Any info on devices that are running eBGP on the Internet?

Thu Nov 7 22:47:40 UTC 2019

The OUI prefixes that are Intel, Dell, HP, Supermicro and other x86-64
hardware vendors are almost certainly people running BIRD, FRR or similar
on commodity hardware. In which case the actual routing configuration could
be almost anything, those just happen to be the PCI-Express NICs in some
sort of server platform.

On Thu, Nov 7, 2019 at 11:59 AM Edward Dore <
edward.dore at freethought-internet.co.uk> wrote:

> I just grabbed the following from our routers connected to LINX LON1, LINX
> LON2, LINX Manchester and LONAP (so this data is very UK centric):
>
>  557 Cisco Systems, Inc
>  553 Juniper Networks
>   51 Routerboard.com
>   51 Brocade Communications Systems, Inc.
>   49 Arista Networks
>   40 Unknown
>   38 Intel Corporate
>   36 HUAWEI TECHNOLOGIES CO.,LTD
>   31 Globalscale Technologies, Inc.
>   20 Super Micro Computer, Inc.
>   20 Alcatel-Lucent IPD
>   15 Nokia
>   14 Hewlett Packard
>   10 VMware, Inc.
>   10 Ubiquiti Networks Inc.
>   10 Sunrich Technology Limited
>   10 Extreme Networks, Inc.
>    7 Dell Inc.
>    5 IEEE Registration Authority
>    4 Intel Corporation
>    4 HotLava Systems, Inc.
>    3 FireBrick Limited
>    2 Raspberry Pi Foundation
>    2 Nexcom International Co., Ltd.
>    2 Microsoft Corporation
>    2 Mellanox Technologies, Inc.
>    2 ICP Electronics Inc.
>    2 Hewlett Packard Enterprise
>    2 BSkyB Ltd
>    1 Xensource, Inc.
>    1 XEROX CORPORATION
>    1 Solarflare Communications Inc.
>    1 SILICOM, LTD.
>    1 MIX s.r.l.
>    1 LANNER ELECTRONICS, INC.
>    1 GIGA-BYTE TECHNOLOGY CO.,LTD.
>    1 DriveCam Inc
>    1 DIGITAL EQUIPMENT CORPORATION
>    1 Agile Systems Inc.
>
> That's done using https://github.com/bauerj/mac_vendor_lookup to do the MAC
> lookup against the IEEE OUI list with the "Unknown" entries being
> anything which doesn't appear in http://standards-oui.ieee.org/oui.txt (possibly
> locally administered addresses?).
>
> Hope that's helpful to someone 🙂
>
> Edward Dore
>
> Freethought Internet
> ------------------------------
> *From:* NANOG <nanog-bounces at nanog.org> on behalf of Sabri Berisha <
> sabri at cluecentral.net>
> *Sent:* 07 November 2019 19:08
> *To:* Compton, Rich A <Rich.Compton at charter.com>
> *Cc:* nanog <nanog at nanog.org>
> *Subject:* Re: Any info on devices that are running eBGP on the Internet?
>
> Hi,
>
> What you could consider is asking a few of the major internet exchanges if
> they'd be so kind to send you a list of MAC addresses seen on their LANs.
> Based on the MAC you can determine the manufacturer. If you have three or
> four big ones, you have a decent sample size as most larger networks are on
> multiple IXes anyway.
>
> If you do compile a list, I'm sure this list would be interested in the
> results :)
>
> Thanks,
>
> Sabri
>
>
> ----- On Nov 6, 2019, at 10:39 AM, Compton, Rich A <
> Rich.Compton at charter.com> wrote:
>
> Hi, I am working with MANRS (https://www.manrs.org) on a tool for
> checking router configs for BGP security / spoofing prevention (e.g. uRPF)
> https://github.com/manrs-tools/MANRS-validator
>
> We are wondering if there is any research on the percentages of different
> types of devices running BGP on the Internet.
>
> Something like:
>
> Cisco IOS 30%
>
> Junos 30%
>
> Mikrotik 20%
>
> etc…
>
> We are looking to focus our tool on the most prevalent types of devices
> doing BGP (and the most prevalent with BGP security/spoofing issues) so
> that we can have the greatest impact.  Does anyone have any information on
> this or know where I can obtain this information?  Thanks in advance!
>
>  -Rich
> The contents of this e-mail message and
> any attachments are intended solely for the
> addressee(s) and may contain confidential
> and/or legally privileged information. If you
> are not the intended recipient of this message
> or if this message has been addressed to you
> in error, please immediately alert the sender
> by reply e-mail and then delete this message
> and any attachments. If you are not the
> intended recipient, you are notified that
> any use, dissemination, distribution, copying,
> or storage of this message or any attachment
> is strictly prohibited.
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20191107/308a784d/attachment.html>