Application configures network: specifics, problems, solutions Vasiliy Tolstoy EMC RCOE v 0.5.

Slides:

Advertisements

Similar presentations

Copyright © 2014 EMC Corporation. All Rights Reserved. Basic Network Configuration for File Upon completion of this module, you should be able to: Configure.

Advertisements

Chapter 5 Intro to Routing & Switching.  Upon completion of this chapter, you should be able to:  Describe the operation of the Ethernet sublayers.

Implementing Inter-VLAN Routing

1 Dynamic DNS. 2 Module - Dynamic DNS ♦ Overview The domain names and IP addresses of hosts and the devices may change for many reasons. This module focuses.

DHCP Dynamic Host Configuration Part 7 NVCC Professional Development TCP/IP.

Lecture 2: Servers and Services Network Design & Administration.

Ethernet and switches selected topics 1. Agenda Scaling ethernet infrastructure VLANs 2.

Linux Networking TCP/IP stack kernel controls the TCP/IP protocol Ethernet adapter is hooked to the kernel in with the ipconfig command ifconfig sets the.

TCP/IP Protocol Suite 1 Chapter 7 Upon completion you will be able to: ARP and RARP Understand the need for ARP Understand the cases in which ARP is used.

1 Web Server Administration Chapter 3 Installing the Server.

Introduction to Applied Network Security By Prof. Herzberg Man in the Middle lab #1 Aharon Brodie.

Chapter 5 - TRANSPORT and NETWORK LAYERS - Part 2 - Static and Dynamic Addressing Address Resolution Dr. V.T. Raja Oregon State University.

Linux Networking TCP/IP stack – kernel controls the TCP/IP protocol – Ethernet adapter is hooked to the kernel in with the ipconfig command – ifconfig.

Chapter 23: ARP, ICMP, DHCP IS333 Spring 2015.

Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access memory.

TCP/IP Tools Lesson 5. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Using basic TCP/IP commands Understanding TCP/IP3.6.

TCP/IP Addressing Design. Objectives Choose an appropriate IP addressing scheme based on business and technical requirements Identify IP addressing problems.

Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.

IST 228\Ch3\IP Addressing1 TCP/IP and DoD Model (TCP/IP Model)

Virtual IP Network Windows Server 2012 Windows 08 Dual Subnets.

Installing a DHCP Server role on Windows Server 2008 R2 in a home network. This is intended as a guide to install the DHCP role on a Domain Controller.

SUSE Linux Enterprise Server Administration (Course 3037) Chapter 7 Connect the SUSE Linux Enterprise Server to the Network.

IT:Network:Applications Fall  Running one “machine” inside another “machine”  OS in Virtual machines sees ◦ CPU(s) ◦ Memory ◦ Disk ◦ USB ◦ etc.

Chapter Eleven An Introduction to TCP/IP. Objectives To compare TCP/IP’s layered structure to OSI To review the structure of an IP address To look at.

Windows Internet Connection Sharing Dave Eitelbach Program Manager Networking And Communications Microsoft Corporation.

Fundamentals of Networking Discovery 1, Chapter 2 Operating Systems.

Internet Packet eXchange Protocol (IPX) Network Documentation

Network Configuration Charles (Cal) Loomis & Mohammed Airaj LAL, Univ. Paris-Sud, CNRS/IN2P October 2013.

ITS CSS Desktop Support Introduction to networking concepts Last updated: 9/30/2008 by pxahelp.

IP Address Allocation, Resolution. Address Allocation.

1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 3 v3.0 Module 6 Switch Configuration.

1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 3 v3.0 Module 6 Switch Configuration.

1 CCNA 3 v3.1 Module 6 Switch Configuration Claes Larsen, CCAI.

TCP/IP Networking Review Covered Subjects:  Packet Switched Network Structure  Issues of PSNs  Ports & IP Numbers  Delivery Services  Domain Name.

