- NANOG - lists.nanog.org

Two /8s allocated to APNIC from IANA (49/8 and 101/8)]
by Leslie Nobile 13 Aug '10

13 Aug '10

Forwarding on behalf of APNIC. _____________________________________________________ Two /8s allocated to APNIC from IANA (49/8 and 101/8) _____________________________________________________ Dear colleagues The information in this announcement is to enable the Internet community to update network configurations, such as routing filters, where required. APNIC received the following IPv4 address blocks from IANA in August 2010 and will be making allocations from these ranges in the near future: 49/8 101/8 Reachability and routability testing of the new prefixes will commence soon. The daily report will be published at the usual URL: http://www.ris.ripe.net/debogon For more information on the resources administered by APNIC, please see: http://www.apnic.net/db/ranges.html For information on the minimum allocation sizes within address ranges administered by APNIC, please see: http://www.apnic.net/db/min-alloc.html Please be aware, there are now just 14 /8s remaining in IANA's unallocated IPv4 address pool. Kind regards, Sunny

3 2

BGP Update Report
by cidr-report＠potaroo.net 13 Aug '10

13 Aug '10

BGP Update Report Interval: 05-Aug-10 -to- 12-Aug-10 (7 days) Observation Point: BGP Peering with AS131072 TOP 20 Unstable Origin AS Rank ASN Upds % Upds/Pfx AS-Name 1 - AS3464 25838 2.5% 1174.5 -- ASC-NET - Alabama Supercomputer Network 2 - AS5536 21300 2.1% 213.0 -- Internet-Egypt 3 - AS23700 18395 1.8% 13.0 -- BM-AS-ID PT. Broadband Multimedia, Tbk 4 - AS35931 17042 1.7% 5680.7 -- ARCHIPELAGO - ARCHIPELAGO HOLDINGS INC 5 - AS35805 14085 1.4% 17.3 -- SILKNET-AS SILKNET ISP 6 - AS31204 13268 1.3% 510.3 -- SUNCOMMUNICATIONS-AS JV "Sun Communications" Autonomous System 7 - AS7552 9994 1.0% 13.1 -- VIETEL-AS-AP Vietel Corporation 8 - AS32528 9802 1.0% 2450.5 -- ABBOTT Abbot Labs 9 - AS3816 8831 0.9% 27.2 -- COLOMBIA TELECOMUNICACIONES S.A. ESP 10 - AS9829 8773 0.9% 45.2 -- BSNL-NIB National Internet Backbone 11 - AS48754 8596 0.8% 8596.0 -- SOBIS-AS SOBIS SOLUTIONS SRL 12 - AS5800 8393 0.8% 40.9 -- DNIC-ASBLK-05800-06055 - DoD Network Information Center 13 - AS21017 7703 0.8% 770.3 -- VSI-AS VSI AS 14 - AS45464 7558 0.7% 184.3 -- NEXTWEB-AS-AP Room 201, TGU Bldg 15 - AS15802 7310 0.7% 10.4 -- DU-AS1 Emirates Integrated Telecommunications Company PJSC (EITC-DU) 16 - AS17488 7171 0.7% 18.6 -- HATHWAY-NET-AP Hathway IP Over Cable Internet 17 - AS37204 7088 0.7% 708.8 -- TELONE 18 - AS36992 6632 0.7% 47.7 -- ETISALAT-MISR 19 - AS8452 6509 0.6% 13.4 -- TEDATA TEDATA 20 - AS17974 5823 0.6% 7.3 -- TELKOMNET-AS2-AP PT Telekomunikasi Indonesia TOP 20 Unstable Origin AS (Updates per announced prefix) Rank ASN Upds % Upds/Pfx AS-Name 1 - AS48754 8596 0.8% 8596.0 -- SOBIS-AS SOBIS SOLUTIONS SRL 2 - AS35931 17042 1.7% 5680.7 -- ARCHIPELAGO - ARCHIPELAGO HOLDINGS INC 3 - AS11196 2978 0.3% 2978.0 -- NESTLE-USA - Nestle USA 4 - AS32528 9802 1.0% 2450.5 -- ABBOTT Abbot Labs 5 - AS53532 1565 0.1% 1565.0 -- KINGMETALS - King Architectural Metals 6 - AS3464 25838 2.5% 1174.5 -- ASC-NET - Alabama Supercomputer Network 7 - AS17819 4690 0.5% 1172.5 -- ASN-EQUINIX-AP Equinix Asia Pacific 8 - AS46715 1117 0.1% 1117.0 -- ENERGYNET-COM - EnergyNet.com, Inc. 9 - AS21017 7703 0.8% 770.3 -- VSI-AS VSI AS 10 - AS47593 766 0.1% 766.0 -- ATELECOM A-Telcom Ltd 11 - AS27027 744 0.1% 744.0 -- ANBELL ASN-ANBELL 12 - AS523 2201 0.2% 733.7 -- REDSTONE-AS - Headquarters, USAISC 13 - AS37204 7088 0.7% 708.8 -- TELONE 14 - AS11613 699 0.1% 699.0 -- U-SAVE - U-Save Auto Rental of America, Inc. 15 - AS16906 1226 0.1% 613.0 -- El Salvador Network, S. A. 16 - AS48565 591 0.1% 591.0 -- POCZTAPOLSKA-AS Poczta Polska Spolka Akcyjna 17 - AS50257 1038 0.1% 519.0 -- A-MOBILE-AS JV A-Mobile Ltd. 18 - AS31204 13268 1.3% 510.3 -- SUNCOMMUNICATIONS-AS JV "Sun Communications" Autonomous System 19 - AS26383 3126 0.3% 446.6 -- CHILITECH - CHILITECH INTERNET SOLUTIONS, INC. 20 - AS27094 416 0.0% 416.0 -- DNIC-ASBLK-27032-27159 - DoD Network Information Center TOP 20 Unstable Prefixes Rank Prefix Upds % Origin AS -- AS Name 1 - 129.66.128.0/17 12893 1.2% AS3464 -- ASC-NET - Alabama Supercomputer Network 2 - 129.66.0.0/17 12888 1.2% AS3464 -- ASC-NET - Alabama Supercomputer Network 3 - 63.211.68.0/22 9458 0.9% AS35931 -- ARCHIPELAGO - ARCHIPELAGO HOLDINGS INC 4 - 91.212.23.0/24 8596 0.8% AS48754 -- SOBIS-AS SOBIS SOLUTIONS SRL 5 - 198.140.43.0/24 7559 0.7% AS35931 -- ARCHIPELAGO - ARCHIPELAGO HOLDINGS INC 6 - 190.65.228.0/22 5735 0.5% AS3816 -- COLOMBIA TELECOMUNICACIONES S.A. ESP 7 - 130.36.34.0/24 4898 0.4% AS32528 -- ABBOTT Abbot Labs 8 - 130.36.35.0/24 4898 0.4% AS32528 -- ABBOTT Abbot Labs 9 - 95.32.192.0/18 3835 0.3% AS21017 -- VSI-AS VSI AS 10 - 95.32.128.0/18 3800 0.3% AS21017 -- VSI-AS VSI AS 11 - 41.34.29.0/24 3224 0.3% AS8452 -- TEDATA TEDATA 12 - 196.2.16.0/24 3144 0.3% AS10474 -- NETACTIVE 13 - 206.184.16.0/24 3044 0.3% AS174 -- COGENT Cogent/PSI 14 - 63.78.157.0/24 2978 0.3% AS11196 -- NESTLE-USA - Nestle USA 15 - 202.92.235.0/24 2498 0.2% AS9498 -- BBIL-AP BHARTI Airtel Ltd. 16 - 216.126.136.0/22 2492 0.2% AS6316 -- AS-PAETEC-NET - PaeTec Communications, Inc. 17 - 202.167.253.0/24 2342 0.2% AS17819 -- ASN-EQUINIX-AP Equinix Asia Pacific 18 - 202.177.223.0/24 2342 0.2% AS17819 -- ASN-EQUINIX-AP Equinix Asia Pacific 19 - 72.20.248.0/21 1968 0.2% AS26383 -- CHILITECH - CHILITECH INTERNET SOLUTIONS, INC. 20 - 143.138.107.0/24 1595 0.1% AS747 -- TAEGU-AS - Headquarters, USAISC Details at http://bgpupdates.potaroo.net ------------------------------------ Copies of this report are mailed to: nanog(a)merit.edu eof-list(a)ripe.net apops(a)apops.net routing-wg(a)ripe.net afnog(a)afnog.org

