Packet Pushers — A podcast by and for network engineers. Cisco Introduction IP QoS (Course) DNS Tunneling made easy. Yesterday I came across a technique to tunnel any traffic through the DNS protocol: All the packages you send are base32 encoded and prepended as the hostname of a DNS lookup request. A specially prepared DNS server will then forward your packages and reply with TXT answers. What is it good for? It's an interesting way to hide your traffic. Cory Doctorow wrote about it in Little Brother for example. But it can also be used to sneak into certain public hotspots which are protected by HTTP redirections only. Those hotspots will allow web traffic to some few restricted websites (or some login page) only, but often allow all DNS traffic. It should also work to circumvent restrictive company firewalls. I googled for implementations and came across two.
One is NSTX which makes use of the tun device support in Linux. The second option are some Perl scripts by Dan Kaminsky included in his OzymanDNS scripts . However I found those scripts to be a bit messy and some things simply didn't work. Quot; Hijacking HTTP traffic on your home subnet using ARP and ... Let's talk about how to hijack HTTP traffic on your home subnet using ARP and iptables. It's an easy and fun way to harass your friends, family, or flatmates while exploring the networking protocols. Please don't experiment with this outside of a subnet under your control -- it's against the law and it might be hard to get things back to their normal state. The setup Significant other comes home from work. SO pulls out laptop and tries to catch up on social media like every night.
How do we accomplish this? The key player is ARP, the "Address Resolution Protocol" responsible for associating Internet Layer addresses with Link Layer addresses. ARP comes into play when you, for example, head over to a friend's house, pull out your laptop, and try to use the wireless to surf the web. Your laptop finds out the MAC address of the gateway by asking. But the gateway didn't really have to prove who it was. Step 1: The layout I did this at home. Step 2: Enable IPv4 forwarding What packets The rule. Ask Slashdot Story | Any Open Source Solutions For DIY Auto Diagnostics? Packet School 101 – Part 1 « Chris Sanders. ** Disclaimer to all new readers – This blog post is VERY old and not really representative of my current work. I’ve just left it up here for historical purposes. If you are interested in learning more about packet analysis I’d reccommend reading some of my newer posts or looking at my book, Practical Packet Analysis. ** Over the course of the next few weeks I am going to be putting out a series on network traffic analysis.
We won’t get into any actual packet analysis in the introductory article We will, however, go ahead and make sure we have the appropriate software to proceed, along with a brief understanding of how it works and how to use it. Getting Equipped The software we will be using for this series is the ever popular Ethereal network sniffing application. There is no actual hardware required for doing this type of analysis, however, it makes things a LOT easier if you have an old 10/100 hub lying around. Ethereal Basics Slipping On To the Wire Homework Packet School 101 – Part 2.
Intro to VRF lite. VRFs, or VPN Routing and Forwarding instances, are most commonly associated with MPLS service providers. In such networks, MPLS encapsulation is used to isolate individual customers' traffic and an independent routing table (VRF) is maintained for each customer. Most often, MP-BGP is employed to facilitate complex redistribution schemes to import and export routes to and from VRFs to provide Internet connectivity. However, VRF configuration isn't at all dependent on MPLS (the two components just work well together). In Cisco terminology, deployment of VRFs without MPLS is known as VRF lite, and this article discusses a scenario where such a solution could come in handy. Assume the topology illustrated below is a network owned by an enterprise. All router interfaces which provide transport for both types of traffic have been configured with two subinterfaces performing 802.1Q encapsulation; .10 for VLAN 10 (blue) and .20 for VLAN 20 (red).
To begin, let's create VRFs BLUE and RED on R1: Communication Performance over a Gigabit Ethernet Network. Ethernet and TCP Throughput Model. This is a simplified model of TCP/IP over Ethernet behaviour of a single TCP connection intended to provide insight into throughput limitations of TCP/IP due to network transit latency. In the model, TCP/IP sends the maximum TCP receive window size worth of application data (filling the maximum possible receive buffer), then waits for a single acknowledgement for the entire max. window size burst. The model also assumes that the instant the acknowledgement is sent, the data is emptied from the receive buffer and the entire window size is again fully available. Analysis assumes no lost data (no retransmits are required, no delay associated with retransmit timer waits & no ACK timer waits); All datagrams sent are maximum size; No allowance for TCP slow start algorithm delay; This results in an upper bound style result.
Bear in mind that this simulates the performance of a single application, not an aggregate usage model of multiple simultaneous users on a network. Select Line Rate: Bytes. Internetworking Technology Handbook - Internet Protocol (IP) Multicast [Internetworking.