[119393] in North American Network Operators' Group
RE: Mauricio's FCP (was: Bandwidth Monitoring per AS)
daemon@ATHENA.MIT.EDU (Rodriguez, Mauricio)
Tue Nov 17 14:28:55 2009
From: "Rodriguez, Mauricio" <Mauricio.Rodriguez@fpl.com>
To: Jeffrey Lyon <jeffrey.lyon@blacklotus.net>
Date: Tue, 17 Nov 2009 14:28:11 -0500
In-Reply-To: <16720fe00911171032kb58aafdy1eb809318ff0199a@mail.gmail.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Since I've opened the can of worms...
The FCP integration requires direct capturing of traffic off of your networ=
k. This would either be a off of a port mirror or off of network taps.
We had some challenges, basically because of our architecture, implementing=
the solution at first. We had a rather collapsed network with service acc=
ess and peering in the same router in some cases. Also, our routers were n=
ot capable of mirroring traffic at L2.
Including any geographically diverse peering sites may be challenging. Opt=
ions include another FCP, an FCR (remote packet capture device), or transpo=
rting the mirrored/tapped traffic back to the FCP location. I believe samp=
led flow data may have been an option, but was not a recommended approach.
The preferred method of enabling communication between the FCP and peering =
routers for routing manipulation is to create GRE tunnels between those. O=
ur routers did not support GRE as a base option or at all (multiple vendors=
/models). Other options are available that we did not explore fully.
We have since "cleaned up" our architecture, but are also growing to a much=
larger number of ports and to 10Gbps. Also, we'd like to have more insigh=
t into traffic between our various service PoPs and not just at our transit=
/private peering edges. Significant hardware investment would be required =
to scale to this level.
All that being said, the Internap Implementation team was very helpful and =
patient throughout. If you do go with this solution, you'll have a good se=
t of allies at Internap helping you throughout the project.
Regards,
Mauricio Rodriguez
Manager of IP/Data Engineering, FPL FiberNet
Email: Mauricio.Rodriguez@fpl.com
-----Original Message-----
From: jeffrey.lyon@gmail.com [mailto:jeffrey.lyon@gmail.com] On Behalf Of J=
effrey Lyon
Sent: Tuesday, November 17, 2009 1:33 PM
To: Rodriguez, Mauricio
Cc: nanog@nanog.org
Subject: Mauricio's FCP (was: Bandwidth Monitoring per AS)
> However, the truth is that we have outgrown our FCP. =A0YMMV with the pro=
duct...
Why is that? What particular problems did you run into?
--=20
Jeffrey Lyon, Leadership Team
jeffrey.lyon@blacklotus.net | http://www.blacklotus.net
Black Lotus Communications of The IRC Company, Inc.
Platinum sponsor of HostingCon 2010. Come to Austin, TX on July 19 -
21 to find out how to "protect your booty."
