RE: Wells Fargo getting DDoSed ?
I have been having issues with their iPad App all day -Original Message- From: Jayram Déshpandé [mailto:jayde...@gmail.com] Sent: Thursday, April 4, 2013 4:38 PM To: nanog@nanog.org Subject: Wells Fargo getting DDoSed ? I observed that since morning Wells Fargo web services are either not reachable or are really slow. I think they are getting DDoSed again. Any official information yet ? Regards, -Jay. -- Subvert the paradigm. - C.K. Prahlad
RE: route for linx.net in Level3?
The older school of thought was to put all of the edge interfaces into the IGP, and then carry all of the external routes in BGP. I thought people where doing it because IGP converged faster than iBGP and in case of an external link failure the ingress PE was informed via IGP that it has to find an alternate next-hop. Though now with the advent of BGP PIC this is not an argument anymore. adam
Re: route for linx.net in Level3?
In a message written on Fri, Apr 05, 2013 at 09:32:52AM +0200, Adam Vitkovsky wrote: I thought people where doing it because IGP converged faster than iBGP and in case of an external link failure the ingress PE was informed via IGP that it has to find an alternate next-hop. Though now with the advent of BGP PIC this is not an argument anymore. You're talking about stuff that's all 7-10 years after the decisions were made that I described in my previous e-mail. Tag switching (now MPLS) had not yet been invented/deployed when the first next-hop-self wave occured it was all about scaling both the IGP and BGP. In some MPLS topologies it may speed re-routing to have edge interfaces in the IGP due to the faster convergence of IGP's. YMMV, Batteries not Included, Some Assembly Required. -- Leo Bicknell - bickn...@ufp.org - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/ pgp_AJVWtJwTg.pgp Description: PGP signature
Re: Wells Fargo getting DDoSed ?
On Fri, Apr 5, 2013 at 2:33 AM, Ryan Finnesey r...@finnesey.com wrote: I have been having issues with their iPad App all day the boneheads doing the attacking keep calling their shots on pastebin... http://www.reuters.com/article/2013/03/26/net-us-wellsfargo-website-attacks-idUSBRE92P14320130326 which is from the 26th, but I suspect some judicious searching on webcrawler would get you results as well. -Original Message- From: Jayram Déshpandé [mailto:jayde...@gmail.com] Sent: Thursday, April 4, 2013 4:38 PM To: nanog@nanog.org Subject: Wells Fargo getting DDoSed ? I observed that since morning Wells Fargo web services are either not reachable or are really slow. I think they are getting DDoSed again. Any official information yet ? Regards, -Jay. -- Subvert the paradigm. - C.K. Prahlad
Re: 80 km BiDi XFPs
On 04/02/2013 05:15 PM, Frank Bulk wrote: Is anyone aware of a reputable supplier of 80 km BiDi XFPs? My regular supplier of generics doesn't have an option for us, but I would really like to avoid leasing additional fibers. I'm looking at a data sheet from Transition Networks that lists 80 km (24 dB) and longer. I've used some of their SFPs and media converters without trouble, but not these in particular. http://www.transition.com/TransitionNetworks/Products2/Family.aspx?Name=TN-SFP-xxx-Simplex
Re: 80 km BiDi XFPs
http://www.fiberworks.eu/Webshop/Optical-transceivers/SFP-Bi-Di-/-GPON/Gbit-Ethernet-Bi-Di-1310/1550/SFP-BiDi--125-Gbps-GigE--DDM--SM--80km-Tx-Rx1310-1550nm--26dB--LC-SFP-GE-BX80D-35-p018066.aspx already in production for 2 links On 04/05/2013 05:50 PM, Jerimiah Cole wrote: On 04/02/2013 05:15 PM, Frank Bulk wrote: Is anyone aware of a reputable supplier of 80 km BiDi XFPs? My regular supplier of generics doesn't have an option for us, but I would really like to avoid leasing additional fibers. I'm looking at a data sheet from Transition Networks that lists 80 km (24 dB) and longer. I've used some of their SFPs and media converters without trouble, but not these in particular. http://www.transition.com/TransitionNetworks/Products2/Family.aspx?Name=TN-SFP-xxx-Simplex -- Mihai
BCP38.info
Ok; I've got a Main Page up at BCP38.info, as well as some supporting Glossary articles, and the first of a series of writeups on 38 for audiences of different sizes and types: http://www.bcp38.info/index.php/Information_for_end-users I invite comments, contributions, editing, and people telling me politely that I'm out of my mind. :-) If you wanna write the articles for larger sites, that'd be great too, yeah. Cheers, -- jra -- Jay R. Ashworth Baylink j...@baylink.com Designer The Things I Think RFC 2100 Ashworth Associates http://baylink.pitas.com 2000 Land Rover DII St Petersburg FL USA #natog +1 727 647 1274
Re: 80 km BiDi XFPs
I'm going to guess that this is not going to meet the OP's request for an XFP, which would be 10GbE (and not an SFP). thanks, -Randy - Original Message - http://www.fiberworks.eu/Webshop/Optical-transceivers/SFP-Bi-Di-/-GPON/Gbit-Ethernet-Bi-Di-1310/1550/SFP-BiDi--125-Gbps-GigE--DDM--SM--80km-Tx-Rx1310-1550nm--26dB--LC-SFP-GE-BX80D-35-p018066.aspx already in production for 2 links On 04/05/2013 05:50 PM, Jerimiah Cole wrote: On 04/02/2013 05:15 PM, Frank Bulk wrote: Is anyone aware of a reputable supplier of 80 km BiDi XFPs? My regular supplier of generics doesn't have an option for us, but I would really like to avoid leasing additional fibers. I'm looking at a data sheet from Transition Networks that lists 80 km (24 dB) and longer. I've used some of their SFPs and media converters without trouble, but not these in particular. http://www.transition.com/TransitionNetworks/Products2/Family.aspx?Name=TN-SFP-xxx-Simplex -- Mihai
Re: 80 km BiDi XFPs
How much spare margin do you have? Could you roll your own with a pair of mismatched (C|D)WDM XFPs and a mux on each end? Sent from my mobile device, so please excuse any horrible misspellings. On Apr 2, 2013, at 19:16, Frank Bulk frnk...@iname.com wrote: Is anyone aware of a reputable supplier of 80 km BiDi XFPs? My regular supplier of generics doesn't have an option for us, but I would really like to avoid leasing additional fibers. Frank
Re: public consultation on root zone KSK rollover
Brandon, On Apr 4, 2013, at 5:35 PM, Brandon Butterworth bran...@rd.bbc.co.uk wrote: You do realize this requires changing validating resolver configuration data, right? Yes. How hard can it be (answer not required). While it's quaint that the elders of the internet meet and bless each new key I don't think this scales. The point of the wildly over-engineered root key signing ceremony is to build trust by publicly demonstrating at every step there is no opportunity for intentional or accidental badness to occur without being noticed. Compare this to the processes used by commercial X.509CAs when they roll their root keys (you might also want to look at how often they roll their keys). I know it's not easy but it needs to be simple and automatic for wide deployment. Even with RFC 5011 support in every validating resolver on the planet (not holding my breath), this requires all of those validating resolvers to accept a directive from the outside which instructs software to write something to permanent storage. I can easily imagine some folks being a bit nervous about this. Particularly given it would seem some CPE developers can't figure out how to write DNS resolvers that can be configured to not respond to arbitrary external queries. Frequency of root key rolling is actually a fairly complicated risk/benefit tradeoff. Frequently rolling means its more likely that the roll will be successful globally. However, it also increases the risk of (a) breaking DNS resolution for some percentage of the Internet and (b) catastrophically failing such that RFC 5011-style rollover will no longer work necessitating a manual reconfiguration of every validating resolver on the Internet. Choose wisely. In any event, if you haven't already I would encourage you to provide comments at the URL Joe referenced. Regards, -drc
Re: 80 km BiDi XFPs
On 04/05/2013 10:39 AM, Randy Carpenter wrote: I'm going to guess that this is not going to meet the OP's request for an XFP, which would be 10GbE (and not an SFP). Probably a safe guess. Mea culpa.
Re: 80 km BiDi XFPs
On Fri, Apr 05, 2013 at 10:58:49AM -0600, Jerimiah Cole wrote: On 04/05/2013 10:39 AM, Randy Carpenter wrote: I'm going to guess that this is not going to meet the OP's request for an XFP, which would be 10GbE (and not an SFP). Probably a safe guess. Mea culpa. Check out Integra Networks. Their catalog lists a 10G XFP Bi-Dir 80km: http://integranetworks.net/wp-content/uploads/2012/06/Integra-Networks-Catalog-20122.pdf XFP-CXX-80-D (CWDM) XFP-DXX-80-D (DWDM)
Weekly Routing Table Report
This is an automated weekly mailing describing the state of the Internet Routing Table as seen from APNIC's router in Japan. The posting is sent to APOPS, NANOG, AfNOG, AusNOG, SANOG, PacNOG, LacNOG, TRNOG, CaribNOG and the RIPE Routing Working Group. Daily listings are sent to bgp-st...@lists.apnic.net For historical data, please see http://thyme.rand.apnic.net. If you have any comments please contact Philip Smith pfsi...