SlideShare a Scribd company logo

flowspec @ APF 2013

Download as PPT, PDF
Tom Paseka
Tom Paseka
Technology
1 of 15
Tom Paseka, Courtesy of Terry Rodery Aug 2013 Flowspec @ APF
2 Background • RFC 5575 (2009) • Piggybacks on top of existing BGP • Supported by Juniper (and Alcatel too apparently?) • Available in JunOS since 7.X • ExaBGP support too.
3 Operational • Configure rules on route server (config so easy a caveman could do it). • Commit config. • Rules are pushed via BGP to routers. I typically see the rules appear on my edge routers in a matter of seconds. • Flowspec counters are available for viewing from CLI using “show firewall”.
4 Drawbacks • Flowspec counters ARE NOT available via SNMP! Surely someone can fix this  You’ll need to write the necessary poller, database, graphing, etc. to do this. • Not able to use prefix-lists to define source/destination addresses. Must create multiple rules for multiple prefixes. • Flowspec is only supported on M,MX,T-Series devices and is not available on EX and SRX.
5 Sample “rule” configs Discards all traffic to UDP port 80. route DISCARD-80-UDP { match { protocol udp; destination-port 80; } then discard; }
6 Sample “rule” configs Rate-limit TCP SYN to 5Mbps. This will be the easiest rate limiting you’ve ever done on JunOS. No more manual policer configuration! route 108.162.203.11-RL { match { destination 108.162.203.11/32; protocol tcp; tcp-flags 2; } then rate-limit 5m; }
7 Sample “rule” configs route 141.101.124.242-DISCARD { match destination 141.101.124.242/32; then discard; } We no longer “nullroute” using BGP triggered blackhole to transit providers so we don’t lose visibility into the attack.
8 Time for the cool stuff! (Graphs)
9 Short Lived Syn Flood
10 Big attack
11 Decaying long lived attack
12 1Gbps attack
Questions?
Thank You
15 Bad Players range 198.32.176.0/24 - PAIX 198.32.176.0/24 141.101.86.1 100 0 13335 1299 701 i 198.32.176.0/24 141.101.90.1 100 0 13335 1299 701 i .......snip range 202.40.160.0/23 - HKIX 202.40.160.0/23 199.27.132.1 100 0 13335 4436 4134 4809 45474 i 202.40.160.0/23 108.162.235.1 100 0 13335 4436 4134 4809 45474 i .......snip range 206.223.123.0/24 - Equinix LA 206.223.123.0/24 103.22.203.1 100 0 13335 4637 6461 i .......snip range 218.100.59.0/24 - ACT-IX 218.100.59.0/24 108.162.247.1 100 0 13335 10026 45482 i range 91.212.235.0/24 - Balkan IX 91.212.235.0/24 141.101.69.1 100 0 13335 12615 47872 49401 49401 i range 198.32.177.0/24 - PAIX 198.32.177.0/24 141.101.67.1 100 0 13335 4436 2914 i .......snip range 206.223.123.0/24 - Equinix LA 206.223.123.0/24 103.22.203.1 100 0 13335 4637 6461 i 206.223.123.0/24 141.101.65.1 100 0 13335 4436 6461 i .......snip range 218.100.59.0/24 - ACT-IX 218.100.59.0/24 108.162.247.1 100 0 13335 10026 45482 i range 91.212.235.0/24 - Balkan IX 91.212.235.0/24 141.101.69.1 100 0 13335 12615 49401 49401 49401 i range 198.32.177.0/24 - PAIX 198.32.177.0/24 141.101.67.1 100 0 13335 4436 2914 i 198.32.177.0/24 141.101.72.1 100 0 13335 4436 2914 i .......snip range 198.32.132.0/24 - TELX 198.32.132.0/24 141.101.76.1 100 0 13335 4637 6461 22969 i 198.32.132.0/24 103.22.203.1 100 0 13335 4637 6461 22969 i 198.32.132.0/24 141.101.71.1 100 0 13335 1299 6461 22969 i 198.32.132.0/24 141.101.86.1 100 0 13335 1299 6461 22969 i .......snip

Recommended

DDoS Mitigation using BGP Flowspec
DDoS Mitigation using BGP Flowspec DDoS Mitigation using BGP Flowspec
DDoS Mitigation using BGP Flowspec APNIC
 
Kernel Recipes 2019 - Faster IO through io_uring
Kernel Recipes 2019 - Faster IO through io_uringKernel Recipes 2019 - Faster IO through io_uring
Kernel Recipes 2019 - Faster IO through io_uringAnne Nicolas
 
Linux Networking Explained
Linux Networking ExplainedLinux Networking Explained
Linux Networking ExplainedThomas Graf
 
MPLS WC 2014 Segment Routing TI-LFA Fast ReRoute
MPLS WC 2014 Segment Routing TI-LFA Fast ReRouteMPLS WC 2014 Segment Routing TI-LFA Fast ReRoute
MPLS WC 2014 Segment Routing TI-LFA Fast ReRouteBruno Decraene
 
BGP Unnumbered で遊んでみた
BGP Unnumbered で遊んでみたBGP Unnumbered で遊んでみた
BGP Unnumbered で遊んでみたakira6592
 
Userspace networking
Userspace networkingUserspace networking
Userspace networkingStephen Hemminger
 
Tutorial: Using GoBGP as an IXP connecting router
Tutorial: Using GoBGP as an IXP connecting routerTutorial: Using GoBGP as an IXP connecting router
Tutorial: Using GoBGP as an IXP connecting routerShu Sugimoto
 
Apache Flink in the Cloud-Native Era
Apache Flink in the Cloud-Native EraApache Flink in the Cloud-Native Era
Apache Flink in the Cloud-Native EraFlink Forward
 

Recommended

DDoS Mitigation using BGP Flowspec
DDoS Mitigation using BGP Flowspec DDoS Mitigation using BGP Flowspec
DDoS Mitigation using BGP Flowspec APNIC
 
