[swinog] T-Mobile US can not reach us any idea? contact?
Hi everyone, I know there is possibly no one around here from T-Mobile US. Maybe someone has a contact to T-Mobile US that can possibly have a look into this? I've tried some official e-mail address from whois information months ago but no response. We are AS198288 and our prefix 5.34.248.0/21 has only limited reachability from / to T-Mobile US (mobile / hotspots users and t-mobile website / e-mail). It's no routing issue I guess as traceroutes / ping work. I was in the US a week ago and also had a T-Mobile 4G contract phone. Same issue, ICMP works, TCP / UDP gets blocked to 5.34.248.0/21. I actually think there are some legacy filters in place, maybe they used 5.0.0.0/8 as private addresses in the past. Anyone with an idea or a contact to T-Mobile welcome. Thank you very much. best regards Marco ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Pro / Contra Backup MX?
Hi, (did not read the whole thread here, so sorry for might saying things already said before) Backup MX is a good thing and a good service to offer for business customers (even there are many different definitions of business customer in the ISP world :)) with their own mail server. Problem, as stated before, is that it's hard for you to do full validation against spam, virus and most important recipient validation. the worst thing you can do is accepting all mail for a domain. the problem is, every customer has another type of mail server (even if there are a lot of ms exchange servers of course). so you would need a way to propagate user database from the customer server to your server in a reliable way. an easy way around this is offering an mx proxy service instead of the mx backup. that means customer domain mx goes to your server, your server does recipient validation with caching. that means on each incoming mail your server will ask the customers server (in a standard smtp dialogue) if the recipient exists and only then accepts the mail on your server. this checking results are cached and that way your server can also accept mails in the case where the customers server is off-line for a while. but as also said here before: to offer such a service you really need what you're doing, there is nothing worse than a bad configured mail server in the internet :) so if you have the possibility work with a partner which knows the technology well. greets Marco On Thu, May 24, 2012 at 6:57 PM, Viktor Steinmann st...@stony.com wrote: Heya Benoit Here's the view from a Business customer, who used to work for ISPs: - Why would business customers _need_ their ISP to operate a backup MX for them? - If the customer is multihomed, there's almost no need for this. One exception: Customer wants to catch possible misconfiguration of DNS and/or mailserver on his side. - For a non-multihomed customer, mail or Internet in general should not be *that* business critical. If the customer doesn't want to be multihomed, but still sees mail as a business critical application, I would recommend to outsource mail serivces completely (newspeak: cloud). - Is it true, that most ISP offer this kind of service? If there's a paying customer, there's a services who will provide the service. I remember that in the old days of the internet, we would implement almost every hack for customers. Nowadays, that marketing people, project managers and process designers are running ISPs, it's most probably not that common anymore... Kind regards, Viktor ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Facebook down
On Mar 8, 2012, at 4:49 PM, Peter Keel wrote: * on the Wed, Mar 07, 2012 at 05:37:06PM +0100, Marco Fretz wrote: Customer told me that there was a known bug in Plesk. Maybe there really was a botnet attack against Facebook today :) does anyone have any specific information? would be interesting. Ah, you mean THIS http://pastebin.com/AKF2qN4z That was deposited in the cgi-bin on various customer accounts of plesk-systems. Can't see any DNS-attack code in there, tough. Could be that, no idea. I fortunatley don't have access to the customer servers :). Cheers Seegras -- Those who give up essential liberties for temporary safety deserve neither liberty nor safety. -- Benjamin Franklin It's also true that those who would give up privacy for security are likely to end up with neither. -- Bruce Schneier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Facebook down
looks like its back up: dig A www.facebook.com ; DiG 9.8.1-RedHat-9.8.1-1.fc15 A www.facebook.com ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 3178 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.facebook.com. IN A ;; ANSWER SECTION: www.facebook.com. 80 IN A 69.63.190.10 ;; AUTHORITY SECTION: www.facebook.com. 82019 IN NS glb1.facebook.com. www.facebook.com. 82019 IN NS glb2.facebook.com. ;; Query time: 9 msec ;; SERVER: 172.16.101.3#53(172.16.101.3) ;; WHEN: Wed Mar 7 09:04:45 2012 ;; MSG SIZE rcvd: 88 2012/3/7 Stefan Neufeind swinog...@stefan-neufeind.de: On 03/07/2012 08:38 AM, Klaus Ethgen wrote: Am Mi den 7. Mär 2012 um 8:34 schrieb Olivier Beytrison: Same here, I already have like 30 tickets of students who complain that they can't reach facebook. Heureka, endlich hat sich jemand dessen angenommen und Gesichtsbuch vom Netz genommen. ;-) But facebook over ipv6 works correctly (https://www.v6.facebook.com/) Schade, doch nicht. Sie engagieren sich einfach aktiv für die Einführung von IPv6. #ILike IPv6-only-day at facebook :-) Grüße, Stefan ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
[swinog] Facebook down
Good morning everyone, Does anyone have an idea what happened to Facebook DNS servers? A www.facebook.com DNS queries are not answered anymore. I'm not sure but looks like the error exists since about 07:15 today. on facebookdown.com were a lot of reports from around the world, now this site is also dead (to many mysql connections, which possibly means to many users...). greets Marco ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Facebook down
Yes, https://www.v6.facebook.com/ works. The interesting thing is that there is no information on facebook about the outage. Ok maybe they think it wouln't be read anyway :D On Wed, Mar 7, 2012 at 8:34 AM, Vincent Magnin swi...@lx-soft.com wrote: Marco, You can access facebook using ipv6... Add this to your host file: 2620:0:1c18:0:face:b00c:0:2 www.facebook.com Regards, Vincent Marco Fretz marco.fr...@gmail.com a écrit : Good morning everyone, Does anyone have an idea what happened to Facebook DNS servers? A www.facebook.com DNS queries are not answered anymore. I'm not sure but looks like the error exists since about 07:15 today. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] aside from my economical warfare problems: a simple, python pexpect based cisco config archiver to SVN (not using SFTP but the CLI).
