Parsing a Routing Table with Python – Part 2
GETTING READY In the previous article (they’re split to make them easier to read) I talked about the theory and representation. How a properly formatted data structure and a non-formatted data...[[ Summary content only, you can read everything now, just visit the site for full story ]]
Parsing a Routing Table with Python – Part 1
It’s all in the API’s, well, not exactly, not everything you want to get or parse is handed down in a nicely formatted XML file or JSON format. These file structures translate to some type of data...[[ Summary content only, you can read everything now, just visit the site for full story ]]
Parsing a Routing Table with Python – Part 2
In the previous article (they’re split to make them easier to read) I talked about the theory and representation. How a properly formatted data structure and a non-formatted data structure look like....[[ Summary content only, you can read everything now, just visit the site for full story ]]
Parsing a Routing Table with Python – Part 2
In the previous article (they’re split to make them easier to read) I talked about the theory and representation. How a properly formatted data structure and a non-formatted data structure look like....[[ Summary content only, you can read everything now, just visit the site for full story ]]
Indonesia Hijacks the World
Yesterday, Indosat, one of Indonesia’s largest telecommunications providers, leaked large portions of the global routing table multiple times over a two-hour period. This means that, in effect, Indosat claimed that it “owned” many of the world’s networks. Once someone makes such an assertion, typically via an honest mistake in their routing policy, the only question remaining is how much of the world ends up believing them and hence, what will be the scale of the damage they inflict? Events of this nature, while relatively rare, are certainly not unheard of and can have geopolitical implications, such as when China was involved in a similar incident in 2010.
Keep in mind that this is how the Internet is designed to work, namely, on the honor system. Like Twitter and Facebook, where you can claim to be anyone you want, Internet routing allows you to lay claim to any network you want. There is no authentication or validation. None. But unlike Twitter and Facebook, such false claims propagate through the world in a matter of seconds and decisions, good or bad, are made algorithmically by routers, not humans. This means that innocent errors can have immediate global impacts. In this incident, Continue reading
Hijack event today by Indosat
Today we observed a large-scale ‘hijack’ event that affected many of the prefixes on the Internet. This blog post is to provide you with some additional information.
What happened?
Indosat, AS4761, one of Indonesia’s largest telecommunication networks normally originates about 300 prefixes. Starting at 18:26 UTC (April 2, 2014) AS4761 began to originate 417,038 new prefixes normally announced by other Autonomous Systems such as yours. The ‘mis-origination’ event by Indosat lasted for several hours affecting different prefixes at different times until approximately 21:15 UTC.
What caused this?
Given the large scale of this event we presume this is not malicious or intentional but rather the result of an operational issue. Other sources report this was the result of a maintenance window gone bad. Interestingly we documented a similar event involving Indosat in 2011, more details regarding that incident can be found here: http://www.bgpmon.net/hijack-by-as4761-indosat-a-quick-report/
Impact
The impact of this event was different per network, many of the hijacked routes were seen by several providers in Thailand. This means that it’s likely that communication between these providers in Thailand (as well as Indonesia) and your prefix may have been affected.
One of the heuristics we look at to determine the Continue reading
10 Wi-Fi Terms You’ve Probably Been Using Incorrectly
Sometimes we fall into bad habits. Unfortunately, the improper use of terminology is quite common in the Wi-Fi industry. This can cause a great deal of confusion when people discuss technical topics. Therefore, as a Wi-Fi industry, I think we should start referring to the following terms using more accurate terminology so we are all on the same page.Here goes:
- Over-the-Air Rogue APs - if it's not on your wired network, it's NOT a "Rogue AP" so let's start calling them Neighboring APs so we all know what someone is talking about rather than having to inquire each and every time someone mentions a rogue for clarification. And let's reserve using the term Rogue APs for when unauthorized APs are on the internal wired network.
Correct Term: Neighboring APs - Co-Channel Interference (CCI) - APs and clients that are operating on the same channel don't cause interference with one another, they contend for the same airtime and backoff if another one is transmitting. This is distinctly different from interference where a transmission cannot be properly decoded because the receiver can't distinguish the valid signal from noise.
Correct Term: Co-Channel Contention (CCC) - Collision - okay, here is one that most of Continue reading
Fun with Router IP Traffic Export and NSM
The BasicsI finally got around to setting up Security Onion (the best network security monitoring package available) to monitor my home network, only to discover that my Cisco 891 router doesn't support support the right form of SPAN. Here's how I worked around it. The topology looks like this:
The 891 router has an integrated 8-port switch module, so the simple case would have been a traditional SPAN setup; something like this:
! vlan 10 is the user VLAN
monitor session 1 source interface vlan 10
monitor session 1 destination interface FastEthernet0
with the server's monitoring NIC connected to FastEthernet0.
