RE: China Showdown Huawei vs ZTE

[STARNES, CURTIS via NANOG]

-Original Message-
>From: NANOG  On Behalf Of Saku Ytti
>Sent: Tuesday, April 24, 2018 11:59 AM
>To: Naslund, Steve 
>Cc: nanog@nanog.org
>Subject: Re: China Showdown Huawei vs ZTE

>On 24 April 2018 at 19:50, Naslund, Steve  wrote:

>> Easy one, what law is the company incorporated under?  Nothing against the 
>> Chinese companies (some of their stuff is really great), but it is 
>> admittedly hard to separate China's military industrial complex from their 
>> >communications suppliers.  I can understand other countries not wanting 
>> critical infrastructure under their software control given that the Chinese 
>> government has been very active in industrial espionage.  It is not that a 
>> US >company cannot be compromised but I think they might at least be held 
>> accountable (by their markets) when they get caught.

>I'm sure all these companies have legal entities in all countries the operate 
>in. So Huawei in US is US company and Huawei products bought in US from US 
>Huawei are good,. but bad when bought from Huawei China?


> --
> ++ytti

From what I have read, any Huawei product purchases fell under scrutiny but 
after this came about Huawei announced they were going to pull out of U.S. 
markets. 
https://www.forbes.com/sites/jeanbaptiste/2018/04/19/analyst-chinas-huawei-to-quit-u-s-market/#2a0839d311cb
 

RE: China Showdown Huawei vs ZTE

[STARNES, CURTIS via NANOG]

Same for Huawei.
https://www.theverge.com/2018/3/26/17164226/fcc-proposal-huawei-zte-us-networks-national-security
https://www.forbes.com/sites/jeanbaptiste/2018/04/19/analyst-chinas-huawei-to-quit-u-s-market/#194f570211cb
https://www.nytimes.com/2018/04/17/technology/huawei-trade-war.html

I don't think I would recommend either in todays political climate.

-Original Message-
From: NANOG  On Behalf Of Suresh Ramasubramanian
Sent: Friday, April 20, 2018 7:35 AM
To: Colton Conor ; NANOG 
Subject: Re: China Showdown Huawei vs ZTE

Ah. ZTE is in a spot of trouble right about now.

http://www.scmp.com/tech/article/2142557/zte-calls-us-government-ban-extremely-unfair-vows-fight-its-rights

On 20/04/18, 5:58 PM, "NANOG on behalf of Colton Conor" 
 wrote:

Of the two large Chinese Vendors, which has the better network operating
system? Huawei is much larger that ZTE is my understanding, but larger does
not always mean better.

Both of these manufactures have switches and routers. I doubt we will use
their routing products anytime soon, but the switching products with MPLS
are what we are exploring. Price wise both of these vendors seem to have
10G MPLS capable switches that are a 1/4 of the price of a Cisco or Juniper
wants to charge.

On the Huawei side looks like the S6720 is a fit.
On the ZTE side, it looks like the ZXR10 5960 Series is a fit.

Has anyone had experience with either of these two switches? How do they
compare?

Also, for each independent brand, is their switching network operating
system the same as their routing network operating system that their
routers run?

RE: Enough about Netflix banning HE tunnels [really: IPv6 adoption]

[STARNES, CURTIS]

Just as an example in the K-12 education space; we have added 5000 Chromebooks 
in the last 12 months.
This was an end point add, not a replacement for desktops or other devices.
And each Chromebook has to be filtered for Internet content to meet CIPA 
requirements (and the Chromebook content filtering is not IPv6 compatible 
either, chalk 5000 more devices to the dynamic NAT pool).

-Original Message-
From: valdis.kletni...@vt.edu [mailto:valdis.kletni...@vt.edu] 
Sent: Friday, June 10, 2016 2:55 PM
To: STARNES, CURTIS <curtis.star...@granburyisd.org>
Cc: nanog@nanog.org; b...@theworld.com
Subject: Re: Enough about Netflix banning HE tunnels [really: IPv6 adoption]

On Fri, 10 Jun 2016 19:39:38 -0000, "STARNES, CURTIS" said:
> - Unix such as System V/BSD/Open Systems/AIX/SCO/HP-UX/Sun Solaris 
> would each rule the world.

Compare the number of Android devices (basically every single smartphone on the 
planet that doesn't say iPhone) to the number of laptops and PCs.

Factor in the explosion of Chromebooks...

And they're all Linux under the hood.

Enough about Netflix banning HE tunnels [really: IPv6 adoption]

[STARNES, CURTIS]

NANOG members;

First things first - PLEASE NOTE: This is just an opinion from one old IT guy 
who used to have to use a dial-up connection from a small town in central Texas 
to connect to my "ISP" (term used loosely for the very early 1990's) in Dallas, 
Oklahoma City, and sometimes Shreveport, LA with my trusty Slackware box (with 
its screaming i386 processor/2MB RAM and 900 BAUD modem) just to get my 
FidoNet/UUCP email fix (just for those of us who remember the old "bang path" 
email via UUCP!) via UUNet. This passion grew into running multi-node Wildcat! 
BBS systems in early 1992 to small ISP's in the mid-1990's until which time my 
Southwestern Bell phone bills and customer churn killed this hobby quick and I 
had to turn to a full time IT professional to feed the family.

As the Internet continues to grow exponentially with the explosion of the IoT 
movement, let's see how every one's IPv4 boxes connect to an IPv6 only network 
(or their refrigerator) without the support of the IT community such as NANOG 
members to mangle the packets and push their packets through some sort of IPv4 
to IPv6 transitional technology.

This thread is really getting on my nerves and old eyes as it fills my mailbox 
daily and I am sure I am not the only one.

Between the content providers that are complaining about there is not enough 
IPv6 traffic to justify the migration, vendors pushing products that do not 
support IPv6, to the carriers that do not support dual stack to the last mile 
customer, then the end-user that you hear saying "IPvWht?" on the end of 
the phone; it is up to us, the network engineers, network administrators, 
"Packet Pushers", and whatever title is bestowed upon us, to just make it work. 
That is what I hear day in and day out; "The sales team said it could be done 
so what is the problem? Get if fixed or we will find someone who can!" and I am 
in the public education space!

I feel for the network engineers, NOC operators, and cable/fiber teams of our 
great nation.

Just as an FYI: I remember when IPv4 was a "Fad" and took patience of Job (the 
biblical Job, not job) just to get the Win32's loaded on Windows 3.1 so it 
would handle a 32-bit address. This is not including the mastery of the AT 
commands that Trumpet Winsock required since each manufacturer put their own 
spin in their interpretation of what AT command should do what (I still can 
remember what "squeals and tones" were negotiating at what speed and the 
occasional nightmare that ATZ & AT just sit there with a blank terminal and 
silent modem).

Netflix can ban and block all they want.
Carriers can complain "Streaming media is using too much bandwidth", never mind 
that each and every one pays for transit bandwidth, even public schools!

We must remember our technology history;
- Ma Bell said that they were too big to be broken up
- IBM would always be king
- Unix such as System V/BSD/Open Systems/AIX/SCO/HP-UX/Sun Solaris would each 
rule the world.
- and my personal favorite - "No one would want to own a personal PC!"

Bottom line, whether we keep pushing onward with what we have, IPv4 and IPv6 or 
we adopt another protocol to replace the archaic IPv4.
The Layer 1-7 technologies which we all work with daily, were never designed 
with security as the primary concern when RFC 675 was created in 1974 by the 
Network Working Group with Vince Cerf and others.
I do not think Vince Cerf and the other members of the Network Working Group 
had Cryptolocker, Ransomware,  on his mind when TCP/IP was "born" from this RFC.

We must keep pressing onward and pushing the envelope of our segment of the 
modern and some not so modern Internet.
Where would we be without the Vince Cerf's, Steve Job's, Bill Gates', Paul 
Allen's, DARPA, US Military, the fiber tech's that run, fuse, and terminate 
miles of fiber while others sleep, the network techs, net admins, programmers, 
and too many others to mention. Where would and would there be IPv4, IPv6, or 
an Internet at all.

