Unimus Network Automation https://unimus.net/

[James Braunegg]

Dear All

Anyone using Unimus for Network Automation ? https://unimus.net/

i.e. mass configuration / push / pull configurations looking for something more 
powerful than rconfig for a Cisco Nexus and Juniper environment.

And or happy with any other suggestions

Kindest Regards

James Braunegg



[cid:image001.png@01D280A4.01865B60]

1300 769 972 / 0488 997 207

ja...@micron21.com

www.micron21.com/


[cid:image002.png@01D280A4.01865B60]


[cid:image003.png@01D280A4.01865B60]

[cid:image004.png@01D280A4.01865B60]

Follow us on Twitter for important service and 
system updates.


This message is intended for the addressee named above. It may contain 
privileged or confidential information. If you are not the intended recipient 
of this message you must not use, copy, distribute or disclose it to anyone 
other than the addressee. If you have received this message in error please 
return the message to the sender by replying to it and then delete the message 
from your computer.

Re: Parler

[Brielle]

It was actually the reverse in the initial email they sent out.

They were going to block and only let you access if you contacted them.

They are honestly a bunch of morons trying to cover their own asses at this 
point from the blowback.  Obvious whose team they are doing this for.

I spent a week in northern Idaho around 10 years back, and I believe they were 
the provider I had to use up there.  Seemed like multiple layers of NAT (like 
one layer per tower) and I was showing up on the ‘net with an IP address from a 
lawyers office.

Yeah...   I’m used to really shitty WISP networks, but this took the cake.  To 
be fair, they may be better now.

Sent from my iPad

> On Jan 12, 2021, at 3:55 PM, Lee  wrote:
> 
> On 1/12/21, Kevin McCormick  wrote:
>> Imagine if Tier 1 ISPs had a censorship free clause that required companies
>> like Twitter, Facebook, and Amazon to provide services free of censorship or
>> have IP blocks blackholed. They would lose hundreds of millions of dollars
>> per day. I bet they would reverse their tone in a hurry.
>> 
>> https://www.seattletimes.com/seattle-news/idaho-internet-provider-to-block-facebook-twitter-over-their-trump-bans/
> 
> Clickbait title.
>  "The company said Monday it decided to block Facebook and Twitter
> for customers who request that starting next Wednesday after the
> company received several calls from customers about both websites."
> 
> The way I read it, they aren't blocking Facebook/Twitter for everyone
> - the customer has to request the filter for their service.
> 
> Regards,
> Lee
> 
>> 
>> Thank you,
>> 
>> Kevin McCormick
>> 
>> From: NANOG  On Behalf Of mark
>> seery
>> Sent: Sunday, January 10, 2021 8:06 PM
>> To: K. Scott Helms 
>> Cc: NANOG Operators' Group 
>> Subject: Re: Parler
>> 
>> I assume multiple networks/ ISPs that have acceptable use policies that call
>> out criminality and incitement to violence, for example:
>> 
>> https://www.xfinity.com/support/articles/comcast-acceptable-use-policy
>> 
>> Have these AUPs been invoked previously for these reasons, or would that be
>> new territory?
>> Sent from Mobile Device
>> 
>> 
>> On Jan 10, 2021, at 2:52 PM, K. Scott Helms
>> mailto:kscott.he...@gmail.com>> wrote:
>> 
>> Right, it's not a list for content hosting.
>> 
>> Scott Helms
>> 
>> On Sun, Jan 10, 2021, 5:42 PM
>> mailto:sro...@ronan-online.com>> wrote:
>> No, this is a list for Network Operators.
>> Sent from my iPhone
>> 
>> 
>> On Jan 10, 2021, at 5:32 PM, K. Scott Helms
>> mailto:kscott.he...@gmail.com>> wrote:
>> 
>> This is a list for pushing bits.  The fact that many/most of us have other
>> businesses doesn't make this an appropriate forum for SIP issues (to use my
>> own work as an example).
>> 
>> On Sun, Jan 10, 2021, 4:52 PM
>> mailto:sro...@ronan-online.com>> wrote:
>> This is a list for Network Operators, AWS certainly operates networks.
>> Sent from my iPhone
>> 
>> 
>> On Jan 10, 2021, at 4:27 PM, K. Scott Helms
>> mailto:kscott.he...@gmail.com>> wrote:
>> 
>> No,
>> 
>> It really does not.  Section 230 only applies to publishers, and not to
>> network providers.  If this were a cloud hosting provider list then you'd be
>> correct, but as a network provider's list it does not belong here.
>> 
>> 
>> Scott Helms
>> 
>> 
>> On Sun, Jan 10, 2021 at 3:21 PM Lady Benjamin PD Cannon
>> mailto:b...@6by7.net>> wrote:
>> As network operations and compute/cloud/hosting operations continue to
>> coalesce, I very much disagree with you.  Section 230 is absolutely
>> relevant, this discussion is timely and relevant, and it directly affects me
>> as both a telecom and cloud compute/services provider.
>> 
>> 
>> —L.B.
>> 
>> Lady Benjamin PD Cannon, ASCE
>> 6x7 Networks & 6x7 Telecom, LLC
>> CEO
>> b...@6by7.net
>> "The only fully end-to-end encrypted global telecommunications company in
>> the world.”
>> FCC License KJ6FJJ
>> 
>> 
>> 
>> 
>> 
>> 
>> On Jan 10, 2021, at 12:13 PM, K. Scott Helms
>> mailto:kscott.he...@gmail.com>> wrote:
>> 
>> It's not, and frankly it's disappointing to see people pushing an agenda
>> here.
>> 
>> 
>> Scott Helms
>> 
>> 
>> On Sun, Jan 10, 2021 at 9:37 AM
>> mailto:sro...@ronan-online.com>> wrote:
>> 
>> 
>> NANOG is a group of Operators, discussion does not have to be about
>> networking. I have already explained how this represents a significant issue
>> for Network Operators.
>> 
>> On Jan 10, 2021, at 9:09 AM, Mike Bolitho
>> mailto:mikeboli...@gmail.com>> wrote:
>> 
>> 
>> It has nothing to do with networking. Their decision was necessarily
>> political. If you can specifically bring up an issue, beyond speculative, on
>> how their new chosen CDN is somehow now causing congestion or routing issues
>> on the public internet, then great. But as of now, that isn't even a thing.
>> It's just best to leave it alone because it will devolve into chaos.
>> 
>> - Mike Bolitho
>> 
>> On Sun, Jan 10, 2021, 6:54 AM
>> mailto:sro...@ronan-online.com>> wrote:
>> 
>> 
>> Why? 

Re: Parler

[Lee]

On 1/12/21, Kevin McCormick  wrote:
> Imagine if Tier 1 ISPs had a censorship free clause that required companies
> like Twitter, Facebook, and Amazon to provide services free of censorship or
> have IP blocks blackholed. They would lose hundreds of millions of dollars
> per day. I bet they would reverse their tone in a hurry.
>
> https://www.seattletimes.com/seattle-news/idaho-internet-provider-to-block-facebook-twitter-over-their-trump-bans/

Clickbait title.
  "The company said Monday it decided to block Facebook and Twitter
for customers who request that starting next Wednesday after the
company received several calls from customers about both websites."

The way I read it, they aren't blocking Facebook/Twitter for everyone
- the customer has to request the filter for their service.

Regards,
Lee

>
> Thank you,
>
> Kevin McCormick
>
> From: NANOG  On Behalf Of mark
> seery
> Sent: Sunday, January 10, 2021 8:06 PM
> To: K. Scott Helms 
> Cc: NANOG Operators' Group 
> Subject: Re: Parler
>
> I assume multiple networks/ ISPs that have acceptable use policies that call
> out criminality and incitement to violence, for example:
>
> https://www.xfinity.com/support/articles/comcast-acceptable-use-policy
>
> Have these AUPs been invoked previously for these reasons, or would that be
> new territory?
> Sent from Mobile Device
>
>
> On Jan 10, 2021, at 2:52 PM, K. Scott Helms
> mailto:kscott.he...@gmail.com>> wrote:
> 
> Right, it's not a list for content hosting.
>
> Scott Helms
>
> On Sun, Jan 10, 2021, 5:42 PM
> mailto:sro...@ronan-online.com>> wrote:
> No, this is a list for Network Operators.
> Sent from my iPhone
>
>
> On Jan 10, 2021, at 5:32 PM, K. Scott Helms
> mailto:kscott.he...@gmail.com>> wrote:
> 
> This is a list for pushing bits.  The fact that many/most of us have other
> businesses doesn't make this an appropriate forum for SIP issues (to use my
> own work as an example).
>
> On Sun, Jan 10, 2021, 4:52 PM
> mailto:sro...@ronan-online.com>> wrote:
> This is a list for Network Operators, AWS certainly operates networks.
> Sent from my iPhone
>
>
> On Jan 10, 2021, at 4:27 PM, K. Scott Helms
> mailto:kscott.he...@gmail.com>> wrote:
> 
> No,
>
> It really does not.  Section 230 only applies to publishers, and not to
> network providers.  If this were a cloud hosting provider list then you'd be
> correct, but as a network provider's list it does not belong here.
>
>
> Scott Helms
>
>
> On Sun, Jan 10, 2021 at 3:21 PM Lady Benjamin PD Cannon
> mailto:b...@6by7.net>> wrote:
> As network operations and compute/cloud/hosting operations continue to
> coalesce, I very much disagree with you.  Section 230 is absolutely
> relevant, this discussion is timely and relevant, and it directly affects me
> as both a telecom and cloud compute/services provider.
>
>
> —L.B.
>
> Lady Benjamin PD Cannon, ASCE
> 6x7 Networks & 6x7 Telecom, LLC
> CEO
> b...@6by7.net
> "The only fully end-to-end encrypted global telecommunications company in
> the world.”
> FCC License KJ6FJJ
>
>
> 
> 
>
>
> On Jan 10, 2021, at 12:13 PM, K. Scott Helms
> mailto:kscott.he...@gmail.com>> wrote:
>
> It's not, and frankly it's disappointing to see people pushing an agenda
> here.
>
>
> Scott Helms
>
>
> On Sun, Jan 10, 2021 at 9:37 AM
> mailto:sro...@ronan-online.com>> wrote:
>
>
> NANOG is a group of Operators, discussion does not have to be about
> networking. I have already explained how this represents a significant issue
> for Network Operators.
>
> On Jan 10, 2021, at 9:09 AM, Mike Bolitho
> mailto:mikeboli...@gmail.com>> wrote:
>
> 
> It has nothing to do with networking. Their decision was necessarily
> political. If you can specifically bring up an issue, beyond speculative, on
> how their new chosen CDN is somehow now causing congestion or routing issues
> on the public internet, then great. But as of now, that isn't even a thing.
> It's just best to leave it alone because it will devolve into chaos.
>
> - Mike Bolitho
>
> On Sun, Jan 10, 2021, 6:54 AM
> mailto:sro...@ronan-online.com>> wrote:
>
>
> Why? This is extremely relevant to network operators and is not political at
> all.
>
> On Jan 10, 2021, at 8:51 AM, Mike Bolitho
> mailto:mikeboli...@gmail.com>> wrote:
>
> 
> Can we please not go down this rabbit hole on here? List admins?
>
> - Mike Bolitho
>
> On Sun, Jan 10, 2021, 1:26 AM William Herrin
> mailto:b...@herrin.us>> wrote:
>
>
> Anybody looking for a new customer opportunity? It seems Parler is in
> search of a new service provider. Vendors need only provide all the
> proprietary AWS APIs that Parler depends upon to function.
>
> https://www.washingtonpost.com/technology/2021/01/09/amazon-parler-suspension/
>
> Regards,
> Bill HErrin
>
>

Re: Parler

[Seth Mattinen]

On 1/12/21 1:47 PM, John Curran wrote:

On 12 Jan 2021, at 12:40 PM, Andy Ringsmuth  wrote:


And yet, Amazon will still happily sell you this item:

https://www.amazon.com/Anarchist-Cookbook-William-Powell/dp/1607966123/

In fact, it is listed as:  #1 Best Seller in Anarchism


Thanks for the reminder!  (I hadn’t realized it had been updated recently :-)
/John




According to reviews though the updated version is an edited/sanitized 
version, not the same as the original.

Re: Parler

[John Curran]

On 12 Jan 2021, at 12:40 PM, Andy Ringsmuth  wrote:
> 
> And yet, Amazon will still happily sell you this item:
> 
> https://www.amazon.com/Anarchist-Cookbook-William-Powell/dp/1607966123/
> 
> In fact, it is listed as:  #1 Best Seller in Anarchism

Thanks for the reminder!  (I hadn’t realized it had been updated recently :-) 
/John

Re: DMVPN via Internet or Private APN

[William Herrin]

On Tue, Jan 12, 2021 at 8:55 AM Sean Kelly  wrote:
> The real debate arrives when it's time to choose a carrier to host the
> router. I choose to go with a major cell carrier using a "private"
> APN. It allows me to connect my cell routers to a private layer 2
> network and my private IP addresses will be used to provide layer 3
> connectivity. I know that there will be outliers that can't use this
> carrier or cellular at all. These outliers, in my opinion, shouldn't
> have a majority stake in the overall design. The APN overall cost is
> low and so is the data plan for the hosted routers. The private APN
> also eliminates the router as an internet attack vector. I don't
> believe routers are appropriate security appliances to defend and
> monitor against network threats.

Hi Sean,

You want vendor lock-in on your emergency access path? Are you sure?

> Some of my colleagues believe that the flexibility of public cellular
> access outweighs the security risks.

I think your colleagues are correct. Shoot for an OOB solution that
allows you to pick the best technology and vendor for each site you
choose to protect. That won't necessarily even be cellular everywhere.

Regards,
Bill Herrin


-- 
Hire me! https://bill.herrin.us/resume/

Re: DMVPN via Internet or Private APN

[Chriztoffer Hansen]

On Mon, 11 Jan 2021 at 19:27, Sean wrote:
> I offer a question to help me settle an internal debate. As a network
> engineer for a large enterprise, do you choose ISP flexibility or ISP
> security when you build an OOB network? I was tasked to create an OOB
> network for my company. Realistically it would only be deployed to 25%
> of the companies sites as they are considered important enough to
> justify the cost. The design is simple enough. Hub and spoke using
> cellular routers. DMVPN will carry data from the spoke to the hub.

