Re: AS21299 - 46.42.196.0/24 ASN prepending 255 times

[Erik Sundberg]

I emailed all the contacts listed for their ASN in the RIPE Database. One of 
them just respond to me saying they will fix this, so there is some hope that 
this will get addressed.

Now that you mentioned it. I remember seeing the previous thread and responding 
to it.

Erik



From: sur...@mauigateway.com 
Sent: Thursday, March 24, 2022 11:45 PM
To: Erik Sundberg ; nanog@nanog.org 
Subject: Re: AS21299 - 46.42.196.0/24 ASN prepending 255 times



On 3/24/2022 5:43 PM, Erik Sundberg wrote:
If anyone from AS21299 is lurking on Nanog. Please reduce your AS prepends for 
46.42.196.0/24 from 255 prepends to a more reasonable number of prepends let's 
say 20. Thanks!

This is a Kazakhstan register IP Block and ASN

  Network   Next Hop   Metric LocPrf Weight Path
*> 46.42.196.0/24  x.x.x.x 0  100   0 2914 174 3216 3216 35168 21299 




This is the one I was asking about in:
https://mailman.nanog.org/pipermail/nanog/2022-March/217925.html

There're a lot more prefixes from them.

86.107.128.0/21
92.49.252.0/24
176.222.164.0/23
176.222.166.0/23
176.222.181.0/24
37.99.2.0/23
5.34.106.0/23

In that email I was worried they were probing for attack vectors, but when I 
looked into it I found it has been happening off and on for a fairly long time.

My bet is the network guys don't want to do anything until told by non-tech 
managers as the Kazakhstan people just went through (are still going through?) 
an authoritarian beat down from the Kazakhstan government helped by the Russian 
government just before the invasion of Ukraine.

scott



CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner.
Thank you.

AS21299 - 46.42.196.0/24 ASN prepending 255 times

[Erik Sundberg]

If anyone from AS21299 is lurking on Nanog. Please reduce your AS prepends for 
46.42.196.0/24 from 255 prepends to a more reasonable number of prepends let's 
say 20. Thanks!

This is a Kazakhstan register IP Block and ASN


  Network  Next Hop  Metric LocPrf Weight Path

*> 46.42.196.0/24  x.x.x.x 0  100   0 2914 174 3216 3216 35168 21299 21299 
21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 
21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 
21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 
21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 
21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 
21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 
21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 
21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 
21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 
21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 
21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 
21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 
21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 
21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 
21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 
21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 
21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 
21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 
21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 21299 
21299 21299 21299 21299 21299 21299 i




CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner.
Thank you.

Re: RU evidently hijacked UA netblock

[Erik Sundberg]

Here is a doc for each hardware vendor for filtering long as paths. Not sure if 
this will help you or if the issue is before filtering takes place.

We have ours max length set to 75.

https://bgpfilterguide.nlnog.net/guides/long_paths/

Erik

Erik Sundberg
Sr. Network Engineer
Nitel
350 N Orleans Street
Suite 1300N
Chicago, Il 60654
Desk: 773-661-5532
Cell: 708-710-7419
NOC: 866-892-0915
Email: esundb...@nitelusa.com
web: www.nitelusa.com

From: NANOG  on behalf of Scott 
Weeks 
Sent: Friday, March 4, 2022 8:46:47 PM
To: nanog@nanog.org 
Subject: Re: RU evidently hijacked UA netblock



--- j...@west.net wrote:
On 3/4/22 18:03, Scott Weeks wrote:

> It looks like a 'too many' AS prepends, but it is only 250 prepends.

In most reasonable scenarios I'd say that this qualifies as too many.
-


Yeah, technically, but it was not 256 or something where I'd expect an issue to 
happen.  Just curious as to why only that ASN caused the buffer overflow 
messages as I got them from no other AS ever and wondered if anyone else has 
seen them.  Other ASNs almost certainly have sent 250+ prepends to me before, 
but they did not cause the overflow.  Like I said, I have a ticket open because 
I am curious:

BGP-WARNING-tBgp4RouteInvalid-2007  Route invalid reason - Cannot 
add/prepend AS-path.  Buffer overflow\nNRLI -   where prefixes are 
several and different lengths.

Probably nothing, but I always look into stuff I see in the syslog server's 
router.log.

scott



CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner.
Thank you.

Salesforce issues

[Erik Sundberg]

  
0.0% 6  411.4 411.8 411.4 412.4   0.5
21. AS20940  ae2.r12.iad01.ien.netarch.akamai.com (23.203.152.41)   
  
0.0% 6  411.9 415.1 411.9 417.4   2.9
AS20940  ae2.r11.iad01.ien.netarch.akamai.com (23.203.152.39)
22. ???
23. AS33905  a184-25-179-132.deploy.static.akamaitechnologies.com 
(184.25.179.132)    
0.0% 6  215.9 216.4 215.9 216.7   0.3





Erik Sundberg
Sr. Network Engineer

office 773.661.5532
mobile   708.710.7419
noc 866.892.0915

esundb...@nitelusa.com<mailto:esundb...@nitelusa.com>

888.450.2100
350 N Orleans St. #1300N
Chicago, IL 60654
nitelusa.com<http://www.nitelusa.com/>
[cid:image006.png@01D7E13A.E1A0E610]<http://www.nitelusa.com/>

Smarter technology made simple





CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner.
Thank you.

Re: Famous operational issues

[Erik Sundberg]

Worked a cronic support call where their internet would bounce at noon every 
workday. The Cisco 1601 or 1700 Router that had there T1 in, ended up being on 
top a microwave. Weeks of troubleshooting and shipping new routers on this one.

Also had another one where the router was plugged in to an outlet that was 
controlled by a light switch, discovered this after shipping them two new 
routers.

Customer had there building remodeled and the techs counldn't find the T1 
Smartjack for the building. The contract who did the remodel job, decided it 
would be a good idea to cut out the section of wall where the telco equipment 
was and mounted it to the ceiling. It's new location was in the ladys bathroom, 
above the drop ceiling mounted to the building's rafters 10' in the air.

Customer needed a new router, because the first one died. It was a machine shop 
and they mounted the router to the wall next to a lathe or drill press that 
used oil to cool the bit while it was cutting. It looked like some dumped the 
router in a bucket of oil when we got it back.

Arriving at another large colo for a buildout. Only to find that our ASR9K that 
arrived 2 weeks ago was stored outside on the load dock which has no roof or 
locked gate. I guess that why Cisco put the plastic bag over the chassis when 
there shipped.

Colo techs at another larger colo decided to unpack our router which was a 
fully loaded 1/2 rack chassis. Since they couldn't lift it, they tipped the 
router on the side and walked it back by shifting the weight from one corner of 
the chassis to another. Bending the chassis. I could see the scrap marks in the 
floor from it.

We had colo space in top floor of an ATT CO where we put a Cisco 7513 to 
terminate about a dozen CHDS3's. The roof was leaking and instead of fixing the 
roof. The fix was to put a sheet of plastic over our cabinet. It was more like 
a tent over the cabinet.  A pool of water formed in a diviot at the top and it 
was 120+ degrees under the plastic tarp.

Our office was in a work loft off an older building and they had the AC unit 
mounted to the ceiling with a drip pan underneath them. Well, AC on the 2nd 
floor had the pump for the drip pan died. Who every installed the drip pan 
didn't secure it or center it under the AC unit. It filled up with water and 
since it was not secured and was off centered. The drip pan came crashing down 
with a few gallons of water. The water worked it's way over to the wall and 
traveled down one story in the building. The floor below had all the telco 
equipment mounted to that same wall and the water flowed down right through a 
couple of ATT's Ciena mounted to the wall shorting them out. I was at the 
Chicago Nanog Hackathon on Sunday and was called out to work that one 😕

Was working in the back of a cabinet that had -48 VDC power for a Cisco Router, 
a screw fell and shorted out the power. My co worker who was standing in front 
of the rack wasn't happy because the ADC PowerWorx Fuse panel was about 6" from 
his face where he was working. It had those little black alarm fuses, that had 
the spring-loaded arm. When it tripped a nice shower of sparks had flew right 
at his face Luckly he wore glasses.

I was 18 at my first IT job and it was a brand-new building. I was plugging in 
a 208VAC 30A APC UPS in the server room the electrican had just energized and 
check the circuit. I plugged in the APC UPS and gave it a good turn for the 
twist lock plug to catch and KA BAMB!!! Sparks came shooting out of the outlet 
at me. I think I pooped myself that day. Turns out the electricians deiced that 
a single Gange electrical box was good enough for a 208 VAC 30A outlet, that 
barely fit in the box. Didn't put any tape around the wire terminals. When they 
energized the circuit there was enough of an air gap that the hot screw didn't 
ground out. When I gave it that good old twist while plugging in the APC, I 
grounded the hot screw to the side of the electrical box.







From: NANOG  on behalf of Seth 
Mattinen 
Sent: Thursday, February 18, 2021 10:23 AM
To: nanog@nanog.org 
Subject: Re: Famous operational issues

On 2/18/21 1:07 AM, Eric Kuhnke wrote:
> On that note, I'd be very interested in hearing stories of actual
> incidents that are the cause of why cardboard boxes are banned in many
> facilities, due to loose particulate matter getting into the air and
> setting off very sensitive fire detection systems.
>


I had a customer that tried to stack their servers - no rails except the
bottom most one - using 2x4's between each server. Up until then I
hadn't imagined anyone would want to fill their cabinet with wood, so I
made a rule to ban wood and anything tangentially related (cardboard,
paper, plastic, etc.). Easier to just ban all things. Fire reasons too
but mainly I thought a cabinet full of wood was too stupid to allow.

The "no wood" rule has become a fun story to tell everyone who asks how
that ended up being

Re: Infomart Dallas is on generator

[Erik Sundberg]

Latest from Equinix as of 10PM 2/15


Dear Equinix Customer,

IBX(s):DA3
IBX Address:1950 North Stemmons Freeway Suites 1039A & 2048 Dallas, TX 75207
Ticket#:5-204633870202
Date and Time of Occurrence:15-FEB-2021 02:46 Site Local Time
Date and Time Update Reported:15-FEB-2021 21:58 Site Local Time

INCIDENT SUMMARY:IBX Utility Disturbance - Customer Loads Transferred

UPDATE:

Equinix IBX Site Staff reports that the utility vendor has advised that there 
will be rotating outages. The IBX will remain on generator power until utility 
power is stable. The fuel vendor has advised of an ETA on 16-FEB-2021 10:00 
Site Local Time for the fuel delivery. All loads remain stable on generator 
power. IBX Engineers will continue to monitor for stability.

 * Situation Status:  Stable
 * Equipment/Condition:  IBX Utility Disturbance - Customer Loads 
Transferred
 * Current System Redundancy:  Reduced Redundancy
 * Resources on Site/Pending:  N/A
 * Generator Fuel Run Time (hrs.):  Gen 1A- 38 hours/ DA3.2 Gen A - 48 
Hours -Gen B – 48 Hours
 * Current Colo Temperature Status: N/A
 * Current Colo Humidity RH Status:  N/A

The next update will be sent when there is a significant change to the 
situation.



From: NANOG  on behalf of 
Matthew Crocker 
Sent: Monday, February 15, 2021 7:46 PM
To: Eric Kuhnke ; nanog@nanog.org list 
Subject: Re: Infomart Dallas is on generator


They are most likely part of a demand load shedding program and are being paid 
to run off generator.



From: NANOG  on behalf of 
Eric Kuhnke 
Date: Monday, February 15, 2021 at 5:10 PM
To: "nanog@nanog.org list" 
Subject: Infomart Dallas is on generator





I have now heard from two reliable sources that Infomart Dallas is presently on 
generator, and is likely to remain so until the cold weather/electrical supply 
emergency in Texas has abated. No network impact seen yet.







CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner.
Thank you.

Re: Any info on devices that are running eBGP on the Internet?

[Erik Sundberg]

Keep in mind that some members on the IX are using a configured mac address 
instead of the burn in MAC Address on the router's NIC Card.

We have done this in the past during for multiple reasons so we don't have to 
call the IX and wait on them to up date the filters.
-IX Port upgrading in bandwidth. I.E. 1G  -> 10G
-Router chassis or card upgrades
-Circuit grooms

This also allows us the flexibility to move the IX port to a difference device 
in the event of an outage, hardware failure, or other event.

-Erik

From: NANOG  on behalf of Eric Kuhnke 

Sent: Thursday, November 7, 2019 4:47 PM
To: Edward Dore ; nanog@nanog.org list 

Subject: Re: Any info on devices that are running eBGP on the Internet?

The OUI prefixes that are Intel, Dell, HP, Supermicro and other x86-64 hardware 
vendors are almost certainly people running BIRD, FRR or similar on commodity 
hardware. In which case the actual routing configuration could be almost 
anything, those just happen to be the PCI-Express NICs in some sort of server 
platform.



On Thu, Nov 7, 2019 at 11:59 AM Edward Dore 
mailto:edward.d...@freethought-internet.co.uk>>
 wrote:
I just grabbed the following from our routers connected to LINX LON1, LINX 
LON2, LINX Manchester and LONAP (so this data is very UK centric):

 557 Cisco Systems, Inc
 553 Juniper Networks
  51 Routerboard.com
  51 Brocade Communications Systems, Inc.
  49 Arista Networks
  40 Unknown
  38 Intel Corporate
  36 HUAWEI TECHNOLOGIES CO.,LTD
  31 Globalscale Technologies, Inc.
  20 Super Micro Computer, Inc.
  20 Alcatel-Lucent IPD
  15 Nokia
  14 Hewlett Packard
  10 VMware, Inc.
  10 Ubiquiti Networks Inc.
  10 Sunrich Technology Limited
  10 Extreme Networks, Inc.
   7 Dell Inc.
   5 IEEE Registration Authority
   4 Intel Corporation
   4 HotLava Systems, Inc.
   3 FireBrick Limited
   2 Raspberry Pi Foundation
   2 Nexcom International Co., Ltd.
   2 Microsoft Corporation
   2 Mellanox Technologies, Inc.
   2 ICP Electronics Inc.
   2 Hewlett Packard Enterprise
   2 BSkyB Ltd
   1 Xensource, Inc.
   1 XEROX CORPORATION
   1 Solarflare Communications Inc.
   1 SILICOM, LTD.
   1 MIX s.r.l.
   1 LANNER ELECTRONICS, INC.
   1 GIGA-BYTE TECHNOLOGY CO.,LTD.
   1 DriveCam Inc
   1 DIGITAL EQUIPMENT CORPORATION
   1 Agile Systems Inc.

That's done using https://github.com/bauerj/mac_vendor_lookup to do the MAC 
lookup against the IEEE OUI list with the "Unknown" entries being anything 
which doesn't appear in http://standards-oui.ieee.org/oui.txt (possibly locally 
administered addresses?).

Hope that's helpful to someone 🙂


Edward Dore

Freethought Internet


From: NANOG mailto:nanog-boun...@nanog.org>> on behalf 
of Sabri Berisha mailto:sa...@cluecentral.net>>
Sent: 07 November 2019 19:08
To: Compton, Rich A mailto:rich.comp...@charter.com>>
Cc: nanog mailto:nanog@nanog.org>>
Subject: Re: Any info on devices that are running eBGP on the Internet?

Hi,

What you could consider is asking a few of the major internet exchanges if 
they'd be so kind to send you a list of MAC addresses seen on their LANs. Based 
on the MAC you can determine the manufacturer. If you have three or four big 
ones, you have a decent sample size as most larger networks are on multiple 
IXes anyway.

If you do compile a list, I'm sure this list would be interested in the results 
:)

Thanks,

Sabri


- On Nov 6, 2019, at 10:39 AM, Compton, Rich A 
mailto:rich.comp...@charter.com>> wrote:

Hi, I am working with MANRS (https://www.manrs.org) on a tool for checking 
router configs for BGP security / spoofing prevention (e.g. uRPF) 
https://github.com/manrs-tools/MANRS-validator

We are wondering if there is any research on the percentages of different types 
of devices running BGP on the Internet.

Something like:

Cisco IOS 30%

Junos 30%

Mikrotik 20%

etc…

We are looking to focus our tool on the most prevalent types of devices doing 
BGP (and the most prevalent with BGP security/spoofing issues) so that we can 
have the greatest impact.  Does anyone have any information on this or know 
where I can obtain this information?  Thanks in advance!

 -Rich

The contents of this e-mail message and
any attachments are intended solely for the
addressee(s) and may contain confidential
and/or legally privileged information. If you
are not the intended recipient of this message
or if this message has been addressed to you
in error, please immediately alert the sender
by reply e-mail and then delete this message
and any attachments. If you are not the
intended recipient, you are notified that
any use, dissemination, distribution, copying,
or storage of this message or any attachment
is strictly prohibited.



CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or 

Re: Chicago Equinix IX LAN oddity

[Erik Sundberg]

Equinix renumber the IP Block from a /24 to a /23 and everyone was suppose to 
be off the old block I think around a year ago. I am sure some providers did 
not migrate everything off that IP Block. Everyone that was a member at that 
time was given a new IP Address on the /23 subnet, I believe the last octet of 
the address stayed the same.

They might just be emailing of an old email template for peering.

Also, Here is that peers new IP block assuming it's AS19016.
208.115.136.119   0 19016  853824  755885 38249848700 8w5d 
20

Erik


From: NANOG  on behalf of JASON BOTHE via NANOG 

Sent: Tuesday, October 8, 2019 1:57 PM
To: James Cornman 
Cc: nanog@nanog.org 
Subject: Re: Chicago Equinix IX LAN oddity

Got it, thanks for that. I’ll have to give the big E a call and see how to sort 
this one out.

J~

On Oct 8, 2019, at 13:55, James Cornman  wrote:


There was a subnet expansion/migration there earlier this year (maybe late last 
year?)

We have an old and new address on our interface.. The 208.x is the new range 
(aka bigger)

 ip address 206.223.119.124/24
 ip address 208.115.136.124/23

-James

On Tue, Oct 8, 2019 at 2:47 PM JASON BOTHE via NANOG 
mailto:nanog@nanog.org>> wrote:
Hi all

I realize this might not be the right list but I have a request to peer on the 
Chicago Equinix IX to a 206.223.119 IP but we and many others are on the 
208.115.137 network. While I await a response from the peering partner, I’d 
curious to know if this is an error, perhaps there was a renumber at one time 
or I’m flat out just missing something.

Cheers!

J~


--

James Cornman

jcorn...@atlanticmetro.net
212.792.9950

Atlantic Metro Communications

4 Century Drive, Parsippany NJ  07054

Cloud Hosting • Colocation • Network Connectivity • Managed Services

Follow us on Twitter: @atlanticmetro • Like 
us on Facebook
www.atlanticmetro.net



CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

Re: Cisco Metro Ethernet Switching

[Erik Sundberg]

You can get ASR920's with only a layer 2 license, or you can opt for the 
advanced L3 license to BGP\MPLS, this would enable EoMPLS  Tunnels.

The NCS520 is designed only to be a NID, there are a lot of limitations on this 
device. You need to read the configuration guide to see the limitations.  I 
have one on my desk.

The NCS540 is the next model up from the ASR920.

I think ASR924 is the way to go.

Erik





From: NANOG  on behalf of Bogle, Nick 

Sent: Sunday, September 29, 2019 10:45 PM
To: nanog@nanog.org 
Subject: Cisco Metro Ethernet Switching

Hey there!

I'm currently working on a project which entails refreshing a few EoL switches 
that sit on a Metro Ethernet fiber ring that we own acting as essentially a PE 
handoff. It's primarily just a Layer 2 ring with mostly ME3400E switches. We 
are not in a place to convert the entire ring to our standard Nokia SAR 
platform, and just wanted to bring all of our sites to standard on the ME3400E 
platform for consistency (have four switches on the ring that are currently 
3560G's and don't support the needed QoS/CoS). As the ME3400E is currently End 
of Sale, what would you guys recommend as far as a replacement? I am leaning 
towards the ASR920's (affordable, seems like a solid proven platform, future 
flexibility), or the NCS 520 (Ciscos recommended replacement), but neither of 
them seem like appropriate replacements for a simple Layer 2 switching platform 
with just the need for decent QoS and CoS capabilities. No Layer 3, MPLS, or 
10G+ is required. 12 1G SFP ports is about all we need.

Let me know your thoughts -- haven't payed much attention to the Cisco service 
provider space as of late.

Thank you!

Nick Bogle
Network Engineer

 [signature] 

1411 E Mission Ave. MSC-40
Spokane WA 99202
P 509-495-8525
C 509-220-5763
www.avistacorp.com


CONFIDENTIALITY NOTICE: The contents of this email message and any attachments 
are intended solely for the addressee(s) and may contain confidential and/or 
privileged information and may be legally protected from disclosure. If you are 
not the intended recipient of this message or an agent of the intended 
recipient, or if this message has been addressed to you in error, please 
immediately alert the sender by reply email and then delete this message and 
any attachments.



CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

RE: Cogent sales reps who actually respond

[Erik Sundberg]

This last comment made me laugh out loud….
>>> Our sales rep has been great, but unfortunately, for him, every time he 
>>> calls and I ask if Cogent is going to get me IPv6 transit to Google, he has 
>>> to say no, and then I tell him I can’t purchase any more circuits.


From: NANOG  On Behalf Of David Hubbard
Sent: Monday, September 16, 2019 11:36 AM
To: n...@as37662.com n...@as37662.com ; nanog@nanog.org
Subject: Re: Cogent sales reps who actually respond

Our sales rep has been great, but unfortunately, for him, every time he calls 
and I ask if Cogent is going to get me IPv6 transit to Google, he has to say 
no, and then I tell him I can’t purchase any more circuits.

From: NANOG mailto:nanog-boun...@nanog.org>> on behalf 
of Owen DeLong mailto:o...@delong.com>>
Date: Monday, September 16, 2019 at 9:20 AM
To: "n...@as37662.com 
n...@as37662.com" 
mailto:n...@as37662.com>>
Cc: "nanog@nanog.org" 
mailto:nanog@nanog.org>>
Subject: Re: Cogent sales reps who actually respond

Given their practice of harvesting whois updates in order to spam newly 
acquired AS contacts, any time it is my decision, Cogent is ineligible as a 
vendor.

I’ve had no trouble getting their reps to respond when the decision has come 
from above, but I prefer to avoid doing business with them.

Owen


On Sep 15, 2019, at 13:13 , n...@as37662.com 
n...@as37662.com 
mailto:n...@as37662.com>> wrote:

Hi fellow network operators,
Do any orgs here have experience with a good Cogent rep? The rep we got via 
Cogent's website is unresponsive to even basic questions. It feels like we are 
dealing with a bot and copy-pasted replies.
Thanks
Ruldu




CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

RE: Birch/Primus/Fusion Network ASN integration?

[Erik Sundberg]

The Globalinx network was migrated into the Fusion network earlier this year 
about 27 Weeks Ago is what my router interface tells me. We ended up running 
new interconnects with them and changing peering from Globalinx’s ASN to the 
Fusion Network ASN 11696. The birch ASN 17184 is reachable via AS11696. I am 
not sure if this was a special setup for us or not.

This is for the legacy Globalinx Network AS46191 199.x.84.0/24 and 
199.x.85.0/24 if you were connecting to the 5Linx / Globalinx Broadsoft 
environment.


-Erik



From: NANOG  On Behalf Of Mike Hammett
Sent: Tuesday, June 18, 2019 2:18 PM
To: Eric Kuhnke 
Cc: nanog@nanog.org list 
Subject: Re: Birch/Primus/Fusion Network ASN integration?

I connect to Globalinx (another Birch acquisition) via AS17184. It looks like 
they also have AS16526.


-
Mike Hammett
Intelligent Computing Solutions
[http://www.ics-il.com/images/fbicon.png][http://www.ics-il.com/images/googleicon.png][http://www.ics-il.com/images/linkedinicon.png][http://www.ics-il.com/images/twittericon.png]
Midwest Internet Exchange
[http://www.ics-il.com/images/fbicon.png][http://www.ics-il.com/images/linkedinicon.png][http://www.ics-il.com/images/twittericon.png]
The Brothers WISP
[http://www.ics-il.com/images/fbicon.png][http://www.ics-il.com/images/youtubeicon.png]

From: "Eric Kuhnke" mailto:eric.kuh...@gmail.com>>
To: "TJ Trout" mailto:t...@pcguys.us>>
Cc: "nanog@nanog.org list" 
mailto:nanog@nanog.org>>
Sent: Tuesday, June 18, 2019 3:13:11 AM
Subject: Re: Birch/Primus/Fusion Network ASN integration?
Mea culpa. I'm actually not finding much for Fusion Connect Inc. in terms of 
normal BGP presence (peeringdb page, an AS that's known to tools like the 
bgp.he.net tool, etc.

https://en.wikipedia.org/wiki/Birch_Communications

AS20175 Birch Communications Inc. doesn't appear to be doing much of anything

There's also this, which is one of their earlier acquisitions: 
https://www.peeringdb.com/net/3238


On Tue, Jun 18, 2019 at 12:42 AM TJ Trout 
mailto:t...@pcguys.us>> wrote:
wrong fusion on peering db

On Mon, Jun 17, 2019 at 10:35 PM Eric Kuhnke 
mailto:eric.kuh...@gmail.com>> wrote:
Hey all,

I'm looking for any info that might be publicly available regarding intentions 
to merge the Primus ASN into Birch/Fusion Network, or whether it will remain 
its own thing.

Primus acquired by Birch: 
https://primus.ca/index.php/bc_en/news-and-events/primus-news-birch-completes-purchase-of-primus-telecommunications-assets-in-canada/

Birch acquired by Fusion: 
https://primus.ca/index.php/yt_en/news-and-events/primus-news-fusion-announces-closing-of-birch-acquisition/

primus: https://www.peeringdb.com/net/2811

fusion: https://www.peeringdb.com/net/4608




CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

RE: provider email maintenance standard

[Erik Sundberg]

Back at NANOG in Chicago 2016 someone was working on a standards for 
Maintenance notifications with calendar invites attached. Not sure what 
happened with it.

I think this was it.
https://archive.nanog.org/meetings/abstract?id=2853



Erik Sundberg
Sr. Network Engineer

office 773.661.5532
mobile   708.710.7419
noc 866.892.0915

esundb...@nitelusa.com

888.450.2100
350 N Orleans St. #1300N
Chicago, IL 60654
nitelusa.com


Smarter technology made simple


-Original Message-
From: NANOG  On Behalf Of Jay Hanke
Sent: Tuesday, June 18, 2019 8:41 AM
To: Job Snijders 
Cc: North American Network Operators' Group 
Subject: Re: provider email maintenance standard

> https://github.com/jda/maintnote-std/blob/master/standard.md
>
> NTT / AS 2914’s NOC follows this process to keep customers and partners 
> informed about maintenances.

Is there commercial or open source software that already has this implemented?



CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

RE: Amazon AS16509 peering... how long to wait?

[Erik Sundberg]

Chase them down at the next Nanog… I had to do that for two large content 
providers.

From: NANOG  On Behalf Of Mike Hammett
Sent: Monday, April 8, 2019 8:02 AM
To: John Von Essen 
Cc: nanog@nanog.org
Subject: Re: Amazon AS16509 peering... how long to wait?

I submitted requests for multiple networks over the course of a year. One got 
acknowledged and had a few week wait from when the session came up to 
routes\traffic passing. The others have been ignored.


-
Mike Hammett
Intelligent Computing Solutions
http://www.ics-il.com

Midwest-IX
http://www.midwest-ix.com


From: "John Von Essen" mailto:j...@essenz.com>>
To: nanog@nanog.org
Sent: Sunday, April 7, 2019 4:41:22 PM
Subject: Amazon AS16509 peering... how long to wait?

I applied for peering, received an email, setup the BGP session, waited
about a month. Then 3 weeks ago my BGP session with Amazom came up, but
with zero routes. I assume I am in some kind of test/waiting period, but
after three weeks, I thought I would be getting routes by now. Emails to
the peeringdb POC have not returned anything. Anyone here from AS16509,
can this be bumped? We are AS17185, and peering is on DE-CIX NYC.


Thanks

John




CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

Comcast - NTT seeing congestion in Chicago at 350 Cermak

[Erik Sundberg]

Comcast\NTT,

I am seeing a bit of congestion between the NTT and Comcast connection in 
Chicago. Can you guys take a look at this?


Normally this is a sub 10ms path, it running at 100ms.



speedtest (0.0.0.0)   Fri 
Feb  8 20:23:49 2019
Keys:  Help   Display mode   Restart statistics   Order of fields   quit
  Packets   
Pings
 Host   Loss%   Snt   Last   
Avg  Best  Wrst StDev
 1. 45.61.24.33  0.0%   8621.0   
1.1   0.9  24.9   1.6
 2. te-0-0-25.ear2.chi2.us.nitelusa.net  0.0%   8620.9   
0.9   0.8  54.4   2.2
 3. te-0-0-25.ear1.chi2.us.nitelusa.net  0.0%   8621.5   
1.2   0.9  34.5   1.6
 4. te-0-0-24.ear1.chi1.us.nitelusa.net  0.0%   8621.1   
1.1   0.9  74.4   3.0
 5. te-0-0-1-0.cr1.chi1.us.nitelusa.net  0.0%   8620.8   
0.7   0.7  13.7   0.6
 6. xe-0-0-8-0.a02.chcgil09.us.bb.gin.ntt.net0.0%   861   42.5   
2.7   0.3  54.7   6.4
 7. ae-0.comcast.chcgil09.us.bb.gin.ntt.net  0.5%   861  102.1  
99.1  42.0 120.2  10.3
 8. be-10577-cr02.350ecermak.il.ibone.comcast.net0.6%   861  113.8 
100.7  41.6 161.0  10.7
 9. be-7922-ar01.area4.il.chicago.comcast.net1.2%   861  107.8 
100.7  45.1 127.6  10.8
10. be-123-rur02.homewood.il.chicago.comcast.net 0.6%   861  106.9 
102.0  42.1 123.6  10.8
11. 68.87.235.2060.9%   861  102.0 
101.8  44.7 140.1  10.7
12. c-xxx.hsd1.il.comcast.net0.7%   861  103.1 
110.7  49.9 136.4  10.5




CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

RE: Quick Script to check the uptime of ASR920's

[Erik Sundberg]

It was a script I created in regards to this thread below... Interface counters 
and some other things stop working after a Cisco ASR920 is up 889 days Fun 
Fun

https://puck.nether.net/pipermail/cisco-nsp/2019-January/106558.html


-Original Message-
From: Mel Beckman 
Sent: Friday, January 25, 2019 6:39 PM
To: Erik Sundberg 
Cc: nanog@nanog.org
Subject: Re: Quick Script to check the uptime of ASR920's

Erik,

That’s a nice little script. Thanks!

So you want a warning if a router hasn’t been rebooted in a long time?  Just 
out of curiosity, why? I’m kind of glad that my routers don’t reboot, pretty 
much ever. Usually I want to know if the uptime suddenly became less than the 
most recent uptime, indicting a possibly unplanned reboot.

 -mel

> On Jan 25, 2019, at 4:29 PM, Erik Sundberg  wrote:
>
> All,
>
> I just created a quick script to check the uptime of a ASR920 via SNMP
> if you have a fairly long list of devices. It's a simple bash script
> and snmpwalk version 2c. Figured I would share it with you. Happy
> Friday
>
> Grab the code from GitHub:
> https://github.com/esundberg/CiscoRouterUptime
> It's a quick and dirty script and my first repo on github. Let me know if 
> there any issues with it.
>
>
> Output Format in CSV
> DeviceName, IP, Uptime in Days, OK/Warning
>
> I set my warning to 800 Days, you can change this in the code
>
>
> ASR920list.txt
> -
> ASR920-1.SEA1, 192.168.28.1, SuperSecretSNMPKey ASR920-2.SEA1,
> 192.168.28.2, SuperSecretSNMPKey snip you get the idea
>
>
> Output
>
> [user@Linux]$ ./CiscoRouterUptime.sh ASR920list.txt ASR920-1.SEA1,
> 192.168.28.1, 827, WARNING ASR920-2.SEA1, 192.168.28.2, 827, WARNING
> ASR920-2.ATL1, 192.168.23.2, 828, WARNING ASR920-1.ATL1, 192.168.23.1,
> 813, WARNING ASR920-1.CHI1, 192.168.21.3, 828, WARNING ASR920-1.NYC1,
> 192.168.25.1, 787, OK ASR920-2.CHI1, 192.168.21.4, 720, OK
> ASR920-3.CHI1, 192.168.21.5, 720, OK ASR920-1.DAL1, 192.168.26.3, 488,
> OK ASR920-4.CHI1, 192.168.21.6, 142, OK
>
>
>
> 
>
> CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
> previous e-mail messages attached to it may contain confidential information 
> that is legally privileged. If you are not the intended recipient, or a 
> person responsible for delivering it to the intended recipient, you are 
> hereby notified that any disclosure, copying, distribution or use of any of 
> the information contained in or attached to this transmission is STRICTLY 
> PROHIBITED. If you have received this transmission in error please notify the 
> sender immediately by replying to this e-mail. You must destroy the original 
> transmission and its attachments without reading or saving in any manner. 
> Thank you.




CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

RE: Quick Script to check the uptime of ASR920's

[Erik Sundberg]

Doh.. Sent this to the wrong list.:facepalm:

Check out c-nsp if you want to find out about Cisco Bug CSCvk35460 on ASR920. 
Counters stop working at 889 days of uptime.


-Original Message-
From: NANOG  On Behalf Of Erik Sundberg
Sent: Friday, January 25, 2019 6:30 PM
To: nanog@nanog.org
Subject: Quick Script to check the uptime of ASR920's

All,

I just created a quick script to check the uptime of a ASR920 via SNMP if you 
have a fairly long list of devices. It's a simple bash script and snmpwalk 
version 2c. Figured I would share it with you. Happy Friday

Grab the code from GitHub: https://github.com/esundberg/CiscoRouterUptime
It's a quick and dirty script and my first repo on github. Let me know if there 
any issues with it.


Output Format in CSV
DeviceName, IP, Uptime in Days, OK/Warning

I set my warning to 800 Days, you can change this in the code


ASR920list.txt
-
ASR920-1.SEA1, 192.168.28.1, SuperSecretSNMPKey ASR920-2.SEA1, 192.168.28.2, 
SuperSecretSNMPKey snip you get the idea


Output

[user@Linux]$ ./CiscoRouterUptime.sh ASR920list.txt ASR920-1.SEA1, 
192.168.28.1, 827, WARNING ASR920-2.SEA1, 192.168.28.2, 827, WARNING 
ASR920-2.ATL1, 192.168.23.2, 828, WARNING ASR920-1.ATL1, 192.168.23.1, 813, 
WARNING ASR920-1.CHI1, 192.168.21.3, 828, WARNING ASR920-1.NYC1, 192.168.25.1, 
787, OK ASR920-2.CHI1, 192.168.21.4, 720, OK ASR920-3.CHI1, 192.168.21.5, 720, 
OK ASR920-1.DAL1, 192.168.26.3, 488, OK ASR920-4.CHI1, 192.168.21.6, 142, OK





CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.



CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

Quick Script to check the uptime of ASR920's

[Erik Sundberg]

All,

I just created a quick script to check the uptime of a ASR920 via SNMP if you 
have a fairly long list of devices. It's a simple bash script and snmpwalk 
version 2c. Figured I would share it with you. Happy Friday

Grab the code from GitHub: https://github.com/esundberg/CiscoRouterUptime
It's a quick and dirty script and my first repo on github. Let me know if there 
any issues with it.


