On 1/23/20 6:01 PM, Brian wrote:
Hello all. I am having a hard time trying to articulate why a Dual Home
ISP should have full tables. My understanding has always been that full
tables when dual homed allow much more control. Especially in helping to
prevent Async routes.
If you don't have
On 05/15/2018 04:34 AM, Rich Kulawiec wrote:
> On Mon, May 14, 2018 at 01:47:50PM +0530, Suresh Ramasubramanian wrote:
>> TL;DR = Don't use HTML email [snip]
>
> That's enough right there. HTML markup in email is used exclusively
> by three kinds of people: (1) ignorant newbies who don't know
On 12/28/2017 11:39 AM, Owen DeLong wrote:
>
>> On Dec 28, 2017, at 09:23 , Octavio Alvarez <octalna...@alvarezp.org> wrote:
>>
>> On 12/20/2017 12:23 PM, Mike wrote:
>>> On 12/17/2017 08:31 PM, Eric Kuhnke wrote:
>>> Call this the 'shavings', in IPv
On 12/20/2017 12:23 PM, Mike wrote:
> On 12/17/2017 08:31 PM, Eric Kuhnke wrote:
> Call this the 'shavings', in IPv4 for example, when you assign a P2P
> link with a /30, you are using 2 and wasting 2 addresses. But in IPv6,
> due to ping-pong and just so many technical manuals and other advices,
On 09/26/2016 08:47 AM, Laszlo Hanyecz wrote:
>> If you have links from both ISP A and ISP B and decide to send traffic
>> out ISP A's link sourced from addresses ISP B allocated to you, ISP A
>> *should* drop that traffic on the floor. There is no automated or
>> scalable way for ISP A to
On 09/08/2016 04:09 PM, Pshem Kowalczyk wrote:
> With NAT I have a single entry/exit point to those infrastructure subnets
> which can be easily policed.
I have used NAT in IPv4 scenarios as an alternative for lack of routing
control in the return direction.
However, this does not mean that this
On 07/01/2016 07:28 PM, Edgar Carver wrote:
> Is there some kind of NAT-based IPv6 firewall I can setup on the router
> that can help block viruses?
You need layer-7 firewalls for this. NAT-based "firewalls"
(pseudo-firewalls, really) are layer-4 only. Those will not help you
block typical
On 05/31/2016 09:52 AM, Hugo Slabbert wrote:
>> I'm not sure if you mean that, if sent through C it should have the
>> source addres of A, or that it should actually be sent through A
>> regardless of the routing table (which sounds better to me).
>
> How is the latter better? What guarantees
On 05/31/2016 11:22 AM, William Herrin wrote:
>> I'm not sure if you mean that, if sent through C it should have the
>> source addres of A, or that it should actually be sent through A
>> regardless of the routing table (which sounds better to me).
>
> That doesn't make sense. There may be
On 05/30/2016 10:03 PM, Randy Bush wrote:
> rfc1812 says
>
>4.3.2.4 ICMP Message Source Address
>
>Except where this document specifies otherwise, the IP source address
>in an ICMP message originated by the router MUST be one of the IP
>addresses associated with the physical
On 26/02/16 09:16, Brielle Bruns wrote:
> Place the blame for local resolvers listening on WAN squarely where it
> belongs - the router vendors who make these devices.
As long as ISPs massively buy crappy hardware pieces, vendors will make
them and sell them. That's how it works.
Best regards.
Hi.
Do you know if there are any docs (RFC, drafts, independent...) that
study the tricks being done with the A/ RRs? What I mean is that it
is currently being used not only to resolve the IP address of a
hostname, but for load-balancing as well, the case being that the
hostname is not just a
On 15/12/15 10:08, Ahmed Munaf wrote:
> Dear All,
>
> We are using cisco for natting, we'd like to change it to another brand like
> A10 or Citrix.
If you are willing to rephrase it to "we are using Cisco IOS for
NATting, we'd like to change it to another platform or brand", you may
want to
On 10/27/2015 05:09 AM, Ian Smith wrote:
On Mon, Oct 26, 2015 at 9:40 PM, Octavio Alvarez
<octalna...@alvarezp.org <mailto:octalna...@alvarezp.org>> wrote:
On 26/10/15 11:38, Jürgen Jaritsch wrote:
But it is originating all from different IP addresse
On 27/10/15 05:40, Jutta Zalud wrote:
>>> But it is originating all from different IP addresses. Who knows if this
>>> is an attack to get *@jdlabs.fr blocked from NANOG and is just getting
>>> its goal accomplished.
>>
>> This is the part that's been bugging me. Doesn't the NANOG server
>>
On 26/10/15 11:38, Jürgen Jaritsch wrote:
> Hi,
>
> I added this two lines to our postfix header checks:
>
> /mike@sentex\.net/ DISCARD
> /jdenoy@jdlabs\.fr/ DISCARD
>
> Worked very well:
>
> # grep -i discard /var/log/mail.log | grep -iE "@jdlabs|@sentex" | wc -l
> 408
But it is originating
Hey!
New message, please read <http://iamakeupartistry.com/stop.php?b7rm2>
Octavio Alvarez
Hey!
New message, please read <http://singdanceplaylearn.com/been.php?pw1m2>
Octavio Alvarez
Hey!
New message, please read <http://piet.zijtveld.com/for.php?wrhgc>
Octavio Alvarez
On 09/09/15 06:36, Dovid Bender wrote:
> I am trying to understand why the legal babble bothers anyone. Does
> it give you a nervous twitch? Remind you why you hate legal? It's
> just text at the bottom of your email.
I've seen it in multiple languages (not necessarily on this list).
Furthermore,
On 06/07/15 19:12, Joe Greco wrote:
Terrible idea. These are the kind of features that should be opt in, and
Microsoft could have done that instead.
It *is* an option.
Opt-in and opt-out are two models of having an option.
Also I meant being opt-out for the network administrator regarding
Terrible idea. These are the kind of features that should be opt in, and
Microsoft could have done that instead.
Does the 802.11 beacon support TLV data, like setting some opt-out flag
without changing the SSID? (Even if the the flag name hasn't been yet
agreed on?) Would this be a bad idea?
On 05/26/2015 08:44 AM, Owen DeLong wrote:
I think opt-out of password recovery choices on a line-item basis is
not a bad concept.
For example, I’d want to opt out of recovery with account creation
date. If anyone knows the date my gmail account was created, they
most certainly aren’t me.
On 14/04/15 06:26, Colin Johnston wrote:
Best practice says avoid such info in records as does not aid debug since mix
of dec and hex
Can you please cite the best practice document where this is stated?
Thanks.
On 04/03/2015 12:18 PM, Chris Boyd wrote:
Can we please get back to the original topic?
Also interested in the original topic.
So far we have had one interesting and useful suggestion that I've
seen -- Paul S. mentioned SIR https://github.com/dbarrosop/sir
Have I missed any other
On 10/12/14 18:41, Charles Mills wrote:
In the US at least you have to authenticate with your Comcast credentials
and not like a traditional open wifi where you can just make up an email
and accept the terms of service. I also understand that it is a different
IP than the subscriber. Based
On 10/11/14 12:53, Darden, Patrick wrote:
Get a cheap usb--serial converter. Check amazon for trend usb rs-232
db9 serial converter, tu-s9. Then you can just use whatever laptop.
I've seen some cheap RS-232 converters fail with some devices. I was
last bitten by one that just refused to work
On 05/10/14 18:44, Jimmy Hess wrote:
On Thu, Oct 2, 2014 at 10:54 AM, valdis.kletni...@vt.edu wrote:
The *real* problem isn't the testing.
It's the assumption that you can actually *do* anything useful with this
data.
Name-n-shame probably won't get us far - and the way the US works, if
On 05/09/14 07:16, Jay Ashworth wrote:
How many Youtube subject tags will fit in *your* routers' TCAM?
http://tech.slashdot.org/story/14/09/04/2156232/ucla-cisco-more-launch-consortium-to-replace-tcpip
[ Can someone convince me this isn't the biggest troll in the history
of the
On 09/02/2014 05:46 AM, John Kristoff wrote:
On Tue, 2 Sep 2014 04:47:37 +
S, Somasundaram (Somasundaram) somasundara...@alcatel-lucent.com
wrote:
1: Does all the ISP's provide Multicast Routing by
default?
No not all and even those that do often do not do so on the same gear,
links
On 02/04/14 11:51, Joseph Jenkins wrote:
So I setup BGPMON for my prefixes and got an alert about someone in
Thailand announcing my prefix. Everything looks fine to me and I've
checked a bunch of different Looking Glasses and everything announcing
correctly.
I am assuming I should be
On 03/04/2014 05:28 AM, jim deleskie wrote:
Why want to swing such a big hammer. Even blocking those 2 IP's will
isolate your users, and fill your support queue's.
When the malicious DNS services get shutdown you will still have your
support queue's filled, anyway.
Doing it now will let you
On 04/03/14 10:33, Ian McDonald wrote:
Until the average user's cpe is only permitted to use the resolvers one
has provided as the provider (or otherwise decided are OK), this is
going to be a game of whackamole. So long as there's an 'I have a clue'
opt out, it appears to be the way forward
On 02/10/2014 08:05 AM, Vlade Ristevski wrote:
The ACL is a recent addition and we can probably do away with it. I
didn't notice a significant increase in CPU or drops since adding it.
But we usually peak at about 200Mbps on this link. The full routing
table is a must since we're dual homed.
On 02/10/2014 06:05 PM, Vlade Ristevski wrote:
Are you suggesting getting the default gateway from both providers or
getting the full table from one and using the default as a backup on the
other (7206)?
Whatever suits you best. Test and see. I'd just receive the full table
anyway but filter
On 04/02/14 11:35, Jay Ashworth wrote:
It *is in their commercial best interest (read: maximizing shareholder
value) *NOT* to filter out DOS, DDOS, and spam traffic until their hand is
forced -- it's actually their fiduciary duty not to.
That's short-sighted, but I agree in that that's what
On 04/02/14 14:18, John Levine wrote:
I was at a conference with people from some Very Large ISPs. They
told me that many of their large customers absolutely will not let
them do BCP38 filtering. (If you don't want our business, we can
find someone else who does.) The usual problem is that
On 04/02/14 15:24, John R. Levine wrote:
If ISP has customer A with multiple *known* valid networks --doesn't
matter if ISP allocated them to customer or not-- and ISP lets them
all out, but filters everything else, ISP is still complying with BCP 38.
Of course. The question is how the ISP
On 04/02/14 16:31, Livingood, Jason wrote:
Can somebody explain to me why those who run eyeball networks are able
to block outbound packets when the customer hasn't paid their bill,
but can't seem to block packets that shouldn't be coming from that
cablemodem?
i suspect the non-payment case is
On 02/03/2014 05:33 AM, Ammar Salih wrote:
Hello NANOG list members,
I have a question for you, are you happy with the current network
diagnostic tools, like ping, trace route .. etc,
What tools are you referring to by ...? There are many others. I like
tcptraceroute (there are two variants
On 02/02/2014 07:52 AM, John Curran wrote:
NANOGers -
The folks at the Internet Society are looking for input into how network
operators are (or are not)
involved in IETF standards development. To that end, they've put together
a short survey for
network operators on this topic
On 10/11/2013 10:27 AM, William Waites wrote:
I'm having a discussion with a small network in a part of the world
where bandwidth is scarce and multiple DSL lines are often used for
upstream links. The topic is policy-based routing, which is being
described as load balancing where end-user
That's just the typical Bittorrent /client/, but the idea of using
Bittorrent means the /protocol/. A special Bittorrent client could be
written for ISPs with uploads disabled and Apple could also disable them
on the update-downloading Bittorrent client for the phones.
The clients (be it
On 09/23/2013 08:36 PM, Joe Greco wrote:
That's just the typical Bittorrent /client/, but the idea of using
Bittorrent means the /protocol/. A special Bittorrent client could be
written for ISPs with uploads disabled and Apple could also disable them
on the update-downloading Bittorrent client
Again, as others have said: complain to the ISP that most probably
oversubscribed their links.
On 19/09/13 15:29, Warren Bailey wrote:
Your software updates (you meaning a user of the Internet) should not affect my
experience. I'm not advocating we go back to 5.25 floppies and never look
On Fri, 28 Jun 2013 19:31:35 -0700, Jim Popovitch jim...@gmail.com wrote:
On Fri, Jun 28, 2013 at 10:12 PM, Octavio Alvarez
alvar...@alvarezp.ods.org wrote:
I wish my Debian mirror would just be the mirror.debian.net *service*
(not host), and the network could choose the best for me.
Try
On Fri, 28 Jun 2013 13:09:43 -0700, Michael Thomas m...@mtcc.com wrote:
http://arstechnica.com/information-technology/2013/06/google-making-the-web-faster-with-protocol-that-reduces-round-trips/?comments=1
Sorry if this is a little more on the dev side, and less on the ops side
but since
On Fri, 28 Jun 2013 13:39:04 -0700, Christopher Morrow
morrowc.li...@gmail.com wrote:
On Fri, Jun 28, 2013 at 4:26 PM, Octavio Alvarez
alvar...@alvarezp.ods.org wrote:
Sounds like a UDP replacement. If this is true, then OS-level support
will
be needed. If they are on this, then it's
On Fri, 28 Jun 2013 13:57:48 -0700, Christopher Morrow
morrowc.li...@gmail.com wrote:
again... not a super smart on this stuff, but..
why does it require OS modifications? isn't this just going be
'chrome' (or 'other application') asking for a udp socket and spewing
line-rate-foo out of that?
On Fri, 28 Jun 2013 17:20:21 -0700, Christopher Morrow
morrowc.li...@gmail.com wrote:
Runs in top of UDP... Is not UDP...
If it has protocol set to 17 it is UDP.
So QUIC is an algorithm instead of a protocol?
SCTP is not NAT friendly (to the best of my knowledge), SHIM6 is
IPv6-specific
On Tue, 16 Oct 2012 20:35:11 -0700, Joseph Anthony Pasquale Holsten
jos...@josephholsten.com wrote:
I want to like IPv6. I do. But I'm seriously considering turning off
IPv6 support from our servers.
First off, I'm using djbdns internally and it doesn't support
records. So we
On Thu, 13 Sep 2012 14:45:55 -0700, Jay Ashworth j...@baylink.com wrote:
- Original Message -
From: Måns Nilsson mansa...@besserwisser.org
04:05:41PM + Quoting Dylan Bouterse (dy...@corp.power1.com):
I'm not sure if this is obvious for this list or not, but with your
WiFi
On Mon, 30 Apr 2012 02:42:27 -0700, Rens r...@autempspourmoi.be wrote:
Could anybody recommend any hardware that can build a VPN that works well
over satellite connections? (TCP enhancements)
I'd try splitting the solution into two devices: at the lower layer, the
tunneling part, which can be
On Tue, 13 Mar 2012 23:22:04 -0700, Christopher Morrow
christopher.mor...@gmail.com wrote:
NetRange: 100.64.0.0 - 100.127.255.255
CIDR: 100.64.0.0/10
OriginAS:
NetName:SHARED-ADDRESS-SPACE-RFCTBD-IANA-RESERVED
Weren't we supposed to *solve* the end-to-end
On Tue, 06 Mar 2012 23:43:07 -0800, Igor Ybema i...@ergens.org wrote:
[igor@vds ~]$ host -t A www.facebook.com ns1.facebook.com
Using domain server:
Name: ns1.facebook.com
Address: 204.74.66.132#53
Aliases:
www.facebook.com has no A record
No, it's a subdomain with its A records in another
On Wed, 15 Feb 2012 12:47:15 -0800, John Kristoff j...@cymru.com wrote:
I have a handful of common misconceptions that I'd put on a top 10 list,
but I'd like to solicit from this community what it considers to be the
most annoying and common operational misconceptions future operators
often
On Fri, 23 Dec 2011 01:18:40 -0800, jacob miller mmzi...@yahoo.com wrote:
Am having a debate on the results of speed tests sites.
Am interested in knowing the thoughts of different individuals in
regards to this.
They are just a measurement, which need to be correctly used and
interpreted
On Wed, 09 Feb 2011 03:00:27 -0800, Robert Lusby nano...@gmail.com wrote:
I am however *terrified* of making that move. There is so many new
phrases, words, things to think about etc
You fears will significantly lower after you set up a separate lab and
play with it. With something as simple
On Wed, 08 Jun 2011 02:28:40 -0700, Jeroen Massar jer...@unfix.org wrote:
It is really nice that folks where able to put records on their
websites for only 24 hours, but they forgot to put in the glue on their
nameservers.
As such, for the folks testing IPv6-only, a lot of sites will fail
On Sat, 30 Apr 2011 10:34:15 -0700, Chris Adams cmad...@hiwaay.net wrote:
Once upon a time, Octavio Alvarez alvar...@alvarezp.ods.org said:
So the first user in a router tunes to a multicast stream. Consumption
for the ISP and all the routers in the chain to the source: same as if
it were
On Fri, 29 Apr 2011 10:48:51 -0700, Jay Ashworth j...@baylink.com wrote:
- Original Message -
From: Rubens Kuhl rube...@gmail.com
And that's the snap answer, yes. But the *load*, while admittedly
lessened over unicast, falls *mostly* to the carriers, who cannot anymore
bill for it,
61 matches
Mail list logo