1 0

The Cidr Report
by cidr-report＠potaroo.net 13 Aug '10

13 Aug '10

This report has been generated at Fri Aug 13 21:11:36 2010 AEST. The report analyses the BGP Routing Table of AS2.0 router and generates a report on aggregation potential within the table. Check http://www.cidr-report.org for a current version of this report. Recent Table History Date Prefixes CIDR Agg 06-08-10 330860 204039 07-08-10 330883 203929 08-08-10 330806 204061 09-08-10 330840 204237 10-08-10 331016 204310 11-08-10 331070 204498 12-08-10 331297 204410 13-08-10 331362 204873 AS Summary 35099 Number of ASes in routing system 14911 Number of ASes announcing only one prefix 4495 Largest number of prefixes announced by an AS AS4323 : TWTC - tw telecom holdings, inc. 96214848 Largest address span announced by an AS (/32s) AS4134 : CHINANET-BACKBONE No.31,Jin-rong Street Aggregation Summary The algorithm used in this report proposes aggregation only when there is a precise match using the AS path, so as to preserve traffic transit policies. Aggregation is also proposed across non-advertised address space ('holes'). --- 13Aug10 --- ASnum NetsNow NetsAggr NetGain % Gain Description Table 331680 204731 126949 38.3% All ASes AS6389 3855 284 3571 92.6% BELLSOUTH-NET-BLK - BellSouth.net Inc. AS4323 4495 1840 2655 59.1% TWTC - tw telecom holdings, inc. AS19262 1946 279 1667 85.7% VZGNI-TRANSIT - Verizon Online LLC AS4766 1862 509 1353 72.7% KIXS-AS-KR Korea Telecom AS22773 1176 66 1110 94.4% ASN-CXA-ALL-CCI-22773-RDC - Cox Communications Inc. AS4755 1508 433 1075 71.3% TATACOMM-AS TATA Communications formerly VSNL is Leading ISP AS17488 1343 301 1042 77.6% HATHWAY-NET-AP Hathway IP Over Cable Internet AS5668 1129 89 1040 92.1% AS-5668 - CenturyTel Internet Holdings, Inc. AS18566 1087 63 1024 94.2% COVAD - Covad Communications Co. AS6478 1291 373 918 71.1% ATT-INTERNET3 - AT&T WorldNet Services AS8151 1463 568 895 61.2% Uninet S.A. de C.V. AS10620 1091 290 801 73.4% Telmex Colombia S.A. AS8452 1162 430 732 63.0% TEDATA TEDATA AS1785 1785 1090 695 38.9% AS-PAETEC-NET - PaeTec Communications, Inc. AS7545 1401 717 684 48.8% TPG-INTERNET-AP TPG Internet Pty Ltd AS7303 789 111 678 85.9% Telecom Argentina S.A. AS4808 899 279 620 69.0% CHINA169-BJ CNCGROUP IP network China169 Beijing Province Network AS4804 677 72 605 89.4% MPX-AS Microplex PTY LTD AS7552 652 92 560 85.9% VIETEL-AS-AP Vietel Corporation AS4780 691 165 526 76.1% SEEDNET Digital United Inc. AS7018 1477 954 523 35.4% ATT-INTERNET4 - AT&T WorldNet Services AS24560 1005 491 514 51.1% AIRTELBROADBAND-AS-AP Bharti Airtel Ltd., Telemedia Services AS17676 574 75 499 86.9% GIGAINFRA Softbank BB Corp. AS3356 1152 665 487 42.3% LEVEL3 Level 3 Communications AS7011 1137 659 478 42.0% FRONTIER-AND-CITIZENS - Frontier Communications of America, Inc. AS22047 550 76 474 86.2% VTR BANDA ANCHA S.A. AS28573 1067 602 465 43.6% NET Servicos de Comunicao S.A. AS7738 477 30 447 93.7% Telecomunicacoes da Bahia S.A. AS14420 547 104 443 81.0% CORPORACION NACIONAL DE TELECOMUNICACIONES - CNT EP AS36992 652 210 442 67.8% ETISALAT-MISR Total 38940 11917 27023 69.4% Top 30 total Possible Bogus Routes 31.0.0.0/16 AS12654 RIPE-NCC-RIS-AS RIPE NCC RIS project 31.1.0.0/21 AS12654 RIPE-NCC-RIS-AS RIPE NCC RIS project 31.1.24.0/24 AS12654 RIPE-NCC-RIS-AS RIPE NCC RIS project 41.222.79.0/24 AS36938 AMSCOTELECOMS Amsco Telecommunications Nigeria Limited 41.223.92.0/22 AS36936 CELTEL-GABON Celtel Gabon Internet Service 41.223.188.0/24 AS22351 INTELSAT Intelsat Global BGP Routing Policy 41.223.189.0/24 AS6453 GLOBEINTERNET TATA Communications 41.223.196.0/24 AS36990 41.223.197.0/24 AS36990 41.223.198.0/24 AS36990 41.223.199.0/24 AS36990 49.0.0.0/8 AS237 MERIT-AS-14 - Merit Network Inc. 62.61.220.0/24 AS24974 TACHYON-EU Tachyon Europe BV 62.61.221.0/24 AS24974 TACHYON-EU Tachyon Europe BV 64.20.80.0/20 AS40028 SPD-NETWORK-1 - SPD NETWORK 64.21.192.0/20 AS11610 INETNEBR-1 - Internet Nebraska Corporation 64.21.212.0/22 AS11610 INETNEBR-1 - Internet Nebraska Corporation 64.21.216.0/21 AS11610 INETNEBR-1 - Internet Nebraska Corporation 64.82.128.0/19 AS16617 COMMUNITYISP - CISP 64.82.160.0/19 AS16617 COMMUNITYISP - CISP 66.180.239.0/24 AS35888 VIGNETTE - VIGNETTE CORPORATION 66.206.32.0/24 AS17787 PSEB-AS-PK Pakistan Software Export Board 66.206.33.0/24 AS17787 PSEB-AS-PK Pakistan Software Export Board 66.206.34.0/24 AS17787 PSEB-AS-PK Pakistan Software Export Board 66.206.35.0/24 AS17787 PSEB-AS-PK Pakistan Software Export Board 66.206.47.0/24 AS17557 PKTELECOM-AS-PK Pakistan Telecommunication Company Limited 66.207.32.0/20 AS23011 66.230.240.0/20 AS27286 66.245.176.0/20 AS19318 NJIIX-AS-1 - NEW JERSEY INTERNATIONAL INTERNET EXCHANGE LLC 69.6.80.0/24 AS13442 69.6.81.0/24 AS13442 71.19.134.0/23 AS3313 INET-AS I.NET S.p.A. 71.19.160.0/23 AS4648 NZIX-2 Netgate 72.22.32.0/19 AS33150 72.22.61.0/24 AS33150 72.22.62.0/24 AS33150 76.77.32.0/19 AS2828 XO-AS15 - XO Communications 80.88.10.0/24 AS33774 DJAWEB 80.88.12.0/24 AS33779 wataniya-telecom-as 101.0.0.0/8 AS237 MERIT-AS-14 - Merit Network Inc. 110.34.44.0/22 AS12653 COMTONET KB Impuls Hellas 110.173.64.0/19 AS37963 CNNIC-ALIBABA-CN-NET-AP Alibaba (China) Technology Co., Ltd. 116.68.136.0/21 AS28045 Pantel Communications 117.120.56.0/21 AS4755 TATACOMM-AS TATA Communications formerly VSNL is Leading ISP 121.46.0.0/16 AS4134 CHINANET-BACKBONE No.31,Jin-rong Street 121.50.168.0/21 AS9931 CAT-AP The Communication Authoity of Thailand, CAT 158.222.70.0/23 AS6137 SISNA - SISNA, Inc. 158.222.72.0/23 AS6137 SISNA - SISNA, Inc. 158.222.224.0/20 AS19864 O1COMM - O1 COMMUNICATIONS 158.222.224.0/22 AS19864 O1COMM - O1 COMMUNICATIONS 158.222.229.0/24 AS19864 O1COMM - O1 COMMUNICATIONS 172.247.100.0/22 AS7018 ATT-INTERNET4 - AT&T WorldNet Services 176.0.0.0/16 AS12654 RIPE-NCC-RIS-AS RIPE NCC RIS project 176.1.0.0/21 AS12654 RIPE-NCC-RIS-AS RIPE NCC RIS project 176.1.24.0/24 AS12654 RIPE-NCC-RIS-AS RIPE NCC RIS project 177.0.0.0/16 AS12654 RIPE-NCC-RIS-AS RIPE NCC RIS project 177.1.0.0/21 AS12654 RIPE-NCC-RIS-AS RIPE NCC RIS project 177.1.8.0/24 AS12654 RIPE-NCC-RIS-AS RIPE NCC RIS project 178.212.136.0/24 AS47316 ENGINE-NETWORKS-AS Engine Networks (Formerly Engine Technology S.r.l.) 178.212.137.0/24 AS47316 ENGINE-NETWORKS-AS Engine Networks (Formerly Engine Technology S.r.l.) 178.212.138.0/24 AS47316 ENGINE-NETWORKS-AS Engine Networks (Formerly Engine Technology S.r.l.) 178.212.139.0/24 AS47316 ENGINE-NETWORKS-AS Engine Networks (Formerly Engine Technology S.r.l.) 178.212.140.0/24 AS47316 ENGINE-NETWORKS-AS Engine Networks (Formerly Engine Technology S.r.l.) 178.212.141.0/24 AS47316 ENGINE-NETWORKS-AS Engine Networks (Formerly Engine Technology S.r.l.) 178.212.142.0/24 AS47316 ENGINE-NETWORKS-AS Engine Networks (Formerly Engine Technology S.r.l.) 178.212.143.0/24 AS47316 ENGINE-NETWORKS-AS Engine Networks (Formerly Engine Technology S.r.l.) 181.0.0.0/16 AS12654 RIPE-NCC-RIS-AS RIPE NCC RIS project 181.1.0.0/21 AS12654 RIPE-NCC-RIS-AS RIPE NCC RIS project 181.1.8.0/24 AS12654 RIPE-NCC-RIS-AS RIPE NCC RIS project 190.102.32.0/20 AS30058 ACTIVO-SYSTEMS-AS30058 ACTIVO-SYSTEMS-AS30058 190.104.32.0/21 AS27882 Telefónica Celular de Bolivia S.A. 192.9.0.0/16 AS11479 BRM-SUN-AS - Sun Microsystems, Inc 192.64.85.0/24 AS1759 TSF-IP-CORE TeliaSonera Finland IP Network 192.69.108.0/24 AS1759 TSF-IP-CORE TeliaSonera Finland IP Network 192.70.164.0/24 AS25689 NRCNET-AS - National Research Council of Canada 192.101.46.0/24 AS6503 Axtel, S.A.B. de C. V. 192.101.64.0/21 AS702 AS702 Verizon Business EMEA - Commercial IP service provider in Europe 192.101.70.0/24 AS701 UUNET - MCI Communications Services, Inc. d/b/a Verizon Business 192.101.71.0/24 AS701 UUNET - MCI Communications Services, Inc. d/b/a Verizon Business 192.101.72.0/24 AS702 AS702 Verizon Business EMEA - Commercial IP service provider in Europe 192.101.74.0/24 AS1239 SPRINTLINK - Sprint 192.124.252.0/22 AS680 DFN-IP service X-WiN 192.131.233.0/24 AS6389 BELLSOUTH-NET-BLK - BellSouth.net Inc. 192.154.32.0/19 AS81 NCREN - MCNC 192.154.64.0/19 AS81 NCREN - MCNC 192.188.208.0/20 AS27064 DNIC-ASBLK-27032-27159 - DoD Network Information Center 196.2.224.0/22 AS24863 LINKdotNET-AS 196.6.108.0/24 AS5713 SAIX-NET 196.13.201.0/24 AS2018 TENET-1 196.13.202.0/24 AS2018 TENET-1 196.13.203.0/24 AS2018 TENET-1 196.13.204.0/24 AS2018 TENET-1 196.110.105.0/24 AS8513 SKYVISION SkyVision Network Services 196.201.248.0/24 AS30991 SAHANNET Sahannet AS Network 196.201.249.0/24 AS30991 SAHANNET Sahannet AS Network 196.201.250.0/24 AS30991 SAHANNET Sahannet AS Network 196.201.251.0/24 AS30991 SAHANNET Sahannet AS Network 196.201.253.0/24 AS30991 SAHANNET Sahannet AS Network 196.201.255.0/24 AS30991 SAHANNET Sahannet AS Network 196.202.224.0/21 AS8818 TELE Greenland Autonomous System 198.1.2.0/24 AS4761 INDOSAT-INP-AP INDOSAT Internet Network Provider 198.23.26.0/24 