two questions:
o of the /24s in the arin region, what percentage are owned by arin
members?
o of the address holders in the arin region, what percentage are arin
members?
i understand that the latter will be slightly jittered because of the
database mess with multiple org ids for
two questions:
o of the /24s in the arin region, what percentage are owned by arin
members?
o of the address holders in the arin region, what percentage are arin
members?
i understand that the latter will be slightly jittered because of the
database mess with multiple org ids for
This is exactly my point. If a subscriber can use the service for 30
consecutive days and never achieve the 8Mbps because the network is
incapable by design, or by virtue of its over subscription is
statistically impossible of delivering it, then I believe this is false
advertising. I, and
On Sunday, March 23, 2014 07:10:37 AM John Levine wrote:
In Africa, I suppose, but here in North America, the few
remaining ISPs that aren't part of giant cable or phone
companies are hanging on by their teeth.
Incidentally, this doesn't apply to Africa today, because
AFRINIC still have lots
* John Levine
Also, although it is fashionable to say how awful CGN is, the users
don't seem to mind it at all.
You might just be looking in the wrong places.
Try searching for playstation nat type 3 or xbox strict nat.
Tore
On 23/03/2014 03:00, Doug Barton wrote:
Hyperbole of the past doesn't negate the reality of the future. :)
the past and present hyperbole continues to grate.
With respect I think you're ignoring some pretty important facts. Not
the least of which is the level of pressure that's been taken off
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 3/23/2014 9:13 AM, Nick Hilliard wrote:
yep, agreed - doing ipv6 now is a sensible business proposition.
But it needs to be tempered with the realisation that for nearly
all networks, ipv6 is complementary to ipv4 and not a replacement;
nor
In message 20140323051037.94159.qm...@joyce.lan, John Levine writes:
It will be a long time
before the price of v4 rises high enough to make it
worth the risk of going v6 only.
New ISP's are born everyday.
Some of them will be able to have a Buy an ISP that has
IPv4 or Buy IPv4
On Sunday, March 23, 2014 06:57:26 PM Mark Andrews wrote:
ISP's have done a good job of brain washing their
customers into thinking that they shouldn't be able to
run services from home. That all their machines
shouldn't have a globally unique address that is
theoritically reachable from
First, there may be those that do not require IPv6 due to size. So what is
YOUR big plan to connect all those on IPv4 to the rest of the IPv6 world
that has dropped IPv4 addresses.
We'll be offering v6 standard really soon. It's growth that got in the
way both from employee bandwidth and
On Mar 23, 2014 1:11 PM, Mark Tinka mark.ti...@seacom.mu wrote:
On Sunday, March 23, 2014 06:57:26 PM Mark Andrews wrote:
I was at work last week and because I have IPv6 at both
ends I could just log into the machines at home as
easily as if I was there. When I'm stuck using a IPv4
only
On Mar 23, 2014, at 4:57 PM, Mark Andrews ma...@isc.org wrote:
Basically because none of them have ever been on the Internet proper
where they can connect to their home machines from wherever they
are in the world directly. If you don't know what it should be
like you don't complain
On (2014-03-23 20:09 +0200), Mark Tinka wrote:
I expect this to change little in the enterprise space. I
think use of ULA and NAT66 will be one of the things
enterprises will push for, because how can a printer have a
public IPv6 address that is reachable directly from the
Internet,
In message 201403232009.47085.mark.ti...@seacom.mu, Mark Tinka writes:
On Sunday, March 23, 2014 06:57:26 PM Mark Andrews wrote:
ISP's have done a good job of brain washing their
customers into thinking that they shouldn't be able to
run services from home. That all their machines
On Sunday, March 23, 2014 08:27:57 PM Philip Dorr wrote:
That is what a firewall is for. Drop new inbound
connections, allow related, and allow outbound. Then
you allow specific IP/ports to have inbound traffic.