Whether we are doing this as our jobs or as a hobby, driven out of passion for 
technology.
We owe the next generation(s) the benefit of our best work so that they have to 
opportunity to do their best as well.

Thank you NANOG community for the platform for me to express this 
rant/reflections; and the freedoms our country provides so I can do so freely.

Curtis Starnes
Senior Network Administrator
Granbury Independent School District
Granbury, Texas
IEEE Member since 2012

(Just for the record, these are my opinions and ramblings/rants, not my 
employers)


-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of b...@theworld.com
Sent: Friday, June 10, 2016 1:13 PM
To: Karl Auer 
Cc: nanog@nanog.org
Subject: Re: Netflix banning HE tunnels [really: IPv6 adoption]


This is sort of whacky.

IPv4 was so successful, let's say post 1990, because it got people from nothing 
to internet or as some say Internet.

IPv6 cannot 

RE: syslog server

[STARNES, CURTIS]

+1 on Graylog

-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of David Hubbard
Sent: Tuesday, June 07, 2016 2:02 AM
To: Maximino Velazquez ; nanog@nanog.org
Subject: Re: syslog server

https://www.graylog.org/

On 6/6/16, 4:59 PM, "NANOG on behalf of Maximino Velazquez" 
 wrote:

>Hi nanog community
>
>I need help !!
>
>What is the best syslog server  (opensource)?
>
>Thanks for your help
>
>Regards.
>
>-- 
>
>
>
>Max Velazquez |

RE: ISP License in the USA?

[STARNES, CURTIS]

I've got it! Send $25,000 and I will print you a shiny new license to hang on 
the wall!


Curtis Starnes
Senior Network Administrator
Granbury ISD
600 W. Bridge St. Ste. 40
Granbury, Texas  76048
(817) 408-4104
(817) 408-4126 Fax
curtis.star...@granburyisd.org
www.granburyisd.org 
 
 

OPEN RECORDS NOTICE: This email and responses may be subject to Texas Open 
Records laws and may be disclosed to the public upon request. 



-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Wayne Bouchard
Sent: Tuesday, May 31, 2016 2:15 PM
To: Dustin Jurman 
Cc: North American Network Operators' Group 
Subject: Re: ISP License in the USA?

Well, now you're talking tax ID or, rather, a general license to operate a 
commercial enterprise, not a specific license related to ISPs.

On Tue, May 31, 2016 at 07:05:29PM +, Dustin Jurman wrote:
> Local Business License.
> 
> Dustin
> 
> 
> 
> -Original Message-
> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Dennis 
> Burgess
> Sent: Tuesday, May 31, 2016 2:53 PM
> To: North American Network Operators' Group 
> Subject: RE: ISP License in the USA?
> 
> I would suggest getting a new consultant .. :)
> 
> Possible Acronyms
> 
> College of Arts and Letters (Missouri State University; Springfield, MO)  
> Cartridge Overall Length (shooting)
> Client Object Access Layer
> Circle of Acro Lovers
> Columbus Ohio Area Local
> Consolidated Operational Activities List Customer Order Acceptance List
> Common Operational Activities List (US Navy)  
> Chance of a Lifetime (raffle)
> 
> Lol got me!   There is nothing that I know of that you have to "license" to 
> become a ISP in the US of A. . You do have to fill out Form 477 twice a year. 
> :)  
> 
> 
> www.linktechs.net - 314-735-0270 x103 - dmburg...@linktechs.net
> 
> -Original Message-
> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Lorell 
> Hathcock
> Sent: Tuesday, May 31, 2016 1:14 PM
> To: 'NANOG list' 
> Subject: ISP License in the USA?
> 
> NANOG:
> 
>  
> 
> Our owner has hired a consultant who insists that we should have an 
> ISP license to operate in the United States.  (Like they have in other 
> countries like Germany and in Africa where he has extensive personal 
> experience.)
> 
>  
> 
> I am asking him to tell me which license we should have because I don't know 
> of a license that we are required to have to route IP traffic to end 
> customers.
> 
>  
> 
> I am familiar with CLEC status filed with our state.  But it is not a 
> requirement to pass traffic.
> 
>  
> 
> He is suggesting COALS with which I am completely unfamiliar.
> 
>  
> 
> Can anyone tell me if there is a Texas state and/or USA Federal license for a 
> small operator to pass IP traffic from the internet to end users (commercial 
> and/or residential).
> 
>  
> 
> I am aware that there are some CALEA requirements of ISPs that seem to kick 
> in once a CALEA request is made, but is that different from a license.
> 
>  
> 
> Thanks,
> 
>  
> 
> Lorell Hathcock
> 
>  
> 
>  
> 
>  
> 
>  
> 
>  
> 
> 

---
Wayne Bouchard
w...@typo.org
Network Dude
http://www.typo.org/~web/

RE: ISP License in the USA?

[STARNES, CURTIS]

Maybe the consultant is confusing "licensing" with IP address allocations from 
ARIN.


Curtis Starnes
Senior Network Administrator
Granbury ISD
600 W. Bridge St. Ste. 40
Granbury, Texas  76048
(817) 408-4104
(817) 408-4126 Fax
curtis.star...@granburyisd.org
www.granburyisd.org 
 
 

OPEN RECORDS NOTICE: This email and responses may be subject to Texas Open 
Records laws and may be disclosed to the public upon request. 




-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Miles Fidelman
Sent: Tuesday, May 31, 2016 2:06 PM
To: nanog@nanog.org
Subject: Re: ISP License in the USA?

On 5/31/16 2:53 PM, Dennis Burgess wrote:

> I would suggest getting a new consultant .. :)
>
What Dennis said.

> Lol got me!   There is nothing that I know of that you have to "license" to 
> become a ISP in the US of A. . You do have to fill out Form 477 twice a year. 
> :)

But only if you provide:
- facilities-based broadband services, and/or,
- provide wired or fixed wireless local exchange telephone service
- provide interconnected VoIP service
- provide facilities based wireless telephony (see 
https://transition.fcc.gov/form477/WhoMustFileForm477.pdf)

If you provide basic dial-up services, or wireless Internet over unlicensed 
channels - there's no licensing requirement whatever.

As Dennis said - first get a new consultant.  Look for one who can work through 
your service model - what you're going to be selling, to whom, using what 
technology(ies) - and work from there to whatever licenses (if any) that you 
require.

Miles Fidelman

--
In theory, there is no difference between theory and practice.
In practice, there is.   Yogi Berra

RE: ISP License in the USA?

[STARNES, CURTIS]

+1 on the SPIN, when we file our e-Rate form 470 and form 471's each year with 
USAC, we have to provide our carrier's SPIN on these forms.

Curtis Starnes
Senior Network Administrator
Granbury ISD
600 W. Bridge St. Ste. 40
Granbury, Texas  76048
(817) 408-4104
(817) 408-4126 Fax
curtis.star...@granburyisd.org
www.granburyisd.org 
 
 

OPEN RECORDS NOTICE: This email and responses may be subject to Texas Open 
Records laws and may be disclosed to the public upon request. 




-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Ray Orsini
Sent: Tuesday, May 31, 2016 1:32 PM
To: Dan White ; Lorell Hathcock 
Cc: NANOG list 
Subject: RE: ISP License in the USA?

Just to clarify. You don't need a SPIN (e-rate Service Provider Identification 
Number) to provide service to those entities. You only need a SPIN to qualify 
for USF/USAC funding for those entities. If they want to pay full price (which 
some do) you don't need the SPIN. Applying for a SPIN is extremely easy. 
Applying for e-rate funding, on the other hand, is usually best done via a 
consultant. Thankfully that's the customer's problem, not yours.

Regards,
Ray Orsini – CEO
Orsini IT, LLC – Technology Consultants
VOICE DATA  BANDWIDTH  SECURITY  SUPPORT
P: 305.967.6756 x1009   E: r...@orsiniit.com   TF: 844.OIT.VOIP
7900 NW 155th Street, Suite 103, Miami Lakes, FL 33016 http://www.orsiniit.com 
| View My Calendar | View/Pay Your Invoices | View Your Tickets



-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Dan White
Sent: Tuesday, May 31, 2016 2:25 PM
To: Lorell Hathcock 
Cc: 'NANOG list' 
Subject: Re: ISP License in the USA?

