Re: ARIN whois contact abuse from ipv4depot aka Silicon Desert International Inc
--- Original Message --- On Thursday, October 12th, 2023 at 18:59, Niels Bakker wrote: > RIPE have a policy that states Which is exactly what I said Neils. When I asked about it, they pointed me at a policy. Well hell, theoretically my company has a policy that describes zero-tolerance to spam. And yet if I published such a policy on the website, do you think spammers would adhere to it ? As for you implying it is impossible for a RIR to validate such information, just ask anyone who is a Nominet (.uk registry) member. Every year, Nominet do an audit of every member. They pull a random-sample of domains from each member and attempt to perform an automated check of end-user name and address details. If Nominet are unable to perform the automated check, then you receive an email from the Nominet compliance department asking for your assistance with a manual check (this happens rarely, Nominet's automated checks normally work). Nominet do not expect 100% perfection, there is a tolerance percentage. RIPE could do the same. And some might argue that it is easier for RIPE because all we are asking is for a valid abuse contact, so its not like Nominet who have to verify e.g. registrant company ID numbers.
Re: ARIN whois contact abuse from ipv4depot aka Silicon Desert International Inc
Honestly Mike I don't think they care. I mean, most (all ?) of the registries still can't be bothered to validate the information the resource holders post to the database. Last time I asked, e.g. RIPE about it, they basically said "not my problem guv" , pointed me to some policy document that said members should provide correct details and well, that was about it. So if they don't do that, then what hope is there for them doing something about the harvesters ? --- Original Message --- On Thursday, October 12th, 2023 at 17:08, Mike Hammett wrote: > Do we know if the organizations with key Internet resources (ARIN, RIPE, > PeeringDB, etc.) have any honeypots in their arsenal? Obviously, publicly > knowing about it kind of defeats the purpose of it, but that might be a way > to help be proactive - make fake entries with unique contact information to > catch those harvesting. > > > > - > Mike Hammett > Intelligent Computing Solutions > http://www.ics-il.com > > Midwest-IX > http://www.midwest-ix.com > > > From: "Mel Beckman" > To: "Tom Beecher" > Cc: "nanog@nanog.org list" > Sent: Thursday, October 12, 2023 11:01:20 AM > Subject: Re: ARIN whois contact abuse from ipv4depot aka Silicon Desert > International Inc > > Tom, > When an ARIN member violates their agreement and spams from ARIN’s databases, > it’s not just an “Internet is fertile ground” deal. It’s a betrayal of a > legal trust, one that demands accountability. I’m quite happy that ARIN > promptly responds to these abuses, and gets results. That only works if > victims report spam and compare notes. Let the “fertile ground” be elsewhere! > > -mel beckman > > > > On Oct 12, 2023, at 8:49 AM, Tom Beecher wrote: > > > > > > > > It's ridiculous that they resort to scraping public lists and DBs to try > > > and achieve what they're attempting to do. > > > > > > Everyone is always looking for information they can use to advance some > > agenda or purpose. The internet is fertile ground for that. Always has > > been, always will be. > > > > Not taking shots at anyone here, but I am boggled why this is a common > > public complaint. Block the sender and move on. > > > > On Wed, Oct 11, 2023 at 7:56 PM Peter Potvin via NANOG > > wrote: > > > > > Definitely have received this same spam multiple times and so have a few > > > others I know. It's ridiculous that they resort to scraping public lists > > > and DBs to try and achieve what they're attempting to do. > > > Regards,Peter Potvin | Executive Director > > > -- > > > Accuris Technologies Ltd. > > > > > > > > > On Wed, Oct 11, 2023 at 7:52 PM Eric Kuhnke wrote: > > > > > > > Is anyone else receiving spam from this organization? Based on the > > > > contents of the cold solicitations they are sending us, and the > > > > addresses being sent to, they have scraped ARIN WHOIS data for noc and > > > > abuse POC contact info and recent ipv4 block transfers. > > > > It's trivially easy to block their entire domain at the mail server > > > > level, of course... > > > > > > > >
Re: FYI - 2FA to be come mandatory for ARIN Online? (was: Fwd: [arin-announce] Consultation on Requiring Two-Factor Authentication (2FA) for ARIN Online Accounts