You may also only allow outbound traffic for specific
ports, or from your
On Sunday, March 23, 2014 08:30:21 PM Laszlo Hanyecz wrote:
As far as the enterprise side of things, many of the
people working in that area today have likely never
known any other kind of network except the NAT kind. A
lot of these guys say things like 'private ip' and
'public ip' -
On Sunday, March 23, 2014 08:35:48 PM Saku Ytti wrote:
Or IT isn't buying the 'renumbering is easy' argument,
for any non-trivial size company even figuring how where
exactly can be IP addresses punched out statically would
be expensive and long process.
If you are pushing for customer to
On Sun, Mar 23, 2014 at 8:06 AM, Blake Hudson bl...@ispn.net wrote:
This is exactly my point. If a subscriber can use the service for 30
consecutive days and never achieve the 8Mbps because the network is
incapable by design, or by virtue of its over subscription is statistically
impossible
On Sunday, March 23, 2014 08:39:51 PM Mark Andrews wrote:
Can I suggest that you re-read what I said. I did not
say WILL BE REACHABLE. I said THEORETICALLY
REACHABLE. I also said GLOBAL UNIQUE address not
PUBLIC ADDRESS.
The point is one should be able to get addresses with
these
On Sun, Mar 23, 2014 at 11:27 AM, Philip Dorr tagn...@gmail.com wrote:
On Mar 23, 2014 1:11 PM, Mark Tinka mark.ti...@seacom.mu wrote:
On Sunday, March 23, 2014 06:57:26 PM Mark Andrews wrote:
I was at work last week and because I have IPv6 at both
ends I could just log into the machines
On Sunday, March 23, 2014 09:05:54 PM Cb B wrote:
i would say the more appropriate place for this policy is
the printer, not a firewall. For example, maybe a
printer should only be ULA or LLA by default.
i would hate for people to think that a middle box is
required, when the best place
On Sun, Mar 23, 2014 at 12:13 PM, Mark Tinka mark.ti...@seacom.mu wrote:
On Sunday, March 23, 2014 09:05:54 PM Cb B wrote:
i would say the more appropriate place for this policy is
the printer, not a firewall. For example, maybe a
printer should only be ULA or LLA by default.
i would hate
* mpet...@netflight.com (Matthew Petach) [Sun 23 Mar 2014, 20:06 CET]:
Doesn't sound too outlandish. Mind you, I'm sure
it would raise costs, as that testing and validation
wouldn't be free. But I'm sure we'd all be willing to
pay an additional $10/month on our service to be
sure it could
On Sunday, March 23, 2014 09:24:35 PM Cb B wrote:
My hope is that folks stop equating firewalls with
security, when the first step is to secure the host,
accountability is with the host, then layer other tools
as needed.
I couldn't agree more.
As an example, your home PC (whose OS wasn't
Hi all,
Le 23/03/2014 20:13, Mark Tinka a écrit :
On Sunday, March 23, 2014 09:05:54 PM Cb B wrote:
i would say the more appropriate place for this policy is
the printer, not a firewall. For example, maybe a
printer should only be ULA or LLA by default.
I would support adding security
On Sun, Mar 23, 2014 at 12:27 PM, Niels Bakker niels=na...@bakker.netwrote:
* mpet...@netflight.com (Matthew Petach) [Sun 23 Mar 2014, 20:06 CET]:
Doesn't sound too outlandish. Mind you, I'm sure
it would raise costs, as that testing and validation
wouldn't be free. But I'm sure we'd all
On 23/03/2014 18:39, Mark Andrews wrote:
As for printers directly reachable from anywhere, why not.
because in practice it's an astonishingly stupid idea. Here's why:
chargen / other small services
ssh
www
buffer overflows
open smtp relays
weak, default or non existent passwords
information
In message 532f42aa.9000...@foobar.org, Nick Hilliard writes:
On 23/03/2014 18:39, Mark Andrews wrote:
As for printers directly reachable from anywhere, why not.
because in practice it's an astonishingly stupid idea. Here's why:
chargen / other small services
ssh
www
buffer overflows
On Mar 23, 2014 11:27 AM, Paul Ferguson fergdawgs...@mykolab.com wrote:
Also, IPv6 introduces some serious security concerns, and until they
are properly addressed, they will be a serious barrier to even
considering it.
