OT: Limelight Sales Rep?
If any one knows of a Limelight Sales rep who may be working tomorrow, could you please have them get in touch with me? Thanks, Jesse Proudman Blue Box Group, LLC p. 800-613-4305 x 801 www.blueboxgrp.com
Re: Blocking International DNS
* Suresh Ramasubramanian (ops.li...@gmail.com) wrote: This isnt new - there have been proposals elsewhere for a resolver based blacklist of child porn sites. Swedish ISPs are required to enforce a DNS blacklist for childporn, perhaps also other European countries. The list is maintained by the police (rikskriminalen), they have also published statistics on how many evil access attempts to child porn that they have blocked, i.e. legitimating their existence. They do however fail to mention that browsers usually resolve all links on the webpage it loads so it only takes a look at a page that links to an illegal site for the filter to score a hit... and pr0n pages tend to have a lot of links.. And once you get these things in place you never know where it will end... Cheers, /jkm
Planned IP6.ARPA Nameserver Change
PLANNED IP6.ARPA NAMESERVER CHANGE This is a courtesy notification of an upcoming change to the nameserver set for the IP6.ARPA zone. There is no expected impact on the functional operation of the DNS due to this change. There are no actions required by DNS server operators or end users. DETAIL The IP6.ARPA zone is used to provide reverse mapping (number to name) for IPv6, as described in RFC 3152. The servers which currently provide authoritative DNS service for the IP6.ARPA zone are as follows: TINNIE.ARIN.NET NS-SEC.RIPE.NET NS2.LACNIC.NET SEC1.APNIC.NET NS.ICANN.ORG On Wednesday 2010-12-01 processing will begin to change the nameserver set to the following, as described in RFC 5855: A.IP6-SERVERS.ARPA (operated by ARIN) B.IP6-SERVERS.ARPA (operated by ICANN) C.IP6-SERVERS.ARPA (operated by AfriNIC) D.IP6-SERVERS.ARPA (operated by LACNIC) E.IP6-SERVERS.ARPA (operated by APNIC) F.IP6-SERVERS.ARPA (operated by RIPE NCC) The usual IANA process for a change in the ARPA zone involves a series of technical checks and the gathering of various authorisations, and may take several days to complete. Courtesy notification will be sent to this list once this change has been fully implemented. Regards, Joe Abley Director DNS Operations ICANN
Re: Blocking International DNS
Joakim Aronius joa...@aronius.com writes: * Suresh Ramasubramanian (ops.li...@gmail.com) wrote: This isnt new - there have been proposals elsewhere for a resolver based blacklist of child porn sites. Swedish ISPs are required to enforce a DNS blacklist for childporn, perhaps also other European countries. Yes, this has alrady spread to a number of European countries: http://circamp.eu/ And once you get these things in place you never know where it will end... Unfortunately, yes. We already have a pretty ugly example of that: Telenor (Norwegian ISP) was sued by the music and film industry with a demand that Telenor should block all access to The Pirate Bay. The suggested method was abusing this DNS filter to block access to a number of Pirate Bay domains. Luckily the Norwegian court system do sometimes work: http://www.reuters.com/article/idUS401576177920091106 But history usually repeats itself, so I assume this idea will come up again. And again. And again. Bjørn
Re: Re: Network management software with high detailed traffic report
Sure it upsets. We have a bunch of average-populated 6500s, using the default max age (which was, as far as I remember, 5) made the switches very slow in responding to SNMP queries. set them to 10, and, Gotcha! everything works very well. ivan Date: Tue, 23 Nov 2010 14:25:25 +0200 From: Tassos Chatzithomaoglou ach...@forthnet.gr Subject: Re: Network management software with high detailed traffic report To: nanog@nanog.org Message-ID: 4cebb2b5.5090...@forthnet.gr Content-Type: text/plain; charset=UTF-8; format=flowed There is also CSCsg23226 which might be related. -- Tassos Nick Hilliard wrote on 23/11/2010 01:35: On 22/11/2010 22:56, Tassos Chatzithomaoglou wrote: Does service counters max age help in any way?* *According to Cisco, setting it too low might upset the snmp counters.* https://www.cisco.com/en/US/docs/ios/fundamentals/command/reference/cf_r1.html#wp1067159 The Usage Guidelines are instructive. :-) Although the update interval defaults to 5 seconds, it still appears to update every 9 seconds on my boxes. Nick
Re: Blocking International DNS
