Re: T1 vs. T2 [WAS: Apology: [Tier-2 reachability and multihoming]]

On Tue, Mar 29, 2005 at 02:23:06AM +0100, Stephen J. Wilcox wrote: > > 701 is not the most connected, it has only customers and a restrictive > set of peers? Ok, I'm just bored enough to bite. If we're talking about a contest to see who has the most number of directly connected ASNs, I think U

Re: T1 vs. T2 [WAS: Apology: [Tier-2 reachability and multihoming]]

On Mon, Mar 28, 2005 at 06:47:30PM -0800, Randy Bush wrote: > > er.. hate to rain on your parade but if I peer with everyone > > i need/want to exchange traffic with, i am transit-free, even > > if I -NEVER- touch any other part of the commercial Internet... > > my packets get to

Re: T1 vs. T2 [WAS: Apology: [Tier-2 reachability and multihoming]]

> er.. hate to rain on your parade but if I peer with everyone > i need/want to exchange traffic with, i am transit-free, even > if I -NEVER- touch any other part of the commercial Internet... > my packets get to where they need to go and all packets I want > get to

Re: T1 vs. T2 [WAS: Apology: [Tier-2 reachability and multihoming]]

On Mon, Mar 28, 2005 at 09:15:53PM -0500, Patrick W Gilmore wrote: > > On Mar 28, 2005, at 8:29 PM, [EMAIL PROTECTED] wrote: > > >>and if you peer with all networks in the 'transit free zone' then you > >>too become > >>transit free also. > > > > er.. hate to rain on your parade but if I pe

Re: T1 vs. T2 [WAS: Apology: [Tier-2 reachability and multihoming]]

On Mar 28, 2005, at 8:29 PM, [EMAIL PROTECTED] wrote: and if you peer with all networks in the 'transit free zone' then you too become transit free also. er.. hate to rain on your parade but if I peer with everyone i need/want to exchange traffic with, i am transit-free, even i

Re: T1 vs. T2 [WAS: Apology: [Tier-2 reachability and multihoming]]

> and if you peer with all networks in the 'transit free zone' then you too > become > transit free also. > er.. hate to rain on your parade but if I peer with everyone i need/want to exchange traffic with, i am transit-free, even if I -NEVER- touch any other part of t

Re: T1 vs. T2 [WAS: Apology: [Tier-2 reachability and multihoming]]

On Mon, 28 Mar 2005, John Dupuy wrote: > I'll be brief, but I do want to perhaps word Alex's definition in a different > way > that might be more useful. > > Even "tier 1" providers regularly trade transit. They must since no single > network is connected to all the other ones. Not even close.

Re: Sorbs.net

On Mon, 28 Mar 2005, Jay R. Ashworth wrote: > On Sun, Mar 27, 2005 at 05:57:13PM -0500, Dean Anderson wrote: > > There are consequences, of course, to doing irresponsible things, and to > > misleading your subscribers, and to blocking email that your subscribers > > didn't authorize you to block.

Re: Spoofing and Internet Filtering

On Thu, Feb 24, 2005 at 03:36:44PM -0500, Robert Beverly wrote: > I'm working on a project designed to determine the extent of ingress and > egress filtering on the Internet. For those that expressed interest, in the month since this original email, I collected results from around 300 unique ho

Re: T1 vs. T2 [WAS: Apology: [Tier-2 reachability and multihoming]]

I'll be brief, but I do want to perhaps word Alex's definition in a different way that might be more useful. Even "tier 1" providers regularly trade transit. They must since no single network is connected to all the other ones. Not even close. Even UUNet (ASN 701), arguably the most-connected ne

Re: phishing sites report - March/2005

Daniel Golding wrote: Gadi, This report isn't terribly useful without the IP addresses (or URLs) in question. How could an ISP start investigating and/or null routing these addresses without having the list? I suppose I'm skeptical because some of those ASNs are not big content hosters. Some are tr

Re: phishing sites report - March/2005

Gadi, This report isn't terribly useful without the IP addresses (or URLs) in question. How could an ISP start investigating and/or null routing these addresses without having the list? I suppose I'm skeptical because some of those ASNs are not big content hosters. Some are transit-only ASN's.

