Re: IP Hijacking For Dummies

[Stephane Bortzmeyer]

On Mon, Jun 05, 2017 at 04:46:04PM -0700,
 Ronald F. Guilmette  wrote 
 a message of 85 lines which said:

> Late last night, I put together the following simple annotated listing of
> the routes being announced by AS34991.

Note that they apparently stopped on 7 june.

Re: Russian diplomats lingering near fiber optic cables

[Gordon Cook]

I have just scanned this whole thread - it is the most amazing analysis of 
technical details I have e ver seen

national security also
sean I am taking this in the sense of what the hell could these russian 
diplomats be doing?

I have been a nanog reader  since this list began   in the spring of 1995 i 
believe

remember i am parsing comments from the russian side as well
 
 i met aleksei soldatov at the kurchatov institute for the first time in april 
1992.  about 3 days earlier i met  the demos guys who  told soldatov   
suggested to soldatov that  he  should met me  at kurchatov 

I followed the development of the russian internet very closely between April 
1992 and 1999  not much after that.

meanwhile i am
well aware of international fiber optic cables geographic issues of same  — see 
telegeography for example,  His coordinates etc
 interception  of cable via submarine etc

see the US Sub named Jimmy  carter

I visited Russia for the first time in 1964  
my dissertation completed in 1972

dis on site work for the Phd in Russia for 2 months summer of 1970
including pushkinskii Dom

Thanks to steve Goldstein of NSF I received an invite to attend the second Nato 
sponsored conference on the future e of   the  russian internet  met larry land 
weber there at Golitsyno - the conf  was sept 30 to Oct 2 1994 

The point?  I have long experience with my Cook Report on Internet Protocol  in 
April 1992 issue #1

and an even lon\ger experience  with russian history language and culture 

 I am also well aware this message will be readable by a ver large number of 
people both  here and abroad.

even visited the westin bldg In i think 1994.
 take a bow Sean!!

:-)



> On Jun 11, 2017, at 11:38 AM, Gordon Cook  wrote:
> 
> Hi Sean
> 
> You and I first met when i was at OIA about 1992   LOONG TIME ago
> 
> Always thought  of you as brilliant collector of info as well as analyst 
> there of 
> 
> this question of yours is absolutely brilliant
> 
> look at the responses (more) than 45!!!
> 
> 
> 
> 
> 
> 
>> On Jun 1, 2017, at 2:02 PM, Sean Donelan  wrote:
>> 
>> 
>> There must be a perfectly logical explanation  Yes, people in the 
>> industry know where the choke points are. But the choke points aren't always 
>> the most obvious places. Its kinda a weird for diplomats to show up there.
>> 
>> On the other hand, I've been a fiber optic tourist.  I've visited many 
>> critical choke points in the USA and other countries, and even took selfies 
>> :-)
>> 
>> 
>> http://www.politico.com/story/2017/06/01/russia-spies-espionage-trump-239003
>> 
>> In the throes of the 2016 campaign, the FBI found itself with an escalating 
>> problem: Russian diplomats, whose travel was supposed to be tracked by the 
>> State Department, were going missing.
>> 
>> The diplomats, widely assumed to be intelligence operatives, would 
>> eventually turn up in odd places, often in middle-of-nowhere USA. One was 
>> found on a beach, nowhere near where he was supposed to be. In one 
>> particularly bizarre case, relayed by a U.S. intelligence official, another 
>> turned up wandering around in the middle of the desert. Interestingly, both 
>> seemed to be lingering where underground fiber-optic cables tend to run.
>> 
>> According to another U.S. intelligence official, “They find these guys 
>> driving around in circles in Kansas. It’s a pretty aggressive effort.”
>> 
>> It’s a trend that has led intelligence officials to conclude that the 
>> Kremlin is waging a quiet effort to map the United States’ 
>> telecommunications infrastructure, perhaps preparing for an opportunity to 
>> disrupt it.
>> 
> 
> 

mailops https breakage

[Lyndon Nerenberg]

> On Aug 27, 2016, at 6:46 PM, Matt Palmer  wrote:
> 
> On Sat, Aug 27, 2016 at 01:25:42AM -, John Levine wrote:
>> In article 
>>  you 
>> write:
>>> I was working within the limits of what I had available.
>> 
>> Here's the subscription page for mailop.  It's got about as odd
>> a mix of people as nanog, ranging from people with single user linux
>> machines to people who run some of the largest mail systems in
>> the world, including Gmail:
>> 
>> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
> 
> I know they're mailops, and not tlsops, but surely presenting a cert that
> didn't expire six months ago isn't beyond the site admin's capabilities?

