> -Original Message-
> From: Ronald F. Guilmette [mailto:r...@tristatelogic.com]
> Sent: Thursday, September 30, 2010 10:48 PM
> To: nanog@nanog.org
> Subject: Re: AS11296 -- Hijacked?
>
> 63.247.172.3
> ns1.tooplacedo
I received a nice email from a very polite graduate student just now,
who shall remain nameless, and I decided that I wanted to give him
the reply below, but also to post this all to NANOG too, so here it
is. I hope this may ally some of the concern that has been expressed
about me not being more
>
> I really wish there was a good way to (generically) keep a 4-6 hour buffer of
> all control-plane traffic on devices. While you can do that with some, the
> forensic value is immense when you have a problem.
>
Buffering for 4-6 hours worth of control traffic is HUGE! What about
mirroring you
Thu, 30 Sep 2010 14:22:07 + nanog-requ...@nanog.org fuream loqour :
>If your network is of a scale where it exceeds the utility of static,
>then, it is almost certainly of a scale
>and topology where it exceeds the utility of RIP.
I'd agree that RIP is old, aged, and we all can probably go on
Sent from my iThing
On Oct 1, 2010, at 12:16 AM, Danny McPherson wrote:
>
> On Sep 30, 2010, at 11:34 PM, Manav Bhatia wrote:
>>
>> I would be interested in knowing if operators use the cryptographic
>> authentication for detecting the errors that i just described above.
>
> Additionally, o
On Sep 30, 2010, at 11:34 PM, Manav Bhatia wrote:
>
> I would be interested in knowing if operators use the cryptographic
> authentication for detecting the errors that i just described above.
Additionally, one might venture to understand the effects of such mechanisms and
why knob's such as IS-
On Thu, Sep 30, 2010 at 11:34 PM, Manav Bhatia wrote:
> I would be interested in knowing if operators use the cryptographic
> authentication for detecting the errors that i just described above.
yes.
Hi,
I believe, based on what i have heard, that some operators turn on
cryptographic authentication because the internet checksum that OSPF,
etc use for packet sanity is quite weak and offers trifle little
protection against lot of known errors like:
- re-ordering of 2-byte aligned words
- vario
On Sep 30, 2010, at 3:37 PM, Randy Bush wrote:
> it seems it gets the bgp route for 147.28.0.0/16 and then can not
> resolve the next hop. it would not recurse to the default exit.
>
> of course it was solved by
>
>ip route 147.28.0.0 255.255.0.0 42.666.77.11
>
> but i do not really under
I am with Scott on this one.. I took the initial question as a focus on the
edge... not the CORE. RIP is perfect for the edge to commercial CPEs. Why would
want to run OSPF/ISIS at the edge. I would hope that it would be common
practice to not use RIP in the CORE
peace
--
Ruben Guerra
-
On Sep 30, 2010, at 5:37 PM, Randy Bush wrote:
> i was recently bitten by a cousin of this
>
> research router getting an ebgp multi-hop full feed from 147.28.0.1
> (address is relevant)
>
> it is on a lan with a default gateway 42.666.77.11 (address not
> relevant), so it has
>
>ip route
On Sep 30, 2010, at 4:57 PM, Randy Bush wrote:
>>> it seems it gets the bgp route for 147.28.0.0/16 and then can not
>>> resolve the next hop. it would not recurse to the default exit.
>>>
>>> of course it was solved by
>>>ip route 147.28.0.0 255.255.0.0 42.666.77.11
>>> but i do not real
>> it seems it gets the bgp route for 147.28.0.0/16 and then can not
>> resolve the next hop. it would not recurse to the default exit.
>>
>> of course it was solved by
>> ip route 147.28.0.0 255.255.0.0 42.666.77.11
>> but i do not really understand in my heart why i needed to do this.
>
>
> it seems it gets the bgp route for 147.28.0.0/16 and then can not
> resolve the next hop. it would not recurse to the default exit.