Re: outage/maintenance window opinion

Luke Parrish wrote: Trying to get clarification on an issue. Maintenance/outage window is 2:00AM to 5:00AM, during the window the router we are working on fails and does not come back online until 8:00AM. From a outage reporting/documentation standpoint is the outage start time 2:00AM or 5:01AM

real-time black-hole listing

On Mon, 2005-03-28 at 09:55 -0500, Jay R. Ashworth wrote: > > As for "didn't authorize you to block", two thoughts come to mind: > first, the person with the last clear chance in a mail blacklisting > situation is the mail admin in question, is it not? Many administrators avoid complaints by plac

VoIP Security Alliance Elects Board of Directors, Announces Projects and Issues Call for Participation

Somewhat related to operational issues: "AUSTIN, Texas – March 28, 2005 – The Voice over IP Security Alliance (VOIPSA), today announced its newly elected board of directors as well as its short-term projects to develop a threat taxonomy and document security requirements for VoIP networks. VOIPS

Re: phishing sites report - March/2005

Daniel Golding wrote: Forgive me for being skeptical, but... I would prefer you being skeptical. Please don't take my word on any of this. How do you come up with these? Are these the direct upstream ISPs of the These are the digested results from the reports sent to the malicious websites and p

Re: phishing sites report - March/2005

Forgive me for being skeptical, but... How do you come up with these? Are these the direct upstream ISPs of the phishing sites or the next hop AS's from your test site? Is there a link to the original data? - Dan On 3/28/05 12:25 PM, "Gadi Evron" <[EMAIL PROTECTED]> wrote: > > Below is a pe

Re: "Bandwidth Advisors" - www.bandwidthadvisors.com

I run all my bandwidth purchases through BWA. I've worked with Aaron since we were both at Wolfe.net. He's the most honest sales type that I've ever met. And I agree that NANOG is NOT the place to post this, but the cat is out of the bag. Notice: I'm biased as I host his site and my wife made

Re: outage/maintenance window opinion

Heya, I disagree as this entire event wasn't a planned outage. The "planned" part was what you intended to do and, if its anything like the maintenance reports that I send and receive, you typically state how long you expect the impact will be and that it will take place within your maintenan

Re: Intradomain DNS Anycast revisited

On Mar 28, 2005, at 8:40 AM, Bill Woodcock wrote: I like BGP more as I could transport that /32 with no-export right away. Yes, in a simple hub-and-spoke anycast topology, iBGP is simplest. In a wagon-wheel or mesh topology, having an IGP makes some things simplest, though you can still use iBG

RE: outage/maintenance window opinion

Also, the possibility of equipment failure should *always* be factored into backout/recovery plans. You can have all the faith in your hardware that you want, but Murphy has enable/root. If it's something has simple as having redundant capacity to shift the load to, or as drastic as having a s

Re: outage/maintenance window opinion

On Mon, Mar 28, 2005 at 11:16:47AM -0600, Luke Parrish wrote: > Maintenance/outage window is 2:00AM to 5:00AM, during the window the router > we are working on fails and does not come back online until 8:00AM. > > From a outage reporting/documentation standpoint is the outage start time > 2:00

RE: outage/maintenance window opinion

My opinion: For the customer, the outage starts when their service stops working* and ends when their service starts working again. Your goal should be to make that all happen during the maintenance window. If it doesn't, then the part that was during the window is "planned outage" and the part t

Re: outage/maintenance window opinion

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 It depends. If your device(s) was part of the change management notification then that's correct. regards, //virendra// Luke Parrish wrote: | Trying to get clarification on an issue. | | Maintenance/outage window is 2:00AM to 5:00AM, during the window t

phishing sites report - March/2005

Below is a periodic public report from the Malicious Websites and Phishing research and mitigation mailing list (a sub-group of the drone armies / botnets research and mitigation mailing list). For this report it should be noted that we base our analysis on the data we have accumulated from various

outage/maintenance window opinion

Trying to get clarification on an issue. Maintenance/outage window is 2:00AM to 5:00AM, during the window the router we are working on fails and does not come back online until 8:00AM. From a outage reporting/documentation standpoint is the outage start time 2:00AM or 5:01AM since 5:01AM is when

Re: Intradomain DNS Anycast revisited

> I like BGP more as I could transport that /32 with no-export > right away. Yes, in a simple hub-and-spoke anycast topology, iBGP is simplest. In a wagon-wheel or mesh topology, having an IGP makes some things simplest, though you can still use iBGP in that role.

