The Men & Mice Blog

Greg Fazekas

Recent Posts

Lessons from Gartner IOCS: business priorities define technology

Posted by Greg Fazekas on 11/28/19 8:47 AM

Gartner IOCS was a great event. Not only did the Men&Mice team connect with decision-makers and business leaders, but we’ve also got to teach them a few things about IP infrastructure management and why it’s critically important. To further emphasize that thought, Men&Mice CEO Magnús Björnsson gave a talk on compound network management.

Men&Mice CEO Magnús Björnsson at Gartner IOCS 2019 in London

The talk was very well received, and the conference as a whole validated what we’ve been working on and representing. It’s evident that the best way for businesses to gain back control of their priorities and opportunities is to de-couple management from ecosystems in their IT.

Business priorities define technology; not the other way around

It’s clear, from both our experience in working with some of the largest companies in the world and talking to people at Gartner IOCS, that business leaders are hamstrung by technology.

The reason for this predicament is that IT, and network management in particular, has been centered around ecosystems. IT was designed for static and homogeneous environments. As a result, the management tools are bound to the philosophies of their backend. But in the business world, and in today's IT landscape, resources are highly dynamic and heterogeneous.

For network management to start making business sense again, it has to switch that mindset to focus on objectives instead — starting at the IP infrastructure level.

IP infrastructure: the nerve center of the business

Networks are akin to the nervous system in the human body. They link and transport information between source and destination. Connect data and decision.

IP infrastructure (consisting of DNS, DHCP, and IP address management) is the component that ensures orchestration between networks. Without parts of your networks, you can still function by routing around problems. But if the IP infrastructure goes down, there’s nothing to route with.

And that’s just about all that we think business leaders should be expected to understand about network management.

The “Route 52” problem

It’s called Route 53 and is the DNS service for Amazon Web Services. But you needn’t know that.

Maybe your company is moving from on-premise infrastructure to take advantage of cloud platforms. Or just completed a merger, and now have to integrate the new assets into your existing infrastructure. And you’re left with systems that are incompatible, networks that are overlapping, and every IT manager arguing for their respective networks, citing mutually exclusive benefits.

In short: you’re expected to be the arbiter of a problem not within your domain.

Yes, it is an asset to know the technology. But it shouldn’t be an obstacle not to. Business leaders need to make decisions that make business sense.

Compound network management

What makes business sense is to make decisions and move resources at will and based on how they can be utilized the best. What doesn’t make business sense is to make decisions and move resources only when allowed and based on factors you do not understand fully. (And nor should you be expected to.)

The reality of today’s corporate networks is that they are no longer confined to "local". Whether "local" means a geographic point or a single cloud platform, boundaries of a local infrastructure no longer exist for networks. It doesn’t make sense to manage them like they still did.

Compound network management de-couples the control plane from the underlying hardware and software. It enables business priorities to drive decisions. Unshackle them from limitations of the hardware and software ecosystems.

Lessons from Gartner IOCS

The lesson from Gartner IOCS is that unlocking the potential in compound network management is one of the most, if not the most, urgent issues facing enterprise networks. And it’s been a pleasure to see both our theory and practice in resolving it resonating with people.

Men&Mice is in the business of creating solutions for compound network management. We design natively heterogeneous management tools for heterogeneous network environments.

The Men&Mice Suite

We’ve seen companies struggle with cloud adoption because their systems were incompatible. We’ve been sought out to create order in an overgrowth of home-grown workarounds that kept together disparate network environments haphazardly. We’ve worked on unlocking the full value of the Internet-of-Things by removing the overhead throwing off efficiency.

Whether you caught us at Gartner IOCS or just found us online, we can help you on your way as well.

REACH OUT TO US TO LEARN HOW

Topics: Gartner IOCS

Men&Mice at Gartner IOCS: making network management business-compatible

Posted by Greg Fazekas on 11/21/19 9:05 AM

Meet Men&Mice at Gartner IOCS 2019 at Booth PL5!

Men&Mice will be visiting the Gartner IT Infrastructure, Operations & Cloud Strategies Conference next week, 25–26 November, in London. We’re always excited to attend events, and we’re particularly excited to meet the business side of network management through Gartner.

