ipv6 security
play

IPv6 Security Training Course February 2019 09:00 - 09:30 Coffee, - PowerPoint PPT Presentation

Nov 04, 2022 •157 likes •1.9k views

IPv6 Security Training Course February 2019 09:00 - 09:30 Coffee, Tea 11:00 - 11:15 Break 13:00 - 14:00 Lunch 15:30 - 15:45 Break 17:30 End 2 Introductions Name Number in the list Experience with Security and IPv6

  1. 340,282,366,920,938,463,463,374,607,431,768,211,456 End-to-end /64 /64 /64 /64 /64 /64 Multiple Addresses Link-local Global (GUA) Multicast � 45

  2. IPv6 Address Scope SITE GLOBAL LINK INTERFACE fe80::A:b:100 ff01::2 2001:67c:2e:1::c1 FD00:A:B::100 FF05::1:3 ff02::1 � 46

  3. IPv6 Network Scanning 64 bits 64 bits Network Prefix Interface ID (IID) Network Prefix determination (64 bits) Common patterns in addressing plans DNS direct and reverse resolution Traceroute Interface ID determination (64 bits) “brute force” no longer possible � 47

  4. IID Generation Options 64 bits Interface ID (IID) EUI-64 (uses MAC address) “stable” IID for SLAAC Stable, semantically opaque [RFC7217] “temporary” Temporary pseudo-random [RFC4941] IID for SLAAC DHCPv6 Manually Others (CGA, HBA) � 48

  5. SLAAC IIDs Currently • Consider IID bits “ opaque ”, no value or meaning [RFC7136] How to generate IIDs [RFC7217] Different for each interface in the same network prefix Not related to any fixed interface identifier Always the same when same interface connected to same network • This method is widely used and standardised [RFC8064] � 49

  6. Guessing IIDs 64 bits = 18,446,744,073,709,551,616 Addresses EUI-64 IPv4-based Sequential 2001:db8:1::10.0.0.5 OUI: 24 bits FFFE: 16 bits Low-bits / Trivial (::1) Service port Wordy Address 2001:db8:1::80 2001:db8::bad:cafe � 50

  7. Locally Scanning IPv6 Networks Traffic Snooping Dual-stack Routing Protocols LLMNR [RFC4795] Multicast DNS (mDNS) [RFC6762] Local Protocols DNS Service Discovery (DNS-SD) [RFC6763] Local Scanning � 51

  8. Special / Reserved IPv6 Addresses Name IPv6 Address Comments Unspecified ::/128 When no address available Loopback ::1/128 For local communications IPv6-mapped ::ffff:0:0/96 Used by NAT64. Add IPv4 address 32 bits Documentation 2001:db8::/32 RFC 3849 IPv4/IPv6 Translators 64:ff9b::/96 RFC 6052 Discard-Only 100::/64 RFC 6666 Address Block Teredo 2001::/32 IPv6 in IPv4 Encapsulation Transition Mechanism 6to4 2002::/16 IPv6 in IPv4 Encapsulation Transition Mechanism ORCHID 2001:10::/28 Deprecated Benchmarking 2001:2::/48 See: http://www.iana.org/assignments/iana-ipv6-special-registry/ � 52

  9. Security Tips • Use hard to guess IIDs - RFC 7217 better than EUI-64 - RFC 8064 establishes RFC 7217 as the default • Use IPS/IDS to detect scanning • Filter packets where appropriate • Be careful with routing protocols • Use "default" /64 size IPv6 subnet prefix � 53

  10. IPv6 Network Scanning Exercise 2.2

  11. Exercise 2.2: IPv6 Network Scanning • Description : Use available toolsets to scan a subnet • Goals : - Know about two new toolsets: THC-IPV6 and The IPv6 Toolkit - Learn how to use them to scan a subnet • Time : 10 minutes • Tasks : - Use The IPv6 Toolkit to scan your lab’s subnet - Use THC-IPV6 to scan your lab’s subnet � 55

