Re: remote serial console (IP to Serial)
On 08/03/2016 17:34, Josh Luthman wrote: > Mikrotik does rfc2217 and this is their cheapest board today: > http://routerboard.com/RB911-2Hn Are you perhaps thinking of the http://routerboard.com/RB411 ? I don't think the model you linked has a serial port. We've deployed them successfully in a couple of places as a serial console. For a few extra bucks you can get a http://routerboard.com/RB450 which you can also use to connect up a few ethernet management ports, handle some dynamic routing/failover or even build a full OOB network. -- Graham Beneke
Re: Route leak in Bangladesh
On 30/06/2015 17:09, Job Snijders wrote: If you were the network causing a leak of this type, prefix filters on inbound facing your customers might not have prevented this. If you are a network providing transit to the leak originator mentioned in the above paragraph, I believe a prefix based filter could have made a big difference. We seem to be assuming that this leak occurred within the context of a customer-provider BGP relationship. But what if this is not the case? What if this was a peering session - perhaps via a route server at an exchange point. max-pref on a session with a route server is an extremely blunt (and potentially ineffective) tool for the job. In some regions the use to route servers and the lack of clue about anything BGP beyond one session to the route server (and one session to transit) is scary. We place our faith in the IXP operator, that they know best, while there may be no evidence that they do... ;-) -- Graham Beneke
Re: OSPF Costs Formula that include delay.
The auto-cost capability in some vendors devices seems to have left many people ignoring the link metrics within their IGP. From what I recall in the standards - bandwidth is one possible link metric but certainly not the only one. Network designers are free (and I would encourage to) pick whatever metric is relevant to them. On 24/01/2014 22:26, Erik Sundberg wrote: I am looking for a formula that other people are using .p I've started to use a combination of 3 metrics to determine my costing: * The traditional auto-cost calculation based on a 100Gbps reference which gives far more useful values than the old 100Mbps reference. * An average or nominal link latency multiplied by a factor of 200. Sometimes adjusted if I want two geographically diverse paths between the same endpoints to have equivalent costs. * Path length in km multiplied by 2. This accounts for situations when the nominal latency is too small to accurately determine and assumes 1 ms per 100 km. I then pick the largest of the above 3 metrics as my OSPF cost. -- Graham Beneke
Re: IPv6 Netowrk Device Numbering BP
On 03/11/2012 07:44, Randy wrote: Veering off this topic's course, Is there any issue with addresses like this ? 2001:470:1f00:1aa:abad:babe:8:beef I have a bunch of these type 'addresses' configured for my various machines. I make it a point to come up with some sort of 'hex' speak address, what are peoples opinions on this? Why bother? DNS supports all 26 characters ;-) Its cute... but it tends to only be useful in fairly small deployments. You quickly run out of nice combinations. I prefer to choose addresses that allow for the most consecutive zeros. Many UIs I've used display IPv6 address strings in very un-useful ways as they approach the allowable length of 39 characters. Many require you to resize your viewing window/column/etc to see the full address and some simply truncate the string and refuse to show you the host ID portion. -- Graham Beneke
Re: Testing 1gbps bandwidth
On 14/08/2012 22:22, Fred Baker (fred) wrote: Let me put hands and feet on what Valdis points out. With a gigabit interface, you are able to carry about 83,333 1500 byte packets per second. If you're trying to download a file from, say, an Akamai server, TCP will allow you to move one window per round trip. If you are using standard window scaling (e.g., your window is in the neighborhood of 65,000 bytes), you can achieve 1 GBPS only if your round trip time is in the neighborhood of half a millisecond. Outside of a data center, such an RTT is Really Unusual. The obvious alternative is to use a larger window scaling value: if your RTT is 20 ms, scale up by at least 40 times, which is to say a shift of 6 bits for a multiplier of 64. Even with that, TCP's normal way of operating will prevent it from using the entire gigabit until quite a way into the session. You'll need a Really Long File. I come up against TCP window challenges rather often due to the fact that RTTs between eyeball and content are still between 200ms and 1000ms for large portions of what eyeballs in Africa would like to consume. I was trying to quantify these limitations the other day and my Google-fu was lacking. Can anyone point me at some resources showing default TCP windows for the various OSes/platforms, which of them do auto scaling and what the upper bounds are for scaled windows. -- Graham Beneke
Re: Hearing Syria internet cut
On 21/07/2012 00:08, James Smith wrote: I'm curious to know what method people use to monitor the changes in the BGP system? Any recommendations? http://bgpmon.net/ -Original Message- From: Andree Toonk andree+na...@toonk.nl Date: Fri, 20 Jul 2012 06:21:21 To: gbon...@seven.com Cc: nanog@nanog.org Subject: Re: Hearing Syria internet cut .-- My secret spy satellite informs me that at 12-07-19 10:00 PM George Bonser wrote: Can anyone confirm? Yes confirmed, about 90% of the Syrian prefixes disappeared from the BGP tables between 13:32 and 14:13 (UTC) earlier today (2012-07-19). -- Graham Beneke
Re: Any advantage of announcing IPv6/64s Or purely misconfiguration?
