Re: dumb question: are any of the RIR's out of IPv4 addresses?

2021-02-16 Thread Rubens Kuhl
On Tue, Feb 16, 2021 at 8:06 PM Michael Thomas wrote: > > Basically are there places that you can't get allocations? If so, what > is happening? > > In LAC region (LACNIC, NIC.br and NIC.mx), the controlled depletion phases are now complete and the RIR reached 0 available IPv4 addresses,

Re: Past policies versus present and future uses

2021-01-25 Thread Rubens Kuhl
On Mon, Jan 25, 2021 at 1:28 PM Rob McEwen wrote: > > A take on the 1979 movie "When A Stranger Calls" - "have you checked the > children?" becomes "have you checked the IP registration?" > > [image: Have you checked the IP registration?] > > > The vast majority of the time, Ron Guilmette does

Re: Newbie Questions: How-to remove spurious IRR records (and keep them out for good)?

2020-10-30 Thread Rubens Kuhl
YMMV, but my take: 1 - You should worry a little, but not much. Filters allowing unwanted announcements might be created using these erroneous IRR records, but they won't do any damage by themselves. An actual wrong BGP announcement is required for any damage to happen, and even without those IRR

Re: Does anyone actually like CenturyLink?

2020-09-03 Thread Rubens Kuhl
The only ones that like CL are the ones with no options. CL is now an operational threat to the whole Internet due to their hours-long time to withdraw routes, something that having other providers or not being a direct customer doesn't prevent. The outage that happened, while long, was the type

Re: atmark trading

2020-08-22 Thread Rubens Kuhl
On Sat, Aug 22, 2020 at 5:45 PM Mike Hale wrote: > > I've found it useful to email management if certain sales people refuse to > stop contacting you. My experience is that management of spammer companies tries arguing it's not spam instead of changing practices. And this includes so-called

Re: SaoPaolo to Frankfurt

2020-07-13 Thread Rubens Kuhl
On Mon, Jul 13, 2020 at 12:01 PM Mark Tinka wrote: > > > On 12/Jul/20 17:19, Rubens Kuhl wrote: > > > > Alternative routes before EllaLink comes into operation would be one of > the Brazil-Africa cables (one to Cameroon, the other to Angola) and then to > Europe. >

Re: SaoPaolo to Frankfurt

2020-07-12 Thread Rubens Kuhl
On Sun, Jul 12, 2020 at 12:06 PM Max Tulyev wrote: > Hi All! > > Who can provide a VLAN from SaoPaolo to Frankfurt for remote IX.BR > participation? Please contact me off-list. > > I see there is only one undersea cable going directly from Brazil to > Europe. Why? > And this single cable,

Re: Layer 3 Switches

2020-06-29 Thread Rubens Kuhl
> > I've liked the price of the Ubiquiti switches I've seen, but haven't gotten > to play with them, and based on their EdgeRouter line, am not sure about > their maturity either. > > A switch's maturity is much more dependent on hardware while a router is much more dependent on software, so I

Re: RDAP snapshots

2020-06-27 Thread Rubens Kuhl
I don't see any RIR approving a bulk WHOIS request on a weekend alone, but the way is like this: https://www.arin.net/reference/research/bulkwhois/ Rubens On Sat, Jun 27, 2020 at 3:43 PM Lars Prehn wrote: > Hi everyone, > > Is there a "fast" way to obtain a snapshot of the RDAP databases from

Re: 60 ms cross-continent

2020-06-21 Thread Rubens Kuhl
> > This is a nice plot for a movie, but not how HFT is really done. It's so > > much easier to colocate on the same datacenter of the exchange and run > > algorithms from there; while those algorithms need humans to guide their > > strategy, the human thought process takes a couple of seconds

Re: 60 ms cross-continent

2020-06-21 Thread Rubens Kuhl
On Sat, Jun 20, 2020 at 5:05 PM Marshall Eubanks wrote: > This was also pitched as one of the killer-apps for the SpaceX > Starlink satellite array, particularly for cross-Atlantic and > cross-Pacific trading. > > >

Re: RPKI race

2020-06-16 Thread Rubens Kuhl
Any default route to a non-ROV enabled upstream ? Do you receive the test prefix from more than one upstream and the previous test success could be a function of upstream ROV ? Rubens On Tue, Jun 16, 2020 at 8:35 PM Baldur Norddahl wrote: > Hello > > I noticed that we regressed and started

Re: Curious Cloudflare DNS behavior

2020-05-30 Thread Rubens Kuhl
> > > > Outsourcing stuff like DNS is just a continuation of the trend of sending > your workloads onto someone else's cloud. It seems easy -- right up until > it isn't working the way you want it to. > > Outsourcing DNS recursion isn't a good trade-off IMHO, but outsourcing threat blocking via

