AskJJX: How To Handle Rogue APs Without Getting Arrested
AskJJX: “What’s the best way to find and disable rogue APs on the network? We had an audit finding and got our hand slapped.” Ahhh, I love this question for so many reasons. First, because my answer to this today, in 2023, is very different than my answer would have been years ago. You may […]
The post AskJJX: How To Handle Rogue APs Without Getting Arrested appeared first on Packet Pushers.
Building a WAN Impairment Device in Linux on VMware vSphere
In some scenarios it is really useful to be able to simulate a WAN in regards to latency, jitter, and packet loss. Especially for those of us that work with SD-WAN and want to test or policies in a controlled environment. In this post I will describe how I build a WAN impairment device in Linux for a VMware vSphere environment and how I can simulate different conditions.
My SD-WAN lab is built on VMware vSphere using Catalyst SD-WAN with Catalyst8000v as virtual routers and on-premises controllers. The goal with the WAN impairment device is to be able to manipulate each internet connection to a router individually. That way I can simulate that a particular connection or router is having issues while other connections/routers are not. I don’t want to impose the same conditions on all connections/devices simultaneously. To do this, I have built a physical topology that looks like this:
All devices are connected to a management network that I can access via a VPN. This way I have “out of band” access to all devices and can use SSH to configure my routers with a bootstrap configuration. To avoid having to create many unique VLANs in the vSwitch, Continue reading
Multichannel fast file transfers over AX.25
Lately I’ve been thinking about a better data protocol for amateur radio.
“Better” is, of course, relative. And the space is so big. Are we talking HF or VHF/UHF? Should it work with existing radios (just working the audio spectrum), or be its own radio? Should it be just RF improvements, or higher networking layers?
File transfers on the application layer
In my previous post I started off trying ZMODEM, but was fairly disappointed. The Linux AX.25 implementation sucks, and ZMODEM is too chatty. Every roundtrip is expensive. But even tuning the parameters, there are better ways to avoid needless retransmits and roundtrips.
I’ve started a tool called hamtransfer. The implementation is currently only point-to-point, but the protocol will work for more “bittorrent” style too.
It uses Raptor codes, but I’ll save you some time: It encodes the file (it calls a “block”) into smaller chunks (it calls “symbols”). It then sends the symbols to the receiver, which will be able to reassemble the original block.
The trick is that the set of symbols is infinite, and the block can be assembled by almost any subset of symbols. If the block is 10kB, then with more than Continue reading
Private 5G Networks: The Key to Unlocking Industry 4.0
The time is now for manufacturers looking to invest in future smart factories and reap the benefits of private 5G.Calico monthly roundup: June 2023
Welcome to the Calico monthly roundup: June edition! From open source news to live events, we have exciting updates to share—let’s get into it!
Customer case study: Box Using Calico, Box achieved zero-trust security and policy automation at scale in a multi-cluster environment. Read our new case study to find out how. |
Is your container environment compliant with NIST guidelines? This assessment helps you compare your current security posture against the NIST Cybersecurity Framework and assess your readiness to detect and protect against cyberattacks. |
Open source news
- Calico Live – Join the Calico community every Wednesday at 2:00 pm ET for a live discussion about learning how to leverage Calico and Kubernetes for networking and security. We will explore Kubernetes security and policy design, network flow logs and more. Join us live on Linkedin or YouTube.
- Calico Wall of Fame – As a valued member of our Calico users community, we would like to feature you on our NEW Project Calico Wall of Fame. To participate, fill out the form here.
Connect
- The next monthly Project Calico community meeting will happen on on July 9th at 9:00 am PT. Join the Zoom Continue reading
Defining a Role for SD-WAN in a 5G Era
The key to cellular providers moving quickly to market with network slicing is by leveraging SD-WAN intelligence on 5G enterprise routers.Network Break CCCCXXXVII: Summer Holiday Special!
