On Wed, Jan 20, 2016 at 11:13:41PM +0900, Randy Bush wrote:
> > I propose the following axiom: the greater the distance over which a
> > packet is forwarded, the less likely it is to be an IPv6 packet.
>
> that is a hypothesis not an axiom [...]
Thanks.
> but an interesting hypothesis. how do y
On Wed, Jan 20, 2016 at 01:32:11PM +0100, nanog-...@mail.com wrote:
> On Wednesday, January 20, 2016 Jared Mauch wrote:
> > I currently see around 56.4:1 with the timing of peaks the same in v4 and
> > v6.
> So that's more in line with AMS-IX (70G/4T) than Comcast/Swisscom
> then. AMS-IX:
> https:
NANOG,
Rob Blokzijl, one of the founding fathers of the RIPE (and by extent,
internet as we know it in Europe), passed away yesterday. The links in
the email below offer more insight into his life and accomplishments.
Kind regards,
Job
- Forwarded message from Daniel Karrenberg
-
Dat
On Tue, Dec 01, 2015 at 09:23:08PM +0200, Max Tulyev wrote:
> we got an issue today that announces from Cogent don't reach Hurricane
> Electric. HE support said that's a feature, not a bug.
>
> So we have splitted Internet again?
Was there ever an adjacency between 6939 and 174 in the IPv6 DFZ?
M
On Fri, Nov 06, 2015 at 09:38:52AM -0600, Andrew Duey wrote:
> Is anyone else seeing their routes leaked from AS9498 (BHARTI Airtel) in
> India?
>
> According to bgpmon.net they started leaking our Level 3 provided IP space
> at 2015-11-06 05:52 UTC. Oddly, they're not leaking our ARIN assigned I
On Thu, Oct 29, 2015 at 08:42:31AM -0700, Mike wrote:
> Is there any DDoS mitigation service provider that can scrub traffic
> for an ISP network?
Yeah, plenty. A non-exhaustive list: Prolexic, Incapsula, Staminus or
Nexusguard. There is no lack of choice.
> I have an ASN and BGP and my own net
posts (which were made in a short time window),
> there were existing message queues that were not cleared in a
> timely basis.
>
> As Job Snijders (a fellow Communications Committee member) noted
> in an earlier post, we will be implementing some additional protection
> mecha
On Mon, Oct 26, 2015 at 01:54:01PM +, Gavin Henry wrote:
> Anything to be done about all these?
Yes, it appears that even though the sender was blocked 30 hours ago or
so in mailman itself, there was still tons of pre-existing garbage in
the mailqueus which was flushed out over the last 30 hou
Hey!
New message, please read <http://zoomincinema.in/year.php?r>
Job Snijders
Ohai NANOG!
Many of you are probably familiar with "PeeringDB", one of the most
awesome resources for interconnection. :-)
What some of you might not realise, is that PeeringDB is evolving from a
bunch of php scripts into a real organisation with a board and
appropiate legal registrations! And as
On Thu, Oct 08, 2015 at 02:37:15PM -0700, Scott Berkman via NANOG wrote:
> Hello!
>
> Important message, please read
smells compromised, moderation flag has been enabled. don't click that
link, sorry.
Kind regards,
Job
(for the communications committee)
Hi Bob,
On Tue, Sep 29, 2015 at 08:05:45AM -0700, Bob Evans wrote:
> This seems like a very good proper civil approach - maybe this or
> something like it ARIN might help promote and endorse as a benefit to
> the community ? Be nice if with the cash they did something simple
> like this and got al
Dear community,
As an extension to this useful IPv4 report, I'd love to receive a weekly
overview of what is going on in the IPv6-world.
Regardless of IPv6 deployment status or traffic volume, misconfigured or
unstable IPv6 networks can inflict pain on a global scale (affecting
IPv4 too).
The IP
On Thu, Sep 10, 2015 at 10:53:01PM -0400, Tobin Burnham wrote:
> Does anyone know the status of Inerail (AS33031)?
