Re: FW: ISPs slowing P2P traffic...

[Mark Smith]

On Mon, 14 Jan 2008 18:43:12 -0500
William Herrin [EMAIL PROTECTED] wrote:

 
 On Jan 14, 2008 5:25 PM, Joe Greco [EMAIL PROTECTED] wrote:
   So users who rarely use their connection are more profitable to the ISP.
 
  The fat man isn't a welcome sight to the owner of the AYCE buffet.
 
 Joe,
 
 The fat man is quite welcome at the buffet, especially if he brings
 friends and tips well.

But the fat man isn't allowed to take up residence in the restaurant
and continously eat - he's only allowed to be there in bursts, like we
used to be able to assume people would use networks they're connected
to. Left running P2P is the fat man never leaving and never stopping
eating.

Regards,
Mark.

-- 

Sheep are slow and tasty, and therefore must remain constantly
 alert.
   - Bruce Schneier, Beyond Fear

Re: FW: ISPs slowing P2P traffic...

[Adrian Chadd]

On Tue, Jan 15, 2008, Mark Smith wrote:

 But the fat man isn't allowed to take up residence in the restaurant
 and continously eat - he's only allowed to be there in bursts, like we
 used to be able to assume people would use networks they're connected
 to. Left running P2P is the fat man never leaving and never stopping
 eating.

ffs, stop with the crappy analogies.

The internet is like a badly designed commodity network. Built increasingly
cheaper to deal with market pressures and unable to shift quickly to shifting
technologies.

Just like the telcos I recall everyone blasting when I was last actually
involved in networks bigger than a university campus.



Adrian

Re: FW: ISPs slowing P2P traffic...

[Brandon Galbraith]

On 1/15/08, Adrian Chadd [EMAIL PROTECTED] wrote:


 ffs, stop with the crappy analogies.

 The internet is like a badly designed commodity network. Built
 increasingly
 cheaper to deal with market pressures and unable to shift quickly to
 shifting
 technologies.

 Just like the telcos I recall everyone blasting when I was last actually
 involved in networks bigger than a university campus.

 Adrian


I think no matter what happens, it's going to be very interesting as Comcast
rolls out DOCSIS 3.0 (with speeds around 100-150Mbps possible), Verizon FIOS
expands it's offering (currently, you can get 50Mb/s down and 30Mb/sec up),
etc. If things are really as fragile as some have been saying, then the
bottlenecks will slowly make themselves apparent.

-brandon

Re: FW: ISPs slowing P2P traffic...

[Mikael Abrahamsson]

On Tue, 15 Jan 2008, Brandon Galbraith wrote:


I think no matter what happens, it's going to be very interesting as Comcast
rolls out DOCSIS 3.0 (with speeds around 100-150Mbps possible), Verizon FIOS


Well, according to wikipedia DOCSIS 3.0 gives 108 megabit/s upstream as 
opposed to 27 and 9 megabit/s for v2 and v1 respectively. That's not what 
I would call revolution as I still guess hundreds if not thousands of 
subscribers share those 108 megabit/s, right? Yes, fourfold increase but 
... that's still only factor 4.



expands it's offering (currently, you can get 50Mb/s down and 30Mb/sec up),
etc. If things are really as fragile as some have been saying, then the
bottlenecks will slowly make themselves apparent.


Upstream capacity will still be scarce on shared media as far as I can 
see.


--
Mikael Abrahamssonemail: [EMAIL PROTECTED]

ipflow/netflow appliance

[Stefan Hegger]

Hi,

thanks for all your answers it helped a lot, we will do a test with nProbe. 

Best Stefan
-- 
Stefan Hegger
Internet System Engineer

Lycos Europe GmbH
Carl-Bertelsmann Str. 29
Postfach 315
33312 Gütersloh 

Phone:
Tel: +49 5241 8071 334
Fax: +49 5241 80671 334
Mobile: +49 170 1892720

Sitz der Gesellschaft: Gütersloh
Amtsgericht Gütersloh, HRB 2157
Geschäftsführer: Christoph Mohn 

  http://www.lycos-europe.com/L/A/

Re: FW: ISPs slowing P2P traffic...

[Mark Smith]

On Tue, 15 Jan 2008 17:56:30 +0900
Adrian Chadd [EMAIL PROTECTED] wrote:

 
 On Tue, Jan 15, 2008, Mark Smith wrote:
 
  But the fat man isn't allowed to take up residence in the restaurant
  and continously eat - he's only allowed to be there in bursts, like we
  used to be able to assume people would use networks they're connected
  to. Left running P2P is the fat man never leaving and never stopping
  eating.
 
 ffs, stop with the crappy analogies.
 

They're accurate. No network, including the POTS, or the road
networks you drive your car on, are built to handle 100% concurrent use
by all devices that can access it. Data networks (for many, many years)
have been built on the assumption that the majority of attached devices
will only occasionally use it.

If you want to _guaranteed_ bandwidth to your house, 24x7, ask your
telco for the actual pricing for guaranteed Mbps - and you'll find that
the price per Mbps is around an order of magnitude higher than what
your residential or SOHO broadband Mbps is priced at. That because for
sustained load, the network costs are typically an order of magnitude
higher.

 The internet is like a badly designed commodity network. Built increasingly
 cheaper to deal with market pressures and unable to shift quickly to shifting
 technologies.
 

That's because an absolute and fundamental design assumption is
changing - P2P changes the traffic profile from occasional bursty
traffic to a constant load. I'd be happy to build a network that can
sustain high throughput P2P from all attached devices concurrently - it
isn't hard - but it's costly in bandwidth and equipment. I'm not
against the idea of P2P a lot, because it distributes load for popular
content around the network, rather than creating the slashdot effect.
It's the customers that are the problem - they won't pay $1000 per/Mbit
per month I'd need to be able to do it...

TCP is partly to blame. It attempts to suck up as much bandwidth as
available. That's great if you're attached to a network who's usage is
bursty, because if the network is idle, you get to use all it's
available capacity, and get the best network performance possible.
However, if your TCP is competing with everybody else's TCP, and you're
expecting idle network TCP performance - you'd better pony up money
for more total network bandwidth, or lower your throughput expectations.

Regards,
Mark.

-- 

Sheep are slow and tasty, and therefore must remain constantly
 alert.
   - Bruce Schneier, Beyond Fear

Re: Looking for geo-directional DNS service

[Hank Nussbacher]

At 12:14 AM 16-01-08 +1300, jamie baddeley wrote:

Yes, but that would require them to run a DNS server at each of their 4 
locations.  They do not want to run their own DNS.  They want it outsourced.


Thanks,
-Hank


Thought about anycasting? Broad as a barn door, but if you add health
checking of the services and  integrate that into what your DC router
announces you get closer to what you want.

jamie

On Tue, 2008-01-15 at 12:55 +0200, Hank Nussbacher wrote:
 I am looking for a commercial DNS service that provides
 geo-directionality.  Suppose I have 4 data centers scattered thruout the
 world and want users to hit the closest data center based on proximity
 checks (pings, TTLs, latency, load, etc.).  I know one can roll their
 own, using various geo-locational data from companies like Maxmind.  I am
 *not* interested in that.  I am *not* interested in applicances like the
 Cisco ACE GSS 4400 either (that do this as well):
 http://www.cisco.com/en/US/products/hw/contnetw/ps4162/

 What I am looking for is a commercial DNS service.

 Is the Akamai Edgescape service the closest to what I want:
 http://www.akamai.com/html/technology/products/edgescape.html
 Is anyone using it?  Can you recommend it?

 Another service I know about is the Ultradns (now Neustar) Directional DNS:
 http://www.neustarultraservices.biz/solutions/directionaldns.html
 But this service is based on statically defined IP responses at each of
 their 14 sites so there is no proximity checking done.

 Thanks,
 Hank

Looking for geo-directional DNS service

[Hank Nussbacher]

I am looking for a commercial DNS service that provides 
geo-directionality.  Suppose I have 4 data centers scattered thruout the 
world and want users to hit the closest data center based on proximity 
checks (pings, TTLs, latency, load, etc.).  I know one can roll their 
own, using various geo-locational data from companies like Maxmind.  I am 
*not* interested in that.  I am *not* interested in applicances like the 
Cisco ACE GSS 4400 either (that do this as well):

http://www.cisco.com/en/US/products/hw/contnetw/ps4162/

What I am looking for is a commercial DNS service.

Is the Akamai Edgescape service the closest to what I want:
http://www.akamai.com/html/technology/products/edgescape.html
Is anyone using it?  Can you recommend it?

Another service I know about is the Ultradns (now Neustar) Directional DNS:
http://www.neustarultraservices.biz/solutions/directionaldns.html
But this service is based on statically defined IP responses at each of 
their 14 sites so there is no proximity checking done.


Thanks,
Hank

Re: FW: ISPs slowing P2P traffic...

[Joe Greco]

 On Mon, 14 Jan 2008 18:43:12 -0500
 William Herrin [EMAIL PROTECTED] wrote:
  On Jan 14, 2008 5:25 PM, Joe Greco [EMAIL PROTECTED] wrote:
So users who rarely use their connection are more profitable to the ISP.
  
   The fat man isn't a welcome sight to the owner of the AYCE buffet.
  
  Joe,
  
  The fat man is quite welcome at the buffet, especially if he brings
  friends and tips well.
 
 But the fat man isn't allowed to take up residence in the restaurant
 and continously eat - he's only allowed to be there in bursts, like we
 used to be able to assume people would use networks they're connected
 to. Left running P2P is the fat man never leaving and never stopping
 eating.

Time to stop selling the always on connections, then, I guess, because
it is always on - not P2P - which is the fat man never leaving.  P2P
is merely the fat man eating a lot while he's there.

... JG
-- 
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again. - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.

Re: FW: ISPs slowing P2P traffic...

[David E. Smith]

Joe Greco wrote:


Time to stop selling the always on connections, then, I guess, because
it is always on - not P2P - which is the fat man never leaving.  P2P
is merely the fat man eating a lot while he's there.


As long as we're keeping up this metaphor, P2P is the fat man who says 
he's gonna get a job real soon but dude life is just SO HARD and crashes 
on your couch for three weeks until eventually you threaten to get the 
cops involved because he won't leave. Then you have to clean up 
thirty-seven half-eaten bags of Cheetos.


Every network has limitations, and I don't think I've ever seen a 
network that makes every single end-user happy with everything all the 
time. You could pipe 100Mbps full-duplex to everyone's door, and someone 
would still complain because they don't have gigabit access to lemonparty.


Whether those are limitations of the technology you chose, limitations 
in your budget, policy restrictions, whatever.


As long as you fairly disclose to your end-users what limitations and 
restrictions exist on your network, I don't see the problem.


David Smith
MVN.net

Re: BGP Filtering

[Jared Mauch]

On Tue, Jan 15, 2008 at 04:11:36PM -, Ben Butler wrote:
 As a transit consumer - why would I want to carry all this cr*p in my
 routing table, I would still be getting a BGP route to the larger prefix
 anyway - let my transit feeds sort out which route they use  traffic
 engineering.

Well, you could always just take Customer routes from
each of your providers (since you're running BGP I presume
you're actually multihomed and not adding to the pollution)
and point default at one/both providers for the other networks
(or take default from one or both of them).

- jared

-- 
Jared Mauch  | pgp key available via finger from [EMAIL PROTECTED]
clue++;  | http://puck.nether.net/~jared/  My statements are only mine.

BGP Filtering

[Ben Butler]

Hi,

Considering:

http://thyme.apnic.net

Total number of prefixes smaller than registry allocations:  113220
!

/20:17046   /21:16106   /22:20178   /23:21229   /24:126450

That is saying to me that a significant number of these smaller prefixes
are due to de-aggregation of PA and not PI announcements.

My question is - how can I construct a filter / route map that will
filter out any more specific prefixes where a less specific one exists
in the BGP table.

