On 17/Jun/20 09:22, Baldur Norddahl wrote:
>
> After clearing the relevant BGP sessions the Cloudflare invalid
> prefixes are gone from our routing table and we pass the test again.
Are you running RTR to the validator for the router, or using RPKI
communities?
Mark.
On Wed, Jun 17, 2020 at 10:07 AM Niels den Otter
wrote:
> Hello Baldur,
>
> If you want to validate routes in a VRF you need to configure;
>
> set routing-options validation notification-rib
>
> Have you done so?
>
>
>
That was missing from the config. After adding it and running the command
On Wed, Jun 17, 2020 at 1:43 AM Rubens Kuhl wrote:
>
> Any default route to a non-ROV enabled upstream ?
> Do you receive the test prefix from more than one upstream and the
> previous test success could be a function of upstream ROV ?
>
>
No this is how it looks:
admin@gc-edge1> show route
On 16/Jun/20 23:26, Owen DeLong wrote:
> Count your blessings…
I know that we are lucky that in the markets we operate, local depots
are available. There are other markets in Africa that may not be so
lucky. If we ever built into those markets, we'd certainly cold spare as
much as possible,
On 17/Jun/20 10:20, Baldur Norddahl wrote:
>
>
> On Wed, Jun 17, 2020 at 10:07 AM Niels den Otter
> mailto:niels.denot...@surfnet.nl>> wrote:
>
> Hello Baldur,
>
> If you want to validate routes in a VRF you need to configure;
>
> set routing-options validation notification-rib
>
>
On 16/Jun/20 22:07, Job Snijders wrote:
> Since it is with words that we construct the magic of our reality, let's
> assign a name specific to this engineering effort:
>
> Reactive RPKI ROV
> =
Reactive RPKI ROV, it is, then :-).
A great effort by HE for a network that may
Lets say someone makes an announcement that creates a RPKI invalid and
it is determined to be a mistake. They then go back and add ROA objects
to fix the problem. With this reactive RPKI approach then continue to
block the route because filters where already generated and pushed out
to
In order to use YANG you need a device that can speak NETCONF/RESTCONF and
understands YANG.
There’s no such thing as “The YANG ACL” -there’s IETF YANG model for ACLs,
there’s OpenConfig one, and your switch vendor might have another YANG model
for representing ACLs.
Whichever model provides
On 16/Jun/20 14:24, adamv0...@netconsultings.com wrote:
> Actually I was exactly I that situation and v4 RFC 1918 space worked out just
> fine.
In that way, you are braver than me. But hey, if you need IPv4 and can't
get the public stuff, I won't fault you for going with the private stuff
Hi folks,
Was just wondering what are you folks using as production YANG data store
and what do you like about the particular one you're using? Or maybe folks
using OANP what is your YANG DS of choice?
Plan on using it as in memory DS primarily for service, network YANG
modules, (in addition to
Use ExaBGP to insert the routes? (https://github.com/Exa-Networks/exabgp)
This is some old Perl that generates the older ExaBGP 2.0 style entries,
but it uses template toolkit which means you can easily change the output
format:
For those who still need to deploy RPKI OV we are running a 'live show' on
Friday. Feel free to join.
Cheers,
Melchior
-- Forwarded message -
From: Nathalie Trenaman
Date: Wed, Jun 17, 2020 at 12:39 PM
Subject: [routing-wg] From Zero to RPKI Hero: Live Demo
To: ripedenis--- via
Dear Baldur,
On Wed, Jun 17, 2020 at 01:42:36PM +0200, Baldur Norddahl wrote:
> Lets say someone makes an announcement that creates a RPKI invalid and
> it is determined to be a mistake. They then go back and add ROA
> objects to fix the problem. With this reactive RPKI approach then
> continue
On Wed, 17 Jun 2020, adamv0...@netconsultings.com wrote:
Hi folks,
Was just wondering what are you folks using as production YANG data store
and what do you like about the particular one you're using? Or maybe folks
using OANP what is your YANG DS of choice?
Plan on using it as in memory DS
On 17/06/2020 19:38, Mike Hammett wrote:
> Thanks!
>
> It's nice to see something mostly work on the first try.
Mostly.
I'm only living without IPv6 for the moment, which is painful... :)
Ciao!
--
Massimiliano Stucchi
MS16801-RIPE
Twitter/Telegram: @stucchimax
signature.asc
Description:
Thanks!
It's nice to see something mostly work on the first try.
-
Mike Hammett
Intelligent Computing Solutions
http://www.ics-il.com
Midwest-IX
http://www.midwest-ix.com
- Original Message -
From: "Job Snijders"
To: nanog@nanog.org
Sent: Wednesday, June 17, 2020
> Mostly.
>
> I'm only living without IPv6 for the moment, which is painful... :)
OMG!!! Max, I'm so sorry to hear that :'(
signature.asc
Description: Message signed with OpenPGP
On Wed, 17 Jun 2020 at 18:42, Saku Ytti wrote:
> Hey,
>
> > Why do we really need SR? Be it SR-MPLS or SRv6 or SRv6+?
>
> I don't like this, SR-MPLS and SRv6 are just utterly different things
> to me, and no answer meaningfully applies to both.
>
I don't understand the point of SRv6. What
> On 17/Jun/20 16:25, Jon Lewis wrote:
> > The flip side of this though is that every time an IP space owner
> > publishes an ROA for an aggregate IP block and overlooks the fact that
> > they have customers BGP originating a subnet of the aggregate with an
> > ASN not permitted by an ROA, HE has
Hey,
> Why do we really need SR? Be it SR-MPLS or SRv6 or SRv6+?
I don't like this, SR-MPLS and SRv6 are just utterly different things
to me, and no answer meaningfully applies to both.
I would ask, why do we need LDP, why not use IGP to carry labels?
Less state, protocols, SLOC, cost, bug
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 6/17/20 2:06 PM, Massimiliano Stucchi wrote:
> I'm only living without IPv6 for the moment, which is painful...
Fyi, your signature is bad on that email.
How is IPv6 coming on Mikrotik? It's a no-go at least for my deployment on
6.4 code. Not
Hi all.
When the whole SR concept was being first dreamed up, I was mildly
excited about it. But then real life happened and global deployment (be
it basic SR-MPLS or SRv6) is what it is, and I became less excited. This
was back in 2015.
All the talk about LDPv6 this and last week has had me
Using Shodan, we can find other nodes belonging to the same CDN by
searching for "FP6.1.1866.55", which is conveniently present in the
"Server" HTTP header.
Skimming through the results, it would appear most of the nodes are on
the Level 3 network. Picking one non-Level3 node at random
Dear all,
> I noticed that Mikrotik has added RPKI into their very much beta v7
> branch. I would like to ask those of you that know RPKI well to check
> it out and offer Mikrotik feedback on what they've done
> right\wrong\broken.
Our hero Massimiliano Stucchi in Switzerland started doing the
On 17/Jun/20 16:30, Robert Blayzor wrote:
>
> They are truly ridiculous to deal with. Turning up a new 10G dual stack
> link with BGP. At turn-up time they tell us we have to order BGP for
> IPv6 separately. So you order a circuit with IPv4+IPv6 w/ BGP, but it
> doesn't click to them you need
On Mon, 15 Jun 2020, Mike Leber via NANOG wrote:
I'm pleased to announce Hurricane Electric has completed our RPKI
INVALID filtering project and we now have 0 RPKI INVALIDs in our routing
table.
Hurricane Electric has 29021 BGP sessions with 22109 prefix filters with
7191 networks directly and
On 17/Jun/20 16:25, Jon Lewis wrote:
>
> The flip side of this though is that every time an IP space owner
> publishes an ROA for an aggregate IP block and overlooks the fact that
> they have customers BGP originating a subnet of the aggregate with an
> ASN not permitted by an ROA, HE has
* clin...@scripty.com (Clinton Work) [Wed 17 Jun 2020, 17:31 CEST]:
I'm struggling to determine which CDN owns the servers in
CenturyLink prefix 8.240.0.0/12. During the Call of Duty Season 4
update on June 11th from 06:00 UTC until 08:30 UTC, we had 240 Gbps
of traffic steaming into our
Former Level3 operates a CDN. Might be worth looking into.
