We have something very similar. We have 2 x 7204VXR/NPE-G1 with 1GB RAM each
with a 50Mb connection to an upstream provider with full routes. No cpu or
other problems at all.
-Original Message-
From: Chris Gotstein [mailto:ch...@uplogon.com]
Sent: Friday, July 09, 2010 1:36 PM
To:
that environment.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message-
From: Tom Mikelson [mailto:tmikel...@gmail.com]
Sent: Monday, September 20, 2010 10:05 AM
Neither of our upstream providers offer direct ipv6 although both claim
deployment in Q1 2011. In the meantime, we have a tunnel with BGP to HE
announcing our /48, but we are looking for redundancy. Is there anyone else out
there offering services like Hurricane Electric?
Matthew Huff
With BGP it does.
We are announcing a provider independent /48 address space, and receive the
ipv6 bgp routes.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
? Any suggestions on
whom we should contact?
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
attachment: Matthew Huff.vcf
Our system is PRI based, not sip.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message-
From: wher...@gmail.com [mailto:wher...@gmail.com] On Behalf
that we
are makign the harrasing calls.
Just wanted nanog to be aware of this since the only two numbers that this has
happened with are the ones in our ARIN whois records.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914
There is also another reason for NAT44 or NAT66 in the corporate world that has
been missed in these conversations. It is very common to NAT44 when connected
via extranets to another company via an b2b provider such as TNS or BTRadianz.
Not everything goes over the net. NAT44 (especially
Yes, but unless that ipv6 that isn't globally routed is NAT66 to the outside
world, then it wouldn't have external access.
-Original Message-
From: Jon Lewis [mailto:jle...@lewis.org]
Sent: Thursday, February 03, 2011 11:41 AM
To: Iljitsch van Beijnum
Cc: nanog@nanog.org
Subject:
Overloaded NAT is too costly to the community to be allowed to promulgate
into IPv6. It is detrimental to:
Application development
Innovation
Security
Auditing
Cost:
Cost of application development
Cost of devices
In IPv6, the simpler solution is to allocate a /64 to groups of machines that
serve such a function.
If you need to move the group, you can simply move the entire prefix.
If we change the prefix, then I have to contact and deal with the bureaucracy
of external corporate entities. This is a
.
IPSEC to a NAT/SPI firewall works fine, through it has issues. But then again,
rarely do you want that in a corporate network anyway.
-Original Message-
From: valdis.kletni...@vt.edu [mailto:valdis.kletni...@vt.edu]
Sent: Thursday, February 03, 2011 2:29 PM
To: Matthew Huff
Cc: Owen
...@vt.edu]
Sent: Thursday, February 03, 2011 3:36 PM
To: Matthew Huff
Cc: Owen DeLong; nanog@nanog.org
Subject: Re: quietly
On Thu, 03 Feb 2011 14:39:15 EST, Matthew Huff said:
Something like ftp over SSH works well without fixup or NAT issues and is
becoming more standard at least
SMTP is definitely not a p2p protocol in most corporate environments. In ours,
all email (even ones that you would think should be host2host) go to a central
smarthost that processes the mail, and archive it for compliance. All
internal to external and external to internal email is tightly
personally prefer scp to sftp, but that isn't what is being deployed by our
peers.
-Original Message-
From: Randy Carpenter [mailto:rcar...@network1.net]
Sent: Thursday, February 03, 2011 4:32 PM
To: Matthew Huff
Cc: nanog@nanog.org; Valdis Kletnieks
Subject: Re: quietly
In a corporate environment, that's the way it's been for almost 30 years. The
feeling I get is that people want to re-litigate that with Ipv6, and make every
desktop an end-to-end node. Not going to happen. In most corporate
environments, even with sarcasm, you are right. There are clients and
Seems there's a lot of engineers out there that only want to make sure
last year's protocols work, and are willing to totally ignore next year's.
It really is a different universe for University/ISP versus corporate
networks. Neither is wrong or right, but both have different needs. My
By any chance were you querying a Sup32 that had BGP full routes? That and
other large tables can easily swamp the cpu on the Sup32.
This technote is based on IOS, and I don't know if the same facilities exist in
CatOS, but as Nick mentioned, run, don't walk and convert to IOS. CatOS is dead.
About 10 minutes ago we stopped being able to pass traffic through cogent. I
de-peered us from Cogent, and everything appears
better. When I call cogent, all I get is a busy signal (must be a major
outage). Anyone else seeing anything?
Matthew Huff | 1 Manhattanville Rd
We are peered in Westchester Co, NY (north of NYC). Reports from
status.cogentco.com suggest a problem in NYC. I wonder if it's
related to the 75 Broad Street explosion this morning. According to Cogent
status, they are running on generator.
Matthew Huff | 1 Manhattanville Rd
-default
fair-queue 4096
random-detect dscp-based
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message-
From: Rodney Dunn [mailto:rod...@cisco.com]
Sent
timeout
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message-
From: Brian Shope [mailto:blackwolf99...@gmail.com]
Sent: Wednesday, June 17, 2009 5:33 PM
on technical blogs, and even on Microsoft's web site are
incorrect. Once it's setup, however, it's great.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message
://www.nagios.org
Zenoss http://zenoss.com
OpManager http://www.manageengine.com
Orion http://www.solarwinds.com/products/orion/
BigBrother http://bb4.com/
Any others that should be added to the list to eval?
Matthew Huff | One
to use BMC patrol which was a very good system. We moved away from it
because it was extremely pricey per-node and BMC absolute rejection of
Solaris X86 as a supported platform (We went back and forth between Sun and
BMC regarding that for over a year).
Matthew Huff | One Manhattanville Rd
the
original topic.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message-
From: Jens Link [mailto:li...@quux.de]
Sent: Wednesday, July 22, 2009 1:24 PM
/products/orion/
BigBrother http://bb4.com/
Argus http://argus.tcp4me.com/
Xymon http://www.xymon.com
Spiceworks http://www.spiceworks.com/
ICINGA http://www.icinga.org
Matthew Huff | One Manhattanville Rd
OTA
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message-
From: Michal Krsek [mailto:mic...@krsek.cz]
Sent: Tuesday, August 04, 2009 9:59 AM
To: Jon Auer
during the resolution of this issue.
Posted by [4]Cisco PR at 12:00AM PST
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://[5]www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
[cid:image001.jpg
Disregard. This was from 2 years ago. Copied the link and verbage
without verifying it. My bad.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://[1]www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
Yeah, we got hit hard too.
It's back up, but no RFO yet. NOC was overloaded and not answering.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message
would
appreciate if people have time and can double check let me know if any
announcements are active except from our AS6128/AS6395 upstreams.
If this were to persist, what would be the best course of action to resolve it,
especially given that the AS was within RIPE.
Matthew Huff
to be uninterested in tracing or
blocking them. Is this the new normal? One of my concerns is that if others are
seeing probe attempts, they will see them from these addresses and of course,
contact us.
Any suggestions on what to do next? Or just ignore.
Matthew Huff | One Manhattanville Rd
OTA
The source address appears to be fixed as well as the source port (),
scanning different destinations and ports.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
I'm not at all concerned about door-knob twisting or network scanning. What
concerns me is that the source addresses are spoofed from our address range and
that our upstream providers aren't willing to even look at the problem.
Matthew Huff | One Manhattanville Rd
OTA Management LLC
It's called Microsoft Exchange ActiveSync :)
It works with Android, Apple and Microsoft devices. I believe both Lotus and
Groupwise have licensed and support it as well. We have a few (but now, very
few) blackberry users remaining. They won't let it go until we rip it out of
their hands.
Also,
Most enterprises that support Exchange remote access use RPC over HTTPS which
is encrypted and easy to allow on the firewall.
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase, NY 10577
OTA Management LLC | Phone: 914-460-4039
aim: matthewbhuff
I'm seeing the same thing from my home lan via fios. I've run a recursive dns
server for years and can't reach the roots. Had to switch to using verizon's
dns servers as forwarders.
Sent from my iPad
On Dec 11, 2011, at 8:07 PM, Brandon Kim brandon@brandontek.com wrote:
I too am now
Consumer fios. Verizon forums are full of posts about it. Too tired this
evening to worry about it.
Sent from my iPad
On Dec 11, 2011, at 10:48 PM, Christopher Morrow morrowc.li...@gmail.com
wrote:
On Sun, Dec 11, 2011 at 10:28 PM, Matthew Huff mh...@ox.com wrote:
I'm seeing the same thing
, others are going through the standard script (reboot router,
reboot ONT, check settings on browser, i.e. clueless, even to the point of
saying that the person's router is bad and they would send them a new one).
