Re: Comcast outages continue even in areas with PG power restored

[Tom Beecher]

It's very difficult to properly build a resilient infrastructure when those
shareholders must get their value!

On Fri, Oct 11, 2019 at 7:33 PM Sean Donelan  wrote:

> The FCC asked a half-dozen carriers about their network resilience plans
> last month.  Comcast was not one of the service providers askedd about
> their plans.
>
> The FCC should have looked closer at Comcast in California. While it was
> expected many people would loose home Internet, voice, video service when
> their Customer Premise Equipment lost power.  The FCC no longer requires
> battery backup for CPE.  That is now a customer responsibility.
>
> It turns out, Comcast's outside plant was woefully unprepared to handle
> long, i.e. 24 hour, power outages.  And even when power is restored to
> people's homes, Comcast service is often still down.
>
>
> https://www.ktvu.com/news/still-no-relief-pge-shutoffs-disrupt-comcast-services
>
>
> Maybe the FCC needs to ask about cable system Outside Service Plant
> network reslience of Comcast.  Are other cable OSP resilience similar?
>

Re: Comcast outages continue even in areas with PG power restored

[Chris Adams]

Once upon a time, Sean Donelan  said:
> It turns out, Comcast's outside plant was woefully unprepared to
> handle long, i.e. 24 hour, power outages.  And even when power is
> restored to people's homes, Comcast service is often still down.

When I had Comcast in Huntsville, AL, there appeared to be no backup
power in their plant.  Any power blink and my Internet and TV both
dropped (my equipment is on UPS).
-- 
Chris Adams 

Re: Comcast outages continue even in areas with PG power restored

[Brandon Martin]

On 10/11/19 9:43 PM, Matt Hoppes wrote:

And this is why the distributed nature of small node’s is detrimental in an 
extended power outage.

There is no practical way to back them up with power for an extended period of 
time.


How distributed is the power on a typical HFC system in practice?  I'm 
sure I'm missing some of them, but having walked out most of a small-ish 
(~2000 residences) city recently for a FTTx deployment, I think I only 
saw 2-3 power nodes on Comcast's plant.  There were several times as 
many fiber-coax nodes being line-powered off the coax plant though still 
surprisingly few (the plant is ancient and hasn't seen a lot of fiber 
overbuild).


That's comparable to how many powered RTUs the LEC had in town and many 
fewer utility-powered field nodes than would have been present if it had 
been in AT Lightspeed territory.


Now, I have no idea what the backup line power is in practice on that 
Comcast plant.  I know that Bright House/Spectrum, in an another area 
I've supported, has very little backup on many residential-only parts of 
their plant.  I've observed that they have, in practice, maybe 15-30 
minutes of hold-up before DOCSIS nodes start dropping.

--
Brandon Martin

Re: Comcast outages continue even in areas with PG power restored

[Matt Hoppes]

And this is why the distributed nature of small node’s is detrimental in an 
extended power outage.

There is no practical way to back them up with power for an extended period of 
time.

> On Oct 11, 2019, at 8:44 PM, Sean Donelan  wrote:
> 
> 
> Why you don't have Comcast service during a power outage:
> 
> Throughout the state, Comcast equipment was knocked offline by PG’s power 
> shutdown, Hammel said. The cable company was “only using generators in very 
> discrete and specific cases where there’s a demonstrated need,” such as a 
> request from the Federal Emergency Management Agency, she said.

Re: Comcast outages continue even in areas with PG power restored

[Sean Donelan]

Why you don't have Comcast service during a power outage:

Throughout the state, Comcast equipment was knocked offline by PG’s 
power shutdown, Hammel said. The cable company was “only using generators 
in very discrete and specific cases where there’s a demonstrated need,” 
such as a request from the Federal Emergency Management Agency, she said.

Re: Comcast outages continue even in areas with PG power restored

[Michael Thomas]

On 10/11/19 4:31 PM, Sean Donelan wrote:
The FCC asked a half-dozen carriers about their network resilience 
plans last month.  Comcast was not one of the service providers askedd 
about their plans.