Maybe this talk from NLNOG 2020 is of interest to you concerning OOB.
https://www.youtube.com/watch?v=72yccGg0h8g

--
Chriztoffer

Re: shouting draft resisters, Parler

[Sabri Berisha]

- On Jan 11, 2021, at 3:25 PM, Joe Loiacono jloia...@gmail.com wrote:

Hi,

> Only if you believe censorship has nothing to do with free speech.

As Anne was trying to point out, the 1st Amendment protects you from the 
Government, and more specifically, Congress:

Congress shall make no law respecting an establishment of religion, or
prohibiting the free exercise thereof; or abridging the freedom of speech,
or of the press; or the right of the people peaceably to assemble, and to
petition the Government for a redress of grievances.

Your 1st Amendment rights do not include the right to put your signs in 
your neighbor's yard, and by extension, to host your website on your 
neighbor's (or Amazon's) private infrastructure.

This does not mean that I agree with Amazon's decision. There are a lot
of implications to this.

Thanks,

Sabri

Who now waits for another donotpay.com "confirmation". And will then,
yet again, complain to their support, Mailgun, and AWS.

Re: [External] DMVPN via Internet or Private APN

[Hunter Fuller via NANOG]

I probably would not choose the Private APN. I get the appeal, but I
would probably use router ACLs to restrict traffic only to other
endpoints in the VPN mesh. Exploits/methods that could get around this
are few and far between, and the benefits are numerous, namely, you
aren't tied to one cell provider, and you aren't even tied to the
cellular medium (which might be important).

If, for some reason, being tied to one carrier was not any concern,
AND I had an amazingly good deal with my carrier on the APN, then my
opinion might change, but that just seems unlikely to me.

I do not think it is an excessive burden to remain on top of software
releases, such that, if there was some exploit that could breach the
ACL protection, you would be able to patch it very quickly. And since
it's just OOB, you can test it on three or four boxes, then just blast
the upgrade out to all of them at once using Ansible or whatever.

--
Hunter Fuller (they)
Router Jockey
VBH Annex B-5
+1 256 824 5331

Office of Information Technology
The University of Alabama in Huntsville
Network Engineering

On Tue, Jan 12, 2021 at 10:55 AM Sean Kelly  wrote:
>
> Hello Nanog's
>
> I offer a question to help me settle an internal debate. As a network
> engineer for a large enterprise, do you choose ISP flexibility or ISP
> security when you build an OOB network? I was tasked to create an OOB
> network for my company. Realistically it would only be deployed to 25%
> of the companies sites as they are considered important enough to
> justify the cost. The design is simple enough. Hub and spoke using
> cellular routers. DMVPN will carry data from the spoke to the hub.
>
> The real debate arrives when it's time to choose a carrier to host the
> router. I choose to go with a major cell carrier using a "private"
> APN. It allows me to connect my cell routers to a private layer 2
> network and my private IP addresses will be used to provide layer 3
> connectivity. I know that there will be outliers that can't use this
> carrier or cellular at all. These outliers, in my opinion, shouldn't
> have a majority stake in the overall design. The APN overall cost is
> low and so is the data plan for the hosted routers. The private APN
> also eliminates the router as an internet attack vector. I don't
> believe routers are appropriate security appliances to defend and
> monitor against network threats.
>
> Some of my colleagues believe that the flexibility of public cellular
> access outweighs the security risks. The cellular internet will
> provide us with a solution for more of the outliers than a private
> APN. I don't agree with this philosophy even though it's not
> "technically" wrong. I am interested in a broader range of opinion and
> technical reasoning.
>
> Nanog member KELLYSP

Re: Parler

[Andy Ringsmuth]

And yet, Amazon will still happily sell you this item:

https://www.amazon.com/Anarchist-Cookbook-William-Powell/dp/1607966123/

In fact, it is listed as:  #1 Best Seller in Anarchism




Andy Ringsmuth
5609 Harding Drive
Lincoln, NE 68521-5831
(402) 304-0083
a...@andyring.com

