[f-nsp] IPv6 access to www.brocade.com is down

Wilbur Smith wsmith at brocade.com
Fri Apr 3 15:29:15 EDT 2015


Thanks Frank,
I won't take credit for it yet though :)

I opened a case on this last night, but our WAN guys may have already been working it. I've sent a follow-up note to them asking for any details AND what a good external email customers can use to alert us.

Some background on our IPv6 system...

I'll also give you some background on how our IPv6 system works at Brocade because I think it's kind of slick. I'm a customer-facing SE and don’t work in the internal IT group here though, so my info may be a bit outdated.

When Brocade switched on IPv6, we had the same issue as lots of folks: too many 3rd party tools or cloud apps that didn’t support IPv6 yet.  As our own cloud providers have migrated to IPv6, this has fixed some of this, but we still needed a way to present IPv4 systems to IPv6 clients. We're also much smaller than Juniper or Cisco, so the budget cost of upgrading legacy code was also a concern. 

We do make a really powerful SLB platform though (aka Application Delivery Controller if you're a marketing person) with the ServerIron ADX. The ADX isn’t as widely deployed at F5 in the enterprise world, but it is used heavily by our Service Provider customers.  Because of this, one feature we developed was IPv6 to 4 NAT. This isn’t exactly Network Address Translation, but the ADX uses an IPv6 DNS server to transparently translate between IPv4 and IPv6 addresses.  

When we deployed IPv6, we used this IPv4to6 with GSLB load balancing on ADX boxes deployed around the world. We're actually hosting the brocade.com site from a few points around the world and natively translating IPv6 requests from clients into IPv4 connections internally. I know this isn’t "True IPv6", but I think it was a good compromise at the time we deployed it. I think it's also a less complex alternative to the different IPv6t Tunneling methods.   This was rollout out over 3 years ago, so as Brocade has moved more of our internal systems into "the cloud", a lot of our legacy IPv4 problem has been solved by our cloud providers. 

Anyway, I hope some folks find how we did this useful; I try not to "sell" Brocade on this mailing list, but our ADX hardware is pretty cool stuff. I think it's also interesting that even though Brocade is a tech company, we face the same issues with legacy systems, budgets, and resources and most of our customers do. 

Wilbur

-----Original Message-----
From: foundry-nsp [mailto:foundry-nsp-bounces at puck.nether.net] On Behalf Of Frank Bulk
Sent: Friday, April 03, 2015 10:50 AM
To: foundry-nsp at puck.nether.net
Subject: Re: [f-nsp] IPv6 access to www.brocade.com is down

Just came back up a few minutes ago.  Thanks to Wilbur.

Frank

-----Original Message-----
From: foundry-nsp [mailto:foundry-nsp-bounces at puck.nether.net] On Behalf Of Wilbur Smith
Sent: Thursday, April 02, 2015 11:18 PM
To: David Hubbard; foundry-nsp at puck.nether.net
Subject: Re: [f-nsp] IPv6 access to www.brocade.com is down

Thanks for the heads up,
Comcast hasn’t rolled out IPv6 in my area yet, so I didn’t see this…and I’m also too lazy to setup a tunnel broker tonight ;)  Not sure if this was part of a maintenance window on our end or an outage with one of our WAN providers yet. I just sent a note to our IT folks; should hear something back by tomorrow morning. 

Wilbur





On 4/2/15, 8:09 PM, "David Hubbard" <dhubbard at dino.hostasaurus.com> wrote:

>Seeing same thing; there isn't a prefix in BGP currently which contains 
>their website's 2620:100:4:6401::20 address.  Would be nice if they'd 
>remove their quad A until they fix it since their website is down for 
>me now lol.
>
>-----Original Message-----
>From: foundry-nsp [mailto:foundry-nsp-bounces at puck.nether.net] On 
>Behalf Of Frank Bulk
>Sent: Thursday, April 02, 2015 7:13 PM
>To: foundry-nsp at puck.nether.net
>Subject: [f-nsp] IPv6 access to www.brocade.com is down
>
>I reached out to their "NOC" email address earlier today, but no 
>response (never have received one).
>
>IPv6 access to www.brocade.com has been down since 10:05 am (U.S.
>Central).
>Based on the two points I tested from it's as if their prefix is not 
>propagating.
>
>Frank
>
>
>[fbulk at puck ~]$ traceroute6 www.brocade.com traceroute to 
>www.brocade.com (2620:100:4:6401::20), 30 hops max, 80 byte packets
> 1  ge-0-7-0-22.r05.chcgil09.us.bb.gin.ntt.net (2001:418:3f4::1)  2.443 
>ms !N  2.680 ms !N  4.044 ms !N [fbulk at puck ~]$
>
>
>root at nagios:/# traceroute6 www.brocade.com traceroute to 
>www.brocade.com (2620:100:4:6401::20), 30 hops max, 80 byte packets
> 1  router-core.mtcnet.net (2607:fe28:0:1000::1)  0.401 ms  0.450 ms
>0.574 ms
> 2  sxct.sxcy.mtcnet.net (2607:fe28:11:1002::197)  0.185 ms  0.241 ms
>0.291 ms
> 3  v6-premier.sxcy-mlx.fbnt.netins.net (2001:5f8:7f0a:2::1)  1.623 ms
>1.678 ms  1.702 ms
> 4  v6-ins-db4-te-0-6-0-4-219.desm.netins.net (2001:5f8:1:1::1)  8.757 
>ms !N 10.330 ms !N  10.410 ms !N root at nagios:/#
>
>_______________________________________________
>foundry-nsp mailing list
>foundry-nsp at puck.nether.net
>http://puck.nether.net/mailman/listinfo/foundry-nsp
>
>
>_______________________________________________
>foundry-nsp mailing list
>foundry-nsp at puck.nether.net
>http://puck.nether.net/mailman/listinfo/foundry-nsp
_______________________________________________
foundry-nsp mailing list
foundry-nsp at puck.nether.net
http://puck.nether.net/mailman/listinfo/foundry-nsp

_______________________________________________
foundry-nsp mailing list
foundry-nsp at puck.nether.net
http://puck.nether.net/mailman/listinfo/foundry-nsp


More information about the foundry-nsp mailing list