Re: ROA Will Expire Soon - ARIN
In our experience, I think, we do a 24 month rpki cert tied the key shared with ARIN. You simply create a new rpki cert in the ARIN hosted service. Due operational reasons we will delete an old cert a month after publishing the new cert just to keep things clean. We don't have a lot of space turnover so we will typically do a new cert 2 or 3 times a year. If your underlying resources are pretty much static, just make your cert good for as long as you can. On Fri, Sep 9, 2022, 9:08 AM Ca By wrote: > > > On Fri, Sep 9, 2022 at 9:04 AM Brad Gorman wrote: > >> A message is sent to points of contact of an Org one month before >> expiration of a ROA in the ARIN repository. At any time prior to the ROA >> expiry, a new (duplicate) ROA can be created for the same resources with a >> new expiry date in the future. The soon to expire ROA can be deleted once >> the new ROA has been published to the repository or you can simply wait for >> it to expire. >> >> >> >> >> >> Brad >> >> > Any chance arin can post a step by step guide on the arin website? > > Seems like a big deal to have an roa expire, and a well documented process > will create a lot of confidence. > > As where an expired roa outage will cause a company to never use rpki > again. > >> >> >> *From: *NANOG on behalf of Ca >> By >> *Date: *Friday, September 9, 2022 at 10:12 AM >> *To: *John Sweeting >> *Cc: *North American Network Operators' Group >> *Subject: *Re: ROA Will Expire Soon - ARIN >> >> >> >> >> >> >> >> On Fri, Sep 9, 2022 at 5:21 AM John Sweeting wrote: >> >> You can contact the ARIN Helpdesk at +1-703-227-0660. Someone will also >> be sending you an email off list. >> >> >> >> John >> >> >> >> Where is ARIN’s documented procedure for how hosted ROAs handle renewal >> prior to expiration ? >> >> >> >> >> >> >> Sent from my iPhone >> >> > On Sep 9, 2022, at 8:01 AM, Terrance Devor wrote: >> > >> > >> > Can someone from ARIN please reach out to me. We don't want the ROA to >> expire... >> > >> > Kind Regards, >> > Terrance >> >>
Re: cogent - Sales practices
Two current experiences . . . I still do work with an ILEC that gets requests for waves to Cogent. Cogent has a data center in the market but won't allow the ILEC to build in. So Cogent burns ports in another data center where Cogent pays for space and power. Cogent reps says no one gets anything for free. Had a recent event with Meta for the small market ixp deployment. The use, just use, Cogent for connectivity /fill. And a plan . . . Order up 10g Global peer exchange ports from them. They are free. Maybe if they sell enough of those they will have to spend more of their dollars.
Re: Akamai Peering
Akamai isn't supporting 10g ports on IXPs. I'd be surprised if the allowed it on PNIs. As for not being on the IXPs, that's odd. On Tue, Jul 26, 2022 at 8:23 AM Jawaid Bazyar wrote: > Hi, > > > > We had Akamai servers in our data center for many years until a couple > years ago, when they said they’d changed their policies and decommissioned > the servers. > > > > I understand that, maintaining many server sites and being responsible for > that hardware, even if you pay nothing for power or collocation, must be > costly. And at the time, we didn’t have much traffic to them. > > > > Today, however, we’re hitting 6 Gbps with them nightly. Not sure what > traffic it is they’re hosting but it’s surely video of some sort. > > > > We are in the same data center with them, Edgeconnex Denver, and they > refuse to peer because they say their minimum traffic level for peering is > 30 Gbps. > > > > Their peeringdb entry says “open peering”, and in my book that’s not open > peering. > > > > So this seems to be exactly backward from where every other major content > provider is going – free peering with as many eyeball networks as possible. > > > > Google – no bandwidth minimum, and, they cover costs on 1st and every > other cross connect > > Amazon – peers are two Denver IX > > Apple – peers at two Denver IX > > Netflix – free peering everywhere > > > > And, on top of that, Akamai is not at either of the two Denver exchange > points, which push together probably half a terabit of traffic. > > > > What is the financial model for Akamai to restrict peering this way? > Surely it’s not the 10G ports and optics, which are cheap as dirt these > days. > > > > Doesn’t this policy encourage eyeballs to move this traffic to their > cheapest possible transit links, with a potential degradation of service > for Akamai’s content customers? > > > > Thanks for the insight, > > > > Jawaid > > > > > > *[image: uc%3fid=1CZG_hGEeUP_KD95fSHu2oBRA_6dkOo6n]* > > *Jawaid Bazyar* > > Chief Technical Officer > > VERO Broadband > > [image: signature_3735065359] > > 303-815-1814 > > [image: signature_3363732610] > > jbaz...@verobroadband.com > > [image: signature_60923] > > https://verobroadband.com > > [image: signature_4057438942] > > 2347 Curtis St, Denver, CO 80205 > > >
