Re: LACP Frames / Level3 Transport
Tue, May 24, 2016 at 12:39:03PM +, Nevin Gonsalves wrote: > I just had to sit and trace all the cables to make sure the tx/rx > lined up for the right circuits as well as hitting the right patch > panel ports. Once all that got aligned nicely things started working > magically. Yep, ports in an "up" state, but LACP not working is the sign of bad cabling: had been hit by this overnight once when I was preparing to leave the facilities next day for conference, but ought to make 10G for the new servers working. Took around 1/2 hour to sense what happened at that time (tx was going to, say, port A and rx -- to port B, but overall all ports were receiving tx and rx) and 3 hours for rewiring and swearing: probably I am more skilled in the former than in the latter ;) Thought that you had checked this in the first place; my bad. Thanks for sharing! -- Eygene Ryabinkin, National Research Centre "Kurchatov Institute" Always code as if the guy who ends up maintaining your code will be a violent psychopath who knows where you live.
Re: LACP Frames / Level3 Transport
On 25/May/16 00:14, Eric Kuhnke wrote: > Or a very reckless oversubscription ratio and misjudgment of the customer, > example, if a provider had 2 x 100GbE capacity between two locations and > sold a customer a 100GbE EoMPLS transport circuit from A to Z, based on the > mistaken idea of "Well these guys probably aren't going to peak more than > 35Gbps of traffic at any time in the near future". Frightening. Yeah, I wouldn't do that. Easier and cheaper to deliver the circuit over EoDWDM if you can't reserve enough capacity in the backbone. You could get away with it by doing an N x 100Gbps LAG, but EoMPLS traffic may or may not load balance well, depending on platform and payload. Mark.
Re: Network traffic simulator
On 5/24/16 05:17, Mitchell Lewis wrote: Hi,I am looking to validate the performance specs of a core router. I am looking for a network traffic simulator which can simulate 40 gbps of traffic. I am looking for a simulator with sfp+ ports. I am interested in any input as to brands to look at, build one myself etc. If you want DYI check out http://osnt.org/ Thanks,Mitchell
Re: Network traffic simulator
If this is a one time thing, you're probably better off renting an Ixia or Spirent device. If you find yourself doing this a few times a year, might be worth investing in one. Not only for just throughput testing but spamming packets for testing DoS, testing convergence times of routing protocols, generating complex topology routing updates, etc. On Tue, May 24, 2016 at 6:25 PM, James Bensley wrote: > On 24 May 2016 at 13:17, Mitchell Lewis > wrote: > > Hi,I am looking to validate the performance specs of a core router. I am > looking for a network traffic simulator which can simulate 40 gbps of > traffic. I am looking for a simulator with sfp+ ports. > > I am interested in any input as to brands to look at, build one myself > etc. > > Thanks,Mitchell > > COTS hardware is cheap enough, TRex should do what you want: > > http://trex-tgn.cisco.com/ > > Cheers, > James. > -- Just my $.02, your mileage may vary, batteries not included, etc
Re: Network traffic simulator
On 24 May 2016 at 13:17, Mitchell Lewis wrote: > Hi,I am looking to validate the performance specs of a core router. I am > looking for a network traffic simulator which can simulate 40 gbps of > traffic. I am looking for a simulator with sfp+ ports. > I am interested in any input as to brands to look at, build one myself etc. > Thanks,Mitchell COTS hardware is cheap enough, TRex should do what you want: http://trex-tgn.cisco.com/ Cheers, James.
