On Fri, Feb 11, 2022 at 5:58 PM Jon Lewis wrote:
> On Fri, 11 Feb 2022, Lyndon Nerenberg (VE7TFX/VE6BBM) wrote:
>
> > On an EX4300 switch running JunOS 14.1 let's imagine I typed
> >
> > config
> > delete interfaces
> >
> > before coming to my senses. How am I supposed to back out
My first question is how are you running 14 code on that hardware??
On Fri, Feb 11, 2022 at 20:12 Lyndon Nerenberg (VE7TFX/VE6BBM) <
lyn...@orthanc.ca> wrote:
> Nick Suan via NANOG writes:
> > I was actually interested to see if the EX series would let me do this,
> and i
> > t turns out that if
Nick Suan via NANOG writes:
> I was actually interested to see if the EX series would let me do this, and i
> t turns out that if STP is enabled on any of the switch interfaces, it won't:
> tevruden@core-02# commit check
> [edit protocols rstp]
> 'interface'
> XSTP : Interface ge-0/0/0.0 is
In my location, I can get 1.5M from CenturyLink. That is the only hardwired
option. Typical speeds was around 700K. I spent the money and installed my own
180ft tower and a microwave connection to a bigger town that I could get a
fiber circuit at. Now we have linked up several other smaller
I was actually interested to see if the EX series would let me do this, and it
turns out that if STP is enabled on any of the switch interfaces, it won't:
tevruden@core-02# delete interfaces
{master:0}[edit]
tevruden@core-02# commit check
[edit protocols rstp]
'interface'
XSTP :
Marco Davids via NANOG writes:
> rollback 0
OFFS 8-0 Thanks :-)
On Fri, 11 Feb 2022, Lyndon Nerenberg (VE7TFX/VE6BBM) wrote:
On an EX4300 switch running JunOS 14.1 let's imagine I typed
config
delete interfaces
before coming to my senses. How am I supposed to back out of that
mess? For the life of me, after a week of reading the 3000
20 miles from Sacramento.
Mother-in-law has an ATT DSLAM *at the end of her driveway* on
the other side of the street. ATT swears she can get internet. Until
she tries to sign up, and "oh no... wrong side of the street"
She is at 700Kbps over a WISP ... *after* she trimmed the trees to
On Fri, Feb 11, 2022 at 5:26 PM Ryan Hamel wrote:
> If it's before committing the changes just run "top" to get back to the
> root of the configuration tree, then "rollback 0" to go back to the version
> before any changes were made, then just "exit" out.
>
> Ryan
>
>
> On Fri, Feb 11, 2022,
If it's before committing the changes just run "top" to get back to the
root of the configuration tree, then "rollback 0" to go back to the version
before any changes were made, then just "exit" out.
Ryan
On Fri, Feb 11, 2022, 2:20 PM Lyndon Nerenberg (VE7TFX/VE6BBM) <
lyn...@orthanc.ca> wrote:
rollback 0
Op 11-02-22 om 23:18 schreef Lyndon Nerenberg (VE7TFX/VE6BBM):
On an EX4300 switch running JunOS 14.1 let's imagine I typed
config
delete interfaces
before coming to my senses. How am I supposed to back out of that
mess? For the life of me, after a week of reading
On an EX4300 switch running JunOS 14.1 let's imagine I typed
config
delete interfaces
before coming to my senses. How am I supposed to back out of that
mess? For the life of me, after a week of reading the 3000 page
reference manual, and endless DuckDuckGoing, I cannot see a
The house was completed a year or two before my mother's purchase and it
took Comcast another year or two to lay cable. Imagine buying a house
and waiting three to four years for internet service. That does not
qualify as "got service right away" in my mind. The frustrating part,
for me as a
I believe what he said was "Comcast did eventually lay cable". That was in
a brand new development. It's a brand new house and got service right
away. What more do you want from providers?
Out in the country, yes, there are the 10k to 100k build out costs all the
time. But that's the country
Excellent example. I see this all.the.time. She could probably get Comcast
just fine by paying $50k buildout or signing a 10 year agreement for
TV/Phone/Internet and convincing 5 neighbors too ;)
*Brandon *
On Fri, Feb 11, 2022 at 1:32 PM Blake Hudson wrote:
> My mom moves to Olathe, KS. The
My example is just from experience. Not hypothetical, but also not a
specific address I can recall or feel like looking up now.
