On 7/13/10 11:11 AM, Dobbins, Roland wrote:
On Jul 14, 2010, at 1:02 AM, Matthew Kaufman wrote:
Dangerous in places where forwarding table exceeds hardware cache
limits. (See Code Red worm stories)
During the Code Red/Nimda period (2001), and on into the
Slammer/Blaster/Nachi period
Specifying the prefix in question is likely to produce more rapid and
cogent response.
joel
On 7/12/10 2:20 AM, Popov Max wrote:
Hello!
I am an owner of the small telecom business in Eastern Europe. We have the
provider independent network and own autonomous system number.
Due to the
On 2010-07-07 19:14, Jon Lewis wrote:
On Wed, 7 Jul 2010, Patrick Giagnocavo wrote:
andrew.wallace wrote:
Article:
http://online.wsj.com/article/SB10001424052748704545004575352983850463108.html
Why does it cost $100 million to install and configure OpenBSD on a
bunch of old systems?
On 2010-07-03 12:45, Alan Bryant wrote:
On Sat, Jul 3, 2010 at 2:22 PM, Mikemike-na...@tiedyenetworks.com wrote:
Mikrotik is great at lower end stuff where you have ethernet interfaces.
Real POS OC-3 however, ain't in it's repertory and would not be what I would
choose to route at those
If the data you need to preload is sufficiently large (e.g. 10s or
hundreds of terabytes then yeah it should come as no surprise that it
might be more convenient to move by shifting around disks. 100TB of raw
disk is around $8000.
On 2010-06-28 21:50, JC Dill wrote:
Jonathan Feldman
just fyi,
identifying the prefix in question and the origin AS will likely result
in a lot more potentially useful eyeballs looking at including those
that can take action.
joel
On 2010-06-24 12:37, Eric Williams wrote:
ATT is currently advertising my address space to the internet
not sure how they propose to enforce that, instrumentation approaches
that look inside the home gateway have a non-trivial falsh positive rate
and you've got a lot more hosts than ip addresses.
On 06/22/2010 11:30 AM, Gadi Evron wrote:
There was a lightning talk on Netdot at Nanog 48 I'd take a look at the
presentation and the the website. It's quite useful from the documentation and
discovery standpoint
After the initial whit board I generally sit down and document what we're going
to build then we build a transition plan
On 06/21/2010 08:46 PM, Joel Jaeggli wrote:
There was a lightning talk on Netdot at Nanog 48 I'd take a look at the
presentation and the the website. It's quite useful from the documentation
and discovery standpoint
meh, it was nanog 49, and the link is:
http://www.nanog.org/meetings
On 2010-06-18 10:49, Akyol, Bora A wrote:
This is not exactly true.
With the 3G networks (GSM) you can get.
7.2-Mbps HSDPA (downstream)
5.8-Mbps HSUPA (upstream)
3gpp rel7 hsdpa/hsupa goes about 4 fold faster than that down and twice
as fast up without having to resort to mimo.
whether
On 06/13/2010 06:13 PM, Bruce Williams wrote:
On Sun, Jun 13, 2010 at 6:42 AM, Joe Greco jgr...@ns.sol.net wrote:
Generally speaking, it will be treated as damage and routed around.
That fable only really stands a chance when the damage is accidental; in
the case where such damage is being
On 2010-06-08 13:03, J. Oquendo wrote:
Jorge Amodio wrote:
All humor aside, I'm curious to know what can anyone truly do at the end
of the day if say a botnet was used to instigate a situation. Surely
someone would have to say something to the tune of better now than
never to implement BCP
It's going to show inconsistent AS which some people may not like, but
that's just ugly not broken. As the customer, it means your outgoing
path selection is probably being made on the basis of some non-global
attribute, and the return path is entirely at the mercy of your two isps...
I
Um insofar as I'm aware Andy Rosenzweig is still the Marit member on the
SC, I generally assume that we he states his opinion or merit's position
that he is doing so in his capacity as merit's representative on the SC.
joel
On 2010-06-02 15:20, Pete Templin wrote:
Jay Hennigan wrote:
On
On 2010-05-27 17:57, andrew.wallace wrote:
On Fri, May 28, 2010 at 1:17 AM, joel jaegglijoe...@bogus.com
wrote:
On 2010-05-27 10:42, andrew.wallace wrote:
Look at it from an attackers point of view. If you're thinking
about carrying out an electronic jihad of some kind when is the
best time?
