Re: Networks ignoring prepends?

> The Internet is lying to itself, and that’s not a situation that can persist > forever. I am not sure I agree. First, prepends are a suggestion. Perhaps a request. It has never (or at least not for the 3 decades I’ve been doing this) been a guarantee. In the situation below, perhaps the 5K

Re: cogent spamming directly from ARIN records?

Has anyone replied? If this is a peering request, not sure that is a bad use of the AS contact info. If it is a sales pitch, then yeah, that’s a problem. -- TTFN, patrick > On Oct 2, 2023, at 14:58, Tim Burke wrote: > > Hurricane has been doing the same thing lately... but their schtick is

Re: Network visibility

> But I will capitalize Internet in all relevant uses. > > This is an *engineering definition*, it matters that you name the right > object, and I am one of the people who will, in fact, die on this hill. You are not alone. > The associated press can bite me. While I respect and appreciate

Re: Internet history

On Oct 21, 2021, at 2:37 PM, Michael Thomas wrote: > > [changed to a more appropriate subject] > > On 10/20/21 3:52 PM, Grant Taylor via NANOG wrote: >> On 10/20/21 3:26 PM, Michael Thomas wrote: >>> Just as an interesting aside if you're interested in the history of >>> networking, When

Re: abha

On Oct 20, 2021, at 1:45 PM, Brett Watson wrote: > On Oct 20, 2021, at 10:41, Randy Bush wrote: >> >> abha died 20 years ago today > > Still miss her, she was a ray of sunshine. I can still hear her laugh, see her smile. Which makes me happy and sad at the same time. We all owe her. NANOG

Re: Facebook post-mortems...

Update about the October 4th outage https://engineering.fb.com/2021/10/04/networking-traffic/outage/ -- TTFN, patrick > On Oct 4, 2021, at 9:25 PM, Mel Beckman wrote: > > The CF post mortem looks sensible, and a good summary of what we all saw from > the outside with BGP routes being

Re: facebook outage

On Oct 4, 2021, at 5:30 PM, Bill Woodcock wrote: > On Oct 4, 2021, at 11:21 PM, Bill Woodcock wrote: >> On Oct 4, 2021, at 11:10 PM, Bill Woodcock wrote: >>> >>> They’re starting to pick themselves back up off the floor in the last two >>> or three minutes. A few answers getting out. I

Re: FYI: NANOG and ICANN

NANOG’s version: https://www.nanog.org/stories/nanog-signs-a-memorandum-of-understanding-with-internet-society-icann/ -- TTFN, patrick > On Oct 4, 2021, at 4:42 AM, Hank Nussbacher wrote: > >

Re: PeerinDB refuses to register certain networks [was: Setting sensible max-prefix limits]

record. I guess you are right, the _Peering_DB does not register “certain” networks. Those networks would be ones that do not peer. Which seems pretty obvious to me - it is literally in the name. -- TTFN, patrick > On Aug 18, 2021, at 5:50 PM, Sabri Berisha wrote: > > ----- On Aug 18, 2

PeerinDB refuses to register certain networks [was: Setting sensible max-prefix limits]

On Aug 18, 2021, at 5:00 PM, Matthew Walster wrote: > On Wed, 18 Aug 2021, 21:37 Sabri Berisha, wrote: > - On Aug 18, 2021, at 2:46 AM, Steve Lalonde st...@enta.net wrote: > > Hi, > >> > We always use PeeringDB data and refuse to peer with networks not in >> > PeeingDB >> >> You are

Re: FCC fines for unauthorized carrier changes and consumer billing

On Apr 23, 2021, at 12:47 PM, Sean Donelan wrote: > On Fri, 23 Apr 2021, Dan Hollis wrote: >> On Fri, 23 Apr 2021, Eric Kuhnke wrote: >>> Did the FCC ever collect its $50 million from "Sandwich Isles >>> Telecommunications" for blatant fraud? At this scale I wonder how or why >>> certain people

Re: Submitting Fake Geolocation for blocks to Data Brokers and RIRs

On Apr 22, 2021, at 7:58 PM, nanoguser100 via NANOG wrote: > > I see a lot of replies about the legality. As mentioned I have legitimate > reasons for doing this. I plan on serving customers in country. Your “legitimate” reason is to avoid someone else’s restrictions on the content they

