Have you received a response from qrator? My guess is that they
dropped a BGP collector session that was advertising garbage
(modifying AS path to make non-connected ASNs appear connected).
>most ASNs left permanently on at 2017-03-11 21:00:00 were never connected
Are other SV8 peering exchange participants seeing problems with Facebooks
2001:504:D::47/64 router in the SV8?
Been seeing this for over 48 hours now. No issues with other SV8 peers, or
Facebooks other IPv6 router in the facility.
Dec 5 18:52:00: %BGP-5-ADJCHANGE: neighbor 2001:504:D::47 Down
Getting no where with the front end support @ Megapath.
/28 suddenly is no longer being routed to my client.
Any help would be appreciated.
Thank You,
Mike
Does anyone use this site much? Has something happened to reduce their
visibility?
I've noticed multiple networks that had massive drops in peerings on or around
March 11, 2017. AS5650 went from 66 to 12. AS53828 went from 436 to 19. PCH's
AS3856 looking glass still reports adjacencies to
--- b...@herrin.us wrote:
From: William Herrin
Even the relatively good ones are bad. I have identified
60 and am on track to identify about 200 errors in the
official ISC2 CISSP study guide.
-
One last one I promise... :-)
I also
On Tue, Dec 5, 2017 at 6:11 PM, Scott Weeks wrote:
> Have you seen neteng certs lately? I'm forced to maintain a
> lower level one to keep my job and it makes me angry every
> time I have to do it. The sales pitch is hidden in the words
> and the correct answer is almost
--- l...@satchell.net wrote:
From: Stephen Satchell
Indeed, I'm not aware of any certification that applies to system
administrators. Network administrators have certs that are
well-recognized and accepted. Mail admins? Server admins? The certs
that are out there
Should have an honorary list of great sysadmins. In my years of doing
this sort of work, I found a number of folks that would lend a helping
hand. To that, I would like to nominate:
Strata Rose Chalup
--
Strata Rose Chalup began as a novice sysadmin in 1983 and has been
leading
On 2017-12-05 15:22, t...@wicks.co.nz wrote:
Fixed format EX's range max out at 128k routes, definitely not an
option
there unless I am really missing something. I often use EX/QFX for l3,
but
no way they come anywhere near a full table.
yep :)
set routing-options maximum-prefixes
What's the application? I'll throw a somewhat oddball option out there
- you can fit full tables into RIB on many Juniper EX switches. Limited use
cases for sure, but it can be handy if you can limit what's installed into
FIB.
Fixed format EX's range max out at 128k routes, definitely not an
> On 4 Dec 2017, at 19:19, Adam Lawson wrote:
>
> Hi,
>
>
>
> I'm looking for suggestions on 1U-2U sized router with 1G interface
> which can handle both IPv4 and IPv6 full BGP table and doesn't consume
> too much power.
>
>
>
> The router needs to be squeezed in to
On 2017-12-05 12:44, Adam Lawson wrote:
Hi,
Thanks for all the replies.
I think the options that came up are:
- Juniper MXs
The reason I wrote M7i instead of the MX was I far as I looked on the
Juniper
site, it seems to use more power than the M7i (though you get more
performance).
On Tue, Dec 5, 2017 at 9:49 AM, Stephen Satchell wrote:
> the Internet as we know it was developed under the stern eyes of the
> Department of Defense and the National Science Foundation. The NSF in
> particular ran the 'Net like bouncers do in a strip club: you break the
>
And then, let's not forget the BOFH! (http://www.bofharchive.com), and
Mordac.
On 12/5/17 11:40 AM, Sam Oduor wrote:
Subject of interest; my 15 years experience I met a blend of senior admins
while learning the curves ..
1. Those who denied you knowledge/handover due to insecurity
2.
No, not actually seen one in real life yet. Interesting thing of course is it
runs VMX JunOS code.
-Original Message-
From: Georg Kahest [mailto:georg.kah...@internet.ee]
Sent: Wednesday, 6 December 2017 8:01 AM
To: t...@wicks.co.nz; nanog@nanog.org
Subject: Re: Small full BGP table
- Juniper MXs
The reason I wrote M7i instead of the MX was I far as I looked on the Juniper
site, it seems to use more power than the M7i (though you get more performance).
The M150 has just been released, if its within the budget I wold suggest it
will very nicely fit the requirement with
On 12/5/17 10:28 AM, Mike Hammett wrote:
I understand that most BGP implementations are single-threaded.
