from:"Dennis Burgess"

RE: Netskrt - ISP-colo CDN

2024-04-05 Thread Dennis Burgess via NANOG

They are not a CDN themselves, they partner with CDNs etc, and focusing on live 
video streams.  For FREE, you will peer with their device and they will send 
you one prefix.  That prefix will be used by CDNs if they have provisioned your 
IPs with NetSkrt.  Live streaming video will be grabbed from Amazon and 
delvered to the NetSkrt appliance once, and then all other streams within your 
netblock will be directed to that single IP on the NetSkrt device, therefore, 
you receive one stream from the internet, and the rest of the network will get 
that same stream from that box.

Again, I have several customers doing this, seeing that its FREE, all you have 
to do is give them information on the /30 that you will assign it, your BGP 
peering information and that’s about it.  Very simple.  Honestly, unless you 
have something that will deliver that transit, its really a no brainer to just 
install it and let it run.  As more services opt to use them, they will have 
more fill time as well though…

Dennis

From: NANOG  On Behalf Of 
Aaron Gould
Sent: Thursday, April 4, 2024 6:01 PM
To: John Stitt ; Eric Dugas 
Cc: nanog@nanog.org
Subject: Re: Netskrt - ISP-colo CDN


Thanks ... that svta caching sounds interesting.  i watched the presentation, 
but don't understand how it's used by ISP's that want to benefit from it.

-Aaron
On 4/4/2024 5:14 PM, John Stitt wrote:
The website says they are part of the Streaming Video Technology Alliance.

I wonder if this is a prepackaged Open Cache box.

https://opencaching.svta.org/

We also don’t appear to have had any traffic from them.  Not much on the 
peeringdb for the USA ASN either.

BGP.tools shows they have upstreams with each ASN, and are on Ohio IX with 
AS53471, but not really any peers anywhere.  Looks like Cogent and Zayo for 
upstreams and only peer I see is AS1239 (Sprint Wireline (Cogent))

John Stitt

From: NANOG 

 On Behalf Of Aaron Gould
Sent: Thursday, April 4, 2024 4:36 PM
To: Eric Dugas 
Cc: nanog@nanog.org
Subject: Re: Netskrt - ISP-colo CDN


You don't often get email from aar...@gvtc.com. Learn 
why this is important


Thanks... they told me it was free.

-Aaron
On 4/4/2024 4:12 PM, Eric Dugas wrote:
That name rang a bell so I looked up my emails.

They contacted me last year, they were claiming to be "working with some of the 
major streaming brands, such as Amazon Prime Video, to improve the quality of 
both VOD and live streaming while also reducing the load on ISP networks such 
as your own.".

Based on my quick research, they have a few registered ASNs (their peeringdb 
page) with a few netblocks but I get 0 
traffic from them (we're a sizable eyeball network). Their origin network might 
still not be ready but digging a little bit more, it seems they act as a 
third-party video caching solution and not as an origin CDN so in the end, 
they're really just trying to sell ISPs and other types of customers their 
caching solutions.

Eric

On Thu, Apr 4, 2024 at 4:00 PM Aaron Gould 
mailto:aar...@gvtc.com>> wrote:
Anyone out there using Netskrt CDN?  I mean, installed in your network
for content delivery to your customers.  I understand Netskrt provides
caching for some well known online video streaming services... just
wondering if there are any network operators that have worked with
Netskrt and deployed their caching servers in your networks and what
have you thought about it?  What Internet uplink savings are you seeing?

Netskrt - 
https://imsva91-ctp.trendmicro.com:443/wis/clicktime/v1/query?url=https%3a%2f%2fwww.netskrt.io=0BC8F4C2-155C-0006-865C-9ACE9122981D=079c058f437b7c6303d36c6513e5e8848d0c5ac4-4155aaa63fbecd5e029360686b5937e73940ca76


--
-Aaron

--

-Aaron

CAUTION: This email originated from outside of the organization. Do not click 
links or open attachments unless you recognize the sender and know the content 
is safe. If you are not expecting this message contact the sender directly via 
phone/text to verify.


--

-Aaron

RE: DNSSEC & WIldcards

2024-03-15 Thread Dennis Burgess via NANOG

Looks like Bjorn was correct, one two many signatures ☹  Removed one and its 
all fixed!  Thanks too all that replied!!  

-Original Message-
From: Bjørn Mork  
Sent: Friday, March 15, 2024 12:59 PM
To: Dennis Burgess via NANOG 
Cc: Dennis Burgess 
Subject: Re: DNSSEC & WIldcards

Looks like your DNS server correctly queues up the RRs, but erronously believes 
it can drop data from the Authority section without setting the TC bit.

Reducing the bufsize so the answer doesn't fit makes trucation work:

bjorn@miraculix:~$ dig a www.app.linktechs.net. +dnssec +multiline +norecur 
@139.60.210.20 +bufsize=512 ;; Truncated, retrying in TCP mode.

; <<>> DiG 9.18.24-1-Debian <<>> a www.app.linktechs.net. +dnssec +multiline 
+norecur @139.60.210.20 +bufsize=512 ;; global options: +cmd ;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5946 ;; flags: qr aa; 
QUERY: 1, ANSWER: 3, AUTHORITY: 3, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 1280 ;; QUESTION SECTION:
;www.app.linktechs.net. IN A

;; ANSWER SECTION:
www.app.linktechs.net.  3600 IN A 139.60.210.81 www.app.linktechs.net.  3600 IN 
RRSIG A 8 3 3600 (
20240427232616 20240313222616 37041 
linktechs.net.
NYC/4H2VZg12vj+tiWVkEROhXwm7JkBna6RQg6LO8kXr
oosDUpGnxrgOtJYsWYbYfM58opiC1OeAbcaCB9+nctIU
grrwcpuhmvlXYLZi1n/oAmelPldnQ6Hf93HuHi4ULFsS
Qfsoo8sdfjt/YSJ4WxjmsM9LMbZ2CZPMU44a3MdftGW1
fNKmZ1fLtVreP41KmvP6b01lyUMvjrvT26Yq57DgUDTo
iqU5skT+OHzx6ERJkt3tzzwm2pBMvBWFDXC668NtouIW
s3mrhJRBuNW3xSCsroaLQ0vmdml2BqNNh7MZNc38FNMJ
eh+ts3mbMnOOkzlI1Q8gKMMCWv+VRmv2DA== ) 
www.app.linktechs.net.  3600 IN RRSIG A 8 3 3600 (
20240427232616 20240313222616 11340 
linktechs.net.
Th3OcZwOMNUb1zMdipnTnFdgFEaOGJ/VofQOTyxmnNCg
wl+1Q7eiQ89KHAWEDBisxd0S+EHu6/YBWY2srNx5q58P
XIZJ9oQXCqDLzSE884DTQNDEVrSMoKJ9slRU4N4Lj5tT
9LzbODmCM9ytRavOKXJHIddQa0MZT4p9cV8K2HI7XSFX
0rjieKFa7wDRJqhKyqrT3Rh/S93pavhKWUgN3GVO6hkI
H5F67UFpZK7o7nRlyqvM42ep5XaRZS/WJtLuXcTk/QM3
MBPTDWgJ0Bh8qpNuHDOb2XFH2I5dwjeKxuYCzeQzN1hL
gsmw3d1J2pNsYbC40jmi1bZr0bz2fDurIA== )

;; AUTHORITY SECTION:
_acme-challenge.app.linktechs.net. 1200 IN NSEC auto.linktechs.net. TXT RRSIG 
NSEC _acme-challenge.app.linktechs.net. 1200 IN RRSIG NSEC 8 4 1200 (
20240427232616 20240313222616 11340 
linktechs.net.
grjacRLmt+h5UMJkWMgrxeeY4m8kzNCokMsEFAi/10ld
2zcx7IZnB5oljSoZo2ZoqN0DEWVOrORGaU0kAcXDIwmD
89JG728W78+gikb8D+rpcSejfpAO8tRFO9saPSDY72uk
oP0Wle87oMcKmP9EXGcgsTZhd6Dld9qcAlUByGAZC/bi
SL5SDeALjpdqzXPXivP597VyJGakeEEjW0y2SmUOIDcg
6lOcSGX1QdmbaiHyAxHSjBsg4VV2Qpo2Br75xyfw3o1Z
oHMeacsAhhz5HQhtzv9DzULzmtmoA5sQn2VyBm2kcS+S
ZKpKioFnHj9BtOv3dn/F5hrQFhEInNPROw== ) 
_acme-challenge.app.linktechs.net. 1200 IN RRSIG NSEC 8 4 1200 (
20240427232616 20240313222616 37041 
linktechs.net.
bt6W5P4VDC5fs2r/lxwSnI8bhqS2MH7n67Gd2EK6+DDx
HYy9MAmSZEy2OYGg7QHamrWr2I+Bq2Og8A0bRRA5TitQ
VcWyq3b+VpXUPukg7bmXl4KRNGxdAB8NysoOT75yvPTe
Jy1baNzYv9/in6rf8VKXUrKSPUqcAsK3Sz5QHkuzzaIP
d+u5m59DAlobNi17QbRGKIQaXTtgkSHpj4rt61MMEzpB
JDXE5FRLCJ4pqQPm+DcF0ZrKoYqKv/1rYZSVbW3rY0XB
VEBDVy5MJg0YenhbVPcDM9OYh2dfvh5ZvYS6xsXZulv8
mKnjdJo7v6qAzPNvIhymghM+0Tp8INxAjw== )

;; Query time: 120 msec
;; SERVER: 139.60.210.20#53(139.60.210.20) (TCP) ;; WHEN: Fri Mar 15 18:57:20 
CET 2024 ;; MSG SIZE  rcvd: 1326


And directly using tcp also works:

bjorn@miraculix:~$ dig a www.app.linktechs.net. +dnssec +multiline +norecur 
@139.60.210.20 +vc

; <<>> DiG 9.18.24-1-Debian <<>> a www.app.linktechs.net. +dnssec +multiline 
+norecur @139.60.210.20 +vc ;; global options: +cmd ;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29513 ;; flags: qr aa; 
QUERY: 1, ANSWER: 3, AUTHORITY: 3, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 1280 ;; QUESTION SECTION:
;www.app.linktechs.net. IN A

;; ANSWER SECTION:
www.app.li

DNSSEC & WIldcards

2024-03-15 Thread Dennis Burgess via NANOG

So have *.app.linktechs.net that I have been trying to get to work, we have 
DNSSEC on this, and its failing, but cannot for the life of me understand why.  
I think it may have something to do with proving it exists as a wildcard, but 
any DNSSEC experts want to take a stab at it ?


Dennis Burgess

Help with Frontier circuits AS5650

2023-11-20 Thread Dennis Burgess

I have two frontier circuits that are not working correctly with BGP, prefixes 
that are announced are not showing in the global table etc.  Any frontier 
people can tell me where I can call to find someone that can assist.  End users 
are currently down ☹been calling numbers for the past hour, no one is 
picking up.

[LTI-Full_175px]
Dennis Burgess

Mikrotik : Trainer, Network Associate, Routing Engineer, Wireless Engineer, 
Traffic Control Engineer, Inter-Networking Engineer, Security Engineer, 
Enterprise Wireless Engineer
Hurricane Electric: IPv6 Sage Level
Cambium: ePMP

Author of "Learn RouterOS- Second Edition”
Link Technologies, Inc -- Mikrotik & WISP Support Services
Office: 314-735-0270  Website: 
http://www.linktechs.net<http://www.linktechs.net/>
Create your own Tickets via https://hd.linktechs.net
Create Wireless Coverage’s with www.towercoverage.com
Need MikroTik Cloud Management: 
https://cloud.linktechs.net<https://cloud.linktechs.net/>
Remote Winbox Service: http://rwb.linktechs.net

RE: Ford.com network admin

2023-10-30 Thread Dennis Burgess

That is what is not working.  If I go to the link from this specific prefix, it 
does not work, and I get the error I sent Becki.  

From: Brandon Jackson 
Sent: Monday, October 30, 2023 12:01 PM
To: Kain, Becki (.) 
Cc: Dennis Burgess ; NANOG list 
Subject: Re: Ford.com network admin

I get that too if I just go direct to https://login ford.com<http://ford.com>, 
but if I use the link from the homepage while it still goes to the same domain 
it appends a bunch of stuff to the end of that link and does work.
On Mon, Oct 30, 2023, 12:11 Kain, Becki (.) via NANOG 
mailto:nanog@nanog.org>> wrote:
From inside of Ford, I get this:

The resource you are looking for has been removed, had its name changed, or is 
temporarily unavailable.

From: NANOG 
mailto:ford@nanog.org>> On Behalf 
Of Dennis Burgess
Sent: Monday, October 30, 2023 12:01 PM
To: nanog@nanog.org<mailto:nanog@nanog.org>
Subject: Ford.com network admin

WARNING: This message originated outside of Ford Motor Company. Use caution 
when opening attachments, clicking links, or responding.

I have a specific subnet of users that are getting denied access to even get to 
the login page at 
https://login.ford.com<https://clicktime.symantec.com/15tTDwfkRGYKnHu9Z8Wva?h=KbfwOo2SXdswhZY_XsnjABx70mWj9CjktG3P2k3Spms==https://login.ford.com>.
  Looking for someone to contact me offlist about this issue please

Dennis Burgess

Mikrotik : Trainer, Network Associate, Routing Engineer, Wireless Engineer, 
Traffic Control Engineer, Inter-Networking Engineer, Security Engineer, 
Enterprise Wireless Engineer
Hurricane Electric: IPv6 Sage Level
Cambium: ePMP

Author of "Learn RouterOS- Second Edition”
Link Technologies, Inc -- Mikrotik & WISP Support Services
Office: 314-735-0270  Website: 
http://www.linktechs.net<https://clicktime.symantec.com/15tSyT5u3RVYYTRNvTKUi?h=bJ-LgBFKuS8iHrjjaplHDKaQ-jiiy0DXK2XHe4YIgpo==http://www.linktechs.net/>
Create your own Tickets via 
https://hd.linktechs.net<https://clicktime.symantec.com/15tT97UTxerjNM5E1a7mx?h=j9Go6uX187bfQmjFOLchA0dyelfgMoxPCIruCqQNC1Y==https://hd.linktechs.net>
Create Wireless Coverage’s with 
www.towercoverage.com<https://clicktime.symantec.com/15tTJms2stDvCEj56gv5C?h=qi_2-BkOBtQw-Cu9_Xmydt9Lv3VyrKQcbPBeRlXPZ_k==www.towercoverage.com>
Need MikroTik Cloud Management: 
https://cloud.linktechs.net<https://clicktime.symantec.com/15tT4HHBW3B8xQFJU1idL?h=0sgX8VBDK3vr5eAWSEFrQqtezfrUPc_WKQ24tmjbxTY==https://cloud.linktechs.net/>
Remote Winbox Service: 
http://rwb.linktechs.net<https://clicktime.symantec.com/15tStctcaoox8WbTNtvL6?h=r22bdA6L_u2JiCmRZUIqLQ7kGxb5y7c9-pF9ve9Z8To==http://rwb.linktechs.net>

Ford.com network admin

2023-10-30 Thread Dennis Burgess

I have a specific subnet of users that are getting denied access to even get to 
the login page at https://login.ford.com.  Looking for someone to contact me 
offlist about this issue please

[LTI-Full_175px]
Dennis Burgess

Mikrotik : Trainer, Network Associate, Routing Engineer, Wireless Engineer, 
Traffic Control Engineer, Inter-Networking Engineer, Security Engineer, 
Enterprise Wireless Engineer
Hurricane Electric: IPv6 Sage Level
Cambium: ePMP

Author of "Learn RouterOS- Second Edition"
Link Technologies, Inc -- Mikrotik & WISP Support Services
Office: 314-735-0270  Website: 
http://www.linktechs.net<http://www.linktechs.net/>
Create your own Tickets via https://hd.linktechs.net
Create Wireless Coverage's with www.towercoverage.com
Need MikroTik Cloud Management: 
https://cloud.linktechs.net<https://cloud.linktechs.net/>
Remote Winbox Service: http://rwb.linktechs.net

Spectrum Engineer

2023-03-23 Thread Dennis Burgess

Can someone from spectrum give me a call or shoot me a email.  We have a 
customer that is hard down, BGP is up, we are advertising the prefix to you but 
its not making its way out on the public internet.

[LTI-Full_175px]
Dennis Burgess

Mikrotik : Trainer, Network Associate, Routing Engineer, Wireless Engineer, 
Traffic Control Engineer, Inter-Networking Engineer, Security Engineer, 
Enterprise Wireless Engineer
Hurricane Electric: IPv6 Sage Level
Cambium: ePMP

Author of "Learn RouterOS- Second Edition"
Link Technologies, Inc -- Mikrotik & WISP Support Services
Office: 314-735-0270  Website: 
http://www.linktechs.net<http://www.linktechs.net/>
Create Wireless Coverage's with www.towercoverage.com
Need MikroTik Cloud Management: https://cloud.linktechs.net

RE: 1.1.1.1 support?

2023-03-22 Thread Dennis Burgess

Why would they need it, its free, they are not being paid to be your DNS 
servers.  Assuming the provider is 1.1.1.1 itself.   YOUR ISP SHOULD NOT USE 
1.1.1.1 or 8.8.8.8, you should run your OWN DNS servers.  

If its not within your circle of influence, don’t' risk your business on it!  



Dennis Burgess, Mikrotik Certified Trainer
MTCNA, MTCRE, MTCWE, MTCTCE, MTCINE, MTCSE, HE IPv6 Sage, Cambium ePMP 
Certified 
Author of "Learn RouterOS- Second Edition” 
Link Technologies, Inc -- Mikrotik & WISP Support Services 
Office: 314-735-0270  Website: http://www.linktechs.net 
Need to Automate MikroTik Backups:  https://cloud.linktechs.net 
Create Wireless Coverage’s with www.towercoverage.com 

-Original Message-
From: NANOG  On Behalf Of Saku 
Ytti
Sent: Wednesday, March 22, 2023 6:53 AM
To: Mark Andrews 
Cc: nanog list 
Subject: Re: 1.1.1.1 support?

If you wish to consult people on how to configure DNS, please reach out to the 
responsible folk.

I am discussing a specific recursor in anycasted setup not resolving domain and 
provider offering no remediation channel.

These are two entirely different classes of problem and collapsing them into a 
single problem is not going to help in either case.

On Wed, 22 Mar 2023 at 12:25, Mark Andrews  wrote:
>
> What about the zone not having a single point of failure?  Both 
> servers are covered by the same /24.
>
> % dig www.moi.gov.cy @212.31.118.19 +norec +dnssec
>
> ; <<>> DiG 9.19.11-dev <<>> www.moi.gov.cy @212.31.118.19 +norec 
> +dnssec ;; global options: +cmd ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17380 ;; flags: qr 
> aa; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 4096
> ; COOKIE: 6387183a6031ef182fa6ade7641ad4ff2a078213f4e24fc9 (good) ;; 
> QUESTION SECTION:
> ;www.moi.gov.cy. IN A
>
> ;; ANSWER SECTION:
> www.moi.gov.cy. 3600 IN A 212.31.118.26
>
> ;; AUTHORITY SECTION:
> moi.gov.cy. 3600 IN NS ns01.gov.cy.
> moi.gov.cy. 3600 IN NS ns02.gov.cy.
>
> ;; ADDITIONAL SECTION:
> ns02.gov.cy. 86400 IN A 212.31.118.20
> ns01.gov.cy. 86400 IN A 212.31.118.19
>
> ;; Query time: 374 msec
> ;; SERVER: 212.31.118.19#53(212.31.118.19) (UDP) ;; WHEN: Wed Mar 22 
> 21:14:23 AEDT 2023 ;; MSG SIZE  rcvd: 157
>
> %
>
> > On 22 Mar 2023, at 19:36, Saku Ytti  wrote:
> >
> > Am I correct to understand that 1.1.1.1 only does support via community 
> > forum?
> >
> > They had just enough interest in the service to collect user data to 
> > monetise, but 0 interest in trying to figure out how to detect and 
> > solve problems?
> >
> > Why not build a web form where they ask you to explain what is not 
> > working, in terms of automatically testable. Like no A record for X.
> > Then after you submit this form, they test against all 1.1.1.1 and 
> > some 9.9.9.9 and 8.8.8.8 and if they find a difference in behaviour, 
> > the ticket is accepted and sent to someone who understands DNS? If 
> > there is no difference in behaviour, direct people to community 
> > forums.
> > This trivial, cheap and fast to produce support channel would ensure 
> > virtually 0 trash support cases, so you wouldn't even have to hire 
> > people to support your data collection enterprise.
>
> The number of times that 8.8.8.8 “works” but there is an actual error 
> is enormous.  8.8.8.8 tolerates lots of protocol errors which ends up 
> causing support cases for others where the result is “the servers are 
> broken in this way”.  You then try to report the issue but the report 
> is ignored because “It works with 8.8.8.8”.
>
> > Very obviously they selfishly had no interest in ensuring 1.1.1.1 
> > actually works, as long as they are getting the data. I do not know 
> > how to characterise this as anything but unethical.
> >
> > https://community.cloudflare.com/t/1-1-1-1-wont-resolve-www-moi-gov-
> > cy-in-lca-235m3/487469
> > https://community.cloudflare.com/t/1-1-1-1-failing-to-resolve/474228
> >
> > If you can't due to resources or competence support DNS, do not offer one.
> >
> > --
> >  ++ytti, cake having and cake eating user
>
> --
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742  INTERNET: ma...@isc.org
>


--
  ++ytti

equifax technical contact

2023-03-21 Thread Dennis Burgess

If a Equifax.com tech/engineer can contact me off-list that would be great, or 
if someone has a number/email that would be great as well ..