Re: Submitting Fake Geolocation for blocks to Data Brokers and RIRs

On Apr 22, 2021, at 10:23 AM, Matthew Petach wrote: > On Thu, Apr 22, 2021 at 7:12 AM nanoguser100 via NANOG > wrote: >> William, >> >> The plan is to carve out a /24 for "Estonia" and have special servers on it. >> This would be the same /24 I'd have to use if I were to put a legitimate >>

Re: Zayo or HE for IP transit

Hurricane has probably the most peering of any large network on the planet. They also carry more v6 traffic than anyone. But they have a famous problem with v6 - you cannot get to Cogent (174) from HE. Since you have Cogent, that should not be a problem. Private, smart people, customer service

Re: OOB management options @ 60 Hudson & 1 Summer

On Apr 16, 2021, at 1:49 PM, Warren Kumari wrote: > On Fri, Apr 16, 2021 at 1:08 PM Bryan Fields wrote: >> On 4/16/21 1:33 AM, Saku Ytti wrote: > > https://www.markleygroup.com/cloud/network/out-of-band > > Wow, this is an impressive offering. I wish more providers would do this. > >

Re: Texas ERCOT power shortages (again) April 13

20/20 vision. It’s like saying that I shouldn’t have built the house > where the tornado hit. > >> On Apr 14, 2021, at 10:12 AM, Patrick W. Gilmore > <mailto:patr...@ianai.net>> wrote: >> >> Brian: >> >> The idea that because ERCOT is a

Re: Texas ERCOT power shortages (again) April 13

Brian: The idea that because ERCOT is a non-profit somehow means they would never do anything to save money, or management is not granted bonuses or salary increases based on savings, or have no financial incentive is ridiculous. E.g. Salaries for the top ERCOT executives increased 50% from

Re: wow, lots of akamai

the norm, > but that's not today, and when it is, somebody else will be pushing out 250GB > updates quarterly. This problem isn't going away soon, and it can't be fixed > permanently by just adding more capacity, it's a complex technical challenge > that CDN's ought to give som

Re: wow, lots of akamai

Just so I am clear, you are saying “I would rather have it come over my undersea cables than from inside the datacenter”? And you are assuming TCP transport. -- TTFN, patrick > On Apr 1, 2021, at 6:23 PM, Tony Wicks wrote: > > This is not actually (as in yes it does matter) the case, if a

Re: wow, lots of akamai

s of reply. They > aren't DDoSing the network, but they're amplifying a single 50 gig copy they > receive from the mothership and turning it into likely tens of terabytes of > traffic. > Yes, that's a CDN's job, but that volume of legitimate traffic and the very > tiny window with

Re: wow, lots of akamai

Matt: I am going to disagree with your characterization of how Akamai - and many other CDNs - manage things. First, to be blunt, if you really think Akamai nodes are “sitting idle for weeks” before CoD comes out with a new game, you are clearly confused. More importantly, I know for a fact

Re: Famous operational issues

On Feb 22, 2021, at 7:02 AM, t...@pelican.org wrote: > On Thursday, 18 February, 2021 22:37, "Warren Kumari" > said: > >> 4: Not too long after I started doing networking (and for the same small >> ISP in Yonkers), I'm flying off to install a new customer. I (of course) >> think that I'm hot

Re: Famous operational issues

On Feb 18, 2021, at 6:10 PM, Karl Auer wrote: > > I think it was Macchiavelli who said that one should not ascribe to > malice anything adequately explained by incompetence… https://en.wikipedia.org/wiki/Hanlon%27s_razor Never attribute to malice that which is adequately explained by

Re: Viable Third Option?

