Re: A letter from the CEO

I am impressed that you stepped up, admitted the mistake, and apologized. Thank you for taking responsibility. Anyone reading this who can say they never made a mistake can continue to criticize you. As I am about as far from that standard as one can be, I will consider this penance enough for

Re: Half Fibre Pair

Back in the day, there were these things called half-circuits or half-cables. Telephone companies in different countries would “share” a cable under the ocean, where the company in each country would own “half” the cable - i.e. from their shore to the middle of the ocean. I have no idea what th

Re: Viable Third Option?

Second vote for NTT. Also, second vote for GTT. -- TTFN, patrick > On Feb 17, 2021, at 14:07, David Hubbard > wrote: > >  > I’ve been pretty happy with NTT but their POPs can be limited; I’ve had to > pick up waves to them, which sometimes still comes out ahead. I’m slowly > dropping Co

Re: Famous operational issues

On Feb 18, 2021, at 6:10 PM, Karl Auer wrote: > > I think it was Macchiavelli who said that one should not ascribe to > malice anything adequately explained by incompetence… https://en.wikipedia.org/wiki/Hanlon%27s_razor Never attribute to malice that which is adequately explained by st

Re: Famous operational issues

On Feb 22, 2021, at 7:02 AM, t...@pelican.org wrote: > On Thursday, 18 February, 2021 22:37, "Warren Kumari" > said: > >> 4: Not too long after I started doing networking (and for the same small >> ISP in Yonkers), I'm flying off to install a new customer. I (of course) >> think that I'm hot stu

Re: wow, lots of akamai

Matt: I am going to disagree with your characterization of how Akamai - and many other CDNs - manage things. First, to be blunt, if you really think Akamai nodes are “sitting idle for weeks” before CoD comes out with a new game, you are clearly confused. More importantly, I know for a fact Aka

Re: wow, lots of akamai

er sends a few megabytes of request and receives 50 gigs of reply. They > aren't DDoSing the network, but they're amplifying a single 50 gig copy they > receive from the mothership and turning it into likely tens of terabytes of > traffic. > Yes, that's a CDN's job,

Re: wow, lots of akamai

Just so I am clear, you are saying “I would rather have it come over my undersea cables than from inside the datacenter”? And you are assuming TCP transport. -- TTFN, patrick > On Apr 1, 2021, at 6:23 PM, Tony Wicks wrote: > > This is not actually (as in yes it does matter) the case, if a fi

Re: wow, lots of akamai

e hardly > able to be considered normal. Sure, some day 50GB updates will be the norm, > but that's not today, and when it is, somebody else will be pushing out 250GB > updates quarterly. This problem isn't going away soon, and it can't be fixed > permanently by j

Re: Texas ERCOT power shortages (again) April 13

Brian: The idea that because ERCOT is a non-profit somehow means they would never do anything to save money, or management is not granted bonuses or salary increases based on savings, or have no financial incentive is ridiculous. E.g. Salaries for the top ERCOT executives increased 50% from 201

Re: Texas ERCOT power shortages (again) April 13

20/20 vision. It’s like saying that I shouldn’t have built the house > where the tornado hit. > >> On Apr 14, 2021, at 10:12 AM, Patrick W. Gilmore > <mailto:patr...@ianai.net>> wrote: >> >> Brian: >> >> The idea that because ERCOT is a non

Re: OOB management options @ 60 Hudson & 1 Summer

On Apr 16, 2021, at 1:49 PM, Warren Kumari wrote: > On Fri, Apr 16, 2021 at 1:08 PM Bryan Fields wrote: >> On 4/16/21 1:33 AM, Saku Ytti wrote: > > https://www.markleygroup.com/cloud/network/out-of-band > > Wow, this is an impressive offering. I wish more providers would do this. > > +manylots

Re: Zayo or HE for IP transit

Hurricane has probably the most peering of any large network on the planet. They also carry more v6 traffic than anyone. But they have a famous problem with v6 - you cannot get to Cogent (174) from HE. Since you have Cogent, that should not be a problem. Private, smart people, customer service

Re: Submitting Fake Geolocation for blocks to Data Brokers and RIRs

On Apr 22, 2021, at 10:23 AM, Matthew Petach wrote: > On Thu, Apr 22, 2021 at 7:12 AM nanoguser100 via NANOG > wrote: >> William, >> >> The plan is to carve out a /24 for "Estonia" and have special servers on it. >> This would be the same /24 I'd have to use if I were to put a legitimate >>

Re: Submitting Fake Geolocation for blocks to Data Brokers and RIRs

On Apr 22, 2021, at 7:58 PM, nanoguser100 via NANOG wrote: > > I see a lot of replies about the legality. As mentioned I have legitimate > reasons for doing this. I plan on serving customers in country. Your “legitimate” reason is to avoid someone else’s restrictions on the content they own.

