Getting back to the more original thread. Is there any need to keep the routing table to a smaller size. Since in theory, it creates suboptimal routing. And considering the new routers out there today should be able to handle it. Considering verio is using junipers, and they pride themselves on handling a tremendously large table. Why should we shoot for a 100,000 route table instead of 500,000 if it does not impact performance? I do understand that the 100,000 might be that actual 'installed best routes' and that the routers might in fact be dealing with a much larger route table. That might be an issue. But certainly 100,000- 500,000 installed routes, is that a problem for large backbones with high end routers? My only consideration might be the small multihomed ISPs with 2-3 providers with full BGP feeds and cisco 4000s (256meg ram). I saw one last week. I might be concerned at that level. I'd love to hear feedback. It would then justify filtering...or not. David At 21:37 -0400 7/18/02, Phil Rosenthal wrote:
How is it arrogant? I read that as: a customer set up an exploitable FormMail. Verio received notice about it. Verio removed the FormMail in question. Verio asked to be removed since they corrected the problem. Verio was ignored.
Verio may have some problems with not terminating spammers, and I believe this to be the truth -- I buy from verio, and Don't spam, and whenever one of my clients spam, they get terminated for it. I receive plenty of spam from verio ips, and no matter how much I complain, it never gets terminated. This is probably a scenario of asking sales rep "If I want to spam, but I pay more per meg -- Is this OK?" and getting a positive answer.
That is why the NANAE people don't like verio. But, nonetheless, I don't think that putting verio's mailserver on a formmail list is accomplishing anything good, since they fixed THAT problem...
--Phil
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Kai Schlichting Sent: Thursday, July 18, 2002 6:37 PM To: nanog@merit.edu Cc: Kai Schlichting Subject: Re: verio arrogance
How's THIS for Verio arrogance, going to a whole new level:
http://www.monkeys.com/anti-spam/filtering/verio-demand.ps
Details were on the SPAM-L list Wed, 17 Jul 2002 15:51:05 EDT: Verio threatens to sue Ron Guilmette over the IP 208.55.91.59 appearing on his FormMail.pl open-proxy/formmail server DNSBL.
And given the ever-increasing number of spammers now hopping onto Verio tells me that Verio must be well down the spiral of death (spammers seem to be attracted by NSP's going chapter 7/11, or who are getting close), or else the dozen-or-so automated messages going to abuse@verio.net every week complaining about connections (real or attempted) to hosts under my control, and originating from their spamming customers would have shown any results over time.
I don't need connectivity to 208.55.0.0/16. I really don't, and I have not the slightest tolerance for litigious, small-minded, panic-lawyer-dialling scum like this.
/etc/mail$ grep 208.55 access.local 208.55 550 Access for FormMail spam and litigious scum denied - XXXX Verio in their XXXXXXXX XXX - we block more than just 208.55.91.59 - Spammers must die - see http://www.monkeys.com/anti-spam/filtering/verio-demand.ps /etc/mail$
PS: I also have zero tolerance for Nadine-type spam-generating, "single-opt-in", "87% permission-based" emailers nowadays: 2 bounces or a single mail to a never-existing account, and all your /24's are off into gated.conf as a next-hop route to 127.0.0.1. And no, they won't get around that by advertising /25's.
Good-bye route-prefix-filtering wars, and welcome to the war on spam, where Null0'd /28's for filtering 'undesirables' just doesn't cut it any more. Casualties like 10-15 bystanding rackspace.com customers with a "Nadine- type" mailer in neighboring IP space be damned: "move your servers into a different slum, cause da landlord's running down 'da neighborhood".
-- "Just say No" to Spam Kai Schlichting New York, Palo Alto, You name it Sophisticated Technical Peon Kai's SpamShield <tm> is FREE! http://www.SpamShield.org | | | LeasedLines-FrameRelay-IPLs-ISDN-PPP-Cisco-Consulting-VoiceFax-Data-Muxe s WorldWideWebAnything-Intranets-NetAdmin-UnixAdmin-Security-ReallyHardMat h
-- David Diaz dave@smoton.net [Email] pagedave@smoton.net [Pager] Smotons (Smart Photons) trump dumb photons
On Thu, Jul 18, 2002 at 11:54:30PM -0400, David Diaz wrote:
Is there any need to keep the routing table to a smaller size. Since in theory, it creates suboptimal routing. And considering the new routers out there today should be able to handle it. Considering verio is using junipers, and they pride themselves on handling a tremendously large table. Why should we shoot for a 100,000 route table instead of 500,000 if it does not impact performance?
