Hey all,
Little detail at present... but the iPrimus DC in 55 King St Melbourne seems to have had a complete failure. Power, UPS and Generator have apparently all failed.
Anyone else have more detail, feel free to follow up.
...Skeeve
--
Skeeve Stevens, CEO/Technical Director
eintellego Pty Ltd - The Networking Specialists
skeeve(a)eintellego.net / www.eintellego.net
Phone: 1300 753 383, Fax: (+612) 8572 9954
Cell +61 (0)414 753 383 / skype://skeeve
--
NOC, NOC, who's there?
Disclaimer: Limits of Liability and Disclaimer: This message is for the named person's use only. It may contain sensitive and private proprietary or legally privileged information. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. eintellego Pty Ltd and each legal entity in the Tefilah Pty Ltd group of companies reserve the right to monitor all e-mail communications through its networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of any such entity. Any reference to costs, fee quotations, contractual transactions and variations to contract terms is subject to separate confirmation in writing signed by an authorised representative of eintellego. Whilst all efforts are made to safeguard inbound and outbound e-mails, we cannot guarantee that attachments are virus-free or compatible with your systems and do not accept any liability in respect of viruses or computer problems experienced.
At 11:06 a.m. 28/01/2009, Neil Gardner wrote:
>OK, you've all got a lot uglier and the format of the conference is
>significantly different this year...
>
>I don't for example, recall anyone leading conference speakers around
>in a ring while they were dressed in horse costumes.
>
>Additionally, the discussion on BGP for resilient services sounded a
>lot more like a horsie auction than I expected.
Classic !!!
I confess - we recycle URLs. The NZNOG streams will be sorted
tonight after we finish setting up and the bandwidth works. The
horses are actually live on another 2 streams. NZNOG will have 4 and
a test link to Manila has one.
and as of 10:30 this morning, the Reserve Bank has another one. So
let me apologise in advance if the NZNOG opening ceremony is a little
less than expected. At 0900 when RBNZ announce a new cash rate, I'm
live switching the feed from the van at NZNOG.
I could either get this right or horribly wrong..............
OK, you've all got a lot uglier and the format of the conference is
significantly different this year...
I don't for example, recall anyone leading conference speakers around
in a ring while they were dressed in horse costumes.
Additionally, the discussion on BGP for resilient services sounded a
lot more like a horsie auction than I expected.
Are the NZnog streams up anywhere? Yes I followed the links on the
NZnog site... http://2009.nznog.org/streaming
Cheers - N
-----Original Message-----
From: nznog-request(a)list.waikato.ac.nz [mailto:nznog-request@list.waikato.ac.nz]
Sent: Wednesday, 28 January 2009 11:07 a.m.
To: nznog(a)list.waikato.ac.nz
Subject: NZNOG Digest, Vol 73, Issue 24
Send NZNOG mailing list submissions to
nznog(a)list.waikato.ac.nz
To subscribe or unsubscribe via the World Wide Web, visit
http://list.waikato.ac.nz/mailman/listinfo/nznog
or, via email, send a message with subject or body 'help' to
nznog-request(a)list.waikato.ac.nz
You can reach the person managing the list at
nznog-owner(a)list.waikato.ac.nz
When replying, please edit your Subject line so it is more specific
than "Re: Contents of NZNOG digest..."
Today's Topics:
1. Re: Juniper J2320, rate limit based on bgp community
(national/international) (Truman Boyes)
2. Re: Juniper J2320, rate limit based on bgp community
(national/international) (Barry Murphy)
3. Vendor reception at NZNOG - Open to all (Nathan Ward)
4. Re: Vendor reception at NZNOG - Open to all (Neil Gardner)
5. Re: Vendor reception at NZNOG - Open to all (Nathan Ward)
6. NZRR Route Registry Update (NZRR Database Notifications)
7. NZRR Route Registry Update (NZRR Database Notifications)
8. NZNOG IRC Channel (Mark Foster)
9. Re: NZNOG IRC Channel (Scott Howard)
10. NZNOG streams... (Neil Gardner)
----------------------------------------------------------------------
Message: 1
Date: Tue, 27 Jan 2009 11:56:25 +1100
From: Truman Boyes <truman(a)suspicious.org>
Subject: Re: [nznog] Juniper J2320, rate limit based on bgp community
(national/international)
To: Craig Spiers <Craig.Spiers(a)staff.solarix.co.nz>
Cc: Nznog <nznog(a)list.waikato.ac.nz>
Message-ID: <85A47E88-60DA-40BA-8DDE-9DF52A11142E(a)suspicious.org>
Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes
Hey there,
What you want is destination class policing / source class policing
based on destination class usage (DCU) This allows you to have
policing based on BGP communities instead of managing prefix lists.
