it looks like ATT still answers the queries. I'd assume that any changes
would have to be authorized by the customer though. Why not just call
Siemens Medical?
; DiG 9.6.0-APPLE-P2 -x 12.54.91.1
;; global options: +cmd
;; Got answer:
;; -HEADER- opcode: QUERY, status: NXDOMAIN, id: 21619
;;
Well what's making the connection? It looks like unencrypted http, if your
social security number and last known addresses are streaming by you should
be able to see them. It's a bit of a jump to say that FB (not that I'm
particularly fond of them) is spying on you from a single netstat command.
2011/10/10 Tom Lanyon tom+na...@oneshoeco.com
Hi all,
Looking for some advice or experience in a small enterprise / hosting
provider context.
There's plenty of BCP information around for SPs in the network design
realm, and I'm curious how much of this applies to enterprises too.
2011/10/11 Christopher Morrow morrowc.li...@gmail.com
On Tue, Oct 11, 2011 at 1:12 AM, Keegan Holley
keegan.hol...@sungard.com wrote:
The definition of clean is also subjective. There are many who would run
the IGP only for loopbacks and /30's and force everything into BGP even
at
small
+1
good to get a view from multiple sources even if they are automated. Should
be easy enough to filter for those that do not want them.
2011/10/15 William F. Maton Sotomayor wma...@ottix.net
On Sat, 15 Oct 2011, Lynda wrote:
On 10/15/2011 4:26 AM, Geoff Huston wrote:
While I am at it,
I can hit it from home (comcast) and from my company's network.
2011/10/19 brian nikell nickell...@gmail.com
same
On Wed, Oct 19, 2011 at 11:15 AM, Lorell Hathcock lor...@hathcock.org
wrote:
All:
I am experiencing trouble with reaching 4.2.2.2 right now from my
netblock.
ASN
Despite this being a north american list anyone know how I can speak with
someone from saudi telecom. Preferably someone with the ever illusive clue?
Depends on the provider. Many just do not want to manage hundreds of
customer ACL's on access routers. Especially when it would compete with a
managed service (firewall, IDP, DDOS) of some sort. Some still are under
the impression that ACL's are software based and their giant $100k+ edge box
2011/10/25 Brandon Galbraith brandon.galbra...@gmail.com
On Tue, Oct 25, 2011 at 1:46 PM, Keegan Holley
keegan.hol...@sungard.comwrote:
Depends on the provider. Many just do not want to manage hundreds of
customer ACL's on access routers. Especially when it would compete with a
managed
I'm assuming colo means hosting, and the OP misspoke. Most colo providers
don't provide active network for colo (as in power and rack only) customers.
2011/10/25 Paul Graydon p...@paulgraydon.co.uk
On 10/25/2011 08:43 AM, Christopher Pilkington wrote:
Is it common in the industry for a
2011/10/25 Jay Ashworth j...@baylink.com
- Original Message -
From: Keegan Holley keegan.hol...@sungard.com
I'm assuming colo means hosting, and the OP misspoke. Most colo providers
don't provide active network for colo (as in power and rack only)
customers.
Most?
I'm sure
2011/10/26 Jay Ashworth j...@baylink.com
- Original Message -
From: Keegan Holley keegan.hol...@sungard.com
- Original Message -
From: Keegan Holley keegan.hol...@sungard.com
I'm assuming colo means hosting, and the OP misspoke. Most colo
providers
don't
Did you do a show ip route for 12.122.83.91? It's probably a loopback of
the nearest BGP peer it may not be the actual next hop interface IP
though. Not sure about the blocked hops, but I can think of a few
explanations. Overall the point of that router is to provide a view of the
route table
Start with why you think it's necessary and what happens if mgt doesn't
listen. Bandwidth is like electricity in a sense. Either you have what
you need or you go belly up until some utility company can give you more
juice. If you notice a growth pattern and are trying to get in front of it
That depends on the network configuration though. If you have redundant
links and one link is at 65% and the other is at 35% or more you won't be
able to get through a circuit flap or outage without dropping packets.
