SlideShare a Scribd company logo

packet traveling (pre cloud)

iman darabi
iman darabi

deep understanding of howto packet would reach to destination and basic understanding of network protocols. learn howto manipulate with linux network and know howto manipulate with linux iptables.

Engineering
1 of 64
Download to read offline
Packet Traveling preCloud Feb 21, 2020 “Iman darabi” <iman.darabi@gmail.com>
Materials ● OSI model ● The Network Layer ● The Datalink Layer ● Linux network command-line tools ● Network security
15min ● OSI model ● Concepts of packet travel 45min ● The Network Layer 45min ● The Datalink Layer 60 mins ● Linux network command-line tools 40 mins ● Network security
Networking
1. Directly interacts with data from user 2. Softwares like web browsers rely on the application layer to initiate communications. 3. Softwares work with protocols like HTTP and SMTP to transfer data over network. Ref: http://cloudflare.com 7 ->
1. Prepare data so that it can be used by the application layer 2. Encryption and compression for example. Ref: http://cloudflare.com 6 ->
1. The time between when the communication is opened and closed is known as the session. 2. Synchronization - add check points ( synchronization points ) into stream of data. Ref: http://cloudflare.com 5 ->
1. Reassembling the segments into data the session layer can consume. 2. Flow control and error control for inter-network communication. Ref: http://cloudflare.com 4 ->
1. Faciliating data transfer between two diffrent networks. Ref: http://cloudflare.com 3 ->
1. Facilitate data transfer between two devices on the SAME network. 2. Flow control and error control in intra-network communication. Ref: http://cloudflare.com 2 ->
1. This layer is : 101110101011101010110101011111100001 0101101010101010101 ;) Ref: http://cloudflare.com 1 ->
TCP/IP layers:
LAN Protocols Data and Computer Communications (William Stallings)
The Network Layer (2)
Internet Protocol ● IP addresses were assigned to computers and routers ( computer ~ node ). ● Every IP address belongs to a specific network. ● Routers are used to connect networks. ● Public IP address, allow device to direct access over the Internet (5.9.201.150). ● Private IP address, is the address space allocated by InterNIC to allow organizations to create their own private network. ○ 10.0.0.0/8 ( a single Class A network) ○ 172.16.0.0/12 (16 Class B networks) ○ 192.168.0.0/16 (256 Class C networks) ● private nodes cannot directly communicate with public networks, but require Network Address Translation at a routing gateway for this purpose.
Network Address
Network Masks ● The subnet mask defines which part of the network address indicates the network and which part indicates the node. ● Example: ○ Address: 192.168.10.100 11000000.10101000.00001010 .01100100 ○ Netmask: 255.255.255.0 = 24 11111111.11111111.11111111 .00000000 ○ Network: 192.168.10.0/24 11000000.10101000.00001010 .00000000 (Class C) ○ Broadcast: 192.168.10.255 11000000.10101000.00001010 .11111111 ○ HostMin: 192.168.10.1 11000000.10101000.00001010 .00000001 ○ HostMax: 192.168.10.254 11000000.10101000.00001010 .11111110
Managing Network Addresses and Interfaces ● Fixed IP addresses: ○ Useful for servers that always need to be available at the same IP address. ● Dynamically assigned IP addresses: ○ Useful for end-users devices, and for instances in a cloud environment. ○ To dynamically assign IP addresses, a Dynamic Host Configuration Protocol (DHCP) server is usually used. ● Automatic Private IP Addressing ○ This feature allows a networked device to self-assign an IP address from the 169.254.0.0/16 network (The IP address is not routable).
Validating Network Configuration 1. IP address and subnet mask a. Use ip addr to configure and monitor network addresses 2. Routing a. Use ip route to configure and monitor routing information 3. Availability of ports and services a. Use ip link to configure and monitor network link state 4. Examples: a. $ ip addr show (or $ip a) b. $ ip link show c. $ ip route show
Ip Assignment Not persistent 1. Use /etc/network/interfaces (ifupdown) 2. Nmcli (desktop) 3. Netplan $ Ip addr add 192.168.50.5 dev eth0 $ ifconfig eth0 192.168.50.5 up (Although net-tools is depricated) persistent
Dynamic Host Configuration Protocol ● First let's talk about Data link layer (2).
The DataLink Layer (1)
DataLink ● Layer 2 ● Responsible for transferring data between two devices on the same network segment ● Is responsible for sensing channel - Carrier Sense Multiple Access (CSMA) ● Detects or avoids collisions - Collision Detection (CD) or Avoidance (CA)
Frame Transmission on a Bus LAN Star Topology
Bridge Operation ● Bridge attaches to both LANs ● Read all frames transmitted on A and accept those addressed to any station on B. ● Using the medium access control protocol for B, retransmit each frame on B.
Broadcast Domain ● Unicast addressing: ○ X send frame to Y ○ X send frame to Z ● Broadcast addressing: ○ X send frame to FF:FF:FF:FF:FF:FF address ! ● The total collection of devices that receive ● broadcast frames from each other is referred to as a broadcast domain ● In many situations, a broadcast frame is used for a purpose, such as network management or the transmission of some type of alert
Two Physical LAN
Two Virtual LAN
Virtual LAN (VLAN) ● VLAN is a logical subgroup within a LAN ● It is created by software rather than by physically moving and separating devices. ● The VLAN logic is implemented in LAN switches and functions at the MAC layer
Trunk ● allow traffic for multiple VLANs to travel over a single connection ● One of the VLANs traveling over an 802.1Q trunk is called a native VLAN . ● to distinguish other VLANs from one another, the remaining VLANs are tagged. ●
Dynamic Host Configuration Protocol ● how does a network device receive its initial IP address assignment? ● One option is to manually configure an IP address on a device. ○ Automation is critical in cloud computing, and manual configuration is time consuming and error prone. ● The most common approach for this auto assignment of IP addresses is Dynamic Host Configuration Protocol (DHCP). ● DHCP can assign a wide variety of other IP parameters, such as a subnet mask, a default gateway and IP address of a DNS server.
D.O.R.A DHCPDISCOVER ● When DHCP client initially boots, it has no IP address… . ● DHCP client send broadcast message to discover DHCP server
D.O.R.A DHCPOFFER ● When a DHCP server receives a DHCPDISCOVER message, it can respond with a unicast DHCPOFFER message. ● DHCPDISCOVER message is sent as a broadcast, more than one DHCP server might respond to this discover request. ● the client typically selects the server that sent the first DHCPOFFER response received by the client.
D.O.R.A DHCPREQUEST ● The DHCP client communicates with this selected server by sending a unicast DHCPREQUEST message asking the DHCP server to provide IP configuration parameters.
D.O.R.A DHCPACK ● The DHCP server responds to the client with a unicast DHCPACK message. ● This DHCPACK message contains a collection of IP configuration parameters.
DHCP Relay Without DHCP relay agent
DHCP Relay With DHCP relay agent
How Packets Move Through a Network
Linux network command-line tools
Linux network command ip - show / manipulate routing, network devices, interfaces and tunnels ● ip address - configure/monitor network addresses ○ $ ip address show <interface> ○ # ip addr add 192.168.50.5 dev ens160 ○ # ip addr del 192.168.50.5/24 dev ens160 ● ip link - configure/monitor network link state ○ $ ip link show ○ # ip link set eth1 up ○ # ip link set eth1 down ● ip route - configure/monitor routing information ○ $ ip route show ○ # ip route add 10.10.20.0/24 via 192.168.50.100 dev eth0 “static route” ○ # ip route del 10.10.20.0/24 ○ # ip route add default via 192.168.50.1
Linux network command ping - send ICMP ECHO_REQUEST to network hosts ● $ ping 8.8.8.8 ● $ ping 8.8.8.8 -c 4 “Stop after sending count ECHO_REQUEST packets.” ● $ ping -t 2 google.com “Time To Live” ○ PING google.com (172.217.18.14) 56(84) bytes of data. ○ From 172.31.13.5 (172.31.13.5) icmp_seq=1 Time to live exceeded ● $ ping google.com ○ PING google.com (172.217.18.14) 56(84) bytes of data. ○ 64 bytes from fra15s28-in-f14.1e100.net (172.217.18.14): icmp_seq=1 ttl=43 time=121 ms
Time To Live
Linux network command traceroute - print the route packets trace to network host ● $ ping -t 1 google.com ○ … Time to live exceeded ● $ ping -t 2 google.com ● $ ping -t 3 google.com ● $ ping -t 4 google.com ● … ● $ ping -t 25 google.com ○ PING google.com (172.217.18.14) 56(84) bytes of data. ○ 64 bytes from fra02s19-in-f14.1e100.net (172.217.18.14): icmp_seq=1 ttl=43 time=123 ms
Linux network command traceroute - print the route packets trace to network host ● traceroute google.com ○ traceroute to google.com (172.217.18.14), 30 hops max, 60 byte packets ○ 1 _gateway (172.16.22.1) 1.065 ms 1.255 ms 1.425 ms ○ 2 172.31.13.5 (172.3.3.5) 1.934 ms 2.270 ms 2.633 ms ○ ... ○ 10 * * * ○ 11 * * * ○ 12 * * * ○ 13 10.201.177.133 (10.201.177.133) 13.441 ms 13.442 ms 13.402 ms ○ ... ○ 19 108.170.240.56 (108.170.240.56) 52.736 ms 108.170.246.118 (108.170.246.118) 52.992 ms 108.170.240.55 (108.170.240.55) 53.057 ms ○ 20 216.239.54.211 (216.239.54.211) 132.193 ms 132.141 ms 216.239.56.13 (216.239.56.13) 130.140 ms ○ 21 72.14.233.132 (72.14.233.132) 122.384 ms 72.14.235.14 (72.14.235.14) 125.581 ms 125.489 ms ○ 22 72.14.239.166 (72.14.239.166) 126.233 ms 108.170.228.254 (108.170.228.254) 137.870 ms 137.551 ms ○ 23 108.170.251.129 (108.170.251.129) 122.273 ms 123.187 ms 123.335 ms ○ 24 74.125.37.125 (74.125.37.125) 124.512 ms 74.125.37.99 (74.125.37.99) 122.331 ms 122.317 ms ○ 25 fra15s28-in-f14.1e100.net (172.217.18.14) 124.916 ms 125.164 ms 124.830 ms
Linux network command traceroute - print the route packets trace to network host ● traceroute google.com ○ traceroute to google.com (172.217.18.14), 30 hops max, 60 byte packets ○ 1 _gateway (172.16.22.1) 1.065 ms 1.255 ms 1.425 ms ○ 2 172.31.13.5 (172.3.3.5) 1.934 ms 2.270 ms 2.633 ms ○ ... ○ 10 * * * ○ 11 * * * ○ 12 * * * ○ 13 10.201.177.133 (10.201.177.133) 13.441 ms 13.442 ms 13.402 ms ○ ... ○ 19 108.170.240.56 (108.170.240.56) 52.736 ms 108.170.246.118 (108.170.246.118) 52.992 ms 108.170.240.55 (108.170.240.55) 53.057 ms ○ 20 216.239.54.211 (216.239.54.211) 132.193 ms 132.141 ms 216.239.56.13 (216.239.56.13) 130.140 ms ○ 21 72.14.233.132 (72.14.233.132) 122.384 ms 72.14.235.14 (72.14.235.14) 125.581 ms 125.489 ms ○ 22 72.14.239.166 (72.14.239.166) 126.233 ms 108.170.228.254 (108.170.228.254) 137.870 ms 137.551 ms ○ 23 108.170.251.129 (108.170.251.129) 122.273 ms 123.187 ms 123.335 ms ○ 24 74.125.37.125 (74.125.37.125) 124.512 ms 74.125.37.99 (74.125.37.99) 122.331 ms 122.317 ms ○ 25 fra15s28-in-f14.1e100.net (172.217.18.14) 124.916 ms 125.164 ms 124.830 ms
Linux network command arp - manipulate the system ARP cache ● $ arp -a ○ ? (172.16.10.44) at 08:01:27:62:9a:8f [ether] on enp0s25 ○ ? (172.16.10.40) at 1c:1b:0d:49:e6:4 [ether] on enp0s25 ● $ arp -d 192.168.10.11 “delete a ARP table entry” ● ip -s -s neigh flush all “clear the arp cache” ○ 172.16.10.44 dev enp0s25 lladdr 08:00:23:62:9a:8f used 460/456/412 probes 1 STALE ○ 172.16.10.40 dev enp0s25 lladdr 10:8b:0d:39:e6:a4 used 44420/44418/44378 probes 1 STALE
Linux network command netstat - Print network connections, routing tables, interface statistics ● $ netstat -a | more “ Show listening and non-listening sockets.” ● $ netstat -at “ List all TCP ports” ● $ netstat -au “List all UDP ports” ● $ netstat -l “List only the listening ports” ● $ netstat -lt “List only listening TCP ports” ● $ netstat -lu “List only listening UDP ports” ● $ netstat -i “List network interfaces” ● $ netstat -ie “did you miss ifconfig ;) “ ● $ netstat -r “host’s IP routing table ”
Linux network command netstat - ● Which process is using a particular port: ○ # netstat -an | grep “:80” ● The port on which a program is running: ○ # netstat -ap | grep ssh ● Netstat retrieves information about the networking subsystem from the /proc/net file system. ● /proc/net/dev “device information” ● /proc/net/tcp “TCP socket information” ● /proc/net/unix “Unix domain socket information”
Linux network command tcpdump - prints out a description of the contents of packets on a network interface (A Network Sniffer Tool) ● # tcpdump -i eth0 ● # tcpdump -w myfile.pcap -i eth0 “Capture and Save Packets in a File” ● # tcpdump -r myfile.pcap -i eth0 “Read Captured Packets File” ● # tcpdump -n -i eth0 “Capture IP address Packets” ● # tcpdump -i eth0 tcp “Capture TCP Packets” ● # tcpdump -i eth0 port 22 “Capture from Specific Port” ● # tcpdump -i eth0 src/dst 1.2.3.4 “Capture from source/destination IP” ● # tcpdump -i eth0 src 1.2.3.4 and port not 22 “Do not capture specific port” ●
Linux network command nmap - Network exploration tool and security / port scanner ● Basic Scan {ip, host} ○ $ nmap google.com ○ $ nmap 8.8.8.8 ● Scan specific/entire ports ○ $ nmap -p 1-65535 localhost ○ $ nmap -p 1-1000 google.com ○ $ nmap -p 80,443 google.com ● Scan IP ranges ○ $ nmap -p 80 8.8.8.0/28 ○ $ nmap -p 80 8.8.8.1-100 ● Scan most polular ports ○ $ nmap --top-ports 5 8.8.8.8 ● Disable DNS name resolution ○ Nmap -p 80 -n 8.8.8.8 ● Scan TCP or UDP protocols ○ $ nmap -sT google.com ○ # nmap -sU google.com ● Detect service/daemon versions ○ Nmap -sV localhost
What does that command-line mean? 1. Google it. 2. Manual pages 3. http://explainshell.com →>
Network security Packet Filtering with iptables
Iptable Concepts TABLES 1. Filter:Role is packet filtering a. default & main table 2. NAT: Role is Netwrok Address Translation 3. Mangle: Role is Modify IP Headers CHAINS Iptables places rules into predefined chains 1. Pre-routing 2. Input 3. Forward 4. Output 5. Post-routing RULES ● User defined commands to manipulate network traffic: ● For example: ○ Iptables -A INPUT -s 15.1.1.2 -j DROP
Iptables Structure
Iptables Process Flow
Targets and Jumps ● ACCEPT: allowed. Stops further processing ● DROP: Drops. Stop further Processing ● REJECT: like the DROP target, but will also return an error mesage to the host sending the packet ● LOG: Logs to syslog, Continue Procesing next rule ● ...
General iptables command switch ● -t <table> : {filter, nat, mangle} ● -j <target>: choose the actions {ACCEPT, DROP … } ● -F : delete all the rules of the chain ● -p <protocol-type>: {tcp, udp, icmp} ● -s <ip-address>: source ip address ● -d <ip-address>: destination ip address ● -i <interface-name>: input interface ● -o <interface-name>: output interface
Iptables -t[table] -OPTIONS[CHAIN] [matching component] [Action component] Filter NAT Mangle INPUT, FORWARD, OUTPUT Pre-routing, post-routing, output Pre-routing, post-routing, forward, output, input Options: A:append, I:insert, D:delete, L:list, F: flush, -P: policy p - Protocol s - Source IP d - Dest IP i - IN Interface o - OUT Interface ACCEPT DROP REJECT LOG
Writing a Simple Rule Set Stateful Packet Inspection (SPI) Allow all outgoing connections but block all unwanted incoming connections 1. # iptables -P INPUT ACCEPT 2. # iptables -F 3. # iptables -A INPUT -i lo -j ACCEPT 4. # iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT 5. # iptables -A INPUT -p tcp --dport 22 -j ACCEPT 6. # iptables -P INPUT DROP 7. # iptables -P FORWARD DROP 8. # iptables -P OUTPUT ACCEPT 9. # iptables -L -v
1. If connecting remotely we must first temporarily set the default policy on the INPUT chain to ACCEPT otherwise once we flush the current rules we will be locked out of our server. 2. We used the -F switch to flush all existing rules so we start with a clean state from which to add new rules. 3. Append (-A) to INPUT chain the Acceptance of incoming packet to the loopback interface 4. The state module (-m state) determine if packet is ESTABLISHED or RELATED. ESTABLISHED and RELATED refers to incoming packets that are part of an already established connection or related to and already established connection. (what if we added NEW too ;) ) 5. Here we add a rule allowing SSH connections over tcp port 22. 6. The -P switch sets the default policy on the specified chain. 7. we've set the default policy on the FORWARD chain to DROP as we're not using our computer as a router so there should not be any packets passing through our computer. 8. set the default policy on the OUTPUT chain to ACCEPT as we want to allow all outgoing traffic (as we trust our users). 9. Finally, we can list (-L) the rules we've just added to check they've been loaded correctly.
End of first session Q&A

