RPKI performance metrics; your help requested
As the global RPKI data set and system load grows, we want to ensure that the system is performing well. This is why we have added measurement functionality to the RIPE NCC RPKI Validator toolset: https://www.ripe.net/certification/rpki-validator-metrics When enabled, it will gather the following data and send it to the RIPE NCC for analysis: - Connection success rate to the configured repositories - Whether IPv4 or IPv6 is used to connect - Repository inconsistencies - Time taken to validate all retrieved objects There is a detailed post on the sidr mailing list with more information: http://www.ietf.org/mail-archive/web/sidr/current/msg04595.html We would really appreciate it if as many people from across the globe send us performance data. If you would like to participate, please install the latest RPKI Validator and leave it running as a service permanently: https://www.ripe.net/certification/tools-and-resources All you need is a system with Java 1.6, rsync and 1GB of available memory. Simply unzip the file, run ./bin/rpki-validator from the base directory and browse to http://localhost:8080. Then enable the performance metrics by clicking Yes to the prompt. If you have any questions or feedback, please let me know. Many thanks, Alex Band RIPE NCC
UKNOF 23 - Call for Presentations
Hi all, The next UKNOF meeting will take place on Thursday 11th October 2012 in London, and the Programme Committee are seeking content from the community for this meeting. You may often hear it said that UKNOF's remit is distribution of clue, so if the content of your talk fits with that ethos, we're actually pretty open minded about what the actual topic is - as long as it's relevant to our community's broad area of interest, and the quality is good. Talks are usually around 20 to 40 minutes in length, and common subject areas are: Network operations Network architecture and design Networking hardware and software architecture Peering and interconnect Data centre design and operations IPv6 deployment Network monitoring and measurement New innovations in networking technology Open protocol standards Domain Name System infrastructure Network security and abuse prevention Impact of public policy of network operations But, we're always on the lookout for something different, so don't feel it has to fall into the areas above. We're also interested in hearing proposals for panel discussions, as these are a great way of presenting and discussing different views on the same subject. Please send your proposals to submissi...@uknof.org.uk, including a short abstract of the subject, and draft slides if these are available. The closing date for submissions is the 30th June 2012, but don't worry if you miss the deadline and have something interesting to talk about, as we are often able to accept shorter (10 minute) lightning talks closer in to the meeting. Please also get in touch if you would like to suggest any topics, themes or speakers. Please note that UKNOF is free to attend, thanks to the generosity of our sponsors, and run on a non-profit (cost-recovery) basis, so is therefore unable to reimburse speakers' expenses. Thanks, Mike
NANOG 55 Agenda Published!
All, The NANOG 55 Agenda has been published and is viewable at: http://www.nanog.org/meetings/nanog55/agenda.php Detailed abstracts will be added to the agenda over the next few days. Please note that the hotel group rate expires on May 18th. Late registration for the meeting begins on 5/28, so please register today to save significant money! You may register here: http://www.nanog.org/meetings/nanog55/nanog55_registration.html Some individuals may require a Visa and/or valid passport to enter Canada, please see details *here. http://www.cic.gc.ca/english/resources/publications/meeting.asp#question2** The NANOG Program Committee is proud of the program that we have assembled for Vancouver and we are looking forward to welcoming everyone to this amazing venue. *Regards, -Dave Temkin For the NANOG Program Committee
Cogent for ISP bandwidth
The emails on the Outages list reminded me to ask this question... I've done some searching and haven't been able to find much in the last 3 years as to their reliability and suitability as an upstream provider. For a regional ISP looking for GigE ports in the Chicago/St. Louis area, is Cogent a reasonable solution? Our gut feeling is that they don't stack up against a Level3 or Sprint, but they are being very aggressive with pricing to try and get our business. Thanks, Jason
Re: Cogent for ISP bandwidth
