NFV-style DDoS mitigation using Snabb Switch

My employer arranged for a hack day last month. It meant anyone participating was free to hack on anything they wanted and at the end of the day we got to present our work during a 2 minute flash presentation to our colleagues as well as a number of students from KTH's (Royal institute of technology) computer science program.

Modern DDoS detection

The detection of DDoS attacks is typically based on some form of threshold value and typically on traffic that is going to a potential target, ie to the host that we want to protect from attacks.

It can be a threshold value for total traffic or for a certain traffic class, like UDP packets, and the actual threshold value can either be configured statically or it can be more dynamic and based on previously collected data, ie baselining and from that finding anomalous traffic patterns.

Python and ISIS

Just had to write this entry, in hopes it will pop up on Google searches for Python and ISIS. For those of you that want to speak the routing protocol IS-IS with open source tools written in Python, it can be rather tricky finding things through Google as I have found out the hard way. Thankfully though, I stumled upon PyRT a few years ago. It's short for Python Routeing Toolkit and aims to provide a small suite of tools and libraries helping in diagnosing routeing information from IS-IS, OSPF and BGP.

The curious case of, and

Today I found, and in my routing table being originated from AS15169, ie Google. Somewhat surprised by this I decided to dig a little further into the topic.

JUNOS & SLAX scripting, how to return values from functions and assign to variables

JUNOS commit / op / event scripts are great, but the language they are written - be it XSLT or SLAX is perhaps not the most intuitive on earth.

How do you delete communities in RPL on IOS XR

In IOS you can easily sanitize communities on received BGP prefixes with the help of a route-map and a community-list, but how do you do such a thing on IOS XR? The tools provided seem a lot more coarse...

Juniper MX and tunable optics

Got my hands on a fully DWDM C-band tunable XFP today! Didn't take long before it was properly seated in a small MX80 I have in close vicinity. Soon later, disappointed and dismayed to see a peak pegged to 1550nm on my spectrum analyzer...

Talking SNMP(v3) with Nokia Siemens Network (NSN) Surpass hiT 7300

During a recent 40G trial with NSN equipment I found myself wanting to have a (close to) realtime view of performance data of the box, unfortunately this is not provided by the crippled NSN GUI...

Living with Windows 7 (and XP)

I'm pretty much a unix person at heart. I like most of the concepts that come with it, it's not like I care much about what kernel I use, Linux, FreeBSD whatever. What is nice though is the general concept of how you work and interact with a lot of the applications. Piping between processes in your shell or having that nice mark-some-text-with-your-mouse-to-copy is part of the things I just like with unix-style system.

Now, I'm forced to use windows occasionally (or quite a lot actually) as computers at work are WinXP and I do run a Win7 computer at home (together with a few Linux boxes).

Well this is kind of embarrassing... presenting PyarrFS!

A while ago I presented PyarrFS - a RAR reading file system, which allows the user to transparently read RAR files as if they were normal directories and files. The embarrassing part is that it was hardly functional thanks to non-existent support for the seek() call. The tests I did back then only tried reading the first few bytes of a file and if that succeeded all was good. Since the OS reads 4096 byte or so by the first read() call, no seeking was ever performed and I never noticed my fatal flaw until actually trying it out in real life...

A typical PyarrFS user exposing her satisfaction with said file system! (image courtesy of

Syndicate content