Its 2022. Do we really still need a consultation on why mandatory 2FA is a good thing ? Even more so for something like ARIN ? --- Original Message --- On Tuesday, May 24th, 2022 at 19:28, John Curran wrote: > NANOGers - > A consultation opened today on potentially requiring use of 2-factor > authentication to login into ARIN Online – this would take place once SMS 2FA > is deployed. If you think that this is: a) a great idea, b) a bad idea, c) > anything else, then feel free to subscribe to the arin-consult mailing list > (open to all at http://lists.arin.net/mailman/listinfo/arin-consult) and > provide your feedback. > Best wishes,/John > John CurranPresident and CEOAmerican Registry for Internet Numbers > > > > Begin forwarded message: > > From: ARIN > > Subject: [arin-announce] Consultation on Requiring Two-Factor > > Authentication (2FA) for ARIN Online Accounts > > Date: 24 May 2022 at 12:45:48 PM EDT > > To: "arin-annou...@arin.net" > > > > **Background** > > > > In 2015, ARIN deployed a Time-Based One-Time password (TOTP) implementation > > of Two-Factor Authentication (2FA). Since the time of implementing that > > login security feature, 3.2 percent of ARIN Online users have opted to use > > 2FA with their accounts. > > > > Since October 2020, the ARIN Online system has been subject to a series of > > dictionary-based password guessing attacks. In March of 2021, we conducted > > ACSP Consultation 2021.2: Password Security for ARIN Online Accounts > > (https://www.arin.net/participate/community/acsp/consultations/2021/2021-2/) > > on proposed improvements to increase account security. This consultation > > resulted in an agreement to move forward with several improvements that > > have subsequently been deployed. However, we continue to see frequent > > attacks on our log-in systems, and ARIN staff continues to be heavily > > engaged in mitigating these attacks. Accounts not using 2FA are susceptible > > to these attacks. We recently updated the community on this topic during > > ARIN 49 held in Nashville and online in April. You can review this > > information from the ARIN 49 Meeting Report > > (https://www.arin.net/participate/meetings/ARIN49/) by looking for the > > presentation titled “Brute Force Login Attacks”. > > > > It is our intention to make 2FA mandatory for all existing and new ARIN > > Online accounts going forward. The security of ARIN Online accounts is > > paramount to the success of the registry, and we do not believe it is > > tenable to continue without making 2FA required for all ARIN Online > > accounts. > > > > We are currently developing a second method of 2FA use with ARIN Online to > > add to our long-deployed TOTP implementation. In the coming months, we will > > deploy a Short Message Service (SMS) 2FA implementation, thereby adding a > > second 2FA option for ARIN Online users. At that time, users will be able > > to choose between two types of 2FA – SMS and TOTP. Adoption of TOTP 2FA > > has been limited in part due to perceived complexity, and the addition of > > SMS-based 2FA will provide a second option that is easier to use for many > > customers – and provide much more protection than the simple > > username-password condition of many ARIN Online user accounts today. (ARIN > > also plans on adding support for a third 2FA option in the future – Fast > > Identity Online 2 (FIDO2) – in response to community suggestions, but we do > > not believe it is prudent to delay requiring 2FA on ARIN Online accounts > > until that third option becomes available.) > > > > **Requiring 2FA For ARIN Online Accounts** > > > > By requiring 2FA for ARIN Online accounts that control number resources, > > the ARIN community should see stronger security for the registry, reduced > > risk of account fraud attempts, and increased confidence in the integrity > > of their ARIN resources. > > > > ARIN intends to require 2FA for all ARIN Online accounts shortly after > > SMS-based 2FA authentication is generally available. We are seeking > > confirmation from the ARIN community regarding this plan, and ask the > > following consultation question: > > > > --- > > Once SMS-based two-factor authentication (2FA) is available for ARIN > > Online, do you believe ARIN *should not* proceed with requiring 2FA > > authentication (SMS-based or TOTP) for all ARIN Online accounts? If so, > > why? > > --- > > > > The feedback you provide during this consultation will help form our path > > forward to increasing the security of ARIN Online for all customers. Thank > > you for your participation in the ARIN Consultation and Suggestion Process. > > Please provide comments to arin-cons...@arin.net. You can subscribe to this > > mailing list at: > > > > http://lists.arin.net/mailman/listinfo/arin-consult > > > > This consultation will remain open through 5:00 PM ET on 24 June 2022. > > > > Regards,
Re: 10 Do's + Don'ts for Visiting Québec + Register Now for N85!
--- Original Message --- On Sunday, May 8th, 2022 at 21:31, Stephen Fulton wrote: > If you are not from Canada and do not speak French I speak French, but the European one. I struggled to make myself understood because I was speaking with the "proper" accent and mannerisms (e.g. rolling of R's), both of which are brutally murdered by French Canadian speakers. So I switched to speaking English. Worked out well, and I never saw the "chip on shoulder" that Stephen alludes to (although I'm aware it exists, having been briefed by Canadian friends).
Re: 10 Do's + Don'ts for Visiting Québec + Register Now for N85!
--- Original Message --- On Friday, May 6th, 2022 at 13:59, J EMail <70ford...@gmail.com> wrote: > poutine should be on this list. God no ! There are many great things about Canada and Québec but poutine most certainly is not. A culinary abomination that deserves to be confined to the history books.
Re: Any sign of supply chain returning to normal?
--- Original Message --- On Friday, April 22nd, 2022 at 13:24, Drew Weaver wrote: > Has anyone seen any progress whatsoever on supply chain issues with > networking hardware? Nope. Personally speaking I'm struggling on everything from simple Intel network cards to half-decent switches. On the grapevine, I am hearing the same. I was, for example, talking to a rep from $major_IX ... he said they've got more than one customer with pending port connections due to lack of kit, and one customer told him some router card was not due til Q1 2023. I think the reality is it's going to get bad before it gets better. There's probably an almighty backlog that needs to be processed before new orders reach the front of the queue. On another grapevine I've heard the situation is, shall we say, not helped by the hyperscalers. The hyperscalers are (allegedly) queue jumping using hard $$$ ... i.e. saying to vendors "I'll give you this chunky order in return for a place higher up the queue". Vendors of course being vain beasts who don't care for much apart from next quarter's financial results are (allegedly) lapping up the "free" money.
Re: IP Reputation Services
On Monday, April 4th, 2022 at 15:37, Mike Hammett wrote: > I'm checking in to see what people think of IP reputation services. Pre-IPv6 I was always a little apprehensive of using them for general use because it was always a bit murky how they collected the IPs in the first place. This of course excludes email anti-spam reputation services which are inherently a different kettle of fish. For non-email use I tend to favour CAPTCHA (or, hCAPTCHA to be precise, as I don't believe in giving Google any more data). Post-IPv6 I would think IP reputation services are fairly pointless. With people being given anything up to a /48 without question what are you going to do ? Block whole /48s ?
Re: Cogent ...
--- Original Message --- On Thursday, March 31st, 2022 at 16:43, Joe Greco wrote: > On Thu, Mar 31, 2022 at 03:38:15PM +0000, Laura Smith via NANOG wrote: > > Because they know that the sillier bits will be poked fun at on NANOG > > if they allow them to be disclosed? > The ironic thing is they demand NDAs and yet they don't comply with requests to stop unsolicited marketing despite written historical promises that they would.
Cogent ...
Hmmm Spring has sprung and the waft of drivel from a new season Cogent salesdroid filled my telephone earpiece today. I've never liked the Cogent way of business and my understanding of their IP transit is that it falls into the "cheap for a reason" category. However, perhaps someone would care to elaborate (either on or off-list) what the deal is with the requirement to sign NDAs with Cogent before they'll discuss things like why they still charge for BGP, or indeed any other technical or pricing matters. Seems weird ?!? Laura
Re: Vodafone-UA
Putting the weirdness of your message aside for a moment ... Its bad enough trying to get hold of anyone remotely competent at a Western EU division of Vodafone at the best of times. Therefore, I suspect the chances of anyone at Vodafone Ukraine being bothered to reply to some random person they don't know from Larry about "national security" matter is, well, nil. Sent with ProtonMail Secure Email. --- Original Message --- On Monday, March 7th, 2022 at 16:45, Lady Benjamin Cannon of Glencoe wrote: > Can someone (anyone) from Vodafone Ukraine contact me off-list about an > urgent national security matter. Thanks. > > -LB > > Ms. Lady Benjamin PD Cannon of Glencoe, ASCE > > 6x7 Networks & 6x7 Telecom, LLC > > CEO > > b...@6by7.net > > "The only fully end-to-end encrypted global telecommunications company in the > world.”ANNOUNCING: 6x7 GLOBAL MARITIME > > FCC License KJ6FJJ
Re: Conflicts and fiber cuts
On Sunday, March 6th, 2022 at 23:40, Sean Donelan wrote: > Historically, the largest telecommunication outages have been due > to > operator error Yeah, tell me about it. In the very recent past there was a certain Tier 1 operator who decided to move a core router between X & Y within the same datacentre. As you might imagine, this impacted a good few hundred fibres. Physical move happened without issue, router powered up fine, but a large subset of fibres refused to come up. Cue escalation, lots of testing, lots of talking to vendors etc. Eventually 72 hours later the problem was solved. Cause ? SFP signals too high at new location, attenuators fitted, everything came up.
Re: Conflicts and fiber cuts
You do realise there's a shedload of fibre running around Europe ? There are so many redundant paths that you'd have to chop through quite a lot of it before anyone noticed much difference. I mean even within Ukraine itself, traditional internet (i.e. non-satcom) has proven to be surprisingly resilient. --- Original Message --- On Thursday, March 3rd, 2022 at 07:09, Hank Nussbacher wrote: > As the discussion rages on NANOG, RIPE, CENTR and many other > > uber-technical forums, I would like to see whether we can focus on what > > we know best - networking. Perhaps a weekly report of fiber cuts > > throughout Europe (starting from Feb 15) and the RFO that the carrier > > provided. Of especial interest would be undersea/underocean cuts or > > strange outages that the carrier cannot explain. Perhaps we can then > > map where some nation/state is sabotaging fiber or tapping into such fiber. > > Anyone willing to run with this? > > -Hank
Re: Simplified BGP peering solution
--- Original Message --- On Monday, February 7th, 2022 at 12:18, Josh Saul wrote: > How many active ISPs are most of the people on this list dealing with? > > 1-2 - I'm an end user just trying to load balance3-5 - I'm aggressively > looking for the best paths for my "customer" traffic6-20 - I have a meet-me > POP room or a specific business need for so many connections21+ - I'm an ISP > Not sure I understand the point you're getting at here ? Surely for any ISP it will be a mixture of the above ? And if any ISP complains about such diversity of customers, surely they are in the wrong business ? If you can't stand the heat, get out of the kitchen (as the old saying goes)
RE: [EXTERNAL] Re: Flow collection and analysis
‐‐‐ Original Message ‐‐‐ On Friday, January 28th, 2022 at 11:52, Jean St-Laurent wrote: > Why DNS are still travelling in clear text? > It doesn't have to. In 2022 there are many encryption options for DNS. There are also things like DNSSEC and DANE for ensuring authenticity over cleartext. In addition, if the latest US Federal guidance is anything to go by, we may be witnessing the first big nail being put into the cleartext DNS coffin. (https://www.bastionzero.com/blog/i-read-the-federal-governments-zero-trust-memo-so-you-dont-have-to)
Re: [EXTERNAL] Re: Flow collection and analysis
‐‐‐ Original Message ‐‐‐ On Friday, January 28th, 2022 at 03:55, Mel Beckman wrote: > But nobody asked for anything from scratch Eric. Open SSL is it complete > ready to integrate package. Any developer worth his salt should be able to > put it on any web application. In addition to OpenSSL, there are very compact > commercial SSL libraries such as Mocana NanoSSL and wolfSSL, if you want to > really simplify the process. > Yup. Every single modern programming language out there has a crypto library. The high-level languages (e.g. Go) have crypto built into the standard library. The low-level languages (e.g C or Rust) all have at least one or more well supported third party crypto libraries (e.g. for C there's OpenSSL, GnuTLS, LibreSSL, Boring SSL, Mbed TLS ... and those are the ones that I can think of off the top of my head). There's no need to do any crypto "from scratch", and indeed you SHOULD NOT.
Re: [EXTERNAL] Re: Flow collection and analysis
‐‐‐ Original Message ‐‐‐ On Wednesday, January 26th, 2022 at 14:49, heasley wrote: > > confidentiality and integrity, even if you do not care about authentication. > > I am surprised that question is asked. > Indeed. And to add the obvious to the obvious observation above, in certain industries and/or jurisdictions its effectively mandatory to encrypt the whole stack. And that's before we start talking about the "modern" "Zero Trust" mentality (which incidentally is nothing new and has been around since at least 2004 with the Jericho Forum... but I guess "Zero Trust" sounds cooler).
Re: [EXTERNAL] Re: Flow collection and analysis
‐‐‐ Original Message ‐‐‐ On Wednesday, January 26th, 2022 at 11:08, Eric Kuhnke wrote: > elastiflow is extremely easy to run on an httpd listening only on localhost > and proxy behind a simple nginx TLS1.2/1.3 only configuration listening on > port 443. > I don't know about anyone else here, but frankly in 2022 TLS support should be a first class citizen. If I have to mess around with running something else as a proxy in front of it then that's the end of my software evaluation. Crypto is no longer "nice to have" option these days.
Re: [EXTERNAL] Re: Flow collection and analysis
On Tuesday, January 25th, 2022 at 23:50, Compton, Rich A wrote: > You can pretty much do the same thing with Elastic’s filebeat > (https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-module-netflow.html). > > Has Elastic decided to join the rest of the world in the 21st century yet ? Last time I looked at it (not too many years ago) they had no TLS support. Bit of a show-stopper in today's security environment.
Re: Flow collection and analysis
‐‐‐ Original Message ‐‐‐ On Tuesday, January 25th, 2022 at 16:44, Mel Beckman wrote: > We use, depending on the situation, Intermapper, PRTG, and NTop. > > PRTG includes its web-based flow collector and viewer for free, and there is > even a free 100-sensor edition of the product that lets you use just the flow > stuff fir free forever. > Once upon a time we used to use PRTG. Nothing bad to say about it as a product, apart from the fact it only runs on Windows. It is an unfortunate fact in today's world with Microsoft's desire to push everyone to Azure and make on-prem licensing increasingly unattractive.
Re: Flow collection and analysis
On Tuesday, January 25th, 2022 at 15:46, David Bass wrote: > Wondering what others in the small to medium sized networks out there are > using these days for netflow data collection, and your opinion on the tool? > > Thanks! Not a suggestion, but a question Curious to know if anyone (apart from Cloudflare, obvs !) is using Goflow ? (https://github.com/cloudflare/goflow)
Re: Operator survey: Incrementally deployable secure Internet routing
‐‐‐ Original Message ‐‐‐ On Friday, January 21st, 2022 at 22:07, Yixin Sun wrote: > Dear Nanog, > > We appreciate that your time is very precious, but we wanted to ask you for > your help in answering a brief survey about a new secure routing system we > have developed in a research collaboration between ETH, Princeton University, > and University of Virginia. Prateek, Adrian, and Yixin, With the greatest of respect I'm afraid this kind of exemplifies the sort of dream-ware that can only be thought up in the cozy confines of a university campus. Why do I say this ? Because the first thing that I thought of when I read the subject line of your email and a cursory glance through the body was "Uh huh, I've heard this sort of thing somewhere before", and that somewhere was IPv6 was sold as "incrementally deployable", and with IPv6 we're talking something natively dual-stack operating over the same old "internet". And look where we are today ? A decade or so on and the world is still nowhere near 100% IPv6 coverage, with some major networks still not anywhere near, and with other major networks only just launching IPv6 (e.g. the hyperscalers ... or at least some of them). And that's before we start considering the developing world. Or if we put IPv6 to one side. Why do you think BGP is *still* so stubbornly here ? Because it works (most of the time), everyone knows how it works, and its been battle tested. So the chances of something more drastic like your proposal ever seeing the light of day beyond some university labs ? Sorry to rain on your parade guys ! Laura
Re: Anyone else seeing DNSSEC failures from EU Commission ? (european-union.europa.eu)
Thanks Stephane. I've subsequently had confirmation on the grapevine (indirect comms with CERT-EU) that they are indeed aware of a DNS issue but no detail or estimated fix time. ‐‐‐ Original Message ‐‐‐ On Wednesday, December 8th, 2021 at 13:40, Stephane Bortzmeyer wrote: > On Wed, Dec 08, 2021 at 01:27:23PM +, > > Laura Smith via NANOG nanog@nanog.org wrote > > a message of 18 lines which said: > > > Bit of a long stretch given the US audience, but I'm seeing lots of things > > like this at the moment: > > Indeed, they botched DNSSEC > > https://dnsviz.net/d/european-union.europa.eu/YbCzrQ/dnssec/ > > Seen by RIPE Atlas probes: > > % blaeu-resolve --requested 100 --type A european-union.europa.eu > > [ERROR: SERVFAIL] : 48 occurrences > > ... > > Test #34367829 done at 2021-12-08T13:37:31Z
Anyone else seeing DNSSEC failures from EU Commission ? (european-union.europa.eu)
Bit of a long stretch given the US audience, but I'm seeing lots of things like this at the moment: info: validation failure : key for validation european-union.europa.eu. is marked as invalid because of a previous validation failure : DS got unsigned CNAME answer from 2600:9000:5301:a200::1 and 34.255.155.194 for DS european-union.europa.eu. while building chain of trust info: validation failure : DS got unsigned CNAME answer from 2600:9000:5302:9a00::1 and 34.255.155.194 for DS european-union.europa.eu. while building chain of trust validation failure : signatures from unknown keys from 147.67.12.3 info: validation failure : signatures from unknown keys from 147.67.12.3
Re: ROA mirror to IRR?
‐‐‐ Original Message ‐‐‐ On Tuesday, October 26th, 2021 at 21:17, Shawn wrote: > Is it standard practice to accept more specifics (append IPv4 "le /24" and > IPv6 "le /48")? There was an blog post written somewhere (unfortunately I cannot locate it) that urged caution as to how you configure more specifics at RIRs and doing it the wrong way opened you up to spoofing or somesuch. I seem to recall the obvious way (your suggested "append le/24" etc.) was very much not recommended. No doubt some kind soul on list will have that blog post in their bookmarks and/or others may wish to comment on the concept.
Re: S.Korea broadband firm sues Netflix after traffic surge
Thanks for your insight Matt, much appreciated.
Re: S.Korea broadband firm sues Netflix after traffic surge
> The bad news now, is, there are plenty of many, small, local > and regional ISP's who are willing to do whatever it takes to > work with the content providers. All that's required is some > network, a half-decent data centre and an exchange point. Gone > are the days where customers clamored to sign up with Big > Telco. Speaking as one of those smaller ISPs willing to do whatever it takes, perhaps you could answer me this riddle. - PoP in one of your "half-decent data centres" ... tick. - Connnection to one of your "exchange point" ... tick. - $certain_large_cdn present on said "exchange point" ... tick. And yet . - $certain_large_cdn publishes routes on route server ? Nope. - $certain_large_cdn willing to establish direct peering session ? Nope. I am well aware of the "big boys club" that operates at most exchanges where the large networks see it beneath them to peer with (or publish routes for the benefit of) the unwashed masses. But I struggle to comprehend why $certain_large_cdn would effectively cut off their nose to spite their face ?
Re: New minimum speed for US broadband connections
I agree with Dan. In Switzerland you can get 10Gb symmetric to the home for 49.95 per month (or 39.95 if you have a mobile with the same ISP) . As with Dan, average utilisation is measured in Mb. But then the ability to go from that to download 10GB of the latest patches from Microsoft or Apple, or the ability to upload large files for off-site backups or for friends/customers I don't know what I'd do without it ! And of course, the days of the buffering wheel of death when streaming 4K TV is long gone ... I can have multiple people in multiple rooms in my house streaming 4K and nobody notices. I would never, ever, go back to DSL. Even if they hiked the price 5x, I'd still pay it. Coming back to the original question on this thread, my answer would be the minimum for 2021 should be 1/1. Anything less than that is a bit silly and will soon be obsolete. ‐‐‐ Original Message ‐‐‐ On Saturday, 29 May 2021 04:50, Dan Stralka wrote: > But it is reality, it's just not your reality, Mike. Brandon's ISP can > provide that service. > > So should there be a more granular definition of speeds mandated based on > population density, last mile tech, etc? > > I was in the camp that you didn't need higher bandwidth than you'd normally > find - I was happy on my 50/10 plan. Then my ISP upgraded me to a 300/50 or > thereabouts and it was a night and day difference in getting things done. > > Just like your example of average utilization being in the single megabits > per second, my average utilization is near zero. But when I need to move > files I can burst to speeds that aren't embarrassing in 2021. > > Higher bandwidth is both welcome and necessary. It doesn't have to be > sustained throughout the contract to be required. The only question is how > feasible it is, and I suspect it's quite feasible for larger players. > > Dan > > (end) > > On Fri, May 28, 2021, 22:33 Mike Hammett wrote: > > > That's not based in any kind of reality. > > > > - > > Mike Hammett > > Intelligent Computing Solutions > > http://www.ics-il.com > > > > Midwest-IX > > http://www.midwest-ix.com > > > > From: "Brandon Price" > > To: "Sean Donelan" , "NANOG Operators' Group" > > > > Sent: Friday, May 28, 2021 5:21:53 PM > > Subject: RE: New minimum speed for US broadband connections > > > > 100/100 minimum for sure. > > > > In our small neck of the woods, we are currently doing 250/250 for $45 and > > 1000/1000 for $60 no data caps. > > > > We have lost some grants on rural builds because "someone" in the census > > block claims they provide broadband.. Not hard to put an AP up on a tower > > and hit the current definition's upload speed. > > > > I get a chuckle when the providers tell the customer what they "need"... > > > > Brandon Price > > Senior Network Engineer > > City of Sherwood, Sherwood Broadband > > > > -Original Message- > > From: NANOG On Behalf > > Of Sean Donelan > > Sent: Thursday, May 27, 2021 5:33 PM > > To: NANOG Operators' Group > > Subject: Re: New minimum speed for US broadband connections > > > > CAUTION: This email originated from outside of the organization. Do not > > click links or open attachments unless you are expecting this email and/or > > know the content is safe. > > > > On Thu, 27 May 2021, Lady Benjamin Cannon of Glencoe, ASCE wrote: > > > At least 100/100. > > > > > > We don’t like selling slower than 10g anymore, that’s what I’d start > > > everyone at if I could. > > > > At $50/month or less? > > > > Maximize number of households of all demographic groups.
Re: Tier1 BGP filter generation data sources & frequency
I thought everyone was supposed to be migrating to MANRS. ;-) Sent with ProtonMail Secure Email. ‐‐‐ Original Message ‐‐‐ On Saturday, 22 May 2021 00:40, Clinton Work wrote: > Is there any compiled information for Tier1 providers on the supported BGP > filter generation data sources and frequency? > > This is what I have been able to determine so far: > > - TATA AS6453: IRR and RPKI ROAs > (http://lg.as6453.net/doc/cust-routing-policy.html) > - Cogent AS174: unknown > - NTT 2914: IRR, ARIN WHOIS OriginAS, NIC.br whois, RPKI ROAs > (https://www.gin.ntt.net/support-center/policies-procedures/routing/) > - Lumen AS3356: IRR > - Telia AS1299: IRR > > TATA is going to deprecate new RADB, NTTCOM, and ALTDB route objects > starting Aug 15, 2021 and I was hoping that more providers would add RPKI > ROAs as a data source for BGP filter generation. Supporting RPKI ROAs would > mean that you don't have to create both IRR route objects and RPKI ROAs for > each IP block. > > -- > Clinton Work >
Re: Google IP Geolocation
Yup. I've had this problem with Google for two years now. "We're Google. We know better than you. We're not interested in discussion. And no, you can't have access to the ISP portal you silly little person" .. is the summary of my experience. And all this is despite my network peering with Google over a major IXP. They *STILL* can't get the right geolocation despite having a direct peering session with us over the exchange ! Sent with ProtonMail Secure Email. ‐‐‐ Original Message ‐‐‐ On Monday, 29 March 2021 21:12, Troy Kelly via NANOG wrote: > We've also been denied access to the ISP portal. > > When we replied as to why, we were told to not open another ticket. They > aren't interested in conversation. > > Sent from ProtonMail mobile > > Original Message > On 30 Mar 2021, 6:53 am, Mike Hammett < na...@ics-il.net> wrote: > > > I've had others at Google specifically say that portal should be used for > > that purpose, so maybe they need to make sure right and left hands know > > what the other is doing. > > > > - > > Mike Hammett > > Intelligent Computing Solutions > > http://www.ics-il.com > > > > Midwest-IX > > http://www.midwest-ix.com > > > > From: "Josh Luthman" > > To: "Christopher Morrow" > > Cc: nanog@nanog.org > > Sent: Monday, March 29, 2021 1:52:48 PM > > Subject: Re: Google IP Geolocation > > > > https://isp.google.com > > > > I signed up for an account there and they said: > > > > "Currently, the Google ISP portal is designed for our partners of GGC, PNI > > or IX programs. > > > > The access to portal is granted on request only to our partners." > > > > Josh Luthman > > 24/7 Help Desk: 937-552-2340 > > Direct: 937-552-2343 > > 1100 Wayne St > > Suite 1337 > > Troy, OH 45373 > > > > On Mon, Mar 29, 2021 at 2:08 PM Christopher Morrow > > wrote: > > > > > On Mon, Mar 29, 2021 at 1:59 PM Josh Luthman > > > wrote: > > > > > > > Google ISP specifically told me they didn't want to do deal with > > > > geolocation on the ISP portal. > > > > > > unsure who 'google isp' is here, but ... I think if you point at a > > > properly formed geo-location data file it'll get eaten and produce proper > > > results for you. > > > you do have to add that in your isp portal: > > > tri-pipe-thingy -> configuration -> IP geolocation > > > and /register feed/ button on that page. > > > > > > > > > > Josh Luthman > > > > 24/7 Help Desk: 937-552-2340 > > > > Direct: 937-552-2343 > > > > 1100 Wayne St > > > > Suite 1337 > > > > Troy, OH 45373 > > > > > > > > On Sat, Mar 27, 2021 at 3:28 PM Christopher Morrow > > > > wrote: > > > > > > > > > As a note, on the ISP portal there's a place to put a link to your > > > > > RFC8805 format geolocation feed... > > > > > these are scraped out 'regularly' and help keep things oriented > > > > > better for folks. > > > > > > > > > > the ietf noc folk use this method to tell google (and other folk who > > > > > scrape out our data) where meetings are before the meetings get there: > > > > > https://noc.ietf.org/geo/google.csv > > > > > > > > > > -chris > > > > > volunteer noc persona > > > > > > > > > > On Fri, Mar 26, 2021 at 6:43 PM Michael K. Spears > > > > > wrote: > > > > > > > > > > > Awesome, I think I’ve figured out the Google ISP portal signup, but > > > > > > it definitely seems semi-complicated in a way, notably finding the > > > > > > link… > > > > > > > > > > > > > > > > > > > > > > > > Thank you, > > > > > > > > > > > > Michael K. Spears > > > > > > > > > > > > 727.656.3347 > > > > > > > > > > > > > > > > > > > > > > > > From: Mike Hammett > > > > > > Sent: Friday, March 26, 2021 6:30 PM > > > > > > To: Michael K. Spears > > > > > > Cc: nanog@nanog.org > > > > > > Subject: Re: Google IP Geolocation > > > > > > > > > > > > > > > > > > > > > > > > We're working on a video to show people how to sign up for the ISP > > > > > > portal and get to that part of the portal once signed up. We'll > > > > > > drop a link to it near the Google section of our geolocation page. > > > > > > > > > > > > - > > > > > > > > > > > > Mike Hammett > > > > > > > > > > > > Intelligent Computing Solutions > > > > > > > > > > > > http://www.ics-il.com > > > > > > > > > > > > Midwest-IX > > > > > > > > > > > > http://www.midwest-ix.com > > > > > > > > > > > > From: "Michael K. Spears" > > > > > > > > > > > > To: nanog@nanog.org > > > > > > > > > > > > Sent: Friday, March 26, 2021 5:10:23 PM > > > > > > > > > > > > Subject: Google IP Geolocation > > > > > > > > > > > > Anyone have a good contact at Google who can help with IP > > > > > > geolocation? I have a /24 where anything related to Google is in > > > > > > the wrong language. > > > > > > > > > > > > Thank you, > > > > > > > > > > > > Michael K. Spears
Re: Global Peer Exchange
I stopped reading at "Cogent" ;-) Telemarketing pests. My dislike of electronic spam is only preceded by my utter contempt for those people who both physically and mentally interrupt my work. Sent with ProtonMail Secure Email. ‐‐‐ Original Message ‐‐‐ On Monday, November 30, 2020 3:07 PM, Jared Brown wrote: > Hello NANOG! > > Does anybody have anything, good or bad, to say about Cogent's Global Peer > Exchange? > > Jared
