IPv6 Security Considerations

1 October 2018 | Comments Off on IPv6 Security Considerations

When rolling out a new protocol such as IPv6, it is useful to consider the changes to security posture, particularly the network’s attack surface. While protocol security discussions are widely available, there is often not “one place” where you can go to get information about potential attacks, references to research about those attacks, potential counters,…

On the ‘net: A Riff on RIFT

8 August 2018 | Comments Off on On the ‘net: A Riff on RIFT

Today, an update on some compelling projects at IETF 102. Ours guest are Jeff Tantsura and Russ White. We review the following projects to see what’s new and understand what problems they’re solving: RIFT (Routing In Fat Trees), BIER (Bit Indexed Explicit Replication), PPR (Preferred Path Routing), and YANG data modeling. We also look at…

Recent BGP Peering Enhancements

9 July 2018 | Comments Off on Recent BGP Peering Enhancements

BGP is one of the foundational protocols that make the Internet “go;” as such, it is a complex intertwined system of different kinds of functionality bundled into a single set of TLVs, attributes, and other functionality. Because it is so widely used, however, BGP tends to gain new capabilities on a regular basis, making the…

Whatever is vOLT-HA?

23 April 2018 | Comments Off on Whatever is vOLT-HA?

Many network engineers find the entire world of telecom to be confusing—especially as papers are peppered with a lot of acronyms. If any part of the networking world is more obsessed with acronyms than any other, the telecom world, where the traditional phone line, subscriber access, and network engineering collide, reigns as the “king of…

OSPF Topology Transparent Zones

17 April 2018 | Comments Off on OSPF Topology Transparent Zones

Anyone who has worked with OSPF for any length of time has at least heard of areas—but perhaps before diving into Topology Transparent Zones (TTZs), a short review is in order. In this diagram, routers A and B are in area 0, routers C and D are Area Border Routers (ABRs), and routers E, F,…

What’s wrong with the IETF. And what’s right

22 March 2018 | 4 Comments

I have not counted the IETF’s I have attended; I only know the first RFC on which I’m listed as a co-author was published in 2000, so this must be close to 20 years of interacting with the IETF community. I’m pretty certain I’ve attended at least two meetings a year in some years, and…

Low Latency Networking

12 March 2018 | Comments Off on Low Latency Networking

Low latency is coming to a network near you. In fact, it’s probably coming to your network, whether or not you realize it. This article was cross posted at APNIC While bandwidth has always been the primary measure of a network, and cross sectional or non-contending bandwidth for data center fabrics, further research and reflection…

DFS and Low Points

6 March 2018 | Comments Off on DFS and Low Points

On a recent history of networking episode, Alia talked a little about Maximally Redundant Trees (MRTs), and the concept of Depth First Search (DFS) numbering, along with the idea of a low point. While low points are quickly explained in my new book in the context of MRTs, I thought it worthwhile to revisit the…

The DNS Negative Cache

13 February 2018 | Comments Off on The DNS Negative Cache

Considering the DNS query chain— A host queries a local recursive server to find out about banana.example The server queries the root server, then recursively the authoritative server, looking for this domain name banana.example does not exist There are two possible responses in this chain of queries, actually. .example might not exist at all. In…

SLAAC and DHCPv6

5 December 2017 | 1 Comment

When deploying IPv6, one of the fundamental questions the network engineer needs to ask is: DHCPv6, or SLAAC? As the argument between these two has reached almost political dimensions, perhaps a quick look at the positive and negative attributes of each solution are. Originally, the idea was that IPv6 addresses would be created using stateless…