If my above conclusion is correct a significant portion ~47% of the
number of the prefixes in the table could be argued to be very
unnecessary at one level or another.

Is such a filter possible easily or would it have to be explicitly
declared, any chance of a process the automatically tracks and publishes
a list of offending specifics similar to Team Cymru's Bogon BGP feed.

As a transit consumer - why would I want to carry all this cr*p in my
routing table, I would still be getting a BGP route to the larger prefix
anyway - let my transit feeds sort out which route they use  traffic
engineering.

Thoughts anyone? 


Kind Regards

Ben

RE: BGP Filtering

[Ben Butler]

Hi,

Default wont work - I do care about my transit providers network
becoming partitioned or IXPs having problems or fiber cuts etc etc

So I need my router to see all the reachability of a prefix in BGP so
that my router knows which transit to send it to.

Defaults wont work because a routing decision has to be made, my transit
originating a default or me pointing a default at them does not
guarantee the reachability of all prefixes..

But if I can see the /19 in the table, do I care about a load of /24s
because the whole of the /19 should be reachable as the origin AS is
announcing it somewhere in their network and it is being received my a
transit so should be reachable.

Ok, I can dream up a few emergencies where it might be helpful to pin a
/24 as well as the /19 - but I am sure there aren't 100K+ emergencies
happening continuously in the route table and it is on the whole general
whatever because there is no incentive to stop de-aggregating once you
have started.

If they are only announcing the de-aggregated /24s and no summary /19
then my question doesn't apply as I only want to drop the more specifics
where a less specific exists.

I am struggling to see a defensible position for why just shy of 50% of
all routes appears to be mostly comprised of de-aggregated routes when
aggregation is one of the aims RIRs make the LIRs strive to achieve.  If
we cant clean the mess up because there is no incentive than cant I
simply ignore the duplicates.

Regards

Ben 

-Original Message-
From: Jared Mauch [mailto:[EMAIL PROTECTED] 
Sent: 15 January 2008 16:19
To: Ben Butler
Cc: nanog@merit.edu
Subject: Re: BGP Filtering

On Tue, Jan 15, 2008 at 04:11:36PM -, Ben Butler wrote:
 As a transit consumer - why would I want to carry all this cr*p in my 
 routing table, I would still be getting a BGP route to the larger 
 prefix anyway - let my transit feeds sort out which route they use  
 traffic engineering.

Well, you could always just take Customer routes from each of
your providers (since you're running BGP I presume you're actually
multihomed and not adding to the pollution) and point default at
one/both providers for the other networks (or take default from one or
both of them).

- jared

--
Jared Mauch  | pgp key available via finger from [EMAIL PROTECTED]
clue++;  | http://puck.nether.net/~jared/  My statements are only
mine.

RE: BGP Filtering

[Ben Butler]

Hi Jason,

Fantastic news, it is possible.  We are using Cisco - would you be so
kind as to give me a clue into which bit of Cisco's website you would
like me to read as I have already read the bits I suspected might tell
me how to do this but have guessed wrong / the documentation hasn't
helped - so a handy pointer would be appreciated.

Kind Regards

Ben 

-Original Message-
From: Jason Dearborn [mailto:[EMAIL PROTECTED] 
Sent: 15 January 2008 16:35
To: Ben Butler
Subject: Re: BGP Filtering

That's typically a function of your router software.  Juniper, Force10,
and Cisco all have support for this.  Check your manual.

On Jan 15, 2008 8:11 AM, Ben Butler [EMAIL PROTECTED] wrote:

 Hi,

 Considering:

 http://thyme.apnic.net

 Total number of prefixes smaller than registry allocations:
113220
 !

 /20:17046   /21:16106   /22:20178   /23:21229   /24:126450

 That is saying to me that a significant number of these smaller 
 prefixes are due to de-aggregation of PA and not PI announcements.

 My question is - how can I construct a filter / route map that will 
 filter out any more specific prefixes where a less specific one exists

 in the BGP table.

 If my above conclusion is correct a significant portion ~47% of the 
 number of the prefixes in the table could be argued to be very 
 unnecessary at one level or another.

 Is such a filter possible easily or would it have to be explicitly 
 declared, any chance of a process the automatically tracks and 
 publishes a list of offending specifics similar to Team Cymru's Bogon
BGP feed.

 As a transit consumer - why would I want to carry all this cr*p in my 
 routing table, I would still be getting a BGP route to the larger 
 prefix anyway - let my transit feeds sort out which route they use  
 traffic engineering.

 Thoughts anyone?


 Kind Regards

 Ben

Level 3 (3356) issues?

[David Hubbard]

Just curious if anyone is seeing issues with Level 3
right now?  Our session is still up but we can't 
see any outside routes through them currently.  I'm
guessing by the fact that I've been on hold for 25
minutes that I'm not the only one having an issue with
them but wanted to double check.

Thanks,

David

RE: BGP Filtering

[Mike Walter]

Ben,
Look here.  They show an example of prefix filtering on the 128.0.0.0/8
network.  I would assume you could extrapolate and come up with your own
rule.

http://www.cisco.com/en/US/docs/ios/12_0/np1/configuration/guide/1cbgp.h
tml#wp7487 


Mike Walter, MCP
Systems Administrator
3z.net a PCD Company
http://www.3z.net

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Ben Butler
Sent: Tuesday, January 15, 2008 11:45 AM
To: nanog@merit.edu
Subject: RE: BGP Filtering


Hi Jason,

Fantastic news, it is possible.  We are using Cisco - would you be so
kind as to give me a clue into which bit of Cisco's website you would
like me to read as I have already read the bits I suspected might tell
me how to do this but have guessed wrong / the documentation hasn't
helped - so a handy pointer would be appreciated.

Kind Regards

Ben 

-Original Message-
From: Jason Dearborn [mailto:[EMAIL PROTECTED] 
Sent: 15 January 2008 16:35
To: Ben Butler
Subject: Re: BGP Filtering

That's typically a function of your router software.  Juniper, Force10,
and Cisco all have support for this.  Check your manual.

On Jan 15, 2008 8:11 AM, Ben Butler [EMAIL PROTECTED] wrote:

 Hi,

 Considering:

 http://thyme.apnic.net

 Total number of prefixes smaller than registry allocations:
113220
 !

 /20:17046   /21:16106   /22:20178   /23:21229   /24:126450

 That is saying to me that a significant number of these smaller 
 prefixes are due to de-aggregation of PA and not PI announcements.

 My question is - how can I construct a filter / route map that will 
 filter out any more specific prefixes where a less specific one exists

 in the BGP table.

 If my above conclusion is correct a significant portion ~47% of the 
 number of the prefixes in the table could be argued to be very 
 unnecessary at one level or another.

 Is such a filter possible easily or would it have to be explicitly 
 declared, any chance of a process the automatically tracks and 
 publishes a list of offending specifics similar to Team Cymru's Bogon
BGP feed.

 As a transit consumer - why would I want to carry all this cr*p in my 
 routing table, I would still be getting a BGP route to the larger 
 prefix anyway - let my transit feeds sort out which route they use  
 traffic engineering.

 Thoughts anyone?


 Kind Regards

 Ben

RE: Level 3 (3356) issues?

[Paul Stewart]

No issues here full feed coming in and no issues getting out (that
have been noticed so far)

  2 so-8-0.hsa1.Detroit1.Level3.net (166.90.248.1) [AS 3356] 12 msec 8
msec 12 msec
  3 so-4-3-0.mp1.Detroit1.Level3.net (4.68.115.1) [AS 3356] 12 msec 12
msec 8 msec
  4 as-4-0.bbr2.NewYork1.Level3.net (64.159.0.238) [AS 3356] 36 msec
ae-0-0.bbr1.NewYork1.Level3.net (64.159.1.41) [AS 3356] 40 msec 36
msec
  5 ae-4-99.edge6.NewYork1.Level3.net (4.68.16.202) [AS 3356] 36 msec
ae-3-89.edge6.NewYork1.Level3.net (4.68.16.138) [AS 3356] 36 msec
ae-1-69.edge6.NewYork1.Level3.net (4.68.16.10) [AS 3356] 36 msec
  6 pop2-nye-P5-0.atdn.net (66.185.137.209) [AS 1668] 40 msec 40 msec 36
msec
  7 bb1-nye-P1-0.atdn.net (66.185.151.64) [AS 1668] 40 msec 36 msec 40
msec
  8 bb2-ash-P13-0.atdn.net (66.185.152.87) [AS 1668] 36 msec 36 msec 40
msec
  9 pop1-ash-S1-1-0.atdn.net (66.185.144.35) [AS 1668] 40 msec 36 msec
36 msec
 10 dar1-mtc-S0-0-0.atdn.net (66.185.148.222) [AS 1668] 40 msec
dar1-mtc-S1-2-0.atdn.net (66.185.152.105) [AS 1668] 40 msec 40 msec

Take care,


Paul Stewart
Senior Network Administrator
Nexicom
5 King St. E., Millbrook, ON, LOA 1GO
Phone: 705-932-4127
Web: http://www.nexicom.net
Nexicom - Connected. Naturally.



-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
David Hubbard
Sent: Tuesday, January 15, 2008 11:45 AM
To: nanog@merit.edu
Subject: Level 3 (3356) issues?


Just curious if anyone is seeing issues with Level 3
right now?  Our session is still up but we can't
see any outside routes through them currently.  I'm
guessing by the fact that I've been on hold for 25
minutes that I'm not the only one having an issue with
them but wanted to double check.

Thanks,

David






The information transmitted is intended only for the person or entity to which 
it is addressed and contains confidential and/or privileged material. If you 
received this in error, please contact the sender immediately and then destroy 
this transmission, including all attachments, without copying, distributing or 
disclosing same. Thank you.

Re: Level 3 (3356) issues?

[Mike Lyon]

Our DS3 here in Cupertino, Ca seems to be working flawless

-Mike


On Jan 15, 2008 8:44 AM, David Hubbard [EMAIL PROTECTED] wrote:

 Just curious if anyone is seeing issues with Level 3
 right now?  Our session is still up but we can't
 see any outside routes through them currently.  I'm
 guessing by the fact that I've been on hold for 25
 minutes that I'm not the only one having an issue with
 them but wanted to double check.

 Thanks,

 David

Re: BGP Filtering

[Joe Abley]

On 15-Jan-2008, at 11:40, Ben Butler wrote:

Defaults wont work because a routing decision has to be made, my  
transit

originating a default or me pointing a default at them does not
guarantee the reachability of all prefixes..


Taking a table that won't fit in RAM similarly won't guarantee  
reachability of anything :-)


Filter on assignment boundaries and supplement with a default. That  
ought to mean that you have a reasonable shot at surviving de-peering/ 
partitioning events, and the defaults will pick up the slack in the  
event that you don't.


For extra credit, supplement with a bunch of null routes for bogons so  
packets with bogon destination addresses don't leave your network, and  
maybe make exceptions for golden prefixes.


I am struggling to see a defensible position for why just shy of 50%  
of

all routes appears to be mostly comprised of de-aggregated routes when
aggregation is one of the aims RIRs make the LIRs strive to  
achieve.  If

we cant clean the mess up because there is no incentive than cant I
simply ignore the duplicates.


You can search the archives I'm sure for more detailed discussion of  
this. However, you can't necessarily always attribute the presence of  
covered prefixes to incompetence.



Joe

Re: Looking for geo-directional DNS service

[Bill Woodcock]

  On Tue, 15 Jan 2008, Hank Nussbacher wrote:
 The Ultradns (now Neustar) Directional DNS service is based on 
 statically defined IP responses at each of their 14 sites so there 
 is no proximity checking done.

Yes, and that's how anycast works: it directs traffic to the 
_topologically nearest_ server.  So as long as there's a DNS server 
topologically near your data server, your users will get the topologically 
nearest of your servers.  Which is why so many content folks _do_ roll 
their own: to ensure fate-sharing between the DNS traffic which 
effectively selects the data server, and the eventual data traffic.

