deep understanding of howto packet would reach to destination and basic understanding of network protocols.
learn howto manipulate with linux network and know howto manipulate with linux iptables.
linux monitoring and performance tunning iman darabi
howto monitor linux server? what metrics are important when monitor server? what is related between metrics and monitoring tools? what are basic linux server optimization ? howto optimize ?
In this talk Jiří Pírko discusses the design and evolution of the VLAN implementation in Linux, the challenges and pitfalls as well as hardware acceleration and alternative implementations.
Jiří Pírko is a major contributor to kernel networking and the creator of libteam for link aggregation.
linux monitoring and performance tunning iman darabi
howto monitor linux server? what metrics are important when monitor server? what is related between metrics and monitoring tools? what are basic linux server optimization ? howto optimize ?
In this talk Jiří Pírko discusses the design and evolution of the VLAN implementation in Linux, the challenges and pitfalls as well as hardware acceleration and alternative implementations.
Jiří Pírko is a major contributor to kernel networking and the creator of libteam for link aggregation.
Dima Krasner talks about FUSE, Filesystem in Userspace, its pros and cons, usage, tips and tricks, and more.
Dima is a senior developer at Sam Seamless Network.
Have you ever heard of FreeBSD? Probably.
Have you ever interacted with its kernel? Probably not.
In this talk, Gili Yankovitch (nyxsecuritysolutions.com) will talk about the FreeBSD operating system, its network stack and how to write network drivers for it.
The talk will cover the following topics:
* Kernel/User interation in FreeBSD
* The FreeBSD Network Stack
* Network Buffers API
* L2 and L3 Hooking
Building Network Functions with eBPF & BCCKernel TLV
eBPF (Extended Berkeley Packet Filter) is an in-kernel virtual machine that allows running user-supplied sandboxed programs inside of the kernel. It is especially well-suited to network programs and it's possible to write programs that filter traffic, classify traffic and perform high-performance custom packet processing.
BCC (BPF Compiler Collection) is a toolkit for creating efficient kernel tracing and manipulation programs. It makes use of eBPF.
BCC provides an end-to-end workflow for developing eBPF programs and supplies Python bindings, making eBPF programs much easier to write.
Together, eBPF and BCC allow you to develop and deploy network functions safely and easily, focusing on your application logic (instead of kernel datapath integration).
In this session, we will introduce eBPF and BCC, explain how to implement a network function using BCC, discuss some real-life use-cases and show a live demonstration of the technology.
About the speaker
Shmulik Ladkani, Chief Technology Officer at Meta Networks,
Long time network veteran and kernel geek.
Shmulik started his career at Jungo (acquired by NDS/Cisco) implementing residential gateway software, focusing on embedded Linux, Linux kernel, networking and hardware/software integration.
Some billions of forwarded packets later, Shmulik left his position as Jungo's lead architect and joined Ravello Systems (acquired by Oracle) as tech lead, developing a virtual data center as a cloud-based service, focusing around virtualization systems, network virtualization and SDN.
Recently he co-founded Meta Networks where he's been busy architecting secure, multi-tenant, large-scale network infrastructure as a cloud-based service.
Kernel Recipes 2015: Solving the Linux storage scalability bottlenecksAnne Nicolas
lash devices introduced a sudden shift in the performance profile of direct attached storage. With IOPS rates orders of magnitude higher than rotating storage, it became clear that Linux needed a re-design of its storage stack to properly support and get the most out of these new devices.
This talk will detail the architecture of blk-mq, the redesign of the core of the Linux storage stack, and the later set of changes made to adapt the SCSI stack to this new queuing model. Early results of running Facebook infrastructure production workloads on top of the new stack will also be shared.
Jense Axboe, Facebook
This talk is about a new interface to get information about processes, called task_diag, which we developed.
Currently /proc file system is used to get information about the processes running on the system. All information are presented as text files, which is convenient for humans, but not for programs such as ps and top. This incurs significant delays, especially on a systems with lots of containers running, which is frequently the case nowdays.
Ideally, tools such top and ps would get information in binary format, and use flexible means to specify which kinds of information and for which tasks is required. Presented is a new interface with all these features, called task_diag.
task_diag is based on netlink sockets and looks like socket-diag, which is used to get information about sockets. It uses the request-response model. An request specifies a set of processes and required properties for them. A response contains requested information and can be divided into a few netlink packets if it's too long.
The task diag is much faster than the /proc file system. For example, when reading from /proc, ps opens, reads, and closes many files -- and iterates this for every single processes. With task_diag, it's just sending a request and getting a response.
Except for ps and top, the proposed interface is to be used by CRIU, a containers checkpoint/restore and live migration mechanism. Also, developers of perf tool found that it can be useful to them and implemented a prototype which show a big performance improvements in case of using task_diag instead of procfs.