Not familiar with the process, but look at E-rate if you want to provide 
service to schools, libraries and health providers.

On 05/31/16 13:14 -0500, Lorell Hathcock wrote:
>NANOG:
>
>Our owner has hired a consultant who insists that we should have an ISP 
>license to operate in the United States.  (Like they have in other 
>countries like Germany and in Africa where he has extensive personal
>experience.)
>
>I am asking him to tell me which license we should have because I don't 
>know of a license that we are required to have to route IP traffic to 
>end customers.
>
>I am familiar with CLEC status filed with our state.  But it is not a 
>requirement to pass traffic.
>
>He is suggesting COALS with which I am completely unfamiliar.
>
>Can anyone tell me if there is a Texas state and/or USA Federal license 
>for a small operator to pass IP traffic from the internet to end users 
>(commercial and/or residential).
>
>I am aware that there are some CALEA requirements of ISPs that seem to 
>kick in once a CALEA request is made, but is that different from a license.

--
Dan White
BTC Broadband

RE: ISP License in the USA?

[STARNES, CURTIS]

E-Rate is more of a "discounted" rate process than a license.
I work for a mid-sized school district and apply for and are granted E-Rate 
funding every year.
So from the end user stand point not as a transit ISP, E-Rate would not apply.

Curtis Starnes
Senior Network Administrator
Granbury ISD
600 W. Bridge St. Ste. 40
Granbury, Texas  76048
(817) 408-4104
(817) 408-4126 Fax
curtis.star...@granburyisd.org
www.granburyisd.org 
 
 

OPEN RECORDS NOTICE: This email and responses may be subject to Texas Open 
Records laws and may be disclosed to the public upon request. 



-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Dan White
Sent: Tuesday, May 31, 2016 1:25 PM
To: Lorell Hathcock 
Cc: 'NANOG list' 
Subject: Re: ISP License in the USA?

Not familiar with the process, but look at E-rate if you want to provide 
service to schools, libraries and health providers.

On 05/31/16 13:14 -0500, Lorell Hathcock wrote:
>NANOG:
>
>Our owner has hired a consultant who insists that we should have an ISP 
>license to operate in the United States.  (Like they have in other 
>countries like Germany and in Africa where he has extensive personal 
>experience.)
>
>I am asking him to tell me which license we should have because I don't 
>know of a license that we are required to have to route IP traffic to 
>end customers.
>
>I am familiar with CLEC status filed with our state.  But it is not a 
>requirement to pass traffic.
>
>He is suggesting COALS with which I am completely unfamiliar.
>
>Can anyone tell me if there is a Texas state and/or USA Federal license 
>for a small operator to pass IP traffic from the internet to end users 
>(commercial and/or residential).
>
>I am aware that there are some CALEA requirements of ISPs that seem to 
>kick in once a CALEA request is made, but is that different from a license.

--
Dan White
BTC Broadband

RE: DataCenter color-coding cabling schema

[STARNES, CURTIS]

Good point, never looked at it that way, but I have had techs before that would 
cut anything they thought was data and sometimes even when they knew it was not.
I guess it was Beer:30 time to them :-\

Curtis

From: Aaron C. de Bruyn [mailto:aa...@heyaaron.com]
Sent: Monday, March 21, 2016 2:45 PM
To: STARNES, CURTIS <curtis.star...@granburyisd.org>
Cc: Owen DeLong <o...@delong.com>; Yardiel Fuentes <yard...@gmail.com>; 
nanog@nanog.org
Subject: Re: DataCenter color-coding cabling schema

That's a good reason to use it.  Who would cut it?  ;)

-A

On Mon, Mar 21, 2016 at 8:53 AM, STARNES, CURTIS 
<curtis.star...@granburyisd.org<mailto:curtis.star...@granburyisd.org>> wrote:
Just to throw it out there but I always try not to use RED cable.
Normally, RED wire in any building is dedicated as FIRE system cabling.


Curtis Starnes
Senior Network Administrator
Granbury ISD
600 W. Bridge St. Ste. 40
Granbury, Texas  76048
(817) 408-4104<tel:%28817%29%20408-4104>
(817) 408-4126<tel:%28817%29%20408-4126> Fax
curtis.star...@granburyisd.org<mailto:curtis.star...@granburyisd.org>
www.granburyisd.org<http://www.granburyisd.org>



OPEN RECORDS NOTICE: This email and responses may be subject to Texas Open 
Records laws and may be disclosed to the public upon request.



-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org<mailto:nanog-boun...@nanog.org>] On 
Behalf Of Owen DeLong
Sent: Sunday, March 13, 2016 7:10 PM
To: Yardiel Fuentes <yard...@gmail.com<mailto:yard...@gmail.com>>
Cc: nanog@nanog.org<mailto:nanog@nanog.org>
Subject: Re: DataCenter color-coding cabling schema

I don’t know of any universal standards, but I’ve used the following in several 
installatins I was responsible for to good avail:

Twisted Pair:

RED:Untrusted Network (Internet or possibly DMZ)
YELLOW: Optional for DMZ networks though I preferred to avoid documented in [1] 
below
BLUE:   Trusted Network (back-end, internal, etc.)
GREEN:  RS-232 straight-thru
PURPLE: RS-232 X-Over (effectively Null Modem) 12345678 <-> 87654321 pin map.
ORANGE: Ethernet X-Over (Best avoided documented in [2] below)
GREY:   Special purpose cabling not in one of the above categories

Fiber:
Orange — Multimode Fiber
Yellow — Singlemode Fiber

The absolute most useful thing you can do if you can impose the discipline to 
update the cable map rigorously and/or allocate manpower for periodic audits is 
to apply a unique serial number to each cable. I preferred to document not only 
the cable ID, but also the length. For the installations where I have worked, 5 
digits was sufficient unique ID, so I used formats like I-L[.L] where I 
was a unique ID and L.L was the length of the cable in feet. (e.g. 00123-6.5 is 
cable number 123 which is 6.5 feet in length).

The labels are (ideally) the self-laminating wrap-around types. I prefer the 
Brady labeling system which will automatically print 2-4 (depending on font 
size) instances of the label text on the self-laminating label such that it can 
be read from virtually any side of the cable without requiring you to rotate 
the label into view in most cases.

The Brady labeling system is a bit overpriced compared to the Brother P-Touch, 
but the expanded capabilities and the quality of the label adhesives and such 
is, IMHO, sufficiently superior to justify the cost.

Whatever you do, please do not use Flag labels on cables… I HATE THEM. They are 
a constant source of entanglement and snags. They often get knocked off as a 
result or mangled beyond recognition, rendering them useless.

Similarly, I’ve found that circuit-ID and end-point labels on cables are often 
ill-maintained, so if you do use them, please make sure you remove them when 
the cable is moved/removed.

The length is very useful because it gives you a radius within which the other 
end of the cable must be located and you can usually expect it to be reasonably 
close to the outer edge of that radius.

More than a few times I’ve prevented a serious outage by giving the port number 
to the remote hands guy and then insisting that he read me the cable ID. “No, 
try the other port FE-0/2/4… You’re off by one. It’s above/left/right/below 
you.”

[1] I prefer to avoid Yellow cables because some people have trouble 
understanding that Yellow Fiber and Yellow UTP might have different meanings. I 
also feel that the distinction between UNTRUSTED and DMZ networks is usually 
not all that important in most cabling situations. YMMV.

[2] In this era of Auto-MDI/MDI-X ports and the like, it’s very rare to 
encounter a situation that truly requires a crossover cable with no viable 
alternative. If such is needed, I prefer to document it on the cable tags 
rather than using a special color code. Again, you have the risk of people not 
understanding that orange Fiber might not mean what Orange copper means. YMMV

Yes, I know you can now get virtually any type o

RE: DataCenter color-coding cabling schema

[STARNES, CURTIS]

Just to throw it out there but I always try not to use RED cable.
Normally, RED wire in any building is dedicated as FIRE system cabling.


