vultr ? Is this the same vultr that appears to be hosting a lot of Sony
PlayStation games ?
I've been tshooting PS4 CGNAT issues and seeing my test ps4 gaming console
connecting to Vultr owned /27 address space all over the US Chicago, Miami,
Seattle, etc
Aaron
> On Aug 7, 2018, at 9:43
As you all have said, to confirm, I use ssm Mcast to distribute TV from
satellite down links in the headend, out to a few different remote head ends.
From there it's converted back to RF video and sent to subscribers via cable or
hfc plant
Aaron
> On Jul 31, 2018, at 5:15 PM, Job Snijders
Thanks for your replies...
In the last week or so I've been testing further...
Using the following items to slow/alleviate the otherwise randomness of ip's
and port's been generated via my cgnat boundary nodes...
APP - Address pooling paired
EIM - Endpoint independent mapping
EIF - Endpoint
(please forgive cross-posting between jnsp and nanog.looking for anyone who
could help shed light)
I moved customers behind MS-MPC-128G (MX960) CGNat boundary a few nights
ago. for the most part it went well. with these couple issues. please let me
know what you know about this and how to fix.
9010 and 7609 Small?
Aaron
> On May 19, 2018, at 3:51 PM, Ben Cannon wrote:
>
> Isn’t that the ASR9010? (And before that 7609?)
>
> -Ben
>
>>> On May 18, 2018, at 4:20 AM, Tom Hill wrote:
>>>
>>> On 17/05/18 14:24, Mike Hammett wrote:
>>> There's
While we are on ECMP topic...
In L3VPN, when I've learned say, 3 different routes all using different MPLS
tags to the 3 remote PE's, is there a way to ECMP hash across all of the paths
to load balance?
Aaron
> On May 16, 2018, at 6:32 PM, Thomas Bellman wrote:
>
>> On
of your transit
> providers.
>
> Sparkle would "shine" if you were a US hosting provider with many eyeballs in
> Europe/Africa/Middle East.
>
>> On Wed, May 16, 2018 at 11:34 AM, Mark Tinka <mark.ti...@seacom.mu> wrote:
>>
>>
>>
http://icaruswept.com/2016/06/28/who-owns-the-internet/
.written in 12/2015 - do y'all think this is accurate, and, in 2018, is it
still accurate ? (asking since my next question is related to Sparkle, since
they are listed in that previous article as a significant Internet presence)
Also,
You sure it doesn't have something to do with 60 seconds * 3 = 180 secs of BGP
neighbor Time out before it believes neighbor is dead and remove routes to that
neighbor?
Aaron
> On May 15, 2018, at 9:10 AM, Adam Kajtar wrote:
>
> Hello:
>
> I'm running two Juniper
I have (2) 10 gig links bundled in a lag to my upstream internet provider.
and we need more internet capacity. Is it cool to add a third 10 gig to my
existing 20 gig lag internet connection?
I'm asking since I heard in the past something negative about odd numbers of
lag members. .but I also
I'm not sure what you are taking about with ORR, but I use dual RR's for a
redundant cluster with me ASR9k's in IOS XR, and I have them handling routes
for ...
Family l2vpn VPLS
Family vpnv4
Family vpnv6
...so my 6PE mpls l3vpn has been working fine
Aaron
> On May 6, 2018, at 7:20 AM, Mark
Excuse my lack of knowledge... What does this mean? "Shareholders are people
holding Vanguard/Blackrock."
Aaron
> On Apr 24, 2018, at 10:31 AM, Saku Ytti wrote:
>
> Shareholders are people holding Vanguard/Blackrock.
Thanks Colton, Since I live in the US, and work for a boss that’s nervous
(concerned) about those things, then I comply. I remember mentioning Huawei as
an option recently in a meeting and the boss and a few other fellow engineers
were nervous and resistant to it. I tend to feel the same.
Aren't there issues/concerns with Huawei ?
I think we pay about $10k with discounts and about (4) 10 gig port license to
slow start our deployment of ACX5048's 10 gig east , 10 gig west , dual
10's facing FTTH OLT (Calix E7)
-Aaron
look at these...
* Juniper ACX5048 - I've deployed about ~50 of these over the last couple
years and they are great boxes. I'm using them as mpls p/pe running L3VPN
(v4 and tested 6vpe), L2VPN (manual martini l2circuits and bgp-ad rfc4762,
I'll say that IOS XR asr9k has an occasional problem
Thanks Anurag, is there anyone on the list from Amazon AWS Cloudfront that can
speak to this ?
“And AWS Cloudfront does has the option of edge locations not connected to
their backbone.“
I’m an ISP and have fb fna, nf oca, ggc, and Akamai aanp, … does Amazon AWS
Cloudfront ship servers
Thanks Doug, Kentik sounds familiar, I think I've spoken with them at a
conference once or twice... a quick like at their website reminds me that
they focus on ddos and understanding traffic better... not sure how this
applies to the thread originated by Russell.
-Aaron
I'm wondering if/when Amazon Prime Video will have a CDN system to roll-out
to ISP's like OCA, FNA, GGC, etc
Anyone here anything about Amazon Video or any other big names like that ?
- Aaron
-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of
When going to aol.com and click "login/join" in top-right corner, brings you
to a login page. when I try to login, I get nothing. just tries and tries to
take me to the next page, which seems to be my.screenname.aol.com. but it
never gets there. If I try from different subnets in my network, it
?
- Aaron
From: Michael Crapse [mailto:mich...@wi-fiber.io]
Sent: Tuesday, February 27, 2018 11:19 AM
To: Mike Hammett
Cc: Aaron Gould; NANOG list
Subject: Re: cgnat - how do you handle customer issues
For number 2, I'm a fan of what mike suggests. I believe the technical term is
MAP-T
Couple questions please. When you put thousands of customers behind a cgnat
boundary, how do you all handle customer complaints about the following.
1 - for external connectivity to the customers premise devices, not being
able to access web servers, web cameras, etc, in their premises?
2
No, I Wasn't the only one. 2 other neighboring South Texas ISP's just told
me they had same packet loss/high latency issues on their cogent connection
during same time frame.
Anyone know why this occurred and how far reaching it was ?
-Aaron
Did anyone in San Antonio or surrounding areas have internet issues last
night around ~8:00 - 8:30 p.m. central time ?
I saw a significant drop in traffic during that time with packet loss seen
on ping attempts.
Just wanted to know if I was the only one that took a hit
-Aaron
Preso I just looked at shows a spec for one of those boxes as having what
appears to be break-out capability of the 100 gig interfaces to be (10's, 25's
and 40's)... wondering if that would be true of those 100 gig ports on the
ACX5448 as well ? if not, why not?
-Aaron
Thanks, I too saw a 7 page preso, but no mention of 25 gig. Which one had
25gig ?
-Aaron
What does this include ?
17828 (part#) - X870 MPLS Feature Pack (product name) - ExtremeXOS X870 MPLS
Feature Pack (firmware license)
-Aaron
I just heard from a Juniper sales person about the ACX5448 (code name ACX5k+ or
ACX+ or something like that) and about (4) 100 gig ports... also, about another
ACX5k variant that may have 25 gig (25 gig is something the linux server
engineer I work with has been talking about in his next
Going off of old notes...
1-877-726-4368 Prompts 2,2
supp...@cogentco.com
-Aaron
-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Youssef
Bengelloun-Zahr
Sent: Thursday, January 18, 2018 4:53 AM
To: NANOG [nanog@nanog.org]
Subject: Cogent ops contact
The "ip vrf autoclassify source" feature looks to be a very nice auto-pbr
solution for allowing multiple vrf's on one interface!
I'd like to know if anyone has used it and what you think about it,
particularly in the cable modem world...on Cisco uBR7246VXR, uBR10k, cbr8
-Aaron
Thanks but... that's the most elaborate "no comment" I've ever seen.
Lol... thanks ytti
-Aaron
Maybe my analogy of "billion" doesn’t correctly compare to 2^128 ip addresses
-Aaron
Sounds prophetic... we will see ... or our (x)grandchildren will see...
Yeah, if you give me a billion dollars, and I buy something for 1 million
dollars every day for the next ~3 years, at the end of those 3 years, I would
have no more, ... money-space :|
I wonder if the 20 bit mpls label
Looks like /24 is going for ~$4k $16 per ip
Dang, perhaps it will go up like bitcoin, lol, we wish. Actually, I was
seeing ip's for $10 each about 8 months ago... so it is going up in value if
that auction site is a good measure of real value.
https://www.ipv4auctions.com/
-Aaron
This is a *single area* ospf environment, that has been stable for years..
