Re: Questions about anycasting setup

Bill, wo...@pch.net (Bill Woodcock) wrote: > > 2. We plan to use this anycasting based setup for DNS during initial few > > months. Assuming low traffic for DNS say ~10Mbps on average (on 100Mbps > > port) and transit from just single network (datacenter itself) - is this > > setup OK for

Re: Questions about anycasting setup

On Mar 9, 2012, at 12:11 AM, Elmar K. Bins wrote: >>> 3. IPv6! - Is /32 is standard? We have only one /32 >>> allocation from ARIN and thus if using /32 seems like hard deal - we have >>> to likely get another /32 just for anycasting? or we can use /48 without >>> issues? Also, is /48 a good

Re: Questions about anycasting setup

On 03/09/2012 12:11 AM, Elmar K. Bins wrote: > Bill, > > wo...@pch.net (Bill Woodcock) wrote: > >>> 2. We plan to use this anycasting based setup for DNS during initial few >>> months. Assuming low traffic for DNS say ~10Mbps on average (on 100Mbps >>> port) and transit from just single netwo

filtering /48 is going to be necessary

On Fri, Mar 9, 2012 at 3:23 AM, Mehmet Akcin wrote: > if you know anyone who is filtering /48 , you can start telling them to STOP > doing so as a good citizen of internet6. I had a bit of off-list discussion about this topic, and I was not going to bring it up today on-list, but since the other

Re: Questions about anycasting setup

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Mar 9, 2012, at 12:11 AM, Elmar K. Bins wrote: > Well, let's say, using Quagga/BIRD might not really be best practice for > everybody... (e.g., *we* are using Cisco equipment for this) How does your Cisco know whether an adjacent nameserver is h

Re: filtering /48 is going to be necessary

On 2012-03-09 10:02 , Jeff Wheeler wrote: > On Fri, Mar 9, 2012 at 3:23 AM, Mehmet Akcin wrote: >> if you know anyone who is filtering /48 , you can start telling them to STOP >> doing so as a good citizen of internet6. > > I had a bit of off-list discussion about this topic, and I was not > goi

Re: Questions about anycasting setup

Re Bill, p...@altadena.net (Pete Carah) wrote: > > Well, let's say, using Quagga/BIRD might not really be best practice for > > everybody... (e.g., *we* are using Cisco equipment for this) > Actually there is a *very* good reason why many (most?) anycast > instances use quagga/BIRD/gated/etc > to

Re: Questions about anycasting setup

Re Bill, wo...@pch.net (Bill Woodcock) wrote: > > Well, let's say, using Quagga/BIRD might not really be best practice for > > everybody... (e.g., *we* are using Cisco equipment for this) > How does your Cisco know whether an adjacent nameserver is heavily loaded, > and adjust its BGP announceme

Re: Questions about anycasting setup

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Mar 9, 2012, at 1:34 AM, Elmar K. Bins wrote: > Re Bill, > > wo...@pch.net (Bill Woodcock) wrote: > >>> Well, let's say, using Quagga/BIRD might not really be best practice for >>> everybody... (e.g., *we* are using Cisco equipment for this) >

Re: Questions about anycasting setup

On 03/09/2012 01:34 AM, Elmar K. Bins wrote: > Re Bill, > > wo...@pch.net (Bill Woodcock) wrote: > >>> Well, let's say, using Quagga/BIRD might not really be best practice for >>> everybody... (e.g., *we* are using Cisco equipment for this) >> How does your Cisco know whether an adjacent nameserver

[NSG-d] Historian is trolling for memories about the early days of SF and ARPANet. Anybody?

Sorry for nonoperational content, but this struck me as a good place to post this query. - Forwarded message from Fred Hapgood - From: Fred Hapgood Date: Thu, 08 Mar 2012 17:18:33 -0500 To: ns...@marshome.org Subject: [NSG-d] Historian is trolling for memories about the early days of

Re: filtering /48 is going to be necessary

On Fri, Mar 9, 2012 at 4:02 AM, Jeff Wheeler wrote: > On Fri, Mar 9, 2012 at 3:23 AM, Mehmet Akcin wrote: >> if you know anyone who is filtering /48 , you can >> start telling them to STOP doing so as a good citizen of internet6. > > I had a bit of off-list discussion about this topic, and I was

Re: Request to lease IP space, or things that make you want to go hmmmmm..

