Why Link-State Matters Andy Gospodarek Member of Technical Staff Cumulus Networks
|
|
- Esmond Wilkinson
- 7 years ago
- Views:
Transcription
1 v Why Link-State Matters Andy Gospodarek Member of Technical Staff Cumulus Networks LinuxCON Seattle 2015
2 Why Link-State Matters Agenda Why do we need this? What does the change look like? Any future changes planned? Any lessons worth sharing? 2
3 Why Link-State Matters The Problem 3
4 Why Link-State Matters Simple network setup p7p /24 R1 p9p /24 p8p /24 4
5 Why Link-State Matters p8p1 goes link-down p7p /24 R1 X p8p /24 p9p /24 5
6 Why Link-State Matters Result: Traffic black-holed 6
7 Why Link-State Matters Isn t this problem solved already? 7
8 Why Link-State Matters Userspace solutions netplugd ifplugd NetworkManager [insert name of favorite netlink-based application here] 8
9 Why Link-State Matters Userspace solutions All behave in a similar manner 9
10 Why Link-State Matters Userspace solutions Listen for netlink events indicating link status change 10
11 Why Link-State Matters Userspace solutions Call a script 11
12 Why Link-State Matters Userspace solutions Potential issues with these tools 12
13 Why Link-State Matters Userspace solutions Is the link down or just not configured? 13
14 Why Link-State Matters Userspace solutions # ip addr show p7p1 4: p7p1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu link/ether 08:00:27:9d:62:9f brd ff:ff:ff:ff:ff:ff 14
15 Why Link-State Matters Userspace solutions I think this interface is supposed to be up, so I ll go ahead and enable it. 15
16 Why Link-State Matters Userspace solutions # ifup p7p1 16
17 Why Link-State Matters Userspace solutions Result: Traffic black-holed 17
18 Why Link-State Matters How can we make the kernel do this for us? 18
19 Why Link-State Matters 2 choices 19
20 Why Link-State Matters Option 1 After a carrier state change, NETDEV_CHANGE events are sent mark routes with a down interface for the next hop appropriately 20
21 Why Link-State Matters Option 1 Check for that mark each time a frame is forwarded or originates 21
22 Why Link-State Matters Option 2 Check interface link status for a next hop each time a frame is forwarded or originates 22
23 Why Link-State Matters Either one should be able to enable or disable the forwarding decision based on sysctl/netconf setting 23
24 Why Link-State Matters Which one should we use? 24
25 Why Link-State Matters How about both? 25
26 Why Link-State Matters IPv4 FIB code uses Option 1 8a3d03166f19329b46c6f9e900f93a89f446077b 0eeb075fad736fb92620af995c47c204bbb5e829 96ac5cc e7d92e72a3f a3a2f 974d7af5fcc295dcf b2fe44fd74b0c 26
27 Why Link-State Matters IPv6 FIB code uses Option 2 cea45e208d700e9d633a636384a49f19cda979b d11173b8fea874183f8aa508ae71234d299 27
28 Why Link-State Matters Implementation details aside, both produce the exact same user experience 28
29 Why Link-State Matters IPv6 behaves the same way IPv4 example 29
30 Why Link-State Matters Routing table with quagga running # ip -4 route show /24 dev p7p1 proto kernel scope link src /24 dev p8p1 proto kernel scope link src linkdown /24 via dev p9p1 proto zebra metric /24 dev p9p1 proto kernel scope link src /24 nexthop via dev p7p1 weight 1 nexthop via dev p8p1 weight 1 linkdown 30
31 Why Link-State Matters No change in default behavior # ip route get dev p8p1 src cache # ip route get via dev p7p1 src cache # ip route get via dev p8p1 src cache 31
32 Why Link-State Matters Enable new sysctl for p8p1 # echo 1 > /proc/sys/net/ipv4/conf/p8p1/ignore_routes_with_linkdown 32
33 Why Link-State Matters linkdown routes are now also dead # ip -4 route show /24 dev p7p1 proto kernel scope link src /24 dev p8p1 proto kernel scope link src dead linkdown /24 via dev p9p1 proto zebra metric /24 dev p9p1 proto kernel scope link src /24 nexthop via dev p7p1 weight 1 nexthop via dev p8p1 weight 1 dead linkdown 33
34 Why Link-State Matters connected route no longer used # ip route get via dev p9p1 src cache # ip route get via dev p7p1 src cache # ip route get via dev p7p1 src cache 34
35 Why Link-State Matters linkdown routes are now also dead # ip -4 route show /24 dev p7p1 proto kernel scope link src /24 dev p8p1 proto kernel scope link src dead linkdown /24 via dev p9p1 proto zebra metric /24 dev p9p1 proto kernel scope link src /24 nexthop via dev p7p1 weight 1 nexthop via dev p8p1 weight 1 dead link-down 35
36 Why Link-State Matters Stop quagga 36
