swinog October 2017

swinog@lists.swinog.ch

14 participants
17 discussions

## Agenda - SwiNOG#32'ers - we're ready ##

by Simon Ryf

Dear SwiNOG community, Agenda for SwiNOG #32 on Tuesday 09.11.2017 on top of Gurten. Registration ends 03.10.2017 23:59:00, after that - please write us for late reg (with extra costs). We still have time for Lightning Talks, if you’re up for it, you’ll get a free voucher for the next event or if submitted before 06.11.2017 – for SwiNOG#32 CHF 100.- for 5 minutes (just saying…) Agenda http://www.swinog.ch/meetings/swinog32/ Sponsor Presentation / tba | tba (Extreme Networks) Free Range Routing or how we ditched OSPF for BGP unnumbered (based on RFC5549) | Manuel Schweizer (cloudscale.ch) As a contributor to the FRR project, I’m going to explain what FRR is and how we at cloudscale.ch are using it. Furthermore, I will shed some light at why we chose a certain x86-based hardware platform and provide a future outlook of where FRR is heading. Network Unit Testing with SaltStack | Urs Baumann (INS - Institute for Networked Solutions) Enabling unit testing in the network with Nuts (network unit testing system) and SaltStack. Technical presentation how the open source software Nuts uses SaltStack to test the network. colt onDemand - from visions in 2012 to reality in 2017 | Andreas Glag (Colt) SwissIX Update | Manuel Schweizer (SwissIX) SwissIX Update Flowmon DDoS Defender | Pavel Minařík (Flowmon) Flowmon DDoS Defender is a scalable anti-DDoS solution leveraging netflow data from routers or dedicated network probes for real-time detection and automated mitigation of volumetric attacks led against customer’s infrastructure. It provides the state of the art detection with automated mitigation within a minute, deep understanding of attack characteristics and a full-range of methods for successful attack mitigation ranging from alerting (e-mail, syslog, SNMP trap), traffic diversion (PBR, BGP, RTBH, Flowspec), execution of scripts, mitigation in cloud with Scrubbing centres or on-premise through specific out of-band DDoS systems. if (network == server) { magic happens } | Attilla de Groot (Cumulus Networks) Automating the network has become common practice. One thing that we don’t want to automate are operator mistakes on a fabric level. How can this be prevented by building a CI/CD environment using Cumulus, NetQ, Ansible and Gitlab. Introduction to LoRaWAN | Christian Mäder LoRaWAN is a network stack designed mostly to retrieve data from IoT sensors with limited power source. This talk will be an introduction to how this network stack works; like how it does the addressing and routing or what it's secrecy promises are. Piranha: where all the fishy routes meet... | Pascal Gloor (Quickline) Do you really know what's going on in your BGP? Analyse your BGP in realtime. Update - Communityrack.org and Community-IX.ch | Markus Meier (Communityrack.org) Community Update Social Event Looking forward to seeing all of you!!! Simon SwiNOG

5 years, 4 months

What blacklists does @bluewin.ch use

by Benoit Panizzon

Hello List A Mailserver from a business customer of ours is blacklisted @ bluewin. The Error Message from Bluewin MXes directing to the removal site: https://www.swisscom.ch/en/res/hilfe/ip-blacklist.html Our customer has requested removal via this form, no success. Our customer has contacted bluewin and opened a trouble ticket. He got the information that his ISP (us) should take care to remove his IP from the blacklists, but is not getting any information about which blacklists. http://multirbl.valli.org Blacklisted: 0 We are at a loss. Does anyone know what kind of blacklists bluewin uses? Kind regards -Benoît Panizzon- -- I m p r o W a r e A G - Leiter Commerce Kunden ______________________________________________________ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 Pratteln Fax +41 61 826 93 01 Schweiz Web http://www.imp.ch ______________________________________________________

5 years, 4 months

BlueWin and Cloudmark

by DUCHET Rémy

Hello @ll, We have some customers that have spam issues when sending email to @bluewin.ch . Since 2 months, all emails sent to @bluewin.ch recipients are marked junk. Thats what we can trace : X-Bluewin-Spam-Analysis: v=2.1 cv=eL3e9Cd1 c=1 sm=1 tr=0 p=fUeVjJJZAAAA:8 a=qTcuhanu2jf2BI9KYv9RyA==:117 a=qTcuhanu2jf2BI9KYv9RyA==:17 a=L9H7d07YOLsA:10 a=9cW_t1CCXrUA:10 a=s5jvgZ67dGcA:10 a=K_h_1cidfDUA:10 a=xqWC_Br6kY4A:10 a=02M-m0pO-4AA:10 a=oXc4haEe4je61EW4P-sA:9 a=wPNLvfGTeEIA:10 a=yMhMjlubAAAA:8 a=SSmOFEACAAAA:8 a=VzdpOnGMIpnfysyMU8MA:9 a=rUqq3GAnYQ2zrqZp:21 a=gKO2Hq4RSVkA:10 a=UiCQ7L4-1S4A:10 a=hTZeC7Yk6K0A:10 a=frz4AuCg-hUA:10 a=a4CKYyBK0OAZSS6edTcA:9 a=pA59YpQ9dOODYSR3:18 a=KQqxNPgzF0kA:10 a=359DcwL6FTx8MXQu2PII:22 X-Bluewin-Spam-Score: 100.00 If anybody from Bluewin can contact me off list Thanks, Rémy