Re: "Is BGP safe yet?" test

2020-04-21 Thread Rubens Kuhl
On Tue, Apr 21, 2020 at 1:10 PM Matt Corallo via NANOG wrote: > That’s an interesting idea. I’m not sure that LACNIC would want to issue a > ROA for RIPE IP space after RIPE issues an AS0 ROA, though. And you’d at > least need some kind of time delay to give other RIRs and operators and > chance

Re: "Is BGP safe yet?" test

2020-04-20 Thread Rubens Kuhl
On Mon, Apr 20, 2020 at 3:37 PM Denys Fedoryshchenko < nuclear...@nuclearcat.com> wrote: > There is simple use case that will prove this page is giving false > positive > for their "name" strategy. > Any AS owner with default route only (yes it happens a lot) users will > get: > "YOUR ISP

Re: COVID-19 vs. our Networks

2020-03-16 Thread Rubens Kuhl
> > > > > > As readier as the Internet is today, part of the mega spread of the > > fallout from the Coronavirus is because information is not only > > traveling way faster, a lot of it is also not (necessarily) verified or > > moderated before being shared with is consumers. > > > There is no

Re: COVID-19 vs. our Networks

2020-03-13 Thread Rubens Kuhl
On Thu, Mar 12, 2020 at 3:46 PM g...@1337.io wrote: > With talk of there being an involuntary statewide (WA) and then national > quarantines (house arrest) for multiple weeks, has anyone put thought into > the impacts of this on your networks if/when this comes to fruition? > > We're already

Re: DNS Recursive Operators: Please enable QNAME minimization (RFC7816) for the enhanced privacy of your users

2020-03-11 Thread Rubens Kuhl
On Tue, Mar 10, 2020 at 5:30 PM Owen DeLong wrote: > For anyone considering enabling DOH, I seriously recommend reviewing Paul > Vixie’s keynote at SCaLE 18x Saturday morning. > > https://www.youtube.com/watch?v=artLJOwToVY > > It contains a great deal of food for thought on a variety of forms

Re: China’s Slow Transnational Network

2020-03-03 Thread Rubens Kuhl
On Tue, Mar 3, 2020 at 3:23 PM Jakob Heitz (jheitz) via NANOG < nanog@nanog.org> wrote: > I can corroborate that. I visited China in August 2019 and had terrible > internet performance to sites outside of China. This was both with mobile > and wifi at the homes of two friends, one in Heilongjiang

Re: DDoS Mitigation Survey

2020-01-20 Thread Rubens Kuhl
On Mon, Jan 20, 2020 at 12:49 PM Jean | ddostest.me via NANOG < nanog@nanog.org> wrote: > uRPF loose or strict. > > Which ISP supports it? > > So far, I found none through public information. > > With all IPv4 space converging to being allocated, loose uRPF is almost useless at this point, or

Re: FYI - Suspension of Cogent access to ARIN Whois

2020-01-10 Thread Rubens Kuhl
On Fri, Jan 10, 2020 at 12:17 PM Tom Hill wrote: > On 09/01/2020 17:09, Rubens Kuhl wrote: > > But at least Cogent is not a security and/or anti-spam vendor (or is > > it?). A security services company (iThreat) spammed all IANA gTLD > > contacts this week, with the ever la

Re: FYI - Suspension of Cogent access to ARIN Whois

2020-01-09 Thread Rubens Kuhl
> > Will Cogent stop pestering the community with illicitly harvested > contact information? Will they switch to more nefarious tactics? Who > knows... Everyone likes having money, after-all. > > But at least Cogent is not a security and/or anti-spam vendor (or is it?). A security services company

Re: ICANN extracts $20m signing fee for $1bn dot-com price increases and guess who's going to pay for it?

2020-01-07 Thread Rubens Kuhl
On Tue, Jan 7, 2020 at 10:58 PM Keith Medcalf wrote: > > On NANOG list , Dan Hollis > wrote: > > >https://www.theregister.co.uk/2020/01/07/icann_verisign_fees/ > > Operator of the dot-com registry, Verisign, has decided to pay DNS > overseer ICANN $4m a year for the next five years in order to

Re: Starting to Drop Invalids for Customers

2019-12-11 Thread Rubens Kuhl
On Wed, Dec 11, 2019 at 12:16 PM Christopher Morrow wrote: > On Wed, Dec 11, 2019 at 5:52 AM Rubens Kuhl wrote: > > > > > >> > >> > Which brings me to my favorite possible RPKI-IRR integration: a ROA > that says that IRR objects on IRR source x with maint

Re: Starting to Drop Invalids for Customers

2019-12-11 Thread Rubens Kuhl
> > > Which brings me to my favorite possible RPKI-IRR integration: a ROA that > says that IRR objects on IRR source x with maintainer Y are authoritative > for a given number resource. Kinda like SPF for BGP. > > > > Is this required? or a crutch for use until a network can publish all > of their