37 Why Link-State Matters route from quagga disappears # ip -4 route show /24 dev p7p1 proto kernel scope link src /24 dev p8p1 proto kernel scope link src dead linkdown /24 via dev p9p1 proto zebra metric /24 dev p9p1 proto kernel scope link src /24 nexthop via dev p7p1 weight 1 nexthop via dev p8p1 weight 1 dead linkdown 37
38 Why Link-State Matters /24 is unreachable # ip route get RTNETLINK answers: Network is unreachable # ip route get via dev p7p1 src cache # ip route get via dev p7p1 src cache 38
39 Why Link-State Matters Static configuration and status 39
40 Why Link-State Matters Configuration stored in netconf # ip -4 netconf ipv4 dev lo forwarding on... ignore_routes off ipv4 dev ip6_vti0 forwarding on... ignore_routes on ipv4 dev sit0 forwarding on... ignore_routes on ipv4 dev ip6tnl0 forwarding on... ignore_routes on ipv4 dev p2p1 forwarding on... ignore_routes off ipv4 dev p7p1 forwarding on... ignore_routes off ipv4 dev p8p1 forwarding on... ignore_routes on ipv4 dev p9p1 forwarding on... ignore_routes on ipv4 all forwarding on... ignore_routes on ipv4 default forwarding on... ignore_routes on 40
41 Why Link-State Matters Configuration via sysctl # cat /etc/sysctl.conf # System default settings live in /usr/lib/sysctl.d/00- system.conf. # To override those settings, enter new settings here, or... # # For more information, see sysctl.conf(5) and sysctl.d(5). net.ipv4.conf.all.forwarding = 1 net.ipv6.conf.all.forwarding = 1 net.ipv4.conf.all.ignore_routes_with_linkdown = 1 net.ipv4.conf.default.ignore_routes_with_linkdown = 1 net.ipv4.conf.p2p1.ignore_routes_with_linkdown = 0 net.ipv4.conf.p7p1.ignore_routes_with_linkdown = 0 net.ipv4.conf.p8p1.ignore_routes_with_linkdown = 1 41
42 Why Link-State Matters Future development plans? 42
43 Why Link-State Matters Consider not responding to IP address on down interface Status: Not implemented 43
44 Why Link-State Matters Send netlink notifications for any route that gets linkdown or dead flag set Status: Testing 44
45 Why Link-State Matters Test and ensure this is integrated with switchdev/forwarding offload layer Status: Testing IPv4, but no IPv6 switchdev offload support today 45
46 Why Link-State Matters Lessons Learned 46
47 Why Link-State Matters Below the netlink layer, IPv4 and IPv6 stacks are quite different 47
48 Why Link-State Matters Networking infrastructure sometimes takes more careful consideration than servers 48
49 Why Link-State Matters Final Thoughts 49
50 Why Link-State Matters Suggestions for new features can come from a variety of places keep your ears and eyes open 50
51 Thank You! 2014 Cumulus Networks. CUMULUS, the Cumulus Logo, CUMULUS NETWORKS, and the Rocket Turtle Logo (the Marks ) are trademarks and service marks of Cumulus Networks, Inc. in the U.S. and other countries. You are not permitted to use the Marks without the prior written consent of Cumulus Networks. The registered trademark Linux is used pursuant to a sublicense from LMI, the exclusive licensee of Linus Torvalds, owner of the mark on a world-wide basis. All other marks are used under fair use or license from their respective owners. cumulusnetworks.com 51
iproute2 and Advanced Linux Routing
iproute2 and Advanced Linux Routing What is iproute2 A collection of utilities for controlling TCP/IP networking and traffic control in Linux Usually shipped in a package called iproute or iproute2 and
More informationPolicy Routing in Linux
Policy Routing in Linux Matthew G. Marsh The classic TCP/IP routing algorithms used today make their routing decisions based only on the destination address of IP packets. However, we often find ourselves
More informationOpen Network Install Environment (ONIE) LinuxCon North America 2015
Open Network Install Environment (ONIE) LinuxCon North America 2015 Curt Brune, Member of Technical Staff August 2015 Agenda What is It? ONIE Solves a Real Problem ONIE Design Approach ONIE Adoption ONIE
More informationHost Configuration (Linux)
: Location Date Host Configuration (Linux) Trainer Name Laboratory Exercise: Host Configuration (Linux) Objectives In this laboratory exercise you will complete the following tasks: Check for IPv6 support
More informationIntroduction to NetGUI
Computer Network Architectures gsyc-profes@gsyc.escet.urjc.es December 5, 2007 (cc) 2007. Algunos derechos reservados. Este trabajo se entrega bajo la licencia Creative Commons Attribution-ShareAlike.