@gmail.com. Routing Table Report 04:00 +10GMT Sat 06 Apr, 2013 Report Website: http://thyme.rand.apnic.net Detailed Analysis: http://thyme.rand.apnic.net/current/ Analysis Summary BGP routing table entries examined: 449057 Prefixes after maximum aggregation: 184025 Deaggregation factor: 2.44 Unique aggregates announced to Internet: 221630 Total ASes present in the Internet Routing Table: 43748 Prefixes per ASN: 10.26 Origin-only ASes present in the Internet Routing Table: 34414 Origin ASes announcing only one prefix: 16061 Transit ASes present in the Internet Routing Table:5792 Transit-only ASes present in the Internet Routing Table:139 Average AS path length visible in the Internet Routing Table: 4.7 Max AS path length visible: 29 Max AS path prepend of ASN ( 28730) 25 Prefixes from unregistered ASNs in the Routing Table: 368 Unregistered ASNs in the Routing Table: 137 Number of 32-bit ASNs allocated by the RIRs: 4688 Number of 32-bit ASNs visible in the Routing Table:3542 Prefixes from 32-bit ASNs in the Routing Table: 10367 Special use prefixes present in the Routing Table: 18 Prefixes being announced from unallocated address space:217 Number of addresses announced to Internet: 2628059756 Equivalent to 156 /8s, 165 /16s and 2 /24s Percentage of available address space announced: 71.0 Percentage of allocated address space announced: 71.0 Percentage of available address space allocated: 100.0 Percentage of address space in use by end-sites: 94.4 Total number of prefixes smaller than registry allocations: 158789 APNIC Region Analysis Summary - Prefixes being announced by APNIC Region ASes: 107913 Total APNIC prefixes after maximum aggregation: 33314 APNIC Deaggregation factor:3.24 Prefixes being announced from the APNIC address blocks: 109122 Unique aggregates announced from the APNIC address blocks:44393 APNIC Region origin ASes present in the Internet Routing Table:4823 APNIC Prefixes per ASN: 22.63 APNIC Region origin ASes announcing only one prefix: 1227 APNIC Region transit ASes present in the Internet Routing Table:819 Average APNIC Region AS path length visible:4.8 Max APNIC Region AS path length visible: 23 Number of APNIC region 32-bit ASNs visible in the Routing Table:486 Number of APNIC addresses announced to Internet: 720399840 Equivalent to 42 /8s, 240 /16s and 109 /24s Percentage of available APNIC address space announced: 84.2 APNIC AS Blocks4608-4864, 7467-7722, 9216-10239, 17408-18431 (pre-ERX allocations) 23552-24575, 37888-38911, 45056-46079, 55296-56319, 58368-59391, 131072-133119 APNIC Address Blocks 1/8, 14/8, 27/8, 36/8, 39/8, 42/8, 43/8, 49/8, 58/8, 59/8, 60/8, 61/8, 101/8, 103/8, 106/8, 110/8, 111/8, 112/8, 113/8, 114/8, 115/8, 116/8, 117/8, 118/8, 119/8, 120/8, 121/8, 122/8, 123/8, 124/8, 125/8, 126/8, 133/8, 150/8, 153/8, 163/8, 171/8, 175/8, 180/8, 182/8, 183/8, 202/8, 203/8, 210/8, 211/8, 218/8, 219/8, 220/8, 221/8, 222/8, 223/8, ARIN Region Analysis Summary Prefixes being announced by ARIN Region ASes:157436 Total ARIN prefixes after maximum aggregation:79453 ARIN Deaggregation factor: 1.98 Prefixes being announced from the ARIN address blocks: 158125 Unique aggregates announced from the ARIN address blocks: 72365 ARIN Region origin ASes present in the Internet Routing Table:15598 ARIN Prefixes per ASN:10.14 ARIN Region origin ASes
The Cidr Report
This report has been generated at Fri Apr 5 21:13:17 2013 AEST.
The report analyses the BGP Routing Table of AS2.0 router
and generates a report on aggregation potential within the table.
Check http://www.cidr-report.org for a current version of this report.
Recent Table History
Date PrefixesCIDR Agg
29-03-13449781 257239
30-03-13449770 257289
31-03-13449591 257894
01-04-13450130 258509
02-04-13450695 258668
03-04-13450581 258807
04-04-13450741 259286
05-04-13451091 259553
AS Summary
43856 Number of ASes in routing system
18179 Number of ASes announcing only one prefix
3038 Largest number of prefixes announced by an AS
AS6389 : BELLSOUTH-NET-BLK - BellSouth.net Inc.
116943584 Largest address span announced by an AS (/32s)
AS4134 : CHINANET-BACKBONE No.31,Jin-rong Street
Aggregation Summary
The algorithm used in this report proposes aggregation only
when there is a precise match using the AS path, so as
to preserve traffic transit policies. Aggregation is also
proposed across non-advertised address space ('holes').
--- 05Apr13 ---
ASnumNetsNow NetsAggr NetGain % Gain Description
Table 451468 259555 19191342.5% All ASes
AS6389 3038 92 294697.0% BELLSOUTH-NET-BLK -
BellSouth.net Inc.
AS4766 2955 939 201668.2% KIXS-AS-KR Korea Telecom
AS17974 2510 547 196378.2% TELKOMNET-AS2-AP PT
Telekomunikasi Indonesia
AS22773 2008 154 185492.3% ASN-CXA-ALL-CCI-22773-RDC -
Cox Communications Inc.
AS28573 2566 727 183971.7% NET Serviços de Comunicação
S.A.
AS18566 2068 473 159577.1% COVAD - Covad Communications
Co.
AS7303 1673 447 122673.3% Telecom Argentina S.A.
AS4323 1610 401 120975.1% TWTC - tw telecom holdings,
inc.
AS10620 2356 1243 111347.2% Telmex Colombia S.A.
AS4755 1732 633 109963.5% TATACOMM-AS TATA
Communications formerly VSNL
is Leading ISP
AS2118 1116 83 103392.6% RELCOM-AS OOO NPO Relcom
AS7552 1138 172 96684.9% VIETEL-AS-AP Vietel
Corporation
AS7029 2139 1221 91842.9% WINDSTREAM - Windstream
Communications Inc
AS18881 850 20 83097.6% Global Village Telecom
AS18101 1001 172 82982.8% RELIANCE-COMMUNICATIONS-IN
Reliance Communications
Ltd.DAKC MUMBAI
AS14754 952 146 80684.7% Telgua
AS1785 1973 1200 77339.2% AS-PAETEC-NET - PaeTec
Communications, Inc.