Re: FCC fines for unauthorized carrier changes and consumer billing

On Apr 23, 2021, at 12:47 PM, Sean Donelan wrote: > On Fri, 23 Apr 2021, Dan Hollis wrote: >> On Fri, 23 Apr 2021, Eric Kuhnke wrote: >>> Did the FCC ever collect its $50 million from "Sandwich Isles >>> Telecommunications" for blatant fraud? At this scale I wonder how or why >>> certain people a

PeerinDB refuses to register certain networks [was: Setting sensible max-prefix limits]

On Aug 18, 2021, at 5:00 PM, Matthew Walster wrote: > On Wed, 18 Aug 2021, 21:37 Sabri Berisha, wrote: > - On Aug 18, 2021, at 2:46 AM, Steve Lalonde st...@enta.net wrote: > > Hi, > >> > We always use PeeringDB data and refuse to peer with networks not in >> > PeeingDB >> >> You are aware

Re: PeerinDB refuses to register certain networks [was: Setting sensible max-prefix limits]

get a record. I guess you are right, the _Peering_DB does not register “certain” networks. Those networks would be ones that do not peer. Which seems pretty obvious to me - it is literally in the name. -- TTFN, patrick > On Aug 18, 2021, at 5:50 PM, Sabri Berisha wrote: > > ----- On

Re: Google peering in LAX

On Mar 2, 2020, at 17:38, Seth Mattinen wrote: > On 3/2/20 2:20 PM, Hugo Slabbert wrote: >> I believe Owen was referring here to Google's actions: that the disagg is >> the antisocial behaviour and that transit providers (the people they are >> paying) would be more tolerant of that antisocial

Re: Google peering in LAX

On Mar 2, 2020, at 6:30 PM, Seth Mattinen wrote: > On 3/2/20 3:09 PM, Patrick W. Gilmore wrote: >> Your routers, your decision. >> But how much traffic are you sending TO Google? Most people get the vast >> majority of traffic FROM Google. They send you videos, you send t

Re: Don Smith, RIP.

Would like to add my name to the very (very, very, very) long list of people who respected and will miss Don. I do not drink coffee, but for this occasion, it feels appropriate to say: (coffee != sleep) & (!coffee == sleep) -- TTFN, patrick > On Jul 23, 2020, at 7:50 PM, Paul Ferguson

Re: AANP Akamai

netsupp...@akamai.com -- TTFN, patrick > On Sep 2, 2020, at 2:40 PM, ahmed.dala...@hrins.net wrote: > > Hello NANOG, > > Could somebody from Akamai AANP’s network team contact me off-list? I’ve > tried the peering and NOC and got no replies in months. > > Thanks > Ahmed

Re: Apple moved from CDN, and ARIN whois

Not everything is moved. patrick@TiggerBook-C-32 ~ % dig www.apple.com […] ;; ANSWER SECTION: www.apple.com. 219 IN CNAME www.apple.com.edgekey.net. www.apple.com.edgekey.net. 12102 IN CNAME www.apple.com.edgekey.net.globalredir.akadns.net. www.apple.com.edgekey.net.glob

Re: FYI: NANOG and ICANN

NANOG’s version: https://www.nanog.org/stories/nanog-signs-a-memorandum-of-understanding-with-internet-society-icann/ -- TTFN, patrick > On Oct 4, 2021, at 4:42 AM, Hank Nussbacher wrote: > > https://www.icann.org/en/announcements/details/icann-signs-a-memorandum-of-understanding-with-nanog-

Re: facebook outage

On Oct 4, 2021, at 5:30 PM, Bill Woodcock wrote: > On Oct 4, 2021, at 11:21 PM, Bill Woodcock wrote: >> On Oct 4, 2021, at 11:10 PM, Bill Woodcock wrote: >>> >>> They’re starting to pick themselves back up off the floor in the last two >>> or three minutes. A few answers getting out. I imagi

Re: Facebook post-mortems...

