1941w and its configuration...

…doesn’t have to be totally banal. it’s much more performant (300kpps, around the NPE300 performance from 7200!), so i upgraded my home 1803w to 1941w. as there are no readily available examples for complete config of the router (wired + WLAN), I decided to take the case in my hands and produce some examples. you may find them here.

June 29, 2010 · Łukasz Bromirski

short RAID story

those of you frequently visiting my home site noticed that it wasn’t available for some time. unfortunately, that’s because of interesting RAID 5 failure in my server that hosts also my web page. FreeBSD relentlessly tried to serve web traffic from filesystem that was failing apart because of hardware problems, but then, 30 minutes after first failure, second hard disk failed in the same array! temperature was finely tuned, but it seems that after 5 years of continous work they had to fail....

June 12, 2010 · Łukasz Bromirski

after plnog #4

plnog, plnog and… gone. it looks like we have actually grown into the most serious and largest independent conference dedicated to people working on service provider networks in Poland - though I’m not going to fight anyone on the number of participants, this additional 100 people on each subsequent edition of PLNOG (we counted 395 participants this time!) speaks for itself. to the point that I’ve met many people for the first time in my life :)...

March 6, 2010 · Łukasz Bromirski


…tool for documenting and mapping networks. also, short piece on deconfliction. Google to enlist NSA to help in the cyberdefence, and short brief on efficient meetings from great blog (read it!) winter break… aaand it’s gone.

February 6, 2010 · Łukasz Bromirski

ipv6 for christmas

there’s really almost nothing much simpler than starting to use IPv6. first of all, all major OS support IPv6 today. most of them are running it out of the box. second of all, tunnel brokers are available everywhere, so while i haven’t had luck with sixxs (they didn’t respond after weeks of waiting), using Hurricane Electric was easy and took like seconds. friendly “wizard” will walk you through and then even show example of configuration for your device....

December 24, 2009 · Łukasz Bromirski

"all your base are belong to us"

not so long ago as a joke I had a sad vision of what will happen when in the end all our data, including DNA, will be stored in a digital form. the company(-ies) that store them just goes bankrupt and sells them as the most valuable resources. we did it standing in the queue at the airport in Washington, where to get to the US we had to get our photo taken (which was compared with the previous ones) and pass their fingerprints closer to the unidentified governmental agenda created as part of the Bush government’s panic and hysterical movements after the attacks of 11th of September....

November 30, 2009 · Łukasz Bromirski

confidence 2009 take 2 - post show

druga edycja CONFidence 2009 w tym roku, a już siódma ogólnie zakończyła się parę godzin temu. zgodnie z przewidywaniami mieliśmy dużo dobrej zabawy, całą rzeszę prelegentów wraz z ciekawymi sesjami i oczywiście - was. widzów, uczestników i aktywnych współtwórców konferencji (a przecież, jak doskonale wiemy, ostatnio nie każdy ma to szczęście :D). sesje i materiały z sesji, oraz materiały dodatkowe będą pojawiać się z czasem na stronie konferencji. moja prezentacja znajduje się jak zwykle w secji z prezentacjami....

November 20, 2009 · Łukasz Bromirski

confidence 2009 take 2

już w najbliższy czwartek zaczyna się druga tegoroczna edycja konferencji poświęconej bezpieczeństwu - CONFidence. tym razem tematyka sesji jest jeszcze bardziej zróżnicowana niż ostatnio, co przypisać należy zapewne podróżom Andrzeja i tym, co widział na konferencjach zagranicznych :) z działki sieciowej pojawi się Felix Lindner, badacz m.in. IOSa. jego sesja niewątpliwie otwiera oczy, szczególnie osobom które uważają że ich producent sprzęt dostarcza rozwiązania lepszej jakości i bezpieczniejsze niż Cisco. będzie niewątpliwie ciekawa dla wszystkich, którzy uważają że Cisco nie robi dobrej roboty zabezpieczając Cisco IOS....

November 15, 2009 · Łukasz Bromirski

westerplatte and our aces...

i’ve read two books recently, essentially as you can say ‘on one breath’. our polish books, important ones. first, legendary today is Black crosses over Poland by Stanisław Skalski. every military aviation fan should read this one, because it brilliantly and lively describes how it was in september 1939 to fight loosing war for polish sky. it was relentless, there was no integrated strategy, but pilots shown their best. cruel reality of second world war squeezed and twisted their lifes and they tried to live through it....

September 27, 2009 · Łukasz Bromirski

H1N1 vs humanity and computer viruses

very interesting article, that led to writing this even more interesting article, describing how computer viruses compare to human.

September 5, 2009 · Łukasz Bromirski

drama at Radom - double drama it is

probably everyone watching TV and listening to the radio, or with Internet access knows about Belarussian Su-27 crash. two-seater version went down, killing both pilot and weapons operator. the flight itself, before the crash, was beautiful - as usual in the case of russian fighters. the real honor for sacrifice goes however to both pilot and weapons operator. why? despite the fact, that the fighter hit high voltage lines and they were perfectly capable of ejecting, they decided against....

August 30, 2009 · Łukasz Bromirski

freebsd 8

there’s a very interesting page that shows what’s upcoming in FreeBSD 8 release.

August 15, 2009 · Łukasz Bromirski

ip sla and shell scripting

i had a problem yesterday - i needed to generate at least a dozen packets per second minimum between two connected devices (without ability to insert PC or traffic generator between them - that was Catalyst 3550 and 4900M). traffic needed to be exchanged over a time frame of several hours, so ping from console line wasn’t feasible either. the solution was pretty straightfoward - ip sla. as Catalyst 4900M was to be under test, on Catalyst 3550 i created two VRFs:...

May 30, 2009 · Łukasz Bromirski

openbsd network stack...

…as described by Claudio Jeker during last AsiaBSDCon can be found here and here for whitepaper. Henning Brauer, on the other hand, gave a very good packet filtering session and OpenBSD network stack in general during DC BSDCon 2009. video can be found here and slides here.

April 19, 2009 · Łukasz Bromirski


during previous PLNOG we’ve had a broad discussion about apocalyptic vision of depleting IPv4 and 2-byte space. some time ago Cisco IOS 12.4(24)T was released, and it brings 4-byte ASN feature for ISR (1800/2800/3800) and 7200 routers. so if you’re using Cisco gear, you can request 4 byte ASN using RIPE form, and then advertising it properly (starting from 1st of January, 2009 RIPE will by default hand out 4 byte ASNs)....

March 13, 2009 · Łukasz Bromirski

layer 2 and 3 security - live demo

if you haven’t seen my practical demonstration at SecureCON 2007, you can see extended version on this thursday - i’ll be visiting AGH in Cracow at 7:45pm to do “show & tell” session as part of netWork sessions. session will be extended as we’ll have more time. photos can be found here and more information about the session itself can be found here.

February 20, 2009 · Łukasz Bromirski

ccie service provider

i came back yesterday from Brussels and today at 5:30am the verdict came in - definitely “PASS” :) so… let me share some advice and tips for those of you preparing to take CCIE SP practical exam (without breaking NDA of course). first of all - if you have that luxury of training on any software version - please try to check with the current Cisco page and align. software is quite “specific”, and you may be hit with interesting behavior that may be a little bit different from mainline versions....

February 10, 2009 · Łukasz Bromirski

10Gbps... and so on

on the network throughput front, we’re fighting (albeit in distributed manner) for getting throughput from commodity PC hardware on par with dedicated, hardware routing platforms. with OSes like Linux and BSD. to that end, recent document published after last Linux Congress in Hamburg shows that while it’s important to select proper multi-core CPU and motherboard to do fast traffic forwarding, we’re still hitting bottleneck at around 1Mpps. curiously enough, on one of the slides you can spot information, that large FIB in Linux doesn’t impact performance too much....

