Re: Fastly Peering Contact

2023-12-06 Thread Justin Wilson (Lists) 
We have sent them some inquiries in markets we are with no reply.  Just figured 
they weren’t interested.




Justin Wilson
j...@mtin.net
jus...@fd-ix.com
Https://www.fdi-ix.com

> On Dec 5, 2023, at 4:14 PM, Peter Potvin via NANOG  wrote:
> 
> Looking for someone on the Fastly peering team to reach out regarding peering 
> on a couple mutual IXPs - sent an email to the peering contact as listed on 
> PeeringDB and never heard back, and also have a few colleagues who have 
> experienced the same issue.
> 
> Regards,
> Peter Potvin | Executive Director
> --
> Accuris Technologies Ltd.
>

Re: ipv6 address management - documentation

2023-11-20 Thread Justin Wilson (Lists) 
Netbox or PHPipam. Phpipam allows you to break down subnets easier IMHo.


Justin Wilson
j...@j2sw.com

—
https://j2sw.com (AS399332)
https://blog.j2sw.com - Podcast and Blog

> On Nov 16, 2023, at 1:09 PM, Jason Biel  wrote:
> 
> My recommendation:
> 
> https://github.com/netbox-community
> 
> 
> On Thu, Nov 16, 2023 at 12:04 PM Aaron Gould  > wrote:
>> For years I've used an MS Excel spreadsheet to manage my IPv4 
>> addresses.  IPv6 is going to be maddening to manage in a spreadsheet.  
>> What does everyone use for their IPv6 address prefix management and 
>> documentation?  Are there open source tools/apps for this?
>> 
>> -- 
>> -Aaron
>> 
> 
> 
> --
> Jason

Re: maximum ipv4 bgp prefix length of /24 ?

2023-10-03 Thread Justin Wilson (Lists) 
I think it is going to have to happen.  We have several folks on the IX and 
various consulting clients who only need 3-6 Ips but have to burn a full /24 to 
participate in BGP. I wrote a blog post awhile back on this topic 
https://blog.j2sw.com/data-center/unpopular-opinion-bgp-should-accept-smaller-than-a-24/




Justin Wilson
j...@mtin.net

—
https://j2sw.com (AS399332)
https://blog.j2sw.com - Podcast and Blog

> On Sep 30, 2023, at 1:48 PM, Randy Bush  wrote:
> 
>> About 60% of the table is /24 routes.
>> Just going to /25 will probably double the table size.
> 
> or maybe just add 60%, not 100%.  and it would take time.
> 
> agree it would be quite painful.  would rather not go there.  sad to
> say, i suspect some degree of lengthening is inevitable.  we have
> ourselves to blame; but blame does not move packets.
> 
> randy, who was in the danvers cabal for the /19 agreement
>

Re: Standard DC rack rail distance, front to back question

2023-04-27 Thread Justin Wilson (Lists) 
I have not seen a standard on cabinets.  I have gear in a wide variety of 
racks.  Some of are real shallow.  Some are deep.  I use these to generically 
solve the sagging issue.


https://www.amazon.com/dp/B00XXDJASY?ref=nb_sb_ss_w_as-reorder-t1_k1_1_11==EFCM0EZP8BMA==navpoint+ra
NavePoint Universal 1U Rack Mount 4-Post Shelf Rail for Dell Compaq IBM HP APC 
- 33.5 Inches deep
amazon.com





Justin Wilson
j...@mtin.net

—
https://j2sw.com (AS399332)
https://blog.j2sw.com - Podcast and Blog

> On Apr 27, 2023, at 9:51 AM, Chuck Church  wrote:
> 
> Hey all.  Question about standard 4 post racks.  We bought some that are 
> adjustable.  Unfortunately, the posts are very flimsy, as these are some 
> fancy cabinets with spacing on the sides for vertical patch panels, etc.  We 
> found that 2 post mounting of most Cisco devices (namely Cat 9500 1RU 
> switches) are sagging quite bad.   We’re used to the new server type rails 
> that extend to support most reasonable distances front rails to back for 4 
> post mounting.  However, for a Cisco ASA1001, there aren’t rails, but rather 
> front and back ‘ears’ you use to hit both front and back posts.  These would 
> appear to not have any adjustability, the front to back post distance would 
> seem to need to match the ears, I assume they don’t adjust placement on the 
> router much.  Is there a ‘standard’ distance between front and back rails 
> that devices usually adhere to?  Googling didn’t find an answer readily.  
> These are 19” wide cabinets by the way.  
>  
> Thanks,
>  
> Chuck

