We had some Meinberg's which did something similar but different some
time ago. NTP was out of sync with GPS. We had a CheckMk instance
which detected drift between sources in our network. Turns out there
was one or more configs in the Meinberg that enable failover from one
source to
scapy?
On 2024-02-23 10:33, Brandon Martin wrote:
Before I go to the trouble of making one myself, does anybody happen
to know of a pre-canned program to generate realistic and scalable
amounts of broadcast/broad-multicast network background "chatter" seen
on typical consumer and business
.
*From: *"Raymond Burkholder"
*To: *nanog@nanog.org
*Sent: *Monday, March 20, 2023 10:16:37 AM
*Subject: *Re: Cisco Nexus Odd sFlow Implementation
On 3/20/23 08:55, Mike Hammett wrote:
Cisco is sending the in and out packets in their sFlow
impl
packets transiting is double, but
I generally have specific reports for specific traffic patterns I focus
on anyway.
Raymond Burkholder
One Unified Net Limited
-
Mike Hammett
Intelligent Computing Solutions <http://www.ics-il.com/>
<https://www.facebook.com/ICSIL><https://
On 1/22/23 21:54, Tom Beecher wrote:
Yes re: Iridium. Contrary to what the Chief Huckster may say, inter-sat
comms are not some revolutionary thing that he invented.
It’s also not likely to function anything like they show in marketing
promos, with data magically zipping around the
On 1/22/23 16:05, Matthew Petach wrote:
On Sun, Jan 22, 2023 at 2:45 PM Michael Thomas wrote:
I read in the Economist that the gen of starlink satellites will have
the ability to route messages between each satellite. Would
conventional
routing protocols be up to such a
On 2022-10-10 09:39, Jay Hennigan wrote:
On 10/10/22 07:58, Edvinas Kairys wrote:
We're considering to buy some Cisco boxes - NCS-55A1-24H. That box
has 24x100G, but only 2.2mln route (FIB) memory entries. In a near
future it will be not enough - so we're thinking to deny all /24s to
save the
On 2022-06-14 09:46, Saku Ytti wrote:
These EOLd are HMC devices, Micron EOLd HMC back in 2018, no one else
made them.
MX304 is a very different device than MX80, MX104, MX204. Previously
these were single chip very BOM optimised devices. MX304 has YT on
each card, which also means half of the
On 2022-06-09 17:35, Michael Thomas wrote:
On 6/9/22 4:31 PM, Mel Beckman wrote:
Adam,
Your point on asymmetrical technologies is excellent. But you may not
be aware that residential optical fiber is also asymmetrical. For
example, GPON, the latest ITU specified PON standard, and the
On 2022-05-24 16:22, John Curran wrote:
On 24 May 2022, at 4:39 PM, niels=na...@bakker.net wrote:
* nanog@nanog.org (Laura Smith via NANOG) [Tue 24 May 2022, 22:22 CEST]:
Its 2022. Do we really still need a consultation on why mandatory 2FA is a good
thing ? Even more so for something like
On 2022-03-08 2:58 p.m., Michael Thomas wrote:
Hi, I was reading an article on why Russia hasn't taken out Ukraine's
mobile networks and one of the premises was that they could use it to
eavesdrop on calls. Depending on how old their infrastructure is, that
doesn't make sense as I would
On 1/15/22 10:22 AM, Colton Conor wrote:
True, but in general MPLS is more costly. It's available on limited
devices, from limited vendors. Infact, many of these vendors, like
Extreme, charge you if you want to enable MPLS features on a box.
And in this discussion group, when MPLS is mentioned,
On 12/10/21 6:42 AM, Tom Daly wrote:
Reaching out for help - having troubles with email delivery into O365
inboxes. Have done the requisite PTRs, SPF+DKIM work, domain
reputation, RBL checks, etc.
For some reason, this one is vexxing me. Anyone from Microsoft on the
list that could lend a
optimization on top of
faucet/openvswitch/openflow to calculate best paths based upon
bandwidth, paths, and fill-factors. There is a presentation where
Google uses that technique to obtain high utilization on their links
(not necessarily those tools though).
Raymond Burkholder
On 6/1/21 11:33 AM, Mike Hammett wrote:
99% of the end-users I know can't tell the difference in any amount of
speed above 5 megs. It then just either works or doesn't work.
And that might be the crux: 'just make it work'.
On 5/31/21 7:14 PM, Mike Hammett wrote:
Yes, WFH (or e-learning) is much more likely to have simultaneous uses.
