RE: Verizon Public Policy on Netflix
A third option is to use a transparent caching box, so it caches what's seen. At $20/Mbps I suspect all the popular vendors would find three year or less ROI. Frank -Original Message- From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Todd Lyons Sent: Sunday, July 13, 2014 12:17 PM Cc: nanog@nanog.org Subject: Re: Verizon Public Policy on Netflix On Sun, Jul 13, 2014 at 9:53 AM, Matthew Petach mpet...@netflight.com wrote: How would 4U of rent and 500W($50) electricity *not* save money? Because, on top of that, we'd have huge bandwidth expenses. I know I'm just a dumb troll, but don't you have the same bandwidth demands already from your users pulling down netflix content today? This is an interesting conversation to watch as a non-important, non-influential outsider. Brett's calculation is the cost of: (BW of preloading X new shows a week in multiple formats) is greater than (BW of Z % of his user base watching Y streams a week) It's not been clearly stated whether X is 100% of new shows, but I suspect it's more along the lines of mostly what Netflix expects to be popular. Because that Netflix box is not an on-demand cache, it gets a bunch of shows pushed to it that may or may not be watched by any of Brett's customers. Then the bandwidth he must use to preload that box is large, much larger than the sum of the streams his customers do watch. Brett touched on this in the Security Now episode, but I don't think he was clear so I want to explore the realities of these options. IMHO two solutions exist that would make small people like Brett much happier with this Netflix box: 1) Make the box an on-demand cache: the first customer who watches a show causes the episode to stream/push_high_bw to the box, and from the box out to the customer. Any subsequent customer gets it directly from the box, even if the initial stream is still ongoing. Complications do arise if the second (or third) customer tries to move beyond the current location of the initial stream. 2) My suggestion is probably less popular because it requires a person with (maybe more than) a few minutes, but give the list of shows desired to be pre-pushed to the box to $ISP and give them a couple hours to uncheck certain things that they know or suspect their users won't watch, allowing them to reduce their bandwidth usage. And conversely, provide a checkbox of shows that the ISP wants to never be cached on the box. I did agree with the comment later in the email that making content freely cached is a non-starter because that content could be copied too easily. However, if the Netflix box is what does all of the on-demand caching in #1, then it leaves the power in Netflix's hands, while not requiring the ISP to download multiple copies of shows that its users will never watch. A lot of this is dependent upon: 1) How many different copies of a single show are pushed to the box. Does that number vary per show. 2) How many shows are pushed/pre-pushed to the box per week. How frequently. ...Todd -- The total budget at all receivers for solving senders' problems is $0. If you want them to accept your mail and manage it the way you want, send it the way the spec says to. --John Levine
RE: MACsec SFP
DIP switches? Frank -Original Message- From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Saku Ytti Sent: Tuesday, June 24, 2014 3:21 AM To: nanog@nanog.org Subject: Re: MACsec SFP On (2014-06-24 09:59 +0200), Pieter Hulshoff wrote: Hi Pieter, I've seen this request from others as well. Do you have any proposal/preference to limit the data rate from the switch? For this solution to be marketable, it needs to be extremely cheap, as you're essentially competing against cheapest consumer grade switches to subrate a port. These ports would not be revenue generating, but almost invariably MGMT ports to legacy equipment, issues like QoS are not relevant, price point is. From switch POV, packets would be lost on-link when rate exceeds, and TCP would then decrease rate. So SFP would need to implement rudimentary buffering and packet dropping. And as always, it's best if there is some way for these to work without any configuration, as the moment you need to configure 1 thing, you need to develop provisioning system and potentially also configuration backups, which may in some organizations make solution prohibitively expensive compared to using small switch from existing vendor, which is already supported by systems. -- ++ytti
RE: IP allocations / bogon - verification
It's listed as being on a BOGON at HE, too: http://bgp.he.net/net/66.185.0.0/20 Not sure who HE uses to make that designation. Frank -Original Message- From: Kenny Kant [mailto:akennyk...@gmail.com] Sent: Friday, August 02, 2013 12:07 AM To: nanog@nanog.org Subject: IP allocations / bogon - verification Gang, I apologize for a double post on this same topic tonight however I thought that broadening my request may help our cause. This month we had one of our IP allocations revoked and just recently got everything squared away with ARIN and things are turned back on so to speak. However I still have some customers having issues hitting a number of financial related websites ..etc and I assume its because of bogons ..etc I saw some earlier posts on here where folks have posted their allocation to ensure that others are routing it properly so I wanted to do the same. My allocation which has recently been revived: 66.185.0.0/20 Test point traceroute .etc 66.185.0.198 We do seem to be having some issues with some level 3 routing our range to some desitnations and can provide specifics off list. Thanks all for the help / verification. Kenny
RE: Geoip lookup
Here's a few more resources: http://www.ipdeny.com/ipblocks/ http://www.nirsoft.net/countryip/ Frank -Original Message- From: shawn wilson [mailto:ag4ve...@gmail.com] Sent: Saturday, May 25, 2013 11:27 PM To: i...@cymru.com Cc: North American Network Operators Group Subject: Re: Geoip lookup If anyone is interrested, here's a little Perl CLI util to lookup what countries registered networks within a block. There's no documentation yet, it's a .pl where it should probably be a command with a makefile installer, and Net::CIDR overlaps Net::IP. At any rate, hopefully it is useful to someone. https://github.com/ag4ve/geocidr PS - do note the -mask option (where you can define say, a 20 or 21 or 22) so that you're not sitting there banging on their DNS looking up tons of /32s for blocks CYMRU doesn't have any information on. On Sat, May 25, 2013 at 6:44 AM, John Curran jcur...@arin.net wrote: On May 24, 2013, at 10:47 AM, David Conrad d...@virtualized.org wrote: I replied privately to Owen, but might as well share: On May 23, 2013, at 11:57 PM, Owen DeLong o...@delong.com wrote: True, according to (at least some of) the RIRs they reside in regions... Really? Which ones? I thought they were only issued to organizations that had operations in regions. That was exactly my point, Bill... If you have operations in RIPE and ARIN regions, it is entirely possible for you to obtain addresses from RIPE or ARIN and use them in both locations, or, obtain addresses from both RIPE and ARIN and use them in their respective regions, or mix and match in just about any imaginable way. Thus, IP addresses don't reside in regions, either. They are merely issued somewhat regionally. A direct quote from a recent interaction with ARIN (this was requested by ARIN staff as part of the back and forth for requesting address space): Please reply and verify that you will be using the requested number resources within the ARIN region and announcing all routing prefixes of the requested space from within the ARIN region. In accordance with section 2.2 of the NRPM, ARIN issues number resources only for use within its region. ARIN is therefore only able to provide for your in-region numbering needs. I believe AfriNIC and LACNIC have similar limitations on use but am too lazy to look it up (and I don't really care all that much: just thought it was amusing). Indeed. This was covered in more detail in the Policy Experience Report given at the ARIN 31, in which it was noted that we are seeing an increase in requests for IPv4 address space from parties who have infrastructure in the region, but for customers entirely from outside the region. This has resulted in a significant change in the issuance rate and therefore any estimates for regional free pool depletion. ARIN has sought guidance from the community regarding what constitutes appropriate in-region use, should this be based on infrastructure or served customers, and whether incidental use outside the region is appropriate. (This topic was also on this list on 26 April 2012 - see attached email from that thread) Policy proposals in this area to bring further clarity in address management are encouraged. FYI, /John John Curran President and CEO ARIN === Begin forwarded message: From: John Curran jcur...@arin.net Subject: Re: It's the end of the world as we know it -- REM Date: April 26, 2013 10:43:51 AM EDT To: nanog@nanog.org Group nanog@nanog.org On Apr 26, 2013, at 10:23 AM, Chris Grundemann cgrundem...@gmail.com wrote: One interesting twist in all of this is that several of these new slow-start players in the ARIN region seem to be servicing customers outside of the region with equipment and services hosted here inside the ARIN region (see slide 12 on the ARIN 31 Policy Implementation and Experience Report https://www.arin.net/participate/meetings/reports/ARIN_31/PDF/monday/nobile_policy.pdf). NANOG Folks - Please read this slide deck, section noted by Chris. It explains the situation... (I would not call the sudden acceleration in IP address issuance a problem, per se, as that is an judgement for the community either way.) FYI, /John John Curran President and CEO ARIN
RE: It's the end of the world as we know it -- REM
CGN works for eyeball networks, but not for hosting. From the remarks at this week's ARIN meeting, that's where ARIN has seen an uptick in requests. So those who sell virtual machines, IPv4 addresses are critical if they want make their offering viable in the near-term. Frank -Original Message- From: David Conrad [mailto:d...@virtualized.org] Sent: Wednesday, April 24, 2013 12:27 PM To: Andrew Latham Cc: nanog@nanog.org Subject: Re: It's the end of the world as we know it -- REM On Apr 24, 2013, at 9:59 AM, Andrew Latham lath...@gmail.com wrote: A demand curve would show that as prices increase, there is demand for fewer IPv4 addresses. And the other side of the coin: where there is demand and excess supply (e.g., allocated but unused addresses), the price increase would create an incentive to sell off the excess (i.e., what we're seeing in the IPv4 trading markets). Totally agree, your point is the larger issue at hand, just pointing out and ugly issue that I witnessed recently. Corporate networks and ASNs totally off and not in use. But don't worry, they will use them if someone tries to take them away. Or they'll sell/lease them. The prospective address consumer then can figure out whether paying the buy/rent price for new IPv4 addresses makes sense compared to moving to IPv6+translation or buying (more) CGN. Regards, -drc
RE: BCP38 tester?
