Re: Comparing Backbone providers from support POV

[Luke Guillory]

Check this thread out.

https://mailman.nanog.org/pipermail/nanog/2017-August/091852.html

Sent from my iPhone

On Aug 24, 2017, at 5:18 PM, Bassem Fawzi 
> wrote:

Hello All,

This is Bassem and this is my first participation in nanog.

We are planning to get a new 10G circuit and we are comparing the IPT service 
of three backbone providers that met our technical and financial requirements, 
Now to take all aspects into consideration we need to compare them from the 
support point of view.

The three providers are NTT,GTT and Telia so if any one have dealt with them 
before and can help us rate their support it would be Great.

Many thanks.

--
Best regards,

Bassem Fawzy
Network engineer – Core Team
City Stars Capital 5 A4
Omar Ibn El Khattab St.
Heliopolis, Cairo, Egypt
Mobile GSM: +2 01006580139
Land Line:  +2 02 16700 EXT:139
FAX:+2 02 37482816
Email:  bfa...@noor.net




Luke Guillory
Vice President – Technology and Innovation


[cid:imagee3fe68.JPG@4f232b39.4682af08] 

Tel:985.536.1212
Fax:985.536.0300
Email:  lguill...@reservetele.com
Web:www.rtconline.com

Reserve Telecommunications
100 RTC Dr
Reserve, LA 70084





Disclaimer:
The information transmitted, including attachments, is intended only for the 
person(s) or entity to which it is addressed and may contain confidential 
and/or privileged material which should not disseminate, distribute or be 
copied. Please notify Luke Guillory immediately by e-mail if you have received 
this e-mail by mistake and delete this e-mail from your system. E-mail 
transmission cannot be guaranteed to be secure or error-free as information 
could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or 
contain viruses. Luke Guillory therefore does not accept liability for any 
errors or omissions in the contents of this message, which arise as a result of 
e-mail transmission.

Comparing Backbone providers from support POV

[Bassem Fawzi]

Hello All,

This is Bassem and this is my first participation in nanog.

We are planning to get a new 10G circuit and we are comparing the IPT service 
of three backbone providers that met our technical and financial requirements, 
Now to take all aspects into consideration we need to compare them from the 
support point of view. 

The three providers are NTT,GTT and Telia so if any one have dealt with them 
before and can help us rate their support it would be Great.
  
Many thanks.

-- 
Best regards,

Bassem Fawzy
Network engineer – Core Team
City Stars Capital 5 A4
Omar Ibn El Khattab St.
Heliopolis, Cairo, Egypt
Mobile GSM: +2 01006580139
Land Line:  +2 02 16700 EXT:139
FAX:+2 02 37482816
Email:  bfa...@noor.net

unsubscribe

[Steve Lerner]

On Wed, Aug 23, 2017 at 8:00 AM,  wrote:

> Send NANOG mailing list submissions to
> nanog@nanog.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://mailman.nanog.org/mailman/listinfo/nanog
> or, via email, send a message with subject or body 'help' to
> nanog-requ...@nanog.org
>
> You can reach the person managing the list at
> nanog-ow...@nanog.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of NANOG digest..."
>
>
> Today's Topics:
>
>1. Re: Creating a Circuit ID Format (Tassos Chatzithomaoglou)
>2. Re: Creating a Circuit ID Format (Jared Mauch)
>3. 2017 NANOG Elections General Information (Dave Temkin)
>4. Re: Creating a Circuit ID Format (Justin M. Streiner)
>5. Re: Creating a Circuit ID Format (Nick Hilliard)
>6. Spectrum web cache engineer (Andrew Kirch)
>7. RE: Creating a Circuit ID Format (Timothy Creswick)
>
>
> --
>
> Message: 1
> Date: Tue, 22 Aug 2017 19:01:56 +0300
> From: Tassos Chatzithomaoglou 
> To: NANOG 
> Subject: Re: Creating a Circuit ID Format
> Message-ID: <6b76d308-1a55-af42-c7cd-195d77147...@forthnet.gr>
> Content-Type: text/plain; charset=UTF-8
>
> I don't know if it has any relation to your issue, but we use Circuit-ID
> to uniquely identify the access node plus the customer's access loop
> logical port on the access node.
> Access node can be either a DSLAM, a switch, an OLT, etc.
>
> You may have a look at BBF's TR-101 (section 3.9.3)  or TR-156 (section
> 5.7) for syntax guide .
>
> --
> Tassos
>
> Colton Conor wrote on 21/8/17 23:26:
> > We are building a new fiber network, and need help creating a circuit ID
> > format to for new fiber circuits. Is there a guide or standard for fiber
> > circuit formats? Does the circuit ID change when say a customer upgrades
> > for 100Mbps to 1Gbps port?
> >
> > What do the larger carriers do? Any advice on creating a circuit ID
> format
> > for a brand new fiber network?
> >
> >
> >  Originally we ran a CLEC using a LECs copper, and our circuit ID was
> > historically a telephone number for DSL circuits. The ILEC had a complex
> > method for assigning circuit IDs.
> >
> > I am sure anything will work as long as you keep track of it, but any
> > advice would be great!
> >
>
>
>
> --
>
> Message: 2
> Date: Tue, 22 Aug 2017 12:37:08 -0400
> From: Jared Mauch 
> To: Tassos Chatzithomaoglou 
> Cc: NANOG 
> Subject: Re: Creating a Circuit ID Format
> Message-ID: <2af810ab-e963-4cd4-867c-3d96b73a4...@puck.nether.net>
> Content-Type: text/plain; charset=us-ascii
>
>
> > On Aug 22, 2017, at 12:01 PM, Tassos Chatzithomaoglou <
> ach...@forthnet.gr> wrote:
> >
> > I don't know if it has any relation to your issue, but we use Circuit-ID
> to uniquely identify the access node plus the customer's access loop
> logical port on the access node.
> > Access node can be either a DSLAM, a switch, an OLT, etc.
> >
> > You may have a look at BBF's TR-101 (section 3.9.3)  or TR-156 (section
> 5.7) for syntax guide .
>
>
> My favorite circuit-ids were those from MFS where it had the service type
> (2 chars i think) + a pop-code + z pop-code + service count number.
>
> We could then tell what pop/facility everything was handed off at easily
> enough.  I think my house even got a MFS pop code at one time due to the T1
> which was there.
>
> - Jared
>
> --
>
> Message: 3
> Date: Tue, 22 Aug 2017 10:21:32 -0700
> From: Dave Temkin 
> To: "North American Network Operators' Group" 
> Subject: 2017 NANOG Elections General Information
> Message-ID:
> 

AWS internal networking team contact?

