nanog mailing list archives
RE: Issues with 4-octet BGP AS and Akamai?
From: "Greg Gombas -X (grgombas)" <grgombas () cisco com>
Date: Tue, 14 Nov 2017 19:02:19 +0000
Hi Tyler, Unfortunately we had a limited window to test so could not check the reverse path. During our failover testing we stopped advertising out the primary path and only advertised out the secondary path. Routes are advertised out the secondary path through a DDOS prevention company called F5 Silverline which is reached via a GRE tunnel running over the Optimum Lightpath network. So outgoing traffic would go from NYULH going out the Optimum Lightpath circuit and return traffic coming in on F5 Silverline’s network then tunneled over Optimum Lightpath back to NYULH. So traffic was definitely routing asymmetrically. However F5 Silverline assured us they have many customers using a similar setup but have no issues with Akamai. I would think that many customers using similar DDOS prevention services such as F5 Silverline and Prolexic are routing asymmetrically as well, wouldn’t uRPF be affecting them all? Thanks, Greg [http://www.cisco.com/web/europe/images/email/signature/logo05.jpg] Gregory Gombas CCIE# 19649 – R&S Network Consulting Engineer Advanced Services grgombas () cisco com<mailto:grgombas () cisco com> Office: +1-212-714-4497 Mobile: +1-201-675-9457 Cisco Systems Limited One Penn Plaza 6th & 9th Floors New York, NY 10119 United States Cisco.com [Think before you print.]Think before you print. This email may contain confidential and privileged material for the sole use of the intended recipient. Any review, use, distribution or disclosure by others is strictly prohibited. If you are not the intended recipient (or authorized to receive for the recipient), please contact the sender by reply email and delete all copies of this message. For corporate legal information go to: http://www.cisco.com/web/about/doing_business/legal/cri/index.html From: Tyler Conrad [mailto:tyler () tgconrad com] Sent: Tuesday, November 14, 2017 1:30 PM To: james machado <hvgeekwtrvl () gmail com> Cc: Greg Gombas -X (grgombas) <grgombas () cisco com>; nanog () nanog org Subject: Re: Issues with 4-octet BGP AS and Akamai? Are you advertising out multiple circuits? Check the pathing both directions if you can. A lot of CDNs enforce uRPF strict. On Tuesday, November 14, 2017, james machado <hvgeekwtrvl () gmail com<mailto:hvgeekwtrvl () gmail com>> wrote: Greg, I have a 4 byte ASN and have not had any issues with reach ability, including the 2 websites you have linked. James
Current thread:
- Issues with 4-octet BGP AS and Akamai? Greg Gombas -X (grgombas) (Nov 14)
- Re: Issues with 4-octet BGP AS and Akamai? Job Snijders (Nov 14)
- RE: Issues with 4-octet BGP AS and Akamai? Greg Gombas -X (grgombas) (Nov 15)
- Re: Issues with 4-octet BGP AS and Akamai? Jared Mauch (Nov 14)
- RE: Issues with 4-octet BGP AS and Akamai? Greg Gombas -X (grgombas) (Nov 15)
- Re: Issues with 4-octet BGP AS and Akamai? Jared Mauch (Nov 14)
- Re: Issues with 4-octet BGP AS and Akamai? james machado (Nov 14)
- Re: Issues with 4-octet BGP AS and Akamai? Tyler Conrad (Nov 14)
- RE: Issues with 4-octet BGP AS and Akamai? Greg Gombas -X (grgombas) (Nov 15)
- Re: Issues with 4-octet BGP AS and Akamai? james machado (Nov 14)
- Re: Issues with 4-octet BGP AS and Akamai? Job Snijders (Nov 15)
- Re: Issues with 4-octet BGP AS and Akamai? Tyler Conrad (Nov 14)
- Re: Issues with 4-octet BGP AS and Akamai? Job Snijders (Nov 14)