On Mon, Feb 03, 2014 at 11:48:04AM -0600, Dennis Burgess wrote:
> I have a router with about 20 peers, most are all on a single port
> (local exchange), how is everyone monitoring traffic to individual
> peers?
Use something like IPFIX, NetFlow, sFlow and take a look at these two tools:
Dear fellow networkers,
Through this tutorial-styled email I'd like to introduce the concept,
usage and implementation of "selective blackholing" through the BGP
protocol to the community. This email contains some python code, example
router configurations references to RIPE Atlas data to demonstr
Hi all,
Do you often find yourself in need of a simple calculator, and all you have
available to you is a Brocade or Cisco IOS router? No longer will you
experience the horror and dread of mental arithmetics. The route-map calculator
is here!
Brocade : http://instituut.net/~job/calculator-rout
On Thu, May 08, 2014 at 12:31:23PM +0200, Henning Brauer wrote:
> * Saku Ytti [2014-05-08 12:14]:
> > If OBSD can't afford MAC addresses but does not object to them in
> > principle, I
> > can give forever IRU for 256 MAC addresses to OBSD for 0USD one-time fee.
>
> when/if we change the mac add
On Thu, May 08, 2014 at 09:48:26AM +0200, Henning Brauer wrote:
>
> awaiting your diff.
http://marc.info/?l=openbsd-tech&m=139955603603070&w=2
Kind regards,
Job
Hi Tal,
On Dec 4, 2012, at 10:05 PM, Tal Mizrahi wrote:
> We are looking for publicly available statistics of network latency
> measurements taken in large networks.
Maybe http://amp.ring.nlnog.net/ has nice data for you. Contact
ring-adm...@ring.nlnog.net with your proposal.
Kind regards,
Hi Jean,
On Dec 14, 2012, at 9:12 PM, Jean-Francois Mezei
wrote:
> On 12-12-14 15:13, Jason Castonguay wrote:
>
>> I've given 3 weeks + 6 months (at least) notice on a service change that
>> will not be noticed by most anyone.
>
> Upon hearing your announcement, I went and dig myself a new
Hi,
On Dec 18, 2012, at 7:59 PM, Christopher J. Pilkington wrote:
> I'm looking for a simple tool to verify PMTUD is usable along a
> particular path. Ideally this tool would be cross-platform, or run on
> Linux or Windows.
>
> I've done some testing of my own by hand, but hoping a tool would h
On Dec 19, 2012, at 8:46 PM, Joe Freeman wrote:
> I need a Yahoo contact if anyone is available.
> I'm having issues with customers on 186.65.92.0/22 (ASN52379) out of Costa
> Rica being able to reach Yahoo sites (www.yahoo.com/www.flickr.com) with
> their web browsers, but they can ping them j
you, the participants,
THANK YOU! Without the continued support from lots of
participants the RING would not be where it is today. We are
proud to be playing a small role in making the Internet an
easier thing to debug and research.
Again, thank you!
Kind regards,
Job Snijders
Martin Pels
Peter van Dijk
Edwin Hermans
ringthing
Hi Rodney,
From the looks of it, this decision was made by the RIPE NCC Executive Board
rather than at the General Meeting. Inqueries will have to be made why this
was decided, and what the consequences are. But, I don't expect a resolution to
be reached in the next 6 hours.
In the meantime
Hi all,
Atrato / 5580 here.
We don't have direct peering with AS26347, although we learn the AS26347
prefixes through the 206.223.143.253 (AS 19996) routeserver in LAX.
So in a sense we are peering :-)
Kind regards,
Job
On Jan 11, 2013, at 7:31 PM, Andree Toonk wrote:
> Hi Kenneth,
>
>
Hi,
On Feb 14, 2013, at 2:02 PM, Deric Kwok wrote:
> Can I know how many ipv6 full bgp table routes now?
Here are various sources to discover the size of the IPv6 internet routing
table:
http://public01.infra.ring.nlnog.net/munin/infra.ring.nlnog.net/lg01.infra.ring.nlnog.net/bird6.
Hi,
NRTM still works according to my mirrors. So for up 2 date data, you could use
irr.ring.nlnog.net:
Alice:~ job$ whois -h irr.ring.nlnog.net 198.41.0.0 | wc -l
437
Alice:~ job$
Kind regards,
Job
On Mar 4, 2013, at 5:36 PM, Christopher Morrow wrote:
> On Mon, Mar 4, 2013 at 11:24
Hi Mat,
I see the same thing, we learn the prefix from the route-server in LAX:
tel...@r1.lax1.us>show ip bgp routes detail 90.201.80.0/20
Number of BGP Routes matching display condition : 1
Status A:AGGREGATE B:BEST b:NOT-INSTALLED-BEST C:CONFED_EBGP D:DAMPED
E:EBGP H:HISTORY I:IBGP L:LO
the announcements for the more specifics seem to be gone.
Can anybody (preferably from Any2 or Dreamhost) shed more light on this matter?
Kind regards,
Job
On Mar 6, 2013, at 2:43 PM, Drew Weaver wrote:
> They're doing this to our routes in any2 in LA as well.
>
> ...
>
Hi all,
Just a small update.
Off-list Andree and me have been working together with Kenneth from dreamhost
to try and figure out what exactly happened and which device or party orginated
these prefixes.
Unfortunately no hard conclusions can be drawn from the data available to us,
especially
s
Hi Chip,
AOL published some good looking open source software, it does not handle
BGP at this moment, but it does other tasks like ACLs quite well. It's designed
to be tightly integrated with your existing CMDB/RANCID, and it even takes
timezones into account for pushing new configurations.
Hi Nicolai,
It really happened, here are my notes.
http://instituut.net/~job/cb3rob-spamhaus-hijack-21-mar-2013.txt
Renesys also confirmed seeing the /32 from that direction, but they could
not share the data because of an NDA.
Because it was a /32, it was a hyperlocal event, if you c
Hi John,
On Apr 4, 2013, at 12:52 AM, John Kemp
wrote:
> Having trouble reaching route-views.linx.routeviews.org from AS3582.
>
> I'm assuming that some folks stopped carrying
> this particular linx.net address prefix
> as of this morning. ?!?
Indeed LINX has taken steps recently to reduce th
So when will I hear back about this?
I will present the findings at the upcoming NANOG meeting in New Orleans [1].
Given that the NANOG meeting is approaching rapidly, I urge you to submit your
data sooner rather than later. :-)
Kind regards,
Job Snijders
[1] - CSV format should be formatted l
ut it here:
https://ring.nlnog.net/news/2012/10/ring-success-the-ipv4-255-problem/ So yes,
apparently problems like these still arise once in a while. My recommendation
would be to fix the equipment and not blame it on .0 or .255.
Kind regards,
Job Snijders
On Sun, Aug 17, 2014 at 09:11:05AM -0700, Payam Poursaied wrote:
> Appreciate if anyone from LeaseWeb can contact me off list. Its regarding
> blocking an IP address. Support team does not deal.
Replied offlist
- Job
On Fri, Aug 29, 2014 at 06:25:16PM +0900, Randy Bush wrote:
> > Loose mode would drop failing routes, iff there is covering (i.e. less
> > specific is ok) route already in RIB.
>
> isn't that exactly the hole punching attack?
The proposed 'loose' mode protects against unauthorized hole punching
On Fri, Aug 29, 2014 at 06:39:32PM +0900, Randy Bush wrote:
> >>> Loose mode would drop failing routes, iff there is covering (i.e. less
> >>> specific is ok) route already in RIB.
> >> isn't that exactly the hole punching attack?
