I will be out of the office starting 12/30/2009 and will not return until
01/04/2010.
If you need immediate assistance please call TechSupport at 651-665-5000.
Totally out of the box, but here goes: why don't we run the entire
Internet management plane out of band
This has been one of my favorite conversation-stoppers for years. The
PSTN fought tooth and nail against the need for OOB control, but
2600hz was a problem that they could not solve, so
On Tuesday 29 December 2009 22:22:05 Randy Bush wrote:
None of us knows precisely what we're going to absolutely require, or
merely want/prefer, tomorrow or the next day, much less a year or two
from now. Unless, of course, we choose to optimize (constrain)
functionality so tightly around
On Wed, Dec 23, 2009 at 01:58:47AM -0500, Christopher Morrow wrote:
The ARIN meetings (at least) are open, please come and help guide
policies. I'm sure RIPE also wouldn't mind a discussion, if there
could be some positive policy outcome.
Why should I or anyone else do that? It will cost us,
If ARIN and/or RIPE and/or ICANN and/or anyone else were truly
interested in making a dent in the problem, then they would have
already paid attention to our collective work product.
the rirs, the ietf, the icann, ... each think they are the top of the
mountain. we are supposed to come to
If ARIN and/or RIPE and/or ICANN and/or anyone else were truly
interested in making a dent in the problem, then they would have
already paid attention to our collective work product.
the rirs, the ietf, the icann, ... each think they are the top of the
mountain. we are supposed to come to
David Hiers wrote:
If the world wants an internet that is as predictable and reliable as
the PSTN, it'll bear the cost of protecting the control plane. A
fundamental choice in the protection scheme is physical architecture.
IB or OOB, it's always a good thing to be explicit in design
decisions,
On Tue, Dec 29, 2009 at 12:19:32PM -0500, Jared Mauch wrote:
[snip]
Apparently I forgot the rant tag, but really, if you have sane
CoPP policies, you are mostly protected. If the vendor does not
provide this capability, please STOP BUYING THEIR CRAP.
Another fine example of broken
Not sure whether this is an appropriate place to post this, but I thought
I'd give it a shot, since you're all knowledgeable folks with regard to
networking things...
At home, I currently run two DSL lines. Right now, we just have two
separate LANs, one connected to each line, with my
Do you control or have access to the provider side-the PPPoE server-and would
both PPPoE connections hit the same PPPoE server at the provider? If so, I
recommend setting up a PPP multilink with both DSL lines. The DSL provider
would have to support that capability. I also recommend something
On Dec 30, 2009, at 10:49 AM, Paul Bennett wrote:
Not sure whether this is an appropriate place to post this, but I thought I'd
give it a shot, since you're all knowledgeable folks with regard to
networking things...
At home, I currently run two DSL lines. Right now, we just have two
Paul Bennett wrote:
At home, I currently run two DSL lines. Right now, we just have two
separate LANs, one connected to each line, with my wife's devices
attached to one, and my devices attached to the other. For a while now,
I've been thinking about setting up a load-balancing routing
2x DSL not so backhoe-resistant.
I like mixing cable with dsl. Tasty disparate paths (modulo garden shears
applied to the single ingres point to your basement) if not technologies, orgs
and methodologies. Or radio + dsl, or pigeon + mule, take your pick.
Would be great if you could rate your
On Wed, Dec 30, 2009 at 10:46 AM, Ken Chase m...@sizone.org wrote:
2x DSL not so backhoe-resistant.
I like mixing cable with dsl. Tasty disparate paths (modulo garden shears
applied to the single ingres point to your basement) if not technologies,
orgs
and methodologies. Or radio + dsl, or
Hi all,
Happy new year...
I have a question regarding multi-homing, mostly from stub network's
operational point of view. My big question is: what kind of failures
do you usually see from your providers? Link down? Link up, but
withdraw some routes? Link up, no route change, but blackholing
Simon Chen wrote:
Hi all,
Happy new year...
I have a question regarding multi-homing, mostly from stub network's
operational point of view. My big question is: what kind of failures
do you usually see from your providers? Link down? Link up, but
withdraw some routes? Link up, no route
Simon-
We do exactly what you are trying to accomplish. We have two routers and two
providers. Provider A is our primary and we receive partial routes from them
(no static route). Then Router B is connected to Provider B with no default
route (basically it looks like we are not advertising
If you are using Cisco...