Re: LACP Frames / Level3 Transport
Or a very reckless oversubscription ratio and misjudgment of the customer, example, if a provider had 2 x 100GbE capacity between two locations and sold a customer a 100GbE EoMPLS transport circuit from A to Z, based on the mistaken idea of "Well these guys probably aren't going to peak more than 35Gbps of traffic at any time in the near future". Frightening. On Tue, May 24, 2016 at 2:38 PM, Mark Tinka wrote: > > > On 24/May/16 06:29, Rob Laidlaw wrote: > > > Yes. Many vendors are using l2vpn/pseudo-wire services of one sort or > > another to provide circuits and most do not transport LACP by default. > > To the OP's case, commercially, I'd find it interesting to transport a > 100Gbps circuit as EoMPLS rather than EoDWDM, considering the amount of > bandwidth one would need to throw at an IP/MPLS network to transport > 100Gbps effectively... > > Mark. >
Re: Network traffic simulator
I've used Spirent in the past. They do a hardware option, as well as a VM. Lots of things supported like BGP, and PPP. Regards, Dave On 24 May 2016 at 21:31, Jason Lixfeld wrote: > I’m in the process of building a box using MoonGen [1] and a supported > Intel 82599 6 port SFP+ NIC [2] that is coming in at just under US$3800 > all-in. Supposed to be able to drive at least the entire card at line rate > for that price and have enough CPU and memory slots free to fill the box up > with as many of these NICs as it will take if need be. > > [1] https://github.com/emmericp/MoonGen > [2] > http://www.interfacemasters.com/index.php?option=com_content&view=article&id=153&Itemid=103 > > > On May 24, 2016, at 8:17 AM, Mitchell Lewis > wrote: > > > > Hi,I am looking to validate the performance specs of a core router. I am > looking for a network traffic simulator which can simulate 40 gbps of > traffic. I am looking for a simulator with sfp+ ports. > > I am interested in any input as to brands to look at, build one myself > etc. > > Thanks,Mitchell > >
Re: LACP Frames / Level3 Transport
On 24/May/16 06:29, Rob Laidlaw wrote: > Yes. Many vendors are using l2vpn/pseudo-wire services of one sort or > another to provide circuits and most do not transport LACP by default. To the OP's case, commercially, I'd find it interesting to transport a 100Gbps circuit as EoMPLS rather than EoDWDM, considering the amount of bandwidth one would need to throw at an IP/MPLS network to transport 100Gbps effectively... Mark.
Re: Network traffic simulator
I’m in the process of building a box using MoonGen [1] and a supported Intel 82599 6 port SFP+ NIC [2] that is coming in at just under US$3800 all-in. Supposed to be able to drive at least the entire card at line rate for that price and have enough CPU and memory slots free to fill the box up with as many of these NICs as it will take if need be. [1] https://github.com/emmericp/MoonGen [2] http://www.interfacemasters.com/index.php?option=com_content&view=article&id=153&Itemid=103 > On May 24, 2016, at 8:17 AM, Mitchell Lewis > wrote: > > Hi,I am looking to validate the performance specs of a core router. I am > looking for a network traffic simulator which can simulate 40 gbps of > traffic. I am looking for a simulator with sfp+ ports. > I am interested in any input as to brands to look at, build one myself etc. > Thanks,Mitchell
RE: Network traffic simulator
