Re: What say you, nanog re: Starlink vs 5G?

2022-06-27 Thread Eric Kuhnke
If one watches the activity in the tower/outside plant construction side of things, Dish recent went into a burst of activity in hiring tower contractors and signing leases on monopoles, towers and other sites in a "use it or lose it" necessity to have *some* sort of LTE radios actually mounted,

Re: What say you, nanog re: Starlink vs 5G?

2022-06-23 Thread Eric Kuhnke
Pretty much, with the addition that 10900 MHz to 12700 MHz has for a very long time been historically reserved for Ku-band one-way and two-way satellite data services talking to geostationary satellites. The only thing that SpaceX is doing new here is talking to moving LEO satellites with their

Re: cf is down?

2022-06-21 Thread Eric Kuhnke
Massive spike in consumer facing services reported as broken by downdetector, almost all are likely cf customers. See downdetector homepage. On Mon, Jun 20, 2022, 11:54 PM Dmitry Sherman wrote: > > > > > > > *Dmitry Sherman* > > Interhost Networks > > *T:* > > *+972.74.702.9881* > > *M:* > >

Re: Serious Juniper Hardware EoL Announcements

2022-06-14 Thread Eric Kuhnke
When I last got pricing on the MX10003 in fall 2021, I was asked if I wanted pricing on something with exclusively 100GbE interfaces or with 10GbE capability. I got pricing for both options. Putting SFP+ 10GbE ports in a router of that total chassis+RE+linecard+support contract price is an

Re: Serious Juniper Hardware EoL Announcements

2022-06-14 Thread Eric Kuhnke
I think the more common solution for something like that would be to use one 100GbE port as a trunk on a MX204 or MX304 to a directly adjacent 1U 48-port SFP+ switch in a purely L2 role used as a port expander, with dwdm/bidi/other unique types of SFP+ optics inserted in that. On Tue, 14 Jun

T-Mobile USA network operations

2022-06-10 Thread Eric Kuhnke
Your data roaming in the Pacific Northwest with the Bell/Telus network is 95% broken at present. UDP works. QUIC works (such as to use Chrome on a mobile device to do something with Google). Ordinary port 53 DNS resolution works. TCP is entirely broken. After a considerable amount of time, I

Re: Aftermarket switches that were manufactured in any sort of quantity?

2022-06-09 Thread Eric Kuhnke
send staff with experience in the electronics manufacturing industry to every year's Computex Taipei and speak with the manufacturers in person. On Thu, 9 Jun 2022 at 11:39, Saku Ytti wrote: > On Thu, 9 Jun 2022 at 21:21, Eric Kuhnke wrote: > > > To paraphrase someone else, I would hig

Re: Aftermarket switches that were manufactured in any sort of quantity?

2022-06-09 Thread Eric Kuhnke
To paraphrase someone else, I would highly recommend that all my competition use Fiberstore switches. This is based on direct experience with them. On Thu, 9 Jun 2022 at 10:03, Rafael Possamai < rafael.possa...@bluebirdnetwork.com> wrote: > This may sound bad at first but look into FS.com if

Re: FCC proposes higher speed goals (100/20 Mbps) for USF providers

2022-06-08 Thread Eric Kuhnke
At this point I don't think we can reasonably expect something like an online purchased game from the Microsoft store for somebody's new Xbox Series X to *not* be a 150GB download. There's a number of games out there like that. And if people only have 25 to 50Mbps downstream they absolutely will

Re: Anyone on list from Zayo about possible router issue?

2022-06-03 Thread Eric Kuhnke
There was a massive Zayo-maintenance-caused inter city fiber cut in the Pacific Northwest yesterday. I can't say more but I'm sure if you're a direct Zayo customer on the affected routes you can get *some* sort of RFO. On Fri, 3 Jun 2022 at 12:59, David Gianndrea wrote: > Hello all, > > > >

Re: FCC proposes higher speed goals (100/20 Mbps) for USF providers

2022-05-29 Thread Eric Kuhnke
This is going to be very painful and difficult for a number of DOCSIS3 operators, including some of the largest ISPs in the USA with multi-millions of subscribers with tons of legacy coax plant that have no intention of ever changing the RF channel setup and downstream/upstream asymmetric

Looking for an Amazon Cloudfront contact

2022-04-06 Thread Eric Kuhnke
It looks like I may have a range of recently put into use residential symmetric gigabit last mile IP space that's being filtered/blocked at the application level. Please contact me off-list.

