieve
>>> that as your industry shoves more and more activity into the public
>>> Internet domain, for one reason or another.
>>
>>
>> I don't know what it's going to take either. A general shift in mentality
>> from the vendors we use I guess. I'm not sure how you get a bunch of
>> medical providers to tell these companies they need to fix their stuff. You
>> can't exactly use your wallet to force change either. There are only a
>> handful of vendor options out there so there isn't a ton of choice. It's
>> not like you can buy one of 50 different models of CT machines or EHR
>> systems.
>>
>> Generally speaking it's not an issue. It's just in crazy times like these
>> where, if congestion on the public internet gets too crazy, that certain
>> platforms might need to be deemed "unnecessary". Is playing Fortnight a
>> right? Is streaming a movie in 4K a right? In cases like San Francisco they
>> have decided that leaving your home for anything other than work or medical
>> care is no longer a right because you're now infringing on other's rights
>> by potentially getting them sick. Maybe 4K Netflix fits into that category
>> if you're causing problems for first responders and hospitals trying to
>> save lives.
>>
>>
>> - Mike Bolitho
>>
>>
>> On Tue, Mar 17, 2020 at 2:22 AM Mark Tinka  wrote:
>>
>>>
>>>
>>> On 16/Mar/20 16:54, Carsten Bormann wrote:
>>>
>>> > I recently had to reschedule an X-ray because the license manager for
>>> the X-ray machine was acting up.  I don’t think people have a grasp for how
>>> much of the medical infrastructure no longer works when the Internet is
>>> down.
>>>
>>> I get this, to some extent. But also, there is a reason hospitals,
>>> airports and military installations are either put on special power
>>> grids or invest plenty of money in backup power.
>>>
>>> If an x-ray machine won't work because the Internet is down, I'm not
>>> sure that is responsible. As inefficient as it may be to have a license
>>> server on-prem if there is an option to check against one in the public
>>> cloud, for a medical use-case, that would make more sense to me.
>>>
>>> Mark.
>>>
>>

Re: COVID-19 vs. our Networks

2020-03-17 Thread Tom Beecher

The answer is don't shove application traffic that has tight service level
requirements onto the public internet at large and expect the same
performance as private circuits or other SLA protected services.



On Tue, Mar 17, 2020 at 11:40 AM Mike Bolitho  wrote:

> If an x-ray machine won't work because the Internet is down, I'm not sure
>> that is responsible. As inefficient as it may be to have a license server
>> on-prem if there is an option to check against one in the public cloud,
>> for a medical use-case, that would make more sense to me.
>
>
> Totally agree with you. Unfortunately it's not a problem with the medical
> providers, it's a problem with the medical devices. Anybody who works in
> the healthcare vertical will tell you just how bad medical devices are to
> work with from an IT perspective. And that is part of my original comments.
>
> In your case, I am not sure I have an answer for you, unfortunately. The
>> public Internet is what it is, mostly best-effort. Your applications and
>> use-cases certainly deserve better than that. I'm not sure how to achieve
>> that as your industry shoves more and more activity into the public
>> Internet domain, for one reason or another.
>
>
> I don't know what it's going to take either. A general shift in mentality
> from the vendors we use I guess. I'm not sure how you get a bunch of
> medical providers to tell these companies they need to fix their stuff. You
> can't exactly use your wallet to force change either. There are only a
> handful of vendor options out there so there isn't a ton of choice. It's
> not like you can buy one of 50 different models of CT machines or EHR
> systems.
>
> Generally speaking it's not an issue. It's just in crazy times like these
> where, if congestion on the public internet gets too crazy, that certain
> platforms might need to be deemed "unnecessary". Is playing Fortnight a
> right? Is streaming a movie in 4K a right? In cases like San Francisco they
> have decided that leaving your home for anything other than work or medical
> care is no longer a right because you're now infringing on other's rights
> by potentially getting them sick. Maybe 4K Netflix fits into that category
> if you're causing problems for first responders and hospitals trying to
> save lives.
>
>
> - Mike Bolitho
>
>
> On Tue, Mar 17, 2020 at 2:22 AM Mark Tinka  wrote:
>
>>
>>
>> On 16/Mar/20 16:54, Carsten Bormann wrote:
>>
>> > I recently had to reschedule an X-ray because the license manager for
>> the X-ray machine was acting up.  I don’t think people have a grasp for how
>> much of the medical infrastructure no longer works when the Internet is
>> down.
>>
>> I get this, to some extent. But also, there is a reason hospitals,
>> airports and military installations are either put on special power
>> grids or invest plenty of money in backup power.
>>
>> If an x-ray machine won't work because the Internet is down, I'm not
>> sure that is responsible. As inefficient as it may be to have a license
>> server on-prem if there is an option to check against one in the public
>> cloud, for a medical use-case, that would make more sense to me.
>>
>> Mark.
>>
>

