- NZNOG - lists.nznog.org

Accessing www.symantec.com
by Paul Adshead 04 Aug '04

04 Aug '04

Is anyone else having access problems accessing www.symantec.com? Does anyone know if there is any DOS in progress? Thanks, Paul Adshead.

4 3

The New Zealand Network Operators' Group
by Donald Neal 04 Aug '04

04 Aug '04

The New Zealand Network Operators' Group The New Zealand Network Operators' Group (NZNOG) has no king, president or formal membership. At present it consists of the subscribers to this mailing list, which anyone is free to join. Meetings We're now working towards our next annual conference, to be hosted by The WAND group in Hamilton on February 2nd to 4th, 2005. See http://www.nznog.org/ for details of this year's conference, which drew something over 120 participants. Also see http://auckland.thursdaynightcurry.com/ if you live in or near Auckland or Wellington. Operators' Contact List See http://www.usenet.net.nz/noc/ for operational contact details for most New Zealand ISP's. These are intended for use by other network operators, not by most customers. Internet Exchanges See http://www.ape.net.nz/ for details of the Auckland Peering Exchange and those connected there. See http://www.wix.net.nz/ for the Wellington Internet Exchange. About This Mailing List This list has around 690 addresses subscribed. You may only post to the list from a subscribed address. A number of people subscribe addresses which do not receive email purely to allow posting from them. The NZNOG mailing list is provided through a server at The University of Waikato, and is administered by employees of Alcatel NZ Ltd, Citylink and ihug Ltd. None of these organisations, nor any administrator, is responsible for its content. NZNOG Mailing List Acceptable Use Policy The NZNOG mailing list exists to provide a forum for the exchange of technical information and the discussion of implementation issues that require cooperation among New Zealand network service providers. In order to continue to provide a useful forum for discussion of relevant technical issues, users of the list are asked to respect the following guidelines. 1. Discussion will focus on Internet operational and technical issues. 2. Discussion related to meetings of network service providers is appropriate. 3. Discussion unrelated to these topics is not appropriate. 4. Postings to multiple mailing lists are discouraged. 5. Postings that include foul language, character assassination, and lack of respect for other participants are unacceptable. 6. Blatant product or service marketing is unacceptable. 7. Postings of a political, philosophical or legal nature are discouraged. 8. Postings to the list should be in ASCII or MIME encoded as text/plain. Attachments should not be sent to the list. To present a document, a suitable URL may be referred to. For documents of general interest, the use of proprietary file formats is discouraged. 9. Breaches of list etiquette should be dealt with privately with the offending list user, and should not result in complaints being sent to the list. 10. A person repeatedly breaching list etiquette shall receive warnings from the list administrator. A further breach after the second such warning within thirty days shall result in the offender being unsubscribed from the list. Other action may also be taken to block postings to the list by the offender. Any such unsubscription is to be immediately announced to the list. Mailing List Archives A full archive is available at http://list.waikato.ac.nz/archives/nznog/ Any message sent to the list will be archived and made available on the web automatically. Changes are not made to the archive on request, though the administrators remain happy to assist the Office of the Privacy Commissioner should any complaint be laid with that office. One way to search the archive is to use google and prefix your search with site:list.waikato.ac.nz . Subscribing to the List See http://list.waikato.ac.nz/mailman/listinfo/nznog to subscribe. Donald Neal NZNOG Mailing List Owner/Administrator/Muggins Donald Neal |Diplomacy - Look what Technical Specialist |the university gave me. Operations Engineering | Integration & Services Division +----------------------- Alcatel NZ Ltd - Telecom's network operations manager ------------------------------------------------------------------------------ "This communication, including any attachments, is confidential. If you are not the intended recipient, you should not read it - please contact me immediately, destroy it, and do not copy or use any part of this communication or disclose anything about it. Thank you. Please note that this communication does not designate an information system for the purposes of the Electronic Transactions Act 2002." ------------------------------------------------------------------------------