AS4390 BELLATLANTIC-COM - Bell Atlantic, Inc. 198.51.100.0/24 AS16953 ASCENT-MEDIA-GROUP-LLC - Ascent Media Group, LLC 198.73.210.0/24 AS21570 ACI-1 - Accelerated Connections Inc. 198.74.38.0/24 AS16966 SBCIDC-LSAN03 - AT&T Internet Services 198.74.39.0/24 AS16966 SBCIDC-LSAN03 - AT&T Internet Services 198.74.40.0/24 AS16966 SBCIDC-LSAN03 - AT&T Internet Services 198.97.72.0/21 AS27064 DNIC-ASBLK-27032-27159 - DoD Network Information Center 198.97.96.0/19 AS27064 DNIC-ASBLK-27032-27159 - DoD Network Information Center 198.97.240.0/20 AS27064 DNIC-ASBLK-27032-27159 - DoD Network Information Center 198.99.241.0/24 AS11797 AC-NIELSEN-AS AC NIELSEN 198.135.236.0/24 AS4358 XNET - XNet Information Systems, Inc. 198.161.87.0/24 AS6539 GT-BELL - Bell Canada 198.163.214.0/24 AS21804 ACCESS-SK - Access Communications Co-operative Limited 198.167.0.0/16 AS7456 INTERHOP - Interhop Network SERVICES Inc. 198.168.0.0/16 AS701 UUNET - MCI Communications Services, Inc. d/b/a Verizon Business 198.169.0.0/16 AS803 SASKTEL - Saskatchewan Telecommunications 198.180.198.0/24 AS23715 SEOUL-INTGW-GXS-AP Global Exchange Services 198.182.235.0/24 AS3356 LEVEL3 Level 3 Communications 199.10.0.0/16 AS721 DNIC-ASBLK-00721-00726 - DoD Network Information Center 199.16.32.0/19 AS6389 BELLSOUTH-NET-BLK - BellSouth.net Inc. 199.121.0.0/16 AS27064 DNIC-ASBLK-27032-27159 - DoD Network Information Center 199.123.16.0/20 AS27064 DNIC-ASBLK-27032-27159 - DoD Network Information Center 199.185.130.0/23 AS19662 UNISERVE-ONLINE - Uniserve On Line 199.202.0.0/16 AS701 UUNET - MCI Communications Services, Inc. d/b/a Verizon Business 199.202.216.0/21 AS577 BACOM - Bell Canada 199.233.92.0/24 AS26896 D102-ITC - Data 102, LLC 199.246.116.0/24 AS813 UUNET-CANADA - MCI Communications Services, Inc. d/b/a Verizon Business 202.9.55.0/24 AS2764 AAPT AAPT Limited 202.9.57.0/24 AS2764 AAPT AAPT Limited 202.38.63.0/24 AS17557 PKTELECOM-AS-PK Pakistan Telecommunication Company Limited 202.58.113.0/24 AS19161 202.61.75.0/24 AS9927 PHILCOMNET-PH A Multihomed ISP Company 202.66.128.0/18 AS9584 GENESIS-AP Diyixian.com Limited 202.66.160.0/19 AS9584 GENESIS-AP Diyixian.com Limited 202.66.160.0/20 AS9584 GENESIS-AP Diyixian.com Limited 202.66.176.0/20 AS9584 GENESIS-AP Diyixian.com Limited 202.66.184.0/24 AS9584 GENESIS-AP Diyixian.com Limited 202.66.186.0/24 AS9584 GENESIS-AP Diyixian.com Limited 202.66.188.0/24 AS9584 GENESIS-AP Diyixian.com Limited 202.66.189.0/24 AS9584 GENESIS-AP Diyixian.com Limited 202.66.190.0/24 AS9584 GENESIS-AP Diyixian.com Limited 202.73.144.0/20 AS4788 TMNET-AS-AP TM Net, Internet Service Provider 202.80.192.0/20 AS2706 PI-HK Pacnet Internet (Hong Kong) Limited 202.86.252.0/22 AS4748 RESOLINK-AS-AP Resources Link Network Limited 202.86.252.0/24 AS9304 HUTCHISON-AS-AP Hutchison Global Communications 202.86.253.0/24 AS9304 HUTCHISON-AS-AP Hutchison Global Communications 202.86.254.0/24 AS9304 HUTCHISON-AS-AP Hutchison Global Communications 202.86.255.0/24 AS9304 HUTCHISON-AS-AP Hutchison Global Communications 202.94.1.0/24 AS4808 CHINA169-BJ CNCGROUP IP network China169 Beijing Province Network 202.133.37.0/24 AS17557 PKTELECOM-AS-PK Pakistan Telecommunication Company Limited 202.133.70.0/24 AS38616 WORLDCALL-AS-KHI Worldcall Telecom Limited 202.133.73.0/24 AS38616 WORLDCALL-AS-KHI Worldcall Telecom Limited 202.136.254.0/24 AS4808 CHINA169-BJ CNCGROUP IP network China169 Beijing Province Network 202.136.255.0/24 AS4808 CHINA169-BJ CNCGROUP IP network China169 Beijing Province Network 202.150.227.0/24 AS17727 NAPINFO-AS-AP PT. NAP Info Lintas Nusa 202.174.70.0/24 AS21175 WIS Wind International Services SA 202.174.125.0/24 AS9498 BBIL-AP BHARTI Airtel Ltd. 202.176.1.0/24 AS9942 COMINDICO-AP SOUL Converged Communications Australia 202.179.130.0/24 AS17557 PKTELECOM-AS-PK Pakistan Telecommunication Company Limited 202.179.131.0/24 AS17557 PKTELECOM-AS-PK Pakistan Telecommunication Company Limited 202.179.133.0/24 AS17557 PKTELECOM-AS-PK Pakistan Telecommunication Company Limited 202.179.134.0/24 AS23966 LDN-AS-PK LINKdotNET Telecom Limited 202.179.144.0/24 AS17557 PKTELECOM-AS-PK Pakistan Telecommunication Company Limited 202.179.149.0/24 AS17557 PKTELECOM-AS-PK Pakistan Telecommunication Company Limited 202.179.150.0/24 AS17557 PKTELECOM-AS-PK Pakistan Telecommunication Company Limited 202.181.32.0/24 AS4645 ASN-HKNET-AP HKNet Co. Ltd 203.12.45.0/24 AS4854 NETSPACE-AS-AP Netspace Online Systems 203.62.0.0/17 AS7575 AARNET-AS-AP Australian Academic and Reasearch Network (AARNet) 203.78.48.0/20 AS9299 IPG-AS-AP Philippine Long Distance Telephone Company 203.80.136.0/21 AS4759 EVOSERVE-AS-AP EvoServe is a content and online access Internet provider company 203.112.111.0/24 AS7474 OPTUSCOM-AS01-AU SingTel Optus Pty Ltd 203.112.113.0/24 AS7474 OPTUSCOM-AS01-AU SingTel Optus Pty Ltd 203.112.114.0/24 AS4802 ASN-IINET iiNet Limited 203.112.116.0/24 AS7474 OPTUSCOM-AS01-AU SingTel Optus Pty Ltd 203.112.117.0/24 AS7474 OPTUSCOM-AS01-AU SingTel Optus Pty Ltd 203.112.118.0/24 AS7474 OPTUSCOM-AS01-AU SingTel Optus Pty Ltd 203.112.119.0/24 AS7474 OPTUSCOM-AS01-AU SingTel Optus Pty Ltd 203.112.120.0/24 AS7474 OPTUSCOM-AS01-AU SingTel Optus Pty Ltd 203.112.121.0/24 AS7474 OPTUSCOM-AS01-AU SingTel Optus Pty Ltd 203.112.127.0/24 AS7474 OPTUSCOM-AS01-AU SingTel Optus Pty Ltd 203.128.128.0/24 AS23849 CNNIC-NET263-AP Beijing Capital-online science development Co.,Ltd. 203.142.219.0/24 AS45149 204.9.216.0/23 AS6389 BELLSOUTH-NET-BLK - BellSouth.net Inc. 204.9.218.0/23 AS6389 BELLSOUTH-NET-BLK - BellSouth.net Inc. 204.10.232.0/21 AS33150 204.19.14.0/23 AS577 BACOM - Bell Canada 204.28.104.0/21 AS25973 MZIMA - Mzima Networks, Inc. 204.197.0.0/16 AS3356 LEVEL3 Level 3 Communications 204.209.114.0/24 AS13768 PEER1 - Peer 1 Network Inc. 204.238.70.0/24 AS36826 205.150.0.0/15 AS701 UUNET - MCI Communications Services, Inc. d/b/a Verizon Business 205.189.134.0/24 AS11814 DISTRIBUTEL-AS11814 - DISTRIBUTEL COMMUNICATIONS LTD. 205.196.24.0/22 AS33724 BIZNESSHOSTING - VOLICO 205.210.145.0/24 AS11814 DISTRIBUTEL-AS11814 - DISTRIBUTEL COMMUNICATIONS LTD. 206.72.192.0/23 AS27375 IDS-TELECOM - IDS Telecom 206.72.194.0/23 AS27375 IDS-TELECOM - IDS Telecom 206.72.196.0/23 AS7018 ATT-INTERNET4 - AT&T WorldNet Services 206.72.208.0/24 AS16526 BIRCH-TELECOM - Birch Telecom, Inc. 206.72.209.0/24 AS16526 BIRCH-TELECOM - Birch Telecom, Inc. 206.123.129.0/24 AS10790 INREACH-AS - InReach Internet 206.180.240.0/20 AS12083 KNOLOGY-NET - Knology Holdings 206.197.184.0/24 AS23304 DATOTEL-STL-AS - Datotel LLC, a NetLabs LLC Company 207.174.131.0/24 AS26116 INDRA - Indra's Net Inc. 207.174.132.0/23 AS26116 INDRA - Indra's Net Inc. 207.174.152.0/23 AS26116 INDRA - Indra's Net Inc. 207.174.154.0/24 AS26116 INDRA - Indra's Net Inc. 207.174.155.0/24 AS26116 INDRA - Indra's Net Inc. 207.174.188.0/24 AS26116 INDRA - Indra's Net Inc. 207.174.189.0/24 AS26116 INDRA - Indra's Net Inc. 207.174.190.0/24 AS26116 INDRA - Indra's Net Inc. 207.174.191.0/24 AS26116 INDRA - Indra's Net Inc. 207.174.200.0/24 AS22658 EARTHNET - Earthnet, Inc. 207.174.248.0/21 AS6653 PRIVATEI - privateI, LLC 207.231.96.0/19 AS11194 NUNETPA - NuNet Inc. 208.73.4.0/22 AS27630 PREMIER - Premier Innovations, LLC 208.78.164.0/24 AS16565 208.78.165.0/24 AS16565 208.78.167.0/24 AS16565 208.84.76.0/22 AS18561 208.92.196.0/22 AS10929 NETELLIGENT - Netelligent Hosting Services Inc. 208.92.199.0/24 AS26198 3MENATWORK - 3Men@Work Integrated Networks, Inc. 209.54.123.0/24 AS6062 NETPLEX - NETPLEX 209.105.224.0/19 AS20074 209.165.239.0/24 AS209 ASN-QWEST - Qwest Communications Company, LLC 209.213.0.0/20 AS33005 ELTOPIA - Eltopia.com, LLC 209.213.1.0/24 AS7849 CROCKERCOM - CROCKER COMMUNICATIONS 209.213.4.0/24 AS7849 CROCKERCOM - CROCKER COMMUNICATIONS 210.5.128.0/20 AS4837 CHINA169-BACKBONE CNCGROUP China169 Backbone 210.56.150.0/23 AS38138 INTECH-TRANSIT-BD InTech Online Limited, INTERNET SERVICE LIMITED 210.247.224.0/19 AS7496 WEBCENTRAL-AS WebCentral 216.21.196.0/24 AS12251 INVISION - Invision.com, Inc. 216.21.201.0/24 AS12251 INVISION - Invision.com, Inc. 216.21.202.0/24 AS12251 INVISION - Invision.com, Inc. 216.21.206.0/23 AS12251 INVISION - Invision.com, Inc. 216.58.192.0/24 AS22702 X5SOLUTIONS - X5 Solutions, Inc. 216.58.197.0/24 AS22702 X5SOLUTIONS - X5 Solutions, Inc. 216.58.200.0/24 AS18530 ISOMEDIA-1 - Isomedia Inc. 216.172.198.0/24 AS22773 ASN-CXA-ALL-CCI-22773-RDC - Cox Communications Inc. 216.172.199.0/24 AS22773 ASN-CXA-ALL-CCI-22773-RDC - Cox Communications Inc. 216.250.112.0/20 AS7296 ALCHEMYNET - Alchemy Communications, Inc. 216.250.116.0/24 AS36066 UNI-MARKETING-ALLIANCE - Webhost4life.com Please see http://www.cidr-report.org for the full report ------------------------------------ Copies of this report are mailed to: nanog(a)merit.edu eof-list(a)ripe.net apops(a)apops.net routing-wg(a)ripe.net afnog(a)afnog.org