More informationAdvanced routing scenarios POLICY BASED ROUTING: CONCEPTS AND LINUX IMPLEMENTATION
Advanced routing scenarios POLICY BASED ROUTING: CONCEPTS AND LINUX IMPLEMENTATION What is wrong with standard IP forwarding? The IP forwarding algorithm selects the route according to the destination
More informationManaging Multiple Internet Connections with Shorewall
Managing Multiple Internet Connections with Shorewall Tom Eastep Linuxfest Northwest April 24-25, 2010 http://www.shorewall.net Agenda Introduction Routing Refresher Introduction to Policy Routing Policy
More informationPolicy Based Forwarding
Policy Based Forwarding Tech Note PAN-OS 4.1 Revision A 2012, Palo Alto Networks, Inc. www.paloaltonetworks.com Contents Overview... 3 Security... 3 Performance... 3 Symmetric Routing... 3 Service Versus
More informationHow To Make A Network Virtualization In Cumulus Linux 2.2.2 (X86) (Powerpc) (X64) (For Windows) (Windows) (Amd64) And (Powerpci) (Win2
v Cumulus Linux 2.2 What s New and Different (Technical) Last Updated: August 4, 2014 Evolution of Cumulus Linux Version Features introduced 2.2.x Host-MLAG Lightweight Network Virtualization (LNV) 2.1.x
More informationSDN/OpenFlow. Dean Pemberton Andy Linton
SDN/OpenFlow Dean Pemberton Andy Linton Agenda What is SDN and Openflow? Understanding Open vswitch and RouteFlow Understanding RYU and SDN applications Simple SDN programming python vs IOS or Junos! Building
More informationServer configuration for layer 4 DSR mode
ALOHA Load-Balancer - Application Note Document version: v1.1 Last update: 4th March 2014 EMEA Headquarters 3, rue du petit robinson ZAC des Metz 78350 Jouy-en-Josas France http://www.haproxy.com/ Purpose
More informationThis howto is also a bit old now. But I thought of uploading it in the howtos section, as it still works.
Assalam-u-alaikum, This howto is also a bit old now. But I thought of uploading it in the howtos section, as it still works. Created : Mid 2007 Last updated: Mid 2007 The following link is very nice tutorial
More informationRemoving The Linux Routing Cache
Removing The Red Hat Inc. Columbia University, New York, 2012 Removing The 1 Linux Maintainership 2 3 4 5 Removing The My Background Started working on the kernel 18+ years ago. First project: helping
More informationIP Address: the per-network unique identifier used to find you on a network
Linux Networking What is a network? A collection of devices connected together Can use IPv4, IPv6, other schemes Different devices on a network can talk to each other May be walls to separate different
More informationBridgewalling - Using Netfilter in Bridge Mode
Bridgewalling - Using Netfilter in Bridge Mode Ralf Spenneberg, ralf@spenneberg.net Revision : 1.5 Abstract Firewalling using packet filters is usually performed by a router. The packet filtering software
More informationnetkit lab MPLS VPNs with overlapping address spaces 1.0 S.Filippi, L.Ricci, F.Antonini Version Author(s)
netkit lab MPLS VPNs with overlapping address spaces Version Author(s) 1.0 S.Filippi, L.Ricci, F.Antonini E-mail Web Description silvia.filippi@kaskonetworks.it http://www.kaksonetworks.it/ A lab showing
More informationPart 4: Virtual Private Networks
Universität Passau Security Insider Lab I: Infrastructure Security WS15 Part 4: Virtual Private Networks Ahmed Azri Emna Maâtoug February 11, 2016 Advisor: Oussama Mahjoub, Bouthayna Belgacem Contents
More informationScalable Linux Clusters with LVS
Scalable Linux Clusters with LVS Considerations and Implementation, Part I Eric Searcy Tag1 Consulting, Inc. emsearcy@tag1consulting.com April 2008 Abstract Whether you are perusing mailing lists or reading
More informationNetwork Administration and Monitoring
Network Administration and Monitoring Alessandro Barenghi Dipartimento di Elettronica, Informazione e Bioingengeria Politecnico di Milano barenghi - at - elet.polimi.it April 17, 2013 Recap What did we
More informationHigh Availability Cluster Solutions for Ubuntu14.04 on Power
High Availability Cluster Solutions for Ubuntu14.04 on Power Author: Iranna D. Ankad (iranna.ankad@in.ibm.com) PowerLinux Test Architect Abstract: In this article we focus on how to set up a two-node apache
More informationCorso di Configurazione e Gestione di Reti Locali
Corso di Configurazione e Gestione di Reti Locali Marco Bonola Lorenzo Bracciale A.A. 2011/2012 TOC Netkit: installation, configuration, use Lab0-interfaces: basic IP configuration IP Networking (ifconfig,
More informationExploration of Large Scale Virtual Networks. Open Network Summit 2016
Exploration of Large Scale Virtual Networks Open Network Summit 2016 David Wilder wilder@us.ibm.com A Network of Containers Docker containers Virtual network More containers.. 1 5001 2 4 OpenVswitch or
More informationUnderstanding Route Redistribution & Filtering
Understanding Route Redistribution & Filtering When to Redistribute and Filter PAN-OS 5.0 Revision B 2013, Palo Alto Networks, Inc. www.paloaltonetworks.com Contents Overview... 3 Route Redistribution......
