Dear community,
As an extension to this useful IPv4 report, I'd love to receive a weekly
overview of what is going on in the IPv6-world.
Regardless of IPv6 deployment status or traffic volume, misconfigured or
unstable IPv6 networks can inflict pain on a global scale (affecting
IPv4 too).
The
Hi Bob,
On Tue, Sep 29, 2015 at 08:05:45AM -0700, Bob Evans wrote:
> This seems like a very good proper civil approach - maybe this or
> something like it ARIN might help promote and endorse as a benefit to
> the community ? Be nice if with the cash they did something simple
> like this and got
NANOG,
Rob Blokzijl, one of the founding fathers of the RIPE (and by extent,
internet as we know it in Europe), passed away yesterday. The links in
the email below offer more insight into his life and accomplishments.
Kind regards,
Job
- Forwarded message from Daniel Karrenberg
On Tue, Dec 01, 2015 at 09:23:08PM +0200, Max Tulyev wrote:
> we got an issue today that announces from Cogent don't reach Hurricane
> Electric. HE support said that's a feature, not a bug.
>
> So we have splitted Internet again?
Was there ever an adjacency between 6939 and 174 in the IPv6 DFZ?
aching out to impacted parties on a weekly basis.
Kind regards,
Job
Contact persons:
Job Snijders <j...@ntt.net>, Jared Mauch <jma...@us.ntt.net>,
NTT Communications NOC <n...@ntt.net>
References:
[1]: https://tools.ietf.org/html/draft-thomson-postel-was-wrong-00
[2]: h
Dear Michael,
On Wed, Jun 08, 2016 at 12:56:18PM +, Michael Hare wrote:
> Upon examination on my view of the DFZ from AS3128 I see over 400
> upstream routes falling into this category, mostly in the 64512 -
> 65534 range. Based on our flow bandwidth stats we chose to reach out
> to several
On Mon, Jun 06, 2016 at 11:41:52AM +, Sriram, Kotikalapudi (Fed) wrote:
> I am a co-author on a route-leak detection/mitigation/prevention draft
> in the IDR WG in the IETF:
> https://tools.ietf.org/html/draft-ietf-idr-route-leak-detection-mitigation-03
>
>
> Question: Are there other
Hi All,
On Wed, Jun 08, 2016 at 08:48:11AM -0400, Joe Provo wrote:
> On Wed, Jun 08, 2016 at 11:48:36AM +, Sriram, Kotikalapudi (Fed) wrote:
> > Thanks for the inputs about the inter-AS messaging and route-leak
> > prevention techniques between neighboring ASes. Certainly helpful
> >
On Mon, May 30, 2016 at 10:03:33PM -0700, Randy Bush wrote:
>.-.
>| |
>| B |- D
> S -| A R|
>| C |- (toward S)
>|
On Thu, Jun 16, 2016 at 03:52:02PM +0200, Nurani Nimpuno wrote:
> A growing exchange point is not only a "nice-to-have" for those
> operating it, but vital to those networks who peer there. If you stop
> adding value to those networks peering at the IX, you will slowly
> become irrelevant.
I
On Tue, Jun 21, 2016 at 06:13:10PM -0400, Christopher Morrow wrote:
> "the internet is on fire"
>
> not as helpful a troublereport as one might want.
>
> please provide at least (so everyone else can verify/help/troubleshoot):
> 1) from location X
> 2) site Y with protocol Z (which resolves
Dear John,
On Thu, Feb 04, 2016 at 08:15:29PM +, John Curran wrote:
> One of the concerns raised at a previous NANOG was with respect to the
> need for an RPKI relying parties to explicitly accept ARIN's relying
> party agreement (RPA) - note that this has now been changed (per the
> attached
On Fri, Jan 29, 2016 at 10:51:05PM -0600, George Skorup wrote:
> Why doesn't Windstream have RTBH for their BGP customers? It cannot be
> impossible to implement.
vote with your wallet?
On Wed, Jan 27, 2016 at 09:11:59AM -0500, jimmy keffer wrote:
> does ntt peer with he for ip6?
You can review sites like:
https://radar.qrator.net/as2914/ipv6-peerings#startDate=2015-10-10=2016-01-27=current
or
http://bgp.he.net/AS2914#_peers6
to get a sense of what relations
On Sat, Feb 27, 2016 at 12:18:16AM +0100, Baldur Norddahl wrote:
> I am currently using MRTG and RRD to make traffic graphs. I am
> searching for more modern alternatives that allows the user to
> dynamically zoom and scroll the timeline.