On 2010-05-27 10:42, andrew.wallace wrote:
Look at it from an attackers point of view. If you're thinking about
carrying out an electronic jihad of some kind when is the best time?
A normal working day or during an engineers strike that only happens
once every 23 years?
Not to put to fine a
On 2010-05-27 17:38, Ken Gilmour wrote:
Wow, very fast responses, Thanks Larry Sheldon and Ricardo Tavares!
On 27 May 2010 18:07, Ricardo Tavarescuru...@gmail.com wrote:
Not sure if I correctly undestand you but default route its the route
that the packet must follow if it do not have a
On 2010-05-23 18:55, Ingo Flaschberger wrote:
Dear Lorell,
We will implement OSPF.
so what arguments speak against 2 bgp upstreams?
It's not an either or proposition...
ospf carries your internal routes, ibgp carries you external routes
between internal routers. you can carry default
Tutorial: Introduction to BGP
http://nanog.org/meetings/nanog47/abstracts.php?pt=MTQ0MSZuYW5vZzQ3nm=nanog47
Tutorial: BGP 102
http://nanog.org/meetings/nanog48/abstracts.php?pt=MTUyMiZuYW5vZzQ4nm=nanog48
http://wiki.mikrotik.com/wiki/Manual:BGP_Case_Studies
On 2010-05-21
On 2010-05-20 09:36, Owen DeLong wrote:
We're scraping the bottom of the barrel for IPv4 space these days.
It is what it is, and it's only going to get worse in IPv4. Time to go
to IPv6.
in ipv6 we're using our arin /32 in all regions where we appear...
joel
Owen
On 2010-05-20 11:25, Rafael Ganascim wrote:
Hi all,
I have a doubt about the bellow scenario, where the ISP1 use eBGP
sessions to its peers and is a BGP Transit AS.
NSP 1 -- ISP 1 Router2 --- NSP 2
| |
|
On 2010-05-19 14:18, Aaron D. Osgood wrote:
Probably because MO/MT (mobile originated/mobile terminated) SMS takes place on the cellular
control channel (somewhat like the D channel on a PRI span) and is not seen as
data by the carrier.
A GPRS station class A device can do this... they have
On 05/12/2010 02:41 PM, Scott Weeks wrote:
--- da...@tcb.net wrote: From: Danny McPherson da...@tcb.net On May
12, 2010, at 9:40 AM, Jay Nakamura wrote:
I just tested this and, yes, with Cisco to Cisco, changing the
setting won't reset the connection but you have to reset the
On 2010-05-14 22:04, Alastair Johnson wrote:
Mark Foster wrote:
What about developing nations where Internet isn't yet as commonplace as
it is in the 'west' ?
They skip dialup.
dial modems are the end game for a 140 year old technology (300-3400hz
pots lines).
There is literally no
On 2010-05-13 19:43, Frank Bulk wrote:
Thirty percent? If no access includes financial means or developed
interest, that may be true, but 99% of all zip codes have at least person
with internet access. And the FCC has stated that 95 percent of Americans,
or 290 million people, have terrestrial
On 05/09/2010 09:30 AM, Eugen Leitl wrote:
On Sun, May 09, 2010 at 10:54:46AM -0500, Larry Sheldon wrote:
And when I drive someplace, I do indeed go by the signs I see, which are
not erected by a central authority, as I move along. (I don't have a
route from here to Fairbanks, Alaska, but
On 4/26/2010 8:07 AM, Christopher Morrow wrote:
On Mon, Apr 26, 2010 at 10:34 AM, Stephen Sprunkstep...@sprunk.org wrote:
Don't forget the hotspot vendor that returns an address of 0.0.0.1 for
every A query if you have previously done an query for the same
name (and timed out). That's a
On 04/22/2010 08:25 AM, Marshall Eubanks wrote:
On Apr 22, 2010, at 11:04 AM, John Lightfoot wrote:
That's Hedley.
I believe that he is talking about Hedy Lamarr, the co-inventor of
frequency hopping spread spectrum.
