Re: Speedtest Results speedtest.net vs Mikrotik bandwidth test
I have paid the ransom. Actually we pay it on a recurring basis even. ;) As for what it peaks at, good question. The infrastructure we run it on is going to be the problem at some point, although currently has not proven to be a limiting factor to the best of my knowledge. Our customers see valid results... I mean obviously it's not showing their link speed, it is showing the characteristics of their connectivity to our speed test server. We use a couple of threads on the download test and if I take results, divide by number of threads, look at the connection characteristics and do the math to estimate throughput, there is at least usable parity there. But it's really useful for our support team when a customer is complaining about some kind of bandwidth/latency issue into our cloud. We have some people in far places with 300+ms latency and 30+ms jitter, etc, trying to use interactive sessions. Oh and to be more correct, we actually have the whole Ookla Line Quality package. Very useful for us. Also, customers seem to love the whole flash animation thing. Its what web users expect these days... it's really been a great experience for everyone... no complaints on our end, aside from price, but I am always complaining about that. For those trying to just jam bits through a pipe to see if their last mile is performing, slightly less useful unless there is one at their ISP, but that is not our use case. -Carl On Wed, Apr 3, 2013 at 8:02 PM, Warren Bailey wbai...@satelliteintelligencegroup.com wrote: I guess the Speedtest servers near metro areas do probably get pretty beat up. Has anyone paid the Ookla ransom for their own public server? I'd be really curious to see what they peak at. Sent from my T-Mobile 4G LTE Device -- *Carl Rosevear* Manager of Operations *Skytap, Inc. | The Intuitive Enterprise Cloud* crosev...@skytap.com | O: 206-588-8899 | F: 206-624-2214 Follow us: Blog http://blog.skytap.com/ | Twitterhttp://twitter.com/#!/skytap | LinkedIn http://www.linkedin.com/company/skytap
Re: Cheap Juniper Gear for Lab
Yeah, I have to apply the term awful and annoying to the packet
mode implementation on SRX/J-series. Anyway, I spent *hours* with JTAC
on the phone trying to get the thing to just pass packets. Best part
was, I didn't know how to do it and nor did they! I escalated, worked
with many engineers. My key statement was I just want my router to
route. Make it do what it is supposed to do. No session tracking!
This is not a firewall. So, now it doesn't require valid sessions to
pass packets but it does still appear to *track* sessions in some
tables and I am, of course, very curious when some attack vector will
fill up some table.
Anyway, not the best devices for an edge router that is for sure.
Which is too bad... for very small DC edge applications, the J6350
was a pretty cool router in earlier versions of JunOS that didn't
decide to re-engineer your network and transit for you.
Anyway I digress. But this had, in the past, been a frustrating
enough issue for me that I had to share.
--Carl
On Tue, Apr 10, 2012 at 6:30 PM, Owen DeLong o...@delong.com wrote:
On Apr 10, 2012, at 6:02 PM, Mark Kamichoff wrote:
On Tue, Apr 10, 2012 at 11:57:31AM -0700, Owen DeLong wrote:
The fact that you can't put it into flow mode.
s/flow/packet/
(oops, wasn't awake yet)
Actually, this is possible:
prox@asgard show configuration security
forwarding-options {
family {
inet6 {
mode packet-based;
}
mpls {
mode packet-based;
}
}
}
The above is from an SRX210B, but the same configuration will work on
any J-series or /branch/ SRX-series platform.
Right, sort of. To the extent that it works. It doesn't actually do
everything you
think it should, and, it's somewhat dependent on the version of JunOS as to
how well it does or doesn't work.
Don't let the mpls keyword throw you off. This actually causes the
box to run the inet /and/ mpls address families in packet mode.
I'm not unfamiliar or uninitiated in this regard. I had tickets with Juniper
for
over a year and it escalated quite high up their escalation chain before they
finally admitted Yeah, Services JunOS is different and it behaves differently
and if you need to do what you're trying to do, you should buy an M or MX
series.
It's quite unfortunate. I'd really like for the SRX series to not be so
crippled for
my purposes.
