Confirmed outage on their side. Should be resolved now.
Drive Slow,
Paul Wall
On Wed, Aug 27, 2008 at 1:37 AM, Scott Berkman
[EMAIL PROTECTED] wrote:
We've also been seeing some weird (hard to track down) issues all day
with Level 3 in both Tampa and Atlanta, especially from our NMS systems
On 27 aug 2008, at 7:58, Paul Wall wrote:
- single loopback/single IP for all peers, or;
- each peer with its own loopback/IP?
You should use caution when using loopback IP addresses and building
external multihop BGP sessions. By permitting external devices to
transmit packets to your
Hi all
ls it possible t convert the interger to ip
Thank you
On Wed Aug 27, 2008 at 07:11:41AM -0400, kcc wrote:
ls it possible t convert the interger to ip
Yes.
Simon
I search google but couldn't get any solution
Can you send me information?
Thank you
On Wed, Aug 27, 2008 at 7:13 AM, Simon Lockhart [EMAIL PROTECTED] wrote:
On Wed Aug 27, 2008 at 07:11:41AM -0400, kcc wrote:
ls it possible t convert the interger to ip
Yes.
Simon
Simon Lockhart wrote:
On Wed Aug 27, 2008 at 07:11:41AM -0400, kcc wrote:
ls it possible t convert the interger to ip
Yes.
If you are using 128-bit integers, which according to some will also
change some day, thus one should be using struct addrinfo and:
getaddrinfo()
getnameinfo()
as
kcc wrote:
I search google but couldn't get any solution
Can you send me information?
Sure!
http://www.catb.org/~esr/faqs/smart-questions.html
Iljitsch van Beijnum wrote:
On 27 aug 2008, at 7:58, Paul Wall wrote:
- single loopback/single IP for all peers, or;
- each peer with its own loopback/IP?
You should use caution when using loopback IP addresses and building
external multihop BGP sessions. By permitting external devices to
Easiest way.
Take the integer, plug it into windows 'calc'.
Go to 'View: Scientific'.
Hit 'Hex'. That will show you the hex representation of the integer. Notice
that it's either 7 or 8 characters long.
If it's 7, prepend it with a 0.
Break that into 4 groups of 2. Those are the hex
On 27 aug 2008, at 14:16, Steve Bertrand wrote:
The only reason I use loopbacks for eBGP multihop is so that if one
of my physical interfaces goes down taking a transit link with it,
these particular sessions will attempt to re-establish via another
path.
Actually they should stay up.
Iljitsch van Beijnum wrote:
The advantage of a separate loopback address is that if you ever have
any trouble, you can simply remove that address and the trouble is gone,
too. This wouldn't work for the loopback address you also use for iBGP
or a physical interface.
Ok. It probably would
On Wed, Aug 27, 2008 at 02:27:24PM +0200,
Iljitsch van Beijnum [EMAIL PROTECTED] wrote
a message of 14 lines which said:
Easiest way.
$ ping 1089055123
PING 1089055123 (64.233.169.147): 56 data bytes
It relies on an undocumented feature (it is not in RFC 791, nor in
getaddrinfo() manual)
The harder way:
Decimal: 1089055123
Hex (dashes inserted at octals): 40-E9-A9-93
Decimal (of each octet): 64-233-169-147
IP Address: 64.233.169.147
Robert D. Scott [EMAIL PROTECTED]
Senior Network Engineer 352-273-0113 Phone
CNS - Network Services 352-392-2061
Robert D. Scott wrote:
The harder way:
Decimal: 1089055123
Hex (dashes inserted at octals): 40-E9-A9-93
Decimal (of each octet): 64-233-169-147
IP Address: 64.233.169.147
The Python way
import socket, struct
socket.inet_ntoa(struct.pack('l', 1089055123))
'64.233.169.147'
ls it possible t convert the interger to ip
#!/usr/local/bin/perl
# Perl script to convert between numeric and dotted quad IPs.
# give credit to Paul Gregg for this one
while (STDIN) {
chomp; $input = $_;
if (/\./) {
($a, $b, $c, $d) = split(/\./);
$decimal = $d + ($c * 256) + ($b
For the curious,
have a look at the IASON tools
http://iason.site.voila.fr/
and try
c:~$ natnum 1089055123
host_look(64.233.169.147,1089055123,1089055123).
