Bill,
wo...@pch.net (Bill Woodcock) wrote:
2. We plan to use this anycasting based setup for DNS during initial few
months. Assuming low traffic for DNS say ~10Mbps on average (on 100Mbps
port) and transit from just single network (datacenter itself) - is this
setup OK for simple
On Mar 9, 2012, at 12:11 AM, Elmar K. Bins wrote:
3. IPv6! - Is /32 is standard? We have only one /32
allocation from ARIN and thus if using /32 seems like hard deal - we have
to likely get another /32 just for anycasting? or we can use /48 without
issues? Also, is /48 a good number for
On 03/09/2012 12:11 AM, Elmar K. Bins wrote:
Bill,
wo...@pch.net (Bill Woodcock) wrote:
2. We plan to use this anycasting based setup for DNS during initial few
months. Assuming low traffic for DNS say ~10Mbps on average (on 100Mbps
port) and transit from just single network
On Fri, Mar 9, 2012 at 3:23 AM, Mehmet Akcin meh...@akcin.net wrote:
if you know anyone who is filtering /48 , you can start telling them to STOP
doing so as a good citizen of internet6.
I had a bit of off-list discussion about this topic, and I was not
going to bring it up today on-list, but
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Mar 9, 2012, at 12:11 AM, Elmar K. Bins wrote:
Well, let's say, using Quagga/BIRD might not really be best practice for
everybody... (e.g., *we* are using Cisco equipment for this)
How does your Cisco know whether an adjacent nameserver is
On 2012-03-09 10:02 , Jeff Wheeler wrote:
On Fri, Mar 9, 2012 at 3:23 AM, Mehmet Akcin meh...@akcin.net wrote:
if you know anyone who is filtering /48 , you can start telling them to STOP
doing so as a good citizen of internet6.
I had a bit of off-list discussion about this topic, and I was
Re Bill,
p...@altadena.net (Pete Carah) wrote:
Well, let's say, using Quagga/BIRD might not really be best practice for
everybody... (e.g., *we* are using Cisco equipment for this)
Actually there is a *very* good reason why many (most?) anycast
instances use quagga/BIRD/gated/etc
to speak
Re Bill,
wo...@pch.net (Bill Woodcock) wrote:
Well, let's say, using Quagga/BIRD might not really be best practice for
everybody... (e.g., *we* are using Cisco equipment for this)
How does your Cisco know whether an adjacent nameserver is heavily loaded,
and adjust its BGP announcements
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Mar 9, 2012, at 1:34 AM, Elmar K. Bins wrote:
Re Bill,
wo...@pch.net (Bill Woodcock) wrote:
Well, let's say, using Quagga/BIRD might not really be best practice for
everybody... (e.g., *we* are using Cisco equipment for this)
How does
On 03/09/2012 01:34 AM, Elmar K. Bins wrote:
Re Bill,
wo...@pch.net (Bill Woodcock) wrote:
Well, let's say, using Quagga/BIRD might not really be best practice for
everybody... (e.g., *we* are using Cisco equipment for this)
How does your Cisco know whether an adjacent nameserver is heavily
Sorry for nonoperational content, but this struck me as
a good place to post this query.
- Forwarded message from Fred Hapgood hapg...@pobox.com -
From: Fred Hapgood hapg...@pobox.com
Date: Thu, 08 Mar 2012 17:18:33 -0500
To: ns...@marshome.org
Subject: [NSG-d] Historian is trolling for
On Fri, Mar 9, 2012 at 4:02 AM, Jeff Wheeler j...@inconcepts.biz wrote:
On Fri, Mar 9, 2012 at 3:23 AM, Mehmet Akcin meh...@akcin.net wrote:
if you know anyone who is filtering /48 , you can
start telling them to STOP doing so as a good citizen of internet6.
I had a bit of off-list discussion
Thank you George. Not SMTP but HTTP.
I expect exact match string (as brand) marketers, and also
partial match string (as brand typo-squatter) marketers, to exploit
this asset class (widely spread and legitimately routed IPs).
#include string/metric.h
#include icann/udrp.h
#include seo/ppc.h
Jeff Wheeler j...@inconcepts.biz wrote:
Hello Jeff,
On Fri, Mar 9, 2012 at 3:23 AM, Mehmet Akcin meh...@akcin.net wrote:
if you know anyone who is filtering /48 , you can start telling them
to STOP doing so as a good citizen of internet6.
I had a bit of off-list discussion about this topic,
-Original Message-
From: George Michaelson [mailto:g...@apnic.net]
Sent: Thursday, March 08, 2012 8:06 PM
To: NANOG
Subject: Re: Request to lease IP space, or things that make you want to go
hm..
no. you misunderstand.
