On 17/12/2013 18:37, valdis.kletni...@vt.edu wrote:
Have we gotten any better at control plane meltdown when somebody starts
poking lots of multicast addresses per second?
no, a point entirely lost on the vxlan clergy.
Nick
Wait, you mean to say that the normal mode for TNT's was it *not* to reboot
and crash all the time? :)
Ascend tech support's stock answer to any issue was either
1) Upgrade the code
2) Oh, you already tried that? downgrade the code! :)
And the company that managed to put out a release to 'fix a
Dec 18 07:46:33: %BGP-3-NOTIFICATION: received from neighbor REMOTE PEER
active 2/5 (authentication failure) 0 bytes
Dec 18 15:46:33.615: BGP: ses global REMOTE PEER (0x7FB1CD209CF0:0) act
Receive NOTIFICATION 2/5 (authentication failure) 0 bytes
Although I have seem this on the message
Hi all - Has anyone out there had experience of running these firewalls near
1Gig speeds (mainly middle to large packets, not voice) between zones/ports,
if possible
Specifically we are looking at the Watchguard XTM535 and the Juniper
SRX550/600's.
I am interested in experiences good and
I accidentally sent this to nanog-request yesterday. I could use some feedback
from anyone that can help, please.
Question: will carriers accept IPv6 advertisements smaller than /48?
Our org was approved a /36 based on number of locations. The bulk of those IPs
will be in the data centers. As
yes I tried multihop
even though my peer is on the same /29
On Wednesday, December 18, 2013 8:10 AM, Eric Dugas edu...@zerofail.com wrote:
Probably a TTL problem. Did you configure ebgp-multihop?
Eric Dugas
ZEROFAIL / AS40191
edu...@zerofail.com
-Original Message-
From: Philip
On Wed, Dec 18, 2013 at 09:11:46AM -0700, Cliff Bowles wrote:
Question: will carriers accept IPv6 advertisements smaller than /48?
Not generally, no.
Our org was approved a /36 based on number of locations. The bulk of
those IPs will be in the data centers. As we were chopping up the
If you’re talking about announcing each location separately, then RIPE have a
couple of useful articles about prefix visibility on Ripe Labs:
https://labs.ripe.net/Members/emileaben/ripe-atlas-a-case-study-of-ipv6-48-filtering
https://labs.ripe.net/Members/dbayer/visibility-of-prefix-lengths
Regardless of the carriers, you'll find most ASs on the internet only
listen to /48 or larger. So even if you get your prefixes accepted by your
provider, don't assume you can get anywhere, or have your packets not fall
in to uRPF blackholes randomly without a larger aggregate announcement.
It's standard to filter out anything longer than /48.
Your /36 prefix was chosen based on the number of sites, with a /48 per site,
so just keep it simple. Trying to manage it in the way IPv4 addresses were
managed will just ensure that you will have the same headaches of micro
managing sub
Can anyone recommend a vendor solution for DDOS mitigation? We are looking
for a solution that detects DDOS attacks from sflow information and
automatically announces BGP /32 blackhole routes to our upstream providers,
or a similar solution.
Thank You.
On 08/05/13 21:09 +1000, Ahad Aboss wrote:
On Wed, 18 Dec 2013, Cliff Bowles wrote:
Question: will carriers accept IPv6 advertisements smaller than /48?
Most of the carriers I've seen won't accept anything smaller than /48.
You have 4096 /48s to use in your /36. The bigger concern for carriers/ISPs
is IPv6 routing table bloat from
I had a feeling... thanks for the feedback.
CWB
From: Blake Dunlap [mailto:iki...@gmail.com]
Sent: Wednesday, December 18, 2013 9:32 AM
To: Edward Dore
Cc: Cliff Bowles; nanog@nanog.org
Subject: Re: IPv6 /48 advertisements
Regardless of the carriers, you'll find most ASs on the internet only
On 2013-12-18 17:11 , Cliff Bowles wrote:
I accidentally sent this to nanog-request yesterday. I could use some
feedback from anyone that can help, please.
Question: will carriers accept IPv6 advertisements smaller than /48?
Our org was approved a /36 based on number of locations.
In GRH
What do you recommend to an end user that have a direct assignment of a
/48, and would like to disaggregate as part of a traffic engineering
strategy?
Moreiras.
On 18/12/13 14:32, Blake Dunlap wrote:
Regardless of the carriers, you'll find most ASs on the internet only
listen to /48 or larger.
Your TE is not the rest of the world's routing slot's problem. Get more
circuits and do your te with your providers directly.
