Re: AS3266: BitCanal hijack factory, courtesy of Cogent, GTT, and Level3

2018-06-26 Thread Suresh Ramasubramanian 
Oh dear. The problem with sarcasm is that it falls flat if people don't realize 
you're being sarcastic.

On 27/06/18, 6:53 AM, "NANOG on behalf of Scott Weeks" 
 wrote:


   On Mon, 25 Jun 2018 at 22:49, Ronald F. Guilmette 

wrote:

> Without the generous support of Cogent, GTT, and Level3 this dumbass
> lowlife IP address space thief would be largely if not entirely toast.
> So what are they waiting for?  Why don't their turf this jackass?  Are
> they waiting for an engraved invitation or what?
>
> As I always ask, retorically, in cases like this:  Where are the 
grownups?


--- ops.li...@gmail.com wrote:
From: Suresh Ramasubramanian 

"we are not the internet police" right? (
-


So your answer is to let them hijack whatever/whenever they want?

scott

Re: AS3266: BitCanal hijack factory, courtesy of Cogent, GTT, and Level3

2018-06-26 Thread Scott Weeks 


   On Mon, 25 Jun 2018 at 22:49, Ronald F. Guilmette 
wrote:

> Without the generous support of Cogent, GTT, and Level3 this dumbass
> lowlife IP address space thief would be largely if not entirely toast.
> So what are they waiting for?  Why don't their turf this jackass?  Are
> they waiting for an engraved invitation or what?
>
> As I always ask, retorically, in cases like this:  Where are the grownups?


--- ops.li...@gmail.com wrote:
From: Suresh Ramasubramanian 

"we are not the internet police" right? (
-


So your answer is to let them hijack whatever/whenever they want?

scott

Submarine Cable Status Map Experiment

2018-06-26 Thread Mehmet Akcin 
Hello NANOGers,

Today i presented a lighting talk to ask for feedback on the submarine
cable status project. I am still trying to work details on how the
governance and sustainability of this project should be structured. I know
there are more people in the list than those who attend in person to NANOG
in Denver hence I want to share my slides here

https://pc.nanog.org/static/published/meetings/NANOG73/1749/20180626_Akcin_Lightning_Talk_Submarine_v1.pdf

There seems to be tremendous amount of interest and support on this
experiment. We are working on getting data (Kmz/Kml) from the operators of
submarine cable systems so we can build our map and display cable status
current demo page is available at https://map.kapany.net

If you have ideas you want to share and help this map experiment become a
reality, please don't hesitate to contact me directly or join our mailing
list. at https://groups.google.com/a/kapany.net/forum/#!forum/subsea

I would like to thank Aaron Hughes, Ognian Mitev, NANOG PC, Telegeography ,
Angola Cables, Alaska Communications and Seaborn Networks for their amazing
support so far.

ps: please feel free to pass this message to other groups / nogs to get the
message to those who are interested.

Thank you!

Mehmet

Re: AS3266: BitCanal hijack factory, courtesy of many connectivity providers

2018-06-26 Thread Job Snijders 
On Tue, Jun 26, 2018 at 09:57:14PM +0200, Radu-Adrian Feurdean wrote:
> On Tue, Jun 26, 2018, at 20:23, Job Snijders wrote:
> > I'm very happy FranceIX apply filters - however Bitcanal is known to
> > submit fabricated/falsified IRR information to databases like RADB
> > and RIPE. I've reported this multiple times over the years to IRR
> > database operators.
> > 
> > In conclusion in the case of Bitcanal, most of your filtering is
> > useless (and so is mine). Participants like Bitcanal dillute the
> > value of your route servers and the IXP as a whole.
> 
> I can confirm that this mornig (~09h30 CEST, when I read the first
> message in the thread) there were no BitCanal announces received from
> FranceIX Paris RS.

What about now? Still squeaky clean? What about now? What about
tomorrow? You only need to announce hijacked routes for the duration of
the spamming campaign (usually just a few hours). The presence of this
type of actor poses a risk to all connnected to the IX fabric.

Kind regards,

Job

Re: AS3266: BitCanal hijack factory, courtesy of many connectivity providers

2018-06-26 Thread Radu-Adrian Feurdean 
On Tue, Jun 26, 2018, at 20:23, Job Snijders wrote:
> I'm very happy FranceIX apply filters - however Bitcanal is known to
> submit fabricated/falsified IRR information to databases like RADB and
> RIPE. I've reported this multiple times over the years to IRR database
> operators.
> 
> In conclusion in the case of Bitcanal, most of your filtering is useless
> (and so is mine). Participants like Bitcanal dillute the value of your
> route servers and the IXP as a whole.