  12. IPv6 Associated Protocols Security Section 3

  13. ICMPv6 Section 3.1

  14. ICMPv6 [ RFC4443 ] is an integral part of IPv6 Error Messages Informational Messages Destination Unreachable Echo Request Packet Too Big Echo Reply Time Exceeded NDP Parameter Problem MLD � 58

  15. ICMPv6 Format • General Format 8 bits 8 bits 16 bits Type Code Checksum Message Body • Extended Format [ RFC4884 ] Used by: Destination Unreachable Time Exceeded � 59

  16. ICMPv6 Error Messages Type Code No route to destination (0) Communication with destination administratively prohibited (1) Beyond scope of source address (2) Address Unreachable (3) Destination Ureachable (1) Port Unreachable (4) Source address failed ingress/egress policy (5) Reject route to destination (6) Error in Source Routing Header (7) Packet Too Big (2) Packet Too Big (0) Parameter = next hop MTU Hop Limit Exceeded in Transit (0) Time Exceeded (3) Fragment Reassembly Time Exceeded (1) Erroneous Header Field Encountered (0) Unrecognized Next Header Type (1) Parameter Problem (4) Parameter = offset to error Unrecognized IPv6 Option (2) IPv6 First Fragment has incomplete IPv6 Header Chain (3) � 60

  17. FILTER ICMPv6 CAREFULLY! Used in many IPv6 related protocols � 61

  18. ICMPv6 security Packet with MULTICAST destination address No ICMPv6 Error message allowed Echo Reply responding an Echo Request is Optional as response not recommended avoids ? Hosts Discovery Amplification Attacks Smurf Attacks � 62

  19. NDP Section 3.2

  20. Introduction NDP [ RFC4861 ] is used on a link Used for: Messages Neighbour Solicitation Discovery: routers, prefixes, network parameters Autoconfiguration Neighbour Advertisement DAD Router Solicitation NUD Router Advertisement Address Resolution Redirect � 64

  21. Hop Limit = 255 NDP has vulnerabilities [RFC3756] [RFC6583] if not then discard S pecification says to use IPsec SEND [RFC3971] (SEcure Neighbour Discovery) impractical, it’s not used Not widely available � 65

  22. NDP Threats • Neighbor Solicitation/Advertisement Spoofing • Can be done: 1. Sending NS with “source link-layer” option changed 2. Sending NA with “target link-layer” option changed - Can send unsolicited NA or as an answer to NS • Redirection/DoS attack • Could be used for a “Man-In-The-Middle” attack ? � 66

  23. NS Spoofing: Redirection / DoS Neighbour Cache IP1 11:11:11:11:11:11 R IPr MACr = 12:34:56:78:9a:bc IPr 12:34:56:78:9a:bc IP2 22:22:22:22:22:22 aa:aa:aa:aa:aa:aa IP2 a IP1 IP2 1 2 1 1 2 MAC1 = 11:11:11:11:11:11 MAC2 = 22:22:22:22:22:22 IPv6 ICMPv6 NS IPa IPv6.Source IPv6 IP2 MACa = aa:aa:aa:aa:aa:aa IPv6.Destination IPv6 IP1 NS.Target Addr IP1 NS.Src Link-layer Addr aa:aa:aa:aa:aa:aa � 67

  24. Unsolicited NA: Redirection / DoS Neighbour Cache IP1 11:11:11:11:11:11 R IPr MACr = 12:34:56:78:9a:bc IPr 12:34:56:78:9a:bc IP2 22:22:22:22:22:22 IP2 aa:aa:aa:aa:aa:aa IP1 IP2 1 2 1 1 2 MAC1 = 11:11:11:11:11:11 MAC2 = 22:22:22:22:22:22 IPv6 ICMPv6 NA IPa NA.Target Addr IP2 MACa = aa:aa:aa:aa:aa:aa NA.Target Link-layer Addr aa:aa:aa:aa:aa:aa � 68