Lumen @ Nano. Need to meet

2023-02-14 Thread Justin Wilson (Lists) 
If there anyone at NANOG from Lumen? I need to meet on a client of a client 
matter. ‘'


Justin Wilson
j...@mtin.net

—
https://j2sw.com (AS399332)
https://blog.j2sw.com - Podcast and Blog

Smaller than a /24 for BGP?

2023-01-24 Thread Justin Wilson (Lists) 
Have there been talks about the best practices to accept things smaller than a 
/24? I qm seeing more and more scenarios where folks need to participate in BGP 
but they do not need a full /24 of space.  Seems wasteful.  I know this would 
bloat the routing table immensely.  I know of several folks who could split 
their /24 into /25s across a few regions and still have plenty of IP space.



Justin Wilson
j...@j2sw.com

—
https://blog.j2sw.com - Podcast and Blog
https://www.fd-ix.com

2 Byte ASNs??

2022-08-05 Thread Justin Wilson (Lists) 
Whats the availability of two byte asns look like? Anyone able to obtain one 
recently? I have a network that is all Mikrotik and the route targets are 
messing with them.  They can’t use communities with their 4 bytes asn.  It’s 
one of those it really isn’t a big deal but I thought I would ask.  




Justin Wilson
j...@mtin.net

—
https://j2sw.com (AS399332)
https://blog.j2sw.com - Podcast and Blog

AT& T peering Contact?

2022-04-07 Thread Justin Wilson (Lists) 
Folks, 
I need an ATT Wireless/ATT Mobility peering contact.  The emails on 
their peeringdb entries bounce back as non existent.  Have a problem with a 
prefix that works everywhere except when folks are on AT LTE.


Justin Wilson
j...@mtin.net

—
https://j2sw.com (AS399332)
https://blog.j2sw.com - Podcast and Blog

1950 Stemmons Meet me rooms?

2021-05-26 Thread Justin Wilson (Lists) 
Who knows about the meet me rooms at 1950 Stemmons in Dallas? I need to get 
from the cologix meet me room to someone inside Equinix.  Our Equnix rep has 
been less than helpful. I was told

"We really don’t have a building meet me room there anymore since we bought the 
building.  Also, I don’t think we have connectivity to Cologix but I will check 
on this.”

Can anyone shed some light on this? Anyone on list that has some dark fiber 
between Cologix and Equinix? Replies off list are fine so I am not cluttering 
up the list.



Justin Wilson
j...@mtin.net

—
https://j2sw.com - All things jsw (AS209109)
https://blog.j2sw.com - Podcast and Blog

Ip space Dilemma

2021-03-09 Thread Justin Wilson (Lists) 
Folks,
We have an IP block I have asked about help on a few times on here.  
This is a block we received from ARIN in June of 2020.  We have several state 
networks here in Indiana dropping this traffic at their firewalls. I have been 
working with them since we discovered this issue in September.  I am not 
getting anywhere with them and was finally told we were not a priority.

I am at the point I need to give the space back because it is unusable 
to the ISP customers. Does anyone have any creative ideas on how to fix this? 



Justin Wilson
j...@mtin.net

—
https://j2sw.com - All things jsw (AS209109)
https://blog.j2sw.com - Podcast and Blog

Re: Is there an established method for reporting/getting removed a company with 100% false peeringdb entries?

2021-03-05 Thread Justin Wilson (Lists) 
I see from peering db:  2020-07-01T14:22:01Z
According to the bg.he.net link
AS18894 has not been visible in the global routing table since November 28, 2020
The information displayed is from that time.