On Thu, 25 Nov 2010, Bjørn Mork wrote: Joakim Aronius joa...@aronius.com writes: * Suresh Ramasubramanian (ops.li...@gmail.com) wrote: This isnt new - there have been proposals elsewhere for a resolver based blacklist of child porn sites. Swedish ISPs are required to enforce a DNS blacklist for childporn, perhaps also other European countries. Yes, this has alrady spread to a number of European countries: http://circamp.eu/ And once you get these things in place you never know where it will end... Now i know NANOG should not carry political discussion, but really, we should not even -need- to lobby. Unlike the self-proclaimed entertainment industry we, the isps, OWN AND OPERATE a critical infrastructure, of which the governments in the past have proven incapable of running something like that themselves (you end up with a 1970s style telephone network every time they try ;) They simply need to be explained that the internet is a take it or leave it deal. Countries that work against us, should simply be LEFT. close your offices, fire everyone, pay your taxes somewhere else, fuck them. option B is a hostile takeover on the entire entertainment industry, in order to get rid of them, by using the massive amounts of cashflow available in our industry, all of those companies, disney, vivendi (universal) viacom, etc are on the stock exchange, and therefore vulnerable to hostile takeovers and fucking around with their listing by means of options. They have started a war with the wrong motherfuckers... just that the wrong motherfuckers need to figure out that not all connected parties are working in the interest of the internet, several (disney, time warner) are trying to take control over the internet and make it a one way broadcast system that only carries THEIR content to THEIR viewers. We still are in a position to stop them, i say we should. Besides, court orders only hold any value for specific countries, i'm quite sure you're all quite capable of just shifting your activities/billing to another one, as are we (and pretty much in real time as well :P should the situation require that.
Re: reporting physical plant damage to ATT?
Paul, This may help you: remarks: ATT Global Webhosting Managed Operations phone: +18882912750 phone: +6567772357 remarks: Select option 2, 2 abuse-mailbox: ab...@attglobal.net http://www.db.ripe.net/whois?searchtext=ab...@attglobal.netinverse_attrib utes=abuse-mailboxform_type=simple ATT has been notoriously unclear of their contact numbers. Warren Bailey | RF Engineer General Communication, Inc. 2550 Denali St. Suite 700 Anchorage, AK 99503 907.868.5911 desk 907.903.5410 mobile 907.947.7616 followme http://www.gci.com On 11/25/10 12:14 PM, Paul Vixie vi...@isc.org wrote: there's a pacific telephone j-box at the edge of a parking lot in san mateo california that's been hit by a car hard enough to spring the door open. the copper punchdowns are now freely and publically accessible. i think it's not pac tel or pac bell or sbc any more, so what i need is to know how to tell ATT that they've got a physical plant problem that will soon be customer affecting, especially with the weather like it is. there was a call-before- you-dig sticker on it so i called that number and they said it wasn't their problem. i'm trying to do the right thing by asking ATT to make it so if i google for report damage to att it will give a useful result. meanwhile if someone from att asks me i will tell them the road address of the box. (i am not an att customer and calling 1-800-CALL-ATT did me no good at all.)
Re: reporting physical plant damage to ATT?
From: Paul Vixie vi...@isc.org Date: Thu, 25 Nov 2010 21:14:45 + there's a pacific telephone j-box at the edge of a parking lot in san mateo california that's been hit by a car hard enough to spring the door open. the copper punchdowns are now freely and publically accessible. i think it's not pac tel or pac bell or sbc any more, so what i need is to know how to tell ATT that they've got a physical plant problem that will soon be customer affecting, especially with the weather like it is. there was a call-before- you-dig sticker on it so i called that number and they said it wasn't their problem. i'm trying to do the right thing by asking ATT to make it so if i google for report damage to att it will give a useful result. meanwhile if someone from att asks me i will tell them the road address of the box. (i am not an att customer and calling 1-800-CALL-ATT did me no good at all.) Have you tried 611 (from an ATT land-line phone)? The menus are horrid, but you should finally get to a human. -- R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: ober...@es.net Phone: +1 510 486-8634 Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751
Cogent announcing more specific prefixes?
