Re: Questions about anycasting setup

[Bill Woodcock]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256


Hello, Anurag.

On Mar 8, 2012, at 9:51 PM, Anurag Bhatia wrote:
>   1. For anycasting does announcing a /24 from different ASNs (of
>   different datacenters) makes sense or it will be an issue to have a block
>   being announced from different ASNs?

Keeping a consistent announcing ASN for your prefix is thought to be 
best-practice, and if you don't do so, eventually there will be people who will 
undoubtedly complain, but there is no technical difficulty with announcing your 
same prefix from multiple origin ASNs.  Any difficulties you encounter will be 
because of people aggressively filtering what they choose to listen to.

>   2. We plan to use this anycasting based setup for DNS during initial few
>   months. Assuming low traffic for DNS say ~10Mbps on average (on 100Mbps
>   port) and transit from just single network (datacenter itself) - is this
>   setup OK for simple software based BGP like Quagga or Bird? 

Yes, and in fact, that's how nearly all large production anycast networks are 
built…  Each anycast instance contains its own BGP speaker, which announces its 
service prefix to adjacent BGP-speaking routers, whether those be your own, or 
your transit-provider's.  Doing exactly as you describe is, in fact, 
best-practice.

>   3. IPv6! - Is /32 is standard? We have only one /32
>   allocation from ARIN and thus if using /32 seems like hard deal - we have
>   to likely get another /32 just for anycasting? or we can use /48 without
>   issues? Also, is /48 a good number for breaking /32 so that we can do /48
>   announcements from different datacenters in simple uni casting setup?

A /48 is quite reasonable.  Announcing a whole /32 just for your anycast 
service would be wasteful.

Good luck!

-Bill




-BEGIN PGP SIGNATURE-
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQIcBAEBCAAGBQJPWakoAAoJEG+kcEsoi3+HQp8P+gORNJ9KCQ4kd303Nuu5TSo2
yqxU7U14hRNRLalPyARRN+up6iJIddiL9e/7BmJFkfWSiY2VacJvrZAx/JUBoVCt
FNP32EpBO8Jci9ix3oLR2zm76c3yaG6du/SDfjyZQ2CZMvz43cjCuwoUbHVK74wt
8LXM6LuyfIIOkFYfRyKs1uSQRNX/+y9rRm8m+tYn35WoJGZ2ZM1A8+CFov00EWoP
5CZGJK9Q5Lw3aCArQFcXWE25WRGyi20K74bkNyd/PtO6BMVnKKlp/StgKNSPR4BN
F4buwhLwxDE4/JH+PX6Xfm9Ol6ty9YFRpAU47iH2QqJmCZuriAGfkiMZEczHGT/w
k6lfcH0e2aqwLY7U3otzPPvxT0qe0gNO87SH+Ej064i+aesECmvru4ZGyFr1jkkl
Ai1zfAKBn0ZMGtsfAF2hFkDLsKVlEdia0HDAfaNIdSoOVMeoV7WA/xmBPdQbZ8pk
n7SC3MPgVoVt4ZOT+6GSSv9So+oDhcA91N/IdmQ2S9tXX1LCk7b7561u/Nh9pJNV
lYG8tlZ9xc3BqSxprA/r8XGgUS6k3y2QjufzoyS7JwfFdzGj7H1d4x/vTGXSVfun
eAuC2BKwXtjIujxdl+7wIwE6RzuHUNeEg1gO/kKNvVVAH3FkU4IN0c8sIbdwKvHa
Gq2Z1Gt9YBn7JkjcfNmB
=4Yhn
-END PGP SIGNATURE-

Questions about anycasting setup

[Anurag Bhatia]

Hello everyone.


I am working on creating a small anycasting based setup with 3-4 servers in
US. Plan is to use this for DNS and later for CDN setups. I have few
confusions in mind and was wondering if you guys here can put some light on
them:


   1. For anycasting does announcing a /24 from different ASNs (of
   different datacenters) makes sense or it will be an issue to have a block
   being announced from different ASNs and I should avoid and prefer having
   own router below datacenters network and eventually use one single ASN to
   announce the anycasting block?


   2. We plan to use this anycasting based setup for DNS during initial few
   months. Assuming low traffic for DNS say ~10Mbps on average (on 100Mbps
   port) and transit from just single network (datacenter itself) - is this
   setup OK for simple software based BGP like Quagga or Bird? Certainly
   colocating routers will be slow & expensive. Does it offer any direct
   advantage in such simple setups?


   3. IPv6! - I am looking at possibility of having support of IPv6 in
   anycast right from start. Can't really find a good prefix size for
   anycasting announcement. I can see Hurricane Electric as well as Google
   using whole /32 block for IPv6. So is /32 is standard? We have only one /32
   allocation from ARIN and thus if using /32 seems like hard deal - we have
   to likely get another /32 just for anycasting? or we can use /48 without
   issues? Also, is /48 a good number for breaking /32 so that we can do /48
   announcements from different datacenters in simple uni casting setup?


I apologize for any wrong questions/logic - really new to this. Please
correct me if I am wrong on any concept.


Appreciate your help.


Thanks.


-- 

Anurag Bhatia
anuragbhatia.com
or simply - http://[2001:470:26:78f::5] if you are on IPv6 connected
network!

Twitter: @anurag_bhatia 
Linkedin: http://linkedin.anuragbhatia.com

Re: Request to lease IP space, or things that make you want to go hmmmmm..

[Suresh Ramasubramanian]

No.  And often you find "dirty" blocks reused by a few ISPs for other, non
email purposes - like once they finally boot a snowshoer off, they take on
a blog spammer or something of the sort.

On Fri, Mar 9, 2012 at 10:37 AM, Owen DeLong  wrote:

> It's not as if those activities are mutually exclusive.
>
>
> Owen
>
> On Mar 8, 2012, at 8:14 PM, Suresh Ramasubramanian wrote:
>
> > The GRE tunnels part of it, together with email marketing, makes this
> > likely to be a snowshoe spam operation.
> >
> > Sure it could be pagerank gaming, blog spamming etc.   But on the balance
> > it smells like snowshoe to me.
>



-- 
Suresh Ramasubramanian (ops.li...@gmail.com)

Re: Request to lease IP space, or things that make you want to go hmmmmm..