Siama also does this. I don't own any. But I've used them with some of my customers. http://siamasystems.com/?page_id=2280 Regards, Ray Orsini – CEO Orsini IT, LLC – Technology Consultants VOICE DATA BANDWIDTH SECURITY SUPPORT P: 305.967.6756 x1009 E: r...@orsiniit.com TF: 844.OIT.VOIP 7900 NW 155th Street, Suite 103, Miami Lakes, FL 33016 http://www.orsiniit.com | View My Calendar | View/Pay Your Invoices | View Your Tickets -Original Message- From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Josh Luthman Sent: Tuesday, May 24, 2016 4:05 PM To: Mitchell Lewis Cc: NANOG Subject: Re: Network traffic simulator IXIA would be the only company I know of. Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, May 24, 2016 at 8:17 AM, Mitchell Lewis wrote: > Hi,I am looking to validate the performance specs of a core router. I > am looking for a network traffic simulator which can simulate 40 gbps > of traffic. I am looking for a simulator with sfp+ ports. > I am interested in any input as to brands to look at, build one myself > etc. > Thanks,Mitchell
Re: Network traffic simulator
IXIA would be the only company I know of. Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Tue, May 24, 2016 at 8:17 AM, Mitchell Lewis wrote: > Hi,I am looking to validate the performance specs of a core router. I am > looking for a network traffic simulator which can simulate 40 gbps of > traffic. I am looking for a simulator with sfp+ ports. > I am interested in any input as to brands to look at, build one myself etc. > Thanks,Mitchell
Re: Network traffic simulator
We are heavily invested in Ixia, they are very expensive, but if you need the kind of precision they provide they work very well. *Spencer Ryan* | Senior Systems Administrator | sr...@arbor.net *Arbor Networks* +1.734.794.5033 (d) | +1.734.846.2053 (m) www.arbornetworks.com On Tue, May 24, 2016 at 8:17 AM, Mitchell Lewis wrote: > Hi,I am looking to validate the performance specs of a core router. I am > looking for a network traffic simulator which can simulate 40 gbps of > traffic. I am looking for a simulator with sfp+ ports. > I am interested in any input as to brands to look at, build one myself etc. > Thanks,Mitchell
Network traffic simulator
Hi,I am looking to validate the performance specs of a core router. I am looking for a network traffic simulator which can simulate 40 gbps of traffic. I am looking for a simulator with sfp+ ports. I am interested in any input as to brands to look at, build one myself etc. Thanks,Mitchell
Re: LACP Frames / Level3 Transport
Yes. Many vendors are using l2vpn/pseudo-wire services of one sort or another to provide circuits and most do not transport LACP by default. LACP uses slow-protocols address: https://wiki.wireshark.org/LinkAggregationControlProtocol If they are using ALU gear, they can enable this using the port command: configure port ethernet lacp-tunnel On Tue, May 24, 2016 at 12:08 AM Colton Conor wrote: > What is performing the LACP? The Level3 transport system for the most part > is purley optical, so I don't think it touches LACP. Did you check the hash > values? > > On Sun, May 22, 2016 at 2:55 PM, Nevin Gonsalves via NANOG < > nanog@nanog.org> > wrote: > > > Hi Nanog-ers, > > Hoping someone may have come across a similar issue. Has anyone ever seen > > a situation where maybe like a Level3 transport system could be possibly > > dropping LACP frames..? > > End point A - tx and rx counts incrementing for LACP > > LACP info:Role System System PortPort > > Port priority identifier priority > > number key et-0/0/0.0 Actor127 5c:45:27:6d:2a:c0 > > 127 5616 et-0/0/0.0 Partner 1 > 00:00:00:00:00:00 > > 127 5616LACP Statistics: LACP Rx LACP Tx > > Unknown Rx Illegal Rx et-0/0/0.0 6925 > 6922 > >00 > > End Point B - no RX, partner macs are 0s.. > > LACP info:Role System System PortPort > > Port priority identifier priority > > number key et-9/1/0.0 Actor127 5c:45:27:77:d6:c4 > > 127 6816 et-9/1/0.0 Partner 1 > 00:00:00:00:00:00 > > 1 6816LACP Statistics: LACP Rx LACP Tx > > Unknown Rx Illegal Rx et-9/1/0.0 06752 > >00 > > Link works fine otherwise outside the aggregate and w/o LACP. Any inputs > > will be greatly appreciated. > > thanks, > > -nevin > > >
Re: SNMP "bridging"/proxy?