And that is pure FUD. The sorts of security risks with IPv6 are mostly in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 3/23/2014 2:27 PM, Timothy Morizot wrote:
On Mar 23, 2014 11:27 AM, Paul Ferguson
fergdawgs...@mykolab.com mailto:fergdawgs...@mykolab.com
wrote:
Also, IPv6 introduces some serious security concerns, and until
they are properly addressed,
On Sun, Mar 23, 2014 at 04:27:16PM -0500, Timothy Morizot wrote:
On Mar 23, 2014 11:27 AM, Paul Ferguson fergdawgs...@mykolab.com wrote:
Also, IPv6 introduces some serious security concerns, and until they
are properly addressed, they will be a serious barrier to even
considering it.
And
On 23/03/2014 21:02, Mark Andrews wrote:
Actually all you have stated in that printer vendors need to clean
up their act and not that one shouldn't expect to be able to expose
a printer to the world. It isn't hard to do this correctly.
perish the thought - and I look forward to the day that
On Sun, Mar 23, 2014 at 10:31:57PM +, Nick Hilliard wrote:
On 23/03/2014 21:02, Mark Andrews wrote:
Actually all you have stated in that printer vendors need to clean
up their act and not that one shouldn't expect to be able to expose
a printer to the world. It isn't hard to do this
On Sat, Mar 22, 2014 at 07:57:04PM -, John Levine wrote:
In such a case, where you are still pushing the case for
IPv4, how do you envisage things will look on your side when
everybody else you want to talk to is either on IPv6, or
frantically getting it turned up? Do you reckon anyone
On Mar 23, 2014 4:45 PM, bmann...@vacation.karoshi.com wrote:
Yo, Tim/Scott. Seems you have not been keeping up.
http://go6.si/wp-content/uploads/2011/11/DREN-6-Slo-IPv6Summit-2011.pdf
points out several unique problems w/ IPv6 and in deployments
where
there are
In message 532f60dd.3030...@foobar.org, Nick Hilliard writes:
On 23/03/2014 21:02, Mark Andrews wrote:
Actually all you have stated in that printer vendors need to clean
up their act and not that one shouldn't expect to be able to expose
a printer to the world. It isn't hard to do this
On Mon, Mar 24, 2014 at 10:15:27AM +1100, Mark Andrews wrote:
In message 532f60dd.3030...@foobar.org, Nick Hilliard writes:
On 23/03/2014 21:02, Mark Andrews wrote:
Actually all you have stated in that printer vendors need to clean
up their act and not that one shouldn't expect to be
Not necessarily. Printers generally run unattended, printers generally are not
rebooted periodically for updates (assuring malware can continue to run),
printers generally are not updated even periodically, printers generally have
almost no logging that could be reviewed, printers are generally
On Mar 23, 2014 4:45 PM, Paul Ferguson fergdawgs...@mykolab.com wrote:
Also, neighbor discovery, for example, can be dangerous (admittedly,
so can ARP spoofing in IPv4). And aside from the spoofable ability of
ND, robust DHCPv6 is needed for enterprises for sheer operational
continuity.
Yes.
On Mar 23, 2014 6:21 PM, Paul Ferguson fergdawgs...@mykolab.com wrote:
Says you.
And many others. My comments were actually reiterating what I commonly see
presented today.
On the other hand, there are beaucoup enterprise networks unwilling to
consider to moving to v6 until there are
Hello,
Are there any tools similar to the routing tab at stat.ripe.net ?
To be more specific, I'm looking for the BGP route visibility feature.
-Damien
I wasn't aware that calling out FUD was derisive, but whatever.
It's derisive because you completely dismiss a huge security issue
that, given the state of IPv6 adoption, a great majority of companies
are facing.
Calling it FUD is completely wrong because it *is* a legitimate
security issue for
On Mar 23, 2014 7:24 PM, Mike Hale eyeronic.des...@gmail.com wrote:
It's derisive because you completely dismiss a huge security issue
that, given the state of IPv6 adoption, a great majority of companies
are facing.
The original assertion was that there are unaddressed security weaknesses
in
I'd simply just recommend using the route views servers, you don't
really need the graphical representation.