Our performance measurements show that the ps tool works at least four times faster if task_diag is used instead of procfs.
This presentation covers the basics about OpenvSwitch and its components. OpenvSwitch is a Open Source implementation of OpenFlow by the Nicira team.
It also also talks about OpenvSwitch and its role in OpenStack Networking
FOSDEM15 SDN developer room talk
DPDK performance
How to not just do a demo with DPDK
The Intel DPDK provides a platform for building high performance Network Function Virtualization applications. But it is hard to get high performance unless certain design tradeoffs are made. This talk focuses on the lessons learned in creating the Brocade vRouter using DPDK. It covers some of the architecture, locking and low level issues that all have to be dealt with to achieve 80 Million packets per second forwarding.
Dev Conf 2017 - Meeting nfv networking requirementsFlavio Leitner
NFV networking is about delivering packets to virtual machines or containers. Can we provide high throughput, low latency and zero packet loss? This presentation will show the pros and cons of some technologies and then go deeper into DPDK accelerated OVS to uncover how it works, current challenges, and possible solutions.
In this webinar, we will discuss about the basic concept of routing, try to understand how the router work, how the routing table is used to forward packets, and how to implement them with mikrotik router. we review some prior knowledge before. after attending this webinar, we expect you understand how the packet is forwarded on router.
Dima Krasner talks about FUSE, Filesystem in Userspace, its pros and cons, usage, tips and tricks, and more.
Dima is a senior developer at Sam Seamless Network.
Have you ever heard of FreeBSD? Probably.
Have you ever interacted with its kernel? Probably not.
In this talk, Gili Yankovitch (nyxsecuritysolutions.com) will talk about the FreeBSD operating system, its network stack and how to write network drivers for it.
The talk will cover the following topics:
* Kernel/User interation in FreeBSD
* The FreeBSD Network Stack
* Network Buffers API
* L2 and L3 Hooking
Building Network Functions with eBPF & BCCKernel TLV
eBPF (Extended Berkeley Packet Filter) is an in-kernel virtual machine that allows running user-supplied sandboxed programs inside of the kernel. It is especially well-suited to network programs and it's possible to write programs that filter traffic, classify traffic and perform high-performance custom packet processing.
BCC (BPF Compiler Collection) is a toolkit for creating efficient kernel tracing and manipulation programs. It makes use of eBPF.
BCC provides an end-to-end workflow for developing eBPF programs and supplies Python bindings, making eBPF programs much easier to write.
Together, eBPF and BCC allow you to develop and deploy network functions safely and easily, focusing on your application logic (instead of kernel datapath integration).
In this session, we will introduce eBPF and BCC, explain how to implement a network function using BCC, discuss some real-life use-cases and show a live demonstration of the technology.
About the speaker
Shmulik Ladkani, Chief Technology Officer at Meta Networks,
Long time network veteran and kernel geek.
Shmulik started his career at Jungo (acquired by NDS/Cisco) implementing residential gateway software, focusing on embedded Linux, Linux kernel, networking and hardware/software integration.
Some billions of forwarded packets later, Shmulik left his position as Jungo's lead architect and joined Ravello Systems (acquired by Oracle) as tech lead, developing a virtual data center as a cloud-based service, focusing around virtualization systems, network virtualization and SDN.
Recently he co-founded Meta Networks where he's been busy architecting secure, multi-tenant, large-scale network infrastructure as a cloud-based service.
Kernel Recipes 2015: Solving the Linux storage scalability bottlenecksAnne Nicolas
lash devices introduced a sudden shift in the performance profile of direct attached storage. With IOPS rates orders of magnitude higher than rotating storage, it became clear that Linux needed a re-design of its storage stack to properly support and get the most out of these new devices.
This talk will detail the architecture of blk-mq, the redesign of the core of the Linux storage stack, and the later set of changes made to adapt the SCSI stack to this new queuing model. Early results of running Facebook infrastructure production workloads on top of the new stack will also be shared.
Jense Axboe, Facebook
This talk is about a new interface to get information about processes, called task_diag, which we developed.
Currently /proc file system is used to get information about the processes running on the system. All information are presented as text files, which is convenient for humans, but not for programs such as ps and top. This incurs significant delays, especially on a systems with lots of containers running, which is frequently the case nowdays.
Ideally, tools such top and ps would get information in binary format, and use flexible means to specify which kinds of information and for which tasks is required. Presented is a new interface with all these features, called task_diag.
task_diag is based on netlink sockets and looks like socket-diag, which is used to get information about sockets. It uses the request-response model. An request specifies a set of processes and required properties for them. A response contains requested information and can be divided into a few netlink packets if it's too long.
