Re: constant FEC errors juniper mpc10e 400g
Hi.
Looks like normal behavior:
https://supportportal.juniper.net/s/article/PTX-FEC-corrected-errors-increasing-on-link-between-QSFP-100GBASE-SR4-740-058734-and-QSFP-100G-SR4-T2-740-061405?language=en_US
"An incrementing FEC Corrected Errors counter is normal for a link that
is running FEC. It just indicates that the errored bits have been
corrected by FEC. "
"Therefore, the incrementing FEC Corrected Errors counter might only be
indicating an interoperability issue between the optics from .."
---
Fredrik Holmqvist
I2B & BBTA tjänster AB
08-590 90 000
On 2024-04-17 21:36, Aaron Gould wrote:
We recently added MPC10E-15C-MRATE cards to our MX960's to upgrade our
core to 400g. During initial testing of the 400g interface
(400GBASE-FR4), I see constant FEC errors. FEC is new to me. Anyone
know why this is occurring? Shown below, is an interface with no
traffic, but seeing constant FEC errors. This is (2) MX960's cabled
directly, no dwdm or anything between them... just a fiber patch
cable.
{master}
me@mx960> clear interfaces statistics et-7/1/4
{master}
me@mx960> show interfaces et-7/1/4 | grep rror | refresh 2
---(refreshed at 2024-04-17 14:18:53 CDT)---
Link-level type: Ethernet, MTU: 1514, MRU: 1522, Speed: 400Gbps,
BPDU Error: None, Loop Detect PDU Error: None, Loopback: Disabled,
Source filtering: Disabled,
Bit errors 0
Errored blocks 0
Ethernet FEC statistics Errors
FEC Corrected Errors0
FEC Uncorrected Errors 0
FEC Corrected Errors Rate 0
FEC Uncorrected Errors Rate 0
---(refreshed at 2024-04-17 14:18:55 CDT)---
Link-level type: Ethernet, MTU: 1514, MRU: 1522, Speed: 400Gbps,
BPDU Error: None, Loop Detect PDU Error: None, Loopback: Disabled,
Source filtering: Disabled,
Bit errors 0
Errored blocks 0
Ethernet FEC statistics Errors
FEC Corrected Errors 4302
FEC Uncorrected Errors 0
FEC Corrected Errors Rate 8
FEC Uncorrected Errors Rate 0
---(refreshed at 2024-04-17 14:18:57 CDT)---
Link-level type: Ethernet, MTU: 1514, MRU: 1522, Speed: 400Gbps,
BPDU Error: None, Loop Detect PDU Error: None, Loopback: Disabled,
Source filtering: Disabled,
Bit errors 0
Errored blocks 0
Ethernet FEC statistics Errors
FEC Corrected Errors 8796
FEC Uncorrected Errors 0
FEC Corrected Errors Rate 146
FEC Uncorrected Errors Rate 0
---(refreshed at 2024-04-17 14:18:59 CDT)---
Link-level type: Ethernet, MTU: 1514, MRU: 1522, Speed: 400Gbps,
BPDU Error: None, Loop Detect PDU Error: None, Loopback: Disabled,
Source filtering: Disabled,
Bit errors 0
Errored blocks 0
Ethernet FEC statistics Errors
FEC Corrected Errors15582
FEC Uncorrected Errors 0
FEC Corrected Errors Rate 111
FEC Uncorrected Errors Rate 0
---(refreshed at 2024-04-17 14:19:01 CDT)---
Link-level type: Ethernet, MTU: 1514, MRU: 1522, Speed: 400Gbps,
BPDU Error: None, Loop Detect PDU Error: None, Loopback: Disabled,
Source filtering: Disabled,
Bit errors 0
Errored blocks 0
Ethernet FEC statistics Errors
FEC Corrected Errors20342
FEC Uncorrected Errors 0
FEC Corrected Errors Rate 256
FEC Uncorrected Errors Rate 0
{master}
me@mx960> show interfaces et-7/1/4 | grep "put rate"
Input rate : 0 bps (0 pps)
Output rate: 0 bps (0 pps)
{master}
me@mx960> show interfaces et-7/1/4
Physical interface: et-7/1/4, Enabled, Physical link is Up
Interface index: 226, SNMP ifIndex: 800
Link-level type: Ethernet, MTU: 1514, MRU: 1522, Speed: 400Gbps,
BPDU Error: None, Loop Detect PDU Error: None, Loopback: Disabled,
Source filtering: Disabled,
Flow control: Enabled
Pad to minimum frame size: Disabled
Device flags : Present Running
Interface flags: SNMP-Traps Internal: 0x4000
Link flags : None
CoS queues : 8 supported, 8 maximum usable queues
Schedulers : 0
Last flapped : 2024-04-17 13:55:28 CDT (00:36:19 ago)
Input rate : 0 bps (0 pps)
Output rate: 0 bps (0 pps)
Active alarms : None
Active defects : None
PCS statistics Seconds
Bit errors 0
Errored blocks 0
Ethernet FEC Mode : FEC119
Ethernet FEC statistics Errors
FEC Corrected Errors 801787
FEC Uncorrected Errors
Re: Nice work Ron
