Re: Internet Core Routing - Ethernet
On Sat, 28 Sep 2002, Bob Martinez wrote: > 1. Why are you talking about vendors when you should be talking about > technology on this list. Just like the charters. I would recommend to > NANOG "if you disagree, say nay" that any post to NANOG with a vendor name > in it be sent to the vendor for comment before being posted to the list. > Just my 2 cents here. Operations has alot to do with experience with specific equipment, more so then it does abstracted conversations about theoretical configurations. There are abundant protocols that lack implementation. Many people believe they can instantiate an implementation by writing an RFC, or so you would get the impression by reading RFCs. Regarding "be sent to the vendor for comment before being posted", your question about "Does vendor Z have wire-speed X?" has produced outright lies for the last 10 years. There is *always* a catch to any such claims regarding routers. Take posts to NANOG with a grain of salt. There is a large range of experience. BTW, you listed a bunch of questions. Please post a specific one you want to know about. You might get it answered. +- H U R R I C A N E - E L E C T R I C -+ | Mike Leber Direct Internet Connections Voice 510 580 4100 | | Hurricane Electric Web Hosting Colocation Fax 510 580 4151 | | [EMAIL PROTECTED] http://www.he.net | +---+
Internet Core Routing - Ethernet
Folks, Recently there was a string about L3 Switches in the core. I really don't like this string because I belive it reflects NANOG in a very bad light and I'm going to speak up here. 1. Why are you talking about vendors when you should be talking about technology on this list. Just like the charters. I would recommend to NANOG "if you disagree, say nay" that any post to NANOG with a vendor name in it be sent to the vendor for comment before being posted to the list. Just my 2 cents here. 2. Ethernet is the technology. If you don't see it, you are blind. Let's talk about Internet core routing in those terms. Sure, all vendors suck, but some suck WAY more than others. I think we all know the names. I would love to be challenged on my knowledge of ethernet as a network engineer. I know way more than I ever did about token ring. Wake up. How many routes can vendor X support with IBGP Nailed Routes? What is the convergence time for 100,000 routes? Does vendor Z have wire-speed ACL,s, PBR, MPLS? 10GigE? How much does that cost? Does vendor Y have any reference customers? Let me see the video? How do I manage CAM? I think we all know who the strong vendors are. There are a few that will be around for awhile. Bobby _ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx
coxcable???
Any chance an engineer from Cox Cable can give me a call or message back. I'm seeing some odd routing problems between us. Scott
Re: layer 3 switch debate
On Fri, 27 Sep 2002, Richard A Steenbergen wrote: > On Fri, Sep 27, 2002 at 11:28:39AM +0200, Iljitsch van Beijnum wrote: > > Core routers typically don't do any filtering and the BGP setup (if any) > > is straightforward, so switch-like routers are good here. > May god have mercy on your core. Thank you. But what exactly necessitates devine leniency? You aren't taking my remarks to mean that it's a good idea to redistribute a full BGP view into an IGP, are you? What I'm getting at is a small setup where all transit and peering links are in the same location. The border routers at this location can inject a default into the IGP so the number of routes in the non-border routers stays nice and small.
Re: False-alarm generator
On Fri, 27 Sep 2002 [EMAIL PROTECTED] wrote: > If the government map is designed properly then it won't turn red unless > 75% of the ISP maps have turned red. If 75% of the ISPs have turned red, do you really need a multi-million dollar government monitoring system to tell you that? Just watch on BBC, CNN, MSNBC, FOXNEWS because its probably one of the top stories. Of course the (US, Chinese, German, etc) government wants to collect all information about everything, but how does does it actually help ISPs more than the monitoring and response systems ISPs already use? In reality most major ISPs today not only monitor their own network, but also monitor beacons in, on and through other providers' networks. The issue is not detecting when there is a "big" problem on the network. I've been able to figure out when there are problems on the network with a very small budget for years. The unsolved problem is communicating why there is a problem on the network. My concern with the NCS proposal is the NCS/NCC wants to detect unusual activity on the Internet. So ISPs are going to end up being tasked to respond to the NCS everytime someone in Washington thinks they saw a puddycat on the Internet. And as CAIDA will tell you, there is a lot of strange stuff on the Internet on a "normal" day.
JUNO.COM
Pardon the interruption of White noise on the channel.. But, if anyone clueful at JUNO.COM is abroad, please contact me offline. I now return you to the usual. Thanks In Advance!
