On Apr 30, 2013, at 1:46 AM, Jimmy Hess mysi...@gmail.com wrote:
On 4/29/13, John Curran jcur...@arin.net wrote:
On Apr 29, 2013, at 2:46 PM, Lee Howard l...@asgard.org wrote:
On 4/29/13 1:03 AM, Jérôme Nicolle jer...@ceriz.fr wrote:
specified (based on being singly-homed or multi-homed.)
https://outlook.office365.com does not work on ipv6; looks like this has
been broken for some while.
Can someone from Microsoft please fix?
crumpet:/Users/nick% telnet -6 outlook.office365.com 443
Trying 2a01:111:f400:1000::9...
telnet: connect to address 2a01:111:f400:1000::9: Connection
from Europe, using ipv6, it seems to be working:
---
zarko.ke...@rnids.rsmaster:~$ telnet -6 outlook.office365.com 443
Trying 2a01:111:f400:800::6...
Connected to ipv6.exchangelabs.com.
Escape character is '^]'.
---
On Tue, Apr 30, 2013 at 12:33 PM, Nick Hilliard n...@foobar.org wrote:
Quite Interesting...
from Europe, using ipv6, it seems to be working:
---
zarko.ke...@rnids.rsmaster:~$ telnet -6 outlook.office365.com 443
Trying 2a01:111:f400:800::6...
Connected to ipv6.exchangelabs.com.
Escape character is '^]'.
---
The IP address you have mentioned is working fine.
yes, you are correct... resolved at my local dns:
master:~$ host outlook.office365.com
outlook.office365.com is an alias for
outlook.office365.com.glbdns.microsoft.com.
outlook.office365.com.glbdns.microsoft.com is an alias for
outlook-latam.office365.com.
outlook-latam.office365.com has IPv6
FYI: Here's what I'm seeing:
puck:~$ curl -v https://outlook.office365.com/
* About to connect() to outlook.office365.com port 443 (#0)
* Trying 2a01:111:f400:400::2...
* Connection refused
* Trying 2a01:111:f400:2c16::2...
* Connection refused
* Trying 2a01:111:f400:2c2a::12...
*
On Tue, Apr 30, 2013 at 11:33:41AM +0100, Nick Hilliard n...@foobar.org wrote:
https://outlook.office365.com does not work on ipv6; looks like this has
been broken for some while.
Not one host in the RING says it is up:
https://spodder.com/p/ByYYcAomOxawsZRPme74X9pG
via
Greetings,
I know Tier1s are blackholing traffic all the time :) (de-peering,
congestion etc.)
but did it became a new role for Tier1s to go from transit provider to
transit blocker?
We received recently customer complaints stating they can't reach
certain websites.
Investigation showed that
On Tue, April 30, 2013 10:33 am, Nick Hilliard wrote:
https://outlook.office365.com does not work on ipv6; looks like this has
been broken for some while.
Can someone from Microsoft please fix?
crumpet:/Users/nick% telnet -6 outlook.office365.com 443
Trying 2a01:111:f400:1000::9...
telnet:
Hi,
seems at least one box got fixed:
dyn-10-0-2-50:~ local_fhibler$ telnet -6 outlook.office365.com 443
Trying 2a01:111:f400:400::6...
telnet: connect to address 2a01:111:f400:400::6: Connection refused
Trying 2a01:111:f400:83e::6...
telnet: connect to address 2a01:111:f400:83e::6: Connection
This is being esclated.
-Original Message-
From: Hibler, Florian [mailto:florian.hib...@kaiaglobal.com]
Sent: Tuesday, April 30, 2013 4:38 AM
To: nanog@nanog.org
Subject: Re: Office 365 broken on ipv6
Hi,
seems at least one box got fixed:
dyn-10-0-2-50:~ local_fhibler$ telnet -6
On 4/30/2013 10:31 AM, Thomas Schmid wrote:
Greetings,
I know Tier1s are blackholing traffic all the time :) (de-peering,
congestion etc.)
but did it became a new role for Tier1s to go from transit provider to
transit blocker?
We received recently customer complaints stating they can't
On Tue, 2013-04-30 at 10:59 -0400, ML wrote:
1) Do nothing - They're supposed deliver any and all bits
(Disregarding
a DoS or similiar situation which impedes said network)
2) Prefix filter - Don't be a party (at least in one direction) to the
bad actors traffic.
3 - Deliver all packets
Sounds like a no win situation. Either you let the bad guys do things or get
complaints you blocked the bad guys.
Jared Mauch
On Apr 30, 2013, at 11:07 AM, Chris Boyd cb...@gizmopartners.com wrote:
On Tue, 2013-04-30 at 10:59 -0400, ML wrote:
1) Do nothing - They're supposed deliver any and
On Apr 30, 2013, at 11:07 , Chris Boyd cb...@gizmopartners.com wrote:
On Tue, 2013-04-30 at 10:59 -0400, ML wrote:
1) Do nothing - They're supposed deliver any and all bits
(Disregarding
a DoS or similiar situation which impedes said network)
2) Prefix filter - Don't be a party (at least in
On Tue, 30 Apr 2013, Thomas Schmid wrote:
I know Tier1s are blackholing traffic all the time :) (de-peering,
congestion etc.) but did it became a new role for Tier1s to go from
transit provider to transit blocker?
We received recently customer complaints stating they can't reach
certain
On Apr 30, 2013, at 10:07 PM, Chris Boyd wrote:
3 - Deliver all packets unless I've signed up for an enhanced security
offering?
Even if said packets from an obviously compromised server on a high-speed link
are attack packets causing problems for the ISP itself as well as for its
I think blocking phishing sites vs blocking ddos require a different approach.
--
Tassos
Jared Mauch wrote on 30/04/2013 18:11:
Sounds like a no win situation. Either you let the bad guys do things or get
complaints you blocked the bad guys.
Jared Mauch
On Apr 30, 2013, at 11:07 AM,
On 30.04.2013 17:07, Chris Boyd wrote:
On Tue, 2013-04-30 at 10:59 -0400, ML wrote:
1) Do nothing - They're supposed deliver any and all bits
(Disregarding
a DoS or similiar situation which impedes said network)
2) Prefix filter - Don't be a party (at least in one direction) to the
bad actors
Nick Hilliard n...@foobar.org wrote:
https://outlook.office365.com does not work on ipv6; looks like this has
been broken for some while.
Can someone from Microsoft please fix?
crumpet:/Users/nick% telnet -6 outlook.office365.com 443
Trying 2a01:111:f400:1000::9...
telnet: connect to
On Apr 30, 2013, at 11:23 , Thomas Schmid sch...@dfn.de wrote:
On 30.04.2013 17:07, Chris Boyd wrote:
On Tue, 2013-04-30 at 10:59 -0400, ML wrote:
1) Do nothing - They're supposed deliver any and all bits
(Disregarding
a DoS or similiar situation which impedes said network)
2) Prefix filter
On 4/30/13 8:23 AM, Thomas Schmid wrote:
On 30.04.2013 17:07, Chris Boyd wrote:
On Tue, 2013-04-30 at 10:59 -0400, ML wrote:
1) Do nothing - They're supposed deliver any and all bits
(Disregarding
a DoS or similiar situation which impedes said network)
2) Prefix filter - Don't be a party (at
Am 30.04.2013 17:53, schrieb Patrick W. Gilmore:
Core? Seriously? Which of these statements are true: A) Is it
impossible for an end user or business (i.e. non-ISP) to get a direct
connection to a Tier 1 (whatever the hell that means) provider. B)
Most traffic on the Internet traverses Tier 1s
Composed on a virtual keyboard, please forgive typos.
On Apr 30, 2013, at 12:32, Thomas Schmid sch...@dfn.de wrote:
Am 30.04.2013 17:53, schrieb Patrick W. Gilmore:
Core? Seriously? Which of these statements are true: A) Is it impossible
for an end user or business (i.e. non-ISP) to get a
On Tue, Apr 30, 2013 at 11:22 AM, Tassos Chatzithomaoglou
ach...@forthnetgroup.gr wrote:
I think blocking phishing sites vs blocking ddos require a different approach.
I think I agree with this, and I think it can help draw a useful line.