host_name(64.233.169.147,yo-in-f147.google.com).
natnum takes a hostname, an integer or an IPv4 address and
shows you the IPv4
-Original Message-
From: kcc [mailto:[EMAIL PROTECTED]
Sent: Wednesday, August 27, 2008 7:12 AM
To: nanog@nanog.org
Subject: interger to I P address
Hi all
ls it possible t convert the interger to ip
Thank you
My two cents:
# ping 1089055123
PING 1089055123 (64.233.169.147)
Robert D. Scott wrote:
The harder way:
Decimal: 1089055123
Hex (dashes inserted at octals): 40-E9-A9-93
Decimal (of each octet): 64-233-169-147
IP Address: 64.233.169.147
The this could take all day way :
(in bc with scale=0 for integer portions only)
1089055123/(2^24)%(2^8)
64
Normally, I don't participate in this sort of thing, but I'm a sucker
for a there's more than one way to do it challenge.
Shadow wrote:
Robert D. Scott wrote:
The harder way:
Decimal: 1089055123
Hex (dashes inserted at octals): 40-E9-A9-93
Decimal (of each octet): 64-233-169-147
IP
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 08/27/2008 11:50 AM, Andree Toonk wrote:
| #or in one line, like ipcalc does:
| sub ntoa_in_one_line { join(., unpack(, pack(N, $_[0]))); }
For completeness:
sub aton_in_one_line { unpack('N',pack('C4',split(/\./,$_[0]))); }
Thanks,
ep
-
In MySQL :
mysql SELECT INET_NTOA(ip_in_decimal) AS ipa;
.. or the reverse :
mysql SELECT INET_ATON('dotted.quad') AS ipn;
On Wed, Aug 27, 2008 at 09:22:40AM -0700, Michael Thomas wrote:
Kevin Oberman wrote:
Date: Tue, 26 Aug 2008 16:53:24 -0400
From: Bill Bogstad [EMAIL PROTECTED]
Not sure what this will actually mean in the long run, but it's at
least worth noting.
The harder way:
Decimal: 1089055123
Hex (dashes inserted at octals): 40-E9-A9-93 Decimal (of
each octet):
64-233-169-147 IP Address: 64.233.169.147
The Python way
import socket, struct
socket.inet_ntoa(struct.pack('l', 1089055123))
'64.233.169.147'
The Perl way:
sub ntoa
{
my
Date: Wed, 27 Aug 2008 09:22:40 -0700
From: Michael Thomas [EMAIL PROTECTED]
Kevin Oberman wrote:
Date: Tue, 26 Aug 2008 16:53:24 -0400
From: Bill Bogstad [EMAIL PROTECTED]
Not sure what this will actually mean in the long run, but it's at
least worth noting.
On 2008/08/27 05:22 PM Dave Israel wrote:
Normally, I don't participate in this sort of thing, but I'm a sucker
for a there's more than one way to do it challenge.
Aww come on, C gets way more fun than that ;)
#define _u8 unsigned char
#define _u32 unsigned long
int main(void) {
_u32
Sorry to be continuing this thread, but I find a certain kind of elegance in
bash which isn't actually there, but helps me sleep at night.
bash# iptoint(){ oct1=`echo $1|awk -F\. '{print $1}'`; oct2=`echo $1|awk -F\.
'{print $2}'`; oct3=`echo $1|awk -F\. '{print $3}'`; oct4=`echo $1|awk -F\.
Colin Alston wrote:
On 2008/08/27 05:22 PM Dave Israel wrote:
Normally, I don't participate in this sort of thing, but I'm a sucker
for a there's more than one way to do it challenge.
Aww come on, C gets way more fun than that ;)
#define _u8 unsigned char
#define _u32 unsigned long
int
On Wed, 27 Aug 2008 09:53:26 -0700
Kevin Oberman [EMAIL PROTECTED] wrote:
So the question I have is... will operators (ISP, etc) turn on
DNSsec checking? Or a more basic question of whether you even
_could_ turn on checking if you were so inclined?