Thank you George. Not SMTP but HTTP. I expect exact match string (as brand) marketers, and also partial match string (as brand typo-squatter) marketers, to exploit this asset class ("widely spread and legitimately routed IPs"). #include #include #include Eric

Re: filtering /48 is going to be necessary

Jeff Wheeler wrote: Hello Jeff, > On Fri, Mar 9, 2012 at 3:23 AM, Mehmet Akcin wrote: >> if you know anyone who is filtering /48 , you can start telling them >> to STOP doing so as a good citizen of internet6. > > I had a bit of off-list discussion about this topic, and I was not > going to bri

RE: Request to lease IP space, or things that make you want to go hmmmmm..

-Original Message- From: George Michaelson [mailto:g...@apnic.net] Sent: Thursday, March 08, 2012 8:06 PM To: NANOG Subject: Re: Request to lease IP space, or things that make you want to go hm.. no. you misunderstand. The value proposition is not spam: that works with unallocated

Re: filtering /48 is going to be necessary

I think ARIN issues /48s for Provider independent space as the minimum allocation size, so I'm guessing we shouldn't filter below that. At least, that's what's in their current policies. On Fri, Mar 9, 2012 at 7:50 AM, Bernhard Schmidt wrote: > Jeff Wheeler wrote: > > Hello Jeff, > > > On Fri,

Re: filtering /48 is going to be necessary

On 09.03.2012 17:04, PC wrote: I think ARIN issues /48s for Provider independent space as the minimum allocation size, so I'm guessing we shouldn't filter below that. At least, that's what's in their current policies. Note that I explicitly wrote: | I used to be (or still am) on the same page

MEF-CECP training

Hi All, It seems like here in the Americas we have a choice of either Tech 2000 or Perpetual Solutions for MEF certification training. Perpetual Solutions is about $1000 more per seat, but seems a little more robust. Has anyone gone through this training or used either of these companies? T

Re: MEF-CECP training

I also would be interested in any information. It looks like MEF recognizes 4 training companies: http://metroethernetforum.org/page_loader.php?p_id=1577 One company offers just 1 class then an exam for certification. On Fri, Mar 9, 2012 at 9:54 AM, Andy Susag wrote: > Hi All, > > > > It seems

UKNOF 22 Call for Presentations

UKNOF 22 - Call For Presentations The next UKNOF meeting will take place on Thursday 3rd May 2012 in the City of York, hosted by Bytemark, and the Programme Committee are seeking content from the community for this meeting. You may often hear it said that UKNOF's remit is "distribution of clue",

Weekly Routing Table Report

This is an automated weekly mailing describing the state of the Internet Routing Table as seen from APNIC's router in Japan. The posting is sent to APOPS, NANOG, AfNOG, AusNOG, SANOG, PacNOG, LacNOG, TRNOG, CaribNOG and the RIPE Routing Working Group. Daily listings are sent to bgp-st...@lists.ap

Whois operational message

This message contains operational information that might be of interest to the Internet operational community. Verisign is enabling IPv6 transport for its .com/.net Whois service (which also contains information for .edu, .arpa, and the root zone). By March 31, 2012, Verisign will begin accep

Re: filtering /48 is going to be necessary

On Mar 9, 2012, at 1:02 AM, Jeff Wheeler wrote: > On Fri, Mar 9, 2012 at 3:23 AM, Mehmet Akcin wrote: >> if you know anyone who is filtering /48 , you can start telling them to STOP >> doing so as a good citizen of internet6. > > I had a bit of off-list discussion about this topic, and I was n

Re: filtering /48 is going to be necessary

Let us not forget that there is also the issue of PA /48s being advertised (quasi-legitimately) for some end-user organizations that are multi-homed but choose not to get PI space. It is not uncommon to obtain a PA /48 from provider A and also advertise it from Provider B. Owen

IPv6 routing table incomplete!

Not so shocking for people on this list..However after playing around with a single-homed v6 connection to Cogent I was a little surprised to not be missing just HE routes. Apparently Google and Cogent aren't playing nice as I've been unable to reach a number of Google's s for ipv6.google.