The FCC should have looked closer at Comcast in California. While it 
was expected many people would loose home Internet, voice, video 
service when their Customer Premise Equipment lost power. The FCC no 
longer requires battery backup for CPE.  That is now a customer 
responsibility.


It turns out, Comcast's outside plant was woefully unprepared to 
handle long, i.e. 24 hour, power outages.  And even when power is 
restored to people's homes, Comcast service is often still down.


So I knew that telcos are required to battery backup pots, but are isp's 
too? I have a dinky little provider who also provides pots, but i have 
never been clear whether dsl stays up too in a blackout.


Mike

Comcast outages continue even in areas with PG power restored

[Sean Donelan]

The FCC asked a half-dozen carriers about their network resilience plans 
last month.  Comcast was not one of the service providers askedd about 
their plans.


The FCC should have looked closer at Comcast in California. While it was 
expected many people would loose home Internet, voice, video service when 
their Customer Premise Equipment lost power.  The FCC no longer requires 
battery backup for CPE.  That is now a customer responsibility.


It turns out, Comcast's outside plant was woefully unprepared to handle 
long, i.e. 24 hour, power outages.  And even when power is restored to 
people's homes, Comcast service is often still down.


https://www.ktvu.com/news/still-no-relief-pge-shutoffs-disrupt-comcast-services


Maybe the FCC needs to ask about cable system Outside Service Plant 
network reslience of Comcast.  Are other cable OSP resilience similar?

Re: Cogent & FDCServers: Knowingly aiding and abetting fraud and theft?

[William Herrin]

On Fri, Oct 11, 2019 at 7:16 AM Daniel Seagraves <
dseag...@humancapitaldev.com> wrote:

> > On Oct 11, 2019, at 6:28 AM, Stephane Bortzmeyer 
> wrote:
> >
> > I nitpick, but "never transferred the block" is not the same thing as
> > "never authorized Cogent to announce it”.
>
> This should not be just a “nitpick". AT announces our extremely legacy
> ARIN allocation for us because we do not qualify to have an ASN, but I
> absolutely did not, will not, and *have actively resisted attempts to*
> transfer the block to them. I would sooner have my gums tattooed than give
> up my address space. Having an ASN was not a requirement when we were
> allocated the resource, and I don’t see why we should be punished for being
> early adopters.
>

Getting an AS number is as easy as getting two $20/month virtual servers
(e.g. from Vultr and one other provider) and then applying for one from
ARIN on the grounds that you're multihomed. As a bonus, you can actually
announce it from the VPS provider with a couple prepends, link back to your
site with a VPN through whatever cheap commodity backup path you can get
and actually be multihomed.

Regards,
Bill Herrin


-- 
William Herrin
b...@herrin.us
https://bill.herrin.us/

Weekly Routing Table Report

[Routing Analysis Role Account]

This is an automated weekly mailing describing the state of the Internet
Routing Table as seen from APNIC's router in Japan.

The posting is sent to APOPS, NANOG, AfNOG, SANOG, PacNOG, SAFNOG
TZNOG, MENOG, BJNOG, SDNOG, CMNOG, LACNOG and the RIPE Routing WG.

Daily listings are sent to bgp-st...@lists.apnic.net

For historical data, please see http://thyme.rand.apnic.net.

If you have any comments please contact Philip Smith .