Update about the October 4th outage https://engineering.fb.com/2021/10/04/networking-traffic/outage/ -- TTFN, patrick > On Oct 4, 2021, at 9:25 PM, Mel Beckman wrote: > > The CF post mortem looks sensible, and a good summary of what we all saw from > the outside with BGP routes being withdra

Re: abha

On Oct 20, 2021, at 1:45 PM, Brett Watson wrote: > On Oct 20, 2021, at 10:41, Randy Bush wrote: >> >> abha died 20 years ago today > > Still miss her, she was a ray of sunshine. I can still hear her laugh, see her smile. Which makes me happy and sad at the same time. We all owe her. NANOG wo

Re: Internet history

On Oct 21, 2021, at 2:37 PM, Michael Thomas wrote: > > [changed to a more appropriate subject] > > On 10/20/21 3:52 PM, Grant Taylor via NANOG wrote: >> On 10/20/21 3:26 PM, Michael Thomas wrote: >>> Just as an interesting aside if you're interested in the history of >>> networking, When Wizard

Re: Network visibility

> But I will capitalize Internet in all relevant uses. > > This is an *engineering definition*, it matters that you name the right > object, and I am one of the people who will, in fact, die on this hill. You are not alone. > The associated press can bite me. While I respect and appreciate the

Re: Special Counsel Office report web site

On Apr 17, 2019, at 9:02 PM, Sean Donelan wrote: > > The Special Counsel's report is expected to be posted on its website sometime > between 11 a.m. and noon on Thursday, April 18, 2019. > > https://www.justice.gov/sco > > Since I helped with website for the Starr Report on September 11, 1998,

Re: looking for hostname router identifier validation

Automation isn’t even that hard - just outsource (e.g. 6Connect). I get why some things stagnate & collect kruft. But it is actually EASIER, and probably cheaper (including people time), to have a 3rd party “just do it” when it comes to things like DNS & IPAM. Then again, if everyone ran everyt

Are network operators morons? [was: CloudFlare issues?]

[Removing the attribution, because many people have made statements like this over the last day - or year. Just selecting this one as a succinct and recent example to illustrate the point.] >> This blog post, and your CEO on Twitter today, took every opportunity to say >> “DAMN THOSE MORONS AT

Re: What can ISPs do better? Removing racism out of internet

Mel: My understanding is ISPs are not Common Carriers. Didn’t we just have a big debate about this w/r/t Network Neutrality? I Am Not A Lawyer (hell, I am not even an ISP :), but if any legal experts want to chime in, please feel free to educate us. Put another way, ISPs are not phone companie

Re: User Unknown (WAS: really amazon?)

[Speaking ONLY FOR MYSELF AS AN INDIVIDUAL.] On Aug 4, 2019, at 8:15 AM, Rubens Kuhl wrote: > On Sun, Aug 4, 2019 at 5:17 AM Scott Christopher wrote: > John Curran wrote: > > ... > >> As I have noted previously, I have zero doubt in the enforceability of the >> ARIN registration services agr

Re: What can ISPs do better? Removing racism out of internet

Cloudflare is not an ISP. They are a CDN. You cannot ask them for a DSL or Cable connection, or even DIA. Not that it matters: ISPs are not “Common Carriers” in statute or Common Law. The DMCA provides some protections which are similar to Common Carrier status, but that does not mean they have

Re: Weekly Routing Table Report

A very long time ago, I commented on this report hitting 250,000 prefixes. It was a Big F*#@$&! Deal at the time. A quarter million prefixes in the DFZ? Wow…. Then I did it again at 500,000. People commented that I should have waited for 512,000 - especially since a popular piece of kit was expe

Re: Weekly Routing Table Report

t;> wrote: > > These numbers are nothing. Wait till IPv6 really start taking off. > > > -Original Message- > From: NANOG mailto:nanog-boun...@nanog.org>> On > Behalf Of Patrick W. Gilmore > Sent: Friday, August 30, 2019 3:09 PM > To: North Ame

Re: Cogent sales reps who actually respond

On Sep 17, 2019, at 9:46 PM, Christopher Morrow wrote: > On Tue, Sep 17, 2019 at 6:46 PM Martijn Schmidt via NANOG > wrote: >> >> Hi Elad, >> >> Is this policy officially documented by AFRINIC somewhere? Can you make >> route objects for legacy AFRINIC resources in their RIR operated IRRDB as

Re: This endless pissing contest is operational, how? Re: Elad Cohen

On Sep 19, 2019, at 9:08 AM, John Sage wrote: > > On 9/19/19 3:25 AM, Elad Cohen wrote: >> Mr. Ronald Guilmette > > Are there *any* moderators #OnHere at all? Moderators? No. Anyone subscribed to the list can post anything at any time. But posts are reviewed after the fact if there is suspicio

HPE SAS Solid State Drives - Critical Firmware Upgrade Required

I do not normally post about firmware bugs, but I have this nightmare scenario running through my head of someone with a couple of mirrored HPE SSD arrays and all the drives going POOF! simultaneously. Even with an off-site backup, that could be disastrous. So if you have HPE SSDs, check this a

Re: Software Defined Networks

I tell everyone we had SDNs in the 90s. But we called it “expect scripts”. :-) -- TTFN, patrick > On Dec 4, 2019, at 9:41 PM, Jennifer Rexford wrote: > > SDN is definitely an overloaded and confusing term that is used > inconsistently. Here are a few attempts to explain: > > - “The Road

Re: NANOG67 - Tipping point of community and sponsor bashing?

On Jun 14, 2016, at 11:50 AM, Hugo Slabbert wrote: > On Tue 2016-Jun-14 10:12:10 -0500, Matt Peterson wrote: > >> This week at NANOG67, a presentation was given early on that did not >> reflect well for our community at large. Regardless of the content or >> accuracy of the data presented (not t

Appeals court upholds Network Neutrality rules

Presented without comment: https://www.washingtonpost.com/news/the-switch/wp/2016/06/14/the-fcc-just-won-a-sweeping-victory-on-net-neutrality-in-federal-court/ Seems topical to NANOG audience. -- TTFN, patrick

Re: cross connects and their pound of flesh

Actually, back in the T1/T3 days, colos frequently asked what you ran on the cable and then charged you based on the capacity of the circuit - even when it was the same exact cable. Of course, none of us would ever ask for T1 xconn then run ethernet over it. Colo providers are absolutely worrie

Re: cross connects and their pound of flesh

is nobody's business but the person > controlling the end points. > > David Barak > Sent from mobile device, please excuse autocorrection artifacts > >> On Jun 19, 2016, at 8:30 AM, Patrick W. Gilmore wrote: >> >> Actually, back in the T1/T3 days, colos frequen

Re: Leap Second planned for 2016

On Jul 8, 2016, at 7:47 PM, Saku Ytti wrote: > On 9 July 2016 at 02:27, Jared Mauch wrote: >> Time is actually harder than it seems. Many bits of software break in >> unexpected ways. Expect the unexpected. > > Aye. How many have written code like this: > > start = time(); > do_something(); >

Re: Military coup in Turkey?

http://www.telegraph.co.uk/news/2016/07/15/turkey-low-flying-jets-and-gunfire-heard-in-ankara1/ -- TTFN, patrick > On Jul 15, 2016, at 4:44 PM, b...@theworld.com wrote: > > > It looks to me like the Turkish internet is unreachable. > > -- >-Barry Shein > > Software Tool & Die| b

Re: cloudflare hosting a ddos service?

CloudFlare will claim they are not hosting the problem. They are just hosting the web page that lets you pay for or points at or otherwise directs you to the problem. The actual source of packets is some other IP address. Therefore, they can keep hosting the web page. It is not sending the actu

Re: Comparing carrier hotels and colo: How much are you paying per 208V 30A circuit

L6-30s are probably the most common power drop in colocation. A) Is proprietary. I won’t pretend you will get zero answers, lots of people will likely break their NDAs. B) You can find any and all of those options. C) Ditto. Are you looking for specific cities or buildings? Or just trying to s

Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey

On Sep 23, 2016, at 1:58 PM, Grant Ridder wrote: > > Didn't realize Akamai kicked out or disabled customers > http://www.zdnet.com/article/krebs-on-security-booted-off-akamai-network-after-ddos-attack-proves-pricey/ > > "Security blog Krebs on Security has been taken offline by host Akamai > Tec

Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey

Is CloudFlare able to filter Layer 7 these days? I was under the impression CloudFlare was not able to do that. There have been a lot of rumors about this attack. Some say reflection, others say Layer 7, others say .. other stuff. If it is Layer 7, how are you going to ‘step in front of the can

Re: IP addresses being attacked in Krebs DDoS?