No, but their NLNOG RING node is offline too: inerail01.ring.nlnog.net
> All of their ASNs and prefixes disappeared on 9/1/2015 according to
> http://bgp.he.net/AS33031
>
> All of t
Hi,
On Thu, Sep 10, 2015 at 05:08:14PM -, John Levine wrote:
> (I realize RIPE is not in North America, but we get a lot of traffic
> from their IP space.)
>
> When I try to contact whois.ripe.net (2001:67c:2e8:22::c100:687) or
> their REST server rest.db.ripe.net (2001:67c:2e8:22::c100:68e),
On Fri, Sep 04, 2015 at 08:32:42AM -0500, Mike Hammett wrote:
> I'm not here to debate how awesome or poor ARIN's IRR is.
>
> I've created my first objects in there, verified they exist via the
> ARIN RR whois and seen them show up in IRR Explorer. How do I verify
> that I've actually done them a
On Tue, Sep 01, 2015 at 08:33:42AM -0700, Serge Vautour wrote:
> For those than run Internet connected routers, how do you get your
> NetFlow data from the routers to your collectors? Do you let the flow
> export traffic use the same links as your customer traffic to route
> back to central collect
On Sun, Aug 16, 2015 at 08:00:55AM -0400, Patrick W. Gilmore wrote:
> On Aug 15, 2015, at 1:41 PM, Job Snijders wrote:
> > On Sat, Aug 15, 2015 at 11:01:56PM +0530, Glen Kent wrote:
>
> >> Is there a paper or a presentation that discusses the drops in the core?
> >>
On Sat, Aug 15, 2015 at 11:01:56PM +0530, Glen Kent wrote:
> Is there a paper or a presentation that discusses the drops in the core?
>
> If i were to break the total path into three legs -- the first, middle
> and the last, then are you saying that the probability of packet loss
> is perhaps 1/3
Hi,
On Tue, Aug 11, 2015 at 01:21:09PM -0500, Colton Conor wrote:
> We have an enterprise that has a headquarter office with redundant fiber
> connections, its own ASN, its own /22 IP block from ARIN.
> [ ... ]
>
> If you were to do this with Juniper or Cisco gear what would you have at
> each lo
On Mon, Aug 10, 2015 at 04:38:40PM +0300, Pavel Odintsov wrote:
> We have some open source software for this task
> https://github.com/FastVPSEestiOu/fastnetmon :) Feel free to ask me
> any questions off list.
I can attest that fastnetmon is a great tool for dealing with high pps
or high bandwidth
On Thu, Aug 06, 2015 at 11:09:13AM +0100, Tom Hill wrote:
> On 04/08/15 07:29, Peng Xiao (penxiao) wrote:
> > Cisco has open sourced one part of their BGP monitoring system - YABGP
> > And hosted source code on GitHub. https://github.com/smartbgp/yabgp
> > Documentation: http://yabgp.readthedocs.or
On Sat, Aug 01, 2015 at 08:15:11PM +0700, Roland Dobbins wrote:
> On 1 Aug 2015, at 17:11, Job Snijders wrote:
>
> >I reached out to ServerCentral network engineering to ask.
>
> ServerCentral say it's legit, and that they have the appropriate
> documentation
On Sat, Aug 01, 2015 at 10:24:10AM +0200, Jérôme Nicolle wrote:
> Just saw something suprising : 11/8 just came live from AS23352
> (ServerCentral)
> http://lg.ring.nlnog.net/prefix_detail/lg01/ipv4?q=11.0.0.0 .
>
> ARIN's registry didn't change :
>
> Net Range 11.0.0.0 - 11.255.255.255
> CID
On Wed, Jul 01, 2015 at 11:19:45AM -0400, David H wrote:
> I was wondering if anyone can recommend a software (preferable), or
> hardware-based router with an API, that supports BGP with tags on
> advertised routes? I want to use it for a RTBH feed [ ... ]
Did you look at BIRD? It is one of the m
On Wed, Jul 01, 2015 at 09:36:34AM +0900, Randy Bush wrote:
> > - when not using the RTR protocol but generating prefix-list
> > filters based on RPKI data, the devices might not support
> > sufficient entries.
