Ethernet CFM LMI vs EBGP between PE-CE

[Deniz Aydin]

Hi,

What is the pros and cons using Ethernet CFMLMI or EBGP between PE-CE for link 
protection on ethernet based circuits. Currently, we are using EBGP when metro 
ethernet customers who want a backup link. But we are thinking about using 
CFM/E-LMI for fault management as CPE'es are more expensive  and reaction time 
depends on the BGP timers. With CFM/LMI it'is much more better but this time it 
results in another control plane protocol in the network. What are the current 
applications in your network?

Deniz AYDIN



Bu elektronik posta ve onunla iletilen bütün dosyalar sadece göndericisi 
tarafından alması amaçlanan yetkili gerçek ya da tüzel kişinin kullanımı 
içindir. Eğer söz konusu yetkili alıcı değilseniz bu elektronik postanın 
içeriğini açıklamanız, kopyalamanız, yönlendirmeniz ve kullanmanız kesinlikle 
yasaktır ve bu elektronik postayı derhal silmeniz gerekmektedir. TurkNet bu 
mesajın içerdiği bilgilerin doğruluğu veya eksiksiz olduğu konusunda herhangi 
bir garanti vermemektedir. Bu nedenle bu bilgilerin ne şekilde olursa olsun 
içeriğinden, iletilmesinden, alınmasından ve saklanmasından sorumlu değildir. 
Bu mesajdaki görüşler yalnızca gönderen kişiye aittir ve TurkNet'in görüşlerini 
yansıtmayabilir. Bu e-posta bilinen bütün bilgisayar virüslerine karşı 
taranmıştır.

This e-mail and any files transmitted with it are confidential and intended 
solely for the use of the individual or entity to whom they are addressed. If 
you are not the intended recipient you are hereby notified that any 
dissemination, forwarding, copying or use of any of the information is strictly 
prohibited, and the e-mail should immediately be deleted. TurkNet makes no 
warranty as to the accuracy or completeness of any information contained in 
this message and hereby excludes any liability of any kind for the information 
contained therein or for the information transmission, reception, storage or 
use of such in any way whatsoever. The opinions expressed in this message 
belong to sender alone and may not necessarily reflect the opinions of TurkNet. 
This e-mail has been scanned for all known computer viruses.

Re: someone from Sprint

[Jay Ashworth]

- Original Message -
 From: bmann...@vacation.karoshi.com

 your not alone... (Sprint is the upstream for this email)
 
 The original message was received at Wed, 17 Apr 2013 14:21:10 GMT
 from localhost.localdomain [127.0.0.1]
 
 - The following addresses had permanent fatal errors -
 tom.a.sch...@sprint.com
 (reason: 501 5.5.4 Invalid domain name)

And that wasn't all; Sprint transparent proxies for their WiMAX 4g service 
were horking connections to Google and eBay (probably among others) for 
about half an hour, about an hour ago.

It was fun to get No service configured at this address from Google.  :-)

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth  Associates http://baylink.pitas.com 2000 Land Rover DII
St Petersburg FL USA   #natog  +1 727 647 1274

Re: someone from Sprint

[bmanning]

 paging Softbank/Sony.

/bill

On Thu, Apr 18, 2013 at 11:50:57AM -0400, Jay Ashworth wrote:
 - Original Message -
  From: bmann...@vacation.karoshi.com
 
  your not alone... (Sprint is the upstream for this email)
  
  The original message was received at Wed, 17 Apr 2013 14:21:10 GMT
  from localhost.localdomain [127.0.0.1]
  
  - The following addresses had permanent fatal errors -
  tom.a.sch...@sprint.com
  (reason: 501 5.5.4 Invalid domain name)
 
 And that wasn't all; Sprint transparent proxies for their WiMAX 4g service 
 were horking connections to Google and eBay (probably among others) for 
 about half an hour, about an hour ago.
 
 It was fun to get No service configured at this address from Google.  :-)
 
 Cheers,
 -- jra
 -- 
 Jay R. Ashworth  Baylink   
 j...@baylink.com
 Designer The Things I Think   RFC 2100
 Ashworth  Associates http://baylink.pitas.com 2000 Land Rover DII
 St Petersburg FL USA   #natog  +1 727 647 1274

Cross country point to point link question

[Petter Bruland]

Question for someone with some experience with long haul links (Las Vegas -- 
New Jersey)

[Cisco 4510 - SVI-VLAN x]---trunk---[Nexus5K LH optic]===fiber==={carriers 
across country}===fiber===[Nexus5K LH optic]---trunk---[Cisco 4510 - SVI-VLAN x]

We have two circuits, one that is the same vendor from east to west, and the 
other circuit is a two vendor deal. Both circuits are 1 Gbps with around 67-70 
ms delay.

