On Jan 13, 2009, at 11:53 AM, David Barak wrote:
--- On Tue, 1/13/09, Jared Mauch ja...@puck.nether.net wrote:
No, they are both victims. If I inject a path that
purports
there is an edge between two networks which are engaged in
a bitter
dispute, (i'll use cogent sprint as an
On Jan 13, 2009, at 1:18 PM, Matthew Kaufman wrote:
Patrick W. Gilmore wrote:
Filtering and other manipulation happened on your router,
prepending my ASN is putting that information into every router.
That seems to be a serious qualitative difference to me. Do you
disagree?
I think
On Jan 13, 2009, at 1:27 PM, Adrian Chadd wrote:
On Tue, Jan 13, 2009, Patrick W. Gilmore wrote:
How can anyone seriously argue the ASN owner is somehow wrong and
keep
a straight face? How can anyone else who actually runs a network not
see that as ridiculous?
Speaking purely
Seriously, you believe it's OK to blame the guy whose ASN was spoofed
for spending too long researching it?
I was _literally_ shaking my head when I read that.
--
TTFN,
patrick
On Jan 12, 2009, at 2:47 PM, Patrick W. Gilmore wrote:
On Jan 12, 2009, at 1:17 PM, Seth Mattinen wrote:
Jeffrey Lyon wrote:
Mike,
Aside from the occasional peering wars i've never had or witnessed
any
serious issues with Cogent. If you want some redundancy you might
also
try some other
On Jan 12, 2009, at 4:12 PM, Joe Abley wrote:
On 2009-01-12, at 15:39, Florian Weimer wrote:
So does academic mean unethical these days?
I think this is over the line. You can't put other people's IDs into
routing data on production networks. (Well, technically you can,
obviously, but you
On Jan 12, 2009, at 5:55 PM, Michienne Dixon wrote:
But isn't this method kind of related to how an network from the
Mediterranean/Mid-east went about blocking what they felt was
undesirable/offensive content from entering their network?
No.
--
TTFN,
patrick
On Jan 5, 2009, at 3:39 AM, Gadi Evron wrote:
On Sun, 4 Jan 2009, kris foster wrote:
On Jan 4, 2009, at 11:11 PM, Gadi Evron wrote:
On Mon, 5 Jan 2009, Patrick W. Gilmore wrote:
On Jan 5, 2009, at 1:33 AM, Roland Dobbins wrote:
On Jan 5, 2009, at 2:08 PM, Patrick W. Gilmore wrote:
I can
On Jan 5, 2009, at 2:54 AM, Roland Dobbins wrote:
On Jan 5, 2009, at 3:04 PM, Patrick W. Gilmore wrote:
I can think of several instances where it _must_ be external. For
instance, as I said before, knowing which intermediate networks are
incapable of handling the additional load is useful
On Jan 4, 2009, at 9:18 PM, deles...@gmail.com wrote:
Super risky. This would be a 99% legal worry plus. Unless all the
end points and networks they cross sign off on it the risk is beyond
huge.
Since when do I need permission of networks they cross to send data
from a machine I
On Jan 5, 2009, at 1:33 AM, Roland Dobbins wrote:
On Jan 5, 2009, at 2:08 PM, Patrick W. Gilmore wrote:
You want to 'attack' yourself, I do not see any problems. And I
see lots of possible benefits.
This can be done internally using various traffic-generation and
exploit-testing tools
On Dec 19, 2008, at 12:27 AM, Suresh Ramasubramanian wrote:
Even if a longer prefix like a /24 is announced, chances of people
accepting it is slim. Especially, as you say, if the RIR allocation
is something larger than /24
And I have a feeling acceptance /24 route announcements of anything
Even if a longer prefix like a /24 is announced, chances of people
accepting it is slim. Especially, as you say, if the RIR allocation
is something larger than /24
And I have a feeling acceptance /24 route announcements of anything
other than legacy classful space, infrastructure space like
On Dec 19, 2008, at 10:53 AM, Joe Abley wrote:
It'd be nice if some grad student somewhere with friends in the
operations community was to experiment with /24s carved out of
larger blocks from all over the planet and present some empirical
data.
We don't need a student. We have actual
On Dec 10, 2008, at 11:08 AM, Cvetan Ivanov wrote:
Marshall Eubanks wrote:
Is there some reason why 65000 is especially problematic ?