[Owen DeLong]

It's not as if those activities are mutually exclusive.

Owen

On Mar 8, 2012, at 8:14 PM, Suresh Ramasubramanian wrote:

> The GRE tunnels part of it, together with email marketing, makes this
> likely to be a snowshoe spam operation.
> 
> Sure it could be pagerank gaming, blog spamming etc.   But on the balance
> it smells like snowshoe to me.
> 
> --srs
> 
> On Fri, Mar 9, 2012 at 6:36 AM, George Michaelson  wrote:
> 
>> 
>> 
>> The value proposition is not spam: that works with unallocated space.
>> 
>> The value proposition is gaming google page rank, by using widely spread
>> and legitimately routed IPs to force your paying customers page rank high,
>> by hits and references. This is a very high value business: one customer
>> paying you big bucks, to have their web high in google pagerank. Not
>> attacking a million mailboxes.
> 
> 
> 
> 
> -- 
> Suresh Ramasubramanian (ops.li...@gmail.com)

RCN having DNS and Possibly other Issues nationwide

[John Palmer (NANOG Acct)]

RCN is having issues nationwide. So far reports are:

Lehigh Valley, PA
Chicago
NYC

Can't tell if its a routing problem or a DNS failure Hopefully not solar 
flares.

Re: Request to lease IP space, or things that make you want to go hmmmmm..

[Suresh Ramasubramanian]

On Fri, Mar 9, 2012 at 9:26 AM, John Levine  wrote:

> >do, but I don't think the primary driver is spam, because spam generates
> a lower
> >income stream, and has higher risks of being RBL or otherwise blocked,
> and can be
> >achieved quickly by use of unrouted space.
>
> I think you overestimate how technically sophisticated snowshoers are.
> I just don't see a lot of spam from hit and run route announcements.
>

More like, they're as sophisticated as they need to be in their routing.
All their sophistication goes into figuring out ISP spam filtering and
bypassing it.

Those phantom route incidents are more often than not associated with bot
traffic, ddos etc rather than snowshoe spam.

-- 
Suresh Ramasubramanian (ops.li...@gmail.com)

Re: Request to lease IP space, or things that make you want to go hmmmmm..

[Suresh Ramasubramanian]

The GRE tunnels part of it, together with email marketing, makes this
likely to be a snowshoe spam operation.

Sure it could be pagerank gaming, blog spamming etc.   But on the balance
it smells like snowshoe to me.

--srs

On Fri, Mar 9, 2012 at 6:36 AM, George Michaelson  wrote:

>
>
> The value proposition is not spam: that works with unallocated space.
>
> The value proposition is gaming google page rank, by using widely spread
> and legitimately routed IPs to force your paying customers page rank high,
> by hits and references. This is a very high value business: one customer
> paying you big bucks, to have their web high in google pagerank. Not
> attacking a million mailboxes.




-- 
Suresh Ramasubramanian (ops.li...@gmail.com)

Re: Request to lease IP space, or things that make you want to go hmmmmm..

[John Levine]

>do, but I don't think the primary driver is spam, because spam generates a 
>lower
>income stream, and has higher risks of being RBL or otherwise blocked, and can 
>be
>achieved quickly by use of unrouted space.

I think you overestimate how technically sophisticated snowshoers are.
I just don't see a lot of spam from hit and run route announcements.

R's,
John

Re: Request to lease IP space, or things that make you want to go hmmmmm..

[George Herbert]

This tactic is extremely well known by spammers. Either sending from the blocks 
or hosting questionable client web (usually spammed URLs).

There really isn't much else people try with this stuff.

Yes, the space quickly goes on *BLs. They don't care; they get more and leave 
you holding the poop.


Sent from my iPhone

On Mar 8, 2012, at 19:10, George Michaelson  wrote:

> 
> On 09/03/2012, at 1:03 PM, Jon Lewis wrote:
> 
>> On Fri, 9 Mar 2012, George Michaelson wrote:
>> 
>>> The value proposition is gaming google page rank, by using widely spread 
>>> and legitimately routed IPs to force your paying customers page rank high, 
>>> by hits and references. This is a very high value business: one customer 
>>> paying you big bucks, to have their web high in google pagerank. Not 
>>> attacking a million mailboxes.
>> 
>> If that's all they want, why not get dedi/vp/cloud servers distributed all 
>> around the globe and use those for hosting the sites used to drive up page 
>> rank?
>> 
> 
> because by renting others space, they get the benefit of hiding in their 
> otherwise normal traffic? plausible denyability?
> 
> I don't know. I used over-pejorative language. this is probably not ALL they 
> want to do, but I don't think the primary driver is spam, because spam 
> generates a lower income stream, and has higher risks of being RBL or 
> otherwise blocked, and can be achieved quickly by use of unrouted space.
> 
> Also, what makes you think they aren't renting VPS? Or (for that matter) 
> founding Virtual Hosting companies, and acquiring address for this purpose? 
> 
> Surely a wise strategy in this space is to have many strategies?
> 
> -G
> 
> PS same: since this goes to address policy, I need to declare that I work for 
> an RIR but I am posting in a personal capacity and nothing I say is a 
> reflection of any RIR address policy. I work in the research department, not 
> in registry/allocations
> 
> 

Re: Request to lease IP space, or things that make you want to go hmmmmm..

[George Michaelson]

On 09/03/2012, at 1:03 PM, Jon Lewis wrote:

> On Fri, 9 Mar 2012, George Michaelson wrote:
> 
>> The value proposition is gaming google page rank, by using widely spread and 
>> legitimately routed IPs to force your paying customers page rank high, by 
>> hits and references. This is a very high value business: one customer paying 
>> you big bucks, to have their web high in google pagerank. Not attacking a 
>> million mailboxes.
> 
> If that's all they want, why not get dedi/vp/cloud servers distributed all 
> around the globe and use those for hosting the sites used to drive up page 
> rank?
> 

because by renting others space, they get the benefit of hiding in their 
otherwise normal traffic? plausible denyability?

