[HFC] pooling modems in layer2

[Toney Mareo]

Hello

I think it's kind of an isp secret but I would be curious how do people 
distribute modems to pools before they would even reach the actual IP network 
so on layer2:

http://dl.packetstormsecurity.net/papers/evaluation/docsis/Service_Distribution.jpg


For this I would like to get some clarification because I do not work in the 
telco industry. As I can figure out of the docsis, cablelabs documents. The 
CMTS device is connected to the coax segments through fiber. Therefore one 
could say that the "modem facing" side is a fiber optic interface but it's not 
1000 Base-FX, not a regular Ethernet over fiber. It sends signals through a 
broad range of frequencies.

So what I would like to accomplish to provide a different pool of dhcp servers, 
which provides different config file, tod server, router, dns etc. infos to the 
modems but to do all this in Layer2. 

I don't have hands on experience with CMTS-es but I would think that they are 
able to pool clients by MACs and able to send eg 500 clients to DHCP server1 
and the other 1500 to DHCP server2 before they would even get an IP, so I 
talking of pure layer2 here!

Let's say if the CMTS device does not support this, what are the other options 
for routing layer2 traffic coming out of the CMTS? If I would know more about 
the device I would say that put a linuxbox after it (on the ISP facing nic) and 
mark the packets going out with arptables/ebtables then send them out of 
different nics to different dhcp servers. 

Any suggestions are welcome.

Re: Mikrotik RouterBoard and Ubiquiti Networks Routing and Switching Solutions

[Justin Wilson]

Another thing to consider is how you feel about the configuration.
Mikrotik has a more polished GUI and command subset.  UBNT is still
working things out.  A lot of what you have to to do with the UBNT line
has to still be done in command line.  If you are cool with that then not
a big deal.  The RouterOS is a pretty mature product and has a good
backing of forums, wiki, and other things.  Not saying uBNT doesn¹t, just
not as mature.

Justin

--
Justin Wilson 
http://www.mtin.net 
Managed Services ­ xISP Solutions ­ Data Centers
http://www.thebrotherswisp.com
Podcast about xISP topics





On 8/11/14, 8:22 PM, "Colton Conor"  wrote:

>I am interested to hear opinions on Mikrotik and Ubiquiti Networks routing
>and switching products. I know both hardware providers are widely deployed
>in WISP networks, but I am less interested in their wireless solutions and
>more in their wired products.
>
>I know most of their switches and routers are software based, but that
>might not necessarily be a bad thing since everyone is going to SDN
>anyways. Their products are 1/10th or less of the cost of
>the equivalent Cisco/Juniper products.
>
>How stable and feature rich are both of their platforms? How do both of
>their command line interfaces compare to Cisco or Juniper? Is it easy to
>train a Cisco tech how to use a Mikrotik or Ubiquiti Networks product?
>
>
>*Ubiquiti Networks software is based on a version of Vyatta I believe. As
>many of you know Vyatta was bought by Brocade. I have heard that Vyatta is
>very Juniper OS like. *Ubiquiti just release a line of switches that have
>an amazing price and seem to support wire speed switching. Their
>EdgeRouter
>is supposedly faster than Mikrotiks solutions. They are also traded on the
>stock market, and seem to be doing well as a company.
>http://www.ubnt.com/products/
>
>Mikrotik also seems to make routers and switches. I am not sure what their
>software is based on, but it does support advanced features such as MPLS.
>Not sure about their switches, but they seem to be dirt cheap! What is
>their command line interface like? I couldn't find any financial
>information on this company, but they seem to be located in Latvia?
>http://routerboard.com/
>
>Does anyone have any meaningful insight to both companies? Why haven't
>they
>made a dent in the switching and router market with their amazing price
>points? Am I missing something here?
>

So Philip Smith / Geoff Huston's CIDR report becomes worth a good hard look today

[Suresh Ramasubramanian]

512K routes, here we come.  Lots of TCAM based routers suddenly become
really expensive doorstops.

Maybe time to revisit this old 2007 nanog thread?

http://www.gossamer-threads.com/lists/engine?do=post_view_flat;post=99870;page=1;sb=post_latest_reply;so=ASC;mh=25;list=nanog

FYI nanog -   https://puck.nether.net/pipermail/outages/2014-August/007091.html

[outages] Major outages today, not much info at this time

Teun Vink teun at teun.tv
Tue Aug 12 11:42:05 EDT 2014

On di, 2014-08-12 at 15:20 +, Hoyle Anderson (AM) via Outages wrote:
> I know this isn’t much help, but there are major problems with
> multiple ISPs since around 4-5 AM EST.  I really don’t have much
> detail, but I have sites that are unreachable from some providers.
> Looks like Comcast, level3, ATT, cogent, etc.
>
>
>
> So, it’s probably not just you, but I’m afraid I don’t know who it is.
> I heard one report of a datacenter outage.
>

Hi,

Some routing tables hit 512K routes today. Some old hardware and
software can't handle that and either crash or ignore newly learned
routes. So this may cause some disturbances in the force.

HTH,
Teun

-

Re: Mikrotik RouterBoard and Ubiquiti Networks Routing and Switching Solutions

[Denis Fondras]

Le 12/08/2014 17:15, Justin Wilson a écrit :
>   Another thing to consider is how you feel about the configuration.
> Mikrotik has a more polished GUI and command subset.  UBNT is still
> working things out.  A lot of what you have to to do with the UBNT line
> has to still be done in command line.  If you are cool with that then not
> a big deal.  The RouterOS is a pretty mature product and has a good
> backing of forums, wiki, and other things.  Not saying uBNT doesn¹t, just
> not as mature.
> 

May we discuss IPv6 support ? Last time I checked, UBNT was lagging
behind...