> > No, as the the more specific route is signed and is preferred (l
On Fri, Aug 29, 2014 at 06:17:09AM -0400, Sandra Murphy wrote:
> > Loose mode A would look like this:
> >
> >In the case that 10.0.0.0/16 origin AS123 is not in your table, the
> >loose mode would kick in and one could accept more specifics for
> >10.0.0.0/16, but only when originated
On Tue, Sep 02, 2014 at 03:08:28PM +, Sriram, Kotikalapudi wrote:
> The example that I gave was not that. In my example, C has legitimate
> ownership of the less specific (e.g., 192.0.2.0/23). D is malicious
> and attempting to hijack a subprefix (e.g., 192.0.2.0/24).
> Importantly, C has a cr
On Tue, Sep 02, 2014 at 11:53:15AM -0400, Christopher Morrow wrote:
> On Tue, Sep 2, 2014 at 11:25 AM, Job Snijders wrote:
>
> > What is the real damage of hijacking a prefix which is not in use?
>
> 'not in use' ... where?
>
> What if the 'owner&
On Wed, Sep 10, 2014 at 02:20:45PM +0300, Tarko Tikan wrote:
> 2000::/6 with aspath 3257 3549 has appeared in global routing table. Surely
> we can't be only ones seeing it. Looks like someone messed up
> interface/route config at 3549 by omitting 4 from the prefixlen.
>
> According to https://sta
On Thu, Sep 18, 2014 at 03:15:41PM -0400, Daniel Corbe wrote:
> Also, if I'm buying full line rate commit from you then you're not
> actually losing any money on the deal whether or not you route me the
> traffic.
Ha, I wish all customers would buy in full line rate commits! :-)
- Job
On Thu, Sep 18, 2014 at 03:12:29PM -0400, Daniel Corbe wrote:
> > a) you're paying less, as you're not receiving the traffic
>
> This ventures into the realm of an operator doing something responsible
> to protect me vs routing me unwanted traffic and going "lol, bill."
>
> If you want to start
On Thu, Sep 18, 2014 at 08:42:23PM +, Brock Massel wrote:
> The 192.250.24 addresses have been reachable for several months in the
> current configuration with no reported issues. Since the 16th we have
> been hearing reports that destinations in that block are unavailable
> for some.
>
> Seve
On Sat, Sep 27, 2014 at 09:46:53AM -0400, Justin Wilson wrote:
> Trying to update some records on peeringdb.com and am not getting much
> response. Just wondering if I am the only one. I am not getting
> response back from support. Figured this would be a good place to ask.
> More curious than anyt
Dear John,
On Wed, Oct 08, 2014 at 08:59:00AM -0500, John Kristoff wrote:
> UTRS is essentially a community RTBH that people have suggested to us
> would be a good service to provide, so we're giving it a go.
FYI, there are various projects which are similar to this concept:
http://www.de-ci
On Wed, Oct 08, 2014 at 04:02:21PM -, John Levine wrote:
> >information. But... (aside from any local safety net filter), it's quite
> >a leap to allow a single entity to inject blackholes for any prefix.
>
> Spamhaus has been distributing their DROP list by BGP for years. The
> world hasn't
Hi Christian,
On Thu, Oct 09, 2014 at 10:58:05PM +0200, Christian Seitz wrote:
>
>
> Why is there no validation required when this is done by an IXP? "All
> peers are my customers and I do trust them"? What about private
> peerings via PNIs?
Validation is not required because the requester can
On Thu, Oct 23, 2014 at 04:54:17PM -0400, Jared Mauch wrote:
> Having recently encountered a problem with a machine, I’m looking for
> an inexpensive KVMoIP device to place within a facility to take
> VGA/USB Keyboard for a single host scale. Ideally something that can
> be properly placed on the
On Mon, Nov 10, 2014 at 12:39:02PM -0800, Max Clark wrote:
> DB9 ports seem to be a nearly extinct feature on laptops. Any
> suggestions on a cheap laptop for use in field support (with an
> onboard DB9)?
Might be easier to get an "Aten UC232A" converter to do USB<>DB9, you
are right that DB9 dire
On Thu, Nov 20, 2014 at 06:07:09PM -0500, Jay Ashworth wrote:
> He generally provides same-day service on email, but...
>
> Hope all is well.
Don't worry, he is alive and well. puck.nether.net is having some disk
issues hene a backlog on email.
- Job
On Thu, Nov 27, 2014 at 04:51:59AM -0500, james jones wrote:
> Looking to discuss a routing issue going through NTT's link to JP.
Feel free to contact me off-list with the details.
Kind regards,
Job
On Thu, Nov 27, 2014 at 11:00:32AM -0500, Jared Mauch wrote:
> Seems your MTR sees loss within the Cogent (174) network prior
> to reaching the NTT network.
>
> I think you perhaps need cogent assistance?
This was resolved off-list. James is now engaging with his supplier.
For future reference:
On Sun, Jan 11, 2015 at 08:46:40AM -0600, Mike Hammett wrote:
> Is anyone maintaining a list of good, bad and ugly providers in terms
> of how seriously they take things they should like BCP38 and community
> support and whatever else that's quantifiable?
This list sheds some light on antispoofin
On Sun, Jan 11, 2015 at 09:58:12PM +0700, Roland Dobbins wrote:
>> 2. Protect yourself by having your upstream police Police UDP to some
>> baseline you are comfortable with.
>
> This will come back to haunt you, when the programmatically-generated
> attack traffic 'crowds out' the legitimate traf
On Sat, Aug 15, 2015 at 11:01:56PM +0530, Glen Kent wrote:
> Is there a paper or a presentation that discusses the drops in the core?
>
> If i were to break the total path into three legs -- the first, middle
> and the last, then are you saying that the probability of packet loss
> is perhaps 1/3
On Sun, Aug 16, 2015 at 08:00:55AM -0400, Patrick W. Gilmore wrote:
> On Aug 15, 2015, at 1:41 PM, Job Snijders wrote:
> > On Sat, Aug 15, 2015 at 11:01:56PM +0530, Glen Kent wrote:
>
> >> Is there a paper or a presentation that discusses the drops in the core?
> >>
On Tue, Sep 01, 2015 at 08:33:42AM -0700, Serge Vautour wrote:
> For those than run Internet connected routers, how do you get your
> NetFlow data from the routers to your collectors? Do you let the flow
> export traffic use the same links as your customer traffic to route
> back to central collect
On Fri, Sep 04, 2015 at 08:32:42AM -0500, Mike Hammett wrote:
> I'm not here to debate how awesome or poor ARIN's IRR is.
>
> I've created my first objects in there, verified they exist via the
> ARIN RR whois and seen them show up in IRR Explorer. How do I verify
> that I've actually done them a
Hi,
On Thu, Sep 10, 2015 at 05:08:14PM -, John Levine wrote:
> (I realize RIPE is not in North America, but we get a lot of traffic
> from their IP space.)
>
> When I try to contact whois.ripe.net (2001:67c:2e8:22::c100:687) or
> their REST server rest.db.ripe.net (2001:67c:2e8:22::c100:68e),
On Thu, Sep 10, 2015 at 10:53:01PM -0400, Tobin Burnham wrote:
> Does anyone know the status of Inerail (AS33031)?
No, but their NLNOG RING node is offline too: inerail01.ring.nlnog.net
> All of their ASNs and prefixes disappeared on 9/1/2015 according to
> http://bgp.he.net/AS33031
>
> All of t
Dear community,
As an extension to this useful IPv4 report, I'd love to receive a weekly
overview of what is going on in the IPv6-world.
Regardless of IPv6 deployment status or traffic volume, misconfigured or
unstable IPv6 networks can inflict pain on a global scale (affecting
IPv4 too).