  25. NUD Failure (DoS attack) 2 NA NS Answer to NS 1 NUD to refresh IP host 2 in neighbour cache � 69

  26. DAD DoS Attack Answer to NS Answer to NS NS NA NS NS DAD for IP before configuring it � 70

  27. NDP Exercise 3.2-a

  28. Exercise 3.2-a NDP • Description : Create packets to poison neighbour cache • Goals : - Practice with Scapy tool - Learn how to modify the neighbour cache of another host in the same network • Time : 15 minutes • Tasks (at least one of them): - Generate NS packets that change other host’s neighbour cache - Generate NA packets that change other host’s neighbour cache � 72

  29. 3.2-a: Neighbour cache attack using NS Neighbour Cache # ip neighbour show IPb bb:bb:bb:bb:bb:bb IP2 22:22:22:22:22:22 IPb cc:cc:cc:cc:cc:cc IPa IPb 1 2 1 A B MACa = aa:aa:aa:aa:aa:aa MACb = bb:bb:bb:bb:bb:bbb IPc MACc = cc:cc:cc:cc:cc:cc IPv6 ICMPv6 NS C IPv6.Source IPv6 IPb IPv6.Destination IPv6 IPa NS.Target Addr IPa NS.Src Link-layer Addr cc:cc:cc:cc:cc:cc � 73

  30. 3.2-a: Neighbour cache attack using NA Neighbour Cache # ip neighbour show IPb bb:bb:bb:bb:bb:bb IP2 22:22:22:22:22:22 IPb cc:cc:cc:cc:cc:cc IPa IPb 1 2 1 A B MACa = aa:aa:aa:aa:aa:aa MACb = bb:bb:bb:bb:bb:bbb IPc MACc = cc:cc:cc:cc:cc:cc IPv6 ICMPv6 NA C NA.Target Addr IPb NA.Target Link-layer Addr cc:cc:cc:cc:cc:cc � 74

  31. Malicious Last Hop Router 2 2 (lifetime = 0) RA RA RS RA RA RA 1 Answer to RS Periodic RAs 1 � 75

  32. Bogus On-Link Prefix Prefixes on the Link google facebook amazon 2 RA DoS google is on the link � 76

  33. Bogus Address Configuration Prefix 2 RA this is your global prefix 2001:db8:bad:bad::/64 DoS � 77

  34. Parameter Spoofing ATTACKER’S DHCP SERVER 2 RA RA M: 1 Current Hop Limit: 3 O: 1 DoS DoS � 78

  35. Spoofed Redirect Message Routes on Host 1: Neighbour Cache ::/0 - fe80::a:b:c IP1 11:11:11:11:11:11 R IPr = fe80::a:b:c 2001:db8::face:b00c - fe80::a MACr = 12:34:56:78:9a:bc IPr 12:34:56:78:9a:bc IP1 1 1 1 MAC1 = 11:11:11:11:11:11 IPa = fe80::a MACa = aa:aa:aa:aa:aa:aa IPv6 ICMPv6 Redirect IPr = fe80::a:b:c IPv6.Source IPv6 IPv6.Destination IPv6 IP1 IPa = fe80::a Redirect.Target Addr 2001:db8::face:b00 Redirect.Dst Addr. c � 79

  36. Neighbour Discovery DDoS Attack Router Neighbour Cache IPa aa:aa:aa:aa:aa:aa IPb bb:bb:bb:bb:bb:bb IP1 = P::1 Internet IPr 12:34:56:78:9a:bc IP2 = P::2 IP1 ??? IP3 = P::3 . . . . . . IPn ??? IPn = P::n IPr = fe80::a:b:c MACr = 12:34:56:78:9a:bc NS 2 Network Prefix (P) IPb IPa 2001:db8:a:b::/64 � 80

  37. NDP Exercise 3.2-b

  38. Exercise 3.2-b NDP • Description : Send RA messages to perform attacks • Goals : - Practice with Scapy tool - Use RA messages to perform attacks on a link • Time: 20 minutes • Tasks : - Send RA messages with bogus address configuration prefix � 82

  39. First Hop Security • Security implemented on switches • There is a number of techniques available: - RA-GUARD - DHCPv6 Guard - IPv6 Snooping ( ND inspection + DHCPv6 Snooping ) - IPv6 Source / Prefix Guard - IPv6 Destination Guard ( or ND Resolution rate limiter ) - MLD Snooping � 83

  40. IPv6 Snooping IP1 2 IP2 1 1 1 2 MAC1 MAC2 NA NA NS NS NS NA IPa MACa � 84

  41. IPv6 Source / Prefix Guard IP2 1 1 2 MAC2 Source Source IPa MACa � 85

  42. IPv6 Destination Guard Internet Destination 2 IPb IPa � 86

  43. Rogue Router Advertisements RA � 87

  44. Rogue RA Solutions 2 1 SEND Link Monitoring 3 4 Host Packet Filtering MANUAL CONFIGURATION + Disable Autoconfig 5 6 Router Preference Option ACLs on Switches [ RFC4191 ] 7 RA Snooping on Switches ( RA GUARD ) � 88

  45. RA-GUARD [ RFC6105 ] • Easiest available solution • Only allows RAs on legitimate ports on L2 switches � 89

  46. RA-GUARD [ RFC6105 ] Stateless RA Guard Decision based on RA message or static configuration Stateful RA Guard Stateful RA Guard Learns dynamically � 90

  47. Filtering • Use Access Control Lists (ACLs) in switches Switches need to understand Ethernet IPv6 ICMPv6 ICMPv6 Type and Version 6 Ethertype 0x86DD Code for IPv6 Source/destination Source/destination MAC address IPv6 address Next Header � 91

  48. Filtering Example (config)#ipv6 access-list RA-GUARD (config-ipv6-acl)#sequence 3 deny icmp any any router-advertisement (config-ipv6-acl)#sequence 6 permit ipv6 any any (config-ipv6-acl)#exit (config)#interface FastEthernet0/5 (config-if)#ipv6 traffic-filter RA-GUARD in � 92

  49. Conclusions / Tips • NDP is an important, powerful and vulnerable protocol • Recommended : use available solutions to protect NDP • Detection (IDS/IPS) can be easier and recommended � 93

  50. MLD Section 3.3

  51. • MLD ( Multicast Listener Discovery ) is: - Multicast related protocol, used in the local link - Two versions: MLDv1 and MLDv2 - Uses ICMPv6 - Required by NDP and “IPv6 Node Requirements” - IPv6 nodes use it when joining a multicast group � 95

  52. MLDv1 QUERY REPORT DONE Listeners indicate Router asks for Listeners report that they’re done listeners themselves General Specific � 96

  53. Src: fe80::2 Dst: SolicitedNode(2) R 2 fe80::a fe80::2 REPORT SolicitedNode(2) QUERY Src: fe80::a Dst: FF02::1 � 97

  54. MLDv2 • Mandatory for all IPv6 nodes ( MUST ) [RFC8504] • Interoperable with MLDv1 • Adds Source-Specific Multicast filters: - Only accepted sources - Or all sources accepted except specified ones � 98

  55. MLDv2 QUERY REPORT-v2 Specifies multicast Current state and source addresses General State change (filter/sources) Specific Sent to FF02::16 � 99

  56. MLD Details • Nodes MUST process QUERY to any of its unicast or multicast addresses • MLDv2 needs all nodes using MLDv2 • All OSs join (REPORT) to the Solicited Node addresses � 100

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Security of IPv6 and DNSSEC for penetration testers Vesselin Hadjitodorov Master education

Security of IPv6 and DNSSEC for penetration testers Vesselin Hadjitodorov Master education

Security of IPv6 and DNSSEC for penetration testers Vesselin Hadjitodorov Master education System and Network Engineering June 30, 2011 Agenda Introduction DNSSEC security IPv6 security Conclusion Questions Security of IPv6