Denis

Re: Mikrotik RouterBoard and Ubiquiti Networks Routing and Switching Solutions

[Rubens Kuhl]

On Tue, Aug 12, 2014 at 1:44 PM, Denis Fondras  wrote:

> Le 12/08/2014 17:15, Justin Wilson a écrit :
> >   Another thing to consider is how you feel about the configuration.
> > Mikrotik has a more polished GUI and command subset.  UBNT is still
> > working things out.  A lot of what you have to to do with the UBNT line
> > has to still be done in command line.  If you are cool with that then not
> > a big deal.  The RouterOS is a pretty mature product and has a good
> > backing of forums, wiki, and other things.  Not saying uBNT doesnšt, just
> > not as mature.
> >
>
> May we discuss IPv6 support ? Last time I checked, UBNT was lagging
> behind...
>

UBNT wireless operating system, AirOS, is lagging behind. UBNT router
operating system, EdgeOS, has extensive IPv6 support in the command line
interface. GUI has some IPv6 support (
http://wiki.ubnt.com/IPv6_-_GUI_Options).

Rubens

Re: Mikrotik RouterBoard and Ubiquiti Networks Routing and Switching Solutions

[Warren Kumari]

On Mon, Aug 11, 2014 at 8:22 PM, Colton Conor  wrote:
> I am interested to hear opinions on Mikrotik and Ubiquiti Networks routing
> and switching products. I know both hardware providers are widely deployed
> in WISP networks, but I am less interested in their wireless solutions and
> more in their wired products.
>

Probably not the experiences you are looking for, but I replaced my
home CPE (a Netscreen SSG) with a Ubiquiti Edge Router -- there was a
very small learning curve (their CLI is different -- feels like
somewhat less polished JunOS to me, some simply things like completion
don't work), but after 15 minutes or so was all set. Sine then it has
remained perfectly stable, has a pretty GUI in case you want a quick
graph of bandwith, etc.


We have also used them when building the IETF network to start
pre-announcing the space (we go to the location a few weeks early,
test the circuits and BGP peerings, and then start announcing the
space - this helps some with some geo-location systems). We have also
used them when cutting over the guest rooms (when we cut over hotel
guest rooms to the IETF infrastructure and space, we sometimes
continue to route and NAT the hotels (RFC1918) space for a while so
that folk who still have a DHCP address can continue to work until
their lease expires).


W

> I know most of their switches and routers are software based, but that
> might not necessarily be a bad thing since everyone is going to SDN
> anyways. Their products are 1/10th or less of the cost of
> the equivalent Cisco/Juniper products.
>
> How stable and feature rich are both of their platforms? How do both of
> their command line interfaces compare to Cisco or Juniper? Is it easy to
> train a Cisco tech how to use a Mikrotik or Ubiquiti Networks product?
>
>
> *Ubiquiti Networks software is based on a version of Vyatta I believe. As
> many of you know Vyatta was bought by Brocade. I have heard that Vyatta is
> very Juniper OS like. *Ubiquiti just release a line of switches that have
> an amazing price and seem to support wire speed switching. Their EdgeRouter
> is supposedly faster than Mikrotiks solutions. They are also traded on the
> stock market, and seem to be doing well as a company.
> http://www.ubnt.com/products/
>
> Mikrotik also seems to make routers and switches. I am not sure what their
> software is based on, but it does support advanced features such as MPLS.
> Not sure about their switches, but they seem to be dirt cheap! What is
> their command line interface like? I couldn't find any financial
> information on this company, but they seem to be located in Latvia?
> http://routerboard.com/
>
> Does anyone have any meaningful insight to both companies? Why haven't they
> made a dent in the switching and router market with their amazing price
> points? Am I missing something here?

Re: [HFC] pooling modems in layer2

[charles]

On 2014-08-12 09:23, Toney Mareo wrote:

Hello

I think it's kind of an isp secret but I would be curious how do
people distribute modems to pools before they would even reach the
actual IP network so on layer2:

http://dl.packetstormsecurity.net/papers/evaluation/docsis/Service_Distribution.jpg


For this I would like to get some clarification because I do not work
in the telco industry. As I can figure out of the docsis, cablelabs
documents. The CMTS device is connected to the coax segments through
fiber. Therefore one could say that the "modem facing" side is a fiber
optic interface but it's not 1000 Base-FX, not a regular Ethernet over
fiber. It sends signals through a broad range of frequencies.


Sounds about right to me.




So what I would like to accomplish to provide a different pool of dhcp
servers, which provides different config file, tod server, router, dns
etc. infos to the modems but to do all this in Layer2.



Why? Do you have a bunch of cable modems and a CMTS? If so, does the 
documentation not cover this? Or are you trying to hack your cable 
modem/cable provider?



I don't have hands on experience with CMTS-es but I would think that
they are able to pool clients by MACs and able to send eg 500 clients
to DHCP server1 and the other 1500 to DHCP server2 before they would
even get an IP, so I talking of pure layer2 here!

Let's say if the CMTS device does not support this, what are the other
options for routing layer2 traffic coming out of the CMTS?


Um. Probably via RADIUS and via VLAN assignment?

 If I would

know more about the device I would say that put a linuxbox after it
(on the ISP facing nic) and mark the packets going out with
arptables/ebtables then send them out of different nics to different
dhcp servers.


Most likely they just use VLANs. This rack of CMTS gear is on port 22 of 
the agg switch, vlan 2 and ip helper is set for vlan 2 to the desired 
dhcp server (which is most likely an HA floating IP if not a full blown 
VIP etc).

Re: So Philip Smith / Geoff Huston's CIDR report becomes worth a good hard look today

[Hank Nussbacher]

On Tue, 12 Aug 2014, Suresh Ramasubramanian wrote:

Many don't need to buy anything new.  Just follow the instructions here:
http://www.cisco.com/c/en/us/support/docs/switches/catalyst-6500-series-switche$
We did this in the 1st week of June.  Problem solved.

-Hank




512K routes, here we come.  Lots of TCAM based routers suddenly become
really expensive doorstops.

