When the inevitable 2AM call happens—”our network is under attack”—what do you do? After running through the OODA loop (1, 2, 3, 4), used communities to distribute the attack as much as possible, mitigated the attack where possible, and now you realist there little you can do locally. What now? You need to wander out…
Many years ago, when multicast was still a “thing” everyone expected to spread throughout the Internet itself, a lot of work went into specifying not only IP multicast control planes, but also IP multicast control planes for interdomain use (between autonomous systems). BGP was modified to support IP multicast, for instance, in order to connect…
The IP suite was always loosely grounded in the end-to-end principle, defined here (a version of this paper is also apparently available here), is quoted in RFC2775 as: The function in question can completely and correctly be implemented only with the knowledge and help of the application standing at the endpoints of the communication system.…
Buffering packets in a network is both good and bad. It is good because a buffer can hold packets from one stream while another stream’s packets are being processed, to take up and release short bursts of traffic, to hold and then release packets when there is a very short interruption on the wire (or…
[time-span] OSPF was originally designed in an age when processors were much less capable, available memory was much smaller, and link bandwidths were much lower. To conserve processing power, memory, and n-the-wire bandwidth, OSPF was designed using fixed length fields (FLFs). TLVs are more difficult to process than an FLF; to process a set of…
While Flowspec has been around for a while (RFC5575 was published in 2009), deployment across AS boundaries has been somewhat slow. The primary concern in deploying flowspec is the ability to shoot oneself in the foot, particularly as opening Flowspec to customers can also open apn entirely new, and not well understood, attack surface. Often…
What about I2RS performance? The first post in this series provides a basic overview of I2RS; there I used a simple diagram to illustrate how I2RS interacts with the RIB— One question that comes to mind when looking at a data flow like this (or rather should come to mind!) is what kind of performance…
- « Previous
- 1
- …
- 3
- 4
- 5