Output Format in CSV
DeviceName, IP, Uptime in Days, OK/Warning

I set my warning to 800 Days, you can change this in the code


ASR920list.txt
-
ASR920-1.SEA1, 192.168.28.1, SuperSecretSNMPKey
ASR920-2.SEA1, 192.168.28.2, SuperSecretSNMPKey
snip you get the idea


Output

[user@Linux]$ ./CiscoRouterUptime.sh ASR920list.txt
ASR920-1.SEA1, 192.168.28.1, 827, WARNING
ASR920-2.SEA1, 192.168.28.2, 827, WARNING
ASR920-2.ATL1, 192.168.23.2, 828, WARNING
ASR920-1.ATL1, 192.168.23.1, 813, WARNING
ASR920-1.CHI1, 192.168.21.3, 828, WARNING
ASR920-1.NYC1, 192.168.25.1, 787, OK
ASR920-2.CHI1, 192.168.21.4, 720, OK
ASR920-3.CHI1, 192.168.21.5, 720, OK
ASR920-1.DAL1, 192.168.26.3, 488, OK
ASR920-4.CHI1, 192.168.21.6, 142, OK





CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

RE: IP Dslams

[Erik Sundberg]

I haven’t used any of theses…

Check out Adtran Total Access 5000 Platform…. Used by a lot of EoC / EoDS1 
carriers


Google: Ethernet Extender DSLAM
https://enableit.com/rackmount-extender/


From: NANOG  On Behalf Of Nick Edwards
Sent: Friday, December 28, 2018 7:36 PM
To: nanog@nanog.org
Subject: IP Dslams

Howdy,
We have a requirement for an aged care facility to provide voice and data, we 
have the voice worked out, but data, WiFi is out of the question, so are 
looking for IP-Dslams, preferably a system that is all-in-one, or self 
contained, as in contains its own BBRAS/LNS/PPP server/Radius, such as has a 
property managment API, or even just a webpage manager where admin can add in 
new residents when they arive, or delete when they depart I know these used to 
be available  many years ago, but that vendor has like many vanished, only 
requirement is for ADSL2+, prefer units with either 48 ports or multiples of 
(192 etc) and have filtered voice out ports (telco50/rj21 etc)
If anyone knows of such units, would appreciate some details on them,  
brand/model suppliers if known, etc, we can try get out google fu back if we 
have some steering:)
Thank Y'all
(resent - original never made it to the list for some gremlin reason)



CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

Service Provider NetFlow Collectors

[Erik Sundberg]

Hi Nanog

We are looking at replacing our Netflow collector. I am wonder what other 
service providers are using to collect netflow data off their Core and Edge 
Routers. Pros/Cons... What to watch out for any info would help.

We are mainly looking to analyze the netflow data. Bonus if it does ddos 
detection and mitigation.

We are looking at
ManageEngine Netflow Analyzer
PRTG
Plixer - Scrutinizer
PeakFlow
Kentik
Solarwinds NTA


Thanks in advance...

Erik




CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

RE: CenturyLink

[Erik Sundberg]

Maybe light at the end of the tunnel...

latest we got from Centurylink was at 10:45pm CST.
Our engineers and technicians have identified the network element that has 
affected our customer services. Services are restoring, and the current 
estimated time for full recovery is four hours.
CenturyLink will be conducting an extensive post-incident investigation and 
root cause analysis to provide follow-up information to our customers impacted 
by this event. We will provide one more Sales Alert from this address once 
services are fully restored.


-Original Message-
From: NANOG  On Behalf Of 
Brielle Bruns
Sent: Friday, December 28, 2018 12:16 AM
To: nanog@nanog.org
Subject: Re: CenturyLink

We have interwebs in Boise!  At least, on the biz fiber w/ BGP.

720892 ipv4 routes, 62273 ipv6 routes.



On 12/27/2018 1:16 PM, Coker, Steve - DEN wrote:
> Seems like things have stabilized as of about an hour ago for us.
>
> DIA Logo
>
>
>
> *STEVE COKER***
>
> /Senior Manager of Network Infrastructure - Business Technologies/
>
> Denver International Airport
>
> Technologies | Concourse A
>
> *From:* NANOG  *On Behalf Of *Erik Sundberg
> *Sent:* Thursday, December 27, 2018 1:13 PM
> *To:* NANOG 
> *Subject:* RE: CenturyLink
>
> The outage list already has a long thread on this.
>
> https://puck.nether.net/mailman/listinfo/outages
>
> **
>
> **
>
> **
>
> *From:* NANOG  <mailto:nanog-boun...@nanog.org>> *On Behalf Of *Dennis Burgess via
> NANOG
> *Sent:* Thursday, December 27, 2018 2:00 PM
> *To:* Naslund, Steve  <mailto:snasl...@medline.com>>; nanog@nanog.org
> <mailto:nanog@nanog.org>
> *Subject:* RE: CenturyLink
>
> National outage since 4:33 am this morning..
>
> **
>
> *LTI-Full_175px*
>
> *Dennis Burgess, Mikrotik Certified Trainer *
>
> Author of "Learn RouterOS- Second Edition"
>
> *Link Technologies, Inc*-- Mikrotik & WISP Support Services
>
> *Office*: 314-735-0270  Website: http://www.linktechs.net
> <http://www.linktechs.net/>
>
> Create Wireless Coverage's with www.towercoverage.com
>
> *From:* NANOG  <mailto:nanog-boun...@nanog.org>> *On Behalf Of *Naslund, Steve
> *Sent:* Thursday, December 27, 2018 12:46 PM
> *To:* nanog@nanog.org <mailto:nanog@nanog.org>
> *Subject:* CenturyLink
>
> Anyone have any insight to the nationwide CenturyLink issues/outages
> today?  Just wondering.  Know for sure that our connections to them
> from Florida, Iowa, and Washington State are all affected.  Voice and data.
>
> Steven Naslund
>
> Chicago IL
>
> --
> --
>
>
> CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents,
> files or previous e-mail messages attached to it may contain
> confidential information that is legally privileged. If you are not
> the intended recipient, or a person responsible for delivering it to
> the intended recipient, you are hereby notified that any disclosure,
> copying, distribution or use of any of the information contained in or
> attached to this transmission is STRICTLY PROHIBITED. If you have
> received this transmission in error please notify the sender
> immediately by replying to this e-mail. You must destroy the original
> transmission and its attachments without reading or saving in any manner. 
> Thank you.
>

--
Brielle Bruns
The Summit Open Source Development Group
http://www.sosdg.org/ http://www.ahbl.org




CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

RE: CenturyLink

[Erik Sundberg]

The outage list already has a long thread on this.

https://puck.nether.net/mailman/listinfo/outages



From: NANOG mailto:nanog-boun...@nanog.org>> On Behalf 
Of Dennis Burgess via NANOG
Sent: Thursday, December 27, 2018 2:00 PM
To: Naslund, Steve mailto:snasl...@medline.com>>; 
nanog@nanog.org
Subject: RE: CenturyLink

National outage since 4:33 am this morning..


[LTI-Full_175px]
Dennis Burgess, Mikrotik Certified Trainer
Author of "Learn RouterOS- Second Edition"
Link Technologies, Inc -- Mikrotik & WISP Support Services
Office: 314-735-0270  Website: 
http://www.linktechs.net
Create Wireless Coverage's with www.towercoverage.com

From: NANOG mailto:nanog-boun...@nanog.org>> On Behalf 
Of Naslund, Steve
Sent: Thursday, December 27, 2018 12:46 PM
To: nanog@nanog.org
Subject: CenturyLink

Anyone have any insight to the nationwide CenturyLink issues/outages today?  
Just wondering.  Know for sure that our connections to them from Florida, Iowa, 
and Washington State are all affected.  Voice and data.

Steven Naslund
Chicago IL



CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

RE: Console Servers

[Erik Sundberg]

Perle IOLAN SCS series is great. We have them all over the United States.



From: NANOG  On Behalf Of Jun Tanaka
Sent: Tuesday, September 18, 2018 10:52 AM
To: nanog@nanog.org; Alan Hannan ; NANOG 
Subject: Re: Console Servers

How about SMART CS series by Seiko solutions?
https://www.seiko-sol.co.jp/en/products/console-server/
--
Jun Tanaka - NetComBB/S.N.I



CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

Godaddy Contact needed for routing issue

[Erik Sundberg]

Hello,


Can someone from GoDaddy's routing team contact me off list.


We have customer's unable to reach 
www.cat5cableguys.com via the Equinix Chicago - 
Internet Exchange.


#traceroute www.cat5cableguy.com

Wed Jul 25 16:47:08.266 CDT

Type escape sequence to abort.
Tracing the route to 184.168.221.11

 1  ge-0-0-0-8.ar1.chi1.us.nitelusa.net (207.200.195.173) 22 msec  21 msec  21 
msec
 2  eqix-ch.godaddy.com (208.115.136.141) 22 msec  22 msec  21 msec
 3   *  *  *
 4   *  *  *
 5   *  *  *



This website is reachable over other carrier's just not Equinix Chicago - 
Internet Exchange.


Thanks

Erik




CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

RE: How are you configuring BFD timers?

[Erik Sundberg]

Here is what we do...

router isis 
 interface TenGigabitEthernet0/0/0/0
  circuit-type level-2-only
  bfd minimum-interval 50
  bfd multiplier 5
  bfd fast-detect ipv4

We keep the same config for local and long haul core links. Works like a champ 
every time.

Also as a FYI if you are running ASR9K, you are able to offload the BFD process 
from the Linecard CPU to the NPU. This allows BFD timers down to 3.3 
milliseconds. 
https://www.cisco.com/c/en/us/td/docs/routers/asr9000/software/asr9k_r5-1/routing/configuration/guide/b_routing_cg51xasr9k/b_routing_cg51xasr9k_chapter_011.html





-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Mark Tinka
Sent: Saturday, May 5, 2018 6:38 PM
To: James Bensley ; NANOG 
Subject: Re: How are you configuring BFD timers?



On 22/Mar/18 10:47, James Bensley wrote:

> Have you looked at testing and adding this command to your IOS devices:
>
> ip routing protocol purge interface

In all recent versions of IOS, this command is now standard and is elided from 
the running configuration.

Mark.



CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

RE: Route Reflector Client Design Question

[Erik Sundberg]

Mark,

Your solutions sounds like the best one.

We have just started to mess with Selective download and we have only turned it 
on for one of the PE’s in our network. I am in the process of upgrading our 
Core routers from Cisco12410 to ASR9906’s, before I turn this one. Having the 
PE decide what to import is a better solution than trying to do router 
filtering on the core routers.

Thanks for the info


Erik

From: Mark Tinka [mailto:mark.ti...@seacom.mu]
Sent: Saturday, May 5, 2018 6:38 PM
To: Erik Sundberg ; NANOG 
Subject: Re: Route Reflector Client Design Question


On 4/May/18 08:01, Erik Sundberg wrote:



My questions is how do I get traffic to go directly between the PE's without 
going to the Core Routers?



1. Can I enable iBGP between the PE's in a full mesh to allow traffic between 
the PE's without going to the core's. Or does this break the Route Reflector 
model?

You could do, but then you lose the point of the RR in the first place, as it's 
likely your Metro-E nodes will continue to grow, making this iBGP mesh thing, 
well, messy.





2. Create a route policy on the Core's advertising routes learned from the PE's 
back to all the PE's on the ring.

You could do, but adds unnecessary routing complexity since the role of an RR 
is to, well, reflect.





3. Is this one of the down sides to U Rings?

Not really a downside, just the perks of extending IP/MPLS all the way into the 
Access (I drink to the death of Layer 2 Metro-E networks - my liver will 
probably give out before I do, though...).






4. Leave it alone and move on to bigger and better things

Now where's the fun in that :-)?

So we've solved this problem by using BGP-SD (Selective Download):

  *   For every prefix each Metro-E node handles, originate that toward both 
RR's with NEXT_HOP=self.

  *   Attach a BGP community along with the routes originated toward the RR's. 
For maximum saving of your precious FIB in your Metro-E nodes, use a BGP 
community that is unique to the ring. This way, you don't need to accept routes 
into each Metro-E's FIB that don't require the "local" forwarding.

  *   Ensure the RR's reflect the routes they learn from each Metro-E node to 
the other Metro-E nodes.

  *   Setup BGP-SD on each Metro-E node. Match the ring-specific BGP community 
you added to each Metro-E node's prefix origination. Accept those routes into 
FIB + default. Reject everything else (from populating the FIB).

That should give you local forwarding within the ring, while maintaining very 
sparse population of your Metro-E nodes' FIB's.

Mark.



CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

RE: Route Reflector Client Design Question

[Erik Sundberg]

Ahad,

The Cores have
Connections to other POPs
Transiting
IX circuits connected on them
Also have some Customer on them so they do also act like a PE.