[Robbie Trencheny]

Hey all,

We are seeing major packet loss and high latency at a Level3 node just
before the hop into AWS us-west-2. We had a go live planned for today which
has now been scrapped because T-Mobile customers (a significant chunk of
our customer base) nationwide are unable to login to our app. AWS Support
is dragging their feet waiting to hear back from their internal networking
team and didn't even believe they peered with Level3 at us-west-2 and we
just don't have the time. CEO is talking about pulling the plug entirely on
us-west-2 if not all of AWS and re-deploying to us-east-X or GCP.

If someone from AWS could reach out off list to help expedite my ticket and
get in contact with Level3 to fix their Seattle nodes i'd really appreciate
it. It's already 740 on the west coast and I don't think i'm going home
anytime soon. :(

For those interested, failing nodes i'm seeing are
ae-1-51.ear2.Seattle1.Level3.net 
 and ae-2-52.ear2.Seattle1.Level3.net
. Confirmed that T-Mobile is
routing through those nodes from both SF and NYC. Apple also rejected our
app during review this morning because of network failures while on wifi
which I have to assume are the same ones we've been seeing for the last 96
hours.

Thanks

Re: How can I obtain the abuse e-mail address for IPs from Japan?

[Marc Gimeno]

Maybe simple whois from debian machine. Then he looks to related Regional
Internet address Registry, in this case, APNIC. I mark it in *bold*.

hois 59.106.13.181
% [whois.apnic.net]
% Whois data copyright termshttp://www.apnic.net/db/dbcopyright.html

% Information related to '59.106.0.0 - 59.106.255.255'

% Abuse contact for '59.106.0.0 - 59.106.255.255' is 'hostmas...@nic.ad.jp'

inetnum:59.106.0.0 - 59.106.255.255
netname:SAKURA
descr:  SAKURA Internet Inc.
descr:  Grandfront Osaka Bldg. Tower-A 35F, 4-20, Ofukacho,
Kita-ku, Osaka 530-0011 Japan
country:JP
admin-c:JNIC1-AP
tech-c: JNIC1-AP
status: ALLOCATED PORTABLE
*remarks:Email address for spam or abuse complaints :
supp...@sakura.ad.jp *
mnt-by: MAINT-JPNIC
mnt-irt:IRT-JPNIC-JP
mnt-lower:  MAINT-JPNIC
changed:hm-chan...@apnic.net 20041013
changed:ip-ap...@nic.ad.jp 20070523
changed:hm-chan...@apnic.net 20151202
changed:ip-ap...@nic.ad.jp 20170703
source: APNIC

irt:IRT-JPNIC-JP
address:Urbannet-Kanda Bldg 4F, 3-6-2 Uchi-Kanda
address:Chiyoda-ku, Tokyo 101-0047, Japan
e-mail: hostmas...@nic.ad.jp
abuse-mailbox:  hostmas...@nic.ad.jp
admin-c:JNIC1-AP
tech-c: JNIC1-AP
auth:   # Filtered
mnt-by: MAINT-JPNIC
changed:ab...@apnic.net 20101108
changed:hm-chan...@apnic.net 2010
changed:ip-ap...@nic.ad.jp 20140702
source: APNIC

*_*


*Marc Gimeno*
*NOC*
*_*


Adamo Telecom Iberia S.A.U.
www.adamo.es


On Wed, Aug 23, 2017 at 5:16 PM, Kurt Kraut  wrote:

> Hello Suresh,
>
>
> It doesn't seem to help a lot:
>
> ktk@ktk:~$ whois -h whois.nic.ad.jp 59.106.13.181
> [ JPNIC database provides information regarding IP address and ASN. Its use
>   ]
> [ is restricted to network administration purposes. For further
> information,  ]
> [ use 'whois -h whois.nic.ad.jp help'. To only display English output,
>]
> [ add '/e' at the end of command, e.g. 'whois -h whois.nic.ad.jp xxx/e'.
>]
>
> Network Information:
> a. [Network Number] 59.106.12.0-59.106.27.255
> b. [Network Name]   SAKURA-NET
> g. [Organization]   SAKURA Internet Inc.
> m. [Administrative Contact] KT749JP
> n. [Technical Contact]  KW419JP
> p. [Nameserver] ns1.dns.ne.jp
> p. [Nameserver] ns2.dns.ne.jp
> [Assigned Date] 2004/11/24
> [Return Date]
> [Last Update]   2004/11/24 18:41:02(JST)
>
> Less Specific Info.
> --
> SAKURA Internet Inc.
>  [Allocation]
> 59.106.0.0/16
>
> More Specific Info.
>
>
>
> No e-mail addresses of the abuse team or NOC or SOC.
>
>
> Best regards,
>
>
> Kurt Kraut
>
> 2017-08-23 11:55 GMT-03:00 Suresh Ramasubramanian :
>
> > whois -h whois.nic.ad.jp IP /e
> >
> > --srs
> >
> > > On 23-Aug-2017, at 7:38 PM, Kurt Kraut  wrote:
> > >
> > > Hello,
> > >
> > >
> > > I'm having a hard time to figure out the abuse e-mail address for IPs
> > from
> > > Japan. Any query I perform at the WHOIS, for any IP, from any
> autonomoyus
> > > system I get the same e-mail addresses:
> > >
> > > ab...@apnic.net
> > > hm-chan...@apnic.net
> > > ip-ap...@nic.ad.jp
> > > hostmas...@nic.ad.jp
> > >
> > > These e-mail addresses belong to JPNIC, not the autonomous system
> itself.
> > > So any messages sent to these e-mail addresses will not reach the
> > offending
> > > NOC/SOC so I can report vulnerabilities and DDoS attacks.
> > >
> > > What am I missing and how should I report security issues to autonomous
> > > systems from this region? Has anyone here any experience on this?
> > >
> > >
> > > Thanks in advance,
> > >
> > >
> > > Kurt Kraut
> >
>

Telekom Malaysia Contact

[Gabe Cole]

I am working on some subsea cables that need to transit in Malaysia and need a 
contact at Telekom Malaysia.

Thanks in advance!

Gabe Cole
+1-617-303-8707
g...@rtegroup.com
@datacenterguru

Re: Last Week's Canadian Fiber Cut

[Fletcher Kittredge]

On Thu, Aug 24, 2017 at 1:00 PM, Rod Beck 
wrote:

> Unless I am mistaken, that is an old legacy route. I don't think it is a
> new build. I know at one time Hibernia was selling its undersea link from
> Halifax to Boston as a back up for that route. On the other hand, there
> have been some Canadian carrier builds recently so may be it's not legacy.
>
No, this is not a legacy route. It was a new route constructed in 2012 as
part of the Federal BTOP ARRA program. It is a 1,100 mile high strand count
fiber ring around Maine with multiple border crossings. Dozens of carriers
are using it.