Well, yeah. That's where the "lots of slow cores" model doesn't work.
~Seth
Hi,
Thanks for all the replies.
I think the options that came up are:
- Mikrotiks
This fits my requirements pretty nicely, however as Mike pointed out the
single threaded BGP is a bit of concern. Also, just that I'm not a very big
fan of the /xxx Mikrotik CLI.
- EdgeRouter Pros, Juniper M7i
-
Subject of interest; my 15 years experience I met a blend of senior admins
while learning the curves ..
1. Those who denied you knowledge/handover due to insecurity
2. Those who fed you with knowledge but were rude and could make you feel
like you undergoing some military training
3. Those
It's a couple year old Xeon running vSphere.
Once I get some other migrations done, I'll load either vSphere or Proxmox onto
the hardware running the Vyatta firewall now and run a CHR there as well for a
second upstream. I'm not yet sure what the underlying hardware is for that one.
My x86
Yea, as much as I love Juniper Hardware the M series is really a long way on
the past at this point. I would suggest the new MX150 is the way to go for up
to 20G requirements. Of course that's in a different league from the OP's
criteria.
-Original Message-
From: NANOG
What hardware you running the CHR on?
> On Dec 5, 2017, at 10:29, Mike Hammett wrote:
>
> I'm replacing an M10i with a CHR.
>
> I hope you have a newer RE so that you don't have worse BGP convergence than
> a CCR.
>
>
>
>
> -
> Mike Hammett
> Intelligent
Umm.. back in the day, only researchers & engineers used the ARPANET,
and secretaries, and administrators, and very quickly lots of military
ratings, ... By the time networks were connected to form the Internet,
and particularly once university LANs and CANs were connected, you had
students,
I'm replacing an M10i with a CHR.
I hope you have a newer RE so that you don't have worse BGP convergence than a
CCR.
-
Mike Hammett
Intelligent Computing Solutions
http://www.ics-il.com
Midwest-IX
http://www.midwest-ix.com
- Original Message -
From: "mike lyon"
I understand that most BGP implementations are single-threaded.
The problem is that it sucks, which version 7 fixes... whenever the unicorn
makes that delivery.
-
Mike Hammett
Intelligent Computing Solutions
http://www.ics-il.com
Midwest-IX
http://www.midwest-ix.com
-
Back in the day, only Ph.D's used the internet, so they were the sysadmins.
These days, I recommend that system administration be only allowed for
card-holding responsible people who have proven their technical abilities.
Then, when you get awarded your Ph.D, they can take your sysadmin card
Unfortunately, yes. Thats why two Juniper M7is just arrived on my doorstep
yesterday...
> On Dec 5, 2017, at 10:10, wrote:
>
> Is that actually still true nowadays ? Of course there is always the option
> of running RouterOS on an X86 for an effective
Is that actually still true nowadays ? Of course there is always the option of
running RouterOS on an X86 for an effective solution as well.
-Original Message-
From: mike.l...@gmail.com [mailto:mike.l...@gmail.com]
Sent: Wednesday, 6 December 2017 7:07 AM
To: t...@wicks.co.nz
Cc:
Bad thing about the CCRs is that their BGP process is single threaded. So even
though it has a bunch of cores, it doesn’t utilize them for BGP.
-Mike
> On Dec 5, 2017, at 09:50, wrote:
>
> For me the obvious answer for the OP is the Mikrotik CCR range -
>
For me the obvious answer for the OP is the Mikrotik CCR range -
https://mikrotik.com/product/CCR1036-8G-2Splus
-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Eric Kuhnke
Sent: Wednesday, 6 December 2017 6:00 AM
To: nanog@nanog.org list
In article <20171205105918.ga8...@gsp.org> you write:
> "Current Peeve: The mindset that the Internet is some sort of
> school for novice sysadmins and that everyone *not* doing stupid
> dangerous things should act like patient teachers with the ones
> who are."
Up to a
It is worth mentioning for those who have not seen a Ubiquiti "edgrouter"
in person yet, or worked with one, where their operating system came
from... When Vyatta was acquired by Brocade, the core Vyatta team jumped
ship and were hired directly by Ubiquiti. When you SSH into one of these
whether
On 12/05/2017 09:17 AM, Harald Koch wrote:
Thirty years ago I started my sysadmin journey on an Internet that was
filled with helpful, experienced people that were willing to share their
knowledge.