Are they causing you or someone issues Eric? Maybe they went out of business? 
Many businesses don’t worry about peering db entries. Looks like the website 
has been under constructions since 2020.

Sounds to me like they made a splash, and faltered.  


Justin Wilson
j...@mtin.net

—
https://j2sw.com - All things jsw (AS209109)
https://blog.j2sw.com - Podcast and Blog

> On Mar 4, 2021, at 7:14 PM, Eric Kuhnke  wrote:
> 
> First, take a look at this:
> 
> https://www.peeringdb.com/asn/18894
> 
> 
> Now look at these (or use your own BGP table analysis tools):
> 
> https://bgp.he.net/AS18894
> 
> https://stat.ripe.net/18894
> 
> The claimed prefixes announced, traffic levels and POPs appear to have no 
> correlation with reality in global v4/v6 BGP tables.
> 
> It is also noteworthy that I have inquired with a number of persons I know 
> who are active in network engineering in NYC, and nobody has ever encountered 
> this company.
> 
> 
> 
>

Re: Famous operational issues

2021-02-17 Thread Justin Wilson (Lists) 
I remember when the big carriers de-peered with Cogent in the early 2000s.  The 
underestimated the amount of web-sites being hosted by people using cogent 
exclusively. 


Justin Wilson
j...@j2sw.com

—
https://j2sw.com - All things jsw (AS209109)
https://blog.j2sw.com - Podcast and Blog

> On Feb 17, 2021, at 10:29 AM, Miles Fidelman  
> wrote:
> 
> John Kristoff wrote:
>> Friends,
>> 
>> I'd like to start a thread about the most famous and widespread Internet
>> operational issues, outages or implementation incompatibilities you
>> have seen.
>> 
> Well... pre-Internet, but the great Northeast fiber cut comes to mind 
> (backhoe vs. fiber, backhoe won).
> 
> Miles Fidelman
> 
> -- 
> In theory, there is no difference between theory and practice.
> In practice, there is.   Yogi Berra
> 
> Theory is when you know everything but nothing works. 
> Practice is when everything works but no one knows why. 
> In our lab, theory and practice are combined: 
> nothing works and no one knows why.  ... unknown

Re: Problems with newish IP block assignment issues from ARIN

2021-02-08 Thread Justin Wilson (Lists) 
I enabled 134.195.47.1 on one of our routers.

Justin Wilson
j...@mtin.net

—
https://j2sw.com - All things jsw (AS209109)
https://blog.j2sw.com - Podcast and Blog

> On Feb 8, 2021, at 3:46 PM, Job Snijders via NANOG  wrote:
> 
> Dear Justin,
> 
> On Mon, Feb 08, 2021 at 03:14:47PM -0500, Justin Wilson (Lists) wrote:
>> It acts like the IP block was blacklisted at some point and got on
>> some bad lists but I don’t want ti limit myself to that theory.
>> I have opened up a ticket with ARIN asking for any guidance. Has
>> anyone ran into this with new space assigned? Any tools, sites, etc. I
>> can use to do further troubleshooting.  
> 
> Here are some useful tools:
> 
>ping.pe
>example: http://ping.pe/www.openbsd.org
> 
>https://ring.nlnog.net/
>good introduction here: 
> https://labs.ripe.net/Members/martin_pels_3/10-years-of-nlnog-ring
> 
>https://atlas.ripe.net/
> 
>> The block in question is 134.195.44.0/22. 
> 
> Is there any specific IP address in the range that should always respond
> to ICMP Echo Requests? This will help others see if they can reach you
> or not.
> 
>> It has been RPKI certified and has IRR entries.
> 
> Indeed, nice :-) http://irrexplorer.nlnog.net/search/134.195.44.0/22
> 
> Kind regards,
> 
> Job
>

Problems with newish IP block assignment issues from ARIN

2021-02-08 Thread Justin Wilson (Lists) 
Folks,
Have a gremlin we have been chasing around for several months now and it’s 
becoming a major issue as we are getting tighter on IPV4 and needing to give 
some provider assigned space back.

