Re: BGP and aggregation

2002-05-13 Thread PS 




On Mon, 13 May 2002, E.B. Dreger wrote:

 As long as this is getting messy... I'm tempted to suggest
 confederations.  Or spending a few extra bucks on a second ASN,
 although that doesn't scale.

Multiple ASNs wouldn't solve anything in this case.  What was wanted was
under normal circumstances both A and B only announce a /20, and when the
link between A and B breaks announce more specifics.  Multiple ASN =
inconsistent AS.. no no.



- Paul

DirecPC Engineering Contact

2002-05-13 Thread Heath_Dieckert 


Doesanybodyon the list 
workforDirecPCorhave 
anengineeringcontactatdirectPC.Ican'tbelievetheyaresellingnon-routableaddressesasanISP to the general 
public.Pleasereplyoffline.

Heath
Dieckert
Network
Engineer
Dell 
US
Internetworking 
Systems
512.723.5026

Re: BGP and aggregation

2002-05-13 Thread Austin Schutz 


On Mon, May 13, 2002 at 06:57:19AM -0400, PS wrote:
 
 
 
 On Mon, 13 May 2002, E.B. Dreger wrote:
 
  As long as this is getting messy... I'm tempted to suggest
  confederations.  Or spending a few extra bucks on a second ASN,
  although that doesn't scale.
 
 Multiple ASNs wouldn't solve anything in this case.  What was wanted was
 under normal circumstances both A and B only announce a /20, and when the
 link between A and B breaks announce more specifics.  Multiple ASN =
 inconsistent AS.. no no.
 

Not necessarily. If 'A' originates the aggregate route it can still be
transited via 'B', though with an additional AS hop. Not a perfect solution,
but then neither is running a gre tunnel.

Austin

Re: DirecPC Engineering Contact

2002-05-13 Thread Richard A Steenbergen 


On Mon, May 13, 2002 at 02:17:56PM -0500, [EMAIL PROTECTED] wrote:
 Does anybody on the list work for DirecPC or have an engineering contact at
 directPC.  I can't believe they are selling non-routable addresses as an ISP
 to the general public.  Please reply offline.

Believe it. More than a few people do (though I personally would not buy 
from them).

-- 
Richard A Steenbergen [EMAIL PROTECTED]   http://www.e-gerbil.net/ras
PGP Key ID: 0x138EA177  (67 29 D7 BC E8 18 3E DA  B2 46 B3 D8 14 36 FE B6)

CW outage in So. Florida

2002-05-13 Thread Mitch Halmu 


Cable  Wireless had an outage in South Florida approx. between
12:50 - 16:10 EDT today. Anoyone privy to details?

--Mitch
NetSide

Re: BGP and aggregation

2002-05-13 Thread Stephen Griffin 


In the referenced message, Ralph Doncaster said:
 
  BGP will discard any prefix with its own AS in the path, for loop
  prevention. Hence, one half of the AS would still be unable to
  reach the other half. This is why a partitioned AS is a failure
  condition. A tunnel is a means to keep the AS nonpartitioned.
 
 I was thinking of doing iBGP over my transit connections (with a couple 
 of static routes so the iBGP works) AND over my inter-city circuit.  Any
 reason why this won't work?
 
 -Ralph

The loss of igp metric will make it untenable at best. Do it over a
GRE tunnel, with your regular igp (isis, ospf, eigrp, or shudder rip).

default routes have their own problems which only treat the symptoms
of a partitioned as, rather than the problem.

Re: BGP and aggregation

2002-05-13 Thread Stephen Griffin 


In the referenced message, Austin Schutz said:
 
 On Mon, May 13, 2002 at 06:57:19AM -0400, PS wrote:
  
  Multiple ASNs wouldn't solve anything in this case.  What was wanted was
  under normal circumstances both A and B only announce a /20, and when the
  link between A and B breaks announce more specifics.  Multiple ASN =
  inconsistent AS.. no no.
  
 
   Not necessarily. If 'A' originates the aggregate route it can still be
 transited via 'B', though with an additional AS hop. Not a perfect solution,
 but then neither is running a gre tunnel.
 
   Austin

The only perfect solution is having multiple internal paths which are
resilient to simultaneous outage. Failing that, I've never had a problem
with GRE. Back in 1994-1997 or so, I used them a lot for disconnected
sites, much as someone else mentioned, across sprint. Worked great
and was certainly cheaper than interlata circuits.

Re: BGP and aggregation

2002-05-13 Thread Roger Marquis 


Scott Granados wrote:
 We set ospf
 internally, set up bgp for the announcements at each site and used the
 no-export tag for the more specifics.  Then gre tunnels:) for the
 internal.  It worked and I pushed probably 45 to 50mb over the internal
 loops or gre tunnels.  Not ideal but it worked.

Last time I tried this (IOS11.X to IOS11.X GRE) it was unreliable
due to MTU limits.  Certain websites (mainly financial) send large
packets and set DF.  This probably works around some security issue
but the result was that these SSL servers couldn't reach clients
over the GRE.