The task diag is much faster than the /proc file system. For example, when reading from /proc, ps opens, reads, and closes many files -- and iterates this for every single processes. With task_diag, it's just sending a request and getting a response.
Except for ps and top, the proposed interface is to be used by CRIU, a containers checkpoint/restore and live migration mechanism. Also, developers of perf tool found that it can be useful to them and implemented a prototype which show a big performance improvements in case of using task_diag instead of procfs.
Our performance measurements show that the ps tool works at least four times faster if task_diag is used instead of procfs.
This presentation covers the basics about OpenvSwitch and its components. OpenvSwitch is a Open Source implementation of OpenFlow by the Nicira team.
It also also talks about OpenvSwitch and its role in OpenStack Networking
FOSDEM15 SDN developer room talk
DPDK performance
How to not just do a demo with DPDK
The Intel DPDK provides a platform for building high performance Network Function Virtualization applications. But it is hard to get high performance unless certain design tradeoffs are made. This talk focuses on the lessons learned in creating the Brocade vRouter using DPDK. It covers some of the architecture, locking and low level issues that all have to be dealt with to achieve 80 Million packets per second forwarding.
Dev Conf 2017 - Meeting nfv networking requirementsFlavio Leitner
NFV networking is about delivering packets to virtual machines or containers. Can we provide high throughput, low latency and zero packet loss? This presentation will show the pros and cons of some technologies and then go deeper into DPDK accelerated OVS to uncover how it works, current challenges, and possible solutions.
In this webinar, we will discuss about the basic concept of routing, try to understand how the router work, how the routing table is used to forward packets, and how to implement them with mikrotik router. we review some prior knowledge before. after attending this webinar, we expect you understand how the packet is forwarded on router.
Best Current Practice (BCP) 38 Ingress Filtering for SecurityGLC Networks
Webinar topic: Best Current Practice (BCP) 38 Ingress Filtering for Security
Presenter: Achmad Mardiansyah
In this webinar series, we discussed about IBest Current Practice (BCP) 38 Ingress Filtering for Security
Please share your feedback or webinar ideas here: http://bit.ly/glcfeedback
Check our schedule for future events: https://www.glcnetworks.com/en/schedule/
Follow our social media for updates: Facebook, Instagram, YouTube Channel, and telegram also discord
Recording available on Youtube
https://youtu.be/0YQRQ046Lg8
In this workshop we will make a brief introduction to the basics of networking: IP addresses, MAC addresses, DNS, DHCP. Concepts as a router, gateway and firewall are explained. Then we will see in practice how to share files on a local network (NFS, Samba), establish a FTP connection, or log on to another (Linux) machine remotely (SSH, VNC, RDP). Finally, we review some useful networking tools like ping, netstat, lookup, port scan, traceroute, whois.
Agenda:
In this session, Shmulik Ladkani discusses the kernel's net_device abstraction, its interfaces, and how net-devices interact with the network stack. The talk covers many of the software network devices that exist in the Linux kernel, the functionalities they provide and some interesting use cases.
Speaker:
Shmulik Ladkani is a Tech Lead at Ravello Systems.
Shmulik started his career at Jungo (acquired by NDS/Cisco) implementing residential gateway software, focusing on embedded Linux, Linux kernel, networking and hardware/software integration.
51966 coffees and billions of forwarded packets later, with millions of homes running his software, Shmulik left his position as Jungo’s lead architect and joined Ravello Systems (acquired by Oracle) as tech lead, developing a virtual data center as a cloud service. He's now focused around virtualization systems, network virtualization and SDN.
Banog meetup August 30th, network device property as codeDamien Garros
Managing Network Device Properties as Code:
Device configuration templates have simplified a lot of things for the network industry but most people are still managing their device properties (aka variables) manually which is very tedious and error prone. This talk will present a new approach to generate and manage network device properties easily using infrastructure as code principles.
Mikrotik IP Settings For Performance and SecurityGLC Networks
Webinar topic: Mikrotik IP Settings For Performance and Security
Presenter: Achmad Mardiansyah
In this webinar series, we discussed about Mikrotik IP Settings For Performance and Security
Please share your feedback or webinar ideas here: http://bit.ly/glcfeedback
Check our schedule for future events: https://www.glcnetworks.com/en/schedule/
Follow our social media for updates: Facebook, Instagram, YouTube Channel, and telegram also discord
Recording available on Youtube
https://youtu.be/9ldLm969rxo
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptxR&R Consult
CFD analysis is incredibly effective at solving mysteries and improving the performance of complex systems!
Here's a great example: At a large natural gas-fired power plant, where they use waste heat to generate steam and energy, they were puzzled that their boiler wasn't producing as much steam as expected.