AS4808 1122 362 76067.7% CHINA169-BJ CNCGROUP IP
network China169 Beijing
Province Network
AS36998 1137 382 75566.4% SDN-MOBITEL
AS13977 835 125 71085.0% CTELCO - FAIRPOINT
COMMUNICATIONS, INC.
AS855724 50 67493.1% CANET-ASN-4 - Bell Aliant
Regional Communications, Inc.
AS8151 1227 574 65353.2% Uninet S.A. de C.V.
AS22561 1082 452 63058.2% DIGITAL-TELEPORT - Digital
Teleport Inc.
AS17676 733 108 62585.3% GIGAINFRA Softbank BB Corp.
AS24560 1060 446 61457.9% AIRTELBROADBAND-AS-AP Bharti
Airtel Ltd., Telemedia
Services
AS3549 1054 444 61057.9% GBLX Global Crossing Ltd.
AS17908 793 198 59575.0% TCISL Tata Communications
AS3356 1088 495 59354.5% LEVEL3 Level 3 Communications
AS19262 990 403 58759.3% VZGNI-TRANSIT - Verizon Online
LLC
AS11830 725 147 57879.7% Instituto Costarricense de
Electricidad y Telecom.
Total 44255128563139971.0% Top 30 total
Possible Bogus Routes
BGP Update Report
BGP Update Report Interval: 28-Mar-13 -to- 04-Apr-13 (7 days) Observation Point: BGP Peering with AS131072 TOP 20 Unstable Origin AS Rank ASNUpds % Upds/PfxAS-Name 1 - AS982950576 2.7% 41.6 -- BSNL-NIB National Internet Backbone 2 - AS840246715 2.5% 38.5 -- CORBINA-AS OJSC Vimpelcom 3 - AS10091 28716 1.5% 80.7 -- SCV-AS-AP StarHub Cable Vision Ltd 4 - AS14754 27759 1.5% 31.8 -- Telgua 5 - AS17974 23145 1.2% 23.4 -- TELKOMNET-AS2-AP PT Telekomunikasi Indonesia 6 - AS390922559 1.2%7519.7 -- QWEST-AS-3908 - Qwest Communications Company, LLC 7 - AS28573 19947 1.1% 7.6 -- NET Serviços de Comunicação S.A. 8 - AS45271 18144 1.0% 58.5 -- ICLNET-AS-AP 5th Floor, Windsor Building, Off: CST Road 9 - AS755217599 0.9% 17.5 -- VIETEL-AS-AP Vietel Corporation 10 - AS845216646 0.9% 13.8 -- TE-AS TE-AS 11 - AS10620 15720 0.8% 7.6 -- Telmex Colombia S.A. 12 - AS27947 15712 0.8% 19.8 -- Telconet S.A 13 - AS270815405 0.8% 107.7 -- Universidad de Guanajuato 14 - AS21826 14902 0.8% 53.6 -- Corporación Telemic C.A. 15 - AS269714053 0.7% 72.1 -- ERX-ERNET-AS Education and Research Network 16 - AS671313660 0.7% 29.1 -- IAM-AS 17 - AS702913582 0.7% 7.4 -- WINDSTREAM - Windstream Communications Inc 18 - AS33776 13408 0.7% 72.9 -- STARCOMMS-ASN 19 - AS453812308 0.7% 23.4 -- ERX-CERNET-BKB China Education and Research Network Center 20 - AS55430 12008 0.6% 80.6 -- STARHUBINTERNET-AS-NGNBN Starhub Internet Pte Ltd TOP 20 Unstable Origin AS (Updates per announced prefix) Rank ASNUpds % Upds/PfxAS-Name 1 - AS6629 7685 0.4%7685.0 -- NOAA-AS - NOAA 2 - AS390922559 1.2%7519.7 -- QWEST-AS-3908 - Qwest Communications Company, LLC 3 - AS194064122 0.2%4122.0 -- TWRS-MA - Towerstream I, Inc. 4 - AS373673717 0.2%3717.0 -- CALLKEY 5 - AS6174 5722 0.3%2861.0 -- SPRINTLINK8 - Sprint 6 - AS5074 4504 0.2%2252.0 -- ASN-ATTELS - ATT BMGS 7 - AS146806505 0.3%2168.3 -- REALE-6 - Auction.com 8 - AS138974196 0.2%2098.0 -- CDC1 - Internet Brands Inc. 9 - AS4467 2047 0.1%2047.0 -- EASYLINK3 - ATT Services, Inc. 10 - AS172935379 0.3%1793.0 -- VTXC - VTX Communications 11 - AS9950 3351 0.2%1675.5 -- PUBNETPLUS2-AS-KR DACOM 12 - AS365292492 0.1%1246.0 -- AXXA-RACKCO - Rackco.com 13 - AS410233397 0.2%1132.3 -- ARREKS-AS Agencja Rozwoju Regionalnego ARREKS S.A. 14 - AS198862263 0.1%1131.5 -- BOFABROKERDEALERSVCS - Bank of America 15 - AS46105 783 0.0% 783.0 -- HMLP-ASN - HealthCor Management, L.P. 16 - AS104453742 0.2% 748.4 -- HTG - Huntleigh Telcom 17 - AS329555852 0.3% 731.5 -- MURCOM - MURCOM, LLC 18 - AS52358 673 0.0% 673.0 -- YV Ingeniería y Construcción, C.A. 19 - AS570133972 0.2% 662.0 -- EURASIA-STAR-AS Eurasia Star Ltd. 20 - AS22688 645 0.0% 645.0 -- DOLGENCORP - Dollar General Corporation TOP 20 Unstable Prefixes Rank Prefix Upds % Origin AS -- AS Name 1 - 202.41.70.0/2410026 0.5% AS2697 -- ERX-ERNET-AS Education and Research Network 2 - 112.110.82.0/237688 0.4% AS45271 -- ICLNET-AS-AP 5th Floor, Windsor Building, Off: CST Road 