Re: 10GE router resource
William Herrin wrote: On Wed, Mar 26, 2008 at 4:26 PM, Sargun Dhillon [EMAIL PROTECTED] wrote: from a viewpoint of hardware, x86 is a fairly decent platform. I can stuff 40 (4x10GigE multiplex with a switch) 1 GigE ports in it. Though, the way that Linux works, it cannot handle high packet rates. Correction: The way DRAM works, it cannot handle high packet rates. Also note that the PCI-X bus tops out in the 7 to 8 gbps range and it's half-duplex. Indeed. PCI-X is already an EOL'ed interface, if only cheap PCI-X cards were available. Once you add extensive ACL's, there's loads more [central] processing to be done than just packet routing (100k choices versus 2 to 4 interfaces). System throughput gets slammed rather quickly. Linux IPtables grumbles painfully at 100k line ACLs :) Not to mention the options of what to do with a packet are very limited. The AMD chips with extra L1 cache perform better on *bsd platforms as the forwarding code is tight and likes to stay close to the CPU, and context switching kills packet processing performance (thus the small but notable increase in the multicore performance). The GP registers on the AMD platform are also easy to deal with (and in 64 bit mode, you get double the number for free) essentially working an end around a broken stack architecture from a few decades agoanyone recall the simplicity of assembly language of the 6800 or the 6502? :-) getting the latency down low enough for HPC clusters is a major hassle, as the x86 PC design just doesn't have the bandwidth. Of course, Intel makes some slick NPU's for custom work (e.g. cloudshield.com). If you like starting at bit 0. (isn't that like slot zero or port zero, it technically doesn't exist since zero is only a placeholder in larger numbers if you mean anything greater than none? I could swear back in the days of a SLC96, ports were 1-96, not 0-95 :-) ) http://developer.intel.com/design/network/products/npfamily/index.htm?iid=ncdcnav2+proc_netproc too bad they [Intel] don't make a hypertransport capable version, or you'd have one helluva multicore multiNPU system with no glue logic required. Fun to play around though. regards, andy High-rate routers try to keep the packets in an SRAM queue and instead of looking up destinations in a DRAM-based radix tree, they use a special memory device called a TCAM. http://www.pagiamtzis.com/cam/camintro.html Regards. Bill Herrin
Re: default routes question or any way to do the rebundant
Thanks Randy, (seriously, I get questions such as those all the time) I was beginning to think NANOG was still stuck in the 2002 or something :-) You surely know the parable the shoemakers kids are the last to get shoes as my own 'lab' full of toys/stuff is the last to get upgraded and labeled. http://www.nanog.org/resources.html would be an ideal place to place a link to the wiki. (and yes, wiki.nanog.org might be a nice DNS addition). Best regards, and again, thanks for the pointer. andy Randy Bush wrote: Hey nanog committee, there's an idea. How about an operator's wiki? http://nanog.cluepon.net/ centralization is not a core feature of the internet :) randy
Re: default routes question or any way to do the rebundant
[EMAIL PROTECTED] wrote: [EMAIL PROTECTED] wrote: snip http://www.einstein-website.de/z_kids/letterskids.html That's cute Valdis, but did the little girl and Einstein force thousands of people around the world to read their correspondence? I whole-heartily encourage and thank anyone willing to take the time to help the original poster. Off-list. Andrew Strange. I subscribed to numerous mailing lists. My mail reader's search function has been most enlightening when someone shared the answer with the group, which is often experienced by others, clueful or not, and honestly, easier to search than most mailing list archives. It's disingenuous to not share the answer, as anyone searching the archives will find the question unanwered and thus insurmountable, or they'll find a polite followup or pointer, and the benefit happens without additional email traffic When did this become the debian support list anyway :-) Or should we simply point folks to http://www.routergod.com/ To whomever started the thread with an actual question, don't be scared off. We're more like gentoo users than the other guys. Here's a good general resource (I know there are better but some of my favorite links are lost in time, and encourage folks to share) http://www.private.org.il/tcpip_rl.html Hey nanog committee, there's an idea. How about an operator's wiki? http://www.nanog.org/isp.html looks a bit weak given the overall bundled IQ floating around these parts? (even an email submission link for good stuff might be a start.nanog-support seems too general for such) Best regards, andy
Re: US Gvt ipv6 change, associated agencies
Darden, Patrick S. wrote: I'm looking for documentation on how the US Government IPv6 mandate affects associated agencies--e.g. healthcare providers, non-profits, or any company that depends on US Gvt. funding, record keeping, or financial reimbursement for services rendered (e.g. via Medicare). Over the past 5 years most US Gvt--Assoc. Agencies communications have moved from modem/BBS type systems to Internet based systems. With the mandate, IPv4 will still be available, but I would bet it will be less and less supported as time moves on. I would like to see what the Gvt. has planned I've googled, read FAQs, and looked over the docs at whitehouse.gov without much luck. Can anyone point me in the right direction? --Patrick Darden Patrick, the mandate (note, it is an *unfunded* mandate) comes from the OMB. Search terms including OMB IPv6 mandate will point you to useful information. Thus far, as with any such mandate, there will be loads of waivers in place, and providers wanting to do business with the US gov't may fall under such requirements. http://www.federalnewsradio.com/index.php?sid=1319907nid=169 might also prove useful. http://www.whitehouse.gov/omb/egov/b-1-information.html INTERNET PROTOCOL VERSION 6 (IPV6) On August 2, 2005, the OMB Office of E-Gov and IT issued OMB Memorandum 05-22, “Transition Planning for Internet Protocol Version 6 (IPv6),” directing all Federal government agencies to transition their network backbones to the next generation of the Internet Protocol Version 6 (IPv6), by June 30, 2008. The memorandum identifies several key milestones and requirements for all Federal government agencies in support of the June 30, 2008 target date. The existing protocol supporting the Internet today - Internet Protocol Version 4 (IPv4) – supports only 4 billion IP addresses, limiting the number of devices that can be given a unique, globally routable location on the Internet. This has constrained the growth of the Internet worldwide, and has limited the number of computers and other devices that can be connected to one another via the Internet. In contrast to IPv4, IPv6 provides an almost unlimited number of IP addresses, and offers enhanced mobility, security, and network management features. IPv6 supports the continued growth of the Internet and development of new business capabilities leveraging mobile, Internet connectivity. The CIO Council will issue guidance to assist agencies with transition planning.