Re: layer 3 switch debate
Does anyone know who is actually running "switches" in the core? The only example I'm aware of is Telocity, and I'm not sure if they are still doing that. They use(d?) Foundry gear. -- Charles Sprickman [EMAIL PROTECTED] On Fri, 27 Sep 2002, Stephen Sprunk wrote: > > Thus spake "ip dude" <[EMAIL PROTECTED]> > > so it is your opinion that a Catalyst 6509 (i.e. Layer 3 switch) is equivalent > to a 7206 or GSR? Of course, this is in regard to 'core' routing device in the > middle of a national IP network. This network in question just happens to > utilize a lot of GE LH interconnections. > > Different devices have different strengths and weaknesses; if they were > equivalent, one of them wouldn't exist. > > I personally have no opinion on whether a Catalyst 6500 makes a good "core > router" vs. a GSR. That depends on what best fits your technical and business > requirements, your staff's experience, the features available, other devices in > your network, etc. Nobody else can answer that question for you. > > S >
Re: layer 3 switch debate
Thus spake "ip dude" <[EMAIL PROTECTED]> > so it is your opinion that a Catalyst 6509 (i.e. Layer 3 switch) is equivalent to a 7206 or GSR? Of course, this is in regard to 'core' routing device in the middle of a national IP network. This network in question just happens to utilize a lot of GE LH interconnections. Different devices have different strengths and weaknesses; if they were equivalent, one of them wouldn't exist. I personally have no opinion on whether a Catalyst 6500 makes a good "core router" vs. a GSR. That depends on what best fits your technical and business requirements, your staff's experience, the features available, other devices in your network, etc. Nobody else can answer that question for you. S
Re: layer 3 switch debate
On Fri, Sep 27, 2002 at 11:28:39AM +0200, Iljitsch van Beijnum wrote: > > Core routers typically don't do any filtering and the BGP setup (if any) > is straightforward, so switch-like routers are good here. May god have mercy on your core. Or, to paraphrase Randy Bush, "I fully encourage my competitors to design their network this way." -- Richard A Steenbergen <[EMAIL PROTECTED]> http://www.e-gerbil.net/ras PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6)
Re: layer 3 switch debate
Since you are from Cisco...so it is your opinion that a Catalyst 6509 (i.e. Layer 3 switch) is equivalent to a 7206 or GSR? Of course, this is in regard to 'core' routing device in the middle of a national IP network. This network in question just happens to utilize a lot of GE LH interconnections. --- "Stephen Sprunk" <[EMAIL PROTECTED]> wrote: > >Thus spake "ip dude" <[EMAIL PROTECTED]> >> IP Community: >> >> When designing an all IP network requiring mostly Ethernet interfaces, the >logical conclusion is to specify layer 3 switches (instead of routers). The cost >per port and functionality requirements make a layer 3 switch the perfect >choice. However, the rule of thumb in the IP community is that routers are >superior to layer 3 switches and should be utilized instead, especially when >considering core type functionality. >> >> Does this rule of thumb still apply considering the modern layer 3 switches >available? If not, why? What makes a layer 3 switch sub-standard to a pure >router? Any quantitative analysis you could provide would be greatly >appreciated. > > >"switch" is a marketing term meaning fast, nothing more. Any device that >operates at Layer 3 is a router by definition. Therefore, "Layer 3 switch" >means "fast router". > >Now think about your question again. > >S _ Get your own free Ranch eMail and Classified Ads at http://cattletoday.com _ Select your own custom email address for FREE! Get [EMAIL PROTECTED] w/No Ads, 6MB, POP & more! http://www.everyone.net/selectmail?campaign=tag
Re: layer 3 switch debate
Thus spake "ip dude" <[EMAIL PROTECTED]> > IP Community: > > When designing an all IP network requiring mostly Ethernet interfaces, the logical conclusion is to specify layer 3 switches (instead of routers). The cost per port and functionality requirements make a layer 3 switch the perfect choice. However, the rule of thumb in the IP community is that routers are superior to layer 3 switches and should be utilized instead, especially when considering core type functionality. > > Does this rule of thumb still apply considering the modern layer 3 switches available? If not, why? What makes a layer 3 switch sub-standard to a pure router? Any quantitative analysis you could provide would be greatly appreciated. "switch" is a marketing term meaning fast, nothing more. Any device that operates at Layer 3 is a router by definition. Therefore, "Layer 3 switch" means "fast router". Now think about your question again. S
RE: Anybody on 64.0.0.0/8?
Thanks for all the responses, this list is great. We are all set now. Anything I can ever do for any of you, let me know. Time to apply LART :) -Patrick -- Patrick Muldoon, Network/Software Engineer INOC, LLC [EMAIL PROTECTED] My Other machine is your Linux Box > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of > Patrick Muldoon > Sent: Friday, September 27, 2002 10:35 AM > To: [EMAIL PROTECTED] > Subject: Anybody on 64.0.0.0/8? > > > If so, could you please contact me off-list, need to run a test from > outside our netblock. > > -Patrick > > -- > Patrick Muldoon, Network/Software Engineer > INOC, LLC > [EMAIL PROTECTED] > > (A)bort, (R)etry, (P)anic?
Anybody on 64.0.0.0/8?
If so, could you please contact me off-list, need to run a test from outside our netblock. -Patrick -- Patrick Muldoon, Network/Software Engineer INOC, LLC [EMAIL PROTECTED] (A)bort, (R)etry, (P)anic?
Re: False-alarm generator
Why do ISPs want to provide free consulting advice to debug why a government map turned red today? If it is like Zonealarm or Netmedic, most of the "alarms" are due to problems with the customer's application. If the government map is designed properly then it won't turn red unless 75% of the ISP maps have turned red. In other words, a proper national or international alarming system will average out the data from several ISPs according to some kind of weighting formula so that one or two red ISPs will only contribute to a light yellow indicator on a national scale. Although an aggregated flow of information from outage reports would be useful to a national Internet status monitoring group, it would be far more useful for every ISP to report a regular red-amber-or-green status. This is qualitative information that the national group could consolidate using a weighting system that rated each ISP according to how important their network is within the big picture. Yes, it is likely that there would be errors in the weighting system but as some experience is gained with the system, that weighting can be tuned. As far as NANOG is concerned, we could help by setting up systems to report overall health according to a consistent red-amber-or-green system and we could help by ensuring that we do have an outage list (or high level stream of trouble tickets) that could be offered to a national status monitoring group. We could also help by suggesting the weighting that should be applied to various ISP networks in calculating a national traffic light report on Internet health. I anyone is interested in discussing this further perhaps we could get together in Eugene to discuss it. -- Michael Dillon
Re: layer 3 switch debate
On Fri, 27 Sep 2002 08:54:03 BST, "Stephen J. Wilcox" said: > Most commonly seems to be interoperability, the switches do their own job fine > in their own isolated environment but they cant act as a "ISP router".. in my > experience then tend to have odd bugs and behave slightly unexpectedly when say > for example routing OSPF or BGP. As opposed to enterprise-class routers, which have their own odd bugs. ;) > Altho this is probably a chicken and egg - if > more people tried to use them perhaps the vendors would fix the code! IOS 12 isn't bug-free. msg05643/pgp0.pgp Description: PGP signature
The Cidr Report
This report has been generated at Fri Sep 27 20:32:43 2002 AEST. The report analyses the BGP Routing Table of the Route-Views router and generates a report on aggregation potential within the table. Check http://www.cidr-report.org for a current version of this report. Recent Table History Date PrefixesCIDR Agg 20-09-02121329 87082 21-09-02121481 87337 22-09-02121438 87731 23-09-02121323 87980 24-09-02121407 88246 25-09-02121566 88349 26-09-02121459 87822 27-09-02122059 87558 Possible Bogus Routes 7.1.1.0/30 AS12357 COMUNITEL Comunitel Global Autonomous System 10.5.5.0/30 AS11537 ABILENE University Corporation for Advanced Internet Development 10.11.11.0/30AS11537 ABILENE University Corporation for Advanced Internet Development 10.33.0.0/23 AS174 PSINET PSINet Inc. 10.33.8.0/24 AS174 PSINET PSINet Inc. 39.0.0.0/8 AS4554 EP0-BLK-ASNBLOCK-4 Exchange Point Blocks AS Summary 13979 Number of ASes in routing system 5289 Number of ASes announcing only one prefix 1816 Largest number of prefixes announced by an AS AS209 : ASN-QWEST Qwest 73220608 Largest address span announced by an AS (/32s) AS568 : SUMNET-AS DISO-UNRRA Aggregation Summary The algorithm used in this report proposes aggregation only when there is a precise match using the AS path, so as to preserve traffic transit policies. Aggregation is also proposed across non-advertised address space ('holes'). --- 27Sep02 --- ASnumNetsNow NetsAggr NetGain % Gain Description Table 121705873593434628.2% All ASes AS209 1816 1038 77842.8% ASN-QWEST Qwest AS3908 1124 621 50344.8% SUPERNETASBLK SuperNet, Inc. AS701 1786 1286 50028.0% ALTERNET-AS UUNET Technologies, Inc. AS2548 1586 1123 46329.2% ICIX-MD-AS Business Internet, Inc. AS7132 602 140 46276.7% SBIS-AS Southwestern Bell Internet Services AS7018 1359 959 40029.4% ATT-INTERNET4 AT&T WorldNet Services AS7843 711 341 37052.0% ADELPHIA-AS Adelphia Corp. AS1221 1304 938 36628.1% ASN-TELSTRA Telstra Pty Ltd AS4323 645 295 35054.3% TW-COMM Time Warner Communications, Inc. AS852756 458 29839.4% ASN852 Telus Advanced Communications AS6197 382 97 28574.6% BATI-ATL BellSouth Network Solutions, Inc AS7046 590 316 27446.4% UUNET-CUSTOMER UUNET Technologies, Inc. AS18566 2724 26898.5% COVAD Covad Communications AS174593 330 26344.4% PSINET PSINet Inc. AS4151 279 32 24788.5% USDA-1 USDA AS4355 382 144 23862.3% ERMS-EARTHLNK EARTHLINK, INC AS1 672 442 23034.2% GNTY-1 Genuity AS6347 397 170 22757.2% DIAMOND SAVVIS Communications Corporation AS4814 255 36 21985.9% CHINANET-BEIJING-AP China Telecom (Group)Beijing Telecom CompanyBeijing China AS705408 198 21051.5% ASN-ALTERNET UUNET Technologies, Inc. AS1580 210 11 19994.8% HQ, 5th Signal Command AS22927 215 20 19590.7% AR-TEAR2-LACNIC TELEFONICA DE ARGENTINA AS690517 324 19337.3% NSFNET-T3-RT-AS Merit Network Inc. AS1239 1110 930 18016.2% SprintLink Sprint AS2386 421 243 17842.3% INS-AS AT&T Data Communications Services AS3356 389 214 17545.0% LEVEL3 Level 3 Communications, LLC AS6595 232 60 17274.1% DODDSEUR DoD Education Activity Network Assistance Center AS1791 184 21 16388.6% SPRINTLINK3 Sprint Government
