[175134] in North American Network Operators' Group
Re: another cogent oddity
daemon@ATHENA.MIT.EDU (joel jaeggli)
Thu Oct 9 14:07:55 2014
X-Original-To: nanog@nanog.org
Date: Thu, 09 Oct 2014 10:55:33 -0700
From: joel jaeggli <joelja@bogus.com>
To: ryanL <ryan.landry@gmail.com>,
North American Network Operators Group <nanog@nanog.org>
In-Reply-To: <CAK_-TSbAKotBKgaUTMJHXOzdLM1bz0LdMjyopQozhbYQp0ChZQ@mail.gmail.com>
Errors-To: nanog-bounces@nanog.org
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--mkpiWQnM4oasMtbLLwMXP7AIDdxtaVDLa
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
On 10/9/14 10:35 AM, ryanL wrote:
> you may remember me from the weird cogent route retention / loop
> problem i brought up last week. it remains unsolved by cogent to date.
>=20
> also remembering i'm a relatively new cogent customer, i recently
> noticed some packets floating into my network that had cos and ipp
> markings on them. i figured i'd try to find where they were coming
> from, so i crafted up something like this and placed it inbound on my
> two transits (cogent and xo), excluding network control markings.
>=20
> from {
> dscp [ af11 af12 af13 af21 af22 af23 af31 af32 af33 af41 af42
> af43 cs1 cs2 cs3 cs4 cs5 ef ];
> precedence [ 1 2 3 4 5 ];
> }
>=20
> all of it is coming in from cogent:
>=20
> COGENT-NOT-BE -> 4217788987
> XO-NOT-BE -> 0
>=20
> i shifted all traffic to XO just to make sure. the XO counter doesn't b=
udge.
>=20
> seems like one transit is remarking everything to best effort before
> sending to me (which is preferred), and the other is not.
>=20
> am i odd to think that this is... odd?
It's not that uncommon, but it's one of the reasons to sanitize on
ingress if you don't want to see that (and absolutely if you're reusing
them).
> i also get a remarkable amount of hits against these destinations
> coming in on the cogent side, whereas i get none on the XO side.
>=20
> show policy-options prefix-list PUBLIC-BAD-NETS
> 10.0.0.0/8;
> 169.254.0.0/16;
> 172.16.0.0/12;
> 192.168.0.0/16;
> 224.0.0.0/4;
you can add
100.64.0.0/10 to that list. ;)
> ryan
>=20
--mkpiWQnM4oasMtbLLwMXP7AIDdxtaVDLa
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org
iEYEARECAAYFAlQ2zBUACgkQ8AA1q7Z/VrKATQCdF3OfXOy2vuR0a6SOQ9uKC+OG
qbkAniGj1AjCEEPdv1dLvagMuyRQ5KUV
=KTYS
-----END PGP SIGNATURE-----
--mkpiWQnM4oasMtbLLwMXP7AIDdxtaVDLa--