Re: DHS letters for fuel and facility access

2020-03-17 Thread Paul Nash

September 2001.  Just after the 9/11 attacks, all of lower Manhattan was shut 
down.  Out link (IIRC) was to a satellite farm on Staten island, across the bay 
to 60 Hudson.  Power went off, diesels kicked in, fuel trucks was not allowed 
in, and a few days later we lost all international connectivity.

Lots of important people lost power as well, so the feds decided to let the 
diesel tankers in after a few days’ deliberations.

paul

> On Mar 17, 2020, at 11:21 AM, Mark Tinka  wrote:
> 
> 
> 
> On 17/Mar/20 17:15, Paul Nash wrote:
> 
>> That same fuel shortage killed all Internet traffic to sub-Saharan Africa.  
>> Took us a while to figure out what was wrong with the satellite link to the 
>> US.
> 
> What year was that :-)?
> 
> Mark.

Re: DHS letters for fuel and facility access

2020-03-17 Thread Keefe John

WISPA has the letters available in the Members Section of the website.

Keefe John
CEO
Ethoplex
Direct: 262.345.5200

Ethoplex Business Internet
http://www.ethoplex.com/
Signal Residential Internet
http://www.signalisp.com/

https://www.linkedin.com/in/keefejohn/


On Tue, Mar 17, 2020 at 10:33 AM Matt Hoppes <
mattli...@rivervalleyinternet.net> wrote:

> Does anyone know who to contact at DHS to see about getting a letter
> like this for an operator?
>
>
> >>> 
> >>> On some other mailing lists, FCC licensed operators are reporting they
> have received letters from the Department of Homeland Security authorizing
> "access" and "fuel" priority.
> >>>
> >>> Occasionally, DHS issues these letters after natural disasters such as
> hurricanes for hospitals and critical facilities.  I haven't heard of them
> issued for pandemics.
> >>>
> >
>

Re: UDP/123 policers & status

On 17/Mar/20 18:05, Ca By wrote:

>
>
>
> +1 , still see, still have policers
>
> Fyi, ipv6 ntp / udp tends to have a much higher success rate getting
> through cgn / policers / ...

For those that have come in as attacks toward customers, we've
"scrubbed" them where there has been interest.

Mark.

Re: COVID-19 vs. our Networks

On 17/Mar/20 17:38, Mike Bolitho wrote:

>
> Totally agree with you. Unfortunately it's not a problem with the
> medical providers, it's a problem with the medical devices. Anybody
> who works in the healthcare vertical will tell you just how bad
> medical devices are to work with from an IT perspective. And that is
> part of my original comments.

I guess that means they don't support IPv6 :-)?

> I don't know what it's going to take either. A general shift in
> mentality from the vendors we use I guess. I'm not sure how you get a
> bunch of medical providers to tell these companies they need to fix
> their stuff. You can't exactly use your wallet to force change either.
> There are only a handful of vendor options out there so there isn't a
> ton of choice. It's not like you can buy one of 50 different models of
> CT machines or EHR systems.

Ah, so equipment vendors are simply rolling out kit with an IP stack,
without a care of how the hospitals will actually operate them on the
Internet? Tick-in-the-box, type-thing :-)?

Much like how gaming producers write code so that updates are whole
blobs rather than incremental changes, without a care for the network
operators/customers, because it's just easier?

Or like how CPE manufacturers ship hardware with hard-coded DNS settings
to make provisioning as zero-touch as possible.

Or like how...

I'd say someone should spend some time sensitizing the medical equipment
OEM's about their potential impact on/by the Internet, but something
tells me they won't care, nor will the doctors/hospitals they market to.

>
> Generally speaking it's not an issue. It's just in crazy times like
> these where, if congestion on the public internet gets too crazy, that
> certain platforms might need to be deemed "unnecessary". Is playing
> Fortnight a right? Is streaming a movie in 4K a right? In cases like
> San Francisco they have decided that leaving your home for anything
> other than work or medical care is no longer a right because you're
> now infringing on other's rights by potentially getting them sick.
> Maybe 4K Netflix fits into that category if you're causing problems
> for first responders and hospitals trying to save lives.

The difference between the SFO gubbermint and the ISP's that operate
around the world is one of governance scope. A city gubbermint may be
able to impose rules and laws against its citizens. Whether they can do
that to an ISP, especially an ISP that either is based out of state or
out of the country, is where the issue lies.

But even before all that - if an ISP's raison d'être is to deliver 4K
Netflix to its users, and they pay their good money to vendors and
providers to achieve this, who are we to tell them their business is
deemed "unnecessary"?

Mark.

Re: UDP/123 policers & status

2020-03-17 Thread Ca By

On Tue, Mar 17, 2020 at 9:03 AM Compton, Rich A 
wrote:

> Yes, we still see lots of UDP amplification attacks using NTP monlist.  We
> use a filter to block UDP src 123 packets of 468 bytes in length (monlist
> reply with the max 6 IPs).
>
> -Rich


+1 , still see, still have policers

Fyi, ipv6 ntp / udp tends to have a much higher success rate getting
through cgn / policers / ...



>
> On 3/17/20, 8:55 AM, "NANOG on behalf of Jared Mauch" <
> nanog-boun...@nanog.org on behalf of ja...@puck.nether.net> wrote:
>
> I’m curious what people are seeing these days on the UDP/123 policers
> in their networks.
>
> I know while I was at NTT we rolled some out, and there are a number
> of variants that have occurred over the past 6-7 years.  I’ve heard from
> people at the NTP Pool as well as having observed some issues with NTP at
> Akamai and time sync from time to time.
>
> Are you still seeing a lot of NTP attacks in your flows these days?
>
> Should we be looking to remove these, similar to how we did for
> SQL/Slammer after a time?
>
> - Jared
>
> E-MAIL CONFIDENTIALITY NOTICE:
> The contents of this e-mail message and any attachments are intended
> solely for the addressee(s) and may contain confidential and/or legally
> privileged information. If you are not the intended recipient of this
> message or if this message has been addressed to you in error, please
> immediately alert the sender by reply e-mail and then delete this message
> and any attachments. If you are not the intended recipient, you are
> notified that any use, dissemination, distribution, copying, or storage of
> this message or any attachment is strictly prohibited.
>

Re: COVID-19 vs. our Networks

2020-03-17 Thread Carsten Bormann

On 2020-03-17, at 12:36, Mark Tinka  wrote:
> 
> While that does improve availability and performance, I don't
> think it really pushes the Internet beyond the realm of "best-effort”.

Folks,

my supermarket is “best-effort”.

I expect exactly the same level of service from my Internet that I expect from 
the system of supermarkets I have available to me.

Grüße, Carsten

Re: UDP/123 policers & status

2020-03-17 Thread Compton, Rich A

Yes, we still see lots of UDP amplification attacks using NTP monlist.  We use 
a filter to block UDP src 123 packets of 468 bytes in length (monlist reply 
with the max 6 IPs).

-Rich

On 3/17/20, 8:55 AM, "NANOG on behalf of Jared Mauch"  wrote:

I’m curious what people are seeing these days on the UDP/123 policers in 
their networks.

I know while I was at NTT we rolled some out, and there are a number of 
variants that have occurred over the past 6-7 years.  I’ve heard from people at 
the NTP Pool as well as having observed some issues with NTP at Akamai and time 
sync from time to time.

Are you still seeing a lot of NTP attacks in your flows these days?

Should we be looking to remove these, similar to how we did for SQL/Slammer 
after a time?

