- NZNOG - lists.nznog.org

CFP: Systems Administration Mini-Conference at NZNOG 08
by Simon Lyall 23 Jul '07

23 Jul '07

Call for Presentations for NZNOG 2008: Systems Administration Mini-Conference http://nznog.miniconf.org We will be holding a network systems administration mini-conference in Dunedin, New Zealand on Wednesday 2008-01-23, as part of the New Zealand Network Operators' Group 2008 conference (http://2008.nznog.org/) The NZNOG 2008 conference will be held between 2008-01-23 and 2008-01-25. Registration at the NZNOG 2008 conference is a mandatory prerequisite for attendance at the mini-conference; we expect there will be no additional charge. Note: A similar Mini-conference is also intended to be held in Melbourne, Australia, a week later as part of linux.conf.au 2008. The mini-conference's focus is on "Layer 7" issues to do with network and ISP operations, including providing customer services (email, DNS, etc) and provisioning and management topics. We are now seeking proposals for presentations at the mini-conference. We have openings for: - 50-60 minute full presentations - 25-30 minute half presentations - 5-10 minute "lightning talks" - 5-10 minute "How we do things" presentations Presentations are expected to be directed at a technical audience, and focused on a system administration area related to network or ISP operations. Some possible topics: - Email servers and spam filtering techniques - DNS servers, registry systems - server security and best sysadmin practices in an Internet provider environment - VoIP servers - network management / monitoring tools - RADIUS/TACACS/LDAP - Netflow, routing, and traffic analysis tools - server tuning for high performance networking - provisioning tools - honeypots and other security techniques - network based storage - high availability and disaster recovery for network services - virtual machine technology for network services - *nix based routing and fire-walling - tools you need that you may not know about We are happy to discuss the suitability of other topics with intending presenters. The 10 minute "How we do things" presentations are intended for people to talk about their sites. Information could include: Servers, talks, tools, people and roles, experiences, software, operating systems, monitoring, alerting, provisioning etc. The intent is to give other attendees a picture of what is happening in the "real world" and some understanding of how other sites work and how to interact with them. Timeline: - Proposals due by 2007-11-19 - Selection advised by 2007-11-27 - Draft program published by 2007-11-30 - Presentations 2008-01-23 Please send all proposals and questions to <talks08(a)nznog.miniconf.org> Andrew McMillan, Ewen McNeill and Simon Lyall (Conveners)

1 0

peering mailing lists for NZIXs?
by Anton Smith 23 Jul '07

23 Jul '07

Hi all, I have a question for you all that has come up for me after spending most of my recent time up here in good old Iceland. The company I work for are connected to both LINX and AMSIX, and as some of you may know both of these exchanges have mailing lists that are used for such things as.. well, asking everybody else if they would like to peer. As part of the process of a new member coming onto the exchange, it is sent to the mailing list and all existing members can say 'yes, that organisation is perfectly fine to come on board, and yes, we will peer with them'.. or something along those lines (they might say, yes we don't mind them connecting but we won't peer with them). Where would be an appropriate place here in NZ to broadcast a desire to peer with anyone present at WIX and APE? How many organisations 'trust' the route servers? Is there a significant amount of missed peering traffic because some organisations have an open peering policy, but don't trust the route servers, and don't know where to broadcast a 'we would like to peer' message? The large carriers aside, are entities on WIX, APE, etc, missing out on some free peering simply because they don't know who else has an open peering policy? I notice that up here on AMSIX and LINX, it's very no nonsense and organisations often have a 'peering(a)xyz.com' mailbox, and anyone who is a member of the exchange can feel free to send mail to it (or just to the mailing list as happens reasonably frequently). In fact, it is built into the rules (at least on LINX), that you must monitor the mailbox and must respond within some time limit. Perhaps we don't need anything so formal, but maybe a peering mailing list for our IXs would be a good start. Or should we just use NZNOG? Regards, Anton

2 1

IPv6 Workshop
by Keith Davidson 22 Jul '07

22 Jul '07

All, What: IPv6 Technical Workshop, 6 - 10 August 2007 Where: InternetNZ, 10th Floor, Exchange Place, 5 - 7 Willeston St, Wellington When: 6 - 10 August 2007 What: Five day, hands-on workshop - IPv6 lab equipment, for up to 28 participants Who: Any technical people wanting to gain in depth knowledge of IPv6 Faraz Shamim (Cisco) and Gaurab Upadaya (Packet Clearing House) have kindly agreed to deliver their five day IPv6 Workshop in NZ. This workshop has been delivered at several APRICOT / APNIC / SANOG meetings in recent years. Faraz and Gaurab are experienced, world-class instructors on IPv6. The lab equipment consists of at least 14 Cisco routers and switches, a minimum of 1 set per 2 attendees. Nathan Ward will also be helping out with some of the sessions, particularly those relating to IPv6 transition strategies, and providing NZ specific insights. More details on this workshop at <www.internetnz.net.nz/events/ipv6workshop/ipv6workshop> The workshop is strictly limited to 28 attendees, on a first come, first served basis. Please confirm your attendance by emailing Susi Fookes, susi at internetnz.net.nz. Please include your daytime telephone contact number, and advise if you are able to supply your own laptop computer and advise if you are an InternetNZ member. For any details on the course contents contact Jonny Martin at internetnz.net.nz or by phone on 021 2304323. Regards Keith Davidson Executive Director - InternetNZ

1 0

Cisco 5500 bits
by Nathan Ward 21 Jul '07

21 Jul '07

I now work for WIC in Dunedin. We've got some Cisco 5500s, as we're keepin' it real, old-school style. Your Internet will likely traverse one (or more) of these 5500s when you attend NZNOG in January, so pay attention if you want reliable access to IRC. I'm interested in hearing from people who have spare parts for these that they'd be keen to move (for $, of course). It's better for the environment than throwing them out or dumping them in a store room, as they're not (AFAIK) RoHS compliant! Particular interest in: - GE modules - FE modules - Rack mount hardware (for 5513 - the one with 5 screws on to the chassis) - PSUs Additionally, if anyone has info RE the internal LEDs on a 5500 RSM (seemingly named CRXX, where X is a number), please let me know - we've got what appears to be a faulty one, and I'd like to figure out why. (Yes I know they're EOL) (Replies RE parts offlist please) (Also, any other unwanted router or switch hardware, I'd be interested to hear about too. If other people are after parts, I'll circulate some offlist summaries of what's out there to those who register interest with me.) -- Nathan Ward

1 0

Kiwicon 2k7 - Call For Presenters
by Simon Howard 20 Jul '07

20 Jul '07

[-----------------------------------------------------------------------] __ _ __ _ _ / ('>- / /__ (_) __(_)______ ___ '07 \__/ / '_// / |/|/ / / __/ _ \/ _ \ L\_ /_/\_\/_/|__,__/_/\__/\___/_//_/ [-----------------------------------------------------------------------] After travelling the world to attend many excellent security conferences with our compatriots, we decided it was time to pull finger and organise one in Aotearoa, New Zealand. This is the call for presenters for the inaugural Kiwicon. [WTF?] Kiwicon '07 will be a largely informal conference, organised by the security community for the security community. It will be held in Wellington, New Zealand, on the weekend of the 17th and 18th of November, 2007. It will focus on sharing information; ideas, code, and catching up with other like-minded people from around New Zealand (and further abroad). [Venue] Our hosts for the weekend will be Victoria University of Wellington. This location has the advantage of being close to cheap accommodation and, more importantly, several good pubs. Details will be provided closer to the conference date. [Costs] Kiwicon '07 is a non-profit event. Attendance for the entire weekend will cost $50 for employed individuals (self-employed and salaried). There is a discounted rate of $30 for students and the unemployed. Please do note that there are several good pubs in close proximity. We anticipate the total cost of the weekend in money and dignity may be higher. [Topics] Suggested topics include but are not limited to: - Information Warfare / Industrial Espionage - Satellite Hacking - Echelon - Waihopai & Tangimoana - Lockpicking / Wiretapping / Bugs - Biometrics - Cellular Networks (GSM,GPRS,CDMA,3G,4G) - Phreaking / VoIP - Web Security - Wireless / Bluetooth / Infrared / Fibre - Exploitation Techniques - Access Control and Authentication - Reverse Engineering - Application Security, Testing, Fuzzing - Code Auditing - Virtualization - Malware (Viruses, Spam, Phishing, Botnets) - Banking / ATMs / Carding - Crypto - Forensics / Antiforensics - 0dayz!!! We do not plan on having pre-determined time slots for presentations. If your talk is only 20 minutes long, then you will only be talking for 20 minutes. The goal of the weekend is to share useful information - this means flexible time limits. We already have a number of excellent speakers confirmed, to get a slot for a talk send an email to cfp(a)kiwicon.org with the following information: Name: Handle: Country of Residence: Employer (if applicable): Brief Bio: Presentation Title: Presentation Length: Presentation Synopsis: [The Team] Kiwicon is being duct taped together by the following people: pipes - Doing it all wrong since 1973 bogan - Proprietor of fine minced emails since 1822 antic0de - What is Freelist[] anyways? shammah - I know i left a rootkit around here somewhere hntr - Will you post my bail? metlstorm - True Norwegian back bacon Joshua - Defcon 3: I lost my password [Contacts & Further Information] Email us: kiwicon(a)kiwicon.org Check the site: http://www.kiwicon.org Drop by silc: silc.isig.org.nz:2706/kiwicon Join the list: kiwicon-subscribe(a)lists.isig.org.nz :wq