Second vote for NTT. Also, second vote for GTT. -- TTFN, patrick > On Feb 17, 2021, at 14:07, David Hubbard > wrote: > >  > I’ve been pretty happy with NTT but their POPs can be limited; I’ve had to > pick up waves to them, which sometimes still comes out ahead. I’m slowly > dropping

Re: Half Fibre Pair

Back in the day, there were these things called half-circuits or half-cables. Telephone companies in different countries would “share” a cable under the ocean, where the company in each country would own “half” the cable - i.e. from their shore to the middle of the ocean. I have no idea what

Re: A letter from the CEO

I am impressed that you stepped up, admitted the mistake, and apologized. Thank you for taking responsibility. Anyone reading this who can say they never made a mistake can continue to criticize you. As I am about as far from that standard as one can be, I will consider this penance enough for

Re: Apple moved from CDN, and ARIN whois

Not everything is moved. patrick@TiggerBook-C-32 ~ % dig www.apple.com […] ;; ANSWER SECTION: www.apple.com. 219 IN CNAME www.apple.com.edgekey.net. www.apple.com.edgekey.net. 12102 IN CNAME www.apple.com.edgekey.net.globalredir.akadns.net.

Re: AANP Akamai

netsupp...@akamai.com -- TTFN, patrick > On Sep 2, 2020, at 2:40 PM, ahmed.dala...@hrins.net wrote: > > Hello NANOG, > > Could somebody from Akamai AANP’s network team contact me off-list? I’ve > tried the peering and NOC and got no replies in months. > > Thanks > Ahmed

Re: Don Smith, RIP.

Would like to add my name to the very (very, very, very) long list of people who respected and will miss Don. I do not drink coffee, but for this occasion, it feels appropriate to say: (coffee != sleep) & (!coffee == sleep) -- TTFN, patrick > On Jul 23, 2020, at 7:50 PM, Paul Ferguson

Re: Google peering in LAX

On Mar 2, 2020, at 6:30 PM, Seth Mattinen wrote: > On 3/2/20 3:09 PM, Patrick W. Gilmore wrote: >> Your routers, your decision. >> But how much traffic are you sending TO Google? Most people get the vast >> majority of traffic FROM Google. They send you videos, you sen

Re: Google peering in LAX

On Mar 2, 2020, at 17:38, Seth Mattinen wrote: > On 3/2/20 2:20 PM, Hugo Slabbert wrote: >> I believe Owen was referring here to Google's actions: that the disagg is >> the antisocial behaviour and that transit providers (the people they are >> paying) would be more tolerant of that antisocial

Re: Software Defined Networks

I tell everyone we had SDNs in the 90s. But we called it “expect scripts”. :-) -- TTFN, patrick > On Dec 4, 2019, at 9:41 PM, Jennifer Rexford wrote: > > SDN is definitely an overloaded and confusing term that is used > inconsistently. Here are a few attempts to explain: > > - “The Road

HPE SAS Solid State Drives - Critical Firmware Upgrade Required

I do not normally post about firmware bugs, but I have this nightmare scenario running through my head of someone with a couple of mirrored HPE SSD arrays and all the drives going POOF! simultaneously. Even with an off-site backup, that could be disastrous. So if you have HPE SSDs, check this

Re: This endless pissing contest is operational, how? Re: Elad Cohen

On Sep 19, 2019, at 9:08 AM, John Sage wrote: > > On 9/19/19 3:25 AM, Elad Cohen wrote: >> Mr. Ronald Guilmette > > Are there *any* moderators #OnHere at all? Moderators? No. Anyone subscribed to the list can post anything at any time. But posts are reviewed after the fact if there is

Re: Cogent sales reps who actually respond

On Sep 17, 2019, at 9:46 PM, Christopher Morrow wrote: > On Tue, Sep 17, 2019 at 6:46 PM Martijn Schmidt via NANOG > wrote: >> >> Hi Elad, >> >> Is this policy officially documented by AFRINIC somewhere? Can you make >> route objects for legacy AFRINIC resources in their RIR operated IRRDB as

Re: Weekly Routing Table Report

t;> wrote: > > These numbers are nothing. Wait till IPv6 really start taking off. > > > -Original Message- > From: NANOG mailto:nanog-boun...@nanog.org>> On > Behalf Of Patrick W. Gilmore > Sent: Friday, August 30, 2019 3:09 PM > To: North Ame

Re: Weekly Routing Table Report

A very long time ago, I commented on this report hitting 250,000 prefixes. It was a Big F*#@$&! Deal at the time. A quarter million prefixes in the DFZ? Wow…. Then I did it again at 500,000. People commented that I should have waited for 512,000 - especially since a popular piece of kit was

Re: What can ISPs do better? Removing racism out of internet

Cloudflare is not an ISP. They are a CDN. You cannot ask them for a DSL or Cable connection, or even DIA. Not that it matters: ISPs are not “Common Carriers” in statute or Common Law. The DMCA provides some protections which are similar to Common Carrier status, but that does not mean they

Re: User Unknown (WAS: really amazon?)