Anyone else get alerts from their BGP monitoring system (In my case Cyclops) saying Cogent briefly announced some more specific prefixes? AS path as reported by Cyclops: 7575 46135 174 174 /20s broken into /23s /23s became /24s Also saw alerts for one to one (/23 announced has /23) All alerts had a timestamp of: 2010-11-25 12:01:12 UTC
Re: reporting physical plant damage to ATT?
Paul, Try calling 1-800-332-1321. It is a general repair number for POTS and DSX circuits. They are clueful, and if they aren't the right people to call, they will likely be able to point you in the right direction. Sincerely, Bobby Glover Director of Information Services South Valley Internet -Original message- From: Paul Vixie vi...@isc.org To: na...@merit.edu Sent: 2010 Nov, Thu, 25 21:38:18 GMT+00:00 Subject: reporting physical plant damage to ATT? there's a pacific telephone j-box at the edge of a parking lot in san mateo california that's been hit by a car hard enough to spring the door open. the copper punchdowns are now freely and publically accessible. i think it's not pac tel or pac bell or sbc any more, so what i need is to know how to tell ATT that they've got a physical plant problem that will soon be customer affecting, especially with the weather like it is. there was a call-before- you-dig sticker on it so i called that number and they said it wasn't their problem. i'm trying to do the right thing by asking ATT to make it so if i google for report damage to att it will give a useful result. meanwhile if someone from att asks me i will tell them the road address of the box. (i am not an att customer and calling 1-800-CALL-ATT did me no good at all.)
Re: Jumbo frame Question
From: Harris Hui harris@hk1.ibm.com Date: Fri, 26 Nov 2010 08:13:57 +0800 Hi Does anyone have experience on design / implementing the Jumbo frame enabled network? I am working on a project to better utilize a fiber link across east coast and west coast with the Juniper devices. Based on the default TCP windows in Linux / Windows and the latency between east coast and west coast (~80ms) and the default MTU size 1500, the maximum throughput of a single TCP session is around ~3Mbps but it is too slow for us to backing-up the huge amount of data across 2 sites. The following is the topology that we are using right now. Host A NIC (MTU 9000) --- GigLAN --- (MTU 9216) Juniper EX4200 (MTU 9216) ---GigLAN --- (MTU 9018) J-6350 cluster A (MTU 9018) --- fiber link across site --- (MTU 9018) J-6350 cluster B (MTU 9018) --- GigLAN --- (MTU 9216) Juniper EX4200 (MTU 9216) ---GigLAN --- (MTU 9000) NIC - Host B I was trying to test the connectivity from Host A to the J-6350 cluster A by using ICMP-Ping with size 8000 and DF bit set but it was failed to ping. Does anyone have experience on it? please advise. Thanks :-) MTU is only one issue. System tuning and a clean path are also critical. Getting good data streams between two systems that far apart is not easy, but with reasonable effort you can get 300 to 400 Mbps. If an 8000 byte ping fails, that says that SOMETHING is not jumbo enabled, but it's hard to tell what. This assumes that no firewall or other device is blocking ICMP, but I assume that 1400 byte pings work. Try hop-by-hop tests. I should also mention that some DWDM gear needs to be configured to handle jumbos. We've been bitten by that. You tend to assume that layer 1 gear won't care about layer 2 issues, but the input is an Ethernet interface. Finally, host tuning is critical. You talk about default window size, but modern stack auto-tune window size. For lots of information on tuning and congestion management, see http://fasterdata.es.net. We move terabytes of data between CERN and the US and have to make sure that the 10GE links run at close to capacity and streams of more than a Gbps will work. (It's not easy.) -- R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: ober...@es.net Phone: +1 510 486-8634 Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751
Re: Jumbo frame Question