As soon as we had the links turned up, our SAN guy started complaining about 
poor throughput, asking us to throw in a couple of wan accelerators.
He was seeing a max throughput of around ~200 Mbps.

Question: For a long haul 1 Gbps link with 67-70 ms delay, would  installing a 
pair of wan accelerators make a big difference? 

Thanks,
-Petter Bruland

Re: someone from Sprint

[Christopher Morrow]

On Thu, Apr 18, 2013 at 12:05 PM, bmann...@vacation.karoshi.com wrote:



  paging Softbank/Sony.


don't you mean ericsson? :)



 /bill

 On Thu, Apr 18, 2013 at 11:50:57AM -0400, Jay Ashworth wrote:
  - Original Message -
   From: bmann...@vacation.karoshi.com
 
   your not alone... (Sprint is the upstream for this email)
  
   The original message was received at Wed, 17 Apr 2013 14:21:10 GMT
   from localhost.localdomain [127.0.0.1]
  
   - The following addresses had permanent fatal errors -
   tom.a.sch...@sprint.com
   (reason: 501 5.5.4 Invalid domain name)
 
  And that wasn't all; Sprint transparent proxies for their WiMAX 4g
 service
  were horking connections to Google and eBay (probably among others) for
  about half an hour, about an hour ago.
 
  It was fun to get No service configured at this address from Google.
  :-)
 
  Cheers,
  -- jra
  --
  Jay R. Ashworth  Baylink
 j...@baylink.com
  Designer The Things I Think
 RFC 2100
  Ashworth  Associates http://baylink.pitas.com 2000 Land
 Rover DII
  St Petersburg FL USA   #natog  +1 727
 647 1274

RE: Cross country point to point link question

[Vinny_Abello]

Assuming you're doing FCoE or just iSCSI, you REALLY need to make sure your SAN 
vendor blesses something messing with packet headers on the SAN traffic. I 
don't think the caching mechanisms on the typical accelerator would help at all 
either. I somehow doubt they would support that unless they have their own 
solution. 

If you're just doing SMB or NFS or something similar then yes it would probably 
help overcome performance issues tied to latency quite a bit. But again, the 
magic is usually all tied to compression, TCP header modification and caching 
algorithms to local storage on each device.

-Vinny

-Original Message-
From: Petter Bruland [mailto:petter.brul...@allegiantair.com] 
Sent: Thursday, April 18, 2013 12:20 PM
To: nanog@nanog.org
Subject: Cross country point to point link question

Question for someone with some experience with long haul links (Las Vegas -- 
New Jersey)

[Cisco 4510 - SVI-VLAN x]---trunk---[Nexus5K LH optic]===fiber==={carriers 
across country}===fiber===[Nexus5K LH optic]---trunk---[Cisco 4510 - SVI-VLAN x]

We have two circuits, one that is the same vendor from east to west, and the 
other circuit is a two vendor deal. Both circuits are 1 Gbps with around 67-70 
ms delay.

As soon as we had the links turned up, our SAN guy started complaining about 
poor throughput, asking us to throw in a couple of wan accelerators.
He was seeing a max throughput of around ~200 Mbps.

Question: For a long haul 1 Gbps link with 67-70 ms delay, would  installing a 
pair of wan accelerators make a big difference? 

Thanks,
-Petter Bruland

Re: Cross country point to point link question

[Daniel Rohan]

Hi Petter,

Do you know if your SAN guy has already done the appropriate TCP window
size modifications to fill the pipe up?

Regardless, I am using WAN optimizers to do iSCSI storage replication
across a 230-320 ms 300 Mb shared pipe and have been extremely pleased with
the results. And the compression and caching works great. Of course, YMMV
depending on the nature of the payloads.

I wouldn't go as far as saying you need permission from your storage vendor
to do it, but you should at least ask if the data is encrypted or
compressed during native replication sessions. If yes (and if there is no
way to turn that off), then a WOC won't do you much good at all, as the
only major trick they'd have left is some TCP optimization, which of course
you can mostly do for free.

Feel free to contact me off list if you want to discuss particulars.