625 views • 33 slides
IPv6 Protocol IPv6 Protocol Does it solve all the security problems of IPv4? Franjo Majstor

IPv6 Protocol IPv6 Protocol Does it solve all the security problems of IPv4? Franjo Majstor

IPv6 Protocol IPv6 Protocol Does it solve all the security problems of IPv4? Franjo Majstor EMEA Consulting Engineer fmajstor@cisco.com Cisco Systems, Inc. 1 fmajstor@cisco.com, IPv6 Security Agenda IPv6 Primer IPv6 Protocol

241 views • 21 slides
IPv6 Security David Kelsey (STFC-RAL) ISGC2016, Taipei 16 March 2016 Outline Introduction

IPv6 Security David Kelsey (STFC-RAL) ISGC2016, Taipei 16 March 2016 Outline Introduction

IPv6 Security David Kelsey (STFC-RAL) ISGC2016, Taipei 16 March 2016 Outline Introduction to WLCG & IPv6 IPv6 security & threats IPv6 protocol attacks Issues for site network & security teams Issues for sys admins

501 views • 34 slides
Balanced Security for IPv6 CPE draft-v6ops-vyncke-balanced-ipv6-security IETF86 Orlando M. Gysi,

Balanced Security for IPv6 CPE draft-v6ops-vyncke-balanced-ipv6-security IETF86 Orlando M. Gysi,

Balanced Security for IPv6 CPE draft-v6ops-vyncke-balanced-ipv6-security IETF86 Orlando M. Gysi, G. Leclanche, E. Vyncke, R. Anfinsen Status -00 posted on 25 January 2013 Some comments on the list (see later) Problem Statement

378 views • 10 slides
Vincent van der Eijk && Erik Lamers Comparing IPv4 port security to IPv6 port security

Vincent van der Eijk && Erik Lamers Comparing IPv4 port security to IPv6 port security

A Comparative Security Evaluation for IPv4 and IPv6 Addresses Vincent van der Eijk && Erik Lamers Comparing IPv4 port security to IPv6 port security Scanning the Internet for profit, ethically. 2 Why do we need to know this? IPv6

279 views • 16 slides
Mobile IPv6 Security Arnaud Ebalard - EADS Corporate Research Center France Guillaume Valadon - The

Mobile IPv6 Security Arnaud Ebalard - EADS Corporate Research Center France Guillaume Valadon - The

Mobile IPv6 Security Arnaud Ebalard - EADS Corporate Research Center France Guillaume Valadon - The University of Tokyo / Laboratoire dInformatique de Paris 6 Summary IPv6 Mobile IPv6 Security and Mobile IPv6 Protections by

669 views • 50 slides
The Security Impact of IPv6 How I Learned to Stop Worrying and Love IPv6 Johannes B. Ullrich,

The Security Impact of IPv6 How I Learned to Stop Worrying and Love IPv6 Johannes B. Ullrich,

The Security Impact of IPv6 How I Learned to Stop Worrying and Love IPv6 Johannes B. Ullrich, Ph.D. jullrich@sans.edu 1 Housekeeping This presentation consists of slides and audio. If you are experiencing any problems/ issues,

1.12k views • 56 slides
Security Impacts of Security Impacts of Abusing IPv6 Extension Headers Abusing IPv6 Extension

Security Impacts of Security Impacts of Abusing IPv6 Extension Headers Abusing IPv6 Extension

Security Impacts of Security Impacts of Abusing IPv6 Extension Headers Abusing IPv6 Extension Headers Antonios Atlasis antonios.atlasis@cscss.org Centre for Strategic Cyberspace + Security Science Bio Independent IT Security

689 views • 66 slides
v6ops and security IPv6 Transition/Co-existence Security Considerations

v6ops and security IPv6 Transition/Co-existence Security Considerations

v6ops and security IPv6 Transition/Co-existence Security Considerations draft-savola-v6ops-security-overview-00.txt Pekka Savola, CSC/FUNET Overview Overview Look at different kinds of issues IPv6 protocol Transition mechanisms in general