On Jan 11, 2012, at 3:55 PM, Philippe Strauss wrote: yuk must be difficult to get one single dime from a cisco config archiver :-) more seriously, I prefer a 4 pages code I can comprehend and bend at my taste. I totally agree. I'm using my own scripts (mostly shell scripts) for config backup (Cisco, Extreme and others) and only for config back-up. Archiving is done by real revision control software (SVN in my case) and diff is done by nice tools like websvn or any other common SVN client. I would never use a proprietary tool like MyConf for configuration revision control and spend money on that. I simply don't have time to use different WebGUIs for each task in my network and periodically check all the those tools if they are working properly. I can easily integrate the simple scripts into Nagios / Icinga and monitor the backups and changes. I'm planning to check out gerty as it seems promising and look like a good approach to combine and centralize some serious tasks while keeping the modularity and customization options like monitoring integration, custom revision control, etc. If anyone wants my scripts, just contact me. But it's just another hack with hardcodes stuff :-), perfectly doing its job though. regards Marco it was sent to this list when doing some housekeeping of my HDD and oohh, this one may still be usefull to someone else. Le 11 janv. 2012 à 14:34, Peter Siegrist a écrit : for a few dollars more ... take a look at the *MyConf* Cisco config backup, archive and copmpare tool at http://www.myport-tools.ch Its not using cvs or svn like rancid but using its own archive structure and in addition it has a graphical web interface. kind regards sigi Philippe Strauss wrote: code is small enough to be bende according to your taste: http://www.philou.ch/cisco-term-backup.html cheers. -- Philippe Strauss http://www.philou.ch/ ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog -- Philippe Strauss http://www.philou.ch/ ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
[swinog] IPv6 BGP unicast peers / OSPFv3 neighbors SNMP monitoring
Hi SwiNOGers, I started searching the web for a good solution on this task years ago. There was and is as far I can tell no actual SNMP MIB for monitoring IPv6 BGP and OSPFv3. The only thing that could be a solution is this already expired IETF draft http://tools.ietf.or/html/draft-ietf-idr-bgp4-mibv2-10 Can anyone give me an idea of how you are monitoring your IPv6 BGP peers and OSPFv3 neighbors (stuff like Status, prefixes, etc..)? Thanks a lot, best regards Marco ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] IPv6 BGP unicast peers / OSPFv3 neighbors SNMP monitoring
Thanks for the answers. Maybe I've to clarify that I need this for Cisco only at the moment. So can I take this as a there is no working snmp mib / implementation yet? It's somehow a shame that Cisco has IPv6 routing protocols working for years and no working snmp (even not a proprietary) solution yet. Please correct me if I'm wrong. I'll have a look at gerty, sounds promising, also for other applications, but I'm still looking for an snmp solution because it's just ugly to use console commands (in whatever way) to query simple counters and status information when you already have the whole network monitored and graphed by snmp. Marco On Fri, Feb 3, 2012 at 10:01 AM, Jeroen Massar jer...@unfix.org wrote: On 2012-02-03 09:29 , Marco Fretz wrote: Hi SwiNOGers, I started searching the web for a good solution on this task years ago. There was and is as far I can tell no actual SNMP MIB for monitoring IPv6 BGP and OSPFv3. The only thing that could be a solution is this already expired IETF draft http://tools.ietf.or/html/draft-ietf-idr-bgp4-mibv2-10 Can anyone give me an idea of how you are monitoring your IPv6 BGP peers and OSPFv3 neighbors (stuff like Status, prefixes, etc..)? Depending on the device, telnet/ssh into it, execute the relevant 'show bgp neigh' command and use that. Not ideal and one has to do this generally for a variety of things, but it avoids this weird thing called SNMP ;) Greets, Jeroen ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] IPv6 BGP unicast peers / OSPFv3 neighbors SNMP monitoring
On Fri, Feb 3, 2012 at 3:42 PM, Stanislav Sinyagin ssinya...@yahoo.com wrote: BGP peering information (ipv6 and 32-bit ASN) is simply not available via SNMP -- on both Cisco and Juniper. okay I see. That confirms my suspicion :) Thanks. So, you end up with CLI parsing if you really need that. Why should someone don't need to monitor IPv6? You simply have to if your services and customers depend on IPv6. With Junipers, there's also an XML interface which is easier to process and is more reliable (with Cisco CLI, linebreaks are sometimes a pain). IOS XR also provides an XML interface, but I never had a chance to check if BGP peering information is in there. So I guess I'll write or search for a CLI to SNMP or CLI to cacti / icinga script that does the job. Maybe gerty can help here... If anyone has similar scripts laying around please post it if possible. Also I would welcome a few more ideas and examples of how other ISPs do that... Thanks have a nice weekend Marco From: Marco Fretz marco.fr...@gmail.com To: swinog@lists.swinog.ch Sent: Friday, February 3, 2012 2:58 PM Subject: Re: [swinog] IPv6 BGP unicast peers / OSPFv3 neighbors SNMP monitoring Thanks for the answers. Maybe I've to clarify that I need this for Cisco only at the moment. So can I take this as a there is no working snmp mib / implementation yet? It's somehow a shame that Cisco has IPv6 routing protocols working for years and no working snmp (even not a proprietary) solution yet. Please correct me if I'm wrong. I'll have a look at gerty, sounds promising, also for other applications, but I'm still looking for an snmp solution because it's just ugly to use console commands (in whatever way) to query simple counters and status information when you already have the whole network monitored and graphed by snmp. Marco On Fri, Feb 3, 2012 at 10:01 AM, Jeroen Massar jer...@unfix.org wrote: On 2012-02-03 09:29 , Marco Fretz wrote: Hi SwiNOGers, I started searching the web for a good solution on this task years ago. There was and is as far I can tell no actual SNMP MIB for monitoring IPv6 BGP and OSPFv3. The only thing that could be a solution is this already expired IETF draft http://tools.ietf.or/html/draft-ietf-idr-bgp4-mibv2-10 Can anyone give me an idea of how you are monitoring your IPv6 BGP peers and OSPFv3 neighbors (stuff like Status, prefixes, etc..)? Depending on the device, telnet/ssh into it, execute the relevant 'show bgp neigh' command and use that. Not ideal and one has to do this generally for a variety of things, but it avoids this weird thing called SNMP ;) Greets, Jeroen ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Suche Cisco 7206VRX