Curtis Starnes
Senior Network Administrator
Granbury ISD
600 W. Bridge St. Ste. 40
Granbury, Texas  76048
(817) 408-4104
(817) 408-4126 Fax
curtis.star...@granburyisd.org
www.granburyisd.org 
 
 

OPEN RECORDS NOTICE: This email and responses may be subject to Texas Open 
Records laws and may be disclosed to the public upon request. 



-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Owen DeLong
Sent: Sunday, March 13, 2016 7:10 PM
To: Yardiel Fuentes 
Cc: nanog@nanog.org
Subject: Re: DataCenter color-coding cabling schema

I don’t know of any universal standards, but I’ve used the following in several 
installatins I was responsible for to good avail:

Twisted Pair:

RED:Untrusted Network (Internet or possibly DMZ)
YELLOW: Optional for DMZ networks though I preferred to avoid documented in [1] 
below
BLUE:   Trusted Network (back-end, internal, etc.)
GREEN:  RS-232 straight-thru
PURPLE: RS-232 X-Over (effectively Null Modem) 12345678 <-> 87654321 pin map.
ORANGE: Ethernet X-Over (Best avoided documented in [2] below)
GREY:   Special purpose cabling not in one of the above categories

Fiber:
Orange — Multimode Fiber
Yellow — Singlemode Fiber

The absolute most useful thing you can do if you can impose the discipline to 
update the cable map rigorously and/or allocate manpower for periodic audits is 
to apply a unique serial number to each cable. I preferred to document not only 
the cable ID, but also the length. For the installations where I have worked, 5 
digits was sufficient unique ID, so I used formats like I-L[.L] where I 
was a unique ID and L.L was the length of the cable in feet. (e.g. 00123-6.5 is 
cable number 123 which is 6.5 feet in length).

The labels are (ideally) the self-laminating wrap-around types. I prefer the 
Brady labeling system which will automatically print 2-4 (depending on font 
size) instances of the label text on the self-laminating label such that it can 
be read from virtually any side of the cable without requiring you to rotate 
the label into view in most cases.

The Brady labeling system is a bit overpriced compared to the Brother P-Touch, 
but the expanded capabilities and the quality of the label adhesives and such 
is, IMHO, sufficiently superior to justify the cost.

Whatever you do, please do not use Flag labels on cables… I HATE THEM. They are 
a constant source of entanglement and snags. They often get knocked off as a 
result or mangled beyond recognition, rendering them useless.

Similarly, I’ve found that circuit-ID and end-point labels on cables are often 
ill-maintained, so if you do use them, please make sure you remove them when 
the cable is moved/removed.

The length is very useful because it gives you a radius within which the other 
end of the cable must be located and you can usually expect it to be reasonably 
close to the outer edge of that radius.

More than a few times I’ve prevented a serious outage by giving the port number 
to the remote hands guy and then insisting that he read me the cable ID. “No, 
try the other port FE-0/2/4… You’re off by one. It’s above/left/right/below 
you.”

[1] I prefer to avoid Yellow cables because some people have trouble 
understanding that Yellow Fiber and Yellow UTP might have different meanings. I 
also feel that the distinction between UNTRUSTED and DMZ networks is usually 
not all that important in most cabling situations. YMMV.

[2] In this era of Auto-MDI/MDI-X ports and the like, it’s very rare to 
encounter a situation that truly requires a crossover cable with no viable 
alternative. If such is needed, I prefer to document it on the cable tags 
rather than using a special color code. Again, you have the risk of people not 
understanding that orange Fiber might not mean what Orange copper means. YMMV

Yes, I know you can now get virtually any type of fiber in virtually any color, 
but the simple fact of the matter remains that when you send skippy out to buy 
emergency jumpers or such, you’re most likely going to either get orange 
multimode or yellow singlemode and that’s just the way it is.

Owen

> On Mar 12, 2016, at 11:11 , Yardiel Fuentes  wrote:
> 
> Hello Nanog-ers,
> 
> Have any of you had the option or; conversely, do you know of “best 
> practices" or “common standards”,  to color code physical cabling for 
> your connections in DataCenters for Base-T and FX connections? If so, 
> Could you share  any ttype of color-coding schema you are aware of ?…. 
> Yes, this is actually considering paying for customized color-coded 
> cabling in a Data Center...
> 
> Mr. Google did not really provide me with relevant answers on the 
> above… beyond the typical (Orange is for MMF, yellow for SMF, etc)…
> 
> Any reasons for or against it welcome too...
> 
> --
> Yardiel Fuentes

RE: Windows 10 Release

[STARNES, CURTIS]

Not sure about distributing but I would think it would be ok since it is an ISO 
for upgrading and the site says if it is a new installation a product key would 
be needed.

Curtis

-Original Message-
From: Martin Hotze [mailto:m.ho...@hotze.com] 
Sent: Thursday, July 30, 2015 8:17 AM
To: STARNES, CURTIS curtis.star...@granburyisd.org; nanog@nanog.org
Subject: RE: Windows 10 Release

 From: STARNES, CURTIS [mailto:curtis.star...@granburyisd.org]


 https://www.microsoft.com/en-us/software-download/windows10 is the 
 download URL.
 This site launches the Download Tool so the ISO can be downloaded from 
 Microsoft.

Yeah, I know. But is it allowed to redistribute the .iso File(s)? Might help to 
save downloading some GB ...

martin

RE: Windows 10 Release

[STARNES, CURTIS]

https://www.microsoft.com/en-us/software-download/windows10 is the download URL.
This site launches the Download Tool so the ISO can be downloaded from 
Microsoft.

Curtis

-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Martin Hotze
Sent: Thursday, July 30, 2015 7:11 AM
To: nanog@nanog.org
Subject: Re: Windows 10 Release

 From: Joe Greco jgr...@ns.sol.net
 Subject: Re: Windows 10 Release
 
  You can download an ISO and burn it to install... Guessing if your 
  upgrading multiple machines, that would be the way to go...
 
 You don't even need to burn it to install.  Just mount the ISO and run 
 setup.exe

I've searched, but have not found anything about it:
Are you allowed to redistribute the .iso to the open public?

If yes, this might save some smaller networks some bandwidth.

Martin

RE: Windows 10 Release

[STARNES, CURTIS]

I see that everyone can download Windows 10 this morning!
There goes my bandwidth.

https://www.microsoft.com/en-us/software-download/windows10

Curtis

-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Justin Mckillican
Sent: Tuesday, July 28, 2015 3:49 PM
To: n...@flhsi.com; nanog@nanog.org list
Subject: Re: Windows 10 Release

For upgraders I believe only 5 million 'Insiders' that tested Windows 10 will 
get it tomorrow.   The rest of the free upgraders (those from Win7 and Win8) 
will get it over the next two weeks at different times with the priority going 
to those that 'reserved' it in Windows Update tool.


-justin

 On Jul 28, 2015, at 4:45 PM, Nick Olsen n...@flhsi.com wrote:
 
 Anyone anxious to see what kind of traffic comes from Windows 10 releasing 
 tomorrow?
 
 Being a 3-4GB download. Each device is moving more data than any Apple 
 update ever did.
 
 Wonder if they'll stage the release as apple appeared to have learned 
 after IOS7 hammered a bunch of networks. 
 
 Nick Olsen
 Network Operations  (855) FLSPEED  x106
 

RE: Credit to Digital Ocean for ipv6 offering

[STARNES, CURTIS]

On 18 June 2014 19:05, Daniel Ankers md1...@md1clv.comreplied:

-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Daniel Ankers
Sent: Wednesday, June 18, 2014 6:37 PM
To: Owen DeLong; nanog@nanog.org list
Subject: Re: Credit to Digital Ocean for ipv6 offering

On 18 June 2014 19:05, Owen DeLong o...@delong.com wrote: 

 OTOH, it's far better than those ridiculous providers that are 
 screwing over their customers with /56s or even worse, /60s.

 Sad, really.

 Owen


Is giving a /56 to residential customers REALLY screwing them over?

It may be a failure of imagination on my part, but I'm struggling to come up 
with use cases for the home which would take up even 10% of the networks 
available in a /56.  And if the vast, vast majority of home users will never 
come close to needing the whole of a /56 then I don't see why every home 
should be given a /48.