1 0

Web expert on his 'catastrophe' key for the internet
by andrew.wallace 13 Aug '10

13 Aug '10

A British computer expert has been entrusted with part of a digital key, to help restart the internet in the event of a major catastrophe. Paul Kane talked to Eddie Mair on Radio 4's PM programme about what he might be called upon to do in the event of an international online emergency. http://www.bbc.co.uk/news/uk-10781240

21 36

Weekly Routing Table Report
by Routing Analysis Role Account 13 Aug '10

13 Aug '10

This is an automated weekly mailing describing the state of the Internet Routing Table as seen from APNIC's router in Japan. The posting is sent to APOPS, NANOG, AfNOG, AusNOG, SANOG, PacNOG, LacNOG, CaribNOG and the RIPE Routing Working Group. Daily listings are sent to bgp-stats(a)lists.apnic.net For historical data, please see http://thyme.apnic.net. If you have any comments please contact Philip Smith <pfs(a)cisco.com>. Routing Table Report 04:00 +10GMT Sat 14 Aug, 2010 Report Website: http://thyme.apnic.net Detailed Analysis: http://thyme.apnic.net/current/ Analysis Summary ---------------- BGP routing table entries examined: 327733 Prefixes after maximum aggregation: 151079 Deaggregation factor: 2.17 Unique aggregates announced to Internet: 160689 Total ASes present in the Internet Routing Table: 34560 Prefixes per ASN: 9.48 Origin-only ASes present in the Internet Routing Table: 29983 Origin ASes announcing only one prefix: 14554 Transit ASes present in the Internet Routing Table: 4577 Transit-only ASes present in the Internet Routing Table: 101 Average AS path length visible in the Internet Routing Table: 3.6 Max AS path length visible: 24 Max AS path prepend of ASN (41664) 21 Prefixes from unregistered ASNs in the Routing Table: 860 Unregistered ASNs in the Routing Table: 433 Number of 32-bit ASNs allocated by the RIRs: 727 Prefixes from 32-bit ASNs in the Routing Table: 904 Special use prefixes present in the Routing Table: 0 Prefixes being announced from unallocated address space: 176 Number of addresses announced to Internet: 2288066240 Equivalent to 136 /8s, 97 /16s and 30 /24s Percentage of available address space announced: 61.7 Percentage of allocated address space announced: 65.9 Percentage of available address space allocated: 93.7 Percentage of address space in use by end-sites: 84.2 Total number of prefixes smaller than registry allocations: 155492 APNIC Region Analysis Summary ----------------------------- Prefixes being announced by APNIC Region ASes: 79750 Total APNIC prefixes after maximum aggregation: 27336 APNIC Deaggregation factor: 2.92 Prefixes being announced from the APNIC address blocks: 76668 Unique aggregates announced from the APNIC address blocks: 33794 APNIC Region origin ASes present in the Internet Routing Table: 4155 APNIC Prefixes per ASN: 18.45 APNIC Region origin ASes announcing only one prefix: 1159 APNIC Region transit ASes present in the Internet Routing Table: 641 Average APNIC Region AS path length visible: 3.7 Max APNIC Region AS path length visible: 15 Number of APNIC addresses announced to Internet: 539648800 Equivalent to 32 /8s, 42 /16s and 99 /24s Percentage of available APNIC address space announced: 76.6 APNIC AS Blocks 4608-4864, 7467-7722, 9216-10239, 17408-18431 (pre-ERX allocations) 23552-24575, 37888-38911, 45056-46079 55296-56319, 131072-132095 APNIC Address Blocks 1/8, 14/8, 27/8, 43/8, 49/8, 58/8, 59/8, 60/8, 61/8, 101/8, 110/8, 111/8, 112/8, 113/8, 114/8, 115/8, 116/8, 117/8, 118/8, 119/8, 120/8, 121/8, 122/8, 123/8, 124/8, 125/8, 126/8, 133/8, 175/8, 180/8, 182/8, 183/8, 202/8, 203/8, 210/8, 211/8, 218/8, 219/8, 220/8, 221/8, 222/8, 223/8, ARIN Region Analysis Summary ---------------------------- Prefixes being announced by ARIN Region ASes: 135111 Total ARIN prefixes after maximum aggregation: 69791 ARIN Deaggregation factor: 1.94 Prefixes being announced from the ARIN address blocks: 107970 Unique aggregates announced from the ARIN address blocks: 42371 ARIN Region origin ASes present in the Internet Routing Table: 13847 ARIN Prefixes per ASN: 7.80 ARIN Region origin ASes announcing only one prefix: 5310 ARIN Region transit ASes present in the Internet Routing Table: 1364 Average ARIN Region AS path length visible: 3.4 Max ARIN Region AS path length visible: 22 Number of ARIN addresses announced to Internet: 731174304 Equivalent to 43 /8s, 148 /16s and 213 /24s Percentage of available ARIN address space announced: 62.3 ARIN AS Blocks 1-1876, 1902-2042, 2044-2046, 2048-2106 (pre-ERX allocations) 2138-2584, 2615-2772, 2823-2829, 2880-3153 3354-4607, 4865-5119, 5632-6655, 6912-7466 7723-8191, 10240-12287, 13312-15359, 16384-17407 18432-20479, 21504-23551, 25600-26591, 26624-27647, 29696-30719, 31744-33791 35840-36863, 39936-40959, 46080-47103 53248-55295, 393216-394239 ARIN Address Blocks 3/8, 4/8, 6/8, 7/8, 8/8, 9/8, 11/8, 12/8, 13/8, 15/8, 16/8, 17/8, 18/8, 19/8, 20/8, 21/8, 22/8, 24/8, 26/8, 28/8, 29/8, 30/8, 32/8, 33/8, 34/8, 35/8, 38/8, 40/8, 44/8, 45/8, 47/8, 48/8, 50/8, 52/8, 54/8, 55/8, 56/8, 63/8, 64/8, 65/8, 66/8, 67/8, 68/8, 69/8, 70/8, 71/8, 72/8, 73/8, 74/8, 75/8, 76/8, 96/8, 97/8, 98/8, 99/8, 107/8, 108/8, 173/8, 174/8, 184/8, 199/8, 204/8, 205/8, 206/8, 207/8, 208/8, 209/8, 214/8, 215/8, 216/8, RIPE Region Analysis Summary ---------------------------- Prefixes being announced by RIPE Region ASes: 74801 Total RIPE prefixes after maximum aggregation: 43787 RIPE Deaggregation factor: 1.71 Prefixes being announced from the RIPE address blocks: 68193 Unique aggregates announced from the RIPE address blocks: 44831 RIPE Region origin ASes present in the Internet Routing Table: 14675 RIPE Prefixes per ASN: 4.65 RIPE Region origin ASes announcing only one prefix: 7553 RIPE Region transit ASes present in the Internet Routing Table: 2201 Average RIPE Region AS path length visible: 3.9 Max RIPE Region AS path length visible: 24 Number of RIPE addresses announced to Internet: 434991872 Equivalent to 25 /8s, 237 /16s and 115 /24s Percentage of available RIPE address space announced: 76.3 RIPE AS Blocks 1877-1901, 2043, 2047, 2107-2136, 2585-2614 (pre-ERX allocations) 2773-2822, 2830-2879, 3154-3353, 5377-5631 6656-6911, 8192-9215, 12288-13311, 15360-16383 20480-21503, 24576-25599, 28672-29695 30720-31743, 33792-35839, 38912-39935 40960-45055, 47104-52223, 196608-197631 RIPE Address Blocks 2/8, 25/8, 31/8, 46/8, 51/8, 62/8, 77/8, 78/8, 79/8, 80/8, 81/8, 82/8, 83/8, 84/8, 85/8, 86/8, 87/8, 88/8, 89/8, 90/8, 91/8, 92/8, 93/8, 94/8, 95/8, 109/8, 176/8, 178/8, 193/8, 194/8, 195/8, 212/8, 213/8, 217/8, LACNIC Region Analysis Summary ------------------------------ Prefixes being announced by LACNIC Region ASes: 29552 Total LACNIC prefixes after maximum aggregation: 7056 LACNIC Deaggregation factor: 4.19 Prefixes being announced from the LACNIC address blocks: 28053 Unique aggregates announced from the LACNIC address blocks: 14979 LACNIC Region origin ASes present in the Internet Routing Table: 1321 LACNIC Prefixes per ASN: 21.24 LACNIC Region origin ASes announcing only one prefix: 407 LACNIC Region transit ASes present in the Internet Routing Table: 235 Average LACNIC Region AS path length visible: 3.9 Max LACNIC Region AS path length visible: 20 Number of LACNIC addresses announced to Internet: 76476928 Equivalent to 4 /8s, 142 /16s and 242 /24s Percentage of available LACNIC address space announced: 57.0 LACNIC AS Blocks 26592-26623, 27648-28671, 52224-53247, 262144-263167 plus ERX transfers LACNIC Address Blocks 177/8, 181/8, 186/8, 187/8, 189/8, 190/8, 200/8, 201/8, AfriNIC Region Analysis Summary ------------------------------- Prefixes being announced by AfriNIC Region ASes: 7368 Total AfriNIC prefixes after maximum aggregation: 1881 AfriNIC Deaggregation factor: 3.92 Prefixes being announced from the AfriNIC address blocks: 5700 Unique aggregates announced from the AfriNIC address blocks: 1657 AfriNIC Region origin ASes present in the Internet Routing Table: 392 AfriNIC Prefixes per ASN: 14.54 AfriNIC Region origin ASes announcing only one prefix: 125 AfriNIC Region transit ASes present in the Internet Routing Table: 89 Average