Re: 10Gb iPerf kit?
Can't help with faster adapters, but I believe there are some underlying architectural issues here as to why the speeds are hard to achieve, and why some people can and others maybe can't achieve them. For Carrier Ethernet, I believe most of these are covered in RFC2444 and the related RFC6815. Even with bit speeds up to spec, traffic speeds are impacted non-linearly by customer protocols including the usual suspect, TCP. This is documented in ITU-T Y.1564, clearly enough for simple folk like me. A good example for your corkboard is slide (page) 28 of the excellent 20140409-Tierney-100G-experience-Internet2-Summit.pdf, included as part of a report on 100GE performance test methodologies. Which is how I stumbled across it. Roy *Roy Hirst* | 425-556-5773 | 425-324-0941 cell XKL LLC | 12020 113th Ave NE, Suite 100 | Kirkland, WA 98034 | USA On 12/7/2014 8:48 AM, Teleric Team wrote: From: p...@fiberphone.co.nz Subject: Re: 10Gb iPerf kit? Date: Sun, 7 Dec 2014 09:24:41 +1300 To: nanog@nanog.org On 11/11/2014, at 1:35 PM, Randy Carpenter rcar...@network1.net wrote: I have not tried doing that myself, but the only thing that would even be possible that I know of is thunderbolt. A new MacBook Pro and one of these maybe: http://www.sonnettech.com/product/echoexpresssel_10gbeadapter.html Or one of these ones for dual-10Gbit links (one for out of band management or internet?): http://www.sonnettech.com/product/twin10g.html I haven't tried one myself, but they're relatively cheap (for 10gig) so not that much outlay to grab one and try it (esp if you already have an Apple laptop you can test with). How would you use it? with iperf still?I don't think you will go nearly close to 14.8Mpps per port this way.Unless you are talking about bandwidth testing with full sized packet frames and low pps rate. I personally tested a 1Gbit/s port over a MBP retina 15 thunderbot gbe with BCM5701 chipset. I had only 220kpps on a single TX flow.Later I tried another adapter with a marvel yukon mini port. Had better pps rate, but nothing beyond 260kpps. I've done loads of 1Gbit testing using the entry-level MacBook Air and a Thunderbolt Gigabit Ethernet adapter though, and I disagree with Saku's statement of 'You cannot use UDPSocket like iperf does, it just does not work, you are lucky if you reliably test 1Gbps'. I find iperf testing at 1Gbit on Mac Air with Thunderbolt Eth extremely reliable (always 950+mbit/sec TCP on a good network, and easy to push right to the 1gbit limit with UDP. Again, with 64byte packet size? Or are you talking MTU? With MTU size you can try whatever you want and it will seem to be reliable. A wget/ftp download of a 1GB file will provide similar results, but I dont think this is useful anyway since it won't test anything close to rfc2544 or at least an ordinary internet traffic profile with a mix of 600bytes pkg size combined with a lower rate of smaller packets (icmp/udp, ping/dns/ntp/voice/video). I am also interested in a cheap and reliable method to test 10GbE connections. So far I haven't found something I trust. Pete The information contained in this e-mail message may be privileged, confidential and protected from disclosure. If you are not the intended recipient, any dissemination, distribution or copying is strictly prohibited. If you think that you have received this e-mail message in error, please e-mail the sender at the above e-mail address.
Re: 10Gb iPerf kit?
For RFC2444, please read RFC2544, and forgive the spam. *Roy Hirst* | 425-556-5773 | 425-324-0941 cell XKL LLC | 12020 113th Ave NE, Suite 100 | Kirkland, WA 98034 | USA On 12/8/2014 8:29 AM, Roy Hirst wrote: Can't help with faster adapters, but I believe there are some underlying architectural issues here as to why the speeds are hard to achieve, and why some people can and others maybe can't achieve them. For Carrier Ethernet, I believe most of these are covered in RFC2444 and the related RFC6815. Even with bit speeds up to spec, traffic speeds are impacted non-linearly by customer protocols including the usual suspect, TCP. This is documented in ITU-T Y.1564, clearly enough for simple folk like me. A good example for your corkboard is slide (page) 28 of the excellent 20140409-Tierney-100G-experience-Internet2-Summit.pdf, included as part of a report on 100GE performance test methodologies. Which is how I stumbled across it. Roy *Roy Hirst* | 425-556-5773 | 425-324-0941 cell XKL LLC | 12020 113th Ave NE, Suite 100 | Kirkland, WA 98034 | USA On 12/7/2014 8:48 AM, Teleric Team wrote: From: p...@fiberphone.co.nz Subject: Re: 10Gb iPerf kit? Date: Sun, 7 Dec 2014 09:24:41 +1300 To: nanog@nanog.org On 11/11/2014, at 1:35 PM, Randy Carpenter rcar...@network1.net wrote: I have not tried doing that myself, but the only thing that would even be possible that I know of is thunderbolt. A new MacBook Pro and one of these maybe: http://www.sonnettech.com/product/echoexpresssel_10gbeadapter.html Or one of these ones for dual-10Gbit links (one for out of band management or internet?): http://www.sonnettech.com/product/twin10g.html I haven't tried one myself, but they're relatively cheap (for 10gig) so not that much outlay to grab one and try it (esp if you already have an Apple laptop you can test with). How would you use it? with iperf still?I don't think you will go nearly close to 14.8Mpps per port this way.Unless you are talking about bandwidth testing with full sized packet frames and low pps rate. I personally tested a 1Gbit/s port over a MBP retina 15 thunderbot gbe with BCM5701 chipset. I had only 220kpps on a single TX flow.Later I tried another adapter with a marvel yukon mini port. Had better pps rate, but nothing beyond 260kpps. I've done loads of 1Gbit testing using the entry-level MacBook Air and a Thunderbolt Gigabit Ethernet adapter though, and I disagree with Saku's statement of 'You cannot use UDPSocket like iperf does, it just does not work, you are lucky if you reliably test 1Gbps'. I find iperf testing at 1Gbit on Mac Air with Thunderbolt Eth extremely reliable (always 950+mbit/sec TCP on a good network, and easy to push right to the 1gbit limit with UDP. Again, with 64byte packet size? Or are you talking MTU? With MTU size you can try whatever you want and it will seem to be reliable. A wget/ftp download of a 1GB file will provide similar results, but I dont think this is useful anyway since it won't test anything close to rfc2544 or at least an ordinary internet traffic profile with a mix of 600bytes pkg size combined with a lower rate of smaller packets (icmp/udp, ping/dns/ntp/voice/video). I am also interested in a cheap and reliable method to test 10GbE connections. So far I haven't found something I trust. Pete The information contained in this e-mail message may be privileged, confidential and protected from disclosure. If you are not the intended recipient, any dissemination, distribution or copying is strictly prohibited. If you think that you have received this e-mail message in error, please e-mail the sender at the above e-mail address. The information contained in this e-mail message may be privileged, confidential and protected from disclosure. If you are not the intended recipient, any dissemination, distribution or copying is strictly prohibited. If you think that you have received this e-mail message in error, please e-mail the sender at the above e-mail address.
Re: Followup: Survey results for the ARIN RPA
We signed our ROAs but we wont be validating anything from the ARIN region. I believe you will find this to be the norm. The tool provided by RIPE also ignores ARIN by default. Someone will probably tell me that I am being arrogant again, but basically you are asking me to help protect your routes. And you want me to sign something first. I am not going to even read that agreement. I do not believe I am alone in this. Regards Baldur
looking for an OTDR
Hi, I'm looking for an OTDR. - single and multi mode fibers - good resolution as the the primary area of operation would be in the data center - a low learning curve and simple user interface What OTDRs / manufactures can you recommend? Thanks Karsten
Re: Followup: Survey results for the ARIN RPA
One could easily presume the ARIN region RPKI deployment statistics are lower as a result of the RPA situation (and no doubt that it part of the issue), but as noted earlier, it's unlikely to be the full story since we also have a region (APNIC) where RPKI deployment also rather low that and yet does not have these RPA legal entanglements. It was suggested earlier that this may be due to a combination of factors (education, promotion) beyond the RPA legal issues that are now being worked - so that will also need to be addressed once the RPA is resolved. Are the US litigation risks that much higher than other jurisdictions so that ARIN needs to take a different approach than other RIRs ? If they are, perhaps a confederation design instead of centralized one would help scatter those risks ? Rubens
