Archive

Category Archives for "Networking"

One-liner iptables rule to Filter NTP Reflection on Linux Hypervisor

Anybody annoyed enough with massive NTP monlist floods over the weekend? If you did like I did, I believe what immediately came to your mind was, “this shouldn’t have happened if they just had put a ‘default ignore’ line in their ntp.conf file!” But unfortunately there are some people who’re not like you, including casual […]

Author information

Tamihiro Yuzawa

Tamihiro Yuzawa

Tamihiro Yuzawa is a network engineer at Sakura Internet, one of Japan's major data center service providers. Before he joined Sakura in 2007, he spent five years at a busy CRM service provider. Both companies have allowed him to stay mostly within the intersection of these circles, and he is pretty much determined to remain in a serious relationship with both Dev and Ops.

The post One-liner iptables rule to Filter NTP Reflection on Linux Hypervisor appeared first on Packet Pushers Podcast and was written by Tamihiro Yuzawa.

Python bindings for the HP VAN SDN Controller

For the last 9 months, I've been silently working on a little pet project. It's finally ready to be released in to the wild and to be used by one and all for creating Python-based SDN Applications for the HP VAN SDN Controller.

Introducing the hp-sdn-client

When I started working with the HP VAN SDN Controller (while it still had a cool code name) it became immediately apparent to me that extending the controller with Java applications is not for everyone. There's lots of heavy lifting to be done with things like Maven, OSGi and Remote Debugging. Not only that, but I am not a "Java guy" (or was not until recently to be more exact) and being able to rapidly prototype applications in Python appealed to me.

The HP VAN SDN Controller's REST API exposes a large amount of the functionality available to the Java API with the exception of handling OpenFlow Packet-In, Packet-Out events. For a large number of applications this is absolutely fine, and this is where I hope this library will be useful.

The library is licensed under the Apache 2.0 license so it's free for all to use. The source is hosted on GitHub Continue reading

Migrating from WordPress to Pelican on PaaS – Part 2

Part 2 of a this 3 part series examines how I created my Pelican blog and migrated my Wordpress content with me.

Part 2: The Wordpress to Pelican Migration

The Plan

If you haven't read Part 1 already, it will give you some background as to what I'm doing and why I'm doing it.

Starting the Pelican Project

Assuming you already have a working Python, starting a new blog is as easy as installing a few dependencies and using the pelican-quickstart

pip install pelican Markdown
mkdir blog
cd blog
pelican-quickstart
Welcome to pelican-quickstart v3.3.0.

This script will help you create a new Pelican-based website.

Please answer the following questions so this script can generate the files
needed by Pelican.


> Where do you want to create your new web site? [.]
> What will be the title of this web site? Dave's Blog
> Who will be the author of this web site? Dave Tucker
> What will be the default language of this web site? [en]
> Do you want to specify a URL prefix? e.g., http://example.com   (Y/n) Y
> What is your URL prefix? (see  Continue reading

The Target data breach

According to news reports, credit card information from Target’s point of sales systems was stolen after hackers gained access to the systems of an HVAC contractor that had remote access to Target’s network.

Network virtualization is an important tool that can be used to prevent (or at the very least place barriers) to similar attacks in the future. Increasingly retail stores deploy multiple applications that must be accessible remotely. HVAC systems are an example, but retail locations also often support signage applications (advertisement panels), wifi guest networks, etc.

Most of these applications will contain a mix of physical systems on the branch, applications running in the data-center, as well a remote access to contractors.

From a network segmentation perspective, it is important to be able to create virtual networks that can span the WAN and the data-center. The obvious technology choice for network virtualization in the branch is to be use MPLS L3VPN. It is a technology that is supported in CE devices and that can be deployed over a enterprise or carrier managed private network.

The branch office CE will need to be configured with multiple VLANs, per virtual-network, where physical systems reside. In order to have a Continue reading

Where Are All the Operators in the IETF Standards Process?

Network operators – service providers, enterprises, engineers, architects, data-centers, campuses, etc. – are responsible for keeping the packets flowing across their network(s). The Internet Engineering Task Force (IETF) designs, develops, and documents the standard protocols network operators use in and on their networks. In a perfect world, operators would be part of the IETF process […]

Author information

Chris Grundemann

Director, Deployment and Operationalization at Internet Society

Chris Grundemann (JNCIE #449) is a passionate Internet Technologist and a strong believer in the Internet's power to aid in the betterment of humankind. In his current role as Director of Deployment and Operationalization (DO) at the Internet Society, Chris is focused on helping to get key Internet technologies, such as IPv6 and DNSSEC, deployed around the globe. He has over a decade of experience as both a network engineer and architect designing, building, and operating large IP, Ethernet, and Wireless Ethernet networks. Chris has 11 patents pending and is the author of Day One: Exploring IPv6 and Day One: Advanced IPv6 Configuration, as well as several IETF Internet Drafts, a CircleID blog, a personal weblog, and various other industry papers and blogs. He is the Continue reading

Migrating from WordPress to Pelican on PaaS – Part 1

I've been blogging with Wordpress for the last 5 years on and off. It has some great features and is very easy to use, but it's not for me. This series of posts documents my transition from Wordpress to Pelican.

Part 1: Motivation and Decisions

What's Wrong With Wordpress?

There are a few things about Wordpress that have been bothering me lately

  • Performance
  • Backup/Restore
  • Comment Bots
  • Portability

As with anything that relies on server-side scripting, there is performance hit when loading pages. I've been running my blog on a Linode 1024 VPS ($20 per month) and had found that I had to move from Apache to Nginx to get decent performance with Wordpress. Adding Caching to the equation with one of the many caching plugins available has also helped, but this is a rather complex solution. Another performance bottleneck is the database...

Wordpress requires a MySQL database in the back end. I am not a big MySQL fan and would prefer to run Postgres or MariaDB but this isn't officially supported in Wordpress right now. Not only is a performance bottleneck, but it is also another thing that needs to be backed up.

The Backup/Restore capabilities of Wordpress are decent, Continue reading

WLPC Conference Day 1 Highlights

I'm here at the WLAN Professionals Conference (#WLPC if you're following on Twitter). This is the first of what hopefully will turn into an annual conference dedicated to the Wi-Fi industry. But this conference is a bit different than what you might think a typical conference is. First and foremost, it's got a grassroots, peer-to-peer focus. It's engineers talking about Wi-Fi and gathering for discussion. It's not overly promoted by vendors or full of presentations with marketing drivel. Instead, it's just people who are passionate about this technology coming together to share their knowledge and experiences with each other to better everyone! What a great concept!

There are over 100+ attendees, many of whom are also presenters. I hear there was more demand than seats available, so next year Keith Parsons, organizer of the event, should have a solid baseline to grow the conference and allow more of you (the community) to attend and get involved. What's also great is that many of the presentations have been interactive, with great questions and quality discussion fostering the entire group to share information. The focus on the technology instead of the marketing that so often surrounds the technology and products Continue reading

CEF Secret Attributes, Part 3

In Part 1 we saw we can mark prefixes in CEF with certain attributes that might give us interesting things to play with. In Part 2 we found we could track traffic patterns with the traffic_index tag. We will now turn our attention to the qos-group parameters. Let’s say we would like four categories of […]

Author information

Dan Massameno

Dan Massameno is the president and Chief Engineer at Leaf Point, a network engineering firm in Connecticut.

The post CEF Secret Attributes, Part 3 appeared first on Packet Pushers Podcast and was written by Dan Massameno.

1 3,327 3,328 3,329 3,330 3,331 3,410