Re: QoS for Office365

Implement Quality of Service in Microsoft Teams | | | | || | | | | | Implement Quality of Service in Microsoft Teams Prepare your organization's network for Quality of Service (QoS) in Microsoft Teams. | | | | Sent from Yahoo Mail on Android On

RE: SHAKEN/STIR Robocall Summit - July 11 2019 at FCC

On Monday, 8 July, 2019 18:08, Michael Thomas wrote: >when we did DKIM back in the day, almost nobody was requiring SMTP >auth which meant the providers could say "blame me" via the DKIM >signature, >but couldn't really take much action since they didn't >know who has doing it. This is

Re: SHAKEN/STIR Robocall Summit - July 11 2019 at FCC

On Mon, 08 Jul 2019 17:58:17 -0700, Michael Thomas said: > On 7/8/19 5:54 PM, Keith Medcalf wrote: > > This is because DKIM was a solution to a problem that did not exist. > > > > > ::eyeroll:: pray tell, how do you "always" know the identity of the MTA > sending you a message? It's more subtle

Re: SHAKEN/STIR Robocall Summit - July 11 2019 at FCC

On 7/8/19 6:11 PM, Valdis Klētnieks wrote: On Mon, 08 Jul 2019 17:58:17 -0700, Michael Thomas said: On 7/8/19 5:54 PM, Keith Medcalf wrote: This is because DKIM was a solution to a problem that did not exist. ::eyeroll:: pray tell, how do you "always" know the identity of the MTA sending

Re: QoS for Office365

On Mon, Jul 8, 2019 at 5:50 PM Mark Tinka wrote: > > > > On 8/Jul/19 21:03, Robert Webb wrote: > > I took the OP's request as for doing QoS at the edge of their network > > and not necessarily the entire path. > > Indeed, but even then, you could be handing off the traffic to a > downstream

RE: SHAKEN/STIR Robocall Summit - July 11 2019 at FCC

You are the only person who has mentioned reverse DNS lookups. However, it is true that you do in fact need to already know the identity of the sending MTA/MSA before you can do a "reverse DNS lookup". What does this have to do with the price of tea in China? And what value do you think a

Re: SHAKEN/STIR Robocall Summit - July 11 2019 at FCC

when do we get back to stir/shaken? On Mon, Jul 8, 2019 at 9:47 PM Keith Medcalf wrote: > > > On Monday, 8 July, 2019 19:28, Michael Thomas wrote: > > >On 7/8/19 6:24 PM, Keith Medcalf wrote: > > >> You are the only person who has mentioned reverse DNS lookups. > > >I'm only trying to guess

Re: SHAKEN/STIR Robocall Summit - July 11 2019 at FCC

On 7/8/19 7:11 PM, Christopher Morrow wrote: when do we get back to stir/shaken? that would be nice. i have a lot of questions about stir/shaken. attacking a problem statement rfc seems rather bizarre and unhinged to me. it outlines a lot of the objections i had to p-asserted-identity i

Re: QoS for Office365

On 9/Jul/19 00:35, Warren Kumari wrote: > I disagree -- you *can* guarantee what someone else will do with your > ToS fields... they will A: ignore them and / or B: scribble all > over them. I'll rephrase... you can't guarantee that a remote network will handle your packets the way you

Re: SHAKEN/STIR Robocall Summit - July 11 2019 at FCC

when we did DKIM back in the day, almost nobody was requiring SMTP auth which meant the providers could say "blame me" via the DKIM signature, but couldn't really take much action since they didn't know who has doing it. we sort of took a leap of faith that that would happen.  nowadays, almost

RE: SHAKEN/STIR Robocall Summit - July 11 2019 at FCC

Wow! You must not know much about networking or programming if you do not know how to ask the OS to tell you the address/port associated with the "other end" of a TCP connection. Obviously you know who is sending the message since they are in bidirectional communication with you at the time

RE: SHAKEN/STIR Robocall Summit - July 11 2019 at FCC

DKIM brought nothing of any value since it cannot be used to refuse messages or abort before entering the DATA phase of the SMTP conversation. You are, no matter what, committing resources to receiving the message and accepting responsibility for its delivery. All you can do is fart about

Re: SHAKEN/STIR Robocall Summit - July 11 2019 at FCC

On 7/8/19 6:24 PM, Keith Medcalf wrote: You are the only person who has mentioned reverse DNS lookups. I'm only trying to guess what enlightens your misinformed world. Mike

RE: SHAKEN/STIR Robocall Summit - July 11 2019 at FCC

On Monday, 8 July, 2019 19:28, Michael Thomas wrote: >On 7/8/19 6:24 PM, Keith Medcalf wrote: >> You are the only person who has mentioned reverse DNS lookups. >I'm only trying to guess what enlightens your misinformed world. You claimed that the "root problem" was not knowing who the

Re: SHAKEN/STIR Robocall Summit - July 11 2019 at FCC

Jon Callas, Eric Allman, the IETF security geek contingent and even me disagree with you. rfc 4871 disagrees with you. STD 76 disagrees with you. Trillions of signed messages disagree with you. Steve Bellovin probably disagrees with you too since you seem to be under the illusion that a

RE: QoS for Office365

Using Orifice 342 will hurt you. Packet loss (the more the better) will only help you. -- The fact that there's a Highway to Hell but only a Stairway to Heaven says a lot about anticipated traffic volume. >-Original Message- >From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of

Re: SHAKEN/STIR Robocall Summit - July 11 2019 at FCC

On 7/8/19 5:54 PM, Keith Medcalf wrote: On Monday, 8 July, 2019 18:08, Michael Thomas wrote: when we did DKIM back in the day, almost nobody was requiring SMTP auth which meant the providers could say "blame me" via the DKIM signature, >but couldn't really take much action since they didn't

Re: SHAKEN/STIR Robocall Summit - July 11 2019 at FCC

On 7/8/19 6:46 PM, Keith Medcalf wrote: On Monday, 8 July, 2019 19:28, Michael Thomas wrote: On 7/8/19 6:24 PM, Keith Medcalf wrote: You are the only person who has mentioned reverse DNS lookups. I'm only trying to guess what enlightens your misinformed world. You claimed that the "root

Re: Must have ISP Open Source & tools

We use https://cbackup.me/en/ over Rancid On Sun, Jul 7, 2019 at 11:38 PM Mehmet Akcin wrote: > Awesome list > > On Sun, Jul 7, 2019 at 19:42 Ryan Hamel wrote: > >> My List: >> >> Oxidized as a replacement for RANCID >> Telegraf + InfluxDB = Tons of Grafana Dashboards >> (Open Source Slack

Re: Must have ISP Open Source & tools

On 7/7/19 8:42 PM, Ryan Hamel wrote: Telegraf + InfluxDB = Tons of Grafana Dashboards This handles time-series data really, really well and also pairs quite well with the ELK stack (Elasticsearch + Logstash + Kibana) for event-oriented data. Kibana can talk to InfluxDB, and Grafana can talk

QoS for Office365

Hi all, How do you deal with QoS for Office365, since the IPs are subject to changes ? How can we mark the trafic while keeping the security (I fear the marking based on TCP/UDP Ports since they are not without an additional risk coming from worms/virus using those ports for example, and doing

Re: [EXTERNAL] Re: Microsoft SNDS contact

Hey Brian - try msn-s...@microsoft.com. IIRC that's more geared towards JMRP, but I think there's a chance. Udeme Postmaster at Wish On Wed, Jul 3, 2019 at 10:14 AM Brian Rak wrote: > > On 7/3/2019 10:09 AM, Hansen, Christoffer wrote: > > On 03/07/2019 15:50, Hansen, Christoffer wrote: > >>

Re: Level3/CenturyLink IRR Contact

I will ping you off list with contact details. Kind regards, Job On Mon, Jul 8, 2019 at 6:20 PM Joe Nelson wrote: > > Does anyone know who to contact to have old information removed from > Level3/CenturyLink's IRR. My ASN still shows in their registry with stale > information from an old

Re: CDN question

On Mon, Jul 8, 2019 at 9:22 AM Tim Wilson wrote: > What is the advantages and disadvantages of building your own CDN (mainly, in USA, Brazil and Australia)? We are running a website and using CDNs for a while to delivery static content. Few guys brought this question for a tech review. And I'm

Re: DNSSEC implementation for Office365

Hi Joe, outlook.com is unsigned so I doubt they support it. [trishoar@rhel8 ~]$ delv outlook.com ; unsigned answer outlook.com.300 IN A 40.97.161.50 outlook.com.300 IN A 40.97.128.194 outlook.com.300 IN A

CDN question

Hi, folks, I have a question to you as experienced auditory. What is the advantages and disadvantages of building your own CDN (mainly, in USA, Brazil and Australia)? We are running a website and using CDNs for a while to delivery static content. Few guys brought this question for a tech review.

