Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: NANOG: users

ISP best practices

  

 
First page Previous page 1 2 Next page Last page  View All NANOG users RSS feed   Index | Next | Previous | View Threaded


sethm at rollernet

May 21, 2009, 2:25 PM

Post #26 of 33 (1004 views)
Permalink
Re: ISP best practices [In reply to]
Adam Kennedy wrote:
> Bind is fully capable of IPv6. When combined with Webmin (www.webmin.com),
> I'm not sure how much easier Bind can get. Webmin will also keep DNSSEC keys
> up to date with changes, so long as you make those changes from within
> Webmin. If you make changes in CLI, you can tell Webmin to rehash the keys
> manually. It's as simple as clicking a GUI button.
>

Does anyone still use probind? As much as I am gung-ho command line,
managing a huge amount of DNS can get ugly.

~Seth


lowen at pari

May 21, 2009, 2:44 PM

Post #27 of 33 (1005 views)
Permalink
Re: ISP best practices [In reply to]
On Thursday 21 May 2009 10:14:00 am Roland Dobbins wrote:
> On May 21, 2009, at 8:45 PM, Steve Bertrand wrote:
> > Securing IP Network Traffic Planes:
> > - http://www.ciscopress.com/bookstore/product.asp?isbn=1587053365
>
> I can't recommend this book enough - it's the current canonical
> reference on opsec-related BCPs for network infrastructure, IMHO (full
> disclosure: I was fortunate enough to have the opportunity to provide
> some feedback to the authors as they worked on this tome, but have no
> financial interest whatsoever in its publication or sales thereof).

Ah, a good use for my Safari account.

Hmm, there's you a resource; for ~$20 per month, get access to books to read
online, download chapters in PDF format for later perusal. I can read this,
and if it looks like something I want, I also get a discount ordering through
informit. Safari: http://my.safaribooksonline.com/home

You do need to read a lot to make it worthwhile; advantage is that you don't
have to store or resell the book later.


nanog at grrrrreg

Jun 28, 2009, 5:20 AM

Post #28 of 33 (866 views)
Permalink
Re: ISP best practices [In reply to]
On May 21, 2009, at 3:38 PM, Philip Lavine wrote:

>
> To all,
>
> I am sure this has been asked 10 to the 1 millionth power times,
> however may be the rules have changed. I am looking to set up a
> really small ISP with a few /24's. I want to host DNS as well. Is
> there any whitepapers/howtos/best practices on setting up multihomed
> BGP and DNS with BIND so I don't blow up the Internet.
>
> Thx
>
> Philip

O Hai!

I would highly advise you have a read at any presentation by Phil Smith:
ftp://ftp-eng.cisco.com/pfs/seminars (anonymous login)
Read as much as you can from here 1st thing 1st - this is all solid
ground knowledge.

Then, give a quick read at Cisco's BGP Case Study online on the CCO.
And you're OK to go.

Now if you want paper material that you can keep, I'd suggest
"Internet Routing Architectures" by Sam Halabi - Cisco Press, even
though it's getting old, I find it still very valid. Make sure you
have a read at team-cymru.org before you roll out your AS, for their
BOGONs/Martians ACLs and peerings, as it sure helps.

Bear in mind BGP is a simplistic protocol. The pain point *will* be
your IGP (if you want to do it correctly from start...)

Greg VILLAIN


ops.lists at gmail

Jun 28, 2009, 6:37 AM

Post #29 of 33 (859 views)
Permalink
Re: ISP best practices [In reply to]
On Sun, Jun 28, 2009 at 5:50 PM, Gregoire Villain<nanog [at] grrrrreg> wrote:
> I would highly advise you have a read at any presentation by Phil Smith:
> ftp://ftp-eng.cisco.com/pfs/seminars (anonymous login)
> Read as much as you can from here 1st thing 1st - this is all solid ground
> knowledge.

And Philip / Barry's Cisco ISP Essentials is a good buy, even if you
use non cisco gear ..
http://www.ciscopress.com/bookstore/product.asp?isbn=1587050412

--srs


bgreene at senki

Jun 28, 2009, 7:18 AM

Post #30 of 33 (871 views)
Permalink
RE: ISP best practices [In reply to]
The best training available on the Net for a small ISP to learn from the
best is available ..... At www.nanog.org!

All the NANOGs are on VOD. Just go to the presentation archive:
http://www.nanog.org/presentations/archive/. Put in a keyword to search (say
"BGP Tutorial"), cook some popcorn, and sit back and enjoy the session.




