North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
NANOG Digest, Vol 31, Issue 33
- From: nanog-request
- Date: Thu Aug 12 16:43:06 2010
Send NANOG mailing list submissions to
nanog@nanog.org
To subscribe or unsubscribe via the World Wide Web, visit
https://mailman.nanog.org/mailman/listinfo/nanog
or, via email, send a message with subject or body 'help' to
nanog-request@nanog.org
You can reach the person managing the list at
nanog-owner@nanog.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of NANOG digest..."
Today's Topics:
1. Re: Policy Based Routing advice (Rogelio)
2. Re: Policy Based Routing advice (Andrey Khomyakov)
3. Springnet Underground (Justin Shore)
4. Re: Policy Based Routing advice (Jeffrey Pazahanick)
5. Two /8s allocated to APNIC from IANA (49/8 and 101/8)]
(Leslie Nobile)
6. Re: Policy Based Routing advice (Rogelio)
7. Re: Two /8s allocated to APNIC from IANA (49/8 and 101/8)]
(Mikel Jimenez Fernandez)
8. Re: Cost of transit and options in APAC (Patrick W. Gilmore)
9. Re: Cost of transit and options in APAC (Benson Schliesser)
----------------------------------------------------------------------
Message: 1
Date: Thu, 12 Aug 2010 15:25:58 -0400
From: Rogelio <rgamino@gmail.com>
Subject: Re: Policy Based Routing advice
To: Andrey Khomyakov <khomyakov.andrey@gmail.com>
Cc: Nanog <nanog@nanog.org>
Message-ID: <3406A5B0-5D33-43AE-888E-271BE94D619A@gmail.com>
Content-Type: text/plain; charset=us-ascii
Have you tried "set interface" instead of "set ip"?
Sent from my iPhone
On Aug 12, 2010, at 3:13 PM, Andrey Khomyakov <khomyakov.andrey@gmail.com> wrote:
> I did try an extended ACL and had the same result.
> The way I know that it's not working is that I see these packets arriving on
> a wrong interface on the firewall and therefor being dropped.
> I actually had to open a CR with Cisco and they verified the config and said
> nothing is wrong with it. They are escalating and will hopefully get back to
> me about this.
>
> Andrey
------------------------------
Message: 2
Date: Thu, 12 Aug 2010 15:33:01 -0400
From: Andrey Khomyakov <khomyakov.andrey@gmail.com>
Subject: Re: Policy Based Routing advice
To: Nanog <nanog@nanog.org>
Message-ID:
<AANLkTinsEtPCdxx0Cq08b4RVsrFa3CjVs6cjEuTWYQ38@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
I dont' think this will work. Here is the formal description of "set
interface" from cisco.com:
This action specifies that the packet is forwarded out of the local
interface. The interface must be a Layer 3 interface (no switchports), and
the destination address in the packet must lie within the IP network
assigned to that interface. If the destination address for the packet does
not lie within that network, the packet is dropped.
Since in my case the packets are destined to random addresses on the webz,
my understanding that this will effectively be a drop statement for them.
But, no, I have not tried it.
On Thu, Aug 12, 2010 at 3:25 PM, Rogelio <rgamino@gmail.com> wrote:
> Have you tried "set interface" instead of "set ip"?
>
>
> Sent from my iPhone
>
> On Aug 12, 2010, at 3:13 PM, Andrey Khomyakov <khomyakov.andrey@gmail.com>
> wrote:
>
> > I did try an extended ACL and had the same result.
> > The way I know that it's not working is that I see these packets arriving
> on
> > a wrong interface on the firewall and therefor being dropped.
> > I actually had to open a CR with Cisco and they verified the config and
> said
> > nothing is wrong with it. They are escalating and will hopefully get back
> to
> > me about this.
> >
> > Andrey
>
--
Andrey Khomyakov
[khomyakov.andrey@gmail.com]
------------------------------
Message: 3
Date: Thu, 12 Aug 2010 14:43:43 -0500
From: Justin Shore <justin@justinshore.com>
Subject: Springnet Underground
To: nanog@nanog.org
Message-ID: <4C644EEF.1020302@justinshore.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Does anyone have any experience with the Springnet Underground in
Springfield, MO?
In case people don't know it's a working limestone mine. In the areas
that have already been mined close to the entrance, they've sold or
rented out space between the rock pillars that hold up the mine roof.
The city of Springfield put in a data center and started selling
services out of it that complimented their city-wide fiber plant.
They've been suggested as a site for hosting a cabinet full of gear.
I'm wondering what the connectivity options are for that facility and so
far haven't been able to get a straight answer from anyone. For the
most part it looks like the SprintNet folks want to sell you their own
upstream which won't cut it for our needs. AT&T serves the area of
course but I will not have them as my last mile (or any mile for that
matter). Does L3 or any other large carrier have facilities there?
Does anyone have any experience with the facility in general?
Thanks
Justin
------------------------------
Message: 4
Date: Thu, 12 Aug 2010 14:44:04 -0500
From: Jeffrey Pazahanick <jeffpaz@gmail.com>
Subject: Re: Policy Based Routing advice
To: Andrey Khomyakov <khomyakov.andrey@gmail.com>
Cc: Nanog <nanog@nanog.org>
Message-ID:
<AANLkTik0YFG0Nty7CnBB=BNzHShMqOuDL2CfWaX=nd_N@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
A 'debug ip policy' should show if it's hitting or not...
IP: s=30.0.0.1 (Ethernet0/0/1), d=40.0.0.7, len 100,FIB flow policy match
IP: s=30.0.0.1 (Ethernet0/0/1), d=40.0.0.7, len 100,FIB PR flow accelerated!
IP: s=30.0.0.1 (Ethernet0/0/1), d=40.0.0.7, g=10.0.0.8, len 100, FIB
policy routed
On Thu, Aug 12, 2010 at 2:33 PM, Andrey Khomyakov <
khomyakov.andrey@gmail.com> wrote:
> I dont' think this will work. Here is the formal description of "set
> interface" from cisco.com:
>
> This action specifies that the packet is forwarded out of the local
> interface. The interface must be a Layer 3 interface (no switchports), and
> the destination address in the packet must lie within the IP network
> assigned to that interface. If the destination address for the packet does
> not lie within that network, the packet is dropped.
>
>
> Since in my case the packets are destined to random addresses on the webz,
> my understanding that this will effectively be a drop statement for them.
>
> But, no, I have not tried it.
>
> On Thu, Aug 12, 2010 at 3:25 PM, Rogelio <rgamino@gmail.com> wrote:
>
> > Have you tried "set interface" instead of "set ip"?
> >
> >
> > Sent from my iPhone
> >
> > On Aug 12, 2010, at 3:13 PM, Andrey Khomyakov <
> khomyakov.andrey@gmail.com>
> > wrote:
> >
> > > I did try an extended ACL and had the same result.
> > > The way I know that it's not working is that I see these packets
> arriving
> > on
> > > a wrong interface on the firewall and therefor being dropped.
> > > I actually had to open a CR with Cisco and they verified the config and
> > said
> > > nothing is wrong with it. They are escalating and will hopefully get
> back
> > to
> > > me about this.
> > >
> > > Andrey
> >
>
>
>
> --
> Andrey Khomyakov
> [khomyakov.andrey@gmail.com]
>
------------------------------
Message: 5
Date: Thu, 12 Aug 2010 15:51:17 -0400
From: Leslie Nobile <leslien@arin.net>
Subject: Two /8s allocated to APNIC from IANA (49/8 and 101/8)]
To: "nanog@nanog.org" <nanog@nanog.org>
Message-ID: <C889C8F7.16629%leslien@arin.net>
Content-Type: text/plain; charset="us-ascii"
Forwarding on behalf of APNIC.
_____________________________________________________
Two /8s allocated to APNIC from IANA (49/8 and 101/8)
_____________________________________________________
Dear colleagues
The information in this announcement is to enable the Internet community to
update network configurations, such as routing filters,
where required.
APNIC received the following IPv4 address blocks from IANA in August
2010 and will be making allocations from these ranges in the near
future:
49/8
101/8
Reachability and routability testing of the new prefixes will commence
soon. The daily report will be published at the usual URL:
http://www.ris.ripe.net/debogon
For more information on the resources administered by APNIC, please
see:
http://www.apnic.net/db/ranges.html
For information on the minimum allocation sizes within address ranges
administered by APNIC, please see:
http://www.apnic.net/db/min-alloc.html
Please be aware, there are now just 14 /8s remaining in IANA's
unallocated IPv4 address pool.
