Keep in mind that some members on the IX are using a configured mac address instead of the burn in MAC Address on the router's NIC Card.
We have done this in the past during for multiple reasons so we don't have to call the IX and wait on them to up date the filters. -IX Port upgrading in bandwidth. I.E. 1G -> 10G -Router chassis or card upgrades -Circuit grooms This also allows us the flexibility to move the IX port to a difference device in the event of an outage, hardware failure, or other event. -Erik ________________________________ From: NANOG <[email protected]> on behalf of Eric Kuhnke <[email protected]> Sent: Thursday, November 7, 2019 4:47 PM To: Edward Dore <[email protected]>; [email protected] list <[email protected]> Subject: Re: Any info on devices that are running eBGP on the Internet? The OUI prefixes that are Intel, Dell, HP, Supermicro and other x86-64 hardware vendors are almost certainly people running BIRD, FRR or similar on commodity hardware. In which case the actual routing configuration could be almost anything, those just happen to be the PCI-Express NICs in some sort of server platform. On Thu, Nov 7, 2019 at 11:59 AM Edward Dore <[email protected]<mailto:[email protected]>> wrote: I just grabbed the following from our routers connected to LINX LON1, LINX LON2, LINX Manchester and LONAP (so this data is very UK centric): 557 Cisco Systems, Inc 553 Juniper Networks 51 Routerboard.com 51 Brocade Communications Systems, Inc. 49 Arista Networks 40 Unknown 38 Intel Corporate 36 HUAWEI TECHNOLOGIES CO.,LTD 31 Globalscale Technologies, Inc. 20 Super Micro Computer, Inc. 20 Alcatel-Lucent IPD 15 Nokia 14 Hewlett Packard 10 VMware, Inc. 10 Ubiquiti Networks Inc. 10 Sunrich Technology Limited 10 Extreme Networks, Inc. 7 Dell Inc. 5 IEEE Registration Authority 4 Intel Corporation 4 HotLava Systems, Inc. 3 FireBrick Limited 2 Raspberry Pi Foundation 2 Nexcom International Co., Ltd. 2 Microsoft Corporation 2 Mellanox Technologies, Inc. 2 ICP Electronics Inc. 2 Hewlett Packard Enterprise 2 BSkyB Ltd 1 Xensource, Inc. 1 XEROX CORPORATION 1 Solarflare Communications Inc. 1 SILICOM, LTD. 1 MIX s.r.l. 1 LANNER ELECTRONICS, INC. 1 GIGA-BYTE TECHNOLOGY CO.,LTD. 1 DriveCam Inc 1 DIGITAL EQUIPMENT CORPORATION 1 Agile Systems Inc. That's done using https://github.com/bauerj/mac_vendor_lookup to do the MAC lookup against the IEEE OUI list with the "Unknown" entries being anything which doesn't appear in http://standards-oui.ieee.org/oui.txt (possibly locally administered addresses?). Hope that's helpful to someone 🙂 Edward Dore Freethought Internet ________________________________ From: NANOG <[email protected]<mailto:[email protected]>> on behalf of Sabri Berisha <[email protected]<mailto:[email protected]>> Sent: 07 November 2019 19:08 To: Compton, Rich A <[email protected]<mailto:[email protected]>> Cc: nanog <[email protected]<mailto:[email protected]>> Subject: Re: Any info on devices that are running eBGP on the Internet? Hi, What you could consider is asking a few of the major internet exchanges if they'd be so kind to send you a list of MAC addresses seen on their LANs. Based on the MAC you can determine the manufacturer. If you have three or four big ones, you have a decent sample size as most larger networks are on multiple IXes anyway. If you do compile a list, I'm sure this list would be interested in the results :) Thanks, Sabri ----- On Nov 6, 2019, at 10:39 AM, Compton, Rich A <[email protected]<mailto:[email protected]>> wrote: Hi, I am working with MANRS (https://www.manrs.org) on a tool for checking router configs for BGP security / spoofing prevention (e.g. uRPF) https://github.com/manrs-tools/MANRS-validator We are wondering if there is any research on the percentages of different types of devices running BGP on the Internet. Something like: Cisco IOS 30% Junos 30% Mikrotik 20% etc… We are looking to focus our tool on the most prevalent types of devices doing BGP (and the most prevalent with BGP security/spoofing issues) so that we can have the greatest impact. Does anyone have any information on this or know where I can obtain this information? Thanks in advance! -Rich The contents of this e-mail message and any attachments are intended solely for the addressee(s) and may contain confidential and/or legally privileged information. If you are not the intended recipient of this message or if this message has been addressed to you in error, please immediately alert the sender by reply e-mail and then delete this message and any attachments. If you are not the intended recipient, you are notified that any use, dissemination, distribution, copying, or storage of this message or any attachment is strictly prohibited. ________________________________ CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or previous e-mail messages attached to it may contain confidential information that is legally privileged. If you are not the intended recipient, or a person responsible for delivering it to the intended recipient, you are hereby notified that any disclosure, copying, distribution or use of any of the information contained in or attached to this transmission is STRICTLY PROHIBITED. If you have received this transmission in error please notify the sender immediately by replying to this e-mail. You must destroy the original transmission and its attachments without reading or saving in any manner. Thank you.