As far as I can see, at least with
On Wed, Aug 27, 2008 at 10:25:10AM -0400, Shadow wrote:
Robert D. Scott wrote:
The harder way:
Decimal: 1089055123
Hex (dashes inserted at octals): 40-E9-A9-93
Decimal (of each octet): 64-233-169-147
IP Address: 64.233.169.147
The this could take all day way :
(in bc with
In a message written on Wed, Aug 27, 2008 at 10:14:48AM -0700, David Conrad
wrote:
Note that if you do turn on DNSSEC, you're going to have to make sure
the trust anchors you configure get updated. Trust anchors have a
validity period and if they're not updated before they expire
Steven M. Bellovin wrote:
On Wed, 27 Aug 2008 09:53:26 -0700
Kevin Oberman [EMAIL PROTECTED] wrote:
So the question I have is... will operators (ISP, etc) turn on
DNSsec checking? Or a more basic question of whether you even
_could_ turn on checking if you were so inclined?
As far as I can
Sorry to be continuing this thread, but I find a certain kind of elegance in
bash which isn't actually there, but helps me sleep at night.
bash# iptoint(){ oct1=`echo $1|awk -F\. '{print $1}'`; oct2=`echo $1|awk -F\.
'{print $2}'`; oct3=`echo $1|awk -F\. '{print $3}'`; oct4=`echo $1|awk
Somebody's going to bring in Emacs now. Then somebody else will claim VI can
do it faster and using less memory
Argh. ;-)
--p
-Original Message-
From: Joe Greco [mailto:[EMAIL PROTECTED]
Sent: Wednesday, August 27, 2008 1:29 PM
To: [EMAIL PROTECTED]
Cc: nanog@nanog.org
Subject:
Date: Wed, 27 Aug 2008 19:25:03 +0200
From: Jeroen Massar [EMAIL PROTECTED]
Steven M. Bellovin wrote:
On Wed, 27 Aug 2008 09:53:26 -0700
Kevin Oberman [EMAIL PROTECTED] wrote:
So the question I have is... will operators (ISP, etc) turn on
DNSsec checking? Or a more basic question
On 2008/08/27 07:07 PM Robert Kisteleki wrote:
(unsigned char)(((char*)i)[3]),
Ahh yes, I was trying to remember that pattern. I saw it in an
embedded device long ago :P
Kevin Oberman wrote:
[..]
Right. The real questions are the clients and the trust anchor -- what
root key do you support?
A distributed one. I personally don't really see an issue with
downloading a public key for every TLD out there. These keys could come
in a pack even by an OS
On Wed, Aug 27, 2008 at 13:00:41PM -0400, [EMAIL PROTECTED] wrote:
Sorry to be continuing this thread, but I find a certain kind of elegance in
bash which isn't actually there, but helps me sleep at night.
the (well, one of many, probably) REXX way:
PARSE VALUE D2X(ARG(1)) WITH a 3 b 5 c 7 d
Jeroen Massar wrote:
Steven M. Bellovin wrote:
On Wed, 27 Aug 2008 09:53:26 -0700
Kevin Oberman [EMAIL PROTECTED] wrote:
So the question I have is... will operators (ISP, etc) turn on
DNSsec checking? Or a more basic question of whether you even
_could_ turn on checking if you were so
The PHP way:
echo long2ip('1089055123');
Boyd, Benjamin R wrote:
The PHP way:
function convertIntegerToIpv4($integer)
{
$max_value = pow(2,32); //4,294,967,296
$bug_fix = 0;
settype($integer, float);
if($integer 2147483647) $bug_fix = 16777216;
Actually, who needs loops for that?
...
(unsigned char)(((char*)i)[3]),
(unsigned char)(((char*)i)[2]),
(unsigned char)(((char*)i)[1]),
(unsigned char)(((char*)i)[0])
Let data structures work for you.
#include stdio.h
main(int argc, char *argv[])
{
union {
unsigned
Very much agreed on all points (leased may have been more appropriate).
It was a customer, im just the techie in this instance. Certified
letters have been sent and contracts signed, that phone number used to
work. I spoke with the ORG handle over the phone, since then its looks
like he's
OK... I'll bite...