http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6554/ps6599/ps8787/product_data_sheet0900aecd806c4ee4.html
On Wed, Dec 30, 2009 at 12:38 PM, Dylan Ebner dylan.eb...@crlmed.comwrote:
Simon-
We do exactly what you are trying to accomplish. We have two
I got this email inquiring about data center space, from the most
honest scumbag, *EVER* today. Operational relevance? Well, if
everyone would turn these people down, we'd have a lot less problems
to deal with. Sadly, requests like these happen far too often, but
never have I had someone
On Dec 30, 2009, at 1:04 PM, Jerry Pasker wrote:
I got this email inquiring about data center space, from the most honest
scumbag, *EVER* today. Operational relevance? Well, if everyone would turn
these people down, we'd have a lot less problems to deal with. Sadly,
requests like these
On Dec 30, 2009, at 1:04 PM, Jerry Pasker wrote:
I got this email inquiring about data center space, from the most honest
scumbag, *EVER* today. Operational relevance? Well, if everyone would turn
these people down, we'd have a lot less problems to deal with. Sadly,
requests like these
On Wed, Dec 30, 2009 at 12:02 PM, Simon Chen simonche...@gmail.com wrote:
I have a question regarding multi-homing, mostly from stub network's
operational point of view. My big question is: what kind of failures
do you usually see from your providers? Link down? Link up, but
withdraw some
I use a T1/26xx for primary and a sprint datacard in a little NAT router for
secondary. The two boxes sit on the same LAN but provide different gateway
IP addresses. The sprint router does the DHCP, so things that ask for DHCP
wind up using that as the primary. Some boxes use the 26xx as
On Dec 30, 2009, at 10:49 AM, Paul Bennett wrote:
Is it going to be a more-effective solution to drop a few bucks on the 2960
and go through the hassle of learning how to set it up (and then setting it
up), or would I be better off putting a secured Linux distro (e.g.
gentoo-hardened, or
On Wed, Dec 30, 2009 at 2:03 PM, Jared Mauch ja...@puck.nether.net wrote:
On Dec 30, 2009, at 10:49 AM, Paul Bennett wrote:
Is it going to be a more-effective solution to drop a few bucks on the
2960 and go through the hassle of learning how to set it up (and then
setting it up), or would
At home, I currently run two DSL lines. Right now, we just have two
separate LANs, one connected to each line, with my wife's devices attached
to one, and my devices attached to the other. For a while now, I've been
thinking about setting up a load-balancing routing solution to give both
of
On Wed, Dec 30, 2009 at 2:03 PM, Jared Mauch ja...@puck.nether.net wrote:
Back at the Toronto NANOG I bumped into someone who had an interesting
solution to the multihoming problem.
What they had was a machine that would key/sequence the packets and send
them out each connection
On Dec 30, 2009, at 2:08 PM, Dorn Hetzel wrote:
I guess that method presume some cooperating box out there on the net
somewhere to coordinate the far end?
Yes. This allowed the provider to use a variety of different technologies to
reach a site, eg: IP over CATV, DSL, Fiber, Wireless,
All,
I know this has been discussed to some degree before and I have
searched the archives. However is it seems in my previous posts to this
list about anything, the truly useful replies are the private replies
ones that don't make it to this list.
We are considering the InterNAP
Call me offline.
Ric.
214-442-0555
-Original Message-
From: Michael J McCafferty [mailto:m...@m5computersecurity.com]
Sent: Wednesday, December 30, 2009 2:59 PM
To: nanog
Subject: InterNAP FCP (again?)
All,
I know this has been discussed to some degree before and I have
Interesting article about RBN, it's spin-offs and the global network
infrastructure used for cybercrime. Has a passing mention of Atrivo's place
in the global picture.
http://www.newsweek.com/id/228674
Reportedly started by someone operating under the name Flyman, RBN is
known as the mother of
Reportedly started by someone operating under the name Flyman, RBN is
known as the mother of cybercrime among online investigators. François
Paget, senior expert for the McAfee company, says that RBN began as an
Internet provider and offered impenetrable hosting for $600 a month.
This meant
On Wed, Dec 30, 2009 at 11:13:24AM -0500, Steven Bellovin wrote:
I know nothing of how to do this on a Catalyst; for PCs, my own guess
is that you're looking far too high-end. If the issue is relaying to
the outside, I suspect that a small, dedicated Soekris or the like
will do all you need
Would it be possible to string along and coordinate with the appropriate law
enforcement entity?
tv
- Original Message -
From: Jerry Pasker i...@n-connect.net
To: nanog@nanog.org
Sent: Wednesday, December 30, 2009 12:04 PM
Subject: just...wow.
I got this email inquiring about data
Brett Frankenberger wrote:
On Wed, Dec 30, 2009 at 11:13:24AM -0500, Steven Bellovin wrote:
I know nothing of how to do this on a Catalyst; for PCs, my own guess
is that you're looking far too high-end. If the issue is relaying to
the outside, I suspect that a small, dedicated Soekris or
Would it be possible to string along and coordinate with the
appropriate law enforcement entity?
tv
Probably, but the fourth basic law of human stupidity (google it, and
have a laugh) promisees that I would suffer for doing so. It's why
I've never ever attempted to deal with any of these
LOL! That was purty good and mostly true.