“Better even die free, than to live slaves.” - Frederick Douglas, 1863

> On Jan 12, 2021, at 10:36 AM, Paul Timmins  wrote:
> 
> "You have to let your customer's services contain death threats against the 
> owner of your company or we'll blacklist you" is the wildest take of 2021 yet.
> 
> Blocking Amazon because of who they allow to remain a customer is something I 
> wholeheartedly encourage my competitors to do.
> 
> On 1/12/21 9:29 AM, Kevin McCormick wrote:
>> Imagine if Tier 1 ISPs had a censorship free clause that required companies 
>> like Twitter, Facebook, and Amazon to provide services free of censorship or 
>> have IP blocks blackholed. They would lose hundreds of millions of dollars 
>> per day. I bet they would reverse their tone in a hurry.
>> 
>> https://www.seattletimes.com/seattle-news/idaho-internet-provider-to-block-facebook-twitter-over-their-trump-bans/
>>  
>> Thank you,
>> 
>> Kevin McCormick
>>  
>> From: NANOG  On Behalf Of mark 
>> seery
>> Sent: Sunday, January 10, 2021 8:06 PM
>> To: K. Scott Helms 
>> Cc: NANOG Operators' Group 
>> Subject: Re: Parler
>>  
>> I assume multiple networks/ ISPs that have acceptable use policies that call 
>> out criminality and incitement to violence, for example:
>>  
>> https://www.xfinity.com/support/articles/comcast-acceptable-use-policy
>>  
>> Have these AUPs been invoked previously for these reasons, or would that be 
>> new territory?
>> 
>> Sent from Mobile Device
>> 
>> 
>> On Jan 10, 2021, at 2:52 PM, K. Scott Helms  wrote:
>> 
>> 
>> Right, it's not a list for content hosting.
>>  
>> Scott Helms
>>  
>> On Sun, Jan 10, 2021, 5:42 PM  wrote:
>> No, this is a list for Network Operators.
>> 
>> Sent from my iPhone
>> 
>> 
>> On Jan 10, 2021, at 5:32 PM, K. Scott Helms  wrote:
>> 
>> 
>> This is a list for pushing bits.  The fact that many/most of us have other 
>> businesses doesn't make this an appropriate forum for SIP issues (to use my 
>> own work as an example).
>>  
>> On Sun, Jan 10, 2021, 4:52 PM  wrote:
>> This is a list for Network Operators, AWS certainly operates networks.
>> 
>> Sent from my iPhone
>> 
>> 
>> On Jan 10, 2021, at 4:27 PM, K. Scott Helms  wrote:
>> 
>> 
>> No,
>>  
>> It really does not.  Section 230 only applies to publishers, and not to 
>> network providers.  If this were a cloud hosting provider list then you'd be 
>> correct, but as a network provider's list it does not belong here.
>> 
>> 
>> Scott Helms
>> 
>>  
>>  
>> On Sun, Jan 10, 2021 at 3:21 PM Lady Benjamin PD Cannon  
>> wrote:
>> As network operations and compute/cloud/hosting operations continue to 
>> coalesce, I very much disagree with you.  Section 230 is absolutely 
>> relevant, this discussion is timely and relevant, and it directly affects me 
>> as both a telecom and cloud compute/services provider. 
>>  
>>  
>> —L.B.
>>  
>> Lady Benjamin PD Cannon, ASCE
>> 6x7 Networks & 6x7 Telecom, LLC 
>> CEO 
>> b...@6by7.net
>> "The only fully end-to-end encrypted global telecommunications company in 
>> the world.”
>> FCC License KJ6FJJ
>> 
>> 
>> 
>> 
>> 
>> 
>> On Jan 10, 2021, at 12:13 PM, K. Scott Helms  wrote:
>>  
>> It's not, and frankly it's disappointing to see people pushing an agenda 
>> here.
>> 
>> 
>> Scott Helms
>> 
>> 
>> On Sun, Jan 10, 2021 at 9:37 AM  wrote:
>> 
>> 
>> NANOG is a group of Operators, discussion does not have to be about 
>> networking. I have already explained how this represents a significant issue 
>> for Network Operators.
>> 
>> On Jan 10, 2021, at 9:09 AM, Mike Bolitho  wrote:
>> 
>> 
>> It has nothing to do with networking. Their decision was necessarily 
>> political. If you can specifically bring up an issue, beyond speculative, on 
>> how their new chosen CDN is somehow now causing congestion or routing issues 
>> on the public internet, then great. But as of now, that isn't even a thing. 
>> It's just best to leave it alone because it will devolve into chaos.
>> 
>> - Mike Bolitho
>> 
>> On Sun, Jan 10, 2021, 6:54 AM  wrote:
>> 
>> 
>> Why? This is extremely relevant to network operators and is not political at 
>> all.
>> 
>> On Jan 10, 2021, at 8:51 AM, Mike Bolitho  wrote:
>> 
>> 
>> Can we please not go down this rabbit hole on here? List admins?
>> 
>> - Mike Bolitho
>> 
>> On Sun, Jan 10, 2021, 1:26 AM William Herrin  wrote:
>> 
>> 
>> Anybody looking for a new customer opportunity? It seems Parler is in
>> search of a new service provider. Vendors need only provide all the
>> proprietary AWS APIs that Parler depends upon to function.
>> 
>> https://www.washingtonpost.com/technology/2021/01/09/amazon-parler-suspension/
>> 
>> Regards,
>> Bill HErrin

Register now for our DNS Fundamentals Webinar  Jan 22, via NANOG U

[NANOG News]

NANOG U Webinars provide students across North America a way to virtually
connect and engage with industry innovators, while learning the latest
Internet technologies + best practices, and accessing career-building tools
+ resources. Our next Webinar will take place on Friday, January 22!

