WISP Design – An overview of adding IPv6 to your WISP

The challenge of adding IPv6 to your WISP

IPv6 is one of those technologies that can feel pretty overwhelming, but it doesn’t have to be. Many of the same ideas and concepts learned in IPv4 networking still apply.

This guide is meant to give you an overview of an example IPv6 addressing plan for an entire WISP as well as the config needed in MikroTik to deploy IPv6 from a core router all the way to a subscriber device.

 

Benefits of adding IPv6

  • Public addressing for all subscribers – reduced need for NAT
  • Regulatory compliance – public addressing that is persistent makes it much easier to be compliant for things like CALEA
  • Reduced complaints from gamers – Xbox and Playstation both have IPv6 networks and prefer IPv6. This reduces complaints from customers who have gaming consoles that have detected an “improper” NAT configuration.
  • Increased security – IPv6, while not impervious to security threats makes it much harder for attackers to scan IPs due to the sheer size of the IP space. If using privacy extensions with SLAAC, it also makes it much harder to target someone online as the IP address seen on the internet changes randomly.
  • Improved real Continue reading

WISP Design – An overview of adding IPv6 to your WISP

The challenge of adding IPv6 to your WISP

IPv6 is one of those technologies that can feel pretty overwhelming, but it doesn’t have to be. Many of the same ideas and concepts learned in IPv4 networking still apply.

This guide is meant to give you an overview of an example IPv6 addressing plan for an entire WISP as well as the config needed in MikroTik to deploy IPv6 from a core router all the way to a subscriber device.

 

Benefits of adding IPv6

  • Public addressing for all subscribers – reduced need for NAT
  • Regulatory compliance – public addressing that is persistent makes it much easier to be compliant for things like CALEA
  • Reduced complaints from gamers – Xbox and Playstation both have IPv6 networks and prefer IPv6. This reduces complaints from customers who have gaming consoles that have detected an “improper” NAT configuration.
  • Increased security – IPv6, while not impervious to security threats makes it much harder for attackers to scan IPs due to the sheer size of the IP space. If using privacy extensions with SLAAC, it also makes it much harder to target someone online as the IP address seen on the internet changes randomly.
  • Improved real Continue reading

A Matter of Perspective

Have you ever taken the opportunity to think about something from a completely different perspective? Or seen someone experience something you have seen through new eyes? It’s not easy for sure. But it is a very enlightening experience that can help you understand why people sometimes see things entirely differently even when presented with the same information.

Overcast Networking

The first time I saw this in action was with Aviatrix Systems. I first got to see them at Cisco Live 2018. They did a 1-hour presentation about their solution and gave everyone an overview of what it could do. For the networking people in the room it was pretty straightforward. Aviatrix did a lot of the things that networking should do. It was just in the cloud instead of in a data center. It’s not that Aviatrix wasn’t impressive. It’s the networking people have a very clear idea of what a networking platform should do.

Fast forward two months to Cloud Field Day 4. Aviatrix presents again, only this time to a group of cloud professionals. The message was a little more refined from their first presentation. They included some different topics to appeal more to a cloud audience, such Continue reading

An empirical analysis of anonymity in Zcash

An empirical analysis of anonymity in Zcash Kappos et al., USENIX Security’18

As we’ve seen before, in practice Bitcoin offers little in the way of anonymity. Zcash on the other hand was carefully designed with privacy in mind. It offers strong theoretical guarantees concerning privacy. So in theory users of Zcash can remain anonymous. In practice though it depends on the way those users interact with Zcash. Today’s paper choice, ‘An empirical analysis of anonymity in Zcash’ studies how identifiable transaction participants are in practice based on the 2,242,847 transactions in the blockchain at the time of the study.

We conclude that while it is possible to use Zcash in a private way, it is also possible to shrink its anonymity set considerably by developing simple heuristics based on identifiable patterns of usage.

The analysis also provides some interesting insights into who is using Zcash and for what as well. Founders and miners combined account for around 66% of the value drawn from the shielded pool.

The code for the analysis is available online at https://github.com/manganese/zcash-empirical-analysis

Zcash guarantees and the shielded pool

Zcash is based on highly regarded research including a cryptographic proof of the main privacy feature Continue reading

Running the gcloud CLI in a Docker Container

A few times over the last week or two I’ve had a need to use the gcloud command-line tool to access or interact with Google Cloud Platform (GCP). Because working with GCP is something I don’t do very often, I prefer to not install the Google Cloud SDK; instead, I run it in a Docker container. However, there is a trick to doing this, and so to make it easier for others I’m documenting it here.

The gcloud tool stores some authentication data that it needs every time it runs. As a result, when you run it in a Docker container, you must take care to store this authentication data outside the container. Most of the tutorials I’ve seen, like this one, suggest the use of a named Docker container. For future invocations after the first, you would then use the --volumes-from parameter to access this named container.