Kernel Recipes 2019 - Faster IO through io_uring
Kernel Recipes 2019 - Faster IO through io_uringKernel Recipes 2019 - Faster IO through io_uring
Kernel Recipes 2019 - Faster IO through io_uringAnne Nicolas
 
Linux Networking Explained
Linux Networking ExplainedLinux Networking Explained
Linux Networking ExplainedThomas Graf
 
MPLS WC 2014 Segment Routing TI-LFA Fast ReRoute
MPLS WC 2014 Segment Routing TI-LFA Fast ReRouteMPLS WC 2014 Segment Routing TI-LFA Fast ReRoute
MPLS WC 2014 Segment Routing TI-LFA Fast ReRouteBruno Decraene
 
BGP Unnumbered で遊んでみた
BGP Unnumbered で遊んでみたBGP Unnumbered で遊んでみた
BGP Unnumbered で遊んでみたakira6592
 
Userspace networking
Userspace networkingUserspace networking
Userspace networkingStephen Hemminger
 
Tutorial: Using GoBGP as an IXP connecting router
Tutorial: Using GoBGP as an IXP connecting routerTutorial: Using GoBGP as an IXP connecting router
Tutorial: Using GoBGP as an IXP connecting routerShu Sugimoto
 
Apache Flink in the Cloud-Native Era
Apache Flink in the Cloud-Native EraApache Flink in the Cloud-Native Era
Apache Flink in the Cloud-Native EraFlink Forward
 
DockerCon 2017 - Cilium - Network and Application Security with BPF and XDP
DockerCon 2017 - Cilium - Network and Application Security with BPF and XDPDockerCon 2017 - Cilium - Network and Application Security with BPF and XDP
DockerCon 2017 - Cilium - Network and Application Security with BPF and XDPThomas Graf
 
Automated out-of-band management with Ansible and Redfish
Automated out-of-band management with Ansible and RedfishAutomated out-of-band management with Ansible and Redfish
Automated out-of-band management with Ansible and RedfishJose De La Rosa
 
Ifupdown2: Network Interface Manager
Ifupdown2: Network Interface ManagerIfupdown2: Network Interface Manager
Ifupdown2: Network Interface ManagerCumulus Networks
 
Where is my bottleneck? Performance troubleshooting in Flink
Where is my bottleneck? Performance troubleshooting in FlinkWhere is my bottleneck? Performance troubleshooting in Flink
Where is my bottleneck? Performance troubleshooting in FlinkFlink Forward
 
Apache OpenWhiskで実現するプライベートFaaS環境 #tjdev
Apache OpenWhiskで実現するプライベートFaaS環境 #tjdevApache OpenWhiskで実現するプライベートFaaS環境 #tjdev
Apache OpenWhiskで実現するプライベートFaaS環境 #tjdevYahoo!デベロッパーネットワーク
 
Faster packet processing in Linux: XDP
Faster packet processing in Linux: XDPFaster packet processing in Linux: XDP
Faster packet processing in Linux: XDPDaniel T. Lee
 
Contemporary Linux Networking
Contemporary Linux NetworkingContemporary Linux Networking
Contemporary Linux NetworkingMaximilan Wilhelm
 
Zebra SRv6 CLI on Linux Dataplane (ENOG#49)
Zebra SRv6 CLI on Linux Dataplane (ENOG#49)Zebra SRv6 CLI on Linux Dataplane (ENOG#49)
Zebra SRv6 CLI on Linux Dataplane (ENOG#49)Kentaro Ebisawa
 
Is is
Is isIs is
Is isIrham Nurhalim
 
Best Practices for ETL with Apache NiFi on Kubernetes - Albert Lewandowski, G...
Best Practices for ETL with Apache NiFi on Kubernetes - Albert Lewandowski, G...Best Practices for ETL with Apache NiFi on Kubernetes - Albert Lewandowski, G...
Best Practices for ETL with Apache NiFi on Kubernetes - Albert Lewandowski, G...GetInData
 
Practical learnings from running thousands of Flink jobs
Practical learnings from running thousands of Flink jobsPractical learnings from running thousands of Flink jobs
Practical learnings from running thousands of Flink jobsFlink Forward
 
コンテナネットワーキング(CNI)最前線
コンテナネットワーキング(CNI)最前線コンテナネットワーキング(CNI)最前線
コンテナネットワーキング(CNI)最前線Motonori Shindo
 
Linux Network Stack
Linux Network StackLinux Network Stack
Linux Network StackAdrien Mahieux
 
[KubeCon EU 2022] Running containerd and k3s on macOS
[KubeCon EU 2022] Running containerd and k3s on macOS[KubeCon EU 2022] Running containerd and k3s on macOS
[KubeCon EU 2022] Running containerd and k3s on macOSAkihiro Suda
 
DevConf 2014 Kernel Networking Walkthrough
DevConf 2014 Kernel Networking WalkthroughDevConf 2014 Kernel Networking Walkthrough
DevConf 2014 Kernel Networking WalkthroughThomas Graf
 
The Forefront of the Development for NVDIMM on Linux Kernel (Linux Plumbers c...
The Forefront of the Development for NVDIMM on Linux Kernel (Linux Plumbers c...The Forefront of the Development for NVDIMM on Linux Kernel (Linux Plumbers c...
The Forefront of the Development for NVDIMM on Linux Kernel (Linux Plumbers c...Yasunori Goto
 
LinuxCon 2015 Linux Kernel Networking Walkthrough
LinuxCon 2015 Linux Kernel Networking WalkthroughLinuxCon 2015 Linux Kernel Networking Walkthrough
LinuxCon 2015 Linux Kernel Networking WalkthroughThomas Graf
 
Introducing the Apache Flink Kubernetes Operator
Introducing the Apache Flink Kubernetes OperatorIntroducing the Apache Flink Kubernetes Operator
Introducing the Apache Flink Kubernetes OperatorFlink Forward
 
さくらのVPS で IPv4 over IPv6ルータの構築
さくらのVPS で IPv4 over IPv6ルータの構築さくらのVPS で IPv4 over IPv6ルータの構築
さくらのVPS で IPv4 over IPv6ルータの構築Tomocha Potter
 
