Hi all,
I am sure this is something that a reasonable number of people would have
done on this list.
I am after a LSN/CGN/NAT444 solution to put about 1000 Residential profile
NBN speeds (fastest 100/40) services behind.
I am looking at a Cisco ASR1001/2, pfSense and am willing to consider
On (2014-06-30 13:28 +0930), Glen Turner wrote:
After the SFF Committee specifies the registers the operating system vendors
or vendors of devices would then add commands to support to toggle the I2C
needed to program those registers with MACsec keys, etc.
This is what I tried to tackle,
On 6/30/2014 1:59 AM, Skeeve Stevens wrote:
Hi all,
I am sure this is something that a reasonable number of people would have
done on this list.
I am after a LSN/CGN/NAT444 solution to put about 1000 Residential profile
NBN speeds (fastest 100/40) services behind.
I am looking at a Cisco
On Jun 30, 2014, at 1:37 PM, Robert Drake rdr...@direcpath.com wrote:
Total PPS or bandwidth is the number you need rather than number of customers.
Also, be sure you have S/RTBH or some other mechanism southbound of the NAT for
dealing with compromised/abusive hosts which can chew up the
On 30 Jun 2014, at 3:47 pm, Saku Ytti s...@ytti.fi wrote:
On (2014-06-30 13:28 +0930), Glen Turner wrote:
After the SFF Committee specifies the registers the operating system vendors
or vendors of devices would then add commands to support to toggle the I2C
needed to program those
On (2014-06-30 17:21 +0930), Glen Turner wrote:
What you really want isn’t DHCP-like, but simple AND-mask OR-set register
handling. You’d provide your customers with the magic numbers.
interface …
gbic-register [if REGISTER AND-MASK VALUE]… [set REGISTER AND-MASK OR-VALUE]…
From experience (we ran out of IPv4 a long time ago in the APNIC region)
this is not needed, what is needed however is session timeouts. Xbox and
PlayStation are the most sensitive to session timeouts.
-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Roland
On Jun 30, 2014, at 4:53 PM, Tony Wicks t...@wicks.co.nz wrote:
From experience (we ran out of IPv4 a long time ago in the APNIC region) this
is not needed,
I've seen huge problems from compromised machines completely killing NATs from
the southbound side.
what is needed however is
Le 2014-06-30 06:12, Roland Dobbins a écrit :
what is needed however is session timeouts.
This can help, but it isn't a solution to the botted/abusive machine problem.
They'll just keep right on pumping out packets and establishing new sessions,
'crowding out' legitimate users and filling up
On Jun 30, 2014, at 7:42 PM, Simon Perreault si...@per.reau.lt wrote:
Why? Cause that (per-subscriber limits on ports and memory) is exactly what
we recommend in RFC 6888...
https://app.box.com/s/a3oqqlgwe15j8svojvzl
I can't tell you how many times I've received frantic 4AM calls about
Le 2014-06-30 09:05, Roland Dobbins a écrit :
On Jun 30, 2014, at 7:42 PM, Simon Perreault si...@per.reau.lt wrote:
Why? Cause that (per-subscriber limits on ports and memory) is exactly what we
recommend in RFC 6888...
https://app.box.com/s/a3oqqlgwe15j8svojvzl
I can't tell you how many
On Jun 30, 2014, at 8:19 PM, Simon Perreault si...@per.reau.lt wrote:
Oh, actually I think I get it. You're trying to sell something.
Yes, you've found me out - I'm 'selling' S/RTBH, which is built-in
functionality of routers and layer-3 switches made by companies which don't
employ me.
On Mon, 30 Jun 2014 15:59:47 +1000, Skeeve Stevens said:
I am after a LSN/CGN/NAT444 solution to put about 1000 Residential profile
NBN speeds (fastest 100/40) services behind.
This solution is for v4 only, and needs to consider the profile of the
typical residential users. Any pitfalls
Hi all -
Probably like a lot of people on the list, I depend on my home internet
connection for many things including my primary job, and the numerous
side projects I work on.
I'd really a appreciate a connection that would have a shorter response
time if something were to go wrong.
On 30.06.2014 14:12, Roland Dobbins wrote:
I've seen huge problems from compromised machines completely killing
NATs from the southbound side.
It depends on CGN solution used. Some of them will just block new
translations for that user after reaching the limit, and that's it.
On 30.06.2014
On Sat, 28 Jun 2014 16:32:15 +0200
Markus unive...@truemetal.org wrote:
Hi list,
nothing operational here, but there are many smart minds on this list
and people working for telcos, ISPs and law enforcement agencies, so
maybe you are willing to give me some advice in the following case:
Sue him for slander?
Contact the US DOJ and request extortion charges be filed? I mean if someone
was committing a crime against me, I'd certainly be in contact with law
enforcement to have charges filed and a warrant out for arrest.
You shouldn't have called him. He has certainly changed
On Mon, Jun 30, 2014 at 8:45 AM, Phil Gardner phil.gardne...@gmail.com wrote:
Is there anyone out there that has ideas about how to waive or lower that
installation fee while only having a 1 year contract?
I've worked with Comcast Business on 10 installations for clients,
and the only time I
Phil,
Comcast does have a residential fiber tier that leverages their metro
ethernet network. https://www.comcast.com/505
http://www.speedtest.net/result/3595673618.png
- Will
Brandon Galbraith mailto:brandon.galbra...@gmail.com
June 30, 2014 at 1:33 PM
I've worked with Comcast Business
Damn, interesting. Though for my needs, I'm more interested in the
response time for service than all out speed.
I'd also be surprised if they offer that in my state.
On 06/30/2014 02:37 PM, Will Dean wrote:
Phil,
Comcast does have a residential fiber tier that leverages their metro
On 06/30/2014 03:49 PM, Phil Gardner wrote:
Damn, interesting. Though for my needs, I'm more interested in the
response time for service than all out speed.
I'd also be surprised if they offer that in my state.
Where are you located? Usually you can get an okay DSL connection as a
backup and
I have a cable based business in my residence.
There is no SLA with the standard business class service. However, I
have typically seen about a 4 hour response time during the week for a
tech and never any longer than the next day.
As far as install fees and such, the only way to get it
I run ASR1k6's ESP40/RP2 with 10-15k BNG clients on each running full CGNAT.
Translations peak at about 250k per 10K users. The ESP40 can handle 2M
translations, so there is plenty of room to run them up to 32k users without
having to be concerned (64k in an emergency). I have been running this
In message 96782.1404135...@turing-police.cc.vt.edu, valdis.kletni...@vt.edu
writes:
--==_Exmh_1404135618_1958P
Content-Type: text/plain; charset=us-ascii
On Mon, 30 Jun 2014 15:59:47 +1000, Skeeve Stevens said:
I am after a LSN/CGN/NAT444 solution to put about 1000 Residential profile
Hi Rob,
Interesting insights. I hadn't thought of an older 6500/7600... certainly
might be worth considering if I want to stay Cisco.
Yes, PPS is the key, but I thought someone might have some comments on the
metrics/pps I'd expect with that kind of user profile and speeds.
It doesn't need to
Roland, as always you remind me of the important things to remember.
...Skeeve
*Skeeve Stevens - *eintellego Networks Pty Ltd
ske...@eintellegonetworks.com ; www.eintellegonetworks.com
Phone: 1300 239 038; Cell +61 (0)414 753 383 ; skype://skeeve
facebook.com/eintellegonetworks ;
Roland, what methods are the easiest/cheapest way to deal with this?
...Skeeve
*Skeeve Stevens - *eintellego Networks Pty Ltd
ske...@eintellegonetworks.com ; www.eintellegonetworks.com
Phone: 1300 239 038; Cell +61 (0)414 753 383 ; skype://skeeve
facebook.com/eintellegonetworks ;
Hi Valdis,
Re 1.. completely understand. The environment is such that we will openly
state what does and doesn't work. It is a captive environment and the
users don't have a choice who they use. Think large university dorm (about
600) for part of the customer base.
Re 2.. The larger design is
Great advice Stepan.
Re user support. It is a greenfield environment so we're in the position
to say 'this is how it is and what you get'.
Re usage profile. No idea what to expect from users as there is nothing to
measure. I've actually not designed a NAT444 solution for residential
profiles
With enough horsepower, iptables+Linux is adequate for this, depending on your
requirements.
I would want to put as little money as possible behind CGN in favor of moving as
much as possible towards IPv6 instead.
Owen
On Jun 29, 2014, at 22:59 , Skeeve Stevens
Greenfield or not, unless you can expect that 100% of the users have never
had internet access anywhere else before, you may be up against expectations
you are not meeting with NAT444.
Owen
On Jun 30, 2014, at 17:28 , Skeeve Stevens
skeeve+na...@eintellegonetworks.com wrote:
Great advice
Hey Everyone,
I just was alerted to one of the systems I managed having a time skew
greater than 100ms from NTP sources. Upon further investigation it
seemed that the time was off by almost exactly 1 second.
Looking back over our NTP monitoring, it would appear that this system
had a large time
On Mon, Jun 30, 2014 at 05:33:52PM -0700, Tim Heckman wrote:
I just was alerted to one of the systems I managed having a time skew
greater than 100ms from NTP sources. Upon further investigation it
seemed that the time was off by almost exactly 1 second.
Looking back over our NTP monitoring,
33 matches
Mail list logo