Re: DDOS solution recommendation
another option would be a service offered by https://www.neustar.biz/services/ddos-protection On Fri, Jan 9, 2015 at 10:41 AM, Pavel Odintsov pavel.odint...@gmail.com wrote: I could suggest Voxility.com because they have very good network and can defense any protocol. And I can recommend qrator.net as best solution agains http/https attacks. We use they for 2 years and got only positive feedback. And if you need only ability to reroute to antiddos cloud/blackhole specific IP you could try my open source tool FastNetMon: https://github.com/FastVPSEestiOu/fastnetmon Thank you! On Thu, Jan 8, 2015 at 8:11 PM, Mel Beckman m...@beckman.org wrote: BlackLotus.com looks very good, with GRE tunneling and sensible provider level pricing. -mel via cell On Jan 8, 2015, at 9:06 AM, Manuel Marín m...@transtelco.net wrote: Nanog group I was wondering what are are using for DDOS protection in your networks. We are currently evaluating different options (Arbor, Radware, NSFocus, RioRey) and I would like to know if someone is using the cloud based solutions/scrubbing centers like Imperva, Prolexic, etc and what are the advantages/disadvantages of using a cloud base vs an on-premise solution. It would be great if you can share your experience on this matter. Thank you -- Sincerely yours, Pavel Odintsov -- Thanks, Amit.
Re: DDOS solution recommendation
I could suggest Voxility.com because they have very good network and can defense any protocol. And I can recommend qrator.net as best solution agains http/https attacks. We use they for 2 years and got only positive feedback. And if you need only ability to reroute to antiddos cloud/blackhole specific IP you could try my open source tool FastNetMon: https://github.com/FastVPSEestiOu/fastnetmon Thank you! On Thu, Jan 8, 2015 at 8:11 PM, Mel Beckman m...@beckman.org wrote: BlackLotus.com looks very good, with GRE tunneling and sensible provider level pricing. -mel via cell On Jan 8, 2015, at 9:06 AM, Manuel Marín m...@transtelco.net wrote: Nanog group I was wondering what are are using for DDOS protection in your networks. We are currently evaluating different options (Arbor, Radware, NSFocus, RioRey) and I would like to know if someone is using the cloud based solutions/scrubbing centers like Imperva, Prolexic, etc and what are the advantages/disadvantages of using a cloud base vs an on-premise solution. It would be great if you can share your experience on this matter. Thank you -- Sincerely yours, Pavel Odintsov
Re: IPv6 survey (JANOG 35 IPv6 session)
Just a reminder. The fill-out deadline of the survey is 14:59 Fri 9 Jan [UTC]. https://www.janog.gr.jp/meeting/janog35/program/ipv6/ipv6_form_en/ Looking forward to hearing from you! Thanks in advance. Masataka, * On Thu, 25 Dec 2014 17:46:27 +0900 * MAWATARI Masataka mawat...@jpix.ad.jp wrote: Hi all, JANOG will have a session Why don't we want to deploy IPv6? in JANOG 35 meeting next month. It will focus on IPv6 deployment of the contents providers in Japan. To help us make this session better, we carry out a questionnaire survey to the service providers. It would be great if you could fill out the following questionnaire: https://www.janog.gr.jp/meeting/janog35/program/ipv6/ipv6_form_en/ Your co-operation will be appreciated. We will make a good use out of the survey information in order to improve this session. We'll update you with more details about JANOG 35 meeting through the following page. http://www.janog.gr.jp/en/index.php?JANOG35_Meeting Happy Holidays! -- Japan Internet Exchange MAWATARI Masataka mawat...@jpix.ad.jp
Weekly Routing Table Report
This is an automated weekly mailing describing the state of the Internet Routing Table as seen from APNIC's router in Japan. The posting is sent to APOPS, NANOG, AfNOG, AusNOG, SANOG, PacNOG, CaribNOG and the RIPE Routing Working Group. Daily listings are sent to bgp-st...@lists.apnic.net For historical data, please see http://thyme.rand.apnic.net. If you have any comments please contact Philip Smith pfsi...@gmail.com. Routing Table Report 04:00 +10GMT Sat 10 Jan, 2015 Report Website: http://thyme.rand.apnic.net Detailed Analysis: http://thyme.rand.apnic.net/current/ Analysis Summary BGP routing table entries examined: 525347 Prefixes after maximum aggregation (per Origin AS): 201896 Deaggregation factor: 2.60 Unique aggregates announced (without unneeded subnets): 256875 Total ASes present in the Internet Routing Table: 49026 Prefixes per ASN: 10.72 Origin-only ASes present in the Internet Routing Table: 36384 Origin ASes announcing only one prefix: 16299 Transit ASes present in the Internet Routing Table:6209 Transit-only ASes present in the Internet Routing Table:173 Average AS path length visible in the Internet Routing Table: 4.5 Max AS path length visible: 107 Max AS path prepend of ASN ( 55644) 100 Prefixes from unregistered ASNs in the Routing Table: 1623 Unregistered ASNs in the Routing Table: 422 Number of 32-bit ASNs allocated by the RIRs: 8322 Number of 32-bit ASNs visible in the Routing Table:6433 Prefixes from 32-bit ASNs in the Routing Table: 23156 Number of bogon 32-bit ASNs visible in the Routing Table:11 Special use prefixes present in the Routing Table:0 Prefixes being announced from unallocated address space:401 Number of addresses announced to Internet: 2719145860 Equivalent to 162 /8s, 18 /16s and 223 /24s Percentage of available address space announced: 73.4 Percentage of allocated address space announced: 73.4 Percentage of available address space allocated: 100.0 Percentage of address space in use by end-sites: 97.1 Total number of prefixes smaller than registry allocations: 176964 APNIC Region Analysis Summary - Prefixes being announced by APNIC Region ASes: 130059 Total APNIC prefixes after maximum aggregation: 37934 APNIC Deaggregation factor:3.43 Prefixes being announced from the APNIC address blocks: 134952 Unique aggregates announced from the APNIC address blocks:55075 APNIC Region origin ASes present in the Internet Routing Table:5010 APNIC Prefixes per ASN: 26.94 APNIC Region origin ASes announcing only one prefix: 1218 APNIC Region transit ASes present in the Internet Routing Table:861 Average APNIC Region AS path length visible:4.5 Max APNIC Region AS path length visible:107 Number of APNIC region 32-bit ASNs visible in the Routing Table: 1241 Number of APNIC addresses announced to Internet: 740849792 Equivalent to 44 /8s, 40 /16s and 120 /24s Percentage of available APNIC address space announced: 86.6 APNIC AS Blocks4608-4864, 7467-7722, 9216-10239, 17408-18431 (pre-ERX allocations) 23552-24575, 