RE: Low end, cool CPE.
Date: Thu, 11 Nov 2010 17:41:00 -0800 From: Leo Bicknell bickn...@ufp.org Subject: Low end, cool CPE. I've run into a number of low end CPE situations lately where I haven't found anything that does what I want, but I have to believe it is out there. I'm hoping NANOG can help. (...) What is the state of the art, and who has it? Hi, you might want to check out a Mikrotik [1] Routerboard [2]. Most if not all of your requirements are possible and you can scale up, depending on situation/bandwidth/etc. #m [1] www.mikrotik.com [2] www.routerboard.com
Re: Low end, cool CPE.
On 12 nov 2010, at 02:41, Leo Bicknell wrote: I've run into a number of low end CPE situations lately where I haven't found anything that does what I want, but I have to believe it is out there. I'm hoping NANOG can help. snip What is the state of the art, and who has it? shameless plug Have a look at http://labs.ripe.net/Members/mirjam/ipv6-cpe-surveys/ if you want some pointers on IPv6 support. As always feedback is more than welcome, I'll try and publish a new one in a few weeks. /shameless plug Frank Bulk maintains something similiair on the arin wiki at http://www.getipv6.info/index.php/Broadband_CPE MarcoH
Re: Low end, cool CPE.
On Thu, Nov 11, 2010 at 05:41:00PM -0800, Leo Bicknell wrote: I've run into a number of low end CPE situations lately where I haven't found anything that does what I want, but I have to believe it is out there. I'm hoping NANOG can help. An ALIX with pfSense 2.0 (BETA4 at the moment) would fit most of the above. IPv6 support is coming (is mostly there in the kernel, but interface only alpha). If you want to run the snort package I'd however pick a Supermicro Atom system with 2 onboard NICs and add a dual-port Intel NIC, and run pfSense from a small SSD or an USB stick. Albeit a rackmount, the system would be quiet enough for SOHO. There are multiple recommended hardware vendors http://www.pfsense.org/index.php?option=com_contenttask=viewid=44Itemid=50 and also commercial support http://www.pfsense.org/index.php?option=com_contenttask=viewid=62Itemid=73 Basically think about a sophisticated home user, or a 1-5 person small office. Think DSL, Cable Modem, maybe Cell Card or ISDN as backups. Looking for an appliance, very much fire and forget. I probably won't get all the features that I want, but in no particular order: - Able to load balance over 2 links (probably via NAT). Check. - IPv6 support, native or tunnel to tunnelbroker.net type thing. Requires hacking at the moment, but is coming fast. - Able to deal with backup connectivity, eg. Cell Cards which you only want to use if the primary is down. - User friendly features, e.g. UPNP, NAT-PMP, etc. - Good manageability. ssh to a cli would be a huge bonus, at least the ability to backup a config. Very well supported. http(s) and ssh both. - Able to handle decent througput, probably 20Mbps/sec min, 50 would be nice. ALIX does about 70 MBit/s, an dual-core Atom can probably handle 500 MBit/s. _ Nice firewall features. - IDS features are cool. WiFi is not strictly required, but would be cool. Things like guest WiFi would be an added bonus. Something a NANOGer might want at home would be a good baseline. I realize the exact product may differ depending on DSL/Cable/Cell/ISDN, that's ok, let's get some various good solutions going here. What is the state of the art, and who has it? I run pfSense both at home (6/100 MBit/s DOCSIS 3.0 cable modem) and in the colo (GBit Ethernet, failover cluster). Very happy. -- Leo Bicknell - bickn...@ufp.org - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/ -- Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org __ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
Re: Low end, cool CPE.
Leo Bicknell bickn...@ufp.org writes: - IPv6 support, native or tunnel to tunnelbroker.net type thing. This is far too diffuse. You'll get a yes, we've got IPv6. You should at least add - IPv6 packet filtering and policy management (at least simple access lists) - DHCPv6-PD client running over PPP or ethernet (possibly bridged DSL) WAN interface(s) - Ability to split the delegated prefix into a /64 for every LAN and loopback interface, preferably fully configurable - Configurable RA on LAN interfaces, using the dynamically allocated prefixes - (wishlist) configurable ifid's on the LAN and loopback interfaces as an alternative to using EUI-64 - WAN link addressing using whatever is available of SLAAC, DHCPv6 IA_NA or link local. Specifically: Using SLAAC for the WAN link should be possible without sacrificing any router functionality on the CPE. and probably a lot more. DNS resolver handling needs a chapter on it's own The point is: We've been asking for IPv6 for too long. That's just one bit in a packet header. We need to start asking for the features we expect, which is a lot more than that bit. Bjørn
Re: Low end, cool CPE.