On Wed, Jun 17, 2020, 11:43 AM Stephen Satchell wrote:
> On 6/17/20 8:29 AM, Clinton Work wrote:
> > I'm struggling to determine which CDN owns the servers in CenturyLink
> prefix 8.240.0.0/12. During the Call of Duty Season 4 update
Hi all,
We (Juniper) are aware of the challenges with internet-in-a-VRF and RPKI
OV. Hence work is in progress to solve some of these issues.
If there's news (and I remember this promise) I will update. Feel free to
ping me.
Cheers,
Melchior
On Wed, Jun 17, 2020 at 10:30 AM Mark Tinka wrote:
Has anyone noticed over the last week or so that the IPv4 routes appear to be
spiking up temporarily every night from about 10PM EST until about 8AM EST?
Is that just someone trying to test flipping over other network's TCAMs?
Just wondering.
On 9/16/19 9:30 AM, Jon Sands wrote:
> The last time I dealt with them, it took a little over 3 months to get
> them to turn up basic BGP service. To top it off the sales rep was fired
> in the middle of our deployment. Cogent seems to have higher rep
> turnover than anything else I've dealt with.
On Wed, 17 Jun 2020 at 17:28, Jon Lewis wrote:
> The flip side of this though is that every time an IP space owner
> publishes an ROA for an aggregate IP block and overlooks the fact that
> they have customers BGP originating a subnet of the aggregate with an ASN
> not permitted by an ROA, HE
On 6/17/20 8:29 AM, Clinton Work wrote:
I'm struggling to determine which CDN owns the servers in CenturyLink prefix
8.240.0.0/12. During the Call of Duty Season 4 update on June 11th from 06:00
UTC until 08:30 UTC, we had 240 Gbps of traffic steaming into our network from
CenturyLink
I'm struggling to determine which CDN owns the servers in CenturyLink prefix
8.240.0.0/12. During the Call of Duty Season 4 update on June 11th from 06:00
UTC until 08:30 UTC, we had 240 Gbps of traffic steaming into our network from
CenturyLink prefix 8.240.0.0/12. We originally thought it
Hi,
My 9-5 is working for a VoIP provider. When we started in 2006 we had a lot
of issues with the quality of the internet in eastern europe and central
Asia. It was not rare for us to have to play around with routing to get the
quality that we needed. In a review of tickets for the last two
check with lannerinc, they sell x86 devices with this bypass function
On Wed, Jun 17, 2020 at 1:15 PM Dovid Bender wrote:
> Hi,
>
> I am sorry if this is off topic.I was once demoed a network device that
> had two interfaces. The traffic would go through the device. If there was a
> power cut
Yes TY.
On Wed, Jun 17, 2020 at 5:15 PM Yang Yu wrote:
> something like
> https://www.chelsio.com/wp-content/uploads/2012/02/B420-021412.pdf
> ?
>
> On Wed, Jun 17, 2020 at 1:16 PM Dovid Bender wrote:
> >
> > Hi,
> >
> > I am sorry if this is off topic.I was once demoed a network device that
On 17/Jun/20 19:38, Saku Ytti wrote:
> I don't like this, SR-MPLS and SRv6 are just utterly different things
> to me, and no answer meaningfully applies to both.
I know they are different, but that was on purpose, because even with
SR-MPLS, there are a couple of things to consider:
* IOS XR
On 17/Jun/20 23:07, adamv0...@netconsultings.com wrote:
> First of all the "SR = network programmability" is BS, SR = MPLS, any
> programmability we've had for MPLS since ever works the same way for SR.
I see it the same way.
> Yes anything that works for RSVP-TE (i.e. PCEP), if you want
I have significant experience with these. Chelsio was the brand we used
for an IPS/IDS device.
They cost a fortune and they caused just as much pain as they saved.