- Jared

E-MAIL CONFIDENTIALITY NOTICE: 
The contents of this e-mail message and any attachments are intended solely for 
the addressee(s) and may contain confidential and/or legally privileged 
information. If you are not the intended recipient of this message or if this 
message has been addressed to you in error, please immediately alert the sender 
by reply e-mail and then delete this message and any attachments. If you are 
not the intended recipient, you are notified that any use, dissemination, 
distribution, copying, or storage of this message or any attachment is strictly 
prohibited.

Re: COVID-19 vs. our Networks

2020-03-17 Thread Mike Bolitho

>
> If an x-ray machine won't work because the Internet is down, I'm not sure
> that is responsible. As inefficient as it may be to have a license server
> on-prem if there is an option to check against one in the public cloud,
> for a medical use-case, that would make more sense to me.

Totally agree with you. Unfortunately it's not a problem with the medical
providers, it's a problem with the medical devices. Anybody who works in
the healthcare vertical will tell you just how bad medical devices are to
work with from an IT perspective. And that is part of my original comments.

In your case, I am not sure I have an answer for you, unfortunately. The
> public Internet is what it is, mostly best-effort. Your applications and
> use-cases certainly deserve better than that. I'm not sure how to achieve
> that as your industry shoves more and more activity into the public
> Internet domain, for one reason or another.

I don't know what it's going to take either. A general shift in mentality
from the vendors we use I guess. I'm not sure how you get a bunch of
medical providers to tell these companies they need to fix their stuff. You
can't exactly use your wallet to force change either. There are only a
handful of vendor options out there so there isn't a ton of choice. It's
not like you can buy one of 50 different models of CT machines or EHR
systems.

Generally speaking it's not an issue. It's just in crazy times like these
where, if congestion on the public internet gets too crazy, that certain
platforms might need to be deemed "unnecessary". Is playing Fortnight a
right? Is streaming a movie in 4K a right? In cases like San Francisco they
have decided that leaving your home for anything other than work or medical
care is no longer a right because you're now infringing on other's rights
by potentially getting them sick. Maybe 4K Netflix fits into that category
if you're causing problems for first responders and hospitals trying to
save lives.

- Mike Bolitho

On Tue, Mar 17, 2020 at 2:22 AM Mark Tinka  wrote:

>
>
> On 16/Mar/20 16:54, Carsten Bormann wrote:
>
> > I recently had to reschedule an X-ray because the license manager for
> the X-ray machine was acting up.  I don’t think people have a grasp for how
> much of the medical infrastructure no longer works when the Internet is
> down.
>
> I get this, to some extent. But also, there is a reason hospitals,
> airports and military installations are either put on special power
> grids or invest plenty of money in backup power.
>
> If an x-ray machine won't work because the Internet is down, I'm not
> sure that is responsible. As inefficient as it may be to have a license
> server on-prem if there is an option to check against one in the public
> cloud, for a medical use-case, that would make more sense to me.
>
> Mark.
>

Re: DHS letters for fuel and facility access

2020-03-17 Thread Matt Hoppes

Does anyone know who to contact at DHS to see about getting a letter 
like this for an operator?





On some other mailing lists, FCC licensed operators are reporting they have received letters from 
the Department of Homeland Security authorizing "access" and "fuel" priority.

Occasionally, DHS issues these letters after natural disasters such as 
hurricanes for hospitals and critical facilities.  I haven't heard of them 
issued for pandemics.

Re: DHS letters for fuel and facility access




On 17/Mar/20 17:15, Paul Nash wrote:

> That same fuel shortage killed all Internet traffic to sub-Saharan Africa.  
> Took us a while to figure out what was wrong with the satellite link to the 
> US.

What year was that :-)?

Mark.

Re: DHS letters for fuel and facility access

2020-03-17 Thread Paul Nash

That same fuel shortage killed all Internet traffic to sub-Saharan Africa.  
Took us a while to figure out what was wrong with the satellite link to the US.

paul

> On Mar 16, 2020, at 5:12 PM, Ben Cannon  wrote:
> 
> We (Verizon not me) lost a central office during 9/11 because it ran out of 
> fuel - the tankers were staged but we’re not allowed to enter Manhattan.  
> 
> This clears that pathway for us now, and it’s fairly standard protocol since.
> 
> -Ben
> 
>> On Mar 16, 2020, at 1:20 PM, Sean Donelan  wrote:
>> 
>> 
>> On some other mailing lists, FCC licensed operators are reporting they have 
>> received letters from the Department of Homeland Security authorizing 
>> "access" and "fuel" priority.
>> 
>> Occasionally, DHS issues these letters after natural disasters such as 
>> hurricanes for hospitals and critical facilities.  I haven't heard of them 
>> issued for pandemics.
>>

Re: UDP/123 policers & status




On 17/Mar/20 16:53, Jared Mauch wrote:

> Should we be looking to remove these, similar to how we did for SQL/Slammer 
> after a time?

FWIW, we've never policed udp/123 on our end. We haven't seen anything
untoward.

Mark.

UDP/123 policers & status

2020-03-17 Thread Jared Mauch

I’m curious what people are seeing these days on the UDP/123 policers in their 
networks.

I know while I was at NTT we rolled some out, and there are a number of 
variants that have occurred over the past 6-7 years.  I’ve heard from people at 
the NTP Pool as well as having observed some issues with NTP at Akamai and time 
sync from time to time.

Are you still seeing a lot of NTP attacks in your flows these days?

Should we be looking to remove these, similar to how we did for SQL/Slammer 
after a time?

- Jared

Re: COVID-19 vs. our Networks




Le 17/03/2020 à 13:26, Grzegorz Janoszka a écrit :

On 2020-03-16 15:04, Alexandre Petrescu wrote:
There is no other way to do that information filterning now. Nobody 
has any authority of knowing better than others.


There is a good word for information filtering. It is called 
'censorship'.


Times like now are perfect opportunity to limit the remains of our 
freedom.


Please think twice before you complain for lack of information 
filtering. Because the government will surely make you happy.



Excuse me, misunderstood.

If I complain something, it is the following: there is not enough 
information from Authority to people.  In some places, especially where 
I live, there is no precise information about number of cases to 
particular cities, the cases profile, age profile, etc. I suspect it 
might because they are overwhelmed, or because they dont want to scare 
others.  Two differennt things.  I dont know.


If I want something, it is the folowing: all channels of comm must be 
open and info must flow.  There is much noise, but it is easy for end 
user to filter.  MUA filtering is such a case.


We need more information, not less.

We need trust.

The threat analysis is different than before.  We need security, but 
other kinds of security.  Short easy to remember passwords are ok; what 
is not ok is to hold information that is important.  Just let it flow 
and we'll see.  What is not ok it to shut people because apparently they 
distribute two times same thing.  That holding should not happen; there 
is no problem if info is distributed two times.  Channels should be open 
info should flow.


There are not enough open source projects for gene analysis 
(nextstrain.org), not enough open source projects for respiratory 
devices, not enough open source projects for air detection of virus 
devices (if a such thing can exist).  There are not enough tests, not 
enough masks, not enough many things.


There are too many alternatives of 'secure communications': WhatsApp, 
Signal, Telegram.  It is fragmentation.  Too much choice, too few people 
in each group.  They claim one is more secure than the other, but secure 
against whom?  Do you think there might be a human attacker that resists 
virus and who can attack some email account?  If such a thing existed 
then we would know how s/he did to resist to virus in virst place.


There are too many Certificate Authorities that are not trusting each other.

We need trust, and we need to develop our brains as someone seemed to 
say here.


Alex

Re: COVID-19 vs. our Networks

2020-03-17 Thread Grzegorz Janoszka


On 2020-03-16 15:04, Alexandre Petrescu wrote:
There is no other way to do that information filterning now. Nobody has 
any authority of knowing better than others.


There is a good word for information filtering. It is called 'censorship'.

Times like now are perfect opportunity to limit the remains of our freedom.

Please think twice before you complain for lack of information 
filtering. Because the government will surely make you happy.