853 views • 10 slides
IPv6 Security Concerns Introduction to Integralis Garry Sidaway SVP Security Strategy Agenda

IPv6 Security Concerns Introduction to Integralis Garry Sidaway SVP Security Strategy Agenda

IPv6 Security Concerns Introduction to Integralis Garry Sidaway SVP Security Strategy Agenda Introduction to Integralis IPv6 Security Concerns Questions Private & Confidential Continuous Secure Service Delivery Governance,

336 views • 21 slides
IPv6 Security awareness By Musa Stephen HONLUE Trainer@AFRINIC Stephen.honlue@afrinic.net 1

IPv6 Security awareness By Musa Stephen HONLUE Trainer@AFRINIC Stephen.honlue@afrinic.net 1

IPv6 Security awareness By Musa Stephen HONLUE Trainer@AFRINIC Stephen.honlue@afrinic.net 1 04/12/2015' Presentation Objectives ! Create awareness of IPv6 Security implications. ! Highlight technical concepts on IPv6 weaknesses ! Describe

822 views • 36 slides
IPv6 Security Considerations: Future Challenges Prof. Sukumar Nandi Company Dept of Computer

IPv6 Security Considerations: Future Challenges Prof. Sukumar Nandi Company Dept of Computer

IPv6 Security Considerations: Future Challenges Prof. Sukumar Nandi Company Dept of Computer Sc. & Engg. LOGO Indian Institute of Technology Guwahati Agenda Outline Motivation for IPv6 Brief comparision between IPv6 and IPv4

290 views • 25 slides
IPv6 Distributed Security Alvaro Vives (alvaro.vives@consulintel.es) Jordi Palet

IPv6 Distributed Security Alvaro Vives (alvaro.vives@consulintel.es) Jordi Palet

IPv6 Distributed Security Alvaro Vives (alvaro.vives@consulintel.es) Jordi Palet (jordi.palet@consulintel.es) 1 Motivation How would the deployment of IPv6 affect the security of a network? IPv6 enabled devices and networks bring

305 views • 19 slides
IPv6 Distributed Security Activity Status <draft-vives-v6ops-ipv6-security-ps-01> (Problem

IPv6 Distributed Security Activity Status <draft-vives-v6ops-ipv6-security-ps-01> (Problem

IPv6 Distributed Security Activity Status <draft-vives-v6ops-ipv6-security-ps-01> (Problem Statement) <draft-palet-v6ops-ipv6security-01> (Requirements) Alvaro Vives (alvaro.vives@consulintel.es) Jordi Palet

607 views • 14 slides
IPv6 IPv6 Header IPv6 Addressing IPv6 Neighbor Discovery Jyh-Cheng Chen Department of Computer

IPv6 IPv6 Header IPv6 Addressing IPv6 Neighbor Discovery Jyh-Cheng Chen Department of Computer

Outline IPv6 IPv6 Header IPv6 Addressing IPv6 Neighbor Discovery Jyh-Cheng Chen Department of Computer Science and IPv6 Autoconfiguration Institute of Communications Engineering National Tsing Hua University jcchen@cs.nthu.edu.tw

783 views • 11 slides
IPv6?? Yawn amiright? Actually, IPv6 adoption is now very robust. E.g.: Google Clients

IPv6?? Yawn amiright? Actually, IPv6 adoption is now very robust. E.g.: Google Clients

Dont Forget to Lock the Back Door! A Characterization of IPv6 Network Security Policy Jakub (Jake) Czyz, University of Michigan & QuadMetrics, Inc. Matthew Luckie, University of Waikato Mark Allman, International Computer Science

552 views • 17 slides
D4 project https://www.d4-project.org/ 20190207 Alexandre Dulaunoy - Sami Mokaddem P roblem