The pedantic way:
No. IP addresses are already integers. All conversation
on this topic has been about how to convert between
different methods of representing integers, but, at the
end of the day, IP addresses are either 32 (IPv4) or
128 (IPv6) bit integers. There is no
On Wed, 27 Aug 2008, Jay R. Ashworth wrote:
I too have a cage at Hampton Oaks, 10M up and 10M tail to me over OC-12,
and I had problems 15-1630ish to wired.com and zimbra.com, among other
sites; mtr had no appreciable loss tracing, but upper layer protocols
were hincky. It was clear by the
From: Jon Lewis [mailto:[EMAIL PROTECTED]
We have gigE to Level3 in Orlando, and saw something happen
around 1pm today. Customers were complaining of latency and
packet loss, and our traffic to/from L3 dropped noticably if
only for a few minutes.
It sounded like based on Craig's post
On Wed, Aug 27, 2008 at 05:50:44PM +0200, Andree Toonk wrote:
The Perl way:
sub ntoa_in_one_line { join(., unpack(, pack(N, $_[0]))); }
print ntoa_in_one_line(1089055123) . \n;
dec2ip
awk '{ print int($1 / 16777216) . int($1 % 16777216 / 65536) . int($1 %
65536 / 256) . int($1 % 256) }'
On Wed, Aug 27, 2008 at 4:40 PM, David Hubbard
[EMAIL PROTECTED] wrote:
From: Jon Lewis [mailto:[EMAIL PROTECTED]
We have gigE to Level3 in Orlando, and saw something happen
around 1pm today. Customers were complaining of latency and
packet loss, and our traffic to/from L3 dropped
On Wed, 27 Aug 2008 18:51:27 -, Johnny Eriksson said:
The Tops-10/DDT way:
.r ddt
Gonna be hard to top that one for sheer old-skool geekitude.
(No, it's OK, the monitor needed cleaning anyhow... :)
pgpqbqFum3MLL.pgp
Description: PGP signature
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Yo All!
ls it possible t convert the interger to ip
# php -r 'echo ip2long(196.3.39.209), \n;'
RGDS
GARY
- ---
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR
Dear community,
sharktech.net hosts irc-server for botnets and does not respond to
abuse notifications.
Kind regards,
ingo flaschberger
geschaeftsleitung
---
netstorage-crossip-flat:fee
powered by
crossip communications gmbh
---
sebastian
On Wed, 27 Aug 2008, David Hubbard wrote:
be. The tech I spoke to this morning said he had no
knowledge of any issues yesterday, of course my ticket
also had none of the information I sent in to them
yesterday or even a clear description of what the
problem was
We opened a ticket for
On Aug 27, 2008, at 10:25 AM, Jeroen Massar wrote:
Right. The real questions are the clients and the trust anchor --
what
root key do you support?
A distributed one. I personally don't really see an issue with
downloading a public key for every TLD out there. These keys could
come
in a
Just speaking of the IANA ITAR...
On Aug 27, 2008, at 10:35 AM, Kevin Oberman wrote:
How do you propose to establish the initial trust for these keys?
Current plan:
- The IANA ITAR will be reachable via HTTPS, so you could trust the CA
IANA uses for that website (don't know who that is
On 28/08/2008, at 8:38 AM, Randy Bush wrote:
her at the apnic meeting, we are indulging for a bit into the deep
topic
of how ot textually represent 32-bit AS numbers. is it . or
? while we readily admit that a deep many year discussion
of a
dot is clearly a topic for the
On Aug 27, 2008, at 11:03 AM, Michael Thomas wrote:
Of course embedded frobs that don't
auto-update like, oh say, your favorite router could be problematic.
You have a router that supports DNSSEC that can't be made to do some
form of auto-update?
In any case, the point of my first
Perl provides some cleaner methods for interpreting/displaying IPs.
There isn't a formal standard notation for an IP that looks like a string of
decimal digits with no dots though.
I.e. no RFC will define the host byte order and tell you that 127.0.0.1
corresponds to the decimal integer
David Conrad wrote:
On Aug 27, 2008, at 11:03 AM, Michael Thomas wrote:
In any case, the point of my first question was really about the
concern of false positives. Do we really have any idea what will
happen if you hard fail dnssec failures?