One key issue is people often forgetting that IT is not siloed. Networks are the mission-critical component. It’s good to be reminded just how real the business ramifications of bad network management are.

The other is the emerging realization for high-level business executives that, in the long run, it’s the technology vendors who reap the profit of innovation. We’ll be at Gartner IOCS to show them: they can (and should!) also get a generous slice of that pie.

Network management that makes business sense

Our CEO Magnús Björnsson will give a talk on Tuesday about what we came to call compound networks. It’s a term we like because it’s inclusive. It’s on-premise and hybrid cloud and multicloud and everything in-between and beyond.

De-coupling the control plane of network management from the underlying hardware and software infrastructure is the most critical task of today. Network management tools designed for local, homogeneous environments (even if 'local' means a single cloud platform) simply cannot handle the global, heterogeneous reality of today’s IT landscape.

And, for business leaders, they no longer make business sense. IT, and networks in particular, grew out of the confines of “local” — why does network management cling to the idea still?

Businesses shouldn’t have to keep re-investing in their networks

Businesses are expected to sync with a snapshot of the technology landscape, while the real value from new technologies is a moving target. In the end, technology will always win because it propels forward along an exponential curve.

This mindset of thinking that management is tied to the underlying technology has to be broken.

Separating management from its backend gives control back to whom it belongs: decision-makers. No longer shackled by exorbitant upfront costs or hidden operating expenses, business units become free to steer the company toward business priorities.

Meet Men&Mice at Gartner IOCS

Magnús will hold his talk on Tuesday, 26 November at 9:30am. He'll underline the importance of companies once again guided by business priorities instead of IT limitations, and illustrate how to get out of vendor-lock and create scalable network management paradigms.

Throughout the event our team will be at Booth PL5: stop by! You’ll be able to learn more about how we ensure that control remains with you while also unlocking the full potential of your networks.

Topics: network management, Gartner IOCS

Staying the path: lessons from Microsoft Ignite 2019

Posted by Greg Fazekas on 11/14/19 8:55 AM

Ah, Microsoft Ignite. Good times have been had, but also important lessons were learned.

Anyone who attends trade shows like Ignite can tell you: the long hours and dizzying pace of conversations yield results. Not only in terms of sales leads, which are always welcome, but also in getting a pulse reading for the industry.

ignite2019-2

We’re doing the right thing…

Of course we believe we’re on the right track, otherwise we wouldn’t be on it. But it’s an incomparable feeling to be validated by both customers (who are very happy with using the Men&Mice Suite) and visitors (who were impressed by our demo).

The landscape of networks and IP infrastructure management is changing. It used to be that you had to keep up with the latest hardware and software trends. Buy the next server; upgrade to the next version. However, increasingly it seems today’s (and tomorrow’s) task is keeping up with change itself.

Men&Mice has been building its products around that task for decades. And people are recognizing and appreciating it more and more.

… but there’s room to improve

When change is your only constant, it goes without saying that work is never done. As much as we pride ourselves on our ability for predicting change instead of catching up with it, we’re always looking for feedback.

Every trade show we visit offers plenty of opportunities to learn what ails the people running networks. We listen to people asking for support for a particular hardware or software and see an incredible yearn for automation. And we're glad to be able to tell them 'yes.'

The Men&Mice Suite has been supporting a multitude of different platforms — including our competitors! — and we’re constantly working on adding more. And our fully featured REST and SOAP APIs always get people excited: “Are we really able to do all that with a single API layer?Yes!

Onward!

All in all: with a new release of the Men&Mice Suite just around the corner, Microsoft Ignite was a great opportunity for self-reflection.

We have an awesome product, positioned right, and a growing and loyal customer base. Improvements are implemented consistently, and based on the feedback we’re focusing on the right things.

We’ll attend one more event in 2019, the Gartner IT Infrastructure, Operations & Cloud Strategies Conference in London. Our CEO Magnús Björnsson will speak about network management in this hybrid and multicloud world, and how it changes the need for DevOps, automation, and changing the way we see networks.

After that? 2020. We feel good about what’s coming next year.