1 0

Notification of NZRR Database changes
by NZRR Database Notifications 19 Jul '07

19 Jul '07

Dear Colleague, This is to notify you that some object(s) in NZRR database which you either maintain or are listed as to-be-notified have been added, deleted or changed. These objects are used to configure the various NZIX route servers (http://nzix.net/) so you can expect the relevant servers to be reloaded in the near future. The reloading of the servers is staggered over a period of time so that if you are peering with both servers at an exchange, you can maintain at least one BGP session at all times and consequently a full set of routes. --- PREVIOUS OBJECT: route-set: AS9560:RS-ROUTES:AS17705 descr: advertised to AS9560 by Inspire Net Ltd - AS17705 members: 203.114.128.0/18^18-29, 203.79.88.0/23^23-29, 203.96.157.0/24^24-29 admin-c: RPA1-NZRR tech-c: RPA1-NZRR notify: rpsl-admin(a)nzix.net notify: nznog(a)list.waikato.ac.nz notify: james(a)inspire.net.nz mnt-by: MAINT-NZRR-NZ changed: rpsl-admin(a)nzix.net 20050728 source: NZRR REPLACED BY: route-set: AS9560:RS-ROUTES:AS17705 descr: advertised to AS9560 by InspireNet - AS17705 members: 203.114.128.0/18^18-29, 203.79.88.0/23^23-29, 192.138.251.0/24^24-29, 203.96.157.0/24^24-29 admin-c: RPA1-NZRR tech-c: RPA1-NZRR notify: rpsl-admin(a)nzix.net notify: nznog(a)list.waikato.ac.nz notify: brenden(a)staff.inspire.net.nz mnt-by: MAINT-NZRR-NZ changed: rpsl-admin(a)nzix.net 20070720 source: NZRR

1 0

Notification of NZRR Database changes
by NZRR Database Notifications 19 Jul '07

19 Jul '07

Dear Colleague, This is to notify you that some object(s) in NZRR database which you either maintain or are listed as to-be-notified have been added, deleted or changed. These objects are used to configure the various NZIX route servers (http://nzix.net/) so you can expect the relevant servers to be reloaded in the near future. The reloading of the servers is staggered over a period of time so that if you are peering with both servers at an exchange, you can maintain at least one BGP session at all times and consequently a full set of routes. --- PREVIOUS OBJECT: route-set: AS9281:RS-ROUTES:AS17705 descr: advertised to AS9281 by Inspire.Net Ltd. - AS17705 members: 203.114.128.0/18^18-29, 203.79.88.0/23^23-29, 203.96.157.0/24^24-29 admin-c: RPA1-NZRR tech-c: RPA1-NZRR notify: rpsl-admin(a)nzix.net notify: nznog(a)list.waikato.ac.nz notify: mds(a)inspire.net.nz mnt-by: MAINT-NZRR-NZ changed: rpsl-admin(a)nzix.net 20050818 source: NZRR REPLACED BY: route-set: AS9281:RS-ROUTES:AS17705 descr: advertised to AS9281 by InspireNet - AS17705 members: 203.114.128.0/18^18-29, 203.79.88.0/23^23-29, 192.138.251.0/24^24-29, 203.96.157.0/24^24-29 admin-c: RPA1-NZRR tech-c: RPA1-NZRR notify: rpsl-admin(a)nzix.net notify: nznog(a)list.waikato.ac.nz notify: brenden(a)staff.inspire.net.nz mnt-by: MAINT-NZRR-NZ changed: rpsl-admin(a)nzix.net 20070720 source: NZRR