2 1

IANA IPv4 allocations and bogon update: 71/8, 72/8
by Rob Thomas 03 Aug '04

03 Aug '04

-----BEGIN PGP SIGNED MESSAGE----- Hi, team. [ Apologies to those of you who receive this note in multiple forums. ] The numerous Team Cymru bogon projects have been updated as of 02 AUG 2004 to reflect the following IANA allocation made on 02 AUG 2004: 71/8 Aug 04 ARIN 72/8 Aug 04 ARIN IANA allocations change over time, so please check regularly to ensure you have the latest filters if you are not using the bogon BGP feed(s). We do announce updates to the bogon projects to sundry lists, such as the bogon-announce list. We can not stress this point strongly enough - these allocations change. If you do not adjust your filters, you will be unable to access perhaps large portions of the Internet. Worse yet, you may end up blocking access for people who transit through you. Please do not apply any filters or blocks to your network without carefully considering the ramifications of doing so. As a point of reference, the Team Cymru master Bogon Reference Page can be found here: <http://www.cymru.com/Bogons/> A quick summary of the documents and projects that have been updated include the following: HTTP The Bogon List - <http://www.cymru.com/Documents/bogon-list.html> The Text Bogon Lists - <http://www.cymru.com/Documents/bogon-bn-nonagg.txt> - <http://www.cymru.com/Documents/bogon-bn-agg.txt> Secure BIND Template - <http://www.cymru.com/Documents/secure-bind-template.html> Secure IOS Template (Cisco) - <http://www.cymru.com/Documents/secure-ios-template.html> Secure BGP Template (Cisco) - <http://www.cymru.com/Documents/secure-bgp-template.html> Secure JUNOS Template (Juniper) - <http://www.cymru.com/gillsr/documents/junos-template.htm> Secure JUNOS BGP Template (Juniper) - <http://www.cymru.com/gillsr/documents/junos-bgp-template.htm> Ingress Prefix Filter Templates, Loose and Strict (Cisco) - <ftp://ftp-eng.cisco.com/cons/isp/security/Ingress-Prefix-Filter-Templates/> Ingress Prefix Filter Template, Loose (Juniper) - <http://www.cymru.com/gillsr/documents/junos-isp-prefix-filter-loose.htm> Ingress Prefix Filter Template, Strict (Juniper) - <http://www.cymru.com/gillsr/documents/junos-isp-prefix-filter-strict.htm> BGP Bogon route-server for AUTOMATED updates of bogon filters - All bogon route-server peers have already received the appropriate BGP prefix updates. - <http://www.cymru.com/BGP/bogon-rs.html> RADb fltr-unallocated fltr-martian fltr-bogons - <http://www.cymru.com/Bogons/index.html#radb> RIPE NCC fltr-unallocated fltr-martian fltr-bogons - <http://www.cymru.com/Bogons/index.html#ripe> DNS Bogon (bogons.cymru.com) zone - <http://www.cymru.com/Bogons/index.html#dns> Monitoring Bogon prefix monitoring - <http://www.cymru.com/BGP/robbgp-bogon.html> Bogus ASN monitoring - <http://www.cymru.com/BGP/asnbogusrep.html> Please feel free to contact Team Cymru <team-cymru(a)cymru.com> with any comments, questions, or concerns. Thanks! Rob, for Team Cymru. - -- Rob Thomas http://www.cymru.com ASSERT(coffee != empty); -----BEGIN PGP SIGNATURE----- Version: PGP 6.5.2 iQCVAwUBQQ/hFlkX3QAo5sgJAQEV6gP+PRRJozjAEJ180JTE9KQD+kFsd0n2tQOX TNpOiE4BtjaTfwsZhzgKNYtzRsYdAwL1/zLpWOyjK3J+tllUasxQ+lsDKqGjTVii wATUj+2/JV9VGb14AVkkMz4mSEiNw1rNJxDvy+P40yyECPegWS93Em75DQjrUm3X o5SD7dgJPbI= =2ydr -----END PGP SIGNATURE-----

1 0

RE: [nznog] NTP weirdness
by Eustace, Glen 02 Aug '04

02 Aug '04

Just an FYI, I seem to have fixed our problem. I have added restrict 0.0.0.0 mask 0.0.0.0 nopeer nomodify notrust notrap Which probably should have been there all the time. Win 2k3 is announcing itself in such a way that before the 'restrict' we tried peering with it. Not sure why this wasn't an issue with 4.1.1 Now we simply reply and take no further action. 16:13:30.023910 202.50.245.234.2823 > 130.123.2.99.ntp: v3 sym_act strat 0 poll 17 prec -6 16:13:30.023960 130.123.2.99.ntp > 202.50.245.234.2823: v3 sym_pas strat 2 poll 17 prec -17 (DF) [tos 0x10] -- .*. | Glen Eustace, Infrastructure Development Engineer /V\ | Information Technology Services PN460, Turitea, (/ \) | Massey University, Palmerston North, New Zealand. ( ) | Ph: +64 6 356 9099 x 81005, Fax: +64 6 350 5607, Mob: +64 27 450 0321 ^^-^^ |------------------------------------------------------------

