nanog mailing list archives
Re: NANOG Digest, Vol 23, Issue 82
From: "Rodriguez, Mauricio" <Mauricio.Rodriguez () fpl com>
Date: Tue, 22 Dec 2009 08:50:56 -0500
Any time mobile. Regards, Mauricio Rodriguez Manager of IP/Data Engineering, FPL FiberNet Email: Mauricio.Rodriguez () fpl com Office: 305-552-3418 Mobile: 786-236-2665 Pager: 786-236-2665 Sent using BlackBerry ----- Original Message ----- From: nanog-request () nanog org <nanog-request () nanog org> To: nanog () nanog org <nanog () nanog org> Sent: Tue Dec 22 08:33:01 2009 Subject: NANOG Digest, Vol 23, Issue 82 Send NANOG mailing list submissions to nanog () nanog org To subscribe or unsubscribe via the World Wide Web, visit http://mailman.nanog.org/mailman/listinfo/nanog or, via email, send a message with subject or body 'help' to nanog-request () nanog org You can reach the person managing the list at nanog-owner () nanog org When replying, please edit your Subject line so it is more specific than "Re: Contents of NANOG digest..." Today's Topics: 1. Re: how it routes and network question (Deric Kwok) 2. Re: how it routes and network question (Truman Boyes) 3. RE: how it routes and network question (Bruce Forster) 4. RE: how it routes and network question (Bruce Forster) 5. Re: Article on spammers and their infrastructure (Tony Finch) 6. Re: how it routes and network question (Kieran Murphy) ---------------------------------------------------------------------- Message: 1 Date: Tue, 22 Dec 2009 07:31:58 -0500 From: Deric Kwok <deric.kwok2000 () gmail com> Subject: Re: how it routes and network question To: Bruce Forster <bruce () tubes net au> Cc: nanog () nanog org Message-ID: <40d8a95a0912220431p7232025bx338affded04c8bd0 () mail gmail com> Content-Type: text/plain; charset=ISO-8859-1 Hi Bruce Thank you so much to explain me in detail. I would like to know about this it in case i can get another hosting company Yes. I think the netmask should be 255.255.255.255 1/ but why they are using this netmask setting? save ip address? then does the router handle many routes in this setting? 2/ What is this advantage for the hosting company? 3/ If I need more ip in the same server, how it works? 4/ Why you said the hosting company is cheap to use this configuration? Thank you again.
<SNIP> 2/ lf ?the network card in server has problem and need change another one, will my ip address change to another ip address also? </SNIP> Yeah well thats how dhcp works, via ma caddy, i guess you can always spoof your old mac address. <SNIP> 3/ why hosting company is using /32 and dhcp? what is advantage? ls it easy for administration? </SNIP> Im guessing because the users are to stupid to understand what a subnet mask/gateway is its just easier to get the mac address and assign it to a user then let the user assign a ip. Normally in a co-location setup its not like this, inless its very cheap hosting. My co-location has the following setup, and this is how MOST networks should be run. Core router using BGP to transit providers, and other local peers. Switched network useing ospf to handle the routes and also VLAN's for the customers subnets. So customer should get a vlan assigned to them (which they have no need to know what the number is, they are handed a access mode port. Customers also issued a /30 (at least) in most cases a customer will get a /29 or /28 depending on what they need. In this case of a /30 its a total of 3 address's 1, GATEWAY (put on the ISP/HOST switch 2, IP ADDRESS FOR SERVER TO USE 3, BROADCAST ADDRESS. Heres an eg of a /30: Address: ? 192.168.1.1 ? ? ? ? ?11000000.10101000.00000001.000000 01 Netmask: ? 255.255.255.252 = 30 11111111.11111111.11111111.111111 00 Wildcard: ?0.0.0.3 ? ? ? ? ? ? ?00000000.00000000.00000000.000000 11 => Network: ? 192.168.1.0/30 ? ? ? 11000000.10101000.00000001.000000 00 HostMin: ? 192.168.1.1 ? ? ? ? ?11000000.10101000.00000001.000000 01 HostMax: ? 192.168.1.2 ? ? ? ? ?11000000.10101000.00000001.000000 10 Broadcast: 192.168.1.3 ? ? ? ? ?11000000.10101000.00000001.000000 11 Hosts/Net: 2 ? ? ? ? ? ? ? ? ? ? Class C, Private Internet Heres an eg of a /29: the % ipcalc 192.168.1.1/29 Address: ? 192.168.1.1 ? ? ? ? ?11000000.10101000.00000001.00000 001 Netmask: ? 255.255.255.248 = 29 11111111.11111111.11111111.11111 000 Wildcard: ?0.0.0.7 ? ? ? ? ? ? ?00000000.00000000.00000000.00000 111 => Network: ? 192.168.1.0/29 ? ? ? 11000000.10101000.00000001.00000 000 HostMin: ? 192.168.1.1 ? ? ? ? ?11000000.10101000.00000001.00000 001 HostMax: ? 192.168.1.6 ? ? ? ? ?11000000.10101000.00000001.00000 110 Broadcast: 192.168.1.7 ? ? ? ? ?11000000.10101000.00000001.00000 111 Hosts/Net: 6 ? ? ? ? ? ? ? ? ? ? Class C, Private Internet Hope this makes sence. Regards, Bruce
------------------------------ Message: 2 Date: Tue, 22 Dec 2009 23:47:11 +1100 From: Truman Boyes <truman () suspicious org> Subject: Re: how it routes and network question To: Deric Kwok <deric.kwok2000 () gmail com> Cc: nanog () nanog org Message-ID: <AEFCAD09-B29B-4349-A57C-E6AC3E860DAF () suspicious org> Content-Type: text/plain; charset=us-ascii Hi, your "hosting company" is likely NAT'ing or using load balancers on the front end. You are obviously not "reaching" those machines by ssh'ing into 192.168.x.x... Additionally, assuming that DHCP is handing out that address on the server that mask would likely not be all ones. Even Amazon EC2 instances use private addresses now on the backend ... Kind regards, Truman On 22/12/2009, at 11:31 PM, Deric Kwok wrote:
Hi Bruce Thank you so much to explain me in detail. I would like to know about this it in case i can get another hosting company Yes. I think the netmask should be 255.255.255.255 1/ but why they are using this netmask setting? save ip address? then does the router handle many routes in this setting? 2/ What is this advantage for the hosting company? 3/ If I need more ip in the same server, how it works? 4/ Why you said the hosting company is cheap to use this configuration? Thank you again.<SNIP> 2/ lf the network card in server has problem and need change another one, will my ip address change to another ip address also? </SNIP> Yeah well thats how dhcp works, via ma caddy, i guess you can always spoof your old mac address. <SNIP> 3/ why hosting company is using /32 and dhcp? what is advantage? ls it easy for administration? </SNIP> Im guessing because the users are to stupid to understand what a subnet mask/gateway is its just easier to get the mac address and assign it to a user then let the user assign a ip. Normally in a co-location setup its not like this, inless its very cheap hosting. My co-location has the following setup, and this is how MOST networks should be run. Core router using BGP to transit providers, and other local peers. Switched network useing ospf to handle the routes and also VLAN's for the customers subnets. So customer should get a vlan assigned to them (which they have no need to know what the number is, they are handed a access mode port. Customers also issued a /30 (at least) in most cases a customer will get a /29 or /28 depending on what they need. In this case of a /30 its a total of 3 address's 1, GATEWAY (put on the ISP/HOST switch 2, IP ADDRESS FOR SERVER TO USE 3, BROADCAST ADDRESS. Heres an eg of a /30: Address: 192.168.1.1 11000000.10101000.00000001.000000 01 Netmask: 255.255.255.252 = 30 11111111.11111111.11111111.111111 00 Wildcard: 0.0.0.3 00000000.00000000.00000000.000000 11 => Network: 192.168.1.0/30 11000000.10101000.00000001.000000 00 HostMin: 192.168.1.1 11000000.10101000.00000001.000000 01 HostMax: 192.168.1.2 11000000.10101000.00000001.000000 10 Broadcast: 192.168.1.3 11000000.10101000.00000001.000000 11 Hosts/Net: 2 Class C, Private Internet Heres an eg of a /29: the % ipcalc 192.168.1.1/29 Address: 192.168.1.1 11000000.10101000.00000001.00000 001 Netmask: 255.255.255.248 = 29 11111111.11111111.11111111.11111 000 Wildcard: 0.0.0.7 00000000.00000000.00000000.00000 111 => Network: 192.168.1.0/29 11000000.10101000.00000001.00000 000 HostMin: 192.168.1.1 11000000.10101000.00000001.00000 001 HostMax: 192.168.1.6 11000000.10101000.00000001.00000 110 Broadcast: 192.168.1.7 11000000.10101000.00000001.00000 111 Hosts/Net: 6 Class C, Private Internet Hope this makes sence. Regards, Bruce
------------------------------ Message: 3 Date: Tue, 22 Dec 2009 22:48:04 +1000 From: "Bruce Forster" <bruce () tubes net au> Subject: RE: how it routes and network question To: "'Deric Kwok'" <deric.kwok2000 () gmail com> Cc: nanog () nanog org Message-ID: <001701ca8305$0c8a3620$259ea260$@net.au> Content-Type: text/plain; charset="iso-8859-1" <SNIP> Yes. I think the netmask should be 255.255.255.255 1/ but why they are using this netmask setting? save ip address? then does the router handle many routes in this setting? </SNIP> I have no idea the only way you can have a /32 is with a ppp that doesn?t use arps to talk to each end of the tunnel. I would assume they have /24's and are giving out /32 via dhcp to customers and the customers should see 255.255.255.0 with a gateway of eg, .1 etc.. <SNIP> 2/ What is this advantage for the hosting company? </SNIP> If the company is setup the way i think it is the only reason for this is: 1, they have no clue what they are doing 2, they offer a very cheap hosting service and have no managed switches, and don?t understand how to subnet and use vlan's. <SNIP> 3/ If I need more ip in the same server, how it works? </SNIP> I would of thought if you have 2 x servers you wanted to co-locate the hosting company would offer you a /29 with 1 gateway 1 broadcast and 4 useable on a vlan, so local traffic only sits on the vlan and the servers can talk to each other via the local vlan. I guess if the machines have more then 1 nic you can connect the 2 machines via a local 'backnet' network it can be useful if you have a cross-over cable between the 2 x machines and its a 1GB port. This also saves using the switches, in some cases hosting companies may count all traffic that goes over the interface (if they don?t use net flow) and you could end up paying for traffic which you really shouldn?t have to pay for. If you are using the additional ports for high amounts of data eg, backup's images etc, you can really tweak tcp settings so you can send JUMBO frames and squeeze some speed out of it. <SNIP> 4/ Why you said the hosting company is cheap to use this configuration? </SNIP> Yes its alot cheaper to have say a common-gateway that all traffic will route over and then connect a bunch of switches to this common router and manage it via dhcp, its very messy and also very noisy i can only imagine after you connect a few servers that over time you will see arp storms and all traffic on the network will cease to flow. As mentioned in my other posts how it should be done, clearly you need to buy layer 3 switches and layer 2 switches and a nice core router to deal with your bgp, you also need to make sure your using devices that can handle high packets per second. As i am writing this i feel as if im doing someone homework for them... ;P Thank you again.