Re: looking for an OTDR
If you can afford it, Fluke makes very nice products. The versiv platform has some impressive capabilities and is very easy to use. I have no stake in or relationship to Fluke, just like their stuff. Owen On Dec 8, 2014, at 10:06 , Karsten Elfenbein karsten.elfenb...@gmail.com wrote: Hi, I'm looking for an OTDR. - single and multi mode fibers - good resolution as the the primary area of operation would be in the data center - a low learning curve and simple user interface What OTDRs / manufactures can you recommend? Thanks Karsten
Re: Followup: Survey results for the ARIN RPA
On Dec 8, 2014, at 1:13 PM, Rubens Kuhl rube...@gmail.commailto:rube...@gmail.com wrote: One could easily presume the ARIN region RPKI deployment statistics are lower as a result of the RPA situation (and no doubt that it part of the issue), but as noted earlier, it's unlikely to be the full story since we also have a region (APNIC) where RPKI deployment also rather low that and yet does not have these RPA legal entanglements. It was suggested earlier that this may be due to a combination of factors (education, promotion) beyond the RPA legal issues that are now being worked - so that will also need to be addressed once the RPA is resolved. Are the US litigation risks that much higher than other jurisdictions so that ARIN needs to take a different approach than other RIRs ? If they are, perhaps a confederation design instead of centralized one would help scatter those risks ? Rubens - It is true that US has an abundance of litigation, and while this doesn't require a different approach than other regions, it does often mean that we're far more conservative in both technical and legal approaches initially. ARIN's RPA is a typical example, in that it has allowed us to rollout the service in a timely manner that would not have otherwise been possible. Now that there is some operational experience, it's possible to review the experience and see if a more relaxed risk posture can be accommodated. FYI /John John Curran President and CEO ARIN
RE: Carrier-grade DDoS Attack mitigation appliance
Does anyone on list currently use Peakflow SP from Arbor with TMS, and is it truly a carrier grade DDoS detection and mitigation platform? Anyone have any experience with Plixir? Tony McKay Dir. Of Network Operations Office: 870.336.3449 Mobile: 870.243.0058 -The boundary to your comfort zone fades a little each time you cross it. Raise your limits by pushing them. This electronic mail transmission may contain confidential or privileged information. If you believe that you have received this message in error, please notify the sender by reply transmission and delete the message without copying or disclosing it. -Original Message- From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Mohamed Kamal Sent: Sunday, December 07, 2014 2:10 PM To: nanog Subject: Carrier-grade DDoS Attack mitigation appliance Have anyone tried any DDoS attack mitigation appliance rather than Arbor PeakFlow TMS? I need it to be carrier-grade in terms of capacity and redundancy, and as far as I know, Arbor is the only product in the market which offers a clean pipe volume of traffic, so if the DDoS attack volume is, for example, 1Tbps, they will grant you for example 50Gbps of clean traffic. Anyway, I'm open to other suggestions, and open-source products that can do the same purpose, we have network development team that can work on this. Thanks. -- Mohamed Kamal Core Network Sr. Engineer
Re: Carrier-grade DDoS Attack mitigation appliance
Hi, We’re currently running the Arbor Peakflow SP with the TMS and it works very well for us. Best Regards, Ammar Zuberi FastReturn, Inc Direct Line: +971 50 394 7299 Email: am...@fastreturn.net This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received it by mistake, please let us know by e-mail reply and delete it from your system; you may not copy this message or disclose its contents to anyone. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. Finally, the recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. On Dec 8, 2014, at 10:53 PM, Tony McKay tony.mc...@rittercommunications.com wrote: Does anyone on list currently use Peakflow SP from Arbor with TMS, and is it truly a carrier grade DDoS detection and mitigation platform? Anyone have any experience with Plixir? Tony McKay Dir. Of Network Operations Office: 870.336.3449 Mobile: 870.243.0058 -The boundary to your comfort zone fades a little each time you cross it. Raise your limits by pushing them. This electronic mail transmission may contain confidential or privileged information. If you believe that you have received this message in error, please notify the sender by reply transmission and delete the message without copying or disclosing it. -Original Message- From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Mohamed Kamal Sent: Sunday, December 07, 2014 2:10 PM To: nanog Subject: Carrier-grade DDoS Attack mitigation appliance Have anyone tried any DDoS attack mitigation appliance rather than Arbor PeakFlow TMS? I need it to be carrier-grade in terms of capacity and redundancy, and as far as I know, Arbor is the only product in the market which offers a clean pipe volume of traffic, so if the DDoS attack volume is, for example, 1Tbps, they will grant you for example 50Gbps of clean traffic. Anyway, I'm open to other suggestions, and open-source products that can do the same purpose, we have network development team that can work on this. Thanks. -- Mohamed Kamal Core Network Sr. Engineer
