[02:11] *** ant has quit IRC (Ping timeout: 260 seconds) [02:11] *** ant has joined #arpnetworks [02:21] *** fink has joined #arpnetworks [02:24] *** mercutio has quit IRC (Ping timeout: 245 seconds) [02:27] *** mercutio has joined #arpnetworks [02:27] *** mercutio has quit IRC (Client Quit) [02:34] *** mercutio has joined #arpnetworks [02:43] *** mercutio has quit IRC (Quit: WeeChat 1.0.1) [02:53] *** mercutio has joined #arpnetworks [02:53] *** awyeah has quit IRC (Read error: Connection reset by peer) [02:53] *** awyeah has joined #arpnetworks [02:53] *** tooth has quit IRC (Ping timeout: 244 seconds) [02:54] *** tooth has joined #arpnetworks [02:59] *** fink has quit IRC (Quit: fink) [03:16] *** fink has joined #arpnetworks [04:35] that google mtu thing gets stranger, even ip's of google caches have strangely small packets [04:35] looks like 1454 mtu [08:32] *** awyeah has quit IRC (Remote host closed the connection) [09:56] *** bardo has joined #arpnetworks [11:12] *** neish_ has quit IRC (Ping timeout: 244 seconds) [11:13] *** mike-burns has quit IRC (Ping timeout: 265 seconds) [11:14] *** neish has joined #arpnetworks [11:21] *** mkb has joined #arpnetworks [11:21] *** jpalmer has quit IRC (Ping timeout: 265 seconds) [11:40] *** mike-burns has joined #arpnetworks [11:40] *** ChanServ sets mode: +o mike-burns [11:48] *** jpalmer has joined #arpnetworks [11:54] *** awyeah has joined #arpnetworks [13:14] routing weirdness [13:14] http://paste.unixcube.org/k/f7eaf [13:30] savvis suck [13:30] slashdot is using savvis and has huge pings too [13:30] and doesn't show anything weird in traceroute from arp other than huge ping [13:30] so i imagine savvis just have messed up peering with qwest.net as shown in your trace [13:30] and peer with them in london [13:31] funny because Qwest and Savvis are both CenturyLink [13:31] i didn't know that [13:31] just played with the PCCW and Savvis looking glasses [13:31] looks like they peer in LAX [13:31] oh [13:31] oh that wasn't your normal connection [13:31] that was from arp [13:32] *to arp [13:32] it's 160 msec to slashdot.org which is hosted in chicago [13:32] (from arp) [13:32] yea probably by London [13:32] yeah [13:32] but it looks like it's los angeles to chicago :/ [13:32] forward path from ARP probably is [13:32] the return path is screwed up [13:32] ping jumps from 1 msec average to 156 msec average [13:33] in single hop [13:33] yeah [13:33] it has been for ages [13:33] but it's savvis -> qest -> pccw -> trit [13:34] the qwest -> pccw is in London... [13:34] does the looking glass show any paths? [13:34] I didn't look at bgp [13:34] the savvis -> qest is in london too isn't it? [13:34] oh maybe not [13:34] it is [13:34] cr2-ten-0-7-4-0.londonuk1.savvis.net [13:34] ... [13:34] 63-235-40-189.dia.static.qwest.net [13:35] i don't think level3, and ntt have amazingly close connections with savvis [13:35] i think cogent/comcast/etc are closer [13:35] that kind of explains it [13:35] the funny part is that pccw and savvis peer in LA [13:36] that would mean savvis carrying traffic to la [13:36] I tried the Savvis lg traceroute from LA... [13:36] same thing [13:36] oh [13:36] i'm just trying that now heh [13:36] LA -> London -> LA :P [13:37] but tracing to 63.218.212.14 (hop 9 in the trace to ARP) [13:37] goes directly via LA [13:37] uhh [13:37] NTT have direct connection [13:38] like forward path to slashdot [13:38] is AS2914 AS3561 [13:38] so it should be going via NTT instead of savvis? [13:38] yeah [13:38] but i'm struglging to use bgp [13:38] ipv4 unicast is what i want? [13:39] it's not coming up with anything [13:39] idk anything about bgp [13:39] i know i hate savvis's looking glass :) [13:40] telnet://route-server.savvis.net [13:40] damn it's not working [13:40] that would have been really nice.. [13:40] yes [13:41] most of the looking glasses are really slow [13:41] can you explain why when tracing directly to 63.218.212.14 from the Savvis lg, the path goes via lax [13:41] (1.419 ms) [13:41] i dunno what that ip is [13:41] but when you trace arpnetworks.com, the hop 63.218.212.14 has a latecny of [13:41] oh it's pccw [13:42] i just did traceroute from pccw looking glass and saw that ip [13:42] it's 0 msec from pccw to arp [13:42] we kin dof need to see what routes they see [13:43] 143.880 ms [13:43] hmm ok [13:43] what it's not seeing arp at all? [13:44] atlanta quickly finds no routes [13:44] los angeles slowly doesn't seem to do anything [13:44] % Network not in table [13:44] :/ [13:45] https://groups.google.com/forum/#!topic/nanog-/MLWLu1NQZpI [13:45] so it's been broken for years [13:45] ah ok [13:46] but yeah i assume savvis don't send to ntt because pccw are cheaper than ntt to send to? [13:46] maybe pccw are customer [13:47] it's still super strange that it would be going via london imo [13:57] yeah good luck getting it fixed :) [14:14] * acf_ facepalms [14:14] the Savvis NOC mailbox is full... [14:15] I was trying to ask them about their looking glass / route server [14:18] haha [14:18] well if it was broken in 2011 [14:18] i imagine they don't care much [14:20] it's always fun to listen to NSPs tell me stright up that their crap is broken [14:20] and that they're not going to fix it [14:32] https://www.google.com/intl/en/ipv6/statistics.html#tab=ipv6-adoption [14:33] wonder why the green line is so squiggly [14:33] the interesting thing is [14:33] on the very last datapoint, "6to4/Teredo" is 0.00% [14:34] rather than the 0.01 and 0.02 it's been throughout 2013 and 2014 [14:34] I wonder if that's related to the broken PTMUD problem [14:41] yeah that is strange [14:41] it maybe that they're trying stuff on/off a lot [14:41] to measure performance [15:05] *** joepie91 has quit IRC (Ping timeout: 250 seconds) [15:12] *** joepie91 has joined #arpnetworks [16:28] *** fink has quit IRC (Quit: fink) [16:35] *** toeshred has quit IRC (Quit: WeeChat 1.0.1) [16:39] *** toeshred has joined #arpnetworks [18:11] how do ip address allocations work when you colocate? For instance if I have an ASA firewall and get assigned say a /29. Does the WAN interface of the firewall have to have a different /30 assigned? Allowing the entire /29 to be used for hosts, VMs etc? [18:15] there's more than one way people do stuff [18:15] you can get a /29 routed to you over your normal ip address, or you can have just the /29 [18:15] if you have just the /29 you'll usually have 5 ip addresses to play with [18:15] err [18:15] that was a generic response [18:15] with arp dedicated server i have a /29 and just the /29 [20:29] I guess I am curious how that setup works when you have multiple devices, rather than a physical server [20:30] cable comes in > connects to firewall > one port for physical web server, another for physical mail server, another for physical DNS server, all running on their own public IP address. [20:30] I would thing they would point to the firewall for their default gateway [20:31] s/thing/think [20:31] I would think they would point to the firewall for their default gateway [20:31] but what happens on the uplink interface of the firewall, does it use a different address block, say part of a /30? [20:43] mnathani: fwiw i have a /32 for adsl, with a routed /29 at home [20:43] the internal lan interface on modem is on the /29 [20:44] ppp makes it easy to have a /32 though [20:44] but from my understanding, people using hardware firewalls now days often have 3 ip addresses for firewalls, and it bridges [20:44] one for each firewall, and one for master ip [20:45] because having a firewall decreases your reliablity, and people who want to spend money on firewalls tend to want to spend money on redundancy [20:47] there's actually lots of ways of doing things [20:48] i kind of like routed /32s myself. [20:48] That's what she said!! [20:48] where you just route internet ip's onto rfc1918 address space. [20:48] so your gateway can be rfc1918 even [20:48] but you're bound to an internal ip [20:49] err bound to an internet ip [20:49] for programs that need it [20:49] so like your webserver maybe on 192.168.6.20, your mail server on 192.168.6.21 [20:49] your internet ip 4.1.1.1 [20:49] your mail 4.1.1.2 [20:50] and you route 4.1.1.1 to 192.168.6.20 [20:50] and add 4.1.1.1 as a seconday interface on 192.168.6.20 [20:50] and you set programs to bind to that ip that need it [20:51] which also means you cna do fancy things like have the ip's bounce between hosts. [20:51] and have a vpn to access 192.168.6.0/24 [20:54] the other thing is that you can do /31s more often now too [20:54] and so you could link using /31 to wan [20:55] but it tends to kill the odd/even low/high thing