In June we received a /22 from ARIN.  As is my workflow I started announcing it 
but waited a month while I checked out the geolocation databases for correct 
info, did testing ,etc. All this time our test accounts could browse web-sites, 
etc. 

We put one of the pools into production and things ran good for awhile.  Then 
we started getting the occasional web-site was not working.  After several of 
these we started assigning the customer an IP out of one of our other ARIN 
blocks and the web-site would be fine and reachable. The issue seems to reside 
just on this /22.  We have other blocks from ARIN and they are just fine.  We 
can assign an IP out of this new block and can’t reach certain web-sites.  We 
turn around and assign out of another block and web-site works just fine.

We have two upstreams and an IX on this network.  We have tried withdrawing the 
route on this particular /22 and isolating to one upstream alone and the 
problems still persist. 

Many of the web-sites in question are government (both state and local), online 
universities, and the occasional local news station.  They are diverse enough 
to not be traced down to a common point, except the IP block.  

We announce the IP block via BGP the same exact way we announce the other 
blocks. Traceroutes show the path going the same way no matter what IP block 
the customer has.

It acts like the IP block was blacklisted at some point and got on some bad 
lists but I don’t want ti limit myself to that theory.  I have opened up a 
ticket with ARIN asking for any guidance.  Has anyone ran into this with new 
space assigned? Any tools, sites, etc. I can use to do further troubleshooting. 
 The IP block does not appear to have any blacklisted IPs according to MX 
toolbox, and some others.

The block in question is 134.195.44.0/22.  It has been RPKI certified and has 
IRR entries.

Thanks in advance


Justin Wilson
j...@mtin.net

—
https://j2sw.com - All things jsw (AS209109)
https://blog.j2sw.com - Podcast and Blog

AWS contact?

2021-01-26 Thread Justin Wilson (Lists) 
What is the best avenue for contacting support for AWS? I have several 
ISPs experiencing reachability issues with AWS hosted sites.  These are from 
different backbones, different gear, etc.  The common denominator is AWS. 

Been googling around and can’t seem to find a contact.



Justin Wilson
j...@mtin.net

—
https://j2sw.com - All things jsw (AS209109)
https://blog.j2sw.com - Podcast and Blog

Sonicwall GEoIP Database

2020-12-22 Thread Justin Wilson (Lists) 
Does anyone know what GEoIP database sonic wall uses? Their tech 
support has been horrid.  We are not a customer but getting customers who are 
getting blocked by some sonic walls due to “unknot” country for GeoIP.  I have 
checked the ips against the database providers listed at: 
https://thebrotherswisp.com/index.php/geo-and-vpn/ 


All checkout okay so looking for what SOnicWall uses.



Justin Wilson
j...@mtin.net

—
https://j2sw.com - All things jsw (AS209109)
https://blog.j2sw.com - Podcast and Blog

Re: Gaming Consoles and IPv4

2020-09-28 Thread Justin Wilson (Lists) 
It is coming back to that, but you still have so much going on that you need 
the open ports.  I don’t gt why people fight IPV6 so much.  


Justin Wilson
j...@mtin.net

—
https://j2sw.com - All things jsw (AS209109)
https://blog.j2sw.com - Podcast and Blog