This helps tons. speedguide.net has some registry 'tweeks' for different versions of windows. Also Win7 had the ability to turn on a FASTTCP type of congestion management called Compound TCP. I haven't tried the windows version so ymmv, but I have experienced great success by changing the congestion avoidance algorithm on other devices. -wil On Nov 25, 2010, at 4:19 PM, Adrian Chadd adr...@creative.net.au wrote: TCP maximum window sizes. Application socket buffer sizes. Fix those and re-test! Adrian On Fri, Nov 26, 2010, Harris Hui wrote: Hi Does anyone have experience on design / implementing the Jumbo frame enabled network? I am working on a project to better utilize a fiber link across east coast and west coast with the Juniper devices. Based on the default TCP windows in Linux / Windows and the latency between east coast and west coast (~80ms) and the default MTU size 1500, the maximum throughput of a single TCP session is around ~3Mbps but it is too slow for us to backing-up the huge amount of data across 2 sites. The following is the topology that we are using right now. Host A NIC (MTU 9000) --- GigLAN --- (MTU 9216) Juniper EX4200 (MTU 9216) ---GigLAN --- (MTU 9018) J-6350 cluster A (MTU 9018) --- fiber link across site --- (MTU 9018) J-6350 cluster B (MTU 9018) --- GigLAN --- (MTU 9216) Juniper EX4200 (MTU 9216) ---GigLAN --- (MTU 9000) NIC - Host B I was trying to test the connectivity from Host A to the J-6350 cluster A by using ICMP-Ping with size 8000 and DF bit set but it was failed to ping. Does anyone have experience on it? please advise. Thanks :-) -- - Xenion - http://www.xenion.com.au/ - VPS Hosting - Commercial Squid Support - - $24/pm+GST entry-level VPSes w/ capped bandwidth charges available in WA -
Re: Jumbo frame Question
On Thu, Nov 25, 2010 at 4:26 PM, Kevin Oberman ober...@es.net wrote: From: Harris Hui harris@hk1.ibm.com Date: Fri, 26 Nov 2010 08:13:57 +0800 Hi Does anyone have experience on design / implementing the Jumbo frame enabled network? I am working on a project to better utilize a fiber link across east coast and west coast with the Juniper devices. Based on the default TCP windows in Linux / Windows and the latency between east coast and west coast (~80ms) and the default MTU size 1500, the maximum throughput of a single TCP session is around ~3Mbps but it is too slow for us to backing-up the huge amount of data across 2 sites. The following is the topology that we are using right now. Host A NIC (MTU 9000) --- GigLAN --- (MTU 9216) Juniper EX4200 (MTU 9216) ---GigLAN --- (MTU 9018) J-6350 cluster A (MTU 9018) --- fiber link across site --- (MTU 9018) J-6350 cluster B (MTU 9018) --- GigLAN --- (MTU 9216) Juniper EX4200 (MTU 9216) ---GigLAN --- (MTU 9000) NIC - Host B I was trying to test the connectivity from Host A to the J-6350 cluster A by using ICMP-Ping with size 8000 and DF bit set but it was failed to ping. Does anyone have experience on it? please advise. Thanks :-) MTU is only one issue. System tuning and a clean path are also critical. Getting good data streams between two systems that far apart is not easy, but with reasonable effort you can get 300 to 400 Mbps. If an 8000 byte ping fails, that says that SOMETHING is not jumbo enabled, but it's hard to tell what. This assumes that no firewall or other device is blocking ICMP, but I assume that 1400 byte pings work. Try hop-by-hop tests. I should also mention that some DWDM gear needs to be configured to handle jumbos. We've been bitten by that. You tend to assume that layer 1 gear won't care about layer 2 issues, but the input is an Ethernet interface. Finally, host tuning is critical. You talk about default window size, but modern stack auto-tune window size. For lots of information on tuning and congestion management, see http://fasterdata.es.net. We move terabytes of data between CERN and the US and have to make sure that the 10GE links run at close to capacity and streams of more than a Gbps will work. (It's not easy.) -- R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: ober...@es.net Phone: +1 510 486-8634 Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751 We move hundreds of TB around from one side of the planet to the other on a regular basis. Kevin's link has some really good resources listed on it. I can't stress enough the requirement for doing BOTH OS-level kernel tuning (make sure that RFC1323 extensions are enabled, make sure you have big enough maximum send and receive buffers; if you OS does auto-tuning, make sure the maximum parameters set are big enough to support all the data you'll want to have in flight at any one time) AND application level adjustments. One of the biggest stumbling blocks we run across is people who have done their OS tuning, but then try to use stock SSH/SCP for moving files around. It doesn't matter how much tuning you do in the OS if your application only has a 1MB or 64KB buffer for data handling, you just won't get the throughput you're looking for. But with proper OS and application layer tuning, you can move a lot of data even over stock 1500 byte frames; don't be distracted by jumboframes, it's a red herring when it comes to actually moving large volumes of data around. (yes, yes, it's not completely irrelevant, for the pedants in the audience--but it's not required by any means). Matt
Re: reporting physical plant damage to ATT?