Recommended

linux monitoring and performance tunning
linux monitoring and performance tunning linux monitoring and performance tunning
linux monitoring and performance tunning
iman darabi
 
Linux monitoring and Troubleshooting for DBA's
Linux monitoring and Troubleshooting for DBA'sLinux monitoring and Troubleshooting for DBA's
Linux monitoring and Troubleshooting for DBA's
Mydbops
 
Linux Network Stack
Linux Network StackLinux Network Stack
Linux Network Stack
Adrien Mahieux
 
VLANs in the Linux Kernel
VLANs in the Linux KernelVLANs in the Linux Kernel
VLANs in the Linux Kernel
Kernel TLV
 
Linux Process & CF scheduling
Linux Process & CF schedulingLinux Process & CF scheduling
Linux Process & CF schedulingSangJung Woo
 
Linux kernel
Linux kernelLinux kernel
Linux kernel
Mahmoud Shiri Varamini
 
Staging driver sins
Staging driver sinsStaging driver sins
Staging driver sins
Stephen Hemminger
 
Understanding DPDK
Understanding DPDKUnderstanding DPDK
Understanding DPDK
Denys Haryachyy
 

Recommended

linux monitoring and performance tunning
linux monitoring and performance tunning linux monitoring and performance tunning
linux monitoring and performance tunning
iman darabi
 
Linux monitoring and Troubleshooting for DBA's
Linux monitoring and Troubleshooting for DBA'sLinux monitoring and Troubleshooting for DBA's
Linux monitoring and Troubleshooting for DBA's
Mydbops
 
Linux Network Stack
Linux Network StackLinux Network Stack
Linux Network Stack
Adrien Mahieux
 
VLANs in the Linux Kernel
VLANs in the Linux KernelVLANs in the Linux Kernel
VLANs in the Linux Kernel
Kernel TLV
 
Linux Process & CF scheduling
Linux Process & CF schedulingLinux Process & CF scheduling
Linux Process & CF schedulingSangJung Woo
 
Linux kernel
Linux kernelLinux kernel
Linux kernel
Mahmoud Shiri Varamini
 
Staging driver sins
Staging driver sinsStaging driver sins
Staging driver sins
Stephen Hemminger
 
Understanding DPDK
Understanding DPDKUnderstanding DPDK
Understanding DPDK
Denys Haryachyy
 
Fun with FUSE
Fun with FUSEFun with FUSE
Fun with FUSE
Kernel TLV
 
How to-mount-3 par-san-virtual-copy-onto-rhel-servers-by-Dusan-Baljevic
How to-mount-3 par-san-virtual-copy-onto-rhel-servers-by-Dusan-BaljevicHow to-mount-3 par-san-virtual-copy-onto-rhel-servers-by-Dusan-Baljevic
How to-mount-3 par-san-virtual-copy-onto-rhel-servers-by-Dusan-Baljevic
Circling Cycle
 
Recent advance in netmap/VALE(mSwitch)
Recent advance in netmap/VALE(mSwitch)Recent advance in netmap/VALE(mSwitch)
Recent advance in netmap/VALE(mSwitch)micchie
 
Performance Lessons learned in vRouter - Stephen Hemminger
Performance Lessons learned in vRouter - Stephen HemmingerPerformance Lessons learned in vRouter - Stephen Hemminger
Performance Lessons learned in vRouter - Stephen Hemminger
harryvanhaaren
 
How to Speak Intel DPDK KNI for Web Services.
How to Speak Intel DPDK KNI for Web Services.How to Speak Intel DPDK KNI for Web Services.
How to Speak Intel DPDK KNI for Web Services.
Naoto MATSUMOTO
 
TRex Realistic Traffic Generator - Stateless support
TRex Realistic Traffic Generator - Stateless support TRex Realistic Traffic Generator - Stateless support
TRex Realistic Traffic Generator - Stateless support
Hanoch Haim
 
Intel DPDK Step by Step instructions
Intel DPDK Step by Step instructionsIntel DPDK Step by Step instructions
Intel DPDK Step by Step instructions
Hisaki Ohara
 
FreeBSD and Drivers
FreeBSD and DriversFreeBSD and Drivers
FreeBSD and Drivers
Kernel TLV
 
Enable DPDK and SR-IOV for containerized virtual network functions with zun
Enable DPDK and SR-IOV for containerized virtual network functions with zunEnable DPDK and SR-IOV for containerized virtual network functions with zun
Enable DPDK and SR-IOV for containerized virtual network functions with zun
heut2008
 
Unix and Linux Common Boot Disk Disaster Recovery Tools by Dusan Baljevic
Unix and Linux Common Boot Disk Disaster Recovery Tools by Dusan BaljevicUnix and Linux Common Boot Disk Disaster Recovery Tools by Dusan Baljevic
Unix and Linux Common Boot Disk Disaster Recovery Tools by Dusan Baljevic
Circling Cycle
 
Building Network Functions with eBPF & BCC
Building Network Functions with eBPF & BCCBuilding Network Functions with eBPF & BCC
Building Network Functions with eBPF & BCC
Kernel TLV
 
Packet Framework - Cristian Dumitrescu
Packet Framework - Cristian DumitrescuPacket Framework - Cristian Dumitrescu
Packet Framework - Cristian Dumitrescu
harryvanhaaren
 
Kernel Recipes 2015: Solving the Linux storage scalability bottlenecks
Kernel Recipes 2015: Solving the Linux storage scalability bottlenecksKernel Recipes 2015: Solving the Linux storage scalability bottlenecks
Kernel Recipes 2015: Solving the Linux storage scalability bottlenecks
Anne Nicolas
 
The linux networking architecture
The linux networking architectureThe linux networking architecture
The linux networking architecturehugo lu
 
System performance monitoring pcp + vector
System performance monitoring pcp + vectorSystem performance monitoring pcp + vector
System performance monitoring pcp + vector
Sandeep Kunkunuru
 
Speeding up ps and top
Speeding up ps and topSpeeding up ps and top
Speeding up ps and top
Kirill Kolyshkin
 
OpenvSwitch Deep Dive
OpenvSwitch Deep DiveOpenvSwitch Deep Dive
OpenvSwitch Deep Dive
rajdeep
 