In my experience Cogent is fine when used in a BGP mix. When we used them, our service was quite reliable. Routing was funky at times, but we never had packet loss. --John On 5/14/2012 3:03 PM, Jason Baugher wrote: The emails on the Outages list reminded me to ask this question... I've done some searching and haven't been able to find much in the last 3 years as to their reliability and suitability as an upstream provider. For a regional ISP looking for GigE ports in the Chicago/St. Louis area, is Cogent a reasonable solution? Our gut feeling is that they don't stack up against a Level3 or Sprint, but they are being very aggressive with pricing to try and get our business. Thanks, Jason
Re: Cogent for ISP bandwidth
Jason, I agree with John. You can't use them as your only provider, but you wouldn't do that with *any* provider. I will add that they answer the phone quickly, and the person who answers usually has a clue, has access to the routers, and can be helpful. It's one of the benefits that they really only sell one product. Honestly, I think their support is better than most and the deliver what they say or better. In the past the had a A peer / B peer setup that was a little funky, but I think they are getting rid of that as they upgrade hardware throughout their network. We do also use Level3 (and others). As long as they come in to your facility on different fiber or otherwise meet you physical diversity requirements, you should be pretty happy. Add low commits to other providers for more diversity as needed. Good luck, Mike On Mon, 2012-05-14 at 15:12 -0700, John T. Yocum wrote: In my experience Cogent is fine when used in a BGP mix. When we used them, our service was quite reliable. Routing was funky at times, but we never had packet loss. --John On 5/14/2012 3:03 PM, Jason Baugher wrote: The emails on the Outages list reminded me to ask this question... I've done some searching and haven't been able to find much in the last 3 years as to their reliability and suitability as an upstream provider. For a regional ISP looking for GigE ports in the Chicago/St. Louis area, is Cogent a reasonable solution? Our gut feeling is that they don't stack up against a Level3 or Sprint, but they are being very aggressive with pricing to try and get our business. Thanks, Jason -- Michael J. McCafferty CEO M5 Hosting http://www.m5hosting.com Like us on Facebook for updates and photos: https://www.facebook.com/m5hosting
Re: Cogent for ISP bandwidth
I have very little issues with Cogent in the Chicago/Indiana/St. Louis areas. They are peered much better than they were a few years ago. We have 1 client at Cermack purchasing Cogent bandwidth through a third party at well under $1 a meg. Justin -- Justin Wilson j...@mtin.net Aol Yahoo IM: j2sw http://www.mtin.net/blog xISP News http://www.twitter.com/j2sw Follow me on Twitter -Original Message- From: Jason Baugher ja...@thebaughers.com Date: Monday, May 14, 2012 6:03 PM To: nanog nanog@nanog.org Subject: Cogent for ISP bandwidth The emails on the Outages list reminded me to ask this question... I've done some searching and haven't been able to find much in the last 3 years as to their reliability and suitability as an upstream provider. For a regional ISP looking for GigE ports in the Chicago/St. Louis area, is Cogent a reasonable solution? Our gut feeling is that they don't stack up against a Level3 or Sprint, but they are being very aggressive with pricing to try and get our business. Thanks, Jason
Re: Cogent for ISP bandwidth
Cogent is really better suited as a tertiary provider. Not a bad option, but you don't want to lose redundancy when they get involved in their peering dispute or de-peering du jour. Drive Slow, Paul Wall On 5/14/12, Michael J McCafferty m...@m5computersecurity.com wrote: Jason, I agree with John. You can't use them as your only provider, but you wouldn't do that with *any* provider. I will add that they answer the phone quickly, and the person who answers usually has a clue, has access to the routers, and can be helpful. It's one of the benefits that they really only sell one product. Honestly, I think their support is better than most and the deliver what they say or better. In the past the had a A peer / B peer setup that was a little funky, but I think they are getting rid of that as they upgrade hardware throughout their network. We do also use Level3 (and others). As long as they come in to your facility on different fiber or otherwise meet you physical diversity requirements, you should be pretty happy. Add low commits to other providers for more diversity as needed. Good luck, Mike On Mon, 2012-05-14 at 15:12 -0700, John T. Yocum wrote: In my experience Cogent is fine when used in a BGP mix. When we used them, our service was quite reliable. Routing was funky at times, but we never had packet loss. --John On 5/14/2012 3:03 PM, Jason Baugher wrote: The emails on the Outages list reminded me to ask this question... I've done some searching and haven't been able to find much in the last 3 years as to their reliability and suitability as an upstream provider. For a regional ISP looking for GigE ports in the Chicago/St. Louis area, is Cogent a reasonable solution? Our gut feeling is that they don't stack up against a Level3 or Sprint, but they are being very aggressive with pricing to try and get our business. Thanks, Jason -- Michael J. McCafferty CEO M5 Hosting http://www.m5hosting.com Like us on Facebook for updates and photos: https://www.facebook.com/m5hosting