Thanks

Erik

Erik Sundberg
Sr. Network Engineering
Network Engineering Department
p: 773.661.5532
c: 708.710.7419
e: esundb...@nitelusa.com
Main: 888.450.2100
NOC 24/7: 866.892.0915
350 North Orleans Street, Suite 1300N Chicago, IL 60654
www.nitelusa.com<http://www.nitelusa.com/>
[Nitel]
Managed Telecom Services
MPLS | Ethernet | Private Line | Internet | Voice | Security

From: Ahad Aboss [mailto:a...@swiftelnetworks.com]
Sent: Friday, May 4, 2018 9:16 AM
To: Erik Sundberg 
Cc: NANOG 
Subject: Re: Route Reflector Client Design Question

Erik,

Before I email my suggestions, can you clarify the followings;

Do Core1 and Core2 also provide the function of BDRs peering with your 
upstream/s?

Or

Just acting as Core/RRs with 500Mbps of traffic traversing through them?

Cheers
Ahad


On Fri, May 4, 2018 at 4:01 PM, Erik Sundberg 
mailto:esundb...@nitelusa.com>> wrote:
I have a RR Client design question..


CORE1---2x10G---CORE2
|   
|
|   
|
|10G Ring   |
|   
|
|   
|
PE1--PE2--PE3--PE4--PE5


-Core1 & Core2 are RR Reflectors with full IPV4 Tables (ASR9K)
-MPLS LDP Enabled
-IGP is ISIS
-Each PE peers only with Core1 and Core2 as RR Clients with iBGP
-PE's are only receiving a default route from the Core Routers due to TCAM size 
of 20K (ASR920's\ME3800's)
-The ring does not have that much traffic on it <500m, so I do not want to use 
additional 10G ports on the Core's and is why I have it in a 10G U ring.
-Primary link to the cores is via the PE1 --- CORE1 Like. For this 
discussion the link between PE5 to CORE2 is set up as a backup link.

The scenario is I have traffic between PE2 and PE3. Since the PE's are only 
receiving a default route from the Cores. Traffic is label switch from PE2 - 
PE1 - Core1 does a IP lookup at Ingress then label switches back to 
PE1-PE2-PE3. This ends up being 5 hops and doubling the traffic on the link to 
the Cores.

My questions is how do I get traffic to go directly between the PE's without 
going to the Core Routers?

1. Can I enable iBGP between the PE's in a full mesh to allow traffic between 
the PE's without going to the core's. Or does this break the Route Reflector 
model?
2. Create a route policy on the Core's advertising routes learned from the PE's 
back to all the PE's on the ring.
3. Is this one of the down sides to U Rings?
4. Leave it alone and move on to bigger and better things


Thanks

Erik



CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.




CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

Route Reflector Client Design Question

[Erik Sundberg]

I have a RR Client design question..


CORE1---2x10G---CORE2
|   
|
|   
|
|10G Ring   |
|   
|
|   
|
PE1--PE2--PE3--PE4--PE5


-Core1 & Core2 are RR Reflectors with full IPV4 Tables (ASR9K)
-MPLS LDP Enabled
-IGP is ISIS
-Each PE peers only with Core1 and Core2 as RR Clients with iBGP
-PE's are only receiving a default route from the Core Routers due to TCAM size 
of 20K (ASR920's\ME3800's)
-The ring does not have that much traffic on it <500m, so I do not want to use 
additional 10G ports on the Core's and is why I have it in a 10G U ring.
-Primary link to the cores is via the PE1 --- CORE1 Like. For this 
discussion the link between PE5 to CORE2 is set up as a backup link.

The scenario is I have traffic between PE2 and PE3. Since the PE's are only 
receiving a default route from the Cores. Traffic is label switch from PE2 - 
PE1 - Core1 does a IP lookup at Ingress then label switches back to 
PE1-PE2-PE3. This ends up being 5 hops and doubling the traffic on the link to 
the Cores.

My questions is how do I get traffic to go directly between the PE's without 
going to the Core Routers?

1. Can I enable iBGP between the PE's in a full mesh to allow traffic between 
the PE's without going to the core's. Or does this break the Route Reflector 
model?
2. Create a route policy on the Core's advertising routes learned from the PE's 
back to all the PE's on the ring.
3. Is this one of the down sides to U Rings?
4. Leave it alone and move on to bigger and better things


Thanks

Erik



CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

RE: 60 Hudson Woes

[Erik Sundberg]

We just had an issue where cisco was going to replace a power tray in our 
router at 60 hudson, we are also at telx.  Cisco contracts with IBM for this. 
The building is now checking that all 3rd party vendors have an existing 
Certificate of insurance (COI). This take 48 hours to get put in there 
system... 

So now we are forced to use telx smarthands if it's under 48 hours or weekends



-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Dovid Bender
Sent: Friday, February 16, 2018 12:03 PM
To: NANOG 
Subject: 60 Hudson Woes

We have space with Digital Realty (aka TELX) and 60 Hudson and lately it's been 
a nightmare getting in. The real estate management company is having us 
reconsider our options. They are giving us the option to have ID badges for our 
employees but for anyone else that wants access we need to request it 48 hours 
in advance to get approval. So if we plan on having an unexpected outage and we 
need to have a have a vendor come on site (e.g. a Dell tech) we will need to 
let them know in advance.

What are peoples experiences with 111 8th and  165 Halsey? We really like the 
connectivity options at 60 Hudson but at some point the hassle becomes not 
worth it.

RE: Switch/Router

[Erik Sundberg]

Cisco ASR9001 - 
https://www.cisco.com/c/en/us/products/collateral/routers/asr-9001-router/data_sheet_c78-685687.html

They are also coming out with a Cisco ASR9901 shortly, I would talk to cisco 
rep about this.

-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of João Butzke
Sent: Tuesday, December 12, 2017 9:42 AM
To: nanog@nanog.org
Subject: Re: Switch/Router

Hi Karim!

I think that Huawei S5720-EI can serve your needs.

Best Regards,
João Butzke

Em 12/12/2017 12:52, K MEKKAOUI escreveu:
> Also has to support features for monitoring and security like traffic 
> per IP, attacks mitigation, etc.
>
> KARIM M.
> MEKTEL INC.
> Tél. : 1(855) 563-5835 poste 404
> www.mektel.ca
>
> -Original Message-
> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of K MEKKAOUI
> Sent: December 12, 2017 9:47 AM
> To: nanog@nanog.org
> Subject: Switch/Router
>
> Hi
>
>   
>
> I am looking for a router preferably (or switch) with the following specs:
>
> 1-  Carrier grade
>
> 2-  Dual power supply
>
> 3-  1RU
>
> 4-  Gig and 10Gig interfaces.
>
> 5-  Does support protocols like BGP, etc.
>
>   
>
> Any recommendation please? Your help will be appreciated.
>
>   
>
> Thank you
>
>   
>
> KARIM M.
>
> MEKTEL INC.
>
> Tél. : 1(855) 563-5835 poste 404
>
> www.mektel.ca
>
>   
>
>

RE: Any Megapath / GTT clue?

[Erik Sundberg]

Ask to work with their CRT Team, Level 3/Tier 3 team

Also any time there is an issue on Megpaths network, ask them to open a NST 
ticket. Everything on Megapath's network is auto provisioned. 

With megapath keep on escalating until you get someone that understands what 
you are talking about.


-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of mike.l...@gmail.com
Sent: Tuesday, December 5, 2017 9:48 PM
To: NANOG list 
Subject: Any Megapath / GTT clue?

Getting no where with the front end support @ Megapath. 

/28 suddenly is no longer being routed to my client.

Any help would be appreciated.

Thank You,
Mike

RE: Google DNS --- Figuring out which DNS Cluster you are using

[Erik Sundberg]

All.. You're welcome for the info.

Let's remember what NANOG is about "mailing list is established to provide a 
forum for the exchange of technical information and the discussion of specific 
implementation issues that require cooperation among network service providers."

I sent this out to educate everyone and share the knowledge about how Google's 
Recursive DNS servers are setup for 8.8.8.8 / 8.8.4.4. Yes, some people already 
know how google handles their DNS service and have read the Google DNS FAQ page 
where this information is buried in the middle of the page. But if you never 
had to really troubleshoot in depth an issue with Google's DNS Server you 
probably never read that article. 
(https://developers.google.com/speed/public-dns/faq)

We still get the email on the various lists whether it's Nanog or the Outages 
with the subject  "OMG 8.8.8.8 IS DOWN" (Yes I admitted I was responsible 
for one of these email threads when we had the issues with Google DNS servers 
in the Atlanta Area a couple months ago).  Then everyone starts responding 
with, mine works and I am in New York, London, Chicago, Dallas, and etc. And 
the original reporter of this issue has no idea why they are down and no one 
else is down to 8.8.8.8. At least this way someone might be able to take the 
troubleshooting step further and narrowing down the issue to a Google DNS 
Cluster or a Server in the cluster. Maybe giving a Google Network or DNS admin 
lurking on the forum some more information go off of, which might make them 
take a more serious look at the outage report.

I also don’t run a blog or anything, but let's not forget our posts do get 
indexed by Google's search engines. And this thread is already the 3rd result 
for "Google DNS Cluster" which might help some lone network admin that is not 
apart of NANOG troubleshooting google dns issues. They might even open a more 
informative ticket with their service provider's NOC.

Anyways I am just another network engineer running my little corner of this 
global experiment that we call the "Internet" sharing some knowledge.

-Erik


-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Alejandro Acosta
Sent: Wednesday, August 23, 2017 9:40 PM
To: nanog@nanog.org
Subject: Re: Google DNS --- Figuring out which DNS Cluster you are using

Excellent, thanks for sharing.


El 23/8/17 a las 4:09 p.m., Erik Sundberg escribió:
> I sent this out on the outage list, with a lots of good feedback sent to me. 
> So I figured it would be useful to share the information on nanog as well.
>
>
> A couple months ago had to troubleshoot a google DNS issue with Google’s NOC. 
> Below is some helpful information on how to determine which DNS Cluster you 
> are going to.
>
> Let’s remember that Google runs DNS Anycast for DNS queries to 8.8.8.8 and 
> 8.8.4.4. Anycast routes your DNS queries to the closes DNS cluster based on 
> the best route / lowest metric to 8.8.8.8/8.8.4.4.   Google has deployed 
> multiple DNS clusters across the world and each DNS Cluster has multiple 
> servers.
>
> So a DNS query in Chicago will go to a different DNS clusters than queries 
> from a device in Atlanta or New York.
>
>
> How to get a list of google DNS Cluster’s.
> dig -t TXT +short locations.publicdns.goog. @8.8.8.8
>
> How to print this list in a table format. Script from:
> https://developers.google.com/speed/public-dns/faq
> ---
> #!/bin/bash
> IFS="\"$IFS"
> for LOC in $(dig -t TXT +short locations.publicdns.goog. @8.8.8.8) do
>   case $LOC in
> '') : ;;
> *.*|*:*) printf '%s ' ${LOC} ;;
> *) printf '%s\n' ${LOC} ;;
>   esac
> done
> ---
>
> Which will give you a list like below. This is all of the IP network’s that 
> google uses for their DNS Clusters and their associated locations.
>
> 74.125.18.0/26 iad
> 74.125.18.64/26 iad
> 74.125.18.128/26 syd
> 74.125.18.192/26 lhr
> 74.125.19.0/24 mrn
> 74.125.41.0/24 tpe
> 74.125.42.0/24 atl
> 74.125.44.0/24 mrn
> 74.125.45.0/24 tul
> 74.125.46.0/24 lpp
> 74.125.47.0/24 bru
> 74.125.72.0/24 cbf
> 74.125.73.0/24 bru
> 74.125.74.0/24 lpp
> 74.125.75.0/24 chs
> 74.125.76.0/24 cbf
> 74.125.77.0/24 chs
> 74.125.79.0/24 lpp
> 74.125.80.0/24 dls
> 74.125.81.0/24 dub
> 74.125.92.0/24 mrn
> 74.125.93.0/24 cbf
> 74.125.112.0/24 lpp
> 74.125.113.0/24 cbf
> 74.125.115.0/24 tul
> 74.125.176.0/24 mrn
> 74.125.177.0/24 atl
> 74.125.179.0/24 cbf
> 74.125.181.0/24 bru
> 74.125.182.0/24 cbf
> 74.125.183.0/24 cbf
> 74.125.184.0/24 chs
> 74.125.186.0/24 dls
> 74.125.187.0/24 dls
> 74.125.190.0/24 sin
> 74.125.191.0/24 tul
> 172.217.32.0/26 lhr
> 172.217

RE: Google DNS --- Figuring out which DNS Cluster you are using

[Erik Sundberg]

Shaun, Good catch!!!