Best,

Dan



On Thu, Apr 18, 2013 at 7:20 PM, Petter Bruland 
petter.brul...@allegiantair.com wrote:

 Question for someone with some experience with long haul links (Las Vegas
 -- New Jersey)

 [Cisco 4510 - SVI-VLAN x]---trunk---[Nexus5K LH optic]===fiber==={carriers
 across country}===fiber===[Nexus5K LH optic]---trunk---[Cisco 4510 -
 SVI-VLAN x]

 We have two circuits, one that is the same vendor from east to west, and
 the other circuit is a two vendor deal. Both circuits are 1 Gbps with
 around 67-70 ms delay.

 As soon as we had the links turned up, our SAN guy started complaining
 about poor throughput, asking us to throw in a couple of wan accelerators.
 He was seeing a max throughput of around ~200 Mbps.

 Question: For a long haul 1 Gbps link with 67-70 ms delay, would
  installing a pair of wan accelerators make a big difference?

 Thanks,
 -Petter Bruland

RE: Cross country point to point link question :: THANKS

[Petter Bruland]

Thanks everyone, I've gotten a lot of pointers off-list, and I have a good idea 
of our next few steps of verification.

-Petter

-Original Message-
From: Petter Bruland [mailto:petter.brul...@allegiantair.com] 
Sent: Thursday, April 18, 2013 9:20 AM
To: nanog@nanog.org
Subject: Cross country point to point link question

Question for someone with some experience with long haul links (Las Vegas -- 
New Jersey)

[Cisco 4510 - SVI-VLAN x]---trunk---[Nexus5K LH optic]===fiber==={carriers 
across country}===fiber===[Nexus5K LH optic]---trunk---[Cisco 4510 - SVI-VLAN x]

We have two circuits, one that is the same vendor from east to west, and the 
other circuit is a two vendor deal. Both circuits are 1 Gbps with around 67-70 
ms delay.

As soon as we had the links turned up, our SAN guy started complaining about 
poor throughput, asking us to throw in a couple of wan accelerators.
He was seeing a max throughput of around ~200 Mbps.

Question: For a long haul 1 Gbps link with 67-70 ms delay, would  installing a 
pair of wan accelerators make a big difference? 

Thanks,
-Petter Bruland

DNS Track at NANOG 58

[Mehmet Akcin]

Greetings folks

Once again we will have DNS Track in NANOG.

There has been lots of recent DNS related discussions going on in many e-mail 
lists and I am quite sure there will be many great DNS talks in NANOG 58 just 
like in previous NANOGs.

DNS Track's goal is to bring together the audience who doesn't necessarily want 
to know all the details of a topic but would like to spend 90 mins listening 
quick updates from various DNS related subjects and get some crucial 
information and updates.

If you are interested in talking/presenting in the DNS Track and/or want to 
help me organize this Track in any way, please contact me off-list. Hopefully 
we can inform those who do NOT spend much time dealing with DNS about some 
topics they were not aware.

Once I know the details of the agenda such as time and date of the track, 
topics that will be covered, i will share this with you.

Mehmet

SI6 Networks' IPv6 Toolkit v1.3.4 released!

[Fernando Gont]

Folks,

We have just released SI6 Networks' IPv6 Toolkit v1.3.4: a
security assessment and troubleshooting toolkit for the IPv6 protocol
suite.

The toolkit is available at:
http://www.si6networks.com/tools/ipv6toolkit, where you can find a
the usual tarball, a GPG-signed version of it, a link to the toolkit's
GIT repository, etc.

This release features:

   * IPv6-host tracking support in the scan6 tool.

   * A new tool, address6, to analyze IPv6 addresses

   * Minor bug fixes

The toolkit runs on (at least) the latest versions of Linux, FreeBSD,
NetBSD, OpenBSD, and MacOS.

Please send any bug reports and/or feature requests to
fg...@si6networks.com.

As always, you can get the latest news on IPv6 security research and
tools by following us on Twitter: @SI6Networks.

And if you're into IPv6 hacking, please consider joining the
ipv6hackers mailing list:
http://www.si6networks.com/community/mailing-lists.html.

Thanks!

Best regards,
-- 
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint:  31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492





-- 
Fernando Gont
e-mail: ferna...@gont.com.ar || fg...@si6networks.com
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1

clueful colo hands in Cincinnati

[Jo Rhett]

$DAYJOB is in need of some clueful hands at a colocation in Cincinnati to 
regain IPMI access to some boxes there. Colo firm has no hands of any sort. Any 
clueful hands we can hire?

Respond offline, please.

-- 
Jo Rhett
Net Consonance : net philanthropy to improve open source and internet projects.

Author of Instant Puppet 3 Starter: 
http://www.netconsonance.com/instant-puppet-3-starter-book/