This is supported on J-series since 8.5R1.
Basically you want to:
1. apply bgp communities to routes learned from specific peers
(international tag, domestic tag, etc).
2. write a policy that matches on tagged routes, and has an action of
'then destination-class INTERNATIONAL' etc...
3. apply the policy as as export policy to the forwarding-table.
4. configure accounting for destination-class-usage on interfaces that
you wish to collect account for ...
5. configure a firewall filter that matches on destination-class and
polices traffic to the correct rate.
I can unicast you some configs once I dig them up from back in the day.
DCU/DCP is a highly scalable way to provide differentiated
accounting / policing for specific aggregate services. I have seen
this deployed with 40+ regional zones.
Cheers,
Truman Boyes
On 22/01/2009, at 2:21 PM, Craig Spiers wrote:
> Hi All..
>
> To try and better explain what barry is trying to do.. hes trying to
> traffic shape certain IP addresses on his network based on the BGP
> community a specific route is a member of..
>
> Eg domestic traffic is a member of community 100 and international is
> 200
>
> Eg 1.2.3.4 on his network communicating with a route dest in community
> 100 = 128k
> Eg 1.2.3.4 on his network communicating with a route dest in community
> 200 = 64k
>
> I do this on our cisco's using BGP with ip-qos-map's and a service
> policy on the interface.. hes looking for the juniper equivalent..
>
> Any ideas?
>
>
> Kind Regards,
>
> Craig Spiers - Network Manager
> Solarix Limited
> DDI: +64 9 974 4753 | FAX: +64 9 523 8057 FAULTS: 0800 89 41 42
> MOB: +64 21 857 183 | email: craig.spiers(a)staff.solarix.co.nz
> The information contained in this email is privileged and confidential
> and
> intended for the addressee only. If you are not the intended recipient
> you
> are asked to respect that confidentiality and not disclose, copy or
> make
>
> use of its contents. If received in error you are asked to destroy
> this
> email and contact the sender immediately.
>
>
> -----Original Message-----
> From: Barry Murphy [mailto:barry@unix.co.nz]
> Sent: Thursday, 22 January 2009 3:42 p.m.
> To: Nznog
> Subject: [nznog] Juniper J2320,rate limit based on bgp community
> (national/international)
>
> Hey Guys,
>
> Hope this fits in with the AUP, however I'd hope so as not many forums
> show
> how to rate-limit based on national/international traffic as they
> don't
> bill accordingly, however in NZ this is standard practice so hoping
> someone
> with juniper knowledge can assist me here.
>
> Basically I want to allow all traffic to/from national without
> rate-limit,
> then restrict international, for eg 128k.
>
> icepick@NCCORE01# show firewall
> policer 128k {
> if-exceeding {
> bandwidth-limit 128k;
> burst-size-limit 4500;
> }
> then discard;
> }
> filter 128k {
> term 1 {
> from {
> forwarding-class assured-forwarding;
> }
> then accept;
> }
> term 2 {
> from {
> forwarding-class best-effort;
> }
> then {
> policer 128k;
> accept;
> }
> }
> }
>
>
>
> icepick@NCCORE01# show policy-options policy-statement Orcon-Primary-
> In
> term 1 {
> from community [ Orcon-Local Orcon-National Orcon-Peering
> Orcon-Telstra
> Orcon-Telecom ];
> then {
> local-preference 110;
> forwarding-class assured-forwarding;
> accept;
> }
> }
> term 2 {
> from {
> route-filter 0.0.0.0/0 upto /24;
> }
> then {
> local-preference 110;
> forwarding-class best-effort;
> accept;
> }
> }
> term 3 {
> from {
> route-filter 0.0.0.0/0 exact;
> }
> then {
> local-preference 120;
> accept;
> }
> }
> term 4 {
> then reject;
> }
>
>
> icepick@NCCORE01# show interfaces ge-0/0/1 unit 55
> description "Test interface";
> vlan-id 55;
> family inet {
> filter {
> input 128k;
> output 128k;
> }
> address 113.21.x.x/29;
> }
>
>
> The problem I'm running into is all traffic is being rate-limited at
> 128k,
> rather than just the international. I was able to find one example
> located
> at
> http://archives.devshed.com/forums/networking-100/policer-based-on-commu
> nity-2015343.html
> however this describes the use of destination-class where I only have
> forwarding-class so I'm not sure if this has been depreciated or
> renamed
> or
> not supported by J2320.
>
> I understand this may be a question for JTAC, however I'd like to hear
> from
> users here in NZ that have managed to get this going with junos. To
> keep
> the list sane, please reply offlist, if many people are interested
> I'll
> post the working solution after being tested for archive purposes.
>
> Public holiday for Aucklanders next monday, extra long weekend of
> beer,
> mmmmm
>
> Thanks
> Barry
>
> _______________________________________________
> NZNOG mailing list
> NZNOG(a)list.waikato.ac.nz
> http://list.waikato.ac.nz/mailman/listinfo/nznog
> _______________________________________________
> NZNOG mailing list
> NZNOG(a)list.waikato.ac.nz
> http://list.waikato.ac.nz/mailman/listinfo/nznog
>
------------------------------
Message: 2
Date: Tue, 27 Jan 2009 14:02:09 +1300
From: Barry Murphy <barry(a)unix.co.nz>
Subject: Re: [nznog] Juniper J2320, rate limit based on bgp community
(national/international)
To: Truman Boyes <truman(a)suspicious.org>
Cc: Craig Spiers <Craig.Spiers(a)staff.solarix.co.nz>, Nznog
<nznog(a)list.waikato.ac.nz>
Message-ID: <42d6b86dda5ad39384980a4346e7b3ce@localhost>
Content-Type: text/plain; charset="UTF-8"
Hi Truman,
Yes this was how I planned to do it, if you note my second to last
paragraph, my J2320 doesn't seem to have destination-class available at the
policer level.
Thanks
Barry
On Tue, 27 Jan 2009 11:56:25 +1100, Truman Boyes <truman(a)suspicious.org>
wrote:
> Hey there,
>
> What you want is destination class policing / source class policing
> based on destination class usage (DCU) This allows you to have
> policing based on BGP communities instead of managing prefix lists.
> This is supported on J-series since 8.5R1.
>
> Basically you want to:
>
> 1. apply bgp communities to routes learned from specific peers
> (international tag, domestic tag, etc).
> 2. write a policy that matches on tagged routes, and has an action of
> 'then destination-class INTERNATIONAL' etc...
> 3. apply the policy as as export policy to the forwarding-table.
> 4. configure accounting for destination-class-usage on interfaces that
> you wish to collect account for ...
> 5. configure a firewall filter that matches on destination-class and
> polices traffic to the correct rate.
>
> I can unicast you some configs once I dig them up from back in the day.
>
> DCU/DCP is a highly scalable way to provide differentiated
> accounting / policing for specific aggregate services. I have seen
> this deployed with 40+ regional zones.
>
> Cheers,
> Truman Boyes
>
>
>
> On 22/01/2009, at 2:21 PM, Craig Spiers wrote:
>
>> Hi All..
>>
>> To try and better explain what barry is trying to do.. hes trying to
>> traffic shape certain IP addresses on his network based on the BGP
>> community a specific route is a member of..
>>
>> Eg domestic traffic is a member of community 100 and international is
>> 200
>>
>> Eg 1.2.3.4 on his network communicating with a route dest in community
>> 100 = 128k
>> Eg 1.2.3.4 on his network communicating with a route dest in community
>> 200 = 64k
>>
>> I do this on our cisco's using BGP with ip-qos-map's and a service
>> policy on the interface.. hes looking for the juniper equivalent..
>>
>> Any ideas?