Topics: DDI, IPAM, DNS, DHCP, Microsoft Ignite

Men&Mice and Azure

Posted by Greg Fazekas on 11/5/19 8:54 AM

The Men&Mice Team at Microsoft Ignite 2019

We’ve talked about Microsoft and Azure many times. Men&Mice takes pride for its deep-running synergy with the Microsoft ecosystem. The Men&Mice Suite was the first IPAM solution to fully integrate with Active Directory (AD), and now it is the only Microsoft-preferred solution for DNS, DHCP, and IPAM (DDI, or IP infrastructure management) on the Azure Marketplace.

Our team is at Microsoft Ignite to meet customers, present and prospective, and talk about how to make Azure work better with Men&Mice.

Why Azure?

For those already deeply reliant on Microsoft software (but also for those who aren’t) Azure offers convenient workflows and an array of resources in its Marketplace. Its global infrastructure backed by Microsoft. More and more Fortune 100-500-1000 companies, education and research institutions, and governmental municipalities (to name just a few) are discovering the value Azure brings to the table.

Scaling and migrating your on-prem Microsoft-based corporate network to Azure is not only beneficial on many levels but also simple with the Men&Mice Suite.

Deploying Men&Mice on Azure

Making the move to a cloud platform such as Azure has a reputation for being complex, expensive, and cumbersome. Capitalizing on the cloud is a priority for enterprises challenged by infrastructure sprawl, segmented projects, and mergers & acquisitions, but implementation is often hindered.

Men&Mice can alleviate those issues and create a straightforward path to cloud migration.

As an overlay solution deployed non-destructively, the Men&Mice Suite doesn’t restructure existing network infrastructure but facilitates communication between platforms. By treating all network resources, regardless of location, as equals, the Men&Mice Suite opens opportunities for migration at whatever pace is comfortable for the business.

How to make the most of Azure with Men&Mice?

Azure provides resilience, scaling, and security, and Men&Mice brings options to resolve obstacles in the forms of migration costs, lack of compatibility between services, and loss of control.

The native Azure Marketplace integration and support for features like Active Directory across multicloud and on-prem resources mean customers can freely move between platforms as needed.

The Men & Mice Suite allows:

  • bulk migration and import into Azure DNS
  • workflow extensions,
  • audit trails and tracking changes,
  • granular, role-based access and delegation,
  • support for multiple subscriptions,
  • use of unified APIs to manage all network data, wherever its kept.

Moving to the cloud made easy

Cloud networking, whether single, hybrid, or multi-cloud, is undoubtedly a sensible business decision. Increased service levels, improved network security, and overall uptime of critical network resources serve as validation.

Men&Mice is devoted to helping customers simplify IP infrastructure management and embrace (multi)cloud networking. Visit us at Booth #807 at Microsoft Ignite, download the Men&Mice Suite from the Azure Marketplace, or reach out to us to learn how we can help you.

The Men&Mice team at Microsoft Ignite 2019

 

Topics: Microsoft Ignite, Azure DNS, azure, Microsoft Azure

Men&Mice @ MS Ignite 2019

Posted by Greg Fazekas on 10/29/19 2:00 PM

Why come and meet us at MS Ignite? Let’s list a few reasons.

We’re recognized Microsoft experts

MS Ignite with its particular bend of focus is like home away from home for us.

Not only have we been recognized for a prestigious award here in Iceland, but in 2019 we've also won the Microsoft Partner Award for Infrastructure Innovation.

Men&Mice turns 30 next year, and from the very beginning we’ve been embedded deeply in Microsoft’s ecosystem. We were the first to offer comprehensive support for Windows Server 2016 (including zone scope and DNS policies) and Azure DNS.

After decades of working with Microsoft, we intend continuing our exceptional compatibility with their software and services. Including “one-click install” on Azure.

Yes, you can try the Men&Mice Suite directly from the Azure Marketplace

It literally takes 5 minutes to set it up.

Evaluate it for free, and see how it can help you optimize and drastically cut down deployment and management time to minutes rather than hours.

Whether you deploy it before MS Ignite and come with questions, or would like to learn more before trying it out, we’ll be happy to answer your questions.