スイッチ・ルータのしくみ
スイッチ・ルータのしくみスイッチ・ルータのしくみ
スイッチ・ルータのしくみogatay
 
LINX 83 ExaBGP as a route server ?
LINX 83 ExaBGP as a route server ?LINX 83 ExaBGP as a route server ?
LINX 83 ExaBGP as a route server ?Thomas Mangin
 
Global Data Stream Network for Internet of Things
Global Data Stream Network for Internet of ThingsGlobal Data Stream Network for Internet of Things
Global Data Stream Network for Internet of ThingsBhavana Srinivas
 

More Related Content

What's hot

DockerCon 2017 - Cilium - Network and Application Security with BPF and XDP
DockerCon 2017 - Cilium - Network and Application Security with BPF and XDPDockerCon 2017 - Cilium - Network and Application Security with BPF and XDP
DockerCon 2017 - Cilium - Network and Application Security with BPF and XDPThomas Graf
 
Automated out-of-band management with Ansible and Redfish
Automated out-of-band management with Ansible and RedfishAutomated out-of-band management with Ansible and Redfish
Automated out-of-band management with Ansible and RedfishJose De La Rosa
 
Ifupdown2: Network Interface Manager
Ifupdown2: Network Interface ManagerIfupdown2: Network Interface Manager
Ifupdown2: Network Interface ManagerCumulus Networks
 
Where is my bottleneck? Performance troubleshooting in Flink
Where is my bottleneck? Performance troubleshooting in FlinkWhere is my bottleneck? Performance troubleshooting in Flink
Where is my bottleneck? Performance troubleshooting in FlinkFlink Forward
 
Faster packet processing in Linux: XDP
Faster packet processing in Linux: XDPFaster packet processing in Linux: XDP
Faster packet processing in Linux: XDPDaniel T. Lee
 
Contemporary Linux Networking
Contemporary Linux NetworkingContemporary Linux Networking
Contemporary Linux NetworkingMaximilan Wilhelm
 
Zebra SRv6 CLI on Linux Dataplane (ENOG#49)
Zebra SRv6 CLI on Linux Dataplane (ENOG#49)Zebra SRv6 CLI on Linux Dataplane (ENOG#49)
Zebra SRv6 CLI on Linux Dataplane (ENOG#49)Kentaro Ebisawa
 
Best Practices for ETL with Apache NiFi on Kubernetes - Albert Lewandowski, G...
Best Practices for ETL with Apache NiFi on Kubernetes - Albert Lewandowski, G...Best Practices for ETL with Apache NiFi on Kubernetes - Albert Lewandowski, G...
Best Practices for ETL with Apache NiFi on Kubernetes - Albert Lewandowski, G...GetInData
 
Practical learnings from running thousands of Flink jobs
Practical learnings from running thousands of Flink jobsPractical learnings from running thousands of Flink jobs
Practical learnings from running thousands of Flink jobsFlink Forward
 
コンテナネットワーキング(CNI)最前線
コンテナネットワーキング(CNI)最前線コンテナネットワーキング(CNI)最前線
コンテナネットワーキング(CNI)最前線Motonori Shindo
 
[KubeCon EU 2022] Running containerd and k3s on macOS
[KubeCon EU 2022] Running containerd and k3s on macOS[KubeCon EU 2022] Running containerd and k3s on macOS
[KubeCon EU 2022] Running containerd and k3s on macOSAkihiro Suda
 
DevConf 2014 Kernel Networking Walkthrough
DevConf 2014 Kernel Networking WalkthroughDevConf 2014 Kernel Networking Walkthrough
DevConf 2014 Kernel Networking WalkthroughThomas Graf
 
The Forefront of the Development for NVDIMM on Linux Kernel (Linux Plumbers c...
The Forefront of the Development for NVDIMM on Linux Kernel (Linux Plumbers c...The Forefront of the Development for NVDIMM on Linux Kernel (Linux Plumbers c...
The Forefront of the Development for NVDIMM on Linux Kernel (Linux Plumbers c...Yasunori Goto
 
LinuxCon 2015 Linux Kernel Networking Walkthrough
LinuxCon 2015 Linux Kernel Networking WalkthroughLinuxCon 2015 Linux Kernel Networking Walkthrough
LinuxCon 2015 Linux Kernel Networking WalkthroughThomas Graf
 
Introducing the Apache Flink Kubernetes Operator
Introducing the Apache Flink Kubernetes OperatorIntroducing the Apache Flink Kubernetes Operator
Introducing the Apache Flink Kubernetes OperatorFlink Forward
 
さくらのVPS で IPv4 over IPv6ルータの構築
さくらのVPS で IPv4 over IPv6ルータの構築さくらのVPS で IPv4 over IPv6ルータの構築
さくらのVPS で IPv4 over IPv6ルータの構築Tomocha Potter
 
スイッチ・ルータのしくみ
スイッチ・ルータのしくみスイッチ・ルータのしくみ
スイッチ・ルータのしくみogatay
 

What's hot (20)

DockerCon 2017 - Cilium - Network and Application Security with BPF and XDP
DockerCon 2017 - Cilium - Network and Application Security with BPF and XDPDockerCon 2017 - Cilium - Network and Application Security with BPF and XDP
DockerCon 2017 - Cilium - Network and Application Security with BPF and XDP
 
Automated out-of-band management with Ansible and Redfish
Automated out-of-band management with Ansible and RedfishAutomated out-of-band management with Ansible and Redfish
Automated out-of-band management with Ansible and Redfish
 
Ifupdown2: Network Interface Manager
Ifupdown2: Network Interface ManagerIfupdown2: Network Interface Manager
Ifupdown2: Network Interface Manager
 
Where is my bottleneck? Performance troubleshooting in Flink
Where is my bottleneck? Performance troubleshooting in FlinkWhere is my bottleneck? Performance troubleshooting in Flink
Where is my bottleneck? Performance troubleshooting in Flink
 