But now suddenly is having issues with new ospf neightbor adjacencies ,
which are riding a 3rd party transport network
Anyone ever experienced anything strange with underlying transport network
mtu possibly causing
Funny about the noisy fans on NF OCA servers... we had a resident actually
complain about our CO being load and her hearing the high-pitched whine 24X7...
her house is literally across the street in the neighborhood where one of our
small datacenter/caching location is. My fellow engineer said
About who to speak with at Akamai... please forgive me if any of this
contact info is out-of-date, as I'm pulling from my notes from an old
network diagram...
Akamai Customer Care
- 877-425-2832
Akamai NOCC
- 877-625-2624
- 877-6-akamai (same as above)
- 617-444-3007
- nocc-sh...@akamai.com
-
Regarding Time Warner Cable (TWC AS 11427) , does anyone know of a route
server (telnet) or looking glass (web based) for looking at bgp/ip routes
and traceroutes from the inside the AS 11427 ?
-Aaron
I wonder if that was the cause of the snapchat outage yesterday or if the
snapchat outage was altogether separate from what y'all are talking about. ?
-Aaron
Thanks.
Btw, I looked through the ~50 page fb net appiance deplymnt install and op
guide and didn’t see where it speaks to that exact question.
-Aaron
From: Eric Dugas [mailto:edu...@unknowndevice.ca]
Sent: Tuesday, October 24, 2017 10:01 AM
To: Aaron Gould
Cc: NANOG
Subject: Re
How long is typical for the newly installed fna server cache to stay in
"testing" phase before moving to "in production" ? I've been watching ~100
mbps sustained towards mine since 6 p.m. last night and it's in "testing"
mode according to the fna partner portal. .so I'm looking forward to it
Anyone out here with facebook fna ?
I could use an assist please, you can contact me directly.
-Aaron Gould
?
-Aaron Gould
ese routes are seen as static
eng-lab-3600-1#sh run | in ip route
eng-lab-3600-1#
-Aaron Gould
Oh, thanks Jared, I don't know what Netflix puts in my caches that they have
locally here on -site... can I know ? Will the OCA portal show my what
types of things are in there ?
-Aaron
Is there anyone from Apple that can contact me about the caching servers that I
could possibly put into my local ISP network ?
-Aaron
My Netflix servers are half a petabyte of cached movies and they are about 18
inches tall not sure what you mean.
-Aaron Gould
I'm pretty sure I've seen huge hits on my Akamai caches during IOS release
nights.
But this is news to me about Apple having caches. Are Apple caches like
Akamai, Netflix, Google, etc?
-Aaron
I have 3 different well-known caches local to my network...
45% of my subscriber traffic hits the caches
55% of my subscriber traffic hits the internet uplinks
I love my caches, but I REALLY love the Netflix cache. It's a huge savings on
my internet uplinks.
-Aaron
r-1004
-Original Message-
From: Erik Sundberg [mailto:esundb...@nitelusa.com]
Sent: Friday, April 14, 2017 10:30 AM
To: Aaron Gould <aar...@gvtc.com>; nanog@nanog.org
Subject: RE: 10G MetroE 1-2U Switch
Aaron,
Do you know if the ACS5048 has any QOS limitations on this platf
Hence my mention of thinking it was a "sin" to subnet on the bit boundary in
v6... again, I will do my best to never go back to bit boundary subnetting
math in my v6 deployment. Actually, you folks are giving me bad flashbacks
to my ATM H-PNNI days of pnni peer group nsap address subnetting. Oh
ang MPLS xVPN's make my life so nice and manageable.
You geniuses out there that invent technology are incredible. Keep it up.
-Aaron Gould
Thanks Mark, I'm not much into the cellular realm other than Ethernet
cell-backhaul, which isn't cell at all but rather just hauling Ethernet/vlan
frames across my network as fast as I can :)
...so does what you said mean ipv6 prefixes are delegated to phones ?
-Aaron Gould
Thanks Bill, I thought with ipv6 it was a sin to subnet on bit boundaries and
not on nibble boundaries.
Heck, I’m gonna do whatever it takes to NOT subnet on bits with my v6
deployment. Hopefully with v6, gone are the days of binary subnetting math.
-Aaron Gould
From: William Herrin
I think this is funny... I have (4) 10 gig internet connections and here's the
maskings for my v6 dual stacking...
