The Packet University

Path MTU discovery is an often misunderstood aspect of networking.  As we begin to really tighten the security of our networks, we must understand this process in order leave the network fully functional.  Additionally, we may often come upon a situation where a network seems to work, but there are issues accessing a site.  In any case, the Path MTU Discovery process is important to understand.

Server virtualization has became commonplace over the past couple of years.  Many organizations started out using VMWare and other virtualization products in lab environments and for utility type servers and workstations.   Many virtual server deployments were implemented for internal web servers, ftp servers and other light use servers.   As confidence increased in these deployments, more mainstream and business critical applications have made their way into the virtual environment.  Since this is a progression over time, many organizations have not really considered the security ramifications of this shift in paradigm. 

I originally started building this PacketCast to discuss Path MTU discovery and the implications surrounding not allowing certain types of ICMP traffic to flow freely through a network.  I quickly realized that I needed to break the discussion into separate parts and decided to start with a discussion of what IP MTU is. 

The Packet University is now providing two RSS feeds.  These feeds can be located on the main front page of the web site in the left column of the site.  The first feed is an RSS feed for Podcatching clients.  ITunes users can also click on the ITunes image to automatically launch the ITunes store with our PacketCast series selected.  All other podcasters can use the RSS feed found directly below the ITunes image.

We will continue to maintain the Blog feed which contains the show notes pages for the PacketCasts as well as anything else we choose to discuss.  

Ten or twelve years ago, a company with a firewall was likely ahead of the curve.   During the early era of the internet, most companies were concerned more with getting connected than the security ramifications of it.  Companies used simple NAT devices or Proxies running sometimes on vulnerable operating systems.  Ironically during this era,  exploitation of vulnerabilities was less widespread and even less publicized. 

We are very excited to inform you that our first PacketCast is going live.  The topic of this discussion is routing loops and the IP Time to Live field.  In this talk we build a lab of three routers and forcefully inject network loops.  We look at different ways to detect routing loops, even in the case that we don’t have access to the network or network equipment in which the packets are looping.