> -----Original Message-----
> From: Gregoire Villain [mailto:nanog [at] grrrrreg]
> Sent: Sunday, June 28, 2009 5:21 AM
> To: nanog [at] nanog
> Subject: Re: ISP best practices
>
>
> On May 21, 2009, at 3:38 PM, Philip Lavine wrote:
>
> >
> > To all,
> >
> > I am sure this has been asked 10 to the 1 millionth power times,
> > however may be the rules have changed. I am looking to set
> up a really
> > small ISP with a few /24's. I want to host DNS as well. Is
> there any
> > whitepapers/howtos/best practices on setting up multihomed
> BGP and DNS
> > with BIND so I don't blow up the Internet.
> >
> > Thx
> >
> > Philip
>
> O Hai!
>
> I would highly advise you have a read at any presentation by
> Phil Smith:
> ftp://ftp-eng.cisco.com/pfs/seminars (anonymous login) Read
> as much as you can from here 1st thing 1st - this is all
> solid ground knowledge.
>
> Then, give a quick read at Cisco's BGP Case Study online on the CCO.
> And you're OK to go.
>
> Now if you want paper material that you can keep, I'd suggest
> "Internet Routing Architectures" by Sam Halabi - Cisco Press,
> even though it's getting old, I find it still very valid.
> Make sure you have a read at team-cymru.org before you roll
> out your AS, for their BOGONs/Martians ACLs and peerings, as
> it sure helps.
>
> Bear in mind BGP is a simplistic protocol. The pain point
> *will* be your IGP (if you want to do it correctly from start...)
>
> Greg VILLAIN
>
>


nanog at data102

Jun 28, 2009, 11:12 AM

Post #31 of 33 (856 views)
Permalink
Re: ISP best practices [In reply to]
I agree with this whole heartedly. Phil Smith's presentations and
papers are fantastic. I'm certain that a sizable portion of the
Internet operates because of the material that he has, and continues
to, put together.

Cheers,
Randal

On Sun, Jun 28, 2009 at 6:20 AM, Gregoire Villain<nanog [at] grrrrreg> wrote:
>> O Hai!
>
> I would highly advise you have a read at any presentation by Phil Smith:
> ftp://ftp-eng.cisco.com/pfs/seminars (anonymous login)
> Read as much as you can from here 1st thing 1st - this is all solid ground
> knowledge.
>


steve at ibctech

Jun 28, 2009, 3:55 PM

Post #32 of 33 (851 views)
Permalink
Re: ISP best practices [In reply to]
Barry Raveendran Greene wrote:
> The best training available on the Net for a small ISP to learn from the
> best is available ..... At www.nanog.org!
>
> All the NANOGs are on VOD. Just go to the presentation archive:
> http://www.nanog.org/presentations/archive/. Put in a keyword to search (say
> "BGP Tutorial"), cook some popcorn, and sit back and enjoy the session.

It helps also to communicate with people.

[speaking in small sp context]

If you know any of the engineers or operators of your upstream, perhaps
ask them questions from time to time. If you really know them (and are
serious about learning) ask them if they can provide you sample config
snips.

Contact the people that run your local IXP. I've found that the
operators of the exchange points are an aggregation point of 'the best
of the best from the best' information, as they generally discuss
solutions with chief engineers of all companies that connect to their
fabric.

IXP ops are a rich source not only of technical information, but also of
industry best practises relating to how other providers might prefer to
be approached, if they like or dislike feedback, and whether they care
to be approached at all.

Don't go bombarding your local IXP op with silly questions, it's just
another decent source of information, as they seem to be like
myself...if you ask a well-thought-out question, you will likely get an
answer (even if it's "I dunno, look over there").

With the books I mentioned earlier in the thread, and that others have
re-mentioned, I prefer:

- read
- lab up current environment
- implement what you read in lab
- test for breakage
- pilot lab findings into production
- update/tighten control features
- implement across network
- watch for inconsistencies, but continue to tighten rules
- read more
- rinse,repeat

Steve

ps. as always, thanks Jon.
Attachments: smime.p7s (3.16 KB)


dennis at thenose

Jun 28, 2009, 8:24 PM

Post #33 of 33 (836 views)
Permalink
Re: ISP best practices [In reply to]
>> On May 21, 2009, at 3:38 PM, Philip Lavine wrote:
>>
>>>
>>> To all,
>>>
>>> I am sure this has been asked 10 to the 1 millionth power times,
>>> however may be the rules have changed. I am looking to set
>> up a really
>>> small ISP with a few /24's. I want to host DNS as well. Is
>> there any
>>> whitepapers/howtos/best practices on setting up multihomed
>> BGP and DNS
>>> with BIND so I don't blow up the Internet.

not sure if any of these help, but you might want to also take MAAWG's
Published Documents

http://www.maawg.org/about/publishedDocuments

-Dennis

First page Previous page 1 2 Next page Last page  View All NANOG users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.