If you're doing things on the Internet, instead of the physical world, 
topological distance is presumably of much greater interest than whatever 
geographic proximity may coincidentally obtain.

-Bill

RE: BGP Filtering

[Ben Butler]

Hi,

I might be being slow, or you might not understand my question - I am
not sure it has been a long day.

I want a filter that will automatically match the shorter prefixes that
match any longer prefix, once I can match them I can drop them.
I don't want to manually configure a static prefix list for lots and
lots and lots of reasons.
If the longer prefix disappears from the route table I want to stop
filtering the shorter prefixes - automatically.

-Original Message-
From: Mike Walter [mailto:[EMAIL PROTECTED] 
Sent: 15 January 2008 16:52
To: Ben Butler; nanog@merit.edu
Subject: RE: BGP Filtering

Ben,
Look here.  They show an example of prefix filtering on the 128.0.0.0/8
network.  I would assume you could extrapolate and come up with your own
rule.

http://www.cisco.com/en/US/docs/ios/12_0/np1/configuration/guide/1cbgp.h
tml#wp7487 


Mike Walter, MCP
Systems Administrator
3z.net a PCD Company
http://www.3z.net

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Ben Butler
Sent: Tuesday, January 15, 2008 11:45 AM
To: nanog@merit.edu
Subject: RE: BGP Filtering


Hi Jason,

Fantastic news, it is possible.  We are using Cisco - would you be so
kind as to give me a clue into which bit of Cisco's website you would
like me to read as I have already read the bits I suspected might tell
me how to do this but have guessed wrong / the documentation hasn't
helped - so a handy pointer would be appreciated.

Kind Regards

Ben 

-Original Message-
From: Jason Dearborn [mailto:[EMAIL PROTECTED]
Sent: 15 January 2008 16:35
To: Ben Butler
Subject: Re: BGP Filtering

That's typically a function of your router software.  Juniper, Force10,
and Cisco all have support for this.  Check your manual.

On Jan 15, 2008 8:11 AM, Ben Butler [EMAIL PROTECTED] wrote:

 Hi,

 Considering:

 http://thyme.apnic.net

 Total number of prefixes smaller than registry allocations:
113220
 !

 /20:17046   /21:16106   /22:20178   /23:21229   /24:126450

 That is saying to me that a significant number of these smaller 
 prefixes are due to de-aggregation of PA and not PI announcements.

 My question is - how can I construct a filter / route map that will 
 filter out any more specific prefixes where a less specific one exists

 in the BGP table.

 If my above conclusion is correct a significant portion ~47% of the 
 number of the prefixes in the table could be argued to be very 
 unnecessary at one level or another.

 Is such a filter possible easily or would it have to be explicitly 
 declared, any chance of a process the automatically tracks and 
 publishes a list of offending specifics similar to Team Cymru's Bogon
BGP feed.

 As a transit consumer - why would I want to carry all this cr*p in my 
 routing table, I would still be getting a BGP route to the larger 
 prefix anyway - let my transit feeds sort out which route they use  
 traffic engineering.

 Thoughts anyone?


 Kind Regards

 Ben

RE: FW: ISPs slowing P2P traffic...

[Geo.]

 As long as we're keeping up this metaphor, P2P is the fat man who says

Guys, according to wikipedia over 70 million people fileshare
http://en.wikipedia.org/wiki/Ethics_of_file_sharing

That's not the fat man, that's a significant portion of the market.

Demand is changing, meet the new needs or die at the hands of your
customers. It's not like you have a choice.

The equipment makers need to recognize that it's no longer a one size fits
all world (where download is the most critical) but instead that the
hardware needs to adjust the available bandwidth to accomodate the direction
data is flowing at that particular moment. Hopefully some of them monitor
this list and are getting ideas for the next generation of equipment.

George Roettger
Netlink Services

RE: BGP Filtering

[Ben Butler]

Hi,

Agreed that is why I have lots of RAM - doesn't mean I should carry on
upgrading my tower of babble though to make it ever higher and higher if
there is a better way of doing things.

I still don't see how a default route to a portioned pop is going to
help in the slightest - you are saved by getting the prefixes from an
alternate transit and the default doesn't get used.  Where is does help
is to capture anything which has been filtered out completely and then
there is no prefix from the alternate transit provider anyway - so
whichever default gets used and takes its chances.

Bogons - obviously.

My question was if what I was asking was possible.

Kind Regards

Ben


-Original Message-
From: Joe Abley [mailto:[EMAIL PROTECTED] 
Sent: 15 January 2008 17:07
To: Ben Butler
Cc: nanog@merit.edu
Subject: Re: BGP Filtering


On 15-Jan-2008, at 11:40, Ben Butler wrote:

 Defaults wont work because a routing decision has to be made, my 
 transit originating a default or me pointing a default at them does 
 not guarantee the reachability of all prefixes..

Taking a table that won't fit in RAM similarly won't guarantee
reachability of anything :-)

Filter on assignment boundaries and supplement with a default. That
ought to mean that you have a reasonable shot at surviving de-peering/
partitioning events, and the defaults will pick up the slack in the
event that you don't.

For extra credit, supplement with a bunch of null routes for bogons so
packets with bogon destination addresses don't leave your network, and
maybe make exceptions for golden prefixes.

 I am struggling to see a defensible position for why just shy of 50% 
 of all routes appears to be mostly comprised of de-aggregated routes 
 when aggregation is one of the aims RIRs make the LIRs strive to 
 achieve.  If we cant clean the mess up because there is no incentive 
 than cant I simply ignore the duplicates.

You can search the archives I'm sure for more detailed discussion of
this. However, you can't necessarily always attribute the presence of
covered prefixes to incompetence.


Joe

RE: Level 3 (3356) issues?

[David Hubbard]

Looks like this was localized to Tampa.  I've received
emails from two other people connected through Tampa, like us,
who were having the same issues.  I finally got TCAM on the
phone after about an hour.  They have a master ticket for a
failure of three DLM modules lasting 47 minutes but it is
showing believed to be resolved via reset but they have not
yet diagnosed the cause.

David

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On 
 Behalf Of David Hubbard
 Sent: Tuesday, January 15, 2008 11:45 AM
 To: nanog@merit.edu
 Subject: Level 3 (3356) issues?
 
 
 Just curious if anyone is seeing issues with Level 3
 right now?  Our session is still up but we can't 
 see any outside routes through them currently.  I'm
 guessing by the fact that I've been on hold for 25
 minutes that I'm not the only one having an issue with
 them but wanted to double check.
 
 Thanks,
 
 David
 
 

Re: Looking for geo-directional DNS service

[Patrick W. Gilmore]

On Jan 15, 2008, at 12:00 PM, Bill Woodcock wrote:

 On Tue, 15 Jan 2008, Hank Nussbacher wrote:

The Ultradns (now Neustar) Directional DNS service is based on
statically defined IP responses at each of their 14 sites so there
is no proximity checking done.


Yes, and that's how anycast works: it directs traffic to the
_topologically nearest_ server.  So as long as there's a DNS server
topologically near your data server, your users will get the  
topologically

nearest of your servers.  Which is why so many content folks _do_ roll
their own: to ensure fate-sharing between the DNS traffic which
effectively selects the data server, and the eventual data traffic.

If you're doing things on the Internet, instead of the physical world,
topological distance is presumably of much greater interest than  
whatever

geographic proximity may coincidentally obtain.


Except Hank is asking for true topological distance (latency /  
throughput / packetloss).


Anycast gives you BGP distance, not topological distance.

Say I'm in Ashburn and peer directly with someone in Korea where he  
has a node (1 AS hop), but I get to his node in Ashburn through my  
transit provider (2 AS hops), guess which node anycast will pick?


--
TTFN,
patrick

Re: BGP Filtering

[Dave Israel]

Ben,

 I think I understand what you want, and you don't want it.  If you 
receive a route for, say, 204.91.0.0/16,  204.91.0.0/17, and 
204.91.128.0/17, you want to drop the /17s and just care about the /16.  
But a change in topology does not generally result in a complete update 
of the BGP table.  Route changes result in route adds and draws, not a 
flood event.  So if you forgot about the /17s and just kept the /16, and 
the /16 was subsequently withdrawn, your router would not magically 
remember that it had /17s to route to as well.  You'd drop traffic, 
unless you had a default, in which case you'd just route it suboptimally.


-Dave


Ben Butler wrote:

Hi,

Agreed that is why I have lots of RAM - doesn't mean I should carry on
upgrading my tower of babble though to make it ever higher and higher if
there is a better way of doing things.

I still don't see how a default route to a portioned pop is going to
help in the slightest - you are saved by getting the prefixes from an
alternate transit and the default doesn't get used.  Where is does help
is to capture anything which has been filtered out completely and then
there is no prefix from the alternate transit provider anyway - so
whichever default gets used and takes its chances.

Bogons - obviously.

My question was if what I was asking was possible.

Kind Regards

Ben


-Original Message-
From: Joe Abley [mailto:[EMAIL PROTECTED] 
Sent: 15 January 2008 17:07

To: Ben Butler
Cc: nanog@merit.edu
Subject: Re: BGP Filtering


On 15-Jan-2008, at 11:40, Ben Butler wrote:

  
Defaults wont work because a routing decision has to be made, my 
transit originating a default or me pointing a default at them does 
not guarantee the reachability of all prefixes..



Taking a table that won't fit in RAM similarly won't guarantee
reachability of anything :-)

Filter on assignment boundaries and supplement with a default. That
ought to mean that you have a reasonable shot at surviving de-peering/
partitioning events, and the defaults will pick up the slack in the
event that you don't.

For extra credit, supplement with a bunch of null routes for bogons so
packets with bogon destination addresses don't leave your network, and
maybe make exceptions for golden prefixes.

  
I am struggling to see a defensible position for why just shy of 50% 
of all routes appears to be mostly comprised of de-aggregated routes 
when aggregation is one of the aims RIRs make the LIRs strive to 
achieve.  If we cant clean the mess up because there is no incentive 
than cant I simply ignore the duplicates.



You can search the archives I'm sure for more detailed discussion of
this. However, you can't necessarily always attribute the presence of
covered prefixes to incompetence.


Joe
  

Re: FW: ISPs slowing P2P traffic...

[Joe Greco]

 Joe Greco wrote:
  Time to stop selling the always on connections, then, I guess, because
  it is always on - not P2P - which is the fat man never leaving.  P2P
  is merely the fat man eating a lot while he's there.
 
 As long as we're keeping up this metaphor, P2P is the fat man who says 
 he's gonna get a job real soon but dude life is just SO HARD and crashes 
 on your couch for three weeks until eventually you threaten to get the 
 cops involved because he won't leave. Then you have to clean up 
 thirty-seven half-eaten bags of Cheetos.

I have no idea what the networking equivalent of thirty-seven half-eaten
bags of Cheetos is, can't even begin to imagine what the virtual equivalent
of my couch is, etc.  Your metaphor doesn't really make any sense to me,
sorry.

Interestingly enough, we do have a pizza-and-play place a mile or two
from the house, you pay one fee to get in, then quarters (or cards or
whatever) to play games - but they have repeatedly answered that they
are absolutely and positively fine with you coming in for lunch, and 
staying through supper.  And we have a discount card, which they used
to give out to local businesspeople for business lunches, on top of it.

 Every network has limitations, and I don't think I've ever seen a 
 network that makes every single end-user happy with everything all the 
 time. You could pipe 100Mbps full-duplex to everyone's door, and someone 
 would still complain because they don't have gigabit access to lemonparty.

Certainly.  There will be gigabit in the future, but it isn't here (in
the US) just yet.  That has very little to do with the deceptiveness
inherent in selling something when you don't intend to actually provide
what you advertised.

 Whether those are limitations of the technology you chose, limitations 
 in your budget, policy restrictions, whatever.
 