The value proposition is not spam: that works with
I think ARIN issues /48s for Provider independent space as the minimum
allocation size, so I'm guessing we shouldn't filter below that. At least,
that's what's in their current policies.
On Fri, Mar 9, 2012 at 7:50 AM, Bernhard Schmidt be...@birkenwald.dewrote:
Jeff Wheeler j...@inconcepts.biz
On 09.03.2012 17:04, PC wrote:
I think ARIN issues /48s for Provider independent space as the
minimum allocation size, so I'm guessing we shouldn't filter below
that. At least, that's what's in their current policies.
Note that I explicitly wrote:
| I used to be (or still am) on the same
Hi All,
It seems like here in the Americas we have a choice of either Tech 2000
or Perpetual Solutions for MEF certification training. Perpetual
Solutions is about $1000 more per seat, but seems a little more robust.
Has anyone gone through this training or used either of these companies?
I also would be interested in any information. It looks like MEF recognizes
4 training companies:
http://metroethernetforum.org/page_loader.php?p_id=1577
One company offers just 1 class then an exam for certification.
On Fri, Mar 9, 2012 at 9:54 AM, Andy Susag asu...@ifncom.net wrote:
Hi All,
UKNOF 22 - Call For Presentations
The next UKNOF meeting will take place on Thursday 3rd May 2012
in the City of York, hosted by Bytemark, and the Programme Committee
are seeking content from the community for this meeting.
You may often hear it said that UKNOF's remit is distribution of
clue,
This is an automated weekly mailing describing the state of the Internet
Routing Table as seen from APNIC's router in Japan.
The posting is sent to APOPS, NANOG, AfNOG, AusNOG, SANOG, PacNOG, LacNOG,
TRNOG, CaribNOG and the RIPE Routing Working Group.
Daily listings are sent to
This message contains operational information that might be of interest to the
Internet operational community. Verisign is enabling IPv6 transport for its
.com/.net Whois service (which also contains information for .edu, .arpa, and
the root zone).
By March 31, 2012, Verisign will begin
On Mar 9, 2012, at 1:02 AM, Jeff Wheeler wrote:
On Fri, Mar 9, 2012 at 3:23 AM, Mehmet Akcin meh...@akcin.net wrote:
if you know anyone who is filtering /48 , you can start telling them to STOP
doing so as a good citizen of internet6.
I had a bit of off-list discussion about this topic,
Let us not forget that there is also the issue of PA /48s being advertised
(quasi-legitimately) for some end-user organizations that are multi-homed but
choose not to get PI space. It is not uncommon to obtain a PA /48 from provider
A and also advertise it from Provider B.
Owen
Not so shocking for people on this list..However after playing around
with a single-homed v6 connection to Cogent I was a little surprised to
not be missing just HE routes.
Apparently Google and Cogent aren't playing nice as I've been unable to
reach a number of Google's s for
Owen wrote:
[...]
In the ARIN region I think we have pretty well prevented this last issue
with current policy. I tried to propose similar policy in the APNIC region,
but it was not well accepted there. The folks in Asia seem t want to cling
to their scarcity mentality in IPv6 for the time
On 09.03.2012 20:31, Owen DeLong wrote:
Hi,
Let us not forget that there is also the issue of PA /48s being
advertised (quasi-legitimately) for some end-user organizations that
are multi-homed but choose not to get PI space. It is not uncommon to
obtain a PA /48 from provider A and also
On 3/9/2012 3:22 PM, ML wrote:
Not so shocking for people on this list..However after playing around
with a single-homed v6 connection to Cogent I was a little surprised
to not be missing just HE routes.
Apparently Google and Cogent aren't playing nice as I've been unable
to reach a number
BGP Update Report
Interval: 01-Mar-12 -to- 08-Mar-12 (7 days)
Observation Point: BGP Peering with AS131072
TOP 20 Unstable Origin AS
Rank ASNUpds % Upds/PfxAS-Name
1 - AS24863 97468 4.4% 116.9 -- LINKdotNET-AS
2 - AS840258804 2.6% 28.6
This report has been generated at Fri Mar 9 21:12:46 2012 AEST.
The report analyses the BGP Routing Table of AS2.0 router
and generates a report on aggregation potential within the table.
Check http://www.cidr-report.org for a current version of this report.
Recent Table History
Date
From: Owen DeLong o...@delong.com
We had this discussion on the list exactly a year ago. At that time,
the average IPv6 origin ASN was announcing 1.43 routes. That figure
today is 1.57 routes per origin ASN.
