Re: FCC Hurricane Michael after-action report

On 5/15/19 7:10 PM, Brandon Martin wrote: I dunno how the big guys get away with it.  If I hit something, you can darn well bet someone's going to be on my neck immediately to shut the job down and pull my bond if possible. It helps when the people in the field are like 3 subcontractors

Re: FCC Hurricane Michael after-action report

On 5/15/19 8:51 AM, Mike Hammett wrote: The majority of people doing locates are terrible at their job. (Un)fortunately, people doing the conduit installations are often terrible at their job as well. It's about a 50/50 split if the line was located correctly and the installation crew was

ARIN v4 revocations with followup felony indictments

ARIN revokes fraudulently obtained IPv4 numbers: http://www.circleid.com/posts/20190514_735k_fraudulently_obtained_ip_addresses_have_been_revoked/ USAO indicts Micfo founder in South Carolina. https://www.justice.gov/usao-sc/pr/charleston-man-and-business-indicted-federal-court-over-9m-fraud

Re: Cisco Crosswork Network Insights - or how to destroy a useful service

Hello, we would be happy to collaborate to deploy and extend the ARTEMIS open-source software tool for monitoring, detection and potential automated mitigation of prefix hijacks, available on GitHub at https://github.com/FORTH-ICS-INSPIRE/artemis . Current monitoring sources include RIS

RE: FCC Hurricane Michael after-action report

On Mon, 13 May 2019, frnk...@iname.com wrote: One of my takeaways from that article was that burying fiber underground could likely have avoided many/most of these fiber cuts, though I’m not familiar enough with the terrain to know how feasible that is. Nature is more powerful than humans. In

Re: BGP prefix filter list

At a previous company , about 10-ish years ago, had the same problem due to equipment limitations, and wasn't able to get dollars to upgrade anything. The most effective thing for me at the time was to start dumping any prefix with an as-path length longer than 10. For our business then, if you

Re: BGP prefix filter list

As an eyeball network myself, you'll probably want to look at those things. You don't need to run a CDN to know where your bits are going. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest-IX http://www.midwest-ix.com - Original Message - From:

Re: BGP prefix filter list

On Wed, May 15, 2019 at 11:52 AM Mike Hammett wrote: > You can't do uRPF if you're not taking full routes. > I would never do uRPF , i am not a transit shop, so no problem there. BCP38 is as sexy as i get. > You also have a more limited set of information for analytics if you don't > have

Re: BGP prefix filter list

You can't do uRPF if you're not taking full routes. You also have a more limited set of information for analytics if you don't have full routes. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest-IX http://www.midwest-ix.com - Original Message

Re: BGP prefix filter list

I wouldn't call it shaming the vendor. There are a ton of platforms out there by nearly every vendor that can't accommodate modern table sizes. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest-IX http://www.midwest-ix.com - Original Message -

Re: BGP prefix filter list

On Wed, May 15, 2019 at 7:27 AM Dan White wrote: > On 05/15/19 13:58 +, Phil Lavin wrote: > >> We're an eyeball network. We accept default routes from our transit > >> providers so in theory there should be no impact on reachability. > >> > >> I'm pretty concerned about things that I don't

Re: BGP prefix filter list

My purpose is not to shame the vendor, but anyway these are ZTE M6000. We are currently planing to implement Juniper MX204 instead, but not because of this incident. We just ran out of bandwidth and brand new MX204 are cheaper than 100G capable shelves for the old platform. Regards, Baldur On

Re: BGP prefix filter list

Hello Baldur, What routers are you running? -Mike > On May 15, 2019, at 11:22, Baldur Norddahl wrote: > > Hello > >> On Wed, May 15, 2019 at 3:56 PM Mike Hammett wrote: >> What is the most common platform people are using with such limitations? How >> long ago was it deprecated? >> >> >

Re: BGP prefix filter list

Hello On Wed, May 15, 2019 at 3:56 PM Mike Hammett wrote: > What is the most common platform people are using with such limitations? > How long ago was it deprecated? > > > We are a small network with approx 10k customers and two core routers. The routers are advertised as 2 million FIB and 10

Re: BGP prefix filter list

If you're going whitebox, I would check out Netgate's new product called TNSR. It uses VPP for the data plane, which does all its processing in user space, thus avoiding the inefficiencies of the kernel network stack. That's particularly important at higher speeds like 40G or 100G. Disclaimer: I

Re: Cisco Crosswork Network Insights - or how to destroy a useful service

Thus spake Job Snijders (j...@ntt.net) on Wed, May 15, 2019 at 12:16:06PM +0200: > > I recognise the issue you describe, and I'd like to share with you that > we're going down another road. Nowadays, RIPE NCC offers a streaming API > ("RIS Live") which has the data needed to analyse and correlate

Re: BGP prefix filter list

On Wed, May 15, 2019, at 13:44, Baldur Norddahl wrote: > Or maybe we have a list of worst offenders? I am looking for ASN that > announces a lot of unnecessary /24 prefixes and which happens to be far > away from us? I would filter those to something like /20 and then just > have a default