2011/11/17 Karl Clapp kcl...@staff.gwi.net
Ideally, when our 95th-percentile
Besides standing at the water cooler at 1:23PM on 12/3 telling AS123 jokes
I'm not sure a particular AS number has any relevance or any monetary value
unless there is scarcity.
2011/11/17 Kevin Loch kl...@kl.net
Dave Hart wrote:
AS path geeks:
At the risk of invoking ire and eliciting
2011/11/17 David Conrad d...@virtualized.org
On Nov 17, 2011, at 8:16 AM, Keegan Holley wrote:
Besides standing at the water cooler at 1:23PM on 12/3 telling AS123
jokes
I'm not sure a particular AS number has any relevance or any monetary
value
unless there is scarcity.
You
2011/11/17 Dave Hart daveh...@gmail.com
On Thu, Nov 17, 2011 at 18:55, Keegan Holley keegan.hol...@sungard.com
wrote:
I suppose I can't argue with that, but anyone technical enough to know
what an AS is should know better. Also, would it really count? What if
I
opened a small ISP
2011/11/21 valdis.kletni...@vt.edu
On Sun, 20 Nov 2011 21:40:08 EST, Tyler Haske said:
I'm looking for a mentor who can help me focus my career so eventually I
wind up working at one of the Tier I ISPs as a senior tech. I want to
handle the big pipes that hold everyone's data.
OK, so
2011/11/23 Saku Ytti s...@ytti.fi
On (2011-11-23 09:41 -0500), Mark Radabaugh wrote:
The question is: How does a router break in this manner?It
appears to unintentionally be doing something different with traffic
based on the source address, not the destination address.I
I may have a different opinion here, but I not sure I'd call any CLI easy
to work with. Cisco's training machine is so efficient that some learn IOS
before leaving high school, so the fact that we all consider IOS easy to
work with is relative. Just look at the router command. Most of us know
when they wrote the OS then they
might have done things better.
I was hoping that there was already some sort of usability guide around that
could be shown to the manufacturers with a please read this note attached.
Is anyone aware of such a thing?
Jonathon.
From: Keegan Holley
Assuming it's not owned by the NSA does anyone know the address of the
equnix colo in the Denver area? I'm working on pricing access circuits
into it. A contact from equinix would be helpful as well. We haven't
gotten a response to our queries.
Regards,
Keegan
Maybe I have a different personality, but I find it much easier to work
from home (provided home is empty). I think networking from home, which
I do periodically during the week is different from coding from home which
I do on the weekends. It does take some getting used to. I find I'm much
For a few years now I been wondering why more networks do not use writable
SNMP. Most automation solutions actually script a login to the various
equipment. This comes with extra code for different vendors, different
prompts and any quirk that the developer is aware of and constant patches
as
assumption that writable SNMP was a bad idea but have never actually
tried
it. I was curious what others were using, netconf or just scripted
logins.
I'm also fighting a losing battle to convince people that netconf isn't
evil. It strikes me as odd that if I wanted to talk to a
2011/12/9 Joel jaeggli joe...@bogus.com
On 12/9/11 18:22 , Keegan Holley wrote:
assumption that writable SNMP was a bad idea but have never actually
tried
it. I was curious what others were using, netconf or just scripted
logins.
I'm also fighting a losing battle to convince
In lieu of a software upgrade, a workaround can be applied to certain IOS
releases by disabling the ILMI community or *ilmi view and applying an
access list to prevent unauthorized access to SNMP. Any affected system,
regardless of software release, may be protected by filtering SNMP
Sent from my iPhone
On Dec 10, 2011, at 2:58 AM, Randy Bush ra...@psg.com wrote:
I just had a personal email from a brand new ISP in the Asia-Pacific
area desperately looking for enough IPv4 to be able to run their
business the way they would like…
and we are supposed to be surprised or
2011/12/10 bmann...@vacation.karoshi.com
On Sat, Dec 10, 2011 at 03:15:01AM -0500, Keegan Holley wrote:
Sent from my iPhone
On Dec 10, 2011, at 2:58 AM, Randy Bush ra...@psg.com wrote:
I just had a personal email from a brand new ISP in the Asia-Pacific
area desperately looking
Do the blocks have to come from a company I still work for? If not I have
a boat load..