R&R and Tetra Engineering Group Inc. were asked to solve the issue with reduced steam production.
An inspection had shown that a significant amount of hot flue gas was bypassing the boiler tubes, where the heat was supposed to be transferred.
R&R Consult conducted a CFD analysis, which revealed that 6.3% of the flue gas was bypassing the boiler tubes without transferring heat. The analysis also showed that the flue gas was instead being directed along the sides of the boiler and between the modules that were supposed to capture the heat. This was the cause of the reduced performance.
Based on our results, Tetra Engineering installed covering plates to reduce the bypass flow. This improved the boiler's performance and increased electricity production.
It is always satisfying when we can help solve complex challenges like this. Do your systems also need a check-up or optimization? Give us a call!
Work done in cooperation with James Malloy and David Moelling from Tetra Engineering.
More examples of our work https://www.r-r-consult.dk/en/cases-en/
Immunizing Image Classifiers Against Localized Adversary Attacksgerogepatton
This paper addresses the vulnerability of deep learning models, particularly convolutional neural networks
(CNN)s, to adversarial attacks and presents a proactive training technique designed to counter them. We
introduce a novel volumization algorithm, which transforms 2D images into 3D volumetric representations.
When combined with 3D convolution and deep curriculum learning optimization (CLO), itsignificantly improves
the immunity of models against localized universal attacks by up to 40%. We evaluate our proposed approach
using contemporary CNN architectures and the modified Canadian Institute for Advanced Research (CIFAR-10
and CIFAR-100) and ImageNet Large Scale Visual Recognition Challenge (ILSVRC12) datasets, showcasing
accuracy improvements over previous techniques. The results indicate that the combination of the volumetric
input and curriculum learning holds significant promise for mitigating adversarial attacks without necessitating
adversary training.
Water scarcity is the lack of fresh water resources to meet the standard water demand. There are two type of water scarcity. One is physical. The other is economic water scarcity.
Explore the innovative world of trenchless pipe repair with our comprehensive guide, "The Benefits and Techniques of Trenchless Pipe Repair." This document delves into the modern methods of repairing underground pipes without the need for extensive excavation, highlighting the numerous advantages and the latest techniques used in the industry.
Learn about the cost savings, reduced environmental impact, and minimal disruption associated with trenchless technology. Discover detailed explanations of popular techniques such as pipe bursting, cured-in-place pipe (CIPP) lining, and directional drilling. Understand how these methods can be applied to various types of infrastructure, from residential plumbing to large-scale municipal systems.
Ideal for homeowners, contractors, engineers, and anyone interested in modern plumbing solutions, this guide provides valuable insights into why trenchless pipe repair is becoming the preferred choice for pipe rehabilitation. Stay informed about the latest advancements and best practices in the field.
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...Dr.Costas Sachpazis
Terzaghi's soil bearing capacity theory, developed by Karl Terzaghi, is a fundamental principle in geotechnical engineering used to determine the bearing capacity of shallow foundations. This theory provides a method to calculate the ultimate bearing capacity of soil, which is the maximum load per unit area that the soil can support without undergoing shear failure. The Calculation HTML Code included.
Final project report on grocery store management system..pdfKamal Acharya
In today’s fast-changing business environment, it’s extremely important to be able to respond to client needs in the most effective and timely manner. If your customers wish to see your business online and have instant access to your products or services.
Online Grocery Store is an e-commerce website, which retails various grocery products. This project allows viewing various products available enables registered users to purchase desired products instantly using Paytm, UPI payment processor (Instant Pay) and also can place order by using Cash on Delivery (Pay Later) option. This project provides an easy access to Administrators and Managers to view orders placed using Pay Later and Instant Pay options.
In order to develop an e-commerce website, a number of Technologies must be studied and understood. These include multi-tiered architecture, server and client-side scripting techniques, implementation technologies, programming language (such as PHP, HTML, CSS, JavaScript) and MySQL relational databases. This is a project with the objective to develop a basic website where a consumer is provided with a shopping cart website and also to know about the technologies used to develop such a website.
This document will discuss each of the underlying technologies to create and implement an e- commerce website.
Hierarchical Digital Twin of a Naval Power SystemKerry Sado
A hierarchical digital twin of a Naval DC power system has been developed and experimentally verified. Similar to other state-of-the-art digital twins, this technology creates a digital replica of the physical system executed in real-time or faster, which can modify hardware controls. However, its advantage stems from distributing computational efforts by utilizing a hierarchical structure composed of lower-level digital twin blocks and a higher-level system digital twin. Each digital twin block is associated with a physical subsystem of the hardware and communicates with a singular system digital twin, which creates a system-level response. By extracting information from each level of the hierarchy, power system controls of the hardware were reconfigured autonomously. This hierarchical digital twin development offers several advantages over other digital twins, particularly in the field of naval power systems. The hierarchical structure allows for greater computational efficiency and scalability while the ability to autonomously reconfigure hardware controls offers increased flexibility and responsiveness. The hierarchical decomposition and models utilized were well aligned with the physical twin, as indicated by the maximum deviations between the developed digital twin hierarchy and the hardware.