65000 and above are private as numbers and should not be seen in the
global table.
64512 above.
--
TTFN,
patrick
On Dec 1, 2008, at 4:58 AM, Måns Nilsson wrote:
--On söndag, söndag 30 nov 2008 23.05.01 -0500 Patrick W. Gilmore
[EMAIL PROTECTED] wrote:
In Sweden, the reason to not choose NetNod (and to go with the smaller
exchangepoints) is price and only price. No swedish ISP I know of has
stated
On Dec 1, 2008, at 9:12 AM, Randy Bush wrote:
I don't think any IXP can become a significant player on the Internet
today by only attracting participants from the country in question.
netnod is very successful. i guess they must operate from more than
sweden, then, eh?
NetNod is
On Dec 1, 2008, at 9:30 AM, Randy Bush wrote:
some go to sweden for the weather. some go for netnode. netnode does
not go to them. and yes, netnod is bunkered up the ying yang. qed.
By your logic, every IXP which has any participants is a good model
and cannot be improved. An obvious
On Dec 1, 2008, at 11:06 AM, Måns Nilsson wrote:
End of day, an IXP is not some magical thing. It is an ethernet
switch
allowing multiple networks to exchange traffic more easily than
direct
interconnection - and that is all it should be. It should not be
mission
critical. Treating it
On Dec 1, 2008, at 2:05 PM, Jean-François Mezei wrote:
Patrick W. Gilmore wrote:
End of day, an IXP is not some magical thing. It is an ethernet
switch allowing multiple networks to exchange traffic more easily
than
direct interconnection - and that is all it should be. It should
On Dec 1, 2008, at 2:19 PM, Lyndon Nerenberg wrote:
On 1-Dec-08, at 10:27 AM, Danny McPherson wrote:
On a related noted, some have professed that adapting old
ships into data centers would provide eco-friendly secure
data center solutions.
Your data connection to shore is going to be tenuous
On Nov 30, 2008, at 10:50 PM, Niels Bakker wrote:
* [EMAIL PROTECTED] (Patrick W. Gilmore) [Mon 01 Dec 2008, 02:34 CET]:
On Nov 28, 2008, at 4:04 PM, Jean-François Mezei wrote:
The advantage of this swedish data centre is that even if its
location is well known, it is pretty hard to harm
Possibly silly question:
If a small ISP is leaking a full table and you cannot reach them, why
not contact their upstreams?
Can't really check a router from here, but I saw (for instance) Verio
mentioned. I am certain as2914 runs a 24/7 NOC and is responsive.
--
TTFN,
patrick
On Nov 5, 2008, at 6:14 AM, Jasper Bryant-Greene wrote:
Isn't it because the receiver is more likely to backhaul the traffic
further, due to hot-potato routing - at least in the case of large
networks with multiple points of interconnect?
That's the reason given. One can argue over
On Nov 4, 2008, at 9:49 AM, David Freedman wrote:
2. The Internet cannot route around de-peering
I know everyone believes the Internet routes around failures.
While
occasionally true, it does not hold in this case. To route
around the
failure would require transit. See item #1.
The
On Nov 4, 2008, at 11:02 AM, David Schwartz wrote:
Patrick W. Gilmore wrote:
On Nov 4, 2008, at 9:49 AM, David Freedman wrote:
2. The Internet cannot route around de-peering
I know everyone believes the Internet routes around failures.
While
occasionally true, it does not hold in this case
could say the current situation is a political success.
--
TTFN,
patrick
-Original Message-
From: Patrick W. Gilmore [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 04, 2008 8:10 AM
To: NANOG list
Subject: Re: Sprint v. Cogent, some clarity facts
On Nov 4, 2008, at 11:02 AM, David
On Nov 3, 2008, at 9:41 AM, HRH Sven Olaf Prinz von CyberBunker-
Kamphuis MP wrote:
No, but the providers who provide those connections should be
multihomed.
If they're not, I'd consider switching providers. Simple as that.
multihomed to whichever parties decide to generate split ups on
On Nov 3, 2008, at 10:03 AM, David Schwartz wrote:
Patrick W. Gilmore wrote:
4. There is a reason behind ratios which has nothing to do with telco
sender-pays
There is an alleged reason.
Peering rations were first 'big news' when BBN wanted to de-peer
Above.Net, Global Center, and Exodus
On Nov 3, 2008, at 10:41 AM, Tore Anderson wrote:
Another point worth mentioning is that the traffic is going to flow
between those two ISPs _anyway_.