AfriNIC Region AS path length visible: 3.7 Max AfriNIC Region AS path length visible: 14 Number of AfriNIC addresses announced to Internet: 19938304 Equivalent to 1 /8s, 48 /16s and 60 /24s Percentage of available AfriNIC address space announced: 59.4 AfriNIC AS Blocks 36864-37887, 327680-328703 & ERX transfers AfriNIC Address Blocks 41/8, 197/8, APNIC Region per AS prefix count summary ---------------------------------------- ASN No of nets /20 equiv MaxAgg Description 4766 1862 8410 495 Korea Telecom (KIX) 4755 1481 298 164 TATA Communications formerly 7545 1376 234 87 TPG Internet Pty Ltd 17488 1343 149 127 Hathway IP Over Cable Interne 17974 1216 292 74 PT TELEKOMUNIKASI INDONESIA 24560 1005 304 181 Bharti Airtel Ltd., Telemedia 9583 1003 74 487 Sify Limited 4808 899 1671 245 CNCGROUP IP network: China169 9829 818 687 34 BSNL National Internet Backbo 4134 787 22220 415 CHINANET-BACKBONE Complete listing at http://thyme.apnic.net/current/data-ASnet-APNIC ARIN Region per AS prefix count summary --------------------------------------- ASN No of nets /20 equiv MaxAgg Description 6389 3856 3684 276 bellsouth.net, inc. 4323 2730 1116 393 Time Warner Telecom 19262 1946 4613 279 Verizon Global Networks 1785 1785 698 129 PaeTec Communications, Inc. 20115 1489 1526 653 Charter Communications 7018 1478 5734 952 AT&T WorldNet Services 6478 1289 255 145 AT&T Worldnet Services 2386 1284 553 907 AT&T Data Communications Serv 22773 1176 2858 61 Cox Communications, Inc. 11492 1175 209 90 Cable One Complete listing at http://thyme.apnic.net/current/data-ASnet-ARIN RIPE Region per AS prefix count summary --------------------------------------- ASN No of nets /20 equiv MaxAgg Description 3292 449 2026 390 TDC Tele Danmark 30890 443 99 211 Evolva Telecom 702 414 1870 326 UUNET - Commercial IP service 8866 403 117 18 Bulgarian Telecommunication C 8551 401 353 46 Bezeq International 3320 376 7329 325 Deutsche Telekom AG 3301 373 1415 328 TeliaNet Sweden 34984 367 89 183 BILISIM TELEKOM 12479 352 576 5 Uni2 Autonomous System 3215 322 3218 94 France Telecom Transpac Complete listing at http://thyme.apnic.net/current/data-ASnet-RIPE LACNIC Region per AS prefix count summary ----------------------------------------- ASN No of nets /20 equiv MaxAgg Description 8151 1527 3049 247 UniNet S.A. de C.V. 10620 1091 244 150 TVCABLE BOGOTA 28573 1067 833 111 NET Servicos de Comunicao S.A 6503 811 187 264 AVANTEL, S.A. 7303 788 408 99 Telecom Argentina Stet-France 22047 550 310 15 VTR PUNTO NET S.A. 14420 547 35 75 CORPORACION NACIONAL DE TELEC 7738 477 922 30 Telecomunicacoes da Bahia S.A 3816 474 208 98 Empresa Nacional de Telecomun 11172 447 99 76 Servicios Alestra S.A de C.V Complete listing at http://thyme.apnic.net/current/data-ASnet-LACNIC AfriNIC Region per AS prefix count summary ------------------------------------------ ASN No of nets /20 equiv MaxAgg Description 8452 1168 445 10 TEDATA 24863 728 147 39 LINKdotNET AS number 36992 655 279 183 Etisalat MISR 3741 270 898 232 The Internet Solution 33776 206 12 12 Starcomms Nigeria Limited 2018 197 277 64 Tertiary Education Network 6713 195 186 16 Itissalat Al-MAGHRIB 29571 192 19 11 Ci Telecom Autonomous system 24835 188 78 9 RAYA Telecom - Egypt 16637 147 440 95 MTN Network Solutions Complete listing at http://thyme.apnic.net/current/data-ASnet-AFRINIC Global Per AS prefix count summary ---------------------------------- ASN No of nets /20 equiv MaxAgg Description 6389 3856 3684 276 bellsouth.net, inc. 4323 2730 1116 393 Time Warner Telecom 19262 1946 4613 279 Verizon Global Networks 4766 1862 8410 495 Korea Telecom (KIX) 1785 1785 698 129 PaeTec Communications, Inc. 8151 1527 3049 247 UniNet S.A. de C.V. 20115 1489 1526 653 Charter Communications 4755 1481 298 164 TATA Communications formerly 7018 1478 5734 952 AT&T WorldNet Services 7545 1376 234 87 TPG Internet Pty Ltd Complete listing at http://thyme.apnic.net/current/data-ASnet Global Per AS Maximum Aggr summary ---------------------------------- ASN No of nets Net Savings Description 4323 2730 2337 Time Warner Telecom 19262 1946 1667 Verizon Global Networks 1785 1785 1656 PaeTec Communications, Inc. 4766 1862 1367 Korea Telecom (KIX) 4755 1481 1317 TATA Communications formerly 7545 1376 1289 TPG Internet Pty Ltd 8151 1527 1280 UniNet S.A. de C.V. 17488 1343 1216 Hathway IP Over Cable Interne 8452 1168 1158 TEDATA 6478 1289 1144 AT&T Worldnet Services Complete listing at http://thyme.apnic.net/current/data-CIDRnet List of Unregistered Origin ASNs (Global) ----------------------------------------- Bad AS Designation Network Transit AS Description 22015 UNALLOCATED 8.22.137.0/24 14989 Broadview Networks 16927 UNALLOCATED 12.0.252.0/23 7018 AT&T WorldNet Servic 15132 UNALLOCATED 12.9.150.0/24 7018 AT&T WorldNet Servic 32567 UNALLOCATED 12.14.170.0/24 7018 AT&T WorldNet Servic 23054 UNALLOCATED 12.18.240.0/24 7018 AT&T WorldNet Servic 33198 UNALLOCATED 12.19.149.0/24 701 UUNET Technologies, 36178 UNALLOCATED 12.20.60.0/23 6128 Cablevision Systems 13746 UNALLOCATED 12.24.56.0/24 7018 AT&T WorldNet Servic 32567 UNALLOCATED 12.25.107.0/24 7018 AT&T WorldNet Servic 26973 UNALLOCATED 12.39.152.0/24 7018 AT&T WorldNet Servic Complete listing at http://thyme.apnic.net/current/data-badAS Advertised Unallocated Addresses -------------------------------- Network Origin AS Description 31.0.0.0/16 12654 RIPE NCC RIS Project 31.1.0.0/21 12654 RIPE NCC RIS Project 31.1.24.0/24 12654 RIPE NCC RIS Project 41.222.79.0/24 36938 >>UNKNOWN<< 41.223.92.0/22 36936 >>UNKNOWN<< 41.223.188.0/24 22351 Intelsat 41.223.189.0/24 6453 Teleglobe Inc. 41.223.196.0/24 36990 Alkan Telecom Ltd 41.223.197.0/24 36990 Alkan Telecom Ltd 41.223.198.0/24 36990 Alkan Telecom Ltd Complete listing at http://thyme.apnic.net/current/data-add-IANA Number of prefixes announced per prefix length (Global) ------------------------------------------------------- /1:0 /2:0 /3:0 /4:0 /5:0 /6:0 /7:0 /8:21 /9:10 /10:25 /11:67 /12:198 /13:412 /14:718 /15:1304 /16:11200 /17:5397 /18:9236 /19:18562 /20:23299 /21:23290 /22:30291 /23:29761 /24:170761 /25:1058 /26:1205 /27:741 /28:117 /29:47 /30:6 /31:0 /32:7 Advertised prefixes smaller than registry allocations ----------------------------------------------------- ASN No of nets Total ann. Description 6389 2466 3856 bellsouth.net, inc. 4766 1488 1862 Korea Telecom (KIX) 4323 1393 2730 Time Warner Telecom 1785 1252 1785 PaeTec Communications, Inc. 17488 1086 1343 Hathway IP Over Cable Interne 11492 1083 1175 Cable One 18566 1068 1087 Covad Communications 8452 1057 1168 TEDATA 10620 1005 1091 TVCABLE BOGOTA 19262 913 1946 Verizon Global Networks Complete listing at http://thyme.apnic.net/current/data-sXXas-nos Number of /24s announced per /8 block (Global) ---------------------------------------------- 1:44 2:2 4:13 8:294 12:2016 13:7 14:1 15:21 16:3 17:9 20:6 24:1442 27:294 31:1 32:61 33:22 38:695 40:97 41:2504 44:3 46:23 47:16 52:12 55:7 56:2 57:28 58:780 59:508 60:460 61:1073 62:1059 63:1972 64:3730 65:2321 66:4026 67:1838 68:1102 69:2765 70:744 71:444 72:1944 73:2 74:2303 75:253 76:326 77:890 78:620 79:433 80:1015 81:801 82:499 83:488 84:689 85:1043 86:461 87:690 88:304 89:1526 90:99 91:2959 92:412 93:1000 94:1173 95:667 96:530 97:212 98:626 99:33 108:109 109:614 110:435 111:537 112:281 113:310 114:435 115:576 116:1094 117:654 118:490 119:889 120:139 121:725 122:1531 123:953 124:1129 125:1242 128:227 129:162 130:194 131:558 132:247 133:16 134:195 135:45 136:240 137:136 138:270 139:105 140:477 141:197 142:340 143:376 144:473 145:52 146:425 147:171 148:676 149:272 150:154 151:228 152:297 153:168 154:3 155:358 156:166 157:327 158:119 159:361 160:316 161:180 162:252 163:173 164:413 165:366 166:463 167:413 168:646 169:159 170:716 171:59 172:2 173:978 174:516 175:160 176:1 177:1 178:341 180:514 181:1 182:179 183:239 184:147 186:549 187:418 188:806 189:765 190:3899 192:5755 193:4732 194:3400 195:2790 196:1181 198:3567 199:3534 200:5354 201:1588 202:8016 203:8273 204:4035 205:2403 206:2484 207:3067 208:3881 209:3470 210:2546 211:1305 212:1719 213:1675 214:659 215:69 216:4679 217:1546 218:502 219:379 220:1139 221:402 222:316 223:2 End of report

