If one follows the social media accounts of the Pakistan version of the
FCC, nowadays they're just banning anything they find insulting or illegal
in the local legal system, and ordering ISPs to null route big chunks of IP
As an anecdotal data point, the only effect this has had is
I am doing this right now. A starlink CPE is a fairly ordinary DIA link
that exists in cgnat space from the perspective of whatever router you plug
into it. The starlink indoor 'router' is optional.
Whatever you plug into the high power PoE injector will be given a DHCP
lease and a default route
> > jamming uplink
> > frequencies, which will affect the service in whole region.
> > And in the worst case, it will give reason to use anti-satellite weapons.
> > On 2021-03-29 03:23, Eric Kuhnke wrote:
> >> I would also concur that t
cassegrain dish up there. Pretty typical thing already for embassies, the
big difference would be that that they'll have more market options for
On Sun, Mar 28, 2021 at 10:18 PM Mark Tinka wrote:
> On 3/29/21 02:23, Eric Kuhnke wrote:
of life is paved
> with flat squirrels who could not make a decision.
> >-Original Message-
> >From: NANOG On Behalf Of
> >Eric Kuhnke
> >Sent: Sunday, 28 March, 2021 18:24
> >To: na...@jima.us
> >Cc: email@example.com
> >Subject: Re: 10 years
I would also concur that the likelihood of Starlink (or a Oneweb, or
Kuiper) terminal being used successfully to bypass the GFW or similar
serious Internet censorship, in an authoritarian environment, is probably
low. This is because:
a) It has to transmit in known bands.
b) It has to be located
Nothing more than anecdotal evidence, when I last looked into the
externally available network details on a number of low-budget VPS hosting
companies... I would say that if anything, a person who really knows what
they're doing operating a properly MX, will face more difficulties today
I think you will find that most SMTP / anti-spam focused RBL tools give a
very similar result for IP reputation on a per /24 block basis, for any
randomly chosen IP in the block, particularly where the /24 in question has
previously been used and announced by a dedicated server/VPS/virtual server
For persons considering mattermost, I would recommend instead looking into
a self hosted Matrix + Synapse (matrix protocol server daemon) setup, which
is fully open source.
Element is one typical GUI client for it, but there are many options.
It's one thing to use a GUI tool when it's convenient and quick. I think
anyone that's ever experienced setting up a Unifi controller would probably
prefer provisioning a new 802.11ac AP from the GUI rather than doing it
manually at a command line.
But it's another thing to consider that we have
In my opinion we have two very different types of 'contact me off list'
things going on here.
We have commercial solicitations and people looking to make contacts for
buying transport circuits, capacity, etc.
And then on the other hand we have 'contact me off list' asks related to
Perhaps the sales, marketing and 'business development' people who've never
typed "enable" or "configure" into a router a single day in their lives
might be better served with a dedicated list that is mission focused on
bizdev, and not operational issues.
On Thu, Mar 18, 2021 at 3:29 PM Matthew
I would encourage anyone who is not familiar with the full situation to
read the recent history of AFRINIC events:
rian Knight wrote:
> On 2021-03-05 15:40, Eric Kuhnke wrote:
> > For comparison purposes, I'm curious about the difference in wattage
> > results between:
> > a) Your R640 at 420W running DPDK
> > b) The same R640 hardware temporarily booted from a
ISPs/NSPs with customers running self hosted or on-premises Exchange may
want to be aware of this.
For comparison purposes, I'm curious about the difference in wattage
a) Your R640 at 420W running DPDK
b) The same R640 hardware temporarily booted from a Ubuntu server live USB,
in which some common CPU stress and memory disk/IO benchmarks are being run
to intentionally load
On Fri, Mar 5, 2021 at 8:09 AM Tom Hill wrote:
> On 05/03/2021 00:26, Eric Kuhnke wrote:
> > A great deal of this discussion could be resolved by the use of a $20
> > in-line 120VAC watt meter  plugged into something as simple as a $500
> > 1U server with some of the DPDK-
A great deal of this discussion could be resolved by the use of a $20
in-line 120VAC watt meter  plugged into something as simple as a $500 1U
server with some of the DPDK-enabled network cards connected to its PCI-E
bus, running DANOS.
Characterizing the idle load, average usage load, and
First, take a look at this:
Now look at these (or use your own BGP table analysis tools):
The claimed prefixes announced, traffic levels and POPs appear to have no
correlation with reality in global
I would be more interested in seeing someone who HASN'T crashed a Cisco
6500/7600, particularly one with a long uptime, by typing in a supposedly
harmless 'show' command.
On Tue, Feb 23, 2021 at 2:26 PM Justin Streiner wrote:
> An interesting sub-thread to this could be:
> Have you ever
>From a datacenter ROI and economics, cooling, HVAC perspective that might
just be the best colo customer ever. As long as they're paying full price
for the cabinet and nothing is *dangerous* about how they've hung the 2U
server vertically, using up all that space for just one thing has to be a
Sierra Leone is very much *not* French speaking, in the context of ISPs and
There may be a significant minority of people who do speak French due to
its regional proximity to other countries, for business, but the language
of higher education, business, finance, telecom, real estate and
There is really no such thing since there is just the one cable landing
station. I've previously spent months working in network infrastructure and
telecom in Sierra Leone, contact me off-list if you're serious about
getting something done there.
On Thu, Feb 18, 2021 at 9:46 AM Rod Beck
On that note, I'd be very interested in hearing stories of actual incidents
that are the cause of why cardboard boxes are banned in many facilities,
due to loose particulate matter getting into the air and setting off very
sensitive fire detection systems.
Or maybe it's more mundane and 99% of
In the context of Montreal, to clarify, when you say Zayo are you referring
to Zayo Canada (former AT Canada/MTS-Allstream), or AS6461, the original
Abovenet AS which is Zayo USA's IP transit network?
On Wed, Feb 17, 2021 at 11:17 AM Eric Dugas via NANOG
> The details you mentioned
That depends on your definition of grey market, there is an officially
approved ARIN IP block transfer process for people who are buying, via
brokers, discrete /24s and larger.
On Tue, Feb 16, 2021, 4:46 PM Michael Thomas wrote:
> On 2/16/21 4:18 PM, Fred Baker wrote:
> > You may find this
See also, regional maps here. Thanks to CAIDA and the IODA project.
On Mon, Feb 15, 2021, 5:54 PM Sean Donelan wrote:
> Not as bad as Myanmar (14%), Internet connectivity in Texas has been
> declining today. According to NetBlocks, which normally monitors
The 501c(4) nonprofit entity which controls the Texas grid. They've been
publishing load shedding updates.
On Mon, Feb 15, 2021, 5:07 PM Randy Bush wrote:
> > From the latest update it sounds like rolling power outages in Dallas as
> > most places in Texas
I have now heard from two reliable sources that Infomart Dallas is
presently on generator, and is likely to remain so until the cold
weather/electrical supply emergency in Texas has abated. No network impact
I am running what I believe to be the first RIPE Atlas probe on a Starlink
beta test terminal.
When searching the index of public probes I did not find any other probes
with "spacex" or "starlink" in the descriptions.
This probe is at present not contained
You don't, you wastefully assign a /24 to every unique thing that you think
needs an internal management IP block (even if there's 5 things that answer
pings there), and decide it's too much work to renumber things. Easy for a
big ISP that's also acquired many small/mid-sized ISPs to run out of v4
One common cause of this issue is entities out there that have very old
'bogons' filters in place for the larger block, as an entire /8, /12 to /16
size of space that, many years ago, was unallocated space. Without getting
the end point organizations running the httpd, firewalls or whatever to fix
I thought about posting this to only NANOG, but since a great concentration
of beta testers of a technical/network engineering inclination are located
in the Pacific NW, decided to also include the SIX chat list.
You may have seen the Starlink android or ios consumer-friendly app, which
This might be a long shot, but if there is anyone out there with a system
that has one of these in it, running a very recent Linux kernel:
I'm looking for a copy of the output from 'dmesg' on boot and
> How many other Belize defuncts do they have? How many offshore countries
like Belize are there in the region?
Based on my cursory knowledge of offshore corporate registrations in
Belize, Panama and the Cayman Islands, identifying those locations which
are only mailboxes versus actual business
Additionally, examples of impersonating a corporate entity to acquire
unused IP space (Erie Forge and Steel's /16, anyone?) undoubtedly fall
under existing, pre-internet interstate commerce fraud laws...
Organizations that I have seen doing as you describe, because they ran out
of RFC1918 IP space, are also often using their existing private IP space
wastefully in the first place. Rather than using DoD /8s internally, if
they absolutely need to support v4-only equipment on their internal
Googling "Rob Monster Epik" will tell you just about everything you need to
know about that organization.
On Wed, Jan 13, 2021 at 3:42 PM Matt Corallo wrote:
> In case anyone thought Amazon was being particularly *careful* around
> their enforcement of Parler's ban...this is from
> today on
The massive 911 failure in WA state a few years ago was ultimately caused
by a failure in CenturyLink/legacy qwest transport equipment, where the
PSAP register was physically located in Colorado and inaccessible from the
point of view of network equipment in WA.
On Tue, Dec 29, 2020, 1:19 PM
>From a few days ago. Obviously centralizing lots of ss7/pstn stuff all in
one place has a long recovery time when it's physically damaged. Something
to think about for entities that own and operate traditional telco COs and
their plans for disaster recovery.
Here is the latest update:
Perhaps I should have clarified: "from the perspective of persons who have
the word "Sales" in their job titles, considered to be impressive looking
for customer tours"
On Wed, Dec 16, 2020 at 4:25 PM Randy Bush wrote:
> > In the traditional sense, by "showpiece NOC" I mean a room designed for
> *From:* NANOG *On Behalf Of *Eric
> *Sent:* Wednesday, December 16, 2020 3:50 PM
> *To:* firstname.lastname@example.org list
> *Subject:* Are the days of the showpiece NOC office display gone forever?
> With the covid
With the covid19 situation, obviously lots of ISPs have their NOC personnel
working from home, with VPN (or remote desktop) access to all the internal
tools, VoIP at home, etc.
In the traditional sense, by "showpiece NOC" I mean a room designed for the
purpose of having large situational
'cacti' isn't really a monolithic thing. Ultimately it's a gui front end
for rra files and rrdtool. If one chooses not to go down the route of disk
space intensive but lossless time series database interface metric storage
(influxdb or similar), we are talking about what level of detail is lost
Anyone that has used a recent version of OpenNMS has probably noticed that
the default home page view now includes an openstreetmap based view of
node/device status, by geographical location.
Section 18.3 here:
I presume that the biggest telcos, cable MSOs and such in the Phoenix
region already operate PNIs with each other, so the real question would be
what population of ISPs and how much traffic would go across an IX if you
subtract the top-six largest last mile service providers.
On Tue, Nov 10,
Always a good time for network operators to consider the risks of having
any one person as a single point of failure for something kind of important:
Disaster recovery and continuity of business plans should always include
the concept of what if some
The press release doesn't reference at all, but Aeronet (the largest WISP
in Puerto Rico, and an operator of gigabit class service in MDUs) has been
testing Facebook/Terragraph 802.11ay 60 GHz based, point to multipoint last
mile stuff for a while now. Very short range, high speed, high capacity.
If we're talking about whitebox router and ipifusion, what we're really
talking about is vyatta/vyOS and the linux foundation DANOS stuff on an
ordinary x86-64 server that has a weird shape.
If building a lower end/low cost router this is absolutely a consideration.
In single socket regular ATX form factor, and products in the price range
of $165 for a motherboard and $250-400 price range for a CPU.
Comparing the PCI-E lanes available on an Intel Core i7 series to something
In addition to Jared's advice, I would recommend calculating PCI-Express
bandwidth bus points for whatever platform one is using.
For instance using the Intel X710-DA4, which could be capable in a maximal
scenario of 80Gbps of traffic, ensure it's in at least a PCI-E 3.0 x4 slot.
I think he means packet captures from an example, voluntarily-tested
recursive nameserver subject to this attack.
On Wed, Oct 14, 2020 at 11:53 AM Casey Deccio wrote:
> Hi Bryan,
> > On Oct 14, 2020, at 12:43 PM, Bryan Holloway wrote:
> > I too would like to know more about their
t; Midwest Internet Exchange <http://www.midwest-ix.com/>
> The Brothers WISP <http://www.thebrotherswisp.com/>
; The Brothers WISP <http://www.thebrotherswisp.com/>
>> *From: *"Eric Kuhnke"
>> *To: *"
For small ISPs looking at setting up their first ever presence at an IX
point, you almost certainly would not be ordering an actual 'wave' (eg: a
specific DWDM channel on a legacy 10G DWDM platform, handed off to you with
1310/LX interfaces at both ends), but lit layer 2 transport service between
On Tue, Oct 13, 2020 at 7:50 PM Chris Adams wrote:
> Once upon a time, Eric Kuhnke said:
> > Considering that one can run an instance of an anycasted recursive
> > nameserver, under heavy load for a very large number of clients, on a
> > 1U server these days.
; I don't have any particular insights for Telus, but there is a huge thread
> about bypassing Bell ONTs on DSLReports:
> On Oct 13 2020, at 9:38 pm,
Aside from the BCPs currently being discussed for ingress filtering, I
would be very interested in seeing what this traffic looked like from the
perspective of your DNS servers' logs.
I assume you're talking about customer facing recursive/caching resolvers,
and not authoritative-only
With the growth of gigabit class single fiber GPON last mile services, I
imagine a number of people reading the list must have subscribed to such by
Something that I have observed, and shared observations with a number of
colleagues, is that very often a person who works for ($someAS) lives
I guess he never saw a Juniper M40, it's literally an i686/x86 32-bit
motherboard for the routine engine, glued to a chassis with linecards
containing custom ASICs and optics. As I recall it was a moderate speed
Pentium 2 with some average amount of RAM and a 2.5" 44pin ATA66 laptop
Over the past week I think I've seen about 20 to 30 photos of burnt out
communications sites in Oregon and California.
Due to the often remote and unstaffed nature of many of these sites,
there's a natural tendency for brush, shrubs, grass and small trees to grow
close to the tower compounds on
There's a number of enterprise end user type customers of 3356 that have
on-premises server rooms/hosting for their stuff. And they spend a lot of
money every month for a 'redundant' metro ethernet circuit that takes
diverse fiber paths from their business park office building to the local
This is what happens when the design of 'god power' automation tools
doesn't take into account the concept of blast radius. It might be more
inconvenient to internally partition automated change management systems,
but it can also limit the effect of automation tools gone awry.
With common Ku band TVRO (receive only) dishes and decoders, one of the
constraints for moving to higher bitrates is the physical sizes of the
customer dish and economics.
For a good example go to a very densely populated developing nation
environment. Saddar, central Rawalpindi, Pakistan would
station in Mogadishu had a similar effect.
On Tue, Jul 7, 2020 at 1:45 AM Mark Tinka wrote:
> On 7/Jul/20 10:07, Eric Kuhnke wrote:
> > The most noteworthy thing I'm seeing in C band these days, is many
> > customers formerly 100% reliant upon it shifting their traff
The most noteworthy thing I'm seeing in C band these days, is many
customers formerly 100% reliant upon it shifting their traffic to newly
built submarine fiber routes.
On Mon, Jul 6, 2020, 11:51 PM Denys Fedoryshchenko <
> On 2020-07-07 08:32, Eric Kuh
ut in kbps each direction, but entirely
dropping a link is rare.
On Mon, Jul 6, 2020 at 9:40 PM Denys Fedoryshchenko <
> On 2020-07-07 06:48, Eric Kuhnke wrote:
> > This is why adaptive coding and modulation systems exist. Also dynamic
> > ch
This is why adaptive coding and modulation systems exist. Also dynamic
channel size changes and advanced computationally intensive FECs.
You don't think people working on microwave band projects above 10GHz with
dollar figures in the hundreds of millions are unaware of basic rain fade
For Africa take a look at Liquid Telecoms and WIOCC. If your target market
is more specifically west african, look at the ISPs which have major POPs
in Accra and Lagos.
For east africa, Kenya/Tanzania, and those with good connectivity from
Kenya to Djibouti and into the UAE (via Fujairah).
Serious HFT moved to shortwave years ago. The chicago-NYC routes by
microwave still exist, but are only for things that need higher data rates
(as measured in kbps). It's hard to hide a giant log-periodic or yagi-uda
antenna. The sites near Chicago that are aimed at London are well known to
What does it look like if you snmpwalk it, numeric option, from the root of
the snmp tree?
Even in the total absence of a MIB with descriptions I bet some community
members could make good educated guesses as to which discrete OIDs are the
voltages, RSL values, temperatures, and other critically
I'm looking to get in touch with somebody in network engineering at
AS60725. Please contact me off-list.
Ask for 1 or 10Gbps DIA at increasingly more difficult and preposterous
locations, such as Dead Horse, Alaska (the North end of the Alaska
pipeline, at the Arctic ocean) or Konduz, Afghanistan.
On Wed, Mar 25, 2020, 2:54 PM Shawn L via NANOG wrote:
> And here I actually went to their website
If you intend to fully self host something, the full mediawiki software
that runs the back end of wikipedia is suitable. It's entirely composed of
BSD/GPL/Apache licensed software. If you have any persons who are competent
at administering and customizing stuff on normal LAMP stack servers it
For those ISPs who have high-capacity DIA/IP transit circuits (10Gbps+)
feeding major corporate campuses, I'm curious what the traffic charts M-F
look like compared to previous weeks. Particularly for what time it begins
to rise sharply in the morning, and the daily peak value. I have a theory
For those who don't follow Canadian ISP mergers/acquisitions, Q9 was
acquired by Bell (AS577) in 2016. Not sure to what extent they've been
integrating its network into the larger nationwide Bell network.
On Tue, Mar 3, 2020 at 10:26 AM Clinton Work wrote:
> It looks like the former Allstream
Chris Caputo posted the following to the SIX mailing list a few days ago. I
think this really shows Bill in action, helping a new IX get set up. He
will be missed.
Bill Manning died unexpectedly this morning, January 25th, at his home.
It was Bill's presentations on June 5th, 1997 at NANOG in
It would be really hard to quantify antarctic IPs as actually being from
there. I know some of the people who've operated the geostationary links to
McMurdo and to the pole (inclined orbit satellite visible only part of the
Their WAN links go through geostationary transponder capacity and
I have two separate entries for sets of phone numbers/email addresses,
associated with my name, that must be in Cogent's CRM system as cold leads.
About every six months I am contacted by a new person whom I've never heard
of before. My theory is that each newbie Cogent sales rep has been
The really scary and not uncommon thing now is for unethical recruiters to
take your CV from somewhere, copy/paste it into their own word processing
software, and start editing things in it (and removing your direct contact
information) without permission from yourself, and send it onwards to
The laws of thermodynamics dictate that near 100% of the electricity
consumed by a piece of equipment (let's use a high powered 2RU size router
as an example) comes off as heat. Unless it's doing mechanical physical
work like lifting a load or spinning a fan. Some infinitesimal portion
For people running public facing httpd, it is also worth noting that the
population of old browser useragents that don't understand TLS1.2 is under
half of one percent.
There's very little risk or impact these days to only accepting TLS1.2 in
Apache2 or nginx configuration everywhere.
I think this thread might be a perfect example that when an organization
reaches a sufficiently large size, one part of its engineering/operations
team may no longer be fully aware of what other work groups are doing.
Definitely a structural challenge for ISPs that span very large
The vast majority of Iranian ISPs' international transit connectivity is
through AS12880 DCI , which is a government run telecom authority. Google
"AS12880 DCI Iran" for more info. DCI is also responsible for layer 2
transport and DWDM services for smaller downstream ISPs, on other
The OUI prefixes that are Intel, Dell, HP, Supermicro and other x86-64
hardware vendors are almost certainly people running BIRD, FRR or similar
on commodity hardware. In which case the actual routing configuration could
be almost anything, those just happen to be the PCI-Express NICs in some
Seems logically similar to the reason why there are landing stations, but
no noteworthy datacenters on the Oregon coast. Everything goes in various
ring topology paths to Hillsboro/Portland. And routes that go more directly
east to meet the fiber huts on long haul routes Portland-Sacramento.
Many others have already recommended these, but I suggest installing test
VMs of both phpipam and nipap and seeing which works best for your use
NIPAP has fairly extensive tools supporting automation for provisioning.
phpipam has a few additional functions on top of only ip address
Another copper cable considered a "gold standard" for outdoor shielded +
9th ESD drain and ground wire, intended for long term rooftop and tower
installation is Shireen. There's a variety of types.
On Wed, Aug 14, 2019 at 6:30 PM Brandon Martin
I would begin by referencing the grounding section here:
Of utmost importance is that everything is bonded to the same potential.
This means that if they have stuff on a roof, outdoor antennas or APs,
> 4) Filing a "fraud request" with ARIN is a serious step and one that
could quite conceivably end up with the party filing such a formal
report being on the business end of lawsuit, just for having filed
such a report.
What makes you think that the sort of persons who
I am not certain on the value of having 1GbE interfaces natively on a $25k
plus router in the year 2019. Pair the router with a nice 1RU 1/10GbE
switch installed directly next to it with full metro Ethernet layer 2
Anything that needs a 1GbE inteface, attach it to that switch, give
A CDN is a hosting company. It is the logical continuation and evolution of
what an httpd hosting/server colo company was twenty years ago, but with
more geographical scale and a great deal more automation tools.
I have never in my life seen a medium to large-sized hosting company that
In a remote area in northern africa if there are no terrestrial ISPs, and
there is no budget to build towers for PTP microwave, I don't know if there
are any reasonable options.
If sufficient funds did exist, my recommendation, if they really want true
diversity between two totally different
Without being more specific on what geographic region you want to serve, in
terms of ISPs, it's hard to say.
If you look at submarine cable topology at layer 1, and BGP sessions, AS
adjacencies between ISPs: Freetown, Sierra Leone and Monrovia, Liberia are
suburbs of London, UK.
o tools like
> the bgp.he.net tool, etc.
> AS20175 Birch Communications Inc. doesn't appear to be doing much of
> There's also this, which is one of their earlier acquisitions:
There's also this, which is one of their earlier acquisitions:
On Tue, Jun 18, 2019 at 12:42 AM TJ Trout wrote:
> wrong fusion on peering db
> On Mon, Jun 17, 2019 at 10:35 PM Eric Kuhnke
>> Hey all,
I'm looking for any info that might be publicly available regarding
intentions to merge the Primus ASN into Birch/Fusion Network, or whether it
will remain its own thing.
Primus acquired by Birch:
I would talk to the SWITCH NAP sales people in Las Vegas. They're a
datacenter/colo/rack and power place, but every worthwhile last mile,
facilities based fiber provider in the Vegas metro area likely has a POP in
This would mean they could put you in contact with the carrier
After attempting several times, and failing to get something resembling a
real RFO from your first tier customer support/ticket answering staff, I am
now looking for a person in a position of responsibility at voip.ms.
Please contact me off list.
I would caution against putting much faith in the validity of geolocation
or site ID by reverse DNS PTR records. There are a vast number of
unmaintained, ancient, stale, erroneous or wildly wrong PTR records out
there. I can name at least a half dozen ISPs that have absorbed other ASes,
1 - 100 of 232 matches
Mail list logo