More informationLAB THREE STATIC ROUTING
LAB THREE STATIC ROUTING In this lab you will work with four different network topologies. The topology for Parts 1-4 is shown in Figure 3.1. These parts address router configuration on Linux PCs and a
More informationActive-Active Servers and Connection Synchronisation for LVS
Active-Active Servers and Connection Synchronisation for LVS Simon Horman (Horms) horms@valinux.co.jp VA Linux Systems Japan K.K. www.valinux.co.jp with assistance from NTT Commware Coporation www.nttcom.co.jp
More informationCRS 4.x: Automatic Work and Wrap up Time Configuration Example
CRS 4.x: Automatic Work and Wrap up Time Configuration Example Document ID: 91889 Contents Introduction Prerequisites Requirements Components Used Conventions Configure Automatic Work and Wrap up Time
More informationAN INTRODUCTION TO LINUX POLICY ROUTING. Tom Eastep SeaGL 2013 2013-10-12 Seattle, Washington
AN INTRODUCTION TO LINUX POLICY ROUTING Tom Eastep SeaGL 2013 2013-10-12 Seattle, Washington About the presenter Routing Routing Tables Routing Rules The route cache Defining additional Tables Routing/Netfilter
More informationWorkshop on Scientific Applications for the Internet of Things (IoT) March 16-27 2015
Workshop on Scientific Applications for the Internet of Things (IoT) March 16-27 2015 IPv6 in practice with RPi Alvaro Vives - alvaro@nsrc.org Contents 1 Lab topology 2 IPv6 Configuration 2.1 Linux commands
More informationOperating Systems Design 16. Networking: Sockets
Operating Systems Design 16. Networking: Sockets Paul Krzyzanowski pxk@cs.rutgers.edu 1 Sockets IP lets us send data between machines TCP & UDP are transport layer protocols Contain port number to identify
More informationOpen Network Install Environment
Open Network Install Environment Curt Brune Member of Technical Staff January 2014 Agenda Overview What Is ONIE? Lessons Learned ONIE Development Demo Project Directions cumulusnetworks.com 2 What Is ONIE?
More information04 Internet Protocol (IP)
SE 4C03 Winter 2007 04 Internet Protocol (IP) William M. Farmer Department of Computing and Software McMaster University 29 January 2007 Internet Protocol (IP) IP provides a connectionless packet delivery
More informationSetting Up A High-Availability Load Balancer (With Failover and Session Support) With Perlbal/Heartbeat On Debian Etch
By Falko Timme Published: 2009-01-11 19:32 Setting Up A High-Availability Load Balancer (With Failover and Session Support) With Perlbal/Heartbeat On Debian Etch Version 1.0 Author: Falko Timme
More informationSample Configuration Using the ip nat outside source static
Sample Configuration Using the ip nat outside source static Table of Contents Sample Configuration Using the ip nat outside source static Command...1 Introduction...1 Before You Begin...1 Conventions...1
More informationInternet Protocol: IP packet headers. vendredi 18 octobre 13
Internet Protocol: IP packet headers 1 IPv4 header V L TOS Total Length Identification F Frag TTL Proto Checksum Options Source address Destination address Data (payload) Padding V: Version (IPv4 ; IPv6)
More informationRouter and Routing Basics
Router and Routing Basics Malin Bornhager Halmstad University Session Number 2002, Svenska-CNAP Halmstad University 1 Routing Protocols and Concepts CCNA2 Routing and packet forwarding Static routing Dynamic
More informationGetting started with IPv6 on Linux
Getting started with IPv6 on Linux Jake Edge LWN.net jake@lwn.net LinuxCon North America 19 August 2011 History and Motivation IPng project July 1994 IPv6 - RFC 2460 December 1998 IPv5 - Internet Stream
More informationHost Discovery with nmap
Host Discovery with nmap By: Mark Wolfgang moonpie@moonpie.org November 2002 Table of Contents Host Discovery with nmap... 1 1. Introduction... 3 1.1 What is Host Discovery?... 4 2. Exploring nmap s Default
More informationYou can probably work with decimal. binary numbers needed by the. Working with binary numbers is time- consuming & error-prone.