There’s only one small problem with this approach: what if you’re using another tool that also needs access to these GCP credentials? In my case, I needed to be able to run Packer against GCP as well. If the authentication information is stored inside a named Docker container (and then accessed Continue reading

IDG Contributor Network: On the road to your IoT adventure: planning, deployment and measurement (Part 2)

Welcome to the second installment in my series on how organizations can get started on the road to success with their Internet of Things (IoT) projects. In the first part of my series based on “Building the Internet of Things – a Project Workbook,” I explained how to identify your IoT vision and path to value. The next steps include planning, deployment and measuring your success. Let’s get started.Benchmark your organization against industry peers The first step is to determine how your organization stacks up to its industry peers.  Benchmarking will help establish metrics you can use to validate your project, secure funding, evaluate your team and promote success after the project is complete. It also helps establish a baseline, allowing you to see where you stand at the beginning of the project, so you can measure how far you’ve come at the end. You can use the benchmarking method of your choice, but I encourage you to evaluate the following areas:To read this article in full, please click here

IDG Contributor Network: Beware the networking industrial complex

There is a status quo in the networking industry that is the enemy of innovation. The major hardware equipment makers collectively benefit by propagating the many layers of equipment and protocols. This “deep state” that exists within our innovation economy must be defeated to unleash the next wave of innovative networking, which will be software-based and ideally designed to support business applications and services.One leader of the Networking Industrial Complex has a certified army of mercenaries that are compensated by unsuspecting enterprises to architect networks. These mercenaries attend training camps to be reprogrammed on a frequent basis. Examinations are held to ensure compliance. This entire system ensures that networking architectures, techniques and methods will not change. It’s no wonder many executives of companies are handing the keys to IT and networking to third parties.To read this article in full, please click here

IDG Contributor Network: Beware the networking industrial complex

There is a status quo in the networking industry that is the enemy of innovation. The major hardware equipment makers collectively benefit by propagating the many layers of equipment and protocols. This “deep state” that exists within our innovation economy must be defeated to unleash the next wave of innovative networking, which will be software-based and ideally designed to support business applications and services.One leader of the Networking Industrial Complex has a certified army of mercenaries that are compensated by unsuspecting enterprises to architect networks. These mercenaries attend training camps to be reprogrammed on a frequent basis. Examinations are held to ensure compliance. This entire system ensures that networking architectures, techniques and methods will not change. It’s no wonder many executives of companies are handing the keys to IT and networking to third parties.To read this article in full, please click here

BrandPost: 10 new terms that will help define the future of 5G

Ciena Bo Gowan, Leader, Social Media 5G is coming, and with it a host of new terms and acronyms. We try to make sense of it all with definitions for the ones that matter most for the future of 5G network architectures.Trying to digest the vast amounts of information related to 5G is like drinking from a fire hydrant, and it doesn’t help that there is a litany of new terms being introduced as part of the journey to 5G architectures.To read this article in full, please click here

IDG Contributor Network: 5 ways IoT device management differs from MDM

They say necessity is the mother of invention, and the accelerating pace of the mobile revolution is no exception. The proliferation of mobile devices affected countless industries, creating a powerful need for businesses to manage those devices. And so, mobile device management (MDM) was born. While these solutions have evolved considerably over the years to keep pace with new technologies and innovations, their core function remains enabling IT personnel to remotely manage, track, troubleshoot and secure devices – mostly smartphones and tablets these days.It’s easy to see the parallels between the factors driving the development and adoption of MDM – namely device control and security – and those that brought about IoT device management. Similarities in concepts and terminologies further cloud the distinction between the two. But, as any company that has attempted to repurpose an MDM solution for the management of IoT devices can attest, the resemblance is only superficial.To read this article in full, please click here

Supermicro unveils an insanely fast, insanely thin storage server

You want fast? Supermicro has introduced a new 1U server filled with Samsung-made NF1 SSD drives with capacity as high as 576TB and throughput of up 20GB/sec and 10 million IOPS.By comparison, a server with 15,000 RPM SAS hard disks can manage about 175-210 IOPS.There are other devices capable of 10 million IOPS, such as the EMC DSSD D5, but that was a massive 5U unit and has since been discontinued. The server uses Samsung’s NF1 form-factor (formerly known as NGSFF), which look like very large M.2 drives and come with two rows of NAND flash chips, maximizing capacity. Samsung has already shown off the drives in 8TB and 16TB capacities.[ Check out 10 hot storage companies to watch. | Get regularly scheduled insights by signing up for Network World newsletters. ] The new Supermicro product, the SSG-1029P-NMR36L, has 36 18TB NF1 drives in its 1U chassis, doubling the capacity of a model introduced in January with 288TB. The server also comes with two 28-core Xeon SP processors and holds up to 3TB of memory in 24 DIMM slots and dual 16-lane PCIe network cards.To read this article in full, please click here

IDG Contributor Network: How the IoT helps you make money, save money and stay out of jail

The joke goes like this: “There are only three reasons to complete an Internet of Things project – to make money, save money and stay out of jail.” The truth of the first two reasons is easy enough to demonstrate. The third is more complex.First, it’s an exaggeration for effect. The punchline infers that a properly implemented IoT project should help companies avoid violating data protection and compliancy rules, but the penalty for that is fines, not jail. In addition, even the idea that the IoT helps companies avoid compliance troubles is unproven.High-profile security breaches that exploited Internet of Things (IoT) vulnerabilities have created major business concerns, and people really aren’t sure how safe IoT is. These breaches have redoubled industry efforts to make the IoT as secure as possible, and the joke implies that these efforts are succeeding. But that’s debatable.To read this article in full, please click here

1 1,460 1,461 1,462 1,463 1,464 3,835