Owen
--
Carl Rosevear
Manager of Operations
Skytap, Inc.
direct (206) 588-8899
Re: Ham Radio Networking (was Re: Rogers Canada using 7.0.0.0/8 for internal address space)
Used to run IP over AX.25 using KA9Q JNOS back in the day. HF at 300 baud simplex / half-duplex and VHF 144 Mhz at 1200 with similar characteristics. I bought some 9600 baud gear at one point but never got it all put together before moving on to the regular internet and (somewhat unfortunately) not really looking back. I remember transferring some uuencoded gifs via smtp... a couple of days later, if you were lucky, it would complete. I learned about how protocols communicate watching packet traces in KA9Q JNOS when I was about 14 years old. It was really easy when there were guaranteed to be multiple seconds between packets. I remember being 14 and feeling pretty suave when I figured out how to telnet into an SMTP server to send mail... of course that is old hat but still good common troubleshooting these days! de KB7LIG --Carl On Thu, May 26, 2011 at 8:13 AM, Jack Carrozzo j...@crepinc.com wrote: Me personally? No, but I have used it. IP over 9600baud serial actually isn't that bad for IRC when you're in the middle of the woods and all. You want slow... read about winlink2000, the email/messaging system for hams and emergency response. It's PSK on HF, meant to be reliable but if you get more than 400bps you are doing GREAT! It's so slow that you can run the software on two laptops using the sound cards, and they'll talk across the room via speakers and mics no problem. It sounds kinda like robots rapping. -Jack Carrozzo On Thu, May 26, 2011 at 11:06 AM, Christopher Pilkington c...@0x1.netwrote: On Thu, May 26, 2011 at 11:03 AM, Jack Carrozzo j...@crepinc.com wrote: Nope, mostly HF (under 30mhz) gear at 300baud. Yes, you read that right. You are running IP on this? And I though 1200 bauds half duplex was slow. -- Carl Rosevear Manager of Operations Skytap, Inc. direct (206) 588-8899
Re: Ham Radio Networking (was Re: Rogers Canada using 7.0.0.0/8 for internal address space)
Yeah, so... the thing is there really are benefits to ham radio for the community. I 100% believe in that. And yes, there are a lot of neck beards but, honestly, look at some pictures from a NANOG meeting! ;) I have been massively inactive in Amateur Radio for some time. I miss it. However I am acutely aware of how ham plays a very valuable, amazing role in emergency situations. Even on a small scale, during the last Seattle snow (which was pretty much a joke by the standards of any place that gets real snow) I know that Seattle ACS was coordinating emergency transportation for dialysis patients that could not find transportation, things like that. Things that no right-minded taxpayer wants to pay for the gov to operate on a continous basis but things that are really absolutely necessary! In the California earthquakes, ham has often been the only remaining method of emergency communications. Now, did 44/8 help in any of that? I honestly don't know. Does ampr.org really need a /8? That is probably a very reasonable question. Honestly I think there are other protocol stacks that perform much better for digital transmission than IP on ham radio anyway. Is it being managed tightly? I'd say not in some ways... I am very glad to see this still exists from a personal perspective but I haven't used IP over ham in over 15 years and, well: dhcp182:~ carlr$ dig kb7lig.ampr.org ; DiG 9.6.0-APPLE-P2 kb7lig.ampr.org ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 45474 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;kb7lig.ampr.org. IN A ;; ANSWER SECTION: kb7lig.ampr.org.14400 IN A 44.24.100.9 ;; Query time: 217 msec ;; SERVER: 10.1.0.248#53(10.1.0.248) ;; WHEN: Thu May 26 17:27:07 2011 ;; MSG SIZE rcvd: 49 But so here is a system that is capable of playing a key role in improving many peoples' lives (if actually used), helping in emergencies, assisting during armageddon (?), etc. There are an awful lot of netblocks that are used for much less valid things (IMHO)... but since those make money, everyone endorses it and considers it proper. I fully support ham radio retaining a decent block. Why don't we all just speed along this IPv6 adoption thing here. If anyone deserved to be allowed to avoid IPv6 is is ham radio. Just the increase in address size might add another 12 hours to my image transfer! But seriously. I am a networking professional but also a ham. I could see looking into shrinking the .ampr.org 44/8 allocation, and if the right decisions were made I could even support it. But really I would vote for improved IPv6 adoption by everyone else as well as better address utilization by commercial entities before trying to strip this away from ham radio. As for the note about spectrum: ham radio has TINY amounts of spectrum. I haven't done the math in years / looked at the numbers but I think a couple of local TV broadcasts take up more spectrum than all of the worldwide ham bands combined. So seriously? Really? All that said, IPv4 exhaustion is scary, including to me. I realize the world won't come crashing down but the potential business implications are pretty staggering. Couple of notes: my opinion, not necessarily my employers. also, I have not been involved in .ampr.org politicking since I was a teen-ager so I prolly don't have all of the facts. Please convert any flames to educational status. :) Thanks, --carl KB7LIG On Thu, May 26, 2011 at 3:07 PM, Jaime Magiera ja...@sensoryresearch.net wrote: On May 26, 2011, at 5:02 PM, Jack Carrozzo wrote: I reckon it'd be about as hard to get back 44/8 as 11/8, but with more neckbeards. Anytime the fcc tries to reclaim frequencies all these guys come out of the wood work with the magic phrase 'emergency communications' and some congressmen get on their side about it. It will be amusing to see, yes. out of the woodwork from our cold dead hands. /out of the woodwork kd8mzn -- Carl Rosevear Manager of Operations Skytap, Inc. direct (206) 588-8899
Re: Netflix Is Eating Up More Of North America's Bandwidth Than Any Other Company
Eating Up sounds so overweight and unhealthy. Since a good number of us get paid for delivering bits, isn't this a good thing? Always glad to see bits and dollars flowing into the Internet, personally. However must express severe dissatisfaction with the topic of the thread a while ago referencing Comcast trying to charge providers for delivery over their network. Maybe I'm wrong, but I'm pretty happy with the current model... even if it means a $5/month residential rate hike (or something). --C
Re: Youtube Geolocation
I have had this same problem, followed Google's forms, etc... they never seem to fix it. Its really annoying. This is an epic fail on the part of Google in my opinion. My netblocks all show Seattle in whois... my routing is obviously here... I don't think we have an official address in the UK listed on anything. How does Google get this information? Why don't they possibly ever do anything about it? It makes Google's properties perform abysmally to a large percentage of our customer base. And then we get blamed for it. And Google does nothing, even after submitting the web form that clearly states that they will not get back to us about it but will try to resolve the issue. Its quite hideous really. Its in everyone's worst interest. How about maybe trusting my whois data? If whois data leads to incorrect results then it is in the netblock owners' best interest to update the whois data if they want to be directed efficiently with gslb/etc that uses whois data as the source. And I've been working with ip-geo stuff for years... I understand that a lot of effort has gone into making it better than the whois data... but every other freaking IP geolocator I type my IP into properly recognizes the addresses are in Seattle... why not Google? Anyway, I at the very least commiserate with you if I'm not perhaps making some passive-aggressive cry for help from Google or anyone else with a clue bat about this issue. :) Thanks! --C On Thu, Apr 21, 2011 at 2:36 PM, Dan White dwh...@olp.net wrote: We're experiencing very poor quality with You Tube, and it appears we're subject to a bad entry within a geolocation database somewhere. When we attempt to view videos, the contact comes back to us from IPs like: 208.117.226.21 (traceroute's through Frankfurt) 173.194.50.47 74.125.100.29 All of those IPs are 125ms away from us (67.217.144.0/20, and 216.14.144.0/20). However, we've never experienced redirection problems with Google before (we always land at www.google.com), so I'm not sure where to take our trouble. The page at: http://www.google.com/support/websearch/bin/request.py?contact_type=ip isn't of much help as it assumes the problem is google.com redirection. Are there any contacts at Youtube who could provide some assistance? Thanks, -- Dan White -- Carl Rosevear Manager of Operations Skytap, Inc. direct (206) 588-8899
Re: Youtube Geolocation
Quova, Maxmind, and others all return accurate results for everything of ours I have tested. Some of the IPs in question have been properly assigned or delegated to us for several years in whois. But yeah, thanks for the input... I actually hadn't checked Quova until now. Perhaps Google rolls their own... --Carl On Thu, Apr 21, 2011 at 3:29 PM, Mike Schoenfeld mike.schoenf...@mediatek.com wrote: I don't know what Google uses but any company using F5 equipment is using Quova geolocation services. You can request updates and check your circuit here: http://www.quova.com/what/request-ip-update/ The problem is that the F5 devices don't update the database files automatically, they need to be manually updated. Unless I get a specific request at my company I don't bother updating on a regular basis. -Mike -Original Message- From: Carl Rosevear [mailto:crosev...