This blog post is for network experimenters who want to collect (receive) NetFlow or IPFIX flow records using the nfdump package (which includes nfcapd). An example use case, building on previous blog post NetFlow on OpenWRT, is shown in diagram below (highlighted boxes):
Flow records can be useful for various applications such as network visibility and security alerting. Continue reading
This blog post is for network experimenters who want to export flow records from a small network, such as a home network using an OpenWRT router. Such a network might look like this:
Flow records can be useful for various applications. Here is an example flow record:
Date first seen Duration Proto Src IP Addr:Port Dst IP Addr:Port Packets Bytes Flows
2018-08-04 21:31:34.518 0.000 TCP 10.1.1.19:52465 -> 10.1.1.1:22 100 4600 1
Flow records give a coarse-grained view of what traffic is passing over a network, including flow source and destination addresses/protocols/ports, as well as volume information such as packets and bytes.
In this tutorial we use OpenWRT, a popular free and open source router operating system, and add the softflowd package to it to generate NetFlow flow records. There are however many other options to achieve the same outcome. Continue reading
Previously in part 1, we covered containers at a high level, including how they scale, alternatives and properties. Now in this second post we find out what Docker is, how it runs on Linux, and how images work. And we’ll do all this without the usual analogies of containers and ships, but instead with restaurants & food. Sound good? Well, keep reading…
What is Docker?
Docker is the dominant container technology (as of 2018); with around 79% of organisations in a 2017 survey saying Docker is their primary method for running containers.
There is a tendency to conflate Docker with containers and assume they are one and the same. This is not true. Continue reading
One of my 2018 learning goals is to become more familiar with containers. This blog post (first of a series) is intended to help broaden my own understanding of containers; hopefully it is also of use to others.
What is a Container?
A container is a type of application virtualisation that isolates and sandboxes application processes within an operating system (OS).
On Linux, a container is a process (or multiple), isolated from other processes through namespaces. The container sees a separate isolated filesystem:
Overview of how a container runs on Linux
Part 2 – Install
In part 2 of this blog post, we cover off how to install the necessary components to build virtual SDN labs with Vagrant. Continue reading
Part 1 – Introduction
I’ve been experimenting with Vagrant to automate the creation of virtual Software-Defined Networking (SDN) labs. This blog explains how create SDN labs with Vagrant.
Why SDN labs? Maybe you’re a network student or engineer learning new skills. Maybe you want to develop the next killer SDN app. Perhaps you’re doing SDN research. Virtual labs are a great way to test ideas without having to invest in SDN switch hardware, and can be set up quickly. Continue reading
(Note: copy of my original blog post from September 2016)
I recently went through the pain of configuring a Python project to automatically produce documentation on Read the Docs. While the outcome was good, the process getting there wasn’t… This blog is for those who want to avoid the steep learning curve I went through. Continue reading
Software-defined networking (SDN) separates network control from packet forwarding. SDN is great for experimenters, as we get to tinker with how the network runs, without having to worry about moving packets.
To play with SDN in your home network you’ll need a device to do the packet forwarding, under control of your software.
I’ve added instructions on how to build a home SDN lab that leverages a common consumer-grade TP-Link home router repurposed as an OpenFlow switch, including Wi-Fi.