Hallo zusammen, Danke für die zahlreichen Angebote. Wir haben nun einen Router gekauft. Falls wir noch mehr brauchen, melde ich mich dann gerne nochmals. Schöne Feiertage, Gruss Marco 2011/12/12 Marco Fretz marco.fr...@gmail.com: Hallo zusammen, Ich bin auf der Suche nach einem günstigen, gebrauchten Cisco 7206VXR mit NPE-G1 oder G2 oder einem ähnlichen Router, brauche einfach 2-3 x 1GE und 0.5-1GB RAM. Falls jemand was rumliegen hat und loswerden will, macht mir doch bitte kurz ein Angebot. Abholung Ostschweiz, Zurich, etc. wäre möglich. Danke und schöne Grüsse Marco ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
[swinog] Suche Cisco 7206VRX
Hallo zusammen, Ich bin auf der Suche nach einem günstigen, gebrauchten Cisco 7206VXR mit NPE-G1 oder G2 oder einem ähnlichen Router, brauche einfach 2-3 x 1GE und 0.5-1GB RAM. Falls jemand was rumliegen hat und loswerden will, macht mir doch bitte kurz ein Angebot. Abholung Ostschweiz, Zurich, etc. wäre möglich. Danke und schöne Grüsse Marco ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
[swinog] kyberna AG is hiring a IT-System-Engineer Network / Datacenter
Hi, kyberna AG is hiring a IT-System-Engineer Network Datacenter (m/w), Office in Vaduz, Liechtenstein. http://www.kyberna.com/no_cache/kyberna-allgemein/aktuelles/aktuelles-single-ansicht/article/165/1.html (German only) regards Marco ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Anti-virus solution for Linux mail server
Hi, Another thing to defend incoming viruses is to use greylising (what you should do anyway :-)). Greylisting catches mostly every virus mail sent out of bot nets (that's where viruses usually come from). We're using amavisd-new as pre-queue filter with spamassassin and clamAV. we didn't get any viruses in our own mailboxes yet and no complains about viruses in the 5000 customer mailboxes so far (1.5 years). regards marco On Fri, Mar 4, 2011 at 8:42 AM, Jean-Pierre Schwickerath swi...@hilotec.net wrote: Hi Philip What other solutions are small hosting providers using next to ClamAV? What are you using? Back in the time Vexira hat a per-domain-Licence for its Vexira Antivirus for Mail Server (VAMS) which was quite competitive compared to other solutions that billed you per mailbox. Maybe it's worth a try. Regards Jean-Pierre -- HILOTEC Engineering + Consulting AG - Langnau im Emmental Energietechnik und Datensysteme: Server, PCs, Linux, Telefonanlagen, VOIP, Hosting, Datenbanken, Entwicklung, Komplettlösungen für KMUs Tel: +41 34 402 74 00 - http://www.hilotec.com/ ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Port 25 Blockade @ Swisscom (Bluewin)
Hi SwiNOG subscribers, Hi Swisscom, As written in SMTP RFCs a mailserver sending to a mailserver should use port 25 and a client sending to a mailserver (submitting a composed message) should use submission port 587. So far the approach in general is a good one, but just the approach, the swisscom solution is quite bad. In my opinion an internet service provider must not start filtering traffic from his internet access customers without notifying the customer about doing so. Why not? because it's not the provider's decision whether traffics is bad or not , as Jeroen Massar already said. What's next? Filtering all http because some websites might could be bad or unattractive? That's really not the way it should be guys! An SMTP error message with a description about what and why it's happening is not a notification to the customer. Normal end-users use to ignore error messages and click them away. Which is normally not the case with correct bounce messages, but a error-message from MITM transparent proxies is displayed directly in Outlook. If Swisscom would have sent a letter or e-Mail stating that they will start filtering ALL e-Mails send from any user and that the user has the choice to disable the service then it would possibly be fine. back to the technical part: I think filtering e-mails (via mail proxies, etc.) at the source (especially in dial-in networks) is not the right way to stop spam. There are lot more virus-/trojan infected hosts in the internet than mail receiving mails servers. Therefore the effort to stop spam that way is much higher. Using selective greylisting on inbound mail servers takes care about spam originating in dial-in networks without causing any nameable load on the mail server. And please, don't tell me that greylisting is delaying e-mails. Good (selective, dynamic) greylisting is learning and does only affect e-mails from hosts with a bad or missing reverse lookup and these messages are surely spam anyway. So what should Swisscom do? Either inform your customers that you're content filtering all their e-mails or shutdown your MITM proxies, fully block outgoing port 25 to any excluding your swisscom mailrelays and inform your customers to use submission port if they use another mail service provider. Start filtering outgoing mail (post queue) on your relay servers. I would not be surprised if Swisscom ends up in newspapers or online magazines with this story ;-) best regards, Marco On Mon, Mar 8, 2010 at 1:16 PM, steven.glog...@swisscom.com wrote: Hi everyone To officially talk about the mail problems on port 25 with swisscom dsl I would like to give you some (technical) information. We had several needs to stop spam from our network: - We're receiving about 30'000-100'000 abuse complaints per month (contains multiple reports per case) - Mail filtering on our infrastructure (our mail servers) are only catching 20% of all spam sent from swisscom dsl - 80% is sent directly from the customer lines. (source: http://www.maawg.org/port25) - About 60% to over 90% of all mails sent over residential customer lines are identified as spam. This is more than 10 millions spam emails per day (~375 terabytes per year) The impacts are clear: - Spam generates a quite high amount of cost within Swisscom (money, personal, time, storage, data, etc.) - Our reputation is getting bad - We might get listed on blacklists (- impact on legimite traffic) - Customers are getting blocked (e.g. in sandbox) and are not happy therefore (most of the customers are not realizing, that they are sending spam, because they are virus-/trojan-infected) So, what we did and what are we doing? We currently ran a pilot. The productive rollout which will affect all customers will start this week and will take around 2 months until all customers are migrated. Only (ex-)bluewin customers