hard, try using a novel IP protocol number.
Matthew Kaufman
>
>
peninsula. Not looking forward to
that.
Matthew Kaufman
On Wed, Apr 1, 2020 at 7:15 PM Benson Schliesser via NANOG
wrote:
> Indeed, this does seem like good news under the current situation. It's
> good for users, and it's nice PR for both the FCC and the WISPs. But I'm
> c
,
plus the antenna gains are lower)
Matthew Kaufman
On Wed, Apr 1, 2020 at 7:18 PM Dave Phelps wrote:
> Perhaps I'm being cynical, but thank [deity of choice] that the cell
> carriers want it made available for this purpose.
>
> Reference: https://docs.fcc.gov/public/attachments
On Tue, Oct 5, 2021 at 5:44 AM Mark Tinka wrote:
>
>
> On 10/5/21 14:08, Jean St-Laurent via NANOG wrote:
>
> > Maybe withdrawing those routes to their NS could have been mitigated by
> having NS in separate entities.
>
> Well, doesn't really matter if you can resolve the A//MX records,
> but
e.
If you are in the new PST and set your timezone to MST then all times
before November 2023 are displayed incorrectly.
Matthew Kaufman
orically
> eliminate sensitive information. As a result, ExpressVPN can never be
> compelled to provide customer data that does not exist.
>
...until the NSL arrives.
Matthew Kaufman
On Wed, Aug 3, 2022 at 9:22 AM Jay R. Ashworth wrote:
>
>
> Occurs to me that "the last second of today" is approximately a million
> times
> more likely as a scheduling target than "the next to last second"; they
> should
> drop 23:59:5*8* instead.
You’re probably one of those folks who wonder
out).
So providers should stamp this out (because it is “bad”) and support
customers who are running TOR nodes (because those are “good”). Did I get
that right?
Matthew Kaufman
>
>
pped being used solely for its original purpose. That's why
a real RIR for this space would have had a policy development process where
*the community* could weigh in on ideas like "sell of 1/4 of it so we can
have a big endowment". Which, heck, we might have all agreed to... if there
w
On Mon, Jul 22, 2019 at 1:36 PM John Curran wrote:
> On 22 Jul 2019, at 4:17 PM, Matthew Kaufman wrote:
>
> ...
>
> That's why a real RIR for this space would have had a policy development
> process where *the community* could weigh in on ideas like "sell of 1/4
Are any of the rats using routable IP addresses?
On Fri, Oct 25, 2019 at 10:11 AM wrote:
>
> There's a fairly famous animal behavior experiment where rats are
> allowed to multiply in a room-sized cage without control, food and
> water and basic sanitation are provided.
>
> When the cage becomes
adopters are still sometimes early adopters.
But you’re right, what could have been supported on a volunteer basis is
now a profit center. Especially for IPv6, which is once-and-done if sized
properly.
Matthew Kaufman
On Tue, Nov 26, 2019 at 2:29 PM wrote:
>
> If the commitment really was to
This is a great example (but just one of many) of how server software
development works:
IANA IPv4 runout January 2011.
Kubernetes initial release June 2014. Developed by Google engineers.
ARIN IPv4 runout September 2015.
Support for IPv6-only Kubernetes clusters alphas in 1.9, December 2017.
Won’t come back until
both my up streams properly support it.
Matthew Kaufman
>
>
User apps prefer IPv6, Netflix stops, users complain
On Sat, Nov 30, 2019 at 1:29 PM Mark Andrews wrote:
> And how did that stop you deploying IPv6? It’s not like you were turning
> off IPv4.
> --
> Mark Andrews
>
> On 1 Dec 2019, at 04:03, Matthew Kaufman wrote:
>
See previous message about legacy IPv4 holders without budget for IPv6
blocks
On Sat, Nov 30, 2019 at 12:15 PM Filip Hruska wrote:
> You can announce your own IPv6 subnets through TunnelBroker.
>
> Filip
>
>
> On 30 November 2019 8:37:33 pm GMT+01:00, Matthew Kaufman <
2014. This is just one example of many.
Matthew Kaufman
On Sat, Nov 30, 2019 at 1:29 PM Mark Andrews wrote:
> And how did that stop you deploying IPv6? It’s not like you were turning
> off IPv4.