<SNIP> 2/ lf ?the network card in server has problem and need change another one, will my ip address change to another ip address also? </SNIP> Yeah well thats how dhcp works, via ma caddy, i guess you can always spoof your old mac address. <SNIP> 3/ why hosting company is using /32 and dhcp? what is advantage? ls it easy for administration? </SNIP> Im guessing because the users are to stupid to understand what a subnet mask/gateway is its just easier to get the mac address and assign it to a user then let the user assign a ip. Normally in a co-location setup its not like this, inless its very cheap hosting. My co-location has the following setup, and this is how MOST networks
should
be run. Core router using BGP to transit providers, and other local peers. Switched network useing ospf to handle the routes and also VLAN's for the customers subnets. So customer should get a vlan assigned to them (which they have no need to know what the number is, they are handed a access mode port. Customers also issued a /30 (at least) in most cases a customer will get a /29 or /28 depending on what they need. In this case of a /30 its a total of 3 address's 1, GATEWAY (put on the ISP/HOST switch 2, IP ADDRESS FOR SERVER TO USE 3, BROADCAST ADDRESS. Heres an eg of a /30: Address: ? 192.168.1.1 ? ? ? ? ?11000000.10101000.00000001.000000 01 Netmask: ? 255.255.255.252 = 30 11111111.11111111.11111111.111111 00 Wildcard: ?0.0.0.3 ? ? ? ? ? ? ?00000000.00000000.00000000.000000 11 => Network: ? 192.168.1.0/30 ? ? ? 11000000.10101000.00000001.000000 00 HostMin: ? 192.168.1.1 ? ? ? ? ?11000000.10101000.00000001.000000 01 HostMax: ? 192.168.1.2 ? ? ? ? ?11000000.10101000.00000001.000000 10 Broadcast: 192.168.1.3 ? ? ? ? ?11000000.10101000.00000001.000000 11 Hosts/Net: 2 ? ? ? ? ? ? ? ? ? ? Class C, Private Internet Heres an eg of a /29: the % ipcalc 192.168.1.1/29 Address: ? 192.168.1.1 ? ? ? ? ?11000000.10101000.00000001.00000 001 Netmask: ? 255.255.255.248 = 29 11111111.11111111.11111111.11111 000 Wildcard: ?0.0.0.7 ? ? ? ? ? ? ?00000000.00000000.00000000.00000 111 => Network: ? 192.168.1.0/29 ? ? ? 11000000.10101000.00000001.00000 000 HostMin: ? 192.168.1.1 ? ? ? ? ?11000000.10101000.00000001.00000 001 HostMax: ? 192.168.1.6 ? ? ? ? ?11000000.10101000.00000001.00000 110 Broadcast: 192.168.1.7 ? ? ? ? ?11000000.10101000.00000001.00000 111 Hosts/Net: 6 ? ? ? ? ? ? ? ? ? ? Class C, Private Internet Hope this makes sence. Regards, Bruce
------------------------------ Message: 4 Date: Tue, 22 Dec 2009 22:51:20 +1000 From: "Bruce Forster" <bruce () tubes net au> Subject: RE: how it routes and network question To: "'Truman Boyes'" <truman () suspicious org>, "'Deric Kwok'" <deric.kwok2000 () gmail com> Cc: nanog () nanog org Message-ID: <001801ca8305$7d2f56d0$778e0470$@net.au> Content-Type: text/plain; charset="us-ascii" I should add; i guess i made some assumption that you were co-locating your own servers with someone, if this isn't the case, please ignore everything i'v said ;) -bruce -----Original Message----- From: Truman Boyes [mailto:truman () suspicious org] Sent: Tuesday, 22 December 2009 10:47 PM To: Deric Kwok Cc: Bruce Forster; nanog () nanog org Subject: Re: how it routes and network question Hi, your "hosting company" is likely NAT'ing or using load balancers on the front end. You are obviously not "reaching" those machines by ssh'ing into 192.168.x.x... Additionally, assuming that DHCP is handing out that address on the server that mask would likely not be all ones. Even Amazon EC2 instances use private addresses now on the backend ... Kind regards, Truman On 22/12/2009, at 11:31 PM, Deric Kwok wrote:
Hi Bruce Thank you so much to explain me in detail. I would like to know about this it in case i can get another hosting company Yes. I think the netmask should be 255.255.255.255 1/ but why they are using this netmask setting? save ip address? then does the router handle many routes in this setting? 2/ What is this advantage for the hosting company? 3/ If I need more ip in the same server, how it works? 4/ Why you said the hosting company is cheap to use this configuration? Thank you again.<SNIP> 2/ lf the network card in server has problem and need change another one, will my ip address change to another ip address also? </SNIP> Yeah well thats how dhcp works, via ma caddy, i guess you can always
spoof
your old mac address. <SNIP> 3/ why hosting company is using /32 and dhcp? what is advantage? ls it easy for administration? </SNIP> Im guessing because the users are to stupid to understand what a subnet mask/gateway is its just easier to get the mac address and assign it to a user then let the user assign a ip. Normally in a co-location setup its not like this, inless its very cheap hosting. My co-location has the following setup, and this is how MOST networks
should
be run. Core router using BGP to transit providers, and other local peers. Switched network useing ospf to handle the routes and also VLAN's for the customers subnets. So customer should get a vlan assigned to them (which they have no need
to
know what the number is, they are handed a access mode port. Customers also issued a /30 (at least) in most cases a customer will get
a
/29 or /28 depending on what they need. In this case of a /30 its a total of 3 address's 1, GATEWAY (put on the ISP/HOST switch 2, IP ADDRESS FOR SERVER TO USE 3, BROADCAST ADDRESS. Heres an eg of a /30: Address: 192.168.1.1 11000000.10101000.00000001.000000 01 Netmask: 255.255.255.252 = 30 11111111.11111111.11111111.111111 00 Wildcard: 0.0.0.3 00000000.00000000.00000000.000000 11 => Network: 192.168.1.0/30 11000000.10101000.00000001.000000 00 HostMin: 192.168.1.1 11000000.10101000.00000001.000000 01 HostMax: 192.168.1.2 11000000.10101000.00000001.000000 10 Broadcast: 192.168.1.3 11000000.10101000.00000001.000000 11 Hosts/Net: 2 Class C, Private Internet Heres an eg of a /29: the % ipcalc 192.168.1.1/29 Address: 192.168.1.1 11000000.10101000.00000001.00000 001 Netmask: 255.255.255.248 = 29 11111111.11111111.11111111.11111 000 Wildcard: 0.0.0.7 00000000.00000000.00000000.00000 111 => Network: 192.168.1.0/29 11000000.10101000.00000001.00000 000 HostMin: 192.168.1.1 11000000.10101000.00000001.00000 001 HostMax: 192.168.1.6 11000000.10101000.00000001.00000 110 Broadcast: 192.168.1.7 11000000.10101000.00000001.00000 111 Hosts/Net: 6 Class C, Private Internet Hope this makes sence. Regards, Bruce
------------------------------ Message: 5 Date: Tue, 22 Dec 2009 13:08:18 +0000 From: Tony Finch <dot () dotat at> Subject: Re: Article on spammers and their infrastructure To: Phil Regnauld <regnauld () nsrc org> Cc: nanog () nanog org Message-ID: <alpine.LSU.2.00.0912221308040.3461 () hermes-1 csi cam ac uk> Content-Type: TEXT/PLAIN; charset=US-ASCII On Tue, 22 Dec 2009, Phil Regnauld wrote:
http://threatpost.com/en_us/blogs/attackers-buying-own-data-centers-botnets-spam-122109 It this something new ? The article seems to mix various issues together. And this would seem highly inefficient to me compared to traditional botnets (renting your own rack for a botnet doesn't really make sense :) Comments ?
Sounds like a snowshoe setup to me. Tony. -- f.anthony.n.finch <dot () dotat at> http://dotat.at/ GERMAN BIGHT HUMBER: SOUTHWEST 5 TO 7. MODERATE OR ROUGH. SQUALLY SHOWERS. MODERATE OR GOOD. ------------------------------ Message: 6 Date: Tue, 22 Dec 2009 13:32:58 +0000 From: Kieran Murphy <daffy () daffy za net> Subject: Re: how it routes and network question To: Bruce Forster <bruce () tubes net au> Cc: nanog () nanog org Message-ID: <ae774e0c0912220532g4d0928e4r4f4cfc6606324b75 () mail gmail com> Content-Type: text/plain; charset=ISO-8859-1 Or these are VPS', and not physical Servers.