-- 
Fletcher Kittredge
GWI

vFlow v0.4.1 :: IPFIX, sFlow and Netflow collector (open source)

[Mehrdad Arshad Rad]

Hi All,

Sorry for spamming, I just wanted to update you for vFlow v0.4.1
(High-performance, scalable and reliable IPFIX, sFlow and Netflow
collector.)
Now you can install it very easily through RPM or Debian package also the
MS Windows binary is available (or you can compile it through a command)
It's written with pure Golang and it works in production under heavy load!

New features: Netflow v9 protocol, support NATS (message bus, nats.io), MS
Windows support!

You can download it at
https://github.com/VerizonDigital/vflow/releases/tag/v0.4.1

All features:

- IPFIX RFC7011 collector
- sFLow v5 raw header packet collector
- Netflow v9 collector
- Decoding sFlow raw header L2/L3/L4
- Produce to Apache Kafka, NSQ, NATS
- Replicate IPFIX to 3rd party collector
- Supports IPv4 and IPv6

There are two quick start docs :

- vFlow with NSQ:
https://github.com/VerizonDigital/vflow/blob/master/docs/quick_start_nsq.md
- vFlow with Kafka:
https://github.com/VerizonDigital/vflow/blob/master/docs/quick_start_kafka.md

All docs: https://github.com/VerizonDigital/vflow/tree/master/docs

Please let me know if you have any questions/suggestions or open an issue
at GitHub.

https://github.com/verizonDigital/vflow

Thanks,
Mehrdad


-- 
*M*ehrdad Arshad Rad
*P*rincipal Software Engineer
https://www.linkedin.com/in/mehrdadrad

Re: Creating a Circuit ID Format

[William Herrin]

On Tue, Aug 22, 2017 at 3:36 AM, Allan Eising  wrote:

>  it can be
> troublesome to keep an incrementing number accurate, if you don't have a
> good
> central database to track it in.
>


That reminds me: You will buy out other organizations' assets with other
organizations' identifiers. When you build your central database, make sure
it can accept the arbitrary circuit ID formats applied to your new property.

Regards,
Bill Herrin


-- 
William Herrin  her...@dirtside.com  b...@herrin.us
Dirtside Systems . Web: 

Cogent Chicago

[Mike Hammett]

I'm looking for someone knowledgeable as to how some of their datacenter POPs 
interconnect. Trying to determine what level of diversity other than POP 
location there are between two datacenters. 

Cogent staff is fine, maybe even preferred. Unsurprisingly, the sales person I 
talked to wasn't incredibly useful. 




- 
Mike Hammett 
Intelligent Computing Solutions 

Midwest Internet Exchange 

The Brothers WISP 

Re: Last Week's Canadian Fiber Cut

[Jean-Francois Mezei]

On 2017-08-16 18:29, Christopher Morrell wrote:
> Let’s not forget that all POTS and cell service was offline during the
> outage - even for local and 911 service.


It would be interesting to know how incumbent telco services within
Aliant territory became dependent on a link to central Canada. Whenh on
dials 911 in Moncton, does it require some database inquiry to some
database in Toronto, failing which, the call can't go through?




(Aliant, which used to be separate maritime telcos was bought lock stock
and barrel by Bell Canada a couple years ago, so likely rationlized some
services to save costs, so anything that became dependent on some
Toronto server would stop working)

The CRTC asked Bell for a report on what happened, but told media that
report may not be made public.

Re: Last Week's Canadian Fiber Cut

[Rod Beck]

Unless I am mistaken, that is an old legacy route. I don't think it is a new 
build. I know at one time Hibernia was selling its undersea link from Halifax 
to Boston as a back up for that route. On the other hand, there have been some 
Canadian carrier builds recently so may be it's not legacy.


Regards,


Roderick



From: NANOG  on behalf of Fletcher Kittredge 

Sent: Wednesday, August 16, 2017 10:29 PM
To: Clinton Work
Cc: NANOG list
Subject: Re: Last Week's Canadian Fiber Cut

There is a third route from Halifax -> New Brunswick -> Portland, ME ->
[Albany, Boston]

On Tue, Aug 15, 2017 at 4:07 PM, Clinton Work  wrote:

> I can't speak for the Bell Aliant network, but I'm only aware of two
> diverse fiber routes out of Halifax, Nova Scotia.   Halifax -> New
> Brunswick -> Quebec City is the Canadian route and Halifax -> Boston is
> the diverse route.
>
> On Tue, Aug 15, 2017, at 01:52 PM, Jared Mauch wrote:
> > Perhaps some transatlantic fallback?  It looks like the only cable out
> > there is the Greenland one.. guessing that’s not very competitive?  It
> > only gets you to Iceland it seems.
> >
>
>


--
Fletcher Kittredge
GWI
207-602-1134
www.gwi.net
GWI: Phone and High Speed Internet services for your Maine 
...
www.gwi.net
GWI Home and Business Phone and High Speed Internet services in Maine. Business 
Wide Area Networks, Hosted PBX, cloud computing and data center services.

Re: Contact at Charter Communications?

[Anne P. Mitchell Esq.]

Hi Chris!

I've pinged our contact at Charter, will let you know if I come up with a 
contact for you.

Anne

Anne P. Mitchell, 
Attorney at Law
CEO/President, 
SuretyMail Email Reputation Certification and Inbox Delivery Assistance
http://www.SuretyMail.com/
http://www.SuretyMail.eu/

Attorney at Law / Legislative Consultant
Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal anti-spam law)
Author: The Email Deliverability Handbook
Member, California Bar Cyberspace Law Committee
Member, Colorado Cybersecurity Consortium
Member, Board of Directors, Asilomar Microcomputer Workshop
Member, Advisory Board, Cause for Awareness
Member, Board of Directors, Greenwood Wildlife Rehabilitation
Member, Elevations Credit Union Member Council
Former Chair, Asilomar Microcomputer Workshop
Ret. Professor of Law, Lincoln Law School of San Jose

Available for consultations by special arrangement.
amitch...@isipp.com | @AnnePMitchell
Facebook/AnnePMitchell  | LinkedIn/in/annemitchell

Re: AT NOC contact?

[Sahil Ganguly via NANOG]

Hello,

Thank you for checking, the issue was resolved.

