Re: Spamhaus BGP feed experiences?

On Sun, May 17, 2015 at 7:50 AM, Mike Lyon wrote: > Any ISPs out there (big or small) ever used the Spamhaus BGP feed to > prevent against botnet, spam, etc? If so, how has your experience been? Is > it worthwhile? Has it helped? On / off list responses are appreciated in > advance. We've been us

[no subject]

This post was from a subscriber whose From: address domain has a DMARC policy of reject or quarantine. The NANOG mailing list has automatically wrapped this message to prevent other subscribers mail systems from rejecting it.--- Begin Message --- Manually setting up and parsing email notifications

Low Cost 10G Router

What options are available for a small, low cost router that has at least four 10G ports, and can handle full BGP routes? All that I know of are the Juniper MX80, and the Brocade CER line. What does Cisco and others have that compete with these two? Any other vendors besides Juniper, Brocade, and C

Re: Low Cost 10G Router

How much is "low cost"? Mehmet > On May 19, 2015, at 10:22, Colton Conor wrote: > > What options are available for a small, low cost router that has at least > four 10G ports, and can handle full BGP routes? All that I know of are the > Juniper MX80, and the Brocade CER line. What does Cisco a

Re: Low Cost 10G Router

If you are considering Juniper, check out the MX104. There are bundles currently that give you similar capacity to an MX80 at a significantly lower price. thanks, -Randy - On May 19, 2015, at 1:22 PM, Colton Conor colton.co...@gmail.com wrote: > What options are available for a small, lo

Re: Low Cost 10G Router

Here is what I found on Google about Cisco's options: http://www.cisco.com/c/en/us/products/routers/asr-1000-series-aggregation-services-routers/models-comparison.html And when it comes to Juniper, you might be able to get it done with MX40 (look at their options, there are different combinations

Re: Low Cost 10G Router

Oops, Cisco ASR 1k series might not cut it, you can take a look at their 9k seriers: http://www.cisco.com/c/en/us/products/routers/asr-9000-series-aggregation-services-routers/models-comparison.html On Tue, May 19, 2015 at 12:22 PM, Colton Conor wrote: > What options are available for a small, l

Re: Low Cost 10G Router

As low as possible, though I am not sure how low that can be. For example, I can get a MX480 used with a 4 10G card for $16K. That would easily handle my needs, but it's overkill for what we need to do. I would love a solution under 10K, but not sure if one exists. On Tue, May 19, 2015 at 12:24

Re: Low Cost 10G Router

You could potentially do it with a Vyatta 5600 or a 6Wind Turbo router running on a generic server, but I am not sure where the cost crossover is with physical hardware especially if you go with used hardware. > Colton Conor > May 19, 2015 at 10:22 AM > What options

Re: Low Cost 10G Router

If you want virtual 10gb ports go vmware with a cisco routing vm or juniper routing vm Colin > On 19 May 2015, at 18:40, Steve Noble wrote: > > You could potentially do it with a Vyatta 5600 or a 6Wind Turbo router > running on a generic server, but I am not sure where the cost crossover > is

Re: Low Cost 10G Router

We are using softrouters based on Supermicro chassis, E5v3 cpu, Linux/BIRD and Intel 10G NICs. And VERY happy. On 19.05.15 20:22, Colton Conor wrote: > What options are available for a small, low cost router that has at least > four 10G ports, and can handle full BGP routes? All that I know of are

Re: Low Cost 10G Router

Well, Hardly low cost =D - Alain Hebertaheb...@pubnix.net PubNIX Inc. 50 boul. St-Charles P.O. Box 26770 Beaconsfield, Quebec H9W 6G7 Tel: 514-990-5911 http://www.pubnix.netFax: 514-990-9443 On 05/19/15 13:31, Randy Carpenter wr

RE: Low Cost 10G Router

What's the application, and what traffic levels do you anticipate. Any special features like MPLS or MPLS-TE? -Original Message- From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Colton Conor Sent: Tuesday, May 19, 2015 12:23 PM To: NANOG Subject: Low Cost 10G Router What option

Re: Low Cost 10G Router

Huawei NE40E-X1-M4 I've two of these with full routes and so far (4months) they've functioned perfectly, and the price point is... inexpensive. /rh On Tue, May 19, 2015 at 10:22 AM, Colton Conor wrote: > What options are available for a small, low cost router that has at least > four 10G ports

Re: Low Cost 10G Router

Last config I touched: 2xIntel(R) Xeon(R) CPU E5-2650 0 @ 2.00GHz, 12 Gbit summary, <5% each core load. On 19.05.15 21:06, Piotr Iwanejko wrote: > Wiadomość napisana przez Max Tulyev w dniu 19 maj 2015, > o godz. 19:58: >> We are using softrouters based on Supermicro chassis, E5v3 cpu, >> Linux/

Re: Low Cost 10G Router

19.05.2015, 21:26, "Max Tulyev" : > Last config I touched: 2xIntel(R) Xeon(R) CPU E5-2650 0 @ 2.00GHz, 12 > Gbit summary, <5% each core load. And what PPS rate (in+out)? -- wbr, Oleg. "Anarchy is about taking complete responsibility for yourself."   Alan Moore.

