Re: Alexandria Ocasio-Cortez' Office is on NANOG?? Or, what is the policy about sharing email offlist?
A-woman! Sincerely, Lorell Hathcock > On Jan 18, 2021, at 1:36 PM, Javier J wrote: > > > I agree 100%. > > I know the emails on this list are public and that is fine. What I don't > appreciate is that now my email address is in some politico's address list > because of someone's behavior. > > - Javier > >> On Mon, Jan 18, 2021 at 3:20 PM Jon Lewis wrote: >> There's a world of difference between "don't expect list posts to be >> private to list members" and "don't forward the list to autoresponders." >> The stupidity of the latter, if it can be tracked down to who did it, >> should result in their removal from the list, at least until they explain >> what caused them to do that and have undone it. >> >> On Mon, 18 Jan 2021, Paul Timmins wrote: >> >> > The list has public archives. Draw your own conclusions on the policy. >> > >> > https://mailman.nanog.org/pipermail/nanog/ >> > >> > On 1/18/21 2:40 PM, Anne P. Mitchell, Esq. wrote: >> >> Not under that impression at all. That's very different from "what is the >> >> policy" - at least in the groups I run, if the policy is "no sharing >> >> offlist" and then someone does, there are consequences for that someone. >> >> Anne >> >> >> >> -- >> >> Anne P. Mitchell, Attorney at Law >> >> Dean of Cyberlaw & Cybersecurity, Lincoln Law School >> >> Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal anti-spam law) >> >> Board of Directors, Denver Internet Exchange >> >> Chair Emeritus, Asilomar Microcomputer Workshop >> >> Former Counsel: Mail Abuse Prevention System (MAPS) >> >> >> > >> >> -- >> Jon Lewis, MCP :) | I route >> StackPath, Sr. Neteng | therefore you are >> _ http://www.lewis.org/~jlewis/pgp for PGP public key_
ISP License in the USA?
NANOG: Our owner has hired a consultant who insists that we should have an ISP license to operate in the United States. (Like they have in other countries like Germany and in Africa where he has extensive personal experience.) I am asking him to tell me which license we should have because I don't know of a license that we are required to have to route IP traffic to end customers. I am familiar with CLEC status filed with our state. But it is not a requirement to pass traffic. He is suggesting COALS with which I am completely unfamiliar. Can anyone tell me if there is a Texas state and/or USA Federal license for a small operator to pass IP traffic from the internet to end users (commercial and/or residential). I am aware that there are some CALEA requirements of ISPs that seem to kick in once a CALEA request is made, but is that different from a license. Thanks, Lorell Hathcock
Re: DOCSIS 3.1 upstream
In our small, aging plant very near the Mexican border in south Texas, the SNR for <~30MHz is ~20 dB so we can only use two upstream channels. It works okay for our 150 cable modem customers. They can get 40 Mbps upstream throughput. The downstream channels are around 300MHz with much better SNR so we can bond 8 channels. Depending on load, customers can get up to 80 Mbps downstream throughput. This is on a DOCSIS 3.0 Cisco CMTS network with a 10 year old cable plant. Lorell Sent from my iPhone > On Apr 15, 2016, at 5:07 AM, Nick Hilliardwrote: > > Jean-Francois Mezei wrote: >> Canadian cable carriers seem to have all told the CRTC they can only >> carry 42mhz in the upstream because their amplifiers and nodes only >> amplify that narrow band in the upstream direction. >> >> Is/was 42mhz common across north america ? > > 42MHz was the traditional upper limit for annex b docsis. That limit > was extended up to 85MHz several years ago, but yeah there's probably a > lot of plant out there which can't go above 42MHz for legacy reasons. > >> Am trying to figure out realistic bandwidth that a cableco with 42mhz >> limits for upstream will get on 3.1. > > If the cableco is limited to 42MHz, there will be 37MHz of upstream > bandwidth (5 to 42), which allows five 6.4MHz upstream channels of > 5120ksym/sec. 3.1 improves the upstream modulation from 64qam to > 4096qam, which ups the bit throughput rate from 6 bits per symbol to 12 > bits. That gives 5120*5*12 = 307200 of physical layer bit throughput, > and you should budget ~25-ish% for overhead to get usable customer bits > per second. > > That's in lab conditions though. The reality is that you're not going > to be able to use qam4096 unless your upstream path has ridiculously > good SNR. If the cable network can't go above 42MHz, it's probably > legacy plant which implies older deployments and there's a real > likelihood that the improvements in DOCSIS 3.1 aren't going to make a > blind bit of difference. It would be probably be easier and more > reliable to do plant upgrades / service retirement to allow 85MHz (12 > u/s channels) than clean up the plant so that you get the 30-35dB SNR > required to run 4096QAM. You can't make extra bandwidth out of nothing. > >> Also, have cablecos with such limits for upstream begun to upgrade the >> cable plant to increase the upstream bandwidth ? > > I would hope they have. If they don't, their businesses will be savaged > in the longer term by the introduction of gpon and other fiber technologies. > > Nick >
Re: CALEA Requirements
Thanks for the tips. All good info. Sent from my iPhone > On Mar 18, 2016, at 3:31 PM, Kraig Beahn <kr...@enguity.com> wrote: > > I believe Scott, just hit the nail on the head... > "but keep in mind that it's normal for people who have > had to fulfill a request *to be disallowed from talking about it* which > makes > them seem even more rare than they actually are." > >> On Fri, Mar 18, 2016 at 4:28 PM, Scott Helms <khe...@zcorum.com> wrote: >> >> Kevin, >> >> That's largely true, but keep in mind that it's normal for people who have >> had to fulfill a request to be disallowed from talking about it which makes >> them seem even more rare than they actually are. I'm also not familiar >> with any laws that prevent state or local agencies from leveraging CALEA >> and I've certainly seen it used on the voice side by state level law >> enforcement. >> >> >> Scott Helms >> Chief Technology Officer >> ZCorum >> (678) 507-5000 >> >> http://twitter.com/kscotthelms >> >> >> On Fri, Mar 18, 2016 at 4:19 PM, Kevin Burke <kbu...@burlingtontelecom.com >> wrote: >> >>> Ignore it until you get the paperwork. The local law enforcement can not >>> get a warrant for the real time, full data capture. Only FBI or other >>> national agencies can get those subpeona's. We went through this with >> our >>> local police department. They wanted to make sure we were prepared and >>> wanted a test for the real time number capture on phone calls. They >> didn't >>> mention they don't have any equipment on their side to connect the T1. >>> >>> Ask your local neighbors. Some area's have a number of local federal >>> investigations. If you get the deer in the headlights look from your >>> competition then you may never get one of these. >>> >>> The full data captures are rare. >>> >>> Kevin Burke >>> 802-540-0979 >>> Burlington Telecom - City of Burlington >>> 200 Church St, Burlington, VT 05401 >>> >>> -Original Message- >>> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Lorell >> Hathcock >>> Sent: Monday, March 14, 2016 4:47 PM >>> To: 'NANOG list' <nanog@nanog.org> >>> Subject: CALEA Requirements >>> >>> NANOG: >>> >>> >>> >>> Can someone point me to the current CALEA requirements? >>> >>> >>> >>> As an ISP, should I be recording all internet traffic that passes my >>> routers? Or do I only have to record when and if I receive a court >> order? >>> >>> >>> >>> I'm not under any court order now, I just want to be sure that I am >>> compliant going forward in my capabilities. >>> >>> >>> >>> Thanks! >>> >>> >>> >>> Lorell Hathcock >>
CALEA Requirements
NANOG: Can someone point me to the current CALEA requirements? As an ISP, should I be recording all internet traffic that passes my routers? Or do I only have to record when and if I receive a court order? I'm not under any court order now, I just want to be sure that I am compliant going forward in my capabilities. Thanks! Lorell Hathcock
APC vs UPC?
NANOGians: APC wins! My real question is surrounding the connection on the SFPs themselves. In general terms are the LC connectors on SFPs considered UPC or APC? If the answer is UPC and if I am inheriting and/or building a network of single mode fiber with APC SC connectors, then is the best practice to use LC UPC to SC APC fiber jumpers? If so, can anyone point me to a source for said jumpers that is (1) quick and (2) good? Any thoughts on the same idea of mismatched fiber jumpers connector types to use on OLMs and OLSs? OTDRs? The concern here is to use the best possible fiber connector types (e.g. APC or UPC) when connecting lasers to my OSP fiber which uses APC with consideration to the optimal connector type for the laser transceiver. My thoughts are to use fiber jumpers with UPC connectors on the laser side with APC on and throughout the OSP, but if it should be purely APC everywhere, then that is what I need to know. Thanks! Lorell Hathcock
RE: Cisco CMTS SNMP OID's
Thanks all for your suggestions. I am now successfully graphing SNR for each upstream channel. -Original Message- From: Yang Yu [mailto:yang.yu.l...@gmail.com] Sent: Sunday, January 24, 2016 5:11 PM To: Lorell Hathcock <lor...@hathcock.org> Cc: NANOG list <nanog@nanog.org> Subject: Re: Cisco CMTS SNMP OID's On Sun, Jan 24, 2016 at 1:06 PM, Lorell Hathcock <lor...@hathcock.org> wrote: > Signal to Noise per upstream channel CISCO-CABLE-SPECTRUM-MIB::ccsUpSpecMgmtSNR http://tools.cisco.com/Support/SNMP/do/BrowseOID.do?local=en=Translate=ccsUpSpecMgmtSNR > Cable Modem counts of all kinds > connected / online > ranging > offline Not there if there are OIDs for `show cable modem docsis version summary`
Cisco CMTS SNMP OID's
All: Does anyone out there have some valuable OID's for a Cisco CMTS? The ones I am looking for are: Signal to Noise per upstream channel Cable Modem counts of all kinds connected / online ranging offline I opened a ticket through Cisco's help desk. I have a SmartNET contract for the unit, but they were not very helpful. The OIDs they suggested did not yield any useful data. ("0" when I know there are CMs connected, etc). Thanks in advance. Lorell Hathcock
Broadband Router Comparisons
All: Not all consumer grade customer premises equipment is created equally. But end customers sure think it is. I have retirement aged customers buying the crappiest routers and then blaming my cable network for all their connection woes. The real problem is that there were plenty of problems on the cable network to deal with, so it was impossible to tell between a problem that a customer was having with their CPE versus a real problem in my network. Much of that has been cleared up on my side now, but customers were used to blaming us for everything so that they don't even consider that their equipment could be to blame. I want to be able to point out a third party list of all (most) broadband routers that rates them by performance. Or that rates them by crappiness that I can send them to so they can look up their own router and determine if other users have had problems with that router and what can be done to fix it. So far my search has been in vain. Any thoughts? Thanks in advance. Lorell Hathcock Sent from my iPad
Re: Broadband Router Comparisons
Josh: That's a good troubleshooting technique when the customer is cooperative and technically competent. I am looking for a third party list to which I may point that rates all/most routers on the market. This list would not have my input on it at all. If a router from the list winds up being bad, it is not my fault because it is third party. Such a list would help shift the conversation from blaming us at the ISP by default to casting doubt on the CPE device where the blame now rightly resides. I've checked the primary search engine for such a thing a list. I get a lot of ads for broadband routers. A search on dslreports.com yields nothing useful. pcmag.com wants to tell me about $150-$300 routers new to the market in 2015. I just need a comprehensive list of routers with ratings. A couple of user reviews about routers going bad would also be nice! Thanks, Lorell Hathcock Sent from my iPad > On Dec 23, 2015, at 8:52 PM, Josh Luthman <j...@imaginenetworksllc.com> wrote: > > Have the customer bypass the router. Why suggest another router that may > have problems in the future that you ended up getting blamed for? > > > Josh Luthman > Office: 937-552-2340 > Direct: 937-552-2343 > 1100 Wayne St > Suite 1337 > Troy, OH 45373 > >> On Wed, Dec 23, 2015 at 9:49 PM, Lorell Hathcock <lor...@hathcock.org> wrote: >> All: >> >> Not all consumer grade customer premises equipment is created equally. But >> end customers sure think it is. I have retirement aged customers buying the >> crappiest routers and then blaming my cable network for all their connection >> woes. The real problem is that there were plenty of problems on the cable >> network to deal with, so it was impossible to tell between a problem that a >> customer was having with their CPE versus a real problem in my network. >> >> Much of that has been cleared up on my side now, but customers were used to >> blaming us for everything so that they don't even consider that their >> equipment could be to blame. >> >> I want to be able to point out a third party list of all (most) broadband >> routers that rates them by performance. Or that rates them by crappiness >> that I can send them to so they can look up their own router and determine >> if other users have had problems with that router and what can be done to >> fix it. >> >> So far my search has been in vain. >> >> Any thoughts? >> >> Thanks in advance. >> >> Lorell Hathcock >> >> Sent from my iPad >
Environmental Graph Interpretation
NANOG: Are there any one the list that would care to take a look at some graphs of temperature, relative humidity and dew point that I have for two locations. In one of the two locations, I'm having a problem with the floor getting wet (condensation?). At the other everything is just fine. I need to understand what these graphs are telling me about the problem and if a simple dehumidifier would solve my moisture problem. Any takers? Oh, the environmental monitor I installed in each location is the IT Watchdog from Geist Global. I bought the POE version. Installed like a charm and was $229 plus shipping. I do wonder if this question is off topic, but then I can hear myself saying "Hey, I'm Operating a Network, here! In North America!" And then I think, "Yep, on topic!" Thanks, Sincerely, Lorell Hathcock SolStar Network, LLC Communications FIBER - VOIP - SECURITY - TV FTTH - Commercial - Residential Burglar - Access Control 956-478-5955 (cell) - 956-316-4090 (main) <mailto:lor...@solstarnetwork.com> lor...@solstarnetwork.com <http://www.solstarnetwork.com/> www.SolStarNetwork.com TX License #B19998
RE: Environmental Graph Interpretation
It is on the ground floor, but it is in a hut that has a wood floor that is raised off the ground. There is a gap between the bottom of the floor and the ground. -Original Message- From: valdis.kletni...@vt.edu [mailto:valdis.kletni...@vt.edu] Sent: Tuesday, November 10, 2015 5:13 PM To: Lorell Hathcock <lor...@hathcock.org> Cc: 'NANOG list' <nanog@nanog.org> Subject: Re: Environmental Graph Interpretation On Tue, 10 Nov 2015 16:48:04 -0600, "Lorell Hathcock" said: > Are there any one the list that would care to take a look at some > graphs of temperature, relative humidity and dew point that I have for two locations. > In one of the two locations, I'm having a problem with the floor > getting wet (condensation?). At the other everything is just fine. Is your moisture problem on a ground floor? Note that even well-cured concrete is like 30% water, and can allow moisture to slowly migrate through and weep. Usual cure is application of a proper sealant over the concrete.
RE: Updated Ookla Speedtest Server Requirements
Good point. There will be no one customer that can get a 10G speedtest from us. But there will be hundreds that should be able to get a 1G test. Should any of them try simultaneously, I want to be ready. Plus I don't know what miscellaneous speedtests from the net to expect, so I want to affordably overbuild. -Original Message- From: valdis.kletni...@vt.edu [mailto:valdis.kletni...@vt.edu] Sent: Monday, November 9, 2015 11:00 PM To: Lorell Hathcock <lor...@hathcock.org> Cc: 'NANOG list' <nanog@nanog.org> Subject: Re: Updated Ookla Speedtest Server Requirements On Mon, 09 Nov 2015 15:27:20 -0600, "Lorell Hathcock" said: > I want a server that is capable of handlilng a speedtest up to 10Gbps. Do you have (or are planning to have) a clear 10G path to enough systems that want to use speedtest specifically to make it worthwhile? We have a lot of gear reachable at high speeds, but the admins of those servers usually care more about iperf and similar than speedtest.