On 09/07/2012 08:17, Anurag Bhatia wrote: I was just looking around and say a major Indian provider Sify (AS9583) is announcing /64s via BGP along with main /32 which is their allocation from APNIC. inet6num: 2001:0E48::/32 netname:SILNET I see Tata Comm (Sify's upstream) is accepting /64s while Tinet (one of other upstream) is dropping and taking only /32. Other major backbones like HE, Level3 dropping but Telia still accepting. Pretty much mixed result. Is it simply a misconfiguration or there is some use of announcing /64s along with main /32? I would hope its accidental. Most people I've spoken to won't even consider accepting longer prefixes than /48 and will typically also refuse to accept any prefixes where there are aggregate announces covering them. We're going to end up with a very nasty routing table if people start pumping all their /64s into it. -- Graham Beneke
Re: Collecting flows at an IXP
On 26/06/2012 07:45, Graham Beneke wrote: Which FOSS flow collectors do an decent/adequate job at crunching about 10Gbps worth of flows and presenting it in a useful way? Just to clarify - there are 3 switch fabrics involved here. One from vendor C, one from vendor J and a third new fabric from an unchosen vendor. So ideally something that can accept the flows from various vendors. I'm also hoping for some insight on flows support and caveats with the various vendors and platforms since the this third vendor still must be chosen and it would be handy to quantify the flows support of the proposed platform. -- Graham Beneke
Collecting flows at an IXP
Hi All I'm busy doing some digging to find a solution for collecting layer-2 flows data on a medium sized IXP. All we have at the moment is some MRTG graphs and we're trying to get a better view into IPv4 vs IPv6, src and dst MACs, packet sizes and also perhaps port protocol trends. I found Richard A. Steenbergen's NANOG 39 presentation and not much since then. Is it still correct that Cisco does not support sFlow? Are you able to get the same kind of useful data using Netflow v9? Which FOSS flow collectors do an decent/adequate job at crunching about 10Gbps worth of flows and presenting it in a useful way? Thanks -- Graham Beneke
Re: facebook ipv6 is down?