I can confirm that this mornig (~09h30 CEST, when I read the first message in 
the thread) there were no BitCanal announces received from FranceIX Paris RS. 
Not even the ones with an IRR record (the ones in 213/8). All of them were from 
transit.

Re: AS3266: BitCanal hijack factory, courtesy of many connectivity providers

2018-06-26 Thread Max Tulyev 
RPKI? BGPsec?

26.06.18 21:27, Mike Hammett пише:
> Any solution to that? Yell at the IRRs more? 
> 
> 
> 
> 
> - 
> Mike Hammett 
> Intelligent Computing Solutions 
> http://www.ics-il.com 
> 
> Midwest-IX 
> http://www.midwest-ix.com 
> 
> - Original Message -
> 
> From: "Job Snijders"  
> To: "Simon Muyal"  
> Cc: nanog@nanog.org 
> Sent: Tuesday, June 26, 2018 1:23:55 PM 
> Subject: Re: AS3266: BitCanal hijack factory, courtesy of many connectivity 
> providers 
> 
> Dear Simon, 
> 
> On Tue, Jun 26, 2018 at 12:13:26PM -0600, Simon Muyal wrote: 
>> On the France-IX route servers, we are applying filters based on IRR 
>> DBs. I double checked the list https://pastebin.com/raw/Jw1my9Bb and 
>> these prefixes should be filtered if bitcanal starts announcing them. 
>> Currently, bitcanal/AS197426 is not announcing any prefix on our route 
>> servers: 
>>
>> https://lg.franceix.net/irr_found_for/RS1+RS2/ipv4?q=197426 
>> https://lg.franceix.net/irr_notfound_for/RS1+RS2/ipv4?q=197426 
> 
> I'm very happy FranceIX apply filters - however Bitcanal is known to 
> submit fabricated/falsified IRR information to databases like RADB and 
> RIPE. I've reported this multiple times over the years to IRR database 
> operators. 
> 
> In conclusion in the case of Bitcanal, most of your filtering is useless 
> (and so is mine). Participants like Bitcanal dillute the value of your 
> route servers and the IXP as a whole. 
> 
> Kind regards, 
> 
> Job 
> 
>

Re: AS3266: BitCanal hijack factory, courtesy of many connectivity providers

2018-06-26 Thread Mike Hammett 
Authoritative list of shame with supporting evidence? (Yes, I assume there 
isn't one and that one would have to be created.) 

Many network operators aren't going to know who's supposed to be on that list 
and who isn't. 




- 
Mike Hammett 
Intelligent Computing Solutions 
http://www.ics-il.com 

Midwest-IX 
http://www.midwest-ix.com 

- Original Message -

From: "Job Snijders"  
To: "Mike Hammett"  
Cc: nanog@nanog.org 
Sent: Tuesday, June 26, 2018 1:30:05 PM 
Subject: Re: AS3266: BitCanal hijack factory, courtesy of many connectivity 
providers 


On Tue, 26 Jun 2018 at 12:28, Mike Hammett < na...@ics-il.net > wrote: 




Any solution to that? Yell at the IRRs more? 




Or more generally, everyone involved should consider to stop selling services 
to well-known BGP hijackers. 


Kind regards, 


Job

Re: AS3266: BitCanal hijack factory, courtesy of many connectivity providers

2018-06-26 Thread Job Snijders 
On Tue, 26 Jun 2018 at 12:28, Mike Hammett  wrote:

> Any solution to that? Yell at the IRRs more?


Or more generally, everyone involved should consider to stop selling
services to well-known BGP hijackers.

Kind regards,

Job

Re: AS3266: BitCanal hijack factory, courtesy of many connectivity providers

2018-06-26 Thread Mike Hammett 
Any solution to that? Yell at the IRRs more? 




- 
Mike Hammett 
Intelligent Computing Solutions 
http://www.ics-il.com 

Midwest-IX 
http://www.midwest-ix.com 

- Original Message -

From: "Job Snijders"  
To: "Simon Muyal"  
Cc: nanog@nanog.org 
Sent: Tuesday, June 26, 2018 1:23:55 PM 
Subject: Re: AS3266: BitCanal hijack factory, courtesy of many connectivity 
providers 

Dear Simon, 

On Tue, Jun 26, 2018 at 12:13:26PM -0600, Simon Muyal wrote: 
> On the France-IX route servers, we are applying filters based on IRR 
> DBs. I double checked the list https://pastebin.com/raw/Jw1my9Bb and 
> these prefixes should be filtered if bitcanal starts announcing them. 
> Currently, bitcanal/AS197426 is not announcing any prefix on our route 
> servers: 
> 
> https://lg.franceix.net/irr_found_for/RS1+RS2/ipv4?q=197426 
> https://lg.franceix.net/irr_notfound_for/RS1+RS2/ipv4?q=197426 

I'm very happy FranceIX apply filters - however Bitcanal is known to 
submit fabricated/falsified IRR information to databases like RADB and 
RIPE. I've reported this multiple times over the years to IRR database 
operators. 

In conclusion in the case of Bitcanal, most of your filtering is useless 
(and so is mine). Participants like Bitcanal dillute the value of your 
route servers and the IXP as a whole. 

Kind regards, 

Job

Re: AS3266: BitCanal hijack factory, courtesy of many connectivity providers

2018-06-26 Thread Job Snijders 
Dear Simon,

On Tue, Jun 26, 2018 at 12:13:26PM -0600, Simon Muyal wrote:
> On the France-IX route servers, we are applying filters based on IRR
> DBs. I double checked the list https://pastebin.com/raw/Jw1my9Bb and
> these prefixes should be filtered if bitcanal starts announcing them.
> Currently, bitcanal/AS197426 is not announcing any prefix on our route
> servers:
> 
> https://lg.franceix.net/irr_found_for/RS1+RS2/ipv4?q=197426
> https://lg.franceix.net/irr_notfound_for/RS1+RS2/ipv4?q=197426

I'm very happy FranceIX apply filters - however Bitcanal is known to
submit fabricated/falsified IRR information to databases like RADB and
RIPE. I've reported this multiple times over the years to IRR database
operators.

In conclusion in the case of Bitcanal, most of your filtering is useless
(and so is mine). Participants like Bitcanal dillute the value of your
route servers and the IXP as a whole.

Kind regards,

Job

Re: TCP TIMELY implementation guide

2018-06-26 Thread Brielle Bruns 

On 6/26/2018 11:15 AM, Yifeng Zhou wrote:

2nd try...

2018-06-24 16:51 GMT-07:00 Yifeng Zhou :


Hi There,

May I know if there's any TCP TIMELY implementation guide? Want to play
with it..

Thanks!




We got your message first time around.  Likely, if you didn't get any 
responses, its because noone had anything to say about it.


Have you googled around and/or looked at any kind of RFCs or examples?

--
Brielle Bruns
The Summit Open Source Development Group
http://www.sosdg.org/ http://www.ahbl.org

Re: AS3266: BitCanal hijack factory, courtesy of many connectivity providers

2018-06-26 Thread Job Snijders 
(I've updated the email subject to make it more accurate)

On Tue, Jun 26, 2018 at 12:18:19PM -0400, Stephen Fulton wrote:
> Unless of course they are not actually on an IXP listed.

Of course.

> Bitcanal is not a member of TorIX and as far as I recall, never has
> been. The IP they list in PeeringDB was never assigned to them at any
> point and in fact was used by an AS112 instance which was run by TorIX
> directly on the fabric for a time.  I sent in a note to PeeringDB
> several years ago about Bitcanal claiming to be a peer when they were
> not and never heard back.. I'll resend.

Thank you for this clarification. Indeed a note to the PeeringDB Admin
committee should help clean this up. Please note that this organisation
also goes under the name of "Ebony Horizon".

I've manually confirmed bitcanal/AS 197426 is connected to AMS-IX, ECIX
Frankfurt, ESPANIX, FranceIX Paris, GigaPIX, and LINX LON1.

At most of these IXPs, bitcanal seems to be connected the the IXP's
route servers. In my mind, if we want to consider responsibility, these
IXPs are as much at fault as any upstream provider. Connectivity is
connectivity.

Kind regards,

Job

Re: TCP TIMELY implementation guide

2018-06-26 Thread Yifeng Zhou 
2nd try...

2018-06-24 16:51 GMT-07:00 Yifeng Zhou :

> Hi There,
>
> May I know if there's any TCP TIMELY implementation guide? Want to play
> with it..
>
> Thanks!
>

Verizon\MCI Real Estate Department

2018-06-26 Thread Mike Hammett 
Does anyone have a contact at Verizon\MCI's Real Estate department? Their web 
site is rather consumer-focused and has no mention of anything related to that. 
Nagging them on Twitter has been a dud as well. 

They have a fiber route through my family's property (from a Williams pipeline) 
and I'm trying to verify the easement information on record is what they have 
as well. Multiple Williams pipes from the same original builder now in 
different hands makes things a bit more tricky. 