IP Addressing & Subnetting Made Easy Working with IP Addresses Introduction You can probably work with decimal numbers much easier than with the binary numbers needed by the computer. Working with binary
More informationGB-OS Version 6.2. Configuring IPv6. Tel: +1.407.380.0220 Fax. +1.407.380.6080 Email: info@gta.com Web: www.gta.com
GB-OS Version 6.2 Configuring IPv6 IPv6201411-01 Global Technology Associates 3505 Lake Lynda Drive Suite 115 Orlando, FL 32817 Tel: +1.407.380.0220 Fax. +1.407.380.6080 Email: info@gta.com Web: www.gta.com
More informationLab 1: Introduction to the network lab
CSCI 312 - DATA COMMUNICATIONS AND NETWORKS FALL, 2014 Lab 1: Introduction to the network lab NOTE: Be sure to bring a flash drive to the lab; you will need it to save your data. For this and future labs,
More informationNetworking with Wicked in SUSE Linux Enterprise 12. Something Wicked This Way Comes. Guide. Solution Guide Server. www.suse.com
Networking with Wicked in SUSE Linux Enterprise 12 Something Wicked This Way Comes Guide Solution Guide Server Server Solution Guide Networking with Wicked in SUSE Linux Enterprise 12 Wicked QuickStart
More informationLoad Balancing Clearswift Secure Web Gateway
Load Balancing Clearswift Secure Web Gateway Deployment Guide rev. 1.1.8 Copyright 2002 2016 Loadbalancer.org, Inc. 1 Table of Contents About this Guide...3 Loadbalancer.org Appliances Supported...3 Loadbalancer.org
More informationHow To Connect Ipv4 To Ipv6 On A Ipv2 (Ipv4) On A Network With A Pnet 2.5 (Ipvin4) Or Ipv3 (Ip V6) On An Ipv5
The case for IPv6-only data centres...and how to pull it off in today's IPv4-dominated world Tore Anderson Redpill Linpro AS RIPE64, Ljubljana, April 2012 IPv6 deployment approaches 0) Traditional IPv4-only
More informationBuilding Nameserver Clusters with Free Software
Building Nameserver Clusters with Free Software Joe Abley, ISC NANOG 34 Seattle, WA, USA Starting Point Discrete, single-host authoritative nameservers several (two or more) several (two or more) geographically
More informationSnapt Balancer Manual
Snapt Balancer Manual Version 1.2 pg. 1 Contents Chapter 1: Introduction... 3 Chapter 2: General Usage... 4 Configuration Default Settings... 4 Configuration Performance Tuning... 6 Configuration Snapt
More informationIPv6 Hardening Guide for Windows Servers
IPv6 Hardening Guide for Windows Servers How to Securely Configure Windows Servers to Prevent IPv6-related Attacks Version: 1.0 Date: 22/12/2014 Classification: Public Author(s): Antonios Atlasis TABLE
More informationActive-Active Servers and Connection Synchronisation for LVS
Active-Active Servers and Connection Synchronisation for LVS Horms (Simon Horman) horms@valinux.co.jp VA Linux Systems Japan, K.K. www.valinux.co.jp with assistance from NTT Comware Corporation www.nttcom.co.jp
More information- Multiprotocol Label Switching -
1 - Multiprotocol Label Switching - Multiprotocol Label Switching Multiprotocol Label Switching (MPLS) is a Layer-2 switching technology. MPLS-enabled routers apply numerical labels to packets, and can
More informationFirewalls. Pehr Söderman KTH-CSC Pehrs@kth.se
Firewalls Pehr Söderman KTH-CSC Pehrs@kth.se 1 Definition A firewall is a network device that separates two parts of a network, enforcing a policy for all traversing traffic. 2 Fundamental requirements
More informationIP Routing Features. Contents
7 IP Routing Features Contents Overview of IP Routing.......................................... 7-3 IP Interfaces................................................ 7-3 IP Tables and Caches........................................
