Re: Unimus as NCM (Network Configuration Management) Tool

[Chris Boyd]

> On Apr 4, 2024, at 2:06 AM, Mark Tinka  wrote:
> On 4/4/24 08:25, Mike Lyon wrote:
> 
>> I use it for config backups, diffs, etc. Love it.
>> 
>> Theres others such as Rancid but im not sure if it works on anything other 
>> than Vendor C.
> 
> RANCID works perfectly for Cisco, Juniper, Arista, Brocade (Foundry) and HP.

Also works well for Dell S series switches. I use it on S4128s and S4048s.

Re: what is acceptible jitter for voip and videoconferencing?

[Chris Boyd]

> On Sep 20, 2023, at 2:46 AM, Saku Ytti  wrote:
> 
> skype uses Silk
> (maybe teams too?).  

We run Teams Telephony in $DAYJOB, and it does use SILK.

https://learn.microsoft.com/en-us/microsoftteams/platform/bots/calls-and-meetings/real-time-media-concepts

Re: Xfi Advances Security (comcast)

[Chris Boyd]

> On Sep 10, 2021, at 9:31 AM, Jason Kuehl  wrote:
> 
> For whatever reason Comcast Xfinity is blocking my VPN URL. I've started the 
> process to unblock, and I'm trying to get a hold of their security team to 
> resolve this. I've been bounced around all morning. 
> 
> Does anyone have a contact at Comcast that can whitelist a URL or get me to a 
> team that can understand what is going on for the block to happen?

Why is Comcast blocking things? That seems like it’s out of scope for an ISP.

—Chris

Re: Reminder: Never connect a generator to home wiring without transfer switch

[Chris Boyd]

> On Aug 25, 2021, at 1:30 PM, b...@theworld.com wrote:
> 
> 
> 
> Except maybe that one guy at Harvard who came to replace what turned
> out to be a 100+ year old, home made, "breaker" which fed our machine
> room which was hidden in a narrow dark hallway winding around our
> machine room behind an unmarked metal, locked doorway. I had no idea
> it existed but we had no power so I called for help.
> 
> It was just a single copper bar about the size of a small candy bar
> tensioned into hot clips. Probably 400A but who remembers.
> 
> He removed the old one confidently enough, grabbed the new one with
> rubber-handled pliers and gloves and...
> 
>  Him: Have you ever played football?
> 
>  Me: Actually, yes, I have, why?
> 
>  Him: If something doesn't look right when I put this thing in just
>  tackle me clear of it as hard and as fast as you can.
> 
>  Me: Um, ok.
> 
> It all worked out fine and I wrote a memo that maybe Harvard could
> spring for a proper $500 breaker box?
> 
> 

When I was working at the MCI training facility in 1994, I went into the power 
facility classroom where they had battery strings, rectifiers, transfer 
switches, etc for students to learn on. I noticed that every 8-10 feet there 
was an 8 foot long 3/4 inch PVC pipe with about 16 feet of rope threaded 
through it. When I asked what those were for, the instructor said “We will use 
those to pull people off the electricity in case anyone gets shocked.”

I never heard that they were used, so that’s good.

—Chris

Re: OVH datacenter SBG2 in Strasbourg on fire 

[Chris Boyd]

> On Mar 11, 2021, at 5:06 AM, Matt Harris  wrote:
> 
> There are plenty of effective options besides environmentally-destructive 
> Halon, dangerous-to-equipment water sprinkler, or dangerous-to-personnel CO2 
> for fire suppression these days. Some of the most common today are foam 
> systems like FM-200 or 3m's Novec. 

Novec and Solvay’s Galden are not really that much better than Halon. I guess 
it come down to which halogen do you want to release? Chlorine or Ffuorine?

https://www.engineeredfluids.com/post/are-pfas-the-next-pcbs

—Chris

Re: Google Fiber abuse address does not exist

[Chris Boyd]

> On Feb 18, 2021, at 5:19 PM, Louie Lee  wrote:
> 
> Hey Chris,
> 
> Thanks for reporting this. We had an issue that caused emails to addresses in 
> that domain to not be recognized.
> 
> The email is no longer bouncing back, and emails to other googlefiber.net 
> addresses are confirmed working.
> 
> Louie

Thanks Warren and Louie for looking into it and getting it fixed. My abuse 
report has been received by the giant brain.

I’m waiting for $DAYJOB to wise up and make me the DMR at ARIN. Coming soon….

—Chris

Google Fiber abuse address does not exist

[Chris Boyd]

Can someone at ARIN tell them they need to fix this?

From whois 136.32.164.64:
OrgAbuseHandle: GFA32-ARIN
OrgAbuseName:   Google Fiber Abuse
OrgAbusePhone:  +1-650-253- 
OrgAbuseEmail:  ab...@googlefiber.net
OrgAbuseRef:https://rdap.arin.net/registry/entity/GFA32-ARIN

Email response:
  - The following addresses had permanent fatal errors -

   (reason: 550-5.1.1 The email account that you tried to reach does not exist. 
Please try)

  - Transcript of session follows -
... while talking to gmr-smtp-in.l.google.com.:
>>> DATA
<<< 550-5.1.1 The email account that you tried to reach does not exist. Please 
try
<<< 550-5.1.1 double-checking the recipient's email address for typos or
<<< 550-5.1.1 unnecessary spaces. Learn more at
<<< 550 5.1.1  https://support.google.com/mail/?p=NoSuchUser kk5si203161pjb.1 - 
gsmtp
550 5.1.1 ... User unknown
<<< 503 5.5.1 RCPT first. kk5si203161pjb.1 - gsmtp
Reporting-MTA: dns; lenny.gizmopartners.com
Received-From-MTA: DNS; 136-49-160-191.googlefiber.net
Arrival-Date: Thu, 18 Feb 2021 21:52:38 GMT

Final-Recipient: RFC822; ab...@googlefiber.net
Action: failed
Status: 5.1.1
Remote-MTA: DNS; gmr-smtp-in.l.google.com
Diagnostic-Code: SMTP; 550-5.1.1 The email account that you tried to reach does 
not exist. Please try
Last-Attempt-Date: Thu, 18 Feb 2021 21:52:39 GMT

Re: Texas internet connectivity declining due to blackouts

[Chris Boyd]

> On Feb 16, 2021, at 11:51 AM, Michael Thomas  wrote:
> 
> You'd think that mid-summer Texas chews a lot more peak capacity than the 
> middle of winter. Plus I would think a lot of Texas uses natural gas for heat 
> rather than electricity further mitigating its effect on the grid.
> 
> Mike

The eia.gov site shows it to be about a 50/50 split between natural gas and 
electric heating. Propane fills in a few more percent. Yes, the grid does get 
quite strained in the summer from AC use. 

—Chris, from Austin

Re: public open resolver list?

[Chris Boyd]

> On Feb 1, 2021, at 5:26 PM, Kevin McCormick  wrote:
> 
> Nearly all of those seem to error out.
> 
> Is that a wishful thinking list?

Those that do answer to anyone who asks are flagged "recursion-yes,” but I 
don’t know how often it’s updated.

