 at ccmixter.org and welcome to MMT MMP number 25 star gazing in the moonlight I'm your host Cara square and I am thrilled to be here with you today I have an awesome show we're gonna start up pretty upbeat and poppy and rocky then we're gonna go into some 70s feeling songs which will take us into some smooth jazz and then some sexy rmb then we're gonna end the show with some more mellow music a little uh orchestral action some dark electro and then this beautiful electro journey so without further ado let's hear some awesome tunes we're gonna start with just beginning by covert keys featuring snowflake this is an edm type song electronic dance music that'll take us into a rocking hip-hop song called super rich by alex feroza featuring hawns adam and faded millions that one was an ed pick that will take us into some funky pop by scomber called stargazer featuring my vanilla world and we'll end this set with another song featuring my vanilla world called empty lines by psychedelic pedestrian that one is some really dynamic euro pop and so here goes enjoy hey hey i hope you enjoy that last set this one's going to start with bounce by bento box featuring slow starter it's a 70s feeling british pop song which will lead us into another 70s feeling song this one's a bluesy american folk song called house of the rising sun by unreal dm featuring javelinas which will take us right into magma vander smooth jazz remix of siggy burns called see the wilderness the vocals are beautiful and it's got a just a really nice feel there and we'll end with an ed pick called baby cum smiley face it doesn't say smiley face but there's a smiley face by love shadow featuring jeres 15 7 6 episode 42 it's 21st january 2017 streaming directly from singapore it's rebuild live all right this time on we will live we'll be chatting about computer network infrastructure with rahul yay welcome to episode 42 of we build live i'm your host saini and on sunboard is chin may uh oh it's episode 42 42 yeah you know like this is the episode that answers this is the episode which is the answer of all things in life right and rahul is gonna try to answer yes so rahul is going to give us the answer to life and universe and everything what i guess to have to this episode 42 rahul and how do we meet rahul chin we met him in n us hackers national university of singapore they have a hacker student group and at that time he was a student there and we met him there and from there on rahul has gone on to deal a dabble a lot with network and infrastructure and security and that's why we decided to bring him on board and discuss all those that's true so rahul why don't you introduce yourself pretty much everything that needs doing in some weird way or another at overseas family school i stuff i build a bunch do a whole bunch of automation things and i dabble a little bit right so we will get more into what rahul does but in the meantime chin may you have a gift for rahul yep yep i do um so as is tradition at the beginning of the show we we welcome our guests with uh so called malphite query uh and rahul your malphite query for today is what kind of network does a hobbit have what kind of network does a hobbit have a talcan ring network get it talcan ring talcan oh my dear our talking the guy who yeah i know the author of lord of the rings yes and talcan ring oh my gosh oh and like c connectors and awesomeness yes all right so there goes the morning Saturday morning i hope you're all awake and welcome to the audience in the live chat as well so if you are listening to us and you if you have questions for rahul we will answer them live during the show it's a gitter dot im slash we build sg slash live or you can just hit the website at live dot we will dot sg and start chatting with the audience there start trolling rahul i mean start asking questions to we should i shouldn't actually encourage trolling say that's not okay fine we should not be nice people yes we are nice all right so let's get on to the topic of the day which is computer network infrastructure so rahul you have set up a lot of infrastructure for offices network infrastructure so if you're put in charge of setting up one what are some of the first few steps you will take well the absolute first step is figuring out now this is not so politically correct the same but you need to figure out how much political hey rahul before you start sorry could you bring your microphone closer you you seem to be moderately thinking it out or maybe add a couple of devi's of gain something i will add a little bit of gain all right bring your mouth closed or yeah just come closer to the microphone because you seem to be getting in and out of the microphone zone right how about now yes yes sounds better okay brilliant so first thing you need to find out is how much political capital you have because it's a very common thing when someone goes i'm gonna set up the most awesome network here and the entire office just goes why we just want the internet to work but then they don't realize that you need to spend money to get the internet to work right so you know you're gonna have to do the whole chat with management thing but as you mean you've managed to do all that very first thing you need to do is figure out your requirements how many users are going are you gonna have both wired and wireless i mean it's very rare for people to plug in their computers these days because no one really uses desktops quite as much but you definitely are gonna have things like printers bloody bloody blah and take it from me the more wired devices you have the better your life is going to be wireless is just you know you'd figure that by 2017 and what was it for revisions of wi-fi standards people would have figured out some way to have better debugging wi-fi just has absolutely terrible metrics in terms of a lot of things so stick whatever you can on ethernet and then you're gonna have a bunch of users on wi-fi at which point you need to do a bunch of things one plan out based on your area that you need to cover should you be perhaps getting