 As long as you fairly disclose to your end-users what limitations and 
 restrictions exist on your network, I don't see the problem.

You've set out a qualification that generally doesn't exist.  For example,
this discussion included someone from a WISP, Amplex, I believe, that 
listed certain conditions of use on their web site, and yet it seems like
they're un{willing,able} (not assigning blame/fault/etc here) to deliver
that level of service, and using their inability as a way to justify
possibly rate shaping P2P traffic above and beyond what they indicate on 
their own documents.

In some cases, we do have people burying TC in lengthy TC documents,
such as some of the 3G cellular providers who advertise Unlimited
Internet(*) data cards, but then have a slew of (*) items that are
restricted - but only if you dig into the fine print on Page 3 of the
TC.  I'd much prefer that the advertising be honest and up front, and
that ISP's not be allowed to advertise unlimited service if they are
going to place limits, particularly significant limits, on the service.

... JG
-- 
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again. - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.

Re: Level 3 (3356) issues?

[Scott Berkman]

I know of Level 3 issues in the Tampa area.  Where are you?

  -Scott
- Original Message -
From: David Hubbard [EMAIL PROTECTED]
To: nanog@merit.edu
Sent: Tuesday, January 15, 2008 11:44:31 AM (GMT-0500) America/New_York
Subject: Level 3 (3356) issues?


Just curious if anyone is seeing issues with Level 3
right now?  Our session is still up but we can't 
see any outside routes through them currently.  I'm
guessing by the fact that I've been on hold for 25
minutes that I'm not the only one having an issue with
them but wanted to double check.

Thanks,

David

RE: NANOG website unreachable?

[Darden, Patrick S.]

I see the site, not the error.
--Patrick Darden


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of
Daniele Arena
Sent: Tuesday, January 15, 2008 12:48 PM
To: nanog@merit.edu
Subject: NANOG website unreachable?



Hi,

Am I the only one to get a 403 on http://www.nanog.org/ ?

Regards,

Daniele.

RE: BGP Filtering

[Ben Butler]

Hi Dave,
 
Yes that is what I was thinking I want to do - so I am guessing here - I
think what we are saying is the /17s never get re-added when the /16 is
withdrawn because this does not - for very good reasons when I think
about it- cause the filter to be evaluated upon the withdrawal of a
prefix, only on when it is newly announced does it get checked - or
maybe the odd table scan in the code?? But basically the /17s just sit
there and continue to be filtered.  Is that approximately correct?
 
so umm, yes a default would be needed, ummm.
 
Is it even technically possible to easily achieve though?
 
Ben



From: Dave Israel [mailto:[EMAIL PROTECTED] 
Sent: 15 January 2008 17:51
To: Ben Butler
Cc: nanog@merit.edu
Subject: Re: BGP Filtering



Ben,

  I think I understand what you want, and you don't want it.  If you
receive a route for, say, 204.91.0.0/16,  204.91.0.0/17, and
204.91.128.0/17, you want to drop the /17s and just care about the /16.
But a change in topology does not generally result in a complete update
of the BGP table.  Route changes result in route adds and draws, not a
flood event.  So if you forgot about the /17s and just kept the /16, and
the /16 was subsequently withdrawn, your router would not magically
remember that it had /17s to route to as well.  You'd drop traffic,
unless you had a default, in which case you'd just route it
suboptimally.

-Dave


Ben Butler wrote: 

Hi,

Agreed that is why I have lots of RAM - doesn't mean I should
carry on
upgrading my tower of babble though to make it ever higher and
higher if
there is a better way of doing things.

I still don't see how a default route to a portioned pop is
going to
help in the slightest - you are saved by getting the prefixes
from an
alternate transit and the default doesn't get used.  Where is
does help
is to capture anything which has been filtered out completely
and then
there is no prefix from the alternate transit provider anyway -
so
whichever default gets used and takes its chances.

Bogons - obviously.

My question was if what I was asking was possible.

Kind Regards

Ben


-Original Message-
From: Joe Abley [mailto:[EMAIL PROTECTED] 
Sent: 15 January 2008 17:07
To: Ben Butler
Cc: nanog@merit.edu
Subject: Re: BGP Filtering


On 15-Jan-2008, at 11:40, Ben Butler wrote:

  

Defaults wont work because a routing decision has to be
made, my 
transit originating a default or me pointing a default
at them does 
not guarantee the reachability of all prefixes..



Taking a table that won't fit in RAM similarly won't guarantee
reachability of anything :-)

Filter on assignment boundaries and supplement with a default.
That
ought to mean that you have a reasonable shot at surviving
de-peering/
partitioning events, and the defaults will pick up the slack in
the
event that you don't.

For extra credit, supplement with a bunch of null routes for
bogons so
packets with bogon destination addresses don't leave your
network, and
maybe make exceptions for golden prefixes.

  

I am struggling to see a defensible position for why
just shy of 50% 
of all routes appears to be mostly comprised of
de-aggregated routes 
when aggregation is one of the aims RIRs make the LIRs
strive to 
achieve.  If we cant clean the mess up because there is
no incentive 
than cant I simply ignore the duplicates.



You can search the archives I'm sure for more detailed
discussion of
this. However, you can't necessarily always attribute the
presence of
covered prefixes to incompetence.


Joe
  

Re: FW: ISPs slowing P2P traffic...

[David E. Smith]

Joe Greco wrote:


I have no idea what the networking equivalent of thirty-seven half-eaten
bags of Cheetos is, can't even begin to imagine what the virtual equivalent
of my couch is, etc.  Your metaphor doesn't really make any sense to me,
sorry.


There isn't one. The fat man metaphor was getting increasingly silly, 
I just wanted to get it over with.




Interestingly enough, we do have a pizza-and-play place a mile or two
from the house, you pay one fee to get in, then quarters (or cards or
whatever) to play games - but they have repeatedly answered that they
are absolutely and positively fine with you coming in for lunch, and 
staying through supper.  And we have a discount card, which they used

to give out to local businesspeople for business lunches, on top of it.


That's not the best metaphor either, because they're making money off 
the games, not the buffet. (Seriously, visit one of 'em, the food isn't 
very good, and clearly isn't the real draw.) I suppose you could market 
Internet connectivity this way - unlimited access to HTTP and POP3, and 
ten free SMTP transactions per month, then you pay extra for each 
protocol. That'd be an awfully tough sell, though.



As long as you fairly disclose to your end-users what limitations and 
restrictions exist on your network, I don't see the problem.


You've set out a qualification that generally doesn't exist.


I can only speak for my network, of course. Mine is a small WISP, and we 
have the same basic policy as Amplex, from whence this thread 
originated. Our contracts have relatively clear and large (at least by 
the standards of a contract) no p2p disclaimers, in addition to the 
standard no traffic that causes network problems clause that many of 
us have. The installers are trained to explicitly mention this, along 
with other no-brainer clauses like don't spam.


When we're setting up software on their computers (like their email 
client), we'll look for obvious signs of trouble ahead. If a customer 
already has a bunch of p2p software installed, we'll let them know they 
can't use it, under pain of find a new ISP.


We don't tell our customers they can have unlimited access to do 
whatever the heck they want. The technical distinctions only matter to a 
few customers, and they're generally the problem customers that we don't 
want anyway.


To try to make this slightly more relevant, is it a good idea, either 
technically or legally, to mandate some sort of standard for this? I'm 
thinking something like the Nutrition Facts information that appears 
on most packaged foods in the States, that ISPs put on their Web sites 
and advertisements. I'm willing to disclose that we block certain ports 
for our end-users unless they request otherwise, and that we rate-limit 
certain types of traffic. I can see this sort of thing getting confusing 
and messy for everyone, with little or no benefit to anyone. Thoughts?


David Smith
MVN.net

Re: houston.rr.com MX fubar?

[Suresh Ramasubramanian]

I see roadrunner listens.

frodo:~ dig +short houston.rr.com mx
0 .

frodo:~ dig +short houston.rr.com txt
v=spf1 -all

--srs

On Jan 13, 2008 8:55 AM, Suresh Ramasubramanian [EMAIL PROTECTED] wrote:
 A bunch of roadrunner subdomains migrated over to comcast and those are dud.

 One operationally better way to go seems to be Mark Delany's mx0dot
 proposal, which started out as an internet draft, but seems to have
 lost momentum .. the concept is sound though.

 http://ietfreport.isoc.org/idref/draft-delany-nullmx

 That'd mean

 houstonIN   MX   0  .

 --srs


 On Jan 13, 2008 8:32 AM, Chris Boyd [EMAIL PROTECTED] wrote:
 
  We're bouncing email to houston.rr.com due to the MX being set to localhost.
 
  [EMAIL PROTECTED]:~$ host -t mx houston.rr.com
  houston.rr.com mail is handled by 10 localhost.
 
  Setting the MX to 127.0.0.1 seems like an odd way to handle the switch.
 
  http://www.chron.com/disp/story.mpl/business/silverman/4842611.html
 




-- 
Suresh Ramasubramanian ([EMAIL PROTECTED])

Re: BGP Filtering

[Dave Israel]

The /17 isn't sitting there still being filtered; it was never there to 
begin with.  Your router heard the /17, saw that it didn't want it 
because of your filter settings, and promptly forgot it.  You can tell 
your router to remember routes it doesn't install; it's called soft 
reconfiguration on a Cisco and is the normal mode of operation for a 
Juniper.  But if you do that, you're not saving memory; an inactive 
route does not take less RAM than an active one. 

I am pretty sure that there isn't a way to match a route on whether a 
larger aggregate exists using the current route map/policy statement 
verbage on the routers I have worked with.  Doing so would be a 
reasonably simple code tweak, but without a purpose it isn't a tweak 
you're going to see any time soon.


-Dave

Ben Butler wrote:

Hi Dave,
 
Yes that is what I was thinking I want to do - so I am guessing here - 
I think what we are saying is the /17s never get re-added when the /16 
is withdrawn because this does not - for very good reasons when I 
think about it- cause the filter to be evaluated upon the withdrawal 
of a prefix, only on when it is newly announced does it get checked - 
or maybe the odd table scan in the code?? But basically the /17s just 
sit there and continue to be filtered.  Is that approximately correct?
 
so umm, yes a default would be needed, ummm.
 
Is it even technically possible to easily achieve though?
 
Ben



*From:* Dave Israel [mailto:[EMAIL PROTECTED]
*Sent:* 15 January 2008 17:51
*To:* Ben Butler
*Cc:* nanog@merit.edu
*Subject:* Re: BGP Filtering


Ben,

  I think I understand what you want, and you don't want it.  If you 
receive a route for, say, 204.91.0.0/16,  204.91.0.0/17, and 
204.91.128.0/17, you want to drop the /17s and just care about the 
/16.  But a change in topology does not generally result in a complete 
update of the BGP table.  Route changes result in route adds and 
draws, not a flood event.  So if you forgot about the /17s and just 
kept the /16, and the /16 was subsequently withdrawn, your router 
would not magically remember that it had /17s to route to as well.  
You'd drop traffic, unless you had a default, in which case you'd just 
route it suboptimally.


-Dave


Ben Butler wrote:

Hi,

Agreed that is why I have lots of RAM - doesn't mean I should carry on
upgrading my tower of babble though to make it ever higher and higher if
there is a better way of doing things.

I still don't see how a default route to a portioned pop is going to
help in the slightest - you are saved by getting the prefixes from an
alternate transit and the default doesn't get used.  Where is does help
is to capture anything which has been filtered out completely and then
there is no prefix from the alternate transit provider anyway - so
whichever default gets used and takes its chances.

Bogons - obviously.

My question was if what I was asking was possible.