Overview of the fundamental roles in Hydropower generation and the components involved in wider Electrical Engineering.
This paper presents the design and construction of hydroelectric dams from the hydrologist’s survey of the valley before construction, all aspects and involved disciplines, fluid dynamics, structural engineering, generation and mains frequency regulation to the very transmission of power through the network in the United Kingdom.
Author: Robbie Edward Sayers
Collaborators and co editors: Charlie Sims and Connor Healey.
(C) 2024 Robbie E. Sayers
Cosmetic shop management system project report.pdfKamal Acharya
Buying new cosmetic products is difficult. It can even be scary for those who have sensitive skin and are prone to skin trouble. The information needed to alleviate this problem is on the back of each product, but it's thought to interpret those ingredient lists unless you have a background in chemistry.
Instead of buying and hoping for the best, we can use data science to help us predict which products may be good fits for us. It includes various function programs to do the above mentioned tasks.
Data file handling has been effectively used in the program.
The automated cosmetic shop management system should deal with the automation of general workflow and administration process of the shop. The main processes of the system focus on customer's request where the system is able to search the most appropriate products and deliver it to the customers. It should help the employees to quickly identify the list of cosmetic product that have reached the minimum quantity and also keep a track of expired date for each cosmetic product. It should help the employees to find the rack number in which the product is placed.It is also Faster and more efficient way.
2. Materials
● OSI model
● The Network Layer
● The Datalink Layer
● Linux network command-line tools
● Network security
3. 15min
● OSI model
● Concepts of packet travel
45min
● The Network Layer
45min
● The Datalink Layer
60 mins
● Linux network
command-line tools
40 mins
● Network security
6. 1. Directly interacts with data from user
2. Softwares like web browsers rely on the
application layer to initiate communications.
3. Softwares work with protocols like HTTP and
SMTP to transfer data over network.
Ref: http://cloudflare.com
7 ->
7. 1. Prepare data so that it can be used by the
application layer
2. Encryption and compression for example.
Ref: http://cloudflare.com
6 ->
8. 1. The time between when the communication
is opened and closed is known as the session.
2. Synchronization - add check points (
synchronization points ) into stream of data.
Ref: http://cloudflare.com
5 ->
9. 1. Reassembling the segments into data the
session layer can consume.
2. Flow control and error control for
inter-network communication.
Ref: http://cloudflare.com
4 ->
10. 1. Faciliating data transfer between two diffrent
networks.
Ref: http://cloudflare.com
3 ->
11. 1. Facilitate data transfer between two devices
on the SAME network.
2. Flow control and error control in
intra-network communication.
Ref: http://cloudflare.com
2 ->
12. 1. This layer is :
101110101011101010110101011111100001
0101101010101010101 ;)
Ref: http://cloudflare.com
1 ->
17. Internet Protocol
● IP addresses were assigned to computers and routers ( computer ~ node ).
● Every IP address belongs to a specific network.
● Routers are used to connect networks.
● Public IP address, allow device to direct access over the Internet (5.9.201.150).
● Private IP address, is the address space allocated by InterNIC to allow organizations to create their
own private network.
○ 10.0.0.0/8 ( a single Class A network)
○ 172.16.0.0/12 (16 Class B networks)
○ 192.168.0.0/16 (256 Class C networks)
● private nodes cannot directly communicate with public networks, but require Network Address
Translation at a routing gateway for this purpose.
19. Network Masks
● The subnet mask defines which part of the network address indicates the network and which part
indicates the node.
● Example:
○ Address: 192.168.10.100 11000000.10101000.00001010 .01100100
○ Netmask: 255.255.255.0 = 24 11111111.11111111.11111111 .00000000
○ Network: 192.168.10.0/24 11000000.10101000.00001010 .00000000 (Class C)
○ Broadcast: 192.168.10.255 11000000.10101000.00001010 .11111111
○ HostMin: 192.168.10.1 11000000.10101000.00001010 .00000001
○ HostMax: 192.168.10.254 11000000.10101000.00001010 .11111110
20. Managing Network Addresses and Interfaces
● Fixed IP addresses:
○ Useful for servers that always need to be available
at the same IP address.
● Dynamically assigned IP addresses:
○ Useful for end-users devices, and for instances in
a cloud environment.
