Re: Last Mile Design
On 14/Feb/19 23:25, Brandon Martin wrote: > > > The CES is...wonky. My Foundry/Brocade/Extreme SEs have steered me > away from them on more than one occasion. > > The CER is fine but of course more expensive. It'll take a full > Internet table, though, which is handy. > > For AE resi deployments, I'd aggregate folks onto cheap 48 port > switches then terminate onto a single pizza box router somewhere "less > deep" in the network. Distributed, in-field L3 termination doesn't > mean you have to terminate L3 right at the customer-facing port. One of the reasons I'd pay a little extra for an Active-E FTTH-centric switch is to control bandwidth right at the port the customer connects to. Cheap Ethernet switches generally don't have this capability (or if they do, have it in only one direction). This is why I felt the CES/CER were reasonable, but purely as Layer 2 termination and not using their IP/MPLS capabilities. Anyway, it's been a while since I had any interest in this, so it's possible life has changed since I was at the beach :-). Mark.
Re: Last Mile Design
On 14/Feb/19 17:10, Aaron Gould wrote: > Not sure if this is what y'all are talking about, but I use lots of Juniper > ACX5048 (previously Cisco ME3600 or ASR9000) for mpls-capable router edging > in native ip/ethernet from ftth gpon network into mpls l2circuits and LOTS of > vrf vrf for public ip, vrf for cgnat for private ip, vrf for voice... > I'm glad I did it. > > > Residential- ONT-ftth/gpon--OLT--ACX5048-mpls/vrf > x---cgnat/inet-- > > Residential- DSL Modem-DSLAM---ACX5048-mpls/vrf > y---cgnat/inet-- > > Residential- Cable Modem-CMTS---ACX5048-mpls/vrf > z---cgnat/inet-- I've never been a fan of the ACX because of its merchant silicon. On the other hand, that makes it quite affordable. Mark.
Re: BGP topological vs centralized route reflector
On 14/Feb/19 17:02, Aaron Gould wrote: > To not get off-topic too much, since you mentioned MX204, please tell me, do > you know if it is a nice MPLS P/PE box ? If so, is it quite capable in its > ability to do L3 VPN's, L2 VPN's (l2circuit mainly, but also curious of vpls, > evpn). We've started ordering them as our new peering and border routers. However, we shall also be using them as high-capacity Metro-E routers, where customers need 10Gbps hand-off, with a 100Gbps backbone. > > Actually I'm considering it as a router for my ENNI hand-offs to 3rd party > neighboring networks where I hand-off vlans (double tagged) for various > enterprise customers and cbh towers, etc then I would carry that probably > in a l2circuit from that MX204 to the utter-most parts of my mpls cloud. I > would want to police at that subinterface (unit) level to limit traffic for > obviously what they buy. > > MX204 be good for that ? I'm sure it will be - it's an MPC7 in a cage :-). Mark.
Whitebox with OSPF optics
Hey, Have you guys seen any ODM vendor that makes platforms based on Tomahawk 3 or later OSPF optics ? Thank you Sam
cgnat ams0 vrf-aware flow data export help
Need assistance with exporting flow data for inside interface of cgnat ams0 aggregated multiservice interface I have MX960 with MS-MPC-128G doing cgnat using AMS0 (aggregated multiservice of underlying mams interfaces) using next-hop-style vrf-aware cgnat. I need the cgnat inside domain interface (ams0.551) to be configured to export flow data (jflow, sflow, ipfix, whichever version i can use) to a flow collector server, this is important so we can have flow data of *pre-nat) private ip traffic. Anyone know how ? -Aaron
Re: [proj-bgp] adding graphs for actually unreachable RPKI INVALID prefixes to RPKI Monitor?
Sriram, Kotikalapudi (Fed) (2018-09-18):> I also found your analysis very interesting and useful. Thanks for that. > >> What do you think about adding graphs that show the amount of actually >> unreachable prefixes and IP space? (prefix where no alternative >> valid/unknown announcement exists) > > I am also part of the NIST BGP team. > Doug has already responded with information that we will soon have a new > version of the NIST Monitor > which will provide the kind of graphs that you requested. Can you share an estimate for when you plan to publish the new version of the NIST Monitor? thanks, nusenu -- https://twitter.com/nusenu_ https://mastodon.social/@nusenu signature.asc Description: OpenPGP digital signature
Re: Last Mile Design
On 2/14/19 12:08 AM, Mark Tinka wrote: As a pure FTTH Active-E AN, I still think the Brocade (Extreme) CER/CES is a good box. The CES is...wonky. My Foundry/Brocade/Extreme SEs have steered me away from them on more than one occasion. The CER is fine but of course more expensive. It'll take a full Internet table, though, which is handy. For AE resi deployments, I'd aggregate folks onto cheap 48 port switches then terminate onto a single pizza box router somewhere "less deep" in the network. Distributed, in-field L3 termination doesn't mean you have to terminate L3 right at the customer-facing port. -- Brandon Martin
RE: Last Mile Design
On Thu, 14 Feb 2019, Aaron Gould wrote: Not sure if this is what y'all are talking about, but I use lots of Juniper ACX5048 (previously Cisco ME3600 or ASR9000) for mpls-capable router edging in native ip/ethernet from ftth gpon network into mpls l2circuits and LOTS of vrf vrf for public ip, vrf for cgnat for private ip, vrf for voice... I'm glad I did it. Residential- ONT-ftth/gpon--OLT--ACX5048-mpls/vrf x---cgnat/inet-- Residential- DSL Modem-DSLAM---ACX5048-mpls/vrf y---cgnat/inet-- Residential- Cable Modem-CMTS---ACX5048-mpls/vrf z---cgnat/inet-- Residentialfiber media converter---L2 switch-- and then the rest of the setup you can re-use. AE isn't magic, insted of having an OLT,CMTS or DSLAM you just have an L2 ethernet switch. They're mostly just media converters anyway. 15 years ago I deployed ADSL like this: Residential---DSL modem---DSLAML3 switch So DSL-modem---DSLAM was just doing RFC1843bridged over ATM. Just media converters. Same thing, just different type of media converter. -- Mikael Abrahamssonemail: swm...@swm.pp.se
Re: Last Mile Design
On Wed, 13 Feb 2019, Colton Conor wrote: Just wondering, but what IP-capable MPLS switches are people using to deploy AE to residential internet connections? Most 48 port AE switches from repetuable vendors are crazy expensive, and I can't see how the ROI would ever work compared to GPON. Why do you need MPLS? Most people just use regular L2 switches with some SAVI functionality (DHCP inspection, RA guard tec). When I did this, we happened to have an L3 switch there so I made each customer IPv6 (protocol based vlan) broadcast domain unique for each customer, and the L3 switch had built in DHCPv6-PD server. So just route a /51 to it, and it was a self contained IPv6 upstream router. For IPv4 we had a shared vlan and I didn't change that design at all. For the FTTH deployment I am currently connected to, other end of my fiber is a big L2 chassi switch (~600 ports) with 10GE uplink to somewhere, and it does SAVI and then there is some BNG somewhere at the other end of this 10GE uplink. -- Mikael Abrahamssonemail: swm...@swm.pp.se
Re: Fwd: wither cyclops?
> Did this tool die on the vine? > https://cyclops.cs.ucla.edu/ Not sure I would express it that way https://www.cs.ucla.edu/thousandeyes-a-look-inside-two-ucla-alumnis-273-million-startup/ -- Simon.
Re: How to choose a transit provider?
thanks for all feedback, I have tried to summarize my thoughts in a video, hoping this is useful set of notes https://youtu.be/4gihKxb6uys On Sat, Dec 15, 2018 at 9:46 AM Mark Tinka wrote: > > > On 15/Dec/18 19:37, nanog-...@mail.com wrote: > > > > > I certainly subscribe to the notion that transport + transit is > usually less expensive than DIA, but this does depend on the market and > location. > > ... and the type of customer. > > DIA for a high-value "Enterprise" customer (think of a large > conglomerate) is typically more costly than DIA for a low-value > "Enterprise" customer (think of a family-owned travel & tour company). > The large global ISP's are making more money from "enterprise" business > than typical wholesale/transit services. This can support the idea that > DIA can be pricier than transit. > > Mark. >
Re: AT/as7018 now drops invalid prefixes from peers
> Congrats Jay, this is awesome news! Thanks, Alex! > I’m interested to hear what is preventing you from creating ROAs for all of > your announcements. > > > We will publish more ROAs over time. Thusfar we have been utilizing > > ARIN's hosted model, but down the road ARIN's delegated model will be > > in our future. > > > What are your main drivers for wanting to move to the delegated model? We can publish ROAs immediately for aggregate address blocks that we have been allocated if all routes are originated only by our network. But for our address allocations within which we have further assigned sub-blocks to our customers as PA space where we allow multihoming (e.g. within 12.0.0.0/8), we need to offer our downstream customers the ability to publish ROAs for their specific portions first before we publish a ROA for the aggregate, or else we'll make their announcements become invalid. Setting up that ability for our customers to publish ROAs for the PA space they receive from us will require tight integration with our customer software support systems, and perhaps also with our own certificate authority -- thus the delegated model. BTW: Alex, do you know where one might be able to get RPKI CA software? :-) Thanks. Jay B.
