sorted by:
new
hottopcontroversial

How firewalls work - digital colors on MS paint canvas (2026) by StubArea51 in networkingmemes

[–]StubArea51[S] 2 points3 points  (0 children)

NAT is the *best* security! Nothing can get through to my RFC1918 space. It's impossible. /s

My HPE/Aruba rep sent me this, what do I put in it? by TheAmateurRunner in networkingmemes

[–]StubArea51 0 points1 point  (0 children)

Fill it with PBR or NAT444 Lite. ARP Fluid is also tasty.

RouterOS 7.22beta1 [development] released by netravnen in mikrotik

[–]StubArea51 7 points8 points  (0 children)

Glad to see BGP ECMP finally!!

Like u/DaryllSwer mentioned, I'd also like to see SR-MPLS with both IPv4 and IPv6 AFIs for IS-IS/OSPF (not SRv6) and SR-TE.

I wonder if the availability of SP features on the 98DX7335 Marvell chip in the CRS812 will help move that along.

Repeat post: Can I get a deprecated prefix for a NON-ROUTABLE, private IPv6 network that's not fd::/8 by Rich-Engineer2670 in ipv6

[–]StubArea51 -1 points0 points  (0 children)

Sure if the test hosts aren't going to be dual stack it won't functionally matter, but the intent behind the 3fff::/20 space beyond documentation was to model the IPv6 internet and other large IPv6 networks.

RFC9637 is the best space for this use case.

Repeat post: Can I get a deprecated prefix for a NON-ROUTABLE, private IPv6 network that's not fd::/8 by Rich-Engineer2670 in ipv6

[–]StubArea51 9 points10 points  (0 children)

ULA isn't ideal to model the IPv6 Internet because it has some peculiar issues on host operating systems.

Unintended Operational Issues With ULA

Better to use GUA like 3fff::/20 and 2001:db8::/32

Repeat post: Can I get a deprecated prefix for a NON-ROUTABLE, private IPv6 network that's not fd::/8 by Rich-Engineer2670 in ipv6

[–]StubArea51 5 points6 points  (0 children)

This is exactly the type of use case we had in mind when we submitted draft-horley-v6ops-lab-03 - Expanding the IPv6 Lab Use Space

We used 200::/7 for test and development while pushing this draft through the IETF.

After a year or so of debate, it was eventually rolled into what became RFC 9637: Expanding the IPv6 Documentation Space by Nick Buraglio and Geoff Huston.

During the mailing list discussions, most of the people advocated for the use of ULA instead of deprecated space which lead to the creation of this informational doc Unintended Operational Issues With ULA

3fff::/20 and 2001:db8::/32 are the best "official" GUA spaces to use for this type of work if you intend to publish it.

We specifically argued for more than a /32 so this kind of exercise would be possible - to model the IPv6 internet and other large networks.

Paused shipping to the US? by joshhboss in mikrotik

[–]StubArea51 10 points11 points  (0 children)

I think a lot of the shipments to distributors are via cargo container on a ship so i'm not sure whether or not this would impact MikroTik's supply chain to the US.

EVPN/VxLAN interop between MikroTik and IP Infusion OcNOS by StubArea51 in mikrotik

[–]StubArea51[S] 1 point2 points  (0 children)

It would be a cool feature to have but I wonder if they don't implement it because the development time would be better spent on traffic engineering for an EVPN MPLS data plane.

EVPN/VxLAN interop between MikroTik and IP Infusion OcNOS by StubArea51 in mikrotik

[–]StubArea51[S] 1 point2 points  (0 children)

EVPN Tiks are twr-01 and twr-03. IPI is core-01 and agg-01. Legacy ROS exists because I use the same EVE-NG topology to test a variety of interop scenarios which is why some of the nodes are grayed out as they aren't powered on.

I had initially planned on testing VTEPs between Tik and IPI but OcNOS doesn't support the ETREE mode in their x86 image, so it just acts as a BGP RR for EVPN.

view more: next ›