Sending ARP request to unicast MAC instead of broadcast MAC address?

2010-06-16 Thread Chris Woodfield
OK, this sounds Really Wacky (or, Really Hacky if you're into puns) but there's a reason for it, I swear... Will typical OSS UNIX kernels (Linux, BSD, MacOS X, etc) reply to a crafted ARP request that, instead of having FF:FF:FF:FF:FF:FF as its destination MAC address, is instead sent to the

Re: Sending ARP request to unicast MAC instead of broadcast MAC address?

2010-06-17 Thread Chris Woodfield
. :) -C On Jun 16, 2010, at 3:57 51PM, Chris Woodfield wrote: OK, this sounds Really Wacky (or, Really Hacky if you're into puns) but there's a reason for it, I swear... Will typical OSS UNIX kernels (Linux, BSD, MacOS X, etc) reply to a crafted ARP request that, instead of having

40/100GbEthernet standard ratified

2010-06-23 Thread Chris Woodfield
So let us commence the shipping of stupidly overpriced silicon...802.3ba is an official IEEE standard. http://www.businesswire.com/portal/site/home/permalink/?ndmViewId=news_viewnewsId=20100621006382newsLang=en -C

Re: XO Routing

2010-09-16 Thread Chris Woodfield
The unconfirmed chatter I'm hearing is that they were leaking peering routes to other peers. Can anyone check and confirm this? Renesys? -C On Sep 16, 2010, at 9:09 12AM, William Byrd wrote: XO Engineers are telling us that they are aware of packet loss across their network and are looking

Re: Did Internet Founders Actually Anticipate Paid, Prioritized Traffic?

2010-09-17 Thread Chris Woodfield
On Sep 17, 2010, at 6:48 02AM, Jack Bates wrote: On 9/17/2010 4:52 AM, Nathan Eisenberg wrote: True net-neutrality means no provider can have a better service than another. This statement is not true - or at least, I am not convinced of its truth. True net neutrality means no provider

Re: Did Internet Founders Actually Anticipate Paid, Prioritized Traffic?

2010-09-17 Thread Chris Woodfield
On Sep 17, 2010, at 9:23 09AM, Jack Bates wrote: Is it unfair that I pay streaming sites to get more/earlier video feeds over the free users? I still have to deal with advertisements in some cases, which generates the primary revenue for the streaming site. Why shouldn't a content

Re: RIP Justification

2010-09-29 Thread Chris Woodfield
I know of one large-ish provider that does it exactly like that - RIPv2 between POP edge routers and provider-managed CPE. In addition to the simplicity, it lets them filter routes at redistribution without having to fiddle with inter-area OSPF (or, ghod forbid, multiple OSPF processes

Re: RIP Justification

2010-09-29 Thread Chris Woodfield
On Sep 29, 2010, at 6:14 PM, Scott Morris wrote: But anything, ask why you are using it. To exchange routes, yes... but how many. Is sending those every 30 seconds good? Sure, tweak it. But are you gaining anything over static routes? For simple networks, RIP(v2, mind you) works fine.

Submarine cable sample?

2011-02-23 Thread Chris Woodfield
Hi, Was wondering where one in the SF Bay area might be able to borrow (or otherwise procure at a reasonable cost) a short - less than 1 meter - section of undersea fiber cable for a presentation I'll be giving in a few weeks. Feel free to unicast your reply if you are in a position to assist.

Re: ARIN and IPv6 Requests

2011-02-23 Thread Chris Woodfield
(Yeah, high reply latency...) Is Carrier V still filtering at sub-/32 on their IPv6 peerings? Last I was in a position to check, not even Apple's /45 was visible from inside AS701. -C On Feb 10, 2011, at 12:25 PM, Eric Clark wrote: Don't remember about the v4 part, but 3 years ago they

Re: Internet Edge Router replacement - IPv6 route table size considerations

2011-03-09 Thread Chris Woodfield
I think this is the point where I get a shovel, a bullwhip and head over to the horse graveyard that is CAM optimization... -C On Mar 8, 2011, at 5:18 20PM, Chris Enger wrote: Our Brocade reps pointed us to the CER 2000 series, and they can do up to 512k v4 or up to 128k v6. With other

Re: IP tunnel MTU

2012-10-29 Thread Chris Woodfield
True, but it could be used as an alternative PMTUD algorithm - raise the segment size and wait for the I got this as fragments option to show up... Of course, this only works for IPv4. IPv6 users are SOL if something in the middle is dropping ICMPv6. -C On Oct 29, 2012, at 4:02 PM, Templin,

Re: Verio taking twitter down during Iran Election Riots?

2009-06-16 Thread Chris Woodfield
What's interesting is that the !NANOG part of the universe presumes the maintenance was to be performed by Twitter, not by their carrier (i.e. server, not network, upgrades). Given the fact that the WhaleFail has become a commonly-recognizable sight, I can see this make people a bit, um,

Re: DNS caches that support partitioning ?

2012-08-19 Thread Chris Woodfield
What Patrick said. For large sites that offer services in multiple data centers on multiple IPs that can individually fail at any time, 300 seconds is actually a bit on the long end. -C On Aug 18, 2012, at 3:43 PM, Patrick W. Gilmore patr...@ianai.net wrote: On Aug 18, 2012, at 8:44, Jimmy

Re: APIs for domain registration and management

2012-09-13 Thread Chris Woodfield
Dynect has a RESTful API as well. They even host a number of sample scripts at GitHub: http://dyn.com/managed-dns-dynect-5-api-access-load-balancing-geo-traffic-management/ https://github.com/dyninc -C On Sep 12, 2012, at 5:18 PM, Miles Fidelman mfidel...@meetinghouse.net wrote: Hi Folks,

Re: IPv6 enabled carriers?

2010-03-11 Thread Chris Woodfield
To pile on in the spirit of if people don't complain, nothing will change - is VZB still insisting on filtering /32 at their peers? While ARIN is allocating /40s and /48s directly? -C On Mar 10, 2010, at 2:18 PM, Seth Mattinen wrote: On 3/10/10 11:00 AM, Charles Mills wrote: Does anyone

Re: ouch..

2011-09-17 Thread Chris Woodfield
Or...Go ahead and keep buying 6509 chassis, the 7600 brand is just a marketing thing -C On Sep 14, 2011, at 7:41 AM, Leigh Porter wrote: -Original Message- From: Always Learning [mailto:na...@u61.u22.net] Sent: 14 September 2011 14:39 To: N. Max Pierson Cc: nanog@nanog.org

ATT Wireless outage in SoCal

2011-09-24 Thread Chris Woodfield
Hearing rumblings of a major ATT Wireless outage in southern California. Anyone have more detail? Limited to cell towers or are transit circuits affected? -Chris

Re: So Philip Smith / Geoff Huston's CIDR report becomes worth a good hard look today

2014-08-13 Thread Chris Woodfield
Same reason no vendor has bothered to prune redundant RIB entries (i.e. more-specific pointing to the same NH as a covering route) when programming the TCAM... -C On Aug 13, 2014, at 1:42 PM, Randy Bush ra...@psg.com wrote: half the routing table is deagg crap. filter it. you mean your

Re: So Philip Smith / Geoff Huston's CIDR report becomes worth a good hard look today

2014-08-13 Thread Chris Woodfield
Pruning FIB entries, on the other hand, can be done quite safely as long as you're willing to accept the conversion of null route to don't care. Some experiments were done on this in the IETF a couple years back. Draft-zhang-fibaggregation maybe? Savings of 30% in typical backbone nodes

Re: Shared cabinet "security"

2016-02-13 Thread Chris Woodfield
I've seen colos sell half-racks where both the top and bottoms of the racks have their own cabinet doors. It's not a common thing though. -C > On Feb 12, 2016, at 18:58, Mike Hammett wrote: > > There are more options when you're not just using someone else's datacenter. >

Re: Internet Exchanges supporting jumbo frames?

2016-03-18 Thread Chris Woodfield
I think that’s the problem in a nutshell…until every vendor agrees on the size of a “jumbo” packet/frame (and as such, allows that size to be set with a non-numerical configuration flag). As is, every vendor has a default that results in 1500-byte IP MTU, but changing that requires entering a

Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey

2016-09-25 Thread Chris Woodfield
> On Sep 24, 2016, at 7:47 AM, John Levine wrote: > >>> Well...by anycast, I meant BGP anycast, spreading the "target" >>> geographically to a dozen or more well connected/peered origins. At that >>> point, your ~600G DDoS might only be around >> >> anycast and tcp? the heck

Re: Dyn DDoS this AM?

2016-10-21 Thread Chris Woodfield
As a Twitter network engineer (and the guy Patrick let camp out in your hotel room all day) - thank you for this. Whoever was behind this just poked a hornet’s nest. “Govern yourselves accordingly”. -C (Obviously speaking for myself, not my employer…) > On Oct 21, 2016, at 10:48 AM,

Re: Multi-CDN Strategies

2017-03-10 Thread Chris Woodfield
I have some experience with this; a few things off the top of my head: - It’s usually best to leverage some sort of “smart” DNS to handle CNAME distribution, giving you the ability to weight your CNAME distribution vs. only using one CDN all the time, or prefer different CDNs in various global

Re: Admiral Hosting in London

2017-08-08 Thread Chris Woodfield
And I’d *love* to hear the story they come up with when you ask why they only want to rent space vs buy it… -C > On Jul 27, 2017, at 9:22 PM, Randy Bush wrote: > >> We were contacted by Admiral Hosting in London to rent some our >> unused IP space. > > anyone wanting to