with dynamic adsl-lines will be affected. Swisscom has published an official statement on http://www.swisscom.ch/p25 and modifies the error-message sent to the customer which will be more clearer. The pilot showed very clearly that this countermeasure is very effectful in stopping outgoing spam. Going to the technical part: We're running a transparent proxy on port 25 (smtp) which gets communication from any customer to any port 25 (Layer 4 redirect feature). The proxy is analyzing the email and if it detects that spam has been sent he will reject the connection by issuing an error message to the customer (the mailclient will notice: smtp-error). If the mail is a normal and legitimate email - no problem: mail will be sent. We will even insert a received-from: line in the header. If a bot/trojan is trying to send emails, the customer will not notice. There are no mails beeing stored on the filter server. All decisions are made on-the-fly. Customers, which are virus-affected are handled by the standard abuse process which we have in place (inform,
Re: [swinog] Port 25 Blockade @ Swisscom (Bluewin)
Hi SwiNOG subscribers, Hi Swisscom, As written in SMTP RFCs a mailserver sending to a mailserver should use port 25 and a client sending to a mailserver (submitting a composed message) should use submission port 587. So far the approach in general is a good one, but just the approach, the swisscom solution is quite bad. In my opinion an internet service provider must not start filtering traffic from his internet access customers without notifying the customer about doing so. Why not? because it's not the provider's decision whether traffics is bad or not , as Jeroen Massar already said. What's next? Filtering all http because some websites might could be bad or unattractive? That's really not the way it should be guys! An SMTP error message with a description about what and why it's happening is not a notification to the customer. Normal end-users use to ignore error messages and click them away. Which is normally not the case with correct bounce messages, but a error-message from MITM transparent proxies is displayed directly in Outlook. If Swisscom would have sent a letter or e-Mail stating that they will start filtering ALL e-Mails send from any user and that the user has the choice to disable the service then it would possibly be fine. back to the technical part: I think filtering e-mails (via mail proxies, etc.) at the source (especially in dial-in networks) is not the right way to stop spam. There are lot more virus-/trojan infected hosts in the internet than mail receiving mails servers. Therefore the effort to stop spam that way is much higher. Using selective greylisting on inbound mail servers takes care about spam originating in dial-in networks without causing any nameable load on the mail server. And please, don't tell me that greylisting is delaying e-mails. Good (selective, dynamic) greylisting is learning and does only affect e-mails from hosts with a bad or missing reverse lookup and these messages are surely spam anyway. So what should Swisscom do? Either inform your customers that you're content filtering all their e-mails or shutdown your MITM proxies, fully block outgoing port 25 to any excluding your swisscom mailrelays and inform your customers to use submission port if they use another mail service provider. Start filtering outgoing mail (post queue) on your relay servers. I would not be surprised if Swisscom ends up in newspapers or online magazines with this story ;-) best regards, Marco On Mon, Mar 8, 2010 at 1:16 PM, steven.glog...@swisscom.com wrote: Hi everyone To officially talk about the mail problems on port 25 with swisscom dsl I would like to give you some (technical) information. We had several needs to stop spam from our network: - We're receiving about 30'000-100'000 abuse complaints per month (contains multiple reports per case) - Mail filtering on our infrastructure (our mail servers) are only catching 20% of all spam sent from swisscom dsl - 80% is sent directly from the customer lines. (source: http://www.maawg.org/port25) - About 60% to over 90% of all mails sent over residential customer lines are identified as spam. This is more than 10 millions spam emails per day (~375 terabytes per year) The impacts are clear: - Spam generates a quite high amount of cost within Swisscom (money, personal, time, storage, data, etc.) - Our reputation is getting bad - We might get listed on blacklists (- impact on legimite traffic) - Customers are getting blocked (e.g. in sandbox) and are not happy therefore (most of the customers are not realizing, that they are sending spam, because they are virus-/trojan-infected) So, what we did and what are we doing? We currently ran a pilot. The productive rollout which will affect all customers will start this week and will take around 2 months until all customers are migrated. Only (ex-)bluewin customers with dynamic adsl-lines will be affected. Swisscom has published an official statement on http://www.swisscom.ch/p25 and modifies the error-message sent to the customer which will be more clearer. The pilot showed very clearly that this countermeasure is very effectful in stopping outgoing spam. Going to the technical part: We're running a transparent proxy on port 25 (smtp) which gets communication from any customer to any port 25 (Layer 4 redirect feature). The proxy is analyzing the email and if it detects that spam has been sent he will reject the connection by issuing an error message to the customer (the mailclient will notice: smtp-error). If the mail is a normal and legitimate email - no problem: mail will be sent. We will even insert a received-from: line in the header. If a bot/trojan is trying to send emails, the customer will not notice. There are no mails beeing stored on the filter server. All decisions are made on-the-fly. Customers, which are virus-affected are handled by the standard abuse process which we have in place (inform,
[swinog] SHDSL / ADSL DSLAM
Hi there, We're looking for small IP DSLAMs for G.SHDSL(.bis) and ADSL2+. We need about 16-24 Ports in 1 Rack Unit (or a modular system), Ethernet Uplink (GE / FE), dot1q, etc. Does anyone know a suitable product that fits our requirements with a good cost-performance ratio? We are already using ZyXEL IES 1000 with modules and IES 2000 (which are no longer sold by ZyXEL). The IES 1000 with SAM-1216-22 in G.SHDSL.bis mode delivers just 16 Ports in 1 Unit (2 modules for 3900 CHF each) and is due to this to expensive. Also the IES5000 is to big and expensive for our small PoPs. Do you recommend the G.SHDSL.bis or should we stay with G.SHDSL (4096 per line)? Thanks and best regards Marco Fretz ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
