Re: Per Site QOS policy with Cisco IOS-XE
If you want to prevent a PE router from deciding which ingress packets to drop, the only plan is to send packets to spoke sites at or below the spoke line-rate. The only good way to do that is shaping on the hub router. policy-map parent_shaper class class-default shape average 1 --- 100Mbps parent shaper. service-policy site_shaper policy-map site_shaper class t1_site shape average 1536000 service-policy qos_global class multilink_site shape average 3072000 service-policy qos_global class class-default service-policy qos_global policy-map qos_global ... whatever you typically use here Tyler Haske On Wed, May 1, 2013 at 5:03 PM, Wes Tribble westrib...@gmail.com wrote: I have a question for the QOS gurus out there. We are having some problems with packet loss for our smaller MPLS locations. This packet loss is due to the large speed differential on our Hub site(150mb/s) in comparison the the branch office locations(single T-1 to 4.5mb/s multilinks). This packet loss only seems to impact really bursty applications like our Web Proxy. I have been around and around with WindStream to give me some extra buffer or enable random early detection on the smaller interfaces in my MPLS network. So far they are unwilling to do a custom policy and none of their standard policies have enough buffer to handle the bursts. They do FIFO tail drop in every queue, so I can’t even choose a policy that has WRED implemented.
Re: Per Site QOS policy with Cisco IOS-XE
Tyler, I would love to implement a policy similar to that one. Unfortunately, I don't believe you can have two tiers of shaping like that in a policy. Most of the two-tiered shaping solutions I have seen involve using a VRF to shape to the aggregate rate and then use a second VRF to shape to the site rate. This is to get around the three-tier policy limitations. With that said, if you have something like that configured and working, I would love to see the config and the show policy-map interface output. That is exactly the kind of policy I was originally looking to implement, but then I ran into those limitations. Thanks for the reply. Great idea in concept. If only we could implement. On Wed, May 8, 2013 at 9:02 AM, Tyler Haske tyler.ha...@gmail.com wrote: If you want to prevent a PE router from deciding which ingress packets to drop, the only plan is to send packets to spoke sites at or below the spoke line-rate. The only good way to do that is shaping on the hub router. policy-map parent_shaper class class-default shape average 1 --- 100Mbps parent shaper. service-policy site_shaper policy-map site_shaper class t1_site shape average 1536000 service-policy qos_global class multilink_site shape average 3072000 service-policy qos_global class class-default service-policy qos_global policy-map qos_global ... whatever you typically use here Tyler Haske On Wed, May 1, 2013 at 5:03 PM, Wes Tribble westrib...@gmail.com wrote: I have a question for the QOS gurus out there. We are having some problems with packet loss for our smaller MPLS locations. This packet loss is due to the large speed differential on our Hub site(150mb/s) in comparison the the branch office locations(single T-1 to 4.5mb/s multilinks). This packet loss only seems to impact really bursty applications like our Web Proxy. I have been around and around with WindStream to give me some extra buffer or enable random early detection on the smaller interfaces in my MPLS network. So far they are unwilling to do a custom policy and none of their standard policies have enough buffer to handle the bursts. They do FIFO tail drop in every queue, so I can’t even choose a policy that has WRED implemented.
Traffic shaping going on?
Doesn't seem directly correlated with outages, and everything seems to be working ok, but I'm seeing about a 20-30% shift in flows from AS7792 to AS3356. Seems unlikely that many ISPs have suddenly turned up a level3 link on the same day/hour, and performance metrics all seem normal. I confess I've had to turn my attention away from network issues to systems/DB/security ones lately, so I may have missed something. Anyone else seeing fairly significant next hop shifts over the previous 24 hours? All of yesterdays major outages I was sort of suspecting seem to have been resolved without correlating shifts back. -R
Re: Historical Info
Hi Mike, you can use RIPEstat: http://stat.ripe.net On 5/6/13 10:14 PM, Mike Hyde wrote: Is there a way to get the past owners on IP blocks and AS numbers? for the routing history: https://stat.ripe.net/m/widget/routing-history#w.resource=193.0.21.44 (link to mobile version - /m) for the allocation history: https://stat.ripe.net/m/widget/allocation-history#w.resource=192.0.21.44 (without /m) And, today released BGPlay2 can be useful too: https://labs.ripe.net/Members/vastur/bgplay-v2-integrated-in-ripestat For RIPE NCC members, it is possible see the history of _registration in whois_, of IP ranges and AS numbers, and related objects: https://labs.ripe.net/Members/dfk/registration-history-for-members-a-demo I hope this helps. Regards, Vesna
Re: Traffic shaping going on?