The good news is that source address spoofing does seem to fail with most CPE's NAT. At the end of the day, just turn on uRPF and/or use ACLs. It's amazing how much destination 192.168.0.0/24 and 192.168.1.0/24 our ACLs also block. Frank -Original Message- From: Jay Ashworth [mailto:j...@baylink.com] Sent: Sunday, March 31, 2013 9:35 PM To: NANOG Subject: Re: BCP38 tester? - Original Message - From: Alain Hebert aheb...@pubnix.net An easy target would be anti-virus/trojan/security software providers that could add a BCP38 check to their software =D Yes, but penetration is a problem, which is why I was thinking about people like YouTube, Ookla, and the like. Any Flash app that lots of people run frequently. Assuming those apps could generate the packets, which, on reflection, I would bet they can't. Cheers, -- jra -- Jay R. Ashworth Baylink j...@baylink.com Designer The Things I Think RFC 2100 Ashworth Associates http://baylink.pitas.com 2000 Land Rover DII St Petersburg FL USA #natog +1 727 647 1274
RE: Question on Ipv6 address
My understanding is that because IPv6 has a minimum MTU of 1280 and dial-up maxes out at 576, that special measures must be taken for IPv6 to work over a dial-up connection. Please correct me if someone has this working out of the box. Frank -Original Message- From: Mark Jeremy [mailto:mej...@rit.edu] Sent: Tuesday, March 26, 2013 2:10 PM To: Justin Wilson Cc: nanog@nanog.org Subject: RE: Question on Ipv6 address Justin, Dial-up modem is just a layer 2 device with no IP address. Just think of it as a converter, its sole function is to convert the telephone line to something your PC can use, in this case, Ethernet. Both IPv4 and IPv6 operate on the layer 3 of the OSI model which is taken care of by the RAS. So basically any dial-up modem support IPv6. -MJ -Original Message- From: Justin Wilson [mailto:li...@mtin.net] Sent: Tuesday, March 26, 2013 12:06 PM To: NANOG Subject: Re: Question on Ipv6 address I don't mean to hijack the thread so if someone wants to open a new one that¹s cool. But my question is what dial-up hardware supports v6? I am *assuming* Cisco does. Justin -- Justin Wilson j...@mtin.net Aol Yahoo IM: j2sw http://www.mtin.net/blog xISP News http://www.zigwireless.com High Speed Internet Options http://www.thebrotherswisp.com The Brothers Wisp -Original Message- From: Joe sj_h...@hotmail.com Date: Tuesday, March 26, 2013 11:39 AM To: NANOG nanog@nanog.org Subject: Question on Ipv6 address I'm new to Ipv6 and trying to understanding something about IPv6 in service provider network. I've got the following questions , could anybody do some helps? 1. In a dial-up network (Q-in-Q for each customer who dials in ) Should each customer be assigned to ipv6 subnet prefix like /64 unique universily? I've read a rfc which stated point-to-point like should be assigned /64. But to my understanding, in dial-up network , each user should only needed to be assigned a single ipv4 address, with wich customer could used in his PC or his home router. 2. In dial-up network, could each vlan's ipv6 link-id be planned with its vlan number? if so, IP v6 address confliction could be avoided when BAS is assigned a /64 or longer prefix. 3. we are testing some BAS with IPv6 accessing, in radius accouting packets, there is IP-v6-prefix, Ip-v6-link-id, Ip-v6-delegated-prefix.how could dial-up PC's IPv6address be calculated with above information? 4. should it be necessary to plan different IP-v6-prefix(IP-v6-delegated-prefix) for each dial-up customers in BAS? 5. How could delegated IPv6 prefix be used in service provider's network? is this useful in dial-up access network? each word will be highly appreciated. Joe
RE: 10 Mbit/s problem in your network
There's only 83.5 MHz to work with at 2.4 GHz, while in most countries you have at least two hundred MHz in the 5 GHz range (http://en.wikipedia.org/wiki/U-NII). So if you choose to have 40 MHz channels for increased throughput, you can have many more (non-overlapping ones) at 5 GHz than 2.4 GHz, increasing Mbps/area. Frank -Original Message- From: Owen DeLong [mailto:o...@delong.com] Sent: Monday, February 25, 2013 10:34 AM To: Frank Bulk Cc: NANOG Subject: Re: 10 Mbit/s problem in your network Correct. However, while A is 5Ghz (only), it's not significantly better than G. The true performance gains come from 5Ghz and N together. N on 2.4Ghz has limited benefit over G. N on 5Ghz is significantly better. Owen On Feb 24, 2013, at 8:56 PM, Frank Bulk frnk...@iname.com wrote: The IEEE 802.11n standards do not require 5 GHz support. It's typical, but not necessary. Frank -Original Message- From: Owen DeLong [mailto:o...@delong.com] Sent: Sunday, February 17, 2013 2:07 PM To: Jay Ashworth Cc: NANOG Subject: Re: 10 Mbit/s problem in your network On Feb 17, 2013, at 08:33 , Jay Ashworth j...@baylink.com wrote: - Original Message - From: Scott Howard sc...@doc.net.au A VPN or SSH session (which is what most hotel guests traveling for work will do) won't cache at all well, so this is a very bad idea. Might improve some things, but not the really important ones. The chances of the average hotel wifi user even knowing what SSH means is close to zero. {{citation-needed}} As an aside, I was sitting in JFK airport (terminal 4) a few days ago and having a shocking time getting a good internet connection - even from my own Mifi. I fired up inSSIDer, and within a few seconds it had detected 122 AP's... Yup; B/G/N congestion is a real problem. Nice that the latest generation of both mifi's and cellphones all seem to do A as well, in addition to current-gen business laptops (my x61 is almost 5 years old, and speaks A). I think by A you actually mean 5Ghz N. A doesn't do much better than G, though you still have the advantage of wider channels and less frequency congestion with other uses. Owen
RE: Will wholesale-only muni actually bring the boys to your yard?
What's missing in this dialogue is the video component of an offering. Many customers like a triple (or quad) play because the price points are reasonable comparable to getting unbundled pricing from more than one provider, and they have just throat to choke and bill to pay. But few IP TV providers will claim good profitability. And I don't believe any vendor has ActiveE and RFoG going down one strand. Frank -Original Message- From: Jay Ashworth [mailto:j...@baylink.com] Sent: Wednesday, January 30, 2013 8:01 PM To: NANOG Subject: Re: Will wholesale-only muni actually bring the boys to your yard? - Original Message - From: Jean-Francois Mezei jfmezei_na...@vaxination.ca snip A good layer 2 deployment can support DHCP or PPPoE and thus be compatible with incumbents infrastructure. However, a good layer2 deployment won't have RFoG support and will prefer IPTV over the data channel (the australian model supports multicast). So cable companies without IPTV services may be at a disadvantage. I think this depends on what handoffs my TE can provide at the customer prem. In Canada, Rogers (cableco) has announced that they plan to go all IPTV instead of conventional TV channels. Well, the MythTV people will be happy to hear that. Or they would, if the content people would quit holding a gun to the heads of the transport people. Cheers, -- jra -- Jay R. Ashworth Baylink j...@baylink.com Designer The Things I Think RFC 2100 Ashworth Associates http://baylink.pitas.com 2000 Land Rover DII St Petersburg FL USA #natog +1 727 647 1274
RE: Will wholesale-only muni actually bring the boys to your yard?
IIRC, there is some issue with bleedover of either the forward or return (optically modulated) RF wavelength with the data wavelength. Perhaps with better lasers this could be overcome in the future. Frank From: Jason Baugher [mailto:ja...@thebaughers.com] Sent: Friday, February 01, 2013 4:38 PM To: Frank Bulk (iname.com) Cc: Jay Ashworth; NANOG Subject: Re: Will wholesale-only muni actually bring the boys to your yard? Management has asked us why we can't do RF overlay on our AE system. :) We've had to explain a few times why that would be too expensive even if it were available because of the high cost of the amps/splitters/combiners to insert 1550nm onto every AE fiber. On Fri, Feb 1, 2013 at 4:14 PM, Frank Bulk (iname.com) frnk...@iname.com wrote: What's missing in this dialogue is the video component of an offering. Many customers like a triple (or quad) play because the price points are reasonable comparable to getting unbundled pricing from more than one provider, and they have just throat to choke and bill to pay. But few IP TV providers will claim good profitability. And I don't believe any vendor has ActiveE and RFoG going down one strand. Frank -Original Message- From: Jay Ashworth [mailto:j...@baylink.com] Sent: Wednesday, January 30, 2013 8:01 PM To: NANOG Subject: Re: Will wholesale-only muni actually bring the boys to your yard? - Original Message - From: Jean-Francois Mezei jfmezei_na...@vaxination.ca snip A good layer 2 deployment can support DHCP or PPPoE and thus be compatible with incumbents infrastructure. However, a good layer2 deployment won't have RFoG support and will prefer IPTV over the data channel (the australian model supports multicast). So cable companies without IPTV services may be at a disadvantage. I think this depends on what handoffs my TE can provide at the customer prem. In Canada, Rogers (cableco) has announced that they plan to go all IPTV instead of conventional TV channels. Well, the MythTV people will be happy to hear that. Or they would, if the content people would quit holding a gun to the heads of the transport people. Cheers, -- jra -- Jay R. Ashworth Baylink j...@baylink.com Designer The Things I Think RFC 2100 Ashworth Associates http://baylink.pitas.com 2000 Land Rover DII St Petersburg FL USA #natog +1 727 647 1274 tel:%2B1%20727%20647%201274
RE: Muni fiber: L1 or L2?
Fletcher: Many rural LECs are homerunning their fiber back to the CO, such that the optical splitters are only in the CO. It gives them one management point, the highest possible efficiency (you can maximize any every splitter and therefore PON) and a pathway to ActiveE. Frank -Original Message- From: Fletcher Kittredge [mailto:fkitt...@gwi.net] Sent: Thursday, January 31, 2013 3:58 PM To: Owen DeLong Cc: NANOG Subject: Re: Muni fiber: L1 or L2? On Thu, Jan 31, 2013 at 4:36 PM, Owen DeLong o...@delong.com wrote: If you have an MMR where all of the customers come together, then you can cross-connect all of $PROVIDER_1's customers to a splitter provided by $PROVIDER_1 and cross connect all of $PROVIDER_2's customers to a splitter provided by $PROVIDER_2, etc. If the splitter is out in the neighborhood, then $PROVIDER_1 and $PROVIDER_2 and... all need to build out to every neighborhood. If you have the splitter next to the PON gear instead of next to the subscribers, then you remove the relevance of the inability to connect a splitter to multiple OLTs. The splitter becomes the provider interface to the open fiber plant Owen; Interesting. Do you then lose the cost advantage because you need home run fiber back to the MMR? Do you have examples of plants built with this architecture (I know of one such plant, but I am hoping you will turn up more examples.) regards, Fletcher -- Fletcher Kittredge GWI 8 Pomerleau Street Biddeford, ME 04005-9457 207-602-1134
RE: regions.com down??
Looks like an operational issue: Frank -Original Message- From: William Herrin [mailto:b...@herrin.us] Sent: Wednesday, December 26, 2012 10:04 PM To: g...@1337.io Cc: nanog@nanog.org Subject: Re: regions.com down?? On Wed, Dec 26, 2012 at 9:50 PM, mailto:g...@1337.io g...@1337.io mailto:g...@1337.io g...@1337.io wrote: Looks like walmart.com is down as well . http://www.downforeveryoneorjustme.com/www.walmart.com http://www.downforeveryoneorjustme.com/www.walmart.com http://www.vonage.com www.vonage.com too. Very slow DNS resolution and then when it finally does resolve, tcp 80 doesn't connect. -- William D. Herrin mailto:her...@dirtside.com her...@dirtside.com mailto:b...@herrin.us b...@herrin.us 3005 Crane Dr. .. Web: http://bill.herrin.us/ http://bill.herrin.us/ Falls Church, VA 22042-3004 image001.png
RE: Current IPv6 state of US Mobile Phone Carriers
Here's a screenshot from 15 months ago: http://www.fix6.net/archives/2011/02/21/ipv6-live-on-verizons-lte-network/ Frank -Original Message- From: Randy Carpenter [mailto:rcar...@network1.net] Sent: Tuesday, May 22, 2012 9:07 PM To: PC Cc: nanog@nanog.org Subject: Re: Current IPv6 state of US Mobile Phone Carriers Not only does Verizon *not* have IPv6 on their LTE network, they also do *not* have IPv4, except for double-NATed rfc1918 crap that changes your IP address every couple minutes. The only way to get a stable connection is to pay them $500 to get a static public IP address. thanks, -Randy - Original Message - IPV6 is present, to my knowledge, on all devices on the Verizon IPV6 LTE network. I noticed its using it to communicate to Google for many of it's services when I ran a netstat. I believe they mandated support for it from any certified device. Unfortunately, it's still firewalled. On Tue, May 22, 2012 at 5:40 PM, Paul Graydon p...@paulgraydon.co.uk wrote: On 05/22/2012 01:21 PM, Cameron Byrne wrote: On May 22, 2012 4:00 PM, Paul Porterpaul.por...@gree.co.jp wrote: Hi NANOG, I'm looking for some information on the four largest US mobile phone carriers and the current state of their IPv6 infrastructure. Specifically, we are trying to figure out: 1. How much of the carrier core and edge for ATT, Verizon. T-Mobile, and Sprint are on IPv6 now? Hi, T-Mobile USA has native ipv6 to all subscribers in all of it's coverage area. But, less than 1% of subscribers use IPv6 because they do not have an IPv6 capable phone. The Nexus S and Galaxy Nexus work well. This device challenge will improve in time. Samsung is doing a good job of bringing IPv6 to Android devices. More info here That's interesting. I have a Galaxy Nexus on T-Mobile USA and it doesn't get an IPv6 address, only IPv4. Works fine with IPv6 over my wireless network at home. Doesn't seem to be anything obvious in the settings to enable or disable that. Paul
RE: Muni Fiber Last Mile - a contrary opinion
-Original Message- From: Owen DeLong [mailto:o...@delong.com] Sent: Sunday, December 26, 2010 9:11 PM To: Jared Mauch Cc: NANOG Subject: Re: Muni Fiber Last Mile - a contrary opinion On Dec 26, 2010, at 4:37 PM, Jared Mauch wrote: You are likely already at the mercy of some local hut for your dialtone. Very few things home run to the co these days. It's unlikely any hut has more than 24 hours of battery. I know this is true where FTTN overlays have been built. However, in the majority of California, at least, that is still more the exception than the rule and there is usually a Cat-3 Copper home-run for local dialtone. [Frank Bulk] Here in the midwest each and every of the telcos that I've talked to or worked with feeds dialtone for their DSL customers from the same equipment that serves the DSL. To do otherwise would require a splitter shelf in each node. I have talked to local techs that make the same trip each shift to fuel the generator during regular or minor power outages. Anything major, expect the service to die. If nothing else, I expect various other components in the system (trunk overload, switch dialtone exhaustion, etc.) in anything major anyway. However, 24 hours of dialtone after something happens still exceeds the average cablemodem duration after the power flickers. [Frank Bulk] Some MSOs (including ourselves) have power systems (e.g. Alpha) in place throughout the plant to provide backup power for at least some time.
RE: Hotel Internet?
Ethostream seems to have a good market share. That's what three hotels in our area are using for control. Frank -Original Message- From: Ryan Finnesey [mailto:ryan.finne...@harrierinvestments.com] Sent: Saturday, December 25, 2010 1:36 AM To: nanog@nanog.org Subject: Hotel Internet? Is anyone within the group providing Internet access to Hotels? It seems most of this market is controlled by Lodge Net. Cheers Ryan
RE: Some truth about Comcast - WikiLeaks style
That's not my understanding. Frank -Original Message- From: Jay Ashworth [mailto:j...@baylink.com] Sent: Friday, December 24, 2010 10:25 AM To: NANOG Subject: Re: Some truth about Comcast - WikiLeaks style - Original Message - From: Frank Bulk - iName.com frnk...@iname.com Uhm, D-CATV is not IP just quite yet. Sometimes I wish that's the case, but it's still very much RF. There are several vendors that sell GPON solutions that support RF over fiber, and there's always IP TV. Hmm. I had acquired the idea, from looking at the setup screens on the latest gen SciAt converters that it was, at very least, FDM IP multicast; that is, MPEG2 over IP multicast, and then multiplexed 4:1 or so into multiple broadband carriers, but sent as IP multicast streams and decoded that way. No? Cheers, -- jra
RE: Some truth about Comcast - WikiLeaks style
Uhm, D-CATV is not IP just quite yet. Sometimes I wish that's the case, but it's still very much RF. There are several vendors that sell GPON solutions that support RF over fiber, and there's always IP TV. Frank -Original Message- From: Jay Ashworth [mailto:j...@baylink.com] Sent: Thursday, December 23, 2010 11:20 AM To: NANOG Subject: Re: Some truth about Comcast - WikiLeaks style snip And since D-CATV is pretty much delivered over IP these days *anyway*, it won't even be technically difficult for cable providers to hook up customers over such a backbone. snip
RE: IPv6 BGP table size comparisons