>
> Bonus points if the user can customize the graphs
On Mon, Feb 29, 2016 at 08:07:40PM +0530, sathish kumar Ippani wrote:
> This is off topic, i am posting request as i need some help in
> configuring obsrvium for RANCID and traffic polling.
This is indeed the wrong mailing-list.
Please direct your questions to
On Thu, Jan 21, 2016 at 11:44:34PM +0900, Randy Bush wrote:
> > You can configure pmacct to specify on which properties of the received
> > flow data it should aggregate its output data, one could configure
> > pmacct to store data using the following primitives:
> >
> > ($timeperiod,
On Thu, Jan 21, 2016 at 08:23:09AM +0900, Randy Bush wrote:
> > We could assert that the TTL is an indication of distance traveled.
>
> you might hypothesize it. but the wide variance in per-hop rtt would
> seem to belie that.
>
> > Maybe one should record the TTL and Address Family of all
On Wed, Jan 20, 2016 at 01:32:11PM +0100, nanog-...@mail.com wrote:
> On Wednesday, January 20, 2016 Jared Mauch wrote:
> > I currently see around 56.4:1 with the timing of peaks the same in v4 and
> > v6.
> So that's more in line with AMS-IX (70G/4T) than Comcast/Swisscom
> then. AMS-IX:
>
On Wed, Jan 20, 2016 at 11:13:41PM +0900, Randy Bush wrote:
> > I propose the following axiom: the greater the distance over which a
> > packet is forwarded, the less likely it is to be an IPv6 packet.
>
> that is a hypothesis not an axiom [...]
Thanks.
> but an interesting hypothesis. how do
On Mon, Feb 15, 2016 at 02:22:31PM +0530, Anurag Bhatia wrote:
> Very interesting. For how long does the record stays? :)
For about a day.
Kind regards,
Job
On Fri, Feb 19, 2016 at 01:31:06AM +, courtneysm...@comcast.net wrote:
> Can anyone point me to examples of using rtconfig to generate IOS-XR
> configs? Specifically prefix and as-path sets. My Google skills are
> coming up short. The man page for rtconfig does not mention IOS-XR but
> it is
Hi David,
On Wed, Mar 09, 2016 at 09:06:20PM +, David Soltero wrote:
> This is advance notice that there is a scheduled change to the IPv6
> addresses in the Root Zone for the L root-server, also known as
> L.ROOT-SERVERS.NET, which is administered by the ICANN.
>
> The current IP addresses
Hi Kurt,
On Wed, Mar 09, 2016 at 11:26:35AM -0300, Kurt Kraut via NANOG wrote:
> I'm trying to convince my local Internet Exchange location (and it is not
> small, exceed 1 terabit per second on a daily basis) to adopt jumbo frames.
> For IPv6 is is hassle free, Path MTU Discovery arranges the
On Tue, May 24, 2016 at 12:13:18PM +0200, Marco Paesani wrote:
> Whats happened today at PeeringDB web site ?
And PeeringDB is back in business!
http://instituut.net/~job/screenshots/2f255c17a8aa9cb99121b448.png
A post-mortem will be shared on the pdb-tech@ list later today.
Kind regards,
Job
Hi Marco,
On Tue, May 24, 2016 at 12:13:18PM +0200, Marco Paesani wrote:
> Whats happened totady at PeeringDB web site ?
We ran out of peerings, but as we speak our service provider is printing
new ones ;-)
In all seriousness: our SP has issues with a storage array. The staff is
aware and they
On Mon, Aug 15, 2016 at 10:40:40AM +0200, Randy Bush wrote:
> my poor memory says that, some years back, someone announced or
> mentioned an open tool which i, a small isp, could feed my netflow data
> and bgp and ask if i should peer with X or build out or ...
>
> anyone with a more precise
Hi Philip,
I can't address your immediate concern, but I do have some hints
regarding traceroute:
1/ Please review the excellent presentation from RA{T,S}:
https://www.nanog.org/meetings/nanog47/presentations/Sunday/RAS_Traceroute_N47_Sun.pdf
https://www.youtube.com/watch?v=a1IaRAVGPEE
This is a clear case of broken mirroring. Unfortunately this is not immediately
apparent (for the operator) through the IRRd software. Usually this is resolved
by directly contacting the other side.
I've found RADB support staff to be responsive and courteous.
radb-supp...@merit.edu
On Mon, Jan 16, 2017 at 10:01:00PM +, Alistair Mackenzie wrote:
> So recently I've come across an issue with a large ISP announcing a
> /22 and /25 of IPv6 space. We are currently filtering <28 and >48
> which until now has worked fine for us.
>
> What are others using as their prefix filters
On Wed, Mar 01, 2017 at 10:49:07AM +, Nagarjun Govindraj via NANOG wrote:
> Is it possible to maintian an IRR database locally for quering route
> objects from various RIR's and do a regular sync like what RPKI validator
> does for ROA's.
IRRExplorer's database is available as json blob, if
On Fri, Oct 07, 2016 at 10:28:10AM +0100, Martin List-Petersen wrote:
> On 06/10/16 16:38, Sandra Murphy wrote:
> > Private reply:
> >
> > bgp.he.net sees it. For me.
> >
> > http://bgp.he.net/net/93.175.240.0/20
> >
> > I don’t know why they do and you do not.
>
> That just means, they
Dear nanog,
I'm asking the group to stay focussed on network operator topics.
While I appreciate the time and effort spend on the original legal
research in this thread, I fear the problem space of what defines libel
or slander is too far removed from the mailing list charter as described
here:
On Mon, Sep 26, 2016 at 08:52:20AM -0400, Adam Greene wrote:
> We were alerted to this by https://radar.qrator.net.
>
> This seems wrong from a number of angles .
Maybe the alerting system was confused. I don't see this confirmed in
RIPE RIS: https://stat.ripe.net/AS4233852001#tabId=routing
+0200, Job Snijders wrote:
> Large BGP Communities are a novel way to signal information between
> networks. An example of a Large BGP Communities is: 2914:4056024901:80.
>
> Large BGP Communities are composed of three 4-octet integers, separated
> by something like a colon. This is e
Hi all,
Please consider our Mail List Charter and Policy: http://nanog.org/list
The NANOG mailing list is established to provide a forum for the
exchange of technical information and the discussion of specific
implementation issues that require cooperation among network service
providers.
In
Hi Erich, everyone,
On Sat, Nov 19, 2016 at 02:02:15PM -0600, Kaiser, Erich wrote:
> Anyone out there from PeeringDB, please contact me offlist, we are
> having trouble updating our records.
You can reach PeeringDB support at supp...@peeringdb.com. Feel free to
CC me.
Kind regards,
Job
On Sun, Nov 20, 2016 at 12:19:35PM -0800, Scott Weeks wrote:
> --- Begin forwarded message:
>
> Hi Ladies and Gentlemen,
>
> .
> Contact me for further details.
> -
>
> Did anyone get this? I hesitate to think a long time NANOG
>
Dear all,
Large BGP Communities are a novel way to signal information between
networks. An example of a Large BGP Communities is: 2914:4056024901:80.
Large BGP Communities are composed of three 4-octet integers, separated
by something like a colon. This is easy to remember and accommodates
Hi Eric,
On Wed, Oct 12, 2016 at 06:43:18PM -0400, Eric Tykwinski wrote:
> IPv4 routes did a quick bounce to 600,949 around 9:30AM EST, than went
> back down to 599,241 shortly after. Seemed like a big jump so I setup
> an alert, just wondering if anyone else noticed anything, I’m not
> overly
Dear Alexandru,
> > > MACs that didnt make it through the switch when running 4.12.3.1:
> > >
> > > 4*:**:**:**:**:**
> > > 6*:**:**:**:**:**
> > > *4:**:**:**:**:**
> > > *6:**:**:**:**:**
> > > **:**:*B:**:6*:**
> > > **:**:*F:**:4*:**
> >
> > Can anyone explain the last
Hi Andrew,
On Thu, Dec 15, 2016 at 01:54:34PM -0500, Andrew Imeson wrote:
> Is it acceptable to prepend using another networks ASN as long as your
> ASN is the last one in the path? I can think of a few scenarios where
> this is helpful.
