rs in many cases.
--
Brandon Martin
"you operate your network however you want".
Other things would fall under the same purview. For example "alternate root"
DNS hierarchies with extra TLDs or even TLDs used in contrast to ICANN
recommendations would have similar considerations.
--
Brandon Martin
t that I'd recommend it.
--
Brandon Martin
aintain if you
have visibility into both levels of the equation, but it does seem to
work and is surprisingly performant.
See e.g. https://tips.graphica.com.au/nested-kvm/
--
Brandon Martin
not recommend mixing and matching hypervisors (e.g. Xen on KVM
or vice-versa), though. I'm not even sure you can do so meaningfully,
though I bet someone's working on it.
--
Brandon Martin
with various specs AND don't want to or cannot use a
provider's API for that, I'm not sure why you'd want to if you didn't
have to for some crazy reason.
--
Brandon Martin
On 1/5/21 7:29 PM, Chris Adams wrote:
I don't know if an unsubscribed cell phone gets the emergency alerts (I
know you are supposed to be able to call 911 from any cell phone, even
if not carrying paid service). If so, that'd be another cheap way to
get alerts.
They pretty much universally
without
that kind of separation of duties internally regardless of what actually runs
underneath the user-visible application. It's not that you couldn't but rather
that you wouldn't.
--
Brandon Martin
ote that most mobile phones allow the user to turn off most
(though usually not all) emergency alerts. Non-OEM OS ROMs often go
further.
--
Brandon Martin
is nothing for a modern server, of course. It sounds
like you'd probably run into other scaling issues before you hit memory
limitations needed to juggle legitimate TCP connection state.
--
Brandon Martin
storing state
using techniques similar to syncookies and do so in a compatible manner?
I suspect no since you don't have control over your peers sequence
numbers, but then someone smarter than I came up with syncookies...
--
Brandon Martin
ta. Devices which have access to Wi-Fi/Bluetooth beacon
location databases can largely do the same. This is almost guaranteed
to be more accurate AND more precise.
--
Brandon Martin
re serious about recycling the electrolyte.
--
Brandon Martin
trate on the ITU/Bellcore stuff in North America, so
GPON/XGS-PON it is.
--
Brandon Martin
life is
important but almost implied these days. Must be able to nicely run Linux
(distro is unimportant).
--
Brandon Martin
s SOLELY based on IRR. That is, they are not permissive and will assume
that, if there is an IRR object present for a prefix, that ONLY the
announcements matching that object should be accepted. This can lead to severe
reachability issues if not corrected.
--
Brandon Martin
a bit different. I also can't imagine they're actually overlaying
AT's fiber-to-the-prem network as, to my knowledge, AT does not
allow 3rd party access to it in any market.
--
Brandon Martin
80km with them really pushing the link budget at that point.
Honestly, I'd be tempted to just suck it up and do a coherent solution,
though I admit it would probably be at least 2x the cost. You can
probably get a 200G carrier, though.
--
Brandon Martin
?
--
Brandon Martin
it longer and may be more thoroughly
documented.
--
Brandon Martin
ry and get more entropy.
I hope they hash on L2 MAC, as well, but a pretty common scenario for an
L2 interconnect only has one MAC on each end of the link, so that
doesn't help much. They rallly don't want all your traffic ending
up on one side of a LAG.
--
Brandon Martin
imminent shortage
of ASNs and don't need to be particularly stingy about allocating them
as long as a need is met.
--
Brandon Martin
need full routes from them, they have a
VERY open peering policy, and that 100G port might be better suited to a
local IX where you can pick them up along with a bunch of other content
networks.
--
Brandon Martin
platform vendors not just
supporting it by heavily pushing it.
I really do hope it becomes a real product that I (as a smaller, local
island operator) can buy, but it just doesn't seem to be there yet at
least in my region.
--
Brandon Martin
just throw things straight into a
mux/demux on each end and rely on the power budget of the transceiver
itself, so that makes sense for cheap DCI.
--
Brandon Martin
on a long-haul span or something.
--
Brandon Martin
I've been trying unsuccessfully for the past couple weeks to get in
touch with the sales folks at CyrusOne. E-mails and voicemails have
gone unreturned.
Anyone have a usable contact there or able to matchmake?
--
Brandon Martin
these are questions you have to essentially answer "up front" in many cases.
--
Brandon Martin
ed the RFC! Then I can also have some
specific models to direct people toward along with "Or just look for
'RFC8585' on the box".
But, right now, I am aware of none.
--
Brandon Martin
s who do want to do things their own way.
--
Brandon Martin
transition mechanisms) that needs constant
updating and may not be easily available is not ideal.
Heck just having a real, complete list of supported features on the
model support page on their website would be an improvement...
--
Brandon Martin
,
though I haven't verified that it works. They're at least acknowledging
demand for it which is a nice step forward.
--
Brandon Martin
.
For a lot of networks, this can end up being just the OSC, but as
that's often not subject to the full photonic path, I'd likewise advise
against that being the case and to make sure you have at least some
fully "in band" traffic that can be monitored along both legs.
--
Brandon Martin
layer at scale, and of course the NAT
is stateful no matter what you do with this technique.
--
Brandon Martin
CPE vendor is claiming 464XLAT
support now (though I've not tested it), but doesn't appear to even know what
MAP or LW4o6 are and certainly has expressed no plans to support it at least at
the sales engineer questionnaire level.
--
Brandon Martin
experience: "So, tell me about a particularly dicey interoperability
scenario you encountered while going for your CCIE? What steps did you
take to troubleshoot and either solve or work around it?" or similar.
--
Brandon Martin
something
to point them to that will show them it's a "real thing". Getting rid
of state at the CGN as is (or can be, at least) necessary with 464XLAT
seems like a real boon while placing minimal additional burden on the CPE.
--
Brandon Martin
the SDN craze...you just have to know what it is.
Reminds me of the early days of ".NET" at Microsoft. Everything was
".NET", and eventually it became an actual thing.
--
Brandon Martin
even if your hiring
process doesn't demand them, others' will, and many people have a
standard-ish resume with application-specific cover letter.
--
Brandon Martin
into a single box presumably because it's
cheaper for initial deployment than separate boxes for ONU and CPE
router/AP. No indication of those being affected in this notice, at
least that I could find.
--
Brandon Martin
igure them if you don't need them.
Are you married to Cisco? The 9200 is not a bad pizza box platform, but
you can definitely get comparable features and bandwidth cheaper (or
more bandwidth for the same price) from other folks.
--
Brandon Martin
ing them to the port itself, and they definitely won't do "BNG"
type functionality with PPPoE or tag-per-customer with shared L2
appearance at least not at any real scale.
--
Brandon Martin
sure how you'd offer a protected "dark fiber" service without
encroaching on the ability of the subscriber to light it to their pleasing.
--
Brandon Martin
any of the cellular telematics providers
at the time. I don't know if this has changed. For our application,
this was fine, but for mixed vendor "IoT" devices, it would probably not
work out well.
--
Brandon Martin
and NAT, and they generally "do the right thing" out of the box for most
folks.
--
Brandon Martin
I'm curious...
Is it part of the DOCSIS spec that the CMTS terminates L3, or can they
bridge to IEEE 802(.3) and delegate that to some other piece of gear?
I'm unfortunately not familiar with the MSO world much at all aside from
a little bit of L1.
--
Brandon Martin
on their "business class" DOCSIS
product and is upcharged even then.
--
Brandon Martin
to ADSL2+ at ~24Mbps for
long-reach situations.
--
Brandon Martin
that having a misbehaving server listing on 443 (and accepting SNI
for a name that works on plain HTTP, if applicable) at the same domain
as a well-known, public HTTP server, especially from a "security"
company, is a poor idea.
--
Brandon Martin
or are a well-established CLEC from a
long time ago. The ILEC mostly gets free reign to set the access costs,
and they set them sufficiently high as to "discourage" competition from
using it where they can get away with it.
--
Brandon Martin
, is the devil. Clock stretching is
particularly annoying along with the requisite use of open-drain drivers
to accomplish it.
I was not aware of 10SPE, though...looks very useful (for lots of
purposes). Physical multi-drop on low-cost cabling is quite useful.
--
Brandon Martin
, I prefer the CLI.
--
Brandon Martin
zed Adtran disty you
also get their provisioning and monitoring suite (AOE) "free" as long as
you maintain a support contract (which isn't particularly expensive).
It's kinda blah (and Flash-based, but I'm told that's changing by the
end of the year...) but does work.
--
Brandon Martin
has considerable
control over the phone.
FWIW, this software component (the CLAT) can also be on the CPE edge
router which many ISPs either control outright these days or at least
can influence.
--
Brandon Martin
that, you can get rid of the programmatic state tracking entirely
and just use static translations for TCP and UDP which, while nice, is
impractical. You're about 95% of the way to LW4o6 or MAP at that point.
--
Brandon Martin
without also having the CPE
know which ports to use (in which case you might as well use LW4o6 or
MAP), but at least you can get it down to where you really only need to
log (or block and dole out public IPs as needed) port-less protocols.
--
Brandon Martin
(and it certainly
is, at least repairs generally are - new construction perhaps could be
argued), then underground utility marking is, too, since it's mandatory
for safely performing underground construction.
--
Brandon Martin
a problem. I assume it's TDMA, and the
terminals have imperfect clocks.
--
Brandon Martin
it's just what happens when you spread an already limited
resource (transponder bandwidth) out over essentially an entire continent or at
least substantial portions of it. Imagine if you had a cable provider with a
single node for an entire, say, US state.
--
Brandon Martin
ag since compromised wordpress instances are one of the
biggest sources of snowshoe hosting in my experience.
--
Brandon Martin
On 4/13/20 4:31 PM, Randy Bush wrote:
it seems a lot of folk think prepending acrually works.
I mean, there's prepending and then there's prepending 50+ times... Has
the latter EVER been useful in any way, shape, or form?
--
Brandon Martin
you
have a misconfiguration somewhere (presumably unintentional and perhaps
some poorly behaved automatic config on a CPE).
--
Brandon Martin
here.
--
Brandon Martin
and, since SMF can't be gotten rid of
entirely in fixed infrastructure, I'll take the normalization where I
can get it.
--
Brandon Martin
if you can just drop more fiber
down the riser" echo chamber.
--
Brandon Martin
uot; (either for the user, via a management interface, or for
the vendor, via policy template) to fix. Writing an entirely new L4 NAT
helper is a different matter entirely.
IPv6 would of course render this moot, but we all know how well IPv6
traffic gets treated...
--
Brandon Martin
design hold-up time it
seems to have, but of course maintenance varies a lot. Newer
deployments, especially fiber-to-the-curb often have essentially no
hold-up at the local node unless it's back powered from the customer
prem (in which case the customer can keep it up themselves).
--
Brandon Martin
.
* An IPSec SA itself is quite simple. Making it unidirectional is
in-line with that notion and appears to have few consequences.
* An IPSec SPD is also unidirectional (one could argue that this is a
mistake, but see all the above), and an SA follows directly from an SPD.
--
Brandon Martin
50-75Mbps in practice, even if the
local MSO says you can get more.
The divide keeps getting bigger.
--
Brandon Martin
on
consumer-facing networks and congestion, if it occurs, is unlikely to
generate complaint volume.
--
Brandon Martin
.
Yeah, these were the "legal" aspects I was referring to above. Not a
technical problem, really. I can't say I'm surprised, and I can think
of some workarounds, but it's definitely a thing to consider.
--
Brandon Martin
rks, and I don't
think it was actually supported by Valve.
Maybe I'm smoking something, here...
--
Brandon Martin
.
--
Brandon Martin
for those of us
without local caching.
--
Brandon Martin
On 2/6/20 8:03 PM, Brandon Martin wrote:
An RADB entry for IP range 64.25.104.0/22 was recently entered by Crown
Castle Fiber that appears to be in error. Please contact me off-list to
help resolve. Thank you.
CCF claims it's been taken care of. Thanks.
--
Brandon Martin
An RADB entry for IP range 64.25.104.0/22 was recently entered by Crown
Castle Fiber that appears to be in error. Please contact me off-list to
help resolve. Thank you.
--
Brandon Martin
they
were able to do that since it was a "PRI" product (which may have at least
partially explained the exorbitant cost). We ended up just ordering 3 POTS
lines and for OOB data.
--
Brandon Martin
with huge market penetration and each
"patch" is an entirely new copy of said 100GB game, that's a lot of traffic.
--
Brandon Martin
e like ICANN or IANA could publish an ROA to a reserved ASN (or to
no ASN - is that possible?) for all unallocated space or something of
the like, I suppose.
--
Brandon Martin
at least, REQUIRED to be
itemized to the customer.
If it's not in the contract, I'd try to get out of it.
--
Brandon Martin
ing my network's
routing policies."
As has been pointed out, there's not a shortage of ASNs like there is
IPv4. The policy surrounding assignment of ASNs is mostly to make sure
that people who are getting one actually have a use for it and know what
they intend to do with it.
--
Brandon Martin
they are always within spec,
they seem to vary a bit more than with bigger name modules especially
within a lot. That does matter a bit more with PON optics than with AE,
so that is one thing to consider, too, though it's a minor complaint
again since everything is always within spec.
--
Brandon Martin
ribed deep in the bowels of your contract. If
not...you might be able to get out of them.
--
Brandon Martin
ose environments. Deployment of
these started well before any 5G hype I was aware of even on the network
operator side (think 6+ years ago).
All that is to say, what's the magic secret sauce that makes "5G" any real
different from "modern 4G"? I really don't want to go d
seem to do this to some degree, though my evidence is
anecdotal. They don't seem to drop when you exceed your dollop, though,
but rather re-mark.
--
Brandon Martin
Of course, this is also what Mobile IP was intended to solve, and we all
know how widely that's deployed.
--
Brandon Martin
l that's
overloaded, YMMV.
--
Brandon Martin
be more like DKIM in that
you can, with cryptographic certainty, know THE network at which to
point fingers as they're the ones who admitted the call into the PSTN
with authority that the CID field (among others) is "valid".
[And all the old PSTN folks will please forgive me if I'm inaccurate,
here, though corrections are welcome]
--
Brandon Martin
d BS resumes as much as
the interviewees do. This goes double when it's been modified to the
point that the qualifications stated bear little to no resemblance to
the original ones stated. That just wastes everyone's time.
--
Brandon Martin
harder for the networks responsible for the reflection/amplification to track
down the problem using traffic analysis as well as coming in on the lower end
of the "how much do I care?" part of the abuse team's line-up.
--
Brandon Martin
to deliver that content and, instead, the target network
should expect it to come in over the "public Internet" via some other
connection. Is that accurate?
Thanks for the clarifications.
--
Brandon Martin
, only
content locally available at that location will come over that peering
session with the rest coming via other means? Does Akamai not have
private connectivity to their public peering points?
--
Brandon Martin
hat that's a recommended configuration, but
I suspect it would often work. I certainly have IPv6-only testbeds.
There's a few groaners usually, but a surprisingly large amount of stuff
"just works".
--
Brandon Martin
, if that matters to you.
--
Brandon Martin
eyeballs" type behavior. Whether banning an entire
ASN like that in precisely a situation where this kind of thing is likely to
occur is a good practice or not is left as an exercise to the reader.
--
Brandon Martin
like I'd expect them to be?
--
Brandon Martin
/52 for each IPv4) amount of IPv6? And if you don't need a
"comparable" amount of IPv6, presumably you aren't using all your legacy IPv4
and can sell off part of its presumably huge allocation to get some funds.
--
Brandon Martin
cation to recognize the nuance between public addressing and
unfiltered public reachability of a given host. I suspect many of them
are already using IPv6 for LAN traffic without even realizing it given
Windows' penchant for doing so since Vista.
--
Brandon Martin
with everything that entails, I
think it's probably STILL in your short-term economic best interest to
deploy IPv6 simply due to the reduction in scope of "everything that
entails".
--
Brandon Martin
service provider
and instead provide a real, useful means for the user to directly
contact the content provider to resolve the issue)
--
Brandon Martin
1 - 100 of 221 matches
Mail list logo