On 12 Nov 2010, at 12:55, Bjørn Mork wrote: This is far too diffuse. You'll get a yes, we've got IPv6. You should at least add - IPv6 packet filtering and policy management (at least simple access lists) snip The point is: We've been asking for IPv6 for too long. That's just one bit in a packet header. We need to start asking for the features we expect, which is a lot more than that bit. For IPv6 CPE requirements, you might want to look at http://tools.ietf.org/html/draft-ietf-v6ops-ipv6-cpe-router-07 and comment on the IETF v6ops list. Tim
Re: Low end, cool CPE.
On 2010-11-12, at 4:24 AM, Eugen Leitl wrote: On Thu, Nov 11, 2010 at 05:41:00PM -0800, Leo Bicknell wrote: I've run into a number of low end CPE situations lately where I haven't found anything that does what I want, but I have to believe it is out there. I'm hoping NANOG can help. Mikrotik RB750G here with RouterOS 5.0RC3 Since I'm on a cable modem with Port 25 blocked and I want an SMTP server at home, I'm now using the Router to additionally set-up an L2TP tunnel into PortableIP.com, grab a fixed IP over there, use this as my MX and DST-NAT into an SMTP server at home. Also I'm SRC-NATting out everything to the cable modem, but the SMTP traffic back out the L2TP interface. All of this on a $70 box, with a very fast CPU, and 5 GigE ports. F.
Re: Low end, cool CPE.
All of this on a $70 box, with a very fast CPU, and 5 GigE ports. Currently playing with a little ADSL box made by Gennet (Athens, Greece). They have a beta which includes v6 support. Still some work to do but it looks very promising and the basics work (PPP dual stack, dhcpv6 PD, DNS). Firewall is under development and they have a nasty bug in the wlan driver which needs fixing so it's supports v6. http://broadband.gennetsa.com/oxygen_router.html Groet, MarcoH
Recent operational experience choosing between PBB-TE, MEF9+14, VPLS or T-MPLS ?
I'm embarking on a new project which involves a large scale MAN network where ultimately, the objective is to carry QinQ, while at the same time delivering services over IPv6. The objective is to support jumbo frames on all interfaces, at least to carry QinQ standard-size ethernet frames, but ideally as large as possible There seem to be 4 approaches to do this. a) The IEEE PBB-TE approach - but little implementations. b) The MEF9+14 approach, mature, but manual provisioning c) The VPLS approach, concerns with too much manual provisioning. d) The T-MPLS approach, concerns with maturity The objective is to support the functionality not only in the CORE, but also on cost effective multi-tenant redundant customer CPEs. I have not seen a, or b or d supported in a low-cost customer CPE. I am currently favouring c, for reasons of maturity and wide implementation, but may be missing on recent progresses in the b) land. Any thoughts ? Any published IETF material on the topic ? F.
RE: Low end, cool CPE.
-Original Message- From: Leo Bicknell [mailto:bickn...@ufp.org] Sent: Thursday, November 11, 2010 8:41 PM To: nanog@nanog.org Subject: Low end, cool CPE. I've run into a number of low end CPE situations lately where I haven't found anything that does what I want, but I have to believe it is out there. I'm hoping NANOG can help. Basically think about a sophisticated home user, or a 1-5 person small office. Think DSL, Cable Modem, maybe Cell Card or ISDN as backups. Looking for an appliance, very much fire and forget. I probably won't get all the features that I want, but in no particular order: - Able to load balance over 2 links (probably via NAT). - IPv6 support, native or tunnel to tunnelbroker.net type thing. - Able to deal with backup connectivity, eg. Cell Cards which you only want to use if the primary is down. - User friendly features, e.g. UPNP, NAT-PMP, etc. - Good manageability. ssh to a cli would be a huge bonus, at least the ability to backup a config. - Able to handle decent througput, probably 20Mbps/sec min, 50 would be nice. _ Nice firewall features. - IDS features are cool. I've been very happy with Peplink's Balance line (have a couple of 380's) -Keith
Re: Low end, cool CPE.
