In F5 BIG-IP devices there is iControl REST API for interfacing with the devices programmatically. In this post I’ll briefly describe the basics of using the API in Python. I’ll be using BIG-IP version 17.1 here with a separately created non-administrator user account. For starters I’ll use a Python virtual environment to contain the separately-installed […]
I’ve recently used various kinds of message queues when building various apps that have needs to communicate with other parts of the app. For remote use, when the messaging parties are not on the same host, I’ve mostly used Amazon SQS, the Simple Queue Service. When using the SQS ReceiveMessage API call you can select […]
Let’s do some Docker networking with Zabbix proxies. The presented Docker configurations apply to other similar client-server applications as well, so you may find this useful even if you don’t use Zabbix. On this longish page: Preparations I’m running the Docker service on Debian Linux 12 on a virtual machine, with no special configurations. These […]
VRRP (Virtual Router Redundancy Protocol) is commonly used for providing first-hop IPv4 or IPv6 router (“default gateway”) redundancy for network-attached devices. Some network appliances like wireless LAN controllers use it to provide a virtual IP that can always be used for reaching the active member in the device cluster. VRRP can also be used on […]
The switches in Ethernet networks learn all connected hosts’ link-layer addresses (layer 2 or MAC (Media Access Control) addresses) dynamically when the hosts communicate in the network and the switches see the traffic. Based on that information the switches are then able to forward frames optimally without flooding. When you disconnect a physical host from […]
Let’s talk about byte ordering. You look at your packet bytes in Wireshark and see this data for a 16-bit integer field: If the data is said to be big-endian, then it is 0x0c4a = 3146 in decimal. If the data is said to be little-endian, then it is 0x4a0c = 18956 in decimal. So, […]
In DHCP servers you can configure IP address reservations, meaning that you statically configure the IP addresses that you want the specific DHCP clients to get. This is sometimes desirable when you know your devices and want to ensure that their DHCP-assigned IP addresses won’t change, because of, you know, reasons. (Printers may or may […]
What has this SHA-384 to do with AES-256-GCM? I thought GCM contained integrity checks already, so why is SHA-384 there anyway? With AES-CBC (= non-GCM) in IKEv2 phase 1, you have to use an authentication (hashing) algorithm that ensures the integrity of the data exchange. Nowadays the common ones are SHA-256, SHA-384 and SHA-512. So, […]
Following my earlier post about introduction to DHCPv6, let’s see how DHCPv6 relaying works in practice. In VLAN 60 there is the DHCPv6 client but no DHCPv6 server. The subnet-attached router is configured as DHCPv6 relay, using the DHCPv6 server address from VLAN 41. The components in this setup are: I’ll capture the traffic on […]
Dynamic Host Configuration Protocol for IPv6 (DHCPv6) is just that: a protocol that can be used for host configuration, defined in RFC 8415. In this post I will introduce some basics of the protocol. DHCPv6 protocol A DHCPv6 message for client-server conversation consists of message type (1 byte), transaction ID (3 bytes) and variable number […]