Re: Starting to Drop Invalids for Customers

2019-12-10 Thread Rubens Kuhl
> > RPKI ROAs (compared to IRR objects) carry different meaning: the existence > of a ROA (both by definition and common implementation) supersedes other > data sources (IRR, LOAs, or comments in whois records, etc), and as such > can be used on any type of EBGP session for validation of the

Re: AT released DANOS code to Linux Foundation

2019-11-18 Thread Rubens Kuhl
On Mon, Nov 18, 2019 at 5:55 PM Brielle wrote: > On 11/18/2019 1:31 PM, Jared Geiger wrote: > > This past Friday, the code for DANOS was released as open source to the > > Linux Foundation and published at https://github.com/danos > > This is pretty awesome news. > > From what I'm reading, it

Re: RPKI adoption (was: Re: Corporate Identity Theft: Azuki, LLC -- AS13389, 216.179.128.0/17)

2019-08-14 Thread Rubens Kuhl
On Wed, Aug 14, 2019 at 1:09 PM John Curran wrote: > On 14 Aug 2019, at 11:15 AM, Valdis Klētnieks > wrote: > > > > On Wed, 14 Aug 2019 02:42:09 -, John Curran said: > > > >> You might want want to ask them why they are now a problem when they > weren’t > >> before (Also worth noting that

Re: Mx204 alternative

2019-08-07 Thread Rubens Kuhl
If it's not for an US company, then a Huawei NE-20 could be in order. The entry model fits 2U. Rubens On Thu, Aug 8, 2019 at 12:04 AM Mehmet Akcin wrote: > Greetings, > > I am looking for some suggestions on alternatives to mx204. > > Any recommendations on something more affordable which

Re: User Unknown (WAS: really amazon?)

2019-08-04 Thread Rubens Kuhl
On Sun, Aug 4, 2019 at 5:17 AM Scott Christopher wrote: > John Curran wrote: > > ... > > As I have noted previously, I have zero doubt in the enforceability of the > ARIN registration services agreements in this regard – so please carefully > consider proposed policy both from the overall

Re: Puerto Rico Internet Exchange

2019-07-06 Thread Rubens Kuhl
It would be interesting if ICANN, Verisign and Afilias were able to join the IX as well making the root and .com/.net/.org/.pr zones available even if the island is cut off from the globe. There is so much fixation in bits per second while IX'es are resiliency tools, more than bandwidth saving

Re: NTP question

2019-05-01 Thread Rubens Kuhl
On Wed, May 1, 2019 at 9:56 PM William Herrin wrote: > On Wed, May 1, 2019 at 5:48 PM Keith Medcalf wrote: > >> If you have one such installation, then you really do not care about the >> "accuracy" of the time. However if you have multiple such installations >> then you want them all to have

Re: NTP question

2019-05-01 Thread Rubens Kuhl
Perhaps using a rubidium source instead of GPS ? The actual time can be obtained thru NTP, all you actually need is a precision source to keep time accurate thereafter. Rubens On Wed, May 1, 2019 at 4:24 PM Mehmet Akcin wrote: > hey there Nanog, > > I am trying to buy a GPS based NTP server

Re: Looking for a AS15169 Google contact to update their PeeringDB records

2019-03-13 Thread Rubens Kuhl
While I hope you get the contact you asked for, you can use IX.br communities to manipulate how your route announcement reaches them or not, so that even with the lack of other network cooperation, you might be able to achieve your goals. Rubens On Thu, Mar 14, 2019 at 12:43 PM Siyuan Miao

Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking

2019-02-25 Thread Rubens Kuhl
On Tue, Feb 26, 2019 at 12:14 AM John Levine wrote: > In article <24679.1551146...@turing-police.cc.vt.edu> you write: > >So what registries/registrars are supporting 2FA that's better than SMS? > > Opensrs does TOTP. It's certainly not bulletproof, but it's tied to > your actual phone rather

Re: CenturyLink

2018-12-29 Thread Rubens Kuhl
On Fri, Dec 28, 2018 at 9:24 PM Yang Yu wrote: > On Fri, Dec 28, 2018 at 12:05 AM Stephane Bortzmeyer > wrote: > > Is this problem also responsible for the 911 outage? If so, the > > post-mortem analysis is not useful only for CenturyLink customers but > > for everyone on the west coast. > >

Re: Network instability 12956 <=> 18881

2018-12-21 Thread Rubens Kuhl
They are both Telefónica operations; 12956 is TIWS/Telxius, 18881 is a CLEC they bought a few years ago, previously known as GVT. Could be a cable cut in SAM-1, the submarine fiber system operated by Telxius (the cable is also known as Emergia). Rubens On Fri, Dec 21, 2018 at 6:24 PM Jared

