Re: BGP hijack?

Same stuff (with our ASN and our prefixes) detected here, coming from AS2027 (Milkywan), for a short time... Le dim. 22 oct. 2023 à 17:18, Hank Nussbacher a écrit : > We just had every single prefix in AS378 start being announced by AS2027. > > Every announcement by AS2027 is failing RPKI yet

Re: Telia Not Withdrawing v6 Routes

s has was dropped/re-announced as wel. > > Must just be something with my particular prefixes, oh well. > > Matt > > On 11/15/20 10:40 PM, Olivier Benghozi wrote: >> Probably a ghost route. Such thing happens :( >> https://labs.ripe.net/Members/romain_fontugne/bgp-zomb

Re: Telia Not Withdrawing v6 Routes

Probably a ghost route. Such thing happens :( https://labs.ripe.net/Members/romain_fontugne/bgp-zombies Their (nice) LG shows that it's still advertised from a router of theirs in Frankfurt (iBGP next hop :::2.255.251.224 – so by the way they use 6PE). Your best option would probably be to

Re: rfc4271 ORIGIN/path of default route, should the value be 0 or 2?

Debatable, certainly, as the Origin attribute should probably be considered as dead/obsolete and therefore it is probably a good practice to always set/reset it to internal. A number of networks already do this (including level3 by example). After all, the origin attribute was only designed to

Re: breakout

Hi, yep, that's the right way to work cleanly, just add a «special patch panel» instead of dealing with plenty of additional wires. We use such method to do 10GE with routers modules full of QSFP+ configured as 4x10. On our side we went for a modular Huber+Suhner solution, 1 U with a maximum

Re: MX10003 rack size

Hi, here it does fit in 600x1000 racks (APC & Minkels), with everything plugged, airfilter/frontpanel installed, doors closed. Front door / front rails / rear rails / rear door: 15cm / 72cm / 12cm > Le 6 août 2019 à 14:50, im a écrit : > > In my case, MX10003 needs 13cm gap between

Re: Mx204 alternative

By the way they now say in this KB article that they implemented a «high performance mode» for MX204 / MX10003 with some «set chassis fpc slot high-performance-mode». Anyone wiling to test? :) > Le 2 sept. 2019 à 15:23, Denys Fedoryshchenko a > écrit : > > From snabbco discussion, issue

Re: Juniper BGP Convergence Time

018 12:36 +0200, Olivier Benghozi <olivier.bengh...@wifirst.fr> : > >> I wonder if this convergence time issue wouldn't be a typical mission for >> «BGP PIC Edge for MPLS Layer 3 VPNs». >> But it would be necessary to migrate the DFZ to a VPN MPLS (and >> configur

Re: Juniper BGP Convergence Time

I wonder if this convergence time issue wouldn't be a typical mission for «BGP PIC Edge for MPLS Layer 3 VPNs». But it would be necessary to migrate the DFZ to a VPN MPLS (and configure composite nexthop and BGP PIC / «Provider Edge Link Protection»). > Le 24 mai 2018 à 09:20, Vincent Bernat

Re: MTU to CDN's

And also: When the router generates the ICMP by punting the packet to its CPU and such traffic is - legitimately - rate-limited to avoir crashing the router. When the ICMP is sourced by a private IP on the router for various legitimate reasons (not enough public IPv4 addresses, from within a

Re: connection to ix

Sure, plenty of people use such service. If you have much traffic, you'll rely on one dedicated port for each IX, and maybe one full 10G wave or more toward each one (so the remote service is only transport, you have your own port at each IX). If not, you'll use ethernet over MPLS service for

Re: Foundry FastIron

By the way, Foundry/Brocade small/campus switches were sold by Broadcom to Ruckus, not to Extreme (who bought the bigger switch/routers). https://support.ruckuswireless.com/product_families/21-ruckus-icx-campus-switches

Re: Chinese websites loading slower recently?

I can confirm, several customers complaining of being suddenly unable to access baidu/weibo and so on Same conclusion ensues. > On 20 oct. 2017 at 23:27, Tianhao Xiao wrote : > > The National Congress[0] just happened, and the Chinese government does > make a very big deal

Re: Point 2 point IPs between ASes

Well, /112 is not a stupid option (and is far smarter than /64): it contains the whole last nibble of an IPv6, that is x:x:x:x:x:x:x:1234. You always put 1 or 2 at the end, and if needed you are still able to address additional stuff would the point-to-point link become a LAN. And you don't

Re: Long AS Path

Yes, we had this kind of stuff in our logs: Jun 20 08:15:25 cr-co-01-pareq2-re0 rpd[9656]: %DAEMON-3: Prefix Send failed ! x:x:186.177.176.0/23 (label 19) bgp_rt_trace_too_big_message:1213 path attribute too big. Cannot build update. The AS path we have here is currently 12956 262206 262206

