Re: What must one do to avoid Gmail's overachieving spam filtering?

Le mercredi 29 septembre 2010 à 16:31 -0500, Daniel Seagraves a écrit : On Sep 29, 2010, at 4:08 PM, Ryan Hayes wrote: Can you please not use the word retarded in a pejorative sense? The word please is probably not required, since using that word in this manner is prosecutable hate

RE: RINA - scott whaps at the nanog hornets nest :-)

Le samedi 06 novembre 2010 à 12:15 -0700, George Bonser a écrit : Sent: Saturday, November 06, 2010 9:45 AM To: nanog@nanog.org Subject: Re: RINA - scott whaps at the nanog hornets nest :-) On 11/5/2010 5:32 PM, Scott Weeks wrote: It's really quiet in here. So, for some Friday

Re: RINA - scott whaps at the nanog hornets nest :-)

Le samedi 06 novembre 2010 à 13:01 -0700, Matthew Petach a écrit : On Sat, Nov 6, 2010 at 12:32 PM, George Bonser gbon...@seven.com wrote: I doubt that 1500 is (still) widely used in our Internet... Might be, though, that most of us don't go all the way to 9k. mh Last week I asked the

Re: RINA - scott whaps at the nanog hornets nest :-)

Le samedi 06 novembre 2010 à 13:29 -0700, Matthew Petach a écrit : On Sat, Nov 6, 2010 at 1:22 PM, George Bonser gbon...@seven.com wrote: Last week I asked the operator of fairly major public peering points if they supported anything larger than 1500 MTU. The answer was no.

Re: regional ASN's

Le mercredi 01 décembre 2010 à 17:31 +, deles...@gmail.com a écrit : You can use one AS and communities to seperate your traffic/policies. Or other iBGP means of internal separation, like BGP confederations (in order to avoid iBGP session hacks). mh -jim --Original Message--

Re: Mastercard problems

Le mercredi 08 décembre 2010 à 14:23 -0800, andrew.wallace a écrit : MasterCard works closely with the U.S. Secret Service, the FBI, the Postal Inspection Service, Interpol, Europol and counterpart organizations throughout the world to facilitate investigation and prosecution.

Re: Cisco Sanitization

Le mercredi 12 janvier 2011 à 11:41 -0800, JC Dill a écrit : snip/ Randy, If you want to cite list policy, let's start by noting that it's a clear violation of the nanog list AUP to setup an autoresponder reply to list email[1], no matter if the autoresponder replies to the list or just to

Re: Single AS Number for multiple prefixes in different country

Le lundi 17 janvier 2011 à 12:00 -0800, Michel de Nostredame a écrit : On Mon, Jan 17, 2011 at 12:20 AM, Patrick W. Gilmore patr...@ianai.net wrote: On Jan 17, 2011, at 12:32 AM, Michel de Nostredame wrote: I do not think that paragraph means what you think it means. I've seen my own AS

Re: A top-down RPKI model a threat to human freedom? (was Re: Level 3's IRR Database)

Le mardi 01 février 2011 à 12:14 -0500, Christopher Morrow a écrit : On Sun, Jan 30, 2011 at 2:55 PM, Martin Millnert milln...@gmail.com wrote: Here be dragons, snip It should be fairly obvious, by most recently what's going on in Egypt, why allowing a government to control the Internet

Re: A top-down RPKI model a threat to human freedom? (was Re: Level 3's IRR Database)

Le mardi 01 février 2011 à 13:20 -0800, Owen DeLong a écrit : On Feb 1, 2011, at 9:14 AM, Christopher Morrow wrote: On Sun, Jan 30, 2011 at 2:55 PM, Martin Millnert milln...@gmail.com wrote: Here be dragons, snip It should be fairly obvious, by most recently what's going on in Egypt,

Re: A top-down RPKI model a threat to human freedom? (was Re: Level 3's IRR Database)

Le mardi 01 février 2011 à 16:54 -0500, Martin Millnert a écrit : On Tue, Feb 1, 2011 at 4:36 PM, Michael Hallgren m.hallg...@free.fr wrote: But RIR is (at least supposed to be) regional, so (hopefully) more stable from a policy point of view (since the number of national stake holders need

Re: A top-down RPKI model a threat to human freedom? (was Re: Level 3's IRR Database)