Yes, I agree that 3 megs is getting thin for three video streams. Not
impossible, but definitely a lot more hairy. So then what about moving
the upload definition to 5 megs? 10
On 5/30/21 8:32 PM, Valdis Klētnieks wrote:
On Sun, 30 May 2021 15:56:52 -0500, Blake Dunlap said:
The co op electric serving my families house in bfe tn that doesn't have
either sewer or cable managed to run hard fiber for dirt cheap to all their
subscribers. Its clear from that the problem
On 4/7/21 9:16 AM, Charles N Wyble wrote:> Does anyone have a
recommendation for a self-hosted, on premise,
> platform as a service layer for k8s (specifically k3s)?
FWIW:
Maybe you don't need kubernetes:
https://endler.dev/2019/maybe-you-dont-need-kubernetes/
Manually install a single node
the ProxMox abstraction and run the LXC
commands and IP commands directly.
Raymond Burkholder
blog: https://blog.raymond.burkholder.net
On 2020-10-20 22:37, Philip Loenneker wrote:
Take a look at the Mellanox ConnectX 5 series of cards. They handle DPDK,
PVRDMA (basically SR-IOV that allows live migration between hosts), and can
even process packets within the NIC for some models. They did a fantastic
presentation at AusNOG
On 2020-04-23 7:31 p.m., Michael Thomas wrote:
On 4/23/20 6:20 PM, William Herrin wrote:
On Thu, Apr 23, 2020 at 4:57 PM Michael Thomas wrote:
Passwords over the wire are the *key* problem of computer security.
Nothing else even comes close. One only needs to look at the LinkedIn
salting
On 2020-02-23 5:26 a.m., Dmitry Sherman wrote:
Hello,
Anybody working with Quagga for production peering with multiple peers
and dynamic eBGP/iBGP announcement?
Free Range Routing (FRR) forked Quagga a few years back. I would say it
is the new Quagga.
But either flavour handles multiple
On 2019-09-02 8:07 p.m., Brandon Martin wrote:
On 9/2/19 6:04 PM, Mark Tinka wrote:
Like how about 8-16*100GE single Trio PCI card with no-questions
asked, specification released, would there be a market? I like to
think there would be.
Oh my gosh this. Especially if the docs are truly
Expanding further, there are those that use ansible for network
management. But I don't think it does well in scaling out for
functionality. I have used saltstack for network config and server
builds, as it becomes the source of truth for the infrastructure,
allowing for consistent upgrades
On 2018-12-29 7:51 a.m., Matthew Huff wrote:
We have two stratum-1 servers synced with GPS and a PTP feed from a provider
that also provides PTP to market data systems, but we still have to monitor
drift between system time and NIST time. Don't ask for the logic behind it,
it's a regulation,
On 2018-12-15 11:32 a.m., Colton Conor wrote:
The problem I am trying to solve is to accurately be able to tell a
customer if their home internet connection was up or down. Example,
customer calls in and says my internet was down for 2 minutes
yesterday. We need to be able to verify that
On 07/15/2018 10:56 AM, Denys Fedoryshchenko wrote:
On 2018-07-15 19:00, Raymond Burkholder wrote:
On 07/15/2018 09:03 AM, Denys Fedoryshchenko wrote:
On 2018-07-14 22:05, Baldur Norddahl wrote:
About OVS, i didnt looked much at it, as i thought it is not suitable
for BNG purposes,
like
with a fourth on the way. 1) native kernel, 2) hardware
offload via TC (SwitchDev), 3) DPDK, 4) eBPF.
Linux tap device has very high overhead, it suits no more than working
as some hotspot gateway for 100s of users.
As does the 'veth' construct.
--
Raymond Burkholder
r...@oneunified.net
https
to write about, but those writings would depend up on
what you already have in place, what you would like to put in place, and
how you wish to segment your network.
Hope this helps.
Baldur
--
Raymond Burkholder
r...@oneunified.net
https://blog.raymond.burkholder.net
want to make sure I am not over
looking
any other options before I dive in. Any thoughts or suggestions?
-James
--
Raymond Burkholder
r...@oneunified.net
https://blog.raymond.burkholder.net
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed
atform / code train in that function?
or across many functions?
--
Raymond Burkholder
r...@oneunified.net
https://blog.raymond.burkholder.net
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
nism to drive the hardware (both
switch and network cards) from the OS, without a pre-compiled
proprietary SDK blob (black box).
http://www.mellanox.com/related-docs/prod_switch_software/PB_Spectrum_Linux_Switch.pdf
Disclaimer: I not affiliated with Mellanox, only a customer.
--
Raym
syntax for permanence.
https://blog.raymond.burkholder.net/
Raymond Burkholder
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
ev.txt
https://blog.raymond.burkholder.net/
Raymond Burkholder.
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
Hello,
A number of people have been suggesting Lanner boxes for routing. I have
used FW-7543A and FW-7573A boxes with Debian with no issues.