Everytime I'm in the market for a device like you describe, it comes down to the limitations of consumer devices. You can't get all those things in a low cost solution. I end up rolling my own. My latest system is this http://www.supermicro.com/products/system/1U/5015/SYS-5015A-PHF.cfm , with Endian http://endian.com/en/community/download/ and an additional dual port nic. With all the parts (HD,NIC) it's under $400. It's an atom board, so you could put whatever you wanted on it. I have a 50mbps net connection and it doesn't have any issues.
Re: Low end, cool CPE.
On Fri, Nov 12, 2010 at 10:10:30AM -0500, Jason Lewis wrote: Everytime I'm in the market for a device like you describe, it comes down to the limitations of consumer devices. You can't get all those things in a low cost solution. I end up rolling my own. My latest system is this http://www.supermicro.com/products/system/1U/5015/SYS-5015A-PHF.cfm Exactly my stock system. Apparently, there's a version which doesn't need a slot spacer, and has frontally accessible ports: http://www.thomas-krenn.com/de/server-systeme/1HE-rack-server/1HE-intel-single-cpu/intel-dual-atom-d510-single-cpu-cse513-server.html Aye, that's the rub: no ECC memory. But nice enough IPMI. , with Endian http://endian.com/en/community/download/ and an additional dual port nic. With all the parts (HD,NIC) it's under $400. It's an atom board, so you could put whatever you wanted on it. I have a 50mbps net connection and it doesn't have any issues. Works well on GBit/s as well. I haven't measured the throughput yet, though. Should be ~500 MBit/s, assuming a single Atom core is about equivalent to a Pentium 3 at the same frequency.
Re: Low end, cool CPE.
On 11/11/2010 10:55 PM, Michael Loftis wrote: I have sort of recently gone from a little netscreen 5 to a mikrotik rb750g. Happily running for about 4 months. Way more of a power user or net admin than consumer oriented device. Fast though, loads faster than the netscreen I would recommend their products except for one thing: They have quite a few different models which experience a still-unfixed problem where the Ethernet port(s) simply go silent for 5-20 minutes and then come back all on their own (or with a reboot). Totally unacceptable, and their support forums are filled with others having the same problem *and* no confirmation of what the company is doing to fix it. And hard to debug, I'm sure, because the problem is one of those happens every other day for 4 days, then not again for 3 weeks kinds of bugs. Matthew Kaufman
Re: Low end, cool CPE.
Check out cradlepoint. Doesn't have all the features you want, but will do wifi/3g/ethernet as wan options. Not sure if it load balances between them though. Also check out pfsense. That's what I am currently running. On 11/11/2010 05:54 PM, Suresh Ramasubramanian wrote: And does this take cellular modems as a backup? The only wifi AP I've seen that would take SIM cards besides ethernet was a no-name chinese brand I saw in a Hong Kong electronics store.
Re: Low end, cool CPE.
On 11/12/2010 01:24 AM, Eugen Leitl wrote: On Thu, Nov 11, 2010 at 05:41:00PM -0800, Leo Bicknell wrote: I've run into a number of low end CPE situations lately where I haven't found anything that does what I want, but I have to believe it is out there. I'm hoping NANOG can help. An ALIX with pfSense 2.0 (BETA4 at the moment) would fit most of the above. IPv6 support is coming (is mostly there in the kernel, but interface only alpha). PPPOE is currently broken in 2.0 BETA4. :( If you want to run the snort package I'd however pick a Supermicro Atom system with 2 onboard NICs and add a dual-port Intel NIC, and run pfSense from a small SSD or an USB stick. Albeit a rackmount, the system would be quiet enough for SOHO. Yes. I agree. Have SNORT run as a transparent bridge and have a separate management interface. Use vlans on that interface to handle whatever you need to do (dedicated vlan for snort, one for your management network, one for secure wifi, one for guest wifi etc). Basically think about a sophisticated home user, or a 1-5 person small office. Think DSL, Cable Modem, maybe Cell Card or ISDN as backups. Looking for an appliance, very much fire and forget. I probably won't get all the features that I want, but in no particular order: - Able to deal with backup connectivity, eg. Cell Cards which you only want to use if the primary is down. - User friendly features, e.g. UPNP, NAT-PMP, etc. - Good manageability. ssh to a cli would be a huge bonus, at least the ability to backup a config. Very well supported. http(s) and ssh both. Well the SSH interface is very limited. You can login and do some basic checks. However everything is driven from a single XML config file that gets parsed by PHP scripts during the init process and then writes out all the UNIX configuration files. However all the things I've ever done from the CLI on a Linux box are readily available from the pfSense web interface (arp table checks, traceroute,ping,iperf,tcpdump). I only use the CLI when I have broken something. _ Nice firewall features. - IDS features are cool. It has a SNORT package that's pretty nice. Also has some other AV type stuff and a proxy. I haven't gotten the proxy/av to work yet, but haven't put much time into them. WiFi is not strictly required, but would be cool. Things like guest WiFi would be an added bonus. It supports a lot of wifi cards. I put a USB wifi stick in my pfsense box and configured it as an AP from the web UI. I'm running the current stable pfSense (1.2.3 I think). Very happy with it. It's a fully featured distribution that is incredibly well put together.
