September 11th, 2008 
Basic Routing
It’s a question that I get from time to time and it’s time to answer here. If you understand the fundamental principles of networking, then all the other parts of building and maintaining an ISP network (wired OR wireless) are much simpler. In this series of articles we will discuss the processes that make IP networking function by delving into the fundamentals of how subnetting works, how a router USES subnet information and the very important arp process.
This topic is an easy topic to understand, but it is difficult to organize the materials and ideas needed to easily explain. This is because there are so many pieces that are related and understanding one part is necessary to understand the next. You, as a reader, may need to read this article more than once in order to fully understand all of the parts. We will use the following “talking points” to cover this topic:
- Networking basics - what is needed to make two or more computers communicate?
- What is a router and why is it a necessary component in a network?
- Subnet masks and what they mean. What, exactly, IS a subnet address and why do I care?
- ARP - what is it and what does it do?
- Wrap up and tying up the loose ends.
Read the rest of this entry »
August 7th, 2008 Uncategorized
As many of you know, it was recently discovered that the DNS protocol has a serious flaw. I don’t have a lot to add to the conversations of some serious experts, but I wanted to post a link to some of the tools that I have found that will help you know if you are at risk.
Dan Kaminsky, a security researcher, recently discovered the flaw. While I am never one to preach “doom and gloom”, this is a really serious bug that WILL gain traction among the hackers. There is already proof of concept code available that shows how to attack this flaw, so don’t hesitate to fix it. DoxPara Research is where you will find the best information about the flaw. Also at Dan’s website (DoxPara), is a tool that will test your DNS server to see if it is vulnerable. YOU SHOULD TEST THIS NOW! Don’t hesitate and do it later. NOW! (Please)
Also, ICANN has released a tool that will test the DNS server that is providing DNS services for your domain. More information on the exploit and it’s implications can be found on ICANN’s website. Their tool is here. Again, this is very important to the security of not only YOUR website, but, also, to the security of anyone who visits your website. DON’T DELAY! DO IT NOW!
July 28th, 2008 Mikrotik
Over the course of the past several days, I have seen a significant number of folks who misunderstand the proper use for the new interface based routing option in MikroTik’s RouterOS.
First, what is interface routing anyway? In order to understand the answer to this question, we first have to understand how network communications works. More specifically, we will discuss how IP communications happens.
Read the rest of this entry »
July 6th, 2008 ImageStream, iptables
In this article, I will provide a brief tutorial for using iptables. This article applies specifically to ImageStream routers, but more generally, it applies to ALL Linux based devices that use iptables for the filtering of traffic. In another article, I will address firewalling in Mikrotik, which is, also, an iptables based firewall. Some parts of this article will apply to Mikrotik, so it may be worth reading even if you are a pure Mikrotik shop.
June 28th, 2008 ImageStream
The ImageStream router (http://www.imagestream.com) is a Linux based router that offers all the flexibility of any other Linux system with the added advantage of ImageStream’s special driver component architecture and management interface called “Inetics”. I won’t go into the details of the Inetics platform (that’ll be another article some day), but it should be sufficient to say that it is a trememdous feature in ImageStream’s router platforms.
This article will detail the steps needed to successfully configure an ImageStream router as a replacement for a consumer grade CPE device such as a Linksys, Dlink or even the higher end Cisco Pix. This article will deal only with the configuration of a router with ethernet ports. We will see all the steps needed to get the customer online and functional. Items such as VPN and firewall will also be covered at a later time.
Read the rest of this entry »
June 24th, 2008 ImageStream
ImageStream hired me to run their ICNO training event in Denver. Here are a few pictures. Move your mouse over the pics to see a short description of each image.
June 22nd, 2008 Mikrotik
This is my first post about the Mikrotik Product. I will be putting up several examples in the coming weeks and months, so if you don’t see what you are looking for, be sure to contact me directly. Leaving a comment is fine, but not likely to be “answered” unless it is a clarification for the specific article.
This article is intended to be a short guide to help you configure a Mikrotik router to behave in a way that is similar to a soho router with a wireless connection upstream. This configuration is perfect for a WISP that is using devices like the RouterBoard 411 (priced at about $59), along with a CM9 or similar radio (about $40), associated power supply, outdoor enclosure/antenna, etc. The total cost of a flexible device like this is about $150-160, including everything needed to install at a customer’s house or business. Read the rest of this entry »
June 22nd, 2008 Site Information
This blog will contain several tutorials and thoughts about various networking devices and technologies. Part of the intent here is to share some how-tos using various products. Since I am most familiar with the ImageStream and Mikrotik products, you will find many of my tutorials revolve around these products. Also, I will be posting various general networking tutorials. If you can think of a specific tutorial you’d like to see written up, by all means, please let me know by email or by phone. My main consulting website is here.