Link Layer 5-1 Link layer, LAN s: outline 5.1 introduction, services 5.2 error detection, correction 5.3 multiple access protocols 5.4 LANs  addressing,

Transport Layer 3-1 Chapter 4 Network Layer Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012  CPSC.

DHCP Security DHCP Snooping and Security David Mitchell 03/19/2008.

Links and LANs Link between two computers via cross cable The most simple way to connect two hosts is to link the two hosts with a cross cable.

Day 14 Introduction to Networking. Unix Networking Unix is very frequently used as a server. –Server is a machine which “serves” some function Web Server.

Campus Networking Best Practices Hervey Allen NSRC & University of Oregon Dale Smith University of Oregon & NSRC

Link Layer5-1 Synthesis: a day in the life of a web request  journey down protocol stack complete!  application, transport, network, link  putting-it-all-together:

Hands On Networking IPv4 Routing Veena S (MCA Dept) Shruti Kadam, MCA Dept Arpita Kulkarni, MCA Dept June 28, 2012.

Chapter 23: ARP, ICMP, DHCP CS332, IS333 Spring 2014.

LAN Switching Concepts. Overview Ethernet networks used to be built using repeaters. When the performance of these networks began to suffer because too.

EXPOSING OVS STATISTICS FOR Q UANTUM USERS Tomer Shani Advanced Topics in Storage Systems Spring 2013.

Network Addressing Tom Harper, Martell Maten, Robert Pohlman, Jarrod Rotolo.

Chapter 5 Link Layer Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 A note on the use of these.

ERICSON BRANDON M. BASCUG Alternate - REGIONAL NETWORK ADMINISTRATOR HOW TO TROUBLESHOOT TCP/IP CONNECTIVITY.

Computer Communication: An example What happens when I click on

(ITI310) By Eng. BASSEM ALSAID SESSIONS 9: Dynamic Host Configuration Protocol (DHCP)

2: Operating Systems Networking for Home & Small Business.

Chapter 4: server services. The Complete Guide to Linux System Administration2 Objectives Configure network interfaces using command- line and graphical.

Networks and Security Great Demo

Cisco Routers Routers collectively provide the main feature of the network layer—the capability to forward packets end-to-end through a network. routers.

Intro To Virtualization Mohammed Morsi

Network Virtualization Ben Pfaff Nicira Networks, Inc.

Configuring DHCP Relay Configuration Example

Vmware 2V0-642 VMware Certified Professional 6 - Network Virtualization (NSX v6.2) VCE Question Answers.

A Typical Connection Scenario

CS 280: Summary: A day in the life of a web request

Course Review 2015 Computer networks 赵振刚

100% Exam Passing Guarantee & Money Back Assurance

Cisco Real Exam Dumps IT-Dumps

Networking for Home and Small Businesses – Chapter 2

Chapter 6 The Data Link layer

CCNA 3 v3 JEOPARDY Module 8 CCNA3 v3 Module 8 K. Martin.

OPS235: Configuring a Network Using Virtual Machines – Part 2

Networking for Home and Small Businesses – Chapter 2

Chapter 10: Advanced Cisco Adaptive Security Appliance

Chapter 5: Link Layer 5.1 Introduction and services

Presentation transcript:

Application configures network: specifics, problems, solutions Vasiliy Tolstoy EMC RCOE v 0.5

Application vs. System Application: agnostic System: takes everything under control 2LinuxPiter'2015 "Application configures network..." Vasiliy Tolstoy, EMC Network config Application System Application Applications Network config Linux

Why Should Application Bother? Security Access to net config == access to blow it all up Inconsistency guaranteed User eXperience Nobody likes ip(8) Term system does not match user’s one 3LinuxPiter'2015 "Application configures network..." Vasiliy Tolstoy, EMC Red eyes/moose sweaters excluded Wait for two slides! Typical modern GUI

Persistence Kernel netlink /proc IOCTL System V startup config files Firewall batch config load / config dump libc (resolving) direct disk file config 4LinuxPiter'2015 "Application configures network..." Vasiliy Tolstoy, EMC No persistence Persistent (as far root FS is) Limited capabilities (however know bonding and ethtool) /etc/sysconfig/network-scripts/ifcfg-ethN systemd-networkd ???

Entity translation IP GW DNS Port speed/MTU VLAN Bonding Dynamic routing on/off Routes 5LinuxPiter'2015 "Application configures network..." Vasiliy Tolstoy, EMC IP Arbitrary routes + metrics Resolving config Policy based routing rules/tables/priorities Network namespaces/containers DHCP, SLAAC/DHCPv6 VLAN, VxLAN, macvlan, ipvlan virtual devices Bonding Bridging Port speed/negotiation/physical media Firewall Open vSwitch config Dynamic routing daemon config auto/manual switch User System probably for sure

Just Setting An IP… Steps (abridged): Read network stack state Generate free routing table number, remember (e.g. 366) Check that there is mod8021q (VLAN) virtual device on your NIC device (e.g. eth on eth12) If not found, create one Add an IP address to the VLAN device (e.g ). Create a rule for this IP PBR table, using the remembered number (ip rule add...) Fill the table #366, adding two routes: /24 --> eth0.1077; default via Delete the subnet route to /24 from the main table Find the PBR table with the requested virtual server mark (e.g. mark 0x1a -> table #350) If the table #350 misses the subnet route to /24, add one Announce the created IP sending the forced ARP reply for from the eth device 6LinuxPiter'2015 "Application configures network..." Vasiliy Tolstoy, EMC One created by Linux Different for IPv6 Powerful magic here is! OK, if we keep track of the changes we can skip this one NB: Real corner cases are not dealt with here

Superposition Many (virtual) servers Virtual device sharing Transaction isolation Rollback support 7LinuxPiter'2015 "Application configures network..." Vasiliy Tolstoy, EMC Requested by server A Requested by virtual server B_12 Requested by server C User domain operations are non-atomic! vlan N ethX IP4 IP3 IP2 IP1... Acting MAC 802.1q (VLAN) virtual device

API Unification iproute2 CLI ethtool CLI Bridges CLI Bonds CLI netlink IOCTL (device tune-up) /proc Physical files (e.g. for resolving lib) iptables certified CLI nftables binary API DHCP client CLI... 8LinuxPiter'2015 "Application configures network..." Vasiliy Tolstoy, EMC Binary API Do the same CLI Two different firewalls “Comrades application programmers, demand the single API!"

Speed 1 IP: 0.5 seconds 2000 IPs: 20 minutes Small programs may stuck at start on heavily loaded systems Better stick to binary API and stay in RAM 9LinuxPiter'2015 "Application configures network..." Vasiliy Tolstoy, EMC Duh. Who cares. Ridiculously long startup time! I mean really, for minutes!

What Have We Got? Persistence Entity translation Superposition API unification Speed 10LinuxPiter'2015 "Application configures network..." Vasiliy Tolstoy, EMC Looks like we have summoned a daemon!

11LinuxPiter'2015 "Application configures network..." Vasiliy Tolstoy, EMC Kernel Applications VS B_1 VS B_2 VS B_3 NC daemon Persistent storage NC daemon Classic server C Classic server A Virtual server application B Scenario netlink socket /proc FS Application domain commands Linux atomic commands TCP/IP transport Network Configuration Daemon IOCTL Firewall libc Other daemons Files CLI From HA subsystem

Daemon Features Starts before the applications Domain-defined API TCP/IP control transport Internal library of scenarios Transaction support Persistent storage Supports all system binary APIs Configures libc and firewall Talks to other daemons 12LinuxPiter'2015 "Application configures network..." Vasiliy Tolstoy, EMC Can be suppressed Not necessarily so Typical speed Atomic Lunix: IP: < 50uS Full-scale daemon: 1 st IP: < 20 mS 1001 st IP: < 200 mS We plan to make it better!

Thank you! Vasiliy Tolstoy EMC Russia Center of Excellence Saint Petersburg, Russia