I believe the events of 2-3 days ago disproves your assertion.
Therefore, in many cases the only
ones to profit from them not reaching a
On Nov 3, 2008, at 2:35 AM, Paul Wall wrote:
On Mon, Nov 3, 2008 at 1:26 AM, Patrick W. Gilmore
[EMAIL PROTECTED] wrote:
1. Neither Sprint nor Cogent have transit
Both Sprint Cogent are transit-free networks. (Notice how I
carefully
avoided saying tier one?)
How do you explain Cogent's
On Nov 3, 2008, at 4:26 AM, Florian Weimer wrote:
* Patrick W. Gilmore:
1. Neither Sprint nor Cogent have transit
Both Sprint Cogent are transit-free networks. (Notice how I
carefully avoided saying tier one?) Whether one or both _should_
have transit is not a fact, and therefore outside
On Nov 3, 2008, at 3:49 PM, Rod Beck wrote:
And a 'Tier One' nework is a transit-free network that can reach all
end points (end user IP addresses)?
A transit free network that has no settlements.
Which means no network is strictly tier one. Read
On Nov 3, 2008, at 8:16 PM, George William Herbert wrote:
Patrick writes:
3. Standard transit contracts do not guarantee full connectivity
If you are a Cogent customer, it is very unlikely your contract will
allow you SLA or other credits for not being able to reach Sprint
unless you negotiated
On Nov 2, 2008, at 7:06 PM, Randy Epstein wrote:
https://www.sprint.net/cogent.php
Yes, I've read it. They need to fix their TITLE.
So while Cogent was depeered by Sprint, we contacted the CEO of
Cogent on
Friday to try and arrange at least a temporary peering arrangement
so that
bits
Having skimmed the Sprint / Cogent threads, I saw multiple errors and
lots of really bad guesses. Instead of replying individually, I
thought I would sum up a few facts so everyone was on the same page.
This way when we run off into another 100 post thread, we can at least
-start- from
On Oct 31, 2008, at 1:32 AM, Nelson Lai wrote:
Why do some companies like Cogent get depeered relatively often and
companies like Teleglobe don't even get talked about and operate in
silence free from depeering?
That's funny. One of the first networks to de-peer Cogent was
Teleglobe.
On Nov 1, 2008, at 12:05 PM, Chris Adams wrote:
Once upon a time, bas [EMAIL PROTECTED] said:
I've heard eyeball networks refer to traffic flows as sending too..
You content hosters are sending us too much traffic, we want money
to
upgrade ports and transport all that traffic Complete
On Oct 31, 2008, at 1:44 PM, Majdi S. Abbas wrote:
On Fri, Oct 31, 2008 at 01:20:23PM -0400, Randy Epstein wrote:
We hope Sprint and Cogent work out their differences, but in the
mean time,
we unfortunately will remain partitioned from Cogent.
Randy,
This brings up
On Oct 31, 2008, at 10:33 AM, Marshall Eubanks wrote:
Maybe they can bring it up at the November 4th FCC open meeting :
[snip]
While I agree regulation is a possible outcome, I am always amazed at
the US gov't self-delusion that they can somehow regulate something
like the Internet.
On Oct 30, 2008, at 10:49 AM, Todd Underwood wrote:
so far there have been some good values articulated and there may be
more (reach, latency, diversity of path, diversity of capacity,
control, flexibility, options, price negotation) and some additional
costs have been mentioned (capex for
with no
loss of redundancy. Plus you get all the other things peering is good
for.
--
TTFN,
patrick
-Original Message-
From: Patrick W. Gilmore [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 30, 2008 12:15 PM
To: NANOG list
Subject: Re: Peering - Benefits?
On Oct 30, 2008, at 10:49 AM
On Oct 30, 2008, at 6:08 PM, Joe Greco wrote:
Looks like maybe Sprint and Cogent are experiencing communications
difficulties in the DC (and probably other) areas. Theories include
a potential depeering.
Not a theory.
