Re: support update
On Mon, 31 Oct 2022 02:07:00 +0100 (CET) i...@tutanota.com wrote: > The entry under Denmark listed with a company name "Zen System" > doesn't exist. There no longer is such a company, and the URL > redirects to a completely different company that doesn't provide > any kind of OpenBSD service. This is correct. It is me that is listed as the contact person. Zen Systems was sold to Nianet, an Danish ISP 7 years ago. Two year later Globalconnect, another Danish ISP, acquired Nianet. I am pretty sure you can remove that entry. Best regards Martin
Re: support update
On Mon, 31 Oct 2022 02:07:00 +0100 (CET) i...@tutanota.com wrote: > The entry under Denmark listed with a company name "Zen System" > doesn't exist. There no longer is such a company, and the URL > redirects to a completely different company that doesn't provide > any kind of OpenBSD service. I am the one listed as the contact person in the support entry. Zen Systems was sold to Nianet, an Danish ISP 7 years ago. Two year later Globalconnect, another Danish ISP, acquired Nianet. It was finally closed in July 2021. Somewhere in time the old support entry was forgotten and no one asked for it to be deleted. I am pretty sure you can remove that entry. Best regards Martin
Re: bgplg doesn't work with wildcard httpd servers
On Fri, 11 Jan 2019 10:50:21 -0600
Adam Thompson wrote:
> server "*" {
server "default"
/Martin
Re: OpenBGPd multiple local AS
You can absolutely run external BGP and internal BGP with the same AS.
This is a very common configuration.
You should peer with your real AS on iBGP.
If you do not you will end up with a split autonomous system.
:AS 5 65006
My guess is this is the error. A normal BGP speaker do have on AS number only.
As far as i know bgpd only accpets two AS numbers if the first is a 32bit one.
:# my private LAN peer
:neighbor 10.0.41.5 {
:announce self
:remote-as 65005
:descr r2
:}
I would have announce all on my iBGP but you could have another agenda.
Also run the iBGP peering session on your public IP space!
Regards Martin
Re: Why anyone in their right mind would like to use NAT64
On Wed, 24 Oct 2012 22:16:04 +0200 Claudio Jeker cje...@diehard.n-r-g.com wrote: Just as an example. A few weeks ago it was a lot easier to get one of the last IPv4 PI address blocks at RIPE than getting a PI IPv6 block. Since the first one has no strings attached (apart from having an AS number) and the second one comes with a big ball of wool of extra rules that need to be ensured and ensured and pretty please and yes please I would like PI space. RIPE NCC policy has one blocking rule: * You *must* multi home. as in you must have a AS number. So if you have an AS number and you use it, like you said you would when you applied, you will get IPv6 PI space. As a LIR we do IPv6 PI requests for end users and RIPE NCC do not make troubles about it. If you tell stories in your requests they starts asking annoying questions. /Martin btw, when we run out of v4 space and cant dual stack anymore we will start to use NAT64/DNS64. But hopefully the rest out the Internet has changed to v6 only before we run out.
Re: OpenBGPd - how to blackhole traffic?
On Thu, 16 Aug 2012 14:47:25 +0200 Bernd be...@kroenchenstadt.de wrote: Is there a way to achieve this on OpenBSD? Directly from my mind... To blackhole some google stuff. route add -blackhole 8.8.0.0/16 127.0.0.1 /Martin
Re: firewall virtualization using tagging?
On Tue, 24 May 2011 12:33:55 +1200 Joel Wiramu Pauling j...@aenertia.net wrote: stacking (802.11ah/QinQ) is ok for most situations, however it would be nice to have a SAP style construct (service access port), which essentially is a logical customer interface - most switch/router vendors have such as thing. Tags are local to the physical port. So i guess they work like that. ifconfig vlan1 vlan 234 vlandev em2 ifconfig vlan24123 vlan 234 vlandev em3
Re: OpenBGPD communities, localpref on originating prefixes
On Thu, 28 Apr 2011 08:50:41 -0500
falz m...@falz.net wrote:
PREFIX_ORIGINATE= { 10.171.0.0/19, 101.192.144.0/24,
91.199.248.0/24 } COMMUNITY_TEST = 65000:666
network 10.171.0.0/19
network 101.192.144.0/24
network 91.199.248.0/22
# default allow/deny stuff from sample conf is here
match from any prefix $PREFIX_ORIGINATE set localpref 140
match from any prefix $PREFIX_ORIGINATE set community $COMMUNITY_TEST
match from any prefix $PREFIX_ORIGINATE set med 12
The filter you wrote will set the attributes on prefixes you receive
from other bgp speakers.
Try:
network 10.171.0.0/19 set { localpref 140 metric 12 community 65000:666 }
etc..
/Martin
Re: bgpd help!!
On Tue, 15 Dec 2009 16:18:31 -0700 Andy Nguyen andy.ngu...@cityofthornton.net wrote: Is there a way to strip Private As (65xxx) so it does not advertise to the ISP provider? Thanks Use communities on peers with real ASNs. match from $peer set community 666:666 Then when announcing to peers and upstreams. deny to $peer allow to $peer community 666:666 /Martin
Re: bgpd help!!
On Wed, 16 Dec 2009 11:19:33 -0700 Andy Nguyen andy.ngu...@cityofthornton.net wrote: If I configure community as Martin suggested this will also take out the path to my network. Thanks. If your real AS is transit only for your prefix it wont work. Your real AS should announce your prefix. The private AS should announce subnets of the prefix. I do it all the time. /Martin
destroying vlan interfaces
Hi misc Has anyone had crashes when destroying vlan interfaces? I had two issues with the 4.4-current snap from 16. jan. When running ex: ifconfig vlan1804 destroy crash... unfortunately i havent got any kernel debugger output, but will setup conserver today and do a detailed error report if it happens again. Best regards Martin