The IP
Hi Bob,
On Tue, Sep 29, 2015 at 08:05:45AM -0700, Bob Evans wrote:
> This seems like a very good proper civil approach - maybe this or
> something like it ARIN might help promote and endorse as a benefit to
> the community ? Be nice if with the cash they did something simple
> like this and got al
On Thu, Oct 08, 2015 at 02:37:15PM -0700, Scott Berkman via NANOG wrote:
> Hello!
>
> Important message, please read
smells compromised, moderation flag has been enabled. don't click that
link, sorry.
Kind regards,
Job
(for the communications committee)
Ohai NANOG!
Many of you are probably familiar with "PeeringDB", one of the most
awesome resources for interconnection. :-)
What some of you might not realise, is that PeeringDB is evolving from a
bunch of php scripts into a real organisation with a board and
appropiate legal registrations! And as
Hey!
New message, please read <http://zoomincinema.in/year.php?r>
Job Snijders
On Mon, Oct 26, 2015 at 01:54:01PM +, Gavin Henry wrote:
> Anything to be done about all these?
Yes, it appears that even though the sender was blocked 30 hours ago or
so in mailman itself, there was still tons of pre-existing garbage in
the mailqueus which was flushed out over the last 30 hou
posts (which were made in a short time window),
> there were existing message queues that were not cleared in a
> timely basis.
>
> As Job Snijders (a fellow Communications Committee member) noted
> in an earlier post, we will be implementing some additional protection
> mecha
On Thu, Oct 29, 2015 at 08:42:31AM -0700, Mike wrote:
> Is there any DDoS mitigation service provider that can scrub traffic
> for an ISP network?
Yeah, plenty. A non-exhaustive list: Prolexic, Incapsula, Staminus or
Nexusguard. There is no lack of choice.
> I have an ASN and BGP and my own net
On Fri, Nov 06, 2015 at 09:38:52AM -0600, Andrew Duey wrote:
> Is anyone else seeing their routes leaked from AS9498 (BHARTI Airtel) in
> India?
>
> According to bgpmon.net they started leaking our Level 3 provided IP space
> at 2015-11-06 05:52 UTC. Oddly, they're not leaking our ARIN assigned I
On Tue, Dec 01, 2015 at 09:23:08PM +0200, Max Tulyev wrote:
> we got an issue today that announces from Cogent don't reach Hurricane
> Electric. HE support said that's a feature, not a bug.
>
> So we have splitted Internet again?
Was there ever an adjacency between 6939 and 174 in the IPv6 DFZ?
M
NANOG,
Rob Blokzijl, one of the founding fathers of the RIPE (and by extent,
internet as we know it in Europe), passed away yesterday. The links in
the email below offer more insight into his life and accomplishments.
Kind regards,
Job
- Forwarded message from Daniel Karrenberg
-
Dat
On Wed, Jan 20, 2016 at 01:32:11PM +0100, nanog-...@mail.com wrote:
> On Wednesday, January 20, 2016 Jared Mauch wrote:
> > I currently see around 56.4:1 with the timing of peaks the same in v4 and
> > v6.
> So that's more in line with AMS-IX (70G/4T) than Comcast/Swisscom
> then. AMS-IX:
> https:
On Wed, Jan 20, 2016 at 11:13:41PM +0900, Randy Bush wrote:
> > I propose the following axiom: the greater the distance over which a
> > packet is forwarded, the less likely it is to be an IPv6 packet.
>
> that is a hypothesis not an axiom [...]
Thanks.
> but an interesting hypothesis. how do y
On Thu, Jan 21, 2016 at 08:23:09AM +0900, Randy Bush wrote:
> > We could assert that the TTL is an indication of distance traveled.
>
> you might hypothesize it. but the wide variance in per-hop rtt would
> seem to belie that.
>
> > Maybe one should record the TTL and Address Family of all packe
On Thu, Jan 21, 2016 at 09:48:19AM +0900, Randy Bush wrote:
> > jokes aside, Its a hypothesis worth testing. It has qualities which
> > make it plausible.
