Simplicity is the ultimate sophistication

Font Size




Linux kernel networking

Your bible for understanding the way the networking works within the Linux kernel should be this page. In this article I would like to list the functionalities available at this level and how they can be configured. This is rather a high level view, I do not intend to rewrite manuals or to supplement the documentation that other wrote for these modules or utilities

Unix systems -history and genealogy

Writing this article reminded me about The history of the middle earth. The J. R Tolkien's fantasy world is far less complicated than the Unix world but they are equally fascinating and vast free for imagination realms and this is where the traveller in this words falls in love with them

Major Unix Systems

A high level map of the major Unix distributions can be seen here:

Network blood test

Here is a short list with things everyone should check in order to make sure their network is OK
  • No shared Ethernet segments are saturated (no more than 40 percent sustained network utilization). New segments should use switched and not shared technology.
  • No WAN links are saturated (no more than 70 percent sustained network utilization).
  • The response time is generally less than 100ms (one-tenth of a second). More commonly less than 2ms in a LAN.
  • No segments have more than 20 percent broadcasts or multicast traffic. Broadcasts are sent to all hosts in a network and should be limited. Multicast traffic is sent to a group of hosts but should also be controlled and limited to only those hosts registered to receive it.
  • No segments have more than one cyclic redundancy check (CRC) error per million bytes of data.
  • On the Ethernet segments, less than 0.1 percent of the packets result in collisions.
  • A CPU utilization at or over 75 percent for a 5-minute interval likely suggests network problems. Normal CPU utilization should be much lower during normal periods.
  • The number of output queue drops has not exceeded 100 in an hour on any Cisco router.
  • The number of input queue drops has not exceeded 50 in an hour on any Cisco router.
  • The number of buffer misses has not exceeded 25 in an hour on any Cisco router.
  • The number of ignored packets has not exceeded 10 in an hour on any interface on a Cisco router.
If all these are OK then the blood that flows through the veins of your network is OK!

Why network engineers need to know Linux

Unix is something that I learned long long time ago while Slackware was ruling the world of Linux. At that time I had no idea how much I did not know about it and since then the things went crazy and the Unix Universe enlarged to an unimaginable size.

Becuse today more and more devices are based on Linux I guess it would be bad taste to say you do not know Unix and that goes especially for  Linux. From phones and tablets to robots and routers many many  other things are powered by Linux these days.

This article came out of my frustration with not knowing what exactly I am doing and who I am dealing with when working with various network appliances, especially when it comes to hacking these appliances. Here are just a couple of then that I have been dealing with for the last couple of months:

  • Cisco ASA appliances
  • Alteon Load balancers
  • F5 load balancers
  • OpenVswitch
  • Checkpoint Firewall
  • OpenFlow and Openvswitch
  • Linkys routers usig dd-wrt

The list is quite long and all the above have one thing in common: The Linux Kernel and its network related features. Today’s kernel capabilities have evolved to the point where the Linux kernel is not only a money and time saving solution but it also opens a full range of options when it comes to building network appliances around it

Long story short, my target for these articles is to clarify and put in good order the following:

  • differences between various flavours of Unix/Linux and how they evolved
  • next I will focus on the Linux kernel
  • a list of network appliances that I deal with on a daily basis and what kernel they are based on
  • the kernel networking concepts
  • network emulators and how to use them
  • virtualisation with Linux

I do not intend explore the above to their full extent but just enough to give me the confidence that I know exactly what can be done and what can not be done specific situation.