Re: Open source Netflow analysis for monitoring AS-to-AS traffic

Without much information, I think this is more likely that you are running out of disk space. On 2024-06-05 23:15, Javier Gutierrez wrote: Hi everyone, I've been trying to get Akvorado to work on my environmnet but I keep getting the flows to stop collecting, it seems like the issue is related

Re: Open source Netflow analysis for monitoring AS-to-AS traffic

On 2024-03-27 09:09, Marinos Dimolianis wrote: My only "concern" was that it did not provide an API for consuming data externally. This is very high on my todo list, notably because I don't want to reimplement Grafana. The API already exists (the current web interface uses it) but it is not "

Re: BGP hijack?

n our side; please reach out to us should you see anything proving otherwise. We deeply apologize for that and we can confirm it was not a BGP hijack attempt. Wishing you a very pleasant day. Vincent F. for Milkywan Team Le 2023-10-22 19:02, Olivier Benghozi a écrit : Same stuff (with our A

Re: Akvorado Resource Requirements

On 2023-03-24 15:01, Graham Johnston via NANOG wrote: For anyone running Akvorado, can you please comment on resource requirements. I'm most concerned with CPU and memory, with the assumption that resources are somewhat linear to flow rate, but also curious about disk usage secondarily. A VM

Re: rsync CVE-2022-29154 and RPKI Validation

On 2022-09-09 19:36, Matt Corallo wrote: The attacker is still limited to the target directory. The attacker can send files that were excluded or not requested, but they still end up in the target directory. RPKI validators download stuff in a dedicated download directory Ah, okay, thanks, i

Re: rsync CVE-2022-29154 and RPKI Validation

On 2022-09-09 04:56, Matt Corallo wrote: Has anyone done an analysis of the rsync CVE-2022-29154 (which "allows malicious remote servers to write arbitrary files inside the directories of connecting peers") and its potential impact on RPKI validators? It looks like both Debian [1] and Ubuntu [2

Re: dump of NOS config examples

Here are some real word configurations: https://github.com/jerikan-network/cmdb/tree/generated-public/output (including IOS, JunOS and IOS-XR, but no NX-OS). On 2022-08-20 18:25, guardian.wheel9...@fastmail.com wrote: Hi, I am looking for a large dump of example, real but scrubbed, whatever,

Re: 40G QSFP+ to 4 SFP+ on MX960

❦ 25 February 2022 00:46 +03, Paschal Masha: > Has anyone managed to get the 40G QSFP+ to 4 SFP+ breakout cable to work on > the 2X40GE QSFPP Juniper MICs? > > Which commands did you use to channelize the port under the "chassis > fpc" mode to get it to channelize to 4x10g at least for one 40G

Re: SRv6 Capable NOS and Devices

❦ 11 January 2022 09:16 -06, Colton Conor: > I know the SRv6 is a fairly new technology. I am wondering which > vendors and network operating systems fully support SRv6 today? Has > anyone deployed this new technology? Cisco on NCS devices have full support of SRv6 F1 (End, End.X, End.T, End.DX4

Re: ROA mirror to IRR?

❦ 26 October 2021 10:17 -10, Shawn: > Curious if any IRR databases are mirroring/importing ROA data - creating > route|6 objects from ROA? This is a feature of IRRd 4: https://irrd.readthedocs.io/en/stable/admins/rpki/ > IRR questions: > How do most large networks maintain (automate) their IRR

Re: Juniper hardware recommendation

In addition to the QSA, note that 40G LR optics are using CWDM. You can therefore get 1270, 1290, 1310 and 1330 out of the optic. Not the favorites channels, but if that's OK for you, configure it as a 4x10G on the Juniper side. -- Make it clear before you make it faster. - The Element

Re: Juniper hardware recommendation

❦ 7 mai 2021 21:14 GMT, Adam Thompson: > * Skip the MX 2k/10k series – they don’t support SFP+ interfaces! > (“No 10G WDM for you!”) Also no 1G, you need a separate step-down > switch for that. I don’t know what SP Juniper thinks they’re targeting > with these. The 10k can take 10G SFP+ using