Dan


I have to agree with Dan on this one,
Look at the numbers (especially for small to mid-sized business and 
residential):

/56 = 256 /64's subnets
/60 = 16 /64's subnets
http://www.sixscape.com/joomla/sixscape/index.php/ipv6-training-certification/ipv6-forum-official-certification/ipv6-forum-network-engineer-silver/network-engineer-silver-ipv6-subnetting/ipv6-subnetting-general-subnetting

At 18,446,744,073,709,551,616 per /64, that is a lot of address.
Right now I cannot get IPv6 at home so I will take getting screwed with a /56 
or /60 and be estatic about it.

Curtis

RE: Level 3 BGP Advertisements

[STARNES, CURTIS]

Sorry for the top post...

Not necessarily a Level 3 problem but;

We are announcing our /19 network as one block via BGP through ATT, not broken 
up into smaller announcements.
Earlier in the year I started receiving complaints that some of our client 
systems were having problems connecting to different web sites.
After much troubleshooting I noticed that in every instance the xlate in our 
Cisco ASA for the client's IP last octet was either a 0 or 255.
Since I am announcing our network as a /19, the subnet mask is 255.255.224.0, 
that would make our network address x.x.192.0 and the broadcast x.x.223.255.
So somewhere the /24 boundary addresses were being dropped.

Just curious if anyone else has seen this before.

-Original Message-
From: William Herrin [mailto:b...@herrin.us] 
Sent: Wednesday, August 29, 2012 3:36 PM
To: n...@flhsi.com
Cc: nanog@nanog.org
Subject: Re: Level 3 BGP Advertisements

On Wed, Aug 29, 2012 at 3:28 PM, Nick Olsen n...@flhsi.com wrote:
 In practice, We've always advertised our space all the way down to 
 /24's but also the aggregate block (the /20 or the /21). Just so there 
 was still reachability to our network in the event that someone made 
 the foolish mistake of filtering lets say prefixes smaller /23...

 Anyways, I've always thought that was standard practice.

That's very poor practice. Each announcements costs *other people* the better 
part of $10k per year. Be polite with other peoples' money. If the /24 shares 
the exact same routing policy as the covering route, announce only the covering 
route.

For all the good it'll do you, you can break it out to /24's when and if 
someone mis-announces one of your address blocks. Competing announcements of 
the /24 still won't leave you with correct connectivity. If anything, putting 
the /24 announcement in ahead of time will delay your detection of the problem 
by causing a partial failure instead of a total one.


 I noticed that while the /24's made it out to the world. The larger 
 counterparts (2 /21's and a /20) did not. So, I start sniffing around. 
 Find that I do indeed see the prefixes in Level 3's looking glass but 
 they aren't handing it off to peers. So, Naturally, I land on this 
 being some kind of prefix filtering issue and open a ticket with Level 
 3. They tell me this is standard practice. And If I want to see the 
 /20 or /21's make it out to the rest of the world, I need to stop sending the 
 /24's.

 Does this sound normal?

That's insane. Assuming you're authorized to announce that address space, Level 
3 should be propagating your announcements exactly as you make them. As only 
one of your peers, they're in no position to understand the traffic engineering 
behind your announcement choices.
If they are acting as you say, they are dead wrong to do so.

Regards,
Bill Herrin



--
William D. Herrin  her...@dirtside.com  b...@herrin.us
3005 Crane Dr. .. Web: http://bill.herrin.us/ Falls 
Church, VA 22042-3004

RE: Cisco Smartnet for 6509E Line Cards

[STARNES, CURTIS]

That is the way I understood it in the past but:
I recently priced a new 10G blade for our 6509 and was quoted Smartnet for it.
I asked about if it was covered under the chassis Smartnet and was told that 
line cards were not covered.
I do know that I have replaced the supervisor card before under the Smartnet 
contract on the chassis.
My understanding now is that the chassis, supervisor card, fan trays, and power 
supplies are covered by the chassis Smarnet.
Any line cards added need to be covered with their own Smartnet contract.

If anyone knows better, please let us (me in particular) know.
I work in the K-12 educational market and right now the Smarnet on the chassis 
runs about 30% of what the chassis costs (bare chassis without sup, fans, and 
power supplies).
If the sup, fan trays and powers supplies are not covered then that is a steep 
price to pay for a bare chassis. I could buy another chassis and put on the 
shelf and it would be cheaper since the chassis itself would have to be abused 
badly to need replacing.

If the chassis, supervisor, fans, and power supplies are covered under the 
chassis contract then the pricing on the chassis contract makes sense.

Curtis

-Original Message-
From: david peahi [mailto:davidpe...@gmail.com] 
Sent: Wednesday, June 20, 2012 12:02 AM
To: nanog@nanog.org
Subject: Cisco Smartnet for 6509E Line Cards

Can anyone comment on Cisco 6509E Smartnet chassis coverage? In the past, 
chassis has always meant, not just the passive chassis itself, but all of the 
components including supervisor cards, line cards, power supplies, fan trays, 
etc. Now it appears that Cisco is requiring Smartnet coverage on line cards in 
addition to the chassis.
My understanding is that Smartnet functioned much like insurance policies, 
where Cisco collected maintenance contract fees year after year, but the 
devices were generally so reliable that the collected Smartnet fees always far 
exceeded the dollar amount required to replace failed components.

Regards,

David

RE: Article: IPv6 host scanning attacks

[STARNES, CURTIS]

It seems I saw that title came through an article somewhere but I have a slight 
problem with stating that Vast IPv6 address space actually enables IPv6 
attacks.

Going from an IPv4 32 bit address space to a IPv6 128 bit address space like 
you mentioned in the article would be a tedious effort to scan.

But you also make the following assumptions:
Quote
A number of options are available for selecting the Interface ID (the 
low-order 64 bits of an IPv6 address), including:
.Embed the MAC address;
.Employ low-byte addresses;
.Embed the IPv4 address;
.Use a wordy address;
.Use a privacy or temporary address;
.Rely on a transition or coexistence technology.
 
Unfortunately, each of these options reduces the potential search 
space, making IPv6 host-scanning attacks easier and potentially more successful.
End Quote

That sounds fine and dandy but in reality, Internet facing IPv6 native or 
dual-stack systems that are installed with any security forethought at all 
would not embed any of these options with the exception of the last one 
(transitional or coexistence) only if forced to do so.

I agree that some IPv6 addresses are set up to have catchy names, but why set 
up hundreds or even thousands of IPv6 addresses with IPv6 addresses that you 
try to remember like we did with IPv4?

I will also concede that Microsoft has not helped with issuing multiple IPv6 
addresses using privacy settings even if a static IPv6 address is set.

In general, I just don't agree with your conclusions, and with proper IPv6 
firewall rules, the network should still be as secure as the IPv4 systems.  Not 
more insecure just because they run an IPv6 stack.


Curtis

-Original Message-
From: Dave Hart [mailto:daveh...@gmail.com] 
Sent: Wednesday, June 13, 2012 12:29 PM
To: Fernando Gont
Cc: NANOG
Subject: Re: Article: IPv6 host scanning attacks

On Wed, Jun 13, 2012 at 6:52 AM, Fernando Gont ferna...@gont.com.ar wrote:
 Folks,

 TechTarget has published an article I've authored for them, entitled
 Analysis: Vast IPv6 address space actually enables IPv6 attacks.

 The aforementioned article is available at:
 http://searchsecurity.techtarget.com/tip/Analysis-Vast-IPv6-address-s
 pace-actually-enables-IPv6-attacks

published and available are misleading at best.  The article is teased with 
a sentence and a half, truncated by a demand for an email address with tiny 
legalese mentioning a privacy policy and terms of use that undoubtedly would 
take far longer to read than Gont's valuable content.

 (FWIW, it's a human-readable version  of the IETF Internet-Draft I 
 published a month ago or so about IPv6 host scanning (see:
 http://tools.ietf.org/html/draft-gont-opsec-ipv6-host-scanning))

I guess I'll take a look at this to see what you're smoking.

