God Objects Considered Harmful

Every software developer has run into “god objects”—some data structure or database that every process must access no matter what it is doing. Creating god objects in software is considered an anti-pattern—something you should not do. Perhaps the most apt description of the god object I’ve seen recently is you ask for a banana, and you get the gorilla as well.

We seem to have a deep desire to solve all the complexity of modern networks through god objects. There was ATM, which was going to solve all our networking problems by allowing the edge device (or a centralized controller) to control the path its traffic takes through the network. There is LISP, which is going to solve every mapping and tunneling/transport problem in the entire networking world (including mobility and security). There is SDN, which is going to solve everything by pushing it all into a controller.

And now there is BGP, which can be a link state protocol (LSVR), the ideal DC fabric control plane, the ideal interdomain protocol, the ideal IGP … a sort-of distributed god object that solves everything, everywhere, all the time (life in the fast lane…).

The problem is, a bunch of people Continue reading

Weekend Reads 011521

In response to ongoing cybersecurity events, the National Security Agency (NSA) released a Cybersecurity Advisory Thursday “Detecting Abuse of Authentication Mechanisms.” This advisory provides guidance to National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) network administrators to detect and mitigate against malicious cyber actors who are manipulating trust in federated authentication environments to access protected data in the cloud.

The current lawsuit was announced by Colorado’s Attorney General Phil Weiser but 38 states are signatories. The big issue is alleged suppression of competition.

Data analytics isn’t just for large organizations anymore. As businesses and community collectives increasingly move their operations into digital spaces, the vast amounts of data being collected pose an opportunity for them to get to know their stakeholders better.

In one of his most famous studies, 54 volunteers were served tomato soup. Half were served from normal bowls and half from “bottomless bowls” which had hidden tubes that imperceptibly refilled the bowls.

For all its breadth, depth, and skillful insertion via the supply chain, the latest hack of critical departments of the U.S. government—and of many leading corporations from around the world — should come as no surprise.

As domains Continue reading

Webinar: How the Internet Really Works Part 1

On the 22nd, I’m giving a three hour course called How the Internet Really Works. I tried making this into a four hour course, but found I still have too much material, so I’ve split the webinar into two parts; the second part will be given in February. This part is about how systems work, who pays for what, and other higher level stuff. The second part will be all about navigating the DFZ. From the Safari Books site:

This training is designed for beginning engineers who do not understand the operation of the Internet, experienced engineers who want to “fill in the gaps,” project managers, coders, and anyone else who interacts with the Internet and wants to better understand the various parts of this complex, global ecosystem.

You can register here.

Hedge #66: Tyler McDaniel and BGP Peer Locking

Tyler McDaniel joins Eyvonne, Tom, and Russ to discuss a study on BGP peerlocking, which is designed to prevent route leaks in the global Internet. From the study abstract:

BGP route leaks frequently precipitate serious disruptions to interdomain routing. These incidents have plagued the Internet for decades while deployment and usability issues cripple efforts to mitigate the problem. Peerlock, introduced in 2016, addresses route leaks with a new approach. Peerlock enables filtering agreements between transit providers to protect their own networks without the need for broad cooperation or a trust infrastructure.

download

Technologies that Didn’t: ARCnet

In the late 1980’s, I worked at a small value added reseller (VAR) around New York City. While we deployed a lot of thinnet (RG58 coax based Ethernet for those who don’t know what thinnet is), we also had multiple customers who used ARCnet.

Back in the early days of personal computers like the Amiga 500, the 8086 based XT (running at 4.77MHz), and the 8088 based AT, all networks were effectively wide area, used to connect PDP-11’s and similar gear between college campuses and research institutions. ARCnet was developed in 1976, and became popular in the early 1980’s, because it was, at that point, the only available local area networking solution for personal computers.

ARCnet was not an accidental choice in the networks I supported at the time. While thinnet was widely available, it required running coax cable. The only twisted pair Ethernet standard available at the time required new cables to be run through buildings, which could often be an expensive proposition. For instance, one of the places that relied heavily on ARCnet was a legal office in a small town in north-central New Jersey. This law office had started out in an older home over a Continue reading

Master Class: DC Fabrics

I’m teaching another master class over at Juniper on the 13th at 9AM PT:

Spine-and-leaf fabric is the “new standard,” but how much do you know about this topology, its origins, and its properties? This session will consider the history of the Clos, explain the butterfly and Benes, look at why a fabric is a fabric and why “normal networks” are not, and cover some key design considerations when building a fabric.

You can register here.

Weekend Reads 010821

Internet Society Chapters in Europe are warning the European Commission that its recent plea for Member States to help find ways to access encrypted communications could make millions of citizens and countries more vulnerable to harm and terrorism online.

Every Christmas season the Mozilla Foundation reviews a list of IoT devices that do not protect privacy. It seems like almost anything we buy today that includes electronics also connects to the Internet.

You have probably heard the saying: “If you are not paying for the product, you ARE the product”. Nowhere is this more acute than on the internet when our personal data is collected, analyzed and used to persuade us to buy products or ideas, many times without our explicit knowledge or permission.

Due to its growing popularity, identifying which addresses are anycasted and from where they are announced is becoming fundamentally important to provide a more accurate assessment of the Internet’s resilience.

Privacy plays an important part in the development of NLnet Labs products. For Unbound this manifests itself by being in the front line of the development of privacy preserving features like QNAME minimization, auth-zones, and DNS-over-TLS (DoT).

The 2020 (ISC)2 Cybersecurity Workforce Study looks at the Continue reading

The Hedge Podcast #65: Jacquelyn Adams and the Future of Work

Everyone in networking—and beyond networking, in fact—thinks about what the future of work might look like. Jacquelyn Adams joins Eyvonne Sharp, Tom Ammon, and Russ White on this episode of the Hedge to discuss what work might look like based on this era of rapid change, and how you can prepare for that future.

download

George Sadowsky on the History of Networking

George Sadowsky was a pioneer in recognizing the importance of networking technology for economic development, particularly in developing economies. He has worked in over 50 countries to bring training and networking infrastructure to the local population. In this episode of the History of Networking, George recounts some of the early, pre-Internet, work in computer networking, and the development of many of the organizations that make the Internet work today. His web site can be found here.

download

The OSI Model: STOP IT!

The OSI model is perhaps the best-known—and perhaps the most-loved—model in the networking world. It’s taught in every basic networking course, and just about every blog (other than this one) has some article explaining the model someplace or another (for instance, here is one of the better examples).

The reality is, however, that I’ve been in the networking business for 30’ish years and I’ve never once used the OSI model for anything practical. I’ve used the model when writing books because just about every book on networking has to have a section on the OSI model. I’ve used the model when writing a paper comparing two different protocols, back in the multiprotocol days (VIP versus IPX versus IP), but we don’t have those kinds of arguments very often any longer.

So, we all learn the OSI model, and yet I don’t know of anyone who actually uses the OSI model in understanding how protocols work, or how to troubleshoot a network. There’s the “it’s a layer two problem” statement, and that’s about the end its useful life, it seems.

Let me make a suggestion—learn, use, and teach the RINA model instead. Okay, so what is the RINA model? It is Continue reading

Weekend Reads 122420

The easiest way to understand the concept is with an example. Consider a passive optical fiber network where up to 32 homes share the same neighborhood fiber. In the most common GPON technology, the customers on one of these neighborhood nodes (called a PON) share a total of 2.4 gigabits of download data.

The push to develop and deploy applications faster has evolved from simply a goal for developers to a business-level priority that affects every organization’s bottom line. To meet this goal, companies have begun to de-silo development, operations, and security, moving toward a DevSecOps model to deliver

In a survey of 603 free and open source software (FOSS) contributors, the Linux Foundation’s Open Source Security Foundation (OpenSSF) and the Laboratory for Innovation Science at Harvard University (LISH) discovered that the average FOSS developer only spent 2.3% of their time on improving the security of their code.

Chris Lewis joins EFF hosts Cindy Cohn and Danny O’Brien as they discuss how our access to knowledge is increasingly governed by click-wrap agreements that prevent users from ever owning things like books and music, and how this undermines the legal doctrine of “first sale” – which states that once Continue reading

On Important Things

I tend to be a very private person; I rarely discuss my “real life” with anyone except a few close friends. I thought it appropriate, though, in this season—both the season of the year and this season in my life—to post something a little more personal.

One thing people often remark about my personality is that I seem to be disturbed by very little in life. No matter what curve ball life might throw my way, I take the hit and turn it around, regain my sense of humor, and press forward into the fray more quickly than many expect. This season, combined with a recent curve ball (one of many—few people would suspect the path my life has taken across these 50+ years), and talking to Brian Keys in a recent episode of the Hedge, have given me reason to examine foundational principles once again.

How do I stay “up” when life throws me a curve ball?

Pragmatically, the worst network outage in the world is not likely to equal the stresses I’ve faced in the military, whether on the flight line or in … “other situations.” Life and death were immediately and obviously present in those times. Continue reading

Weekend Reads 121820

This is a rather oversized edition of the weekend reads… because I seem to have saved up a lot more links than usual.