--
TTFN,
patrick
On Oct 30, 2008, at 10:19 PM, vijay gill wrote:
This is probably going to be a somewhat unpopular opinion, mostly
because people cannot figure out their COGS. If you can get transit
for cheaper than your COGS, you are better off buying transit and not
peering. There are some small arguments to
On Oct 31, 2008, at 1:05 AM, vijay gill wrote:
On Thu, Oct 30, 2008 at 9:41 PM, Patrick W. Gilmore
[EMAIL PROTECTED] wrote:
On Oct 30, 2008, at 10:19 PM, vijay gill wrote:
This is probably going to be a somewhat unpopular opinion, mostly
because people cannot figure out their COGS. If you
[Sorry for top post, the Jesus-Phone still needs some work.]
If any one cares, I vote for #1.
--
TTFN,
patrick
iPhone 3-J
(That's 3-Jezuz for the uninitiated.)
On Oct 3, 2008, at 17:45, Steve Feldman [EMAIL PROTECTED] wrote:
On Oct 2, 2008, at 3:16 PM, Steve Gibbard wrote:
... I notice
On Oct 2, 2008, at 3:07 AM, Philip Smith wrote:
Please take a moment to look at the current charter amendment
proposals
for the October ballot at:
http://www.nanog.org/charter/
If you have comments on the proposals, please post them on the
nanog-futures list or send them to [EMAIL
On Oct 2, 2008, at 9:33 AM, Laurence F. Sheldon, Jr. wrote:
Joe Abley wrote:
How about moving the meta-nanog themes in this thread to nanog-
futures, instead of adding to the noise on the main list?
Because nobody reads it?
I've been called a lot of things, but I can't seem to remember
On Oct 1, 2008, at 1:52 PM, Patrick W. Gilmore wrote:
[#include: boiler-plate apology for operational content]
Google has released its PUE numbers:
http://www.google.com/corporate/datacenters/measuring.html
There is a nice explanation of this, including a graph showing why
DC efficiency
[#include: boiler-plate apology for operational content]
Google has released its PUE numbers:
http://www.google.com/corporate/datacenters/measuring.html
There is a nice explanation of this, including a graph showing why DC
efficiency is more important than machine efficiency (on the second
On Sep 22, 2008, at 4:33 PM, Tom Sparks (Applied Operations) wrote:
Basically is what it boils down to for me - its easy to blame
an NSP/ISP/Hoster for what their clients do, it takes real
dedication to
find out whats *actually* going on.
Tom,
Atrivo is not just a spammer, and Intercage
] wrote:
Patrick W. Gilmore wrote:
There is no law or even custom stopping me from asking you to prove
you are worthy to connect to my network.
There may not be a law preventing you from asking him for proof of
legitimate customers, but there is a law preventing him from
answering you
On Sep 21, 2008, at 4:21 PM, Emil Kacperski wrote:
Don't believe everything you read.
Most excellent advice.
[SNIP]
--
TTFN,
patrick
On Sep 17, 2008, at 4:07 PM, David Ulevitch wrote:
Patrick W. Gilmore wrote:
On Sep 17, 2008, at 1:32 PM, David Ulevitch wrote:
At the end of the day, nobody is going to drop packets for
amazon's IP space.
I'm afraid reality disagrees with you - there already are networks
doing it.
Being
On Sep 17, 2008, at 1:32 PM, David Ulevitch wrote:
Christopher Morrow wrote:
How about providing some open-source intelligence in a centralized
and
machine-parsable fashion (perhaps with community input of intel even)
which would allow better decsions to be made?
Reputation based on
On Sep 16, 2008, at 1:55 AM, Paul Ferguson wrote:
By the way, a lot of folks are watching all domains registered
within Atrivo/Intercage IP address space every day. Here's a few
for you to decide -- and they have been registered only in the past
few days:
undaground.biz
pillshere.net
On Sep 12, 2008, at 3:02 PM, Steve Gibbard wrote:
On Fri, 12 Sep 2008, Patrick W. Gilmore wrote:
Going back a bit in case you forgot, we were discussing the fact
you have NO RIGHT to connect to my network, it is a privilege, not
a right. You responded with: If I have either a peering
On Sep 12, 2008, at 1:42 AM, Lamar Owen wrote:
[On-list comment. Off-list comments longer.]
On Thursday 11 September 2008 22:23:35 Patrick W. Gilmore wrote:
If I have either a peering agreement or a transit arrangement with a
written
contract, then that contract supports my 'rights' under
On Sep 12, 2008, at 1:43 PM, Patrick W. Gilmore wrote:
Oh, and I notice you ignored my question, again. I won't bother
copy/pasting it here just to have you continue to ignore it, I think
the audience gets the point - you don't have an answer.