[Speaking ONLY FOR MYSELF AS AN INDIVIDUAL.] On Aug 4, 2019, at 8:15 AM, Rubens Kuhl wrote: > On Sun, Aug 4, 2019 at 5:17 AM Scott Christopher wrote: > John Curran wrote: > > ... > >> As I have noted previously, I have zero doubt in the enforceability of the >> ARIN registration services

Re: What can ISPs do better? Removing racism out of internet

Mel: My understanding is ISPs are not Common Carriers. Didn’t we just have a big debate about this w/r/t Network Neutrality? I Am Not A Lawyer (hell, I am not even an ISP :), but if any legal experts want to chime in, please feel free to educate us. Put another way, ISPs are not phone

Are network operators morons? [was: CloudFlare issues?]

[Removing the attribution, because many people have made statements like this over the last day - or year. Just selecting this one as a succinct and recent example to illustrate the point.] >> This blog post, and your CEO on Twitter today, took every opportunity to say >> “DAMN THOSE MORONS AT

Re: looking for hostname router identifier validation

Automation isn’t even that hard - just outsource (e.g. 6Connect). I get why some things stagnate & collect kruft. But it is actually EASIER, and probably cheaper (including people time), to have a 3rd party “just do it” when it comes to things like DNS & IPAM. Then again, if everyone ran

Re: Special Counsel Office report web site

On Apr 17, 2019, at 9:02 PM, Sean Donelan wrote: > > The Special Counsel's report is expected to be posted on its website sometime > between 11 a.m. and noon on Thursday, April 18, 2019. > > https://www.justice.gov/sco > > Since I helped with website for the Starr Report on September 11,

Re: AT/as7018 now drops invalid prefixes from peers

Jay & everyone AT: I just want to say thank you. Kudos to your team for implementing and management for having the intestinal fortitude to do so. -- TTFN, patrick > On Feb 11, 2019, at 09:53, Jay Borkenhagen wrote: > > > FYI: > > The AT/as7018 network is now dropping all RPKI-invalid route

Re: Stupid Question maybe?

Why do you think the network portion needs to be contiguous? Well, it does now. But that was not always the case. https://www.quora.com/Why-is-the-subnet-mask-255-255-255-64-invalid/answer/Patrick-W-Gilmore https://www.quora.com/Why-is-the-subnet-mask-255-255-255-64-invalid -- TTFN, patrick

Re: Massive Price Increase for X-conns at Telehouse Chelsea, NYC

On Sep 17, 2018, at 17:51, Nick Hilliard wrote: > Patrick W. Gilmore wrote on 17/09/2018 22:40: >> Expecting any for-profit business (all of them, not just REITs) to do >> less than extract maximum cash is deluding yourself. > oh sure, but price gouging is often bad business pr

Re: Massive Price Increase for X-conns at Telehouse Chelsea, NYC

On Sep 17, 2018, at 15:08, Ethan O'Toole wrote: > >> If it’s in an interduct by itself, how much would the square footage per >> month occupied by the average cross connect be worth? > > These big datacenter companies are REITs. Similar to self-storage units and > apartment buildings, they

Re: Confirming source-routed multicast is dead on the public Internet

It is hard to prove a negative. So let’s prove a positive. One of the largest (2nd largest?) transit networks on the planet just affirmatively stated they filter at their border. It is now possible to state that multicast is not ubiquitous on the Internet. If any other large transit network

Re: What are people using for IPAM these days?

While there are many good options, I prefer 6Connect personally. Lots of hooks to let you automate things (not just which device has which IP address, much more), cheap as hell, and support is unbeatable. -- TTFN, patrick > On Jun 11, 2018, at 10:45, Owen DeLong wrote: > > I find lots of

Re: Peering at public exchange authentication

MD5 on BGP Considered Harmful -- TTFN, patrick Composed on a virtual keyboard, please forgive typos. > On Sep 29, 2017, at 13:41, craig washington > wrote: > > Hello all, > > > Wondering your views or common practices for using authentication via BGP at >

Re: Max Prefix Out, was Re: Verizon 701 Route leak?

