Re: Gaming Consoles and IPv4

2020-09-28 Thread Alan Buxey
not just how it handles IPv4 - these things don't even do proper WiFi - meaning no happy joy for lots of students on campus where 802.1X wifi is provisioned alan

Re: IPv6 Pain Experiment

2019-10-03 Thread Alan Buxey
hi, > Go ahead and read your v4 address over the phone and then do the same with > your v6 address. Which is easier? I do understand all about these addresses > both being binary underneath ( I've been doing this for over 30 years now). > However it is much easier to communicate using four

Re: IPv6 Pain Experiment

2019-10-03 Thread Alan Buxey
hi, the old UK reverse name notation actually comes from some sensible ideas - firstly from the big-endian processing methods - but also the most important part of the address comes first - ideal for global routing decisions early. who cares about the actual hostname , get to the actual TLD ;-)

Re: Protecting 1Gb Ethernet From Lightning Strikes

2019-08-14 Thread Alan Buxey
hi, have seen and suffered from same. nearby strikes can cause enough surge to fry things. best solution - air-gaps where possible between devices (eg fibre to link switches), surge protectors on ethernet cables where needed (eg feeds from Access points) - and if the APs have external antennae

Re: Cisco wifi signal fluctuations

2019-07-18 Thread Alan Buxey
hi, do you have any of the WLC settings on such as dynamic power assignment (which allows the controller to work out neighbour cell coverage and reduce the signal to stop much overlap). which 5GHz channels are being used - if you're using those in DFS space then RADAR detection means that DAC

Re: QoS for Office365

2019-07-10 Thread Alan Buxey
hi, use Direct Access PAC file for clients to get the right endpoints. Apply QoS to that traffic - and use that same PAC file to feed the IP ranges into your QoS rules on the firewall/router ? alan On Mon, 8 Jul 2019 at 17:15, Joe Yabuki wrote: > > Hi all, > > How do you deal with QoS for

Re: Packetstream - how does this not violate just about every provider's ToS?

2019-04-26 Thread Alan Buxey
hi, > Just ran into Had a quick look but doesn't seem to mention Blockchain at all - therefore it can't be that good! ;-) alan

Re: Multicast traffic % in enterprise network ?

2018-08-10 Thread Alan Buxey
when i was last on a proper working multicast-enabled UK university network, could pick up the BBC streams (TV and radio) using VLC :) alan

Re: Proving Gig Speed

2018-07-17 Thread Alan Buxey
hi, another prediction would be that your internet connection (and most devices in house) connected by 5G - maybe with some local WiFi - 802.11ax - if theres still spectrum left after the LTE groups have taken it all for aforementioned 5G purposes... legacy devices, still around for another

Re: Application or Software to detect or Block unmanaged swicthes

2018-06-08 Thread Alan Buxey
as already said - this can be covered with adequate processes and management (even so far as, not doing your job right? time for HR...). however, there are many ways to ensure that random ports arent doing anything other than what they should be doing - most of these are L2 security features -

Re: Email security: PGP/GPG & S/MIME vulnerability drop imminent

2018-05-15 Thread Alan Buxey
real ones send such formulae as LaTeX attachments - where their recipients can have a simple plugin to view/display it inline (then save to edit/modify etc). HTML is horrible for formula...but at least I guess a little better than MS Word. alan

Re: Catalyst 4500 listening on TCP 6154 on all interfaces

2018-05-09 Thread Alan Buxey
hi, thank-you Dario for your input and response from Cisco PSIRT - very useful and welcome. alan

Re: Remote power cycle recommendations

2018-04-28 Thread Alan Buxey
+1 for the APC kit :) alan

Re: China Showdown Huawei vs ZTE

2018-04-26 Thread Alan Buxey yet another ZTE issue . :( alan

Re: Cloudflare public DNS broken w/ AT CPE

2018-04-02 Thread Alan Buxey
thats probably a key part of the experiment - to find locations and systems where is trashed. it should be routable and its about time that vendors stopped messing around in that space - hopefully this is one of the sticks that prods people to start to behave - at which point

Re: Yet another Quadruple DNS?

2018-03-29 Thread Alan Buxey
exactly. intercept/inject? why. an ISP can just run its own standard DNS servers on and and point their customers to those - they own their routing space, they can just route to those locallyso anyone thinking they can avoid their ISP by choosing some other addresses are

Re: Wi-Fi Analyzer

2017-12-29 Thread Alan Buxey
Scout Aircheck G2 is quite nifty - but a lot of tools out there are only just a little bit above what you can do with a decent Android phone (one with 802.11a/b/g/n/ac chipset) and WiFiAnalyzer ! :) alan

Re: Alternatives to ISE?

2017-12-03 Thread Alan Buxey
if you're already slurping the commercial koolaid (support contracts, someone to blame etc etc) - then Aruba Clearpass? (otherwise local homebrew with FreeRADIUS core or PacketFence as FOSSOTS ;-) ) alan

Re: OSPF Monitoring Tool

2017-12-02 Thread Alan Buxey
Commercial, or free? For commercial route explorer should do the job, for free, run eg quagga or such with relevant actions on logs. alan

Re: Moving fibre trunks: interruptions?

2017-09-14 Thread Alan Buxey
i'm sure theres plenty of aerial in europe. usually carried on e.g. the top messenger cable on pylons - given i've attended talks about the issues of fixing such fibre after storms in Scotland :) On 1 September 2017 at 20:52, Rod Beck wrote: > I don't think

RE: SNMP syslocation field for GPS coordinates, and use with automation tools

2016-12-09 Thread Alan Buxey
Yes. But don’t just put in coordinates... Put in other details and use a standard separator  alan

Re: Spitballing IoT Security

2016-10-29 Thread Alan Buxey
Hi, Hi, >Put it another way: you bring home a NEST and the first thing you the >expert might do is read the net to figure out which ports to open. Are >you really going to not open those ports? Put onto its own isolated vlan with only internet access. Unfortunately no basic routers that are

Re: Spitballing IoT Security

2016-10-27 Thread Alan Buxey
Hi, >At which point the 3GS was almost 5 years old (having originally been >released in June 2009) and had been already superseded by the iPhone 4, >4S, 5 and 5S/5C. But the release of and presence of those phones does not make the older phone suddenly stop working. As noted, the phone might

Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey

2016-09-27 Thread Alan Buxey
hi, >From: NANOG on behalf of Mike Hammett > >Sent: 27 September 2016 16:30 >Cc: >Subject: Re: Krebs on Security booted off Akamai network after DDoS attack >proves pricey > >You must not support end users. haha...i read that wrong.

Re: Don't press the big red buttom on the wall!

2016-08-29 Thread Alan Buxey
>“Unfortunately because it was human >error we weren’t prepared for it,” >Holmes said. "But it's elementary!" Watson retorted :) alan

Re: Cisco 2 factor authentication

2016-06-26 Thread Alan Buxey
As per other statements of such seen elsewhere online, do you have examples or code which will allow the recovery of passwords in a radius exchange? Yes, the shared secret mechanism is widely stated as 'weak' but actively attacked? alan

Re: mrtg alternative

2016-03-23 Thread Alan Buxey
+1 for Statseeker. Ease of use etc (price depends on eg site size etc). Can do lots on just one mid server unlike some other bloaty solutions out there. But we also still use MRTG for some local bespoke measurements PS you can get a free Eval of statseeker. Obnote, don't work for them just a

Re: Equipment Supporting 2.5gbps and 5gbps

2016-01-28 Thread Alan Buxey
Um. You don't have an option for old copper plants. This stuff gives you 2.5gig or 5gig on cat5/cat5e (depending on distance). If you can do 10g you really shouldn't be carrying about this stuff. In the optical world just jump to using 10Gig (where you can) alan

Re: Binge On! - get your umbrellas out, stuff's hitting the fan.

2016-01-10 Thread Alan Buxey
For the sake of security of all internet connected hosts - especially in this new era of even more IOT junk , security updates, firmware and new OS updates should be granted libre data rates so that users who keep their devices updated are not penalised. as for carriers pipes...will, if

Re: Binge On! - get your umbrellas out, stuff's hitting the fan.

2016-01-09 Thread Alan Buxey
You're assuming that people are only using phones with their SIM - those that use a mifi dongle and thus view content on a tablet or laptop will notice We could rate limit traffic from YouTube to 1.5mbps and let the adaptive streaming knock the steam to 480p bit our users with 100mbit

Re: announcement of freerouter

2015-12-26 Thread Alan Buxey
>RouterOS is an existing product by MikroTik Yes but this was an announcement about freerouter. If RouterOS has an announcement to make they can send their own email ;) alan

Re: MACsec to edge hosts

2015-12-23 Thread Alan Buxey
The host has to support it... I've only seen the cisco anyconnect client add such support to the host alan

RE: Nat

2015-12-21 Thread Alan Buxey
I'm surprised that noone of the home wifi router folk haven't cornered the market on that one in terms of client separation. Most people don't need the devices to talk to each other so by default all ports on different VLANs .. 192.168.0-8.x etc Internet of things security out of the box. Web

Re: Advance notice - H-root address change on December 1, 2015

2015-11-16 Thread Alan Buxey
No. CentOS follows RedHat. They backport fixes to older versions rather than put the new version out. It appears that have aversion to new feature and just want to put the fixes onto the older versions. So that 9.9.4 probably has 60% of the changes that the diff of 9.9.4 has to 9.9.8 . This

Re: EyeBall View

2015-10-26 Thread Alan Buxey
Indeed. They just need more places across the world hosting Anchors :) alan

Re: EyeBall View

2015-10-26 Thread Alan Buxey
What, like RIPE NCC ? :) alan

Re: The spam is real

2015-10-26 Thread Alan Buxey
There's also probably a large number of people gnashing their teeth that all of these compromised sites have been so readily identified by a very basic spam scam. A massive waste of opportunity for real black hats alan

Re: Why is NANOG not being blacklisted like any other provider that sent 500 spam messages in 3 days?

2015-10-26 Thread Alan Buxey
I was looking out for the sub-Reddit thread ;) alan

RE: Static IPs

2015-10-19 Thread Alan Buxey
Aye. It was an amusing anecdote/joke about their poor wording/pitch. I didn't see it as some sales thingguess others are having a stressful day or got out of bed the wrong side today :/ alan

Re: RIPE atlas probes

2015-10-06 Thread Alan Buxey
'should have largely the same vantage point ...' That's *exactly* one of the functions of these probes. It's very interesting what they can find out. Never assume (you know the rest of that...) alan

Re: Inexpensive probes for automated bandwidth testing purposes

2015-10-04 Thread Alan Buxey
One of the small microPC solutions. Depending on what you want to test (eg bandwidth) you may find platforms like raspberrypi too limited. Intel NUC or LIVA platforms? alan

Re: Recent trouble with QUIC?

2015-09-27 Thread Alan Buxey
Yes. Next gen firewalls stop that kind of game ;) alan

Re: Ear protection

2015-09-26 Thread Alan Buxey
Great summary of the thread No-one using remote control robots with video feed etc for working in these environments then? Plans to? ;) alan

Re: Extraneous "legal" babble--and my reaction to it.

2015-09-09 Thread Alan Buxey
>It's just text at the bottom of your email. 1 often a very large amount of text - in this case the legalese was something like 10x longer than the comment! 2 its pointless. Its not enforceable and doesn't mean anything. Shall i put a chapter of war and peace at the end of my emails? You

RE: Windows 10 Release

2015-07-29 Thread Alan Buxey
'QoS problems are to be expected' . Uh? Don't you put QoS into place just to ensure that the minimum bandwidth you need to ensure critical services (such that your voice traffic is not impeded for example) are NOT affected across your WAN links when there are big globs of data banging around?

Re: Hotels/Airports with IPv6

2015-07-10 Thread Alan Buxey
2 mbit is still more than 32 bit ;) alan

Re: Hotels/Airports with IPv6

2015-07-09 Thread Alan Buxey
No. They should just ask, with the best geek intonation, whether this place still is stuck with 32-bit Internet I'm sure they'd gladly report that their Internet is 24 mbit and not just 32 bit ;) alan

Re: Any Verizon datacenter techs about?

2015-06-26 Thread Alan Buxey
There was signing of NDAs Which you obviously read and follow to the letter ;) alan


2015-06-22 Thread Alan Buxey
I do feel sorry for you unix/linux users having a problem in year 2038 fortunately I get another ~ 8 years... my Amiga gets its first big problem in 2046 ;-) alan PS if i get to see the 2078 issue I'll be old

Re: Android (lack of) support for DHCPv6

2015-06-09 Thread Alan Buxey
'We plan to use DHCPv6 rather than SLAAC for a variety of reasons' Care to elaborate on the reasons? Due to client support we have both. In fact we had SLAAC for many years and just 2 years ago we added DHCPv6 ..that was to ensure fuller client support (since windows and OSX amongst others

Re: eBay is looking for network heavies...

2015-06-09 Thread Alan Buxey
'Don't learn by heart that which you can look up.' apart from enough basics to get you up and connected so that you CAN look things up! ;) There's a whole debate about the education system and learning things by rote that can be looked up. In many sectors you have reference tomes. ..some

Re: WiFi courses/vendors recommendation

2015-06-03 Thread Alan Buxey
+1 for CWNP courses. The CWNA and CWDP cover RF quite well too you'll pick up most of what's needed. ..imho most of the vendor specific courses only benefit is to tell you how to manage their control plane. Which button to click on the interface etc ;) alan