DPDK in Containers Hands-on Lab
DPDK in Containers Hands-on LabDPDK in Containers Hands-on Lab
DPDK in Containers Hands-on Lab
Michelle Holley
 
Dpdk performance
Dpdk performanceDpdk performance
Dpdk performance
Stephen Hemminger
 
Dev Conf 2017 - Meeting nfv networking requirements
Dev Conf 2017 - Meeting nfv networking requirementsDev Conf 2017 - Meeting nfv networking requirements
Dev Conf 2017 - Meeting nfv networking requirements
Flavio Leitner
 
R bernardino hand_in_assignment_week_1
R bernardino hand_in_assignment_week_1R bernardino hand_in_assignment_week_1
R bernardino hand_in_assignment_week_1Raul Bernardino, BSc MSc
 
Routing fundamentals with mikrotik
Routing fundamentals with mikrotikRouting fundamentals with mikrotik
Routing fundamentals with mikrotik
Achmad Mardiansyah
 

More Related Content

What's hot

Fun with FUSE
Fun with FUSEFun with FUSE
Fun with FUSE
Kernel TLV
 
How to-mount-3 par-san-virtual-copy-onto-rhel-servers-by-Dusan-Baljevic
How to-mount-3 par-san-virtual-copy-onto-rhel-servers-by-Dusan-BaljevicHow to-mount-3 par-san-virtual-copy-onto-rhel-servers-by-Dusan-Baljevic
How to-mount-3 par-san-virtual-copy-onto-rhel-servers-by-Dusan-Baljevic
Circling Cycle
 
Recent advance in netmap/VALE(mSwitch)
Recent advance in netmap/VALE(mSwitch)Recent advance in netmap/VALE(mSwitch)
Recent advance in netmap/VALE(mSwitch)micchie
 
Performance Lessons learned in vRouter - Stephen Hemminger
Performance Lessons learned in vRouter - Stephen HemmingerPerformance Lessons learned in vRouter - Stephen Hemminger
Performance Lessons learned in vRouter - Stephen Hemminger
harryvanhaaren
 
How to Speak Intel DPDK KNI for Web Services.
How to Speak Intel DPDK KNI for Web Services.How to Speak Intel DPDK KNI for Web Services.
How to Speak Intel DPDK KNI for Web Services.
Naoto MATSUMOTO
 
TRex Realistic Traffic Generator - Stateless support
TRex Realistic Traffic Generator - Stateless support TRex Realistic Traffic Generator - Stateless support
TRex Realistic Traffic Generator - Stateless support
Hanoch Haim
 
Intel DPDK Step by Step instructions
Intel DPDK Step by Step instructionsIntel DPDK Step by Step instructions
Intel DPDK Step by Step instructions
Hisaki Ohara
 
FreeBSD and Drivers
FreeBSD and DriversFreeBSD and Drivers
FreeBSD and Drivers
Kernel TLV
 
Enable DPDK and SR-IOV for containerized virtual network functions with zun
Enable DPDK and SR-IOV for containerized virtual network functions with zunEnable DPDK and SR-IOV for containerized virtual network functions with zun
Enable DPDK and SR-IOV for containerized virtual network functions with zun
heut2008
 
Unix and Linux Common Boot Disk Disaster Recovery Tools by Dusan Baljevic
Unix and Linux Common Boot Disk Disaster Recovery Tools by Dusan BaljevicUnix and Linux Common Boot Disk Disaster Recovery Tools by Dusan Baljevic
Unix and Linux Common Boot Disk Disaster Recovery Tools by Dusan Baljevic
Circling Cycle
 
Building Network Functions with eBPF & BCC
Building Network Functions with eBPF & BCCBuilding Network Functions with eBPF & BCC
Building Network Functions with eBPF & BCC
Kernel TLV
 
Packet Framework - Cristian Dumitrescu
Packet Framework - Cristian DumitrescuPacket Framework - Cristian Dumitrescu
Packet Framework - Cristian Dumitrescu
harryvanhaaren
 
Kernel Recipes 2015: Solving the Linux storage scalability bottlenecks
Kernel Recipes 2015: Solving the Linux storage scalability bottlenecksKernel Recipes 2015: Solving the Linux storage scalability bottlenecks
Kernel Recipes 2015: Solving the Linux storage scalability bottlenecks
Anne Nicolas
 
The linux networking architecture
The linux networking architectureThe linux networking architecture
The linux networking architecturehugo lu
 
System performance monitoring pcp + vector
System performance monitoring pcp + vectorSystem performance monitoring pcp + vector
System performance monitoring pcp + vector
Sandeep Kunkunuru
 
Speeding up ps and top
Speeding up ps and topSpeeding up ps and top
Speeding up ps and top
Kirill Kolyshkin
 
OpenvSwitch Deep Dive
OpenvSwitch Deep DiveOpenvSwitch Deep Dive
OpenvSwitch Deep Dive
rajdeep
 
DPDK in Containers Hands-on Lab
DPDK in Containers Hands-on LabDPDK in Containers Hands-on Lab
DPDK in Containers Hands-on Lab
Michelle Holley
 
Dpdk performance
Dpdk performanceDpdk performance
Dpdk performance
Stephen Hemminger
 
Dev Conf 2017 - Meeting nfv networking requirements
Dev Conf 2017 - Meeting nfv networking requirementsDev Conf 2017 - Meeting nfv networking requirements
Dev Conf 2017 - Meeting nfv networking requirements
Flavio Leitner
 

What's hot (20)

Fun with FUSE
Fun with FUSEFun with FUSE
Fun with FUSE
 
How to-mount-3 par-san-virtual-copy-onto-rhel-servers-by-Dusan-Baljevic
How to-mount-3 par-san-virtual-copy-onto-rhel-servers-by-Dusan-BaljevicHow to-mount-3 par-san-virtual-copy-onto-rhel-servers-by-Dusan-Baljevic
How to-mount-3 par-san-virtual-copy-onto-rhel-servers-by-Dusan-Baljevic
 
Recent advance in netmap/VALE(mSwitch)
Recent advance in netmap/VALE(mSwitch)Recent advance in netmap/VALE(mSwitch)
Recent advance in netmap/VALE(mSwitch)
 
Performance Lessons learned in vRouter - Stephen Hemminger
Performance Lessons learned in vRouter - Stephen HemmingerPerformance Lessons learned in vRouter - Stephen Hemminger
Performance Lessons learned in vRouter - Stephen Hemminger
 
How to Speak Intel DPDK KNI for Web Services.
How to Speak Intel DPDK KNI for Web Services.How to Speak Intel DPDK KNI for Web Services.
How to Speak Intel DPDK KNI for Web Services.
 
TRex Realistic Traffic Generator - Stateless support
TRex Realistic Traffic Generator - Stateless support TRex Realistic Traffic Generator - Stateless support
TRex Realistic Traffic Generator - Stateless support
 
Intel DPDK Step by Step instructions
Intel DPDK Step by Step instructionsIntel DPDK Step by Step instructions
Intel DPDK Step by Step instructions
 
FreeBSD and Drivers
FreeBSD and DriversFreeBSD and Drivers
FreeBSD and Drivers
 
Enable DPDK and SR-IOV for containerized virtual network functions with zun
Enable DPDK and SR-IOV for containerized virtual network functions with zunEnable DPDK and SR-IOV for containerized virtual network functions with zun
Enable DPDK and SR-IOV for containerized virtual network functions with zun
 
Unix and Linux Common Boot Disk Disaster Recovery Tools by Dusan Baljevic
Unix and Linux Common Boot Disk Disaster Recovery Tools by Dusan BaljevicUnix and Linux Common Boot Disk Disaster Recovery Tools by Dusan Baljevic
Unix and Linux Common Boot Disk Disaster Recovery Tools by Dusan Baljevic
 
Building Network Functions with eBPF & BCC
Building Network Functions with eBPF & BCCBuilding Network Functions with eBPF & BCC
Building Network Functions with eBPF & BCC
 
Packet Framework - Cristian Dumitrescu
Packet Framework - Cristian DumitrescuPacket Framework - Cristian Dumitrescu
Packet Framework - Cristian Dumitrescu
 