1 0

Pacific Northwest downtime?
by Ashoat Tevosyan 13 Aug '10

13 Aug '10

Hey guys, Anybody else in the Pacific Northwest notice some sites down? I'm using Comcast here at home, and I can't reach anything over at Hurricane Electric. I can confirm that HE is reachable from the University of Washington. Thanks, Ashoat

6 8

Anyone have a spare KVM in Equinix HK?
by Ken Gilmour 13 Aug '10

13 Aug '10

Hi, This probably seems like an unusual request, but we urgently need to install some equipment in Equinix HK and are having problems applying some iLO licenses, Does anyone have a spare KVM in the datacenter there that we can purchase from you, rather than ordering one and drop shipping it which could take a few days... We only need a small, cheapo one with 8 ports or less (but network enabled). Thanks! Ken

1 0

Cost of transit and options in APAC
by David Ulevitch 13 Aug '10

13 Aug '10

Hi Nanog, As we extend our reach into Asia, we're finding that our typical carriers (see: upstreams of AS36692) who provide service to us in North America and Europe are not able to offer us service in Asia either (1) at all or (2) at prices remotely resembling our pricing in NA and EU. For example: Level(3) simply has no presence in Asia and on the pricing side, NTT, GBLX, Verizon and others' pricing is many times higher than their NA and EU pricing. In most cases, it's 10 or more times higher. Additionally, some of the networks seem to market their network based on their reach into the US, rather than their reach into actual users in Asia, which is what we're looking for. So my question is, what are non-APAC-based networks doing as they expand into Asia for transit beyond peering with whomever will peer with them to get close to actual users in Asia? Are people using regional carriers? Are people just paying the "crazy" (compared to US pricing) bandwidth costs? Are people doing peering-only setups out there? Any help would be useful -- hopefully this is on-topic for NANOG, which I think it is, since I'm curious how NA operators deal with these challenges as they expand into APAC. I'm happy to summarize responses later if there is interest. Thanks, David

12 17

Cisco Security Advisory: Cisco IOS Software TCP Denial of Service Vulnerability
by Cisco Systems Product Security Incident Response Team 12 Aug '10

12 Aug '10

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco IOS Software TCP Denial of Service Vulnerability Advisory ID: cisco-sa-20100812-tcp http://www.cisco.com/warp/public/707/cisco-sa-20100812-tcp.shtml Revision 1.0 For Public Release 2010 August 12 2130 UTC (GMT) +--------------------------------------------------------------------- Summary ======= Cisco IOS Software Release, 15.1(2)T is affected by a denial of service (DoS) vulnerability during the TCP establishment phase. The vulnerability could cause embryonic TCP connections to remain in a SYNRCVD or SYNSENT state. Enough embryonic TCP connections in these states could consume system resources and prevent an affected device from accepting or initiating new TCP connections, including any TCP-based remote management access to the device. No authentication is required to exploit this vulnerability. An attacker does not need to complete a three-way handshake to trigger this vulnerability; therefore, this this vunerability can be exploited using spoofed packets. This vulnerability may be triggered by normal network traffic. Cisco has released Cisco IOS Software Release 15.1(2)T0a to address this vulnerability. This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20100812-tcp.shtml. Affected Products ================= This vulnerability affects only Cisco IOS Software Release 15.1(2)T. No other Cisco IOS Software Releases are affected. Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software are not affected by this vulnerability. Vulnerable Products +------------------ A Cisco device is vulnerable when it is running Cisco IOS Software Release 15.1(2)T. To determine the Cisco IOS Software Release that is running on a Cisco product, administrators can log in to the device and issue the "show version" command to display the system banner. The system banner confirms that the device is running Cisco IOS Software by displaying text similar to "Cisco Internetwork Operating System Software" or "Cisco IOS Software." The image name displays in parentheses, followed by "Version" and the Cisco IOS Software Release name. Other Cisco devices do not have the "show version" command or may provide different output. The following example identifies a Cisco product that is running Cisco IOS Software Release 15.1(2)T with an installed image name of C2800NM-ENTSERVICES-M: Router#show version Cisco IOS Software, 2800 Software (C2800NM-ENTSERVICES-M), Version 15.1(2)T, RELEASE SOFTWARE (fc1) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2010 by Cisco Systems, Inc. Compiled Mon 19-Jul-10 16:38 by prod_rel_team <output truncated> Additional information about Cisco IOS Software Release naming conventions is available in the White Paper: Cisco IOS Reference Guide. Products Confirmed Not Vulnerable +-------------------------------- No other Cisco IOS Software versions are affected by this vulnerability. No other Cisco products are currently known to be affected by this vulnerability. Details ======= TCP provides reliable data transmission services in packet-switched network environments. TCP corresponds to the transport layer (Layer 4) of the OSI reference model. Among the services TCP provides are stream data transfer, reliability, efficient flow control, full-duplex operation, and multiplexing. When TCP connections are terminated in Cisco IOS Software, they are allocated a transmission control block (TCB). All allocated TCBs, associated TCP port numbers, and the TCP state are displayed in the output of the "show tcp brief all" command-line interface (CLI) command. Cisco IOS Software version 15.1(2)T contains a vulnerability that could cause an embryonic TCP connection to remain in SYNRCVD or SYNSENT state without a further TCP state transition. Examining the output of the "show tcp brief all" command multiple times will indicate if TCP sessions remain in one of these states. This vulnerability is triggered only by TCP traffic that is terminated by or originated from the device. Transit traffic will not trigger this vulnerability. Both connections to and from the router could trigger this vulnerability. An example of a connection to the router is that you may still be able to ping the device, but fail to establish a TELNET or SSH connection to the device. For example, an administrator may still be able to ping the device but fail to establish a Telnet or SSH connection to the device. Administrators who attempt a Telnet or a SSH connection to a remote device from the CLI prompt will encounter a hung session and the "Trying <ip address|hostname> ..." prompt. The connection that is initiated or terminated by the router can be removed from the socket table by clearing the associated TCB with the "clear tcp tcb 0x<address>" command. Devices could be vulnerable if examining the output of the CLI command "debug ip tcp transactions", displays the error messages "connection queue limit reached: port <port number>" or "No wild listener: port <port number>". Devices could also be vulnerable if output from repetitive show tcp brief all CLI commands indicates many TCBs in the state SYNRCVD or SYNSENT. The following example shows a device that has several HTTP, SSH, and Telnet sessions in the TCP SYNRCVD state: Example#show tcp brief all TCB Local Address Foreign Address (state) 07C2D6C8 192.168.0.2.443 192.168.0.5.11660 SYNRCVD 07C38128 192.168.0.2.23 192.168.0.5.35018 SYNRCVD 07C2DD60 192.168.0.2.443 192.168.0.5.19316 SYNRCVD 07C2A8A0 192.168.0.2.80 192.168.0.5.13818 SYNRCVD <output truncated> Any TCP sessions can be cleared by clearing the associated TCB with "clear tcp tcb 0x<address>". Alternatively Administrators can clear all TCBs at once by issuing "clear tcp tcb *". Note: This will clear all active and hung TCP connections. This vulnerability is documented in the Cisco bug ID CSCti18193. This vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID CVE-2010-2827. Some TCP application specific information is provided in the following sections: Telnet and SSH +------------- Telnet can not be explicitly disabled on a Cisco IOS device. Configuring "transport input none" on the vty lines of a vulnerable device will prevent it from being exploited on TCP port 23. However, if the Cisco IOS SSH server feature is configured on the device, "transport input none" will not prevent the device from being exploited on TCP port 22. Configuration of vty access control lists can partially mitigate this vulnerability because the vulnerability can be exploited using spoofed IP source addresses. Border Gateway Protocol +---------------------- Routers that are configured with Border Gateway Protocol (BGP) can be protected further by using the Generalized Time to Live (TTL) Security Mechanism (GTSM) feature. GTSM allows users to configure the expected TTL of a packet between a source and destination address. Packets that fail the GTSM check will be dropped before TCP processing occurs, which prevents an attacker from exploiting this vulnerability through BGP. GTSM is implemented with the command "ttl-security hops". Further information on protecting BGP can be found in "Protecting Border Gateway Protocol for the Enterprise" (http://www.cisco.com/web/about/security/intelligence/protecting_bgp.html#7) TCP MD5 Authentication for BGP does not prevent this vulnerability from being exploited. Vulnerability Scoring Details ============================= Cisco has provided a score for the vulnerability in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0. CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response. Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks. Cisco has provided an FAQ to answer additional questions regarding CVSS at: http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at: http://intellishield.cisco.com/security/alertmanager/cvss * CSCti18193 ("TCP connections never timeout in IOS 15.1(2)T") CVSS Base Score - 7.8 Access Vector - Network Access Complexity - Low Authentication - None Confidentiality Impact - None Integrity Impact - None Availability Impact - Complete CVSS Temporal Score - 6.4 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed Impact ====== Successful exploitation of this vulnerability may prevent some TCP applications on Cisco IOS Software from accepting any new connections. Exploitation could also prevent remote access to the affected system via the vtys. Remote access to the affected device via out-of-band connectivity to the console port should still be available. Software Versions and Fixes =========================== When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution. In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center (TAC) or your contracted maintenance provider for assistance. Each row of the Cisco IOS Software table (below) names a Cisco IOS release train. If a release train is vulnerable, then the earliest possible releases that contain the fix (along with the anticipated date of availability for each, if applicable) are listed in the "First Fixed Release" column of the table. The "Recommended Release" column indicates the releases which have fixes for all the published vulnerabilities at the time of this Advisory. A device running a release in the given train that is earlier than the release in a specific column (less than the First Fixed Release) is known to be vulnerable. Cisco recommends upgrading to a release equal to or later than the release in the "Recommended Releases" column of the table. +---------------------------------------+ | Major | Availability of Repaired | | Release | Releases | |------------+--------------------------| | Affected | | | 12.x-Based | First Fixed Release | | Releases | | |------------+--------------------------| | 12.0 - | 12.0 through 12.4 based | | 12.4 | releases are not | | | affected | |------------+--------------------------| | Affected | | | 15.0-Based | First Fixed Release | | Releases | | |------------+--------------------------| | 15.0 | There are no affected | | | 15.0 based releases | |------------+--------------------------| | Affected | | | 15.1-Based | First Fixed Release | | Releases | | |------------+--------------------------| | | 15.1(2)T0a | | | | | | 15.1(2)T1; available on | | | 20-AUG-2010 | | 15.1T | | | | Releases prior to 15.1 | | | (2)T are not vulnerable. | | | The vulnerability is | | | first fixed in release | | | 15.1(2)T0a. | +---------------------------------------+ Workarounds =========== The only complete workaround to mitigate this vulnerability is to disable the specific features that make a device vulnerable, if this action is feasible. Allowing only legitimate devices to connect to affected devices will help limit exposure to this vulnerability. Refer to the following Control Plane Policing and Configuring Infrastructure Access Lists subsections for further details. Because a TCP three-way handshake is not required, the mitigation must be combined with anti-spoofing measures on the network edge to increase effectiveness. Additional mitigations that can be deployed on Cisco devices within the network are available in the Cisco Applied Mitigation Bulletin companion document for this advisory, which is available at the following link: http://www.cisco.com/warp/public/707/cisco-amb-20100812-tcp.shtml Cisco Guide to Harden Cisco IOS Devices +-------------------------------------- The Cisco Guide to Harden Cisco IOS Devices provides examples of many useful techniques to mitigate TCP state manipulation vulnerabilities. These include: * Infrastructure Access Control Lists (iACL) * Receive Access Control Lists (rACL) * Transit Access Control Lists (tACL) * vty Access Control Lists * Control Plane Policing (CoPP) * Control Plane Protection (CPPr) For more information on these topics, consult "Cisco Guide to Harden Cisco IOS Devices" (http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a008…) CoPP +--- For devices that need to offer TCP services, administrators can use CoPP to block TCP traffic from untrusted sources that is destined to the affected device. Cisco IOS Software Releases 12.0S, 12.2SX, 12.2S, 12.3T, 12.4, and 12.4T support the CoPP feature. CoPP may be configured on a device to protect the management and control planes and minimize the risk and effectiveness of direct infrastructure attacks by explicitly permitting only authorized traffic sent to infrastructure devices in accordance with existing security policies and configurations. The following example can be adapted to specific network configurations: ! !-- The 192.168.1.0/24 network and the 172.16.1.1 host are trusted. !-- Everything else is not trusted. The following access list is used !-- to determine what traffic needs to be dropped by a control plane !-- policy (the CoPP feature.) If the access list matches (permit), !-- then traffic will be dropped. If the access list does not !-- match (deny), then traffic will be processed by the router. !-- Note that TCP ports 22 and 23 are examples; this !-- configuration needs to be expanded to include all used !-- TCP ports. ! access-list 100 deny tcp 192.168.1.0 0.0.0.255 any eq 22 access-list 100 deny tcp 192.168.1.0 0.0.0.255 any eq 23 access-list 100 deny tcp host 172.16.1.1 any eq 22 access-list 100 deny tcp host 172.16.1.1 any eq 23 access-list 100 permit tcp any any ! !-- Permit (Police or Drop)/Deny (Allow) all other Layer3 and Layer4 !-- traffic in accordance with existing security policies and !-- configurations for traffic that is authorized to be sent !-- to infrastructure devices. !-- Create a class map for traffic that will be policed by !-- the CoPP feature. ! class-map match-all drop-tcp-class match access-group 100 ! !-- Create a policy map that will be applied to the !-- Control Plane of the device, and add the "drop-tcp-traffic" !-- class map. ! policy-map control-plane-policy class drop-tcp-class drop ! !-- Apply the policy map to the control plane of the !-- device. ! control-plane service-policy input control-plane-policy Warning: Because a TCP three-way handshake is not required to exploit this vulnerability, it is possible to spoof the IP address of the sender, which could defeat access control lists (ACLs) that permit communication to these ports from trusted IP addresses. In the preceding CoPP example, the access control entries (ACEs) that match the potential exploit packets with the "permit" action result in these packets being discarded by the policy-map "drop" function, while packets that match the "deny" action (not shown) are not affected by the policy-map drop function. Additional information on the configuration and use of the CoPP feature can be found at "Control Plane Policing Implementation Best Practices" (http://www.cisco.com/web/about/security/intelligence/coppwp_gs.html) and "Control Plane Policing" (http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gtrtlimt.html) Configuring iACLs +---------------- Although it is often difficult to block traffic that transits a network, it is possible to identify traffic that should never be allowed to target infrastructure devices and block that traffic at the border of your network. Infrastructure ACLs are considered a network security best practice and should be considered as a long-term addition to good network security as well as a workaround for this specific vulnerability. The white paper "Protecting Your Core: Infrastructure Protection Access Control Lists" (http://www.cisco.com/en/US/tech/tk648/tk361/technologies_white_paper09186a0…) presents guidelines and recommended deployment techniques for infrastructure protection ACLs. BGP Considerations +---------------- GTSM can help prevent exploitation of this vulnerability by means of the BGP port because packets that originate from devices that do not pass the TTL check configured by GTSM are dropped before any TCP processing occurs. For information on GTSM refer to "BGP Support for TTL Security Check" (http://www.cisco.com/en/US/docs/ios/12_3t/12_3t7/feature/guide/gt_btsh.html) and "BGP Time To Live Security Check" (http://www.cisco.com/web/about/security/intelligence/protecting_bgp.html#7) Embedded Event Manager (EEM) +--------------------------- A Cisco IOS Embedded Event Manager (EEM) policy that is based on Tool Command Language (Tcl) can be used on vulnerable Cisco IOS devices to identify and detect a hung, extended, or indefinite TCP connection that is caused by this vulnerability. The policy allows administrators to monitor TCP connections on a Cisco IOS device. When Cisco IOS EEM detects potential exploitation of this vulnerability, the policy can trigger a response by sending a syslog message or a Simple Network Management Protocol (SNMP) trap to clear the TCP connection. The example policy provided in this document is based on a Tcl script that monitors and parses the output from two commands at defined intervals, produces a syslog message when the monitor threshold reaches its configured value, and can reset the TCP connection. The Tcl script is available for download at the "Cisco Beyond: Embedded Event Manager (EEM) Scripting Community" (http://www.cisco.com/go/ciscobeyond) at the following link http://forums.cisco.com/eforum/servlet/EEM?page=eem&fn=script&scriptId=2041, and the device sample configuration is provided below. ! !-- Location where the Tcl script will be stored ! event manager directory user policy disk0:/eem ! !-- Define variable and set the monitoring interval !-- as an integer (expressed in seconds) ! event manager environment EEM_MONITOR_INTERVAL 60 ! !-- Define variable and set the threshold value as !-- an integer for the number of retransmissions !-- that determine if the TCP connection is hung !-- (a recommended value to use is 15) ! event manager environment EEM_MONITOR_THRESHOLD 15 ! !-- Define variable and set the value to "yes" to !-- enable the clearing of hung TCP connections ! event manager environment EEM_MONITOR_CLEAR yes ! !-- Define variable and set to the TCP connection !-- state or states that script will monitor, which !-- can be a single state or a space-separated list !-- of states ! event manager environment EEM_MONITOR_STATES SYNRCVD SYNSENT ! !-- Register the script as a Cisco EEM policy ! event manager policy monitor-sockets.tcl Obtaining Fixed Software ======================== Cisco has released free software updates that address this vulnerability. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment. Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html, or as otherwise set forth at Cisco.com Downloads at http://www.cisco.com/public/sw-center/sw-usingswc.shtml. Do not contact psirt(a)cisco.com or security-alert(a)cisco.com for software upgrades. Customers with Service Contracts +------------------------------- Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com. Customers without Service Contracts +---------------------------------- Customers who purchase direct from Cisco but do not hold a Cisco service contract, and customers who purchase through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should acquire upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows. * +1 800 553 2447 (toll free from within North America) * +1 408 526 7209 (toll call from anywhere in the world) * e-mail: tac(a)cisco.com Customers should have their product serial number available and be prepared to give the URL of this notice as evidence of entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC. Refer to http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html for additional TAC contact information, including localized telephone numbers, and instructions and e-mail addresses for use in various languages. Exploitation and Public Announcements ===================================== The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability described in this advisory. This vulnerability was reported to Cisco by a customer. Status of this Notice: FINAL ============================ THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors. Distribution ============ This advisory is posted on Cisco's worldwide website at: http://www.cisco.com/warp/public/707/cisco-sa-20100812-tcp.shtml In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients. * cust-security-announce(a)cisco.com * first-bulletins(a)lists.first.org * bugtraq(a)securityfocus.com * vulnwatch(a)vulnwatch.org * cisco(a)spot.colorado.edu * cisco-nsp(a)puck.nether.net * full-disclosure(a)lists.grok.org.uk * comp.dcom.sys.cisco(a)newsgate.cisco.com Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates. Revision History ================ +------------------------------------------------------------+ | Revision 1.0 | 2010-August-12 | Initial public release. | +------------------------------------------------------------+ Cisco Security Procedures ========================= Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/en/US/products/products_security_vulnerability_policy.…. This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt. +-------------------------------------------------------------------- Copyright 2008-2010 Cisco Systems, Inc. All rights reserved. +-------------------------------------------------------------------- Updated: Aug 12, 2010 Document ID: 112099 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkxkdOsACgkQ86n/Gc8U/uApYwCfeZAQ3FcneSd+MEaIn+qMV2zb bYgAn2Zg6rcHlDyLaPepO/C0hwINLk2v =5Pfg -----END PGP SIGNATURE-----

