DNS poisoned for LinkedIn. Affects us? Sure, it does.
If you were unable to access LinkedIn for almost the entire day earlier this week, then you can take solace in the fact that you were not the only one, not able to. Almost half the world shared your misery where all attempts to access LinkedIn (and several other websites) went awry. This purportedly happened because a bunch of hackers decided to poison the DNS entries for LinkedIn and some other well known websites (fidelity.com being another).
Before we delve into the sordid details of this particular incident lets quickly take a look at how DNS works.
Whenever we access linkedin.com, our computer must resolve this human-readable address “linkedin.com” into a computer-readable IP address like “216.52.242.86″ thats hosting this website. It does this by requesting a DNS server to return an IP address that can be used. The DNS server responds with one or more IP addresses with which you can reach linkedin.com. Your computer then connects to that IP address.
So where is this DNS server located that i just spoke about?
This DNS server lies with your Internet service provider, which caches information from other DNS servers. The router that we have at home also Continue reading
Last 24
1. Went to Dubai International airport at 1 am local time2. Stayed in Emirates business lounge, blogging to write about the recent Indonesian Networkers 17-19 June 2013 aka 100NGN Workshop in Jakarta
3. Got info there was delay for about an hour from the original 2.55 am local time
4. Continued blogging
5. At 3.30 am there was announcement the new schedule for the flight now is 6 am
6. Didn't want to sleep to avoid missing the flight, randomly browsing the Internet
7. Close to 6 am, no announcement about the boarding
8. Felt very sleepy so decided just to go to boarding gate around 6 am
9. Got into airplane around 6.30, flight finally took off at 7 am
10. Couldn't sleep during the 13.5 hours flight to JFK New York, watched lots of movies
11. Arrived 1.5 hours before my connecting flight
12. There was announcement from pilot, due to medical condition of one passenger all others must stayed inside airplane until the situation is cleared
13. Came out from airplane with only about an hour before the next flight to Orlando
14. Run to border security with Quick Connect paper Continue reading
PQ Show 25 – Cisco OTV Deep Dive Part 2
New voices gather in the Packet Pushers virtual boardroom for a discussion of Cisco’s layer 2 extension technology, Overlay Transport Virtualization (OTV). Ethan Banks hosts a recording of about two hours worth of content about OTV; this show is the second hour (well, almost another hour). Joining Ethan are first-time guests Jamie Caesar, Colby Glass and Ken Matlock. Jamie, Colby and Ken have […]
Author information
The post PQ Show 25 – Cisco OTV Deep Dive Part 2 appeared first on Packet Pushers Podcast and was written by Ethan Banks.
Indonesian Networkers 2013 aka 100NGN
I’m currently sitting at Dubai airport, waiting for my flight to New York, then Orlando for Cisco Live US 2013. It’s going to be epic with so many breakout sessions, keynote speech by Cisco CEO, customer appreciation and CCIE party and many other great stuff for those who want to get the latest update and new innovation in computer networking from the market leader. Last year, Cisco Live US 2012 in San Diego set a record breaking of 17,000in-person attendees!
Earlier this week I took 5 days off from work to conduct 3 days workshop for 100 Indonesian professionals and 100 students, discussing the “next generation of computer networking”. We called it Indonesian Networkers 2013 aka 100NGN workshop that was held between 17-19 June.
With 100NGN workshop we want to prepare Indonesian professionals and students with best practices, soft skills and new direction in computer networking technology. And it’s been my personal obsession to bring world class event to Indonesia, just as Cisco Live.
Day 1 was started with keynote speech about building Network, Skill and Experience in order to become globally competitive professionals. Continued with Network Design lesson, MPLS VPN tutorial, and non-technical session like Killer CV.
Cisco Elastic Core, QoS Implementation in Mobile Network, next generation Data Center and Service Provider Wifi.
At the end of every session there was quiz with multiple choice questions. We used online polling system Textello to find the attendee with the highest score. The top scorer of Day 1 was rewarded with Google Nexus 7 tablet.
Day 2 agenda was CCIE and CCDE experience, WAN Architecture and Design, IP RAN 2G and 3G Implementation.
There was a session on Interview process in Silicon Valley, directly from an Indonesian who currently works in Silicon Valley, who was willing to come all the way for this event!
Evolution of Mobile Technology, E-Commerce Perimeter Security, IPv6 Implementation, Software Defined Network, OnePK and Internet of Everything.
The top scorer of Day 2 got Apple iPad Mini with “Indonesian Networkers 2013” written at the back.
