swinog

swinog@lists.swinog.ch

2 participants
2940 discussions

Re: [swinog] Mail rejection at bluewin
by Sébastien Riccio 07 Apr '21

07 Apr '21

Hello Simon, Oops of course yes we found "NO" evidence... I should have re-read myself before sending the post. Thanks for pointing that out 😊 and for the cheers. Kind regards, Sébastien -----Message d'origine----- De : Simon Leinen <simon.leinen(a)switch.ch> Envoyé : mercredi, 7 avril 2021 10:30 À : Sébastien Riccio <sr(a)swisscenter.com> Objet : Re: [swinog] Mail rejection at bluewin Sébastien Riccio writes: [...] > It's the 3rd time it happens in two weeks and we found evidence of > unusual SPAM activity from our servers that would justify such a > ratelimiting/rejecting. You found evidence? Or is there a "no" missing somewhere? (Just trying to understand.) Cheers and good luck with the delivery issues! -- Simon.

1 0

G.Fast DSL modems - bridge only
by Jeroen Massar 01 Apr '21

01 Apr '21

Hi Folks, So there is the list: https://www.swisscom.ch/dam/swisscom/en/ws/documents/E_BBCS-Documents/e_bbc… Anybody got a recommendation out of that for a bridge-only G.Fast modem? Apparently FRITZ!Box 7582 does not do Bridge mode, but Zyxel XMG3927 does. Cisco C1113-8P ISR is a bit much for my purposes (and at 800+ bit much too) Anybody has any positive/negative experiences and/or other recommendations? Greets, Jeroen

7 7

Re: [swinog] Swisscom IPv6 Routing weirdness
by Jeroen Massar 29 Mar '21

29 Mar '21

> On 20210225, at 16:52, Jean-Pierre Schwickerath <swinog(a)hilotec.net> wrote: > > Hi Jeroen >> that "sinkhole" is just a misconfigured/internet-ignorant "load >> balancer": those things do not care about ICMP... >> >> you are thus reaching the dest, it is just misconfigured: the Internet >> is just HTTP for many, they do not care about this TCP, ICMP or IP >> thing... be happy there is some kind of IPv6... >> > I wouldn't have noticed the issue if the loadbalancer / webserver had > actually returned a webpage on port TCP/443. But it doesn't. So I tried > from a different network to see if the issue is reproducible and that > when I noticed the path taken by the traceroute packets. > Check with a tcpdump, don't forget to include ICMP. Could also be an MTU issue or something on your side killing it. Of course the behavior of the "load balancer" says quite a few things... sbb.ch is like that too... >> >> Btw, when complaining about something, it is wise to include IP >> addresses, especially for the source... >> > The first hop of the traceroute is actually a good indicator for the > source. 192.168.205.240 ? DNS is ambiguous and reverses do not always match forwards. Including the actual IPs can thus be very useful... That is, if you actually want it resolved. You might want contact swisscom directly (good luck with that) or at least your ISPs that provide the connectivity, they might have better chance at contacting them. (taking transit over swissix is a fun one; but yea it is not that swisscom likes to peer, what else would a monopoly do) Greets, Jeroen

7 9

DENOG Leadership Meetup #1 -- Save the DATE: Mittwoch 24. März 2021, 18:30 Uhr
by Stefan Funke 16 Mar '21

16 Mar '21

Good afternoon SWINOG! Since SWINOG is also a German-speaking network operator group, I wanted to take the chance to invite you to the first DENOG Leadership Meetup. The new meeting series will start on Wednesday, 24th March 2021, at 18:30 CET. It will come in a variety of different formats and is all about leadership. This series's target audience is people in the network operator community who currently are in leadership roles or are interested in leadership roles, either in your career or voluntary appearances. The first meeting is about leadership and managing a team during a global pandemic, including hidden challenges. You will find more details, the preliminary plan, and a way to register for a free ticket at https://www.denog.de/de/events/leadership.html. The event will be in GERMAN only! Greetings from DENOG. We would be pleased to see you at our Meetup next Wednesday. Regards, -Stefan

2 1

Bluewin SMTP server reachable from outside bluewin/swisscom?
by Jeroen Massar 11 Mar '21