RE: filtering /48 is going to be necessary

Owen wrote: [...] > In the ARIN region I think we have pretty well prevented this last issue > with current policy. I tried to propose similar policy in the APNIC region, > but it was not well accepted there. The folks in Asia seem t want to cling > to their scarcity mentality in IPv6 for the tim

Re: filtering /48 is going to be necessary

On 09.03.2012 20:31, Owen DeLong wrote: Hi, Let us not forget that there is also the issue of PA /48s being advertised (quasi-legitimately) for some end-user organizations that are multi-homed but choose not to get PI space. It is not uncommon to obtain a PA /48 from provider A and also adverti

Re: IPv6 routing table incomplete!

On 3/9/2012 3:22 PM, ML wrote: > Not so shocking for people on this list..However after playing around > with a single-homed v6 connection to Cogent I was a little surprised > to not be missing just HE routes. > > Apparently Google and Cogent aren't playing nice as I've been unable > to reach a num

BGP Update Report

BGP Update Report Interval: 01-Mar-12 -to- 08-Mar-12 (7 days) Observation Point: BGP Peering with AS131072 TOP 20 Unstable Origin AS Rank ASNUpds % Upds/PfxAS-Name 1 - AS24863 97468 4.4% 116.9 -- LINKdotNET-AS 2 - AS840258804 2.6% 28.6 --

The Cidr Report

This report has been generated at Fri Mar 9 21:12:46 2012 AEST. The report analyses the BGP Routing Table of AS2.0 router and generates a report on aggregation potential within the table. Check http://www.cidr-report.org for a current version of this report. Recent Table History Date

Re: filtering /48 is going to be necessary

> From: Owen DeLong > > We had this discussion on the list exactly a year ago. At that time, > > the average IPv6 origin ASN was announcing 1.43 routes. That figure > > today is 1.57 routes per origin ASN. > > That represents a 10% growth in prefix/asn for IPv6. > > Compare to 9.3->9.96/ASN (7

BGP MD5 at IXP

How critical is BGP MD5 at Internet Exchange Points? Would lack of support for MD5 authentication on route servers prevent some peers from multilaterally connecting? Do most exchange operators support it? Thanks! Jay

Re: BGP MD5 at IXP

On Mar 9, 2012, at 17:24 , Jay Hanke wrote: > How critical is BGP MD5 at Internet Exchange Points? Would lack of > support for MD5 authentication on route servers prevent some peers > from multilaterally connecting? Do most exchange operators support it?

Re: filtering /48 is going to be necessary

On Mar 9, 2012, at 12:50 PM, Bernhard Schmidt wrote: > On 09.03.2012 20:31, Owen DeLong wrote: > > Hi, > >> Let us not forget that there is also the issue of PA /48s being >> advertised (quasi-legitimately) for some end-user organizations that >> are multi-homed but choose not to get PI space.

Re: filtering /48 is going to be necessary

On Mar 9, 2012, at 2:07 PM, Brandon Butterworth wrote: >> From: Owen DeLong >>> We had this discussion on the list exactly a year ago. At that time, >>> the average IPv6 origin ASN was announcing 1.43 routes. That figure >>> today is 1.57 routes per origin ASN. >> >> That represents a 10% gro

Re: filtering /48 is going to be necessary

On Fri, Mar 9, 2012 at 1:31 PM, Owen DeLong wrote: > Let us not forget that there is also the issue of PA /48s being advertised > (quasi-legitimately) for some end-user organizations that are multi-homed but > choose not to get PI space. It is not uncommon to obtain a PA /48 from > provider A a

Re: filtering /48 is going to be necessary

Hi, > What should happen is this "quasi-legitimate" method of > multi-homing should just be declared illegitimate for IPv6, to > facilitate stricter filtering. Instead, what should happen is the > multi-homing should be required to fit into one of 3 scenarios, so > any announcement with an IPv

Re: filtering /48 is going to be necessary

On Fri, Mar 9, 2012 at 5:32 PM, Sander Steffann wrote: > Splitting the allocation can be done for many reasons. There are known cases > where one LIR >operates multiple separate networks, each with a separate > routing policy. They cannot get multiple >allocations from the RIR and they > cannot

Re: filtering /48 is going to be necessary

If the LIRs cannot get separate allocations from the RIR (and separate ASNs) for this usage, something is wrong. We want to make things as simple and efficient as possible, but no simpler or more efficient, because the curves go back up again at that point, and we all suffer. -george On Fri, Ma

RE: filtering /48 is going to be necessary

Hi, Sander wrote: > Splitting the allocation can be done for many reasons. There are known cases > where one LIR operates multiple separate networks, each with a separate > routing policy. They cannot get multiple allocations from the RIR and they > cannot announce the whole allocation as a wh

Re: filtering /48 is going to be necessary

> From: Owen DeLong > Handing one side an RIR-sponsored > tactical nuclear weapon is, IMHO, on the face of it a bad idea. The > proposal for classful allocation that Bill floated in the thread above > would constitute doing exactly that Certainly a risk but then we handed every nutter with BGP a

AT&T home DSL IPv6 configuration?

I have some friends and family in various places that have AT&T DSL. At least one has been upgraded to IPv6 support (I connected my notebook to his wireless router and was suprised to see I logged into my server over IPv6). As they tend to ask me for help now and then, I was trying to see how AT&

RE: filtering /48 is going to be necessary

> Owen said: > > I'm not a big fan, either, but, I think that the concept of "be > conservative in what you announce and liberal in what you accept" has > to apply in this case. Since it is a common (quasi-)legitimate > practice, arbitrarily filtering it is ill-advised IMHO. While I agree in prin

RE: filtering /48 is going to be necessary

> Deaggregating to /48's is not a good idea, but giving an LIR a few bits > (something like 3 or 4) to deaggregate makes sense. > > - Sander > +1 I wouldn't have a problem with a few bits of disaggregation. That seems reasonable for a network that might be subject to partitioning or doesn't ha

Re: filtering /48 is going to be necessary

This varies from RIR to RIR. In the ARIN region, you can get assignments or allocations for Multiple Discreet Networks, but, ARIN will often register them as an aggregate in the registration database, so... In the RIPE region (which is where I believe Sander is), only aggregates are available

Re: filtering /48 is going to be necessary

On Mar 9, 2012, at 4:33 PM, Brandon Butterworth wrote: >> From: Owen DeLong >> Handing one side an RIR-sponsored >> tactical nuclear weapon is, IMHO, on the face of it a bad idea. The >> proposal for classful allocation that Bill floated in the thread above >> would constitute doing exactly that

Re: filtering /48 is going to be necessary

> > (4) Any of the other methods of achieving multi-homing, such as > originating an NLRI with a longer prefix than the RIR delegation, > should be rejected by filters. > >> Owen > -- > -JH It is very rare that I will quote Randy Bush. Even more so when his original quote was utterly misplaced

Re: filtering /48 is going to be necessary

On Mar 9, 2012, at 3:45 PM, Leo Vegoda wrote: > Hi, > > Sander wrote: > >> Splitting the allocation can be done for many reasons. There are known cases >> where one LIR operates multiple separate networks, each with a separate >> routing policy. They cannot get multiple allocations from the R

Re: filtering /48 is going to be necessary

On 3/9/12 20:42 , Owen DeLong wrote: > > On Mar 9, 2012, at 3:45 PM, Leo Vegoda wrote: > >> Hi, >> >> Sander wrote: >> >>> Splitting the allocation can be done for many reasons. There are >>> known cases where one LIR operates multiple separate networks, >>> each with a separate routing polic

Re: filtering /48 is going to be necessary

> Imposing arbitary political considerations on organizations that are > simply trying to operate networks in order preserve maximal > aggregation at a given level seems absurd on the face of it. arin policy weenies live for this! randy

RE: filtering /48 is going to be necessary

> I'll put this as bluntly and succinctly as I can because I find the LIR > distriction arbitrary... > > I have an ipv6 direct assignment from ARIN. I am assuming you are an enterprise in PI space and not an ISP in PA space? > It is sized to meet the needs of my enterprise consistent with need

Re: filtering /48 is going to be necessary

On Fri, Mar 9, 2012 at 11:33 PM, Joel jaeggli wrote: > On 3/9/12 20:42 , Owen DeLong wrote: > Because my network is discontiguous I must announce more specific routes > than the assignment in order to reflect the topology I have both in IPV4 > and in IPV6. > > I fully expect (and have no evidence

Re: Questions about anycasting setup

Thanks for guidance everyone! Appreciate it. And yes, I can see another thread running on discussion about /48 - I am listening silently about it. Multiple AS doing anycasting was little concern for me, but now seems good since I can see everyone's suggestion to use single own ASN for anycastin