Re: Trident3 vs Jericho2

❦ 9 avril 2021 17:20 +03, Saku Ytti: > If we'd change TCP sender to bandwidth estimation, and newly created window > space would be serialised at estimated receiver rate then we would need > dramatically less buffers. However this less aggressive TCP algorithm would > be outcompeted by new reno

Re: Linux router network cards

❦ 24 octobre 2020 09:55 -06, Keith Medcalf: > And do not use an Intel CPU. > > Intel only has 4x PCIe lanes that are shared out into whatever > configuration they claim to have and are totally unsuitable for use in > a computer that actually has to be able to do high-speed I/O. That's likely t

Re: Gaming Consoles and IPv4

❦ 30 septembre 2020 09:45 -07, Owen DeLong: > Games want to go peer-to-peer. Not sure about that. To avoid cheaters, multiplayer games are likely to be mediated by a server running the same game engine to manage state of each player. -- Noise proves nothing. Often a hen who has merely laid an

Re: AS16509 Peering Contact

❦ 18 septembre 2020 21:03 +03, Paschal Masha: > Any Techie from AS16509 (Amazon) in here that can help with a peering > request for Denver and LA Any2 IXs that was sent to peering@amazon for days > now without a response :) It takes some time to get an answer from Amazon, but they eventually ans

Re: [outages] Major Level3 (CenturyLink) Issues

❦ 2 septembre 2020 16:35 +03, Saku Ytti: >> I am not buying it. No normal implementation of BGP stays online, >> replying to heart beat and accepting updates from ebgp peers, yet >> after 5 hours failed to process withdrawal from customers. > > I can imagine writing BGP implementation like this

Re: [outages] Major Level3 (CenturyLink) Issues

❦ 2 septembre 2020 10:15 +03, Saku Ytti: > RFC7313 might show us way to reduce amount of useless work. You might > want to add signal that initial convergence is done, you might want to > add signal that no installation or best path algo happens until all > route are loaded, this would massively

Re: RPKI for dummies

7;s to stop any other AS other then mine from advertising my IP space. Is that correct? How is verification done? They connect to the RIR and verify that there is a cert signed by the RIR for my range? On Thu, Aug 20, 2020 at 9:51 AM Fabien VINCENT (NaNOG) via NANOG wrote: Hi, In fact, RP

Re: RPKI for dummies

er to their network to impersonate me, make it look like I am peering with them and then they re-advertise the path to Large ISP? Again sorry for the n00b question, I am trying to make sense of how it works. TIA. Dovid -- Fabien VINCENT _@beufanet_

Re: RFC 5549 - IPv4 Routes with IPv6 next-hop - Does it really exists?

❦ 29 juillet 2020 12:13 +03, Saku Ytti: >> This is the solution Cumulus is advocating to its users, so I suppose >> they have some real users behind that. Juniper also supports RFC 5549 >> but, from the documentation, the forwarding part is done using >> lightweight tunnels. > > I'm not sure if y

Re: RFC 5549 - IPv4 Routes with IPv6 next-hop - Does it really exists?

Hello, This is implemented in FRR and will also be available in BIRD 2.0.8. Linux accepts IPv6 next-hop for IPv4 natively since 5.3 (no tunnels). This is the solution Cumulus is advocating to its users, so I suppose they have some real users behind that. Juniper also supports RFC 5549 but, from th

NANOG 80 Call For Presentations

erence. We look forward to seeing you at NANOG 80. Sincerely, Vincent Celindro - PC Chair On behalf of the NANOG Program Committee

NANOG 79 - Lightning Talks submissions extended to 5/31

been selected on Monday June 1st. If you have any questions please contact nano...@nanog.org. Come share your ideas and insights. Thank You, Vincent Celindro NANOG - Program Committee Chair

NANOG 79 Lightning Talks submissions are open!

ll be notified if you have been selected on Friday May 22nd. If you have any questions please contact nano...@nanog.org. Come share your ideas and insights. Thank You, Vincent Celindro NANOG - Program Committee Chair