Day 3 was designated for students. We want them to get the updates on Mobile technology, router architecture, SDN, IPv6 and Internet of Everything.
We event brought a speaker from one of the best universities in Indonesia to explain his research in SDN with GIST Korea to implement OpenFlow at TEIN research network.
Day 3 was closed with provocative session about communication skill to win in global competition by Dwi Chandra from DCT Enterprise. We gave away three Raspberry Pi to the students who became the top scorers of the day.
"Some people want it to happen, some wish it would happen, others make it happen" – Michael Jordan.
Thank you to our silver sponsor Cisco Advanced Services APAC. Thank you Gulfware for Textello, DCT, Cisco Academy and CCIE Club Indonesia.
I learned from David Novak, CEO of Yum! Brands, that the only way to make big things happen is by taking people with you. Thank you to all the speakers who were willing to come in between their busy schedule. Some speakers even came from outside the country or must travel from different city!
I'm very proud as young organization GEM Foundation and Jawdat are able to conduct an event like 100NGN.To all my team members, You make it happen! And once again, thank you to all speakers, sponsors and attendees!
3 days. 14 speakers. Total 199 participants. Network Design, MPLS VPN, Killer CV, Elastic Core, Mobile, QoS, DCN, SP Wifi, CCIE/CCDE, WAN Design, IP RAN 2G/3G, Interview, LTE, Security, IPv6 Implementation, Next Generation Router, SDN/OnePK, SDN Research, Communication skill, Internet of Everything!
My week-off couldn’t have been better.
Infusing Some Reality in the “Land of Make Believe”
As almost everyone in the networking community knows, next week is Cisco Live in Orlando, Florida. And as just about well…everyone knows, Orlando is the home of Disney World, a.k.a. the Land of Make Believe.
There are some that would have you believe that the software-defined networking (SDN) market is the land of make believe as well – lots of buzz words, catchy messaging and pretty PowerPoint slides. Embrane and our customers have a different view.
It’s a view we can’t wait to talk about next week. We have a lot to share with the show attendees. There’s a lot of synergy between Embrane and Cisco. Whether attendees want to talk about running applications on UCS or moving traffic through their data center or cloud environment with Nexus switches, we add a tremendous amount of value to those environments with our software-defined network services.
Speaking of UCS. Because I like a good Main Street, USA fireworks show as much as the blinking lights on a piece of hardware, I’m really looking forward to powering up the Cisco UCS chassis we are going to have in the booth. Then, just a few seconds after that spinning up software-defined firewalls Continue reading
Packet Pushers – Planned Shows & TweetUps at Cisco Live US 2013
Next week, the Packet Pushers are sponsored by Cisco to take the mobile recording studio to Cisco Live US (CLUS) in Orlando. We’ve been planning a lot of shows around what is the biggest IT conference of the year for those of us in the networking industry. The inimitable Mr. Ferro has posted some thoughts […]
Author information
The post Packet Pushers – Planned Shows & TweetUps at Cisco Live US 2013 appeared first on Packet Pushers Podcast and was written by Ethan Banks.
Packet Design to Challenge Engineers at Cisco Live
Company Will Launch its "Do You Know Everything?" Campaign on the World of Solutions Exhibit Floor
Packet Design, the leading provider of IP network route analytics software, announced a new marketing campaign today at the 2013 Cisco Live Conference in Orlando, Florida.
Packet Design will introduce some levity to the serious world of IP networking by challenging visitors to its booth on their Knetwork Knowledge℠. Packet Design routing experts will test attendees on their expertise in IGP and BGP routing protocols, MPLS WANs, Layer 2 and 3 VPNs and RSVP-TE tunnels. Attendees will leave not only with a higher level of Knetwork Knowledge but also a tee shirt that gives them bragging rights. In addition, they will understand how Packet Design’s Explorer™ family of products:
- Gives real-time visibility into Layer 3 topology and routing for proactive service delivery management
- Allows replay of the topology and all routing events at any point in time for forensic analysis of network issues
- Enables interactive modeling to understand the impact on routing and traffic flows of planned network changes, new workloads and component failures.
“IP networking is complex and sometimes the people responsible for ensuring the availability and performance of critical networks Continue reading
Bufferbloat in switches/bridges
I received the following question today from Ralph Droms. I include an edited version of my response to Ralph.