> >
> > So please, between you, find a way to specify and test it!
>
> although the hypothesis has some intuitive appeal, how to test it is fa
On Thu, Jan 21, 2016 at 11:00:46PM +0900, Randy Bush wrote:
> > We know the GPS coordinates for each BGP next-hop in the network, and
> > traffic is sampled on ingress at the edge of the network and reported
> > to pmacct (*flow), which also receives a RR-style BGP feed for
> > correlation.
> >
>
On Thu, Jan 21, 2016 at 11:44:34PM +0900, Randy Bush wrote:
> > You can configure pmacct to specify on which properties of the received
> > flow data it should aggregate its output data, one could configure
> > pmacct to store data using the following primitives:
> >
> > ($timeperiod, $entrypo
On Sat, Jan 23, 2016 at 12:42:07AM -0500, Larry J. Blunk wrote:
> Service for the RADb whois protocol has now been restored. We were
> experiencing extensive DDOS activity directed at the whois service
> host(s).
The whois.radb.net IPv4 address changed earlier today, the new IP is
129.250.120.86.
On Wed, Jan 27, 2016 at 09:11:59AM -0500, jimmy keffer wrote:
> does ntt peer with he for ip6?
You can review sites like:
https://radar.qrator.net/as2914/ipv6-peerings#startDate=2015-10-10&endDate=2016-01-27&tab=current
or
http://bgp.he.net/AS2914#_peers6
to get a sense of what re
On Fri, Jan 29, 2016 at 10:51:05PM -0600, George Skorup wrote:
> Why doesn't Windstream have RTBH for their BGP customers? It cannot be
> impossible to implement.
vote with your wallet?
Dear John,
On Thu, Feb 04, 2016 at 08:15:29PM +, John Curran wrote:
> One of the concerns raised at a previous NANOG was with respect to the
> need for an RPKI relying parties to explicitly accept ARIN's relying
> party agreement (RPA) - note that this has now been changed (per the
> attached
On Mon, Feb 15, 2016 at 02:22:31PM +0530, Anurag Bhatia wrote:
> Very interesting. For how long does the record stays? :)
For about a day.
Kind regards,
Job
On Fri, Feb 19, 2016 at 01:31:06AM +, courtneysm...@comcast.net wrote:
> Can anyone point me to examples of using rtconfig to generate IOS-XR
> configs? Specifically prefix and as-path sets. My Google skills are
> coming up short. The man page for rtconfig does not mention IOS-XR but
> it is su
On Sat, Feb 27, 2016 at 12:18:16AM +0100, Baldur Norddahl wrote:
> I am currently using MRTG and RRD to make traffic graphs. I am
> searching for more modern alternatives that allows the user to
> dynamically zoom and scroll the timeline.
>
> Bonus points if the user can customize the graphs direc
On Mon, Feb 29, 2016 at 08:07:40PM +0530, sathish kumar Ippani wrote:
> This is off topic, i am posting request as i need some help in
> configuring obsrvium for RANCID and traffic polling.
This is indeed the wrong mailing-list.
Please direct your questions to http://observium.org/docs/mailinglis
Hi Kurt,
On Wed, Mar 09, 2016 at 11:26:35AM -0300, Kurt Kraut via NANOG wrote:
> I'm trying to convince my local Internet Exchange location (and it is not
> small, exceed 1 terabit per second on a daily basis) to adopt jumbo frames.
> For IPv6 is is hassle free, Path MTU Discovery arranges the max
Hi David,
On Wed, Mar 09, 2016 at 09:06:20PM +, David Soltero wrote:
> This is advance notice that there is a scheduled change to the IPv6
> addresses in the Root Zone for the L root-server, also known as
> L.ROOT-SERVERS.NET, which is administered by the ICANN.
>
> The current IP addresses f
On Mar 12, 2015 8:08 PM, "joel jaeggli" wrote:
>
> On 3/12/15 12:01 PM, Yardiel D. Fuentes wrote:
> > In the above page, the idea is to introduce a 100-th range for each
category and as the BCOPs. This way a 100th number range generally
identifies each of the categories we currently have. An examp
On Thu, Mar 26, 2015 at 11:26:07PM -0400, ML wrote:
> On 3/26/2015 6:20 PM, Nick Rose wrote:
> >While investigating the issue we did find that the noction appliance
> >stopped advertising the no export community string with its
> >advertisements which is why certain prefixes were also seen.
>
> Wo
On Sat, Mar 28, 2015 at 10:26:39AM -0500, Brandon Ewing wrote:
> On Wed, Nov 02, 2011 at 08:00:20PM -0600, Kevin Epperson wrote:
> > whois -h filtergen.level3.net "AS3356 -cp -v4v6"
>
> Digging up a (very) old thread here, apologies.
>
> Does anyone know if filtergen is going to support IPv6-leng
On Sat, Apr 04, 2015 at 07:43:52PM -, John Levine wrote:
> I get a cert good through Dec 31.
Yeah, seems to be fixed now.
Vurt:~ job$ echo QUIT | openssl s_client -verify 6 -connect smtp.gmail.com:465
-showcerts | openssl x509 -noout -dates
verify depth is 6
depth=2 /C=US/O=GeoTrust
On Thu, Apr 16, 2015 at 04:09:43PM -0400, valdis.kletni...@vt.edu wrote:
> On Thu, 16 Apr 2015 15:39:46 -0400, Christopher Morrow said:
> > you're asking your ISP or set of ISPs to 'stop forwarding me packets
> > from X and Y and Z'
> >
> > sure, why do we need a new special group and designation f
On Tue, Apr 21, 2015 at 03:42:46AM +0900, Randy Bush wrote:
> so how did you find it? i was wondering if i could find a useful
> atlas probe or nlring node, and how to find them.
There are no RING nodes in any of the verizon networks :-(
On Mon, Apr 20, 2015 at 08:57:58PM +0200, Robert Kisteleki wrote:
> About Ring: we're not authoritative -- I believe http://map.ring.nlnog.net/
> is.
I recommend our API: https://ring.nlnog.net/api/1.0/nodes
On Fri, May 15, 2015 at 10:19:56AM -0500, Mike Hammett wrote:
> What is out there for route optimization products? I can think of
> Noction (no inbound) or Internap FCP (old).
Are you sure that an 'optimizer' is the right solution for you, or for
those surrounding you (peers, upstreams)?
http://
On Fri, May 15, 2015 at 12:38:32PM -0500, Mike Hammett wrote:
> Sounds like multiple parties having improper route filters.
Filtering is a must. But even when doing the right thing, there could be
adverse side-effects when using an appliance which inserts fake,
more-specific paths into your netwo
On Mon, Jun 01, 2015 at 04:47:49PM -0500, Jason Bothe wrote:
> Could I please have a PeeringDB admin contact me off-list ?
Done!
Kind regards,
Job
[ Forwarding today's announcement, apologies for duplicates ]
---
Hi Everyone!
PeeringDB is rolling our the first major revision since its inception,
PeeringDB 2.0. This email will explain the basics, and how you can learn
more information if you are interested.
Future Communication
On Fri, Jun 12, 2015 at 11:09:34AM +0200, Tore Anderson wrote:
> I see tons of bogus routes show up with AS4788 in the path, and at
> least AS3549 is acceping them.
>
> E.g. for the RIPE NCC (193.0.0.0/21):
>
> [BGP/170] 00:20:29, MED 1000, localpref 150
> AS path: 3549 4788 128
On Fri, Jun 12, 2015 at 10:43:09AM +0100, Marty Strong via NANOG wrote:
> It *looks* like GBLX stopped accepting the leak.