Looks like AS13722 (Default Route, Inc), is advertising both 2607:ff08:cafe::/48 and 2607:ff08::/32. Frank -Original Message- From: Mike Tancsa [mailto:m...@sentex.net] Sent: Tuesday, December 21, 2010 6:19 PM To: NANOG list Subject: Re: IPv6 BGP table size comparisons On 12/21/2010 7:10 PM, Mike Tancsa wrote: On 12/21/2010 5:18 PM, Frank Bulk wrote: There are 4,035 routes in the global IPv6 routing table. This is what one provider passed on to me for routes (/48 or larger prefixes), extracted from public route-view servers. ATT AS7018: 2,851 (70.7%) Cogent AS174: 2,864 (71.0%) GLBX AS3549: 3,706 (91.8%) Hurricane Electric AS6939: 3,790 (93.9%) Qwest AS209: 3,918 (97.1%) TINET (formerly Tiscali) AS3257: 3,825 (94.8%) Verizon AS701: 3,938 (97.6%) TATA (AS6453) out of Toronto, Canada 3,747. For my v4 transit, I only see 0.3% difference from my largest and smallest view. Where as with ipv6, the difference is almost 25%. For /48 and shorter, I see 757 paths missing from AS174 that I see on my other 2 v6 transit providers. While looking at whats missing, I found this interesting /48. +2607:fed0::/32 +2607:fed8::/32 +2607:ff08:cafe::/48 +2607:ff20::/32 The 2607:ff08::/32 is visible on Cogent. But I guess they are not serving coffee there, only on TATA and HE. ---Mike
RE: Spamhaus under DDOS from AnonOps (Wikileaks.info)
The wikileaks.info press release points to Google's Safe Browsing page for wikileaks.info (http://www.google.com/safebrowsing/diagnostic?site=wikileaks.info), which comes up clean. While I tend to trust Steve and Spamhaus because of their built up reputation, it would be helpful if some concrete facts were published about the more than 40 criminal-run sites operating on the same IP address as wikileaks.info, including carder-elite.biz, h4ck3rz.biz, elite-crew.net, and bank phishes paypal-securitycenter.com and postbank-kontodirekt.com. Any chance that will be done, so wikileaks.info's claims can be publicly refuted? Kind regards, Frank -Original Message- From: Jack Bates [mailto:jba...@brightok.net] Sent: Saturday, December 18, 2010 3:00 PM To: nanog@nanog.org Subject: Re: Spamhaus under DDOS from AnonOps (Wikileaks.info) On 12/18/2010 6:58 AM, Steve Linford wrote: For trying to warn about the crime gangs located at the wikileaks.info mirror IP, Spamhaus is now under ddos by AnonOps. The criminals there do not like our free speech at all. It appears that wikileaks.org is operational again and redirecting to mirros.wikileaks.info, which draws concern of who now controls wikileaks.org. .info definitely isn't the same layout as all the mirrors. Jack
RE: Spamhaus under DDOS from AnonOps (Wikileaks.info)
Thanks for your note and the many others. I think it could have been stated more clearly that wikileaks.info, while in a bad neighborhood, and set up to suggest it is Wikileaks or part of the Wikileaks organization, does not (at this time) host or facilitate distribution of malware. The Spamhaus announcement was not so clear. Frank -Original Message- From: Paul Ferguson [mailto:fergdawgs...@gmail.com] Sent: Sunday, December 19, 2010 12:52 PM To: frnk...@iname.com Cc: Jack Bates; nanog@nanog.org Subject: Re: Spamhaus under DDOS from AnonOps (Wikileaks.info) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Not for nothing, but Spamhaus wasn't the only organization to warn about Heihachi: http://blog.trendmicro.com/wikileaks-in-a-dangerous-internet-neighborhood/ FYI, - - ferg On Sun, Dec 19, 2010 at 10:46 AM, Frank Bulk - iName.com frnk...@iname.com wrote: The wikileaks.info press release points to Google's Safe Browsing page for wikileaks.info (http://www.google.com/safebrowsing/diagnostic?site=wikileaks.info), which comes up clean. While I tend to trust Steve and Spamhaus because of their built up reputation, it would be helpful if some concrete facts were published about the more than 40 criminal-run sites operating on the same IP address as wikileaks.info, including carder-elite.biz, h4ck3rz.biz, elite-crew.net, and bank phishes paypal-securitycenter.com and postbank-kontodirekt.com. Any chance that will be done, so wikileaks.info's claims can be publicly refuted? Kind regards, Frank -Original Message- From: Jack Bates [mailto:jba...@brightok.net] Sent: Saturday, December 18, 2010 3:00 PM To: nanog@nanog.org Subject: Re: Spamhaus under DDOS from AnonOps (Wikileaks.info) On 12/18/2010 6:58 AM, Steve Linford wrote: For trying to warn about the crime gangs located at the wikileaks.info mirror IP, Spamhaus is now under ddos by AnonOps. The criminals there do not like our free speech at all. It appears that wikileaks.org is operational again and redirecting to mirros.wikileaks.info, which draws concern of who now controls wikileaks.org. .info definitely isn't the same layout as all the mirrors. Jack -BEGIN PGP SIGNATURE- Version: PGP Desktop 9.5.3 (Build 5003) wj8DBQFNDlQ5q1pz9mNUZTMRAn5XAKC0O3ZNO51bnAX7D99SRRqR04QIQQCfZDwH dQN8fG2TYk6RUFYplRAiHDE= =em1c -END PGP SIGNATURE- -- Fergie, a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/
RE: cablevision?
Yes: http://www.dslreports.com/forum/r25190780-Optonline-outage-12-12-2010 Frank -Original Message- From: Ben C. [mailto:bc-l...@beztech.net] Sent: Sunday, December 12, 2010 7:55 AM To: nanog@nanog.org Subject: cablevision? Hi all, Does anybody know anything about a large cablevision outage this morning? Their support phone lines are busy signals... Thanks Ben
RE: Amazon.co.uk, and most of Amazon Europe, appears to be down.
This is not Amazon per se, but if you look at http://status.aws.amazon.com/, and choose the Europe tabm, Amazon Elastic Compute Cloud (Ireland), Amazon Simple Notification Service (Ireland), and Amazon Simple Queue Service (Ireland) are having performance issues. Frank -Original Message- From: Wil Schultz [mailto:wschu...@bsdboy.com] Sent: Sunday, December 12, 2010 3:33 PM To: North American Network Operators Group Subject: Amazon.co.uk, and most of Amazon Europe, appears to be down. Unknown if this is due to the recent doings of late, but it appears as if Amazon Europe appears to be down. The anon's are definitely trying to cause disruptions, I find it difficult to believe that they are the actual cause. Time will tell. -wil
RE: SONET and MAC address
Fuji 4500 gear, depending on the card, software release, and configuration, can support or not support tagged traffic, which might also be distinguishing aspect that your vendor may not be aware of. Let me know if you need a bit more details, and I can ask our consultant who works with these boxes on a regular basis. Frank -Original Message- From: Jay Nakamura [mailto:zeusda...@gmail.com] Sent: Wednesday, December 08, 2010 2:33 PM To: NANOG Subject: SONET and MAC address We have a Gigabit Ethernet transport between cities by a vendor. We found that when there are identical MAC address that are on different VLANs on different side of the circuit, one of the VLAN looses packets. This situation came up because two different networks that travel over the Ethernet were using HSRP with the same virtual MAC address. The vendor says both sides are directly connected to Fujitsu SONET gear and the equipment doesn't even look at the MAC address so it's not their circuit. All I know is, I can't recreate the problem if this circuit is not in the path. I haven't worked with Fujitsu SONET gear so I don't know if their claim is true or not. I vaguely remember someone talking about some equipment actually having a builtin switch on the SONET port and that was messing up the forwarding. Also, on one side of the circuit, there is a copper to fiber media converter. I am going to find out what model this is and see if that could be the cause. Anyone have any thoughts on what I should look into or have the vendor look into? Anyone run into this situation? Thanks!
RE: Network management software with high detailed traffic report
Well, on the RSP720, the show interface byte counters are definitely not every second, though I can't say it's been as long as 9 seconds. I typically look at them while making changes and they definitely stand still for a few seconds. Frank -Original Message- From: Brandon Ross [mailto:br...@pobox.com] Sent: Monday, November 22, 2010 8:03 AM To: Nick Hilliard Cc: nanog@nanog.org Subject: Re: Network management software with high detailed traffic report On Mon, 22 Nov 2010, Nick Hilliard wrote: some do, some don't. For example, sup720 snmp counters are updated every 9 seconds, while the show interface counters are updated every 30 seconds. That is most certainly NOT true. The 'show interface' counters update at least once a second. Perhaps you are thinking about the rate counters that are often _configured_ to use the last 30 seconds of data to compute the average but also update much more often than every 30 seconds (and default to a 5 minute average). -- Brandon Ross AIM: BrandonNRoss ICQ: 2269442 Skype: brandonross Yahoo: BrandonNRoss
RE: IPv6 Routing table will be bloated?
