On Mon, 2011-09-12 at 15:41 -0400, Jared Geiger wrote:
There was a bug where you couldn't use two IPv4 peers and then add
IPv6. I haven't tested the newest versions yet to see if it still
exists. Works great for two IPv4 peers.
Discussion between developers on bugfixes can often be seen in
Hi there,
Any one know what are the acceptable BGP communities are for H.E. and
Deltacom?
At one of our POPs we¹re using an aggregate provider and I need to help them
to fix some prefixes that I am announcing from another POP (ie. Lower the
metric so only use the backhaul for failure of the other
On Mon, 12 Sep 2011 20:48:31 CDT, Jimmy Hess said:
One thing.. the OP was asking about anyone using Vyatta for BGP.
Using Vyatta for BGP doesn't necessarily mean the Vyatta unit is actually a
device
forwarding the packets... someone could be using it as a route server, or for
otherwise
On Mon, 12 Sep 2011 22:38:57 BST, Nick Hilliard said:
Let's throw some figures around (ridiculously simplified): a company has a
choice between a pair of $10k software routers or something like a pair of
MX80s for $25k each. So, one solution costs $20k; the other $50k. $30k
cost difference
*a random php programmer shows*
He, I just want to self-sign my CERT's and remove the ugly warning that
browsers shows. I don't want to pay 1000$ a year, or 1$ a year for that. I
just don't want to use cleartext for internet data transfer. HTTP is like
telnet, and HTTPS is like ssh. But with ssh
Once upon a time, Tei oscar.vi...@gmail.com said:
He, I just want to self-sign my CERT's and remove the ugly warning that
browsers shows.
SSL without some verification of the far end is useless, as a
man-in-the-middle attack can create self-signed certs just as easily.
--
Chris Adams
Hi NANOG,
27 ops have already responded to our routing policies survey; we're
hoping to gather more responses before the week is over. We're
collecting information about how you configure routing policies in
your network to improve the models we use in our research on routing
and security.
Really? You can just connect with SSH?
root@somebox:~# ssh 1.2.3.4
The authenticity of host '1.2.3.4 (1.2.3.4)' can't be established.
RSA key fingerprint is 03:26:2c:b2:cd:fd:05:fc:87:70:4b:06:58:40:e7:c3.
Are you sure you want to continue connecting (yes/no)?
That's no different that having
On 9/13/2011 10:29 AM, Tei wrote:
*a random php programmer shows*
He, I just want to self-sign my CERT's and remove the ugly warning that
browsers shows. I don't want to pay 1000$ a year, or 1$ a year for that. I
just don't want to use cleartext for internet data transfer. HTTP is like
telnet,
On Tue, Sep 13, 2011 at 09:45:39AM -0500, Chris Adams wrote:
Once upon a time, Tei oscar.vi...@gmail.com said:
He, I just want to self-sign my CERT's and remove the ugly warning that
browsers shows.
SSL without some verification of the far end is useless, as a
man-in-the-middle attack can
On Tue, 13 Sep 2011 16:29:30 +0200, Tei said:
He, I just want to self-sign my CERT's and remove the ugly warning that
browsers shows. I don't want to pay 1000$ a year, or 1$ a year for that. I
The warning is there for a *reason* - namely that if you have a self-signed
cert, a first time visitor
Once upon a time, Brett Frankenberger rbf+na...@panix.com said:
On Tue, Sep 13, 2011 at 09:45:39AM -0500, Chris Adams wrote:
Once upon a time, Tei oscar.vi...@gmail.com said:
He, I just want to self-sign my CERT's and remove the ugly warning that
browsers shows.
SSL without some
At 22-07-28164 20:59, Tei wrote:
*a random php programmer shows*
He, I just want to self-sign my CERT's and remove the ugly warning that
browsers shows. I don't want to pay 1000$ a year, or 1$ a year for that. I
just don't want to use cleartext for internet data transfer. HTTP is like
telnet,
Once upon a time, valdis.kletni...@vt.edu valdis.kletni...@vt.edu said:
If you use SSH to connect, and either ignore the host key has changed or
authenticity can't be established, continue connecting? messages, you get
what you deserve - those are the *exact* same issues that your browser warns
On 2011-09-13 20:26, Christopher Morrow wrote:
On Tue, Sep 13, 2011 at 11:22 AM, Michiel Klavermich...@klaver.it wrote:
No need for (financial) pain, there are free of charge ssl certificates
available, see for example:
http://www.startssl.com/?app=1
eddy stopped issuing
Huh? I'm a bit
On Tue, Sep 13, 2011 at 11:33 PM, Jima na...@jima.tk wrote:
On 2011-09-13 20:26, Christopher Morrow wrote:
On Tue, Sep 13, 2011 at 11:22 AM, Michiel Klavermich...@klaver.it
wrote:
No need for (financial) pain, there are free of charge ssl certificates
available, see for example:
On Tue, Sep 13, 2011 at 11:44 PM, Christopher Morrow
morrowc.li...@gmail.com wrote:
On Tue, Sep 13, 2011 at 11:33 PM, Jima na...@jima.tk wrote:
On 2011-09-13 20:26, Christopher Morrow wrote:
On Tue, Sep 13, 2011 at 11:22 AM, Michiel Klavermich...@klaver.it
wrote:
No need for (financial)
On 14/09/11 13:44, Christopher Morrow wrote:
On Tue, Sep 13, 2011 at 11:33 PM, Jima na...@jima.tk wrote:
Huh? I'm a bit lost here, since I had two StartSSL certs issued yesterday
afternoon.
orly? wierd, they made a press release ~last-june (I think?) stating
they were stopping issuance
On Sep 8, 2011, at 9:52 AM, Dan Wing wrote:
-Original Message-
From: Christian de Larrinaga [mailto:c...@firsthand.net]
Sent: Thursday, September 08, 2011 8:05 AM
To: Cameron Byrne
Cc: NANOG
Subject: what about the users re: NAT444 or ?
I wonder if the discussion as useful as it
Good point, but aside from these scaling issues which I expect can be
resolved to a point, the more serious issue, I think, is applications
that just do not work with double NAT. Now, I have not conducted any
serious research into this, but it seems that draft-donley-nat444-
impacts does
One can do that with or without NAT. This claim that one cannot
keep a network running without a service provider connected if you
don't run NAT is a myth of dubious origin.
If the hosts are running DHCP, and the ISP is running the DHCP
server? I guess they will fall back (after a while) to
-Original Message-
From: Owen DeLong [mailto:o...@delong.com]
Sent: Tuesday, September 13, 2011 9:43 PM
To: Dan Wing
Cc: 'Leigh Porter'; 'David Israel'; nanog@nanog.org
Subject: Re: NAT444 or ?
Good point, but aside from these scaling issues which I expect can
be
resolved to
22 matches
Mail list logo