>
> because the rpki generated acls are bigger and heavier than those i
On Tue, Jun 30, 2015 at 05:40:03PM -0500, Jared Mauch wrote:
> We have been pushing large configurations to devices. You can check my
> slides from the London IEPG meeting.
These are the slides: http://iepg.org/2014-03-02-ietf89/ietf89_iepg_jmauch.pdf
> When 96% of your config is prefix filters
On Tue, Jun 30, 2015 at 03:32:42PM -0700, Ca By wrote:
> It is NTT that would have mitigated this issue if they deployed and
> enforcer rpki, right?
No, NTT deploying RPKI would not have helped in yesterday's issue.
But, RPKI could've made a difference in today's Bangladesh leak, even if
RPKI val
On Wed, Jul 01, 2015 at 12:02:40AM +0200, Tore Anderson wrote:
> > I was thinking that when I posted yesterday.
> >
> > These were announcements from a peer, not customer routes.
> >
> > We are lowering our max prefix limits on many peers as a result of this.
> >
> > We are also going towards mo
On Tue, Jun 30, 2015 at 10:53:45AM -0400, Sandra Murphy wrote:
> That sort of AS_PATH filtering would not have helped in this case.
> The AS originated the routes, it did not propagate an upstream route.
>
> So an AS_PATH filter to just its own AS would have passed these
> routes.
>
> You would n
On Tue, Jun 30, 2015 at 04:38:48PM +0200, Mark Tinka wrote:
> On 30/Jun/15 16:24, Job Snijders wrote:
> > In this specific situation, for a small to medium sized network, it
> > might be prudent to apply an outbound prefix-filter on all transit &
> > peering sessio
On Tue, Jun 30, 2015 at 09:44:12AM -0400, Joe Abley wrote:
> On 30 Jun 2015, at 9:41, Job Snijders wrote:
> >In addition to the BGP community scheme, outbound as-path filters could
> >help.
>
> I agree, but possibly not in the case of a redistribution loop.
>
>
On Tue, Jun 30, 2015 at 10:22:38PM +0900, Matsuzaki Yoshinobu wrote:
> Randy Bush wrote
> >> A friend in AS58587 confirmed that this was caused by a configuration
> >> error - it seems like related to redistribution, and they already
> >> fixed that.
> >
> > 7007 all over again. do not redistrib
On Wed, Jun 17, 2015 at 05:07:25PM -0400, Luan Nguyen wrote:
> Is that safe to use [240.0.0.0/4] internally? Anyone using it? Just
> for NATTING on Cisco gears...
On Wed, Jun 17, 2015 at 06:30:04PM -0300, Eduardo Schoedler wrote:
> And what about 0.0.0.0/8?
On both counts: NO. I always assume pa
On Fri, Jun 12, 2015 at 08:25:40PM +, Jürgen Jaritsch wrote:
> This is the official [level3] feedback:
>
> [ ... ]
For completeness sake: here is what Telekom Malaysia published about the
issue:
Telekom Malaysia Berhad (TM) wishes to update on the service related
issue detected yeste
On Sat, Jun 13, 2015 at 03:39:13PM -0500, Theodore Baschak wrote:
> If you want/need BGP, OpenBSD + OpenBGPD (with their bgplg
> cgi/restricted shell) is fairly easy to set up. You mesh the looking
> glass in like any other router in your system, and it gives you full
> visibility. I wrote a how-to
On Fri, Jun 12, 2015 at 12:53:13PM -0300, jim deleskie wrote:
> Filtering has been a community issue since my days @ MCI being AS3561,
> often discussed not often enough acted one, I suspect the topic has come up
> at every "large" NSP I've worked at. Frequently someone complains its
> "hard" to f
On Fri, Jun 12, 2015 at 01:21:14PM +0200, Sebastian Wiesinger wrote:
> * Roland Dobbins [2015-06-12 12:57]:
> >
> > On 12 Jun 2015, at 17:46, Job Snijders wrote:
> >
> > > OK, as of now (~ 10:40) UTC things look normalised.