—Chris

Re: public open resolver list?

[Chris Boyd]

> On Feb 1, 2021, at 12:19 PM, Nick Hilliard  wrote:
> 
> Randy Bush wrote on 01/02/2021 18:16:
>> is there a list of public resolvers?  e.g. 1.1.1.1, 4.4.4.4, 8.8.8.8,
>> etc.?
> 
> https://public-dns.info/

There’s also a list of interesting resolvers at
https://gist.github.com/roycewilliams/6cb91ed94b88730321ca3076006229f1

—Chris

Re: Juniper configuration recommendations/BCP

[Chris Boyd]

> On Oct 8, 2020, at 10:55 AM,   wrote:
> 
> JunOS is so linux based

Um, my MX-204 says FreeBSD amd64.

Re: Hand held copper Ethernet testers

[Chris Boyd]

> On Sep 30, 2020, at 3:42 PM, Warren Kumari  wrote:
> 
> 
> 
> On Wed, Sep 30, 2020 at 4:33 PM Nick Hilliard  wrote:
> Chris Boyd wrote on 30/09/2020 21:24:
> > My old Test-Um Lanscaper died, and I was curious what people liked
> > these days. Don’t need throughput testing or anything like that, just
> > basic wire map testing, cable ID, cable length, PoE voltage, and DHCP
> > client.
> > 
> > What do y’all like?
> 
> https://pockethernet.com/ is pretty neat.
> 
> 
> Gr... 
> 
> Pockethernet *was* really great, but they ran into some issues and stopped 
> updating/ supporting the device/app.
> 
> Many people updated the firmware, only to discover that the new firmware was 
> no longer compatible with the iOS app. There were numerous issues with the 
> UI, it wasn’t compatible with newer iOS, etc. This was incredibly frustrating 
> because it was all so close to perfect...
> 
> I’ve just noticed that there is finally a new version - perhaps things are 
> now better; I really hope so, because the device itself has great potential, 
> just let down by the app…

That does look pretty cool. Appreciate the heads up on the app.

Hand held copper Ethernet testers

[Chris Boyd]

My old Test-Um Lanscaper died, and I was curious what people liked these days. 
Don’t need throughput testing or anything like that, just basic wire map 
testing, cable ID, cable length, PoE voltage, and DHCP client.

What do y’all like?

—Chris

Just got this apparently fake NANOG invoice - Looks phishy

[Chris Boyd]

Apparent MS-Word doc attached. Be careful out there.

Return-Path: 
Received: from cross6.lu-visp.net (cross6.lu-visp.net [62.182.179.184])
by lenny.gizmopartners.com (8.14.7/8.14.7) with ESMTP id 08LJIMld018071
for ; Mon, 21 Sep 2020 19:18:25 GMT
Message-Id: <202009211918.08ljimld018...@lenny.gizmopartners.com>
Received: from [161.132.101.74] (unknown [161.132.101.74])
by cross4.lu-visp.net (Postfix) with ESMTPSA id 54FDC8808
for ; Mon, 21 Sep 2020 21:13:53 +0200 (CEST)
Date: Mon, 21 Sep 2020 14:15:49 -0500
From: "NANOG" 
To: "Chris Boyd" 
Subject: Chris Boyd
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="--308522813199332622918802174927344"
X-unconfigured-debian-site-MailScanner-ID: 54FDC8808.AF049
X-unconfigured-debian-site-MailScanner: Found to be clean
X-unconfigured-debian-site-MailScanner-From: cb2004...@bristol.lu
X-Spam-Status: No


308522813199332622918802174927344
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

=0DPlease let me know WHAT ADDRESS TO SEND TO.





NANOG


=0DOriginal Message-----=0DOn Mon, Sep 21, 2020 at 15:17 Chris Boyd  wrote:=20
--=20
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.


308522813199332622918802174927344
Content-Type: application/msword; name="INV #7565831.doc"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="INV #7565831.doc"

0M8R4KGxGuEA

Re: COVID-19 vs. our Networks

[Chris Boyd]

> On Mar 16, 2020, at 3:15 PM, Alexandre Petrescu 
>  wrote:
> 
> Please tell me about your city: do you know the numbers in your city?  How 
> did you get the info?

Austin’s health department has a web page with the current confirmed infection 
count, as well as a bunch of recommendations for various groups, in multiple 
languages.

http://www.austintexas.gov/COVID19

Almost all the tech companies here have told everyone to work from home.  We’re 
seeing lower utilization on our office connections due to split-horizon VPN 
policies.

—Chris

ATT Microcell in Austin, TX

[Chris Boyd]

Since people on here like to talk about the generatorn run time on cell towers, 
I thought y’all might like to see an ATT microcell in downtown Austin, TX.  No 
apparent generator or battery on it.

https://imgur.com/a/RY9Tg7h

—Chris

Re: Art and Tech is madness

[Chris Boyd]

> On Sep 6, 2019, at 1:18 PM, Scott Weeks  wrote:
> 
> This site is blocked due to a security threat that was discovered by the 
> Cisco Umbrella security researchers.

Here’s a YouTube link. https://www.youtube.com/watch?v=9k6A0ZlhTyw

—Chris

Re: Art and Tech is madness

[Chris Boyd]

There’s also this gem from 2005 or 2007 days. I’ve heard Cisco staff was 
involved in its creation.

http://www.mattzrelak.com/mp3/t1down.htm

—Chris

> On Sep 5, 2019, at 8:14 AM, Ca By  wrote:
> 
> See below for high value of the list, both items are very pleasing
> 
> On Thu, Sep 5, 2019 at 6:10 AM Hank Nussbacher  wrote:
> On 05/09/2019 08:09, Kasper Adel wrote:
> 
> No.  This is art & tech from 12 years ago:
> https://www.youtube.com/watch?v=_y36fG2Oba0
> 
> -Hank
> 
>> In SPRING a time when segment and routing had no mismatch, a time when isis 
>> and ospf ate a forbidden encap, all they had to do was forward bgp like its 
>> hot, but crazy flapping doesnt leave any real LDP without some real FSM 
>> check, My dynamic unnumbered neighbor.
>> 
>> 
>> 
>> Suddenly, Out of order, an AS is overridden, we see frames dropping, we 
>> sniff a bit and it turns out, sfps are burning, we are in a place right now 
>> where ping and pong are jittery, their latency is tested, they cant 
>> strengthen their icmp bond with a warm bfd message, how can they keep 
>> everyone in ACK, safe from teardown and dampening, with this kind of ixp 
>> relationship??! but oh admin, we know forwarding works in its own mysterious 
>> ways. We are left with two non rfc compliant scavengers, bastard 802.1ah 
>> fools in a leaky yet shaped, buffer display of some runts and nimbles, and a 
>> giant too. 
>> 
>> They start their life of a packet, leaving one interface to a neighbor, from 
>> an adjacency to a peer, an endless loop, its a prefix hijack, but as they 
>> move from one stack to another, finding their way through a tunnel of memory 
>> failures and RMAs, one hell of an LSP ride, through firewall horrors and MTU 
>> mismatches, leaving behind, a sea of syslog messages and snmp alarms. 
>> Anyway, Their ttl expired and one funny access list abruptly denies them 
>> life, sending them to Null0, where they can be peacefully discarded.
>> 
>> 
>> 
>> Thats what tech does to yeh
> 
> 
> 
> 
> 

Re: Time and Timing Servers

[Chris Boyd]

> On Jul 11, 2019, at 10:29 AM, Mike Hammett  wrote:
> 
> I'm looking for a device that can receive GPS inside a building without the 
> assistance of an external antenna (Frontier says they no longer allow 
> external antenna), will provide traditional NTP services, and will provide a 
> timing signal that my Metaswitch can work with.