On Thu, Aug 24, 2017 at 7:52 AM, Nimrod Levy  wrote:

> There was a message to the outages list over the weekend on this, has this
> issue not been resolved?
>
> On Thu, Aug 24, 2017 at 10:38 AM Sahil Ganguly via NANOG 
> wrote:
>
>> Hello,
>>
>> Is there someone at AT on the mailing list I can talk to regarding a
>> possible routing loop getting from AT to Box?
>>
>> Thanks!
>>
>> --
>> Sahil Ganguly
>> Senior Network Operations Engineer
>>
>>
>> M: 303.250.8893 <(303)%20250-8893>
>> 900 Jefferson Ave
>> Redwood City, CA 94063
>>
> --
>
> --
> Nimrod
>



-- 
Sahil Ganguly
Senior Network Operations Engineer


M: 303.250.8893
900 Jefferson Ave
Redwood City, CA 94063

Re: AT NOC contact?

[Anne P. Mitchell Esq.]

 
> 
> Hello,
> 
> Is there someone at AT on the mailing list I can talk to regarding a
> possible routing loop getting from AT to Box?
> 

Sahil - have pinged our AT contact ..will let you know what I hear.

Anne

Anne P. Mitchell, 
Attorney at Law
CEO/President, 
SuretyMail Email Reputation Certification and Inbox Delivery Assistance
http://www.SuretyMail.com/
http://www.SuretyMail.eu/

Attorney at Law / Legislative Consultant
Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal anti-spam law)
Author: The Email Deliverability Handbook
Member, California Bar Cyberspace Law Committee
Member, Colorado Cybersecurity Consortium
Member, Board of Directors, Asilomar Microcomputer Workshop
Member, Advisory Board, Cause for Awareness
Member, Board of Directors, Greenwood Wildlife Rehabilitation
Member, Elevations Credit Union Member Council
Former Chair, Asilomar Microcomputer Workshop
Ret. Professor of Law, Lincoln Law School of San Jose

Available for consultations by special arrangement.
amitch...@isipp.com | @AnnePMitchell
Facebook/AnnePMitchell  | LinkedIn/in/annemitchell

Re: DevOps workflow for networking

[Andrew Latham]

Related I am working on https://github.com/lathama/Adynaton and hope to get
parts into the Python Standard Library with help from some peers. Anyone
who wants to help out ping me off list.

On Fri, Aug 18, 2017 at 1:08 PM, Pete Lumbis  wrote:

> Awesome!
>
> I gave a presentation on CI/CD for networking last year at the Interop
> conference; my demo was based on Gitlab
> https://gitlab.com/plumbis/cumulus-ci-cd/
>
> I use Behave for testing, but it is just a front end for python code under
> the hood to actually validate that everything is doing what it's supposed
> to be doing.
>
> I did a little bit of work to try and get Ansible to do checking and
> validation in a playbook, but since Ansible isn't really a programming
> language it felt like putting a square peg in a round hole. I would
> recommend an actual programming language or testing frame work.
>
> Likely the biggest challenge you'll encounter is a lack of features in
> vendor VMs and the fact you can't change interface names. Generally, in
> production, we don't have "eth1, eth2, eth3" as the cabled up interfaces,
> so you end up needing to maintain two sets of configs (prod and test) or
> something to modify production configs on the fly, both of which are crummy
> options.
>
> From a workflow perspective, you can treat configuration like code and run
> full test suites when pull requests are issued and then use the test
> results as the basis for a change review meeting. Don't let humans talk
> about changes that we already know won't work.
>
> Glad to hear about other people seriously considering CI/CD in the network
> space, good luck!
>
> -Pete
>
> On Wed, Aug 9, 2017 at 8:52 PM, Kasper Adel  wrote:
>
> > We are pretty new to those new-age network orchestrators and automation,
> >
> > I am curious to ask what everyone is the community is doing? sorry for
> such
> > a long and broad question.
> >
> > What is your workflow? What tools are your teams using? What is working
> > what is not? What do you really like and what do you need to improve? How
> > mature do you think your process is? etc etc
> >
> > Wanted to ask and see what approaches the many different teams here are
> > taking!
> >
> > We are going to start working from a GitLab based workflow.
> >
> > Projects are created, issues entered and developed with a gitflow
> branching
> > strategy.
> >
> > GitLab CI pipelines run package loadings and run tests inside a lab.
> >
> > Tests are usually python unit tests that are run to do both functional
> and
> > service creation, modification and removal tests.
> >
> > For unit testing we typically use python libraries to open transactions
> to
> > do the service modifications (along with functional tests) against
> physical
> > lab devices.
> >
> > For our prod deployment we leverage 'push on green' and gating to push
> > package changes to prod devices.
> >
> > Thanks
> >
>



-- 
- Andrew "lathama" Latham lath...@gmail.com http://lathama.com
 -

Re: DevOps workflow for networking

[Pete Lumbis]

Awesome!

I gave a presentation on CI/CD for networking last year at the Interop
conference; my demo was based on Gitlab
https://gitlab.com/plumbis/cumulus-ci-cd/

I use Behave for testing, but it is just a front end for python code under
the hood to actually validate that everything is doing what it's supposed
to be doing.

I did a little bit of work to try and get Ansible to do checking and
validation in a playbook, but since Ansible isn't really a programming
language it felt like putting a square peg in a round hole. I would
recommend an actual programming language or testing frame work.

Likely the biggest challenge you'll encounter is a lack of features in
vendor VMs and the fact you can't change interface names. Generally, in
production, we don't have "eth1, eth2, eth3" as the cabled up interfaces,
so you end up needing to maintain two sets of configs (prod and test) or
something to modify production configs on the fly, both of which are crummy
options.

>From a workflow perspective, you can treat configuration like code and run
full test suites when pull requests are issued and then use the test
results as the basis for a change review meeting. Don't let humans talk
about changes that we already know won't work.

Glad to hear about other people seriously considering CI/CD in the network
space, good luck!

-Pete

On Wed, Aug 9, 2017 at 8:52 PM, Kasper Adel  wrote:

> We are pretty new to those new-age network orchestrators and automation,
>
> I am curious to ask what everyone is the community is doing? sorry for such
> a long and broad question.
>
> What is your workflow? What tools are your teams using? What is working
> what is not? What do you really like and what do you need to improve? How
> mature do you think your process is? etc etc
>
> Wanted to ask and see what approaches the many different teams here are
> taking!
>
> We are going to start working from a GitLab based workflow.
>
> Projects are created, issues entered and developed with a gitflow branching
> strategy.
>
> GitLab CI pipelines run package loadings and run tests inside a lab.
>
> Tests are usually python unit tests that are run to do both functional and
> service creation, modification and removal tests.
>
> For unit testing we typically use python libraries to open transactions to
> do the service modifications (along with functional tests) against physical
> lab devices.
>
> For our prod deployment we leverage 'push on green' and gating to push
> package changes to prod devices.
>
> Thanks
>

Re: Last Week's Canadian Fiber Cut

[Christopher Morrell]

Let’s not forget that all POTS and cell service was offline during the
outage - even for local and 911 service.

There is some high level of dependence on some equipment in Quebec and/or
westward which should not be there.

A double fault like that should not knock out all local service for 4 out
of 10 provinces. I would expect that an architectural review is under way.


On Wed, Aug 16, 2017 at 16:14 Paul Stewart  wrote:

> It wasn’t an issue getting transatlantic - it was an issue within a
> relatively small region in Eastern Canada talking to the rest of the world
> for certain carriers.  There were several smaller carriers/providers not
> affected - just happens the local incumbent telco and one of their larger
> competitors got knocked out …
>
>
> > On Aug 15, 2017, at 3:52 PM, Jared Mauch  wrote:
> >
> >
> >> On Aug 15, 2017, at 1:22 PM, Rod Beck 
> wrote:
> >>
> >> Did we ever get any resolution on why this was such a big outage?
> Appears there were two fiber cuts. Were the fibers damaged in the same
> conduit? Is this a collapsed ring scenario?
> >>
> >>
> >>
> http://www.cbc.ca/news/canada/newfoundland-labrador/concerns-about-backup-bell-outage-1.4239064
> >
> > Perhaps some transatlantic fallback?  It looks like the only cable out
> there is the Greenland one.. guessing that’s not very competitive?  It only
> gets you to Iceland it seems.
> >
> > - Jared
>
>

RE: (Network Orchestrators evaluation) : tail-f vs Anuta vs UBIqube vs OpenDaylight

[Christopher J. Wolff]

Haven't looked at Cisco DNA yet? 

-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Kasper Adel
Sent: Wednesday, August 9, 2017 8:02 PM
To: NANOG list 
Subject: (Network Orchestrators evaluation) : tail-f vs Anuta vs UBIqube vs 
OpenDaylight

Hi,

This is not a vendor bashing thread.

We are a group of networking engineers  less experience with software) in the 
middle of the process of procuring a network automation/orchestration 
controller, if that is even a good definition and we are clueless on how to 
evaluate them.

Other than the obvious, which is to try them out, i wonder what else is 
important to consider/watch out for.

We are presented with 3 different vendors and even OpenDayLight was considered 
as the open source alternative.

My humble thoughts are given below and i would appreciate getting 'schooled' on 
what i need to ask the vendors:

1) Are they Model driven : But i still don't know how to evaluate that.
2) Do they parse Cisco/Juniper CLI or they are limited to SNMP and YANG.
3) If they do parse, we want to check if they'll hold us by the balls if the 
current parsers need to be updated, i.e: can we change the code ourselves and 
add new features to be parsed.
4) Can they work/orchestrate between CLI devices and Non CLI devices (SNMP)
5) How flexible are they to support different Vendors (Cisco, Juniper,
some-weird-firewall...etc)

thanks,
Kim

Re: Google DNS --- Figuring out which DNS Cluster you are using

[Shaun]

On Wed, 23 Aug 2017 20:09:49 +
Erik Sundberg  wrote:

> Which Google DNS Server Cluster am I using. I am testing this from Chicago, IL
> 
> # dig o-o.myaddr.l.google.com -t txt +short @8.8.8.8
> "173.194.94.135" < above to get the cluster, Council Bluffs, IA
> "edns0-client-subnet 207.xxx.xxx.0/24"   
> Your Source IP Block

Worth noting, this record has TTL 60 and caching can cause unexpected
responses; you may have to try a few times to get the correct data. My
first attempt gave me an unrecognized "edns0-client-subnet" and a Google
IP from Finland when I was querying from Atlanta.

-s

Re: Google DNS --- Figuring out which DNS Cluster you are using

[Joe Hamelin]

Gee Chris, that's kind of an asinine response.  Erik took the time to let
us know about what he had found out, with a nice code snippet too.  I don't
have time in my job to just go surfing around google.com to see what is
there.  His mail took me about 2 minutes to read and now I know that such
info exists.

Thank you Erik!

--
Joe Hamelin, W7COM, Tulalip, WA, +1 (360) 474-7474

On Wed, Aug 23, 2017 at 5:10 PM, Christopher Morrow  wrote:

> On Wed, Aug 23, 2017 at 4:37 PM, i mawsog via NANOG 
> wrote:
>
> >
> > This is great.  Thanks for sharing .
> >
> > Sent from Yahoo Mail on Android
> >
> >   On Wed, Aug 23, 2017 at 1:11 PM, Erik Sundberg
> > wrote:   I sent this out on the outage list, with a lots of good feedback
> > sent to me. So I figured it would be useful to share the information on
> > nanog as well.
> >
> >
> > A couple months ago had to troubleshoot a google DNS issue with Google’s
> > NOC. Below is some helpful information on how to determine which DNS
> > Cluster you are going to.
> >
> > Let’s remember that Google runs DNS Anycast for DNS queries to 8.8.8.8
> and
> > 8.8.4.4. Anycast routes your DNS queries to the closes DNS cluster based
> on
> > the best route / lowest metric to 8.8.8.8/8.8.4.4.  Google has deployed
> > multiple DNS clusters across the world and each DNS Cluster has multiple
> > servers.
> >
> > So a DNS query in Chicago will go to a different DNS clusters than
> queries
> > from a device in Atlanta or New York.
> >
> >
> > How to get a list of google DNS Cluster’s.
> > dig -t TXT +short locations.publicdns.goog. @8.8.8.8
> >
> > How to print this list in a table format. Script from:
> > https://developers.google.com/speed/public-dns/faq
> > ---
> > #!/bin/bash
> > IFS="\"$IFS"
> > for LOC in $(dig -t TXT +short locations.publicdns.goog. @8.8.8.8)
> > do
> >   case $LOC in
> > '') : ;;
> > *.*|*:*) printf '%s ' ${LOC} ;;
> > *) printf '%s\n' ${LOC} ;;
> >   esac
> > done
> > ---
> >
> > Which will give you a list like below. This is all of the IP network’s
> > that google uses for their DNS Clusters and their associated locations.
> >
> > 74.125.18.0/26 iad
> > 74.125.18.64/26 iad
> > 74.125.18.128/26 syd
> > 74.125.18.192/26 lhr
> > 74.125.19.0/24 mrn
> > 74.125.41.0/24 tpe
> > 74.125.42.0/24 atl
> > 74.125.44.0/24 mrn
> > 74.125.45.0/24 tul
> > 74.125.46.0/24 lpp
> > 74.125.47.0/24 bru
> > 74.125.72.0/24 cbf
> > 74.125.73.0/24 bru
> > 74.125.74.0/24 lpp
> > 74.125.75.0/24 chs
> > 74.125.76.0/24 cbf
> > 74.125.77.0/24 chs
> > 74.125.79.0/24 lpp
> > 74.125.80.0/24 dls
> > 74.125.81.0/24 dub
> > 74.125.92.0/24 mrn
> > 74.125.93.0/24 cbf
> > 74.125.112.0/24 lpp
> > 74.125.113.0/24 cbf
> > 74.125.115.0/24 tul
> > 74.125.176.0/24 mrn
> > 74.125.177.0/24 atl
> > 74.125.179.0/24 cbf
> > 74.125.181.0/24 bru
> > 74.125.182.0/24 cbf
> > 74.125.183.0/24 cbf
> > 74.125.184.0/24 chs
> > 74.125.186.0/24 dls
> > 74.125.187.0/24 dls
> > 74.125.190.0/24 sin
> > 74.125.191.0/24 tul
> > 172.217.32.0/26 lhr
> > 172.217.32.64/26 lhr
> > 172.217.32.128/26 sin
> > 172.217.33.0/26 syd
> > 172.217.33.64/26 syd
> > 172.217.33.128/26 fra
> > 172.217.33.192/26 fra
> > 172.217.34.0/26 fra
> > 172.217.34.64/26 bom
> > 172.217.34.192/26 bom
> > 172.217.35.0/24 gru
> > 172.217.36.0/24 atl
> > 172.217.37.0/24 gru
> > 173.194.90.0/24 cbf
> > 173.194.91.0/24 scl
> > 173.194.93.0/24 tpe
> > 173.194.94.0/24 cbf
> > 173.194.95.0/24 tul
> > 173.194.97.0/24 chs
> > 173.194.98.0/24 lpp
> > 173.194.99.0/24 tul
> > 173.194.100.0/24 mrn
> > 173.194.101.0/24 tul
> > 173.194.102.0/24 atl
> > 173.194.103.0/24 cbf
> > 173.194.168.0/26 nrt
> > 173.194.168.64/26 nrt
> > 173.194.168.128/26 nrt
> > 173.194.168.192/26 iad
> > 173.194.169.0/24 grq
> > 173.194.170.0/24 grq
> > 173.194.171.0/24 tpe
> > 2404:6800:4000::/48 bom
> > 2404:6800:4003::/48 sin
> > 2404:6800:4006::/48 syd
> > 2404:6800:4008::/48 tpe
> > 2404:6800:400b::/48 nrt
> > 2607:f8b0:4001::/48 cbf
> > 2607:f8b0:4002::/48 atl
> > 2607:f8b0:4003::/48 tul
> > 2607:f8b0:4004::/48 iad
> > 2607:f8b0:400c::/48 chs
> > 2607:f8b0:400d::/48 mrn
> > 2607:f8b0:400e::/48 dls
> > 2800:3f0:4001::/48 gru
> > 2800:3f0:4003::/48 scl
> > 2a00:1450:4001::/48 fra
> > 2a00:1450:4009::/48 lhr
> > 2a00:1450:400b::/48 dub
> > 2a00:1450:400c::/48 bru
> > 2a00:1450:4010::/48 lpp
> > 2a00:1450:4013::/48 grq
> >
> >
> isn't this list also here:
> https://developers.google.com/speed/public-dns/faq#locations
>
> I mean, you could read the docs first to get the same answer, I think...
> right?
> I'm also pretty sure there are RIPE Atlas measurements of 8.8.8.8/8.8.4.4
> that could tell you from which source-asn a backend sees traffic from..
> right? (or with a tiny bit of thought one could be proposed/executed)
>
>
> > There are
> > IPv4 Networks: 68
> > IPv6 Networks: 20
> > DNS Cluster’s Identified by POP Code’s: 20
> >
> > DNS Clusters identified by POP Code to City, State, or Country. 

RE: Creating a Circuit ID Format

[Jameson, Daniel]

What's the intended use of the Circuit ID?  Internal ID, Stickered Customer 
CPE;  Planning to carry other carriers circuits?  With so many virtual 
components in circuits now,  Where the circuit ID used to have some useful 
information, it's been largely reduced to a minimum amount of information that 
can get a customer/service tech in touch with the right tech support group.  
It's a-typical to provide a circuit-id for residential customers,  they're 
typically reserved for business class services although there isn't anything 
that would prevent it other than managing the data/changes.

29/EC00/123456/002/MYCO/0
(prefix 2) usually a form of where the service originates (Commonly where the 
IP address is provisioned)
Service type - format is up to the circuit owner.
A common syntax is: 
First digit identifies the service delivery type -  E = Ethernet A=ATM 
S=Sonet P=PON ...
Second digit identifies the physical delivery type.
A=64K
B=1.5Mbps
C=25Mbps
D=45Mbps(STS1)
E=100Mbps
F=155Mbps(oc3)
G=100Mbps
H=466Mbps(oc9)
I=622Mbps(oc12)
J=1Gbps
K=1.5Gbps
L=2.5G
M=10Gbps (oc192)
N=13Gbps(oc255)
O=25gpbs
P=40Gbps(OC768)
Q=100G
...
   Third and fourth digits identify the fractional provisioned rate as a %
00=100%
10=10%
  25=25%
Serial number -  6 digit alphanumeric serial number usually encoded with 
cust/location/
Suffix - used if cust/location for circuit count. Or generically as circuit 
count. (customer has 2 10G)

Company Code - use up to 4 letter (this is the controller of the circuit)

Segment - if it's a multi-segment circuit.  Occasionally used to denote if a 
circuit is protection.









-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Colton Conor
Sent: Monday, August 21, 2017 2:26 PM
To: NANOG
Subject: Creating a Circuit ID Format

We are building a new fiber network, and need help creating a circuit ID format 
to for new fiber circuits. Is there a guide or standard for fiber circuit 
formats? Does the circuit ID change when say a customer upgrades for 100Mbps to 
1Gbps port?

What do the larger carriers do? Any advice on creating a circuit ID format for 
a brand new fiber network?


 Originally we ran a CLEC using a LECs copper, and our circuit ID was 
historically a telephone number for DSL circuits. The ILEC had a complex method 
for assigning circuit IDs.

I am sure anything will work as long as you keep track of it, but any advice 
would be great!

Re: Creating a Circuit ID Format

[Allan Eising]

Excerpts from Colton Conor's message of August 21, 2017 10:26 pm:

We are building a new fiber network, and need help creating a circuit ID
format to for new fiber circuits. Is there a guide or standard for fiber
circuit formats? Does the circuit ID change when say a customer upgrades
for 100Mbps to 1Gbps port?

What do the larger carriers do? Any advice on creating a circuit ID format
for a brand new fiber network?


