Massive Spectrum Outage

2020-07-29 Thread Kenneth McRae via NANOG 
Anyone outside of S. California affected?

Re: Mx204 alternative

2019-09-02 Thread Kenneth McRae via NANOG 
On the MX204 that is..

Sent from my iPhone

> On Sep 2, 2019, at 3:27 PM, Kenneth McRae via NANOG  wrote:
> 
> 1 Gig is supported on later release versions 
> 
> Sent from my iPhone
> 
>> On Sep 2, 2019, at 1:49 AM, Mark Tinka  wrote:
>> 
>> 
>> 
>>> On 2/Sep/19 10:28, Hank Nussbacher wrote:
>>> 
>>> 
>>> 
>>> What about handling LAG on 1Gb/sec links?  That is a major showstopper
>>> if indeed it is missing:
>>> 
>>> https://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/speed-gigether-options.html
>>> 
>>> •On MX10003 and MX204 routers, rate selectability at PIC
>>> level and port level does not support 1-Gbps speed.
>>> •On MX10003 and MX204 routers, the interface name prefix
>>> must be xe.
>>> •On MX10003 and MX204 routers, even after configuring
>>> 1-Gbps speed, the protocol continues to advertise the bandwidth as
>>> 10-Gigabit Ethernet.
>>> •On MX10003 and MX204 routers, Link Aggregation Group
>>> (LAG) is supported on 10-Gbps speed only. It is not supported on
>>> 1-Gbps speed.
>> 
>> Well, that's not ideal at all.
>> 
>> That said, in the Metro, we don't generally support LAG's toward
>> customers because getting policing to work reliably on them is
>> difficult. So we wouldn't hit this issue, although I can see how
>> annoying it would be for networks that prefer to do this.
>> 
>> Mark.
>

Re: Mx204 alternative

2019-09-02 Thread Kenneth McRae via NANOG 
1 Gig is supported on later release versions 

Sent from my iPhone

> On Sep 2, 2019, at 1:49 AM, Mark Tinka  wrote:
> 
> 
> 
>> On 2/Sep/19 10:28, Hank Nussbacher wrote:
>> 
>>  
>> 
>> What about handling LAG on 1Gb/sec links?  That is a major showstopper
>> if indeed it is missing:
>> 
>> https://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/speed-gigether-options.html
>> 
>> •On MX10003 and MX204 routers, rate selectability at PIC
>> level and port level does not support 1-Gbps speed.
>> •On MX10003 and MX204 routers, the interface name prefix
>> must be xe.
>> •On MX10003 and MX204 routers, even after configuring
>> 1-Gbps speed, the protocol continues to advertise the bandwidth as
>> 10-Gigabit Ethernet.
>> •On MX10003 and MX204 routers, Link Aggregation Group
>> (LAG) is supported on 10-Gbps speed only. It is not supported on
>> 1-Gbps speed.
> 
> Well, that's not ideal at all.
> 
> That said, in the Metro, we don't generally support LAG's toward
> customers because getting policing to work reliably on them is
> difficult. So we wouldn't hit this issue, although I can see how
> annoying it would be for networks that prefer to do this.
> 
> Mark.

Re: NTP for ASBRs?

2019-05-08 Thread Kenneth McRae via NANOG 


You will also need to add you localhost as a source if you want to show that 
ntp association status on the router

apply-flags omit;
term allow-ntp {
from {
source-prefix-list {
ntp-server;
localhost;
}
protocol udp;
port ntp;
}
then {
policer gen-use-1m;
accept;
}
}

show policy-options prefix-list localhost 
apply-flags omit;
apply-path "interfaces lo0 unit 0 family inet address <*>”;



> On May 8, 2019, at 7:22 AM, Vincent Bernat  wrote:
> 
> ❦  8 mai 2019 09:56 +02, Lars Prehn :
> 
>> do you NTP sync your AS boundary routers? If so, what are incentives
>> for doing so? Are there incentives, e.g. security considerations, not
>> to do it?
> 
> Ensure you have a firewall rule in place to prevent people to use your
> router for NTP amplification. NTP clients are also servers. On Juniper
> devices:
> 
> policy-options {
>prefix-list ntp-servers {
>apply-path "system ntp server <*>";
>}
> }
> firewall {
>/* ... */
>   term accept-ntp {
>from {
>source-prefix-list {
>ntp-servers;
>}
>protocol udp;
>port ntp;
>}
>then {
>policer management-1m;
>accept;
>}
>}
> }
> 
> (see
> 
> for more details).
> -- 
> Keep it simple to make it faster.
>- The Elements of Programming Style (Kernighan & Plauger)

Youtube Outage

2018-10-16 Thread Kenneth McRae via NANOG 
Is this widespread?


signature.asc
Description: Message signed with OpenPGP

Re: Godaddy outage?

2018-08-07 Thread Kenneth McRae via NANOG 
Outage confirmed by support staff.  No present ETR.

> On Aug 7, 2018, at 2:47 PM, William Herrin  wrote:
> 
> Hi,
> 
> Does anyone have information on the godaddy outage? I don't see
> anything on https://puck.nether.net/mailman/listinfo/outages or
> status.godaddy.com but my DNS server logs:
> 
> Aug  7 17:02:11 dns-a named[2383]: error (unexpected RCODE REFUSED)
> resolving 'pdns11.domaincontrol.com/A/IN': 173.201.65.35#53
> Aug  7 17:02:11 dns-a named[2383]: error (unexpected RCODE REFUSED)
> resolving 'pdns12.domaincontrol.com/A/IN': 173.201.65.35#53
> Aug  7 17:02:32 dns-a named[2383]: error (unexpected RCODE REFUSED)
> resolving 'ns38.domaincontrol.com/A/IN': 216.69.185.35#53
> Aug  7 17:02:32 dns-a named[2383]: error (unexpected RCODE REFUSED)
> resolving 'ns37.domaincontrol.com/A/IN': 216.69.185.35#53
> 
> my zones aren't resolving consistently and an attempt to access the
> web portal at https://dcc.godaddy.com/manage/dns reports "We apologize
> for this inconvenience, but an error has been detected."
> 
> First noticed about 75 minutes ago.
> 
> Thanks,
> Bill Herrin
> 
> --
> William Herrin  her...@dirtside.com  b...@herrin.us
> Dirtside Systems . Web: 



signature.asc
Description: Message signed with OpenPGP