i run rtconfig to take irr data and auto-install the fiter in my router
i run rpki-rtr to take rpki date and auto-install the fiter in my router
and the difference is?
you ean we made the second easier and more automatable? well then run
the rpki data into the handy dandy roa to irr filter and
On 05/12/2014 11:38, Randy Bush wrote:
and the difference is?
rpki might work at scale.
Nick
On Fri, 5 Dec 2014, Randy Bush wrote:
and the difference is?
rpki might work at scale.
ohhh noo!
fwiw, we had a script set running which took a route views dump,
created an ersatz roa set covering the whole table, and fetched it
into a small router or two.
which
At $DAYJOB, we have some applications that we would like to be all
hipster and *actually check* for certificate revocation. I know this
is way out there in terms of trendiness and may offend some folks.
Difficulty: the clients are running on single stacked IPv6. We have
recently been advised
fwiw, we had a script set running which took a route views dump,
created an ersatz roa set covering the whole table, and fetched it
into a small router or two.
which implementation?
dragon labs
randy
Trying to gather information on a connectivity issue between TW Telecom
and a specific government web server. If one of your upstream providers
is TW Telecom, could you report back whether you have connectivity to
https://safe.amrdec.army.mil. Thanks.
Antonio Querubin
e-mail:
On Dec 5, 2014, at 6:38 AM, Randy Bush ra...@psg.com wrote:
i run rtconfig to take irr data and auto-install the fiter in my router
i run rpki-rtr to take rpki date and auto-install the fiter in my router
and the difference is?
Not much - that's very likely why RIPE's IRR terms and
Comodo's the only one I know off the top of my head. records on
both the OCSP and CRL domains.
On Fri, Dec 5, 2014 at 6:06 AM, Rob Seastrom r...@seastrom.com wrote:
At $DAYJOB, we have some applications that we would like to be all
hipster and *actually check* for certificate revocation.
I am wondering if anyone can provide their real world experience about sizing
Juniper MX routers as it relates to BGP. I am needing a device that has a mix
of layer 2 and 3 features, including MPLS, that will have a very low port count
requirement that will primarily be used at a remote POP
On 05/12/2014 11:47, Randy Bush wrote:
and the difference is?
rpki might work at scale.
ohhh noo!
rtconfig + prefix lists were never going to work at scale, so rpsl based
filters were mostly only ever deployed on asn edges rather than dfz core
inter-as bgp sessions. This meant that
Graham,
We use both the MX240 and MX480 (for 100G) 1800REs. Very happy with this
hardware.
Jason Bothe, Manager of Networking
o +1 713 348 5500
m +1 713 703 3552
ja...@rice.edu
On 5, Dec
If you are looking for small foot print I +1 the 240s.
On Fri, Dec 5, 2014 at 12:08 PM, Jason Bothe ja...@rice.edu wrote:
Graham,
We use both the MX240 and MX480 (for 100G) 1800REs. Very happy with this
hardware.
Jason Bothe, Manager of Networking
o +1
If you're looking at scaling passed the mx104, I would consider the mx480
chassis. The price delta between the 240 vs. 480 bare chassis is negligible
and you'll get more slots to grow into. Especially, if you have a need to
do sampling or anything else that may require a service pic.
On Dec 5,
Shawn,
It's more about FIB than RIB as I am concerned about the time it takes until
MPCs have updated route information after large scale changes in routes learned
via BGP.
Graham Johnston
Network Planner
Westman Communications Group
204.717.2829
johnst...@westmancom.com
think green; don't
This is an automated weekly mailing describing the state of the Internet
Routing Table as seen from APNIC's router in Japan.
The posting is sent to APOPS, NANOG, AfNOG, AusNOG, SANOG, PacNOG,
CaribNOG and the RIPE Routing Working Group.
Daily listings are sent to bgp-st...@lists.apnic.net
For
Then you should look for something other then the MX104.
In our testing an MX104 running Junos 13.3R4 with a single, full feed took
about 4min 25sec to (1) converge the RIB from a router sitting 0.5ms RTT away
and (2) update the FIB with all entries. This performance was observed with
single
What’s a cheaper alternative to the MX104s?
We take a full BGP table and are on the AMS-IX and DE-CIX and are looking for a
new router. The MX series looks a bit out of budget but we’re currently looking
into the Brocade MLX series. We push under 10Gbps, but we do need 10Gbps
routing due to
We haven’t received the MX480 gear yet (POs just went in about a week ago). But
we tested MX960s with the same RE-S-1800x4 w/ 16GB RAM RIB+FIB convergence time
was roughly 45sec. We never worried about getting a super accurate time for the
MX960 because even an “eye test” showed it was fast
We have both Brocade CER and XMR (predecessor to the MLXe) in our environment
today. We find both platforms attractive from a price and power consumption
standpoint. They will both handle the IPv4 and IPv6 unicast routing tables
today.* The MLXe with MR2 cards is quite a formidable box; lots of
This report has been generated at Fri Dec 5 21:14:20 2014 AEST.
The report analyses the BGP Routing Table of AS2.0 router
and generates a report on aggregation potential within the table.
Check http://www.cidr-report.org/2.0 for a current version of this report.
Recent Table History
BGP Update Report
Interval: 27-Nov-14 -to- 04-Dec-14 (7 days)
Observation Point: BGP Peering with AS131072
TOP 20 Unstable Origin AS
Rank ASNUpds % Upds/PfxAS-Name
1 - AS23752 294408 6.0%2247.4 -- NPTELECOM-NP-AS Nepal
Telecommunications Corporation,
Hi,
Running MLXe with MR2 and/or CER-RT as MPLS PEs depending on POP size. We also
run the later as route reflectors.
They behave beautifully when it comes to churning BGP full feeds, convergence
is around 30-45s (full RAM). Routing capacity is also amazing.
I'm particularly amazed by the
I would be interested in these as well.
On 12/4/14, 12:25 PM, Paul S. cont...@winterei.se wrote:
Share them anyway? Juniper's certs have enough demand as well :)
On 12/5/2014 午前 05:13, Eric Litvin wrote:
have some juniper but not cisco.
On Thu, Dec 4, 2014 at 12:08 PM, Bacon Zombie
Is your sizing concern just for the RIB, or also for FIB to sync up? The
latter was a problem for us, but not the former. We also have inline-jflow
turned on and that is still a work-in-progress in terms of impacting
performance.
We are using MX104 for similar purposes for many months
MX480 is also not instantaneous, so the same problem applies. Brad, do you
have the number for MX480 for comparison?
What we decided was, given both models suffer the same problems, just different
duration, we decided to mitigate the problem and not spending the money.
Thanks.
On Dec 5,
rpki might work at scale.
ohhh noo!
rtconfig + prefix lists were never going to work at scale, so rpsl based
filters were mostly only ever deployed on asn edges rather than dfz core
inter-as bgp sessions. This meant that the damage that a bad update might
cause would be relatively
26 matches
Mail list logo