2011/12/13 IPv4 Brokers ipv4brok...@gmail.com
Do you have subnets that are not in use, or only used for specific
purposes? If so, please contact us.
We are paying up-front (or escrow) for the use of
... Heh
ipv4brok...@gmail.com
-.-
If domain squatting and patent trolling are both legitimate sometimes
multi-million dollar businesses are you really surprised?
inappropriate. We are attempting to use Juniper single-mode SFPs (LX
variety) across multi-mode fiber. Standard listed distance is always
for SFPs using the appropriate type of fiber. Does anyone out there
know how much distance we are likely to get? Thanks for your help in
advance.
2011/12/14 Justin M. Streiner strei...@cluebyfour.org
On Wed, 14 Dec 2011, Keegan Holley wrote:
inappropriate. We are attempting to use Juniper single-mode SFPs (LX
variety) across multi-mode fiber. Standard listed distance is always
for SFPs using the appropriate type of fiber. Does anyone
2011/12/14 Jeff Kell jeff-k...@utc.edu
On 12/14/2011 3:37 PM, Keegan Holley wrote:
Single mode just has a smaller core size for the smaller beam emitted
by
laser vs. LED. it works although I've never done it outside of a lab (MM
is cheaper). As for the distance it theory that should
2011/12/14 oliver rothschild orothsch...@gmail.com
Thanks to all who responded to my clumsy first question (both on
matters of etiquette and technology). The group I work with (we are a
small project acting as a last mile provider) was in the midst of
deploying this solution when I posed the
I stand corrected, but I haven't dealt much with 100BASE-FX. I was just
talking in terms of 1G/10G.
2011/12/14 Mark Foster blak...@blakjak.net
On 15/12/11 16:38, Keegan Holley wrote:
2011/12/14 oliver rothschild orothsch...@gmail.com orothsch...@gmail.com
Thanks to all who responded
Had in interesting conversation with a transit AS on behalf of a customer
where I found out they are using communities to raise the local preference
of routes that do not originate locally by default before sending to a
other larger transit AS's. Obviously this isn't something that was asked
of
routing for
some years now, and checking periodically for the expected path, as it
became obvious from investigating traceroutes that traffic was not being
routed as intended using AS prepends.
-Original Message-
From: Keegan Holley [mailto:keegan.hol...@sungard.com]
Sent: Wednesday
traffic
to their peers without complaint?
2011/12/15 Jeff Wheeler j...@inconcepts.biz
On Thu, Dec 15, 2011 at 1:07 AM, Keegan Holley
keegan.hol...@sungard.com wrote:
Had in interesting conversation with a transit AS on behalf of a customer
where I found out they are using communities to raise
2011/12/15 Mark Tinka mti...@globaltransit.net
On Thursday, December 15, 2011 10:42:37 PM Leo Bicknell
wrote:
However, there may be a simpler explanation. If you bill
by the bit as a transit provider it's in your best
interest to make sure your customer gets as many bits
through you
Does anyone know of a working Savvis route server or looking glass. The
http://as3561lg.savvis.net/lg.html site doesn't seem to be able to query
BGP routes. For example it says they don't have a route to 12.0/9 which
seems to be a pretty common aggregate. The traceroute tool works normally
Isn't source discovery and efficiency a big concern for ASM? If individual
streams are tied to a specific source then it's possible to live without
some of the overhead involved in ASM. Joins go straight to the source,
traffic is disseminated via direct paths instead of being replicated by the
Most transit networks have some sort of blanket notification that they can
send to customers. Something like between 12AM and 6AM sometime next week
you may or may not have a moderate or severe impact, but we're not going to
give you details. It also depends on the peering that is being added or
. Is there an easy way to do this with cacti/rrd or another
open source kit?