@skytap.com] Sent: Thursday, April 21, 2011 6:19 PM To: nanog@nanog.org Subject: Re: Youtube Geolocation I have had this same problem, followed Google's forms, etc... they never seem to fix it. Its really annoying. This is an epic fail on the part of Google in my opinion. My netblocks all show Seattle in whois... my routing is obviously here... I don't think we have an official address in the UK listed on anything. How does Google get this information? Why don't they possibly ever do anything about it? It makes Google's properties perform abysmally to a large percentage of our customer base. And then we get blamed for it. And Google does nothing, even after submitting the web form that clearly states that they will not get back to us about it but will try to resolve the issue. Its quite hideous really. Its in everyone's worst interest. How about maybe trusting my whois data? If whois data leads to incorrect results then it is in the netblock owners' best interest to update the whois data if they want to be directed efficiently with gslb/etc that uses whois data as the source. And I've been working with ip-geo stuff for years... I understand that a lot of effort has gone into making it better than the whois data... but every other freaking IP geolocator I type my IP into properly recognizes the addresses are in Seattle... why not Google? Anyway, I at the very least commiserate with you if I'm not perhaps making some passive-aggressive cry for help from Google or anyone else with a clue bat about this issue. :) Thanks! --C On Thu, Apr 21, 2011 at 2:36 PM, Dan White dwh...@olp.net wrote: We're experiencing very poor quality with You Tube, and it appears we're subject to a bad entry within a geolocation database somewhere. When we attempt to view videos, the contact comes back to us from IPs like: 208.117.226.21 (traceroute's through Frankfurt) 173.194.50.47 74.125.100.29 All of those IPs are 125ms away from us (67.217.144.0/20, and 216.14.144.0/20). However, we've never experienced redirection problems with Google before (we always land at www.google.com), so I'm not sure where to take our trouble. The page at: http://www.google.com/support/websearch/bin/request.py?contact_type=ip isn't of much help as it assumes the problem is google.com redirection. Are there any contacts at Youtube who could provide some assistance? Thanks, -- Dan White -- Carl Rosevear Manager of Operations Skytap, Inc. direct (206) 588-8899 * Email Confidentiality Notice The information contained in this e-mail message (including any attachments) may be confidential, proprietary, privileged, or otherwise exempt from disclosure under applicable laws. It is intended to be conveyed only to the designated recipient(s). Any use, dissemination, distribution, printing, retaining or copying of this e-mail (including its attachments) by unintended recipient(s) is strictly prohibited and may be unlawful. If you are not an intended recipient of this e-mail, or believe that you have received this e-mail in error, please notify the sender immediately (by replying to this e-mail), delete any and all copies of this e-mail (including any attachments) from your system, and do not disclose the content of this e-mail to any other person. Thank you! -- Carl Rosevear Manager of Operations Skytap, Inc. direct (206) 588-8899
Re: Advice regarding Cisco/Juniper/HP
That's strange, I abhor the Cisco way of doing VLANs and love the HP/Procurve method. What do you find so irritating? I find it irritating because I am often running thousands of vlans and do not want to explicitly type them all out in the config or to have to do so with a script. `switch trunk allowed vlan 2-3000` is much more awesome, for me. ---Carl
Re: Advice regarding Cisco/Juniper/HP
The main problem with HP switches and their 'free software upgrades' is that there are regularly bugs and regressions in the software and their solution is to have you 'oh just update the software'... this is not always practical in a production environment. And other weirdnesses. I like their gear for office networks, etc but I, personally, would keep it out of the DC and resist it in general as much as possible. A lot better than stringing a bunch of Linksys together but really not on par with real Cisco or Juniper. Close enough though that if you engineer around the effect of the constant software upgrades, etc, they can be a good play. Most networks I have worked on would rather get rid of their HPs and try to do so whenever they can take the outage / afford the new gear / etc. When I was a consultant in a more rural area, I pushed HP switches because businesses needed to operate on the cheap, would NOT buy Cisco due to price, etc... but I do find HP better than most of the other brands in that price range in regard to configurability, feature set, and reliability. -Carl
Re: the alleged evils of NAT, was Rate of growth on IPv6 not fast enough?
I'm not normally one to respond to NANOG messages with opinions but... Yeah, NAT broke the internet. Yes you can engineer around it. There is NO reason to hold onto NAT as a standard. With v6 we have the opportunity to do it right (or at least semi-right) from the beginning, lets not choose to break it all from the beginning. Don't worry, if you understand basic routing these concepts shouldn't be hard for you. And don't worry, there is still plenty of market for residential firewalls and all but yeah maybe they'll actually have to be a firewall/router as opposed to just a NAT box. So there is my opinion; I don't understand why anyone thinks NAT should be a fundamental part of the v6 internet even after reading almost every message in this thread. It is just a stop-gap v4 measure and yeah, before people understood real security it was a security thing. Lets just move ahead with the good stuff! There'll be plenty of legacy/nostalgia around for years for those who still want to work with it. Just an opinion, Carl
IPv6 Confusion
So, I understand the main concepts behind IPv6. Most of my peers understand. We all have a detailed understanding of most things IPv4. I have Googled and read RFCs about IPv6 for HOURS. That said, to quickly try to minimize people thinking I am an idiot who asks before he reads, I need some answers. First of all, several of my friends who feel they are rather authoritative on the subject of things network-related have given me conflicting answers. So what's the question? ... How does IPv6 addressing work? I know it's been hashed and rehashed but several orgs I am associated with are about to ask for their allocations from ARIN and we are all realizing we don't really know how the network / subnet structure trickles down from the edge to the host. We really don't have a firm grasp of all of this as there seems to be multiple options regarding how many addresses should be assigned to a host, if the MAC address should be included in the address or if that is just for auto-configuration purposes or what the heck the deal is. There are a lot of clear statements out there and a lot that are clear as mud. Unfortunately, even when trying to analyze which RFC superseded another. Can I just subnet it all like IPv4 but with room to grow or is each host really going to need its own /84 or something? I can't see why hosts would need any more addresses than today but maybe I'm missing something because a lot of addressing models sure allow for a huge number of unique addresses per host. My buddy and I are about to go to Barnes and Noble, not having and luck with standard internet media but then we realized... how will we know if any of that is really what we are looking for either? From what I can tell, this may still be a question of great debate. Everyone seems to act like they know exactly what's going on but behind closed doors admits that they don't really know x, y, or z. I realize this is typical of my industry and even myself from time to time. J But so I am truly reaching out here. What is the deal with IPv6 addressing and subneting? Where is the official guide to this new galaxy? I will be sure to pass this information on to my equally less clueful peers to the benefit of all of us that are making this transition. There are people here at my company that seem to get it but can't seem to explain it clearly to me. To me, its basically just larger addressing space with some new logical boundaries But there are so many discussions of potential addressing methods that I am confused. I know from my lab setups that I can make it work but I'd like to do it right. J I've been doing this for over 10 years now... IPv4 is native to me. If you can point me in the direction of some good, authoritative information or even say Dood, go get IPv6 for dummies, that's fine I just need to know where to find some good information. Can someone say well, you know how it would be nice to have like 100 different addresses on hosts to differentiate services and blah blah Well now that's what you account for and so then you know how a /24 almost always ends up being tight in IPv4? Right, so think of your basic bit boundaries that you adhere to as /?? And /??? In IPv6. Or Throw all that old thought out the window. Now its kind of like how the Ford Probe is actually a Mazda... ummm Yeah I can't really explain it either but it makes sense. Here read this book and it'll make sense to you too. Respectfully yours, Carl Rosevear
RE: IPv6 Confusion
