AW: [swinog] loud noise outside @ TIX at 00h15 tonight :)
i hope so :9 -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Auftrag von Olivier M. Gesendet: Freitag, 29. August 2003 01:17 An: [EMAIL PROTECTED] Betreff: [swinog] loud noise outside @ TIX at 00h15 tonight :) And light everywhere at the third and forth floor: it seems they were working hard on the emergency generators... Good thing, isn't it ? :) 'nite regards, Olivier -- _ Olivier Mueller - [EMAIL PROTECTED] - PGPkeyID: 0E84D2EA - Switzerland -- [EMAIL PROTECTED] Maillist-Archive: http://www.mail-archive.com/swinog%40swinog.ch/ -- [EMAIL PROTECTED] Maillist-Archive: http://www.mail-archive.com/swinog%40swinog.ch/
[swinog] 45 Mbit/s Cisco Interface
Hello everyone, we have to order a 45 Mbit/s point-to-point leased line (CLN) from Swisscom. Swisscom is asking us if we want electrical or optical interfaces. What do you recommend? In either case, what's the exact Cisco interface model number (both eletrical and optical) for 7206 routers? I think optical is better (provided that a fiber installation is already available on-site) because Swisscom talks about a 10dB attenuation we have to buy from a third-party provider in order to connect the coax cables... Furthermore, what's the interface designation for the Swisscom order form? The form we have defaults to G.703-75 Ohm (45Mbps), 1310nm, mono mode. Is that the correct designation for fiber? Thanks regards Manuel ___ Ticinocom SA - Via dei Pioppi 10 - 6616 Losone Tel 0844 007070 - Fax 0844 007071 http://www.ticinocom.com -- [EMAIL PROTECTED] Maillist-Archive: http://www.mail-archive.com/swinog%40swinog.ch/
AW: [swinog] 45 Mbit/s Cisco Interface
i just have used the coax one: get a PA-DS3 with BNC connector and buy a 10db attenuator 75ohm from any distributor and put the attenuator on the rx port of the PA-DS3 interface. if you don't use the attenuator, the clocking signal cannot synchonize. if you have both side, pay attention to the clocking, on side has clock source internal and the other has line. e.g. interface Serial4/0 description ip address no ip directed-broadcast no dsu remote accept dsu bandwidth 44210 framing c-bit cablelength 10 clock source internal alain -Ursprüngliche Nachricht- Von: Manuel Wenger [mailto:[EMAIL PROTECTED] Gesendet: Freitag, 29. August 2003 09:21 An: [EMAIL PROTECTED] Betreff: [swinog] 45 Mbit/s Cisco Interface Hello everyone, we have to order a 45 Mbit/s point-to-point leased line (CLN) from Swisscom. Swisscom is asking us if we want electrical or optical interfaces. What do you recommend? In either case, what's the exact Cisco interface model number (both eletrical and optical) for 7206 routers? I think optical is better (provided that a fiber installation is already available on-site) because Swisscom talks about a 10dB attenuation we have to buy from a third-party provider in order to connect the coax cables... Furthermore, what's the interface designation for the Swisscom order form? The form we have defaults to G.703-75 Ohm (45Mbps), 1310nm, mono mode. Is that the correct designation for fiber? Thanks regards Manuel ___ Ticinocom SA - Via dei Pioppi 10 - 6616 Losone Tel 0844 007070 - Fax 0844 007071 http://www.ticinocom.com -- [EMAIL PROTECTED] Maillist-Archive: http://www.mail-archive.com/swinog%40swinog.ch/ -- [EMAIL PROTECTED] Maillist-Archive: http://www.mail-archive.com/swinog%40swinog.ch/
[swinog] filtering ICMP...
After the thread seen on nanog regarding GBLX filtering/shaping ICMP (without even telling their customers, including BGP customers), I would like to have a bit of your opinion... Do you consider this as: 1) normal. 2) unacceptable, cause they no more deliver full internet access. 3) acceptable if they would have told their customers in advance. 4) other? They told us, they did that to filter some worms. I can understand this, but we're an ISP and IMHO the filtering should be done at the edge of internet not in the core... ? Pascal -- [EMAIL PROTECTED] Maillist-Archive: http://www.mail-archive.com/swinog%40swinog.ch/
RE: [swinog] filtering ICMP...