On Sep 1, 2017, at 5:26 AM, Randy Bush wrote: > > i have 142 largish bgp customers, a large enough number that the number > of prefixes i receive from them varies annoyingly. how do i reasonably > automate setting of my outbound prefix limit? First, it seems you know the inbound

Re: BGP peering question

> Then you need to decide if you want to be a hop between those two peers or if > you want them to serve you only. You can change your routing so that both > providers know of your routes but you are not sharing routes between the two > providers. The definition of “peering” to most ISPs would

Re: BGP peering question

1) Are they present an IX where I am present? 2) Can they configure BGP correctly? 3) … Beer? Private interconnect requires actual thinking. Putting a procedure in around public peering is just overhead we don’t need. -- TTFN, patrick > On Jul 10, 2017, at 4:12 PM, craig washington

Re: EFF Call for sign-ons: ISPs, networking companies and engineers opposed to FCC privacy repeal

On Mar 29, 2017, at 6:48 AM, Mike Hammett wrote: > > ISPs lying? Sounds like something for the courts, not capitol hill. You can’t sue someone because they do something you do not like. Well, you can, but you won’t win. I guess you could ask for the providers to put it in

Re: EFF Call for sign-ons: ISPs, networking companies and engineers opposed to FCC privacy repeal

t; > The Brothers WISP > > - Original Message - > > From: "Patrick W. Gilmore" <patr...@ianai.net> > To: "NANOG list" <nanog@nanog.org> > Sent: Tuesday, March 28, 2017 9:25:54 PM > Subject: Re: EFF Call for sign-ons: ISPs, n

Re: EFF Call for sign-ons: ISPs, networking companies and engineers opposed to FCC privacy repeal

witter.com/ICSIL> > Midwest Internet Exchange <http://www.midwest-ix.com/> > <https://www.facebook.com/mdwestix> > <https://www.linkedin.com/company/midwest-internet-exchange> > <https://twitter.com/mdwestix> > The Brothers WISP <http://www.thebrotherswisp.com

Re: EFF Call for sign-ons: ISPs, networking companies and engineers opposed to FCC privacy repeal

Mike: My guess is you do not. Which is -precisely- why the users (proletariat?) need to find a way to stop you. Hence laws & regulations. Later in this thread you said “we are done here”. Would that you were so lucky. -- TTFN, patrick > On Mar 28, 2017, at 5:58 PM, Mike Hammett

Re: EFF Call for sign-ons: ISPs, networking companies and engineers opposed to FCC privacy repeal

> - > Mike Hammett > Intelligent Computing Solutions > > Midwest Internet Exchange > > The Brothers WISP > > - Original Message - > > From: "Patrick W. Gilmore" <patr...@ianai.net> > To: "NANOG list" <nanog@nanog.or

Re: EFF Call for sign-ons: ISPs, networking companies and engineers opposed to FCC privacy repeal

I am somehow please that Mr. Glass does not find me a “knowledgeable network professional”. It feels like a badge of honor. Any other “not” knowledgeable network professionals want to come forward and accept this badge? Personally, I find the FCC’s current rules to be sub-optimal. But saying a

Re: Conference Videos

On Mar 13, 2017, at 6:06 PM, Steve Feldman wrote: > On Mar 13, 2017, at 2:52 PM, Mike Hammett wrote: >> >> Another organization I'm in has a hard policy of no recordings of any >> sessions at their conferences. They think that recordings of content

Re: google ipv6 routes via cogent

On Mar 3, 2017, at 9:05 PM, Job Snijders <j...@instituut.net> wrote: > On Fri, Mar 03, 2017 at 09:42:04AM -0500, Patrick W. Gilmore wrote: >> On Mar 3, 2017, at 7:00 AM, Nick Hilliard <n...@foobar.org> wrote: >>> Niels Bakker wrote: >>>> As I explained in