*DNS Fundamentals *

*Date + Time: *
Jan 22, 11am - 1pm PST / 2pm - 4pm EST

*Speaker:*
Eddy Winstead, Internet Systems Consortium (ISC)

*Agenda:*
DNS is a distributed database which maps domain names to IP addresses. Join
us for an overview of how DNS works, and how to leverage the system to
support your Internet related communications.

*Registration: *
NANOG U Webinars are free to attend, but registration is required to
participate. All sessions are conducted at nanog.org. To register for the
webinar, you'll first need to sign up for a NANOG account. It's free,
simple, and takes less than a minute.

Register Now 
Watch Past Webinars 

[NANOG-announce] Register now for our DNS Fundamentals Webinar  Jan 22, via NANOG U

[NANOG News]

NANOG U Webinars provide students across North America a way to virtually
connect and engage with industry innovators, while learning the latest
Internet technologies + best practices, and accessing career-building tools
+ resources. Our next Webinar will take place on Friday, January 22!

*DNS Fundamentals *

*Date + Time: *
Jan 22, 11am - 1pm PST / 2pm - 4pm EST

*Speaker:*
Eddy Winstead, Internet Systems Consortium (ISC)

*Agenda:*
DNS is a distributed database which maps domain names to IP addresses. Join
us for an overview of how DNS works, and how to leverage the system to
support your Internet related communications.

*Registration: *
NANOG U Webinars are free to attend, but registration is required to
participate. All sessions are conducted at nanog.org. To register for the
webinar, you'll first need to sign up for a NANOG account. It's free,
simple, and takes less than a minute.

Register Now 
Watch Past Webinars 
___
NANOG-announce mailing list
NANOG-announce@nanog.org
https://mailman.nanog.org/mailman/listinfo/nanog-announce

Re: DMVPN via Internet or Private APN

[Saku Ytti]

On Tue, 12 Jan 2021 at 18:57, Sean Kelly  wrote:

> The real debate arrives when it's time to choose a carrier to host the
> router. I choose to go with a major cell carrier using a "private"

I'm not sure I see the sides of the debate. I personally see no
utility at all in paying premium for APN, I see it as a way to pay a
premium to get liability. There are no improvements in security
posture but obviously if there is APN specific outage, outage in your
APN is not going to be much of a priority compared to outage at
consumer APN, which is fire drill.
As well as you make it a lot harder to procure and negotiate,
particularly if you expand to new markets. Compared to dial-home DMVPN
where you have no requirements above most standard INET access
offered.

I assume you mean DMVPN with IPSEC. If you don't imply IPSEC, then I
assume security wasn't a metric for this product.

-- 
  ++ytti

Re: Just a heads up, apparently Ubiquiti had a breach.

[tom t via NANOG]

Maybe related to solarwinds breach?

> On Jan 11, 2021, at 12:35 PM, eric-l...@truenet.com wrote:
> 
> 
> Official statement: https://mailchi.mp/ubnt/account-notification?e=30527b2904
>  
> Sincerely,
>  
> Eric Tykwinski
> TrueNet, Inc.
> P: 610-429-8300
>  

DMVPN via Internet or Private APN

[Sean Kelly]

Hello Nanog's

I offer a question to help me settle an internal debate. As a network
engineer for a large enterprise, do you choose ISP flexibility or ISP
security when you build an OOB network? I was tasked to create an OOB
network for my company. Realistically it would only be deployed to 25%
of the companies sites as they are considered important enough to
justify the cost. The design is simple enough. Hub and spoke using
cellular routers. DMVPN will carry data from the spoke to the hub.

The real debate arrives when it's time to choose a carrier to host the
router. I choose to go with a major cell carrier using a "private"
APN. It allows me to connect my cell routers to a private layer 2
network and my private IP addresses will be used to provide layer 3
connectivity. I know that there will be outliers that can't use this
carrier or cellular at all. These outliers, in my opinion, shouldn't
have a majority stake in the overall design. The APN overall cost is
low and so is the data plan for the hosted routers. The private APN
also eliminates the router as an internet attack vector. I don't
believe routers are appropriate security appliances to defend and
monitor against network threats.

Some of my colleagues believe that the flexibility of public cellular
access outweighs the security risks. The cellular internet will
provide us with a solution for more of the outliers than a private
APN. I don't agree with this philosophy even though it's not
"technically" wrong. I am interested in a broader range of opinion and
technical reasoning.