[swinog] Looking for an old Dial-In Router
Hi SwiNOGers, We need an old Cisco router for dial-in access to serve 2-5 users. I want to use BRI not a PRI interface. 2 lines are enough for these max. 5 customers. solution should serve ISDN and modem users as well. I don't have much experience with dail-in access routers. Any suggestions welcome :-) Does anyone have something like this for sale? Cisco 3620 (or similar) with - Mica Modem Modules - BRI Interface - 1 Ethernet Interface budget is ~300 CHF. hope this is a realistic price otherwise correct me pls :-) Thanks in advance and best regards Marco ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] RBL's (again) (Was: Anyone from Green here?)
Tonnerre Lombard wrote: Salut, Marco, On Mon, 20 Oct 2008 14:15:41 +0200, Marco Fretz wrote: What I'm trying to say is: As a mail service provider (recipient side) you can use greylisting and if there are some buggy mailers out there in the internet (or in your local network) it's not a greylisting problem and it's not your problem. they have to fix there mailer problems (sender side). it's not the ISP who has to adapt mail services to buggy customer stuff ^^ Or maybe you just didn't listen... ...and maybe we should stop discuss this :-) Tonnerre ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] RBL's (again) (Was: Anyone from Green here?)
Hi Tonnerre, You got me wrong :-) What I'm trying to say is: As a mail service provider (recipient side) you can use greylisting and if there are some buggy mailers out there in the internet (or in your local network) it's not a greylisting problem and it's not your problem. they have to fix there mailer problems (sender side). it's not the ISP who has to adapt mail services to buggy customer stuff ^^ A mailer script which doesn't support queueing or in other words RFC-conform MTA operation will cause problems anyway regardless if greylisting is used or not, other 4xx codes, etc... maybe my opinion is very radical but I think it's the way it should be. Of course I know there are exceptions with individual customer situations, etc. bests Marco Tonnerre Lombard wrote: Salut, Marco, On Fri, 17 Oct 2008 15:21:59 +0200, Marco Fretz wrote: Of course I know what you mean. That's the thing every webhoster have to fight with. Last year I was on the Secure Linux Admin Conference in Berlin. There was a workshop how to protect shared hosting webservers... I am talking about the recipient side. I don't think it's a safe assumption that all scripts _your_ _mail_ _users_ will receive mail from are under your control. If I remember correctly the 2nd or 3th step was: prevent the users from using SMTP (or any other port) to the internet and only allow the destination you choose, your mailrelay servers, http proxy, etc. That is great, but not everyone does that. In fact the number of providers which do that is fairly low. I would do so myself, also for the reason that this prevents people owning a web service to spam around in a volatile manner, but that's not the point at all. crap customer scripts don't look like a reasonable argument against greylisting to me. though some webhosting customers might send mails with their mailer script to recipients which are not on your mail server and this other mail server maybe is also protected with greylisting, ergo same problem ergo problem not solved... For the receiving server, it is. do you see what I mean, now? :) or maybe I didn't fully understand the issue you had. No, you don't. but agreed it's always hard to decide if you want secure systems or happy users. That would be true if there was no way around greylisting, but there is. Tonnerre ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] RBL's (again) (Was: Anyone from Green here?)
Tonnerre Lombard wrote: Salut, Marco, On Thu, 16 Oct 2008 15:22:39 +0200, Marco wrote: fully agreed. thats a bad argument against greylisting. if php scripts or other webserver stuff, like newsletter servers, etc.. use their own MTA which is most likely a fancy carp script, as you said, then its actually not the ISPs problem if a mail won't get delivered. Technically, this is perfectly right, and personally I would like to see everyone writing such scripts burn in hell. But if your users insist on receiving the mail, you will either have to disable greylisting or to get a better set of customers. This is basically the collision between lazy technicians coming up with excuses why they're not responsible and stupid users who cannot do things right. I'm afraid that the purely technical point of view is not worth a dime if your users look for alternative providers. Do you see what I mean? Of course I know what you mean. That's the thing every webhoster have to fight with. Last year I was on the Secure Linux Admin Conference in Berlin. There was a workshop how to protect shared hosting webservers... If I remember correctly the 2nd or 3th step was: prevent the users from using SMTP (or any other port) to the internet and only allow the destination you choose, your mailrelay servers, http proxy, etc. Our customers cannot send mails directly, no way. The have to use local sendmail. Out of 50 of our webhostings there was 1 using such carp mailer scripts. we forced them to change it because no other good provider will allow it anyway (of course a lot do so but maybe the shouldn't :-)) My opinion is still that greylisting is a good thing against spam but as you said not the only one. crap customer scripts don't look like a reasonable argument against greylisting to me. though some webhosting customers might send mails with their mailer script to recipients which are not on your mail server and this other mail server maybe is also protected with greylisting, ergo same problem ergo problem not solved... do you see what I mean, now? :) or maybe I didn't fully understand the issue you had. but agreed it's always hard to decide if you want secure systems or happy users. Der Kunde ist König? actually he is but not always, we want to satisfy our customers but we are also responsible that systems are secure, do what the should do, etc.. if his buggy script or what ever possibly compromises my systems I usually tell that to our customers and more often than not they do not cancel any contracts due to my explanation that we want to have secure systems. Are you at SwiNOG next week, too? And interesting topic, isn't it? :) nice weekend, Marco Tonnerre ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] RBL's (again) (Was: Anyone from Green here?)