On 11/04/2012 09:16, Frank Bulk wrote: It's been down three times today, first from 2:58 pm to 5:58 pm Central, and then again from 7:59 pm to 9:58 pm, and then again from 10:59 pm till now. Interesting that the up and downs have been one to two minutes before the hour. I've been seeing the same thing - up and down for the last 3 days. The site has been unreachable approximately 50% of the time according to my monitoring system. The other interesting thing is that the failures did not occur at the same time for all regions. Two of my monitoring nodes are seeing completely different patterns of outages. -- Graham Beneke
Re: Concern about gTLD servers in India
On 10/03/2012 14:54, Dobbins, Roland wrote: On Mar 10, 2012, at 7:02 PM, Robert E. Seastrom wrote: there are four gtlds Aren't there actually seven? According to ICANN[1] there are roughly two dozen gTLDs [1] http://newgtlds.icann.org/en/about -- Graham Beneke
Re: Concern about gTLD servers in India
On 10/03/2012 08:19, Anurag Bhatia wrote: Next, looking gTLD servers used by popular TLDs like com/net/org: snip None of these gTLD root servers are in India. I have tested routes to each of them from BSNL (AS9829), Tata Comm (AS4755 AS6453), Airtel (AS9498) - all land up outside India - most of them in Europe and US, and couple of them in Singapore, and one in Australia. Why so? Please correct me if I am wrong on this analysis but this seems not efficient setup to me. Any damage on outside connectivity (which is common with Earthquakes or ships hitting submarine fiber, and eventually opposite route getting chocked with traffic) - can cause huge issues on sites which are hosted within India. This problem is unfortunately not unique to India. There appear to be no anycast instances of the gTLD servers in Africa either. I am 180-500ms away from the gTLD servers right now. Also, looking at reverse DNS root servers: anurag@laptop:~$ dig in-addr.arpa. ns +short a.in-addr-servers.arpa. b.in-addr-servers.arpa. c.in-addr-servers.arpa. d.in-addr-servers.arpa. e.in-addr-servers.arpa. f.in-addr-servers.arpa. These servers are operated by the RIRs. Its probably worth contacting APNIC to find out how to get an anycast instance installed at you local internet exchange point. -- Graham Beneke
Re: Concern about gTLD servers in India
On 10/03/2012 09:12, Randy Bush wrote: This problem is unfortunately not unique to India. There appear to be no anycast instances of the gTLD servers in Africa either. really!? Yes. I was also a little surprised. I'm sure that I read somewhere that at least one of the gTLD anycast prefixes was available at JINX (although I've never actually confirmed that). I've gone through every permutation of mtr [-4|-6] [a-m].gtld-servers.net. again just to be sure. I'm reaching nothing on this continent. -- Graham Beneke
Re: BBC reports Kenya fiber break
On 27/02/2012 18:11, Marshall Eubanks wrote: Is anyone seeing this ? http://www.bbc.co.uk/news/world-africa-17179544 Along with: http://mybroadband.co.za/news/telecoms/44263-triple-whammy-hits-eassy.html The east is struggling with outages. -- Graham Beneke
Re: Customer Notification System.
On 22/02/2012 01:00, David wrote: PHPList? We've been using PHPlist for a while but have also been searching for something that can do a 'network noticeboard' type of thing. Haven't really come up with anything useful yet. -- Graham Beneke
Re: Speed Test Results
On 23/12/2011 21:26, Michael Holstein wrote: They are excellent tools for generating user complaints. I find that they are useful for filtering out some of the completely bogus complaints. We encourage customers to include some test results when they contact our NOC to avoid being ignored when they send an its slow complaint. That said - people get fixated on the numbers. 80% of the purchased speed on non-CIR services is cause for a complaint. Our biggest issue is people doing tests to destinations 300+ ms away that only last for a few seconds and then complaining about poor performance. As soon as you mention things like bandwidth delay product the eyes glaze over. Heavy use of lossy WISP access network providers doesn't help. -- Graham Beneke
Re: Outgoing SMTP Servers
On 25/10/2011 23:03, Mike Jones wrote: On 25 October 2011 20:52, Alex Harrowell a.harrow...@gmail.com wrote: Ricky Beam jfb...@gmail.com wrote: Works perfectly even in networks where a VPN doesn't and the idiot hotel intercepts port 25 (not blocks, redirects to *their* server.) --Ricky Why do they do that? If the hotel simply blocks port 25 then my email is broken, if they allow it then my email is broken (as my ISP doesn't let the hotel relay through their mail servers), however if the hotel redirects 25 to their own open relays then in theory my email should work fine. This only works if the MUA is configured to send to an un-AUTH'd relay normally. It normally fails spectacularly when the MUA tries to present AUTH that the relay doesn't understand or accept. I know of at least one large consumer ISP that does this across their network. Their argument was that it caused less of a support overhead when they implemented since no one had to change any settings (in theory). The reality is that the support overhead just transfers to the hosting/mail provider. I send mail via your server and you are rejecting it. And then the hosting provider gets to explain how the IAP is in fact mangling