The vast majority of what I've experienced in the last ~20 years has
been people willing to
In my experience with creating new mail servers that use IP addresses
belonging to dedicated hosting/colocation/VPS companies.
This is *after* all of the obvious setup things like having a real static
IP, A records, PTR records, SPF and DKIM set up proprely, are taken care of
so that a public
Raymond
Reading that I see the possibility that you could have a bad unit.
Verifying with another unit would be great to confirm. Personally I would
use something like
https://www.supermicro.com/products/system/Mini-ITX/SYS-E300-9A.cfm where
the supply chain can get me parts faster for scale and
In a message written on Tue, Dec 05, 2017 at 06:49:43AM -0800, Stephen Satchell
wrote:
> The NSF in particular ran the 'Net like bouncers do in a strip club:
> you break the rules, you go. No argument.
I'm not sure I've ever seen a more inaccurate description of the NSF.
What in the world are
On Mon 2017-12-04 16:00:11-0700 Grant wrote:
> I've been using a VPS as my primary mail server for > 2 years and
> have only been black listed once. Even that was a 12 hour automated
> listing because I sent one message to an address I had not used in 7
> years, which had since been converted
Hi,
Anyone from Amazon Cloud in this list. Need help for app.conceptboard.com.
Our client complaining they are getting disconnected from this site.
Traceroute/mtr showing path is keep changing.
traceroute to app.conceptboard.com (52.17.144.46), 30 hops max, 60 byte
packets
1
I run my own mailserver...
On Mon, Dec 4, 2017 at 3:00 PM, Grant Taylor via NANOG
wrote:
> On 12/04/2017 03:47 PM, Brad Knowles wrote:
>
>> The concept is sound, but attempting to use your $5 VPS as your outbound
>> mail relay is only going to end in pain and tears -- your
On 12/05/2017 08:17 AM, Harald Koch wrote:
Thirty years ago I started my sysadmin journey on an Internet that was
filled with helpful, experienced people that were willing to share their
knowledge.
Twenty years ago I was one of three people running CA*net, the
cross-Canada research Internet
Thirty years ago I started my sysadmin journey on an Internet that was
filled with helpful, experienced people that were willing to share their
knowledge.
Twenty years ago I was one of three people running CA*net, the
cross-Canada research Internet with three connections to the NSFnet. I
don't
On 12/05/2017 06:38 AM, Edwin Pers wrote:
You'd think so, yes. Somehow Google and DO and most other hosting
companies manage to do it. Feels like AWS truly doesn't care about
it.
"Never attribute to malice that which is adequately explained by
stupidity, ignorance, or negligence." --based on
On 12/05/2017 02:59 AM, Rich Kulawiec wrote:
On Mon, Dec 04, 2017 at 07:38:18PM -0500, Eric Tykwinski wrote:
Main point I think is mailops comes with a learning curve, and it happens...
"Current Peeve: The mindset that the Internet is some sort of
school for novice sysadmins
>Last week we found out that Helpscout sends email from AWS servers.
Ouch. I'm in the same boat as you are - three of our biggest suppliers have all
their public-facing stuff hosted on AWS, including their email smarthosts.
None of them have static addresses.
>This is incorrect reasoning.
Hello,
A number of people have been suggesting Lanner boxes for routing. I have
used FW-7543A and FW-7573A boxes with Debian with no issues.
I am currently trying the NCA-5510 model with NCS2-IGM806B (XL710) and
NCS2-IXM407A (I350) cards with a standard Debian Stretch installation.
I was
MX150?
On Dec 4, 2017, at 4:13 PM, C. Jon Larsen wrote:
On Mon, 4 Dec 2017, Naslund, Steve wrote:
FWIW ...
OpenBSD on a lanner appliance with openbgpd will chew 1G. Especially on the
latest version - 6.2.
Debian on the same lanner running bird would also chew that as
replied offlist.
ping me if you need something fyi.
- jared
On Mon, Dec 04, 2017 at 06:14:24PM -0600, J. Oquendo wrote:
> Can one of the Akamai (non salesy) guys ping me off list
> please. Security related.
>
> --
>
On Mon, Dec 04, 2017 at 07:38:18PM -0500, Eric Tykwinski wrote:
> Main point I think is mailops comes with a learning curve, and it happens...
"Current Peeve: The mindset that the Internet is some sort of
school for novice sysadmins and that everyone *not* doing stupid
48 matches
Mail list logo