Apache OpenWhiskで実現するプライベートFaaS環境 #tjdev
Apache OpenWhiskで実現するプライベートFaaS環境 #tjdevApache OpenWhiskで実現するプライベートFaaS環境 #tjdev
Apache OpenWhiskで実現するプライベートFaaS環境 #tjdev
 
Faster packet processing in Linux: XDP
Faster packet processing in Linux: XDPFaster packet processing in Linux: XDP
Faster packet processing in Linux: XDP
 
Contemporary Linux Networking
Contemporary Linux NetworkingContemporary Linux Networking
Contemporary Linux Networking
 
Zebra SRv6 CLI on Linux Dataplane (ENOG#49)
Zebra SRv6 CLI on Linux Dataplane (ENOG#49)Zebra SRv6 CLI on Linux Dataplane (ENOG#49)
Zebra SRv6 CLI on Linux Dataplane (ENOG#49)
 
Is is
Is isIs is
Is is
 
Best Practices for ETL with Apache NiFi on Kubernetes - Albert Lewandowski, G...
Best Practices for ETL with Apache NiFi on Kubernetes - Albert Lewandowski, G...Best Practices for ETL with Apache NiFi on Kubernetes - Albert Lewandowski, G...
Best Practices for ETL with Apache NiFi on Kubernetes - Albert Lewandowski, G...
 
Practical learnings from running thousands of Flink jobs
Practical learnings from running thousands of Flink jobsPractical learnings from running thousands of Flink jobs
Practical learnings from running thousands of Flink jobs
 
コンテナネットワーキング(CNI)最前線
コンテナネットワーキング(CNI)最前線コンテナネットワーキング(CNI)最前線
コンテナネットワーキング(CNI)最前線
 
Linux Network Stack
Linux Network StackLinux Network Stack
Linux Network Stack
 
[KubeCon EU 2022] Running containerd and k3s on macOS
[KubeCon EU 2022] Running containerd and k3s on macOS[KubeCon EU 2022] Running containerd and k3s on macOS
[KubeCon EU 2022] Running containerd and k3s on macOS
 
DevConf 2014 Kernel Networking Walkthrough
DevConf 2014 Kernel Networking WalkthroughDevConf 2014 Kernel Networking Walkthrough
DevConf 2014 Kernel Networking Walkthrough
 
The Forefront of the Development for NVDIMM on Linux Kernel (Linux Plumbers c...
The Forefront of the Development for NVDIMM on Linux Kernel (Linux Plumbers c...The Forefront of the Development for NVDIMM on Linux Kernel (Linux Plumbers c...
The Forefront of the Development for NVDIMM on Linux Kernel (Linux Plumbers c...
 
LinuxCon 2015 Linux Kernel Networking Walkthrough
LinuxCon 2015 Linux Kernel Networking WalkthroughLinuxCon 2015 Linux Kernel Networking Walkthrough
LinuxCon 2015 Linux Kernel Networking Walkthrough
 
Introducing the Apache Flink Kubernetes Operator
Introducing the Apache Flink Kubernetes OperatorIntroducing the Apache Flink Kubernetes Operator
Introducing the Apache Flink Kubernetes Operator
 
さくらのVPS で IPv4 over IPv6ルータの構築
さくらのVPS で IPv4 over IPv6ルータの構築さくらのVPS で IPv4 over IPv6ルータの構築
さくらのVPS で IPv4 over IPv6ルータの構築
 
スイッチ・ルータのしくみ
スイッチ・ルータのしくみスイッチ・ルータのしくみ
スイッチ・ルータのしくみ
 

Viewers also liked

LINX 83 ExaBGP as a route server ?
LINX 83 ExaBGP as a route server ?LINX 83 ExaBGP as a route server ?
LINX 83 ExaBGP as a route server ?Thomas Mangin
 
Global Data Stream Network for Internet of Things
Global Data Stream Network for Internet of ThingsGlobal Data Stream Network for Internet of Things
Global Data Stream Network for Internet of ThingsBhavana Srinivas
 
Streaming and Visualizing Data with D3.js
Streaming and Visualizing Data with D3.jsStreaming and Visualizing Data with D3.js
Streaming and Visualizing Data with D3.jsPubNub
 
Websocket + Redis pubsub
Websocket + Redis pubsubWebsocket + Redis pubsub
Websocket + Redis pubsubKai Hsu
 
Real time web: is there a life without socket.io and node.js?
Real time web: is there a life without socket.io and node.js?Real time web: is there a life without socket.io and node.js?
Real time web: is there a life without socket.io and node.js?Eduard Trayan
 
Going real time with Socket.io
Going real time with Socket.ioGoing real time with Socket.io
Going real time with Socket.ioArnout Kazemier
 
Building notification system in NodeJS + Redis
Building notification system in NodeJS + RedisBuilding notification system in NodeJS + Redis
Building notification system in NodeJS + RedisLe Duc
 
Real Time Communication using Node.js and Socket.io
Real Time Communication using Node.js and Socket.ioReal Time Communication using Node.js and Socket.io
Real Time Communication using Node.js and Socket.ioMindfire Solutions
 
Running Analytics at the Speed of Your Business
Running Analytics at the Speed of Your BusinessRunning Analytics at the Speed of Your Business
Running Analytics at the Speed of Your BusinessRedis Labs
 
Going realtime with Socket.IO
Going realtime with Socket.IOGoing realtime with Socket.IO
Going realtime with Socket.IOChristian Joudrey
 
Redis Networking Nerd Down: For Lovers of Packets and Jumbo Frames- John Bull...
Redis Networking Nerd Down: For Lovers of Packets and Jumbo Frames- John Bull...Redis Networking Nerd Down: For Lovers of Packets and Jumbo Frames- John Bull...
Redis Networking Nerd Down: For Lovers of Packets and Jumbo Frames- John Bull...Redis Labs
 
Day 1 General Session RedisConf
Day 1 General Session RedisConfDay 1 General Session RedisConf
Day 1 General Session RedisConfRedis Labs
 
Monitoring and Scaling Redis at DataDog - Ilan Rabinovitch, DataDog
Monitoring and Scaling Redis at DataDog - Ilan Rabinovitch, DataDog Monitoring and Scaling Redis at DataDog - Ilan Rabinovitch, DataDog
Monitoring and Scaling Redis at DataDog - Ilan Rabinovitch, DataDogRedis Labs
 
Real-time Web Application with Socket.IO, Node.js, and Redis
Real-time Web Application with Socket.IO, Node.js, and RedisReal-time Web Application with Socket.IO, Node.js, and Redis
Real-time Web Application with Socket.IO, Node.js, and RedisYork Tsai
 
Real Time Recommendations Using WebSockets and Redis - Ninad Divadkar, Inuit
Real Time Recommendations Using WebSockets and Redis - Ninad Divadkar, InuitReal Time Recommendations Using WebSockets and Redis - Ninad Divadkar, Inuit
Real Time Recommendations Using WebSockets and Redis - Ninad Divadkar, InuitRedis Labs
 
Scaling Redis Cluster Deployments for Genome Analysis (featuring LSU) - Terry...
Scaling Redis Cluster Deployments for Genome Analysis (featuring LSU) - Terry...Scaling Redis Cluster Deployments for Genome Analysis (featuring LSU) - Terry...
Scaling Redis Cluster Deployments for Genome Analysis (featuring LSU) - Terry...Redis Labs
 
High-Volume Data Collection and Real Time Analytics Using Redis
High-Volume Data Collection and Real Time Analytics Using RedisHigh-Volume Data Collection and Real Time Analytics Using Redis
High-Volume Data Collection and Real Time Analytics Using Rediscacois
 
Openstack Neutron, interconnections with BGP/MPLS VPNs
Openstack Neutron, interconnections with BGP/MPLS VPNsOpenstack Neutron, interconnections with BGP/MPLS VPNs
Openstack Neutron, interconnections with BGP/MPLS VPNsThomas Morin
 
Redis in Practice
Redis in PracticeRedis in Practice
Redis in PracticeNoah Davis
 

Viewers also liked (20)

LINX 83 ExaBGP as a route server ?
LINX 83 ExaBGP as a route server ?LINX 83 ExaBGP as a route server ?
LINX 83 ExaBGP as a route server ?
 
Global Data Stream Network for Internet of Things
Global Data Stream Network for Internet of ThingsGlobal Data Stream Network for Internet of Things
Global Data Stream Network for Internet of Things
 
Streaming and Visualizing Data with D3.js
Streaming and Visualizing Data with D3.jsStreaming and Visualizing Data with D3.js
Streaming and Visualizing Data with D3.js
 
Websocket + Redis pubsub
Websocket + Redis pubsubWebsocket + Redis pubsub
Websocket + Redis pubsub
 
Real time web: is there a life without socket.io and node.js?
Real time web: is there a life without socket.io and node.js?Real time web: is there a life without socket.io and node.js?
Real time web: is there a life without socket.io and node.js?
 
Going real time with Socket.io
Going real time with Socket.ioGoing real time with Socket.io
Going real time with Socket.io
 
RedisConf 2016 - Redis usage and ecosystem
RedisConf 2016 - Redis usage and ecosystemRedisConf 2016 - Redis usage and ecosystem
RedisConf 2016 - Redis usage and ecosystem
 
Building notification system in NodeJS + Redis
Building notification system in NodeJS + RedisBuilding notification system in NodeJS + Redis
Building notification system in NodeJS + Redis
 
Real Time Communication using Node.js and Socket.io
Real Time Communication using Node.js and Socket.ioReal Time Communication using Node.js and Socket.io
Real Time Communication using Node.js and Socket.io
 
Running Analytics at the Speed of Your Business
Running Analytics at the Speed of Your BusinessRunning Analytics at the Speed of Your Business
Running Analytics at the Speed of Your Business
 
Going realtime with Socket.IO
Going realtime with Socket.IOGoing realtime with Socket.IO
Going realtime with Socket.IO
 
Redis Networking Nerd Down: For Lovers of Packets and Jumbo Frames- John Bull...
Redis Networking Nerd Down: For Lovers of Packets and Jumbo Frames- John Bull...Redis Networking Nerd Down: For Lovers of Packets and Jumbo Frames- John Bull...
Redis Networking Nerd Down: For Lovers of Packets and Jumbo Frames- John Bull...
 
Day 1 General Session RedisConf
Day 1 General Session RedisConfDay 1 General Session RedisConf
Day 1 General Session RedisConf
 
Monitoring and Scaling Redis at DataDog - Ilan Rabinovitch, DataDog
Monitoring and Scaling Redis at DataDog - Ilan Rabinovitch, DataDog Monitoring and Scaling Redis at DataDog - Ilan Rabinovitch, DataDog
Monitoring and Scaling Redis at DataDog - Ilan Rabinovitch, DataDog
 
Real-time Web Application with Socket.IO, Node.js, and Redis
Real-time Web Application with Socket.IO, Node.js, and RedisReal-time Web Application with Socket.IO, Node.js, and Redis
Real-time Web Application with Socket.IO, Node.js, and Redis
 
Real Time Recommendations Using WebSockets and Redis - Ninad Divadkar, Inuit
Real Time Recommendations Using WebSockets and Redis - Ninad Divadkar, InuitReal Time Recommendations Using WebSockets and Redis - Ninad Divadkar, Inuit
Real Time Recommendations Using WebSockets and Redis - Ninad Divadkar, Inuit
 
Scaling Redis Cluster Deployments for Genome Analysis (featuring LSU) - Terry...
Scaling Redis Cluster Deployments for Genome Analysis (featuring LSU) - Terry...Scaling Redis Cluster Deployments for Genome Analysis (featuring LSU) - Terry...
Scaling Redis Cluster Deployments for Genome Analysis (featuring LSU) - Terry...
 
