Moved to https://speakerdeck.com/ebiken/zebra-srv6-cli-on-linux-dataplane-enog-number-49
Introduction to SRv6, Linux SRv6 implementation and how to add SRv6 CLI to Zebra 2.0 Open Source Network Operation Stack.
Presented at ENOG (Echigo NOG) #49.
RFC 5996(IKEv2)のまとめ資料。
・もくじ
IPsecの概要(オリジナル)
Introduction(Section 1)
Header and Payload Formats(Section 3)
Exchanges and Payloads(Appendix C)
IKE Protocol Details and Variations(Section 2)
RFC 4306(旧IKEv2のRFC)との差分
Tutorial: Using GoBGP as an IXP connecting routerShu Sugimoto
- Show you how GoBGP can be used as a software router in conjunction with quagga
- (Tutorial) Walk through the setup of IXP connecting router using GoBGP
LinuxCon 2015 Linux Kernel Networking WalkthroughThomas Graf
This presentation features a walk through the Linux kernel networking stack for users and developers. It will cover insights into both, existing essential networking features and recent developments and will show how to use them properly. Our starting point is the network card driver as it feeds a packet into the stack. We will follow the packet as it traverses through various subsystems such as packet filtering, routing, protocol stacks, and the socket layer. We will pause here and there to look into concepts such as networking namespaces, segmentation offloading, TCP small queues, and low latency polling and will discuss how to configure them.
Moved to https://speakerdeck.com/ebiken/zebra-srv6-cli-on-linux-dataplane-enog-number-49
Introduction to SRv6, Linux SRv6 implementation and how to add SRv6 CLI to Zebra 2.0 Open Source Network Operation Stack.
Presented at ENOG (Echigo NOG) #49.
RFC 5996(IKEv2)のまとめ資料。
・もくじ
IPsecの概要(オリジナル)
Introduction(Section 1)
Header and Payload Formats(Section 3)
Exchanges and Payloads(Appendix C)
IKE Protocol Details and Variations(Section 2)
RFC 4306(旧IKEv2のRFC)との差分
Tutorial: Using GoBGP as an IXP connecting routerShu Sugimoto
- Show you how GoBGP can be used as a software router in conjunction with quagga
- (Tutorial) Walk through the setup of IXP connecting router using GoBGP
LinuxCon 2015 Linux Kernel Networking WalkthroughThomas Graf
This presentation features a walk through the Linux kernel networking stack for users and developers. It will cover insights into both, existing essential networking features and recent developments and will show how to use them properly. Our starting point is the network card driver as it feeds a packet into the stack. We will follow the packet as it traverses through various subsystems such as packet filtering, routing, protocol stacks, and the socket layer. We will pause here and there to look into concepts such as networking namespaces, segmentation offloading, TCP small queues, and low latency polling and will discuss how to configure them.
RFC8071(NETCONF Call Home and RESTCONF Call Home)の勉強資料Tetsuya Hasegawa
RFC8071(NETCONF Call Home and RESTCONF Call Home)ベースの勉強資料です。
https://docs.google.com/document/d/e/2PACX-1vR7ka6inXrrw5mVinn7S9ABlZ5s7bm7Ny29QWL7N36xRG2yn1h4L7DKpgjTIkVazUv3vTN7yBUB2ahM/pub
18. RFC編
下線、ハイライトは個人的に重要そうなところ。斜体、#はメモ。
原文のMUST/REQUIRED/SHALL/SHOULD/MAY/OPTIONAL等のRFC2119用語は原文のまま残しています。
MUST、REQUIRED、SHALL:絶対的な要求事項
MUST NOT:絶対的な禁止事項
SHOULD、RECOMMENDED:慎重に重要性を判断するべき要求事項
SHOULD NOT、NOT RECOMMENDED:慎重に重要性を判断するべき禁止事項
MAY、OPTIONAL:オプション。
SSH関連のRFCリスト
RFC 概要
RFC 4250
The Secure Shell (SSH) Protocol Assigned Numbers
https://tools.ietf.org/html/rfc4250
SSHのプロトコルで使用される番号の定義。
RFC 4251
The Secure Shell (SSH) Protocol Architecture
https://tools.ietf.org/html/rfc4251
SSHのアーキテクチャーの概要。