○ To dynamically assign IP addresses, a Dynamic
Host Configuration Protocol (DHCP) server is
usually used.
● Automatic Private IP Addressing
○ This feature allows a networked device to
self-assign an IP address from the 169.254.0.0/16
network (The IP address is not routable).
21. Validating Network Configuration
1. IP address and subnet mask
a. Use ip addr to configure and monitor network addresses
2. Routing
a. Use ip route to configure and monitor routing information
3. Availability of ports and services
a. Use ip link to configure and monitor network link state
4. Examples:
a. $ ip addr show (or $ip a)
b. $ ip link show
c. $ ip route show
22. Ip Assignment
Not persistent
1. Use /etc/network/interfaces (ifupdown)
2. Nmcli (desktop)
3. Netplan
$ Ip addr add 192.168.50.5 dev eth0
$ ifconfig eth0 192.168.50.5 up (Although net-tools
is depricated)
persistent
25. DataLink
● Layer 2
● Responsible for transferring data between
two devices on the same network segment
● Is responsible for sensing channel - Carrier
Sense Multiple Access (CSMA)
● Detects or avoids collisions - Collision
Detection (CD) or Avoidance (CA)
27. Bridge Operation
● Bridge attaches to both LANs
● Read all frames transmitted on A and accept
those addressed to any station on B.
● Using the medium access control protocol for
B, retransmit each frame on B.
28. Broadcast Domain
● Unicast addressing:
○ X send frame to Y
○ X send frame to Z
● Broadcast addressing:
○ X send frame to FF:FF:FF:FF:FF:FF address !
● The total collection of devices that receive
● broadcast frames from each other is referred
to as a broadcast domain
● In many situations, a broadcast frame is used
for a purpose, such as network management
or the transmission of some type of alert
31. Virtual LAN (VLAN)
● VLAN is a logical subgroup within a LAN
● It is created by software rather than by
physically moving and separating devices.
● The VLAN logic is implemented in LAN
switches and functions at the MAC layer
32. Trunk
● allow traffic for multiple VLANs to travel over
a single connection
● One of the VLANs traveling over an 802.1Q
trunk is called a native VLAN .
● to distinguish other VLANs from one another,
the remaining VLANs are tagged.
●
33. Dynamic Host Configuration Protocol
● how does a network device receive its initial IP address assignment?
● One option is to manually configure an IP address on a device.
○ Automation is critical in cloud computing, and manual configuration is time consuming and error prone.
● The most common approach for this auto assignment of IP addresses is Dynamic Host Configuration
Protocol (DHCP).
● DHCP can assign a wide variety of other IP parameters, such as a subnet mask, a default gateway and
IP address of a DNS server.
34. D.O.R.A
DHCPDISCOVER
● When DHCP client initially boots, it has no IP
address… .
● DHCP client send broadcast message to
discover DHCP server
35. D.O.R.A
DHCPOFFER
● When a DHCP server receives a
DHCPDISCOVER message, it can respond with
a unicast DHCPOFFER message.
● DHCPDISCOVER message is sent as a
broadcast, more than one DHCP server might
respond to this discover request.
● the client typically selects the server that sent
the first DHCPOFFER response received by
the client.
36. D.O.R.A
DHCPREQUEST
● The DHCP client communicates with this
selected server by sending a unicast
DHCPREQUEST message asking the DHCP
server to provide IP configuration
parameters.
37. D.O.R.A
DHCPACK
● The DHCP server responds to the client with a
unicast DHCPACK message.
● This DHCPACK message contains a collection
of IP configuration parameters.
42. Linux network command
ip - show / manipulate routing, network devices, interfaces and tunnels
● ip address - configure/monitor network addresses
○ $ ip address show <interface>
○ # ip addr add 192.168.50.5 dev ens160
○ # ip addr del 192.168.50.5/24 dev ens160
● ip link - configure/monitor network link state
○ $ ip link show
○ # ip link set eth1 up
○ # ip link set eth1 down
● ip route - configure/monitor routing information
○ $ ip route show
○ # ip route add 10.10.20.0/24 via
192.168.50.100 dev eth0 “static route”
○ # ip route del 10.10.20.0/24
○ # ip route add default via 192.168.50.1
43. Linux network command
ping - send ICMP ECHO_REQUEST to network hosts
● $ ping 8.8.8.8
● $ ping 8.8.8.8 -c 4 “Stop after sending count ECHO_REQUEST packets.”
● $ ping -t 2 google.com “Time To Live”
○ PING google.com (172.217.18.14) 56(84) bytes of data.
○ From 172.31.13.5 (172.31.13.5) icmp_seq=1 Time to live exceeded
● $ ping google.com
○ PING google.com (172.217.18.14) 56(84) bytes of data.