11 Mar '21

Hi, (Possibly in relation to http://lists.swinog.ch/public/swinog/2021-March/007457.html, but in this case not even a TCP ACK...) It seems smtp.bluewin.ch (25 and 465 tested) is unreachable from all places I checked (Init7, Quickline, BIT.nl). Is that service normally open for Bluewin customers to connect to smtp.bluewin.ch? As apparently Swisscom is sending out mails to providers that their customers are complaining that their customers on non-swisscom/bluewin cannot use their SMTP service..... But telnet does not even answer.... (no TCP ACK at all, no ICMP, nada nothing), thus looks like it is firewalled away. Greets, Jeroen

1 3

OVH datacenter SBG2 in Strasbourg on fire 🔥
by Fredy Kuenzler 11 Mar '21

11 Mar '21

Very sad day for our colleagues at OVH AS16276 as they lost their datacenter SBG-2 in Strasbourg completly („everything is destroyed“) in a fire 🔥 and the neighboring SBG1/SBG3/SBG4 at least temporary. https://www.dna.fr/amp/faits-divers-justice/2021/03/10/strasbourg-important… -- Fredy Künzler Init7 (Switzerland) Ltd. Technoparkstrasse 5 CH-8406 Winterthur https://www.init7.net/

2 1

Coop.ch geoblocking?
by Benoit Panizzon 04 Mar '21

04 Mar '21

Dear List Having issue in accessing www.coop.ch "Aus Sicherheitsgründen ist ein Login aus Ihrem Land nicht erlaubt". And a hint I shall not use a VPN or Proxy. No proxy or VPN in use, just IPv4 NAT, as confirmed by 'wieistmeineip'. (www.coop.ch is not IPv6 yet) So I supposed a messed up GeoIP Database and changed my SNAT IP a couple of times (all those IP are registered with country=CH @RIPE since decades and I never had such issues) 157.161.57.65 => blocked (main NAT ip) 157.161.57.66 => Ok (a static server ip not used anymore) 157.161.57.68 => Ok (a static client ip) 157.161.57.70 => blocked (alternate NAT ip seldom used) 157.161.5.199 => blocked (Gateway IP, not usually used as src, except local stuff on the Mtik like DNS) Weird! Anyone has insight in what geoIP database coop uses? Or if there are other criteria they use for blocking? -- -Benoît Panizzon- -- I m p r o W a r e A G - Leiter Commerce Kunden ______________________________________________________ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 Pratteln Fax +41 61 826 93 01 Schweiz Web http://www.imp.ch ______________________________________________________