Your milage may vary. You risk introducing breakage
On Tue, Jan 10, 2017 at 03:51:04AM +0100, Baldur Norddahl wrote:
> If a transit link goes, for example because we had to reboot a router,
> traffic is supposed to reroute to the remaining transit links.
> Internally our network handles this fairly fast for egress traffic.
>
> However the problem
On Fri, Dec 02, 2016 at 09:00:57AM +, Nick Hilliard wrote:
> Eric Germann wrote:
> > Basically trying to advertise 4 byte ASN’s + communities, and then
> > pick them off elsewhere in a private network. Can’t get the config
> > right for the route map to import them on the “receiving” side.
>
Hi all,
Ever since the IEEE started allocating OUIs (MAC address ranges) in a
randomly distributed fashion rather then sequentially, the operator
community has suffered enormously.
Time after time issues pop up related to MAC addresses that start with a
4 or a 6. I believe IEEE changed their
On Fri, Dec 02, 2016 at 09:13:25AM -0800, Eric Germann wrote:
> So from reading the draft, if I’m understanding it correctly, I should
> be able (with the patch) to encode the 32 bit ASN + a community in to
> this as
>
> as32:x:y
>
> Is that correct?
yes.
I recommend you take a look at
On Fri, Dec 02, 2016 at 09:32:37AM -0800, Leo Bicknell wrote:
> I also do not think this is an IEEE/MAC assignement problem. This is a
> vendor's box can't forward a particular payload problem.
On Fri, Dec 02, 2016 at 04:59:37PM +, Nick Hilliard wrote:
> Job Snijders wrote:
>
ibilities.
Big thank you to Richard van Looijen (Flowmailer) for finding this
issue, Edwin Kalle (2hip) for pointing us at this thread, and Job
Snijders, his email which prompted us to investigate the intermediate
switches.
Kind regards,
Robert
On Tue, Dec 20, 2016 at 02:15:31PM +, Rivera, Alberto wrote:
> I am searching for NTT Taipei 3 data center address. Do you have it by
> any chance?
I'll ping you off-list.
Kind regards,
Job
171 also seems affected.
Job
On Fri, 17 Mar 2017 at 10:54, Stephane Bortzmeyer wrote:
> On Fri, Mar 17, 2017 at 12:03:58PM +0300,
> Eygene Ryabinkin wrote
> a message of 71 lines which said:
>
> > Seems like the other /16 from 144.in-addr.arpa are
Hi all,
Perhaps another explanation is that these are router2router linknets
between the involved parties, and all we are seeing is the effect of
"redistribute connected". If this is the case, the word "hijack" might be
somewhat strong worded.
Kind regards,
Job
On Sat, 1 Apr 2017 at 23:25,
On Sun, Apr 16, 2017 at 04:20:20PM +0300, Max Tulyev wrote:
> got the same from Kiev, Ukraine:
>
> dig fbcdn.com
> fbcdn.com.300 IN A 31.13.74.1
> which is slow and routed through USA
>
> and
> dig fbcdn.com @8.8.8.8
> fbcdn.com.299 IN A
On Sun, Apr 23, 2017 at 12:52:08PM +0200, Baldur Norddahl wrote:
> We are currently experiencing massive packet loss from Amazon EU-West 1.
> This page http://ec2-reachability.amazonaws.com/ will show most of eu-west-1
> as down but actually it is packet loss of 90+ %.
>
> I have found that if I
On Fri, Mar 03, 2017 at 09:42:04AM -0500, Patrick W. Gilmore wrote:
> On Mar 3, 2017, at 7:00 AM, Nick Hilliard wrote:
> > Niels Bakker wrote:
> >> As I explained in the rest of my email that you conveniently didn't
> >> quote, it's so that you can selectively import routes from
Hi.
On Mon, Mar 6, 2017 at 5:03 PM, Alarig Le Lay wrote:
> On lun. 6 mars 10:55:18 2017, Brandon Applegate wrote:
>> Just did a whois on the documentation prefix and was surprised to see what
>> looks like a user object registered for it:
>>
>> % Information related to
Hi,
On Mon, Mar 6, 2017 at 4:55 PM, Brandon Applegate wrote:
> Just did a whois on the documentation prefix and was surprised to see what
> looks like a user object registered for it:
>
> % Information related to '2001:0DB8::/32AS132111'
>
> route6: 2001:0DB8::/32
>
Dear Ronald,
Thanks for your report, we'll investigate.