Since it’s a telco facility, maybe they can provide BITS service. Worth asking.

—Chris

Re: Network Speed Testing and Monitoring Platform

[Chris Boyd]

> On Jan 17, 2019, at 7:17 AM, Colton Conor  wrote:
> 
> Besides mikrotik, I haven't found anything that doesn't require me to build a 
> solution. Like OpenWRT with ipef3, or something like that. 
> 
> Seems like a commercial solution would exist for this.  I though CAF 
> providers have to test bandwidth for the FCC randomly to get funding? 

Bias note—I know the founders.  The product is voice focused, but it does 
include the capability to run a speed test, and has all the cloud based 
reporting features that you’d expect today.

https://www.replycloud.io

—Chris

Re: California fires: smart speakers and emergency alerts

[Chris Boyd]

> On Jul 26, 2018, at 12:09 PM, valdis.kletni...@vt.edu wrote:
> 
> Do those use a frequency band that's suitable for cellphones to monitor 
> (antenna
> size, power, etc)? Because your best chance of getting my attention in an 
> emergency
> is to make my phone start shrieking.

VHF, on 7 frequencies:

162.400
162.425
162.450
162.475
162.500
162.525
162.550

That’s about 1.85 meter wavelength, so a quarter wave antenna would be pretty 
large.  I’m sure the RF engineers can come up with a way to listen effectively 
without a huge antenna.

—Chris

Re: California fires: smart speakers and emergency alerts

[Chris Boyd]

> On Jul 26, 2018, at 11:54 AM, Seth Mattinen  wrote:
> 
> People in tornado areas seem to be the most aware that alert radios already 
> exist. No internet access required.

For those interested in more info, http://www.nws.noaa.gov/nwr/

Pretty popular service in rural Texas.

—Chris

Re: DSL Operators Mailing List?

[Chris Boyd]

> On May 8, 2018, at 11:19 AM, Stephen Satchell  wrote:
> 
> (Not useful for those of us not on Facebook.)

LIKE

Someone from T-Mobile who can shake a ticket loose?

[Chris Boyd]

Sorry for using the white paging phone, but I have an IPv4 reachability ticket 
that I opened back in January that’s stuck in limbo.

Ticket number is either 26088938 or 18444951.  Users on T-Mobile data can’t 
reach services in 208.89.64.0/21, specifically 208.89.64.154.

—Chris

OT - Looking for a EU based equipment vendor

[Chris Boyd]

Sorry for the noise, but I need to find a company similar to ServerMonkey.com 
or Teksavers.com that’s based in France or Switzerland.  My google-fu seems to 
be weak on this.

Thanks!

—Chris

Re: Spitballing IoT Security

[Chris Boyd]

> On Oct 26, 2016, at 6:40 PM, Ronald F. Guilmette  
> wrote:
> 
> Point:  I have a DSL line which is limited to 6Mbps down and 756Kbps up.
> My guess is that if any typical/average user is seen to be using more
> than, say, 1/10 of that amount of "up" bandwidth in any one given 10
> minute time period, then something is really really REALLY wrong.

Online backup service like Carbonite and Backblaze copy lots of data upstream.  
iPhone backups would probably saturate your line for a good chunk of 10 
minutes.  Even posting a bunch of photos could take that long.  Oh, and 
bittorrent.

—Chris

Re: Spitballing IoT Security

[Chris Boyd]

> On Oct 25, 2016, at 3:10 AM, Ronald F. Guilmette  
> wrote:
> 
> An IoT is -not- a general purpose computer.  In the latter case, it is
> assumed that the owner will "pop the hood" when it comes to the software
> configuration.

Ah, but they are.  In many cases you can ship a product faster and cheaper with 
an ARM based system running a stripped down Linux and some specialty I/O than 
building a properly hardened custom microcontroller.  Source: Recently went 
through a round of proposals and bids for a small IoT type product.

Also, you probably _don’t_ want the average consumer “popping the hood” on 
their PC OS.  They will screw something up.  Worked in small business IT hell 
for 8 years, and that was the single most dangerous thing a customer could do.

—Chris

Re: Death of the Internet, Film at 11

[Chris Boyd]

> On Oct 24, 2016, at 11:37 PM, b...@theworld.com wrote:
> 
> Just curious but one wonders what most here would do with an abuse
> complaint sent to them in Chinese?

I’ve received a few of these, and if the email included an IP address or domain 
name on our networks, I’d run the thing through Google Translate and try to 
figure out what they were on about.  Not that hard.

—Chris

Re: Death of the Internet, Film at 11

[Chris Boyd]

> On Oct 22, 2016, at 7:34 AM, Mike Hammett  wrote:
> 
> "taken all necessary steps to insure that none of the numerous specific types 
> of CCVT thingies that Krebs and others identified" 
> 
> Serious question... how? 

Putting them behind a firewall without general Internet access seems to work 
for us.  We have a lot of cheap IP cameras in our facility and none of them can 
reach the net.  But this is probably a bit beyond the capabilities of the 
general home user.

—Chris

Re: issues?

[Chris Boyd]

> On Jul 14, 2016, at 9:21 PM, Ryan Finnesey  wrote:
> 
> Is this list having issues?  The last message I received was late Tuesday.

You didn’t get a message from your router vendor(s) that it’s time for the 
biennial cleaning of the intartubes and emptying of the bit buckets?

—Chris

Google Geolocation issue

[Chris Boyd]

Dear list readers, please forgive the noise, but if there's anyone here
from Google who can fix a geolocation issue I'd appreciate a reply.

208.81.245.226 is not in the UAE, it's in Austin, Texas.  Yes, I have
filled out the form to request a fix, but the AI or whatever that's
supposed to fix it has not, and we're well into 3 months after the first
report.

Thanks,

--Chris

Re: ISP License in the USA?

[Chris Boyd]

> On Jun 5, 2016, at 11:31 AM, Ryan Finnesey  wrote:
> 
> Would you mind sharing some of the telecommunications focused law firms?  I 
> am about to start a company that is going back into the CLEC/ISP/VoIP 
> Business and I am going to have to establish relationships with a few law 
> firms.

I highly recommend McCollough Henry, PC in Austin, Texas.

http://www.mccolloughhenry.com

1250 South Capital of Texas Highway
Building 3, Suite 400
Austin, Texas 78746

(512) 782-2086

—Chris

Re: Google GeoIP issue

[Chris Boyd]

I too am having a similar problem.  Used the remediation link at 
https://support.google.com/websearch/contact/ip and it’s only partially 
corrected.  Users who log in to Google are seeing the US google.com page after 
they select the preferred country and languate, but everyone else is still 
getting google.ae.  208.81.245.226 is in Austin, TX.

—Chris

> On Jun 1, 2016, at 5:17 PM, Peter Loron  wrote:
> 
> Hello folks. An address we use is not identified as being in the correct 
> location by Google. Can someone from their NOC reach out off-list?
> 
> Thanks.
> 
> 
> Sent from my iPhone
> 

GeoIP database issues and the real world consequences

[Chris Boyd]

Interesting article.

http://fusion.net/story/287592/internet-mapping-glitch-kansas-farm/

An hour’s drive from Wichita, Kansas, in a little town called Potwin,
there is a 360-acre piece of land with a very big problem.

The plot has been owned by the Vogelman family for more than a hundred
years, though the current owner, Joyce Taylor née Vogelman, 82, now
rents it out. The acreage is quiet and remote: a farm, a pasture, an old
orchard, two barns, some hog shacks and a two-story house. It’s the kind
of place you move to if you want to get away from it all. The nearest
neighbor is a mile away, and the closest big town has just 13,000
people. It is real, rural America; in fact, it’s a two-hour drive from
the exact geographical center of the United States.

But instead of being a place of respite, the people who live on Joyce
Taylor’s land find themselves in a technological horror story.


For the last decade, Taylor and her renters have been visited by all
kinds of mysterious trouble. They’ve been accused of being identity
thieves, spammers, scammers and fraudsters. They’ve gotten visited by
FBI agents, federal marshals, IRS collectors, ambulances searching for
suicidal veterans, and police officers searching for runaway children.
They’ve found people scrounging around in their barn. The renters have
been doxxed, their names and addresses posted on the internet by
vigilantes. Once, someone left a broken toilet in the driveway as a
strange, indefinite threat.

--Chris

Re: Ear protection

[Chris Boyd]

> On Sep 23, 2015, at 7:33 AM, Joe Greco  wrote:
> 
> Passive cooling typically translates to lower performance but also can
> be more expensive.

$DAYJOB uses an immersion cooling system so it’s higher performance and much 
quieter.

—Chris

Re: WiFI on utility poles

[Chris Boyd]

> On Sep 9, 2015, at 11:13 PM, John Levine  wrote:
> 
> The placement may be suboptimal, but free wifi away from home is nice.
> CableWifi really is a consortium, T-W customers can use Comcast's
> hotspots and vice versa.

If it were truly free and open access I’d be more tolerant of them stomping on 
my signal, but you have to be a CableCo customer in order to use it.  The truly 
sucky thing about TWC’s deployment is that they are also installing it in 
restaurants, bars, and similar venues—sometimes displacing the open access 
setup that was already there.  They conveniently forget to tell the 
owner/manager that it’s not really free access.

—Chris
(Who spent many hours helping restaurants, bars, and similar venues in the 
Austin area set up guest wireless networks.)

Re: Data Center operations mail list?

[Chris Boyd]

 On Aug 15, 2015, at 12:13 PM, Martin Hannigan hanni...@gmail.com wrote:
 
 There is reasonable demand for a forum.  It might need a little marketing
 to get a list with traction going.

There seems to be some traction, with 268 members on the NADCOG list so far.

—Chris

Re: Data Center operations mail list?

[Chris Boyd]

 On Aug 12, 2015, at 7:53 AM, Oliver O'Boyle oliver.obo...@gmail.com wrote:
 
 I missed the subscription info. Can you repost please? I can be #100 :)

http://lists.nadcog.org

Welcome aboard.

—Chris

Data Center operations mail list?

[Chris Boyd]

Is there a mail list that’s analogous to NANOG, but focused on the data center 
infrastructure and operations?  The shorty.com hosted list is defunct.

Thanks, and apologies for the tangential topic.

—Chris

Re: Rasberry pi - high density

[Chris Boyd]

On Mon, 2015-05-11 at 14:36 -0700, Peter Baldridge wrote:
 I don't know how to do the math for the 'vat of oil scenario'.  It's
 not something I've ever wanted to work with.

It's pretty interesting what you can do with immersion cooling.  I work
with it at $DAYJOB.  Similar to air cooling, but your coolant flow rates
are much lower than air, and you don't need any fans in the systems--The
pumps take the place of those.

We save a lot of money on the cooling side, since we don't need to
compress and expand gases/liquids.  We can run with warmish (25-30C)
water from cooling towers, and still keep the systems at a target
temperature of 35C.

--Chris

Re: Alcatel-Lucent 7750 Service Router (SR)

[Chris Boyd]

 On May 6, 2015, at 5:24 PM, Colton Conor colton.co...@gmail.com wrote:
 
 I am worried as most tech's know Cisco and Juniper, so going to ALU would
 be a learning curve based on replies I am getting off list.

It’s not that hard to learn if you know the basics of IP routing.  I just did 
an implementation of A-L 7705 SAR 8s and 18s.  Now I really wish that Cisco 
supported the “info” command.

—Chris

Re: Cisco/Level3 takedown

[Chris Boyd]

 On Apr 9, 2015, at 3:01 PM, Matt Olney (molney) mol...@cisco.com wrote:
 
 In response to Sameer Khosla's comment that we should work with the entire
 service provider community:
 
 Talos is the threat intelligence group within Cisco.  We absolutely
 welcome discussions with any network operator on how we can improve the
 state of security on the Internet.  Please contact me directly via email
 and we can have a discussion about how we can work together going forward.

While I agree that the (at least temporary) mitigation of the threat was 
overall a good thing, I'm not really happy with the method used.  Decisions to 
drop/block/filter traffic should be done locally.  I would have appreciated 
Talos coming to the various *nog lists and saying something like Hey, there's 
some really bad guys here.  Here's the evidence of their bad behavior, you 
really should block them.  That probably would have had a wider reach than 
just going to Level3.

--Chris

Re: BGP offloading (fixing legacy router BGP scalability issues)

[Chris Boyd]

Can we please get back to the original topic?

So far we have had one interesting and useful suggestion that I've seen -- Paul 
S. mentioned SIR https://github.com/dbarrosop/sir

Have I missed any other solutions other than the prefix length filtering?

--Chris

Re: Charter ARP Leak

[Chris Boyd]

 On Dec 29, 2014, at 11:51 AM, Jay Ashworth j...@baylink.com wrote:
 
 Ok.  But the interface to which the cablemodem is attached, in the general
 single-DHCP-IP case, is a /24, is it not?

No, I've seen multiple IPv4 /21s assigned to a single customer interface on a 
CMTS.  The newer CMTS are beastly large boxes.

 The example Valdis posted had 5 or 6 different /24s from all over the v4
 address space; that seems exceptionally sloppy routing...

It's just the nature of having multiple secondary IP addresses on the same RF 
interface facing the customers

 I have seen ARP-traffic-not-for-me come through a cablemodem in the past as
 well, but it was *uniformly* for the /24 in which my modem's address lived
 that day.