i would say: 2) unacceptable, cause they no more deliver full internet access. They told us, they did that to filter some worms. I can understand this, but we're an ISP and IMHO the filtering should be done at the edge of internet not in the core... i fully agree with that. -steven -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Pascal Gloor Sent: Friday, August 29, 2003 11:09 AM To: [EMAIL PROTECTED] Subject: [swinog] filtering ICMP... After the thread seen on nanog regarding GBLX filtering/shaping ICMP (without even telling their customers, including BGP customers), I would like to have a bit of your opinion... Do you consider this as: 1) normal. 2) unacceptable, cause they no more deliver full internet access. 3) acceptable if they would have told their customers in advance. 4) other? They told us, they did that to filter some worms. I can understand this, but we're an ISP and IMHO the filtering should be done at the edge of internet not in the core... ? Pascal -- [EMAIL PROTECTED] Maillist-Archive: http://www.mail-archive.com/swinog%40swinog.ch/ -- [EMAIL PROTECTED] Maillist-Archive: http://www.mail-archive.com/swinog%40swinog.ch/
Re: [swinog] filtering ICMP...
Hi Pascal I don't consider it much harm aslong as icmp type 0,3,4,8,11,12 get through... but you still have the dilemma should they filter - I would vote no, though I see the possibilities and the strength in doing filtering in the core - it's just the lack of trust in the folks that would do the filtering... or say: those who say what should be filtered. my 2c Philipp On Fri, Aug 29, 2003 at 11:08:33 +0200, Pascal Gloor wrote: After the thread seen on nanog regarding GBLX filtering/shaping ICMP (without even telling their customers, including BGP customers), I would like to have a bit of your opinion... Do you consider this as: 1) normal. 2) unacceptable, cause they no more deliver full internet access. 3) acceptable if they would have told their customers in advance. 4) other? They told us, they did that to filter some worms. I can understand this, but we're an ISP and IMHO the filtering should be done at the edge of internet not in the core... -- [EMAIL PROTECTED] Maillist-Archive: http://www.mail-archive.com/swinog%40swinog.ch/
Re: [swinog] filtering ICMP...
3) acceptable if they would have told their customers in advance. In case if it is an emergency they should inform the customer and set a temp rule which could be remove by ISP request. what is an emergency? I dont have any dDoS running on my link. Additionally they filtered all their customers, so it cant be taken as an emergency rule, but as an administrative decision. 2nd additionally, the filtered icmp packets ARE the ones used by tracert.exe, not that I use this unconfigurable tool, but my customers do and now they can think damn, lan.ch fucked their routing... :-/ Pascal -- [EMAIL PROTECTED] Maillist-Archive: http://www.mail-archive.com/swinog%40swinog.ch/
RE: [swinog] filtering ICMP...
After the thread seen on nanog regarding GBLX filtering/shaping ICMP (without even telling their customers, including BGP customers), I would like to have a bit of your opinion... I think you'll find that most ISP's have ICMP rate limiting on their network. Do you consider this as: 1) normal. 2) unacceptable, cause they no more deliver full internet access. 3) acceptable if they would have told their customers in advance. 4) other? They told us, they did that to filter some worms. I can understand this, but we're an ISP and IMHO the filtering should be done at the edge of internet not in the core... I think its perfectly acceptable and I for one would be happy to see my upstream filter things that potentially could cause my customers to have network issues, customers having network issues are customers not spending more money or doing business and thats bad for everyone. Yes customers should be told asap but in somecases window to deploy is minimal and time is of the essance. If a new worm came out tomorrow and I could filter the effects for 24 hours to give my customers a chance to get the latest patches then I would and I'm pretty sure that a majority of them would be happy and grateful. The two last bug issues MSBlast and Sobig, in my personal view, Microsoft have alot to answer for and I hope they learn from this mistake. Regards, Neil. -- Neil J. McRae -- Alive and Kicking [EMAIL PROTECTED] -- [EMAIL PROTECTED] Maillist-Archive: http://www.mail-archive.com/swinog%40swinog.ch/
RE: [swinog] filtering ICMP...