In fairness, he sent me an answer privately
On Sep 11, 2008, at 8:50 AM, Lamar Owen wrote:
On Thursday 11 September 2008 06:23:29 [EMAIL PROTECTED] wrote:
This is not a court. In court, if you are determined guilty a large
punishment may be exacted
Depeering is not a large punishment?
In the internet world, mass depeering /
On Sep 11, 2008, at 6:52 PM, Randy Bush wrote:
In the internet world, mass depeering / de-transitting like we've
see in this instance is akin to capital punishment. By vigilantes.
The US Old West redux.
Connecting to my network is a PRIVILEGE, not a right. You lose a
criminal case, you lose
On Sep 11, 2008, at 9:11 PM, Lamar Owen wrote:
On Thursday 11 September 2008 18:37:59 Patrick W. Gilmore wrote:
On Sep 11, 2008, at 8:50 AM, Lamar Owen wrote:
On Thursday 11 September 2008 06:23:29 [EMAIL PROTECTED] wrote:
This is not a court. In court, if you are determined guilty a large
On Sep 7, 2008, at 8:16 AM, Andrew D Kirch wrote:
Brandon Butterworth wrote:
Anton's post that GX is still providing them transit is a bit
curious, since
I was under the impression GX had severed all ties with Atrivo.
But the
table does not lie, a path of 174 3549 27595 is clearly
On Sep 7, 2008, at 4:32 AM, InterCage - Russ wrote:
Seeing the activity in regards to our company here at NANOG, I
believe this is the most reasonable and responsible place to respond
to the current issues on our network. We hope to obtain non-bias
opinion's and good honest and truthful
On Sep 7, 2008, at 11:58 AM, Patrick W. Gilmore wrote:
On Sep 7, 2008, at 4:32 AM, InterCage - Russ wrote:
Seeing the activity in regards to our company here at NANOG, I
believe this is the most reasonable and responsible place to
respond to the current issues on our network. We hope
On Sep 6, 2008, at 1:27 PM, Paul Wall wrote:
A quick look at route-views will confirm that Atrivo is multi-homed.
And WV Fiber is a transit provider to them, not a peer.
As NANOG community members in good standing, I'm sure WV, nLayer, etc
would take the appropriate action if you were to
On Sep 4, 2008, at 12:52 PM, Jo Rhett wrote:
Count you which way? You seem to agree with me. Everyone should be
doing both, not discounting BCP38 because they aren't seeing an
attack right now.
No one sees attacks that BCP38 would stop?
Wow, I thought things like the Kaminsky bug were
On Sep 4, 2008, at 1:14 PM, james wrote:
On Sep 4, 2008, at 7:24 AM, James Jun wrote:
Indeed... In today's internet, protecting your own box
(cp-policer/ control
plane filtering) is far more important IMO than
implementing BCP38 when much
of attack traffic comes from legitimate IP sources
the thread is already confused)
Sorry for the confusion.
Yes, I am a BCP38 evangelist. I apologize if it came across wrong.
--
TTFN,
patrick
On Sep 4, 2008, at 10:05 AM, Patrick W. Gilmore wrote:
On Sep 4, 2008, at 12:52 PM, Jo Rhett wrote:
Count you which way? You seem to agree with me
On Sep 4, 2008, at 3:38 PM, Gadi Evron wrote:
On Thu, 4 Sep 2008, Jo Rhett wrote:
On Sep 4, 2008, at 7:24 AM, James Jun wrote:
Indeed... In today's internet, protecting your own box (cp-policer/
control
plane filtering) is far more important IMO than implementing BCP38
when much
of attack
On Aug 29, 2008, at 22:41, jim deleskie [EMAIL PROTECTED] wrote:
I'm afraid of the answer to that question
No you are not, since you already know the answer.
--
TTFN,
patrick
On Fri, Aug 29, 2008 at 11:25 PM, Adrian Chadd
[EMAIL PROTECTED] wrote:
On Fri, Aug 29, 2008, jim deleskie
On Aug 28, 2008, at 6:25 AM, Suresh Ramasubramanian wrote:
Most of the spammer acquired /16s have been
1. pre arin
2. caused by buying up assets of long defunct companies .. assets that
just happen to include a /16 nobody knew about
Not exactly hijacks this lot .. just like those barely
On Aug 27, 2008, at 11:07 PM, John Lee wrote:
1. The technique is not new it is well known BGP behavior and not
stealthy to people who route for a living.