Cable modems are typically bridges (at least the ones that Work Right, IMHO), 
so it makes sense that you'll see all layer 2 broadcasts.  If you live in a 
small enough town, or have business class service on your modem, you may only 
see a smaller or single subnet.  On the residential side in a larger town 
you'll see lots of layer 2 stuff.

--Chris

Re: Carrier Grade NAT

[Chris Boyd]

On Jul 29, 2014, at 10:23 AM, Mikael Abrahamsson wrote:

 If law enforcement comes along without port numbers then you give them a list 
 of subscribers behind that IP at the time. Use port block allocation and keep 
 track of the blocks to reduce logging load.

There's probably going to be some interesting legal fallout from that practice. 
 As an ISP customer, I'd be furious to find out that my communications had been 
intercepted due to the bad behavior of another user.

--Chris

Re: Carrier Grade NAT

[Chris Boyd]

On Jul 29, 2014, at 11:54 AM, valdis.kletni...@vt.edu 
valdis.kletni...@vt.edu wrote:

 On Tue, 29 Jul 2014 11:42:31 -0500, Chris Boyd said:
 
 There's probably going to be some interesting legal fallout from that
 practice.  As an ISP customer, I'd be furious to find out that my
 communications had been intercepted due to the bad behavior of another user.
 
 See the various lawsuits against the NSA - the vast majority have been 
 summarily
 dismissed because the plaintiffs couldn't produce evidence their 
 communications
 had in fact been intercepted, and thus they didn't have standing to sue.

True, but there is a difference in this case, since I could probably find a way 
to do discovery of the warrant/subpoena that was delivered to the ISP--assuming 
it's not an NSL.  I would assume that going into court with evidence of the 
warrant/subpoena would be sufficient to grant standing.  Or the notice of 
intercepted communications that I've seen a few times would work too.

In $DAYJOB, we're all colo/cloud, so the stuff we get specifies a specific 
date.  Have not come across any that specify a few seconds of time as another 
poster noted.

In any case IANAL, so who knows until the cases start showing up on the 
dockets.

--Chris

Re: Muni Fiber and Politics

[Chris Boyd]

On Jul 21, 2014, at 1:38 PM, William Herrin wrote:

 The only exception I see to this would be if localities were
 constrained to providing point to point and point to multipoint
 communications infrastructure within the locality on a reasonable and
 non-discriminatory basis. The competition that would foster on the
 services side might outweigh the damage on the infrastructure side.
 Like public roads facilitate efficient transportation and freight
 despite the cost and potholes, though that's an imperfect simile.

I was planning on staying out of this debate, but.

I was involved in an effort a few years back to legalize municiple fiber 
buildouts in Texas for a few reasons:
Lack of fiber penetration in smaller cities where pent up demand was 
not being met.
Lack of competition in high speed data services in all but a few 
markets in the state.
This being the heady days of WiFi, allow cities who chose to build out 
public access to do so without interference from any incumbent.
And locally, allow the cities that already had fiber built out to use 
that fiber to earn additional revenue by leasing capacity to any carrier who 
wanted it.

To put it mildly, the incumbents went off.  Massive lobbying efforts.  
Astroturfing.  End of the telecom world rhetoric.  During the regular session, 
using a pro market argument that allowing open access to a city built fiber 
network would improve the comepetive landscape, we fought the anti-muni bill to 
a draw in the regular session.  It was, of course, passed in a dead-of-night 
action in a follow-on special session.  Cities were pretty well blocked from 
leasing fiber to others.

Now almost 10 years later, I'm finally seeing stirring of real competition on 
the utility poles in my neighborhood.  ATT is hanging new fiber and 
advertisting new high speed service on uVerse, TWC has increased their service 
levels without increasing prices.  The change? Google Fiber.

--Chris

Re: We hit half-million: The Cidr Report

[Chris Boyd]

On Apr 28, 2014, at 2:27 AM, Andy Davidson wrote:

  now aggregate it back down again, please. :-)

I'm in the middle of a physical move.  I promise I'll take the 3 deagg'd /24s 
out as soon as I can.

--Chris

Re: The FCC is planning new net neutrality rules. And they could enshrine pay-for-play. - The Washington Post

[Chris Boyd]

I'd like to propose a new ICMP message type 3 code --

Communication with Destination Network is Financially Prohibited

--Chris

Re: How to catch a cracker in the US?

[Chris Boyd]

On Mar 13, 2014, at 2:30 PM, James Downs wrote:

 
 On Mar 13, 2014, at 12:24 PM, William Herrin b...@herrin.us wrote:
 
 I'm afraid my google-fu doesn't reach back to the 1960's. You don't
 happen to have a handy reference do you?
 
 http://en.wikipedia.org/wiki/Hacker_%28term%29
 

http://www.catb.org/jargon/html/H/hacker.html

Re: About ddos-respo...@nfoservers.com

[Chris Boyd]

On Jan 24, 2014, at 8:36 AM, Jared Mauch wrote:

 You haven’t been able to get GTT/nLayer/TINet to track the traffic back?
 
 Details are welcome, either here or in private.  There are plenty of people 
 who will chase and fix this stuff when they’re aware of it.

When OpenResolver Project was announced, there were about 60 abusable addresses 
in my corner of the Internet.  I was able to get that number down under 20 by 
asking politely.  The NFOserver reports have been a pretty good stick to get 
the number down below 10.

--Chris

Re: NSA able to compromise Cisco, Juniper, Huawei switches

[Chris Boyd]

On Dec 31, 2013, at 7:05 AM, Ray Soucy wrote:

 I think there needs to be some clarification on how these tools get used,
 how often they're used, and if they're ever cleaned up when no longer part
 of an active operation.  Of course we'll never get that.

But that's exactly what we need.

Look at CALEA.  It has its warts and issues, but the rules are published so 
everyone knows how the game is played.  Even with NSLs, there's apparently some 
oversight, and you can challenge certain aspects (though it's a long and 
expensive process).

But backdooring gear, servers, BIOS, etc. has no rules.  It's just chaos.  You 
don't know if a customer has been targeted, so you can't take appropriate 
steps.  You have no way of knowing if your gear is backdoored or who is using 
the backdoor.  And simply knowing that there is a backdoor will increase the 
chances that it will be found and used by others.

The known threat landscape has been increased by orders of magnitude.

--Chris

RE: The US government has betrayed the Internet. We need to take it back

[Chris Boyd]

On Fri, 2013-09-06 at 23:03 +, Paul Donner (pdonner) wrote:
 Great opportunity for a country like Brazil (for example) to become a
 place of business for many of these services which are subject to
 Calea (and such) in the US.  This type of behavior is certainly a
 motivator for folks in other countries to benefit, to our detriment.
 
 If the NSA is truly undermining the security of private enterprises
 which rely on compromised security implements, besides being counter
 productive, it will cost (maybe already has) in lost revenue or
 damages.  Sooner or later this is going to take its toll.  In the end
 the universal language of cold hard cash will reign.


You mean like this?

http://www.zdnet.com/u-s-cloud-industry-stands-to-lose-35-billion-amid-prism-fallout-718974/

As one currently working in the cloud this is deeply concerning.