The problem is that the 891 doesn't support using a VLAN as a source interface, and because of the way the embedded WAP works, a physical source interface won't work either. Hence, I turned to an obscure feature that's helped me occasionally in the past: Router IP Traffic Export. This is a feature for IOS software platforms that enables you to enable SPAN-like functions for almost any source interface.
The configuration looks like this:
ip traffic-export profile RITE_MIRROR
interface FastEthernet0
bidirectional
mac-address 6805.ca21.2ddd
interface Vlan10
ip traffic-export apply RITE_MIRROR
This takes all traffic routed across Continue reading
Fun with Router IP Traffic Export and NSM
The BasicsI finally got around to setting up Security Onion (the best network security monitoring package available) to monitor my home network, only to discover that my Cisco 891 router doesn't support support the right form of SPAN. Here's how I worked around it. The topology looks like this:
The 891 router has an integrated 8-port switch module, so the simple case would have been a traditional SPAN setup; something like this:
! vlan 10 is the user VLAN
monitor session 1 source interface vlan 10
monitor session 1 destination interface FastEthernet0
with the server's monitoring NIC connected to FastEthernet0.
The problem is that the 891 doesn't support using a VLAN as a source interface, and because of the way the embedded WAP works, a physical source interface won't work either. Hence, I turned to an obscure feature that's helped me occasionally in the past: Router IP Traffic Export. This is a feature for IOS software platforms that enables you to enable SPAN-like functions for almost any source interface.
The configuration looks like this:
ip traffic-export profile RITE_MIRROR
interface FastEthernet0
bidirectional
mac-address 6805.ca21.2ddd
interface Vlan10
ip traffic-export apply RITE_MIRROR
This takes all traffic routed across Continue reading
OUTAGES: They Suck, But Let’s Share the After-Action Reports
“It’s impossible to solve significant problems using the same level of knowledge that created them!” –Albert Einstein Outages happen- it’s a simple fact of running any type of system, be it network, server, application, aviation, nuclear, etc. Urs Hölzle, a Distinguished Fellow at Google and it’s first vice president of engineering, plainly states it this […]
Author information
Great News for Networkers: Embrane’s 2014 Is Off to a Great Start!
The hype surrounding SDN (Software-Defined Networking) and now NFV (Network Function Virtualization) is widely known. As one of the first to enter the market of innovative network solutions, I have seen new players enter (and exit) while others have re-positioned themselves to try to get a share of the pie. I’m proud to say that we have remained committed to the vision we laid out at the beginning and are delivering real products to real customers that execute on that vision.
While championing the advantages and benefits that SDN enables, in many ways we steered clear of the hype around Layer 2 solutions created to solve problems that customers don’t have. We listened to customers that craved solutions that are disruptive, but not destructive. We focused on delivering evolutionary solutions that provided new tools to the right people rather than forcing unnecessary organization and infrastructure changes; and our customers rewarded us with their investments.
Today, we are announcing our support for OpFlex, a new open, standards-based protocol that provides a unique mechanism to enable a network controller such as Cisco’s Application Policy Infrastructure Controller (APIC) to transfer abstract policies to a set of “smart” devices capable of directly rendering Continue reading
Response: Best Of Interop 2014 Winners Unveiled
Well deserved Overall Best of Interop (in my opinion) for OpenDaylight Hydrogen release. As the IEEE and IETF fail deliver on innovation we are turning to open source for real progress & change in networking. While the Open Daylight Hydrogen release is a bit rough, it deserves the Best of Interop award for the reasons […]
The post Response: Best Of Interop 2014 Winners Unveiled appeared first on EtherealMind.
The Value of a Microsecond
While perusing vendor datasheets, have you ever questioned the inclusion of seemingly insignificant latency specifications? Take a look at Arista's line-up, for instance. Their 7500 series chassis lists a port-to-port latency of up to 13 microseconds (that's thirteen thousandths of a millisecond) whereas their "ultra-low latency" 7150 series switches provide sub-microsecond latency.
But who cares? Both values can be roughly translated as "zero" for us wetware-powered humans. (For reference, 8,333 microseconds pass in the time it takes your shiny new 120 Hz HDTV to complete one screen refresh.) So, does anyone really care about such obscenely low latency?
For a certain few organizations involved in high-frequency stock trading, those shaved microseconds can add up to billions of dollars in profit. The New York Times recently published an article titled The Wolf Hunters of Wall Street by Michael Lewis, which reveals how banks have leveraged low network latency to manipulate stock prices in open markets. (Thanks to @priscillaoppy for the tip!)
The increments of time involved were absurdly small: In theory, the fastest travel time, from Katsuyama’s desk in Manhattan to the BATS exchange in Weehawken, N.J., was about two milliseconds, and the slowest, from Continue reading
Fibre Channel: The Heart of New SDN Solutions
From Juniper to Cisco to VMware, companies are spouting up new SDN solutions. Juniper’s Contrail, Cisco’s ACI, VMware’s NSX, and more are all vying to be the next generation of data center networking. What is surprising, however, is what’s at the heart of these new technologies.
