TCP/IP, Sockets, and SIGPIPE

There is a spectre haunting the Internet -- the spectre of SIGPIPE errors. It's a bug in the original design of Unix networking from 1981 that is perpetuated by college textbooks, which teach students to ignore it. As a consequence, sometimes software unexpectedly crashes. This is particularly acute on industrial and medical networks, where security professionals can't run port/security scans for fear of crashing critical devices.

An example of why this bug persists is the well-known college textbook "Unix Network Programming" by Richard Stevens. In section 5.13, he correctly describes the problem.
When a process writes to a socket that has received an RST, the SIGPIPE signal is sent to the process. The default action of this signal is to terminate the process, so the process must catch the signal to avoid being involuntarily terminated.
This description is accurate. The "Sockets" network APIs was based on the "pipes" interprocess communication when TCP/IP was first added to the Unix operating system back in 1981. This made it straightforward and comprehensible to the programmers at the time. This SIGPIPE behavior made sense when piping the output of one program to another program on the command-line, as is typical under Unix: Continue reading

BGP LLGR: robust and reactive BGP sessions

On a BGP-routed network with multiple redundant paths, we seek to achieve two goals concerning reliability:

  1. A failure on a path should quickly bring down the related BGP sessions. A common expectation is to recover in less than a second by diverting the traffic to the remaining paths.

  2. As long as a path is operational, the related BGP sessions should stay up, even under duress.

Detecting failures fast: BFD⚓︎

To quickly detect a failure, BGP can be associated with BFD, a protocol to detect faults in bidirectional paths,1 defined in RFC 5880 and RFC 5882. BFD can use very low timers, like 100 ms.

However, when BFD runs in a process on top of a generic kernel,2 notably when running BGP on the host, it is not unexpected to loose a few BFD packets on adverse conditions: the daemon handling the BFD sessions may not get enough CPU to answer in a timely manner. In this scenario, it is not unlikely for all the BGP sessions to go down at the same time, creating an outage, as depicted in the last case in the diagram below.

BGP and failed sessions
Examples of failures on a network using BGP Continue reading

Validating RAML Files Using Docker

Back in July of this year I introduced Polyglot, a project whose only purpose is to provide a means for me to learn more about software development and programming (areas where am I sorely lacking real knowledge). In the limited spare time I’ve had to work on Polyglot in the ensuing months, I’ve been building out an API specification using RAML, and in this post I’ll share how I use Docker and a Docker image to validate my RAML files.

Since I was (am) using Visual Studio Code as my primary text editor/development environment these days, I started out by looking for a RAML extension that would provide some sort of linting/validation functionality. I found an extension to do RAML syntax highlighting, which seemed like a reasonable first step.

After a bit more research, I found that there was a raml-cli NPM package that one could use to validate RAML files from the command line. I was a bit leery of installing an NPM package on my system, so I thought, “Why not use a Docker container for this?” It will keep my system clean of excess/unnecessary packages and dependencies, and it will provide some practice with Continue reading

Election interference from Uber and Lyft

Almost nothing can escape the taint of election interference. A good example is the announcements by Uber and Lyft that they'll provide free rides to the polls on election day. This well-meaning gesture nonetheless calls into question how this might influence the election.

"Free rides" to the polls is a common thing. Taxi companies have long offered such services for people in general. Political groups have long offered such services for their constituencies in particular. Political groups target retirement communities to get them to the polls, black churches have long had their "Souls to the Polls" program across the 37 states that allow early voting on Sundays.

But with Uber and Lyft getting into this we now have concerns about "big data", "algorithms", and "hacking".

As the various Facebook controversies have taught us, these companies have a lot of data on us that can reliably predict how we are going to vote. If their leaders wanted to, these companies could use this information in order to get those on one side of an issue to the polls. On hotly contested elections, it wouldn't take much to swing the result to one side.

Even if they don't do this consciously, their Continue reading

Tech calendar 2018-19: Upcoming events of interest to IT pros

Tech Events Event Description Starts Ends Location AWS re:Invent AWS Re:invent is Amazon's opportunity to update IT and business leaders on the latest features of its cloud service.The event features keynote announcements, training and certification opportunities, access to more than 2,000 technical sessions, a partner expo, and more. 2018-11-26 2018-11-30 Las Vegas, NV IT Roadmap This one-day event focused on powering the agile enterprise looks at the latest approaches to make IT more responsive, nimble, and robust. 2018-12-06 2018-12-06 Washington, D.C. SXSW Covering everything from entertainment to entrepreneurship, this sprawling conference has tracks dedicated to Tech Industry & Enterprise, Coding & Development, Blockchain & Cryptocurrency, Health & Medtech, and VR/AR/MR. 2019-03-08 2019-03-17 Austin, TX Enterprise Connect Aimed at companies looking to upgrade or replace legacy systems or deploy and integrate next-gen communications and collaboration systems, services, apps and networks. 2019-03-18 2019-03-21 Orlando, FL Google Cloud Next Google Cloud Next is where the company announces all the latest updates to the Google Cloud Platform. The conference also offers educational, networking and hands-on opportunities for its more than 10,000 attendees. 2019-04-09 2019-04-11 San Francisco, CA Computex Taipei Based in Asia, this massive technology trade show and expo focuses on information Continue reading