Thanks to all that responded on and off-list. My confusion is mostly cleared-up. The points that are unclear at this point are generally unclear to most people, it seems due to lack of operational experience with IPv6. Feel free to keep responding to this topic as its all very interesting but I think my needs have been met. Owen, this one from you tied it all together. Thanks all! --Carl -Original Message- From: Owen DeLong [mailto:o...@delong.com] Sent: Tuesday, February 17, 2009 10:41 AM To: Carl Rosevear Cc: nanog@nanog.org Subject: Re: IPv6 Confusion On Feb 17, 2009, at 8:59 AM, Carl Rosevear wrote: So, I understand the main concepts behind IPv6. Most of my peers understand. We all have a detailed understanding of most things IPv4. I have Googled and read RFCs about IPv6 for HOURS. That said, to quickly try to minimize people thinking I am an idiot who asks before he reads, I need some answers. First of all, several of my friends who feel they are rather authoritative on the subject of things network-related have given me conflicting answers. So what's the question? ... How does IPv6 addressing work? There are a lot of different possible answers to that question, many of which are accurate. In general: It's a 128 bit address. Routing is done on VLSM, but, generally for DNS purposes, these are expected to be at least on nibble boundaries. There is an intent to support what is known as EUI-64, which means every subnet should be a /64, however, there are people who number smaller subnets and that is supposed to work, but, it will break certain IPv6 things like stateless autoconfiguration (which is optional). I know it's been hashed and rehashed but several orgs I am associated with are about to ask for their allocations from ARIN and we are all realizing we don't really know how the network / subnet structure trickles down from the edge to the host. We really don't have a firm grasp of all of this as there seems to be multiple options regarding how many addresses should be assigned to a host, if the MAC address should be included in the address or if that is just for auto-configuration purposes or what the heck the deal is. There are a lot of clear statements out there and a lot that are clear as mud. Unfortunately, even when trying to analyze which RFC superseded another. Can I just subnet it all like IPv4 but with room to grow or is each host really going to need its own /84 or something? I can't see why hosts would need any more addresses than today but maybe I'm missing something because a lot of addressing models sure allow for a huge number of unique addresses per host. You can subnet it just like IPv4. Each host does not need it's own subnet (/64, not /84 for the most part). The theory behind /64 subnets was to support a way for a host to use what it already knows (MAC address) and possibly some additional clues (Router Announcement) from the wire to configure its own IPv6 address on an interface. Whether or not this was a good idea is still controversial, but, whether or not it's how IPv6 is going to work is not. IPv6 is designed to work with Stateless Autoconfiguration whether we like it or not. DHCPv6 so far is prevented from providing default router information (or many of the other things you're used to having DHCP do) as it currently stands. My buddy and I are about to go to Barnes and Noble, not having and luck with standard internet media but then we realized... how will we know if any of that is really what we are looking for either? It's a fair point. There is a good FAQ/Wiki on the ARIN web site. That may be a good place to start. From what I can tell, this may still be a question of great debate. Everyone seems to act like they know exactly what's going on but behind closed doors admits that they don't really know x, y, or z. I realize this is typical of my industry and even myself from time to time. J But so I am truly reaching out here. What is the deal with IPv6 addressing and subneting? Where is the official guide to this new galaxy? I will be sure to pass this information on to my equally less clueful peers to the benefit of all of us that are making this transition. Officially, the best summary I can give is that the subnetting model is almost identical to IPv4, but, all subnets should be at least a /64 (and it's hard to imagine a scenario where a single subnet should be larger, but, it can be supported). The essential initial guidelines are: ISP /32 Enough for 4billion ISPs Enough for each ISP to support 65,536 /48 customers or 16.7M /56 customers, etc. Larger ISPs can get more than a /32 if needed. End Site/48 Enough for 65,536 /64 subnets Larger organizations can get more than a /48 if needed. Single Subnet