Re: looking for operator validation for regexes that extract ASNs

❦ 11 mai 2020 20:03 +12, Matthew Luckie: > To support Internet topology analysis efforts, we have been working on > an algorithm to detect AS numbers inside hostnames (PTR records) for > router interfaces, and automatically build regular expressions > (regexes) to extract them. Hello Matthew, T

Re: Arista Switches rebooting

❦ 5 mai 2020 09:09 +03, Saku Ytti: >> We found a bug on the 64 port x 100gig model that if you insert a quad >> twinax 10gig fanout cable in many of the ports it will trigger a reboot.I > > I've seen a similar issue in another vendor, where specific SFP > inserted would reload the linecard. This

Present Virtually at NANOG 79 - CFP Extended to May 7th

We look forward to reading your proposals, and connecting online this June! Sincerely, Vincent Celindro NANOG - Program Committee Chair on behalf of the NANOG PC

Re: "Is BGP safe yet?" test

❦ 22 avril 2020 12:51 -04, Andrey Kostin: > BTW, has anybody yet thought/looked into extending RPKI-RTR protocol > for validation of prefixes received from peer-as to make ingress > filtering more dynamic and move away prefix filters from the routers? It could be used as is if the client impleme

Reminder - NANOG 79 Call For Presentations - Remote Participation

nes/> Key Dates Thanks, Vincent Celindro NANOG - Program Committee Chair

NANOG 79 Call For Presentations

Vincent Celindro Thu, Nov 21, 2019, 5:57 PM to NANOG-announce, nanog Dear NANOG Community, In NANOG tradition - The NANOG Program Committee (PC) is excited to announce that we are accepting proposals for all sessions at NANOG 79 in Boston, Massachusetts, June 1st - 3rd, 2020. As mentioned

NANOG 78 call for presentations is open

the completion of the conference. We look forward to seeing you in February in San Francisco, California! Sincerely, Vincent Celindro - PC Chair On behalf of the NANOG Program Committee

Re: FRR as Route-Reflector & Scaling stats

❦ 15 novembre 2019 09:33 +00, ERCIN TORUN : > Generally chipset is what limits the scale (e.g. trident2 is 128k ipv4 > lpm https://docs.cumulusnetworks.com/cumulus-linux/Layer-3/Routing/ ). > If you disable "zebra" daemon, FRR works only in control-plane then > you would most likely have a limita

Re: Request comment: list of IPs to block outbound

❦ 14 octobre 2019 09:14 +03, Saku Ytti : >> I think you should seriously re-consider using rp_filter on a router. > > rp_filter is one of the most expensive features in modern routers, you > should only use it, if PPS performance is not important. If PPS > performance is important, ACL is much fa

Re: MAP-E

❦ 8 août 2019 16:18 -04, Lee Howard : > NAT64. IPv6-only to users. DNS resolver given in provisioning > information is a DNS64 server. When it does a lookup but there's no > , it invents one based on the A record (e.g., 2001:db8:64:: address>). The IPv6 prefix in the invented is actuall

Re: bgpview.io data source

PI and WebGui ? I saw in the past some difference due to some sort of WebCache -- FABIEN VINCENT _@beufanet_

Re: NTP for ASBRs?

❦ 8 mai 2019 09:56 +02, Lars Prehn : > do you NTP sync your AS boundary routers? If so, what are incentives > for doing so? Are there incentives, e.g. security considerations, not > to do it? Ensure you have a firewall rule in place to prevent people to use your router for NTP amplification. NT

Re: [EXTERNAL] Re: RTBH no_export

❦ 4 février 2019 09:01 +00, i3D.net - Martijn Schmidt : > Cogent does let you use RTBH, but on a separate BGP session to a > blackhole server. So it's a bit more hassle to set it up policy-wise, > because it deviates from the standard. Same story for "former > GlobalCrossing", now CenturyLink's

Re: YANG daemeon for Linux

❦ 27 juillet 2018 12:23 -0700, Karl Jørn  : > Looking for an agent on Linux that will render YANG models, so I can > provision networking on Linux. Maybe looking at this one: http://yuma123.org/wiki/index.php/Yuma_netconfd_Manual -- Make sure your code "does nothing" gracefully. -

Re: Time to add 2002::/16 to bogon filters?