1 0

NTP weirdness
by Glen Eustace 02 Aug '04

02 Aug '04

Hi all, I am need of some help with our public ntp setup. We upgraded our servers from RH7.3 ->FC1 (ntp4.1.1->4.1.2) last week and I have now had several reports of people who are seeing our servers apparently port scanning them :-( I didn't change the config for ntp but can confirm that after their server first asks for the time, we start sending them packets on high UDP ports. The complaints that I have been investigating are Windows servers but that may be a red-herring. I have previously treated ntp as a black-box but am obviously going to have to understand things better. Any help would be appreciated. Glen -- .*. | Glen Eustace, Infrastructure Development Engineer /V\ | Information Technology Services PN460, Turitea, (/ \) | Massey University, Palmerston North, New Zealand. ( ) | Ph: +64 6 356 9099 x 81005, Fax: +64 6 350 5607, ^^_^^ | Mob: +64 27 4 500 321 ------+-----------------------------------------------------

1 0

Fw: ISP Details for inclusion inside DSE ADSL Manuals
by Dan Clark 01 Aug '04

01 Aug '04

This may be of interest to some ADSL operators on here. Kind Regards Dan Clark ----- Original Message ----- From: "Chris Day" <chris.day(a)dse.co.nz> To: <adsl(a)lists.unixathome.org> Sent: Monday, August 02, 2004 5:10 PM Subject: ISP Details for inclusion inside DSE ADSL Manuals > Hi all. > > We are in the process of updating the user manuals and quick start guides for our DSE branded ADSL products. If you are an ISP reselling Telecom's (PPPoA) ADSL services and you would like details to be published in our manuals, please respond to chris.day(a)dse.co.nz with the following information: > > Sales Email: > Sales Phone: > Support Email: > Support Phone: > Weblink: > Company Name: > Primary DNS: > Secondary DNS: > Incoming Mail Server: > Outgoing Mail Server: > > As this this data will eventually be reprinted in all DSE branded ADSL Modems, Routers and Filters, we will also need authorization to redistribute it to consumer market. > > Kind Regards, > > > > Chris Day > Senior Buyer - DSE(NZ)Ltd > email: chris.dau(a)dse.co.nz > Physical: 221 Bush Rd, Albany, Auckland, New Zealand > Postal: Private Bag 102-903, N.S.M.C., Auckland, NZ. > Phone: +64-9-414-2844 - Fax: +64-9-414-2801 - Cell: +64-21-745-411 > > -- > This message is part of the NZ ADSL mailing list. > see http://unixathome.org/adsl/ for archives, FAQ, > and various documents. > To unsubscribe: send mail to majordomo(a)lists.unixathome.org > with "unsubscribe adsl" in the body of the message > >

2 1

ConceptNET Limited Peering Update
by Craig Spiers 01 Aug '04

01 Aug '04

To all those peering with ConceptNET Nationally over APE - we have updated our prefix list. Changes: Added 203.21.31.0/24 Full Prefix List: ip prefix-list conceptnet description ConceptNET Domestic Routes <craig(a)concept.net.nz> ip prefix-list conceptnet seq 5 permit 202.150.96.0/20 ip prefix-list conceptnet seq 10 permit 202.127.8.0/22 ip prefix-list conceptnet seq 15 permit 203.97.44.0/24 ip prefix-list conceptnet seq 20 permit 202.49.250.0/24 ip prefix-list conceptnet seq 25 permit 202.50.176.0/24 ip prefix-list conceptnet seq 30 permit 203.21.31.0/24 Regards, Craig Spiers ConceptNET Limited

1 0

[nzlug] Problems connecting to Telstra Broadband service in
by Jo 30 Jul '04

30 Jul '04

Matthew could you reply back to me re your post in nz.general. Have something to same which cant be done publicly. Real knowledge is to know the extent of one's ignorance. ---Confucius