Eric Kuhnke writes: > http://www.adventuresinoss.com/2009/09/30/the-many-uses-of-net-snmp/ Ha! I've never seen that article, thanks for pointing it out. Note that the performance of Net-SNMP's extensibility mechanisms should way into the decision. The fastest backend needs to be written in C, and embedded perl is an easy second. Beyond that, pass_persist is somewhere in the middle and pass/extend/other execs are the slowest because of the need to exec a command for every incoming request which is expensive. Great for bootstrapping and testing, but in the long run look to the better coding solutions. Tutorials for most of these exist: http://www.net-snmp.org/wiki/index.php/Tutorials#Coding_Tutorials [as a point of history: Net-SNMP has always been very extensible since it was started based on my need to add extensibility to an agent way back in 1995-ish in order to monitor some special cases on a map with HP OV (as it was known back then)] -- Wes Hardaker My Pictures: http://capturedonearth.com/ My Thoughts: http://blog.capturedonearth.com/
Re: Need Comcast IPv6 routing assistance please
Will get appropriate folks engaged. Thanks. -Original Message- From: NANOG on behalf of David Sotnick Date: Monday, May 23, 2016 at 1:59 PM To: "nanog@nanog.org" Subject: Need Comcast IPv6 routing assistance please Hello NANOG, Could someone from Comcast IPv6 routing team please contact me directly? I am both a business and residential comcast customer and my employer is a Level(3) HSIP customer at multiple sites. I'm seeing *consistent* 46.1% packet loss between Comcast Res/Bus services in Northern CA and Pixar (Level 3 customer) also in Northern CA. I have ticket open with Level (3) but the problem appears to be on Comcast's network. Sample trace: My traceroute [v0.85] ipv6testhost.ddv.com (::) Mon May 23 10:56:05 2016 Keys: Help Display mode Restart statistics Order of fields quit Packets Pings HostLoss% Snt Last Avg Best Wrst StDev 1. 2601:647:280:23::10.0% 4640.6 0.4 0.3 8.7 0.4 2. 2001:558:4000:3d::1 0.2% 463 13.0 10.3 8.2 27.4 2.1 3. te-0-7-0-5-sur03.sanrafael.ca.sfba.comcast.net 10.2% 4639.6 10.7 8.5 34.8 2.4 4. be-207-rar01.rohnertpr.ca.sfba.comcast.net 44.7% 463 10.6 11.7 9.4 25.9 2.1 5. he-0-18-0-0-ar01.santaclara.ca.sfba.comcast.net 51.6% 463 15.2 14.1 12.0 26.2 1.9 6. 2001:1900:4:3::439 46.0% 463 13.3 14.4 11.8 50.2 3.6 7. vl-80.edge1.SanJose1.Level3.net 44.9% 463 12.1 13.9 11.7 28.5 2.3 8. vl-4045.edge5.LosAngeles.Level3.net 45.4% 463 21.2 21.5 19.2 39.4 2.6 9. vl-4044.bar1.LasVegas1.Level3.net46.4% 463 24.9 27.7 24.4 88.3 6.8 10. vl-5.car1.LasVegas1.Level3.net 46.2% 463 104.3 46.3 24.5 318.2 48.0 11. PIXAR-ANIMA.car1.LasVegas1.Level3.net44.9% 463 27.6 27.4 25.0 37.7 2.1 12. 2620:79:0:b04d::249 45.1% 463 46.4 48.9 46.0 114.2 4.9 And pings back from Pixar: Type escape sequence to abort.Sending 500, 100-byte ICMP Echos to 2601:647:0:1900:242:DEA1:FEC9:FFAE, timeout is 2 seconds: Packet sent with a source address of 2620:79:0:B04D::249%internet.! !..!...!...!!!..!!!...!! !!!..!.!!!..!.!!.....!!! !..!!...!...!..!!..!!... !!Success rate is 90 percent (452/500), round-trip min/avg/max = 12/30/68 ms Any help really appreciated as you can imagine how painful remote access for our employees with Comcast connections into Pixar over IPv6 is right now. Many Thanks, David
Re: Need Comcast IPv6 routing assistance please
Hi John, I have been working with Courtney Smith and a fix has been implemented. Apparently a bunch of new Level(3) peering circuits were turned up on 5/15 and that's when the chronic packet loss problem started for our users. I have not been informed of the details as to what was causing such packet loss (but I would love to know), but for now the problem is resolved. FWIW, this problem doesn't appear limited to the Northern CA region, as we have users in Seattle, WA (who VPN down to Northern CA), and their packet loss issues have also been resolved. I don't see two delegated prefixes and besides wouldn't that particular issue need to be present on all our users' Comcast connections in order for them *all* to have experienced the same packet loss? I think perhaps that's a red-herring. Cheers, David On Tue, May 24, 2016 at 3:23 AM, Brzozowski, John < john_brzozow...@cable.comcast.com> wrote: > Regarding the thread: > > http://mailman.nanog.org/pipermail/nanog/2016-May/085878.html > > David, > > I looked around CA and it looks like some customers are provisioned with > two delegated IPv6 prefixes. We had an issue a week or so back that we > believe was corrected. If you wish contact me off list. > > Before we look to see if there are larger routing issue we should make > sure you have one and only one active delegated IPv6 prefix. From my end > it looks like you may have two. > > Thanks, > > John > +1-484-962-0060 > > >
Re: LACP Frames / Level3 Transport
Thanks all..! I just had to sit and trace all the cables to make sure the tx/rx lined up for the right circuits as well as hitting the right patch panel ports. Once all that got aligned nicely things started working magically. thanks,-nevin On Tuesday, May 24, 2016 2:49 AM, Eygene Ryabinkin wrote: Nevin, good day. Sun, May 22, 2016 at 07:55:31PM +, Nevin Gonsalves via NANOG wrote: > Hoping someone may have come across a similar issue. Has anyone ever > seen a situation where maybe like a Level3 transport system could be > possibly dropping LACP frames..? > End point A - tx and rx counts incrementing for LACP > LACP info: Role System System Port Port Port > priority identifier priority number > key et-0/0/0.0 Actor 127 5c:45:27:6d:2a:c0 127 > 56 16 et-0/0/0.0 Partner 1 00:00:00:00:00:00 127 > 56 16 LACP Statistics: LACP Rx LACP Tx Unknown Rx > Illegal Rx et-0/0/0.0 6925 6922 0 > 0 > End Point B - no RX, partner macs are 0s.. > LACP info: Role System System Port Port > Port priority identifier priority > number key et-9/1/0.0 Actor 127 5c:45:27:77:d6:c4 > 127 68 16 et-9/1/0.0 Partner 1 00:00:00:00:00:00 > 1 68 16 LACP Statistics: LACP Rx LACP Tx Unknown > Rx Illegal Rx et-9/1/0.0 0 6752 0 > 0 > Link works fine otherwise outside the aggregate and w/o LACP. Any > inputs will be greatly appreciated. Cisco Q-in-Q implementation in some configurations (details are blurry, since our provider turned to X-connect quite fast). Also VPLS implementation in (older) EXOS releases (Extreme Networks), https://gtacknowledge.extremenetworks.com/articles/Solution/Layer-2-Control-packets-like-STP-LACP-EDP-etc-are-not-passing-through-VPLS -- Eygene Ryabinkin, National Research Centre "Kurchatov Institute" Always code as if the guy who ends up maintaining your code will be a violent psychopath who knows where you live.
Re: PeeringDB ?
