This week just gone saw #RIPE77 take place in the home of RIPE and the RIPE NCC - Amsterdam. Even since I attended my first RIPE in Dublin which was RIPE66, I have loved the event. For this reason I really dislike missing it.
With my change of role since 2016, attending the meetings are sadly not a core responsibility of mine for $day_job but that said, who in their right mind that has any involvement in the networking community ignores the meetings (amirite)? At any chance I get during the week, I either remotely participate in the live meeting or failing that, check back on the presentation archives after the fact. A couple of key and to me seminal presentations were;
It’s DNS Jim, but not as we know it! - by Sara Dickinson
There are certain presentations I’ve watched over the years that I felt pretty blown away by. It doesn’t take a lot to amaze me at times though. That said, I don’t think I would be along in thinking that this was undoubtedly a seminal talk. Sara’s talk was related to DNS obviously. However, it was a talk that for me signalled a real sense that the Domain Name System(s) as we know it could be changing to the point where it’s utterly unrecognisable.
Sara talked about two significant and new developments within DNS. She brought to us the acknowledgement that there are two new kids in two in terms of IEFT Standards - one being DoT or DNS over TLS and the other being DoH or DNS over HTTPS. The central goals of both are basically to provide for encrypted DNS services. They are being heavily developed at the moment by the Browser community - i.e. Mozilla Firefox and Google Chrome. The motivation from the browser communities to place such a heavy development team(s) on these new IEFT standards is that they can conceivably provide for DNS resolution directly within the applications.
Sara comes from a position of somene with a high level of authority to speak about the topics in question. She is the co-founder of Sinodun IT who are a well known consultancy firm specialising in DNS, DNSSEC and DNS Privacy. It was a pretty mind blowing talk if I’m honest. Not only did it remind everyone that the DNS system we’ve known and loved for so long is alive and running since 1987. We learnt that Android’s Pie release has implemented DoT for instance. Stubby was a platform agnostic application that implements DoT also. However it was DoH that really grabbed my attention.
There are huge good / advantageous things about both standards. The defeating of passive surveillance in the DNS is one major thing clearly (all requests sent encrypted in either HTTPS itself in the case of DoH or using TLS with DoT). There are some fundamentally scary stuff about them both.
I’m gonna focus on DoH - the premises of DoH and why the Browser Community are so keen on it stems (for me) from the fact that the likes of Mozilla Firefox and Google Chrome can now start releasing versions of their client software which has zero dependency on the traditional DNS. One thing I became acutely aware of before I ventured into Technical Pre Sales, when I was leading on the ISP Network Engineering team, was the fact that large CDNs like Akamai or Netflix or lots if not all others tend to deliver content to their eyeballs determined by the origin of the DNS request. This is a #gamechanger for me. It’s not a case anyone can ignore this. I will be watching the developments of DoT and especially DoH VERY closely in the coming weeks and months - note nightly builds of some browsers are already deployed with DoH in-built and Google have implemented some DoH servers in their networks too according to Sara!
Technical Debt: An Anycast Story
To start I should point out that on this one, Brian Nisbet put me onto this particular talk. It’s a talk given by Tom Strickx of Cloudflare and focuses on a quite remarkable thing that Cloudflare decided to do within their production network over the past number of months. For those not familiar, Cloudflare operate a network which has at the centre of it a sizeable anycast element. According to the slideware it’s in existence in over 150 locations. Cloudflare are everwhere!!! They peer at any IXP you can think of and PeeringDB emphasises this clearly. They have an OPEN peering policy too which has add to the sheer amount of BGP sessions that they have.
When Cloudflare started out, they had a couple of transit connections from Tier 1s. To that end, when they peered with others they often prepended their anycast prefixes. However, in recent months, the threat of prefix hijacking had given them reason for pause. This was highlighted by Tom very amusingly by the below involving a funny little doctored photo of Job Snijders
Cloudflare took the bold decision to rid their advertisements of as-path prepends and not only that, but to automate the whole thing (in production) globally within 2 mins. Utterly amazing really. For me it emphasised how advanced now network automation has become. Certainly a motivation for anyone involved in Network Engineering to get automating. If Cloudflare can comfortably do such a monumental change across their whole estate without a single ticket raised, anyone can do it!!!
Other bits and bobs
In my $day_job I’m oft times drowning in Excel Spreadsheets. I had mentioned to a couple of colleagues at the last INEX meeting (Lorcan Boyle and Tony Gray) that there’s not really much you can do about staying out of Excel. To be fair, the lads promptly corrected me and suggested that there were plenty of ways to automate the generation of CSV files. I took their comments away and when I got some time over a couple of evenings this week I decided to look into this a little more. What I found was something that’s likely out in the wild a long time and I’m very late to the party but as I was hoping to get more stuck into python, I searched up some methods of generating Excel Spreadsheets from python. What I found is actually really extensive.
A John McNamara, who is a fellow Irish man, created a Python Module called XlsxWriter. XlsxWriter allows users to create Excel Spreadsheets from scratch all within Python. There is support for such fancy features such as Conditional Formattting amongst many others. You can read more about XlsxWriter on ReadtheDocs.io
This is for me a seminal moment - I can now generate templated Excel Spreadsheets / Quotes all within the command line/terminal window. At an extremely basic level I can create a simple spreadsheet with a table like such.
import xlsxwriter
# Create the workbook and add the first worksheet
workbook = xlsxwriter.Workbook('mickod.xlsx')
worksheet = workbook.add_worksheet('SheetA')
# Add a **BOLD** format to use to highlight cells.
bold = workbook.add_format({'bold': True})
# Add a cell border capability
border = workbook.add_format({'border': True})
# Add capability to change font colors.
head_purple = workbook.add_format({'bg_color': 'purple', 'bold': True, 'font_color': 'white', 'border': True, 'text_wrap': True})
head_red = workbook.add_format({'bg_color': 'red', 'bold': True, 'font_color': 'white', 'border': True, 'text_wrap': True})
# Write my column headers.
worksheet.write('A2', 'Site Name', head_purple)
worksheet.write('B2', 'Circuit ID', head_purple)
worksheet.write('C2', 'Service Type', head_purple)
worksheet.write('D2', 'Access Speed', head_purple)
worksheet.write('E2', 'Port Speed', head_purple)
worksheet.write('F2', 'Access Install Price', head_purple)
worksheet.write('G2', 'Access Monthly Rental', head_purple)
worksheet.write('H2', 'Port/Service Monthly Rental', head_purple)
worksheet.write('I2', 'CPE Install Price', head_purple)
worksheet.write('J2', 'CPE Monthly Rental', head_purple)
worksheet.write('K2', 'Total INSTALL Price', head_red)
worksheet.write('L2', 'Total MONTHLY Price', head_red)
worksheet.write('M2', 'Total ANNUAL Price', head_red)
worksheet.write('N2', 'Comments', head_purple)
# Setting a default format for Merged Cells
merge_format = workbook.add_format({
'bold': 1,
'align': 'center',
'valign': 'vcenter',
'bg_color': 'purple',
'border': True,
'color': 'white'})
# Merge Cells in ROW 1 to Create Main Header
worksheet.merge_range('A1:N1', 'A SUMMARY OF THE NEW QUOTE', merge_format)
workbook.close()