Monday, April 18, 2016

Interop Las Vegas 2016 - May 2-6 - Advanced IPv6 Design and Deployment in a Microsoft Enterprise Network

As a speaker, I get to pass out some discount codes for Interop. 25% off the site cost for the 5, 3 or 2 day passes so nothing to sneeze at in terms of savings. Many thanks to the Interop folks for doing that. No restriction on the discount code best I know (so pass it out to friends and colleagues) except it has to be used by Friday, April 29th.

This year at Interop I will be presenting on "Advanced IPv6 Design and Deployment in a Microsoft Enterprise Network" and the focus is really about what does and doesn't work. It is a practical, in person, update of Chapter 3 of my book Practical IPv6 for Windows Administrators from Apress. The goal is to pass along some of the lessons learned and updates on some IPv6 behavior, specifically around the Microsoft Windows OS.

Last year I did a full 3 hour IPv6 workshop on IPv6 that covered a wider range of IPv6 concerns. This year, I wanted to focus on IPv6 issues that would impact Enterprise, Commerical, and Small Businesses who run Microsoft Windows in their environment. We can detour a bit talking about Virtualization (VMware and Hyper-V) depending on what the audience wants to cover.

I'm really looking forward to seeing many friends, colleagues and fellow speakers in Las Vegas next month for Interop and I encourage you to join me. I consider Interop to be one of the shining stars of independent conferences that gets great content, excellent independent speakers and really has an impact on the industry and value for the attendees. If you are attending, please let me know via twitter, perhaps we can meet in person at some point during the event.

Finally, if you attend my session you have a chance to win a signed copy of my book. I will give out two copies after my session is over. I encourage you to also attend some of the other IPv6 content that will be presented at Interop. Hope to see you there!
- Ed

Monday, February 08, 2016

TechMentor Las Vegas 2016 - March 6-11 - IPv6 Workshop

As a speaker, I can extend $500 savings on the 5-day package. Just use the link above to get that deal. Sort of cool that TechMentor does that.

I'm excited to be presenting a 3 hour pre-conference workshop at TechMentor Las Vegas this year. It is on IPv6 and is designed to get an experienced IT professional up and running on IPv6 quickly. It is titled: TM06 Workshop: IPv6 Boot Camp: Get Up to Speed Quickly

The workshop is extra, above and beyond the regular TechMentor conference but trust me, I will make the session worth your time and investment. Plus, the list of other speakers is pretty impressive, check out who else will be presenting. I am going to sneak in to see Don Jones, Greg Shields, Jennelle Crothers, Jason Helmick, Jeff Hicks, Richard Hicks, Sami Laiho, Mark Minasi - oh wait, those are more sessions than I can fit on my schedule! You get the idea.

If you need to understand the dos and don't around IPv6, what could derail you, what problems you might face, how IPv6 is operationally different and how to go about troubleshooting, this workshop is for you. You will walk away with a 60 page workbook and the slides in addition to the actual session content. I will be bringing 3 signed copies of my book to give away too, why not!

This workshop covers content I don't explicitly have in my book or in the Pluralsight course I have authored. It really is lessons learned from deploying and working with customers. So come learn how to avoid some of the painful things I have lived through in deploying IPv6 so you can get your project off the ground faster and with fewer issues. I look forward to seeing you there.

TechMentor will also be having a private social event on Monday evening (the day of the workshops) and I would love to hang out and talk IPv6. I've always been impressed with the great interaction of TechMentor attendees so I am looking forward to hearing some stories and perhaps sharing one or two myself!
- Ed

Monday, November 30, 2015

Data Field Day Roundtable - telemetry and the impact on understanding data

I was finally able to participate in another Tech Field Day event recently, specifically Data Field Day Roundtable, and wanted to put down some thoughts on what I found interesting about it. As many folks are aware, participation in Tech Field Day isn't an endorsement of any company or product. Yes, these companies do pay to participate but for me the benefits of the event are around hearing from interesting colleagues and businesses doing innovative stuff in the market. I do encourage industry friends and colleague to watch what is put out by Stephen and crew as I really do feel it has a lot of value. Enough babble, let's jump into the one presentation that live in person at the event wasn't super engaging but after consideration merited another watch on video and some comments.

One of the challenges with lots of data is actually figuring out how to collect and process it. At huge scale the presentation that was given by Matthew Johnson with Netflix will scratch that itch for folk. Clearly designing and building systems for something as large and distributed as Netflix is complex, you just don't realize how complex until someone walks you through some of the math involved. It is an interesting presentation and worth a watch.

I found the presentation given later in the day by Phillip Liu from SignalFx to be thought provoking and this is the presentation I am referring to about being worth a second look. At first I didn't understand what SignalFx was actually providing that was different than what Splunk or DataDog might be doing. It wasn't until later in the presentation that I figured out what they had done. The online presentation is a very different experience then being there in person believe it or not. Phillip speaks very softly so most of the participants in the room really couldn't hear him well. This all changes with the video because he wore a mic for the streaming and video recording. I didn't get the light bulb moment until 41 minutes into a 54 minute presentation. Yes, I am that dim. You can hear me catch on at about 42:19 in the video.

Here in the video jumping in a little bit before I figure that out.

In summary, SignalFx is providing math (function) as a service! You can do a variety of functional equations on data points as they are streaming into the product. This allows you to do all sort of interesting things with the data in real time that in the past you had to run large data reports on to produce. Even more impressive is that anyone with basic math skills can use the tool or leverage what SignalFx is providing out of the box with integration with other major platforms. What was really interesting is that Cisco did a demo after that showing their IOS XR routing platform being able to stream data and have SignalFx do something with that data. This effort was possible because of Cisco's work with OpenConfig. Anees Shaikh with Google also presented talking about the efforts to standardize network management and monitoring. It builds out the foundation for why this new software first world is changing what is happening in networking so profoundly.

I'm glad I was able to finally make another Tech Field Day event and I think this was a great one to be involved with as it is an area of professional interest.
- Ed

Thursday, October 08, 2015

IPv6 site local addresses - why are those still around?

There have been more than a few occasions that site local addresses (which was deprecated by RFC 3879 way back in 2004) have been brought up to me lately, specifically around a feature that Windows has had for a very long time. This feature is the automatic use of three well know site local DNS name server entries if no IPv6 name server is provided to an interface. The three IPv6 addresses are:
You can see these in use on interfaces on the Windows client or server machine, especially for interfaces you might not be aware of on a given host. For instance, you might have ISATAP tunnel interfaces or a Bluetooth interface that display these. You can check using the following PowerShell:
PS C:\> Get-DnsClientServerAddress | ft

That will display all the client DNS server information for all the interfaces on a given Windows host. From that you will see something like:
InterfaceAlias               Interface Address ServerAddresses                                                                                                          
                             Index     Family                                                                                                                           
--------------               --------- ------- ---------------                                                                                                          
Local Area Connection 2             24 IPv4    {}                                                                                                                       
Local Area Connection 2             24 IPv6    {fec0:0:0:ffff::1, fec0:0:0:ffff::2, fec0:0:0:ffff::3}                                                                   

isatap.{7901A47F-5E03-43A...        39 IPv4    {}                                                                                                                       
isatap.{7901A47F-5E03-43A...        39 IPv6    {fec0:0:0:ffff::1, fec0:0:0:ffff::2, fec0:0:0:ffff::3}                                                                                                                                                                                          Bluetooth Network Connection         6 IPv4 {}                                                                                                                       
Bluetooth Network Connection         6 IPv6    {fec0:0:0:ffff::1, fec0:0:0:ffff::2, fec0:0:0:ffff::3} 


There have been expressed some concerns about this being a vector of exploit because if someone sets up a DNS service on those IPv6 address space they could potentially lie to your host because you will use that as the preferred DNS resolver. This actually isn't the case and it has to do with the prefix policy table. So lets look at some more details.

One of the reason there is no concern around the misuse of site local to exploit a system is due to how the classification of site local is handled in the prefix policy table. You can view the local prefix policy table with the following PowerShell:
PS C:\> Get-NetPrefixPolicy

And the output is:
Prefix                                                       Precedence      Label
------                                                       ----------      -----
3ffe::/16                                                             1         12
fec0::/10                                                             1         11
::/96                                                                 1          3
fc00::/7                                                              3         13
2001::/32                                                             5          5
2002::/16                                                            30          2
::ffff:0:0/96                                                        35          4
::/0                                                                 40          1
::1/128                                                              50          0

The precedence of 1 means it is the least preferred, the same as the former 6bone network of 3ffe::/16 for instance which is no longer in use. The important thing to notice is that ::ffff:0:0/96 has a higher precedence based off the recommendations in RFC 6724. This means that IPv4 traffic and therefore DNS name resolver selection is preferred over site local. So if you have no IPv6 DNS server information even if you did have a site local DNS name server you would not use it if an IPv4 DNS name server option was available. This is the only use case that you might have an issue because if you are using any IPv6 and publishing an IPv6 DNS name resolver then you will prefer that IPv6 DNS name resolver right away. So the only use case where you might potentially use site local is if you actually assign a host an site local address. It makes no sense to do that at all but that is the one case where you might have a problem. So, the simple conclusion is...
Don't use site local, which is obvious, since it was depricated way back in 2004.

Hope this helps to address some concerns around this.
- Ed

Wednesday, September 30, 2015

ARIN IPv4 run out on RunAs Radio, time for IPv6! - Show 440

Super happy to have done another RunAs Radio show with Richard Campbell. We chat about what just happened with ARIN and the IPv4 run out. We cover a wide area of topics but it is hard to stay focused when chatting with a person as diverse and knowledgable as Richard!
Check out the show!
- Ed