Nanog member KELLYSP

Re: Parler

[Paul Timmins]

"You have to let your customer's services contain death threats against 
the owner of your company or we'll blacklist you" is the wildest take of 
2021 yet.


Blocking Amazon because of who they allow to remain a customer is 
something I wholeheartedly encourage my competitors to do.


On 1/12/21 9:29 AM, Kevin McCormick wrote:


Imagine if Tier 1 ISPs had a censorship free clause that required 
companies like Twitter, Facebook, and Amazon to provide services free 
of censorship or have IP blocks blackholed. They would lose hundreds 
of millions of dollars per day. I bet they would reverse their tone in 
a hurry.


https://www.seattletimes.com/seattle-news/idaho-internet-provider-to-block-facebook-twitter-over-their-trump-bans/

Thank you,

Kevin McCormick

*From:*NANOG  *On Behalf 
Of *mark seery

*Sent:* Sunday, January 10, 2021 8:06 PM
*To:* K. Scott Helms 
*Cc:* NANOG Operators' Group 
*Subject:* Re: Parler

I assume multiple networks/ ISPs that have acceptable use policies 
that call out criminality and incitement to violence, for example:


https://www.xfinity.com/support/articles/comcast-acceptable-use-policy

Have these AUPs been invoked previously for these reasons, or would 
that be new territory?


Sent from Mobile Device



On Jan 10, 2021, at 2:52 PM, K. Scott Helms
mailto:kscott.he...@gmail.com>> wrote:



Right, it's not a list for content hosting.

Scott Helms

On Sun, Jan 10, 2021, 5:42 PM mailto:sro...@ronan-online.com>> wrote:

No, this is a list for Network Operators.

Sent from my iPhone



On Jan 10, 2021, at 5:32 PM, K. Scott Helms
mailto:kscott.he...@gmail.com>>
wrote:



This is a list for pushing bits.  The fact that many/most
of us have other businesses doesn't make this an
appropriate forum for SIP issues (to use my own work as an
example).

On Sun, Jan 10, 2021, 4:52 PM mailto:sro...@ronan-online.com>> wrote:

This is a list for Network Operators, AWS certainly
operates networks.

Sent from my iPhone



On Jan 10, 2021, at 4:27 PM, K. Scott Helms
mailto:kscott.he...@gmail.com>> wrote:



No,

It really does not.  Section 230 only applies to
publishers, and not to network providers.  If this
were a cloud hosting provider list then you'd be
correct, but as a network provider's list it does
not belong here.


Scott Helms

On Sun, Jan 10, 2021 at 3:21 PM Lady Benjamin PD
Cannon mailto:b...@6by7.net>> wrote:

As network operations and
compute/cloud/hosting operations continue to
coalesce, I very much disagree with you. 
Section 230 is absolutely relevant, this
discussion is timely and relevant, and it
directly affects me as both a telecom and
cloud compute/services provider.

—L.B.

Lady Benjamin PD Cannon, ASCE

6x7 Networks & 6x7 Telecom, LLC

CEO

b...@6by7.net 

"The only fully end-to-end encrypted global
telecommunications company in the world.”

FCC License KJ6FJJ









On Jan 10, 2021, at 12:13 PM, K. Scott
Helms mailto:kscott.he...@gmail.com>> wrote:

It's not, and frankly it's disappointing
to see people pushing an agenda here.


Scott Helms


On Sun, Jan 10, 2021 at 9:37 AM
mailto:sro...@ronan-online.com>> wrote:


NANOG is a group of Operators,
discussion does not have to be about
networking. I have already explained
how this represents a significant
issue for Network Operators.

On Jan 10, 2021, at 9:09 AM, Mike
Bolitho mailto:mikeboli...@gmail.com>> wrote:


It has nothing to do with networking.
Their decision was necessarily
political. If you can specifically
bring up an issue, beyond speculative,
on how their 

Re: shouting draft resisters, Parler

[Donald Eastlake]

Hi,

On Mon, Jan 11, 2021 at 8:23 PM John R. Levine  wrote:
> > I think it is reasonably clear this was a reference to the Iroquois Theatre
> > fire where 602 people died.
>
> Not at all.  The actual quote is
>
>   The most stringent protection of free speech would not protect a man
>   falsely shouting fire in a theatre and causing a panic.
>
> The Iroquois fire was unfortunately all too real.

As you can see by looking at your own quote, there is nothing about
whether or not there actually is smoke or is a fire in the "crowded
theater". Certainly the operators, owners, and builders of the
Iroquois Theater all claimed that the exists were more than adequate
and it was entirely the fault of the people who died from being
crushed/trampled because they should have remained calm.

Thanks,
Donald
===
 Donald E. Eastlake 3rd   +1-508-333-2270 (cell)
 2386 Panoramic Circle, Apopka, FL 32703 USA
 d3e...@gmail.com

> As soon as the US entered WW I the first amendment basically went out the
> window with the Espionage Act.  Schenck was part of that.
>
> R's,
> John

RE: Parler

[Kevin McCormick]

Imagine if Tier 1 ISPs had a censorship free clause that required companies 
like Twitter, Facebook, and Amazon to provide services free of censorship or 
have IP blocks blackholed. They would lose hundreds of millions of dollars per 
day. I bet they would reverse their tone in a hurry.

https://www.seattletimes.com/seattle-news/idaho-internet-provider-to-block-facebook-twitter-over-their-trump-bans/

Thank you,

Kevin McCormick

From: NANOG  On Behalf Of mark 
seery
Sent: Sunday, January 10, 2021 8:06 PM
To: K. Scott Helms 
Cc: NANOG Operators' Group 
Subject: Re: Parler

I assume multiple networks/ ISPs that have acceptable use policies that call 
out criminality and incitement to violence, for example:

https://www.xfinity.com/support/articles/comcast-acceptable-use-policy

Have these AUPs been invoked previously for these reasons, or would that be new 
territory?
Sent from Mobile Device


On Jan 10, 2021, at 2:52 PM, K. Scott Helms 
mailto:kscott.he...@gmail.com>> wrote:

Right, it's not a list for content hosting.

Scott Helms

On Sun, Jan 10, 2021, 5:42 PM 
mailto:sro...@ronan-online.com>> wrote:
No, this is a list for Network Operators.
Sent from my iPhone


On Jan 10, 2021, at 5:32 PM, K. Scott Helms 
mailto:kscott.he...@gmail.com>> wrote:

This is a list for pushing bits.  The fact that many/most of us have other 
businesses doesn't make this an appropriate forum for SIP issues (to use my own 
work as an example).

On Sun, Jan 10, 2021, 4:52 PM 
mailto:sro...@ronan-online.com>> wrote:
This is a list for Network Operators, AWS certainly operates networks.
Sent from my iPhone


On Jan 10, 2021, at 4:27 PM, K. Scott Helms 
mailto:kscott.he...@gmail.com>> wrote:

No,

It really does not.  Section 230 only applies to publishers, and not to network 
providers.  If this were a cloud hosting provider list then you'd be correct, 
but as a network provider's list it does not belong here.


Scott Helms


On Sun, Jan 10, 2021 at 3:21 PM Lady Benjamin PD Cannon 
mailto:b...@6by7.net>> wrote:
As network operations and compute/cloud/hosting operations continue to 
coalesce, I very much disagree with you.  Section 230 is absolutely relevant, 
this discussion is timely and relevant, and it directly affects me as both a 
telecom and cloud compute/services provider.


—L.B.

Lady Benjamin PD Cannon, ASCE
6x7 Networks & 6x7 Telecom, LLC
CEO
b...@6by7.net
"The only fully end-to-end encrypted global telecommunications company in the 
world.”
FCC License KJ6FJJ






On Jan 10, 2021, at 12:13 PM, K. Scott Helms 
mailto:kscott.he...@gmail.com>> wrote:

It's not, and frankly it's disappointing to see people pushing an agenda here.


Scott Helms


On Sun, Jan 10, 2021 at 9:37 AM 
mailto:sro...@ronan-online.com>> wrote:


NANOG is a group of Operators, discussion does not have to be about networking. 
I have already explained how this represents a significant issue for Network 
Operators.

On Jan 10, 2021, at 9:09 AM, Mike Bolitho 
mailto:mikeboli...@gmail.com>> wrote:


It has nothing to do with networking. Their decision was necessarily political. 
If you can specifically bring up an issue, beyond speculative, on how their new 
chosen CDN is somehow now causing congestion or routing issues on the public 
internet, then great. But as of now, that isn't even a thing. It's just best to 
leave it alone because it will devolve into chaos.

- Mike Bolitho

On Sun, Jan 10, 2021, 6:54 AM 
mailto:sro...@ronan-online.com>> wrote:


Why? This is extremely relevant to network operators and is not political at 
all.

On Jan 10, 2021, at 8:51 AM, Mike Bolitho 
mailto:mikeboli...@gmail.com>> wrote:


Can we please not go down this rabbit hole on here? List admins?

- Mike Bolitho

On Sun, Jan 10, 2021, 1:26 AM William Herrin 
mailto:b...@herrin.us>> wrote:


Anybody looking for a new customer opportunity? It seems Parler is in
search of a new service provider. Vendors need only provide all the
proprietary AWS APIs that Parler depends upon to function.

https://www.washingtonpost.com/technology/2021/01/09/amazon-parler-suspension/

Regards,
Bill HErrin