a bunch of small access points if you have people in a bunch of small rooms or should you get something like a zero array that has eight radios ten radios all the way up to any radios and so what are these are like really big access points that have dedicated radios for different user it's not so much dedicated radio per user but you have a bunch of radios and what they do is each radio typically if you're running five gigahertz might run on a different channel sometimes all right so it's per channel different radios kind of stuff yeah and the idea is that if you have too many people associating with one channel these days you have fancy things you can do and hand them off to the other radio okay so you basically can serve a few thousand people from just what what looks like one single access point in reality it's a cluster of them that works better if you have like single large areas if you have a whole bunch of small areas it's a lot better to just get smaller cheap access points a lot of them around right okay so that's requirements wise you need to know how many users you're going to have what your where your users are going to be that's also very important um how spread out they are how close to you need to know about the physical location like you need to know the physical layout you need to know the layout of the location of the people within your physical layout because as we all know with wi-fi walls are bad right but walls are also amazing if you're using aero 211 ac on five gigahertz because then you can reasonably say this access point serves this room right that's it okay so you won't accidentally because it's it's also both ways right if you if you are getting an access point too far out then where you're supposed to get it's actually a problem yeah something that a lot of people do is they buy an access point and they go hey i can control the power of this i'm going to set everything to maximum no bad don't do this okay what you want to do is design your cell size such that people are it on their closest access point with us you want some overlap because you don't want a dead zone but you don't want too much of an overlap right ideally if you can engineer overlap to be through a wall that would be perfect because then you get a lovely little drop off over there right okay and then with ac i guess because of the is it because the channel widths why are walls oh it's mostly because you can do beamforming oh if you have a whole bunch of reflection which is nice okay i'm looking forward to 802 1180 with 60 gigahertz won't even go through a piece of paper thing that'll be hard that'll be fun great so let's say you have already set up the infrastructure and everything is done and the team is running and well are there some common things you monitor on a daily basis yeah there's two general categories i see well actually three uh the most important is can your users actually connect and get whatever they need to do connect okay that's uh you know that's just a general metric of like are people yelling at you that something's broken usually shouldn't be the case in any office any properly set up but the two general categories of things that you want to monitor i guess would be performance stats and security okay and uh it's it's something where um some people like to say oh performance is you know good enough nobody really cares anymore but then some people uh go uh security is the most important thing of performance is the most important thing but this is an entire argument all over the internet perpetually and there's also user access you know UX versus security is another big thing um but when it comes to things like wi-fi one nice way of doing it uh is to have like a trusted network and an untrusted network a lot of people are starting to do these even at home these days which is kind of nice you have like an untrusted network your guests connect to and then you have your network so with performance stats things you want to know in a big network it generally would include uh what is the peak traffic on a board because if you have a gigabit backbone and one of your ports is hitting that full gigabit you might want to consider adding a second port and aggregating it and okay and then um the other thing you want to track is things like port errors because in the case of my office when we built out the new campus there was something like six or eight thousand ethernet links whoa wow that's a lot um it's basically it's a lot of ethernet links um we're talking like a few hundred forty eight port switches almost 200 wow that's a lot of switches it's a lot of switches it's a lot of ports and uh the one thing is when you put that many cables in it doesn't matter how much you know how good your contract is you will still have port errors that's a normal thing yep so you want to track these errors and then 90 of the time it's going to be a bad cable okay so you just make a log of these and you fix it i'm guessing if you have any that many ports you have at least that many cables or even more so yeah you know having one bad cable among multitudes of thousands is probably kind of regular yeah i mean even if you have like the most awesome setup you will have bad cabling you just need to go back and fix it at some point yeah the other thing is talking about performance metrics it's very easy to get performance metrics on managed switches because they just give you everything over SNMP okay SNMP is a simple management protocol technically it can be used for management as well but most people don't really do that they use it as a read-only stats thing okay wifi on the other hand even if you're using enterprise gear you don't really get that much visibility into what's going on um but you know you just like the one thing is definitely get enterprise gear if you're on a budget get ubiquity or something like that it's like 200 dollars and 80 yep it's pretty affordable um i mean you can even get like 100 dollar ones if you don't need to cover a large area okay and and and and these will give you some kind of metrics some