When you are talking about BGP reconvergance when a router crashes (oh wait, they would never crash ;-) or is upgraded it takes a lot longer to advertize 500k routes than 100k routes. Even with a really-fast processor it obviously takes more time to do route lookup in doing best-path computations with 100+ ibgp peers. Then you start to talk about the memory footprint of 500k prefixes, once you start to include received-side communities as well as your new communities you've tagged on. With route-refresh it's not that bad, but with soft-reconfiguration enabled it may cause a bit more memory to be used.
I do understand that the 100,000 might be that actual 'installed best routes' and that the routers might in fact be dealing with a much larger route table. That might be an issue. But certainly 100,000- 500,000 installed routes, is that a problem for large backbones with high end routers?
If you venture a guess and say that most "large" networks originate about 5% of the 100k prefixes must be advertized (see peering discussion about minimum routes to advertize awhile back) that numer of prefixes is increased to 25k prefixes. Then if you prefix-filter your customers, you're talking about 5X increased nvram/config requirements.
My only consideration might be the small multihomed ISPs with 2-3 providers with full BGP feeds and cisco 4000s (256meg ram). I saw one last week. I might be concerned at that level.
"back in the day when full routes would fit in 64m ram". obviously the smaller providers have a bit more of a challenge as they tend to not have support contracts, and it can be a bit tougher to justify router memory.
I'd love to hear feedback. It would then justify filtering...or not.
Think about the "7007" and other cases whereby someone announces a large set of routes they should not be. There have been numerous cases of this in the past and as a long as it's possible to easily leak routes incorrectly due to not filtering customers closely, etc.. it will continue to happen. - jared
David
At 21:37 -0400 7/18/02, Phil Rosenthal wrote:
How is it arrogant? I read that as: a customer set up an exploitable FormMail. Verio received notice about it. Verio removed the FormMail in question. Verio asked to be removed since they corrected the problem. Verio was ignored.
Verio may have some problems with not terminating spammers, and I believe this to be the truth -- I buy from verio, and Don't spam, and whenever one of my clients spam, they get terminated for it. I receive plenty of spam from verio ips, and no matter how much I complain, it never gets terminated. This is probably a scenario of asking sales rep "If I want to spam, but I pay more per meg -- Is this OK?" and getting a positive answer.
That is why the NANAE people don't like verio. But, nonetheless, I don't think that putting verio's mailserver on a formmail list is accomplishing anything good, since they fixed THAT problem...
--Phil
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Kai Schlichting Sent: Thursday, July 18, 2002 6:37 PM To: nanog@merit.edu Cc: Kai Schlichting Subject: Re: verio arrogance
How's THIS for Verio arrogance, going to a whole new level:
http://www.monkeys.com/anti-spam/filtering/verio-demand.ps
Details were on the SPAM-L list Wed, 17 Jul 2002 15:51:05 EDT: Verio threatens to sue Ron Guilmette over the IP 208.55.91.59 appearing on his FormMail.pl open-proxy/formmail server DNSBL.
And given the ever-increasing number of spammers now hopping onto Verio tells me that Verio must be well down the spiral of death (spammers seem to be attracted by NSP's going chapter 7/11, or who are getting close), or else the dozen-or-so automated messages going to abuse@verio.net every week complaining about connections (real or attempted) to hosts under my control, and originating from their spamming customers would have shown any results over time.
I don't need connectivity to 208.55.0.0/16. I really don't, and I have not the slightest tolerance for litigious, small-minded, panic-lawyer-dialling scum like this.
/etc/mail$ grep 208.55 access.local 208.55 550 Access for FormMail spam and litigious scum denied - XXXX Verio in their XXXXXXXX XXX - we block more than just 208.55.91.59 - Spammers must die - see http://www.monkeys.com/anti-spam/filtering/verio-demand.ps /etc/mail$
PS: I also have zero tolerance for Nadine-type spam-generating, "single-opt-in", "87% permission-based" emailers nowadays: 2 bounces or a single mail to a never-existing account, and all your /24's are off into gated.conf as a next-hop route to 127.0.0.1. And no, they won't get around that by advertising /25's.