Maybe time to revisit this old 2007 nanog thread?

http://www.gossamer-threads.com/lists/engine?do=post_view_flat;post=99870;page=1;sb=post_latest_reply;so=ASC;mh=25;list=nanog

FYI nanog -   https://puck.nether.net/pipermail/outages/2014-August/007091.html

[outages] Major outages today, not much info at this time

Teun Vink teun at teun.tv
Tue Aug 12 11:42:05 EDT 2014

On di, 2014-08-12 at 15:20 +, Hoyle Anderson (AM) via Outages wrote:

I know this isn’t much help, but there are major problems with
multiple ISPs since around 4-5 AM EST.  I really don’t have much
detail, but I have sites that are unreachable from some providers.
Looks like Comcast, level3, ATT, cogent, etc.



So, it’s probably not just you, but I’m afraid I don’t know who it is.
I heard one report of a datacenter outage.



Hi,

Some routing tables hit 512K routes today. Some old hardware and
software can't handle that and either crash or ignore newly learned
routes. So this may cause some disturbances in the force.

HTH,
Teun

-

Re: [HFC] pooling modems in layer2

[Scott Helms]

Scott Helms
Vice President of Technology
ZCorum
(678) 507-5000

http://twitter.com/kscotthelms



On Tue, Aug 12, 2014 at 10:23 AM, Toney Mareo  wrote:

> Hello
>
> I think it's kind of an isp secret but I would be curious how do people
> distribute modems to pools before they would even reach the actual IP
> network so on layer2:
>
>
> http://dl.packetstormsecurity.net/papers/evaluation/docsis/Service_Distribution.jpg


Certainly not secret, DOCSIS is a very well documented protocol with most
of the information being publicly available.


>
>
>
> For this I would like to get some clarification because I do not work in
> the telco industry. As I can figure out of the docsis, cablelabs documents.
> The CMTS device is connected to the coax segments through fiber. Therefore
> one could say that the "modem facing" side is a fiber optic interface but
> it's not 1000 Base-FX, not a regular Ethernet over fiber. It sends signals
> through a broad range of frequencies.
>

While fiber is commonly used in cable plants as part of a HFC network its
completely transparent from a protocol standpoint the entire communication
is over RF.  D3 and older uses QAM modulation and the downstream runs over
"normal" 6 MHz channels which are the same as TV channels.



>
> So what I would like to accomplish to provide a different pool of dhcp
> servers, which provides different config file, tod server, router, dns etc.
> infos to the modems but to do all this in Layer2.
>

Why?  The operator is the only one who can tell the CMTS which DHCP
server(s) to send traffic to and modern CMTSs do that as an IP relay and
passes its IP address as the GIADDR.


>
> I don't have hands on experience with CMTS-es but I would think that they
> are able to pool clients by MACs and able to send eg 500 clients to DHCP
> server1 and the other 1500 to DHCP server2 before they would even get an
> IP, so I talking of pure layer2 here!
>

Not exactly, first in nearly all cases the DHCP communication is an IP
unicast rather than a layer 2 broadcast.  Second, the way that the DHCP
server is selected is normally based on the type of device so that modems
get a specific GIADDR, CPE (PCs, routers behind modems, etc) get another
one, and often the EMTA gets a third.  It might be possible to do that off
a count of devices, but if so it will be more of a load balancing scenario
rather than these specific 500 CMs get this DHCP server.  It is possible to
do open access in a DOCSIS system, but its very difficult and involves
creating filters in both the CMTS and CM configurations.


>
> Let's say if the CMTS device does not support this, what are the other
> options for routing layer2 traffic coming out of the CMTS? If I would know
> more about the device I would say that put a linuxbox after it (on the ISP
> facing nic) and mark the packets going out with arptables/ebtables then
> send them out of different nics to different dhcp servers.
>

It doesn't really work that way, but the closest thing is a "soft" tunnel
that gets used for things like transparent LAN services, carrier WiFi, and
a few other use cases.

http://www.cablelabs.com/wp-content/uploads/specdocs/CM-SP-L2VPN-I09-100611.pdf


> Any suggestions are welcome.
>

AM dust filters

[Jason Lixfeld]

Hi,

I'm interested in knowing what sorts of material folks use to make after-market 
dust filters for their various devices which wouldn't normally have any.  This 
seems to almost be a necessity when these kinds of devices are deployed in 
environments that are overly dusty and dirty (it should also be implied that 
these environments are all in-doors and would have less than ideal airflow and 
climate control).

A material that is too dense will hider airflow and cause an immediate increase 
in inlet temperature, which would exacerbate a potentially threatening 
temperature situation in environments where the ambient temperature is already 
in the mid to high twenties and above (that's 77 - 86F+ for my American friends 
;)).  A material that is not dense enough won't do a very good job at filtering.

Do folks just hack up HEPA filters or something?

Re: So Philip Smith / Geoff Huston's CIDR report becomes worth a good hard look today

[Hank Nussbacher]

On Tue, 12 Aug 2014, Hank Nussbacher wrote:

http://www.cisco.com/c/en/us/support/docs/switches/catalyst-6500-series-switches/117712-problemsolution-cat6500-00.html

-Hank


On Tue, 12 Aug 2014, Suresh Ramasubramanian wrote:

Many don't need to buy anything new.  Just follow the instructions here:
http://www.cisco.com/c/en/us/support/docs/switches/catalyst-6500-series-switche$
We did this in the 1st week of June.  Problem solved.

-Hank




 512K routes, here we come.  Lots of TCAM based routers suddenly become
 really expensive doorstops.

 Maybe time to revisit this old 2007 nanog thread?

 
http://www.gossamer-threads.com/lists/engine?do=post_view_flat;post=99870;page=1;sb=post_latest_reply;so=ASC;mh=25;list=nanog

 FYI nanog -
 https://puck.nether.net/pipermail/outages/2014-August/007091.html

 [outages] Major outages today, not much info at this time

 Teun Vink teun at teun.tv
 Tue Aug 12 11:42:05 EDT 2014

 On di, 2014-08-12 at 15:20 +, Hoyle Anderson (AM) via Outages wrote:
>  I know this isn’t much help, but there are major problems with
>  multiple ISPs since around 4-5 AM EST.  I really don’t have much
>  detail, but I have sites that are unreachable from some providers.
>  Looks like Comcast, level3, ATT, cogent, etc.
> 
> 
> 
>  So, it’s probably not just you, but I’m afraid I don’t know who it is.