>
> of course it was solved by
> ip route 147.28.0.0 255.255.0.0 42.666.77.11
> but i do not really understand in my heart why i needed to do this.
Neither do
On Thu, Sep 30, 2010 at 11:56:06PM +0100, Heath Jones wrote:
>
> Its interesting, I was heavy into cisco years back and then juniper
> for a while. Going back to cisco now is great (always good for me to
> keep my exposure up), but there is just so much unclear in it's CLI.
> It wasn't until go
Haha It's all good :)
You are right about IS-IS being less resource intensive than OSPF, and
that it scales better!
On 30 September 2010 23:50, Jack Carrozzo wrote:
>
>>
>> Both OSPF and IS-IS use Dijkstra. IS-IS isn't as widely used because
>> of the ISO addressing. Atleast thats my take on it
>> show bgp ipv4 unicast 100.10.0.0/16 why-chosen
>> Would be insanely useful.
> Been in JUNOS "show route" since day one, and IMHO is easily in the top
> 10 list of why I still buy Juniper instead of Cisco despite all the
> $%^&*ing bugs these days.
Its interesting, I was heavy into cisco years
> Both OSPF and IS-IS use Dijkstra. IS-IS isn't as widely used because
> of the ISO addressing. Atleast thats my take on it..
Sorry, my mistake. I'll go sit in my corner now...
-Jack
On 30 September 2010 22:11, Jack Carrozzo wrote:
> As it was explained to me, the main difference is that you can have $lots of
> prefixes in IS-IS without it falling over, whereas Dijkstra is far more
> resource-intensive and as such OSPF doesn't get too happy after $a_lot_less
> prefixes. Those
On 9/30/2010 15:34, Jared Mauch wrote:
>
> On Sep 30, 2010, at 6:30 PM, Seth Mattinen wrote:
>
>> On 9/30/2010 15:12, Bret Clark wrote:
>>> If the buildings are a 100ft apart, can't you just go with a wireless
>>> connection? Speeds would probably be better and no monthly fee!
>>>
>>
>> Wireless
On Thu, Sep 30, 2010 at 07:01:19AM -0700, Leo Bicknell wrote:
> I have suggested more than a few times to vendors that the command:
>
> show bgp ipv4 unicast 100.10.0.0/16 why-chosen
>
> Would be insanely useful.
Been in JUNOS "show route" since day one, and IMHO is easily in the top
10 list of
On Thu, 30 Sep 2010 17:20:52 -0400, Ryan Shea wrote:
AT&T may have their own term.
The industry standard term is "UNE" (unbundled network element.) However,
the sales drones may not recognize that either.
--Ricky
On Sep 30, 2010, at 6:30 PM, Seth Mattinen wrote:
> On 9/30/2010 15:12, Bret Clark wrote:
>> If the buildings are a 100ft apart, can't you just go with a wireless
>> connection? Speeds would probably be better and no monthly fee!
>>
>
> Wireless is not the end all solution for everything.
Unde
On 9/30/2010 15:12, Bret Clark wrote:
> If the buildings are a 100ft apart, can't you just go with a wireless
> connection? Speeds would probably be better and no monthly fee!
>
Wireless is not the end all solution for everything.
~Seth
> last time severall years ago on cisco I used a route-map to rewrite the
> next-hop.
> route-map xx-in permit 10
> set ip next-hop 42.666.77.11
> route-map xx-out permit 10
> set ip next-hop x.x.x.x
>
> neighbor 147.28.0.1 remote-as yyy
> neighbor 147.28.0.1 ebgp-multihop 8
> neighbo
If the buildings are a 100ft apart, can't you just go with a wireless
connection? Speeds would probably be better and no monthly fee!
On 09/30/2010 06:08 PM, Robert Johnson wrote:
If your sales contact don't know what an alarm circuit is, go find
AT&T's tariff filed with your state's PUC. It wi
If your sales contact don't know what an alarm circuit is, go find
AT&T's tariff filed with your state's PUC. It will contain the name of the
service. This will take some digging...
Verizon Maryland calls this an "Intraexchange local channel, regular voice
grade" and they go for $15.53/month. Ther
i was recently bitten by a cousin of this
research router getting an ebgp multi-hop full feed from 147.28.0.1
(address is relevant)
it is on a lan with a default gateway 42.666.77.11 (address not
relevant), so it has
ip route 0.0.0.0 0.0.0.0 42.666.77.11
massive flapping results.
it seem
Because the path was broken everytime the bgp session was established and
rewriting the routing table with more specific routes?
- Original Message -
From: "Randy Bush"
To: "North American Network Operators Group"
Sent: Thursday, 30 September, 2010 2:37:43 PM
Subject: Re: BGP next-hop
i was recently bitten by a cousin of this
research router getting an ebgp multi-hop full feed from 147.28.0.1
(address is relevant)
it is on a lan with a default gateway 42.666.77.11 (address not
relevant), so it has
ip route 0.0.0.0 0.0.0.0 42.666.77.11
massive flapping results.
it se
> -Original Message-
> From: Ryan Shea
> Sent: Thursday, September 30, 2010 2:21 PM
> To: Brandon Galbraith
> Cc: nanog@nanog.org
> Subject: Re: AT&T Dry Pairs?
>
> Years ago I managed to get a dry pair from Verizon for some homebrew
> DSL,
> but there was some telco specific term for t
Years ago I managed to get a dry pair from Verizon for some homebrew DSL,
but there was some telco specific term for the dry pair, like "series 7
alarm circuit" or something. AT&T may have their own term.
-Ryan
On Thu, Sep 30, 2010 at 4:52 PM, Brandon Galbraith <
brandon.galbra...@gmail.com> wrot
As it was explained to me, the main difference is that you can have $lots of
prefixes in IS-IS without it falling over, whereas Dijkstra is far more
resource-intensive and as such OSPF doesn't get too happy after $a_lot_less
prefixes. Those numbers can be debated as you like, but I think if you wer
On 9/30/2010 3:32 PM, Jack Carrozzo wrote:
When was the last time you ran into a younger neteng designing his topology
who went "Yes! IS-IS!"? It works fine (very well in fact) but it's just less
used.
Which makes no sense to me. I originally looked at both and thought OSPF
to be inferior to I
Has anyone had any luck lately getting dry pairs from AT&T? I'm in the
Chicago area attempting to get a dry pair between two buildings (100ft
apart) for some equipment, but when speaking to several folks at AT&T the
response I get is "You want AT&T service without the service? That's not
logical!".
Maybe I WAY under-read the initial poster's question, but I was pretty
sure he wasn't talking about running it as a CORE routing protocol or
anything on the middle of their network where MPLS would be expected on
top of it!
If I missed it and he did intend that, then I'd certainly agree with you
>
> I was just curious - why would IS-IS be more die-hard than OSPF or iBGP?
>
It's like running apps on Solaris and Oracle these days instead of Linux
and MySQL. Both options work if you know what you're doing, but it's way
easier (and cheaper) to hire admins for the latter.
When was the last t
> Seriously though, I can't think of a topology I've ever encountered where RIP
> would have made more sense than OSPF or BGP, or if you're really die-hard,
> IS-IS. Let it die...
I was just curious - why would IS-IS be more die-hard than OSPF or iBGP?
Best Regards,
Nathan Eisenberg
Can someone from Frontier DSL (formally Verizon) please contact me off list?
It appears Frontier DSL customers (at least in Ohio) can't access websites that
we host. I have tried contacting the ISIS NOC, the Ohio NOC and the MCO and
they were unable to assist.
Or if there is anyone on the lis
Not sure if this is related but my Level 3 BGP peer went down at 3:33:57 GMT
for just over 6 hours. This was in the San Jose/Santa Clara area. Their
reason was an OSPF problem.
Zaid
On 9/30/10 10:39 AM, "Khurram Khan" wrote:
> Learn something new everyday, that's awesome. We've got several dat
Yes, clearly the next crowd of CCNAs will save the world. You know what they
say about giving CCNAs enable...
-Jack
On Thu, Sep 30, 2010 at 2:37 PM, Marshall Eubanks wrote:
>
> On Sep 30, 2010, at 12:43 PM, Jack Carrozzo wrote:
>
> > Dynamic routing is hard, let's go shopping.
> >
> > Seriously
On Sep 30, 2010, at 12:43 PM, Jack Carrozzo wrote:
> Dynamic routing is hard, let's go shopping.
>
> Seriously though, I can't think of a topology I've ever encountered where
> RIP would have made more sense than OSPF or BGP, or if you're really
> die-hard, IS-IS. Let it die...
But what about a
Sorry guys,
> Have you already joined the LISP Beta Network? All you need is a
> router that can run the LISP images (871, 1841, 2821, 7200 etc)
>
> It's completely open, and the guys behind
> lisp-supp...@external.cisco.com can hook you up for free,
The correct address is lisp-supp...@cisco.co
Can someone from Cogent responsible for security contact me? I'm seeing
some troubles that appear to originate within Cogent itself.
What I am seeing does not effect global BGP at all, it's some other
area. Thanks in advance ...
Learn something new everyday, that's awesome. We've got several data
centers between San Diego, Denver, Tulsa, Chicago, Washington DC. All
of the circuit's between those POP's , and all are L3, just dropped
traffic.
On Thu, Sep 30, 2010 at 11:35 AM, James Smith
wrote:
> None Down here in Canada
>
Hello All,
This is my first time writing to this list and wanted to check if
anyone experienced issues with L3 circuits between 12:50 ET and 13:05
ET. All our core backbone circuits re-converged and we saw a
significant drop in traffic.
Regards,
Khurram
> -Original Message-
> From: Jack Carrozzo
> Sent: Thursday, September 30, 2010 9:44 AM
> To: John Kristoff
> Cc: nanog@nanog.org
> Subject: Re: RIP Justification
>
> Dynamic routing is hard, let's go shopping.
>
> Seriously though, I can't think of a topology I've ever encountered
> wh
RIP cannot also be used for traffic engineering; so if you want MPLS
then you MUST use either OSPF or ISIS. RIP, like any other distance
vector protocol, converges extremely slowly - so if you want faster
convergence then you have to use one of ISIS or OSPF.
Glen
Hi,
I received 12 responses for the query that i had put up.
o 1 response stated that the provider was using IS-IS for IPv6 and not
using any authentication.
o 7 responses where OSPFv3 was being used without any authentication.
o 2 responses where OSPFv3 is being used with authentication
o 2 resp
Dynamic routing is hard, let's go shopping.
Seriously though, I can't think of a topology I've ever encountered where
RIP would have made more sense than OSPF or BGP, or if you're really
die-hard, IS-IS. Let it die...
My $0.02,
-Jack
On Thu, Sep 30, 2010 at 11:53 AM, John Kristoff wrote:
> On
On Thu, 2010-09-30 at 07:01 -0700, Leo Bicknell wrote:
> I have suggested more than a few times to vendors that the command:
>
> show bgp ipv4 unicast 100.10.0.0/16 why-chosen
>
> Would be insanely useful.
+1 for that, in a similar manner to packet-tracer on ASAs.
Peter
On Wed, 29 Sep 2010 13:20:48 -0700
Jesse Loggins wrote:
> OSPF. It seems that many Network Engineers consider RIP an old
> antiquated protocol that should be thrown in back of a closet "never
> to be seen or heard from again". Some even preferred using a more
> complex protocol like OSPF instead
Dear Cameron & everybody,
On Wed, Sep 29, 2010 at 8:32 PM, Job W. J. Snijders wrote:
>>> The fact that LISP does help in IPv6 Transition solutions (due to its
>>> inherent AF agnostic design), is compelling. As you say, real end 2 end is
>>> the goal - and LISP helps here, regardless of the AF.
On Thu, Sep 30, 2010 at 3:38 AM, Mark Smith
wrote:
> On Thu, 30 Sep 2010 01:15:45 -0500
> William McCall wrote:
>
>> On Wed, Sep 29, 2010 at 7:31 PM, Christopher Gatlin
>> wrote:
>> > Using BGP to exchange routes between these types of untrusted networks is
>> > like using a sledgehammer to crac
In a message written on Thu, Sep 30, 2010 at 10:49:17AM +0100, Heath Jones
wrote:
> Is there an easy way to see which iBGP routes are not being selected
> due to next-hop not being in IGP?
I have suggested more than a few times to vendors that the command:
show bgp ipv4 unicast 100.10.0.0/16 why
On 9/30/2010 8:46 AM, Owen DeLong wrote:
I have no NAT whatsoever in my home network. RIP is not at all useful in my
scenario.
I have multiple routers in my home network. They use a combination of BGP and
OSPFv3.
Except you must configure those things. The average home user cannot.
If you
On 9/30/10 12:57 AM, Mark Smith wrote:
On Thu, 30 Sep 2010 14:13:11 +1000
Julien Goodwin [1] wrote:
On 30/09/10 13:42, Mark Smith wrote:
One of the large delays you see in OSPF is election of the designated
router on multi-access links such as ethernets. As ethernet is being
very commonly us
One would assume you aren't doing this for nostalgic reasons. At least
I would hope that!
Like anything, if you decide to vary outside the 'accepted norms', then
have a reason for it! Understand your technology, understand your
topology (re: before about RIP not needing peered neighbors wherea
On Sep 30, 2010, at 6:27 AM, Jack Bates wrote:
> On 9/29/2010 3:20 PM, Jesse Loggins wrote:
>> What are your views of when and
>> where the RIP protocol is useful?
>
> Home networks when dual NAT isn't being used. It's also the perfect protocol
> for v6 on home networks where multiple home rout
On 9/29/2010 3:20 PM, Jesse Loggins wrote:
What are your views of when and
where the RIP protocol is useful?
Home networks when dual NAT isn't being used. It's also the perfect
protocol for v6 on home networks where multiple home routers might be
connected in a variety of ways.
Shocked I di
Cheers Jeff.
I thought i'd give that a go, but it doesnt seem to be working for some reason!
(This is without next-hop in IGP)
AS5000_LA#show ip bgp
BGP table version is 3, local router ID is 10.0.0.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r
Yes, I believe the command is "show ip bgp rib-failure". This shows routes that
are in the BGP table, theoretically eligible to be used as actual
traffic-forwarding routes, but are failing to be inserted into the Routing
Information Base (RIB) for one reason or another. I don't have a lab router
Hi all,
Is there an easy way to see which iBGP routes are not being selected
due to next-hop not being in IGP?
Before and after IGP route added shown below, note both are marked as valid..
-- BEFORE IGP--
AS5000_LA#show ip bgp
BGP table version is 5, local router ID is 10.0.0.5
Status codes: s s
> I think BGP is better for that job, ultimately because it was
> specifically designed for that job, but also because it's now
> available
> in commodity routers for commodity prices e.g. Cisco 800 series.
+1 - for me, if I need a dynamic routing protocol between trust /
administrative domains,
On Thu, 30 Sep 2010 01:15:45 -0500
William McCall wrote:
> On Wed, Sep 29, 2010 at 7:31 PM, Christopher Gatlin
> wrote:
> > Using BGP to exchange routes between these types of untrusted networks is
> > like using a sledgehammer to crack a nut. BGP was designed for unique AS's
> > to peer in lar
65 matches
Mail list logo