Re: FCC Issues Second Order Mandating Internet Wiretapping Standards
Fergie wrote: snip [snip] The Federal Communications Commission (FCC) has released a second order reaffirming its decision to require that broadband and certain VoIP services be designed to make government wiretapping easier. This new order was issued despite the fact that a federal appeals court is considering a legal challenge to the FCC's initial decision to extend the Communications Assistance for Law Enforcement Act (CALEA) to the Internet. In its second order, the FCC imposed new compliance deadlines, but refused to clarify exactly what service providers must do. CDT has led the appeals court challenge, which if successful will overrule the FCC order. [snip] EPIC statement: http://www.cdt.org/headlines/891 Second FCC CALEA order: http://www.cdt.org/digi_tele/20060512calea.pdf Now, back to your regularly scheduled programming. Cheers, - ferg -- Fergie, a.k.a. Paul Ferguson Engineering Architecture for the Internet [EMAIL PROTECTED] or [EMAIL PROTECTED] ferg's tech blog: http://fergdawg.blogspot.com/ The FBI has been shopping around for outside plant training and basically has said everyone (a.k.a. NSPs) has told them go do it yourself. Nothing in the law says anyone has to make anything easy. When presented with a warrant, read it. Often times it's wrong and has incorrect info (I had that happen, told them to go do their homework as a 30 second internet search would have given them the proper info) and to come back when they had done their homework. They left, came back with the correct docs, and proceeded lawfully. In short, I play by the rules down to the last darned letter, and they have far greater obligation to do so. I'm not one to argue with *lawful* enforcement, but I just hope that if I was such a target, the person at the door would take 3 minutes to make sure they're not stuffing my rights in the round file Cheers, andy
Re: Presumed RF Interference
Ian Mason wrote: On 6 Mar 2006, at 15:06, [EMAIL PROTECTED] wrote: On Mon, Mar 06, 2006 at 09:49:39AM -0500, Steven M. Bellovin wrote: On Mon, 06 Mar 2006 21:17:17 +1100 Matthew Sullivan [EMAIL PROTECTED] wrote: (In the UK where I served my apprenticeship, we were required to provide earth bonding to the copper plumbing system, additional bonding at every exposed fitting - this caused a few issues when plumbers first starting using PVC pipes)... The US National Electrical Code (which has no national force of law; it's a model code voluntarily adopted by many jurisdictions) now bars grounding to pipes except within (as I recall) six feet of where the pipe enters the building, for precisely that reason. The use in modern times of teflon tape at joints in copper piping makes them unuseable for earth grounds even near the entry point to the building. A long (e.g. 2-3 meters) copper stake must be driven for a proper earth ground, or else a large copper mesh mat if the ground is rocky -- unless you are certain that the copper piping that you want to use extends a significant distance underground and unbroken. The purpose here is not to use the piping *as* a ground, but to ensure that the piping *is* at ground potential. Otherwise, if an electrical failure causes the pipe to reach a dangerous potential then so does the water in it, then so do the hands you're washing in that water. Thus if there's an electrical discontinuity in the piping it is even more important to earth bond any conductive piping/taps etc. that are on the non-earth side of that discontinuity. The same applies too to gas piping except here the principal risk is static, sparks and the subsequent explosion. I think it is also important to note that NEC 250.52(B) prohibits gas piping as a grounding electrode(1990 or so). The gas pipe ceased as a grounding electrode due to the dielectric fitting at the meter. The gas company did not want a bond around the meter because it defeated the isolation fitting. The presence of gas is not relevant, IIRC. In the old days, it was a big no no (at least according to the hourly wage fellows who actually do the work) to hook the gas line as ground other than any incidental grounding which ocurs in a gas furnace as an example. Good place for resources is http://www.mikeholt.com in the forums. Decent community of knowledgeable folk there. Good luck, and no do not use your body/fingers/arms/etc to connect various pieces of equipment to see if a voltage exists:-) That's best left to close friends who stand near electric fences. I had problems in the mid 1990's in an older home where the galvanized water supply pipe was the primary ground. Over time, corrosion of the pipe reduced conductivity, and lightening storms toasted a few expensive items (e.g. ISDN gear, sun workstation, etc) before finally driving a few grounding bars into the soil in the basement. Cheers, andy