Re: TIMELY - Nominations close today at 5PM ET for NRO Number Council position

2018-07-31 Thread Rubens Kuhl
Only hat-wearing candidates may apply, otherwise ICANN will have 1 less hat. Rubens Em ter, 31 de jul de 2018 11:56, John Curran escreveu: > Folks - > > Nominations are still being accepted until 5:00 PM EDT today, Tuesday, 31 > July 2018 for candidates from the ARIN region to fill one seat on

Re: IPv6 faster/better proof? was Re: Need /24 (arin) asap

2018-06-11 Thread Rubens Kuhl
On Mon, Jun 11, 2018 at 6:29 PM Job Snijders wrote: > I suspect that this may not be an apples to apples comparison. > > Perhaps lack of IPv6 is more prevalent in rural areas with poorer > connectivity to the rest of the Internet? Perhaps both these CDNs > serve content for different types of

Re: VPOP/Equipment rental contacts for any DC of IX.br / PTT.br Fortaleza

2018-06-07 Thread Rubens Kuhl
If you think the DC itself will be able to help, the contacts for DCs in IX.br @ Fortaleza are: http://ix.br/adesao/ce Of the listed DCs, Eletronet is the more likely to have STM-1 gear, since they used STM-n in their fiber ring for a long time. Globenet connection to IX.br is still under

Re: ICANN GDPR lawsuit

2018-06-05 Thread Rubens Kuhl
On Tue, Jun 5, 2018 at 4:31 PM, McBride, Mack wrote: > PeeringDB is already 100% opt-in. > Domain registration is also opt-in, and still registrars, registries and ICANN have to change things to comply with GDPR. Rubens

Re: ICANN GDPR lawsuit

2018-06-04 Thread Rubens Kuhl
On Mon, Jun 4, 2018 at 9:34 PM, Dan Hollis wrote: > On Mon, 4 Jun 2018, Rubens Kuhl wrote: > >> On Fri, Jun 1, 2018 at 1:56 AM, Hank Nussbacher >> wrote: >> Usually, identifying attackers at other online services is a duty on RIR >> directories, and even the RIPE

Re: ICANN GDPR lawsuit

2018-06-04 Thread Rubens Kuhl
On Fri, Jun 1, 2018 at 1:56 AM, Hank Nussbacher wrote: > On 31/05/2018 21:44, John Peach wrote: > > On 05/31/2018 02:37 PM, Dan Hollis wrote: > >> On Thu, 31 May 2018, b...@theworld.com wrote: > >>> FWIW a German court has just ruled against ICANN's injunction and in > >>> favor of Tucows/EPAG.

Re: Impacts of Encryption Everywhere (any solution?)

2018-05-28 Thread Rubens Kuhl
On Mon, May 28, 2018 at 1:55 PM, Keith Medcalf wrote: > > >I'm also not foolish enough to think this thread will affect the > >encrypt-everything crowd as it is more of a religion\ideology than a > >practical matter. However, maybe it'll shed some light on technical > >ways of dealing with this

Re: Curiosity about AS3356 L3/CenturyLink network resiliency (in general)

2018-05-20 Thread Rubens Kuhl
CenturyLink bought Level 3, which bought Global Crossing, which bought Impsat; this makes every market unique, for the good and bad of it. What I have as a customer feeling is that Global Crossing was the most quality-minded of the 4, while the other 3 is/were more "take what we give you and shut

Re: Is WHOIS going to go away?

2018-04-25 Thread Rubens Kuhl
On Wed, Apr 25, 2018 at 2:47 PM, Rob McEwen wrote: > On 4/25/2018 11:39 AM, Aaron C. de Bruyn via NANOG wrote: > >> don't happen if I use private registration >> > > > SUGGESTION: Initially register with private registration - then change it > to regular non-hidden

Re: Is WHOIS going to go away?

2018-04-20 Thread Rubens Kuhl
On Fri, Apr 20, 2018 at 7:38 PM, Mark Andrews wrote: > Whois contact details need to work so you can contact the zone owner when > the DNS is broken for the zone. > > Publishing Whois data in the zone does not work for this purpose. > > This is not to discount other reasons for

Re: Is WHOIS going to go away?

2018-04-20 Thread Rubens Kuhl
On Fri, Apr 20, 2018 at 6:35 PM, Aaron C. de Bruyn via NANOG < nanog@nanog.org> wrote: > On Fri, Apr 20, 2018 at 2:27 PM Naslund, Steve > wrote: > > > They did not in fact have the "right" to publish those pamphlets. > > > Now we're way off-topic, but our constitution

Re: Is WHOIS going to go away?

2018-04-20 Thread Rubens Kuhl
On Fri, Apr 20, 2018 at 4:10 PM, wrote: > > On April 20, 2018 at 12:03 oscar.vi...@gmail.com (Tei) wrote: > > Maybe a good balance for whois is to include organization information > > so I know where a website is hosted, but not personal information, so > > I can't show in

Re: Is WHOIS going to go away?