Well, I was thinking from the standpoint of 1) They are going somewhere,
maybe not you 2) breaking law(s) 3) someone has to intervene, eventually.
You could apply the above to any crime really. And they essentially told
you they are going to commit
On Dec 30, 2009, at 6:23 PM, Joel Jaeggli wrote:
Brett Frankenberger wrote:
On Wed, Dec 30, 2009 at 11:13:24AM -0500, Steven Bellovin wrote:
I know nothing of how to do this on a Catalyst; for PCs, my own guess
is that you're looking far too high-end. If the issue is relaying to
the
On Thu, Dec 31, 2009 at 4:00 AM, Keith Medcalf kmedc...@dessus.com wrote:
Reportedly started by someone operating under the name Flyman, RBN is
known as the mother of cybercrime among online investigators. François
Paget, senior expert for the McAfee company, says that RBN began as an
Reportedly started by someone operating under the name
Flyman, RBN is known as the mother of cybercrime among
online investigators. François Paget, senior expert for
the McAfee company, says that RBN began as an Internet
provider and offered impenetrable hosting for $600 a
month. This
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Dec 30, 2009 at 8:05 PM, Keith Medcalf kmedc...@dessus.com wrote:
Without a warrant, there is an absolute right to privacy.
It continues to exist right up until either (a) one party chooses
to give up that privacy or (b) a third party
On Wed, 2009-12-30 at 20:12 -0800, Paul Ferguson wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Dec 30, 2009 at 8:05 PM, Keith Medcalf kmedc...@dessus.com wrote:
Without a warrant, there is an absolute right to privacy.
It continues to exist right up until either (a) one
Ferg nailed it. I'll shut up now as he's made my point and its new
year's eve ..
On Thu, Dec 31, 2009 at 9:42 AM, Paul Ferguson fergdawgs...@gmail.com wrote:
That's funny.
You're assuming that the MLAT [1] process works -- it doesn't.
- - ferg
[1]
Hey, I am not sure if this is the question asked in the first email.
If I found a RBN fishing site, and ask RBN to shutdown the site, appears to
me that this will not be done...so I need to block all the RBN cyber space,
or initiate a fight for a warrant?
I would prefer just block RBN sites...
On Wed, Dec 30, 2009 at 11:13 PM, William Pitcock
neno...@systeminplace.net wrote:
It worked against Indymedia UK: http://www.indymedia.org/fbi/
indymedia is in texas, no mlat required.
rbn was actually, for a good portion of their existence, in Russia (I
believe St Petersburg, but my memory
Randy Bush ra...@psg.com writes:
If ARIN and/or RIPE and/or ICANN and/or anyone else were truly
interested in making a dent in the problem, then they would have already
paid attention to our collective work product.
the rirs, the ietf, the icann, ... each think they are the top of the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Dec 30, 2009 at 8:25 PM, Christopher Morrow
morrowc.li...@gmail.com wrote:
On Wed, Dec 30, 2009 at 11:13 PM, William Pitcock
neno...@systeminplace.net wrote:
It worked against Indymedia UK: http://www.indymedia.org/fbi/
indymedia is in
On Wed, 2009-12-30 at 23:25 -0500, Christopher Morrow wrote:
On Wed, Dec 30, 2009 at 11:13 PM, William Pitcock
neno...@systeminplace.net wrote:
It worked against Indymedia UK: http://www.indymedia.org/fbi/
indymedia is in texas, no mlat required.
It was an MLAT initiated by the Dutch
One might say the same about the IETF, which Randy likes to lampoon.
Not sure how it comes up in this context, as (as Randy loves to remind
us) while many operators attend, it is not first-and-foremost an
operational community. As to ICANN, I think Rich may be talking about
the registries
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Dec 30, 2009 at 8:42 PM, Paul Ferguson fergdawgs...@gmail.com
wrote:
On Wed, Dec 30, 2009 at 8:36 PM, William Pitcock
neno...@systeminplace.net wrote:
On Wed, 2009-12-30 at 23:25 -0500, Christopher Morrow wrote:
On Wed, Dec 30, 2009 at
He's also assuming that US on-shore law applies, which it doesn't when
any one party is a non-US person, at which point it passes to the real
of National Security.
-Original Message-
From: Paul Ferguson [mailto:fergdawgs...@gmail.com]
Sent: Wednesday, December 30, 2009 8:12 PM
To:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Dec 30, 2009 at 9:47 PM, Tomas L. Byrnes t...@byrneit.net wrote:
That's funny.
You're assuming that the MLAT [1] process works -- it doesn't.
He's also assuming that US on-shore law applies, which it doesn't when
any one party is a
52 matches
Mail list logo