Re: DWDM Documentation
Not found as much as I'd like. I can see an architecture, can see the database and where it lives, but I can't see a data model that works. if the problem is to track dumb infrastructure metadata, like port::cableID::cabletray, then I can't get an event (e.g. SNMP) to report a status change, and entropy eats at my data unless I spend people time keeping it up to date. It's not the rendering of racks, it's the quality of the data that's an issue. I don't even know when (if?) this tracking becomes a problem. When is a hardcopy wallchart not enough? At 50 servers? At 500 servers? I saw a while back a finance industry comment that it's config errors, not particularly backhoes, that are a significant source of their down time. So you'd expect some NOC attention on inventorying cableIDs etc., but it's hard to find. Now we are seeing some affordable (100GE at 4x10GE) services popping up, I thought I'd like to see what the future reqs are for these interfaces - more eggs in one basket maybe adds importance. You are yourself, maybe, sitting on a hidden store of use cases for infrastructure manageability? :-) Roy *Roy Hirst* | 425-556-5773 | 425-324-0941 cell XKL LLC | 12020 113th Ave NE, Suite 100 | Kirkland, WA 98034 | USA On 12/7/2014 7:46 PM, Colton Conor wrote: What have you found so far? On Thu, Dec 4, 2014 at 1:15 PM, Roy Hirst rhi...@xkl.com mailto:rhi...@xkl.com wrote: Replying offline to Theo. Schwer zu finden. Roy *Roy Hirst* | 425-556-5773 tel:425-556-5773 | 425-324-0941 tel:425-324-0941 cell XKL LLC | 12020 113th Ave NE, Suite 100 | Kirkland, WA 98034 | USA On 12/4/2014 5:21 AM, Theo Voss wrote: Hi guys, we, a Berlin / Germany based carrier, are looking for a smart documentation (shelfs, connections, fibers) and visualization tool for our ADVA-based DWDM-enviroment. Do you have any suggestions or hints for me? We’re testing „cableScout“, the only one I found, next week but. Unfortunately it isn’t easy to get any information about such tools! :( Thanks in advance! Best regards, Theo Voss (AS25291) The information contained in this e-mail message may be privileged, confidential and protected from disclosure. If you are not the intended recipient, any dissemination, distribution or copying is strictly prohibited. If you think that you have received this e-mail message in error, please e-mail the sender at the above e-mail address. The information contained in this e-mail message may be privileged, confidential and protected from disclosure. If you are not the intended recipient, any dissemination, distribution or copying is strictly prohibited. If you think that you have received this e-mail message in error, please e-mail the sender at the above e-mail address.
Re: Carrier-grade DDoS Attack mitigation appliance
On 12/08/2014 11:53 AM, Tony McKay wrote: Does anyone on list currently use Peakflow SP from Arbor with TMS, and is it truly a carrier grade DDoS detection and mitigation platform? Anyone have any experience with Plixir? Peakflow SP with the TMS works quite well. Can be very fast once a threat is discovered, depending on how you set up the mitigation. If you use auto mitigate and anycast BGP announcements, you can get a base mitigation going within seconds. Although it works quite well, it can be a bit pricey. I've seen but not yet played with DefensePro from Radware. I thought they also had premise based unit like Arbor's Pravail but I can't be sure on that. --John Tony McKay Dir. Of Network Operations Office: 870.336.3449 Mobile: 870.243.0058 -The boundary to your comfort zone fades a little each time you cross it. Raise your limits by pushing them. This electronic mail transmission may contain confidential or privileged information. If you believe that you have received this message in error, please notify the sender by reply transmission and delete the message without copying or disclosing it. -Original Message- From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Mohamed Kamal Sent: Sunday, December 07, 2014 2:10 PM To: nanog Subject: Carrier-grade DDoS Attack mitigation appliance Have anyone tried any DDoS attack mitigation appliance rather than Arbor PeakFlow TMS? I need it to be carrier-grade in terms of capacity and redundancy, and as far as I know, Arbor is the only product in the market which offers a clean pipe volume of traffic, so if the DDoS attack volume is, for example, 1Tbps, they will grant you for example 50Gbps of clean traffic. Anyway, I'm open to other suggestions, and open-source products that can do the same purpose, we have network development team that can work on this. Thanks. -- Mohamed Kamal Core Network Sr. Engineer
Re: DWDM Documentation
On Thu, Dec 04, 2014 at 01:21:16PM +, Theo Voss wrote: Hi guys, we, a Berlin / Germany based carrier, are looking for a smart documentation (shelfs, connections, fibers) and visualization tool for our ADVA-based DWDM-enviroment. Do you have any suggestions or hints for me? We’re testing „cableScout“, the only one I found, next week but. Unfortunately it isn’t easy to get any information about such tools! :( Thanks in advance! Best regards, Theo Voss (AS25291) We're starting to use PatchManager. It is flexible enough to handle fiber shelves, splices, manholes, etc. as well as theoretically WDM, but we have been focusing on our LAN copper cabling first, so we haven't done much with the fiber plant yet.
Re: Followup: Survey results for the ARIN RPA
In message CAPkb-7DmELgaD0F=paxdjzupgi5vqp0pp8ysysl+gkxldmj...@mail.gmail.com , Baldur Norddahl writes: We signed our ROAs but we wont be validating anything from the ARIN region. I believe you will find this to be the norm. The tool provided by RIPE also ignores ARIN by default. Someone will probably tell me that I am being arrogant again, but basically you are asking me to help protect your routes. And you want me to sign something first. I am not going to even read that agreement. I do not believe I am alone in this. Well the tool is designed to prevent you being fooled by people injecting bogus routing information. If you wish to continue to be fooled so be it. If I was running a ISP I wouldn't want to be in the position of explaining why I was accepting bogus routes when I have the way to reject them. The agreement is that if you run the tool and there is a mistake in the data or the servers are not available that you won't sue ARIN for the mistake. Mark Regards Baldur -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
Re: Followup: Survey results for the ARIN RPA
I care mostly about routes to destinations close to me. If someone steals a route from someone on other side of the world everyone will rightly assume it is the other guys having trouble. Plus we simply do not have much traffic there. On the other hand it adds up for the target if many ISPs around the world is fooled. But that is just my ramblings. I am also warning that the RIPE tool already ignores ARIN. Anyone from RIPE will be ignoring you unless they go out of their way to fix it. My bet is therefore that ARIN is being ignored by many if not most. Regards Baldur Den 08/12/2014 23.46 skrev Mark Andrews ma...@isc.org: In message CAPkb-7DmELgaD0F= paxdjzupgi5vqp0pp8ysysl+gkxldmj...@mail.gmail.com , Baldur Norddahl writes: We signed our ROAs but we wont be validating anything from the ARIN region. I believe you will find this to be the norm. The tool provided by RIPE also ignores ARIN by default. Someone will probably tell me that I am being arrogant again, but basically you are asking me to help protect your routes. And you want me to sign something first. I am not going to even read that agreement. I do not believe I am alone in this. Well the tool is designed to prevent you being fooled by people injecting bogus routing information. If you wish to continue to be fooled so be it. If I was running a ISP I wouldn't want to be in the position of explaining why I was accepting bogus routes when I have the way to reject them. The agreement is that if you run the tool and there is a mistake in the data or the servers are not available that you won't sue ARIN for the mistake. Mark Regards Baldur -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
Re: Carrier-grade DDoS Attack mitigation appliance
We also evaluating another appliance to put in place of Arbor, their support outside USA its a joke. On Mon, Dec 8, 2014 at 6:17 PM, Ammar Zuberi am...@fastreturn.net wrote: Hi, We're currently running the Arbor Peakflow SP with the TMS and it works very well for us. Best Regards, Ammar Zuberi FastReturn, Inc Direct Line: +971 50 394 7299 Email: am...@fastreturn.net This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received it by mistake, please let us know by e-mail reply and delete it from your system; you may not copy this message or disclose its contents to anyone. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. Finally, the recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. On Dec 8, 2014, at 10:53 PM, Tony McKay tony.mc...@rittercommunications.com wrote: Does anyone on list currently use Peakflow SP from Arbor with TMS, and is it truly a carrier grade DDoS detection and mitigation platform? Anyone have any experience with Plixir? Tony McKay Dir. Of Network Operations Office: 870.336.3449 Mobile: 870.243.0058 -The boundary to your comfort zone fades a little each time you cross it. Raise your limits by pushing them. This electronic mail transmission may contain confidential or privileged information. If you believe that you have received this message in error, please notify the sender by reply transmission and delete the message without copying or disclosing it. -Original Message- From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Mohamed Kamal Sent: Sunday, December 07, 2014 2:10 PM To: nanog Subject: Carrier-grade DDoS Attack mitigation appliance Have anyone tried any DDoS attack mitigation appliance rather than Arbor PeakFlow TMS? I need it to be carrier-grade in terms of capacity and redundancy, and as far as I know, Arbor is the only product in the market which offers a clean pipe volume of traffic, so if the DDoS attack volume is, for example, 1Tbps, they will grant you for example 50Gbps of clean traffic. Anyway, I'm open to other suggestions, and open-source products that can do the same purpose, we have network development team that can work on this. Thanks. -- Mohamed Kamal Core Network Sr. Engineer -- Grato, Tozo
What can I infer from show ip route and similar BGP commands?
Hello NANOG, I’m a researcher and I was trying to understand the data I collected from some BGP Looking Glasses. Basically, I was hoping to see if BGP records can tell me where my university’s provider (AS3701) is peering with its providers. I issued two BGP queries to Level3’s LGs, one in Seattle and one in Amsterdam for my school’s prefix. My strong guess was that our provider (AS3701) peers with Level3 in Seattle. I was hoping to conclude something like this: if the peering occurs in Seattle, the Seattle LG should reveal it, but Amsterdam should not. AS3701 is Nero (Network for Education and Research in Oregon) which I assume is a small regional AS. I don't think Nero peers with Level3 in Amsterdam, however, I get this AS for my next hop even when I issue the command from Amsterdam. On the other hand “car1.Sacramento1” suggests that the peering happens in Sacramento. This result makes me think what I get is from a combination of iBGP and eBGP, which is also apparent from “Internal/External” keywords in the data. My main issue is that the keywords are not always available. In some other LG I just get a next hop IP and an AS path. How can I make sure that the peering information comes from an eBGP peering? I think the next hop IP might be the answer, right? I included the results of the command for both LGs here, hopefully somebody could explain to me - Route results for 128.223.0.0/16 from Amsterdam, Netherlands BGP routing table entry for 128.223.0.0/16 Paths: (2 available, best #1) 3701 3582 AS-path translation: { OREGONUNIV UONET } car1.Sacramento1 (metric 58341) Origin IGP, metric 0, localpref 100, valid, internal, best Community: North_America Lclprf_100 Level3_Customer United_States Sacramento Originator: car1.Sacramento1 3701 3582 AS-path translation: { OREGONUNIV UONET } car1.Sacramento1 (metric 58341) Origin IGP, metric 0, localpref 100, valid, internal Community: North_America Lclprf_100 Level3_Customer United_States Sacramento Originator: car1.Sacramento1 - Route results for 128.223.6.81/16 from Seattle, WA BGP routing table entry for 128.223.0.0/16 Paths: (4 available, best #3) 3701 3582 AS-path translation: { OREGONUNIV UONET } 4.53.150.46 from 4.53.150.46 (ptck-core1-gw.nero.net) Origin IGP, localpref 90, valid, external Community: North_America Lclprf_90 Level3_Customer United_States Seattle Level3:11847 3701 3582, (received-only) AS-path translation: { OREGONUNIV UONET } 4.53.150.46 from 4.53.150.46 (ptck-core1-gw.nero.net) Origin IGP, localpref 100, valid, external Community: Level3:90 3701 3582 AS-path translation: { OREGONUNIV UONET } car1.Sacramento1 (metric 34363) Origin IGP, metric 0, localpref 100, valid, internal, best Community: North_America Lclprf_100 Level3_Customer United_States Sacramento Originator: car1.Sacramento1 3701 3582 AS-path translation: { OREGONUNIV UONET } car1.Sacramento1 (metric 34363) Origin IGP, metric 0, localpref 100, valid, internal Community: North_America Lclprf_100 Level3_Customer United_States Sacramento Originator: car1.Sacramento1 Best Regards Reza Motamedi (R.M) Graduate Research Fellow Computer and Information Science University of Oregon
Re: What can I infer from show ip route and similar BGP commands?
Thanks Joel for your detailed explanation. It was very informative. I have been using routeviews for sometime, but given that I could get this amount of information from other sources, I decided to give this a try. On another note, do you think there is any value in checking the next hop IP? I have been checking and it looks as if when the IP is in the AS at the head of the AS path, the entry is associated with an iBGP record, right? I just used the ripe stat to map IPs to AS and it always holds when there is an AS for the next hop IP. Thanks again for your input.