Good-bye route-prefix-filtering wars, and welcome to the war on spam, where Null0'd /28's for filtering 'undesirables' just doesn't cut it any more. Casualties like 10-15 bystanding rackspace.com customers with a "Nadine- type" mailer in neighboring IP space be damned: "move your servers into a different slum, cause da landlord's running down 'da neighborhood".
-- "Just say No" to Spam Kai Schlichting New York, Palo Alto, You name it Sophisticated Technical Peon Kai's SpamShield <tm> is FREE! http://www.SpamShield.org | | | LeasedLines-FrameRelay-IPLs-ISDN-PPP-Cisco-Consulting-VoiceFax-Data-Muxe s WorldWideWebAnything-Intranets-NetAdmin-UnixAdmin-Security-ReallyHardMat h
--
David Diaz dave@smoton.net [Email] pagedave@smoton.net [Pager] Smotons (Smart Photons) trump dumb photons
-- Jared Mauch | pgp key available via finger from jared@puck.nether.net clue++; | http://puck.nether.net/~jared/ My statements are only mine.
I think we are at the point where the vast majority of backbone routers can handle 200K+ routes, at least in terms of memory. The interesting point we are getting to, is that the most popular router in the world for multihoming can't handle the routing table. I'm referring to the Cisco 3640, which has largely supplanted the venerable 2501 as the low-end multihomer's edge router of choice. With a reasonable number of features turned on (i.e. SSH, netflow, CEF), the 3640 can't handle two full views anymore, due to it's limitation of 128MB. While this may be a good thing for Cisco's sales numbers, in this winter of financial discontent, I wonder how this is effecting the average customer, and what is generally being installed to replace the 3640s. - Daniel Golding
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of David Diaz Sent: Thursday, July 18, 2002 11:55 PM To: nanog@merit.edu Subject: RE: verio arrogance
Getting back to the more original thread.
Is there any need to keep the routing table to a smaller size. Since in theory, it creates suboptimal routing. And considering the new routers out there today should be able to handle it. Considering verio is using junipers, and they pride themselves on handling a tremendously large table. Why should we shoot for a 100,000 route table instead of 500,000 if it does not impact performance?
I do understand that the 100,000 might be that actual 'installed best routes' and that the routers might in fact be dealing with a much larger route table. That might be an issue. But certainly 100,000- 500,000 installed routes, is that a problem for large backbones with high end routers?
My only consideration might be the small multihomed ISPs with 2-3 providers with full BGP feeds and cisco 4000s (256meg ram). I saw one last week. I might be concerned at that level.
I'd love to hear feedback. It would then justify filtering...or not.
David
At 21:37 -0400 7/18/02, Phil Rosenthal wrote:
How is it arrogant? I read that as: a customer set up an exploitable FormMail. Verio received notice about it. Verio removed the FormMail in question. Verio asked to be removed since they corrected the problem. Verio was ignored.
Verio may have some problems with not terminating spammers, and I believe this to be the truth -- I buy from verio, and Don't spam, and whenever one of my clients spam, they get terminated for it. I receive plenty of spam from verio ips, and no matter how much I complain, it never gets terminated. This is probably a scenario of asking sales rep "If I want to spam, but I pay more per meg -- Is this OK?" and getting a positive answer.
That is why the NANAE people don't like verio. But, nonetheless, I don't think that putting verio's mailserver on a formmail list is accomplishing anything good, since they fixed THAT problem...
--Phil
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Kai Schlichting Sent: Thursday, July 18, 2002 6:37 PM To: nanog@merit.edu Cc: Kai Schlichting Subject: Re: verio arrogance
How's THIS for Verio arrogance, going to a whole new level:
http://www.monkeys.com/anti-spam/filtering/verio-demand.ps
Details were on the SPAM-L list Wed, 17 Jul 2002 15:51:05 EDT: Verio threatens to sue Ron Guilmette over the IP 208.55.91.59 appearing on his FormMail.pl open-proxy/formmail server DNSBL.
And given the ever-increasing number of spammers now hopping onto Verio tells me that Verio must be well down the spiral of death (spammers seem to be attracted by NSP's going chapter 7/11, or who are getting close), or else the dozen-or-so automated messages going to abuse@verio.net every week complaining about connections (real or attempted) to hosts under my control, and originating from their spamming customers would have shown any results over time.