Kernel Recipes 2015: Solving the Linux storage scalability bottlenecks
Kernel Recipes 2015: Solving the Linux storage scalability bottlenecksKernel Recipes 2015: Solving the Linux storage scalability bottlenecks
Kernel Recipes 2015: Solving the Linux storage scalability bottlenecks
 
The linux networking architecture
The linux networking architectureThe linux networking architecture
The linux networking architecture
 
System performance monitoring pcp + vector
System performance monitoring pcp + vectorSystem performance monitoring pcp + vector
System performance monitoring pcp + vector
 
Speeding up ps and top
Speeding up ps and topSpeeding up ps and top
Speeding up ps and top
 
OpenvSwitch Deep Dive
OpenvSwitch Deep DiveOpenvSwitch Deep Dive
OpenvSwitch Deep Dive
 
DPDK in Containers Hands-on Lab
DPDK in Containers Hands-on LabDPDK in Containers Hands-on Lab
DPDK in Containers Hands-on Lab
 
Dpdk performance
Dpdk performanceDpdk performance
Dpdk performance
 
Dev Conf 2017 - Meeting nfv networking requirements
Dev Conf 2017 - Meeting nfv networking requirementsDev Conf 2017 - Meeting nfv networking requirements
Dev Conf 2017 - Meeting nfv networking requirements
 

Similar to packet traveling (pre cloud)

Routing fundamentals with mikrotik
Routing fundamentals with mikrotikRouting fundamentals with mikrotik
Routing fundamentals with mikrotik
Achmad Mardiansyah
 
Network
NetworkNetwork
Network
Hideo Amezawa
 
Best Current Practice (BCP) 38 Ingress Filtering for Security
Best Current Practice (BCP) 38 Ingress Filtering for SecurityBest Current Practice (BCP) 38 Ingress Filtering for Security
Best Current Practice (BCP) 38 Ingress Filtering for Security
GLC Networks
 
05 module managing your network enviornment
05 module managing your network enviornment05 module managing your network enviornment
05 module managing your network enviornmentAsif
 
Linux network tools (Maarten Blomme)
Linux network tools (Maarten Blomme)Linux network tools (Maarten Blomme)
Linux network tools (Maarten Blomme)
Avansa Mid- en Zuidwest
 
Fun with Network Interfaces
Fun with Network InterfacesFun with Network Interfaces
Fun with Network Interfaces
Kernel TLV
 
Zdalna komunikacja sieciowa - zagadnienia sieciowe
Zdalna komunikacja sieciowa - zagadnienia sieciowe Zdalna komunikacja sieciowa - zagadnienia sieciowe
Zdalna komunikacja sieciowa - zagadnienia sieciowe
Agnieszka Kuba
 
IP Concept in LTE
IP Concept in LTEIP Concept in LTE
IP Concept in LTESofian .
 
Saad baig practical file
Saad baig practical fileSaad baig practical file
Saad baig practical file
SaadBaig33
 
Banog meetup August 30th, network device property as code
Banog meetup August 30th, network device property as codeBanog meetup August 30th, network device property as code
Banog meetup August 30th, network device property as code
Damien Garros
 
Training Day Slides
Training Day SlidesTraining Day Slides
Training Day Slides
adam_merritt
 
Mikrotik IP Settings For Performance and Security
Mikrotik IP Settings For Performance and SecurityMikrotik IP Settings For Performance and Security
Mikrotik IP Settings For Performance and Security
GLC Networks
 
Linux Systems Prograramming: Unix Domain, Internet Domain (TCP, UDP) Socket P...
Linux Systems Prograramming: Unix Domain, Internet Domain (TCP, UDP) Socket P...Linux Systems Prograramming: Unix Domain, Internet Domain (TCP, UDP) Socket P...
Linux Systems Prograramming: Unix Domain, Internet Domain (TCP, UDP) Socket P...
RashidFaridChishti
 
Computer network
Computer networkComputer network
Computer network
Gaurav Rawat
 
14 network tools
14 network tools14 network tools
14 network tools
Shay Cohen
 
Networking basics
Networking basicsNetworking basics
Networking basics
Sridhar Baithi
 
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
idsecconf
 
IPAddressing .pptx
IPAddressing .pptxIPAddressing .pptx
IPAddressing .pptx
karthikvcyber
 

Similar to packet traveling (pre cloud) (20)

R bernardino hand_in_assignment_week_1
R bernardino hand_in_assignment_week_1R bernardino hand_in_assignment_week_1
R bernardino hand_in_assignment_week_1
 
Routing fundamentals with mikrotik
Routing fundamentals with mikrotikRouting fundamentals with mikrotik
Routing fundamentals with mikrotik
 
Network
NetworkNetwork
Network
 
class12_Networking2
class12_Networking2class12_Networking2
class12_Networking2
 
Best Current Practice (BCP) 38 Ingress Filtering for Security
Best Current Practice (BCP) 38 Ingress Filtering for SecurityBest Current Practice (BCP) 38 Ingress Filtering for Security
Best Current Practice (BCP) 38 Ingress Filtering for Security
 
05 module managing your network enviornment
05 module managing your network enviornment05 module managing your network enviornment
05 module managing your network enviornment
 
Linux network tools (Maarten Blomme)
Linux network tools (Maarten Blomme)Linux network tools (Maarten Blomme)
Linux network tools (Maarten Blomme)
 
Fun with Network Interfaces
Fun with Network InterfacesFun with Network Interfaces
Fun with Network Interfaces
 
Zdalna komunikacja sieciowa - zagadnienia sieciowe
Zdalna komunikacja sieciowa - zagadnienia sieciowe Zdalna komunikacja sieciowa - zagadnienia sieciowe
Zdalna komunikacja sieciowa - zagadnienia sieciowe
 
IP Concept in LTE
IP Concept in LTEIP Concept in LTE
IP Concept in LTE
 
Saad baig practical file
Saad baig practical fileSaad baig practical file
Saad baig practical file
 
Banog meetup August 30th, network device property as code
Banog meetup August 30th, network device property as codeBanog meetup August 30th, network device property as code
Banog meetup August 30th, network device property as code
 
Training Day Slides
Training Day SlidesTraining Day Slides
Training Day Slides
 
Mikrotik IP Settings For Performance and Security
Mikrotik IP Settings For Performance and SecurityMikrotik IP Settings For Performance and Security
Mikrotik IP Settings For Performance and Security
 
Linux Systems Prograramming: Unix Domain, Internet Domain (TCP, UDP) Socket P...
Linux Systems Prograramming: Unix Domain, Internet Domain (TCP, UDP) Socket P...Linux Systems Prograramming: Unix Domain, Internet Domain (TCP, UDP) Socket P...
Linux Systems Prograramming: Unix Domain, Internet Domain (TCP, UDP) Socket P...
 
Computer network
Computer networkComputer network
Computer network
 
14 network tools
14 network tools14 network tools
14 network tools
 
Networking basics
Networking basicsNetworking basics
Networking basics
 
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
Information Theft: Wireless Router Shareport for Phun and profit - Hero Suhar...
 
IPAddressing .pptx
IPAddressing .pptxIPAddressing .pptx
IPAddressing .pptx
 

Recently uploaded

ML for identifying fraud using open blockchain data.pptx
ML for identifying fraud using open blockchain data.pptxML for identifying fraud using open blockchain data.pptx
ML for identifying fraud using open blockchain data.pptx
Vijay Dialani, PhD
 
一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单专业办理
一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单专业办理一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单专业办理
一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单专业办理
zwunae
 
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptx
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptxCFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptx
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptx
R&R Consult
 
road safety engineering r s e unit 3.pdf
road safety engineering r s e unit 3.pdfroad safety engineering r s e unit 3.pdf
road safety engineering r s e unit 3.pdf
VENKATESHvenky89705
 
Immunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary AttacksImmunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary Attacks
gerogepatton
 
WATER CRISIS and its solutions-pptx 1234
WATER CRISIS and its solutions-pptx 1234WATER CRISIS and its solutions-pptx 1234
WATER CRISIS and its solutions-pptx 1234
AafreenAbuthahir2
 