Using existing technology in novel ways is still novel. Plus it makes
the technique more accessible. (Perhaps that is not a good
On Aug 27, 2008, at 11:47 PM, John Lee wrote:
The traceroute utility that I used gave me a list of hops that the
packet I was interested in transited and a time when it transited
the hop. When the TTL was reached it would terminate the listing.
You are very confused how traceroute works.
On Aug 28, 2008, at 1:40 AM, Jim Popovitch wrote:
On Thu, Aug 28, 2008 at 1:22 AM, Patrick W. Gilmore
[EMAIL PROTECTED] wrote:
Assuming it is in the wrong place, you may be able to detect the
intrusion. But most people do not run traceroutes all day and
watch for it
to change. If you run
On Aug 13, 2008, at 4:48 PM, Jared Mauch wrote:
On Wed, Aug 13, 2008 at 10:04:27PM +0200, Mikael Abrahamsson wrote:
The italian courts seem to have told ISPs there to block ThePirateBay
(bittorrent tracker), and this evening (CET) LLNW (AS22822)
originated
88.80.6.0/24 via 6762 (telecom
On Aug 13, 2008, at 5:04 PM, Jared Mauch wrote:
On Wed, Aug 13, 2008 at 04:52:46PM -0400, Patrick W. Gilmore wrote:
Sure. I'd also like to see providers actually just shut
off customers that originate stuff like ms-sql slammer
packets still. But it keeps flowing. I'm sure
On Aug 12, 2008, at 3:37 AM, Paul Wall wrote:
If it were as easy as you make it sound, I can assure you people would
be doing it.
People are. I (and others) mentioned SIX TorIX, plus I mentioned
PaNAP. Then there's AtlantaIX, although that recently got slurped by
TelX. (Hrmmm, could
On Aug 12, 2008, at 10:23 AM, David Diaz wrote:
Second, I have heard a lot of talk about SIX over the last year or
so and there is no guarantees that situation won't change.
As a board member of SIX, I can tell you that we are not going away
any time soon.
--
TTFN,
patrick
On Aug 12, 2008, at 7:54 PM, Glen Kent wrote:
The outgoing packets from traceroute are sent towards the destination
using UDP and very high port numbers, typically in the range of 32,768
and higher. This is because no one is gernally expected to run UDP
services up there, so when the packet
On Aug 12, 2008, at 4:48 PM, Paul Wall wrote:
On Tue, Aug 12, 2008 at 8:32 AM, Patrick W. Gilmore
[EMAIL PROTECTED] wrote:
Tons of others exist, in big and little markets. There's one in
365 Main
SF, there's KleyReX in the same building as DE-CIX, Big APE in 111
8th, NYCx
there too
As a big ra-ra guy around peering, I thought this might be
interesting, but I do not think I agree with the numbers.
On Aug 11, 2008, at 11:15 PM, Deepak Jain wrote:
Given Cogent (and others) recent pursuit of sub $4/mb/s transit...
and the relatively flat cost of a paid peering fabric
On Aug 7, 2008, at 2:04 PM, Pete Templin wrote:
Patrick W. Gilmore wrote:
Filter your bogons. But do it in an automated fashion, from a
trusted source.
Of course, I recommend Team Cymru, which has a most sterling
record. Nearly perfect (other than the fact they still recommend
MD5
[Just a correction because Randy attributed something to me that I
didn't do.]
On Aug 7, 2008, at 4:14 PM, Randy Bush wrote:
btw, patrick neglected the last sentences of that paragraph, which
made
me wonder what rob would actually say. luckily, in response to my
post,
rob replied that
On Aug 7, 2008, at 5:35 PM, Robert E. Seastrom wrote:
Randy Bush [EMAIL PROTECTED] writes:
How much does it help to filter the bogons? In one study
conducted by
Rob Thomas of a frequently attacked site, fully 60% of the naughty
packets were obvious bogons (e.g. 127.1.2.3, 0.5.4.3, etc.)
On Aug 6, 2008, at 10:28 AM, Rob Thomas wrote:
This makes sense especially for static filters. Automated feeds,
such as the bogon route-server or DNS zones, leaves folks with
options.
Honestly, I don't believe the 80/20 rules applies here.