Michael Naef wrote: On Wednesday 15 October 2008, Tonnerre Lombard wrote: [..] Not very problematic for the mail server but of course the PHP script does _not_ attempt redelivery. And your users go to gmail, because there they get the mail. Not sure that's desirable for you. This whole discussion is pointless. Greylisting is a religion. The believers worship it, the others damn it. The realy important point is: Greylisting is a just using a mechanism that should get going when something is goes wrong accepting a message. This mechanics of retransmitting should not only take action with greylisting involved but (and that is the important point) when there appears a real technical problem. And that is something a customer with his little online shop will show open ears to you explaining him why to change his mailer script. that's exactly what I was trying to say in my last post :-) thank you Michi... have fun Michi ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] open source illusions
Tonnerre Lombard wrote: Salut, Per, On Tue, 07 Oct 2008 15:41:47 +0200, Per Jessen wrote: I am 99% an open source _user_, and I have only written very few patches. Which proves my point, I think. So let me summarize. The fact that we all can fix things and only a few people do it means that the argument of being able to fix things is a weak argument. The fact that we all can prove the source code and _noone_ does it makes it a strong point. Thanks for enlightening me. I've nothing further to say :-) Tonnerre ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] IRC Server dead ?
[EMAIL PROTECTED] wrote: i was requesting twice on _http://www.warmduscher- abc.ch/warmduscher_abc.asp_ http://www.warmduscher-abc.ch/warmduscher_abc.asp to add the term Skype-Benutzer but as the maintainer seems to be an skype fan it getting ignored try it again :D Roger Am 7 Oct 2008 um 9:32 hat Marco Fretz geschrieben: [EMAIL PROTECTED] wrote: IRC is cool - IRC is a geek tool ,-)) skype is something for warmduscher (well, i've got an account since 2 days...) ,-)) yes, IRC is old-school. it's just great, coding own bots, irc clients, etc... lot of possibilities. Skype is like MSN Messenger, just another ugly overloaded communication tool. if I have to choose between skype and MSN, it's MSN, because there are a lot of opensource and freeware alternatives to the bad Live Messenger from Microschrott, ah Microsoft... :-) -steven -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Stanislav Sinyagin Sent: Monday, October 06, 2008 4:02 PM To: [EMAIL PROTECTED] Subject: Re: [swinog] IRC Server dead ? why doesn't someone create a public Skype chat for SwiNOG? I think more people on this list have skype than IRC client software (me, for example :-) - Original Message From: Boris Meyer [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, October 6, 2008 3:51:20 PM Subject: Re: [swinog] IRC Server dead ? PS: The actual list of all available servers is listed at: http://irc.subcult.ch As a result of a DDoS against the SwissIX IP-Range the prefix of SwissIX is at the moment only reachable by its peers. We are working towards bringing the irc-server back online. But in the mean time eiher use another server of the mesh or have a SwissIX-connected ISP ;). ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] IRC Server dead ?
[EMAIL PROTECTED] wrote: i was requesting twice on _http://www.warmduscher- abc.ch/warmduscher_abc.asp_ http://www.warmduscher-abc.ch/warmduscher_abc.asp to add the term Skype-Benutzer but as the maintainer seems to be an skype fan it getting ignored I cant add it: Microsoft JET Database Engine error '80040e57' The field is too small to accept the amount of data you attempted to add. Try inserting or pasting less data. /warmduscher_melden.asp, line 125 haha :D Roger Am 7 Oct 2008 um 9:32 hat Marco Fretz geschrieben: [EMAIL PROTECTED] wrote: IRC is cool - IRC is a geek tool ,-)) skype is something for warmduscher (well, i've got an account since 2 days...) ,-)) yes, IRC is old-school. it's just great, coding own bots, irc clients, etc... lot of possibilities. Skype is like MSN Messenger, just another ugly overloaded communication tool. if I have to choose between skype and MSN, it's MSN, because there are a lot of opensource and freeware alternatives to the bad Live Messenger from Microschrott, ah Microsoft... :-) -steven -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Stanislav Sinyagin Sent: Monday, October 06, 2008 4:02 PM To: [EMAIL PROTECTED] Subject: Re: [swinog] IRC Server dead ? why doesn't someone create a public Skype chat for SwiNOG? I think more people on this list have skype than IRC client software (me, for example :-) - Original Message From: Boris Meyer [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, October 6, 2008 3:51:20 PM Subject: Re: [swinog] IRC Server dead ? PS: The actual list of all available servers is listed at: http://irc.subcult.ch As a result of a DDoS against the SwissIX IP-Range the prefix of SwissIX is at the moment only reachable by its peers. We are working towards bringing the irc-server back online. But in the mean time eiher use another server of the mesh or have a SwissIX-connected ISP ;). ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] IRC Server dead ?
