Is this in relation to the old opensource archived ElastiFlow or the new proprietary one with only
subscription options above a certain flow count? Presumably the subscription comes with some kind of
support?
I think the only option left for open source flow monitoring is the new
OK - That makes sense. For scaling a CP, it only about redundancy,
correct, but with the DP it's really about scaling up and out. But still, a
CP is no longer on the bus with the DP, nor on the network. It's on the
WAN/Internet, and latencies are orders of magnitude greater. Is anybody
doing
What is it about the architecture that makes it a preferred solution. I
get that centralizing the user databases makes sense, but why the control
plane. What benefit does that have?
-- Tom
On Wed, Mar 22, 2023 at 2:17 PM wrote:
> The CUPS makes a lot of sense for this application. Latency
Anyone have any thoughts on this CUPS thing? I have a customer asking, but
it seems the lack of CP resiliency and additional latency between the DP
and CP make this a really dumb idea. Has anyone tried it? Does it make
any sense?
Thanks!
The CUPS makes a lot of sense for this application. Latency is dependent on the
design, and equipment used. I’ve seen/done several designs for this using two
different vendors equipment and two different BNG software stacks.
When I do a design for BNG from scratch, this is how I do it now. :)
Am I correct to understand that 1.1.1.1 only does support via community forum?
They had just enough interest in the service to collect user data to
monetise, but 0 interest in trying to figure out how to detect and
solve problems?
Why not build a web form where they ask you to explain what is
Diagnosis was obscured/hindered by figuring that the most likely suspect
was the thing that changed most recently...
The upshot here is pilot error (well, control-tower) in that my ssh
access to that site was restricted to my Xfinity address. Application,
not firewall. Can't blame Verizon
If you wish to consult people on how to configure DNS, please reach
out to the responsible folk.
I am discussing a specific recursor in anycasted setup not resolving
domain and provider offering no remediation channel.
These are two entirely different classes of problem and collapsing
them into
What about the zone not having a single point of failure? Both servers
are covered by the same /24.
% dig www.moi.gov.cy @212.31.118.19 +norec +dnssec
; <<>> DiG 9.19.11-dev <<>> www.moi.gov.cy @212.31.118.19 +norec +dnssec
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY,
On Wed, 22 Mar 2023 at 15:26, Matt Harris wrote:
> When something is provided at no cost, I don't see how it can be unethical
> unless they are explicitly lying about the ways in which they use the data
> they gather.
> Ultimately, you're asking them to provide a costly service (support for
>
On Wed, 22 Mar 2023 at 16:04, Alexander Huynh via NANOG wrote:
> I'll take this feedback to our developers.
Many thanks.
> I took a look at the above tickets, and it seems that one of the egress
> ranges from that datacenter cannot connect to the authoritative
> nameservers of
Why would they need it, its free, they are not being paid to be your DNS
servers. Assuming the provider is 1.1.1.1 itself. YOUR ISP SHOULD NOT USE
1.1.1.1 or 8.8.8.8, you should run your OWN DNS servers.
If its not within your circle of influence, don’t' risk your business on it!
Hello Barry,
Thanks for your blog.
I plan to block some ports on our router, which are shown in your blog.
> Step 1 on the list …. Deploy Exploitable Port Filtering on the edge of
> your network ….
>
Some of our routers use Linux as the operating system, so I plan to use
nftables to make some
Try asking dns-operati...@lists.dns-oarc.net for someone at CloudFlare.
For what it's worth, it works for me. I'm in Troy, OH.
C:\Users\jluthman>dig www.moi.gov.cy @1.1.1.1 +short
212.31.118.26
On Wed, Mar 22, 2023 at 9:43 AM Saku Ytti wrote:
>
>
> On Wed, 22 Mar 2023 at 15:26, Matt Harris
Yes, it works in every other CF except LCA-CF. Thank you for the
additional data point.
You can use `dig CHAOS TXT id.server @1.1.1.1 +nsid` to get two
unicast identifiers for the server you got the response from.
On Wed, 22 Mar 2023 at 15:49, Josh Luthman wrote:
>
> Try asking
Matt Harris
VP OF INFRASTRUCTURE
Follow us on LinkedIn!
matt.har...@netfire.net
816-256-5446
www.netfire.com
On Wed, Mar 22, 2023 at 3:36 AM Saku Ytti wrote:
> Am I correct to understand that 1.1.1.1 only does support via community
> forum?
>
> They had just enough interest in the service to
On 2023-03-22 10:36:03 +0200, Saku Ytti wrote:
Am I correct to understand that 1.1.1.1 only does support via community forum?
The community forum is our preferred method of support, yes.
Why not build a web form where they ask you to explain what is not
working, in terms of automatically
17 matches
Mail list logo