Keegan Holley ▪ Network Architect ▪ SunGard Availability Services ▪
401 North Broad St. Philadelphia, PA 19108 ▪ (215) 446-1242 ▪
keegan.hol...@sungard.com Keeping People and Information Connected® ▪
http
Thanks all for the responses. I think I'm going to use cacti and plugins
to aggregate. Aggregated billing is kind of something that would be nice
to have but wasn't required. It's nice to know there are concerns with
using cacti for this. My last question is if there is any easy/automated
way
Is there a plugin for MRTG that allows you to go back to specific times?
I like MRTG better for this as well but cacti's graphs are much more
flexible.
2012/1/20 Leo Bicknell bickn...@ufp.org
In a message written on Fri, Jan 20, 2012 at 10:36:38AM -0500, Keegan
Holley wrote:
using cacti
2012/1/20 Chris Adams cmad...@hiwaay.net
Once upon a time, Leo Bicknell bickn...@ufp.org said:
To suggest Netflow is more accurate than rrdtool seems rather strange
to me. It can be as accurate, but is not the way most people
deploy it.
Comparing Netflow to RRDTool is comparing apples
2012/1/27 Jared Mauch ja...@puck.nether.net:
On Jan 27, 2012, at 3:52 PM, Patrick W. Gilmore wrote:
Your network, your decision. On my network, we do not do MD5. We do more
traffic than anyone and have to be in the top 10 of total eBGP peering
sessions on the planet. Guess how many
2012/1/27 Jeff Wheeler j...@inconcepts.biz:
On Fri, Jan 27, 2012 at 6:35 PM, Keegan Holley
keegan.hol...@sungard.com wrote:
realizes that it's ok to let gig-e auto-negotiate. I've never really
seen MD5 cause issues.
I have run into plenty of problems caused by MD5-related bugs.
6500/7600
Even though TCP dump doesn't show it the ARP packets should have a
source mac address that is reachable on the link. I think the reply
is unicast to that mac address regardless of the IP in the request.
Otherwise the receiving station would have to do an arp request for
the source IP in the
I suppose so but BFD certainly has alot more moving parts then adding
MDF checksums to an existing control packet. I'm not saying everyone
should turn it on or off for that matter. I just don't see what the
big deal is. Most of the shops I've seen have it on because of some
long forgotten
encap:Ethernet HWaddr 00:0c:29:b8:2a:14
inet addr:192.168.76.16 Bcast:192.168.76.255 Mask:255.255.255.0
Keegan Holley wrote:
Even though TCP dump doesn't show it the ARP packets should have a
source mac address that is reachable on the link. I think the reply
is unicast to that mac
You can break your blocks into /24's or smaller and readvertise them to
your upstreams. You can also modify local preference using community tags
with most upstreams. If you have tier 1 peerings you may be able to get
them to filter the bad routes if you can prove they were assigned to you by
2012/1/31 Justin M. Streiner strei...@cluebyfour.org
On Tue, 31 Jan 2012, Grant Ridder wrote:
What is keeping you from advertising a more specific route (i.e /25's)?
Many providers filter out anything longer (smaller) than /24.
Some will accept it but not propagate it upstream. This may
To be honest I haven't had much success it convincing a tier 1 to
modify someone else's routes on my behalf for whatever reason. I also
have had limited success in getting them to do anything quickly. I'd
first look to modify your advertisements as much as possible to
mitigate the issue and then
That may not be a bad idea. Have you gotten your company's lawyers
involved? They may be able to get some sort of court action started and get
things moving. They may also be able to compel the ISP's to act.
2012/1/31 Kelvin Williams kwilli...@altuscgi.com
I hope none of you ever get hijacked
There aren't very many ways to combat DDOS. That's why it's so popular.
Some ISP's partner with a company that offers a tunnel based scrubbing
service where they DPI all your traffic before they send it to you. If you
only have a few upstreams it may be helpful to you. I spoke to them last
year
DDOS.