 You can get news about this sort of stuff by following @SI6Networks 
 on Twitter.

news in quotes is appropriate given it's really eyeball harvesting for 
marketing purposes.

Cheers,
Dave Hart

RE: CBT Nuggets streaming account

[STARNES, CURTIS]

Yea, I know.
The one aspect of the whole thing is memorizing a brain dump is one thing; 
troubleshooting and fixing the problem with a supervisor screaming down your 
neck is another.
Without the hands on experience, the memorizing of the brain dumps will show 
up real fast in a NOC!

I was asked one time how long it took to learn networking, simple answer:
How it is supposed to work, not very long; what can go wrong and how to 
troubleshoot and correct the issue(s), a whole lot longer.

Curtis

-Original Message-
From: Tom Hill [mailto:t...@ninjabadger.net] 
Sent: Monday, June 11, 2012 5:42 PM
To: nanog@nanog.org
Subject: Re: CBT Nuggets streaming account

On 11/06/12 22:15, STARNES, CURTIS wrote:
 There is a reason Cisco certs are not considered Paper Mill Certs
 and that you have to recertify every few years to keep up with new 
 equipment and technologies. That is what our community DOESN'T need, 
 Cisco certs that are looked upon like lot of the other manufacturer 
 certification courses.

Too late, sorry. Every man and his dog has downloaded PASS4SURE and memorised 
the answers to pass the exams. You can do this once every three years, no 
problem.

Sure, those candidates will be absolutely useless, but that doesn't stop the 
dilution of CCNA/CCNP certs in the market.

What will it do? It'll make the CCIE more important. What have Cisco done about 
it? Oh, they released a more prestigious, more expensive cert, didn't they? :)


Tom

RE: CBT Nuggets streaming account

[STARNES, CURTIS]

There is a reason Cisco certs are not considered Paper Mill Certs and that 
you have to recertify every few years to keep up with new equipment and 
technologies.
That is what our community DOESN'T need, Cisco certs that are looked upon like 
lot of the other manufacturer certification courses.

Do the CBTNuggets route and try a hands on exam and see how far it will get you.

Curtis

-Original Message-
From: Jonathan Rogers [mailto:quantumf...@gmail.com] 
Sent: Monday, June 11, 2012 4:06 PM
To: Garrett Skjelstad
Cc: nanog@nanog.org
Subject: Re: CBT Nuggets streaming account

GNS3 is completely insufficient for CCNP-level training and labs. You will need 
actual equipment. Fortunately, it has gotten a lot cheaper over the past few 
years and you don't need the latest and greatest. Check out Wendell Odom's 
website for tips.

Also we have a CBTNuggets account at my company and I was unimpressed with 
their Cisco coverage, but that may be a matter of taste.

Just my $0.02...as a CCNA working towards MY CCNP.

--jono

On Mon, Jun 11, 2012 at 4:56 PM, Garrett Skjelstad garr...@skjelstad.orgwrote:

 Don't spam the list looking for black market copies of training material.
 Use GNS3 and design your own labs and google the test topics. Plzkthx.

 Sent from my iPhone

 On Jun 11, 2012, at 12:30, Ryan Burtch rburt...@gmail.com wrote:

  Could someone contact me off list if you have a CBT Nuggets 
  streaming account and would be willing to help me in working towards my 
  CCNP?

RE: Need (to acquire or sell) IPv4? Come to SpaceMarket.

[STARNES, CURTIS]

I thought the 10.0.0.0/8 was mine.
I was going to sell some of it!

Curtis

-Original Message-
From: Robert Hajime Lanning [mailto:lann...@lanning.cc] 
Sent: Wednesday, May 30, 2012 5:51 PM
To: nanog@nanog.org
Subject: Re: Need (to acquire or sell) IPv4? Come to SpaceMarket.

Can I trade in my class A? (10/8)

On 05/29/12 17:43, The SpaceMarket wrote:
 IPv4 is not going away as quickly as many would like.  Most realistic 
 observations show IPv4 will still be the numbering scheme most widely 
 deployed and utilized for the next decade.  This due mainly to peers 
 and providers whom have not deployed IPv6 and ISP end-users, which 
 continue to use, antiquated operating systems.

 SpaceMarket provides a platform for entities to acquire additional 
 resources that find themselves deficient, and a platform for those 
 with excess/unused resources to monetize their valuable resources.

 Our platform is safe, secure and confidential.

 Buyers and sellers can rest assured that their trades will be executed 
 without a hitch (no hijacked network ranges or scammers) as each 
 network allocation available has been thoroughly investigated and 
 tested (we’re either announcing or have announced the networks 
 available for an extended period of time), and upon request by either 
 the buyer or seller, SpaceMarket will serve as an escrow agent for the 
 transaction.

 Currently (as of this writing), there we have just over
 150,000 addresses available for immediate use. This may seem like a 
 low number, but allocations are listed and acquired daily using our 
 automated system—we don’t have to be involved in your transaction. In 
 order to provide our services without hassle and confidentially, we 
 provide access to our trading platform via Tor (as a Tor Hidden 
 Service).  This allows our members to connect freely and without worry 
 as to who may be monitoring your online activities or visitors to our 
 site.  Additionally, access to the site is restricted to active 
 members of our trading community.

 For more information on our service, site URL or membership please 
 e-mail us at spacemar...@tormail.org.  We look forward to assisting 
 you with your IPv4 needs! Please use our public key (below) when 
 corresponding via E-mail.  Don’t forget to send us yours!

--
Mr. Flibble
King of the Potato People

RE: Need (to acquire or sell) IPv4? Come to SpaceMarket.

[STARNES, CURTIS]

I guess I will just have to settle for selling my 224.0.0.0/24 :-

-Original Message-
From: STARNES, CURTIS [mailto:curtis.star...@granburyisd.org] 
Sent: Wednesday, May 30, 2012 9:41 PM
To: 'lann...@lanning.cc'; nanog@nanog.org
Subject: RE: Need (to acquire or sell) IPv4? Come to SpaceMarket.

I thought the 10.0.0.0/8 was mine.
I was going to sell some of it!

Curtis

-Original Message-
From: Robert Hajime Lanning [mailto:lann...@lanning.cc]
Sent: Wednesday, May 30, 2012 5:51 PM
To: nanog@nanog.org
Subject: Re: Need (to acquire or sell) IPv4? Come to SpaceMarket.

Can I trade in my class A? (10/8)

On 05/29/12 17:43, The SpaceMarket wrote:
 IPv4 is not going away as quickly as many would like.  Most realistic 
 observations show IPv4 will still be the numbering scheme most widely 
 deployed and utilized for the next decade.  This due mainly to peers 
 and providers whom have not deployed IPv6 and ISP end-users, which 
 continue to use, antiquated operating systems.

 SpaceMarket provides a platform for entities to acquire additional 
 resources that find themselves deficient, and a platform for those 
 with excess/unused resources to monetize their valuable resources.

 Our platform is safe, secure and confidential.

 Buyers and sellers can rest assured that their trades will be executed 
 without a hitch (no hijacked network ranges or scammers) as each 
 network allocation available has been thoroughly investigated and 
 tested (we’re either announcing or have announced the networks 
 available for an extended period of time), and upon request by either 
 the buyer or seller, SpaceMarket will serve as an escrow agent for the 
 transaction.

 Currently (as of this writing), there we have just over
 150,000 addresses available for immediate use. This may seem like a 
 low number, but allocations are listed and acquired daily using our 
 automated system—we don’t have to be involved in your transaction. In 
 order to provide our services without hassle and confidentially, we 
 provide access to our trading platform via Tor (as a Tor Hidden 
 Service).  This allows our members to connect freely and without worry 
 as to who may be monitoring your online activities or visitors to our 
 site.  Additionally, access to the site is restricted to active 
 members of our trading community.

 For more information on our service, site URL or membership please 
 e-mail us at spacemar...@tormail.org.  We look forward to assisting 
 you with your IPv4 needs! Please use our public key (below) when 
 corresponding via E-mail.  Don’t forget to send us yours!