More informationCase Study: F5 Load Balancer and TCP Idle Timer / fastl4 Profile
Case Study: F5 Load Balancer and TCP Idle Timer / fastl4 Profile This describes a problem whereby a client connects to a server then waits for a report to complete before retrieving it. The report took
More informationProject 4: IP over DNS Due: 11:59 PM, Dec 14, 2015
CS168 Computer Networks Jannotti Project 4: IP over DNS Due: 11:59 PM, Dec 14, 2015 Contents 1 Introduction 1 2 Components 1 2.1 Creating the tunnel..................................... 2 2.2 Using the
More informationWicked Trip into Wicked Network Management
Wicked Trip into Wicked Network Management Matthias G. Eckermann Senior Product Manager mge@suse.com LinuxCon 2013 NA 2013-09-12 15:40 UTC Some Words of Encouragement There is a theory which states, that
More informationAire-6 Acceso Inalámbrico a Redes IPV6. Christian Lazo R. Universidad Austral de Chile
Aire-6 Acceso Inalámbrico a Redes IPV6 Christian Lazo R. Universidad Austral de Chile Proyecto Frida 2004 Objetivos HOT SPOT IPv6 NATIVO IPv6 + WiFI E2E, Always On, Movilidad AAAC (Authentication, Authorization,
More informationProcedure: You can find the problem sheet on Drive D: of the lab PCs. 1. IP address for this host computer 2. Subnet mask 3. Default gateway address
Objectives University of Jordan Faculty of Engineering & Technology Computer Engineering Department Computer Networks Laboratory 907528 Lab.4 Basic Network Operation and Troubleshooting 1. To become familiar
More informationFirewall Configuration and Assessment
FW Firewall Configuration and Assessment Goals of this lab: v v Get hands- on experience implementing a network security policy Get hands- on experience testing a firewall REVISION: 1.4 [2014-01- 28] 2007-2011
More informationSample Configuration Using the ip nat outside source list C
Sample Configuration Using the ip nat outside source list C Table of Contents Sample Configuration Using the ip nat outside source list Command...1 Introduction...1 Before You Begin...1 Conventions...1
More informationWicked A Network Manager Olaf Kirch
Wicked A Network Manager Olaf Kirch Director SUSE Linux Enterprise okir@suse.com 2 Agenda Why Wicked!? What we want to achieve What Wicked can do today/tomorrow Architecture Wicked little intro Why Wicked!?
More informationTCP/IP Security Problems. History that still teaches
TCP/IP Security Problems History that still teaches 1 remote login without a password rsh and rcp were programs that allowed you to login from a remote site without a password The.rhosts file in your home
More informationBuilding scalable IPSec infrastructure with MikroTik. IPSec, L2TP/IPSec, OSPF
Building scalable IPSec infrastructure with MikroTik IPSec, L2TP/IPSec, OSPF Presenter information Tomas Kirnak Network design Security, wireless Servers Virtualization MikroTik Certified Trainer Atris,
More informationLinux TCP/IP Network Management
Linux TCP/IP Network Management Arnon Rungsawang fenganr@ku.ac.th Massive Information & Knowledge Engineering Department of Computer Engineering Faculty of Engineering Kasetsart University, Bangkok, Thailand.
More informationImproving DNS performance using Stateless TCP in FreeBSD 9
Improving DNS performance using Stateless TCP in FreeBSD 9 David Hayes, Mattia Rossi, Grenville Armitage Centre for Advanced Internet Architectures, Technical Report 101022A Swinburne University of Technology
More informationA virtual network laboratory for learning IP networking
virtual network laboratory for learning IP networking Lluís Fàbrega, Jordi Massaguer, Teodor Jové, avid Mérida roadband ommunications and istributed Systems Group Institut d Informàtica i plicacions Universitat
More informationThe Hybrid- Open ( HOpen ) router architecture. Brian Field / Comcast
The Hybrid- Open ( HOpen ) router architecture Brian Field / Comcast 1 Background Lots of excitement in the SDN space Programmability (config) Network virtualizaqon (exisqng features) What if I need a
More informationAppliance Quick Start Guide. v7.6
Appliance Quick Start Guide v7.6 rev. 1.0.7 Copyright 2002 2015 Loadbalancer.org, Inc. Table of Contents Loadbalancer.org Terminology... 4 What is a Virtual IP Address?... 5 What is a Floating IP Address?...
More informationCS 457 Lecture 19 Global Internet - BGP. Fall 2011
CS 457 Lecture 19 Global Internet - BGP Fall 2011 Decision Process Calculate degree of preference for each route in Adj-RIB-In as follows (apply following steps until one route is left): select route with
More informationIPV6 SERVICES DEPLOYMENT
IPV6 SERVICES DEPLOYMENT LINX IPv6 Technical Workshop - March 2009 Jaco Engelbrecht Group Platforms Manager, clara.net DNS root zone goes AAAA! On 4 th February 2008 IANA added AAAA records for the A,
More informationUnderstanding and Configuring NAT Tech Note PAN-OS 4.1
Understanding and Configuring NAT Tech Note PAN-OS 4.1 Revision C 2012, Palo Alto Networks, Inc. www.paloaltonetworks.com Contents Overview... 3 Scope... 3 Design Consideration... 3 Software requirement...
More informationTCP/IP Network Essentials. Linux System Administration and IP Services
TCP/IP Network Essentials Linux System Administration and IP Services Layers Complex problems can be solved using the common divide and conquer principle. In this case the internals of the Internet are
More informationApplication Note. Failover through BGP route health injection
Application Note Document version: v1.2 Last update: 8th November 2013 Purpose This application note aims to describe how to build a high available platform using BGP routing protocol to choose the best
More informationPULSE. Pulse for Windows Phone Quick Start Guide. Release Published Date
PULSE Pulse for Windows Phone Quick Start Guide Release Published Date 1.0 July 2015 Contents PART 1 Pulse for Windows Phone 4 CHAPTER 1 5 Introducing Pulse for Windows Phone 5 Pulse for Windows Phone
More information10.4. Multiple Connections to the Internet
10.4. Multiple Connections to the Internet Prev Chapter 10. Advanced IP Routing Next 10.4. Multiple Connections to the Internet The questions summarized in this section should rightly be entered into the
More informationLoad Balancing - Single Multipath Route HOWTO
Load Balancing - Single Multipath Route HOWTO Shakthi Kannan, shaks_wants_no_spam_at_shakthimaan_dot_com January 5, 2007 Revision: 1.2 Abstract This documentation provides the steps to setup load-balancing
More informationConfiguring a Load-Balancing Scheme
Configuring a Load-Balancing Scheme Finding Feature Information Configuring a Load-Balancing Scheme Last Updated: August 15, 2011 This module contains information about Cisco Express Forwarding and describes
More informationProgrammable Networking with Open vswitch
Programmable Networking with Open vswitch Jesse Gross LinuxCon September, 2013 2009 VMware Inc. All rights reserved Background: The Evolution of Data Centers Virtualization has created data center workloads
More informationIPv6 Associated Protocols
IPv6 Associated Protocols 1 New Protocols (1) New features are specified in IPv6 Protocol -RFC 2460 DS Neighbor Discovery (NDP) -RFC 4861 DS Auto-configuration : Stateless Address Auto-configuration -RFC
More informationExposing Link-Change Events to Applications
Exposing Link-Change Events to Applications Problem Description As a Mobile Node (MN) handoffs from one Point Of Attachment (POA) to another, the state of its network interface (in the MN) changes: From
More informationhis document discusses implementation of dynamic mobile network routing (DMNR) in the EN-4000.
EN-4000 Reference Manual Document 10 DMNR in the EN-4000 T his document discusses implementation of dynamic mobile network routing (DMNR) in the EN-4000. Encore Networks EN-4000 complies with all Verizon
More informationNovel Systems. Extensible Networks
Novel Systems Active Networks Denali Extensible Networks Observations Creating/disseminating standards hard Prototyping/research Incremental deployment Computation may be cheap compared to communication
More informationInterconnection of Heterogeneous Networks. Internetworking. Service model. Addressing Address mapping Automatic host configuration
Interconnection of Heterogeneous Networks Internetworking Service model Addressing Address mapping Automatic host configuration Wireless LAN network@home outer Ethernet PPS Internet-Praktikum Internetworking
More informationSecure use of iptables and connection tracking helpers
Secure use of iptables and connection tracking helpers Authors: Eric Leblond, Pablo Neira Ayuso, Patrick McHardy, Jan Engelhardt, Mr Dash Four Introduction Principle of helpers Some protocols use different
More informationExam 1 Review Questions
CSE 473 Introduction to Computer Networks Exam 1 Review Questions Jon Turner 10/2013 1. A user in St. Louis, connected to the internet via a 20 Mb/s (b=bits) connection retrieves a 250 KB (B=bytes) web
More informationRecent advances in IPv6 insecurities Marc van Hauser Heuse Deepsec 2010, Vienna. 2010 Marc Heuse <mh@mh-sec.de>
Recent advances in IPv6 insecurities Marc van Hauser Heuse Deepsec 2010, Vienna 2010 Marc Heuse Hello, my name is The future is here already Let s start with the basics IPv4 4 octets 4.294.967.296
More informationTechnical Support Information Belkin internal use only
The fundamentals of TCP/IP networking TCP/IP (Transmission Control Protocol / Internet Protocols) is a set of networking protocols that is used for communication on the Internet and on many other networks.