Unless you really think you're likely to go days without power and for some
reason the things on the other end of those copper 300
We _always_ have at least one spare, or something that could be (relatively)
easily pressed into service as one.
Even in the Midwest, we've had times where 'guaranteed next day replacement' is
more like 2nd or third day due to weather conditions, the carrier routing it
weird, or just plain
Hello,
I've seen something similar with Corero. Have a look at their SmartWall
NETWORK BYPASS APPLIANCE.
Roel
On Wed, Jun 17, 2020 at 10:16 PM Dovid Bender wrote:
> Hi,
>
> I am sorry if this is off topic.I was once demoed a network device that
> had two interfaces. The traffic would go
now you mentioned it, verizon fios is having issues in NY ?
On Wed, Jun 17, 2020 at 4:50 PM Dovid Bender wrote:
> Hi,
>
> My 9-5 is working for a VoIP provider. When we started in 2006 we had a
> lot of issues with the quality of the internet in eastern europe and
> central Asia. It was not
'network bypass adapter' seems to yield results on eBay.
On Wed, Jun 17, 2020 at 2:15 PM Yang Yu wrote:
> something like
> https://www.chelsio.com/wp-content/uploads/2012/02/B420-021412.pdf
> ?
>
> On Wed, Jun 17, 2020 at 1:16 PM Dovid Bender wrote:
> >
> > Hi,
> >
> > I am sorry if this is
On 17/Jun/20 23:46, Tom Hill wrote:
> Unsurprisingly, there would be no way on Earth that I could have said
> that better, so you shall find only loud cheering from over here.
Out of pure curiousity, have you deployed (or are you deploying)?
Mark.
On Tue, Jun 16, 2020 at 5:28 PM Owen DeLong wrote:
>
>
> > On Jun 16, 2020, at 1:51 PM, Mark Tinka wrote:
> >
> >
> >
> > On 16/Jun/20 22:43, Owen DeLong wrote:
> >
> >> Covering them all under vendor contract doesn’t necessarily guarantee
> that
> >> the vendor does, either. In general, if you
Dear Jon, group,
On Wed, Jun 17, 2020 at 10:25:14AM -0400, Jon Lewis wrote:
> On Mon, 15 Jun 2020, Mike Leber via NANOG wrote:
>
> > I'm pleased to announce Hurricane Electric has completed our RPKI
> > INVALID filtering project and we now have 0 RPKI INVALIDs in our routing
> > table.
> >
> >
> From: NANOG On Behalf Of Mark Tinka
> Sent: Wednesday, June 17, 2020 6:07 PM
>
>
> I've heard a lot about "network programmability", e.t.c.,
First of all the "SR = network programmability" is BS, SR = MPLS, any
programmability we've had for MPLS since ever works the same way for SR.
> but
something like
https://www.chelsio.com/wp-content/uploads/2012/02/B420-021412.pdf
?
On Wed, Jun 17, 2020 at 1:16 PM Dovid Bender wrote:
>
> Hi,
>
> I am sorry if this is off topic.I was once demoed a network device that had
> two interfaces. The traffic would go through the device. If there
> On Jun 17, 2020, at 13:14, Dovid Bender wrote:
>
> Hi,
>
> I am sorry if this is off topic.I was once demoed a network device that had
> two interfaces. The traffic would go through the device. If there was a power
> cut or some other malfunction there would be a relay that would
Could someone from Yahoo email NOC contact me offline. We have been getting
complains from our users trying to send to yahoo.com addresses. Email is
getting deliverd, but randomly going into the Yahoo users spam folder. Thanks.
~Nick
--
Checked by SOPHOS http://www.sophos.com
On 17/Jun/20 20:40, Dave Bell wrote:
> I don't understand the point of SRv6. What equipment can support IPv6
> routing, but can't support MPLS label switching?
Indeed.
Anything that can support LDPv4 today can support LDPv6, in hardware.
SRv6 and SRv6+ is a whole other issue, not to mention
Hi,
I am sorry if this is off topic.I was once demoed a network device that had
two interfaces. The traffic would go through the device. If there was a
power cut or some other malfunction there would be a relay that would
physically bridge the two network interfaces so the traffic would flow as
> Do you remember the old BSD paradigm? ... "less is more"
s/bsd/mies/ credit where due.