Re: Low end, cool CPE.
They also have an adapter for using with other routers in a pass-through scenario. http://www.cradlepoint.com/products/cba250-cellular-broadband-adapter# On 11/12/10 11:00 AM, Charles N Wyble char...@knownelement.com wrote: Check out cradlepoint. Doesn't have all the features you want, but will do wifi/3g/ethernet as wan options. Not sure if it load balances between them though. Also check out pfsense. That's what I am currently running. On 11/11/2010 05:54 PM, Suresh Ramasubramanian wrote: And does this take cellular modems as a backup? The only wifi AP I've seen that would take SIM cards besides ethernet was a no-name chinese brand I saw in a Hong Kong electronics store.
Re: OT: VM slicing and dicing
On 11/9/2010 2:38 PM, Brandon Kim wrote: Thanks everyone for your input today on this topic. I wanted to recap with a list of sites that everyone has suggested both online and offline for FYI purposes. http://www.microsoft.com/systemcenter/en/us/default.aspx I haven't used system center, but have been very happy with Microsofts other management offerings. In particular the combination of WMI and Active Directory is pretty slick. Now days with W2k8 Server Core and VM friendly licensing, the Microsoft OS density on a hardware node is starting to approach Linux density levels. http://www.proxmox.com/products/proxmox-ve I use Proxmox exclusively and am very happy with it. It's a great product. You might need to do a bit of CLI work if you want to support multiple VLANS or other slightly advanced features. I'm lazy but I might get around to patching the web UI at some point to support the stuff I do manually. The OpenVZ docs are very clear and the process is pretty trivial to do on the CLI. http://www.openqrm-enterprise.com/ This has received some serious attention from me, but it seemed a bit heavy on the startup requirements and it wanted to own my entire infrastructure. Proxmox was just plug and play and reduced the effort to deploy virtual machines. Anyone here using openqrm? How demanding is it? Can you just utilize the pieces you want? These days most users have existing systems in place to handle storage, security, monitoring, os configuration management etc. I guess if you are a completely new startup, then OpenQRM might make sense. http://www.openstack.org/ Ah yes. The new comer of sorts. Anyone looked at this in detail? Beta deployed it?
Re: AS path question.
--- jle...@lewis.org wrote: From: Jon Lewis jle...@lewis.org On Wed, 10 Nov 2010, Scott Weeks wrote: Why did that make you feel safe? Other than a bug, and ignorance of BGP, what is unsafe about a lotta prepends? Ignorance of BGP? There's a known cisco bug that causes BGP session -- I meant ignorance of BGP in that 50, 75 or 100 prepends will basically make no difference in your paths. So, other than for fun and testing why prepend that much? scott
Weekly Routing Table Report
This is an automated weekly mailing describing the state of the Internet Routing Table as seen from APNIC's router in Japan. The posting is sent to APOPS, NANOG, AfNOG, AusNOG, SANOG, PacNOG, LacNOG, CaribNOG and the RIPE Routing Working Group. Daily listings are sent to bgp-st...@lists.apnic.net For historical data, please see http://thyme.rand.apnic.net. If you have any comments please contact Philip Smith p...@cisco.com. Routing Table Report 04:00 +10GMT Sat 13 Nov, 2010 Report Website: http://thyme.rand.apnic.net Detailed Analysis: http://thyme.rand.apnic.net/current/ Analysis Summary BGP routing table entries examined: 337475 Prefixes after maximum aggregation: 153810 Deaggregation factor: 2.19 Unique aggregates announced to Internet: 165548 Total ASes present in the Internet Routing Table: 35234 Prefixes per ASN: 9.58 Origin-only ASes present in the Internet Routing Table: 30369 Origin ASes announcing only one prefix: 14826 Transit ASes present in the Internet Routing Table:4865 Transit-only ASes present in the Internet Routing Table:117 Average AS path length visible in the Internet Routing Table: 4.3 Max AS path length visible: 31 Max AS path prepend of ASN (36992) 29 Prefixes from unregistered ASNs in the Routing Table: 295 Unregistered ASNs in the Routing Table: 124 Number of 32-bit ASNs allocated by the RIRs:880 Prefixes from 32-bit ASNs in the Routing Table: 4 Special use prefixes present in the Routing Table:0 Prefixes being announced from unallocated address space:195 Number of addresses announced to Internet: 2298665376 Equivalent to 137 /8s, 2 /16s and 217 /24s Percentage of available address space announced: 62.0 Percentage of allocated address space announced: 65.6 Percentage of available address space allocated: 94.6 Percentage of address space in use by end-sites: 85.9 Total number of prefixes smaller than registry allocations: 139046 APNIC Region Analysis Summary - Prefixes being announced by APNIC Region ASes:82694 Total APNIC prefixes after maximum aggregation: 28127 APNIC Deaggregation factor:2.94 Prefixes being announced from the APNIC address blocks: 79584 Unique aggregates announced from the APNIC address blocks:34871 APNIC Region origin ASes present in the Internet Routing Table:4237 APNIC Prefixes per ASN: 18.78 APNIC Region origin ASes announcing only one prefix: 1178 APNIC Region transit ASes present in the Internet Routing Table:680 Average APNIC Region AS path length visible:4.4 Max APNIC Region AS path length visible: 17 Number of APNIC addresses announced to Internet: 563115552 Equivalent to 33 /8s, 144 /16s and 118 /24s Percentage of available APNIC address space announced: 76.3 APNIC AS Blocks4608-4864, 7467-7722, 9216-10239, 17408-18431 (pre-ERX allocations) 23552-24575, 37888-38911, 45056-46079 55296-56319, 131072-132095 APNIC Address Blocks 1/8, 14/8, 27/8, 36/8, 42/8, 43/8, 49/8, 58/8, 59/8, 60/8, 61/8, 101/8, 110/8, 111/8, 112/8, 113/8, 114/8, 115/8, 116/8, 117/8, 118/8, 119/8, 120/8, 121/8, 122/8, 123/8, 124/8, 125/8, 126/8, 133/8, 175/8, 180/8, 182/8, 183/8, 202/8, 203/8, 210/8, 211/8, 218/8, 219/8, 220/8, 221/8, 222/8, 223/8, ARIN Region Analysis Summary Prefixes being announced by ARIN Region ASes:137756 Total ARIN prefixes after maximum aggregation:71405 ARIN Deaggregation factor: 1.93 Prefixes being announced from the ARIN address blocks: 109127 Unique aggregates announced from the ARIN address blocks: 43688 ARIN Region origin ASes present in the Internet Routing Table:14028 ARIN Prefixes per ASN: 7.78 ARIN Region origin ASes announcing only one prefix:5371 ARIN Region transit ASes present in the Internet Routing Table:1493 Average ARIN Region AS path length visible: 4.0 Max ARIN Region AS path length visible:
Re: OT: VM slicing and dicing
On Fri, 12 Nov 2010, Charles N Wyble wrote: I use Proxmox exclusively and am very happy with it. It's a great product. You might need to do a bit of CLI work if you want to support multiple VLANS or other slightly advanced features. I'm lazy but I might get around to patching the web UI at some point to support the stuff I do manually. The OpenVZ docs are very clear and the process is pretty trivial to do on the CLI. I've used OpenVZ at many sites and been really happy with it. Managing OpenVZ from the CLI is easy. I wrote wrapper scripts to perform the desired functions. It has extensive documentation available. From a documentation point of view it really stands out among OSS and even commercial apps. Cheers, Rob -- Email: rob...@timetraveller.org Linux counter ID #16440 IRC: Solver (OFTC Freenode) Web: http://www.practicalsysadmin.com Contributing member of Software in the Public Interest (http://spi-inc.org/) Open Source: The revolution that silently changed the world
Re: OT: VM slicing and dicing
On 11/12/2010 12:09 PM, Robert Brockway wrote: On Fri, 12 Nov 2010, Charles N Wyble wrote: I use Proxmox exclusively and am very happy with it. It's a great product. You might need to do a bit of CLI work if you want to support multiple VLANS or other slightly advanced features. I'm lazy but I might get around to patching the web UI at some point to support the stuff I do manually. The OpenVZ docs are very clear and the process is pretty trivial to do on the CLI. Managing OpenVZ from the CLI is easy. I wrote wrapper scripts to perform the desired functions. Yeah. It's very easy. Proxmox is for super lazy people like me. :) It has extensive documentation available. From a documentation point of view it really stands out among OSS and even commercial apps. Yes. The documentation is fantastic. Top notch. OpenVZ is very simple and utilizes existing features in Linux directly. As opposed to XEN (at least as it ships with centos 5) which utilizes an entire super structure of complex shell scripts to do it's networking setup. If you have a few years of server admin experience it's very easy to get up and going. You can utilize all your existing CLI knowledge.
BGP Update Report
BGP Update Report Interval: 04-Nov-10 -to- 11-Nov-10 (7 days) Observation Point: BGP Peering with AS131072 TOP 20 Unstable Origin AS Rank ASNUpds % Upds/PfxAS-Name 1 - AS947626585 2.4%8861.7 -- INTRAPOWER-AS-AP IntraPower Pty. Ltd. 2 - AS650325496 2.3% 13.8 -- Axtel, S.A.B. de C.V. 3 - AS32528 21690 1.9%7230.0 -- ABBOTT Abbot Labs 4 - AS35931 16533 1.5%5511.0 -- ARCHIPELAGO - ARCHIPELAGO HOLDINGS INC 5 - AS754514031 1.2% 9.9 -- TPG-INTERNET-AP TPG Internet Pty Ltd 6 - AS949812610 1.1% 268.3 -- BBIL-AP BHARTI Airtel Ltd. 7 - AS237498355 0.7%1392.5 -- GLOBAL-TRANSIT-AS-HKCOLO-AP HKCOLO ltd. Internet Service Provider 8 - AS6316 7988 0.7% 295.9 -- AS-PAETEC-NET - PaeTec Communications, Inc. 9 - AS5963 7886 0.7% 657.2 -- DNIC-ASBLK-05800-06055 - DoD Network Information Center 10 - AS9829 7523 0.7% 15.9 -- BSNL-NIB National Internet Backbone 11 - AS680 7180 0.6% 26.0 -- DFN-IP service G-WiN 12 - AS3816 6554 0.6% 76.2 -- COLOMBIA TELECOMUNICACIONES S.A. ESP 13 - AS4323 6061 0.5% 3.1 -- TWTC - tw telecom holdings, inc. 14 - AS701 5993 0.5% 93.6 -- UUNET - MCI Communications Services, Inc. d/b/a Verizon Business 15 - AS8452 5734 0.5% 12.4 -- TE-AS TE-AS 16 - AS9942 5631 0.5% 29.2 -- COMINDICO-AP SOUL Converged Communications Australia 17 - AS290495465 0.5% 18.5 -- DELTA-TELECOM-AS Delta Telecom LTD. 18 - AS333635309 0.5% 3.7 -- BHN-TAMPA - BRIGHT HOUSE NETWORKS, LLC 19 - AS220475248 0.5% 9.2 -- VTR BANDA ANCHA S.A. 20 - AS9919 5212 0.5% 11.5 -- NCIC-TW New Century InfoComm Tech Co., Ltd. TOP 20 Unstable Origin AS (Updates per announced prefix) Rank ASNUpds % Upds/PfxAS-Name 1 - AS947626585 2.4%8861.7 -- INTRAPOWER-AS-AP IntraPower Pty. Ltd. 2 - AS32528 21690 1.9%7230.0 -- ABBOTT Abbot Labs 3 - AS35931 16533 1.5%5511.0 -- ARCHIPELAGO - ARCHIPELAGO HOLDINGS INC 4 - AS435342625 0.2%2625.0 -- CREDITCALL CreditCall Ltd 5 - AS159842465 0.2%2465.0 -- The Joint-Stock Commercial Bank CentroCredit. 6 - AS496002135 0.2%2135.0 -- LASEDA La Seda de Barcelona, S.A 7 - AS485611503 0.1%1503.0 -- AUTOMIR-AS NP Automir CJSC 8 - AS159784314 0.4%1438.0 -- BOBST Group autonomous system 9 - AS237498355 0.7%1392.5 -- GLOBAL-TRANSIT-AS-HKCOLO-AP HKCOLO ltd. Internet Service Provider 10 - AS407722274 0.2%1137.0 -- VELOCITER-WIRELESS-INC - Velociter Wireless, Inc. 11 - AS3352 3219 0.3%1073.0 -- TELEFONICA-DATA-ESPANA TELEFONICA DE ESPANA 12 - AS210032926 0.3% 975.3 -- GPTC-AS 13 - AS52252 945 0.1% 945.0 -- Entel PCS Telecomunicaciones S.A. (Sis) 14 - AS9929 3735 0.3% 933.8 -- CNCNET-CN China Netcom Corp. 15 - AS5963 7886 0.7% 657.2 -- DNIC-ASBLK-05800-06055 - DoD Network Information Center 16 - AS41816 557 0.1% 557.0 -- MEGALOG-PLUS-AS Megalog-Plus Ltd 17 - AS281752625 0.2% 525.0 -- 18 - AS210175077 0.5% 507.7 -- VSI-AS VSI AS 19 - AS9556 3492 0.3% 498.9 -- ADAM-AS-AP Adam Internet Pty Ltd 20 - AS17904 962 0.1% 481.0 -- SLTASUL-LK Sri Lankan Airlines TOP 20 Unstable Prefixes Rank Prefix Upds % Origin AS -- AS Name 1 - 203.1.14.0/24 14952 1.2% AS9476 -- INTRAPOWER-AS-AP IntraPower Pty. Ltd. 2 - 202.92.235.0/24 12275 1.0% AS9498 -- BBIL-AP BHARTI Airtel Ltd. 3 - 203.1.13.0/24 11630 0.9% AS9476 -- INTRAPOWER-AS-AP IntraPower Pty. Ltd. 4 - 130.36.35.0/2410841 0.9% AS32528 -- ABBOTT Abbot Labs 5 - 130.36.34.0/2410837 0.9% AS32528 -- ABBOTT Abbot Labs 6 - 63.211.68.0/2210463 0.8% AS35931 -- ARCHIPELAGO - ARCHIPELAGO HOLDINGS INC 7 - 112.213.64.0/248333 0.7% AS23749 -- GLOBAL-TRANSIT-AS-HKCOLO-AP HKCOLO ltd. Internet Service Provider 8 - 216.126.136.0/22 7842 0.6% AS6316 -- AS-PAETEC-NET - PaeTec Communications, Inc. 9 - 190.65.228.0/225892 0.5% AS3816 -- COLOMBIA TELECOMUNICACIONES S.A. ESP 10 - 198.140.43.0/245832 0.5% AS35931 -- ARCHIPELAGO - ARCHIPELAGO HOLDINGS INC 11 - 65.208.172.0/244862 0.4% AS701 -- UUNET - MCI Communications Services, Inc. d/b/a Verizon Business 12 - 202.83.96.0/20 4174 0.3% AS18106 -- VIEWQWEST-SG-AP Viewqwest Pte Ltd AS9255 -- CONNECTPLUS-AS Singapore Telecom 13 - 206.184.16.0/243437 0.3% AS174 -- COGENT Cogent/PSI 14 - 149.117.65.0/243378 0.3% AS1273 -- CW Cable and
The Cidr Report
This report has been generated at Fri Nov 12 21:11:47 2010 AEST.
The report analyses the BGP Routing Table of AS2.0 router
and generates a report on aggregation potential within the table.
Check http://www.cidr-report.org for a current version of this report.
Recent Table History
Date PrefixesCIDR Agg
05-11-10337795 206264
06-11-10337843 206672
07-11-10338022 206620
08-11-10338060 207433
09-11-10339052 207760
10-11-10339893 207903
11-11-10340203 208173
12-11-10340330 208528
AS Summary
35919 Number of ASes in routing system
15316 Number of ASes announcing only one prefix
4556 Largest number of prefixes announced by an AS
AS4323 : TWTC - tw telecom holdings, inc.
