Ingress filtering is the correct tool for the job. The whole point here is that
packets are coming from somewhere they should not, and they are thus spoofed.
The tools have been in place to deal with this for a very long time now. The
drafts that became RFC 2267 (precursor of RFC 2827 / BCP38)
On Jul 13, 2010, at 11:11 AM, Greg Whynott wrote:
They are all software based, no matter who builds them. Cisco IOS,
Juniper JunOS, etc.
controlling hardware asic's and fpga's.
Which are in essence software burned into chips. They can provide some
acceleration, but will the next
While the equipment may well be affected by an EM pulse, if the gear returns to
normal after a power cycle, then the equipment vendor didn't do their job fully
developing the product. A product should be tested to take such pulses and
should recover provided it has not suffered a catastrophic
On Apr 21, 2010, at 9:25 AM, Christopher Morrow wrote:
On Wed, Apr 21, 2010 at 1:29 AM, Owen DeLong o...@delong.com wrote:
While I think this is an improvement, unless the distribution of ULA-C is no
cheaper
and no easier to get than GUA, I still think there is reason to believe that
it
On Apr 21, 2010, at 9:57 AM, Dan White wrote:
On 21/04/10 10:49 -0300, Claudio Lapidus wrote:
Hello all,
At our ISP operation, we are seeing increasing levels of traffic in our
outgoing MTA's, presumably due to spammers abusing some of our subscribers'
accounts. In fact, we are seeing
On Apr 20, 2010, at 3:55 PM, Joe Abley wrote:
On 2010-04-20, at 15:31, Roger Marquis wrote:
If this were really an issue I'd expect my nieces and nephews, all of whom
are big
game players, would have mentioned it. They haven't though, despite being
behind
cheap NATing CPE from
I see a need for stable, permanent blocks of addresses within an organization.
For example, a branch office connecting to a central office over VPN: firewall
rules need to be predictable. If the branch office' IPv6 block changes, much
access will break. This is directly analogous to how RFC1918
It's been clear for a very long time that the NANOG crowd likes to socialize.
At NANOGs, social settings are where connections are made, beers consumed,
sometimes scuba dives shared or other local attractions explored. It is
certainly a good thing, and fosters much useful discussion among peers
On Mar 22, 2010, at 6:53 PM, Stan Barber wrote:
In this case, I am talking about an IPv6-IPv6 NAT analogue to the current
IPv4-IPv4 NAT that is widely used with residential Internet service
delivery today.
I believe that with IPv6 having much larger pool of addresses and each
On Mar 18, 2010, at 2:25 PM, Owen DeLong wrote:
On Mar 18, 2010, at 9:34 AM, Fred Baker wrote:
Are they using them only within their domain(s), and ARIN addresses outside,
or are they advertising them to their upstream(s) to be readvertised into
the backbone?
If they are using them
Well, it's like this... there's still no native IPv6 connectivity in most data
centers, residences, businesses or wireless, most vendors of networking
equipment have not had a lot of mileage on their IPv6 code if they even have it
fully working, and, frankly, the IPv6 community has been
From what I've read, they may well get higher bandwidth out to the town centers
on fiber. There has been little discussion of how to distribute from there. I
suppose Verizon, the only company offering anything out there, will take
advantage and use the fiber to improve speeds in the centers of
@nanog.org
Subject: Locations with no good Internet (was ISP in Johannesburg)
Daniel Senie d...@senie.com wrote:
Better than western Massachusetts, where there's just no
connectivity
at =
all. Even dialup fails to function over crappy lines.
Hmm. Although I've never been to Western MA
Better than western Massachusetts, where there's just no connectivity at all.
Even dialup fails to function over crappy lines. I'd take monopoly pricing over
no connectivity, I guess.
On Feb 25, 2010, at 9:08 PM, Randy Bush wrote:
Internet connectivity here in 'deepest darkest Africa' is
On Feb 20, 2010, at 12:28 AM, Scott Howard wrote:
On Fri, Feb 19, 2010 at 5:20 PM, William Herrin b...@herrin.us wrote:
On Fri, Feb 19, 2010 at 3:30 PM, Rich Kulawiec r...@gsp.org wrote:
Barracuda's engineers apparently think
that using SPF stops backscatter -- and it most emphatically does
On Feb 20, 2010, at 8:08 AM, Rich Kulawiec wrote:
On Fri, Feb 19, 2010 at 08:20:36PM -0500, William Herrin wrote:
Whine all you want about backscatter but until you propose a
comprehensive solution that's still reasonably compatible with RFC
2821's section 3.7 you're just talking trash.
On Jan 26, 2010, at 9:54 AM, Joe Maimon wrote:
For me, the entire debate boils down to this question.
What should the objective be, decades or centuries?
If centuries, how many planets and moons will the address space cover? (If we
as a species manages to spread beyond this world before we
On Jan 14, 2010, at 1:53 PM, John Payne wrote:
On Jan 14, 2010, at 1:41 PM, Kevin Loch wrote:
Ketan Mangal wrote:
Yes there is a Newyork to Philadelphia fiber cut is there It might not be
an outage it might be high latency due to multiple
routes going out via there buffalo POP.