- 
Mike Hammett 
Intelligent Computing Solutions 
http://www.ics-il.com 

Midwest-IX 
http://www.midwest-ix.com

Re: AS3266: BitCanal hijack factory, courtesy of Cogent, GTT, and Level3

2018-06-26 Thread Mike Hammett 
IXP Manager now has IXF exports that PeeringDB can use to cleanup stale 
members. 




- 
Mike Hammett 
Intelligent Computing Solutions 
http://www.ics-il.com 

Midwest-IX 
http://www.midwest-ix.com 

- Original Message -

From: "Stephen Fulton"  
To: nanog@nanog.org 
Sent: Tuesday, June 26, 2018 11:18:19 AM 
Subject: Re: AS3266: BitCanal hijack factory, courtesy of Cogent, GTT, and 
Level3 

Job, 

Unless of course they are not actually on an IXP listed. Bitcanal is 
not a member of TorIX and as far as I recall, never has been. The IP 
they list in PeeringDB was never assigned to them at any point and in 
fact was used by an AS112 instance which was run by TorIX directly on 
the fabric for a time. I sent in a note to PeeringDB several years ago 
about Bitcanal claiming to be a peer when they were not and never heard 
back.. I'll resend. 

-- Stephen (ops, TorIX) 



On 2018-06-26 1:01 AM, Job Snijders wrote: 
> On Mon, 25 Jun 2018 at 22:49, Ronald F. Guilmette  
> wrote: 
> 
>> Without the generous support of Cogent, GTT, and Level3 this dumbass 
>> lowlife IP address space thief would be largely if not entirely toast. 
>> So what are they waiting for? Why don't their turf this jackass? Are 
>> they waiting for an engraved invitation or what? 
>> 
>> As I always ask, retorically, in cases like this: Where are the grownups? 
> 
> 
> 
> You could ask the same about the IXPs that facilitate the reach and impact 
> of Bitcanal’s BGP hijacks by allowing that network on their platform: 
> https://bgp.he.net/AS197426#_ix 
> 
> Kind regards, 
> 
> Job 
>

Re: AS3266: BitCanal hijack factory, courtesy of Cogent, GTT, and Level3

2018-06-26 Thread Stephen Fulton 

Job,

Unless of course they are not actually on an IXP listed.  Bitcanal is 
not a member of TorIX and as far as I recall, never has been.  The IP 
they list in PeeringDB was never assigned to them at any point and in 
fact was used by an AS112 instance which was run by TorIX directly on 
the fabric for a time.  I sent in a note to PeeringDB several years ago 
about Bitcanal claiming to be a peer when they were not and never heard 
back.. I'll resend.


-- Stephen (ops, TorIX)



On 2018-06-26 1:01 AM, Job Snijders wrote:

On Mon, 25 Jun 2018 at 22:49, Ronald F. Guilmette 
wrote:


Without the generous support of Cogent, GTT, and Level3 this dumbass
lowlife IP address space thief would be largely if not entirely toast.
So what are they waiting for?  Why don't their turf this jackass?  Are
they waiting for an engraved invitation or what?

As I always ask, retorically, in cases like this:  Where are the grownups?




You could ask the same about the IXPs that facilitate the reach and impact
of Bitcanal’s BGP hijacks by allowing that network on their platform:
https://bgp.he.net/AS197426#_ix

Kind regards,

Job

Call For Presentations - Joint CENTR-Tech / DNS-OARC Workshop, Amsterdam, NL, 13th/14th October 2018

2018-06-26 Thread Jacques Latour 
Hi All!

The 29th DNS-OARC Workshop will be a joint workshop combined with
CENTR-Tech and will take place at the Hotel Okura, Amsterdam,
Netherlands, on October 13th and 14th 2018.

The Workshop's Program Committee is now requesting proposals for
presentations.  All DNS-related subjects are welcome.

A timeslot will also be available for lightning talks (5-10 minutes)
on day two of the workshop for which submissions will be accepted
on the first day of the workshop, until 4pm.

The second afternoon of the workshop will start with a Members-only
session which will include reports on DNS-OARC's activities.  If you
are an OARC member and have a sensitive topic that you wish to present
during that session those can be accommodated.  The Members-only session
will be followed by the AGM.