> On Sep 28, 2020, at 8:34 AM, Mike Hammett  wrote:
> 
> Why stray away from how PC games were 20 years ago where there was a 
> dedicated server and clients just spoke to servers?
> 
> 
> 
> -
> Mike Hammett
> Intelligent Computing Solutions <http://www.ics-il.com/>
>  <https://www.facebook.com/ICSIL> 
> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> 
> <https://www.linkedin.com/company/intelligent-computing-solutions> 
> <https://twitter.com/ICSIL>
> Midwest Internet Exchange <http://www.midwest-ix.com/>
>  <https://www.facebook.com/mdwestix> 
> <https://www.linkedin.com/company/midwest-internet-exchange> 
> <https://twitter.com/mdwestix>
> The Brothers WISP <http://www.thebrotherswisp.com/>
>  <https://www.facebook.com/thebrotherswisp> 
> <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg>
> From: "Justin Wilson (Lists)" mailto:li...@mtin.net>>
> To: "North American Network Operators' Group"  <mailto:nanog@nanog.org>>
> Sent: Monday, September 28, 2020 7:22:28 AM
> Subject: Re: Gaming Consoles and IPv4
> 
> There are many things going on with gaming that makes natted IPv4 an issue 
> when it comes to consoles and gaming in general.   When you break it down it 
> makes sense.
> 
> -You have voice chat
> -You are receiving data from servers about other people in the game
> -You are sending data to servers about yourself
> -If you are using certain features where you are “the host” then you are 
> serving content from your gaming console.  This is not much different than a 
> customer running a web server.  You can’t have more than one customer running 
> a port 80 web-server behind nat.
> -Streaming to services like Twitch or YouTube
> 
> All of these take up standard, agreed upon ports. It’s really only prevalent 
> on gaming consoles because they are doing many functions.  Look at it another 
> way.  You have a customer doing the following.
> 
> -Making a VOIP call
> -Streaming a movie
> -Running a web server
> -Running bittorrent on a single port
> -Having a camera folks need to access from the outside world
> 
> This is why platforms like Xbox developed things like Teredo.
> 
> Justin Wilson
> j...@mtin.net <mailto:j...@mtin.net>
> 
> —
> https://j2sw.com <https://j2sw.com/> - All things jsw (AS209109)
> https://blog.j2sw.com <https://blog.j2sw.com/> - Podcast and Blog
> 
> On Sep 27, 2020, at 9:33 PM, Daniel Sterling  <mailto:sterling.dan...@gmail.com>> wrote:
> 
> Matt Hoppes raises an interesting question,
> 
> At the risk of this being off-topic, in the latest call of duty games I've 
> played, their UDP-NAT-breaking algorithm seems to work rather well and should 
> function fine even behind CGNAT. Ironically turning on upnp makes this 
> *worse*, because when their algorithm probes to see what ports to use, upnp 
> sends all traffic from the "magical xbox port" to one box instead of letting 
> NAT control the ports. This does cause problems when multiple xboxes are 
> behind one NAT doing upnp. If upnp is on and both xboxes are fully powered 
> off and then turned on one at a time, things do work. But when upnp is off 
> everything works w/o having to do that.
> 
> There are many other games and many CPE NAT boxes that may do horrible 
> things, but CGNAT by itself shouldn't cause problems for any recent device / 
> gaming system.
> 
> It is true that I've yet to see any FPS game use ipv6. I assume that's cuz 
> they can't count on users having v6, so they have to support v4, and it 
> wouldn't be worth their while to have their gaming host support dual-stack. 
> just a guess there
> 
> -- Dan
> 
> 
> 
> On Sun, Sep 27, 2020 at 7:29 PM Mike Hammett  <mailto:na...@ics-il.net>> wrote:
> Actually, uPNP is the only way to get two devices to work behind one public 
> IP, at least with XBox 360s. I haven't kept up in that realm.
> 
> 
> 
> -
> Mike Hammett
> Intelligent Computing Solutions <http://www.ics-il.com/>
>  <https://www.facebook.com/ICSIL> 
> <https://plus.google.com/+IntelligentComputingSolutionsDeKalb> 
> <https://www.linkedin.com/company/intelligent-computing-solutions> 
> <https://twitter.com/ICSIL>
> Midwest Internet Exchange <http://www.midwest-ix.com/>
>  <https://www.facebook.com/mdwestix> 
> <https://ww

Re: Gaming Consoles and IPv4

2020-09-28 Thread Justin Wilson (Lists) 
There are many things going on with gaming that makes natted IPv4 an issue when 
it comes to consoles and gaming in general.   When you break it down it makes 
sense.