Boris Meyer wrote: no one cares about security and I think swinog should care about security! use IRC, install one of the thousands IRC clients available and ask your security guru to open the port, or do it on your own ^^ You can connect via SSL for a little bit of enhanced security (and the connection between the servers is also encrypted). As alternative of Skype, we can take it to the max and use the chat-system of World of Warcraft. We just have to choose, if we play for Alliance or Horde and may use the guild chat (the famous n00b-pwning Swinog-Guild) /badhumour good one :-) we can also use pro7.de chat :P haha Boris. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] primary / backup BGP multi homed issue
Johannes Resch wrote: On Thu, September 4, 2008 09:52, Marco Fretz wrote: Sunrise changed their as-communities recently so that's no longer possible for our backup provider to influence their local-pref. Where did you get this information from ? Sunrise definitely supports customer-settable communities to alter local pref. http://www.db.ripe.net/whois?form_type=simplefull_query_string=searchtext=as-communities the part describing local-pref influencing is in the OBSOLETE SECTION. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Content delivery system like Akamai?
Scott Weeks wrote: There're a lot of players in that space. I used to work for a company called Digital Island that bought Sandpiper to get their Footprint CDN. This was then sold to CW who then sold it to blah, blah and it finally ended up at Savvis. There were several lawsuits with Akamai (a Hawaiian word for smart, clever or intelligent BTW) in the US about who invented what first. Akamai came out on top from what I heard after leaving the company. http://www.savvis.net/corp/Products+Services/Content+Delivery+Network/default thanks for this information. You should be sure to do the market research before doing anything more than a fun and interesting project. as I wrote before, I'm just interested in the technology. I don't want to build a CDN for productive use. We're quite happy with our clustered hosting platform. scott ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Content delivery system like Akamai?
Jeroen Massar wrote: Marco Fretz wrote: [..] ... but maybe I'm just crazy and you might simply ignore this post :-) Most people know *how* to do it (fail-over anycast presto), the economics, deploying it worldwide and getting a good solid customer base factor are other factors though. as I said, maybe it's a stupid idea. I'm more interested in the technical than in the economic aspect. I've never set up IPv4 anycast services but as far as I know anycast is only recommended for connection less / session less services (DNS, etc...). I never saw http content delivered over anycast, because it's TCP and you need consistent data. pls correct me if I'm wrong... greets Marco ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Content delivery system like Akamai?
Stanislav Sinyagin wrote: Guys, are you intending to build a service, or just want to play around? A service would involve hardware investment, SLA, on-call support staff, sales personnel, and tons of other investment - are you willing to start that today? I just want to know if and how it's possible to build a system like Akamai. Akamai is not using anycast or any other common thing and as you see they are quite successful! there must be a good reason why they're using their own solution. I'm not interested in economic aspects at the moment and I don't want to build this system for productive use, now. so yes, I just want to play around with it and I'm trying to find some guys who want to play, too :-) and it seems that I started an exciting discussion... :) ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Content delivery system like Akamai?
Claudio Jeker wrote: Corrected, your wrong. TCP works just fine for short living TCP sessions (like 99% of all traffic). If you're routing is stable you always end up at the same site. Only on bgp route changes that influence the path to the anycast network you may get session drops because the traffic is flowing to a new site. Ok, thank you Jeroen and Claudio for this explanations about anycasting. But is there anyone using anycasts for HTTP content? I think its only used for DNS, etc... am I wrong? ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Content delivery system like Akamai?
Jeroen Massar wrote: [..] Ok, thank you Jeroen and Claudio for this explanations about anycasting. But is there anyone using anycasts for HTTP content? I think its only used for DNS, etc... am I wrong? Wrong. google(anycast http) google(anycast) google(distributed content system) etc etc etc etc etc :) oh, hmm.. ok :-) sorry. Now I feel like a noob ^^ Greets, Jeroen ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
[swinog] Securing Cisco Routers in a ISP network (management-plane?)
Hi everyone, I'm preparing my routers for IPv6. Along with v6 support comes the requirement to secure router management / services for v6. Currently I've inbound access-lists on all inbound interfaces blocking management traffic (ssh, telnet, ftp, http, etc.) and things like SIP, etc. to all router v4 addresses. You can imagine that this a lot of maintenance work. So my idea was to use the new management-plane (control-plane) protection in IOS 12.4 T. http://www.cisco.com/en/US/docs/ios/12_4t/12_4t11/htsecmpp.html Is there anyone using this already in ISP networks? What are the experience? You can define a loopback interface as management-interface and propagate the loopback addresses with IGP inside the management network. After that, all other interfaces are no longer accepting management traffic to the control-plane, right? Setting an inbound access-list on the loopback interface to filter management traffic may be a good idea, right? Is there any impact to BGP sessions? I sill need access-lists dropping BGP traffic to my router addresses and explicit allowing my bgp peers, right? Any suggestions / ideas welcome. Thanks and best regards Marco ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] This is what Linus Torvalds calls OpenBSD crowd ...