Re: Cisco Crosswork Network Insights - or how to destroy a useful service

I would like to point out another more straightforward ignorant UI design decision for this new service. The login screen assumes and requires all Cisco.com account usernames to be email addresses. Many are not, especially for folks like me who have had theirs for decades. On 5/15/2019 4:50

USA to Mexico IXP Equipment Recommendations

Advice and/or suggestions wanted. Any input greatly appreciated. *Scenario:* We have run fiber from the USA to Mexico and have an exchange point in place. Our fiber connections are dark and therefore we can use any configuration we want on as many pairs as we want. Currently we have decided to

Re: BGP prefix filter list

On 5/15/19 7:26 AM, Dovid Bender wrote: > You have no idea how sad and true this is.  > > On Wed, May 15, 2019 at 10:16 AM Jon Lewis > wrote: > > On Wed, 15 May 2019, Mike Hammett wrote: > > > What is the most common platform people are using with such >

Re: BGP prefix filter list

Hi, did you find https://labs.ripe.net/Members/emileaben/768k-day-will-it-happen-did-it-happen ? It has further links at the end as well. If you hit the 768k issue for IPv4 you might look at IPv6 as well as there might be a 64k limit on some tcam profiles. If there is no IPv6 in use (very sad

Re: BGP prefix filter list

On 5/15/2019 9:46 AM, Hansen, Christoffer wrote: 'Tik, white box Linux/BSD, etc all offer good options at varying price points. Any pointers and/or references, when looking into speeds *above* what is possible with aggregated 10G links? That's a good question - I've not gotten past 10G

Re: BGP prefix filter list

On 15/05/2019 17:28, Brielle Bruns wrote: > Lots of good non-big vendor options these days - times have changed for > sure. Indeed. > 'Tik, white box Linux/BSD, etc all offer good options at varying price > points. Any pointers and/or references, when looking into speeds *above* what is

Re: BGP prefix filter list

On 5/15/2019 9:10 AM, Mike Hammett wrote: Eh...  you'll find it hard to get that past me. I know hundreds of self-funded ISPs that don't have route table size issues. Lots of good non-big vendor options these days - times have changed for sure. I'm running an EdgeRouter Infinity with BGP

Re: BGP prefix filter list

Eh... you'll find it hard to get that past me. I know hundreds of self-funded ISPs that don't have route table size issues. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest-IX http://www.midwest-ix.com - Original Message - From: "Jon Lewis"

Re: BGP prefix filter list

You have no idea how sad and true this is. On Wed, May 15, 2019 at 10:16 AM Jon Lewis wrote: > On Wed, 15 May 2019, Mike Hammett wrote: > > > What is the most common platform people are using with such limitations? > How long ago was it deprecated? > > One network's deprecated router is another

Re: BGP prefix filter list

On 05/15/19 13:58 +, Phil Lavin wrote: We're an eyeball network. We accept default routes from our transit providers so in theory there should be no impact on reachability. I'm pretty concerned about things that I don't know due to inefficient routing, e.g. customers hitting a public

Re: BGP prefix filter list

On Wed, 15 May 2019, Mike Hammett wrote: What is the most common platform people are using with such limitations? How long ago was it deprecated? One network's deprecated router is another network's new [bargain priced] core router. :)

Re: BGP prefix filter list

On Wed, 15 May 2019, Baldur Norddahl wrote: Hello This morning we apparently had a problem with our routers not handling the full table. So I am looking into culling the least useful prefixes from our tables. I can hardly be the first one to take on that kind of project, and I am wondering

RE: BGP prefix filter list

> We're an eyeball network. We accept default routes from our transit providers > so in theory there should be no impact on reachability. > I'm pretty concerned about things that I don't know due to inefficient > routing, e.g. customers hitting a public anycast DNS server in the wrong >

Re: BGP prefix filter list

What is the most common platform people are using with such limitations? How long ago was it deprecated? - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest-IX http://www.midwest-ix.com - Original Message - From: "Baldur Norddahl" To:

Re: BGP prefix filter list

Would also cut out anyone who uses /24s for anycast, or just general traffic control... Or as you put it, an insane amount of important stuff. Sent from my iPhone On May 15, 2019, at 7:44 AM, Phil Lavin wrote: >> We recently filtered out >=/24 prefixes since we're impacted by 768k day. > >

Re: BGP prefix filter list

On 05/15/19 13:44 +, Phil Lavin wrote: We recently filtered out >=/24 prefixes since we're impacted by 768k day. What kind of network are you running? Doing such prefix filtering on an eyeball network strikes me as insane - you'd be cutting off customers from huge swathes of the Internet

Re: BGP prefix filter list

If you have multiple transit providers and still want to be able to push traffic to the best path (no default route), then maybe a filter that will accept only AS Path 2/3 or shorter per transit provider, and a default route for the rest. You will get significantly less prefixes, and BGP path

