digest of materials about the work of providers, experiments and more

In the previous issue of the network digest, we talked about hardware and regulation in the field of communications. This time the collection includes articles about configuring and supporting networks, as well as some experiments in the field of network technologies.

Photo: Ken/Unsplash.com

Photo: Ken/Unsplash.com

Provider work

Why and who needs VoWiFi technology — telecoms and telecom operators who would like to support calls outside the coverage area or with an unstable connection to the mobile network. Working with VoWiFi helps them provide high-quality communications, for example, in intercity transport and rural areas, and in megacities it helps reduce the load on networks. We'll tell you how it works and what Wi-Fi connection options are available: from UMA to OTT. We also look at the limitations of the technology that are worth knowing.

What is EPDG — we continue the topic and share our compact guide for specialists involved in configuring and supporting networks and information systems. The solution allows you to launch WiFi Calling outside the coverage area of ​​the operator's base stations – while the quality of communication may well exceed the level usual for subscribers. By the way, in this video we demonstrated the basic configuration using this approach, and in our wiki we disassembled main processes, components, integration scenarios and more.

How our QoE analytics module works — we consider a practical case demonstrating the capabilities of the Quality of experience module and our system for identifying and eliminating problem areas, as well as optimizing network operation. We give an example with the collection of basic statistics and tests. We also have more detailed information on this topic. video analysis working with the QoE module with metrics, demos and approaches to using QoE in practice.

How does the Kirin attack work? — Many vulnerabilities have already been identified in BGP, but recently a new type of attack has appeared. We discuss how it works, why it allows you to bypass traditional security methods, and what solutions are available to counteract attackers. In addition, we are looking at new projects that offer alternative approaches to network architecture: SCION, MobilityFirst and others. As an addition, we share relevant materials for additional reading.

Data centers and corporate networks

How we help data centers and ASN owners — we analyze the main threats to the data center infrastructure and methods of protection using our systems. Using the example of a TCP SYN flood class attack, we consider a test configuration, a network diagram without active influence from attackers, as well as a traffic flow diagram in protection mode. At the same time, we are talking about the capabilities of Kaspersky Threat Data Feeds.

What the FRRouting routing package can do — we talk about what is “under the hood” of the solution, look at its connection with Quagga, give opinions on FRR and briefly consider several alternatives. In general, the package is used by large telecoms and providers, but there are some limitations that we also noted.

Why do you need VEOS OS? is our multifunctional Linux-based distribution for use in corporate networks. In a compact wiki we talk about it functional characteristics, installation, transition with CentOS as well licenses.

Research and Experiments

How DIY switch enthusiasts assembled them — we continue the topic with a compact open source switch designed by students at a school in New Hampshire, and share notable examples of similar and noteworthy projects in this niche. We talk about open solutions like SatCat5 for IoT projects, virtual Open vSwitch and others: we share their main features and discuss limitations. We also supplement the story with a list of relevant materials from our blog on the topic.

One-bit protocol – analysis of a hypothetical situation in which the client and server are connected by two channels: a reliable one, through which data transmission is extremely expensive, and an unreliable one – it is free, but loses half of the packets. To solve the communication problem, the author of this compact article proposes to establish an exchange of one-bit tokens that would reflect the presence of new messages on the server. Of course, the implementation represents just an experiment.

10 Gigabit network for $50 is a feature post in which an engineer tells how he took and built a 10-gigabit mesh network at home. He used mini PCs connected by USB4 cables. The author provides cost calculations and also describes setting up a Kubernetes cluster, NixOS operating system and systemd for network management. What's interesting is that thread More than 200 comments were written on Hacker News discussing the material and the proposed solution.

Take and send USB traffic over the network — the usbredir protocol will help solve the problem. It is often used with virtual machines in QEMU and Spice, but can be used on other systems as well. The article also looks at various ways to configure and integrate with QEMU, libvirt and virt-manager to redirect USB traffic. And detailed documentation on the protocol can be found in the GitLab repository.

Photo: benjamin lehman / Unsplash.com

Photo: benjamin lehman / Unsplash.com

Network reverse engineering — engineer Ken Shiriff reverse engineered the Ethernet backoff mechanism on the Intel 82586. He focused on how the chip manages collisions in Ethernet. The author talks about the design of counters and registers with circuit diagrams and photographs of the board, pays attention to technical details and principles of operation at the physical level. Ken Shiriff is generally known for his love of reverse engineering. For example, in the past he figured it out in an audio amplifier installed in a popular portable console.

Our other collections of materials:

  • A selection of open resources with information on vulnerabilities – CVE, NVD, OpenCVE and VulDB are four resources that offer their own APIs for obtaining data and sending notifications about threats (and more).

  • Open source solutions for network emulation – several solutions that will help build a topology and test the fault tolerance of the infrastructure. The list includes: Containerlab, Mininet, Kathará, IMUNES, CORE and other solutions.

  • A couple of open source solutions for delivering notifications are open services for managing notifications on mobile platforms, which will be useful not only to system administrators, but also to developers as part of pet projects. We talk about Gotify for sending messages to the server, Novu for launching your notification center, as well as UnifiedPush, Apprise and ntfy.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *