[swinog] Re: Mails from Proton to Outlook land in spam

[Patrick Studer via swinog]

Hi Mat

Probably top-level .xyz is a bad choice. At least in the past, those domains 
was source of only spam, so we decided at some point to block all of .xyz 
domains (sure not best practice, but since we only filter for ourself and know 
our customers, we never had any customer using .xyz domain).

So, probably Microsoft give .xyz pre-score which is bad and if something else 
is bad, then your mail will end up in spam filter as well.

Just an idea.

Kind Regards

Patrick Studer

> Am 06.11.2023 um 10:15 schrieb sygon--- via swinog :
> 
> You could try some of the options listed here for troubleshooting: 
> https://learn.microsoft.com/en-us/exchange/troubleshoot/email-delivery/email-delivery-issues
>  
> <https://learn.microsoft.com/en-us/exchange/troubleshoot/email-delivery/email-delivery-issues>
> 
> Best,
> Attila
> 
> On Thu, Nov 2, 2023 at 4:37 PM Mat Kowalski via swinog - swinog at 
> lists.swinog.ch <http://lists.swinog.ch/> 
>  <mailto:swinog_at_lists_swinog_ch_tpveug...@simplelogin.co>> wrote:
> And I realized it's silly to hide domains, so here it goes
> 
> * sender domain - kowalski.xyz <http://kowalski.xyz/>
> * recipient domain where the problem was first observed - amag.ch 
> <http://amag.ch/>
> * my 2nd domain which reproduces the problem - microsoft365.kowalski.xyz 
> <http://microsoft365.kowalski.xyz/>
> 
> Cheers!
> 
> On 02/11/2023 16:17, Mat Kowalski wrote:
> > Hi all,
> > 
> > I wonder if someone could point me in a correct direction for debugging 
> > mails between Proton and Outlook landing in spam... What happens is
> > 
> > * my domain XXX plugged to mail.protonmail.ch <http://mail.protonmail.ch/>.
> > * my 2nd domain YYY plugged to mail.protection.outlook.com 
> > <http://mail.protection.outlook.com/>.
> > * every mail sent from Proton to Outlook lands in spam
> > * headers as seen by Outlook indicate SCL score 5
> > 
> > The content I use for the test is not anything synthetic but a real 
> > message. In the headers I can also see that the "basic configuration" is 
> > correct, i.e.
> > 
> > * SPF passed
> > * DKIM passed
> > * DMARC passed
> > 
> > so this gives no useful information sadly. Maybe someone here has 
> > experience with debugging Microsoft? The issue is that this makes my 
> > private mailbox unusable as whoever out there uses Outlook as their mail 
> > service is not getting my emails. Quite sick...
> > 
> > Thanks a lot for any help,
> > Mateusz
> 
> ___
> swinog mailing list -- swinog@lists.swinog.ch <mailto:swinog@lists.swinog.ch>
> To unsubscribe send an email to swinog-le...@lists.swinog.ch 
> <mailto:swinog-le...@lists.swinog.ch>
> 
> ___
> swinog mailing list -- swinog@lists.swinog.ch
> To unsubscribe send an email to swinog-le...@lists.swinog.ch

___
swinog mailing list -- swinog@lists.swinog.ch
To unsubscribe send an email to swinog-le...@lists.swinog.ch

[swinog] Re: How to destroy data effectively?

[Patrick Studer via swinog]

Hi

We recommend remove them from computers and bring them to a company named 
Reisswolf (to professional shred them).

Regards

Patrick

**
X-NetConsulting GmbH Internet   http://www.x-netconsulting.ch 

Mischelistrasse 29   E-Mail p.stu...@x-netconsulting.ch 

CH-4153 Reinach  Telefon+41 61 315 85 55
**



> Am 02.12.2022 um 15:51 schrieb Martin Ebnoether via swinog 
> :
> 
> Hi all.
> 
> As some of you know, I work at a money laund... financial
> company. Some time ago, the question arose, how to effectively
> destroy data safely and securely in an easy way?
> 
> How does your company deal with hard disks (or any media) that
> needs to be decommissioned? Do you just dd a few times over it?
> Or rather let a professional company shred your media to little
> bits?
> 
> CU, Venty
> 
> -- 
> 10 PRINT "BASIC programmers don't die."
> 20 PRINT "They just GOSUB without RETURN."
> 30 END
> READY.
> ___
> swinog mailing list -- swinog@lists.swinog.ch
> To unsubscribe send an email to swinog-le...@lists.swinog.ch



smime.p7s
Description: S/MIME cryptographic signature
___
swinog mailing list -- swinog@lists.swinog.ch
To unsubscribe send an email to swinog-le...@lists.swinog.ch

[swinog] IPv4 /21 for sale

[Patrick Studer]

Hi

If anyone is interested in an IPv4 /21, please let me know and sent me a pm 
with an offer.

Regards

Patrick 

**
X-NetConsulting GmbH Internet   http://www.x-netconsulting.ch 

Mischelistrasse 29   E-Mail p.stu...@x-netconsulting.ch 

CH-4153 Reinach  Telefon+41 61 315 85 55
**





smime.p7s
Description: S/MIME cryptographic signature

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] mirror.switch.ch to be closed down

[Patrick Studer]

That’s really sad. Unfortunately, they don’t mentioned exactly, why they are 
going to shutdown service. Or is the outdated Sun Hardware the reason for the 
shutdown.

As longterm user of the SwitchMirror, I would be glad to contribute in some 
ways, to help this (or something similar) service stays there.

If Community supported, it would be nice to have some figures (bandwidth, disk 
space, etc. etc.).

Just let me know, when my help is needed.

Kind Regards

Patrick Studer
X-NetConsulting

> Am 22.08.2018 um 15:40 schrieb Fredy Kuenzler :
> 
> SWITCH announced that they plan to close down mirror.switch.ch. See
> announcement http://mirror.switch.ch/
> 
> I personally think this is very sad. In the name of the community I
> would like to thank SWITCH for their support over all these years.
> 
> However I would like to start the discussion how we can keep
> mirror.switch.ch alive as a community effort.
> 
> Can the decision makers at SWITCH please explain the preconditions?
> Funding for new hardware? Throw in some bandwidth? Colocation? Server
> management?
> 
> Please discuss.
> 
> -- 
> Fredy Kuenzler
> Init7
> 
> 
> ___
> swinog mailing list
> swinog@lists.swinog.ch
> http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog



smime.p7s
Description: S/MIME cryptographic signature

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

[swinog] VDSL Standards behind BBCS Profile > 100 Mbit/s

[Patrick Studer]

Hi

Today, we had a customer with a line upgrade. Before the upgrade, he had a 
naked VDSL 20/2. After Swisscom attached Building to the Fibre (FTTB), the are 
able to order max. 500/120. Fibre is only in the basement of the building, 
where it’s „converted“ to copper. It did see the Swisscom equipment, and it 
looks like the equipment, they normally put in the street curb.

They order an upgrade to 300/60. Current Equipment „only“ Support VDSL Profile 
17a (which maxout around 100 Mbit/s downstream).

ISP tell us, they can setup a profile 17a or VDSL Fast/G.Fast. But G.Fast isn’t 
VDSL (I know about this new standard/successor for VDSL). But never heard about 
VDSL Fast and could find anything on the internet or in device specification 
from Cisco/Zyxel.

IMHO, VDSL is normally reference by ITU G.993.x or profiles like 17a, 30a, 35b 
etc.).

Even the BBCS Approved List isn’t very specific. It only mention VDSL2 and 
V-VDSL2.

To be able to offer the right device, we should know the exact standard behind 
this 300/60 Profile (G. Fast or VDSL Profile 35b or something else).

So, I hoped, someone from the swinog could perhaps help.

Thanks for you inputs.

Kind Regards

Patrick Studer

**
X-NetConsulting GmbH Internet   http://www.x-netconsulting.ch 
<http://www.x-netconsulting.ch/>
Mischelistrasse 29   E-Mail p.stu...@x-netconsulting.ch 
<mailto:p.stu...@x-netconsulting.ch>
CH-4153 Reinach  Telefon+41 61 315 85 55
Schweiz  Fax+41 61 315 85 59
**



smime.p7s
Description: S/MIME cryptographic signature

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Rack mounting Switch/Routers in Cold and Hot Isle DC

[Patrick Studer]

Hi

Thanks for all the input.

Unfortunately, my questions seems not to be clear enough.

I know, how to solve the issue. 

I just wanted to know, if anybody is strictly following the best practice
for the airflow or if some ignore the best practice in place for a proper
cabling (and perhaps just leaves an additional U free for airflow)?

Or in other words, which option count more (better airflow vs. nice/easy
cabling).

Kind regards

Patrick Studer


**
X-NetConsulting GmbH Internet  
http://www.x-netconsulting.ch
Nauenstrasse 49  E-Mail p.stu...@x-netconsulting.ch
CH-4052 Basel    Telefon    +41 61 315 85 55
Schweiz  Fax    +41 61 315 85 59

**


-Ursprüngliche Nachricht-
Von: swinog-boun...@lists.swinog.ch [mailto:swinog-boun...@lists.swinog.ch]
Im Auftrag von Gregor Riepl
Gesendet: Donnerstag, 4. August 2016 23:16
An: swinog@lists.swinog.ch
Betreff: Re: [swinog] Rack mounting Switch/Routers in Cold and Hot Isle DC

> How to you solve this issue?

The easiest solution, if there is no fancy (i.e. software controlled) way to
reverse fan flow:

Just open the switch, unscrew the fans, turn them around and remount them.

Our network engineer did that countless times, and it always works.

No need to spend heaps of $$$ on hardware with the "correct" flow direction.


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


smime.p7s
Description: S/MIME cryptographic signature

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

[swinog] Rack mounting Switch/Routers in Cold and Hot Isle DC

[Patrick Studer]

Hi

 

I'm interested, how swinog members mount their (switch/router/firewall)
equipment in a hot/cold isle environment. 

 

In theory, one should mount the switches/routers in front (toward cold isle)
of the rack to have an optimal airflow, but then cabling get a little bit
messy.

 

If this type of equipment is mounted in the back (toward hot isle), the
cabling can be done much cleaner, but the airflow isn't optimal and in worst
case, switches and routes take in hot air from other devices.

 

How to you solve this issue?

 

Thanks for you valuable input.

 

Kind regards

 

Patrick Studer

 


**

X-NetConsulting GmbH Internet
<http://www.x-netconsulting.ch/> http://www.x-netconsulting.ch

Nauenstrasse 49  E-Mail
<mailto:p.stu...@x-netconsulting.ch> p.stu...@x-netconsulting.ch

CH-4052 BaselTelefon+41 61 315 85 55

Schweiz  Fax+41 61 315 85 59


**

 



smime.p7s
Description: S/MIME cryptographic signature

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

[swinog] SwiNOG #27?

[Patrick Studer]

Hi
 
Did see any information in the mailing list, if SwiNOG #27 is held or not.
Since there isn't any information on the Website either, I assume, it will
not be held. Am I correct?
 
Kind Regards
 
Patrick Studer
 

**
X-NetConsulting GmbH Internet
http://www.x-netconsulting.ch/ http://www.x-netconsulting.ch
Nauenstrasse 49  E-Mail
mailto:p.stu...@x-netconsulting.ch p.stu...@x-netconsulting.ch
CH-4052 BaselTelefon+41 61 315 85 55
Schweiz  Fax+41 61 315 85 59

**
 


smime.p7s
Description: S/MIME cryptographic signature

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Recommanded IOS Package for 7206VXR + NPE400 to do IPv6/BGP + AS Number 4-byte

[Patrick Studer]

Hi Mathias

Thank you for you Feedback. It seems to be a good alternative to our currently 
installed VXR7206 with NPE-400.

Also, if I look on the performance Sheet from Cisco, where the 2921 even 
outperform the NPE-400 a little bit.

I think, we will take a deeper look in this solutions. 

Thanks you again.