December 17, 2008 · Łukasz Bromirski

BGP Blackholing PL

for all those of you concerned with vanishing of BGP blackholing PL project page - please calm down. we’re moving. current page is here. in other news, i’ll host discussion panel on upcoming PLNOG 2009. we’ll touch on blackholingu and other best practices to increase security of internet infrastructure. i’ll be joined by Konrad Plich from TP SA and polish CERT representatives.

December 13, 2008 · Łukasz Bromirski

art of presenting

delivering good and interesting presentation is usually challenge people talk about a lot. and that doesn’t even account for sessions in your native or foreign language. presentation, or put in other way - communication between you and other people (one, two, thousand) can trigger sleepless nights and fear often balooning to irrational size (USA surveys show that fear of public speaking is put on the first place, before insects and - watch this - death itself!...

October 4, 2008 · Łukasz Bromirski


thanks to Mirosław Kwaśniak, who in his very own time managed to find a way to generate PDF with polish letters - i was able to publish PDF that renders properly. thank you!

September 8, 2008 · Łukasz Bromirski


in a month from now, we’ll be launching first edition of PLNOG conference. we’re working to deliver a lot of interesting sessions. apart from many abroad presenters, we’ll host also our own, polish specialists. you’ll have a chance to meet Wojtek Apel (3S), Tomasz Paszkowski (nasza-klasa.pl) and Marcin Mazurek (Allegro.pl). somewhere in the agenda there’s also my session about MPLS Traffic Engineering. before that, on Saturday and Sunday, I’ll deliver hands-on workshops on BGP and MPLS....

August 20, 2008 · Łukasz Bromirski

conferences, conferences...

summer holidays are in full swing - starting from 26th of July i’ll be running Cisco Academy courses at PROIDEA for CCNP. everyone who’s eager to have a good time learning and discussing technologies (way outside of official curriculum) should immediately contact academy reception. independently of that, we have two large conferences coming. at Cisco Expo 2008 i will deliver sessions on network architecture that minimizes the chances of becoming a victim of a DDoS attack and becoming part of botnet....

July 25, 2008 · Łukasz Bromirski

DDoS attacks

my article on defending networks from DDoS attacks was just published in online version of NetWorld magazine.

April 26, 2008 · Łukasz Bromirski

CONFidence 2008

during upcoming CONFidence 2008 conference, i’ll be delivering hands-on workshop about Cisco router security. of course you’re more than welcome :) video recording from SecureCON 2007 was published here.

April 12, 2008 · Łukasz Bromirski

Cisco Expo 2007

we just finished Cisco Expo, and there’s a lot of feedback and comments all around the internet - on ccie.pl or for example at barni.LOG. next week i should be able to present at SecureCON (well, if this time i’ll be able to get there in the first place :) ). i’ll be delivering a session about attacking and defending computer networks.

October 11, 2007 · Łukasz Bromirski

SMB bootcamp

6 people responded to my call for a Cisco FAQ PL conversion idea up until today… but unfortunately there are no results so far. well, maybe it’s time to roll up your sleeves and do it yourself … in unrelated, but more optimistic news - a week ago i finished delivering SMB Bootcamp for Cisco partners. there was a lot of work (3 days, 12-14 hours each). you can read a bit about it in the link above on the CCIE....

August 5, 2007 · Łukasz Bromirski

CCIE #15929

CCIE #15929. nothing more, nothing less :)

March 10, 2006 · Łukasz Bromirski

conferences, conferences

i’ll be presenting soon on following events: Noc Linuksozerców, in Kraków, 25-26 February FreeCON 2006 in Wrocław, 22-23 April CONFidence 2006 in Kraków, 13-14 May if you’d like to hear something specific during the sessions with regards to routing or security, please send me an email.

January 28, 2006 · Łukasz Bromirski

VoIP telephony

for all of those that are starting to make first steps with VoIP, or believe know everything - i’d like to highly recommend my fathers book that was just published via BTC publishing house. it covers both H.323 and SIP protocols, along with all auxiliary topics - like integration, and signaling over middleboxes like packet filters and stateful firewalls: Telefonia VoIP. Multimedialne sieci IP, Marek Bromirski, ISBN: 83-60233-07-1

January 20, 2006 · Łukasz Bromirski