Re: google ipv6 routes via cogent

On Mar 3, 2017, at 7:00 AM, Nick Hilliard wrote: > > Niels Bakker wrote: >> As I explained in the rest of my email that you conveniently didn't >> quote, it's so that you can selectively import routes from all your >> providers in situations where your router cannot handle a

Re: SHA1 collisions proven possisble

Composed on a virtual keyboard, please forgive typos. On Feb 26, 2017, at 21:16, Matt Palmer <mpal...@hezmatt.org> wrote: >> On Sun, Feb 26, 2017 at 05:41:47PM -0600, Brett Frankenberger wrote: >>> On Sun, Feb 26, 2017 at 12:18:48PM -0500, Patrick W. Gilmore wrote: >&g

Re: SHA1 collisions proven possisble

On Feb 25, 2017, at 17:44, Jimmy Hess <mysi...@gmail.com> wrote: >> On Thu, Feb 23, 2017 at 2:03 PM, Patrick W. Gilmore <patr...@ianai.net> >> wrote: >> >> For instance, someone cannot take Verisign’s root cert and create a cert >> which collide

Re: SHA1 collisions proven possisble

On Feb 24, 2017, at 12:04 PM, Vincent Bernat <ber...@luffy.cx> wrote: > ❦ 23 février 2017 21:16 -0500, "Patrick W. Gilmore" <patr...@ianai.net> : > >> A couple things will make this slightly less useful for the attacker: >> 1) How many people are

Re: SHA1 collisions proven possisble

On Feb 23, 2017, at 9:08 PM, valdis.kletni...@vt.edu wrote: > On Thu, 23 Feb 2017 20:56:28 -0500, "Patrick W. Gilmore" said: > >> According to the blog post, you can create two documents which have the same >> hash, but you do not know what that hash is until the algor

Re: SHA1 collisions proven possisble

On Feb 23, 2017, at 6:21 PM, valdis.kletni...@vt.edu wrote: > On Thu, 23 Feb 2017 17:40:42 -0500, "Ricky Beam" said: > >> cost! However this in no way invalidates SHA-1 or documents signed by >> SHA-1. > > We negotiate a contract with terms favorable to you. You sign it (or more > correctly,

Re: SHA1 collisions proven possisble

On Feb 23, 2017, at 2:59 PM, Ca By wrote: > On Thu, Feb 23, 2017 at 10:27 AM Grant Ridder wrote: > >> Coworker passed this on to me. >> >> Looks like SHA1 hash collisions are now achievable in a reasonable time >> period >> https://shattered.io/ >>

Re: gagging *IX directors re snoop/block orders

There is one problem: The article is factually incorrect on multiple points. So comparing A to B when B is a fairy tale does not make much sense. The proposed constitutional changes are in the public domain. -- TTFN, patrick P.S. Full disclosure, I am a LINX director. So maybe I’m saying this

Re: YouTube streaming failures

I cannot stream on AppleTV or iPhone. Works on my laptop. Comcast, Massachusetts. -- TTFN, patrick > On Feb 12, 2017, at 8:08 PM, Brett A Mansfield > wrote: > > I'm seeing this as well, but only on Apple and Linux products. Seems to be > working fine on

Re: Akamai and Instagram Ranges

Akamai does not give out the IP space they use, for good and valid reasons. Also, Akamai -is- a cache (just pretend for sake of this argument that none of you is ridiculously overly pedantic). If you are trying to cache on-net, why not just ask them to do it for you? It’s free.

Re: How ISPs bill : Time Zones & 95th Percentile Calculations

NANOG’ers: Steve McManus of Akamai and I have a few questions regarding how providers use time zones for billing, and how the 95th percentile (95/5) is calculated. Many ISPs use UTC on logs and such for reasons which should be obvious. But do they use local time for billing? What if there are

Re: Common Reliable Out Of Band Management Options at Carrier Hotels

llory therefore does not accept > liability for any errors or omissions in the contents of this message, which > arise as a result of e-mail transmission. . > > -Original Message- > From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Patrick W. Gilmore > Sent: Wed

Re: Common Reliable Out Of Band Management Options at Carrier Hotels

+1 for OpenGear + LTE / cell. Obviously POTS works and is available in any carrier hotel and not insanely expensive. Also, lots (not all) colocation providers will give you very cheap ethernet OOB. (E.g. Our colo gives you GigE for the cost of the xconn + 2 Mbps 95/5 free.) I would ask before

Re: Dyn DDoS this AM?