Re: Last Mile Design
A much more common configuration is a combination of a low cost 48-port L2 aggregation switch, something whitebox or similar to a Taiwanese OEM/ODM such as edgecore, with a single 10GbE uplink to a small MPLS-capable router. One 10Gbps link can fit a great many 1GbE active-E residential customers in it. On Thu, Feb 14, 2019 at 10:52 AM Colton Conor wrote: > Aaron, > > Indeed the ACX5048 is a great box but expensive. I was talking about using > the Gig-e ports of a 48 port switch to face subscribers, and asking what > low cost IP-Capable MPLS capable 48 port switch fits that role. Basically > an access switch for AE. > > > > > > On Thu, Feb 14, 2019 at 9:10 AM Aaron Gould wrote: > >> Not sure if this is what y'all are talking about, but I use lots of >> Juniper ACX5048 (previously Cisco ME3600 or ASR9000) for mpls-capable >> router edging in native ip/ethernet from ftth gpon network into mpls >> l2circuits and LOTS of vrf vrf for public ip, vrf for cgnat for private >> ip, vrf for voice... I'm glad I did it. >> >> >> Residential- ONT-ftth/gpon--OLT--ACX5048-mpls/vrf >> x---cgnat/inet-- >> >> Residential- DSL Modem-DSLAM---ACX5048-mpls/vrf >> y---cgnat/inet-- >> >> Residential- Cable Modem-CMTS---ACX5048-mpls/vrf >> z---cgnat/inet-- >> >> >> >> -Aaron >> >> >> >> >>
Re: Last Mile Design
Aaron, Indeed the ACX5048 is a great box but expensive. I was talking about using the Gig-e ports of a 48 port switch to face subscribers, and asking what low cost IP-Capable MPLS capable 48 port switch fits that role. Basically an access switch for AE. On Thu, Feb 14, 2019 at 9:10 AM Aaron Gould wrote: > Not sure if this is what y'all are talking about, but I use lots of > Juniper ACX5048 (previously Cisco ME3600 or ASR9000) for mpls-capable > router edging in native ip/ethernet from ftth gpon network into mpls > l2circuits and LOTS of vrf vrf for public ip, vrf for cgnat for private > ip, vrf for voice... I'm glad I did it. > > > Residential- ONT-ftth/gpon--OLT--ACX5048-mpls/vrf > x---cgnat/inet-- > > Residential- DSL Modem-DSLAM---ACX5048-mpls/vrf > y---cgnat/inet-- > > Residential- Cable Modem-CMTS---ACX5048-mpls/vrf > z---cgnat/inet-- > > > > -Aaron > > > > >
Return to NANOG, last mile, municipal facilities
It frightens me when I realize how long it's been since I was active in NANOG (2006?, but a lot before then). Happily, I'm surfacing from a lot of health and personal issues, and starting to do some consulting. *waves to lots of old friends, thinking of the time, in frustration, that I called VZ the employer of last resort for color-blind cable splicers. No long term insult intended.* I'm newly on the cable TV advisory commission for the Village of Chatham on Cape Cod, and trying to find other counterparts and specific experience. I am proposing that my committee take on a broader scope, to include municipal communications architecture not just with cable, but with town owned facilities/leased duct/carrier hotel, systematic cellular repeater towar placement and leasing, and WLANs among town buildings and possibly for residents. I'm also interacting with the emergency operations manager for various VHF, GETS/WPS telephony, and perhaps satellite. We're a fishing community with lots of marine band radio and satellite; the backup for the town and county emergency communications is 2-meter ham. Anyone else doing something like this? As a fishing and resort area, we'll be looking at providing WLAN connectivity in the harbor and nearby waters. We have an incumbent cable provider, which will not change this year. The committee advises the town on the contract and modifications. One area is that the town share of cable revenues is going down with more movie-over-IP and the like getting users to drop cable subscriptions. Cellular repeater rents might be one balancer. -- Howard C. Berkowitz 95 George Ryder Rd. Chatham, MA 02633 s...@netcases.net (509)241-1362 cell (866)262-6579 fax
