Re: CDN-provided caching platforms?

[Doug Kenline]

I received this in my email today...seemed timely regarding this 
thread..please forgive if not appropriate use of list..does this 
add anything to the conversation?  stll learning herei like the 
picture.thank you...

doug kenline
reston, virginia



Dear Doug,

We are hearing from our  global service provider customers about their 
frustrations with understanding their CDN traffic.  Since CDN traffic can 
originate from multiple locations, including caches outside of the CDN’s own 
network, it’s difficult to see which traffic is associated with each CDN, where 
that traffic enters your network, and how it changes over time.

Kentik excels at tagging and labeling network flow data with additional 
context, including labels to identify traffic that’s associated with CDNs.  By 
filtering or grouping traffic per CDN our customers can make more informed 
traffic engineering decisions, find and fix CDN traffic origin 
misconfigurations, and negotiate with CDN operators using data-driven insights..


Kentik’s view of current traffic inbound to Sprint’s network, broken out by 
geography, prefix and top talker IP address.


Daniel Garcia
Kentik.com | 408.781.6664 m
625 Second Street, Suite 100, San Francisco, CA 94107
LinkedIn








From: NANOG  on behalf of Anurag Bhatia 

Sent: Wednesday, April 4, 2018 5:31 PM
To: Aaron Gould
Cc: NANOG Mailing List
Subject: Re: CDN-provided caching platforms?

Hi Aaron


I see the Amazon Prime video streams coming from Amazon Web Services
Cloudfront CDN. Unsure of other places. Hard to do a global check on
available platforms like say RIPE Atlas.
And AWS Cloudfront does has the option of edge locations not connected to
their backbone.

On Wed, Apr 4, 2018 at 7:38 AM, Aaron Gould  wrote:

> I'm wondering if/when Amazon Prime Video will have a CDN system to roll-out
> to ISP's like OCA, FNA, GGC, etc
>
> Anyone here anything about Amazon Video or any other big names like that ?
>
> - Aaron
>
> -Original Message-
> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of
> valdis.kletni...@vt.edu
> Sent: Tuesday, March 27, 2018 10:23 AM
> To: Russell Berg
> Cc: nanog@nanog.org
> Subject: Re: CDN-provided caching platforms?
>
> On Tue, 27 Mar 2018 02:26:24 -, Russell Berg said:
>
> > I was wondering if there are other CDN caching platforms out there we
> > should be researching/deploying?
>
> Does traffic analysis show any other destinations that have enough traffic
> that caching might help?
>
>
>


--


Anurag Bhatia
anuragbhatia.com

RE: CDN-provided caching platforms?

[Aaron Gould]

Thanks Doug, Kentik sounds familiar, I think I've spoken with them at a
conference once or twice... a quick like at their website reminds me that
they focus on ddos and understanding traffic better... not sure how this
applies to the thread originated by Russell.

-Aaron

RE: CDN-provided caching platforms?

[Aaron Gould]

Thanks Anurag, is there anyone on the list from Amazon AWS Cloudfront that can 
speak to this ?

 

“And AWS Cloudfront does has the option of edge locations not connected to 
their backbone.“

 

I’m an ISP and have fb fna, nf oca, ggc, and Akamai aanp, … does Amazon AWS 
Cloudfront ship servers to locations like mine ?

 

 

-Aaron

Juniper releases sFlow support for MX routers

[Peter Phaal]

Hi All,

I thought there might be interest in availability of sFlow in Junos OS
Release 18.1R1 for MX routers:

https://blog.sflow.com/2018/04/sflow-available-on-juniper-mx-series.html

Peter

Re: CDN-provided caching platforms?

[Hugo Slabbert]

On Fri 2018-Apr-06 09:46:42 -0500, Aaron Gould  wrote:


Thanks Doug, Kentik sounds familiar, I think I've spoken with them at a
conference once or twice... a quick like at their website reminds me that
they focus on ddos and understanding traffic better... not sure how this
applies to the thread originated by Russell.


* Use Kentik (or other netflow/visibility tools) to identify your top 
  traffic sources
* focus effort on those to work out if you can peer with them or get 
  caching appliances from them

* profit

--
Hugo Slabbert   | email, xmpp/jabber: h...@slabnet.com
pgp key: B178313E   | also on Signal


signature.asc
Description: Digital signature

Re: CDN-provided caching platforms?

[Kaiser, Erich]

AS-stats works well for this and its free...

Erich Kaiser
The Fusion Network
er...@gotfusion.net
Office: 815-570-3101




On Fri, Apr 6, 2018 at 11:18 AM, Hugo Slabbert  wrote:

> On Fri 2018-Apr-06 09:46:42 -0500, Aaron Gould  wrote:
>
> Thanks Doug, Kentik sounds familiar, I think I've spoken with them at a
>> conference once or twice... a quick like at their website reminds me that
>> they focus on ddos and understanding traffic better... not sure how this
>> applies to the thread originated by Russell.
>>
>
> * Use Kentik (or other netflow/visibility tools) to identify your top
>  traffic sources
> * focus effort on those to work out if you can peer with them or get
>  caching appliances from them
> * profit
>
> --
> Hugo Slabbert   | email, xmpp/jabber: h...@slabnet.com
> pgp key: B178313E   | also on Signal
>

Attn BrightCloud

[Kaiser, Erich]

We are seeing false positives on NAt'd IPs on our customers networks,
please correct this issue. This started a few days ago...


Erich Kaiser
The Fusion Network
er...@gotfusion.net
Office: 815-570-3101

Re: CDN-provided caching platforms?

[Hugo Slabbert]

On Fri 2018-Apr-06 11:25:12 -0500, Kaiser, Erich  wrote:


AS-stats works well for this and its free...


+1

Or see the other recent netflow tools thread[1] for inspiration.

--
Hugo Slabbert   | email, xmpp/jabber: h...@slabnet.com
pgp key: B178313E   | also on Signal

[1] https://mailman.nanog.org/pipermail/nanog/2018-March/094490.html


signature.asc
Description: Digital signature

Re: Attn BrightCloud

[Mike Hale]

*cough*

http://brightcloud.com/tools/url-ip-lookup.php

You can request removals there.

On Fri, Apr 6, 2018 at 9:28 AM, Kaiser, Erich  wrote:
> We are seeing false positives on NAt'd IPs on our customers networks,
> please correct this issue. This started a few days ago...
>
>
> Erich Kaiser
> The Fusion Network
> er...@gotfusion.net
> Office: 815-570-3101



-- 
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0

Weekly Routing Table Report

[Routing Analysis Role Account]

This is an automated weekly mailing describing the state of the Internet
Routing Table as seen from APNIC's router in Japan.

The posting is sent to APOPS, NANOG, AfNOG, SANOG, PacNOG, SAFNOG
TZNOG, MENOG, BJNOG, SDNOG, CMNOG, LACNOG, IRNOG and the RIPE Routing WG.

Daily listings are sent to bgp-st...@lists.apnic.net

For historical data, please see http://thyme.rand.apnic.net.

If you have any comments please contact Philip Smith .

Routing Table Report   04:00 +10GMT Sat 07 Apr, 2018

Report Website: http://thyme.rand.apnic.net
Detailed Analysis:  http://thyme.rand.apnic.net/current/

Analysis Summary


BGP routing table entries examined:  690896
Prefixes after maximum aggregation (per Origin AS):  266872
Deaggregation factor:  2.59
Unique aggregates announced (without unneeded subnets):  332608
Total ASes present in the Internet Routing Table: 60156
Prefixes per ASN: 11.49
Origin-only ASes present in the Internet Routing Table:   51982
Origin ASes announcing only one prefix:   22730
Transit ASes present in the Internet Routing Table:8174
Transit-only ASes present in the Internet Routing Table:266
Average AS path length visible in the Internet Routing Table:   4.0
Max AS path length visible:  34
Max AS path prepend of ASN ( 30873)  32
Prefixes from unregistered ASNs in the Routing Table:50
Number of instances of unregistered ASNs:50
Number of 32-bit ASNs allocated by the RIRs:  22082
Number of 32-bit ASNs visible in the Routing Table:   17722
Prefixes from 32-bit ASNs in the Routing Table:   73655
Number of bogon 32-bit ASNs visible in the Routing Table:20
Special use prefixes present in the Routing Table:3
Prefixes being announced from unallocated address space:310
Number of addresses announced to Internet:   2861813986
Equivalent to 170 /8s, 147 /16s and 208 /24s
Percentage of available address space announced:   77.3
Percentage of allocated address space announced:   77.3
Percentage of available address space allocated:  100.0
Percentage of address space in use by end-sites:   98.9
Total number of prefixes smaller than registry allocations:  230077

APNIC Region Analysis Summary
-

Prefixes being announced by APNIC Region ASes:   188751
Total APNIC prefixes after maximum aggregation:   53654
APNIC Deaggregation factor:3.52
Prefixes being announced from the APNIC address blocks:  187714
Unique aggregates announced from the APNIC address blocks:76628
APNIC Region origin ASes present in the Internet Routing Table:8693
APNIC Prefixes per ASN:   21.59
APNIC Region origin ASes announcing only one prefix:   2439
APNIC Region transit ASes present in the Internet Routing Table:   1288
Average APNIC Region AS path length visible:4.0
Max APNIC Region AS path length visible: 24
Number of APNIC region 32-bit ASNs visible in the Routing Table:   3653
Number of APNIC addresses announced to Internet:  766814946
Equivalent to 45 /8s, 180 /16s and 170 /24s
APNIC AS Blocks4608-4864, 7467-7722, 9216-10239, 17408-18431
(pre-ERX allocations)  23552-24575, 37888-38911, 45056-46079, 55296-56319,
   58368-59391, 63488-64098, 64297-64395, 131072-137529
APNIC Address Blocks 1/8,  14/8,  27/8,  36/8,  39/8,  42/8,  43/8,
49/8,  58/8,  59/8,  60/8,  61/8, 101/8, 103/8,
   106/8, 110/8, 111/8, 112/8, 113/8, 114/8, 115/8,
   116/8, 117/8, 118/8, 119/8, 120/8, 121/8, 122/8,
   123/8, 124/8, 125/8, 126/8, 133/8, 150/8, 153/8,
   163/8, 171/8, 175/8, 180/8, 182/8, 183/8, 202/8,
   203/8, 210/8, 211/8, 218/8, 219/8, 220/8, 221/8,
   222/8, 223/8,

ARIN Region Analysis Summary


Prefixes being announced by ARIN Region ASes:206144
Total ARIN prefixes after maximum aggregation:98618
ARIN Deaggregation factor: 2.09
Prefixes being announced from the ARIN address blocks:   206770
Unique aggregates announced from the ARIN address blocks: 97746
ARIN Region origin ASes present in the Internet Routing Table:18123
ARIN Prefixes per ASN:11.41
A

Re: Juniper Config Commit causes Cisco Etherchannels to go into err-disable state

[Keenan Tims]

What it's telling you is totally unclear, though. I've asked TAC to
explain to me the packet behaviour that generates this errdisable, and
haven't been able to get a clear answer from them. It seems to come out
of 'nowhere' on multi-vendor networks, where all other vendors are
perfectly happy and no operational or configuration issue is evident,
other than Cisco shutting the port. As far as I can tell from the
documentation's description of this case, it should not even be possible
for it to trigger when LACP is in use (as the 'port channel' is
negotiated by LACP, not configured by the user...), yet it certainly can.

FWIW, I've also seen this between Juniper and Cisco, and have been
forced to disable the misconfig detection.

If you know exactly what Cisco's STP is telling me happened with this
error, I'd really love to know, it might at least help to understand how
it could be triggering, because it is definitely not 'port-channel
misconfiguration'.

Keenan


On 2018-04-05 02:26 PM, Naslund, Steve wrote:
> It really does not resolve anything it just allows a bad configuration to 
> work.  The guard is there so that if one side is configured as a channel and 
> the other side is not, the channel gets shut down.  Allowing it to remain up 
> can cause a BPDU loop.  Your spanning tree is trying to tell you something, 
> you should listen or you could get really hard to isolate issues.
>
> Steven Naslund
> Chicago IL  
>
>> -Original Message-
>> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Joseph Jenkins
>> Sent: Thursday, April 05, 2018 4:16 PM
>> To: Robert Webb
>> Cc: nanog@nanog.org
>> Subject: Re: Juniper Config Commit causes Cisco Etherchannels to go into 
>> err-disable state
>>
>> No there isn't, but from what I am getting responses both onlist and off 
>> list is to just run this on the Cisco switches:
>>
>> no spanning-tree etherchannel guard misconfig
>>
>> and that should resolve the issue.
>>
>> Thanks Everyone.

Re: Juniper Config Commit causes Cisco Etherchannels to go into err-disable state

[Marian Ďurkovič]

Please see the link below, that ugly hack should be disabled asap on all your
Cisco boxes:

https://supportforums.cisco.com/t5/lan-switching-and-routing/spanning-tree-etherchannel-guard-misconfig/td-p/1147273

MD


On Fri, 6 Apr 2018 11:31:17 -0700, Keenan Tims wrote
> What it's telling you is totally unclear, though. I've asked TAC to
> explain to me the packet behaviour that generates this errdisable, and
> haven't been able to get a clear answer from them. It seems to come out
> of 'nowhere' on multi-vendor networks, where all other vendors are
> perfectly happy and no operational or configuration issue is evident,
> other than Cisco shutting the port. As far as I can tell from the
> documentation's description of this case, it should not even be 
> possible for it to trigger when LACP is in use (as the 'port channel' 
> is negotiated by LACP, not configured by the user...), yet it 
> certainly can.
> 
> FWIW, I've also seen this between Juniper and Cisco, and have been
> forced to disable the misconfig detection.
> 
> If you know exactly what Cisco's STP is telling me happened with this
> error, I'd really love to know, it might at least help to understand 
> how it could be triggering, because it is definitely not 'port-channel 
> misconfiguration'.
> 
> Keenan
> 
> On 2018-04-05 02:26 PM, Naslund, Steve wrote:
> > It really does not resolve anything it just allows a bad configuration to
work.  The guard is there so that if one side is configured as a channel and the
other side is not, the channel gets shut down.  Allowing it to remain up can
cause a BPDU loop.  Your spanning tree is trying to tell you something, you
should listen or you could get really hard to isolate issues.
> >
> > Steven Naslund
> > Chicago IL  
> >
> >> -Original Message-
> >> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Joseph Jenkins
> >> Sent: Thursday, April 05, 2018 4:16 PM
> >> To: Robert Webb
> >> Cc: nanog@nanog.org
> >> Subject: Re: Juniper Config Commit causes Cisco Etherchannels to go into
err-disable state
> >>
> >> No there isn't, but from what I am getting responses both onlist and off
list is to just run this on the Cisco switches:
> >>
> >> no spanning-tree etherchannel guard misconfig
> >>
> >> and that should resolve the issue.
> >>
> >> Thanks Everyone.

Re: Juniper Config Commit causes Cisco Etherchannels to go into err-disable state

[Mark Milhollan]

Sounds like the Juniper is leaking a "default" BPDU as it resets the 
various internal chip configurations, which the Cisco receives thus 
triggering the err-disable.


/mark

Re: Are any of you starting to get AI robocalls?

[Mark Milhollan]

One can analyze the calling frequency, but even that's problematic as it 
can penalize a successful customer that isn't scamming.  Besides as HAL 
wrote many of these calls are not originating in NA.  If digital 
residential lines hadn't died they might make the original source 
visible making it easier to decide if the call seems legit, but for now 
an auto-attendant seems the easiest solution.


/mark

Manageengine Netflowanalyzer

[Moh Nassit]

> Hi,
>  It seem that Manageengine Netflowanalyzer support Netflow-lite with a
> Cisco 4948E
> http://help.netflowanalyzer.com/supported-devices
>
>   Did someone get this working? I did a lot of tests but not able to get
> data. Flows are correctly exported to the analyzer but no data are
> displayed.
>
> Thanks
>
>
>
> 
>
>