I don't know. I used over-pejorative language. this is probably not ALL they 
want to do, but I don't think the primary driver is spam, because spam 
generates a lower income stream, and has higher risks of being RBL or otherwise 
blocked, and can be achieved quickly by use of unrouted space.

Also, what makes you think they aren't renting VPS? Or (for that matter) 
founding Virtual Hosting companies, and acquiring address for this purpose? 

Surely a wise strategy in this space is to have many strategies?

-G

PS same: since this goes to address policy, I need to declare that I work for 
an RIR but I am posting in a personal capacity and nothing I say is a 
reflection of any RIR address policy. I work in the research department, not in 
registry/allocations

Re: Request to lease IP space, or things that make you want to go hmmmmm..

[Jon Lewis]

On Fri, 9 Mar 2012, George Michaelson wrote:

The value proposition is gaming google page rank, by using widely spread 
and legitimately routed IPs to force your paying customers page rank 
high, by hits and references. This is a very high value business: one 
customer paying you big bucks, to have their web high in google 
pagerank. Not attacking a million mailboxes.


If that's all they want, why not get dedi/vp/cloud servers distributed all 
around the globe and use those for hosting the sites used to drive up page 
rank?


--
 Jon Lewis, MCP :)   |  I route
 Senior Network Engineer |  therefore you are
 Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_

Re: Request to lease IP space, or things that make you want to go hmmmmm..

[Lyle Giese]

A quick Google search found:

http://lists.arin.net/pipermail/arin-ppml/2012-January/023892.html

Lyle Giese
LCR Computer Services, Inc.

On 03/08/12 17:40, Matthew Huff wrote:

Just got an email today to our account associated with our legacy ARIN address space. A firm 
"Precision Management of Texas" is interested in subleasing some of our IP space for 
"on-demand solutions for brand marketers and website promotion chiefly through email 
marketing".

The one thing clear within the large amount of marketing-speach is they want "As is 
the nature of this business PM seeks to obtain as much diversity in the allocated IP 
space as possible, however the most important thing is the Subnets need to have no abuse 
history."

Anyone else get solicited?

They seem to be flexible "We can take the IPs via GRE or BGP or other such tunneling 
solution to where you have them announced. Alternatively we can advertise them ourselves 
on our network, saving you the back-haul. As a third solution we can take a server on 
your network with the following specs:..."


Matthew Huff | 1 Manhattanville Rd
Director of Operations   | Purchase, NY 10577
OTA Management LLC   | Phone: 914-460-4039
aim: matthewbhuff| Fax:   914-460-4139

Re: Request to lease IP space, or things that make you want to go hmmmmm..

[Fred Clearwater]

On 03/08/2012 05:56 PM, Scott Weeks wrote:


--- ml-nanog0903...@elcsplace.com wrote:
From: Ted Cooper

On 09/03/12 09:40, Matthew Huff wrote:

Just got an email today to our account associated with our legacy
ARIN address space. A firm "Precision Management of Texas" is
interested in subleasing some of our IP space for "on-demand
solutions for brand marketers and website promotion chiefly through
email marketing".

"We'd like to use your IP address reputation to bypass spam filters by
spreading our footprint out as much as possible and spam a few million
people into the ground because we've ruined the reputation of every
other IP address we've ever used.
--


What Ted said.  This is a dead giveaway:

"on-demand solutions for brand marketers and website promotion chiefly
through email marketing".

There is no info regarding that company on search engines, either.
That raises it to another level of suspicion.  Don't help them.  It
sure would be nice to get names and look up who they really are,
though...>;-)

And, no I have not gotten one.

scott



Seems this is not the first request for this "company" for space.

http://lists.arin.net/pipermail/arin-ppml/2012-January/023891.html

Fred

Re: cable markers for marine environments

[Michael Painter]

Lyndon Nerenberg wrote:

I have a couple of wiring projects coming up on salt water-going vessels and 
I'm curious as to people's experiences with
different types of cable marking products in a high-humidity / salt air / bilge 
environment

None of the markers will be directly exposed to the outside elements, but quite a bit will be running below decks and 
will have

to put up with the bilge.  Anyone have any horror stories to share?

My preference is for a direct printing system rather than stock card markers.

--lyndon


My Rhino labelmaker has printable, tubular, heat shrink cartridges in white and 
yellow w/black printing.

--Michael 

Re: Request to lease IP space, or things that make you want to go hmmmmm..

[Matthew Huff]

Of course, we declined. I just thought it was worth posting so others might be 
alerted that this was going on.

Hadn't known about the google page ranking SEO, but it makes sense

On Mar 8, 2012, at 8:06 PM, "George Michaelson"  wrote:

> 
> no. you misunderstand.
> 
> The value proposition is not spam: that works with unallocated space.
> 
> The value proposition is gaming google page rank, by using widely spread and 
> legitimately routed IPs to force your paying customers page rank high, by 
> hits and references. This is a very high value business: one customer paying 
> you big bucks, to have their web high in google pagerank. Not attacking a 
> million mailboxes.
> 
> In this model, the 'target' is google. The IPS need to come from classic, 
> widespread IPs because google now count the source IP and can tell if you use 
> a virtually hosted single IP to try and do this.
> 
> I have a question: are we actually able to state this consumption of address 
> is 'illegal' ? I personally judge it to be unethical, but that is not the 
> same thing.
> 
> -George
> 
> PS since this goes to address policy, I need to declare that I work for an 
> RIR but I am posting in a personal capacity and nothing I say is a reflection 
> of any RIR address policy. I work in the research department, not in 
> registry/allocations

Re: Request to lease IP space, or things that make you want to go hmmmmm..

[John Levine]

>The value proposition is not spam: that works with unallocated space.

You may well be right that their plan is to fake out page rank, but
spammers also like address space that's been allocated for a long
time.  Spreading spam around to try to sneak under the radar is so
common that it has a name, snowshoe spamming.

R's,
John

Re: Request to lease IP space, or things that make you want to go hmmmmm..

[George Michaelson]

no. you misunderstand.

The value proposition is not spam: that works with unallocated space.

The value proposition is gaming google page rank, by using widely spread and 
legitimately routed IPs to force your paying customers page rank high, by hits 
and references. This is a very high value business: one customer paying you big 
bucks, to have their web high in google pagerank. Not attacking a million 
mailboxes.

In this model, the 'target' is google. The IPS need to come from classic, 
widespread IPs because google now count the source IP and can tell if you use a 
virtually hosted single IP to try and do this.

I have a question: are we actually able to state this consumption of address is 
'illegal' ? I personally judge it to be unethical, but that is not the same 
thing.

-George

PS since this goes to address policy, I need to declare that I work for an RIR 
but I am posting in a personal capacity and nothing I say is a reflection of 
any RIR address policy. I work in the research department, not in 
registry/allocations

Re: Request to lease IP space, or things that make you want to go hmmmmm..

[Scott Weeks]

--- ml-nanog0903...@elcsplace.com wrote:
From: Ted Cooper 

On 09/03/12 09:40, Matthew Huff wrote:
> Just got an email today to our account associated with our legacy
> ARIN address space. A firm "Precision Management of Texas" is
> interested in subleasing some of our IP space for "on-demand
> solutions for brand marketers and website promotion chiefly through
> email marketing".

"We'd like to use your IP address reputation to bypass spam filters by
spreading our footprint out as much as possible and spam a few million
people into the ground because we've ruined the reputation of every
other IP address we've ever used.
--


What Ted said.  This is a dead giveaway:

"on-demand solutions for brand marketers and website promotion chiefly 
through email marketing".

There is no info regarding that company on search engines, either.  
That raises it to another level of suspicion.  Don't help them.  It 
sure would be nice to get names and look up who they really are, 
though...  >;-)

And, no I have not gotten one.

scott

Re: Programmers with network engineering skills

[William Herrin]

On Thu, Mar 8, 2012 at 5:24 PM, Lamar Owen  wrote:
> (18) No, our control protocol doesn't have authentication,
> it's up to the network to keep undesired users out. (I won't
> say what this software is, but suffice to say the package
> in which it was a part cost over $250,000).

Ten years ago there was a database this was true of: Filemaker. It was
designed to reside on a Windows network share but the files could be
placed on a Linux server instead. If you chose option 2, you got a
custom protocol presenting the database as an array of bytes
consisting of the entire raw database file.  Logging in meant that the
Windows app read the the file header, jumped to the user/password
section,  read the users and passwords and compared with the one you
supplied.

The TCP-based protocol requested no authentication: it received only a
byte offset and length in the raw file.

A colleague and I were asked to install an ISP billing system (!!)
built on top of this database. On objection, the ISP's owner insisted.
I understood where he was coming from: he was a technical guy who
built the then-existing system with scripting and an old DOS-based
database which he alone could operate, requiring him to spend gobs of
his time on the repetitive and thankless task of processing payments
month after month after month after month. He damn well wanted a
replacement and didn't much care what. Still...

We ended up stuffing the billing app on to a Windows Terminal Server,
rigging the server to run that app as the shell, and isolating the DB
machine behind it. Office users connected to the virtual server rather
than running the app locally.

The web portal for the billing app was fun too: it had the standard
stupidity where you change the sequential customer userid number in
the URL and got the next user's data without having to authenticate as
that user. We solved that one with a front end which handled auth and
re-wrote the customer request to the heavily firewalled web portal.

As I recall, we named the DB machine "HeartOfGold" because (A) it
contained all the customers' financial data and (B) there was
something improbable and more than a little crazy about how it came to
house the billing system.

Regards,
Bill Herrin


-- 
William D. Herrin  her...@dirtside.com  b...@herrin.us
3005 Crane Dr. .. Web: 
Falls Church, VA 22042-3004

Re: Request to lease IP space, or things that make you want to go hmmmmm..

[William Pitcock]

Hi,

On 3/8/2012 5:40 PM, Matthew Huff wrote:

Just got an email today to our account associated with our legacy ARIN address space. A firm 
"Precision Management of Texas" is interested in subleasing some of our IP space for 
"on-demand solutions for brand marketers and website promotion chiefly through email 
marketing".

The one thing clear within the large amount of marketing-speach is they want "As is 
the nature of this business PM seeks to obtain as much diversity in the allocated IP 
space as possible, however the most important thing is the Subnets need to have no abuse 
history."

Anyone else get solicited?
   

Yes, they have spammed me regarding some legacy space I control.

They seem to be flexible "We can take the IPs via GRE or BGP or other such tunneling 
solution to where you have them announced. Alternatively we can advertise them ourselves 
on our network, saving you the back-haul. As a third solution we can take a server on 
your network with the following specs:..."
   
To which my response was something along the lines of "no thanks."  
These guys just want your IPs so they can get around whatever IP 
reputation problem they have.  It will most probably infect the rest of 
your netblock, as that is standard MO for any anti-abuse DNSBL.


What is odd is -- they solicit anyone with legacy space, even if it's 
just a /24 worth, this is odd because they want you to provide them with 
more than one subnet, which probably means they want IPs on different 
/24 boundaries since some mail filtering systems use the /24 boundary.


William

Re: Request to lease IP space, or things that make you want to go hmmmmm..

[Ted Cooper]

On 09/03/12 09:40, Matthew Huff wrote:
> Just got an email today to our account associated with our legacy
> ARIN address space. A firm "Precision Management of Texas" is
> interested in subleasing some of our IP space for "on-demand
> solutions for brand marketers and website promotion chiefly through
> email marketing".
> 
> The one thing clear within the large amount of marketing-speach is
> they want "As is the nature of this business PM seeks to obtain as
> much diversity in the allocated IP space as possible, however the
> most important thing is the Subnets need to have no abuse history."
> 
> Anyone else get solicited?
> 
> They seem to be flexible "We can take the IPs via GRE or BGP or other
> such tunneling solution to where you have them announced.
> Alternatively we can advertise them ourselves on our network, saving
> you the back-haul. As a third solution we can take a server on your
> network with the following specs:..."

Translation of their request:

"We'd like to use your IP address reputation to bypass spam filters by
spreading our footprint out as much as possible and spam a few million
people into the ground because we've ruined the reputation of every
other IP address we've ever used.

May we destroy your reputation?"

Request to lease IP space, or things that make you want to go hmmmmm..

[Matthew Huff]

Just got an email today to our account associated with our legacy ARIN address 
space. A firm "Precision Management of Texas" is interested in subleasing some 
of our IP space for "on-demand solutions for brand marketers and website 
promotion chiefly through email marketing". 

The one thing clear within the large amount of marketing-speach is they want 
"As is the nature of this business PM seeks to obtain as much diversity in the 
allocated IP space as possible, however the most important thing is the Subnets 
need to have no abuse history."

Anyone else get solicited?

They seem to be flexible "We can take the IPs via GRE or BGP or other such 
tunneling solution to where you have them announced. Alternatively we can 
advertise them ourselves on our network, saving you the back-haul. As a third 
solution we can take a server on your network with the following specs:..."


Matthew Huff | 1 Manhattanville Rd
Director of Operations   | Purchase, NY 10577
OTA Management LLC   | Phone: 914-460-4039
aim: matthewbhuff    | Fax:   914-460-4139

Re: cable markers for marine environments

[Nick Hilliard]

On 08/03/2012 22:02, James Downs wrote:
> Don't bother. Unless something revolutionary has come out recently,
> attach-on-to products are the only way to go. In my experience all the
> labels have to be maintained along with everything else that's in
> contact with that environment/liquid. Use something plastic, larger is
> better, and plan to be able to replace them as necessary.

yeah, srsly, marine bilges are horrendous environments, with their
combination of persistent damp, salt and fuel oils.

If it's of any interest, I got a bunch of consumer labels from
www.goed-gemerkt.com a couple of years back for labelling baby milk
bottles.  They were interesting labels because the milk bottles were dumped
into the dish-washer on average once every 1-2 days, but the the adhesive
only began to detach from the first of them after about ~9 months.  Some of
them had the original labels 5 years later - I was pretty blown away by
this, given what a hostile environment the inside of a dishwasher is.

Anyway, they also do a line of printed stainless steel tags:

https://www.goedgemerkt.nl/key-id-tags-detail.asp?productid=149

I haven't used these, but depending on the grade of stainless used here,
and the type of chain used, they might be exactly what you're looking for.

(There's an english translation of the web site too).

a delighted previous customer of Goedgemerkt,
Nick

Re: Programmers with network engineering skills

[Lamar Owen]

On Monday, March 05, 2012 09:36:41 PM Jimmy Hess wrote:
> > Other common, but misguided assumptions (even in 2012):
> > 1. You will be using IPv4.  We have no idea what this IPv6 nonsense is.
> > Looks complicated and scary.
> > 2. 255.255.255.0 is the only valid netmask.
...
>(16)  The default gateway's IP address is always 192.168.0.1
>(17) The user portion of E-mail addresses never contain special
> characters like  "-" "+"  "$"   "~"  "."  ",", "[",  "]"

Hilarious.  Wish I'd seen this a few days ago, my whole week would have been 
brighter I'll add one from my 'I asked the programmer about a problem in 
the code, which the programmer proceeded to say wasn't a problem' list:

(18) No, our control protocol doesn't have authentication, it's up to the 
network to keep undesired users out. (I won't say what this software is, but 
suffice to say the package in which it was a part cost over $250,000).   

Re: cable markers for marine environments

[George Herbert]

Under the circumstances...

I would tend to do a two-phase solution.

1.  At both ends, above the bilge area, put the most durable printed
labels you can find.

2.  Both at the ends, and intermittently under the deck, use a coded
ID number for each cable using those slip-on crimp-on types (the
cablecraft ones someone pointed to a bit upthread).  You won't have
the full label in the middle, but you can look at any endpoint and get
the description and the cable's individual ID tag, and then trace the
tag numbers in the bilge.


On Thu, Mar 8, 2012 at 2:09 PM, Lyndon Nerenberg  wrote:
>
> On 2012-03-08, at 2:01 PM, Jim Richardson wrote:
>
>> I have had good results with printed labels covered in clear
>> heatshrink.  Awkward, time consuming, and generally annoying, but
>> works, and lasts.
>
> A bit more detail I should have included ...
>
> These are pleasure craft, so stuff goes under the deck whether we like it or 
> not.
>
> I've been using markable heat shrink, but as Jim says, it's very time 
> consuming and awkward, so I was hoping for something better.  I have tried a 
> few of the wrap-around plastic write-on types, but the glue doesn't hold very 
> long in the damp environment.
>
> I'm hoping to find a printable plastic wrap-around with a glue that will 
> stick in the damp, as it would let me pre-print everything before the job.
>
> --lyndon
>
>



-- 
-george william herbert
george.herb...@gmail.com

Re: cable markers for marine environments

[Lyndon Nerenberg]

On 2012-03-08, at 2:10 PM, George Herbert wrote:

> Which fuel is present affects the label durability...

Diesel.

Re: cable markers for marine environments

[Lyndon Nerenberg]

On 2012-03-08, at 2:01 PM, Jim Richardson wrote:

> I have had good results with printed labels covered in clear
> heatshrink.  Awkward, time consuming, and generally annoying, but
> works, and lasts.

A bit more detail I should have included ...

These are pleasure craft, so stuff goes under the deck whether we like it or 
not.

I've been using markable heat shrink, but as Jim says, it's very time consuming 
and awkward, so I was hoping for something better.  I have tried a few of the 
wrap-around plastic write-on types, but the glue doesn't hold very long in the 
damp environment.  