I don't need connectivity to 208.55.0.0/16. I really don't, and I have not the slightest tolerance for litigious, small-minded, panic-lawyer-dialling scum like this.
/etc/mail$ grep 208.55 access.local 208.55 550 Access for FormMail spam and litigious scum denied - XXXX Verio in their XXXXXXXX XXX - we block more than just 208.55.91.59 - Spammers must die - see http://www.monkeys.com/anti-spam/filtering/verio-demand.ps /etc/mail$
PS: I also have zero tolerance for Nadine-type spam-generating, "single-opt-in", "87% permission-based" emailers nowadays: 2 bounces or a single mail to a never-existing account, and all your /24's are off into gated.conf as a next-hop route to 127.0.0.1. And no, they won't get around that by advertising /25's.
Good-bye route-prefix-filtering wars, and welcome to the war on spam, where Null0'd /28's for filtering 'undesirables' just doesn't cut it any more. Casualties like 10-15 bystanding rackspace.com customers with a "Nadine- type" mailer in neighboring IP space be damned: "move your servers into a different slum, cause da landlord's running down 'da neighborhood".
-- "Just say No" to Spam Kai Schlichting New York, Palo Alto, You name it Sophisticated Technical Peon Kai's SpamShield <tm> is FREE! http://www.SpamShield.org | | | LeasedLines-FrameRelay-IPLs-ISDN-PPP-Cisco-Consulting-VoiceFax-Data-Muxe s WorldWideWebAnything-Intranets-NetAdmin-UnixAdmin-Security-ReallyHardMat h
--
David Diaz dave@smoton.net [Email] pagedave@smoton.net [Pager] Smotons (Smart Photons) trump dumb photons
On Fri, 19 Jul 2002, Daniel Golding wrote:
I think we are at the point where the vast majority of backbone routers can handle 200K+ routes, at least in terms of memory. The interesting point we
I've not tried it but I doubt the ability of any Cisco router up to and including 7500 to handle that many routes.... Btw, sketchy partial BGP tables seems to be the most common workaround to memory limitations.
are getting to, is that the most popular router in the world for multihoming can't handle the routing table. I'm referring to the Cisco 3640, which has largely supplanted the venerable 2501 as the low-end multihomer's edge router of choice.
With a reasonable number of features turned on (i.e. SSH, netflow, CEF), the 3640 can't handle two full views anymore, due to it's limitation of 128MB. While this may be a good thing for Cisco's sales numbers, in this winter of financial discontent, I wonder how this is effecting the average customer, and what is generally being installed to replace the 3640s.
- Daniel Golding
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of David Diaz Sent: Thursday, July 18, 2002 11:55 PM To: nanog@merit.edu Subject: RE: verio arrogance
Getting back to the more original thread.
Is there any need to keep the routing table to a smaller size. Since in theory, it creates suboptimal routing. And considering the new routers out there today should be able to handle it. Considering verio is using junipers, and they pride themselves on handling a tremendously large table. Why should we shoot for a 100,000 route table instead of 500,000 if it does not impact performance?
I do understand that the 100,000 might be that actual 'installed best routes' and that the routers might in fact be dealing with a much larger route table. That might be an issue. But certainly 100,000- 500,000 installed routes, is that a problem for large backbones with high end routers?
My only consideration might be the small multihomed ISPs with 2-3 providers with full BGP feeds and cisco 4000s (256meg ram). I saw one last week. I might be concerned at that level.
I'd love to hear feedback. It would then justify filtering...or not.
David
At 21:37 -0400 7/18/02, Phil Rosenthal wrote:
How is it arrogant? I read that as: a customer set up an exploitable FormMail. Verio received notice about it. Verio removed the FormMail in question. Verio asked to be removed since they corrected the problem. Verio was ignored.
Verio may have some problems with not terminating spammers, and I believe this to be the truth -- I buy from verio, and Don't spam, and whenever one of my clients spam, they get terminated for it. I receive plenty of spam from verio ips, and no matter how much I complain, it never gets terminated. This is probably a scenario of asking sales rep "If I want to spam, but I pay more per meg -- Is this OK?" and getting a positive answer.