Kind Regards

Ben


-Original Message-
From: Joe Abley [mailto:[EMAIL PROTECTED] 
Sent: 15 January 2008 17:07

To: Ben Butler
Cc: nanog@merit.edu
Subject: Re: BGP Filtering


On 15-Jan-2008, at 11:40, Ben Butler wrote:

  
Defaults wont work because a routing decision has to be made, my 
transit originating a default or me pointing a default at them does 
not guarantee the reachability of all prefixes..



Taking a table that won't fit in RAM similarly won't guarantee
reachability of anything :-)

Filter on assignment boundaries and supplement with a default. That
ought to mean that you have a reasonable shot at surviving de-peering/
partitioning events, and the defaults will pick up the slack in the
event that you don't.

For extra credit, supplement with a bunch of null routes for bogons so
packets with bogon destination addresses don't leave your network, and
maybe make exceptions for golden prefixes.

  
I am struggling to see a defensible position for why just shy of 50% 
of all routes appears to be mostly comprised of de-aggregated routes 
when aggregation is one of the aims RIRs make the LIRs strive to 
achieve.  If we cant clean the mess up because there is no incentive 
than cant I simply ignore the duplicates.



You can search the archives I'm sure for more detailed discussion of
this. However, you can't necessarily always attribute the presence of
covered prefixes to incompetence.


Joe
  

Off Topic

[Rod Beck]

At the risk of incurring Mr. Pilosoft's wrath (the Putin of NANOG?), I'll 
looking for NANOG style ISP meetings to attend in Europe this year (France, 
Germany, UK, Belgium, and Netherlands). Any suggestions would be appreciated. 
Please bypass the list and send them directly to me. 

Roderick S. Beck
Director of European Sales
Hibernia Atlantic
1, Passage du Chantier, 75012 Paris
http://www.hiberniaatlantic.com
Wireless: 1-212-444-8829. 
Landline: 33-1-4346-3209.
French Wireless: 33-6-14-33-48-97.
AOL Messenger: GlobalBandwidth
[EMAIL PROTECTED]
[EMAIL PROTECTED]
``Unthinking respect for authority is the greatest enemy of truth.'' Albert 
Einstein. 

Re: houston.rr.com MX fubar?

[Tony Finch]

On Tue, 15 Jan 2008, Mark Andrews wrote:

   Since there is no [MX] fallback to 

Wrong. http://www1.ietf.org/mail-archive/web/ietf/current/msg49841.html

Tony.
-- 
f.a.n.finch  [EMAIL PROTECTED]  http://dotat.at/
FISHER GERMAN BIGHT: SOUTHERLY BECOMING CYCLONIC THEN WESTERLY 7 TO SEVERE
GALE 9, OCCASIONALLY STORM 10 IN GERMAN BIGHT, DECREASING 6 TO GALE 8 LATER.
ROUGH OR VERY ROUGH. RAIN. MODERATE.

Re: houston.rr.com MX fubar?

[Tony Finch]

On Tue, 15 Jan 2008, Randy Bush wrote:

  Fallback to A should be removed sure sounds like a plan.

 great idea.  it will only break mail to 42% of the internet.

Randy's right, though it's email *from* 42% of the Internet that's the
biggest problem. [rant about email from shitty php web forms elided]

Tony.
-- 
f.a.n.finch  [EMAIL PROTECTED]  http://dotat.at/
SOUTHEAST ICELAND: NORTHEASTERLY VEERING SOUTHERLY 5 TO 7, PERHAPS GALE 8
LATER. MODERATE OR ROUGH, OCCASIONALLY VERY ROUGH LATER. WINTRY SHOWERS THEN
RAIN. MODERATE OR GOOD.

Re: Looking for geo-directional DNS service

[Joe Greco]

 Except Hank is asking for true topological distance (latency /  
 throughput / packetloss).
 
 Anycast gives you BGP distance, not topological distance.
 
 Say I'm in Ashburn and peer directly with someone in Korea where he  
 has a node (1 AS hop), but I get to his node in Ashburn through my  
 transit provider (2 AS hops), guess which node anycast will pick?

Ashburn and other major network meet points are oddities in a very complex
network.  It would be fair to note that anycast is likely to be reasonably
effective if deployed in a manner that was mindful of the overall Internet
architecture, and made allowances for such things.

Anycast by itself probably isn't entirely desirable in any case, and could
ideally be paired up with other technologies to fix problems like this.

I haven't seen many easy ways to roll-your-own geo-DNS service.  The ones
I've done in the past simply built in knowledge of the networks in question,
and where such information wasn't available, took best guess and then may
have done a little research after the fact for future queries.  This isn't
as comprehensive as doing actual latency / throughput / pl checking.

... JG
-- 
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again. - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.

Re: BGP Filtering

[William Herrin]

On Jan 15, 2008 12:51 PM, Dave Israel [EMAIL PROTECTED] wrote:
I think I understand what you want, and you don't want it.  If you
 receive a route for, say, 204.91.0.0/16,  204.91.0.0/17, and
 204.91.128.0/17, you want to drop the /17s and just care about the /16.  But
 a change in topology does not generally result in a complete update of the
 BGP table.  Route changes result in route adds and draws, not a flood event.
 So if you forgot about the /17s and just kept the /16, and the /16 was
 subsequently withdrawn, your router would not magically remember that it had
 /17s to route to as well.

Dave,

That's half-true.

The routing table is comprised of two components: the Routing
Information Base (RIB) and the Forwarding Information Base (FIB). The
RIB sits in slow, cheap memory and contains routes and metrics for
every route as announced by every neighbor. The FIB sits in fast,
expensive memory and contains the currently best route for each
destination. The FIB is built by choosing the best routes from the
RIB. Packet-forwarding decisions are made by consulting the FIB.

Opportunistically filtering routes from the RIB would have exactly the
problem you point out: routing updates are incremental. The knowledge
that the /16 has been withdrawn may not accompany the knowledge that
the /17s are available.

Opportunistically filtering more-specific routes from the FIB,
however, could be very valuable at the edge of the DFZ. If Cisco
supported such filtering, those Sup2's could have another few years of
life left in them. With 512m ram in a two-transit provider scenario a
Sup2 could handle upwards of 1M routes in the RIB. Unfortunately, they
can only handle 244k routes in the FIB.


Ben, coming back to your question: I don't think there is a way to
make the software filter the routes inserted into the FIB. I don't see
a reason why it couldn't be programmed to do that. But the fine folks
at Cisco didn't see fit to write that software. Its a pity 'cause it
would be very useful.

The next best thing you can do is statically filter /8's from distant
regions. You're posting to NANOG, so I assume that the RIPE and APNIC
regions are distant for you. Go to IANA's web site and download the
list of /8's assigned exclusively to each of those registries. For
each, create a set of /8 static routes towards each of your transit
providers with a route target address picked from an address block
that will disappear or become distant if your link to that transit
provider is severed. Then use prefix lists to filter more specific
routes within those /8's.

That should give you a result that's almost as good as if you carried
all the routes while cutting a bunch of routes from your table.

Regards,
Bill Herrin


-- 
William D. Herrin  [EMAIL PROTECTED]  [EMAIL PROTECTED]
3005 Crane Dr.Web: http://bill.herrin.us/
Falls Church, VA 22042-3004

Re: FW: ISPs slowing P2P traffic...

[Barry Shein]

This is amazing. People are discovering oversubscription.

When we put the very first six 2400bps modems for the public on the
internet in 1989 and someone shortly thereafter got a busy signal and
called support the issue was oversubscription. What? You mean you
don't have one modem and phone line for each customer???

Shortly thereafter the fuss was dial-up ISPs selling unlimited
dial-up accounts for $20/mo and then knocking people off if they were
idle to accomodate oversubscription. But as busy signals mounted it
wasn't just idle, it was on too long or unlimited means 200 hours
per month until attornies-general began weighing in.

And here it is over 18 years later and people are still debating
oversubscription.

Not what to do about it, that's fine, but seem to be discovering
oversubscription de novo.

Wow.

It reminds me of back when I taught college and I'd start my first
Sept lecture with a puzzled look at the audience and didn't I explain
all this *last* year?

But at least they'd laugh.

Hint: You're not getting a dedicated megabit between chicago and
johannesburg for $20/month. Get over it.

HOWEVER, debating how to deal with the policies to accomodate
oversubscription is reasonable (tho perhaps not on this list) because
that's a moving target.

But here we are a week later on this thread (not to mention nearly 20
years) and people are still explaining oversubscription to each other?

Did I accidentally stumble into Special Nanog?

-- 
-Barry Shein

The World  | [EMAIL PROTECTED]   | http://www.TheWorld.com
Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide
Software Tool  Die| Public Access Internet | SINCE 1989 *oo*

Re: BGP Filtering

[Dave Israel]

William Herrin wrote:

On Jan 15, 2008 12:51 PM, Dave Israel [EMAIL PROTECTED] wrote:
  

   I think I understand what you want, and you don't want it.  If you
receive a route for, say, 204.91.0.0/16,  204.91.0.0/17, and
204.91.128.0/17, you want to drop the /17s and just care about the /16.  But
a change in topology does not generally result in a complete update of the
BGP table.  Route changes result in route adds and draws, not a flood event.
So if you forgot about the /17s and just kept the /16, and the /16 was
subsequently withdrawn, your router would not magically remember that it had
/17s to route to as well.



Dave,

That's half-true.
  

[discussion of FIB vs RIB deleted]

But, as you said yourself:

Ben, coming back to your question: I don't think there is a way to
make the software filter the routes inserted into the FIB. I don't see
a reason why it couldn't be programmed to do that. But the fine folks
at Cisco didn't see fit to write that software. Its a pity 'cause it
would be very useful.
  
Ergo, why I didn't discuss the FIB in my email.  If you want to filter 
routes, you generally have to filter them at the RIB.


How you move data from the RIB to the FIB is one of those questions that 
keep router engineers up all night.  The transfer must be fast, 
reliable, and cheap on the CPU.  Often, this means keeping logic out of 
it.  A paradigm is decided upon early, and if it takes ten years to 
actually come back to haunt them, they haven't done too badly.  Fixing 
something that far down in the nuts and bolts isn't easy.  (I am not 
saying the presence of a revenue-generating hardware fix doesn't 
influence the decision not to make a risky change to the software; I'm 
just saying there's a lot of grey area to play in.)


-Dave

Re: FW: ISPs slowing P2P traffic...

[Joe Greco]

 Joe Greco wrote:
  I have no idea what the networking equivalent of thirty-seven half-eaten
  bags of Cheetos is, can't even begin to imagine what the virtual equivalent
  of my couch is, etc.  Your metaphor doesn't really make any sense to me,
  sorry.
 
 There isn't one. The fat man metaphor was getting increasingly silly, 
 I just wanted to get it over with.

Actually, it was doing pretty well up 'til near the end.  Most of the
amusing stuff was [off-list.]  The interesting conclusion to it was that
obesity is a growing problem in the US, and that the economics of an AYCE
buffet are changing - mostly for the owner.

  Interestingly enough, we do have a pizza-and-play place a mile or two
  from the house, you pay one fee to get in, then quarters (or cards or
  whatever) to play games - but they have repeatedly answered that they
  are absolutely and positively fine with you coming in for lunch, and 
  staying through supper.  And we have a discount card, which they used
  to give out to local businesspeople for business lunches, on top of it.
 
 That's not the best metaphor either, because they're making money off 
 the games, not the buffet. (Seriously, visit one of 'em, the food isn't 
 very good, and clearly isn't the real draw.) 

True for Chuck E Cheese, but not universally so.  I really doubt that
Stonefire is expecting the people who they give their $5.95 business
lunch card to to go play games.  Their pizza used to taste like cardboard
(bland), but they're much better now.  The facility as a whole is designed
to address the family, and adults can go get some Asian or Italian pasta,
go to the sports theme area that plays ESPN, and only tangentially notice
the game area on the way out.  The toddler play areas (8yr) are even free.

http://www.whitehutchinson.com/leisure/stonefirepizza.shtml

This is falling fairly far from topicality for NANOG, but there is a
certain aspect here which is exceedingly relevant - that businesses
continue to change and innovate in order to meet customer demand.