Workshop Milestones:


*15 Jun 2018 - Submissions and Registrations open via Indico

*13 Jul 2018 - Deadline for submission

*17 Aug 2018 - Contribution list published

*14 Sep 2018 - Full agenda published

*06 Oct 2018 - Deadline for slideset submission

*13 Oct 2018 - Workshop

Details for presentation submission are published here:

https://indico.dns-oarc.net/event/29/call-for-abstracts/

The workshop presentations will be organized by common themes, depending
on the topics and the timing of each presentation. There are 30-minute
and 15-minute slots, let us know your preference in your submission.

To allow the Programme Committee to make objective assessments of
submissions, so as to ensure the quality of the workshop, submissions
SHOULD include slides.  Draft slides are acceptable on submission.

OARC depends on sponsorship to fund its workshops and associated social
events.  Please contact  if your organization is
interested in becoming a sponsor.

(Please note that OARC is run on a non-profit basis, and is not in a
position to reimburse expenses or time for speakers at its meetings.)

If you have questions or concerns you can contact the Programme Committee:

https://www.dns-oarc.net/oarc/programme

via submissi...@dns-oarc.net

Jacques, for the joint Programme Committee

Re: AS3266: BitCanal hijack factory, courtesy of Cogent, GTT, and Level3

2018-06-26 Thread Hank Nussbacher 
On 26/06/2018 17:08, Thomas King wrote:

Kudos to DE-CIX for getting it right.

-Hank

> I am the guy who gave the presentation. We ask our customers to report 
> misbehavior of peers at DE-CIX IXPs (e.g. IP hijack, ASN hijacks) to 
> ab...@de-cix.net. We will look into reported cases and collect evidence so 
> that we can act accordingly. So far, this process helped us to identify and 
> fix configuration errors from peers on a few occasions. Also, as a last 
> resort we expelled a small number of permanent and notorious rule breakers.
>
> Best regards,
> Thomas
>
>
> On 26.06.18, 15:16, "IXP User One"  wrote:
>
> Hi all,
> 
> I have heard that DE-CIX expelled BitCanal from their IXPs. One of their
> guys also gave a presentation about how DE-CIX handles abuse cases:
> https://ripe75.ripe.net/archives/video/103/
> 
> I don't know how other IXPs are handling such cases. Would be interesting
> to know.
> 
> Best regards,
> IUO
> 
> 
> On Tue, Jun 26, 2018 at 9:35 AM, Hank Nussbacher 
> wrote:
> 
> > On 26/06/2018 07:49, Ronald F. Guilmette wrote:
> >
> > You are mistaken.  Cogent and Level3 are signatories to MANRS:
> > https://www.manrs.org/participants/
> > so this clearly can't happen and you are making this up.
> >
> > :-)
> >
> > -Hank
> >
> > >
> > >
> > > The fact that there exists a jerk like this on the Internet isn't 
> really
> > > all that surprising.  What I personally -do- find rather surprising is
> > that
> > > three companies that each outght to know better, namely Cogent, GTT, 
> and
> > > Level3 are collectively supplying more than 3/4ths of this guy's IPv4
> > > connectivity, at least according to the graph displayed here:
> > >
> > > https://bgp.he.net/AS197426
> > >
> > > Without the generous support of Cogent, GTT, and Level3 this dumbass
> > > lowlife IP address space thief would be largely if not entirely toast.
> > > So what are they waiting for?  Why don't their turf this jackass?  Are
> > > they waiting for an engraved invitation or what?
> > >
> > > As I always ask, retorically, in cases like this:  Where are the
> > grownups?
> > >
> > > I would like everyone reading this who is a customer of Cogent, GTT, 
> or
> > > Level3 to try to contact these companies and ask them why they are
> > providing
> > > connectivity/peering to a hijacking jerk like this Silveira character.
> > > Ask them why -you- have to endure more spam in your inbox just so that
> > > -they- can make another one tenth of one percent profit by peering 
> with
> > > this hijacking, spammer-loving miscreant.  I would ask them myself, 
> but
> > > I personally am not a direct customer of any of them, so they would 
> all,
> > > most probably, just tell me to go pound sand.
> > >
> > > If you do manage to make contact, please be sure to mention all three 
> of
> > > Mr. Silveira's ASNs, i.e. AS42229, AS197426, and AS3266.  And don't 
> let
> > > whoever you talk to try to weasel out of responsibility for this
> > travesty,
> > > e.g. by claiming that they don't know anything about what's been 
> going on
> > > with all those hijacks announced by AS3266, and/or that they only 
> provide
> > > peering for AS197426.  The hijacks may all be originating from Mr.
> > Silveira's
> > > AS3266, but bgp.he.net makes clear that AS3266 has one, and only one
> > peer,
> > > i.e. Mr. Silveira's AS197426:
> > >
> > > https://bgp.he.net/AS3266
> > >
> > > So basically, Cogent, GTT, and Level3 are the prime enablers of this
> > > massive theft of IP space.  (They might try to claim that BitCanal's
> > > historical propensity to engage in hijacks is sonmething "brand new"
> > > or at least that -they- may not have been aware of it until now, in 
> which
> > > case you should ask them if they have anybody on staff who is paying
> > > attention.  As noted above, it isn't as if Bitcanal just started 
> pulling
> > > this crap yesterday.  Far from it.)
> > >
> > > Oh!  And you might also mention the fact that Spamhaus, and, I would
> > guess,
> > > at least a few of the oether public blacklists already have most or 
> all
> > of
> > > Mr.  Silveira's IP space... hijacked or otherwise... blacklisted,
> > presumably
> > > for good and ample cause.
> > >
> > > As long as Cogent, GTT, and Level3 are willing to go along with this
> > > nonsense, i.e. by selling peering to this Silveira thief, crime on
> > > the Internet -does- pay, and the theft of other people's IP space
> > > will continue to be rewarded rather than punished, as it should be.
> > >
> > > If that becomes the new normal for Internet behavior, then god help us
> > > all.
> > >
> > >
> > > Rega