A combo WISP and pre-DOCSIS cable system we bought four years ago in a relatively rural area had exactly such a setup with Sprint and UUNet/Verizon/MCI. They had just one T-1 with each provider and a very simple BGP configuration. I just checked, and see that their ASN has been reused. Frank -Original Message- From: Chris Boyd [mailto:cb...@gizmopartners.com] Sent: Tuesday, October 26, 2010 3:08 PM To: NANOG Subject: Re: IPv6 Routing table will be bloated? On Oct 26, 2010, at 2:45 PM, George Bonser wrote: But how do they multihome without an ASN? If they have an ASN, how did they get it without going to an RIR and paying a fee? I beleive Jack said that they have redundant connections to his network. I took that to mean that they did not multihome to different AS. Such arrangements are not uncommon. Sprint seems to have done very well selling this sort of near-turnkey service to rural DSL carriers, tiny single town MSOs and the like. --Chris
Looking for suggestions for an internet content filtering appliance
We offer an optional internet content filtering service to our residential and business customers using M86's appliance (http://www.m86security.com/products/web_security/m86-web-filtering-reportin g-suite.asp). I've been in conversation with them since Q1 regards IPv6 support, but the update I received today was that IPv6 support won't be available until middle to late next year. That's not ideal, because the local college is a significant user and they started with IPv6 this summer. College students can easily bypass content filtering by using the IPv6 version of the site (i.e. http://www.playboy.com.sixxs.org) Wondering if anyone can point me to a similar appliance. I know that Barracuda has such an appliance but it has one limitation I don't like, and that Fortinet and Ironport have more expensive products. It must be able to operate in pass-by/SPAN mode, not inline, and handle traffic rates up to 1 Gbps. We currently move 400+ Mbps by it and internet usage only goes up. Thanks in advance for any suggestions you have. Kind regards, Frank
RE: Looking for suggestions for an internet content filtering appliance
Jeroen: Their filtering appliance also filters out free HTTP proxies and anonymizers, some because their known, others because of signatures. It's not perfect, but it catches a lot more than what you might think. And we don't market it as the silver bullet and we let our customers know that this is not the be-all and end-all of content filtering, but something that catches the vast majority accidental site visits. If someone wants to work around it they can run a VPN, but for 99.99% of the subscribers of this service, it's a lot better than nothing or running software on each PC (which doesn't help for Xbox, etc). If you have a URL you want me to try, let me know and I'll be able to tell you what the appliance thinks. Regards, Frank -Original Message- From: Jeroen Massar [mailto:jer...@unfix.org] Sent: Monday, August 23, 2010 2:16 PM To: frnk...@iname.com Cc: nanog@nanog.org Subject: Re: Looking for suggestions for an internet content filtering appliance On 2010-08-23 20:52, Frank Bulk - iName.com wrote: We offer an optional internet content filtering service to our residential and business customers using M86's appliance (http://www.m86security.com/products/web_security/m86-web-filtering-reportin g-suite.asp). I've been in conversation with them since Q1 regards IPv6 support, but the update I received today was that IPv6 support won't be available until middle to late next year. That's not ideal, because the local college is a significant user and they started with IPv6 this summer. College students can easily bypass content filtering by using the IPv6 version of the site (i.e. http://www.playboy.com.sixxs.org) Emmm.. if they can use that to circumvent your filter don't you think those same people won't be able to find out about other proxy servers, it is not like the internet is not filled with them or anything. Please note to yourself that you are fighting a lost cause as there are more locations on the Internet that are annoying for the policy than you can list, thus one of the very few ways to make it very hard to 'filter' is to only allow approved sites, and with 'approve' I mean fetch the URL on a controlled machine, scrub it and pass it back, as the moment somebody can have a host on the outside and can send a few bits to it and get an answer back they are outside, if you like it or not. That said, there are loads of free HTTP proxies, anonymizers and other such tools and most of them are not caught by your filtering toy anyway. But indeed, it is a bad thing that they are unable to update their little box to do IPv6, there really is not that much different there. Greets, Jeroen (Who could block stuff on the above URL actually, but except for silly people trying to run torrents over it which does not work but which do hammer those boxes nothing gets blocked [CP is the except])
RE: Addressing plan exercise for our IPv6 course
Keep selling them the NAT router, just don't tell them that it applies only to IPv4 only and not to IPv6. 99.9% of consumers don't know about NAT, they just want to plug it in and be connected. That's why having a stateful firewall as standard element of an IPv6-capable router specification would keep SOHO IPv6 connectivity on par with IPv4. Frank -Original Message- From: Akyol, Bora A [mailto:b...@pnl.gov] Sent: Thursday, July 22, 2010 9:54 PM To: Owen DeLong; matt...@matthew.at Cc: nanog list Subject: Re: Addressing plan exercise for our IPv6 course As long as customers believe that having a NAT router/firewall in place is a security feature, I don't think anyone is going to get rid of the NAT box. In all reality, NAT boxes do work for 99% of customers out there. Bora On 7/22/10 7:34 PM, Owen DeLong o...@delong.com wrote: Well, wouldn't it be better if the provider simply issued enough space to make NAT66 unnecessary? Owen
RE: Geolocation contact for Bing/Microsoft?
This might help you: http://www.bing.com/community/forums/p/653511/9573859.aspx Frank -Original Message- From: Schiller, Heather A (HeatherSkanks) [mailto:heather.schil...@verizonbusiness.com] Sent: Tuesday, June 29, 2010 11:47 AM To: NANOG list Subject: Geolocation contact for Bing/Microsoft? Can someone from Bing/MS contact me about correcting Geolocation info for some IP's. Folks are erroneously getting redirected - and I can't find any info about how to get it fixed. Thanks, --Heather ~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~* Heather Schiller Network Security - Verizon Business 1.800.900.0241secur...@verizonbusiness.com
RE: GSM modem test point with data and SMS support
Thanks for your response and three I received off-list. Multi-tech confirmed that none of their models can do SMS and EDGE at the same time. They have to be out of PPP mode to send and receive SMS. Frank -Original Message- From: Adam Kennedy [mailto:adamkenn...@omnicity.net] Sent: Wednesday, May 19, 2010 9:22 AM To: frnk...@iname.com; nanog@nanog.org Subject: RE: GSM modem test point with data and SMS support Some additional information on the SAMBA modems can be found at the manufacturer site: http://www.falcomusa.com/ -- Adam Kennedy Network Engineer Omnicity, Inc. -Original Message- From: Adam Kennedy [mailto:adamkenn...@omnicity.net] Sent: Wednesday, May 19, 2010 10:18 AM To: frnk...@iname.com; nanog@nanog.org Subject: RE: GSM modem test point with data and SMS support The SAMBA modems are USB powered and can respond to normal AT commands for things like signal strength and so forth. Using the sms-tools kit, you can also send/receive SMS messages. The SAMBA modem I have supports EDGE. -- Adam Kennedy Network Engineer Omnicity, Inc. -Original Message- From: Frank Bulk [mailto:frnk...@iname.com] Sent: Tuesday, May 18, 2010 11:00 PM To: nanog@nanog.org Subject: GSM modem test point with data and SMS support We have some interest in testing the real-world connectivity of several cellular towers using a GSM modem that has both a IP address on the WWAN and has SMS support. Is anyone aware of a self-contained box that supports both technologies? EDGE support is preferred, but GPRS would be acceptable. Frank
RE: Emulating ADSL bandwidth shaping
We're an ISP that has four access technologies. Both cable and DSL modem link times are affected by configured rate and sync rate, respectively. My home CM is at 15/1 Mbps and one-way latency is 4 to 5 msec. My home DSL modem is at 15/1 Mbps (with interleaving) and has a one-way latency of 15 to 16 msec. And FTTH at 15/1 Mbps is about 2 msec. In regards to burst mode, the cable modem file specifies how many bytes are given that top speed, not time. If the port is heavily utilized, top speed may not be attained during that burst session. Frank -Original Message- From: Patrick Giagnocavo [mailto:patr...@zill.net] Sent: Monday, May 03, 2010 10:19 PM To: Srikanth Sundaresan; NANOG Subject: Re: Emulating ADSL bandwidth shaping Srikanth Sundaresan wrote: I'm trying to model ADSL access link bandwidth shaping. With a link of 18Mbps, I'm using a token bucket filter (tc + netem) to model 10Mbps, 8Mbps and 2Mbps access plans. I have a couple of questions: - do ISPs typically use token bucket filters with large bursts to shape traffic? - what kind of burst sizes and latencies/limits are typically used for the filter? You will definitely have to account for latency. For emulating cable traffic, latencies (in the USA) will be about 60-80ms to typical sites. Burst mode in my experience occurs only for about the first 15 seconds, then is throttled back (though not always; seems to depend on time of day). For DSL, I seem to recall latency being about 90-110ms (note, I haven't used DSL in many years). Burst mode was generally not noticeable or available, that is, you got the same speed regardless of downloading a 1MB jpeg or a 640MB .iso file. IMHO, IME, ISTR, YMMV... --Patrick
RE: Rate of growth on IPv6 not fast enough?
Don't forget the home gateway aspect -- it's a huge gaping hole in the IPv6 deployment strategy for ISPs. And don't talk to me about Apple's Airport Extreme. ISPs want (once the volume of IETF IPv6-related drafts has settled down) for every router at Wal-mart to include IPv6 support. If they start right now and presume that home gateways/routers are replaced every 3 to 5 years, it will be several years before they've covered even 50% of the homes. Frank -Original Message- From: Leo Bicknell [mailto:bickn...@ufp.org] Sent: Monday, April 19, 2010 9:31 AM To: nanog@nanog.org Subject: Re: Rate of growth on IPv6 not fast enough? In a message written on Sun, Apr 18, 2010 at 10:22:25PM -0700, joel jaeggli wrote: Just because the curve doesn't look steep enough now doesn't mean it won't in two years. Human behavior is hard to model and panic hasn't set in yet. There is also an aspect of this transition I don't think we've seen before (in networking). A large percentage of end users are on technologies (cable modem, dsl, even dial up) who's configuration is entirely driven out of a provisioning database. Once the backbone is rolled out, the nameservers, dhcp, and configuration servers dual-stacked many ISP's could enable IPv6 for all of their customers overnight with only a few keystrokes. Now they won't literally do it that way to save their support folks, but if the need arises they will be able to push the button quite quickly. I suspect the middle part of this S curve is going to be much, much steeper than anyone is predicting right now. -- Leo Bicknell - bickn...@ufp.org - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/
RE: New Linksys CPE, IPv6 ?
I reached out to the inside sales of Linksys just as recently as last week, and they wrote me back: We did a little further research to see how we were currently roadmapping RFC3633 and it looks like we have no current router models that will be coming out over the next couple quarters that support it on the consumer side of the house. and later: We will keep tabs with the BU on support and will let you know if we hear anything coming up on the roadmap. Frank -Original Message- From: Jorge Amodio [mailto:jmamo...@gmail.com] Sent: Wednesday, March 31, 2010 2:01 PM To: NANOG Subject: New Linksys CPE, IPv6 ? http://newsroom.cisco.com/dlls/2010/prod_033110.html Does anybody know what are the plans for IPv6 support ? Regards Jorge
RE: New Linksys CPE, IPv6 ?
I checked the documentation for two models (Linux model and highest-end non-Linux model), and there's no mention of IPv6. Frank -Original Message- From: Nick Hilliard [mailto:n...@foobar.org] Sent: Wednesday, March 31, 2010 3:16 PM To: Joel Jaeggli Cc: NANOG Subject: Re: New Linksys CPE, IPv6 ? On 31/03/2010 21:07, Joel Jaeggli wrote: the current wrt610n supports ipv6 I failed to see why a slightly updated and rebranded one would not as well. because for low-end CPE devices like this, a tiny change in the model number (e.g. v1-v2) might mean a completely different internal system, with different host CPU, different ethernet controller, etc. You're not in any way guaranteed the same sort of software compatibility when moving from one device version to another, particularly for less well supported features like ipv6. Nick
RE: New Linksys CPE, IPv6 ?