RE: Last Mile Design
Not sure if this is what y'all are talking about, but I use lots of Juniper ACX5048 (previously Cisco ME3600 or ASR9000) for mpls-capable router edging in native ip/ethernet from ftth gpon network into mpls l2circuits and LOTS of vrf vrf for public ip, vrf for cgnat for private ip, vrf for voice... I'm glad I did it. Residential- ONT-ftth/gpon--OLT--ACX5048-mpls/vrf x---cgnat/inet-- Residential- DSL Modem-DSLAM---ACX5048-mpls/vrf y---cgnat/inet-- Residential- Cable Modem-CMTS---ACX5048-mpls/vrf z---cgnat/inet-- -Aaron
RE: BGP topological vs centralized route reflector
To not get off-topic too much, since you mentioned MX204, please tell me, do you know if it is a nice MPLS P/PE box ? If so, is it quite capable in its ability to do L3 VPN's, L2 VPN's (l2circuit mainly, but also curious of vpls, evpn). Actually I'm considering it as a router for my ENNI hand-offs to 3rd party neighboring networks where I hand-off vlans (double tagged) for various enterprise customers and cbh towers, etc then I would carry that probably in a l2circuit from that MX204 to the utter-most parts of my mpls cloud. I would want to police at that subinterface (unit) level to limit traffic for obviously what they buy. MX204 be good for that ? Thanks Mark -Aaron -Original Message- From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Mark Tinka Sent: Thursday, February 14, 2019 7:09 AM To: nanog@nanog.org Subject: Re: BGP topological vs centralized route reflector On 14/Feb/19 14:04, Alain Hebert wrote: > Hi, > > Unlucky as always, we had issues with the chassis of a MX104 about > every years since we installed. Are you using the MX104 as a route reflector? If so, make one of the VM's your alternative for this function :-). If you're not doing any non-Ethernet services on your MX104, and are struggling with the control plane, I'd propose moving to the MX204. Mark.
Re: BGP topological vs centralized route reflector
On 14/Feb/19 14:04, Alain Hebert wrote: > Hi, > > Unlucky as always, we had issues with the chassis of a MX104 about > every years since we installed. Are you using the MX104 as a route reflector? If so, make one of the VM's your alternative for this function :-). If you're not doing any non-Ethernet services on your MX104, and are struggling with the control plane, I'd propose moving to the MX204. Mark.
Re: BGP topological vs centralized route reflector
Hi, Unlucky as always, we had issues with the chassis of a MX104 about every years since we installed. I thinking the vibration from the train track above our location might be having an effect on connectors in those chassis, but we never got a "autopsy" report back from JNP about the chassis we swapped. Oddly luck, we have ~40 VM servers in the rack beside it with a mix of mechanical and SSDs drive with 0 issues for the same time span. So mileage may vary. - Alain Hebertaheb...@pubnix.net PubNIX Inc. 50 boul. St-Charles P.O. Box 26770 Beaconsfield, Quebec H9W 6G7 Tel: 514-990-5911 http://www.pubnix.netFax: 514-990-9443 On 2/14/19 12:15 AM, Mark Tinka wrote: On 13/Feb/19 20:00, Saku Ytti wrote: Main advantage of out-of-path is that you decouple FIB and RIB scaling requirements and feature requirements. Your backbone device does not need to be qualified for large RIB or BGP at all. And when you do need more RIB scaling, you can upgrade out-of-path without any network interruption. We've ran this for years (Cisco CSR1000v, since 2014), and our biggest problem has been server hardware failure. Failing fans, sensitivity to higher temperatures that routers can weather better... that sort of thing. Other than that, run this as a VM in your favourite hypervisor and you're good to go. Can't recommend it enough. Mark.