> --
> Mark Andrews
>
> On 1 Dec 2019, at 04:03, Matthew Kaufman wrote:
>
On Sat, Nov 30, 2019 at 4:57 PM Brandon Martin
wrote:
> On 11/30/19 4:48 PM, Matthew Kaufman wrote:
> > See previous message about legacy IPv4 holders without budget for IPv6
> blocks
>
> How slim are your margins to have been around long enough to have a legacy
> IPv4 blo
On Sat, Nov 30, 2019 at 5:55 PM Valdis Klētnieks
wrote:
> On Sat, 30 Nov 2019 13:47:36 -0800, Matthew Kaufman said:
>
> > User apps prefer IPv6, Netflix stops, users complain
>
> And fallback to IPv4 fails to happen, why, exactly?
>
Because of the layer at which fai
> I suppose it’s not impossible, but I’m wondering how they afford the other
> expenses associated with maintaining such a network.
>
> Owen
>
>
> On Nov 30, 2019, at 09:00 , Matthew Kaufman wrote:
>
> I administer two networks that use legacy IPv4 blocks (one al
y refuse to
escalate. Even if you tell them that you are essentially your own ISP.
So... where's the Netflix network engineer on the list who all of us can
send these issues to directly?
Matthew Kaufman
urn it off globally for the whole
house.
Thanks Netflix for helping move us forward here.
Matthew Kaufman
ps. Would still be helpful if the support techs could tell from the
error codes that the denied VPN is an IPv6 tunnel
-- Original Message --
From: "Matthew Kaufman"
To: &qu
Good for them. For things like Apple TV you need to turn it off at the router
of course.
Matthew Kaufman
(Sent from my iPhone)
> On Jun 3, 2016, at 4:25 PM, Cryptographrix wrote:
>
> The information I'm getting from Netflix support now is explicitly telling
> me to turn o
If early adopter PI IPv6 was the same price as early adopter PI v4 space, my
wife would be totally on board with this solution.
Matthew Kaufman
(Sent from my iPhone)
> On Jun 3, 2016, at 6:27 PM, Spencer Ryan wrote:
>
> Well if you have PI space just use HE's BGP tu
that anywhere in about 1/3rd of the
earth. When I travel, my IPSEC VPN extends that port to anywhere in the
world.
And?
Matthew Kaufman
-- Original Message --
From: "Spencer Ryan"
To: "Blair Trosper"
Cc: "nanog@nanog.org"
Sent: 6/6/2016 8:25:40 PM
Subj
Personally, I'd think twice before putting a box that does unthrottled
reflection of ICMP packets to their claimed source anywhere, especially not
one with a well-known address.
Matthew Kaufman
On Sat, Sep 10, 2016 at 2:01 AM James Greig wrote:
> On one of these lists around 6 mont
n the process by now, for all types of
sources and destinations.
Matthew Kaufman
On Fri, Sep 30, 2016 at 12:08 PM William Herrin wrote:
> On Fri, Sep 30, 2016 at 1:34 PM, Bryan Fields
> wrote:
> > On 9/30/16 1:22 PM, William Herrin wrote:
> >> Note that you can't sell th
I fixed it (and Netflix) by turning off IPv6 for all my users... but any
chance this is a path MTU issue causing the apparent hang?
Matthew Kaufman
On Wed, Nov 16, 2016 at 12:26 PM Mark Andrews wrote:
>
> In message <1479249003.3937.6.ca...@ns.five-ten-sg.com>, Carl Bying
The good news is that I reported this particular site as a problem two and
three years ago, both, and it isn't any worse.
Matthew Kaufman
On Wed, Nov 16, 2016 at 6:29 PM Mark Andrews wrote:
>
> In message , JORDI
> PALET M
> ARTINEZ writes:
> > I think it is not just a m
I sent email there and to another contact I had at the time.
And I'm not going to break my users by turning IPv6 back on, so someone
else will need to work with them.
Matthew Kaufman
On Thu, Nov 17, 2016 at 9:48 AM Lee wrote:
> On 11/16/16, Matthew Kaufman wrote:
> > The good
On Mon, May 21, 2018 at 1:56 PM Fletcher Kittredge wrote:
> What about my right to not have this crap on NANOG?