1 0

Update to ihug prefix list.
by Simon Lyall 28 Jul '04

28 Jul '04

Ihug has updated the list of networks we are advertising across APE and elsewhere. We have added several new networks today. The complete prefix list and the changes are below, they are also available from: http://www.ihug.net/ihug-prefix-list Current Prefix list is: ip prefix-list ihug-networks description ihug peering prefix-list contact: noc(a)ihug.co.nz : Updated 2004-07-29 ip prefix-list ihug-networks permit 192.107.113.0/24 ip prefix-list ihug-networks permit 202.21.130.0/24 ip prefix-list ihug-networks permit 202.21.136.0/23 le 24 ip prefix-list ihug-networks permit 202.36.44.0/24 ip prefix-list ihug-networks permit 202.36.94.0/23 le 24 ip prefix-list ihug-networks permit 202.37.136.0/24 ip prefix-list ihug-networks permit 202.37.182.0/24 ip prefix-list ihug-networks permit 202.37.187.0/24 ip prefix-list ihug-networks permit 202.46.160.0/20 le 24 ip prefix-list ihug-networks permit 202.49.33.0/24 ip prefix-list ihug-networks permit 202.49.46.0/23 le 24 ip prefix-list ihug-networks permit 202.49.48.0/24 ip prefix-list ihug-networks permit 202.49.59.0/24 ip prefix-list ihug-networks permit 202.49.63.0/24 ip prefix-list ihug-networks permit 202.49.88.0/23 le 24 ip prefix-list ihug-networks permit 202.49.144.0/24 ip prefix-list ihug-networks permit 202.49.148.0/23 le 24 ip prefix-list ihug-networks permit 202.49.176.0/23 le 24 ip prefix-list ihug-networks permit 202.49.178.0/24 ip prefix-list ihug-networks permit 202.49.180.0/23 le 24 ip prefix-list ihug-networks permit 202.49.186.0/24 ip prefix-list ihug-networks permit 202.49.240.0/22 le 24 ip prefix-list ihug-networks permit 202.49.249.0/24 ip prefix-list ihug-networks permit 202.50.84.0/24 ip prefix-list ihug-networks permit 202.50.103.0/24 ip prefix-list ihug-networks permit 202.50.188.0/22 le 22 ip prefix-list ihug-networks permit 202.50.255.0/24 ip prefix-list ihug-networks permit 203.96.192.0/19 le 24 ip prefix-list ihug-networks permit 203.109.128.0/17 le 24 ip prefix-list ihug-networks permit 203.118.128.0/18 le 24 ip prefix-list ihug-networks permit 203.173.128.0/17 le 24 ip prefix-list ihug-networks permit 210.55.110.0/24 ip prefix-list ihug-networks permit 210.55.184.0/24 ip prefix-list ihug-networks permit 210.55.202.0/23 le 24 ip prefix-list ihug-networks permit 210.55.248.0/21 le 24 The following networks were added on 2004-07-29: ip prefix-list ihug-networks permit 202.49.33.0/24 ip prefix-list ihug-networks permit 202.49.46.0/23 le 24 ip prefix-list ihug-networks permit 202.49.48.0/24 ip prefix-list ihug-networks permit 202.49.63.0/24 ip prefix-list ihug-networks permit 202.49.178.0/24 ip prefix-list ihug-networks permit 202.50.188.0/22 le 22 ip prefix-list ihug-networks permit 203.96.192.0/19 le 24 ip prefix-list ihug-networks permit 210.55.110.0/24 -- Simon Lyall <simon.lyall(a)ihug.co.nz> Senior Engineer, Ihug Ltd, Auckland, NZ

1 0

[nzlug] Problems connecting to Telstra Broadband service in Wellington via a DSE XH1151 Broadband Router? (fwd)
by Matthew Poole 22 Jul '04

22 Jul '04

This is fairly OT, but I figure that the likelihood of someone on here being able to help him is higher than the other lists he posted to. ---------- Forwarded message ---------- Date: Fri, 23 Jul 2004 17:13:00 +1200 From: Chris Day <chris.day(a)dse.co.nz> Reply-To: nzlug(a)linux.net.nz To: adsl(a)lists.unixathome.org, broadband(a)lists.unixathome.org, nzlug(a)linux.net.nz Subject: [nzlug] Problems connecting to Telstra Broadband service in Wellington via a DSE XH1151 Broadband Router? Over the last couple of weeks we have seen an increase in customer calls regarding the use of the DSE XH1151 Broadband Router with the Telstra Wellington Broadband service. For some unknown reason some routers are suddenly dropping the connection. In almost all cases the customer indicates the router has been working fine. It seems to us the properties of the service has somehow changed and we are trying to contact Telstra to resolve the issue but have been unsuccessful in making any meaningful contact. If you work for Telstra or know of anyone in a position of authority that can help us, it would be most appreciated if you could contact ross.hamblin(a)dse.co.nz We are eager to work with Telstra and our manufacturers to resolve this issue. Kind regards, Chris Day Senior Buyer DSE(NZ)Ltd ------------------------------------------------------------------- To remove yourself from this list, email nzlug-request(a)linux.net.nz with "unsubscribe" in the body of the message.

1 0