I'm hoping to find a printable plastic wrap-around with a glue that will stick 
in the damp, as it would let me pre-print everything before the job.

--lyndon

Re: cable markers for marine environments

[James Downs]

On Mar 8, 2012, at 1:41 PM, Lyndon Nerenberg wrote:

> My preference is for a direct printing system rather than stock card markers.

Don't bother. Unless something revolutionary has come out recently, 
attach-on-to products are the only way to go. In my experience all the labels 
have to be maintained along with everything else that's in contact with that 
environment/liquid. Use something plastic, larger is better, and plan to be 
able to replace them as necessary.

Cheers,
-j

Re: cable markers for marine environments

[Jim Richardson]

On Thu, Mar 8, 2012 at 1:41 PM, Lyndon Nerenberg  wrote:
> I have a couple of wiring projects coming up on salt water-going vessels and 
> I'm curious as to people's experiences with different types of cable marking 
> products in a high-humidity / salt air / bilge environment
>
> None of the markers will be directly exposed to the outside elements, but 
> quite a bit will be running below decks and will have to put up with the 
> bilge.  Anyone have any horror stories to share?
>
> My preference is for a direct printing system rather than stock card markers.
>
> --lyndon
>
>

I have had good results with printed labels covered in clear
heatshrink.  Awkward, time consuming, and generally annoying, but
works, and lasts.  Keep the label short, print big, and use marine
(glue lined) heatshrink for best waterproofing. The regular stuff can
allow seepage and mould growth under the heatshrink in extreme cases.


-- 
http://neon-buddha.net

Re: cable markers for marine environments

[Måns Nilsson]

On Thu, Mar 08, 2012 at 01:41:58PM -0800, Lyndon Nerenberg wrote:
> I have a couple of wiring projects coming up on salt water-going vessels and 
> I'm curious as to people's experiences with different types of cable marking 
> products in a high-humidity / salt air / bilge environment
> 
> None of the markers will be directly exposed to the outside elements, but 
> quite a bit will be running below decks and will have to put up with the 
> bilge.  Anyone have any horror stories to share?
> 
> My preference is for a direct printing system rather than stock card markers.

Most durable is probably PVC cable markers of the type found in automation
systems and similar; I've used them in live sound which is a very
stressful environment. Several manufacturers make these; the resistor
colourcode type is really great for quick ID of numeric identifiers.

Typical offering: 
http://www.cablecraft.co.uk/file.php?filename=WebCat-0001002b00040003%2FEasi-Lok_Halogen_Free_Markers.pdf

If you want to print, Brady has a number of different solutions, of which, at a 
quick glance, this one looks good: 

http://www.bradyid.com/bradyid/domino/contentView.do/B7643.html

-- 
Måns, the wannabe automation engineer. 

Re: cable markers for marine environments

[George Herbert]

On Thu, Mar 8, 2012 at 1:41 PM, Lyndon Nerenberg  wrote:
> I have a couple of wiring projects coming up on salt water-going vessels and 
> I'm curious as to people's experiences with different types of cable marking 
> products in a high-humidity / salt air / bilge environment
>
> None of the markers will be directly exposed to the outside elements, but 
> quite a bit will be running below decks and will have to put up with the 
> bilge.  Anyone have any horror stories to share?
>
> My preference is for a direct printing system rather than stock card markers.
>
> --lyndon

Data wiring through the *bilge* ???

The naval architect in me is screaming and running in circles at the idea.

Everything I've had to run through bilges, which involved power wiring
(ugh) and various pipe systems, but not datacom cables, got messed up
on the surface by the inevitable sludge of salt water and junk and oil
in the bilges.  Large painted stencils on pipes seem to survive, as to
large printed plastic label tags.  Most smaller printed tags like
you'd use for circuit ID or wire ID in normal datacom/telco usage
delaminated or melted eventually.

Is this a temporary or permanent installation?  If permanent, think
about running anywhere else you can and conduiting and armored
cables...


-- 
-george william herbert
george.herb...@gmail.com

RE: AS Connectivity Lookup

[Dixon, Justin]

> -Original Message-
> From: Henry Linneweh [mailto:hrlinne...@sbcglobal.net]
> Sent: Thursday, March 08, 2012 14:45
> To: nanog@nanog.org
> Subject: Re: AS Connectivity Lookup
> 
> I really miss completewhois, have not found a really good replacement
> 
> -Henry
> 
> 
> 
> 
>  From: Joe Provo 
> To: "Radke, Justin" 
> Cc: nanog@nanog.org
> Sent: Wednesday, March 7, 2012 11:11 AM
> Subject: Re: AS Connectivity Lookup
> 
> On Wed, Mar 07, 2012 at 09:29:29AM -0800, Radke, Justin wrote:
> > How can I easily view the current peering relationship of a particular
> AS?
> > Assume the AS you are researching does not have a looking glass and you
> are
> > not going to do lookups from the top 10 providers route servers to get
> some
> > glimpse of their connectivity. In my particular search
> > bgplay.routeviews.org does
> > not have any information and as-rank.caida.org is out of date. In the
> past
> > there was a great website called webtrace.info but it is no longer
> online.
> >
> > Any suggestions?
> 
> Any site you reference outside/not downstream of the desired
> AS will only provide you a partial picture.  Use many to try
> and create a holistic view.  So far it seems RIPE RIS hasn't
> yet been mentioned:
> http://www.ripe.net/data-tools/stats/ris/routing-information-service
> 
> 
> --
>          RSUC / GweepNet / Spunk / FnB / Usenix / SAGE / NewNOG


http://cyclops.cs.ucla.edu/

cable markers for marine environments

[Lyndon Nerenberg]

I have a couple of wiring projects coming up on salt water-going vessels and 
I'm curious as to people's experiences with different types of cable marking 
products in a high-humidity / salt air / bilge environment

None of the markers will be directly exposed to the outside elements, but quite 
a bit will be running below decks and will have to put up with the bilge.  
Anyone have any horror stories to share?