Thanx in advance.


[LTI-Full_175px]
Dennis Burgess

Mikrotik : Trainer, Network Associate, Routing Engineer, Wireless Engineer, 
Traffic Control Engineer, Inter-Networking Engineer, Security Engineer, 
Enterprise Wireless Engineer
Hurricane Electric: IPv6 Sage Level
Cambium: ePMP

Author of "Learn RouterOS- Second Edition"
Link Technologies, Inc -- Mikrotik & WISP Support Services
Office: 314-735-0270  Website: 
http://www.linktechs.net<http://www.linktechs.net/>
Create Wireless Coverage's with www.towercoverage.com
Need MikroTik Cloud Management: https://cloud.linktechs.net
How did we do today?
[Gold 
Star]<https://app.customerthermometer.com/?template=log_feedback=5badbac1_data=dGVtcGVyYXR1cmVfaWQ9MSZ0aGVybW9tZXRlcl9pZD0xMTM1NjYmbnBzX3JhdGluZz0tMQ===Anonymous=Dennis=Burgess===>[Green
 
Light]<https://app.customerthermometer.com/?template=log_feedback=675abe04_data=dGVtcGVyYXR1cmVfaWQ9MiZ0aGVybW9tZXRlcl9pZD0xMTM1NjYmbnBzX3JhdGluZz0tMQ===Anonymous=Dennis=Burgess===>[Yellow
 
Light]<https://app.customerthermometer.com/?template=log_feedback=e42b48a5_data=dGVtcGVyYXR1cmVfaWQ9MyZ0aGVybW9tZXRlcl9pZD0xMTM1NjYmbnBzX3JhdGluZz0tMQ===Anonymous=Dennis=Burgess===>[Red
 
Light]<https://app.customerthermometer.com/?template=log_feedback=ecaadcd3_data=dGVtcGVyYXR1cmVfaWQ9NCZ0aGVybW9tZXRlcl9pZD0xMTM1NjYmbnBzX3JhdGluZz0tMQ===Anonymous=Dennis=Burgess===>

cogent - Sales practices

2022-08-05 Thread Dennis Burgess

So we just got an email from cogent, we have told them time and time again to 
stop calling and stop emailing.  We tell them are good on bandwidth and we 
don’t need any of their services.. They then sent us a e-mail stating that they 
saw us coming though one of their customers networks from us, and figured we 
would want to buy direct instead of going though one of their customers. Yes 
COGENT stated this; well at least one of their sales reps.  Sounds underhanded, 
shady, and unethical to me.Just figured I would post about it; see if I am 
making a mountain out of a mole hill 

Here is the e-mail:

"Hey (redacted) ,
Maybe there is a misunderstanding. (ISP’s name removed) is a cogent customer 
who we provide upstream to.
My initial inquiry was to see if it makes sense for Link Technologies to be 
utilizing our network instead of through (ISP’s name removed). That way we 
could be a direct network for you.
Would that be at all something that interests you?

Eric Gogerty | Global Account Manager | AS 174
Cogent Communications | Minneapolis, MN (United States Of America)| 
www.cogentco.com
Contact: 612-217-5506| email: egoge...@cogentco.com
The Internet, Unleashed!"




[LTI-Full_175px]
Dennis Burgess

Mikrotik : Trainer, Network Associate, Routing Engineer, Wireless Engineer, 
Traffic Control Engineer, Inter-Networking Engineer, Security Engineer, 
Enterprise Wireless Engineer
Hurricane Electric: IPv6 Sage Level
Cambium: ePMP

Author of "Learn RouterOS- Second Edition”
Link Technologies, Inc -- Mikrotik & WISP Support Services
Office: 314-735-0270  Website: 
http://www.linktechs.net<http://www.linktechs.net/>
Create Wireless Coverage’s with www.towercoverage.com
Need MikroTik Cloud Management: https://cloud.linktechs.net
How did we do today?
[Gold 
Star]<https://app.customerthermometer.com/?template=log_feedback=5badbac1_data=dGVtcGVyYXR1cmVfaWQ9MSZ0aGVybW9tZXRlcl9pZD0xMTM1NjYmbnBzX3JhdGluZz0tMQ===Anonymous=Dennis=Burgess===>[Green
 
Light]<https://app.customerthermometer.com/?template=log_feedback=675abe04_data=dGVtcGVyYXR1cmVfaWQ9MiZ0aGVybW9tZXRlcl9pZD0xMTM1NjYmbnBzX3JhdGluZz0tMQ===Anonymous=Dennis=Burgess===>[Yellow
 
Light]<https://app.customerthermometer.com/?template=log_feedback=e42b48a5_data=dGVtcGVyYXR1cmVfaWQ9MyZ0aGVybW9tZXRlcl9pZD0xMTM1NjYmbnBzX3JhdGluZz0tMQ===Anonymous=Dennis=Burgess===>[Red
 
Light]<https://app.customerthermometer.com/?template=log_feedback=ecaadcd3_data=dGVtcGVyYXR1cmVfaWQ9NCZ0aGVybW9tZXRlcl9pZD0xMTM1NjYmbnBzX3JhdGluZz0tMQ===Anonymous=Dennis=Burgess===>

ATT SWIP

2022-06-24 Thread Dennis Burgess

Looking for someone within the ATT org that can SWIP some of their IPs to an 
ISP.  Currently we are not getting responses from 
ipapplicat...@att.com<mailto:ipapplicat...@att.com>.  Please feel free to 
contact me off-list 


[LTI-Full_175px]
Dennis Burgess

Mikrotik : Trainer, Network Associate, Routing Engineer, Wireless Engineer, 
Traffic Control Engineer, Inter-Networking Engineer, Security Engineer, 
Enterprise Wireless Engineer
Hurricane Electric: IPv6 Sage Level
Cambium: ePMP

Author of "Learn RouterOS- Second Edition”
Link Technologies, Inc -- Mikrotik & WISP Support Services
Office: 314-735-0270  Website: 
http://www.linktechs.net<http://www.linktechs.net/>
Create Wireless Coverage’s with www.towercoverage.com
Need MikroTik Cloud Management: https://cloud.linktechs.net
How did we do today?
[Gold 
Star]<https://app.customerthermometer.com/?template=log_feedback=5badbac1_data=dGVtcGVyYXR1cmVfaWQ9MSZ0aGVybW9tZXRlcl9pZD0xMTM1NjYmbnBzX3JhdGluZz0tMQ===Anonymous=Dennis=Burgess===>[Green
 
Light]<https://app.customerthermometer.com/?template=log_feedback=675abe04_data=dGVtcGVyYXR1cmVfaWQ9MiZ0aGVybW9tZXRlcl9pZD0xMTM1NjYmbnBzX3JhdGluZz0tMQ===Anonymous=Dennis=Burgess===>[Yellow
 
Light]<https://app.customerthermometer.com/?template=log_feedback=e42b48a5_data=dGVtcGVyYXR1cmVfaWQ9MyZ0aGVybW9tZXRlcl9pZD0xMTM1NjYmbnBzX3JhdGluZz0tMQ===Anonymous=Dennis=Burgess===>[Red
 
Light]<https://app.customerthermometer.com/?template=log_feedback=ecaadcd3_data=dGVtcGVyYXR1cmVfaWQ9NCZ0aGVybW9tZXRlcl9pZD0xMTM1NjYmbnBzX3JhdGluZz0tMQ===Anonymous=Dennis=Burgess===>

RE: WISPA (was Making Use of 240/4 NetBlock)

2022-03-09 Thread Dennis Burgess

Let me know where and when  



Dennis Burgess

Author of "Learn RouterOS- Second Edition” 
Link Technologies, Inc -- Mikrotik & WISP Support Services 
Office: 314-735-0270  Website: http://www.linktechs.net 
Create Wireless Coverage’s with www.towercoverage.com 
Need MikroTik Cloud Management: https://cloud.linktechs.net 

-Original Message-
From: NANOG  On Behalf Of 
Travis Garrison
Sent: Wednesday, March 9, 2022 2:12 PM
To: Dave Taht 
Cc: NANOG 
Subject: RE: WISPA (was Making Use of 240/4 NetBlock)

I will be attending also. We should try to do a meetup of the NANOG members

Thank you
Travis Garrison



-Original Message-
From: NANOG  On Behalf Of Dave 
Taht
Sent: Wednesday, March 9, 2022 1:25 PM
To: Tim Howe 
Cc: NANOG 
Subject: Re: V6 still not supported (was Making Use of 240/4 NetBlock)

I am going to attend the WISPA conference in New Orleans next week.
(anyone going)

RE: AT Fiber Line / NOT MIS

2021-06-10 Thread Dennis Burgess

Called Cascaded Router configuration on The POS router they gave .. their 
support and their support “Supervisor” could not make it work.  I just did .. 
FUN.


[LTI-Full_175px]
Dennis Burgess, Mikrotik Certified Trainer
MTCNA, MTCRE, MTCWE, MTCTCE, MTCINE, MTCSE, HE IPv6 Sage, Cambium ePMP Certified
Author of "Learn RouterOS- Second Edition”
Link Technologies, Inc -- Mikrotik & WISP Support Services
Office: 314-735-0270  Website: 
http://www.linktechs.net<http://www.linktechs.net/>
Create Wireless Coverage’s with www.towercoverage.com

From: Alex Conner 
Sent: Thursday, June 10, 2021 2:01 PM
To: Dennis Burgess 
Cc: TJ Trout ; nanog@nanog.org
Subject: Re: AT Fiber Line / NOT MIS

Yep; but even IP Passthrough, routed subnet, etc. all count as NAT sessions 
against the internal NAT table.

BTW, that's the feature you're looking for - routed subnet. That will pass your 
/26 to another network device over an RFC1918 subnet. The steps depend on what 
particular gateway hardware they have, but a quick Google of the gateway model 
and "routed subnet" should get you to the right spot. Assuming of course the 
other service limitations aren't a dealbreaker.

On Thu, Jun 10, 2021 at 2:54 PM Dennis Burgess 
mailto:dmburg...@linktechs.net>> wrote:
Ya not wishing to do NAT...
Sent from mobile device..


From: Alex Conner mailto:he...@codatory.com>>
Sent: Thursday, June 10, 2021 1:49:27 PM
To: TJ Trout mailto:t...@pcguys.us>>
Cc: Dennis Burgess mailto:dmburg...@linktechs.net>>; 
nanog@nanog.org<mailto:nanog@nanog.org> 
mailto:nanog@nanog.org>>
Subject: Re: AT Fiber Line / NOT MIS

Bonus points, the small business fiber has extremely limited NAT session limits 
(depends on hardware, but not greater than 16,000 sessions) and everything 
counts. Cold loading CNN.com (an AT company) in a default config without an 
adblocker will use close to 3000, which will saturate and cause errors on some 
of their gateway hardware (NVG595). If you want to use it for any serious 
purpose, stick a tunnel out to a real connection.

On Thu, Jun 10, 2021 at 2:43 PM TJ Trout 
mailto:t...@pcguys.us>> wrote:
Yeah not going to happen on U-verse

On Thu, Jun 10, 2021 at 11:32 AM Dennis Burgess 
mailto:dmburg...@linktechs.net>> wrote:

Guess their broadband stuff☹





Dennis Burgess

Author of "Learn RouterOS- Second Edition”

Link Technologies, Inc -- Mikrotik & WISP Support Services

Office: 314-735-0270  Website: 
http://www.linktechs.net<http://www.linktechs.net/>

Create Wireless Coverage’s with 
www.towercoverage.com<http://www.towercoverage.com>

Need MikroTik Cloud Management: https://cloud.linktechs.net



From: TJ Trout mailto:t...@pcguys.us>>
Sent: Thursday, June 10, 2021 1:12 PM
To: Dennis Burgess mailto:dmburg...@linktechs.net>>
Cc: nanog@nanog.org<mailto:nanog@nanog.org>
Subject: Re: AT Fiber Line / NOT MIS



call back, i dont think that's accurate. What is the specific product?



On Thu, Jun 10, 2021 at 7:25 AM Dennis Burgess 
mailto:dmburg...@linktechs.net>> wrote:

I have a ATT fiber line for a customer that has a 300/300 circuit, but its not 
a MIS they are telling me we cannot route a /26 (they have allocated) to my 
device behind it.  ☹  Any options?





Dennis Burgess

Mikrotik : Trainer, Network Associate, Routing Engineer, Wireless Engineer, 
Traffic Control Engineer, Inter-Networking Engineer, Security Engineer, 
Enterprise Wireless Engineer

Hurricane Electric: IPv6 Sage Level

Cambium: ePMP



Author of "Learn RouterOS- Second Edition”

Link Technologies, Inc -- Mikrotik & WISP Support Services

Office: 314-735-0270  Website: 
http://www.linktechs.net<http://www.linktechs.net/>

Create Wireless Coverage’s with 
www.towercoverage.com<http://www.towercoverage.com>

Need MikroTik Cloud Management: https://cloud.linktechs.net

How did we do today?

Re: AT Fiber Line / NOT MIS

2021-06-10 Thread Dennis Burgess

Ya not wishing to do NAT...

Sent from mobile device..

From: Alex Conner 
Sent: Thursday, June 10, 2021 1:49:27 PM
To: TJ Trout 
Cc: Dennis Burgess ; nanog@nanog.org 
Subject: Re: AT Fiber Line / NOT MIS

Bonus points, the small business fiber has extremely limited NAT session limits 
(depends on hardware, but not greater than 16,000 sessions) and everything 
counts. Cold loading CNN.com (an AT company) in a default config without an 
adblocker will use close to 3000, which will saturate and cause errors on some 
of their gateway hardware (NVG595). If you want to use it for any serious 
purpose, stick a tunnel out to a real connection.

On Thu, Jun 10, 2021 at 2:43 PM TJ Trout 
mailto:t...@pcguys.us>> wrote:
Yeah not going to happen on U-verse

On Thu, Jun 10, 2021 at 11:32 AM Dennis Burgess 
mailto:dmburg...@linktechs.net>> wrote:

Guess their broadband stuff☹

[LTI-Full_175px]

Dennis Burgess

Author of "Learn RouterOS- Second Edition”

Link Technologies, Inc -- Mikrotik & WISP Support Services

Office: 314-735-0270  Website: 
http://www.linktechs.net<http://www.linktechs.net/>

Create Wireless Coverage’s with 
www.towercoverage.com<http://www.towercoverage.com>

Need MikroTik Cloud Management: https://cloud.linktechs.net

From: TJ Trout mailto:t...@pcguys.us>>
Sent: Thursday, June 10, 2021 1:12 PM
To: Dennis Burgess mailto:dmburg...@linktechs.net>>
Cc: nanog@nanog.org<mailto:nanog@nanog.org>
Subject: Re: AT Fiber Line / NOT MIS

call back, i dont think that's accurate. What is the specific product?

On Thu, Jun 10, 2021 at 7:25 AM Dennis Burgess 
mailto:dmburg...@linktechs.net>> wrote:

I have a ATT fiber line for a customer that has a 300/300 circuit, but its not 
a MIS they are telling me we cannot route a /26 (they have allocated) to my 
device behind it.  ☹  Any options?

Dennis Burgess

Mikrotik : Trainer, Network Associate, Routing Engineer, Wireless Engineer, 
Traffic Control Engineer, Inter-Networking Engineer, Security Engineer, 
Enterprise Wireless Engineer

Hurricane Electric: IPv6 Sage Level

Cambium: ePMP

Author of "Learn RouterOS- Second Edition”

Link Technologies, Inc -- Mikrotik & WISP Support Services

Office: 314-735-0270  Website: 
http://www.linktechs.net<http://www.linktechs.net/>

Create Wireless Coverage’s with 
www.towercoverage.com<http://www.towercoverage.com>

Need MikroTik Cloud Management: https://cloud.linktechs.net

How did we do today?

<https://app.customerthermometer.com/?template=log_feedback=5badbac1_data=dGVtcGVyYXR1cmVfaWQ9MSZ0aGVybW9tZXRlcl9pZD0xMTM1NjYmbnBzX3JhdGluZz0tMQ===Anonymous=Dennis=Burgess===>

RE: AT Fiber Line / NOT MIS

2021-06-10 Thread Dennis Burgess

Guess their broadband stuff☹


[LTI-Full_175px]
Dennis Burgess

Author of "Learn RouterOS- Second Edition”
Link Technologies, Inc -- Mikrotik & WISP Support Services
Office: 314-735-0270  Website: 
http://www.linktechs.net<http://www.linktechs.net/>
Create Wireless Coverage’s with www.towercoverage.com
Need MikroTik Cloud Management: https://cloud.linktechs.net

From: TJ Trout 
Sent: Thursday, June 10, 2021 1:12 PM
To: Dennis Burgess 
Cc: nanog@nanog.org
Subject: Re: AT Fiber Line / NOT MIS

call back, i dont think that's accurate. What is the specific product?

On Thu, Jun 10, 2021 at 7:25 AM Dennis Burgess 
mailto:dmburg...@linktechs.net>> wrote:
I have a ATT fiber line for a customer that has a 300/300 circuit, but its not 
a MIS they are telling me we cannot route a /26 (they have allocated) to my 
device behind it.  ☹  Any options?


Dennis Burgess

Mikrotik : Trainer, Network Associate, Routing Engineer, Wireless Engineer, 
Traffic Control Engineer, Inter-Networking Engineer, Security Engineer, 
Enterprise Wireless Engineer
Hurricane Electric: IPv6 Sage Level
Cambium: ePMP

Author of "Learn RouterOS- Second Edition”
Link Technologies, Inc -- Mikrotik & WISP Support Services
Office: 314-735-0270  Website: 
http://www.linktechs.net<http://www.linktechs.net/>
Create Wireless Coverage’s with 
www.towercoverage.com<http://www.towercoverage.com>
Need MikroTik Cloud Management: https://cloud.linktechs.net
How did we do today?
<https://app.customerthermometer.com/?template=log_feedback=5badbac1_data=dGVtcGVyYXR1cmVfaWQ9MSZ0aGVybW9tZXRlcl9pZD0xMTM1NjYmbnBzX3JhdGluZz0tMQ===Anonymous=Dennis=Burgess===>

AT Fiber Line / NOT MIS

2021-06-10 Thread Dennis Burgess

I have a ATT fiber line for a customer that has a 300/300 circuit, but its not 
a MIS they are telling me we cannot route a /26 (they have allocated) to my 
device behind it.  ☹  Any options?


[LTI-Full_175px]
Dennis Burgess

Mikrotik : Trainer, Network Associate, Routing Engineer, Wireless Engineer, 
Traffic Control Engineer, Inter-Networking Engineer, Security Engineer, 
Enterprise Wireless Engineer
Hurricane Electric: IPv6 Sage Level
Cambium: ePMP

Author of "Learn RouterOS- Second Edition”
Link Technologies, Inc -- Mikrotik & WISP Support Services
Office: 314-735-0270  Website: 
http://www.linktechs.net<http://www.linktechs.net/>
Create Wireless Coverage’s with www.towercoverage.com
Need MikroTik Cloud Management: https://cloud.linktechs.net
How did we do today?
[Gold 
Star]<https://app.customerthermometer.com/?template=log_feedback=5badbac1_data=dGVtcGVyYXR1cmVfaWQ9MSZ0aGVybW9tZXRlcl9pZD0xMTM1NjYmbnBzX3JhdGluZz0tMQ===Anonymous=Dennis=Burgess===>[Green
 
Light]<https://app.customerthermometer.com/?template=log_feedback=675abe04_data=dGVtcGVyYXR1cmVfaWQ9MiZ0aGVybW9tZXRlcl9pZD0xMTM1NjYmbnBzX3JhdGluZz0tMQ===Anonymous=Dennis=Burgess===>[Yellow
 
Light]<https://app.customerthermometer.com/?template=log_feedback=e42b48a5_data=dGVtcGVyYXR1cmVfaWQ9MyZ0aGVybW9tZXRlcl9pZD0xMTM1NjYmbnBzX3JhdGluZz0tMQ===Anonymous=Dennis=Burgess===>[Red
 
Light]<https://app.customerthermometer.com/?template=log_feedback=ecaadcd3_data=dGVtcGVyYXR1cmVfaWQ9NCZ0aGVybW9tZXRlcl9pZD0xMTM1NjYmbnBzX3JhdGluZz0tMQ===Anonymous=Dennis=Burgess===>

RE: Switch for SFP+

2020-05-18 Thread Dennis Burgess via NANOG

Yep, run SwichOS, prevents you from running things in software. 