Re: Low Cost 10G Router

How much of that traffic is valid legit traffic as well :( Colin > On 19 May 2015, at 19:32, Oleg A. Arkhangelsky wrote: > > > > 19.05.2015, 21:26, "Max Tulyev" : >> Last config I touched: 2xIntel(R) Xeon(R) CPU E5-2650 0 @ 2.00GHz, 12 >> Gbit summary, <5% each core load. > > And what PPS ra

Re: Spamhaus BGP feed experiences?

How much false positives (i.e. blackholing traffic users want to reach)? On 18.05.15 21:04, Marco d'Itri wrote: > On May 17, Mike Lyon wrote: > >> Any ISPs out there (big or small) ever used the Spamhaus BGP feed to >> prevent against botnet, spam, etc? If so, how has your experience been? Is >>

Re: Low Cost 10G Router

1.4Mpps now. On 19.05.15 21:32, Oleg A. Arkhangelsky wrote: > > > 19.05.2015, 21:26, "Max Tulyev" : >> Last config I touched: 2xIntel(R) Xeon(R) CPU E5-2650 0 @ 2.00GHz, 12 >> Gbit summary, <5% each core load. > > And what PPS rate (in+out)? > > -- > wbr, Oleg. > > "Anarchy is about taking co

Re: Low Cost 10G Router

How cheap is cheap and what performance numbers are you looking for? About as cheap as you can get: For about $3,000 you can build a Supermicro OEM system with an 8-core Xeon E5 V3 and 4-port 10G Intel SFP+ NIC with 8G of RAM running VyOS. The pro is that BGP convergence time will be good (bette

Re: Spamhaus BGP feed experiences?

In article <555b8313.5080...@netassist.ua> you write: >How much false positives (i.e. blackholing traffic users want to reach)? Very little. The DROP list, which is what's in the BGP feed, is a small subset of the SBL, and only includes blocks that send no legitimate traffic at all. > >On 18.05

Re: Low Cost 10G Router

> How cheap is cheap and what performance numbers are you looking for? > > About as cheap as you can get: > > For about $3,000 you can build a Supermicro OEM system with an 8-core Xeon > E5 V3 and 4-port 10G Intel SFP+ NIC with 8G of RAM running VyOS. The pro > is that BGP convergence time will

Re: Low Cost 10G Router

Chat in my nerds irc channel about 10G routers paralleling this 14:21 the Xeon D-1540 has 8 cores / 16 threads, 2GHz base clock with 2.6GHz turbo, and dual 10G nics on chip 14:21 45W TDP 14:31 supposedly an asrock board is coming that can be 10Gbase-T or SFP+ 14:58 supermicro ar

Re:

(-direct-ryan) yikes formatting for this got wonky... On Tue, May 19, 2015 at 11:53 AM, Ryan Shea via NANOG > -- Forwarded message -- > From: Ryan Shea > To: nanog list > Cc: > Date: Tue, 19 May 2015 15:53:15 + > Subject: Unified Security Vulnerability Management > > Manual

Re: Low Cost 10G Router

For about $1000 you could get a Mikrotik CCR1036-8G-2S+EM but it only has 2 SFP+ ports. http://routerboard.com/CCR1036-8G-2SplusEM Keefe On 5/19/2015 3:46 PM, Joe Greco wrote: How cheap is cheap and what performance numbers are you looking for? About as cheap as you can get: For about $3,00

Re: Low Cost 10G Router

> Chat in my nerds irc channel about 10G routers paralleling this > > 14:21 the Xeon D-1540 has 8 cores / 16 threads, 2GHz base clock with > 2.6GHz turbo, and dual 10G nics on chip > 14:21 45W TDP Right, but that's a pretty lame clock. > 14:31 supposedly an asrock board is comi

Re: Low Cost 10G Router

Hello! Somebody definitely should build full feature router with DPDK/netmap/pf_ring :) I have finished detailed performance tests for all of them and could achieve wire speed forwarding (with simple packet rewrite and checksum calculation) with all of they. I.e. I could process 10GE and 14.6 mp

Re: Low Cost 10G Router

I second the Mikrotik recommendation. You don’t get support like you would with Cisco but it’s a solid product. Justin Justin Wilson j...@mtin.net http://www.mtin.net Managed Services – xISP Solutions – Data Centers http://www.thebrotherswisp.com Podcast about xISP topics http://www.midwest-