-Blake
On Dec 18, 2013 10:57 AM, Antonio M. Moreiras morei...@nic.br wrote:
What do you recommend to an end user that have a direct assignment of a
/48, and would like
On 18 December 2013 15:48, Philip Lavine source_ro...@yahoo.com wrote:
Dec 18 07:46:33: %BGP-3-NOTIFICATION: received from neighbor REMOTE PEER
active 2/5 (authentication failure) 0 bytes
Dec 18 15:46:33.615: BGP: ses global REMOTE PEER (0x7FB1CD209CF0:0) act
Receive NOTIFICATION 2/5
The only known option is with Cibola for 7M/1M.
If anyone know of an alternate provider with higher bandwidth please advise.
--Tri Tran
Have you talked to Cybermesa[1] or LC Wireless (co-op)[2]?
[1] http://www.cybermesa.com/
[2] http://www.lcwireless.us/
On Wed, Dec 18, 2013 at 12:14 PM, Tri Tran trit...@cox.net wrote:
The only known option is with Cibola for 7M/1M.
If anyone know of an alternate provider with higher
Thanks Brandon. I'll give them a call.
On 12/18/2013 10:22 AM, Brandon Galbraith wrote:
Have you talked to Cybermesa[1] or LC Wireless (co-op)[2]?
[1] http://www.cybermesa.com/
[2] http://www.lcwireless.us/
On Wed, Dec 18, 2013 at 12:14 PM, Tri Tran trit...@cox.net
mailto:trit...@cox.net
You can hit http://www.towercoverage.com and click on north American map to see
what may be in that area... contact numbers and e-mail addresses are provided.
Dennis Burgess, Mikrotik Certified Trainer Author of Learn RouterOS- Second
Edition
Link
On Dec 18, 2013, at 08:11 , Cliff Bowles cliff.bow...@apollogrp.edu wrote:
I accidentally sent this to nanog-request yesterday. I could use some
feedback from anyone that can help, please.
Question: will carriers accept IPv6 advertisements smaller than /48?
Generally, no. Since a /48
Get another /48 for your other location.
Owen
On Dec 18, 2013, at 08:53 , Antonio M. Moreiras morei...@nic.br wrote:
What do you recommend to an end user that have a direct assignment of a
/48, and would like to disaggregate as part of a traffic engineering
strategy?
Moreiras.
On
We use Arbor for this - works quite well…. Peakflow/TMS .. We don’t do
anything announcement wise upstream but don’t see why you couldn’t via
communities...
I’ve looked at one cloud based solution to date and decided appliance is a
better solution specific to our needs.
Paul
On 12/18/2013,
On 12/18/2013 11:14 AM, Tri Tran wrote:
The only known option is with Cibola for 7M/1M.
If anyone know of an alternate provider with higher bandwidth please
advise.
http://nmbbmapping.org/mapping/
Jerimiah
Great site. Thank you sir!
On 12/18/2013 12:14 PM, Jerimiah Cole wrote:
On 12/18/2013 11:14 AM, Tri Tran wrote:
The only known option is with Cibola for 7M/1M.
If anyone know of an alternate provider with higher bandwidth please
advise.
http://nmbbmapping.org/mapping/
Jerimiah
--Tri Tran
Dan,
If you are using sFlow for your measurements, then you might want to take a
look sFlow-RT for DDoS mitigation. The following case study describes how
sFlow and null routing are being used to mitigate flood attacks:
http://blog.sflow.com/2013/03/ddos.html
The analytics engine will detect
Yes, from a filtering point of view a /48 in IPv6 is pretty similar to a /24 in
IPv4, as perfectly illustrated by the two links in my post…
My point was that if you are getting the carrier to do the announcement for you
then they can announce an aggregated /48 prefix and then break that up
On Aug 2, 2013 10:31 AM, sgr...@airstreamcomm.net wrote:
I’m curious to know what other service providers are doing to
alleviate/prevent ddos attacks from happening in your network. Are you
completely reactive and block as many addresses as possible or null0
traffic to the effected host until
When I had that problem, it was because the max-prefixes on the Juniper router
was being triggered. If I remember correctly. It's a strange return message
for the wrong issue.
From: Philip Lavine source_ro...@yahoo.com
To: NANOG list nanog@nanog.org
Owen, thanks for this explanation. +1!
Eric Miller, CCNP
Network Engineering Consultant
(407) 257-5115
-Original Message-
From: Owen DeLong [mailto:o...@delong.com]
Sent: Wednesday, December 18, 2013 2:07 PM
To: Cliff Bowles
Cc: nanog@nanog.org
Subject: Re: IPv6 /48 advertisements
31 matches
Mail list logo