>  I heard one report of a datacenter outage.
> 


 Hi,

 Some routing tables hit 512K routes today. Some old hardware and
 software can't handle that and either crash or ignore newly learned
 routes. So this may cause some disturbances in the force.

 HTH,
 Teun

 -

fire ants

[Eduardo A. Suárez]

Hi,

it's not a joke. Here we have a fire ants nest in the fiber patch panel.
Are there any DIY ways to manage that?

Thanks, Eduardo.-

--
Eduardo A. Suarez
Facultad de Ciencias Astronómicas y Geofísicas - UNLP
FCAG: (0221)-4236593 int. 172/Cel: (0221)-15-4557542/Casa: (0221)-4526589



This message was sent using IMP, the Internet Messaging Program.

Re: fire ants

[Tom Morris]

Terro is my go-to for that... it's basically boric acid mixed with a sugar
solution. The ants eat it and perish. It's the only thing I've found that
works on the infamous Crazy Rasberry Ants that like to eat electrical
panels.


On Tue, Aug 12, 2014 at 2:52 PM, Eduardo A. Suárez <
esua...@fcaglp.fcaglp.unlp.edu.ar> wrote:

> Hi,
>
> it's not a joke. Here we have a fire ants nest in the fiber patch panel.
> Are there any DIY ways to manage that?
>
> Thanks, Eduardo.-
>
> --
> Eduardo A. Suarez
> Facultad de Ciencias Astronómicas y Geofísicas - UNLP
> FCAG: (0221)-4236593 int. 172/Cel: (0221)-15-4557542/Casa: (0221)-4526589
>
>
> 
> This message was sent using IMP, the Internet Messaging Program.
>
>


-- 
--
Tom Morris, KG4CYX
Mad Scientist and Operations Manager, WDNA-FM 88.9 Miami - Serious Jazz!
786-228-7087
151.820 Megacycles

Re: fire ants

[Valdis . Kletnieks]

On Tue, 12 Aug 2014 15:52:45 -0300, "Eduardo A. Su?rez" said:

> it's not a joke. Here we have a fire ants nest in the fiber patch panel.
> Are there any DIY ways to manage that?

Does the local zoo have an aardvark they're willing to loan you? :)

This might be a tad difficult to deal with, as the usual DIY solution is to
spray the nest with something noxious - which may not be good for your fiber
terminations either.  May be worth it to get a pro to come out and look at it.



pgpU5faqjusdn.pgp
Description: PGP signature

RE: fire ants

[Eric Wieling]

I've used mothballs* in outside enclosures each spring, but I've never had a 
full blown nest in an enclosure.Fireants are hard to kill, but they will 
move their nest.

* naphthalene, para-dichlorobenzene, p-dichlorobenzene, pDCB, or PDB


-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Eduardo A. Suárez
Sent: Tuesday, August 12, 2014 2:53 PM
To: NANOG
Subject: fire ants

Hi,

it's not a joke. Here we have a fire ants nest in the fiber patch panel.
Are there any DIY ways to manage that?

Thanks, Eduardo.-

-- 
Eduardo A. Suarez
Facultad de Ciencias Astronómicas y Geofísicas - UNLP
FCAG: (0221)-4236593 int. 172/Cel: (0221)-15-4557542/Casa: (0221)-4526589



This message was sent using IMP, the Internet Messaging Program.

RE: fire ants

[Aaron D. Osgood]

Freeze it with a CO2 extinguisher then clean it out and re-seal the
enclosure. You may want to consider a small open dish of repellant/killer in
the enclosure in case they get in again



:-)



Aaron D. Osgood 

Streamline Solutions L.L.C

274 E. Eau Gallie Blvd. #336
Indian Harbour Beach, FL 32937

TEL: 207-518-8455
MOBILE: 207-831-5829
GTalk: aaron.osgood
aosg...@streamline-solutions.net
http://www.streamline-solutions.net

Introducing Efficiency to Business since 1986. 




-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Eduardo A. Suárez
Sent: Tuesday, August 12, 2014 2:53 PM
To: NANOG
Subject: fire ants

Hi,

it's not a joke. Here we have a fire ants nest in the fiber patch panel.
Are there any DIY ways to manage that?

Thanks, Eduardo.-

-- 
Eduardo A. Suarez
Facultad de Ciencias Astronómicas y Geofísicas - UNLP
FCAG: (0221)-4236593 int. 172/Cel: (0221)-15-4557542/Casa: (0221)-4526589



This message was sent using IMP, the Internet Messaging Program.

Re: fire ants

[Robert Glover]

On 8/12/2014 11:52 AM, Eduardo A. Suárez wrote:
> Hi,
>
> it's not a joke. Here we have a fire ants nest in the fiber patch panel.
> Are there any DIY ways to manage that?
>
> Thanks, Eduardo.-
>
Shop vac?

Re: AM dust filters

[Tom Morris]

One important question: how often is the equipment accessed for maintenance?

I've had reasonably good luck with air filter media coated with a
tackifier, similar to the Dustlok media here
http://www.filtersales.com/pagout.htm?id=Pad%20Media
It seems like what happens with it is heavier airborne fibers (lint, hair)
get caught up in the first few fibers of the media, not obstructing
airflow, and allow the finer dust to travel deeper into the media where it
sticks to the tacky layer at the back. It lasts a good long while. It's
single use though, so it has to be replenlished every now and then.

Foam rubber media tends to have trouble with surface/airflow area vs pore
size.