That is why the NANAE people don't like verio. But, nonetheless, I don't think that putting verio's mailserver on a formmail list is accomplishing anything good, since they fixed THAT problem...
--Phil
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Kai Schlichting Sent: Thursday, July 18, 2002 6:37 PM To: nanog@merit.edu Cc: Kai Schlichting Subject: Re: verio arrogance
How's THIS for Verio arrogance, going to a whole new level:
http://www.monkeys.com/anti-spam/filtering/verio-demand.ps
Details were on the SPAM-L list Wed, 17 Jul 2002 15:51:05 EDT: Verio threatens to sue Ron Guilmette over the IP 208.55.91.59 appearing on his FormMail.pl open-proxy/formmail server DNSBL.
And given the ever-increasing number of spammers now hopping onto Verio tells me that Verio must be well down the spiral of death (spammers seem to be attracted by NSP's going chapter 7/11, or who are getting close), or else the dozen-or-so automated messages going to abuse@verio.net every week complaining about connections (real or attempted) to hosts under my control, and originating from their spamming customers would have shown any results over time.
I don't need connectivity to 208.55.0.0/16. I really don't, and I have not the slightest tolerance for litigious, small-minded, panic-lawyer-dialling scum like this.
/etc/mail$ grep 208.55 access.local 208.55 550 Access for FormMail spam and litigious scum denied - XXXX Verio in their XXXXXXXX XXX - we block more than just 208.55.91.59 - Spammers must die - see http://www.monkeys.com/anti-spam/filtering/verio-demand.ps /etc/mail$
PS: I also have zero tolerance for Nadine-type spam-generating, "single-opt-in", "87% permission-based" emailers nowadays: 2 bounces or a single mail to a never-existing account, and all your /24's are off into gated.conf as a next-hop route to 127.0.0.1. And no, they won't get around that by advertising /25's.
Good-bye route-prefix-filtering wars, and welcome to the war on spam, where Null0'd /28's for filtering 'undesirables' just doesn't cut it any more. Casualties like 10-15 bystanding rackspace.com customers with a "Nadine- type" mailer in neighboring IP space be damned: "move your servers into a different slum, cause da landlord's running down 'da neighborhood".
-- "Just say No" to Spam Kai Schlichting New York, Palo Alto, You name it Sophisticated Technical Peon Kai's SpamShield <tm> is FREE! http://www.SpamShield.org | | | LeasedLines-FrameRelay-IPLs-ISDN-PPP-Cisco-Consulting-VoiceFax-Data-Muxe s WorldWideWebAnything-Intranets-NetAdmin-UnixAdmin-Security-ReallyHardMat h
--
David Diaz dave@smoton.net [Email] pagedave@smoton.net [Pager] Smotons (Smart Photons) trump dumb photons
On Fri, Jul 19, 2002 at 11:00:38AM -0400, Daniel Golding wrote:
I think we are at the point where the vast majority of backbone routers can handle 200K+ routes, at least in terms of memory. The interesting point we are getting to, is that the most popular router in the world for multihoming can't handle the routing table. I'm referring to the Cisco 3640, which has largely supplanted the venerable 2501 as the low-end multihomer's edge router of choice.
With a reasonable number of features turned on (i.e. SSH, netflow, CEF), the 3640 can't handle two full views anymore, due to it's limitation of 128MB. While this may be a good thing for Cisco's sales numbers, in this winter of financial discontent, I wonder how this is effecting the average customer, and what is generally being installed to replace the 3640s.
If a 3640 customer can't handle multiple full views, why can't they filter some junk /24s themselves? This isn't really a good enough reason for backbone providers to do the filtering. As for the convergence time argument, the limiting factor is CPU time, not the number of routes or amount of data exchanged (though obviously more routes == more cpu). In the core, is there really that big a difference between 93k and 113k? On the borders, how much cpu time is saved vs how much cpu time is burned doing the filtering? Which leaves us with the question of, are there still MSFC1's or other devices with 128mb memory limits in these networks which are hurting at 113k? Is there actually a legitimate technical need to filter off 20k routes, or are the people doing it stuck in a mental time warp from the days when it was a necessity? Or, is it really just people trying to do the "correct" thing? If you see "almost" no change in connectivity after removing 20k of cruft, and the very few people who are broken are the ones who needed attention called to their poor route announcing skills anyways, maybe it's a good thing for reasons other than router performance? -- Richard A Steenbergen <ras@e-gerbil.net> http://www.e-gerbil.net/ras PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6)
At 12:16 -0400 7/19/02, Richard A Steenbergen wrote:
On Fri, Jul 19, 2002 at 11:00:38AM -0400, Daniel Golding wrote:
I think we are at the point where the vast majority of backbone routers can handle 200K+ routes, at least in terms of memory. The interesting point we are getting to, is that the most popular router in the world for multihoming can't handle the routing table. I'm referring to the Cisco 3640, which has largely supplanted the venerable 2501 as the low-end multihomer's edge router of choice.
