nanog mailing list archives
Re: NANOG Digest, Vol 48, Issue 41
From: Scot Loach <scot.loach () gmail com>
Date: Sun, 15 Jan 2012 13:56:45 -0500
On 1/15/12, nanog-request () nanog org <nanog-request () nanog org> wrote:
Send NANOG mailing list submissions to nanog () nanog org To subscribe or unsubscribe via the World Wide Web, visit https://mailman.nanog.org/mailman/listinfo/nanog or, via email, send a message with subject or body 'help' to nanog-request () nanog org You can reach the person managing the list at nanog-owner () nanog org When replying, please edit your Subject line so it is more specific than "Re: Contents of NANOG digest..." Today's Topics: 1. Re: Whois 172/12 (Alex Ryu) 2. RE: Whois 172/12 (Network IP Dog) 3. Re: Monday Night Footbal -- on Google? (Mark Tinka) 4. Re: Whois 172/12 (Suresh Ramasubramanian) 5. Re: Whois 172/12 (Jay Moran) 6. accessing multiple devices via a script (Abdullah Al-Malki) 7. Re: accessing multiple devices via a script (Phil Regnauld) 8. Re: accessing multiple devices via a script (Joel jaeggli) 9. Re: accessing multiple devices via a script (Justin Krejci) 10. Re: accessing multiple devices via a script (Kurth Bemis) 11. RE: Whois 172/12 (Keith Medcalf) ---------------------------------------------------------------------- Message: 1 Date: Sun, 15 Jan 2012 09:43:24 -0600 From: Alex Ryu <r.hyunseog () ieee org> To: bmanning () vacation karoshi com Cc: nanog () nanog org Subject: Re: Whois 172/12 Message-ID: <CAM9zEH5_P2o2s8rT6TaE1OeE4dZC2GamWpgDAoZU_i1iq=p4Cw () mail gmail com> Content-Type: text/plain; charset=ISO-8859-1 Similar to 1.0.0.0/8 case, which was allocated to APNIC last year or so... On Sun, Jan 15, 2012 at 6:47 AM, <bmanning () vacation karoshi com> wrote:On Sun, Jan 15, 2012 at 06:36:12AM -0600, Robert Bonomi wrote:From nanog-bounces+bonomi=mail.r-bonomi.com () nanog org ?Sun Jan 15 02:02:00 2012 Subject: Re: Whois 172/12 From: "Patrick W. Gilmore" <patrick () ianai net> Date: Sun, 15 Jan 2012 02:58:11 -0500 To: NANOG list <nanog () nanog org> Read RFC1918. Likely a machine on his local network (i.e. behind the same NAT box) is hitting him.Patrick, ? I'v read RFC-1918. ? I cannot find *any* reference to ?172.0/12, as the OP was asking about. ?172.16/12, yes. but not 172.0/12. ?Can you please clarify your advice? ZZ? ? ? ?so as a stylistic point, ? 172/12 ?is supposed to equal 172.0.0.0/12? ? ? ? ?if memory serves, back in the day, there were records of allocations in this space, ? ? ? ?pre-ARIN. When RFC 1918 was settled on, there were some folks blocking 172.0.0.0/8 ? ? ? ?so there was talk of relocating those folks into other space. /bill------------------------------ Message: 2 Date: Sun, 15 Jan 2012 08:16:42 -0800 From: "Network IP Dog" <network.ipdog () gmail com> To: "'Suresh Ramasubramanian'" <ops.lists () gmail com>, "'Patrick W. Gilmore'" <patrick () ianai net> Cc: 'NANOG list' <nanog () nanog org> Subject: RE: Whois 172/12 Message-ID: <4f12fbf5.a24de70a.66e1.fffff79b () mx google com> Content-Type: text/plain; charset="UTF-8" <quote>Jesus. 172.16/12 fine .. that's rfc1918. The rest of 172/8 is mostly unallocated.</quote> What's with the language? Ephesians 4:32 & Cheers!!! -----Original Message----- From: Suresh Ramasubramanian [mailto:ops.lists () gmail com] Sent: Sunday, January 15, 2012 12:35 AM To: Patrick W. Gilmore Cc: NANOG list Subject: Re: Whois 172/12 Jesus. 