2018-04-18 Thread Rubens Kuhl
On Wed, Apr 18, 2018 at 5:51 PM, Florian Weimer wrote: > * Filip Hruska: > > > On 04/14/2018 07:29 PM, Florian Weimer wrote: > >> * Filip Hruska: > >> > >>> EURID (.eu) WHOIS already works on a basis that no information about > the > >>> registrant is available via standard

Re: Is WHOIS going to go away?

2018-04-14 Thread Rubens Kuhl
On Sat, Apr 14, 2018 at 6:46 PM, wrote: > > GDPR only has jurisdiction over individuals who are citizens of > countries which are members of the EU. About 27 countries out of > almost 200 in this world. And companies which manage that data and are > also within the EU's

Re: Is WHOIS going to go away?

2018-04-14 Thread Rubens Kuhl
On Sat, Apr 14, 2018 at 2:24 PM, DaKnOb wrote: > As far as IP Addresses go (and domains too), currently GDPR recognizes the > rights of individuals, not companies, which means that a company can be in > the whois query, since it does not have the right to privacy. > > My

Re: Is WHOIS going to go away?

2018-04-14 Thread Rubens Kuhl
On Sat, Apr 14, 2018 at 11:21 AM, Filip Hruska wrote: > EURID (.eu) WHOIS already works on a basis that no information about the > registrant is available via standard WHOIS. > In order to get any useful information you have to go to > https://whois.eurid.eu and make a request

Re: Is WHOIS going to go away?

2018-04-14 Thread Rubens Kuhl
On Sat, Apr 14, 2018 at 11:06 AM, Brian Kantor wrote: > There is concern that the WHOIS database service will be in violation > of the new European GDPR which takes effect May 25th, and may have > to shut down. > > http://www.theregister.co.uk/2018/04/14/whois_icann_gdpr_europe/

Re: Cloudflare 1.1.1.1 public DNS broken w/ AT CPE

2018-04-02 Thread Rubens Kuhl
On Mon, Apr 2, 2018 at 4:32 PM, Marty Strong wrote: > Do you have one? > Yes, supplied by local broadband provider Vivo. FTTH GPON connection, router with broadband and IPTV services. > Do you know what is causing it to fail? i.e. IP on internal interface etc. >

Re: Cloudflare 1.1.1.1 public DNS broken w/ AT CPE

2018-04-02 Thread Rubens Kuhl
D-Link DMG-6661 as well. Rubens On Mon, Apr 2, 2018 at 12:26 PM, Marty Strong via NANOG wrote: > So far we know about a few CPEs which answer for 1.1.1.1 themselves: > > - Pace 5268 > - Calix GigaCenter > - Various Cisco Wifi access points > > If you know of others please

Re: Nominum NS2 Reach

2018-03-06 Thread Rubens Kuhl
at 3:23 PM, <li...@as23738.net> wrote: > I found this, if it helps. Reuploaded to imgur, since not sure if > nanog-list takes attachments. > > https://i.imgur.com/waVW7zi.png > > On Tue, Mar 6, 2018, at 9:51 AM, Rubens Kuhl wrote: > > Hi there. > > > > I

Nominum NS2 Reach

2018-03-06 Thread Rubens Kuhl
Hi there. I found the available product information on NS2 Reach (Nominum) to not dive into real product behavior like if it requires every HTTP traffic to be PBR to the box, or possible deployment scenarios without intercepting all HTTP traffic. Anyone can shed a light on its workings, or point

Re: ccTLDs - Become a Registrar

2017-12-01 Thread Rubens Kuhl
http://rick.eng.br/dnssecstat/ is more on topic of we what discussing, although the monitor is interesting too. Rubens On Fri, Dec 1, 2017 at 5:35 PM, Rubens Kuhl <rube...@gmail.com> wrote: > > > On Fri, Dec 1, 2017 at 5:20 PM, Christopher Morrow < > morrowc.l

Re: ccTLDs - Become a Registrar

2017-12-01 Thread Rubens Kuhl
On Fri, Dec 1, 2017 at 5:20 PM, Christopher Morrow <morrowc.li...@gmail.com> wrote: > > > On Fri, Dec 1, 2017 at 1:45 PM, Rubens Kuhl <rube...@gmail.com> wrote: > >> >> .br also has such requirements. OpenSRS reference chart has a good hint of >> wh

Re: ccTLDs - Become a Registrar

2017-12-01 Thread Rubens Kuhl
On Fri, Dec 1, 2017 at 4:24 PM, Ryan Finnesey wrote: > I was wonder if anyone within the group has done this research and might > be able to save me a bit of time. I am in the process of putting together > a new Registrar and we would like complete ccTLD coverage. I know for

Re: Hurricane Maria: Summary of communication status - and lack of

2017-09-22 Thread Rubens Kuhl
On Fri, Sep 22, 2017 at 11:43 AM, Sean Donelan wrote: > > Following up - there are three cable landing stations and 9 submarine > cable systems connecting Puerto Rico. > > One of the cable landing stations experienced flooding, and shutdown its > power system affecting some

Re: any known outage in BR?