On Thu, 25 Nov 2010, Paul Vixie wrote: i think all of us who place infrastructure in places away from our offices should label them clearly as to who to call if they get hit by cars, or if not that, make sure google will tell observers how to find us. Indeed, and along those lines, try to make sure those numbers stay active through corporate evolution, acquisitions, etc. If I dig (no pun intended) around enough, I'm sure I can find some boxes with dead For trouble, call... numbers. That isn't always possible, and some companies are notorious for having 237 different numbers to call depending on what you need, but it's probably a lot cheaper to continue operating a backwater 800 number than it would be to dispatch techs to re-label field equipment. I hope everyone stateside is having a good and quiet Thanksgiving :) jms
Re: Jumbo frame Question
On Fri, 26 Nov 2010, Harris Hui wrote: You might want to read this: http://kb.pert.geant.net/PERTKB/JumboMTU -Hank Hi Does anyone have experience on design / implementing the Jumbo frame enabled network? I am working on a project to better utilize a fiber link across east coast and west coast with the Juniper devices. Based on the default TCP windows in Linux / Windows and the latency between east coast and west coast (~80ms) and the default MTU size 1500, the maximum throughput of a single TCP session is around ~3Mbps but it is too slow for us to backing-up the huge amount of data across 2 sites. The following is the topology that we are using right now. Host A NIC (MTU 9000) --- GigLAN --- (MTU 9216) Juniper EX4200 (MTU 9216) ---GigLAN --- (MTU 9018) J-6350 cluster A (MTU 9018) --- fiber link across site --- (MTU 9018) J-6350 cluster B (MTU 9018) --- GigLAN --- (MTU 9216) Juniper EX4200 (MTU 9216) ---GigLAN --- (MTU 9000) NIC - Host B I was trying to test the connectivity from Host A to the J-6350 cluster A by using ICMP-Ping with size 8000 and DF bit set but it was failed to ping. Does anyone have experience on it? please advise. Thanks :-)
RE: Cogent announcing more specific prefixes?
We received Cyclops alerts for one of our /24's. It claimed that the prefix was being announced by a provider in Hong Kong. Our alerts fired between 10:36:30 and 10:40:36 UTC today, 2010-11-25. The longest time period that any alert was active was 2m 58s. All appears to be well at this moment; the prefix is not being announced by that provider according to routeviews.org. It is highly unusual for us to receive alerts. We have only 5x /24 networks being monitored. Given that you received similar alerts less than 1.5 hr later, I wonder if this was a systemic problem. -Brian Knight Sr. Network Engineer Mizuho Securities USA Inc http://www.mizuho-sc.com/ * Please note that all NANOG list members and archive readers may consider themselves Recipients of this message, in reference to the appended disclaimer. (I don't add it myself and can't control it, sorry.) -Original Message- From: ML [mailto:m...@kenweb.org] Sent: Thursday, November 25, 2010 4:26 PM To: nanog@nanog.org Subject: Cogent announcing more specific prefixes? Anyone else get alerts from their BGP monitoring system (In my case Cyclops) saying Cogent briefly announced some more specific prefixes? AS path as reported by Cyclops: 7575 46135 174 174 /20s broken into /23s /23s became /24s Also saw alerts for one to one (/23 announced has /23) All alerts had a timestamp of: 2010-11-25 12:01:12 UTC CONFIDENTIAL: This e-mail, including its contents and attachments, if any, are confidential. It is neither an offer to buy or sell, nor a solicitation of an offer to buy or sell, any securities or any related financial instruments mentioned in it. If you are not the named recipient please notify the sender and immediately delete it. You may not disseminate, distribute, or forward this e-mail message or disclose its contents to anybody else. Unless otherwise indicated, copyright and any other intellectual property rights in its contents are the sole property of Mizuho Securities USA Inc. E-mail transmission cannot be guaranteed