My preference is for a direct printing system rather than stock card markers.

--lyndon

[NANOG-announce] NANOG Meeting Updates

[Betty Burke]

Colleagues:

I am pleased to report, NANOG 54 is archived, visit
 http://www.nanog.org/meetings/nanog54/index.php

Now posted are the attendance stats

http://www.nanog.org/meetings/nanog54/documents/NANOG54Statistics_web.pdf
and survey results
 http://www.nanog.org/meetings/nanog54/surveys.html

The NANOG presentations have been updated.  We do have a few outstanding,
and we will post those slides as soon as received.  Lastly, the
presentation video files are now linked to the agenda page
 http://www.nanog.org/meetings/nanog54/agenda.php

A final thank you to our Host, Speakers, Sponsors, and attendees.  You ALL
are valuable contributors to the NANOG community and very much appreciated.

I welcome everyone to visit our NANOG 55 website.  Meeting planning is
already underway!  Do not wait, visit:
 http://www.nanog.org/meetings/nanog55/callforpresentations.html
 http://www.nanog.org/meetings/nanog55/nanog55_registration.html
 http://www.nanog.org/meetings/nanog55/hotel.html

Lastly, we welcome all our sponsors to join us in Vancouver.  If you have
not yet sent in your request, please visit our website and let us know of
your interest.
 http://www.nanog.org/sponsors/sponsorform/index.php


See you in June!

Sincerely,
Betty


-- 
Betty Burke
NewNOG/NANOG Executive Director
48377 Fremont Boulevard, Suite 117
Fremont, CA 94538
Tel: +1 510 492 4030
Office (810) 214-1218
___
NANOG-announce mailing list
nanog-annou...@nanog.org
https://mailman.nanog.org/mailman/listinfo/nanog-announce

Re: AS Connectivity Lookup

[Henry Linneweh]

I really miss completewhois, have not found a really good replacement

-Henry




 From: Joe Provo 
To: "Radke, Justin"  
Cc: nanog@nanog.org 
Sent: Wednesday, March 7, 2012 11:11 AM
Subject: Re: AS Connectivity Lookup
 
On Wed, Mar 07, 2012 at 09:29:29AM -0800, Radke, Justin wrote:
> How can I easily view the current peering relationship of a particular AS?
> Assume the AS you are researching does not have a looking glass and you are
> not going to do lookups from the top 10 providers route servers to get some
> glimpse of their connectivity. In my particular search
> bgplay.routeviews.org does
> not have any information and as-rank.caida.org is out of date. In the past
> there was a great website called webtrace.info but it is no longer online.
> 
> Any suggestions?

Any site you reference outside/not downstream of the desired 
AS will only provide you a partial picture.  Use many to try 
and create a holistic view.  So far it seems RIPE RIS hasn't
yet been mentioned:
http://www.ripe.net/data-tools/stats/ris/routing-information-service


-- 
         RSUC / GweepNet / Spunk / FnB / Usenix / SAGE / NewNOG

Juniper wlc8 vs HP ProCurve MSM710

[JoeSox]

Juniper WLC8 vs HP ProCurve MSM710
Any review to share?

We are also looking at Cisco 5508 but spendy.
Looking at 8 APs to start in one building then possible APs at 10
other locations.
--
Thanks, Joe

Re: [c-nsp] ASR opinions..

[PC]

The numbers were based on when I spoke to our SE when considering
purchasing one a couple years back.

It sounds like they may have a revision 2 or new route processor out now
which supports more under this model?

In which case you should be ok, but I'd get it in writing from your rep to
cover all your basis.



On Thu, Mar 8, 2012 at 11:38 AM, Christian 'wiwi' Wittenhorst <
w...@progon.net> wrote:

> On 2012-03-08 18:25, PC wrote:
>
>> The low end ASRs are poor boxes for full BGP table internet edge
>> applications.  They have many other great applications, but the reason
>> they
>> are bad here is simply route limits in the FIB.
>>
>> The asr1001 only supports 512,000 IPV4 routes in the FIB at any given
>> point
>> in time, and 128,000 IPV6 routes.
>>
>
> Current ASR1001 do NOT have that limitation:
>
>  ps9343/data_sheet_c78-441072.**html
> >
>
> > Performance
> > * 1,000,000 IPv4 or 1,000,000 IPv6 routes
> > * BGP RR scalability to 2,000,000 IPv4/IPv6 routes
> >(using 4-GB memory) or 9,000,000 IPv4/IPv6
> >routes (using 8-GB memory)
>

Re: [c-nsp] ASR opinions..

[Christian 'wiwi' Wittenhorst]

On 2012-03-08 18:25, PC wrote:

The low end ASRs are poor boxes for full BGP table internet edge
applications.  They have many other great applications, but the reason they
are bad here is simply route limits in the FIB.

The asr1001 only supports 512,000 IPV4 routes in the FIB at any given point
in time, and 128,000 IPV6 routes.


Current ASR1001 do NOT have that limitation:



> Performance
> * 1,000,000 IPv4 or 1,000,000 IPv6 routes
> * BGP RR scalability to 2,000,000 IPv4/IPv6 routes
>(using 4-GB memory) or 9,000,000 IPv4/IPv6
>routes (using 8-GB memory)

Re: [c-nsp] ASR opinions..

[PC]

The low end ASRs are poor boxes for full BGP table internet edge
applications.  They have many other great applications, but the reason they
are bad here is simply route limits in the FIB.

The asr1001 only supports 512,000 IPV4 routes in the FIB at any given point
in time, and 128,000 IPV6 routes.

The full IPV4 table will exceed that soon, and that will be well within the
lifespan of the box.

The 1 million figure is for route reflector applications only.