As far as I'm aware, there is no 'soft fail' for
Most likely the issue was communication between the NOC and the
service management center. The NOC deals with the core facing events
versus the SMC which takes the incoming calls from the customers. In
this case the issue was identified and resolved in the NOC.
Perhaps the RFO was not
Michael,
On Aug 27, 2008, at 5:15 PM, Michael Thomas wrote:
Sure, but my point is that if DNSsec all of a sudden has some
relevance
which is not the case today, any false positives are going to come
into
pretty stark relief.
Yep.
As in, .gov could quite possibly setting themselves
up
Has anyone noticed significant Level3 transit issues this evening?
[wrl@REDACTED ~]$ traceroute ae-23-52.car3.Chicago1.Level3.net
traceroute to ae-23-52.car3.Chicago1.Level3.net (4.68.101.39), 30 hops max, 40
byte packets
[...]
4 ge-6-1-101.hsa1.Cleveland1.Level3.net (64.156.66.29) 2.627 ms
hehe
new. hehe
Maybe something will change now' though, it was a great and impressive
presentation, hijacking the defcon network and tweaking TTL to hide it.
On Thu, 28 Aug 2008, Frank wrote:
http://blog.wired.com/27bstroke6/2008/08/revealed-the-in.html
Two security researchers have
Some infrastructure blocks are not routed to portions of the network
but should not affect ultimate reachability as long as the correct
loopbacks and directly connected networks are advertised properly.
regards
On Aug 27, 2008, at 6:42 PM, William R. Lorenz wrote:
Has anyone noticed
At Wed, 27 Aug 2008 18:51:27 WET DST, Johnny Eriksson wrote:
The Tops-10/DDT way:
Hmm, ITS TECO is a bit more verbose in this case:
1089055123u14q1377.\0j46i0jq1/400.u1d$$
Nothing will change. You think DNSSEC is hard? Try getting support for the
deployment of S-BGP or soBGP. Without a trust anchor and lots of community
support it will remain largely an academic interest area.
Marc
--Original Message--
From: Gadi Evron
To: Frank
Cc: NANOG list
Sent:
On Wed, 27 Aug 2008 [EMAIL PROTECTED] wrote:
Nothing will change. You think DNSSEC is hard? Try getting support for the
deployment of S-BGP or soBGP. Without a trust anchor and lots of community
support it will remain largely an academic interest area.
I guess it will just remain a cool
Yes, wonderful preso! My biggest take-away was the fact that the vast majority
of the attendees did not understand the gravity of the demo. The same thing
could be said about Dan's talk. It was over the heads of most attendees.
Marc
--Original Message--
From: Gadi Evron
To: Sachs,
On Wed, Aug 27, 2008 at 9:52 PM, [EMAIL PROTECTED] wrote:
Yes, wonderful preso! My biggest take-away was the fact that the
vast majority of the attendees did not understand the gravity of the
demo.
Agreed on both counts: the presentation was great, and largely not
understood it seemed.
I'll have to admit that the TTL manipulation was something I had not thought
about. But why not? If you are going to purloin EVERY packet then why not
re-write byte 8 in every IP header to a value of your choosing? Very cool.
Marc
--Original Message--
From: Jason Ross
To: Sachs,
Any known issues across ATT's network? Got a couple calls for some
access issues, I'm seeing roughly 15% loss at a couple of paths at the
ATT network edge.
I'm thinking and afraid that by reading this thread we have opened Pandora's
box even further than it was opened!
* * * * *
Allen Bass
Manager, Technology Operations
Arise Virtual Solutions Inc.
3450 Lakeside Drive, Suite 620
Miramar, Florida 33027
www.arise.com
-Original Message-
1. The technique is not new it is well known BGP behavior and not stealthy to
people who route for a living.
2. When your networks use VPNs, MPLS, IPsec, SSL et al you can control what
packets are going where.
3. When you are running some number of trace routes per hour to see how and
where
On Aug 27, 2008, at 11:07 PM, John Lee wrote:
1. The technique is not new it is well known BGP behavior and not
stealthy to people who route for a living.