I am currently trying the NCA-5510 model with NCS2-IGM806B (XL710) and
NCS2-IXM407A (I350) cards with a standard Debian Stretch installation.
I was
into install
mode with dnsmasq providing deb-install preseed build files. On the
auto reboot after o/s install, I finish up with consistent, documented
builds with SaltStack. This provides the necessary customized
switching, routing, security, and monitoring.
Raymond Burkholder
https
.
https://roammobility.ca/ This one is different, this is a one-time use SIM.
What can you advice?
Thank you!
--
Raymond Burkholder
https://blog.raymond.burkholder.net/
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
Mike Hammett
Intelligent Computing Solutions
http://www.ics-il.com
--
Raymond Burkholder
https://blog.raymond.burkholder.net/
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
ement, orchestrating
upgrades/migrations/repairs, telemetry/monitoring, alarm management … and
orchestrating all the bits and pieces to minimise ‘touch’ as network elements
are changed.
Raymond Burkholder
https://blog.raymond.burkholder.net
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
our prod deployment we leverage 'push on green' and gating to push
> package changes to prod devices.
Which can be orchestrated.
>
> Thanks
Raymond Burkholder
https://blog.raymond.burkholder.net
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
> We are currently planning to upgrade our monitoring system (Opsview) due
> to scalability issues and I was wondering what do you recommend for
> monitoring
> 5000 hosts and 35000 services. We would like to use a monitoring system that
Another consideration is check_mk. We use it in our shop.
Hi All, I have a requirement to plot a usage graph per subnet. As an
example.
I have a 192.168.1.0/24 subnet divided among 32 customers where each
one will get a /29 [ 192.168.1.0/29 = Customer A ; 192.168.1.8/29
= Customer B etc... ] ...
Is there any tool to graph the usage of
But there's no overstating the usefulness of a properly-tuned IPS for
attack prevention
I've never heard a plausible anecdote, much less seen meaningful
statistics,
of these devices actually 'preventing' anything.
I think it depends upon where you put them, and whether or not you have
What's the collective opinion here? Is anyone using them or a similar service?
Are there non-cloud-based alternatives that are relatively easy to set up and
manage? We've explored Zabbix, Nagios, MRTG and its various wrappers,
and Intermapper. Anything else new on the horizon that has a GUI
Some networks I have worked with took the average latency of each link and
assigned that (with some constant multiple) as the interface cost.
Of course this all fails miserably if you are using anything like MPLS
underneath your OSPF.
But then when using MPLS underneath, then MPLS
Vyatta and now VyOS are important projects for networking. We really need
to get away from locked down non-free hardware and software for critical
infrastructure.
It's natural that most of the people in this community (myself included)
will be fans of companies like Cisco and Juniper and
There is simply no good reason not to include default route in the
configuration for DHCPv6, and it's long overdue.
As I've said before, if we're going to bother doing it, we should just
include
RIO options, but otherwise, I agree with you.
Are DHCPv6 and/or NDP extendible for other
My real world experience with these is that they suck. Plain and simple.
Don't waste your time.
Would you mind elaborating what you were trying to accomplish and what
failed?
Thank you.
Ray
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to
I am unsure what we as networkers have done in the past, but I am sure
we've done our fair share of atonement and don't have to keep using
RANCID.
Some people in this thread have been mentioning config generators. There is
/ was something called netomata. A web search brings up various
Of those who have used Quagga or Bird, or anything else,
would either of them be appropriate and/or well suited for
use as an iBGP blackhole route server?
To expand the opinion set, how do Quagga, Bird, exaBGP, OpenBGPd hold up for
handling Multi-Protocol BGP Route Reflector duties in a
can anybody recommend a piece of software, that could graph a live
network scanning it via snmp.
requirements are:
1. must produce a text output suitable for postproduction. graphviz is
an ideal, xml - acceptable.
2. must use no external database i.e. have text config file. clean text
Does anyone know of a off-the-self product that provides looking glass
functionality for a network ?
RANCID at shrubbery.net has a looking glass script.
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
I love how this story was published AFTER MSFT purchased them ;-)
http://plug2play.blogspot.com/2010/12/skypes-biggest-secret-revealed.html
reverse engineering hack was reported back in mid December.
On Jun 7, 2011, at 9:40 AM, Randy Bush wrote:
http://heartbeat.skype.com/
Can anyone suggest any open source DPI (deep packet inspection)
projects?
I'll recommend Bro-IDS (http://www.bro-ids.org/) as it's what I spend my
days working on. It's essentially a programming language for long term
network traffic monitoring which is focused on doing deep decoding of
54 matches
Mail list logo