37888-38911, 45056-46079, 55296-56319, 58368-59391, 63488-64098, 131072-135580 APNIC Address Blocks 1/8, 14/8, 27/8, 36/8, 39/8, 42/8, 43/8, 49/8, 58/8, 59/8, 60/8, 61/8, 101/8, 103/8, 106/8, 110/8, 111/8, 112/8, 113/8, 114/8, 115/8, 116/8, 117/8, 118/8, 119/8, 120/8, 121/8, 122/8, 123/8, 124/8, 125/8, 126/8, 133/8, 150/8, 153/8, 163/8, 171/8, 175/8, 180/8, 182/8, 183/8, 202/8, 203/8, 210/8, 211/8, 218/8, 219/8, 220/8, 221/8, 222/8, 223/8, ARIN Region Analysis Summary Prefixes being announced by ARIN Region ASes:174417 Total ARIN prefixes after maximum aggregation:86316 ARIN Deaggregation factor: 2.02 Prefixes being announced from the ARIN address blocks: 176340 Unique aggregates announced from the ARIN address blocks: 82430 ARIN Region origin ASes present in the Internet Routing Table:16418 ARIN Prefixes per
The Cidr Report
This report has been generated at Fri Jan 9 21:14:22 2015 AEST. The report analyses the BGP Routing Table of AS2.0 router and generates a report on aggregation potential within the table. Check http://www.cidr-report.org/2.0 for a current version of this report. Recent Table History Date PrefixesCIDR Agg 02-01-15529540 291853 03-01-15529526 292022 04-01-15529679 292063 05-01-15531171 291938 06-01-15529585 292403 07-01-15530471 292497 08-01-15530416 292577 09-01-15530957 293031 AS Summary 49289 Number of ASes in routing system 19772 Number of ASes announcing only one prefix 3055 Largest number of prefixes announced by an AS AS10620: Telmex Colombia S.A.,CO 120393216 Largest address span announced by an AS (/32s) AS4134 : CHINANET-BACKBONE No.31,Jin-rong Street,CN Aggregation Summary The algorithm used in this report proposes aggregation only when there is a precise match using the AS path, so as to preserve traffic transit policies. Aggregation is also proposed across non-advertised address space ('holes'). --- 09Jan15 --- ASnumNetsNow NetsAggr NetGain % Gain Description Table 530925 292944 23798144.8% All ASes AS6389 2890 69 282197.6% BELLSOUTH-NET-BLK - BellSouth.net Inc.,US AS22773 2933 172 276194.1% ASN-CXA-ALL-CCI-22773-RDC - Cox Communications Inc.,US AS17974 2825 77 274897.3% TELKOMNET-AS2-AP PT Telekomunikasi Indonesia,ID AS28573 2317 309 200886.7% NET Serviços de Comunicação S.A.,BR AS4755 1930 284 164685.3% TATACOMM-AS TATA Communications formerly VSNL is Leading ISP,IN AS6147 1790 159 163191.1% Telefonica del Peru S.A.A.,PE AS4766 2915 1290 162555.7% KIXS-AS-KR Korea Telecom,KR AS7303 1771 288 148383.7% Telecom Argentina S.A.,AR AS9808 1522 56 146696.3% CMNET-GD Guangdong Mobile Communication Co.Ltd.,CN AS10620 3055 1598 145747.7% Telmex Colombia S.A.,CO AS8402 1424 26 139898.2% CORBINA-AS OJSC Vimpelcom,RU AS20115 1855 531 132471.4% CHARTER-NET-HKY-NC - Charter Communications,US AS7545 2507 1269 123849.4% TPG-INTERNET-AP TPG Telecom Limited,AU AS4323 1630 410 122074.8% TWTC - tw telecom holdings, inc.,US AS9498 1300 111 118991.5% BBIL-AP BHARTI Airtel Ltd.,IN AS18566 2041 868 117357.5% MEGAPATH5-US - MegaPath Corporation,US AS22561 1339 269 107079.9% AS22561 - CenturyTel Internet Holdings, Inc.,US AS7552 1118 49 106995.6% VIETEL-AS-AP Viettel Corporation,VN AS34984 1933 871 106254.9% TELLCOM-AS TELLCOM ILETISIM HIZMETLERI A.S.,TR AS3356 2561 1507 105441.2% LEVEL3 - Level 3 Communications, Inc.,US AS6983 1627 634 99361.0% ITCDELTA - Earthlink, Inc.,US AS7738 1000 84 91691.6% Telemar Norte Leste S.A.,BR AS38285 983 113 87088.5% M2TELECOMMUNICATIONS-AU M2 Telecommunications Group Ltd,AU AS4538 1775 908 86748.8% ERX-CERNET-BKB China Education and Research Network Center,CN AS31148 1045 190 85581.8% FREENET-AS Freenet Ltd.,UA AS24560 1192 375 81768.5% AIRTELBROADBAND-AS-AP Bharti Airtel Ltd., Telemedia Services,IN AS8151 1491 702 78952.9% Uninet S.A. de C.V.,MX AS18881 856 82 77490.4% Global Village Telecom,BR AS26615 913 139 77484.8% Tim Celular S.A.,BR AS18101 954 193 76179.8% RELIANCE-COMMUNICATIONS-IN Reliance Communications
BGP Update Report
BGP Update Report Interval: 01-Jan-15 -to- 08-Jan-15 (7 days) Observation Point: BGP Peering with AS131072 TOP 20 Unstable Origin AS Rank ASNUpds % Upds/PfxAS-Name 1 - AS23752 307612 8.3%4961.5 -- NPTELECOM-NP-AS Nepal Telecommunications Corporation, Internet Services,NP 2 - AS9829 154142 4.2% 132.7 -- BSNL-NIB National Internet Backbone,IN 3 - AS919896119 2.6% 111.4 -- KAZTELECOM-AS JSC Kazakhtelecom,KZ 4 - AS22047 90559 2.5% 22.8 -- VTR BANDA ANCHA S.A.,CL 5 - AS53249 79167 2.1% 39583.5 -- LAWA-AS - Los Angeles World Airport,US 6 - AS45899 56209 1.5% 75.1 -- VNPT-AS-VN VNPT Corp,VN 7 - AS3 47332 1.3%1306.0 -- MIT-GATEWAYS - Massachusetts Institute of Technology,US 8 - AS36925 32106 0.9% 406.4 -- ASMedi,MA 9 - AS381628309 0.8% 59.3 -- COLOMBIA TELECOMUNICACIONES S.A. ESP,CO 10 - AS28024 27536 0.8% 18.0 -- Nuevatel PCS de Bolivia S.A.,BO 11 - AS10620 25849 0.7% 17.2 -- Telmex Colombia S.A.,CO 12 - AS17099 25513 0.7%2126.1 -- CALLIS-COMMUNICATIONS-AS - Callis Communications,US 13 - AS64512 25478 0.7%1959.8 -- -Private Use AS-,ZZ 14 - AS60725 23227 0.6%7742.3 -- O3B-AS O3b Limited,JE 15 - AS23342 21941 0.6% 10970.5 -- UNITEDLAYER - Unitedlayer, Inc.,US 16 - AS903821689 0.6% 380.5 -- BAT-AS9038 Batelco Jordan,JO 17 - AS755221440 0.6% 19.1 -- VIETEL-AS-AP Viettel Corporation,VN 18 - AS11054 20834 0.6% 672.1 -- LIVEPERSON - LivePerson, Inc.,US 19 - AS12066 20353 0.6% 142.3 -- TRICOM,DO 20 - AS48159 20260 0.6% 70.3 -- TIC-AS Telecommunication Infrastructure Company,IR TOP 20 Unstable Origin AS (Updates per announced prefix) Rank ASNUpds % Upds/PfxAS-Name 1 - AS3 47332 1.3%1306.0 -- MIT-GATEWAYS - Massachusetts Institute of Technology,US 2 - AS53249 79167 2.1% 39583.5 -- LAWA-AS - Los Angeles World Airport,US 3 - AS61039 13973 0.4% 13973.0 -- ZMZ OAO ZMZ,RU 4 - AS23342 21941 0.6% 10970.5 -- UNITEDLAYER - Unitedlayer, Inc.,US 5 - AS662910519 0.3% 10519.0 -- NOAA-AS - NOAA,US 6 - AS181358855 0.2%8855.0 -- BTV BTV Cable television,JP 7 - AS544658162 0.2%8162.0 -- QPM-AS-1 - QuickPlay Media Inc.,US 8 - AS60725 23227 0.6%7742.3 -- O3B-AS O3b Limited,JE 9 - AS582525054 0.1%5054.0 -- ASN-RINGLOUD Netuity Limited,GB 10 - AS23752 307612 8.3%4961.5 -- NPTELECOM-NP-AS Nepal Telecommunications Corporation, Internet Services,NP 11 - AS621744956 0.1%4956.0 -- INTERPAN-AS INTERPAN LTD.,BG 12 - AS33721 0.1%.0 -- CCL-ASN2 - CARNIVAL CRUISE LINES,US 13 - AS588443193 0.1%3193.0 -- OFIDC Guangdong Aofei Data Technology Co., Ltd.,CN 14 - AS219342754 0.1%2754.0 -- VITAC - VITAC Corporation,US 15 - AS117282428 0.1%2428.0 -- INTERNETXT - Internet Exchange Technology, Inc.,US 16 - AS272504384 0.1%2192.0 -- FNCINC - FNC INC,US 17 - AS32134 0.1%1445.0 -- MIT-GATEWAYS - Massachusetts Institute of Technology,US 18 - AS17099 25513 0.7%2126.1 -- CALLIS-COMMUNICATIONS-AS - Callis Communications,US 19 - AS125214202 0.1%2101.0 -- NOVA_INTERNET_AS12521 Nova Internet Network,ES 20 - AS116132047 0.1%2047.0 -- U-SAVE - U-Save Auto Rental of America, Inc.,US TOP 20 Unstable Prefixes Rank Prefix Upds % Origin AS -- AS Name 1 - 202.70.64.0/21 154317 4.0% AS23752 -- NPTELECOM-NP-AS Nepal Telecommunications Corporation, Internet Services,NP 2 - 202.70.88.0/21 152907 4.0% AS23752 -- NPTELECOM-NP-AS Nepal Telecommunications Corporation, Internet Services,NP 3 - 130.0.192.0/2147332 1.2% AS3 -- MIT-GATEWAYS - Massachusetts Institute of Technology,US 4 - 198.140.114.0/24 39606 1.0% AS53249 -- LAWA-AS - Los Angeles World Airport,US 5 - 198.140.115.0/24 39561 1.0% AS53249 -- LAWA-AS - Los Angeles World Airport,US 6 - 64.29.130.0/2421938 0.6% AS23342 -- UNITEDLAYER - Unitedlayer, Inc.,US 7 - 192.115.44.0/22 19452 0.5% AS25003 -- INTERNET_BINAT Internet Binat Ltd,IL 8 - 182.50.246.0/24 17920 0.5% AS45786 -- HTSNET-AS-ID HTSNET - ISP,ID AS65001 -- -Private Use AS-,ZZ AS65534 -- -Private Use AS-,ZZ 9 - 91.235.169.0/24 13973 0.4% AS61039 -- ZMZ OAO ZMZ,RU 10 - 162.249.183.0/24 11811 0.3% AS60725 -- O3B-AS O3b Limited,JE 11 - 185.26.155.0/24 11409 0.3% AS60725 -- O3B-AS O3b Limited,JE 12 - 192.58.232.0/24 10519 0.3% AS6629 -- NOAA-AS - NOAA,US 13 - 88.87.160.0/19
Join us for the NANOG 63 BCOP Track!
Hello NANOG, This is a friendly notification of the BCOP Track to be held at NANOG 63 in San Antonio. We’d (the BCOP Committee) like to invite you to come participate at our track. Participation can take (at least) two forms: 1) Come present your idea for a BCOP! Do you have a question that needs answered about the current operational practice for some portion of your network? Or maybe you have some insight to share about how something is best done? Remember that there are no dumb questions here and no BCOP is too basic or too simple. The things that you take for granted as common sense are new information for many other network engineers all around the world. Come tell us the question you’d love to have answered, or the practice you’d love to see spread! 2) Come observe, and provide feedback. There are currently 4 active NANOG-BCOP drafts: Public Peering Exchange Participant - http://bcop.nanog.org/index.php/Public_Peering_Exchange_Participant_BCOP_v0 Ethernet OAM - http://bcop.nanog.org/images/b/b0/BCOP-Ethernet_OAM-1_v_0.1.5.docx DDoS/DoS Attack - http://bcop.nanog.org/images/e/e2/BCOP-DoS-attack-appeal.docx eBGP Configuration - http://bcop.nanog.org/index.php/EBGP_Configuration_BCOP_v0.1 We will be discussing all of these documents, including considering moving some of them forward for last call and ultimately, publication as community vetted BCOPs! So, come vet them. ;-) We will likely also be discussing the Anti-Spoofing BCOP draft that is set to come out of security community stealth mode any day now. I hope to see many of you at the NANOG 63 BCOP Track in just a few short weeks! Cheers, ~Chris PS - to stay up to date on all things NANOG-BCOP, join our mailing list: http://mailman.nanog.org/mailman/listinfo/bcop PPS - you can also reach the entire commity for questions at: bcop-supp...@nanog.org -- @ChrisGrundemann http://chrisgrundemann.com