On Thu, Jun 20, 2013 at 9:45 AM, Ralph Droms (rdroms) <rdroms@yyy.zzz> wrote:
Someone suggested to me that bufferbloat might even be worse in switches/bridges than in routers. True fact? If so, can you point me at any published supporting data? Thanks, Ralph
Ralph,
It is hard to quantify as to whether switches or routers are “worse”, and I’ve never tried, nor seen any published systematic data. I
wouldn’t believe such data if I saw it, anyway. What matters is whether you have unmanaged buffers before a bottleneck link.
I don’t have first hand information (to just point you at particular product specs; I tend not to try to find out whom is particularly guilty as it can only get me in hot water if I compare particular vendors). I’ve generally dug into the technology to understand how/why buffering is present to understand what I’ve seen.
You can go look at specs of switches yourself and figure out switches have problems from first principles.
Feel free to write a paper!
Here’s what I do know.
Ethernet Switches:
- The simplest switch Continue reading
Vendor PSA: Words and Phrases to Avoid in Presentations
Over the years IT professionals have sat through countless presentations, conference calls, and keynotes. We’ve been preached too, explained “the problem”, and forced to bear witness to the the future. During such events all of us have had to step up and explain that we already understand the problem, we know who your company is, and we really just want to know how your product works.
Outside of the normal annoyances, there are several words or phrases that invoke pain and disgust in our hearts, one such phrase came up today. While I won’t mention the source, or berate them anymore than they already have been. I do want to put this list out there for future reference… If I’ve forgotten something that drives you crazy, please, feel free to contact me so I can add it here.
- Cloud — we’ve jumped the shark with Cloud years ago….
- Gartner — No one that understands technology cares what Garner says. Period.
- Magic Quadrant — See above.
- Single Pane of Glass — An overly obvious marking term.
- Next Generation — Really? Prove it.
- Game Changer — See above.
- Software Defined $something — Just like Cloud, we’ve driven this into the ground
- And Continue reading
Know Your Competition: Observations From Structure
I spent the day yesterday at GigaOM’s Structure conference in San Francisco trying to see what my colleagues around the technology world are up to these days. If you have haven’t been to Structure, it’s always a good event – well organized, lots of 20-minute discussions and plenty of networking opportunities. There were definitely interesting nuggets shared from a variety of speakers at the show.
For example, I loved it when Ben Haines, formerly of Pabst Brewing, said he worked for “The Department of No.” I’m probably going to “borrow” that because it’s the reason Embrane is trying to help IT, and particularly the networking team. As I wrote in a recent blog post, Don't Hate the Players Hate the Tools, IT and the networking team need to have the tools at their disposal so they have to stop saying no to requests that require immediate action because they can’t react fast enough.
Then there was the CIO from Clorox, Ralph Loura, who said he’s constantly trying to make IT agile. As he said, his goal is to help IT enable business productivity. He gets it! He knows that if he doesn’t, the business units will go off Continue reading
CCIE R&S v5 blueprint announcement?
How does the internet work - We know what is networking
UPDATE on 2.11.2013 – There will be an update in February 2014! Read all about the new announcement in the latest article here! with all new topics added and removed from CCIE lab exam v5. UPDATE on 23.07.2013 – There will be not update this year to v5 at least not for now… […]
Host Interfaces on UCS FEX 2204 vs FEX 2208
I mentioned in a previous post regarding the connectivity options to each blade if you’re using the appropriate hardware. If you’re using a 2208 FEX, you have 8 upstream ports, each at 10GbE. This means the FEX can support up to 80 Gbps total. You can provide potentially 4:1 oversubscription (math later) to each blade by connecting a 2208 FEX into a blade chassis with blades that can also support 80Gbps each.Host Interfaces on UCS FEX 2204 vs FEX 2208
I mentioned in a previous post regarding the connectivity options to each blade if you’re using the appropriate hardware. If you’re using a 2208 FEX, you have 8 upstream ports, each at 10GbE. This means the FEX can support up to 80 Gbps total. You can provide potentially 4:1 oversubscription (math later) to each blade by connecting a 2208 FEX into a blade chassis with blades that can also support 80Gbps each.phpIPAM version 0.8 released
Dear all, I am happy to announce new version of phpipam IP address management – version 0.8. Quite some bugs have been squashed and some new features introduced, like per-group permissions, support for translations, visual subnet displays and other: 
- New group and permission management;
- Support for translations;
- Subnet resizing;
- Subnet splitting into smaller subnets;
- Added free space display for nested subnets;
- Added visual display of subnet usage per IP address;
- Added truncate network option that deletes all IP addresses in subnet;
- Added button the updates subnet with RIPE information;
You can demo it here: http://demo.phpipam.net/
You can download it on sourceforge site: phpipam-0.8.