RE: Updated Ookla Speedtest Server Requirements
Good question. -Original Message- From: christopher.mor...@gmail.com [mailto:christopher.mor...@gmail.com] On Behalf Of Christopher Morrow Sent: Monday, November 9, 2015 11:26 PM To: Valdis Kletnieks <valdis.kletni...@vt.edu> Cc: Lorell Hathcock <lor...@hathcock.org>; NANOG list <nanog@nanog.org> Subject: Re: Updated Ookla Speedtest Server Requirements imagine lorell has a userbase on his ISP service of lots of 100mbps or 1gbps customers. Imagine some percentage of them want to test their network speeds. Imagine enough of them are trying at peak times that 1gbps to the 'speed test server' is not enough bandwidth. Perhaps he could instead run 10 servers or a 10g loadbalancer and 10 1g boxes behind that loadbalancer? On Tue, Nov 10, 2015 at 4:00 PM, <valdis.kletni...@vt.edu> wrote: > On Mon, 09 Nov 2015 15:27:20 -0600, "Lorell Hathcock" said: > >> I want a server that is capable of handlilng a speedtest up to 10Gbps. > > Do you have (or are planning to have) a clear 10G path to enough > systems that want to use speedtest specifically to make it worthwhile? > We have a lot of gear reachable at high speeds, but the admins of > those servers usually care more about iperf and similar than speedtest. >
Updated Ookla Speedtest Server Requirements
Esteemed Legions of NANOG: Does anyone have better and more modern recommendations for the hardware of an Ookla speedtest server? Here is the link to their recommendations. http://www.ookla.com/support/a26461638/ I want a server that is capable of handlilng a speedtest up to 10Gbps. I plan to do this with an SFP+ port when my network comes along. (As soon as MikroTik comes out with a decent 10G CCR router that is compatible with more SFPs.) In the mean time I will just test 1 Gbps speeds off a copper GE port, but want the SFP+ capability so I don't have to repurchase hardware in the next year. Thanks! Sincerely, Lorell Hathcock Chief Technology Officer SolStar Network, LLC Communications FIBER - VOIP - SECURITY - TV FTTH - Commercial - Residential Burglar - Access Control 956-478-5955 (cell) - 956-316-4090 (main) <mailto:lor...@solstarnetwork.com> lor...@solstarnetwork.com <http://www.solstarnetwork.com/> www.SolStarNetwork.com TX License #B19998
Fwd: Updated Ookla Speedtest Server Requirements
Sent from my iPhone Begin forwarded message: > From: Lorell Hathcock <lor...@hathcock.org> > Date: November 9, 2015 at 7:18:31 PM CST > To: Jose Gerardo Perales Soto <gerardo.pera...@axtel.com.mx> > Subject: Re: Updated Ookla Speedtest Server Requirements > > Jose: > > This is what I was looking for. I assume you have a PCI-E SFP+ cage line card > in that bad boy? > > Lorell > > Sent from my iPhone > >> On Nov 9, 2015, at 7:13 PM, Jose Gerardo Perales Soto >> <gerardo.pera...@axtel.com.mx> wrote: >> >> Currently using IBM/LENOVO x3550 / 12 GB RAM / 2 x Xeon E5620 >> >> 10GbE uplink currently handling ~2gbps peak traffic. >> >> - Gerardo >> >> -Original Message- >> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Lorell Hathcock >> Sent: Monday, November 09, 2015 3:27 PM >> To: 'NANOG list' <nanog@nanog.org> >> Subject: Updated Ookla Speedtest Server Requirements >> >> Esteemed Legions of NANOG: >> >> >> >> Does anyone have better and more modern recommendations for the hardware of >> an Ookla speedtest server? >> >> >> >> Here is the link to their recommendations. >> >> >> >> http://www.ookla.com/support/a26461638/ >> >> >> >> I want a server that is capable of handlilng a speedtest up to 10Gbps. I >> plan to do this with an SFP+ port when my network comes along. (As soon as >> MikroTik comes out with a decent 10G CCR router that is compatible with more >> SFPs.) >> >> >> >> In the mean time I will just test 1 Gbps speeds off a copper GE port, but >> want the SFP+ capability so I don't have to repurchase hardware in the next >> year. >> >> >> >> Thanks! >> >> >> >> Sincerely, >> >> >> >> Lorell Hathcock >> >> Chief Technology Officer >> >> >> >> >> >> >> SolStar Network, LLC >> >> Communications >> >> FIBER - VOIP - SECURITY - TV >> >> FTTH - Commercial - Residential >> >> Burglar - Access Control >> >> 956-478-5955 (cell) - 956-316-4090 (main) >> >> <mailto:lor...@solstarnetwork.com> lor...@solstarnetwork.com >> >> <http://www.solstarnetwork.com/> www.SolStarNetwork.com >> >> TX License #B19998 >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> El contenido del presente correo electrónico es de carácter confidencial, >> privado y propiedad de AXTEL, S.A.B. de C.V., por lo que en caso de haber >> recibido el presente por error, o de no ser el destinatario del mismo, por >> favor hágalo saber al remitente, e igualmente elimine y no almacene en forma >> alguna la información aquí contenida. Así mismo, el contenido del presente >> correo no genera obligación alguna a cargo de AXTEL, S.A.B. de C.V., de >> cualquiera de sus subsidiarias o del remitente.
RE: speedtest vs geo-coding IP info
All: Very helpful. Another also helped me track down that Ookla uses MaxMind.com for their GeoIP data. I was able to submit a GeoIP location correction request. A guy at speedtest.net suggested that MaxMind may pay me no mind because my upstream ISP may need to submit the request. That makes perfect sense to me, but it doesn’t hurt to try I hope. Thanks NANOG! You’re the best! -L From: Josh Luthman [mailto:j...@imaginenetworksllc.com] Sent: Wednesday, October 28, 2015 4:18 PM To: Lorell Hathcock <lor...@hathcock.org> Cc: NANOG list <nanog@nanog.org> Subject: Re: speedtest vs geo-coding IP info Best resource: http://nanog.cluepon.net/index.php/GeoIP Been down for a good long time now This is the only copy I know of it: http://web.archive.org/web/20130122055317/http://nanog.cluepon.net/index.php/GeoIP <http://web.archive.org/web/20130122055317/http:/nanog.cluepon.net/index.php/GeoIP> Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Wed, Oct 28, 2015 at 5:06 PM, <lor...@hathcock.org <mailto:lor...@hathcock.org> > wrote: Legions of NANOG: Here's an interesting problem. My customers are running speedtests from Ookla's speedtest.net <http://speedtest.net> site. The default site is in Kansas and not in Texas where we receive our internet connection. Questions: 1. How do I go about viewing the geo-coded data that accompanies my IP addresses? This is obviously a database that is kept for geo-coding purposes. The whois info for the block in question traces back to a superblock formerly owned by PSINet, Inc and has a Washington, DC address. I conclude that the geo-coding used by speedtest.net <http://speedtest.net> is not from the whois database. 2. If I pestered my carrier to SWIP the IP address block to me (as they should have?) would that help me solve my problem? 3. Is there anything else I need to be thinking of that would help me have better control of my geo-coding info? Are there third-party self sign up/volunteer database which house geo-coding info? Thanks in advance! Sincerely, Lorell Hathcock Chief Technology Officer SolStar Network, LLC Communications FIBER - VOIP - SECURITY - TV FTTH - Commercial - Residential Burglar - Access Control 956-478-5955 (cell) - 956-316-4090 (main) <mailto:lor...@solstarnetwork.com <mailto:lor...@solstarnetwork.com> > lor...@solstarnetwork.com <mailto:lor...@solstarnetwork.com> <http://www.solstarnetwork.com/> www.SolStarNetwork.com <http://www.SolStarNetwork.com> TX License #B19998
Inexpensive probes for automated bandwidth testing purposes
Greetings, NANOG. Happy Saturday to all. I am running a DOCSIS network that has a noisy cable plant. I want to be able to substantiate and quantify users' bandwidth issues. I would like a set of inexpensive probes that I could place at selected customer's homes/businesses that would on a scheduled basis perform bandwidth tests. Likely I would need to place a server in the head end or across the internet that would allow me to isolate and test certain network segments. I've looked into these in the past and was presented with some wonderfully expensive units that would duplicate my network problems into company financial problems as well. Any ideas? I know there are other ways to measure noise in the cable plant and I am working on those as well. I will soon be running other, non-DOCSIS networks and need to have the same capabilities to test available bandwidth on those networks. Thanks! Lorell Hathcock Sent from my iPad
Password Decryption Methods?
All: I have a video camera that I need to recover the password. I have a password hash that is stored in a database, but any online decryption sites are not working. Can someone push me in the right direction on where I go from here? Thanks, Lorell
RE: OSP multi-fiber Network-to Network Interface - Recommendations requested
It's rare that NANOG is speechless on an issue. Have I stumped the experts? :) -Original Message- From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of lor...@hathcock.org Sent: Saturday, April 25, 2015 10:53 AM To: nanog@nanog.org Subject: FW: OSP multi-fiber Network-to Network Interface - Recommendations requested NANOG: The purpose of this email is to discuss information, standards, recommendations, et cetera about interconnect solutions considering the parameters contained herein. We believe the correct term is a multi-fiber network to network interface. My firm has made an IRU agreement with a municipality to use each other's OSP fibers. In most of the City's OSP, they have a 96 strand count fiber with eight buffer tubes (each buffer tube having 12 fibers). They have dedicated the black buffer tube for our use (again, 12 strands) We have yet to build any OSP fiber plant. When we do and when we interconnect with the City's fiber, we will extend a minimum of 96 fibers. When our plant extends in public right of way, we will interconnect 84 strands (maybe 7 buffer tubes with 12 strands each) of our fiber to the City and keep a minimum of one for our ourselves. It is highly likely that we will pull a much higher fiber count cable to give ourselves additional fibers beyond just 12 strands. On certain projects, when outside City limits and/or on private right of way within City limits, we are required to give them 12 strands of fiber. When we interconnect with their fiber, we must consider the following: 1. How many strands with which will we interconnect? a. If we are interconnecting in the middle of a City span, we must think about interconnecting with North-bound and South-bound fibers. (12 fibers for us going in two directions and as many as 84 fibers for them going in two directions). b. If we are connecting at the end of a City span, we must consider just the South-bound fibers and the interconnection between our OSP. 2. Available real estate for placing vaults, pedestals, FDHs, et cetera. 3. The likelihood of damage from accidents on the adjacent roads. 4. The likelihood of water filling up underground vaults. 5. dB loss resulting from splices, interconnects, et cetera. 6. Scalability and future growth. 7. Other considerations? In our discussions with the City, we have contemplated a dual cabinet system where we ask the following questions to determine how to load those cabinets. 1. Where is the proposed interconnect in terms of real estate and adjacent traffic? (Find a safe place with enough real estate). 2. How many fibers will interconnect from our network to theirs? (either 12 or 84 for each direction we take from the site - most likely just one direction). 3. How many fibers will interconnect from their network to ours? (just 12 at most, but likely in at least two directions - because we are cutting into their fiber mid-span) Once those questions are answered, then we can design and build the cabinets. Also, we want to be cost effective in this design. Thanks in advance for a push in the right direction. Sincerely, Lorell Hathcock Chief Technology Officer SolStar Network, LLC
RE: OSP multi-fiber Network-to Network Interface - Recommendations requested
Roy: Thanks. I seek information from people that have already done this kind of thing before. Admittedly, this may be lower down the OSI model than many of them go, but there are some lurkers among the bunch. So, re-phrased, I would ask What are industry standard, best practices when designing an OSP multi-fiber NNI? Thanks, Lorell From: Roy Hirst [mailto:rhi...@xkl.com] Sent: Monday, April 27, 2015 11:59 AM To: Lorell Hathcock Subject: Re: OSP multi-fiber Network-to Network Interface - Recommendations requested Lorell The silence of the experts is indeed rare. At my reading, though, it was not very clear what you were asking the alias for. You have some perfectly reasonable questions re negotiation, and a project to design presumably soon. Sounds exciting. What did you want to ask, I may be able to help. Roy Roy Hirst | 425-556-5773 | XKL LLC | xkl.com On 4/27/15 9:23 AM, Lorell Hathcock wrote: It's rare that NANOG is speechless on an issue. Have I stumped the experts? :) -Original Message- From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of lor...@hathcock.org mailto:lor...@hathcock.org Sent: Saturday, April 25, 2015 10:53 AM To: nanog@nanog.org mailto:nanog@nanog.org Subject: FW: OSP multi-fiber Network-to Network Interface - Recommendations requested NANOG: The purpose of this email is to discuss information, standards, recommendations, et cetera about interconnect solutions considering the parameters contained herein. We believe the correct term is a multi-fiber network to network interface. My firm has made an IRU agreement with a municipality to use each other's OSP fibers. In most of the City's OSP, they have a 96 strand count fiber with eight buffer tubes (each buffer tube having 12 fibers). They have dedicated the black buffer tube for our use (again, 12 strands) We have yet to build any OSP fiber plant. When we do and when we interconnect with the City's fiber, we will extend a minimum of 96 fibers. When our plant extends in public right of way, we will interconnect 84 strands (maybe 7 buffer tubes with 12 strands each) of our fiber to the City and keep a minimum of one for our ourselves. It is highly likely that we will pull a much higher fiber count cable to give ourselves additional fibers beyond just 12 strands. On certain projects, when outside City limits and/or on private right of way within City limits, we are required to give them 12 strands of fiber. When we interconnect with their fiber, we must consider the following: 1. How many strands with which will we interconnect? a. If we are interconnecting in the middle of a City span, we must think about interconnecting with North-bound and South-bound fibers. (12 fibers for us going in two directions and as many as 84 fibers for them going in two directions). b. If we are connecting at the end of a City span, we must consider just the South-bound fibers and the interconnection between our OSP. 2. Available real estate for placing vaults, pedestals, FDHs, et cetera. 3. The likelihood of damage from accidents on the adjacent roads. 4. The likelihood of water filling up underground vaults. 5. dB loss resulting from splices, interconnects, et cetera. 6. Scalability and future growth. 7. Other considerations? In our discussions with the City, we have contemplated a dual cabinet system where we ask the following questions to determine how to load those cabinets. 1. Where is the proposed interconnect in terms of real estate and adjacent traffic? (Find a safe place with enough real estate). 2. How many fibers will interconnect from our network to theirs? (either 12 or 84 for each direction we take from the site - most likely just one direction). 3. How many fibers will interconnect from their network to ours? (just 12 at most, but likely in at least two directions - because we are cutting into their fiber mid-span) Once those questions are answered, then we can design and build the cabinets. Also, we want to be cost effective in this design. Thanks in advance for a push in the right direction. Sincerely, Lorell Hathcock Chief Technology Officer SolStar Network, LLC The information contained in this e-mail message may be privileged, confidential and protected from disclosure. If you are not the intended recipient, any dissemination, distribution or copying is strictly prohibited. If you think that you have received this e-mail message in error, please e-mail the sender at the above e-mail address.
I am about to inherit 26 miles of dark fiber. What do I do with it?
All: A job opportunity just came my way to work with 26 miles of dark fiber in and around a city in Texas. The intent is for me to deliver internet and private network services to business customers in this area. I relish the thought of starting from scratch to build a network right from the start instead of inheriting and fixing someone else's mess. That being said, what suggestions does the group have for building a new network using existing dark fiber? MPLS backbone? Like all businesses these days, I will likely have to build the lit backbone as I add customers. So how would you recommend scaling the network? I have six strands of SMF that connect within municipal facilities. Each new customer will be a new build out from the nearest point. Because of having only six strands, I don't anticipate selling dark fiber. I believe I need to conserve fibers so that it would be lit services that I offer to customers. I would like to offer speeds up to 10 GB. Thoughts are appreciated! Sincerely, Lorell Hathcock
Re: I am about to inherit 26 miles of dark fiber
Ah, the famous good-will of NANOG. I knew I would get some interesting responses. I was part of the Field Ops group of Enron Broadband years ago. We deployed DWDM extensively. Admittedly it has been a while. This 26 miles of dark fiber is deployed by a municipality in and around their fair city. Part of a deal with this new firm is that the firm will use the aforementioned six strands. So the fiber is deployed throughout this city that has been largely under-serviced. By lack of resources, the city could not deploy services to businesses/enterprises. So as I ponder the opportunity, I seek to tap the creative juices of NANOG. Thanks, Lorell Hathcock
OSP Contractors in Lafayette, LA
All: I am seeking referrals for an Outside Plant Fiber installation company that can operate in Lafayette, LA. Contracted activities would include: - Project Design and Planning - Project Management - Obtaining Permits - Boring - Trenching - Installation of Inner duct and conduit - Installation of OM3 fiber - Bonding and Grounding of Fiber - Installation of Fiber Locate Signal Transmission Equipment in Head End - Testing and Certification and Documentation of Installation Project will be on private property. Please respond offline directly to me. Sincerely, Lorell Hathcock
RE: NSA able to compromise Cisco, Juniper, Huawei switches
NANOG: Here's the really scary question for me. Would it be possible for NSA-payload traffic that originates on our private networks that is destined for the NSA to go undetected by our IDS systems? For example tcpdump-based IDS systems like Snort has been rooted to ignore or not report packets going back to the NSA? Or netflow on Cisco devices not reporting NSA traffic? Or interface traffic counters discarding NSA-packets to report that there is no usage on the interface when in fact there is? Here's another question. What traffic do we look for on our networks that would be going to the NSA? Thoughts? (And semi-self-consciously adding myself to the NSA list of targets.) Lorell Hathcock -Original Message- From: Ray Soucy [mailto:r...@maine.edu] Sent: Monday, December 30, 2013 11:01 AM To: Dobbins, Roland Cc: nanog@nanog.org list Subject: Re: NSA able to compromise Cisco, Juniper, Huawei switches Looking more at the actual leaked information it seems that if the NSA is working with companies, it's not anything the companies are likely aware of. The common form of infection seems to be though software updates performed by administrators (through the NSA hijacking web traffic). They are implimented as firmware and BIOS infections that modify the OS image and persist through software upgrades to provide a persistant back door (PBD). The documents imply that a signiciant of systems deployed are already infected. So this isn't an issue of the NSA working with Cisco and Juniper to include back doors, it's an issue of the NSA modifying those releases after the fact though BIOS implants. Where exatcly the NSA is inserting these we can't be sure. They could be targeted or they could be at the assembly line. Quick Summary of Leaked Information: Source: http://www.spiegel.de/international/world/a-941262.html Firewalls: (1) Cisco PIX and ASA: Codename JETPLOW (2) Huawei Eudemon: Codename HALLUXWATER (3) Juniper Netscreen and ISG: Codename: FEEDTROUGH (4) Juniper SSG and Netscreen G5, 25, and 50, SSG-series: Codename: GOURMETTROUGH (5) Juniper SSG300 and SSG500: Codename SOUFFLETROUGH Routers: (1) Huawei Router: Codename HEADWATER (2) Juniper J-Series: Codename SCHOOLMONTANA (3) Juniper M-Series: Codename SIERRAMONTANA (4) Juniper T-Series: Codename STUCCOMONTANA Servers: (1) HP DL380 G5: Codename IRONCHEF (2) Dell PowerEdge: Codename DEITYBOUNCE (3) Generic PC BIOS: Codename SWAP, able to compromise Windows, Linux, FreeBSD, or Solaris using FAT32, NTFS, EXT2, EXT3, or UFS filesystems. USB Cables and VGA Cables: Codename COTTONMOUTH, this one is a hardware implmant hidden in a USB cable. The diagram shows it's small enough that you would never know its there. Codename RAGEMASTER, VGA cable, mirrors VGA over the air. Many others. I'm not sure that the list is comprehensive, so I wouldn't say that since Cisco routers are not mentioned (for example) that they're any more safe than Juniper (which is listed often). On Mon, Dec 30, 2013 at 11:50 AM, Dobbins, Roland rdobb...@arbor.netwrote: On Dec 30, 2013, at 11:18 PM, Sam Moats s...@circlenet.us wrote: This might be an interesting example of it's (mis)use. http://en.wikipedia.org/wiki/Greek_wiretapping_case_2004%E2%80%93200 5 That's one of the cases I know about; it was utilized via Ericsson gear. -- - Roland Dobbins rdobb...@arbor.net // http://www.arbornetworks.com Luck is the residue of opportunity and design. -- John Milton -- Ray Patrick Soucy Network Engineer University of Maine System T: 207-561-3526 F: 207-561-3531 MaineREN, Maine's Research and Education Network www.maineren.net
RE: latest Snowden docs show NSA intercepts all Google and Yahoo DC-to-DC traffic
Until you've heard an ex-NSA guy explain to you how this is done, with a device the size of a brief-case, it can seem a little unbelievable. I had that conversation in the late '90s. -Original Message- From: Matthew Petach [mailto:mpet...@netflight.com] Sent: Thursday, October 31, 2013 8:27 PM To: Jimmy Hess Cc: NANOG Subject: Re: latest Snowden docs show NSA intercepts all Google and Yahoo DC-to-DC traffic On Thu, Oct 31, 2013 at 5:53 PM, Jimmy Hess mysi...@gmail.com wrote: On Thu, Oct 31, 2013 at 7:24 PM, Matthew Petach mpet...@netflight.comwrote: On Thu, Oct 31, 2013 at 7:02 AM, Ray Soucy r...@maine.edu wrote: Was the unplanned L3 DF maintenance that took place on Tuesday a frantic removal of taps? :-) No need for intrusive techniques such as direct taps: http://ieeexplore.ieee.org/xpl/articleDetails.jsp?reload=truearnumbe r=1494884 For shame you've sent in a link to some article behind a paywall, with some insane download fee. Which is an equivalent of hand-waving. They must be hiding their content, for fear that flaws be pointed out. Oy...OK, let me find a document that spells it out a bit more clearly for you. Of all the techniques, the bent fiber tap is the most easily deployed with minimal risk of damage or detection. The paper quantifies the bend loss required to tap a signal propagating in a single mode fiber There will be some wavelengths of light, that may be on the cable, that bending won't get a useful signal from. Bending the cable sufficiently to break the total internal reflection property, and allow light to leak -- will generate power losses in the cable, that can be identified on an OTDR. This patent covers a technique developed to do non-intrusive optical tapping with a 0.5 microbend, with only 0.5dB signal loss: http://www.google.com/patents/CA2576969C Most people aren't going to be able to tell a 0.5dB loss from a microbend tap from a splice job. Matt Matt -- -JH
RE: What to expect after a cooling failure
Ugly. If the batteries that were in the facility's power distribution system were affected by the heat, then their life is likely significantly shortened. This is in terms of their capacity to supply power in the event of an outage and a shortened shelf life. Lorell On Jul 9, 2013, at 8:28 PM, Erik Levinson erik.levin...@uberflip.com wrote: As some may know, yesterday 151 Front St suffered a cooling failure after Enwave's facilities were flooded. One of the suites that we're in recovered quickly but the other took much longer and some of our gear shutdown automatically due to overheating. We shut down remotely many redundant and non-essential systems in the hotter suite, and transferred remotely some others to the cooler suite, to ensure that we had a minimum of all core systems running in the hotter suite. We waited until the temperatures returned to normal, and brought everything back online. The entire event lasted from approx 18:45 until 01:15. Apparently ambient temperature was above 43 degrees Celcius at one point on the cool side of cabinets in the hotter suite. For those who have gone through such events in the past, what can one expect in terms of long-term impact...should we expect some premature component failures? Does anyone have any stats to share? Thanks -- Erik Levinson CTO, Uberflip 416-900-3830 1183 King Street West, Suite 100 Toronto ON M6K 3C5 www.uberflip.com
RE: Speedtest Results speedtest.net vs Mikrotik bandwidth test
Thanks for the many helpful suggestions I received offline. One thing that I was able to deduce was that one of the radios along the path had Ethernet auto negotiate turned on. I turned it off and the TCP speeds went way up. It seems that UDP was not affected by this setting while TCP was. Thanks again! Lorell -Original Message- From: Justin M. Streiner [mailto:strei...@cluebyfour.org] Sent: Monday, April 01, 2013 7:27 PM To: nanog@nanog.org Subject: Re: Speedtest Results speedtest.net vs Mikrotik bandwidth test On Mon, 1 Apr 2013, Lorell Hathcock wrote: I am having some speedtest results that are difficult to interpret. Some of my customers have begun complaining that they are not getting the proper speeds. They are using speedtest.net and/or speakeasy.net to test the results. Take the speedtest results with a grain of salt. Once traffic leaves your network, you no longer have (much) control over how packets flow across the 'rest of the internet'. Did the customers report when the issue started? Are they seeing other performance problems (latency/jitter/packet loss)? Are you sure no internal links/routers are being saturated, even for brief periods of time? jms
Eastern Canadian Wireless ISP Resources
All: I am seeking a wireless internet service provider to help with an off-shore project on the eastern coast of Canada. I am seeking to pump up to 400 GB per day back to shore from vessels at sea. Are there any wireless operators on this list that may be able to steer me in the right direction? Sincerely, Lorell Hathcock
Speedtest Results speedtest.net vs Mikrotik bandwidth test
