Re: [swinog] SwissIX / google
Hi Looks like the returning path back from Google over SwissIX doesn't work. I have no hard facts to prove this, but: We peer over the route server and sending the 42476:15169 community towards those sessions helped: Host Loss% Snt Last Avg Best Wrst StDev 1. 10gigabitethernet.swi01-mue01.ip4.mironet.ch 0.0%622.2 4.8 0.6 30.8 5.9 2. gi0-0-0.700.r01-bas01.ip4.mironet.ch 0.0%620.4 0.4 0.4 0.5 0.0 3. gi4-1.ccr01.bsl01.atlas.cogentco.com 0.0%620.6 17.1 0.6 171.0 45.1 4. te1-3.ccr01.zrh01.atlas.cogentco.com 0.0%622.5 27.1 1.9 296.1 60.7 5. te0-0-0-7.ccr22.muc01.atlas.cogentco.com 0.0%627.5 7.5 7.4 7.9 0.1 6. te0-2-0-5.mpd22.fra03.atlas.cogentco.com 0.0%62 12.9 12.9 12.8 13.2 0.1 7. be2009.mag21.fra03.atlas.cogentco.com 0.0%62 13.1 13.1 13.0 13.8 0.1 8. fe-2-3991.cir-1.fra1.solvians.com 1.6%629.5 10.0 9.1 42.1 4.2 aurora-tel-ltd.demarc.cogentco.com 9. 209.85.240.64 0.0%62 10.0 11.1 9.6 26.8 3.1 10. 209.85.251.178 0.0%61 10.4 11.3 10.2 20.6 2.3 11. 209.85.254.112 0.0%61 10.7 12.1 10.1 60.2 7.4 12. ??? 13. google-public-dns-a.google.com 0.0%619.9 10.2 9.9 11.8 0.3 Cheers! On 29 Aug 2013, at 11:02, Matias Meier me...@matias.ch wrote: Hello It seems that googles swissix link is down… Google isn’t reachable from the Green network, also from iWay 8.8.8.8 isn’t reachable. From Cyberlink and from Cablecom it seems tob e OK. Anyone else have problems? Freundliche Grüsse Matias Meier ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog Mathias Seiler MiroNet AG, Strassburgerallee 86, CH-4055 Basel T +41 61 201 30 90, F +41 61 201 30 99 mathias.sei...@mironet.ch www.mironet.ch www.mirocloud.com ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] sflow proxy/multiplexer
Oh hai You may have some success with iptables, I didn't test that though: iptables -t mangle -A PREROUTING -p udp --dport 2055 -j TEE --gateway IP of your target host http://stackoverflow.com/questions/14896390/clone-and-forward-with-iptables HTH - Mathias On Jun 17, 2013, at 8:46 PM, Julian Rutz m...@jurutz.com wrote: Hi there, Maybe some of you folks can give me a hint on this... I do have a linux box which is receiving sflow data from routers/switches/etc. I want this box to forward the sflow data to two or three other hosts. So I am looking for a decent sflow proxy/multiplexer. Any suggestions are welcome - preferably opensource :) Thanks in advance. Cheers, Julian ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Private VLAN with none-private-vlan speaking switch in between
Hi Lukas Yes this should work. Private VLANs are carried over trunk ports like other VLANs. Policy is enforced on the access ports of the switches which have configured private VLANs. Cheers On 17 Apr 2012, at 14:51, Lukas Eisenberger wrote: Hi Does somebody know if its possible to connect two private-vlan speaking switches (Cisco 3560/3750) with a none-private-vlan speaking switch in between? Does that work so that I can still use the community/isolated vlans on both private-vlan speaking switches? (http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12.2_58_se/configuration/guide/swpvlan.html) [3650] -- HP Switch -- [3650] Cheers Luki ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog Mathias Seiler MiroNet GmbH, Strassburgerallee 86, CH-4055 Basel T +41 61 201 30 90, F +41 61 201 30 99 mathias.sei...@mironet.ch www.mironet.ch www.mirocloud.com ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] EtherChannel - Long Time between LINK-3-UPDOWN and LINEPROTO-5-UPDOWN
Hi Tobias It may be a stupid question, but have you tried opening a SR with Cisco TAC ? :) Cheers! On 5 Apr 2012, at 17:41, Tobias Brunner wrote: Hi, Tobias: Why is pxe enabled? Is this device having its IOS image downloaded from a tftp server every time it boots up? That would account for the latency... PXE is enabled on the server, not on the switch =) Tobias -- Nine Internet Solutions AG, Albisriederstr. 243a, CH-8047 Zuerich Support +41 44 637 40 40 | Tel +41 44 637 40 00 | Direct +41 44 637 40 13 Skype nine.ch_support ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog Mathias Seiler MiroNet GmbH, Strassburgerallee 86, CH-4055 Basel T +41 61 201 30 90, F +41 61 201 30 99 mathias.sei...@mironet.ch www.mironet.ch www.mirocloud.com ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Recommanded IOS Package for 7206VXR + NPE400 to do IPv6/BGP + AS Number 4-byte
Hi Patrick I've seen 2921 doing 150 Mbit/s mixed HTTP traffic (without many services configured and with about 50% CPU load). And yes, with the new IOS version 15 you can run full BGP and IPv6 BGP with the IP Base Feature Set. I can confirm this. Also OSPFv3 is working in IP Base. Since this is a software router it depends very much what services you configure (rpf checks etc.). Also if you get DoSed the box won't last for long. But they're pretty powerful if you consider the price. You can get it with 1.5 or 1 GBytes factory upgraded memory, 512 MB should work too, but IMHO not for long :) If you want to go a step higher consider a pair of ASR1001, but the price gap from the 2921 or even 2951 is fairly large. HTH - Mathias On 14 Jul 2011, at 16:52, Patrick Studer wrote: Hi @Manfredo/Daniele - Hmm..Already thought about perhaps switching to one of this routers. Is a 2921 really taking all (Full IPv4/IPv6 Features incl. all BGP, ASN 4-bytes) just with the regular IP Base = Part-No. CISCO2921/K9? What can we expect as maximum traffic for this configuration? @Andy/Michael - Would the SP not be sufficient. Or why should we use Advanced IP or Advanced Enterprise service? @Kurt - What are the hardware specification of your setup for you Quagga? Is Quagga able to do HSRP or something similar? How much bandwidth do you handle with that configuration? @All, is enabling of IPv6 taking that much memory, so 512 MB with two full feed and some SwissIX peering would be enough? Thanks already for your pervious answers. Kind Regards Patrick -Ursprüngliche Nachricht- Von: Manfredo Miserocchi [mailto:m...@wari.net] Gesendet: Mittwoch, 13. Juli 2011 07:34 An: Patrick Studer Cc: 'swi...@swinog.ch' Betreff: Re: [swinog] Recommanded IOS Package for 7206VXR + NPE400 to do IPv6/BGP + AS Number 4-byte Patrick, only one issue on RAM needed. NPE400 supports 512Mb, that's not enough for a full-view BGP. We better use 7301 or 2921 with 1Gb and 15.0 software. Cheers Manfredo -Original Message- From: Andy Davidson a...@nosignal.org To: Patrick Studer p.stu...@x-netconsulting.ch Cc: 'swi...@swinog.ch' swi...@swinog.ch Date: Mon, 11 Jul 2011 20:40:30 +0100 Subject: Re: [swinog] Recommanded IOS Package for 7206VXR + NPE400 to do IPv6/BGP + AS Number 4-byte On 11 Jul 2011, at 17:23, Patrick Studer wrote: We want to go a step further with our infrastructure and start testing/implementing IPv6. Has anybody here a 7206VXR + NPE400 running and doing IPv6 / Full BGP / 4-byte ASN? If yes, which IOS Version and Package do you have installed. How much memory / flash do you have installed? We currently have “only” two upstreams and some SwissIX peering. Hey Patrick. :-) I was running some 7206 in my past job, although these had an NPE-G1 or NPE-G2, with 1GB of RAM. You need Advanced IP Services or Advanced Enterprise services for v6 routing, and Multiprotocol (i.e. v4 and v6) BGP. You need 12.4(24)T, or 12.2(33)SRE1 (or later, including all 15.0) for 4 byte ASNs. So you should get away with, assuming your NPE has the storage and RAM : c7200-advipservicesk9-mz.12.2-33.SRE1 to SRE4, or c7200-advipservicesk9-mz.124-24.T5.bin. And of course, we at as6939/he.net would like to help with your v6. :-) Andy ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog Si precisa che le informazioni contenute in questo messaggio sono riservate e ad uso esclusivo del destinatario. Qualora il presente messaggio Le fosse pervenuto per errore, La invitiamo ad eliminarlo senza copiarlo ed a non inoltrarlo a terzi, dandocene gentilmente comunicazione. Grazie. You are hereby informed that this message contains confidential informations intended for the addressee's use only. If yu're not the addressee and have received this message by mistake, please delete it and immediately notify us. You may not copy or disseminate this message to anyone. Thank you. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog Mathias Seiler MiroNet GmbH, Strassburgerallee 86, CH-4055 Basel T +41 61 201 30 90, F +41 61 201 30 99 mathias.sei...@mironet.ch www.mironet.ch ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Experience with 6rd Hardware
Hi If you count Cisco 800 Series routers to SOHO hardware … It works with the latest IOS (15.1(4)M) I'm currently running it at home[1] via Swisscom VDSL (without issues so far except some firewall stuff, but nothing serious). If you're interested I'll share the relevant configuration. Cheers! [1] CISCO881W-GN-E-K9 On 6 Jun 2011, at 09:57, Adrian Kägi wrote: Hy List Does anybody have experience with 6rd capable soho hardware? Which manufacturer does already support 6rd? E.g. Fritzbox... Freundliche Grüsse Adrian Kägi System Engineering Teamleiter ZAPP AG Bahnhofstr. 28, 3076 Worb Telefon +41 31 710 34 23 Fax +41 31 710 34 25 adrian.ka...@medianet.ch http://www.zapp.ch Surfen ohne Grenzen ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog Mathias Seiler MiroNet GmbH, Strassburgerallee 86, CH-4055 Basel T +41 61 201 30 90, F +41 61 201 30 99 mathias.sei...@mironet.ch www.mironet.ch ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Virtualization for Webhosters / OpenVZ
Hi Philip Viktor's advice really sums it up. Since this is a network operator's list, I'll dig a little bit more into the network part: You probably want to invest some time to separate the network, implement QoS, configure firewalls and design for redundancy (also first hop redundancy such as HSRP), especially if you use IP based storage on a shared network, depending on how reliable and secure you want your network to be. Also if you grant control of the network interface to your clients (be it virtual or not) you probably want to take a look at private VLANs, ARP inspection, IP source guard and DHCP snooping or similar techniques to secure your network and prevent IP address waste. Bear in mind that you may loose some functionality with such virtualization technologies like IPSec VPNs inside virtual containers ... Oh and don't forget IPv6 :) Regards - Mathias On 4 May 2011, at 11:03, Philip Iezzi wrote: Hi As a small web hosting provider we are planning to switch from physical-only servers to virtualization. So far, our favorite virtualization platform is OpenVZ under Debian Squeeze. We might consider running Proxmox as host system but prefer sticking with plain Debian (even though the future of the OpenVZ-kernel is not guaranteed). Our main goals: hardware independency, reliability, maintenance (single kernel virtualization), power efficiency (reduce number of physical servers), cost. We're looking for a Swiss hosting provider who is actively using such a single kernel virtualization technology. What's your experience with OpenVZ? How about resource separation of containers (VPS)? Have you got any experience running complete containers off a NFS-mounted NAS/SAN? How about performance in a web hosting environment with resource peaks on various servers? We would greatly appreciate if anybody could share his experience with OpenVZ (or similar single-kernel virtualization) and get in touch with us for some consulting. Thanks. Regards, Philip -- DATENPARK Badenerstrasse 69, Postfach CH-8026 Zürich Tel +41 44 299 33 66 Fax +41 44 299 33 91 i...@datenpark.ch www.datenpark.ch ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog Mathias Seiler MiroNet GmbH, Strassburgerallee 86, CH-4055 Basel T +41 61 201 30 90, F +41 61 201 30 99 mathias.sei...@mironet.ch www.mironet.ch ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
[swinog] Orange Mobile, HTTP, AS49983
Hi List I'm asking the list because someone might have experienced the same problems as we do atm. It looks like Orange Mobile customers are denied access via HTTP to one of our (AS49983) prefixes and it very much looks like there's some sort of proxy in between blocking these requests. They always get a HTTP 403 error but according to Apache logs and tcpdump this clearly isn't generated by our servers. This doesn't happen on our other prefixes though, just 109.71.96.0/21 Has someone else perhaps seen this or a similar problem in the past with AS15796 / AS5511 ? Does anyone know the correct contact at Orange for things like this? If so please contact me off-list. Kind Regards Mathias Seiler MiroNet GmbH, Strassburgerallee 86, CH-4055 Basel T +41 61 201 30 90, F +41 61 201 30 99 mathias.sei...@mironet.ch www.mironet.ch ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] IPv6 usage statistics for Switzerland
Have a look at RIPE Labs and INRDB: http://labs.ripe.net/content/ipv6-ripeness http://labs.ripe.net/node/45/ They have a lot of historical data. This may be useful to you. Cheers On 12 May 2010, at 12:02, Thomas Kernen wrote: Has anyone been collecting data points related to service providers in Switzerland providing IPv6 services? I'm trying to pull together a slide on the growth of v6 services in the country. Hence I'm looking for the following information (if available): - First commercial v6 transit service (any carrier with a POP in CH) - First commercial v6 service to customers (enterprise or end user) - First commercial 6RD DSL service over BBCS - First commercial 6RD DSL service over unbundled copper - First commercial native v6 DSL service over BBCS - First commercial native v6 DSL service over unbundled copper If anyone also has a data on the usage of v6 (vs. v4) in Switzerland I would appreciate it. Thanks, Thomas ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog Mathias Seiler MiroNet GmbH, Strassburgerallee 86, CH-4055 Basel T +41 61 201 30 90, F +41 61 201 30 99 mathias.sei...@mironet.ch www.mironet.ch smime.p7s Description: S/MIME cryptographic signature ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] ProLiant Debian
Hi On 18 Feb 2010, at 14:10, Tonnerre Lombard wrote: Salut, On Mon, 15 Feb 2010 04:33:03 -0800 (PST), Stanislav Sinyagin ssinya...@yahoo.com wrote: with sunoracle servers, you end up with disk bays that are difficult to buy if you need to increase the disk capacity. And the original Sun disks cost a fortune. That is so not true! Even if you buy a Sun Fire with 0 hard disks you still get all drive bays along with the server so you can mount your own disks in a minute. Last time I checked, I received just dummy-bays (not really what one needs to mount own drives). You can still buy the cheapest hard drive (so you get a bay) and swap the disk though :) Cheers Tonnerre ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog Mathias Seiler MiroNet GmbH, Strassburgerallee 86, CH-4055 Basel T +41 61 201 30 90, F +41 61 201 30 99 mathias.sei...@mironet.ch www.mironet.ch smime.p7s Description: S/MIME cryptographic signature ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] ProLiant Debian
Hi Benjamin :) Try Sun gear, pardon Oracle servers. I remember they once wanted to start with official Debian support on these machines. They even are certified for Ubuntu: http://www.ubuntu.com/partners/sun Regards On 15 Feb 2010, at 09:41, Schlageter Benjamin wrote: Hi everybody Has someone any experiences with Debian on a ProLiant 120 and/or 160? I'm searching some cheap server for monitoring and our old Dell PE 1950 is an ass full of pain with Debian. :( Cheers Benjamin ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog Mathias Seiler MiroNet GmbH, Strassburgerallee 86, CH-4055 Basel T +41 61 201 30 90, F +41 61 201 30 99 mathias.sei...@mironet.ch www.mironet.ch smime.p7s Description: S/MIME cryptographic signature ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog