aviate, navigate, communicate

z tym arpanetem wcale nie było jak myślicie

was not built for US military. it wasn’t even built to enable survivability of US military infrastructure after nuclear war. there’s a myth in the “internet circles”, that i’m fighting for couple of years already. recently, i was reading great book - Dream Machine. it’s as good as (at least) Dealers of Lightning or 747 - but maybe even better. you probably heard the story already - US gov ordered RAND to check if they could built survivable comms system. Read more →

why i don’t give a fuck

znalazłem po Farnam Street, kolejny ciekawy blog - Marka Mansona. znalazłem dzięki artykułowi The Subtle Art of Not Giving a Fuck. ale po przejrzeniu tego, zrozumiałem, jak zadziwiająco dużo punktów faktycznie dałbym sobie jako poradę te 7 lat temu. warto czytać. i myśleć. Read more →

ietf and new ideas

while looking through recent IETF meeting notes i found interesting idea - splitting OSPF area zero without incurring outage. it’s very interesting idea for flawless, in-service migrations. on the other side, another OSPF concept that I was afraid somebody will bring up is… enabling FlowSpec capabilities. oh my… the overlay networking effort is gaining grounds, with architectural choices as well as security. it’s interesting how much longer it will take. Read more →

AOL still gets a lot money from..

…people using dialup connections. those poor people stay need them to take advantage of restricted Internet services provided by AOL. a year ago at that time, still around 2.6 million of US citizens were connecting to internet that way. …and you think that your 1Mbps upstream link is not enough? ;P Read more →

who gives more?

quite recently i described my own new workstation. it has dual Xeon processors, and today i decided to upgrade memory from 128GB to 256GB (yeah, i’m used to run a lot of VMs). so below you can see the outcome - 256GB RAM, 2 physical CPUs, 16 cores, 32 threads: great advantage of having such workstation at your disposal is that you simply can run everything thrown at it. it’s quiet, it’s effective and it also doubles as great gaming station. Read more →

and yet it’s machines…

…are better at building TCP stacks than we are. i came across the track of an interesting project - RemyCC, providing greater efficiency and at the same time a better division and lower delays (on average). it is worth to look. Read more →

Aegis at UW

Maciej Broniarz invited us to take part in new security focused conference. Aegis (just like Aegis - American integrated naval weapons system) will take place on 2nd and 3rd July at University of Warsaw. i hope that most of you will decide to take part of it, as judging from agenda. together with Maciej we’d like to also have a panel on DDoS attacks, and then we’ll deliver session together - ‘security by duct tape’. Read more →

15.2(3)T is out, so is IOS-XE 3.6S

…and inside, you’ll find a lot of completely new features overall (MediaTrace 2.0, IPv6 for GETVPN data plane, new IPv6 IP SLA extensions, LISP extensions), or for the first time available on software routing platforms like ISRy G2 (BGP PIC Edge and Core, BGP route-server, Multicast Live-Live). everything can be found here. simultaneously, IOS_XE 3.6S came out, along with bunch of features that are catching up with traditional IOS releases - things like CGNAT or hardware support for BFD. Read more →

10GE at home

as you can see, 1GE share in overall switching market started to rise only recently (mainly thanks to cheap NICs and onboard integrations done by Realtek, Marvell, Broadcom and Intel). on the other hand, hunger for bandwidth grows as well - full HD movies from NAS need a lot of it, and if you’re planning to do something in addition to that sourced from the same NAS - it’s even worse (it seems everyone streams nowadays video content to different mobile devices around their homes over WLAN). Read more →

1941w and its configuration…

…doesn’t have to be totally banal. it’s much more performant (300kpps, around the NPE300 performance from 7200!), so i upgraded my home 1803w to 1941w. as there are no readily available examples for complete config of the router (wired + WLAN), I decided to take the case in my hands and produce some examples. you may find them here. Read more →


during previous PLNOG we’ve had a broad discussion about apocalyptic vision of depleting IPv4 and 2-byte space. some time ago Cisco IOS 12.4(24)T was released, and it brings 4-byte ASN feature for ISR (1800/2800/3800) and 7200 routers. so if you’re using Cisco gear, you can request 4 byte ASN using RIPE form, and then advertising it properly (starting from 1st of January, 2009 RIPE will by default hand out 4 byte ASNs). Read more →

10Gbps… and so on

on the network throughput front, we’re fighting (albeit in distributed manner) for getting throughput on par with dedicated, hardware routing platforms - from commodity PC hardware, working on Linux and BSD. as for that, recent document published after last Linux Congress in Hamburg shows that while it’s important to select proper multi-core CPU and motherboard to do fast traffic forwarding, we’re still hitting bottleneck at around 1Mpps. curiously enough, on one of the slides you can spot information, that large FIB in Linux doesn’t impact performance too much. Read more →