Kind Regards

Patrick

PS: Hope your installation work at EBM, which you have done about 2 weeks ago, 
went well ;-)


-Ursprüngliche Nachricht-
Von: Mathias Seiler [mailto:mathias.sei...@mironet.ch] 
Gesendet: Donnerstag, 14. Juli 2011 17:24
An: Patrick Studer
Cc: 'swi...@swinog.ch'
Betreff: Re: [swinog] Recommanded IOS Package for 7206VXR + NPE400 to do 
IPv6/BGP + AS Number 4-byte

Hi Patrick

I've seen 2921 doing 150 Mbit/s mixed HTTP traffic (without many services 
configured and with about 50% CPU load). And yes, with the new IOS version 15 
you can run full BGP and IPv6 BGP with the IP Base Feature Set. I can confirm 
this. Also OSPFv3 is working in IP Base.

Since this is a software router it depends very much what services you 
configure (rpf checks etc.). Also if you get DoSed the box won't last for long. 
But they're pretty powerful if you consider the price. You can get it with 1.5 
or 1 GBytes factory upgraded memory, 512 MB should work too, but IMHO not for 
long :)

If you want to go a step higher consider a pair of ASR1001, but the price gap 
from the 2921 or even 2951 is fairly large.


HTH
- Mathias

On 14 Jul 2011, at 16:52, Patrick Studer wrote:

 Hi
 
 @Manfredo/Daniele - Hmm..Already thought about perhaps switching to 
 one of this routers. Is a 2921 really taking all (Full IPv4/IPv6 Features 
 incl. all BGP, ASN 4-bytes) just with the regular IP Base = Part-No. 
 CISCO2921/K9?
 What can we expect as maximum traffic for this configuration?
 
 @Andy/Michael - Would the SP not be sufficient. Or why should we use Advanced 
 IP or Advanced Enterprise service?
 
 @Kurt - What are the hardware specification of your setup for you 
 Quagga? Is Quagga able to do HSRP or something similar? How much bandwidth do 
 you handle with that configuration?
 
 @All, is enabling of IPv6 taking that much memory, so 512 MB with two 
 full feed and some SwissIX peering would be enough?
 
 Thanks already for your pervious answers.
 
 Kind Regards
 
 Patrick
 
 -Ursprüngliche Nachricht-
 Von: Manfredo Miserocchi [mailto:m...@wari.net]
 Gesendet: Mittwoch, 13. Juli 2011 07:34
 An: Patrick Studer
 Cc: 'swi...@swinog.ch'
 Betreff: Re: [swinog] Recommanded IOS Package for 7206VXR + NPE400 to 
 do IPv6/BGP + AS Number 4-byte
 
 
 Patrick,
 
 only one issue on RAM needed. NPE400 supports 512Mb, that's not enough for a 
 full-view BGP. We better use 7301 or 2921 with 1Gb and 15.0 software.
 
 Cheers
 Manfredo
 
 -Original Message-
 From: Andy Davidson a...@nosignal.org
 To: Patrick Studer p.stu...@x-netconsulting.ch
 Cc: 'swi...@swinog.ch' swi...@swinog.ch
 Date: Mon, 11 Jul 2011 20:40:30 +0100
 Subject: Re: [swinog] Recommanded IOS Package for 7206VXR + NPE400 to 
 do IPv6/BGP + AS Number 4-byte
 
 
 On 11 Jul 2011, at 17:23, Patrick Studer wrote:
 
 We want to go a step further with our infrastructure and start 
 testing/implementing IPv6.
 
 Has anybody here a 7206VXR + NPE400 running and doing IPv6 / Full 
 BGP / 4-byte ASN? If yes, which IOS Version and Package do you have 
 installed. How much memory / flash do you have installed?
 
 We currently have only two upstreams and some SwissIX peering.
 
 Hey Patrick. :-)
 
 I was running some 7206 in my past job, although these had an NPE-G1 or 
 NPE-G2, with 1GB of RAM.
 
 You need Advanced IP Services or Advanced Enterprise services for v6 
 routing, and Multiprotocol (i.e. v4 and v6) BGP.
 You need 12.4(24)T, or 12.2(33)SRE1 (or later, including all 15.0) for 4 
 byte ASNs.
 
 So you should get away with, assuming your NPE has the storage and 
 RAM
 :  c7200-advipservicesk9-mz.12.2-33.SRE1 to SRE4, or 
 c7200-advipservicesk9-mz.124-24.T5.bin.
 
 And of course, we at as6939/he.net would like to help with your v6. 
 :-)
 
 Andy
 
 ___
 swinog mailing list
 swinog@lists.swinog.ch
 http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
 
 
 
 
 Si precisa che le informazioni contenute in questo messaggio sono riservate e 
 ad uso esclusivo del destinatario. Qualora il presente messaggio Le fosse 
 pervenuto per errore, La invitiamo ad eliminarlo senza copiarlo ed a non 
 inoltrarlo a terzi, dandocene gentilmente comunicazione. Grazie.
 
 You are hereby informed that this message contains confidential informations 
 intended for the addressee's use only. If yu're not the addressee and have 
 received this message by mistake, please delete it and immediately notify us. 
 You may not copy or disseminate this message to anyone. Thank you.
 
 
 
 
 
 ___
 swinog mailing list
 swinog@lists.swinog.ch
 http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Recommanded IOS Package for 7206VXR + NPE400 to do IPv6/BGP + AS Number 4-byte

[Patrick Studer]

Hi Daniele

Thanks for your real work sample. As I already written to Mathias, I really 
think, you should take
a deeper look on switching perhaps to two 2921 (side effect will be, that we 
will will a little
bit of Rackspace ;-).

Kind Regards

Patrick 

-Ursprüngliche Nachricht-
Von: swinog-boun...@lists.swinog.ch [mailto:swinog-boun...@lists.swinog.ch] Im 
Auftrag von Guazzoni Daniele, CH
Gesendet: Donnerstag, 14. Juli 2011 20:08
An: 'swi...@swinog.ch'
Betreff: Re: [swinog] Recommanded IOS Package for 7206VXR + NPE400 to do 
IPv6/BGP + AS Number 4-byte

We have 4 x 2921 as frontend BGP routers carring 100 Mbps average with full BGP 
table @ v4 / v6.
With 1 GB RAM and a lean straight configuration the CPU load is topping at 18%.

Regarding the memory for full-table BGP:
With 512 M in total you will run really short (depending how much is reserved 
for I/O, buffers, ...).
With 1G you still have plenty of space to be filled with v6 prefixes :-)

Daniele

-Original Message-
From: swinog-boun...@lists.swinog.ch [mailto:swinog-boun...@lists.swinog.ch] On 
Behalf Of Patrick Studer
Sent: Donnerstag, 14. Juli 2011 16:52
To: 'swi...@swinog.ch'
Subject: Re: [swinog] Recommanded IOS Package for 7206VXR + NPE400 to do 
IPv6/BGP + AS Number 4-byte

Hi

@Manfredo/Daniele - Hmm..Already thought about perhaps switching to one of this 
routers. Is a 2921 really taking all (Full IPv4/IPv6 Features incl. all BGP, 
ASN 4-bytes) just with the regular IP Base = Part-No. CISCO2921/K9?
What can we expect as maximum traffic for this configuration?

@Andy/Michael - Would the SP not be sufficient. Or why should we use Advanced 
IP or Advanced Enterprise service?

@Kurt - What are the hardware specification of your setup for you Quagga? Is 
Quagga able to do HSRP or something similar? How much bandwidth do you handle 
with that configuration?

@All, is enabling of IPv6 taking that much memory, so 512 MB with two full feed 
and some SwissIX peering would be enough?

Thanks already for your pervious answers.

Kind Regards

Patrick

-Ursprüngliche Nachricht-
Von: Manfredo Miserocchi [mailto:m...@wari.net]
Gesendet: Mittwoch, 13. Juli 2011 07:34
An: Patrick Studer
Cc: 'swi...@swinog.ch'
Betreff: Re: [swinog] Recommanded IOS Package for 7206VXR + NPE400 to do 
IPv6/BGP + AS Number 4-byte


Patrick,

only one issue on RAM needed. NPE400 supports 512Mb, that's not enough for a 
full-view BGP. We better use 7301 or 2921 with 1Gb and 15.0 software.

Cheers
Manfredo

-Original Message-
From: Andy Davidson a...@nosignal.org
To: Patrick Studer p.stu...@x-netconsulting.ch
Cc: 'swi...@swinog.ch' swi...@swinog.ch
Date: Mon, 11 Jul 2011 20:40:30 +0100
Subject: Re: [swinog] Recommanded IOS Package for 7206VXR + NPE400 to do 
IPv6/BGP + AS Number 4-byte


 On 11 Jul 2011, at 17:23, Patrick Studer wrote:

  We want to go a step further with our infrastructure and start 
  testing/implementing IPv6.
 
  Has anybody here a 7206VXR + NPE400 running and doing IPv6 / Full 
  BGP / 4-byte ASN? If yes, which IOS Version and Package do you have 
  installed. How much memory / flash do you have installed?
 
  We currently have “only” two upstreams and some SwissIX peering.

 Hey Patrick. :-)

 I was running some 7206 in my past job, although these had an NPE-G1 or 
 NPE-G2, with 1GB of RAM.

 You need Advanced IP Services or Advanced Enterprise services for v6 routing, 
 and Multiprotocol (i.e. v4 and v6) BGP.
 You need 12.4(24)T, or 12.2(33)SRE1 (or later, including all 15.0) for 4 byte 
 ASNs.

 So you should get away with, assuming your NPE has the storage and RAM
 :  c7200-advipservicesk9-mz.12.2-33.SRE1 to SRE4, or 
 c7200-advipservicesk9-mz.124-24.T5.bin.

 And of course, we at as6939/he.net would like to help with your v6.
 :-)

 Andy

 ___
 swinog mailing list
 swinog@lists.swinog.ch
 http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog




Si precisa che le informazioni contenute in questo messaggio sono riservate e 
ad uso esclusivo del destinatario. Qualora il presente messaggio Le fosse 
pervenuto per errore, La invitiamo ad eliminarlo senza copiarlo ed a non 
inoltrarlo a terzi, dandocene gentilmente comunicazione. Grazie.

You are hereby informed that this message contains confidential informations 
intended for the addressee's use only. If yu're not the addressee and have 
received this message by mistake, please delete it and immediately notify us. 
You may not copy or disseminate this message to anyone. Thank you.





___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

This e-mail, any associated files and the information contained in them are 
confidential and is intended for the addressee(s) only. If you have received 
this message in error please notify the originator and delete the email 
immediately. The unauthorised use, disclosure, copying or alteration

Re: [swinog] Recommanded IOS Package for 7206VXR + NPE400 to do IPv6/BGP + AS Number 4-byte

[Patrick Studer]

Hi

@Manfredo/Daniele - Hmm..Already thought about perhaps switching to one of this 
routers. Is a 2921
really taking all (Full IPv4/IPv6 Features incl. all BGP, ASN 4-bytes) just 
with the regular IP Base = Part-No. CISCO2921/K9?
What can we expect as maximum traffic for this configuration?

@Andy/Michael - Would the SP not be sufficient. Or why should we use Advanced 
IP or Advanced Enterprise service?

@Kurt - What are the hardware specification of your setup for you Quagga? Is 
Quagga able to do HSRP or something
similar? How much bandwidth do you handle with that configuration?

@All, is enabling of IPv6 taking that much memory, so 512 MB with two full feed 
and some SwissIX peering would
be enough?

Thanks already for your pervious answers.

Kind Regards

Patrick

-Ursprüngliche Nachricht-
Von: Manfredo Miserocchi [mailto:m...@wari.net] 
Gesendet: Mittwoch, 13. Juli 2011 07:34
An: Patrick Studer
Cc: 'swi...@swinog.ch'
Betreff: Re: [swinog] Recommanded IOS Package for 7206VXR + NPE400 to do 
IPv6/BGP + AS Number 4-byte


Patrick,

only one issue on RAM needed. NPE400 supports 512Mb, that's not enough for a 
full-view BGP. We better use 7301 or 2921 with 1Gb and 15.0 software.

Cheers
Manfredo

-Original Message-
From: Andy Davidson a...@nosignal.org
To: Patrick Studer p.stu...@x-netconsulting.ch
Cc: 'swi...@swinog.ch' swi...@swinog.ch
Date: Mon, 11 Jul 2011 20:40:30 +0100
Subject: Re: [swinog] Recommanded IOS Package for 7206VXR + NPE400 to do 
IPv6/BGP + AS Number 4-byte

 
 On 11 Jul 2011, at 17:23, Patrick Studer wrote:
 
  We want to go a step further with our infrastructure and start 
  testing/implementing IPv6.
   
  Has anybody here a 7206VXR + NPE400 running and doing IPv6 / Full 
  BGP / 4-byte ASN? If yes, which IOS Version and Package do you have 
  installed. How much memory / flash do you have installed?
   
  We currently have “only” two upstreams and some SwissIX peering.
 
 Hey Patrick. :-)
 
 I was running some 7206 in my past job, although these had an NPE-G1 or 
 NPE-G2, with 1GB of RAM.
 
 You need Advanced IP Services or Advanced Enterprise services for v6 routing, 
 and Multiprotocol (i.e. v4 and v6) BGP.
 You need 12.4(24)T, or 12.2(33)SRE1 (or later, including all 15.0) for 4 byte 
 ASNs.
 
 So you should get away with, assuming your NPE has the storage and RAM 
 :  c7200-advipservicesk9-mz.12.2-33.SRE1 to SRE4, or 
 c7200-advipservicesk9-mz.124-24.T5.bin.
 
 And of course, we at as6939/he.net would like to help with your v6. 
 :-)
 
 Andy
 
 ___
 swinog mailing list
 swinog@lists.swinog.ch
 http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
 
 


Si precisa che le informazioni contenute in questo messaggio sono riservate e 
ad uso esclusivo del destinatario. Qualora il presente messaggio Le fosse 
pervenuto per errore, La invitiamo ad eliminarlo senza copiarlo ed a non 
inoltrarlo a terzi, dandocene gentilmente comunicazione. Grazie.

You are hereby informed that this message contains confidential informations 
intended for the addressee's use only. If yu're not the addressee and have 
received this message by mistake, please delete it and immediately notify us. 
You may not copy or disseminate this message to anyone. Thank you.





___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

[swinog] Recommanded IOS Package for 7206VXR + NPE400 to do IPv6/BGP + AS Number 4-byte

[Patrick Studer]

Hi
 
We want to go a step further with our infrastructure and start 
testing/implementing IPv6.
 
Has anybody here a 7206VXR + NPE400 running and doing IPv6 / Full BGP / 4-byte 
ASN? If yes, which
IOS Version and Package do you have installed. How much memory / flash do you 
have installed?
 
We currently have “only” two upstreams and some SwissIX peering. 
 
Any help would be appreciated.
 
Kind Regards
 
Patrick Studer
 
**
X-NetConsulting GmbH Internet   http://www.x-netconsulting.ch
Grosspeterstrasse 21 E-Mail p.stu...@x-netconsulting.ch
CH-4052 BaselTelefon+41 61 315 85 55
Schweiz  Fax+41 61 315 85 59
**
 
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

[swinog] IronPort E-Mail Reputation

[Patrick Studer]

Hi

Some day ago, a account of our mail server has been misused
to sent out some thousand of spam mails. 

This could happen, because the spammer which misused the account
logged in from different IPs (botnet?) over the whole world. Every time, he
successfully (smtp) authenticated, he sent out a couple of mails
(about 20-30). Then he disconnected and reconnected after 1-2 minutes
from an other IP and sent again some 20-30 mails. This has been done
for some hours, which generated some thousand of SPAM mails.

Since this started Friday night and was just discovered yesterday, we
was listed on one blacklist. We changed the password of the misused account
and removed our server from this blacklist.

We already was happy, that it's just was that simple, but we was
to fast.

We got then complains, that some mail system still block our mail server. After
some investigation, we found out, that this mail system or mail gateways are
base on Cisco IronPort. First at all, this system didn't response with a
clear response (Something like 5.7.1 Your access to submit messages to this
e-mail system has been rejected, isn't really helpful for an mail admin to
find out why his email get blocked.)

After we found out, that all this boxes are Ironport Boxes, we was pointed
to the www.senderbase.org. But this site isn't very helpful. You can find
out that your mail server has a bad email reputation, but that's it. A
link to SpamCop on the webpage isn't helpful either, since we aren’t listed
in their blacklist.

The only e-mail address on the webpage seem not to be the contact for
when you have a bad e-mail reputation. 

We thought, perhaps the Score will fall down over 24 hours, but that's
not the case.

So, we tried to get some help from the cisco ironport support. There
answer wasn't very helpful either. They told us, that senderbase.org
is a complete other company and they don't have any contact and
we should try their website www.senderbase.org. Otherwise, if we don't
have a IronPort box, they will not help us.

Now, the question is, what can we do, do get our mails delivered to
this ironport boxes?

We really take care, to do all against be used for spamming or to
be known as a good source for mails (spf, dkim, smtp-auth,
tarpiting, etc.etc.).

We think, that this reputation system isn't that great. We have one
issue and get blocked for several days (or weeks) without an option
to take care about the situation.

Any help or suggestion would be appreciated!

Kind Regards

Patrick Studer

**
X-NetConsulting GmbH Internet   http://www.x-netconsulting.ch
Grosspeterstrasse 21 E-Mail p.stu...@x-netconsulting.ch
CH-4052 BaselTelefon+41 61 315 85 55
Schweiz  Fax+41 61 315 85 59
**






___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] IronPort E-Mail Reputation

[Patrick Studer]

Hi Mickey
 
That is what we already thinking about, to implement a second server on a 
different ip. At the other
hand, I don’t think that’s way I want to go. 
 
Since this is the first time within some years, I will check, if there is an 
other way to solve this issue.
 
Kind Regards
 
Patrick Studer
 
**
X-NetConsulting GmbH Internet   http://www.x-netconsulting.ch
Grosspeterstrasse 21 E-Mail p.stu...@x-netconsulting.ch
CH-4052 BaselTelefon+41 61 315 85 55
Schweiz  Fax+41 61 315 85 59
**
 
Von: swinog-boun...@lists.swinog.ch [mailto:swinog-boun...@lists.swinog.ch] Im 
Auftrag von Mickey Coggins
Gesendet: Mittwoch, 23. Juni 2010 15:46
An: Patrick Studer
Cc: swi...@swinog.ch
Betreff: Re: [swinog] IronPort E-Mail Reputation
 
Hi Patrick,

My suggestion is to have a pool of IP addresses you can use for your mail 
servers so that when this happens, you can change the DNS entries and simply 
stop using the IP address(es) with the bad reputation.

I have been told that this is what most of the big boys like MessageLabs do.

Trying to get all the reputation services to see you as a good guy again is 
really painful, and sometimes expensive.

Just don't forget to have a valid forward/reverse DNS entry for all your mail 
servers.

Regards,
Mickey


On Wed, Jun 23, 2010 at 15:33, Patrick Studer p.stu...@x-netconsulting.ch 
wrote:
Hi

Some day ago, a account of our mail server has been misused
to sent out some thousand of spam mails.

This could happen, because the spammer which misused the account
logged in from different IPs (botnet?) over the whole world. Every time, he
successfully (smtp) authenticated, he sent out a couple of mails
(about 20-30). Then he disconnected and reconnected after 1-2 minutes
from an other IP and sent again some 20-30 mails. This has been done
for some hours, which generated some thousand of SPAM mails.

Since this started Friday night and was just discovered yesterday, we
was listed on one blacklist. We changed the password of the misused account
and removed our server from this blacklist.

We already was happy, that it's just was that simple, but we was
to fast.

We got then complains, that some mail system still block our mail server. After
some investigation, we found out, that this mail system or mail gateways are
base on Cisco IronPort. First at all, this system didn't response with a
clear response (Something like 5.7.1 Your access to submit messages to this
e-mail system has been rejected, isn't really helpful for an mail admin to
find out why his email get blocked.)

After we found out, that all this boxes are Ironport Boxes, we was pointed
to the www.senderbase.org. But this site isn't very helpful. You can find
out that your mail server has a bad email reputation, but that's it. A
link to SpamCop on the webpage isn't helpful either, since we aren’t listed
in their blacklist.

The only e-mail address on the webpage seem not to be the contact for
when you have a bad e-mail reputation.

We thought, perhaps the Score will fall down over 24 hours, but that's
not the case.

So, we tried to get some help from the cisco ironport support. There
answer wasn't very helpful either. They told us, that senderbase.org
is a complete other company and they don't have any contact and
we should try their website www.senderbase.org. Otherwise, if we don't
have a IronPort box, they will not help us.

Now, the question is, what can we do, do get our mails delivered to
this ironport boxes?

We really take care, to do all against be used for spamming or to
be known as a good source for mails (spf, dkim, smtp-auth,
tarpiting, etc.etc.).

We think, that this reputation system isn't that great. We have one
issue and get blocked for several days (or weeks) without an option
to take care about the situation.

Any help or suggestion would be appreciated!

Kind Regards

Patrick Studer

**
X-NetConsulting GmbH Internet   http://www.x-netconsulting.ch
Grosspeterstrasse 21 E-Mail p.stu...@x-netconsulting.ch
CH-4052 BaselTelefon+41 61 315 85 55
Schweiz  Fax+41 61 315 85 59
**






___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog



-- 
Mickey Coggins
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] IronPort E-Mail Reputation

[Patrick Studer]

Hi Gregory
 
Thanks for your advice. 
 
Since we don’t want sent mass of mails (excepted some newsletter with about 
50-100 addresses, which
I will not declare as mass mails), the first 3 points are perhaps overkill for 
us.
 
4)  I’ll check for.
5) This are setup correct
6) Since the spammer didn’t reconnect from the same ip, this would not help. The
 spammer connected every time from an other ip and just sent out a few 
(20-30) mails, that
 looks almost normal to the mail server.
6 II) We will check, if we can implement something like this, which will sent 
an alert to us.
7) As Rainer has written, I also think, that the password has been stolen or be 
track by
some kind of Trojan. So, strong password will note help here.
8) What do you mean, when you say Follow-up  the other reputation systems???
9) Since this only happen one time for some years, I prefer something like 6 II)
 
Blocking Port 25 would be that fine. Our customer have contact over the whole 
world, so blocking
Port 25 would be a solution. And some of the connection was coming from Italy 
or Germany, that
will even not help (IMHO this aren’t exotic countries ;-).
 
Kind Regards
 
Parick
 
 
Von: Gregory Agerba [mailto:gregory.age...@gmail.com] 
Gesendet: Mittwoch, 23. Juni 2010 16:51
An: Patrick Studer
Cc: swi...@swinog.ch
Betreff: Re: [swinog] IronPort E-Mail Reputation
 
Hi Patrick,

From my past experience delivering very often very big newsletters...

Some advices to deliver mass of mails:

1) Distribute your email out of 4-5 virtual interfaces (like Exim would let you 
do) and rotate them every x hours or/and randomly.
2) Use different domain names not only FQDNs (this is what mailchimp.com does 
to distribute their millions of emails).
3) Use specific IPs for specific large domains, like Gmail, Yahoo, Hotmail and 
rotate them every once in a while.
4) Sign-up for loopback feed and monitor the complaint box constantly. Yahoo 
and such big got that for free.
5) Ensure you have proper RDNS, SPF and DKIM setup.
6) Use iptablesand custom rulesets to block above a certain amount of SMTP 
connections per host on port 25/587.
6) Count your outgoing average email you send a day/ per hour, put some cron 
that grep/cat/wc the logs, with threshold that triggers alarms.
7) Educate your users for strong passwords.
8) Follow-up the other reputation systems like Cisco, Barracuda, Fortinet, etc..
9) Use dedicated IP for strange or doubtful clients.
10) Mind shared IPs.

You can also block port 25 from exotic countries that you do not expect to send 
you emails, but they are a liability and its quite mean.

Gregory




2010/6/23 Patrick Studer p.stu...@x-netconsulting.ch
Hi Mickey
That is what we already thinking about, to implement a second server on a 
different ip. At the other
hand, I don’t think that’s way I want to go. 
Since this is the first time within some years, I will check, if there is an 
other way to solve this issue.
Kind Regards
Patrick Studer
 
**
X-NetConsulting GmbH Internet   http://www.x-netconsulting.ch
Grosspeterstrasse 21 E-Mail p.stu...@x-netconsulting.ch
CH-4052 BaselTelefon+41 61 315 85 55
Schweiz  Fax+41 61 315 85 59
**
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Greylisting

[Patrick Studer]

Please note, that some mailservers has a default timeout of 30 seconds for smtp 
connection. So if
you go to delay the HELO/EHLO message for 30 seconds, you will probably block 
legitimate mails, because
the sending server will disconnect, caused by his timeout settings.

Patrick

-Ursprüngliche Nachricht-
Von: swinog-boun...@lists.swinog.ch [mailto:swinog-boun...@lists.swinog.ch] Im 
Auftrag von Daniel Kamm
Gesendet: Dienstag, 20. Oktober 2009 10:39
An: swi...@swinog.ch
Betreff: Re: [swinog] Greylisting

Stanislav Sinyagin wrote:
 last AprilMartin Blapp has presented a nice concept at SwiNOG:
 
 instead of greylisting, the SMTP server delays the first OK response to 
 HELO/EHLO 
 for 30 seconds. That is usually enough for the vast majority of spambots to 
 give up.

On a heavy traffic mail server, you probably run into a max session
problem when you try to hold many idle connections for 30 seconds.

  - Dan


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Follow Up Full BGP Routing Router Requirments

[Patrick Studer]

Hi Bernd

My question was, if the memory is enough. I know, that you wrote, that
for ddos problem, this solution isn't recommended. But I only want to know, 
if 512 MB is enough to hold two full routing tables and some prefixes from
swiss-ix. The router will only run bgp and some acl. Also, we will implement
some QoS.

Kind Regards

Patrick Studer

-Ursprüngliche Nachricht-
Von: Bernd SPIESS [mailto:bernd.spi...@ascus.at] 
Gesendet: Montag, 12. Oktober 2009 19:20
An: 'Patrick Studer'
Betreff: RE: [swinog] Follow Up Full BGP Routing Router Requirments

look for my mails - i would not recommend this solution - 

but of course it depends on your bandwith needs - 
for very low bandwith and no chance to hold 
a ddos you can go with this solution - no problem

bernd


-Original Message-
From: swinog-boun...@lists.swinog.ch [mailto:swinog-boun...@lists.swinog.ch] On 
Behalf Of Patrick Studer
Sent: Monday, October 12, 2009 4:42 PM
To: 'swinog@lists.swinog.ch'
Subject: [swinog] Follow Up Full BGP Routing Router Requirments

Hi

As allready requested (see our post from 17.09.), we are looking for a 
solutions, which will bring
us the possibility to be multi homed and get full routing table from two
isp and peerings to an exchange point. 

We now have an offer for an refurbished 7206VXR with NPE-400 and 512 MB Memory. 
Would that
be enough, to hold two full routing table (if needed) and peerings? We think, 
there are around
300K prefixes around know, so it should be okay? Right?

We will install two of them (each one connected to one of the upstream 
provider). Between both, we
will do IBGP. On the router, we just will have BGP, some small ACLs, perhaps 
some QoS. That's it.

The idea behind that solutions is, that if the NPE-400 wouldn't be enough in 
1-2 years, we can
just exchange the NPE-400 against a NPE-G2. Since the NPE-400 is really cheap, 
we don't lose
too much money, when we will exchange it in 1-2 years.

Thanks for any inputs.

Kind Regards

Patrick Studer


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

[swinog] Follow Up Full BGP Routing Router Requirments

[Patrick Studer]

Hi

As allready requested (see our post from 17.09.), we are looking for a 
solutions, which will bring
us the possibility to be multi homed and get full routing table from two
isp and peerings to an exchange point. 

We now have an offer for an refurbished 7206VXR with NPE-400 and 512 MB Memory. 
Would that
be enough, to hold two full routing table (if needed) and peerings? We think, 
there are around
300K prefixes around know, so it should be okay? Right?

We will install two of them (each one connected to one of the upstream 
provider). Between both, we
will do IBGP. On the router, we just will have BGP, some small ACLs, perhaps 
some QoS. That's it.

The idea behind that solutions is, that if the NPE-400 wouldn't be enough in 
1-2 years, we can
just exchange the NPE-400 against a NPE-G2. Since the NPE-400 is really cheap, 
we don't lose
too much money, when we will exchange it in 1-2 years.

Thanks for any inputs.

Kind Regards

Patrick Studer


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Full BGP Routing Router Requirements

[Patrick Studer]

Hallo Andreas
 
Besten Dank für die Infos. Wir sind gerade selber mit EBM wegen einer Lösung am 
schauen. Mal schauen
was dabei rauskommt.
 
Grüsse
 
Parick
 
**
X-NetConsulting GmbH Internet   http://www.x-netconsulting.ch
Grosspeterstrasse 21 E-Mail p.stu...@x-netconsulting.ch
CH-4052 BaselTelefon+41 61 315 85 55
Schweiz  Fax+41 61 315 85 59
**
 
Von: Andreas Fink [mailto:af...@list.fink.org] 
Gesendet: Mittwoch, 23. September 2009 15:04
An: Patrick Studer
Betreff: Re: [swinog] Full BGP Routing Router Requirements
 
off the list.
 
On 23.09.2009, at 13:41, Patrick Studer wrote:



Hallo Andreas
 
Wenn ich Dich richtig verstehe, dann plant Ihr ein Darkfiber zwischen EBM und 
ColoBâle. Von dort
würde es dann weiter zur IWB gehen, richtig?
 
Nicht wirklich. Wir haben heut EBM-IWB in Betrieb da unsere Internet Verbindung 
noch im IWB dran ist.



Wie wären den die Preise für eine 100 Mbit/s Verbindung von EBM zum SwissIX IWB?
 
EBM zu SwissIX können wir günstig abgeben weil wir selber schon 1Gbps 
EBM-SwissIX haben.
Ich muss mal die Preise raussuchen was uns EBM verrechnet für die Verbindung 
und dann umrechnen.
 
 
 
Andreas Fink
 
Fink Consulting GmbH
Global Networks Schweiz AG
BebbiCell AG
IceCell ehf
 
---
Tel: +41-61-330 Fax: +41-61-331  Mobile: +41-79-2457333
Address: Clarastrasse 3, 4058 Basel, Switzerland
E-Mail:  andr...@fink.org
www.finkconsulting.com www.global-networks.ch www.bebbicell.ch
---
ICQ: 8239353 MSN: m...@gni.ch AIM: smsrelay Skype: andreasfink
Yahoo: finkconsulting SMS: +41792457333
 
http://a-fink.blogspot.com/



 
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Full BGP Routing Router Requirements

[Patrick Studer]

Hi Reza

Please note, that we will currently use less (around 5 Mbit/s) for Upstream, 
which
will growing in the next month/year to 10-20 Mbit/s. So currently, we are far 
away
from 100 Mbit/s and for that reason, we think, that a 38xx or 7xxx system will 
be
good enogh for the moment.

But thank you anyway for you input.

Kind Regards

Patrick Studer

**
X-NetConsulting GmbH Internet   http://www.x-netconsulting.ch
Grosspeterstrasse 21 E-Mail p.stu...@x-netconsulting.ch
CH-4052 BaselTelefon+41 61 315 85 55
Schweiz  Fax+41 61 315 85 59
**

-Ursprüngliche Nachricht-
Von: Reza Kordi [mailto:reza.ko...@clue.ch] 
Gesendet: Dienstag, 22. September 2009 12:48
An: 'Patrick Studer'
Betreff: RE: [swinog] Full BGP Routing Router Requirements

Hi Patrick

If you are planning full tables and want to grow to +100Mbps don't take 28xx 
platform. 
What is neat is ASR1002 I tested it and recommend it. They have a 2.5G box now 
that is also well prices.  

Cheers,
Reza


-Original Message-
From: swinog-boun...@lists.swinog.ch [mailto:swinog-boun...@lists.swinog.ch] On 
Behalf Of Patrick Studer
Sent: Donnerstag, 17. September 2009 11:17
To: 'Pascal Gloor'
Cc: 'swinog@lists.swinog.ch'
Subject: Re: [swinog] Full BGP Routing Router Requirements

Hi Pascale

That's an answer I was looking for. 

Some more questions. Why you suggest the SP Service IOS?
What's about the 3825/45 Series? Would that be the golden middle way? Will
this box give us a little more capacity, so there is little bit of air for
the router, or is the only way to go for a 2851 or a 7xxx System?

Kind Regards

Patrick

**
X-NetConsulting GmbH Internet   http://www.x-netconsulting.ch
Grosspeterstrasse 21 E-Mail p.stu...@x-netconsulting.ch
CH-4052 BaselTelefon+41 61 315 85 55
Schweiz  Fax+41 61 315 85 59
**


-Ursprüngliche Nachricht-
Von: Pascal Gloor [mailto:pascal.gl...@spale.com] 
Gesendet: Donnerstag, 17. September 2009 10:41
An: studer.patr...@gmx.ch
Cc: 'swinog@lists.swinog.ch'
Betreff: Re: [swinog] Full BGP Routing Router Requirements

Hi Patrick,

 The first step will be, to have 10 Mbit/s fixed or 100 Mbit/s 
 burstable service with an additional link to SwissIX where we want to 
 do some privat peerings.

 In a second step, we will add a second or a third upstream with about 
 the same speeds as the first connection. All connection should be done 
 by normal Ethernet connection.

As a minimal BGP setup I usually suggest to have one 2851 per upstream. It 
needs some upgrades, 1Gb DRAM and SP SERVICES IOS. This router has two 
GigabitEthernet interface so you can use one for wan and one for lan. You can 
also add a 4 ports 10/100 switch module if you need multiple lan connexions 
(limited to 100mbps).

If you have multiple upstream providers and therefor multiple routers, I 
suggest to have a separate lan (maybe vlan) with all the routers in it for the 
iBGP full mesh.

This is, indeed, a minimal setup, I wont protect you from attacks of any kind 
and the router capacity is limited. However you should be able to route at 
least 100-200mbps.

If you really need protection, you will need a 7200-NPE-G1/2 (which will be 
able to hold 700-1000mbps traffic), but still, its capacity to hold directed 
attacks is limited.
For best protection a suggest a 7600-RSP720-3CXL which is full hardware 
platform, protection of the router can be done in hardware (CPP, control-plane 
policy).

But this might be just a little bit too expensive...


Cheers,
Pascal


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Full BGP Routing Router Requirements

[Patrick Studer]

Hallo Andreas
 
Wenn ich Dich richtig verstehe, dann plant Ihr ein Darkfiber zwischen EBM und 
ColoBâle. Von dort
würde es dann weiter zur IWB gehen, richtig?
 
Wie wären den die Preise für eine 100 Mbit/s Verbindung von EBM zum SwissIX IWB?
 
Grüsse
 
Patrick
 
**
X-NetConsulting GmbH Internet   http://www.x-netconsulting.ch
Grosspeterstrasse 21 E-Mail p.stu...@x-netconsulting.ch
CH-4052 BaselTelefon+41 61 315 85 55
Schweiz  Fax+41 61 315 85 59
**
 
Von: Andreas Fink [mailto:af...@list.fink.org] 
Gesendet: Montag, 21. September 2009 13:37
An: Patrick Studer
Betreff: Re: [swinog] Full BGP Routing Router Requirements
 
Hallo Patrick,
 
Wir könnten eventuell Transit zu SwissIX von EBM bieten da wir ne Darkfiber zu 
ColoBâle planen. Unsere derzeitige SwissIX Anbindung geht allerdings noch via 
IWB.
 
On 21.09.2009, at 10:54, Patrick Studer wrote:



Hallo Daniel

Naja, zur Zeit stehen EBM, IWB und ColoBâle zur Auswahl. Wobei es bei EBM
noch ein Link zur IWB benötigt, um sich an SwissIX anzuhängen.

Habt Ihr schon Preise für den Link nach Zürich? Von wo aus wäre der Link
von IWB oder von Colobâle?

Grüsse

Patrick

**
X-NetConsulting GmbH Internet   http://www.x-netconsulting.ch
Grosspeterstrasse 21 E-Mail p.stu...@x-netconsulting.ch
CH-4052 BaselTelefon+41 61 315 85 55
Schweiz  Fax+41 61 315 85 59
**

-Ursprüngliche Nachricht-
Von: Daniel Aubry [mailto:o...@chaostreff.ch] 
Gesendet: Samstag, 19. September 2009 15:07
An: Patrick Studer
Betreff: Re: [swinog] Full BGP Routing Router Requirements

On Fri, 18 Sep 2009 09:47:00 +0200
Patrick Studer p.stu...@x-netconsulting.ch wrote:
Hallo Patrick,



Habe mir aufgrund Deines Hinweises mal die Website und die Preise 
angesehen. Wenn ich das zusammenrechne und den Umstand dazu nehme, 
dass ich noch extra für den Strom zahlen muss und an ISP keine grosse 
Auswahl besteht, dann ist die Colo nicht so interessant, wie die 
Angebote von anderen Anbietern.

Wo willst Du denn sonst hin in Basel? Ich möchte dich einfach warnen, die 
SwissIX Anbindung von der IWB in Basel ist nicht optimal. Wir haben sämtliche 
Peerings mit SwissIX Teilnehmern die nicht direkt in Basel sind abgeschaltet.

Die Probleme gibts seit dem die Switch im Equinix-1 durch eine 10gbit Switch 
ersetzt wurde.
Scheinbar gehen da öfters mal Pakete verloren bei der Umsetzung zwischen 10G 
und 100mbit.

Warscheinlich werden wir von der IWB aus selber eine Leitung ins Interxion 
mieten damit wir wieder ohne 3-25% Packetloss peeren können. 

Grüsse
Daniel



___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
 
 
 
Andreas Fink
 
Fink Consulting GmbH
Global Networks Schweiz AG
BebbiCell AG
IceCell ehf
 
---
Tel: +41-61-330 Fax: +41-61-331  Mobile: +41-79-2457333
Address: Clarastrasse 3, 4058 Basel, Switzerland
E-Mail:  andr...@fink.org
www.finkconsulting.com www.global-networks.ch www.bebbicell.ch
---
ICQ: 8239353 MSN: m...@gni.ch AIM: smsrelay Skype: andreasfink
Yahoo: finkconsulting SMS: +41792457333
 
http://a-fink.blogspot.com/



 
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Full BGP Routing Router Requirements

[Patrick Studer]

Hallo Daniel

Naja, zur Zeit stehen EBM, IWB und ColoBâle zur Auswahl. Wobei es bei EBM
noch ein Link zur IWB benötigt, um sich an SwissIX anzuhängen.

Habt Ihr schon Preise für den Link nach Zürich? Von wo aus wäre der Link
von IWB oder von Colobâle?

Grüsse

Patrick

**
X-NetConsulting GmbH Internet   http://www.x-netconsulting.ch
Grosspeterstrasse 21 E-Mail p.stu...@x-netconsulting.ch
CH-4052 BaselTelefon+41 61 315 85 55
Schweiz  Fax+41 61 315 85 59
**

-Ursprüngliche Nachricht-
Von: Daniel Aubry [mailto:o...@chaostreff.ch] 
Gesendet: Samstag, 19. September 2009 15:07
An: Patrick Studer
Betreff: Re: [swinog] Full BGP Routing Router Requirements

On Fri, 18 Sep 2009 09:47:00 +0200
Patrick Studer p.stu...@x-netconsulting.ch wrote:
Hallo Patrick,

 Habe mir aufgrund Deines Hinweises mal die Website und die Preise 
 angesehen. Wenn ich das zusammenrechne und den Umstand dazu nehme, 
 dass ich noch extra für den Strom zahlen muss und an ISP keine grosse 
 Auswahl besteht, dann ist die Colo nicht so interessant, wie die 
 Angebote von anderen Anbietern.

Wo willst Du denn sonst hin in Basel? Ich möchte dich einfach warnen, die 
SwissIX Anbindung von der IWB in Basel ist nicht optimal. Wir haben sämtliche 
Peerings mit SwissIX Teilnehmern die nicht direkt in Basel sind abgeschaltet.

Die Probleme gibts seit dem die Switch im Equinix-1 durch eine 10gbit Switch 
ersetzt wurde.
Scheinbar gehen da öfters mal Pakete verloren bei der Umsetzung zwischen 10G 
und 100mbit.

Warscheinlich werden wir von der IWB aus selber eine Leitung ins Interxion 
mieten damit wir wieder ohne 3-25% Packetloss peeren können. 

Grüsse
Daniel



___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Full BGP Routing Router Requirements

[Patrick Studer]

Ciao Reto

Habe mir aufgrund Deines Hinweises mal die Website
und die Preise angesehen. Wenn ich das zusammenrechne und
den Umstand dazu nehme, dass ich noch extra für den Strom zahlen muss
und an ISP keine grosse Auswahl besteht, dann ist die
Colo nicht so interessant, wie die Angebote von anderen Anbietern.

Dennoch danke für den Hinweis.

Grüsse

Patrick

**
X-NetConsulting GmbH Internet   http://www.x-netconsulting.ch
Grosspeterstrasse 21 E-Mail p.stu...@x-netconsulting.ch
CH-4052 BaselTelefon+41 61 315 85 55
Schweiz  Fax+41 61 315 85 59
**


-Ursprüngliche Nachricht-
Von: Reto Burkhalter [mailto:reto.burkhal...@basis06.com] 
Gesendet: Donnerstag, 17. September 2009 23:08
An: Patrick Studer
Betreff: AW: [swinog] Full BGP Routing Router Requirements

Hoi

Dann würde mir so spontan ColoBâle in den Sinn kommen :)

Gruss
Reto

 -Ursprüngliche Nachricht-
 Von: Patrick Studer [mailto:p.stu...@x-netconsulting.ch] 
 Gesendet: Donnerstag, 17. September 2009 16:19
 An: Reto Burkhalter
 Cc: 'swinog@lists.swinog.ch'
 Betreff: AW: [swinog] Full BGP Routing Router Requirements
 
 
 Ciao Reto
 
 Wir werden vermutlich in einem Datacenter in Basel starten. Aber
 danke für den Hinweis.
 
 Grüsse
 
 Patrick
 
 **
 
 X-NetConsulting GmbH Internet   
 http://www.x-netconsulting.ch
 Grosspeterstrasse 21 E-Mail 
 p.stu...@x-netconsulting.ch
 CH-4052 BaselTelefon+41 61 315 85 55
 Schweiz  Fax+41 61 315 85 59
 **
 
 
 
 -Ursprüngliche Nachricht-
 Von: Reto Burkhalter [mailto:reto.burkhal...@basis06.com] 
 Gesendet: Donnerstag, 17. September 2009 14:26
 An: Patrick Studer
 Betreff: AW: [swinog] Full BGP Routing Router Requirements
 
 Hoi Patrick
 
 Dann empfehle ich an dieser Stelle doch mal die colozüri.ch - genügend
 Carriers und ISPs vorhanden, welche easy über Kupfer/Glas 
 Fast/GigE liefern
 können, SwissIX im Hause und auch sonst ne nette Colo :-)
 
 - http://www.colozueri.ch/
 
 Gruss
 Reto
 
  -Ursprüngliche Nachricht-
  Von: Patrick Studer [mailto:p.stu...@x-netconsulting.ch] 
  Gesendet: Donnerstag, 17. September 2009 10:33
  An: 'Matthias Hertzog'
  Cc: 'swinog@lists.swinog.ch'
  Betreff: Re: [swinog] Full BGP Routing Router Requirements
  
  
  Hallo Matthias
  
  Das steht noch nicht fest. Wir planen aber unsere RZ in ein externes
  Datacenter auszulagern, welches die benötigten Anbindungen zu 
  anderen ISPs
  für Upstream und den Zugang zu SwissIX bietet.
  
  Grüsse
  
  Patrick
  
  **
  
  X-NetConsulting GmbH Internet   
  http://www.x-netconsulting.ch
  Grosspeterstrasse 21 E-Mail 
  p.stu...@x-netconsulting.ch
  CH-4052 BaselTelefon+41 61 315 85 55
  Schweiz  Fax+41 61 315 85 59
  **
  
  
  
  -Ursprüngliche Nachricht-
  Von: Matthias Hertzog [mailto:m.hert...@mhs.ch] 
  Gesendet: Donnerstag, 17. September 2009 10:10
  An: p.stu...@x-netconsulting.ch
  Betreff: Re: [swinog] Full BGP Routing Router Requirements
  
  Sali Patrick
  
  Wo steht euer RZ?
  
  Viele Grüsse
  Matthias
  
  _
  
  mhs @ internet AG
  Zürcherstrasse 204, CH - 9014 St. Gallen
  Phone +41 71 274 93 93, Fax +41 71 274 93 94
  http://www.mhs.ch
  _
  
  - Original Message - 
  From: studer.patr...@gmx.ch
  To: swinog@lists.swinog.ch
  Sent: Thursday, September 17, 2009 9:49 AM
  Subject: [swinog] Full BGP Routing Router Requirements
  
  
   Hi
  
   We are planning to go multihomed with our infrastructure.
  
   The first step will be, to have 10 Mbit/s fixed or 100 
  Mbit/s burstable 
   service
   with an additional link to SwissIX where we want to do 
 some privat 
   peerings.
  
   In a second step, we will add a second or a third upstream 
  with about the
   same speeds as the first connection. All connection should 
  be done by
   normal Ethernet connection.
  
   Currently we have a Cisco 2811 with 256 MB Ram. Would it be 
  enough for the 
   first
   step to upgrade the ram to 768 MB or will it be necessary 
 to buy a 
   better/bigger
   router (2851, 3825 or 720x system).
  
   We tried to find some recommendations on the internet, but 
  we wasn't 
   successful.
  
   What is your recommendation for this scenario?
  
   Regards
  
   Patrick Studer

Re: [swinog] Full BGP Routing Router Requirements

[Patrick Studer]

Hi Bernd

Thanks for your thoughts. Since the Rackspace is already limited, the 7201
or the 3825 will be a good solutions for us, since the only take 1 or 2 RU.

I hope, that we don't will have to match ddos attacks (we wasn't attacked
within the last 5 years), so hopefully, that isn't the point for us in
the moment. So we can start with one of this two boxes. And if we are growing
and perhaps will have multiple racks, we can invest then in a ddos proved
solutions.

Kind Regards

Patrick

**
X-NetConsulting GmbH Internet   http://www.x-netconsulting.ch
Grosspeterstrasse 21 E-Mail p.stu...@x-netconsulting.ch
CH-4052 BaselTelefon+41 61 315 85 55
Schweiz  Fax+41 61 315 85 59
**


-Ursprüngliche Nachricht-
Von: Bernd SPIESS [mailto:bernd.spi...@ascus.at] 
Gesendet: Donnerstag, 17. September 2009 20:15
An: 'Patrick Studer'
Betreff: RE: [swinog] Full BGP Routing Router Requirements

yes - its a good box - but think that a new one will cost about 8000 euro
for this money you get a lot of used boxes who do routing in hardware

the 7201 and 3825 plattform are cpu driven - both will not survive a
ddos - if you have luck the 7201 will - but if you have too much services
this box is also dead

compare the mbps of the 7201 g2 with the sup32 or sup720

bernd

-Original Message-
From: Patrick Studer [mailto:p.stu...@x-netconsulting.ch] 
Sent: Thursday, September 17, 2009 6:15 PM
To: Bernd SPIESS
Cc: 'swinog@lists.swinog.ch'
Subject: AW: [swinog] Full BGP Routing Router Requirements

Thanks Bernd. 

As you perhaps has seen, we are now thinking about a 3825 or 7201. We think
both will do the job, but the 7201 will have more power.

Kind Regards

Patrick

**
X-NetConsulting GmbH Internet   http://www.x-netconsulting.ch
Grosspeterstrasse 21 E-Mail p.stu...@x-netconsulting.ch
CH-4052 BaselTelefon+41 61 315 85 55
Schweiz  Fax+41 61 315 85 59
**


-Ursprüngliche Nachricht-
Von: Bernd SPIESS [mailto:bernd.spi...@ascus.at] 
Gesendet: Donnerstag, 17. September 2009 14:02
An: 'Patrick Studer'
Betreff: RE: [swinog] Full BGP Routing Router Requirements

ipv6 is running fine also on 28 plattform

asn32 - no practical info from our side - 
we ignored this until now :-)
maybe you start here:
http://www.swissix.ch/asn32/doku.php


-Original Message-
From: Patrick Studer [mailto:p.stu...@x-netconsulting.ch] 
Sent: Thursday, September 17, 2009 1:39 PM
To: Bernd SPIESS; 'Pascal Gloor'
Cc: 'swinog@lists.swinog.ch'
Subject: AW: [swinog] Full BGP Routing Router Requirements

Thanks for the link to the Router performance sheet. Do you see perhaps
also some impacts about the new as-numbers or ipv6 for any of the smaller
solutions (28xx, 38xx)?

Regards

Patrick

**
X-NetConsulting GmbH Internet   http://www.x-netconsulting.ch
Grosspeterstrasse 21 E-Mail p.stu...@x-netconsulting.ch
CH-4052 BaselTelefon+41 61 315 85 55
Schweiz  Fax+41 61 315 85 59
**


-Ursprüngliche Nachricht-
Von: swinog-boun...@lists.swinog.ch [mailto:swinog-boun...@lists.swinog.ch] Im 
Auftrag von Bernd SPIESS
Gesendet: Donnerstag, 17. September 2009 11:43
An: 'Patrick Studer'; 'Pascal Gloor'
Cc: 'swinog@lists.swinog.ch'
Betreff: Re: [swinog] Full BGP Routing Router Requirements

see here:
http://www.cisco.com/web/partners/downloads/765/tools/quickreference/routerperformance.pdf

3725 = 179 mbit
3745 = 256 mbit

(best case calculated with 64 byte paket size)

you have to basicaly decide if you want a cpu driven box (28*, 38*, NPE-G1/G2) 
or a hardware 
driven box (sup32, sup720, c-120**)
in the first case you have to primary look for the cpu performance - in the 
second case you have to
look primary for hardware prefix puffer (256.000 prefixes versus 1 mio)

lg
bernd

-Original Message-
From: swinog-boun...@lists.swinog.ch [mailto:swinog-boun...@lists.swinog.ch] On 
Behalf Of Patrick Studer
Sent: Thursday, September 17, 2009 11:17 AM
To: 'Pascal Gloor'
Cc: 'swinog@lists.swinog.ch'
Subject: Re: [swinog] Full BGP Routing Router Requirements

Hi Pascale

That's an answer I was looking for. 

Some more questions. Why you suggest the SP Service IOS?
What's about the 3825/45 Series? Would that be the golden middle way? Will
this box give us a little more capacity, so there is little bit of air

Re: [swinog] Full BGP Routing Router Requirements

[Patrick Studer]

If possible, it would be nice to survive a ddos ;-)

That the 256 MB isn't enough is clear. Because of this
we asked, if it will be enough just to upgrade to 768 MB to hold
a full routing table or not. Or to ask the question direct, what
is the minimum memory requirements to hold a full routing table from
one or two upstreams and have some privat peerings at SwissIX?

It's more a question of, if the 2811 can do this job and we
can add perhaps a second 2811 for a second upstream, or if we
should start over with a better solution. 

Since the router isn't too old, we like to use it for this. 
If your recommendation is to go with a 3845, then we have to
forget about idea to go with the 2811. 

We just like to know, what will be the minimum requirements
and the disadvantage of this minimum solution, and what will
be the best cost/performance solutions for that scenario.

Regards

Patrick

**
X-NetConsulting GmbH Internet   http://www.x-netconsulting.ch
Grosspeterstrasse 21 E-Mail p.stu...@x-netconsulting.ch
CH-4052 BaselTelefon+41 61 315 85 55
Schweiz  Fax+41 61 315 85 59
**


-Ursprüngliche Nachricht-
Von: Bernd SPIESS [mailto:bernd.spi...@i3b.at] 
Gesendet: Donnerstag, 17. September 2009 09:54
An: studer.patr...@gmx.ch
Betreff: RE: [swinog] Full BGP Routing Router Requirements

it depends

do you want to survive a ddos or not?

with 100 mbit link speed a 2811 will die for 100%
when you receive a dos/ddos in your direction

256 mb ram will also be to less for multihoming
if you want to have one or two full routing table.
It will be ok for two default routes and some 
peering routes.

what is your budget ?

typically a standard setup for a stable multihoming
scenario with two core routers build with cisco
can go from 10k until 20k euro
below 10k€ you don’t get a solution with solves 
all cases.

bernd



-Original Message-
From: swinog-boun...@lists.swinog.ch [mailto:swinog-boun...@lists.swinog.ch] On 
Behalf Of studer.patr...@gmx.ch
Sent: Thursday, September 17, 2009 9:49 AM
To: 'swinog@lists.swinog.ch'
Subject: [swinog] Full BGP Routing Router Requirements

Hi

We are planning to go multihomed with our infrastructure. 

The first step will be, to have 10 Mbit/s fixed or 100 Mbit/s burstable service
with an additional link to SwissIX where we want to do some privat peerings. 

In a second step, we will add a second or a third upstream with about the
same speeds as the first connection. All connection should be done by
normal Ethernet connection.

Currently we have a Cisco 2811 with 256 MB Ram. Would it be enough for the first
step to upgrade the ram to 768 MB or will it be necessary to buy a better/bigger
router (2851, 3825 or 720x system).

We tried to find some recommendations on the internet, but we wasn't successful.

What is your recommendation for this scenario?

Regards

Patrick Studer

**
X-NetConsulting GmbH Internet   http://www.x-netconsulting.ch
Grosspeterstrasse 21 E-Mail p.stu...@x-netconsulting.ch
CH-4052 BaselTelefon+41 61 315 85 55
Schweiz  Fax+41 61 315 85 59
**




___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Full BGP Routing Router Requirements

[Patrick Studer]

Hi

We prefer to have a Cisco box, since we have about 15 years of cisco experience.

Kind Regards

Patrick

**
X-NetConsulting GmbH Internet   http://www.x-netconsulting.ch
Grosspeterstrasse 21 E-Mail p.stu...@x-netconsulting.ch
CH-4052 BaselTelefon+41 61 315 85 55
Schweiz  Fax+41 61 315 85 59
**


-Ursprüngliche Nachricht-
Von: Marcel Prisi [mailto:marcel.pr...@virtua.ch] 
Gesendet: Donnerstag, 17. September 2009 10:02
An: studer.patr...@gmx.ch
Betreff: Re: [swinog] Full BGP Routing Router Requirements

Dear Patrick,

We have been using PC based (HP servers + SSD) Vyatta routers for some time, 
they work extremely well at the fraction of the price of Cisco gear.

We setup a full AS with two upstreams here at Sefanet, including full 
redundancy for a great price ... tell me if you are interested !

Best regards.
Le jeudi 17 septembre 2009 à 09:49 +0200, studer.patr...@gmx.ch a écrit :
 Hi
 
 We are planning to go multihomed with our infrastructure. 
 
 The first step will be, to have 10 Mbit/s fixed or 100 Mbit/s 
 burstable service with an additional link to SwissIX where we want to do some 
 privat peerings.
 
 In a second step, we will add a second or a third upstream with about 
 the same speeds as the first connection. All connection should be done 
 by normal Ethernet connection.
 
 Currently we have a Cisco 2811 with 256 MB Ram. Would it be enough for 
 the first step to upgrade the ram to 768 MB or will it be necessary to 
 buy a better/bigger router (2851, 3825 or 720x system).
 
 We tried to find some recommendations on the internet, but we wasn't 
 successful.
 
 What is your recommendation for this scenario?
 
 Regards
 
 Patrick Studer
 
 **
 X-NetConsulting GmbH Internet   http://www.x-netconsulting.ch
 Grosspeterstrasse 21 E-Mail p.stu...@x-netconsulting.ch
 CH-4052 BaselTelefon+41 61 315 85 55
 Schweiz  Fax+41 61 315 85 59
 **
 
 
 
 
 
 ___
 swinog mailing list
 swinog@lists.swinog.ch
 http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
 
--
Marcel Prisi
co-director - head of network services

virtua SA  interactive communication agency En Clamogne 27 Ch -1170 Aubonne T. 
+41 21 821 15 20 F. +41 21 821 15 21

virtua  | from internet to business® |
·
·


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Full BGP Routing Router Requirements

[Patrick Studer]

Hallo Matthias

Das steht noch nicht fest. Wir planen aber unsere RZ in ein externes
Datacenter auszulagern, welches die benötigten Anbindungen zu anderen ISPs
für Upstream und den Zugang zu SwissIX bietet.

Grüsse

Patrick

**
X-NetConsulting GmbH Internet   http://www.x-netconsulting.ch
Grosspeterstrasse 21 E-Mail p.stu...@x-netconsulting.ch
CH-4052 BaselTelefon+41 61 315 85 55
Schweiz  Fax+41 61 315 85 59
**


-Ursprüngliche Nachricht-
Von: Matthias Hertzog [mailto:m.hert...@mhs.ch] 
Gesendet: Donnerstag, 17. September 2009 10:10
An: p.stu...@x-netconsulting.ch
Betreff: Re: [swinog] Full BGP Routing Router Requirements

Sali Patrick

Wo steht euer RZ?

Viele Grüsse
Matthias

_

mhs @ internet AG
Zürcherstrasse 204, CH - 9014 St. Gallen
Phone +41 71 274 93 93, Fax +41 71 274 93 94
http://www.mhs.ch
_

- Original Message - 
From: studer.patr...@gmx.ch
To: swinog@lists.swinog.ch
Sent: Thursday, September 17, 2009 9:49 AM
Subject: [swinog] Full BGP Routing Router Requirements


 Hi

 We are planning to go multihomed with our infrastructure.

 The first step will be, to have 10 Mbit/s fixed or 100 Mbit/s burstable 
 service
 with an additional link to SwissIX where we want to do some privat 
 peerings.

 In a second step, we will add a second or a third upstream with about the
 same speeds as the first connection. All connection should be done by
 normal Ethernet connection.

 Currently we have a Cisco 2811 with 256 MB Ram. Would it be enough for the 
 first
 step to upgrade the ram to 768 MB or will it be necessary to buy a 
 better/bigger
 router (2851, 3825 or 720x system).

 We tried to find some recommendations on the internet, but we wasn't 
 successful.

 What is your recommendation for this scenario?

 Regards

 Patrick Studer

 **
 X-NetConsulting GmbH Internet 
 http://www.x-netconsulting.ch
 Grosspeterstrasse 21 E-Mail 
 p.stu...@x-netconsulting.ch
 CH-4052 BaselTelefon+41 61 315 85 55
 Schweiz  Fax+41 61 315 85 59
 **




 ___
 swinog mailing list
 swinog@lists.swinog.ch
 http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
 



___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Full BGP Routing Router Requirements

[Patrick Studer]

Hi Pascale

That's an answer I was looking for. 

Some more questions. Why you suggest the SP Service IOS?
What's about the 3825/45 Series? Would that be the golden middle way? Will
this box give us a little more capacity, so there is little bit of air for
the router, or is the only way to go for a 2851 or a 7xxx System?

Kind Regards

Patrick

**
X-NetConsulting GmbH Internet   http://www.x-netconsulting.ch
Grosspeterstrasse 21 E-Mail p.stu...@x-netconsulting.ch
CH-4052 BaselTelefon+41 61 315 85 55
Schweiz  Fax+41 61 315 85 59
**


-Ursprüngliche Nachricht-
Von: Pascal Gloor [mailto:pascal.gl...@spale.com] 
Gesendet: Donnerstag, 17. September 2009 10:41
An: studer.patr...@gmx.ch
Cc: 'swinog@lists.swinog.ch'
Betreff: Re: [swinog] Full BGP Routing Router Requirements

Hi Patrick,

 The first step will be, to have 10 Mbit/s fixed or 100 Mbit/s 
 burstable service with an additional link to SwissIX where we want to 
 do some privat peerings.

 In a second step, we will add a second or a third upstream with about 
 the same speeds as the first connection. All connection should be done 
 by normal Ethernet connection.

As a minimal BGP setup I usually suggest to have one 2851 per upstream. It 
needs some upgrades, 1Gb DRAM and SP SERVICES IOS. This router has two 
GigabitEthernet interface so you can use one for wan and one for lan. You can 
also add a 4 ports 10/100 switch module if you need multiple lan connexions 
(limited to 100mbps).

If you have multiple upstream providers and therefor multiple routers, I 
suggest to have a separate lan (maybe vlan) with all the routers in it for the 
iBGP full mesh.

This is, indeed, a minimal setup, I wont protect you from attacks of any kind 
and the router capacity is limited. However you should be able to route at 
least 100-200mbps.

If you really need protection, you will need a 7200-NPE-G1/2 (which will be 
able to hold 700-1000mbps traffic), but still, its capacity to hold directed 
attacks is limited.
For best protection a suggest a 7600-RSP720-3CXL which is full hardware 
platform, protection of the router can be done in hardware (CPP, control-plane 
policy).

But this might be just a little bit too expensive...


Cheers,
Pascal


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Full BGP Routing Router Requirements

[Patrick Studer]

Hi Peter

Thanks for the input (incl. the hint for Kingston, which we already know ;-)).

Depending, on what we get form other as suggestion, we think that we will
start with a 28xx or 38xx router.

Kind Regards

Patrick 

**
X-NetConsulting GmbH Internet   http://www.x-netconsulting.ch
Grosspeterstrasse 21 E-Mail p.stu...@x-netconsulting.ch
CH-4052 BaselTelefon+41 61 315 85 55
Schweiz  Fax+41 61 315 85 59
**


-Ursprüngliche Nachricht-
Von: Peter Kohler [mailto:peter.koh...@netcetera.ch] 
Gesendet: Donnerstag, 17. September 2009 11:22
An: studer.patr...@gmx.ch
Betreff: Re: [swinog] Full BGP Routing Router Requirements

Hi Patrick,

...i forgot to mention, that we also had to buy/license the
IPAdvanced Service image for the 2811 in order to do BGP4. 

Peter

-- 
Travel in and around Zürich with our free iPhone application Wemlin:
http://mobile.netcetera.ch/wemlin

Dr. Peter Kohler | peter.koh...@netcetera.ch
phone +41-44-247 79 03 | fax +41-44-247 70 75
Netcetera AG | 8040 Zürich | Switzerland | http://netcetera.ch


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Full BGP Routing Router Requirements

[Patrick Studer]

Hallo Viktor

Wie wäre denn Deine Empfehlung. Etwas grösseres ist etwas unklar ;-).

Grüsse

Patrick

**
X-NetConsulting GmbH Internet   http://www.x-netconsulting.ch
Grosspeterstrasse 21 E-Mail p.stu...@x-netconsulting.ch
CH-4052 BaselTelefon+41 61 315 85 55
Schweiz  Fax+41 61 315 85 59
**


-Ursprüngliche Nachricht-
Von: Viktor Steinmann [mailto:st...@stony.com] 
Gesendet: Donnerstag, 17. September 2009 10:40
An: studer.patr...@gmx.ch
Betreff: RE: [swinog] Full BGP Routing Router Requirements

Hoi Patrick

Ich würde schwer empfehlen, etwas grösseres reinzustellen. Erstens wächst
die BGP-Tabelle unaufhörlich, zweitens steigt der Memory-Bedarf mit jedem
angehängten Peering und drittens wirst du eventuell mal auf IPv6 migrieren
wollen/müssen. Um die Kosten im Griff zu behalten, kannst du locker einen
Router von einem Used-Hardware-Dealer beziehen - ich hab' das früher immer
so gemacht und bin damit nie schlecht gefahren (Kratzer am Gehäuse haben
keinen Einfluss auf den Durchsatz ;-))

Grüessli,
Viktor 

 -Original Message-
 From: swinog-boun...@lists.swinog.ch 
 [mailto:swinog-boun...@lists.swinog.ch] On Behalf Of 
 studer.patr...@gmx.ch
 Sent: Donnerstag, 17. September 2009 09:49
 To: 'swinog@lists.swinog.ch'
 Subject: [swinog] Full BGP Routing Router Requirements
 
 Hi
 
 We are planning to go multihomed with our infrastructure. 
 
 The first step will be, to have 10 Mbit/s fixed or 100 Mbit/s 
 burstable service
 with an additional link to SwissIX where we want to do some 
 privat peerings. 
 
 In a second step, we will add a second or a third upstream 
 with about the
 same speeds as the first connection. All connection should be done by
 normal Ethernet connection.
 
 Currently we have a Cisco 2811 with 256 MB Ram. Would it be 
 enough for the first
 step to upgrade the ram to 768 MB or will it be necessary to 
 buy a better/bigger
 router (2851, 3825 or 720x system).
 
 We tried to find some recommendations on the internet, but we 
 wasn't successful.
 
 What is your recommendation for this scenario?
 
 Regards
 
 Patrick Studer
 
 **
 
 X-NetConsulting GmbH Internet   
 http://www.x-netconsulting.ch
 Grosspeterstrasse 21 E-Mail 
 p.stu...@x-netconsulting.ch
 CH-4052 BaselTelefon+41 61 315 85 55
 Schweiz  Fax+41 61 315 85 59
 **
 
 
 
 
 
 ___
 swinog mailing list
 swinog@lists.swinog.ch
 http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
 


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Full BGP Routing Router Requirements

[Patrick Studer]

Thanks for the link to the Router performance sheet. Do you see perhaps
also some impacts about the new as-numbers or ipv6 for any of the smaller
solutions (28xx, 38xx)?

Regards

Patrick

**
X-NetConsulting GmbH Internet   http://www.x-netconsulting.ch
Grosspeterstrasse 21 E-Mail p.stu...@x-netconsulting.ch
CH-4052 BaselTelefon+41 61 315 85 55
Schweiz  Fax+41 61 315 85 59
**


-Ursprüngliche Nachricht-
Von: swinog-boun...@lists.swinog.ch [mailto:swinog-boun...@lists.swinog.ch] Im 
Auftrag von Bernd SPIESS
Gesendet: Donnerstag, 17. September 2009 11:43
An: 'Patrick Studer'; 'Pascal Gloor'
Cc: 'swinog@lists.swinog.ch'
Betreff: Re: [swinog] Full BGP Routing Router Requirements

see here:
http://www.cisco.com/web/partners/downloads/765/tools/quickreference/routerperformance.pdf

3725 = 179 mbit
3745 = 256 mbit

(best case calculated with 64 byte paket size)

you have to basicaly decide if you want a cpu driven box (28*, 38*, NPE-G1/G2) 
or a hardware 
driven box (sup32, sup720, c-120**)
in the first case you have to primary look for the cpu performance - in the 
second case you have to
look primary for hardware prefix puffer (256.000 prefixes versus 1 mio)

lg
bernd

-Original Message-
From: swinog-boun...@lists.swinog.ch [mailto:swinog-boun...@lists.swinog.ch] On 
Behalf Of Patrick Studer
Sent: Thursday, September 17, 2009 11:17 AM
To: 'Pascal Gloor'
Cc: 'swinog@lists.swinog.ch'
Subject: Re: [swinog] Full BGP Routing Router Requirements

Hi Pascale

That's an answer I was looking for. 

Some more questions. Why you suggest the SP Service IOS?
What's about the 3825/45 Series? Would that be the golden middle way? Will
this box give us a little more capacity, so there is little bit of air for
the router, or is the only way to go for a 2851 or a 7xxx System?

Kind Regards

Patrick

**
X-NetConsulting GmbH Internet   http://www.x-netconsulting.ch
Grosspeterstrasse 21 E-Mail p.stu...@x-netconsulting.ch
CH-4052 BaselTelefon+41 61 315 85 55
Schweiz  Fax+41 61 315 85 59
**


-Ursprüngliche Nachricht-
Von: Pascal Gloor [mailto:pascal.gl...@spale.com] 
Gesendet: Donnerstag, 17. September 2009 10:41
An: studer.patr...@gmx.ch
Cc: 'swinog@lists.swinog.ch'
Betreff: Re: [swinog] Full BGP Routing Router Requirements

Hi Patrick,

 The first step will be, to have 10 Mbit/s fixed or 100 Mbit/s 
 burstable service with an additional link to SwissIX where we want to 
 do some privat peerings.

 In a second step, we will add a second or a third upstream with about 
 the same speeds as the first connection. All connection should be done 
 by normal Ethernet connection.

As a minimal BGP setup I usually suggest to have one 2851 per upstream. It 
needs some upgrades, 1Gb DRAM and SP SERVICES IOS. This router has two 
GigabitEthernet interface so you can use one for wan and one for lan. You can 
also add a 4 ports 10/100 switch module if you need multiple lan connexions 
(limited to 100mbps).

If you have multiple upstream providers and therefor multiple routers, I 
suggest to have a separate lan (maybe vlan) with all the routers in it for the 
iBGP full mesh.

This is, indeed, a minimal setup, I wont protect you from attacks of any kind 
and the router capacity is limited. However you should be able to route at 
least 100-200mbps.

If you really need protection, you will need a 7200-NPE-G1/2 (which will be 
able to hold 700-1000mbps traffic), but still, its capacity to hold directed 
attacks is limited.
For best protection a suggest a 7600-RSP720-3CXL which is full hardware 
platform, protection of the router can be done in hardware (CPP, control-plane 
policy).

But this might be just a little bit too expensive...


Cheers,
Pascal


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Multihomed project

[Patrick Studer]

Hi Alexandre

Thanks for your suggestion. The solution with a 7201 looks very interesting
and since one 7201 is near of the price of two 3825, that could be perhaps
the solutions for which we should go. The only thing is, that with two separate
boxes, we are better covered in the case of hardware failure.

Kind Regards

Patrick Studer

**
X-NetConsulting GmbH Internet   http://www.x-netconsulting.ch
Grosspeterstrasse 21 E-Mail p.stu...@x-netconsulting.ch
CH-4052 BaselTelefon+41 61 315 85 55
Schweiz  Fax+41 61 315 85 59
**


-Ursprüngliche Nachricht-
Von: Alexandre Egger [mailto:a.eg...@neocarrier.com] 
Gesendet: Donnerstag, 17. September 2009 13:39
An: Patrick Studer
Betreff: Multihomed project

Hi Patrick,

I've seen your message on SwiNOG list for your multihoming project.

If you have the budget and want to stick with Cisco, I would suggest you
using 7201. They works very well and comes with 1GB or RAM. The end-user
price in CHF is ~ 26200CHF, but you can probably get a good 5000 CHF
discount since it is likely sold around 18k at reseller price.

Ohterwise as you mentioned the 3800 series can be a way to go. The 3825
with a RAM upgrade to 1GB would bet a very good one, with end-user price of
10K (with 256 MB of RAM) you can probably grab one for 8500 CHF.

If you are looking for a provider to offer you ASN, IP v4/v6 PI blocks, or
even hardware please feel free to knock at our door. We price very
attractive and have suppliers in Switzerland for hardware from the normal
market. We are also able to provide you very attractive IP transit services
if you are somewhere between Equinix 1 and ICT-Center Zurich.

Wish you the best for your project!

Cheers.

-- 
Alexandre Egger

Neocarrier Communications LTD
311, SHOREHAM STREET
S2 4FA  SHEFFIELD
United Kingdom

E : a.eg...@neocarrier.com
W : www.neocarrier.com


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Full BGP Routing Router Requirements

[Patrick Studer]

Ciao Reto

Wir werden vermutlich in einem Datacenter in Basel starten. Aber
danke für den Hinweis.

Grüsse

Patrick

**
X-NetConsulting GmbH Internet   http://www.x-netconsulting.ch
Grosspeterstrasse 21 E-Mail p.stu...@x-netconsulting.ch
CH-4052 BaselTelefon+41 61 315 85 55
Schweiz  Fax+41 61 315 85 59
**


-Ursprüngliche Nachricht-
Von: Reto Burkhalter [mailto:reto.burkhal...@basis06.com] 
Gesendet: Donnerstag, 17. September 2009 14:26
An: Patrick Studer
Betreff: AW: [swinog] Full BGP Routing Router Requirements

Hoi Patrick

Dann empfehle ich an dieser Stelle doch mal die colozüri.ch - genügend
Carriers und ISPs vorhanden, welche easy über Kupfer/Glas Fast/GigE liefern
können, SwissIX im Hause und auch sonst ne nette Colo :-)

- http://www.colozueri.ch/

Gruss
Reto

 -Ursprüngliche Nachricht-
 Von: Patrick Studer [mailto:p.stu...@x-netconsulting.ch] 
 Gesendet: Donnerstag, 17. September 2009 10:33
 An: 'Matthias Hertzog'
 Cc: 'swinog@lists.swinog.ch'
 Betreff: Re: [swinog] Full BGP Routing Router Requirements
 
 
 Hallo Matthias
 
 Das steht noch nicht fest. Wir planen aber unsere RZ in ein externes
 Datacenter auszulagern, welches die benötigten Anbindungen zu 
 anderen ISPs
 für Upstream und den Zugang zu SwissIX bietet.
 
 Grüsse
 
 Patrick
 
 **
 
 X-NetConsulting GmbH Internet   
 http://www.x-netconsulting.ch
 Grosspeterstrasse 21 E-Mail 
 p.stu...@x-netconsulting.ch
 CH-4052 BaselTelefon+41 61 315 85 55
 Schweiz  Fax+41 61 315 85 59
 **
 
 
 
 -Ursprüngliche Nachricht-
 Von: Matthias Hertzog [mailto:m.hert...@mhs.ch] 
 Gesendet: Donnerstag, 17. September 2009 10:10
 An: p.stu...@x-netconsulting.ch
 Betreff: Re: [swinog] Full BGP Routing Router Requirements
 
 Sali Patrick
 
 Wo steht euer RZ?
 
 Viele Grüsse
 Matthias
 
 _
 
 mhs @ internet AG
 Zürcherstrasse 204, CH - 9014 St. Gallen
 Phone +41 71 274 93 93, Fax +41 71 274 93 94
 http://www.mhs.ch
 _
 
 - Original Message - 
 From: studer.patr...@gmx.ch
 To: swinog@lists.swinog.ch
 Sent: Thursday, September 17, 2009 9:49 AM
 Subject: [swinog] Full BGP Routing Router Requirements
 
 
  Hi
 
  We are planning to go multihomed with our infrastructure.
 
  The first step will be, to have 10 Mbit/s fixed or 100 
 Mbit/s burstable 
  service
  with an additional link to SwissIX where we want to do some privat 
  peerings.
 
  In a second step, we will add a second or a third upstream 
 with about the
  same speeds as the first connection. All connection should 
 be done by
  normal Ethernet connection.
 
  Currently we have a Cisco 2811 with 256 MB Ram. Would it be 
 enough for the 
  first
  step to upgrade the ram to 768 MB or will it be necessary to buy a 
  better/bigger
  router (2851, 3825 or 720x system).
 
  We tried to find some recommendations on the internet, but 
 we wasn't 
  successful.
 
  What is your recommendation for this scenario?
 
  Regards
 
  Patrick Studer
 
  
 **
 
  X-NetConsulting GmbH Internet 
  http://www.x-netconsulting.ch
  Grosspeterstrasse 21 E-Mail 
  p.stu...@x-netconsulting.ch
  CH-4052 BaselTelefon+41 61 315 85 55
  Schweiz  Fax+41 61 315 85 59
  
 **
 
 
 
 
 
  ___
  swinog mailing list
  swinog@lists.swinog.ch
  http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
  
 
 
 
 ___
 swinog mailing list
 swinog@lists.swinog.ch
 http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
 


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Full BGP Routing Router Requirements

[Patrick Studer]

Ciao Thomas

Besten Dank für den Input. Im Moment haben wir den 7201 oder 
den 3825 in die nähere Auswahl einbezogen. So wie wir das sehen
ist der 7201 ja ein 720x mit NPE-G2 (einfach halt nur mit
1 Slot statt mit 4 oder 6), was ja dann vermutlich
für die nächsten Zeit reichen sollte. Oder sehen wir das
falsch.

Grüsse

Patrick

**
X-NetConsulting GmbH Internet   http://www.x-netconsulting.ch
Grosspeterstrasse 21 E-Mail p.stu...@x-netconsulting.ch
CH-4052 BaselTelefon+41 61 315 85 55
Schweiz  Fax+41 61 315 85 59
**


-Ursprüngliche Nachricht-
Von: Thomas Koeppe [KGT new media] [mailto:i...@k-dsl.de] 
Gesendet: Donnerstag, 17. September 2009 16:10
An: p.stu...@x-netconsulting.ch
Betreff: Re: [swinog] Full BGP Routing Router Requirements

Hoi Patrick,

ich personlich wurde nicht mit einer kleinen Cisco 2811 oder dergleichen
anfangen. Mit vollem RAM-Ausbau bekommst Du dort hoechstwahrscheinlich
nur 1x Full Table rein und hast kaum Platz fur notwendige zukunftige
Erweiterungen.

Ich kann Dir die 7206VXR inkl. NPE-G1 oder NPE-G2 empfehlen. Die G1 hat
1 GB RAM, die G2 max. 2 GB RAM. Dort bist Du auf alle Falle auf der
sicheren Seite. Die G1 gibt es so ab 7-8k und die G2 so round about 10k
Euro wenn Du geschickt verhandelst. Hier hast Du auch noch Reserven fur
zukunftige Features. (IPv6, MPLS, etc.)

Wenn Du weniger Geld ausgeben willst, stell Dir einen dicken Server
auf PC-Basis hin und installiere einfach ein Quagga drauf. Der kann auch
alle neuen Features die man so braucht (ASN 32-bit, IPv6, etc...) und
kostet _deutlich_ weniger Geld als Vendor C. Je nach Hardware bist Du
mit 1-2k Euro dabei. Wir haben am SwissIX auch einen Linux-Quagga based
Router am laufen. Sehr stabil, sehr wartungsarm. Allerdings machen wir
auch nur bis max. 100mbps am SwissIX. Die zwei Xeon-CPUs langweilen sich
vor sich hin und von den installaierten 8GB RAM ist noch Platz fur 100x
Full-Table ;)
Vom LookFeel her ist das Quagga-CLI fast identisch mit dem Cisco-CLI,
sogar teilweise die gleichen Befehle.



HTH,
Thomas





On 17.09.2009 09:49, studer.patr...@gmx.ch wrote:
 Hi
 
 We are planning to go multihomed with our infrastructure. 
 
 The first step will be, to have 10 Mbit/s fixed or 100 Mbit/s burstable 
 service
 with an additional link to SwissIX where we want to do some privat peerings. 
 
 In a second step, we will add a second or a third upstream with about the
 same speeds as the first connection. All connection should be done by
 normal Ethernet connection.
 
 Currently we have a Cisco 2811 with 256 MB Ram. Would it be enough for the 
 first
 step to upgrade the ram to 768 MB or will it be necessary to buy a 
 better/bigger
 router (2851, 3825 or 720x system).
 
 We tried to find some recommendations on the internet, but we wasn't 
 successful.
 
 What is your recommendation for this scenario?
 
 Regards
 
 Patrick Studer
 
 **
 X-NetConsulting GmbH Internet   http://www.x-netconsulting.ch
 Grosspeterstrasse 21 E-Mail p.stu...@x-netconsulting.ch
 CH-4052 BaselTelefon+41 61 315 85 55
 Schweiz  Fax+41 61 315 85 59
 **
 
 
 
 
 ___
 swinog mailing list
 swinog@lists.swinog.ch
 http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
 


-- 
Thomas Koeppe thomas.koe...@k-dsl.de
Network Engineering Team

Tel: +49 (0)30 / 80 93 201 - 25
Fax: +49 (0)30 / 80 93 201 - 20
E-Mail: supp...@k-dsl.de

KGT new media
Mollendorffstrasse 108/109
D-10367 Berlin, Germany

Tel: +49 (0)30 / 80 93 201 - 0
Fax: +49 (0)30 / 80 93 201 - 20

E-Mail: i...@k-dsl.de
Internet: http://www.k-dsl.de

Inh.: Dorle Koppe
VAT: DE217875774

X-NCC-RegID: de.kgtnewmedia


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Full BGP Routing Router Requirements

[Patrick Studer]

Thanks Bernd. 

As you perhaps has seen, we are now thinking about a 3825 or 7201. We think
both will do the job, but the 7201 will have more power.

Kind Regards

Patrick

**
X-NetConsulting GmbH Internet   http://www.x-netconsulting.ch
Grosspeterstrasse 21 E-Mail p.stu...@x-netconsulting.ch
CH-4052 BaselTelefon+41 61 315 85 55
Schweiz  Fax+41 61 315 85 59
**


-Ursprüngliche Nachricht-
Von: Bernd SPIESS [mailto:bernd.spi...@ascus.at] 
Gesendet: Donnerstag, 17. September 2009 14:02
An: 'Patrick Studer'
Betreff: RE: [swinog] Full BGP Routing Router Requirements

ipv6 is running fine also on 28 plattform

asn32 - no practical info from our side - 
we ignored this until now :-)
maybe you start here:
http://www.swissix.ch/asn32/doku.php


-Original Message-
From: Patrick Studer [mailto:p.stu...@x-netconsulting.ch] 
Sent: Thursday, September 17, 2009 1:39 PM
To: Bernd SPIESS; 'Pascal Gloor'
Cc: 'swinog@lists.swinog.ch'
Subject: AW: [swinog] Full BGP Routing Router Requirements

Thanks for the link to the Router performance sheet. Do you see perhaps
also some impacts about the new as-numbers or ipv6 for any of the smaller
solutions (28xx, 38xx)?

Regards

Patrick

**
X-NetConsulting GmbH Internet   http://www.x-netconsulting.ch
Grosspeterstrasse 21 E-Mail p.stu...@x-netconsulting.ch
CH-4052 BaselTelefon+41 61 315 85 55
Schweiz  Fax+41 61 315 85 59
**


-Ursprüngliche Nachricht-
Von: swinog-boun...@lists.swinog.ch [mailto:swinog-boun...@lists.swinog.ch] Im 
Auftrag von Bernd SPIESS
Gesendet: Donnerstag, 17. September 2009 11:43
An: 'Patrick Studer'; 'Pascal Gloor'
Cc: 'swinog@lists.swinog.ch'
Betreff: Re: [swinog] Full BGP Routing Router Requirements

see here:
http://www.cisco.com/web/partners/downloads/765/tools/quickreference/routerperformance.pdf

3725 = 179 mbit
3745 = 256 mbit

(best case calculated with 64 byte paket size)

you have to basicaly decide if you want a cpu driven box (28*, 38*, NPE-G1/G2) 
or a hardware 
driven box (sup32, sup720, c-120**)
in the first case you have to primary look for the cpu performance - in the 
second case you have to
look primary for hardware prefix puffer (256.000 prefixes versus 1 mio)

lg
bernd

-Original Message-
From: swinog-boun...@lists.swinog.ch [mailto:swinog-boun...@lists.swinog.ch] On 
Behalf Of Patrick Studer
Sent: Thursday, September 17, 2009 11:17 AM
To: 'Pascal Gloor'
Cc: 'swinog@lists.swinog.ch'
Subject: Re: [swinog] Full BGP Routing Router Requirements

Hi Pascale

That's an answer I was looking for. 

Some more questions. Why you suggest the SP Service IOS?
What's about the 3825/45 Series? Would that be the golden middle way? Will
this box give us a little more capacity, so there is little bit of air for
the router, or is the only way to go for a 2851 or a 7xxx System?

Kind Regards

Patrick

**
X-NetConsulting GmbH Internet   http://www.x-netconsulting.ch
Grosspeterstrasse 21 E-Mail p.stu...@x-netconsulting.ch
CH-4052 BaselTelefon+41 61 315 85 55
Schweiz  Fax+41 61 315 85 59
**


-Ursprüngliche Nachricht-
Von: Pascal Gloor [mailto:pascal.gl...@spale.com] 
Gesendet: Donnerstag, 17. September 2009 10:41
An: studer.patr...@gmx.ch
Cc: 'swinog@lists.swinog.ch'
Betreff: Re: [swinog] Full BGP Routing Router Requirements

Hi Patrick,

 The first step will be, to have 10 Mbit/s fixed or 100 Mbit/s 
 burstable service with an additional link to SwissIX where we want to 
 do some privat peerings.

 In a second step, we will add a second or a third upstream with about 
 the same speeds as the first connection. All connection should be done 
 by normal Ethernet connection.

As a minimal BGP setup I usually suggest to have one 2851 per upstream. It 
needs some upgrades, 1Gb DRAM and SP SERVICES IOS. This router has two 
GigabitEthernet interface so you can use one for wan and one for lan. You can 
also add a 4 ports 10/100 switch module if you need multiple lan connexions 
(limited to 100mbps).

If you have multiple upstream providers and therefor multiple routers, I 
suggest to have a separate lan (maybe vlan) with all the routers in it for the 
iBGP full mesh.

This is, indeed, a minimal setup, I wont protect you from attacks of any kind 
and the router capacity is limited. However