Any info on devices that are running eBGP on the Internet?

2019-11-11 Thread Sylvain Baya 
Hi all,

Le mercredi 6 novembre 2019, Compton, Rich A  a
écrit :

> Hi, I am working with MANRS (https://www.manrs.org) on a tool for
> checking router configs for BGP security / spoofing prevention (e.g. uRPF)
> https://github.com/manrs-tools/MANRS-validator
>
> We are wondering if there is any research on the percentages of different
> types of devices running BGP on the Internet.
>

...why not launch a survey ? in collaboration with all the IXPs and the
MANRS's actors
(who have already signed the MANRS Routing Manifesto) ; asking them to
provide only three
informations :

•—
• Name (or Real OUI) of the device they are running BGP on ;
• IXP where the device is located ;
• Org's name (optional)
•—

Shalom,
--sb.

Something like:
>
> Cisco IOS 30%
>
> Junos 30%
>
> Mikrotik 20%
>
> etc…
>
> We are looking to focus our tool on the most prevalent types of devices
> doing BGP (and the most prevalent with BGP security/spoofing issues) so
> that we can have the greatest impact.  Does anyone have any information on
> this or know where I can obtain this information?  Thanks in advance!
>
>  -Rich
> [..,]
>


-- 

--
Best Regards !
baya.sylvain [AT cmNOG DOT cm] |  | <
https://survey.cmnog.cm>
Subscribe to Mailing List : 
__
#‎LASAINTEBIBLE‬|‪#‎Romains15‬:33«*Que LE ‪#‎DIEU‬ de ‪#‎Paix‬ soit avec
vous tous! ‪#‎Amen‬!*»
‪#‎MaPrière‬ est que tu naisses de nouveau. #Chrétiennement‬
«*Comme une biche soupire après des courants d’eau, ainsi mon âme soupire
après TOI, ô DIEU!*» (#Psaumes42:2)

Re: Any info on devices that are running eBGP on the Internet?

2019-11-11 Thread Alain Hebert 
    Could be a joker mapping his VM to the VAX OUI  I got a few 
00:01:de:ad:be:ef.


-
Alain Hebertaheb...@pubnix.net
PubNIX Inc.
50 boul. St-Charles
P.O. Box 26770 Beaconsfield, Quebec H9W 6G7
Tel: 514-990-5911  http://www.pubnix.netFax: 514-990-9443

On 2019-11-07 15:08, Aled Morris via NANOG wrote:
On Thu, 7 Nov 2019 at 19:59, Edward Dore 
> wrote:


I just grabbed the following from our routers connected to LINX
LON1, LINX LON2, LINX Manchester and LONAP (so this data is very
UK centric):

...

   1 DIGITAL EQUIPMENT CORPORATION


Kudos to whoever is running the VMS port of BIRD on their VAX-11/780

Aled

Re: Any info on devices that are running eBGP on the Internet?

2019-11-08 Thread Erik Sundberg 
Keep in mind that some members on the IX are using a configured mac address 
instead of the burn in MAC Address on the router's NIC Card.

We have done this in the past during for multiple reasons so we don't have to 
call the IX and wait on them to up date the filters.
-IX Port upgrading in bandwidth. I.E. 1G  -> 10G
-Router chassis or card upgrades
-Circuit grooms

This also allows us the flexibility to move the IX port to a difference device 
in the event of an outage, hardware failure, or other event.

-Erik

From: NANOG  on behalf of Eric Kuhnke 

Sent: Thursday, November 7, 2019 4:47 PM
To: Edward Dore ; nanog@nanog.org list 

Subject: Re: Any info on devices that are running eBGP on the Internet?

The OUI prefixes that are Intel, Dell, HP, Supermicro and other x86-64 hardware 
vendors are almost certainly people running BIRD, FRR or similar on commodity 
hardware. In which case the actual routing configuration could be almost 
anything, those just happen to be the PCI-Express NICs in some sort of server 
platform.



On Thu, Nov 7, 2019 at 11:59 AM Edward Dore 
mailto:edward.d...@freethought-internet.co.uk>>
 wrote:
I just grabbed the following from our routers connected to LINX LON1, LINX 
LON2, LINX Manchester and LONAP (so this data is very UK centric):

 557 Cisco Systems, Inc
 553 Juniper Networks
  51 Routerboard.com
  51 Brocade Communications Systems, Inc.
  49 Arista Networks
  40 Unknown
  38 Intel Corporate
  36 HUAWEI TECHNOLOGIES CO.,LTD
  31 Globalscale Technologies, Inc.
  20 Super Micro Computer, Inc.
  20 Alcatel-Lucent IPD
  15 Nokia
  14 Hewlett Packard
  10 VMware, Inc.
  10 Ubiquiti Networks Inc.
  10 Sunrich Technology Limited
  10 Extreme Networks, Inc.
   7 Dell Inc.
   5 IEEE Registration Authority
   4 Intel Corporation
   4 HotLava Systems, Inc.
   3 FireBrick Limited
   2 Raspberry Pi Foundation
   2 Nexcom International Co., Ltd.
   2 Microsoft Corporation
   2 Mellanox Technologies, Inc.
   2 ICP Electronics Inc.
   2 Hewlett Packard Enterprise
   2 BSkyB Ltd
   1 Xensource, Inc.
   1 XEROX CORPORATION
   1 Solarflare Communications Inc.
   1 SILICOM, LTD.
   1 MIX s.r.l.
   1 LANNER ELECTRONICS, INC.
   1 GIGA-BYTE TECHNOLOGY CO.,LTD.
   1 DriveCam Inc
   1 DIGITAL EQUIPMENT CORPORATION
   1 Agile Systems Inc.

That's done using https://github.com/bauerj/mac_vendor_lookup to do the MAC 
lookup against the IEEE OUI list with the "Unknown" entries being anything 
which doesn't appear in http://standards-oui.ieee.org/oui.txt (possibly locally 
administered addresses?).

Hope that's helpful to someone 


Edward Dore

Freethought Internet


From: NANOG mailto:nanog-boun...@nanog.org>> on behalf 
of Sabri Berisha mailto:sa...@cluecentral.net>>
Sent: 07 November 2019 19:08
To: Compton, Rich A mailto:rich.comp...@charter.com>>
Cc: nanog mailto:nanog@nanog.org>>
Subject: Re: Any info on devices that are running eBGP on the Internet?

Hi,

What you could consider is asking a few of the major internet exchanges if 
they'd be so kind to send you a list of MAC addresses seen on their LANs. Based 
on the MAC you can determine the manufacturer. If you have three or four big 
ones, you have a decent sample size as most larger networks are on multiple 
IXes anyway.

If you do compile a list, I'm sure this list would be interested in the results 
:)

Thanks,

Sabri


- On Nov 6, 2019, at 10:39 AM, Compton, Rich A 
mailto:rich.comp...@charter.com>> wrote:

Hi, I am working with MANRS (https://www.manrs.org) on a tool for checking 
router configs for BGP security / spoofing prevention (e.g. uRPF) 
https://github.com/manrs-tools/MANRS-validator

We are wondering if there is any research on the percentages of different types 
of devices running BGP on the Internet.

Something like:

Cisco IOS 30%

Junos 30%

Mikrotik 20%

etc…

We are looking to focus our tool on the most prevalent types of devices doing 
BGP (and the most prevalent with BGP security/spoofing issues) so that we can 
have the greatest impact.  Does anyone have any information on this or know 
where I can obtain this information?  Thanks in advance!

 -Rich

The contents of this e-mail message and
any attachments are intended solely for the
addressee(s) and may contain confidential
and/or legally privileged information. If you
are not the intended recipient of this message
or if this message has been addressed to you
in error, please immediately alert the sender
by reply e-mail and then delete this message
and any attachments. If you are not the
intended recipient, you are notified that
any use, dissemination, distribution, copying,
or storage of this message or any attachment
is strictly prohibited.



CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or

Re: Any info on devices that are running eBGP on the Internet?

2019-11-07 Thread Eric Kuhnke 
The OUI prefixes that are Intel, Dell, HP, Supermicro and other x86-64
hardware vendors are almost certainly people running BIRD, FRR or similar
on commodity hardware. In which case the actual routing configuration could
be almost anything, those just happen to be the PCI-Express NICs in some
sort of server platform.



On Thu, Nov 7, 2019 at 11:59 AM Edward Dore <
edward.d...@freethought-internet.co.uk> wrote:

> I just grabbed the following from our routers connected to LINX LON1, LINX
> LON2, LINX Manchester and LONAP (so this data is very UK centric):
>
>  557 Cisco Systems, Inc
>  553 Juniper Networks
>   51 Routerboard.com
>   51 Brocade Communications Systems, Inc.
>   49 Arista Networks
>   40 Unknown
>   38 Intel Corporate
>   36 HUAWEI TECHNOLOGIES CO.,LTD
>   31 Globalscale Technologies, Inc.
>   20 Super Micro Computer, Inc.
>   20 Alcatel-Lucent IPD
>   15 Nokia
>   14 Hewlett Packard
>   10 VMware, Inc.
>   10 Ubiquiti Networks Inc.
>   10 Sunrich Technology Limited
>   10 Extreme Networks, Inc.
>7 Dell Inc.
>5 IEEE Registration Authority
>4 Intel Corporation
>4 HotLava Systems, Inc.
>3 FireBrick Limited
>2 Raspberry Pi Foundation
>2 Nexcom International Co., Ltd.
>2 Microsoft Corporation
>2 Mellanox Technologies, Inc.
>2 ICP Electronics Inc.
>2 Hewlett Packard Enterprise
>2 BSkyB Ltd
>1 Xensource, Inc.
>1 XEROX CORPORATION
>1 Solarflare Communications Inc.
>1 SILICOM, LTD.
>1 MIX s.r.l.
>1 LANNER ELECTRONICS, INC.
>1 GIGA-BYTE TECHNOLOGY CO.,LTD.
>1 DriveCam Inc
>1 DIGITAL EQUIPMENT CORPORATION
>1 Agile Systems Inc.
>
> That's done using https://github.com/bauerj/mac_vendor_lookup to do the MAC
> lookup against the IEEE OUI list with the "Unknown" entries being
> anything which doesn't appear in http://standards-oui.ieee.org/oui.txt 
> (possibly
> locally administered addresses?).
>
> Hope that's helpful to someone 
>
> Edward Dore
>
> Freethought Internet
> --
> *From:* NANOG  on behalf of Sabri Berisha <
> sa...@cluecentral.net>
> *Sent:* 07 November 2019 19:08
> *To:* Compton, Rich A 
> *Cc:* nanog 
> *Subject:* Re: Any info on devices that are running eBGP on the Internet?
>
> Hi,
>
> What you could consider is asking a few of the major internet exchanges if
> they'd be so kind to send you a list of MAC addresses seen on their LANs.
> Based on the MAC you can determine the manufacturer. If you have three or
> four big ones, you have a decent sample size as most larger networks are on
> multiple IXes anyway.
>
> If you do compile a list, I'm sure this list would be interested in the
> results :)
>
> Thanks,
>
> Sabri
>
>
> - On Nov 6, 2019, at 10:39 AM, Compton, Rich A <
> rich.comp...@charter.com> wrote:
>
> Hi, I am working with MANRS (https://www.manrs.org) on a tool for
> checking router configs for BGP security / spoofing prevention (e.g. uRPF)
> https://github.com/manrs-tools/MANRS-validator
>
> We are wondering if there is any research on the percentages of different
> types of devices running BGP on the Internet.
>
> Something like:
>
> Cisco IOS 30%
>
> Junos 30%
>
> Mikrotik 20%
>
> etc…
>
> We are looking to focus our tool on the most prevalent types of devices
> doing BGP (and the most prevalent with BGP security/spoofing issues) so
> that we can have the greatest impact.  Does anyone have any information on
> this or know where I can obtain this information?  Thanks in advance!
>
>  -Rich
> The contents of this e-mail message and
> any attachments are intended solely for the
> addressee(s) and may contain confidential
> and/or legally privileged information. If you
> are not the intended recipient of this message
> or if this message has been addressed to you
> in error, please immediately alert the sender
> by reply e-mail and then delete this message
> and any attachments. If you are not the
> intended recipient, you are notified that
> any use, dissemination, distribution, copying,
> or storage of this message or any attachment
> is strictly prohibited.
>
>

Re: Any info on devices that are running eBGP on the Internet?

2019-11-07 Thread Edward Dore 
That would be AS42009 at LINX Manchester.

I presume it's either something emulating a DEC Tulip Ethernet chip or a fake 
MAC address (AA:00:00).


Edward Dore

Freethought Internet


From: Aled Morris 
Sent: 07 November 2019 20:08
To: Edward Dore 
Cc: Sabri Berisha ; Compton, Rich A 
; nanog 
Subject: Re: Any info on devices that are running eBGP on the Internet?

On Thu, 7 Nov 2019 at 19:59, Edward Dore 
mailto:edward.d...@freethought-internet.co.uk>>
 wrote:
I just grabbed the following from our routers connected to LINX LON1, LINX 
LON2, LINX Manchester and LONAP (so this data is very UK centric):
...
   1 DIGITAL EQUIPMENT CORPORATION

Kudos to whoever is running the VMS port of BIRD on their VAX-11/780

Aled

Re: Any info on devices that are running eBGP on the Internet?

2019-11-07 Thread Aled Morris via NANOG 
On Thu, 7 Nov 2019 at 19:59, Edward Dore <
edward.d...@freethought-internet.co.uk> wrote:

> I just grabbed the following from our routers connected to LINX LON1, LINX
> LON2, LINX Manchester and LONAP (so this data is very UK centric):
>
...

>1 DIGITAL EQUIPMENT CORPORATION
>

Kudos to whoever is running the VMS port of BIRD on their VAX-11/780

Aled

Re: Any info on devices that are running eBGP on the Internet?

2019-11-07 Thread Edward Dore 
I just grabbed the following from our routers connected to LINX LON1, LINX 
LON2, LINX Manchester and LONAP (so this data is very UK centric):

 557 Cisco Systems, Inc
 553 Juniper Networks
  51 Routerboard.com
  51 Brocade Communications Systems, Inc.
  49 Arista Networks
  40 Unknown
  38 Intel Corporate
  36 HUAWEI TECHNOLOGIES CO.,LTD
  31 Globalscale Technologies, Inc.
  20 Super Micro Computer, Inc.
  20 Alcatel-Lucent IPD
  15 Nokia
  14 Hewlett Packard
  10 VMware, Inc.
  10 Ubiquiti Networks Inc.
  10 Sunrich Technology Limited
  10 Extreme Networks, Inc.
   7 Dell Inc.
   5 IEEE Registration Authority
   4 Intel Corporation
   4 HotLava Systems, Inc.
   3 FireBrick Limited
   2 Raspberry Pi Foundation
   2 Nexcom International Co., Ltd.
   2 Microsoft Corporation
   2 Mellanox Technologies, Inc.
   2 ICP Electronics Inc.
   2 Hewlett Packard Enterprise
   2 BSkyB Ltd
   1 Xensource, Inc.
   1 XEROX CORPORATION
   1 Solarflare Communications Inc.
   1 SILICOM, LTD.
   1 MIX s.r.l.
   1 LANNER ELECTRONICS, INC.
   1 GIGA-BYTE TECHNOLOGY CO.,LTD.
   1 DriveCam Inc
   1 DIGITAL EQUIPMENT CORPORATION
   1 Agile Systems Inc.

That's done using https://github.com/bauerj/mac_vendor_lookup to do the MAC 
lookup against the IEEE OUI list with the "Unknown" entries being anything 
which doesn't appear in http://standards-oui.ieee.org/oui.txt (possibly locally 
administered addresses?).

Hope that's helpful to someone 


Edward Dore

Freethought Internet


From: NANOG  on behalf of Sabri Berisha 

Sent: 07 November 2019 19:08
To: Compton, Rich A 
Cc: nanog 
Subject: Re: Any info on devices that are running eBGP on the Internet?

Hi,

What you could consider is asking a few of the major internet exchanges if 
they'd be so kind to send you a list of MAC addresses seen on their LANs. Based 
on the MAC you can determine the manufacturer. If you have three or four big 
ones, you have a decent sample size as most larger networks are on multiple 
IXes anyway.

If you do compile a list, I'm sure this list would be interested in the results 
:)

Thanks,

Sabri


- On Nov 6, 2019, at 10:39 AM, Compton, Rich A  
wrote:

Hi, I am working with MANRS (https://www.manrs.org) on a tool for checking 
router configs for BGP security / spoofing prevention (e.g. uRPF) 
https://github.com/manrs-tools/MANRS-validator

We are wondering if there is any research on the percentages of different types 
of devices running BGP on the Internet.

Something like:

Cisco IOS 30%

Junos 30%

Mikrotik 20%

etc…

We are looking to focus our tool on the most prevalent types of devices doing 
BGP (and the most prevalent with BGP security/spoofing issues) so that we can 
have the greatest impact.  Does anyone have any information on this or know 
where I can obtain this information?  Thanks in advance!

 -Rich

The contents of this e-mail message and
any attachments are intended solely for the
addressee(s) and may contain confidential
and/or legally privileged information. If you
are not the intended recipient of this message
or if this message has been addressed to you
in error, please immediately alert the sender
by reply e-mail and then delete this message
and any attachments. If you are not the
intended recipient, you are notified that
any use, dissemination, distribution, copying,
or storage of this message or any attachment
is strictly prohibited.

Re: Any info on devices that are running eBGP on the Internet?

2019-11-07 Thread Alistair Mackenzie 
LINX has the mac addresses of their LANs public.

https://portal.linx.net/members/list-ip-asn?columns=asn+mac_addresses+short_name+website==


On Thu, Nov 7, 2019 at 7:26 PM Owen DeLong  wrote:

> MAC Addresses may cross into fear of disclosure of private identifying
> information.
>
> All they really need is the OUI portion of the MAC addresses which is
> fairly anonymous in terms of identifying anyone specific, yet provides all
> the needed data.
>
> Owen
>
>
> On Nov 7, 2019, at 11:08 , Sabri Berisha  wrote:
>
> Hi,
>
> What you could consider is asking a few of the major internet exchanges if
> they'd be so kind to send you a list of MAC addresses seen on their LANs.
> Based on the MAC you can determine the manufacturer. If you have three or
> four big ones, you have a decent sample size as most larger networks are on
> multiple IXes anyway.
>
> If you do compile a list, I'm sure this list would be interested in the
> results :)
>
> Thanks,
>
> Sabri
>
>
> - On Nov 6, 2019, at 10:39 AM, Compton, Rich A <
> rich.comp...@charter.com> wrote:
>
> Hi, I am working with MANRS (https://www.manrs.org) on a tool for
> checking router configs for BGP security / spoofing prevention (e.g. uRPF)
>  https://github.com/manrs-tools/MANRS-validator
> We are wondering if there is any research on the percentages of different
> types of devices running BGP on the Internet.
> Something like:
> Cisco IOS 30%
> Junos 30%
> Mikrotik 20%
> etc…
> We are looking to focus our tool on the most prevalent types of devices
> doing BGP (and the most prevalent with BGP security/spoofing issues) so
> that we can have the greatest impact.  Does anyone have any information on
> this or know where I can obtain this information?  Thanks in advance!
>
>  -Rich
> The contents of this e-mail message and
> any attachments are intended solely for the
> addressee(s) and may contain confidential
> and/or legally privileged information. If you
> are not the intended recipient of this message
> or if this message has been addressed to you
> in error, please immediately alert the sender
> by reply e-mail and then delete this message
> and any attachments. If you are not the
> intended recipient, you are notified that
> any use, dissemination, distribution, copying,
> or storage of this message or any attachment
> is strictly prohibited.
>
>
>

Re: Any info on devices that are running eBGP on the Internet?

2019-11-07 Thread Owen DeLong 
MAC Addresses may cross into fear of disclosure of private identifying 
information.

All they really need is the OUI portion of the MAC addresses which is fairly 
anonymous in terms of identifying anyone specific, yet provides all the needed 
data.

Owen


> On Nov 7, 2019, at 11:08 , Sabri Berisha  wrote:
> 
> Hi,
> 
> What you could consider is asking a few of the major internet exchanges if 
> they'd be so kind to send you a list of MAC addresses seen on their LANs. 
> Based on the MAC you can determine the manufacturer. If you have three or 
> four big ones, you have a decent sample size as most larger networks are on 
> multiple IXes anyway.
> 
> If you do compile a list, I'm sure this list would be interested in the 
> results :)
> 
> Thanks, 
> 
> Sabri 
> 
> 
> - On Nov 6, 2019, at 10:39 AM, Compton, Rich A  > wrote:
> Hi, I am working with MANRS (https://www.manrs.org ) 
> on a tool for checking router configs for BGP security / spoofing prevention 
> (e.g. uRPF) https://github.com/manrs-tools/MANRS-validator 
> 
> We are wondering if there is any research on the percentages of different 
> types of devices running BGP on the Internet. 
> Something like:
> Cisco IOS 30%
> Junos 30%
> Mikrotik 20%
> etc…
> We are looking to focus our tool on the most prevalent types of devices doing 
> BGP (and the most prevalent with BGP security/spoofing issues) so that we can 
> have the greatest impact.  Does anyone have any information on this or know 
> where I can obtain this information?  Thanks in advance!
>  -Rich 
> The contents of this e-mail message and 
> any attachments are intended solely for the 
> addressee(s) and may contain confidential 
> and/or legally privileged information. If you
> are not the intended recipient of this message
> or if this message has been addressed to you 
> in error, please immediately alert the sender
> by reply e-mail and then delete this message 
> and any attachments. If you are not the 
> intended recipient, you are notified that 
> any use, dissemination, distribution, copying,
> or storage of this message or any attachment 
> is strictly prohibited.

Re: Any info on devices that are running eBGP on the Internet?

2019-11-07 Thread Sabri Berisha 
Hi, 

What you could consider is asking a few of the major internet exchanges if 
they'd be so kind to send you a list of MAC addresses seen on their LANs. Based 
on the MAC you can determine the manufacturer. If you have three or four big 
ones, you have a decent sample size as most larger networks are on multiple 
IXes anyway. 

If you do compile a list, I'm sure this list would be interested in the results 
:) 

Thanks, 

Sabri 

- On Nov 6, 2019, at 10:39 AM, Compton, Rich A  
wrote: 

> Hi, I am working with MANRS ( [ https://www.manrs.org/ | 
> https://www.manrs.org ]
> ) on a tool for checking router configs for BGP security / spoofing prevention
> (e.g. uRPF) [ https://github.com/manrs-tools/MANRS-validator |
> https://github.com/manrs-tools/MANRS-validator ]

> We are wondering if there is any research on the percentages of different 
> types
> of devices running BGP on the Internet.

> Something like:

> Cisco IOS 30%

> Junos 30%

> Mikrotik 20%

> etc…

> We are looking to focus our tool on the most prevalent types of devices doing
> BGP (and the most prevalent with BGP security/spoofing issues) so that we can
> have the greatest impact. Does anyone have any information on this or know
> where I can obtain this information? Thanks in advance!

> -Rich
> The contents of this e-mail message and
> any attachments are intended solely for the
> addressee(s) and may contain confidential
> and/or legally privileged information. If you
> are not the intended recipient of this message
> or if this message has been addressed to you
> in error, please immediately alert the sender
> by reply e-mail and then delete this message
> and any attachments. If you are not the
> intended recipient, you are notified that
> any use, dissemination, distribution, copying,
> or storage of this message or any attachment
> is strictly prohibited.

Any info on devices that are running eBGP on the Internet?

2019-11-06 Thread Compton, Rich A 
Hi, I am working with MANRS (https://www.manrs.org) on a tool for checking 
router configs for BGP security / spoofing prevention (e.g. uRPF) 
https://github.com/manrs-tools/MANRS-validator
We are wondering if there is any research on the percentages of different types 
of devices running BGP on the Internet.
Something like:
Cisco IOS 30%
Junos 30%
Mikrotik 20%
etc…
We are looking to focus our tool on the most prevalent types of devices doing 
BGP (and the most prevalent with BGP security/spoofing issues) so that we can 
have the greatest impact.  Does anyone have any information on this or know 
where I can obtain this information?  Thanks in advance!
 -Rich
E-MAIL CONFIDENTIALITY NOTICE: 
The contents of this e-mail message and any attachments are intended solely for 
the addressee(s) and may contain confidential and/or legally privileged 
information. If you are not the intended recipient of this message or if this 
message has been addressed to you in error, please immediately alert the sender 
by reply e-mail and then delete this message and any attachments. If you are 
not the intended recipient, you are notified that any use, dissemination, 
distribution, copying, or storage of this message or any attachment is strictly 
prohibited.