On 3/24/2014 午前 02:46, Damien Burke wrote:
Hello,
Are there any tools similar to the routing tab at stat.ripe.net ?
To be more specific, I'm looking for the BGP route visibility
unless by few you simply mean a minority
Which I do.
appropriately mitigating the security risks shows the claim that
there are security weaknesses in IPv6 preventing its adoption is
false.
No. It doesn't. It's not the sole reason, but it's a huge factor to consider.
But there's nothing
In message CAN3um4wnMPW=BQ6ec_=nh-ua50nn3ql9t+nxdo-adnzcjhk...@mail.gmail.com
, Mike Hale writes:
I wasn't aware that calling out FUD was derisive, but whatever.
It's derisive because you completely dismiss a huge security issue
that, given the state of IPv6 adoption, a great majority of
On Mar 23, 2014 7:54 PM, Mike Hale eyeronic.des...@gmail.com wrote:
unless by few you simply mean a minority
Which I do.
Then that's fine. But there are numerous enterprises in that minority and
it includes some pretty large enterprises. My own enterprise organization
has more than 600 sites,
[]
It seems to me that the only thing that really matters in v6 wars for
enterprise is whether their
content side has a v6 face. Who really cares whether they migrate away
from v4 so long as
they make their outward facing content (eg web, etc) available over v6?
That's really the key.
Mike
then there aren't any inherent security weaknesses preventing its
adoption by enterprises.
You're right. There's not an inherent security weakness in the
protocol. The increased risk is due to the increase in your attack
surface (IMHO).
Your attack surface has already expanded whether or not
We don't know because the service provider rolls that cost up along
with th= e services they sell. That is my point. They are able to
spread the costs= out based on the profitable services they sell.
Okay.
If they were not able to =
sell us services I am not sure they could afford to
... In fact, having been a service provider I can tell you that I
paid the LEC about $4 a month for a copper pair to your house to sell
DSL service at around ten times that cost. I am sure the LEC was not
making money at the $4 a month and I know I could not fund a build out for
that
There may not need to be competition in the capitalist sense of the word but
there needs to be some feedback loop for the consumer of a service to provide
feedback on their satisfaction with it. In the case of a government provided
service people vote at the polls. With a commercially
On Mar 23, 2014 8:44 PM, Mike Hale eyeronic.des...@gmail.com wrote:
Your attack surface has already expanded whether or not you deploy IPv6.
Not so. If I don't enable IPv6 on my hosts, the attacker can yammer
away via IPv6 all day long with no result.
I suppose it depends on the size of your
On Mar 23, 2014 8:44 PM, Michael Thomas m...@mtcc.com wrote:
It seems to me that the only thing that really matters in v6 wars for
enterprise is whether their
content side has a v6 face. Who really cares whether they migrate away
from v4 so long as
they make their outward facing content (eg
On Mar 24, 2014, at 6:37 AM, Timothy Morizot tmori...@gmail.com wrote:
You'll pardon my skepticism over claims that unspecified security weaknesses
make it impossible to do what we have done and are continuing to
do.
All this unfilterable ICMP makes for interesting times - I've already run
I am not sure I agree with the basic premise here. NAT or Private addressing
does not equal security.
A globally routable address does not necessarily mean globally accessible.
Any enterprise that cares a wit about network security is going to have a
firewall. If you are relying on NAT to
Not sure which rural LECs are exempt from competition. Some areas are
effectively exempt from facilities-based (i.e. wireline) competition because
it's unaffordable, without subsidy, to build a duplicate wireline
infrastructure. There are also wireless carriers and WISPs the compete
against
Many rural LECs are not required to provide unbundled network elements. As a
network provider you can resell their service but they are not required to
provide unbundled elements necessary to compete against them as a facilities
based provider. So, for example, in Alamo Tennessee or Northern
I think I understand what you're saying -- you believe that RLECs that don't
have to provide UNE's are exempt from competition. I guess I don't see the
lack of that requirement meaning that there's no competition -- it just
means that the kind of competition is different.