The reality on the ground as someone who sells access to smallish
businesses mostly in California is as I described. You can't see it on a
map or database because the
My mom moves to Olathe, KS. The realtor indicated that ATT, Comcast, and
Google Fiber all provided service to the neighborhood and the HOA
confirmed. Unfortunately for her, Google fiber laid fiber ~3 years
before and her cul-de-sac was developed ~2 years before she moved in. No
Google Fiber,
Because literally every case I've seen along these lines is someone
complaining about the coax connection is "only 100 meg when I pay for 200
meg". Comcast was the most hated company and yet they factually had better
speeds (possibly in part to their subjectively terrible customer service)
for
What is the point of these anecdotes? Surely anyone on this list with even
a passing knowledge of the broadband landscape in the United States knows
how hit or miss it can be. An apartment building could have cheap 1G fiber
and the houses across the street have no option but slow DSL. Houses
Usage of 1.1.1.1 has been widespread amongst wireless controllers for a very
long time, as an address for their captive portals.
Shane
> On Feb 11, 2022, at 3:44 PM, Mike Lewinski via NANOG wrote:
>
> On a related note, I just discovered a NID that has 1.1.1.1 assigned to the
> outband
On a related note, I just discovered a NID that has 1.1.1.1 assigned to the
outband interface by default, and it is apparently not user modifiable. So, not
only can these devices never use 1.1.1.1 for name resolution, but attempts to
determine "is the circuit up" by pinging it will always
OK the one example you provided has gigabit fiber though.
On Fri, Feb 11, 2022 at 8:41 AM Tom Beecher wrote:
> Can you provide examples?
>>
>
> https://www.youtube.com/watch?v=Twe6uTwOyJo_channel=NANOG
>
> Our good friend Jared could only get 1.5M DSL living just outside Ann
> Arbor, MI, so he
The port forwarding only applies to manual NAT traversal. If you use auto
NAT traversal, it takes care of that. Because all of the connections are
coordinated through the dashboard, the Auto-VPN will typically work even if
all nodes are behind NAT. I've used them on the end of Verizon (CG-NAT)
On Fri, Feb 11, 2022 at 10:35 AM Dan Sneddon wrote:
> 1) IPSEC does not lend itself to dynamic routing or dynamic configuration. It
> is very much a static set-it-and-forget-it technology, but that doesn’t work
> in a dynamically changing environment.
Hi Dan,
Depending on how you configure
Dan,
One point you didn’t touch on is that IPSec is integrated into IPv6, typically
hardware-accelerated on the NIC, enabling device-to-device VPNs, mitigates most
of the dynamic issues associated with network-to-network IPSec over IPv4.
Yes, I realize IPv4 is hanging around longer than most
Thank you Joy for de-lurking. I actually was not familiar with ZeroTier, and
this is a space that I thought I was quite familiar with, so I’m glad you
brought it to everyone’s attention. I will look further at ZeroTier, it looks
very interesting.
I am also a very long-time lurker (although I
Recently, there was an attack on Klayswap [1] believed to be due to
BGP hijacking [2]. From the public data on routeviews, we can see that
there were announcements for the hijacked IP ranges, for example:
This is an automated weekly mailing describing the state of the Global
IPv4 Routing Table as seen from APNIC's router in Japan.
The posting is sent to APOPS, NANOG, AfNOG, SANOG, PacNOG, SAFNOG
TZNOG, MENOG, BJNOG, SDNOG, CMNOG, LACNOG and the RIPE Routing WG.
Daily listings are sent to
Mikrotik with RouterOS v7 with WireGuard or ZeroTier were the first things I
thought of, but it might be a a bit premature for a production environment. In
a year, I'd have no problem recommending that.
-
Mike Hammett
Intelligent Computing Solutions
Midwest Internet Exchange
The
On 2/11/22 7:58 AM, Jon Lewis wrote:
8.8.8.8 is already anycasted. What if each large ISP (for whatever
definition of large floats your boat) setup their own internal
instance(s) of 8.8.8.8 with a caching DNS server listening, and handled
the traffic without bothering GOOG?
