Re: netflix OCA in a CG-NAT world

On 28/11/18 5:25 pm, Mark Tinka wrote: > Well, my Apple TV interface only has IPv4 bits to show. > > Are you saying IPv6 is hidden from the "Network Settings" tab? I haven't > done an actual wire tap. tvOS doesn't expose IPv6 addresses but it fully supported just like all ios based systems since

Re: netflix OCA in a CG-NAT world

Sony Entertainment is know to be slowpoke in this area. PS4 firmware/kernel is SLAC enabled IPv6 but its not exposed to devs and thus apps doesn't use it at all. Are you sure about ATV4 netflix app? Support is there and I've seen traffic from it when recently did tcpdump from ATV4. On 28/11/18

Re: WiFi - login page redirection not working

On 01/12/17 09:32, Vincent Bernat wrote: > DHCP and neighbor discovery can also provide the information of the > login page: https://tools.ietf.org/html/rfc7710 I don't think it got support in any os. Current take on that is capport WG https://datatracker.ietf.org/wg/capport/documents/

Re: IPv6 Loopback/Point-to-Point address allocation

On 10/09/2017 14:25, Saku Ytti wrote: However I don't think market would generally appreciate the implications linklocal brings to traceroute, where least bad option would be just to originate hop-limit exceeded from loop0, with no visibility on actual interface. rfc5837 would help but it

Re: Netflix VPN detection - actual engineer needed

RDAP is same across RIRs. Yes old REST API was PITA On 07/06/2016 02:08, Ricky Beam wrote: > Yes, ARIN and RIPE have REST APIs, but they're completely different > interfaces with different schemas (and different capabilities.) I have > independent applications for talking to each. And those are

Re: phone fun, was GeoIP database issues and the real world consequences

On 15/04/16 17:51, John R. Levine wrote: > Putting mobiles into a handful of non-geographic codes as they do in > Europe wouldn't work because the US is a very large country, long > distance costs and charges were important, and they needed to be able > to charge more for a mobile call across the

Re: Internet Exchanges supporting jumbo frames?

There was one draft few years ago https://tools.ietf.org/html/draft-mlevy-ixp-jumboframes-00#section-3.1 On 17/03/2016 20:49, Chris Woodfield wrote: > Have their been any efforts on the IETF side of things to standardize this, > at least for IPv4/v6 packets?

Re: sFlow vs netFlow/IPFIX

On 01/03/16 10:44, Pavel Odintsov wrote: > But unfortunately they (Cisco Nexus) are pretty expensive and fairly > new for DC and ISP market. It's pretty rare to find big company with > switching backbone on Nexus switches. You could go with withbox switches, which is based on same broadcom ASIC,

Re: sFlow vs netFlow/IPFIX

On 01/03/16 17:13, Mark Tinka wrote: > > > On 29/Feb/16 12:15, Nikolay Shopik wrote: > >> Cisco Nexus switches support sflow, since they are broadcom based. > > Not all of them, just the Nexus 9000, IIRC. > Nexus 3000 also broadcom, but maybe not all models.

Re: sFlow vs netFlow/IPFIX

Cisco Nexus switches support sflow, since they are broadcom based. On 29/02/16 10:26, Pavel Odintsov wrote: > Cisco do not support this protocol at all (that's pretty weird, > really).

Re: Google Captcha on web searches

You may get captcha if you are using popular open dns services. At least this is what I've seen. On 10/11/2015 20:28, Joseph Jenkins wrote: > We started getting a Google Captcha for our web searches this morning. Does > anyone have contact info for Google so that I can contact them and figure

Re: Google Captcha on web searches

10, 2015 at 1:09 PM, Nikolay Shopik <sho...@inblock.ru> wrote: >> You may get captcha if you are using popular open dns services. At least >> this is what I've seen. >> > > pardon, what? > >> On 10/11/2015 20:28, Joseph Jenkins wrote: >>> We st

Re: Google Captcha on web searches

eard of this behaviour with > their service either. > > Just wanted to clarify. > - Chris > > On Tue, Nov 10, 2015 at 12:29 PM, Nikolay Shopik <sho...@inblock.ru> wrote: >> When I've started using DNS from unotelly service, captcha starts >> appears from time to

Re: BGP hold timer on IX LAN

BFD is your friend. Yes it's require both parties to understand it but it much better than 30sec hold time. BIRD already have support for BFD > On 27 окт. 2015 г., at 10:31, "marcel.durega...@yahoo.fr" > wrote: > > Hello, > > As all of us know BGP was designed for

Re: Google IMAP (with k9mail)

Its oauth they require now. Thunderbird bug https://bugzilla.mozilla.org/show_bug.cgi?id=849540 On 23/10/2015 19:20, Jay Ashworth wrote: > - Original Message - >> From: "Christopher Morrow" > >> Incoming settings >> IMAP server: imap.gmail.com >> Port: 993 >>

Re: Quakecon: Network Operations Center tour

Steam moved to http streaming few years ago for exact that reason On 2 авг. 2015 г., at 4:51, Steven Miano mian...@gmail.com wrote: historically steam/game downloads are not cahce'able

Re: Dual stack IPv6 for IPv4 depletion

Or wait ILNP/ILA https://lwn.net/Articles/647515/ On 15 июля 2015 г., at 0:09, Matthew Huff mh...@ox.com wrote: Exactly. As a business entity and not a provider, we wouldn't have even contemplated deploying IPv6 without PI addresses. The myth of easy renumbering and/or having multiple

Re: AWS Elastic IP architecture

Tell me how do you plan find printer in /64 subnet, scan it? On 02.06.2015 18:08, Matthew Kaufman wrote: I can't run my laser printer without a firewall in front of it, and I can't even guess how secure the controller in the septic system pump box might be... so I don't risk it. And I *know*

Re: AWS Elastic IP architecture

Matthew Kaufman (Sent from my iPhone) On Jun 2, 2015, at 9:21 AM, Nikolay Shopik sho...@inblock.ru wrote: Tell me how do you plan find printer in /64 subnet, scan it? On 02.06.2015 18:08, Matthew Kaufman wrote: I can't run my laser printer without a firewall in front of it, and I can't

Re: macomnet weird dns record

since mix of dec and hex Colin On 14 Apr 2015, at 14:09, Nikolay Shopik sho...@inblock.ru wrote: How its weird? All these chars allowed in DNS records. On 14/04/15 15:36, Colin Johnston wrote: never saw hex in host dns records before. host-242.strgz.87.118.199.240.0xfff0.macomnet.net

Re: macomnet weird dns record

[mailto:nanog-boun...@nanog.org] On Behalf Of Colin Johnston Sent: Tuesday, April 14, 2015 9:27 AM To: Nikolay Shopik Cc: nanog@nanog.org Subject: Re: macomnet weird dns record Because looks strange especially if the traffic is 100% bad Best practice says avoid such info in records as does not aid

Re: macomnet weird dns record

Transit traffic isn't issue, as upload/download ratio usually 1:2 or more. As I said before when you already on edge of your profits, you don't bother fixing these clients. Its not about best practice which I agree, but business you are running, which is suppose to be profitable. And fixing these

Re: macomnet weird dns record

This is probably worse then hexadecimal PTR records :). No traceroute actually convert punycode, so why bother? As it usually intended audience already know how to read English letters. On 14/04/15 17:00, Pavel Odintsov wrote: What about IDN encoded PTR records? I sure it's nice idea and I will

Re: macomnet weird dns record

User complain that his network slow and reliable. Check if its saturated his link and tell him buy additional 10mbps/s, here is your profit. If you really want fight bots, you need to track down and fight CC in first place. Otherwise you are fighting windmills.

Re: macomnet weird dns record

Yep, last time I've checked and internet isn't running on communism. On 14/04/15 18:05, Rod Beck wrote: Private benefit is less than social (sum of private benefits across all affected parties) benefit.