With a reasonable number of features turned on (i.e. SSH, netflow, CEF), the 3640 can't handle two full views anymore, due to it's limitation of 128MB. While this may be a good thing for Cisco's sales numbers, in this winter of financial discontent, I wonder how this is effecting the average customer, and what is generally being installed to replace the 3640s.
If a 3640 customer can't handle multiple full views, why can't they filter some junk /24s themselves? This isn't really a good enough reason for backbone providers to do the filtering.
That was my thinking also. I would imagine a lot of customers what a full route view, it's what they are paying for especially if they are an ISP or multihomed large customer. They should have their own policies then.
As for the convergence time argument, the limiting factor is CPU time, not the number of routes or amount of data exchanged (though obviously more routes == more cpu). In the core, is there really that big a difference between 93k and 113k? On the borders, how much cpu time is saved vs how much cpu time is burned doing the filtering?
I would assume a flapping session with a large backbone would cause much higher load time and stress on the router then simply a large table. It's the reason why some backbones have Draconian route dampening policies, and rightly so. I would love to see some engineers from vendors weight in on this (did I just say that?). Most brag that they can handle large tables without a problem. A good question might be, if a large backbone started flapping 150,000 routes, what would that do to the peers. Perhaps a better issue much be CPU usage of complex route filters on large tables, as a limitation on performance.
Which leaves us with the question of, are there still MSFC1's or other devices with 128mb memory limits in these networks which are hurting at 113k? Is there actually a legitimate technical need to filter off 20k routes, or are the people doing it stuck in a mental time warp from the days when it was a necessity?
Or, is it really just people trying to do the "correct" thing? If you see "almost" no change in connectivity after removing 20k of cruft, and the very few people who are broken are the ones who needed attention called to their poor route announcing skills anyways, maybe it's a good thing for reasons other than router performance?
Interesting thought is, there are probably a great many engineers on this list that have /24s at their home, that dont enjoy being filtered. Some of us just get tired of reIPing our servers. dave
-- Richard A Steenbergen <ras@e-gerbil.net> http://www.e-gerbil.net/ras PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6)
-- David Diaz dave@smoton.net [Email] pagedave@smoton.net [Pager] Smotons (Smart Photons) trump dumb photons
I couold be wrong, but I thought the 3640 had 256 mb of ram. On Fri, 19 Jul 2002, Daniel Golding wrote:
I think we are at the point where the vast majority of backbone routers can handle 200K+ routes, at least in terms of memory. The interesting point we are getting to, is that the most popular router in the world for multihoming can't handle the routing table. I'm referring to the Cisco 3640, which has largely supplanted the venerable 2501 as the low-end multihomer's edge router of choice.
With a reasonable number of features turned on (i.e. SSH, netflow, CEF), the 3640 can't handle two full views anymore, due to it's limitation of 128MB. While this may be a good thing for Cisco's sales numbers, in this winter of financial discontent, I wonder how this is effecting the average customer, and what is generally being installed to replace the 3640s.
- Daniel Golding
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of David Diaz Sent: Thursday, July 18, 2002 11:55 PM To: nanog@merit.edu Subject: RE: verio arrogance
Getting back to the more original thread.
Is there any need to keep the routing table to a smaller size. Since in theory, it creates suboptimal routing. And considering the new routers out there today should be able to handle it. Considering verio is using junipers, and they pride themselves on handling a tremendously large table. Why should we shoot for a 100,000 route table instead of 500,000 if it does not impact performance?
I do understand that the 100,000 might be that actual 'installed best routes' and that the routers might in fact be dealing with a much larger route table. That might be an issue. But certainly 100,000- 500,000 installed routes, is that a problem for large backbones with high end routers?