Re: RFC 9225 - Software Defects Considered Harmful

2022-04-01 Thread Eric Kuhnke
If there's a bug in an ISP's implementation of RFC2549 carrier 'equipment', is that considered a software bug, hardware, or subject of ornithological research? On Fri, 1 Apr 2022 at 10:40, Job Snijders via NANOG wrote: > Hi all, > > It's super official now: no more software bugs in networking

Re: Cogent ...

2022-04-01 Thread Eric Kuhnke
I have a morbid curiosity what their CRM system looks like, and how many entries are in it and what their internal notes/work flow looks like. This opinion is formed from the external perspective of being a person who is a very cold sales lead and yet continues to be occasionally called by a new

Re: ISP data collection from home routers

2022-03-25 Thread Eric Kuhnke
yes, because otherwise the contention (it's a shared access media, after all) and RF channel bonding/allocation wouldn't work. Configuration depends on what the exact CMTS configuration is on your last mile coax segment. however it's also possible to have the cable MSO push an update to

Re: WP: Russian military behind hack of satellite communication devices

2022-03-25 Thread Eric Kuhnke
Point to multipoint / TDMA contended access VSAT hub and CPE networks are well known for not having much security. In many setups the remote CPE modems, which are built from a fairly cheap BOM of hardware, implicitly trust the hub linecard. Have seen this with 3 different vendors' platforms. I'd

Re: "Permanent" DST

2022-03-15 Thread Eric Kuhnke
That is true but at present everything business related in BC has a clear expectation of being in the same time zone as WA/OR/CA, and AB matches US Mountain time. On Tue, 15 Mar 2022 at 13:35, Paul Ebersman wrote: > eric> If Canada doesn't do the same thing at the same time, it'll be a > eric>

Re: "Permanent" DST

2022-03-15 Thread Eric Kuhnke
If Canada doesn't do the same thing at the same time, it'll be a real hassle, dealing with a change from -8 to -7 crossing the border between BC and WA, for instance. It has to be done consistently throughout North America. On Tue, 15 Mar 2022 at 12:35, Jay R. Ashworth wrote: > The bill is

Re: Russia attempts mandating installation of root CA on clients for TLS MITM

2022-03-11 Thread Eric Kuhnke
-- > On Friday, March 11th, 2022 at 1:34 PM, Eric Kuhnke > wrote: > > Considering that 99% of non-technical end users of windows, macos, > android, ios client devices *have no idea what a root CA is,* if an > authoritarian regime can mandate the installation of a government-run r

Re: Russia attempts mandating installation of root CA on clients for TLS MITM

2022-03-11 Thread Eric Kuhnke
eady going down that path. > > PS: opinions and statements, like the above, are my very own personal take > or opinion. Nothing I say should be interpreted to be my employer's > position, nor be supported by my employer. > > On 3/10/22, 7:38 PM, "NANOG on behalf of Sean Donelan

Russia attempts mandating installation of root CA on clients for TLS MITM

2022-03-10 Thread Eric Kuhnke
https://bugzilla.mozilla.org/show_bug.cgi?id=1758773 I think we'll see a lot more of this from authoritarian regimes in the future. For anyone unfamiliar with their existing distributed DPI architecture, google "Russia SORM".

Re: Starlink terminals deployed in Ukraine

2022-03-02 Thread Eric Kuhnke
I'm aware of the qualifications and level of knowledge in network security/cryptography that they hire for positions in Redmond at Starlink R They are quite picky about who they hire. Highly doubt that anything that a 3rd party can do from outside of SpaceX's network is going to gain admin

Starlink terminal visual camouflage tests vs improvised fabric materials

2022-03-02 Thread Eric Kuhnke
I have just completed some very unscientific tests of DIY camouflage materials vs a starlink terminal. Obviously there is a lot of possible discussion that is possible about spectrum analyzers, direction finding, jammers, etc within the context of what's going on in Ukraine right now. All very

Re: Starlink terminals deployed in Ukraine

2022-02-28 Thread Eric Kuhnke
As of right now >90% of the starlink satellites in orbit function in what we would call a bent pipe topology, where a moving LEO satellite at any given moment in time needs to be simultaneously in view of a starlink-run earth station and the CPE. They have been launching satellites with

Re: Russian aligned ASNs?

2022-02-25 Thread Eric Kuhnke
The four LTE (3GPP rev-whatever) based networks in Afghanistan are all still operational. Roshan, AWCC, MTN, Etisalat. In .AF the line between ISP and MNO is very blurry since 98% of internet using customers do not have fixed line service at home or office and use a mobile network instead. These

Re: 40G QSFP+ to 4 SFP+ on MX960

2022-02-24 Thread Eric Kuhnke
I would go as far to say that even if somebody gives you *free* 40G equipment in the year 2022 you shouldn't use it, because it's a technological dead-end and becomes a huge bother when you need to interface with some newly purchased device on the other end of the 40G circuit. There's a reason

Re: Amazon peering revisited

2022-02-05 Thread Eric Kuhnke
For those persons who have not received an answer from the Amazon peering email addresses, or a BGP session with traffic actually flowing across it... Obviously Amazon does not share their own traffic volume criteria for selecting a peer vs. sending traffic to them over a giant IP transit

Re: [EXTERNAL] Re: Flow collection and analysis

2022-01-27 Thread Eric Kuhnke
Not at all, what I'm recommending is that people who develop something that is specialized (like netflow analysis software) don't need to expend the person-hours and extensive development time to implement something that has already been better implemented by people who are httpd specialists. The

Re: [EXTERNAL] Re: Flow collection and analysis

2022-01-27 Thread Eric Kuhnke
ady exists. It's a one page size configuration file in nginx. On Wed, 26 Jan 2022 at 05:17, Laura Smith via NANOG wrote: > ‐‐‐ Original Message ‐‐‐ > > On Wednesday, January 26th, 2022 at 11:08, Eric Kuhnke < > eric.kuh...@gmail.com> wrote: > > > elastiflow

Re: [EXTERNAL] Re: Flow collection and analysis

2022-01-26 Thread Eric Kuhnke
elastiflow is extremely easy to run on an httpd listening only on localhost and proxy behind a simple nginx TLS1.2/1.3 only configuration listening on port 443. as are a number of other tools. On Tue, 25 Jan 2022 at 16:06, Laura Smith via NANOG wrote: > On Tuesday, January 25th, 2022 at

Re: Coverage of the .to internet outage

2022-01-20 Thread Eric Kuhnke
If you're a small pacific island nation state with a limited budget, and a working submarine cable, maintaining a SCPC geostationary satellite service that might be $20,000 a month (on 36-60 month term) in transponder kHz may seem like a very large ongoing expense. Ideally it would be possible to

Open source mapping of US high voltage electrical grid

2022-01-15 Thread Eric Kuhnke
Possibly of interest for network operators who have inter-city circuits, where the underlying carrier is something on OPGW fiber in high voltage lines. These people seem to be making an effort at mapping out high voltage lines, hydroelectric dams, substations, etc. https://openinframap.org

Re: Carrier Options in Hong Kong

2021-12-18 Thread Eric Kuhnke
I think the biggest difference between what the IP transit providers have described is that PCCW is also a major middle-mile and last-mile provider in Hong Kong. You'll find their 100Mbps to gigabit class end user service in apartments, condos and office buildings throughout the city. The non-HK

Re: SentryPeer: A distributed peer to peer list of bad IP addresses and phone numbers collected via a SIP Honeypot

2021-11-24 Thread Eric Kuhnke
Anecdotally, anyone that's had reason to manually go through logs for port 5060 SIP for any public facing ipv4 /32 will see the vast amounts of random "things" out there on the internet trying common extension password combos to register. It's been a large amount of background noise on the

Quantifying the customer support and impact of cgnat for residential ipv4

2021-11-21 Thread Eric Kuhnke
Looking for anecdotal examples of the following: If you put N number of individual DHCP client residential broadband customers behind cgnat for ipv4, what percent of customers contact support and become a support/troubleshooting case later. And what percent of customers have a significant

Re: verizon fios, northeast, routing issues?

2021-10-09 Thread Eric Kuhnke
alter.net is just the legacy RDNS for things in AS701 (uunet). Nothing weird there. https://en.wikipedia.org/wiki/UUNET On Sat, Oct 9, 2021 at 1:46 PM Miles Fidelman wrote: > Any Verizon folks here? > > I've been having some rather weird network issues lately - just reading > email via IMAP,

Re: massive facebook outage presently

2021-10-04 Thread Eric Kuhnke
I am starting to see reports that in ISPs with very large numbers of residential users, customers are starting to press the factory-reset buttons on their home routers/modems/whatever, in an attempt to make Facebook work. This is resulting in much heavier than normal first tier support volumes.

Re: massive facebook outage presently

2021-10-04 Thread Eric Kuhnke
App and Instagram. Twitter users nationwide agree anecdotally. > > What I’m getting is DNS failure. > > -George > > Sent from my iPhone > > On Oct 4, 2021, at 9:07 AM, Eric Kuhnke wrote: > >  > https://downdetector.com/status/facebook/ > > Normally not worth mentio

massive facebook outage presently

2021-10-04 Thread Eric Kuhnke
https://downdetector.com/status/facebook/ Normally not worth mentioning random $service having an outage here, but this will undoubtedly generate a large volume of customer service calls. Appears to be failure in DNS resolution.

What happens when you don't validate/scrub data on input from whois

2021-09-28 Thread Eric Kuhnke
https://research.securitum.com/fail2ban-remote-code-execution/ What happens if you put the following in your whois entry: drop table prefixes; Or anything similar... https://xkcd.com/327/

Re: EXTERNAL: Re: VoIP Provider DDoSes

2021-09-28 Thread Eric Kuhnke
For those persons with voip.ms accounts, the DDoS-protected servers are in their control panel with a green checkmark next to them as recommended servers. Now it looks like part of the DDoS has shifted to bandwidth.com. On Mon, Sep 27, 2021 at 4:40 PM Mike Hammett wrote: > It seems like

Re: IPv6 woes - RFC

2021-09-23 Thread Eric Kuhnke
The DMCA notices for that single ipv4 /32 must be interesting. On Thu, Sep 23, 2021 at 11:35 AM Colton Conor wrote: > 300 apartments Mark. No, it's bulk internet and wifi so a single provider. > > On Wed, Sep 22, 2021 at 8:01 PM Mark Andrews wrote: > > > > And how many apartments where

Re: VoIP Provider DDoSes

2021-09-21 Thread Eric Kuhnke
Unlike http based services which can be placed behind cloudflare or similar, harder to protect sip trunking servers. The provider in question makes use of third party hosting services for each of their cities' POPs. It is my understanding that for the most part they do not run their own

Re: Xfi Advances Security (comcast)

2021-09-10 Thread Eric Kuhnke
r “smarts” in the cable modem doing odd things to my traffic, the > better. > > Owen > > > On Sep 10, 2021, at 10:40 , Eric Kuhnke wrote: > > I know this is not a solution to your problem, but I have found myself > more often running the public interface of openvpn systems on p

Re: Xfi Advances Security (comcast)

2021-09-10 Thread Eric Kuhnke
I know this is not a solution to your problem, but I have found myself more often running the public interface of openvpn systems on port 443. Any sufficiently advanced DPI setup will be able to tell that it's not quite normal https traffic. But 99% of the time it seems to serve the purpose of

Re: if not v6, what?

2021-09-07 Thread Eric Kuhnke
The vast majority of LTE based last mile users in developing nation environments (where maybe less than 5% of people have residential wireline broadband to their residence) are already behind a cgnat. In many places it's actually an anomaly and weird for a person to desire, or be able to afford,

Re: Hurricane Ida updates

2021-09-04 Thread Eric Kuhnke
During the peak of the rain storm in NJ+NY (see flooding deaths referenced in previous email), the wireless emergency alert systems were sending, simultaneously: 1) TORNADO WARNING SEEK SHELTER NOW GO TO BASEMENT [1] 2) FLOOD WARNING SEEK HIGH GROUND GET OUT OF BASEMENTS [2] 1:

Re: Telecommunications network drafting software

2021-09-01 Thread Eric Kuhnke
For logical diagrams of networks, on MacOS, I recommend Omnigraffle. On Wed, Sep 1, 2021 at 2:36 PM Etienne-Victor Depasquale via NANOG < nanog@nanog.org> wrote: > Hello folks, > > Would you care to share some pointers to drafting software which you use > to draw up architectural drafts (for

Re: PeerinDB refuses to register certain networks [was: Setting sensible max-prefix limits]

2021-08-22 Thread Eric Kuhnke
son* > Consultant, Infrastructure Services > [image: 1593169877849] > 100 - 135 Innovation Drive > Winnipeg, MB, R3T 6A8 > (204) 977-6824 or 1-800-430-6404 (MB only) > athomp...@merlin.mb.ca > www.merlin.mb.ca > > -- > *From:* NANOG on behalf

Re: PeerinDB refuses to register certain networks [was: Setting sensible max-prefix limits]

2021-08-19 Thread Eric Kuhnke
I agree with you in the utility of that, but sort of as a side topic... I wonder how many ASes are out there that have any significant volume of traffic/multi-site presences, but are exclusively 100% transit customers, do not have any PNIs at major carrier hotels, and are not members of any IX.

Re: russian prefixes

2021-07-30 Thread Eric Kuhnke
Is this done entirely in software? Looking at the PDF of the installation guide for this product the system seems to be an x86-64 network appliance motherboard in a 1U chassis from a vendor such as Lanner or similar. Any of the companies in Taiwan or China that make systems with eight, ten or

Re: russian prefixes

2021-07-30 Thread Eric Kuhnke
Does this include the ability to do something like an OOB/serial console, cabled into DWDM transport systems management interfaces, to 'admin down' the line facing optical interfaces on routes that go across the Russian border? How exactly is this "TSPU" implemented? On Thu, Jul 29, 2021 at

Re: T-Mobile RF contact

2021-07-15 Thread Eric Kuhnke
Have you tried the contact information on some of their FCC Part 101 (PTP microwave) licenses? All public data in the ULS, you can even download the whole thing (12-14GB pipe delimited CSV file, last I checked). On Wed, Jul 14, 2021 at 2:43 PM Sean Heskett wrote: > I realize this isn’t an RF

Re: Beta Starlink with a slight tree obstruction vs degraded DOCSIS3 last mile

2021-06-30 Thread Eric Kuhnke
eck to a > website? That would be better than ICMP, I think, since it would be more > user like. > > Josh Luthman > 24/7 Help Desk: 937-552-2340 > Direct: 937-552-2343 > 1100 Wayne St > Suite 1337 > Troy, OH 45373 > > > On Tue, Jun 29, 2021 at 9:02 PM Eric Kuhnke

Re: Beta Starlink with a slight tree obstruction vs degraded DOCSIS3 last mile

2021-06-29 Thread Eric Kuhnke
1 at 10:45 AM Matt Hoppes < > mattli...@rivervalleyinternet.net> wrote: > >> I don't know how you can be embarrassed when you have a pretty solid >> 30ms ping constantly, and Starlink has jitter all over the place and >> spikes as high as 280ms. >> >> I'll take the DOCSIS3 syste

Re: Beta Starlink with a slight tree obstruction vs degraded DOCSIS3 last mile

2021-06-29 Thread Eric Kuhnke
w how you can be embarrassed when you have a pretty solid > 30ms ping constantly, and Starlink has jitter all over the place and > spikes as high as 280ms. > > I'll take the DOCSIS3 system > > On 6/25/21 8:49 PM, Eric Kuhnke wrote: > > I thought I would post an interest

Beta Starlink with a slight tree obstruction vs degraded DOCSIS3 last mile

2021-06-25 Thread Eric Kuhnke
I thought I would post an interesting comparison between a degraded DOCSIS3 link, of a carrier that shall remain nameless to avoid embarrassing anybody, and a starlink CPE with a slight 1/12th tree obstruction in a portion of its view. First two screenshots are the docsis3, to its gateway and to

Re: Google uploading your plain text passwords

2021-06-11 Thread Eric Kuhnke
I think you have only found the tip of the iceberg of things that Chrome and Google does without your express consent. On Fri, Jun 11, 2021 at 9:48 AM William Herrin wrote: > On Fri, Jun 11, 2021 at 9:38 AM Jan Schaumann via NANOG > wrote: > > William Herrin wrote: > > > It turns out that

OSI layer 1 and revisiting labelmakers in the year 2021

2021-06-05 Thread Eric Kuhnke
I am still using a Dymo 4200 [1] which is generally okay. I am wondering if anyone or their field tech team has recently changed to a better label maker in terms of feature set, battery life/charging or label consumable cost. Surely there must be something better out there. Strong preference for

Re: New minimum speed for US broadband connections

2021-05-31 Thread Eric Kuhnke
Perhaps there should be some sort of harsher penalty for ILECs and other large near-monopoly last mile local carriers that outright lie on their form 477 data or take significant subsidy funds and then fail to build what they promised. Numerous states' attorney generals have gone after them on

Re: New minimum speed for US broadband connections

2021-05-31 Thread Eric Kuhnke
I think it has been true for many years that: a) a vast majority of residential gigabit/symmetric customers, or gigabit asymmetric (docsis3 500-1000 down, 16-50 up) no longer have a device in their home with a 1000BaseT port on it, or don't know if they do. in some cases literally the only cat5e

Re: New minimum speed for US broadband connections

2021-05-31 Thread Eric Kuhnke
Perhaps you may be unfamiliar with the business model of cities, counties or local PUDs running the fiber last mile network (at OSI layer 1) and providing ethernet transport/VLAN handoffs, installing the OLTs and ONTs, and third party ISPs using that network to provide IP, support, billing and

Re: Call for academic researchers (Re: New minimum speed for US broadband connections)

2021-05-31 Thread Eric Kuhnke
If one installs smokeping on a raspberry pi using a wired ethernet interface to a home router, on a DOCSIS3 residential last mile segment, and copies over a well chosen targets file for things to test, and sets it to a 60s interval, all other settings at default... It's quite rare to find a

Re: Call for academic researchers (Re: New minimum speed for US broadband connections)

2021-05-30 Thread Eric Kuhnke
An interesting question would be to quantify and do statistical analysis on the following: Take a set of 1000 or more residential last mile broadband customers on an effectively more-than-they-can-use connection (symmetric 1Gbps active ethernet or similar). On a 60s interval, retrieve SNMP

Re: link monitoring

2021-04-29 Thread Eric Kuhnke
t; > Sent from my iPhone via RFC1149. > > On Apr 29, 2021, at 2:32 PM, Eric Kuhnke wrote: > >  > The Junipers on both sides should have discrete SNMP OIDs that respond > with a FEC stress value, or FEC error value. See blue highlighted part here > about FEC. Depending on

Re: link monitoring

2021-04-29 Thread Eric Kuhnke
The Junipers on both sides should have discrete SNMP OIDs that respond with a FEC stress value, or FEC error value. See blue highlighted part here about FEC. Depending on what version of JunOS you're running the MIB for it may or may not exist.

Re: Myanmar internet - something to think about if you're having a bad day

2021-04-28 Thread Eric Kuhnke
) and their continuing development, etc. On Wed, Apr 28, 2021 at 11:03 AM Christopher Morrow wrote: > (I'm sure i'll regret this, but...) > > On Wed, Apr 28, 2021 at 1:48 PM Eric Kuhnke wrote: > >> It should be noted that Telenor has been one of the nationwide license >> holders

Re: Myanmar internet - something to think about if you're having a bad day

2021-04-28 Thread Eric Kuhnke
It should be noted that Telenor has been one of the nationwide license holders for 3GPP cellular bands in Pakistan for a long time, and has encountered the same issues with regional network shutdowns, and government orders to block certain netblocks or services. Not to the same extent as what's

Re: FCC fines for unauthorized carrier changes and consumer billing

2021-04-23 Thread Eric Kuhnke
Did the FCC ever collect its $50 million from "Sandwich Isles Telecommunications" for blatant fraud? At this scale I wonder how or why certain people are not in federal prison. https://www.google.com/search?channel=fs=fcc+sandwich+isles

Re: Submitting Fake Geolocation for blocks to Data Brokers and RIRs

2021-04-22 Thread Eric Kuhnke
I sincerely doubt that any actual *law* could be enforced against an ISP which is a legal entity in one location, yet has multiple discrete /23 or /24 blocks and without any obfuscation choose to announce them from multiple different geographic locations. Configurations where an AS has multiple

Re: Malicious SS7 activity and why SMS should never by used for 2FA

2021-04-19 Thread Eric Kuhnke
I would start with cellular carriers and nations that intentionally take steps to block anything VoIP as a threat to their revenue model. Or because anything vpn/ipsec/whatever related is a threat to local Internet censorship laws. Plenty of places the sort of ipsec tunnel used for vowifi is not

Re: Malicious SS7 activity and why SMS should never by used for 2FA

2021-04-18 Thread Eric Kuhnke
One of my main problems with SMS 2FA from a usability standpoint, aside from SS7 hijacks and security problems, is that it cannot be relied upon when traveling in many international locations. I have been *so many places* where there is just about zero chance of my T-Mobile SIM successfully

Malicious SS7 activity and why SMS should never by used for 2FA

2021-04-17 Thread Eric Kuhnke
https://lucky225.medium.com/its-time-to-stop-using-sms-for-anything-203c41361c80 https://krebsonsecurity.com/2021/03/can-we-stop-pretending-sms-is-secure-now/ Anecdotal: With the prior consent of the DID holders, I have successfully ported peoples' numbers using nothing more than a JPG scan of

Re: OOB management options @ 60 Hudson & 1 Summer

2021-04-15 Thread Eric Kuhnke
Before getting rid of the cellular based OOB, look into some more detail about exactly what LTE modems are in those. I've seen some remarkable results from equipment using the 600/700 bands (tmobile, verizon) for getting signal into deeply buried concrete structures. There's a lot of different

Re: My First BGP-Hijacking Explanation

2021-04-08 Thread Eric Kuhnke
If one follows the social media accounts of the Pakistan version of the FCC, nowadays they're just banning anything they find insulting or illegal in the local legal system, and ordering ISPs to null route big chunks of IP space. As an anecdotal data point, the only effect this has had is

Re: 10 years from now... (was: internet futures)

2021-03-29 Thread Eric Kuhnke
I am doing this right now. A starlink CPE is a fairly ordinary DIA link that exists in cgnat space from the perspective of whatever router you plug into it. The starlink indoor 'router' is optional. Whatever you plug into the high power PoE injector will be given a DHCP lease and a default route

Re: 10 years from now...

2021-03-29 Thread Eric Kuhnke
t > > jamming uplink > > frequencies, which will affect the service in whole region. > > And in the worst case, it will give reason to use anti-satellite weapons. > > > > > > On 2021-03-29 03:23, Eric Kuhnke wrote: > >> I would also concur that t

Re: 10 years from now... (was: internet futures)

2021-03-28 Thread Eric Kuhnke
compact cassegrain dish up there. Pretty typical thing already for embassies, the big difference would be that that they'll have more market options for high-throughput service. On Sun, Mar 28, 2021 at 10:18 PM Mark Tinka wrote: > > > On 3/29/21 02:23, Eric Kuhnke wrote: > > > &

Re: 10 years from now... (was: internet futures)

2021-03-28 Thread Eric Kuhnke
of life is paved > with flat squirrels who could not make a decision. > > >-Original Message- > >From: NANOG On Behalf Of > >Eric Kuhnke > >Sent: Sunday, 28 March, 2021 18:24 > >To: na...@jima.us > >Cc: nanog@nanog.org > >Subject: Re: 10 years

Re: 10 years from now... (was: internet futures)

2021-03-28 Thread Eric Kuhnke
I would also concur that the likelihood of Starlink (or a Oneweb, or Kuiper) terminal being used successfully to bypass the GFW or similar serious Internet censorship, in an authoritarian environment, is probably low. This is because: a) It has to transmit in known bands. b) It has to be located

Re: IP reputation lookup (prefix not single IP)

2021-03-25 Thread Eric Kuhnke
Nothing more than anecdotal evidence, when I last looked into the externally available network details on a number of low-budget VPS hosting companies... I would say that if anything, a person who really knows what they're doing operating a properly MX, will face more difficulties today than

Re: IP reputation lookup (prefix not single IP)

2021-03-25 Thread Eric Kuhnke
I think you will find that most SMTP / anti-spam focused RBL tools give a very similar result for IP reputation on a per /24 block basis, for any randomly chosen IP in the block, particularly where the /24 in question has previously been used and announced by a dedicated server/VPS/virtual server

Re: OT: Re: Younger generations preferring social media(esque) interactions.

2021-03-23 Thread Eric Kuhnke
For persons considering mattermost, I would recommend instead looking into a self hosted Matrix + Synapse (matrix protocol server daemon) setup, which is fully open source. https://en.wikipedia.org/wiki/Matrix_(protocol) Element is one typical GUI client for it, but there are many options.

Re: Perhaps it's time to think about enhancements to the NANOG list...?

2021-03-20 Thread Eric Kuhnke
It's one thing to use a GUI tool when it's convenient and quick. I think anyone that's ever experienced setting up a Unifi controller would probably prefer provisioning a new 802.11ac AP from the GUI rather than doing it manually at a command line. But it's another thing to consider that we have

Re: Perhaps it's time to think about enhancements to the NANOG list...?

2021-03-20 Thread Eric Kuhnke
In my opinion we have two very different types of 'contact me off list' things going on here. We have commercial solicitations and people looking to make contacts for buying transport circuits, capacity, etc. And then on the other hand we have 'contact me off list' asks related to network

Re: Perhaps it's time to think about enhancements to the NANOG list...?

2021-03-18 Thread Eric Kuhnke
Perhaps the sales, marketing and 'business development' people who've never typed "enable" or "configure" into a router a single day in their lives might be better served with a dedicated list that is mission focused on bizdev, and not operational issues. On Thu, Mar 18, 2021 at 3:29 PM Matthew

Re: an IP hijacking attempt

2021-03-17 Thread Eric Kuhnke
I would encourage anyone who is not familiar with the full situation to read the recent history of AFRINIC events: https://afrinic.net/ast/pdf/afrinic-whois-audit-report-full-20210121.pdf https://afrinic.net/20200826-ceo-statement-on-ip-address-misappropriation

Re: DPDK and energy efficiency

2021-03-05 Thread Eric Kuhnke
rian Knight wrote: > On 2021-03-05 15:40, Eric Kuhnke wrote: > > > For comparison purposes, I'm curious about the difference in wattage > > results between: > > > > a) Your R640 at 420W running DPDK > > > > b) The same R640 hardware temporarily booted from a

Microsoft Exchange zero day

2021-03-05 Thread Eric Kuhnke
ISPs/NSPs with customers running self hosted or on-premises Exchange may want to be aware of this. https://krebsonsecurity.com/2021/03/at-least-3-u-s-organizations-newly-hacked-via-holes-in-microsofts-email-software/

Re: DPDK and energy efficiency

2021-03-05 Thread Eric Kuhnke
For comparison purposes, I'm curious about the difference in wattage results between: a) Your R640 at 420W running DPDK b) The same R640 hardware temporarily booted from a Ubuntu server live USB, in which some common CPU stress and memory disk/IO benchmarks are being run to intentionally load

Re: DPDK and energy efficiency

2021-03-05 Thread Eric Kuhnke
s. On Fri, Mar 5, 2021 at 8:09 AM Tom Hill wrote: > On 05/03/2021 00:26, Eric Kuhnke wrote: > > A great deal of this discussion could be resolved by the use of a $20 > > in-line 120VAC watt meter [1] plugged into something as simple as a $500 > > 1U server with some of the DPDK-

Re: DPDK and energy efficiency

2021-03-04 Thread Eric Kuhnke
A great deal of this discussion could be resolved by the use of a $20 in-line 120VAC watt meter [1] plugged into something as simple as a $500 1U server with some of the DPDK-enabled network cards connected to its PCI-E bus, running DANOS. Characterizing the idle load, average usage load, and

Is there an established method for reporting/getting removed a company with 100% false peeringdb entries?

2021-03-04 Thread Eric Kuhnke
First, take a look at this: https://www.peeringdb.com/asn/18894 Now look at these (or use your own BGP table analysis tools): https://bgp.he.net/AS18894 https://stat.ripe.net/18894 The claimed prefixes announced, traffic levels and POPs appear to have no correlation with reality in global

Re: Famous operational issues

2021-02-23 Thread Eric Kuhnke
I would be more interested in seeing someone who HASN'T crashed a Cisco 6500/7600, particularly one with a long uptime, by typing in a supposedly harmless 'show' command. On Tue, Feb 23, 2021 at 2:26 PM Justin Streiner wrote: > An interesting sub-thread to this could be: > > Have you ever

Re: Famous operational issues

2021-02-20 Thread Eric Kuhnke
>From a datacenter ROI and economics, cooling, HVAC perspective that might just be the best colo customer ever. As long as they're paying full price for the cabinet and nothing is *dangerous* about how they've hung the 2U server vertically, using up all that space for just one thing has to be a

Re: Carrier Neutral Site - Freetown, Sierra Leone?

2021-02-19 Thread Eric Kuhnke
Sierra Leone is very much *not* French speaking, in the context of ISPs and telecom. There may be a significant minority of people who do speak French due to its regional proximity to other countries, for business, but the language of higher education, business, finance, telecom, real estate and

Re: Carrier Neutral Site - Freetown, Sierra Leone?

2021-02-18 Thread Eric Kuhnke
There is really no such thing since there is just the one cable landing station. I've previously spent months working in network infrastructure and telecom in Sierra Leone, contact me off-list if you're serious about getting something done there. On Thu, Feb 18, 2021 at 9:46 AM Rod Beck

Re: Famous operational issues

2021-02-18 Thread Eric Kuhnke
On that note, I'd be very interested in hearing stories of actual incidents that are the cause of why cardboard boxes are banned in many facilities, due to loose particulate matter getting into the air and setting off very sensitive fire detection systems. Or maybe it's more mundane and 99% of

Re: Viable Third Option?

2021-02-17 Thread Eric Kuhnke
In the context of Montreal, to clarify, when you say Zayo are you referring to Zayo Canada (former AT Canada/MTS-Allstream), or AS6461, the original Abovenet AS which is Zayo USA's IP transit network? On Wed, Feb 17, 2021 at 11:17 AM Eric Dugas via NANOG wrote: > The details you mentioned

Re: dumb question: are any of the RIR's out of IPv4 addresses?

2021-02-16 Thread Eric Kuhnke
That depends on your definition of grey market, there is an officially approved ARIN IP block transfer process for people who are buying, via brokers, discrete /24s and larger. On Tue, Feb 16, 2021, 4:46 PM Michael Thomas wrote: > > On 2/16/21 4:18 PM, Fred Baker wrote: > > You may find this

  1   2   3   4   >