On Tue, May 24, 2016 at 12:13:18PM +0200, Marco Paesani wrote: > Whats happened today at PeeringDB web site ? And PeeringDB is back in business! http://instituut.net/~job/screenshots/2f255c17a8aa9cb99121b448.png A post-mortem will be shared on the pdb-tech@ list later today. Kind regards, Job
Re: Question on peering strategies
I disagree somewhat, without a view of how you are being hijacked there often can be no remediation. Yahoo for example provides no cloud services so you can't purchase a view of their routing by getting a VM. Jared Mauch > On May 24, 2016, at 12:29 PM, Max Tulyev wrote: > > I'm right here at RIPE 72 now, so I saw it of course ;) > > The problem is not peering itself, but more general problem of filtering > nets, and it was told in the presentation. > >> On 24.05.16 13:19, Jared Mauch wrote: >> >>> On May 24, 2016, at 6:11 AM, Max Tulyev wrote: >>> >>> If you dig into hijacking topic more, you will see that hijacks through >>> Tier1 is same or even more popular than through IXes. >> >> You may not have a view into that you’re being hijacked and used to send >> SPAM for example: >> >> https://ripe72.ripe.net/presentations/45-Invisible_Hijacking.pdf >> >> Their space was hijacked and announced facing Yahoo. I’m hoping that >> Yahoo is now feeding public route views services as a method to help >> with detection. Same goes for Microsoft and Google and other e-mail >> providers. Some sunlight here would help avoid similar localized hijacks. >> >>> And if someone want to make me a transit offer for the price of DE-CIX >>> (I do not even ask the price of DTEL-IX peering ;) ) - please, contact >>> me off-list, I will be really happy. >> >> Pricing obviously varies based on location and a few other criteria, but >> you should be shopping if this is a major part of your business. >> >> - Jared >>
Looking for a Singtel rep
Hi guys, We're after a good Singapore Telecom (AS7473) sales rep. After some IP transit in the Singapore and Hong Kong markets. Anyone have details that you wouldn't mind passing along? Much appreciated!
Re: PeeringDB ?
Hi Job, thanks for prompt replay and info. Kind regards, Marco Paesani Skype: mpaesani Mobile: +39 348 6019349 Success depends on the right choice ! Email: ma...@paesani.it 2016-05-24 12:22 GMT+02:00 Job Snijders : > Hi Marco, > > On Tue, May 24, 2016 at 12:13:18PM +0200, Marco Paesani wrote: > > Whats happened totady at PeeringDB web site ? > > We ran out of peerings, but as we speak our service provider is printing > new ones ;-) > > In all seriousness: our SP has issues with a storage array. The staff is > aware and they are hard working to restore services as soon as possible. > We'll post updates as they become available to the > pdb-t...@lists.peeringdb.com list. > > Kind regards, > > Job >
Re: Question on peering strategies
I'm right here at RIPE 72 now, so I saw it of course ;) The problem is not peering itself, but more general problem of filtering nets, and it was told in the presentation. On 24.05.16 13:19, Jared Mauch wrote: > >> On May 24, 2016, at 6:11 AM, Max Tulyev wrote: >> >> If you dig into hijacking topic more, you will see that hijacks through >> Tier1 is same or even more popular than through IXes. > > You may not have a view into that you’re being hijacked and used to send > SPAM for example: > > https://ripe72.ripe.net/presentations/45-Invisible_Hijacking.pdf > > Their space was hijacked and announced facing Yahoo. I’m hoping that > Yahoo is now feeding public route views services as a method to help > with detection. Same goes for Microsoft and Google and other e-mail > providers. Some sunlight here would help avoid similar localized hijacks. > >> And if someone want to make me a transit offer for the price of DE-CIX >> (I do not even ask the price of DTEL-IX peering ;) ) - please, contact >> me off-list, I will be really happy. > > Pricing obviously varies based on location and a few other criteria, but > you should be shopping if this is a major part of your business. > > - Jared >
RE: Need Comcast IPv6 routing assistance please
Regarding the thread: http://mailman.nanog.org/pipermail/nanog/2016-May/085878.html David, I looked around CA and it looks like some customers are provisioned with two delegated IPv6 prefixes. We had an issue a week or so back that we believe was corrected. If you wish contact me off list. Before we look to see if there are larger routing issue we should make sure you have one and only one active delegated IPv6 prefix. From my end it looks like you may have two. Thanks, John +1-484-962-0060
Re: PeeringDB ?