That represents a 10% growth in prefix/asn for IPv6.
Compare to
How critical is BGP MD5 at Internet Exchange Points? Would lack of
support for MD5 authentication on route servers prevent some peers
from multilaterally connecting? Do most exchange operators support it?
Thanks!
Jay
On Mar 9, 2012, at 17:24 , Jay Hanke wrote:
How critical is BGP MD5 at Internet Exchange Points? Would lack of
support for MD5 authentication on route servers prevent some peers
from multilaterally connecting? Do most exchange operators support it?
On Mar 9, 2012, at 12:50 PM, Bernhard Schmidt wrote:
On 09.03.2012 20:31, Owen DeLong wrote:
Hi,
Let us not forget that there is also the issue of PA /48s being
advertised (quasi-legitimately) for some end-user organizations that
are multi-homed but choose not to get PI space. It is not
On Mar 9, 2012, at 2:07 PM, Brandon Butterworth wrote:
From: Owen DeLong o...@delong.com
We had this discussion on the list exactly a year ago. At that time,
the average IPv6 origin ASN was announcing 1.43 routes. That figure
today is 1.57 routes per origin ASN.
That represents a 10%
On Fri, Mar 9, 2012 at 1:31 PM, Owen DeLong o...@delong.com wrote:
Let us not forget that there is also the issue of PA /48s being advertised
(quasi-legitimately) for some end-user organizations that are multi-homed but
choose not to get PI space. It is not uncommon to obtain a PA /48 from
Hi,
What should happen is this quasi-legitimate method of
multi-homing should just be declared illegitimate for IPv6, to
facilitate stricter filtering. Instead, what should happen is the
multi-homing should be required to fit into one of 3 scenarios, so
any announcement with an IPv6
On Fri, Mar 9, 2012 at 5:32 PM, Sander Steffann san...@steffann.nl wrote:
Splitting the allocation can be done for many reasons. There are known cases
where one LIR operates multiple separate networks, each with a separate
routing policy. They cannot get multiple allocations from the RIR and
If the LIRs cannot get separate allocations from the RIR (and separate
ASNs) for this usage, something is wrong.
We want to make things as simple and efficient as possible, but no
simpler or more efficient, because the curves go back up again at that
point, and we all suffer.
-george
On Fri,
Hi,
Sander wrote:
Splitting the allocation can be done for many reasons. There are known cases
where one LIR operates multiple separate networks, each with a separate
routing policy. They cannot get multiple allocations from the RIR and they
cannot announce the whole allocation as a whole
From: Owen DeLong o...@delong.com
Handing one side an RIR-sponsored
tactical nuclear weapon is, IMHO, on the face of it a bad idea. The
proposal for classful allocation that Bill floated in the thread above
would constitute doing exactly that
Certainly a risk but then we handed every nutter
Owen said:
I'm not a big fan, either, but, I think that the concept of be
conservative in what you announce and liberal in what you accept has
to apply in this case. Since it is a common (quasi-)legitimate
practice, arbitrarily filtering it is ill-advised IMHO.
While I agree in principle,
Deaggregating to /48's is not a good idea, but giving an LIR a few bits
(something like 3 or 4) to deaggregate makes sense.
- Sander
+1
I wouldn't have a problem with a few bits of disaggregation. That seems
reasonable for a network that might be subject to partitioning or doesn't have
This varies from RIR to RIR.
In the ARIN region, you can get assignments or allocations for Multiple
Discreet Networks, but, ARIN will often register them as an aggregate in the
registration database, so...
In the RIPE region (which is where I believe Sander is), only aggregates are
available
On Mar 9, 2012, at 4:33 PM, Brandon Butterworth wrote:
From: Owen DeLong o...@delong.com
Handing one side an RIR-sponsored
tactical nuclear weapon is, IMHO, on the face of it a bad idea. The
proposal for classful allocation that Bill floated in the thread above
would constitute doing
(4) Any of the other methods of achieving multi-homing, such as
originating an NLRI with a longer prefix than the RIR delegation,
should be rejected by filters.
Owen
--
-JH
It is very rare that I will quote Randy Bush. Even more so when his
original quote was utterly misplaced in the
On Mar 9, 2012, at 3:45 PM, Leo Vegoda wrote:
Hi,
Sander wrote:
Splitting the allocation can be done for many reasons. There are known cases
where one LIR operates multiple separate networks, each with a separate
routing policy. They cannot get multiple allocations from the RIR and
On 3/9/12 20:42 , Owen DeLong wrote:
On Mar 9, 2012, at 3:45 PM, Leo Vegoda wrote:
Hi,
Sander wrote:
Splitting the allocation can be done for many reasons. There are
known cases where one LIR operates multiple separate networks,
each with a separate routing policy. They cannot get
Imposing arbitary political considerations on organizations that are
simply trying to operate networks in order preserve maximal
aggregation at a given level seems absurd on the face of it.
arin policy weenies live for this!
randy
I'll put this as bluntly and succinctly as I can because I find the LIR
distriction arbitrary...
I have an ipv6 direct assignment from ARIN.
I am assuming you are an enterprise in PI space and not an ISP in PA space?
It is sized to meet the needs of my enterprise consistent with needs
On Fri, Mar 9, 2012 at 11:33 PM, Joel jaeggli joe...@bogus.com wrote:
On 3/9/12 20:42 , Owen DeLong wrote:
Because my network is discontiguous I must announce more specific routes
than the assignment in order to reflect the topology I have both in IPV4
and in IPV6.
I fully expect (and have
Thanks for guidance everyone!
Appreciate it.
And yes, I can see another thread running on discussion about /48 - I am
listening silently about it.
Multiple AS doing anycasting was little concern for me, but now seems good
since I can see everyone's suggestion to use single own ASN for
Hello everyone,
Greetings from India. I hope lot of you have enjoyed APRICOT event at New
Delhi.
I wanted to bring an important issue. It's about DNS root servers in India.
So
anurag@laptop:~$ dig . ns +short
i.root-servers.net.
e.root-servers.net.
j.root-servers.net.
l.root-servers.net.
On 3/9/12 22:02 , George Bonser wrote:
An ISP that has been given a /32 or larger allocation from PA space
and might have 10,000 customers each assigned their own /48 could
instantly more than double the size of the IPv6 routing table if they
disaggregated that /32.
The problem here is
On Mar 9, 2012, at 7:08 PM, George Bonser wrote:
Owen said:
I'm not a big fan, either, but, I think that the concept of be
conservative in what you announce and liberal in what you accept has
to apply in this case. Since it is a common (quasi-)legitimate
practice, arbitrarily filtering it
I haven't heard anyone advocate accepting less than a /48. I think /48
is a reasonable You must be this tall to ride barrier.
Beyond that, YMMV.
Owen
Apparently AS6939 has at various times :) I remember getting some /64
announcements from HE. I haven't seen one lately, though. I'm
On 10/03/2012 08:19, Anurag Bhatia wrote:
Next, looking gTLD servers used by popular TLDs like com/net/org:
snip
None of these gTLD root servers are in India. I have tested routes to each
of them from BSNL (AS9829), Tata Comm (AS4755 AS6453), Airtel (AS9498) -
all land up outside India -
I'm only
filtering one /64 route these days announced by AS4651
Actually AS4651 is announcing it to me but it is originating from AS23883 via
AS4750 so there are some folks out there taking /64 routes. That one hit my
filters, though.
This problem is unfortunately not unique to India. There appear to be no
anycast instances of the gTLD servers in Africa either.
really!?
Hello Randy
No idea about Africa but certainly none of gTLD servers in India.
On Sat, Mar 10, 2012 at 12:42 PM, Randy Bush ra...@psg.com wrote:
This problem is unfortunately not unique to India. There appear to be no
anycast instances of the gTLD servers in Africa either.
really!?
--
On 3/10/2012 10:12 AM, Randy Bush wrote:
This problem is unfortunately not unique to India. There appear to be no
anycast instances of the gTLD servers in Africa either.
really!?
There was one in KE but can't find or reach it:
[a-m].gtld-servers.net. seem all to be in 192.0.0.0/8
On 10/03/2012 09:12, Randy Bush wrote:
This problem is unfortunately not unique to India. There appear to be no
anycast instances of the gTLD servers in Africa either.
really!?
Yes. I was also a little surprised.
I'm sure that I read somewhere that at least one of the gTLD anycast
prefixes
I am sure few of people here have experience of running root servers.
Can someone share if there's huge difference in . root servers Vs gTLD
servers? I understand that root only hold all TLD's - cc and gTLD
delegation that would be few hundred TLDs delegation while gTLDs hold lot
of domain names
No idea about Africa
then on what basis did you make the assertion?
but certainly none of gTLD servers in India.
i am slightly suspicious of this. often, root servers are accompanied
by gtld servers, and there are more than zero root servers in india.
there is a fashion among root and gtld
64 matches
Mail list logo