Re: Lille, France

There's also Eurafibre, I guess. > Le 25 mai 2017 à 08:15, Jérôme Fleury a écrit : > > SFR (soon to be renamed Altice) and Orange for sure have metropolitan > networks in Lille. > > There might be others depending on your needs. > > On Wed, May 24, 2017 at 12:03 PM, Rod

Re: google ipv6 routes via cogent

Due to various peering disputes (notably with Hurricane Electric) Cogent just don't have all the routes in IPv6 (and should be regarded as a partial IPv6 transit only). One should not rely only on Cogent for its transit, anyway :) Don't count on any improvement soon. It was already discussed

Re: Juniper Advertise MED on EBGP session.

What metric do you intend to advertise to an eBGP peer? iBGP MED to eBGP MED ? MED being a non-transitive attribute, I guess it's not expected to work if you don't explicitly set a MED in the export policy (you might rely on setting and matching communities for that) or on the peer group. It's

Re: Help interpret a strange traceroute?

Hi Randy, ECMP loadbalancing is most frequently done on layer3+layer4 headers, and unixlike traceroute use UDP with increasing destination port number for each packet (usually starting at 33434), which allows to see the different available paths, as wrote William. Would you want/need to

Re: IPv6 automatic reverse DNS

Already available: KnotDNS. https://www.knot-dns.cz/docs/2.x/html/configuration.html#synth-record-automatic-forward-reverse-records Olivier > On 29 oct. 2016 à 01:02, Baldur Norddahl

Re: Optical transceiver question

It's a bit like car fuel efficiency values, even with reputable brands :) In this industry, the number of kms for such optics is a best case approximation of the combination of (most notably) those elements: worst case power budget, capability to deal with chromatic scattering on this length

Re: Experience Brocade ICX7750 and other vendor SFP

I don't know if ICX behave like the FCX, but on those equipments, other_vendor_SFPs work perfectly (Finisar, Skylane CWDM 70km, at least). However the brocade won't let you use optical-monitor on them if they are standard coded, so you won't be able to check optical values (tx/rx dBm levels and

Re: BGPMON Alert Questions

... and same here. Indosat looks now to have developed a solid experience in BGP prefix hijack mess (last time was in 2011). Olivier On 4/2/14, 11:51, Joseph Jenkins wrote: So I setup BGPMON for my prefixes and got an alert about someone in Thailand announcing my prefix. Everything looks

Re: 7206 VXR NPE-G1 throughput

Cisco once implemented and released this feature to use the second core of the NPE-G1, most notably to manage the BRAS en/decapsulations tasks for LAC/LNS/PTA (PPPoE, L2TP...), effectively offering such 1.6 factor. It was called MPF, and was released in special 12.3-YM IOS (in 2004/2005 I

Re: carrier comparison

Hi Faisal, You might have to deploy some other means of (script ?) to bring your BGP session down from the 'broken' Service Provider. To the best of my knowledge, BGP does not have any mechanism to determine broken connectivity upstream past the router you are BGP session is up with.

Re: carrier comparison

Hi Vlade, Well, if you are trying to balance the incoming traffic load with local-pref attribute, I can understand your disappointment :) Since it doesn't work at all this way: local-pref is local to an AS and deals with outgoing traffic only. B) We have our own AS and IP space. I advertise

Re: BRAS

Hi, Le 11 déc. 2013 à 17:14, Nilesh Kahar nilesh.ka...@outlook.com a écrit : Also wanted to know about any other good BRAS product which can act fine for LNS - LAC setup. Ericsson SmartEdge Cisco ASR1000

Re: Redundant multicast routing

Hi, While anycast RP is better (redundancy is faster), it's not necessary: you can just use PIM-SM with BSR 2 RPs with hash-mask distribution for the layer 3 redundancy. By design, igmp snooping forwards all multicast traffic to mrouter ports (that is, all router interfaces with pim

Re: IPTV and ASM

For example Apple products don't support IGMPv3. Implemented at last in 2011 (!) under OSX Lion, 10 years after Windows XP... $ sysctl net.inet.igmp.default_version net.inet.igmp.default_version: 3

Re: bgp update destroying transit on redback routers ?

Aha, it looks that our Quebecer friends from Hostlogistic (AS46609) have again been advertising their now famous funny aggregate with their mad Brocade router, since yesterday 10pm UTC (that is 5pm in Quebec)... Same route to 206.125.164.0/22, same AGGREGATOR attribute full of 0. At least I can

Re: bgp update destroying transit on redback routers ?

Redback/Ericsson routers are the problem now, since the other vendors don't throw away the BGP sessions... I've opened a case at Ericsson, still waiting for an answer :-/ regards, Olivier Benghozi Wifirst