Re: ipv4 on mobile networks

[Mark Tinka]

On 10/25/21 18:12, Masataka Ohta wrote:



So are IP entities behind NAT. So?


I still don't understand your point.

Are you asserting that NAT'ed devices do not have an IP address?

Mark.

Re: question about enabling RPKI using Hosted mode

[Job Snijders via NANOG]

Dear Edvinas,

On Mon, Oct 25, 2021 at 11:49:09PM +0300, Edvinas Kairys wrote:
> We're thinking of enabling BGP ROA, because more and more ISPs are using
> strict RPKI mode.
> 
> Does enabling Hosted Mode (where it doesn't requires any additional
> configuration on client end) on RPKI could for some reason could cause a
> traffic loss ?
> 
> The only disasterious scenario i could think of, is if we would enable ROA
> with incorrect sub prefixes, maximum prefix length. Am i Right ?

I think you correctly identified most of the potential pitfalls. Another
pitfall might be when a typo in the Origin AS value slips into the RPKI ROA.

For example, I originate 2001:67c:208c::/48 in the DFZ from AS 15562.
Should I'd accidentally modify the covering ROA to only permit AS 15563,
the planet's connectivity towards 2001:67c:208c::/48 would become
spotty.

So... - BEFORE - creating RPKI ROAs, I recommend setting up a BGP/RPKI
monitoring tool. NTT's excellent BGPAlerter might be useful in this
context: https://github.com/nttgin/BGPalerter

Don't deploy things without monitoring! :-)

Kind regards,

Job

question about enabling RPKI using Hosted mode

[Edvinas Kairys]

Hello,

We're thinking of enabling BGP ROA, because more and more ISPs are using
strict RPKI mode.

Does enabling Hosted Mode (where it doesn't requires any additional
configuration on client end) on RPKI could for some reason could cause a
traffic loss ?

The only disasterious scenario i could think of, is if we would enable ROA
with incorrect sub prefixes, maximum prefix length. Am i Right ?

Thanks

DNS/CDN Issue at Microsoft

[Brett Carr]

Hi,
  is there anyone on list at Microsoft who can assist with with a
DNS/CDN Issue with one of Nominet's recursive DNS service being
incorrectly located in Japan

The query in question is for 
hnd-efz.ms-acdc.office.com

If anyone who can help can drop me an email I would really appreciate it.

Thanks

Brett



--
Brett Carr
Manager DNS Engineering
Nominet UK

Re: IPv6 and CDN's

[Job Snijders via NANOG]

On Mon, Oct 25, 2021 at 04:20:28PM -0400, Jared Mauch wrote:
>   Some of the other CDNs do have IPv6 on the authorities and
> should work without issues.
> 
> eg:
> 
> dig -6 +trace www.akamai.com.

Yes of course :-)

dig -6 +trace www.fastly.com.

Kind regards,

Job

Re: IPv6 and CDN's

[Jared Mauch]

On Fri, Oct 22, 2021 at 05:13:09PM +0200, Job Snijders via NANOG wrote:
> Hi everyone, goedenmiddag Marco!
> 
> On Fri, Oct 22, 2021 at 01:40:42PM +0200, Marco Davids via NANOG wrote:
> > We currently live in times where is actually fun to go IPv6-only. In my
> > case, as in: running a FreeBSD kernel compiled without the IPv4-stack.
> 
> Indeed, this is fun experimentation. Shaking the (source code) trees
> through excercises like these is a valuable way to identify gaps.
> 
> > It turns out that there underlying CDN's with domain names such as
> > ‘l-msedge.net’ and ‘trafficmanager.net’ (Microsoft) or 'fastly.net', that
> > reside on authoritative name servers that *only* have an IPv4 address.
> 
> As some observant readers noticed (hint: https://ip6.nl/#!deb.debian.org),
> Fastly is working hard with select customers and friends to support IPv6
> for everyone.
> 
> ** SNIP **
> 
> as BGP traffic engineering) might be reluctant to offer IPv6 services
> "as if they are the same as IPv4". More study is required.
> 
> Tl;DR - work in progress! :-)

Some of the other CDNs do have IPv6 on the authorities and
should work without issues.

eg:

dig -6 +trace www.akamai.com.

- Jared

-- 
Jared Mauch  | pgp key available via finger from ja...@puck.nether.net
clue++;  | http://puck.nether.net/~jared/  My statements are only mine.

Re: ARIN POC RegDate...

[John Curran]

On 24 Oct 2021, at 8:58 PM, b...@theworld.com wrote:
> 
> 
> Perhaps silly but am I the only one with an ARIN POC RegDate of
> 1970-01-01? I've been in that db a long time but not quite that long.

Indeed Barry…  As pointed out earlier, that’s what is displayed for 32-bits of 
zero – which means that value was never set for the POC (a better display 
string would be probably be “UNKNOWN”) 

On creation, the overwhelming majority of POCs (and Orgs) were set to the date 
of issuance of their corresponding network record, but this did not happen in 
100% of the cases (e.g. when the appropriate value was unclear due to multiple 
records.)   If anyone has a similar issue, please feel free to contact the ARIN 
Helpdesk and we’ll research and correct the data asap. 

> Does it matter? I have no idea what the correct date might be so
> the instructions to correct don't help.

We believe the correct date should be the same as the same as the date 
presently on your Org record and your first network issue date  (03-26-1990 in 
this case).  It’s possible that your “nic handle" existed prior and was used 
with another network and was subsequently displaced by another POC on the 
network - if that was case, we would not have able to associate the earlier 
date with your POC automatically. 

> If I needed that info I'd consult the ARIN DB but I guess not.

Check tomorrow… it will be updated per above. 

> I guess I'm wondering if it's just their temporary DB glitch so I
> should ignore it.
> 
> The rest of the info is perfect beyond my wildest dreams.

Good to hear - Thanks! 
/John

John Curran
President and CEO
American Registry for Internet Numbers

Re: ipv4 on mobile networks

[Masataka Ohta]

Mark Tinka wrote:


So what I'm trying to understand is, despite whether a connection is
pure or NAT'ed, how does a device on the Internet expect to
communicate without an IP address?


So are IP entities behind NAT. So?

Masataka Ohta

RE: ARIN POC RegDate...

[Chris Wright]

That's just the Unix epoch time. Your info is missing for that field so the 
32-bit integer is a string of 0's, which renders out to 00:00:00 UTC January 
1st 1970.



-Original Message-
From: NANOG  On 
Behalf Of b...@theworld.com
Sent: Sunday, October 24, 2021 8:59 PM
To: nanog@nanog.org
Subject: ARIN POC RegDate...


Perhaps silly but am I the only one with an ARIN POC RegDate of 1970-01-01? 
I've been in that db a long time but not quite that long.

Does it matter? I have no idea what the correct date might be so the 
instructions to correct don't help.

If I needed that info I'd consult the ARIN DB but I guess not.

I guess I'm wondering if it's just their temporary DB glitch so I should ignore 
it.

The rest of the info is perfect beyond my wildest dreams.

-- 
-Barry Shein

Software Tool & Die| b...@theworld.com | http://www.TheWorld.com
Purveyors to the Trade | Voice: +1 617-STD-WRLD   | 800-THE-WRLD
The World: Since 1989  | A Public Information Utility | *oo*

Re: ipv4 on mobile networks

[Mark Tinka]

On 10/25/21 08:29, Lady Benjamin Cannon of Glencoe, ASCE wrote:


I’m typing this on an LTE UE on our network with a NAT’d IPv4 IP address.

Feels relevant.


We may be missing each other here...

From the point of view of TCP/IP, a node behind a CGN has a unique IP 
address.


So what I'm trying to understand is, despite whether a connection is 
pure or NAT'ed, how does a device on the Internet expect to communicate 
without an IP address?


Mark.

Re: ipv4 on mobile networks

[Lady Benjamin Cannon of Glencoe, ASCE]

I’m typing this on an LTE UE on our network with a NAT’d IPv4 IP address. 

Feels relevant.

—L.B.

Ms. Lady Benjamin PD Cannon of Glencoe, ASCE
6x7 Networks & 6x7 Telecom, LLC 
CEO 
l...@6by7.net 
"The only fully end-to-end encrypted global telecommunications company in the 
world.”
FCC License KJ6FJJ



> On Oct 24, 2021, at 10:58 PM, Mark Tinka  wrote:
> 
> 
> 
> On 10/25/21 01:35, Masataka Ohta wrote:
> 
>> 
>> So are IP entities behind NAT. So?
> 
> Your point being...?
> 
> Mark.