The Men&Mice Suite is valuable for Azure and Windows 2016 environments

The Men&Mice Suite's architecture is designed to intuitively integrate with whatever infrastructure you have or want to have. Whether a pure Microsoft infrastructure environment or utilizing multi-vendor, multi-platform networks.

Thanks to our efforts customers can take advantage of the Men&Mice Suite to gain:

  • Visibility over all DDI operations across on-prem and single, hybrid, and multicloud environments.
  • Audit trails across all changes to DNS, DHCP, and IPAM.
    Granular, role-based access to objects residing with MS servers, services, and cloud subscriptions.
  • Easy and automated migration of data from server to server, or between on-prem and cloud.
  • Reliable and widely compatible APIs to automate and manage all your DDI operations and data.
  • Monitoring of data integrity and usage, such as DHCP scope and subnet utilization.

You can BYOAD (Bring Your Own Active Directory)

Moving from on-prem to cloud or deploying a multi-cloud strategy is not always easy. Existing deep investments in services like AD can prove prohibitive.

The Men&Mice Suite was the first IPAM solution to fully integrate with MS AD, and it keeps boasting exceptional Active Directory synergy into the age of cloud.

  • Synchronization ensures real-time system integrity, allowing and propagating changes through both the Men&Mice Suite or Active Directory.
  • Role-based granular access (both for users and groups), tracking, and auditing fortifies security and boosts administrative efficiency. Users can be authenticated through Active Directory (AD) and use single sign-on (SSO) to access Men&Mice Suite.
  • Global overview and administration of Sites and Subnets directly through the Men&Mice Suite.

Our booth experts at MS Ignite will be happy to assist you in how to preserve your existing AD setup.

You can make it easy to migrate to Azure DNS from another provider

If you’re on AWS or some other cloud service, but visiting MS Ignite to explore Azure, we’re the right people to talk to.

The most appealing features in the Men&Mice Suite for enterprise organizations looking to transition to Azure and Azure DNS from another provider are:

  • Cloud-native integration.
  • Bulk migration or import of DNS zones into Azure DNS.
  • Workflow extensions to automatically tag zones during the migration phase for indicating migration status.
  • Tracking changes, delegating access, and seeing all zones across multiple subscriptions, and managing data through APIs after migration.

We’ll have cool stuff and would love to meet you!

We’ll be at Booth 807 where you can talk to us about DDI and industry insights, get a demo from our experts, and score some sweet Icelandic swag. (Quite literally: our chocolate is second to none.)

To make sure you don’t have to wait in line, click here to schedule a meeting ahead of time.

Topics: Microsoft Ignite, hybrid cloud, Azure DNS, azure, multi-cloud, windows 2016

Change is our constant; innovation is our tradition

Posted by Greg Fazekas on 10/25/19 7:47 AM

This week Men&Mice received a prestigious award, recognized for our accomplishments in innovation.

That doesn’t happen often to the likes of us. We’re nearly 30 years old.

Except it’s the perfect way to describe who we are.

Change is everyone’s constant

As network connectivity became a commodity, pressure grew on our customers managing those networks. Hunger for IP addresses has never been stronger. And companies need DNS and DHCP to manage and support them.

Change is all over the IP infrastructure landscape, and businesses have to rethink their network strategies.

That’s where we come in.

Innovation is our tradition

“Nothing endures but change.” (Heraclitus)

There’s good reason we chose this quote to display on our home page. Our job at Men&Mice is, and always has been, to anticipate changes and solve challenges for businesses.

But we are responsible for enabling change. We do not force it. We position ourselves to be ready when our customers arrive at an inflection point. We did it when they moved from on-prem to multi-prem, from local to cloud, and now from cloud to multi-cloud.

And we’re working to make the next change as smooth as it can be.

(Digital) transformation is (y)our future

Benefit and cost always balance themselves out.

Digital transformation, be it migrating from on-prem to hybrid or multi-cloud or enabling IoT and BYOD practices within the company, come with clear benefits but often muddled and runaway costs. Men&Mice helps companies see and manage those costs as clearly as the resulting benefits are.