Le 2018-07-09 18:10, valdis.kletni...@vt.edu a écrit : On Mon, 09 Jul 2018 15:21:31 +0200, "Fabien VINCENT (NaNOG)" said: I think it's still used a bit ? I see today announcements over the following OriginAS over more than 2000 peers. as1103SURFnet bv as1835Forsknings

Re: Time to add 2002::/16 to bogon filters?

tructure. Perhaps some of the 6to4 tunnel can be tuned to not use anycast prefixes ? -- FABIEN VINCENT _@beufanet_

Re: Juniper BGP Convergence Time

❦ 24 mai 2018 12:36 +0200, Olivier Benghozi  : > I wonder if this convergence time issue wouldn't be a typical mission for > «BGP PIC Edge for MPLS Layer 3 VPNs». > But it would be necessary to migrate the DFZ to a VPN MPLS (and > configure composite nexthop and BGP PIC / «Provider Edge Link > P

Re: Juniper BGP Convergence Time

Hey! This feature is already enabled on MX with MPC cards. -- Make it right before you make it faster. - The Elements of Programming Style (Kernighan & Plauger) ――― Original Message ――― From: Adam Kajtar Sent: 23 mai 2018 23:21 -0400 Subject: Re: Juniper BGP Convergence

Re: Open Souce Network Operating Systems

❦ 3 mai 2018 13:39 -0700, Andrey Khomyakov  : > 1st is Linux inherently doesn't program the hardware. So if you install > Ubuntu on some Quanta switch, you still need a way to program the ASIC. > Cumulus Linux is open source with the exception of switchd, which is what > they use to take network

Re: IPv4 and IPv6 hijacking by AS 6

❦ 12 avril 2018 13:51 -0500, Matt Harris  : >> Have you tried their IRR entries? Bull appears to redirect to Atos now >> (site-wise). >> >> notify: ed.gie...@atos.net >> notify: charlie.mol...@atos.net >> changed:christophe.fra...@atos.net 20180117 #18:47:40Z >> > > I'm now in touch

Re: BCP 38 addendum

CL. Yeah agreee, but not usable and programmable regarding huge upstreams values (over 100, I know hw even for smaller values that will say "my ASIC is limited man"). On 6 March 2018 at 23:16, Fabien VINCENT (NaNOG) wrote: Le 2018-03-06 19:39, Barry Greene a écrit : On Mar 2

Re: BCP 38 addendum

Le 2018-03-06 19:39, Barry Greene a écrit : >> On Mar 2, 2018, at 1:53 PM, Fabien VINCENT (NaNOG) >> wrote: >> Hope one day the 3rd mode of uRPF will be something else than a plan ... >> uRPF is not very usefull when multi homed. And as far as I know, multi >> ho

Re: Peering with abusers...good or bad?

rk peering is done with at least 2 peers which have sometimes the same problem without any direct responsibility. -- FABIEN VINCENT _@beufanet_

Re: BCP 38 addendum

kes the memcached UDP protocol a fine example of double trouble with potential for severe operational impact. Kind regards, Job Hope one day the 3rd mode of uRPF will be something else than a plan ... uRPF is not very usefull when multi homed. And as far as I know, multi homed networks are increasing as fast as PNI development ;) -- FABIEN VINCENT _@beufanet_

Re: MTU to CDN's

❦ 19 janvier 2018 08:07 -0600, Mike Hammett  : > Wouldn't those situations be causing issues now, given the likelihood > that someone with a less than 1,500 byte MTU is communicating with you > now? Those situations are causing issues now. If you have a MTU less than 1500 bytes, it is likely som

Re: MTU to CDN's

❦ 19 janvier 2018 08:53 +1000, George Michaelson  : > if I was an ISP (Im not) and a CDN came and said "we want to be inside > you" (ewww) why wouldn't I say "sure: lets jumbo" Most traffic would be with clients limited to at most 1500 bytes. -- Its name is Public Opinion. It is held in revere