On Wed, Feb 8, 2012 at 8:28 AM, Arie Vayner  wrote:

> Mark,
>
> I made sure with the BU, and they confirmed that ASR1001 with 8GB RAM can
> handle 1M routes per the data sheet.
> The difference between ASR1001 and ASR1002 with EFP5 is due to a more
> powerful integrated RP on ASR1001 (Not really RP2, but closer to RP2 than
> RP1) and more memory (4GB is max on RP1)
>
> Arie
>
> On Wed, Feb 1, 2012 at 5:50 AM, Mark Tinka 
> wrote:
>
> > On Tuesday, January 31, 2012 06:38:10 AM Christopher J.
> > Pilkington wrote:
> >
> > > Does anyone have a link to a definitive document clearly
> > > showing FIB numbers for the ASR1001?  I've got an email
> > > into our Cisco SE, but I don't think they're motivated
> > > to sell us a lower-end box. :-)
> >
> > On that link, Tables 1 and 3 contradict each other re: the
> > ASR1001.
> >
> > However, I confirmed with our SE, and he says no way the
> > ASR1001 supports anything more than 512,000 v4 entries and
> > 128,000 v6 entries (which is Table 3).
> >
> > Maybe someone on the list from Cisco can help fix the
> > documentation.
> >
> > Mark.
> >
>

Re: [c-nsp] ASR opinions..

[Mark Tinka]

On Thursday, March 08, 2012 08:22:55 PM Arie Vayner wrote:

> Mark,
> 
> I guess it has to do with the fact that every FIB entry
> also has a data structure on the RP, as control plane
> has to calculate the FIB (i.e. CEF...) and then copy the
> result into the forwarding plane (ESP).

So we're saying that the forwarding plane on the ASR1001 can 
handle 1,000,000 hardware entries out of the factory, but 
that you'll need to have the 8GB of control plane memory 
installed in the router to achieve that?

Interesting. I'd have thought 4GB of control plane memory 
would be sufficient :-).

Mark.


signature.asc
Description: This is a digitally signed message part.

Re: RANCID script for monitoring the routes received from peers.

[Nick Hilliard]

On 08/03/2012 10:47, Phil Regnauld wrote:
>   Finally, another way to do this that could spare the CPU on on
>   your routers if you run this often would be to setup a peer running
>   Quagga (or BIRD) on a Linux/BSD host and run the monitoring there.

that will only provide the calculated prefix entries from the RIB, not the
received-routes from each host.  I.e. it's not necessarily going to be 100%
accurate.

Nick

Re: did AS174 and AS4134 de-peer?

[Eric]

+1

- Eric

On Mar 7, 2012, at 7:37 PM, Michael Sinatra  wrote:

> On 03/07/12 16:10, Patrick W. Gilmore wrote:
>> On Mar 7, 2012, at 19:06 , Jim Cowie wrote:
>> 
>>> As a meta-comment: this "Quick Look" style of blog is an experiment we're 
>>> trying, based on feedback that the community wanted to hear about more of 
>>> these little events as they happen.  In a Quick Look, we're giving the 
>>> facts as they are known from initial measurement, and a very quick summary 
>>> of our preliminary analysis of the incident.   Then we throw the topic open 
>>> to comments from those who might have the clues to the rest of the story ...
>> 
>> Well, this member of the community appreciates it.
>> 
> 
> +1
> 
> I find the combination of facts and inferences presented to be interesting 
> and useful.
> 
> michael

Re: [c-nsp] ASR opinions..

[Arie Vayner]

Mark,

I guess it has to do with the fact that every FIB entry also has a data
structure on the RP, as control plane has to calculate the FIB (i.e.
CEF...) and then copy the result into the forwarding plane (ESP).

Arie

On Thu, Mar 8, 2012 at 1:34 PM, Mark Tinka  wrote:

> On Wednesday, February 08, 2012 11:28:24 PM Arie Vayner
> wrote:
>
> > Mark,
>
> Hello Arie.
>
> Sorry for the very late reply.
>
> > I made sure with the BU, and they confirmed that ASR1001
> > with 8GB RAM can handle 1M routes per the data sheet.
>
> Are we talking 1,000,000 FIB entries, as I don't see how
> control plane RAM can influence FIB capacity in this
> particular case :-)?
>
> Mark.
>

Re: [c-nsp] ASR opinions..

[Mark Tinka]

On Wednesday, February 08, 2012 11:28:24 PM Arie Vayner 
wrote:

> Mark,

Hello Arie.

Sorry for the very late reply.

> I made sure with the BU, and they confirmed that ASR1001
> with 8GB RAM can handle 1M routes per the data sheet.

Are we talking 1,000,000 FIB entries, as I don't see how 
control plane RAM can influence FIB capacity in this 
particular case :-)?

Mark.


signature.asc
Description: This is a digitally signed message part.

Re: RANCID script for monitoring the routes received from peers.

[Phil Regnauld]

Ajay Kumar (joinajay1) writes:
> Hello,
> 
> We are running IX in India.Has some one written script for monitoring the
> routes announcement from peers?If yes,would you like to share code with
> me.It can be done via one script under the framework of RANCID.I want to
> know difference of routes,which has been added or removed.
> Thanks in advance.
> Regards,
> Ajay Kumar

Hi Ajay,

Are you running IOS, JunOS, something else ? You could do it
via Rancid, using *login scripts. But there are ways to do this using 
SNMP
and BGP mibs:

http://www.oidview.com/mibs/0/BGP4-MIB.html

http://tools.cisco.com/Support/SNMP/do/BrowseMIB.do?local=en&step=2&mibName=CISCO-BGP4-MIB

Note that the network monitoring platform Observium has built-in
support for tracking BGP sessions.

Finally, another way to do this that could spare the CPU on on
your routers if you run this often would be to setup a peer running
Quagga (or BIRD) on a Linux/BSD host and run the monitoring there.

Cheers,
Phil

RANCID script for monitoring the routes received from peers.

[Ajay Kumar]

Hello,

We are running IX in India.Has some one written script for monitoring the
routes announcement from peers?If yes,would you like to share code with
me.It can be done via one script under the framework of RANCID.I want to
know difference of routes,which has been added or removed.
Thanks in advance.
Regards,
Ajay Kumar