Re: macomnet weird dns record

] On Behalf Of Colin Johnston Sent: Tuesday, April 14, 2015 9:27 AM To: Nikolay Shopik Cc: nanog@nanog.org Subject: Re: macomnet weird dns record Because looks strange especially if the traffic is 100% bad Best practice says avoid such info in records as does not aid debug since mix of dec

Re: macomnet weird dns record

How its weird? All these chars allowed in DNS records. On 14/04/15 15:36, Colin Johnston wrote: never saw hex in host dns records before. host-242.strgz.87.118.199.240.0xfff0.macomnet.net range is blocked non the less since bad traffic from Russia network ranges. Colin

Re: v6 deagg

On 20/02/15 12:42, Mikael Abrahamsson wrote: I don't like where this is headed. There are millions of entities that are justifiable to announce a /48 into DFZ. Do we want this to happen? rfc6115 have good overview and recommendation. IPv6 clearly need separation of identification of endpoints

Re: Huawei's Versatile Routing Platform (VRP)

CLI is really similar to IOS. But be ready, their documentation suck balls big time, and some of it usually unavailable in open internet. On 19/08/14 23:34, Colton Conor wrote: How does Huawei's Versatile Routing Platform (VRP) operating system that is on their switches and routers compare to

Re: ipmi access

On 02/06/14 20:56, Christopher Morrow wrote: so... as per usual: 1) embedded devices suck rocks 2) no updates or sanity expected anytime soon in same 3) protect yourself, or suffer the consequences seems normal. So I wonder why vendors don't publish source code of these ipmi

Re: ipmi access

On 02.06.2014 21:39, Jeroen Massar wrote: Source won't help too much, as upgrading the kernel will require a lot more magic than just that. Also, do you have time to support all the different IPMI boxes out there while your vendor should be doing that work? Agree, but most IPMI cards we

Re: ipmi access

On 02.06.2014 21:52, shawn wilson wrote: Really, it would be nice to have an open card that does this. Even if the card were limited to what you could do with DMA and some serial (i2c and whatnot) cables. I'd use that instead of something else (in this case, mainly because I'd replace the

Re: Getting pretty close to default IPv4 route maximum for 6500/7600 routers.

Asr1002-f may have problem as it limited to 512k iirc On 08 мая 2014 г., at 2:45, Shawn L sha...@up.net wrote: Do the ASR1k routers have this issue as well? I searched around but couldn't find any information. -- Forwarded message -- From: Irwin, Kevin

Re: Getting pretty close to default IPv4 route maximum for 6500/7600 routers.

I know most people have problems with 2 bgp feeds and 4GB RAM on ASR1002-F (as it max installable memory). So I doubt about 2M routes with 2GB RAM. On 08.05.2014 18:45, Irwin, Kevin wrote: on an ASR-1K with 2GB of RAM you can then have up to 2 million IPv4 routes

Re: 7206 VXR NPE-G1 throughput

Our G2 with BGP full-view and sampled netflow 1:100 doing 1,2Gbit with about 88% load. On 12.02.2014 1:03, Mark Walters wrote: Side note - our G2s at that same 800Mbps traffic rate run at approx 60% CPU.

Re: 7206 VXR NPE-G1 throughput

On 10.02.2014 21:58, Nick Hilliard wrote: Unsubstantiated rumour claimed that modular IOS (QNX kernel) could push about 1.6x the throughput of vanilla IOS, as it was smp capable. Pity it was never released. You mean IOS XR? Which was never released for software based routers, right? as it QNX

Re: ATT UVERSE Native IPv6, a HOWTO

On 04/12/13 23:48, Owen DeLong wrote: Please tell me what provider is selling 100Mbit for $20-30 in the 408-532- area of San Jose, California. Currently, the only provider capable of delivering more than 768k wired here is charging me $100+/month for 30-50Mbps maximum. I could get

Re: ATT UVERSE Native IPv6, a HOWTO

On 04.12.2013 4:14, Mark Andrews wrote: In message 529d9492.8020...@inblock.ru, Nikolay Shopik writes: On 03/12/13 02:54, Owen DeLong wrote: I have talked to my bean counters. We give out /48s to anyone who wants them and we don't charge for IPv6 add ress space. There is some ISP who