>>
>>
>> Kind Regards,
>>
>> Craig Spiers - Network Manager
>> Solarix Limited
>> DDI: +64 9 974 4753 | FAX: +64 9 523 8057 FAULTS: 0800 89 41 42
>> MOB: +64 21 857 183 | email: craig.spiers(a)staff.solarix.co.nz
>> The information contained in this email is privileged and confidential
>> and
>> intended for the addressee only. If you are not the intended recipient
>> you
>> are asked to respect that confidentiality and not disclose, copy or
>> make
>>
>> use of its contents. If received in error you are asked to destroy
>> this
>> email and contact the sender immediately.
>>
>>
>> -----Original Message-----
>> From: Barry Murphy [mailto:barry@unix.co.nz]
>> Sent: Thursday, 22 January 2009 3:42 p.m.
>> To: Nznog
>> Subject: [nznog] Juniper J2320,rate limit based on bgp community
>> (national/international)
>>
>> Hey Guys,
>>
>> Hope this fits in with the AUP, however I'd hope so as not many forums
>> show
>> how to rate-limit based on national/international traffic as they
>> don't
>> bill accordingly, however in NZ this is standard practice so hoping
>> someone
>> with juniper knowledge can assist me here.
>>
>> Basically I want to allow all traffic to/from national without
>> rate-limit,
>> then restrict international, for eg 128k.
>>
>> icepick@NCCORE01# show firewall
>> policer 128k {
>> if-exceeding {
>> bandwidth-limit 128k;
>> burst-size-limit 4500;
>> }
>> then discard;
>> }
>> filter 128k {
>> term 1 {
>> from {
>> forwarding-class assured-forwarding;
>> }
>> then accept;
>> }
>> term 2 {
>> from {
>> forwarding-class best-effort;
>> }
>> then {
>> policer 128k;
>> accept;
>> }
>> }
>> }
>>
>>
>>
>> icepick@NCCORE01# show policy-options policy-statement Orcon-Primary-
>> In
>> term 1 {
>> from community [ Orcon-Local Orcon-National Orcon-Peering
>> Orcon-Telstra
>> Orcon-Telecom ];
>> then {
>> local-preference 110;
>> forwarding-class assured-forwarding;
>> accept;
>> }
>> }
>> term 2 {
>> from {
>> route-filter 0.0.0.0/0 upto /24;
>> }
>> then {
>> local-preference 110;
>> forwarding-class best-effort;
>> accept;
>> }
>> }
>> term 3 {
>> from {
>> route-filter 0.0.0.0/0 exact;
>> }
>> then {
>> local-preference 120;
>> accept;
>> }
>> }
>> term 4 {
>> then reject;
>> }
>>
>>
>> icepick@NCCORE01# show interfaces ge-0/0/1 unit 55
>> description "Test interface";
>> vlan-id 55;
>> family inet {
>> filter {
>> input 128k;
>> output 128k;
>> }
>> address 113.21.x.x/29;
>> }
>>
>>
>> The problem I'm running into is all traffic is being rate-limited at
>> 128k,
>> rather than just the international. I was able to find one example
>> located
>> at
>> http://archives.devshed.com/forums/networking-100/policer-based-on-commu
>> nity-2015343.html
>> however this describes the use of destination-class where I only have
>> forwarding-class so I'm not sure if this has been depreciated or
>> renamed
>> or
>> not supported by J2320.
>>
>> I understand this may be a question for JTAC, however I'd like to hear
>> from
>> users here in NZ that have managed to get this going with junos. To
>> keep
>> the list sane, please reply offlist, if many people are interested
>> I'll
>> post the working solution after being tested for archive purposes.
>>
>> Public holiday for Aucklanders next monday, extra long weekend of
>> beer,
>> mmmmm
>>
>> Thanks
>> Barry
>>
>> _______________________________________________
>> NZNOG mailing list
>> NZNOG(a)list.waikato.ac.nz
>> http://list.waikato.ac.nz/mailman/listinfo/nznog
>> _______________________________________________
>> NZNOG mailing list
>> NZNOG(a)list.waikato.ac.nz
>> http://list.waikato.ac.nz/mailman/listinfo/nznog
>>
>
------------------------------
Message: 3
Date: Tue, 27 Jan 2009 14:33:01 +1300
From: Nathan Ward <nznog(a)daork.net>
Subject: [nznog] Vendor reception at NZNOG - Open to all
To: nznog <nznog(a)list.waikato.ac.nz>
Message-ID: <17CA2F72-294E-4358-BB5E-06FBF51F83BF(a)daork.net>
Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes
Hi all,
Wednesday night we are running a "vendor reception", similar to the
"gear and beer" evenings at NANOG.