1 0

TelstraClear RPF and caching
by David Robb 19 Jul '07

19 Jul '07

Hi all, Given the thread over the last couple of days asking how TCL is implementing RPF and transparent caching I thought a semi-official reponse might be useful. We have RPF (the ERXs call it SA Validate) enabled on DSL connections, and the filters applied to the cable modems implement the same functionality there. RPF is not enabled on non-residential services, nor it is configured within the core of the network. Regarding transparent caching, all international traffic passes through the caching infrastructure, although only certain IP ranges are matched for redirection to the caches. There's nothing in there which takes into consideration whether you have a mixed international/domestic link (sorry Philip :). Wholesale customers are very much in the "do not redirect" category, as most are multi-homed and the probability of encountering problems due to asymmetric routing are high. Residentially allocated IP Hi all, The caches themselves spoof the source IP of the client when making an outbound connection to the greater internet, because we've found that although there are occasionally issues caused by asymmetry the problems of cache IPs being blacklisted or DoSd are much fewer. Probably the most commonly observed scenario is where more specific routes are advertised by someone to their upstream (and thus internationally) than domestically (either directly to TCL or via Telecom or whatever) - a number of the routers on the TCL network carry a full routing table, and will prefer the more specific route out via the international path, thus feeding packets to the caches. The return path's then via the path one would normally expect, with the ensuing breakage of port 80 traffic. While this obviously isn't ideal, we do our best to work with the other ISPs to resolve this as fast as possible. --David Robb Network Design Engineer TelstraClear

1 1

History of the Internet in New Zealand
by Susi Fookes 19 Jul '07

19 Jul '07

Hi all, InternetNZ has commissioned Keith Newman to write a history of the Internet in New Zealand. The book will go to the publishers later this year. I have read the first few chapters and it is a fantastic read (I look forward to reading it all). He is near the final stages of writing and is now in search of photographs to help document the history. Can you help? If you have a photo(s) that could be of use – please contact Keith (wordman(a)wordworx.co.nz) or myself. And of course we will give you credit in the publication for allowing us to use the image. We are very eager to hear from you! Susi Fookes -- Project Administrator InternetNZ w +64 4 495 2117 | f +64 4 495 2115 | m +64 21 119 7539 susi(a)internetnz.net.nz | http://internetnz.net.nz PO Box 11-881, Manners Street, Wellington 6142, NEW ZEALAND

7 6

Re: [nznog] Telstra contact - BGP advertisements
by Anton Smith 18 Jul '07

18 Jul '07

> Message: 1 > Date: Wed, 18 Jul 2007 10:17:27 +1200 > From: "Nick Larsen (ZeroOne Operations)" <nick(a)zeroone.co.nz> > Subject: [nznog] > To: "nznog(a)list.waikato.ac.nz" <nznog(a)list.waikato.ac.nz> > Message-ID: > <E50D0676A6F98941BC86ED082F8F2AA407F9286275(a)e12be1.anywhereexchange.com> > > Content-Type: text/plain; charset="us-ascii" > > Hi, > > Could someone from the Telstra Clear routing team please contact me by phone (04 471 4447). > It's regarding our prefix advertisements / asymmetric routing. > > Kind regards, > > Nick Larsen Hi.. sorry but I'm going to hijack this a bit. How many operators out there are using strict RPF? With a lot of interconnection points around the place to me it seems a bit harsh to use strict RPF. And in fact, I wonder if Telstra Clear are using it, since a lot of times I notice broken connectivity due to what appears to be asymmetric routing, and I then have to work around it. It seems to me that the internet is inherently asymmetrical, particularly between ISPs and their carriers. So, can someone please give me the low-down on what the most commonly thing done is w.r.t. asymmetry? Cheers :) Anton

7 8