○ 64 bytes from fra15s28-in-f14.1e100.net (172.217.18.14): icmp_seq=1 ttl=43 time=121 ms
46. Linux network command
traceroute - print the route packets trace to network host
● $ ping -t 1 google.com
○ … Time to live exceeded
● $ ping -t 2 google.com
● $ ping -t 3 google.com
● $ ping -t 4 google.com
● …
● $ ping -t 25 google.com
○ PING google.com (172.217.18.14) 56(84) bytes of data.
○ 64 bytes from fra02s19-in-f14.1e100.net (172.217.18.14): icmp_seq=1 ttl=43 time=123 ms
47. Linux network command
traceroute - print the route packets trace to network host
● traceroute google.com
○ traceroute to google.com (172.217.18.14), 30 hops max, 60 byte packets
○ 1 _gateway (172.16.22.1) 1.065 ms 1.255 ms 1.425 ms
○ 2 172.31.13.5 (172.3.3.5) 1.934 ms 2.270 ms 2.633 ms
○ ...
○ 10 * * *
○ 11 * * *
○ 12 * * *
○ 13 10.201.177.133 (10.201.177.133) 13.441 ms 13.442 ms 13.402 ms
○ ...
○ 19 108.170.240.56 (108.170.240.56) 52.736 ms 108.170.246.118 (108.170.246.118) 52.992 ms 108.170.240.55 (108.170.240.55)
53.057 ms
○ 20 216.239.54.211 (216.239.54.211) 132.193 ms 132.141 ms 216.239.56.13 (216.239.56.13) 130.140 ms
○ 21 72.14.233.132 (72.14.233.132) 122.384 ms 72.14.235.14 (72.14.235.14) 125.581 ms 125.489 ms
○ 22 72.14.239.166 (72.14.239.166) 126.233 ms 108.170.228.254 (108.170.228.254) 137.870 ms 137.551 ms
○ 23 108.170.251.129 (108.170.251.129) 122.273 ms 123.187 ms 123.335 ms
○ 24 74.125.37.125 (74.125.37.125) 124.512 ms 74.125.37.99 (74.125.37.99) 122.331 ms 122.317 ms
○ 25 fra15s28-in-f14.1e100.net (172.217.18.14) 124.916 ms 125.164 ms 124.830 ms
48. Linux network command
traceroute - print the route packets trace to network host
● traceroute google.com
○ traceroute to google.com (172.217.18.14), 30 hops max, 60 byte packets
○ 1 _gateway (172.16.22.1) 1.065 ms 1.255 ms 1.425 ms
○ 2 172.31.13.5 (172.3.3.5) 1.934 ms 2.270 ms 2.633 ms
○ ...
○ 10 * * *
○ 11 * * *
○ 12 * * *
○ 13 10.201.177.133 (10.201.177.133) 13.441 ms 13.442 ms 13.402 ms
○ ...
○ 19 108.170.240.56 (108.170.240.56) 52.736 ms 108.170.246.118 (108.170.246.118) 52.992 ms 108.170.240.55 (108.170.240.55)
53.057 ms
○ 20 216.239.54.211 (216.239.54.211) 132.193 ms 132.141 ms 216.239.56.13 (216.239.56.13) 130.140 ms
○ 21 72.14.233.132 (72.14.233.132) 122.384 ms 72.14.235.14 (72.14.235.14) 125.581 ms 125.489 ms
○ 22 72.14.239.166 (72.14.239.166) 126.233 ms 108.170.228.254 (108.170.228.254) 137.870 ms 137.551 ms
○ 23 108.170.251.129 (108.170.251.129) 122.273 ms 123.187 ms 123.335 ms
○ 24 74.125.37.125 (74.125.37.125) 124.512 ms 74.125.37.99 (74.125.37.99) 122.331 ms 122.317 ms
○ 25 fra15s28-in-f14.1e100.net (172.217.18.14) 124.916 ms 125.164 ms 124.830 ms
49. Linux network command
arp - manipulate the system ARP cache
● $ arp -a
○ ? (172.16.10.44) at 08:01:27:62:9a:8f [ether] on enp0s25
○ ? (172.16.10.40) at 1c:1b:0d:49:e6:4 [ether] on enp0s25
● $ arp -d 192.168.10.11 “delete a ARP table entry”
● ip -s -s neigh flush all “clear the arp cache”
○ 172.16.10.44 dev enp0s25 lladdr 08:00:23:62:9a:8f used 460/456/412 probes 1 STALE
○ 172.16.10.40 dev enp0s25 lladdr 10:8b:0d:39:e6:a4 used 44420/44418/44378 probes 1 STALE
50. Linux network command
netstat - Print network connections, routing tables, interface
statistics
● $ netstat -a | more “ Show listening and non-listening sockets.”