The best option, though, will be to enclose the equipment in a cabinet that
can be pressurized by one or more fan forced+filtered inlets. Middle
Atlantic makes rack cabinets and fan panels that can be used to pressurize
them that way. If you get a cabinet that takes a standard furnace filter,
I've had good luck with the off the shelf 3M Filtrete Ultra Allergen
filters, they have a TON of surface area with great fine dust capture and
very low airflow resistance, even when you're drawing the air through them
really way too fast. :)



On Tue, Aug 12, 2014 at 2:19 PM, Jason Lixfeld  wrote:

> Hi,
>
> I'm interested in knowing what sorts of material folks use to make
> after-market dust filters for their various devices which wouldn't normally
> have any.  This seems to almost be a necessity when these kinds of devices
> are deployed in environments that are overly dusty and dirty (it should
> also be implied that these environments are all in-doors and would have
> less than ideal airflow and climate control).
>
> A material that is too dense will hider airflow and cause an immediate
> increase in inlet temperature, which would exacerbate a potentially
> threatening temperature situation in environments where the ambient
> temperature is already in the mid to high twenties and above (that's 77 -
> 86F+ for my American friends ;)).  A material that is not dense enough
> won't do a very good job at filtering.
>
> Do folks just hack up HEPA filters or something?




-- 
--
Tom Morris, KG4CYX
Mad Scientist and Operations Manager, WDNA-FM 88.9 Miami - Serious Jazz!
786-228-7087
151.820 Megacycles

Re: AM dust filters

[Doug Barton]

On 08/12/2014 11:19 AM, Jason Lixfeld wrote:

Hi,

I'm interested in knowing what sorts of material folks use to make after-market 
dust filters for their various devices which wouldn't normally have any.  This 
seems to almost be a necessity when these kinds of devices are deployed in 
environments that are overly dusty and dirty (it should also be implied that 
these environments are all in-doors and would have less than ideal airflow and 
climate control).

A material that is too dense will hider airflow and cause an immediate increase 
in inlet temperature, which would exacerbate a potentially threatening 
temperature situation in environments where the ambient temperature is already 
in the mid to high twenties and above (that's 77 - 86F+ for my American friends 
;)).  A material that is not dense enough won't do a very good job at filtering.

Do folks just hack up HEPA filters or something?


It sort of depends on what kind of stuff you're trying to filter out.

Panty hose actually makes a reasonably good filter for larger stuff, but 
Tom's question about how often are you going to service it comes into 
play, since you need to remove the debris that it catches periodically 
in order to avoid obstructing the air flow excessively.


OTOH, you also have to have some thought towards what are the benefits 
of not having the internals of the system coated with dust, vs. slightly 
reduced air flow.


Tom's suggestion of a pressurized cabinet is a good one of course, but 
that's not possible in all situations.


hth,

Doug

Re: fire ants

[TR Shaw]

+1 for CO2 (But stand way back as they will go everywhere)
+1 for moth balls in the enclosure (esp prophylactically)
+1 for boric acid mixed with molasses (use externally) Also stops carpenter 
ants in poles.)

Tom


On Aug 12, 2014, at 3:07 PM, Robert Glover wrote:

> On 8/12/2014 11:52 AM, Eduardo A. Suárez wrote:
>> Hi,
>> 
>> it's not a joke. Here we have a fire ants nest in the fiber patch panel.
>> Are there any DIY ways to manage that?
>> 
>> Thanks, Eduardo.-
>> 
> Shop vac?
> 

Re: AM dust filters

[Jason Lixfeld]

On Aug 12, 2014, at 3:09 PM, Tom Morris  wrote:

> One important question: how often is the equipment accessed for maintenance?

Who knows :)  Maybe it becomes someone's full time job to go do regular checks 
and maintenances of every POP?  Maybe after an appropriate filter is found, a 
relatively low temperature threshold monitor is set up in an NMS.  When this 
threshold is reached, it would probably be safe to assume a dirty filter (or 
some other condition that would require a visit) and someone could be 
dispatched to replace it.

> I've had reasonably good luck with air filter media coated with a tackifier, 
> similar to the Dustlok media here 
> http://www.filtersales.com/pagout.htm?id=Pad%20Media
> It seems like what happens with it is heavier airborne fibers (lint, hair) 
> get caught up in the first few fibers of the media, not obstructing airflow, 
> and allow the finer dust to travel deeper into the media where it sticks to 
> the tacky layer at the back. It lasts a good long while. It's single use 
> though, so it has to be replenlished every now and then.
> 
> Foam rubber media tends to have trouble with surface/airflow area vs pore 
> size.
> 
> The best option, though, will be to enclose the equipment in a cabinet that 
> can be pressurized by one or more fan forced+filtered inlets. Middle Atlantic 
> makes rack cabinets and fan panels that can be used to pressurize them that 
> way. If you get a cabinet that takes a standard furnace filter, I've had good 
> luck with the off the shelf 3M Filtrete Ultra Allergen filters, they have a 
> TON of surface area with great fine dust capture and very low airflow 
> resistance, even when you're drawing the air through them really way too 
> fast. :)

Unfortunately a cabinet isn't possible due to a variety of issues.

> 
> On Tue, Aug 12, 2014 at 2:19 PM, Jason Lixfeld  wrote:
> Hi,
> 
> I'm interested in knowing what sorts of material folks use to make 
> after-market dust filters for their various devices which wouldn't normally 
> have any.  This seems to almost be a necessity when these kinds of devices 
> are deployed in environments that are overly dusty and dirty (it should also 
> be implied that these environments are all in-doors and would have less than 
> ideal airflow and climate control).
> 
> A material that is too dense will hider airflow and cause an immediate 
> increase in inlet temperature, which would exacerbate a potentially 
> threatening temperature situation in environments where the ambient 
> temperature is already in the mid to high twenties and above (that's 77 - 
> 86F+ for my American friends ;)).  A material that is not dense enough won't 
> do a very good job at filtering.
> 
> Do folks just hack up HEPA filters or something?
> 
> 
> 
> -- 
> --
> Tom Morris, KG4CYX
> Mad Scientist and Operations Manager, WDNA-FM 88.9 Miami - Serious Jazz!
> 786-228-7087
> 151.820 Megacycles