Re: Low Cost 10G Router

How much does a Huawei NE40E-X1-M4 cost Richard? On Tue, May 19, 2015 at 1:09 PM, Richard Holbo wrote: > Huawei NE40E-X1-M4 > > I've two of these with full routes and so far (4months) they've functioned > perfectly, and the price point is... inexpensive. > > /rh > > On Tue, May 19, 2015 at 10:22

Re: Low Cost 10G Router

2015-05-19 16:16 GMT-03:00 Keefe John : > For about $1000 you could get a Mikrotik CCR1036-8G-2S+EM but it only has 2 > SFP+ ports. > > http://routerboard.com/CCR1036-8G-2SplusEM Run away from Mikrotik, especially if you want to run BGP. -- Eduardo Schoedler

Re: Low Cost 10G Router

Microtik CCR have a huge issues in case of DDOS: http://forum.mikrotik.com/viewtopic.php?t=92728 On Tue, May 19, 2015 at 10:37 PM, Eduardo Schoedler wrote: > 2015-05-19 16:16 GMT-03:00 Keefe John : >> For about $1000 you could get a Mikrotik CCR1036-8G-2S+EM but it only has 2 >> SFP+ ports. >> >>

Re: Low Cost 10G Router

I've seen serious, unusual performance bottlenecks in Mikrotik CCR, in some cases not even achieving a gigabit speeds on 10G interfaces. Performance drops more rapidly then Cisco with smaller packet sizes. -mel beckman > On May 19, 2015, at 12:28 PM, Justin Wilson - MTIN wrote: > > I second

RE: Low Cost 10G Router

The running estimate is about 3 cores per 10GIf to maintain Line-Rate forwarding. The Enterprise version of Vyatte runs around 1.5-2 cores per 10Gif (Depends on how the forwarding plane is treating traffic, if you're remarking or heavy firewall rules the interrupt forwarding cost starts to imp

Re: Low Cost 10G Router

What about L3 switches? You could receive full BGP table with Linux BOX with ExaBGP, parse it and feed to L3 switch. On Tue, May 19, 2015 at 10:44 PM, Mel Beckman wrote: > I've seen serious, unusual performance bottlenecks in Mikrotik CCR, in some > cases not even achieving a gigabit speeds on 1

Re: Low Cost 10G Router

I do use L3 switches for BGP at some locations (Cisco 3750) and they perform great. The problem is no instrumentation (e.g. Sflow, netflow). -mel via cell > On May 19, 2015, at 12:55 PM, Pavel Odintsov wrote: > > What about L3 switches? You could receive full BGP table with Linux > BOX with E

Re: your mail

On Tue, May 19, 2015 at 03:53:19PM +, Ryan Shea via NANOG wrote: > This post was from a subscriber whose From: address domain has a DMARC > policy of reject or quarantine. The NANOG mailing list has > automatically wrapped this message to prevent other subscribers mail > systems from rejecting

Re: Low Cost 10G Router

On 2015-05-19 14:23, Pavel Odintsov wrote: Hello! Somebody definitely should build full feature router with DPDK/netmap/pf_ring :) Netmap yes. The rest no. Why? Because netmap supports libpcap, which means everything just works. Other solutions need porting. You are going along, someone ment

Re: Low Cost 10G Router

Hello! Yep, there are no existent open source routers yet exists. But there are a lot of capabilities for this. We could just wait some time. But DPDK _definitely_ could process 64mpps and 40GE with deep inspection and processing on enough cheap E5 2670v3 chips. Yes, definitely it's ideas about

Re: Low Cost 10G Router

I know if is not possible to have a full routing on ex3300(low memory for it) , but i never tried to do a default router on it( with EFL licence and software above version 12) I have many bgp session with cisco 3750 switchs.. Traffic about 2gb on it... Have a peer( ebgp customer) with a acx2000(

Re: Low Cost 10G Router

... This customer had a asr1002 , but have a crash on asr router and only have this acx to up your link... Its a good test... Enviado via iPhone  Grupo Connectoway > Em 19/05/2015, às 18:59, Rodrigo 1telecom escreveu: > > I know if is not possible to have a full routing on ex3300(low memory f

Re: Low Cost 10G Router

> I've seen serious, unusual performance bottlenecks in Mikrotik CCR, in some > cases not even achieving a gigabit speeds on 10G interfaces. Performance > drops more rapidly then Cisco with smaller packet sizes. > > -mel beckman Folks often forget that Mikrotik ROS can also run on x86 machin