AKS UNIVERSITY Satna Final Year Project By OM Hardaha.pdf
AKS UNIVERSITY Satna Final Year Project By OM Hardaha.pdfAKS UNIVERSITY Satna Final Year Project By OM Hardaha.pdf
AKS UNIVERSITY Satna Final Year Project By OM Hardaha.pdf
SamSarthak3
 
The Benefits and Techniques of Trenchless Pipe Repair.pdf
The Benefits and Techniques of Trenchless Pipe Repair.pdfThe Benefits and Techniques of Trenchless Pipe Repair.pdf
The Benefits and Techniques of Trenchless Pipe Repair.pdf
Pipe Restoration Solutions
 
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
Dr.Costas Sachpazis
 
Final project report on grocery store management system..pdf
Final project report on grocery store management system..pdfFinal project report on grocery store management system..pdf
Final project report on grocery store management system..pdf
Kamal Acharya
 
H.Seo, ICLR 2024, MLILAB, KAIST AI.pdf
H.Seo, ICLR 2024, MLILAB, KAIST AI.pdfH.Seo, ICLR 2024, MLILAB, KAIST AI.pdf
H.Seo, ICLR 2024, MLILAB, KAIST AI.pdf
MLILAB
 
space technology lecture notes on satellite
space technology lecture notes on satellitespace technology lecture notes on satellite
space technology lecture notes on satellite
ongomchris
 
Hierarchical Digital Twin of a Naval Power System
Hierarchical Digital Twin of a Naval Power SystemHierarchical Digital Twin of a Naval Power System
Hierarchical Digital Twin of a Naval Power System
Kerry Sado
 
Runway Orientation Based on the Wind Rose Diagram.pptx
Runway Orientation Based on the Wind Rose Diagram.pptxRunway Orientation Based on the Wind Rose Diagram.pptx
Runway Orientation Based on the Wind Rose Diagram.pptx
SupreethSP4
 
power quality voltage fluctuation UNIT - I.pptx
power quality voltage fluctuation UNIT - I.pptxpower quality voltage fluctuation UNIT - I.pptx
power quality voltage fluctuation UNIT - I.pptx
ViniHema
 
HYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generationHYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generation
Robbie Edward Sayers
 
Cosmetic shop management system project report.pdf
Cosmetic shop management system project report.pdfCosmetic shop management system project report.pdf
Cosmetic shop management system project report.pdf
Kamal Acharya
 
CME397 Surface Engineering- Professional Elective
CME397 Surface Engineering- Professional ElectiveCME397 Surface Engineering- Professional Elective
CME397 Surface Engineering- Professional Elective
karthi keyan
 
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
thanhdowork
 
Architectural Portfolio Sean Lockwood
Architectural Portfolio Sean LockwoodArchitectural Portfolio Sean Lockwood
Architectural Portfolio Sean Lockwood
seandesed
 

Recently uploaded (20)

ML for identifying fraud using open blockchain data.pptx
ML for identifying fraud using open blockchain data.pptxML for identifying fraud using open blockchain data.pptx
ML for identifying fraud using open blockchain data.pptx
 
一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单专业办理
一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单专业办理一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单专业办理
一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单专业办理
 
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptx
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptxCFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptx
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptx
 
road safety engineering r s e unit 3.pdf
road safety engineering r s e unit 3.pdfroad safety engineering r s e unit 3.pdf
road safety engineering r s e unit 3.pdf
 
Immunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary AttacksImmunizing Image Classifiers Against Localized Adversary Attacks
Immunizing Image Classifiers Against Localized Adversary Attacks
 
WATER CRISIS and its solutions-pptx 1234
WATER CRISIS and its solutions-pptx 1234WATER CRISIS and its solutions-pptx 1234
WATER CRISIS and its solutions-pptx 1234
 
AKS UNIVERSITY Satna Final Year Project By OM Hardaha.pdf
AKS UNIVERSITY Satna Final Year Project By OM Hardaha.pdfAKS UNIVERSITY Satna Final Year Project By OM Hardaha.pdf
AKS UNIVERSITY Satna Final Year Project By OM Hardaha.pdf
 
The Benefits and Techniques of Trenchless Pipe Repair.pdf
The Benefits and Techniques of Trenchless Pipe Repair.pdfThe Benefits and Techniques of Trenchless Pipe Repair.pdf
The Benefits and Techniques of Trenchless Pipe Repair.pdf
 
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
 
Final project report on grocery store management system..pdf
Final project report on grocery store management system..pdfFinal project report on grocery store management system..pdf
Final project report on grocery store management system..pdf
 
H.Seo, ICLR 2024, MLILAB, KAIST AI.pdf
H.Seo, ICLR 2024, MLILAB, KAIST AI.pdfH.Seo, ICLR 2024, MLILAB, KAIST AI.pdf
H.Seo, ICLR 2024, MLILAB, KAIST AI.pdf
 
space technology lecture notes on satellite
space technology lecture notes on satellitespace technology lecture notes on satellite
space technology lecture notes on satellite
 
Hierarchical Digital Twin of a Naval Power System
Hierarchical Digital Twin of a Naval Power SystemHierarchical Digital Twin of a Naval Power System
Hierarchical Digital Twin of a Naval Power System
 
Runway Orientation Based on the Wind Rose Diagram.pptx
Runway Orientation Based on the Wind Rose Diagram.pptxRunway Orientation Based on the Wind Rose Diagram.pptx
Runway Orientation Based on the Wind Rose Diagram.pptx
 
power quality voltage fluctuation UNIT - I.pptx
power quality voltage fluctuation UNIT - I.pptxpower quality voltage fluctuation UNIT - I.pptx
power quality voltage fluctuation UNIT - I.pptx
 
HYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generationHYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generation
 
Cosmetic shop management system project report.pdf
Cosmetic shop management system project report.pdfCosmetic shop management system project report.pdf
Cosmetic shop management system project report.pdf
 
CME397 Surface Engineering- Professional Elective
CME397 Surface Engineering- Professional ElectiveCME397 Surface Engineering- Professional Elective
CME397 Surface Engineering- Professional Elective
 
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
 
Architectural Portfolio Sean Lockwood
Architectural Portfolio Sean LockwoodArchitectural Portfolio Sean Lockwood
Architectural Portfolio Sean Lockwood
 

packet traveling (pre cloud)