There comes a time in every developer’s life (or daily routine, we’re not here to judge) where they have to go and fix a bug. Back in the days when I used to be a developer, I distinctly remember how each time I would go face to face with a bug, my favorite method to fix it was to add log lines. I mean, why not, right?

Cybersecurity researchers on Thursday disclosed details of a previously undiscovered in-memory Windows backdoor developed by a hacker-for-hire operation that can execute remotely malicious code and steal sensitive information from its targets in Asia, Europe, and the US.

The PC revolution started off life 35 years ago this week. Microsoft launched its first version of Windows on November 20th, 1985, to succeed MS-DOS. It was a huge milestone that paved the way for the modern versions of Windows we use today. While Windows 10 doesn’t look anything like Windows 1.0, it still has many of its original fundamentals like scroll bars, drop-down menus, icons, dialog boxes, and apps like Notepad Continue reading

Upcoming Webinar: How Routers Really Work

Just a gentle reminder that on Monday (just a few days from now) I’m teaching a three hour webinar over at Safari Books on How Routers Really Work. From the course description—

This training will peer into the internal components of a router, starting with an explanation of how a router switches packets. This walk through of a switching path, in turn, will be used as a foundation for explaining the components of a router, including the various tables used to build forwarding tables and the software components used to build these tables.

Register here if you’re interested.

The Hedge Podcast #64: Brian Keys and Burnout

Burnout stalks most network engineers—and most people in the world of information technology—striking at least once in every career, it seems, and often more than once. In this episode, Brian Keys joins Eyvonne Sharp, Tom Ammon, and Russ White to discuss his personal experience with burnout. The discussion then turns to general strategies and ideas for avoiding burnout on a day-to-day basis.

download

The History of EARN, RARE, and European Networks (part 2)

European networks from the mid-1980’s to the late 2000’s underwent a lot of change, bolstered by the rise and fall of America Online, the laying of a lot of subsea cables, and the creation of several organizations, including EARN and RARE, to bolster the spread and use of the Internet. Daniele Bovio joins Donald Sharp and Russ White on this episode of the History of Networking to give us a good overall perspective of this history.

You can find more information about the history of EARN at https://earn-history.net.

download

Pulling Back the Curtains

One of the major sources of complexity in modern systems is the simple failure to pull back the curtains. From a recent blog post over at the ACM—

The Wizard of Oz was a charlatan. You’d be surprised, too, how many programmers don’t understand what’s going on behind the curtain either. Some years ago, I was talking with the CTO of a company, and he asked me to explain what happens when you type a URL into your browser and hit enter. Do you actually know what happens? Think about it for a moment.

Yegor describes three different reactions when a coder faces something unexpected when solving a problem.

Throw in the towel. Just give up on solving the problem. This is fairly uncommon in the networking and programming fields, so I don’t have much to say here.

Muddle through. Just figure out how to make it work by whatever means necessary.

Open the curtains and build an excellent solution. Learn how the underlying systems work, understand how to interact with them, and create a solution that best takes advantage of them.

The first and third options are rare indeed; it is the second solution that seems to dominate our Continue reading

Weekend Reads 121120

Giant tech companies have come under a great deal of well-deserved criticism from across the political spectrum on a variety of concerns over their actions. On market power, privacy, political bias and disinformation, they are under a microscope. One area where their actions deserve even more scrutiny — and opposition — is their war on the patent rights of inventors and startups.

If we look at previous mobile generations and perhaps start at 3G, we can see that with this technology, it became possible to access the Internet — however that was far from adequate for the technology explosion that happened around smartphones in the late 00s.

The Data Center Frontier Show podcast tells the story of the data center industry and its future. Our podcast is hosted by Rich Miller, editor of Data Center Frontier, who is your guide to the ongoing digital transformation.

Working remotely was growing more common even before the coronavirus pandemic accelerated the trend. As workers increasingly settle into their home offices, they still need access to company networks and office hardware — particularly printers. In fact, the pandemic led to a spike in the sale of home office printers, according to Deloitte.

In a Continue reading

The Hedge Episode 63: Anycast with Andree Toonk

Anycast is a bit of a mystery to a lot of network engineers. What is it, and what is it used for? Andree Toonk joins Tom and Russ on this episode of the Hedge to discuss the many uses of anycast, particularly in the realm of the Domain Name Service (DNS). Andree helped build the OpenDNS network and service, so he has deep experience with anycast routing on the DFZ.

download