Fixed this week:
- Working with ITS we have solved the issue where some Eduroam devices
can't communicate with 250-net. The issue was caused by a dangling VLAN
interface in the FCMS-vdom inside the Fortinet firewall that was
blackholing access to our network from some UoW subnets.
- Rolled out openssl patch roll up to various machines to fix DROWN etc.
- Rolled out new rabbitmq to AMP fleet to patch CVE-2015-8786.
- Rolled latest drupal patches.
Business as usual:
Tested Debian upgrade path on warlock on a filesystem snapshot. Still
have a bunch of work to go on wand website to make it work on newer
versions of PHP provided by newer Debian.
Met new honours students, spent time discussing direction of their
Released new version of Bearwall with official systemd support which
means it now works with new ubuntu that will be running on new wand
desktops. Spent some time writing firewall rules to work with docker.
Started conversation with new switch vendor to buy a new multitable
openflow switch. They seem positive to be working with us.
In process of working with another vendor to fix CPU load issues we
are having with their product.
Looked after both Jamie and Perry this week who were in town visiting.
Finished moving the main control socket to use protocol buffers to start
test servers. Updated the control socket to accept multiple message
types and added the ability to run a one-off test remotely using the
control port on an amplet client. This needed a few more smarts to
decide where the results should be sent - to the broker, to a remote
user, or to stdout and to print them as appropriate.
Fixed a bug in the HTTP test where it couldn't match a URL with a
fetched object in the broken situation where the path was outside the
root (e.g. src="../images/foo.png" when already at the top level).
Updated the standalone tests to accept SSL options so that they can be
run targeting existing amplet2-clients, using the control socket to
start a test server.
Worked a little bit on the OpenFlow patch manager again. I added support to save and load configuration and tidied up handling of multiple switches so that only registered dpids are used rather than the first in approach. This does also mean multiple switches can be supported from a single instance, however it does not have any inter-switch smarts.
Watched a couple of the apricot talks, some were quite interesting particularity some of the lightening talks. Also got a tiny bit side tracked looking at multi-path TCP, which we now have a capture of.
Continued working on the paper I'm writing, mainly involving reading over and re-writing sections.
I've also been working through re-enrolment for the next year of my PhD, as I will be on holiday from the 14th March until April (when my enrolment ends).
My fixes to Andy's InfluxDB code seems to be resulting in consistent and correct bins being stored in the rollup tables. Threw netevmon at the development system to see if it can cope, which it seems to be doing OK. There's still a bit of a concern around long-term memory usage, but I'll see how that pans out over the next couple of weeks.
Spent the rest of my week concentrating on finishing up JP's summer study on unexpected traffic on typically open ports. Managed to improve a few existing rules to recognise more traffic, as well as add new rules for QQ video chat and what appears to be a C&C covert channel for some Chinese malware using UDP port 53. Started framing up a paper for IMC based on this study.
Did some final prep work for the libtrace lectures and assignment for 513.
Finished removing the test specific options from the main test
management protocol. Each test now deals with it's own options (if any)
that are embedded in the top level protocol buffer message.
Refactored the main loops of the throughput and udpstream tests to be a
lot more readable and to make it obvious what is going on for each of
the message types.
Lots of small fixes for things in the udpstream test - making sure
packet contents (timestamps etc) are sensible for both 32 and 64 bit
architectures, median/percentiles correctly calculated with small
numbers of packet delay variances.
Started work on moving the main control socket (used to start the test
servers, and soon, to run on-demand tests) to using protocol buffers.
Arrived back in NZ on Monday, back at work on Tuesday. Brought Brendon and Richard N. up to speed on the things I learned at AIMS and the potential collaboration opportunities I discussed with people there. Spent a bit of time writing emails to chase up on some of these opportunities.
Deployed Andy's InfluxDB code on prophet. Spent much of the rest of the week playing around with the continuous query system to try and fix some outstanding issues caused by Influx's design decision to never automatically backfill the aggregated series when older / lagged data is received (e.g. when restarting NNTSC after an outage or AMP results arriving 40 seconds later than their timestamp due to timeouts). This was a bit trickier than you would think because there's no obvious way to find out when the last automatic continuous query ran (they don't happen exactly on the bin boundary) so I have to guess based on the current time, the time the bin should have ended and the timestamp of the current result.
Started to remove the test specific options that had crept into the
generic control message definitions. Unfortunately the protobuf-c
library doesn't appear to do extensions properly yet, so I've had to
work around that to embed test specific options inside the top level
Throughput test now uses protocol buffers for all of the messages
involved in arranging and reporting the test. This is all achieved
through the same functions used by the udpstream test, which should now
be generic enough that other tests requiring custom servers can be written.
Wrote a first pass at the save function for the udpstream test, which
may need some modification once database schemas for storing the results
Last week, I worked on re-modelling the TCP socket server (RouteReceiver) that receives routes from the routing daemon as a RYU app. This would bring the RouteReceiver under the control of the Ryu application manager which would schedule and manage any greenthread that may need to be spawned to handle multiple connections from routing daemons.
I also added an event handler class for Rhea to handle and process any messages that may arise from Rhea events like when a route is received by the RouteReceiver or when a router connects or disconnect from Rhea.
This week, I've been working on transforming the received routes into OpenFlow rules to be installed on the switches.
Spent my week in San Diego attending the BGP hackathon and the AIMS workshop.
The hackathon went really well. I was so intimidating that nobody wanted to join my team, but I still managed to add a lot of useful filtering capabilities to CAIDA's BGPStream software. Will try to write a more detailed blog post on what I did at some point, but it was enough to win myself a prize for being one of the top teams.
The AIMS workshop was also very valuable, as there was definitely some interest in what we have been doing with both AMP and NNTSC. In particular, it seems that AMP might have some value for some big ISPs outside of New Zealand. Looking forward to seeing what comes from the discussions I had with various workshop attendees.
I have been working through creating graphs and putting results into the paper I'm writing. I worked through scripting up the creation of graphs as well as modifying the existing scripts to look better at a small size. I also worked through modifying scripts to colour bars based upon the switch such that all graphs are consistent.
Processing all the results took a littler longer than expected as I looked through the results a few changes were required to ensure setup/teardown were not included in results. And in general looking through all the results to ensure that there is nothing obviously wrong with a given test and pick the most interesting cases.