The Men&Mice Suite allows for transparency and optimization over any network at any scale. But as an overlay solution Men&Mice doesn’t change the way you run your network: we change the way you see it. No mandatory (and expensive) appliances. No required architecture. We want to make sure you have the freedom to run your networks from wherever you, or they, are.

With this award under our belt and the long-standing mandate to innovate, we invite you to try the Men&Mice Suite for free.

Men & Mice Suite Free TrialBecause being recognized is a great thing, but we have a job to do: changing the way you see your networks.

 

Topics: Men & Mice Suite, DDI, Men & Mice

IPv6 cheat-sheet, part 3: IPv6 multicast

Posted by Greg Fazekas on 10/18/19 8:56 AM

3_IPv6-cheat-sheet

Now that we’ve familiarized ourselves with the IPv6 header and the IPv6 address space, let’s take a look at multicast.

Unicast, anycast, multicast

IPv6 packets can be sent, depending on the intended purpose, in a variety of ways:

  • unicast: used for 1-to-1 communication; it sends the packet to a specific node. (Certain unicast addresses within the IPv6 address space are reserved. See the previous post for details.)
  • anycast: used for 1-to-1-of-many communication; it sends the packet to multiple nodes but only intended to the closest on its route.
  • multicast: used for 1-to-many communication; it sends the packet to multiple nodes.

We’re not covering anycast in detail at this moment, but we can — do let us know if that’s something of interest to you!

IPv6 multicast

IPv6 multicast works by nodes* joining multicast groups by sending Multicast Listener Discovery (MLD) report messages.

(*Little terminology from IETF: node is an interface enabled for IPv6. Router is any node that forwards IPv6 packets that are not expressly addressed to it. Host is any node that’s not a router.)

Multicast groups aren’t constrained by local or global (network) geography. Whether the host is on the local network or on the internet, as long as it’s signaling to join a multicast group, it can receive multicast packets sent to that group.

Any host can be a sender, whether it’s part of the multicast group or not. Only hosts part of the multicast group are receivers. Hosts can join or leave multicast groups dynamically at any time.

IPv6 multicast addresses: FF00::/8

All IPv6 multicast addresses share the prefix of FF00::/8.

  • The first octet is FF (1111 1111). This way you can tell at a glance if an IPv6 address is intended for multicast or not.
  • The second octet defines:
    • the lifetime (0 for permanent multicast; 1 for temporary)
    • and scope (1 for node, 2 for link, 5 for site, 8 for organization, and E for global scope).

The multicast address ends with the interface ID.

Well-known IPv6 multicast addresses

Many IPv6 multicast addresses are well-known to software implementing IPv6, to simplify common routing needs.

ff02::1

all nodes

ff02::2

all routers

ff02::5

all OSPF (Open Shortest Path First) routers

ff02::6

all OSPF DRs (OSPF Designated Routers)

ff02::9

all RIP (Routing Information Protocol) routers

ff02::a

all EIGRP (Enhanced Interior Gateway Routing Protocol) routers

ff02::d

all PIM (Protocol Independent Multicast) routers

ff02::f 

UPNP (Universal Plug and Play) devices

ff02::11

all homenet nodes

ff02::12

VRRP (Virtual Router Redundancy Protocol)

ff02::16

all MLDv2-capable routers

ff02::1a

all RPL (Routing Protocol for Low-Power and Lossy Networks) routers (used in Internet of Things (IoT) devices)

ff02::fb

multicast DNS IPv6

ff02::101

network time (NTP)

ff02::1:2

all DHCP agents

ff02::1:3

LLMNR (Link-Local Multicast Name Resolution)

ff02:0:0:0:0:1:ff00::/104

solicited node address

ff02:0:0:0:0:1-2:ff00::/104

node information query

ff05::1:3

all DHCP server (site)

ff05::101

all NTP server (site)

(Did we or did we not promise a veritable smorgasbord of acronyms?)

More IPv6 coming up!

Next time we’ll be taking a look at IPv4-IPv6 tunneling and the particularities of migrating from IPv4 to IPv6.

After that, we have one last post to cover the remaining sections on our cheat-sheet, including useful Linux commands.

As always, do let us know if there’s a particular part of IPv6 (whether covered in here or not) you’d like to know more about!

