Re: jon postel

On 2022-10-17, at 16:57, Grant Taylor via NANOG wrote: > > In my not so humble opinion, Where Wizards Stay Up Late should be required > reading for anyone wanting to learn about the history / development of the > ARPAnet and the Internet. That said, it would be a worthwhile project to collect

Re: Scanning the Internet for Vulnerabilities

On 2022-06-20, at 23:02, Mel Beckman wrote: > > Carsten, > > The discussion is not getting far afield: it’s on point. And it’s a hugely > germane topic for network operators. > > Regarding your claim “You consented to receiving packets when connecting to > the Internet“, I counter with what

Re: Scanning the Internet for Vulnerabilities

On 2022-06-20, at 19:36, goemon--- via NANOG wrote: > > On Mon, 20 Jun 2022, Carsten Bormann wrote: >>> On 2022-06-20, at 14:14, J. Hellenthal wrote: >>> Yeah that's another thing, "research" cause you need to learn it let's have >>> them do i

Re: Scanning the Internet for Vulnerabilities

J., > On 2022-06-20, at 14:14, J. Hellenthal wrote: > > Yeah that's another thing, "research" cause you need to learn it let's have > them do it too, multiply that by every university \o/ there was some actual research involved. I agree that there should be a very good reason to expend a

Re: Scanning the Internet for Vulnerabilities

On 2022-06-20, at 04:18, Mel Beckman wrote: > > When researchers, or whoever, claim their scanning an altruistic service, I > ask them if they would mind someone coming to their home and trying to open > all the doors and windows every night. Well, it is more like the guy who comes once a

Re: FCC vs FAA Story

On 2022-06-05, at 22:01, Miles Fidelman wrote: > > Still doesn't address whether or not C band radios break radio altimeters. The discussion reminds me of the early 1990s, when mobile phones became pocketable. There was some talk about how emissions from mobile phones that people take into

Re: IPv6 Only

On 2022-03-31, at 20:54, Matthew Petach wrote: > > And yet, in order to "turn off the lights on IPv4", we're going to have to > root through all those dark corners of code The part that you might be missing is that those dark corners are also where the vulnerabilities hide. If a piece of

Re: "Permanent" DST

On 2022-03-16, at 13:26, Tom Beecher wrote: > > I certainly can't find any references to a massive uptake in kids getting > doinked by cars at dark bus stops in that 70s experiment. Of course not. The game is that at least one kid will die in the time an experiment runs, and the press will

Re: Russia attempts mandating installation of root CA on clients for TLS MITM

On 2022-03-13, at 01:33, Sean Donelan wrote: > > Its not a question of whether you trust one CA (e.g. the Russian Ministry of > Digital Development CA), but whether everyone trusts all 100+ CA's in > universal trust stores to sign everything/anything. Right. Authorization is not a binary

Re: Ukraine request yikes

On 2. Mar 2022, at 17:38, wrote: > > “democracy” PSA: Please read https://newsletters.theatlantic.com/peacefield/6206c37b9d9e380022bed32f/is-it-fascism-is-it-socialism/ before using words like this again. I hope this PSA is useful enough for minimizing “discussion" to warrant this

Re: What do you think about this airline vs 5G brouhaha?

On 2022-01-19, at 02:39, John Levine wrote: > > > tl;dr while interference is certainly possible in theory, […] Reminds me of the first few years I had a handheld digital cellphone (GSM). There was a theoretical possibility that the (up to 2 W) RF pulses from the phone could trigger the

Re: Log4j mitigation

On 13. Dec 2021, at 20:32, Jared Mauch wrote: > > This is an great modern example showing how deeply embedded things could be, > and they get worse with each of these nesting technologies as well, it may be > embedded in a docker or VM image, or the class could be in some other JAR or > zip

Re: .bv ccTLD

On 2021-12-04, at 16:18, Cynthia Revström via NANOG wrote: > > I think pretty much all codes ending in an X is because there were no > better ones available. (I am not certain on this part though) I don’t think the Mexicans would agree :-) .bx (Benelux) is reserved only, but it is another

Re: Redploying most of 127/8 as unicast public

On 2021-11-18, at 00:29, Jay R. Ashworth wrote: > > This seems like a really bad idea Right up there with the FUSSP. https://www.rhyolite.com/anti-spam/you-might-be.html Someone should write a page like that about the FUSIAS (final ultimate solution to the IPv4 address shortage) proposals.

Re: DNS pulling BGP routes?

On 2021-10-08, at 07:25, Sabri Berisha wrote: > > Whenever there is an aviation incident, the keyboard warriors at pprune.org > are always the first to start speculating about root causes So we need an NTSB, BFU, ... for the Internet and widely used Internet applications. (And the other

Re: Facebook post-mortems...

On 5. Oct 2021, at 07:42, William Herrin wrote: > > On Mon, Oct 4, 2021 at 6:15 PM Michael Thomas wrote: >> They have a monkey patch subsystem. Lol. > > Yes, actually, they do. They use Chef extensively to configure > operating systems. Chef is written in Ruby. Ruby has something called >

Re: IPv6 woes - RFC

On 2021-09-16, at 01:20, Michael Thomas wrote: > > So I'm beginning to think that the reason ipv6 didn't take off is one simple > thing: time. Well, actually, the reason was: Microsoft :-) (And time.) We entered into the current trajectory when we missed the window to get IPv6 into Windows

Re: IPv6 woes - RFC

> In fact, I am going to continue with said H.E. IPv6 tunnel, just without > advertising it to the network (RA / DHCPv6). I will have to statically > configure IPv6 on things that I want to use it on. There we get to the heart of things. The problem is not with IPv6 or your ISP (*), but

Re: AWS contact?

On 20. Feb 2021, at 01:16, Andras Toth wrote: > > 00:10:28.921224 IP6 (flowlabel 0x4901f, hlim 54, next-header TCP (6) payload > length: 1460) Weird. Why would an IPv6 server ever send a full-sized packet? You have to sacrifice ~100 bytes to the firewall gods. Grüße, Carsten

Re: Texas internet connectivity declining due to blackouts

Hi Sean, > On 17. Feb 2021, at 21:58, Sean Donelan wrote: > > > > On Wed, 17 Feb 2021, Carsten Bormann wrote: >> That’s not how it works. > > https://www.bmwi.de/Redaktion/EN/Artikel/Energy/electricity-grids-of-the-future-01.html Yes. This is fully

Re: Texas internet connectivity declining due to blackouts

On 2021-02-17, at 19:36, Sean Donelan wrote: > > undergrounding HV transmission lines That’s not how it works. In Germany, the majority of rural area HV transmission is above ground, for reasons that have been mentioned here. If we have significant power outages (once-in-a-decade events),

Re: Texas internet connectivity declining due to blackouts

On 16. Feb 2021, at 16:40, Yang Yu wrote: > > You can find ERCOT Operations > Messageshttp://www.ercot.com/services/comm/mkt_notices/opsmessages No, I can’t. (OK, with a handy VPN, I do get access. ) Grüße, Carsten Access Denied Error 16 www.ercot.com 2021-02-16 22:12:17 UTC If you believe

Re: [Spam]Re: A letter from the CEO

Hundred Meg, Ten Gig, One erm...? Maybe harder to create vernacular for. > On 2020-11-23, at 14:35, Mark Tinka wrote: > […] > > Given that Tbps is still relatively uncommon in many operator networks, it's > not uncommon to hear people say Megabit and Gigabit with no problem, but say >

Re: A letter from the CEO

On 2020-11-23, at 08:09, William Herrin wrote: > > On Sun, Nov 22, 2020 at 10:37 PM Carsten Bormann wrote: >> On 2020-11-20, at 23:18, 6x7 Networks - Lady Benjamin, CEO >> wrote: >>> 8tbps (8 terrabits per second). >> I don’t expect the majority of nanog peop

Re: A letter from the CEO

On 2020-11-20, at 23:18, 6x7 Networks - Lady Benjamin, CEO wrote: > > 8tbps (8 terrabits per second). Competence signaling: technical competence very low. I don’t expect the majority of nanog people to know the intended data rate would properly be notated as 8 Tbit/s, but a space after the

Re: 60 ms cross-continent

On 2020-06-20, at 19:07, Joel Jaeggli wrote: > > This is c in a vacuum. Light transmission through a medium is slower. Ob-movie: https://en.wikipedia.org/wiki/The_Hummingbird_Project Grüße, Carsten

Re: RFC6550 (RPL) and RFC6775 (IPv6 Neighbor Discovery for 6LoWPANs)

Hi Etienne, I’m also not sure many of the classical network operators assembled in NANOG work with 6LoWPANs today, but I still can answer your question. > While trying to build a holistic view of LoWPANs, I'm consulting the IETF's > informational and standards documents. > > I'm struck by the

Re: 24x7 vs 24x7x365 Re: Constant Abuse Reports / Borderline Spamming from RiskIQ

On 2020-04-18, at 03:08, Rich Kulawiec wrote: > > 24x7x365 thus means every hour of 7 years. YES, I know, I know. Clearly, it means the NOC only operates in the seven years of great abundance that precede the seven years of famine (Genesis 41:29 etc.). I think I have seen such NOCs before

Re: COVID-19 vs. our Networks

On 2020-03-17, at 12:36, Mark Tinka wrote: > > While that does improve availability and performance, I don't > think it really pushes the Internet beyond the realm of "best-effort”. Folks, my supermarket is “best-effort”. I expect exactly the same level of service from my Internet that I

Re: COVID-19 vs. our Networks

On 2020-03-16, at 15:40, Mike Bolitho wrote: > > I think people are vastly underestimating just how much $aaS there is within > the medical field. I recently had to reschedule an X-ray because the license manager for the X-ray machine was acting up. I don’t think people have a grasp for how

Re: akamai yesterday - what in the world was that

On 2020-02-12, at 20:45, Mike Hammett wrote: > > Aren't most modern consoles on whether they're "on" or not? IE: It's not a > full power up from a dead stop, 0 watts power usage. https://www.anandtech.com/show/7528/the-xbox-one-mini-review-hardware-analysis/5 says two-digit standby power

Re: all major US carriers received text messages overnight that appear to have been sent around Valentine's Day 2019

On Nov 8, 2019, at 20:38, Chris Kimball wrote: > > Oct 24, 2019 I’ve seen the date. But have you seen the content? > The Cross-Carrier Messaging Initiative will help drive the next generation of > messaging for consumers and businesses. Hello? > Looks to be within the last month! Of 2006?

Re: all major US carriers received text messages overnight that appear to have been sent around Valentine's Day 2019

OK, I understand the part about text messages from February 2019 being sent on now, but… > On Nov 7, 2019, at 23:42, Chris Kimball via NANOG wrote: > >

Re: netstat -s

On Jul 17, 2019, at 20:54, Randy Bush wrote: > > do folk use `netstat -s` to help diagnose on routers/switches? I have used netstat -s on hosts to look at error counters if a switch or router was suspect. But that was a while ago (anyone remember when NFS corrupted all your files if one of

Re: someone is using my AS number

On Jun 12, 2019, at 18:10, David Guo via NANOG wrote: > > Send abuse complaint to the upstreams > > Get Outlook for iOS Yes, but which of these is more effective? SCNR Grüße, Carsten

Re: NTP question

On May 2, 2019, at 00:41, Alejandro Acosta wrote: > > As other have commented before, it looks you need an outdoor antenna, > however, reading the specs it says: > > > > “The built in high sensitivity GPS receiver is able to lock multiple > satellites from within multiple buildings or

Re: A Zero Spam Mail System [Feedback Request]

Been there, done that (I wrote my own driver for the bisync card, so I didn’t have the latter problem, just had to tame a barely documented Motorola chip “helping” with the already weird DLE handling). I’d still prefer doing that again over today’s spam problem. (There actually is a teachable

Re: OT/venting: RIPE legal - please stop this madness!

On Feb 15, 2019, at 16:46, Mel Beckman wrote: > > rant not operational, it’s not even North American While that is true, an event where a regional registry has been taken over by (badly programmed) AI robots should be very much of interest both operationally and for North Americans. Grüße,

Re: WEBINAR TUESDAY: Can We Make IPv4 Great Again?

On 6 Mar 2017, at 22:00, Baldur Norddahl wrote: > > Encode extra address bits in extension headers. Add a network element near > the destination that converts such that the destination IP of a packet to IP > a.b.c.d with extension header containing e.f is translated

Re: IPv6 Deployment for Mobile Subscribers

RFC 6177: This document obsoletes RFC 3177, updating its recommendations in the following ways: 1) It is no longer recommended that /128s be given out. While there may be some cases where assigning only a single address may be justified, a site, by definition,

Re: reliably detecting the presence of a bridge?

[Dave asked me to repost this to the list -- not sure how useful this little lead is; haven't worked on this for more than half a decade.] I don't have a good platform to test this on today, but one way to detect a wireless bridge a couple of years ago was to send a SNAP packet (actually anything

Re: Hotels/Airports with IPv6

Oliver O'Boyle wrote: It's not their job to even know to ask for a specific protocol version in the first place No. They should just ask, with the best geek intonation, whether this place still is stuck with 32-bit Internet. Grüße, Carsten

Re: DNSSEC?

On 11 Apr 2014, at 21:25, Chris Adams c...@cmadams.net wrote: DNSSEC does not use TLS (or any other kind of transport encryption). The administrative interfaces controlling the implementation might still do. Grüße, Carsten

Re: Filter NTP traffic by packet size?

On 22 Feb 2014, at 08:47, Saku Ytti s...@ytti.fi wrote: I'm surprised MinimaLT and QUIC have have not put transport area people in high gear towards standardization of new PKI based L4 protocol, I think its elegant solution to many practical reoccurring problem, solution which has become

Re: Filter NTP traffic by packet size?

(Just be careful not to try to fight yesterday's war”.) yesterday's war = don't bring up that operators are having a real problem with UDP, No, you don’t. You are having a problem with applications that enable strongly amplified reflection. (Yes, after the days of smurf passed, these are

Re: iOS 7 update traffic

On Sep 23, 2013, at 15:10, Simon Leinen simon.lei...@switch.ch wrote: Glen Kent writes: One of the earlier posts seems to suggest that if iOS updates were cached on the ISPs CDN server then the traffic would have been manageable since everybody would only contact the local sever to get the

Re: This is a coordinated hacking. (Was Re: Need help in flushing DNS)

Wild speculation: netsol says this is a human error incurred during DDOS mitigation. ztomy.com is a wild-card DNS provider that seems to use prolexic. Now imagine someone at netsol or its DDOS service providers fat-fingered their DDOS-averting routing in such a way that netsol DNS traffic arrived

Re: 40 GBit @ 240 GHz across 1 km LoS

On May 17, 2013, at 16:30, Warren Bailey wbai...@satelliteintelligencegroup.com wrote: By not working. At those frequencies you're talking a light moisture pocket taking the entire link down. Not quite as bad:

Re: Big day for IPv6 - 1% native penetration

On Nov 26, 2012, at 14:53, Dobbins, Roland rdobb...@arbor.net wrote: It is significant because Why*) do you believe it is important to waste everybody's time with these kinds of arguments? We have seen your kind of thinking. First, the Internet was never going to replace X.25/Frame

Re: Adding GPS location to IPv6 header

On Nov 24, 2012, at 22:18, John Adams j...@retina.net wrote: If there's a place where I can go and vote this down / debate it away, tell me where that is. Not needed. It already has been completely shredded at the relevant IETF mailing lists, geopriv and ipv6 (6man WG). I have no idea why

Re: Plages d'adresses IP Orange

On Nov 19, 2012, at 22:24, Ray Soucy r...@maine.edu wrote: The universal translator is still a few years out it seems. The universal character set is widely deployed, though. The universal translator just can't do it's thing if people still don't manage to send the simplest emails without

Re: POLL: 802.1x deployment

If you regularly use one or more 802.1x protected networks, could you take a moment to reply off-list, and tell me the size of the network (homelab, smb, enterprise, carrier), and, if you know, how long 802.1x has been deployed there? Surely you are joking, Mr. Ashworth. The entirety of

Re: common time-management mistake: rack stack

On Feb 17, 2012, at 18:55, Owen DeLong wrote: I also think that when we spend too many consecutive weeks/months/years behind a desk without going out in the real world, we become progressively more detached from the operational reality where our designs have to operate. In software, this

Re: Common operational misconceptions

On Feb 16, 2012, at 18:08, Jack Bates wrote: It at first started with trying to explain that vlan based switching is not Layer-3. :( Ah, one of the greatest misconceptions still around in 2012: -- OSI Layer numbers mean something. or -- Somewhere in the sky, there is an exact definition of

Re: Common operational misconceptions

On Feb 16, 2012, at 23:41, Michael Sinatra wrote: Use of the word IP alone to mean IP address, e.g.: Person: Does that server have an IP assigned? Me: Yeah, it's got a whole stack. Yeah, and P: Can you give me your email? M: All 20 GB of it? Grüße, Carsten

Re: Common operational misconceptions

On Feb 17, 2012, at 07:50, Paul Graydon wrote: what OSI means Yet another common misconception popping up: -- You can talk about the OSI model in the present tense (That said -- yes, it is still useful as a set of simple terms for certain combinations of functions. It is also still useful as

Re: Common operational misconceptions

On Feb 15, 2012, at 23:36, Chuck Anderson wrote: security That must be the top of the list: Switches provide security (by traffic isolation) DHCP provides security (by only letting in hosts we know) MAC address filtering provides security (fill in the blanks…) NAC provides security NATs

Illegal content (Re: Megaupload.com seized)

On Jan 20, 2012, at 11:25, Robert Bonomi wrote: Public distribution without the permission of the copyright owner is illegal. This is veering off the purpose of this list, but maybe it is operationally significant to be able to use the right terms when a law enforcement officer is standing

Re: TCP congestion control and large router buffers

Some more historical pointers: If you want to look at the early history of the latency discussion, look at Stuart Cheshire's famous rant It's the Latency, Stupid (http://rescomp.stanford.edu/~cheshire/rants/Latency.html). Then look at Matt Mathis's 1997 TCP equation (and the 1998 Padhye-Firoiu

Re: ISP customer assignments

On Oct 5, 2009, at 17:38, Seth Mattinen wrote: The most common thing I see is /64 if the end user only needs one subnet, /56 if they need more than one. Brrzt, wrong. Neither the end user nor you know the answer to that question! So the only sensible thing is to always give them a /56.

Re: Where to buy Internet IP addresses

On May 6, 2009, at 14:52, Jack Bates wrote: Better standards Sure! (You are preaching to the choir here.) While we are still on the way there, we just: 1) Shouldn't waste time reinventing decisions that are a done deal (say, EUI-64 in SAA). 2) Shouldn't use the lack of our favorite

Re: Where to buy Internet IP addresses

Sure, but how does the router know it needs to hand out a /62? Then what about the router after that? Does it hand out a /61? then the router behind that? For now: Reserve a /64 for your own allocations (SAA), then hand out half of what you have (i.e., of a /56 for the first CPE, so a /57)

Re: Where to buy Internet IP addresses

On May 4, 2009, at 23:36, Stephen Sprunk wrote: FireWire is the only significant user of EUI-64 addresses Yesterday, it was. You might want to read up about IEEE 802.15.4 and 6LoWPAN. We are not joking when we talk about the next billion nodes on the Internet. For those who are worried

Re: Where to buy Internet IP addresses

On May 4, 2009, at 10:08, Nathan Ward wrote: Forwarding these requests up to the ISP's router and having several PDs per end customer is in my opinion the best way to go. If the ISP sees (and has to hand out) the PD, some bean counter will put a price tag on it (differential pricing). If