Routing Table Report   04:00 +10GMT Sat 12 Oct, 2019

Report Website: http://thyme.rand.apnic.net
Detailed Analysis:  http://thyme.rand.apnic.net/current/

Analysis Summary


BGP routing table entries examined:  777809
Prefixes after maximum aggregation (per Origin AS):  297091
Deaggregation factor:  2.62
Unique aggregates announced (without unneeded subnets):  374612
Total ASes present in the Internet Routing Table: 65830
Prefixes per ASN: 11.82
Origin-only ASes present in the Internet Routing Table:   56598
Origin ASes announcing only one prefix:   24228
Transit ASes present in the Internet Routing Table:9232
Transit-only ASes present in the Internet Routing Table:278
Average AS path length visible in the Internet Routing Table:   4.5
Max AS path length visible:  44
Max AS path prepend of ASN ( 27978)  31
Prefixes from unregistered ASNs in the Routing Table:26
Number of instances of unregistered ASNs:26
Number of 32-bit ASNs allocated by the RIRs:  29021
Number of 32-bit ASNs visible in the Routing Table:   23771
Prefixes from 32-bit ASNs in the Routing Table:  108141
Number of bogon 32-bit ASNs visible in the Routing Table:16
Special use prefixes present in the Routing Table:0
Prefixes being announced from unallocated address space:390
Number of addresses announced to Internet:   2841790080
Equivalent to 169 /8s, 98 /16s and 70 /24s
Percentage of available address space announced:   76.8
Percentage of allocated address space announced:   76.8
Percentage of available address space allocated:  100.0
Percentage of address space in use by end-sites:   99.4
Total number of prefixes smaller than registry allocations:  259262

APNIC Region Analysis Summary
-

Prefixes being announced by APNIC Region ASes:   208984
Total APNIC prefixes after maximum aggregation:   60980
APNIC Deaggregation factor:3.43
Prefixes being announced from the APNIC address blocks:  203440
Unique aggregates announced from the APNIC address blocks:85088
APNIC Region origin ASes present in the Internet Routing Table:   10088
APNIC Prefixes per ASN:   20.17
APNIC Region origin ASes announcing only one prefix:   2809
APNIC Region transit ASes present in the Internet Routing Table:   1506
Average APNIC Region AS path length visible:4.6
Max APNIC Region AS path length visible: 25
Number of APNIC region 32-bit ASNs visible in the Routing Table:   5110
Number of APNIC addresses announced to Internet:  770945664
Equivalent to 45 /8s, 243 /16s and 178 /24s
APNIC AS Blocks4608-4864, 7467-7722, 9216-10239, 17408-18431
(pre-ERX allocations)  23552-24575, 37888-38911, 45056-46079, 55296-56319,
   58368-59391, 63488-64098, 64297-64395, 131072-141625
APNIC Address Blocks 1/8,  14/8,  27/8,  36/8,  39/8,  42/8,  43/8,
49/8,  58/8,  59/8,  60/8,  61/8, 101/8, 103/8,
   106/8, 110/8, 111/8, 112/8, 113/8, 114/8, 115/8,
   116/8, 117/8, 118/8, 119/8, 120/8, 121/8, 122/8,
   123/8, 124/8, 125/8, 126/8, 133/8, 150/8, 153/8,
   163/8, 171/8, 175/8, 180/8, 182/8, 183/8, 202/8,
   203/8, 210/8, 211/8, 218/8, 219/8, 220/8, 221/8,
   222/8, 223/8,

ARIN Region Analysis Summary


Prefixes being announced by ARIN Region ASes:228800
Total ARIN prefixes after maximum aggregation:   106664
ARIN Deaggregation factor: 2.15
Prefixes being announced from the ARIN address blocks:   226991
Unique aggregates announced from the ARIN address blocks:108048
ARIN Region origin ASes present in the Internet Routing Table:18601
ARIN Prefixes per ASN:12.20
ARIN 

Re: "Using Cloud Resources to Dramatically Improve Internet Routing"

[Valdis Klētnieks]

On Fri, 11 Oct 2019 12:02:30 +0200, Warren Kumari said:

> I haven't found the actual work that is being referenced here, and I
> *am* quite skeptical based upon the title / premise -- but, I suspect
> (well, hope) that this is just another instance of complex technical
> material being munged by marketing / reporters into something
> unrecognizable -- note that "This article was originally published by
> the UMass News Office."
>
> Here is an abstract of one of Yang Song, Arun Venkataramani, Lixin
> Gao's earlier papers:
> "BGP is known to have many security vulnerabilities due to the very
> nature of its underlying assumptions of trust among independently
> operated networks. ()

I'm fighting *really* hard to try to avoid collapsing that abstract down to
"We realized that malicious actors can force the occurrence of BGP wedgies".

(I've seen far too many proposals in the last 48 hours from people who obviously
never encountered section (4) of RFC1925...)


pgph3KkPdSta2.pgp
Description: PGP signature

Re: California public safety power shutdowns

[Stephen Satchell]

On 10/11/19 8:01 AM, Ethan O'Toole wrote:
>> request went all the way to the Court.  The reason for access?  They ran
>> the electronics on bottled propane (NOT mains power AC) and they needed
>> to swap full tanks for the empties.  This was several months into my
>> stint on that site.
>> Not all generators run on diesel, I learned.
> 
> You can drive a gasoline generator with natural gas and propane, there
> is just less energy so it takes more of those fuels to get the same
> energy output.
> 
> There are also fuel cells that take LPG.
> 
> Was this a really tiny microcell? I wouldn't think they could run for
> months on bottled LPG if there is any kind of real load at the site.
> 
>     - Ethan

Not a tiny microcell.  The casino in question is located in Incline
Village, on the shore of Lake Tahoe and in prime ski country.  The
downside of ski country is that you have fairly frequent power outages
in winter due to weather, plus the long haul through mountains of fair
capacity transmission lines.

Now I could be mistaken, and the propane was for a stand-by generator.

Re: California public safety power shutdowns

[Ethan O'Toole]

request went all the way to the Court.  The reason for access?  They ran
the electronics on bottled propane (NOT mains power AC) and they needed
to swap full tanks for the empties.  This was several months into my
stint on that site.
Not all generators run on diesel, I learned.


You can drive a gasoline generator with natural gas and propane, there is 
just less energy so it takes more of those fuels to get the same energy 
output.


There are also fuel cells that take LPG.

Was this a really tiny microcell? I wouldn't think they could run for 
months on bottled LPG if there is any kind of real load at the site.


- Ethan

Re: Cogent & FDCServers: Knowingly aiding and abetting fraud and theft?

[Daniel Seagraves]

> On Oct 11, 2019, at 6:28 AM, Stephane Bortzmeyer  wrote:
> 
> I nitpick, but "never transferred the block" is not the same thing as
> "never authorized Cogent to announce it”.

This should not be just a “nitpick". AT announces our extremely legacy ARIN 
allocation for us because we do not qualify to have an ASN, but I absolutely 
did not, will not, and *have actively resisted attempts to* transfer the block 
to them. I would sooner have my gums tattooed than give up my address space. 
Having an ASN was not a requirement when we were allocated the resource, and I 
don’t see why we should be punished for being early adopters.

Re: Graphical databases ?

[Yan Filyurin]

I am also in the process of consideration, but there are people out there who 
did a lot more more.  

https://github.com/corestate55/netomox 

Some ideas could be borrowed. And the use of RFC8345 is very interesting 
because it is hopefully an evolving standard.  If only someone could do 
something similar with Openconfig models. 

With that being said there are all kinds of other database alternatives.  I can 
think of several other graph databases and I even heard of people using MongoDB 
as graph database.

There are also tools like Gephi that are more in line as graphical tools as 
opposed to graph databases.  So it is a matter of finding the right frontend 
and with the right graph database backend. 

There was some experimentation with Cytoscape and and the idea was not 
necessarily to keep inventory, but be able to simulate dependencies and do 
analysis like indirect impacts.  

It does not directly answer the question, but hopefully gives some ideas. 