101649920 Largest address span announced by an AS (/32s)
AS4134 : CHINANET-BACKBONE No.31,Jin-rong Street
Aggregation Summary
The algorithm used in this report proposes aggregation only
when there is a precise match using the AS path, so as
to preserve traffic transit policies. Aggregation is also
proposed across non-advertised address space ('holes').
--- 12Nov10 ---
ASnumNetsNow NetsAggr NetGain % Gain Description
Table 340755 208585 13217038.8% All ASes
AS6389 3751 407 334489.1% BELLSOUTH-NET-BLK -
BellSouth.net Inc.
AS4323 4556 1679 287763.1% TWTC - tw telecom holdings,
inc.
AS6503 2001 433 156878.4% Axtel, S.A.B. de C.V.
AS19262 1780 316 146482.2% VZGNI-TRANSIT - Verizon Online
LLC
AS4766 1728 575 115366.7% KIXS-AS-KR Korea Telecom
AS17488 1360 272 108880.0% HATHWAY-NET-AP Hathway IP Over
Cable Internet
AS22773 1242 164 107886.8% ASN-CXA-ALL-CCI-22773-RDC -
Cox Communications Inc.
AS4755 1385 403 98270.9% TATACOMM-AS TATA
Communications formerly VSNL
is Leading ISP
AS18566 1091 158 93385.5% COVAD - Covad Communications
Co.
AS24560 1056 201 85581.0% AIRTELBROADBAND-AS-AP Bharti
Airtel Ltd., Telemedia
Services
AS10620 1333 523 81060.8% Telmex Colombia S.A.
AS33363 1560 784 77649.7% BHN-TAMPA - BRIGHT HOUSE
NETWORKS, LLC
AS18101 905 138 76784.8% RELIANCE-COMMUNICATIONS-IN
Reliance Communications
Ltd.DAKC MUMBAI
AS7545 1438 698 74051.5% TPG-INTERNET-AP TPG Internet
Pty Ltd
AS28573 1167 514 65356.0% NET Servicos de Comunicao S.A.
AS8452 1073 434 63959.6% TE-AS TE-AS
AS4808 922 287 63568.9% CHINA169-BJ CNCGROUP IP
network China169 Beijing
Province Network
AS8151 1345 721 62446.4% Uninet S.A. de C.V.
AS17676 640 66 57489.7% GIGAINFRA Softbank BB Corp.
AS7303 826 256 57069.0% Telecom Argentina S.A.
AS22047 563 31 53294.5% VTR BANDA ANCHA S.A.
AS3356 1191 690 50142.1% LEVEL3 Level 3 Communications
AS7552 642 141 50178.0% VIETEL-AS-AP Vietel
Corporation
AS9443 571 76 49586.7% INTERNETPRIMUS-AS-AP Primus
Telecommunications
AS1785 1799 1320 47926.6% AS-PAETEC-NET - PaeTec
Communications, Inc.
AS14420 571 100 47182.5% CORPORACION NACIONAL DE
TELECOMUNICACIONES - CNT EP
AS4780 713 243 47065.9% SEEDNET Digital United Inc.
AS4804 540 76 46485.9% MPX-AS Microplex PTY LTD
AS36992 650 189 46170.9% ETISALAT-MISR
AS6478 1392 932 46033.0% ATT-INTERNET3 - ATT Services,
Inc.
Total 39791128272696467.8% Top 30 total
Possible Bogus Routes
31.0.0.0/16 AS12654 RIPE-NCC-RIS-AS RIPE NCC RIS project
Re: Current trends in capacity planning and oversubscription
On Wed, 10 Nov 2010, Curtis, Bruce wrote: If we take our current ISP bandwidth and increase it by 50% every year for 5 years it would be about twice the 100 Mbps per 1,000 students/staff recommendation. Is 50% growth each year typical these days? In the dot-com boom days, people said 100% growth, other people have suggested 20% may be more reasonable now. A problem with government network capacity planning/growth forecasts is you will be stuck with whatever you choose, too high or too low, for many years because the budget cycle is so long. It would be great if there was some actual data available. But it seems more typical to benchmark/compare to do network capacity planning with other government agencies, so we end up with X-Mbps per Y,000 people. Yes, I know it depends. 1,000 people downloading data from LHC experiments will be different from an administrative school office. The difference is the people using LHC data usually have someone who can figure out network capacity planning, while the people in an administrative school office may not have anyone. So what is a reasonable network capacity for 1,000 students now and in 5 years.