their customers mail. Spam from mis-configured and compromised hosts is a big issue and on an access network. Even worse with dynamically allocated IPs. Users dial up and inherit blacklistings from previous customers and often entire prefixes will be listed by the RBL if the snoeshow effect is big enough. I dislike the idea of blocking port 25 (though it has been effective in dealing with major outbreaks.) We ended up building an new product that works as an appliance. All port 25 is piped through and the packets are passed on un-touched. Spamminess is scored and with some clever integration with RADIUS, the score is applied to a username. If the threshold is exceeded then the user is dynamically blocked or directed to a honeypot (depending on the requirements). And if the user redials then the block follows them. After deploying that our abuse desk went quiet ;-) -- Graham Beneke
Re: Outgoing SMTP Servers
On 26/10/2011 04:35, Blake Hudson wrote: An infected machine can just as easily send out mail on port 587 as it can using port 25. It's not hard for bot net hearders to come up with a list of valid credentials stolen from email clients, via key loggers, or simply guessed through probability. I see it every day. The difference is that it is the relay that accepts the spam on 587 that ends up on the blacklists. A mail server with a sysadmin that might care and probably sees business impact in not fixing the problem. As apposed to an end user that doesn't give a hoot. Compromised mail authentication details are quick and easy to take down. A server mis-configured as an open relay on 587 is a one time fix. End users infected with nasties are a support desk blackhole. Hours of time explaining to moms and pops how to download anti-virus and install it and configure it and run it... -- Graham Beneke
Re: [routing-wg] The Cidr Report
On 15/10/2011 21:25, Geoff Huston wrote: Does anyone give a s**t about this any more? I do. While most of the content of the actual mail has very little relevance to me, it does provide useful leverage and motivation to fix some of the networks where I do have influence. From what I learned at the latest NANOG it's very clear that nobody reads this any more. I often don't have the time to read every report in detail and much of it applies to networks outside of my circles. Every few weeks it does however prompt me to go and review my own network (and sometimes wave a stick at few ops people) Is there any good reason to persist in spamming the nanog list with this report? I definitely think its still useful for the community. Perhaps the frequency could be dialed back a little? I'm sure that there are many people who don't really notice it any more due to their mental white noise filters. Perhaps some slightly different presentations of the data would also make it more useful. I am quite interested in the number of prefixes of various lengths that are seen in the table and that doesn't get included in the mailed report. Perhaps a biggest climbers fallers list would also have more relevance for the regular report. The Top 30 list doesn't seem to change very often... ;-) -- Graham Beneke
Re: IPv6 day fun is beginning!
On 08/06/2011 22:58, Daniel Roesen wrote: On Wed, Jun 08, 2011 at 03:48:52PM -0400, Joly MacFie wrote: What seems evident, looking at http://asert.arbornetworks.com/2011/06/monitoring-world-ipv6-day/ is that a lot of folks switched it on - and then switched it off again pretty damn quick! I'd attribute that spike to people actively testing around for all those participants actually working. I agree. It appears to be mainly the 'native' traffic that spiked - native typically isn't the mom 'n pops at home. I know that when I woke up and found that my Youtube content was coming over v6, I used the opportunity to load test my infrastructure. ;-) -- Graham Beneke
How is IPv6 deployment going in the APNIC region?
Only 0.3 of a /8 left[1] before the rationing policy kicks in. I hope everyone is ready :-) [1] http://www.apnic.net/community/ipv4-exhaustion/graphical-information -- Graham Beneke
Re: Ipv6 for the content provider
On 26/01/2011 20:22, Charles N Wyble wrote: For the most part, I'm a data center/application administrator/content provider kind of guy. As such, I want to provide all my web content over ipv6, and support ipv6 SMTP. What are folks doing in this regard? Do I just need to assign ip addresses to my servers, add records to my DNS server and that's it? I'm running PowerDNS for DNS, Apache for WWW. Postfix for SMTP. I haven't worked with Postfix recently but Exim on a default config will start talking IPv6 as soon as it has connectivity. Just be careful of this since you need to make sure that all your rDNS, SPF, etc ducks are in a row before you give it IPv6 since it can start delivering mail via IPv6 with very little encouragement. With Apache I've had some funnies with how it binds (or fails) to IPv4 and IPv6 sockets at startup. Once you're over that hurdle I've found that the majority of open source web apps either support IPv6 or are designed correctly to not be impacted by other layers in the network stack. Its important to keep a close eye on logs and also don't roll out to all your servers in one go. The gradual migration to dual stack has been fairly painless for me. -- Graham Beneke
Re: Start accepting longer prefixes as IPv4 depletes?