/126 - telia
/64 - att
/112 - cogent
/127 - twc/charter/spectrum
- Aaron Gould
As a thought, would seem to make sense to modularize that server nic so we can
slide in whatever optic we desire...copper, fiber short mm, fiber long range
sm, etc
-Aaron
I was already reading that… haven’t finished… is there a section in there about
cleaning/blocking it ?
-Aaron Gould
From: anthony kasza [mailto:anthony.ka...@gmail.com]
Sent: Monday, June 19, 2017 10:53 AM
To: Aaron Gould <aar...@gvtc.com>
Cc: North American Network Operators
Anyone experienced in stopping/blocking/cleaning GozNym - Gozi ISFB - Nymaim
?
- Aaron Gould
When you say some percentage is with Google, what do you mean by that ? What
do you mean by "with Google" ?
- Aaron Gould
Btw
Wow, a ~2 million dollar boundary (dual PTX1000's) for the NANOG 70
conference geez
-aaron
-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Eric Kuhnke
Sent: Friday, June 2, 2017 1:43 PM
To: nanog@nanog.org list
Subject: NANOG
Yeah, I was looking at ipv4auctions.com a while back and recall seeing $10/per
ip… now it seems that $12.50/per ip is the lowest
-Aaron
We used VeEX for a while and had our CO Techs run around with hand-held VeEx
testers and run tests from them to a VeEx loopback device I config'd mpls
pw's between them. We don't really do this anymore... we now role out Accedian
MetroNid's and MetroNode's which have a lot of this RFC2544
Someone recently reached out to me and asked me about this same thing... to
which I responded by asking them how much they would pay me to lease my
address space... here was their response...I'm pretty sure they are
U.S.-based company. I'd rather not say who they are... since I'm not sure
I'm at
Hi Radu-Adrian, have you done any MPLS PE functions on the NCS5001 ? ...like
MPLS/VPLS L2VPN, or L3VPN ?
I'm asking because I tried a NCS5001 in my lab about a year or 2 ago and it was
pretty bad. At which point I was told to only try it as a P box from a Cisco
engineerat which point it
Sdn/nfv for the physical layer... c'mon man, don't you know we are going to
have virtual-fiber too , LOL , jk of course
-Aaron
-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Keith Medcalf
Sent: Tuesday, May 23, 2017 5:52 PM
To: nanog@nanog.org
Subject: RE:
This sounds something like the MEF Third Network type stuff I mean the
ability to setup connection dynamically across network boundaries on-the-fly,
via an ordering system... that has always sounded awesome to me... and I've
wondered how we could actually get there one day. Sounds like a
That's a good word Andrew
-Aaron
-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Andrew Kirch
Sent: Thursday, April 27, 2017 11:47 PM
To: John A. Kilpatrick
Cc: NANOG list
Subject: Re: PSN (Playstation Network) security
Oh, ok... hmmm
So what was the issue with Ciena and MPLS Patrick ?
-Aaron
Thanks Tom... I might be wrong, I thought I remembered Ciena not having the
MPLS routing capabilities I needed... I do see this on their website... so
maybe it does more MPLS L2/L3VPN capabilities than I remembered... I might
have to take another look at this and talk to my Ciena POC and VAR...
Sorry Erik, I'm not well versed on the ACX5048 qos at the moment.I'm
just now undergoing a qos project which will require me to learn more about
the gear in my network, to include the sub-rings of acx5048's. Perhaps
check back with me in a while and I might know more.
I am not handling my
Wow, 10 gig and 40 gig, mpls, etc, etc for $3,000 ?! Who is ZTE ? I
usually try to stay with big names...Juniper, Cisco, etc... is ZTE
well-known and reputable ?
-Aaron
Yw Erik, also, since I'm fond/familiar with my newly deployed Juniper
ACX5048's here's the MEF info...it's on there.
https://www.mef.net/certification/equipment_details?company=001U007RJ6dI
AG
- Aaron
Pretty sure I looked at the ciena 51xx and I found that it does not have
mpls in it... pretty sure Erik needs mpls...
-Aaron
I'm pretty sure that the Juniper QFX5100 and the Juniper ACX5048 are some box
with different Junos and features allowed/disallowed...somehow. (lookup
pictures on google and juniper.net... pretty sure identical box)
As I recall, the QFX5100 has more data-center-type things like virtual
Yeah, I settled on the ACX5048 too. I've since replaced about (25) Cisco
ME3600's with ACX5048's. I'm doing MPLS L2VPN's and L3VPN's on the ACX5048.