Renaissance have generously made a prize available for the evening -
an iPod Nano.
This will be an open bar, with finger food.
Network operators and related parties can attend - even people who are
not attending the main conference.
Please bring some business cards - one for to go in the prize jar, and
one to put in your name tag holder if you are not a conference attendee.
Please RSVP to info(a)nznog.org and let us know if you are attending,
and also anyone you are bringing with you so we can put you on some
kind of list.
It would be great to see you here, to get a taste of the NZNOG
conference, and a drink or two[1].
--
Nathan Ward
[1] or three.
------------------------------
Message: 4
Date: Tue, 27 Jan 2009 14:47:30 +1300
From: Neil Gardner <nznog(a)neilnz.com>
Subject: Re: [nznog] Vendor reception at NZNOG - Open to all
To: nznog <nznog(a)list.waikato.ac.nz>
Message-ID:
<632d599d0901261747n2388b020xdfdb1083b02857a2(a)mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
I've been politely waiting, and mid afternoon on the day before the
conference seems like a reasonable time to ask again...
What's the deal with streaming of the conference talks / discussions /
full and frank exchange of view sessions?
Cheers - N
------------------------------
Message: 5
Date: Tue, 27 Jan 2009 15:34:54 +1300
From: Nathan Ward <nznog(a)daork.net>
Subject: Re: [nznog] Vendor reception at NZNOG - Open to all
To: nznog <nznog(a)list.waikato.ac.nz>
Message-ID: <58FF2B25-CBDE-4975-8063-5397D65B9B2A(a)daork.net>
Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes
On 27/01/2009, at 2:47 PM, Neil Gardner wrote:
> I've been politely waiting, and mid afternoon on the day before the
> conference seems like a reasonable time to ask again...
>
> What's the deal with streaming of the conference talks / discussions /
> full and frank exchange of view sessions?
R2 are doing streaming, as per usual. I'm pretty sure we've said that
on the list already. This will be for the main conference, not the
tutorial days. So, Thurs+Fri.
We have microphones, plus microphones for anyone asking questions.
--
Nathan Ward
------------------------------
Message: 6
Date: Tue, 27 Jan 2009 16:08:54 +1300
From: NZRR Database Notifications <rpsl-admin(a)nzix.net>
Subject: [nznog] NZRR Route Registry Update
To: nznog(a)list.waikato.ac.nz
Message-ID: <E1LReJq-0003lj-IU(a)totti.citylink.co.nz>
Dear Colleague,
This is to notify you that one or more objects in which you are
designated for notification have been modified in the NZRR routing
registry database.
These objects are used to configure the various NZIX route servers
(http://nzix.net/) so you can expect the relevant servers to be reloaded
in the near future. The reloading of the servers is staggered over a
period of time so that if you are peering with both servers at an
exchange, you can maintain at least one BGP session at all times and
consequently a full set of routes.
Diagnostic output:
------------------------------------------------------------
---
PREVIOUS OBJECT:
route-set: AS9560:RS-ROUTES:AS17435
descr: advertised to AS9560 by WorldxChange Communications Ltd - AS17435
members: 58.28.0.0/16^16-29,
118.90.0.0/16^16-29,
202.49.204.0/22^22-29,
202.14.217.0/24^24-29,
202.49.59.0/24^24-29,
202.50.176.0/24^24-29
admin-c: RPA1-NZRR
tech-c: RPA1-NZRR
notify: rpsl-admin(a)nzix.net
notify: nznog(a)list.waikato.ac.nz
notify: cbarr(a)wxc.co.nz
mnt-by: MAINT-NZRR-NZ
changed: rpsl-admin(a)nzix.net 20070824
source: NZRR
REPLACED BY:
route-set: AS9560:RS-ROUTES:AS17435
descr: advertised to AS9560 by WorldxChange Communications LTD - AS17435
members: 58.28.0.0/16^16-29,
118.90.0.0/16^16-29,
202.49.240.0/22^22-29,
202.14.217.0/24^24-29,
202.49.59.0/24^24-29,
202.50.176.0/24^24-29,
203.171.223.0/24^24-29
admin-c: RPA1-NZRR
tech-c: RPA1-NZRR
notify: rpsl-admin(a)nzix.net
notify: nznog(a)list.waikato.ac.nz
notify: cbarr(a)wxc.co.nz
mnt-by: MAINT-NZRR-NZ
changed: rpsl-admin(a)nzix.net 20090127
source: NZRR
------------------------------------------------------------
------------------------------
Message: 7
Date: Tue, 27 Jan 2009 16:22:11 +1300
From: NZRR Database Notifications <rpsl-admin(a)nzix.net>
Subject: [nznog] NZRR Route Registry Update
To: nznog(a)list.waikato.ac.nz
Message-ID: <E1LReWh-0004Pr-B6(a)totti.citylink.co.nz>
Dear Colleague,
This is to notify you that one or more objects in which you are
designated for notification have been modified in the NZRR routing
registry database.