I confirmed with Linksys' PR person that there is no IPv6 -- if someone sees different, please let us know. Frank -Original Message- From: Joel Jaeggli [mailto:joe...@bogus.com] Sent: Wednesday, March 31, 2010 4:30 PM To: frnk...@iname.com Cc: 'Nick Hilliard'; NANOG Subject: Re: New Linksys CPE, IPv6 ? It's not in the wrt610n docs either yet the code was unambiguously in the box, complete with 6to4 that your couldn't shut off. On 03/31/2010 01:26 PM, Frank Bulk - iName.com wrote: I checked the documentation for two models (Linux model and highest-end non-Linux model), and there's no mention of IPv6. Frank -Original Message- From: Nick Hilliard [mailto:n...@foobar.org] Sent: Wednesday, March 31, 2010 3:16 PM To: Joel Jaeggli Cc: NANOG Subject: Re: New Linksys CPE, IPv6 ? On 31/03/2010 21:07, Joel Jaeggli wrote: the current wrt610n supports ipv6 I failed to see why a slightly updated and rebranded one would not as well. because for low-end CPE devices like this, a tiny change in the model number (e.g. v1-v2) might mean a completely different internal system, with different host CPU, different ethernet controller, etc. You're not in any way guaranteed the same sort of software compatibility when moving from one device version to another, particularly for less well supported features like ipv6. Nick
Calix listserv starting up -- delete if you're not interested
Considering that there are likely more than a handful of Calix customers in this list, I'd like to advertise a new listserv to talk about all things Calix, namely calix-nsp. If you're interested, you can sign up here: https://puck.nether.net/mailman/listinfo/calix-nsp Regards, Frank Bulk
RE: Bonded SDSL (was RE: ITU G.992.5 Annex M - ADSL2+M Questions)
It's being done by Actelis, Hatteras, and Zhone. More exactly SHDSL or similar variants. The market is being well-served. Frank -Original Message- From: Michael Sokolov [mailto:msoko...@ivan.harhan.org] Sent: Monday, January 04, 2010 9:40 PM To: nanog@nanog.org Subject: Bonded SDSL (was RE: ITU G.992.5 Annex M - ADSL2+M Questions) Frank Bulk - iName.com frnk...@iname.com wrote: We offer it, but practically speaking we haven't gotten much higher than 1.5 Mbps on the upstream. Sorry that I'm coming into this thread late (I have just subscribed), but since I see people discussing DSL with beefy upstream, I thought I would be brave and ask: do you esteemed high-end network op folks think that there may be anyone in the world who might be interested in bonded SDSL or not? I have spent the past 5 years of my life learning everything there is to know about SDSL. Don't ask me why, I don't really know the answer to that question myself. I won't waste the bandwidth of this elite list with dirty details of just what I've done with SDSL over the past 5 y, but I'll give a link to an open source project that contains the body of SDSL knowledge amassed over those years: http://ifctfvax.Harhan.ORG/OpenSDSL/ To make the long story short, for most of those years I kept trudging on my project, treating it as an ultra-weird hobby that no one else in the world could possibly have any interest in. That persisted until 2009 when my project got noticed by two fairly major North American DSL network operators. (Well, one very major and one semi-major, but I'll spare the names.) Both of those had contacted me via my Open SDSL Connectivity Project expressing interest in SDSL bonding. Both companies were telling me how much interest they had in SDSL bonding, how much it would help their business to be able to offer bonded SDSL services at 3 or 6 Mbps, how many customers they would be able to sign up for these services, etc. But when I asked them to back their verbally-expressed interest with the tiniest amount of money or even no money at all but a letter of intent which I could show to SBA etc, they both went silent. We've been playing a game of cat-and-mouse ever since. As far as I could understand the existing situation is that the SDSL infrastructure already deployed en masse by the major North American DSL network operators already has the capability to serve out bonded SDSL circuits, bonding either in the DSLAM or somewhere upstream of it, using MLPPP, Multilink Frame Relay or whatever else one can think of, but the problem is with CPE. Apparently bonding-capable multiport SDSL CPE devices are quite scarce. Considering everything I've done with SDSL over the past 5 y, I believe I have a right to say with confidence that I am more than capable of designing and building a bonding-capable multiport SDSL CPE device for any existing SDSL flavor with any desired number of ports (2, 4 or whatever). But what I don't know, and what I'm asking this highly esteemed list for advice with, is this question: is there anyone at all in the world who might have a real serious interest in such a thing? If there is someone in the world who would truly appreciate having a bonded SDSL solution, I would be delighted to work on developing such a thing. I would see it as a service to humanity whereby more use would be made out of existing copper infrastructure in the ground instead of having to dig more ditches to bury more fiber or whatever. But if there is no one in the world who would be interested in bonded SDSL (or at least interested enough to invest one dime into development), then why bother... MS
RE: ITU G.992.5 Annex M - ADSL2+M Questions
We offer it, but practically speaking we haven't gotten much higher than 1.5 Mbps on the upstream. Frank -Original Message- From: Luke Marrott [mailto:luke.marr...@gmail.com] Sent: Monday, January 04, 2010 4:03 PM To: nanog@nanog.org Subject: ITU G.992.5 Annex M - ADSL2+M Questions I've been looking up information on the Annex M Standard today and am unable to find any ISPs in the US offering this. Can anyone tell me if there are providers in the US using the Annex M standards and increased upstream with it, or if not is there a good reason why its not being done yet? Thanks! :Luke Marrott
RE: dark fiber and sfp distance limitations
and to add, OTDR at several wavelengths, just in case you want to do xWDM in the future. Frank -Original Message- From: ML [mailto:m...@kenweb.org] Sent: Friday, January 01, 2010 6:24 PM To: Mike Cc: nanog@nanog.org Subject: Re: dark fiber and sfp distance limitations On 1/1/2010 5:52 PM, Mike wrote: I am looking at the possibility of leasing a ~70 mile run of fiber. I don't have access to any mid point section for regeneration purposes, and so I am wondering what the chances that a 120km rated SFP would be able to light the path and provide stable connectivity. There are a lot of unknowns including # of splices, condition of the cable, or the actual dispersion index or other properties (until we actually get closer to leasing it). Its spare telco fibers in the same cable binder they are using interoffice transport, but there are regen huts along the way so it works for them but may not for us, and 'finding out' is potentially expensive. How would someone experienced go about determining the feasibillity of this concept and what options might there be? Replies online or off would be appreciated. Thanks. Pardon my ignorance in this area but is too much to ask for OTDR data before signing contracts? In addition to data on the make of the fiber if you wanted to do xWDM in the future. NDAs shall be signed of course
RE: wifi hotspot software needed
I've been impressed with what I've seen from SolutionInc (http://www.solutioninc.com/). They're the only multi-site product I would feel comfortable pursuing at this time. Most others require managing each site or AP separately, which is not my idea of scalable. Frank -Original Message- From: keith kouzmanoff [mailto:ke...@kouzmanoff.com] Sent: Monday, December 21, 2009 1:22 PM To: nanog@nanog.org Subject: wifi hotspot software needed I am consulting with a new player in the internet field and I am looking for suggestions for hotspot wifi software. GPL would be great, but I know some of the stuff out doesn't have all the features. http://www.antamedia.com/ looks pretty solid and has an oem feature, anybody else us this? We will wanting to set up about 10 different hotspots in a small downtown area and we want to give away the service for free. Doesn't everybody expect that already? I'll want to also be able to manage some rotating-commercialized popups/popunders or log in advertisements to offset the costs. As well as some traffic shaping / blocking some common high bandwidth usage sites / or times of the day / for the neighbors who live in the area too. Maybe some one has done this before? If you have any suggestions, please feel free to contact me off list. keith at kouzmanoff dot com thanks!
RE: PPPoE vs. Bridged ADSL
Hindsight being what it is, we would have likely had a separate account/password for the PPP account. I guess we could theoretically have two layers of RADIUS checking, the first layer being the application-layer username/password, and failing that, the original username/password that we assigned to the PPP device. Frank -Original Message- From: Sean Donelan [mailto:s...@donelan.com] Sent: Saturday, October 31, 2009 3:14 PM To: NANOG list Subject: RE: PPPoE vs. Bridged ADSL On Thu, 29 Oct 2009, Frank Bulk - iName.com wrote: Others commented on things I already had in mind only the username/password thing of PPPoE. We use the same username/pw on the modem as the customer users for their e-mail, so a password change necessitates a truck roll (I know, I know, TR-069). We started with PPPoE for our FTTH, because we were familiar with it, but we moved over to a VLAN per service model which ends up something like RBE in function. We can track customers based on the Option 82 info, so we're good to go in terms of tracking them. You can have a network username/password for the customer different from the mail and other application-layer username/password. Some ISPs did that in the dial-up days, and also with PPPOx. The network account information is configured in the dialer or router/modem; and most users never need to know the network-layer stuff. The user can change their mail/application password (and use it for off-network access) without affecting their network-layer pasword. The same network account may have multiple mail/application accounts associated with it. It also helps in the debate whether you store unreversable passwords or cleartext passwords for things like CHAP/PAP; need to split accounts because people change households; network re-architecture moves circuits around or users move and re-associating the connections with the correct accounts. Yep, I sometimes found two households with swapped VPI/VCI, VLAN or PORT identifiers because someone/something made a data entry or circuit termination mistake. I like a combination of 802.1x and Option 82 as way of cross-checking, and layer 2/3 anti-spoof protection. I also like handling network things mostly at the network/hardware level, separate from the application layer identity so the user changes aren't affected. But there are almost always multiple ways to solve a problem.
