I have been asked to investigate moving an entire network to multi-hop
on all the eBGP sessions. Basically all upstreams, downstreams and peers
will eBGP with a route reflector located in the core. This RR will be
some kind of quagga or similar box. The dev guys want to be able to poke
at the B
So the biggest problem with 6to4 relays is that they are not ubiquitous
and/or well run.
Does offering your relays to the world, thereby improving the odds of
off-net traffic returning through them >0, actually offer an improvement
to your own users' experience with 6to4?
Joe
Franck Martin
I'm just curious - what is the largest OSPF core (in terms of number
of routers) out there?
Please contact me at your convenience.
Thank you
-- Hal A. Lightwood
-- Tel: 510 621 3040
-- Skype: hal.lightwood
>> The dev guys want to be able to poke at the BGP feeds directly and do
*magic* that standard router aren't capable of.
This should scare you in a significant manner.
-Jack Carrozzo
On Thu, Sep 2, 2010 at 5:30 AM, Graham Beneke wrote:
> I have been asked to investigate moving an entire networ
The last company I worked for moved to eBGP Multi-Hop where there were
two connections to the same provider (same AS). This allowed them to
utilize both links in both directions vs only one link in one direction
and have failover.
As you have mentioned link state detection gets a bit crazy with t
On 02/09/2010 13:20, lorddoskias wrote:
> I'm just curious - what is the largest OSPF core (in terms of number of
> routers) out there?
You don't expect anyone to actually admit to something like this? :-)
Nick
On Thu, Sep 2, 2010 at 11:30 AM, Graham Beneke wrote:
> I have been asked to investigate moving an entire network to multi-hop on
> all the eBGP sessions. Basically all upstreams, downstreams and peers will
> eBGP with a route reflector located in the core. This RR will be some kind
> of quagga or
On 02/09/2010 10:30, Graham Beneke wrote:
> I have been asked to investigate moving an entire network to multi-hop
> on all the eBGP sessions. Basically all upstreams, downstreams and peers
> will eBGP with a route reflector located in the core. This RR will be
> some kind of quagga or similar box.
> Subject: Re: largest OSPF core
>
> On 02/09/2010 13:20, lorddoskias wrote:
> > I'm just curious - what is the largest OSPF core (in terms of number
> of
> > routers) out there?
>
> You don't expect anyone to actually admit to something like this? :-)
>
For giggles:
http://books.google.com/
On Thu, 02 Sep 2010 14:12:38 EDT, Deepak Jain said:
> "Dual routing is intended to be more of a long-term solution because there
> will be very few pure OSI or TCP/IP routing environments in the future."
Well, they were half-right. ;)
pgpjIdWlsKA38.pgp
Description: PGP signature
In a message written on Thu, Sep 02, 2010 at 03:20:05PM +0300, lorddoskias
wrote:
> I'm just curious - what is the largest OSPF core (in terms of number
> of routers) out there?
I'll admit to having seen a network with over 400 devices in an
OSPF area 0, didn't design it, and in the end didn't
I think it is really depending on how your network topology looks like.
If you have top-down design with star topology to limit the network
connections to individual routers, it may scale well.
But if you connect every routers to each other such as full-mesh, it
will be a problem during interface f
> In a message written on Thu, Sep 02, 2010 at 03:20:05PM +0300, lorddoskias
> wrote:
>> I'm just curious - what is the largest OSPF core (in terms of number
>> of routers) out there?
The stability of the topology plays a most prominent role, but it wouldn't
surprise me if a OSPF network large
Anyone have a Level3 sales contact?
I've called the 800 number and was told I would get a call in 48 hours, a
week later, and a second call into them and I still haven't gotten a call
back.
Nick Olsen
Network Operations
(321) 205-1100 x106
Sent from my iPad
On Sep 3, 2010, at 3:42 AM, Deepak Jain wrote:
>> Subject: Re: largest OSPF core
>>
>> On 02/09/2010 13:20, lorddoskias wrote:
>>> I'm just curious - what is the largest OSPF core (in terms of number
>> of
>>> routers) out there?
>>
>> You don't expect anyone to actually ad
Beth Manning
beth.mann...@level3.com
On Thu, Sep 2, 2010 at 3:15 PM, Nick Olsen wrote:
> Anyone have a Level3 sales contact?
> I've called the 800 number and was told I would get a call in 48 hours, a
> week later, and a second call into them and I still haven't gotten a call
> back.
>
> Nick Ols
Any Road Runner abuse reps on the list?
If so, could you please contact me off-list?
I always feel bad when roadrunners get abused .
On Thu, Sep 2, 2010 at 4:43 PM, Brad Fleming wrote:
> Any Road Runner abuse reps on the list?
>
> If so, could you please contact me off-list?
>
>
Did you call Chuck Jones?
On 9/2/2010 4:43 PM, Brad Fleming wrote:
Any Road Runner abuse reps on the list?
If so, could you please contact me off-list?
.
> >
> > With respect to these OSPF questions, how many people are running two
> OSPF processes on each router (v4 and v6) to support dual stack rather
> than migrating (or just enjoying their existing) ISIS (OSI)
> implementations?
> >
> You left out the option of using ospf3 to do both v4 and v6
On Thu, Sep 02, 2010 at 05:32:30PM -0400, Deepak Jain wrote:
> > > With respect to these OSPF questions, how many people are running two
> > OSPF processes on each router (v4 and v6) to support dual stack rather
> > than migrating (or just enjoying their existing) ISIS (OSI)
> > implementations?
>
On Thu, 02 Sep 2010 15:20:05 +0300
lorddoskias wrote:
> I'm just curious - what is the largest OSPF core (in terms of number
> of routers) out there?