Hi Marco, On Tue, May 24, 2016 at 12:13:18PM +0200, Marco Paesani wrote: > Whats happened totady at PeeringDB web site ? We ran out of peerings, but as we speak our service provider is printing new ones ;-) In all seriousness: our SP has issues with a storage array. The staff is aware and they are hard working to restore services as soon as possible. We'll post updates as they become available to the pdb-t...@lists.peeringdb.com list. Kind regards, Job
Re: PeeringDB ?
https://twitter.com/PeeringDB/status/735026726053531649 Not sure it’s known yet :D Regards, Marty Strong -- CloudFlare - AS13335 Network Engineer ma...@cloudflare.com +44 7584 906 055 smartflare (Skype) http://www.peeringdb.com/view.php?asn=13335 > On 24 May 2016, at 11:13, Marco Paesani wrote: > > Whats happened totady at PeeringDB web site ? > Kind regards, > > Marco Paesani > > > Skype: mpaesani > Mobile: +39 348 6019349 > Success depends on the right choice ! > Email: ma...@paesani.it
Re: Question on peering strategies
> On May 24, 2016, at 6:11 AM, Max Tulyev wrote: > > If you dig into hijacking topic more, you will see that hijacks through > Tier1 is same or even more popular than through IXes. You may not have a view into that you’re being hijacked and used to send SPAM for example: https://ripe72.ripe.net/presentations/45-Invisible_Hijacking.pdf Their space was hijacked and announced facing Yahoo. I’m hoping that Yahoo is now feeding public route views services as a method to help with detection. Same goes for Microsoft and Google and other e-mail providers. Some sunlight here would help avoid similar localized hijacks. > And if someone want to make me a transit offer for the price of DE-CIX > (I do not even ask the price of DTEL-IX peering ;) ) - please, contact > me off-list, I will be really happy. Pricing obviously varies based on location and a few other criteria, but you should be shopping if this is a major part of your business. - Jared
PeeringDB ?
Whats happened totady at PeeringDB web site ? Kind regards, Marco Paesani Skype: mpaesani Mobile: +39 348 6019349 Success depends on the right choice ! Email: ma...@paesani.it
Re: Question on peering strategies
If you dig into hijacking topic more, you will see that hijacks through Tier1 is same or even more popular than through IXes. And if someone want to make me a transit offer for the price of DE-CIX (I do not even ask the price of DTEL-IX peering ;) ) - please, contact me off-list, I will be really happy. On 24.05.16 11:03, Jared Mauch wrote: > >> On May 16, 2016, at 4:29 PM, Baldur Norddahl >> wrote: >> >> Router ports are expensive, so even if cross connects were free, you would >> still use the public switch fabric until you reach a traffic level that >> justifies a direct connection. The point of having a IX switch is that you >> can connect to many others with just one single router port. >> > > > The cost of an IX can be quite expensive actually. If you look at the RIPE > presentations from this week, there are stealth routing hijacks that come from > promiscuous peering as well as just the flat economics of connecting with a > 10GE > or 100GE interface and the cost per gigabit you assign to the IX port. These > are flat rate ports, unlike transit that may offer you a price and commit > rates > that allow you to reach everyone vs those just at the IX. > > I’m hoping I don’t get in trouble for sharing this, but this collaboration > exists > for europe on peering costs which are normalized in euro cents per megabit. > > https://docs.google.com/spreadsheets/d/18ztPX_ysWYqEhJlf2SKQQsTNRbkwoxPSfaC6ScEZAG8/edit#gid=0 > > - Jared >
Re: LACP Frames / Level3 Transport