Kind regards,
Sunny
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ATT00001..c
Type: application/octet-stream
Size: 136 bytes
Desc: ATT00001..c
Url : http://mailman.nanog.org/pipermail/nanog/attachments/20100812/dd7ddcef/attachment-0001.obj
------------------------------
Message: 6
Date: Thu, 12 Aug 2010 15:54:28 -0400
From: Rogelio <rgamino@gmail.com>
Subject: Re: Policy Based Routing advice
To: Andrey Khomyakov <khomyakov.andrey@gmail.com>
Cc: Nanog <nanog@nanog.org>
Message-ID: <320B6374-A5D5-468C-938E-0D3905259244@gmail.com>
Content-Type: text/plain; charset=us-ascii
Hmmm... The reason I recommended that is because I think I remember reading somewhere that the "set ip" command does not work on point-to-point interfaces. The outbound interface in your config has a /30 assigned to it so maybe it is seeing it as a p-t-p interface?
Do you have a "less preferred" route via that interface for the destination ip's? If not, I don't think your pbr will work either.
Sent from my iPhone
On Aug 12, 2010, at 3:33 PM, Andrey Khomyakov <khomyakov.andrey@gmail.com> wrote:
> I dont' think this will work. Here is the formal description of "set
> interface" from cisco.com:
>
> This action specifies that the packet is forwarded out of the local
> interface. The interface must be a Layer 3 interface (no switchports), and
> the destination address in the packet must lie within the IP network
> assigned to that interface. If the destination address for the packet does
> not lie within that network, the packet is dropped.
>
>
> Since in my case the packets are destined to random addresses on the webz,
> my understanding that this will effectively be a drop statement for them.
>
> But, no, I have not tried it.
>
> On Thu, Aug 12, 2010 at 3:25 PM, Rogelio <rgamino@gmail.com> wrote:
>
>> Have you tried "set interface" instead of "set ip"?
>>
>>
>> Sent from my iPhone
>>
>> On Aug 12, 2010, at 3:13 PM, Andrey Khomyakov <khomyakov.andrey@gmail.com>
>> wrote:
>>
>>> I did try an extended ACL and had the same result.
>>> The way I know that it's not working is that I see these packets arriving
>> on
>>> a wrong interface on the firewall and therefor being dropped.
>>> I actually had to open a CR with Cisco and they verified the config and
>> said
>>> nothing is wrong with it. They are escalating and will hopefully get back
>> to
>>> me about this.
>>>
>>> Andrey
>>
>
>
>
> --
> Andrey Khomyakov
> [khomyakov.andrey@gmail.com]
------------------------------
Message: 7
Date: Thu, 12 Aug 2010 21:57:47 +0200
From: Mikel Jimenez Fernandez <mjf246@gmail.com>
Subject: Re: Two /8s allocated to APNIC from IANA (49/8 and 101/8)]
To: Leslie Nobile <leslien@arin.net>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Message-ID:
<AANLkTi=se8w2cFNUSDYXtY7kknRdCVr17vULmADRqFaE@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
Good news for IPV6 fans!
> Forwarding on behalf of APNIC.
>
>
>
> _____________________________________________________
>
> Two /8s allocated to APNIC from IANA (49/8 and 101/8)
> _____________________________________________________
>
>
> Dear colleagues
>
> The information in this announcement is to enable the Internet community
to
> update network configurations, such as routing filters,
> where required.
>
> APNIC received the following IPv4 address blocks from IANA in August
> 2010 and will be making allocations from these ranges in the near
> future:
>
> 49/8
> 101/8
>
> Reachability and routability testing of the new prefixes will commence
> soon. The daily report will be published at the usual URL:
>
> http://www.ris.ripe.net/debogon
>
> For more information on the resources administered by APNIC, please
> see:
>
> http://www.apnic.net/db/ranges.html
>
> For information on the minimum allocation sizes within address ranges
> administered by APNIC, please see:
>
> http://www.apnic.net/db/min-alloc.html
>
> Please be aware, there are now just 14 /8s remaining in IANA's
> unallocated IPv4 address pool.
>
> Kind regards,
> Sunny
>
>
------------------------------
Message: 8
Date: Thu, 12 Aug 2010 14:29:02 -0400
From: "Patrick W. Gilmore" <patrick@ianai.net>
Subject: Re: Cost of transit and options in APAC
To: NANOG list <nanog@nanog.org>
Message-ID: <76E736EF-8DA8-41F3-8A4C-EEC11623C2FB@ianai.net>
Content-Type: text/plain; charset=us-ascii
On Aug 11, 2010, at 10:01 PM, Matthew Palmer wrote:
> On Wed, Aug 11, 2010 at 12:53:18PM -0700, Joel Jaeggli wrote:
>> On 8/11/10 12:29 PM, Franck Martin wrote:
>>> Nice to see this change....
>>>
>>> APAC has been obliged to pay the cost to peer with the US (long
>>> distance links are expensive). Now that US wants to peer with Asia,
>>> pricing may become more balanced...
>>
>> I think the question is more like why am I being quoted $100 A megabit
>> in India for transit in India? Not why am I being charged for for the
>> transport cost across the pacific.
>
> Because the percentage of traffic that actually stays in India, as compared
> to that which transits the Pacific, is miniscule. If you're asking for
> enough bandwidth / throwing enough money around, I'm sure you could get an
> Indian-only deal, but you'd need to make it worth the while for the provider
> to setup the config, given that either way they'll be getting your money,
> and you won't be using a lot of transpacific traffic. Note also that it's
> unlikely that the provider will be getting a differentiated rate from their
> upstreams for internal traffic, and you may have to settle for peering-only
> access (if your chosen provider is connected to any peering points).
You do not need to throw a lot of money around. Lots of places in Asia give you separate in-country and "international" rates, and charge you accordingly. People have been talking about distance-sensitive pricing for IP traffic for years, without realizing people have been doing it in Asia for years.
Back to topic of why prices are high in some places (and it is not just Asia), it is trivial to prove objectively that monopoly power keeps prices ridiculously high. Before anyone jumps on me, there are many reasons for high prices. Monopoly power is only one, but clearly and obviously the biggest one.
When I say "objectively", I mean it. Look at any country which has gone through any type of transition from "gov't owned monopoly telco" to "competition-based market". South Africa instantly springs to mind. Prices are still high, but have dropped, what, 75% in just a year or two once the monopoly power was broken? And this is after a decade or more of little to no decrease.
Of course, this does not mean .za will have $1/Mbps transit like the US any time soon. As I said, there are other factors - geography, scale, local economy, even import policies, etc. But getting prices to go from US$2000/Mbps to, say, $100/Mbps is more important than the $100 -> $1 drop. (Hrmm, I wonder who will say "the first is only 20 times, the second is 100 times!" to prove me wrong? :) Plus there are a myriad of factors keeping that last step from happening, not just one. So wich do you think is more important, the monopoly power or the dozens of other factors?
That said, this is not really on-topic for NANOG. So if you would like to argue the point, please e-mail privately, or let's take it to another list.
End of day, the important thing is to break the monopoly. After that, prices will almost always drop, then you can work on other stuff.
--
TTFN,
patrick
------------------------------
Message: 9
Date: Thu, 12 Aug 2010 15:40:20 -0500
From: Benson Schliesser <bensons@queuefull.net>
Subject: Re: Cost of transit and options in APAC
To: Dorian Kim <dorian@blackrose.org>, nanog <nanog@merit.edu>
Message-ID: <02815161-1DF1-44ED-8646-52E2DD2CD86A@queuefull.net>
Content-Type: text/plain; charset=us-ascii
On 12 Aug 10, at 7:26 AM, Dorian Kim wrote:
>> Sadly, I have no first-hand knowledge of these costs. How does in-country transport compare to trans-Pacific transport cost? (i.e. on a per Mbps per kilometer or similar metric) I assume it's cheaper in-country / in-region compared to trans-oceanic. Is this true?
>
> This is not an assumption you can make safely depending on the country and specific
> sub-region you are talking about.
That's fair; I'm not surprised to hear it. But I'm curious about the details. In specific cases like India and China, what is the underlying contributor to higher relative transport costs? (i.e. taxes, ROW fees, extraordinary shipping or operational costs, inadequate competition, low supply, greed, etc) Further, how does the situation compare to past examples like Europe?
I doubt the AP region is forever doomed to exchange traffic via the US, but can't quite anticipate change without first understanding the current environment. Network interconnects are designed the way they are, today, for a reason. If anybody has insight they can share on the situation I would appreciate it.
Cheers,
-Benson
------------------------------
_______________________________________________
NANOG mailing list
NANOG@nanog.org
https://mailman.nanog.org/mailman/listinfo/nanog
End of NANOG Digest, Vol 31, Issue 33
*************************************
|