Re: AS3266: BitCanal hijack factory, courtesy of Cogent, GTT, and Level3

2018-06-26 Thread Thomas King 
I am the guy who gave the presentation. We ask our customers to report 
misbehavior of peers at DE-CIX IXPs (e.g. IP hijack, ASN hijacks) to 
ab...@de-cix.net. We will look into reported cases and collect evidence so that 
we can act accordingly. So far, this process helped us to identify and fix 
configuration errors from peers on a few occasions. Also, as a last resort we 
expelled a small number of permanent and notorious rule breakers.

Best regards,
Thomas


On 26.06.18, 15:16, "IXP User One"  wrote:

Hi all,

I have heard that DE-CIX expelled BitCanal from their IXPs. One of their
guys also gave a presentation about how DE-CIX handles abuse cases:
https://ripe75.ripe.net/archives/video/103/

I don't know how other IXPs are handling such cases. Would be interesting
to know.

Best regards,
IUO


On Tue, Jun 26, 2018 at 9:35 AM, Hank Nussbacher 
wrote:

> On 26/06/2018 07:49, Ronald F. Guilmette wrote:
>
> You are mistaken.  Cogent and Level3 are signatories to MANRS:
> https://www.manrs.org/participants/
> so this clearly can't happen and you are making this up.
>
> :-)
>
> -Hank
>
> >
> >
> > The fact that there exists a jerk like this on the Internet isn't really
> > all that surprising.  What I personally -do- find rather surprising is
> that
> > three companies that each outght to know better, namely Cogent, GTT, and
> > Level3 are collectively supplying more than 3/4ths of this guy's IPv4
> > connectivity, at least according to the graph displayed here:
> >
> > https://bgp.he.net/AS197426
> >
> > Without the generous support of Cogent, GTT, and Level3 this dumbass
> > lowlife IP address space thief would be largely if not entirely toast.
> > So what are they waiting for?  Why don't their turf this jackass?  Are
> > they waiting for an engraved invitation or what?
> >
> > As I always ask, retorically, in cases like this:  Where are the
> grownups?
> >
> > I would like everyone reading this who is a customer of Cogent, GTT, or
> > Level3 to try to contact these companies and ask them why they are
> providing
> > connectivity/peering to a hijacking jerk like this Silveira character.
> > Ask them why -you- have to endure more spam in your inbox just so that
> > -they- can make another one tenth of one percent profit by peering with
> > this hijacking, spammer-loving miscreant.  I would ask them myself, but
> > I personally am not a direct customer of any of them, so they would all,
> > most probably, just tell me to go pound sand.
> >
> > If you do manage to make contact, please be sure to mention all three of
> > Mr. Silveira's ASNs, i.e. AS42229, AS197426, and AS3266.  And don't let
> > whoever you talk to try to weasel out of responsibility for this
> travesty,
> > e.g. by claiming that they don't know anything about what's been going 
on
> > with all those hijacks announced by AS3266, and/or that they only 
provide
> > peering for AS197426.  The hijacks may all be originating from Mr.
> Silveira's
> > AS3266, but bgp.he.net makes clear that AS3266 has one, and only one
> peer,
> > i.e. Mr. Silveira's AS197426:
> >
> > https://bgp.he.net/AS3266
> >
> > So basically, Cogent, GTT, and Level3 are the prime enablers of this
> > massive theft of IP space.  (They might try to claim that BitCanal's
> > historical propensity to engage in hijacks is sonmething "brand new"
> > or at least that -they- may not have been aware of it until now, in 
which
> > case you should ask them if they have anybody on staff who is paying
> > attention.  As noted above, it isn't as if Bitcanal just started pulling
> > this crap yesterday.  Far from it.)
> >
> > Oh!  And you might also mention the fact that Spamhaus, and, I would
> guess,
> > at least a few of the oether public blacklists already have most or all
> of
> > Mr.  Silveira's IP space... hijacked or otherwise... blacklisted,
> presumably
> > for good and ample cause.
> >
> > As long as Cogent, GTT, and Level3 are willing to go along with this
> > nonsense, i.e. by selling peering to this Silveira thief, crime on
> > the Internet -does- pay, and the theft of other people's IP space
> > will continue to be rewarded rather than punished, as it should be.
> >
> > If that becomes the new normal for Internet behavior, then god help us
> > all.
> >
> >
> > Regards,
> > rfg
> >
>
>