RE: PPPoE vs. Bridged ADSL
For telco-delivered IPTV, the multicast channel, bi-directional control channel, and video are transmitted on different VP/VC. For VDSL2, I'm guessing it would be a different VLAN. Frank -Original Message- From: Jack Bates [mailto:jba...@brightok.net] Sent: Thursday, October 29, 2009 10:03 AM To: nanog@nanog.org Subject: Re: PPPoE vs. Bridged ADSL Mikael Abrahamsson wrote: I think the important thing is to have a separate L2 isolation per customer so you can more easily deploy IPv6 in the future. q-in-q or PPPoX will both solve this problem, but deploying multicast TV offering might be harder in this deployment model. In general, it shouldn't be. Local multicast TV offerings should be transmitted out of band from the standard internet connection, either different vlan or outside of the PPPoE. The nature of it usually indicates a specialized CPE maintained by the provider to support the necessary QOS, and division of Internet and Video traffic. For public multicast, splitting in the local pop just doesn't matter much. There is really no devices out there to securely do IPv6 to the end user natively when you have a shared L2 domain (in v4 this implies the L2 device will do DHCP snooping and do filtering based on that). Several vendors claim to have v6 support for this in the next year. Currently, many of them completely break v6 due to the v4 security. Jack
RE: PPPoE vs. Bridged ADSL
Others commented on things I already had in mind only the username/password thing of PPPoE. We use the same username/pw on the modem as the customer users for their e-mail, so a password change necessitates a truck roll (I know, I know, TR-069). We started with PPPoE for our FTTH, because we were familiar with it, but we moved over to a VLAN per service model which ends up something like RBE in function. We can track customers based on the Option 82 info, so we're good to go in terms of tracking them. Frank -Original Message- From: JD [mailto:jdupuy-l...@socket.net] Sent: Wednesday, October 28, 2009 4:21 PM To: NANOG list Subject: PPPoE vs. Bridged ADSL There is a debate among our engineering staff as to the best means of provisioning broadband service over copper facilities. Due to our history, we have a mix out in the field. Some customers are on DSLAMS set up for bridged connections with DHCP; isolated by a variety of means including VLANS. Some customers are on PPPoE over ATM. Some customers are on PPPoE over ethernet (PPPoEoE ?? :) ). There seem to be pros and cons to both directions. Certainly true bridging has less overhead. But modern CPEs can minimize the impact of PPPoE. PPPoE allows for more flexible provisioning; including via RADIUS. Useful for the call center turning customers on/off without NOC help. But VLAN tricks can sometimes do many of the same things. Opinions on this? I'd be interested in hearing the latest real world experience for both and the direction most folks are going in. BTW, I doubt it is relevant to the discussion, but most of our DSLAMS are Adtran TA5000s (or are being migrated to that platform.) We are mostly a cisco shop for the upstream routers. Thanks, John
RE: FCCs RFC for the Definition of Broadband
As one of the workshops discussed, does the definition of underserved and unserved include the clause for a reasonable price? If the price is unreasonable, do you think its government money well-spent to subsidize bringing a competitor to a market that couldn't make it before? Or are there perhaps other ways to deal with that pricing issue? Frank -Original Message- From: William Herrin [mailto:herrin-na...@dirtside.com] Sent: Wednesday, August 26, 2009 4:46 PM To: Fred Baker Cc: nanog@nanog.org Subject: Re: FCCs RFC for the Definition of Broadband snip Really where they need the swift kick in the tail is in the product tying where you can't buy a high speed connection to J. Random ISP, you can only buy a high speed connection to monopoly provider's in-house ISP. Which means you can only get commodity service since monopoly provider isn't in the business of providing low-dollar custom solutions. But it sounds like that's outside the scope of what Congress has approved. Regards, Bill Herrin -- William D. Herrin her...@dirtside.com b...@herrin.us 3005 Crane Dr. .. Web: http://bill.herrin.us/ Falls Church, VA 22042-3004
RE: FCCs RFC for the Definition of Broadband
Estimates to bring FTTH to all of America is in the $100 to $300B range. So yes, the $7.2B is a drop in the bucket. Frank -Original Message- From: Sean Donelan [mailto:s...@donelan.com] Sent: Wednesday, August 26, 2009 9:53 PM To: nanog@nanog.org Subject: Re: FCCs RFC for the Definition of Broadband On Wed, 26 Aug 2009, Fred Baker wrote: If it's about stimulus money, I'm in favor of saying that broadband implies fiber to the home. That would provide all sorts of stimuli to the economy - infrastructure, equipment sales, jobs digging ditches, and so on. I could pretty quickly argue myself into suggesting special favors for deployment of DNSSEC, multicast, and IPv6. As in, use the stimulus money to propel a leap forward, not just waste it. Broadband stimulus money = $7,200,000,000 Housing units in USA (2000) = 115,904,641 Stimulus money per housing unit = $62.12 one-time What definition of broadband can you achieve for that amount of money? Or for rural housing units (2000) = 25,938,698 Stimulus money per rural housing unit = $277.58 one-time What definition of broadband can you achieve for that amount of money in a rural build-out? How much will fiber to the home cost in a rural area?
RE: Data Center testing
There's more to data integrity in a data center (well, anything powered, that is) than network configurations. There's the loading of individual power outlets, UPS loading, UPS battery replacement cycles, loading of circuits, backup lighting, etc. And the only way to know if something is really working like it's designed is to test it. That's why we have financial auditors, military exercises, fire drills, etc. So while your analogy emphasizes the importance of having good processes in place to catch the problems up front, it doesn't eliminate throwing the switch. Frank -Original Message- From: Jeff Aitken [mailto:jait...@aitken.com] Sent: Tuesday, August 25, 2009 7:53 AM To: Dan Snyder Cc: NANOG list Subject: Re: Data Center testing On Mon, Aug 24, 2009 at 09:38:38AM -0400, Dan Snyder wrote: We have done power tests before and had no problem. I guess I am looking for someone who does testing of the network equipment outside of just power tests. We had an outage due to a configuration mistake that became apparent when a switch failed. It didn't cause a problem however when we did a power test for the whole data center. Dan, With all due respect, if there are config changes being made to your devices that aren't authorized or in accordance with your standards (you *do* have config standards, right?) then you don't have a testing problem, you have a data integrity problem. Periodically inducing failures to catch them is sorta like using your smoke detector as an oven timer. There are several tools that can help in this area; a good free one is rancid [1], which logs in to your routers and collects copies of configs and other info, all of which gets stored in a central repository. By default, you will be notified via email of any changes. An even better approach than scanning the hourly config diff emails is to develop scripts that compare the *actual* state of the network with the *desired* state and alert you if the two are not in sync. Obviously this is more work because you have to have some way of describing the desired state of the network in machine-parsable format, but the benefit is that you know in pseudo-realtime when something is wrong, as opposed to finding out the next time a device fails. Rancid diffs + tacacs logs will tell you who made the changes, and with that info you can get at the root of the problem. Having said that, every planned maintenance activity is an opportunity to run through at least some failure cases. If one of your providers is going to take down a longhaul circuit, you can observe how traffic re-routes and verify that your metrics and/or TE are doing what you expect. Any time you need to load new code on a device you can test that things fail over appropriately. Of course, you have to willing to just shut the device down without draining it first, but that's between you and your customers. Link and/or device failures will generate routing events that could be used to test convergence times across your network, etc. The key is to be prepared. The more instrumentation you have in place prior to the test, the better you will be able to analyze the impact of the failure. An experienced operator can often tell right away when looking at a bunch of MRTG graphs that something doesn't look right, but that doesn't tell you *what* is wrong. There are tools (free and commercial) that can help here, too. Have a central syslog server and some kind of log reduction tool in place. Have beacons/probes deployed, in both the control and data planes. If you want to record, analyze, and even replay routing system events, you might want to take a look at the Route Explorer product from Packet Design [2]. You said switch failure above, so I'm guessing that this doesn't apply to you, but there are also good network simulation packages out there. Cariden [3] and WANDL [4] can build models of your network based on actual router configs and let you simulate the impact of various scenarios, including device/link failures. However, these tools are more appropriate for design and planning than for catching configuration mistakes, so they may not be what you're looking for in this case. --Jeff [1] http://www.shrubbery.net/rancid/ [2] http://www.packetdesign.com/products/rex.htm [3] http://www.cariden.com/ [4] http://www.wandl.com/html/index.php
RE: Issues accessing hulu.com from new(ish) US range
A few others I would check: - Akamai (you can contact them via their web page, but there are also people on this listserv that can check, too) - Google (if their search pages comes up in American English, you're good to go, otherwise there's info in their help that will let you fill out a form) - MaxMind (there's a contact form on their web page) Contact me offline if you want a list of (more minor) GeoIP sites I have bookmarked. Frank -Original Message- From: Chris Taylor [mailto:chris.tay...@sohonet.co.uk] Sent: Wednesday, July 15, 2009 3:51 AM To: nanog@nanog.org Subject: Issues accessing hulu.com from new(ish) US range Would someone from hulu.com please contact me offlist? Alternatively, if anyone has contact details for a vaguely clueful person there, that would be appreciated. We had a new range allocated to us by ARIN around 6 months ago for our US business, and hulu are claiming it's non-us. Our guess is that it's a canned response by first-line support. Also, does anyone happen to know which geolocation databases hulu use? Thanks, Chris
RE: Important New Requirement for IPv4 Requests
There's a big difference between signing that the books are right (it matters!) and filling out paperwork for ARIN. The first is one of his primary duties as an officer of the company, the second won't even make his secretary's to do list. It appears that ARIN wants to raise the IP addressing space issue to the CxO level -- if it was interested in honesty, ARIN would have required a notarized statement by the person submitting the request. If ARIN really wants to get the interest of CEOs, raise the price! Frank -Original Message- From: Jo Rhett [mailto:jrh...@netconsonance.com] Sent: Monday, April 20, 2009 11:25 PM To: nanog@nanog.org Subject: Re: Important New Requirement for IPv4 Requests On Apr 20, 2009, at 4:39 PM, Joe Greco wrote: So the officer, most likely not being a technical person, is going to contact ... probably the same people who made the request, ask them if they need the space. Right? And why would the answer be any different, now? This is exactly identical to having the CEO signed the quarterly statements. You are saying this is Right. The CEO couldn't do that accounting him/herself -- but they're going to ask more questions and be more cautious before putting their name on it. I applaud this idea. I wish we had done it 10 years ago, but it's not too late to start. Before late than never. -- Jo Rhett Net Consonance : consonant endings by net philanthropy, open source and other randomness
RE: Gigabit speed test anybody?
