Re: Question on peering strategies
Hi Max, These do exist, at least in the NREN part of the internet. Have a look at netherlight (www.netherlight.net) and the bigger picture GLIF (www.glif.is) and where you read 'lightpath' replace that with ethernet p2p. Regards, Jac On Sun, 22 May 2016, Max Tulyev wrote: Hi All, I wonder why a "VLAN exchange" does not exists. Or I do not know any? In my understanding it should be a switch, and people connected can easily order a private VLAN between each other (or to private group) through some kind of web interface. That should be a more easy and much less expensive way for private interconnects than direct wires. On 16.05.16 20:46, Reza Motamedi wrote: Dear Nanogers, I have a question about common/best network interconnection practices. Assume that two networks (let's refer to them as AS-a and AS-b) are present in a colocation facility say Equinix LA. As many of you know, Equininx runs an IXP in LA as well. So AS-as and AS-b can interconnct 1) using private cross-connect 2) through the public IXP's switching fabric. Is it a common/good practice for the two networks to establish connections both through the IXP and also using a private cross-connect? I was thinking considering the cost of cross-connects (my understanding is that the colocation provider charges the customers for each cross-connect in addition to the rent of the rack or cage or whatever), it would not be economically reasonable to have both. Although, if the cross-connect is the primary method of interconnection, and the IXP provides a router-server the public-peering over IXP would essentially be free. So it might makes sense to assume that for the private cross-connect, there exists a back-up connection though the IXP. Anyway, I guess some discussion may give more insight about which one is more reasonable to assume and do. Now my last question is that if the two connections exist (one private cross-connect and another back-up through the IXP), what are the chances that periodically launched traceroutes that pass the inter-AS connection in that colo see both types of connection in a week. I guess what I'm asking is how often back-up routes are taken? Can the networks do load balancing on the two connection and essentially use them as primary routes? Best Regards Reza Motamedi (R.M) Graduate Research Fellow Oregon Network Research Group Computer and Information Science University of Oregon -- Jac Kloots Network Services SURFnet bv
Re: Trusted Networks Initiative: DDoS fallback set of AS'es
Randy, On Thu, 30 Apr 2015, Randy Bush wrote: in any case the idea still seems silly. not if you need to appear to be DOING SOMETHING!!! Of course there is that. But in order to be appear to be doing something one has to pledge to do BCP38 and various other things I would consider BCP. All little bits help. except the big logo marketing has the implication that all the rest of us unwashed networks are untrustable. this is not the cooperative internet. You can apply to become a member in the initiative. Jac -- Jac Kloots Network Services SURFnet bv
Re: BGPMON Alert Questions
Hi Mark, On Thu, 3 Apr 2014, Mark Tinka wrote: On Thursday, April 03, 2014 02:22:44 AM Randy Bush wrote: and, btw, how many of those whose prefixes were mis-originated had registered those prefixes in the rpki? It is probably a bit of a hammer at this stage, but we are in limited deployment of dropping all Invalids using RPKI. We shall be rolling out, network-wide, in 2014, where all Invalids are dropped. At this stage, short of a mis- origination, it's mostly longer prefixes of an aggregate that are not ROA'd. Great to hear more people are planning on dropping all Invalids. We (SURFnet, AS1103) are in the same position and I wrote an article about the evaluation we did before deciding on dropping invalids (https://blog.surfnet.nl/?p=3159) I would encourage more people to do a similar analysis and start using a RPKI routing policy and start dropping invalids. Only when people start using RPKI the way it is proposted to (http://tools.ietf.org/html/rfc7115) we _all_ can benefit from this. Regards, Jac -- Jac Kloots Network Services SURFnet bv
Re: BGPMON Alert Questions
Mark, On Tue, 8 Apr 2014, Mark Tinka wrote: On Tuesday, April 08, 2014 11:24:07 AM Jac Kloots wrote: We (SURFnet, AS1103) are in the same position and I wrote an article about the evaluation we did before deciding on dropping invalids (https://blog.surfnet.nl/?p=3159) Sounds great, Jac! In your report, you mention that you're not validating customer prefixes. Is this still the case? Yes, we don't validate those prefixes cause we filter them strict. We know from all our customers which prefixes they use so we have prefix-filters placed on all their connections. Jac -- Jac Kloots Network Services SURFnet bv
Re: RPKI Dashboard
Hi folks, On Wed, 3 Jul 2013, Thijs Stuurman wrote: FYI, source information: http://staff.science.uva.nl/~delaat/rp/2012-2013/index.html#Presentations-rp2 Dashboard: http://academic.slowpoke.nl/ This is the development server. The dashboard will soon be migrated to http://rpki.surfnet.nl (server is running, but no data in there yet). Any comments and suggestions are welcome! Regards, Jac -- Jac Kloots Network Services SURFnet bv
Re: Lightning Debates at NANOG 51
On Tue, 7 Dec 2010, Owen DeLong wrote: Ethernet: 40GE vs. 100GE ROFL Even more interesting is the 100GE Optics debate. Standardized (expensive and very scarce) 100GBASE-LR4 vs non-standard but cheaper and easier to manufacture LR10 (based on 10x 10Gbit/s on a very narrow DWDM-grid).. Jac -- Jac Kloots Network Services SURFnet bv