RSS

Posts in 2016

  • Large BGP Communities

    Sunday, September 04, 2016 in BGP

    One of the things I noticed when I received a 32-bit ASN was that I was unable to use my ASN in my BGP communities. I’m not the only one who has noticed this, and work has begun on a Draft Standard, Large BGP Community to address this …

    Read more

  • HA Authoritative DNS w/ dnsdist

    Saturday, August 13, 2016 in DNS

    I ran into an obscure limitation in PowerDNS 4.0 authoritative server recently. I have one nameserver which also acts as a slave to two other sets of zones with are transfered using AXFR. Some of those zones are DNSSEC enabled, and PowerDNS is only …

    Read more

  • dnsdist with pdns recursors

    Monday, August 01, 2016 in DNS

    This is a second in blog series about DNS, specifically awesome things that can be done with dnsdist. Front and Back Ends 2x dnsdist load balancers as client facing DNS resolvers 2x PowerDNS recursor backends Norway Spruce Picea abies shoot with …

    Read more

  • A BGP Slash Command

    Friday, July 15, 2016 in BGP

    If you’re using Slack then you should already know how easy it is to integrate almost anything into slack using its web APIs. If you’re not already using Slack, what are you waiting for? As a Slack user and a network administrator I often …

    Read more

  • ESXi 6up2

    Sunday, May 22, 2016 in Systems

    I recently installed VMware ESXi 6.0 Update 02 aka VMware vSphere Hypervisor on a server, and using the new VMware Host Client at https://<hostip>/ui/ was able to fully set up a Debian 8/Jessie guest using only the trial license. The HTML …

    Read more

  • Load Balancing DNS with dnsdist

    Saturday, May 07, 2016 in DNS

    I first came across dnsdist in a NANOG post in the discussion of exploitation of a BIND DOS bug last summer. Jared Mauch had recommended dnsdist to easily implement DNS backend diversity. I was interested at the time. but wasn’t doing enough …

    Read more

  • AS395089

    Wednesday, April 13, 2016 in BGP

    Yesterday morning the company I own, Hextet Systems, was assigned AS 395089 from ARIN’s pool of ASNs. By mid-afternoon I had turned up BGP with my first uptream for IPv6, and was advertising a /44. By 11PM I had finished setting up IPv4 BGP as …

    Read more

  • IXP Peering Lan Hijacks

    Tuesday, March 29, 2016 in BGP

    Earlier this month the local Internet Exchange I’m involved with received some reports of spam coming from the MBIX Peering LAN IP space. Normally an Internet Exchange’s Peering LAN IP space is not announced to the world via BGP. Only …

    Read more

  • BGP and Game Performance

    Friday, February 19, 2016 in BGP

    The makers of League of Legends, Riot Games, have posted a very interesting engineering blog about how they’ve engineered their AS for optimal game performance. They mention important things like, buying from a Tier 1 doesn’t solve all …

    Read more

  • Filtering with BGP Communities

    Friday, February 12, 2016 in BGP

    Otherwise known as Filtering BGP Advertisements Using BGP Communities For Fun and Profit but that made the layout terrible. Filtering BGP advertisements using communities is a simple and effective way to control your advertisements. This can prevent …

    Read more