2017-05-11 Thread Rubens Kuhl
I'm not aware of a South America NOG list, and South Asia already uses SANOG... but there is one outages-like list for Brazil called Caiu (Portuguese for "dropped down") at https://eng.registro.br/mailman/listinfo/caiu) and there is a NOG list for Latin America called LACNOG at

Re: IRR database for local usage

2017-03-01 Thread Rubens Kuhl
Yeap. If you look at http://irr.net/docs/list.html , all of them list FTP sites where you can get all information in bulk, load into your IRR daemon and have a fast look-up for all that data. Rubens On Wed, Mar 1, 2017 at 7:49 AM, Nagarjun Govindraj via NANOG < nanog@nanog.org> wrote: > Hi

Re: Prepending with another ASN you don't own

2016-12-16 Thread Rubens Kuhl
Even in that case I believe you should encapsulate between two instances of your own ASN. Your example follows this but the text says only about the last one in the path, while having both last and at least one previous is better since you won't be implying that some other AS has connection to yet

Re: WHOIS Privacy & Proxy Services?

2016-11-13 Thread Rubens Kuhl
On Sun, Nov 13, 2016 at 8:36 PM, Ryan Finnesey wrote: > Is there any news out of the ICANN meeting that just concluded regarding > new policy's around WHOIS Privacy & Proxy Services? > The Implementation Review Team is just starting its work, so there won't be much news for

Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey

2016-09-23 Thread Rubens Kuhl
On Fri, Sep 23, 2016 at 2:58 PM, Grant Ridder wrote: > Didn't realize Akamai kicked out or disabled customers > http://www.zdnet.com/article/krebs-on-security-booted-off- > akamai-network-after-ddos-attack-proves-pricey/ > > "Security blog Krebs on Security has been

Re: DNS Services for a registrar

2016-08-12 Thread Rubens Kuhl
On Fri, Aug 12, 2016 at 3:28 PM, Filip Hruska wrote: > Hi, > > If you are going the IaaS route, definitely checkout KnotDNS project. > According to their benchmarks [1], it does much better than other DNS > servers in about every workload. > > The problem with KnotDNS/Yadifa/NSD

Re: Speedtest.net not accessible in Chrome due to deceptive ads

2016-07-20 Thread Rubens Kuhl
On Wed, Jul 20, 2016 at 3:56 PM, David wrote: > On 2016-07-20 12:52 PM, Jacques Latour wrote: > >> In that case, for Canadians, go to http://performance.cira.ca, it's >> MLAB-NDT based and checks IPv6 and DNSSEC :-) >> >> 100% ad free >> >> > And on the flip side, refuses to

Re: New ICANN registrant change process

2016-07-07 Thread Rubens Kuhl
On Wed, Jul 6, 2016 at 11:13 PM, David Conrad <d...@virtualized.org> wrote: > Rubens, > > On Jul 6, 2016, at 2:20 PM, Rubens Kuhl <rube...@gmail.com> wrote: > >> Not sure the RPZ hammer has been brought out in force yet. I've seen a > few recommendations on variou

Re: New ICANN registrant change process

2016-07-06 Thread Rubens Kuhl
> > Not sure the RPZ hammer has been brought out in force yet. I've seen a few > recommendations on various mailing lists, but no concerted effort. > Unfortunately, there is no easy/scalable way to determine who a registrar > for a given name is, That is called RDAP, but ICANN currently blocks

Re: New ICANN registrant change process

2016-07-04 Thread Rubens Kuhl
On Mon, Jul 4, 2016 at 2:54 PM, Jay R. Ashworth wrote: > I'll go ahead and assume I wasn't the last person to get this memo > (courtesy > Lauren Weinstein's PRIVACY Digest): > > > https://opensrs.com/blog/2016/06/icanns-new-transfer-policy-will-impact-business-customers/ > > It

Re: IPv6 is better than ipv4

2016-06-02 Thread Rubens Kuhl
On Thu, Jun 2, 2016 at 11:47 AM, Ca By wrote: > > https://blogs.akamai.com/2016/06/preparing-for-ipv6-only-mobile-networks-why-and-how.html > > Wherein akamai explains a detailed study showing ipv6 is "well > over 10%" faster than ipv4 on mobile, and they reference

Re: Stop IPv6 Google traffic

2016-04-11 Thread Rubens Kuhl
On Mon, Apr 11, 2016 at 5:56 PM, Ricky Beam <jfb...@gmail.com> wrote: > On Sun, 10 Apr 2016 20:09:04 -0400, Rubens Kuhl <rube...@gmail.com> wrote: > >> If your users are seeing captchas, one or a few or them are likely to be >> infected to the point of generati