It's pretty nice and stable.
-Aaron
Hi Eric, A year or 2 ago, I did a good bit of work looking at various
MPLS-capable-PE boxes as I was looking to replace the investment of Cisco
ME3600's that couldn't keep up the pace of our FTTH 10 gig link
expansions... that ME3600 only had (2) 10 gig ports.
Several links below are just a quick
Thanks Max, I've thought about that and tested some ipv6 (6vpe, mpls l3vpn
w/ipv6 dual stacked) in my network.
In my CGNAT testing for my 7,000 dsl customers, I've already tested the
inter-vrf route leaks that will be required for ipv6-flow-around to bypass
the IPv4 CGNAT boundary so, I have
Thanks Rich, you bring up some good points. Yes it would seem that an
attack aimed at a target IP address would in-fact now have a greater surface
since that IP address is being used by many people. When we
remotely-trigger-black-hole (RTBH) route an ip address (/32 host route) into
a black hole
Last year I evaluated Cisco ASR9006/VSM-500 and Juniper MX104/MS-MIC-16G in
my lab.
I went with MX104/MS-MIC-16G. I love it.
I deployed (2) MX104's. Each MX104 has a single MX-MIC-16G card in it. I
integrated this CGNAT with MPLS L3VPN's for NAT Inside vrf and NAT outside
vrf. Both MX104's
Thank you all for your advice and input. I wanted to circle back with you
all on this.
Turns out it was my fault. Doesn't seem that this was a Telia problem at
all.
What happened was, when I turned up my new 10 gig Telia Internet connection
a few days ago, I needed to balance out my (4) 10 gig
Dang why would they "silently" do that !? wouldn't that shot holes in my
caching purpose , also I just got off the phone with a Telia net eng in D.C.
, he said he doesn't know anything about why this is happening.
Thanks, I'm advertising more specific prefixes to local Netflix now... but
as I
Yes I did...
Netflix said, they are rcv'ing same prefixes with lower cost in DFW !! I
have no idea why. Netflix told me to advertise shorter prefixes to my local
cluster... I'm doing it now. And strangely now the Netflix guy lost control
plane to one of my (2) nodes. Someone is running out
Thanks, but James, you would not believe how rapidly the traffic to my local
caches drop off, *and* on the same day I brought up my new Telia internet
connection. ...and furthermore, my internet inbound traffic went *through
the roof*
-Aaron
Regarding, caching services like Netflix OCA and Google GGC, does anyone
know if there is something strange that occurs when connected to Telia BGP
AS1299 ? .meaning, if I have local Netflix/google caches, and then later I
establish a BGP session for Internet with Telia/BGP 1299, would there be
Yes, thanks, I am going to do that. But, is there a middle ground between
being default only and full routes ? Like is it advantageous for me to ask for
partial routes (like their routes and direct peers and default route) ? This
way I don't have millions of routes but I guess only a few
Well, I asked my (3) upstream providers to only send me a ipv6 default route
and they sent me ::/0...here's one of them...
RP/0/RSP0/CPU0: 9k#sh bgp vrf one ipv6 uni neighbors abcd:1234::1 routes
Thu Mar 2 12:33:23.644 CST
...
Status codes: s suppressed, d damped, h history, * valid, > best
Correction... ::/0 is what I learn from those 3 :)
Thanks everyone, and my apologies.
After I sent that email to you all, I did google for it and found that this has
been a problem since ~ February 2016. Dang, that long?!
In that case, I'm shutting down my ipv6 neighboring with cogent. I have 2
other inet v6 connections. I only learn 0/0
Nat translation limits might not only be related to his first hop nat device
In the home, but these days with the exhaustion of ipv4, the second hop
carrier grade nat (cgnat) device in his upstream provider could be limiting
also.
I run a cgnat for an isp and allow 2500 ports per customer
What's the old router make/model ?
What's the new router make/model ?
-Aaron
-Original Message-
From: Ryan Pugatch [mailto:r...@lp0.org]
Sent: Wednesday, March 1, 2017 12:27 PM
To: Aaron Gould <aar...@gvtc.com>; nanog@nanog.org
Subject: Re: Consumer networking head scratcher
The
That's strange... it's like the TTL on all Windows IP packets are decrementing
more and more as time goes on causing you to get less and less hops into the
internet
I wonder if it's a bug/virus/malware affecting only your windows computers.
-Aaron
101 - 190 of 190 matches
Mail list logo