Re: layer 3 switch debate
On Fri, 27 Sep 2002, Stephen J. Wilcox wrote: > > When designing an all IP network requiring mostly Ethernet interfaces, the > > logical conclusion is to specify layer 3 switches (instead of routers). The > > cost per port and functionality requirements make a layer 3 switch the > > perfect choice. > First questions would be how large is this network in terms of interfaces and > traffic flows and how is it distributed. If its small use cheap L2 switches, if > its on one or a couple of sites with not many hosts why do you need L3 in there > at all, stick to L2.. Agree with the not many hosts part. You especially don't want customer hosts to connect directly to your layer 2 core because it gets very messy. But the main problem with layer 2 is that it handles redundant links so badly: spanning tree simply disables them. > If its larger and more distributed then you need to aggregate up anyway so I'd > imagine its cheaper to use plain L3 routers connecting the L2 LAN across > intersite WANs > Needs more quantifying to find any conclusion but I dont see that an "all IP > network" requires a L3 switch network! Presumably, you'll need at least one router (I mean a device configured to do layer 3 forwarding, whatever it may be called) to connect to your transit(s). > > However, the rule of thumb in the IP community is that routers are superior > > to layer 3 switches and should be utilized instead, especially when > > considering core type functionality. > I think we have a terminolgy issue here.. assuming a L3 switch is a device which > uses routing decisions to influence a switching process then you get this on > current Cisco routers.. the L3 makes the routing decision on the first packet in > the stream but then additional frames are switched. This is traditional "layer 4 (or multilayer) switching" or flow-based routing/switching. Be very careful with this because it can blow up in your face if there are very many new flows every second, which is typically the case for any serious level of WWW traffic. > But that aside I think you > mean what vendors call "L3 switches or L4 switches" which are like a L2 switch > but go into higher layer protocols to influence the switching decision and > perform other features most commonly load balancing. The terms are used so loosely these days that you really need to investigate and not infer functionality from the name alone. > > Does this rule of thumb still apply considering the modern layer 3 switches > > available? If not, why? What makes a layer 3 switch sub-standard to a pure > > router? Any quantitative analysis you could provide would be greatly > > appreciated. > Most commonly seems to be interoperability, the switches do their own job fine > in their own isolated environment but they cant act as a "ISP router".. in my > experience then tend to have odd bugs and behave slightly unexpectedly when say > for example routing OSPF or BGP. Altho this is probably a chicken and egg - if > more people tried to use them perhaps the vendors would fix the code! I've been running OSPF on a pretty old Extreme switch for years now in a small network (hand full of routers, several hundred routes) and no problems at all. I've had mixed reports on BGP on Extreme and Riverstone, but on Foundry it seems to work well for at least several people I've talked with. All of these boxes will route IP very fast and relatively cheap. If money is really tight, you could consider PC's running your favorite Unix flavor and Zebra. The functionality is fine, but the hard- and software fails more often so you need to put in more redundancy. Another good way to go would be just a couple of large Cisco or Juniper boxes for all the layer 3 stuff (limiting broadcast domains, filtering and routing protocols) and connect everything else using switches and VLANs. > > I realize your answer may depend on device position within the network. I am > > comparing a router to a layer 3 switch as a core routing device, an EBGP > > border router and access device. Remember, my network is comprised of mostly > > Ethernet interfaces (FW, GE) and the occasional DS1 and DS3 interface. Core routers typically don't do any filtering and the BGP setup (if any) is straightforward, so switch-like routers are good here. For access you need filtering, which many layer 2 switches won't do. Multilayer stuff is also good here, since it gives you many ports and good performance. If you don't want to have these boxes talk BGP to your customers you can simply backhaul BGP customer subnets over a VLAN to one or more "real" routers elsewhere. I wouldn't necessarily recommend routers with a switching heritage as border routers since this tends to stress the BGP implementations the most. In any case, you'll be taking the road less travelled so test your stuff real good before deployment.