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase
, but previous
versions don't.
I wonder if someone has a list comparing root certificate support across
platforms?
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase, NY 10577
OTA Management LLC | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
, their idea is to
rid the world of the secondary market of used games.
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase, NY 10577
OTA Management LLC | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message-
From: Eric
Anyone else see a massive increase of scanning/dos with TCP source and/or
dst port of 0? We started seeing a massive increase today creating some
issue with our firewalls.
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase, NY 10577
OTA Management
We can take the IPs via GRE or BGP or other such
tunneling solution to where you have them announced. Alternatively we can
advertise them ourselves on our network, saving you the back-haul. As a third
solution we can take a server on your network with the following specs:...
Matthew Huff
Of course, we declined. I just thought it was worth posting so others might be
alerted that this was going on.
Hadn't known about the google page ranking SEO, but it makes sense
On Mar 8, 2012, at 8:06 PM, George Michaelson g...@apnic.net wrote:
no. you misunderstand.
The value
5.x
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase, NY 10577
OTA Management LLC | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message-
From: Anurag Bhatia [mailto:m...@anuragbhatia.com]
Sent: Monday
An L2 device should not be fragmenting L3 packets.
Layer 2 fragmentation used (20+ years ago) to be a common thing with bridged
topologies like token-ring to Ethernet source-routing. Obviously, no so much
anymore (at least I hope not), but it can and does happen.
I think part of the problem
business can
handle it better.
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase, NY 10577
OTA Management LLC | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message-
From: jeff murphy [mailto:jcmur
a score and mark the header, rather than bouncing.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message-
From: Jeff Kinz [mailto:[EMAIL PROTECTED]
Sent
We lost a DS3 out of our downtown SF office around 4 hours ago. The Level 3
master ticket for OC-12 outage is #3020259 and is out of Hayworth. Anyone know
anything more about this? Getting any info out of level 3 let alone an ETR has
been challenging.
now.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Matthew Huff
Sent: Wednesday, November 19, 2008 10:45 PM
To: NANOG list
Subject: Level 3 OC-12 cut in SanFran/Hayw
We lost a DS3 out of our downtown SF office around 4 hours ago. The Level 3
master
:[EMAIL PROTECTED]
Sent: Friday, November 21, 2008 4:01 PM
To: Matthew Huff
Cc: nanog@nanog.org
Subject: Re: NANOG Digest, Vol 10, Issue 71
Message: 1
Date: Thu, 20 Nov 2008 09:32:45 -0500
From: Matthew Huff [EMAIL PROTECTED]
Subject: RE: Level 3 OC-12 cut in SanFran/Hayw
To: Brandon Shiers
Although the problem we had wasn't DoS, but rather high packet rates for market
data, we saw a huge improvement by moving from a 7204VRX to a 7600 platform.
Going from a software switched environment to a hardware one help deal with
large number of packet drops during peaks of burst activity.
It looks like clepsydra hasn't been updated:
address ref clock st when poll reach delay offsetdisp
-~192.5.41.40 .USNO.1 194 1024 37741.15.1938.2
-~130.207.244.240 .GPS. 168 1024 37723.1 11.09 1.3
~127.127.7.1
, but rather a business
decision, and it's not going to change. We aren't depending our network
resources on an external third-party, especially given their track record.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim
, the problem is that
it being tied to an external company.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message-
From: Måns Nilsson [mailto:mansa
, and although we haven't had a problem
before I disabled bgp mtu path discovery, but have the same issues.
Anyone seeing something like this today, and or does anyone have a
suggestion on finding out more specific info (which as path for example so I
can filter it)?
Matthew Huff | One
image.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message-
From: Renaud RAKOTOMALALA [mailto:ren...@rakotomalala.com]
Sent: Tuesday, February 24
We were using PMTUD. However:
1) The link was iBGP and was done via crossever with both having default MTU
2) I tried disabling PMTUD with no difference
3) Cisco admitted it was a known bug, and downreving it to 12.4(15)T
resolved the issue.
Matthew Huff | One Manhattanville Rd
OTA
SRI has a detailed analysis of conflicker at http://mtc.sri.com/Conficker/
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message-
From: Joe Blanchard
hardware and OS platforms. Getting them to run at
a fraction of that speed depends on application and IP stack tuning. Even then,
there are significant bottlenecks. That's one reason Infiniband for HPC has
taken off.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY
wonder how
long it will take companies to realize that if they don't do a good job of self
policing, the result will be something they would prefer not to have happen.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
www.otaotr.com | Phone: 914-460-4039
that's exactly my point! it's _not_ reliable, but it's the behavior
that the average user has come to expect. If we can't even guarantee
reliability with the small handful of TLDs currently in use, when we
start introducing arbitrary new ones to anybody that can pay, I'm
concerned that it's
the cost effective options are with
other vendors or even other possible cisco solutions.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
Network's NetFlow Tracker and it works with sFlow,
IPFIX, Netflow and other netflow like protocols, so it looks like almost any of
the hardware suggested will work.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
www.otaotr.com | Phone: 914-460-4039
aim
The Cisco 8 port 10/100/1000 switch (WS-C2960G-8TC-L) supports RSPAN which
would allow you to tap all the ports even though it's a switch. It's about
$750, so it's not a cheap option, but it's not outrageous either. It's the
right size also.
Matthew Huff | One Manhattanville Rd
you want the hello (in
seconds) and y is the max hold-down timer. Generally y is = x * 3
http://www.cisco.com/en/US/docs/ios/12_2/iproute/command/reference/1rfeigrp.html
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
www.ox.com| Phone
You can squeeze by with 512MB, but 1GB of ram would be better.
A 7204VXR with 1GB of ram will work fine. You can also squeeze by with a 2951
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax
http://www.symmetricom.com/
We have two of their S200 syncservers. Works great.
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message-
From: Kyle
Bpduguard if running cisco.
set all the switch ports to bpduguard or enable it globally
-Original Message-
From: Chuck Anderson [mailto:c...@wpi.edu]
Sent: Friday, March 26, 2010 6:09 PM
To: nanog@nanog.org
Subject: Auto MDI/MDI-X + conference rooms + bored == loop
Anyone have
also co-invented an early form of
spread spectrum communications technology, a key to modern wireless
communication.[1]
Matthew Huff | One Manhattanville Rd
OTA Management LLC | Purchase, NY 10577
http://www.ox.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
Another couple of reasons to use a delayed transition ATS:
1) Motor lock. Delays on HVAC equipment never get triggered if the system never
goes offline. Having a correct open period allows the motors to spin down,
and start back up on the delays that are programmed keeping them from being
My traceroute goes through, but we don't go through Verizon. However, the web
server is returning an error that it is unavailable. It's possible that the
destination web server has a geo location plug in that stops access from
foreign locations, or that their server is down.
[root@lancaster
routing and advertisements to avoid cogent, otherwise, I don't think there is
any solution coming within a reasonable timeframe
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase, NY 10577
OTA Management LLC | Phone: 914-460-4039
-Original Message
and monitoring requirement. One of the many challenges of ipv6 in a
corporate environment.
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase, NY 10577
OTA Management LLC | Phone: 914-460-4039
-Original Message-
From: Lee Howard [mailto:l
On Dec 20, 2013, at 3:23 PM, Owen DeLong o...@delong.com wrote:
On Dec 20, 2013, at 6:29 AM, Matthew Huff mh...@ox.com wrote:
With RA, what is the smallest interval failover will work? Compare that with
NHRP such as HSRP, VRRP, etc with sub-second failover.
RA and VRRP
not unless they have a business
justification.
On Dec 20, 2013, at 4:07 PM, Owen DeLong o...@delong.com wrote:
On Dec 20, 2013, at 12:50 PM, Matthew Huff mh...@ox.com wrote:
On Dec 20, 2013, at 3:23 PM, Owen DeLong o...@delong.com wrote:
On Dec 20, 2013, at 6:29 AM, Matthew Huff mh
You can request a fully working IPv6 implementation, but it's not going to stop
a purchasing if it doesn't. If you are deciding between two vendors and one is
better/cheaper and doesn't have IPv6 and you choose the other, it's likely you
will be looking for another job. There is no strong
have two Symmetricom Stratum 1 time servers synced via GPS with Rubidium
oscillators, and two RHEL 6 servers running ntpd for our 4 servers.
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase, NY 10577
OTA Management LLC | Phone: 914-460-4039
engineering and network information hiding. Most of the partners on the other
side of the extranet have very tight ACLs. If we were to need to change our
source IP, it would take a miracle to get it changed on their side short of 3-4
weeks. That's the world some people live in.
Matthew Huff
msec
15 63.251.160.18 [AS 14744] 76 msec 76 msec 72 msec
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *
Matthew Huff | 1
.
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase, NY 10577
OTA Management LLC | Phone: 914-460-4039
-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Matthew Huff
Sent: Tuesday, May 27, 2014 2:25 PM
To: nanog
Doesn't surprise me at all. Another thing I've seen lately is number of
software (especially system management software) after being certified/tested
with IPv6 no longer function when IPv6 is enabled. At least one vendor that
broke IPv6 with a recent patch told me they only tested it once for
I'm looking to have some equipment (2 x HP C7000 blade chassis ( each with 16
blades), 2 x Cisco 7600, and some small misc equipment) from a datacenter in
Mahwah, NJ to Secaucus, NJ. Anyone recommend someone?
BGPMon has been sending out alerts this morning starting around 15:14 UTC about
our 129.77.0.0/16 prefix. None of our BGP peers have flapped, and according to
the alert, it appears limited to:
Netherlands
Sweden
Kuwait
Italy
United Kingdom
Russia
Liechtenstein
I haven't seen anything on nanog
The advantage of SMS is that it is out of band. Any smtp or other IP based
solution requires a stable and working network environment, which is what the
alert may be trying to tell you is down.
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase, NY 10577
were getting 5-10% packet loss (although the Cisco stats didn't show
it), and it was choking on it.
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase, NY 10577
OTA Management LLC | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-694-5669
really have a hold of the FCC.
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase, NY 10577
OTA Management LLC | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-694-5669
-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org
If your users are all using the latest models... great
We still have people using flip phones...
We had to shut down our legacy signal booster when a provider sent us a cease
and desist letter. We are still looking for a replacement solution that meets
the new code.
Matthew Huff
, but the vendor
is slow to provide the patch.
There is a huge difference in what is good network/security designs between
content providers, transit networks, eyeball networks, corporate networks,
universities, etc... One size doesn't fit all.
Matthew Huff | 1 Manhattanville
your
advice.
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase, NY 10577
OTA Management LLC | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-694-5669
-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Roland
wouldn't be useful from the attacker if the
traffic doesn't return to them, so what gives?
BTW, we are in the ARIN region, the report came out of the RIPE region.
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase, NY 10577
OTA Management LLC | Phone: 914-460
:
On 11 Mar 2015, at 6:40, Matthew Huff wrote:
I assume the source address was spoofed, but this leads to my
question. Since the person that submitted the report didn't mention a
high packet rate (it was on ssh port 22), it doesn't look like some
sort of SYN attack, but any OS fingerprinting
Given the size and that the data is stored in encrypted RAR files, I wonder if
they just busted a Usenet service provider rather than a P2P / file sharing
site.
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase, NY 10577
OTA Management LLC | Phone
Well,
There are frontier users and there are fios users, and now there are frontier
fios users (users that were customers of Verizon, but Verizon sold off part
their infrastructure to frontier).
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase, NY 10577
.
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase, NY 10577
OTA Management LLC | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-694-5669
-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Joel Esler (jesler)
Sent
It's much smaller J
Other than that, I don't know of anything else. I don't use their router anyway.
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase, NY 10577
OTA Management LLC | Phone: 914-460-4039
aim: matthewbhuff| Fax: 914-694-5669
Yes, the clock has to be bad. Been there, done that, especially early Sun x86
servers.
Leap years and DST are both things people and developers are aware of outside
of technology, leap seconds, not so much.
On Jun 23, 2015, at 11:33 PM, Harlan Stenn st...@ntp.org wrote:
Matthew Huff writes
% safe we would need to do that
24 hours before, but that would be a violation of FINRA regulations.
It looks like the safest thing for us to do is to keep our NTP servers running
and deal with any crashes/issues. That's better than having to deal with FINRA.
Matthew Huff | 1
A backward step is a known issue and something that people are more comfortable
dealing with as it can happen on any machine with a noisy clock crystal.
Having 61 seconds in a minute or 86401 seconds in a day is a different story.
On Jun 23, 2015, at 8:37 PM, Harlan Stenn st...@ntp.org wrote:
1 - 100 of 181 matches
Mail list logo