Re: Stop IPv6 Google traffic

2016-04-10 Thread Rubens Kuhl
On Sun, Apr 10, 2016 at 10:29 AM, Max Tulyev wrote: > Hi All, > > I need to stop IPv6 web traffic going from our customers to Google > without touching all other IPv6 and without blackhole IPv6 Google > network (this case my customers are complaining on long timeouts). > >

Re: Southwest Airlines captive portal

2016-02-27 Thread Rubens Kuhl
On Sat, Feb 27, 2016 at 3:26 PM, Frank Bulk wrote: > Anyone from Southwest Airlines on this list? > > On a recent flight I discovered I couldn't complete payment through PayPal > because my web browsers properly noticed that the Southwest Airlines SSL > certificate that the

Re: UDP Amplification DDoS - Help!

2016-02-08 Thread Rubens Kuhl
1. Move the website to DDoS-resistant reverse proxy like Cloudflare or Incapsula, using its current IP address; won't make much of a difference as attacker will go back to attacking the last known IP address. 2. Change the site IP address and only update it at the reverse proxy provider, not at

Re: REMINDER: LEAP SECOND

2015-07-01 Thread Rubens Kuhl
On Wed, Jul 1, 2015 at 3:17 PM, Chris Adams c...@cmadams.net wrote: Once upon a time, Mike Hammett na...@ics-il.net said: v5 is 2.4, v6 3.3.5 Don't know why a 3.3.5 kernel would have deadlocked; don't think there are any known issues that would cause that, unless there are Mikrotik

Re: REMINDER: LEAP SECOND

2015-07-01 Thread Rubens Kuhl
On Wed, Jul 1, 2015 at 10:17 AM, Mike Hammett na...@ics-il.net wrote: It looks to have only affected the CCR line and only those running the NTP and not the SNTP package. That's Mikrotik's position, but reports of some users contradict their version (both in the need for NTP and for only

Re: REMINDER: LEAP SECOND

2015-07-01 Thread Rubens Kuhl
On Wed, Jul 1, 2015 at 11:15 AM, Michel Luczak fr...@shrd.fr wrote: I had problems with Leap Second with mikrotik in versions 6.29.1, 6.28, 6.5 and other versions. Configured NTP Client in all of them. Anyone else had this problem? Apparently 6.27 was the safe version to have (no

Re: Access to nanog.cluepon.net

2015-06-16 Thread Rubens Kuhl
On Sat, Jun 6, 2015 at 2:27 PM, Frank Bulk frnk...@iname.com wrote: I'd like to update some material on nanog.cluepon.net (not very responsive to HTTP requests right now) and my account doesn't work anymore. I reached out to Richard S. but have not heard back from him - anyone else here who

Re: AS4788 Telecom Malaysia major route leak?

2015-06-14 Thread Rubens Kuhl
On Sun, Jun 14, 2015 at 9:07 PM, Mel Beckman m...@beckman.org wrote: SLAs are part of a contract, and thus only apply to the parties of the contract. There are no payments due to other parties. The Internet is a best effort network, with zero guarantees. -mel beckman Ok, I'll bite: my

Re: Open letter to Level3 concerning the global routing issues on June 12th

2015-06-13 Thread Rubens Kuhl
At 08:44 UTC on Friday 12th of June, one of your transit customers, Telekom Malaysia (AS4788) began announcing the full Internet table back to you, which you accepted and propagated to your peers and customers, causing global outages for close to 3 hours. One thing of notice is that AS

Re: Looking for a provider in Ecuador

2015-04-27 Thread Rubens Kuhl
Level 3 wholesale (former Global Crossing), Telefónica Wholesale, Tata Communications(former Teleglobe) and LANautilus(TI/Sparkle). Possible local providers could be TelcoNet (private) or CNT (government-owned). Rubens On Mon, Apr 27, 2015 at 9:15 PM, Eric C. Miller e...@ericheather.com

Re: ASN to IP Mapping

2015-03-07 Thread Rubens Kuhl
On Sat, Mar 7, 2015 at 12:37 PM, Andrew Iwamoto aiwam...@unleashed-technologies.com wrote: Is there a tool or method to determine IP blocks assigned to an organization by ASN? I.e. if I have an organization's ASN number I want to know all blocks assigned to that ASN. That's

Re: whois server features

2015-01-07 Thread Rubens Kuhl
So, you’re not running into a poorly-documented mystery, you’ve run afoul of one of the rotten armpits of the shub-Internet. So there's no consensus between NICs for the information they should have in whois and what search mechanisms they should provide? I guess what you're saying is

Re: whois server features

2015-01-07 Thread Rubens Kuhl
This is not the response I was looking for (and reading the RFC makes me feel even worse). Is there a better mechanism for querying NICs for host/owner information? There will be, one day. And the start (although not the whole journey) will be when this I-D follows the standard path all the

Re: Internet Service Providers in Bogota Colombia.

