New Zealand is the host of this year's Australia and New Zealand Internet
Awards, the ANZIAs! The ANZIAs will be held on 27 August, in Auckland at St
Matthews in the City.
The ANZIAs are a collaboration between auDA (www.auda.org.au) and
InternetNZ. An annual event celebrating the achievements of organisations,
businesses and individuals who excel in delivering accessible, innovative,
informative and secure resources to a diverse and wide community on the
Internet. ANZIAs are awarded to categories covering six areas: Security &
Online Safety, Access & Digital Skills, Information, Diversity, Innovation
and in 2014 we introduced The Leonie Dunbar Memorial Award for Community
But more importantly, entries are open now! And you can get nominating
right here: http://www.internetawards.org.au/how-to-enter/
Winners receive recognition as industry leaders that have set new standards
for making the Internet a more inclusive, accessible and safe place. The
awards offer public exposure, media coverage, networking opportunities,
optimisation of future grant applications, recognition for hardworking
staff and volunteers and a cash prize.
Since InternetNZ is hosting the ANZIAs this year, it is an excellent
opportunity for us to host the very best in New Zealand Internet
innovations. So – get applying, get the word out, and we will see you at
Technical Policy Advisor
+64 21 920 363 (mob)
To promote the Internet's benefits and uses, and protect its potential.
> On 24/04/2015, at 7:52 am, manning bill <bmanning(a)isi.edu> wrote:
> anything inline that is sensitive to IPv4 UDP packets that are: ) larger than 512 bytes, ) fragmented.
> do these replies have IPv6 or DNSSEC data in the RRsets?
I would say yes, as all our hosts have both A and AAAA records.
Assuming the above, that moves the issue back in my direction. I am seeing requests from a number of the rNS servers and the issue is intermittent so still more trouble shooting needed I think :-)
> On 24/04/2015, at 7:14 am, manning bill <bmanning(a)isi.edu> wrote:
> tosses MTU issues into the mix. IPv6 & DNSSEC make for large UDP replies, which tend to choke some infrastructure kit...
2 of our 4 name servers are fully dual stack but the queries I do see coming from the Xtra rNS farm are all IPv4.
If there are any other providers out there actively using Baseband IP I
would love to hear from you. Could you email me off-list?
Just very interested if you experience a similar issue/symptom to us
(Inspire). I'm already talking to Chorus about this as well.
I've just made up a new version of my DFZ Map, taking routeviews data and
making it somewhat visible..
FWIW there is about 20Mb of json data on the page, so you probably don't
want to load it from your phone.
Note, I haven't included anything other than routeviews.org data so the
APE/WIX/etc peerings aren't included in this version.
There was a bit of feedback from the last version that it would be good to
search by ASN as well as name, so you can do that in this version.
All feedback welcome on or offlist.
Sent from Samsung tablet
-------- Original message --------
From: Dean Pemberton <nznog(a)deanpemberton.com>
Date: 19/04/2015 17:13 (GMT+12:00)
To: Blair Harrison <nznog(a)jedi.school.nz>
Cc: NZNOG <nznog(a)list.waikato.ac.nz>
Subject: Re: [nznog] BGP Map 2015 edition
Heh - Awesome.
You've even managed to get New Zealand at the top of the smudge =P
On Sat, Apr 18, 2015 at 5:17 PM, Blair Harrison <nznog(a)jedi.school.nz> wrote:
> Hi All
> I've just made up a new version of my DFZ Map, taking routeviews data and
> making it somewhat visible..
> FWIW there is about 20Mb of json data on the page, so you probably don't
> want to load it from your phone.
> Note, I haven't included anything other than routeviews.org data so the
> APE/WIX/etc peerings aren't included in this version.
> There was a bit of feedback from the last version that it would be good to
> search by ASN as well as name, so you can do that in this version.
> All feedback welcome on or offlist.
> NZNOG mailing list
NZNOG mailing list
One of our colleagues from AUSNOG mentioned this, and I thought it'd be
worth reposting here as I'd imagine it's required reading for many of you
(which I'm sure you have of course!).
RFC7454 - "BGP Operations and Security"
The Border Gateway Protocol (BGP) is the protocol almost exclusively
used in the Internet to exchange routing information between network
domains. Due to this central nature, it is important to understand
the security measures that can and should be deployed to prevent
accidental or intentional routing disturbances.