Re: AM dust filters

[Jason Lixfeld]

On Aug 12, 2014, at 3:22 PM, Doug Barton  wrote:

> On 08/12/2014 11:19 AM, Jason Lixfeld wrote:
>> Hi,
>> 
>> I'm interested in knowing what sorts of material folks use to make 
>> after-market dust filters for their various devices which wouldn't normally 
>> have any.  This seems to almost be a necessity when these kinds of devices 
>> are deployed in environments that are overly dusty and dirty (it should also 
>> be implied that these environments are all in-doors and would have less than 
>> ideal airflow and climate control).
>> 
>> A material that is too dense will hider airflow and cause an immediate 
>> increase in inlet temperature, which would exacerbate a potentially 
>> threatening temperature situation in environments where the ambient 
>> temperature is already in the mid to high twenties and above (that's 77 - 
>> 86F+ for my American friends ;)).  A material that is not dense enough won't 
>> do a very good job at filtering.
>> 
>> Do folks just hack up HEPA filters or something?
> 
> It sort of depends on what kind of stuff you're trying to filter out.

Small-ish stuff.  Your every day, run of the mill fine grain dust, tracked-in 
dirt & sand, some construction particulate (metal shavings, etc).

> Panty hose actually makes a reasonably good filter for larger stuff, but 
> Tom's question about how often are you going to service it comes into play, 
> since you need to remove the debris that it catches periodically in order to 
> avoid obstructing the air flow excessively.

Yup.  Depending, either a vacuum or a straight-up replacement of the 'filter', 
I'd suspect.  Or maybe just a good shake in some cases.

> OTOH, you also have to have some thought towards what are the benefits of not 
> having the internals of the system coated with dust, vs. slightly reduced air 
> flow.

Indeed.  The internals can definitely handle non-metalic dust, as well as a 
pretty wide temperature range (caused by either reduced airflow or an increase 
in ambient temperature, or both), so I'd imagine it would be a appropriate 
balance between the two.

> Tom's suggestion of a pressurized cabinet is a good one of course, but that's 
> not possible in all situations.

Re: fire ants

[Mike.]

On 8/12/2014 at 2:59 PM Tom Morris wrote:

|Terro is my go-to for that... it's basically boric acid mixed with a
sugar
|solution. The ants eat it and perish. It's the only thing I've found
that
|works on the infamous Crazy Rasberry Ants that like to eat
electrical
|panels.
 =

In case someone tries to mix up a batch themselves, Terro is better
described as Borax in a sugar solution[1].

Borax is the trade name of a salt of boric acid.

I've been using a mixture of Borax and honey to keep the ants at bay
for a few years.  Use the search engine of your choice to search for
Borax and ants.   You'll find a plethora of recipes.

HTH



[1] http://www.terro.com/blog/using-borax-around-children-and-pets

Re: fire ants

[me]

Ran across this paper the other day and didn't know how big a problem it 
was. Looks like Eduardo's post confirms it.


http://www.rainbowtech.net/products/docs/c51ce4107047eb1b2dc/Ants%20in%20OSP%20Equipment.pdf.pdf

--John

On 08/12/2014 12:52 PM, Eduardo A. Suárez wrote:

Hi,

it's not a joke. Here we have a fire ants nest in the fiber patch panel.
Are there any DIY ways to manage that?

Thanks, Eduardo.-

Re: AM dust filters

[William Herrin]

On Tue, Aug 12, 2014 at 2:19 PM, Jason Lixfeld  wrote:
> Do folks just hack up HEPA filters or something?

I've had decent luck with window air conditioner filters available at
your local home despot. Trim to size with scissors. Periodically
replace.

HEPA they are not, but they'll keep out the worst of it without
restricting air flow (at least not until they're really dirty) plus
they're cheap and readily available.

If you have a more or less closed room (like a closet), sometimes it's
enough to just buy a freestanding hepa filter at walmart, clean the
room with a shop vac once and then leave the filter running in the
room.

Regards,
Bill Herrin


-- 
William Herrin  her...@dirtside.com  b...@herrin.us
Owner, Dirtside Systems . Web: 
Can I solve your unusual networking challenges?

Level3 (AS3549) BGP contact off-list

[Laurent CARON]

Hi,

Currently experiencing trouble with BGP session between 49463 and 3549.

Relevant router: cdg2.gblx.net

Can you please contact me off-list for resolution ?

Thanks

Re: fire ants

[charles]

On 2014-08-12 15:06, me wrote:

Ran across this paper the other day and didn't know how big a problem
it was. Looks like Eduardo's post confirms it.

http://www.rainbowtech.net/products/docs/c51ce4107047eb1b2dc/Ants%20in%20OSP%20Equipment.pdf.pdf



Now that is fascinating. I like how they reproduced the issue via an ant 
farm. That's pretty slick.

Re: So Philip Smith / Geoff Huston's CIDR report becomes worth a good hard look today

[Leo Bicknell]

On Aug 12, 2014, at 1:02 PM, Hank Nussbacher  wrote:

> Many don't need to buy anything new.  Just follow the instructions here:
> http://www.cisco.com/c/en/us/support/docs/switches/catalyst-6500-series-switche$
> We did this in the 1st week of June.  Problem solved.

s/Problem solved/Critical limit pushed out long enough to give us a few more 
years/

-- 
   Leo Bicknell - bickn...@ufp.org - CCIE 3440
PGP keys at http://www.ufp.org/~bicknell/







signature.asc
Description: Message signed with OpenPGP using GPGMail

Re: So Philip Smith / Geoff Huston's CIDR report becomes worth a good hard look today

[William Herrin]

On Tue, Aug 12, 2014 at 2:42 PM, Hank Nussbacher  wrote:
> http://www.cisco.com/c/en/us/support/docs/switches/catalyst-6500-series-switches/117712-problemsolution-cat6500-00.html

I note that the recommended command in that article, "mls cef
maximum-routes ip 1000", will throw most of your IPv6 routes out of
the TCAM instead. Which if you have any IPv6 traffic of substance just
kills you in the other direction. Might want to try something more
like "mls cef maximum-routes ip 900".