More informationBasic IPv6 WAN and LAN Configuration
Basic IPv6 WAN and LAN Configuration This quick start guide provides basic IPv6 WAN and LAN configuration information for the ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N. For complete IPv6 configuration
More informationHow to Make the Client IP Address Available to the Back-end Server
How to Make the Client IP Address Available to the Back-end Server For Layer 4 - UDP and Layer 4 - TCP services, the actual client IP address is passed to the server in the TCP header. No further configuration
More informationInternetworking. Problem: There is more than one network (heterogeneity & scale)
Internetworking Problem: There is more than one network (heterogeneity & scale) Hongwei Zhang http://www.cs.wayne.edu/~hzhang Internetworking: Internet Protocol (IP) Routing and scalability Group Communication
More informationnetkit lab Traffic Engineering with MPLS for Linux Version Author(s) F. Di Ciccio, F. Antonini (Kasko Networks S.r.l.)
netkit lab Traffic Engineering with for Linux Version Author(s) E-mail Web Description 1.1 F. Di Ciccio, F. Antonini (Kasko Networks S.r.l.) Reviewed by M. Rimondini (Roma Tre University) fra.dix87@gmail.com,
More informationO 10.16.1.0/27 [110/129] via 192.168.1.5, 00:00:05, Serial0/0/1
1 Which two statements are true regarding the advantages of the use of static routes? (Choose increased security reduced effort in configuring routes the administrator maintains control over routing easier
More informationIP SAN Fundamentals: An Introduction to IP SANs and iscsi
IP SAN Fundamentals: An Introduction to IP SANs and iscsi Updated April 2007 Sun Microsystems, Inc. 2007 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, CA 95054 USA All rights reserved. This
More informationQuick Note 53. Ethernet to W-WAN failover with logical Ethernet interface.
Quick Note 53 Ethernet to W-WAN failover with logical Ethernet interface. Digi Support August 2015 1 Contents 1 Introduction... 2 1.1 Introduction... 2 1.2 Assumptions... 3 1.3 Corrections... 3 2 Version...
More informationFirewalls. Chien-Chung Shen cshen@cis.udel.edu
Firewalls Chien-Chung Shen cshen@cis.udel.edu The Need for Firewalls Internet connectivity is essential however it creates a threat vs. host-based security services (e.g., intrusion detection), not cost-effective
More information20. Switched Local Area Networks
20. Switched Local Area Networks n Addressing in LANs (ARP) n Spanning tree algorithm n Forwarding in switched Ethernet LANs n Virtual LANs n Layer 3 switching n Datacenter networks John DeHart Based on
More informationReverse Proxy with SSL - ProxySG Technical Brief
SGOS 5 Series Reverse Proxy with SSL - ProxySG Technical Brief What is Reverse Proxy with SSL? The Blue Coat ProxySG includes the functionality for a robust and flexible reverse proxy solution. In addition
More informationCSE331: Introduction to Networks and Security. Lecture 12 Fall 2006
CSE331: Introduction to Networks and Security Lecture 12 Fall 2006 Announcements Midterm I will be held Friday, Oct. 6th. True/False Multiple Choice Calculation Short answer Short essay Project 2 is on
More informationCCT vs. CCENT Skill Set Comparison
Operation of IP Data Networks Recognize the purpose and functions of various network devices such as Routers, Switches, Bridges and Hubs Select the components required to meet a given network specification
More informationMain functions of Linux Netfilter
Main functions of Linux Netfilter Filter Nat Packet filtering (rejecting, dropping or accepting packets) Network Address Translation including DNAT, SNAT and Masquerading Mangle General packet header modification
More informationDeploying Silver Peak VXOA Physical And Virtual Appliances with Dell EqualLogic Isolated iscsi SANs including Dell 3-2-1
Deploying Silver Peak VXOA Physical And Virtual Appliances with Dell EqualLogic Isolated iscsi SANs including Dell 3-2-1 Tech Note June 2012 This tech note describes the deployment of Silver Peak physical
More informationRed Hat Linux Networking
The information presented should act as a guide to Red Hat Linux networking. It is intended to be accompanied with training and self study. To access most of these items you will need to have root access,
More information