Yan

> On Oct 11, 2019, at 5:05 AM, Simone Ricci  wrote:
> 
> Hello Craig,
> 
> although I think we’re slightly off topic here, please be aware that neo4j is 
> not a graphical database (eg. it doesn’t aim to be gui-driven), but a *graph* 
> one: this characteristic tells you about the paradigm the db engine uses to 
> organize and indicize data; it’s just another flavour, the others being - for 
> example - relational and document databases.
> 
> Operationally wise is quite hassle free, also has an integrated backup tool 
> which does its job; being a java application it consumes a fair amount of ram 
> just to run :-)…it uses lucene under the hood (just as elasticsearch does), 
> so memory wise you should take dataset size into account and plan 
> accordingly. Our dataset is very small so I can’t be very helpful on this 
> matter. Runs nicely in docker and there’s also an official image.
> 
> I use it for outside plant documentation, for me does its job definitely 
> better than an excel file, but it’s not so user friendly: the data 
> visualization tool does its job but feels more a PoC than a mature 
> application, and it’s read only…so for data entry you have to manually write 
> queries. I’m looking to integrate it with a proper GIS solution in the future.
> 
> TL;DR: it’s fine if you want to use it as a database for your application, 
> but it’s not a complete application by itself (even if the integrated data 
> visualization tool does its job pretty well). Operationally wise is a piece 
> of cake, also runs nicely in docker.
> 
> Regards
> Simone
> 
>> Il giorno 11 ott 2019, alle ore 04:14, Craig > > ha scritto:
>> 
>> Has anyone used the graphical data base software:
>> https://neo4j.com/ 
>> 
>> I looked at this software several years ago, but it will still relatively 
>> new. 
>> We are exploring using this to create dependencies of our network 
>> infrastructure hardware, customer information, etc. etc. 
>> 
>> here is an example:
>> https://neo4j.com/graphgist/network-dependency-graph 
>> 
>> 
>> For those that have used it:
>> Has anyone been able to successfully use this for their networks? 
>> pros/cons/good/bad
>> 
>> Is maintaining the data a chore? 
>> Has it helped operationally?
>> 
>> if anyone has any input would appreciate hearing from you;
>> 
>> thanks;
>> 
>> CPV
> 
> 

Re: Graphical databases ?

[Simone Ricci]

Hello Craig,

although I think we’re slightly off topic here, please be aware that neo4j is 
not a graphical database (eg. it doesn’t aim to be gui-driven), but a *graph* 
one: this characteristic tells you about the paradigm the db engine uses to 
organize and indicize data; it’s just another flavour, the others being - for 
example - relational and document databases.

Operationally wise is quite hassle free, also has an integrated backup tool 
which does its job; being a java application it consumes a fair amount of ram 
just to run :-)…it uses lucene under the hood (just as elasticsearch does), so 
memory wise you should take dataset size into account and plan accordingly. Our 
dataset is very small so I can’t be very helpful on this matter. Runs nicely in 
docker and there’s also an official image.

I use it for outside plant documentation, for me does its job definitely better 
than an excel file, but it’s not so user friendly: the data visualization tool 
does its job but feels more a PoC than a mature application, and it’s read 
only…so for data entry you have to manually write queries. I’m looking to 
integrate it with a proper GIS solution in the future.

TL;DR: it’s fine if you want to use it as a database for your application, but 
it’s not a complete application by itself (even if the integrated data 
visualization tool does its job pretty well). Operationally wise is a piece of 
cake, also runs nicely in docker.

Regards
Simone

> Il giorno 11 ott 2019, alle ore 04:14, Craig  ha scritto:
> 
> Has anyone used the graphical data base software:
> https://neo4j.com/ 
> 
> I looked at this software several years ago, but it will still relatively 
> new. 
> We are exploring using this to create dependencies of our network 
> infrastructure hardware, customer information, etc. etc. 
> 
> here is an example:
> https://neo4j.com/graphgist/network-dependency-graph 
> 
> 
> For those that have used it:
> Has anyone been able to successfully use this for their networks? 
> pros/cons/good/bad
> 
> Is maintaining the data a chore? 
> Has it helped operationally?
> 
> if anyone has any input would appreciate hearing from you;
> 
> thanks;
> 
> CPV

Re: AWS issues with 172.0.0.0/12

[Jay Borkenhagen]

I'm surprised that no one else has corrected this, so allow me to do
so for the record.

