The NANOG 87 meeting took place a few days ago. Excluding the hackathon, it was approximately five hours of content each day for three days. Slide decks for all the talks are on the meeting page and the videos have already been put into the TeamNANOG YouTube NANOG 87 play list. This is a very brief, likely imperfect summary of a few of talks from the meeting. I don’t review all talks, because I simply couldn’t attend them all for one reason or another.Read more...
On this date twenty years ago the Internet came as close to a total meltdown as we’ve ever seen since the commercialization of the Internet. A tiny UDP worm payload of just 376 bytes spread to all remotely accessible and vulnerable Microsoft SQL servers listening on port 1434 within a matter of minutes. This tiny payload ultimately infected roughly 75 thousand hosts worldwide and the disruption it caused made international news.Read more...
The title of this post refers to a network function commonly known as duplicate address detection (DAD). The complete story will cover a range of seemingly unrelated technologies including ARP, Perl socket programming, systemd, IPv6, and a once-popular LAN technology that if you’ve never seen you probably never will, Token Ring. It all starts with a fake DNS server. Oh yeah, I forgot to mention DNS is here as well, but that is just a happy coincidence.Read more...
“DNS over TCP is a thing, please don’t block it. kthxbye.” That is how I whimsically tweeted my summary of IETF RFC 9210, a new BCP co-authored with Duane Wessels. The history of the document is rooted in a chance encounter over seven years ago. For posterity, here is my version of how it came to be.
In December 2014, a former student informed me of an interaction with another instructor where my name had come up.Read more...