On Oct 21, 2016, at 12:40 PM, David Hubbard wrote: > > Do we know the attack destinations so we can watch transit traffic destined > for it to help sources that may be unaware? My guess is you should track anything to as33517. -- TTFN, patrick

Re: Dyn DDoS this AM?

hat I can share to raise awareness. > > > > > - > Mike Hammett > Intelligent Computing Solutions > http://www.ics-il.com > > Midwest-IX > http://www.midwest-ix.com > > - Original Message - > > From: "Patrick W. Gilmore" <pa

Re: Dyn DDoS this AM?

Attack has re-started. This is the time, folks. Rally the troops, offer help, watch your flow. STOP THIS NOW. -- TTFN, patrick > On Oct 21, 2016, at 11:48 AM, Patrick W. Gilmore <patr...@ianai.net> wrote: > > I cannot give additional info other than what’s been o

Re: Dyn DDoS this AM?

I cannot give additional info other than what’s been on “public media”. However, I would very much like to say that this is a horrific trend on the Internet. The idea that someone can mention a DDoS then get DDoS’ed Can Not Stand. See Krebs’ on the Democratization of Censorship. See lots of

Re: 18 years ago today - rfc 2468

We do. Thank you for reminding us. And thanks to Dr. Postel for making what we do possible. -- TTFN, patrick > On Oct 15, 2016, at 9:19 AM, Rodney Joffe wrote: > > To be clear - Oct 16. Which has just tolled in the APAC region. For most of > you it will be tomorrow.

Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey

On Sep 27, 2016, at 11:49 AM, Roland Dobbins <rdobb...@arbor.net> wrote: > On 27 Sep 2016, at 22:37, Patrick W. Gilmore wrote: >> All the more reason to educate people TODAY on why having vulnerable devices >> is a Very Bad Idea. > > Yes, but how do they de

Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey

On Sep 27, 2016, at 11:35 AM, Roland Dobbins wrote: > On 27 Sep 2016, at 21:48, Brielle Bruns wrote: >> You start cutting off users or putting them into a walled garden until they >> fix their machines, and they will start caring. > > It's important to keep in mind that in

Re: IP addresses being attacked in Krebs DDoS?

On Sep 25, 2016, at 6:35 PM, Brett Glass <na...@brettglass.com> wrote: > At 03:50 PM 9/25/2016, Patrick W. Gilmore wrote: >> What Brett is asking seems reasonable, even useful. Unfortunately, it is not >> as simple as posting a list of addresses on a website. >> >

Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey

On Sep 25, 2016, at 5:50 PM, ryan landry wrote: > On Sun, Sep 25, 2016 at 9:07 PM, Mark Andrews wrote: >> This is such a golden opportunity for each of you to find compromised >> hosts on your network or your customer's network. The number of >> genuine

Re: IP addresses being attacked in Krebs DDoS?

On Sep 25, 2016, at 4:01 PM, Brett Glass wrote: > As an ISP who is pro-active when it comes to security, I'd like to know what > IP address(es) are being hit by the Krebs on Security DDoS attack. If we > know, we can warn customers that they are harboring infected PCs

Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey

Is CloudFlare able to filter Layer 7 these days? I was under the impression CloudFlare was not able to do that. There have been a lot of rumors about this attack. Some say reflection, others say Layer 7, others say .. other stuff. If it is Layer 7, how are you going to ‘step in front of the

Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey

On Sep 23, 2016, at 1:58 PM, Grant Ridder wrote: > > Didn't realize Akamai kicked out or disabled customers > http://www.zdnet.com/article/krebs-on-security-booted-off-akamai-network-after-ddos-attack-proves-pricey/ > > "Security blog Krebs on Security has been taken

Re: Comparing carrier hotels and colo: How much are you paying per 208V 30A circuit

L6-30s are probably the most common power drop in colocation. A) Is proprietary. I won’t pretend you will get zero answers, lots of people will likely break their NDAs. B) You can find any and all of those options. C) Ditto. Are you looking for specific cities or buildings? Or just trying to

Re: cloudflare hosting a ddos service?