No, Mehmet's public IP was _not_ from the RFC 1918 172.16.0.0/16
range. 

One of the public ipv4 ranges that AT assigns subscriber addresses
from is 172.0.0.0/12: [ 172.0.0.0 - 172.15.255.255 ]

 https://whois.arin.net/rest/net/NET-172-0-0-0-1

One of the private ipv4 ranges set aside by RFC 1918 is the
neighboring 172.16.0.0/12: [ 172.16.0.0 - 172.31.255.255 ]

 https://whois.arin.net/rest/net/NET-172-16-0-0-1



We notice more mis-originations of our 172.0.0.0/12 space and its
more-specifics than any of our other ipv4 blocks, probably because
other folks are similarly confused.  So please, if you intend to use
RFC1918 space, please check your filters to make sure you're using
172.16.0.0/12 and not our 172.0.0.0/12.

Jay B.


Mehmet Akcin writes:
 > Yes
 > 
 > On Wed, Oct 9, 2019 at 20:46 Javier J  wrote:
 > 
 > > I'm just curious, was the ip in the RFC 1918 172.16.0.0/16 range?
 > >
 > > https://tools.ietf.org/html/rfc1918
 > >
 > >
 > >
 > > On Mon, Oct 7, 2019 at 6:01 PM Mehmet Akcin  wrote:
 > >
 > >> To close the loop here (in case if someone has this type of issue in the
 > >> future), I have spoken to AT instead of trying to work it out with AWS
 > >> Hosted Vendor, Reolink.
 > >>
 > >> AT Changed my public IP, and now I am no longer in that 172.x.x.x
 > >> block, everything is working fine.
 > >>
 > >> mehmet
 > >>
 > >> On Thu, Oct 3, 2019 at 2:54 PM Javier J 
 > >> wrote:
 > >>
 > >>> Auto generated VPC in AWS use RFC1819 addresses. This should not
 > >>> interfere with pub up space.
 > >>>
 > >>> What is the exact issue? If you can't ping something in AWS chances are
 > >>> it's a security group blocking you.
 > >>>
 > >>>
 > >>>
 > >>> On Tue, Oct 1, 2019, 7:00 PM Jim Popovitch via NANOG 
 > >>> wrote:
 > >>>
 >  On October 1, 2019 9:39:03 PM UTC, Matt Palmer 
 >  wrote:
 >  >On Tue, Oct 01, 2019 at 04:50:33AM -0400, Jim Popovitch via NANOG
 >  >wrote:
 >  >> On 10/1/2019 4:09 AM, Christopher Morrow wrote:
 >  >> > possible that this is various AWS customers making
 >  >iptables/firewall mistakes?
 >  >> >"block that pesky rfc1918 172/12 space!!"
 >  >>
 >  >> AWS also uses some 172/12 space on their internal network (e.g. the
 >  >network
 >  >> that sits between EC2 instances and the AWS external firewalls)
 >  >
 >  >Does AWS use 172.0.0.0/12 internally, or 172.16.0.0/12?  They're
 >  >different
 >  >things, after all.
 >  >
 > 
 >  I don't know their entire operations, but they do use some
 >  172.16.0.0/12
 >  addresses internally. And yes, that is very different than 172/12, sorry
 >  for the confusion.
 > 
 >  -Jim P.
 > 
 >  --
 > Mehmet
 > +1-424-298-1903

Re: Cogent & FDCServers: Knowingly aiding and abetting fraud and theft?

[Masataka Ohta]

Stephane Bortzmeyer wrote:

On Fri, Oct 11, 2019 at 08:14:00PM +0900,
  Masataka Ohta  wrote
  a message of 34 lines which said:


they said they have never transferred the block



So, RADB entry:

...

route:  146.51.0.0/16
origin: AS174

...

is confirmed to be registration fraud.