--
Grzegorz Janoszka

Re: COVID-19 vs. our Networks

On 17/Mar/20 12:37, Christian wrote:

> In theory best-effort Internet is seen as only part of a broader
> Internet model including open peering and so on. The idea for open
> Internet is it offers a form of digital herd immunity (to coin a
> current phrase being misused by UK Government circles in recent days) 
> that offers a level of shared redundancy of spare capacity so that
> issues can be taken out of route until fixed but the edge still
> maintains high quality connectivity.  In one sense the Internet model
> provides an informal community insurance across the provider / access
> sector. Although of course the legacy telco regulated protected
> infrastructure has remained a nub of resistance to open anything.
>
> Some short term financial optimisations between networks may turn out
> to be counter productive across time and "events". Which begs a
> question whether the winner takes all model that has emerged can live
> with a plural supply chain of network infrastructures.
>
> I suspect the concentration over recent years has created greater
> fragility for all of us judging comments in this thread and elsewhere.
> Can we survive covid 19 and maintain selfish networks over open ones?
>

Even if any organization tried to, they can't avoid the allure of the
Internet to optimize costs, because their customers (the kids) are going
to keep looking for value many of these organizations do not know how to
deliver in this new economic era. So reducing costs is the first thing
they will do in order to meet budgets, before the real massacre comes.

A lot of Internet traffic is coalescing around a handful of service
providers, as you rightly point out. They can enhance performance by
building data centres closer to customers in big cities, and then toy
with the idea of having even smaller edge clusters spread across wide
metros. While that does improve availability and performance, I don't
think it really pushes the Internet beyond the realm of "best-effort".

The Internet is not a centralized, government-based entity. On that
basis, it scales very well on a global scale, but conversely, cannot be
tuned to operate in the way traditional telco's do/did, along with the
compromise critical services like health, military and aviation have to
make, to that effect.

Mark.

Re: COVID-19 vs. our Networks

2020-03-17 Thread Christian



On 17/03/2020 09:17, Mark Tinka wrote:



On 16/Mar/20 16:40, Mike Bolitho wrote:

I think there's a bit of a misunderstanding of what I'm trying to say 
here. We have dual private lines from two Tier I providers. These 
interconnect all major hospitals and our data centers. We also have a 
third metro connection that connects things regionally. We have DIA 
on top of that. I think people are vastly underestimating just how 
much $aaS there is within the medical field. TeleDoc, translation 
services, remote radiologists, the way prescriptions get filled, how 
staffing works, third party providers basically hoteling within our 
facilities, critical staff VPNed in because the government has locked 
things down, etc. Then there's things that we don't use but I'm sure 
other providers do, GoToMeeting, O365, VaaS, etc.There's no practical 
way to engineer your WAN to facilitate dozens of connections to these 
services.


This extends beyond just hospitals as well. Fire departments, police 
departments, water treatment etc. Regardless of whether or not those 
entities planned well(I think we did), the government should and will 
step in if critical services are degraded. And for what it's worth, 
Stephen, I know how things are built within the ISP world. I spent 
four years there. That doesn't change the fact that we're possibly 
heading into uncharted waters when it comes to utilization and the 
impactthat will have on $aaS products that are interwoven into every 
single vertical, including entities that fall under TSP, critical 
national security and emergency preparedness functions, including 
those areas related to safety, maintenance of law and order, and 
public health.It's easy for all you guys to sit here and armchair 
quarterback other people's planning but when things really start to 
degrade, all bets are off.If you don't believe that, just look at the 
news. States are literally shutting down private businesses 
(restaurants, bars, night clubs, private schools) and banning people 
from associating in groups of larger than 50.


The Internet has infiltrated every industry, every business, and every 
business model.


While it's a great way to connect a lot of people and things at scale 
for the lowest cost possible, there are some industries that still 
require a certain caliber of reliability that the public Internet may 
not be best suited to provide.


In your case, I am not sure I have an answer for you, unfortunately. 
The public Internet is what it is, mostly best-effort. Your 
applications and use-cases certainly deserve better than that. I'm not 
sure how to achieve that as your industry shoves more and more 
activity into the public Internet domain, for one reason or another.


Mark.



In theory best-effort Internet is seen as only part of a broader 
Internet model including open peering and so on. The idea for open 
Internet is it offers a form of digital herd immunity (to coin a current 
phrase being misused by UK Government circles in recent days)  that 
offers a level of shared redundancy of spare capacity so that issues can 
be taken out of route until fixed but the edge still maintains high 
quality connectivity.  In one sense the Internet model provides an 
informal community insurance across the provider / access sector. 
Although of course the legacy telco regulated protected infrastructure 
has remained a nub of resistance to open anything.