Large DDoS attacks can and do directly affect the
On Apr 30, 2013, at 12:43 PM, Darius Jahandarie djahanda...@gmail.com wrote:
I think I agree with this, and I think it can help draw a useful line.
Large DDoS attacks can and do directly affect the service that the
tier 1 is providing to its customers (namely, moving their bits), so
Am 30.04.2013 18:41, schrieb Patrick W. Gilmore:
Composed on a virtual keyboard, please forgive typos.
On Apr 30, 2013, at 12:32, Thomas Schmid sch...@dfn.de wrote:
Am 30.04.2013 17:53, schrieb Patrick W. Gilmore:
Core? Seriously? Which of these statements are true: A) Is it impossible for
I just had a client drop an interesting requirement on me.
They are on Andros Island (Bahamas) for about a year. I'm working on
getting an exact address from the adminisphere above me, but all I've been
told so far is they are 'near the naval base'.
They just called and said We need internet
Aaron,
Cross-posting this over to the WISPA list to see if there are any Wireless
ISPs over there that can help you.
-Mike
On Tue, Apr 30, 2013 at 1:28 PM, Aaron C. de Bruyn aa...@heyaaron.comwrote:
I just had a client drop an interesting requirement on me.
They are on Andros Island
Aaron are they supporting the range? If so there are options.
On Apr 30, 2013, at 4:28 PM, Aaron C. de Bruyn wrote:
I just had a client drop an interesting requirement on me.
They are on Andros Island (Bahamas) for about a year. I'm working on
getting an exact address from the adminisphere
I suggested VSAT. Probably the quickest and cheapest.
Sent from my T-Mobile 4G LTE Device
Original message
From: Mike Lyon mike.l...@gmail.com
Date: 04/30/2013 1:35 PM (GMT-08:00)
To: Aaron C. de Bruyn aa...@heyaaron.com,memb...@wispa.org
Cc: NANOG mailing list
On Tue, Apr 30, 2013 at 10:31 AM, Thomas Schmid sch...@dfn.de wrote:
We received recently customer complaints stating they can't reach certain
websites.
Investigation showed that the sites were not reachable via Tier1-T, but fine
via
Tier1-L. I contacted Tier1-T and the answer was something
It's the quickest but certainly not the cheapest.
On Tue, Apr 30, 2013 at 1:56 PM, Warren Bailey
wbai...@satelliteintelligencegroup.com wrote:
I suggested VSAT. Probably the quickest and cheapest.
Sent from my T-Mobile 4G LTE Device
Original message
From: Mike Lyon
On Apr 30, 2013, at 2:50 PM, bmann...@vacation.karoshi.com wrote:
Phone? You mean like Jitsi or Skype?
Fax?
I'd like to see some numbers to back your assertion of Typical
restoration
times of days.
my vendors deliver software fixes for BGP doesn't work in
Says.. Who?
Sent from my T-Mobile 4G LTE Device
Original message
From: Mike Hale eyeronic.des...@gmail.com
Date: 04/30/2013 2:19 PM (GMT-08:00)
To: Warren Bailey wbai...@satelliteintelligencegroup.com
Cc: Mike Lyon mike.l...@gmail.com,Aaron C. de Bruyn
Yeah, how many thousands is it per meg of space segment?
On Tue, Apr 30, 2013 at 2:20 PM, Warren Bailey
wbai...@satelliteintelligencegroup.com wrote:
Says.. Who?
Sent from my T-Mobile 4G LTE Device
Original message
From: Mike Hale eyeronic.des...@gmail.com
Date:
Not that I'll argue it isn't costly, but how else can you rail in up to 100mbps
in an afternoon..? I would imagine this type of inquiry comes in after it has
been established that there is little to no connectivity.
Sent from my T-Mobile 4G LTE Device
Original message
Depends.. Space segment runs from 1300 a mhz for inclined all the way to 6k a
month a mhz for hard to get weird stuff. We oversub to make the economics work
often.
Sent from my T-Mobile 4G LTE Device
Original message
From: Mike Hale eyeronic.des...@gmail.com
Date:
Bingo. And you're absolutely right in that setting it up can be really fast.
But cheap? Not for a quality connection.
