-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Dec 7, 2011, at 4:53 PM, Randy Carpenter wrote:
> Tried that. I agree with others that it is an NDP issue. NDP for the GUA is
> fine, but just not for the link local. Is there something that would block
> only link local by default?
We faced a p
Hey all,
Thought I'd ask here to see if anyone has heard.
In May 2010 Juniper announced that Virtual Chassis would be available in the
MX80 platform in the second half of 2011.
Anyone know if it is still being planned for release or if its been removed
from the platform features?
…Skeeve
--
On 12/7/2011 6:53 PM, Randy Carpenter wrote:
Tried that. I agree with others that it is an NDP issue. NDP for the GUA is
fine, but just not for the link local. Is there something that would block only
link local by default?
I should add that I have another uplink to a different provider that w
Indeed, I'm very interested in the outcome of this, as well.
I've been pestering my Calix SE for a long while about proper
IPv6 support.
-- Jonathan Towne
On Thu, Dec 08, 2011 at 12:55:52PM +0800, Mark Tinka scribbled:
# On Thursday, December 08, 2011 03:10:31 AM Frank Bulk wrote:
#
# > In late
On Thursday, December 08, 2011 03:10:31 AM Frank Bulk wrote:
> In late August Calix came to our site and tested their
> IPv6 support on the C7 platform for their upcoming 8.0
> release. They tested both on GPON and VDSL2 using the
> N:1 (VLAN per service) approach. There were some issues
> that
On Wed, 7 Dec 2011, Cameron Byrne wrote:
On a personal note , it is one of my least favorite terms because it is
overused and generally used by people selling things, and defense in depth
means throw eveything and the kitchen sink at the problem instead of
matching threats / risks / vulnerabilit
On Dec 7, 2011 7:49 PM, "Dobbins, Roland" wrote:
>
>
> On Dec 8, 2011, at 1:36 AM, Leo Bicknell wrote:
>
> > I don't think you're looking at defense in depth in the right way,
>
> Actually, it sometimes seems as if nobody in the industry understands
what 'defense in depth' really means, heh.
>
On
On Dec 8, 2011, at 1:36 AM, Leo Bicknell wrote:
> I don't think you're looking at defense in depth in the right way,
Actually, it sometimes seems as if nobody in the industry understands what
'defense in depth' really means, heh.
'Defense in depth' is a military term of art which equates to 't
On Wed, 7 Dec 2011, Randy Carpenter wrote:
Tried that. I agree with others that it is an NDP issue. NDP for the
GUA is fine, but just not for the link local. Is there something that
would block only link local by default?
Do you have any possibly-overly-strict firewall filters applied to the
On Dec 8, 2011, at 1:04 AM, Gregory Croft wrote:
> Just investigating to see if there is a reason I shouldn't use a firewall at
> the edge versus a dedicated router
You should only use a dedicate router if you want your network to remain
available.
;>
---
Tried that. I agree with others that it is an NDP issue. NDP for the GUA is
fine, but just not for the link local. Is there something that would block only
link local by default?
I should add that I have another uplink to a different provider that works
perfectly. The other end is Juniper for t
Isn't it a little early for Whacky Weekend?
- Original Message -
> From: "Dan Collins"
> On Tue, Dec 6, 2011 at 4:45 PM, wrote:
> > On Tue, 06 Dec 2011 10:30:20 PST, "andrew.wallace" said:
> >> It could be argued that Nmap is malware, and such software has
> >> already been called to be
On Dec 7, 2011, at 2:27 PM, Vlad Galu wrote:
> Randy Carpenter wrote:
>> Does anyone have any suggestions on setting up BGP peering between Juniper
>> (SRX) and Cisco?
>>
>> I successfully have cisco-cisco and juniper-juniper without problems.
>>
>> When I am trying to peer to one of my upstre
Try setting local-address in the bgp neighbor config on the Juniper side?
--Peter
On Dec 7, 2011, at 4:54 PM, Randy Carpenter wrote:
>
> Does anyone have any suggestions on setting up BGP peering between Juniper
> (SRX) and Cisco?
>
> I successfully have cisco-cisco and juniper-juniper without
Fyodor wrote:
switched their Nmap downloads back to our real installer. At least
for now. But that isn't enough--they are still infecting the
installers for thousands of other packages!
I am sorry about these problems, it is unacceptable.