 I suppose you could market 
 Internet connectivity this way - unlimited access to HTTP and POP3, and 
 ten free SMTP transactions per month, then you pay extra for each 
 protocol. That'd be an awfully tough sell, though.

Possibly.  :-)

  As long as you fairly disclose to your end-users what limitations and 
  restrictions exist on your network, I don't see the problem.
  
  You've set out a qualification that generally doesn't exist.
 
 I can only speak for my network, of course. Mine is a small WISP, and we 
 have the same basic policy as Amplex, from whence this thread 
 originated. Our contracts have relatively clear and large (at least by 
 the standards of a contract) no p2p disclaimers, in addition to the 
 standard no traffic that causes network problems clause that many of 
 us have. The installers are trained to explicitly mention this, along 
 with other no-brainer clauses like don't spam.

Actually, that's a difference, that wasn't what [EMAIL PROTECTED] was talking
about.  Amplex web site said they would rate limit you down to the minimum 
promised rate.  That's disclosed, which would be fine, except that it
apparently isn't what they are looking to do, because their oversubscription
rate is still too high to deliver on their promises.

 When we're setting up software on their computers (like their email 
 client), we'll look for obvious signs of trouble ahead. If a customer 
 already has a bunch of p2p software installed, we'll let them know they 
 can't use it, under pain of find a new ISP.
 
 We don't tell our customers they can have unlimited access to do 
 whatever the heck they want. The technical distinctions only matter to a 
 few customers, and they're generally the problem customers that we don't 
 want anyway.

There is certainly some truth to that.  Getting rid of the unprofitable
customers is one way to keep things good.  However, you may find yourself
getting rid of some customers who merely want to make sure that their ISP
isn't going to interfere at some future date.  

 To try to make this slightly more relevant, is it a good idea, either 
 technically or legally, to mandate some sort of standard for this? I'm 
 thinking something like the Nutrition Facts information that appears 
 on most packaged foods in the States, that ISPs put on their Web sites 
 and advertisements. I'm willing to disclose that we block certain ports 
 for our end-users unless they request otherwise, and that we rate-limit 
 certain types of traffic. 

ABSOLUTELY.  We would certainly seem more responsible, as providers, 
if we disclosed what we were providing.

 I can see this sort of thing getting confusing 
 and messy for everyone, with little or no benefit to anyone. Thoughts?

It certainly can get confusing and messy.

It's a little annoying to help someone go shopping for broadband and then
have to dig out the dirty details in the TC, if they're even there.

In a similar way, I get highly annoyed 

Re: FW: ISPs slowing P2P traffic...

[Martin Hannigan]

On Jan 15, 2008 3:52 PM, Joe Greco [EMAIL PROTECTED] wrote:

  Joe Greco wrote:
   I have no idea what the networking equivalent of thirty-seven half-eaten
   bags of Cheetos is, can't even begin to imagine what the virtual 
   equivalent
   of my couch is, etc.  Your metaphor doesn't really make any sense to me,
   sorry.
 
  There isn't one. The fat man metaphor was getting increasingly silly,
  I just wanted to get it over with.

 Actually, it was doing pretty well up 'til near the end. \

Not really, it's been pretty far out there for more than a few posts
and was completely dead when farting and burping was used in an
analogy.


-M

RE: FW: ISPs slowing P2P traffic...

[Rod Beck]

I have reached the conclusion that some of these threads are good indicators of 
the degree of underemployment among our esteemed members. But don't worry, I am 
not a snitch. 

Roderick S. Beck
Director of European Sales
Hibernia Atlantic
1, Passage du Chantier, 75012 Paris
http://www.hiberniaatlantic.com
Wireless: 1-212-444-8829. 
Landline: 33-1-4346-3209.
French Wireless: 33-6-14-33-48-97.
AOL Messenger: GlobalBandwidth
[EMAIL PROTECTED]
[EMAIL PROTECTED]
``Unthinking respect for authority is the greatest enemy of truth.'' Albert 
Einstein. 



-Original Message-
From: [EMAIL PROTECTED] on behalf of Martin Hannigan
Sent: Tue 1/15/2008 9:25 PM
To: Joe Greco
Cc: nanog@merit.edu
Subject: Re: FW: ISPs slowing P2P traffic...
 

On Jan 15, 2008 3:52 PM, Joe Greco [EMAIL PROTECTED] wrote:

  Joe Greco wrote:
   I have no idea what the networking equivalent of thirty-seven half-eaten
   bags of Cheetos is, can't even begin to imagine what the virtual 
   equivalent
   of my couch is, etc.  Your metaphor doesn't really make any sense to me,
   sorry.
 
  There isn't one. The fat man metaphor was getting increasingly silly,
  I just wanted to get it over with.

 Actually, it was doing pretty well up 'til near the end. \

Not really, it's been pretty far out there for more than a few posts
and was completely dead when farting and burping was used in an
analogy.


-M

Re: BGP Filtering

[Deepak Jain]

But if I can see the /19 in the table, do I care about a load of /24s
because the whole of the /19 should be reachable as the origin AS is
announcing it somewhere in their network and it is being received my a
transit so should be reachable.


The presumption in cases like this is that the /24 may take a 
different path than the /19 in some or all cases. If you have only a 
single provider you can safely dump more specifics -- but then, you 
could just point default. If you *are* multihomed and the /19 and /24 
both have the same primacy (first choice in a routing decision and same 
path) you can safely drop the more specific.


The presumption is that in some cases the /24 would take a different 
path than the /19 in a routing fight.


How much cost you want to incur for these is your choice. If enough 
people drop the more specifics, they will go away as well -- if they 
provided no benefit, fewer would exist.


Some of this originates from the peering-contests where folks have x 
number of prefixes which makes them bigger than y number of prefixes.


I'd be interested to see any metrics on rate of growth of allocations 
longer than RIR limits since Verio instituted then dropped mandatory 
prefix filters. (vs the rate of growth of prefixes overall). I would 
guess that they accelerated.


Deepak

RE: BGP Filtering

[Ben Butler]

Hi,

It is late and am just checking email.  But...

The /24 is more specific than the /19 therefore the /24 take priority.

In my opinion AS path length became somewhat redundant with the rise of
confederations and BGP doesn't understand bandwidth, latency and
congestion.  But I didn't write it, I am not that clever and it works
and is what we have today.

But I don't care about the remote de-aggregating AS's local traffic
engineering, I care about the reach ability of the IP my customer has
requested, and the /19 is a valid route in the route table the origin AS
put it there and it is in my local transit feed.  Why should I pay in my
router for the degaregated AS's traffic engineering which doesnt benefit
me, I care about my transit and peers as long as the /19 is reachable.
Personally it is the deagregating ASs problem if they have poor transit
and peering not mine, maybe if they took ownership of their problem
rather than trying to make it everyone else's problem we would not find
ourselves in the mess we are currently in with no sign of the problem
diminishing or fixing itself.

This is not about my router or processor - it is fine thank you with
plenty of capacity transits and peers - but that doesn't excuse the
generation of dross in the table - I refuse to believe there are
justifiable reasons for anywhere near the majority of those 100K+
suspect routes.  As a  wide general rough rule of thumb, more specifics
(if any) for peering should only be getting announced to peers +
customers not back up into transit providers.  RIPE RIR rules don't
deagreagte - period - these ASs should not expect others to carry their
extra x prefixes just because they want to stretch the size of their
table in a router waiving contest.

I know I can dump them, for identical origination ASes, and things will
continue to work for me - the trick and my question is how to
dynamically classify them so that it is possible to think about dropping
them.  The question was how?  The answer is - seems it cant be done.
The main/best I have heard work around seems to be RIR minimum
allocation PA space filtering plus defaults to capture the very small
number of unique prefixes of PA less than minimum allocation size that
would get filtered - as I understand it, it is top of my reading list on
my desk tommorow.

The idea as much as possible is to go with what is in the routing table
not to pin default routes all over the place and to simply try and
easily with minimum maintenance drop a slice of the dross without
impacting customer experience.

Thank you to all who suggested solutions.

Ben

-Original Message-
From: Deepak Jain [mailto:[EMAIL PROTECTED] 
Sent: 15 January 2008 22:09
To: Ben Butler
Cc: nanog@merit.edu
Subject: Re: BGP Filtering

 But if I can see the /19 in the table, do I care about a load of /24s 
 because the whole of the /19 should be reachable as the origin AS is 
 announcing it somewhere in their network and it is being received my a

 transit so should be reachable.

The presumption in cases like this is that the /24 may take a
different path than the /19 in some or all cases. If you have only a
single provider you can safely dump more specifics -- but then, you
could just point default. If you *are* multihomed and the /19 and /24
both have the same primacy (first choice in a routing decision and same
path) you can safely drop the more specific.

The presumption is that in some cases the /24 would take a different
path than the /19 in a routing fight.

How much cost you want to incur for these is your choice. If enough
people drop the more specifics, they will go away as well -- if they
provided no benefit, fewer would exist.

Some of this originates from the peering-contests where folks have x
number of prefixes which makes them bigger than y number of prefixes.

I'd be interested to see any metrics on rate of growth of allocations
longer than RIR limits since Verio instituted then dropped mandatory
prefix filters. (vs the rate of growth of prefixes overall). I would
guess that they accelerated.

Deepak

RE: FW: ISPs slowing P2P traffic...

[Frank Bulk]

I'm not aware of MSOs configuring their upstreams to attain rates for 9 and
27 Mbps for version 1 and 2, respectively.  The numbers you quote are the
theoretical max, not the deployed values.

Frank

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Mikael Abrahamsson
Sent: Tuesday, January 15, 2008 3:27 AM
To: nanog@merit.edu
Subject: Re: FW: ISPs slowing P2P traffic...


On Tue, 15 Jan 2008, Brandon Galbraith wrote:

 I think no matter what happens, it's going to be very interesting as
Comcast
 rolls out DOCSIS 3.0 (with speeds around 100-150Mbps possible), Verizon
FIOS

Well, according to wikipedia DOCSIS 3.0 gives 108 megabit/s upstream as
opposed to 27 and 9 megabit/s for v2 and v1 respectively. That's not what
I would call revolution as I still guess hundreds if not thousands of
subscribers share those 108 megabit/s, right? Yes, fourfold increase but
... that's still only factor 4.

 expands it's offering (currently, you can get 50Mb/s down and 30Mb/sec
up),
 etc. If things are really as fragile as some have been saying, then the
 bottlenecks will slowly make themselves apparent.

Upstream capacity will still be scarce on shared media as far as I can
see.

--
Mikael Abrahamssonemail: [EMAIL PROTECTED]

RE: FW: ISPs slowing P2P traffic...

[Mikael Abrahamsson]

On Tue, 15 Jan 2008, Frank Bulk wrote:


I'm not aware of MSOs configuring their upstreams to attain rates for 9 and
27 Mbps for version 1 and 2, respectively.  The numbers you quote are the
theoretical max, not the deployed values.


But with 1000 users on a segment, don't these share the 27 megabit/s for 
v2, even though they are configured to only be able to use 384kilobit/s 
peak individually?


--
Mikael Abrahamssonemail: [EMAIL PROTECTED]

RE: FW: ISPs slowing P2P traffic...

[Frank Bulk]

Except that upstreams are not at 27 Mbps
(http://i.cmpnet.com/commsdesign/csd/2002/jun02/imedia-fig1.gif show that
you would be using 32 QAM at 6.4 MHz).  The majority of MSOs are at 16-QAM
at 3.2 MHz, which is about 10 Mbps.  We just took over two systems that were
at QPSK at 3.2 Mbps, which is about 5 Mbps.

And upstreams are usually sized not to be more than 250 users per upstream
port.  So that would be a 10:1 oversubscription on upstream, not too bad, by
my reckoning.  The 1000 you are thinking of is probably 1000 users per
downstream power, and there is a usually a 1:4 to 1:6 ratio of downstream to
upstream ports.