> >
> > Just got off the
On Fri, Jun 12, 2015 at 12:18:38PM +0200, Job Snijders wrote:
> On Fri, Jun 12, 2015 at 10:43:09AM +0100, Marty Strong via NANOG wrote:
> > It *looks* like GBLX stopped accepting the leak.
>
> I disagree. Since 08:44 UTC up until now (10:15) the DFZ has been a
> radio-active was
On Fri, Jun 12, 2015 at 10:43:09AM +0100, Marty Strong via NANOG wrote:
> It *looks* like GBLX stopped accepting the leak.
I disagree. Since 08:44 UTC up until now (10:15) the DFZ has been a
radio-active wasteland with hordes of unwelcome announcements.
Kind regards,
Job
On Fri, Jun 12, 2015 at 11:09:34AM +0200, Tore Anderson wrote:
> I see tons of bogus routes show up with AS4788 in the path, and at
> least AS3549 is acceping them.
>
> E.g. for the RIPE NCC (193.0.0.0/21):
>
> [BGP/170] 00:20:29, MED 1000, localpref 150
> AS path: 3549 4788 128
[ Forwarding today's announcement, apologies for duplicates ]
---
Hi Everyone!
PeeringDB is rolling our the first major revision since its inception,
PeeringDB 2.0. This email will explain the basics, and how you can learn
more information if you are interested.
Future Communication
On Mon, Jun 01, 2015 at 04:47:49PM -0500, Jason Bothe wrote:
> Could I please have a PeeringDB admin contact me off-list ?
Done!
Kind regards,
Job
On Fri, May 15, 2015 at 12:38:32PM -0500, Mike Hammett wrote:
> Sounds like multiple parties having improper route filters.
Filtering is a must. But even when doing the right thing, there could be
adverse side-effects when using an appliance which inserts fake,
more-specific paths into your netwo
On Fri, May 15, 2015 at 10:19:56AM -0500, Mike Hammett wrote:
> What is out there for route optimization products? I can think of
> Noction (no inbound) or Internap FCP (old).
Are you sure that an 'optimizer' is the right solution for you, or for
those surrounding you (peers, upstreams)?
http://
On Mon, Apr 20, 2015 at 08:57:58PM +0200, Robert Kisteleki wrote:
> About Ring: we're not authoritative -- I believe http://map.ring.nlnog.net/
> is.
I recommend our API: https://ring.nlnog.net/api/1.0/nodes
On Tue, Apr 21, 2015 at 03:42:46AM +0900, Randy Bush wrote:
> so how did you find it? i was wondering if i could find a useful
> atlas probe or nlring node, and how to find them.
There are no RING nodes in any of the verizon networks :-(
On Thu, Apr 16, 2015 at 04:09:43PM -0400, valdis.kletni...@vt.edu wrote:
> On Thu, 16 Apr 2015 15:39:46 -0400, Christopher Morrow said:
> > you're asking your ISP or set of ISPs to 'stop forwarding me packets
> > from X and Y and Z'
> >
> > sure, why do we need a new special group and designation f
On Sat, Apr 04, 2015 at 07:43:52PM -, John Levine wrote:
> I get a cert good through Dec 31.
Yeah, seems to be fixed now.
Vurt:~ job$ echo QUIT | openssl s_client -verify 6 -connect smtp.gmail.com:465
-showcerts | openssl x509 -noout -dates
verify depth is 6
depth=2 /C=US/O=GeoTrust
On Sat, Mar 28, 2015 at 10:26:39AM -0500, Brandon Ewing wrote:
> On Wed, Nov 02, 2011 at 08:00:20PM -0600, Kevin Epperson wrote:
> > whois -h filtergen.level3.net "AS3356 -cp -v4v6"
>
> Digging up a (very) old thread here, apologies.
