Re: BGP Books
> “between 0x2 nerds” Get in my Podcatcher! Where is the RSS feed!? On Sat, 29 Apr 2023 at 06:12, Jeff Tantsura wrote: > If you are looking for BGP in DC (either unicast and/or VPN) we (Jeff > Doyle and I) have published a significant number of podcasts on “between > 0x2 nerds”(from basic BGP to EVPN to BGP security to HW) - > https://youtube.com/playlist?list=PLMYH1xDLIabuZCr1Yeoo39enogPA2yJB7 > > Cheers, > Jeff > > On Apr 27, 2023, at 15:37, Warren Kumari wrote: > > > > > > > On Tue, Apr 25, 2023 at 7:20 PM, Steven G. Huter wrote: > >> On 4/25/23 3:55 PM, Lyndon Nerenberg (VE7TFX/VE6BBM) wrote: >> >> It has been a couple of decades since I've done any BGP in anger, but it >> looks like I will be jumping into the deep end again, soon, and I >> desperately need to get up to speed again. >> >> There seem to be a lot of good guides out there from Cisco, Juniper, and >> the like, but naturally they are very product oriented. What I'm looking >> for is more like the Stevens networking bibles (i.e. >> "BGP Illustrated Vol I and II"). Something that covers more than just the >> raw protocols, and includes things like RPKI. (The world sure has changed >> since the last time I was doing this!) >> >> Any/all suggestions welcome. >> >> https://learn.nsrc.org/bgp >> > > > Yes, this. Much of it (all of it?) is presented by Philip Smith, and he's > a sufficiently entertaining speaker that it's worth watching even if you > are already a bgp "expert". > > As for books — I used to buy a copy of "BGP4: Inter-Domain Routing in the > Internet" by John W Stewart for all of my new hires — > https://amzn.to/3VdqdfK . It's really short and sweet, and covers > just the stuff that you need to know. It is old at this point (1998!), but > still well worth the read. > > W > > >> Steve >> > >
Re: Scheduled outage -- Nationwide no driver license updates this weekend
Says a lot about the architecture of the application and redundancy. I'd love to know what the failover looks like in a worst-case scenario On Sun, 26 Feb 2023 at 10:51, Aaron de Bruyn via NANOG wrote: > If we have downtime, we lose revenue, customers, sleep, etc... > > If the government does it, what are you going to do? Get your license > somewhere else? > > -A > > On Sat Feb 25, 2023, 11:39 PM GMT, Christopher Morrow > wrote: > > On Sat, Feb 25, 2023 at 6:12 PM Sean Donelan wrote: > > > Verizon network maintenance will impact access to the “National Driver > Register,” a system that motor vehicle offices around the country need to > check before handing out a license. > > > Wait, what year is it? > how is a network maintenance on what seems like a fairly critical system > going > to cause a total outage of said system? > > I think we time traveled back to 1990 here... > > > All 50 states and D.C. participate in the National Driver Register, a > database maintained by the National Highway Traffic Safety Administration. > The register contains information about drivers who have had their driving > privileges revoked, suspended or denied due to serious traffic violations, > such as driving under the influence of alcohol or drugs, reckless driving > or excessive speeding. > > > The scheduled maintenance should be finished by Monday, in case you needed > to update your driver's license or planned to do some reckless driving > this weekend. > >
Re: IPv6 Ignorance
To address everything in the Universe wouldn't you then get stuck in some kinda of loop of having to address the matter that is used by the addresses... i.e. to address everything in the Universe you need more matter than the Universe? *brain* pop On Sat, Sep 29, 2012 at 4:17 PM, George Herbert george.herb...@gmail.comwrote: My customer the Dark Matter local galaxy group beg to disagree; just because you cannot see them does not mean that you cannot feel them gravitationally. Or route to them. George William Herbert Sent from my iPhone On Sep 28, 2012, at 10:31 PM, John R. Levine jo...@iecc.com wrote: You won't have enough addresses for Dark Matter, Neutrinos, etc. Atoms wind up using up about 63 bits (2^10^82) based on the current SWAG. The missing mass is 84% of the universe. Fortunately, until we find it, it doesn't need addresses. -Original Message- From: Randy Bush [mailto:ra...@psg.com] Sent: Monday, September 17, 2012 8:30 PM To: John Levine Cc: nanog@nanog.org Subject: Re: IPv6 Ignorance In technology, not much. But I'd be pretty surprised if the laws of arithmetic were to change, or if we were to find it useful to assign IP addresses to objects smaller than a single atom. we assign them /64s Regards, John Levine, jo...@iecc.com, Primary Perpetrator of The Internet for Dummies, Please consider the environment before reading this e-mail. http://jl.ly -- Regards, Jason Leschnik. [m] 0432 35 4224 [w@] jason dot leschnik at ansto dot gov dot aujason.lesch...@ansto.gov.au [U@] jml...@uow.edu.au
Re: IPv6 Ignorance
Has said forum guy never heard of a phased implementation? Or would he rather a big bang cut over, i'm sure that will work swell. The best way to summarise the feeling for IPv6 was expressed in the Packet Pushers Podcast and that is Network Administrators and System Administrators have forgotten what it means to run a multiple stack Network. I also think many people are seeing IPv6 as a unnecessary evil due to the way it has come around and that comes back to the whole your doomed theory and we are only upgrading because there is a depletion, This comes back to a lack of understanding and lack of interest in change. I cannot remember where i heard it, but someone said that it will take a killer IPv6 application that cannot occur on v4 to get people to jump. I'm sure if Facebook/Google decided they were sick of v4 for a week you would see I.T. departments agenda change quite rapidly (obviously this isn't sustainable) Education seems to be the key here... Rusty gears is the problem, people haven't had to worry about addressing for such a long time now. Feel kinda sorry for the guys who have to readdress IPv6 though *mwaha* On Mon, Sep 17, 2012 at 10:04 PM, Tom Limoncelli t...@whatexit.org wrote: My biggest fear is that statements like this will take on a life of their own: I can dual stack, then I am not out of IPv4 addresses, and thus I have no need for IPv6. If I'm out of IPv4 then I need IPv6 and I can't dual stack. http://forum.ubnt.com/showthread.php?p=355722 Not true but it certainly sounds logical to the average person. What creates this impression is that there is no deadline. The IPv4 - Dual Stack - pure IPv6 transition is complex so everyone focuses on IPv4 - Dual Stack forgetting that it is a transition step. The final step seems so far off that people ignore it, and therefore the justification for the first step fades. (the remainder of this post is brainstorming; apply a grain of salt) There are ways to fix this. For example there was a deadline for when Dual Stack was to go away, a Dual Stack 10 year count-down would drive the point home. However nothing like this exists. This thread is making me think that I should change how I talk about IPv6 publicly. I need to put more emphasis on DS as being a temporary thing. It is in my mind but perhaps not in how I speak. The problem with picking a 10-year or 5-year campaign is that underestimating the amount of time makes us look like the sky is falling and too long gives people a reason to procrastinate. Then again... I believe what will make the biggest # of people adopt IPv6 will be if they see everyone else adopting it. That's why it is so important for IPv6 to be offered by default to all new ISP customers, that tech-savy enterprises need to deploy it, and so on. It is all about building a critical mass. Tom -- Speaking at MacTech Conference 2012. http://mactech.com/conference; http://EverythingSysadmin.com -- my blog http://www.TomOnTime.com -- my videos -- Regards, Jason Leschnik. [m] 0432 35 4224 [w@] jason dot leschnik at ansto dot gov dot aujason.lesch...@ansto.gov.au [U@] jml...@uow.edu.au
Re: Wanted: Asia bandwidth test files
I find the mirrors here are generally beefy https://launchpad.net/ubuntu/+archivemirrors Thanks. On Tuesday, August 7, 2012, Aftab Siddiqui wrote: Hi Micah Does anyone have any machines in Japan, S. Korea, or other asian locations with good bandwidth. where they can host a 100mbit file so I can attempt to download it to test this? you may try downloading from stingray.cyber.net.pk It's in Karachi (Pakistan) with GigE limits. Use rsync. Regards, Aftab A. Siddiqui. -- Regards, Aftab A. Siddiqui -- Regards, Jason Leschnik. [m] 0432 35 4224 [w@] jason dot leschnik at ansto dot gov dot aujason.lesch...@ansto.gov.au [U@] jml...@uow.edu.au
Re: Facebook insecure by design
On Mon, Oct 3, 2011 at 4:27 AM, William Allen Simpson william.allen.simp...@gmail.com wrote: On 10/2/11 12:36 PM, Jimmy Hess wrote: On Sun, Oct 2, 2011 at 10:38 AM, Michael Thomasm...@mtcc.com wrote: I'm not sure why lack of TLS is considered to be problem with Facebook. The man in the middle is the other side of the connection, tls or otherwise. That's where the X509 certificate comes in. A man in the middle would not have the proper private key to impersonate the Facebook server that the certificate was issued to. My understanding of his statement is that Facebook itself is the MITM, collecting all our personal information. Too true. I assume that any MITM is actually going to try and prevent our data from making it to the end point i.e the real attacker. -- Regards, Jason Leschnik. [m] 0432 35 4224 [w@] jason dot leschnik at ansto dot gov dot aujason.lesch...@ansto.gov.au [U@] jml...@uow.edu.au
Re: flow generating tool
Iperf is a good start http://iperf.sourceforge.net/ Would be interested in any other tools as well. -- Regards, Jason Leschnik. [m] 0432 35 4224 [w@] jason dot leschnik at ansto dot gov dot aujason.lesch...@ansto.gov.au [U@] jml...@uow.edu.au
Re: flow generating tool
Does anyone follow a network performance testing methodology, using hardware from companies like ixia/spirent? I know that basic testing is typically done for validation of configs, but i assume other issues would make themselves apparent when pushed to these higher loads. thoughts/comments? Thanks -- Regards, Jason Leschnik. [m] 0432 35 4224 [w@] jason dot leschnik at ansto dot gov dot aujason.lesch...@ansto.gov.au [U@] jml...@uow.edu.au
Re: ouch..
Juniper: Who needs to waste time with pathetic marketing videos when you're gear just works. If this is really from Cisco, it must put a smile on the face of Juniper to know their competitor of 10x the revenue is watching their moves so closely... Typically in the Mac vs. PC adds you see the non established player (apple) making pokes at the established. -- Regards, Jason Leschnik. Mob. 0432 35 4224 Uni mail. jml...@uow.edu.au
Re: vyatta for bgp
Ray Download the Podcast The Packet Pushers - Show 31 they talk a little about this topic... If nothing else it's a great listen Cheers! On Thu, Sep 15, 2011 at 11:05 PM, Ray Soucy r...@maine.edu wrote: Is Vyatta really not suited for the task? I keep checking up on it and holding off looking into it as they don't support multicast yet. Modern commodity sever hardware these days often out-powers big iron enough to make up for not using ASICs, though, at least on the lower end of the spectrum. Does anyone have any more details on Vyatta not scaling? Were you trying to run it as a VM? What were you using for NICs? etc. The hardware matters. Saying Vyatta doesn't cut it could mean anything... -- Regards, Jason Leschnik. Mob. 0432 35 4224 Uni mail. jml...@uow.edu.au