kind of they'll tell you fairly useful things like if you have one person eating up your entire wifi bandwidth in a room you know who it is and whether they should or should not be doing it like if they're torrenting something and at work they shouldn't be doing right things like that the other thing about performance is your edge is very important because generally you don't really have much of a throughput problem within your building or your campus or your network you will have problems at the edge because i mean internet's not exactly that cheap on a business line right for like 300 uh megabits you're going to be paying a decent amount already so you want to have some sort of qos it's pretty much mandatory the qos is quality of service yeah and the the nice the more modern quality of service mechanisms uh there's dscp which i can't remember the full form for but i'm sure it was dscp dscp okay um that basically tags it's it's like a new version of the ip qos that we had 10 20 years ago so different which basically says um for example void traffic like we have right now and mumble would be classified as early forward which is this is a very small bandwidth connection but send these packets through as quick as you can right and then you have bulk transfers this is based on protocols yeah this is based on the ip this is on the ip layer okay and whatever sends it will have to tag it okay so what so in this case for example if i my computer has to tag it or how does it work mumble would be tagging it okay in general mumble might actually be automatically tagging it i haven't actually tested okay but um if you're using asterisk or any big void systems for like phones they definitely tag it for you right right so they'll tag it and then your switches will basically your switches will priority to your switches will not because your switches earlier too okay they only see ethernet frames right there's ethernet qos as well which you can use okay um but they wouldn't be seeing the dscp the ip qos tags that would be up to your routers okay so your routers will see that and then forward that quick yeah so in the other category of things you look through the security one you just want to have like monitor monitor monitor monitor everything but how do you how do you make sense of the data because i mean for for like a large installation you have i don't know thousands thousands of thousands of net connections at any given time so a lot of things that i like to do is basically have one place that hoovers up all your logs across your entire network okay and then you have a white listing or gray listing system so like these are lines that i expect to see all the time it's perfectly normal you can drop them i don't even want to see them okay and then you have things like these are lines where if it happens say with like this many times in this many minutes i don't want to see it but if it goes above that threshold now that's a problem i want to see it yeah are these are these things that are like are these well known systems are well known it's unique to every campus okay it's unique to every campus because everyone's traffic patterns are different like if you're running you have to learn as you sort of work yeah you'll basically have to roll it out get bombarded with logs for a day or two and that will let you figure out what's going on okay but it's pretty easy to like very quickly remove all the use the boom boom boom i know these are supposed to be their things if you're working in like a software engineering firm guaranteed you're gonna have a whole bunch of ssh connections out to aws right and uh you generally know uh what sort of connections these are going to be and you can just be like ah yeah this is expected it's fine if you see a bunch of open vpn you're like hmm should i be having this maybe should i not be having this right okay cool so i think at this point of time i think it's a perfect time to ask what are some of the tools you use to get the job done whether it's setting up the infrastructure or even monitoring so a lot of things that i use is very old school old school cool yeah very old school cool very old school uh so for like network intelligence is a whole bunch of things we use a bunch of open source projects i am a big fan of iSinger at work we use Nagios which is a it's it's a monitoring solution that's very good at telling you is something up is it down is it in a flapping state things like that i is on my disk filling the other thing we use a lot of is cacti which gives you cute little graphs for everything from cpu usage network utilization to number of clients connected to this web service right right okay okay there's a whole bunch of bespoke things that are built with the logs and the s and mp information coming in from switches what about like the s and mp stuff do you do you do you crawl that yourself or do you have tools to do that um it depends on what we're pulling so both Nagios and cacti pull s and mp data they do different things with it okay cacti for example we're pulling things like the traffic on every port okay so if something maxes out we can see that it's maxed out right um but there are things that we crawl ourselves using either the logs coming in from the switches or s and mp things like i now have a database if you give me an ip address or a mac address i can tell you exactly where on campus that is right now right okay that's very handy because yeah and for wifi it's like down to a room level oh nice because i guess because i guess with that kind of a size you know just figuring out where something physically something something is coming from is really hard yeah and you know sometimes you get a loop in your network i mean stp spanning tree protocol will prevent any craziness from happening but you still have a loop on your network and you still want to get rid of it right in this case you know you can just be like oh right i know it's between these two ports on this one switch over in that room somewhere then someone to fix it do you do like or do you use tools or do you like manually draw out network architecture diagrams you know what's going to get to what and you know how it's supposed to flow because i can imagine this like even before you deploy like that kind of planning could be extremely critical yeah and we spent almost an entire year planning out our network the one thing i would recommend pretty much everyone does these days is to not do a traditional network that's like layer two everywhere okay back in the old days you just put a bunch of switches hook them up to a giant cisco box you know in the basement you spend like 300 000 dollars or something on one of these and sure that was one way of doing it but now you've got a lot of ethernet running down right the approach that i strongly prefer is something where you aggregate early and aggregate often okay so in our case we have a square building which makes it trivial because we just call it four wings right the wings aggregate and the wings aggregate at the floor okay and that's about the extent of the layer two network every floor is a separate layer two network right so so there's basically one router at every floor and everywhere yeah and then there's one there's one router at every floor the wings are just switches okay right and what this lets us do is between this and i think the four months that ivan and i sat down coming up with ways to name every network thing on campus right now given a name i can tell you exactly where something right so it's everything's encoded in the dns name because dns is inherently hierarchical right okay so you're using dns internally as well so you can directly talk to things using dns instead of having to remember ip addresses of all sorts of things yeah we have a you know a few thousand dns entries that are just local and internal only yeah yeah makes sense i mean i mean if you think about it that's exactly why dns was invented right but yeah more for a global scale but you know once you start looking at infrastructures that are that big you want to start using these kind of tools and this is so basic there's something that you know even your browsers and you know every single tool in the world kind of knows how to use so yeah raul in terms of tools do you script up anything if you do what there's a lot of scripts um yep so it depends on a bunch of things um if we need to build something that is going to run long term and collect data do something with it process it shove it somewhere these days we've started using go for it go just because go gives you you know a single static binary you stick it somewhere you run it you know it's not going to go insane generally interesting so you just use a compile it and just use the binary yeah okay now if it's something that um isn't running all the time it's a cron job or it's a one-off or something like that or something that runs very rarely that tends to be written in python most of the time okay hello um so let's see can you hear us can you hear us guys under the network it seems hello oh no network hello come back network really seems fine now okay strange for a second i had i had no issues hello can you guys hear us okay Mike can hear us oh well Sean's having network problems because the four little packets are traveling halfway around the world i guess the packets that that were traveling were really unhappy about us talking about more packets yes they're jealous i think we had jealous packets problems all right okay um so that's cool um let's talk about graphing and graphing these logs like do you use any graphing library or graphing framework pretty much everything that is graphed in this case uh usually at in like the office case for me everything goes into cacti which uses rd tool internally to do all the graphing sorry what was that again your voice drop thought uh cacti okay cacti uses rrd tool underneath oh i know this thing rd tool is another very old school yeah it's super old i remember um back in the day remember during the hazes um there was this guy somewhere in pungal or whatever who was um like monitoring his own haze stuff and he was using rd tool to graph it that's super old school but for like my own info i have a bit of grafana going around i used to use influx db as my data store but influx db started getting a bit um unreliable isn't is not the right word for it it didn't eat my data but it's not a very easy thing to maintain just because most distros don't ship it by default influx db that's interesting it's a time series database it's a time series database it's really good for things where you just you have a massive flow of events and you want uh based on timestamps yeah yeah i have just started exploring it due to iot stuff because there's also like sensor data coming up okay okay right uh so let's talk about challenges then like what are those challenges that you deal with uh network infrastructure on a daily basis um challenges generally involve one of the two categories of things uh that i mentioned earlier for monitoring that's pretty much the two categories of challenges sometimes you get strange things like why uh why are people from this i random ip address i don't recognize trying to ssh into my switches so that's like it's a you always get these weird drive by attacks um especially in the case where you have available guest networks available to people who you know visit and stuff so when you mean by drive by attacks that means people try to get in try to do something naughty and go out no no i'm saying the people walking around devices that they don't realize are doing these attacks oh okay so you just you know you you'll just see like a random malware or people like probably malware of some sort because uh reliably i found that um whenever such a thing happens it tends to attack its gateway instead of trying to attack like anything else right but then uh the fun thing is it tries this and then it gets an ssh version mismatch or something like that right and then it fails and it shows up in the logs okay i mean it's if it succeeded it would still show up in my logs but sure sure so i guess logging all