>
> Does anyone know if filtergen is going to support IPv6-leng
On Thu, Mar 26, 2015 at 11:26:07PM -0400, ML wrote:
> On 3/26/2015 6:20 PM, Nick Rose wrote:
> >While investigating the issue we did find that the noction appliance
> >stopped advertising the no export community string with its
> >advertisements which is why certain prefixes were also seen.
>
> Wo
On Mar 12, 2015 8:08 PM, "joel jaeggli" wrote:
>
> On 3/12/15 12:01 PM, Yardiel D. Fuentes wrote:
> > In the above page, the idea is to introduce a 100-th range for each
category and as the BCOPs. This way a 100th number range generally
identifies each of the categories we currently have. An examp
On Sun, Jan 11, 2015 at 09:58:12PM +0700, Roland Dobbins wrote:
>> 2. Protect yourself by having your upstream police Police UDP to some
>> baseline you are comfortable with.
>
> This will come back to haunt you, when the programmatically-generated
> attack traffic 'crowds out' the legitimate traf
On Sun, Jan 11, 2015 at 08:46:40AM -0600, Mike Hammett wrote:
> Is anyone maintaining a list of good, bad and ugly providers in terms
> of how seriously they take things they should like BCP38 and community
> support and whatever else that's quantifiable?
This list sheds some light on antispoofin
On Thu, Nov 27, 2014 at 11:00:32AM -0500, Jared Mauch wrote:
> Seems your MTR sees loss within the Cogent (174) network prior
> to reaching the NTT network.
>
> I think you perhaps need cogent assistance?
This was resolved off-list. James is now engaging with his supplier.
For future reference:
On Thu, Nov 27, 2014 at 04:51:59AM -0500, james jones wrote:
> Looking to discuss a routing issue going through NTT's link to JP.
Feel free to contact me off-list with the details.
Kind regards,
Job
On Thu, Nov 20, 2014 at 06:07:09PM -0500, Jay Ashworth wrote:
> He generally provides same-day service on email, but...
>
> Hope all is well.
Don't worry, he is alive and well. puck.nether.net is having some disk
issues hene a backlog on email.
- Job
On Mon, Nov 10, 2014 at 12:39:02PM -0800, Max Clark wrote:
> DB9 ports seem to be a nearly extinct feature on laptops. Any
> suggestions on a cheap laptop for use in field support (with an
> onboard DB9)?
Might be easier to get an "Aten UC232A" converter to do USB<>DB9, you
are right that DB9 dire
On Thu, Oct 23, 2014 at 04:54:17PM -0400, Jared Mauch wrote:
> Having recently encountered a problem with a machine, I’m looking for
> an inexpensive KVMoIP device to place within a facility to take
> VGA/USB Keyboard for a single host scale. Ideally something that can
> be properly placed on the
Hi Christian,
On Thu, Oct 09, 2014 at 10:58:05PM +0200, Christian Seitz wrote:
>
>
> Why is there no validation required when this is done by an IXP? "All
> peers are my customers and I do trust them"? What about private
> peerings via PNIs?
Validation is not required because the requester can
On Wed, Oct 08, 2014 at 04:02:21PM -, John Levine wrote:
> >information. But... (aside from any local safety net filter), it's quite
> >a leap to allow a single entity to inject blackholes for any prefix.
>
> Spamhaus has been distributing their DROP list by BGP for years. The
> world hasn't
Dear John,
On Wed, Oct 08, 2014 at 08:59:00AM -0500, John Kristoff wrote:
> UTRS is essentially a community RTBH that people have suggested to us
> would be a good service to provide, so we're giving it a go.
FYI, there are various projects which are similar to this concept:
http://www.de-ci
On Sat, Sep 27, 2014 at 09:46:53AM -0400, Justin Wilson wrote:
> Trying to update some records on peeringdb.com and am not getting much
> response. Just wondering if I am the only one. I am not getting
> response back from support. Figured this would be a good place to ask.