2014-12-21 Thread Rubens Kuhl
It's very likely that your family member has either ETB (local city-owned access) or Telmex Colombia. Both players have multiple technology options (ADSL and WiMAX for both, coax and fiber for Telmex Colombia), so besides replacing one for the other, it might be possible to improve access by using

Re: ASN Domain for rDNS

2014-12-10 Thread Rubens Kuhl
And considering browsers use domains to define whether to send cookies or not along a request, not having access customers on the same domain of your website is a security benefit. Rubens On Wed, Dec 10, 2014 at 3:13 AM, Kate Gerry k...@quadranet.com wrote: Short answer: I just like doing

Re: Followup: Survey results for the ARIN RPA

2014-12-08 Thread Rubens Kuhl
One could easily presume the ARIN region RPKI deployment statistics are lower as a result of the RPA situation (and no doubt that it part of the issue), but as noted earlier, it's unlikely to be the full story since we also have a region (APNIC) where RPKI deployment also rather low that

Re: Google public DNS - getting SERVFAIL for any domains delegated to GoDaddy NSs

2014-12-07 Thread Rubens Kuhl
Maybe a geo-specific issue then, which is even more weird, because it's still not working for me from two different ASs, though both in Toronto, and a traceroute makes it appear like they're not hitting the same nodes (but maybe they are). What's even more weird is I can actually resolve

Re: Why is .gov only for US government agencies?

2014-10-19 Thread Rubens Kuhl
On Sun, Oct 19, 2014 at 10:05 AM, Matthew Petach mpet...@netflight.com wrote: Wondering if some of the long-time list members can shed some light on the question--why is the .gov top level domain only for use by US government agencies? Where do other world powers put their government agency

Re: Scotland ccTLD?

2014-09-16 Thread Rubens Kuhl
On Tue, Sep 16, 2014 at 12:39 PM, Suresh Ramasubramanian ops.li...@gmail.com wrote: Alba was the ancient roman name for England, meaning white, because if the white cliffs of Dover They called Scotland Caledonia and Ireland Hibernia Scotland is named for an ancient / mythical queen named

Re: Scotland ccTLD?

2014-09-16 Thread Rubens Kuhl
On Tue, Sep 16, 2014 at 1:26 PM, David Conrad d...@virtualized.org wrote: On Sep 16, 2014, at 8:45 AM, Rubens Kuhl rube...@gmail.com wrote: Available s* include sf, sp, sq, su and sw. SF (Finland, from “Suomi Finland”) is “transitionally reserved” meaning it is allocated but will be removed

Re: Scotland ccTLD?

2014-09-16 Thread Rubens Kuhl
On Tue, Sep 16, 2014 at 8:57 PM, Masataka Ohta mo...@necom830.hpcl.titech.ac.jp wrote: What will happen to .uk if England is left alone? Will be reserved to a future United Korea if that happens... Rubens

Akamai DNS off-line contact

2014-09-09 Thread Rubens Kuhl
We are seeing a high profile DNS zone hosted at Akamai with DNSSEC algorithm mismatch (KSK is algorithm 7, ZSK is algorithm 8). If someone could contact me off-list... Rubens

Re: The Next Big Thing: Named-Data Networking

2014-09-06 Thread Rubens Kuhl
There would be a root, or multiple roots, which would respond to requests to locate who should be asked about a domain, for example if you want to know the ip address for world.std.com the conversation goes roughly: (To Root Server): Where is the COM server? (From Root Server):

Re: Akamai charges for IPv6 support?

2014-08-18 Thread Rubens Kuhl
On Mon, Aug 18, 2014 at 1:38 PM, Aaron Hopkins li...@die.net wrote: Is it normal to bill for IPv6 service as a separate product? I was surprised to hear from from my Akamai rep they they do: Hi Aaron, We can add the IPV6 service to the contract at an additional cost of $XXX/month. Please

Re: Akamai charges for IPv6 support?

2014-08-18 Thread Rubens Kuhl
On Mon, Aug 18, 2014 at 10:03 PM, Justin M. Streiner strei...@cluebyfour.org wrote: On Tue, 19 Aug 2014, Mark Andrews wrote: No, I expect it to be part and parcel of the basic fees, as IPv4 is, which I'm happy to hear it is in this case. Based on a response I saw in this thread earlier

Re: Public DNS64

2014-08-15 Thread Rubens Kuhl
On Fri, Aug 15, 2014 at 3:29 PM, Tim Durack tdur...@gmail.com wrote: Anyone know of a reliable public DNS64 service? Would be cool if Google added a Public DNS64 service, then I could point the NAT64 prefix at appropriately placed boxes in my network. Why? Other people are better than me at

  1   2   3   >