Re: Cloudflare, dirty networks and politricks
On 7/28/16, 10:17 AM, "NANOG on behalf of J. Oquendo"wrote: >While many are chanting: #NetworkLivesMatter, I have yet >to see, read, or hear about any network provider being >the first to set precedence by either de-peering, or >blocking traffic from Cloudflare. There is a lot of >keyboard posturing: "I am mad and I am not going to take >it anymore" hooplah but no one is lifting a finger to >do anything other than regurgitate "I am mad... This is >criminal." (long discussion, was waiting for a place to jump in..) If we want to be accurate about it, Cloudflare doesn’t host the DDoS, they protect the website of seller of the product. We shouldn’t be de-peering Cloud Flare over sites they protect any more than we would de-peer GoDaddy over sites they host, some of which, no doubt, sell gray/black market/illegal items/services. If, on the other hand, you can find a specific network actually generating the volumes of DDoS, you should have a conversation about de-peering…. $0.02…
Re: I recommend dslreports.com/speedtest these days (was Speedtest.net not accessible in Chrome due to deceptive ads)
On 7/21/16, 2:19 PM, "NANOG on behalf of Jay R. Ashworth"wrote: >- Original Message - >> From: "Janusz Jezowicz" > >> Since this morning Speedtest.net is not accessible in Chrome >> Reason: >> https://www.google.com/transparencyreport/safebrowsing/diagnostic/#url=c.speedtest.net >> >> For any ISPs/content providers linking to speedtest.net you may want to >> swap links to a different website or host your own speed test. > >So far, I am very pleased with how it works, though I think it's letter >grades on speed are a bit pessimistic (65Mbps is a "C"). > >Specifically, it measures bufferbloat, with both a realtime graph and a Are you talking about the dslreports speedtest? I like that one, very detailed results. http://speedtest.dslreports.com/ I’d agree with the pessimistic scoring.. 160Mbit was given a “B” grade.
Re: Netflix banning HE tunnels
On 6/20/16, 1:45 PM, "NANOG on behalf of Mark Andrews"wrote: >For a lot of homes it actually makes sense. You laptops are safe >as they are designed to be connected directly to the Internet. We >do this all the time. Similarly phone and tablets are designed to >be directly connected to the Internet. I know that lots of us do >this all the time. Think about what happens at conferences. There >is no firewall there to save you but we all regularly connect our >devices to the conference networks. > >Lots of other stuff is also designed to be directly connected to >the Internet. I’m sorry, but this just isn’t the reality of consumer devices. Expecting your off-the-shelf computer, video player, tv, fridge, etc, to be safe on public IP addresses is.. Unwise at best. Search any publicly available security list for dozens of known vulnerabilities in those devices, to say nothing of the private exploit databases. To place them there, have them be owned, crash, or better yet, stream your midnight-milk-and-cookies-run-in-your-superman-undies to the public internet, and then expect the vendors to be responsible… is not a realistic expectation.
Re: Netflix banning HE tunnels
On 6/12/16, 8:10 PM, "NANOG on behalf of Seth Mattinen"wrote: >On 6/7/16 4:23 AM, Davide Davini wrote: >> Today I discovered Netflix flagged my IPv6 IP block as "proxy/VPN" and I >> can't use it if I don't disable the HE tunnel, which is the only way for >> me to have IPv6 at the moment. > > >This is a rights management issue not a technical one. Netflix is not to >blame, HE is not to blame. Hate on geolcaotion all you want, but that's >what the content owners insist upon and Netflix has no choice but to >disable access from sources that they can't geolocate well enough to >make the content owners happy. > >~Seth As someone who has been trying to get solid, consistent IPv6 at home since 2010, I continue to resort back to my HE tunnels, which have been both useful and dependable. Given the data Netflix client has available to it (IPv4 address, IPv6 address, anything else exposed to android/IOS/windows/etc app) it’s surprising to me that missing/incorrect geolocation data on an IPv6 address is enough to block service. The end result is, yet again, making IPv6 adoption harder than it needs to be.
Re: Mobile providers in the US for backup access
As a 3+ year “customer” of freedom-pop, I agree. Their IP service was a bargain until the WiMax->LTE migration. Now the service is useless. Their technical support continually redefines lack of effort. On 4/20/16, 11:42 AM, "NANOG on behalf of Owen DeLong"wrote: >I had horrible experience when I tried to use Freedom POP many years ago. > >Their customer service is awful and completely uncooperative. Their equipment >did not work well >in my environment at all. > >I would not wish them on my worst enemy. > >Owen > >> On Apr 20, 2016, at 1:35 PM, Mike Hammett wrote: >> >> I'd look at FreedomPOP's Netgear 341U. $20 - $50 NRC, single digit MRC for >> low usage. >> >> >> >> >> - >> Mike Hammett >> Intelligent Computing Solutions >> http://www.ics-il.com >> >> >> >> Midwest Internet Exchange >> http://www.midwest-ix.com >> >>
Re: Juniper vMX evaluation - how?
