Category: worth reading

Bruce Davie collected numerous articles describing various aspects of early Internet history and pre-Internet days, including A Brief History of the Internet and The Design Philosophy of the DARPA Internet Protocols.

Have fun ;)

Emile Aben is describing an interesting behavior observed in the Wild West of the global Internet: someone started announcing BGP paths with an unknown attribute, which (regardless of RFC 7606) triggered some BGP session resets.

One would have hoped we learned something from the August 2010 incident (supposedly caused by a friend of mine 😜), but it looks like some things never change. For more details, watch the Network Security Fallacies and Internet Routing Security webinar.

On the Communications of the ACM web site, Bertrand Meyer argues that (contrary to the exploding hype) AI Does Not Help Programmers:

As a programmer, I know where to go to solve a problem. But I am fallible; I would love to have an assistant who keeps me in check, alerting me to pitfalls and correcting me when I err. A effective pair-programmer. But that is not what I get. Instead, I have the equivalent of a cocky graduate student, smart and widely read, also polite and quick to apologize, but thoroughly, invariably, sloppy and unreliable. I have little use for such supposed help.

Not surprisingly, my experience is pretty close to what he’s describing. AI is the way to go if you want something that looks reasonable (at a first glance), but not if you want to get something right. Unfortunately, there’s a bit of a difference between marketing and engineering: networks that are configured 90% correctly sometimes fail to do what you expect them to do.

Found an interesting article describing the shenanigans of a biotech startup. Admittedly, it has nothing to do with networking apart from the closing paragraph…

But people will find all sorts of ways to believe what they want to believe, to avoid hearing things that they don’t want to hear, and to avoid thinking about things that are too worrisome to contemplate.

… which is a perfect description of why people believe in centralized control planes, flow-based forwarding, or long-distance vMotion.

Julia Evans published another phenomenal blog post, this time focused on blogging myths including:

• You need to be original
• You need to be an expert
• Posts need to be 100% correct
• Writing boring posts is bad
• You need to explain every concept
• Page views matter
• More material is always better

Dip Singh published an excellent primer on communication fundamentals including:

• Waves: frequency, amplitude, wavelength, phase
• Composite signals, frequency domain and Fourier transform
• Bandwidth, fundamental and harmonic frequency
• Decibels in a nutshell
• Transmission impairments: attenuation, distortion, noise
• Principles of modern communications: Nyquist theorem, Shannon’s law, bit and baud rate
• Line encoding techniques, quadrature methods (including QPSK and QAM)

Even if you don’t care about layer-1 technologies you MUST read it to get at least a basic appreciation of why stuff you’re using to read this blog post works.

Brandon Hitzel published a detailed document describing various Internet WAN edge designs. Definitely worth reading and bookmarking.

Another phenomenal detective story published on Cloudflare blog: Unbounded memory usage by TCP for receive buffers, and how we fixed it.

TL&DR: Moving TCP window every time you acknowledge a segment doesn’t work well with scaled window sizes.

The interesting takeaways:

Years ago I’ve been involved in an interesting discussion focusing on NTP authentication and whether you can actually implement it reliably on Cisco IOS. What I got out of it (apart from a working example) was the feeling that NTP and it’s implementation in Cisco IOS was under-understood and under-documented, so I wrote an article about it. Of course the web version got lost in the mists of time but I keep my archives handy.

Last weekend I migrated that article to blog.ipSpace.net. I hope you’ll still find it useful; while it’s pretty old, the fundamentals haven’t changed in the meantime.

I joined Twitter in October 2008 (after noticing everyone else was using it during a Networking Field Day event), and eventually figured out how to automate posting the links to my blog posts in case someone uses Twitter as their primary source of news – an IFTTT applet that read my RSS feed and posted links to new entries to Twitter.

This week, I got a nice email from IFTTT telling me they had to disable the post-to-Twitter applet. Twitter started charging for the API, and I was using their free service – obviously the math didn’t work out.

That left me with three options:

Before we managed to recover from the automation cargo cults, a tsunami wave of cargo cult AI washed over us as Edlyn V. Levine explained in an ACM Queue article. Enjoy ;)

Also, a bit of a historical perspective is never a bad thing:

Impressive progress in AI, including the recent sensation of ChatGPT, has been dominated by the success of a single, decades-old machine-learning approach called a multilayer (or deep) neural network. This approach was invented in the 1940s, and essentially all of the foundational concepts of neural networks and associated methods—including convolutional neural networks and backpropagation—were in place by the 1980s.

Bruce Schneier wrote an excellent essay explaining why we need trustworthy AI and why we won’t get it as long the AI solutions are created by large tech companies with you are a product business model.

Michele Chubirka published a must-read article on technology fallacies including this gem:

Technologists often assume that all problems can be beaten into submission with a technology hammer.

As I’ve been saying for ages (not that anyone would listen): all the technology in the world won’t save you unless you change the mentality and rearchitect broken processes.

I mentioned IP source address validation (SAV) as one of the MANRS-recommended actions in the Internet Routing Security webinar but did not go into any details (as the webinar deals with routing security, not data-plane security)… but I stumbled upon a wonderful companion article published by RIPE Labs: Why Is Source Address Validation Still a Problem?.

The article goes through the basics of SAV, best practices, and (most interesting) using free testing tools to detect non-compliant networks. Definitely worth reading!

I wrote dozens of blog posts debunking disaster recovery fairy tales (mostly of the long-distance vMotion and stretched clusters variety) over the years. They are collected and sorted (and polished a bit) in the new Disaster Recovery Resources page. Hope you’ll find them useful.