1 0

Reminder: DENOG 2 Call for Participation and Papers
by Marcus Stoegbauer 12 Aug '10

12 Aug '10

DENOG 2 - Call for Participation and Papers The second meeting of the German Network Operators Group (DENOG) will be held in Frankfurt, Germany on the 4th of November 2010. We are pleased to hereby invite applications for presentations or lightning talks to be held at this event. General Information =================== DENOG is a community for professionals within Germany who are operating, designing or researching the Internet. It provides a technical forum where those working on, with and for the Internet can come together to solve problems with every aspect of their (net)work. The meeting is designed to provide an opportunity for the exchange of information among network operators, engineers, researchers and other professionals close to the network community. More information about DENOG (in German) can be found at http://www2.denog.de/ Information about the meeting will be published at http://www.denog.de/. Meeting Countdown ================= What When ------------------------------------------------------ Publication of Call for Papers May 11th, 2010 Deadline for all submissions September 15th, 2010 Beginning of Registration Period End of August, 2010 Publication of final programme End of September, 2010 Deadline for receipt of final slides October 24th, 2010 Meeting Day November 4th, 2010 Topics for Presentations/Talks ============================== The day will be divided into several sessions. The number and length of presentations per session is not fixed, although due to time constraints we would prefer the length of the presentations to be between 10 to 30 minutes. However proposals for longer/shorter presentations or presentations whose subject falls outside of the topics below are also welcome; please do not hesitate to submit them. Lightning Talks --------------- In addition to the topics mentioned below we will reserve slots for lightning talks, which consist of a few slides and will not last longer than 5 minutes. Lightning talks can be submitted until October 29th, with the deadline for submission of the corresponding slides being November 3rd. Topic #1: Power Efficiency in Networks --------------------------------------- For operators of networks and data centres of any size power efficiency has become more important. Servers and network gear with high power consumption are expensive because of high operating and cooling power costs; also in many places supplying more power into the location is no longer possible. How are you dealing with power problems in your environment? How do you efficiently cool a rack/a room/a datacenter? Can a migration to VoIP help you save power? Topic #2: Social Networks, Cloud Services and Information Security ------------------------------------------------------------------ Social Networks are an essential working tool for networkers and cloud services are also becoming increasingly popular. The security of your information and data in these networks is a crucial aspect which we want to discuss in this session. Topic #3: Network Neutrality ---------------------------- In the US, Network Neutrality has been a subject of controversy and debate. Is an ISP allowed to sell "Internet access" which only offers access to a subset of the whole Internet? Is an ISP allowed to prioritise video streams from Company A while imposing a higher delay to video streams from Company B? In Germany Network Neutrality is mainly an issue for mobile networks and not extensively discussed thus far. But what kind of problems will an upcoming debate on Network Neutrality bring to German ISPs and is there a good way to address these problems? Topic #4: Peering ------------------ Everything about your peering experience. Why are you doing it? How are you doing it? Have you written any useful tools which others might find interesting? Topic #5: ISP BOF ----------------- "All things ISP". From Network/SLA Management (for or against it), abuse handling and log systems to data centre layout and planning (including power and cooling), everything that is interesting to you as an ISP can be presented or discussed within this topic. Language of Slides and Talks ============================ To appeal to an international audience we ask you to produce your slides in English, but the spoken language of the presentation itself can be either German or English. Submission Guidelines ===================== All submissions must have a strong technical bias and must not be solely promotional for your employer. Please remember that your presentations should be suitable for a target audience of technicians from varied backgrounds, working for companies whose sizes may vary considerably. To submit a proposal for a presentation, we request that you provide the following information as plain text or PDF format to <denog-pc(a)denog.de>: * the name of the presenter (and if applicable your affiliation) * a working email address * the name and number of the topic which will contain the presentation * the title of the presentation * its expected length (in minutes) * the preferred spoken language for the presentation * a short abstract of the presentation (not more than 200 words) We also welcome suggestions for specific presentations which you feel would be valuable to the DENOG community. Please be aware that your presentation will be published on the DENOG website after the event.

1 0