172.16/12 fine .. that's rfc1918. The rest of 172/8 is mostly unallocated. On Sun, Jan 15, 2012 at 1:28 PM, Patrick W. Gilmore <patrick () ianai net> wrote:Read RFC1918. Likely a machine on his local network (i.e. behind the same NAT box) is hitting him. But that is not guaranteed. A packet with a source address of 172.0.x.x-- Suresh Ramasubramanian (ops.lists () gmail com) ------------------------------ Message: 3 Date: Mon, 16 Jan 2012 00:17:55 +0800 From: Mark Tinka <mtinka () globaltransit net> To: nanog () nanog org Subject: Re: Monday Night Footbal -- on Google? Message-ID: <201201160017.59546.mtinka () globaltransit net> Content-Type: text/plain; charset="us-ascii" On Thursday, January 12, 2012 12:06:42 PM Jay Ashworth wrote:I'm not saying you need the whole 19mbps (though, remember here, we are not talking about "Additional Carriage"; we are talking about *being the only way people can see that game* -- and my example was the Super Bowl).. but unless MPEG algorithms have gotten *much* better than I'm aware of, 5mb/s is probably not enough for the Super Bowl. And you'd really be better off with some FEC, too, even if it costs you a couple frames extra delay.For broadcast networks, what we're seeing they like is that unlike satellite transmissions, there is more flexibility for them on IP (IPTv), which would let them lift compression rates and pack more data into a stream. But because most of them are primarily satellite broadcasting houses, only starting to roll-out IPTv, they need to maintain parity on both transmission media. Whatever the case, 5Mbps would be too low. At 1080i, we have a customer pushing HD channels at about 13Mbps a piece, give or take. Mark. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: This is a digitally signed message part. URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20120116/266aa19b/attachment-0001.bin> ------------------------------ Message: 4 Date: Sun, 15 Jan 2012 21:59:53 +0530 From: Suresh Ramasubramanian <ops.lists () gmail com> To: Network IP Dog <network.ipdog () gmail com> Cc: NANOG list <nanog () nanog org> Subject: Re: Whois 172/12 Message-ID: <CAArzuouosAsiA6YR_RZxOU9wB5+evG_uyJNK2gx3sQWAvmksVw () mail gmail com> Content-Type: text/plain; charset=UTF-8 So kind, compassionate and forgiving that I'll buy Patrick a beer when I see him next, its been a long time. --srs On Sun, Jan 15, 2012 at 9:46 PM, Network IP Dog <network.ipdog () gmail com> wrote:<quote>Jesus. 172.16/12 fine .. that's rfc1918. ? The rest of 172/8 is mostly unallocated.</quote> What's with the language? Ephesians 4:32 ?& ?Cheers!!!-- Suresh Ramasubramanian (ops.lists () gmail com) ------------------------------ Message: 5 Date: Sun, 15 Jan 2012 11:39:48 -0500 From: Jay Moran <jay+NANOG () tp org> To: NANOG <nanog () nanog org> Subject: Re: Whois 172/12 Message-ID: <CA+Ld8r9ouXgt6FPb_jdOASf9bK_CwmeQjYQV9dc=+JeEZFVr4w () mail gmail com> Content-Type: text/plain; charset=ISO-8859-1 On Sun, Jan 15, 2012 at 8:54 AM, Jon Lewis <jlewis () lewis org> wrote:AOL has and uses (publicly) a bunch of space in 172/8. In fact, looking at a BGP table, I'd say they're by far the largest user (one of the only) in that /8.We, AOL, have 172.128/10, 172.192/12, 172.208/13, 172.216/16. These blocks represent our dial-up ISP customers that can't seem to get broadband or for whatever reason, stay on dial-up. Also pretty amazingly is how high the simultaneous user count has stayed, guess the folks that left weren't the ones on in the evenings between 7-10pm ET. We (mostly me) are looking into solutions to be able to remove the reliance on this space. Unfortunately, most of the developers, who created the various servers/applications that dole out these addresses, all left in the late 90's with some pretty fat wallets; at this point... it's an archeology dig. Jay -- Jay Moran http://tp.org/jay ------------------------------ Message: 6 Date: Sun, 15 Jan 2012 20:52:50 +0300 From: Abdullah Al-Malki <a.almalki1402 () gmail com> To: nanog () nanog org Subject: accessing multiple devices via a script Message-ID: <CAPoCSvtrRhCc4T_LOdz_7EAhwckeP58zJfvy8UfiLjf4qq48LQ () mail gmail com> Content-Type: text/plain; charset=ISO-8859-1 Hi fellows, I am supporting a big service provider and