I nitpick, but "never transferred the block" is not the same thing as
"never authorized Cogent to announce it".


Cogent? I think cogent is innocent.

What, do you think:

changed:e...@netstyle.io 20190710  #17:02:13Z

mean?

Masataka Ohta

Re: Cogent & FDCServers: Knowingly aiding and abetting fraud and theft?

[Stephane Bortzmeyer]

On Fri, Oct 11, 2019 at 08:14:00PM +0900,
 Masataka Ohta  wrote 
 a message of 34 lines which said:

> they said they have never transferred the block

> So, RADB entry:
...
>   route:  146.51.0.0/16
>   origin: AS174
...
> is confirmed to be registration fraud.

I nitpick, but "never transferred the block" is not the same thing as
"never authorized Cogent to announce it".

Re: Cogent & FDCServers: Knowingly aiding and abetting fraud and theft?

[Masataka Ohta]

As I wrote:


 143.136.0.0/16
 143.253.0.0/16
 146.51.0.0/16

I tried to make contact myself with the legit owners of all of the above,
but found it to be quite difficult.  The registered owner of the first
one appears to have gone into hiding on a remote island someplace.



Both relocated. I send queries to the current contact points.


I get reply from technical people in a company, which has
originally assigned:

146.51.0.0/16

they said they have never transferred the block and allow me
to post so here.

So, RADB entry:

https://pastebin.com/raw/ZNgNuvtt
route:  146.51.0.0/16
origin: AS174
descr:  Cogent
mnt-by: MAINT-AS199267
changed:e...@netstyle.io 20190710  #17:02:13Z
source: RADB

is confirmed to be registration fraud.

Masataka Ohta

Re: "Using Cloud Resources to Dramatically Improve Internet Routing"

[Warren Kumari]

On Mon, Oct 7, 2019 at 4:45 PM Stephane Bortzmeyer  wrote:
>
> On Fri, Oct 04, 2019 at 03:52:26PM -0400,
>  Phil Pishioneri  wrote
>  a message of 9 lines which said:
>
> > Using Cloud Resources to Dramatically Improve Internet Routing
> > UMass Amherst researchers to use cloud-based ‘logically centralized
> > control’
>
> Executive summary: it's SDN for BGP. Centralizing Internet routing,
> what could go wrong? (As the authors say, "One reason is there is no
> single entity that has a big picture of what is going on, no
> manager". I wonder who will be Internet's manager.)
>
> Otherwise, an impressive amount of WTF. My favorite: "while
> communication by servers ___on the ground___ might take hundreds of
> milliseconds, in the cloud the same operation may take only one
> millisecond from one machine to another" I thought that universities
> were full of serious people, but university of Massachusets may be an
> exception?



I haven't found the actual work that is being referenced here, and I
*am* quite skeptical based upon the title / premise -- but, I suspect
(well, hope) that this is just another instance of complex technical
material being munged by marketing / reporters into something
unrecognizable -- note that "This article was originally published by
the UMass News Office."

Here is an abstract of one of Yang Song, Arun Venkataramani, Lixin
Gao's earlier papers:
"BGP is known to have many security vulnerabilities due to the very
nature of its underlying assumptions of trust among independently
operated networks. Most prior efforts have focused on attacks that can
be addressed using traditional cryptographic techniques to ensure
authentication or integrity, e.g., BGPSec and related works. Although
augmenting BGP with authentication and integrity mechanisms is
critical, they are, by design, far from sufficient to prevent attacks
based on manipulating the complex BGP protocol itself. In this paper,
we identify two serious attacks on two of the most fundamental goals
of BGP-to ensure reachability and to enable ASes to pick routes
available to them according to their routing policies-even in the
presence of BGPSec-like mechanisms. Our key contributions are to (1)
formalize a series of critical security properties, (2) experimentally
validate using commodity router implementations that BGP fails to
achieve those properties, (3) quantify the extent of these
vulnerabilities in the Internet's AS topology, and (4) propose simple
modifications to provably ensure that those properties are satisfied"

