Re: sFlow vs netFlow/IPFIX

2016-02-29 Thread Pavel Odintsov
Yep, Broadcom doing thing right way! :) But unfortunately they (Cisco Nexus) are pretty expensive and fairly new for DC and ISP market. It's pretty rare to find big company with switching backbone on Nexus switches. But I like this direction of switch silicom unification :) Focus moved from "netw

Re: Duplex negotiation over 100Base fibre

2016-02-29 Thread Nitin Mehrotra
>From all my observations, if both ends are 100Base-LX (or BX or T) and are set >to auto-negotiate then they will negotiate to full-duplex. If one end is >manually configured for full duplex and the other end is configured as auto >then that end _may_ end up as half-duplex. This is particularly

Re: sFlow vs netFlow/IPFIX

2016-02-29 Thread Nikolay Shopik
Cisco Nexus switches support sflow, since they are broadcom based. On 29/02/16 10:26, Pavel Odintsov wrote: > Cisco do not support this protocol at all (that's pretty weird, > really).

Re: Media converter vendors - GFP/EoSDH

2016-02-29 Thread Pete Mitcheltree
products in URL below may be of interest to you. http://www.overturenetworks.com/products/overture-networks-carrier-ethernet-products/overture-1400/ --pete On 2/28/2016 10:47 PM, Ramy Hashish wrote: Hello Mark, Do you know anything about their MEF compliance? which of them is capable of worki

AT&T blocking our IPs - need assistance

2016-02-29 Thread Blocked IPs
The ISP I work for has a large block of IPs (randomly distributed) being blocked by AT&T so that mutual customers cannot log into online portals like att.net and directv.com. The common nodes of failure are cprodmasx.att.net and cprodx.att.com. We have had no luck getting through to higher tiers f

Re: MetroE and Telephone Taxes

2016-02-29 Thread Jared Mauch
> On Feb 29, 2016, at 7:20 PM, Sam Norris wrote: > > Hey all, > > My provider here in SoCal is charging me 8% or so telephone taxes on our > MetroE > products. This seems fishy to me and I can't find any cut and dry rules about > private Ethernet / MetroE being under these rules. The same pr

MetroE and Telephone Taxes

2016-02-29 Thread Sam Norris
Hey all, My provider here in SoCal is charging me 8% or so telephone taxes on our MetroE products. This seems fishy to me and I can't find any cut and dry rules about private Ethernet / MetroE being under these rules. The same provider selling internet / DIA has no taxes whatsoever. Anyone out

Re: google search threshold

2016-02-29 Thread Constantine A. Murenin
On 29 February 2016 at 08:53, Paul S. wrote: > DO's SG range is allocated out of a single /64 (I think?) and Google > basically asks for captcha on every single request over IPv6. :( The solution is to not signup with providers that have no respect for RFCs and BCPs. Proper VPS providers have no

Re: sFlow vs netFlow/IPFIX

2016-02-29 Thread Saku Ytti
On 29 February 2016 at 17:40, Phil Bedard wrote: > It would be interesting to get some data from vendors on what the actual > limitation is. I know with some new platforms like the NCS 55XX from Cisco > (BRCM Jericho) it has limited space for counters, but I don’t know if that > contributes to

Re: Duplex negotiation over 100Base fibre

2016-02-29 Thread Jared Mauch
> On Feb 29, 2016, at 11:07 AM, Jason Lixfeld wrote: > > Hello, > > My understanding is that for 1G and 10G optical networks, there is no concept > of half-duplex mode, but I’m unclear about half duplex in the 100M optical > world. Specifically, if I connect two 100Base-LX (or BX) transceive

Google APIs Rate Limit - Was: Re: google search threshold

2016-02-29 Thread Alejandro Acosta
Hello, Something similar to this topic. The other day working with Google APIs (geolocation [1] ) I thought that in order to promote a little bit IPv6, Google (and others) might do something like: Google Maps Geocoding API Usage Limits With IPv4: 2,500 free requests per day (from IPv4 clien

Re: google search threshold

2016-02-29 Thread Paul S.
DO's SG range is allocated out of a single /64 (I think?) and Google basically asks for captcha on every single request over IPv6. :( We're using it as a corporate vpn. On 3/1/2016 01:49 AM, Keenan Tims wrote: FWIW I have seen the captchas more often on IPv6 both from home and the office than

Re: google search threshold

2016-02-29 Thread Keenan Tims
FWIW I have seen the captchas more often on IPv6 both from home and the office than when both networks were using a single shared IPv4; not sure if this is just related to chronology or a real effect. Once a month or so I seem to get them for a couple of days, then they go away. No idea what's

Duplex negotiation over 100Base fibre

2016-02-29 Thread Jason Lixfeld
Hello, My understanding is that for 1G and 10G optical networks, there is no concept of half-duplex mode, but I’m unclear about half duplex in the 100M optical world. Specifically, if I connect two 100Base-LX (or BX) transceivers together, is there a requirement for the controller(s on either

Re: google search threshold

2016-02-29 Thread Philip Lavine via NANOG
I have about 2000 users behind a single NAT. I have been looking at netflow, URL filter logs, IDS logs, etc. The traffic seems to be legit. I am going to move more users to IPv6 and divide some of the subnets into different NATS and see if that alleviates the traffic load. Thanks for the advice

2nd call for presentations RIPE 72

2016-02-29 Thread Benno Overeinder
Dear colleagues, Please note the approaching deadline of 13 March 2016 for RIPE 72 plenary programme submissions. You can find the CFP for RIPE 72 below or at https://ripe72.ripe.net/submit-topic/cfp/, for your proposals for plenary session presentations, tutorials, workshops, BoFs (Birds of a Fe

Re: sFlow vs netFlow/IPFIX

2016-02-29 Thread Phil Bedard
-Original Message- From: NANOG on behalf of Saku Ytti Date: Monday, February 29, 2016 at 08:31 To: Nick Hilliard Cc: nanog list Subject: Re: sFlow vs netFlow/IPFIX >On 29 February 2016 at 15:05, Nick Hilliard wrote: > >> depends on what you define by "cheap". Netflow requires separ

Re: mrtg alternative - librenms

2016-02-29 Thread B
An alternative to Observium is LibreNMS, with a more liberal license/community. Cheers, B On Sat, Feb 27, 2016 at 12:18:16AM +0100, Baldur Norddahl wrote: > Hi > > I am currently using MRTG and RRD to make traffic graphs. I am searching > for more modern alternatives that allows the user to dyna

Re: Observium

2016-02-29 Thread Job Snijders
On Mon, Feb 29, 2016 at 08:07:40PM +0530, sathish kumar Ippani wrote: > This is off topic, i am posting request as i need some help in > configuring obsrvium for RANCID and traffic polling. This is indeed the wrong mailing-list. Please direct your questions to http://observium.org/docs/mailinglis

Observium

2016-02-29 Thread sathish kumar Ippani
Hello Everyone, This is off topic, i am posting request as i need some help in configuring obsrvium for RANCID and traffic polling. for traffic polling I am seeing white space in the graph as shown in the below. [image: Inline image 1] Rancid. Device back up are fine for few devices (daily

Re: sFlow vs netFlow/IPFIX

2016-02-29 Thread Saku Ytti
On 29 February 2016 at 15:05, Nick Hilliard wrote: > depends on what you define by "cheap". Netflow requires separate packet > forwarding lookup and ACL handling silicon. That's not inherently so, it depends how specialised your hardware is. If it's very specialised like implementing just LPM,

Re: sFlow vs netFlow/IPFIX

2016-02-29 Thread Nick Hilliard
Pavel Odintsov wrote: > From hardware point of view almost all brand new switches support > sflow free of charge (no additional licenses or modules). But be > aware, Cisco do not support this protocol at all (that's pretty weird, > really). sflow is supported on the Nexus 3k range, but it's availa

Re: sFlow vs netFlow/IPFIX

2016-02-29 Thread Nick Hilliard
Roland Dobbins wrote: > Inconsistent stats, lack of ifindex information. I've not yet come across an sflow implementation which didn't fill out the ifindex field. No doubt they exist. Not sure what you mean by "inconsistent stats". Nick

Re: sFlow vs netFlow/IPFIX

2016-02-29 Thread Nick Hilliard
Saku Ytti wrote: > I cannot see why not, it's cheap. You're doing 1-2 LPM on the packet, > QoS lookup, ACL lookup, incrementing various counters, etc., adding > one hash lookup and two counters is not going to be relevant cost to > the lookup time. depends on what you define by "cheap". Netflow r

Re: sFlow vs netFlow/IPFIX

2016-02-29 Thread Pavel Odintsov
Thanks! Very interesting. Will dig into details :) On Mon, Feb 29, 2016 at 3:55 PM, Edward Dore wrote: > >> On 29 Feb 2016, at 12:37, Pavel Odintsov wrote: >> >> Hello! >> >> Nice information. Very interesting architecture. They are using L3 on >> IX? How big Juniper Lan in comparison with Extre

Re: sFlow vs netFlow/IPFIX

2016-02-29 Thread Edward Dore
> On 29 Feb 2016, at 12:37, Pavel Odintsov wrote: > > Hello! > > Nice information. Very interesting architecture. They are using L3 on > IX? How big Juniper Lan in comparison with Extreme lan? Hi Pavel, The Juniper LAN is VPLS and the Extreme LAN is standard layer 2 with EAPS instead of *STP

Re: sFlow vs netFlow/IPFIX

2016-02-29 Thread Saku Ytti
On 29 February 2016 at 14:17, wrote: > A relevant question might be if the Trio hardware can do 1:1 while > handling multiple ports of line rate DDoS traffic consisting of small > packets with different port numbers (i.e. high pps traffic resulting > in basically 1 flow per packet). No, I don't

Re: sFlow vs netFlow/IPFIX

2016-02-29 Thread Pavel Odintsov
Hello! Nice information. Very interesting architecture. They are using L3 on IX? How big Juniper Lan in comparison with Extreme lan? On Mon, Feb 29, 2016 at 3:16 PM, Edward Dore wrote: > >> On 29 Feb 2016, at 09:59, Pavel Odintsov wrote: >> >> For example, at huge Internet Exchanges you actua

Re: sFlow vs netFlow/IPFIX

2016-02-29 Thread sthaug
> > That's interesting, given that most larger routers don't support 1:1. > > I find that strange, because if you're doing in in HW, doing hash > lookup for flow and adding packets and bytes to the counter is cheap. > It's expensive having lot of those flows, but incrementing their > packet and by

Re: sFlow vs netFlow/IPFIX

2016-02-29 Thread Edward Dore
> On 29 Feb 2016, at 09:59, Pavel Odintsov wrote: > > For example, at huge Internet Exchanges you actually haven't any > netflow enabled devices (just check design architecures from AMX-IX, > DEC-IX, LINX or even MSK-IX). LINX use IPFIX (which is derived from NetFlow) for the Juniper LAN. The

Re: sFlow vs netFlow/IPFIX

2016-02-29 Thread Saku Ytti
On 28 February 2016 at 22:06, Todd Crane wrote: > This maybe outside the scope of this list but I was wondering if anybody had > advice or lessons learned on the whole sFlow vs netFlow debate. We are > looking at using it for billing and influencing our sdn flows. It seems like > everything I h

Re: sFlow vs netFlow/IPFIX

2016-02-29 Thread Saku Ytti
On 29 February 2016 at 04:24, Roland Dobbins wrote: >> Around here they are currently voting on a law that will require unsampled >> 1:1 netflow on all data in an ISP network with more than 100 users. > > That's interesting, given that most larger routers don't support 1:1. I find that strange, b

Re: sFlow vs netFlow/IPFIX

2016-02-29 Thread Roland Dobbins
On 29 Feb 2016, at 16:59, Pavel Odintsov wrote: I have only one question. Why you against sFLOW protocol telemetry with so huge passion ? :) Because I've had very poor experiences with it. And it doesn't seem to scale very well. Actually, sflow is not so popular as netflow. But to be hone

Re: sFlow vs netFlow/IPFIX

2016-02-29 Thread Pavel Odintsov
Thanks for detailed question! I have only one question. Why you against sFLOW protocol telemetry with so huge passion ? :) It's not proprietary technology and not an product from yet another big company. I'm not trying to sell anything because... nothing to sell. Really, isn't it? It's just yet

Re: sFlow vs netFlow/IPFIX

2016-02-29 Thread Roland Dobbins
On 29 Feb 2016, at 15:53, Pavel Odintsov wrote: It's not about default. It's about minimal possible. To my knowledge, there has never been a Cisco router which only allowed an active flow timer value of 180s, which wasn't user-configurable. I would appreciate the details of any such router.

Re: sFlow vs netFlow/IPFIX

2016-02-29 Thread Pavel Odintsov
Thanks for explained answer! But actually it's mistake to think I haven't real field experience just because I'm developer. In world of big companies nobody could do ops and development. But I'm trying to keep close to both worlds. And could conclude it's definitely possible. It's definitely poss

Re: sFlow vs netFlow/IPFIX

2016-02-29 Thread Roland Dobbins
On 29 Feb 2016, at 15:12, Pavel Odintsov wrote: Looks like you haven't so much field experience with sflow. I could help and offer some real field experience below. I've already recounted my real-world operational experience with NetFlow. I have my own netflow collector implementation for n

Re: sFlow vs netFlow/IPFIX

2016-02-29 Thread Pavel Odintsov
What you mean as lack of ifindex in sflow? I could offer example sflow v5 sample structure description (it's from my C++ based sflow parser but actually it's pretty simple to understand): uint32_t sample_sequence_number; // sample sequence number uint32_t source_id_type; /