My only consideration might be the small multihomed ISPs with 2-3 providers with full BGP feeds and cisco 4000s (256meg ram). I saw one last week. I might be concerned at that level.
I'd love to hear feedback. It would then justify filtering...or not.
David
At 21:37 -0400 7/18/02, Phil Rosenthal wrote:
How is it arrogant? I read that as: a customer set up an exploitable FormMail. Verio received notice about it. Verio removed the FormMail in question. Verio asked to be removed since they corrected the problem. Verio was ignored.
Verio may have some problems with not terminating spammers, and I believe this to be the truth -- I buy from verio, and Don't spam, and whenever one of my clients spam, they get terminated for it. I receive plenty of spam from verio ips, and no matter how much I complain, it never gets terminated. This is probably a scenario of asking sales rep "If I want to spam, but I pay more per meg -- Is this OK?" and getting a positive answer.
That is why the NANAE people don't like verio. But, nonetheless, I don't think that putting verio's mailserver on a formmail list is accomplishing anything good, since they fixed THAT problem...
--Phil
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Kai Schlichting Sent: Thursday, July 18, 2002 6:37 PM To: nanog@merit.edu Cc: Kai Schlichting Subject: Re: verio arrogance
How's THIS for Verio arrogance, going to a whole new level:
http://www.monkeys.com/anti-spam/filtering/verio-demand.ps
Details were on the SPAM-L list Wed, 17 Jul 2002 15:51:05 EDT: Verio threatens to sue Ron Guilmette over the IP 208.55.91.59 appearing on his FormMail.pl open-proxy/formmail server DNSBL.
And given the ever-increasing number of spammers now hopping onto Verio tells me that Verio must be well down the spiral of death (spammers seem to be attracted by NSP's going chapter 7/11, or who are getting close), or else the dozen-or-so automated messages going to abuse@verio.net every week complaining about connections (real or attempted) to hosts under my control, and originating from their spamming customers would have shown any results over time.
I don't need connectivity to 208.55.0.0/16. I really don't, and I have not the slightest tolerance for litigious, small-minded, panic-lawyer-dialling scum like this.
/etc/mail$ grep 208.55 access.local 208.55 550 Access for FormMail spam and litigious scum denied - XXXX Verio in their XXXXXXXX XXX - we block more than just 208.55.91.59 - Spammers must die - see http://www.monkeys.com/anti-spam/filtering/verio-demand.ps /etc/mail$
PS: I also have zero tolerance for Nadine-type spam-generating, "single-opt-in", "87% permission-based" emailers nowadays: 2 bounces or a single mail to a never-existing account, and all your /24's are off into gated.conf as a next-hop route to 127.0.0.1. And no, they won't get around that by advertising /25's.
Good-bye route-prefix-filtering wars, and welcome to the war on spam, where Null0'd /28's for filtering 'undesirables' just doesn't cut it any more. Casualties like 10-15 bystanding rackspace.com customers with a "Nadine- type" mailer in neighboring IP space be damned: "move your servers into a different slum, cause da landlord's running down 'da neighborhood".
-- "Just say No" to Spam Kai Schlichting New York, Palo Alto, You name it Sophisticated Technical Peon Kai's SpamShield <tm> is FREE! http://www.SpamShield.org | | | LeasedLines-FrameRelay-IPLs-ISDN-PPP-Cisco-Consulting-VoiceFax-Data-Muxe s WorldWideWebAnything-Intranets-NetAdmin-UnixAdmin-Security-ReallyHardMat h
--
David Diaz dave@smoton.net [Email] pagedave@smoton.net [Pager] Smotons (Smart Photons) trump dumb photons
On Fri, Jul 19, 2002 at 10:29:54AM -0700, Scott Granados wrote:
I couold be wrong, but I thought the 3640 had 256 mb of ram.
I believe the 3660 can do 256M. the 3640 can only do 128M http://www.cisco.com/univercd/cc/td/doc/pcat/3600.htm#spec -- Jared Mauch | pgp key available via finger from jared@puck.nether.net clue++; | http://puck.nether.net/~jared/ My statements are only mine.
participants (7)
-
Daniel Golding
-
David Diaz
-
Jared Mauch
-
Kurt Erik Lindqvist
-
Richard A Steenbergen
-
Scott Granados
-
Stephen J. Wilcox