3つの主要コンポーネントであるTransport Layer
Protocol、User Authentication Protocol、
Coonection Protocolの概要。
RFC 4252
The Secure Shell (SSH) Authentication Protocol
https://tools.ietf.org/html/rfc4252
Authentication Protocolの詳細。
Public key、Password、Host-based client
authentication method。
RFC 4253
The Secure Shell (SSH) Transport Layer Protocol
https://tools.ietf.org/html/rfc4253
Transport Layer Protocolの詳細。
RFC 4254
The Secure Shell (SSH) Connection Protocol
https://tools.ietf.org/html/rfc4254
Connection Protocolの詳細。
Interactive login、コマンドのリモート実行、TCP/IP接
続、X11接続を提供する。
RFC 4255
Using DNS to Securely Publish Secure Shell (SSH) Key
Fingerprints
https://tools.ietf.org/html/rfc4255
DNSSECでSSH host keyを検証する方法。
DNS resource recordに”SSHFP”を追加する。
RFC 4256
Generic Message Exchange Authentication for the Secure
Shell Protocol (SSH)
https://tools.ietf.org/html/rfc4256
認証データが手入力される場合に適したSSH用の認証方式。
RFC 4335
The Secure Shell (SSH) Session Channel Break Extension
https://tools.ietf.org/html/rfc4335
SSHでBREAK signalを送信するSession Channel Break
Extension。
RFC 4344
The Secure Shell (SSH) Transport Layer Encryption Modes
https://tools.ietf.org/html/rfc4344
SSHで推奨するsymmetric encription method、Rekey頻
度。
RFC 4345
Improved Arcfour Modes for the Secure Shell (SSH) Transport
Layer Protocol
https://tools.ietf.org/html/rfc4345
Arcfour cipherの使用方法。
18
19. RFC 4419
Diffie-Hellman Group Exchange for the Secure Shell (SSH)
Transport Layer Protocol
https://tools.ietf.org/html/rfc4419
DH group exchangeの新しいグループの追加。
RFC 4432
RSA Key Exchange for the Secure Shell (SSH) Transport Layer
Protocol
https://tools.ietf.org/html/rfc4432
RSA public key encryptionによる鍵交換。DH鍵交換より
CPUを使わない。
RFC 4462
Generic Security Service Application Program Interface
(GSS-API) Authentication and Key Exchange for the Secure
Shell (SSH) Protocol
https://tools.ietf.org/html/rfc4462
Generic Security Service Application Program
Interface (GSS-API)で認証、key exchangeする方法。
RFC 4716
The Secure Shell (SSH) Public Key File Format
https://tools.ietf.org/html/rfc4716
Public keyを交換するためのpublic key fileフォーマッ
トの定義。
RFC 4819
Secure Shell Public Key Subsystem
https://tools.ietf.org/html/rfc4819
Public Key Subsystemというクライアントがpublic key
を追加/削除したり、サーバーがpublic keyを管理するための
メカニズムの説明。
RFC 5647
AES Galois Counter Mode for the Secure Shell Transport
Layer Protocol
https://tools.ietf.org/html/rfc5647
Transport Layer Protocolに機密性とintegrityを提供
するAES Galois Counter Modeの説明。
RFC 5656
Elliptic Curve Algorithm Integration in the Secure Shell
Transport Layer
https://tools.ietf.org/html/rfc5656
Elliptic Curve Cryptography (ECC)(楕円曲線)に基づ
くアルゴリズムの説明。
RFC 6187
X.509v3 Certificates for Secure Shell Authentication
https://tools.ietf.org/html/rfc6187
X.509v3 public key certificatesを使用する方法。
RFC 6239
Suite B Cryptographic Suites for Secure Shell (SSH)
https://tools.ietf.org/html/rfc6239
Suite Bに対応するSSHのアーキテクチャー。ECDH key
agreement、ECDSA、AES-CGM、SHA-256/SHA-384、
X.509 certificatesを使用する。
RFC 6594
Use of the SHA-256 Algorithm with RSA, Digital Signature
Algorithm (DSA), and Elliptic Curve DSA (ECDSA) in SSHFP
Resource Records
https://tools.ietf.org/html/rfc6594
SSHFP、DNSSECでSSH host keyを検証する方法用のDNS
resource recordにSHA-256 Fingerprint、ECDSAを使
用する定義を追加する。
RFC 6668
SHA-2 Data Integrity Verification for the Secure Shell
(SSH) Transport Layer Protocol
https://tools.ietf.org/html/rfc6668
データのintegrityのためのアルゴリズムとパラメーターの定
義。
RFC 4253のupdate。
RFC 7478
Ed25519 SSHFP Resource Records
https://tools.ietf.org/html/rfc7479
Ed25519 signature algorithmのアルゴリズム番号の定
義。
Errata
https://www.rfc-editor.org/errata_search.php?rfc=XXXX
19