RE: Low Cost 10G Router

> > On May 19, 2015, at 10:22, Colton Conor wrote: > > > > What options are available for a small, low cost router that has at least > > four 10G ports, and can handle full BGP routes? All that I know of are the > > Juniper MX80, and the Brocade CER line. What does Cisco and others have > > that

Re: Low Cost 10G Router

You can save a ton if you drop the requirement for full routes. Ask for a simple default route and then calculate your most used routes offline and upload that daily to the switch. I believe if you have just a few thousand routes, your outbound will be nearly the same as with full routes. Your inb

Re: your mail

On 5/19/2015 15:37, Jared Mauch wrote: Can someone fix the DMARC settings to something more sensible? I've had to deal with this on the outages list already and it's simple to have it work in a more predictable way for users than injecting this text. The best settings are Mung

Measuring DNS Performance & Graphing Logs

Hello! This is my first message to NANOG's mailing list. I hope someone can help me. I was wondering which tool(s) can I use to measure the performance of my 3 DNS servers (1 primary, 1 secondary, 1 solely cacheDNS)? From the stats I would like to know if my DNS server is serving as it should be o

Re: Low Cost 10G Router

Wiadomość napisana przez Max Tulyev w dniu 19 maj 2015, o godz. 19:58: > We are using softrouters based on Supermicro chassis, E5v3 cpu, > Linux/BIRD and Intel 10G NICs. And VERY happy. Out of curiosity, how much traffic you pass over those softrouters? Piotr

AT&T/Telia issue

Seeing this on AS7018 to AS1299. Anyone out there at either provider know anything about this? HOST: PC-002 Loss% Snt LastAvg Best Wrst StDev 1.|-- 172.31.255.1 0.0% 10 10.7030.9 2.|-- 10.98.0.30.0% 10

Re: Low Cost 10G Router

So this new $1295 Mikrotik CCR1036-8G-2S+EM has a 36 core Tilera CPU with 16GB of ram. Each core is running at 1.2Ghz? I assume that Mikrotik is multicore in software, so why does this box not outperform these intel boxes that everyone is recommending? Is it just a limitation of ports? On Tue,

Re: Measuring DNS Performance & Graphing Logs

http://docs.cacti.net/usertemplate%3ahost%3abind9.7 http://forums.cacti.net/about6332.html those are like result 1 and 5 of "cacti graph dns server" in the googles... (the second is even the 1st result in a bingz search) On Tue, May 19, 2015 at 1:34 PM, Zayed Mahmud wrote: > Hello! > This is my

Re: Low Cost 10G Router

The BGP daemon on the CCR routers is not multi-threaded; it only will use one core. Josh On Tue, May 19, 2015 at 10:06 PM, Colton Conor wrote: > So this new $1295 Mikrotik CCR1036-8G-2S+EM has a 36 core Tilera CPU with > 16GB of ram. Each core is running at 1.2Ghz? I assume that Mikrotik is >

Re: Low Cost 10G Router

On 19/May/15 19:35, Colton Conor wrote: > As low as possible, though I am not sure how low that can be. > > For example, I can get a MX480 used with a 4 10G card for $16K. That would > easily handle my needs, but it's overkill for what we need to do. > > I would love a solution under 10K, but not

Re: Low Cost 10G Router

On 19/May/15 20:46, Ray Soucy wrote: > > An ASR1K might do the trick, but more likely than not you're looking at an > ASR9K if you want full tables; I don't have any experience with the 1K > personally so I can't speak to that. The ASR 9K is a really great platform > and is what we use for BGP h

Re: Low Cost 10G Router

On 19/May/15 23:59, Rodrigo 1telecom wrote: > I know if is not possible to have a full routing on ex3300(low memory for it) > , but i never tried to do a default router on it( with EFL licence and > software above version 12) > I have many bgp session with cisco 3750 switchs.. Traffic about 2gb

Re: Low Cost 10G Router

For the lists benefit, there is a 6 X 10GBE option for the ASR1000 series it seems. No idea on pricing though. http://www.cisco.com/c/en/us/products/collateral/application-networking-services/wide-area-application-services-waas-software/data-sheet-c78-729778.pdf Cheers, Mark On Wed, May 20, 20

Re: Low Cost 10G Router

ASR1K (XE) has great BGP implementation, go for it if you are OK with density/throughput. Regards, Jeff > On May 19, 2015, at 11:35 PM, Mark Tees wrote: > > For the lists benefit, there is a 6 X 10GBE option for the ASR1000 > series it seems. No idea on pricing though. > > http://www.cisco.co

Re: Low Cost 10G Router

On 20/May/15 08:54, Jeff Tantsura wrote: > ASR1K (XE) has great BGP implementation, go for it if you are OK with > density/throughput. I second that. BGP for IOS XE is very mature (except RPKI, which has just got a fix). Mark.