Re: QoS for Office365

> On Jul 2, 2019, at 5:18 PM, Joe Yabuki wrote: > > Hi all, > > How do you deal with QoS for Office365, since the IPs are subject to changes ? > > How can we mark the trafic while keeping the security (I fear the marking > based on TCP/UDP Ports since they are not without an additional

Spoofer Report for NANOG for Jun 2019

In response to feedback from operational security communities, CAIDA's source address validation measurement project (https://spoofer.caida.org) is automatically generating monthly reports of ASes originating prefixes in BGP for systems from which we received packets with a spoofed source address.

Re: Level3/CenturyLink IRR Contact

On Mon, Jul 8, 2019 at 11:20 AM Joe Nelson wrote: > Does anyone know who to contact to have old information removed from > Level3/CenturyLink's IRR. My ASN still shows in their registry with stale > information from an old customer of theirs but I can't seem to find anyone > at CenturyLink that

DNSSEC implementation for Office365

Hi, Please is anyone aware of DNSSEC implementation for Office365 ? This information seems to be hard to get from Microsoft... and it's hard for me to think that they don't support it. Thanks, Joe

Level3/CenturyLink IRR Contact

Does anyone know who to contact to have old information removed from Level3/CenturyLink's IRR. My ASN still shows in their registry with stale information from an old customer of theirs but I can't seem to find anyone at CenturyLink that even knows what an IRR is so I'm just going in circles.

Re: [EXTERNAL] Re: Microsoft SNDS contact

Ah, oops. On Wed, Jul 3, 2019 at 10:46 AM Brian Rak wrote: > Yea, that's the email we've been using (that's trying to tell us to just > split it into /24s) > On 7/3/2019 10:27 AM, Udeme Ukutt wrote: > > Hey Brian - try msn-s...@microsoft.com. IIRC that's more geared towards > JMRP, but I think

Re: QoS for Office365

On 2/Jul/19 23:18, Joe Yabuki wrote: > Hi all,  > > How do you deal with QoS for Office365, since the IPs are subject to > changes ? > > How can we mark the trafic while keeping the security (I fear the > marking based on TCP/UDP Ports since they are not without an > additional risk coming

Re: QoS for Office365

On 8/Jul/19 18:18, Jared Mauch wrote: > > Add bandwidth? > > QoS is a great tool when you’re constrained and must classify your critical > traffic, but it’s not a substitute of getting enough capacity to offices. > > I have only applied QoS to voice traffic to ensure it gets through, the rest

Re: Must have ISP Open Source & tools

On 08-Jul-2019 15:49 CEST, wrote: > On 7/7/19 8:42 PM, Ryan Hamel wrote: > > Telegraf + InfluxDB = Tons of Grafana Dashboards > > This handles time-series data really, really well and also pairs quite well > with the ELK stack (Elasticsearch + Logstash + Kibana) for event-oriented > data.

RE: Must have ISP Open Source & tools

Java as a dependency this day and age… -Ryan From: Jason Kuehl Sent: Monday, July 08, 2019 6:41 AM To: Mehmet Akcin Cc: Ryan Hamel ; Niels Bakker ; nanog@nanog.org Subject: Re: Must have ISP Open Source & tools We use https://cbackup.me/en/ over Rancid -- Sincerely, Jason W Kuehl Cell

Re: QoS for Office365

I took the OP's request as for doing QoS at the edge of their network and not necessarily the entire path. As another person stated, the real answer is to add more bandwidth if you are having to QoS to Office365 because it is affecting other internet based services. Robert On Mon, Jul 8, 2019