High-Volume Data Collection and Real Time Analytics Using Redis
High-Volume Data Collection and Real Time Analytics Using RedisHigh-Volume Data Collection and Real Time Analytics Using Redis
High-Volume Data Collection and Real Time Analytics Using Redis
 
Openstack Neutron, interconnections with BGP/MPLS VPNs
Openstack Neutron, interconnections with BGP/MPLS VPNsOpenstack Neutron, interconnections with BGP/MPLS VPNs
Openstack Neutron, interconnections with BGP/MPLS VPNs
 
Redis in Practice
Redis in PracticeRedis in Practice
Redis in Practice
 

Similar to flowspec @ APF 2013

001 network toi_basics_v1
001 network toi_basics_v1001 network toi_basics_v1
001 network toi_basics_v1Hisao Tsujimura
 
Summit x770 product overview
Summit x770 product overviewSummit x770 product overview
Summit x770 product overviewMUK
 
Cisco EuroMPI'13 vendor session presentation
Cisco EuroMPI'13 vendor session presentationCisco EuroMPI'13 vendor session presentation
Cisco EuroMPI'13 vendor session presentationJeff Squyres
 
Cisco catalyst 2960 xr series switches datasheet
Cisco catalyst 2960 xr series switches datasheetCisco catalyst 2960 xr series switches datasheet
Cisco catalyst 2960 xr series switches datasheetAmy Huang
 
Lab 9 instructions
Lab 9 instructionsLab 9 instructions
Lab 9 instructionstrayyoo
 
Linux 4.x Tracing: Performance Analysis with bcc/BPF
Linux 4.x Tracing: Performance Analysis with bcc/BPFLinux 4.x Tracing: Performance Analysis with bcc/BPF
Linux 4.x Tracing: Performance Analysis with bcc/BPFBrendan Gregg
 
Ccn pv7 route_lab2-1_eigrp-load-balancing_student
Ccn pv7 route_lab2-1_eigrp-load-balancing_studentCcn pv7 route_lab2-1_eigrp-load-balancing_student
Ccn pv7 route_lab2-1_eigrp-load-balancing_studentAngel Clavel
 
Linux 系統管理與安全:進階系統管理系統防駭與資訊安全
Linux 系統管理與安全:進階系統管理系統防駭與資訊安全Linux 系統管理與安全:進階系統管理系統防駭與資訊安全
Linux 系統管理與安全:進階系統管理系統防駭與資訊安全維泰 蔡
 
BRKRST-3068 Troubleshooting Catalyst 2K and 3K.pdf
BRKRST-3068 Troubleshooting Catalyst 2K and 3K.pdfBRKRST-3068 Troubleshooting Catalyst 2K and 3K.pdf
BRKRST-3068 Troubleshooting Catalyst 2K and 3K.pdfssusercbaa33
 
Make The Impossible Possible - Industrial PoE Brochure 2014
Make The Impossible Possible - Industrial PoE Brochure 2014Make The Impossible Possible - Industrial PoE Brochure 2014
Make The Impossible Possible - Industrial PoE Brochure 2014Jiunn-Jer Sun
 
cisco-cpak-100ge-lr4=-datasheet.pdf
cisco-cpak-100ge-lr4=-datasheet.pdfcisco-cpak-100ge-lr4=-datasheet.pdf
cisco-cpak-100ge-lr4=-datasheet.pdfHi-Network.com
 
Cisco usNIC: how it works, how it is used in Open MPI
Cisco usNIC: how it works, how it is used in Open MPICisco usNIC: how it works, how it is used in Open MPI
Cisco usNIC: how it works, how it is used in Open MPIJeff Squyres
 
Tri aoi training-supplementary_2011.01
Tri aoi training-supplementary_2011.01Tri aoi training-supplementary_2011.01
Tri aoi training-supplementary_2011.01Ralph Nguyen
 

Similar to flowspec @ APF 2013 (20)

PROYECTO VLANS
PROYECTO VLANSPROYECTO VLANS
PROYECTO VLANS
 
001 network toi_basics_v1
001 network toi_basics_v1001 network toi_basics_v1
001 network toi_basics_v1
 
Summit x770 product overview
Summit x770 product overviewSummit x770 product overview
Summit x770 product overview
 
Cisco EuroMPI'13 vendor session presentation
Cisco EuroMPI'13 vendor session presentationCisco EuroMPI'13 vendor session presentation
Cisco EuroMPI'13 vendor session presentation
 
06 tk 1073 network layer
06 tk 1073 network layer06 tk 1073 network layer
06 tk 1073 network layer
 
Cisco catalyst 2960 xr series switches datasheet
Cisco catalyst 2960 xr series switches datasheetCisco catalyst 2960 xr series switches datasheet
Cisco catalyst 2960 xr series switches datasheet
 
Lab 9 instructions
Lab 9 instructionsLab 9 instructions
Lab 9 instructions
 
Linux 4.x Tracing: Performance Analysis with bcc/BPF
Linux 4.x Tracing: Performance Analysis with bcc/BPFLinux 4.x Tracing: Performance Analysis with bcc/BPF
Linux 4.x Tracing: Performance Analysis with bcc/BPF
 
Ccn pv7 route_lab2-1_eigrp-load-balancing_student
Ccn pv7 route_lab2-1_eigrp-load-balancing_studentCcn pv7 route_lab2-1_eigrp-load-balancing_student
Ccn pv7 route_lab2-1_eigrp-load-balancing_student
 
Linux 系統管理與安全:進階系統管理系統防駭與資訊安全
Linux 系統管理與安全:進階系統管理系統防駭與資訊安全Linux 系統管理與安全:進階系統管理系統防駭與資訊安全
Linux 系統管理與安全:進階系統管理系統防駭與資訊安全
 
Brkdct 3101
Brkdct 3101Brkdct 3101
Brkdct 3101
 
9.atmel
9.atmel9.atmel
9.atmel
 
Linux networking
Linux networkingLinux networking
Linux networking
 
Day 11 eigrp
Day 11 eigrpDay 11 eigrp
Day 11 eigrp
 
BRKRST-3068 Troubleshooting Catalyst 2K and 3K.pdf
BRKRST-3068 Troubleshooting Catalyst 2K and 3K.pdfBRKRST-3068 Troubleshooting Catalyst 2K and 3K.pdf
BRKRST-3068 Troubleshooting Catalyst 2K and 3K.pdf
 
Lab 3.5.1 basic frame relay
Lab 3.5.1 basic frame relayLab 3.5.1 basic frame relay
Lab 3.5.1 basic frame relay
 
Make The Impossible Possible - Industrial PoE Brochure 2014
Make The Impossible Possible - Industrial PoE Brochure 2014Make The Impossible Possible - Industrial PoE Brochure 2014
Make The Impossible Possible - Industrial PoE Brochure 2014
 
cisco-cpak-100ge-lr4=-datasheet.pdf
cisco-cpak-100ge-lr4=-datasheet.pdfcisco-cpak-100ge-lr4=-datasheet.pdf
cisco-cpak-100ge-lr4=-datasheet.pdf
 
Cisco usNIC: how it works, how it is used in Open MPI
Cisco usNIC: how it works, how it is used in Open MPICisco usNIC: how it works, how it is used in Open MPI
Cisco usNIC: how it works, how it is used in Open MPI
 
Tri aoi training-supplementary_2011.01
Tri aoi training-supplementary_2011.01Tri aoi training-supplementary_2011.01
Tri aoi training-supplementary_2011.01
 

More from Tom Paseka

Peering Asia 2.0: Security in Peering
Peering Asia 2.0: Security in PeeringPeering Asia 2.0: Security in Peering
Peering Asia 2.0: Security in PeeringTom Paseka
 
The New Edge of the Network
The New Edge of the NetworkThe New Edge of the Network
The New Edge of the NetworkTom Paseka
 
HKNOG 6.0 Next Generation Networks - will automation put us out of jobs?
HKNOG 6.0 Next Generation Networks - will automation put us out of jobs?HKNOG 6.0 Next Generation Networks - will automation put us out of jobs?
HKNOG 6.0 Next Generation Networks - will automation put us out of jobs?Tom Paseka
 
Detecting spoofing at IxP's
Detecting spoofing at IxP'sDetecting spoofing at IxP's
Detecting spoofing at IxP'sTom Paseka
 
Interconnection landscape in Asia - TPIX Peering Forum 2017
Interconnection landscape in Asia - TPIX Peering Forum 2017Interconnection landscape in Asia - TPIX Peering Forum 2017
Interconnection landscape in Asia - TPIX Peering Forum 2017Tom Paseka
 
DDoS And Spoofing, a risk to the decentralized internet
DDoS And Spoofing, a risk to the decentralized internetDDoS And Spoofing, a risk to the decentralized internet
DDoS And Spoofing, a risk to the decentralized internetTom Paseka
 
KINX Peering Forum - A Brief Overview of Regulation of Interconnection
KINX Peering Forum - A Brief Overview of Regulation of InterconnectionKINX Peering Forum - A Brief Overview of Regulation of Interconnection
KINX Peering Forum - A Brief Overview of Regulation of InterconnectionTom Paseka
 
Interconnection in Regional Markets
Interconnection in Regional MarketsInterconnection in Regional Markets
Interconnection in Regional MarketsTom Paseka
 
APRICOT 2015 - NetConf for Peering Automation
APRICOT 2015 - NetConf for Peering AutomationAPRICOT 2015 - NetConf for Peering Automation
APRICOT 2015 - NetConf for Peering AutomationTom Paseka
 
BBIX Asia Internet
BBIX Asia InternetBBIX Asia Internet
BBIX Asia InternetTom Paseka
 
HKNOG 1.0 - DDoS attacks in an IPv6 World
HKNOG 1.0 - DDoS attacks in an IPv6 WorldHKNOG 1.0 - DDoS attacks in an IPv6 World
HKNOG 1.0 - DDoS attacks in an IPv6 WorldTom Paseka
 
CloudFlare / ISOC - Are You Ready for IPv6 - Bridging the IPv6 gap
CloudFlare / ISOC - Are You Ready for IPv6 - Bridging the IPv6 gapCloudFlare / ISOC - Are You Ready for IPv6 - Bridging the IPv6 gap
CloudFlare / ISOC - Are You Ready for IPv6 - Bridging the IPv6 gapTom Paseka
 
New Zealand and the world as a CDN
New Zealand and the world as a CDNNew Zealand and the world as a CDN
New Zealand and the world as a CDNTom Paseka
 
Unicast vs Anycast
Unicast vs AnycastUnicast vs Anycast
Unicast vs AnycastTom Paseka
 
The curse of the open recursor
The curse of the open recursorThe curse of the open recursor
The curse of the open recursorTom Paseka
 
Routing for an Anycast CDN
Routing for an Anycast CDNRouting for an Anycast CDN
Routing for an Anycast CDNTom Paseka
 

More from Tom Paseka (17)

Peering Asia 2.0: Security in Peering
Peering Asia 2.0: Security in PeeringPeering Asia 2.0: Security in Peering
Peering Asia 2.0: Security in Peering
 
The New Edge of the Network
The New Edge of the NetworkThe New Edge of the Network
The New Edge of the Network
 
HKNOG 6.0 Next Generation Networks - will automation put us out of jobs?
HKNOG 6.0 Next Generation Networks - will automation put us out of jobs?HKNOG 6.0 Next Generation Networks - will automation put us out of jobs?
HKNOG 6.0 Next Generation Networks - will automation put us out of jobs?
 
Detecting spoofing at IxP's
Detecting spoofing at IxP'sDetecting spoofing at IxP's
Detecting spoofing at IxP's
 
Interconnection landscape in Asia - TPIX Peering Forum 2017
Interconnection landscape in Asia - TPIX Peering Forum 2017Interconnection landscape in Asia - TPIX Peering Forum 2017
Interconnection landscape in Asia - TPIX Peering Forum 2017
 
DDoS And Spoofing, a risk to the decentralized internet
DDoS And Spoofing, a risk to the decentralized internetDDoS And Spoofing, a risk to the decentralized internet
DDoS And Spoofing, a risk to the decentralized internet
 
KINX Peering Forum - A Brief Overview of Regulation of Interconnection
KINX Peering Forum - A Brief Overview of Regulation of InterconnectionKINX Peering Forum - A Brief Overview of Regulation of Interconnection
KINX Peering Forum - A Brief Overview of Regulation of Interconnection
 
Interconnection in Regional Markets
Interconnection in Regional MarketsInterconnection in Regional Markets
Interconnection in Regional Markets
 
APRICOT 2015 - NetConf for Peering Automation
APRICOT 2015 - NetConf for Peering AutomationAPRICOT 2015 - NetConf for Peering Automation
APRICOT 2015 - NetConf for Peering Automation
 
BBIX Asia Internet
BBIX Asia InternetBBIX Asia Internet
BBIX Asia Internet
 
HKNOG 1.0 - DDoS attacks in an IPv6 World
HKNOG 1.0 - DDoS attacks in an IPv6 WorldHKNOG 1.0 - DDoS attacks in an IPv6 World
HKNOG 1.0 - DDoS attacks in an IPv6 World
 
CloudFlare / ISOC - Are You Ready for IPv6 - Bridging the IPv6 gap
CloudFlare / ISOC - Are You Ready for IPv6 - Bridging the IPv6 gapCloudFlare / ISOC - Are You Ready for IPv6 - Bridging the IPv6 gap
CloudFlare / ISOC - Are You Ready for IPv6 - Bridging the IPv6 gap
 
New Zealand and the world as a CDN
New Zealand and the world as a CDNNew Zealand and the world as a CDN
New Zealand and the world as a CDN
 
nanog
nanognanog
nanog
 
Unicast vs Anycast
Unicast vs AnycastUnicast vs Anycast
Unicast vs Anycast
 
The curse of the open recursor
The curse of the open recursorThe curse of the open recursor
The curse of the open recursor
 
Routing for an Anycast CDN
Routing for an Anycast CDNRouting for an Anycast CDN
Routing for an Anycast CDN
 

Recently uploaded

Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 

Recently uploaded (20)

Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 

flowspec @ APF 2013

  • 1. Tom Paseka, Courtesy of Terry Rodery Aug 2013 Flowspec @ APF
  • 2. 2 Background • RFC 5575 (2009) • Piggybacks on top of existing BGP • Supported by Juniper (and Alcatel too apparently?) • Available in JunOS since 7.X • ExaBGP support too.
  • 3. 3 Operational • Configure rules on route server (config so easy a caveman could do it). • Commit config. • Rules are pushed via BGP to routers. I typically see the rules appear on my edge routers in a matter of seconds. • Flowspec counters are available for viewing from CLI using “show firewall”.
  • 4. 4 Drawbacks • Flowspec counters ARE NOT available via SNMP! Surely someone can fix this  You’ll need to write the necessary poller, database, graphing, etc. to do this. • Not able to use prefix-lists to define source/destination addresses. Must create multiple rules for multiple prefixes. • Flowspec is only supported on M,MX,T-Series devices and is not available on EX and SRX.
  • 5. 5 Sample “rule” configs Discards all traffic to UDP port 80. route DISCARD-80-UDP { match { protocol udp; destination-port 80; } then discard; }
  • 6. 6 Sample “rule” configs Rate-limit TCP SYN to 5Mbps. This will be the easiest rate limiting you’ve ever done on JunOS. No more manual policer configuration! route 108.162.203.11-RL { match { destination 108.162.203.11/32; protocol tcp; tcp-flags 2; } then rate-limit 5m; }
  • 7. 7 Sample “rule” configs route 141.101.124.242-DISCARD { match destination 141.101.124.242/32; then discard; } We no longer “nullroute” using BGP triggered blackhole to transit providers so we don’t lose visibility into the attack.
  • 8. 8 Time for the cool stuff! (Graphs)
  • 15. 15 Bad Players range 198.32.176.0/24 - PAIX 198.32.176.0/24 141.101.86.1 100 0 13335 1299 701 i 198.32.176.0/24 141.101.90.1 100 0 13335 1299 701 i .......snip range 202.40.160.0/23 - HKIX 202.40.160.0/23 199.27.132.1 100 0 13335 4436 4134 4809 45474 i 202.40.160.0/23 108.162.235.1 100 0 13335 4436 4134 4809 45474 i .......snip range 206.223.123.0/24 - Equinix LA 206.223.123.0/24 103.22.203.1 100 0 13335 4637 6461 i .......snip range 218.100.59.0/24 - ACT-IX 218.100.59.0/24 108.162.247.1 100 0 13335 10026 45482 i range 91.212.235.0/24 - Balkan IX 91.212.235.0/24 141.101.69.1 100 0 13335 12615 47872 49401 49401 i range 198.32.177.0/24 - PAIX 198.32.177.0/24 141.101.67.1 100 0 13335 4436 2914 i .......snip range 206.223.123.0/24 - Equinix LA 206.223.123.0/24 103.22.203.1 100 0 13335 4637 6461 i 206.223.123.0/24 141.101.65.1 100 0 13335 4436 6461 i .......snip range 218.100.59.0/24 - ACT-IX 218.100.59.0/24 108.162.247.1 100 0 13335 10026 45482 i range 91.212.235.0/24 - Balkan IX 91.212.235.0/24 141.101.69.1 100 0 13335 12615 49401 49401 49401 i range 198.32.177.0/24 - PAIX 198.32.177.0/24 141.101.67.1 100 0 13335 4436 2914 i 198.32.177.0/24 141.101.72.1 100 0 13335 4436 2914 i .......snip range 198.32.132.0/24 - TELX 198.32.132.0/24 141.101.76.1 100 0 13335 4637 6461 22969 i 198.32.132.0/24 103.22.203.1 100 0 13335 4637 6461 22969 i 198.32.132.0/24 141.101.71.1 100 0 13335 1299 6461 22969 i 198.32.132.0/24 141.101.86.1 100 0 13335 1299 6461 22969 i .......snip