Re: MTU to CDN's

❦ 8 janvier 2018 15:08 -0800, joel jaeggli  : >> N00b here trying to understand why certain CDN's such as Cloudfare have >> issues where my MTU is low. For instance if I am using pptp and the MTU is >> at 1300 it wont work. If I increase to 1478 it may or may not work. > PMTUD has a lot of troub

Re: Carrier IRR Update Frequency

❦ 1 janvier 2018 10:17 -0600, Mike Hammett  : > Any idea how often Cogent, XO, and Level 3 update their prefix filters > from the IRRDBs? I got a recent answer from Cogent support stating they don't use IRR (at least for their customers). -- Consider well the proportions of things. It is bet

Re: WiFi - login page redirection not working

❦ 1 décembre 2017 15:02 +0300, Nikolay Shopik  : >> DHCP and neighbor discovery can also provide the information of the >> login page: https://tools.ietf.org/html/rfc7710 > > I don't think it got support in any os. It's supported on Linux by Network Manager. -- All things that are, are with mo

Re: WiFi - login page redirection not working

❦ 30 novembre 2017 18:26 -0800, Owen DeLong  : >> SSL requests are. For example, Google cache's their 301 redirect >> from http://www.google.com to >> https://www.google.com which means clients >> that had access while that browser ps stays acti

Re: Templating/automating configuration

❦ 6 juin 2017 14:30 +0100, Oliver Elliott  : > I echo Ansible. I'm using it with NAPALM and jinja2 templates to push and > verify config on switches. Why not using the builtin ability of ansible for most vendors? (genuine question) http://docs.ansible.com/ansible/list_of_network_modules.html

Re: Russian diplomats lingering near fiber optic cables

On Thu, Jun 1, 2017 at 6:07 PM, Matt Palmer wrote: > I think regardless of what you appear to be interested in, hanging around a > beach with a big DSLR is likely to get you on one list or another. "Excuse me, sir! Can you direct us to the naval base in Alameda? It's where they keep the nuclear w

Re: Russian diplomats lingering near fiber optic cables

DO NOT ANCHOR OR DREDGE is a pretty good indicator. On Thu, Jun 1, 2017 at 11:05 AM, Jared Mauch wrote: > >> On Jun 1, 2017, at 2:02 PM, Sean Donelan wrote: >> >> >> There must be a perfectly logical explanation Yes, people in the >> industry know where the choke points are. But the choke

Re: SHA1 collisions proven possisble

❦ 23 février 2017 21:16 -0500, "Patrick W. Gilmore"  : > A couple things will make this slightly less useful for the attacker: > 1) How many people are not going to keep a copy? Once both docs are be > found to have the same hash, well, game over. But if a transaction is automated

Re: SHA1 collisions proven possisble

❦ 23 février 2017 19:28 -0500, Jon Lewis  : >>> cost! However this in no way invalidates SHA-1 or documents signed by >>> SHA-1. >> >> We negotiate a contract with terms favorable to you. You sign it (or more >> correctly, sign the SHA-1 hash of the document). >> >> I then take your signed copy,

Re: External BGP Controller for L3 Switch BGP routing

❦ 16 janvier 2017 14:08 +0200, Saku Ytti  : > I wonder if true whitelabel is possible, would some 'real' HW vendor, > of BRCM size, release HW docs openly? Then some integrator could start > selling the HW with BOM+10-20%, no support, no software at all. And > community could build the actual sof

Re: External BGP Controller for L3 Switch BGP routing

❦ 14 janvier 2017 05:24 GMT, Faisal Imtiaz  : > A while back there was a discussion on how to do optimized (dynamic) > BGP routing on a L3 switch which is only capable of handing a subset > of BGP Routing table. > > Someone has pointed out that there was a project to do just that, and > had poste

Re: BCP38 deployment [ was Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey ]

❦ 26 septembre 2016 09:14 CEST, valdis.kletni...@vt.edu : >> Linux: >> From /etc/sysctl.conf: >> >> # Uncomment the next two lines to enable Spoof protection (reverse-path=20 >> # filter) >> # Turn on Source Address Verification in all interfaces to >> # prevent some spoofing attacks >> net.ipv4.