Some short term financial optimisations between networks may turn out to 
be counter productive across time and "events". Which begs a question 
whether the winner takes all model that has emerged can live with a 
plural supply chain of network infrastructures.


I suspect the concentration over recent years has created greater 
fragility for all of us judging comments in this thread and elsewhere. 
Can we survive covid 19 and maintain selfish networks over open ones?



C

Re: COVID-19 vs. our Networks

my close in Texas sent me "Texas is Bigger than France" magnet, it's on 
my fridge :-)



Le 17/03/2020 à 00:36, Scott Weeks a écrit :

--- alexandre.petre...@gmail.com wrote:
From: Alexandre Petrescu 
   
That map does not show Texas, as far as I know America

(USA) geography.
---


Being raised in Texas in a family that've been there
for a buncha generations, I know that at least some
folks there would challange that... :)

https://en.wikipedia.org/wiki/Texas_secession_movements

It was a nation unto itself for over decade:

https://en.wikipedia.org/wiki/Republic_of_Texas



Many old timers are a pretty independent type of people.


scott
ps. traffic is still normal here

Re: COVID-19 vs. our Networks





On 16/Mar/20 21:08, Owen DeLong wrote:


This simply isn’t true…

Listen to qualified medical professionals, especially those who
specialize in infectious diseases and epidemiology.


YEs listen to them.

This morning they say: everyone can get it, there is no age or pre-conditio.

That''s it.  They dont know, and worse they dont say they dont know.

I am an engineer, I am not medical professional, my question is: is 
there a device to detect the virus with the crown in the air and light 
up a led?


(we do have such devices for VOC, for CO2, PM2, PM10 pollution, and many 
other things in the air; but about virus with a rcown?)


Alex



The information on the CDC and WHO websites remains the primary source
of trustworthy information. It may be
incomplete, but if someone is contradicting something there, they’re
very likely to be wrong.

OTOH, anyone selling “survive COVID” or “cure COVID” etc. is
completely untrustworthy and guaranteed to be lying to
you in order to sell a product. Despicable, but common place.

There’s no authoritative way to get false information off the
internet, so we have to combat it as best we can with good
information and education. Even in my own household, this is a
constant battle as my GF continues to bring home
odd superstitious rumors and embellishments from a variety of
inaccurate sources and I constantly have to correct her
perspective.

For up to date local information, check with the local public health
authority in your jurisdiction. In the US, that will usually
be your county public health agency. In some cases, individual
municipalities also have public health departments.

It's the price we pay for hyper-connectedness (not trying to coin a
phrase, hehe).

Everybody (especially the kids) lives on their device 99% of the time.
If you're not on their device, you are not relevant to them.

When was the last time you bought a newspaper? How many times do your
kids watch the news, either on TV or their device? But they are all over
WhatsApp, Instagram, Twitter, SnapChat, WeChat, et al. And even if they
have the "News" app on their phone, they probably have never opened it.
If they opened it, they didn't find value in it.

On average, the we (and the kids) will give your app two tries; if we
don't like it, you're out - which explains why we all have 3,000 apps on
our phones, but only use 2 or 3 of them most consistently.

Whoever wants to get professional and verified information out (to the
kids who live on their devices) needs to find a way to do so in a manner
we find relevant, otherwise we'll simply keep trading mis-information
for whatever reason we feel gives us value.

Mark.

Re: COVID-19 vs. our Networks

On 16/Mar/20 21:08, Owen DeLong wrote:

>
> This simply isn’t true…
>
> Listen to qualified medical professionals, especially those who
> specialize in infectious diseases and epidemiology.
>
> The information on the CDC and WHO websites remains the primary source
> of trustworthy information. It may be
> incomplete, but if someone is contradicting something there, they’re
> very likely to be wrong.
>
> OTOH, anyone selling “survive COVID” or “cure COVID” etc. is
> completely untrustworthy and guaranteed to be lying to
> you in order to sell a product. Despicable, but common place.
>
> There’s no authoritative way to get false information off the
> internet, so we have to combat it as best we can with good
> information and education. Even in my own household, this is a
> constant battle as my GF continues to bring home
> odd superstitious rumors and embellishments from a variety of
> inaccurate sources and I constantly have to correct her
> perspective.
>
> For up to date local information, check with the local public health
> authority in your jurisdiction. In the US, that will usually
> be your county public health agency. In some cases, individual
> municipalities also have public health departments.