-You have voice chat
-You are receiving data from servers about other people in the game
-You are sending data to servers about yourself
-If you are using certain features where you are “the host” then you are 
serving content from your gaming console.  This is not much different than a 
customer running a web server.  You can’t have more than one customer running a 
port 80 web-server behind nat.
-Streaming to services like Twitch or YouTube

All of these take up standard, agreed upon ports. It’s really only prevalent on 
gaming consoles because they are doing many functions.  Look at it another way. 
 You have a customer doing the following.

-Making a VOIP call
-Streaming a movie
-Running a web server
-Running bittorrent on a single port
-Having a camera folks need to access from the outside world

This is why platforms like Xbox developed things like Teredo.

Justin Wilson
j...@mtin.net

—
https://j2sw.com - All things jsw (AS209109)
https://blog.j2sw.com - Podcast and Blog

> On Sep 27, 2020, at 9:33 PM, Daniel Sterling  
> wrote:
> 
> Matt Hoppes raises an interesting question,
> 
> At the risk of this being off-topic, in the latest call of duty games I've 
> played, their UDP-NAT-breaking algorithm seems to work rather well and should 
> function fine even behind CGNAT. Ironically turning on upnp makes this 
> *worse*, because when their algorithm probes to see what ports to use, upnp 
> sends all traffic from the "magical xbox port" to one box instead of letting 
> NAT control the ports. This does cause problems when multiple xboxes are 
> behind one NAT doing upnp. If upnp is on and both xboxes are fully powered 
> off and then turned on one at a time, things do work. But when upnp is off 
> everything works w/o having to do that.
> 
> There are many other games and many CPE NAT boxes that may do horrible 
> things, but CGNAT by itself shouldn't cause problems for any recent device / 
> gaming system.
> 
> It is true that I've yet to see any FPS game use ipv6. I assume that's cuz 
> they can't count on users having v6, so they have to support v4, and it 
> wouldn't be worth their while to have their gaming host support dual-stack. 
> just a guess there
> 
> -- Dan
> 
> 
> 
> On Sun, Sep 27, 2020 at 7:29 PM Mike Hammett  > wrote:
> Actually, uPNP is the only way to get two devices to work behind one public 
> IP, at least with XBox 360s. I haven't kept up in that realm.
> 
> 
> 
> -
> Mike Hammett
> Intelligent Computing Solutions 
>   
>  
>  
> 
> Midwest Internet Exchange 
>   
>  
> 
> The Brothers WISP 
>   
> 
> From: "Matt Hoppes"  >
> To: "Darin Steffl" mailto:darin.ste...@mnwifi.com>>
> Cc: "North American Network Operators' Group"  >
> Sent: Sunday, September 27, 2020 1:22:51 PM
> Subject: Re: Gaming Consoles and IPv4
> 
> I understand that. But there’s a host of reasons why that night not work - 
> two devices trying to use UPNP behind the same PAT device, an apartment 
> complex or hotel WiFi system, etc. 
> 
> On Sep 27, 2020, at 2:17 PM, Darin Steffl  > wrote:
> 
> 
> This isn't rocket science.
> 
> Give each customer their own ipv4 IP address and turn on upnp, then they will 
> have open NAT to play their game and host. 
> 
> On Sun, Sep 27, 2020, 12:50 PM Matt Hoppes  > wrote:
> I know the solution is always “IPv6”, but I’m curious if anyone here knows 
> why gaming consoles are so stupid when it comes to IPv4?  
> 
> We have VoIP and video systems that work fine through multiple layers of PAT 
> and NAT. Why do we still have gaming consoles, in 2020, that can’t find their 
> way through a PAT system with STUN or other methods?
> 
> It seems like this should be a simple solution, why are we still opening 
> ports or having systems that don’t work?
>

Re: Tips on dealing with illicit BGP announcements

2020-07-26 Thread Justin Wilson (Lists) via NANOG 
I second the ease on contacting RADB.  They are very easy to work with in cases 
like this.  Have done it several times over the past few months.


