Glenn Kelley has a great article on spinning up your own DNS resolvers. This is a critical piece of infrastructure if you are in internet Service Provider (ISP). https://www.linkedin.com/pulse/making-dns-server-your-network-uses-root-hints-glenn-kelley As Glenn writes. Here’s why ISPs should consider running their own: This is especially important in high-latency networks such as in the 3rd world or some Fixed Wireless networks Conclusion While leveraging third-party DNS services like Google or Cloudflare offers a plug-and-play solution for ISPs, in the long run, it might be more beneficial...
Continue reading...server
Bind 9.4 helpful notes
So recently I was spinning up some new authoritative names servers. I have stuck with bind for authoritative for years because the format of the files and queries is THE standard for DNS zones. IMHO, there are some better resolvers out there but I stick with bind for authoritative. Anyway, on to my issue. The purpose of one of these servers was for reverse DNS. I added the in-addr files and added a few zone files. Things hummed along for a few days...
Continue reading...OpenGear Resilience gateway for ISPs
Some quick notes and screenshots from the OpenGear Resilience Gateway https://opengear.com/products/acm7000-resilience-gateway . The model I am working with is the ACM7004-2-L. It has 4 serial Cisco Straight pinout, Dual 1 GbE Ethernet, Global 4G LTE-A Pro cellular, 2 DIO, and 2 output ports. So what does this thing do and what can it do for you as an ISP? At the basic level, this is a console server with multi wan capability. What this means is when the crap hits the fan you...
Continue reading...OpenVPN, rooter project, and Mikrotik
Tutorial on Using The Rooter project to establish an OpenVPN connection to a Mikrotik router.
Continue reading...Everything you wanted to know about NTP
Network Time Protocol (NTP) is a service that can be used to synchronize time on network connected devices. Before we dive into what NTP is, we need to understand why we need accurate time. The obvious thing is network devices need an accurate clock. Things like log files with the proper time stamp are important in troubleshooting. Accurate timing also helps with security prevention measures. Some attacks use vulnerabilities in time stamps to add in bad payloads or manipulate data. Some companies require accurate...
Continue reading...How to install windows server 2019 on VMWare
How to install Windows Server 2019 from Microsoft on VMWare. https://www.sysnettechsolutions.com/en/server2019/install-windows-server-2019-vmware-workstation-14/
Continue reading...The importance of Network Monitoring Systems (NMS)
One of our open tickets on MidWest-IX is a member reporting slow speeds on their exchange port. After having them send us some data and a few e-mails back and forth we began looking at their switch port on the fabric. Right away we noticed errors on the port. After a counter reset the errors were still incrementing 19 runts 0 giants 1210 CRC 0 no buffer 1329 input error 0 short frame 0 overrun 0 underrun 0 ignored This led us to...
Continue reading...Running our own mail server? SPF, DMARC primer
Are you running your own mail server? If so, check out this primer from the folks over at MX Toolbox.
Continue reading...Route Server Diagram for an IX
Normally on a peering exchange, all connected parties will establish bilateral peering relationships with each other customer connected to the exchange. As the number of connected parties increases, it becomes increasingly more difficult to manage peering relationships with customers of the exchange. However, by using route servers for peering relationships, the number of BGP sessions per router stays at two, if the IX has deployed redundant servers.
Continue reading...