--Chris

Re: Revealed: NSA program collects 'nearly everything a user does on the internet'

[Chris Boyd]

On Jul 31, 2013, at 10:26 AM, \tei'' oscar.vi...@gmail.com 
oscar.vi...@gmail.com wrote:

 - Have I read it correctly.  Can then break into a vpn connection,
 then leach documents that a german in pakistan is sending to his
 office in germany?

I would guess that it's becasuse many VPN services still support PPTP which can 
be attacked as outlined here:
http://www.schneier.com/paper-pptpv2.html

--Chris

Re: Friday Hosing

[Chris Boyd]

On Wed, 2013-07-17 at 16:36 -0700, Roy wrote:
 On 7/17/2013 1:59 PM, Alex Harrowell wrote:
  On 15/07/13 01:09, Tony Patti wrote:
  TWELVE years ago (press release March 20 2001), Comcast deployed 
  Linux-based
  Sun Cobalt Qube appliances as CPE with their business-class Internet
  service,
  these provided firewall security, web caching, optional content 
  filtering,
  an e-mail server, a web server, file and print servers.
 
  This is a good idea.
 
 
  .
 
 
 Whistle Interjet --  circa 1995

I still have one of the T-Shirts Julian gave somewhere.

--Chris

Re: Tier1 blackholing policy?

[Chris Boyd]

On Tue, 2013-04-30 at 10:59 -0400, ML wrote:
 1) Do nothing - They're supposed deliver any and all bits
 (Disregarding
 a DoS or similiar situation which impedes said network)
 2) Prefix filter - Don't be a party (at least in one direction) to the
 bad actors traffic. 

3 - Deliver all packets unless I've signed up for an enhanced security
offering?

--Chris

Re: Open Resolver Problems

[Chris Boyd]

On Mar 31, 2013, at 8:46 PM, Jared Mauch wrote:

 Many thanks to everyone that is treating this as a critical issue to close 
 these hosts.

Just back to the office, and started checking my networks.  Found one of the 
resolvers is a Netgear SOHO NAT box.  EoL'd, no new firmware available.  Anyone 
have any feeling for what percentage are these types of boxes?

--Chris

Re: [SHAME] Spam Rats

[Chris Boyd]

On Jan 9, 2013, at 8:58 PM, Julian DeMarchi wrote:
 This is the first RBL I have seen list a /24 for lack of PTRs. Not for
 sending spam, but just PTRs alone. How do you explain this to your
 customer?

We're small shop, but our policy is not to accept email from addresses without 
PTRs.  And we have a long list of pool/dhcp/dyn/resnet PTRs we don't accept 
mail from as well.

I tried SpamRats a few years ago, but found them to have too many false 
positives.  Then, they were trying to be early detectors of spam orginiating 
from static IP cable/DSL customers.  Good idea, but poorly executed in 
operation.

--Chris

Re: Big Temporary Networks

[Chris Boyd]

On Sep 13, 2012, at 9:29 AM, Jay Ashworth wrote:

 If not, do any of the people who've already done have 5 minutes to chime in 
 on what they did and what they learned?

I have not done any that size/duration but I have done some where the scale is 
1000s of attendees over a long weekend event, with small budgets.

You'll need a beefy NAT box.  Linux with Xeon CPU and 4GB RAM minimum.   Run 
your DNS resolver and DHCP here, unless you have hardware to spare.

Set your DCHP lease time to 1 hour so you don't have an address tied up for 
someone who stopped in for 15 minutes three days ago.

If you don't have any sort of WiFi controller, name the APs differently.  
People are really pretty good about picking the AP with the best signal 
strength.

Configure and test your equipment before you get to the venue because you will 
be running around tryiong to find the electrician to turn on the breakers you 
need, and they forgot about.

Change the default passwords on the APs.  I did a lot of these for maker/hacker 
crowds, and there's great fun to be had in advertising rude SSID names.

Bandwidth.  Lots of Bandwidth.

--Chris

Re: Big Temporary Networks

[Chris Boyd]

On Sep 13, 2012, at 11:32 AM, Tim Franklin wrote:

Chris Scribbled:
 You'll need a beefy NAT box.  Linux with Xeon CPU and 4GB RAM minimum.
 
 Or not.  The CCC presentation is showing *real* Internet for everyone, unless 
 I'm very much mistaken...

If you know of an ISP in Central Texas that can deploy a 10Mbit plus connection 
along with a /22 of v4 address space for a 1 day event, please let me know. 
TWCable has been pretty easy to work with for special events, but I'd be really 
surprised to see them be able to do that.

--Chris

Re: BGPttH. Neustar can do it, why can't we?

[Chris Boyd]

On Aug 6, 2012, at 9:08 AM, Christopher Morrow wrote:

 I'm curious as to your number... where is that from?
 Marhsall had noted a number of 'small businesses' in the US at ~1.4m
 as of ~2006ish?

Speaking as someone who does a lot of work supporting small business IT, I 
suspect the number is much lower.  As a group, these customers tend to be 
extremely cost averse.  Paying for a secondary access circuit may become 
important as cloud applications become more critical for the market segment, 
but existing smart NAT boxes that detect primary upstream failure and switch 
over to a secondary ISP will work for many cases.  Yes, it's ugly, but it gets 
them reconnected to the off-site email server and the payment card gateway.

--Chris

Re: Heads-up: spammer Scott Whittle/iptechlabs.com/iptechnologylabs.com hitting addresses harvested from NANOG list

[Chris Boyd]

On Jun 13, 2012, at 10:56 AM, Patrick W. Gilmore wrote:
 Is his upstream, or the upstream of his hosting provider, on NANOG or IETF?

My sample came via GoDaddy:

Return-Path: scott.whit...@iptechlabs.com
Received: from p3plsmtps2ded01-02.prod.phx3.secureserver.net 
(p3plsmtps2ded01.prod.phx3.secureserver.net [208.109.80.58])
by gandalf.gizmopartners.com (8.14.3/8.14.3) with SMTP id q5D5ERPD029411
for x...@gizmopartners.com; Wed, 13 Jun 2012 00:14:58 -0500 (CDT)
(envelope-from scott.whit...@iptechlabs.com)

--Chris

Re: Google SDN slides @NANOG55

[Chris Boyd]

On Jun 11, 2012, at 8:04 PM, Ray Qiu wrote:

 Hi,
 
 Could someone please share the SDN slides that Google presented at
 NANOG55?  It is still not on the web.  Thanks!


Please post a link to the list.  Thanks!

+1

--Chris

Re: AS Connectivity Lookup

[Chris Boyd]

On Mar 7, 2012, at 11:39 AM, Hank Nussbacher wrote:

 Try: http://www.fixedorbit.com/search.htm and do an ASN search.
 
 -Hank

Is that info supposed to be current? It's wildly out of date for us (35970).  
bgp.he.net has all the correct information.

--Chris

Re: Internet mauled by bears

[Chris Boyd]

On Sep 19, 2011, at 8:49 PM, Richard Barnes wrote:

 And if they turn up the voltage on the fence high enough, dinner could be
 cooked by the time the crew gets there!