Hi. Just a question "this one hosted a Web site for a terrorist organization", which terrorist organizations web site did they host ? --- Fredrik Holmqvist On 2021-01-21 20:11, Töma Gavrichenkov wrote: Peace, On Thu, Jan 21, 2021, 9:57 PM Tom Beecher wrote: fraudulent business records are used all over the world for things like this all the time. Calling for a complete audit of LACNIC feels quite extreme absent a pattern of issues, which doesn't seem to have been presented. Listen, here, we basically cherry-picked an arbitrary AS and immediately found a policy violation. Yes, this one hosted a Web site for a terrorist organization, but there are plenty such orgs in the world. This one was just outta luck with this. This is what makes me worry. -- Töma
Re: microducts
Hi. From my own experience i would recommend 7/3.5 mm DB (Direct Burial) ducts from a cabinet to each home, and put in for 100% when doing the digging, the cost for the duct is low, so it's a bad idea to not do it right away. You do not have to leave duct to reach all the way into the customers home, just leave it at the customers premise in the ground (don't forget to add a dust cap so that you do not get in moisture and/or dirt into the duct). We have blown 800 meters of EBFU in a 7/3.5 mm DB duct, so as long as you don't have lots of curves (or atleast not sharp ones and make good duct splices (which is not hard)) then you can go a long distance. How many cabinets you need depends on the cost of subscriber ducts/fiber vs. cabinet cust. We have had cases where we could do 100% uptake with just one cabinet, but it was 25% more expensive that just add another cabinet and put a 14/10 ducts with 96 fiber betweeen them. Another recommendation is to use 14/10 ducts from the CO and between the cabinets. Put in more than one so you can expand or use to go to the next area or CO. Example: CO > Cabinet 1 > Cabinet 2 > Cabinet 3 > Cabinet 4 Each cabinet in this case can have up to 48 subscribers. Start with a 192 fiber (which is available for the 14/10 ducts) between CO and cabinet 1. Go with 144 fiber from cabinet 1 to cabinet 2. Go with 96 fiber from cabinet 2 to cabinet 3. Go with 48 fiber from cabinet 3 to cabinet 4. You can also go with for example a 192 fiber all the way, and if you need to expand, just blow in a new fiber (in another 14/10 duct) between the CO and cabinet 1 and splice them into the rest of the fibers between cabinet 1 and cabinet 2. There is alot of different designs, but it's much cheaper to put in a cable of extra ducts day 1 than to dig up everything to put in another duct later. Here is some prices for reference (from distributors in Sweden, prices may differ and project pricing apply from your manufacturer): DB1 - 7/3.5 0.16 Euro/m DB4 - 7/3.5 0.82 Euro/m DB7 - 7/3.5 1.28 Euro/m DB12 - 7/3.5 2.06 Euro/m DB1 - 14/10 0.33 Euro/m DB2 - 14/10 1.05 Euro/m DB4 - 14/10 1.85 Euro/m DB7 - 14/10 2.94 Euro/m 24x SM Microfiber for 14/10 0.78 Euro/m 48x SM Microfiber for 14/10 1.15 Euro/m 72x SM Microfiber for 14/10 1.49 Euro/m 96x SM Microfiber for 14/10 1.89 Euro/m 144x SM Microfiber for 14/10 2.76 Euro/m 192x SM Microfiber for 14/10 3.56 Euro/m EBFU 2x SM for 7/3.50.166 Euro/m EBFU 4x SM for 7/3.50.194 Euro/m EBFU 8x SM for 7/3.50.353 Euro/m EBFU 12x SM for 7/3.5 0.454 Euro/m In Sweden most providers use this kind of material for their FTTH projects, but small providers to the incumbents. The old way of using 32 or 40 mm ducts is mostly used for long backbone links or where you use bigger fibertrunks (384, 480, 960, 1280 fibers (most often ribbon fiber)). Hope it helps, and if you have any questions, just ask. On 2016-12-29 20:45, Baldur Norddahl wrote: Hi I am planing a new FTTH outside plant deployment. We are going to use microducts but which system is the best? I see many resources describing the options available but few if any will take a stance on which one to choose. Some of the choices are: 1) Ducts with larger fixed tubes for direct burial 12/8 mm. Typically 7 ducts in a larger tube. 2) Ducts with smaller fixed tubes 5/3,5 mm. Typically 24 small tubes with one larger centre tube for backbone. 