Sunday, December 12, 2010

Mirotik queue change through API

I was implementing time based queue change. Rather than using mikrotik in-built scheduler i thought to execute a crontab through central location. Therefore i tried with except scripting but with telnet it failed or not working properly. I think the returned results might have any color coding input. while searching i stumble on the mikrotik perl api written by Hugh [URL:http://forum.mikrotik.com/viewtopic.php?f=8&t=22744].
i just edited the example code as follows. this is the upgrade this will be edited for the download.

#!/usr/bin/perl -w
#to define the api.
BEGIN {push @INC, '/root/upgradefolder'}
use Mtik ;

$mtik_host = "192.168.28.49";
$mtik_user = "user_script";
$mtik_passwd = "passwordscript";
my(@cmd);
push(@cmd,"/queue/simple/set");
push(@cmd,"=limit-at=6144000/6144000");
push(@cmd,"=max-limit=6144000/6144000");
push(@cmd,"=.id=2M");

$Mtik::debug = 0;
if (Mtik::login($mtik_host,$mtik_user,$mtik_passwd)) {
my($retval,@results) = Mtik::raw_talk(\@cmd);
foreach my $result (@results) {
print ">>> $result\n";
}
Mtik::logout();
}
else {
print "Couldn't log in to $mtik_host\n";
}



Mikrotik side I've enabled api services.

ip service print
Flags: X - disabled, I - invalid
# NAME PORT ADDRESS CERTIFICATE
0 telnet 23 0.0.0.0/0
1 ftp 21 0.0.0.0/0
2 www 80 0.0.0.0/0
3 ssh 22 0.0.0.0/0
4 X www-ssl 443 0.0.0.0/0 none
5 api 8728 0.0.0.0/0
6 winbox 8291 0.0.0.0/0


and named the queue as 2M

>queue simple print
Flags: X - disabled, I - invalid, D - dynamic
0 name="2M" target-addresses=192.168.28.48/29 dst-address=0.0.0.0/0
interface=ether3 parent=none direction=both priority=8
queue=default-small/default-small limit-at=4096000/4096000
max-limit=4096000/4096000 burst-limit=0/0 burst-threshold=0/0
burst-time=0s/0s total-queue=default-small



And added the crontab according to it .

#Auto bandwidth upgrade script
01 19 * * * /root/upgradefolder/test_upgrade.pl
01 07 * * 1-5 /root/upgradefolder/test_downgrade.pl

CCNA Access list lab

Tasks are defined in the packet trace file. 10.10.12.0/24 network ip address not bound to the PC.
Otherwise this is the basic diagram.



Download:http://hotfile.com/links/88950992/ac4cb5e/acl.pkt.html

Sunday, December 5, 2010

Little endian, Big endian -- back to network programming.

This is for my reference :) .

Data Pattern AFB3
Little endian B3 AF
Big endian AF B3
Network Byte Order Big-Endian
Host Byte Order -Depend on the Host


Ref: http://beej.us/guide/bgnet/output/html/multipage/ipstructsdata.html

Friday, December 3, 2010

application virtualization concept - Qubes OS

Invisible Things Lab - they are focused on kernel security, virtualization security and system/firmware level security who brings up certain vulnerabilities in Intel process introducing qubes which is based on virtualization concept. core concept behind the OS is based on Security by Isolation .


Architecture mentioned in the above diagram(taken from the documentation).
I couldn't test / or willing to download ;) .
!!NOTE: You can only install Qubes on a 64-bit CPU! (most recent laptops have 64-bit CPUs)
!!!NOTE: Do not try to install Qubes in a VM, e.g. VMWare.



By the way if you want to try :
http://www.qubes-os.org/trac/wiki/InstallationGuide
http://qubes-os.org/Architecture.html
http://www.invisiblethingslab.com/itl/Welcome.html

IEEE P802.3az Energy Efficient Ethernet

Energy Efficient concept move from data centers to servers CPU and finally come up to the Ethernet controller level. I didn't want to read the IEEE standard ( i don't have capability to understand the content ). but in future drivers will interact to provide the dynamic negotiation of the bandwidth over the Ethernet, when the link idle it tries to save the power.
Relevant resources:
Overall intro :
http://www.nanog.org/meetings/nanog50/abstracts.php?pt=MTY0NCZuYW5vZzUw&nm=nanog50
IEEE working group:
http://www.ieee802.org/3/az/public/
One more tutorial :
http://www.ieee802.org/802_tutorials/07-July/IEEE-tutorial-energy-efficient-ethernet.pdf
Interesting concepts :
Desktop-to-switch links
– Are mostly idle
• Lots of very low bandwidth “chatter”
– High bandwidth needed for bursts
• Bursts are often seconds to hours apart
• Server links are also often not fully utilized
– Higher speed links offer more opportunity to save energy
– This is an area where more data is needed
• Evidence of low utilization (desktop users)
– LAN link utilization is generally in range 1 to 5% [1, 2]
– Utilization for “busiest” user in USF was 4% of 100 Mb/s

Asus's calming they are the first one :)

Sunday, November 21, 2010

Internet Banwidth will be free ?

Few years back getting 1Mb bandwidth internet port cost much , the same scenario experienced by the mobile operators. when the competition increases the new price model and service oriented architecture and focus on the data services increases. But the wholesale internet business seems to be facing the same problem . "Wholesale Internet Bandwidth Prices Keep Falling" according to the 2008 report it suggest between 10$ -14$ this values indicate the US pops pricing . But in the Asian countries specially south Asian countries the pricing stricture really high when compared to Europe due to the lack of infrastructure. But the Indian market giving the pressure to reduce the pricing structure. That will have certain impact on the neighbor countries.
with this in mind when reaching 2020 the per Gigabit cost will be the same and the services that use to offer will be the dominating factor in the service providers. Hosting may migrate to community offer or hybrid cloud structure. where the ipv6 will gives individuals to host their own service. reliability will be given through the distributed peer to peer structure. Wireless providers will be moved to promising wireless new standardize such as 802.11ac. (802.11ac Standard Will Bring Gigabit Speeds to WiFi) . and upcoming new standards.

Internet will be a utility service , but the services the user going to be consume will dominate the pricing. This can't be a free service but the charges can be indirectly obtained through different ways.

Thursday, August 5, 2010

network related project concepts

Some of the ideas I've thought may be some people already done, but need to do literature survey on these areas:
1) Application issue identification based on network analysis.
Since i'm working in an ISP sometime really hard to figure out the application issues that affected by network interaction. such as packet loss , throughput , mtu , jitter etc ... analyzing the packet using wireshark or other tools sometimes won't reveal important factors. ( May be i don't know how to use this tool :) ) .
initial search yields some commercial tools ....

2) Data management for Network Management data.
This is related to my previous post. Data capturing and logging almost standardized but how we are analyzing and how to take action mostly depend on the requirement on hand. Based on the requirements there can be different ideas.
* Mal-ware , bot control traffic etc .. signature extraction
* CRM integration
* Network event identification
* Digital Forensic analysis
* etc...

Saturday, July 31, 2010

Network Monitoring Databases

I was quite unhappy regarding the space & processing power that require to store and process the network traffic data into general database. As well as the efficiency when handling the network flow. For an example in an ISP the data generated from Netflow is a significant amount that varies with the number of flow eg:Million flows per hour. Netflow considered De facto standard for network accounting / billing and now anomaly detection schemes. Therefore the general database structures not an efficient for processing large network traces. Therefore i was checking relevant projects in the academic world but AT&T Industry have come up with the project called Gigascope(Still i couldn't get the source code :) ). But similar product i found interesting CoMo Project. This area of researches are follows the "Network Data Streaming" Database structure.
Lets explore it "http://como.sourceforge.net/publications.php" :)

Saturday, May 29, 2010

Mikrotik IPSec Performance Study

Sample network is implemented with similar devices and the Internet connection simulated via Lan connectivity. Two end hosts provide the transfer and reviver functionality.

Network Setup.

The test environment designed as explained in the diagram 1.0.

Test Setup Figure 1.0

End Host Configuration- Table 1.0

End Point 1

End point 2

Microsoft windows XP Professional SP3

CPU count 2

1.87 GB RAM 3.00GHz

100Mbps Realtek RTL8139/810x Family Fast Ethernet NIC

Microsoft windows XP Professional SP3

CPU count 1

1.47GB RAM 3.06GHz

100Mbps Realtek RTL8139 Family PCI Fast Ethernet NIC


Router Configuration - Table 1.1

Router 1

Speed

264 MHz

264 MHz

Memory

30MB RAM

30MB RAM

HD

128 MB

64 MB

RouterOS 3.30

RouterOS 3.20

Workload:

Hashing algorithm parameter is fixed to SHA and changed the encryption algorithm. Default CPU load without the traffic is stays around 2% from both routers. Traffic generated through iperf for the sample traffic.


Protocol

Cipher

Packet Size

Hash

Maximum Bandwidth Trial 1

TX Kbits/

RX Kbits

Maximum Bandwidth Trial 2

TX Kbits/

RX Kbits

Maximum Bandwidth Trial 3

TX Kbits/

RX Kbits

Maximum Bandwidth Trial 4

TX Kbits/

RX Kbits

AVG

TX Kbits/

RX Kbits

1.

TCP*

--

64

--

5.70/5.37

5.32/5.54

5.17/5.37

5.43/5.67

5.405/5.487

2.

TCP

DES

64

SHA

616/598

809/784

611/626

801/790

709/700

3.

TCP

3DES

64

SHA

616/ 594

601/537

802/769

638/614

664/628

4.

TCP

AES-128

64

SHA

795/868

615/639

788/806

821/807

755/780

5.

TCP

AES-192

64

SHA

613/628

803/769

602/627

768/816

697/710

6.

TCP

AES-256

64

SHA

541/577

784/753

632/645

778/826

684/700

7.

TCP*

--

96

--

6.15/5.97

6.02/ 6.21

6.03/6.29

6.29/6.55

6.122/6.225

8.

