SIX Tips Every Peer Should Know

A gaggle of Seattle network operators converged in one room last week, for the annual Seattle Internet Exchange (SIX) members meeting. As a janitor and board director, I was already preparing a handout, so I used the back side for six SIX tips.

---

• How TCP sliding windows and the bandwidth*delay product works

Given the desired throughput of a TCP connection and its round-trip time, the bandwidth*delay product is the minimum TCP window size that each endpoint (host) must support in order to transfer at that throughput.

Trying to saturate a 100 Mbps cross-country MPLS VPN with a single HTTP transfer?

BDP = bandwidth * RTT

100 Mb/sec * 70 ms = 12,500,000 bytes/sec * 0.070 sec = 875,000 bytes

Each endpoint’s OS TCP window size must be at least 875 KB, or it will be the bottleneck.

---

• Enlightenment through iperf

iperf beautifully solves two problems. First, how to generate a fixed amount of traffic and measure packet loss at that rate. “Send 30 Mbps of UDP to this IP, regardless of TCP congestion control, packet loss, or anything else.” Second, how to simulate a TCP flow given different parameters (bitate, window size).

---

• See whole packet payload, not just headers, with tcpdump

Most folks have used tcpdump to show packet headers. Even handier for diagnosing protocol-related problems is to print the full payload. To disable reverse DNS lookups, sniff eth0, print the payload, and sample whole packet:

tcpdump -n -i eth0 -X -s 0

---

• Find a LAN IP’s port without tracing cables

Get the MAC address. Using another system or router on the same segment, generate traffic to the IP in question. First, get its MAC:

arp -a or show arp

Then find the MAC. In IOS:

show mac-address-table address 00ff.dead.beef

---

• 5 minute samples are almost meaningless for many traffic profiles

While measuring usage counters every 5 minutes works wonderfully for calculating total traffic passed, in many cases it leads to wildly inaccurate throughput estimates. 5 minute averages round off most useful granularity; when a circuit’s 5 minute average usage is over 50%, it may already be the bottleneck for on microsecond granularity, depending on number of endpoints, traffic profile, serialization time, and other characteristics. Try polling 1 device on a 1 minute or 30 second sample.

---

• Filtering ICMP is not a security requirement, and in fact doesn’t improve security.

It’s just really annoying. If you must filter, allow the types required for basic operation, like TTL Exceeded and Host/Port Unreachable.

April 28th, 2008 / Tags: networks, seattle / ‡ / +

Open-Source Public School Assignment Algorithms

Background

• The school assignment program runs on a 1979-era VAX that will cost $2MM+ to replace (“‘Dinosaur’ computer stalls Seattle schools plans”)
• Every Seattleite has heard a horror story about 45 minute busing caused by the School Assignment Process
• Parents sued the district to eliminate race as a tie-breaker, eventually winning in a US Supreme Court decision

In short, there’s nothing to lose.

Minor modifications for readability:

Date: Tue, 26 Feb 2008 09:42:36 -0800
To: schoolboard@seattleschools.org

Hi,

I read today’s article in the Times about SSD’s aging VAX, and it brought up a novel idea. There’s been considerable work in the voting world to create “Open Source” [1] software. That field wants to:

• increase transparency
• improve the underlying process
• reduce fears of (and controversy from) tainted results
• share knowledge with interested parties
• engage outside (and otherwise-adversarial) entities
• try new systems, technologies, ideas (without paying for it)
• decrease or share burden of maintenance costs
• not appear insular

Why not open source the school selection software? What could that do?

• position SSD as a thoughtful, extremely well-intentioned leader
• reduce fears and questions by pointing to the “real McCoy”
• collaborate with other districts on selection strategy and implementation
• let outsiders take a stab at improving it, or simply playing with different results
• shine more smart eyes on the problem
• let other districts see what a large district does, and maybe roll their own criteria into it

There’s nothing proprietary about school selection; on the contrary, just like voting, the goal is the best, most transparent, most practical result above all else.

It would put SSD at the forefront of school selection, not to mention technology and execution savvy.

Others have done this for similar reasons, with similar results: * Netscape/AOL, in open-sourcing Firefox (now in use by 15-20% of Internet users) * Netflix, in opening their movie selection algorithms (and creating a prize for improving them - http://en.wikipedia.org/wiki/Netflix_Prize)

This is also happening all over the education field:

FlexBooks, open source textbooks; dozens of industry luminaries create best-of-breed textbooks.

Moodle, open source curriculum/course management in use at over 35,000 sites to teach 14,000,0000 students.

MIT OpenCourseWare, exactly what it sounds like: MIT’s courses, online, free.

The list goes on. Most of the same reasons and benefits apply to an open-source school selection application and algorithms.

[1]: what is open source? Software programs whose “source code” is available for review, analysis, use, or modification as other interested parties see fit.

March 6th, 2008 / Tags: open source, education, seattle / ‡ / +