Re: ATT UVERSE Native IPv6, a HOWTO

On 03/12/13 02:54, Owen DeLong wrote: I have talked to my bean counters. We give out /48s to anyone who wants them and we don't charge for IPv6 address space. There is some ISP who afraid their users will be reselling their connectivity to other users around. While I didin't see that in years

A9K-MPA-20X1GE in ASR9001

Hey, anyone had issues with A9K-MPA-20X1GE in ASR9001? It get disabled for us after 20 seconds finishing initialization, with such message. %PLATFORM-SCC-2-BAD_ID_HW : Failed Identification Test in 0/130/0 [1/0] The module in 0/130/0 in this router may not be a genuineCisco product.

Re: A9K-MPA-20X1GE in ASR9001

problems with the interface. There is a command to override this error and still use the interfaces. Sent from mobile device On Oct 25, 2013, at 11:56, Nikolay Shopik sho...@inblock.ru wrote: Hey, anyone had issues with A9K-MPA-20X1GE in ASR9001? It get disabled for us after 20 seconds

Re: A9K-MPA-20X1GE in ASR9001

On 25/10/13 14:08, Remco Bressers wrote: We're using them without problems. What software are you running? I did have major issues with flapping onboard 10G ports disabling TX. Tried on shiped 4.3.1 and now on 4.3.2, with same results. Also IIRC onboard ports only accept SFP+ rigth?

Re: A9K-MPA-20X1GE in ASR9001

So far only 4.3.2 and 4.3.1. Probably gonna check it on 4.2 tree and more recent 5.1 On 25/10/13 17:14, Ahad Aboss wrote: Have you tried a different IOS? Ahad On 25 Oct 2013, at 8:55 pm, Nikolay Shopik sho...@inblock.ru wrote: Hey, anyone had issues with A9K-MPA-20X1GE in ASR9001

Re: semi-ot: network monitoring tools

No all stats are snmp based On 02 окт. 2013 г., at 9:07, Dobbins, Roland rdobb...@arbor.net wrote: On Oct 2, 2013, at 12:57 PM, Ryan Dooley wrote: Coworkers of mine introduced me to Observium: http://www.observium.org/wiki/Main_Page Does it utilize flow telemetry? On the main page,

Re: Yahoo is now recycling handles

On 04/09/13 10:45, Randy Bush wrote: with no X- before it? http://tools.ietf.org/html/rfc6648

Re: Google's QUIC

On 29.06.2013, at 1:38, valdis.kletni...@vt.edu wrote: On Fri, 28 Jun 2013 14:28:39 -0700, joel jaeggli said: SCTP is used successfully for the purpose for which it was intended, which is connecting SS7 switches over IP. It's not as much a posterchild for an application agnostic transport

Re: OOB core router connectivity wish list

Also getting POTS line in your pop sometimes get tricky. 2G/3G modems with cheap plans cost like 10$/month (dunno about US though), thats almost same as POTS line. On 10/01/13 20:18, William Herrin wrote: Dial up with PPP and then cross the ethernet? Drop off a cellular modem with IP service

Re: OOB core router connectivity wish list

On 12.01.2013 3:44, Joel jaeggli wrote: On 1/11/13 02:44 , Nikolay Shopik wrote: Also getting POTS line in your pop sometimes get tricky. 2G/3G modems with cheap plans cost like 10$/month (dunno about US though), thats almost same as POTS line. They don't generally have public IPs (that can

Re: RFC becomes Visio

On 28/09/12 22:18, Seth Mattinen wrote: Hand draw two squares, label them our AS and your AS with a line between them labeled GigE. Bonus points for pencil. Don't forget have coffee mug stamp otherwise its unofficial diagram

Re: [outages] News item: Blackberry services down worldwide

On 13/10/11 19:56, Jared Mauch wrote: Rebuilding this trust can take some time. I do expect that with the iMessage stuff that was released yesterday (SMS/MMSoIP to email/phone#) many more companies will shift to using that instead as the value of BBM is decreased. I also wonder what the