On Sep 25, 2016, at 4:01 PM, Brett Glass wrote: > As an ISP who is pro-active when it comes to security, I'd like to know what > IP address(es) are being hit by the Krebs on Security DDoS attack. If we > know, we can warn customers that they are harboring infected PCs and/or IoT > devices. (An

Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey

On Sep 25, 2016, at 5:50 PM, ryan landry wrote: > On Sun, Sep 25, 2016 at 9:07 PM, Mark Andrews wrote: >> This is such a golden opportunity for each of you to find compromised >> hosts on your network or your customer's network. The number of >> genuine lookups of the blog vs the number of bott

Re: IP addresses being attacked in Krebs DDoS?

On Sep 25, 2016, at 6:35 PM, Brett Glass wrote: > At 03:50 PM 9/25/2016, Patrick W. Gilmore wrote: >> What Brett is asking seems reasonable, even useful. Unfortunately, it is not >> as simple as posting a list of addresses on a website. >> >> Many devices are com

Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey

On Sep 27, 2016, at 11:35 AM, Roland Dobbins wrote: > On 27 Sep 2016, at 21:48, Brielle Bruns wrote: >> You start cutting off users or putting them into a walled garden until they >> fix their machines, and they will start caring. > > It's important to keep in mind that in the not-so-distant f

Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey

On Sep 27, 2016, at 11:49 AM, Roland Dobbins wrote: > On 27 Sep 2016, at 22:37, Patrick W. Gilmore wrote: >> All the more reason to educate people TODAY on why having vulnerable devices >> is a Very Bad Idea. > > Yes, but how do they determine that a given device is vulne

Re: 18 years ago today - rfc 2468

We do. Thank you for reminding us. And thanks to Dr. Postel for making what we do possible. -- TTFN, patrick > On Oct 15, 2016, at 9:19 AM, Rodney Joffe wrote: > > To be clear - Oct 16. Which has just tolled in the APAC region. For most of > you it will be tomorrow. But no matter. You get t

Re: Dyn DDoS this AM?

I cannot give additional info other than what’s been on “public media”. However, I would very much like to say that this is a horrific trend on the Internet. The idea that someone can mention a DDoS then get DDoS’ed Can Not Stand. See Krebs’ on the Democratization of Censorship. See lots of othe

Re: Dyn DDoS this AM?

Attack has re-started. This is the time, folks. Rally the troops, offer help, watch your flow. STOP THIS NOW. -- TTFN, patrick > On Oct 21, 2016, at 11:48 AM, Patrick W. Gilmore wrote: > > I cannot give additional info other than what’s been on “public media”. > > Howeve

Re: Dyn DDoS this AM?

hare to raise awareness. > > > > > - > Mike Hammett > Intelligent Computing Solutions > http://www.ics-il.com > > Midwest-IX > http://www.midwest-ix.com > > - Original Message - > > From: "Patrick W. Gilmore" > To: "NANOG

Re: Dyn DDoS this AM?

On Oct 21, 2016, at 12:40 PM, David Hubbard wrote: > > Do we know the attack destinations so we can watch transit traffic destined > for it to help sources that may be unaware? My guess is you should track anything to as33517. -- TTFN, patrick

Re: Common Reliable Out Of Band Management Options at Carrier Hotels

+1 for OpenGear + LTE / cell. Obviously POTS works and is available in any carrier hotel and not insanely expensive. Also, lots (not all) colocation providers will give you very cheap ethernet OOB. (E.g. Our colo gives you GigE for the cost of the xconn + 2 Mbps 95/5 free.) I would ask before

Re: Common Reliable Out Of Band Management Options at Carrier Hotels

> liability for any errors or omissions in the contents of this message, which > arise as a result of e-mail transmission. . > > -Original Message- > From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Patrick W. Gilmore > Sent: Wednesday, January 18, 2017 9:13 AM

Re: How ISPs bill : Time Zones & 95th Percentile Calculations

NANOG’ers: Steve McManus of Akamai and I have a few questions regarding how providers use time zones for billing, and how the 95th percentile (95/5) is calculated. Many ISPs use UTC on logs and such for reasons which should be obvious. But do they use local time for billing? What if there are p