The patent which bears her and George Antheil's name is by no means
On 04/22/2010 11:23 AM, Christopher Morrow wrote:
On Thu, Apr 22, 2010 at 12:13 PM, Bill Bogstad bogs...@pobox.com wrote:
On Thu, Apr 22, 2010 at 11:03 AM, David Conrad d...@virtualized.org wrote:
On Apr 21, 2010, at 10:48 PM, Christopher Morrow wrote:
So what happens when you change
On 04/22/2010 10:18 PM, Matthew Kaufman wrote:
Owen DeLong wrote:
On Apr 22, 2010, at 5:55 AM, Jim Burwell wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 4/22/2010 05:34, Simon Perreault wrote:
On 2010-04-22 07:18, William Herrin wrote:
On the other hand, I could
On 4/20/2010 10:29 AM, Roger Marquis wrote:
Interesting how the artificial roadblocks to NAT66 are both delaying the
transition to IPv6 and increasing the demand for NAT in both protocols.
Nicely illustrates the risk when customer demand (for NAT) is ignored.
This is really tiresome. IPv4 NAT
On 4/20/2010 6:34 PM, Karl Auer wrote:
On Tue, 2010-04-20 at 12:59 -0700, Owen DeLong wrote:
On Apr 20, 2010, at 12:31 PM, Roger Marquis wrote:
NAT _always_ fails-closed
I love this statement particularly in the context of enterprise networks...
When you pop the label off an l3 vpn or
On 4/20/2010 6:34 PM, Karl Auer wrote:
On Tue, 2010-04-20 at 12:59 -0700, Owen DeLong wrote:
On Apr 20, 2010, at 12:31 PM, Roger Marquis wrote:
NAT _always_ fails-closed
I love this statement particularly in the context of enterprise networks...
When you pop the label off an l3 vpn or
On 4/19/2010 10:40 AM, David Conrad wrote:
Bryan,
On Apr 19, 2010, at 10:22 AM, Bryan Fields wrote:
Here is some unverified calculations I did on the problem of scaling nat.
Right now I'm using 42 translation entries in my nat table. Each entry takes
up 312 bytes of FIB memory, which is
On 4/18/2010 6:28 PM, Patrick Giagnocavo wrote:
Franck Martin wrote:
Sure the internet will not die...
But by the time we run out of IPv4 to allocate, the IPv6 network will not have
completed to dual stack the current IPv4 network. So what will happen?
Reality is that as soon as SSL web
On 4/18/2010 9:56 PM, Mikael Abrahamsson wrote:
On Mon, 19 Apr 2010, Franck Martin wrote:
Anybody has better projections? What's the plan?
My guess is that end user access will be more and more NAT444:ed (CGN)
while at the same time end users will get more and more IPv6 access (of
all
On 04/16/2010 08:35 AM, Mikael Abrahamsson wrote:
On Fri, 16 Apr 2010, William Jobs wrote:
Has anyone else undertaken a similar setup? What were the difficulties
you
encountered especially in terms of reduced throughput, packet loss
etc. Any
recommended media converters?
Why media
On 4/12/2010 10:22 AM, Suresh Ramasubramanian wrote:
The man did say carrier class .. not small webhost for four
families and dog. You're talking multiple mailservers + filtering
gateways / appliances etc, clustered .. rather tough to do that with
one pizzabox 1U running a linux that's not
On 04/09/2010 09:56 AM, Dave Israel wrote:
+Bonus Uncertainty: There is a lack of consensus on how IPv6 is to be
deployed. For example, look at the ongoing debates on point to point
network sizes and the /64 network boundary in general. There's also no
tangible benefit to deploying IPv6
On 04/09/2010 11:01 AM, William Herrin wrote:
Fun movies notwithstanding, they generally issue a fine and work it
through the civil courts.
If you were doing something extraordinary, like jamming emergency
communications, I expect they might well call the police for
assistance. But those
On 04/09/2010 07:49 PM, Randy Bush wrote:
some nut i procmail wrote
No, ARIN is not a regulator. Regulators have guns or access to
people with guns to enforce the regulations that they enact. ARIN has
no such power.