Regards,
Bill Herrin

-- 
William Herrin  her...@dirtside.com  b...@herrin.us
Owner, Dirtside Systems . Web: 
Can I solve your unusual networking challenges?

Re: ****SPAM:5.2**** Re: So Philip Smith / Geoff Huston's CIDR report becomes worth a good hard look today

[Tom Hill]

On 12/08/14 23:10, William Herrin wrote:
> I note that the recommended command in that article, "mls cef
> maximum-routes ip 1000", will throw most of your IPv6 routes out of
> the TCAM instead. Which if you have any IPv6 traffic of substance just
> kills you in the other direction. Might want to try something more
> like "mls cef maximum-routes ip 900".

And if you want any MPLS labels (especially if running 6PE) you might
want to claw that back a bit further.

tl;dr buy new routers next year. :)

Tom

Re: So Philip Smith / Geoff Huston's CIDR report becomes worth a good hard look today

[McElearney, Kevin]

http://www.zdnet.com/internet-hiccups-today-youre-not-alone-heres-why-7
32566/

"According to NANOG, and complaints tracker DownDetector, many Internet
providers — including Comcast, Level3, AT&T, Cogent, Sprint, Verizon, and
others — have suffered from serious performance problems at various times
on Tuesday.”

While we had a few multi-homed customers have problems with their routers,
we did not see anything in the core.  Is this just a ZDNET reporting error?

- Kevin




On 8/12/14, 6:10 PM, "William Herrin"  wrote:

>On Tue, Aug 12, 2014 at 2:42 PM, Hank Nussbacher 
>wrote:
>> 
>>http://www.cisco.com/c/en/us/support/docs/switches/catalyst-6500-series-s
>>witches/117712-problemsolution-cat6500-00.html
>
>I note that the recommended command in that article, "mls cef
>maximum-routes ip 1000", will throw most of your IPv6 routes out of
>the TCAM instead. Which if you have any IPv6 traffic of substance just
>kills you in the other direction. Might want to try something more
>like "mls cef maximum-routes ip 900".
>
>Regards,
>Bill Herrin
>
>-- 
>William Herrin  her...@dirtside.com  b...@herrin.us
>Owner, Dirtside Systems . Web: 
>Can I solve your unusual networking challenges?

Re: So Philip Smith / Geoff Huston's CIDR report becomes worth a good hard look today

[Matthew Petach]

On Tue, Aug 12, 2014 at 5:06 PM, McElearney, Kevin <
kevin_mcelear...@cable.comcast.com> wrote:

> http://www.zdnet.com/internet-hiccups-today-youre-not-alone-heres-why-7
> 32566/
>
> "According to NANOG, and complaints tracker DownDetector, many Internet
> providers — including Comcast, Level3, AT&T, Cogent, Sprint, Verizon, and
> others — have suffered from serious performance problems at various times
> on Tuesday.”
>
> While we had a few multi-homed customers have problems with their routers,
> we did not see anything in the core.  Is this just a ZDNET reporting error?
>
> - Kevin
>
>
Unless you guys are miraculously managing to terminate
Nx100G bundles into 6509s with Sup2 or sup3s, I would
be really, really surprised if this even made it on your
radar.  Chalk it up to poorly-researched reporting.

And if you *are* handling Nx100G bundles on 6509s,
please contact me off-list, I need to get the details on
your source for magic router pixie dust.   ;)

Matt

Re: Mikrotik RouterBoard and Ubiquiti Networks Routing and Switching Solutions

[Rob Seastrom]

Denis Fondras  writes:

> May we discuss IPv6 support ? Last time I checked, UBNT was lagging
> behind...

I've been running an IPv6 tunnel ( FIOS) with one end being
Mikrotik and the other being UBNT (ER-Lite) since January 2013.  The
UBNT is in a fairly simple-minded configuration so I can't speak to
things like VRRP, OSPFv3, etc.  The Mikrotik is in the datacenter...
speaks OSPF[v3] and BGP to Cisco stuff.  No difficulties, though I'm
pretty sure I didn't create/configure the tunnel via the GUI.

-r

Re: fire ants

[Suresh Ramasubramanian]

On Wednesday, August 13, 2014,  wrote:

>  2014-08-12 15:06, me wrote:
>
>> Ran across this paper the other day and didn't know how big a problem
>> it was. Looks like Eduardo's post confirms it.
>>
>> http://www.rainbowtech.net/products/docs/c51ce4107047eb1b2dc/Ants%20in%
>> 20OSP%20Equipment.pdf.pdf
>>
> Now that is fascinating. I like how they reproduced the issue via an ant
> farm. That's pretty slick.
>

Needs an "Anthill Inside" sticker like Hex at the Unseen University.


-- 
--srs (iPad)

Re: [HFC] pooling modems in layer2

[Rob Seastrom]

"Toney Mareo"  writes:

> Hello
>
> I think it's kind of an isp secret but I would be curious how do
> people distribute modems to pools before they would even reach the
> actual IP network so on layer2:
>
> http://dl.packetstormsecurity.net/papers/evaluation/docsis/Service_Distribution.jpg

Nobody does CMTRI anymore.  That illustration is over a decade and a
half old, which is part of what's confusing you.  The scheme there is
that they use a dialup modem for the upstream and a cablemodem for the
downstream.

> For this I would like to get some clarification because I do not work in the 
> telco industry.

If you're interested in how CMTRI works for historical reasons, the spec is 
here:

http://www.cablelabs.com/wp-content/uploads/specdocs/SP-CMTRI-I01-970804.pdf

> As I can figure out of the docsis, cablelabs documents. The CMTS
> device is connected to the coax segments through fiber. Therefore
> one could say that the "modem facing" side is a fiber optic
> interface but it's not 1000 Base-FX, not a regular Ethernet over
> fiber. It sends signals through a broad range of frequencies.