<2cents> Avoid vMX 14.x - go straight to 15.x, save yourself worlds of pain. 15.x runs well kvm/esxi/etc. On 4/13/16, 2:14 PM, "NANOG on behalf of Josh Baird"wrote: >It was a struggle to get anywhere with vMX when we last tried ~8months >ago. Nobody at Juniper seemed to know anything about it or who to talk >to. In any event, you may be able to get more information by asking over >at juniper-nsp@. > >Josh > >On Wed, Apr 13, 2016 at 4:58 PM, Jeremy Austin wrote: > >> On Wed, Apr 13, 2016 at 12:54 PM, Bruce Simpson wrote: >> >> > >> > Is some special magic required to acquire an evaluation copy? The 60 day >> > trial license is directly downloadable from the above link, but the >> tarball >> > is not. $CLIENT was just referred to it by $RESELLER. >> >> >> I'd be interested as well — I submitted a form, nothing but crickets. >> >> >> -- >> Jeremy Austin >> >> (907) 895-2311 >> (907) 803-5422 >> jhaus...@gmail.com >> >> Heritage NetWorks >> Whitestone Power & Communications >> Vertical Broadband, LLC >> >> Schedule a meeting: http://doodle.com/jermudgeon >>
IPv6 Irony.
Having just returned from NANOG65/ARIN36, and hearing about how far IPv6 has come.. I find my experience with support today Ironic. Oh wait.. Hi, my name is Donn, and I’m speaking for… myself. Irony is a cable provider, one of the largest, and earliest adopters of IPv6, having ZERO IPv6 support available via phone, chat, or email. And being pointed, by all of those contact methods, to a single website. A static website. In 2015, when IPv4 is officially exhausted. :sigh:
Re: Level3 routing issue US west coast?
While I can¹t say with any degree of certainty it's related, it¹s somewhat coincidental that one of one of their west coast customers (Daybreak Games / SOE) has been under a fairly hefty DDoS since mid-week. From what I recall see Daybreak/SOE only uses Level3. (Lots to talk about in that case.. They¹ve invaded his life.. Not sure I¹d react much better, albeit privately..) http://fortune.com/2015/07/10/john-smedley-vs-hackers/ http://eq2wire.com/2015/07/09/daybreak-ceo-to-convicted-lizard-squad-hacker -im-coming-for-you/ On 7/10/15, 11:05 AM, Mr. NPP mr@nopatentpending.com wrote: We took them down yesterday, and attempted to bring them back up midnight PST, and still massive packet loss. so they remain down for now. On Fri, Jul 10, 2015 at 9:44 AM, Jürgen Jaritsch j...@anexia.at wrote: Hi, No SLA broken cause A- and B-End were not directly our circuits ... but it helps a lot to place some new orders ... at other partners :). best regards Jürgen Jaritsch -Ursprüngliche Nachricht- Von: NANOG [mailto:nanog-boun...@nanog.org] Im Auftrag von Jens Hoffmann Gesendet: Freitag, 10. Juli 2015 17:16 An: nanog@nanog.org Betreff: AW: Level3 routing issue US west coast Hi, Wow Level3 responded to me that they had an issue last night but they simply did nothing ... for at least 10 hours they did nothing to fix the issue: Any SLA broken? Probably not, that would be a reason to move. Kind regards, Jens
Re: mpls over microwave
One more add: Properly engineered, fixed wireless links can have better-than-wireline availability. Two jobs ago, we had customer links with zero dropped packets in 5 years, which is outstanding compared to most copper-based services. Properly engineered, however, is the key. Make sure whom-ever is building your links looks at vendor specs, builds a real link budget (including losses from connectors, cable, grounding, etc) properly weather seals everything, and try to get at least a a 20db fade margin if you can. If the things I just mentioned are confusing to your RF guy, you might want to get outside help. On 2/5/15, 3:17 PM, Scott Weeks sur...@mauigateway.com wrote: Had to run off to a meeting. Back now. This is one thing I was worried about. I'm not doing the radio part. Someone else is. I didn't know if folks do pure Ethernet or if it's an IP hand off. If it's an IP addressed hand off, I have to come out of MPLS, cross the link, then go back into MPLS. Thanks for the pointers on packet size. I will be sure to check into that. Scott