I believe there is an ITU standard for testing that could be looked at, but if you went with the same test gear that SPs use to test their circuits, I think you would be safe. Hence my mention of JDSU, but I could also add Agilent (more engineering focused), Anritsu, EXFO, Fluke (more enterprise focused), and SR Telecom. Frank -Original Message- From: Steve Bertrand [mailto:st...@ibctech.ca] Sent: Wednesday, March 25, 2009 11:51 PM To: Frank Bulk Cc: 'Robert M. Enger'; er...@easystreet.com; nanog@nanog.org Subject: Re: Gigabit speed test anybody? Frank Bulk wrote: If you're turning up a 10 GigE circuit, as a customer I would be asking for that circuit to be tested with some modern tools such as the JDSU T-BERD. For the price you're probably paying, it's probably not unreasonable to have it as part of the turn-up fee. What is it then that one would classify as an 'industry standard' test for turning up 100Mb-1Gb connections over optical? Is there an industry approved standard application in which the results can be backed up by the big SP's? Something that can be passed to the client that explains that even though your VPN gateway is doing 20Mbps, we can get 856Mbps over the connection without it. (My chosen setup is two FBSD boxes that boot/run from removable media into 2-4GB of RAM using Iperf and/or the 'netrate' tools). Steve ps. I've toyed with small deployments of MPLS VPNs and SP owned CE with encrypted tunnels, but the hardware to do such at any scale is out of reach for us at this point. The theory in practise is fantastic though ;)
RE: Shady areas of TCP window autotuning?
It was my understanding that (most) cable modems are L2 devices -- how it is that they have a buffer, other than what the network processor needs to switch it? Frank -Original Message- From: Leo Bicknell [mailto:bickn...@ufp.org] Sent: Monday, March 16, 2009 9:10 AM To: nanog@nanog.org Subject: Re: Shady areas of TCP window autotuning? snip What appears to happen is vendors don't auto-size queues. Something like a cable or DSL modem may be designed for a maximum speed of 10Mbps, and the vendor sizes the queue appropriately. The service provider then deploys the device at 2.5Mbps, which means roughly (as it can be more complex) the queue should be 1/4th the size. However the software doesn't auto-size the buffer to the link speed, and the operator doesn't adjust the buffer size in their config. snip My wish is for the vendors to step up. I would love to be able to configure my router/cable modem/dsl box with queue-size 50ms and have it compute, for the current link speed, 50ms of buffer. Sure, I can do that by hand and turn it into queue 20 packets, but that is very manual and must be done for every different link speed (at least, at slower speeds). Operators don't adjust because it is too much work. snip -- Leo Bicknell - bickn...@ufp.org - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/
RE: World famous cabling disasters?
I generally find datacom closets looking a lot worse than telecom closets. Frank -Original Message- From: Jamie Bowden [mailto:ja...@photon.com] Sent: Wednesday, February 11, 2009 8:27 AM To: Steve Church; NANOG list Subject: RE: World famous cabling disasters? The main telephone room in every commercial tower I've ever had the displeasure of spending any time in was a disaster. I love how the circuits all use the same color wiring between the 100 pair 66 blocks that were so covered in crud that just touching them would turn your fingers black. The closet(s) next to the elevator shafts on any given floor were more of the same on a smaller scale. It's not any particular RBOC, I've seen this same crap in Nynex, Bell Atlantic, GTE, Bell South, and Pac Bell territory. I have no doubt that Southwest Bell, Ameritech and US West sucked just as badly. You don't have to look far or go to exotic places to find this kind of thing. Telco 'techs' are their own special breed of people who will be up against the wall come the day. J -Original Message- From: Steve Church [mailto:na...@headcandy.org] Sent: Wednesday, February 11, 2009 9:08 AM To: NANOG list Subject: Re: World famous cabling disasters? http://images.google.com/images?hl=ensafe=onq=india+wiringbtnG=Search +Images There are several results for overhead outdoor wiring that just completely boggle the mind and inspire awe. Those pictures are my inspiration whenever I pull cable. Steve On Wed, Feb 11, 2009 at 5:18 AM, Bailey Stephen stephen.bai...@uk.fujitsu.com wrote: That's quality engineering Great pic Stephen Bailey - Senior Lead Systems Engineer Network Operations - ISP DSL FUJITSU + Infinity House, Mallard Way, Crewe Business Park, Crewe, Cheshire, CW1 6ZQ ( Tel: +44 (0) 870 325 3457 or Internally: 7225 3457 ( Fax: +44 (0) 870 325 3622 or Internally: 7225 3622 : E-mail: stephen.bai...@uk.fujitsu.com Web: http://services.fujitsu.com/ Fujitsu Services Limited, Registered in England no 96056, Registered Office 22 Baker Street, London, W1U 3BW This e-mail is only for the use of its intended recipient. Its contents are subject to a duty of confidence and may be privileged. Fujitsu Services does not guarantee that this e-mail has not been intercepted and amended or that it is virus-free. -Original Message- From: Patrick W. Gilmore [mailto:patr...@ianai.net] Sent: 11 February 2009 03:30 To: NANOG list Subject: Re: World famous cabling disasters? On Feb 10, 2009, at 10:16 PM, joe mcguckin wrote: I'm looking for a couple of pictures of the worst cabling infrastructure ever seem. One Wilshire meet me room comes to mind. Anyone got any links to their photo albums, etc? I've always considered this the worst: http://englishrussia.com/images/home_networks/4.jpg Google shows lots of pictures, such as http://englishrussia.com/? p=1836. -- TTFN, patrick
RE: v6 DSL / Cable modems [was: Private use of non-RFC1918 IP space
Comtrend DSL modem use iptables in their code. I discovered this while trying to understood why small-MTU FTP breaks when issuing the PORT command. Frank -Original Message- From: Ricky Beam [mailto:jfb...@gmail.com] Sent: Monday, February 09, 2009 4:01 PM To: Owen DeLong Cc: nanog@nanog.org Subject: Re: v6 DSL / Cable modems [was: Private use of non-RFC1918 IP space snip DSL and cable modems are extremely simple devices. I'm amazed they have any amount of router in them at all. And I've yet to see one running Linux. (the 2 popular brands around here -- westell and motorola -- run vxworks.) --Ricky
Looking for verification that Google and Akamai have the geo-ip for 96.31.0.0/20 set correctly
We were assigned a new block from ARIN two weeks ago and are getting several reports from end users that the Spanish and German versions of Google's search page are coming up. IP2Location and Maxmind are mostly correct, but there appears to be no way for me to verify that Google and Akamai have 96.31.0.0/20 listed correctly. Perhaps someone can point me in the right direction so I can make an authoritative check. Thanks, Frank
RE: What to do when your ISP off-shores tech support
I don't think there would be a concern about off-shore support if we couldn't tell it was off-shore. That term has all derogatory bias of describing of persons with foreign accents who are difficult to understand and provide support for consumer-oriented products but have the most rudimentary knowledge of the product and how to support/fix it. I had a most positive experience on a weekend a few months ago when I received support from Microsoft technician who was working on the other side of the world, and although was difficult to understand (I had to ask him to repeat himself two or three times on many occasions), knew the product and helped me out of a tight spot. I've had similar positive experiences working with Motorola personnel out of Australia, and Cisco personnel out of Belgium, the Middle East, and Australia. Frank -Original Message- From: Martin Hannigan [mailto:mar...@theicelandguy.com] Sent: Thursday, December 25, 2008 3:55 PM To: Jay Hennigan Cc: nanog@nanog.org Subject: Re: What to do when your ISP off-shores tech support On Wed, Dec 24, 2008 at 12:43 PM, Jay Hennigan j...@west.net wrote: Matthew Black wrote: I've had difficulties reaching anyone with a brain at my DSL provider Verizon California. Switch to a local ISP with local tech support. Hi Jay: Is there really anything wrong with sending first-level technical support offshore? Macs are macs, Windows is windows and mail is mail whether you're in Mumbai or Memphis. As long as the language skills are good and the people are well trained, it should be mostly irrelevant, IMHO. Happy Holidays, -M