On May 8, 2013, at 10:54 AM, Ray Wong r...@rayw.net wrote: Doesn't seem directly correlated with outages, and everything seems to be working ok, but I'm seeing about a 20-30% shift in flows from AS7792 to AS3356. Seems unlikely that many ISPs have suddenly turned up a level3 link on the same day/hour, and performance metrics all seem normal. I confess I've had to turn my attention away from network issues to systems/DB/security ones lately, so I may have missed something. Anyone else seeing fairly significant next hop shifts over the previous 24 hours? All of yesterdays major outages I was sort of suspecting seem to have been resolved without correlating shifts back. Just a random guess: Level3 could be migrating/integrating further networks which has triggered this shift. They do represent over 50% of the networks out there http://as-rank.caida.org/?mode0=as-rankingn=50ranksort=1 You can see here they have 51% of AS'es and 55% of IPv4 prefixes behind them. If you look at the combined, it's even more @69%/72% here: http://as-rank.caida.org/?mode0=org-infomode1=member-asesorg=LVLT-ARIN - Jared
Feedly and Facebook having issues?
http://www.isitdownrightnow.com/facebook.com.html http://www.isitdownrightnow.com/feedly.com.html -Hank
Re: Feedly and Facebook having issues?
I am not seeing any slowness from a TWTC circuit in Milwaukee, WI. (The spike an noon is due to a script that also runs that slows the server a bit) -Grant On Wed, May 8, 2013 at 12:16 PM, Hank Nussbacher h...@efes.iucc.ac.ilwrote: http://www.isitdownrightnow.**com/facebook.com.htmlhttp://www.isitdownrightnow.com/facebook.com.html http://www.isitdownrightnow.**com/feedly.com.htmlhttp://www.isitdownrightnow.com/feedly.com.html -Hank
Re: Could not send email to office 365
Just an update if list members are still experiencing this issue. I spoke on the phone with Escalation Manager for Microsoft North America and they had meetings today and their Engineering team is putting a game plan together to roll out a fix for the Outlook connectivity issues. They were debating to roll-out to the group of effected customers or one-by-one. From the data I provided to them it looks like something to do with their NSPI RPC endpoint environment. They told me I should receive a call tomorrow but call them Friday if I do not receive a call. Hopefully, everyone else experiencing this issue is being taken care of as this is the main concern with Cloud services is the lack of response times on major issues. -- Thanks, Joe On Thu, May 2, 2013 at 10:16 AM, JoeSox joe...@gmail.com wrote: Our Technical Support is reporting a big jump in Outlook connectivity issues about 5-10 minutes ago. Our resolvers are testing fine. -- Thanks, Joe On Thu, May 2, 2013 at 4:53 AM, Joe Abley jab...@hopcount.ca wrote: On 2013-05-02, at 02:42, Cathy Almond cat...@isc.org wrote: This may be a red herring, but I've heard of some dropping of DNS queries for the names within outlook.com domains where the queries are all coming from source port 53 (i.e. your recursive server doesn't use query source port randomization ... or there's a NAT or some other box in front of the recursive server which re-writes the source port... ). Might be worth checking what the recursive server you're using is doing? See https://www.dns-oarc.net/oarc/services/porttest Joe
Re: Data Center Installations