3 - 112.110.84.0/227686 0.4% AS45271 -- ICLNET-AS-AP 5th Floor, Windsor Building, Off: CST Road 4 - 192.58.232.0/247685 0.4% AS6629 -- NOAA-AS - NOAA 5 - 151.118.18.0/247543 0.4% AS3909 -- QWEST-AS-3908 - Qwest Communications Company, LLC 6 - 151.118.255.0/24 7508 0.4% AS3909 -- QWEST-AS-3908 - Qwest Communications Company, LLC 7 - 151.118.254.0/24 7508 0.4% AS3909 -- QWEST-AS-3908 - Qwest Communications Company, LLC 8 - 12.139.133.0/245379 0.3% AS14680 -- REALE-6 - Auction.com 9 - 194.63.9.0/24 4217 0.2% AS1273 -- CW Cable and Wireless Worldwide plc 10 - 216.183.32.0/194146 0.2% AS17293 -- VTXC - VTX Communications 11 - 69.38.178.0/24 4122 0.2% AS19406 -- TWRS-MA - Towerstream I, Inc. 12 - 41.75.40.0/21 3717 0.2% AS37367 -- CALLKEY 13 - 58.184.229.0/243347 0.2% AS9950 -- PUBNETPLUS2-AS-KR DACOM 14 - 206.105.75.0/242861 0.1% AS6174 -- SPRINTLINK8 - Sprint 15 - 208.16.110.0/242861 0.1% AS6174 -- SPRINTLINK8 - Sprint 16 - 115.170.128.0/17 2762 0.1% AS4847 -- CNIX-AP China Networks Inter-Exchange 17 - 2.93.235.0/24 2636 0.1% AS8402 -- CORBINA-AS OJSC Vimpelcom 18 - 12.79.224.0/19 2325 0.1% AS5074 -- ASN-ATTELS -
Re: public consultation on root zone KSK rollover
rant The point of the wildly over-engineered root key signing ceremony is to build trust by publicly demonstrating at every step there is no opportunity for intentional or accidental badness to occur without being noticed. at some point, long passed, the more pomp, the less safe i feel. there is protecting against technical/engineering threats and protecting against layer 8 through 11. through complexity, it compromises the technical protection to go overboard on the lawyer defense. from this bottom feeder's pov, icann, verisign, doc, ... are too often the layer 8 through 11 threat than part of the engineering solution. In any event, if you haven't already I would encourage you to provide comments at the URL Joe referenced. definitely. after all, commenting on icann insanities has had such serious beneficial effect for the good of the internet in the past. randy
Re: public consultation on root zone KSK rollover
Randy, On Apr 6, 2013, at 7:10 AM, Randy Bush ra...@psg.com wrote: at some point, long passed, the more pomp, the less safe i feel. Have you actually watched/participated in a root key signing ceremony? Pomp is not the term I would use. there is protecting against technical/engineering threats and protecting against layer 8 through 11. through complexity, it compromises the technical protection to go overboard on the lawyer defense. Technical protection like those that protected Diginotar's customers? The elaborate root key signing ceremony is designed to ensure all aspects of root key management are open, transparent, and can be audited by anyone. While I'd agree that it is non-technical, the technical/engineering part is the easy bit. Protecting against insiders, laziness, and stupidity is _far_ harder. In any event, if you haven't already I would encourage you to provide comments at the URL Joe referenced. definitely. after all, commenting on icann insanities has had such serious beneficial effect for the good of the internet in the past. I can guarantee that providing comments are infinitely more likely to have an impact than stomping off in a huff :) Regards, -drc
30% packet loss between cox.net and hetzner.de, possibly at tinet.net
Hello,
There has been at least a 25% packet loss between hetzner.de and cox.net
in the last couple of hours.
Tried contacting hetzner.de, but they said it's not on their network.
This has already happened a couple of days ago, too (strangely, on April 1),
but then was good for the rest of the week -- no problems whatsoever.
I wouldn't really care about this, if not for ssh:
it just doesn't work on such huge loss.
No other routes or networks seem affected.
Any advice?