Nah, they are high frequency and high voltage, but very low current.  It's 
uncomfortable and may cause local burning similar to a TENS unit turned up too 
high.

Here's another critter ate the Internet blog post:
http://blog.lafayetteprofiber.com/2008/06/nutria-ratsand-fiber.html

--Chris
(who once fell off the top of a dual level loading chute when he didn't see the 
hot wire that someone strung 3 feet above the chute.)

Re: Mailing list/group for datacenter facilities folks

[Chris Boyd]

On Sep 7, 2011, at 8:03 PM, Jimmy Hess wrote:

 Probably with all air removed from the environment, and a sound
 thermal medium such as oil
 pumped in in its place (make sure to use SSDs for all storage and no
 mechanical devices).

There are ways to submerge spinning disks.

http://www.grcooling.com/
http://www.midasgreentech.com/

:-)

--Chris

Re: Mailing list/group for datacenter facilities folks

[Chris Boyd]

On Sep 7, 2011, at 1:28 PM, Drew Weaver wrote:

 Just wondering,
 
 Is anyone aware whether there is already an active mailing list/group for 
 datacenter facilities folks to discuss power, cooling, physical 
 infrastructure, etc, etc...?
 

There was one at shorty.com, but that's now a paintball / Airsoft site.

$DAYJOB is willing to host a new maillist though.  Give me a while and we'll 
get one set up.

--Chris

Re: Mailing list/group for datacenter facilities folks

[Chris Boyd]

On Sep 7, 2011, at 3:09 PM, Drew Weaver wrote:

 dc-...@puck.nether.net thanks Jared =)

+1, beat me to it.  Thanks!

--Chris

Re: Over a decade of DDOS--any progress yet?

[Chris Boyd]

On Dec 8, 2010, at 9:33 AM, Arturo Servin wrote:

   Yes, but all of them rely on your upstreams or in mirroring your 
 content. If 100 Mbps are reaching your input interface of 10Mbps there is not 
 much that you can do.


Hmm.  What would be really cool is if you could use Snort, NetFlow/NBAR, or 
some other sort of DPI tech to find specifically the IP addresses of the DDoS 
bots, and then pass that information back upstream via BGP communities that 
tell your peer router to drop traffic from those addresses.  That way the 
target of the traffic can continue to function if the DDoS traffic doesn't 
closely mimic the normal traffic.

Your BGP peer router would need to have lots of memory for /32 or /64 routes 
though.

Anyone heard of such a beast?  Or is this how the stuff from places like Arbor 
Networks do their thing?

--Chris

Re: Token ring? topic hijack: was Re: Mystery open source switching

[Chris Boyd]

On Nov 1, 2010, at 11:48 AM, Nick Hilliard wrote:

 And FDDI and X.25 and every single legacy protocol

Are there still any commercial X.25 nets in operation?  I had some peripheral 
involvement with Tymnet in the MCI/Concert conversion, and hear it shut down 
sometime in 2003-4.

--Chris

Re: IPv6 Routing table will be bloated?

[Chris Boyd]

On Oct 26, 2010, at 2:45 PM, George Bonser wrote:

 But how do they multihome without an ASN?
 If they have an ASN, how did they get it without going to an RIR and
 paying a fee?

I beleive Jack said that they have redundant connections to his network.  I 
took that to mean that they did not multihome to different AS.

Such arrangements are not uncommon.  Sprint seems to have done very well 
selling this sort of near-turnkey service to rural DSL carriers, tiny single 
town MSOs and the like.

--Chris

Re: Randy in Nevis

[Chris Boyd]

On Sep 29, 2010, at 7:26 AM, John Peach wrote:

 With IANA?
 
 It's common knowledge that 465 is smtps, whatever else IANA might say.

http://www.ietf.org/rfc/rfc4409.txt

Here's what they've had to say over time:

http://web.archive.org/web/20010519080902/http://www.iana.org/assignments/port-numbers

Says it's unassigned.

Then they assign it to URL Rendezvous a few months after that.

http://web.archive.org/web/20010813015738/http://www.iana.org/assignments/port-numbers

We currently support SMTP submission over 465 since there are still some old 
cranky Outlook versions out there that simply don't appear to be able to 
support connecting to 587, but it's been 18 months since we got a call like 
that, so we'll probably be shutting that off soon.

--Chris

Re: Did Internet Founders Actually Anticipate Paid, Prioritized Traffic?

[Chris Boyd]

On Sep 16, 2010, at 12:15 AM, George Bonser wrote:

 I believe a network should be able to sell priotitization at the edge,
 but not in the core.  I have no problem with Y!, for example, paying a
 network to be prioritized ahead of bit torrent on the segment to the end
 user but I do have a problem with networks selling prioritized access
 through the core as that only gives an incentive to congest the network
 to create revenue.

end user
I DO have a problem with a content provider paying to get priority access on 
the last mile.  I have no particular interest in any of the content that Yahoo 
provides, but I do have an interest in downloading my Linux updates via 
torrents.  Should I have to go back and bid against Yahoo just so I can get my 
packets in a timely fashion?
/end user

I understand that the last mile is going to be a congestion point, but the idea 
of allowing a bidding war for priority access for that capacity seems to be a 
path to madness.

--Chris

Re: off-topic: summary on Internet traffic growth History

[Chris Boyd]

On Aug 11, 2010, at 1:13 PM, John Lee wrote:

 MCI bought MFS-Datanet because MCI had the customers and MFS-Datanet had all 
 of the fiber running to key locations at the time and could drastically cut 
 MCI's costs. UUNET merged with MCI and their traffic was put on this same 
 network. MCI went belly up and Verizon bought the network.

Although not directly involved in the MCI Internet operations, I read all the 
announcements that came across the email when I worked at MCI from early 1993 
to late 1998.

My recollection is that Worldcom bought out MFS.  UUnet was a later acquisition 
by the Worldcom monster (no, no biases here :-).  While this was going on MCI 
was building and running what was called the BIPP (Basic IP Platform) 
internally.  That product was at least reasonably successful, enough so that 
some gummint powers that be required divestiture of the BIPP from the company 
that would come out of the proposed acquisition of MCI by Worldcom.  The 
regulators felt that Worldcom would have too large a share of the North 
American Internet traffic.  The BIPP went with BT IIRC, and I think finally 
landed in Global Crossing's assets.

--Chris

Re: Broadband initiatives - impact to your network?

[Chris Boyd]

On Jun 28, 2010, at 7:42 PM, Eric Brunner-Williams wrote:

 Is unidirectional transport (monitized video streams) the rural service most 
 absent and most valued, or are other characteristics of networks competitive 
 with, or superior to, that service model?

If you drive around rural central and northeastern Texas, every ranch house and 
bunkhouse has a DirecTV or Dish installation.  Surprisingly, many of these same 
houses also have DSL available from the (heavily subsidized) telephone coops in 
the area.  The speeds aren't screaming, typically being in the 300-700 
down/128-384 up ADSL-2+ range. So the demand is there, and so is the service in 
some areas.