Sourceforge, at least a year or 2 ago, did somethin
In a message written on Wed, Dec 07, 2011 at 04:54:13PM -0500, Randy Carpenter
wrote:
> Does anyone have any suggestions on setting up BGP peering between Juniper
> (SRX) and Cisco?
In a message written on Wed, Dec 07, 2011 at 04:42:33PM -0600, Jack Bates wrote:
> Your subject is misleading. It
On 12/7/2011 4:30 PM, Randy Carpenter wrote:
BGP is working fine, it is when they are trying to forward the packets back to
me. They are seeing the Link-Local as the next-hop, which, for some reason,
they cannot get to.
Your subject is misleading. It appears to be an NDP problem. Check
Randy Carpenter wrote:
BGP is working fine, it is when they are trying to forward the packets back to
me. They are seeing the Link-Local as the next-hop, which, for some reason,
they cannot get to.
-Randy
Sorry Randy, I'd skimmed through your initial mail too quickly and
missed the point.
Fyodor wrote:
switched their Nmap downloads back to our real installer. At least
for now. But that isn't enough--they are still infecting the
installers for thousands of other packages!
I am sorry about these problems, it is unacceptable.
Sourceforge, at least a year or 2 ago, did somethin
BGP is working fine, it is when they are trying to forward the packets back to
me. They are seeing the Link-Local as the next-hop, which, for some reason,
they cannot get to.
-Randy
--
| Randy Carpenter
| Vice President - IT Services
| Red Hat Certified Engineer
| First Network Group, Inc.
|
Randy Carpenter wrote:
Does anyone have any suggestions on setting up BGP peering between Juniper
(SRX) and Cisco?
I successfully have cisco-cisco and juniper-juniper without problems.
When I am trying to peer to one of my upstreams (who has cisco) with my Juniper
SRX, They are seeing the lin
We are using global addresses, but on the Cisco side, it is seeing the
Link-Local as the next-hop.
-Randy
--
| Randy Carpenter
| Vice President - IT Services
| Red Hat Certified Engineer
| First Network Group, Inc.
| (800)578-6381, Opt. 1
- Original Message -
> > When I am trying
> When I am trying to peer to one of my upstreams (who has cisco) with
> my Juniper SRX, They are seeing the link-local address as the
> next-hop
use global v6 addresses
Does anyone have any suggestions on setting up BGP peering between Juniper
(SRX) and Cisco?
I successfully have cisco-cisco and juniper-juniper without problems.
When I am trying to peer to one of my upstreams (who has cisco) with my Juniper
SRX, They are seeing the link-local address as the n
On Wed, Dec 7, 2011 at 1:04 PM, Gregory Croft wrote:
> I'm not having problems... Well, not yet anyways. :)
>
> Just investigating to see if there is a reason I shouldn't use a
> firewall at the edge versus a dedicated router as well as to see if
> anyone can share their specific experience with
In late August Calix came to our site and tested their IPv6 support on the
C7 platform for their upcoming 8.0 release. They tested both on GPON and
VDSL2 using the N:1 (VLAN per service) approach. There were some issues
that prevented all the CPE I had from working, but since then they've taken
i
In a message written on Wed, Dec 07, 2011 at 10:19:58AM -0800, Holmes,David A
wrote:
> My concern is whether or not consolidating border router and firewall
> functions in the same device violates, if not explicitly, then the spirit of
> the "defense in depth" Internet edge design principle. Her
My concern is whether or not consolidating border router and firewall functions
in the same device violates, if not explicitly, then the spirit of the "defense
in depth" Internet edge design principle. Here is a link to a Department of
Homeland Security document where this is discussed (for cont
I'm not having problems... Well, not yet anyways. :)
Just investigating to see if there is a reason I shouldn't use a
firewall at the edge versus a dedicated router as well as to see if
anyone can share their specific experience with the PAN devices.
Thanks everyone!
Greg
-Original Me
On Wed, Dec 7, 2011 at 11:19 AM, Keegan Holley
wrote:
> It was more curiosity. I'm looking in to scripting and starting to get
> tired of having to account for ssh/telnet, credentials, differences in
'write a library'... someone once said.
> platforms and code from the same vendor and my variou
On Wed, Dec 7, 2011 at 11:29 AM, Keegan Holley
wrote:
>>
>> > I can see the other comments about interactive commands and bulk
>> > read/writes, but what's the harm of doing it on internet connected boxes
>> > vs.