 Originally we ran a CLEC using a LECs copper, and our circuit ID was
historically a telephone number for DSL circuits. The ILEC had a complex
method for assigning circuit IDs.

I am sure anything will work as long as you keep track of it, but any
advice would be great!



Hi,

I see you have already received some very good suggestions.

The key for me with circuit IDs are that they have to integrate well in your
backend systems as well as your products. 


There is little point in creating a telcordia-like system if you will have
trouble filling in all the fields in an automated way, just like it can be
troublesome to keep an incrementing number accurate, if you don't have a good
central database to track it in.

Avoid creating a number system where the A-end and B-end is part of the ID
if you have (or ever will have) logical multi-point circuits.

Also avoid having circuit numbers that take assumptions of your country of
operation if you ever have to deliver something cross-border.

I happen to like the format of PREFIX-NUMBERS, where the prefix indicates some
sort of broad type, and with such a form it is important not to have too
restrictive prefix types. For example consider only having Fiber, Copper, and
logical as types, or whatever makes sense in your operation. With too many
similar types comes the risk of having disparity between what your circuit ID
suggests, and what is actually out there.

I would suggest that you keep separate IDs for the actual fiber in the ground,
and the service the customer buys.

That way you can track the customer subscription, modify the parameters of it,
if the customer upgrades his speed, but separately track your fiber deployment.

At a previous employer we had to implement Service IDs on an already existing
network where everything previously had been using only the actual fiber IDs,
and that was a painful process, so it's better to get these things right as
early as possible.

--
Best Regards
Allan Eising
IP Network Engineer
NORDUnet A/S

m: eis...@nordu.net
w: http://www.nordu.net

Re: Creating a Circuit ID Format

[Nick W]

More information for AT circuit IDs, could give some ideas:
http://etler.com/docs/AT/ATTCCGTab11.pdf

On Mon, Aug 21, 2017 at 7:41 PM, Tim Pozar  wrote:

> Could start looking at the AT/Telecordia standards for this sort of
> thing...
>
> https://en.wikipedia.org/wiki/Circuit_ID
> http://www.centurylink.com/wholesale/systems/WebHelp/
> reference/circuit_id_formats_guide.htm
>
> On 8/21/17 1:26 PM, Colton Conor wrote:
> > We are building a new fiber network, and need help creating a circuit ID
> > format to for new fiber circuits. Is there a guide or standard for fiber
> > circuit formats? Does the circuit ID change when say a customer upgrades
> > for 100Mbps to 1Gbps port?
> >
> > What do the larger carriers do? Any advice on creating a circuit ID
> format
> > for a brand new fiber network?
> >
> >
> >  Originally we ran a CLEC using a LECs copper, and our circuit ID was
> > historically a telephone number for DSL circuits. The ILEC had a complex
> > method for assigning circuit IDs.
> >
> > I am sure anything will work as long as you keep track of it, but any
> > advice would be great!
> >
>

AT NOC contact?

[Sahil Ganguly via NANOG]

Hello,

Is there someone at AT on the mailing list I can talk to regarding a
possible routing loop getting from AT to Box?

Thanks!

-- 
Sahil Ganguly
Senior Network Operations Engineer


M: 303.250.8893
900 Jefferson Ave
Redwood City, CA 94063

Re: Last Week's Canadian Fiber Cut

[Paul Stewart]

Yeah good point Chris …. Got thinking about this too much from an IP 
perspective :)



> On Aug 16, 2017, at 6:29 PM, Christopher Morrell 
>  wrote:
> 
> Let’s not forget that all POTS and cell service was offline during the outage 
> - even for local and 911 service. 
> 
> There is some high level of dependence on some equipment in Quebec and/or 
> westward which should not be there.
> 
> A double fault like that should not knock out all local service for 4 out of 
> 10 provinces. I would expect that an architectural review is under way. 
> 
> 
> On Wed, Aug 16, 2017 at 16:14 Paul Stewart  > wrote:
> It wasn’t an issue getting transatlantic - it was an issue within a 
> relatively small region in Eastern Canada talking to the rest of the world 
> for certain carriers.  There were several smaller carriers/providers not 
> affected - just happens the local incumbent telco and one of their larger 
> competitors got knocked out …
> 
> 
> > On Aug 15, 2017, at 3:52 PM, Jared Mauch  > > wrote:
> >
> >
> >> On Aug 15, 2017, at 1:22 PM, Rod Beck  >> > wrote:
> >>
> >> Did we ever get any resolution on why this was such a big outage? Appears 
> >> there were two fiber cuts. Were the fibers damaged in the same conduit? Is 
> >> this a collapsed ring scenario?
> >>
> >>
> >> http://www.cbc.ca/news/canada/newfoundland-labrador/concerns-about-backup-bell-outage-1.4239064
> >>  
> >> 
> >
> > Perhaps some transatlantic fallback?  It looks like the only cable out 
> > there is the Greenland one.. guessing that’s not very competitive?  It only 
> > gets you to Iceland it seems.
> >
> > - Jared
> 

Contact at Charter Communications?

[Chris Rhode]

Hello,

I apologize if this is not the appropriate place to ask, however we have 
been trying to get in touch with someone at Charter Communications to 
see if they are blocking part of our IP range and have been unsuccessful 
in getting in touch with anybody.  I've contacted both the email address 
and called the phone number listed under the tech contact for 
brighthouse.com (which is the domain in question) listed on 
whois.icann.org and have not received any response.  Would someone 
please contact me off-list with someone who I might be able to reach out 
to in order to check on this?


Thank you!
--

*Chris Rhode
*Network Engineer

University of South Florida – Information Technology
crh...@usf.edu 

Re: AS29073, 196.16.0.0/14, Level3: Why does anyone peer with these schmucks?

[Troy Mursch]

This discussion is not pertaining to a customer of a network service
provider.  Ecatel / Quasi Networks (AS29073) has an established track
record of ignoring abuse requests for years.  So much so they are now in
legal trouble, per court documents published on August 14:
https://uitspraken.rechtspraak.nl/inziendocument?id=ECLI:NL:RBDHA:2017:9026


(Use Google Translate if you can’t read Dutch)


Setting aside the child porn, phishing sites, route hijacking, copyright
infringement, and large-scale outbound hacking activities - why would
anyone peer with another AS who deliberately ignores abuse requests?


Yesterday I spoke with BREIN, the organization leading case against
AS29073, they advised, "Our effort is aimed at outing the actual people
behind it so they can be held responsible."

