It was recently announced that Juniper Networks would be purchasing WANDL, a long time partner and

sudo ip netns exec uc2b ip link list ip netns exec uc2b ifconfig uc2b1 192.80.111.58⁄24 up sudo ip netns exec uc2b ifconfig uc2b1 192.80.111.58⁄24 up sudo ovs-vsctl add-port br-int uc2b1 ip netns exec uc2b ip link set uc2b1 up sudo ip netns exec uc2b ip link set uc2b1 up sudo brctl addbr uc2bbr sudo brctl ifbr uc2bbr uc2b1 sudo brctl addif uc2bbr uc2b1 sudo brctl delbr uc2bbr sudo ovs-vsctl add-port br-int uc2b1 sudo ovs-vsctl add-port br-int uc2b1 sudo ovs-vsctl add-br uc2bbr uc2b1 sudo ovs-vsctl add-br uc2bbr sudo ovs-vsctl add-port uc2bbr uc2b1 sudo ovs-vsctl add-port uc2bbr eth1 sudo ip netns exec uc2b ifconfig uc2b1 192.

Networks are insecure, they just are. I once worked with an FBI agent who said that if you wanted a secure network you should turn everything off, smash it, then set it on fire - and I don’t disagree. However, there are things we can do to understand our networks that will aid immeasurably in how they are secured and initially and how they remain secured over time. At their very core networks are not secure based simply on the fact that humans are involved in their construction, operation, and use.

NFD Disclaimer: Tech Field Day is covering my travel and miscellaneous costs for this event. They in turn are paid by their sponsors. I am under no obligation to write anything about any of the presentations, favorable or otherwise. All opinions expressed are my own and in no way reflect any other entities other than myself. In addition, they are simply opinions based on my experiences and the facts known at the time of posting and should be thought of as such.

Another useful bit of information is the path. Traceroute is fine, but it’s a bit of a “one and done” kind of tool. I prefer to use mtr because it can run for any amount of time I need it to and keep the statistics for the entire time viewable. It does require socket access, so you’ll either need root or sudo in most cases. (~) jumphost $ sudo mtr 192.

Like most network engineers that have been around long enough, I manage a handful of unix-like systems. As I have done work for service providers all over the place for the last 15 years, I have accumulated enough systems out there that need patched and maintained. I like to to send out a raspberry pi to as many ASNs as I can, enabling the poor-mans NLNOG Ring that only I manage.

SDN gateways have a much more traditional look and feel. They have a flat SDN OpenFlow network with a default gateway for client traffic by either controller proxy or direct reachability by the client host. Note that both approaches suffer from lack of adoption and maturity, which adds risk to any early production SDN. IPv6-like

I want to preface this by saying that this was an experiment for me. That said, I know there are folks that want to run everything under the sun on a pi. So, since I love the platform as well, I set out to try to make the raspberry pi a perfsonar “probe”.