Re: MTU

❦ 22 juillet 2016 14:01 CEST, Baldur Norddahl  : > Until now we have used the default of 1500 bytes. I now have a project were > we peer directly with another small ISP. However we need a backup so we > figured a GRE tunnel on a common IP transit carrier would work. We want to > avoid the trouble

Re: NIST NTP servers

GPS + a cesium or rubidium frequency standard is all you need. Too expensive? Then time isn't important to your organization.

Re: how to deal with port scan and brute force attack from AS 8075 ?

something else like a fast scan technique or OS > fingerprinting It's OS fingerprinting. Targeted attacks are far more productive. If I'm trying to get into an organization, I'd much rather be interested in Juniper ScreenOS than someone's personal *nix machine. Brandon Vincent

Cogent Communications

Does anyone have a NOC/SOC contact for Cogent? I found a improperly secured router on the Internet and I'd like to report it. Thank you, Brandon Vincent

Contact for AS701/Verizon

Dear List, If someone reads my email from Verizon/AS701, we are looking for an internal contact in order to check opportunities/facilities regarding transit/PNI. Thanks in advance for any help ;) Regards, Fabien VINCENT

Re: Outbound traffic from 208.89.136.0/22 going from L.A. to London?

We are seeing issues on our Savvis Internet connections in New York to users in London and Sweden. Not many details yet, just seeing slow and sporadic connectivity. --Vincent From: Todd Lyons To: NANOG list Date: 09/18/2014 05:21 AM Subject:Outbound traffic from

Re: [j-nsp] Viability of EX4300 in a primarily l3 environment?

❦ 6 août 2014 20:54 +0900, "Paul S."  : > Correct me if I'm wrong, but doesn't OSPF require the AFL license > anyway to be 'legitly' ran? OSPF does not need a feature license on those models (it is needed on EX2200). AFL is needed for BGP, IS-IS and MPLS. -- Use statement labels that mean some

Re: Upgrade Path Options from 6500 SUP720-3BXL for Edge Routing

❦ 30 juillet 2014 09:53 +0200, Mark Tinka  : > IOS XR on the CRS and ASR9000 is based on QNX, which suffers > from being only a 32-bit kernel. So even if the hardware > will ship with >4GB of RAM, the OS will only see 4GB (I have > 12GB in my CRS's and 8GB on my ASR9001's). What's the point

Re: What Should an Engineer Address when 'Selling' IPv6 to Executives?

TCP/IP Complete with government mandates, dual stacking, and RFP inclusion. Been there, done that, been burnt... Vincent Jones

AUTO : Vincent FERRAN-LACOME est absent(e). (retour 16/04/2012)

Je suis absent(e) du bureau jusqu'au 16/04/2012 Je suis absent pour le moment. En cas de nécessité, merci de transmettre vos messages à l'équipe CSIRT: cs...@bnpparibas.com +33 1 40 14 26 95 (office hours UTC +1/+2) -- I am currently out of office. If necessary, please forward your messages to

AUTO : Vincent FERRAN-LACOME est absent(e). (retour 06/03/2012)

Je suis absent(e) du bureau jusqu'au 06/03/2012 Je suis absent pour le moment. En cas de nécessité, merci de transmettre vos messages à l'équipe CSIRT: cs...@bnpparibas.com +33 1 40 14 26 95 (office hours UTC +1/+2) -- I am currently out of office. If necessary, please forward your messages to

Re: iCloud - Is it going to hurt access providers?