On 08/12/2010 20:30, Iljitsch van Beijnum wrote: Why not move away from that /24 requirement and start allowing /28s or a prefix length like that in the global routing table? This will allow content people to stay on IPv4 longer with fewer compromises, so we don't have to start thinking about NAT46 solutions in the near future. (NAT46 is really best avoided.) This was discussed at length during the policy discussions at the recent AfriNIC conference. The soft landing policy was passed with a provision to allocate blocks as small /27. Warning labels were pasted all over this but were ultimately overlooked in favour of getting the policy adopted ASAP. 1. Growth of the routing table. My answer to this is: although a smaller table would be good, we've been living with 16% or so growth for a decade before the IPv4 crunch, if going to /28 instead of /24 allows this growth to continue some more years there is no additional harm. And there is no evidence that /28s will create more growth than unconstrained /24s like we had before the IPv4 crunch. For one think the /24 limit places a barrier to entry on de-aggregation. I don't think that there will be a shortage of prefixes post exhaustion. /24s will be easy to carve out of larger allocations for trading/redistribution. On the operational side I have come across people who carry partial tables on their networks to avoid spending money on upgrades. One way that they seem to be pruning their tables is to drop long prefixes (just dropping /24 makes a big difference) I suspect that this will happen more as people focus their effort and CPU cycles on making IPv6 work. 2. People who think it's neat to deaggregate their /16 into 256 /24 will now go for 4096 /28s. To avoid this, the new /28s should come from separate ranges to be identified by the RIRs. So /28 would only be allowed for this new space that is given out as /28, not for anything that already exists and was thus given out as much bigger blocks. Its too late to really be thinking along the lines this kind of structured address allocation IMO. If we ever were to get to /28 allocations they would most likely be from many recovered fragments of address space. I'm hoping to get some modest support here before jumping into the RIR policy shark tanks. I suspect that the operational community would not stand behind this :-) -- Graham Beneke
Re: IPv6 fc00::/7 — Unique local addres ses
On 21/10/2010 02:41, Owen DeLong wrote: On Oct 20, 2010, at 5:21 PM, Jeroen van Aart wrote: Someone advised me to use GUA instead of ULA. But since for my purposes this is used for an IPv6 LAN would ULA not be the better choice? IMHO, no. There's no disadvantage to using GUA and I personally don't think ULA really serves a purpose. If you want to later connect this LAN to the internet or something that connects to something that connects to something that connects to the internet or whatever, GUA provides the following advantages: + Guaranteed uniqueness (not just statistically probable uniqueness) + You can route it if you later desire to Since ULA offers no real advantages, I don't really see the point. Someone insisted to me yesterday the RFC1918-like address space was the only way to provide a 'friendly' place for people to start their journey in playing with IPv6. I think that the idea of real routable IPs on a lab network daunts many people. I've been down the road with ULA a few years back and I have to agree with Owen - rather just do it on GUA. I was adding IPv6 to a fairly large experimental network and started using ULA. The local NREN then invited me to peer with them but I couldn't announce my ULA to them. They are running a 'public Internet' network and have a backbone that will just filter them. I think that the biggest thing that trips people up is that they think that they'll just fix-it-with-NAT to get onto the GUA Internet. Getting your own GUA from an RIR isn't tough - rather just do it. -- Graham Beneke
Re: Scam telemarketers spoofing our NOC phone number for callerid
On 06/10/2010 17:15, William Herrin wrote: I had my unpublished asterisk box up for all of two days before getting half a megabit per second worth of false SIP registration attempts. The script kiddies and botnets seem to by trying hard. I started announcing a brand new RIR allocation about 4 days ago and decided to tcpdump the background noise on the prefix before it gets used in production. About 80% of the traffic is systematic scanning on port 5060 across the entire prefix. -- Graham Beneke