I tried again, ten months later. Still broken :-(

Is there a replacement site I'm missing out on?

Re: Templating/automating configuration

[Gordon Cook]

again  I understand and agree



the reach of your drowning analysis and understanding is awesome

hi randy bush


oops and hi jp confused of calcutta and chris locke rage boy  

> On Jun 7, 2017, at 6:17 PM, Andrew Dampf  wrote:
> 
> Salt is great for generating configs based on jinja templates, and you can
> use napalm in conjunction with salt to push the configs to the device on a
> set schedule (typically this is done hourly). If manual changes are made to
> the router, salt would override them on the next run, so it's a great way
> to make sure configs are consistent.
> 
> 
> On Tue, Jun 6, 2017 at 9:25 AM Graham Johnston 
> wrote:
> 
>> Short of complete SDN, for those of you that have some degree of
>> configuration templating and/or automation tools what is it that you run?
>> I'm envisioning some sort of tool that let's me define template snippets of
>> configuration and aids in their deployment to devices. I'm okay doing the
>> heaving lifting in defining everything, I'm just looking for the tool that
>> stitches it together and hopefully makes things a little less error prone
>> for those who aren't as adept.
>> 
>> Graham Johnston
>> Network Planner
>> Westman Communications Group
>> 204.717.2829 <(204)%20717-2829>
>> johnst...@westmancom.com
>> 
>> 
> 

Re: Templating/automating configuration

[Gordon Cook]

agree
 again all of  the above
 
thanks
> On Jun 11, 2017, at 7:58 PM, Gordon Cook  wrote:
> 
> again  I understand and agree
> 
> 
> 
> the reach of your drowning analysis and understanding is awesome
> 
> hi randy bush
> 
> 
> oops and hi jp confused of calcutta and chris locke rage boy  
> 
>> On Jun 7, 2017, at 6:17 PM, Andrew Dampf  wrote:
>> 
>> Salt is great for generating configs based on jinja templates, and you can
>> use napalm in conjunction with salt to push the configs to the device on a
>> set schedule (typically this is done hourly). If manual changes are made to
>> the router, salt would override them on the next run, so it's a great way
>> to make sure configs are consistent.
>> 
>> 
>> On Tue, Jun 6, 2017 at 9:25 AM Graham Johnston 
>> wrote:
>> 
>>> Short of complete SDN, for those of you that have some degree of
>>> configuration templating and/or automation tools what is it that you run?
>>> I'm envisioning some sort of tool that let's me define template snippets of
>>> configuration and aids in their deployment to devices. I'm okay doing the
>>> heaving lifting in defining everything, I'm just looking for the tool that
>>> stitches it together and hopefully makes things a little less error prone
>>> for those who aren't as adept.
>>> 
>>> Graham Johnston
>>> Network Planner
>>> Westman Communications Group
>>> 204.717.2829 <(204)%20717-2829>
>>> johnst...@westmancom.com
>>> 
>>> 
>> 
> 
> 

plea for increase participation in v6ops/IETF

[JORDI PALET MARTINEZ]

Hello all,

At the last LACNIC event, I mentioned on a couple of occasions the need for 
ISPs in the region, especially small and medium-sized ones, to participate in 
the decisions taken in the IETF IPv6 Operations Working Group (v6ops). I’m 
sending this here as well, as I believe the situation also apply to this region.

When I asked among the attendees how many participate in v6ops, only one person 
raised his hand.

What does it mean to participate in the mailing list? Follow some emails 
(sometimes only 1-2 a week, sometimes they can be several in a day), and 
therefore learn about what is being discussed and give your opinion and, given 
that decisions are made by Consensus, influence them.

What consequences has NOT participating? That decisions against your 
interests/opinions could be taken, and obviously do not consider your 
perspective in the standards. Generally large operators are involved, which 
implies that your interests are not sufficiently represented, and in general 
are contrary to yours. Your "vote/opinion" is not worth more than yours, but 
the big one is present and the small/medium NO!