Re: Cogent for ISP bandwidth
I use Cogent as one of our upstreams at work, and I'll basically reiterate what others have said -- overall, I'd have no problems recommending them. Their routing can sometimes be a little weird (though this is MUCH better now than it was a couple of years ago), so I wouldn't necessarily use them as my main provider for latency-sensitive applications, but this isn't normally a problem with 'general' traffic.The A peer/B peer stuff they used to do was definitely weird, but they migrated us away from that configuration a few months ago (peering with them out of TorIX). Presumably they're doing that across the rest of their network. Their support has been fantastic in my experience.. I'd have to say they're probably the least painful provider I've dealt with overall (unlike some providers *cough*Telus*cough* who I've been waiting 7 weeks for to set up a freaking BGP session...). I'd have no problems picking Cogent as a provider, though of course as one of many providers for redundancy (which would be no different than any other single provider). - Pete On 5/14/2012 6:33 PM, Michael J McCafferty wrote: Jason, I agree with John. You can't use them as your only provider, but you wouldn't do that with *any* provider. I will add that they answer the phone quickly, and the person who answers usually has a clue, has access to the routers, and can be helpful. It's one of the benefits that they really only sell one product. Honestly, I think their support is better than most and the deliver what they say or better. In the past the had a A peer / B peer setup that was a little funky, but I think they are getting rid of that as they upgrade hardware throughout their network. We do also use Level3 (and others). As long as they come in to your facility on different fiber or otherwise meet you physical diversity requirements, you should be pretty happy. Add low commits to other providers for more diversity as needed. Good luck, Mike On Mon, 2012-05-14 at 15:12 -0700, John T. Yocum wrote: In my experience Cogent is fine when used in a BGP mix. When we used them, our service was quite reliable. Routing was funky at times, but we never had packet loss. --John On 5/14/2012 3:03 PM, Jason Baugher wrote: The emails on the Outages list reminded me to ask this question... I've done some searching and haven't been able to find much in the last 3 years as to their reliability and suitability as an upstream provider. For a regional ISP looking for GigE ports in the Chicago/St. Louis area, is Cogent a reasonable solution? Our gut feeling is that they don't stack up against a Level3 or Sprint, but they are being very aggressive with pricing to try and get our business. Thanks, Jason smime.p7s Description: S/MIME Cryptographic Signature
Protocols for Testing Intrusion Detection?
I'm looking for recommended protocols to use for testing intrusion detection and maybe also firewall logging. Basically I need some kind of protocol that it's ok to discard traffic for in a production network, so I can be sure that the various systems that should be detecting it and generating alarms are up and running. Is there already a standard I should be using? (This doesn't seem to quite match RFC2544.) I'm thinking about things like - TCP and UDP echo protocol - is this sufficiently deprecated that it won't be missed, or are there applications still using it? - Higher-numbered TCP protocol, such as 31337, which appears to have no official current use, and unofficially is for Back Orifice. - http:80 from a well-known test address, such as evil.example.com (probably need both RFC1918 and public IP addresses, so it's somewhat site-dependent. Should I be using 192.0.2.0/24 or 198.18.0.0/15 as long as I'm careful not to leak them out to the real internet?) - Is there any application that can actually set the RFC3514 Evil Bit? -- Thanks; Bill Note that this isn't my regular email account - It's still experimental so far. And Google probably logs and indexes everything you send it.