NANOG 77 call for presentations is open

NANOG Community, The NANOG Program Committee (PC) is excited to announce that we are now accepting proposals for all sessions at NANOG 77 in Austin, Texas, October 28-30, 2019. Below is a summary of key details and dates from the Call For Presentations on the NANOG website, which can be found at

Re: QoS for Office365

On 8/Jul/19 20:50, Warren Kumari wrote: > Depends -- I'd note that the OP said "How can we mark the trafic while > keeping the security..." -- some people use the COS / DSCP bits to > annotate packets with security information, and use that to make > *security decisions* instead of using it to

Re: QoS for Office365

On Mon, Jul 8, 2019 at 2:59 PM Mark Tinka wrote: > > > > On 8/Jul/19 20:50, Warren Kumari wrote: > > > Depends -- I'd note that the OP said "How can we mark the trafic while > > keeping the security..." -- some people use the COS / DSCP bits to > > annotate packets with security information, and

Re: Level3/CenturyLink IRR Contact

On 7/8/19 12:14 PM, Matt Harris wrote: On Mon, Jul 8, 2019 at 11:20 AM Joe Nelson > wrote: Does anyone know who to contact to have old information removed from Level3/CenturyLink's IRR.  My ASN still shows in their registry with stale information from

Re: QoS for Office365

On Mon, Jul 8, 2019 at 12:31 PM Jared Mauch wrote: > > > > > On Jul 2, 2019, at 5:18 PM, Joe Yabuki wrote: > > > > Hi all, > > > > How do you deal with QoS for Office365, since the IPs are subject to > > changes ? > > > > How can we mark the trafic while keeping the security (I fear the marking

RE: QoS for Office365

> Warren Kumari > Sent: Monday, July 8, 2019 8:06 PM > > On Mon, Jul 8, 2019 at 2:59 PM Mark Tinka wrote: > > > > > > > > On 8/Jul/19 20:50, Warren Kumari wrote: > > > > > Depends -- I'd note that the OP said "How can we mark the trafic > > > while keeping the security..." -- some people use the

SHAKEN/STIR Robocall Summit - July 11 2019 at FCC

I don't think SHAKEN/STIR really addresses the root problems with spoofing phone numbers, anymore than any of the BGP proposals for spoofing IP addresses. Nevertheless, the FCC wants to be seen as doing something. So Chairman Pai is having a summit to show all the progress. On Thursday,

Re: Must have ISP Open Source & tools

I would chime in with tools for network analysis and planning: http://bgp.he.net/ http://isolario.it http://radar.qrator.net last one is something we work on as a community project. On Mon, Jul 8, 2019 at 2:07 AM Mehmet Akcin wrote: > Hey there > > We are a growing ISP in Colombia and Latin

Re: SHAKEN/STIR Robocall Summit - July 11 2019 at FCC

- Original Message - > From: "Sean Donelan" > I don't think SHAKEN/STIR really addresses the root problems with > spoofing phone numbers, anymore than any of the BGP proposals for spoofing > IP addresses. > > Nevertheless, the FCC wants to be seen as doing something. So Chairman > Pai

Re: QoS for Office365

On 8/Jul/19 21:03, Robert Webb wrote: > I took the OP's request as for doing QoS at the edge of their network > and not necessarily the entire path. Indeed, but even then, you could be handing off the traffic to a downstream customer, and can't guarantee what they do to those ToS fields. > >

Re: QoS for Office365

On 8/Jul/19 22:01, adamv0...@netconsultings.com wrote: > And yet the SD-WAN promising MPLS experience over the internet and other BS > sells like crazy ;) Where have we seen that before... Still waiting for the ATM port on my laptop :-). Mark.

Re: SHAKEN/STIR Robocall Summit - July 11 2019 at FCC

Summary: SHAKEN/STIR does nothing but sign a call by a carrier that can be verified by another carrier that they signed it. It does nothing to stem Robocalls. Discussion: All SHAKEN/STIR does is have the originating carrier of a call to cryptographically attest, to some degree, that the call

[NANOG-announce] NANOG 77 call for presentations is open

NANOG Community, The NANOG Program Committee (PC) is excited to announce that we are now accepting proposals for all sessions at NANOG 77 in Austin, Texas, October 28-30, 2019. Below is a summary of key details and dates from the Call For Presentations on the NANOG website, which can be found at