sometimes I face this problem. Sometimes I want to access my customer network and want to extract some verification output "show commands" from a large number of devices. What kind of scripting solutions you guys are using this case. Appreciate the feedback, Abdullah ------------------------------ Message: 7 Date: Sun, 15 Jan 2012 18:56:55 +0100 From: Phil Regnauld <regnauld () nsrc org> To: Abdullah Al-Malki <a.almalki1402 () gmail com> Cc: nanog () nanog org Subject: Re: accessing multiple devices via a script Message-ID: <20120115175655.GB35765 () macbook bluepipe net> Content-Type: text/plain; charset=us-ascii Abdullah Al-Malki (a.almalki1402) writes:Hi fellows, I am supporting a big service provider and sometimes I face this problem. Sometimes I want to access my customer network and want to extract some verification output "show commands" from a large number of devices. What kind of scripting solutions you guys are using this case.Hi Abdullah, rancid ? http://www.shrubbery.net/rancid/ Cheers, Phil ------------------------------ Message: 8 Date: Sun, 15 Jan 2012 10:01:29 -0800 From: Joel jaeggli <joelja () bogus com> To: Phil Regnauld <regnauld () nsrc org> Cc: nanog () nanog org Subject: Re: accessing multiple devices via a script Message-ID: <4F131479.6040805 () bogus com> Content-Type: text/plain; charset=ISO-8859-1 On 1/15/12 09:56 , Phil Regnauld wrote:Abdullah Al-Malki (a.almalki1402) writes:Hi fellows, I am supporting a big service provider and sometimes I face this problem. Sometimes I want to access my customer network and want to extract some verification output "show commands" from a large number of devices. What kind of scripting solutions you guys are using this case.Hi Abdullah, rancid ? http://www.shrubbery.net/rancid/clogin from rancid features prominently in a lot of our network level automation... so does pdsh... http://code.google.com/p/pdsh/ Particularly when it involves hosts.Cheers, Phil------------------------------ Message: 9 Date: Sun, 15 Jan 2012 18:41:09 +0000 From: "Justin Krejci" <jkrejci () usinternet com> To: "Abdullah Al-Malki" <a.almalki1402 () gmail com>, nanog () nanog org Subject: Re: accessing multiple devices via a script Message-ID: <1400261429-1326652872-cardhu_decombobulator_blackberry.rim.net-359265357-@b1.c4.bise6.blackberry> Content-Type: text/plain Parallel ssh (pssh) might help you too ------Original Message------ From: Abdullah Al-Malki To: nanog () nanog org Subject: accessing multiple devices via a script Sent: Jan 15, 2012 11:52 AM Hi fellows, I am supporting a big service provider and sometimes I face this problem. Sometimes I want to access my customer network and want to extract some verification output "show commands" from a large number of devices. What kind of scripting solutions you guys are using this case. Appreciate the feedback, Abdullah ------------------------------ Message: 10 Date: Sun, 15 Jan 2012 13:46:13 -0500 From: Kurth Bemis <kurth.bemis () gmail com> To: Phil Regnauld <regnauld () nsrc org> Cc: nanog () nanog org Subject: Re: accessing multiple devices via a script Message-ID: <1326653173.3288.4.camel@kurth-gsm> Content-Type: text/plain; charset="UTF-8" On Sun, 2012-01-15 at 18:56 +0100, Phil Regnauld wrote:Abdullah Al-Malki (a.almalki1402) writes:Hi fellows, I am supporting a big service provider and sometimes I face this problem. Sometimes I want to access my customer network and want to extract some verification output "show commands" from a large number of devices. What kind of scripting solutions you guys are using this case.Hi Abdullah, rancid ? http://www.shrubbery.net/rancid/ Cheers, PhilBack in the day (~2001 era) I used expect to do a lot of tasks across (in that day) telnet. http://www.linuxjournal.com/article/3065 Good Luck, ~k ------------------------------ Message: 11 Date: Sun, 15 Jan 2012 11:49:22 -0700 From: "Keith Medcalf" <kmedcalf () dessus com> To: "nanog () nanog org" <nanog () nanog org> Subject: RE: Whois 172/12 Message-ID: <4317db7bf189e74dad2ded425777378e () mail dessus com> Content-Type: text/plain; charset="iso-8859-1" As port 137 is the Netbios Name Service port are you *sure* this is a port scan and not a windows box (or other OS running NetBIOS crud) that simply has fat-fingered addresses configured? --- ()? ascii ribbon campaign against html e-mail /\? www.asciiribbon.org-----Original Message----- From: Ted Fischer [mailto:ted () fred net] Sent: Sunday, 15 January, 2012 01:20 To: nanog () nanog org Subject: Re: Whois 172/12 Thanks for the replies so far, but not what I was looking for. I should have specified that I've done several ns & dig lookups just to make sure. We were supposed to have lit up the last of IPv4 last year. I would have presumed that meant that there was nothing left. Since I can't find a reference to 172/12 anywhere, one might be led to presume that it was allocated somehow, to someone (perhaps inadvertently not recorded) since there are - supposedly - no fresh IPv4 addresses left to allocate, and the only reference to this block is that 172/8 is allocated to ARIN. It doesn't even appear in RFC 5735. We all know about 172.16/12 - nothing left of that horse but glue. My question is about 172/12. Where is it, what is it's supposed purpose. I'm almost sure it's an internal box. I just find it better to give a professional answer to "why can't I use this" than just "you can't use this and why is this address scanning you for udp/137 anyway". If someone can point out to me what was done with 172/12 I'd appreciate it. Patrick opined:Read RFC1918.I didn't remember seeing anything about 172/12 in RFC1918. Looked at it again. Is there something about 172/12 I missed? Thanks.Likely a machine on his local network (i.e. behind the same NAT box) is hitting him. But that is not guaranteed. A packet with a source address of 172.0.x.x could be hitting his machine. Depends on how well you filter. Many networks only look at destination IP address, source can be anything - spoofed, un-NAT'ed, etc. He just wouldn't be able to send anything back to it (unless it was on the local LAN, as I mention above). -- TTFN, patrick On Jan 15, 2012, at 2:53 AM, Alex Ryu wrote:As far as I know, 172.0.1.216 is not assigned, yet. whois -h whois.arin.net 172.0.1.216 [whois.arin.net] # # Query terms are ambiguous. The query is assumed to be: # "n 172.0.1.216" # # Use "?" to get help. # No match found for 172.0.1.216. # # ARIN WHOIS data and services are subject to the Terms of Use # available at: https://www.arin.net/whois_tou.html # Also, when you check BGP routing table, it is not routed at all. route-server.as3257.net>sh ip bgp 172.0.1.216 % Network not in table route-server.as3257.net> So it seems like forged IP address. Alex On Sun, Jan 15, 2012 at 1:37 AM, Ted Fischer <ted () fred net> wrote:Hi all, Tearing what's left of my hair out. A customer is getting scanned by a host claiming to be "172.0.1.216". I know this is bogus, but I want to go back to the customer with as much authoritative umph as I can (heaven forbid they just take my word). I'm pretty sure I read somewhere once that 172/12 was "reserved" or something like that. All I can find now is that 172/8 is "administered by ARIN". Lots of information on 172.16/12, but not a peep about 172/12. If anybody could provide some insight as to the allocation/non-allocation of this block, it would be much appreciated. Thanks. Ted FischerEnd of NANOG Digest, Vol 48, Issue 41 *************************************
-- Sent from my mobile device
Current thread:
- Re: NANOG Digest, Vol 48, Issue 41 Scot Loach (Jan 15)
- Re: NANOG Digest, Vol 48, Issue 41 Jason Hellenthal (Jan 15)