Re: LEC copper removal from commercial properties
Saw this https://www.nojitter.com/consultant-perspectives/decommissioning-copper-gets-real
Re: LEC copper removal from commercial properties
Do MSOs and CLEC/fiber providers require free power and space? On Wed, Feb 16, 2022, 7:59 PM Martin Hannigan wrote: > > NANOG'ers; > > At least in Boston, commercial property owners are receiving notices that > 'copper lines are being removed per FCC rules' and replaced with fiber. > The property owner, not the network operators (or users of unbundled > elements if that's even still a thing) are being presented with an > agreement that acknowledges the removal, authorizes the fiber installation > and provides for a minor oversight of the design. It suggests that no costs > are involved in terms of hosting equipment. No power reimbursement. No rent > for spaces used. > > There is an ominous paragraph in the letter that says if the property > owner doesn't comply that tenants will lose all services including elevator > phones, alarms, voice, internet and any copper/ds0 originated services. > They didn't say 911, but that would go without saying. > > Has anyone heard of this? > What FCC rule requires this? > > Thanks for any insights. > > Warm regards, > > Martin >
Re: 25G SFP28 capable of rate-adaption down to 1G?
We have done that with a CVR and 1g sfp. On 1/31/2022 11:05 AM, Bill Woodcock wrote: Hey, does anyone know of an SFP28 capable of rate-adapting down from 25G on the cage side down to 1G on the line side? Can be copper or fiber on the line side, I don’t care, my interest is in the chip inside. Thanks, -Bill
Re: an IP hijacking attempt
RPKI can be very useful to mitigate an attempt. I used to process IP LOAs all the time. I never saw a RR attached but usually we did a check against the RIR just to make sure (because we made access-list per interface as well) On 3/9/2021 1:42 PM, Mel Beckman wrote: Not everyone uses RRs, and there is also the possibility that their upstream would register it. Having an RR doesn’t seem definitive either way. I can see reasons to wait on the RR until ready to receive traffic. -mel via cell On Mar 9, 2021, at 11:14 AM, Brian Turnbow wrote: If they had a route record that was close, I Would give them the benefit of doubt. They do not however as the only records start with 217. And our IPs are 45. So It Is very strange. Would you send a LOA without a route record? Brian Turnbow *Da:* Mel Beckman *Inviato:* martedì 9 marzo 2021 19:17 *A:* Brian Turnbow *Cc:* North American Network Operators' Group *Oggetto:* Re: an IP hijacking attempt It could just be a typo on the LOA. It seems unlikely any ISP would approve a forged LOA that could readily be debunked by contacting the IP space owner. The whole point of LOA’s is to facilitate this verification. -mel via cell > On Mar 9, 2021, at 10:01 AM, Brian Turnbow via NANOG wrote: > > Hello everyone, > > We received a strange request that I wanted to share. > An email was sent to us asking to confirm a LOA from a diligent ISP. > The Loa was a request to open bgp for an AS , that is not ours, to announce a /23 prefix that is ours. > So basically this entity sent to their upstream a request to announce a prefix from one our allocated ranges. > We have the allocation correctly registered and ROAs in place , but it is worrisome that someone would attempt this. > Obviously we have informed the ISP that the LOA is not valid and are trying to contact the originating party. > Aside from RIRs for the offending AS and our IPs, Is there anywhere to report this type of activity? > We have dealt with hijacking technically speaking in the past but this is the first time, to my knowledge, of someone forging a LOA with our IPs. > > Thanks in advance for any advice > > Brian > > P.S. a big thanks to Chris for checking the boxes before activating the filter if you are on the list! > > > >
Re: Global Peer Exchange
> You take down a 10g connection and they bill each side $.2 a meg, 95th > percintile billing. VLAN between the two sites. Both sites have to have a > different AS number. So if you want to move 1g of data, 95th percentile, > between 2 datacenters I guess it has some utility at $400 a gig effective > pricing. I can't beleive it is a great money maker for them. Oh and it's > Cogent and they say they can't give you above 1500 mtu. ~P
Re: AT - INET Data Caps