# mtr --report{,-wide,-cycles=60} --order SRL BGAWV
ip68-97-XX-XXX.ok.ok.cox.net ; date
HOST: xx Snt Rcv Loss% Best Gmean
Avg Wrst StDev
1.|-- static.33.203.4.46.clients.your-server.de6060 0.0%0.5
1.1 1.5 3.8 1.1
2.|-- hos-tr3.juniper2.rz13.hetzner.de 6060 0.0%0.2
0.4 3.4 46.2 9.8
3.|-- hos-bb2.juniper4.rz2.hetzner.de 6060 0.0%2.7
3.0 3.6 38.1 4.8
4.|-- r1nue1.core.init7.net6060 0.0%2.8
4.9 6.0 13.3 3.9
5.|-- r1nue2.core.init7.net6060 0.0%2.9
3.9 4.6 13.8 3.1
6.|-- r1fra2.core.init7.net6060 0.0%5.7
7.6 8.2 17.3 3.8
7.|-- r1fra1.core.init7.net6060 0.0%5.9
8.2 8.9 17.1 3.9
8.|-- xe-4-2-2.fra23.ip4.tinet.net 6060 0.0%5.9
6.4 7.1 38.2 5.2
9.|-- xe-3-0-0.dal33.ip4.tinet.net 6039 35.0% 165.8
169.7 170.1 226.3 13.1
10.|-- cox-communications-gw.ip4.tinet.net 6047 21.7% 159.0
162.3 162.6 207.9 10.4
11.|-- mtc3dsrj01-ae1.0.rd.ok.cox.net 6046 23.3% 163.1
166.1 166.3 196.3 8.0
12.|-- 68.12.14.1 6049 18.3% 161.3
161.6 161.6 161.9 0.1
13.|-- COX-68-12-10-114-static.coxinet.net 6040 33.3% 162.5
162.8 162.8 163.1 0.1
14.|-- COX-68-12-10-114-static.coxinet.net 6044 26.7% 162.5
162.8 162.8 163.2 0.1
15.|-- ip68-97-XX-XXX.ok.ok.cox.net 6043 28.3% 170.9
173.5 173.5 179.5 1.5
Fri Apr 5 16:21:56 PDT 2013
% mtr --report{,-wide,-cycles=60} --order SRL BGAWV
static.88-198-xx-xx.clients.your-server.de ; date
HOST: xx Snt Rcv Loss% Best Gmean
Avg Wrst StDev
1.|-- 192.168. 6060 0.0%1.0
1.9 2.5 14.0 2.5
2.|-- 10.0.x.x 6060 0.0%1.3
2.3 2.6 7.6 1.6
3.|-- 10.6.0.1 6060 0.0%8.9
13.7 14.3 38.6 5.1
4.|-- COX-68-12-10-113-static.coxinet.net 6060 0.0%9.6
14.1 15.6 97.2 11.9
5.|-- COX-68-12-10-2-static.coxinet.net 6060 0.0% 10.1
14.9 15.4 31.2 4.3
6.|-- 68.1.5.1616060 0.0% 55.8
61.8 62.1 93.1 6.6
7.|-- nyk-s2-rou-1001.US.eurorings.net 6060 0.0% 55.7
63.6 64.8 162.4 16.7
8.|-- nntr-s1-rou-1101.FR.eurorings.net 6060 0.0% 149.5
168.7 169.7 213.1 19.3
9.|-- kehl-s2-rou-1103.DE.eurorings.net 6047 21.7% 147.2
151.6 151.6 161.6 3.3
10.|-- ffm-s1-rou-1102.DE.eurorings.net 6060 0.0% 144.1
148.9 149.1 174.2 6.4
11.|-- nbg-s1-rou-1001.DE.eurorings.net 6060 0.0% 147.1
156.2 157.3 290.9 22.4
12.|-- kpn-gw.hetzner.de 6048 20.0% 173.8
178.9 179.0 198.2 5.1
13.|-- hos-bb2.juniper2.rz13.hetzner.de 6043 28.3% 173.4
179.6 179.9 230.1 11.8
14.|-- hos-tr4.ex3k11.rz13.hetzner.de6048 20.0% 176.9
181.9 181.9 198.9 4.4
15.|-- static.88-198-xx-xx.clients.your-server.de6037 38.3% 173.2
177.0 177.0 186.6 3.4
Fri 5 Apr 2013 16:22:51 PDT
The huge packet loss even extends to the regular cox.net web-site, it seems:
# mtr --report{,-wide,-cycles=60} --order SRL BGAWV cox.net ; date
HOST: xx Snt Rcv Loss% Best Gmean
Avg Wrst StDev
1.|-- static.33.203.4.46.clients.your-server.de6060 0.0%0.5
1.2 1.7 5.6 1.4
2.|-- hos-tr1.juniper1.rz13.hetzner.de 6060 0.0%0.2
0.3 2.1 29.3 6.0
3.|-- hos-bb2.juniper4.rz2.hetzner.de 6060 0.0%2.7
3.5 5.8 62.5 10.1
4.|-- r1nue1.core.init7.net6060 0.0%2.8
4.2 5.2 13.5 3.8
5.|-- r1nue2.core.init7.net6060 0.0%2.9
4.7 6.0 28.7 5.0
6.|-- r1fra2.core.init7.net6060 0.0%5.7
7.4 8.1 15.9 3.6
7.|-- r1fra1.core.init7.net6060 0.0%5.9
7.6 8.1 16.8 3.2
8.|-- xe-4-2-2.fra23.ip4.tinet.net 6060 0.0%5.9
6.4 7.1 36.2 5.6
Re: 30% packet loss between cox.net and hetzner.de, possibly at tinet.net
On 2013-04-06 04:32, Constantine A. Murenin wrote:
Hello,
There has been at least a 25% packet loss between hetzner.de and
cox.net
in the last couple of hours.
Tried contacting hetzner.de, but they said it's not on their network.
This has already happened a couple of days ago, too (strangely, on
April 1),
but then was good for the rest of the week -- no problems whatsoever.
I wouldn't really care about this, if not for ssh:
it just doesn't work on such huge loss.
No other routes or networks seem affected.
Any advice?