Re: Comcast enables 6to4 relays
On 30/08/2010 23:47, Franck Martin wrote: found it: http://www.bgpmon.net/6to4.php?week=4 Not what I call a big list, considering... The list seems to be showing relays that announce both the IPv4 and the IPv6 anycast prefixes. I have noticed a number of deployments that announce the (in)famous IPv4 prefix and then consider their deployment complete. I suspect that there is a lack of 2002::/16 announcements and this would be contributing to the regular problems with return paths. Obviously the IPv6 content networks benefit the most from having a relay translating back to IPv4. Anyone have experience with this? -- Graham Beneke
Re: Looking for suggestions for an internet content filteringappliance
On 23/08/2010 22:14, valdis.kletni...@vt.edu wrote: Does anybody have any real-world stats on what size local Squid/whatever cache they're using and what % of bandwidth savings they're seeing? (Bonus points if you've identified specific things it helps, like Patch Tuesday or whatever). I have seen 30-50% savings on some networks when patch Tuesday hits. Its not achievable on a vanilla squid though and needs some code magic. With general traffic the savings tend to be around the 10-20% mark. Unforunately much of the stuff you really want to cache like your YouTube vids is intentionally filled with cookies that make it un-cachable. This is done intentionally for copyright compliance and various other things. -- Graham Beneke
Re: Numbering nameservers and resolvers
On 16/08/2010 08:49, Mike wrote: I am needing to renumber some core infrastructure - namely, my nameservers and my resolvers - and I was wondering if the collective wisdom still says heck yes keep this stuff all on seperate subnets away from eachother? Anyone got advice either way? Should I try to give sequential numbers to my resolvers for the benefit of consultants ... like .11, .22 and .33 for my server ips? We have 4 authoritative nameservers with a management backend to make sure that their records are in sync. The servers are located on 3 separate continents, originated on 4 different ASNs, numbered from 4 different /8's and not sharing any common data centre or power infrastructure. The software platform is still a single point of failure and some people have recommended a mix of software vendors for additional redundancy. With resolvers the approach is a bit different: You want an easy to remember address and also an address that will not be subject to renumbering in the future. Even though they shouldn't we see many users statically configuring their DNS resolvers. A dedicated prefix for each resolver would be my first choice. You can then move that prefix to different hardware if necessary even if the routing to the hardware changes. A dedicated prefix also allows you to anycast the service if required. Since this is only internal routing it doesn't need to be a full /24. I have also found it helpful to have the upstream queries originating from IPs in separate prefixes and this is quite easy to move around transparently to users or even in an emergency. On IPv6 I have reserved 4 x /48s for DNS resolvers. The prefixes were chosen to be short and easy to remember and they are routed to existing resolvers. The :1 of each prefix is added to the loopback on the resolver. -- Graham Beneke
Re: Google wants your Internet to be faster
On 09/08/2010 07:21, Mikael Abrahamsson wrote: I helped install my first Akamai cluster before year 2000 if I remember correctly. So it's at least a decade ago :P What I find funny is that Google has already been running these kinds of content distribution nodes in Africa for over a year. It makes a significant difference to the user experience when you reduced the RTT to the content servers by 200-400ms -- Graham Beneke
Re: Proxy Server
On 06/08/2010 22:15, Nathan Eisenberg wrote: The only thing it doesn't have is IPv6 support (yet). :( I was a huge fan of pfSense and I really enjoyed the interface, packaging and integration. The lack of IPv6 caused the end of that relationship. -- Graham Beneke
Re: Stand alone voltage/etc monitoring?