Using existing technology in novel ways is still novel. Plus it makes
the technique more accessible. (Perhaps that is not a good
what do mpls, ipsec tunnels, ssl have anything to do with someone
announcing your address space and hijacking youre prefixes??
i think we all know this is not new.. and these guys didnt claim it to
be.. they're not presenting this to a 'xNOG' crowd, defcon has a
different type of audience..im not
Patrick,
VPN's and MPLS control intermediate hops and IPsec and SSL do not allow the
info to be seen.
Rewriting the TTL only hides the number of hop count, trace route will still
show the hops the packet has transited.
John (ISDN) Lee
From: Patrick W.
On Wed, Aug 27, 2008, John Lee wrote:
Patrick,
VPN's and MPLS control intermediate hops and IPsec and SSL do not allow the
info to be seen.
Rewriting the TTL only hides the number of hop count, trace route will still
show the hops the packet has transited.
No, traceroute shows the hops
Adrian,
The traceroute utility that I used gave me a list of hops that the packet I was
interested in transited and a time when it transited the hop. When the TTL was
reached it would terminate the listing.
When ever I had performance issues on my networks or with my networks links it
would
Internap notified us that they were shutting down their peering with
ATT (AS7018) at their Dallas facility and was asking them to
investigate but there were no listed causes for it.
At approximately 21:34 CDT on August 27th, 2008, we were notified
that the
link with ATT peer (AS 7018) in
Concur; I'm seeing two ds3's (one ptp and one ipfr) down. Down time 21:20
CDT. Meh.
On Wed, Aug 27, 2008 at 11:04 PM, Paul Bertain [EMAIL PROTECTED] wrote:
Internap notified us that they were shutting down their peering with ATT
(AS7018) at their Dallas facility and was asking them to
Howdy,
Careful, this appears to not be inline with another persons thoughts. Not
mine mind you.
Anything concerning an end network is not relevant to this list.
lol
I am however, very interested in the content/replies thus far. Very
entertaining.
Ok, sorry, back to the scheduled programs.
On Aug 27, 2008, at 11:47 PM, John Lee wrote:
The traceroute utility that I used gave me a list of hops that the
packet I was interested in transited and a time when it transited
the hop. When the TTL was reached it would terminate the listing.
You are very confused how traceroute works.
John Lee wrote:
Adrian,
The traceroute utility that I used gave me a list of hops that the
packet I was interested in transited and a time when it transited the
hop. When the TTL was reached it would terminate the listing.
But if I can control your traffic I could change everything,
Oh. Dallas, too , even.
On Wed, Aug 27, 2008 at 11:08 PM, jamie [EMAIL PROTECTED] wrote:
Concur; I'm seeing two ds3's (one ptp and one ipfr) down. Down time 21:20
CDT. Meh.
On Wed, Aug 27, 2008 at 11:04 PM, Paul Bertain [EMAIL PROTECTED] wrote:
Internap notified us that they were
At 09:40 PM 27-08-08 -0400, [EMAIL PROTECTED] wrote:
I beg to differ. What will change is a serious uptick in the number of
prefixes (279K) in the routing tables as everyone rushes to deaggregate to
/24 size. A year ago we were at 230K, how much you wanna bet we don't just
add 40K routes
At 11:32 PM 27-08-08 -0500, John Lee wrote:
Thanks guys, going back to my Comer one more time. My issue, question was
whether the organization doing the hijacking controlled all of the routers
in the new modified path or only some of them?
John (ISDN) Lee
They didn't have control of any
On Thu, 28 Aug 2008, Hank Nussbacher wrote:
At 11:32 PM 27-08-08 -0500, John Lee wrote:
Thanks guys, going back to my Comer one more time. My issue, question was
whether the organization doing the hijacking controlled all of the routers
in the new modified path or only some of them?
John
On Aug 28, 2008, at 1:40 AM, Jim Popovitch wrote:
On Thu, Aug 28, 2008 at 1:22 AM, Patrick W. Gilmore
[EMAIL PROTECTED] wrote:
Assuming it is in the wrong place, you may be able to detect the
intrusion. But most people do not run traceroutes all day and
watch for it
to change. If you run
85 matches
Mail list logo