2012/2/5 Dobbins, Roland rdobb...@arbor.net
On Feb 6, 2012, at 7:21 AM, Keegan Holley wrote:
There aren't very many ways to combat DDOS.
Start with the various infrastructure/host/service BCPs, and S/RTBH, as
outlined in this preso:
https://files.me.com/roland.dobbins/dweagy
2012/2/5 Dobbins, Roland rdobb...@arbor.net
On Feb 6, 2012, at 8:10 AM, Keegan Holley wrote:
An entire power point just to recommend ACL's, uRPF, CPP, DHCP snooping,
and RTBH?
Actually, no, that isn't the focus of the preso.
The first four will not work against a DDOS attack
2012/2/5 Dobbins, Roland rdobb...@arbor.net
On Feb 6, 2012, at 8:37 AM, Keegan Holley wrote:
Source RTBH often falls victim to rapidly changing or spoofed source
IPs.
S/RTBH can be rapidly shifted in order to deal with changing purported
source IPs, and it isn't limited to /32s. It's
2012/2/5 Steve Bertrand steve.bertr...@gmail.com
On 2012.02.05 20:37, Keegan Holley wrote:
2012/2/5 Dobbins, Rolandrdobb...@arbor.net
S/RTBH - as opposed to D/RTBH - doesn't kill the patient. Again, suggest
you read the preso.
Source RTBH often falls victim to rapidly changing
2012/2/6 Jeff Wheeler j...@inconcepts.biz
On Mon, Feb 6, 2012 at 8:43 PM, Sven Olaf Kamphuis s...@cb3rob.net
wrote:
there is a fix for it, it's called putting a fuckton of ram in -most-
routers on the internet and keeping statistics for each destination
ip:destination port:outgoing
2012/2/8 George Bonser gbon...@seven.com
-Original Message-
From: bas
Sent: Tuesday, February 07, 2012 11:56 PM
To: Dobbins, Roland; nanog
Subject: Re: UDP port 80 DDoS attack
Say eyeball provider X has implemented automated S/RTBH, and I have a
grudge against them.
I
traffic to come in a different link for some reason. ISP's would suddenly
become giant traffic registries.
2012/2/8 George Bonser gbon...@seven.com
From: Keegan Holley
How do you stop it?
A provider knows what destination IP traffic they route TO a customer,
don't they? That should
Providers don't even check the registries for bgp advertisements. See the
thread on hijacked routes for proof. Not to mention how do you handle a small
transit AS? Do you trust that they have the correct filters as well? Do you
start reading their AS paths and try to filter based on the
On Feb 8, 2012, at 4:51 AM, George Bonser gbon...@seven.com wrote:
From: Keegan Holley
Subject: Re: UDP port 80 DDoS attack
It works in theory, but to get every ISP and hosting provider to ACL their
edges and maintain those ACL's for every customer no matter how large might
2012/2/8 Dobbins, Roland rdobb...@arbor.net
On Feb 8, 2012, at 8:07 PM, bas wrote:
As far as I see it S/RTBH is in no way a solution against smart
attackers, of course it does help against all the kiddie attacks out
there.
Once again, I've used S/RTBH myself and helped others use it
2012/2/8 George Bonser gbon...@seven.com
77% of all networks seem to think so.
http://spoofer.csail.mit.edu/summary.php
And it would be the remaining 23% that really need to understand how
difficult they are making life for the rest of the Internet.
23% of 4.29 billion addresses is still
2012/2/8 Steve Bertrand steve.bertr...@gmail.com
On 2012.02.08 14:23, Drew Weaver wrote:
Stop paying transit providers for delivering spoofed packets to the edge
of your network and they will very quickly develop methods of proving that
the traffic isn't spoofed, or block it altogether. =)
Alot of people are unclear on how hard it is for someone to sniff internet
traffic if the aren't physically located at or near one of the endpoints
IE: connected to the same access point or same switch.
