| 1 Oct 2021 |
 andi- | I recommend chatting with the mellanox devs. When we planned this everything would be have been done in the ASIC through iproute2 | 14:41:05 |
 dminuoso | German LI? | 14:41:27 |
| andi- | Nah, I just contacted the kernel devs back then. They established contacts to the internal engineering team. We side-stepped the whole sales shit. | 14:41:59 |
| dminuoso | No I mean, would this have been done to satisfy german lawful interception? Or a different country? | 14:42:19 |
 casey © | my first gig was all freebsd routers. there wasn't such a thing as open source or bsd/linux switches. i've not been a network engineer for something like 5 years now, but if i put that hat on again, i'd totally be for a switch running nixos. | 14:42:27 |
| dminuoso | andi: and yeah, we maintain a good relationship with the nvidia engineering teams. | 14:43:13 |
| andi- | In reply to @dminuoso:matrix.org
No I mean, would this have been done to satisfy german lawful interception? Or a different country? Probably. But we would probably also have started a court case regarding the requirements. They are immense for a small provider. | 14:43:34 |
| andi- | IIRC the boundary for providing fully transparent LI is some 10k of customers. | 14:44:16 |
| dminuoso | Indeed | 14:44:31 |
| andi- | And if we want innovative companies we can't ask them to go to "buy big Cisco box instead" if otherwise the entire business could be implemented in a week (over simplified). | 14:45:51 |
| dminuoso | Yeah, we would have never bought Cisco for this. | 14:46:04 |
| dminuoso | Like I said, for unrelated reasons we already had two of them lying around. | 14:46:14 |
| dminuoso | Fully licensed, even. | 14:46:21 |
| andi- | I know how that goes... They are just there from previous projects... Nobody was ever fired for buying Cisco... | 14:46:43 |
| dminuoso | Indeed. :) | 14:46:57 |
| dminuoso | All our routing platforms we buy now is Juniper MX204 or mellanox switches. | 14:47:10 |
| dminuoso | Which for our side is ideal | 14:47:34 |
| dminuoso | Plus of course some firewall stuff | 14:47:51 |
| andi- | I'd love to get back into this and design proper v6 only (core) networks. Only customers need v4 these days which you can transport easily.. | 14:48:00 |
| dminuoso | andi: the underlay of our network is IPv6 only! :) | 14:48:24 |
| dminuoso | Maybe that helps repair some of that damaged reputation from lack of a AAAA on wobcom.de | 14:48:45 |
| dminuoso | :p | 14:48:48 |
| casey © | sigh. only fond memories of juniper mx's. so many un-fond memories of the EX's and SRXs. | 14:48:51 |
| andi- | In reply to @dminuoso:matrix.org
Maybe that helps repair some of that damaged reputation from lack of a AAAA on wobcom.de hah, I'll let that slip once its fixed :-) | 14:49:39 |
| dminuoso | andi: oh and you mentioned our mail servers, they're not done by us. | 14:50:38 |
| dminuoso | The mail servers Im responsible for, for our customers, they're all reachable via IPv6. | 14:51:24 |
| andi- | Well they run on AWS so no excuse for them not to allow (at least inbound v6) ;-) | 14:51:42 |
| dminuoso | dig AAAA mx.wobcom.de | 14:51:43 |
| dminuoso | Though, these ones are not yet made by me. The new nixos based mailiverse is on the rise. Soon! :) | 14:52:24 |
| dminuoso | Oh they do? | 14:52:39 |