Frank
-Original
Here is the legal definition of an RLEC.
http://definitions.uslegal.com/r/rural-telephone-company/
Steven Naslund
Chicago IL
-Original Message-
From: Naslund, Steve [mailto:snasl...@medline.com]
Sent: Sunday, March 23, 2014 10:16 PM
To: Frank Bulk
Cc: nanog@nanog.org
Subject: RE:
Correct, there is competition to them including the local cable company (if
there is one). You just cannot get competitive access to their infrastructure.
You have to pay at least the full wholesale rate. That tends to make them the
most cost effective choice for wireline services like DSL
On Mar 23, 2014, at 6:53 PM, Randy Bush ra...@psg.com wrote:
two questions:
o of the /24s in the arin region, what percentage are owned by arin
members?
Randy -
Happy to generate these - two questions for clarity.
1) Should we expand /16's and /8's into the corresponding number of
Exactly right John. I think the term owned is a problem here.
It seems to me that the terms would correctly be holder or who the address
space was issued to or user being the end user using that space.
Wouldn't all of the holders be ARIN members unless grandfathered in?
Steven Naslund
Chicago
o of the /24s in the arin region, what percentage are owned by arin
members?
1) Should we expand /16's and /8's into the corresponding number of
/24's ?
sorry. i mean the number of /24 equivalents. so yes, expand /7-/23
2) In terms of categories, we could go strictly with /24's
I think the term owned is a problem here.
sorry not to get your religious icons correctly. full refund below.
jeezus! get a life.
randy
Sorry Randy,
I was not trying to criticize your terminology. I was just wondering about the
question trying to be answered here. The holder of an address space and the
end user of the address space are two really different things. The holder is
often an ARIN member or grandfathered in and
sorry steve.
was not chasing down the tree. not clear what a useful measurement
would be.
randy
Steve -
Thanks for the reminder; terminology aside, I think we have
a good understanding of Randy's request for statistics.
We'll put these together asap.
/John
On Mar 24, 2014, at 11:58 AM, Naslund, Steve snasl...@medline.com wrote:
Sorry Randy,
I was not trying to criticize
No problem. One of the risks in text communication.
I guess the usefulness of the measurement would be in what the original
question is?
If we knew more about what the membership / non-membership question was about
it would be easier. I guess if we were really trying to figure out how much
He is definitely in the authoritative hands :)
Steve
-Original Message-
From: John Curran [mailto:jcur...@arin.net]
Sent: Sunday, March 23, 2014 11:16 PM
To: Naslund, Steve
Cc: Randy Bush; North American Network Operators' Group
Subject: Re: arin representation
Steve -
Thanks for
I thought the 40% I paid in taxes covered prosecution of fraudulent
advertising.
Nick
On Mar 23, 2014 4:02 PM, Matthew Petach mpet...@netflight.com wrote:
On Sun, Mar 23, 2014 at 12:27 PM, Niels Bakker niels=na...@bakker.net
wrote:
* mpet...@netflight.com (Matthew Petach) [Sun 23 Mar 2014,
On Mar 24, 2014, at 12:20 PM, Naslund, Steve snasl...@medline.com wrote:
Exactly right John. I think the term owned is a problem here.
It seems to me that the terms would correctly be holder or who the address
space was issued to or user being the end user using that space.
We use
Unless I misremember, everyone who receives a direct allocation from ARIN
and signs an RSA is automatically a member. It's not clear to me what
owner of a /24 network means in that context. (I don't recall if signing
an LRSA in and of itself also makes one a member, since by the time we had
signed
But perhaps Randy is looking for the number of /24 equivalents
allocated to legacy resource holders who haven't also received an IPv6
direct allocation or other IPv4 direct allocation under an RSA?
what percentage of address space is held by members and what percentage
by non-members
On Mar 24, 2014, at 12:59 PM, Randy Bush ra...@psg.com wrote:
But perhaps Randy is looking for the number of /24 equivalents
allocated to legacy resource holders who haven't also received an IPv6
direct allocation or other IPv4 direct allocation under an RSA?
what percentage of address
75 matches
Mail list logo