Kind regards,
Job
On Wed, Jun 28, 2017 at 11:09:25PM +0200, Thomas Bellman wrote:
> On 2017-06-28 17:03, William Herrin wrote:
> > The common recommendations for IPv6 point to point interface numbering are:
> >
> > /64
> > /124
> > /126
> > /127
>
> I thought the only allowed subnet prefix lengths for IPv6 were
Dear all,
RFC 8195 "Use of BGP Large Communities" was just now published:
https://tools.ietf.org/html/rfc8195
RFC 8195 presents examples and inspiration for the operational
application of Large Communities. The document suggests logical
categories of Large Communities and demonstrates
Dear NANOG,
Some friends of mine are operating a nonprofit (on shoe string) and looking
to connect some CDN caches to an IX fabric. A BGP speaking device is needed
between the caches and the BGP peers connected to the fabric. The BGP
speaker is needed to present the peers on the IX with a unified
Dear NANOG,
After a bit of tug-of-war common sense prevailed and RFC 8212
"External BGP (EBGP) Route Propagation Behavior without Policies"
was published: https://tools.ietf.org/html/rfc8212
This industry has a long history of improving default behavior: DEC MOP
is no longer enabled by default,
On Tue, 27 Jun 2017 at 22:29, Krunal Shah wrote:
> Hello,
>
> What subnet mask you are people using for point to point IPs between two
> ASes? Specially with IPv6, We have a transit provider who wants us to use
> /64 which does not make sense for this purpose. isn’t it
On Thu, Apr 27, 2017 at 09:30:48AM -0700, Seth Mattinen wrote:
> On 4/27/17 06:47, root wrote:
> >
> > Am i right ?
> >
> > Policy for ipv4 accept and send upto /24
> > Policy for ipv6 accept and send upto /48
> >
> >
Hi Anne,
You aren't very specific about what you are looking for. Orange has many
business units and subsidiaries. Are you looking for sales contacts or
investor relations?
Kind regards,
Job
ps. Do you think it's possible to make your footer somewhat longer? It
doesn't quite yet fill a 28"
Hi Graham,
The talk was giving in context of motivating people to start with
network automation and help them go from 'no automation' to a step
further 'some automation'.
On Wed, Jun 14, 2017 at 07:50:05PM +, Graham Johnston wrote:
> Would you be able to provide any further insight into your
On Wed, Jun 14, 2017 at 09:35:59PM +0100, Nick Hilliard wrote:
> Graham Johnston wrote:
> > Would you be able to provide any further insight into your Don’t #5 –
> > “Don’t agree to change management. Managers are rarely engineers and
> > should not be making technical decisions. (nor should
On Tue, May 02, 2017 at 08:29:32AM +0100, Nikos Leontsinis wrote:
> it only proves the need for wider RPKI adoption
How can we actually encourage RPKI adoption?
Kind regards,
Job
What have you compared so far yourself?
Job
On Thu, 4 May 2017 at 22:40, c b wrote:
> We have a number of internet edge routers across several data centers
> approaching EOL/EOS, and are budgeting for replacements. Like most
> enterprises, we have been Cisco-centric in
Hi,
Here are some extra pointers:
https://youtube.com/watch?v=C7pkab8n7ys
https://www.nanog.org/sites/default/files/dosdontsnetworkautomation.pdf
https://github.com/coloclue/kees
Kind regards,
Job
On Tue, 6 Jun 2017 at 13:49, Brian Knight wrote:
> Because we had
On Fri, Sep 15, 2017 at 11:25:10AM -0400, Dovid Bender wrote:
> Does anyone know of a tool like PeeringDB where I can select two exchanges
> say TELX 60 Hudson and then SIX (Seattle IX) and find all carriers that
> have a presence in both locations?
a bit hacky ;-)
Vurt:~ job$ comm -1 -2 <(curl
Dear all,
Adam Chappell created an interesting shim to improve the default behaviour
related to EBGP Internet routing on Juniper Junos.
https://twitter.com/packetsource/status/910219911150080007
SLAX script here: https://github.com/packetsource/rfc8212-junos
Props to both Adam for creating the
On Mon, Sep 18, 2017 at 12:48:45AM -0400, Christopher Morrow wrote:
> On Sun, Sep 17, 2017 at 11:05 PM, JASON BOTHE wrote:
> > My best experience with Apple has been directly peering with them.