smime.p7s
Description: S/MIME cryptographic signature

Re: AS3266: BitCanal hijack factory, courtesy of Cogent, GTT, and Level3

2018-06-26 Thread IXP User One 
Hi all,

I have heard that DE-CIX expelled BitCanal from their IXPs. One of their
guys also gave a presentation about how DE-CIX handles abuse cases:
https://ripe75.ripe.net/archives/video/103/

I don't know how other IXPs are handling such cases. Would be interesting
to know.

Best regards,
IUO


On Tue, Jun 26, 2018 at 9:35 AM, Hank Nussbacher 
wrote:

> On 26/06/2018 07:49, Ronald F. Guilmette wrote:
>
> You are mistaken.  Cogent and Level3 are signatories to MANRS:
> https://www.manrs.org/participants/
> so this clearly can't happen and you are making this up.
>
> :-)
>
> -Hank
>
> >
> >
> > The fact that there exists a jerk like this on the Internet isn't really
> > all that surprising.  What I personally -do- find rather surprising is
> that
> > three companies that each outght to know better, namely Cogent, GTT, and
> > Level3 are collectively supplying more than 3/4ths of this guy's IPv4
> > connectivity, at least according to the graph displayed here:
> >
> > https://bgp.he.net/AS197426
> >
> > Without the generous support of Cogent, GTT, and Level3 this dumbass
> > lowlife IP address space thief would be largely if not entirely toast.
> > So what are they waiting for?  Why don't their turf this jackass?  Are
> > they waiting for an engraved invitation or what?
> >
> > As I always ask, retorically, in cases like this:  Where are the
> grownups?
> >
> > I would like everyone reading this who is a customer of Cogent, GTT, or
> > Level3 to try to contact these companies and ask them why they are
> providing
> > connectivity/peering to a hijacking jerk like this Silveira character.
> > Ask them why -you- have to endure more spam in your inbox just so that
> > -they- can make another one tenth of one percent profit by peering with
> > this hijacking, spammer-loving miscreant.  I would ask them myself, but
> > I personally am not a direct customer of any of them, so they would all,
> > most probably, just tell me to go pound sand.
> >
> > If you do manage to make contact, please be sure to mention all three of
> > Mr. Silveira's ASNs, i.e. AS42229, AS197426, and AS3266.  And don't let
> > whoever you talk to try to weasel out of responsibility for this
> travesty,
> > e.g. by claiming that they don't know anything about what's been going on
> > with all those hijacks announced by AS3266, and/or that they only provide
> > peering for AS197426.  The hijacks may all be originating from Mr.
> Silveira's
> > AS3266, but bgp.he.net makes clear that AS3266 has one, and only one
> peer,
> > i.e. Mr. Silveira's AS197426:
> >
> > https://bgp.he.net/AS3266
> >
> > So basically, Cogent, GTT, and Level3 are the prime enablers of this
> > massive theft of IP space.  (They might try to claim that BitCanal's
> > historical propensity to engage in hijacks is sonmething "brand new"
> > or at least that -they- may not have been aware of it until now, in which
> > case you should ask them if they have anybody on staff who is paying
> > attention.  As noted above, it isn't as if Bitcanal just started pulling
> > this crap yesterday.  Far from it.)
> >
> > Oh!  And you might also mention the fact that Spamhaus, and, I would
> guess,
> > at least a few of the oether public blacklists already have most or all
> of
> > Mr.  Silveira's IP space... hijacked or otherwise... blacklisted,
> presumably
> > for good and ample cause.
> >
> > As long as Cogent, GTT, and Level3 are willing to go along with this
> > nonsense, i.e. by selling peering to this Silveira thief, crime on
> > the Internet -does- pay, and the theft of other people's IP space
> > will continue to be rewarded rather than punished, as it should be.
> >
> > If that becomes the new normal for Internet behavior, then god help us
> > all.
> >
> >
> > Regards,
> > rfg
> >
>
>