> More curious than anyt
On Thu, Sep 18, 2014 at 08:42:23PM +, Brock Massel wrote:
> The 192.250.24 addresses have been reachable for several months in the
> current configuration with no reported issues. Since the 16th we have
> been hearing reports that destinations in that block are unavailable
> for some.
>
> Seve
On Thu, Sep 18, 2014 at 03:12:29PM -0400, Daniel Corbe wrote:
> > a) you're paying less, as you're not receiving the traffic
>
> This ventures into the realm of an operator doing something responsible
> to protect me vs routing me unwanted traffic and going "lol, bill."
>
> If you want to start
On Thu, Sep 18, 2014 at 03:15:41PM -0400, Daniel Corbe wrote:
> Also, if I'm buying full line rate commit from you then you're not
> actually losing any money on the deal whether or not you route me the
> traffic.
Ha, I wish all customers would buy in full line rate commits! :-)
- Job
On Wed, Sep 10, 2014 at 02:20:45PM +0300, Tarko Tikan wrote:
> 2000::/6 with aspath 3257 3549 has appeared in global routing table. Surely
> we can't be only ones seeing it. Looks like someone messed up
> interface/route config at 3549 by omitting 4 from the prefixlen.
>
> According to https://sta
On Tue, Sep 02, 2014 at 11:53:15AM -0400, Christopher Morrow wrote:
> On Tue, Sep 2, 2014 at 11:25 AM, Job Snijders wrote:
>
> > What is the real damage of hijacking a prefix which is not in use?
>
> 'not in use' ... where?
>
> What if the 'owner&
On Tue, Sep 02, 2014 at 03:08:28PM +, Sriram, Kotikalapudi wrote:
> The example that I gave was not that. In my example, C has legitimate
> ownership of the less specific (e.g., 192.0.2.0/23). D is malicious
> and attempting to hijack a subprefix (e.g., 192.0.2.0/24).
> Importantly, C has a cr
On Fri, Aug 29, 2014 at 06:17:09AM -0400, Sandra Murphy wrote:
> > Loose mode A would look like this:
> >
> >In the case that 10.0.0.0/16 origin AS123 is not in your table, the
> >loose mode would kick in and one could accept more specifics for
> >10.0.0.0/16, but only when originated
On Fri, Aug 29, 2014 at 06:39:32PM +0900, Randy Bush wrote:
> >>> Loose mode would drop failing routes, iff there is covering (i.e. less
> >>> specific is ok) route already in RIB.
> >> isn't that exactly the hole punching attack?
> > No, as the the more specific route is signed and is preferred (l
On Fri, Aug 29, 2014 at 06:25:16PM +0900, Randy Bush wrote:
> > Loose mode would drop failing routes, iff there is covering (i.e. less
> > specific is ok) route already in RIB.
>
> isn't that exactly the hole punching attack?
The proposed 'loose' mode protects against unauthorized hole punching
On Sun, Aug 17, 2014 at 09:11:05AM -0700, Payam Poursaied wrote:
> Appreciate if anyone from LeaseWeb can contact me off list. Its regarding
> blocking an IP address. Support team does not deal.
Replied offlist
- Job
On Thu, May 08, 2014 at 09:48:26AM +0200, Henning Brauer wrote:
>
> awaiting your diff.
http://marc.info/?l=openbsd-tech&m=139955603603070&w=2
Kind regards,
Job
On Thu, May 08, 2014 at 12:31:23PM +0200, Henning Brauer wrote:
> * Saku Ytti [2014-05-08 12:14]:
> > If OBSD can't afford MAC addresses but does not object to them in
> > principle, I
> > can give forever IRU for 256 MAC addresses to OBSD for 0USD one-time fee.
>
> when/if we change the mac add
Hi all,
Do you often find yourself in need of a simple calculator, and all you have
available to you is a Brocade or Cisco IOS router? No longer will you
experience the horror and dread of mental arithmetics. The route-map calculator
is here!