> > Definitely handles the update issue without putting strain on transit
> > links.
Dear all,
Website with logo: https://www.krackattacks.com/
Paper with background info: https://papers.mathyvanhoef.com/ccs2017.pdf
Kind regards,
Job
Has anyone tried calling them?
Kind regards,
Job
On Fri, 13 Oct 2017 at 23:03, Ken Chase wrote:
> It is happening AGAIN.
>
> And of course it started on a friday aft 15 min before quittin' time in
> EDT:
>
> Last time it was 186.177.184.0/23 0 174 262206 262206 262197
On Wed, 13 Sep 2017 at 13:08, Matthew Huff wrote:
> It appears that Reliance Globalcom (AS6157) added an RADB entry for our
> prefix (129.77.0.0/16) when we were a peer of theirs years ago, and it
> was never removed when we ended the relationship. We are ASN 14607.
>
> I've
Hi,
On Sun, Sep 10, 2017 at 11:53:20AM +0200, Enno Rey wrote:
> On Sun, Sep 10, 2017 at 10:47:05AM +0100, Nick Hilliard wrote:
> > Baldur Norddahl wrote:
> > > Loopback interfaces should be configured as /128. How you allocate these
> > > do
> > > not matter.
> >
> > ..so long as there are
Dear Raymond,
On Sun, 24 Sep 2017 at 21:33, Raymond Beaudoin <
raymond.beaud...@icarustech.com> wrote:
> How is this monitored and tracked? Are ACLs applied to help enforce this
> (seems to be limited at scale)? Flow export and alarming? Analytics and
> anomalous behavior detection? Common
Hi Craig,
You are probably best off by reaching out to the Juniper NSP mailing list
at https://puck.nether.net/mailman/listinfo/juniper-nsp
Kind regards,
Job
On Mon, Sep 25, 2017 at 3:31 PM, craig washington <
craigwashingto...@hotmail.com> wrote:
> Hello all, not sure if this is the right
On Sat, 30 Sep 2017 at 15:33, William Herrin wrote:
> To the chucklehead who started announcing a 2200+ byte AS path yesterday
> around 18:27 EDT, I beg of you: STOP. You've triggered a bug in Quagga
> that's present in all versions released in the last decade. Your
>
Hi Craig,
It may be simplest to use GTSM https://tools.ietf.org/html/rfc5082
Kind regards,
Job
On Fri, Sep 29, 2017 at 10:41 AM, craig washington
wrote:
> Hello all,
>
>
> Wondering your views or common practices for using authentication via BGP at
> public
Hi all,
It appears one of our fellow network operators ran into some issues
earlier today, probably due to the turn-up of a some new circuits for
customers. In order to expedite the restoration I'm sharing the below
information.
I recommend any peering partners that saw BGP sessions go down with
On Mon, Aug 28, 2017 at 03:48:44PM +, someone wrote:
> Damn you Google.. yup.
I am not sure it is fair to say "damn you Google", because accidents
happen (be it through human error or software defects). All of us have
entered commands at some point and subsequently
Dear Jörg,
On Thu, Aug 31, 2017 at 12:50:58PM +0200, Jörg Kost wrote:
> but isn't peer A prefix-out a synonym for peer B prefix-in, that will
> lead to the same result, e.g. a BGP teardown?
>
> I just feel that this will add another factor, that people will not
> use or abuse: neigh $x max-out
On Sat, 2 Sep 2017 at 05:41, Randy Bush wrote:
> >>> i have 142 largish bgp customers, a large enough number that the number
> >>> of prefixes i receive from them varies annoyingly. how do i reasonably
> >>> automate setting of my outbound prefix limit?
> >>
> >> First, it seems
On Sat, Sep 02, 2017 at 04:27:03PM +0900, Randy Bush wrote:
> > I am not sure what the issue here is. If I can tell my peering
> > partner a recommended maximum prefix value for them to set on their
> > side, surely I can configure that same value on my side as the upper
> > outbound limit.
>
>
On Sat, Sep 02, 2017 at 12:08:41PM -0400, Christopher Morrow wrote:
> > I think you'll find that some of your peers will make an educated
> > guess and set an inbound limit anyway. Actively requesting that no
> > limit is applied may make one part of a fringe minority.
>
> This is a quick survey
On Tue, Aug 29, 2017 at 08:41:12AM -0400, Robert Blayzor wrote:
> > On 29 August 2017 at 03:38, Robert Blayzor wrote:
> >
> >> Well not completely useless. BCP will still drop BOGONs at the edge
> >> before they leak into your network.
> >
> > Assuming you don't use them
Hi Andy,
It smells like someone in 38478 or 131477 is using Noction or some other
BGP "optimizer" that injects hijacks for the purpose of traffic
engineering. :-(
Kind regards,
Job
On Thu, 31 Aug 2017 at 19:38, Andy Litzinger
wrote:
> Hello,
> we use
Dear all,
disclaimer:
[ The following is targetted at the context where a BGP optimizer
generates BGP announcement that are ordinarily not seen in the
Default-Free Zone. The OP indicated they announce a /23, and were
unpleasantly surprised to see two unauthorized announcements
On Mon, Oct 23, 2017 at 08:35:42AM +0200, Job Snijders wrote:
> > or it could compare each additional prefix received to already learned
> > prefixes and decide to drop one to make room for the new one. For
> > example you could drop the most specific routes before less s
On Mon, Oct 23, 2017 at 07:53:03AM -0500, Mike Hammett wrote:
> Should I assume that invigorating traction for a 17 year old draft is
> rather difficult?
John Heasley told me that a fundamental difficulty here is that not
every implementation uses the same style/type of regular expressions.
Dear NANOG,
I re-implemented the venerable 'aggregate' tool (by Joe Abley & co) in
python under the name of 'aggregate6'. The 'aggregate6' tool is faster
and also has IPv6 support.
https://github.com/job/aggregate6
Installation is can be done through 'pip', or your operating system's
Someone suggested I should clarify what 'aggregate6' actually does :-)
aggregate6 takes a list of IPv4 and/or IPv6 prefixes in conventional
format, and performs two optimisations to attempt to reduce the length
of the prefix list.
The first optimisation is to remove any supplied prefixes which
On Thu, Nov 30, 2017 at 10:38:53PM +, Nick Hilliard wrote:
> Jared Mauch wrote:
> > Lots of folks also use MikroTik as well if the traffic is in the 1G
> > range or so.
>
> mikrotik support for ipv6 is still dodgy: recursive next-hop is not
> supported in bgp/ipv6:
>
>
On Fri, Dec 01, 2017 at 09:09:38PM +1100, Julien Goodwin wrote:
> Will it catch cases like:
> 10.0.0.0/24 10.0.1.0/24 10.0.2.0/23 -> 10.0.0.0/22
Yes it does!
hanna:~ job$ echo 10.0.0.0/24 10.0.1.0/24 10.0.2.0/23 | aggregate6
10.0.0.0/22
hanna:~ job$
Kind regards,
Job
On Fri, Dec 01, 2017 at 12:35:13PM -0500, Aliaksei Sheshka wrote:
> On Thu, Nov 30, 2017 at 3:07 PM, Job Snijders <j...@ntt.net> wrote:
> > I re-implemented the venerable 'aggregate' tool (by Joe Abley & co)
> > in python under the name of 'aggregate6'. The 'aggregate6' to
Some carriers view measures to improve routing security as a hinderance
rather than as a safeguard to enable business. The BGP protocol itself has
no inherent safety mechanisms, so the network operator has to ensure
adequate layers of protection are implemented on the boundary between their
own
Dear NANOG,
I'd like to share an update on some routing security activities that
ARIN, NTT Communications, YYCIX (Calgary Internet Exchange), the NLNOG
Foundation, and the arouteserver project have been collaborating on.
Quite some puzzles pieces were brought together! :)
Traditionally, there
Hi,
What prefix and ASN is this about?
Are you sure you are advertising from an AS4 capable router?
Do you see the expected 4-byte ASN as origin in a aggregator looking
glass like http://lg.ring.nlnog.net/prefix_detail/lg01/ipv4?q=www.nlnog.net ?
Kind regards,
Job
Hi James,
On Wed, Nov 15, 2017 at 1:40 AM, james machado wrote:
> I don't see a routing database object for your routes pointing too your
> AS394666 /24's, I only see one for AS12 for the /23 and /24's. It is
> possible (and probable) you are being filtered due to that.
101 - 200 of 489 matches
Mail list logo