These objects are used to configure the various NZIX route servers
(http://nzix.net/) so you can expect the relevant servers to be reloaded
in the near future. The reloading of the servers is staggered over a
period of time so that if you are peering with both servers at an
exchange, you can maintain at least one BGP session at all times and
consequently a full set of routes.
Diagnostic output:
------------------------------------------------------------
---
PREVIOUS OBJECT:
route-set: AS9439:RS-ROUTES:AS17435
descr: advertised to AS9439 by WorldxChange Communications Ltd - AS17435
members: 58.28.0.0/16^16-29,
118.90.0.0/16^16-29,
202.49.204.0/22^22-29,
202.14.217.0/24^24-29,
202.49.59.0/24^24-29,
202.50.176.0/24^24-29
admin-c: RPA1-NZRR
tech-c: RPA1-NZRR
notify: rpsl-admin(a)nzix.net
notify: nznog(a)list.waikato.ac.nz
notify: cbarr(a)wxc.co.nz
mnt-by: MAINT-NZRR-NZ
changed: rpsl-admin(a)nzix.net 20070824
source: NZRR
REPLACED BY:
route-set: AS9439:RS-ROUTES:AS17435
descr: advertised to AS9439 by WorldxChange Communications LTD - AS17435
members: 58.28.0.0/16^16-29,
118.90.0.0/16^16-29,
202.49.240.0/22^22-29,
202.14.217.0/24^24-29,
202.49.59.0/24^24-29,
202.50.176.0/24^24-29,
203.171.223.0/24^24-29
admin-c: RPA1-NZRR
tech-c: RPA1-NZRR
notify: rpsl-admin(a)nzix.net
notify: nznog(a)list.waikato.ac.nz
notify: cbarr(a)wxc.co.nz
mnt-by: MAINT-NZRR-NZ
changed: rpsl-admin(a)nzix.net 20090127
source: NZRR
------------------------------------------------------------
------------------------------
Message: 8
Date: Tue, 27 Jan 2009 22:36:06 +1300 (NZDT)
From: Mark Foster <blakjak(a)blakjak.net>
Subject: [nznog] NZNOG IRC Channel
To: nznog(a)list.waikato.ac.nz
Message-ID: <Pine.LNX.4.64.0901272233100.27157(a)skyhawk.blakjak.net>
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Hi all
A headsup that #NZNOG on the Undernet IRC Network is open for NZNOG'rs to
lurk in, and to perhaps provide some means of interaction between those
that are here and those that, well, aren't.
the DNS aliases us.undernet.org and eu.undernet.org are likely suspects if
you dont know any other valid server addresses to try to connect to.
See you there,
Mark.
------------------------------
Message: 9
Date: Tue, 27 Jan 2009 12:57:20 -0800
From: Scott Howard <scott(a)doc.net.au>
Subject: Re: [nznog] NZNOG IRC Channel
To: Mark Foster <blakjak(a)blakjak.net>
Cc: nznog(a)list.waikato.ac.nz
Message-ID:
<f1dedf9c0901271257l68036743ud3ddbc4521f20393(a)mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"
On Tue, Jan 27, 2009 at 1:36 AM, Mark Foster <blakjak(a)blakjak.net> wrote:
> the DNS aliases us.undernet.org and eu.undernet.org are likely suspects if
> you dont know any other valid server addresses to try to connect to.
Or even the far more relevant nz.undernet.org :)
(Sure, it's just a CNAME to "us", but that's not the point...)
Scott
Hi all
A headsup that #NZNOG on the Undernet IRC Network is open for NZNOG'rs to
lurk in, and to perhaps provide some means of interaction between those
that are here and those that, well, aren't.
the DNS aliases us.undernet.org and eu.undernet.org are likely suspects if
you dont know any other valid server addresses to try to connect to.
See you there,
Mark.
Dear Colleague,
This is to notify you that one or more objects in which you are
designated for notification have been modified in the NZRR routing
registry database.
These objects are used to configure the various NZIX route servers
(http://nzix.net/) so you can expect the relevant servers to be reloaded
in the near future. The reloading of the servers is staggered over a
period of time so that if you are peering with both servers at an
exchange, you can maintain at least one BGP session at all times and
consequently a full set of routes.
Diagnostic output:
------------------------------------------------------------
---
PREVIOUS OBJECT:
route-set: AS9439:RS-ROUTES:AS17435
descr: advertised to AS9439 by WorldxChange Communications Ltd - AS17435
members: 58.28.0.0/16^16-29,
118.90.0.0/16^16-29,
202.49.204.0/22^22-29,
202.14.217.0/24^24-29,
202.49.59.0/24^24-29,
202.50.176.0/24^24-29
admin-c: RPA1-NZRR
tech-c: RPA1-NZRR
notify: rpsl-admin(a)nzix.net
notify: nznog(a)list.waikato.ac.nz
notify: cbarr(a)wxc.co.nz
mnt-by: MAINT-NZRR-NZ
changed: rpsl-admin(a)nzix.net 20070824
source: NZRR
REPLACED BY:
route-set: AS9439:RS-ROUTES:AS17435
descr: advertised to AS9439 by WorldxChange Communications LTD - AS17435
members: 58.28.0.0/16^16-29,
118.90.0.0/16^16-29,
202.49.240.0/22^22-29,
202.14.217.0/24^24-29,
202.49.59.0/24^24-29,
202.50.176.0/24^24-29,
203.171.223.0/24^24-29
admin-c: RPA1-NZRR
tech-c: RPA1-NZRR
notify: rpsl-admin(a)nzix.net
notify: nznog(a)list.waikato.ac.nz
notify: cbarr(a)wxc.co.nz
mnt-by: MAINT-NZRR-NZ
changed: rpsl-admin(a)nzix.net 20090127
source: NZRR
------------------------------------------------------------
Dear Colleague,
This is to notify you that one or more objects in which you are
designated for notification have been modified in the NZRR routing
registry database.
These objects are used to configure the various NZIX route servers
(http://nzix.net/) so you can expect the relevant servers to be reloaded
in the near future. The reloading of the servers is staggered over a
period of time so that if you are peering with both servers at an
exchange, you can maintain at least one BGP session at all times and
consequently a full set of routes.
Diagnostic output:
------------------------------------------------------------
---
PREVIOUS OBJECT:
route-set: AS9560:RS-ROUTES:AS17435
descr: advertised to AS9560 by WorldxChange Communications Ltd - AS17435
members: 58.28.0.0/16^16-29,
118.90.0.0/16^16-29,
202.49.204.0/22^22-29,
202.14.217.0/24^24-29,
202.49.59.0/24^24-29,
202.50.176.0/24^24-29
admin-c: RPA1-NZRR
tech-c: RPA1-NZRR
notify: rpsl-admin(a)nzix.net
notify: nznog(a)list.waikato.ac.nz
notify: cbarr(a)wxc.co.nz
mnt-by: MAINT-NZRR-NZ
changed: rpsl-admin(a)nzix.net 20070824
source: NZRR
REPLACED BY:
route-set: AS9560:RS-ROUTES:AS17435
descr: advertised to AS9560 by WorldxChange Communications LTD - AS17435
members: 58.28.0.0/16^16-29,
118.90.0.0/16^16-29,
202.49.240.0/22^22-29,
202.14.217.0/24^24-29,
202.49.59.0/24^24-29,
202.50.176.0/24^24-29,
203.171.223.0/24^24-29
admin-c: RPA1-NZRR
tech-c: RPA1-NZRR
notify: rpsl-admin(a)nzix.net
notify: nznog(a)list.waikato.ac.nz
notify: cbarr(a)wxc.co.nz
mnt-by: MAINT-NZRR-NZ
changed: rpsl-admin(a)nzix.net 20090127
source: NZRR
------------------------------------------------------------
Hi all,
Wednesday night we are running a "vendor reception", similar to the
"gear and beer" evenings at NANOG.
