Tamihiro Yuzawa

Author Archives: Tamihiro Yuzawa

One-liner iptables rule to Filter NTP Reflection on Linux Hypervisor

Anybody annoyed enough with massive NTP monlist floods over the weekend? If you did like I did, I believe what immediately came to your mind was, “this shouldn’t have happened if they just had put a ‘default ignore’ line in their ntp.conf file!” But unfortunately there are some people who’re not like you, including casual […]

Author information

Tamihiro Yuzawa

Tamihiro Yuzawa

Tamihiro Yuzawa is a network engineer at Sakura Internet, one of Japan's major data center service providers. Before he joined Sakura in 2007, he spent five years at a busy CRM service provider. Both companies have allowed him to stay mostly within the intersection of these circles, and he is pretty much determined to remain in a serious relationship with both Dev and Ops.

The post One-liner iptables rule to Filter NTP Reflection on Linux Hypervisor appeared first on Packet Pushers Podcast and was written by Tamihiro Yuzawa.

Centec V330: My Kind of OpenFlow Switch

This is my third and probably last installment of an ongoing story about our quest for OpenFlow 1.0 capable switches with a specific requirement - the capability to modify L3 destination addresses. The background of why Sakura Internet needs such switches for the purpose of DDoS attack mitigation is explained in my first article, along with […]

Author information

Tamihiro Yuzawa

Tamihiro Yuzawa

Tamihiro Yuzawa is a network engineer at Sakura Internet, one of Japan's major data center service providers. Before he joined Sakura in 2007, he spent five years at a busy CRM service provider. Both companies have allowed him to stay mostly within the intersection of these circles, and he is pretty much determined to remain in a serious relationship with both Dev and Ops.

The post Centec V330: My Kind of OpenFlow Switch appeared first on Packet Pushers Podcast and was written by Tamihiro Yuzawa.

Wanted: OpenFlow Switch With ofp_action To Modify The Destination L3 Address

This article is meant to serve in part as an appendix to my previous post on PacketPushers.net. Therefore, please take a moment to read this introduction of Sakura Internet’s DDoS detection and mitigation app if you haven’t already. At Sakura, we are in the process of implementing source-and-destination-based DDoS packet filtering that should be effective and […]

Author information

Tamihiro Yuzawa

Tamihiro Yuzawa

Tamihiro Yuzawa is a network engineer at Sakura Internet, one of Japan's major data center service providers. Before he joined Sakura in 2007, he spent five years at a busy CRM service provider. Both companies have allowed him to stay mostly within the intersection of these circles, and he is pretty much determined to remain in a serious relationship with both Dev and Ops.

The post Wanted: OpenFlow Switch With ofp_action To Modify The Destination L3 Address appeared first on Packet Pushers Podcast and was written by Tamihiro Yuzawa.

OpenFlow 1.0 Actual Use-Case: RTBH of DDoS Traffic While Keeping the Target Online

Sakura Internet operates several data centers across Japan, including this one, and my team is in charge of building and taking care of our IP backbones. In this article, I will introduce the ongoing process of upgrading our DDoS mitigation solution, which happens to be a down-to-earth, if not widely applicable, use case for OpenFlow. […]

Author information

Tamihiro Yuzawa

Tamihiro Yuzawa

Tamihiro Yuzawa is a network engineer at Sakura Internet, one of Japan's major data center service providers. Before he joined Sakura in 2007, he spent five years at a busy CRM service provider. Both companies have allowed him to stay mostly within the intersection of these circles, and he is pretty much determined to remain in a serious relationship with both Dev and Ops.

The post OpenFlow 1.0 Actual Use-Case: RTBH of DDoS Traffic While Keeping the Target Online appeared first on Packet Pushers Podcast and was written by Tamihiro Yuzawa.