-- Hewlett Packard back when they were still a techie company and myself. As an independent consultant, I am marketing, so I can only blame myself if marketing does not consult engineering :-D Vince -- Vincent C. Jones Networking Unlimited, Inc. Phone: +1 201 568-7810 v.jo...@networkingunlimited.com

Re: SFP vs. SFP+

On 18/02/2011 03:04, Frank Bulk wrote: > Are there are any optics that plug into 10G ports but have a copper or > optical 1G interface? There's some equipment that I'm specing where it is > $10K for a multi-port 1G card, even while I really may only *occasionally* > need a single 1G port and there

Re: SFP vs. SFP+

On 18/02/2011 03:04, Frank Bulk wrote: > Are there are any optics that plug into 10G ports but have a copper or > optical 1G interface? There's some equipment that I'm specing where it is > $10K for a multi-port 1G card, even while I really may only *occasionally* > need a single 1G port and there

Re: ipv4's last graph

On 02/02/2011 17:22, Matthew Petach wrote: > On Wed, Feb 2, 2011 at 9:01 AM, Tony Hain wrote: >> So in the interest of 'second opinions never hurt', and I just can't get my >> head around "APnic sitting at 3 /8's, burning 2.3 /8's in the last 2 months >> and the idea of a 50% probability that thei

Re: IPv6 Space Management. Tracking, not Allocating

On 17/11/2010 17:22, chip wrote: > There's been lots of discussion on how we should allocate space to various > bits of the network. What I haven't yet seen is how people are tracking > these allocations. Is everyone using one of the two or three commercial > applications or some OSS solution or

RE: useful bgp example

iate setup for a realistic usage scenario. This is why we are all advising the OP to get some knowledgeable help. Vince -- Vincent C. Jones Networking Unlimited, Inc. Phone: +1 201 568-7810 v.jo...@networkingunlimited.com

Re: useful bgp example

r Internet facing router from where ever you are when on the road, you are at an unacceptable level of risk). Good luck and have fun! -- Vincent C. Jones Networking Unlimited, Inc. Phone: +1 201 568-7810 v.jo...@networkingunlimited.com DISCLAIMER: My business is built around helping my

Re: Securing the BGP or controlling it?

> this is a matter of risk analysis. No secure routing means we'll continue > to see the occasional high profile outage which is dealt with very quickly. Speaking from painful experience all kinds of variable can ensure that even when a problem is identified quickly and action taken expeditiousl

Re: APNIC Allocated 14/8, 223/8 today

On 14/04/2010 13:45, Dave Hart wrote: > On Wed, Apr 14, 2010 at 09:20 UTC, Nick Hilliard wrote: > >> On 14/04/2010 08:06, Srinivas Chendi wrote to SANOG: >> >>> 014/8 >>> 223/8 >>> >> Sunny, >> >> Please be careful about how you write this. "014" is formally an octal >> repr

Re: Consumer-grade dual-homed connectivity options?

e every few days while Cisco IOS routers would not clear the NAT table when a link failed soft and tended to stop testing a link once it failed, requiring manual recovery. Good luck and have fun! -- Vincent C Jones Networking Unlimited, Inc. www.networkingunlimited.com On Sat, 2010-01-02 at 18:14 -

Re: Ethernet over DS3 Converters

I like the Overture Networks products. Take a look at the link provided by Bryan. Vince On Mon, Nov 23, 2009 at 3:25 PM, Brad Fleming wrote: > Hello all, > > My company is searching for some Ethernet over DS3 converters / adaptors > for a specific installation. I see several options from Adtra

QWEST in Washington DC Contact

If anyone from Qwest with site access to 1500 Eckington is around please reply to me privately. Have an urgent issue. -Vin

Re: Drop in IPv6 traffic

Jeroen Wunnink wrote: > Same here, we usually do 40-100Mbit of teredo 2001::/32 anycast traffic > (a lot of which is news traffic over IPv6 to artrato/XSnews) and that > dropped to an all-time low a bit before 0:00 CET. > > I know XSnews had a free IPv6 news account service, perhaps they closed >

Passive DWDM in Production Service

Hey Everyone, If anyone is using, in production, passive DWDM muxes / shelves with colored 1GigE or 10GigE optics in standard switches or routers drop me a private note? I'm looking for real world examples for a white paper. Thanks in Advance, Vin

Re: Anomalies with AS13214 ?

On 11/5/09 16:30, Jay Hennigan wrote: > We're getting cyclops[1] alerts that AS13214 is advertising itself as > origin for all of our prefixes. Their anomaly report shows thousands > of prefixes originating there. > > Anyone else seeing evidence of this or being affected? > > > [1] http://cyclops.