[LTI-Full_175px]
Dennis Burgess, Mikrotik Certified Trainer
MTCNA, MTCRE, MTCWE, MTCTCE, MTCINE, MTCSE, HE IPv6 Sage, Cambium ePMP Certified
Author of "Learn RouterOS- Second Edition”
Link Technologies, Inc -- Mikrotik & WISP Support Services
Office: 314-735-0270  Website: 
http://www.linktechs.net<http://www.linktechs.net/>
Create Wireless Coverage’s with www.towercoverage.com

From: NANOG  On Behalf Of Mike Hammett
Sent: Monday, May 18, 2020 4:37 PM
To: Mauro Gasparini 
Cc: nanog@nanog.org
Subject: Re: Switch for SFP+

That's a downfall of Mikrotik, they give you ultimate power. You can do some 
pretty atypical things on there.


-
Mike Hammett
Intelligent Computing 
Solutions<https://imsva91-ctp.trendmicro.com:443/wis/clicktime/v1/query?url=http%3a%2f%2fwww.ics%2dil.com=B47E9451-A5F3-0D05-8BDE-9FDBD4B4C161=079c058f437b7c6303d36c6513e5e8848d0c5ac4-285b59a47041a35803b05fa3a991e89443b374c5>
[https://imsva91-ctp.trendmicro.com:443/wis/clicktime/v1/query?url=http%3a%2f%2fwww.ics%2dil.com%2fimages%2ffbicon.png%5d=B47E9451-A5F3-0D05-8BDE-9FDBD4B4C161=079c058f437b7c6303d36c6513e5e8848d0c5ac4-c5ec4171d8eb30d5845a6c42bb158eac5049c875<https://www.facebook.com/ICSIL>[https://imsva91-ctp.trendmicro.com:443/wis/clicktime/v1/query?url=http%3a%2f%2fwww.ics%2dil.com%2fimages%2fgoogleicon.png%5d=B47E9451-A5F3-0D05-8BDE-9FDBD4B4C161=079c058f437b7c6303d36c6513e5e8848d0c5ac4-be2e4edf2d685ea567f2602c305bfa048c02fad1<https://plus.google.com/+IntelligentComputingSolutionsDeKalb>[https://imsva91-ctp.trendmicro.com:443/wis/clicktime/v1/query?url=http%3a%2f%2fwww.ics%2dil.com%2fimages%2flinkedinicon.png%5d=B47E9451-A5F3-0D05-8BDE-9FDBD4B4C161=079c058f437b7c6303d36c6513e5e8848d0c5ac4-9b0374f5a186eee94c15990608340f801b26<https://www.linkedin.com/company/intelligent-computing-solutions>[https://imsva91-ctp.trendmicro.com:443/wis/clicktime/v1/query?url=http%3a%2f%2fwww.ics%2dil.com%2fimages%2ftwittericon.png%5d=B47E9451-A5F3-0D05-8BDE-9FDBD4B4C161=079c058f437b7c6303d36c6513e5e8848d0c5ac4-5022b39587706bd2ec7239629cf89dc0926aa6a9<https://twitter.com/ICSIL>
Midwest Internet Exchange<http://www.midwest-ix.com/>
[https://imsva91-ctp.trendmicro.com:443/wis/clicktime/v1/query?url=http%3a%2f%2fwww.ics%2dil.com%2fimages%2ffbicon.png%5d=B47E9451-A5F3-0D05-8BDE-9FDBD4B4C161=079c058f437b7c6303d36c6513e5e8848d0c5ac4-c5ec4171d8eb30d5845a6c42bb158eac5049c875<https://www.facebook.com/mdwestix>[https://imsva91-ctp.trendmicro.com:443/wis/clicktime/v1/query?url=http%3a%2f%2fwww.ics%2dil.com%2fimages%2flinkedinicon.png%5d=B47E9451-A5F3-0D05-8BDE-9FDBD4B4C161=079c058f437b7c6303d36c6513e5e8848d0c5ac4-9b0374f5a186eee94c15990608340f801b26<https://www.linkedin.com/company/midwest-internet-exchange>[https://imsva91-ctp.trendmicro.com:443/wis/clicktime/v1/query?url=http%3a%2f%2fwww.ics%2dil.com%2fimages%2ftwittericon.png%5d=B47E9451-A5F3-0D05-8BDE-9FDBD4B4C161=079c058f437b7c6303d36c6513e5e8848d0c5ac4-5022b39587706bd2ec7239629cf89dc0926aa6a9<https://twitter.com/mdwestix>
The Brothers WISP<http://www.thebrotherswisp.com/>
[https://imsva91-ctp.trendmicro.com:443/wis/clicktime/v1/query?url=http%3a%2f%2fwww.ics%2dil.com%2fimages%2ffbicon.png%5d=B47E9451-A5F3-0D05-8BDE-9FDBD4B4C161=079c058f437b7c6303d36c6513e5e8848d0c5ac4-c5ec4171d8eb30d5845a6c42bb158eac5049c875<https://www.facebook.com/thebrotherswisp>[https://imsva91-ctp.trendmicro.com:443/wis/clicktime/v1/query?url=http%3a%2f%2fwww.ics%2dil.com%2fimages%2fyoutubeicon.png%5d=B47E9451-A5F3-0D05-8BDE-9FDBD4B4C161=079c058f437b7c6303d36c6513e5e8848d0c5ac4-c3a2a0a72aa5c9ab369580d4aacc6f70b7e85886<https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg>

From: "Mauro Gasparini" mailto:mjgaspar...@gmail.com>>
To: nanog@nanog.org<mailto:nanog@nanog.org>
Sent: Monday, May 18, 2020 1:45:59 PM
Subject: Re: Switch for SFP+

It's clear then that I must use "bridge vlan" to achieve the goal I am looking 
for.
Now it's time for me to study, research and test on my side.
If I have any specific questions, I will draw on your experience.
Thanks a lot.
El 15/5/20 a las 22:11, Travis Garrison escribió:
On the CRS 3xx line, use vlan filtering instead. This guarantees hardware 
offloading.

PS. Do not use this method on the 1xx or 2xx lines.

/interface bonding
add mode=802.3ad name=bond-inet slaves=ether9,ether10,ether8 
transmit-hash-policy=layer-2-and-3

/interface bridge
add name=bridge vlan-filtering=yes

/interface bridge port
add bridge=bridge interface=bond-inet
add bridge=bridge interface=sfp1

/interface bridge vlan
add bridge=bridge tagged=bond-inet,sfp1 vlan-ids=201

Thanks
Travis

From: NANOG <mailto:nanog-boun...@nanog.org> On Behalf 
Of Mauro Gasparini
Sent: Friday, May 15, 2020 10:55 AM
To: nanog@nanog.org<mailto:nanog@nanog.org>
Subject: Re: Switch for SFP+

This works we

ATT Watch TV Contact

2020-04-27 Thread Dennis Burgess via NANOG

If a watch TV contact, or if you have a technical contact, would contact me 
off-list that would be great.

I have a new IP block that is not working with ATT Watch TV app.


[LTI-Full_175px]
Dennis Burgess, Mikrotik Certified Trainer
MTCNA, MTCRE, MTCWE, MTCTCE, MTCINE, MTCSE, HE IPv6 Sage, Cambium ePMP Certified
Author of "Learn RouterOS- Second Edition"
Link Technologies, Inc -- Mikrotik & WISP Support Services
Office: 314-735-0270  Website: 
http://www.linktechs.net<http://www.linktechs.net/>
Create Wireless Coverage's with www.towercoverage.com

RE: Free Program to take netflow

2019-05-20 Thread Dennis Burgess via NANOG

It specifically states it uses AS data from the netflow source.  I don't have 
that ☹  

FROM website:
collects NetFlow v8/v9 AS aggregation records

Dennis Burgess, 

-Original Message-
From: NANOG  On Behalf Of na...@jack.fr.eu.org
Sent: Monday, May 20, 2019 8:43 AM
To: nanog@nanog.org
Subject: Re: Free Program to take netflow

Check out AS-Stats¹, with perl-ip2as

[1] https://github.com/manuelkasper/AS-Stats


On 05/20/2019 03:36 PM, Dennis Burgess via NANOG wrote:
> Please let me clarify.  Currently the Netflow data that this customer is 
> sending does NOT supply AS information.  So I need something to generate that 
> AS data and display.  The goal is to figure out where we need to peer next.  
> Where the top traffic is coming in from (what AS) on our paid transit.
> 
> 
> 
> Dennis Burgess,
> 
> From: NANOG  On Behalf Of Dennis Burgess via NANOG
> Sent: Friday, May 17, 2019 9:27 AM
> To: nanog@nanog.org
> Subject: Free Program to take netflow
> 
> I am looking for a free program to take netflow and output what the top 
> traffic ASes to and from my AS are.   Something that we can look at every 
> once in a while, and/or spin up and get data then shutdown..  Just have two 
> ports need netflow from currently.
> 
> Thanks in advance.
> 
> 
> 
> Dennis Burgess
> 
>

RE: Free Program to take netflow

2019-05-20 Thread Dennis Burgess via NANOG

Please let me clarify.  Currently the Netflow data that this customer is 
sending does NOT supply AS information.  So I need something to generate that 
AS data and display.  The goal is to figure out where we need to peer next.  
Where the top traffic is coming in from (what AS) on our paid transit.



Dennis Burgess,

From: NANOG  On Behalf Of Dennis Burgess via NANOG
Sent: Friday, May 17, 2019 9:27 AM
To: nanog@nanog.org
Subject: Free Program to take netflow

I am looking for a free program to take netflow and output what the top traffic 
ASes to and from my AS are.   Something that we can look at every once in a 
while, and/or spin up and get data then shutdown..  Just have two ports need 
netflow from currently.

Thanks in advance.



Dennis Burgess

Free Program to take netflow

2019-05-17 Thread Dennis Burgess via NANOG

I am looking for a free program to take netflow and output what the top traffic 
ASes to and from my AS are.   Something that we can look at every once in a 
while, and/or spin up and get data then shutdown..  Just have two ports need 
netflow from currently.

Thanks in advance.


[LTI-Full_175px]
Dennis Burgess, Mikrotik Certified Trainer
Author of "Learn RouterOS- Second Edition"
Link Technologies, Inc -- Mikrotik & WISP Support Services
Office: 314-735-0270  Website: 
http://www.linktechs.net<http://www.linktechs.net/>
Create Wireless Coverage's with www.towercoverage.com

RE: Cogent v6 Blackhole server issues???

2019-02-22 Thread Dennis Burgess via NANOG

Out of St. Louis, mine has been up since the last reboot of my router.  

2001:550:0:1000::421c:802 is my peering..  





Dennis Burgess, Mikrotik Certified Trainer 
Author of "Learn RouterOS- Second Edition” 
Link Technologies, Inc -- Mikrotik & WISP Support Services 
Office: 314-735-0270  Website: http://www.linktechs.net 
Create Wireless Coverage’s with www.towercoverage.com 

-Original Message-
From: NANOG  On Behalf Of John Von Essen
Sent: Friday, February 22, 2019 12:15 PM
To: nanog@nanog.org
Subject: Cogent v6 Blackhole server issues???

2 days ago my IPv6 BGP session to Cogent's Blackhole server went down 
(2001:550:0:1000::421C:802), I've spent all morning emailing their NOC and I'm 
getting nowhere. Anyone else seeing this? Im in the Phila Metro area.

-John

RE: CenturyLink

2018-12-27 Thread Dennis Burgess via NANOG

National outage since 4:33 am this morning..


[LTI-Full_175px]
Dennis Burgess, Mikrotik Certified Trainer
Author of "Learn RouterOS- Second Edition"
Link Technologies, Inc -- Mikrotik & WISP Support Services
Office: 314-735-0270  Website: 
http://www.linktechs.net<http://www.linktechs.net/>
Create Wireless Coverage's with www.towercoverage.com

From: NANOG  On Behalf Of Naslund, Steve
Sent: Thursday, December 27, 2018 12:46 PM
To: nanog@nanog.org
Subject: CenturyLink

Anyone have any insight to the nationwide CenturyLink issues/outages today?  
Just wondering.  Know for sure that our connections to them from Florida, Iowa, 
and Washington State are all affected.  Voice and data.

Steven Naslund
Chicago IL

Playstation/Sony Support

2018-09-14 Thread Dennis Burgess via NANOG

I am looking for someone that can help me with a IP that appears banned from 
the PS4 network.  If you are around, please hit me off-list :)

Thanx,


Dennis Burgess, Mikrotik Certified Trainer
Author of "Learn RouterOS- Second Edition"
Link Technologies, Inc -- Mikrotik & WISP Support Services
Office: 314-735-0270  Website: 
http://www.linktechs.net<http://www.linktechs.net/>
Create Wireless Coverage's with www.towercoverage.com

RE: BGP Battleships

2018-05-24 Thread Dennis Burgess

MikroTik Official Response: 

Cisco informed us on May 22nd of 2018, that a malicious tool was found on 
several manufacturer devices, including three devices made by MikroTik. We are 
highly certain that this malware was installed on these devices through a 
vulnerability in MikroTik RouterOS software, which was already patched by 
MikroTik in March 2017. Simply upgrading RouterOS software deletes the malware, 
any other 3rd party files and closes the vulnerability. Let us know if you need 
more details. Upgrading RouterOS is done by a few clicks and takes only a 
minute.

https://forum.mikrotik.com/viewtopic.php?f=21=134776=663825#p663825

Dennis Burgess, MikroTik Certified Trainer

-Original Message-
From: NANOG <nanog-boun...@nanog.org> On Behalf Of Mark Tinka
Sent: Thursday, May 24, 2018 3:44 AM
To: sur...@mauigateway.com; nanog@nanog.org
Subject: Re: BGP Battleships

So the moral of the story is... "former Level(3)" must step into the bar and 
have a beer with the rest of us :-)?

Mark.

On 23/May/18 22:53, Scott Weeks wrote:
>
> I saw the below on SWINOG and thought it might add some fun in the 
> middle of all this General Data Protection Regulation conversation. :)
>
> scott
>
>
> --- Begin forwarded message:
>
> From: Gregor Riepl <onit...@gmail.com>
> To: swi...@lists.swinog.ch
> Subject: [swinog] BGP Battleships
> Date: Tue, 22 May 2018 23:18:51 +0200
>
> Some good ol' fun with BGP:
>
> https://imsva91-ctp.trendmicro.com:443/wis/clicktime/v1/query?url=http
> s%3a%2f%2fblog.benjojo.co.uk%2fpost%2fbgp%2dbattleships=11F39436-
> 6CEF-A905-AF98-203A0AD563EA=079c058f437b7c6303d36c6513e5e8848d0c5
> ac4-9d1558ea3856dddcaa08f2ee54a6060b4ee27e65
>
> Please (don't?) try this at home!
>
>
>
>
> .
>

COX contact

2018-04-03 Thread Dennis Burgess

Can I get a network engineer from COX to give me a call or email me please :)  
I have a routing issue that I need taken a look at..



Dennis Burgess, Mikrotik Certified Trainer
Author of "Learn RouterOS- Second Edition"
Link Technologies, Inc -- Mikrotik & WISP Support Services
Office: 314-735-0270  Website: 
http://www.linktechs.net<http://www.linktechs.net/>
Create Wireless Coverage's with www.towercoverage.com

mailchimp contact

2017-12-26 Thread Dennis Burgess

Would a MailChimp contact pelase hit me off-list :)


Dennis Burgess - Network Solution Engineer - Consultant
MikroTik Certified 
Trainer/Consultant<http://www.linktechs.net/productcart/pc/viewcontent.asp?idpage=5>
 - MTCNA, MTCRE, MTCWE, MTCTCE, MTCINE

For Wireless Hardware/Routers visit www.linktechs.net<http://www.linktechs.net/>
Radio Frequency Coverages: www.towercoverage.com<http://www.towercoverage.com/>
Office: 314-735-0270
E-Mail: dmburg...@linktechs.net<mailto:dmburg...@linktechs.net>

ATT Support

2017-08-07 Thread Dennis Burgess

I am looking to talk to ATT MIS support, someone that can actually look at 
stuff.  :(  Please e-mail me off-list.  Going in circles with their normal 
support 


Dennis Burgess - Network Solution Engineer - Consultant
MikroTik Certified 
Trainer/Consultant<http://www.linktechs.net/productcart/pc/viewcontent.asp?idpage=5>
 - MTCNA, MTCRE, MTCWE, MTCTCE, MTCINE

For Wireless Hardware/Routers visit www.linktechs.net<http://www.linktechs.net/>
Radio Frequency Coverages: www.towercoverage.com<http://www.towercoverage.com/>
Office: 314-735-0270
E-Mail: dmburg...@linktechs.net<mailto:dmburg...@linktechs.net>

RE: WEBINAR TUESDAY: Can We Make IPv4 Great Again?

2017-03-06 Thread Dennis Burgess

Well try to get ATT to announce IPv6 though our AS!  Lol Been on the phone with 
the for over a month.  Still no ETA :(  


Dennis Burgess - Network Solution Engineer - Consultant 
MikroTik Certified Trainer/Consultant - MTCNA, MTCRE, MTCWE, MTCTCE, MTCINE

For Wireless Hardware/Routers visit www.linktechs.net
Radio Frequiency Coverages: www.towercoverage.com 
Office: 314-735-0270
E-Mail: dmburg...@linktechs.net 


-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Bob Evans
Sent: Monday, March 6, 2017 3:34 PM
To: William Herrin <b...@herrin.us>
Cc: nanog@nanog.org
Subject: Re: WEBINAR TUESDAY: Can We Make IPv4 Great Again?

I think only 22% of networks with an AS announce IPv6 space.  Is that correct ?

Thank You
Bob Evans
CTO




> On Mon, Mar 6, 2017 at 4:00 PM, Baldur Norddahl 
> <baldur.nordd...@gmail.com> wrote:
>> Major ISPs have IPv6 support now. It is the sites (=servers) that are 
>> lacking.
>
> Hi Baldur,
>
> Not exactly. My Verizon FiOS does not support IPv6. Neither does my 
> Cox Cable Internet. My Verizon Wireless service supports IPv6 but my 
> AT Wireless service does not.
>
> All four of these entities have IPv6 somewhere in their networks but 
> that's not at all the same thing as saying they "have IPv6 support."
>
> IPv6 deployment has gathered some momentum, enough that it's unlikely 
> to sputter out, but it's still laughably weak.
>
> Regards,
> Bill Herrin
>
>
>
> --
> William Herrin  her...@dirtside.com  b...@herrin.us 
> Dirtside Systems . Web: <http://www.dirtside.com/>
>

CenturyLink Executive

2016-08-02 Thread Dennis Burgess

I have been working on a circuit outage since Monday morning, my tickets are 
closed, can't get ahold of anyone, no phone calls, problem not resolved, anyone 
from CenturyLink Executive Team could give me a call or e-mail to see if we can 
get these issues solved.

[DennisBurgessSignature]
www.linktechs.net - 314-735-0270 x103 - 
dmburg...@linktechs.net

craigslist.com admin

2016-05-31 Thread Dennis Burgess

Looking for a craigslist.com admin to connect with offlist about a block :)

[DennisBurgessSignature]
www.linktechs.net - 314-735-0270 x103 - 
dmburg...@linktechs.net

RE: ISP License in the USA?

2016-05-31 Thread Dennis Burgess

I would suggest getting a new consultant .. :)  

Possible Acronyms

College of Arts and Letters (Missouri State University; Springfield, MO)
Cartridge Overall Length (shooting)
Client Object Access Layer
Circle of Acro Lovers
Columbus Ohio Area Local
Consolidated Operational Activities List
Customer Order Acceptance List
Common Operational Activities List (US Navy)
Chance of a Lifetime (raffle)

Lol got me!   There is nothing that I know of that you have to "license" to 
become a ISP in the US of A. . You do have to fill out Form 477 twice a year. 
:)  


www.linktechs.net - 314-735-0270 x103 - dmburg...@linktechs.net 

-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Lorell Hathcock
Sent: Tuesday, May 31, 2016 1:14 PM
To: 'NANOG list' 
Subject: ISP License in the USA?

NANOG:

 

Our owner has hired a consultant who insists that we should have an ISP license 
to operate in the United States.  (Like they have in other countries like 
Germany and in Africa where he has extensive personal experience.)

 

I am asking him to tell me which license we should have because I don't know of 
a license that we are required to have to route IP traffic to end customers.

 

I am familiar with CLEC status filed with our state.  But it is not a 
requirement to pass traffic.

 

He is suggesting COALS with which I am completely unfamiliar.

 

Can anyone tell me if there is a Texas state and/or USA Federal license for a 
small operator to pass IP traffic from the internet to end users (commercial 
and/or residential).

 

I am aware that there are some CALEA requirements of ISPs that seem to kick in 
once a CALEA request is made, but is that different from a license.

 

Thanks,

 

Lorell Hathcock

RE: Cogent - Google - HE Fun

2016-03-13 Thread Dennis Burgess

In the end, google has made a choice. I think these kinds of choices will delay 
IPv6 adoption.  

-Original Message-
From: Damien Burke [mailto:dam...@supremebytes.com] 
Sent: Friday, March 11, 2016 2:51 PM
To: Mark Tinka <mark.ti...@seacom.mu>; Owen DeLong <o...@delong.com>; Dennis 
Burgess <dmburg...@linktechs.net>
Cc: North American Network Operators' Group <nanog@nanog.org>
Subject: RE: Cogent - Google - HE Fun

Just received an updated statement from cogent support:

"We appreciate your concerns. This is a known issue that originates with Google 
as it is up to their discretion as to how they announce routes to us v4 or v6. 

Once again, apologies for any inconvenience."

And:

"The SLA does not cover route transit beyond our network. We cannot route to 
IPs that are not announced to us by the IP owner, directly or through a network 
peer."

RE: AW: Cogent - Google - HE Fun

2016-03-10 Thread Dennis Burgess

Not wishing to get into a pissing war with who is right or wrong, but it sounds 
like google already pays or has an agreement with cogent for v4, as that's 
unaffected, cogent says google is simply not advertising v6 prefixes to them, 
so, how is that cogent's fault?


-Original Message-
From: Jon Lewis [mailto:jle...@lewis.org] 
Sent: Wednesday, March 9, 2016 11:26 AM
To: Jürgen Jaritsch <jjarit...@anexia-it.com>
Cc: Dennis Burgess <dmburg...@linktechs.net>; North American Network Operators' 
Group <nanog@nanog.org>
Subject: Re: AW: Cogent - Google - HE Fun

In other words, GOOG is playing peering chicken with Cogent for IPv6.  I'm not 
surprised.  I suggested it during talks with GOOG roughly 10 years ago...not 
saying I had any influence...I'm pretty sure I did not. :)

GOOG wants Cogent to peer.  Cogent wants GOOG to pay for transit (from them or 
someone else to get to Cogent).  If you're well peered / multihomed, it's not 
much of an issue.  If you're a single-homed Cogent customer, you should 
complain to Cogent that they're not providing full
IPv6 connectivity.

On Wed, 9 Mar 2016, Jürgen Jaritsch wrote:

> Hi,
>
> mail from Cogent:
>>>>>
> Dear Cogent Customer,
>
> Thank you for contacting Cogent Customer Support for information about the 
> Google IPv6 addresses you are unable to reach.
>
> Google uses transit providers to announce their IPv4 routes to Cogent.
>
> At this time however, Google has chosen not to announce their IPv6 routes to 
> Cogent through transit providers.
>
> We apologize for any inconvenience this may cause you and will notify you if 
> there is an update to the situation.
> <<<<
>
> Mail from Google:
>>>>>
> Unfortunately it seems that your transit provider does not have IPv6 
> connectivity with Google. We suggest you ask your transit provider to look 
> for alternatives to interconnect with us.
>
> Google maintains an open interconnect policy for IPv6 and welcomes any 
> network to peer with us for access via IPv6 (and IPv4). For those networks 
> that aren't able, or chose not to peer with Google via IPv6, they are able to 
> reach us through any of a large number of transit providers.
>
> For more information in how to peer directly with Google please visit 
> https://peering.google.com <<<<
>
> best regards
>
> Jürgen Jaritsch
> Head of Network & Infrastructure
>
> ANEXIA Internetdienstleistungs GmbH
>
> Telefon: +43-5-0556-300
> Telefax: +43-5-0556-500
>
> E-Mail: jjarit...@anexia-it.com
> Web: http://www.anexia-it.com
>
>
>
> Anschrift Hauptsitz Klagenfurt: Feldkirchnerstraße 140, 9020 
> Klagenfurt
> Geschäftsführer: Alexander Windbichler
> Firmenbuch: FN 289918a | Gerichtsstand: Klagenfurt | UID-Nummer: AT 
> U63216601
>
>
> -Ursprüngliche Nachricht-
> Von: NANOG [mailto:nanog-bounces+jjaritsch=anexia-it@nanog.org] Im 
> Auftrag von Dennis Burgess
> Gesendet: Mittwoch, 09. März 2016 17:01
> An: North American Network Operators' Group
> Betreff: Cogent - Google - HE Fun
>
> I just noticed that I am NOT getting IPV6 Google prefixes though Cogent at 
> all. I was told google pulled all of their peering with Cogent?   If I bring 
> up a SIT tunnel with HE, I get the prefixes but at horrible speed and latency 
> .. anyone else?
>
> [DennisBurgessSignature]
> www.linktechs.net<http://www.linktechs.net/> - 314-735-0270 x103 - 
> dmburg...@linktechs.net<mailto:dmburg...@linktechs.net>
>
>

--
  Jon Lewis, MCP :)   |  I route
  |  therefore you are _ 
http://www.lewis.org/~jlewis/pgp for PGP public key_

Cogent - Google - HE Fun

2016-03-09 Thread Dennis Burgess

I just noticed that I am NOT getting IPV6 Google prefixes though Cogent at all. 
I was told google pulled all of their peering with Cogent?   If I bring up a 
SIT tunnel with HE, I get the prefixes but at horrible speed and latency .. 
anyone else?

[DennisBurgessSignature]
www.linktechs.net - 314-735-0270 x103 - 
dmburg...@linktechs.net

IPligence?

2015-10-28 Thread Dennis Burgess

Anyone have a contact for Ipligence, looks like a company out of Spain that 
does geoip database work.  They have some issues with their database, and can't 
find a way to get in contact with them.  They don't answer their support 
e-mails.

Thanks,

[DennisBurgessSignature]
www.linktechs.net - 314-735-0270 x103 - 
dmburg...@linktechs.net

Roku Admin

2015-10-26 Thread Dennis Burgess

Can a Roku admin hit me off list please :)

Thanks,

[DennisBurgessSignature]
www.linktechs.net - 314-735-0270 x103 - 
dmburg...@linktechs.net

Zayo Contact

2015-08-26 Thread Dennis Burgess

I have a customer with a fiber outage with some Zayo IPs, Zayo is adverting the 
/24, would love to have someone contact me from zayo; as we need that 
advertisement turned off so we can get inbound though another provider until 
the fiber is fixed.:(

Thanks,

[DennisBurgessSignature]
www.linktechs.nethttp://www.linktechs.net/ - 314-735-0270 x103 - 
dmburg...@linktechs.netmailto:dmburg...@linktechs.net

RE: Hotels/Airports with IPv6

2015-07-09 Thread Dennis Burgess

Most hotels etc, are perfectly happy doing NAT.  

Dennis Burgess, CTO, Link Technologies, Inc.
den...@linktechs.net – 314-735-0270 – www.linktechs.net

-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Oliver O'Boyle
Sent: Thursday, July 09, 2015 10:20 AM
To: Mel Beckman
Cc: North American Network Operators' Group
Subject: Re: Hotels/Airports with IPv6

We manage 65+ hotels in Canada and the topic of IPv6 for guest internet 
connectivity has never been brought up, except by me. It's not a discussion our 
vendors or the hotel brands have opened either.

On Thu, Jul 9, 2015 at 11:04 AM, Mel Beckman m...@beckman.org wrote:

 I working on a large airport WiFi deployment right now. IPv6 is 
 allowed for in the future but not configured in the short term. With 
 less than
 10,000 ephemeral users, we don't expect users to demand IPv6 until 
 most mobile devices and apps come ready to use IPv6 by default.

  -mel beckman

  On Jul 9, 2015, at 7:53 AM, Jared Mauch ja...@puck.nether.net wrote:

  It’s my understanding that many captive portals have trouble with 
  IPv6
 traffic and this is a blocker for places.

  I’m wondering what people who deploy captive portals are doing with
 these things?

  https://tools.ietf.org/html/draft-wkumari-dhc-capport

  seems to be trying to document the method to signal to clients how 
  to
 authenticate.  I was having horrible luck with Boingo yesterday at RDU 
 airport with their captive portal and deauthenticating me so just went 
 to cellular data, so wondering if IPv4 doesn’t work well what works for IPv6.

  Thanks,

  - Jared

--
:o@

RE: Verizion FiOS

2015-01-24 Thread Dennis Burgess

Yep, what we found.  The customer is going to have to look elsewhere for their 
500meg L  Just won’t work for what they are doing..  TWC even will route them 
block L  

 

Dennis Burgess, Link Technologies, Inc. 
314-735-0270

 

From: Dave Temkin [mailto:d...@temk.in] 
Sent: Saturday, January 24, 2015 5:02 PM
To: Dennis Burgess
Cc: North American Network Operators' Group
Subject: Re: Verizion FiOS

 

Quite simple - Verizon doesn't offer BGP or any other type of custom service 
over FIOS. No Layer 2, no non-VZ Layer 3, etc... You get the IP space you pay 
for from them (per IP).

 

-Dave

 

On Fri, Jan 23, 2015 at 1:36 PM, Dennis Burgess dmburg...@linktechs.net wrote:

Got a customer that needs a /25 block routed to him, was approved for
125 IPs, but they refuse to route a block to the customer.  Any
assistance, please hit me off-list, dmburg...@linktechs.net





Thanks,





www.linktechs.net - 314-735-0270 - dmburg...@linktechs.net

Verizion FiOS

2015-01-23 Thread Dennis Burgess

Got a customer that needs a /25 block routed to him, was approved for
125 IPs, but they refuse to route a block to the customer.  Any
assistance, please hit me off-list, dmburg...@linktechs.net 

 

 

Thanks,

 

 

www.linktechs.net - 314-735-0270 - dmburg...@linktechs.net

Windstream BGP admin

2015-01-05 Thread Dennis Burgess

Got a change in windtream routing, massively down since the 23rd out of
denver, any Windstream admin want to shoot me a e-mail and talk J 

 

Thanks,

 

 

www.linktechs.net - 314-735-0270 - dmburg...@linktechs.net

Listing or google map of peering exchange

2014-07-09 Thread Dennis Burgess

Looking for a good listing of US/Canada peering exchange, similar to
Torx in Toronto..Google map listing would be nice J 

 

Dennis Burgess, Mikrotik Certified Trainer Author of Learn RouterOS-
Second Edition http://www.wlan1.com/product_p/mikrotik%20book-2.htm 

 Link Technologies, Inc -- Mikrotik  WISP Support Services

 Office: 314-735-0270 tel:314-735-0270  Website:
http://www.linktechs.net http://www.linktechs.net/  - Skype: linktechs
skype:linktechs?call

 -- Create Wireless Coverage's with www.towercoverage.com
http://www.towercoverage.com/  - 900Mhz - LTE - 3G - 3.65 - TV
Whitespace

L3/HE/Inbound Pathing Question

2014-06-09 Thread Dennis Burgess

I have ran into this a few times, and have not found a solution:

 

L3 à 

HEà  --- blended Provider A ---  Customer

 

Cogent --  Customer

 

Cogent of course is cheaper, and customer wishes to use the blended provder 
more as backup and/or have most of the inbound traffic coming in the cheaper 
path (cogent).  The issue appears to be L3 and HE specifically (of course they 
make up a good chunk of inbound traffic) always prefers their customer peers, 
so even if we advertise any prefix to the blended, those companies (l3/he) 
always choose to come in though the customer peer and then to my customer.

 

Any thoughts on how to get around this, and still have some kind of route in 
the blended provider for failover?Off list is fine.. Thanks in advance.  

 

 

Dennis Burgess, Mikrotik Certified Trainer Author of Learn RouterOS- Second 
Edition http://www.wlan1.com/product_p/mikrotik%20book-2.htm 
 
 Link Technologies, Inc -- Mikrotik  WISP Support Services 
   
 Office: 314-735-0270 tel:314-735-0270  Website: http://www.linktechs.net 
http://www.linktechs.net/  - Skype: linktechs skype:linktechs?call  

 -- Create Wireless Coverage's with www.towercoverage.com 
http://www.towercoverage.com/  - 900Mhz - LTE - 3G - 3.65 - TV Whitespace

BGP peer traffic monitoring

2014-02-03 Thread Dennis Burgess

I have a router with about 20 peers, most are all on a single port
(local exchange), how is everyone monitoring traffic to individual
peers?  

 

Dennis Burgess, Mikrotik Certified Trainer Author of Learn RouterOS-
Second Edition http://www.wlan1.com/product_p/mikrotik%20book-2.htm 

 Link Technologies, Inc -- Mikrotik  WISP Support Services

 Office: 314-735-0270 tel:314-735-0270  Website:
http://www.linktechs.net http://www.linktechs.net/  - Skype: linktechs
skype:linktechs?call

 -- Create Wireless Coverage's with www.towercoverage.com
http://www.towercoverage.com/  - 900Mhz - LTE - 3G - 3.65 - TV
Whitespace

above.net latencies

2014-01-22 Thread Dennis Burgess

Seeing high latency's between LGA and PHL on above.net..  Saw this last
night as well but went away by morning..   Anyone confirm or have any
status?  

 

  8 9 ms 9 ms 9 ms  ae5.cr1.ord2.us.above.net
[64.125.28.233]

  931 ms31 ms31 ms  ae6.cr1.lga5.us.above.net [64.125.24.33]

10   118 ms   119 ms   115 ms  xe-1-1-0.mpr3.phl2.us.above.net
[64.125.31.33]

11   118 ms   119 ms   113 ms  208.185.20.54.t01657-08.above.net
[208.185.20.54

]

 

Dennis Burgess, Mikrotik Certified Trainer Author of Learn RouterOS-
Second Edition http://www.wlan1.com/product_p/mikrotik%20book-2.htm 

 Link Technologies, Inc -- Mikrotik  WISP Support Services

 Office: 314-735-0270 tel:314-735-0270  Website:
http://www.linktechs.net http://www.linktechs.net/  - Skype: linktechs
skype:linktechs?call

 -- Create Wireless Coverage's with www.towercoverage.com
http://www.towercoverage.com/  - 900Mhz - LTE - 3G - 3.65 - TV
Whitespace

Winstream engineer?

2014-01-13 Thread Dennis Burgess

Looking for a windstream engineer that can help with BGP issue (not
advertising from your network to the net).. hit me offlist. not getting
anywhere with tech :(  

 

Dennis Burgess, Mikrotik Certified Trainer Author of Learn RouterOS-
Second Edition http://www.wlan1.com/product_p/mikrotik%20book-2.htm 

 Link Technologies, Inc -- Mikrotik  WISP Support Services

 Office: 314-735-0270 tel:314-735-0270  Website:
http://www.linktechs.net http://www.linktechs.net/  - Skype: linktechs
skype:linktechs?call

 -- Create Wireless Coverage's with www.towercoverage.com
http://www.towercoverage.com/  - 900Mhz - LTE - 3G - 3.65 - TV
Whitespace

RE: [SPAM]RE: [SPAM]RE: Mikrotik Cloud Core Router and BGP real life experiences?

2014-01-02 Thread Dennis Burgess

Mikrotik really relies on its list of consultants and trainers, these are all 
outside companies, yes such as mine, that provide the higher class of support 
than MikroTik own e-mail. .  While their e-mail does have a lack of 
responsiveness, I was told the volume that they do get form other parts of the 
world, not saying that's an excuse, but it is what it is.

Many people in the WISP and smaller ISP markets rely on these consulting 
companies to not only help them with MikroTik but other hardware/software and 
business decisions, LTI (yes the company I work for) has more certified 
trainers and engineers for MikroTik than any other in North America, but there 
is a list from MikroTik that lists certified consultants available as well.

Dennis Burgess, Mikrotik Certified Trainer Author of Learn RouterOS- Second 
Edition 
 Link Technologies, Inc -- Mikrotik  WISP Support Services 
   
 Office: 314-735-0270 Website: http://www.linktechs.net - Skype: linktechs  
   
 -- Create Wireless Coverage's with www.towercoverage.com - 900Mhz - LTE - 3G - 
3.65 - TV Whitespace  


-Original Message-
From: Rob Seastrom [mailto:r...@seastrom.com] 
Sent: Thursday, January 02, 2014 6:16 AM
To: Justin Wilson
Cc: NANOG list
Subject: Re: [SPAM]RE: [SPAM]RE: Mikrotik Cloud Core Router and BGP real life 
experiences?


Justin Wilson li...@mtin.net writes:

   The biggest problem with Mikrotik is you just can¹t call them up for 
 support on buggy code. In a critical network this can be a major problem.

I've contacted them (via email) and the experience seems to be exactly the same 
as dealing with first level TAC at the big guys: the guy you contact doesn't 
care much about your problem once he realizes that it's a legitimate issue with 
their stuff and not simply a case of pilot error for which he can refer you to 
the documentation, and eventually you give up and develop a workaround, such as 
it is.

-r

[SPAM]RE: [SPAM]Re: Mikrotik Cloud Core Router and BGP real life experiences?

2013-12-27 Thread Dennis Burgess

Guess I should chime in here.  As far as the CCR, I know several customers 
running in excess of  1 gig of traffic though them, one has 16 BGP sessions, 
several of those are full tables, and the rest are on an peering exchange.  
There are other units, like the ones we supply, that does more than 20 gig in 
real word usages.  They are very capable devices, but depending on how many 
features you enable, of course that will affect their overall abilities.
This would be real word, and yes, I work with 1000's of ISPs across North 
America, many between 100-10gig of traffic, cable companies, DSL providers, and 
WISPs, and many of these ONLY use MikroTik.  

As another person said, grab two and configure so that you split your load up, 
we have done that in areas where redundancy is important.  Seeing the Dual 
10GigE model with 8 GigE ports costs $1,249 or so, hard to beat them in price, 
and add  two or more to get your redundancy.  



Dennis Burgess, Mikrotik Certified Trainer Author of Learn RouterOS- Second 
Edition 
 Link Technologies, Inc -- Mikrotik  WISP Support Services 
   
 Office: 314-735-0270 Website: http://www.linktechs.net - Skype: linktechs  
   
 -- Create Wireless Coverage's with www.towercoverage.com - 900Mhz - LTE - 3G - 
3.65 - TV Whitespace  


-Original Message-
From: Eduardo Schoedler [mailto:lis...@esds.com.br] 
Sent: Friday, December 27, 2013 8:10 AM
To: NANOG list
Subject: [SPAM]Re: Mikrotik Cloud Core Router and BGP real life experiences?

People who tested say they don't forward more than 500Mbps per port.


2013/12/27 matt kelly mjke...@gmail.com

 My real world experience with these is that they suck. Plain and simple.
 Don't waste your time.
 On Dec 27, 2013 3:49 AM, Martin Hotze m.ho...@hotze.com wrote:

  Hi,
 
  looking at the specs of Mikrotik Cloud Core Routers it seems to be 
  to
 good
  to be true [1] having so much bang for the bucks. So virtually all
 smaller
  ISPs would drop their CISCO gear for Mikrotik Routerboards.
 
  We are using a handful of Mikrotik boxes, but on a much lower 
  network level (splitting networks; low end router behind ADSL modem, 
  ...). We're happy with them.
 
  So I am asking for real life experience and not lab values with 
  Mikrotik Cloud Core Routers and BGP. How good can they handle full 
  tables and a bunch of peering sessions? How good does the box react 
  when adding
 filters
  (during attacks)? Reloading the table? etc. etc.
 
  I am looking for _real_ _life_ values compared to a CISCO NPE-G2. 
  Please tell me/us from your first hand experience.
 
  Thanks!
 
  greetings, Martin
 
  [1] If something sounds too good to be true, it probably is.
 
 
 
 




--
Eduardo Schoedler

[SPAM]RE: [SPAM]RE: Mikrotik Cloud Core Router and BGP real life experiences?

2013-12-27 Thread Dennis Burgess

We have many with full routing tables.  Load balancing, works fine, I have one 
site with 8 DSL lines doing balancing across them.   We typically don't use a 
GRE tunnel, but OpenVPN or IPSEC work great.  


Dennis Burgess, Mikrotik Certified Trainer Author of Learn RouterOS- Second 
Edition 
 Link Technologies, Inc -- Mikrotik  WISP Support Services 
   
 Office: 314-735-0270 Website: http://www.linktechs.net - Skype: linktechs  
   
 -- Create Wireless Coverage's with www.towercoverage.com - 900Mhz - LTE - 3G - 
3.65 - TV Whitespace  


-Original Message-
From: matt kelly [mailto:mjke...@gmail.com] 
Sent: Friday, December 27, 2013 8:41 AM
To: Raymond Burkholder
Cc: NANOG list
Subject: [SPAM]RE: Mikrotik Cloud Core Router and BGP real life experiences?

They can not handle a full routing table. The load balancing doesn't work.
They can not properly reassemble fragmented packets, and therefore drop all but 
the first piece. They can not reliably handle traffic loads over maybe 200 
Mbps, we needed 4-6 Gbps capacity. They can not hold a gre tunnel connection.

On Dec 27, 2013 9:07 AM, Raymond Burkholder r...@oneunified.net wrote:


 My real world experience with these is that they suck. Plain and simple.
 Don't waste your time.

 Would you mind elaborating what you were trying to accomplish and what 
 failed?

 Thank you.

 Ray


 --
 This message has been scanned for viruses and dangerous content by 
 MailScanner, and is believed to be clean.

AOL Postmaster

2013-12-27 Thread Dennis Burgess

Can a AOL Postmaster hit me off-list please J

 

 

Dennis Burgess, Mikrotik Certified Trainer Author of Learn RouterOS-
Second Edition http://www.wlan1.com/product_p/mikrotik%20book-2.htm 

 Link Technologies, Inc -- Mikrotik  WISP Support Services

 Office: 314-735-0270 tel:314-735-0270  Website:
http://www.linktechs.net http://www.linktechs.net/  - Skype: linktechs
skype:linktechs?call

 -- Create Wireless Coverage's with www.towercoverage.com
http://www.towercoverage.com/  - 900Mhz - LTE - 3G - 3.65 - TV
Whitespace

RE: wireless ISP in Santa Fe

2013-12-18 Thread Dennis Burgess

You can hit http://www.towercoverage.com and click on north American map to see 
what may be in that area...  contact numbers and e-mail addresses are provided.


Dennis Burgess, Mikrotik Certified Trainer Author of Learn RouterOS- Second 
Edition 
 Link Technologies, Inc -- Mikrotik  WISP Support Services 
   
 Office: 314-735-0270 Website: http://www.linktechs.net - Skype: linktechs  
   
 -- Create Wireless Coverage's with www.towercoverage.com - 900Mhz - LTE - 3G - 
3.65 - TV Whitespace  


-Original Message-
From: Tri Tran [mailto:trit...@cox.net] 
Sent: Wednesday, December 18, 2013 12:15 PM
To: nanog@nanog.org
Subject: wireless ISP in Santa Fe

The only known option is with Cibola for 7M/1M.
If anyone know of an alternate provider with higher bandwidth please advise.

--Tri Tran

rogers.ca contact

2013-11-21 Thread Dennis Burgess

Got an issue where rogers SWIPed blocks to my customer in prep for BGP
peering and advertising, but at the last minute (right before we are to
set it up) rogers is saying that we can't advertise it, as they
advertise a larger block and that if we advertised it out our other
provider it would be considered route hijacking and they would turn OFF
the IPs though their network?

 

Off-list is fine !  

 

 

Dennis Burgess, Mikrotik Certified Trainer Author of Learn RouterOS-
Second Edition http://www.wlan1.com/product_p/mikrotik%20book-2.htm 

 Link Technologies, Inc -- Mikrotik  WISP Support Services

 Office: 314-735-0270 tel:314-735-0270  Website:
http://www.linktechs.net http://www.linktechs.net/  - Skype: linktechs
skype:linktechs?call

 -- Create Wireless Coverage's with www.towercoverage.com
http://www.towercoverage.com/  - 900Mhz - LTE - 3G - 3.65 - TV
Whitespace

RE: Cogent multi-hop BGP

2013-08-28 Thread Dennis Burgess

depends on the site.

in st. louis, we connect to their only router, direct peering, no a/b/ stuff, 
if you are in a colo that they have several access routers as well, then you 
will typically do the a/b.   

Dennis Burgess, Mikrotik Certified Trainer Author of Learn RouterOS- Second 
Edition 
 Link Technologies, Inc -- Mikrotik  WISP Support Services 
   
 Office: 314-735-0270 Website: http://www.linktechs.net - Skype: linktechs  
   
 -- Create Wireless Coverage's with www.towercoverage.com - 900Mhz - LTE - 3G - 
3.65 - TV Whitespace  


-Original Message-
From: Tim Durack [mailto:tdur...@gmail.com] 
Sent: Wednesday, August 28, 2013 9:20 AM
To: nanog@nanog.org
Subject: Cogent multi-hop BGP

I was under the impression Cogent no longer did the multi-hop BGP thing, but 
then I got a copy of their NA user guide, and saw the peer-a/peer-b 
configuration. Not a fan.

Anyone know if this is still required for Cogent IP transit service?
(on/off list is fine.)

--
Tim:

RE: Mechanics of CALEA taps

2013-06-10 Thread Dennis Burgess

While its possible to do this, you would have to have a device that would not 
impact performance typically at every exit point, but in a perfect world it 
would be on the clients CPE device!Our wireless CPE's can do this.I 
would not that a business model to not bill until a request is completed would 
work due to the amount of hardware that x company would have to put out.  

Dennis Burgess, Mikrotik Certified Trainer Author of Learn RouterOS- Second 
Edition 
 Link Technologies, Inc -- Mikrotik  WISP Support Services 
   
 Office: 314-735-0270 Website: http://www.linktechs.net - Skype: linktechs  
   
 -- Create Wireless Coverage's with www.towercoverage.com - 900Mhz - LTE - 3G - 
3.65 - TV Whitespace  

-Original Message-
From: Randy Fischer [mailto:randy.fisc...@gmail.com] 
Sent: Sunday, June 09, 2013 5:59 PM
To: North American Network Operators Group
Subject: Mechanics of CALEA taps

Dear nanog:

Honestly, I expect replies to this question to range between zero and none, but 
I have to ask it.

I understand the CALEA tap mechanism for most ISPs, generally, works like
this:

 * we outsource our CALEA management to company X
 * we don't even know there's been a request until we've gotten a bill from X.

And that's the extent of it.

Well, golly Slothrop, maybe someone else has started picking up the tab.
Would you even know?

Is that possible?

Thanks,

Randy Fischer

Single AS multiple Dirverse Providers

2013-06-10 Thread Dennis Burgess

I have a network that has three peers, two are at one site and the third
is geographically diverse, and there is NO connection between the two
separate networks.

 

Currently we are announcing several /24s out one network and other /24s
out the second network, they do not overlap.  To the internet this works
fine, however, providers a/b at site1 do not send us the two /24s from
site b..   We have requested them to, but have not seen them come in,
nor do we have any filters that would prohibit them from coming in. 

 

Is this normal?  Can we receive those routes even though they are from
our own AS?  What is the best practice in this case?  

 

Dennis Burgess, Mikrotik Certified Trainer Author of Learn RouterOS-
Second Edition http://www.wlan1.com/product_p/mikrotik%20book-2.htm 

 Link Technologies, Inc -- Mikrotik  WISP Support Services

 Office: 314-735-0270 tel:314-735-0270  Website:
http://www.linktechs.net http://www.linktechs.net/  - Skype: linktechs
skype:linktechs?call

 -- Create Wireless Coverage's with www.towercoverage.com
http://www.towercoverage.com/  - 900Mhz - LTE - 3G - 3.65 - TV
Whitespace

RE: Single AS multiple Dirverse Providers

2013-06-10 Thread Dennis Burgess

Just to update everyone.. Already had the allowas-in setup, the end result is 
that the ISPs in question tier2 team did not know that they block inbound 
updates from their upstream(peers) from known ranges inside their network.  So, 
the upstream was blocking the customer prefix as they thought they should only 
receive that block from our peer with them, vs. receiving those from the net  

Recently, they fixed their filters on their peers and we have now received the 
/24s in question.




Dennis Burgess, Mikrotik Certified Trainer Author of Learn RouterOS- Second 
Edition 
 Link Technologies, Inc -- Mikrotik  WISP Support Services 
   
 Office: 314-735-0270 Website: http://www.linktechs.net - Skype: linktechs  
   
 -- Create Wireless Coverage's with www.towercoverage.com - 900Mhz - LTE - 3G - 
3.65 - TV Whitespace  


-Original Message-
From: Brandon Ross [mailto:br...@pobox.com] 
Sent: Monday, June 10, 2013 4:28 PM
To: Patrick W. Gilmore
Cc: NANOG list
Subject: Re: Single AS multiple Dirverse Providers

On Mon, 10 Jun 2013, Patrick W. Gilmore wrote:

 Ever tried to get a single peer set up sessions in 50+ places with 50+ ASNs?

I would submit that it's very likely that someone setting up 50+ places 
will have gained expert level knowledge of BGP and will understand the 
compromises they are making by breaking the rules.

I think the point is that if this is your first rodeo, perhaps you should 
stick with the script.

-- 
Brandon Ross  Yahoo  AIM:  BrandonNRoss
+1-404-635-6667ICQ:  2269442
Schedule a meeting:  https://doodle.com/brossSkype:  brandonross

RE: Speedtest Results speedtest.net vs Mikrotik bandwidth test

2013-04-04 Thread Dennis Burgess

The MT speed test is a multi-connection test, think 20 streams or connections 
at once.Most web based tests are single stream.  Now you get into 802.11N 
speedtests where they are optimized for many connections MIMO operations, 
hence, a single connection don't show good results, where a MT test at 20 
streams would.  

Dennis Burgess, Mikrotik Certified Trainer Author of Learn RouterOS- Second 
Edition 
 Link Technologies, Inc -- Mikrotik  WISP Support Services 
   
 Office: 314-735-0270 Website: http://www.linktechs.net - Skype: linktechs  
   
 -- Create Wireless Coverage's with www.towercoverage.com - 900Mhz - LTE - 3G - 
3.65 - TV Whitespace  


-Original Message-
From: Lorell Hathcock [mailto:lor...@hathcock.org] 
Sent: Monday, April 1, 2013 7:19 PM
To: nanog@nanog.org
Cc: Nathan Hathcock
Subject: Speedtest Results speedtest.net vs Mikrotik bandwidth test

All:

 

I am having some speedtest results that are difficult to interpret.

 

I am a small WISP multi-homed with Cogent and Level 3 in Houston, TX.  I am 
running BGP with each with 100 Mbps+ on each link.

 

Some of my customers have begun complaining that they are not getting the 
proper speeds.  They are using speedtest.net and/or speakeasy.net to test the 
results.

 

My network is Mikrotik based and as such, I have access to Mikrotik's built-in 
bandwidth testing.

 

With a laptop on site, running against speedtest.net (which kicked me over to 
the Comcast speedtest server instance) I can only get 4 Mbps up and 1.5 Mbps 
down.  That is consistent on their desktops too.  We eliminated their routing 
equipment and other consumers of the bandwidth and tested and got similar 
results.

 

But when  we run the Mikrotik bandwidth tests (even to off-net Mikrotik devices 
in Hawaii and Mission, TX) we get 25+ Mbps synchronous.

 

We have run traceroutes to various traceroute servers and they go through 
Cogent and/or Level 3.  For the most part it does not seem to matter which path 
it takes, the bandwidth seems to be about the same going both routes.

 

When we run the laptop-based btest.exe against Mikrotik bandwidth test servers, 
the laptop got significantly better results (14 Mbps) , but not 25+ Mbps.

 

It is almost like there is a Java based problem with speedtest.net.

 

Thoughts?

 

Thanks,

 

Lorell Hathcock

RE: www.eftps.gov contact

2012-12-18 Thread Dennis Burgess

I tried to this a month ago, no luck :( i.e. nothing back from them, just goes 
into no answer e-mail space! 

Dennis Burgess, Mikrotik Certified Trainer Author of Learn RouterOS- Second 
Edition 
 Link Technologies, Inc -- Mikrotik  WISP Support 
Services   
 
 Office: 314-735-0270 Website: http://www.linktechs.net - Skype: 
linktechs 
 -- Create Wireless Coverage's with www.towercoverage.com - 900Mhz - LTE - 3G - 
3.65 - TV Whitespace  



-Original Message-
From: Darren Pilgrim [mailto:na...@bitfreak.org] 
Sent: Tuesday, December 18, 2012 9:09 AM
To: nanog@nanog.org
Subject: www.eftps.gov contact

The hostname www.eftps.gov has both A and  records, but the site is only 
reachable via IPv4.  Worse, the IPv6 connectivity is broken in such a way that 
Firefox and Internet Explorer do not fall back to IPv4. 
Tracing is broken for both protocols.  The 10-net addresss in the IPv4 path 
were cute.

Calling their technical support was an exercise in futility.  Supposedly they 
forwarded messages on to the right people; but the site is still broken after 
over a week's wait.  If someone knows the admins behind the EFTPS website and 
can forward this to them, the accounting firm for which I work would appreciate 
it.

Thanks,

ATT Contact Needed

2012-10-18 Thread Dennis Burgess

We have a ATT Fiber circuit in central US, nothing major, BGP issues
with route damping on the juniper, my client has been down for over 5
hours (simply a route damping ) but no one can fix it, and all they can
do is put a ticket in to the next tier .. Any help off list, or
on-line as we are on the phone now trying to get them to do ANYTHING L
ATT Ticket 160488513

 

Dennis Burgess,

Rogers.ca fiber contact

2012-10-03 Thread Dennis Burgess

Have a fiber circuit that is getting inconsistent speeds to the net L
Need an IPERF test on rogers network to verify bandwidth.  

 

Dennis Burgess, Mikrotik Certified Trainer Author of Learn RouterOS-
Second Edition http://www.wlan1.com/product_p/mikrotik%20book-2.htm 

 Link Technologies, Inc -- Mikrotik  WISP Support Services

 Office: 314-735-0270 tel:314-735-0270  Website:
http://www.linktechs.net http://www.linktechs.net/  - Skype: linktechs
skype:linktechs?call

 -- Create Wireless Coverage's with www.towercoverage.com
http://www.towercoverage.com/  - 900Mhz - LTE - 3G - 3.65 - TV
Whitespace  
5-Day Advanced RouterOS Workshop - Oct 8th 2012 - St. Louis, MO, USA
http://www.wlan1.com/RouterOS_Training_p/5d-stl-training-oct2012.htm

Rogers Contact ? Offlist please?

2012-09-25 Thread Dennis Burgess

Region, Owen Sound, any technical contact for help with a fiber
connection with slow/bursty uploads. ?  

 

Dennis Burgess, Mikrotik Certified Trainer Author of Learn RouterOS-
Second Edition http://www.wlan1.com/product_p/mikrotik%20book-2.htm 

 Link Technologies, Inc -- Mikrotik  WISP Support Services

 Office: 314-735-0270 tel:314-735-0270  Website:
http://www.linktechs.net http://www.linktechs.net/  - Skype: linktechs
skype:linktechs?call

 -- Create Wireless Coverage's with www.towercoverage.com
http://www.towercoverage.com/  - 900Mhz - LTE - 3G - 3.65 - TV
Whitespace  
5-Day Advanced RouterOS Workshop - Oct 8th 2012 - St. Louis, MO, USA
http://www.wlan1.com/RouterOS_Training_p/5d-stl-training-oct2012.htm

[SPAM]BGP Issue with L3?

2012-09-10 Thread Dennis Burgess

Doing a looking glass from the locally connected BGP peer for AS 16843,
they are receiving it, the top path, but showing it received-only, and
they want to use the prepended Path. The rest of L3, outside the local
peer looking glass, i.e. the rest of the planet does not even show this
path ?  Thoughts suggestions?

 

Dennis

 

Paths: (3 available, best #3)

  23077 174 7843 11427 16843, (received-only)

  AS-path translation: { SUNCOM COGENT ADELPHIA SCRR-11427
NORTHEAST-COMNET }

WIRELESS-ME.car1.Houston1 from WIRELESS-ME.car1.Houston1
(8.24.196.1)

  Origin IGP, localpref 100, valid, external

  Community: 174:21000 174:22013

  3549 3491 7459 16843 16843 16843 16843 16843 16843 16843

  AS-path translation: { GBLX CAIS-ASN THRIFTYCALL NORTHEAST-COMNET
NORTHEAST-COMNET NORTHEAST-COMNET NORTHEAST-COMNET NORTHEAST-COMNET
NORTHEAST-COMNET NORTHEAST-COMNET }

edge4.Dallas3 (metric 3827)

  Origin IGP, metric 10, localpref 88, valid, internal

  Community: North_America  Lclprf_86 United_States Level3_Peer
Dallas 3491:200 3549:300 3549:4292 3549:30840

  Originator: edge4.Dallas3

  3549 3491 7459 16843 16843 16843 16843 16843 16843 16843

  AS-path translation: { GBLX CAIS-ASN THRIFTYCALL NORTHEAST-COMNET
NORTHEAST-COMNET NORTHEAST-COMNET NORTHEAST-COMNET NORTHEAST-COMNET
NORTHEAST-COMNET NORTHEAST-COMNET }

edge4.Dallas3 (metric 3827)

  Origin IGP, metric 10, localpref 88, valid, internal, best

  Community: North_America  Lclprf_86 United_States Level3_Peer
Dallas 3491:200 3549:300 3549:4292 3549:30840

  Originator: edge4.Dallas3

Level3 BGP Issue

2012-09-10 Thread Dennis Burgess

I have a prefix that is having an issue with BGP, its all inside of
L3If there is someone that would be willing to assist with L3,
shoot me a e-mail offlist J 

 

Dennis Burgess,

Telus Wholesale NOC NUmber

2012-07-19 Thread Dennis Burgess

Anyone got a number to Telus Wholesale?  Got an issue with an PPPoE over
L2TP setup.  

 


Dennis Burgess, Mikrotik Certified Trainer Author of Learn RouterOS-
Second Edition http://www.wlan1.com/product_p/mikrotik%20book-2.htm 

 Link Technologies, Inc -- Mikrotik  WISP Support Services

 Office: 314-735-0270 tel:314-735-0270  Website:
http://www.linktechs.net http://www.linktechs.net/  - Skype: linktechs
skype:linktechs?call

 -- Create Wireless Coverage's with www.towercoverage.com
http://www.towercoverage.com/  - 900Mhz - LTE - 3G - 3.65 - TV
Whitespace  
5-Day Advanced RouterOS Workshop -- July 23rd 2012 - St. Louis, MO, USA
http://www.wlan1.com/RouterOS_Training_p/5d-stl-training-july2012.htm 
5-Day Advanced RouterOS Workshop - Oct 8th 2012 - St. Louis, MO, USA
http://www.wlan1.com/RouterOS_Training_p/5d-stl-training-oct2012.htm

RE: Overall Netflix bandwidth usage numbers on a network?

2011-12-16 Thread Dennis Burgess

Same here.

---
Dennis Burgess, Mikrotik Certified Trainer 
Link Technologies, Inc -- Mikrotik  WISP Support Services
Office: 314-735-0270 Website: http://www.linktechs.net
LIVE On-Line Mikrotik Training - Author of Learn RouterOS


 -Original Message-
 From: Blake Hudson [mailto:bl...@ispn.net]
 Sent: Friday, December 16, 2011 8:11 AM
 To: Dave Temkin
 Cc: nanog@nanog.org
 Subject: Re: Overall Netflix bandwidth usage numbers on a network?
 
 Requests to this address appear to go unanswered?
 
 Dave Temkin wrote the following on 12/11/2011 6:29 PM:
  Feel free to contact peering@netflixdotcom - we're happy to provide
  you with delivery statistics for traffic terminating on your network.
 
  Regards,
  -Dave Temkin
  Netflix
 
  On 12/7/11 8:57 AM, Blake Hudson wrote:
  Yeah, that's an interesting one. We currently utilize netflow for
  this, but you also need to consider that netflix streaming is just
  port 80 www traffic. Because netflix uses CDNs, its difficult to pin
  down the traffic to specific hosts in the CDN and say that this
  traffic was netflix, while this traffic was the latest windows update
  (remember this is often a shared hosting platform). We've done our
  own testing and have come to a good solution which uses a combination
  of nbar, packet marking, and netflow to come to a conclusion. On a
  ~160Mbps link, netflix peaks out between 30-50Mbps around 8-10PM
 each
  evening. The rest of the traffic is predominantly other forms of HTTP
  traffic (including other video streaming services).
 
 
  Martin Hepworth wrote the following on 12/3/2011 2:36 AM:
  Also checkout Adrian Cockcroft presentations on their architecture
  which describes how they use aws and CDns etc
 
  Martin

RE: Any recommended router. They are reliable and have good support.

2011-11-22 Thread Dennis Burgess

I could look though our customer list and show over 2,000 networks being
ran by RouterOS from small networks running 20-50 meg all the way up to
networks running 10GigE BGP feeds.   We just turned up a location
running 4 BGP GigE feeds in a single router.  

---
Dennis Burgess, Mikrotik Certified Trainer 
Link Technologies, Inc -- Mikrotik  WISP Support Services
Office: 314-735-0270 Website: http://www.linktechs.net
LIVE On-Line Mikrotik Training - Author of Learn RouterOS


 -Original Message-
 From: Joseph Sullivan [mailto:joseph.sulli...@alyrica.net]
 Sent: Tuesday, November 22, 2011 2:31 PM
 To: nanog@nanog.org
 Subject: Re: Any recommended router. They are reliable and have good
 support.
 
 
 We use a lot of Mikrotik in our network.  They are fantastic little
routers as
 long as you remember that they are not Cisco/Juniper/whatever.  In
other
 words, you pay a few hundred bucks, you get something worth at least
that
 much.  But don't put it head to head against a $10k router.
 
 Support is technically sound, but you have to email Latvia and then
wait for
 the time difference to get a response.  If you expect to pay $100 for
a router
 and then get prompt, courteous, 24/7 tech support, you will be
disappointed.
 :)
 
 We use their routers mostly for end user gateways doing QOS.  They do
a
 superb job of this.  I wouldn't particularly want them as network edge
 devices or core routers; they will choke up if the PPS rate gets too
high and
 you are doing any kind of packet mangling.
 
 There have been a lot of bugs in various versions of RouterOS, but the
 current (5.8?) OS seems pretty good.  They added IPv6 support and
fixed a
 ton of bugs.
 
 OSPF implementation was buggy before OS5, but seems to be relatively
 stable since we upgraded.  BGP works fine but is perhaps less feature
rich
 than Cisco/Zebra.
 
 Joseph
 
 Alyrica Networks Inc / www.alyrica.net
 
 
 - Original Message -
 From: Robert E. Seastrom r...@seastrom.com
 To: Leigh Porter leigh.por...@ukbroadband.com
 Cc: nanog list nanog@nanog.org
 Sent: Tuesday, November 22, 2011 11:52 AM
 Subject: Re: Any recommended router. They are reliable and have good
 support.
 
 
 
  Leigh Porter leigh.por...@ukbroadband.com writes:
 
  Has anybody had experience of mikrotik support? Is it any good? Any
  thoughts about the time to fix bugs?
 
  I have dealt with Mikrotik support.  They were easily comparable to
  [CJ]TAC.  Which is to say guy was pleasant and courteous, I could
  tell through the language barrier that he wasn't really interested
in
  addressing my problems or understanding them, and eventually I got
  exasperated and figured out a work-around.
 
  That said, it's easy to exceed expectations when you've spent
  something like $70 on a router that does five ports of gigabit
  ethernet.
 
  Several dot releases after that little ordeal, at least one of my
  laundry list of problems (ssh connections blew up if you are using
  application layer keepalives) seems to have gotten fixed, at least
in
  5.8, with nary a mention in the release notes so I assume it was a
  matter of syncing the codebase to whatever they run for an ssh
server.
  Still no fix for the your CLI only partially implements Emacs key
  binds, please try libcli.a which is LGPL instead, which is annoying
  since this shortcoming is really up in your grill whenever you're
  logged into the router.  Still can't traceroute to an IPv6 host by
  name, only by number.  Dunno if they figured out what the G in
GRE
  stands for yet and started allowing protocols other than IPv4 (and
  ethertypes other than 0x0800) in a GRE tunnel - can't be bothered to
  test it out since I managed to get 6in4 tunneling working instead.
  There are more random gripes, but you get the idea - routeros
  definitely shows a certain lack of polish but can get the job done
for
  low-end stuff at a very acceptably low-end price.
 
  All in all, despite the gripes it's worth your time to check out.
  Don't let the folks who sing their praises get your hopes up too
much
  but hey, for pocket change invested?  Pretty decent.  There are some
  good surprises in there too, like putative support for 32 bit ASNs
  (haven't tested that myself) and scriptability that will allow you
to
  send TSIG-signed dns update messages periodically for when you have
  customers to support that are on the far end of a non-sticky DHCP.
 
  -r

RE: Firewalls - Ease of Use and Maintenance?

2011-11-09 Thread Dennis Burgess

Another alternative is RouterOS/MikroTik.  Plenty of high end solutions
and low end.   

---
Dennis Burgess, Mikrotik Certified Trainer 
Link Technologies, Inc -- Mikrotik  WISP Support Services
Office: 314-735-0270 Website: http://www.linktechs.net
LIVE On-Line Mikrotik Training - Author of Learn RouterOS

 -Original Message-
 From: -Hammer- [mailto:bhmc...@gmail.com]
 Sent: Tuesday, November 08, 2011 5:32 PM
 To: nanog@nanog.org
 Subject: Re: Firewalls - Ease of Use and Maintenance?
 
 You've worked with all the big dogs. What are you looking for?
 Alternative options?
 
 -Hammer-
 
 I was a normal American nerd
 -Jack Herer
 
 
 
 On 11/08/2011 05:06 PM, Jones, Barry wrote:
  Hello all.
  I am potentially looking at firewall products and wanted suggestions
as to
 the easiest firewalls to install, configure and maintain? I have a few
small
 networks ( 50 nodes at one site, 50 odd at another, and maybe 20 at
another.
 I have worked with Cisco Pix, ASA, Netscreen, and Checkpoint (Nokia),
and
 each have strong and not as strong features for ease of use. Like
everyone,
 I'm resource challenged and need an easy solution to stand up and
operate.
 
  Feel free to ping me offline - and thank you for the assistance.
 
  
  Barry Jones - CISSP GSNA
  Project Manager II
  Sempra Energy Utilities
  (760) 271-6822
 
  P please don't print this e-mail unless you really need to.

RE: Outgoing SMTP Servers

2011-10-25 Thread Dennis Burgess


 
 I'm curious how a traveller is supposed to get SMTP relay service when, well,
 travelling. I am not really sure if I want a VPN for sending a simple email.
 
 And I can understand (although I am not convinced that doing so is such a
 great idea) blocking 25/tcp outgoing, as most botnets will try that method of
 delivery. However, I do believe that outgoing 465 SHOULD always be
 allowed.
 
 regards
 
 Carlos
 

[dmb] This is the exact question, why, do you NEED a SMTP Relay on ANY network. 
 Your domain has a mail server out on the net that if you authenticate to, I am 
sure will relay your mail, and the reverse DNS and SPF records would match then 
as well.  Why does the local internet provide NEED to relay though their 
server, regardless of the port.  

 On Tue, Oct 25, 2011 at 10:43 AM, Bjørn Mork bj...@mork.no wrote:
  Owen DeLong o...@delong.com writes:
 
  It's both unacceptable in my opinion and common. There are even those
  misguided souls that will tell you it is best practice, though
  general agreement, even among them seems to be that only 25/tcp
  should be blocked and that
  465 and 587 should not be blocked.
 
  It is definitely considered best practice in some areas.  See e.g.
  http://translate.google.com/translate?hl=enu=http://ikt-norge.no/wp-c
  ontent/uploads/2010/10/bransjenorm-SPAM.pdf
  (couldn't find an english original, but the google translation looks
  OK)
 
  The document is signed by all major ISPs in Norway as well as the
  Norwegian research and education network operator, so it must be
  considered a local best practice whether you like it or not.
 
  Note that only port 25/tcp is blocked and that some of the ISPs offer
  a per-subscriber optout.
 
  Eh, this was the Northern Aurope NOG, wasn't it?
 
 
 
 
  Bjørn
 
 
 
 
 
 --
 --
 =
 Carlos M. Martinez-Cagnazzo
 http://www.labs.lacnic.net
 =

Outgoing SMTP Servers

2011-10-24 Thread Dennis Burgess

I am curious about what network operators are doing with outbound SMTP
traffic.  In the past few weeks we have ran into over 10 providers,
mostly local providers, which block outbound SMTP and require the users
to go THOUGH their mail servers even though those servers are not
responsible for the domains in question!  I know other mail servers are
blocking non-reversible mail, however, is this common?  And more
importantly, is this an acceptable practice?

 

Most of our smaller ISPs that we support; we allow any outbound SMTP
connection, however we do watch residential users for 5+ outbound SMTP
connections at the same time.  But if the ISP has their own mail
servers, and users wish to relay though them, we basically tell them to
use their mail server that they contract with.  What is the best
practice? 

 

 

---
Dennis Burgess, Mikrotik Certified Trainer 
Link Technologies, Inc -- Mikrotik  WISP Support Services
Office: 314-735-0270 tel:314-735-0270  Website:
http://www.linktechs.net http://www.linktechs.net/ 
LIVE On-Line Mikrotik Training http://www.onlinemikrotiktraining.com/
- Author of Learn RouterOS http://routerosbook.com/

RE: Outgoing SMTP Servers

2011-10-24 Thread Dennis Burgess

 
 
 On Oct 24, 2011, at 9:29 PM, Dennis Burgess wrote:
 
  I am curious about what network operators are doing with outbound
SMTP
  traffic.  In the past few weeks we have ran into over 10 providers,
  mostly local providers, which block outbound SMTP and require the
  users to go THOUGH their mail servers even though those servers are
  not responsible for the domains in question!  I know other mail
  servers are blocking non-reversible mail, however, is this common?
  And more importantly, is this an acceptable practice?
 
 
 It's both unacceptable in my opinion and common. There are even those
 misguided souls that will tell you it is best practice, though general
 agreement, even among them seems to be that only 25/tcp should be
 blocked and that
 465 and 587 should not be blocked.
 

[dmb] I would agree, for residential customers, if they use the ISP
domain, then yes they should relay though the ISPs mail server.  For
business customers and other residential customers that do NOT use the
ISP domain, then I think they should use their own mail server that they
already pay for.

 
 
  Most of our smaller ISPs that we support; we allow any outbound SMTP
  connection, however we do watch residential users for 5+ outbound
SMTP
  connections at the same time.  But if the ISP has their own mail
 
  servers, and users wish to relay though them, we basically tell them
  to use their mail server that they contract with.  What is the best
  practice?
 
 
 Best practice is to do what works and block as much SPAM as possible
 without destroying the internet in the process. There are those who
argue
 that blocking 25/tcp does not destroy the internet. By and large, they
are
 the same ones who believe NAT was good for us.
 
 Owen

[dmb] Lots of smaller ISPs out there run thousands of customers though
NAT and I can see the need to properly monitor the SPAM activity on
those IPs, not saying that is right, but I do see the point, in this
event.  But for ISPs that are handing out publics, I don't see how
blocking outbound Port 25 helps, other than makes more support calls for
the end users.  Keep in mind that, ATT DSL and the local cable co here
in STL, both block outbound port 25, but a simple phone call or e-mail
to their support and they will remove the block.

RE: Cogent -- Google Public DNS routing issue

2011-08-17 Thread Dennis Burgess

The .129 is our peer to cogent, it just drops the traffic now..

Tracing route to google-public-dns-a.google.com [8.8.8.8]
over a maximum of 30 hops:

  11 ms1 ms1 ms  172.25.0.1
  2 1 ms 1 ms 1 ms  10.250.0.129
  3  10.250.0.129  reports: Destination host unreachable.

Trace complete.

---
Dennis Burgess, Mikrotik Certified Trainer 
Link Technologies, Inc -- Mikrotik  WISP Support Services
Office: 314-735-0270 Website: http://www.linktechs.net
LIVE On-Line Mikrotik Training - Author of Learn RouterOS


 -Original Message-
 From: David Miller [mailto:dmil...@tiggee.com]
 Sent: Wednesday, August 17, 2011 11:02 AM
 To: nanog@nanog.org
 Subject: Re: Cogent -- Google Public DNS routing issue
 
 On 8/17/2011 9:13 AM, Patrick W. Gilmore wrote:
  On Aug 17, 2011, at 1:07 AM, Christopher Morrow wrote:
  On Wed, Aug 17, 2011 at 12:09 AM, Robert Gloverrobe...@garlic.com
 wrote:
  Hello,
 
  We have noticed that from our Cogent link (as well as from ALL
U.S.
  based points we tested via the Cogent Looking Glass:
  http://www.cogentco.com/en/network/looking-glass), traceroutes to
  8.8.8.8 and 8.8.5.5 all seem to go over to Europe:
  8.8.5.5 ain't the driods you are looking for...
  In the traceroute appended to the original post, he did trace to
8.8.4.4.
 
  While it did go all over, I don't see the problem - it got to the
destination
 host.
 
  Anycast is OK for some things, but it depends on BGP.  BGP has zero
 concept of latency, loss, or geography.  Expecting anycast to
guarantee an
 optimal path or location is a grave error.
 
 There are two basic types of anycast:
 1. Simple anycast - announce an anycast prefix to whoever/wherever in
 more than one location.
 2. Global anycast + careful configuration - announce an anycast prefix
to
 particular providers at specific geographically disparate locations
and using
 other options to achieve geographic and/or performant inbound traffic
 distribution.
 
 Perhaps we need a new term for 2.
 
 Google is clearly attempting to implement 2 and not 1 for their
resolving DNS
 service.  Based on Google's claims of speed (and my testing of their
response
 times), they have either found a way to exceed the speed of light with
 packets or they are managing to keep most of their traffic local ish
to the
 requester.
 
 To say that anycast relies on BGP and therefore expecting an optimal
path
 is an error - is disengenuous (I want a better word, but this one will
do).  The
 internet as a whole relies on BGP and yet we expect mostly optimal
paths.
 While it is true that BGP has no capacity to account for latency or
loss, IGPs
 which can take into account these factors end at the borders of
networks
 (where prefixes are passed using BGP).  This is what makes up the
inter
 net.
 
 If you were tracing from a host in Ashburn to a unicast host in NYC
and your
 path passed through San Jose, then you would say that was an issue.
The
 same would be true with an anycast destination address.
 
 As to geography, IGPs don't have a concept of geography either.  A
router in
 NYC doesn't know or care that the router at the other end of a link is
in CHI.
 All it knows is the prefixes that it gets from that router and metrics
to choose
 a best path for them.  BGP combined with proper (i.e. distributed)
peering
 of networks does provide performant paths for traffic.  In an anycast
 configuration the careful configuration is selecting providers to
announce
 anycast prefixes to and communities that you put on the prefixes to
control
 redistribution.
 Global anycast + careful configuration can and does provide mostly
 performant paths and a very high level of geographic fidelity -
though,
 granted, not guaranteed (at least not guaranteed at a higher level
than
 unicast prefixes).
 
 You can't guarantee performant paths ever (regardless of anycast or
 unicast) if any path between the source and destination crosses the
border
 between two networks because some networks will choose a primary
 upstream (single homed or heavily pref'ed) that only picks up a prefix
in a
 particular area and sends all of the traffic there.  The originator of
the prefix
 can depref that provider to try to influence path selection, but some
 networks will doggedly prefer to send packets to that network despite
the
 efforts of the originator.  The only thing to do then is to ask why
this network
 selected that particular upstream and then to explain to them why that
might
 not have been the best choice, if they want performant paths...
 
  The possible reasons for this are nearly innumerable.  Perhaps
Congent
 Google is congested in the US so one or the other prefers EU?  Perhaps
there
 is some IGP metric messed up inside Cogent that prefers the EU?
Perhaps
 more nefarious problems, such as Google de-peering Cogent in the US?
Etc.,
 etc.
 
  You may be able to find out if you look, and you may not (I didn't
even try).
 But even if you do figure

RE: [outages] Several IPv6 sites down?

2011-07-29 Thread Dennis Burgess

 
 Cnn works
 Charter pings but is SLOW
 yahoo works.
 
 
 Tracing route to ipv6.cnn.com [2620:100:e000::8001] over a maximum of
30
 hops:
 
   11 ms1 ms1 ms  2001:550:2400::1
   21 ms1 ms1 ms  2001:550:2:1c::1:2
   357 ms57 ms56 ms  2001:470:1f00:16::1
   456 ms57 ms67 ms  2001:470:0:1f::1
  557 ms66 ms57 ms  10gigabitethernet1-2.core1.sjc2.he.net
[2001:470
 :0:2f::2]
   657 ms57 ms57 ms  2610:18:16:6001::1
  7   132 ms   131 ms   143 ms  mcr1.smyrna-ga.us.xo.net [2610:18::3050]
   8   134 ms   134 ms   134 ms  2620:100:e000:::e
   9   134 ms   134 ms   136 ms  2620:100:e000:::29
  1086 ms88 ms87 ms  2620:100:e000::8001
 
 ---
 Dennis Burgess, Mikrotik Certified Trainer Link Technologies, Inc --
Mikrotik 
 WISP Support Services
Office: 314-735-0270 Website: http://www.linktechs.net LIVE On-Line
 Mikrotik Training - Author of Learn RouterOS
 
 
  -Original Message-
  From: outages-boun...@outages.org [mailto:outages-
  boun...@outages.org] On Behalf Of Frank Bulk
  Sent: Friday, July 29, 2011 9:58 AM
  To: outa...@outages.org
  Subject: [outages] Several IPv6 sites down?
 
  Just a few minutes ago three of the 20+ IPv6 sites I monitor became
  inaccessible:
 
  ipv6.cnn.com (IPv6-only)
  HOST: nagios  Loss%   Snt   Last   Avg  Best
Wrst StDev
1. 2607:fe28:0:1003::2   0.0%101.4   1.3   1.1
2.4   0.4
2. router-core.mtcnet.net0.0%101.0   1.1   0.9
1.8   0.3
3. sxct.sxcy.mtcnet.net  0.0%100.9   1.0   0.9
1.1   0.1
4. v6-siouxcenter.sxcy.137.neti  0.0%102.7   3.5   2.7
4.6   0.7
5. v6-ins-db1-et-11-8-204.desm.  0.0%10   13.1  11.0   8.3
16.6   3.6
6. v6-ins-dc1-et-8-2.desm.netin  0.0%108.5   8.6   8.5
8.9   0.1
7. 2001:428:3801:210:0:1:0:1 0.0%10   20.7  27.5  20.7
56.8  14.2
8. ???  100.0100.0   0.0   0.0
0.0   0.0
9. vl-60.car2.Dallas1.Level3.ne  0.0%10  116.7  49.0  41.1
116.7  23.8
   10. ???  100.0100.0   0.0   0.0
0.0   0.0
 
  www.charter.com (IPv4 is fine, just not IPv6)
  HOST: nagios  Loss%   Snt   Last   Avg  Best
Wrst StDev
1. 2607:fe28:0:1003::2   0.0%101.1   1.1   1.1
1.2   0.0
2. router-core.mtcnet.net0.0%101.0   1.0   0.9
1.4   0.1
3. sxct.sxcy.mtcnet.net  0.0%100.9   0.9   0.9
1.0   0.0
4. v6-siouxcenter.sxcy.137.neti  0.0%103.4   3.8   2.8
4.7   0.6
5. v6-ins-db1-et-11-8-204.desm.  0.0%108.3   8.3   8.3
8.5   0.1
6. v6-ins-dc1-et-8-2.desm.netin  0.0%108.5  24.0   8.5
161.5  48.3
7. 2001:428:3801:210:0:1:0:1 0.0%10   20.8  24.8  20.7
45.5   8.8
8. ???  100.0100.0   0.0   0.0
0.0   0.0
 
  ipv6.weather.yahoo.com (there's three  records, just
  2a00:1288:f006:1fe::1000 is not working)
  HOST: nagios  Loss%   Snt   Last   Avg  Best
Wrst StDev
1. 2607:fe28:0:1003::2   0.0%101.2   6.5   1.1
54.3  16.8
2. router-core.mtcnet.net0.0%101.1   1.1   0.9
1.7   0.2
3. sxct.sxcy.mtcnet.net  0.0%100.9   0.9   0.9
1.1   0.1
4. v6-siouxcenter.sxcy.137.neti  0.0%102.7   3.9   2.7
6.3   1.1
5. v6-ins-db1-et-11-8-204.desm.  0.0%10   13.6   9.4   8.2
13.9   2.3
6. v6-ins-dc1-et-8-2.desm.netin  0.0%108.6  12.6   8.5
40.8  10.2
7. 2001:428:3801:210:0:1:0:1 0.0%10   20.6  30.0  20.6
112.9  29.1
8. ???  100.0100.0   0.0   0.0
0.0   0.0
9. vl-90.car1.Dallas1.Level3.ne  0.0%10   41.5  41.3  41.1
41.5   0.1
   10. vl-4042.car1.NewYork1.Level3  0.0%10   58.0  58.6  57.7
63.8   1.9
   11. vl-4086.edge3.London1.Level3  0.0%10  127.2 126.9 126.5
127.3   0.3
   12. vl-52.car3.London1.Level3.ne  0.0%10  127.0 130.4 126.1
166.7  12.7
   13. YAHOO-INC.car3.London1.Level  0.0%10  126.3 126.3 126.0
127.1   0.3
   14. ???  100.0100.0   0.0   0.0
0.0   0.0
 
  Can anyone else confirm?  It's like our /32 stopped propagating to
some
  networks.
 
  Frank
 
  ___
  Outages mailing list
  outa...@outages.org
  https://puck.nether.net/mailman/listinfo/outages

RE: OT: Sign of the Coming Apocalypse

2011-06-15 Thread Dennis Burgess

Mine got delivered to my office yesterday!  :)  

Dennis Burgess, Mikrotik Certified Trainer 
Link Technologies, Inc -- Mikrotik  WISP Support Services
Office: 314-735-0270 Website: http://www.linktechs.net
LIVE On-Line Mikrotik Training - Author of Learn RouterOS


 -Original Message-
 From: Joshua William Klubi [mailto:joshua.kl...@gmail.com]
 Sent: Wednesday, June 15, 2011 4:39 AM
 To: Jay Ashworth
 Cc: NANOG
 Subject: Re: OT: Sign of the Coming Apocalypse
 
 finally after waiting for it 4ever
 
 Joshua
 
 On Wed, Jun 15, 2011 at 6:06 AM, Jay Ashworth j...@baylink.com wrote:
 
  (that's next winter, right?)
 
  I've just seen a TV ad for Duke Nukem Forever, in a Hulu airing of
The
  Daily Show.
 
  Cheers,
  -- jr 'Finally??' a
  --
  Jay R. Ashworth  Baylink
  j...@baylink.com
  Designer The Things I Think
RFC
  2100
  Ashworth  Associates http://baylink.pitas.com 2000 Land
Rover
  DII
  St Petersburg FL USA  http://photo.imageinc.us +1
727 647
  1274

RE: Cogent HE

2011-06-09 Thread Dennis Burgess

Does Cogent participate in the meetings/shows like the one coming up
next week ?  Would that not be a good place for NANOGers to voice their
opinion?  

---
Dennis Burgess, Mikrotik Certified Trainer 
Link Technologies, Inc -- Mikrotik  WISP Support Services
Office: 314-735-0270 Website: http://www.linktechs.net
LIVE On-Line Mikrotik Training - Author of Learn RouterOS


-Original Message-
From: Jimmy Hess [mailto:mysi...@gmail.com] 
Sent: June 09, 2011 7:56 AM
To: Saku Ytti
Cc: nanog@nanog.org
Subject: Re: Cogent  HE

On Thu, Jun 9, 2011 at 3:39 AM, Saku Ytti s...@ytti.fi wrote:
 On (2011-06-09 00:55 -0700), Owen DeLong wrote:

 I look forward for IPv4 to go away, as in future I can have full free 
 connectivity through HE to every other shop who all have full free 
 connectivity to HE. Something went terribly wrong in IPv4 land, where 
 we're being unfairly forced to pay to access other networks through
them.

The existence of free IPv6 transit from one peer to another is clearly a
temporary situation;  when IPv6 traffic picks up, expect to see the end
of free transit, or a new rule like  free transit only to our paying
customers' networks, or Pay an extra port fee, get first XX megs
transit for free.

It's obvious HE wishes to get positioning as
Tier1 on the IPv6 network.  Once the amount of IPv6 traffic increases,
$$ required for HE to provide transit between free peers will increase,
and at some amount of traffic  free transit will no longer be
sustainable, due to additional network upgrades, ports, etc, required to
carry additional transit.

So they either lose massive $$, become a non-profit organization, and
get sufficient donations from peers to fund upgrades,  or at some point,
limit the amount of (or type) of transit that is free, or stop adding
peers.


An assumption is that there will be such a thing as a Tier1 on the IPv6
network.
Perhaps, the fact there are ISPs larger than all the others and the IP
protocol suite tends to form a hierarchical structure logically, BUT

There exists a possibility that no IPv6 network will be able to achieve
transit-free status through peering;  evidently, it just takes one large
arrogant network operator to demand everyone else buy transit, in order
to prevent any Tier1s  from completely becoming Tier1

(and ironically -- preventing themselves from being classified Tier1,
due to refusing to peer with HE).

Unless you know... the operational definition of Tier1 is relaxed
greatly to allow for partial connectivity;  reaching 50% of the networks
without transit does not make one Tier1.

--
-JH

RE: So... is it time to do IPv6 day monthy yet?

2011-06-08 Thread Dennis Burgess


Sounds good to me.

---
Dennis Burgess, Mikrotik Certified Trainer 
Link Technologies, Inc -- Mikrotik  WISP Support Services
Office: 314-735-0270 Website: http://www.linktechs.net
LIVE On-Line Mikrotik Training - Author of Learn RouterOS


-Original Message-
From: Leo Bicknell [mailto:bickn...@ufp.org] 
Sent: Wednesday, June 08, 2011 10:46 AM
To: NANOG
Subject: Re: So... is it time to do IPv6 day monthy yet?

In a message written on Wed, Jun 08, 2011 at 10:40:56AM -0400, Jay
Ashworth wrote:
 It certainly sounds like it might be.

Why not just leave it on?

-- 
   Leo Bicknell - bickn...@ufp.org - CCIE 3440
PGP keys at http://www.ufp.org/~bicknell/

Cogent HE

2011-06-08 Thread Dennis Burgess

Just noted that cogent does not have a IPv6 route to any subnet in HE,
and HE does not have any routes to Cogent!  

Looks like we have different Global IPv6 tables?  Or does Cogent just
NOT peer IPv6 peer with anyone else!  

Dennis

RE: NANOG 52 - Room block filling up!

2011-05-23 Thread Dennis Burgess

Already booked and ready to go! 

---
Dennis Burgess, Mikrotik Certified Trainer 
Link Technologies, Inc -- Mikrotik  WISP Support Services
Office: 314-735-0270 Website: http://www.linktechs.net
LIVE On-Line Mikrotik Training - Author of Learn RouterOS


-Original Message-
From: Kevin Oberman [mailto:ober...@es.net] 
Sent: May 23, 2011 11:01 AM
To: Brandon Ross
Cc: nanog@nanog.org
Subject: Re: NANOG 52 - Room block filling up! 

 Date: Mon, 23 May 2011 11:08:10 -0400 (EDT)
 From: Brandon Ross br...@pobox.com
 
 I take that back, it shows as booked if you go through normal booking 
 channels, if you use the starwoodmeetings URL in the NANOG meeting 
 information page it shows availability.

Which means our block is not full, but, outside the block, the hotel is
fully booked. If we don't use all of the NANOG block by the 30th, those
rooms will probably be released for general use but it is very likely
that if you don't reserve soon either the block will fill or the few
rooms left will be booked shortly after they are released.

Don't wait too long!
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: ober...@es.net  Phone: +1 510 486-8634
Key fingerprint:059B 2DDF 031C 9BA3 14A4  EADA 927D EBB3 987B 3751

RE: Trying to Make Sense of the Comcast/Level 3 Dispute

2010-12-03 Thread Dennis Burgess

Agreed there, very nice.Thanks.   

---
Dennis Burgess, Mikrotik Certified Trainer 
Link Technologies, Inc -- Mikrotik  WISP Support Services
Office: 314-735-0270 Website: http://www.linktechs.net
LIVE On-Line Mikrotik Training - Author of Learn RouterOS


-Original Message-
From: Leo Bicknell [mailto:bickn...@ufp.org] 
Sent: December 03, 2010 8:50 AM
To: nanog@nanog.org
Subject: Re: Trying to Make Sense of the Comcast/Level 3 Dispute

In a message written on Wed, Dec 01, 2010 at 09:40:01PM -0800, Paul
Ferguson wrote:
 Interesting article:
 

http://www.freedom-to-tinker.com/blog/sjs/trying-make-sense-comcast-leve
l-3
 - -dispute

Here's an excellent summary, complete with some pictures:

http://www.voxel.net/blog/2010/12/peering-disputes-comcast-level-3-and-y
ou

-- 
   Leo Bicknell - bickn...@ufp.org - CCIE 3440
PGP keys at http://www.ufp.org/~bicknell/

RE: Software-based Border Router

2010-09-26 Thread Dennis Burgess

While Vyatta is a good piece of software for the Free version, the costs 
quickly increases as you have to purchase support and the version updates are 
few and far between with the Free version.  The production (paid) version 
though is quite nice.

Another option though would be RouterOS.  If it is a small site, doing BGP 
could be as little as $399 including the hardware!  However, most people that 
do BGP will need a bit more horsepower.  RouterOS will do your iBGP, OSPF, 
bandwidth controls, firewalling etc.  The software license there is $45 beans! 
Super cheap.  Hardware runs as low as $49 bucks to 10k depending on what you 
are needing.  If you would like, please feel free to contact me off-list and I 
will be glad to recommend the proper hardware.  

---
Dennis Burgess, CCNA, A+, Mikrotik Certified Trainer
Link Technologies, Inc -- Mikrotik  WISP Support Services
Office: 314-735-0270 Website: http://www.linktechs.net
LIVE On-Line Mikrotik Training - Author of Learn RouterOS 

-Original Message-
From: Nathanael C. Cariaga [mailto:nccari...@stluke.com.ph] 
Sent: Sunday, September 26, 2010 5:15 AM
To: sth...@nethelp.no
Cc: nanog@nanog.org
Subject: Re: Software-based Border Router

Thank you for the prompt response.  Just to clarify my previous post, I was 
actually referring to Linux/Unix-based routers.  We've been considering this 
solution because presently we don't have any budget for equipment acquisition 
this year.

To be honest, I came across Vyatta Core while searching for viable 
Linux/Unix-based solution that we can adopt and I'm currently reading its 
reference guides.  Has anyone here used this software before?  

Thanks a lot.

- Original Message -
From: sth...@nethelp.no
To: nccari...@stluke.com.ph
Cc: nanog@nanog.org
Sent: Sunday, September 26, 2010 5:59:21 PM
Subject: Re: Software-based Border Router

 Just want to ask if anyone here had experience deploying software-based 
 routers to serve as perimeter / border router? How does it gauge with 
 hardware-based routers? Any past experiences will be very much appreciated. 

Software based routers (e.g. Cisco 7200 series) have been used as border 
routers for many years - this is hardly anything new. The question you should 
ask is probably: Can such a router handle a full link's worth of DDoS using 
minimum sized packets? The answer, of course, depends on your link capacity, 
the router itself, features enabled (ACLs, QoS, ...) etc.

There are quite a few people using Quagga based boxes running Linux or FreeBSD 
as border routers - this is a possible solution too, giving you more bang for 
the buck than a traditional software based router from the big vendors. Make 
sure you have enough expertise for the relevant OS and routing software 
available.

Steinar Haug, Nethelp consulting, sth...@nethelp.no

RE: Specifications for Internet services on public frequency

2010-09-20 Thread Dennis Burgess

UBNT is fine if you need a bridged network, using them in junction to 
MikroTik's RouterBOARDs will give you all of the tools you will need to be 
successful as well.   Routing, traffic shaping etc.Contact me off-list if 
you need pre-built / configured solutions with either hardware.  


---
Dennis Burgess, Mikrotik Certified Trainer 
Link Technologies, Inc -- Mikrotik  WISP Support Services
Office: 314-735-0270 Website: http://www.linktechs.net
LIVE On-Line Mikrotik Training - Author of Learn RouterOS


-Original Message-
From: Jeffrey Lyon [mailto:jeffrey.l...@blacklotus.net] 
Sent: Monday, September 20, 2010 1:33 AM
To: Jared Mauch
Cc: nanog@nanog.org
Subject: Re: Specifications for Internet services on public frequency

Another +1 UBNT. We're using the NanoStation2 to deliver 802.11g to remote 
camps in Afghanistan. They advertise a 60 deg LOS signal but it seems to do 
much better. Supposedly they will reach 15 km but we've never tried to use them 
that far. What's really neat is they come ready to mount with some heavy duty 
zip ties.

I'm also a fan of the Cisco Aironet 1310, but we're using the built-in 
omni-directional antennae so the range isn't as nice as the Ubiquity and they 
cost about five times as much. The terminations are RG6 and the mount kit comes 
with the cable and weather strips to protect the terminations. The Ubiquity by 
comparison is all PoE so you'll want to use loom to protect the ethernet cable.

I would venture to say that the UBNT omni-directional devices (eg.
PicoStation2HP) have better range than the aforementioned Aironet 1310.

Jeff


On Mon, Sep 20, 2010 at 4:00 AM, Jared Mauch ja...@puck.nether.net wrote:

 On Sep 19, 2010, at 2:59 PM, John Gammons wrote:

 Ubiquiti Networks - www.ubnt.com

 I have deployed numerous rural wireless provider nets with a variety 
 of technologies and vendors and this is by far, the most cost 
 effective and reliable last mile solution.

 IMHO, based on testing and real life lessons learned, unlicensed is 
 the only way to go in rural.  The benefits of licensed frequencies 
 are typically lost in rural environments as there aren't many 
 contending devices.  The above N based equipment performs roughly at 
 the same level as fixed wimax, without the expense of the wimax 
 chipsets.  Of course I am generalizing a bit and each deployment has 
 it's own requirements and challenges to be considered.

 +1 UBNT.

 Can not beat the price/performance of the equipment. ($160 for a pair of 
 dual-pol 802.11n equipment).

 - Jared







--
Jeffrey Lyon, Leadership Team
jeffrey.l...@blacklotus.net | http://www.blacklotus.net Black Lotus 
Communications - AS32421 First and Leading in DDoS Protection Solutions

RE: Vyatta as a BRAS

2010-07-15 Thread Dennis Burgess

RouterOS is a software based router, we have them all over the world as
CORE and EDGE routers to networks.  Some of our hardware can hit
multi-gig speeds, BGP etc.  We commonly replace 7206VXRs.   Does some
other form of DoS attack have an effect on it, sure, but as long as you
have enough CPU to weather the storm you normally don't have major
issues.  

---
Dennis Burgess, Mikrotik Certified Trainer 
Link Technologies, Inc -- Mikrotik  WISP Support Services
Office: 314-735-0270 Website: http://www.linktechs.net
LIVE On-Line Mikrotik Training - Author of Learn RouterOS


-Original Message-
From: Joe Greco [mailto:jgr...@ns.sol.net] 
Sent: Wednesday, July 14, 2010 10:18 AM
To: Dobbins, Roland
Cc: NANOG list
Subject: Re: Vyatta as a BRAS

 On Jul 14, 2010, at 5:45 AM, Joe Greco wrote:
  That's just a completely ignorant statement to make.
 
 It's based on a great deal of real-world experience; I'm sorry you
consider=
  that to be 'ignorant'.

You're speaking to someone who has extensive experience with software
based routers, and you're failing to acknowledge the upsides of such an
architecture, when I've already conceded the upsides of a hardware
architecture.

   I notice in particular how carefully you qualify that with [w]hen
BCPs =
 are=20
  followed; the fact that hardware router manufacturers have declared
  everything and anything that derails their bullet trains as not a
  BCP is a perfect example of this deceptive sort of misinformation.
 
 Anti-spoofing, iACLs, CoPP (or its equivalent on non-Cisco platforms),
et. =
 al. aren't 'misinformation'.  They're useful, proven
techniques/features wh=
 ich any operator ought to implement.

The things that any given use scenario ought to implement are highly
dependent on the actual application.

  There are plenty of FreeBSD based devices out there that are passing
  tons of traffic; almost any of them are more competent than any
Cisco
  router I'm aware of when hitting them directly with traffic
 
 Then your experience of Cisco routers (and/or those from other
vendors) mus=
 t be limited to the lower-end platforms; I can assure you that faster
Cisco=
  boxes such as ASRs, GSRs, CRSes, and so forth are in another league
entire=
 ly, and can handle mpps of to-us traffic, when properly configured.
Softwa=
 re-based routers simply can't do that; it's not an indictment of them,
it's=
  just that they aren't suited to purpose, just as station wagons
generally =
 aren't to be found in the Indy 500.

So your solution is to keep throwing heavier hardware at the problem
until
it works.  Okay, I see that.  Now, let me quote from a different
message:

 If maintaining availability is important, then hardware-based
(semantic
 hairsplitting aside) devices are a requirement.

The truth is that you can keep throwing CPU at a problem as well.  I can
size a software based router such that it can remain available.

This is neither new nor exciting technology.  Luigi Rizzo was doing
extensive work on this about a decade ago: he took an Athlon 750
platform
with 4 100Mbit ethernet interfaces in it (Athlon 750 = 1999 tech) and
was
able to exceed 100Mbps levels without a problem.  The UNIX based
platforms
have extensive capabilities to defend against attack, even without a
firewall.  As with a hardware based platform, there are both good things
and bad things you can do that will impact availability.

Software based platforms have an incredible edge in areas that hardware
based platforms don't, including capex and the ability to find
replacement
parts after a disaster.  I spent some time after the Haiti quake getting
FreeBSD-based routers up and running, a task made easier because it's a
lot easier to find a working PC and scavenge some network cards than it
is
to find a working Cisco router in a city where all inbound and outbound
transportation is paralyzed.

You can continue to defend your position, of course, but it's just
looking
a bit silly.  A wise engineer knows that there are several ways to
tackle
any task, and one tool for every job is not a sound policy.

If you'd like to revise your position to Cisco and Juniper software
based
solutions are underpowered PoS, that's probably a defensible position,
and you won't get any argument from me.  Please don't generalize such a
position into all software based devices, though.  Overall, there are a
lot more software based routers out there than hardware based devices.
Your cablemodem, your ADSL modem, your wifi access point, all these are
probably software based devices.  Some of them will melt under a
too-great
load.  Some won't.  This is a function of many different factors.  There
is nothing inherent in a software-based device that's going to make it
fail under load - just as there's nothing inherent in a hardware-based
device that's going to make it succeed (which is why you have to qualify
your defense of these with must follow BCP).  It's the related

RE: ATT BGP - Advertising my network on accident

2010-06-25 Thread Dennis Burgess

Have you found a contact at ATT to get this stopped? 

---
Dennis Burgess, Mikrotik Certified Trainer 
Link Technologies, Inc -- Mikrotik  WISP Support Services
Office: 314-735-0270 Website: http://www.linktechs.net
LIVE On-Line Mikrotik Training - Author of Learn RouterOS


-Original Message-
From: Eric Williams [mailto:ewilli...@connectria.com] 
Sent: Friday, June 25, 2010 8:56 AM
To: nanog@nanog.org
Subject: Re: ATT BGP - Advertising my network on accident

This issue has been resolved by breaking up the /22 into /24's.  Thanks
to all for the advise.

Maybe next time I will take someone's advise and advertise one of ATT's
/8's.





From:
Eric Williams/Connectria
To:
nanog@nanog.org
Date:
06/24/2010 02:37 PM
Subject:
ATT BGP - Advertising my network on accident


ATT is currently advertising my address space to the internet 
accidentally via BGP which they should not be.  Since they are
advertising 
my address space on accident, we are dead in the water.  Does anybody
out 
there work for ATT or know of the number I can call in order to have
them 
stop advertising my /22 ASAP

RE: Future of WiMax

2010-06-17 Thread Dennis Burgess

Lots of my clients (Wireless ISPs) have looked into deploying it,
however the costs are well over 20 times the cost of a unlicensed system
per access point.  I know it will be deployed as we work with some of
the backend routing etc. and installation with some of clearwires subs,
but most of my clients have moved on to other cheaper, more proven
technologies.  

Just what is going on in the WISP industry for the most part.  802.11n
so far on point-2-point links, are working quite well, cheap hardware as
well as ease of use is playing factors in this.  We are seeing 10+ mile
N links running 60-70 meg TCP and over 200 UDP using only 2x2 MIMO.   

---
Dennis Burgess, Mikrotik Certified Trainer 
Link Technologies, Inc -- Mikrotik  WISP Support Services
Office: 314-735-0270 Website: http://www.linktechs.net
LIVE On-Line Mikrotik Training - Author of Learn RouterOS


-Original Message-
From: Rubens Kuhl [mailto:rube...@gmail.com] 
Sent: Wednesday, June 16, 2010 2:48 PM
To: Seth Mattinen
Cc: nanOG list
Subject: Re: Future of WiMax

The future of WiMAX seems a lot less promising now that FD-LTE is the
clear winner for wide-scale mobile deployment, and TD-LTE, 802.11n and
proprietary technologies will compete for non-paired spectrum and/or
niche markets.

But one can build a network with WiMAX and make money out of it; global
market forces have established the big picture, not what would happen on
a specific scenario.

Rubens


On Wed, Jun 16, 2010 at 4:35 PM, Seth Mattinen se...@rollernet.us
wrote:
 A while back I remember reading a comment here that WiMax is not a 
 future proof technology and that several manufacturers have dropped 
 it or something to that effect. I think it was in the starting a WiMax

 ISP thread. This has stuck in my head, and I was curious if there was 
 any truth to this.

 WiMax sounds promising, but I certainly don't hear a lot about it 
 other than Sprint/Clear. Is it just that everyone that's doing 
 wireless is sticking with relatively inexpensive 802.11 a/b/g/n 
 products, or is WiMax really a dead end?

 ~Seth

RE: Future of WiMax

2010-06-17 Thread Dennis Burgess

And even then, there is not much spectrum in 3.65.  It still don't
penetrate trees as well as 2.4 GHz as well.  

---
Dennis Burgess, Mikrotik Certified Trainer 
Link Technologies, Inc -- Mikrotik  WISP Support Services
Office: 314-735-0270 Website: http://www.linktechs.net
LIVE On-Line Mikrotik Training - Author of Learn RouterOS


-Original Message-
From: Bret Clark [mailto:bcl...@spectraaccess.com] 
Sent: Thursday, June 17, 2010 9:00 AM
To: nanog@nanog.org
Subject: Re: Future of WiMax

On 06/17/2010 09:46 AM, Dennis Burgess wrote:
 Lots of my clients (Wireless ISPs) have looked into deploying it, 
 however the costs are well over 20 times the cost of a unlicensed 
 system per access point.

Yeah...that is really the crux of the problem. Every WISP I know would
switch over in a heartbeat if the upfront cost was the same as deploying
many well know 5.8GHz systems. Battling with interference in the 5.8GHz
can be tough at times, at least with the 3.65GHz range there is some
control over frequency use, but even so, dealing with frequency use in
5.8GHz is worth it for the cost savings.

RE: Software router

2010-06-02 Thread Dennis Burgess

RouterOS does run in virtual environments, super small, and has BGP,
OSPF, firewalling, etc., all built right in.  

---
Dennis Burgess, CCNA, Mikrotik Certified Trainer, MTCNA, MTCRE, MTCWE,
MTCTCE, MTCUME 
Link Technologies, Inc -- Mikrotik  WISP Support Services
Office: 314-735-0270 Website: http://www.linktechs.net
LIVE On-Line Mikrotik Training - Author of Learn RouterOS


-Original Message-
From: Jeremy Parr [mailto:jeremyp...@gmail.com] 
Sent: Tuesday, June 01, 2010 4:14 PM
To: Andrey Khomyakov; nanog@nanog.org
Subject: Re: Software router

On 1 June 2010 16:50, Andrey Khomyakov khomyakov.and...@gmail.com
wrote:

 Good times!

 We are starting to play around with VMware SRM and they virtual 
 subnets that supposedly have to be able migrate from site to site in 
 case of a failure of the local hardware (or software).
 Seems like to do that I'd have to run a software router on a VM that 
 would redistribute the virtual subnet into the physical routing
domain.
 does any one have any suggestions for a software router?

 I'm running EIGRP on the net, so I guess nothing will speak that, so 
 I'd have to redistribute OSPF. Any OSPF software router software 
 suggestion would be much appreciated.

 Or if anyone had implemented floating subnets, any other suggestions

 or what to look out for would be also much appreciated.

 Thank all in advance,


Mikrotik would fit the bill.

RE: FIOS Router

2010-05-27 Thread Dennis Burgess

While I replied of list, RouterOS (Mikrotik) can do 100meg in many of
their inexpensive devices.  WE have a fiber loop here running our office
that we can pull 70+ meg and its a 200 buck unit!  We actually make a
device called a PowerRouter, these are x86 versions, vs 680mhz mips
processors.  These can route at GigE speeds.  Not to mention you get all
of the firewalling, traffic management, QoS, etc with it as well.
Just another option.  

---
Dennis Burgess, CCNA, Mikrotik Certified Trainer, MTCNA, MTCRE, MTCWE,
MTCTCE, MTCUME 
Link Technologies, Inc -- Mikrotik  WISP Support Services
Office: 314-735-0270 Website: http://www.linktechs.net
LIVE On-Line Mikrotik Training - Author of Learn RouterOS


-Original Message-
From: Brielle Bruns [mailto:br...@2mbit.com] 
Sent: Thursday, May 27, 2010 12:55 PM
To: nanog@nanog.org
Subject: Re: FIOS Router

On 5/27/10 11:46 AM, Chris Burwell wrote:
 Brielle: Thank you for the info about the Ethernet port on the ONT. I
 will make sure to relay that information. At this point I believe they
 would want to make their service stable and worry about maximum
 bandwidth once that is done.


I was actually corrected off list that its possible to get 100mbit over 
100Base-TX, but its entirely possible that cheapie cards and such may 
not be able to hit that high of performance.


 The router they have is the MI424WR, which is what I have for my home
 service. I don't have many complaints about it at home, however it's
 clear that it's not up to the task in the case of my client. They have
 had the router replaced by Verizon 4 times in about as many months.


I believe its possible to install DD-WRT on the MI424WR.

http://dd-wrt.com/wiki/index.php/MI424WR

You might have luck with running pure Linux on that rather then Jungo's 
commercial linux abomination that Verizon uses.

-- 
Brielle Bruns
The Summit Open Source Development Group
http://www.sosdg.org/ http://www.ahbl.org

RE: Mikrotik BGP Question

2010-05-24 Thread Dennis Burgess

in V3 RouterOS's BGP support is very decent.  We typically don't have any 
issues with it!  :)  Whats nice is a router with 2 gig of RAM (cheap RAM too) 
can take multiple full table BGP feeds without issues.

Something else that's nice on our Dual Core systems is that while you are 
receiving the routes, you are only doing so on one core, instead of hitting 
high CPU while you receive all those, you only go up to 50% (on dual core 
system, and lower for quad and dual-quad systems).  So you don't have the huge 
CPU issue when you pull those routes. 

We had some upstream limit the BGP to something stupid like 128k!  Takes 50 min 
to get all the routes! 

---
Dennis Burgess, CCNA, Mikrotik Certified Trainer, MTCNA, MTCRE, MTCWE, MTCTCE, 
MTCUME 
Link Technologies, Inc -- Mikrotik  WISP Support Services
Office: 314-735-0270 Website: http://www.linktechs.net
LIVE On-Line Mikrotik Training - Author of Learn RouterOS


-Original Message-
From: Allan Eising [mailto:allan.eising+gm...@gmail.com] 
Sent: Monday, May 24, 2010 11:29 AM
To: nanog@nanog.org
Subject: Re: Mikrotik BGP Question

On Sun, 23 May 2010 08:21:47 +0200, Graham Beneke wrote:

 On 2010/05/21 11:56 PM, Martin List-Petersen wrote:
 - Mikrotik still has some memory leaks in the BGP stack somewhere,
 causing funny issues at times.

 - Filters aren't adequate for my use, and lacking a lot on IPv4, but
 even more on IPv4.
 
 I haven't seen either of those issues running the v4.x stream of
 RouterOS. The memory leak was solved a while ago and Mikrotik has fairly
 short release cycles.
 
 We have extensive inbound and outbound filters on our eBGP doing most of
 the normal things that you would do on a cisco. The IPv6 filters must be
 built via the terminal to avoid limitations with the current GUI but
 they also work very well

In some ways, I find the MikroTik RouterOS routing filter syntax a little 
more powerful than Cisco's route-maps. As routing filters work the same 
way as firewall filters, you can group rules in chains and reuse parts 
of your filters in other filters by jumping to another chain. This could 
be used, for instance, on a peering setup, where you have a number of 
rules per peer but also some common filtering for all peers, or to handle 
specific and generic filtering for your customers.

I haven't yet found anything that I missed being able to with filters, at 
least with BGP. With other routing protocols, it's another story.

Regards,

Allan Eising

Tracking down reverse for ip

2010-04-15 Thread Dennis Burgess

I have a customer that has an IP of 12.43.95.126. Currently, I can not
get any reverse on this IP.  

 

What is the best way to find out the responciable servers for this?
Thanx in advance.

 

---
Dennis Burgess, CCNA, Mikrotik Certified Trainer, MTCNA, MTCRE, MTCWE,
MTCTCE, MTCUME 
Link Technologies, Inc -- Mikrotik  WISP Support Services
Office: 314-735-0270 Website: http://www.linktechs.net
http://www.linktechs.net/ 
LIVE On-Line Mikrotik Training http://www.onlinemikrotiktraining.com
- Author of Learn RouterOS http://routerosbook.com/

RE: Tracking down reverse for ip

2010-04-15 Thread Dennis Burgess

Yep. BTW, thanks for all of the replies.  In this case ATT was sending
the request to another server, and that's what I needed :)  

---
Dennis Burgess, CCNA, Mikrotik Certified Trainer, MTCNA, MTCRE, MTCWE,
MTCTCE, MTCUME 
Link Technologies, Inc -- Mikrotik  WISP Support Services
Office: 314-735-0270 Website: http://www.linktechs.net
LIVE On-Line Mikrotik Training - Author of Learn RouterOS


-Original Message-
From: Chris Owen [mailto:ow...@hubris.net] 
Sent: Thursday, April 15, 2010 3:23 PM
To: NANOG list
Subject: Re: Tracking down reverse for ip

On Apr 15, 2010, at 3:07 PM, Dennis Burgess wrote:

 I have a customer that has an IP of 12.43.95.126. Currently, I can not
 get any reverse on this IP.  
 
 What is the best way to find out the responciable servers for this?
 Thanx in advance.
 
 ---
 Dennis Burgess, CCNA, Mikrotik Certified Trainer, MTCNA, MTCRE, MTCWE,
 MTCTCE, MTCUME 

Don't forget WTF.

Chris


-
Chris Owen - Garden City (620) 275-1900 -  Lottery (noun):
President  - Wichita (316) 858-3000 -A stupidity tax
Hubris Communications Inc  www.hubris.net

-

RE: Router for Metro Ethernet

2010-04-13 Thread Dennis Burgess

Actually, the latest version 5 adds IP6 over PPP, I don't know where you
got that they are not capable of routing IPv6.  Just have to install the
V6 package.

---
Dennis Burgess, CCNA, Mikrotik Certified Trainer, MTCNA, MTCRE, MTCWE,
MTCTCE, MTCUME 
Link Technologies, Inc -- Mikrotik  WISP Support Services
Office: 314-735-0270 Website: http://www.linktechs.net
LIVE On-Line Mikrotik Training - Author of Learn RouterOS


-Original Message-
From: Owen DeLong [mailto:o...@delong.com] 
Sent: Monday, April 12, 2010 8:42 PM
To: Dennis Burgess
Cc: Jeffrey Negro; nanog@nanog.org
Subject: Re: Router for Metro Ethernet

Yes, but, according to the Mikrotik web site they appear to be obsolete
and incapable of routing IPv6.

Owen

On Apr 12, 2010, at 10:32 AM, Dennis Burgess wrote:

 a PowerRouter at http://www.mikrotikrouter.com can handle several
 hundred meg without issues.  
 
 ---
 Dennis Burgess, CCNA, Mikrotik Certified Trainer, MTCNA, MTCRE, MTCWE,
 MTCTCE, MTCUME 
 Link Technologies, Inc -- Mikrotik  WISP Support Services
 Office: 314-735-0270 Website: http://www.linktechs.net
 LIVE On-Line Mikrotik Training - Author of Learn RouterOS
 
 
 -Original Message-
 From: Jeffrey Negro [mailto:jne...@billtrust.com] 
 Sent: Monday, April 12, 2010 12:29 PM
 To: nanog@nanog.org
 Subject: Router for Metro Ethernet
 
 Before I get taken for a ride by salespeople, I figured it would be
best
 to
 ask the experts of Nanog
 
 My company is currently in talks to bring an ethernet circuit into our
 headquarters, initially committing around 40Mbps.  The ISP will be
 providing
 ethernet handoff, but I do not want their managed router offering
 (Adtran
 4430) since it is pricey, non-redundant and I'd rather manage it
myself.
 My
 question is about hardware.  Can I assume that I can use something
like
 a
 Cisco 2000 series router with two built in fast/gig ethernet ports,
 without
 a WIC?  and since both sides are ethernet would the routing throughput
 be
 near fast ethernet speed?  This is my first dealing with metro
ethernet
 offerings, and I don't want to assume that the Cisco throughput rates
 listed
 for T1/ADSL etc. are the same for a metro ethernet as the WAN.
 
 Any and all suggestions on the hardware would be greatly appreciated.
 Thank
 you in advance!

RE: Router for Metro Ethernet

2010-04-13 Thread Dennis Burgess

They just added IPv6 over PPP Support in v5 too :)  

---
Dennis Burgess, CCNA, Mikrotik Certified Trainer, MTCNA, MTCRE, MTCWE,
MTCTCE, MTCUME 
Link Technologies, Inc -- Mikrotik  WISP Support Services
Office: 314-735-0270 Website: http://www.linktechs.net
LIVE On-Line Mikrotik Training - Author of Learn RouterOS


-Original Message-
From: Owen DeLong [mailto:o...@delong.com] 
Sent: Monday, April 12, 2010 11:13 PM
To: frnk...@iname.com
Cc: nanog@nanog.org; 'Bill Stewart'
Subject: Re: Router for Metro Ethernet

I stand corrected on the Mikrotik... Apparently, while not well
documented, they
do, indeed support IPv6 and their Wiki even includes tunnel
configuration
information.

Apologies to Mikrotik (and some encouragement to add this to your
main-line
documentation).


Owen

On Apr 12, 2010, at 8:56 PM, Frank Bulk wrote:

 We run a 3845 at over 300 Mbps and it's less than 50% CPUmost
times less
 than 30%.  No BGP, just OSPF.
 
 Frank
 
 -Original Message-
 From: Bill Stewart [mailto:nonobvi...@gmail.com] 
 Sent: Monday, April 12, 2010 1:27 PM
 To: nanog@nanog.org
 Subject: Re: Router for Metro Ethernet
 
 On Mon, Apr 12, 2010 at 10:55 AM, Dylan Ebner dylan.eb...@crlmed.com
 wrote:
 However, this router also has 2 100mb connections from local lans
that it
 is also terminiating.
 For our 100mb metro e connections we use 3845s. The 100 mb service
 terminates into NM-GEs, which have a faster throughput than the hwics.
 
 Be careful using 3845s for 100 Mbps connections or above - Cisco rates
 them at 45 Mbps (and 3825 at half of that) but last time I checked
 doesn't make any promises at faster than T3.  They're being
 conservative about it, but one thing that really can burn the
 horsepower is traffic shaping, which you need with some MetroE
 carriers.
 
 
 -- 
 
 Thanks; Bill
 
 Note that this isn't my regular email account - It's still
experimental so
 far.
 And Google probably logs and indexes everything you send it.

RE: conference bandwidth (Whistler)

2010-04-13 Thread Dennis Burgess

Don't forget to contact the local WISP, they may have big pipes already
in the area!   

---
Dennis Burgess, CCNA, A+, Mikrotik Certified Trainer
Link Technologies, Inc -- Mikrotik  WISP Support Services
Office: 314-735-0270 Website: http://www.linktechs.net
LIVE On-Line Mikrotik Training - Author of Learn RouterOS 

-Original Message-
From: matthew zeier [mailto:m...@velvet.org] 
Sent: Tuesday, April 13, 2010 4:33 PM
To: nanog@nanog.org
Subject: conference bandwidth (Whistler)

I'll be hosting a 500 person conference in Whistler this July.  The
hotel we're looking at only has a 30Mbps pipe from Telus.

Looking for recommendations on someone who can get me 100Mbps for a
week.

- mz

RE: Router for Metro Ethernet

2010-04-12 Thread Dennis Burgess

a PowerRouter at http://www.mikrotikrouter.com can handle several
hundred meg without issues.  

---
Dennis Burgess, CCNA, Mikrotik Certified Trainer, MTCNA, MTCRE, MTCWE,
MTCTCE, MTCUME 
Link Technologies, Inc -- Mikrotik  WISP Support Services
Office: 314-735-0270 Website: http://www.linktechs.net
LIVE On-Line Mikrotik Training - Author of Learn RouterOS


-Original Message-
From: Jeffrey Negro [mailto:jne...@billtrust.com] 
Sent: Monday, April 12, 2010 12:29 PM
To: nanog@nanog.org
Subject: Router for Metro Ethernet

Before I get taken for a ride by salespeople, I figured it would be best
to
ask the experts of Nanog

My company is currently in talks to bring an ethernet circuit into our
headquarters, initially committing around 40Mbps.  The ISP will be
providing
ethernet handoff, but I do not want their managed router offering
(Adtran
4430) since it is pricey, non-redundant and I'd rather manage it myself.
My
question is about hardware.  Can I assume that I can use something like
a
Cisco 2000 series router with two built in fast/gig ethernet ports,
without
a WIC?  and since both sides are ethernet would the routing throughput
be
near fast ethernet speed?  This is my first dealing with metro ethernet
offerings, and I don't want to assume that the Cisco throughput rates
listed
for T1/ADSL etc. are the same for a metro ethernet as the WAN.

Any and all suggestions on the hardware would be greatly appreciated.
Thank
you in advance!

RE: Mikrotik RouterOS

2010-04-12 Thread Dennis Burgess

As it said, it was two fold, one the MT allowed it, and 2, the Cisco's
crashed with it! 

---
Dennis Burgess, CCNA, Mikrotik Certified Trainer, MTCNA, MTCRE, MTCWE,
MTCTCE, MTCUME 
Link Technologies, Inc -- Mikrotik  WISP Support Services
Office: 314-735-0270 Website: http://www.linktechs.net
LIVE On-Line Mikrotik Training - Author of Learn RouterOS


-Original Message-
From: Gustavo Santos [mailto:gustkil...@gmail.com] 
Sent: Monday, April 12, 2010 2:44 PM
To: Adrian Minta
Cc: nanog@nanog.org
Subject: Re: Mikrotik RouterOS

its was an old bug, that had been fixed for a while..

2010/4/12 Adrian Minta adrian.mi...@gmail.com

 James Jones wrote:


 I am currently looking at using RouterOS as a way to build a Metro
 Ethernet solution. Does anyone have experience with the device and
the
 OS? How is the performance? Are there any Gotchas?


 -James


  Be carefull not to crash the whole internet:
 http://www.renesys.com/blog/2009/02/longer-is-not-better.shtml







-- 

Gustavo Santos
Analista de Redes
-Cisco Certified Network Associate
-Juniper Certified Internet Associate - ER
-Mikrotik Certified Consultant

RE: Mikrotik RouterOS

2010-04-12 Thread Dennis Burgess

It runs the Linux kernal, bout it anymore!  A few existing linux apps
but super clean CLI, easy to use, awsome GUI.  ;)  Heck, the whole OS
runs within 64meg of disk space if you wanted it too!  

---
Dennis Burgess, CCNA, Mikrotik Certified Trainer, MTCNA, MTCRE, MTCWE,
MTCTCE, MTCUME 
Link Technologies, Inc -- Mikrotik  WISP Support Services
Office: 314-735-0270 Website: http://www.linktechs.net
LIVE On-Line Mikrotik Training - Author of Learn RouterOS


-Original Message-
From: Grzegorz Janoszka [mailto:grzeg...@janoszka.pl] 
Sent: Monday, April 12, 2010 2:49 PM
To: nanog list
Subject: Re: Mikrotik RouterOS

On 12-4-2010 21:44, Gustavo Santos wrote:
 its was an old bug, that had been fixed for a while..

You should still keep in mind Mikrotik is just Linux, with all its 
(dis)advantages, plus some scripts and weird CLI.

-- 
Grzegorz Janoszka

RE: Need advise for a linux firewall

2010-03-12 Thread Dennis Burgess

Can't go wrong with RouterOS.  The whole OS will boot on a 32meg drive
if you needed it too. Contact us if you need hardware/software :) 

---
Dennis Burgess, CCNA, Mikrotik Certified Trainer, MTCNA, MTCRE, MTCWE,
MTCTCE, MTCUME 
Link Technologies, Inc -- Mikrotik  WISP Support Services
Office: 314-735-0270 Website: http://www.linktechs.net
LIVE On-Line Mikrotik Training - Author of Learn RouterOS


-Original Message-
From: Will Clayton [mailto:w.d.clay...@gmail.com] 
Sent: Thursday, March 11, 2010 5:54 PM
To: Jim Miller
Cc: Abdul Nazeer; nanog@nanog.org
Subject: Re: Need advise for a linux firewall

Microtik makes a pretty robust Linux based firewall
appliance-on-a-usb-stick. It does a lot out of the box like BGP, VPN,
MPLS,QoS and all kinds of other crazy things you wouldn't expect to fit
on
one gig of flash. It takes my HP about 10 seconds to load a full table.

My vote is for PFSense though. PF is a lot of fun itself and I have seen
awesome throughput with no load on very low end hardware.

On Thu, Mar 11, 2010 at 1:45 PM, Jim Miller stl...@gmail.com wrote:

 On Thu, Mar 11, 2010 at 11:56 PM, Abdul Nazeer voipu...@optonline.net
 wrote:

  On 03/11/2010 11:22 AM, gordon b slater wrote:
   On Thu, 2010-03-11 at 11:00 -0500, Abdul Nazeer wrote:
  
  
   iptables, but if anyone has any other suggestion, I'd love to
hear it.
  
   PFsense, (being freeBSD-based, comes  under your other category)
   It uses the OpenBSD-based pf firewall, with a web-based GUI for
almost
   everything (except maybe console resets). works for me in  several
   locations, some `heavy and high`.
  
  Looks interesting. Will give it a shot, thanks!
 
  For a very long time I used the following setup with great success:
 1. Debian based linux for the firewall box.  With Debian you can do a
very
 light setup.
 2. FWBuilder to builder for the GUI front end.  It's been around for
quite
 a
 long time now and has built in RCS for revision control.
 3. Quagga for OSPF routing.. We only had about .. 4-5 firewalls but
made a
 lot of internal routing changes and OSPF _really_ made things easy
when we
 made changes
 4. OpenVPN for after-hours access and off-site staff access.

 Anyway, just my $0.02

 --Jim

97 matches

Mail list logo