Ipv4

CERT-IN i.e Computer Emergency Response Team, India issued new guidelines on 28th April. Guidelines essentially ask those VPN providers to keep a log of customer details, their IP addresses, emails, phone numbers etc and maintain that log for at least 5 years. The detailed notification is here.

This not only extends to VPN players but also to datacenters, VPS, cloud service providers etc. I can understand the problem they are trying to solve as most criminal activities are hidden behind VPN players and investigating agencies just hit a dead end as they see the WAN IP of a VPN player.

Saw this excellent presentation in UKNOF 34 by Peter Stevens from Mythic Beasts. Really enjoyed the challenges and fixes he shared in running an IPv6 only web hosting. A must watch for geeks :)  

Also, UKNOF & NLNOG both seem to have excellent content in their conferences along with professional video recording which they make available over YouTube channels.

VyOS is quite interesting OS. It’s a open source Linux based network operating system based on Vyatta. It’s config style seems bit like JunOS in terms of hierarchy and set/edit/delete options while editing configuration.  

**Can one use it in a small ISP or a Corporate LAN setup? 

Someone asked me recently if we can have complete open source based router in smaller network doing basic stuff. Not with not-so-streamlined Linux shell but networking OS where network engineers favorite tool “?” works in CLI with options. Let’s take a possible case with bunch of routers, a server with speedtest-mini running on it and end desktop with Ubuntu-desktop on it along with VyOS based router. Goal here is to have basic features to work (to start with!). I am conducting this test and setup on the VM infrastructure at home but that should have zero impact/configuration of network devices and hence not going to focus on that part. All devices including server, desktop and router are pretty much running on virtual machines or KVM containers.     To configure and test:

Last week I saw an interesting post at APNIC mailing list about IRINN (recently formed NIR in Indian region). 

Poster Jimmy was concerned about IRINN’s netname

inetnum: 0.0.0.0 - 255.255.255.255  
netname: IRINN-BROADCAST-ADDRESSES  
descr: Broadcast addresses  
descr: These addresses cannot (should not) be routed on the Internet.  
country: IN  
admin-c: IH1-IN  
tech-c: IH1-IN  
status: ALLOCATED PORTABLE  
remarks: send spam and abuse report to info@irinn.in  
mnt-by: IRINN-HM  
mnt-irt: IRT-IRINNHM-IN  
mnt-lower: IRINN-HM  
changed: hostmaster2@irinn.in 20130420  
source: IRINN

As per first two lines entire IPv4 address space i.e 0.0.0.0/0 (ranging from 0.0.0.0 to 255.255.255.255) was put as IRINN-Broadcast while expected was IANA broadcast (since IANA sits on top in this RIR & NIR hierarchy).