I'm a little confused on the distinction you're making.
confusion
On 04/08/2010 06:00 AM, Adrian Chadd wrote:
On Thu, Apr 08, 2010, Joe Greco wrote:
Because a legacy holder doesn't care about ARIN; a legacy holder has
usable space that cannot be reclaimed by ARIN and who is not paying
anything to ARIN. The point here is that this situation does not
On 4/6/2010 10:39 PM, Stephen Sprunk wrote:
On 05 Apr 2010 12:43, valdis.kletni...@vt.edu wrote:
On Mon, 05 Apr 2010 13:29:20 EDT, Jay Nakamura said:
I would have attributed the success of Ethernet to price!
You've got the causality wrong -- it wasn't cheap, way back when.
I remember back
On 4/5/2010 5:26 PM, Patrick W. Gilmore wrote:
On Apr 5, 2010, at 5:08 PM, valdis.kletni...@vt.edu wrote:
On Mon, 05 Apr 2010 16:36:26 EDT, Jon Lewis said:
Since they only really need to be unique per broadcast domain, it
doesn't really matter. You can I could use the same MAC
addresses on
On 4/4/2010 5:10 PM, Christopher Morrow wrote:
On Sun, Apr 4, 2010 at 4:32 PM, joel jaegglijoe...@bogus.com wrote:
Last time I checked, some of the state of the art 2004 era silicon I had laying
around could forward v6 just fine in hardware. It's not so usefyl due to it's
fib being a
On 4/3/2010 6:15 PM, Mark Smith wrote:
Ever used IPX or Appletalk? If you haven't, then you don't know how
simple and capable networking can be. And those protocols were designed
more than 20 years ago, yet they're still more capable than IPv4.
Zing, and there you have it! The hourglass is
On 4/4/2010 7:57 PM, Richard A Steenbergen wrote:
On Mon, Apr 05, 2010 at 10:57:46AM +0930, Mark Smith wrote:
Has anybody considered lobbying the IEEE to do a point to point version
of Ethernet to gets rid of addressing fields? Assuming an average 1024
byte packet size, on a 10Gbps link
While not the stevens book,
the illustrated network isbn 978-0-12-374541-5 was a pretty good
attempt to do a modern version of the same. any book that attempts to
cover all layers of the stack is going to have it's limits, but it has
saved my bacon a couple of times now...
The author is normally
On 03/31/2010 12:00 PM, Jorge Amodio wrote:
http://newsroom.cisco.com/dlls/2010/prod_033110.html
Does anybody know what are the plans for IPv6 support ?
the current wrt610n supports ipv6 I failed to see why a slightly
updated and rebranded one would not as well.
Regards
Jorge
of IPv6.
Frank
-Original Message-
From: Nick Hilliard [mailto:n...@foobar.org]
Sent: Wednesday, March 31, 2010 3:16 PM
To: Joel Jaeggli
Cc: NANOG
Subject: Re: New Linksys CPE, IPv6 ?
On 31/03/2010 21:07, Joel Jaeggli wrote:
the current wrt610n supports ipv6 I failed to see
On 03/31/2010 08:52 PM, Patrick Giagnocavo wrote:
We have just (anecdotally, empirically) established earlier in this
thread, that anything smaller than a mid-sized business, can't even
*GET* IPv6 easily (at least in the USA); much less care about it.
fwiw, that last time I was at a company
On 03/26/2010 10:16 AM, Owen DeLong wrote:
On Mar 26, 2010, at 8:45 AM, Lamar Owen wrote:
On Wednesday 24 March 2010 05:24:39 pm Michael Dillon wrote:
For comparison look at the z-80 CPU which powered the early desktop
computers. When the IBM PC came out, people thought that the Intel
It sounds like this range was just recently assigned -- is there any
document (RFC?) or source I could look through to learn more about
this, and/or provide evidence to my client
http://www.iana.org/assignments/ipv4-address-space/
Thanks,
Jaren
--
On 03/16/2010 07:38 AM, Rick Ernst wrote:
Regurgitating the original e-mail for context and follow-up.
General responses (some that didn't make it to the list):
- There really is that much space, don't worry about it.
- /48s for those that ask for it is fine, ARIN won't ask unless it's
On 03/15/2010 04:30 PM, George Bonser wrote:
-Original Message-
From: Dave Temkin
Sent: Thursday, March 11, 2010 12:51 PM
To: Kevin Oberman
Cc: nanog@nanog.org
Subject: Re: 10GBase-t switch
Can you point to another 1U box that has more than 16MB per-port
buffer?
