Stuff Spirent didn’t cover at NFD6
Spirent presented their Avalanche NEXT product at Gestalt IT's Network Field Day 6 event in September of this year.Disclaimers:
- I attended the event, somebody else picked up the tab, yada yada.
- I like Spirent. I've used their products, worked with their people and been to their offices several times, and have gradually become a fan. This fact might be coloring my opinions :)
What's Avalanche NEXT?
Avalanche NEXT is a software frontend for performing tests of security hardware (firewalls and whatnot). It's a modular system that allows simple creation of test components (clients, servers, subnets, protocols, etc...), mixing of modules to create various tests, scaling of the test, application fuzzing, etc... Check out 1:14 - 1:30 in the video below to get a flavor of how slick the interface is. I love that interactive pie chart.
This sort of testing is critical because security devices have some of the most misleading data sheets of anything we're likely to work with as network folks. Security box performance numbers depend heavily on what you're asking them to do. Will your current device survive if you enable SSL offload, application inspection, or similar features? You can try it out (fingers crossed! Continue reading
Remote LFA
In the last episode in our world wide tour of fast reroute mechanisms, we discussed Not-Via. While an interesting concept, Not-Via does require a number of extra IP addresses, as well as a new set of special routing advertisements, to work properly. So while Not-Via is conceptually simple, it hasn’t ever really been accepted as […]
Author information
IP Addresses and Traceback
This is an informal description the evolution of a particular area of network forensic activity, namely that of traceback. This activity typically involves using data recorded at one end of a network transaction, and using various logs and registration records to identify the other party to the transaction. Here we’ll look at the impact that IPv4 address exhaustion and IPv6 transition has had on this activity, and also note, as we explore this space, the changing role of IP addresses within the IP protocol architecture.CCIE RS v5 blueprint will be announced this month?
How does the internet work - We know what is networking
Please note that this article is more or less pure speculation. The fact is that CCIE R&S v5 blueprint will be presented 28th January 2014 on Milan’s Cisco live event everything else is yet to be announced. From Milan’s Cisco live 28.1.2014 there is an CCIE R&S v5 blueprint event scheduled. When Cisco wants to […]
How to Tell if TCP Payloads Are Identical
I was working on a problem today in which vendor tech support was suggesting that a firewall was subtly modifying TCP data payloads. I couldn't find any suggestion of this in the firewall logs, but seeing as how I've seen that vendor's firewall logs lie egregiously in the past, I wanted to verify it independently.I took a packet capture from both hosts involved in the conversation and started thinking about how to see if the data sent by the server was the same as the data received by the client. I couldn't just compare the capture files themselves, because elements like timestamps, TTLs, and IP checksums would be different.
After a bunch of fiddling around, I came up with the idea of using tshark to extract the TCP payloads for each stream in the capture file and hash the results. If the hashes matched, the TCP payloads were being transferred unmodified. Here are the shell commands to do this:
tshark -r server.pcap -T fields -e tcp.stream | sort -u | sed 's/r//' | xargs -i tshark -r server.pcap -q -z follow,tcp,raw,{} | md5sum
2cfe2dbb5f6220f29ff8aff82f7f68f5 *-
You then run exactly the same commands on the "client.pcap" file Continue reading
SDN Themes from ONUG – Community Matters!
I was privileged to attend the Open Networking User Group (ONUG) Conference, ONUG Academy and mini Tech Field Day event hosted by JP Morgan Chase on October 29 and 30.I attended at someone else's expense. Disclaimer. Additional disclaimer: I have a personal relationship with one of the people behind the ONUG conference. That fact will not color the opinions I express about ONUG. If I say I like something, it's because I like it, okay? :)
 |
| SDN Joke from Brent Salisbury's awesome ONUG presentation. I don't know these cats nor the owner of the photo. |
ONUG is founded on the idea that the Software Defined Network (SDN) user community needs to stand up for itself. Prior to ONUG the direction of SDN was set by a handful of players including:
- Vendors who are interested in shaping the SDN marketplace and standards bodies around the capabilities of their products, rather than around the problems being faced by their customers.
- Powerful end users who needed SDN to solve their own peculiar problems. The problems they're solving, and the techniques they're using do not align well with the challenges nor capabilities of mere enterprise users.
- Researchers, who took SDN Continue reading
Revell F-104G Starfighter 1/48
For best article visual quality, open Revell F-104G Starfighter 1/48 directly at NetworkGeekStuff.
Ok, this time there is something special, this is my first model where I used an air brush. As a complete beginner I got the Revell AirBrush starter kit as visible below. I was very happy with it, despite the fact that you cannot do much details with the basic pistol that is creating a paint flow that is too wide.
Revell basic AirBrush set
Regarding the F-104, let me borrow from wiki :
[wikipedia.org]:
The Lockheed F-104 Starfighter is a single-engine, high-performance, supersonic interceptor aircraft originally developed for the United States Air Force (USAF) by Lockheed. One of the Century Series of aircraft, it was operated by the air forces of more than a dozen nations from 1958 to 2004.