This document describes measures to protect the BGP sessions itself
such as Time to Live (TTL), the TCP Authentication Option (TCP-AO),
and control-plane filtering. It also describes measures to better
control the flow of routing information, using prefix filtering and
automation of prefix filters, max-prefix filtering, Autonomous System
(AS) path filtering, route flap dampening, and BGP community
We'd like to announce that the first of two RIPE Atlas  anchors 
sponsored by NZRS has been installed in Auckland North Shore, and became
active this morning. The anchor support both v4 and v6. This is the
second anchor in New Zealand, the first hosted at Waikato University.
The second anchor will be installed in Wellington at a later time, once
some network architecture work is completed.
NZRS is committed to support Internet research and network measurement,
we are also Atlas ambassadors and we have Atlas Probes  available to
distribute. If you are interested on hosting one for your own benefit
and the benefit of the community, please contact me. We are currently
using the Atlas probes located in New Zealand to conduct a topology
discovery experiment from which you will hear in the coming weeks.
Technical Research Manager
desk: +64 4 495 2337
mobile: +64 21 400535
When I was at the nznog conference there was a lot of despair about a
lot of aspects of the fiber deployment, and the quality of the home
gateways, and what seemed to be promising plans to try to get openwrt
with fq_codel running on nzwrt... did you all despair completely?
I talked about all the great things we could do to improve our devices
with openwrt, and and beat bufferbloat in particular with fq_codel in
and since then I have worked to get fq_codel in more and more OSes and
hardware. UBNT has added configuration tools for it in their upcoming
edgerouter 1.7 release. VyOS just added it. It is in click. It is in
fedora 22. It is spreading (And of course, already in all modern
linuxes, openwrt, dd-wrt, ipfire, shorewall, etc).
There was no sign of a pulse at tilera or mikrotik, but I will keep trying.
Still... to one day get hardware that has low latency and good queue
management at gigE speeds or higher requires better hardware
offloading techniques than the bulk notions like GRO and TSO that
exist today. And it has long been obvious that the rate limiting +
fq_codel techniques we use successfully at sub 200mbit speeds do not
scale higher. So the algorithms need to move into hardware, also.
*******so... a brief commercial interruption*****
I think the open source design method has worked spectacularly for
software, and I think the same methods can work for hardware if only
we can pull together larger communities to do the work, worldwide.
There are only 24 hours left on this kickstarter - we CAN *start* to
take back the edge of the internet - if we can only find another 5k of
This FPGA board´s pcie interface and switch design - and the split
memory interfaces between the programmable logic and the onboard dual
A9 core - and reducing the cost from 7000 to 700 bucks - are the
important parts to why the community needs this board - in my case -
so that more of htb + fq_codel can move into hardware that anyone can
build and use - in other cases? who knows what could be done with it!?
One day, we could move the logic into asics, and finally have open
source, blob-free hardware to work with for any network purpose.
There are people on these lists with money, and there are those with
talent and time, and it would be great if more of those people could
line up with each other. I put in all I could spare (8500 dollars)
into this kickstarter. I have one of their high end boards, already.
There is a get one give one program that I asked meshsr to put in to
try and enable that event. If there is anyone here that would like to
help hack together the next generation of edge network hardware, after
this kickstarter completes, let me know.
I return you now to your normal despair about vendors not listening,
and crappy OSes you can´t otherwise fix.
We CAN make better hardware, ourselves, beat bufferbloat, and take
back control of the edge of the internet! If we work together, on
Wondering if anyone here knows if Mako routers (Spark's SecureME offering)
can be monitored with SNMP?
We use observium to monitor our servers and existing Cisco gear, but so
far it looks like I can only monitor these from the SecureME web portal.
IT Manager | Pack & Company | 027 461 4403 | tom(a)pack.co.nz
you are not the intended recipient of this email, you must not disclose,
copy, or distribute any information contained in or attached to it, or
take any action/inaction based on it. Please contact us immediately, and
delete this email from your system. Any views or opinions presented in
this email are solely those of the author and not of Pack & Company (NZ)
Limited (the "Company"), however any intellectual property contained in or
attached to this email is the property of the Company. Thank you.