-Dave
On 03/12/2010 01:20 PM, Axel Morawietz wrote:
Am 12.03.2010 17:03, schrieb Nathan:
[...] Its
amazing how prolific 1.x traffic is.
one reason might also be, that at least T-Mobile Germany uses 1.2.3.*
for their proxies that deliver the content to mobile phones.
And I'm not sure what they
arista 7120t-4s...
On 03/10/2010 02:04 PM, Bill Blackford wrote:
You might look at Juniper EX3200 with a EX-UM-2XFP and then optics of your
choice (EX-XFP-10GE-SR)
-b
On Wed, Mar 10, 2010 at 1:46 PM, Mirko Maffioli
mirkomaffi...@gmail.comwrote:
I'm searching for a switch with at
On 03/05/2010 05:24 AM, William Herrin wrote:
On Thu, Mar 4, 2010 at 11:15 PM, David Conrad d...@virtualized.org wrote:
On Mar 4, 2010, at 2:30 PM, William Herrin wrote:
Because we expect far fewer end users to multihome tomorrow than do today?
We do?
Why do we expect this?
David,
http://ws.afnog.org/afnog2009/sie/detail.html
monday afternoon and tuesdays workshop materials cover introduction to
dynamic routing and ospf. thursdays includes the ospf/ibgp intergration
materials.
On 03/05/2010 08:46 AM, Alex Thurlow wrote:
I have to say that this looks like a nice solution
On 03/05/2010 01:48 PM, David Conrad wrote:
On Mar 5, 2010, at 10:44 AM, Joel Jaeggli wrote:
If this is done right, direct assignment holders and ISPs are
issued sufficiently large prefixes such that the prefix count per
entity remains small.
This sort of assumes Internet connectivity
On 03/04/2010 10:52 AM, Thomas Magill wrote:
2. Longer than /24 prefixes in global BGP table. The most obvious
answer is that some hardware may not handle it... How is that hardware
going to handle an IP6 table then? I have had several occasions where
functionally I needed to
On 03/04/2010 06:41 PM, Thomas Magill wrote:
I've been on board with rolling out IP6 but the SPs I've talked to are
all '...about to start trying to possibly think about extending a beta
to a small portion of some customers' or something along those lines.
This led me to believe that SPs are
On 03/01/2010 09:04 AM, Larry Sheldon wrote:
On 3/1/2010 9:55 AM, Adam Waite wrote:
Hm, I was under the impression that ARPANET was a government run
network...
Not since 1992..what you're looking for these days is NIPRnet and
SIPRnet, and ESnet, etc, etc, etc.
ARPANET only
On 03/01/2010 05:34 PM, Akyol, Bora A wrote:
Michael
I think for the people in the situation you are describing, the best bet
would be
one of the wireless technologies. Someone on the thread mentioned LTE (which
should
be coming out in a couple years time), and to that we can add WiMAX
On 02/26/2010 03:10 PM, Paul Bosworth wrote:
I think a lot of people often forget that ISPs are actually
businesses trying to turn a profit.
Bearing in mind that the facilities that exist in much of the rural
united states are actually there because we collectively payed for them
rather than
On 02/27/2010 03:49 AM, Nick Hilliard wrote:
On 27/02/2010 04:04, Phil Regnauld wrote:
I'm not saying that political incentives (carrot stick) or government
regulations in the line of implement IPv6 before X/Y or else... have
had any effect, except maybe in Japan:
Correct
Modula the lack of pd, I found the ipv6 support for the dir-825 (along
with the other things it does well) to be rather decent. If people need
gig-e simultaneous dual band abgn home routers for ~$130 you should
check the thing out.
On 02/27/2010 08:59 AM, Frank Bulk wrote:
Heard from a D-Link
Tony Finch wrote:
On Sat, 27 Feb 2010, Joel Jaeggli wrote:
On 02/27/2010 03:49 AM, Nick Hilliard wrote:
Correct me if I'm wrong, but the Japanese government did two things:
- tax incentivise ipv6 compliance
- make meaningful ipv6 compliance mandatory when dealing with Japanese
Johnny Eriksson wrote:
Robert Bonomi wrote:
Quick! Somebody propose a snail-mail portability bill. When a renter
changes to a different landlord, his snail-mail address will be optionally
his to take along, just like what is proposed for ISP clients.