3) Ducts for direct burial arranged in a stripe side by side instead of in a tube. 12/8 mm ducts. Makes it easier to access the tubes and avoids problems with tubes of different length on the drum. And many more variations. I am planing to deploy in an area with the average distance between houses of 10 meters (actually 20 meters but we can serve both sides of the road from one walkway, so that makes it 10 meters average). I want to support a low level of initial uptake of just 10%. The problem is that most sources assume that I am planing for anything between 100% and 50%. I do expect that we will get more customers than just 10%, but the solution might become too expensive, if I have to pay all costs upfront years before I have any hope of that many customers. Some people say just put a lot of plastic down because it is so cheap. But it really isn't. I need to put down the correct amount of tubes because tubes are everything but cheap. I also need a system that is easy and quick to work with because labour is very expensive (but also very skilled) around here. I would appreciate any pointers to articles about this subject. Regards, Baldur -- Fredrik Holmqvist I2B (Internet 2 Business) 070-740 5033
Re: Google contact needed to help resolve captcha issue
Hi. It's as useful as banging your head to the wall. All you get is the same information as you get from the captcha page. No help at all. No way to get the issue resolved. On 2016-11-04 08:37, Alexander Maassen wrote: Tried n...@google.com? Kind regards, Alexander Maassen - Technical Maintenance Engineer Parkstad Support BV - Maintainer DroneBL - Peplink Certified Engineer Oorspronkelijk bericht Van: Fredrik Holmqvist / I2B <fred...@i2b.se> Datum: 03-11-16 15:25 (GMT+01:00) Aan: nanog@nanog.org Onderwerp: Google contact needed to help resolve captcha issue Hi. We have a customer who have their /32 IPv6 block captcha blocked, and also their /19 IPv4 have been blocked with captchas. The big issue is that it doesn't help to solve the captchas, there is a new one directly after and solving it gives a new one and so it goes on till you move to Bing do do searches. Even parts of their netblocks that arn't in use are blocked, and have been for 3 weeks now. We have tried to contact google, but no one gets back. There is no useful information on how to solve the issue either. Would be great to have a tool like SPAMhaus or other RBLs, where you as a ISP can see the offending IPs and take care of the problem (if there is one). -- Fredrik Holmqvist I2B (Internet 2 Business) +46-70-740 5033 -- Fredrik Holmqvist I2B (Internet 2 Business) 070-740 5033
Google contact needed to help resolve captcha issue
Hi. We have a customer who have their /32 IPv6 block captcha blocked, and also their /19 IPv4 have been blocked with captchas. The big issue is that it doesn't help to solve the captchas, there is a new one directly after and solving it gives a new one and so it goes on till you move to Bing do do searches. Even parts of their netblocks that arn't in use are blocked, and have been for 3 weeks now. We have tried to contact google, but no one gets back. There is no useful information on how to solve the issue either. Would be great to have a tool like SPAMhaus or other RBLs, where you as a ISP can see the offending IPs and take care of the problem (if there is one). -- Fredrik Holmqvist I2B (Internet 2 Business) +46-70-740 5033
Re: Micro Trenching for Fiber Optic Deployment
Hi. You are thinking to small, you need to have space for the future: http://www.youtube.com/watch?v=10BKCsVxuIM Seriously, go with a vibrator plow or a chain trencher: Maybe a little small for a 10 km run: http://ditchwitch.com/trenchers-plows/walk-behind-vibratory-plow/410sx-vibratory-plow/ This should be good: http://ditchwitch.com/trenchers-plows/ride-on/RT45-trencher/ On 2013-02-11 18:06, james jones wrote: In New Zealand we used a tool behind a tractor that was normally used for laying PVC pipe. So if you were using an armored cable you might be able to get with doing something similar. Here is a video. Note the exact method but you can get the idea. http://www.youtube.com/watch?v=AI0vfIIgJBM On Mon, Feb 11, 2013 at 1:34 PM, david peahi davidpe...@gmail.com wrote: Does anyone have experience in running fiber optic cable with micro-trenching techniques in areas where there is no existing asphalt or concrete roadway, just packed earth and rock? Environmental limitations do not allow for constructing an aerial power pole alignment, or underground ductbank. The distance is about 10 kM. David -- Fredrik Holmqvist I2B (Internet 2 Business) 070-740 5033
