Next week SANOG (South Asia Network Operator Group) event will start in Kathmandu, Nepal. I will be instructing on a 4-day workshop on Network Automation with two fellow instructors. The idea of this workshop is to make fellow Ops / Network engineers familiar with concepts of Docker, Ansible, and Gitlab CI/CD pipeline and ultimately to make use of REST APIs to bind these all together.
This is the first time I am doing such a workshop and the content here is built from scratch.
As returning readers of this blog would be aware - I found a trick to find Facebook caching servers around the world during the APRICOT 2018 hackathon. Since then I am running my code again every year to see the changes and publish this report.
Previous reports
March 2018 here Nov 2019 here April 2021 here Facebook knows! Back in 2019, I was in San Francisco, California for NANOG 75. While roaming around in the lobby, someone read the NANOG card hanging around my neck and greeted me.
In a recent Network AF podcast Avi Freedman (Kentik) joked with the guest about how he finds who is transit free / tier 1 network. He said, “I ask everyone who they think is a tier 1 network. Everyone includes their own name + other names”. Next, he ignores the self-nomination & looks at the common list to find who actually is a tier 1 network. This is funny, intuitive and gives some clue.
CERT-IN i.e Computer Emergency Response Team, India issued new guidelines on 28th April. Guidelines essentially ask those VPN providers to keep a log of customer details, their IP addresses, emails, phone numbers etc and maintain that log for at least 5 years. The detailed notification is here.
This not only extends to VPN players but also to datacenters, VPS, cloud service providers etc. I can understand the problem they are trying to solve as most criminal activities are hidden behind VPN players and investigating agencies just hit a dead end as they see the WAN IP of a VPN player.
In the early phase of Russia - Ukraine war, Ukraine made a strange request to ICANN. They asked ICANN to remove .ru (Russian ccTLD) from the root DNS servers, revoke SSL certs for .ru and shut down root DNS servers hosted in Russia.
Here are the three requests they made:
Complete letter is here (and original source is here). This is going to be one of few notable cases where critical internet infrastructure is being weaponised.