Justin Wilson
j...@mtin.net

—
https://j2sw.com - All things jsw (AS209109)
https://blog.j2sw.com - Podcast and Blog

> On Jul 24, 2020, at 2:05 AM, Randy Carpenter  wrote:
> 
> 
> I am working with a client that has recently purchased and transferred an 
> IPv4 block.
> 
> Sometime in between when the purchase and research was done and when the 
> transfer was actually complete, an entity in Asia started illicitly 
> announcing a larger block that includes the block in question. They even have 
> gotten an RADB entry in place for it.
> 
> Does anyone have some tips on how to deal with this? I have a feeling that 
> dealing directly with the offending entity will not be very fruitful.
> 
> thanks,
> -Randy
>

Re: [EXT] AS hijacking (Philosophy, rants, GeoMind)

2020-05-29 Thread Justin Wilson (Lists) 
I will probably just get another link to https://isbgpsafeyet.com/ 
<https://isbgpsafeyet.com/> like I did in the first e-mail. LOL


Justin Wilson
j...@mtin.net

—
https://j2sw.com - All things jsw (AS209109)
https://blog.j2sw.com - Podcast and Blog

> On May 29, 2020, at 11:57 AM, Chuck Anderson  wrote:
> 
> Go back to them and tell them that a hijacked prefix is different from a 
> hijacked AS.
> 
> On Fri, May 29, 2020 at 11:39:46AM -0400, Justin Wilson (Lists) wrote:
>> One of the companies I work for recently had an issue with AS 2 (University 
>> of Delaware) hijacking a prefix.  Due to Origin AS, good upstreams, and the 
>> like this has not really affected the traffic to the legit blocks.  However, 
>> GeoMind picked this up almost immediately it seems.  The IP blocks when you 
>> go to speedtest.net come back to the university of Delaware. This seems to 
>> be the only issue at the moment so we are working through contacting the 
>> peers of AS2 and asking them to look into this.  We had also contacted 
>> University of Delaware.
>> 
>> Here is where the philosophy comes into play.  The very terse e-mail we 
>> received back was basically “As2 gets hijacked a lot and it’s not our 
>> problem”. So my question for the NANOG folks.  At what point do you say 
>> “it’s not your problem” when it involves your ASN?
>> 
>> Rant
>> I almost always have issues with GeoMind and others when it comes to IP 
>> space.  Several of my folks have received allocations from Arin in March.  A 
>> few are still fighting with geolocation stuff with a few of the providers.  
>> So why does GeoMind atomically accept a hijacked prefix as correct? All the 
>> right boxes have been ticked.  Origin Validiation, registry sets, etc.
>

AS hijacking (Philosophy, rants, GeoMind)

2020-05-29 Thread Justin Wilson (Lists) 
One of the companies I work for recently had an issue with AS 2 (University of 
Delaware) hijacking a prefix.  Due to Origin AS, good upstreams, and the like 
this has not really affected the traffic to the legit blocks.  However, GeoMind 
picked this up almost immediately it seems.  The IP blocks when you go to 
speedtest.net come back to the university of Delaware. This seems to be the 
only issue at the moment so we are working through contacting the peers of AS2 
and asking them to look into this.  We had also contacted University of 
Delaware.

Here is where the philosophy comes into play.  The very terse e-mail we 
received back was basically “As2 gets hijacked a lot and it’s not our problem”. 
So my question for the NANOG folks.  At what point do you say “it’s not your 
problem” when it involves your ASN?

Rant
I almost always have issues with GeoMind and others when it comes to IP space.  
Several of my folks have received allocations from Arin in March.  A few are 
still fighting with geolocation stuff with a few of the providers.  So why does 
GeoMind atomically accept a hijacked prefix as correct? All the right boxes 
have been ticked.  Origin Validiation, registry sets, etc.

Happy Friday! 



Justin Wilson
j...@mtin.net

—
https://j2sw.com - All things jsw (AS209109)
https://blog.j2sw.com - Podcast and Blog

DNS cache Validation

2020-05-18 Thread Justin Wilson (Lists) 
What are you folk doing to validate your DNS cache server configs and 
operation? In other words, what are you doing to make sure they are performing 
well, not just alive.

Justin
—
https://blog.j2sw.com