Nevin, good day. Sun, May 22, 2016 at 07:55:31PM +, Nevin Gonsalves via NANOG wrote: > Hoping someone may have come across a similar issue. Has anyone ever > seen a situation where maybe like a Level3 transport system could be > possibly dropping LACP frames..? > End point A - tx and rx counts incrementing for LACP > LACP info: Role System System Port Port Port > priority identifier priority number > key et-0/0/0.0 Actor 127 5c:45:27:6d:2a:c0 127 > 56 16 et-0/0/0.0 Partner 1 00:00:00:00:00:00 127 > 56 16 LACP Statistics: LACP Rx LACP Tx Unknown Rx > Illegal Rx et-0/0/0.0 6925 6922 0 > 0 > End Point B - no RX, partner macs are 0s.. > LACP info: Role System System Port Port > Port priority identifier priority > number key et-9/1/0.0 Actor 127 5c:45:27:77:d6:c4 > 127 68 16 et-9/1/0.0 Partner 1 00:00:00:00:00:00 > 1 68 16 LACP Statistics: LACP Rx LACP Tx Unknown > Rx Illegal Rx et-9/1/0.0 0 6752 0 > 0 > Link works fine otherwise outside the aggregate and w/o LACP. Any > inputs will be greatly appreciated. Cisco Q-in-Q implementation in some configurations (details are blurry, since our provider turned to X-connect quite fast). Also VPLS implementation in (older) EXOS releases (Extreme Networks), https://gtacknowledge.extremenetworks.com/articles/Solution/Layer-2-Control-packets-like-STP-LACP-EDP-etc-are-not-passing-through-VPLS -- Eygene Ryabinkin, National Research Centre "Kurchatov Institute" Always code as if the guy who ends up maintaining your code will be a violent psychopath who knows where you live.
Re: Question on peering strategies
> On May 16, 2016, at 4:29 PM, Baldur Norddahl > wrote: > > Router ports are expensive, so even if cross connects were free, you would > still use the public switch fabric until you reach a traffic level that > justifies a direct connection. The point of having a IX switch is that you > can connect to many others with just one single router port. > The cost of an IX can be quite expensive actually. If you look at the RIPE presentations from this week, there are stealth routing hijacks that come from promiscuous peering as well as just the flat economics of connecting with a 10GE or 100GE interface and the cost per gigabit you assign to the IX port. These are flat rate ports, unlike transit that may offer you a price and commit rates that allow you to reach everyone vs those just at the IX. I’m hoping I don’t get in trouble for sharing this, but this collaboration exists for europe on peering costs which are normalized in euro cents per megabit. https://docs.google.com/spreadsheets/d/18ztPX_ysWYqEhJlf2SKQQsTNRbkwoxPSfaC6ScEZAG8/edit#gid=0 - Jared
Re: Question on peering strategies
Typically you would use a private VLAN between you and another participant in order to connect to them separately from the public peering VLAN. You would do this instead of a PNI in a situation where you’re in a different building from the other participant making a direct fibre more expensive than the value it would bring. A public VLAN is essentially the peering VLAN anyway, so an all participants VLAN would be a little pointless. Perhaps a VLAN shared between a couple of members *may* be useful depending on those members’ use cases, although I can’t think of one off the top of my head. Regards, Marty Strong -- CloudFlare - AS13335 Network Engineer ma...@cloudflare.com +44 7584 906 055 smartflare (Skype) http://www.peeringdb.com/view.php?asn=13335 > On 23 May 2016, at 23:24, Ken Chase wrote: > > And what benefit is there to this 'public' vlan service? A shared vlan between > all participants (with some well organized numbering/indexing scheme)? > > TorIX (Toronto) is about to have an AGM here and this VLAN thing which has > been in the air for 3 years will certainly be brought up again. > > /kc > > > On Mon, May 23, 2016 at 07:19:03PM +0100, Marty Strong via NANOG said: >> The usefulness of an elastic fabric as far as I can see it are: >> >> - Can give you a private VLAN to some *cloud* providers that provide direct >> access to them in some other fashion than peering (assumedly for enterprises) >> - Is spread across multiple buildings across a metro area >> - Is elastic so can be divided between different services for different time >> periods >> >> In a traditional peering sense it doesn???t really offer much value. >> >> Just my two pence. >> >> Regards, >> Marty Strong > > -- > Ken Chase - Guelph Canada