9 9

Swisscom IPv6 Routing weirdness
by Jean-Pierre Schwickerath 25 Feb '21

25 Feb '21

Dear Swisscom Routing-Experts Are you not peeing at swissIX anymore? Your webserver www.swisscom.ch (2a02:a90:c400:4001::2) gives me a hard time to be reached. Either it wants it traffic to be routed from Berne via NL, UK, US and ends in a sinkhole or it uses what looks like using private peering from tineo/netrics/finecom to the same sinkhole: tracepath6 2a02:a90:c400:4001::2 1?: [LOCALHOST] 0.367ms pmtu 1500 1: sv96.hilotec.net 0.776ms 1: sv96.hilotec.net 0.740ms 2: 2a00:c38::1:0:2a 1.538ms 3: lo0.01.p.cbn.ch.as15576.nts.ch 1.725ms 4: lo0.01.p.czh.ch.as15576.nts.ch 4.075ms 5: lo0.02.p.czh.ch.as15576.nts.ch 4.354ms 6: zayog.swissix.ch 10.184ms 7: no reply 8: ae2.cs1.ams17.nl.eth.zayo.com 151.857ms asymm 25 9: no reply 10: no reply 11: no reply 12: ae5.cs1.lhr11.uk.eth.zayo.com 153.354ms asymm 21 13: no reply 14: 2001:438:ffff::407d:1d13 151.202ms asymm 19 15: ae6.cs1.sjc2.us.eth.zayo.com 159.227ms asymm 18 16: ae9.mpr1.pao1.us.zip.zayo.com 152.345ms 17: 2001:438:fffe::2456 153.873ms asymm 10 18: 2001:c10:80:1::e51 259.737ms asymm 10 19: 2001:c10:80:1::b96 265.511ms asymm 11 20: 2001:c10:80:2::ad2 243.109ms asymm 10 21: geb-030-lo0-0.ip6.ip-plus.net 247.019ms asymm 9 22: geb-015-loo6.ip6.ip-plus.net 236.957ms asymm 8 23: gem-005-loo6.ip6.ip-plus.net 242.943ms asymm 8 24: 2001:918:100:63::1 230.491ms asymm 7 25: 2001:918:100:4c::1 240.121ms asymm 8 26: 2001:918:100:52::1 247.741ms asymm 7 27: 2001:918:ce::49 241.013ms asymm 8 28: 2a02:a90:4024:fff::14 247.804ms asymm 9 29: 2a02:a90:4024:fff::15 234.473ms asymm 8 30: no reply Too many hops: pmtu 1500 Resume: pmtu 1500 tracepath 2a02:a90:c400:4001::2 1?: [LOCALHOST] 0.030ms pmtu 1500 1: router.3550.ch 0.418ms 1: router.3550.ch 0.410ms 2: bd4.lar01.lna001.bb.fcom.ch 4.561ms 3: no reply 4: no reply 5: 2001:4d98:a000::1b4 3.218ms asymm 4 6: zhh-015-lo0-0.ip6.ip-plus.net 11.088ms asymm 5 7: 2001:918:ce::45 6.146ms asymm 6 8: 2a02:a90:4024:fff:8000::15 5.452ms 9: no reply 10: no reply 11: no reply 12: no reply 13: no reply 14: no reply 15: no reply 16: no reply 17: no reply 18: no reply 19: no reply 20: no reply 21: no reply 22: no reply 23: no reply 24: no reply 25: no reply 26: no reply 27: no reply 28: no reply 29: no reply 30: no reply Too many hops: pmtu 1500 Resume: pmtu 1500 Is that a management decision or a technical issue? Cheers Jean-Pierre -- HILOTEC Engineering + Consulting AG - Langnau im Emmental IT für KMUs: Netzwerke, Server, PCs, Linux, Telefonanlagen, VOIP, Hosting, Datenbanken, Entwicklung, WLAN, Cloud, Firewalls Tel: +41 34 408 01 00 - https://www.hilotec.com/

2 1

Bluewin / Swisscom Postmaster Contact
by Michael Naef 25 Feb '21

25 Feb '21

Hi all We (Hostpoint) see increasing problems sending automated Mails to bluewwin recipients (such as account confirmation emails). Respectively we see them identiefd as spam mails. Can a Swisscom/Bluewin Postmaster please get in touch with me/us to identify the cause? Thanks, Michael Naef Head of System Engineering, Hostpoint AG

1 0

Fwd: [ncc-announce] Attack on RIPE NCC Access - Please Enable Two-Factor Authentication
by Massimiliano Stucchi 18 Feb '21

18 Feb '21

-------- Forwarded Message -------- Subject: [ncc-announce] Attack on RIPE NCC Access - Please Enable Two-Factor Authentication Date: Thu, 18 Feb 2021 16:49:59 +0100 From: Ivo Dijkhuis <ivo.dijkhuis(a)ripe.net> To: ncc-announce(a)ripe.net Dear colleagues, Last weekend, RIPE NCC Access, our single sign-on (SSO) service was affected by what appears to be a deliberate ‘credential-stuffing’ attack, which caused some downtime. We mitigated the attack, and we are now taking steps to ensure that our services are better protected against such threats in the future. Our preliminary investigations do not indicate that any SSO accounts have been compromised. If we do find that an account has been affected in the course of our investigations, we will contact the account holder individually to inform them. We would like to ask you to enable two-factor authentication on your RIPE NCC Access account if you have not already done so to ensure that your account is secure. In general, using two-factor authentication across all your accounts can help limit your exposure to such attacks. If you notice any suspicious activity in your RIPE NCC Access account, please contact us immediately at <security(a)ripe.net>. Best regards, Ivo Dijkhuis Senior Information Security Officer, RIPE NCC

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

swinog