No, a complete street address
Hank Nussbacher wrote:
On Mon, 22 Feb 2010, Dorn Hetzel wrote:
I am sure the various carriers faced with the onset of Local Number
Portability and WLNP in this part of the world would have been happy to
escape with only forwarding phone calls for 3 months.
Alas, such was not their fate :)
Larry Sheldon wrote:
On 2/20/2010 11:53 AM, valdis.kletni...@vt.edu wrote:
So we've looked at it from 2 different aspects, and in both cases, the
RFC says you shouldn't be bouncing spam to where it came from.
Small nit, which is germane to the whole discussion; ...the RFC says
you
3com nj1000 3com nj90 etc.
Andrey Khomyakov wrote:
Hi folks,
Does anyone know of anything like a small, but managed in wall switch? I
have an area where the business needs to deploy more thin client kiosks than
I have data drops and it's impossible to add more due to how the walls on
that
James Hess wrote:
For now.. with 1gigabit residential connections, BCP 38 OUGHT to be
Google's answer. If Google handles that properly, they _should_
make it mandatory that all traffic from residential customers be
filtered, in all cases, in order to only forward packets with
their
For stuff where the boxes were expected to go both directions, there are
anvil flight cases in appropiate sizes which I've used with great
success. These days I having been using pelican cases, either 1560 1630
or 1650 depending on size.
Andrew Konkol wrote:
Gurus,
Where I work we ship our
volunteering to sink traffic for 1.1.1.0/24
--heather
-Original Message-
From: Joel Jaeggli [mailto:joe...@bogus.com]
Sent: Wednesday, February 03, 2010 11:09 AM
To: Mirjam Kuehne
Cc: nanog@nanog.org
Subject: Re: How polluted is 1/8?
It should be of no surprise to anyone
Phil Regnauld wrote:
Nick Hilliard (nick) writes:
There is a FAQ entry for ipv6 support in ipplan:
One feature request that comes up from time to time is IPv6. Adding IPv6
support will require major effort but has such a limited audience.
Ironically the only people that ever requested IPv6
It should be of no surprise to anyone that a number of the remaining
prefixes are something of a mess(somebody ask t-mobile how they're using
14/8 internally for example). One's new ipv4 assignments are going to
be of significantly lower quality than the one received a decade ago,
The property is
Richard Barnes wrote:
What I've heard is that the driver is IPv4 exhaustion: Comcast is
starting to have enough subscribers that it can't address them all out
of 10/8 -- ~millions of subscribers, each with 1 IP address (e.g.,
for user data / control of the cable box).
What do you meaning
iptables -A INPUT -m recent --update --seconds 60 --hitcount 5 --name
SSH --rsource -j DROP
iptables -A INPUT -m recent --set --name SSH --rsource -j ACCEPT
also enforce either strong passwords or require no passwords (e.g. keys
only) and everything should be cool.
Bobby Mac wrote:
Hola Nanog:
Daniel Senie wrote:
On Jan 26, 2010, at 9:54 AM, Joe Maimon wrote:
For me, the entire debate boils down to this question.
What should the objective be, decades or centuries?
If centuries, how many planets and moons will the address space
cover? (If we as a species manages to spread
Ricky Beam wrote:
But it's not all bad. It's assigned to APNIC, so a lot of people will
gladly continue blocking it.
Yeah cause seriously, who does business in Asia or the Pacifc...
Anton Kapela wrote:
On Thu, Jan 21, 2010 at 8:22 PM, Jon Lewis jle...@lewis.org wrote:
I thought there was some other group that had been squatting in 1/8,
something about radio and peer to peer...but not AnoNet (at least that name
was totally unfamiliar)...but this was all I could find
Steven Bellovin wrote:
On Jan 13, 2010, at 1:45 PM, Barry Shein wrote:
There seem to be a lot of misconceptions about RFID tags. I'm hardly
an expert but I do know this much:
RFID tags are generic, you don't put data into them unique to your
application.
Not true, the simplest rfid tags
valdis.kletni...@vt.edu wrote:
On Wed, 13 Jan 2010 17:31:44 +0100, Anthony Uk said:
Second, we have evidence to suggest that a primary goal of the
attackers was accessing the Gmail accounts of Chinese human rights
activists.