Circulator and LR4/ER4 (was Re: Tunable QSFP Optics)

2018-06-26 Thread Jérôme Nicolle 
Hi Mitchell,

Le 19/06/2018 à 18:27, Lewis,Mitchell T. a écrit :
> Does anyone know if any Single Mode QSFPs exist on the market that
> use wavelengths other than 1310nm (either self tunable or factory
> tuned)? 

I found none.

> I am looking to put more than one 40gb link on a fiber pair
> similar to using DWDM OADMs for 1g & 10g but can't seem to find any
> qsfp optics that don't use 1310nm.

I' considering the use of a circulator to do 40/100G over a single strand.

Do you think that would work ? Would it solve four problem ?

https://www.fs.com/products/33364.html

Best regards,

-- 
Jérôme Nicolle
+33 6 19 31 27 14

Re: AS3266: BitCanal hijack factory, courtesy of Cogent, GTT, and Level3

2018-06-26 Thread Hank Nussbacher 
On 26/06/2018 07:49, Ronald F. Guilmette wrote:

You are mistaken.  Cogent and Level3 are signatories to MANRS:
https://www.manrs.org/participants/
so this clearly can't happen and you are making this up.

:-)

-Hank

>
>
> The fact that there exists a jerk like this on the Internet isn't really
> all that surprising.  What I personally -do- find rather surprising is that
> three companies that each outght to know better, namely Cogent, GTT, and
> Level3 are collectively supplying more than 3/4ths of this guy's IPv4
> connectivity, at least according to the graph displayed here:
>
> https://bgp.he.net/AS197426
>
> Without the generous support of Cogent, GTT, and Level3 this dumbass
> lowlife IP address space thief would be largely if not entirely toast.
> So what are they waiting for?  Why don't their turf this jackass?  Are
> they waiting for an engraved invitation or what?
>
> As I always ask, retorically, in cases like this:  Where are the grownups?
>
> I would like everyone reading this who is a customer of Cogent, GTT, or
> Level3 to try to contact these companies and ask them why they are providing
> connectivity/peering to a hijacking jerk like this Silveira character.
> Ask them why -you- have to endure more spam in your inbox just so that
> -they- can make another one tenth of one percent profit by peering with
> this hijacking, spammer-loving miscreant.  I would ask them myself, but
> I personally am not a direct customer of any of them, so they would all,
> most probably, just tell me to go pound sand.
>
> If you do manage to make contact, please be sure to mention all three of
> Mr. Silveira's ASNs, i.e. AS42229, AS197426, and AS3266.  And don't let
> whoever you talk to try to weasel out of responsibility for this travesty,
> e.g. by claiming that they don't know anything about what's been going on
> with all those hijacks announced by AS3266, and/or that they only provide
> peering for AS197426.  The hijacks may all be originating from Mr. Silveira's
> AS3266, but bgp.he.net makes clear that AS3266 has one, and only one peer,
> i.e. Mr. Silveira's AS197426:
>
> https://bgp.he.net/AS3266
>
> So basically, Cogent, GTT, and Level3 are the prime enablers of this
> massive theft of IP space.  (They might try to claim that BitCanal's
> historical propensity to engage in hijacks is sonmething "brand new"
> or at least that -they- may not have been aware of it until now, in which
> case you should ask them if they have anybody on staff who is paying
> attention.  As noted above, it isn't as if Bitcanal just started pulling
> this crap yesterday.  Far from it.)
>
> Oh!  And you might also mention the fact that Spamhaus, and, I would guess,
> at least a few of the oether public blacklists already have most or all of
> Mr.  Silveira's IP space... hijacked or otherwise... blacklisted, presumably
> for good and ample cause.
>
> As long as Cogent, GTT, and Level3 are willing to go along with this
> nonsense, i.e. by selling peering to this Silveira thief, crime on
> the Internet -does- pay, and the theft of other people's IP space
> will continue to be rewarded rather than punished, as it should be.
>
> If that becomes the new normal for Internet behavior, then god help us
> all.
>
>
> Regards,
> rfg
>