A tool to find out if BGP is lying to you
APNIC has a bog article on detecting “bgp lies”. https://blog.apnic.net/2021/05/24/a-tool-to-detect-bgp-lies/Do you ever wonder whether you can really trust other networks, such as your provider(s) and peers? More precisely, wouldn’t you like to be able to tell if the traffic you send always …
Proper BGP DENY-ALL filter for mikrotik
This content is for Patreon subscribers of the j2 blog. Please consider becoming a Patreon subscriber for as little as $1 a month. This helps to provide higher quality content, more podcasts, and other goodies on this blog.To view this …
BGP, a single /24 and two diverse non-connected exit points
I am starting to see the following scenario more and more as IPv4 space is hard to get, but isn’t. With ARIN it is still possible to get an IPv4 allotment. Many smaller ISPs qualify for a /24 and can …
Mikrotik RouterOS and CPU usage
There always is a lot of talk about Mikrotik RouterOS CPU usage. I wanted to take a few minutes and go over a real-world example and explain some of the ins and outs when discussing Mikrotik CPU usage. Let’s talk …
Hurricane Electric Route Filtering Algorithm
The following is from http://routing.he.net/algorithm.html . This outlines the criteria HE.NET uses for filtering routes from peers and customers. This is the route filtering algorithm for customers and peers that have explicit filtering: 1. Attempt to find an as-set to …
Don’t try this at home kids. Automated BGP Optimization
https://radar.qrator.net/blog/as10990-routing-optimization-taleConclusion? Do not try to optimize the routes with automated software – BGP is a distance-vector routing protocol that has proved, throughout the years, its ability to handle the traffic. Software, wanting to “optimize” the system involving thousands of members …
Network troubleshooting tools
Recently, there was a thread on the NANOG list asking what were somne favorite network troubleshooting tools. I have taken many of these tools and created the following list. http://ping.pe/Simple pingport and dig commands https://mtr.sh/BGP Looking glass https://perfops.net/mtr-from-worldTraceroute from various …
Hurricane Electric now requires IRR and filters invalid RPKI
If you are a Hurricane Electric customer you may be receiving e-mails like the following: What does this mean for you as a service provider? If you use Hurricane Electric as transit or peer with them on an exchange you …
CCR1016 BGP route pull down
This morning I had a Mikrotik CCR1016 where I had to change the router ID, which caused all the sessions to reset. The following is a screenshot of the time it took to re-learn all of the peers. Obviously, the …
Mikrotik BGP firewall rules for security
This content is for Patreon subscribers of the j2 blog. Please consider becoming a Patreon subscriber for as little as $1 a month. This helps to provide higher quality content, more podcasts, and other goodies on this blog.To view this …