Topics: IPv6, IPAM, IP address management

IPv6 cheat-sheet, part 2: the IPv6 address space

Posted by Greg Fazekas on 10/11/19 8:52 AM

2_IPv6-cheat-sheet

Now that we know how an IPv6 packet header looks, let’s take a look at where it goes.

A word (or 2^128) on IP addresses

One of the primary advantages of IPv6 is that its address space is vastly larger than IPv4.

IPv4 has about 4 billion addresses available (mathematically, the practical limit is of course lower) and we’re running out of them, fast. Granted, who would’ve thought back in the day that people would want to assign IP addresses to their toasters. (And even if they didn't, 4 billion addresses don't even cover one device per human being on the planet right now by a long shot.)

IPv6, on the other hand, has a mathematical limit of 2^128 IP addresses. That’s a lot. To be exact, it’s 340,282,366,920,938,463,463,374,607,431,768,211,456 (340 undecillion, 282 decillion, 366 nonillion, 920 octillion, 938 septillion, 463 sextillion, 463 quintillion, 374 quadrillion, 607 trillion, 431 billion, 768 million, 211 thousand and 456.

Say that four times fast!)

To put that into perspective: if you took all the atoms on the surface of Earth, you could assign about a hundred(!) IPv6 addresses to each(!).

Okay, it’s a lot. Is there a point to this math trivia?

Yes!

The IPv6 address pool is impossibly large. Even with the reservations and practical limits, it’s mind-blowingly huge. And smart people at IETF came up with some navigation shortcuts to help our brains cope with managing it, as well as reserving a bunch for specific purposes.

Let’s have a look at those.

Common & reserved prefixes in IPv6 addresses

Because of the huge amount of possible IPv6 addresses, and since the format of IPv6 is 16 hexadecimal values (grouped in eight 16-bit groups) instead of IPv4’s more simple 4 decimal groups, developers of the standard came up with ways to shorten them.

One way is to use ‘::’ when a 16-bit group is all zeroes. Note that when there are multiple groups with zeroes, only the first group will get shorthanded to ‘::’. (Reason for this is the need for shortened IPv6 addresses to be reproduced in their full forms.)

Another useful “trick” is the reservation of special structures for specific purposes:

::/0 default route  
::/128 unspecified address All 128 bits are set to zero. (Like 0.0.0.0 in IPv4.) Used only when a device is first looking for an IP address assignment.
::1/128 loopback address Equivalent to 127.0.0.1 in IPv4. When set as a destination the packet will get immediately routed back to its source and never exits the host. Loopback is useful for testing.
::ffff:0:0/96 IPv4-mapped address Used to help the deployment of IPv6. The last 32 bits contain the IPv4 address, with FFFF (following 5 groups of zeroes) in the preceding group.
2001:1::1/128 port-control-protocol anycast Using this will route the packet to the closest device for address translation. (Such as NAT64 or NAT44.)
2001:1::2/128 Traversal Using Relays around NAT (TURN) anycast The IPv6 address block for use with TURN (a protocol allowing host behind NAT to receive data over TCP or UDP). Known as 192.0.0.10/32 in IPv4.
2001:db8::/32 documentation prefix Used to indicate resources such as RFCs, documentation, books, etc.
2620:4f:8000::/48 AS112 DNS sinkhole servers Used in environments where private IP addresses (ie, not globally unique) may originate DNS reverse lookups to these addresses. While best practices dictate to resolve these queries locally, sometimes they are directed at public DNS, which cannot answer the queries. To resolve this issue, and relieve pressure on the authoritative servers, the AS112 project was created, and this reservation ensures its compatibility with IPv6.
fc00::/7 Unique-Local Addresses (ULA) Prefix to local IPv6 unicast addresses generated with a pseudo-random global ID.
fe80::/10 link-local unicast Equivalent to the 169.254.0.0/16 block in IPv4. Used when the host doesn’t have an IPv6 address assigned either manually or through DHCP.
fec0::/10 site-local addresses (deprecated)

While not an exhaustive list by far, it covers the most often used cases.

More IPv6 coming up!

For sake of simplicity, we’ve split this topic into two parts. The second part, common multicast IPv6 addresses, will be out next week. (And if you thought there were too many acronyms in this one, you’re in for a surprise!)

After that, we have one last post to cover the remaining sections on our cheat-sheet, including IPv4-IPv6 tunneling, and covering useful Linux commands.

In the meantime, let us know if there’s a particular part of IPv6 you’d like to know more about!

 

Topics: IPv6, IPAM, IP address management

IPv6 cheat-sheet, part 1: the IPv6 header & EUI-64

Posted by Greg Fazekas on 10/4/19 9:59 AM

IPv6 is increasingly not an option but a fact of life. We’ve talked about it a lot (and some more and more) but this time we don’t want to discuss the merits or pitfalls of IPv6.

Instead, let’s take a closer look at the IPv6 protocol itself. 

We’ll use our famed IPv6 cheat-sheet (also available as a lens cleaner — visit us at events to score one) as a guide, and examine each section in depth.

Let’s start with, just like an IPv6 packet does, the header.

The IPv6 header

When discussing the IPv6 header it’s inevitable to compare it to what came before:

(Image credit: Wikipedia.)

This is of course the IPv4 header. It’s smaller in size: IPv4 uses 32 bit binary numbers whereas IPv6 uses 128-bit binary numbers. Size matters not, however. Or at least matters less.

IPv6 headers are much less complex:

The IPv6 header is more streamlined: it contains 8 fields, compared to IPv4’s 14 fields.

  • version: 4 bits long, and corresponds to IPv4’s field of the same name. It indicates the receiver the IP version to expect. In case of IPv6 that is of course 6, making this field’s binary value 0110.
  • traffic class: 8 bits long, and replaces IPv4’s ‘type of service’ field. The first 6 bits contain the differentiated services (DiffServ) designation of the packet, and is called differentiated services code point (DSCP). DSCP classifies the type of traffic carried by the packet for quality of service (QoS) purposes. For example, streaming media like video and audio on a conference call can enjoy lower latency than non-critical traffic, such as web browsing. The last two bits are for optional explicit congestion notifications (ECN). ECN can be used to signal congestion on the network by marking it in the IPv6 header. (Instead of dropping packets.)
  • flow label: 20 bits long, and new to IPv6. Useful for real-time applications, it signals the receiving node (routers or switches) to keep packets on the same path as to prevent them from being reordered.
  • payload length: 16-bits long. Contains the size of the payload in octets (remember those?) and can include extension headers. (Extensions headers replace the ‘options’ field known from IPv4.) It’s set to zero when the packet carries a jumbo payload.
  • next header: 8-bits long. It shares its function (and values) with IPv4’s ‘protocol’ field, and as the name suggests specifies the type of the next header.
  • hop limit: 8-bits long, formerly known in IPv4 as ‘time-to-live’. Decremented by one passing each node, and the packet is discarded when the value of hop limit reaches zero.
  • source address: 128 bits long, same function as in IPv4. Contains the IPv6 address of the node originally sending the packet.
  • destination address: 128 bits long, same function as in IPv4. Contains the IPv6 address of the destination node for which the packet is intended.

MAC to EUI-64 conversion

Extended Unique Identifier (EUI-64, because it’s 64-bits long) is a new method with which IPv6 hosts can be automatically configured in DHCP. The conversion is needed because hardware MAC addresses are 48-bits long.

This process is done in three steps:

  1. First the 48-bit MAC address needs to be separated into two 24-bit parts: C0:A1:B2:C3:D4:E5 becomes C0:A1:B2 C3:D4:E5.
  2. Then insert FF:FE between them, making it C0:A1:B2:FF:FE:C3:D4:E5.
  3. Lastly, invert the 7th bit: convert the first byte (C0 in this case) to binary (resulting in 11000000), check the 7th bit (0) and flip it (to 1) and translate it back to hexadecimal (binary 11000010 becomes C2).

The final EUI-64 version of the MAC address C0:A1:B2:C3:D4:E5 thus becomes C0:A1:B2:FF:FE:C3:D4:E5.

More IPv6 coming up!

In the next blog post we’ll continue the examination and explanation of the Men&Mice IPv6 cheat-sheet, and take a good look at the IPv6 address space and the things you can do with it.