Re: Akamai and Instagram Ranges

Akamai does not give out the IP space they use, for good and valid reasons. Also, Akamai -is- a cache (just pretend for sake of this argument that none of you is ridiculously overly pedantic). If you are trying to cache on-net, why not just ask them to do it for you? It’s free. https://

Re: YouTube streaming failures

I cannot stream on AppleTV or iPhone. Works on my laptop. Comcast, Massachusetts. -- TTFN, patrick > On Feb 12, 2017, at 8:08 PM, Brett A Mansfield > wrote: > > I'm seeing this as well, but only on Apple and Linux products. Seems to be > working fine on Windows. > > Thank you, > Brett A Ma

Re: What are people using for IPAM these days?

While there are many good options, I prefer 6Connect personally. Lots of hooks to let you automate things (not just which device has which IP address, much more), cheap as hell, and support is unbeatable. -- TTFN, patrick > On Jun 11, 2018, at 10:45, Owen DeLong wrote: > > I find lots of peo

Re: Confirming source-routed multicast is dead on the public Internet

It is hard to prove a negative. So let’s prove a positive. One of the largest (2nd largest?) transit networks on the planet just affirmatively stated they filter at their border. It is now possible to state that multicast is not ubiquitous on the Internet. If any other large transit network (L3

Re: Massive Price Increase for X-conns at Telehouse Chelsea, NYC

On Sep 17, 2018, at 15:08, Ethan O'Toole wrote: > >> If it’s in an interduct by itself, how much would the square footage per >> month occupied by the average cross connect be worth? > > These big datacenter companies are REITs. Similar to self-storage units and > apartment buildings, they exis

Re: Massive Price Increase for X-conns at Telehouse Chelsea, NYC

On Sep 17, 2018, at 17:51, Nick Hilliard wrote: > Patrick W. Gilmore wrote on 17/09/2018 22:40: >> Expecting any for-profit business (all of them, not just REITs) to do >> less than extract maximum cash is deluding yourself. > oh sure, but price gouging is often bad business pr

Re: Stupid Question maybe?

Why do you think the network portion needs to be contiguous? Well, it does now. But that was not always the case. https://www.quora.com/Why-is-the-subnet-mask-255-255-255-64-invalid/answer/Patrick-W-Gilmore https://www.quora.com/Why-is-the-subnet-mask-255-255-255-64-invalid -- TTFN, patrick

Re: AT&T/as7018 now drops invalid prefixes from peers

Jay & everyone AT&T: I just want to say thank you. Kudos to your team for implementing and management for having the intestinal fortitude to do so. -- TTFN, patrick > On Feb 11, 2019, at 09:53, Jay Borkenhagen wrote: > > > FYI: > > The AT&T/as7018 network is now dropping all RPKI-invalid ro

Re: cogent spamming directly from ARIN records?

Has anyone replied? If this is a peering request, not sure that is a bad use of the AS contact info. If it is a sales pitch, then yeah, that’s a problem. -- TTFN, patrick > On Oct 2, 2023, at 14:58, Tim Burke wrote: > > Hurricane has been doing the same thing lately... but their schtick is t

Re: Networks ignoring prepends?

> The Internet is lying to itself, and that’s not a situation that can persist > forever. I am not sure I agree. First, prepends are a suggestion. Perhaps a request. It has never (or at least not for the 3 decades I’ve been doing this) been a guarantee. In the situation below, perhaps the 5K m

Re: gagging *IX directors re snoop/block orders

There is one problem: The article is factually incorrect on multiple points. So comparing A to B when B is a fairy tale does not make much sense. The proposed constitutional changes are in the public domain. -- TTFN, patrick P.S. Full disclosure, I am a LINX director. So maybe I’m saying this

Re: SHA1 collisions proven possisble

On Feb 23, 2017, at 2:59 PM, Ca By wrote: > On Thu, Feb 23, 2017 at 10:27 AM Grant Ridder wrote: > >> Coworker passed this on to me. >> >> Looks like SHA1 hash collisions are now achievable in a reasonable time >> period >> https://shattered.io/ >> >> -Grant > > > Good thing we "secure" our

Re: SHA1 collisions proven possisble

On Feb 23, 2017, at 6:21 PM, valdis.kletni...@vt.edu wrote: > On Thu, 23 Feb 2017 17:40:42 -0500, "Ricky Beam" said: > >> cost! However this in no way invalidates SHA-1 or documents signed by >> SHA-1. > > We negotiate a contract with terms favorable to you. You sign it (or more > correctly, sig

Re: SHA1 collisions proven possisble

On Feb 23, 2017, at 9:08 PM, valdis.kletni...@vt.edu wrote: > On Thu, 23 Feb 2017 20:56:28 -0500, "Patrick W. Gilmore" said: > >> According to the blog post, you can create two documents which have the same >> hash, but you do not know what that hash is until the algor

Re: SHA1 collisions proven possisble

On Feb 24, 2017, at 12:04 PM, Vincent Bernat wrote: > ❦ 23 février 2017 21:16 -0500, "Patrick W. Gilmore" : > >> A couple things will make this slightly less useful for the attacker: >> 1) How many people are not going to keep a copy? Once both docs are be >&

Re: SHA1 collisions proven possisble

On Feb 25, 2017, at 17:44, Jimmy Hess wrote: >> On Thu, Feb 23, 2017 at 2:03 PM, Patrick W. Gilmore >> wrote: >> >> For instance, someone cannot take Verisign’s root cert and create a cert >> which collides >> on SHA-1. Or at least we do not think

Re: SHA1 collisions proven possisble

Composed on a virtual keyboard, please forgive typos. On Feb 26, 2017, at 21:16, Matt Palmer wrote: >> On Sun, Feb 26, 2017 at 05:41:47PM -0600, Brett Frankenberger wrote: >>> On Sun, Feb 26, 2017 at 12:18:48PM -0500, Patrick W. Gilmore wrote: >>> I repeat something I&#

Re: google ipv6 routes via cogent

On Mar 3, 2017, at 7:00 AM, Nick Hilliard wrote: > > Niels Bakker wrote: >> As I explained in the rest of my email that you conveniently didn't >> quote, it's so that you can selectively import routes from all your >> providers in situations where your router cannot handle a full table. > > it c

Re: google ipv6 routes via cogent

On Mar 3, 2017, at 9:05 PM, Job Snijders wrote: > On Fri, Mar 03, 2017 at 09:42:04AM -0500, Patrick W. Gilmore wrote: >> On Mar 3, 2017, at 7:00 AM, Nick Hilliard wrote: >>> Niels Bakker wrote: >>>> As I explained in the rest of my email that you conveniently didn&

Re: Conference Videos

On Mar 13, 2017, at 6:06 PM, Steve Feldman wrote: > On Mar 13, 2017, at 2:52 PM, Mike Hammett wrote: >> >> Another organization I'm in has a hard policy of no recordings of any >> sessions at their conferences. They think that recordings of content (even >> vendor-sponsored, vendor-specific se

Re: EFF Call for sign-ons: ISPs, networking companies and engineers opposed to FCC privacy repeal

I am somehow please that Mr. Glass does not find me a “knowledgeable network professional”. It feels like a badge of honor. Any other “not” knowledgeable network professionals want to come forward and accept this badge? Personally, I find the FCC’s current rules to be sub-optimal. But saying a

Re: EFF Call for sign-ons: ISPs, networking companies and engineers opposed to FCC privacy repeal

tt > Intelligent Computing Solutions > > Midwest Internet Exchange > > The Brothers WISP > > - Original Message - > > From: "Patrick W. Gilmore" > To: "NANOG list" > Sent: Monday, March 27, 2017 6:22:27 PM > Subject: Re: EFF Ca

Re: EFF Call for sign-ons: ISPs, networking companies and engineers opposed to FCC privacy repeal

Mike: My guess is you do not. Which is -precisely- why the users (proletariat?) need to find a way to stop you. Hence laws & regulations. Later in this thread you said “we are done here”. Would that you were so lucky. -- TTFN, patrick > On Mar 28, 2017, at 5:58 PM, Mike Hammett wrote: > >

Re: EFF Call for sign-ons: ISPs, networking companies and engineers opposed to FCC privacy repeal

west Internet Exchange <http://www.midwest-ix.com/> > <https://www.facebook.com/mdwestix> > <https://www.linkedin.com/company/midwest-internet-exchange> > <https://twitter.com/mdwestix> > The Brothers WISP <http://www.thebrotherswisp.com/> > <https:/

Re: EFF Call for sign-ons: ISPs, networking companies and engineers opposed to FCC privacy repeal

tionsDeKalb> >> <https://www.linkedin.com/company/intelligent-computing-solutions> >> <https://twitter.com/ICSIL> >> Midwest Internet Exchange <http://www.midwest-ix.com/> >> <https://www.facebook.com/mdwestix> >> <https://www.linkedin.co

Re: EFF Call for sign-ons: ISPs, networking companies and engineers opposed to FCC privacy repeal

On Mar 29, 2017, at 6:48 AM, Mike Hammett wrote: > > ISPs lying? Sounds like something for the courts, not capitol hill. You can’t sue someone because they do something you do not like. Well, you can, but you won’t win. I guess you could ask for the providers to put it in their terms of servi

Re: BGP peering question

1) Are they present an IX where I am present? 2) Can they configure BGP correctly? 3) … Beer? Private interconnect requires actual thinking. Putting a procedure in around public peering is just overhead we don’t need. -- TTFN, patrick > On Jul 10, 2017, at 4:12 PM, craig washington > wrote

Re: BGP peering question

> Then you need to decide if you want to be a hop between those two peers or if > you want them to serve you only. You can change your routing so that both > providers know of your routes but you are not sharing routes between the two > providers. The definition of “peering” to most ISPs would

Re: Max Prefix Out, was Re: Verizon 701 Route leak?

On Sep 1, 2017, at 5:26 AM, Randy Bush wrote: > > i have 142 largish bgp customers, a large enough number that the number > of prefixes i receive from them varies annoyingly. how do i reasonably > automate setting of my outbound prefix limit? First, it seems you know the inbound so automating t

Re: Peering at public exchange authentication

MD5 on BGP Considered Harmful -- TTFN, patrick Composed on a virtual keyboard, please forgive typos. > On Sep 29, 2017, at 13:41, craig washington > wrote: > > Hello all, > > > Wondering your views or common practices for using authentication via BGP at > public exchange locations. > >

Re: Akamai Traffic Spikes

On Oct 4, 2010, at 3:50 PM, Scott, Robert D. wrote: > We were trying to diagnose an issue we had around 1 PM EDST, and were looking > at net flow data. The data indicated a significant change in our traffic > patterns, all coming from Akamai address space. The Akamai utilization graphs > show a

Re: Network Operators Unite Against SORBS

On Oct 12, 2010, at 12:25 PM, Scott Howard wrote: > On Tue, Oct 12, 2010 at 5:35 AM, iHate SORBS wrote: > >> I am calling on all Network Operators to stand up and stop routing >> dnsbl.sorbs.net until that time they can commit to making real changes. >> > > What sort of changes are you suggesti

Re: Only 5x IPv4 /8 remaining at IANA

On Oct 18, 2010, at 9:39 AM, Jeffrey Lyon wrote: > My clients can't use IPv6 when my infrastructure and carriers don't support > it. Smells like a business opportunity to steal your customers. Thanx! -- TTFN, patrick > On Mon, Oct 18, 2010 at 5:52 PM, Franck Martin wrote: >> Nah... >> >>

Re: Token ring? topic hijack: was Re: Mystery open source switching

X.25 is very useful for non TCP applications, especially in places where the infrastructure is less-than-modern. X.25 used as a layer 2 transport (even though it is not technically a L2 protocol, but then neither is ATM) is useful because it has error checking. -- TTFN, patrick On Nov 2, 201

Re: Token ring? topic hijack: was Re: Mystery open source switching

On Nov 4, 2010, at 10:52 AM, Curtis Maurand wrote: > On 11/2/2010 3:49 PM, Sven Olaf Kamphuis wrote: >>> Are there still any commercial X.25 nets in operation? I had some >>> peripheral involvement with Tymnet in the MCI/Concert conversion, and hear >>> it shut down sometime in 2003-4. >> >> h

Re: Token ring? topic hijack: was Re: Mystery open source switching

On Nov 4, 2010, at 3:28 PM, Jeroen van Aart wrote: > On Wed, Nov 3, 2010 at 8:15 AM, Gary Baribault wrote: >> OK, I haven't taken it back out of the box, but anyone still have 8 >> bit ISA Arcnet with thin coax? > > Sorry no, but I have a Commodore 64 1200/75 baud modem, real collectors > item.

  1   2   3   4   5   6   7   8   >