5 years, 4 months

Re: [swinog] ##### SwiNOG #32 - Agenda #####

by Simon Ryf

Dear SwiNOGers Final Agenda is online. http://www.swinog.ch/meetings/swinog32/index.asp (order can still change) Please hurry up with your registration, we’ll close it this Friday 23:59. After that, you’ll have to late reg with increased fee. There are still slots for Speed Talks or a 30min talk. If you think you could last minute contribute, please let me know. Would be nice :-) Tomorrow I will send you an update with a detailed Agenda including the abstracts. Br Simon Important Dates for SwiNOG#31 03.11.2017 Registration closes (only late reg possible after that) 09.11.2017 Meeting day

5 years, 4 months

Re: [swinog] background migration of swisscom connection from IPv4 native to v6 + DS-Lite

by Scott Weeks

--- gert(a)space.net wrote: From: Gert Doering <gert(a)space.net> To: Scott Weeks <surfer(a)mauigateway.com> On Sun, Oct 29, 2017 at 02:53:41PM -0700, Scott Weeks wrote: > I was not around for those discussions (and not being a computer > science person, nor wanting to go on this for too long as has been > endlessly done on other lists), but it seems TLV would have allowed > 4 to be a subset of the new space. I never heard that discussed > much and that's what I meant by my comment. The point is: if you introduce a change to the packet format (and TLV would be), you are no longer compatible with IPv4. Which makes the whole "I want this to be compatible so I do not have to change infra or end points" totally moot. Worse, then you have "old IPv4" and "new IPv4" machines who might or might not be able to talk to each other, depending on which IPv4 address the "new IPv4" got (a long one or a short one) - while with IPv6, you have unmodified old IPv4 to ensure compatibility during the transition, and then you turn it off (in 10 years or so). --------------------------------------------------- I guess all ways IETF participants thought of a new address space would not have allowed backwards compatibility with IPv4? Thanks for the explanation. I appreciate it. Hopefully, others here find it interesting, too. scott

5 years, 4 months

Re: [swinog] background migration of swisscom connection from IPv4 native to v6 + DS-Lite

by Scott Weeks

--- gert(a)space.net wrote: From: Gert Doering <gert(a)space.net> On Sun, Oct 29, 2017 at 12:57:54PM -0700, Scott Weeks wrote: > Yeah, it's quite unfortunate that IPv4 ran out so suddenly, > barely 15 years after people were told to move towards IPv6. > --------------------------------------- > > > Especially after IETF made it backwards compatible and made > it so easy to switch from 4 to 6... ;-) There's no way to make "something with longer addresses" compatible without IPv4 without changing everything (routers, endpoints) - so, that argument is usually one brought forward as one of a long list of standard excuses to avoid deploying IPv6, while at the same time blaming everyone else for the problems with IPv4. ------------------------------------------- Note the smiley face above. This one, too... :) I was not around for those discussions (and not being a computer science person, nor wanting to go on this for too long as has been endlessly done on other lists), but it seems TLV would have allowed 4 to be a subset of the new space. I never heard that discussed much and that's what I meant by my comment. scott

5 years, 4 months

Re: [swinog] background migration of swisscom connection from IPv4 native to v6 + DS-Lite

by Scott Weeks

--- gert(a)space.net wrote: From: Gert Doering <gert(a)space.net> Yeah, it's quite unfortunate that IPv4 ran out so suddenly, barely 15 years after people were told to move towards IPv6. --------------------------------------- Especially after IETF made it backwards compatible and made it so easy to switch from 4 to 6... ;-) scott _______________________________________________ swinog mailing list swinog(a)lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

5 years, 4 months

background migration of swisscom connection from IPv4 native to v6 + DS-Lite

by WolfSec-Support

Hello, could be someone from swisscom so kind and contact me offlist via email please. our customer has a swisscom dsl connection and last week they changed these to v6. he already tried 3 times via swisscom helpdesk without success. the first level seems to have no idea about ds lite and v6... ;-/ we want to go back to v4 native. in customer center we have deactivated v6 - but it is still online via v6 and ds-lite we did all what was explained: - switchoff modem for an hour - reboot 3 times router etc effectively now the vpn is for sure not working via ds lite and carrier grade NAT.... thanks in advance Stephan Besten Dank. Freundliche Grüsse, WolfSec-Support WolfSec Postanschrift: Swiss Post Box: 104213 Zürcherstrasse 161 CH-8010 Zürich http://www.wolfsec.ch

5 years, 4 months

Only four weeks until DENOG9 in Darmstadt, Germany

by Arnold Nipper

Dear SwiNOG The ninth meeting of the German Network Operators Group (DENOG) will be held in Darmstadt, Germany on the 23rd and 24th of November 2017. Again these are two days packed with presentations, lots of room to socialise and networking accompanied by an exhibition where you can talk to vendors. There are still a few places left. If you are interested please register at http://www.denog.de/meetings/denog9/registration.php Best regards Arnold Nipper -- Arnold Nipper email: arnold(a)nipper.de mobile: +49 172 2650958

5 years, 4 months

Security Chat 4.0 - November 16 - Sign Up Now!

by Raffael Marty

This is already the fourth iteration of our Security Chat series. We are gathering for an evening of short security-related presentations and networking with peers in the security industry. Security Chat 4.0 Thursday, November 16th, 18.00 - 20.00 AdNovum Informatik AG (Headquarters), 22 Röntgenstrasse, 8005 Zürich (free) singup at: http://bit.ly/security40 If you are interested in giving a short presentation, please indicate on the signup or email me directly. Any topic welcome: Projects you are working on, research you have conducted, questions you would like to get answers from the attendees, an embarrassing security story; the stage is yours. We have a sponsor who offered to provide us with some small libations for after the event. And keep the rest of your evening open; I am sure there'll be a group that is going to get some dinner afterwards. Hope to see you at the event! -raffy PS: Tell your friends!

5 years, 5 months

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

swinog October 2017