to be secure or error-free. The sender therefore does not accept liability for any errors or omissions in the contents of this message which arise as a result of e-mail transmission. If verification is required please request a hard-copy version. Although we routinely screen for viruses, addressees should check this e-mail and any attachments for viruses. We make no representation or warranty as to the absence of viruses in this e-mail or any attachments. Please note that to ensure regulatory compliance and for the protection of our customers and business, we may monitor and read e-mails sent to and from our server(s). #
RE: Jumbo frame Question
Hi Does anyone have experience on design / implementing the Jumbo frame enabled network? I am working on a project to better utilize a fiber link across east coast and west coast with the Juniper devices. Based on the default TCP windows in Linux / Windows and the latency between east coast and west coast (~80ms) and the default MTU size 1500, the maximum throughput of a single TCP session is around ~3Mbps but it is too slow for us to backing-up the huge amount of data across 2 sites. There are a lot of stack tweaks you can make but the real answer is larger MTU sizes in addition to those tweaks. Our network is completely 9000 MTU internally. We don't deploy any servers anymore with MTU 1500. MTU 1500 is just plain stupid with any network 100mb ethernet. The following is the topology that we are using right now. Host A NIC (MTU 9000) --- GigLAN --- (MTU 9216) Juniper EX4200 (MTU 9216) ---GigLAN --- (MTU 9018) J-6350 cluster A (MTU 9018) --- fiber link across site --- (MTU 9018) J-6350 cluster B (MTU 9018) --- GigLAN --- (MTU 9216) Juniper EX4200 (MTU 9216) ---GigLAN --- (MTU 9000) NIC - Host B I was trying to test the connectivity from Host A to the J-6350 cluster A by using ICMP-Ping with size 8000 and DF bit set but it was failed to ping. Does anyone have experience on it? please advise. Thanks :-) You might have some transport in the path (SONET?) that can't send 8000. I would try starting at 3000 and working up to find where your limit is. Your description of fiber link across site is vague. Who is the vendor, what kind of service?
Re: reporting physical plant damage to ATT?
Our fiber optic system is on every maritime map in existence, along with our Network Operations Control Center's phone number. We still get the occasional oops from a rouge fisherman who decides his net must be caught on something else. Unfortunately, as they say - You can't fix stupid. And just as a side note, ATT should send you a check. I do not doubt they would have spent hours and hours trying to troubleshoot circuits somewhere scratching their heads all Thanksgiving evening. Consider yourself one of the rare ones, because I know we rarely (read: Not, Ever) get calls from concerned customers about Ped's being knocked over. If anything it's a guy sitting in a backhoe wondering what that there black wire is doin' in his yard. Have a good Thanksgiving. :) //warren Warren Bailey | RF Engineer General Communication, Inc. 2550 Denali St. Suite 700 Anchorage, AK 99503 907.868.5911 desk 907.903.5410 mobile 907.947.7616 followme http://www.gci.com On 11/25/10 2:58 PM, Paul Vixie vi...@isc.org wrote: From: Robert Gloverrobe...@garlic.com Date: Thu, 25 Nov 2010 15:02:42 -0800 Try calling 1-800-332-1321. It is a general repair number for POTS and DSX circuits. They are clueful, and if they aren't the right people to call, they will likely be able to point you in the right direction. thanks, that did it. i tried every other 800 and 866 number folks could send me and this was the first one that i tried that was answered by a human (in st louis) who then transferred me to a call center in california who asked me my circuit number but then took my report anyway. nice folks. i think all of us who place infrastructure in places away from our offices should label them clearly as to who to call if they get hit by cars, or if not that, make sure google will tell observers how to find us.