Yes this is common business practice for almost all of the MSOs. On Mon, Nov 30, 2020 at 9:45 AM Thomas Yarger wrote: > Hello All, > > This past week when I was helping my father perform some home networking, > I called AT to get a newer Arris router and they mentioned that if I were > to upgrade his service, he would fall under a 1 TB data cap for home > internet. Is this just in FL or have others seen similar restrictions with > AT? Thanks! > > -- > Thanks, > > Thomas Yarger > >
Fwd: Phoenix-IX Contact
still trying to post . . . Forwarded Message Subject:Re: Phoenix-IX Contact Date: Mon, 16 Nov 2020 13:15:34 -0700 From: Paul Emmons To: nanog@nanog.org Hello All! I've been out of the loop here and but have some updates. There was a change last spring and I moved on to other projects. But that hasn't worked out for the IX. I have regained access to all of the elements, including the email and voip. Let me reach out to each of you offline in the coming days. I have been able to reach out to a few locals that are willing to help get the project back up to where it needs to be. If I haven;t reached out to you in the next 48 hours or you have something urgent, please reach out to me here (my personal email) or via the Phoenix-IX Contacts peer...@phoenix-ix.net +1 602 688-6414 ~Paul Emmons On 11/16/2020 12:23 PM, Neil Hanlon wrote: While I agree it is objectively irresponsible to abandon a project without passing it to another, I think that possibly in this situation we don't know all the details? 2020 has been a difficult year for everyone. Perhaps Paul (and whomever else may be responsible for Phoenix-IX) were subject to things this year beyond their control which led them to be unable to work on the project and unable to transfer it, either.. unfortunate, yes.. but not malicious surely. If Paul _is_ reading these messages.. I think support is the best path forward.. If there are things that can be done to assist/take over the IX... maybe that would help (as you, Kate, had offered towards the beginning of this all). Though of course, the first step is _reaching_ them... Maybe this can be turned into a "win" for everyone. So: Paul/Phoenix-IX -- let the NANOG community know how they/we can help. -- Neil On Mon, Nov 16, 2020 at 2:05 PM Kate Gerry <mailto:kge...@outlook.com>> wrote: An update on my side, we reached out to PhoenixNAP, one of the Phoenix-IX's vendors. PhoenixNAP reached out all of their contacts at Phoenix-IX and have received no response. They are in as much of the dark as the rest of us. I feel like I'm on the Ghost ship Phoenix-IX. What I don't understand, is how somebody could abandon a project without passing it to another person or entity. This is extremely irresponsible. — Kate On Nov 12, 2020, at 05:11, Marcus Josephson mailto:mjoseph...@inap.com>> wrote: I tried to get a link to PHX-IX for months. Never heard back from them, went with Digital Realty Phoenix *From:*NANOG mailto:nanog-bounces+mjosephson=inap@nanog.org>>*On Behalf Of*Kate Gerry *Sent:*Tuesday, November 10, 2020 11:06 AM *To:*Matt Hoppes mailto:mattli...@rivervalleyinternet.net>> *Cc:*nanog@nanog.org <mailto:nanog@nanog.org> list mailto:nanog@nanog.org>> *Subject:*Re: Phoenix-IX Contact Matt, I am running on a huge assumption here, but I think Phoenix-IX runs on donated infrastructure. From what I recall, there was only an NRC to join Phoenix-IX. And in regards to Walt's suggestion, it looks like HE already started one with Stellar Technologies. https://48ix.net <https://48ix.net/> but it is only in a single facility. So until that IX grows, both in peers and footprint, I'm stuck on Phoenix-IX. I have wondered what happens if a participant storms the IX. Will somebody appear? Because attempts to reach their NOC/peering handles has resulted in a lack of response. I also wonder how the other Ninja-IX exchanges are running, I haven't heard anything about them, is there the same lack of communication? Or do those have a local staff? — Kate On Nov 10, 2020, at 06:15, Matt Hoppes mailto:mattli...@rivervalleyinternet.net>> wrote: How is the IX still running? Surely someone must be paying colo rent? On 11/10/20 9:03 AM, Eric Kuhnke wrote: Always a good time for network operators to consider the risks of having any one person as a single point of failure for something kind of important: https://en.wikipedia.org/wiki/Bus_factor <https://en.wikipedia.org/wiki/Bus_factor> Disaster recovery and continuity of business plans should always include the concept of what if some percentage of the key team members were to be suddenly unavailable permanently (the Malaysian airline incident, for example). On Mon, Nov 9, 2020 at 8:08 PM Kate Gerry mailto:kge...@outlook.com <mailto:kge...@outlook.com%20%3cmailto:kge...@outlook.com>>> wrote: Is there anybody else even there? I thought that it was all Paul's show! If I was able to (as in, had access to), I would offer to help/run
