Hi Will,
Unlike AS2914 which purely interconnects with AS7922, it seems that AS3356 also
has direct interconnections to the various Comcast subsidiary networks which
are hidden from the DFZ through no-export communities.. I figured this out due
to a routing leak which happened a few years ago:
Hi Ben,
Prefix deaggregation and inconsistent announcements might work fine in
the US where all paths are mostly of equal quality, but is the bane of
my existence when it happens in regions like the Middle East or Africa
where one transit used by a target ISP might be connected locally and
Hi Elad,
If you were to create RPKI ROAs for the IPs in question that'd end the
discussion about prefix ownership once and for all. It's the best way to
definitively prove, in public, that the accusations of theft are false. And it
also helps to protect your resources from accidental leaks or
Hi Ronald,
I think we have to place our trust somewhere somehow.. I certainly don't have
the time nor the skill-set which would be needed to perform due diligence on
the ownership of every IP block on the Internet, and though you make a laudable
effort of it yourself this responsibility can't
Hi Elad,
Is this policy officially documented by AFRINIC somewhere? Can you make route
objects for legacy AFRINIC resources in their RIR operated IRRDB as a fallback
for RPKI?
Best regards,
Martijn
From: Elad Cohen
Sent: 18 September 2019 00:40:13
To: Martijn
Google also has a portal where you can provide a link to a self-published csv
geofeed, which is used for some but not all products served from their CDN
infrastructure.
https://isp.google.com/geo_feed/
They're also working on getting the format standardised in the IETF. I applaud
this,
We are using https://github.com/respawner/looking-glass which is doing the job
nicely and is actively developed.
Best regards,
Martijn
From: NANOG on behalf of Mehmet Akcin
Sent: 02 August 2019 04:49:45
To: nanog
Subject: Looking glass software
hey there,
I
I think AMS-IX had an exchange in Mombasa in the SEACOM landing station at some
point, but that is gone now. I'm not sure about the exact reasons there but
someone here probably knows what happened.
There's also a big amount of carriers in the TATA landing station in Mumbai, it
is the
Hi Drew,
You're probably best off ordering those crossconnects through the
Equinix portal, then you can choose the exact positions for the order
that goes to the facility rather than relying on a human to transcribe
them correctly from your PDF.
Best regards,
Martijn
On 12/5/19 4:28 PM, Drew
HKIX is definitely the incumbent IXP in that region, but I'd reckon that most
high volume interconnection will take place in facilities like Mega-iAdvantage
or Equinix HK1 via PNI.
Plus there are several alternative IXPs in Hong Kong that also handle
undisclosed amounts of traffic.
Hi Florian, NANOG,
While the symptom of (automatically) proxy registered route objects is
problematic, perhaps we could also take this opportunity to discuss the
underlying issue: we as an industry appear to place our trust in various IRR
sources operated by entities that either can't or don't
Out of curiosity, since we aren't affected by this ourselves, I know of cases
where Cogent has sub-allocated IP space to its customers but which those
customers originate from their own ASN and then announce to multiple upstream
providers.
So while the IP space is registered to Cogent and
On 1/7/20 11:16 AM, Mark Tinka wrote:
> Well, they would certainly be blocked by RPKI unless ROA's for those
> originations are created.
>
> Mark.
I don't think Cogent signed ROAs for any of their legacy IP space from
which they make sub-allocations to customers.. so for networks doing ROV
it
I suppose now would be a good time for everyone to re-open their Centurylink
ticket and ask why the RFO doesn't address the most important defect, e.g. the
inability to withdraw announcements even by shutting down the session?
Best regards,
Martijn
From: NANOG
networks, i.e. more
peering.
On Mon, Aug 31, 2020 at 9:54 AM Martijn Schmidt via NANOG
mailto:nanog@nanog.org>> wrote:
At this point you don't even know whether it's a human error (example:
generating a flowspec rule for port TCP/179), a filtering issue (example:
accepting a flowspec rule fo
At this point you don't even know whether it's a human error (example:
generating a flowspec rule for port TCP/179), a filtering issue (example:
accepting a flowspec rule for port TCP/179), or a software issue (example:
certain flowspec update crashes the BGP daemon). And in the third scenario
I know there are some European carriers that offer this as a fully productized
service, Colt and euNetworks come to mind.
Best regards,
Martijn
From: NANOG on behalf of Tony
Wicks
Sent: 13 October 2020 21:35
To: 'Brandon Martin'
Cc: nanog@nanog.org
Subject:
Being employed by one of these elusive game hosting companies, I can tell you
that the dedicated server model is very much alive. And rather than the version
of 20 years ago where there was one central server in the world, they are now
deployed in a globally distributed manner.
Games ought to
Hey John,
Do you have some background information about how Dublin is "technically
farther away" than Mumbai? Is the latency actually better in the middle of the
night? I'm genuinely curious, and I'll explain the reason why.. :)
The shortest submarine route to Mumbai would probably be
Hi Baldur,
You are at risk of facilitating spoofed and/or reflection DDoS attacks if you
don't implement BCP38.. that's why uRPF exists. :)
Best regards,
Martijn
From: NANOG on behalf of
Baldur Norddahl
Sent: 30 October 2020 20:29
To: nanog@nanog.org
For #1, are you trying to do "Cloud-ception" e.g. running your own proxmox
virtualization on top of an already virtual machine, so that you're basically
two layers deep?
For #2, of course you need to be able to survive a hardware failure (using
RAID1 or some flavour of DRBD for example) but
Hi John,
What happens to the route objects (and for that matter the OriginAS field in
the Whois-RWS system) that were created before the IRR-online service was
launched? Are the route objects (and/or OriginAS fields from the Whois-RWS
system) which were registered by ARIN members for their own
Hi John,
Thanks for the answer. In that case I would recommend to continue providing the
ARIN-NONAUTH data stream beyond the system shutdown state, while continuing to
allow for stale objects to be deleted: manually, or automated based on
Whois-RWS OriginAS data, or automated based on
Hi folks,
To briefly clarify the "now mostly i3D" situation.. i3D.net was acquired by
Ubisoft in 2019, and the reason why you're seeing Ubisoft's ASN disappearing
from the IXPs where they were present is that we are integrating the networks.
Ubisoft's prefixes are being announced downstream of
Hi Cynthia,
A big seconded from me.. I got into the peering / interconnection community
around 2014, and I was 25 or so at the time. Always enjoyed talking with the
"older" generations at the events, the historical perspective and understanding
that brings were very valuable to me in getting
Hi John,
It seems that you are trying to abdicate responsibility, but at the end of the
day those individual parties are placing information in "better" routing
registries such as RPKI that you can leverage to clean up the "lesser"
ARIN-NONAUTH routing registry. So those individuals are taking
My own admittedly relatively limited experience with networking in Africa has
always been that people truly, honestly want to help make things better
whenever it's reasonably possible (e.g. you obviously can't break local laws,
or ignore a regulator). The attitude is generally very very good,
It's route table pollution if you ask me.. in today's world we have many
IXPs and several tier-1 operators that support RPKI ROV, so when you
have issued ROAs for the supernet of the IP space in question it'll
already significantly reduce the effects of a BGP hijack.
Best regards,
Martijn
On
And it's also nice not to yank the old community in case your customers still
depend on it, even if you do also support the RFC version as an alias of that
one.
Best regards,
Martijn
From: NANOG on behalf of Steve
Meuse
Sent: 04 August 2021 17:55
To: Daniel
If your ECMP hashing algorithm considers L4 data I can recommend giving the TCP
mode of the standard Linux MTR package a try. While the destination port
remains a constant (iirc it defaults to port TCP/80) each iteration will use a
different TCP source port, thereby introducing sufficient
On 7/6/22 03:36, George Toma wrote:
You can connect directly to Bogota NAP and have all the local connectivity
peering you require:
ADVA recently launched a QSFP+ transceiver with bidi support on each of its
4x10G breakout lanes:
https://www.adva.com/en/newsroom/press-releases/20220308-adva-launches-new-bidi-pluggable-to-minimize-cost-and-latency-in-access-networks
As for 10G DWDM optics, it's not a very efficient way to
It kinda depends on the application that's being used. For example, videogaming
has a ratio somewhere around 1:2.5 since you're only transmitting metadata
about the players environment across the wire. The actual video is typically
rendered at the end user's side. So it's not very bandwidth
Hi Adam,
Depends on how big of a router you need for your "small PE".
Taking Juniper as an example, the MX204 is pretty unbeatable cost wise if you
can make do with its 4*QSFP28 & 8*SFP+ interfaces. There's a very big gap
between the MX204 and the first chassis based router in the MX lineup,
s are AT, Nordunet, DE-CIX, YYCIX,
> XS4ALL, MSK-IX, INEX, France-IX, Seacomm, Workonline, KPN International,
> and hundreds of others.
>
>
>
>> On Jul 4, 2019, at 5:56 AM, i3D.net - Martijn Schmidt via NANOG
>> wrote:
>>
>> So that means it's time for everyone t
So that means it's time for everyone to migrate their ARIN resources to a sane
RIR that does allow normal access to and redistribution of its RPKI TAL? ;-)
The RPKI TAL problem + an industry-standard IRRDB instead of WHOIS-RWS were
both major reasons for us to bring our ARIN IPv4 address space
36 matches
Mail list logo