All: I am having some speedtest results that are difficult to interpret. I am a small WISP multi-homed with Cogent and Level 3 in Houston, TX. I am running BGP with each with 100 Mbps+ on each link. Some of my customers have begun complaining that they are not getting the proper speeds. They are using speedtest.net and/or speakeasy.net to test the results. My network is Mikrotik based and as such, I have access to Mikrotik's built-in bandwidth testing. With a laptop on site, running against speedtest.net (which kicked me over to the Comcast speedtest server instance) I can only get 4 Mbps up and 1.5 Mbps down. That is consistent on their desktops too. We eliminated their routing equipment and other consumers of the bandwidth and tested and got similar results. But when we run the Mikrotik bandwidth tests (even to off-net Mikrotik devices in Hawaii and Mission, TX) we get 25+ Mbps synchronous. We have run traceroutes to various traceroute servers and they go through Cogent and/or Level 3. For the most part it does not seem to matter which path it takes, the bandwidth seems to be about the same going both routes. When we run the laptop-based btest.exe against Mikrotik bandwidth test servers, the laptop got significantly better results (14 Mbps) , but not 25+ Mbps. It is almost like there is a Java based problem with speedtest.net. Thoughts? Thanks, Lorell Hathcock
RE: guys != gender neutral
We may not all be guys. We may not all be gals. But we are definitely all CLOWNS. This is a substitution that should be acceptable to all and it really works. Sales-clown. Yep! Mail-clown. Yep! Fire-clown. Yep! Police-clown. Yep! Congress-clown. Yep! Yep! -Original Message- From: Landon Stewart [mailto:lstew...@superb.net] Sent: Thursday, September 27, 2012 3:56 PM To: Owen DeLong Cc: nanog@nanog.org Subject: Re: guys != gender neutral On 27 September 2012 11:34, Owen DeLong o...@delong.com wrote: When did people stop being an acceptable gender-neutral substitute for {guys,gals}? Owen Using the word 'people' is good but I like to say 'humans'. What's up humans? Can I get you humans to drink? This rarely offends anyone. -- Landon Stewart lstew...@superb.net Sr. Administrator Systems Engineering Superb Internet Corp - 888-354-6128 x 4199 Web hosting and more Ahead of the Rest: http://www.superbhosting.net
RE: trading bandwidth
If you ever want a run down on how Enron did it (or didn't do it), there are several on this list who can tell you all about it. -Original Message- From: carl gough [mobsource] [mailto:c...@mobsource.com] Sent: Tuesday, May 29, 2012 4:50 PM To: Nabil Sharma; nanog@nanog.org Subject: trading bandwidth Thanks Nabil, Bandwidth Trading is not a new concept, but to make it work effectively it will have to address a couple of prerequisites to be successful. A network of buyers and sellers has to be created, contracted and connected for instant pricing, inventory management and delivery of a defined and standardised service. Not a la enron of course, they traded derivatives. [carl gough] founder and CEO +61 425 266 764 mobsource .com defined by benefits not by technology Skype - mobsource Follow @mobsource Facebook - mobsource From: Nabil Sharma nabilsha...@hotmail.com Date: Tue, 29 May 2012 14:06:41 + To: carl gough c...@mobsource.com, nanog@nanog.org Subject: RE: NANOG Digest, Vol 52, Issue 67 Mr Karl: We use number of these service to improve delivery of our content to end users. Which service or services do you seek info for? Sincerely, Nabil Date: Tue, 29 May 2012 22:21:39 +1000 Subject: Re: NANOG Digest, Vol 52, Issue 67 From: c...@mobsource.com To: nanog@nanog.org Does anyone have any intel on bandwidth trading in the usa? [carl gough] founder and CEO +61 425 266 764 mobsource .com defined by benefits not by technology Skype - mobsource Follow @mobsource Facebook - mobsource On 29/05/12 7:52 PM, nanog-requ...@nanog.org nanog-requ...@nanog.org wrote: Send NANOG mailing list submissions to nanog@nanog.org To subscribe or unsubscribe via the World Wide Web, visit https://mailman.nanog.org/mailman/listinfo/nanog or, via email, send a message with subject or body 'help' to nanog-requ...@nanog.org You can reach the person managing the list at nanog-ow...@nanog.org When replying, please edit your Subject line so it is more specific than Re: Contents of NANOG digest... Today's Topics: 1. IPv6 security: New IETF I-Ds, slideware and videos of recent presentations, trainings, etc... (Fernando Gont) 2. Re: NXDomain remapping, DNSSEC, Layer 9, and you. (Mark Andrews) 3. Re: NXDomain remapping, DNSSEC, Layer 9, and you. (Mark Andrews) 4. Re: DNS anycasting - multiple DNS servers on same subnet Vs registrar/registry policies (Jimmy Hess) 5. Re: NXDomain remapping, DNSSEC, Layer 9, and you. (bmann...@vacation.karoshi.com) 6. Re: DNS anycasting - multiple DNS servers on same subnet Vs registrar/registry policies (Randy Bush) 7. Re: NXDomain remapping, DNSSEC, Layer 9, and you. (Mark Andrews) 8. Re: NXDomain remapping, DNSSEC, Layer 9, and you. (George Herbert) 9. Re: NXDomain remapping, DNSSEC, Layer 9, and you. (Tony Finch) - - Message: 1 Date: Mon, 28 May 2012 22:17:33 -0300 From: Fernando Gont ferna...@gont.com.ar To: NANOG nanog@nanog.org Subject: IPv6 security: New IETF I-Ds, slideware and videos of recent presentations, trainings, etc... Message-ID: 4fc423ad.5000...@gont.com.ar Content-Type: text/plain; charset=ISO-8859-1 Folks, * We've published a new IETF I-D entitled DHCPv6-Shield: Protecting Against Rogue DHCPv6 Servers, which is meant to provide RA-Guard-like protection against rogue DHCPv6 servers. The I-D is available at: http://tools.ietf.org/id/draft-gont-opsec-dhcpv6-shield-00.txt Other IPv6 security I-Ds (such as, draft-ietf-v6ops-ra-guard-implementation) have been revised. Please check them out at: http://www.si6networks.com/publications/ietf.html * The slideware (and some videos!) of some of our recent presentations about IPv6 security are now available online. You can find them at: http://www.si6networks.com/presentations/index.html * We have also scheduled IPv6 hacking trainings in Paris (France) and Ghent (Belgium). You can find more details at: http://www.si6networks.com/index.html#conferences Our Twitter: @SI6Networks ipv6hackers mailing-list: http://lists.si6networks.com/listinfo/ipv6hackers/ Thanks! Best regards, -- Fernando Gont SI6 Networks e-mail: fg...@si6networks.com PGP Fingerprint: 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492 -- Fernando Gont e-mail: ferna...@gont.com.ar || fg...@si6networks.com PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1 -- Message: 2 Date: Tue, 29 May 2012 12:38:23 +1000 From: Mark Andrews ma...@isc.org To: Jay Ashworth j...@baylink.com Cc: NANOG nanog@nanog.org Subject: Re: NXDomain remapping, DNSSEC, Layer 9, and you. Message-ID: 20120529023823.c2b5220fe...@drugs.dv.isc.org In message 23491623.6382.1338256344974.javamail.r...@benjamin.baylink.com, Jay Ashworth
RE: Xirrus Wireless
Blake/NANOGL I just completed the Technical Training with Xirrus at a session in Dallas. The arrays are designed to go way beyond just worrying about signal strength (coverage) throughout a building or venue. They tackle the problem of how much bandwidth each connected client has available, which is something I have not had the tools to worry about with other WiFi manufacturers. They seem robust and full featured. They have been around for a while too, so going with Xirrus Arrays is not a beta test of their product. They are at least in their third generation of the product now. Cool stuff! Lorell Hathcock MTCRE, MTCWE, MTCTCE OfficeConnect.net lor...@officeconnect.net -Original Message- From: Blake Pfankuch [mailto:bl...@pfankuch.me] Sent: Tuesday, March 13, 2012 4:34 PM To: NANOG (nanog@nanog.org) Subject: Xirrus Wireless I know this is a little outside of the traditional NANOG realm but... I have a customer looking at a fair number of Xirrus Wireless Arrays for 802.11a/b/g/n implementations and am looking for some real world insight into them. On the cover they look cool, the white papers look cool, but I am yet to find technical commentary from a real person on these devices. Looking at the XN line, and just curious if anyone has deployed these, supports these or knows anything about them. Thanks! Blake
FW: Savvis broken link / underperforming between DC and Atlanta?
All: I did not see a reply to this. Anyone else having a problem on this link? Lorell From: Lorell Hathcock [mailto:lor...@hathcock.org] Sent: Friday, November 11, 2011 9:10 AM To: nanog@nanog.org Subject: Savvis broken link / underperforming between DC and Atlanta? Any one else seeing this? This was done yesterday from Hawaii. tracert speedtest.saas.infor.com 3 5 ms 5 ms 4 ms ip64-75-240-210.aloha.net [64.75.240.210] 4 5 ms 5 ms 5 ms hnl-edge-02.inet.qwest.net [67.129.94.69] 5 *** Request timed out. 656 ms56 ms56 ms 63-235-40-18.dia.static.qwest.net [63.235.40.18] 758 ms58 ms59 ms cr1-tenge-0-3-5-0.sanfrancisco.savvis.net [204.70.200.198] 8 138 ms 138 ms 138 ms cr1-bundle-pos2.Washington.savvis.net [204.70.200.90] 9 135 ms 136 ms 136 ms hr1-tengig-2-0-0.sterling2dc2.savvis.net [204.70.197.74] 10 139 ms 136 ms 137 ms 165.193.78.106 11 *** Request timed out. 12 *** Request timed out. 13 *** Request timed out. But from Houston it was fine yesterday. It took a different route. Today I have the same problem from Houston. tracert speedtest.saas.infor.com 4 2 ms 2 ms 2 ms te4-1.3509.ccr01.iah02.atlas.cogentco.com [66.28.6.21] 5 3 ms 2 ms 2 ms te0-2-0-4.ccr21.iah01.atlas.cogentco.com [154.54.3.149] 6 9 ms10 ms 8 ms te0-1-0-5.ccr21.dfw01.atlas.cogentco.com [154.54.2.225] 7 8 ms 8 ms 8 ms te7-3.mpd01.dfw03.atlas.cogentco.com [154.54.6.66] 815 ms 8 ms12 ms aer1-ge-4-2.dallasequinix.savvis.net [208.175.175.5] 917 ms 8 ms15 ms 204.70.207.182 1010 ms 9 ms10 ms cr1-tengig0-7-5-0.Dallas.savvis.net [204.70.200.170] 1137 ms37 ms37 ms cr1-tengig-0-7-0-0.Washington.savvis.net [204.70.196.105] 1236 ms36 ms36 ms hr1-tengig-2-0-0.sterling2dc2.savvis.net [204.70.197.74] 1337 ms36 ms37 ms 165.193.78.106 14 *** Request timed out. 15 *** Request timed out. 16 *** Request timed out. This the end IP address is in Rackspace in Atlanta I am told. Known issues out there? Any de-peering going on? Or is this just a firewall or private IP space that is not responding to traceroute information requests? Thanks for any help, Lorell Hathcock
Savvis broken link / underperforming between DC and Atlanta?
Any one else seeing this? This was done yesterday from Hawaii. tracert speedtest.saas.infor.com 3 5 ms 5 ms 4 ms ip64-75-240-210.aloha.net [64.75.240.210] 4 5 ms 5 ms 5 ms hnl-edge-02.inet.qwest.net [67.129.94.69] 5 *** Request timed out. 656 ms56 ms56 ms 63-235-40-18.dia.static.qwest.net [63.235.40.18] 758 ms58 ms59 ms cr1-tenge-0-3-5-0.sanfrancisco.savvis.net [204.70.200.198] 8 138 ms 138 ms 138 ms cr1-bundle-pos2.Washington.savvis.net [204.70.200.90] 9 135 ms 136 ms 136 ms hr1-tengig-2-0-0.sterling2dc2.savvis.net [204.70.197.74] 10 139 ms 136 ms 137 ms 165.193.78.106 11 *** Request timed out. 12 *** Request timed out. 13 *** Request timed out. But from Houston it was fine yesterday. It took a different route. Today I have the same problem from Houston. tracert speedtest.saas.infor.com 4 2 ms 2 ms 2 ms te4-1.3509.ccr01.iah02.atlas.cogentco.com [66.28.6.21] 5 3 ms 2 ms 2 ms te0-2-0-4.ccr21.iah01.atlas.cogentco.com [154.54.3.149] 6 9 ms10 ms 8 ms te0-1-0-5.ccr21.dfw01.atlas.cogentco.com [154.54.2.225] 7 8 ms 8 ms 8 ms te7-3.mpd01.dfw03.atlas.cogentco.com [154.54.6.66] 815 ms 8 ms12 ms aer1-ge-4-2.dallasequinix.savvis.net [208.175.175.5] 917 ms 8 ms15 ms 204.70.207.182 1010 ms 9 ms10 ms cr1-tengig0-7-5-0.Dallas.savvis.net [204.70.200.170] 1137 ms37 ms37 ms cr1-tengig-0-7-0-0.Washington.savvis.net [204.70.196.105] 1236 ms36 ms36 ms hr1-tengig-2-0-0.sterling2dc2.savvis.net [204.70.197.74] 1337 ms36 ms37 ms 165.193.78.106 14 *** Request timed out. 15 *** Request timed out. 16 *** Request timed out. This the end IP address is in Rackspace in Atlanta I am told. Known issues out there? Any de-peering going on? Or is this just a firewall or private IP space that is not responding to traceroute information requests? Thanks for any help, Lorell Hathcock
CACHEbox question
Anyone using a CACHEbox? I need to know if they can operate as a layer 2 bridge/proxy. Sent from my iPhone
4.2.2.2 acting up? or is it just me?
All: I am experiencing trouble with reaching 4.2.2.2 right now from my netblock. ASN 23077. Is it just me or are others experiencing the same thing? Thanks, Lorell
OSPF Visualizer?
All: I am a small Wireless ISP in need of an OSPF visualizer that does not cost an arm and a leg. I would like one that can listen to LSA's in each area and build a map of the network. I anticipate that I could trouble OSPF issues with such a system. Any open source projects? Thanks in advance, Lorell Hathcock
RE: Mikrotik BGP Question
None in my mind. The legacy network operator was unfamiliar with actual best practice enterprise/carrier networking policies that he thought that for BGP to work on a two internet feed network, both internet connections have to be delivered to the same location. I thought since he has more insight into Mikrotik, that he knew about a bug with Mikrotik that made the argument true. Feedback from NANOG list members that also run Mikrotik has proven that there is no problem with running current rev levels of the Mikrotik RouterOS and BGP with internet feeds at two different locations. Sincerely, Lorell Hathcock OfficeConnect.net | 832-665-3400 x101 (o) | 832-782-4656 (c) 713-992-2343 (f) | lor...@officeconnect.net Texas State Security Contractor License | ONSSI Certified Channel Partner Axis Communications Channel Partner | BICSI Corporate Member Leviton Authorized Installer -Original Message- From: Ingo Flaschberger [mailto:i...@xip.at] Sent: Sunday, May 23, 2010 8:56 PM To: Lorell Hathcock Cc: nanog@nanog.org Subject: RE: Mikrotik BGP Question Dear Lorell, We will implement OSPF. so what arguments speak against 2 bgp upstreams? Kind regards, Ingo Flaschberger
RE: Mikrotik BGP Question
We are putting a private PTP metro ethernet (fiber based) link between the two locations. And both locations will have one internet connection. I am reading that Mikrotik has a memory leak in its BGP implementation. Any more info about this? Sincerely, Lorell Hathcock OfficeConnect.net | 832-665-3400 x101 (o) | 832-782-4656 (c) 713-992-2343 (f) | lor...@officeconnect.net Texas State Security Contractor License | ONSSI Certified Channel Partner Axis Communications Channel Partner | BICSI Corporate Member Leviton Authorized Installer -Original Message- From: Ingo Flaschberger [mailto:i...@xip.at] Sent: Friday, May 21, 2010 6:43 PM To: Lorell Hathcock Cc: nanog@nanog.org Subject: Re: Mikrotik BGP Question Dear Lorell, My question is about BGP on the Mikrotik platform. The guy who I am supplanting swears that we are supposed to be bringing the second internet link to the same place as the first internet link for BGP to work properly. Obviously that is not true with major brand routers which would do the BGP job just fine. (And he's the same guy that has bridged this whole network, so it is easy to disbelieve his opinion.) But maybe he knows that Mikrotik can't perform BGP in the same way that other routers can. So here's the question. Is there something about running BGP on a Mikrotik platform that precludes having the internet connections come in at different locations? That depends on the netwoek in between this two locations. There could be a lot of good reasons why this is no good idea; please bring some light into this. Kind regards, Ingo Flaschberger
RE: Mikrotik BGP Question
We will implement OSPF. Sincerely, Lorell Hathcock OfficeConnect.net | 832-665-3400 x101 (o) | 832-782-4656 (c) 713-992-2343 (f) | lor...@officeconnect.net Texas State Security Contractor License | ONSSI Certified Channel Partner Axis Communications Channel Partner | BICSI Corporate Member Leviton Authorized Installer -Original Message- From: Ingo Flaschberger [mailto:i...@xip.at] Sent: Saturday, May 22, 2010 6:07 PM To: Lorell Hathcock Cc: nanog@nanog.org Subject: RE: Mikrotik BGP Question Dear Lorell, We are putting a private PTP metro ethernet (fiber based) link between the two locations. And both locations will have one internet connection. this network between should be no problem, what routing protocols do you use in your network? ospf? Kind regards, Ingo Flaschberger
Mikrotik BGP Question
I am inheriting a WISP network with Mikrotik equipment throughout. One of my first duties is to make the network multihomed. We have our first internet connection at one location and our second internet connection will be delivered at a second location in a week or so. I understand all of the steps I need to go through with ARIN in terms of getting an ASN and so forth. My question is about BGP on the Mikrotik platform. The guy who I am supplanting swears that we are supposed to be bringing the second internet link to the same place as the first internet link for BGP to work properly. Obviously that is not true with major brand routers which would do the BGP job just fine. (And he's the same guy that has bridged this whole network, so it is easy to disbelieve his opinion.) But maybe he knows that Mikrotik can't perform BGP in the same way that other routers can. So here's the question. Is there something about running BGP on a Mikrotik platform that precludes having the internet connections come in at different locations? Sincerely, Lorell Hathcock OfficeConnect.net | 832-665-3400 x101 (o) | 832-782-4656 (c) 713-992-2343 (f) | lor...@officeconnect.net Texas State Security Contractor License | ONSSI Certified Channel Partner Axis Communications Channel Partner | BICSI Corporate Member Leviton Authorized Installer
Cogent outage yesterday
All: Does anyone know anything about a Cogent outage yesterday? Thanks, Lorell Hathcock
RE: Cogent outage yesterday
Thanks for the responses to my query. Here's what happened to my network. On 3/17/2010 in the morning Central Time in Houston we started having issues connecting to parts of the rest of the world on an intermittent basis. We were troubleshooting our own equipment for quite some time and did not realize that Cogent was having routing/peering issues with Time Warner (Telecom?). Apparently it was an issue that was supposed to have started 3/17/2010 at 9:00am Central Time and effected Houston and Dallas, Texas, USA and stopped around 1:00pm CT on the same day. But my experience was that the outage was not resolved until 3/18/2010 at 3:00pm CT (or so). The Cogent ticket # on the issue was HD2113436. Thanks, Lorell Hathcock
Recommendations for router with routed copper gig-e ports?
All: I'm involved in a project where we are cutting over a WISP from being a single broadcast domain into the grownup real world of routing between tower nodes. Of course the equipment is all Mikrotik and the single broadcast domain was easy to implement, so that's why it was done this way. My problem on the redesign is I want to provide routed, copper gig-e ports at a reasonable price per port. My thought is to provide one copper gig-e port for all of the APs at a tower and a copper gig-e port for each backhaul to other towers (typically 2 to 4). On the core nodes, I want to have one fiber gig-e port for the internet connection. BGP would be implemented on the routers that connect to the internet. OSPF would be implemented on all of the backhaul ports. So number of routed, copper gig-e ports at each tower would be: 1 - AP network (need suggestion for cost effective gig-e switch) 2 to 4 - back haul ports 1 - internet port (on one out of every 4 towers or so) (and most likely fiber instead of copper) Does anyone have any suggestions? Sincerely, Lorell Hathcock OfficeConnect.net | 832-665-3400 x101 (o) | 713-992-2343 (f) | lor...@officeconnect.net Texas State Security Contractor License | ONSSI Certified Channel Partner Axis Communications Channel Partner | BICSI Corporate Member Leviton Authorized Installer
Recommend DSLAM for Apartment Bldg
All: I've got access to the copper pairs in an apartment building of approximately 800 units. I'd like to get a modest, functional, scalable, affordable DSLAM. My WAN connection is an ethernet handoff. I've been looking at the Adtran 1100F and 1200F with 1148 modules. http://www.adtran.com/web/page/portal/Adtran/group/3451 http://www.adtran.com/web/page/portal/Adtran/group/3453 Once I reach the top capacity of these (4 x 48 = 192) , I could just start again with another 1100 or 1200 shelf and go on up from there. Any recommendations? Also, can anyone recommend an outsourced tech support group that speaks Korean and Chinese? Sincerely, Lorell Hathcock OfficeConnect.net | 832-665-3400 x101 (o) | 713-992-2343 (f) | lor...@officeconnect.net Texas State Security Contractor License | ONSSI Certified Channel Partner Axis Communications Channel Partner | BICSI Corporate Member Leviton Authorized Installer
RE: Does Internet Speed Vary by Season?