Frank

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Mikael Abrahamsson
Sent: Tuesday, January 15, 2008 5:41 PM
To: nanog@merit.edu
Subject: RE: FW: ISPs slowing P2P traffic...


On Tue, 15 Jan 2008, Frank Bulk wrote:

 I'm not aware of MSOs configuring their upstreams to attain rates for 9
and
 27 Mbps for version 1 and 2, respectively.  The numbers you quote are the
 theoretical max, not the deployed values.

But with 1000 users on a segment, don't these share the 27 megabit/s for
v2, even though they are configured to only be able to use 384kilobit/s
peak individually?

--
Mikael Abrahamssonemail: [EMAIL PROTECTED]

Re: BGP Filtering

[Robert Bonomi]

 Date: Tue, 15 Jan 2008 15:16:04 -0500
 From: William Herrin [EMAIL PROTECTED]
 Subject: Re: BGP Filtering


 On Jan 15, 2008 12:51 PM, Dave Israel [EMAIL PROTECTED] wrote:
 I think I understand what you want, and you don't want it.  If you
  receive a route for, say, 204.91.0.0/16,  204.91.0.0/17, and
  204.91.128.0/17, you want to drop the /17s and just care about the /16.  But
  a change in topology does not generally result in a complete update of the
  BGP table.  Route changes result in route adds and draws, not a flood event.
  So if you forgot about the /17s and just kept the /16, and the /16 was
  subsequently withdrawn, your router would not magically remember that it had
  /17s to route to as well.

 Dave,

 That's half-true.

 The routing table is comprised of two components: the Routing
 Information Base (RIB) and the Forwarding Information Base (FIB). The
 RIB sits in slow, cheap memory and contains routes and metrics for
 every route as announced by every neighbor. The FIB sits in fast,
 expensive memory and contains the currently best route for each
 destination. The FIB is built by choosing the best routes from the
 RIB. Packet-forwarding decisions are made by consulting the FIB.

 Opportunistically filtering routes from the RIB would have exactly the
 problem you point out: routing updates are incremental. The knowledge
 that the /16 has been withdrawn may not accompany the knowledge that
 the /17s are available.

 Opportunistically filtering more-specific routes from the FIB,
 however, could be very valuable at the edge of the DFZ. If Cisco
 supported such filtering, those Sup2's could have another few years of
 life left in them. With 512m ram in a two-transit provider scenario a
 Sup2 could handle upwards of 1M routes in the RIB. Unfortunately, they
 can only handle 244k routes in the FIB.


 Ben, coming back to your question: I don't think there is a way to
 make the software filter the routes inserted into the FIB. I don't see
 a reason why it couldn't be programmed to do that. But the fine folks
 at Cisco didn't see fit to write that software. Its a pity 'cause it
 would be very useful.

This leads to one 'obviuous' approach to the matter. a smart BGP 'proxy'
that accepts 'full' data from all the peers, manages the RIB  and outputs
=only= the current 'most desired' subset of routes to the target router.  
In _that_ router the RIB and FIB are going to be equivalent,

This gets the 'hog' part of things off into 'commodity' hardware, and 
where you can afford to burn CPU cycles implementing 'smarts' to compensate
for other people's 'dumbs'.   

At a quick glance it looks like this would not be terribly difficult to
build, using Quagga/Zebra as a base platform.

Re: Looking for geo-directional DNS service

[Joe Abley]

On 15-Jan-2008, at 12:50, Patrick W. Gilmore wrote:


Anycast gives you BGP distance, not topological distance.


Yeah, it's topology modulated by economics :-)


Joe

Re: Off Topic

[Christopher Morrow]

On Jan 15, 2008 2:42 PM, Rod Beck [EMAIL PROTECTED] wrote:

 At the risk of incurring Mr. Pilosoft's wrath (the Putin of NANOG?), I'll

he's not a bad guy actually :) it's a rough job corralling all the
-admin folks I'm certain. Also this isn't really that off topic is it?

 looking for NANOG style ISP meetings to attend in Europe this year (France,
 Germany, UK, Belgium, and Netherlands). Any suggestions would be

RIPE? In berlin in May:

http://www.ripe.net/ripe/meetings/ripe-56/index.html

-Chris

Re: BGP Filtering

[Christopher Morrow]

On Jan 15, 2008 2:02 PM, Jon Lewis [EMAIL PROTECTED] wrote:

 On Tue, 15 Jan 2008, Ben Butler wrote:

  I want a filter that will automatically match the shorter prefixes that
  match any longer prefix, once I can match them I can drop them.
  I don't want to manually configure a static prefix list for lots and
  lots and lots of reasons.
  If the longer prefix disappears from the route table I want to stop
  filtering the shorter prefixes - automatically.

 This was talked about / requested several months ago on cisco-nsp.  IIRC,
 the thread ended along the lines of don't hold your breath.
 Implementation of this sort of feature is very icky (lots of details you
 may not be considering) and why should cisco spend time writing this code
 when they can sell you a bigger router instead?


Jon, didn't you start:

http://www.wibble.co.uk/archives/nanog/2007/msg05265.html

and Ben, is this sort of what you are looking for? Or would it
accomplish the same thing for you?

-Chris

Re: [Fwd: Unstable BGP Peerings?]

[Christopher Morrow]

On Jan 13, 2008 6:56 PM, Paul Ferguson [EMAIL PROTECTED] wrote:

 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1

 Interesting, given that TTNet sits atop this ranking:

 https://nssg.trendmicro.com/nrs/reports/rank.php?page=1

 I wonder if this is somehow related? ;-)


probably not... but only based on as much a guess on my part as paul's
I suspect, a little more below.

 - -- Sue Joiner [EMAIL PROTECTED] wrote:

 Forwarding for Mohit Lad and Jonathan Park.

-sue

 Sue Joiner
 Merit Network

 -  Original Message 
 Subject:Unstable BGP Peerings?
 Date:   Sun, 13 Jan 2008 17:49:44 +
 From:   ParkJonathan [EMAIL PROTECTED]
 To: nanog@merit.edu
 CC: [EMAIL PROTECTED], [EMAIL PROTECTED]



 During our recent study on BGP routing instability, we found cases where
 lots of routes changed from one subpath to another subpath, repeating this
 kind of behavior over a few months . We do not know the cause of this
 repeated instability, but suspect the BGP peering between routers in two
 AS was unstable or had some problems and this caused routing changes seen
 by many observation points.

It seems, to me, that from the data you have on the website perhaps
this is just oscillation in best-path decision or internal traffic
engineering decisions exposed to the outside world? Perhaps (taking
the first picture example) 9121 decides partway through a day or month
that they want to use cogent more (ratio levelling or cost reasons) so
they draw traffic via 174, then after some metric is met (cost or
ratio) they spread the load across their other transit links? This
could easily account for the changes you are showing, right?

In point of fact the next few examples also seem to reflect the same
behaviour... I suppose this could even be automated with one of those
fancy-dan InterNap route-optimizer boxes, right? I'd be curious to
know if this makes sense to: 1) other folks on-list, 2) the
researchers.

-Chris

 Specifically, the peerings in question are

 174 (Cogent) and 9121 (TTNet)
 3257 (Tiscali) and 9121 (TTNet)
 9304 (Hutchison) and 15412 (Flag Telecom)
 1273 (CableWireless)  4651 (Thai Gateway)
 6762 (Seabone) and 7473 (Singapore Telecom)

 For details of events and timings, please find a short summary on the
 link below.
 http://irl.cs.ucla.edu/pca/active-links.html

 We would really appreciate if somebody from the ISPs involved in this
 activity (or anybody who might know what happened) would contact us and
 throw some light on the reasons for this behavior.

 Thanks

 Mohit Lad, Jonathan Park
 UCLA

 -BEGIN PGP SIGNATURE-
 Version: PGP Desktop 9.6.3 (Build 3017)

 wj8DBQFHiqUVq1pz9mNUZTMRAkVEAJ0Y4u5AYr/CiG65e3e+Y88HCQJGjQCg723O
 P17FTAUFOw3Ms1KQW6v2+44=
 =013x
 -END PGP SIGNATURE-



 --
 Fergie, a.k.a. Paul Ferguson
  Engineering Architecture for the Internet
  fergdawg(at)netzero.net
  ferg's tech blog: http://fergdawg.blogspot.com/

Re: BGP Filtering

[Jon Lewis]

On Tue, 15 Jan 2008, Christopher Morrow wrote:


Jon, didn't you start:

http://www.wibble.co.uk/archives/nanog/2007/msg05265.html


Yep.


and Ben, is this sort of what you are looking for? Or would it
accomplish the same thing for you?


I don't think it's at all what Ben wants, but I think it's the closest 
thing to it that's actually available, relatively simple to configure, and 
accomplishes the desired savings.


For anyone in need of such savings, I recommned you start with one RIR at 
a time and carry a default route, because you're going to lose some 
networks.  If you want to be somewhat charitable, bump the limits up 1-bit 
and filter on RIR minimums + 1.


--
 Jon Lewis   |  I route
 Senior Network Engineer |  therefore you are
 Atlantic Net|
_ http://www.lewis.org/~jlewis/pgp for PGP public key_

Re: Off Topic

[Alex Pilosov]

On Tue, 15 Jan 2008, Rod Beck wrote:

 At the risk of incurring Mr. Pilosoft's wrath (the Putin of NANOG?),
You meant the srh of nanog. And I'm not ;)

 I'll looking for NANOG style ISP meetings to attend in Europe this year
 (France, Germany, UK, Belgium, and Netherlands). Any suggestions would
 be appreciated. Please bypass the list and send them directly to me.
The first thing that comes to mind is RIPE. Next thing that comes to mind 
is UKNOF.

Also, that isn't really off-topic. However, if you get off-list replies, 
could you please do a follow-up summary post and list the european neteng 
groups, that would be quite helpful. A good starting point for the search 
is www.euro-ix.net, which lists european IXPs. Many IXP's have annual (or 
more often) meetings of members, which serve similarly to NANOG. See: 
https://www.euro-ix.net/news/meetevent/ for starters.

-alex

Re: Looking for geo-directional DNS service

[Patrick W.Gilmore]

On Jan 15, 2008, at 3:03 PM, Joe Greco wrote:


Except Hank is asking for true topological distance (latency /
throughput / packetloss).

Anycast gives you BGP distance, not topological distance.

Say I'm in Ashburn and peer directly with someone in Korea where he
has a node (1 AS hop), but I get to his node in Ashburn through my
transit provider (2 AS hops), guess which node anycast will pick?


Ashburn and other major network meet points are oddities in a very  
complex
network.  It would be fair to note that anycast is likely to be  
reasonably
effective if deployed in a manner that was mindful of the overall  
Internet

architecture, and made allowances for such things.


You are not disagreeing with me.  I was responding to Woody who said:

On Jan 15, 2008, at 12:00 PM, Bill Woodcock wrote:

Yes, and that's how anycast works: it directs traffic to the
_topologically nearest_ server.

[...]

If you're doing things on the Internet, instead of the physical world,
topological distance is presumably of much greater interest than  
whatever

geographic proximity may coincidentally obtain.


Unless you define topologically nearest as what BGP picks, that is  
incorrect.  And even if you do define topology to be equivalent to  
BGP, that is not what is of the greatest interest.   
Goodput (latency, packet loss, throughput) is far more important.   
IMHO.


If you don't like my example, then ignore Ashburn and take a random,  
medium-sized network.  Now assume an anycast node which is  
topologically (i.e. latency, bit-miles, throughput, whatever your  
definition) closer through transit, compared to a node topologically  
farther away through peering.  Which is chosen?  And this is not even  
close to an unusual situation.