Title: RE: [swinog] filtering ICMP... Shaping / policing the ICMP rate is cool...and helps reducing the impact of dDOS attacks... Filtering is sh.t... my 2 cents Christian -Original Message- From: Pascal Gloor [mailto:[EMAIL PROTECTED]] Sent: Freitag, 29. August 2003 11:36 To: [EMAIL PROTECTED] Subject: Re: [swinog] filtering ICMP... I don't consider it much harm aslong as icmp type 0,3,4,8,11,12 get through... but you still have the dilemma should they filter - I would vote no, though I see the possibilities and the strength in doing filtering in the core - it's just the lack of trust in the folks that would do the filtering... or say: those who say what should be filtered. It would be far enough if they would tell us please consider about filtering/shaping this/that kind of packet due to this/that reason and filtering this doesnt bring anything against dDoS, once the kiddies will see ICMP has no effect they'll move to another protocol... I personally think that by applying this filter, they do not respect they standart SLA... Pascal -- [EMAIL PROTECTED] Maillist-Archive: http://www.mail-archive.com/swinog%40swinog.ch/
Re: [swinog] filtering ICMP...
[...] I think its perfectly acceptable and I for one would be happy to see my upstream filter things that potentially could cause my customers to have network issues, customers having network issues are customers not spending more money or doing business and thats bad for everyone. If a new worm came out tomorrow and I could filter the effects for 24 hours to give my customers a chance to get the latest patches then I would and I'm pretty sure that a majority of them would be happy and grateful. Indeed, but I manage my network and get internet access. I ask my upstreams to deliver internet access, and its my job to take care of my customers and possible harmfull things. Sure it is good to react to worms/trojans, but Carrier-ISP relation is not the same as ISP-Enduser/Business relation. If my upstream wants to filter in an emergency case, that's fine and understandable, but they should have told us about this. Clearly, its ISPs business to protect they customers or at least give them a chance not to get infected (best effort). But I dont think the carrier should take care of this. If its harmfull for the carrier's network and the ISP doesnt react, almost every carrier can drop this customer regarding their SLA/Contract. The two last bug issues MSBlast and Sobig, in my personal view, Microsoft have alot to answer for and I hope they learn from this mistake. install an OS, not a VEDR-OS (very easy dDoS reflector OS) :-P Pascal -- [EMAIL PROTECTED] Maillist-Archive: http://www.mail-archive.com/swinog%40swinog.ch/
Re: [swinog] filtering ICMP...
On Friday 29 August 2003 11:33, Pascal Gloor wrote: In case if it is an emergency they should inform the customer and set a temp rule which could be remove by ISP request. what is an emergency? I dont have any dDoS running on my link. Additionally they filtered all their customers, so it cant be taken as an emergency rule, but as an administrative decision. An emergency for GBLX, but this case is not an emergency to me either. 2nd additionally, the filtered icmp packets ARE the ones used by tracert.exe, not that use this unconfigurable tool, but my customers do and now they can think damn, lan.ch fucked their routing... :-/ For all non Windows Sysadmins: hping --icmp --winid --data 64 --traceroute www.gblx.net -- * Erich Hohermuth IP Engineer - SolNet (AS 9044) PGPKEY-46A08FCB * -- [EMAIL PROTECTED] Maillist-Archive: http://www.mail-archive.com/swinog%40swinog.ch/
Re: [swinog] filtering ICMP...
2) unacceptable, cause they no more deliver full internet access. Especially for BGP customers... For ADSL/dial-up customers, it might be acceptable, if the customer has a possibility to turn off the filters... Cheers, Viktor -- [EMAIL PROTECTED] Maillist-Archive: http://www.mail-archive.com/swinog%40swinog.ch/
Re: [swinog] filtering ICMP...
Hi, On Fri, Aug 29, 2003 at 11:50:38AM +0200, Pascal Gloor wrote: Indeed, but I manage my network and get internet access. I ask my upstreams to deliver internet access, and its my job to take care of my customers and possible harmfull things. Indeed, but I manage my network and get internet access. I ask my ISP to deliver internet access, and its my job to take care of my small network, my computers and my fellow users. Sure it is good to react to worms/trojans, but Carrier-ISP relation is not the same as ISP-Enduser/Business relation. I don't think that a Carrier-ISP relation is much different from a ISP-Enduser relation. I buy internet connectivity and that's all I want: no free SMS, webspace and other fancy things, and *no* filtering. If my upstream wants to filter in an emergency case, that's fine and understandable, but they should have told us about this. Exactely the same for a ISP. Matthias -- [EMAIL PROTECTED] Maillist-Archive: http://www.mail-archive.com/swinog%40swinog.ch/