--
Mr. Flibble
King of the Potato People

RE: Bogon list update for prefix for 5.1.0.0/19

[STARNES, CURTIS]

No problems tracing from AS19945.
Robex.com shows 5.1.0.0/19 belonging to AS21219

Ran traceroute, mtr, and windows pathping.
No problems with any of them.

# traceroute -A 5.1.1.1
traceroute to 5.1.1.1 (5.1.1.1), 30 hops max, 60 byte packets
1st 3 hops snipped
4  cr83.dlstx.ip.att.net (12.122.139.50) [AS7018]  8.743 ms  8.755 ms  8.748 ms
 5  cr1.dlstx.ip.att.net (12.123.18.110) [AS7018]  8.792 ms  8.800 ms  8.784 ms
 6  gar25.dlstx.ip.att.net (12.122.85.233) [AS7018]  5.941 ms 192.205.32.178 
(192.205.32.178) [*]  5.524 ms  5.377 ms
 7  64.211.193.22 (64.211.193.22) [AS3549]  161.212 ms  162.769 ms  196.734 ms
 8  5-1-1-1-dynamic.retail.datagroup.ua (5.1.1.1) [AS21219]  162.187 ms  
160.830 ms  161.757 ms

My traceroute  [v0.75]
TEC-MAILSCAN-DMZ.granbury.k12.tx.us (0.0.0.0)   
 Tue May 29 16:30:56 2012
Keys:  Help   Display mode   Restart statistics   Order of fields   quit
 
Packets   Pings
 Host  
Loss%   Snt   Last   Avg  Best  Wrst StDev
1st 2 hops snipped 
 3. cr83.dlstx.ip.att.net  0.0%   200
6.0   6.4   5.2  40.6   2.5
 4. cr1.dlstx.ip.att.net0.0%   200
9.1   8.6   5.4  50.8   4.2
 5. gar25.dlstx.ip.att.net   0.0%   2005.0  
 5.3   4.7  15.9   0.9
 6. 192.205.32.1780.0%   186
5.1  18.3   5.0 195.7  35.7
 7. 64.211.193.22  0.0%   186  
184.4 170.3 159.4 254.3  14.3
 8. 5-1-1-1-dynamic.retail.datagroup.ua0.0%   186  187.5 167.1 159.5 189.2  
 7.1


C:\Windows\System32pathping 5.1.1.1

Tracing route to 5-1-1-1-dynamic.retail.datagroup.ua [5.1.1.1]
over a maximum of 30 hops:
1st 3 hops removed.
  4  cr84.dlstx.ip.att.net [12.122.138.54]
  5  cr2.dlstx.ip.att.net [12.123.18.250]
  6  gar27.dlstx.ip.att.net [12.123.16.77]
  7  192.205.34.82
  8  64.211.193.22
  9  5-1-1-1-dynamic.retail.datagroup.ua [5.1.1.1]

Computing statistics for 225 seconds...
Source to Here   This Node/Link
Hop  RTTLost/Sent = Pct  Lost/Sent = Pct  Address
1st 3 hops removed.
  4  --- 100/ 100 =100%   100/ 100 =100%  cr84.dlstx.ip.att.net 
[12.122.138.54]0/ 100 =  0%   |
  5  --- 100/ 100 =100%   100/ 100 =100%  cr2.dlstx.ip.att.net 
[12.123.18.250]  0/ 100 =  0%   |
  6  --- 100/ 100 =100%   100/ 100 =100%  gar27.dlstx.ip.att.net 
[12.123.16.77]   0/ 100 =  0%   |
  7  --- 100/ 100 =100%   100/ 100 =100%  192.205.34.82 
  0/ 100 =  0%   |
  8  191ms 2/ 100 =  2% 2/ 100 =  2%  64.211.193.22 
  0/ 100 =  0%   |
  9  191ms 0/ 100 =  0% 0/ 100 =  0%  
5-1-1-1-dynamic.retail.datagroup.ua [5.1.1.1]


Curtis

-Original Message-
From: Grant Ridder [mailto:shortdudey...@gmail.com] 
Sent: Tuesday, May 29, 2012 4:02 PM
To: valdis.kletni...@vt.edu
Cc: Paul Cupis; nanog@nanog.org
Subject: Re: Bogon list update for prefix for 5.1.0.0/19

I did a tracert from my school's network on TWC:

~
Tracing route to 5-1-1-1-dynamic.retail.datagroup.ua [5.1.1.1] over a maximum 
of 30 hops:

  5 1 ms 1 ms 1 ms  esc033.escriptconnect.com [64.132.85.33]
  6 4 ms 4 ms 4 ms  chi2-pr1-xe-0-3-0-0.us.twtelecom.net[66.192.245
.166]
  7   140 ms   139 ms   139 ms  64.211.193.22
  8   140 ms   140 ms   140 ms  5-1-1-1-dynamic.retail.datagroup.ua[5.1.1.1]

Trace complete.
~

Hop 7 is owned by Level 3.  Hope this helps.

-Grant

On Tue, May 29, 2012 at 3:53 PM, valdis.kletni...@vt.edu wrote:

 On Tue, 29 May 2012 20:45:51 +0100, Paul Cupis said:
  On 28/05/12 22:19, Seth Mattinen wrote:
   On 5/28/12 6:31 AM, Evgeniy Aikashev wrote:
   We are AS21219 - PJSC Datagroup and owner of 5.1.0.0/19 block. 
   Our
 customers have no access to some part of Internet if they use these IPs.
   Could you please update your bogon filters to permit this range.
  
   Do you have a test IP address that can be pinged or traceroute to?
 
  5.1.1.1 works for me (ping/traceroute), from AS35228.

 Given the allegations of squatting in 5/8, are you sure you got the
 *right* 5.1.1.1?

RE: ATT and IPv6 Launch

[STARNES, CURTIS]

-Original Message-
From: Jeff Hartley [mailto:intensifysecur...@gmail.com] 
Sent: Thursday, January 26, 2012 4:04 PM
To: NANOG list
Subject: Re: ATT and IPv6 Launch

Chris Chase gave a good presentation on this subject in ~November.

Here's the abstract, quoted from:
http://gogonet.gogo6.com/profile/ChrisChase

|
|     Posted by Chris Chase on October 28, 2011 at 5:59pm
|     Send Message   View Blog
|
| IPv6 service at ATT.
|
| ATT has dual stack service available for its enterprise ISP
| service (some speed/feeds/footprint issues are still being
| filled out). Fall 2011 ATT is conducting internal (employee)
| trials for IPv6 for ATT broadband. Expect to see IPv6 for
| legacy DSL EOY 2011 and on U-Verse 2Q2012.  I will share
|  our initial plans for deploying IPv6 for broadband using 6rd.

As an Enterprise ATT customer, I get real tired of hearing that ATT has 
dual stack services available for its enterprise customers.
This simply is not true in all cases.

Try getting a dual stack feed on a switched Ethernet circuit!
I was first told spring of 2011, then fall of 2011, and now maybe in the 4th 
quarter of 2012!

If you request it and your technical rep is savvy enough, they can get you set 
up with an ATT tunnel broker.

As an Uverse customer, the last time I talked to them the only response I 
received was IPv-what?

Oh well,

Curtis

RE: ATT and IPv6 Launch

[STARNES, CURTIS]

-Original Message-
From: Jared Mauch [mailto:ja...@puck.nether.net] 
Sent: Monday, January 23, 2012 5:52 PM
To: Jared Mauch
Cc: nanog@nanog.org Group
Subject: Re: ATT and IPv6 Launch

So i have been privately referred to att.com/ipv6 where you can find supporting 
CPE devices. 

It sounds like if you have equipment supporting ipv6 it may just appear one day 
soon. 

Jared Mauch

On Jan 23, 2012, at 2:23 PM, Jared Mauch ja...@puck.nether.net wrote:

 Is there someone who can talk about how to get IPv6 on ATT residential:?
 
 Thanks,
 
 - Jared
 
 -- snip --
 ISPs participating in World IPv6 Launch will enable IPv6 for enough users so 
 that at least 1% of their wireline residential subscribers who visit 
 participating websites will do so using IPv6 by 6 June 2012. These ISPs have 
 committed that IPv6 will be available automatically as the normal course of 
 business for a significant portion of their subscribers. Committed ISPs are:
 
• ATT
 -- snip --
 


I am still waiting for our switched Ethernet circuits (Opt-E-MAN) to be 
supported.

Curtis

RE: www.nist.gov over v6 trouble Was: Microsoft's participation in World IPv6 day

[STARNES, CURTIS]

Typical long trip via a sixxs.net tunnel.
Unlike Hurricane Electric (tunnelbroker.net), Sixxs has no US peering that I 
know of so everything has to hit overseas before returning back.

Curtis.

-Original Message-
From: Christopher Morrow [mailto:morrowc.li...@gmail.com] 
Sent: Wednesday, June 08, 2011 10:19 AM
To: David Swafford
Cc: nanog@nanog.org; do-webmas...@nist.gov
Subject: Re: www.nist.gov over v6 trouble Was: Microsoft's participation in 
World IPv6 day

On Wed, Jun 8, 2011 at 6:33 AM, David Swafford da...@davidswafford.com wrote:
 Interesting, I'm having that same issue w/ www.nist.gov this morning.  
 Front page loads fine, but all links return a 404.   Here's my tracert 
 if it
 helps:

 tracert www.nist.gov
 Tracing route to nist.gov [2610:20:6060:aa::a66b] over a maximum of 30 
 hops:
  1    1 ms    1 ms    1 ms  2001:1938:2a7::1
  2    85 ms    87 ms    84 ms  
 gw-383.phx-01.us.sixxs.net[2001:1938:81:17e::1]

phoenix, az,us

  3    92 ms    99 ms    86 ms  2001:4de0:1000:a4::1
  4    98 ms    87 ms    90 ms  
 1-3.ipv6.r1.ph.hwng.net[2001:4de0:1000:27::2]
  5   136 ms   140 ms   131 ms  
 3-2.ipv6.r1.at.hwng.net[2001:4de0:1000:15::1]
  6   167 ms   167 ms   175 ms  
 2-1.ipv6.r2.dc.hwng.net[2001:4de0:1000:7::1]

wash-dc, usa

  7   246 ms   253 ms   245 ms  
 5-4.ipv6.r2.am.hwng.net[2001:4de0:1000:5::1]

amsterdam, nl! (you seem to have bypassed NIST here...)

  8   248 ms   247 ms   247 ms  
 AMS-IX.v6.lambdanet.net[2001:7f8:1::a501:3237:1]
  9   265 ms   267 ms   265 ms  
 FRA-1-pos413.v6.lambdanet.net[2001:7f0:0:16::1]

Frankfurt, DE

  10   275 ms   268 ms   268 ms  6b1.fft4.alter.net 
 [2001:7f8::319e:0:1]

w00t! 12702! - 'lab ipv6 network in EMEA'

  11   268 ms   304 ms   271 ms  gw6.dca6.alter.net [2001:600:c:8::2]

back to DC.

  12   271 ms   271 ms   270 ms  2600:803:22f::2
  13   280 ms   272 ms   268 ms  2600:803:22f::2

2 more hops and home in bethesda... whooo! long trip!

  14   270 ms   269 ms   273 ms  2610:20:6060:aa::a66b Trace complete.

RE: Google and IPv6 inverse?

[STARNES, CURTIS]

It works from North Texas.

[cstarnes@tec-mgmt]~ host -6 ipv6.google.com
ipv6.google.com is an alias for ipv6.l.google.com.
ipv6.l.google.com has IPv6 address 2001:4860:800a::6a

[cstarnes@tec-mgmt]~ traceroute ipv6.google.com
traceroute to ipv6.google.com (2001:4860:800a::6a), 30 hops max, 40 byte 
packets1  6506-sup720.granbury.k12.tx.us (2620:101:3000:111::1)  0.731 ms  
0.793 ms  0.872 ms
 2  ipv6-rtr.granburyisd.org (2620:101:303f::1)  1.619 ms  1.662 ms  1.611 ms
 3  tunnel144.tserv1.fmt.ipv6.he.net (2001:470:1f02:90::1)  53.564 ms  53.147 
ms  53.540 ms
 4  2001:470:0:1f::1 (2001:470:0:1f::1)  53.055 ms  53.021 ms  52.996 ms
 5  10gigabitethernet1-2.core1.sjc2.he.net (2001:470:0:2f::2)  52.979 ms  
53.115 ms  53.109 ms
 6  2001:470:0:15e::2 (2001:470:0:15e::2)  53.405 ms 2001:4860:1:1:0:1b1b:0:9 
(2001:4860:1:1:0:1b1b:0:9)  52.686 ms 2001:470:0:15e::2 (2001:470:0:15e::2)  
52.511 ms
 7  2001:4860::1:0:7ea (2001:4860::1:0:7ea)  66.009 ms 2001:4860::1:0:21 
(2001:4860::1:0:21)  54.049 ms 2001:4860::1:0:7ea (2001:4860::1:0:7ea)  62.659 
ms
 8  2001:4860::8:0:2cb6 (2001:4860::8:0:2cb6)  85.601 ms 2001:4860::8:0:2cb7 
(2001:4860::8:0:2cb7)  54.416 ms 2001:4860::8:0:2cb6 (2001:4860::8:0:2cb6)  
53.600 ms
 9  2001:4860::1:0:489 (2001:4860::1:0:489)  124.579 ms 2001:4860::1:0:5db 
(2001:4860::1:0:5db)  112.969 ms  113.006 ms
10  2001:4860::2:0:a7 (2001:4860::2:0:a7)  146.322 ms  147.518 ms  115.466 ms
11  2001:4860:0:1::10b (2001:4860:0:1::10b)  112.987 ms  112.185 ms  113.447 ms
12  yx-in-x6a.1e100.net (2001:4860:800a::6a)  113.500 ms  113.493 ms  113.881 ms


Curtis

-Original Message-
From: Hank Nussbacher [mailto:h...@efes.iucc.ac.il] 
Sent: Monday, June 06, 2011 7:53 AM
To: Christopher Morrow
Cc: nanog@nanog.org
Subject: Re: Google and IPv6 inverse?

At 08:45 06/06/2011 -0400, Christopher Morrow wrote:
On Mon, Jun 6, 2011 at 1:19 AM, Hank Nussbacher h...@efes.iucc.ac.il wrote:
  Will Google have inverse working by June 8th?
 

poking the tiger some... 'why?'

Just curious.

-Hank


  [hank@noc ~]$ traceroute6 ipv6.google.com traceroute to 
  ipv6.l.google.com (2a00:1450:8001::68) from 
  2001:bf8:0:3:202:b3ff:feaf:f3fc, 30 hops max, 16 byte packets
   1  2001:bf8:0:3::1 (2001:bf8:0:3::1)  0.407 ms  221.144 ms  5.218 
  ms
   2  2001:bf8:0:b::1 (2001:bf8:0:b::1)  0.559 ms  0.54 ms  0.486 ms
   3  iucc-lb1.rt1.fra.de.geant2.net (2001:798:14:10aa::1d)  50.665
 ms  50.611
  ms  50.567 ms
   4  google-gw.rt1.fra.de.geant2.net (2001:798:14:10aa::e)  56.821
 ms  50.525
  ms  50.486 ms
   5  2001:4860::1:0:11 (2001:4860::1:0:11)  51.266 ms  51.106 ms  
  51.068 ms
   6  2001:4860::1:0:4b3 (2001:4860::1:0:4b3)  58.309 ms  58.078
 ms  58.442 ms
   7  2001:4860::8:0:2db0 (2001:4860::8:0:2db0)  57.174 ms  57.339 ms  
  57.195 ms
   8  2001:4860::2:0:66f (2001:4860::2:0:66f)  72.496 ms  60.803
 ms  72.381 ms
   9  2001:4860:0:1::1b (2001:4860:0:1::1b)  68.165 ms  62.21 ms  70.3 
  ms
  10  2a00:1450:8001::68 (2a00:1450:8001::68)  61.21 ms  61.862 ms  
  61.331 ms
 
  Thanks,
  Hank