Le mercredi 02 février 2011 à 07:04 +0900, Randy Bush a écrit : In this context, at least, perhaps the NIR should be considered superfluous or redundant? What is the operational rationale behind the NIR level? Wouldn't a flatter RIR-LIR structure do just fine? and then, by inference, what

Re: A top-down RPKI model a threat to human freedom? (was Re: Level 3's IRR Database)

Le mardi 01 février 2011 à 18:01 -0500, Christopher Morrow a écrit : On Tue, Feb 1, 2011 at 4:33 PM, Michael Hallgren m.hallg...@free.fr wrote: Le mardi 01 février 2011 à 12:14 -0500, Christopher Morrow a écrit : countries do not have RIR's, countries have NIR's... regions have RIR's

Re: What If....

Le lundi 28 février 2011 à 15:50 -0500, Edward Lewis a écrit : At 9:35 +1300 3/1/11, Brian E Carpenter wrote: http://www.ntia.doc.gov/frnotices/2011/fr_ianafunctionsnoi_02252011.pdf I'm glad to see they are up to date: Paper submissions should include a three and one-half inch computer

Re: What If....

Le lundi 28 février 2011 à 11:57 -1000, David Conrad a écrit : On Feb 28, 2011, at 11:11 AM, Michael Hallgren wrote: I'm glad to see they are up to date: Paper submissions should include a three and one-half inch computer diskette in HTML, ASCII, Word or WordPerfect format (please

Re: Regional AS model

Le jeudi 24 mars 2011 à 14:26 -0700, Bill Woodcock a écrit : On Mar 24, 2011, at 1:47 PM, Patrick W. Gilmore wrote: On Mar 24, 2011, at 3:40 PM, Owen DeLong wrote: On Mar 24, 2011, at 12:42 PM, Zaid Ali z...@zaidali.com wrote: I have seen age old discussions on single AS vs multiple AS

Re: Regional AS model

Le vendredi 25 mars 2011 à 02:09 -0700, Zaid Ali a écrit : On Mar 24, 2011, at 3:17 PM, Michael Hallgren wrote: Le jeudi 24 mars 2011 à 14:26 -0700, Bill Woodcock a écrit : On Mar 24, 2011, at 1:47 PM, Patrick W. Gilmore wrote: On Mar 24, 2011, at 3:40 PM, Owen DeLong wrote: On Mar 24

Re: How are operators using IRR?

Hi, Some of the networks close to me, use IRR based AS_PATH and prefix filters at customer-route import. Needless to say that running periodic diffs between what's found in IRR and what's received in RW and discuss the results with customers is a necessary good thing to make sure that what is

Re: Visio-fu

Le 25/02/2013 23:06, Josh Baird a écrit : Check SmartDraw. pstricks, metapost, TikZ (pgf),... mh On Mon, Feb 25, 2013 at 5:04 PM, George Herbert george.herb...@gmail.comwrote: On Mon, Feb 25, 2013 at 12:58 PM, George Herbert george.herb...@gmail.com wrote: [...] My company has a Visio

Re: Visio-fu

Le 25/02/2013 23:15, Warren Bailey a écrit : I've seen smart draw. I wish these drawing software companies would port their application over to mac.. Every big design guy I know is a mac fanboy, Adobe has it figured out but smart draw and visio have no excuse. Omni is about the only thing

Re: It's the end of the world as we know it -- REM

Le 24/04/2013 21:35, Lee Howard a écrit : On 4/24/13 2:45 PM, ML m...@kenweb.org wrote: On 4/23/2013 5:41 PM, Valdis Kletnieks wrote: I didn't see any mention of this Tony Hain paper: http://tndh.net/~tony/ietf/ARIN-runout-projection.pdf tl;dr: ARIN predicted to run out of IP space to

Re: Tier1 blackholing policy?