I've
On 2022-02-11 10:11 a.m., Mike Hammett wrote:
A system always checking to see if "Internet" is up is different than
"I think something is wrong, let me check".
Yeah. I've had ping tests fail in false-positive and false-negative
scenarios and the take away isn't that there IS a problem, but
Huh
--
J. Hellenthal
The fact that there's a highway to Hell but only a stairway to Heaven says a
lot about anticipated traffic volume.
> On Feb 11, 2022, at 09:10, Tom Beecher wrote:
>
> I am disappointed but not surprised to see this discussion on NANOG.
> Encouraging Users to use
I think we need to deliniate the conversation for human-memorable, on-demand
needs vs. always-on configured needs.
A system always checking to see if "Internet" is up is different than "I think
something is wrong, let me check".
For the always-on systems, how extensive do you want to
>
> I am disappointed but not surprised to see this discussion on NANOG.
> Encouraging Users to use a tool (that is often ignored by the hardware
> targeted) by providing a non-revenue-creating special target does not make
> business sense.
>
To be fair, I don't think this is unique to this
On Fri, Feb 11, 2022 at 09:58:19AM -0500, Jon Lewis wrote:
> So...here's a pair of "what if"s:
>
> What if instead of pinging 8.8.8.8, all these things using it to "test the
> Internet" sent it DNS requests instead? i.e.
> GOOG=$(dig +short @8.8.8.8 google.com)
> if [ -z "$GOOG" ] ; then
>
On Fri, 11 Feb 2022, Mark Tinka wrote:
100% - and this is the crux of the issue.
As a community, it is clear that there is a need for this, and if 8.8.8.8
stops being an anchor for liveliness detection, users will find something
else to replace it with. And we can bet all our Kwacha that it
On Feb 11, 2022, at 8:33 AM, Tom Beecher wrote:
>
> The prediciate assumption that "pinging one destination is a valid check that
> my internet works' is INCORRECT. There is no magical unicorn that could be
> built that could make that true, and 'they're gonna do it anyways' is a poor
>
>
> Can you provide examples?
>
https://www.youtube.com/watch?v=Twe6uTwOyJo_channel=NANOG
Our good friend Jared could only get 1.5M DSL living just outside Ann
Arbor, MI, so he had to start his own CLEC.
I have friends in significantly more rural areas than he lives in ( Niagara
and Orleans
>
> As a community, it is clear that there is a need for this, and if
> 8.8.8.8 stops being an anchor for liveliness detection, users will find
> something else to replace it with. And we can bet all our Kwacha that it
> won't have been designed for that purpose, either.
>
I respectfully strongly
The device that caused this whole conversation has failover functionality. Both
interfaces ping an FQDN (that resolves to 8.8.8.8 and 1.1.1.1, with the device
only latching on to one of those). If any of those meet the failure threshold,
that interface is taken out of the traffic flow.
So
On 2/10/22 19:42, John Todd wrote:
I think it would be fair to say that ICMP echo to easy-to-remember
internet resources is tolerated, but not encouraged, and is probably
not a good idea unless one knows and very well understands the
implications of failure (or success!) modes that don’t
Sabri Berisha writes:
> I read on some mailing list that Meraki likes to ping 8.8.8.8 every
> second... :)
That's probably to be fair with the quad-x dns providers since they
alrady were abusing 1.1.1.1.
Makes me wonder what Meraki uses 9.9.9.9 for :-)
Bjørn
On 2/10/22 22:20, Brian Knight via NANOG wrote:
On 2022-02-10 11:42, John Todd wrote:
"The Prudent Mariner never relies solely on any single aid to
navigation"
It's best to ping multiple targets, and take action only if all
targets do not return replies.
For the odd random ping just to
On 2/10/22 20:27, Tom Beecher wrote:
I guess it depends on what the actual problem trying to be solved is.
If I understand it correctly, the OG issue was someone (who was not
Google) building some monitoring around the assumption of the idea
that ICMP echo-request/reply to 8.8.8.8 would
On 2/9/22 18:19, Joe Greco wrote:
So what people really want is to be able to "ping internet" and so far
the easiest thing people have been able to find is "ping 8.8.8.8" or
some other easily remembered thing.
Pretty much - both people and "things".
Does this mean that perhaps we should
45 matches
Mail list logo