Doesnt looks like tinet for me.
I have colo in Europe and it is connected over tinet and mtr to
static.33.203.4.46.clients.your-server.de is clean
visp-probe ~ # mtr --report{,-wide,-cycles=60} --order SRL BGAWV
static.33.203.4.46.clients.your-server.de
HOST: visp-probe Snt Rcv Loss%
Best Gmean Avg Wrst StDev
1.|-- X.X.X.X 6060 0.0%
0.1 0.9 6.1 50.7 11.7
2.|-- r1fra1.core.init7.net6060 0.0%
1.0 2.6 3.9 12.8 3.6
3.|-- r1fra3.core.init7.net6060 0.0%
1.0 2.2 3.2 12.0 3.2
4.|-- r1nue2.core.init7.net6060 0.0%
3.7 5.3 6.0 15.5 3.7
5.|-- r1nue1.core.init7.net6060 0.0%
3.9 5.8 6.5 15.3 3.6
6.|-- gw-hetzner.init7.net 6060 0.0%
3.9 5.1 8.1 89.6 15.2
7.|-- hos-bb2.juniper2.rz13.hetzner.de 6060 0.0%
6.1 7.7 10.4 74.9 14.8
8.|-- static.33.203.4.46.clients.your-server.de6060 0.0%
6.5 7.7 7.8 13.1 1.4
---
Denys Fedoryshchenko, Network Engineer, Virtual ISP S.A.L.
RE: 80 km BiDi XFPs
Thank you -- this is the first hit I've received. Thanks for all the others who offered help, but all the other pointers led to 40 km or 60 km products, 1G SFPs, or stand-alone passive muxes. Frank -Original Message- From: Chuck Anderson [mailto:c...@wpi.edu] Sent: Friday, April 05, 2013 12:15 PM To: nanog@nanog.org Subject: Re: 80 km BiDi XFPs On Fri, Apr 05, 2013 at 10:58:49AM -0600, Jerimiah Cole wrote: On 04/05/2013 10:39 AM, Randy Carpenter wrote: I'm going to guess that this is not going to meet the OP's request for an XFP, which would be 10GbE (and not an SFP). Probably a safe guess. Mea culpa. Check out Integra Networks. Their catalog lists a 10G XFP Bi-Dir 80km: http://integranetworks.net/wp-content/uploads/2012/06/Integra-Networks-Catal og-20122.pdf XFP-CXX-80-D (CWDM) XFP-DXX-80-D (DWDM)
RE: Speedtest Results speedtest.net vs Mikrotik bandwidth test
Here's a 39-page report that might differ with your perspective: http://mitas.csail.mit.edu/papers/Bauer_Clark_Lehr_Broadband_Speed_Measurements.pdf And another report: http://www.netforecast.com/Reports/NFR5103_comScore_ISP_Speed_Test_Accuracy.pdf Frank -Original Message- From: Mike [mailto:mike-na...@tiedyenetworks.com] Sent: Wednesday, April 03, 2013 4:08 PM To: nanog@nanog.org Subject: Re: Speedtest Results speedtest.net vs Mikrotik bandwidth test snip These speedtests are pure unscientific bs and I'd love to see them called out on the carpet for it. Mike-
Re: 30% packet loss between cox.net and hetzner.de, possibly at tinet.net
On 2013-W14-6 05:04 +0300, Denys Fedoryshchenko wrote:
On 2013-04-06 04:32, Constantine A. Murenin wrote:
Hello,
There has been at least a 25% packet loss between hetzner.de and
cox.net
in the last couple of hours.
Tried contacting hetzner.de, but they said it's not on their network.
This has already happened a couple of days ago, too (strangely, on
April 1),
but then was good for the rest of the week -- no problems whatsoever.
I wouldn't really care about this, if not for ssh:
it just doesn't work on such huge loss.
No other routes or networks seem affected.
Any advice?
Doesnt looks like tinet for me.
Might have been eurorings.net, as your Amazon EC2 to Hetzner
traceroute seemed to suggest?
This loss was apparent even with their own main websites:
cox.net from a hetzner.de node:
# mtr --report{,-wide,-cycles=60} --order SRL BGAWV cox.net ; date
...
3.|-- hos-bb2.juniper4.rz2.hetzner.de 6060 0.0%2.7
3.5 5.8 62.5 10.1
4.|-- r1nue1.core.init7.net6060 0.0%2.8
4.2 5.2 13.5 3.8
5.|-- r1nue2.core.init7.net6060 0.0%2.9
4.7 6.0 28.7 5.0
6.|-- r1fra2.core.init7.net6060 0.0%5.7
7.4 8.1 15.9 3.6
7.|-- r1fra1.core.init7.net6060 0.0%5.9
7.6 8.1 16.8 3.2
8.|-- xe-4-2-2.fra23.ip4.tinet.net 6060 0.0%5.9
6.4 7.1 36.2 5.6
9.|-- xe-9-0-0.was14.ip4.tinet.net 6043 28.3% 142.3
145.0 145.2 190.0 9.6
10.|-- cox-communications-gw.ip4.tinet.net 6048 20.0% 124.8
129.6 130.2 176.6 13.2
11.|-- dukedsrj02-ge210.0.rd.at.cox.net 6045 25.0% 137.7
141.2 141.6 194.7 11.6
12.|-- 68.1.15.238 6049 18.3% 138.1
138.7 138.7 140.0 0.4
13.|-- 68.99.123.4 6036 40.0% 140.4
140.9 140.9 141.6 0.3
14.|-- ww2.cox.com 6044 26.7% 140.6
140.9 140.9 141.8 0.3
Fri Apr 5 18:19:21 PDT 2013
hetzner.de from a cox.net node:
...