I have orders of magnitude fewer users than gmail does, and
Tim Durack wrote:
Replace all the routers on the Internet with stateful firewalls. What happens?
the same thing that happened with flow-cached routers, they melt, you go
out of business, the end.
Martin Hannigan wrote:
Some NDA's require that you must state your intent for each
communication that should be covered by the NDA. As much as everyone
would like to believe these are wothless, they are not. Applying them
globally to your email protects your legal rights. It is also
bill from home wrote:
All,
This thread certainly has been educational, and has changed my
perception of what an appropriate outward facing architecture should be.
But seldom do I have the luxury of designing this from scratch, and also
the networks I administer are small business's.
My
Dobbins, Roland wrote:
On Jan 8, 2010, at 9:02 PM, bill from home wrote:
And maybe there is no way to tell, but I feel I need to ask the question.
Situationally-dependent; the only way to really tell, not just theorize, is
to test the firewall to destruction during a maintenance window
Dobbins, Roland wrote:
On Jan 9, 2010, at 7:52 AM, Joel Jaeggli wrote:
see my post in the subject, a reasonably complete performance
report for the device is a useful place to start.
The problem is that one can't trust the stated vendor performance
figures, which is why actual testing
you might take a look at route-views6.routeviews.org
last I looked it had 22 neighbors.
you can either telnet to it (it's quagga) or look in the archived ribs here:
http://archive.routeviews.org/route-views6/bgpdata/
Michael K. Smith - Adhost wrote:
Hello Everyone:
I am requesting the
Brett Frankenberger wrote:
On Wed, Dec 30, 2009 at 11:13:24AM -0500, Steven Bellovin wrote:
I know nothing of how to do this on a Catalyst; for PCs, my own guess
is that you're looking far too high-end. If the issue is relaying to
the outside, I suspect that a small, dedicated Soekris or
Rich Kulawiec wrote:
On Wed, Dec 23, 2009 at 01:58:47AM -0500, Christopher Morrow wrote:
no real arguement, but... 'please provide some set of workable
solutions'
The set of workable solutions at this point looks something like
null routes, firewall rules, blacklist entries -- in order to
Christopher Morrow wrote:
On Tue, Dec 22, 2009 at 4:24 PM, Jon Lewis jle...@lewis.org wrote:
Should US based networks be willing to route RIPE ASSIGNED PA space
customers provide?
Are any of your customers multinationals?
this is an interesting question, which when I worked for an ISP
George Bonser wrote:
We have decided to initiate the process of becoming IPv6 capable. We
have requested and received a block of addresses which, after reading
some of the discussion here, I fear may be too small to suit our needs
(a /48). To better understand how to proceed and in an
so can open-wrt and you can run it on something like:
http://www.ubnt.com/products/rspro.php
which is a lot more flexible than a consumer ap and the price starts at
about $80 before you add radios.
Michael Holstein wrote:
I am consulting with a new player in the internet field and I am
Paolo Lucente wrote:
On Fri, Dec 18, 2009 at 10:09:32PM -0600, James Hess wrote:
On Fri, Dec 18, 2009 at 1:24 PM, Jonny Martin jo...@pch.net wrote:
..
modified if need be - to achieve this. ?Mixing billing with the reachability
information signalled through BGP just doesn't seem like a good
Owen DeLong wrote:
UPnP is a bad idea that (fortunately) doesn't apply to IPv6 anyway.
You don't need UPnP if you'r not doing NAT.
wishful thinking.
you're likely to still have a staeful firewall and in the consumer space
someone is likely to want to punch holes in it.
Yes, SI will
Wade Peacock wrote:
We had a discussion today about IPv6 today. During our open thinking the
topic of client equipment came up.
We all commented that we have not seen any consumer grade IPv6 enable
internet gateways (routers/firewalls), a kin to the ever popular Linksys
54G series, DLinks ,
Kain, Becki (B.) wrote:
No kiddng. I must be the only one who is getting tired of seeing Google
take over literally everything.
Nobody as far as I can tell has a Monoploy on bad ideas...
joel
valdis.kletni...@vt.edu wrote:
On Tue, 24 Nov 2009 11:50:54 EST, Brad Laue said:
maintained. I'm unclear as to why mail administrators don't work more
proactively with things like SenderID and SPF, as these seem to be far
more maintainable in the long-run than an ever-growing list of IP
701 - 800 of 925 matches
Mail list logo