2012/2/15 John Kristoff j...@cymru.com
Hi friends,
As some of you may know, I
If you're building a datacenter probably not. Other than giving the remote
hands some identifier and making them label the servers themselves. If
you're at a conference you could get away with using masking tape and a
sharpie. If you think it was time consuming applying the labels wait until
+1 on both. Senior network guys learn programming/scripting as a way to
automate configuration and deal with large amounts of data. It's an
enhancement for us and most network people are willing to expand their
programming skills given the time. On the other hand there are way too
many jobs
2012/3/2 Randy Bush ra...@psg.com
In my experience the path of least resistance is to get a junior
network engineer and mentor he/she into improving his/hers programming
skills than go the other way around.
and then the organization pays forever to maintain the crap code while
the kiddie
2012/3/2 Randy Bush ra...@psg.com
In my experience the path of least resistance is to get a junior
network engineer and mentor he/she into improving his/hers programming
skills than go the other way around.
and then the organization pays forever to maintain the crap code while
the
2012/3/5 Owen DeLong o...@delong.com
Given my experience to date with the assumptions made by programers about
networking in the following:
Apps (iOS apps, Droid apps, etc.)
Consumer Electronics
Microcontrollers
Home Routers
I have to say that the strategy
2012/3/12 Maverick myeaddr...@gmail.com
Is there a whitelist that applications have to talk to in order to
update themselves?
sometimes
2012/3/12 Maverick myeaddr...@gmail.com
Like list of sites that operating systems or applications installed on
your machines go to update themselves. One way could be to go on each
vendors site and look at their update servers like
microsoft.update.com but it would be good if there is a list
2012/3/12 Tei oscar.vi...@gmail.com
On 12 March 2012 09:59, Carlos Martinez-Cagnazzo carlosm3...@gmail.com
wrote:
Hey!
On 3/8/12 8:24 PM, Lamar Owen wrote:
On Monday, March 05, 2012 09:36:41 PM Jimmy Hess wrote:
...
(16) The default gateway's IP address is always 192.168.0.1
On Mar 12, 2012, at 5:32 PM, Owen DeLong o...@delong.com wrote:
On Mar 12, 2012, at 2:12 PM, Keegan Holley wrote:
2012/3/12 Tei oscar.vi...@gmail.com
On 12 March 2012 09:59, Carlos Martinez-Cagnazzo carlosm3...@gmail.com
wrote:
Hey!
On 3/8/12 8:24 PM, Lamar Owen wrote:
On Monday
In defense of the tier 1's it's not as easy as it looks to run BGP with the
lower end business customers. On the technical side the edge boxes and
links to them would be as overloaded with routes and peers and all of the
other PE boxes in an ISP network. Not to mention the changes in routing
I feel a topic shift coming...
2012/3/21 Jay Ashworth j...@baylink.com
- Original Message -
From: Eric Wieling ewiel...@nyigc.com
I don't know about ATT, but Verizon physically removes the copper
connections when they install fiber into a building. Oddly, this is
legal.
2012/3/22 Jared Mauch ja...@puck.nether.net
On Mar 22, 2012, at 11:05 AM, chris wrote:
I'm all for VZ being able to reclaim it as long as they open their fiber
which I don't see happening unless its by force via government. At the
end
of the day there needs to be the ability to allow
2012/3/22 Jared Mauch ja...@puck.nether.net
On Mar 22, 2012, at 1:12 PM, chris wrote:
Why is it that the big companies are controlling what happens?
They have used the past decades or century to establish these assets.
What is there that's worth having that isn't controlled by a big
2012/3/22 Jared Mauch ja...@puck.nether.net
On Mar 22, 2012, at 1:22 PM, Keegan Holley wrote:
2012/3/22 Jared Mauch ja...@puck.nether.net
On Mar 22, 2012, at 11:05 AM, chris wrote:
I'm all for VZ being able to reclaim it as long as they open their
fiber
which I don't see
. But I don't see Verizon giving into it, nor Comcast
or any other provider that has fiber. Verizon campaigned hard to have fiber
removed from the equal access legalize so like most of these other large
companies, they don't want to share their new toy with the other children.
