The OUI prefixes that are Intel, Dell, HP, Supermicro and other x86-64 hardware vendors are almost certainly people running BIRD, FRR or similar on commodity hardware. In which case the actual routing configuration could be almost anything, those just happen to be the PCI-Express NICs in some sort of server platform. On Thu, Nov 7, 2019 at 11:59 AM Edward Dore < edward.dore@freethought-internet.co.uk> wrote:
I just grabbed the following from our routers connected to LINX LON1, LINX LON2, LINX Manchester and LONAP (so this data is very UK centric):
557 Cisco Systems, Inc 553 Juniper Networks 51 Routerboard.com 51 Brocade Communications Systems, Inc. 49 Arista Networks 40 Unknown 38 Intel Corporate 36 HUAWEI TECHNOLOGIES CO.,LTD 31 Globalscale Technologies, Inc. 20 Super Micro Computer, Inc. 20 Alcatel-Lucent IPD 15 Nokia 14 Hewlett Packard 10 VMware, Inc. 10 Ubiquiti Networks Inc. 10 Sunrich Technology Limited 10 Extreme Networks, Inc. 7 Dell Inc. 5 IEEE Registration Authority 4 Intel Corporation 4 HotLava Systems, Inc. 3 FireBrick Limited 2 Raspberry Pi Foundation 2 Nexcom International Co., Ltd. 2 Microsoft Corporation 2 Mellanox Technologies, Inc. 2 ICP Electronics Inc. 2 Hewlett Packard Enterprise 2 BSkyB Ltd 1 Xensource, Inc. 1 XEROX CORPORATION 1 Solarflare Communications Inc. 1 SILICOM, LTD. 1 MIX s.r.l. 1 LANNER ELECTRONICS, INC. 1 GIGA-BYTE TECHNOLOGY CO.,LTD. 1 DriveCam Inc 1 DIGITAL EQUIPMENT CORPORATION 1 Agile Systems Inc.
That's done using https://github.com/bauerj/mac_vendor_lookup to do the MAC lookup against the IEEE OUI list with the "Unknown" entries being anything which doesn't appear in http://standards-oui.ieee.org/oui.txt (possibly locally administered addresses?).
Hope that's helpful to someone 🙂
Edward Dore
Freethought Internet ------------------------------ *From:* NANOG <nanog-bounces@nanog.org> on behalf of Sabri Berisha < sabri@cluecentral.net> *Sent:* 07 November 2019 19:08 *To:* Compton, Rich A <Rich.Compton@charter.com> *Cc:* nanog <nanog@nanog.org> *Subject:* Re: Any info on devices that are running eBGP on the Internet?
Hi,
What you could consider is asking a few of the major internet exchanges if they'd be so kind to send you a list of MAC addresses seen on their LANs. Based on the MAC you can determine the manufacturer. If you have three or four big ones, you have a decent sample size as most larger networks are on multiple IXes anyway.
If you do compile a list, I'm sure this list would be interested in the results :)
Thanks,
Sabri
----- On Nov 6, 2019, at 10:39 AM, Compton, Rich A < Rich.Compton@charter.com> wrote:
Hi, I am working with MANRS (https://www.manrs.org) on a tool for checking router configs for BGP security / spoofing prevention (e.g. uRPF) https://github.com/manrs-tools/MANRS-validator
We are wondering if there is any research on the percentages of different types of devices running BGP on the Internet.
Something like:
Cisco IOS 30%
Junos 30%
Mikrotik 20%
etc…
We are looking to focus our tool on the most prevalent types of devices doing BGP (and the most prevalent with BGP security/spoofing issues) so that we can have the greatest impact. Does anyone have any information on this or know where I can obtain this information? Thanks in advance!
-Rich The contents of this e-mail message and any attachments are intended solely for the addressee(s) and may contain confidential and/or legally privileged information. If you are not the intended recipient of this message or if this message has been addressed to you in error, please immediately alert the sender by reply e-mail and then delete this message and any attachments. If you are not the intended recipient, you are notified that any use, dissemination, distribution, copying, or storage of this message or any attachment is strictly prohibited.