It sends signals over RF (i.e. truly "broadband").  The RF happens to
be on a laser-lit fiber instead of a piece of coax (until it hits the
fiber node and gets turned into coax cable).  There are Ethernet MAC
addresses in there if you look at the right layer, but the DOCSIS data
rides as a "program" atop a J.83 single program transport stream on a
QAM64 or QAM256 modulated RF signal.  It's just like a digital TV
program and occupies the same frequency space - but 0x1FFE is the
well-known PID that means "DOCSIS data".

The upstream channels are comparatively low (under 80 MHz) and the
downstream channels are comparatively high (over 80 MHz to 800-1000
MHz depending on the system).  Splitting them out is accomplished with
bidirectional high and low pass filters called "diplexers".

> So what I would like to accomplish to provide a different pool of
> dhcp servers, which provides different config file, tod server,
> router, dns etc. infos to the modems but to do all this in Layer2.
>
> I don't have hands on experience with CMTS-es but I would think that
> they are able to pool clients by MACs and able to send eg 500
> clients to DHCP server1 and the other 1500 to DHCP server2 before
> they would even get an IP, so I talking of pure layer2 here!

There are multiple ways to approach this.  You need a consultant who
is well-versed in the care and feeding of DOCSIS edge networks to walk
through your options with you so that you don't find yourself in a
painful technical place.

> Let's say if the CMTS device does not support this, what are the
> other options for routing layer2 traffic coming out of the CMTS?

I don't recommend PPPoE.  :)

> If I would know more about the device I would say that put a
> linuxbox after it (on the ISP facing nic) and mark the packets going
> out with arptables/ebtables then send them out of different nics to
> different dhcp servers.
>
> Any suggestions are welcome.

You might start by sharing a high level overview of what it is that
you're trying to accomplish.  If it's simply sandboxing people who
haven't paid their bills, there are well-known ways to do that.  If
it's business services over DOCSIS, there are likewise ways to do
that.

-r

Re: So Philip Smith / Geoff Huston's CIDR report becomes worth a good hard look today

[Jon Lewis]

On Tue, 12 Aug 2014, Matthew Petach wrote:


On Tue, Aug 12, 2014 at 5:06 PM, McElearney, Kevin <
kevin_mcelear...@cable.comcast.com> wrote:


http://www.zdnet.com/internet-hiccups-today-youre-not-alone-heres-why-7
32566/

"According to NANOG, and complaints tracker DownDetector, many Internet
providers ÿÿ including Comcast, Level3, AT&T, Cogent, Sprint, Verizon, and
others ÿÿ have suffered from serious performance problems at various times
on Tuesday.ÿÿ

While we had a few multi-homed customers have problems with their routers,
we did not see anything in the core.  Is this just a ZDNET reporting error?



Unless you guys are miraculously managing to terminate
Nx100G bundles into 6509s with Sup2 or sup3s, I would
be really, really surprised if this even made it on your
radar.  Chalk it up to poorly-researched reporting.


There are/have been multiple fiber provider outages the past two days, but 
I suspect there's always a fiber cut / outage somewhere.



And if you *are* handling Nx100G bundles on 6509s,
please contact me off-list, I need to get the details on
your source for magic router pixie dust.   ;)


Cisco white papers.  Where else?

--
 Jon Lewis, MCP :)   |  I route
 |  therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_

Re: So Philip Smith / Geoff Huston's CIDR report becomes worth a good hard look today

[McElearney, Kevin]

From:  Matthew Petach 

>Unless you guys are miraculously managing to terminate
>
>Nx100G bundles into 6509s with Sup2 or sup3s, I would
>be really, really surprised if this even made it on your
>radar.  Chalk it up to poorly-researched reporting.
>
>
>And if you *are* handling Nx100G bundles on 6509s,
>please contact me off-list, I need to get the details on
>your source for magic router pixie dust.   ;)

It made the radar with the consumer impact.  We traced the issue quickly
to customer datacenter routers/512K and worked with them to correct.  We
were surprised (or not really) with this being called a wide spread
provider issue.  Just checking if others really had an issue or was this
isolated to a few data centers.

No pixie dust ;-)

- Kevin
> 

Re: So Philip Smith / Geoff Huston's CIDR report becomes worth a good hard look today

[Hank Nussbacher]

At 18:10 12/08/2014 -0400, William Herrin wrote:

We went with 768 - enough time to replace the routers with ASR9010s.  It is 
merely a stop-gap measure to give everyone time to replace their routers in 
an orderly fashion.


-Hank



On Tue, Aug 12, 2014 at 2:42 PM, Hank Nussbacher  wrote:
> 
http://www.cisco.com/c/en/us/support/docs/switches/catalyst-6500-series-switches/117712-problemsolution-cat6500-00.html


I note that the recommended command in that article, "mls cef
maximum-routes ip 1000", will throw most of your IPv6 routes out of
the TCAM instead. Which if you have any IPv6 traffic of substance just
kills you in the other direction. Might want to try something more
like "mls cef maximum-routes ip 900".

Regards,
Bill Herrin

--
William Herrin  her...@dirtside.com  b...@herrin.us
Owner, Dirtside Systems . Web: 
Can I solve your unusual networking challenges?

Re: So Philip Smith / Geoff Huston's CIDR report becomes worth a good hard look today

[Valdis . Kletnieks]

On Wed, 13 Aug 2014 08:08:04 +0300, Hank Nussbacher said:

> We went with 768 - enough time to replace the routers with ASR9010s.  It is
> merely a stop-gap measure to give everyone time to replace their routers in
> an orderly fashion.

The same people who, knowing the 6509 had this default config issue, and
neither replaced the gear nor did the reconfig to buy time *before* the
wall got hit, are going to replace said 6509 in orderly fashion?

Hank, you gotta learn to wear respiratory apparatus when working near
open containers of magic router pixie dust - that stuff can screw you up
if you inhale it. :)


pgpF1vbu9xaxp.pgp
Description: PGP signature