● $ netstat -at “ List all TCP ports”
● $ netstat -au “List all UDP ports”
● $ netstat -l “List only the listening ports”
● $ netstat -lt “List only listening TCP ports”
● $ netstat -lu “List only listening UDP ports”
● $ netstat -i “List network interfaces”
● $ netstat -ie “did you miss ifconfig ;) “
● $ netstat -r “host’s IP routing table ”
51. Linux network command
netstat -
● Which process is using a particular port:
○ # netstat -an | grep “:80”
● The port on which a program is running:
○ # netstat -ap | grep ssh
● Netstat retrieves information about the networking
subsystem from the /proc/net file system.
● /proc/net/dev “device information”
● /proc/net/tcp “TCP socket information”
● /proc/net/unix “Unix domain socket information”
52. Linux network command
tcpdump - prints out a description of the contents of packets on
a network interface (A Network Sniffer Tool)
● # tcpdump -i eth0
● # tcpdump -w myfile.pcap -i eth0 “Capture and Save Packets in a File”
● # tcpdump -r myfile.pcap -i eth0 “Read Captured Packets File”
● # tcpdump -n -i eth0 “Capture IP address Packets”
● # tcpdump -i eth0 tcp “Capture TCP Packets”
● # tcpdump -i eth0 port 22 “Capture from Specific Port”
● # tcpdump -i eth0 src/dst 1.2.3.4 “Capture from source/destination IP”
● # tcpdump -i eth0 src 1.2.3.4 and port not 22 “Do not capture specific port”
●
56. Iptable Concepts
TABLES
1. Filter:Role is packet filtering
a. default & main table
2. NAT: Role is Netwrok Address
Translation
3. Mangle: Role is Modify IP
Headers
CHAINS
Iptables places rules into
predefined chains
1. Pre-routing
2. Input
3. Forward
4. Output
5. Post-routing
RULES
● User defined commands
to manipulate network
traffic:
● For example:
○ Iptables -A INPUT -s
15.1.1.2 -j DROP
59. Targets and Jumps
● ACCEPT: allowed. Stops further processing
● DROP: Drops. Stop further Processing
● REJECT: like the DROP target, but will also return an error mesage to the host sending the packet
● LOG: Logs to syslog, Continue Procesing next rule
● ...
60. General iptables command switch
● -t <table> : {filter, nat, mangle}
● -j <target>: choose the actions {ACCEPT, DROP … }
● -F : delete all the rules of the chain
● -p <protocol-type>: {tcp, udp, icmp}
● -s <ip-address>: source ip address
● -d <ip-address>: destination ip address
● -i <interface-name>: input interface
● -o <interface-name>: output interface
61. Iptables -t[table] -OPTIONS[CHAIN] [matching component] [Action component]
Filter
NAT
Mangle
INPUT, FORWARD,
OUTPUT
Pre-routing,
post-routing, output
Pre-routing,
post-routing, forward,
output, input
Options:
A:append, I:insert,
D:delete, L:list, F:
flush, -P: policy
p - Protocol
s - Source IP
d - Dest IP
i - IN Interface
o - OUT Interface
ACCEPT
DROP
REJECT
LOG
62. Writing a Simple Rule Set
Stateful Packet Inspection (SPI)
Allow all outgoing connections but block all unwanted incoming connections
1. # iptables -P INPUT ACCEPT
2. # iptables -F
3. # iptables -A INPUT -i lo -j ACCEPT
4. # iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
5. # iptables -A INPUT -p tcp --dport 22 -j ACCEPT
6. # iptables -P INPUT DROP
7. # iptables -P FORWARD DROP
8. # iptables -P OUTPUT ACCEPT
9. # iptables -L -v
63. 1. If connecting remotely we must first temporarily set the default policy on the INPUT chain to ACCEPT
otherwise once we flush the current rules we will be locked out of our server.
2. We used the -F switch to flush all existing rules so we start with a clean state from which to add new
rules.
3. Append (-A) to INPUT chain the Acceptance of incoming packet to the loopback interface
4. The state module (-m state) determine if packet is ESTABLISHED or RELATED. ESTABLISHED and
RELATED refers to incoming packets that are part of an already established connection or related to
and already established connection. (what if we added NEW too ;) )
5. Here we add a rule allowing SSH connections over tcp port 22.
6. The -P switch sets the default policy on the specified chain.
7. we've set the default policy on the FORWARD chain to DROP as we're not using our computer as a
router so there should not be any packets passing through our computer.
8. set the default policy on the OUTPUT chain to ACCEPT as we want to allow all outgoing traffic (as we
trust our users).
9. Finally, we can list (-L) the rules we've just added to check they've been loaded correctly.