(cross-posted to NZNOG since nzix-route-announce still seems pretty much
We intend to begin announcing the prefix 184.108.40.206/24 to the APE in approximately 2 weeks.
This prefix will be originated from AS38477.
This will bring our total set of (le 24) announced prefixes to:
220.127.116.11/22 originated from AS38477
18.104.22.168/22 originated from AS38294 path: 38477 38294
22.214.171.124/20 originated from AS38477
126.96.36.199/23 originated from AS38477
188.8.131.52/24 originated from AS38590 path: 38477 38590
184.108.40.206/22 originated from AS45641 path: 38477 45641
220.127.116.11/24 originated from AS45641 path: 38477 45641
18.104.22.168/23 originated from AS38477
22.214.171.124/24 originated from AS56102 path: 38477 56102
126.96.36.199/23 originated from AS56102 path: 38477 56102
188.8.131.52/22 originated from AS56214 path: 38477 56214
184.108.40.206/24 originated from AS38477
220.127.116.11/22 originated from AS38477
18.104.22.168/24 originated from AS38477
22.214.171.124/23 originated from AS38477
126.96.36.199/22 originated from AS132255 path: 38477 132255
188.8.131.52/24 originated from AS38477
System Administrator, Unleash
Phone: 0800 750 250
ARIN (the North American equivalent of APNIC) has just passed some new
policy which has an impact for organisations in this region.
There were three policies passed:
ARIN-2011-1: ARIN Inter-RIR Transfers
ARIN-2012-1: Clarifying requirements for IPv4 transfers
ARIN-2012-3: ASN Transfers
The impact for users in this regions is that APNIC members are now
able to negotiate IPv4 Address Space transfers from organisations
within the North American region.
We have seen organisations in the ARIN region selling IP Address space
in the past (Nortel selling 666k addresses to Microsoft for 7.5
million) , infact ARIN now has specific policy surrounding how to deal
with a transfer in a bankruptcy scenario. The tricky part was that
up until now they only allowed transfers to other members within the
ARIN region. This meant that APNIC members were not able to get
access to these resources and pull them into their APNIC account (and
update the details around who currently holds them).
This has now been changed so that as long as you can demonstrate to
APNIC that you have a need for the addresses, and would have qualified
for them under the old allocation scheme (ie when they still had
addresses to give out), then you can transfer the numbers from the
ARIN member into the APNIC region.
This is generally considered a good thing. Having all users on an
even footing is a step in the right direction.
Anyone wanting some more clarification then feel free to post (if you
think it's relevant to everyone) or mail me directly.
I forwarded something on this several days ago and I'm going to badger you
once more about it.
On Tuesday 10 July, InternetNZ is holding a one-day conference in Auckland
to discuss issues related to the technical architecture and technical
policy of ultra-fast broadband and fibre networks.
This is a chance for members of this group to meet with folks they often
don't catch up with from the larger telcos and other industry players.
We've got a couple of good speakers:
Lev Gonick <http://www.case.edu/its/about/levgonick.html>, Chief
Information Officer of Case Western Reserve University, Cleveland, USA
Chief Scientist at APNIC
and a chance to have some serious discussion about
Connectivity vs. Content
UFB product specifications
Keeping local traffic local - peering and interconnect
Domestic and international IP transit
On Thursday 14 June Citylink will be taking rs2.ape (184.108.40.206) down for maintenance from 0800 till 0900. During this change window we will be observing a change freeze on the rest of the route servers nationwide. This is in preparation for upgrades which we are undertaking in the short to medium term.
I have a several-hundred-line extended ACL on a 6500, which is several years old and has had several admins over its time. As such, it is severaly (See what I did there?) ugly.
I'm trying to find a tool that I can load this ACL into and it will tell me about redundant entries etc., as I have been given the envious task of moving the service it protects to a proper firewall.
CiscoWorks ACL tool looks to be the business, but alas it's EOL and I can't find it anywhere. I don't want to pay hundreds/thousands for using something only once either.
So what say you guys? Any suggestions on ACL managers? (Before you suggest, Gareth Evans ACL simulator won't work as you can't load ACL's into it).
-----BEGIN PGP SIGNED MESSAGE-----
I'd think some of you may be interested in a project run by some
friends of mine: the NLNOG RING.
Project came out of the NLNOG (the Dutch NOG) discussions. It's
based around the goals of making network debugging easier. When trying
to debug complex problems and plan future upgrades, a point of view
from outside your network is absolutely essential. Seeing what others
see is incredibly useful when dealing with a variety of network
problems. Well known examples are ‘it works for even numbered ip
address, but not for odd numbered ip address via this and this route’.
So tired of asking people to do traceroutes and wait for results,
NLNOG RING was formed. In essence the project is very simple: you make
a (virtual) machine available to the RING, and you gain access on all
other servers which are part of the RING. The project currently has
108 nodes, located on 100 participant networks in 25 countries.
Was just looking and see that NZ is missing on that list, the home of
the rings, so thought I'd send this out.
The RING provides tools to trivially launch a ping from all these
nodes and summarize the results to, other examples are distributed
tracerouting and MTU testing. The RING also maintains a record of
latencies between nodes using smokeping to help identify historic
I say, have a look at https://ring.nlnog.net/ for more information.
A map of current node locations is available here:
And email ring-admins(a)ring.nlnog.net directly with any questions you
I am sure the they will send some good beer for the next NOG to make
this on topic.
- - gaurab
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
One of our customers is looking at migrating away from their current WAN
carrier and have nailed down their options to either FX Networks or
Gen-i. This is a 3 office site (AKL/WGTN/CHCH) with relatively fat PIP
pipes between all offices, and 20/30Mbps to the Internet from the AKL &
WGTN locations using carrier managed BGP devices to allow for Internet
Obviously the overview of services according to the provider themselves
are understandably at least somewhat bias, but I was wondering whether
anybody from the NZNOG community has any objective views on each with
regards to reliability and performance? For example FX seems to cost
significantly less for relatively the same thing, however without
personally having a lot of experience in provider topologies I can't
justify being able to go back to the customer vouching for either
provider either way.
Any replies, either on or off-list are appreciated.
If anyone should wish to establish a direct peering session via APE with us (for either redundancy reasons, or because you don't use the route servers) please contact me directly off list.
Craig Spiers | Network Engineer