It's the price we pay for hyper-connectedness (not trying to coin a
phrase, hehe).

Everybody (especially the kids) lives on their device 99% of the time.
If you're not on their device, you are not relevant to them.

When was the last time you bought a newspaper? How many times do your
kids watch the news, either on TV or their device? But they are all over
WhatsApp, Instagram, Twitter, SnapChat, WeChat, et al. And even if they
have the "News" app on their phone, they probably have never opened it.
If they opened it, they didn't find value in it.

On average, the we (and the kids) will give your app two tries; if we
don't like it, you're out - which explains why we all have 3,000 apps on
our phones, but only use 2 or 3 of them most consistently.

Whoever wants to get professional and verified information out (to the
kids who live on their devices) needs to find a way to do so in a manner
we find relevant, otherwise we'll simply keep trading mis-information
for whatever reason we feel gives us value.

Mark.

Re: COVID-19 vs. our Networks

On 16/Mar/20 16:54, Carsten Bormann wrote:

> I recently had to reschedule an X-ray because the license manager for the 
> X-ray machine was acting up.  I don’t think people have a grasp for how much 
> of the medical infrastructure no longer works when the Internet is down.

I get this, to some extent. But also, there is a reason hospitals,
airports and military installations are either put on special power
grids or invest plenty of money in backup power.

If an x-ray machine won't work because the Internet is down, I'm not
sure that is responsible. As inefficient as it may be to have a license
server on-prem if there is an option to check against one in the public
cloud, for a medical use-case, that would make more sense to me.

Mark.

Re: COVID-19 vs. our Networks



On 16/Mar/20 16:40, Mike Bolitho wrote:

> I think there's a bit of a misunderstanding of what I'm trying to say
> here. We have dual private lines from two Tier I providers. These
> interconnect all major hospitals and our data centers. We also have a
> third metro connection that connects things regionally. We have DIA on
> top of that. I think people are vastly underestimating just how much
> $aaS there is within the medical field. TeleDoc, translation services,
> remote radiologists, the way prescriptions get filled, how staffing
> works, third party providers basically hoteling within our facilities,
> critical staff VPNed in because the government has locked things down,
> etc. Then there's things that we don't use but I'm sure other
> providers do, GoToMeeting, O365, VaaS, etc.There's no practical way to
> engineer your WAN to facilitate dozens of connections to these services.
>
> This extends beyond just hospitals as well. Fire departments, police
> departments, water treatment etc. Regardless of whether or not those
> entities planned well(I think we did), the government should and will
> step in if critical services are degraded. And for what it's worth,
> Stephen, I know how things are built within the ISP world. I spent
> four years there. That doesn't change the fact that we're possibly
> heading into uncharted waters when it comes to utilization and the
> impactthat will have on $aaS products that are interwoven into every
> single vertical, including entities that fall under TSP, critical
> national security and emergency preparedness functions, including
> those areas related to safety, maintenance of law and order, and
> public health.It's easy for all you guys to sit here and armchair
> quarterback other people's planning but when things really start to
> degrade, all bets are off.If you don't believe that, just look at the
> news. States are literally shutting down private businesses
> (restaurants, bars, night clubs, private schools) and banning people
> from associating in groups of larger than 50.

The Internet has infiltrated every industry, every business, and every
business model.

While it's a great way to connect a lot of people and things at scale
for the lowest cost possible, there are some industries that still
require a certain caliber of reliability that the public Internet may
not be best suited to provide.

In your case, I am not sure I have an answer for you, unfortunately. The
public Internet is what it is, mostly best-effort. Your applications and
use-cases certainly deserve better than that. I'm not sure how to
achieve that as your industry shoves more and more activity into the
public Internet domain, for one reason or another.

Mark.

Re: COVID-19 vs. our Networks