  • 1. Packet Traveling preCloud Feb 21, 2020 “Iman darabi” <iman.darabi@gmail.com>
  • 2. Materials ● OSI model ● The Network Layer ● The Datalink Layer ● Linux network command-line tools ● Network security
  • 3. 15min ● OSI model ● Concepts of packet travel 45min ● The Network Layer 45min ● The Datalink Layer 60 mins ● Linux network command-line tools 40 mins ● Network security
  • 5.
  • 6. 1. Directly interacts with data from user 2. Softwares like web browsers rely on the application layer to initiate communications. 3. Softwares work with protocols like HTTP and SMTP to transfer data over network. Ref: http://cloudflare.com 7 ->
  • 7. 1. Prepare data so that it can be used by the application layer 2. Encryption and compression for example. Ref: http://cloudflare.com 6 ->
  • 8. 1. The time between when the communication is opened and closed is known as the session. 2. Synchronization - add check points ( synchronization points ) into stream of data. Ref: http://cloudflare.com 5 ->
  • 9. 1. Reassembling the segments into data the session layer can consume. 2. Flow control and error control for inter-network communication. Ref: http://cloudflare.com 4 ->
  • 10. 1. Faciliating data transfer between two diffrent networks. Ref: http://cloudflare.com 3 ->
  • 11. 1. Facilitate data transfer between two devices on the SAME network. 2. Flow control and error control in intra-network communication. Ref: http://cloudflare.com 2 ->
  • 12. 1. This layer is : 101110101011101010110101011111100001 0101101010101010101 ;) Ref: http://cloudflare.com 1 ->
  • 13.
  • 15. LAN Protocols Data and Computer Communications (William Stallings)
  • 17. Internet Protocol ● IP addresses were assigned to computers and routers ( computer ~ node ). ● Every IP address belongs to a specific network. ● Routers are used to connect networks. ● Public IP address, allow device to direct access over the Internet (5.9.201.150). ● Private IP address, is the address space allocated by InterNIC to allow organizations to create their own private network. ○ 10.0.0.0/8 ( a single Class A network) ○ 172.16.0.0/12 (16 Class B networks) ○ 192.168.0.0/16 (256 Class C networks) ● private nodes cannot directly communicate with public networks, but require Network Address Translation at a routing gateway for this purpose.
  • 19. Network Masks ● The subnet mask defines which part of the network address indicates the network and which part indicates the node. ● Example: ○ Address: 192.168.10.100 11000000.10101000.00001010 .01100100 ○ Netmask: 255.255.255.0 = 24 11111111.11111111.11111111 .00000000 ○ Network: 192.168.10.0/24 11000000.10101000.00001010 .00000000 (Class C) ○ Broadcast: 192.168.10.255 11000000.10101000.00001010 .11111111 ○ HostMin: 192.168.10.1 11000000.10101000.00001010 .00000001 ○ HostMax: 192.168.10.254 11000000.10101000.00001010 .11111110
  • 20. Managing Network Addresses and Interfaces ● Fixed IP addresses: ○ Useful for servers that always need to be available at the same IP address. ● Dynamically assigned IP addresses: ○ Useful for end-users devices, and for instances in a cloud environment. ○ To dynamically assign IP addresses, a Dynamic Host Configuration Protocol (DHCP) server is usually used. ● Automatic Private IP Addressing ○ This feature allows a networked device to self-assign an IP address from the 169.254.0.0/16 network (The IP address is not routable).
  • 21. Validating Network Configuration 1. IP address and subnet mask a. Use ip addr to configure and monitor network addresses 2. Routing a. Use ip route to configure and monitor routing information 3. Availability of ports and services a. Use ip link to configure and monitor network link state 4. Examples: a. $ ip addr show (or $ip a) b. $ ip link show c. $ ip route show
  • 22. Ip Assignment Not persistent 1. Use /etc/network/interfaces (ifupdown) 2. Nmcli (desktop) 3. Netplan $ Ip addr add 192.168.50.5 dev eth0 $ ifconfig eth0 192.168.50.5 up (Although net-tools is depricated) persistent
  • 23. Dynamic Host Configuration Protocol ● First let's talk about Data link layer (2).
  • 25. DataLink ● Layer 2 ● Responsible for transferring data between two devices on the same network segment ● Is responsible for sensing channel - Carrier Sense Multiple Access (CSMA) ● Detects or avoids collisions - Collision Detection (CD) or Avoidance (CA)
  • 26. Frame Transmission on a Bus LAN Star Topology
  • 27. Bridge Operation ● Bridge attaches to both LANs ● Read all frames transmitted on A and accept those addressed to any station on B. ● Using the medium access control protocol for B, retransmit each frame on B.
  • 28. Broadcast Domain ● Unicast addressing: ○ X send frame to Y ○ X send frame to Z ● Broadcast addressing: ○ X send frame to FF:FF:FF:FF:FF:FF address ! ● The total collection of devices that receive ● broadcast frames from each other is referred to as a broadcast domain ● In many situations, a broadcast frame is used for a purpose, such as network management or the transmission of some type of alert
  • 31. Virtual LAN (VLAN) ● VLAN is a logical subgroup within a LAN ● It is created by software rather than by physically moving and separating devices. ● The VLAN logic is implemented in LAN switches and functions at the MAC layer
  • 32. Trunk ● allow traffic for multiple VLANs to travel over a single connection ● One of the VLANs traveling over an 802.1Q trunk is called a native VLAN . ● to distinguish other VLANs from one another, the remaining VLANs are tagged. ●
  • 33. Dynamic Host Configuration Protocol ● how does a network device receive its initial IP address assignment? ● One option is to manually configure an IP address on a device. ○ Automation is critical in cloud computing, and manual configuration is time consuming and error prone. ● The most common approach for this auto assignment of IP addresses is Dynamic Host Configuration Protocol (DHCP). ● DHCP can assign a wide variety of other IP parameters, such as a subnet mask, a default gateway and IP address of a DNS server.
  • 34. D.O.R.A DHCPDISCOVER ● When DHCP client initially boots, it has no IP address… . ● DHCP client send broadcast message to discover DHCP server
  • 35. D.O.R.A DHCPOFFER ● When a DHCP server receives a DHCPDISCOVER message, it can respond with a unicast DHCPOFFER message. ● DHCPDISCOVER message is sent as a broadcast, more than one DHCP server might respond to this discover request. ● the client typically selects the server that sent the first DHCPOFFER response received by the client.
  • 36. D.O.R.A DHCPREQUEST ● The DHCP client communicates with this selected server by sending a unicast DHCPREQUEST message asking the DHCP server to provide IP configuration parameters.
  • 37. D.O.R.A DHCPACK ● The DHCP server responds to the client with a unicast DHCPACK message. ● This DHCPACK message contains a collection of IP configuration parameters.
  • 38. DHCP Relay Without DHCP relay agent
  • 39. DHCP Relay With DHCP relay agent
  • 40. How Packets Move Through a Network
  • 42. Linux network command ip - show / manipulate routing, network devices, interfaces and tunnels ● ip address - configure/monitor network addresses ○ $ ip address show <interface> ○ # ip addr add 192.168.50.5 dev ens160 ○ # ip addr del 192.168.50.5/24 dev ens160 ● ip link - configure/monitor network link state ○ $ ip link show ○ # ip link set eth1 up ○ # ip link set eth1 down ● ip route - configure/monitor routing information ○ $ ip route show ○ # ip route add 10.10.20.0/24 via 192.168.50.100 dev eth0 “static route” ○ # ip route del 10.10.20.0/24 ○ # ip route add default via 192.168.50.1
  • 43. Linux network command ping - send ICMP ECHO_REQUEST to network hosts ● $ ping 8.8.8.8 ● $ ping 8.8.8.8 -c 4 “Stop after sending count ECHO_REQUEST packets.” ● $ ping -t 2 google.com “Time To Live” ○ PING google.com (172.217.18.14) 56(84) bytes of data. ○ From 172.31.13.5 (172.31.13.5) icmp_seq=1 Time to live exceeded ● $ ping google.com ○ PING google.com (172.217.18.14) 56(84) bytes of data. ○ 64 bytes from fra15s28-in-f14.1e100.net (172.217.18.14): icmp_seq=1 ttl=43 time=121 ms
  • 45.