I think it's not worth the discussion in the openbsd list aswell. BSD (OpenBSD) and Linux are way different, different strategies and goals... But its just amusing to read. Marco julien mabillard wrote: Well, I don't know if this needs a comment. Coding is my preferred way to provide best response. However, when correctness of design/api/standard comes to the disucssion, have a look at linux kernel code, experiment some supposed standard POSIX functions under linux and after some time switch OpenBSD, you get then answer. -- ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Switzerlandwide Internet problem
hi, we're not experiencing anything like that here... Do you have any additional information about the problem? Marco Michele Capobianco wrote: Hey all A friend just told me that Cybernet told him there is a Switzerlandwide Internet Problem. Does anybody know something? Cheers Michele Online Consulting AG, Michele Capobianco, System Administrator, Weststrasse 38, CH-9500 Wil Phone +41 (0)71 913 31 31, Fax +41 (0)71 913 31 32 http://www.online.ch, [EMAIL PROTECTED]mailto:[EMAIL PROTECTED] ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] massive udp attacks from 67.228.4.81
hi, of course im just fighting the symptoms but it worked for us and for this weekend :-) any idea what the disease is? on Friday in the evening it suddenly stopped after about 44 millions of packets. and know only silence from this source... from which sources are u experiencing this UDP queries? at our site the packets were not really queries, just unknown data and no usable header info... i think it was some sort of attack against one of our customer, he got the most of these packets according to the netflow data... Marco Tobias Göller wrote: Hello, Since the protocol is UDP I wouldn't be too surprised if effective sender is using multiple hosts to send UDP Data. So in fact, what you're doing, is just fighting the symptoms and not the desease. I have certain doubts that subxtreme.net is the real origin. I myself am experiencing an abnormal amount of UDP Queries to this port as well - although the rate is much lower than at your site (about 20'000/min). CU Tobias On May 30, 2008, at 6:20 PM, Marco Fretz wrote: Hi everybody, is there anyone else expecting massive UDP (mostly port 53) traffic from 67.228.4.81? Destinations are (possibly random chosen) ip address out of our AS3915. see attached netflow graph. We've now blocked the ip address and got over 3.7 million blocks within 10 minutes. I just wrote this issue to the corresponding abuse ([EMAIL PROTECTED]) , a provider in Brazil as i know so far. Thanks for any feedback. have a nice weekend, best regards Marco ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
[swinog] IPv6 for all of our customer webhosting?
Hi SwiNOGers, as you know im trying to get ipv6 connectivity for our backbone and hosting stuff. Know i got the following question: is it wise to add a v6 host record for all domains pointing to the webhostings? www.blah.li.IN A 88.82.97.x www.blah.li.IN 2a02:380:::x its not a problem to do dual stack ipv6 with my linux webhosting system, but all ipv4 users have to wait for the ipv6 timeout when trying to reach an ipv6 enabled website, right? is there a way to control this timeout? thanks and best regards Marco ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Sixy.ch: directory of IPv6 enabled web sites
i think its possible. just do an lookup. this can also be done if the user has no ipv6 connectivity... and Manuel has the skills and time to code such a little plug-in, right? :D [EMAIL PROTECTED] wrote: Hi all can you write a firefox plugin which shows a link for each ipv4 website if its also available over ipv6? that would be very nice :) this way users can see that it is a good idea to get ipv6 connectivity. What an awesome idea, I love it ;-) Silvia Sunny Connection AG + 41 44 887 62 10 http://www.sunny.ch Email shagen at sunny.ch * Our Website is dual-stack. You can access it with IPv4 and IPv6. * ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
[swinog] massive udp attacks from 67.228.4.81
Hi everybody, is there anyone else expecting massive UDP (mostly port 53) traffic from 67.228.4.81? Destinations are (possibly random chosen) ip address out of our AS3915. see attached netflow graph. We've now blocked the ip address and got over 3.7 million blocks within 10 minutes. I just wrote this issue to the corresponding abuse ([EMAIL PROTECTED]) , a provider in Brazil as i know so far. Thanks for any feedback. have a nice weekend, best regards Marco ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
[swinog] Anyone here using ZyXEL SHDSL DSLAMs?
Hi, Is here anyone who uses the SHDSL / SHDSL.bis technology? ZyXEL IES1000 - IES5000 DSLAM chasis and SLC1216 - SLC1248-22 line cards? We have a few problems with lineprobing / rate adaption and crc errors. Or does anyone know a good paper about Signal-to-Noise Margin lineprobing / rate adaption? how to figure out the best value. try and fail doesn't work :( thanks in advance and best regards marco ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] chzrh01 opens - first Swiss based SixXS PoP
hi any ideas why i cant find this PoP in the tunnel request form at the SixXS admin tool? does the pop support ayiya mode? is it free? greets marco Jeroen Massar wrote: Hi folks, I would just like to spam here also that, with thanks to the nice folks from IP-Man, we have setup and now also opened the first Swiss based SixXS PoP: chzrh01.sixxs.net. It is located at the TIX in Zurich and should have really nice low latencies to most people in Switzerland. For the folks who already have a SixXS account, they have been spammed already with an offer they can't refuse, for everybody else, maybe it is time to start peeking at this when you don't have IPv6 connectivity yet? http://www.sixxs.net/ of course, and for questions don't hesitate to contact [EMAIL PROTECTED] (see also /contact/ on the website). For the folks who didn't gotten the word yet: http://ipv6.google.com exists and works, and also, the Great IPv6 Experiment's testing phase has already begun and it will soon go live, also with non-adult material so that it can reach a much wider audience. Greets, Jeroen ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] bluewin ADSL ... everything okay?
hi can anyone post some affected ip addresses or urls please? use traceroutes instead of ping, so u can see routing problems or changes. u may use ip-plus (bluewin / swisscom) looking glass services to test out off bluewin's AS http://www.ip-plus.ch/tools/looking_glass_servers.en.html regards marco Matthias Hertzog wrote: Hi folks! Does anyone else in here receives phone calls, that websites and mailservers cannot be reached from bluewin ADSL? Best wishes, Matthias _ mhs @ internet AG Zürcherstrasse 204, CH - 9014 St. Gallen Phone +41 71 274 93 93, Fax +41 71 274 93 94 http://www.mhs.ch _ ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog