RE: NPE-G2 vs. Sup720-3BXL

2009-05-15 Thread Leland E. Vandervort
We're running several six 65xx Sup720-3BXL with 3 full transit views and some 40-odd peers. We use two NPE-G1s for reflectors and some policy manipulation. Also running MPLS in the core to allow for traffic engineering and EoMPLS between certain services located in different locations. We're pu

Re: delays to google

2009-05-14 Thread Leland E. Vandervort
Works fine for me... all google services up and okay here (Paris). traceroute to googlemail.l.google.com (209.85.137.83), 30 hops max, 40 byte packets 1 fe0-0.gw1.discpro.org (217.70.182.177) 1.644 ms 1.518 ms 1.420 ms 2 gandi-discpro.gdist1-d.gandi.net (217.70.176.82) 0.887 ms 0.701 ms

Re: SIP - perhaps botnet? anyone else seeing this?

2009-04-15 Thread Leland E. Vandervort
but new to me that these scans are > related to someone or some group looking to find devices with these > ports open in an effort to attach to them through SIP and hopefully > exploit if attached to PRI's or PSTN for toll fraud. > > I really do learn something new everyday, so

Re: SIP - perhaps botnet? anyone else seeing this?

2009-04-10 Thread Leland E. Vandervort
On Fri, 10 Apr 2009, Roland Dobbins wrote: > > IANAL, but I suggest you check again with your legal department - I > doubt this is actually the case (your jurisdiction may vary, but in > most Western nations, you can grab packets for diagnostic/ > troubleshooting/forensics purposes). Already d

Re: SIP - perhaps botnet? anyone else seeing this?

2009-04-10 Thread Leland E. Vandervort
r if it's simply a handful of bozos making life "fun" for the rest of us ;) Thanks Leland On Fri, 10 Apr 2009, Roland Dobbins wrote: > > On Apr 10, 2009, at 4:45 PM, Leland E. Vandervort wrote: > > > UDP SIP Control traffic in our netflow data. > > Have you gra

SIP - perhaps botnet? anyone else seeing this?

2009-04-10 Thread Leland E. Vandervort
Hi All, Over the past couple of days we have been seeing an exponential increase (about 200-fold) in the amount of UDP SIP Control traffic in our netflow data. The past 24 hours, for example, has shown a total of nearly 300 GB of this traffic incoming and over 400 GB outgoing -- this despite the

Re: anyone else seeing very long AS paths?

2009-02-17 Thread Leland E. Vandervort
On Tue, 17 Feb 2009, Mike Lewinski wrote: > German Martinez wrote: > bgp max-as will NOT protect you from this exploit (but if you are not > vulnerable it should prevent you from propogating it). > I can confirm this statement... (unfortunately) L.

RE: anyone else seeing very long AS paths?

2009-02-16 Thread Leland E. Vandervort
h, and our maxas-limit settings did trigger and reject these. > > On Mon, 16 Feb 2009, Leland E. Vandervort wrote: > > > > > bgp maxas-limit has a default value of 75 if you don't include it > > explicitly in the config so in this case it wouldn't ha

RE: anyone else seeing very long AS paths?

2009-02-16 Thread Leland E. Vandervort
bgp maxas-limit has a default value of 75 if you don't include it explicitly in the config so in this case it wouldn't have made much of a difference. L. On Mon, 16 Feb 2009, Jon Lewis wrote: > On Mon, 16 Feb 2009, John van Oppen wrote: > > > Yep we saw the same, every customer with old IOS ha