TCP

DES

96

SHA

724/716

839/771

716/724

813/ 775

773/747

9.

TCP

3DES

96

SHA

837/771

740/729

829/788

826/788

808/769

10.

TCP

AES-128

96

SHA

846/ 795

730/743

754/737

800/ 870

782/786

11.

TCP

AES-192

96

SHA

856/803

716/712

798/855

721/723

773/773

12.

TCP

AES-256

96

SHA

738/725

853/789

742/729

782/843

779/771

13.

TCP*

--

1536

--

10.4/8.43

8.85/9.90

8.37/10.4

9.06/9.71

9.17/9.61

14.

TCP

DES

1536

SHA

863/867

860/873

861/867

836/895

855/875

15.

TCP

3DES

1536

SHA

954/817

875/881

881/885

876/881

904/866

16.

TCP

AES-128

1536

SHA

894/ 898

898/909

897/901

828/968

879/919

17.

TCP

AES-192

1536

SHA

822/962

883/894

888/894

885/889

869/910

18.

TCP

AES-256

1536

SHA

883/889

821/955

876/888

879/882

865/903

* Bandwidth measured in Mbps.

Automatic FTP upload when content changed in folder - perl script

This was rudimentary script needed to edit more, but found interesting .


#! perl -slw
use strict;
use Win32::ChangeNotify;
use threads;
#monitoring path.
my $path = 'c:\folder';

my $notify = Win32::ChangeNotify->new( $path, 0, 'FILE_NAME' );

my %last;
@last{ glob $path . '\*' } = ();

my $count = 0;
while( 1 ) {
next
unless $notify->wait( 10_000 ); # Check every 10 seconds
$notify->reset;
print $/, 'Something changed';
my @files = glob $path . '\*';
if( @files> scalar keys %last ) {
my %temp;
@temp{ @files } = ();
delete @temp{ keys %last };
#print for keys %temp;
my $k;
my $v;
while ( ($k,$v) = each %temp ) {
my $thr1 = threads->create(\&load, $k,$count);
}
}
else {
print "A non-deletion or creation change occured";
}
undef %last;
@last{ @files } = ();
$count = $count +1;
}

sub load {
my ($file,$count) = @_;
if(fileSize($file))
{
ftp__command_generator($file,$count);
}

}
#check the file is still copying
sub fileSize {
my($filename,$count) = @_;
while(1)
{
my $value;
$value = open(FILEx,$filename);
if ($value)
{
close(FILEx);
return 1;
}
else
{
sleep(10);
}
}
}

sub ftp__command_generator {
my($Changed_file,$count) = @_;
my $outfile = "file$count.dat";
open (FILE2,">$outfile");
print (FILE2 "user USERNAME");
print (FILE2 "PASSWORD");
print (FILE2 "bin");
print (FILE2 "put \"$Changed_file\"");
print (FILE2 "quit");
close(FILE2);
system("ftp -n -s:$outfile 192.168.0.1");
}

Saturday, April 3, 2010

Mikrotik Backup through perl script

I don't know how many people are still using telnet but suppose if you are using this will help. Script uses export command to take the backup and save it. I thought better to share it. I'll check the ssh variation and upload when possible.


#Date - 31st April 2010
#Gobinath
#To retrive the backup from the mikrotik router.
#!/usr/bin/perl
use Net::Telnet;
use POSIX ;

#Input
# routerlist contains ipaddress and name that save the backupfile seprated by tab # used for comments.
#Backup Path.
$path = "/mikrotik/backups";
#router List
$filename = "routerlist.txt";

#Mikrotik Username Password +ct used to remove the color codes
@username_list = ('admin+ct','admin');
@password_list = ('######','######');
#Read the router List
open (FILE,$filename) ;

#Time Stamp.
my $datestamp = strftime("%Y%m%d",localtime);
chomp($datestamp);



sub retriver {
undef @output ;
my($username, $pass,$hostname) = @_;
$telnet = new Net::Telnet ( Timeout,5, Errmode=>'return');
$telnet->binmode(0);
$telnet->open($hostname);
$telnet->login($username,$pass);
$msg = $telnet->errmsg;
if ($msg =~ /ogin failed/ )
{
$output[0] = "failed";
return @output;
}
else
{
#Retrive the export .
$telnet->waitfor('/] >/i');
@output = $telnet->cmd('/export');
return @output;
}
}


while ()
{
if (lcfirst $_ != '#')
{
undef @output ;
my($hostname,$filename)= split('\t', $_);
chomp($filename);
my $count = 0;
foreach(@username_list)
{

my $username = $_;
my $pass = $password_list[$count];
@output = &retriver($username,$pass,$hostname);
if ( $output[0] !~ /failed/ )
{

$filepath = $path."/".$filename."_".$datestamp.".txt";
open(OUT,">$filepath");
print OUT @output;
last;
}
$count = $count +1;
}
}
}

close(FILE);


issue noted with mikrotik version 3.0 and related OS. still couldn't fix the problem.