The F-104 served with the USAF from 1958 until 1969, and continued with Air National Guard units until 1975. The National Aeronautics and Space Administration (NASA) flew a small mixed fleet of F-104 types in supersonic flight tests and spaceflight programs until 1994.[2] USAF F-104Cs saw service during the Vietnam War, and F-104A aircraft were deployed by Pakistan briefly during the Indo-Pakistani wars. Continue reading
Of Mice and Elephants
[This post has been written by Martin Casado and Justin Pettit with hugely useful input from Bruce Davie, Teemu Koponen, Brad Hedlund, Scott Lowe, and T. Sridhar]
Overview
This post introduces the topic of network optimization via large flow (elephant) detection and handling. We decompose the problem into three parts, (i) why large (elephant) flows are an important consideration, (ii) smart things we can do with them in the network, and (iii) detecting elephant flows and signaling their presence. For (i), we explain the basis of elephant and mice and why this matters for traffic optimization. For (ii) we present a number of approaches for handling the elephant flows in the physical fabric, several of which we’re working on with hardware partners. These include using separate queues for elephants and mice (small flows), using a dedicated network for elephants such as an optical fast path, doing intelligent routing for elephants within the physical network, and turning elephants into mice at the edge. For (iii), we show that elephant detection can be done relatively easily in the vSwitch. In fact, Open vSwitch has supported per-flow tracking for years. We describe how it’s easy to identify elephant flows at the vSwitch and Continue reading
AirConsole Review
If you need regular console port access then nothing beats a fixed console router. However there are many times when that simply isn’t an option. For occasional console connections I use a Keyspan USB/Serial adaptor with my MacBook. It’s … Continue reading
The post AirConsole Review appeared first on The Network Sherpa.
Cisco IPsec VPN breakage on Windows 8[.1] and OS X 10.9
Oh, to be a Cisco IPsec VPN user these days… Now I know that we should get with the program and move to AnyConnect, since Cisco is EOL-ing the venerable Cisco VPN Client in 2014, but we have a large installed base, and since Cisco stopped making IPsec clients for Mac and Linux back in the […]
Author information
The post Cisco IPsec VPN breakage on Windows 8[.1] and OS X 10.9 appeared first on Packet Pushers Podcast and was written by Will Dennis.
Securing a DMVPN spoke – Part 2
In Part 1 we went through protecting the spoke from the outside world on the Internet and using the stateful inspection firewall CBAC, Content-Based Access Control, to dynamically allow returning traffic back in. CBAC works great for a single inside zone and a single outside zone. What if your business requirements have more than two […]
Author information
The post Securing a DMVPN spoke – Part 2 appeared first on Packet Pushers Podcast and was written by Charles Galler.
Dotless
It was never obvious at the outset of this grand Internet experiment that the one aspect of the network’s infrastructure that would truly prove to be the most fascinating, intriguing, painful, lucrative and just plain confusing, would be the Internet’s Domain Name System. After all, it all seemed so simple to start with.GNS3 topology for INE Workbook
How does the internet work - We know what is networking
Now that my topology in GNS3 is exactly as in INE Workbook 1 I can share it with you if you don’t want to do all the basic configurations and connections by yourself. After spending too much money on different rack rentals in the past few months I decided that I will definitely need to […]
phpIPAM version 0.9 released
Dear all, I am happy to announce new version of phpipam IP address management – version 0.9. 
New features, like Support for ICMP network discovery, ICMP check IP status in demand, Compressed (grouped) DHCP IP ranges and other were introduced. Most important are:
- Support for ICMP network discovery;
- Cron script to check status for selected subnets/hosts with threading suport (pcntl php extension required)
- ICMP check IP status in demand;
- Added folders;
- Compressed (grouped) DHCP IP ranges;
- Added subsections;
Some instructions on how to setup ICMP scanning will follow.
If you find phpIPAM useful for your company donations would be highly appreciated 
You can demo it here: http://demo.phpipam.net/
You can download it on sourceforge site: phpipam-0.9.
Special thanks to all the people submitting bug reports, translators and feature testers!
Screenshots:
Full changelog for this release is:
New features:
----------------------------
+ Support for ICMP network discovery;
+ Cron script to check status for selected subnets/hosts with threading suport (pcntl php extension required);
+ ICMP check IP status in demand;
+ Compressed (grouped) DHCP IP ranges;
+ API server version 0.1;
+ Option to show and group subnets by VLAN in subnets list;
+ Option to show and Continue reading
Out of the Mouths of Customers
It’s a busy week to say the least. Not only are we a sponsor of the 2nd Open Networking User Group (ONUG) meeting, we held our inaugural Technical Advisory Board (TAB) meeting. Leveraging the fact that many of our customers will be attending ONUG, we brought together some of the most forward-thinking networking and business professionals from enterprises, service providers and partners to talk about our company, our product roadmap and our ideal use cases.
Before I get into the highlights, I’d like to give Embrane a high-five because we can actually have a TAB made up of paying customers. In an industry currently dominated by PowerPoint slides and acronyms, having a shipping product that people are using is unique in its own right. Also, where there was a full day of great feedback and dialogue. I’m just going to cover three aspects of the discussion otherwise I would have to write a novel to capture everything.
Platform vs. Product
One of the liveliest discussions was around the value of Embrane to customers. If you’ve been following the Embrane story, you’ll recall we’ve been focusing our marketing message around application-centric networking and more specifically, as of late, application-centric Continue reading