RE: VPN over slow Internet connections
If you haven't deployed your VPN environment yet I would seriously consider using SSL VPN instead of IPSec as your tunneling protocol. SSL VPN gives you a lot more options than IPSec. Gary -Original Message- From: Ben Whorwood [mailto:bw...@mube.co.uk] Sent: Thursday, April 21, 2011 12:56 PM To: nanog@nanog.org Subject: VPN over slow Internet connections Dear all, Can anyone share any thoughts or experiences for VPN links running over slow Internet connections, typically 2kB/s - 3kB/s (think 33.6k modem)? We are looking into utilising OpenVPN for out-of-office workers who would be running mobile broadband in rural areas. Typical data across the wire would be SQL queries for custom applications and not much else. Some initial thoughts include... * How well would the connection handle certificate (= 2048 bit key) based authentication? * Is UDP or TCP better considering the speed and possibility of packet loss (no figures to hand)? * Is VPN over this type of connection simply a bad idea? Many thanks in advance. Kind regards, Ben Whorwood
RE: Network Simulators
If you looking for network simulator for Cisco equipment it's been my experience that Boson (www.boson.com) has best network simulator for Cisco equipment. It behaves and process information the way real Cisco equipment does. I've tried GS3, it great for routing situations but lacks in simulating switches. Gary -Original Message- From: Ryan Shea [mailto:ryans...@google.com] Sent: Wednesday, January 19, 2011 8:37 AM To: Brandon Kim Cc: nanog group Subject: Re: Network Simulators You can do some switching by stuffing a virtual NM-16ESW into your faketastic 3660 in Dynamips. Then there are the built-in frame-relay and ethernet switches you could dump into the mix as well. -Ryan On Mon, Jan 17, 2011 at 10:23 AM, Brandon Kim brandon@brandontek.comwrote: James: I've been resisting GNS3 for the longest time, because I like real equipment and to get my hands a little dirty. But for the purpose of simulation, GNS3 helped me identify a BGP issue last week. If it weren't for GNS3, I would not have been able to figure it out. I will be using GNS3 in the future now for as much I can. Remember it is more router oriented than switch. So you can't do any fancy L3 switching.. Date: Mon, 17 Jan 2011 10:05:21 -0500 From: ja...@freedomnet.co.nz To: nanog@nanog.org Subject: Re: Network Simulators So far GNS3 has won out so far. It seems to work on my Mac fairly well. trying it out now. On 17/01/11 9:37 AM, Carlos Martinez-Cagnazzo wrote: I am currently researching virtual simulation environments for the Networking courses that I teach. I am now interested in user-mode linux emulators as they provide more real environments. The one that I am liking the most right now is this one: http://wiki.netkit.org/index.php/Main_Page regards Carlos On Mon, Jan 17, 2011 at 12:20 PM, Arturo Servin arturo.ser...@gmail.com wrote: GNS3 http://www.gns3.net/ This is another network simulator, mainly for academic research. NS-2 http://www.isi.edu/nsnam/ns/ And you can always setup some virtual machines with DNSs, hosts and routers with open-source software. regards, -as On 17 Jan 2011, at 11:58, James Jones wrote: Are there any good Network Simulators/Trainers out there that support IPv6? I want play around with some IPv6 setup. -- James Jones +1-413-667-9199 tel:+14136679199 ja...@freedomnet.co.nz
RE: RIP Justification
I would think it would depend on the complexity of the network and how the network advertises routes to peer networks. I'm always in favor the simpler the better but with RIP you do lose the ability to use variable bit masks (CIDR) and faster routing algorithms like DUAL used in Cisco routers and I'm not a big fan of OSPF. Gary -Original Message- From: Jesse Loggins [mailto:jlogginsc...@gmail.com] Sent: Wednesday, September 29, 2010 4:21 PM To: nanog@nanog.org Subject: RIP Justification A group of engineers and I were having a design discussion about routing protocols including RIP and static routing and the justifications of use for each protocol. One very interesting discussion was surrounding RIP and its use versus a protocol like OSPF. It seems that many Network Engineers consider RIP an old antiquated protocol that should be thrown in back of a closet never to be seen or heard from again. Some even preferred using a more complex protocol like OSPF instead of RIP. I am of the opinion that every protocol has its place, which seems to be contrary to some engineers way of thinking. This leads to my question. What are your views of when and where the RIP protocol is useful? Please excuse me if this is the incorrect forum for such questions. -- Jesse Loggins CCIE#14661 (RS, Service Provider)
Re: SPANS Vs Taps
Depends on the the bunch of 100MB connections. On the down side, when aggregating using a Cisco switch is a limit on the number of switch ports you can aggregate. On the up side, you don't have to be concerned about another device between the switch and device you want to connect to. Gary Gary Gladney Space Telescope Science Institute Email: glad...@stsci.edu Voice: 410.338.4912 Public Key: ldap://certserver.pgp.com Original message Date: Thu, 1 Jul 2010 16:48:14 -0400 From: Bein, Matthew mb...@iso-ne.com Subject: SPANS Vs Taps To: nanog@nanog.org As I was doing a design today. I found that I had a bunch of 100 MB connections that I was going to bring into a aggregation tap. Then I was thinking, why don't I use a switch like a Cisco 3560 to gain more density. Anyone run into this? Any down falls with using a switch to aggregate instead of a true port aggregator?? Regards, Matthew
RE: Dark fiber / transport in Virginia
You might try the cable operator Charter.com, I think believe they operate in that area. Gary -Original Message- From: Courtney, Mike [mailto:mcourt...@wlu.edu] Sent: Thursday, May 13, 2010 5:23 PM To: nanog@nanog.org Subject: Dark fiber / transport in Virginia All, I am interested in finding out about dark fiber / transport resources along I-81 or I-64 in the western part of Virginia. I'd like to find a transport provider that could connect to a meet me room in either Roanoke, Charlottesville, Richmond, DC, or even Charleston, WV. I'm trying to price out alternatives to the telco transport and data delivery model and I'm new to the Virginia market. Thanks for any help that you can offer! -Mike
