Cloudflare contact?

I work with DuckDuckGo, and earlier today our macOS browser (which is currently available via the App store now) started getting caught by Cloudflare’s bot/fraud system. We did a fair amount of debugging, it appears to be some kind of browser/UA fingerprinting. This is happening for pretty much

AS3352

If anyone from AS3352 (Telefonica Espana) is on list, please contact me off-list. We’ve detected a problem with geolocation (possibly your resolvers) sending a lot of traffic to the west coast US when it should be going to Europe. Thanks John

Re: Congrats to AS701

Philly suburbs here, v6 is live for me. At home I use an Orbi router, just enabled v6 with autoconfig and got a native v6 WAN. So far looks good. Had to manually configure v6 DNS though. The only downside is the geolocation of my v6 IP is pretty bad. John Sent from my iPhone > On Jun 16,

Google Fi IPs

Feel free to contact me off-list if your associated with Google Fi. I’m trying to narrow down some IP abuse that I believe is coming from Google Fi mobile devices. The IPs are all coming up as generic Google LLC in whois, and they dont have any reverse DNS. I’m trying to see how I can confirm

Re: OVH datacenter SBG2 in Strasbourg on fire 

So your saying my “bot” dashboard should show a decrease in volume today? Interesting… I might run some stats today to see if there is a noticeable drop in Europe. -John > On Mar 10, 2021, at 10:53 AM, JORDI PALET MARTINEZ via NANOG > wrote: > > In addition to that, even if this is not good

Re: Texas internet connectivity declining due to blackouts

I just assumed most people in Texas have heat pumps- AC in the summer and minimal heating in the winter when needed. When the entire state gets a deep freeze, everybody is running those heat pumps non-stop, and the generation capacity simply wasn’t there. i.e. coal or natural gas plants have

Re: Parler

To be fair, AWS has existing contract/service clauses that are very very aggressive for termination. For example, if AWS contacts you regarding the hosting of CPEV, you have 24 hours to remove it and respond, if you dont - they immediately terminate the account. So the 24 hour warning for

Neustar Geo Location Data

Anyone here have experience with Neustar’s Geo Location database feed? And by experience, I mean, how reliable it is to reality? I ask because I’m in the early stages of a project, and my initial take is the data is terrible. I’ve stumbled across several (like a few hundred, and thats just in

CIDR cleanup

Sorry if this is slightly off-topic, but I am writing some code for a custom GeoDNS routemap. My starting data set is a raw list of /24 subnets, no prefix aggregation has been done. In other words, its the entire BGP routing table in /24 prefixes - tagged by Geo region. Each region is its own

Re: Orange : Propagating Bogus Saudi Telecom Announcement

Nice find Tom… > On Aug 24, 2020, at 3:11 PM, Tom Beecher wrote: > > Saudi Telecom ( AS 39386 ) is currently announcing Equinix NY9's IX prefix, > and Orange is gladly sharing that for the world to see. > > Zayo : You might want to not be using that either when you're directly > connected

Re: CloudFlare Issues?

Did anyone see any collateral damage from this outside of Cloudflare? Specifically Azure? I manage a very large site in Azure, and at the exact same time of the Cloudflare incident we saw a spike in traffic (like a DDoS or Bot), then followed by unusual hardware resource anomalies. We’re

Anyone from Airtel or Tata on list? DNS block issue on search engine

Starting yesterday, we’ve noticed the search engine DuckDuckGo being blocked via DNS in India. Specifically, users using Airtel or Tata DNS servers. Other search engines are fine (Bing, etc.,.). I know alot of blocking is occurring in India recently, but I think the net was incorrectly cast

Re: Network issues in Israel/Middle East

ttl=229 time=57.2 ms > ^C > > AWS Frankfurt > [root@cust-219-83-123 ~]# ping 3.120.0.0 > PING 3.120.0.0 (3.120.0.0) 56(84) bytes of data. > 64 bytes from 3.120.0.0 <http://3.120.0.0/>: icmp_seq=1 ttl=235 time=50.7 ms > 64 bytes from 3.120.0.0 <http://3.120.0.0/>

Network issues in Israel/Middle East

I know this is outside the scope of “North America”, but has anyone else been fielding more issues related to network health/congestion in the middle east, specifically Israel? Our users in Israel are primarily served from India-based resources (AWS/Azure), both of which have cloud capacity

Akamai/CDN rate limiting

Can someone from Akamai reach out off-list? I work for a major search engine (not google or bing) and we’re rolling out a new region. One of our upstream API partners is using Akamai CDN on the front end. When we tried an initial rollout of the region we started to get alot of connection

Any Bing engineers?

Seeing global latency issues to Bing search API…. -John

Cloudflare Contacts

traffic is proxied through a single IP, so its definitely high volume. We’ve never had an issue in other regions, but it could due to the sudden increase. Thanks John Von Essen

Major issues with Cloudflare DNS (specifically DNS-over-HTTPS)

Can someone from Cloudflare contact me off-list? I work for a major search engine (not Google) and starting yesterday, we are getting reports from around the world about a DNS issue. They are either not resolving our site, or they are getting incorrect resolution (i.e. the wrong IP). The

Re: Reminiscing our first internet connections (WAS) Re: akamai yesterday - what in the world was that

Similar…. In ’93 I had a 2400bps modem and an $40/month ISP dialup account for 10 hours a month - my Mac IIci was zooming! I quickly upgraded to 9600, then 14400, then 56k. I rocked the 56k till about 2003 - mind you all my email was over telnet/ssh/pine and websites in 2003 still worked

Re: Wikipedia drops support for old Android smartphones; mandates TLSv1.2 to read

There are really two arguments here. 1. TLSv1.0 is insecure and should never be used in an HTTPS scenario - cant argue with this 2. Alot of static content sites are forcing HTTPS even though “technically” there is nothing that needs to be secured in transit - this is where the argument lies.

Re: AWS/Route53 Issues?

month. -John > On Nov 22, 2019, at 8:51 AM, Jason Kuehl wrote: > > Contact your TAM with your AWS ticket number and let them know about your > issue. I haven't seen anything as of yet but I'm still on my way into the > office. (No Friday alerts yet) > > On Fri, Nov 22, 2

AWS/Route53 Issues?

Anyone else seeing major issues in Europe? Starting midnight, 70% of our Europe traffic got redirected to the US. AWS Dashboard says “no issues” but when we called im we got a vague answer that there is a none issue they are working on. Not sure if its another Route53 DDoS, or something else.

Re: Disney+ Geolocation issues

It is amazing how much variance there is between different IP GEO data sets, we recently switched from MaxMind to Neustar, there was a huge difference between the two…. -John

AWS GeoDNS and Routing...

, but its a head scratcher… Thanks John Von Essen

Re: Russian government’s disconnection test

I guess if all telecoms and carriers in Russia (or say China) are under strong government control/oversight, its fairly easy from a technology standpoint to block the outside world. The thing that I always wonder about is the ability for citizens to bypass the restriction via satellite

Re: RTG

I too love RTG, been using it forever, appears to handle interfaces all the way up 10G. Out of curiosity, are you hitting an issue that requires updating? I get it, there are many options now, but back in the day, RTG was so simple and so useful, its a testament to the original product. Its a

Contacts at Three.co.uk

to resolve it. Thanks John Von Essen

Apple AS714 - peering down on the East Coast?

Starting around July 28th, I noticed a latency spike (70ms) on some of our traffic to Apple (mainly api.apple-mapkit.com) coming out of Virginia. This traffic usually always takes some local peering, and never is higher then 10-15ms. I checked from AWS backbone, Cogent, Zayo, Level3, all show

AWS latency is Asia-Pacific

Is anyone else seeing increased latency both within AWS and transit in the Asia-Pacific region? We normally see 90-100ms between Aus and Sing within AWS, for the past 18 hours or so this has jumped up to 190ms - even for internal VPC-VPC traffic. Transit from Aus to Sing (3rd party endpoints)

Re: really amazon?

Really??? You cant parse “User unknown”... Dan is simply pointed out how ridiculous it is that amazon lists a non-existent email address with Arin for abuse. So yeah... really amazon? Sent from my iPhone > On Jul 29, 2019, at 7:07 PM, Mel Beckman wrote: > > Dan, > > I don’t really have

Abuse from Vodaphone AS30722

Anyone from Vodaphone on list? We are experiencing a massive DDoS from three Vodafone /16’s. The DDoS is spread throughout the entire range. 2.38.0.0/16 2.39.0.0/16 188.216.0.0/16 We’ve had to block the entire ranges just to stay online. Thanks John

Comcast Outage - East Coast?

I just saw a 40% traffic drop on my routing core (East Coast based) across all my BGP peers. None of my transit peers flapped or had any issues other than the traffic drop. Almost all the complaints of connectivity issues were people using Comcast, so right now thats the only common thread.

Re: Routing issues to AWS environment.

I was just about to email the group for a related issue. We are also seeing some funky routing/peering within the AWS network. We primarily communicate with Verizon Media/Oath - AS10310. Verizon Media has a presence in Singapore, and its peered locally with AWS AS38895 - we normally see 8ms

Re: Fibre provider in Starkville, MS

I just took a wholesale circuit from Windstream, it was fine - the provisioning/delivery portion was within the Chapter 11 timeline. The Chapter 11 thing, if you read about it, isn’t really because they are going bankrupt, it's more to protect them from a pending lawsuit from a hedge fund

Bing news feeds stale for 5 days (api.cognitive.microsoft.com)

Any Bing engineers on here? I work with a major search affiliate partner, and starting this morning news feeds from api.cognitive.microsoft.com were coming in stale, nothing new in the past 5 days. However, this was only effecting API calls originating

Amazon AS16509 peering... how long to wait?

I applied for peering, received an email, setup the BGP session, waited about a month. Then 3 weeks ago my BGP session with Amazom came up, but with zero routes. I assume I am in some kind of test/waiting period, but after three weeks, I thought I would be getting routes by now. Emails to the

Yahoo/Oath GeoDNS Issue (AS36647)

If anyone from Yahoo/Oath is here, please email me off-list. Have a GeoDNS issue with yahoo API URLs in Australia, DNS results are returning IPs that are not ideal for the region (like on the other side of the world), it so bad (excess latency), we have to override them locally which I really

Re: Should Netflix and Hulu give you emergency alerts?

I don’t care if Aliens are invading or a blackhole is swallowing our sun, do not... I repeat, do not interrupt me watching GoT’s on HBOGo! -John > On Mar 8, 2019, at 6:08 PM, Aaron C. de Bruyn via NANOG > wrote: > >> On Fri, Mar 8, 2019 at 2:36 PM Matt Hoppes >> wrote: >> No. Please no.

Re: Cogent v6 Blackhole server issues???

l Message- From: NANOG On Behalf Of John Von Essen Sent: Friday, February 22, 2019 12:15 PM To: nanog@nanog.org Subject: Cogent v6 Blackhole server issues??? 2 days ago my IPv6 BGP session to Cogent's Blackhole server went down (2001:550:0:1000::421C:802), I've spent all morning emailing their NO

Cogent v6 Blackhole server issues???

2 days ago my IPv6 BGP session to Cogent's Blackhole server went down (2001:550:0:1000::421C:802), I've spent all morning emailing their NOC and I'm getting nowhere. Anyone else seeing this? Im in the Phila Metro area. -John

Cisco ASR's with RSP440 engines...

If anyone on here has experience with the ASR series running the RSP440-SE or -TR, please contact me off-list. I'm trying to better understand real world performance when it comes to handling a few full BGP tables on these, it would be running as very basic edge router primarily just doing

Re: A Zero Spam Mail System [Feedback Request]

This is great news... > On Feb 18, 2019, at 12:02 PM, Viruthagiri Thirumavalavan > wrote: > > I'm leaving this mailing list too. Can a Nanog Op please ban this guy from joining again?

No IPv6 by design to increase reliability...

I was having a debate with someone on this. Take a critical web site, say one where you want 100% global uptime, no potential issues with end users having connectivity or routing issues getting to your IP. Would it be advantageous to purposely not support a record in DNS and disable IPv6,

Re: ASNs decimation in ZW this morning

Im confused as to what exactly happened and how it was implemented. I assume the government wanted to restrict access to sites like whatsapp, facebook, twitter, etc.,. So did they tell national ISPs/Mobile (strong-arm) to simply block access to those sites, or they did they tell them to

Switch.com AS23005

Can someone from Switch.com / AS23005 contact me off-list? I have an IRR route object conflict issue that’s attention. John

Re: CenturyLink RCA?

One thing that is troubling when reading that URL is that it appears several steps of restoration required teams to go onsite for local login, etc.,. Granted, to troubleshoot hardware you need to be physically present to pop a line card in and out, but CTL/LVL3 should have full out-of-band

Re: email scannering / filtering

I've used Sendmail + MIMEDefang + SpamAssassin w/clamav for over 15 years. And on the SA side I use all the bells and whistles available like DCC greylisting, all the public blacklists, there are some 3rd party rulesets you can subscribe to, etc.,. In the end its not as good as gmail, but

Levle3's IRR db

Whats the best way to get in contact with Level3 to make an IRR change... if your not a Level3 customer? I tried emailing r...@level3.net but that bounces back as an unmonitored mailbox. There are dup IRR entries in Level3's db for my prefixes (legacy from a carrier I used over 10 years ago).

Re: Should ISP block child pornography?

I block stuff all the time (like ROKSO's DROP list). The only issue with blocking domains of CPE is I imagine those domains change all the time as they get shutdown, if you block the IP (from domain lookup) its likely that IP maybe be legitimate in the future. It should be stopped it at the

Re: Monitoring service that has a human component?

Whats your budget? The outsourced NOC firms tend to be expensive (I've looked at them for a project), and they are also not that fast, so dont expect someone to determine if an alarm is valid within a few minutes, instead, in goes into their queue and waits for a tech to pick it up, so it

CrownCastle/Lightower/Fibertech peering...

Anyone on the list or no someone at CrownCastle AS46887 for peering relationships? They dont have anything listed on peeringdb.com. Thanks John

Re: Tata Scenic routing in LAX area?

From East Coast: root@dns1:~# traceroute 23.92.178.22 traceroute to 23.92.178.22 (23.92.178.22), 30 hops max, 60 byte packets  1  gw-128-254.phlapalo.quonix.net (208.82.128.254)  0.657 ms  0.657 ms  0.651 ms  2  te0-0-2-3.nr11.b002999-2.phl01.atlas.cogentco.com (38.104.111.121)  1.057 ms 

Re: Zayo vs Coent

Zayo is probably a tad better in the network quality, but… Zayo’s NCC is awful when it comes to fixing or resolving anything, even something as simply as add a default route to my BGP session. And its takes forever, like a whole day waiting in queue. Cogent, you can call, and 15 minutes your

Re: WIndows Updates Fail Via IPv6

I recently go a Linksys home wifi router, by default it enables ipv6 on the LAN. If there is no native IPv6 on the WAN side (which is my case since FiOS doesnt do v6 yet) the Linksys defaults to a v6 tunnel. For the first few weeks of using the router, I had no idea alot of my traffic was