Re: DDoS Attacks Cause of Game Servers
Hi. The IPs you see is the exploited gameservers, so just contact them, and send them the link below. There is a workaround for it: http://rankgamehosting.ru/index.php?showtopic=1320 We have had problem with this in the past. Usually we get abuse complaints from the admin of the game server(s) claiming one of our customers is DDoSing them, when in fact their servers are used to DDoS our customer(s). After explaining how the DDoS works and sending them the link above, they fix the problem on their side. We have also tried to send abuse messages to the ISPs of the exploited servers, and can't say that we are pleased with the response, the small ISPs responded and took care of the issue (talked with their customers), most big ones didn't even send a ACK back. When this attack type was used (1+ year ago) we had aprox 3.5 Gbit coming from the gameservers. On 2013-01-31 07:02, Stephane Bortzmeyer wrote: On Thu, Jan 31, 2013 at 11:23:11AM +0330, Shahab Vahabzadeh sh.vahabza...@gmail.com wrote a message of 55 lines which said: Those ip addresses I send were only sample, its 5 page :D and not only those addresses. Because the attacker attacks when they have a new opponent. They DoS it long enough to win a race, then start a new fight in the game. And you are looking to target 128.141.X.Y its mine and I change it because of mailing list, maybe attackers are here. You must check the sources not destination. What Jeroen said is that source IP addresses are spoofed (which is common with UDP-based protocols such as the DNS). They are the victim's addresses, not the attacker's. -- Fredrik Holmqvist I2B (Internet 2 Business) 070-740 5033
Re: UDP port 80 DDoS attack
Hi. We had a customer that was attacked by the same game server feature. We received aprox 10 Gbit of traffic against the customer. The attacker sends spoofed packets to the game server with the target IP as source, the gameserver sends replies back via UDP to the target host. The attacker sends a couple of hundred packets per second and thus generating a 10 Mbit UDP flood. There is fixes/workarounds for the game servers, just a matter of the admin taking care of it. See: http://rankgamehosting.ru/index.php?showtopic=1320 The attacking IPs aren't spoofed, so just compile a list and send e-mails to each provider. We had 1000+ IPs gathered and sent 100+ abuse e-mails, only received reply from less than 20%. Sad that people care so little about mitigating DDoS/UDP/ICMP floods. On Sun, 5 Feb 2012 18:36:13 -0500, Ray Gasnick III rgasn...@milestechnologies.com wrote: We just saw a huge flux of traffic occur this morning that spiked one of our upstream ISPs gear and killed the layer 2 link on another becuase of a DDoS attack on UDP port 80. Wireshark shows this appears to be from a compromised game server (call of duty) with source IPs in a variety of different prefixes. Only solution thus far was to dump the victim IP address in our block into the BGP Black hole community with one of our 2 providers and completely stop advertising to the other. Anybody see this recently and have any tips on mitigation, reply on or off list. Thank You, Ray Gasnick III CISSP, Technology Specialist: Network Security Infrastructure Miles Technologies www.milestechnologies.comhttp://www.milestechnologies.com/ Phone: (856) 439-0999 x127 Direct: (856) 793-3821 How am I doing? Email my manager at itmana...@milestechnologies.commailto:itmana...@milestechnologies.com Computer Networking – IT Support – Business Software – Website Design – Online Marketing PR -- Fredrik Holmqvist I2B (Internet 2 Business) 070-740 5033
Re: Cogent HE
On Wed, 8 Jun 2011 14:43:23 -0500, Dennis Burgess dmburg...@linktechs.net wrote: Just noted that cogent does not have a IPv6 route to any subnet in HE, and HE does not have any routes to Cogent! Looks like we have different Global IPv6 tables? Or does Cogent just NOT peer IPv6 peer with anyone else! Dennis Hi. There is some difference in prefix count between the two: AS6939 6074 AS174 4787 These are prefixes announced to transitcustomer of both HE and Cogent. -- Fredrik Holmqvist I2B (Internet 2 Business) 070-740 5033