I would be nice if this was lowered to 1 second.

#dig o-o.myaddr.l.google.com -t txt  @8.8.4.4
;; ANSWER SECTION:
o-o.myaddr.l.google.com. 51 IN  TXT "74.125.80.4"
o-o.myaddr.l.google.com. 51 IN  TXT "edns0-client-subnet 
14.161.5.0/24"   <<< Not my ip but someone from this IP did query this 9 
seconds ago.




-Original Message-
From: Shaun [mailto:na...@shat.net]
Sent: Wednesday, August 23, 2017 11:21 PM
To: Erik Sundberg
Cc: nanog@nanog.org
Subject: Re: Google DNS --- Figuring out which DNS Cluster you are using

On Wed, 23 Aug 2017 20:09:49 +
Erik Sundberg  wrote:

> Which Google DNS Server Cluster am I using. I am testing this from
> Chicago, IL
>
> # dig o-o.myaddr.l.google.com -t txt +short @8.8.8.8
> "173.194.94.135" <<<<< above to get the cluster, Council Bluffs, IA
> "edns0-client-subnet 207.xxx.xxx.0/24"  <<<< 
> Your Source IP Block

Worth noting, this record has TTL 60 and caching can cause unexpected 
responses; you may have to try a few times to get the correct data. My first 
attempt gave me an unrecognized "edns0-client-subnet" and a Google IP from 
Finland when I was querying from Atlanta.

-s



CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

Google DNS --- Figuring out which DNS Cluster you are using

[Erik Sundberg]

I sent this out on the outage list, with a lots of good feedback sent to me. So 
I figured it would be useful to share the information on nanog as well.


A couple months ago had to troubleshoot a google DNS issue with Google’s NOC. 
Below is some helpful information on how to determine which DNS Cluster you are 
going to.

Let’s remember that Google runs DNS Anycast for DNS queries to 8.8.8.8 and 
8.8.4.4. Anycast routes your DNS queries to the closes DNS cluster based on the 
best route / lowest metric to 8.8.8.8/8.8.4.4.   Google has deployed multiple 
DNS clusters across the world and each DNS Cluster has multiple servers.

So a DNS query in Chicago will go to a different DNS clusters than queries from 
a device in Atlanta or New York.


How to get a list of google DNS Cluster’s.
dig -t TXT +short locations.publicdns.goog. @8.8.8.8

How to print this list in a table format. Script from: 
https://developers.google.com/speed/public-dns/faq
---
#!/bin/bash
IFS="\"$IFS"
for LOC in $(dig -t TXT +short locations.publicdns.goog. @8.8.8.8)
do
  case $LOC in
'') : ;;
*.*|*:*) printf '%s ' ${LOC} ;;
*) printf '%s\n' ${LOC} ;;
  esac
done
---

Which will give you a list like below. This is all of the IP network’s that 
google uses for their DNS Clusters and their associated locations.

74.125.18.0/26 iad
74.125.18.64/26 iad
74.125.18.128/26 syd
74.125.18.192/26 lhr
74.125.19.0/24 mrn
74.125.41.0/24 tpe
74.125.42.0/24 atl
74.125.44.0/24 mrn
74.125.45.0/24 tul
74.125.46.0/24 lpp
74.125.47.0/24 bru
74.125.72.0/24 cbf
74.125.73.0/24 bru
74.125.74.0/24 lpp
74.125.75.0/24 chs
74.125.76.0/24 cbf
74.125.77.0/24 chs
74.125.79.0/24 lpp
74.125.80.0/24 dls
74.125.81.0/24 dub
74.125.92.0/24 mrn
74.125.93.0/24 cbf
74.125.112.0/24 lpp
74.125.113.0/24 cbf
74.125.115.0/24 tul
74.125.176.0/24 mrn
74.125.177.0/24 atl
74.125.179.0/24 cbf
74.125.181.0/24 bru
74.125.182.0/24 cbf
74.125.183.0/24 cbf
74.125.184.0/24 chs
74.125.186.0/24 dls
74.125.187.0/24 dls
74.125.190.0/24 sin
74.125.191.0/24 tul
172.217.32.0/26 lhr
172.217.32.64/26 lhr
172.217.32.128/26 sin
172.217.33.0/26 syd
172.217.33.64/26 syd
172.217.33.128/26 fra
172.217.33.192/26 fra
172.217.34.0/26 fra
172.217.34.64/26 bom
172.217.34.192/26 bom
172.217.35.0/24 gru
172.217.36.0/24 atl
172.217.37.0/24 gru
173.194.90.0/24 cbf
173.194.91.0/24 scl
173.194.93.0/24 tpe
173.194.94.0/24 cbf
173.194.95.0/24 tul
173.194.97.0/24 chs
173.194.98.0/24 lpp
173.194.99.0/24 tul
173.194.100.0/24 mrn
173.194.101.0/24 tul
173.194.102.0/24 atl
173.194.103.0/24 cbf
173.194.168.0/26 nrt
173.194.168.64/26 nrt
173.194.168.128/26 nrt
173.194.168.192/26 iad
173.194.169.0/24 grq
173.194.170.0/24 grq
173.194.171.0/24 tpe
2404:6800:4000::/48 bom
2404:6800:4003::/48 sin
2404:6800:4006::/48 syd
2404:6800:4008::/48 tpe
2404:6800:400b::/48 nrt
2607:f8b0:4001::/48 cbf
2607:f8b0:4002::/48 atl
2607:f8b0:4003::/48 tul
2607:f8b0:4004::/48 iad
2607:f8b0:400c::/48 chs
2607:f8b0:400d::/48 mrn
2607:f8b0:400e::/48 dls
2800:3f0:4001::/48 gru
2800:3f0:4003::/48 scl
2a00:1450:4001::/48 fra
2a00:1450:4009::/48 lhr
2a00:1450:400b::/48 dub
2a00:1450:400c::/48 bru
2a00:1450:4010::/48 lpp
2a00:1450:4013::/48 grq

There are
IPv4 Networks: 68
IPv6 Networks: 20
DNS Cluster’s Identified by POP Code’s: 20

DNS Clusters identified by POP Code to City, State, or Country. Not all of 
these are Google’s Core Datacenters, some of them are Edge Points of Presences 
(POPs). https://peering.google.com/#/infrastructure and 
https://www.google.com/about/datacenters/inside/locations/

Most of these are airport codes, it did my best to get the location correct.
iad  Washington, DC
syd Sydney, Australia
lhr  London, UK
mrnLenoir, NC
tpe Taiwan
atl  Altanta, GA
tul  Tulsa, OK
lpp  Findland
bru Brussels, Belgium
cbf Council Bluffs, IA
chs Charleston, SC
dls  The Dalles, Oregon
dubDublin, Ireland
sin  Singapore
fra  Frankfort, Germany
bom   Mumbai, India
gru Sao Paulo, Brazil
scl  Santiago, Chile
nrt  Tokyo, Japan
grq Groningen, Netherlans



Which Google DNS Server Cluster am I using. I am testing this from Chicago, IL

# dig o-o.myaddr.l.google.com -t txt +short @8.8.8.8
"173.194.94.135" <

RE: Merit RADB support

[Erik Sundberg]

For RADB, I was able to get them to delete a stale object 2 weeks ago. Only had 
to copy them on an email to the original source and wait 24 hours. I wish it 
was less because we are the netblock owner of the stale route object in 
question.


Erik Sundberg
Sr. Network Engineering
Network Engineering Department
p: 773.661.5532
c: 708.710.7419
e: esundb...@nitelusa.com
Main: 888.450.2100
NOC 24/7: 866.892.0915
350 North Orleans Street, Suite 1300N Chicago, IL 60654
www.nitelusa.com

Managed Telecom Services
MPLS | Ethernet | Private Line | Internet | Voice | Security


-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Chuck Anderson
Sent: Wednesday, June 7, 2017 11:22 AM
To: nanog@nanog.org
Subject: Re: Merit RADB support

On Wed, Jun 07, 2017 at 12:08:50PM -0400, Chuck Anderson wrote:
> On Wed, Jun 07, 2017 at 10:41:16AM -0500, Kaiser, Erich wrote:
> > Anyone gonna email me back from RADB support?
>
> In my experience, no.

Apologies to Merit RADB, it was BGPmon that never responds.  Merit RADB 
actually does respond--my frustration is more about the difficulty in getting 
them to delete stale objects that others registered, although I was finally 
able to get my objects cleaned up.



CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

Looking for Cisco ASR9000v feedback

[Erik Sundberg]

Does anyone have any experience with the Cisco 9000v?

Looking for the pro's, con's, and the gotcha's of moving our 1G ports to the 
9000V.







CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

Cisco NCS5501 as a P Router

[Erik Sundberg]

We're at the growing point where we need a dedicated P router for a core 
device. We are taking a serious look at the NCS5501. Is there anyone else using 
a NCS5501 as P Router or just general feedback on the NCS5501 if you are using 
it?

The big downside is it's only has a single processor

I Can't justify a ASR9K or NCS5500 Chassis yet.



CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

RE: 10G MetroE 1-2U Switch

[Erik Sundberg]

Aaron,

Do you know if the ACS5048 has any QOS limitations on this platform?

Is each EVC on a ENNI able to have a separate QOS policy or is it port based? 
Just wondering how it would compare to the Cisco NCS5001\NCS5501

Thanks

Erik

Erik Sundberg
Sr. Network Engineering
Network Engineering Department
p: 773.661.5532
c: 708.710.7419
e: esundb...@nitelusa.com
Main: 888.450.2100
NOC 24/7: 866.892.0915
350 North Orleans Street, Suite 1300N Chicago, IL 60654
www.nitelusa.com

Managed Telecom Services
MPLS | Ethernet | Private Line | Internet | Voice | Security


-Original Message-
From: Aaron Gould [mailto:aar...@gvtc.com]
Sent: Friday, April 14, 2017 7:40 AM
To: Erik Sundberg; nanog@nanog.org
Subject: RE: 10G MetroE 1-2U Switch

Yw Erik, also, since I'm fond/familiar with my newly deployed Juniper 
ACX5048's here's the MEF info...it's on there.

https://www.mef.net/certification/equipment_details?company=001U007RJ6dI
AG

- Aaron





CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

RE: 10G MetroE 1-2U Switch

[Erik Sundberg]

Guys thanks for the feedback and direction.

Some follow up to some of the questions\comments

-MPLS support is preferreded.
-Uplinks to the core would be LACP Bundles at Nx10G. The majority of the 
traffic on the customer facing 10G ENNI's will be 10-100M EVC's. We would 
configure 10G Port with 2G CIR on this device, just not full 10G UNI Ports they 
would be put on a different device.
-MEF Required

-Erik


-Original Message-
From: Aaron Gould [mailto:aar...@gvtc.com]
Sent: Thursday, April 13, 2017 5:41 PM
To: Erik Sundberg; nanog@nanog.org
Subject: RE: 10G MetroE 1-2U Switch

Hi Eric, A year or 2 ago, I did a good bit of work looking at various 
MPLS-capable-PE boxes as I was looking to replace the investment of Cisco 
ME3600's that couldn't keep up the pace of our FTTH 10 gig link expansions... 
that ME3600 only had (2) 10 gig ports.

Several links below are just a quick search I did on google to find some of 
this topics/discussions from the community.

https://www.juniper.net/assets/kr/kr/local/pdf/case-studies/3520578-en.pdf

https://lists.gt.net/nsp/juniper/54965

https://www.mail-archive.com/juniper-nsp@puck.nether.net/msg23974.html

https://marc.info/?l=cisco-nsp&m=148839385119158&w=3

https://marc.info/?a=13337206476&r=1&w=3

https://marc.info/?a=14883916473&r=1&w=3

https://lists.gt.net/nsp/juniper/58182

https://puck.nether.net/pipermail/juniper-nsp/2015-October/031353.html

https://lists.gt.net/nsp/juniper/58241


-Original Message-
From: NANOG [mailto:nanog-bounces+aaron1=gvtc@nanog.org] On Behalf Of Erik 
Sundberg
Sent: Thursday, April 13, 2017 4:37 PM
To: nanog@nanog.org
Subject: 10G MetroE 1-2U Switch

Hey Nanog,

Looking for a new metroE Edge switch that has more that 10x 10G ports. I am 
having a hard time finding anything worthwhile without buying a full blown 
ASR9K Chassis or another vendor's chassis.