Is it VXLAN, NVGRE, Openflow? Nope. It’s Fibre Channel.
Seriously.
If you think about it, it makes sense. Fibre Channel has been doing fabrics since before we ever called Ethernet fabrics, well, fabrics. And this isn’t the first time that Fibre Channel has shown up in unusual places. There’s a version of Fibre Channel that runs inside certain airplanes, including jet fighters like the F-22.
Keep the skies safe from FCoE (sponsored by the Evaluator Group)
New generation of switches have been capable of Data Center Bridging (DCB), which enables Fibre Channel over Ethernet. These chips are also capable of doing native Fibre Channel So rather than build complicated VPLS fabrics or routed networks, various data center switching companies are leveraging the inherent Fibre Channel capabilities of the merchant silicon and building Fibre Channel-based underlay networks to support an IP-based overlay.
Buffer-to-buffer (B2B) credit system and losslessness of Fibre Channel, plus the new 32/128 Continue reading
Route Analytics in the Age of SDN – Now, More than Ever.
Route Analytics in the Age of SDN - Now, More than Ever.
by Brian Boyko, Technology Commentator - April 1, 2014
One of the biggest problems that may delay widespread SDN adoption is not a problem of coding or engineering, but one of poetry.
Network management is about logic and reason, but our nomenclature was written by poets. Even the word “networking” calls to the image a “netting work” - like you would find on a hammock or trapeze artist's safety net. We talk about network “pipes,” and conjure throughput like liquid water flowing through Roman aqueducts or modern PVC piping. We think of the “flow” of data through those pipes, though the only “fluid” is the movement of electrons – if that.
Metaphors that are inelegant or uninformative (“Information Superhighway” for example) fail.
Which is why SDN can be hard to envision. Intellectually, we know that it is about separating the control of where data is sent and the hardware that actually sends it. But what metaphor can we conjure that makes sense to explain this concept?
This is a problem for poets.
One metaphor that was recently used in IT Business Edge was the idea of “relying Continue reading
FCC Eases Restrictions on 5GHz UNII-1 Band
The FCC just made an unofficial news release of pending action that was approved at today's commission hearing which eases restrictions on the existing 5 GHz UNII-1 frequency band (5.150-5.250 GHz, Wi-Fi channels 36-48).To quote from the news release (emphasis added by me):
By its action the Commission significantly increased the utility of the 100 megahertz of spectrum, and streamlined existing rules and equipment authorization procedures for devices throughout the 5 GHz band.This ruling makes the following changes to the UNII-1 band:
- Removes restriction on indoor use. Now the UNII-1 band can be used outdoors as well. This will allow use of the band by WISPs and for outdoor hotspot deployments which are rapidly growing with the support of telecommunications and cable operators.
- Increases the allowed power output. The power output had been lower in UNII-1 than other 5 GHz UNII bands due to indoor-only use (50mW IR, 200mW EIRP). Exact details of the new power limits have not been released, but it is fair to assume the UNII-1 band will have similarly capable power output as
UNII-2/2e bands (250mW IR, 1W EIRP)the UNII-3 band (1W IR, 4W EIRP). (Update after reviewing Commissioner Rosenworcel's Continue reading
The Packet Pushers At Dell’s Interop Booth Tuesday & Wednesday @ 3:45pm
The Dell networking team has asked the Packet Pushers to co-host a couple of Interop sessions at their booth. Greg Ferro and Ethan Banks will be at the Dell booth on Tuesday, 1-April and Wednesday, 2-April at 3:45pm. In the Tuesday session, we’ll be discussing the new Dell Z9500. In the Wednesday session, we’ll discuss […]
Author information
The post The Packet Pushers At Dell’s Interop Booth Tuesday & Wednesday @ 3:45pm appeared first on Packet Pushers Podcast and was written by Ethan Banks.
Beware the Ides of March: Subsea Cable Cut Trend Continues
Earlier this month, the International Cable Protection Committee, a submarine cable advisory group, held their annual plenary in Dubai. One question that they could have considered is: Why do so many submarine cables get cut in the February/March timeframe? In this blog, we’ll look back at the last three years and the submarine cable industry’s own version of March Madness.
2012
Two years ago in February 2012, we saw a rash of closely-timed submarine cable cuts, causing Internet disruptions extending into March. In one incident, three cables were simultaneously severed in the Red Sea on February 17th, and then a fourth was damaged on the 25th off the coast of Kenya. The fourth cable was the TEAMS (The East African Marine System) cable systems, which runs from Mombasa to Fujairah, UAE.
| We detailed the impact of the TEAMS cable break here, noting the resilience of many East African providers, who had purchased redundant capacity on the other two East African submarine cables: EASSy and SEACOM. The TEAMS cable would experience a second cut just weeks after it was repaired, which led TEAMS to threaten a lawsuit against the Kenya Ports Authority (KPA) over the repeated damage caused by Continue reading |