I'm assuming that it this were passed through many company /
university news / marketing orgs it would be translated into:
"The core protocol that makes all of the Internet, all e-commerce,
Internet banking and e-coin torrenting malware protection is
vulnerable to hackers stealing your identity. All existing efforts
have failed, because quantum computers can break cryptography. Our
researchers have identified simple attacks which bypass all Internet
security mechanisms and firewalls, and have demonstrated these
vulnerabilities in the wild. In order to protect Internet banking and
blockchain, and to ensure free elections, they have also developed a
simple and effective new system keep everyone secure. Contact us at
licens...@university.org to learn how to license this critical
technology. Click  to enroll in University, where you too can
learn to fix the Interwebs and earn lots of money."

W
-- 
I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.
   ---maf

Re: California public safety power shutdowns

[Stephen Satchell]

On 10/10/19 8:46 PM, Javier J wrote:
> I have an alternative view. the more generators are running, the more
> trucks semt to refuel the tanks, the more moving parts, the more likely an
> accident is prone to happen somewhere. It's thr same reason you turn your
> vehicles engine off when you fill up at the gas station.
> 
> Diesel doesn't combust easily without conpression, but I'm pretty sure you
> can find incidents where diesel engines catch fire. maybe the roof of a
> datacenter is not a risk factor, but in thinking remote antennas on the top
> of a mountain anything can happen.

When I was between jobs in IT, I worked as a security guard for a year.
 During that year, the company I worked for supplied on-prem security
for a bankrupt casino at Lake Tahoe.

When one of the cell phone companies requested access to their equipment
located on the roof of the parking garage (space they leased) the
request went all the way to the Court.  The reason for access?  They ran
the electronics on bottled propane (NOT mains power AC) and they needed
to swap full tanks for the empties.  This was several months into my
stint on that site.

Not all generators run on diesel, I learned.

Re: Quantum Internet Article - Netherlands

[Scott Weeks]

--- rod.b...@unitedcablecompany.com wrote:

https://www.quantamagazine.org/stephanie-wehner-is-designing-a-quantum-internet-20190925/
[https://d2r55xnwy6nx47.cloudfront.net/uploads/2019/09/WehnerQA_1200x630.jpg]
To Invent a Quantum Internet - Quanta 
Magazine
Fifty years after the current internet was born, the physicist and computer 
scientist Stephanie Wehner is planning and designing the next internet — a 
quantum one. The first data ever transmitted over Arpanet, the precursor of the 
internet, blipped from a computer at the University of California ...
www.quantamagazine.org
-


Also see IRTF's Qirg.   https://irtf.org/qirg

scott

Re: California public safety power shutdowns

[Sean Donelan]

A pre-announced power shut-down is a bit like an open-book disaster exam.
If a city wasn't prepared for a blackout, its going to be a lot worse 
after a major earthquake (or other catastrophe) hits.




PG CEO Bill Johnson admitted during a Thursday evening press conference 
that the utility thoroughly botched its Public Safety Power Shutoff, 
apologizing to customers.

[...]
Johnson also apologized for all the technical problems with the PG 
website and promised to get them right next time.


“Our website crashed several times. Our maps are inconsistent and maybe in 
correct. Our call centers were overloaded,” said Johnson. “To put it 
simply, we were not adequately prepared to support the operational event.”




https://www.washingtonpost.com/technology/2019/10/11/pge-shut-down-power-too-many-internet-users-shut-down-its-website/
[...]
PG says the site was never completely inaccessible, but that it was slow 
to load amid heavy traffic.


PG spokesman Paul Doherty said the utility doubled its server capacity 
in advance of the outages but that the traffic levels were eight times 
what PG expected and slowed the site significantly. He said he did not 
know exactly how many people had tried to visit the site.


Doherty said the utility made efforts to inform affected customers over 
email, text and phone calls so they would know whether they were likely to 
be in the outage zone. The company says it has since addressed the issues 
with its website.

[...]