--Chris

Re: Emulating ADSL bandwidth shaping

[Chris Boyd]

On May 4, 2010, at 7:27 AM, Marshall Eubanks wrote:

 I am not sure what the point is in mixing in speed of light latency. If your 
 typical sites are, say,
 Indian cricket blogs, you will typically have a high latency from the US. 
 What does that tell
 you about your DSL or Cable system, except that it is somewhat removed from 
 India ?

Most of the ADSL installations I've seen in SBC 13 state area had interleaving 
turned on, which significantly increases latency.  I suspect that's why many 
cable MSOs in the same territory have cable is better for gaming marketing 
campaigns running all the time.

So the latency you see on an ADSL line is dependent on how the carrier set up 
the DSLAM.

--Chris

Re: Emulating ADSL bandwidth shaping

[Chris Boyd]

On May 4, 2010, at 8:42 AM, isabel dias wrote:

 Is cable better for gamming? 

All the LAN party places I know of use Metro Ethernet solutions.  Gamers like 
low ping times to their servers, and are willing to spend $$ to get them.  So 
if your target market includes people who play a lot of first person shooters, 
it may be worthwhile to consider offering a low latency setup for them.

--Chris

Re: Problem from Comcast Network to The Planet

[Chris Boyd]

On Mar 5, 2010, at 3:33 PM, Zachary Frederick wrote:

 We have been having a problem emailing to a customer whose server is hosted 
 by The Planet (http://www.theplanet.com/). Our mail server is hosted in-house 
 on a comcast business connection.

I don't know what's going on in the Comcast network, but I've been having 
similar fits with a single IP address in my network.  Comcast can get to nearby 
IP addresses in the same /24 no issue.  The Comcast customer in my case is in 
Florida, and I get to them via TWTelecom.

I know it's not my net, and TWT was very helpful and knows it's not their net.

Attempts to get Comcast to look into it seem to end with them pinging their 
customer's IP address from the Comcast support center and terminating the call 
since they can reach them.

--Chris

Re: austin eats

[Chris Boyd]

On Feb 17, 2010, at 5:23 PM, Randy Bush wrote:

 which raises the critical question, where is the nearest decent
 (i.e. not fourbucks) coffee to the venue?

https://auth.lessnetworks.com/v099/app?service=direct/1/Home/hotList_col3sp=0sp=SDESC

Has a list of some hotspots.  The Schlotzky's across the street from SBUX 
downtown also has free access.  There's also a city sponsored network available 
in several of the downtown parks.

--Chris

Re: austin eats

[Chris Boyd]

On Feb 17, 2010, at 10:33 AM, Mike Lyon wrote:

 Don't forget the Salt Lick...

BBQ lovers should go to House Park BBQ.  Most of the time the sign out front 
says you don't need no teef to eat my meef
http://www.yelp.com/biz/house-park-bar-b-q-austin
Cash only!


If you want to make a short drive out to the east side of town and help your 
cardiologist make a boat payment or two, get the Don Juan breakfast taco from 
Juan in a Million.  This place was featured on Man vs. Food a while back.
http://www.juaninamillion.com/


If you get tired of Tex-Mex, there's a good interior Mexican place downtown.  
Manuel's.
http://www.manuels.com/


Guiness fans should stop in at BD Riley's downtown.
http://www.bdrileys.com/


Most coffee shops, bars and restaurants have wifi hotspots since there's an 
active group of volunteers that helps install and maintain them.

--Chris

Re: austin eats

[Chris Boyd]

On Feb 17, 2010, at 2:04 PM, Will Clayton wrote:

 Maudi's on Lake Austin and Taco Deli are always on my menu. We just got some 
 Buffalo Wild Wings in town if you are in to that. If you make it to NXNW get 
 the Calimari. If you wind up ordering pizza, shop local and get the best 
 pizza for the best price in town at Austin's Pizza.

Austin's is good, but HomeSlice on South Congress is better, and you can walk 
on down to Trophy's, Continental Club, or the garden at Guero's and take in a 
band.

http://www.homeslicepizza.com/
http://austin.citysearch.com/profile/10210801/austin_tx/trophy_s_bar_grill.html
http://www.continentalclub.com/
http://www.guerostacobar.com/

Re: ISP port blocking practice

[Chris Boyd]

On Oct 22, 2009, at 6:14 PM, Lyndon Nerenberg (VE6BBM/VE7TFX) wrote:


My experience is that port 587 isn't used because ISPs block it
out-of-hand.  Or in the case of Rogers in (at least) Vancouver, hijack
it with a proxy that filters out the AUTH parts of the EHLO response,
making the whole point of using the submission service ...  pointless.


We use 587 quite a lot (with SMTP Auth and SSL/TLS), and have found  
_very_ few places block or proxy it.  We don't have any/many customers  
in Rogers service areas though.


The biggest reason people don't use it is that it requires some  
thought and tweaking settings in the advanced tab areas of many  
email clients.  Newer email clients are actually starting to look for  
submission port and SSL support and configuring it autmatically if  
they find it.


Once it's set up correctly we've found customers really like it since  
their email just works in most places.


--Chris

Re: ISP port blocking practice

[Chris Boyd]

On Oct 23, 2009, at 12:15 PM, Lyndon Nerenberg (VE6BBM/VE7TFX) wrote:

As for outright blockage of port 587, I get this complaint from many  
of
my clients while they are on the road. It seems hotels love to block  
it.


I travel a bit (used to a lot) and only found one place that proxied  
it.  Never saw an outright block.  A call to the support group  
actually got if fixed in about 45 minutes.  Call and complain if it's  
broken.  You are the customer at that point.


--Chris

Intel wants to hook 15 billion embedded devices to the Internet in 6 years

[Chris Boyd]

Oddly, none of the courses in the event discuss IPv6.

http://www.intelembeddedevent.com/

Intel® Embedded eVent We’re standing at the forefront of the Embedded  
Internet Era. The opportunities are yours.
The networked world is growing at a tremendous pace. In just six  
years, it’s expected that 15 Billion intelligent devices will be  
connected to the internet. And, with your imagination and hard work,  
Intel can be a part of many of the devices that will revolutionize the  
way we work, talk, play and move.
So, Intel is hosting our first virtual tradeshow, the Intel Embedded  
eVent, and we want you to join us! It’s a one day event that will  
showcase Intel technologies and our customers’ innovation in  
intelligent, connected devices.

Re: ingress SMTP

[Chris Boyd]

On Sep 3, 2008, at 4:36 PM, Frank Bulk wrote:


I would like to point my customers to port 587, but that kind of
configuration is still in its infancy.


We're a small managed services provider, and we started doing  
authenticated SMTP with TLS on port 587 six years ago.  It's at least  
in kindergarten :-)


Once we explain the advantages, our customers love it since their  
email just works pretty much wherever they go.


As a former manager for a small resnet, blocking port 25 outbound is A  
Good Thing.  Cut abuse email down by a huge factor.


--Chris

Re: Power/temperature monitoring

[Chris Boyd]

We've got a couple of the (beta test) mini goose climate monitors  
installed.  Takes up less space than the big APC boxes we've been using.


http://www.itwatchdogs.com/

--Chris