Re: ICANN on the panix.com theft

--On Saturday, March 26, 2005 4:58 PM -0500 David Lesher <[EMAIL PROTECTED]> wrote: ICANN Blames Melbourne IT for Panix Domain Hijacking Unfortunately, the agenda for the next ICANN meeting: Still does not yet show that the SSAC

Re: DNS cache poisoning attacks -- are they real?

On Mar 28, 2005, at 1:11 AM, Randy Bush wrote: And to Randy's point about problems with open recursive nameservers... abusers have been known to cache "hijack". Register a domain, configure an authority with very large TTLs, seed it onto known open recursive nameservers, update domain record to p

Re: T1 vs. T2 [WAS: Apology: [Tier-2 reachability and multihoming]]

On Mon, 28 Mar 2005, Randy Bush wrote: > > Firstly, peering isn't binary. Is peering vs transit a distinction based on > > routes taken / accepted & readvertised, or on cost? Does "paid for peering" > > count as peering or transit? If you pay by volume? If you pay for "more than > > your fair sha

Re: T1 vs. T2 [WAS: Apology: [Tier-2 reachability and multihoming]]

>> a tier-1 network does not get transit prefixes from any other >> network and peers with, among others, other tier-1 networks. >> >> a tier-2 gets transit of some form from another network, usually but >> not necessarily a tier-1, and may peer with other networks. >> >> this does not please ever

Re: DNS cache poisoning attacks -- are they real?

On Mon, 28 Mar 2005 16:40:22 +0100, Brad Knowles <[EMAIL PROTECTED]> wrote: > If you want to use your own resolver remotely like this, I can't > really say too much about that. However, in that case I would > encourage you to ensure that the server is closed to queries from > outside sour

Re: Sorbs.net

On Sun, Mar 27, 2005 at 05:57:13PM -0500, Dean Anderson wrote: > >Look, if I want to publish a blocklist of all domains with the > >string "er" in them and all IP addresses ending in .7, that would be > >a silly thing to do: but after all, it's just a list. > > There are consequences, of course

Re: DNS cache poisoning attacks -- are they real?

At 20:15 -0500 3/26/05, Sean Donelan wrote: effort. Why has SSH been so successful, and DNSSEC stumbled so badly? Short answer to that question alone. (Believe me, I've considered it too.) SSH is an example of innovation that requires only the end points to cooperate - e.g., like TCP doing conge

how about the basics? [was: Re: Blocking port 53]

John Levine wrote: I thought everyone ran an ssh server on port 443 by now. It's the easiest way to get through these overbearing firewalls. Inbound: Agreed. As we all know, applications running on web servers are the easiest way to get into an organization. Run as many routers and fire

Re: Clearwire May Block VoIP Competitors

> Date: Mon, 28 Mar 2005 06:27:56 -0500 > From: Chip Mefford <[EMAIL PROTECTED]> > Subject: Re: Clearwire May Block VoIP Competitors > > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Robert Bonomi wrote: > |>From [EMAIL PROTECTED] Sat Mar 26 12:37:15 2005 > |>Date: Sat, 26 Mar 2005 13:35:

Re: DNS cache poisoning attacks -- are they real?

On Mon, 2005-03-28 at 01:04, John Payne wrote: > > And to Randy's point about problems with open recursive nameservers... > abusers have been known to cache "hijack". Register a domain, > configure an authority with very large TTLs, seed it onto known open > recursive nameservers, update domai

Re: Clearwire May Block VoIP Competitors

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Robert Bonomi wrote: |>From [EMAIL PROTECTED] Sat Mar 26 12:37:15 2005 |>Date: Sat, 26 Mar 2005 13:35:31 -0500 |>From: Eric Gauthier <[EMAIL PROTECTED]> |>To: "Fergie (Paul Ferguson)" <[EMAIL PROTECTED]> |>Cc: nanog@merit.edu |>Subject: Re: Clearwire M

Re: T1 vs. T2 [WAS: Apology: [Tier-2 reachability and multihoming]]

--On 27 March 2005 12:59 -0800 Randy Bush <[EMAIL PROTECTED]> wrote: better? i did not say better. a simple way to look at it, which we have repeated here every year since com-priv migrated here is a tier-1 network does not get transit prefixes from any other network and peers with, among others