Tech calendar 2018-19: Upcoming events of interest to IT pros

Tech Events Event Description Starts Ends Location AWS re:Invent AWS Re:invent is Amazon's opportunity to update IT and business leaders on the latest features of its cloud service.The event features keynote announcements, training and certification opportunities, access to more than 2,000 technical sessions, a partner expo, and more. 2018-11-26 2018-11-30 Las Vegas, NV IT Roadmap This one-day event focused on powering the agile enterprise looks at the latest approaches to make IT more responsive, nimble, and robust. 2018-12-06 2018-12-06 Washington, D.C. SXSW Covering everything from entertainment to entrepreneurship, this sprawling conference has tracks dedicated to Tech Industry & Enterprise, Coding & Development, Blockchain & Cryptocurrency, Health & Medtech, and VR/AR/MR. 2019-03-08 2019-03-17 Austin, TX Enterprise Connect Aimed at companies looking to upgrade or replace legacy systems or deploy and integrate next-gen communications and collaboration systems, services, apps and networks. 2019-03-18 2019-03-21 Orlando, FL Google Cloud Next Google Cloud Next is where the company announces all the latest updates to the Google Cloud Platform. The conference also offers educational, networking and hands-on opportunities for its more than 10,000 attendees. 2019-04-09 2019-04-11 San Francisco, CA Computex Taipei Based in Asia, this massive technology trade show and expo focuses on information Continue reading

App Micro-segmentation How To’s: Informatica, Oracle and SAP

consolidated posts from the VMware on VMware blog

Are you someone that prefers a blank sheet of paper or an empty text pad screen?  Do you get the time to have that thought process to create the words, images or code to fill that empty space?  Yes to both — I’m impressed!  Creating something from scratch is an absolutely magical feeling especially once it gets to a point of sharing or usefulness.  However, many of us spend a bit more of our time editing, building upon or debugging.  Fortunately, that can be pretty interesting as well.

In the case of setting up mico-segmentation with VMware NSX Data Center, you have a couple options on quickly getting started:

Those resources and more are great jumping off points especially since you likely have more than just Informatica, Oracle and SAP apps in your environments.

Now, should you have those Informatica, Oracle and SAP apps, then here’s the next level of details.  I’m Continue reading

Automation: Flow Control & Dimensionality

Human beings as we are, struggle sometimes to think multi-dimensionally about tasks. Our brains seem to have a conscious layer and a sub-conscious layer. Whether you think in words, noise or images, your brain is a single threaded engine with a silent co-processor that can either assist or annoy. Experience has shown that we look at network automation challenges through this shaped lens and try and solve things that makes sense to humans, but not necessarily for mechanized processes.

In an attempt not to lose my own thread, I’ll try and explain some different view points through examples.

Example One: I’m English, Make me some Tea!

Making a a cup of tea is a very English thing to do and the process of making one will suffice for this example.

Let’s look at the process involved:

// { type: activity}
(Start)-><a>[kettle empty]->(Fill Kettle)->|b|
<a>-(note: Kettle activities)
<a>[kettle full]->|b|->(Boil Kettle)->|c|
|b|->(Add Tea Bag)-><d>[Sugar: yes]->(Add Sugar)->(Add Milk)
<d>[Sugar: no]->(Add Milk)
<d>-(note: Sweet tooth?)
(Add Milk)->|c|->(Pour Boiled Water)
(Pour Boiled Water)->(Enjoy)->(Stop)

Fig.1

This makes us a relative standard cup of English breakfast tea.

Let’s assume macros exist for milk and sugar quantity and the dealing of a mug or best china Continue reading

When It Comes to IoT, We Must Work Together to #SecureIt

My first ever rendezvous with the word “IoT” was during my final year at a college conference, when a prominent regional start-up figure dispensed an oblique reference to it. I learned that IoT was the next big thing veering towards the mass market, which would eventually change the course of everyday human existence by making our way of life more convenient. What caught my attention was the term “things” in IoT – an unbounded category which could be anything from the the bed you sleep on, the clothes you drape, or even the personal toiletries you use.

The Internet of Things (IoT) is a class of devices that “can monitor their environment, report their status, receive instructions, and even take action based on the information they receive.” IoT connotes not just the device but also the complex network connected to the device. Multiple studies have revealed that there are more connected devices than people on the planet. Although, combining computers and networks to devices has existed for long, they were previously not integrated to consumer devices and durable goods, used in ordinary day to day life. Furthermore, IoT being an evolving concept, exhibiting a range of ever-changing features, Continue reading

Stuff The Internet Says On Scalability For October 19th, 2018

Hey, wake up! It's HighScalability time:

 

Now that's a cloud! The largest structure ever found in the early universe. The proto-supercluster Hyperion may contain thousands of galaxies or more. (Science)

 

Do you like this sort of Stuff? Please support me on Patreon. I'd really appreciate it. Know anyone looking for a simple book explaining the cloud? Then please recommend my well reviewed book: Explain the Cloud Like I'm 10. They'll love it and you'll be their hero forever.

 

  • four petabytes: added to Internet Archive per year; 60,000: patents donated by Microsoft to the Open Invention Network; 30 million: DuckDuckGo daily searches; 5 seconds: Google+ session length; 1 trillion: ARM device goal; $40B: Softbank investment in 5G; 30: Happy Birthday IRC!; 97,600: Backblaze hard drives; 15: new Lambda function minute limit; $120 Billion: Uber IPO; 12%: slowdown in global growth of internet access; 25%: video ad spending in US; 1 billion: metrics per minute processed at Netflix; 900%: inflated Facebook ad-watch times; 31 million: GitHub users; 19: new AWS Public datasets; 25%: IPv6 adoption; 300: requests for Nest data;  913: security Continue reading
1 1,439 1,440 1,441 1,442 1,443 3,854