If anyone has information regarding AS29073 and would like to share it with
BREIN you can submit it via this web form:
https://stichtingbrein.nl/contact.php

__

*Troy Mursch*

Bad Packets Report 

(702) 509-1248

On Mon, Aug 14, 2017 at 1:17 PM, Siegel, David 
wrote:

> If you believe that a customer of a network service provider is in
> violation of that service providers AUP, you should email
> ab...@serviceprovider.net.  Most large networks have a security team that
> monitors that email address regularly and will cooperate with you to
> address the problem.
>
> Dave
>
>
>
>
> -Original Message-
> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Ronald F.
> Guilmette
> Sent: Monday, August 14, 2017 1:50 PM
> To: nanog@nanog.org
> Subject: AS29073, 196.16.0.0/14, Level3: Why does anyone peer with these
> schmucks?
>
>
> Sorry for the re-post, but it has been brought to my attention that my
> inclusion, in my prior posting, of various unsavory FQDNs resolving to
> various IPv4 addresses on AS29073 has triggered some people's spam
> filters.  (Can't imagine why. :-)  So I am re-posting this message now,
> with just a link to where those shady FQDNs and their current forward
> resolutions may be found.  (I also took the opportunity to clean up some
> minor typos.)
>
> %%%
>
> I think that this is primarily Level3's problem to fix.  But you be the
> judge.  Please, read on.
>
> +_+_+_+_+_+_+_+_
>
> Over the weekend, I stumbled upon an interesting blog calld "Bad Packets",
> where a fellow named Troy has written about various unsavory goings on
> involving various newtorks.  One network that he called out in particular
> was AS29073, formerly called "Ecatel".  on his blog, this fellow Troy has
> noted at length some break-in attempts originating from AS29073 and his
> inability to get anyone, in particular RIPE NCC, to give a damn.
>
> https://badpackets.net/the-master-needler-80-82-65-66/
> https://badpackets.net/a-conversation-with-ripe-ncc-regardin
> g-quasi-networks-ltd/
> https://badpackets.net/quasi-networks-responds-as-we-witness
> -the-death-of-the-master-needler-80-82-65-66-for-now/
>
> The fact that RIPE NCC declined to accept the role of The Internet Police
> didn't surprise me at all... they never have and probably never will.
> But I decided to have a quick look at what this newtork was routing, at
> present, which can be easily see here:
>
> http://bgp.he.net/AS29073#_prefixes
>
> So I was looking through the announced routes for AS29073, and it all
> looked pretty normal... a /24 block, check, a /24 block, check, a /21 block
> check... another /24 block, and then ... WAIT A SECOND!  HOLY MOTHER OF
> GOD!  WHAT'S THIS???  196.16.0.0/14 !!!
>
> So how does a little two-bit network with a rather dubious reputation and
> a grand total of only about a /19 to its name suddenly come to be routing
> an entire /14 block??
>
> And of course, its a legacy (abandoned) Afrinic block.
>
> And of course, there's no reverse DNS for any of it, because there is no
> valid delegation for the reverse DNS for any of it... usually a good sign
> that whoever is routing the block right now -does not- have legit rights to
> do so.  (If they did, then they would have presented their LOAs or whatever
> to Afrinic and thus gotten the reverse DNS properly delegated to their own
> name servers.)
>
> I've seen this movie before.  You all have.  This gives every indication
> of being just another sad chapter in the ongoing mass pillaging of unused
> Afrinic legacy IPv4 space, by various actors with evil intent.
> I've already documented this hightly unfortunate fad right here on
> multiple occasions:
>
> https://mailman.nanog.org/pipermail/nanog/2016-November/089232.html
> https://mailman.nanog.org/pipermail/nanog/2017-August/091821.html
>
> This incident is a bit different from the others however, in that it -does
> not- appear that the 196.16.0.0/14 block has been filed to the brim with
> snowshoe spammers.  Well, not yet anyway.
>
> But if in fact the stories are correct, and if 

Re: Last Week's Canadian Fiber Cut

[Fletcher Kittredge]

There is a third route from Halifax -> New Brunswick -> Portland, ME ->
[Albany, Boston]

On Tue, Aug 15, 2017 at 4:07 PM, Clinton Work  wrote:

> I can't speak for the Bell Aliant network, but I'm only aware of two
> diverse fiber routes out of Halifax, Nova Scotia.   Halifax -> New
> Brunswick -> Quebec City is the Canadian route and Halifax -> Boston is
> the diverse route.
>
> On Tue, Aug 15, 2017, at 01:52 PM, Jared Mauch wrote:
> > Perhaps some transatlantic fallback?  It looks like the only cable out
> > there is the Greenland one.. guessing that’s not very competitive?  It
> > only gets you to Iceland it seems.
> >
>
>


-- 
Fletcher Kittredge
GWI
207-602-1134
www.gwi.net

Re: Google DNS --- Figuring out which DNS Cluster you are using

[Bjørn Mork]

Stephane Bortzmeyer  writes:

> On Thu, Aug 24, 2017 at 10:53:58AM +1000,
>  Mark Andrews  wrote 
>  a message of 39 lines which said:
>
>> If Google was being sensible the servers would just return the
>> information along with the answer.  They all support EDNS.
>
> I fully agree with you that NSID (RFC 5001) is great and Google should
> really deploy it.

+1 for NSID! Should be mandatory for anycast DNS, IMHO.  I don't
understand why Google haven't enabled it.


> However:
>
>> e.g. dig +nsid @8.8.8.8
>
> I assume that Google wants also to be debuggable by people who work on
> inferior operating systems, and have no dig. Hence this trick. For
> instance, L.root-servers.net has both NSID and a special name,
> identity.l.root-servers.org (see RFC 7108).

As you state, there is no problem providing both.  Or an infinite number
of special names if they like.  But NSID provides something none of the
special names can.  Quoting the justification in the intro of RFC5001:

   Given that a DNS query is an idempotent operation with no retained
   state, it would appear that the only completely reliable way to
   obtain the identity of the name server that responded to a particular
   query is to have that name server include identifying information in
   the response itself.


Sometimes it just isn't enough to know which server answered the
previous or next requests.



Bjørn

Re: Google DNS --- Figuring out which DNS Cluster you are using

[Stephane Bortzmeyer]

On Thu, Aug 24, 2017 at 10:53:58AM +1000,
 Mark Andrews  wrote 
 a message of 39 lines which said:

> If Google was being sensible the servers would just return the
> information along with the answer.  They all support EDNS.

I fully agree with you that NSID (RFC 5001) is great and Google should
really deploy it. However:

> e.g. dig +nsid @8.8.8.8

I assume that Google wants also to be debuggable by people who work on
inferior operating systems, and have no dig. Hence this trick. For
instance, L.root-servers.net has both NSID and a special name,
identity.l.root-servers.org (see RFC 7108).