-John
Keegan
2012/3/22 William Herrin b...@herrin.us
On Thu, Mar 22, 2012 at 1:22 PM, Keegan Holley
keegan.hol...@sungard.com wrote:
2012/3/22 Jared Mauch ja...@puck.nether.net
On Mar 22, 2012, at 11:05 AM, chris wrote:
I'm all for VZ being able to reclaim it as long as they open their
fiber
Have you tried contacting the owner of the IP? A DDOS attack from that
particular IP would be ironic.
#
# The following results may also be obtained via:
#
http://whois.arin.net/rest/nets;q=72.20.23.24?showDetails=trueshowARIN=falseext=netref2
#
Staminus Communications STAMINUS-COMMUNICATIONS
What is the next hop of the route? There should be an IGP route for
the next hop in the iBGP default. It should have a label or LSP
attached to it. How was the default generated? Does it come from a
provider? If so you may have to set next hop self on the router that
receives the default.
-
Best~
On 05/08/2012 01:29 PM, Keegan Holley wrote:
What is the next hop of the route? There should be an IGP route for
the next hop in the iBGP default. It should have a label or LSP
attached to it. How was the default generated? Does it come from a
provider? If so you may have to set
Most of the time no. ISP A and ISP C probably don't have alot of traffic
destined for each other's AS's. Without other peers in an IX sort of model
the link would probably be mostly devoid of (useful) traffic. Although, if
ISP A and C were small regional ISP's and they could get free peering
I've seen this come up on at least three different cop shows so I wouldn't
recommend it. It's also not cool. Packets wanna be free man.. ;)
Just my 2c
2012/5/24 not common notcommonmista...@gmail.com
Hello,
I am looking for some guidance on full packet inspection at the ISP level.
Is
On a lighter note, did you know that your company can hold some of us
liable depending on what advice we give you and how far you run with it.
Just a thought... Overall, I wouldn't choose nanog over
google/wikipedia/GROKLAW unless it is something really specific
operationally. This isn't really
I have seen providers instruct their upstreams to raise local-pref to
hijack traffic. More than a few ISP's rewrite origin though. Personally I
only consider it a slightly shady practice. I think the problem with BGP
(among other things) is that there is no blunt hammer. Now that routers
have
2012/5/31 David Barak thegame...@yahoo.com
From: Nick Hilliard n...@foobar.org
If you don't rewrite your transit providers' origin, then you are telling
them that they can directly influence your exit discrimination policy on
the basis of a purely advisory flag which has no real meaning.
2012/5/31 Richard A Steenbergen r...@e-gerbil.net
On Thu, May 31, 2012 at 12:21:12PM -0400, Keegan Holley wrote:
The internet by definition is a network of network so no one entity
can keep traffic segregated to their network. Modifying someone else
routing advertisements without
2012/5/31 Steve Meuse sme...@mara.org
On Thu, May 31, 2012 at 12:21 PM, Keegan Holley keegan.hol...@sungard.com
wrote:
The internet by definition is a network of network so no one entity can
keep traffic segregated to their network. Modifying someone else routing
advertisements without
Maybe I'm missing something as I'm not the smartest guy on this list, but
what exactly did this prove? ISP's aren't going to start handing out home
connections at 40G per or even 1G. The best pipe they can use between
ISP's is probably going to be the same 40-G blade so even at 500M per they
Hi Daniel,
Could you provide a little more detail as to your requirements? Bandwith,
applications (voice, video, etc...) number of sites, that sort of thing.
On the surface the first thing that comes to mind is redundancy. You are
going to have outages, especially if you have to go that far
I think people tend to go overboard in the planning phases for something
like this. I remember rumors of a certain large ISP getting along fine for
several years installing routers with a password like getsmein. There are
plenty of groups that publish guidelines on ISP configuration as well as a
1 - 100 of 112 matches
Mail list logo