Re: any known users of NetRange 172.16.0.0 - 172.31.255.255
at Friday, September 27, 2002 1:42 AM, hostmaster <[EMAIL PROTECTED]> was seen to say: > <[EMAIL PROTECTED]> Its a pretty common "leak" format. what usually happens is this. An internal mail server is running on a network using 1918 addressing, and is addressed by smtp by a user. The user identifies as a bare name (no @ sign) - using "MAIL FROM: hidden_user" and the mailler Reverse DNS looksup the IP address of the client, and appends that dns name (or the ip address if the rdns fails) your best bet is to look for the first recognisable mailserver in the chain, and forward a query to the postmaster of that mailserver - either it is one of his own internal systems doing this, or he is being used as a relay by a spammer. either way, he will probably want to know about it :)
Re: layer 3 switch debate
On Thu, 26 Sep 2002, ip dude wrote: > When designing an all IP network requiring mostly Ethernet interfaces, the > logical conclusion is to specify layer 3 switches (instead of routers). The > cost per port and functionality requirements make a layer 3 switch the > perfect choice. I dont see this logical conclusion? My home network is all ethernet and my Netgear hub does a fine job! First questions would be how large is this network in terms of interfaces and traffic flows and how is it distributed. If its small use cheap L2 switches, if its on one or a couple of sites with not many hosts why do you need L3 in there at all, stick to L2.. If its larger and more distributed then you need to aggregate up anyway so I'd imagine its cheaper to use plain L3 routers connecting the L2 LAN across intersite WANs Needs more quantifying to find any conclusion but I dont see that an "all IP network" requires a L3 switch network! > However, the rule of thumb in the IP community is that routers are superior > to layer 3 switches and should be utilized instead, especially when > considering core type functionality. I think we have a terminolgy issue here.. assuming a L3 switch is a device which uses routing decisions to influence a switching process then you get this on current Cisco routers.. the L3 makes the routing decision on the first packet in the stream but then additional frames are switched. But that aside I think you mean what vendors call "L3 switches or L4 switches" which are like a L2 switch but go into higher layer protocols to influence the switching decision and perform other features most commonly load balancing. > Does this rule of thumb still apply considering the modern layer 3 switches > available? If not, why? What makes a layer 3 switch sub-standard to a pure > router? Any quantitative analysis you could provide would be greatly > appreciated. Most commonly seems to be interoperability, the switches do their own job fine in their own isolated environment but they cant act as a "ISP router".. in my experience then tend to have odd bugs and behave slightly unexpectedly when say for example routing OSPF or BGP. Altho this is probably a chicken and egg - if more people tried to use them perhaps the vendors would fix the code! > I realize your answer may depend on device position within the network. I am > comparing a router to a layer 3 switch as a core routing device, an EBGP > border router and access device. Remember, my network is comprised of mostly > Ethernet interfaces (FW, GE) and the occasional DS1 and DS3 interface. Steve > > Any opinions would be great. > > Cheers! > > Asand Bijaka > > > _ > Get your own free Ranch eMail and Classified Ads at http://cattletoday.com > > _ > Select your own custom email address for FREE! Get [EMAIL PROTECTED] w/No Ads, 6MB, >POP & more! http://www.everyone.net/selectmail?campaign=tag >