Re: CloudFlare issues?

On 2019-06-24 20:16, Mark Tinka wrote: > > > On 24/Jun/19 16:11, Job Snijders wrote: > >> >> - deploy RPKI based BGP Origin validation (with invalid == reject) >> - apply maximum prefix limits on all EBGP sessions >> - ask your router vendor to comply with RFC 8212 ('default deny')

Re: Cheap switch with a couple 100G

On 2018-11-25 21:16, Mike Hammett wrote: > No, not new. No need to buy new switches when there are so many used > available (except for now needing 100G). Switches > have an extremely long life. I have a client that has 15 year old Foundry > switches that just work, though we're looking > to

Re: AS3266: BitCanal hijack factory, courtesy of many connectivity providers

On 2018-07-09 17:24, Fredrik Korsbäck wrote: > On 2018-07-06 21:18, Tom Paseka via NANOG wrote: >> Hi, >> >> I've been casually observing the connectivity to Bitcanal / AS3266 / >> AS197426 since the thread started. >> >> After GTT shared that bitcanal h

Re: AS3266: BitCanal hijack factory, courtesy of many connectivity providers

On 2018-07-06 21:18, Tom Paseka via NANOG wrote: > Hi, > > I've been casually observing the connectivity to Bitcanal / AS3266 / > AS197426 since the thread started. > > After GTT shared that bitcanal had been disconnected, bitcanal was only > visible behind Cogent. But the Cogent path now also

Re: The story about MyEtherWallet.com hijack or how to become a millionare in 2 hours.

correct me on this one) with 10297 and hence poisoned the 8.8.8.8 resolver for some time with the wrong ip-addr. > On Tue, Apr 24, 2018 at 08:35:17PM +0200, > Fredrik Korsbäck <hu...@nordu.net> wrote > a message of 28 lines which said: > >> Surprised this hasnt "made th

Re: The story about MyEtherWallet.com hijack or how to become a millionare in 2 hours.

ooks like towards your customers? I typically base my peering-relationships on people/operators that i have some kind of level of trust in. > Is MyEtherWallet really doing 500k/hr in business though? > >> On Apr 24, 2018, at 2:35 PM, Fredrik Korsbäck <hu...@nordu.net> wrote:

The story about MyEtherWallet.com hijack or how to become a millionare in 2 hours.

Aloha. Surprised this hasnt "made the news" over at this list yet. https://doublepulsar.com/hijack-of-amazons-internet-domain-service-used-to-reroute-web-traffic-for-two-hours-unnoticed-3a6f0dda6a6f https://groups.google.com/forum/#!msg/mozilla.dev.security.policy/2teeVLJ44RM/Yqk5GHSpCQAJ

Re: Spiffy Netflow tools?

On 2018-03-13 00:24, mike.l...@gmail.com wrote: > Howdy! > > Checking out various Netflow tools and wanted to see what others are using? > > Kentik is cool. Are they the only SaaS based flow digester? I don’t seem to > see any others. > > Also curious about on-prem solutions as well. > >

Re: Contact info for AS1880 - STUPI.SE (Svensk Teleutveckling & Produktinnovation)

On 2018-03-05 04:20, Brian Kantor wrote: > Does anyone have contact info for the peering folks at > AS1880, Svensk Teleutveckling & Produktinnovation in Sweden? > > They appear to be advertising a subnet of our network > space without permission. Their WHOIS entry at RIPE does > not list any

Re: Blockchain and Networking

On 2018-01-13 03:26, Christopher Morrow wrote: On Fri, Jan 12, 2018 at 5:20 PM, wrote: On Thu, 11 Jan 2018 15:28:19 -0500, William Herrin said: On Thu, Jan 11, 2018 at 2:46 PM, Dale W. Carder wrote: Traceroute or any other path diagnostics comes

Re: Attacks from poneytelecom.eu

Depends on what "legitimate" means. We have a decent amount of traffic to the network (like 2Gbps sustained in any afternoon). Its typically a mix of bittorrent, tor-relay traffic, ftp-transfers and of course the expected scanners, malware-hosts, ddos-bots and such. For me

Re: 40G and 100G optics options

> 19 dec. 2017 kl. 19:24 skrev Sabri Berisha <sa...@cluecentral.net>: > > - On Dec 18, 2017, at 9:49 AM, Fredrik Korsbäck hu...@nordu.net wrote: > >> This is the "failure" of us (the business) choosing QSFP as the de-factor >> formfactor for 100G, th