Brocade : http://instituut.net/~job/calculator-rout
Dear fellow networkers,
Through this tutorial-styled email I'd like to introduce the concept,
usage and implementation of "selective blackholing" through the BGP
protocol to the community. This email contains some python code, example
router configurations references to RIPE Atlas data to demonstr
On Mon, Feb 03, 2014 at 11:48:04AM -0600, Dennis Burgess wrote:
> I have a router with about 20 peers, most are all on a single port
> (local exchange), how is everyone monitoring traffic to individual
> peers?
Use something like IPFIX, NetFlow, sFlow and take a look at these two tools:
On Fri, Jan 31, 2014 at 11:32:17AM -0500, Alain Hebert wrote:
> bgpq3 works great the as-set that was borking rtlookup generate a
> ~183k long prefix list =D.
I recommend using it like this, to enable aggregation where possible: bgpq3 -A
Kind regards,
Job
>
pgpjISSQ47YFj.pgp
Description:
On Fri, Jan 31, 2014 at 08:58:06AM -0500, Alain Hebert wrote:
> IRRToolset 5.0.1 (rtconfig really) finally gave out on a pretty
> messy RPSL parse.
>
> After a few hours of research, it seems that its dead since 2009 :(.
>
> There is some effort at http://irrtoolset.isc.org to reboot
On Thu, Jan 30, 2014 at 06:51:59PM +0200, Martin T wrote:
> for example there is a small company with /22 IPv4 allocation from
> RIPE in European region. This company is dual-homed and would like to
> announce 4x /24 prefixes to both ISPs. Both ISP's update their
> prefix-lists automatically based
On Sat, Jan 25, 2014 at 10:04:30AM -0500, Bryan Socha wrote:
> I have over 100,000 servers located in routing diverse datacenters
> with 4byte ASN numbers and have not had 1 problem or complaint related
> to the ASN for not able to communicate with the datacenter. The first
> 1 did make me really
Dear Sebastian,
On Sat, Jan 25, 2014 at 02:56:16PM +0100, Sebastian Spies wrote:
> So here's the thing: IXPs usually implement N:M filtering based on
> standard community strings. As standard BGP communities support only 4
> bytes, this only works for IXPs with 2-byte ASNs and peers with 2-byte
>
On Wed, Nov 06, 2013 at 10:51:08PM +, J.J. Mc Kenna wrote:
> Comcast to XO due to Comcast's TATA peering issue.
>
> Ongoing.
I'd love to see verifiable public data to back up that claim.
Kind regards,
Job
pgpkM0i4UwL6b.pgp
Description: PGP signature
On Fri, Oct 25, 2013 at 12:59:48PM +0100, Matthew Newton wrote:
> I'll try and post the script (250 lines) somewhere if anyone's
> interested.
It is almost always good to open source your tools, for others to learn
and benefit from! :-)
Kind regards,
Job
pgppFb_K8NqR2.pgp
Description: PGP sig
Dear all,
I am unsure what we as networkers have done in the past, but I am sure
we've done our fair share of atonement and don't have to keep using
RANCID.
Some might say "it took ages to get rancid to do kinda what we want!",
but not all software ages well. One might work in environments whe
On Mon, Sep 23, 2013 at 11:28:58PM +1000, Geoff Huston wrote:
> On 23/09/2013, at 8:01 PM, Nick Hilliard wrote:
>
> > I look forward to the day when we have proper 32 bit BGP community
> > support and ASN32s finally become usable on nontrivial networks.
> >
>
> Is there some reference that des
On Jul 26, 2013, at 3:09 PM, Grzegorz Janoszka wrote:
> On 26-07-13 14:59, NetSecGuy wrote:
>> BGPMon.net has alerted me to /32 hijacks. Does anyone have thoughts on
>> what this might be and if it's malicious or misconfiguration?
