Re: Anycast but for egress

2021-08-01 Thread Joel Jaeggli
On 7/27/21 10:54, Vimal wrote: > (Unsure if this is the right forum to ask this question, but here goes:) > > From what I understand, IP Anycast can be used to steer traffic into a > server that's close to the client. > > I am curious if anyone here has/encountered a setup where they use >

Re: 60 ms cross-continent

2020-06-20 Thread Joel Jaeggli
Sent from my iPhone > On Jun 20, 2020, at 9:27 AM, William Herrin wrote: > > Howdy, > > Why is latency between the east and west coasts so bad? Speed of light > accounts for about 15ms each direction for a 30ms round trip. Where > does the other 30ms come from and why haven't we gotten rid

Re: Network card with relay in case of power failure

2020-06-17 Thread Joel Jaeggli
> On Jun 17, 2020, at 13:14, Dovid Bender wrote: > > Hi, > > I am sorry if this is off topic.I was once demoed a network device that had > two interfaces. The traffic would go through the device. If there was a power > cut or some other malfunction there would be a relay that would

Re: Hi-Rise Building Fiber Suggestions

2020-02-25 Thread Joel Jaeggli
Sent from my iPhone > On Feb 25, 2020, at 18:34, Norman Jester wrote: > > I’m in the process of choosing hardware > for a 30 story building. If anyone has experience with this I’d appreciate > any tips. > > There are two fiber pairs running up the building riser. I need to put a POE >

Re: 5G roadblock: labor

2020-01-02 Thread joel jaeggli
On 1/2/20 06:09, Mike Hammett wrote: > I know there are a couple companies doing it, but compute at the tower > isn't going to go anywhere. It makes very little sense to put it at the > tower when you can put it in one location per metro area. The bottom of a tower is a fantastically expensive

Re: Wikipedia drops support for old Android smartphones; mandates TLSv1.2 to read

2019-12-31 Thread joel jaeggli
On 12/31/19 08:25, Seth Mattinen wrote: > On 12/31/19 8:10 AM, joel jaeggli wrote: >> Argumentation on the basis of a tu quoque fallacy doesn't really add >> much to the dicussion. Depreciating potentialy dangerous and definitely >> obsolete protocols does not

Re: Wikipedia drops support for old Android smartphones; mandates TLSv1.2 to read

2019-12-31 Thread joel jaeggli
On 12/31/19 07:10, Seth Mattinen wrote: > On 12/31/19 12:50 AM, Ryan Hamel wrote: >> Just let the old platforms ride off into the sunset as originally >> planned like the SSL implementations in older JRE installs, XP, etc. >> You shouldn't be holding onto the past. > > > Because poor people

Re: Traffic visibility tools

2019-07-24 Thread Joel Jaeggli
On 7/24/19 09:16, Kenny Taylor wrote: > > Good morning, > >   > > I hate to pull away from the 44/8 fire (KJ6BSQ here, and former > AMPRnet user), but I’d like to get some advice from the community on > traffic visibility tools.. > >   > > We use a pair of appliances called Exinda for traffic

Re: netstat -s

2019-07-20 Thread Joel Jaeggli
On 7/17/19 17:54, Randy Bush wrote: > do folk use `netstat -s` to help diagnose on routers/switches? I suspect there's an unstated question here of should metrics reported by netstat -s  which includes metrics from the kernel should include metrics derived from from the asic counters. I do /

Re: Colo in Africa

2019-07-16 Thread Joel Jaeggli
> On Jul 16, 2019, at 07:33, Ken Gilmour wrote: > > Hi Folks, > > I work for a Security Analytics org and we're looking to build a small POP in > Africa. I am pretty clueless about the region so I was wondering if you could > help guide me in the right direction for research? > > The

Re: QoS for Office365

2019-07-09 Thread Joel Jaeggli
> On Jul 9, 2019, at 07:19, Mark Tinka wrote: > > > > On 9/Jul/19 16:18, Ross Tajvar wrote: >> I think the difficulty lies in appropriately marking the traffic. Like >> Joe said, the IPs are always changing. > > Does anyone know if they are reasonably static in an Express Route scenario?

Re: ICMPv6 "too-big" packets ignored (filtered ?) by Cloudflare farms

2019-03-05 Thread Joel Jaeggli
Sent from my iPhone > On Mar 5, 2019, at 01:31, Saku Ytti wrote: > >> On Tue, Mar 5, 2019 at 12:26 AM Mark Andrews wrote: >> >> Then Cloudflare should negotiate MSS’s that don’t generate PTB’s if >> they have installed broken ECMP devices. The simplest way to do that > > Out of curiosity

Re: ICMPv6 "too-big" packets ignored (filtered ?) by Cloudflare farms

2019-03-05 Thread Joel Jaeggli
Sent from my iPhone > On Mar 4, 2019, at 22:26, Mark Andrews wrote: > > > >> On 5 Mar 2019, at 5:18 pm, Mark Tinka wrote: >> >> >> >>> On 5/Mar/19 00:25, Mark Andrews wrote: >>> >>> >>> Then Cloudflare should negotiate MSS’s that don’t generate PTB’s if >>> they have installed broken

Re: Network Speed Testing and Monitoring Platform

2019-02-18 Thread Joel Jaeggli
> On Jan 16, 2019, at 08:52, Colton Conor wrote: > > As an internet service provider with many small business and residential > customers, our most common tech support calls are speed related. Customers > complaining on slow speeds, slowdowns, etc. > > We have a SNMP and ping monitoring

Re: NAT on a Trident/Qumran(/or other?) equipped whitebox?

2018-10-16 Thread joel jaeggli
On 10/16/18 08:55, Brandon Martin wrote: > On 10/16/18 10:05 AM, James Bensley wrote: >> NAT/PAT is an N:1 swapping (map) though so a state/translation table >> is required to correctly "swap" back the return traffic. MPLS for >> example is 1:1 mapping/action. NAT/PAT state tables tend to fill >>

Re: Puerto Rico Internet Exchange

2018-09-13 Thread Joel Jaeggli
> On Sep 13, 2018, at 1:27 PM, Mehmet Akcin wrote: > > It has been little over a year and we have been working on launching an > internet exchange in puerto rico but of course hurricane and other things got > in the way of achieving this. > > We now have identified what we believe the right

Re: tcp md5 bgp attacks?

2018-08-14 Thread joel jaeggli
On 8/14/18 7:27 PM, Randy Bush wrote: > > < rathole > > i am not much worried about a mesh which floods unicast. can you even > buy devices which support that any more? a while back, i had to really > dig in the closet to find one at 100mbps so i could shark mid-stream. I'm not actually

Re: tcp md5 bgp attacks?

2018-08-14 Thread joel jaeggli
On 8/14/18 2:38 PM, Randy Bush wrote: > so we started to wonder if, since we started protecting our bgp > sessions with md5 (in the 1990s), are there still folk trying to > attack? To recap for the purpose of my own edification and because hopefully someone will relieve me of my assumptions.

Re: California fires: smart speakers and emergency alerts

2018-07-28 Thread joel jaeggli
On Thu, Jul 26, 2018 at 09:51:04AM -0700, Aaron C. de Bruyn via NANOG wrote: > >> Capitalist solution: Build yet another IoT device that just does emergency >> alerting. >> >> Someone with free time should start a kickstarter or something. I'd >> totally chip in. >> >> -A It would be helpful if

Re: Proving Gig Speed

2018-07-19 Thread joel jaeggli
On 7/19/18 1:30 AM, Mark Tinka wrote: > > On 18/Jul/18 23:56, Keith Stokes wrote: > >> At least in the US, Jane also doesn’t really have a choice of her >> electricity provider, so she’s not getting bombarded with advertising >> from vendors selling “Faster WiFi” than the next guy. I don’t get

Re: Time to add 2002::/16 to bogon filters?

2018-06-19 Thread joel jaeggli
On 6/18/18 6:18 PM, Jared Mauch wrote: > I don’t believe most providers are intending to offer 6to4 as a global > service. Even the large providers (eg: Comcast) seem to have disabled it ~4+ > years ago. While I know there’s people on the internet that like to hang on > to legacy things,

Re: Time to add 2002::/16 to bogon filters?

2018-06-18 Thread joel jaeggli
I personally would love to see social pressure applied removing this from the internet. certain prominent google search results. e.g. probably also could use some curation given the appropriateness of reling on a anycast translator for

Re: Curiosity about AS3356 L3/CenturyLink network resiliency (in general)

2018-05-20 Thread joel jaeggli
On 5/17/18 6:24 AM, Mike Hammett wrote: > I often question why\how people build networks the way they do. There's some > industry hard-on with having a few ginormous routers instead of many smaller > ones. I've learned that when building Internet Exchanges, the number of > networks that don't

Re: Hulu Peering

2018-04-23 Thread joel jaeggli
On 4/23/18 11:14 AM, craig washington wrote: > Hey all, > > > Just wondering if anyone peers with Hulu at any public exchange. > > I don't see anything on them in the peeringdb or anything that stands out > from a google search besides it looks like they may be doing something with > Equinix.

Re: Are any of you starting to get AI robocalls?

2018-04-03 Thread joel jaeggli
On 4/3/18 3:32 PM, William Herrin wrote: > Howdy. > > Have any of you started to get AI robocalls? I've had a couple of > calls recently where I get the connect silence of a predictive dialer > followed by a woman speaking with call center background noise. She > gives her name and asks how I'm

Re: Yet another Quadruple DNS?

2018-03-29 Thread joel jaeggli
On 3/29/18 10:59 AM, Stephen Satchell wrote: > In regards to: spoofing DNS to et al > > On 03/29/2018 09:26 AM, Baldur Norddahl wrote: >> Running your own resolver will not work. > > Why won't it work?  I run a Linux box with BIND 9 set up as a > recursive resolver.  Are you saying that

Re: BCP 38 addendum

2018-03-02 Thread joel jaeggli
On 3/1/18 10:57 AM, Todd Crane wrote: > Question: > Since we cannot count on everyone to follow BCP 38 or investigate their > abuse@, I was thinking about the feasibility of using filtering to prevent > spoofing from peers’ networks. > > With the exception of a few edge cases, would it be

Re: MTU to CDN's

2018-01-08 Thread joel jaeggli
On 1/8/18 2:55 PM, Dovid Bender wrote: > Hi, > > N00b here trying to understand why certain CDN's such as Cloudfare have > issues where my MTU is low. For instance if I am using pptp and the MTU is > at 1300 it wont work. If I increase to 1478 it may or may not work. PMTUD has a lot of trouble

Re: Any experience with FS hardware out there?

2018-01-05 Thread joel jaeggli
On 1/5/18 10:50 AM, Bryan Holloway wrote: Fiberstore is rolling out some CRAZY cheap 100Gbps switches, and I'm curious if anyone in the community has any thoughts or real-life world experience with them. E.g.: For the price point, it's almost in the

Re: 40G and 100G optics options

2017-12-19 Thread joel jaeggli
On 12/19/17 10:24, Sabri Berisha wrote: > - On Dec 18, 2017, at 9:49 AM, Fredrik Korsbäck wrote: > >> This is the "failure" of us (the business) choosing QSFP as the de-factor >> formfactor for 100G, there is not power in >> that cage to make 10km+ optics in an easy way. If we

Re: Multi lane optics

2017-12-19 Thread joel jaeggli
On 12/19/17 08:45, Tyler Conrad wrote: > This blog has a pretty good runthrough - > > > Scroll down to "100G PROTOCOLS". > > On Tue, Dec 19, 2017 at 8:38 AM, Baldur Norddahl > wrote: > >> Hello, >> >> Some optics are implemented

Re: 40G and 100G optics options

2017-12-18 Thread joel jaeggli
On 12/18/17 09:01, Baldur Norddahl wrote: > Hi > > What options are available for 40G QSFP+ and 100G QSFP28 for 10+ km > links? > > I see a lot of switches offered with QSFP+ and QSFP28. But I do not > seem to find the necessary optics to build the links I want. > > For example, take a look at the

Re: Companies using public IP space owned by others for internal routing

2017-12-17 Thread joel jaeggli
On 12/17/17 14:30, Robert Webb wrote: > Will anyone comment on the practice of large enterprises using non RFC1918 IP > space that other entities are assigned by ARIN for internal routing? > > Just curious as to how wide spread this might be. I just heard of this > happening with a large ISP and

Re: Arista Layer3

2017-11-30 Thread joel jaeggli
On 11/30/17 13:00, Ken Chase wrote: > >Arista DCS-7280SRA-48C6 is a 1ru box.?? > > > >Has a nominally million route fib, Jericho+ 8GB of packet buffer. > >control-plane is 8GB of ram andAMD GX-424CC SOC which is 4 core 2.4ghz. > >We do direct fib injection with bird rather than the

Re: Arista Layer3

2017-11-30 Thread joel jaeggli
On 11/30/17 11:17, Ken Chase wrote: > Back to this discussion! :) Arista as a viable full-table PE router. Was > hoping > for better experience reports since last mention. > > To make the Q bit more general, are there any PE routers yet that can handle > 3-8 > full feeds and use an amp and 1U or

Re: Commodity routers/switches

2017-11-20 Thread joel jaeggli
On 11/19/17 07:36, Mike Hammett wrote: > Which is sad because I believe there are a ton of people using old gear > (lacking modern features and security) because the old gear meets price and > performance requirements. Although obviously much smaller networks (and thus > potential with each

Re: Commodity routers/switches

2017-11-18 Thread joel jaeggli
On 11/18/17 17:55, wrote: > Howdy! > > Looking to replace some edge routers for my small ISP. With all the various > SDN platforms available along with various choices of bare-metal hardware > platforms, im thinking i may go this route instead of going with >

Re: IPv6 first hop security on a budget?

2017-11-10 Thread joel jaeggli
On 11/11/17 09:14, Fernando Gont wrote: > On 05/05/2017 08:27 PM, Joel Whitehouse wrote: >> What's a good budget option for switching a small lab or office ipv6 >> with RA Guard, DHCP6 snooping, and ICMP6 snooping? >> > > If you do deploy this, please take a look at the issues discussed in >

Re: What's the point of prepend communities?

2017-10-26 Thread joel jaeggli
On 10/26/17 10:58, Jason Lixfeld wrote: > Hi, > > Of all the ISPs that I am familiar with that have a BGP community structure > usable by their peering partners and/or downstream customers, among other > things, they allow the customer to signal the ISP to prepend their own AS to > the as-path

Re: California fires: smart speakers and emergency alerts

2017-10-15 Thread joel jaeggli
On 10/14/17 22:01, wrote: > On Fri, 13 Oct 2017 18:50:51 -0700, Joe Hamelin said: >> I would think that Amazon knows where my Echo is since it's the same IP >> that I order (way too much crap) from. > > It knows the usual delivery address. That's not necessarily the same

Re: pd table vs 6296

2017-09-22 Thread joel jaeggli
On 9/21/17 18:59, Randy Bush wrote: > say i want to use pd to a fairly large aggregation. the router has to > hold the pd table. it sees some routers have limited table size, e.g. > 1k. so what's a poor boy to do? the classic ipv4 solution would be > 6296 . are folk doing pd scaling? how? >

Re: 100G QSFP28 DAC cables - experience

2017-09-18 Thread joel jaeggli
On 9/6/17 00:17, Jiri Prochazka wrote: > Hi folks, > > I'm wondering if anyone have (either positive or negative) experience > with 100G QSFP28 DAC cables? I found the ones we tested to be substantially more finicky particularly at 5 meter then 10gig dacs, adding 4 x 25 sfp28 breakout on the other

Re: 100G - Whitebox

2017-08-20 Thread Joel Jaeggli
> On Aug 20, 2017, at 08:45, Mike Hammett wrote: > > Any particular hardware platforms to go towards or avoid? Broadcom Tomahawk > seems to be quite popular with varying control planes. LINX went Edgecore, > which was on my list given my experience with other Accton

Re: Point 2 point IPs between ASes

2017-06-28 Thread joel jaeggli
On 6/28/17 15:44, William Herrin wrote: > On Wed, Jun 28, 2017 at 5:09 PM, Thomas Bellman wrote: > >> On 2017-06-28 17:03, William Herrin wrote: >> >>> The common recommendations for IPv6 point to point interface numbering >> are: >>> /64 >>> /124 >>> /126 >>> /127 >> I

Re: Point 2 point IPs between ASes

2017-06-28 Thread joel jaeggli
On 6/28/17 18:10, Olivier Benghozi wrote: > Well, /112 is not a stupid option (and is far smarter than /64): it contains > the whole last nibble of an IPv6, that is x:x:x:x:x:x:x:1234. > You always put 1 or 2 at the end, and if needed you are still able to address > additional stuff would the

Re: Reliability of Juniper MIC3-3D-1X100GE-CFP and CFP in general

2017-06-22 Thread Joel Jaeggli
Sent from my iPhone > On Jun 22, 2017, at 07:38, Eric Dugas wrote: > > Hello, > > We're planning to phase out some 10G link-aggregations in favor of 100G > interfaces. We've been looking at buying MIC3-3D-1X100GE-CFP, MPC3E and > Fiberstore CFPs. > > I've been told

Re: Internet connectivity in Nigeria

2017-06-18 Thread Joel Jaeggli
Sent from my iPhone > On Jun 18, 2017, at 12:29, Sina Owolabi wrote: > > PCCW? I dont think I've heard of them Pccw would be sat3 glo1 and wacs maybe others. Their looking glass can give you some idea into

Re: BCP38/84 and DDoS ACLs

2017-05-26 Thread joel jaeggli
On 5/26/17 10:24, Kody Vicknair wrote: > When I was doing some research in regards to the same subject I ran across > this doc. I've found it to be very helpful. > > Causally applied RPF checks applied to transit and peer interfaces especially

Re: Carrier classification

2017-05-15 Thread joel jaeggli
On 5/15/17 10:01 PM, Ken Chase wrote: > so cogent has no routes to some amount of v6? ie no routes > to some prefixes? it's easy enough to test TestRouter Location Hostname / IP Address 2607:f8b0:4005:801::200e Go! Tue May 16 04:00:27.010 UTC % Network not in table

Re: Covering prefix blackholing traffic to one of its covered prefixes....

2017-04-24 Thread Joel Jaeggli
Sent from my iPhone > On Apr 23, 2017, at 08:59, Steven Wallace wrote: > > We have dual-homed sites that only accept routes from their peers, and > default to their transit provider. A site may receive a covering prefix from > a peer, but since they are not accepting the full

Re: google ipv6 routes via cogent

2017-03-07 Thread joel jaeggli
On 3/2/17 3:42 PM, Jared Mauch wrote: > Yes. Most providers can send you just their customer routes. If they send you > full routes you want to discriminate customer vs peer routes. This is > typically done with communities and is worthwhile as most people have > capacity on customer links but

Re: 403 Forbidden

2017-02-06 Thread joel jaeggli
On 2/6/17 8:49 AM, Suresh Ramasubramanian wrote: > My guess is you have or had sometime in the long distant past a scalper > operating on your network, using automated ticket purchase bots. > > If you still have that scalper around, you might want to turf him. If he’s > ancient history, saying

Re: IoT security

2017-02-06 Thread joel jaeggli
On 2/6/17 2:31 PM, William Herrin wrote: > This afternoon's panel about IoT's lack of security got me thinking... > > > On the issue of ISPs unable to act on insecure devices because they > can't detect the devices until they're compromised and then only have > the largest hammer (full account

Re: Akamai and Instagram Ranges

2017-01-28 Thread joel jaeggli
On 1/28/17 3:22 AM, Shahab Vahabzadeh wrote: > Hello Hello, > Can anybody help me to find out IP Address Ranges of Akamai and Instagram? > I wanna do some optimizations on my cache side? > Thanks > Instagram should be exclusively https since 2014 or so. signature.asc Description: OpenPGP

Re: Passive Optical Network (PON)

2017-01-21 Thread joel jaeggli
On 1/21/17 8:44 AM, Kenneth McRae wrote: > Greeting all, > > Is anyone out there using PON in a campus or facility environment? I am > talking to a few vendors who are pushing PON as a replacement for edge > switching on the campus and in some cases, ToR switch in the DC. Opinions on > this

Re: Questions on IPv6 deployment

2017-01-17 Thread joel jaeggli
On 1/17/17 1:55 PM, William Herrin wrote: > On Tue, Jan 17, 2017 at 4:07 PM, Matthew Huff wrote: >> The reason for allocating a /64 for a point to point link is due to various >> denial of service attack vectors. if you mean allocating a /127, then... sure. Neighbor discovery on

Re: External BGP Controller for L3 Switch BGP routing

2017-01-16 Thread joel jaeggli
On 1/15/17 11:00 PM, Yucong Sun wrote: > In my setup, I use an BIRD instance to combine multiple internet full > tables, i use some filter to generate some override route to send to my L3 > switch to do routing. The L3 switch is configured with the default route > to the main transit provider ,

Re: External BGP Controller for L3 Switch BGP routing

2017-01-16 Thread joel jaeggli
On 1/16/17 6:53 AM, Tore Anderson wrote: > * Saku Ytti > >> On 16 January 2017 at 14:36, Tore Anderson wrote: >> >>> Put it another way, my «Internet facing» interfaces are typically >>> 10GEs with a few (kilo)metres of dark fibre that x-connects into my >>> IP-transit providers'

Re: IPv6 BGP prefix filters

2017-01-16 Thread joel jaeggli
On 1/16/17 2:01 PM, Alistair Mackenzie wrote: > Hi, > > So recently I've come across an issue with a large ISP announcing a /22 and > /25 of IPv6 space. We are currently filtering <28 and >48 which until now > has worked fine for us. > > What are others using as their prefix filters in the DFZ?

Re: Apple Caching Server question

2017-01-13 Thread joel jaeggli
On 1/13/17 5:43 AM, wrote: > I saw the apple caching server mentioned on an earlier thread. Is this > appropriate/functional/scaleable enough to implement as an ISP? It is an > intriguing idea. From the docs I could find, I couldn't tell if it was only > geared towards

Re: Soliciting your opinions on Internet routing: A survey on BGP convergence

2017-01-09 Thread joel jaeggli
On 1/9/17 2:56 PM, Laurent Vanbever wrote: > Hi NANOG, > > We often read that the Internet (i.e. BGP) is "slow to converge". But how slow > is it really? Do you care anyway? And can we (researchers) do anything about > it? > Please help us out to find out by answering our short anonymous survey

Re: Benefits (and Detriments) of Standardizing Network Equipment in a Global Organization

2016-12-29 Thread joel jaeggli
On 12/29/16 10:22 AM, wrote: > On Thu, 29 Dec 2016 07:44:45 -0800, Leo Bicknell said: > >> But I think the question others are trying to ask is a different >> hyptothetical. Say there are two vendors, of of which makes perfectly >> good edge routers and core routers.

Re: BCM5341x

2016-12-25 Thread Joel Jaeggli
Sent from my iPhone > On Dec 24, 2016, at 15:51, Mike Hammett wrote: > > I've asked Broadcom directly, but being as though I don't have an intent to > buy tens of thousands of chips (or any at all), I don't expect I'll hear > back. I was hoping someone here would have some

Re: Recent NTP pool traffic increase

2016-12-15 Thread joel jaeggli
On 12/15/16 3:07 PM, Dan Drown wrote: > Quoting Jose Gerardo Perales Soto : >> We've recently experienced a traffic increase on the NTP queries to >> NTP pool project ( servers. One theory is that some >> service provider NTP infraestructure failed

Re: Cogent Router code updates during height of ecommerce season?

2016-12-09 Thread joel jaeggli
On 12/9/16 11:30 AM, Justin Wilson wrote: > Are they not doing these during maintenance windows? Anytime we get a notice > from Cogent, Level3, Att they are always during a maintenance window at least > a week ahead of time. We have yet to see any maintenance window > notifications from

Re: Voice channels (FTTH, DOCSIS, VoLTE)

2016-11-21 Thread joel jaeggli
On 11/21/16 3:12 PM, Jean-Francois Mezei wrote: > On 2016-11-21 15:18, joel jaeggli wrote: > > >> SRB and URB are the l2 presentation of the tunnels established for user >> and signaling traffic. > OK, so wth LTE, if carrier has 10mhz up and down, this represents a &g

Re: Voice channels (FTTH, DOCSIS, VoLTE)

2016-11-21 Thread joel jaeggli
On 11/21/16 11:13 AM, Jean-Francois Mezei wrote: > On 2016-11-21 02:53, Mikael Abrahamsson wrote: > >> Typically it travels on another "bearer" compared to Internet traffic. >> >> >> >> Think of bearers as "tunnels" between the mobile core network

Re: and IPv6

2016-11-21 Thread joel jaeggli
00:02:02.758900 IP6 2601:647:4201:.60962 > 2605:3100:fffd:100::15.443: Flags [S], seq 2375673666, win 65535, options [mss 1440,nop,wscale 5,nop,nop,TS val 568401205 ecr 0,sackOK,eol], length 0 00:02:02.811619 IP6 2605:3100:fffd:100::15.443 > 2601:647:4201:.60962: Flags [S.], seq

Re: CenturyLink in Advanced Talks to Merge With Level 3 Communications - Interweb is doomed

2016-10-28 Thread joel jaeggli
On 10/28/16 12:18 PM, Mel Beckman wrote: > Level3 hasn't even finished migrating its TWTelecom customers to the L3 AS > yes, and it's been years. So I don't think you can expect any faster > transition for CL. 3549 still exists... > -mel beckman > >> On Oct 28, 2016, at 2:16 PM, Timothy Lister

Re: Dyn DDoS this AM?

2016-10-21 Thread joel jaeggli
On 10/21/16 3:21 PM, David Birdsong wrote: > On Fri, Oct 21, 2016 at 2:58 PM, Randy Bush wrote: > >> anyone who relies on a single dns provider is just asking for stuff such >> as this. >> >> randy >> > I'd love to hear how others are handling the overhead of managing two dns >

Re: nested prefixes in Internet

2016-10-10 Thread joel jaeggli
On 10/10/16 9:04 AM, Roy wrote: > > > The solution proposed allows ISP-B to use both paths at the same time, > needs ISP-C to minimal changes, and has low impact on the global > routing tables.. I have successfully used it in the past and my old > company is still using it today. Having two

Re: nexus N3K-C3064PQ vs juniper ex4500 in order to protect against ddos

2016-10-02 Thread joel jaeggli
On 9/30/16 12:42 PM, Pedro wrote: > > Hello, > > I have some idea to put switch before bgp router in order to terminate > isp 10G uplinks on switch, not router. Main reason is that could be some > kind of 1st level of defence against ddos, second reason, less > important, save cost of router

Re: Providing transit to unallocated networks

2016-09-27 Thread joel jaeggli
On 9/27/16 5:46 PM, Alistair Mackenzie wrote: > Thanks for this, it shows as > > apnic|ZZ|ipv4|103.***.***.0|1024|20160927|reserved||e-stats > > I expect this still stands with it being reserved? I'm not sure why you would bother obscuring it. What purpose does that serve in furthering the

Re: charges for prefix filter updates (was Re: Any ISPs using AS852 for IP Transit?)

2016-09-15 Thread joel jaeggli
On 9/15/16 11:28 AM, Ken Chase wrote: > I feel this can be a public topic: > > Rogers just charged us that for an update (one update, multiple entries). > We had to go through their quotation machinery too, took like 4-5 days. > Additional > time was wasted because we contacted their tech dept

Re: CAIDA selected by FCC for internet performance measurement

2016-08-12 Thread joel jaeggli
On 8/12/16 1:41 PM, Scott Weeks wrote: > > --- wrote: > From: Sean Donelan > > CAIDA has submitted to the FCC its initial proposal for > measuring internet interconnection point performance > metrics as part of the AT/DirecTV merger conditions. > >

Re: akamai abnormal spike

2016-07-19 Thread joel jaeggli
On 7/18/16 4:57 PM, Mike Hammett wrote: > Several of my WISP colleagues have noticed this behavior (CDN sending > way more traffic than the customer's pipe can handle) from (I > believe) multiple CDNs. Not sure if it is intention on behalf of the > CDN or an error, but it has been on-going for

Re: Real world power consumption of a 7604-S or 7606-S

2016-06-27 Thread joel jaeggli
On 6/27/16 5:35 PM, Eric Kuhnke wrote: > Yes, very much agreed, part of the reason why I'm looking to do the > watts per linecard calculation is to illustrate how it's not healthy > except in certain places. As an edge aggregation device in a very > small city in a rural western US state where the

Re: Quick question regarding: Problematic IPv6 Multicast traffic within an IX.

2016-06-24 Thread joel jaeggli
On 6/24/16 9:27 AM, Bob Evans wrote: > > Is it true that managed Layer2 switches used by IX's can not block IPv6 > multicast ingress port traffic from broadcasting to all ports ? you can filter multicast destination addresses by acl. NDP you kinda need since it replaces ARP RA's you can and

Re: 1GE L3 aggregation

2016-06-16 Thread joel jaeggli
On 6/16/16 12:51 AM, Saku Ytti wrote: > Hey, > > I've been bit poking around trying to find reasonable option for 1GE > L3 full BGP table aggregator. It seems vendors are mostly pushing > Satellite/Fusion for this application. > > I don't really like the added complexity and tight coupling >

Re: Link-local v6 and mobile phones

2016-06-15 Thread joel jaeggli
On 6/15/16 8:56 AM, Willy MANGA wrote: > Hello, > > a little question :) > > For mobile operators using v6 on their networks, how do you manage > link-local communication between mobile phones ? the link local address is bound to eps bearer the other end of which is the p-gw. so it's a

Re: Detecting Attacks

2016-06-12 Thread joel jaeggli
On 6/10/16 10:39 PM, subashini hariharan wrote: > Hello, > > I am Subashini, a graduate student. I am interested in doing my project in > Network Security. I have a doubt related to it. > > The aim is to detect DoS/DDoS attacks using the application. I am going to > use ELK (ElasticSearch,

Re: Netflix VPN detection - actual engineer needed

2016-06-08 Thread joel jaeggli
On 6/8/16 9:13 AM, Owen DeLong wrote: > As of last week, I still wasn’t getting an IPv6 address by default on my > iPhone 6S+ > on T-Mobile. turn off mobile hotspot... > Just saying. > > Owen > >> On Jun 7, 2016, at 11:00 AM, Ca By wrote: >> >> On Tuesday, June 7, 2016,

Re: Netflix VPN detection - actual engineer needed

2016-06-07 Thread joel jaeggli
On 6/7/16 6:55 AM, Cryptographrix wrote: > As I said to Netflix's tech support - if they advocate for people to turn > off IPv6 on their end, maybe Netflix should stop supporting it on their end. > > It's in the air whether it's just an HE tunnel issue or an IPv6 issue at > the moment, and if

Re: Netflix VPN detection - actual engineer needed

2016-06-05 Thread joel jaeggli
On 6/5/16 6:23 PM, Josh Reynolds wrote: > Uhm, what? Where do you think ISPs get their transit exactly? They buy from 2 or more wholesale transit providers and in general they opportunistically peer, although scale helps a lot there. > On Jun 5, 2016 8:17 PM, "joel jaeggli" &

Re: Netflix VPN detection - actual engineer needed

2016-06-05 Thread joel jaeggli
HE's downstream cone does not include a whole lot of residential ISPs. if you further exclude the ones that are multihomed you're left with a pretty small subset. that said they (HE) can be and are a valuable peer both in v4 and v6. Personally I wouldn't single home to anything that looks

Re: Cost-effectivenesss of highly-accurate clocks for NTP

2016-05-15 Thread joel jaeggli
On 5/15/16 10:05 AM, Eric S. Raymond wrote: > Mel Beckman : >> The upshot is that there are many real-world situations where >> expensive clock discipline is needed. But IT isn't, I don't think, >> one of them, with the exception of private SONET networks (fast >> disappearing in

Re: Latency, TCP ACKs and upload needs

2016-04-19 Thread joel jaeggli
On 4/19/16 6:29 PM, Jean-Francois Mezei wrote: > As part of the ongoing CRTC hearings, the incumbents' claim that > continued implementation of the current 5/1 standard would make Canada a > world leader for broadband in the future. > > A satellite company who currently can't even deliver its

Re: Best practices for sending network maintenance notifications

2016-04-06 Thread joel jaeggli
On 4/6/16 3:56 PM, Dan Mahoney, System Admin wrote: > All, > > We recently, at $dayjob, had one of our peers (at Symantec) send out a > network maint notification, putting 70 addresses in the "To:" field, > rather than using BCC or the exchange's mailing list. > > Naturally, when you mail 30

Re: Some doubts on large scale BGP/AS design and black hole routing risk

2016-04-05 Thread joel jaeggli
On 4/4/16 10:29 AM, wrote: > Hi guys > > thanks everyone for your replies. > > I'd like to highlight this concept that Christopher gave before: > > ​"different providers, different entrance facilities in the building(s), > different conduits out of the area... " > > How

Re: Microwave link capacity

2016-04-04 Thread joel jaeggli
On 4/4/16 2:28 PM, Jean-Francois Mezei wrote: > > In a context of providing rural communities with modern broadband. > > Reading some tells me that Microwave links can be raised to 1gbps. How > common is that ? for wireless backhaul of cell-towers, some wisp infrastructure and for this like

Re: Wireless (WiFi) MOS equivalent?

2016-03-20 Thread joel jaeggli
On 3/20/16 12:34 PM, Jared Mauch wrote: > I've seen some conferences do a virtual participant device that joins the > wifi and reports back data. netbeez is an example of one such device. > Jared Mauch > >> On Mar 16, 2016, at 1:54 PM, Jim Wininger

Re: Cogent - Google - HE Fun

2016-03-13 Thread joel jaeggli
On 3/13/16 7:31 AM, Dennis Burgess wrote: > In the end, google has made a choice. I think these kinds of choices will > delay IPv6 adoption. Given that they publish records for a great deal of their services I'm not sure how you would conclude that. > -Original Message- > From:

Re: Internet Exchanges supporting jumbo frames?

2016-03-09 Thread joel jaeggli
On 3/9/16 7:58 AM, Mikael Abrahamsson wrote: > On Wed, 9 Mar 2016, Nick Hilliard wrote: > >> used. Some will want 9000, some 9200, others 4470 and some people > > I have a strong opinion for jumboframes=9180bytes (IPv4/IPv6 MTU), > partly because there are two standards referencing this size

Re: remote serial console (IP to Serial)

2016-03-08 Thread joel jaeggli
On 3/8/16 10:06 AM, Stephen Satchell wrote: > On 03/08/2016 07:30 AM, greg whynott wrote: >> I'd like to purchase a IP to >> Serial port device I can use for each location in the event I lock myself >> out. The requirement would be an Ethernet port, a serial port, and >> SSH. > > I've used

Re: Sprint Wireless DNS server not resolving

2016-02-27 Thread joel jaeggli
On 2/26/16 5:42 PM, Yang Yu wrote: > and its subdomains such as are not accessible > on Sprint 3G/LTE (DNS timeout). From what I gathered this is affecting > Sprint wireless customers nationwide. I created a DNS measurement on > ripe atlas and no signs of other carriers

Re: Dear Windstream engineers

2016-01-31 Thread joel jaeggli
On 1/30/16 2:29 PM, Matthew D. Hardeman wrote: > You offer this service to your customers, don’t you? ;-) source based RTBH requires urpf, which while generally available may have practical limitations on implementation. > Seriously, it’s a good question. Most IP transit providers offering

Re: Equipment Supporting 2.5gbps and 5gbps

2016-01-28 Thread joel jaeggli
On 1/28/16 10:29 AM, Randy Carpenter wrote: > > I'd love to know what model Juniper you are getting for $102 per > 10GbE port and where you are getting it. The lowest-end 10GbE switch > is the EX4600, which lists at more like $850 per port. You can get > higher-end ones with much larger port

Re: The IPv6 Travesty that is Cogent's refusal to peer Hurricane Electric - and how to solve it

2016-01-26 Thread joel jaeggli
On 1/25/16 11:06 AM, Jared Mauch wrote: > My understanding is this was mostly legacy from devices that did not > carry full Rib and fib. There were tricks to avoid ending up on these > skinny devices if you wanted. > > Life in the core has changed a lot in recent years from 6500/7600 and >

Re: Inferring the location points of traffic exchange between two networks

2016-01-13 Thread joel jaeggli
0 > 569704 0 > > tells me that 513 is peering with 20965 that city, right? > > Best Regards > Reza Motamedi (R.M) > Graduate Research Fellow > Oregon Network Research Group > Computer and Information Science > University of Oregon >

Re: Inferring the location points of traffic exchange between two networks

2016-01-13 Thread joel jaeggli
On 1/13/16 9:36 AM, Reza Motamedi wrote: > Hi NANOG, > > I am researcher at the University of Oregon and my question is rather > primitive. My research background is in networked systems and Internet > measurement so I know how things work in theory. > > My question is about BGP and what can be

  1   2   3   4   5   6   7   8   9   10   >