>
Presuming OSPF and IS-IS SPF costs are fairly similar, the following
page from "The complete IS-IS routing protocol" (really quite a good
bo
Sorry for bringing this old topic back. But we have made some academic effort
investigating the spamming behaviors using assymetric routing (we named it
"triangualr spamming"). This work appeared in this year's IEEE Security &
Privacy conference. You can take a look at it if you are interested (
On Thu, Sep 2, 2010 at 5:59 PM, Zhiyun Qian wrote:
> http://www.eecs.umich.edu/~zhiyunq/pub/oakland10_triangular-spamming.pdf
>
> One of the high-level findings is that we developed probing techniques
> to verify that indeed most ISPs are only blocking 1) "outgoing traffic
> of destination port 25
You are exactly right. We also talked about stateful firewall that can protect
the GoodNet. For NAT box, depends on the type of NAT, it is possible to setup
port forwarding on the router (mostly home routers) via uPnP without any
authentication (I think many home routers are like this by default
On Thu, 2010-09-02 at 16:29 -0700, J.D. Falk wrote:
> On Sep 2, 2010, at 1:43 PM, Brad Fleming wrote:
>
> > Any Road Runner abuse reps on the list?
>
> http://postmaster.rr.com/ is a good place to start.
Quoting that website:
| The Postmaster team is part of the Road Runner Mail Operations
| te
> The stability of the topology plays a most prominent role, but it
> wouldn't surprise me if a OSPF network largely comprised of router
> LSAs (no redistribution), using today's hardware, could easily scale
> to 1000 nodes in an area.
i believe the original poster asked about actual operating dep
Zhiyun, this is by far the most comprehensive paper I've seen on
asymmetric routing spam .. a technique that's as old as, for example,
Alan Ralsky. So been around for about a decade.
Congratulations, great effort. Do you have more results available (in
more detail than were published in this pap
can someone from justin.tv contact me off-list please?
thanks
mehmet
On Sep 2, 2010, at 7:35 PM, Randy Bush wrote:
>> The stability of the topology plays a most prominent role, but it
>> wouldn't surprise me if a OSPF network largely comprised of router
>> LSAs (no redistribution), using today's hardware, could easily scale
>> to 1000 nodes in an area.
>
> i be
On Thu, Sep 2, 2010 at 2:37 PM, Leo Bicknell wrote:
> In a message written on Thu, Sep 02, 2010 at 03:20:05PM +0300, lorddoskias
> wrote:
>> I'm just curious - what is the largest OSPF core (in terms of number
>> of routers) out there?
>
> I'll admit to having seen a network with over 400 device
In a message written on Thu, Sep 02, 2010 at 09:40:39PM -0400, Christian Martin
wrote:
> The most interesting point to make, however, is how much legacy
> thinking in this area continues to be stranded in a rut that emerged
> 15 years ago. It is not uncommon to hear network folks cringe at
> the
Suresh, thanks for your interest. I see you've had a lot of experience in
fighting spam, so you must have known this. Yes, I know this spamming technique
has been around for a while. But it's surprising to see that the majority of
the ISPs that we studied are still vulnerable to this attack. Th
BCP38 / RFC2827 were created specifically to address some quite
similar problems. And googling either of those two strings on nanog
will get you a lot of griping and/or reasons as to why these aren't
being more widely adopted :)
--srs
On Fri, Sep 3, 2010 at 7:47 AM, Zhiyun Qian wrote:
> Suresh,
Great. Thanks for the information.
-Zhiyun
On Sep 2, 2010, at 9:20 PM, Suresh Ramasubramanian wrote:
> BCP38 / RFC2827 were created specifically to address some quite
> similar problems. And googling either of those two strings on nanog
> will get you a lot of griping and/or reasons as to why th
I skimmed through these specs. They are useful but seems only related specific
to IP spoofing prevention. I see that IP spoofing is part of the asymmetric
routing story. But I was more thinking that given that IP spoofing is not
widely adopted, the other defenses that they can more perhaps more
Ingress filtering is the correct tool for the job. The whole point here is that
packets are coming from somewhere they should not, and they are thus spoofed.
The tools have been in place to deal with this for a very long time now. The
drafts that became RFC 2267 (precursor of RFC 2827 / BCP38) d
We should be seeking to stop damaging the network for ineffective anti spam
measures (blocking outbound 25 for example) rather than to expand this practice
to bidirectional brokenness.
Owen
Sent from my iPad
On Sep 3, 2010, at 12:25 PM, Zhiyun Qian wrote:
> I skimmed through these specs. The
On Sep 2, 2010, at 11:48 PM, Owen DeLong wrote:
> We should be seeking to stop damaging the network for ineffective anti spam
> measures (blocking outbound 25 for example) rather than to expand this
> practice to bidirectional brokenness.
Since at least part of your premise ('ineffective anti-s
Blocking outbound port 25 in certain conditions (mainly anything with a dynamic
IPv4), is a recommended practice from MAAWG.org and others, they have a few
useful documents for ISPs to deal with their network.
- Original Message -
From: "Owen DeLong"
To: "Zhiyun Qian"
Cc: "NANOG list"
Patrick W. Gilmore wrote:
We should be seeking to stop damaging the network for ineffective anti spam
measures (blocking outbound 25 for example) rather than to expand this practice
to bidirectional brokenness.
Since at least part of your premise ('ineffective anti-spam measures') has been
o
Have you heard of the submission port?
Why Clients of an hotel would run a MTA anyhow?
- Original Message -
From: "Jack Bates"
To: "NANOG list"
Sent: Friday, 3 September, 2010 4:08:54 PM
Subject: Re: ISP port blocking practice
Patrick W. Gilmore wrote:
>> We should be seeking to stop d
43 matches
Mail list logo