>
What about the likely truth that if anyone from Europe mails the list, then
every mail server operator with subscribers to the list must follow the
GDPR Article 14 notification requ
On Mon, May 21, 2018 at 7:03 PM Jason Hellenthal
wrote:
> Mind pointing out where in the GDPR that it directly relates to these
> types of mail services ?
>
>
>
Like most regulations, it doesn’t call out a specific thing like email or
social networking sites or ecommerce. But it follows quite dir
Every IP of mine that's banned is banned because of a hacked Mikrotik
router. Despite keeping up with the numerous updates, it seems almost every
one I own got hit in the last week.
Matthew Kaufman
On Fri, Sep 14, 2018 at 11:13 AM Dennis Burgess via NANOG
wrote:
> I am looking for some
In other words, they’re on The Internet and you (and your transit provider)
are not.
On Thu, Dec 20, 2018 at 10:40 AM David Hubbard <
dhubb...@dino.hostasaurus.com> wrote:
> Google and HE don't have IPv6 connectivity with Cogent because Cogent's
> CEO has been in some decades long pissing match wi
Exactly what Matt Harris says here... ULA is free. Space obtained from ARIN
is not. You want to discourage someone from doing the right thing, charge a
lot for that.
Matthew Kaufman
On Fri, Mar 2, 2018 at 11:30 AM Matt Harris wrote:
> On Fri, Mar 2, 2018 at 11:08 AM, Owen DeLong wr
Section 3 of https://tunnelbroker.net/tos.php
It isn't "free". It may be included with a service that is currently
available for free, but they aren't providing free address space for an
unlimited period.
Matthew Kaufman
On Fri, Mar 2, 2018 at 12:45 PM Owen DeLong wrote:
your network.
Only nobody wants to do that either.
Matthew Kaufman
provider (or some other provider in the
same boat) takes the next step and starts trading routes of ULA space
with other provider(s).
Is this happening now with RFC 1918 addresses and IPv4?
If not, do you predict that it will soon, and if so, why?
Matthew Kaufman
out
there.
By the way, the problems you listed are some, but not all, of the
reasons why it isn't really a viable multi-homing strategy... but yours
also include some of the reasons why having ULA + globally-routed space
both active would be a problem for many applications.
Matthew Kaufman
On 10/20/2010 7:22 PM, Mark Andrews wrote:
In message<4cbf9b7a.1000...@matthew.at>, Matthew Kaufman writes:
On 10/20/2010 6:20 PM, Mark Smith wrote:
To make it clear, as it seems to be quite misunderstood, you'd have
both ULA and global addressing in your network.
Right. J
ve operational advantages
sufficient to outweigh the disadvantages".
SCTP only gets you 90% of the way there, but it is a lot closer than
today's TCP is.
Matthew Kaufman
v6 with my own GUAs on (for the aforementioned
sorts of reasons, like what happens when you want to interconnect with
others), but it wouldn't be connected (for quite some time) to the
public IPv6 Internet and there are *zero* funds available for the fees
for PI space. It just isn't like 1992 (or even 1994) was for IPv4.
Matthew Kaufman
On 10/21/2010 12:57 AM, Owen DeLong wrote:
On Oct 20, 2010, at 6:46 PM, Matthew Kaufman wrote:
On 10/20/2010 6:20 PM, Mark Smith wrote:
To make it clear, as it seems to be quite misunderstood, you'd have
both ULA and global addressing in your network.
Right. Just like to multihome with
can be even easier and you can leave
multiple providers running in parallel.
That's a big IF, given the above. He doesn't qualify for PI space,
thanks to ARIN policies set by people who want routing tables to stay as
small as possible, so PI space to be as difficult as possible to obtain
for people like him.
Matthew Kaufman
Last time I looked into this, the small Fortinet boxes and the Juniper
NetScreen-5 or -25 were in this class. Juniper now has the SSG to
replace the small NetScreen devices.
I'm using a Fortinet box to do many of the things on your list,
including IPv6 support, at home.
Matthew Kaufman
On 11/11/2010 5:56 PM, Matthew Kaufman wrote:
Last time I looked into this, the small Fortinet boxes and the Juniper
NetScreen-5 or -25 were in this class. Juniper now has the SSG to
replace the small NetScreen devices.
I'm using a Fortinet box to do many of the things on your
others having the same problem *and* no
confirmation of what the company is doing to fix it.
And hard to debug, I'm sure, because the problem is one of those
"happens every other day for 4 days, then not again for 3 weeks" kinds
of bugs.
Matthew Kaufman
DNS64/NAT64 are mutually exclusive.
Now that DNSSEC is actually getting some traction, that's just one more
reason to chose a different way to transition.
Matthew Kaufman
apps that are no longer under development will
never happen).
NAT64/DNS64 is an interesting experiment that works for >95% of the web.
But it isn't really a solution unless "the web" is all you care about.
Matthew Kaufman
tors are pursuing this NAT64 path
for the same reason I am.
Randy Bush would encourage his competitors to do just as you've done,
I'm sure.
Matthew Kaufman
er IPv4 and you can reach over IPv6 that has
available bandwidth.
Matthew Kaufman
e, of course, as recent press about the
most recent outage has reiterated for those who didn't know.
Matthew Kaufman
On 1/6/2011 9:28 PM, Dan Wing wrote:
-Original Message-
From: Matthew Kaufman [mailto:matt...@matthew.at]
Not really. Imagine the case where you're on IPv6 and you can only
reach
IPv4 via a NAT64, and there's no progress made on the detection
problem.
And your family member is
On 1/8/2011 5:20 PM, Jima wrote:
On 1/7/2011 12:39 AM, Matthew Kaufman wrote:
If one end is behind a NAT64 and there is no mechanism for discovering
the NAT64's IPv6 interface prefix and mapping algorithm (and at present
there is not), there is no way to send IPv6 IP packets from the
IPv6
e lack of
additional IPv4 space but continued customer demand to reach the IPv4
Internet, too, isn't it?
Matthew Kaufman
uot; to v4. Lots of time
to figure out the corner cases.
The point is that NAT64 creates a huge additional set of corner cases
(all of the cases where IPv4 literal addresses are transported by
anything other than DNS lookups) that none of the other transition
choices do. (NAT64 has all the problems of CGN *plus* this issue, for
instance.)
Matthew Kaufman
whatever reason, it is hibernating.
When you are ready to talk about
moving forward, i am all ears. Until then, you can keep posturing
while the clock ticks on committed deployments.
See above. Lets get the discovery problem back on top.
Matthew Kaufman
On 1/9/2011 9:51 PM, Owen DeLong wrote:
On Jan 8, 2011, at 10:46 PM, Matthew Kaufman wrote:
On 1/8/2011 3:16 AM, Leen Besselink wrote:
Hello Mr. Kaufman,
In the upcoming years, we will have no IPv6 in some places and badly
performing IPv4 (CGN, etc.) with working IPv6 in others.
Right. So
Area which has been without fiber
connectivity before.
I would like to know with who they're peering with in San Jose and who
their provider(s) is or are. Any other information is welcome.
Have you considered simply asking them?
(If you don't have a contact there, email me off-list)
Matthew Kaufman
On 1/12/2011 12:14 PM, Jeroen van Aart wrote:
Matthew Kaufman wrote:
Have you considered simply asking them?
Sadly the person I contacted with regards to some colocation business
wasn't able to answer the simplest of question (i.e. from which
netblock do they assign IPs). Or at leas
t a jammer near sea level.
Matthew Kaufman
.
Matthew Kaufman
Windows 8 running Google Chrome as the browser.
Matthew Kaufman
On 3/17/2014 11:46 AM, Arturo Servin wrote:
No Happy Eyeballs?
Perhaps also time to ditch XP and IE for something new as well.
-as
On Mon, Mar 17, 2014 at 11:43 AM, Matthew Kaufman <mailto:matt...@matthew.at>&
It was reachable by hand-typed URL, but the machines trying to follow a
redirect from the FCC site during payment flow failed. Had to be brought back
online, so once it was determined that turning v6 off was sufficient, that was
the end if the debugging.
Matthew Kaufman
(Sent from my iPhone
On 4/17/2014 1:45 PM, George Herbert wrote:
This is why listening to operators is important.
Why start now? After all, most of the useful input operators could have
provided would have been much more useful at the beginning.
Matthew Kaufman
While you're at it, the document can explain to admins who have been burned,
often more than once, by the pain of re-numbering internal services at static
addresses how IPv6 without NAT will magically solve this problem.
Matthew Kaufman
(Sent from my iPhone)
> On Apr 17, 2014, at
I think I got you to say "NAT"
Matthew Kaufman
(Sent from my iPhone)
> On Apr 17, 2014, at 7:05 PM, Timothy Morizot wrote:
>
>
> On Apr 17, 2014 7:52 PM, "Matthew Kaufman" wrote:
> >
> > While you're at it, the document can explain to admin
, assigning a new address and
adding another firewall rule that didn't exist.
Matthew Kaufman
(Sent from my iPhone)
> On Apr 18, 2014, at 3:19 PM, Eugeniu Patrascu wrote:
>
>> On Fri, Apr 18, 2014 at 6:02 PM, William Herrin wrote:
>>
>> On Fri, Apr 18, 2014 at 3:31 A
No, they just intercept whatever gear you do purchase before it gets to your
loading dock and then seal it back up with their modifications.
Matthew Kaufman
(Sent from my iPhone)
> On May 13, 2014, at 11:01 AM, Owen DeLong wrote:
>
> I didn’t see the NSA telling us what we had t
My Apple TV appears to use IPv6, but since there's no UI for it (last I
checked) I had to disable SLAAC on that subnet to keep it from trying to use my
slow connection.
So in my book, "some" v6 support is actually worse than "none"
Matthew Kaufman
(Sent from my iPhon
venture. You would undoubtedly learn a lot
about the costs Netflix has experienced while gaining the right to
stream (and now create) content that users want to see.
But since complaining about the latest thing is so much easier, I expect
we'll see a lot more of that instead of this s
rate streaming, there's
often low overlap between the segments adjacent customers wish to
load... even if the content is not encrypted, or is encrypted with the
same DRM key for everyone.
Of course, the facts of the situation don't appear to matter really...
Matthew Kaufman
If you're an ISP and you can't afford even the highest price per IP on
that list, you have bigger problems than how much it costs to bring
Netflix traffic to your customers.
Matthew Kaufman
On 7/15/2014 7:58 AM, Brett Glass wrote:
Matt:
Here's the thing. With physical g
I think the difference is when the municipality starts throwing in free or
highly subsidized layer 3 connectivity "free with every layer 1 connection"
Matthew Kaufman
(Sent from my iPhone)
> On Jul 21, 2014, at 12:08 PM, Blake Dunlap wrote:
>
> My power is pretty much alw
I'd rather ask Adobe, since their peer-to-peer transport (and layers
above) has been dual-stacked since it was first designed.
Matthew Kaufman
On 7/21/2014 1:24 PM, Owen DeLong wrote:
Ask Skype just how easy it is to do that with a dual-stacked service.
Owen
On Jul 21, 2014, at
Is that what I said?
Matthew Kaufman
On 7/21/2014 1:26 PM, Aaron wrote:
Do you have an example of a municipality that gives free internet
access to it's residents?
On 7/21/2014 2:26 PM, Matthew Kaufman wrote:
I think the difference is when the municipality starts throwing in
free or h
ified through
> the user agent- does it really matter that they can uniquely ID the
> household as well based on prefix information?
That depends on what happens when ISPs do start giving residences /48s and ARIN
starts asking for the SWIP details on blocks that large.
Matthew Kaufman
insist on rebuilding on those coastlines again and again.
Matthew Kaufman
On 8/26/2011 7:13 PM, Owen DeLong wrote:
On Aug 26, 2011, at 7:08 PM, Matthew Kaufman wrote:
On 8/26/2011 6:55 PM, Andrew Kirch wrote:
The US Airforce has sent most of the fighters from the East Coast to
Indiana, what are you doing to prepare for the storm of the next 2 days?
Ready, Set
Second IP connection via a different T-1
that is multiplexed on the same DS3.
6) One IP connection via a T-1. Second IP connection via a different T-1
that is on separate physical pairs, but in the same cable bundle.
Matthew Kaufman
heresy for some.
That's not multihoming.
Note that for the purpose of needing an AS number, it most certainly
is... as the result is distinct routing policy from either the
facilities-based provider or the source of the tunnel(s).
Matthew Kaufman
On 9/19/2011 8:32 PM, Randy Bush wrote:
you left out one connection via a chevy full of hollerith cards and
the second a canoe full of 7 track tape in waterproof containers.
They certainly have different loss characteristics, even if you don't
get unique routing policy out of it.
Ma
On 9/16/2011 11:14 AM, Eric Wieling wrote:
I think the question was far too vague. The first thing you need to start an
ISP is LOTS OF MONEY.
That's if you want to make a little money running an ISP. If you want to
make lots of money running an ISP, it takes *even more* money.
Ma
n six months, I don't expect there to be any left anyway, so what
will likely be all the v4 you ever get.
Very soon it'll be nigh on impossible for new entrants to the ISP business to
get their own v4 space.
Isn't that the point?
Matthew Kaufman
to clarify
that.
I think this is a bad idea and I suspect would slow IPv6 deployment.
Potential latency issues aside, is there a technical (not political)
reason for doing so?
How does making it easier to use up the last of the free pool slow IPv6
deployment?
Matthew Kaufman
same circuit, that's clearly multihoming.
As is a single DS3 over which I run two T-1s to different providers. Or
two ATM or Frame Relay VCs.
Matthew Kaufman
Skype on $HANDHELD have the same property?
Not as far as I know, for the obvious reason that handheld devices have
network connections that are suboptimal for this.
Matthew Kaufman
?
Matthew Kaufman
the
reds to a separate flasher circuit.
The people building these things and writing the requirements do
understand the consequences of failure.
Matthew Kaufman
t's actually pretty easy to change the datatype in an SQL database, so that
shouldn't be that much of an impediment.
If only A) it were that simple and B) going in and changing data types
for columns didn't have audit implications, data replication
implications, data warehousin
lets one of the competitors
bypass all the steps I outlined in order to support IPv6 while the other
takes "forever" to get to it.
Matthew Kaufman
appens when pin 7 has 220 VAC flowing from one device to the other) But
you can just run Ethernet out to the console server and plug it in next
to the gear with the serial port to fix this.
Matthew Kaufman
rrently have.
Trying to sell this to smart engineers writing code or testing it as
"less work" is just going to get you laughed out of the room as the
crazy IPv6 zealot.
Matthew Kaufman
On 3/5/2013 8:20 PM, Owen DeLong wrote:
On Mar 5, 2013, at 7:55 PM, Matthew Kaufman wrote:
On 3/5/2013 7:15 PM, Owen DeLong wrote:
On Mar 5, 2013, at 6:46 PM, Mukom Akong T. wrote:
On Wed, Mar 6, 2013 at 12:34 AM, Mike. wrote:
I would lean towards
f) Cost/benefit of deploying IPv6
On 3/6/2013 9:20 AM, Cameron Byrne wrote:
On Tue, Mar 5, 2013 at 10:29 PM, Matthew Kaufman wrote:
On 3/5/2013 8:20 PM, Owen DeLong wrote:
On Mar 5, 2013, at 7:55 PM, Matthew Kaufman wrote:
On 3/5/2013 7:15 PM, Owen DeLong wrote:
On Mar 5, 2013, at 6:46 PM, Mukom Akong T.
wrote:
On Wed
On 4/6/2013 6:24 PM, cb.list6 wrote:
Interesting.
http://www22.verizon.com/support/residential/internet/highspeedinternet/networking/troubleshooting/portforwarding/123897.htm
I'd love to see a CGN box that is cheaper than IPv4 addresses currently
are on the transfer market.
Matthew Kaufman
compliance with
every nuance of section 4 that might be applied if they were getting the
addresses from ARIN" (ex. 4.2.1.5 requiring a /20 minimum for ISPs) then
I guess we need another policy modification.
Is that really how ARIN staff is interpreting it?
And why is this discussion here and not on arin-ppml?
Matthew Kaufman
(* note that it is 24 months because I submitted another policy proposal
that was considered at the same time to bump the 12 months up to 24, and
both passed)
See subject. Contact me off-list please.
Matthew Kaufman
the budget for this?
Matthew Kaufman
On 12/8/2011 9:41 PM, Matthew Kaufman wrote:
See subject. Contact me off-list please.
Matthew Kaufman
Six helpful responses later and the issue is resolved. Thanks to
everyone who reached out.
Matthew Kaufman
1 - 100 of 243 matches
Mail list logo