Le 01/05/2013 14:46, David Miller a écrit : On 05/01/2013 05:40 AM, Thomas Schmid wrote: Joel, Am 30.04.2013 18:00, schrieb joel jaeggli: On 4/30/13 8:23 AM, Thomas Schmid wrote: On 30.04.2013 17:07, Chris Boyd wrote: On Tue, 2013-04-30 at 10:59 -0400, ML wrote: 1) Do nothing - They're

Re: question about Mark Koster's ARIN presentation

Le jeudi 18 juin 2009 à 12:51 -0700, kris foster a écrit : On Jun 18, 2009, at 12:35 PM, Michael Hallgren wrote: Le jeudi 18 juin 2009 à 12:05 -0400, Sandy Murphy a écrit : This message is sent to the whole nanog list, rather than the nanog-attendees list, How come there is a nanog

Re: Using twitter as an outage notification (was: Fire, Power loss at Fisher Plaza in Seattle)

Marshall Eubanks CEO / AmericaFree.TV -- michael hallgren, mh2198-ripe

Re: Using twitter as an outage notification (was: Fire, Power loss at Fisher Plaza in Seattle)

Le samedi 04 juillet 2009 à 16:58 +0200, Michael Hallgren a écrit : Le samedi 04 juillet 2009 à 10:47 -0400, Jeffrey Lyon a écrit : Personally, I find it difficult to take Twitter seriously. It seems like more of a kids toy than a business tool. Something like a blogspot account would make

Re: Cogent leaking /32s?

it to them with NO-EXPORT set? -- Mikael Abrahamssonemail: swm...@swm.pp.se -- michael hallgren, mh2198-ripe signature.asc Description: Ceci est une partie de message numériquement signée

Re: Cogent leaking /32s?

this? -- michael hallgren, mh2198-ripe signature.asc Description: Ceci est

Re: .se disappeared?

Le lundi 12 octobre 2009 à 21:38 +0100, Ben White a écrit : Does anyone else also see trouble reaching .se domains at the moment? No, at least not all (from a French viewpoint). Which ones? mh -- michael hallgren, mh2198-ripe signature.asc Description: Ceci est une partie de message

Re: DPI deployment use case

Le samedi 08 octobre 2011 à 05:57 +0900, Randy Bush a écrit : Actually, we've been faced with proposals to build services based on traffic classification, like e.g. access our own webmail and all social networking sites, but not skype and video you're on the wrong list. this list is

Re: Ok; let's have the Does DNAT contribute to Security argument one more time...

Le lundi 14 novembre 2011 à 15:43 -0600, -Hammer- a écrit : There really is no winner or right way on this thread. In IPv4 as a security guy we have often implemented NAT as an extra layer of obfuscation. In IPv6, that option really isn't there. So it's a cultural change for me. I'm not

Re: Trouble accessing www.nanog.org

Le mercredi 04 janvier 2012 à 20:18 +, bmann...@vacation.karoshi.com a écrit : On Wed, Jan 04, 2012 at 03:10:13PM -0500, George, Wes wrote: From: Wessels, Duane [mailto:dwess...@verisign.com] Sent: Wednesday, January 04, 2012 1:41 PM Subject: Re: Trouble accessing www.nanog.org

Re: Hijacked Network Ranges

Le dimanche 05 février 2012 à 22:41 -0800, goe...@anime.net a écrit : On Mon, 6 Feb 2012, Christopher Morrow wrote: why aren't filters applied at all? filters don't generate revenue. ... but at times, they prevent loss of... ... mh -Dan

Re: Programmers with network engineering skills

Le lundi 27 février 2012 à 14:14 -0800, Owen DeLong a écrit : On Feb 27, 2012, at 12:31 PM, david raistrick wrote: On Mon, 27 Feb 2012, Owen DeLong wrote: I think you're more likely to find a network engineer with (possibly limited) programming skills. While I'll agree about

Re: IPv6 aggregation tool

Le mardi 22 mai 2012 à 14:02 -0400, Rafael Rodriguez a écrit : :) thanks! Was wondering how to do that. $ perldoc Net::IP ;) That doc's a fine one to read also for other reasons. Cheers, mh Sent from my iPhone On May 21, 2012, at 9:36, Stefan Jakob stefan.ja...@de-cix.net wrote: Am

RE: Industry practice for BGP costs - one time or fixed/monthly?

Le vendredi 25 mai 2012 à 16:04 +, Ashish Rastogi a écrit : Price is probably for high availability and high SLA standards. Yes, hopefully not for simple BGP route exchange...! :) mh Ashish Rastogi From: Anurag Bhatia [m...@anuragbhatia.com]

Re: LinkedIn password database compromised

Hi Randy, Le jeudi 07 juin 2012 à 10:03 -0700, Randy Bush a écrit : hi etaoin, I still don't want single sign on. Not anywhere. i believe that 'single sign on' is a bad deal and dangerous for all, not just we geeks. essentially it means that the 'identiry provider' owns your identity.

RE: IRR-clueful person at 3356?

Yes, usually something like accept r/n iff there is a route object 'covering' r/n and the 'origin AS' of r/n is in the AS-set of the neighbor AS. mh -Message d'origine- De:Mike Simkins Envoyé: 17/08/2012, 18:04 A: jle...@lewis.org; r...@seastrom.com Cc: nanog@nanog.org Objet:Re:

Re: RFC becomes Visio

Le mardi 02 octobre 2012 à 23:25 +0200, Dan Luedtke a écrit : On Fri, 2012-09-28 at 19:31 +0100, Nick Hilliard wrote: Here's a visio diagram you can send them: http://www.foobar.org/~nick/bgp-network-diagram.vsd Is there a .png version of it somewhere? The whole thread made my day, I'm

Re: RFC becomes Visio

for Internet Explorer. http://www.microsoft.com/en-us/download/details.aspx?displaylang=enid=21701 Can you also edit/write using these? mh --- Brian Raaen Zcorum On Tue, Oct 2, 2012 at 5:43 PM, Michael Hallgren m.hallg...@free.fr wrote: Le mardi 02 octobre 2012 à 23:25 +0200

Re: Leap second tonight

Re: Trouble reaching plaxo.com?

-928.core1.mpt.layer42.net (69.36.239.137) 43.943 ms 44.153 ms 50.836 ms Thanks for any insight, Steve -- michael hallgren, mh2198-ripe signature.asc Description: Ceci est une partie de message numériquement signée

RE: Private use of non-RFC1918 IP space

scalability testing that needs more addresses than RFC1918 gives you. Use IPv6. Cheers, mh In a closed lab. Yes, it is ugly. Been there. Sometimes ugly can not be avoided. Paul --Johnny -- michael hallgren, mh2198-ripe signature.asc Description: Ceci est une partie de

Re: Network diagram software

:) Cheers, mh Regards, .m -- michael hallgren, mh2198-ripe signature.asc Description: Ceci est une partie de message numériquement signée

Re: Network diagram software

Le mercredi 11 février 2009 à 23:51 +0100, Michael Hallgren a écrit : Le mercredi 11 février 2009 à 23:34 +0100, Malte von dem Hagen a écrit : Am 11.02.2009 21:50 Uhr, Craig Holland schrieb: Mathias Wolkert wrote: Did he? OmniGraffle is the better Visio. ...except I've

Re: The Internet Revealed - A film about IXPs v2.0: now available

Le mercredi 10 février 2010 à 15:53 +, Nick Hilliard a écrit : On 10/02/2010 14:46, Mikael Abrahamsson wrote: I guess we can agree to disagree then. I think it's highly biased towards promoting IXPs, Uh, it was produced and paid for by IXPs for the intention of promoting IXPs. Why

Re: IPv6 enabled carriers?

on your list, but they are rolling out native IPv6 support on all of 1239. I've been using their 6175 testbed since 2005. + Tata AS6453, production network since quite some time now, dual stack. mh ~Seth -- michael hallgren, mh2198-ripe signature.asc Description: Ceci est une partie de

Re: Anyone still maintaining altdb.net?

Le mercredi 20 avril 2011 à 10:05 -0500, Richard A Steenbergen a écrit : On Wed, Apr 20, 2011 at 10:30:44AM -0400, Jon Lewis wrote: On Wed, 20 Apr 2011, Bret Palsson wrote: I submitted my objects April 11. the mtrner object needs to be created by the db-admin. I realize this is a

Re: Downstream Usage-BGP Communites

Le mardi 10 mai 2011 à 17:52 -0400, Nick Olsen a écrit : Greetings NANOG, Was hoping to gain some insight into common practice with using BGP Communities downstream. For instance: We peer with AS100 (example) AS100 peers with TW Telecom (AS4323). Since I happen to know that AS100 doesn't

Re: Need the perspective of a Level3 customer.

Le vendredi 13 mai 2011 à 01:39 -0700, Joe Renwick a écrit : Can anyone peering with Level3 directly tell me if they are seeing 63.210.162.0/24 coming from the Level3 peer? Yes, I do. mh Thanks for the help. Cheers,

Re: PRISM: NSA/FBI Internet data mining project

Le 07/06/2013 19:10, Warren Bailey a écrit : Five days ago anyone who would have talked about the government having this capability would have been issued another tin foil hat. We think we know the truth now, but why hasn't echelon been brought up? I'm not calling anyone a liar, but isn't

RE : Re: PRISM: NSA/FBI Internet data mining project

Yet appears a certain lack of transparency, no?  mh  Message d'origine De : Jason L. Sparks jlspa...@gmail.com Date : A : ku po cciehe...@gmail.com Cc : NANOG nanog@nanog.org Objet : Re: PRISM: NSA/FBI Internet data mining project To be fair, the reporting (initially)

Re: PRISM: NSA/FBI Internet data mining project

Le 09/06/2013 20:26, Rob McEwen a écrit : Dan, I doubt anyone can answer your question easily because you seem to have contradictions in your scenario. At one point you say: private company to collect information about terrorist entities, who in turn privately contracts with the top X

Re: huawei

Le 13/06/2013 18:22, Randy Bush a écrit : I've always wondered about thatwould you know that the Huawei is leaking data? yes. they have a contract to leak it to the NSA :-) mh

Re: Is the FBI's DNSSEC broken?

Le 03/09/2013 23:28, John Levine a écrit : On Fri, Aug 30, 2013 at 10:27:36PM +, John Levine wrote: I don't claim to be a big DNSSEC expert, but this looks just plain wrong to me, and unbound agrees, turning it into a SERVFAIL. I heard back, seems like I found someone at the FBI who was

Re: Internet Surveillance and Boomerang Routing: A Call for Canadian Network Sovereignty

Le 09/09/2013 21:16, Joe Abley a écrit : On 2013-09-09, at 14:29, joel jaeggli joe...@bogus.com wrote: On 9/9/13 7:43 AM, Jason Lixfeld wrote: That notwithstanding, it's stupid to send traffic to/from one of the large $your_region/country incumbents via $not_your_region/country. It's just

Re: common method to count traffic volume on IX

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Le 17/09/2013 20:15, Patrick W. Gilmore a écrit : Hi, Good reading, to get an idea: https://www1.ethz.ch/csg/people/dimitroc/papers/p95pam.pdf Section 3, mainly. Cheers, mh -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux)

Re: common method to count traffic volume on IX

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Le 17/09/2013 20:15, Patrick W. Gilmore a écrit : On Sep 17, 2013, at 12:11 , Martin T m4rtn...@gmail.com wrote: Thanks for all the replies! Nick, counting traffic on inter-switch links is kind of cheating, isn't it? I mean if input bytes

Re: Someone from PCCW NOC here ?

Le 02/10/2013 19:43, Christopher Morrow a écrit : I am shocked that a pccw customer isn't being prefix-filtered. Ohhh, they're rare bird? ( I'd hope so, rare bird; and I do strongly agree that (at least) these birds -- customer-routes -- should live in a transparent community... IRR (well...),

Re: Policy-based routing is evil? Discuss.

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Le 11/10/2013 19:41, joel jaeggli a écrit : On Oct 11, 2013, at 10:27 AM, William Waites wwai...@tardis.ed.ac.uk wrote: I'm having a discussion with a small network in a part of the world where bandwidth is scarce and multiple DSL lines are

Re: Fundamental questions of backbone design

Le 18/10/2013 20:03, Anurag Bhatia a écrit : Hello everyone I have some fundamental questions about backbone design. Feel free to point me to any discussions/presentation material related to these questions. 1. As I understand it's (sort off) common practice to give highest

Re: prefix filtering per IRR - practices

Le 22/11/2013 17:57, Chris Rogers a écrit : From my experience, networks that are capable of filtering from IRR objects generally filter for exact routes, meaning no le 24. Hi, Are you sure? My experience is, with a small number of exceptions, that le 24 ('route' or 'route-set,' sometimes in

RE : Re: NSA able to compromise Cisco, Juniper, Huawei switches

+1, I fully agree. And not only concerning the domestic use by country, but also with regards to information peering with neighbors, and such.  Enjoy '14!  mh Message d'origine De : Ray Soucy r...@maine.edu Date : A : Blair Trosper blair.tros...@gmail.com Cc :

Re: best practice for advertising peering fabric routes

Le 15/01/2014 07:59, Eric A Louie a écrit : Ok, so the right way to do it is in iBGP. That pretty much answers the question - don't redistribute those ixp-participant prefixes into my IGP. Yes, using next-hop self (rather than importing IXP routes) as pointed out earlier in this thread. I

Re: BGP multihoming with two address spaces

Le 29/01/2014 20:34, Owen DeLong a écrit : This sort of local-pref default seems to be a common practice with backbones. It's very annoying. I wish they'd stop. Most of their customers would actually be very unhappy if they stopped. This local-pref default prevents many many problems and in

Re: misunderstanding scale

Le 22/03/2014 23:49, Nick Hilliard a écrit : On 22/03/2014 19:35, Justin M. Streiner wrote: CGN also comes with lots of downside that customers are likely to find unpleasant. For some operators, customer (dis)satisfaction might be the driver that ultimately forces them to deploy IPv6. don't

Re: Best practices IPv4/IPv6 BGP (dual stack)

Le 03/05/2014 20:23, Mikael Abrahamsson a écrit : On Sat, 3 May 2014, Vitkovský Adam wrote: Sure it's a different transport protocol altogether, anyways It's interesting to see how everybody tends to separate the IPv4 and IPv6 AFs onto a different TCP sessions and still run the plethora of

Re: Help with Confederation-RR-MPBGP

Le 12/06/2014 18:39, valdis.kletni...@vt.edu a écrit : On Thu, 12 Jun 2014 09:25:20 -0700, Philip Lavine said: need some guidance on best practices What the vendor says is best practices, or what people in the trenches say? Is it more efficient to use RR or Confederation? If option A is 2%

Re: Help with Confederation-RR-MPBGP

:-) Cheers, mh On Thursday, June 12, 2014 2:45 PM, Michael Hallgren m.hallg...@free.fr wrote: Le 12/06/2014 18:39, valdis.kletni...@vt.edu mailto:valdis.kletni...@vt.edu a écrit : On Thu, 12 Jun 2014 09:25:20 -0700, Philip Lavine said: need some guidance on best practices What

Re: Net Neutrality...

Le 16/07/2014 17:45, Eric Brunner-Williams a écrit : On 7/16/14 7:50 AM, Fred Baker (fred) wrote: Relevant article by former FCC Chair http://www.washingtonpost.com/posteverything/wp/2014/07/14/this-is-why-the-government-should-never-control-the-internet/ It reads like a hit piece (by a

Re: Muni Fiber and Politics - ENDGAME

Le 22/07/2014 20:34, Mikael Abrahamsson a écrit : On Tue, 22 Jul 2014, Jay Ashworth wrote: You can assume $8-1200 per passing, if you fiber the entire town at once (my example was 12000 passings, 3-pr, in 2.3 sqmi). Then you're going to have to operate the core, which will take power and at

Re: Urgent

Le 18/08/2014 20:38, Jeroen van Aart a écrit : Scott Weeks wrote: -Original Message- Contact for God, please reach out to me offlist. Regards, -AS666 NOC -- ASN 666 is the US army. I was curious a long time ago and looked it up... ;-)

Re: Urgent

Le 19/08/2014 16:08, William Herrin a écrit : On Mon, Aug 18, 2014 at 3:57 PM, Michael Hallgren m.hallg...@free.fr wrote: Le 18/08/2014 20:38, Jeroen van Aart a écrit : -Original Message- Contact for God, please reach out to me offlist. Regards, -AS666 NOC

Re: Multicast Internet Route table.

Le 02/09/2014 18:05, Mikael Abrahamsson a écrit : On Tue, 2 Sep 2014, Octavio Alvarez wrote: I have never used interdomain multicast but I imagine the global m-routing table would quickly become large. I have set up interdomain routing connecting both to a few peers and a Tier1 transit

Re: Anyone else having trouble reaching thepiratebay.se? AS39138

Le 26/11/2014 18:51, Dominik Bay a écrit : On 11/26/2014 06:41 PM, Javier J wrote: Its reachable from some places and not others. Maybe a partial outage. From France: mh@home:~$ mtr --report thepiratebay.org Start: Wed Nov 26 23:09:31 2014 HOST: homeLoss% Snt Last

Re: Checkpoint IPS

Le 05/02/2015 08:01, Roland Dobbins a écrit : On 5 Feb 2015, at 13:51, Michael Hallgren wrote: So, need another inspection strategy I think. The real question is, why 'inspect', at all? Yes, that's an even more interesting discussion! mh --- Roland

Re: Checkpoint IPS

Le 04/02/2015 17:07, Eugeniu Patrascu a écrit : On Tue, Feb 3, 2015 at 5:41 PM, Michael Hallgren m.hallg...@free.fr mailto:m.hallg...@free.fr wrote: Le 03/02/2015 16:21, Eugeniu Patrascu a écrit : On Mon, Feb 2, 2015 at 2:53 PM, Michael Hallgren m.hallg...@free.fr mailto:m.hallg

Re: Checkpoint IPS

Le 04/02/2015 17:19, Roland Dobbins a écrit : On 2 Feb 2015, at 19:53, Michael Hallgren wrote: Real life limitations? https://app.box.com/s/a3oqqlgwe15j8svojvzl Right ;-) Among many other nice ones, I like: `` ‘IPS’ devices require artificially-engineered topological symmetry- can have

Checkpoint IPS

Hi, Someone has positive or negative experience running Checkpoint IPS cluster over ``long distance'' synch. network? Real life limitations? Alternatives? Timers? Cheers, mh

Re: Checkpoint IPS

Le 03/02/2015 16:21, Eugeniu Patrascu a écrit : On Mon, Feb 2, 2015 at 2:53 PM, Michael Hallgren m.hallg...@free.fr mailto:m.hallg...@free.fr wrote: Hi, Someone has positive or negative experience running Checkpoint IPS cluster over ``long distance'' synch. network? Real

Re: Checkpoint IPS

Le 05/02/2015 13:57, Terry Baranski a écrit : On 5 Feb 2015, at 01:56, Michael Hallgren wrote: Le 04/02/2015 17:19, Roland Dobbins a écrit : Real life limitations? https://app.box.com/s/a3oqqlgwe15j8svojvzl Right ;-) Among many other nice ones, I like: `` ‘IPS’ devices require artificially

Re: Checkpoint IPS

On Thu, Feb 5, 2015 at 8:57 AM, Terry Baranski terry.baranski.l...@gmail.com mailto:terry.baranski.l...@gmail.com wrote: On 5 Feb 2015, at 01:56, Michael Hallgren wrote: Le 04/02/2015 17:19, Roland Dobbins a écrit : Real life limitations? https://app.box.com/s

Re: Checkpoint IPS

Le 05/02/2015 14:28, Terry Baranski a écrit : On 5 Feb 2015, at 08:13, Michael Hallgren wrote: Sure they will give you pretty graphs of script-kiddie attempts but that's just the noise in which the skilled attack will get lost. No, Terry, I didn't write that ! :-) Cheers, mh Sorry

Re: DDOS solution recommendation

Le 11/01/2015 14:50, Patrick W. Gilmore a écrit : I agree with lots said here. But I've said for years (despite some people saying I am confused) that BCP38 is the single most important thing we can do to cut DDoS. No spoofed source means no amplification. It also stops things like Kaminsky

Re: DDOS solution recommendation

Le 11/01/2015 14:50, Patrick W. Gilmore a écrit : I agree with lots said here. But I've said for years (despite some people saying I am confused) that BCP38 is the single most important thing we can do to cut DDoS. No spoofed source means no amplification. It also stops things like Kaminsky

Re: Verizon Policy Statement on Net Neutrality

Le 27/02/2015 23:19, Owen DeLong a écrit : Any website which does not violate the law. In other words, if a lawful takedown order So, subject to legal control rather than simply administrative. Right? mh has been applied to a website, this code can’t be used to force an ISP to provide

Re: Inferring the location points of traffic exchange between two networks

Le 13/01/2016 18:36, Reza Motamedi a écrit : > Hi NANOG, > > I am researcher at the University of Oregon and my question is rather > primitive. My research background is in networked systems and Internet > measurement so I know how things work in theory. > > My question is about BGP and what can

Re: nested prefixes in Internet

Hi Martin, What do you want to do? Move from A to B or add A to B? Cheers, mh Le 27 sept. 2016 17:52, à 17:52, Mel Beckman a écrit: >Precisely. This is how it's done by providers I've worked with. > > -mel beckman > >> On Sep 27, 2016, at 7:06 AM, Roy

Re: OSPF vs ISIS - Which do you prefer & why?

Hi, What IGP features do you need, and for what reason? Cheers, mh⁣​Le 10 nov. 2016, à 23:04, Josh Reynolds a écrit: I didn't "trash talk" a vendor. If I did, it would be a multi-thousand line hate fueled rant with examples and enough colorful language to make submarine

Re: Moving fibre trunks: interruptions?

Aerial's not that rare in Europe (rural areas, sometimes even close to metro). Cheers, mh Le 01/09/2017 à 21:52, Rod Beck a écrit : > I don't think there is virtually any aerial in Europe. So given the cost > difference why is virtually all fiber buried on this side of the Atlantic? > > >

Re: Moving fibre trunks: interruptions?

Le 02/09/2017 à 21:25, Baldur Norddahl a écrit : > That depends on the country. Here in Denmark it is not possible to get > rights to put up any aerial at all. The cost difference is irrelevant when > you have no option but to put it in the ground. > > Not only is there no new aerial installations

Re: What's the point of prepend communities?

at 07:56:43PM +0100, Michael >Hallgren wrote: >> But keep in mind that 'prepend communities' are fragile: I decide by >local preference whereto I send my traffic. > >Absolutely, but they are still very useful in many situations. > >-- >Leo Bicknell - bickn...@ufp.org >PGP keys at http://www.ufp.org/~bicknell/

Re: What's the point of prepend communities?

Hi guys, But keep in mind that 'prepend communities' are fragile: I decide by local preference whereto I send my traffic. Cheers, mh Le 30 oct. 2017 à 18:25, à 18:25, Leo Bicknell a écrit: >In a message written on Thu, Oct 26, 2017 at 01:54:17PM -0600, Clinton >Work wrote:

Re: Impacts of Encryption Everywhere (any solution?)

Le 2018-06-17 12:40, na...@jack.fr.eu.org a écrit : Well, yes, there is, you simply have to break the end to end encryption Yes, (or) deny service by Policy (remains to evaluate who's happy with that). Cheers, mh On 06/17/2018 03:09 AM, Matthew Petach wrote: Except that if websites are

Re: Opinions on intent-based networking

BGP? :-) mh Le 2018-05-29 20:32, LF OD a écrit : Been following the articles on "intent-based" networking from Cisco and other vendors for a couple years now, and I have a basic grasp of the concept of "define your goals/outcomes and automation will make it so", but I do not know the practical

Re: Impacts of Encryption Everywhere (any solution?)

Morocco... Sure? Data points? mh Le 2018-05-29 20:00, Owen DeLong a écrit : It was a convenient example with which I had experience near Eritrea. My statement would apply equally for say, Zambia or Morocco. Owen On May 29, 2018, at 10:58 , Eric Kuhnke wrote: Ethiopia is significantly

Re: IPv4 smaller than /24 leasing?

Thanks Bill. Kinda ugly, but OK I see... Prefer v6 ;-) mh Le 4 janv. 2018 à 23:17, à 23:17, William Herrin <b...@herrin.us> a écrit: >On Thu, Jan 4, 2018 at 5:07 PM, Michael Hallgren <m...@xalto.net> wrote: > >> Am I missing something? What's the trigger for doing tunnel

Re: IPv4 smaller than /24 leasing?

By the way, RIPE still seems to provide fresh /22s to new LIRs. Same in the ARIN region? mh Le 4 janv. 2018 à 23:50, à 23:50, William Herrin a écrit: >On Thu, Jan 4, 2018 at 5:40 PM, Justin Wilson wrote: > >> I know of dozens, if not hundreds of small ISPs that

Re: IPv4 smaller than /24 leasing?

Le 2018-01-04 20:16, Job Snijders a écrit : On Thu, 4 Jan 2018 at 20:13, Filip Hruska wrote: I have stumbled upon this site [1] which seems to offer /27 IPv4 leasing. They also claim "All of our IPv4 address space can be used on any network in any location." I thought that

Re: IPv4 smaller than /24 leasing?

Le 2018-01-04 20:27, Harald Koch a écrit : "IPv6 available upon request. " LOL. +1 :-) mh

Re: IPv4 smaller than /24 leasing?

Message - From: "Michael Hallgren" <m...@xalto.net> To: "William Herrin" <b...@herrin.us> Cc: "NANOG" <nanog@nanog.org> Sent: Thursday, January 4, 2018 4:56:21 PM Subject: Re: IPv4 smaller than /24 leasing? By the way, RIPE still seems to

  1   2   >