From my brief encounters with various VPS technologies, this makes more
sense. Regards, Kieran. On Tue, Dec 22, 2009 at 12:51 PM, Bruce Forster <bruce () tubes net au> wrote:
I should add; i guess i made some assumption that you were co-locating your own servers with someone, if this isn't the case, please ignore everything i'v said ;) -bruce -----Original Message----- From: Truman Boyes [mailto:truman () suspicious org] Sent: Tuesday, 22 December 2009 10:47 PM To: Deric Kwok Cc: Bruce Forster; nanog () nanog org Subject: Re: how it routes and network question Hi, your "hosting company" is likely NAT'ing or using load balancers on the front end. You are obviously not "reaching" those machines by ssh'ing into 192.168.x.x... Additionally, assuming that DHCP is handing out that address on the server that mask would likely not be all ones. Even Amazon EC2 instances use private addresses now on the backend ... Kind regards, Truman On 22/12/2009, at 11:31 PM, Deric Kwok wrote:Hi Bruce Thank you so much to explain me in detail. I would like to know about this it in case i can get another hosting company Yes. I think the netmask should be 255.255.255.255 1/ but why they are using this netmask setting? save ip address? then does the router handle many routes in this setting? 2/ What is this advantage for the hosting company? 3/ If I need more ip in the same server, how it works? 4/ Why you said the hosting company is cheap to use this configuration? Thank you again.<SNIP> 2/ lf the network card in server has problem and need change another one, will my ip address change to another ip address also? </SNIP> Yeah well thats how dhcp works, via ma caddy, i guess you can alwaysspoofyour old mac address. <SNIP> 3/ why hosting company is using /32 and dhcp? what is advantage? ls it easy for administration? </SNIP> Im guessing because the users are to stupid to understand what a subnet mask/gateway is its just easier to get the mac address and assign it toauser then let the user assign a ip. Normally in a co-location setup its not like this, inless its very cheap hosting. My co-location has the following setup, and this is how MOST networksshouldbe run. Core router using BGP to transit providers, and other local peers. Switched network useing ospf to handle the routes and also VLAN's forthecustomers subnets. So customer should get a vlan assigned to them (which they have no needtoknow what the number is, they are handed a access mode port. Customers also issued a /30 (at least) in most cases a customer will geta/29 or /28 depending on what they need. In this case of a /30 its a total of 3 address's 1, GATEWAY (put on the ISP/HOST switch 2, IP ADDRESS FOR SERVER TO USE 3, BROADCAST ADDRESS. Heres an eg of a /30: Address: 192.168.1.1 11000000.10101000.00000001.000000 01 Netmask: 255.255.255.252 = 30 11111111.11111111.11111111.111111 00 Wildcard: 0.0.0.3 00000000.00000000.00000000.000000 11 => Network: 192.168.1.0/30 11000000.10101000.00000001.000000 00 HostMin: 192.168.1.1 11000000.10101000.00000001.000000 01 HostMax: 192.168.1.2 11000000.10101000.00000001.000000 10 Broadcast: 192.168.1.3 11000000.10101000.00000001.000000 11 Hosts/Net: 2 Class C, Private Internet Heres an eg of a /29: the % ipcalc 192.168.1.1/29 Address: 192.168.1.1 11000000.10101000.00000001.00000 001 Netmask: 255.255.255.248 = 29 11111111.11111111.11111111.11111 000 Wildcard: 0.0.0.7 00000000.00000000.00000000.00000 111 => Network: 192.168.1.0/29 11000000.10101000.00000001.00000 000 HostMin: 192.168.1.1 11000000.10101000.00000001.00000 001 HostMax: 192.168.1.6 11000000.10101000.00000001.00000 110 Broadcast: 192.168.1.7 11000000.10101000.00000001.00000 111 Hosts/Net: 6 Class C, Private Internet Hope this makes sence. Regards, Bruce
------------------------------ _______________________________________________ NANOG mailing list NANOG () nanog org http://mailman.nanog.org/mailman/listinfo/nanog End of NANOG Digest, Vol 23, Issue 82 *************************************
Current thread:
- Re: NANOG Digest, Vol 23, Issue 82 Rodriguez, Mauricio (Dec 22)