This in no way means anycast sux.  It just means anycast is not, by a  
long shot, guaranteed to give you the closest node by any reasonable  
definition.  (Sorry, I don't think node BGP picks is reasonable.   
You are welcome to disagree, but the point still stands that other  
definitions of reasonable are not satisfied.)



In general, anycast is better than not-anycast, and can be optimized  
to be better than non-anycast for nearly all user by someone with  
enough clue + money + time.  This is not in question.  It is  
essentially impossible to guarantee anycast is better than any other  
solution for all applications and all end users, especially over time  
as the Internet changes.  This is not in question either.


--
TTFN,
patrick


Anycast by itself probably isn't entirely desirable in any case, and  
could
ideally be paired up with other technologies to fix problems like  
this.


I haven't seen many easy ways to roll-your-own geo-DNS service.  The  
ones
I've done in the past simply built in knowledge of the networks in  
question,
and where such information wasn't available, took best guess and  
then may
have done a little research after the fact for future queries.  This  
isn't

as comprehensive as doing actual latency / throughput / pl checking.

... JG
--
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
We call it the 'one bite at the apple' rule. Give me one chance  
[and] then I
won't contact you again. - Direct Marketing Ass'n position on e- 
mail spam(CNN)
With 24 million small businesses in the US alone, that's way too  
many apples.

Re: Looking for geo-directional DNS service

[Paul Vixie]

[EMAIL PROTECTED] (Patrick W.Gilmore)]
 And even if you do define topology to be equivalent to BGP, that is not
 what is of the greatest interest.  Goodput (latency, packet loss,
 throughput) is far more important.  IMHO.

in my less humble justified true belief, this is 100% truth.

 This in no way means anycast sux.  It just means anycast is not, by a
 long shot, guaranteed to give you the closest node by any reasonable
 definition.  (Sorry, I don't think node BGP picks is reasonable.  ...

i also second this notion.

in our (ISC's) current use of anycase (for f-root and other dns servers),
anycast is a crutch for not having a global backbone, but wanting f-root to
have global representation and extreme replication.  informal studies don't
show as much locality as we'd like -- but by peering aggressively everywhere
and by setting no-export on our route almost everywhere, we've been able to
localize and isolate ddos effects, which is all we were trying to accomplish.

but note, f-root is a normal dns server, it has an absolute mapping between
qname,qtype,qclass,time and answer.  i don't believe in stupid dns tricks
(where that mapping is relativized for TE purposes), and one of the reasons
for my disbelief is that many ISP's in f-root's ~40 IXP locations do not
peer with us, and their traffic is therefore answered in remote (to them)
places where TE can't be predicted.  in other words, people doing stupid dns
tricks are probably counting on anycast to do something f-root doesn't care
about (and which i think BGP won't do even on its best day.)
-- 
Paul Vixie

Re: Looking for geo-directional DNS service

[Joe Greco]

 Unless you define topologically nearest as what BGP picks, that is  
 incorrect.  And even if you do define topology to be equivalent to  
 BGP, that is not what is of the greatest interest.   
 Goodput (latency, packet loss, throughput) is far more important.   
 IMHO.

Certainly, but given some completely random transaction, there's still
going to be a tendency for anycast to be some sort of improvement over
pure random chance.  1000 boneheaded anycast implementations cannot be
wrong.  :-)  That you don't get it right every time doesn't make it
wrong every time.

I'm certainly not arguing for anycast-only solutions, and said so.  I'll
be happy to consider it as a first approximation to getting something to
a topologically nearby network, though as I also said, there needs to
be some care taken in the implementation.

Anycast can actually be very powerful within a single AS, where of course
you have some knowledge of the network and predictability.  You lose some
(probably a lot) of that in the translation to the public Internet, but
I'm going to go out on a bit of a limb and guess that if I were to stick an
anycast node in Chicago, Sydney, and Amsterdam, I'm very likely to be able
to pick my networks such that I get a good amount of localization.

Of course, nobody's perfect, and it probably needs to be a data-driven 
business if you really want well-optimized redirection.  However, that's
a bit of magic.  Even the fabled Akamai used to direct us to some ISP up
in Minnesota...  (BFG)

So, anyways, would it be entertaining to discuss the relative merits of
various DNS implementations that attempt to provide geographic answers 
to requests, versus doing it at a higher level?  (I can hear everyone 
groaning now, and some purist somewhere probably having fits)

... JG
-- 
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again. - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.

Re: FW: ISPs slowing P2P traffic...

[Mark Radabaugh]

Joe Greco wrote:
As long as you fairly disclose to your end-users what limitations and 
restrictions exist on your network, I don't see the problem.



You've set out a qualification that generally doesn't exist.  For example,
this discussion included someone from a WISP, Amplex, I believe, that 
listed certain conditions of use on their web site, and yet it seems like

they're un{willing,able} (not assigning blame/fault/etc here) to deliver
that level of service, and using their inability as a way to justify
possibly rate shaping P2P traffic above and beyond what they indicate on 
their own documents.
  
Actually you misrepresent what I said versus what you said.   It's 
getting a little old.



I responded to the original question by Deepak Jain over why anyone 
cared about P2P traffic rather then just using a hard limit with the 
reasons why a Wireless ISP would want to shape P2P traffic.



You then took it upon yourself to post sections of our website to Nanog 
and claim that your service was much superior because you happen to run 
Metro Ethernet.  



Our website pretty clearly spells out our practices and they are MUCH 
more transparent than any other provider I know of.Can we do EXACTLY 
what we say on our website if EVERY client wants to run P2P at the full 
upload rate?  No - but we can do it for the ones who care at this 
point.At the moment the only people who seem to care about this are 
holier than thou network engineers and content providers looking for 
ways to avoid their own distribution costs.   Neither one of them is 
paying me a dime.



Mark

Re: FW: ISPs slowing P2P traffic...

[Michael Painter]

- Original Message - 
From: Joe Greco [EMAIL PROTECTED]


[snip]


As long as you fairly disclose to your end-users what limitations and
restrictions exist on your network, I don't see the problem.


You've set out a qualification that generally doesn't exist.  For example,
this discussion included someone from a WISP, Amplex, I believe, that
listed certain conditions of use on their web site, and yet it seems like
they're un{willing,able} (not assigning blame/fault/etc here) to deliver
that level of service, and using their inability as a way to justify
possibly rate shaping P2P traffic above and beyond what they indicate on
their own documents.

In some cases, we do have people burying TC in lengthy TC documents,
such as some of the 3G cellular providers who advertise Unlimited
Internet(*) data cards, but then have a slew of (*) items that are
restricted - but only if you dig into the fine print on Page 3 of the
TC.  I'd much prefer that the advertising be honest and up front, and
that ISP's not be allowed to advertise unlimited service if they are
going to place limits, particularly significant limits, on the service.

... JG



Yep.

In the US, Internet access is still generally sold as all-you-can-eat, with few restrictions on the types of services or 
applications that can be run across the network (except for wireless, of course), but things are different across the 
pond.  In the UK, ISP plus.net doesn't even offer unlimited packages, and they explain why on their web site.
'Most providers claiming to offer unlimited broadband will have a fair use policy to try and prevent people over-using 
their service, they write. But if it's supposed to be unlimited, why should you use it fairly? The fair use policy stops 
you using your unlimited broadband in an unlimited fashion-so, by our reckoning, it's not unlimited. We don't believe in 
selling 'unlimited broadband' that's bound by a fair use policy. We'd rather be upfront with you and give you clear usage 
allowances, with FREE overnight usage.' 


The above (and there's much more) from:
http://arstechnica.com/articles/culture/Deep-packet-inspection-meets-net-neutrality.ars/

If I was a WISP, I'd be saving up for that DPI box.

--Michael

RE: BGP Filtering

[Ben Butler]

Hi,

That is where I got to last night with my cogitations before I feel
asleep.

Ben 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Robert Bonomi
Sent: 16 January 2008 01:26
To: nanog@merit.edu
Subject: Re: BGP Filtering


 Date: Tue, 15 Jan 2008 15:16:04 -0500
 From: William Herrin [EMAIL PROTECTED]
 Subject: Re: BGP Filtering


 On Jan 15, 2008 12:51 PM, Dave Israel [EMAIL PROTECTED] wrote:
 I think I understand what you want, and you don't want it.  If 
  you receive a route for, say, 204.91.0.0/16,  204.91.0.0/17, and 
  204.91.128.0/17, you want to drop the /17s and just care about the 
  /16.  But a change in topology does not generally result in a 
  complete update of the BGP table.  Route changes result in route
adds and draws, not a flood event.
  So if you forgot about the /17s and just kept the /16, and the /16 
  was subsequently withdrawn, your router would not magically remember

  that it had /17s to route to as well.

 Dave,

 That's half-true.

 The routing table is comprised of two components: the Routing 
 Information Base (RIB) and the Forwarding Information Base (FIB). The 
 RIB sits in slow, cheap memory and contains routes and metrics for 
 every route as announced by every neighbor. The FIB sits in fast, 
 expensive memory and contains the currently best route for each 
 destination. The FIB is built by choosing the best routes from the 
 RIB. Packet-forwarding decisions are made by consulting the FIB.

 Opportunistically filtering routes from the RIB would have exactly the

 problem you point out: routing updates are incremental. The knowledge 
 that the /16 has been withdrawn may not accompany the knowledge that 
 the /17s are available.

 Opportunistically filtering more-specific routes from the FIB, 
 however, could be very valuable at the edge of the DFZ. If Cisco 
 supported such filtering, those Sup2's could have another few years of

 life left in them. With 512m ram in a two-transit provider scenario a
 Sup2 could handle upwards of 1M routes in the RIB. Unfortunately, they

 can only handle 244k routes in the FIB.


 Ben, coming back to your question: I don't think there is a way to 
 make the software filter the routes inserted into the FIB. I don't see

 a reason why it couldn't be programmed to do that. But the fine folks 
 at Cisco didn't see fit to write that software. Its a pity 'cause it 
 would be very useful.

This leads to one 'obviuous' approach to the matter. a smart BGP 'proxy'
that accepts 'full' data from all the peers, manages the RIB  and
outputs =only= the current 'most desired' subset of routes to the target
router.  
In _that_ router the RIB and FIB are going to be equivalent,

This gets the 'hog' part of things off into 'commodity' hardware, and
where you can afford to burn CPU cycles implementing 'smarts' to
compensate
for other people's 'dumbs'.   

At a quick glance it looks like this would not be terribly difficult to
build, using Quagga/Zebra as a base platform.

RE: FW: ISPs slowing P2P traffic...

[Mikael Abrahamsson]

On Tue, 15 Jan 2008, Frank Bulk wrote:


Except that upstreams are not at 27 Mbps
(http://i.cmpnet.com/commsdesign/csd/2002/jun02/imedia-fig1.gif show that
you would be using 32 QAM at 6.4 MHz).  The majority of MSOs are at 16-QAM
at 3.2 MHz, which is about 10 Mbps.  We just took over two systems that were
at QPSK at 3.2 Mbps, which is about 5 Mbps.


Ok, so the wikipedia article http://en.wikipedia.org/wiki/Docsis is 
heavily simplified? Any chance someone with good knowledge of this could 
update the page to be more accurate?



And upstreams are usually sized not to be more than 250 users per upstream
port.  So that would be a 10:1 oversubscription on upstream, not too bad, by
my reckoning.  The 1000 you are thinking of is probably 1000 users per
downstream power, and there is a usually a 1:4 to 1:6 ratio of downstream to
upstream ports.


250 users sharing 10 megabit/s would mean 40 kilobit/s average utilization 
which to me seems very tight. Or is this 250 apartments meaning perhaps 
40% subscribe to the service indicating that those 250 really are 100 
and that the average utilization then can be 100 kilobit/s upstream?


With these figures I can really see why companies using HFC/Coax have a 
problem with P2P, the technical implementation is not really suited for 
the application.


--
Mikael Abrahamssonemail: [EMAIL PROTECTED]