In the meantime, let us know if there’s a particular part of it you’d like to know more about!

Topics: IPv6, IPAM

How to explain Network Management to relatives and friends over the holiday (GIFs)

Posted by Greg Fazekas on 4/18/19 8:15 AM

 

Life isn’t always easy for network managers and architects. The C-suite is constantly demanding more efficiency and smoother operations, at low cost. Your colleagues are asking for more user-friendly policies and services. And you have to keep up with an ever-changing landscape of technology (infrastructure sprawl) and its ripples into your domain. (Pun absolutely intended.) Uptime and security are everything. Then, you constantly have to explain to people what you actually do for a living.

Over the holiday weekend, there’s a good chance, in addition to being asked to fix someone’s computer, phone or tablet, you’ll be asked “what is it you do again?”

How do you illustrate what you do? Maybe it’d be a lot easier to explain being a fireman, astronaut, or brain surgeon? We've pulled together some helpful GIFs to make this conversation more efficient. 

 

 

via GIPHY

Enter Ralph Breaks the Internet. (holiday movie idea!)

If ever there was an indicator that networking has permeated our everyday lives it’s an animated family movie centered around it. Some concepts are so fundamental to modern life that we aren’t even consciously thinking about them anymore.

ICYMI: Released in the fall of 2018, Ralph Breaks the Internet provided the subtext and pop culture references we all needed, while depicting basically your everyday.

 

 

via GIPHY

From the moment Ralph and Vanellope slide down the wire, to the hilarious popup advertisers and the wonderfully subtle depiction of DNS —  most every aspect of your job comes to life in a tangible, easy-to-explain-to-relatives way, every aspect of the complexities of networking in a network-driven world.

 

via GIPHY

DNS isn’t specifically named in the movie, but there are plenty of references. Knowsmore, although depicted as a search engine, certainly has his business rooted (see what we did there?) in being a DNS server of sorts. For instance, when Vanellope and Ralph decide to go to Ebay, they were automatically routed to their destination.

Ralph Also Teaches us DDoS

But if you had to showcase just one thing about your work, it could be how you have to prevent DDoS attacks against your company’s network — essentially how you have to be the hero against a million or billion Ralphs.

Explaining DNS to anyone, particularly to people not in networking (and let’s face it, even some people IN networking don’t really get DNS), is easier when you can point to the colorful transport GIFs from an animated movie. Grasping the concept of a botnet or a crippling DDoS attack is more memorable when it’s an ever-replicating bunch of clones of a funny character like Ralph. And you do get malware by clicking unscrupulous links.

tumblr_pgyjbw4Wy01s40634o6_540

via 'Disney' on Blogberth

DDoS is essentially the towering Ralphzilla of mindless objects with a single goal. Exploiting vulnerabilities in web servers, they overwhelm the system with a repeated, single query. Not only is this meant to disrupt user experience, more sinister objectives may be in play, such as bringing down firewalls.

We’ve talked a lot on this blog about DNS education. Education for both professionals — training, if you will — and for everyone, in order to understand new technologies and challenges affecting our businesses. Knowing why and how insecure networks are a liability and how important it is to defend against malicious attacks that can wreck the internet is useful for everyone.

The movie exaggerates concepts to either serve the plot or get a laugh. But the foundation for showcasing how networks and the internet work (or occasionally don’t work) is solid.

tumblr_p9ta2xlRol1tfb0neo2_540

via 'Disney' on Blogberth

Come this holiday (provided you don’t have to work because of some real-world Ralph threatening your company’s network) sit down at the family dinner, armed with GIFs and your favorite streaming service, to explain what you do and why.

And since it is a holiday weekend, here's a blog about all of the Ralph Breaks the Internet Easter Eggs. 

Image credits:Not a Real Company Productions and Disney via Giphy and Blogberth

Topics: DDoS, Disney

Why follow Men & Mice?

The Men & Mice blog publishes educational, informational, as well as product-related material for everyone and anyone interested in IP Address Management, DNS, DHCP, IPv6, DNSSEC and more.

Subscribe to Email Updates

Recent Posts

Posts by Topic

see all