On 05/01/2013 10:05 PM, shawn wilson wrote: I'm more impressed with MicroCenter than Frys (at least the Frys south if SF). Too bad the Micro Center in Santa Clara along hwy 101 closed shop a year or so ago. According to them the owner of the building raised the lease price too much. The closest one for the bay Area now is LA... But I too liked them better than frys. It looks like in frys most time I spend dodging pushy sales people. You can't look at a thing for more than 10 seconds before some creepster walks over asking if you need help. A good alternative for the Bay Area is Central Computers. They even have a healthy selection of server hardware, including cases and motherboards: http://www.centralcomputers.com/commerce/catalog/spcategory.jsp?category_id=1573 Greetings, Jeroen -- Earthquake Magnitude: 4.4 Date: Wednesday, May 8, 2013 14:10:48 UTC Location: Kuril Islands Latitude: 44.1198; Longitude: 147.1659 Depth: 76.00 km
Re: Data Center Installations
Central Computers is ok on no-name server components, but not at all for rack / cabling / power / management / etc. Micro Center was right next to places I go to eat over there, but all gone. I can almost see Frys off Lawrence/Scott from here, and there's a Graybar 3 miles the other direction. They no longer welcome me at that Graybar with my first name, I spent too much time ordering online for delivery and / or doing datacenters up in SF / the Peninsula, but there were a few years in the 90s... BTW, if you're sweating the cost on your cable wrap velcro, you're missing something. Your time is more valuable than all the above. On Wed, May 8, 2013 at 5:29 PM, Jeroen van Aart jer...@mompl.net wrote: On 05/01/2013 10:05 PM, shawn wilson wrote: I'm more impressed with MicroCenter than Frys (at least the Frys south if SF). Too bad the Micro Center in Santa Clara along hwy 101 closed shop a year or so ago. According to them the owner of the building raised the lease price too much. The closest one for the bay Area now is LA... But I too liked them better than frys. It looks like in frys most time I spend dodging pushy sales people. You can't look at a thing for more than 10 seconds before some creepster walks over asking if you need help. A good alternative for the Bay Area is Central Computers. They even have a healthy selection of server hardware, including cases and motherboards: http://www.centralcomputers.**com/commerce/catalog/** spcategory.jsp?category_id=**1573http://www.centralcomputers.com/commerce/catalog/spcategory.jsp?category_id=1573 Greetings, Jeroen -- Earthquake Magnitude: 4.4 Date: Wednesday, May 8, 2013 14:10:48 UTC Location: Kuril Islands Latitude: 44.1198; Longitude: 147.1659 Depth: 76.00 km -- -george william herbert george.herb...@gmail.com
Entry level WDM gear?
Apologies if this is a dumb newbie question, but this is one area of networking where I remain a virgin :) We have a local loop fiber to a regional fiber hut that has served us well for several years. It's carrying a 1550nm ER 10G circuit at the moment, but we're looking at another one, possibly two (or more) in the near future. Getting another dark pair is complicated so we're exploring options to [C|D]WDM multiple lambdas over the existing fiber. Ciena/Cyan/etc are way over our non-existant budget... what is the going recommendation to throw say 4-8 lambdas over a dark pair without breaking the bank? :) Jeff
Re: Entry level WDM gear?
On Wed, 8 May 2013, Jeff Kell wrote: Ciena/Cyan/etc are way over our non-existant budget... what is the going recommendation to throw say 4-8 lambdas over a dark pair without breaking the bank? :) You purchase a CWDM filter for each end, purchase CWDM optical modules for each end for the lambads you want use. Something like this: http://www.ebay.com/itm/NEW-Solid-Optics-CWDM-MUX-DEMUX-8-channel-3-Year-Warranty-Fully-Tested-/200776443874?pt=US_Network_Switch_Moduleshash=item2ebf3567e2 Prices for optics depends on attenuation for the link, but for instance: http://www.ebay.com/itm/NEW-Solid-Optics-XFP-CWDM-ZR-for-Cisco-80km-All-Colors-3-Year-Warranty-/200797543018?pt=US_Network_Switch_Moduleshash=item2ec0775a6a -- Mikael Abrahamssonemail: swm...@swm.pp.se
