TCP crypt

Thu, 03/10/2011 - 15:03 by Olivier Bonaventure • Categories:

Despite its respectable age (the first specification was published in September 1981), TCP is still alive and researches and IETFers continue to develop new extensions to improve the protocol. Multipath TCP received a lot of attention during the last years. Another TCP extension to improve the security of TCP has been submitted for the next IETF meeting. TCP crypt aims at improving the security of TCP by allowing the utilisation of crypto mechanisms to protect the TCP segments.

MPLS autobandwidth

Mon, 03/07/2011 - 15:27 by Olivier Bonaventure • Categories:

Since several years, Cisco routers have included a feature called mpls autobandwidth that allows the router to compute automatically the bandwidth required for an LSP and adjust the reserved bandwidth. This feature seems interesting, but personally I have always feared that it could cause oscillations in a network if the change in reserved bandwidth leads to a change in paths for the concerned LSPs.

TCP's retransmission timeout

Mon, 03/07/2011 - 14:23 by Olivier Bonaventure • Categories:

The retransmission timeout plays an important role in allowing TCP to recover from segment losses. Over the years, extensions to TCP have been developed to reduce the reliance of TCP on the retransmission timer. Recently, a SIGCOMM paper proposed to use microsecond resolution timers in TCP. A recent IETF draft summarizes the discussions on TCP's retransmission timer, but surprisingly it does not discuss these microsecond resolution TCP timers.

Hijacking FON user's Facebook & Twitter sessions using firesheep

Tue, 12/14/2010 - 18:42 by Damien Leroy • Categories:

In the following video, we show that it is easy (i.e. anybody can do it) to hijack FON user's sessions (i.e. access his Facebook, Twitter,... accounts) using a simple Firefox extension. You simply have to be connected on the same access point, which is an open access point in the case of FON and most hotspots.

H root server down for 18 hours

Mon, 10/04/2010 - 00:14 by Olivier Bonaventure • Categories:

The root servers of the Domain Name Systems are highly redundant. This redundancy is important to ensure that the root DNS service continues to be provided even if one of the DNS root servers fails. These servers are well maintained and fail rarely. However, on October 1st, the H instance of the root DNS servers maintained by the US Army failed.

Simplifying BGP

Sun, 09/12/2010 - 18:58 by Olivier Bonaventure • Categories:

During the last week, two recent IETF drafts have proposed to simplify some important aspects of the operation of BGP.

100Gb/s loss at ams-ix

Tue, 08/31/2010 - 18:06 by Pierre François • Categories:

Screenshot of the traffic loss at Ams-Ix, Aug 29th 2010

Syndicate content