Great NANOG presentations

I was reminded by @dritans tweet that there a lot of great NANOG presentations which tend to get buried amongst the archives.

The particular one he linked to is A Practical Guide to (Correctly) Troubleshooting with Traceroute [222KB PDF] by Richard A Steenbergen. This is a terrific primer for those who have never dug deep into traceroute tools, how they work and what they can show you. It’s quite easy to misinterpret what a traceroute tool’s results actually mean and RAS steps you through the various anomalies and pitfalls.

The complexity covered here is why asking job candidates about traceroute tools is a great way to expose understanding of, or ignorance of, the basics of packet switched networks, IP and TCP/UDP/ICMP. You can also learn a lot about their approach to troubleshooting and analysis of data, whether they can turn it into useful information and communicate that.

The other presentation I was reminded of is Managing IP Networks with Free Software [400KB PDF] by Joe Abley and Stephen Stuart. It’s getting on a bit, NANOG 26 was in late 2002, but it’s still an interesting showcase of how you can get [nearly] instant results with some simple tools and a little scripting.

I’d like to say that things have changed in the decade since and we now have a one size fits all tool that achieves a lot of the same goals but due to every organisation’s different needs everyone keeps reinventing subtly different wheels. Hence I’ve been down the same path, installing RANCID and then building things around it. I just wish I’d known about textfsm, a Python module for parsing semi-structured text (e.g. ‘show run’ output) into tabular data.

Do you have any favourite NANOG presentations?

Posted in Network | Tagged , , , | Comments closed

Running RANCID on top of BZR and with multihop

Long time, no write. Been busy moving countries, as you do.

Started a new job too. Been setting up RANCID and wanted to pull together all the pieces here:

RANCID
Let’s start in the obvious place, www.shrubbery.net/rancid/. I prefer my own, slightly different, expansion of the acronym. Really Awesome Network¬† ConfIg Differ. If you are not backing up or versioning the configuration of your networking equipment you really should take a look at it.

Patches for RANCID to use BZR
RANCID only offers CVS and SVN support out of the box. I’ve been using BZR for a while and strongly prefer it. Thankfully someone has provided patches to add BZR support.

Patches for RANCID to do multihop
One of the other things I needed to add was support to reach a device via another device. I used the instructions from here and the updated patch from here. My config looks a little something like:

add user HOSTNAME {USER}
add password HOSTNAME {PASSWORD}
add autoenable HOSTNAME 1
add method HOSTNAME usercmd
add usercmd HOSTNAME {/usr/local/rancid/bin/clogin} {VIA_HOSTNAME}
add usercmd_chat HOSTNAME {#} {telnet IP_ADDRESS\r} {User Access Verification} {}

Note that the host we are going via is already defined so we can reuse it’s clogin details to reach it (though I did need to provide the full path to clogin).

Loggerhead
To serve the BZR repo via a web interface I turned to Loggerhead. The only issue I have is trying to hide the RANCID log directory because I am serving it as a “directory of branches” straight out of rancid/var.

Posted in Network, Tech | Tagged , , , | Comments closed

Series of Scalability Articles by Haytham El-fadeel

As the title says…

Art of scalability (1) – Scalability principles

Art of scalability (2) – Scalability guidelines part 1

Art of scalability (3) – Scalability guidelines part 2

Art of scalability (4) – Scalability guidelines part 3

Posted in Internet, Tech, WebOps | Tagged , | Comments closed

Bernadette McMenamin applying the spin, again…

Australian IT is carrying a blog post by Bernadette McMenamin which is just full of mis-representation and spin.

One of the most horrendous developments that we have experienced in the last 15 years is the dramatic explosion in the global trade of child sexual abuse images on the internet.

No one really knows the true quantities because it is mostly traded via peer to peer and over encrypted networks. And none of these channels will be addressed by the proposed filter. Ref: http://libertus.net/censor/ispfiltering-au-govplan.html#s_stats

76 per cent would change to an ISP that blocked child pornography

There are ISPs that provide filtered access already, yet their market share is not overly large so while the polls track the sentiment it doesn’t appear to flow through to action. Markets respond to demand, it’s clearly not there. Ref: http://libertus.net/censor/ispfiltering-au-govplan.html#s_10

Law enforcement and education are also key strategies and prominent in the Federal Government’s Safe internet Policy.

So why is the AFP budget for this going down and not up? Ref: http://libertus.net/censor/ispfiltering-au-govplan.html#s_38

Hundreds of millions of dollars is already being spent on law enforcement which is commendable but this only addresses the problem after the abuse has occurred.

ISP filtering has the same problem.

Critics of this new scheme have argued that ISP filtering of child sexual abuse images simply will not work. However these filters are actually working very effectively in Scandinavian countries and in the UK as well as in recent trials in New Zealand.

None of these examples is representative of what the ALP is proposing. Ref: http://libertus.net/censor/ispfiltering-au-govplan.html#s_6

Critics have also argued that ISP filtering will be costly and slow down the internet. Again based on overseas experience this is not the case.

The New Zealand trial is not equivalent to what the ALP is proposing. Nor does it refute the view that the filtering will slow access speeds.

My argument is that how can blocking illegal material (which should not be produced or stored in the first place) be censorship?

And many, if not all, would agree with you. But the ALP is proposing to block prohibited material not all of which is illegal. Ref: http://libertus.net/censor/ispfiltering-au-govplan.html#s_21

Having said that I remain open minded as I hope the critics of the scheme will wait until the trials have been independently conducted to decide on whether Australia should take this leap into ISP filtering.

I think we’re all keen to see the results of the trials. Just have to wait till they are completed…

…any minute now…

Posted in Internet, Tech | Tagged , | Comments closed

Links of the Day: December 25, 2008

Gapingvoid: Guy with office job

Gapingvoid: Small shitty moment

Posted in Daily Links | Tagged | Comments closed

Links of the Day: December 18, 2008

Rolling Your Own Newsroom – O’Reilly Radar

Posted in Daily Links | Tagged | Comments closed

Links of the Day: October 19, 2008

Simon Caulkin: High earners need to be brought down to Earth

The credit crunch has written it out in huge red letters: incentive pay may work for Chinese peasants, but in situations of any complexity, and especially where the quality of the decisions made is only apparent in the long term, pay that truly reflects performance is not only unachievable: the attempt to make it so is catastrophically counter-productive.

Posted in Daily Links | Tagged | Comments closed

Links of the Day: October 12, 2008

Sad Guys on Trading Floors – And if you look over here, you’ll see we have some…
…little do they know it’s the Australian Treasurer!

Posted in Daily Links | Tagged | Comments closed

Links of the Day: September 30, 2008

Real Dan Lyons Web Site – What the hell is happening to me?

For the first time ever, I agree with something Richard Stallman says.

Posted in Daily Links | Tagged | Comments closed

Links of the Day: August 18, 2008

Road to Qingdao: Even the people who watched the race on TV where totally confused….. 49er Medal Race:

It was an exciting race, with lot of drama, but we have to wonder if it was really a test of skill, or a test of who’s boat would or would not break.

Posted in Daily Links | Tagged | Comments closed