NZNOG 2010 – Day 2 – Session 4

Metro WDM for the fiscally prudent – Simon Blake

  • CWDM – Split into various bands – uncooled lasers –
  • Single mode fibre – G.652c ideally – coloured optics – components
  • DOM/DDM support (SFF-8472) – query SFP and see what signal level it’s getting (over or under strength )
  • 1-8 Channel MUX/demux – 8 channels 1471-1611 over a pair of fibre
  • Cisco 8 port mux/demux $6k/end ,
  • ebay 8 port mux/demux $800-1000/end
  • Direct import 8 port mux/demux $US 550/end
  • 2 x 10GE on one pair – 2 channel 1310-1550 CWDW splitter (mux not a splitter) – $40 kit on direct import – vs numbers above
  • 1x10GE on single fibre- optical circulators $NZ 1000k , $US14 imported
  • 6 node network, 4 dark fibres – $27K
  • Trying to solve problem with lots of small hops, upstream building losing power (unpowered gear)
  • Pros: Multiprotocol, Perf/Security/reliability
  • Cons: Short Haul (sub 120km) , only 18 channels , Doesn’t do >10GE per channel, You need fibre
  • Direct Import Pro: cheaper , especially in bulk – design flexability
  • Direct Import con: No support except swaps – Freight – Language/Culture chellenges
  • traps – Waterpeak , Wideband receivers , Near end reflection , Avaibility of 10GE optics – DOM (ask for it) and untrusted optics – Measurement equipment/Circuits recording – Link Budgets and insertion loss

Monkeying around on the APE – Michael Jager

  • Plug in new port at APE and found things very open
  • PAcket sniffer + APE – should see boracast and traffic desinted for me
  • What did sniffer see – lots of APE for non-APE address space – DHCP
  • Borrowing transit – see how many networks will accept packets – 46 out of 75 will accept frame from unknown address detinated for their MAC
  • 3 ports provide proxyarp for random address
  • How many networks have an interface in your mngt network?
  • 6 will accept for 192.168.1.254
  • Customer can try and grab as many packaets as possible across cheap APE link rather than expensive transit link
  • Possible things untried – ARP spoofing – responding to un-answered ARP requests (old BGP session of removed neighbour ) – respond to DHCP requests
  • Speaking OSPF to OSPF-speaker – sending TCP RSTs – sending IPv6 RAs and answering IPv6 RS (like DHCP but for v6)
  • Read IM2tubes slide from Jonny and Philip’s slides from Monday
  • AMS-IX configuration guide
  • Don’t take packet from IXP if you arn’t expecting it
  • Don’t announce IXP network from anywhere
Share