Concern about gTLD servers in India

Hello everyone, Greetings from India. I hope lot of you have enjoyed APRICOT event at New Delhi. I wanted to bring an important issue. It's about DNS root servers in India. So anurag@laptop:~$ dig . ns +short i.root-servers.net. e.root-servers.net. j.root-servers.net. l.root-servers.net. k.roo

Re: filtering /48 is going to be necessary

On 3/9/12 22:02 , George Bonser wrote: > An ISP that has been given a /32 or larger allocation from PA space > and might have 10,000 customers each assigned their own /48 could > instantly more than double the size of the IPv6 routing table if they > disaggregated that /32. > > The problem here i

Re: filtering /48 is going to be necessary

On Mar 9, 2012, at 7:08 PM, George Bonser wrote: >> Owen said: >> >> I'm not a big fan, either, but, I think that the concept of "be >> conservative in what you announce and liberal in what you accept" has >> to apply in this case. Since it is a common (quasi-)legitimate >> practice, arbitrarily

RE: filtering /48 is going to be necessary

> > I'm well into my second decade of having a v6 prefix in the dfz and am > passingly familiar with powers of two... > Point is that expecting people globally to take a /48 from PA space probably isn't a realistic expectation.

Re: Questions about anycasting setup

On Mar 9, 2012, at 1:01 AM, Pete Carah wrote: >> Well, let's say, using Quagga/BIRD might not really be best practice for >> everybody... (e.g., *we* are using Cisco equipment for this) > Actually there is a *very* good reason why many (most?) anycast > instances use quagga/BIRD/gated/etc > to spe

RE: filtering /48 is going to be necessary

> I haven't heard anyone advocate accepting less than a /48. I think /48 > is a reasonable "You must be this tall to ride" barrier. > > Beyond that, YMMV. > > Owen Apparently AS6939 has at various times :) I remember getting some /64 announcements from HE. I haven't seen one lately, though.

Re: Concern about gTLD servers in India

On 10/03/2012 08:19, Anurag Bhatia wrote: Next, looking gTLD servers used by popular TLDs like com/net/org: None of these gTLD root servers are in India. I have tested routes to each of them from BSNL (AS9829), Tata Comm (AS4755& AS6453), Airtel (AS9498) - all land up outside India - most o

RE: filtering /48 is going to be necessary

> I'm only > filtering one /64 route these days announced by AS4651 > > Actually AS4651 is announcing it to me but it is originating from AS23883 via AS4750 so there are some folks out there taking /64 routes. That one hit my filters, though.

Re: Concern about gTLD servers in India

> This problem is unfortunately not unique to India. There appear to be no > anycast instances of the gTLD servers in Africa either. really!?

Re: Concern about gTLD servers in India

Hello Randy No idea about Africa but certainly none of gTLD servers in India. On Sat, Mar 10, 2012 at 12:42 PM, Randy Bush wrote: > > This problem is unfortunately not unique to India. There appear to be no > > anycast instances of the gTLD servers in Africa either. > > really!? > > -- Anu

Re: Concern about gTLD servers in India

On 3/10/2012 10:12 AM, Randy Bush wrote: >> This problem is unfortunately not unique to India. There appear to be no >> anycast instances of the gTLD servers in Africa either. > > really!? There was one in KE but can't find or reach it: [a-m].gtld-servers.net. seem all to be in 192.0.0.0/8 rou

Re: Concern about gTLD servers in India

On 10/03/2012 09:12, Randy Bush wrote: This problem is unfortunately not unique to India. There appear to be no anycast instances of the gTLD servers in Africa either. really!? Yes. I was also a little surprised. I'm sure that I read somewhere that at least one of the gTLD anycast prefixes

Re: Concern about gTLD servers in India

I am sure few of people here have experience of running root servers. Can someone share if there's huge difference in . root servers Vs gTLD servers? I understand that root only hold all TLD's - cc and gTLD delegation that would be few hundred TLDs delegation while gTLDs hold lot of domain names

Re: Concern about gTLD servers in India

> No idea about Africa then on what basis did you make the assertion? > but certainly none of gTLD servers in India. i am slightly suspicious of this. often, root servers are accompanied by gtld servers, and there are more than zero root servers in india. there is a fashion among root and gtld

Re: Concern about gTLD servers in India

Please don't create confusions. I didn't made any assertion. I mentioned issue with India, but Graham came with point that issue is similar in Africa. Good point if he knows that. Certainly relevent to issue I mentioned for India. Again - I have not verified this. I don't know much about ISPs in