>> > non-internet boxes. Just about everyone uses snmp reads in the
>> > interwebs
On Wed, Dec 7, 2011 at 12:31 PM, Gregory Croft wrote:
> Hi All,
>
>
>
> Does anyone have any experience with using firewalls as edge devices
> when BGP is concerned?
>
> Specifically the Palo Alto series of devices.
nokia/checkpoint has done this for ages. what's the problem you have?
Hi All,
Does anyone have any experience with using firewalls as edge devices
when BGP is concerned?
Specifically the Palo Alto series of devices.
If so please contact me off list.
Thank you.
Thank you,
Gregory S. Croft
Yeah, that's an interesting one. We currently utilize netflow for this,
but you also need to consider that netflix streaming is just port 80 www
traffic. Because netflix uses CDNs, its difficult to pin down the
traffic to specific hosts in the CDN and say that this traffic was
netflix, while th
>
>
> > I can see the other comments about interactive commands and bulk
> > read/writes, but what's the harm of doing it on internet connected boxes
> vs.
> > non-internet boxes. Just about everyone uses snmp reads in the interwebs
>
> I think the general feeling is that snmp is udp so it's spoof
>
> > There's no reason one can't program a device with SNMP, the main issue
> IMHO
> > has always been what I dubbed "config drift". You have your desired
> > configuration and variances that happen over time. If you don't force
> > a 'wr mem' or similar event after you trigger a 'copy tftp run'
Hi Alex,
In Dayton, Ohio, US, we are not seeing any 128... routes from TWTC (AS 4323).
In St. Louis, Ohio, US, we are seeing the 128.0.0.0/21 via Level 3 (AS 3356).
David Swafford,
Sr. Network Engineer, CareSource
On Mon, Dec 5, 2011 at 10:20 AM, Alex Le Heux wrote:
> Dear Colleagues,
>
> T
Looking at that path as well. Thanks Chris.
Parent company of the target business unit is a fortune 100.
Sent from my HTC on the Now Network from Sprint!
- Reply message -
From: "Chris"
Date: Wed, Dec 7, 2011 9:02 am
Subject: [OT] Domain Name broker
To:
Auction it on Sedo because th
Once upon a time, Chris Adams said:
> Using RIPE's traceroute web interface, I can see that Sprint is
> filtering 128.0.0.0/16:
Sprint is now passing routes and traffic in 128.0.0.0/16.
--
Chris Adams
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but my
Auction it on Sedo because they will handle the escrow. I would avoid
selling it yourself because you'll just get scam artists and if it's
Fortune 500, definitely cash in.
Hi there,
Through one of our recent acquisitions, we have a domain name that we
will be phasing out. We believe there is some value to it and have
already identified a fortune 100 company's business unit that is using
the same name, who is using their country based tld. Now, they may be
Fyodor,
Thanks for taking the fight to them.
A simple fan of nmap,
Aaron Smith
Ursinus College
On Dec 7, 2011, at 4:37 AM, valdis.kletni...@vt.edu wrote:
> On Tue, 06 Dec 2011 23:35:06 PST, Owen DeLong said:
>> Software which operates with the knowledge and consent of the owner, but,
>> not the
>> knowledge or consent of the end-user is still, IMHO, nefarious at best.
>
> Yeah well... th
On Tue, 06 Dec 2011 23:35:06 PST, Owen DeLong said:
> Software which operates with the knowledge and consent of the owner, but, not
> the
> knowledge or consent of the end-user is still, IMHO, nefarious at best.
Yeah well... that horse left the barn once this company in Redmon released
an operati
For those who might not be aware, an OS-level fix has been
integrated into the following Junos releases:
- 10.0R5
- 10.4R8
- 10.4R9
- 11.1R7
- 11.2R4
- 11.3R3
- 11.4R1
- 11.4R2
- 12.1R1
Cheers,
Mark.
signature.asc
Desc
On Wednesday, December 07, 2011 03:43:20 PM Owen DeLong
wrote:
> In any such vendor choice, I'd say make sure that they
> have workable IPv6 before making any major investments.
> Otherwise, you've got a dead-end platform that won't
> serve you very well for very many years.
GPON deployment for
46 matches
Mail list logo