>> My first thought is leaked null routes.Is this even worth
://nanog.org/sites/default/files/wed.general.peeringdb.accuracy.snijders.14.pdf
Kind regards,
Job
On May 23, 2013, at 12:28 PM, Job Snijders wrote:
> Dear fellow networkers,
>
> I need your help!
>
> For the good of PeeringDB I am researching the accuracy of the current
> Pe
Hi,
> The alternative is to expect "networks" with 100s or 1000s of locations to
> burn 100s or 1000s of ASNs. Which I think is a bit silly. Hence my question
> about possibly changing the rules.
I see no issue with that, we have an ASN pool of roughly 4294967280 ASNs. There
is no shortage. Al
So when will I hear back about this?
I will present the findings at the upcoming NANOG meeting in New Orleans [1].
Given that the NANOG meeting is approaching rapidly, I urge you to submit your
data sooner rather than later. :-)
Kind regards,
Job Snijders
[1] - CSV format should be formatted l
Hi John,
On Apr 4, 2013, at 12:52 AM, John Kemp
wrote:
> Having trouble reaching route-views.linx.routeviews.org from AS3582.
>
> I'm assuming that some folks stopped carrying
> this particular linx.net address prefix
> as of this morning. ?!?
Indeed LINX has taken steps recently to reduce th
Hi Nicolai,
It really happened, here are my notes.
http://instituut.net/~job/cb3rob-spamhaus-hijack-21-mar-2013.txt
Renesys also confirmed seeing the /32 from that direction, but they could
not share the data because of an NDA.
Because it was a /32, it was a hyperlocal event, if you c
Hi Chip,
AOL published some good looking open source software, it does not handle
BGP at this moment, but it does other tasks like ACLs quite well. It's designed
to be tightly integrated with your existing CMDB/RANCID, and it even takes
timezones into account for pushing new configurations.
Hi all,
Just a small update.
Off-list Andree and me have been working together with Kenneth from dreamhost
to try and figure out what exactly happened and which device or party orginated
these prefixes.
Unfortunately no hard conclusions can be drawn from the data available to us,
especially
s
the announcements for the more specifics seem to be gone.
Can anybody (preferably from Any2 or Dreamhost) shed more light on this matter?
Kind regards,
Job
On Mar 6, 2013, at 2:43 PM, Drew Weaver wrote:
> They're doing this to our routes in any2 in LA as well.
>
> ...
>
Hi Mat,
I see the same thing, we learn the prefix from the route-server in LAX:
tel...@r1.lax1.us>show ip bgp routes detail 90.201.80.0/20
Number of BGP Routes matching display condition : 1
Status A:AGGREGATE B:BEST b:NOT-INSTALLED-BEST C:CONFED_EBGP D:DAMPED
E:EBGP H:HISTORY I:IBGP L:LO
Hi,
NRTM still works according to my mirrors. So for up 2 date data, you could use
irr.ring.nlnog.net:
Alice:~ job$ whois -h irr.ring.nlnog.net 198.41.0.0 | wc -l
437
Alice:~ job$
Kind regards,
Job
On Mar 4, 2013, at 5:36 PM, Christopher Morrow wrote:
> On Mon, Mar 4, 2013 at 11:24
Hi,
On Feb 14, 2013, at 2:02 PM, Deric Kwok wrote:
> Can I know how many ipv6 full bgp table routes now?
Here are various sources to discover the size of the IPv6 internet routing
table:
http://public01.infra.ring.nlnog.net/munin/infra.ring.nlnog.net/lg01.infra.ring.nlnog.net/bird6.
Hi all,
Atrato / 5580 here.
We don't have direct peering with AS26347, although we learn the AS26347
prefixes through the 206.223.143.253 (AS 19996) routeserver in LAX.
So in a sense we are peering :-)
Kind regards,
Job
On Jan 11, 2013, at 7:31 PM, Andree Toonk wrote:
> Hi Kenneth,
>
>
401 - 500 of 510 matches
Mail list logo