On 2010/05/15 02:57 AM, Michael J McCafferty wrote: Is there a quick/small/handy/better way to get power quality info? If so, what is it? I don't own the facility. The modern digital utility meters have extensive monitoring for power quality. We have been using meters from EDMI[1] that can report and record voltage, current, power factor, voltage and current waveforms, harmonics, demand profiles and many other things. The meters have serial interfaces and are fairly easy to connect up for remote access. [1] http://www.edmi-meters.com/ -- Graham Beneke gra...@apolix.co.za | Apolix Internet Services Tel : +27-87-550-1010 | http://www.apolix.co.za/ Cell: +27-82-432-1873 | PO Box 1120 Skype: grbeneke | Melville, 2109
Re: ipv6 transit over tunneled connection
On 2010/05/14 03:39 AM, Christopher Morrow wrote: 3) don't tunnel beyond your borders, really just don't We have managed to achieve that fairly well. We have colocated a single router in a provider in London with native IPv6 where we have our primary break out. We then tunnel over IPv4 between this router and our core. The tunneling protocol provides transparent L2 frame reassembly so we have MTU 1500 all the way to the edge of the network. -- Graham Beneke gra...@apolix.co.za | Apolix Internet Services Tel : +27-87-550-1010 | http://www.apolix.co.za/ Cell: +27-82-432-1873 | PO Box 1120 Skype: grbeneke | Melville, 2109
Re: Using private APNIC range in US
On 19/03/2010 06:04, Matt Shadbolt wrote: I once had a customer who for some reason had all their printers on public addresses they didn't own. Not advertising them outside, but internally whenever a user browsed to a external site that happened to be one of the addresses used, they would just receive a HP or Konica login page :) I have seen quite a number of organisations using /24s that they have pirated from various places. Worst culprits seem to be small access providers who change upstream providers and are too lazy to renumber their corporated network away from the IPs that have been reclaimed. They stick in a NAT and then ignore the problem for a few years. One particular company insisted that their pirate IP block be routable within the shiny new core network causing endless headaches making sure it doesn't leak into their BGP. Another ISP is even using oops-I-thought-that-was-RFC1918-addresses in the vicinity of 172.50.x.x and pirate space from 6.7.8.x for their point to point links. They didn't mind though. No idea if they've changed it since. On Fri, Mar 19, 2010 at 6:41 AM, Larry Sheldonlarryshel...@cox.net wrote: On 3/18/2010 14:30, William Allen Simpson wrote: On 3/18/10 2:35 PM, Jared Mauch wrote: Does anyone know if the University of Michigan or Cisco are going be updating their systems and documentation to no longer use 1.2.3.4 ? http://www.google.com/search?q=1.2.3.4+site%3Acisco.com I know that the University of Michigan utilize 1.2.3.4 for their captive portal login/logout pages as recently as monday when I was on the medical campus. Dunno about cisco. med.umich.edu seems to run their own stuff, separately from umich.edu, and quite badly. I've complained about their setup repeatedly over the past several years. No traction. Is it something about Medical Schools? When we were first putting together the campus network, Surgery was running a Token Ring (I thought Vampire Tap was a fitting item for their inventory) running in Class D space as I recall. Should we try again, jointly? ;-) Towards the end, there were people who insisted I must rout their net to the Internets. I declined. -- Democracy: Three wolves and a sheep voting on the dinner menu. (A republic, using parliamentary law, protects the minority.) Requiescas in pace o email Ex turpi causa non oritur actio Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs http://tinyurl.com/7tp8ml -- Graham Beneke
Re: ISP in Johannesburg in Southdafrika
On 26/02/2010 18:43, Randy Bush wrote: On 2010-02-26 00:41, Graham Beneke wrote: On 26/02/2010 04:08, Randy Bush wrote: Internet connectivity here in 'deepest darkest Africa' is actually quite advanced ;-) and the most expensive you can imagine. welcome to a telkom monopoly. The monopoly is over! how many carriers with international fiber? I can think of six operators lighting their own fiber to the borders and the landing stations of the various cable systems. Additional to that - I know of dozens of operators running their own international L2 circuits and lighting their own metro and national fiber. Its still early days and there much work still left to do before the effects of the past monopoly is fully overcome. Why is it so hard for you to believe that things are changing for the better? -- Graham Beneke
Re: ISP in Johannesburg in Southdafrika
On 26/02/2010 04:08, Randy Bush wrote: Internet connectivity here in 'deepest darkest Africa' is actually quite advanced ;-) and the most expensive you can imagine. welcome to a telkom monopoly. The monopoly is over! There are now over 300 licensed operators and the infrastructure build-out is busy happening right now. Most of the major metro areas have at least 4 carrier grade access networks fighting for your business and there are hundreds of small operators and connectivity providers that will sell you services at various SLAs. :-) -- Graham Beneke
