The DNS Negative Cache

13 February 2018 | Comments Off on The DNS Negative Cache

Considering the DNS query chain— A host queries a local recursive server to find out about banana.example The server queries the root server, then recursively the authoritative server, looking for this domain name banana.example does not exist There are two possible responses in this chain of queries, actually. .example might not exist at all. In…

SLAAC and DHCPv6

5 December 2017 | 1 Comment

When deploying IPv6, one of the fundamental questions the network engineer needs to ask is: DHCPv6, or SLAAC? As the argument between these two has reached almost political dimensions, perhaps a quick look at the positive and negative attributes of each solution are. Originally, the idea was that IPv6 addresses would be created using stateless…

Reaction: Enabling Privacy is not Harmful

2 November 2017 | Comments Off on Reaction: Enabling Privacy is not Harmful

The argument for end-to-end encryption is apparently heating up with the work moving forward on TLSv1.3 currently in progress in the IETF. The naysayers, however, are also out in force, arguing that end-to-end encryption is a net negative. What is the line of argument? According to a recent article in CircleID, it seems to be…

BGPsec and Reality

23 October 2017 | 2 Comments

From time to time, someone publishes a new blog post lauding the wonderfulness of BGPsec, such as this one over at the Internet Society. In return, I sometimes feel like I am a broken record discussing the problems with the basic idea of BGPsec—while it can solve some problems, it creates a lot of new…

IS-IS Multi Instance: RFC8202

16 October 2017 | Comments Off on IS-IS Multi Instance: RFC8202

Multi-Instance IS-IS One of the nice things about IS-IS is the ability to run IPv6 and IPv4 in the same protocol, over a single instance. So long as the two topologies are congruent, deploying v6 as dual stack is very simply. But what if your topologies are not congruent? The figure below illustrates the difference.…

Reaction: Networking Vendors are Only Good for the Free Lunch

13 September 2017 | 1 Comment

I ran into an article over at the Register this week which painted the entire networking industry, from vendors to standards bodies, with a rather broad brush. While there are true bits and pieces in the piece, some balance seems to be in order. The article recaps a presentation by Peyton Koran at Electronic Arts…

On the ‘web: What’s Wrong with BGP

6 September 2017 | Comments Off on On the ‘web: What’s Wrong with BGP

Our guests are Russ White, a network architect at LinkedIn; and Sue Hares, a consultant and chair of the Inter-Domain Routing Working Group at the IETF. They discuss the history of BGP, the original problems it was intended to solve, and what might change. This is an informed and wide-ranging conversation that also covers whitebox,…

The OSPF Two Part Metric

7 August 2017 | Comments Off on The OSPF Two Part Metric

Looking at the capabilities of any given protocol running in our networks today, it certainly seems there are few use cases left the protocol cannot support. In fact, modern interior gateway protocols have become so capable that it almost seems like we only need one to support everything. This is not reality, of course—there are…

On the ‘web: Getting Involved with the IETF

2 August 2017 | Comments Off on On the ‘web: Getting Involved with the IETF

I sat with Greg, Kathleen, and Alia to talk about “ordinary engineers” getting involved in the IETF while we were in Prague. Believe it or not, this time I didn’t get out into the city at all other than walking between the hotel I was staying at and the venue hotel. I try to always…

Source Destination Routing

1 August 2017 | Comments Off on Source Destination Routing