CloudFlare will claim they are not hosting the problem. They are just hosting the web page that lets you pay for or points at or otherwise directs you to the problem. The actual source of packets is some other IP address. Therefore, they can keep hosting the web page. It is not sending the

Re: Military coup in Turkey?

http://www.telegraph.co.uk/news/2016/07/15/turkey-low-flying-jets-and-gunfire-heard-in-ankara1/ -- TTFN, patrick > On Jul 15, 2016, at 4:44 PM, b...@theworld.com wrote: > > > It looks to me like the Turkish internet is unreachable. > > -- >-Barry Shein > > Software Tool & Die|

Re: Leap Second planned for 2016

On Jul 8, 2016, at 7:47 PM, Saku Ytti wrote: > On 9 July 2016 at 02:27, Jared Mauch wrote: >> Time is actually harder than it seems. Many bits of software break in >> unexpected ways. Expect the unexpected. > > Aye. How many have written code like this: >

Re: cross connects and their pound of flesh

. what gets run over it is nobody's business but the person > controlling the end points. > > David Barak > Sent from mobile device, please excuse autocorrection artifacts > >> On Jun 19, 2016, at 8:30 AM, Patrick W. Gilmore <patr...@ianai.net> wrote: >> >> Actu

Re: cross connects and their pound of flesh

Actually, back in the T1/T3 days, colos frequently asked what you ran on the cable and then charged you based on the capacity of the circuit - even when it was the same exact cable. Of course, none of us would ever ask for T1 xconn then run ethernet over it. Colo providers are absolutely

Appeals court upholds Network Neutrality rules

Presented without comment: https://www.washingtonpost.com/news/the-switch/wp/2016/06/14/the-fcc-just-won-a-sweeping-victory-on-net-neutrality-in-federal-court/ Seems topical to NANOG audience. -- TTFN, patrick

Re: NANOG67 - Tipping point of community and sponsor bashing?

On Jun 14, 2016, at 11:50 AM, Hugo Slabbert wrote: > On Tue 2016-Jun-14 10:12:10 -0500, Matt Peterson wrote: > >> This week at NANOG67, a presentation was given early on that did not >> reflect well for our community at large. Regardless of the content or >>

Re: Cogent & Google IPv6

On Feb 24, 2016, at 4:48 PM, Ricky Beam <jfb...@gmail.com> wrote: > On Wed, 24 Feb 2016 15:48:22 -0500, Patrick W. Gilmore <patr...@ianai.net> > wrote: >> And Ricky is wrong, the vast majority of prefixes Cogent routes have zero >> dollars behind them. Cogent get

Re: Cogent & Google IPv6

“Tier One” used to mean SFI or customer downstream to every prefix on the ‘Net. Today it is more like “transit free”, since some “tier one” providers have paid peering. And Ricky is wrong, the vast majority of prefixes Cogent routes have zero dollars behind them. Cogent gets paid by customers,

Re: Cogent & Google IPv6

www.ics-il.com > > Midwest-IX > http://www.midwest-ix.com > > - Original Message - > > From: "Patrick W. Gilmore" <patr...@ianai.net> > To: "NANOG list" <nanog@nanog.org> > Sent: Wednesday, February 24, 2016 2:12:07 PM > S

Re: Cogent & Google IPv6

Are HE & Google the new L3 & FT? Nah, L3 would never have baked Cogent a cake. :) Shall we start a pool? Only problem is, should the pool be “who will disconnect from Cogent next?” or “when will Cogent blink?” I’m voting for the former. -- TTFN, patrick > On Feb 24, 2016, at 3:08 PM, Baldur

Re: Cogent & Google IPv6

To answer Matt’s question, NO. Assume Cogent peers with NTT. Assume Google peers with NTT. NTT has very good v6 connectivity (not an assumption). Cogent cannot send a packet to NTT and say “please hand this to Google”. Nor can Google hand a packet to NTT with a destination of Cogent. Under

Re: PCH Peering Paper

destination. Likely the vast majority of bits traverse at least 3 > autonomous systems in the process. > > So when you want to count traffic that went over a non-contract peering > session vs. traffic that went over a contract peering session, how do you > count traffic that traverses s

  1   2   3   4   5   6   7   8   >