Until all transit networks are willing to
On Aug 6, 2008, at 11:46 AM, Laurence F. Sheldon, Jr. wrote:
Leo Bicknell wrote:
Have bogon filters outlived their use? Is it time to recommend
people
go to a simpler bogon filter (e.g. no 1918, Class D, Class E) that
doesn't need to be updated as frequently?
Seems like filtering against
On Aug 5, 2008, at 3:26 PM, Tim Sanderson wrote:
Ya sure, like any of us would admit to 50% clue-ness.
With all the posts here about bogons I would really be surprised
that any nanog readers didn't know about keeping bogons updated.
I'd be shocked it there were no people who read NANOG and
On Aug 2, 2008, at 8:24 PM, Jeff MacDonald wrote:
On Sat, Aug 02, 2008 at 11:15:06AM -0700, Tomas L. Byrnes wrote:
There's a big difference between the airlines hiking fares for future
flights, which you can see when searching, and choose the
competition;
and companies adding surcharges to
On Jul 31, 2008, at 3:28 PM, Jamie A Lawrence wrote:
On Jul 31, 2008, at 2:45 PM, Gadi Evron wrote:
Isn't malicious, just not very ethical. Having been on the
recieving end a few times.. you don't always know it is happening.
I'm not sure that's a useful distinction. I strongly doubt any
On Jul 31, 2008, at 3:34 PM, Wayne E. Bouchard wrote:
Hoping for a company which will put ethics above profit is like
looking for an honest politician. They're extremely rare.
I'm just looking for a company that looks past the next quarterly
investor call. Because then at least some ethics
On Jul 23, 2008, at 9:27 PM, Jasper Bryant-Greene wrote:
On Wed, 2008-07-23 at 21:17 -0400, Joe Abley wrote:
Luckily we have the SSL/CA architecture in place to protect any web
page served over SSL. It's a good job users are not conditioned to
click OK when told the certificate for this site is
--- [EMAIL PROTECTED] wrote:
From: Lasher, Donn [EMAIL PROTECTED]
Checked, and doublechecked, not just me
www.amazon.com returns:
Http/1.1 Service Unavailable
Anyone have a URL for a network/etc status page, or info on the
outage?
Been that way for a while this morning.
HTTPS works.
--
On May 24, 2008, at 9:15 AM, Marshall Eubanks wrote:
On May 23, 2008, at 8:15 PM, devang patel wrote:
Is that okay to use Same AS number for the two different site on
different
location?
To answer this specific question, Autonomous Systems should be
topologically convex.
This means, at
On May 5, 2008, at 10:31 PM, Gregory Hicks wrote:
From: Joe Abley [EMAIL PROTECTED]
On 5 May 2008, at 21:47, Scott Weeks wrote:
I have been waiting to send this, but please reconsider the Subject
line tag and the footer. It is very bothersome.
If given a choice, I would opt for neither.
On May 4, 2008, at 11:01 PM, David Conrad wrote:
On May 3, 2008, at 8:37 PM, Joel Jaeggli wrote:
William Warren wrote:
That also doesn't take into account how many /8's are being hoarded
by
organizations that don't need even 25% of that space.
which one's would those be?
While I wouldn't
On May 2, 2008, at 5:40 PM, jamie wrote:
You first, mister chicken-with-his-head-cut-off.
What's your plan?
Mike owns Hurricane Electric. HE.net has the most v6 routes, peering,
and pretty much any other metric you can dream up. His .sig says
Wholesale IPv4 and IPv6 Transit. What do
On May 2, 2008, at 6:01 PM, Marc Manthey wrote:
P.S.
10K of your not-so-close friends?
does this mean this list has 10.000 subscribers ?
I've heard all kinds of numbers, you can probably dig something out of
the archives.
But my understanding is there are far greater than 10K mailboxes
On Apr 18, 2008, at 4:15 PM, Scott Francis wrote:
http://www.news.com/2100-1034_3-6237715.html
I find claims that soon everything will be HD somewhat dubious
(working for a company that produces video for online distribution) -
although certainly not as eyebrow-raising as in 3 years' time,
Despite the chatter, I think we should all congratulate Merit on a
very smooth and orderly transition to the new server.
No, it was not perfect, but given all the possible outcomes, we are
definitely in the top quartile.
IMHO, of course.
--
TTFN,
patrick
601 - 700 of 706 matches
Mail list logo