That
I disagree. There was considerable concern with a misuse of a mechanism and its
effect on various systems. That, from discussion on the IETF mailing list I was
on when it was discussed there. There was no rough consensus that I could see.
On Dec 15, 2009, at 2:09 PM, Tony Finch wrote:
On
On Aug 28, 2009, at 9:47 AM, Jack Bates wrote:
Robert E. Seastrom wrote:
The problem is that if you break down the costs, you'll find out that
it almost doesn't matter what you put in as a cost of the total
build;
the big costs are the engineering and the labor to install, not the
cost of
On Apr 9, 2009, at 7:15 AM, Robert E. Seastrom wrote:
Seth Mattinen se...@rollernet.us writes:
I have a few Sprint EVDO cards. They go into standby when nothing is
actively going on and fire up within seconds when there is
something to
do. I regularly use everything from SSH to streaming
by this thread is a simple observation: Engineers make lousy salespeople.
--
-
Daniel Senied...@senie.com
Amaranth Networks Inc.http://www.amaranth.com
Kindness
developers can find useful
information on how to avoid problems.
--
-
Daniel Senied...@senie.com
Amaranth Networks Inc.http://www.amaranth.com
Kindness in words creates
At 06:54 PM 11/2/2008, Daniel Roesen wrote:
On Sun, Nov 02, 2008 at 04:40:20PM -0500, Randy Epstein wrote:
Problem resolved?
https://www.sprint.net/cogent.php
Reading this accounting of Sprint's side of the story reveals
something that's not too surprising about Sprint. They've got serious
At 09:33 AM 11/2/2008, Mikael Abrahamsson wrote:
On Sun, 2 Nov 2008, Rod Beck wrote:
It is a short term issue that probably doesn't merit government intervention
The only government intervention I can imagine as being productive
would be to mandate what the Internet is, and if someone is
At 01:20 PM 10/31/2008, Randy Epstein wrote:
If you haven't already seen it, the great Todd Underwood of Renesys
published an article today on his blog regarding this subject:
http://www.renesys.com/blog/2008/10/wrestling-with-the-zombie-spri.shtml
Just read through Todd's blog posting. Since
At 06:05 PM 10/12/2008, Nathan Ward wrote:
On 13/10/2008, at 9:53 AM, Stephen Sprunk wrote:
Mikael Abrahamsson wrote:
This brings up an interesting question, should we stop announcing
our 6to4 relays outside of Europe? Is there consensus in the
business how this should be done? I have heard
At 11:08 AM 9/30/2008, Charles Wyble wrote:
I like to use ntop (from ntop.org) for this, along with MRTG. Others
prefer cacti. I found MRTG easier to setup. It comes down to
personal preference.
MRTG provides graphs of usage, but I'm not aware of it providing a
monthly total usage (or 95%
At 12:48 PM 9/3/2008, you wrote:
Do you operate your mailserver on a residential cablemodem or adsl
rather than a business account?
No, we co-lo equipment at a professional facility that our customers
on any type of connection need to have access to send mail through,
regardless of whether
At 03:10 PM 10/19/2007, John C. A. Bambenek wrote:
I love how the framed it as data discrimination. Let's just be
honest... 99% of it was illegal traffic taking up far more than their
fair share of bandwidth.
Let's be honest. The US ISPs have been advertising unlimited
service, but
At 02:29 PM 10/16/2007, Pekka Savola wrote:
On Tue, 16 Oct 2007, Alain Durand wrote:
Classifying it as private use should come with the health warning use this
at your own risk, this stuff can blow up your network. In other words, this
is for experimental use only.
Do we need to classify
At 04:07 PM 10/2/2007, Iljitsch van Beijnum wrote:
On 2-okt-2007, at 16:53, Mark Newton wrote:
By focussing on the mechanics of inbound NAT traversal, you're
ignoring the fact that applications work regardless. Web, VoIP,
P2P utilities, games, IM, Google Earth, you name it, it works.
O
At 08:04 PM 10/3/2007, Stephen Sprunk wrote:
Thus spake Daniel Senie [EMAIL PROTECTED]
A number of people have bemoaned the lack of any IPv6-only
killer-content that would drive a demand for IPv6. I've thought
about this, and about the government's push to make IPv6 a reality.
What occurred
At 09:13 AM 10/2/2007, Iljitsch van Beijnum wrote:
On 2-okt-2007, at 15:05, Adrian Chadd wrote:
Please explain how you plan on getting rid of those protocol-aware
plugins
when IPv6 is widely deployed in environments with -stateful
firewalls-.
You just open up a hole in the firewall where
At 03:20 PM 6/4/2007, Jim Shankland wrote:
[EMAIL PROTECTED] writes:
On Mon, 04 Jun 2007 11:32:39 PDT, Jim Shankland said:
*No* security gain? No protection against port scans from Bucharest?
No protection for a machine that is used in practice only on the
local, office LAN? Or to
35 matches
Mail list logo