This bonus episode of Network Break discusses a new free tier of Prosimo's multi-cloud networking offering, the latest ThousandEyes acquisition, new SEC problems for SolarWinds, and a million-dollar refrigerator.
The post Network Break CCCCXXXVII: Summer Holiday Special! appeared first on Packet Pushers.
Network Break CCCCXXXVII: Summer Holiday Special!
This bonus episode of Network Break discusses a new free tier of Prosimo's multi-cloud networking offering, the latest ThousandEyes acquisition, new SEC problems for SolarWinds, and a million-dollar refrigerator.Worth Reading: Another BGP Session Reset Bug
Emile Aben is describing an interesting behavior observed in the Wild West of the global Internet: someone started announcing BGP paths with an unknown attribute, which (regardless of RFC 7606) triggered some BGP session resets.
One would have hoped we learned something from the August 2010 incident (supposedly caused by a friend of mine 😜), but it looks like some things never change. For more details, watch the Network Security Fallacies and Internet Routing Security webinar.
Worth Reading: Another BGP Session Reset Bug
Emile Aben is describing an interesting behavior observed in the Wild West of the global Internet: someone started announcing BGP paths with an unknown attribute, which (regardless of RFC 7606) triggered some BGP session resets.
One would have hoped we learned something from the August 2010 incident (supposedly caused by a friend of mine 😜), but it looks like some things never change. For more details, watch the Network Security Fallacies and Internet Routing Security webinar.
Worth Reading: AI Does Not Help Programmers
On the Communications of the ACM web site, Bertrand Meyer argues that (contrary to the exploding hype) AI Does Not Help Programmers:
As a programmer, I know where to go to solve a problem. But I am fallible; I would love to have an assistant who keeps me in check, alerting me to pitfalls and correcting me when I err. A effective pair-programmer. But that is not what I get. Instead, I have the equivalent of a cocky graduate student, smart and widely read, also polite and quick to apologize, but thoroughly, invariably, sloppy and unreliable. I have little use for such supposed help.
Not surprisingly, my experience is pretty close to what he’s describing. AI is the way to go if you want something that looks reasonable (at a first glance), but not if you want to get something right. Unfortunately, there’s a bit of a difference between marketing and engineering: networks that are configured 90% correctly sometimes fail to do what you expect them to do.
Worth Reading: AI Does Not Help Programmers
On the Communications of the ACM web site, Bertrand Meyer argues that (contrary to the exploding hype) AI Does Not Help Programmers:
As a programmer, I know where to go to solve a problem. But I am fallible; I would love to have an assistant who keeps me in check, alerting me to pitfalls and correcting me when I err. A effective pair-programmer. But that is not what I get. Instead, I have the equivalent of a cocky graduate student, smart and widely read, also polite and quick to apologize, but thoroughly, invariably, sloppy and unreliable. I have little use for such supposed help.
Not surprisingly, my experience is pretty close to what he’s describing. AI is the way to go if you want something that looks reasonable (at a first glance), but not if you want to get something right. Unfortunately, there’s a bit of a difference between marketing and engineering: networks that are configured 90% correctly sometimes fail to do what you expect them to do.
AskJJX: Help! Office Wi-Fi is So Bad An Intern Is Following The CEO Around With An AP
AskJJX: How do you set up and configure Wi-Fi for a two-level office in a crowded office building area (downtown San Francisco across from Moscone Center) with concrete poles all over the place? It was a nightmare. APs were dropping traffic like flies. We were at the point of almost having an intern follow the […]
The post AskJJX: Help! Office Wi-Fi is So Bad An Intern Is Following The CEO Around With An AP appeared first on Packet Pushers.
Heavy Networking 688: Packet-Level Fundamentals With Chris Greer
Packet-level fundamentals are essential for network engineers to be able to diagnose and solve network and application problems. On today's Heavy Networking, we dive into the transport layer and packets with packet analysis expert and instructor Chris Greer.
The post Heavy Networking 688: Packet-Level Fundamentals With Chris Greer appeared first on Packet Pushers.