Re: Phoenix-IX Contact
Hello All! I've been out of the loop here and but have some updates. There was a change last spring and I moved on to other projects. But that hasn't worked out for the IX. I have regained access to all of the elements, including the email and voip. Let me reach out to each of you offline in the coming days. I have been able to reach out to a few locals that are willing to help get the project back up to where it needs to be. If I haven;t reached out to you in the next 48 hours or you have something urgent, please reach out to me here (my personal email) or via the Phoenix-IX Contacts peer...@phoenix-ix.net +1 602 688-6414 ~Paul Emmons On 11/16/2020 12:23 PM, Neil Hanlon wrote: While I agree it is objectively irresponsible to abandon a project without passing it to another, I think that possibly in this situation we don't know all the details? 2020 has been a difficult year for everyone. Perhaps Paul (and whomever else may be responsible for Phoenix-IX) were subject to things this year beyond their control which led them to be unable to work on the project and unable to transfer it, either.. unfortunate, yes.. but not malicious surely. If Paul _is_ reading these messages.. I think support is the best path forward.. If there are things that can be done to assist/take over the IX... maybe that would help (as you, Kate, had offered towards the beginning of this all). Though of course, the first step is _reaching_ them... Maybe this can be turned into a "win" for everyone. So: Paul/Phoenix-IX -- let the NANOG community know how they/we can help. -- Neil On Mon, Nov 16, 2020 at 2:05 PM Kate Gerry <mailto:kge...@outlook.com>> wrote: An update on my side, we reached out to PhoenixNAP, one of the Phoenix-IX's vendors. PhoenixNAP reached out all of their contacts at Phoenix-IX and have received no response. They are in as much of the dark as the rest of us. I feel like I'm on the Ghost ship Phoenix-IX. What I don't understand, is how somebody could abandon a project without passing it to another person or entity. This is extremely irresponsible. — Kate On Nov 12, 2020, at 05:11, Marcus Josephson mailto:mjoseph...@inap.com>> wrote: I tried to get a link to PHX-IX for months. Never heard back from them, went with Digital Realty Phoenix *From:*NANOG mailto:nanog-bounces+mjosephson=inap@nanog.org>>*On Behalf Of*Kate Gerry *Sent:*Tuesday, November 10, 2020 11:06 AM *To:*Matt Hoppes mailto:mattli...@rivervalleyinternet.net>> *Cc:*nanog@nanog.org <mailto:nanog@nanog.org> list mailto:nanog@nanog.org>> *Subject:*Re: Phoenix-IX Contact Matt, I am running on a huge assumption here, but I think Phoenix-IX runs on donated infrastructure. From what I recall, there was only an NRC to join Phoenix-IX. And in regards to Walt's suggestion, it looks like HE already started one with Stellar Technologies. https://48ix.net <https://48ix.net/> but it is only in a single facility. So until that IX grows, both in peers and footprint, I'm stuck on Phoenix-IX. I have wondered what happens if a participant storms the IX. Will somebody appear? Because attempts to reach their NOC/peering handles has resulted in a lack of response. I also wonder how the other Ninja-IX exchanges are running, I haven't heard anything about them, is there the same lack of communication? Or do those have a local staff? — Kate On Nov 10, 2020, at 06:15, Matt Hoppes mailto:mattli...@rivervalleyinternet.net>> wrote: How is the IX still running? Surely someone must be paying colo rent? On 11/10/20 9:03 AM, Eric Kuhnke wrote: Always a good time for network operators to consider the risks of having any one person as a single point of failure for something kind of important: https://en.wikipedia.org/wiki/Bus_factor <https://en.wikipedia.org/wiki/Bus_factor> Disaster recovery and continuity of business plans should always include the concept of what if some percentage of the key team members were to be suddenly unavailable permanently (the Malaysian airline incident, for example). On Mon, Nov 9, 2020 at 8:08 PM Kate Gerry mailto:kge...@outlook.com <mailto:kge...@outlook.com%20%3cmailto:kge...@outlook.com>>> wrote: Is there anybody else even there? I thought that it was all Paul's show! If I was able to (as in, had access to), I would offer to help/run with the IX. I may live in California, but it's a realistic car trip back and forth to Phoenix. -- Kate
Phoenix IX down/gone?
VoIP is up and running but the web site server crashed. Currently restoring server. Voice number 602 688-6414 ~Paul