RE: BGP prefix filter list

> We recently filtered out >=/24 prefixes since we're impacted by 768k day. What kind of network are you running? Doing such prefix filtering on an eyeball network strikes me as insane - you'd be cutting off customers from huge swathes of the Internet (including small companies like us) that

Re: BGP prefix filter list

We recently filtered out >=/24 prefixes since we're impacted by 768k day. I'm attaching our lightly researched list of exceptions. I'm interested in what others' operational experience is with filtering in this way. Filtering /24s cut our table down to around 315K. On 05/15/19 13:43 +0200,

Re: Charter and Cox contacts

First off, I apologize for the list. I didn't realize my replies included the entire original email... Mark, we do not run a mail server. The issue is a lot of our customers have their 2nd homes here, so when they come up they are using their email provided by their 1st home ISP. A number of

Re: Cisco Crosswork Network Insights - or how to destroy a useful service

https://honestnetworker.net/2019/01/31/recent-bgpmon-net-announcement/ From: NANOG on behalf of Mike Hammett Date: Wednesday, May 15, 2019 at 8:35 AM To: Hank Nussbacher Cc: "nanog@nanog.org" Subject: Re: Cisco Crosswork Network Insights - or how to destroy a useful service

Re: FCC Hurricane Michael after-action report

The majority of people doing locates are terrible at their job. (Un)fortunately, people doing the conduit installations are often terrible at their job as well. It's about a 50/50 split if the line was located correctly and the installation crew was careless or the line wasn't located correctly

Re: Cisco Crosswork Network Insights - or how to destroy a useful service

Cisco ruins everything they touch. - Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest-IX http://www.midwest-ix.com - Original Message - From: "Hank Nussbacher" To: nanog@nanog.org Sent: Wednesday, May 15, 2019 4:50:10 AM Subject: Cisco

Re: BGP prefix filter list

What about these ones? https://teamarin.net/2019/05/13/taking-a-hard-line-on-fraud/ On Wed, May 15, 2019 at 01:43:30PM +0200, Baldur Norddahl wrote: > Hello > > This morning we apparently had a problem with our routers not handling > the full table. So I am looking into culling the least

Re: Cisco Crosswork Network Insights - or how to destroy a useful service

https://bgpmon.net/wp-content/uploads/2019/01/BGPMon.net-EOL-EOS-faq.pdfOn May 15, 2019 14:52, "Mann, Jason" wrote: ​Is BGPmon going away? From: NANOG on behalf of Hank Nussbacher Sent: Wednesday, May 15, 2019 3:50 AM To: nanog@nanog.org Subject: Cisco Crosswork Network Insights - or how to

Re: Cisco Crosswork Network Insights - or how to destroy a useful service

On Wed, May 15, 2019 at 11:52:16AM +, Mann, Jason via NANOG wrote: > ?Is BGPmon going away? Yes, see https://bgpmon.net/wp-content/uploads/2019/01/BGPMon.net-EOL-EOS-faq.pdf Kind regards, Job

Re: Cisco Crosswork Network Insights - or how to destroy a useful service

?Is BGPmon going away? From: NANOG on behalf of Hank Nussbacher Sent: Wednesday, May 15, 2019 3:50 AM To: nanog@nanog.org Subject: Cisco Crosswork Network Insights - or how to destroy a useful service I have started to use Cisco Crosswork Network Insights

BGP prefix filter list

Hello This morning we apparently had a problem with our routers not handling the full table. So I am looking into culling the least useful prefixes from our tables. I can hardly be the first one to take on that kind of project, and I am wondering if there is a ready made prefix list or

Re: Cisco Crosswork Network Insights - or how to destroy a useful service

On Wed, May 15, 2019 at 11:37:57AM +0100, Carlos Friaças wrote: > It relies *exclusively* on "RIPE RIS Live", or does it also use other > sources? The first useful version will rely exclusively on the "RIS Live" interface. In a later stage we can consider adding something like the NLNOG Looking

Re: Cisco Crosswork Network Insights - or how to destroy a useful service

Hi Job, All, It relies *exclusively* on "RIPE RIS Live", or does it also use other sources? Regards, Carlos On Wed, 15 May 2019, Job Snijders wrote: Hi, I recognise the issue you describe, and I'd like to share with you that we're going down another road. Nowadays, RIPE NCC offers a

Re: Cisco Crosswork Network Insights - or how to destroy a useful service

Hi, I recognise the issue you describe, and I'd like to share with you that we're going down another road. Nowadays, RIPE NCC offers a streaming API ("RIS Live") which has the data needed to analyse and correlate BGP UPDATES seen in the wild to business rules you as operator define. NTT folks

Cisco Crosswork Network Insights - or how to destroy a useful service

I have started to use Cisco Crosswork Network Insights which is the replacement for BGPmon and I am shocked at how Cisco has managed to destroy a useful tool.I have had a paid 50 prefix account since the day BGPmon became available and helped two clients implement a 500 prefix license over the