-- 
Roger Marquis
Roble Systems Consulting
http://www.roble.com/

Re: BGP and aggregation

2002-05-13 Thread Forrest W. Christian 


On Mon, 13 May 2002, Roger Marquis wrote:

 Last time I tried this (IOS11.X to IOS11.X GRE) it was unreliable
 due to MTU limits.  Certain websites (mainly financial) send large
 packets and set DF.  This probably works around some security issue
 but the result was that these SSL servers couldn't reach clients
 over the GRE.

We have seen the same issue in recent history.

Generally, we try to have most of the traffic not pass through a GRE
tunnel.  With some creative routing, we can pass the data back out to
our upstream which knows the more specific for that route.

That said, we do support /32 static dialups across our net - I.E. if you
have a /32 static on your dialup, you get the same /32 no matter where you
dialup.  These generally pass through the GRE tunnel as we only know of
them through OSPF through the GRE tunnel.

We have found that setting a mtu of roughly 1514 on the tunnel fixes this.
I think this forces the GRE encapsulation to frag the packets regardless
of the setting of the DF bit.  Whether the far end router reassembles
them or not I'm not sure about and haven't had the opportunity to stick a
packet sniffer on the far end to tell.   Regardless, it seems to fix the
broken sites. YMMV

- Forrest W. Christian ([EMAIL PROTECTED]) AC7DE
--
The Innovation Machine Ltd.  P.O. Box 5749
http://www.imach.com/Helena, MT  59604
Home of PacketFlux Technogies and BackupDNS.com (406)-442-6648
--
  Protect your personal freedoms - visit http://www.lp.org/

Re: BGP and aggregation

2002-05-13 Thread Ralph Doncaster 


  I was thinking of doing iBGP over my transit connections (with a couple 
  of static routes so the iBGP works) AND over my inter-city circuit.  Any
  reason why this won't work?
  
  -Ralph
 
 The loss of igp metric will make it untenable at best. Do it over a
 GRE tunnel, with your regular igp (isis, ospf, eigrp, or shudder rip).

As far as I can tell, GRE doesn't support fragmentation -
i.e. encapsulation of a 1500-byte IP packet that results in a GRE packet
larger than the interface MTU size.

-Ralph

Re: BGP and aggregation

2002-05-13 Thread Scott Granados 


set your mtu on your gre's to 1514

On Mon, 13 May 2002, Ralph Doncaster 
wrote:

 
   I was thinking of doing iBGP over my transit connections (with a couple 
   of static routes so the iBGP works) AND over my inter-city circuit.  Any
   reason why this won't work?
   
   -Ralph
  
  The loss of igp metric will make it untenable at best. Do it over a
  GRE tunnel, with your regular igp (isis, ospf, eigrp, or shudder rip).
 
 As far as I can tell, GRE doesn't support fragmentation -
 i.e. encapsulation of a 1500-byte IP packet that results in a GRE packet
 larger than the interface MTU size.
 
 -Ralph

RE: DirecPC Engineering Contact

2002-05-13 Thread Heath_Dieckert 


I can understand your lack of belief.  Imagine my surprise when I got 9
emails in response to my question and 15 questions about how to replicate my
sig.  LOL!!!  I've been laughing about that all day.

Who says engineers can't have a sense of humor.  If you met me somewhere
besides work, or even at work, you probably wouldn't think I was an
engineer.  But I am.

-Original Message-
From: Rik Thomas [mailto:[EMAIL PROTECTED]] 
Sent: Monday, May 13, 2002 8:08 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: DirecPC Engineering Contact

And I can't believe an engineer would know any better than to post
that signature.

Phone for Broadwing NOC?

2002-05-13 Thread Roy 



Anyone get a better phone number for the broadwing NOC?  The one I used
just left me on hold for 45 minutes.  Their repair number says to call
back during business hours.

Roy Engehausen

5.2 Earthquake in Northern California

2002-05-13 Thread Sameer R. Manek 


We just had a 5.2 magnitude earthquake at 10pm, it was centered SW of
Gilroy, CA. Cingular's network was peaked for a few minutes after the call,
presumably as everyone called friends/family. No reports of phone/power
outages yet.

Sameer

-
Sameer R. Manek   Email: [EMAIL PROTECTED]
What one has not experienced, one will never understand in print.
 --Isadora Duncan
-

Re: 5.2 Earthquake in Northern California

2002-05-13 Thread John Kinsella 


There's something on sfgate.com about phone service being out in SJ?  I
couldn't call out on cingular but could receive calls.

John

On Mon, May 13, 2002 at 10:25:19PM -0700, Sameer R. Manek wrote:
 
 We just had a 5.2 magnitude earthquake at 10pm, it was centered SW of
 Gilroy, CA. Cingular's network was peaked for a few minutes after the call,
 presumably as everyone called friends/family. No reports of phone/power
 outages yet.
 
 Sameer
 
 -
 Sameer R. Manek   Email: [EMAIL PROTECTED]
 What one has not experienced, one will never understand in print.
  --Isadora Duncan
 -