On Tue, Apr 30, 2013 at 2:23 PM, Warren Bailey
wbai...@satelliteintelligencegroup.com wrote:
Depends.. Space segment runs from 1300 a mhz for inclined all the way to 6k
a
We can make it work usually. An Hd TV channel takes something like 3mhz now.
Things have improved greatly in our industry. Not to say there isn't the
occasional weird situation. But when you come in to a site and it's up within
an hour you are usually elevated to rockstar status. It takes
Harris/CAPROCK, http://www.harriscaprock.com, provides VSAT worldwide to
shipping, offshore platforms and remote islands.
Additionally, Andros has quite a bit of undersea fiber going to it. The USAF
Eastern Test Range and the Naval base there was the forcing function. The
range contractor,
Or you could just use my networks?
Sent from my T-Mobile 4G LTE Device
Original message
From: TR Shaw ts...@oitc.com
Date: 04/30/2013 2:45 PM (GMT-08:00)
To: Warren Bailey wbai...@satelliteintelligencegroup.com
Cc: Mike Hale eyeronic.des...@gmail.com,Aaron C. de Bruyn
Now we are partying! Let me get on my computer so I can respond.
Sent from my T-Mobile 4G LTE Device
Original message
From: Ryan Wilkins r...@deadfrog.net
Date: 04/30/2013 3:16 PM (GMT-08:00)
To: Mike Hale eyeronic.des...@gmail.com
Cc: Warren Bailey
The proposal currently needs just 13 more committers with 200+ SE points on any
site...
http://area51.stackexchange.com/proposals/52519/network-engineering
The SE site proposal for 'network engineering' is so close to going into Beta.
It's up to
441 committers, and is currently 7th overall,
Hi!
I was wondering if anyone had any experience with dealing with open resolvers
as a web hoster? We currently have some 40,000 ip's that respond to DNS in our
AS, the majority of which are not open but do reply with a referral to the
root zones. We've been sending emails to our clients but
On May 1, 2013, at 6:43 AM, Thomas St-Pierre wrote:
We've been sending emails to our clients but as the servers are not managed
by us, there's not much we can do at that level.
Sure, there is - shut them down if they don't comply. Most ISPs have AUP
verbiage which would apply to a
Hi!
On 13-04-30 7:57 PM, Dobbins, Roland rdobb...@arbor.net wrote:
On May 1, 2013, at 6:43 AM, Thomas St-Pierre wrote:
We've been sending emails to our clients but as the servers are not
managed by us, there's not much we can do at that level.
Sure, there is - shut them down if they don't
On Tue, Apr 30, 2013 at 5:28 PM, Thomas St-Pierre tstpie...@iweb.comwrote:
On 13-04-30 7:57 PM, Dobbins, Roland rdobb...@arbor.net wrote:
On May 1, 2013, at 6:43 AM, Thomas St-Pierre wrote:
We've been sending emails to our clients but as the servers are not
managed by us, there's not much
Please look at something like rate limiting.
Please look at preventing these spoofed packets from entering your network and
report the issue.
Please provide advice and insights as well as directing customers to the
openresolverproject.org website. We want to close these down, if you need an
Hi Damian!
We offer a DNS hosted solution, most people still use their own servers though.
(especially those with control panels such as cPanel or plesk, where it's
built-in).
As for BCP38, I would love to stop the spoofed packets, however with them
coming from our upstreams, (Level3, Cogent,
On May 1, 2013, at 7:42 AM, Thomas St-Pierre wrote:
As for BCP38, I would love to stop the spoofed packets, however with them
coming from our upstreams, (Level3, Cogent, Tata, etc) I don't see how we can.
Contact them on a case-by-case basis to report the spoofed traffic used to
stimulate
Protracted discussion (and promotion) has glossed over one key point:
None of the people on-site are technical, and all their data is accessed
via RDP on a server in the United States.
They will not be happy with VSAT latency (typically 700ms though
physics says you can never do better than
BuzKil!!!
Actually, we use some TCP ninja techniques to make Citrix/RDP work.
Basically, we ack the packets on both sides to prevent the delay from
occurring. It's kind of like acceleration, except there aren't really any
devices in between the session. There is a single box at the
I was going to mention this but failed to do so.