Please note that IE8 is no longer supported!
Special thanks to all the people submitting bug reports, donors, translators and feature testers!
Screenshots:
Full changelog for this release is:
New features:
----------------------------
+ New group and permission management;
+ Support for translations;
+ Subnet resizing;
+ Subnet splitting into smaller subnets;
+ Added free space display for nested subnets;
+ Added visual display of subnet usage per IP address;
+ Added truncate network option that deletes all IP addresses in subnet;
+ Added button the updates subnet with RIPE information;
Enhancements:
----------------------------
+ Continue reading
On accents, colloquialisms and proprietary extensions
I may not be the most “travelled” person in the world, but over the past couple of years I have managed to find myself in several places across Asia, the Pacific Islands and also the US. One thing has always stood out – Speaking the same language is the hardest part of travelling! Now when I travel to parts of Asia and Im dealing either in hand gestures or with somebody trying their very best speak English (Their English is 1000x better than my Cantonese or my Khmer), and we both make allowances for the difficulty of not speaking the same language.
Sadly, when I travel to the United States and we both attempt to speak “English” nobody can ever seem to understand me. Sometimes its my accent, and other times its the colloquialisms I am using that do not translate effectively, and I am treated by blank stares on the other person trying their hardest not to say “Huh?”.
I’ve learned to deal with this by talking slower and thinking carefully about the words I use to ensure that they dont have some local significance. Anybody who has met me in person knows that I talk loudly, quickly Continue reading
CCIE Lab Exam attempt #2 – How I’m going to study better!
Well it has been just over 7 weeks now since I failed my first attempt at the CCIE Lab Exam in Routing & Switching in Brussels. On the way home on the Eurostar I had vowed to take the weekend off and get straight back on the horse and start labbing again for 4 hours […]
Author information
The post CCIE Lab Exam attempt #2 – How I’m going to study better! appeared first on Packet Pushers Podcast and was written by Roger Perkin.
5 Reasons to Consider Working For a Technology Reseller
For the first several years of my career, I worked for a smaller technology reseller. These types of organizations are often known as value added resellers, or VARs. The role of a VAR is to combine their expertise with some technology they sell in a way that solves the challenges of their customers. The expertise […]
Author information
The post 5 Reasons to Consider Working For a Technology Reseller appeared first on Packet Pushers Podcast and was written by Paul Stewart.
NX-OS vPC FEX configuration example
Here's a no frills cheat sheet for a quick vPC and FEX configuration on a pair of Nexus 5000 switches. Refer visio for switch connectivity.
Note, my management network is a /29, just in case you want to configure config-sync between the two NX5K switches. You will need a cfs mcast-address which could be the same as the default gateway used in the management vrf.
On NX5K-1
int mgmt0
ip add 1.1.1.2/29
ip add 1.1.1.2/29
vrf context management
ip route 0.0.0.0/0 1.1.1.1
ip route 0.0.0.0/0 1.1.1.1
int eth1/1-2
desc vPC Peer-Link members
channel-group 1 mode active
desc vPC Peer-Link members
channel-group 1 mode active
int po1
desc vPC Peer-Link
vpc peer-link
switchport mode trunk
sw trunk allowed vlan list
spanning-tree port type network
desc vPC Peer-Link
vpc peer-link
switchport mode trunk
sw trunk allowed vlan list
spanning-tree port type network
vpc domain 100
peer-switch
role priority 4096
system priority 4096
peer-keepalive destination 1.1.1.3 source 1.1.1.2 vrf management
peer-switch
role priority 4096
system priority 4096
peer-keepalive destination 1.1.1.3 source 1.1.1.2 vrf management
fex 100
desc "FEX 100"
pinning max-links 1
pinning max-links 1
fex 101
desc "FEX 101"
desc "FEX 101"
pinning max-links 1
int eth1/9-10
channel-group 100
channel-group 100
int eth1/11-12
channel-group 101
channel-group 101
int po100
switchport mode fex-fabric
fex associate 100
vpc 100
switchport mode fex-fabric
fex associate 100
vpc 100
int po101
switchport mode fex-fabric
fex associate 101
vpc 101
switchport mode fex-fabric
fex associate 101
vpc 101
On NX5K-2
int mgmt0
ip add 1.1.1.3/29
ip add 1.1.1.3/29