I give you a very concrete example. The serious problem that small and medium 
ISPs have, is to continue offering IPv6 and IPv4 services to their customers, 
when they already do not have IPv4 addresses. Only the biggest ISPs have a 
great purchasing power and can influence the manufacturers to do for them what 
they need. One possibility to solve it, extending the life of IPv4, but not 
necessarily deploying IPv6, is using CGN, which is also very expensive, and 
breaks many things.

The solution is simple. Deploying IPv6-only services in the last mile, which 
involves using transition mechanisms, such as 464XLAT that has been deployed on 
millions of smartphones worldwide, so that applications continue to operate 
transparently as they "believe" they have IPv4.

What is the problem, then? That manufacturers of CPEs are based on an old 
specification (RFC7084) that does not contemplate these transition mechanisms, 
so when a small/medium ISP asks a manufacturer for a firmware upgrade or a new 
CPE, they do not include that solution and perhaps they offer it with an extra 
cost.

In my view, this should change, and that is why I am working on a number of 
documents, including RFC7084-bis 
(https://datatracker.ietf.org/doc/draft-ietf-v6ops-rfc7084-bis/), To update 
this situation, but there is opposition from large ISPs and virtually no 
small/medium "talks" about it, and in fact these large ISPs deny the situation. 
In addition, the document also specifies the "automated" support of those cases 
in which the user installs other routers (which is very common as we all know, 
and will be more and more in IPv6, IoT, etc.), behind the router installed by 
the ISP, through homenet (HNCP).

I am not asking for your support for my documents, but for understanding the 
problem and the solution that is being proposed and/or possible new ones, and 
for the opinion of not only those very few “big ones”, but also of many small 
and medium, who are most affected.

If you want to subscribe to this list, search for "subscribing" at:
https://www.ietf.org/mailman/listinfo/v6ops

You can see the files of the discussion in:
https://mailarchive.ietf.org/arch/search/?email_list=v6ops

I remind you that participating in the IETF does not require a presence in the 
meetings, as consensus is agreed in the list.

Regards,
Jordi






**
IPv4 is over
Are you ready for the new Internet ?
http://www.consulintel.es
The IPv6 Company

This electronic message contains information which may be privileged or 
confidential. The information is intended to be for the use of the 
individual(s) named above. If you are not the intended recipient be aware that 
any disclosure, copying, distribution or use of the contents of this 
information, including attached files, is prohibited.

Re: Russian diplomats lingering near fiber optic cables

[Gordon Cook]

Hi Sean

You and I first met when i was at OIA about 1992   LOONG TIME ago

Always thought  of you as brilliant collector of info as well as analyst there 
of 

this question of yours is absolutely brilliant

look at the responses (more) than 45!!!






> On Jun 1, 2017, at 2:02 PM, Sean Donelan  wrote:
> 
> 
> There must be a perfectly logical explanation  Yes, people in the 
> industry know where the choke points are. But the choke points aren't always 
> the most obvious places. Its kinda a weird for diplomats to show up there.
> 
> On the other hand, I've been a fiber optic tourist.  I've visited many 
> critical choke points in the USA and other countries, and even took selfies 
> :-)
> 
> 
> http://www.politico.com/story/2017/06/01/russia-spies-espionage-trump-239003
> 
> In the throes of the 2016 campaign, the FBI found itself with an escalating 
> problem: Russian diplomats, whose travel was supposed to be tracked by the 
> State Department, were going missing.
> 
> The diplomats, widely assumed to be intelligence operatives, would eventually 
> turn up in odd places, often in middle-of-nowhere USA. One was found on a 
> beach, nowhere near where he was supposed to be. In one particularly bizarre 
> case, relayed by a U.S. intelligence official, another turned up wandering 
> around in the middle of the desert. Interestingly, both seemed to be 
> lingering where underground fiber-optic cables tend to run.
> 
> According to another U.S. intelligence official, “They find these guys 
> driving around in circles in Kansas. It’s a pretty aggressive effort.”
> 
> It’s a trend that has led intelligence officials to conclude that the Kremlin 
> is waging a quiet effort to map the United States’ telecommunications 
> infrastructure, perhaps preparing for an opportunity to disrupt it.
>