At the very least, do some testing first to make sure that the latency isn't
going to introduce unforeseen issues. Case in point, the Chicago
satellite-based network that I manage is sometimes used for Police / Fire / EMS
dispatching. The
http://www.xiplink.com is who we work with (and sell). Don't mean to
advertise on NANOG, more of an FYI and place for those who care to learn
something. I hate the fact that satellite is looked at like a white
unicorn, it's a pretty cool solution that will perform day in and out for
as long as you
I've used them before on SCPC links. I discovered on a boat one time that the
XipLink unit we were using wasn't exactly designed to handle vibrations from
engines nor the constant pounding of a hull on water when in the ocean with
large swells. Back then the boxes were 1U rackmount PCs
Protracted discussion (and promotion) has glossed over one key point:
None of the people on-site are technical, and all their data is accessed
via RDP on a server in the United States.
They will not be happy with VSAT latency (typically 700ms though
physics says you can never do better than
Joel M Snyder joel.sny...@opus1.com writes:
Actually, Citrix (in particular) works quite well over satellite
latencies. The network project I'm working on right now is wrapping
up an app rollout to about 100 countries, many of which we can only
reach via VSAT. Testing showed that Citrix
Put that in your pipe and smoke it, Seastrom! ;)
On 4/30/13 7:02 PM, Joel M Snyder j...@opus1.com wrote:
Protracted discussion (and promotion) has glossed over one key point:
None of the people on-site are technical, and all their data is
accessed
via RDP on a server in the United States.
On Tuesday, April 30, 2013, John Curran wrote:
On Apr 30, 2013, at 1:46 AM, Jimmy Hess mysi...@gmail.com javascript:;
wrote:
On 4/29/13, John Curran jcur...@arin.net javascript:; wrote:
On Apr 29, 2013, at 2:46 PM, Lee Howard l...@asgard.org javascript:;
wrote:
On 4/29/13 1:03 AM,
Good 'ol Warren, sure knows how to make friends and influence people.
-r
Warren Bailey wbai...@satelliteintelligencegroup.com writes:
Put that in your pipe and smoke it, Seastrom! ;)
On 4/30/13 7:02 PM, Joel M Snyder j...@opus1.com wrote:
Protracted discussion (and promotion) has
The chicks certainly know my name..
Sent from my T-Mobile 4G LTE Device
Original message
From: Rob Seastrom r...@seastrom.com
Date: 04/30/2013 8:00 PM (GMT-08:00)
To: Warren Bailey wbai...@satelliteintelligencegroup.com
Cc: Joel M Snyder
On Apr 30, 2013, at 10:56 PM, Jimmy Hess
mysi...@gmail.commailto:mysi...@gmail.com wrote:
On Tuesday, April 30, 2013, John Curran wrote:
On Apr 30, 2013, at 1:46 AM, Jimmy Hess mysi...@gmail.comjavascript:; wrote:
On 4/29/13, John Curran jcur...@arin.netjavascript:; wrote:
On Apr 29, 2013, at
This says demonstrate the need for resources.
The under current policies bit is redundant, because the transfer policy
is referring to itself. Of course the current policies always apply; so
this is some strange infinitely recursive oddity.
Jimmy,
With all due respect, this is a reference
Hi,
Please also note that modern VSAT hubs (idirect, viasat) -some better than
other- can emulate SCPC. They also support QoS, tcp spoofing and many other
nice features.
Regards,
--Original Message--
From: Rob Seastrom
To: TR Shaw
Cc: Aaron C. de Bruyn
Cc: NANOG mailing list
Doesn't cable Bahamas sell in andros
Warren Bailey wbai...@satelliteintelligencegroup.com wrote:
I suggested VSAT. Probably the quickest and cheapest.
Sent from my T-Mobile 4G LTE Device
Original message
From: Mike Lyon mike.l...@gmail.com
Date: 04/30/2013 1:35 PM
On 4/30/13, Owen DeLong o...@delong.com wrote:
With all due respect, this is a reference in section 8.3 to call out that
the policies in section 4 regarding qualification of recipients are to be
followed when determining eligibility for an 8.3 transfer.
I don't read a reference to section 4
67 matches
Mail list logo