Renaissance have generously made a prize available for the evening -
an iPod Nano.
This will be an open bar, with finger food.
Network operators and related parties can attend - even people who are
not attending the main conference.
Please bring some business cards - one for to go in the prize jar, and
one to put in your name tag holder if you are not a conference attendee.
Please RSVP to info(a)nznog.org and let us know if you are attending,
and also anyone you are bringing with you so we can put you on some
kind of list.
It would be great to see you here, to get a taste of the NZNOG
conference, and a drink or two[1].
--
Nathan Ward
[1] or three.
Hey Guys,
Hope this fits in with the AUP, however I'd hope so as not many forums show
how to rate-limit based on national/international traffic as they don't
bill accordingly, however in NZ this is standard practice so hoping someone
with juniper knowledge can assist me here.
Basically I want to allow all traffic to/from national without rate-limit,
then restrict international, for eg 128k.
icepick@NCCORE01# show firewall
policer 128k {
if-exceeding {
bandwidth-limit 128k;
burst-size-limit 4500;
}
then discard;
}
filter 128k {
term 1 {
from {
forwarding-class assured-forwarding;
}
then accept;
}
term 2 {
from {
forwarding-class best-effort;
}
then {
policer 128k;
accept;
}
}
}
icepick@NCCORE01# show policy-options policy-statement Orcon-Primary-In
term 1 {
from community [ Orcon-Local Orcon-National Orcon-Peering Orcon-Telstra
Orcon-Telecom ];
then {
local-preference 110;
forwarding-class assured-forwarding;
accept;
}
}
term 2 {
from {
route-filter 0.0.0.0/0 upto /24;
}
then {
local-preference 110;
forwarding-class best-effort;
accept;
}
}
term 3 {
from {
route-filter 0.0.0.0/0 exact;
}
then {
local-preference 120;
accept;
}
}
term 4 {
then reject;
}
icepick@NCCORE01# show interfaces ge-0/0/1 unit 55
description "Test interface";
vlan-id 55;
family inet {
filter {
input 128k;
output 128k;
}
address 113.21.x.x/29;
}
The problem I'm running into is all traffic is being rate-limited at 128k,
rather than just the international. I was able to find one example located
at
http://archives.devshed.com/forums/networking-100/policer-based-on-communit…
however this describes the use of destination-class where I only have
forwarding-class so I'm not sure if this has been depreciated or renamed or
not supported by J2320.
I understand this may be a question for JTAC, however I'd like to hear from
users here in NZ that have managed to get this going with junos. To keep
the list sane, please reply offlist, if many people are interested I'll
post the working solution after being tested for archive purposes.
Public holiday for Aucklanders next monday, extra long weekend of beer,
mmmmm
Thanks
Barry
The NZNOG 2009 conference starts tomorrow (Wed 2009-01-28) with the
tutorial day, including the System Administrators Miniconf. As
previously announced the System Administrators Miniconf is being held in
more of a BoF style (shorter intro talks, more discussion) with a more
flexible schedule than previous years.
But for the benefit of those who are hoping to switch back and forth
between tutorials, this is approximately what we intend to have in terms
of ordering and timing:
-=- cut here -=-
Intro/Welcome
Ewen McNeill: Scaling System and Network monitoring
Peter Mott: VMware in a production environment
Jonny Martin: PCH VMWare Platform
* Morning Tea *
Amos Jeffries: Squid web caching
Michael Robinsion: Configuration automation (puppet, cfengine, etc)
Jonny Martin: ENUM intro
-=- cut here -=-
About the only thing which is actually fixed is the morning tea
(10:30-11:00) and the start (at approximately 09:00).
I believe we have the room for at least half a day, and perhaps the full
day, so we're open to adding more topics (or a general "problem solving"
type BoF) after the things listed above.
Ewen