Re: Network management software with high detailed traffic report
I am just curios what kind of application/network requires this aggressive monitoring. Is it possible to share this information ? Cheers On 11/26/10, Ivan Brunello ivan.brune...@gmail.com wrote: Sure it upsets. We have a bunch of average-populated 6500s, using the default max age (which was, as far as I remember, 5) made the switches very slow in responding to SNMP queries. set them to 10, and, Gotcha! everything works very well. ivan Date: Tue, 23 Nov 2010 14:25:25 +0200 From: Tassos Chatzithomaoglou ach...@forthnet.gr Subject: Re: Network management software with high detailed traffic report To: nanog@nanog.org Message-ID: 4cebb2b5.5090...@forthnet.gr Content-Type: text/plain; charset=UTF-8; format=flowed There is also CSCsg23226 which might be related. -- Tassos Nick Hilliard wrote on 23/11/2010 01:35: On 22/11/2010 22:56, Tassos Chatzithomaoglou wrote: Does service counters max age help in any way?* *According to Cisco, setting it too low might upset the snmp counters.* https://www.cisco.com/en/US/docs/ios/fundamentals/command/reference/cf_r1.html#wp1067159 The Usage Guidelines are instructive. :-) Although the update interval defaults to 5 seconds, it still appears to update every 9 seconds on my boxes. Nick -- Sent from my mobile device ./diogo -montagner
Re: Network management software with high detailed traffic report
We use a several connections to the financial providers. This connections are low bandwidth (up to 2 Mbps). This connections used by a number of front end services from a nubmer of departments and we could not differentiate its and configure QoS. But from time to time some one produce an extremely high traffic spikes (less than 30 seconds) without congestion avoidance mechanisms. Our task - is to find such applications and report to management and developers a problem. Also if we'll be aware about it we could configure QoS. On 26 November 2010 08:34, Diogo Montagner diogo.montag...@gmail.comwrote: I am just curios what kind of application/network requires this aggressive monitoring. Is it possible to share this information ? Cheers On 11/26/10, Ivan Brunello ivan.brune...@gmail.com wrote: Sure it upsets. We have a bunch of average-populated 6500s, using the default max age (which was, as far as I remember, 5) made the switches very slow in responding to SNMP queries. set them to 10, and, Gotcha! everything works very well. ivan Date: Tue, 23 Nov 2010 14:25:25 +0200 From: Tassos Chatzithomaoglou ach...@forthnet.gr Subject: Re: Network management software with high detailed traffic report To: nanog@nanog.org Message-ID: 4cebb2b5.5090...@forthnet.gr Content-Type: text/plain; charset=UTF-8; format=flowed There is also CSCsg23226 which might be related. -- Tassos Nick Hilliard wrote on 23/11/2010 01:35: On 22/11/2010 22:56, Tassos Chatzithomaoglou wrote: Does service counters max age help in any way?* *According to Cisco, setting it too low might upset the snmp counters.* https://www.cisco.com/en/US/docs/ios/fundamentals/command/reference/cf_r1.html#wp1067159 The Usage Guidelines are instructive. :-) Although the update interval defaults to 5 seconds, it still appears to update every 9 seconds on my boxes. Nick -- Sent from my mobile device ./diogo -montagner
Re: Network management software with high detailed traffic report
On Fri, 26 Nov 2010, Sergey Voropaev wrote: We use a several connections to the financial providers. This connections are low bandwidth (up to 2 Mbps). This connections used by a number of front end services from a nubmer of departments and we could not differentiate its and configure QoS. But from time to time some one produce an extremely high traffic spikes (less than 30 seconds) without congestion avoidance mechanisms. Our task - is to find such applications and report to management and developers a problem. Also if we'll be aware about it we could configure QoS. What kind of queuing are you using? It sounds like configuring fair-queue on the interface (if your platform supports that, usually the ones with 2M interfaces do), it should help with the problem you're describing. If you have CPU to spare, configure fair-queue everywhere you can where you don't have a better QoS-configuration in place. It really solves a lot of the problems people are seeing with FIFO and mixed traffic. -- Mikael Abrahamssonemail: swm...@swm.pp.se
Re: Network management software with high detailed traffic report
On Nov 26, 2010, at 1:36 PM, Sergey Voropaev wrote: Our task - is to find such applications and report to management and developers a problem. Also if we'll be aware about it we could configure QoS. One place to start would be an open-source NetFlow collector/analyzer like nfdump/nfsen: http://nfdump.sourceforge.net/ http://nfsen.sourceforge.net/ --- Roland Dobbins rdobb...@arbor.net // http://www.arbornetworks.com Sell your computer and buy a guitar.