RE: Route Reflector Client Design Question
Hello, In order to accept only the default route, I assume that you want to have internet access to the ASR920 inside a vrf. ?!? If this is the case, your consideration of the default route and the TCAM size is correct. But, if there is internet traffic between the PE2-PE3 in the same vrf , then I think that its ok to leak more specific prefixes from PE2 to PE3 (by using specific Route Targets) from the CORE1 & CORE2 (RR). Unless there is something that I miss, option #2, is more favorable. Michalis Bersimis -Original Message- From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Erik Sundberg Sent: Friday, May 04, 2018 9:02 AM To: NANOG Subject: Route Reflector Client Design Question I have a RR Client design question.. CORE1---2x10G---CORE2 | | | | |10G Ring | | | | | | PE1--PE2--PE3--PE4--PE5 -Core1 & Core2 are RR Reflectors with full IPV4 Tables (ASR9K) -MPLS LDP Enabled -IGP is ISIS -Each PE peers only with Core1 and Core2 as RR Clients with iBGP -PE's are only receiving a default route from the Core Routers due to TCAM size of 20K (ASR920's\ME3800's) -The ring does not have that much traffic on it <500m, so I do not want to use additional 10G ports on the Core's and is why I have it in a 10G U ring. -Primary link to the cores is via the PE1 --- CORE1 Like. For this discussion the link between PE5 to CORE2 is set up as a backup link. The scenario is I have traffic between PE2 and PE3. Since the PE's are only receiving a default route from the Cores. Traffic is label switch from PE2 - PE1 - Core1 does a IP lookup at Ingress then label switches back to PE1-PE2-PE3. This ends up being 5 hops and doubling the traffic on the link to the Cores. My questions is how do I get traffic to go directly between the PE's without going to the Core Routers? 1. Can I enable iBGP between the PE's in a full mesh to allow traffic between the PE's without going to the core's. Or does this break the Route Reflector model? 2. Create a route policy on the Core's advertising routes learned from the PE's back to all the PE's on the ring. 3. Is this one of the down sides to U Rings? 4. Leave it alone and move on to bigger and better things Thanks Erik CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or previous e-mail messages attached to it may contain confidential information that is legally privileged. If you are not the intended recipient, or a person responsible for delivering it to the intended recipient, you are hereby notified that any disclosure, copying, distribution or use of any of the information contained in or attached to this transmission is STRICTLY PROHIBITED. If you have received this transmission in error please notify the sender immediately by replying to this e-mail. You must destroy the original transmission and its attachments without reading or saving in any manner. Thank you.
RE: isp/cdn caching
I think that Cloudflare has a caching solution, but I think they have strict requirements towards the isp in order to install them on their premises. Best Regards, Michalis Bersimis -Original Message- From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Aaron Gould Sent: Thursday, September 28, 2017 6:25 PM To: Nanog@nanog.org Subject: isp/cdn caching Hi, I've been aware of a few caching providers for a few years now, but I'm learning of others as time goes on. which makes me curious if there are more springing up and gaining popularity. I'm speaking of ISP-type caching whereas the cache provider sends hardware servers and perhaps a switch to the local ISP to install locally in their network. Can someone please send a simple list of what they know is the current players in this ISP Caching space? I'll list the ones I know about and you please let me know of others. This seems to be an evolving/growing thing and I'm curious of where we are today for significant providers and possibly up-and-coming ones that I should know about. (amazon prime has my wondering also.) Google (GGC) Netflix (OCA) Akamai (AANP) Facebook (FNA) Apple (I heard this isn't isp-located like the others, but unsure) ? others ? ? others ? ? others ? -Aaron Gould
RE: Cisco NCS5501 as a P Router
Ι would be interested to use NCS5501 as a core or aggregation P router to aggregate smaller PE routers. Its low cost (compared to ASR9K) and the small features that one can need in order to run a P router it makes the platform attractive. I would like to hear other use case (eg. Internet peering routers) Best Regards, Michalis Bersimis -Original Message- From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Erik Sundberg Sent: Thursday, May 18, 2017 4:22 PM To: nanog@nanog.org Subject: Cisco NCS5501 as a P Router **This message triggered one or more security rules. Proceed with caution** We're at the growing point where we need a dedicated P router for a core device. We are taking a serious look at the NCS5501. Is there anyone else using a NCS5501 as P Router or just general feedback on the NCS5501 if you are using it? The big downside is it's only has a single processor I Can't justify a ASR9K or NCS5500 Chassis yet. CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or previous e-mail messages attached to it may contain confidential information that is legally privileged. If you are not the intended recipient, or a person responsible for delivering it to the intended recipient, you are hereby notified that any disclosure, copying, distribution or use of any of the information contained in or attached to this transmission is STRICTLY PROHIBITED. If you have received this transmission in error please notify the sender immediately by replying to this e-mail. You must destroy the original transmission and its attachments without reading or saving in any manner. Thank you.
RE: PlayStationNetwork blocking of CGNAT public addresses
Another aspect, for those users that need to go the PSN network but experience issues via the CGNAT, an opt-out solution (giving them public IPv4) may should mitigate the problem, that PSN network does not support IPv6. After all what percentage of your total subscribers that uses PSN and are gamers 2-3% ? Which might be relatively small amount to give public IPv4. Michalis -Original Message- From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Roland Dobbins Sent: Friday, September 16, 2016 4:32 PM To: nanog@nanog.org Subject: Re: PlayStationNetwork blocking of CGNAT public addresses On 16 Sep 2016, at 20:12, Simon Lockhart wrote: > Has anyone else come up against the problem, and/or have any > suggestions on how best to resolve it? I'm pretty sure that at least part of it has to do with DDoS-related activity. The best bet is to try and identify and engage with the relevant operational personnel with clue. Going the customer-service route isn't fruitful, as you indicate. Another aspect is ensuring that one has the ability to detect, classify, traceback, and mitigate outbound badness southbound of the CGN. This sort of thing has always been a problem with NAT; as CGN becomes more prevalent on wireline broadband networks, it's only going to get worse. AFAIK, PSN doesn't support IPv6. That would be another topic of discussion with the operational folks. --- Roland Dobbins