5.|-- COX-68-12-8-132-static.coxinet.net 6060 0.0% 11.6 15.3
15.8 35.1 4.9
6.|-- 68.1.5.161 6060 0.0% 55.7 59.8
60.0 95.8 5.3
7.|-- nyk-s2-rou-1001.US.eurorings.net 6060 0.0% 55.8 63.8
64.9 139.4 14.7
8.|-- nntr-s1-rou-1101.FR.eurorings.net 6060 0.0% 149.8 154.1
154.1 171.9 4.3
9.|-- kehl-s2-rou-1103.DE.eurorings.net 6060 0.0% 147.2 152.8
153.1 206.1 8.7
10.|-- ffm-s1-rou-1102.DE.eurorings.net 6060 0.0% 143.3 147.7
147.7 177.2 5.0
11.|-- nbg-s1-rou-1001.DE.eurorings.net 6060 0.0% 147.3 153.8
154.0 211.1 10.0
12.|-- kpn-gw.hetzner.de 6044 26.7% 173.3 177.6
177.6 184.5 2.7
13.|-- hos-bb2.juniper3.rz2.hetzner.de6042 30.0% 170.3 175.1
175.2 203.1 5.6
14.|-- hos-tr4.ms-ex3k2.rz1.hetzner.de6044 26.7% 171.9 175.9
175.9 185.4 2.8
15.|-- www.hetzner.de 6042 30.0% 170.4 175.1
175.2 187.0 4.1
Fri 5 Apr 2013 17:38:11 PDT
...
5.|-- COX-68-12-8-132-static.coxinet.net 6060 0.0% 11.3 14.2
14.5 33.6 3.3
6.|-- 68.1.5.161 6060 0.0% 56.2 61.1
61.8 135.6 11.6
7.|-- nyk-s2-rou-1001.US.eurorings.net 6060 0.0% 56.0 60.6
61.0 121.1 8.7
8.|-- nntr-s1-rou-1101.FR.eurorings.net 6058 3.3% 150.1 153.5
153.5 166.3 2.8
9.|-- kehl-s2-rou-1103.DE.eurorings.net 6029 51.7% 147.5 152.0
152.1 170.8 5.3
10.|-- ffm-s1-rou-1102.DE.eurorings.net 6028 53.3% 143.7 148.4
148.6 186.7 8.0
11.|-- nbg-s1-rou-1001.DE.eurorings.net 6060 0.0% 147.2 151.8
151.9 178.2 4.7
12.|-- kpn-gw.hetzner.de 6045 25.0% 172.7 177.0
177.0 197.4 4.0
13.|-- hos-bb2.juniper3.rz2.hetzner.de6041 31.7% 170.4 176.5
176.6 190.9 6.2
14.|-- hos-tr4.ms-ex3k2.rz1.hetzner.de6050 16.7% 171.8 175.6
175.6 183.1 2.8
15.|-- www.hetzner.de 6047 21.7% 170.5 174.2
174.3 188.8 3.2
Fri 5 Apr 2013 19:22:36 PDT
But it has since subsided:
...
3.|-- hos-bb2.juniper4.rz2.hetzner.de 6060 0.0%2.7
2.9 3.4 41.4 5.0
4.|-- r1nue1.core.init7.net6060 0.0%2.8
5.2 6.3 12.4 3.8
5.|-- r1nue2.core.init7.net6060 0.0%2.9
4.0 4.7 14.0 3.2
6.|-- r1fra2.core.init7.net6060 0.0%5.7
7.7 8.4 17.0 3.9
7.|-- r1fra1.core.init7.net6060 0.0%5.9
8.7 9.3 17.1 3.7
8.|-- xe-4-2-2.fra23.ip4.tinet.net 6060 0.0%5.9
6.1 6.2 15.0 1.3
9.|-- xe-9-0-0.was14.ip4.tinet.net 6060 0.0%
ICMP Redirect on Resolvers
Hello everybody, I have two DNS Server (resolver) running on FreeBSD 9.0, I always see in console messages like this: icmp redirect from 192.168.140.36: 192.168.179.80 = 192.168.140.254 and lots of messages like this, mostly ip addresses not belong to me, and some times these resolvers stop working. My question is what are these messages? why they only shown in console of these servers not others? And are they cause the problems like stopping working for server/services? Thanks -- Regards, Shahab Vahabzadeh, Network Engineer and System Administrator Cell Phone: +1 (415) 871 0742 PGP Key Fingerprint = 8E34 B335 D702 0CA7 5A81 C2EE 76A2 46C2 5367 BF90
Re: ICMP Redirect on Resolvers
On 6 Apr 2013, at 06:36, Shahab Vahabzadeh sh.vahabza...@gmail.com wrote: I have two DNS Server (resolver) running on FreeBSD 9.0, I always see in console messages like this: icmp redirect from 192.168.140.36: 192.168.179.80 = 192.168.140.254 You probably configured the wrong default router address or netmask. Tony. -- f.anthony.n.finch d...@dotat.at http://dotat.at/
