Interesting links (2011-04-03)

General networking

Protecting the router control plane (RFC 6192): among other goodies, this document has a high-level description of high speed routers (sometimes known as layer-3 switches).

Is the network administrator role going away? I’ve heard the “something is going away” prediction too often in the last 20 years. We just end up doing other (more complex) things.

8 hints for using DNS more effectively – another great post from The Lone Sysadmin.

IPv6

Yeah, I know, it never stops ... after being ignored for 15 years, IPv6 is becoming as hot as fabrics.

IPv6 Address Assignment to End Sites (RFC 6177) removes the stupid recommendation of assigning /48 to residential end-users. Finally we’re making some progress toward sanity. The /64-per-subnet one is still there.

Windows 7 seems to have weird problems with proper source address selection when using ULA addresses. The “use ULA internally to avoid renumbering” recommendation seems to be on hold ... (thanks for the link, @bobmccouch)

Project L3: Router Advertisements with scapy – teaching kids how to hack IPv6 networks as a science project.

Customer problems that could occur – nice list of things that can go wrong during IPv6 deployment.

IPv6 acceptance: Should you consider IPv4-style solutions? Good overview. It seems HP has pretty rich IPv6 implementation, but my cynical mind never rests.

“While SLAAC does not have as rich a set of parameters as DHCPv6, it is available whenever and wherever your router is.” Means you don’t have DHCPv6 server functionality in your routers, right?

Routing an IPv6 Core on Link-Local Addresses: you can run an entire IPv6 core on link-local addressed ... but just because you could doesn’t mean that you should. Yandy provides a good description of advantages and caveats.

Odd bits and pieces

Teaching kids how to have a discussion. Some adults obviously never got that lesson in the kindergarten.

Jose Leitao from the Initial Draft blog has asked me a few questions about Cisco certifications and my webinars.

4 comments:

  1. great links :) Missing the one, where we got 6to4 to historical status (almost there :) )

    ReplyDelete
  2. Ivan Pepelnjak04 April, 2011 08:16

    Still waiting for the RFC to be published ;)

    ReplyDelete
  3. Curious Yellow06 April, 2011 12:59

    What is your opinion on CoPP? So far it seems to me like something that will generate a lot of admin overhead for very little protection given a malicious user. Protecting against a malicious user still does not guarantee protection from a malfunctioning legitimate sender.

    It seems like you're damned if you do and damned if you don't!

    ReplyDelete
  4. Ivan Pepelnjak13 April, 2011 18:35

    CoPP is a must in hostile environments (Internet backbones). As with every security feature, you have to balance the costs (configuring CoPP) and the risks (a single malicious user can burn out the router's CPU, causing all sorts of problems, including routing protocol adjacency loss).

    ReplyDelete

You don't have to log in to post a comment, but please do provide your real name/URL. Anonymous comments might get deleted.

Ivan Pepelnjak, CCIE#1354, is the chief technology advisor for NIL Data Communications. He has been designing and implementing large-scale data communications networks as well as teaching and writing books about advanced technologies since 1990. See his full profile, contact him or follow @ioshints on Twitter.