  • 46. Linux network command traceroute - print the route packets trace to network host ● $ ping -t 1 google.com ○ … Time to live exceeded ● $ ping -t 2 google.com ● $ ping -t 3 google.com ● $ ping -t 4 google.com ● … ● $ ping -t 25 google.com ○ PING google.com (172.217.18.14) 56(84) bytes of data. ○ 64 bytes from fra02s19-in-f14.1e100.net (172.217.18.14): icmp_seq=1 ttl=43 time=123 ms
  • 47. Linux network command traceroute - print the route packets trace to network host ● traceroute google.com ○ traceroute to google.com (172.217.18.14), 30 hops max, 60 byte packets ○ 1 _gateway (172.16.22.1) 1.065 ms 1.255 ms 1.425 ms ○ 2 172.31.13.5 (172.3.3.5) 1.934 ms 2.270 ms 2.633 ms ○ ... ○ 10 * * * ○ 11 * * * ○ 12 * * * ○ 13 10.201.177.133 (10.201.177.133) 13.441 ms 13.442 ms 13.402 ms ○ ... ○ 19 108.170.240.56 (108.170.240.56) 52.736 ms 108.170.246.118 (108.170.246.118) 52.992 ms 108.170.240.55 (108.170.240.55) 53.057 ms ○ 20 216.239.54.211 (216.239.54.211) 132.193 ms 132.141 ms 216.239.56.13 (216.239.56.13) 130.140 ms ○ 21 72.14.233.132 (72.14.233.132) 122.384 ms 72.14.235.14 (72.14.235.14) 125.581 ms 125.489 ms ○ 22 72.14.239.166 (72.14.239.166) 126.233 ms 108.170.228.254 (108.170.228.254) 137.870 ms 137.551 ms ○ 23 108.170.251.129 (108.170.251.129) 122.273 ms 123.187 ms 123.335 ms ○ 24 74.125.37.125 (74.125.37.125) 124.512 ms 74.125.37.99 (74.125.37.99) 122.331 ms 122.317 ms ○ 25 fra15s28-in-f14.1e100.net (172.217.18.14) 124.916 ms 125.164 ms 124.830 ms
  • 48. Linux network command traceroute - print the route packets trace to network host ● traceroute google.com ○ traceroute to google.com (172.217.18.14), 30 hops max, 60 byte packets ○ 1 _gateway (172.16.22.1) 1.065 ms 1.255 ms 1.425 ms ○ 2 172.31.13.5 (172.3.3.5) 1.934 ms 2.270 ms 2.633 ms ○ ... ○ 10 * * * ○ 11 * * * ○ 12 * * * ○ 13 10.201.177.133 (10.201.177.133) 13.441 ms 13.442 ms 13.402 ms ○ ... ○ 19 108.170.240.56 (108.170.240.56) 52.736 ms 108.170.246.118 (108.170.246.118) 52.992 ms 108.170.240.55 (108.170.240.55) 53.057 ms ○ 20 216.239.54.211 (216.239.54.211) 132.193 ms 132.141 ms 216.239.56.13 (216.239.56.13) 130.140 ms ○ 21 72.14.233.132 (72.14.233.132) 122.384 ms 72.14.235.14 (72.14.235.14) 125.581 ms 125.489 ms ○ 22 72.14.239.166 (72.14.239.166) 126.233 ms 108.170.228.254 (108.170.228.254) 137.870 ms 137.551 ms ○ 23 108.170.251.129 (108.170.251.129) 122.273 ms 123.187 ms 123.335 ms ○ 24 74.125.37.125 (74.125.37.125) 124.512 ms 74.125.37.99 (74.125.37.99) 122.331 ms 122.317 ms ○ 25 fra15s28-in-f14.1e100.net (172.217.18.14) 124.916 ms 125.164 ms 124.830 ms
  • 49. Linux network command arp - manipulate the system ARP cache ● $ arp -a ○ ? (172.16.10.44) at 08:01:27:62:9a:8f [ether] on enp0s25 ○ ? (172.16.10.40) at 1c:1b:0d:49:e6:4 [ether] on enp0s25 ● $ arp -d 192.168.10.11 “delete a ARP table entry” ● ip -s -s neigh flush all “clear the arp cache” ○ 172.16.10.44 dev enp0s25 lladdr 08:00:23:62:9a:8f used 460/456/412 probes 1 STALE ○ 172.16.10.40 dev enp0s25 lladdr 10:8b:0d:39:e6:a4 used 44420/44418/44378 probes 1 STALE
  • 50. Linux network command netstat - Print network connections, routing tables, interface statistics ● $ netstat -a | more “ Show listening and non-listening sockets.” ● $ netstat -at “ List all TCP ports” ● $ netstat -au “List all UDP ports” ● $ netstat -l “List only the listening ports” ● $ netstat -lt “List only listening TCP ports” ● $ netstat -lu “List only listening UDP ports” ● $ netstat -i “List network interfaces” ● $ netstat -ie “did you miss ifconfig ;) “ ● $ netstat -r “host’s IP routing table ”
  • 51. Linux network command netstat - ● Which process is using a particular port: ○ # netstat -an | grep “:80” ● The port on which a program is running: ○ # netstat -ap | grep ssh ● Netstat retrieves information about the networking subsystem from the /proc/net file system. ● /proc/net/dev “device information” ● /proc/net/tcp “TCP socket information” ● /proc/net/unix “Unix domain socket information”
  • 52. Linux network command tcpdump - prints out a description of the contents of packets on a network interface (A Network Sniffer Tool) ● # tcpdump -i eth0 ● # tcpdump -w myfile.pcap -i eth0 “Capture and Save Packets in a File” ● # tcpdump -r myfile.pcap -i eth0 “Read Captured Packets File” ● # tcpdump -n -i eth0 “Capture IP address Packets” ● # tcpdump -i eth0 tcp “Capture TCP Packets” ● # tcpdump -i eth0 port 22 “Capture from Specific Port” ● # tcpdump -i eth0 src/dst 1.2.3.4 “Capture from source/destination IP” ● # tcpdump -i eth0 src 1.2.3.4 and port not 22 “Do not capture specific port” ●
  • 53. Linux network command nmap - Network exploration tool and security / port scanner ● Basic Scan {ip, host} ○ $ nmap google.com ○ $ nmap 8.8.8.8 ● Scan specific/entire ports ○ $ nmap -p 1-65535 localhost ○ $ nmap -p 1-1000 google.com ○ $ nmap -p 80,443 google.com ● Scan IP ranges ○ $ nmap -p 80 8.8.8.0/28 ○ $ nmap -p 80 8.8.8.1-100 ● Scan most polular ports ○ $ nmap --top-ports 5 8.8.8.8 ● Disable DNS name resolution ○ Nmap -p 80 -n 8.8.8.8 ● Scan TCP or UDP protocols ○ $ nmap -sT google.com ○ # nmap -sU google.com ● Detect service/daemon versions ○ Nmap -sV localhost
  • 54. What does that command-line mean? 1. Google it. 2. Manual pages 3. http://explainshell.com →>
  • 56. Iptable Concepts TABLES 1. Filter:Role is packet filtering a. default & main table 2. NAT: Role is Netwrok Address Translation 3. Mangle: Role is Modify IP Headers CHAINS Iptables places rules into predefined chains 1. Pre-routing 2. Input 3. Forward 4. Output 5. Post-routing RULES ● User defined commands to manipulate network traffic: ● For example: ○ Iptables -A INPUT -s 15.1.1.2 -j DROP
  • 59. Targets and Jumps ● ACCEPT: allowed. Stops further processing ● DROP: Drops. Stop further Processing ● REJECT: like the DROP target, but will also return an error mesage to the host sending the packet ● LOG: Logs to syslog, Continue Procesing next rule ● ...
  • 60. General iptables command switch ● -t <table> : {filter, nat, mangle} ● -j <target>: choose the actions {ACCEPT, DROP … } ● -F : delete all the rules of the chain ● -p <protocol-type>: {tcp, udp, icmp} ● -s <ip-address>: source ip address ● -d <ip-address>: destination ip address ● -i <interface-name>: input interface ● -o <interface-name>: output interface
  • 61. Iptables -t[table] -OPTIONS[CHAIN] [matching component] [Action component] Filter NAT Mangle INPUT, FORWARD, OUTPUT Pre-routing, post-routing, output Pre-routing, post-routing, forward, output, input Options: A:append, I:insert, D:delete, L:list, F: flush, -P: policy p - Protocol s - Source IP d - Dest IP i - IN Interface o - OUT Interface ACCEPT DROP REJECT LOG
  • 62. Writing a Simple Rule Set Stateful Packet Inspection (SPI) Allow all outgoing connections but block all unwanted incoming connections 1. # iptables -P INPUT ACCEPT 2. # iptables -F 3. # iptables -A INPUT -i lo -j ACCEPT 4. # iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT 5. # iptables -A INPUT -p tcp --dport 22 -j ACCEPT 6. # iptables -P INPUT DROP 7. # iptables -P FORWARD DROP 8. # iptables -P OUTPUT ACCEPT 9. # iptables -L -v
  • 63. 1. If connecting remotely we must first temporarily set the default policy on the INPUT chain to ACCEPT otherwise once we flush the current rules we will be locked out of our server. 2. We used the -F switch to flush all existing rules so we start with a clean state from which to add new rules. 3. Append (-A) to INPUT chain the Acceptance of incoming packet to the loopback interface 4. The state module (-m state) determine if packet is ESTABLISHED or RELATED. ESTABLISHED and RELATED refers to incoming packets that are part of an already established connection or related to and already established connection. (what if we added NEW too ;) ) 5. Here we add a rule allowing SSH connections over tcp port 22. 6. The -P switch sets the default policy on the specified chain. 7. we've set the default policy on the FORWARD chain to DROP as we're not using our computer as a router so there should not be any packets passing through our computer. 8. set the default policy on the OUTPUT chain to ACCEPT as we want to allow all outgoing traffic (as we trust our users). 9. Finally, we can list (-L) the rules we've just added to check they've been loaded correctly.
  • 64. End of first session Q&A