Re: Cogent for ISP bandwidth
- Original Message - From: Jason Baugher ja...@thebaughers.com I've done some searching and haven't been able to find much in the last 3 years as to their reliability and suitability as an upstream provider. Really? That surprises me; people complain about Cogent on here, roughly, weekly. :-) For a regional ISP looking for GigE ports in the Chicago/St. Louis area, is Cogent a reasonable solution? Our gut feeling is that they don't stack up against a Level3 or Sprint, but they are being very aggressive with pricing to try and get our business. The implication of everyone's in a BGP mix responses, in case you don't get it (and I suspect you might not) is that you don't want Cogent to be your *only* upstream provider. If you're going to resell the bandwidth as an ISP, best practice says you should have at least 2 upstreams. 3 or more is better, Cogent has had a bad habit the last 5 or 10 years of getting into pissing matches with other carriers about peering, and just cutting them off (or being cut off)... which of course means that if they're your only connection to the Internet, then your customers simply can't reach sites connected to those providers. So, in short: no matter how agressive they are, they're not the carrier to have when you're having only one. Cheers, -- jra -- Jay R. Ashworth Baylink j...@baylink.com Designer The Things I Think RFC 2100 Ashworth Associates http://baylink.pitas.com 2000 Land Rover DII St Petersburg FL USA http://photo.imageinc.us +1 727 647 1274
Re: Cogent for ISP bandwidth
Michael J McCafferty wrote: Jason, I agree with John. You can't use them as your only provider, but you wouldn't do that with *any* provider. I will add that they answer the phone quickly, and the person who answers usually has a clue, has access to the routers, and can be helpful. It's one of the benefits that they really only sell one product. Honestly, I think their support is better than most and the deliver what they say or better. In the past the had a A peer / B peer setup that was a little funky, but I think they are getting rid of that as they upgrade hardware throughout their network. I like the separate peers. Its a nice concept in theory and gives you the flexibility to easily integrate it into an RR setup. I wouldnt mind more providers offering it as an option without having to be educated as to how it works. Joe
Re: Cogent for ISP bandwidth
On 5/14/2012 7:30 PM, Jay Ashworth wrote: - Original Message - From: Jason Baugherja...@thebaughers.com I've done some searching and haven't been able to find much in the last 3 years as to their reliability and suitability as an upstream provider. Really? That surprises me; people complain about Cogent on here, roughly, weekly. :-) Sorry, been on this list for quite some time, and I even went back to the archives. I don't see much there that is specific to Cogent doing a bad job. If I go back a few years, I find stuff about Cogent-Telia, Cogent-GBX, and even Cogent-HE IPv6 peering. For a regional ISP looking for GigE ports in the Chicago/St. Louis area, is Cogent a reasonable solution? Our gut feeling is that they don't stack up against a Level3 or Sprint, but they are being very aggressive with pricing to try and get our business. The implication of everyone's in a BGP mix responses, in case you don't get it (and I suspect you might not) is that you don't want Cogent to be your *only* upstream provider. If you're going to resell the bandwidth as an ISP, best practice says you should have at least 2 upstreams. 3 or more is better, This would be a 3rd or possibly a 4th upstream. Cogent has had a bad habit the last 5 or 10 years of getting into pissing matches with other carriers about peering, and just cutting them off (or being cut off)... which of course means that if they're your only connection to the Internet, then your customers simply can't reach sites connected to those providers. So, in short: no matter how agressive they are, they're not the carrier to have when you're having only one. Cheers, -- jra
Re: Cogent for ISP bandwidth
No way they stack up against level3 or any of the other 4 big tier 1s but if you throw them in a blend with level3 there shouldn't be any issue and I wouldn't pay more the .75 cents a meg for a gig Thanks, Ameen Pishdadi On May 14, 2012, at 5:03 PM, Jason Baugher ja...@thebaughers.com wrote: The emails on the Outages list reminded me to ask this question... I've done some searching and haven't been able to find much in the last 3 years as to their reliability and suitability as an upstream provider. For a regional ISP looking for GigE ports in the Chicago/St. Louis area, is Cogent a reasonable solution? Our gut feeling is that they don't stack up against a Level3 or Sprint, but they are being very aggressive with pricing to try and get our business. Thanks, Jason
Re: Cogent for ISP bandwidth
I often tell folks, Cogent is the 'Heidi Fleiss' of the industry .. pretty much everyone of the major carriers / providers deal with them.. but no one wants to admit it. I don't think there is any carrier out there that could be considered 'Premium' in terms of quality of service (yeah their are a lot of folks who are Premium based on what they charge)... One can only hedge one's bet for a quality connection by having multiple providers (you can mix and match) or go with some one like Internap or Tinet (folks who are taking traffic across multiple providers at their POP). Of course your mileage may vary as long as you have alternate connectivity, it makes dealing with issues more palatable, whether it is Cogent or Level3... Regards. Faisal Imtiaz Snappy Internet Telecom On 5/14/2012 10:38 PM, Ameen Pishdadi wrote: No way they stack up against level3 or any of the other 4 big tier 1s but if you throw them in a blend with level3 there shouldn't be any issue and I wouldn't pay more the .75 cents a meg for a gig Thanks, Ameen Pishdadi On May 14, 2012, at 5:03 PM, Jason Baugherja...@thebaughers.com wrote: The emails on the Outages list reminded me to ask this question... I've done some searching and haven't been able to find much in the last 3 years as to their reliability and suitability as an upstream provider. For a regional ISP looking for GigE ports in the Chicago/St. Louis area, is Cogent a reasonable solution? Our gut feeling is that they don't stack up against a Level3 or Sprint, but they are being very aggressive with pricing to try and get our business. Thanks, Jason
Re: Cogent for ISP bandwidth
Has nothing to do with whether or not they deal with all the major carriers , they are a budget provider , always have , always will be. Aside from that what matters the most is eye ball user connectivity and level3 , ATT, Verizon significantly have more eye balls connected directly to there network then cogent , we have cogent and level3 and 5 other providers on our Chicago network , with out any traffic engineering almost every thing will come in or go out level3, we use traffic optimizing equipment to automate our commit levels and also do performance based routing adjustments , I literally have to put a gun to its head to get a descent amount of traffic out to cogent , you may say it's a matter of opinion but statistics don't lie, even Telia out performs cogent according to stats , not just cause they have a massive eye ball network in Europe. Ask yourself , who are the majority customers of cogent? Not end user ISPs , hosting companies aka content providers, and when there selling bandwidth cheaper then it costs to peer then there going to keep there costs to the minimum ... Cheaper is cheaper , the saying is true , you get what you pay for. A Kia and Ferrari can both get me from point a to point b, but the Ferrari is capable of getting me there way quicker, and yes I'm going to pay a premium for it but if I'm going from NYC to San Fran I'd definitely feel safer in the Ferrari reliability wise and get there a hell of a lot quicker... But like I said and the other 10 replies nothing wrong with cogent in a nice blend of 3 or more other providers ... Thanks, Ameen Pishdadi On May 14, 2012, at 10:49 PM, Faisal Imtiaz fai...@snappydsl.net wrote: I often tell folks, Cogent is the 'Heidi Fleiss' of the industry .. pretty much everyone of the major carriers / providers deal with them.. but no one wants to admit it. I don't think there is any carrier out there that could be considered 'Premium' in terms of quality of service (yeah their are a lot of folks who are Premium based on what they charge)... One can only hedge one's bet for a quality connection by having multiple providers (you can mix and match) or go with some one like Internap or Tinet (folks who are taking traffic across multiple providers at their POP). Of course your mileage may vary as long as you have alternate connectivity, it makes dealing with issues more palatable, whether it is Cogent or Level3... Regards. Faisal Imtiaz Snappy Internet Telecom On 5/14/2012 10:38 PM, Ameen Pishdadi wrote: No way they stack up against level3 or any of the other 4 big tier 1s but if you throw them in a blend with level3 there shouldn't be any issue and I wouldn't pay more the .75 cents a meg for a gig Thanks, Ameen Pishdadi On May 14, 2012, at 5:03 PM, Jason Baugherja...@thebaughers.com wrote: The emails on the Outages list reminded me to ask this question... I've done some searching and haven't been able to find much in the last 3 years as to their reliability and suitability as an upstream provider. For a regional ISP looking for GigE ports in the Chicago/St. Louis area, is Cogent a reasonable solution? Our gut feeling is that they don't stack up against a Level3 or Sprint, but they are being very aggressive with pricing to try and get our business. Thanks, Jason
Re: Cogent for ISP bandwidth
On Mon, May 14, 2012 at 09:27:57PM -0500, Jason Baugher wrote: On 5/14/2012 7:30 PM, Jay Ashworth wrote: - Original Message - From: Jason Baugherja...@thebaughers.com I've done some searching and haven't been able to find much in the last 3 years as to their reliability and suitability as an upstream provider. Really? That surprises me; people complain about Cogent on here, roughly, weekly. :-) Sorry, been on this list for quite some time, and I even went back to the archives. I don't see much there that is specific to Cogent doing a bad job. If I go back a few years, I find stuff about Cogent-Telia, Cogent-GBX, and even Cogent-HE IPv6 peering. So when you play What's the common factor?, you get... ? grin We decided not to use Cogent as one of the suppliers for a recent PoP deployment because of these sorts of games -- it's not that we'd get caught in them (we've got three providers), but we just don't want to reward that sort of behaviour with our money. - Matt