D4 project https://www.d4-project.org/ 20190207 Alexandre Dulaunoy - Sami Mokaddem P roblem

D4 Project Open and collaborative network monitoring Team CIRCL D4 project https://www.d4-project.org/ 20190207 Alexandre Dulaunoy - Sami Mokaddem P roblem statement CSIRTs (or private organisations) build their own honeypot, honeynet or

549 views • 28 slides
TITLE Los Gatos Rotary Club visit Orrin Mahoney A little bit about me 35 year career at HP

TITLE Los Gatos Rotary Club visit Orrin Mahoney A little bit about me 35 year career at HP

TITLE Los Gatos Rotary Club visit Orrin Mahoney A little bit about me 35 year career at HP Second life as a volunteer and elected official (Councilmember and two time Cupertino Mayor Cupertino Rotary member since 2000 How did I

507 views • 25 slides
Massive Stars Mass Loss Mathieu Renzo Advisors: S. N. Shore, C. D. Ott 1 / 8 Mass Loss - Why is

Massive Stars Mass Loss Mathieu Renzo Advisors: S. N. Shore, C. D. Ott 1 / 8 Mass Loss - Why is

TASC 2014, November 7, UCSD Massive Stars Mass Loss Mathieu Renzo Advisors: S. N. Shore, C. D. Ott 1 / 8 Mass Loss - Why is it important ... ... for the stellar structure? ... for the environment? Evolutionary timescale chemical and

653 views • 8 slides
THE LIBRESWAN PROJECT An Internet Key Exchange (IKE) daemon for IPsec Enterprise IPsec

THE LIBRESWAN PROJECT An Internet Key Exchange (IKE) daemon for IPsec Enterprise IPsec

THE LIBRESWAN PROJECT An Internet Key Exchange (IKE) daemon for IPsec Enterprise IPsec based VPN solution Make encryption the default mode of communication Certifjcations (FIPS, Common Criteria, USGv6, etc.)

917 views • 25 slides
C ONTENTS February 2009 Introduction Ethernet and Spanning Tree L2 Forwarding with Link

C ONTENTS February 2009 Introduction Ethernet and Spanning Tree L2 Forwarding with Link

February 2009 RB RIDGES L2 Forwarding with Link State Routing L AYER 2 F ORWARDING B ASED ON L INK S TATE R OUTING Donald E. Eastlake 3 rd 1 donald.eastlake@stellarswitches.com C ONTENTS February 2009 Introduction Ethernet and Spanning

1.11k views • 46 slides
Hipster MySQL Monitoring: Serving a deconstructed PMM Percona Live 2017 Santa Clara, California

Hipster MySQL Monitoring: Serving a deconstructed PMM Percona Live 2017 Santa Clara, California

Hipster MySQL Monitoring: Serving a deconstructed PMM Percona Live 2017 Santa Clara, California | April 24th 27th, 2017 Ben Mildren, Senior Database Engineer The deconstructed flat white digitalocean.com Just give me coffee!

525 views • 30 slides
Link Layer: CSMA/CD, MAC addresses, ARP Smith College, CSC 249 March 29, 2018 1 MAC Address q

Link Layer: CSMA/CD, MAC addresses, ARP Smith College, CSC 249 March 29, 2018 1 MAC Address q

Link Layer: CSMA/CD, MAC addresses, ARP Smith College, CSC 249 March 29, 2018 1 MAC Address q 32-bit IP address: v network-layer address v used to get datagram to destination IP subnet q MAC (or LAN, physical, Ethernet, hardware) address: v

729 views • 16 slides
UDP Encapsulation in Linux netdev0.1 Conference February 16, 2015 Tom Herbert

UDP Encapsulation in Linux netdev0.1 Conference February 16, 2015 Tom Herbert

UDP Encapsulation in Linux netdev0.1 Conference February 16, 2015 Tom Herbert <therbert@google.com> Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada Topics UDP encapsulation Common offloads Foo over UDP (FOU)

597 views • 44 slides

More recommend