***: ant has joined #arpnetworks
fink has joined #arpnetworks
mercutio has quit IRC (Ping timeout: 245 seconds)
mercutio has joined #arpnetworks
mercutio has quit IRC (Client Quit)
mercutio has joined #arpnetworks
mercutio has quit IRC (Quit: WeeChat 1.0.1)
mercutio has joined #arpnetworks
awyeah has quit IRC (Read error: Connection reset by peer)
awyeah has joined #arpnetworks
tooth has quit IRC (Ping timeout: 244 seconds)
tooth has joined #arpnetworks
fink has quit IRC (Quit: fink)
fink has joined #arpnetworks mercutio: that google mtu thing gets stranger, even ip's of google caches have strangely small packets
looks like 1454 mtu ***: awyeah has quit IRC (Remote host closed the connection)
bardo has joined #arpnetworks
neish_ has quit IRC (Ping timeout: 244 seconds)
mike-burns has quit IRC (Ping timeout: 265 seconds)
neish has joined #arpnetworks
mkb has joined #arpnetworks
jpalmer has quit IRC (Ping timeout: 265 seconds)
mike-burns has joined #arpnetworks
ChanServ sets mode: +o mike-burns
jpalmer has joined #arpnetworks
awyeah has joined #arpnetworks acf_: routing weirdness
http://paste.unixcube.org/k/f7eaf mercutio: savvis suck
slashdot is using savvis and has huge pings too
and doesn't show anything weird in traceroute from arp other than huge ping
so i imagine savvis just have messed up peering with qwest.net as shown in your trace
and peer with them in london acf_: funny because Qwest and Savvis are both CenturyLink mercutio: i didn't know that acf_: just played with the PCCW and Savvis looking glasses
looks like they peer in LAX mercutio: oh
oh that wasn't your normal connection acf_: that was from arp
*to arp mercutio: it's 160 msec to slashdot.org which is hosted in chicago
(from arp) acf_: yea probably by London mercutio: yeah
but it looks like it's los angeles to chicago :/ acf_: forward path from ARP probably is
the return path is screwed up mercutio: ping jumps from 1 msec average to 156 msec average
in single hop
yeah
it has been for ages
but it's savvis -> qest -> pccw -> trit acf_: the qwest -> pccw is in London... mercutio: does the looking glass show any paths? acf_: I didn't look at bgp mercutio: the savvis -> qest is in london too isn't it?
oh maybe not acf_: it is
cr2-ten-0-7-4-0.londonuk1.savvis.net
...
63-235-40-189.dia.static.qwest.net mercutio: i don't think level3, and ntt have amazingly close connections with savvis
i think cogent/comcast/etc are closer acf_: that kind of explains it
the funny part is that pccw and savvis peer in LA mercutio: that would mean savvis carrying traffic to la acf_: I tried the Savvis lg traceroute from LA...
same thing mercutio: oh
i'm just trying that now heh acf_: LA -> London -> LA :P
but tracing to 63.218.212.14 (hop 9 in the trace to ARP)
goes directly via LA mercutio: uhh
NTT have direct connection
like forward path to slashdot
is AS2914 AS3561 acf_: so it should be going via NTT instead of savvis? mercutio: yeah
but i'm struglging to use bgp
ipv4 unicast is what i want?
it's not coming up with anything acf_: idk anything about bgp mercutio: i know i hate savvis's looking glass :)
telnet://route-server.savvis.net
damn it's not working acf_: that would have been really nice.. mercutio: yes
most of the looking glasses are really slow acf_: can you explain why when tracing directly to 63.218.212.14 from the Savvis lg, the path goes via lax
(1.419 ms) mercutio: i dunno what that ip is acf_: but when you trace arpnetworks.com, the hop 63.218.212.14 has a latecny of mercutio: oh it's pccw
i just did traceroute from pccw looking glass and saw that ip
it's 0 msec from pccw to arp
we kin dof need to see what routes they see acf_: 143.880 ms
hmm ok mercutio: what it's not seeing arp at all?
atlanta quickly finds no routes
los angeles slowly doesn't seem to do anything acf_: % Network not in table
:/ mercutio: https://groups.google.com/forum/#!topic/nanog-/MLWLu1NQZpI
so it's been broken for years acf_: ah ok mercutio: but yeah i assume savvis don't send to ntt because pccw are cheaper than ntt to send to?
maybe pccw are customer acf_: it's still super strange that it would be going via london imo mercutio: yeah good luck getting it fixed :) -: acf_ facepalms acf_: the Savvis NOC mailbox is full...
I was trying to ask them about their looking glass / route server mercutio: haha
well if it was broken in 2011
i imagine they don't care much acf_: it's always fun to listen to NSPs tell me stright up that their crap is broken
and that they're not going to fix it
https://www.google.com/intl/en/ipv6/statistics.html#tab=ipv6-adoption
wonder why the green line is so squiggly
the interesting thing is
on the very last datapoint, "6to4/Teredo" is 0.00%
rather than the 0.01 and 0.02 it's been throughout 2013 and 2014
I wonder if that's related to the broken PTMUD problem mercutio: yeah that is strange
it maybe that they're trying stuff on/off a lot
to measure performance ***: joepie91 has quit IRC (Ping timeout: 250 seconds)
joepie91 has joined #arpnetworks
fink has quit IRC (Quit: fink)
toeshred has quit IRC (Quit: WeeChat 1.0.1)
toeshred has joined #arpnetworks mnathani: how do ip address allocations work when you colocate? For instance if I have an ASA firewall and get assigned say a /29. Does the WAN interface of the firewall have to have a different /30 assigned? Allowing the entire /29 to be used for hosts, VMs etc? mercutio: there's more than one way people do stuff
you can get a /29 routed to you over your normal ip address, or you can have just the /29
if you have just the /29 you'll usually have 5 ip addresses to play with
err
that was a generic response
with arp dedicated server i have a /29 and just the /29 mnathani: I guess I am curious how that setup works when you have multiple devices, rather than a physical server
cable comes in > connects to firewall > one port for physical web server, another for physical mail server, another for physical DNS server, all running on their own public IP address.
I would thing they would point to the firewall for their default gateway
s/thing/think BryceBot: <mnathani> I would think they would point to the firewall for their default gateway mnathani: but what happens on the uplink interface of the firewall, does it use a different address block, say part of a /30? mercutio: mnathani: fwiw i have a /32 for adsl, with a routed /29 at home
the internal lan interface on modem is on the /29
ppp makes it easy to have a /32 though
but from my understanding, people using hardware firewalls now days often have 3 ip addresses for firewalls, and it bridges
one for each firewall, and one for master ip
because having a firewall decreases your reliablity, and people who want to spend money on firewalls tend to want to spend money on redundancy
there's actually lots of ways of doing things
i kind of like routed /32s myself. BryceBot: That's what she said!! mercutio: where you just route internet ip's onto rfc1918 address space.
so your gateway can be rfc1918 even
but you're bound to an internal ip
err bound to an internet ip
for programs that need it
so like your webserver maybe on 192.168.6.20, your mail server on 192.168.6.21
your internet ip 4.1.1.1
your mail 4.1.1.2
and you route 4.1.1.1 to 192.168.6.20
and add 4.1.1.1 as a seconday interface on 192.168.6.20
and you set programs to bind to that ip that need it
which also means you cna do fancy things like have the ip's bounce between hosts.
and have a vpn to access 192.168.6.0/24
the other thing is that you can do /31s more often now too
and so you could link using /31 to wan
but it tends to kill the odd/even low/high thing