Posts

Showing posts from July 5, 2009

Remotely-Triggered Black Hole (RTBH) Routing

Image
Remotely-Triggered Black Hole (RTBH) routing is an interesting application of BGP as a security tool within service provider networks. One common use is mitigation of distributed denial of service (DDoS) attacks, as this article will explore. Pictured below is a (very) simplified service provider architecture. Routers 1 through 4 compose the network core, and router 9 functions as a standalone "management" router for route injection. OSPF is running across the core to exchange internal routes. Each router in this core square also maintains an iBGP adjacency with the other core routers, and with router 9. The server at 172.16.10.100 represents the target of a DDoS attack. Assume a DDoS attack is launched from the public Internet toward the customer server at 172.16.10.100. The throughput consumed is so excessive that the attack is impacting the entire internal infrastructure and must be blocked at the edge. Due to the distributed nature of the attack, we must bl

Late Collision

在ICND1的Troubleshooting章節中,針對一些特定網路狀況的內容其實寫得不是很周全詳密,所以各位有可能會在其他書籍或文件中看到ICND1沒有提到的狀況,比方說 Late Collision 在ICND1指出這個狀況是因為Cable長度過長所導致,其實這只是原因之一而已。 http://en.wikipedia.org/wiki/Late_collision Late Collision is a type of collision found in the CSMA/CD protocol standard. If a collision error occurs after the first 512 bit times of data are transmitted by the transmitting station, a late collision is said to have occurred. Importantly, late collisions are not re-sent by the NIC unlike collisions occurring before the first 64 octets; it is left for the upper layers of the protocol stack to determine that there was loss of data. As a correctly set up CSMA/CD network link should not have late collisions, the usual possible causes are full-duplex/half-duplex mismatch , exceeded Ethernet cable length limits , or defective hardware such as incorrect cabling , non-compliant number of hubs in the network , or a bad NIC .