> We are now in a time where a *smaller* routing table entry list count
> is preferable to a 'full' table, because the fullest table is likely
> to also include problematic BGP routing information.
do
Yes. We have gotten a lot fo complaints today. Can't seem to nail it down.
Random PL.
On Wed, Jun 17, 2020 at 4:52 PM Izzy Goldstein - TeleGo <
igoldst...@telego.net> wrote:
> now you mentioned it, verizon fios is having issues in NY ?
>
> On Wed, Jun 17, 2020 at 4:50 PM Dovid Bender wrote:
>
On 17/06/2020 18:38, Saku Ytti wrote:
>> Why do we really need SR? Be it SR-MPLS or SRv6 or SRv6+?
> I don't like this, SR-MPLS and SRv6 are just utterly different things
> to me, and no answer meaningfully applies to both.
>
> I would ask, why do we need LDP, why not use IGP to carry labels?
>
https://help.yahoo.com/kb/postmaster
On Wed, Jun 17, 2020 at 5:39 PM Fawcett, Nick via NANOG
wrote:
> Could someone from Yahoo email NOC contact me offline. We have been
> getting complains from our users trying to send to yahoo.com addresses.
> Email is getting deliverd, but randomly going
On 6/17/20 10:38 PM, Musa Stephen Honlue wrote:
> Did you face any issues with IPv6 on 6.4, I personally have participated in
> deployment projects on Mikrotik for many large networks.
>
> And it worked well in the end.
The problem I ran into was having it support SLAAC for assignment of IP
On Tue, Jun 16, 2020 at 11:30:23AM -0500, Matt Harris wrote:
>Hey folks,
>I was hoping maybe someone could point me in a useful direction here. I'm
>looking into software tools (ideally, they'd support Windows, Mac, and
>Linux, though Windows is perhaps the only critical one) that
I think all the eyeball networks moving to work with CDNs a bit better
helped alleviate the congestion on the transit / peering links. DOCSIS 3.1
helped tremendously with jitter issues as well as fiber xPON being deployed
by the telcos.
Transit costs have dropped significantly. So it doesn't seem
On Wed, 17 Jun 2020, Richa wrote:
Job,
RPKI ROA creation is a big hammer. Everyone needs to think carefully
about each ROA they create and if it will positively or negatively
impact their network.
Could you please shed some more light on the above?
How would ROA negatively impact if
>> Do you remember the old BSD paradigm? ... "less is more"
> s/bsd/mies/ credit where due.
recant. it was well before mies. i was just raised by and architect,
and had uni roomies who were in the architecture school mies founded.
so my own narrow vision. sorry.
randy
> On Jun 17, 2020, at 12:50 AM, Mark Tinka wrote:
>
>
>
> On 16/Jun/20 23:26, Owen DeLong wrote:
>
>> Count your blessings…
>
> I know that we are lucky that in the markets we operate, local depots
> are available. There are other markets in Africa that may not be so
> lucky. If we ever
>
> Anything that can support LDPv4 today can support LDPv6, in hardware.
>
While I am trying to stay out of this interesting discussion the above
statement is not fully correct.
Yes in the MPLS2MPLS path you are correct,
But ingress and egress switching vectors are very different for LDPv6 as
On Thu, 18 Jun 2020 at 01:17, Mark Tinka wrote:
> IOS XR does not appear to support SR-OSPFv3.
> IOS XE does not appear to support SR-ISISv6.
> IOS XE does not appear to support SR-OSPFv3.
> Junos does not appear to support SR-OSPFv3.
The IGP mess we are in is horrible, but I can't blame SR for
> On 17 Jun 2020, at 22:31, Bryan Fields wrote:
>
> How is IPv6 coming on Mikrotik? It's a no-go at least for my deployment on
> 6.4 code. Not sure I want to run beta in a quasi-production network.
Did you face any issues with IPv6 on 6.4, I personally have participated in
deployment
67 matches
Mail list logo