Having worked in Operations at various ISPs in rain-riddled Houston for 1.5 decades, I can say that when it rains, water gets into the copper lines in the ground and caused increased copper-based local loop failures. That experience leaves me open to believe that where the internet backbone is copper based, when it rains, failures may ensue due to old or improperly installed outside plant and could cause failures which would slow down the internet. I would also conjecture that more people would be on line during bad weather, so that internet usage would increase and perhaps over-wrought links (copper or otherwise) could have some congestion. Finally, in those places where the internet is experienced through wireless links, some may see weather related slow downs. On Oct 9, 2009, at 5:38 PM, Dragos Ruiu wrote: Well, since it's been documented that internet speed / usage varies with the weather (it gets faster when it's sunny, slower when it rains) I'm sure some seasonal correlation could be found. Could you point to the documentation? I having trouble with language that sounds like one concept and I suspect is in fact another. Take as one example the basic digital signaling hierarchy. The specifications call for a certain rate plus or minus some number of parts per million. If they are within tolerance, the amount that they would speed up or slow down is measured in a pretty small number of bits per second. So I don't think the speed of the links is materially changing. If on the other hand we are discussing the volume of traffic using that available capacity, it is absolutely clear that there are diurnal, weekly, and seasonal variations as well as growth in time. Are we talking about bit rate, which one might expect to be modified by environmental characteristics and is in fact very tightly controlled to prevent that, or traffic volume?
Wireless (Cell Phone) Interconnection Agreements and Equipment
I know this is off-topic, but can someone push me toward cell phone wireless interconnect lists or groups? Sincerely, Lorell Hathcock OfficeConnect.net | 832-665-3400 (o) | 713-992-2343 (f) | lor...@officeconnect.net ocbannerjoomla ONSSI Certified Channel Partner C1731 Axis Communications Channel Partner | BICSI Corporate Member Leviton Authorized Installer, Strategic Partner Program image001.jpg
RE: Are we really this helpless? (Re: isprime DOS in progress)
Every time I see a post like the one below on this list, I can't help but feel like big brother has infiltrated the list. There's no mess like the ones government will create for you. Lorell -Original Message- From: David Conrad [mailto:d...@virtualized.org] Sent: Friday, January 23, 2009 11:06 PM To: Danny McPherson Cc: NANOG list Subject: Re: Are we really this helpless? (Re: isprime DOS in progress) On Jan 23, 2009, at 8:53 PM, Danny McPherson wrote: You missed one.. Step 4: enable BCP 38 or similar ingress source address spoofing mitigation mechanism on all customer ingress interfaces ... No more excuses, people.. Sad fact is that there are zillions of excuses. Unfortunately I suspect the only way we're going to make any progress on this will be for laws to be passed (or lawsuits to be filed) that impose a financial penalty on ISPs through which these attacks propagate. Regards, -drc No virus found in this incoming message. Checked by AVG - http://www.avg.com Version: 8.0.176 / Virus Database: 270.10.12/1911 - Release Date: 1/23/2009 7:28 AM
RE: Telecom Collapse?
The classic problem of the ILECs is that they have a government backed monopoly on the local loops everywhere and they leverage that monopoly to compete with companies that don't have government backing. For my $0.02,there are two good options. 1. Eliminate the FCC Universal Service/Coverage funds and let that farmer pay the full rates for connecting his hog barn. (If we had pursued this option years ago, wireless would be much more mature and ubiquitous by now.) 2. Have the government meddle with the ILECs... er, ILEC (singular) and divide the local loops into a different company that provides a platform for selling standardized products and services at wholesale rates to all CLECs. This resulting company would not be allowed to sell to end users just registered CLECs. I hate government created monopolies. It is obvious to the rest of the world that the US does not follow our own principles of democracy. (More correctly it should be termed a republic). With corporate commercial welfare rampant, the free market does not exist. Lorell Hathcock -Original Message- From: Frank Bulk [mailto:[EMAIL PROTECTED] Sent: Thursday, December 04, 2008 3:10 PM To: 'Chris Adams'; nanog@nanog.org Subject: RE: Telecom Collapse? The ILEC is the carrier of last resort. The wireless carrier doesn't have to build coverage everywhere. They don't need to serve that hog barn that requires a 10,000 feet copper loop while playing $17/month. The problem is that whether the take rate for POTS is 75% or 95%, the ILEC still needs to maintain the plant, and capital expenses to maintain the plant are a killer. Either the FCC needs to release ILECs from their coverage obligations so that they can do what CLECs have done and build to the most profitable areas, or subsidize the plant for both POTS and broadband services. Frank
hosted PBX/VOIP thru VPN?
All: My customer wants to try to improve performance to his ATAs by creating a VPN from his network to the VOIP provider's network through the internet. I have to admit, the idea caught me flat footed. At the outset, it seems like we would want to do it just to improve security for end users. However, my customer wants it because he thinks it will improve performance (i.e. voice quality). We are suffering from poor VOIP quality due to the Sprint / Cogent depeering and subsequent squirming by our vendors. The only reason I can think that VOIP thru a VPN would help is that *perhaps* routers in the middle on ASNs I have no control over *may* prioritize VPN traffic higher than regular traffic. They opposite could also be true. Specifically the ASNs in the middle are Level 3, Sprint and Time Warner. Thoughts? Should I try to dissuade him from this if performance is his main motivator? Thanks! Sincerely, Lorell Hathcock OfficeConnect.net | 832-665-3400 (o) | 713-992-2343 (f) | [EMAIL PROTECTED] ocbannerjoomla image001.jpg
RE: Sprint Depeering Timeframe
All: I am trying to help a small ISP/cable operator in south Texas with VOIP customers. They are having VOIP problems and have been for about three to four weeks. A traceroute from the end users location reveals that their ATAs traverse Sprint's network on their way to the hosted VOIP provider. Working with providers at both ends provides reveals a willingness to point fingers at the IXC providers (Sprint and Level 3) Sprint and Level 3 have examined traceroutes and they have are satisfied that their networks aren't to blame. I'm looking for a smoking gun and the Sprint depeering could fit the crime if the timeline works out. When did Sprint depeer? If this is at the root cause of the problem and I think it could be if the time lines match when the VOIP problems started, then it would fall under the category of why a routine roll out of hosted PBX / VOIP is a bad idea. It would help me point the customer towards a more secure solution of a SIP Trunk with transit specifically purchased from the VOIP provider to the cable head end where the CMTS resides. Thanks! Sincerely, Lorell Hathcock OfficeConnect.net | 832-665-3400 (o) | 713-992-2343 (f) | [EMAIL PROTECTED] ocbannerjoomla image001.jpg
Level 3 Sprintlink contacts needed
All: I need some help from Sprint and Level 3 network operators. Please contact me off list. Thanks! Lorell Hathcock
RE: Level3 tries cell-phone style billing scam on customers
I saw the same kinds of behavior from WorldCom years before their collapse. I was the technical manager at a small ISP in Houston and was presented with the WorldCom invoices and was shocked to find 20% per month in phony charges. 2.5% is a far cry from 20% but that 20% had to start somewhere. Lorell -Original Message- From: Patrick Giagnocavo [mailto:[EMAIL PROTECTED] Sent: Thursday, July 31, 2008 10:47 AM To: nanog@nanog.org Subject: Level3 tries cell-phone style billing scam on customers Today I looked at my most recent bill from Level3. They are now assessing a 2.5% surcharge, which is listed as Taxes on the bandwidth bill I have. In the state of PA, telecoms services are explicitly not taxable. When you call Level3 billing, they admit in their recorded message it is not a tax at all, but a surcharge, and if you want to dispute it you are supposed to quote back their own contract terms to them via email (i.e. you cannot reach a human). I would expect this kind of scamminess from Verizon's cell-phone billing, but a contract is a contract and I can see no provision for arbitrarily tacking on fees, illegally labeling them as taxes and then putting the onus on you to prove that they can't charge you. Anyone else seeing this same behavior from Level3? (It seems that the larger a telecom company gets, the more they want to act like a scum-sucking ILEC.) --Patrick