Re: 40G and 100G optics options

This is the "failure" of us (the business) choosing QSFP as the de-factor formfactor for 100G, there is not power in that cage to make 10km+ optics in an easy way. If we would have pushed for CFP4 as the "last" formfactor in 100G land we would be much better off. The options you have to choose

Re: Arista Layer3

On 2017-11-30 19:36, Romeo Czumbil wrote: So I've been using Arista as layer2 for quite some time, and I'm pretty happy with them. Kicking the idea around to turn on some Layer3 features but I've been hearing some negative feedback. The people that I did hear negative feedback don't use Arista

Re: Commodity routers/switches

On 2017-11-19 02:55, mike.l...@gmail.com wrote: Howdy! Looking to replace some edge routers for my small ISP. With all the various SDN platforms available along with various choices of bare-metal hardware platforms, im thinking i may go this route instead of going with Cisco/Juniper/Etc. I

Re: 4 or smaller digit ASNs

On 2017-10-12 07:01, James Breeden wrote: Hello NANOG... I have a client interested in picking up a new AS number but they really want it to be 3 or 4 digits in length. Is there a process to request this from ARIN, or doss anyone know of unused ASns fitting this that anyone is looking to

Re: 100G - Whitebox

The only viable merchant silicon chip that would be useful for a IXP is from the StrataDNX-family which house the jericho/qumran/petra/arad chips from broadcom. No packetbuffer in the exhangepoint will shred performance significantly, especially when one of your bursty 100G customers starts

Re: Virtual or Remote Peering

How well does this service work? I understand it usually involves point-to-multipoint Switched Ethernet with VLANs and resold IX ports. Sounds like a service for ISP that would like to peer, but have relatively small volumes for peering purposes or lopsided volumes. Roderick Beck Director

Re: Anyone using Arista 7280R as edge router?

On 14/04/17 15:51, David Hubbard wrote: > Hey all, have some Brocade MLXe’s that can no longer handle a full v4 and v6 > route table while also having VRF support (dumb CAM profile limitations in > the software). Mine don’t do anything fancy; just BGP to a few upstream > peers and OSPF/OSPFv3

Re: Arista unqualified SFP

On 18/08/16 14:45, Mark Tinka wrote: > > > On 18/Aug/16 14:42, Nick Hilliard wrote: > >> >> It is always better to clarify this sort of thing with the account >> management team before purchasing, and preferably have it in email or >> writing. After that, the best approach is to ask support

Re: Arista unqualified SFP

On 18/08/16 13:29, Dovid Bender wrote: > And I was about to jump on to the Arista train. > > Regards, > > Dovid > > -Original Message- > From: Stanislaw > Sender: "NANOG" Date: Thu, 18 Aug 2016 13:24:05 > To: nanog list >

Re: NANOG67 - Tipping point of community and sponsor bashing?

On 17/06/16 01:09, Baldur Norddahl wrote: > Hi, > > I have studied Netnod extensively because we want to become members, but we > can not simply because it is too expensive. I just signed a deal with he.net > for a flatrate 10G transit for about the same as the 10G Comix port cost. > The

Re: NOC AS1836 green.ch AG

On 03/05/16 21:23, Marco Paesani wrote: > Hi Arnold, > nobody answer at 'peer...@green.ch' for this reason I write here on NANOG. > Ciao, > > > Marco Paesani > > > Skype: mpaesani > Mobile: +39 348 6019349 > Success depends on the right choice ! > Email: ma...@paesani.it > Marco. As I've

Re: New Switches with Broadcom StrataDNX

On 18/04/16 20:01, Colton Conor wrote: > As a follow up to this post, it look like the Arista 7500R series has this > new chip inside of it. > > On Wed, Jan 20, 2016 at 9:34 AM, Jeff Tantsura > wrote: > >> That's right, logic is in programming chips, not their

Re: PCH Peering Paper

On 11/02/16 00:34, Patrick W. Gilmore wrote: > I quoted a PCH peering paper at the Peering Track. (Not violating rules, > talking about myself.) > > The paper is: > > https://www.pch.net/resources/Papers/peering-survey/PCH-Peering-Survey-2011.pdf > > I said “99.97%” of all peering