I disagree. Since 08:44 UTC up until now (10:15) the DFZ has been a
radio-active wasteland with hordes of unwelcome announcements.
Kind regards,
Job
On Fri, Jun 12, 2015 at 12:18:38PM +0200, Job Snijders wrote:
> On Fri, Jun 12, 2015 at 10:43:09AM +0100, Marty Strong via NANOG wrote:
> > It *looks* like GBLX stopped accepting the leak.
>
> I disagree. Since 08:44 UTC up until now (10:15) the DFZ has been a
> radio-active was
On Fri, Jun 12, 2015 at 01:21:14PM +0200, Sebastian Wiesinger wrote:
> * Roland Dobbins [2015-06-12 12:57]:
> >
> > On 12 Jun 2015, at 17:46, Job Snijders wrote:
> >
> > > OK, as of now (~ 10:40) UTC things look normalised.
> >
> > Just got off the
On Fri, Jun 12, 2015 at 12:53:13PM -0300, jim deleskie wrote:
> Filtering has been a community issue since my days @ MCI being AS3561,
> often discussed not often enough acted one, I suspect the topic has come up
> at every "large" NSP I've worked at. Frequently someone complains its
> "hard" to f
On Sat, Jun 13, 2015 at 03:39:13PM -0500, Theodore Baschak wrote:
> If you want/need BGP, OpenBSD + OpenBGPD (with their bgplg
> cgi/restricted shell) is fairly easy to set up. You mesh the looking
> glass in like any other router in your system, and it gives you full
> visibility. I wrote a how-to
On Fri, Jun 12, 2015 at 08:25:40PM +, Jürgen Jaritsch wrote:
> This is the official [level3] feedback:
>
> [ ... ]
For completeness sake: here is what Telekom Malaysia published about the
issue:
Telekom Malaysia Berhad (TM) wishes to update on the service related
issue detected yeste
On Wed, Jun 17, 2015 at 05:07:25PM -0400, Luan Nguyen wrote:
> Is that safe to use [240.0.0.0/4] internally? Anyone using it? Just
> for NATTING on Cisco gears...
On Wed, Jun 17, 2015 at 06:30:04PM -0300, Eduardo Schoedler wrote:
> And what about 0.0.0.0/8?
On both counts: NO. I always assume pa
On Tue, Jun 30, 2015 at 10:22:38PM +0900, Matsuzaki Yoshinobu wrote:
> Randy Bush wrote
> >> A friend in AS58587 confirmed that this was caused by a configuration
> >> error - it seems like related to redistribution, and they already
> >> fixed that.
> >
> > 7007 all over again. do not redistrib
On Tue, Jun 30, 2015 at 09:44:12AM -0400, Joe Abley wrote:
> On 30 Jun 2015, at 9:41, Job Snijders wrote:
> >In addition to the BGP community scheme, outbound as-path filters could
> >help.
>
> I agree, but possibly not in the case of a redistribution loop.
>
>
On Tue, Jun 30, 2015 at 04:38:48PM +0200, Mark Tinka wrote:
> On 30/Jun/15 16:24, Job Snijders wrote:
> > In this specific situation, for a small to medium sized network, it
> > might be prudent to apply an outbound prefix-filter on all transit &
> > peering sessio
On Tue, Jun 30, 2015 at 10:53:45AM -0400, Sandra Murphy wrote:
> That sort of AS_PATH filtering would not have helped in this case.
> The AS originated the routes, it did not propagate an upstream route.
>
> So an AS_PATH filter to just its own AS would have passed these
> routes.
>
> You would n
On Wed, Jul 01, 2015 at 12:02:40AM +0200, Tore Anderson wrote:
> > I was thinking that when I posted yesterday.
> >
> > These were announcements from a peer, not customer routes.
> >
> > We are lowering our max prefix limits on many peers as a result of this.
> >
> > We are also going towards mo
301 - 400 of 518 matches
Mail list logo