Requirements
MEF compliant
1-2U small foot print
10G Ports will be used for ENNI's and UNI Ports Prefer MPLS support for L2VPN's 
(EoMPLS and VPLS) QOS per Sub interface\vlan on a ENNI Cost effect 10G Ports 
100G Not required


Looking at the
ASR920's - Great box for 1G but not enough 10G Ports Only 4
NCS5001/NCS5501 - New\unproven\probably buggy, Lacking some features & QOS 
issues :/
ASR900 - Looks good, but was hoping for a smaller foot print. If I remember 
right the 8x10G Cards can't go in every slot.

Any other platforms I should be looking at?

Ciena, Brocade, Juniper?



Thanks in advance!

-Erik



CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.




CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

10G MetroE 1-2U Switch

[Erik Sundberg]

Hey Nanog,

Looking for a new metroE Edge switch that has more that 10x 10G ports. I am 
having a hard time finding anything worthwhile without buying a full blown 
ASR9K Chassis or another vendor's chassis.

Requirements
MEF compliant
1-2U small foot print
10G Ports will be used for ENNI's and UNI Ports
Prefer MPLS support for L2VPN's (EoMPLS and VPLS)
QOS per Sub interface\vlan on a ENNI
Cost effect 10G Ports
100G Not required


Looking at the
ASR920's - Great box for 1G but not enough 10G Ports Only 4
NCS5001/NCS5501 - New\unproven\probably buggy, Lacking some features & QOS 
issues :/
ASR900 - Looks good, but was hoping for a smaller foot print. If I remember 
right the 8x10G Cards can't go in every slot.

Any other platforms I should be looking at?

Ciena, Brocade, Juniper?



Thanks in advance!

-Erik



CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

RE: ARIN Route Registry Issue

[Erik Sundberg]

Verified it's backup and working again with immediate responses.


Erik Sundberg
Sr. Network Engineer
p: 773.661.5532
c: 708.274.7419
NOC: 866.892.0915
1101 W. Lake Street, 6th Floor | Chicago, IL 60607
esundb...@nitelusa.com | www.nitelusa.com


Managed Telecom Services
MPLS | Ethernet | Private Line | Internet | Voice


-Original Message-
From: John Curran [mailto:jcur...@arin.net]
Sent: Saturday, August 13, 2016 6:12 PM
To: Erik Sundberg
Cc: nanog@nanog.org
Subject: Re: ARIN Route Registry Issue

On Aug 13, 2016, at 12:42 PM, Erik Sundberg  wrote:
>
> I am having some issues with ARIN Route Registry email not responding to 
> emails that I am sending.
>
> I sent 3 emails on friday to r...@arin.net<mailto:r...@arin.net> with no 
> response.
>
> Wondering if any one is having the same issue or if anyone from ARIn can 
> chime in. I have opened a ticket with ARIN but its the weekend.


Erik -

  Our apologies - apparently there was an error that had RR email going to
  our HQ email servers (which are no longer present) rather than via smtp
  relay in the public-facing colocation sites.  This has been since fixed, and
  the email queues flushed - i.e. you should have your responses at this time.
  (If this is not the case, please let me know asap.)

Thanks! (and again apologizes for the glitch) /John

John Curran
President and CEO
ARIN




CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

Re: ARIN Route Registry Issue

[Erik Sundberg]

John,

I started to receive emails back from r...@arin.net.

Thanks for looking at this. Good luck with the move.

Erik Sundberg
Sr. Network Engineer
Nitel
1101 West Lake Street,6th Fl
Chicago, IL 60607
Desk: 773-661-5532
Cell: 708-710-7419
NOC 24/7: 866-892-0915
Email: esundb...@nitelusa.com
http://www.nitelusa.com

> On Aug 13, 2016, at 7:13 PM, John Curran  wrote:
>
>> On Aug 13, 2016, at 12:42 PM, Erik Sundberg  wrote:
>>
>> I am having some issues with ARIN Route Registry email not responding to 
>> emails that I am sending.
>>
>> I sent 3 emails on friday to r...@arin.net<mailto:r...@arin.net> with no 
>> response.
>>
>> Wondering if any one is having the same issue or if anyone from ARIn can 
>> chime in. I have opened a ticket with ARIN but its the weekend.
>
>
> Erik -
>
>  Our apologies - apparently there was an error that had RR email going to
>  our HQ email servers (which are no longer present) rather than via smtp
>  relay in the public-facing colocation sites.  This has been since fixed, and
>  the email queues flushed - i.e. you should have your responses at this time.
>  (If this is not the case, please let me know asap.)
>
> Thanks! (and again apologizes for the glitch)
> /John
>
> John Curran
> President and CEO
> ARIN
>



CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

ARIN Route Registry Issue

[Erik Sundberg]

I am having some issues with ARIN Route Registry email not responding to emails 
that I am sending.

I sent 3 emails on friday to r...@arin.net<mailto:r...@arin.net> with no 
response.

Wondering if any one is having the same issue or if anyone from ARIn can chime 
in. I have opened a ticket with ARIN but its the weekend.


Erik Sundberg
Sr. Network Engineer
Nitel
1101 West Lake Street,6th Fl
Chicago, IL 60607
Desk: 773-661-5532
Cell: 708-710-7419
NOC 24/7: 866-892-0915
Email: esundb...@nitelusa.com<mailto:esundb...@nitelusa.com>
http://www.nitelusa.com




CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

RE: Devices with only USB console port - Need a Console Server Solution

[Erik Sundberg]

Digi has something called USB Anywhere.  
http://www.digi.com/products/usb-and-serial-connectivity/usb-over-ip-hubs/anywhereusb

However I would like to limit the amount of equipment we deploy at a pop, the 
majority of our pop's don't have servers... Just Routers, Switches, Console 
Servers, and your other Network Hardware.

The problem with USB is you can only wire a USB 2.0 Cable up to 15' (Per 
Google)  And you have to purchase a cable premade.

Where as with a Serial Console you can go around 100', not to mention about 
just about everyone has a crimper, rj45 ends, and cat5 cable, to run and make 
cables as needed.

Assuming something is broke...With USB let's say you rely on remote hands to do 
a lot of work in the colo's. First they need to find a *Working Laptop*, then 
you have to walk the tech through downloading the drivers and installing them 
on there laptop. Hoping they have permissions to install software on there 
laptops. Plus if it's really broke and you get no output, you will never be 
sure if it's USB related or not. Where as serial it's just going to work, and 
it's easy to test to see if it's working on not by hooking up to anothere 
device.






-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Dovid Bender
Sent: Tuesday, February 02, 2016 8:33 PM
To: Robert Drake ; NANOG ; 
nanog@nanog.org
Subject: Re: Devices with only USB console port - Need a Console Server Solution

Why not use udev rules so the ports are persistent? I did that on a pi that I 
was using as an ice cast box. Based on the usb audio port on reboots I know 
which device is which stream.


Regards,

Dovid

-Original Message-
From: Robert Drake 
Sender: "NANOG" Date: Tue, 2 Feb 2016 20:03:22
To: 
Subject: Re: Devices with only USB console port - Need a Console Server  
Solution


On 2/2/2016 5:02 AM, Bjørn Mork wrote:
>
> No inside pictures :)
>
> Assuming that this is really an USB device, and that the console port is
> really an USB host port, it would be useful to know the USB decriptors
> of the device.  You wouldn't be willing to connect it to a Linux PC and
> run "lsusb -vd", would you?
I'm inconveniently consoled into one via a combination of remote desktop
into windows -- linux console on a virtual machine -- screen
/dev/ttyACM0.   Because of this posting lsusb -vd is taxing.

Linux has full support for the device.  It sees it as cdc_acm.

The vendor id is 0x04e2 (Exar Corp).  Product ID is 0x1410.   I've got
two connected right now.  This is in our lab and the windows box is
temporary.  Our intention is to use a raspberry pi for the terminal server.

I'm obviously not in front of it, but I'm wondering if they can be
enumerated by something other than when they were plugged in. That's my
biggest hurdle for making a console server for them.. how to figure out
what router is connected to which USB port after a reboot, or someone
getting unpluggy with cables.

>
> Bjørn
>

Robert



CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

RE: Devices with only USB console port - Need a Console Server Solution

[Erik Sundberg]

Here are the pictures again.

http://imgur.com/a/w8clL




-Original Message-
From: Bjørn Mork [mailto:bj...@mork.no]
Sent: Tuesday, February 02, 2016 4:16 AM
To: Christopher Morrow 
Cc: Erik Sundberg ; nanog@nanog.org
Subject: Re: Devices with only USB console port - Need a Console Server Solution

Christopher Morrow  writes:

> seems like a total improvement swapping 1 well known, simple cable for 
> 2...
>
> hurray progress?

The USB port is probably cheaper than anything else. And it gives them more 
flexibility.  No need for both an RS232 and Ethernet console port.
The USB port can be both, depending only on driver/application support on the 
router.  And you have other options as well. Wifi console maybe?
Or a direct USB-USB cable (with the necessary logic to appear as a device to 
both ends).

It is also possible to create USB only console servers, if the market wants 
that.  Avoiding two RS232 conversions per console port will save enough 
capacitors to run a Tesla.

Whether these alternatives become available is of course up to Cisco.
You do need the driver and application support on the router.  Time will show 
what they come up with.


Bjørn



CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

RE: Devices with only USB console port - Need a Console Server Solution

[Erik Sundberg]

Just some follow up on this one. I have also posed in the C-NSP list

Yes you do need to have this kit to have serial console, No a normal USB-DB9 
Console adapters do not work.

Here are some pictures of the ASR920 Console kit A920-CONS-KIT-S

The Adapter Plugs in the Top Left USB Console Port and we have it wired up to a 
Perle IOLAN SCS48C console server using a rollover cable.

Here are some pictures of  it, since I can only find a brief mention of it in 
all the cisco docs.

http://imgur.com/a/w8clL


-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Karl Auer
Sent: Monday, December 07, 2015 5:52 PM
To: nanog@nanog.org
Subject: Re: Devices with only USB console port - Need a Console Server Solution

On Mon, 2015-12-07 at 15:23 -0800, Dylan Ambauen wrote:
> Any USB to serial converter will probably do it.

The OP is looking to integrate a device with a console server. "Any converter" 
would be a mistake. You can get these things for two dollars, but you get what 
you pay for.

Maybe seek suggestions here as to converters others have used with success, the 
main criteria for success being robustness, reliability and build quality.

Personally in this situation I would get the approved, vendor supplied, genuine 
part.

Regards, K.

--
~~~
Karl Auer (ka...@biplane.com.au)
http://www.biplane.com.au/kauer
http://twitter.com/kauer389

GPG fingerprint: 3C41 82BE A9E7 99A1 B931 5AE7 7638 0147 2C3C 2AC4 Old 
fingerprint: EC67 61E2 C2F6 EB55 884B E129 072B 0AF0 72AA 9882





CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

RE: Devices with only USB console port - Need a Console Server Solution

[Erik Sundberg]

USB-to-RJ45 adapter available --- Does anyone have the part number? is it 
A920-CONS-KIT-S - Serial Console Kit, USB-to-RJ45 cable

Can anyone confirm this is the right part number

Thanks Everyone



-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Karl Auer
Sent: Monday, December 07, 2015 4:46 PM
To: nanog@nanog.org
Subject: Re: Devices with only USB console port - Need a Console Server Solution

On Mon, 2015-12-07 at 22:15 +, Erik Sundberg wrote:
> We have one of these nice new and fancy Cisco ASR920-24SZ, just
> realized it doesn't have an RJ45 Console port only USB. When we deploy
> devices at our pop we wire the console port to a terminal\console
> server, well that doesn't work for a usb console device.
>
> So what is everyone doing for out of band management via the console
> when it's a usb only device?
> Is there something I am missing?
> Is there a console server for USB?
> Does cisco make an USB to RJ45 Jack adapter?

This seems to have the info you need. Looks like that's a USB serial port, so 
when you plug into it, your laptop grows a new serial port that can be used to 
communicate with the device:

http://www.cisco.com/c/en/us/td/docs/routers/asr920/hardware/installation/guide/ASR920_HIG/hw_installation.html

According to that there is a USB-to-RJ45 adapter available, but not supplied 
with the device.

Regards, K.

--
~~~
Karl Auer (ka...@biplane.com.au)
http://www.biplane.com.au/kauer
http://twitter.com/kauer389

GPG fingerprint: 3C41 82BE A9E7 99A1 B931 5AE7 7638 0147 2C3C 2AC4 Old 
fingerprint: EC67 61E2 C2F6 EB55 884B E129 072B 0AF0 72AA 9882





CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

Devices with only USB console port - Need a Console Server Solution

[Erik Sundberg]

We have one of these nice new and fancy Cisco ASR920-24SZ, just realized it 
doesn't have an RJ45 Console port only USB. When we deploy devices at our pop 
we wire the console port to a terminal\console server, well that doesn't work 
for a usb console device.

So what is everyone doing for out of band management via the console when it's 
a usb only device?
Is there something I am missing?
Is there a console server for USB?
Does cisco make an USB to RJ45 Jack adapter?



CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

Facebook - IP Engineering Contact

[Erik Sundberg]

Can an IP Engineer from facebook please contact me off list.

I have routing issue getting to your mai1 (Miami, FL) pop. Unrelated to the 
issue earlier today.

Erik Sundberg
Sr. Network Engineer
p: 773.661.5532
c: 708.710.7419
866.892.0915 24/7 NOC
1101 W. Lake Street, 6th Floor | Chicago, IL 60607
esundb...@nitelusa.com<mailto:esundb...@nitelusa.com> | 
www.nitelusa.com<http://www.nitelusa.com/>




CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

RE: Ear protection

[Erik Sundberg]

These block out the loud noise but allow you to still talk.

Surefire Sonic Defender EP3, Ep4, EP5, EP7

They all are great!

http://www.amazon.com/Surefire-Sonic-Defender-Plugs-1-Pair/dp/B007FKY8SI/ref=sr_1_8?ie=UTF8&qid=1443029640&sr=8-8&keywords=surefire+ep3+ep4



-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Lamar Owen
Sent: Wednesday, September 23, 2015 11:13 AM
To: NANOG 
Subject: Re: Ear protection

On 09/23/2015 10:09 AM, Keith Stokes wrote:
> Since I’m in our colo facility this morning, I decided to put some numbers on 
> it in my little isolated corner with lots of blowers running.
>
> According to my iPhone SPL meter, average SPL is 81 - 82 dB with peaks 88 - 
> 89 dB.
>
>
With SPL that close to the recommended maximum, the accuracy of the SPL 
measurement is rather critical.  I would not trust my smartphone's mic to have 
sufficient accuracy to protect my hearing unless it is calibrated to a known 
source SPL using pink noise of a particular weight.  The calibration SLM should 
be a 'real' SLM, such as a Bruel & Kjaer Type 2250 or similar with proper 
transducers.  (Yes, I know, a B&K
2250 will set you back nearly $4K, but, just what is your hearing worth?  A 
pair of hearing aids will set you (or your insurance company at least) back $4K 
too).  I used a vintage B&K transducer with a custom-built SLM-rated 
spec-an years ago at a local manufacturer's sound testing lab; the manufacturer 
makes ballasts and luminaires for HID lighting, and measuring ballast noise is 
a big deal.  But reasonably accurate SLM's are available for less than $500 
(some are available for less than $100, but you get what you pay for).

The particular whine of high-speed fans is a known risky noise source, 
particularly white noise, due to the high frequency content (140dB SPL at 45Hz 
is not as harmful as 140dB at 3kHz or 15kHz due to the outer ears' acting as 
waveguide-beyond-cutoff attenuators (and cavity resonators, too, for that 
matter).  Spinning drives are no better, particularly 15k  RPM drives.

If it's at all uncomfortable, wear the earplugs.  You're already having to 
shout to be heard anyway.




CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

IX Peering - BGP Session Filtering Best Practice

[Erik Sundberg]

Just wondering how far everyone is going on filtering BGP sessions when peering 
with other content providers and carriers over an internet exchange.

What are you doing.

1.  Just filtering out IPv4 Reserved Space, RFC 1918, and Default Routes.


2.  AS Path Filtering. Only filtering by the AS's that are present in the 
IRR Record.



3.  Filtering by IP Prefix based on the IRR Record for the Peer. (Yes some 
Prefix Filter list can be a couple thousand lines)



4.  Doing both #3 and 4 listed above.






Besides Peering DB is there any software to help keep track of IX and Peering 
info. So far I have only found IXP-MANGER



CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

RE: NetFlow - path from Routers to Collector

[Erik Sundberg]

Mainly management type traffic over an Out of band Management Network. This way 
during and outage we don't miss any Netflow and SNMP Queries and more 
importantly we can still access the router.

In the past I have also setup a Management VRF, but tend to stay away from 
this. During an outage you end up losing data or visibility while routes 
reconverge.

-Original Message-
From: NANOG [mailto:nanog-bounces+esundberg=nitelusa@nanog.org] On Behalf 
Of James Bensley
Sent: Friday, September 11, 2015 3:35 AM
To: se...@nbnet.nb.ca; nanog@nanog.org
Subject: Re: NetFlow - path from Routers to Collector

On 1 September 2015 at 16:33, Serge Vautour  wrote:
> Hello,
>
> For those than run Internet connected routers, how do you get your NetFlow 
> data from the routers to your collectors? Do you let the flow export traffic 
> use the same links as your customer traffic to route back to central 
> collectors? Or do you send this traffic over private network management type 
> path? If you send this traffic over the "Internet" (within your AS), are you 
> worried about security?
>
> Thanks,
> Serge


Hi Serge,

Not encountered any worries regarding security, typically 
NetFow/ipfix/sFlow/etc is inside a management MPLS VPN so it is segregated from 
customer VPNs through the network.

For the physical transport of the data, collecting the data via your OOB 
network is probably preferred however "it depends".

Do you use NetFlow internally only or offer it as a chargeable service? Do you 
also graph traffic stats via SNMP too? And so on and so forth...

In past experience, NetFlow data was exported over the productive links (the 
links also carrying customer data being measured using
NetFlow) without issue. I recall two occasions a DDoS disrupted the NetFlow 
collecting because the DDoS traversed those links that are being monitored and 
carrying their own NetFlow traffic. However SNMP graphing was via the OOB 
network so we didn't really lose any vital visibility. So we could still see 
from the like 1000% increase in traffic which links along the network were 
being affected. A distress call from the customer being DDoS also helps :)

Another part of the "it depends" puzzle is how much data you are collecting via 
NetFlow? Again in a part experience we were testing collecting everything (as 
much as we could), every single packet header (no payload data though), rather 
than sampling say 1 in 10 packets for example. We only got as far as testing 
this in the lab but one issue it threw up was we could generate several Mbps of 
NetFlow traffic. Some PoPs have ADSL for OOB and wouldn't have been able to 
support that so sites with ADSL or 3G OOB links would need the OOB link 
upgrading, that required additional Capex, cue management budget wrestle, blah 
blah...

Cheers,
James.



CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

RE: Windows 10 Release

[Erik Sundberg]

Does anyone know if Microsoft will be hosting the downloads from there ASN 8075 
or from an CDN Provider like Akamai?



-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Curtis Maurand
Sent: Tuesday, July 28, 2015 6:43 PM
To: Niels Bakker ; nanog@nanog.org
Subject: Re: Windows 10 Release

Microsoft tells me 3.2 GB for win 10 pro 64 bit.

On July 28, 2015 6:04:04 PM EDT, Niels Bakker  wrote:
>* n...@flhsi.com (Nick Olsen) [Tue 28 Jul 2015, 22:46 CEST]:
>>Being a 3-4GB download. Each device is moving more data than any Apple
>
>>update ever did.
>
>I'm not so sure of that.  The 10.9 install image clocked in at 4.9 GB,
>and the Mac App Store for 10.10 Yosemite says "Size: 5.67 GB";
>http://www.microsoft.com/en-us/windows/features says "3GB download
>required" in the small print at the bottom.
>
>
>   -- Niels.

--
Sent from my Android device with K-9 Mail. Please excuse my brevity.



CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

IPv6 Default Allocation - What size allocation are you giving out

[Erik Sundberg]

I am planning out our IPv6 deployment right now and I am trying to figure out 
our default allocation for customer LAN blocks. So what is everyone giving for 
a default LAN allocation for IPv6 Customers.  I guess the idea of handing a 
customer /56 (256 /64s) or  a /48 (65,536 /64s) just makes me cringe at the 
waste. Especially when you know 90% of customers will never have more than 2 or 
3 subnets. As I see it the customer can always ask for more IPv6 Space.

/64
/60
/56
/48

Small Customer?
Medium Customer?
Large Customer?

Thanks

Erik



CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

RE: OSPF Costs Formula that include delay.

[Erik Sundberg]

I understand OSPF default calculation for cost doesn't include delay. I am 
looking for a formula that I can use to manually set the OSPF costs that 
factors in delay.

When using OSPF's default costs, the shortest path is not always the optimal 
path.


Example

New York to Los Angeles. Assuming all links are the same bandwidth and have a 
ospf cost of 1.

Path 1 (75ms) - OSPF Cost 2 - New York > Dallas > Los Angeles

Path 2 (65ms) - OSPF Cost 3 - New York > Chicago > Denver > Los Angeles

If I left the default cost's alone then path 1 would win because it has a lower 
ospf cost, however it take traffic 10ms longer to get there.

However I would like traffic to take Path 2 by adjusting the OSPF cost.


I am looking for a formula that other people are using .p

Thanks

Erik


-Original Message-
From: Randy [mailto:randy_94...@yahoo.com]
Sent: Thursday, January 23, 2014 9:03 PM
To: Erik Sundberg; nanog@nanog.org
Subject: Re: OSPF Costs Formula that include delay.



- Original Message -
> From: Erik Sundberg 
> To: "nanog@nanog.org" 
> Cc:
> Sent: Thursday, January 23, 2014 4:47 PM
> Subject: OSPF Costs Formula that include delay.
>
> What is everyone using for an OSPF cost formula that factors in a
> circuits delay and bandwidth (10M-100G)???
>
> Thanks in advance



umm..are you sure your question is not about EIGRP?
OSPF has no concept of interface-delays.

The default reference bandwidth for OSPF is 100M

In your case if you set your reference bandwidth to 10 your 100G links 
would have a link cost of 1, 10G - 10, 1G-100, 100M-1000 and 10M-1

A vendor specific list would be a better place to ask.


./Randy



CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

OSPF Costs Formula that include delay.

[Erik Sundberg]

What is everyone using for an OSPF cost formula that factors in a circuits 
delay and bandwidth (10M-100G)???

Thanks in advance









CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

Looking for Netflow analysis package

[Erik Sundberg]

Does anyone know of a netflow collector that will do the following.
*Graph/List Destination Networks By Top AS
*Graph/List Destination Networks By Top IP Address
*AS Path Analysis
*Traffic Type (ICMP, TCP, UDP, IPSEC, HTTP, SSH, SMTP, etc..)

We will be using this to help us decide who to Peer with and what transit 
Providers to look at.

I am familiar with Arbor Network's Peak Flow utility but it's a little too 
pricy.
I also found AS-Stats https://neon1.net/as-stats/ look promising from the power 
point on their page.

Thanks
Erik




CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or 
previous e-mail messages attached to it may contain confidential information 
that is legally privileged. If you are not the intended recipient, or a person 
responsible for delivering it to the intended recipient, you are hereby 
notified that any disclosure, copying, distribution or use of any of the 
information contained in or attached to this transmission is STRICTLY 
PROHIBITED. If you have received this transmission in error please notify the 
sender immediately by replying to this e-mail. You must destroy the original 
transmission and its attachments without reading or saving in any manner. Thank 
you.

ATT BGP turnup issue -- FIXED

[Erik Sundberg]

This issue was finally resolved by ATT.. No need to contact me...

Thanks

Erik

ATT AS7018 turnup BGP issue

[Erik Sundberg]

Can someone from ATT with BGP configuration access please contact me
off list, the provisioning group has been having trouble turnup our
BGP session on our 2xOC3 to AS7018 since 12AM and now its 4:30AM.

Erik
[EMAIL PROTECTED]