these things is or setting up logs for all of these things is also uh turning them on in fact at all of these levels yeah um on a big on even on a small network but definitely on a big network your only tool is intelligence right want intelligence you want visibility so do you guys have uh like a network room what is it called knock right network operations center yes do you have that but if you think about any room where there's one person sitting down who does networking things is a knock by definition with a few lcd screens and charts uh no um i'm not a big fan of uh pool-based stats or pool-based alerts i don't want a screen to go red when something goes wrong i want to get a push alert when something goes wrong all right because if you if you just have like screens up there you just get used to them at some point yeah you get a sort of like he sends ties to it because you know you just have like yeah but that one cell has always read who cares about it right you don't want to have that sort of situation that's true that's true yeah i've read this uh mindset in design theory as well they say that you have to be very careful of what notifications you send to users yeah otherwise they'll get desensitized it's uh it's a lot like um how in uh in hyphen i think they have the whole explicit's better than implicit the same way i always go right no no that's not what i was thinking in python you have this thing where exceptions are supposed to be exceptional don't use them for flow control right okay right uh ignore the flow control because it's not really applicable here but exceptions in real life and in networks and in anything have to be exceptional right you can't just have like here's a screen that was always green and it slightly turns right that is like nobody cares about that what i want is like a ping an alert something on my phone something on my watch these days since we have smartwatches that's an amazing way of getting right uh high and that's only when something is really in trouble not because you know oh i am at 50 capacity yeah exactly you don't want things like hey i'm at like 48 battery you don't want notifications on that you don't want notifications on things like hey so your colleague just ssh to this machine that he already had access to yeah but if you all if you have like you know a bunch of failed ssh's again you don't actually want notifications of that unless that it goes above some threshold right right because if you have these drive-by attacks like i was talking about earlier you don't want to get pinged for everyone yeah then you get desensitized again that's not an emergency an emergency is when you have uh say some guy trying to send 35 000 spam messages from your mail service right that you want notifications of okay so then do you do you have to customize all these uh notification scripts or whatever you use to send yourself yeah absolutely because the the thresholds are a very very very organization yeah yeah i would you only send 300 males a day sending like even 500 might be like a minor case of what's going on yeah but it's it's kind of similar for us where a single account usually doesn't send out more than you know a couple hundred males a day right so if it hits a thousand we get an alert on that and actually if you hit a thousand it also kills that and stops you from sending more mail but that means that when you send emails to uh you do send bulk emails to like parents or something you have to like take these down for a while uh for that one account so it's very event-based and organization-specific yeah it is there is no way you can have a one stop uh this automatic number is everything people are gonna be all like hey you know we can use machine learning and like do this and that and as someone uh like i can tell you one thing there is a reason ops people are traditionally very very conservative with this stuff it's because as a dev you can patch and fix something uh when you're running ops patching and fixing things usually involves spending yeah and that's usually something that you know i mean software patches is generally very cheap hardware patches usually very expensive yeah it's also like uh if there have been vulnerabilities in switches before and upgrading switch firmware means downtime for that switch right which means downtime for every switch that has that switch as an upstream yeah so there is no way to have like a zero downtime upgrade unless you have massively over-respect your switches right so so do you do you have uh backup switches for this kind of things or we run spare inventory yes for when things die but for things like upgrades i just take a weekend and go these two floors are going down right okay so you i mean because you're running in a in an organization where weekends are off i guess you have that that capability of sticking yeah in most organizations if you're running things like for client devices you can generally pull up something like this right but if you have a data center i can tell you like data center switches you shed you'll like one day a year when you can upgrade it right if you miss that if you miss that window that's it like next year you have to wait another year yeah and especially this is really interesting with the light of all the random stuff that's happening these days where people are finding all sorts of vulnerabilities in switches uh online and and you know there's a whole thing about upgrades and you know not being able to upgrade and i think that's really interesting that you know if data centers they do once a year that's really scary yeah you know how they say it right that most secure code is code that's not written yeah but these days everyone's shoving more and more and more smarts into devices and that just means more and more vulnerabilities yeah i wouldn't be surprised if someone can do as my watch i'm pretty sure that's gonna happen at some point cue someone writing that app right now all right so we have just one more question for rahul but before that live audience if you have questions or thoughts for rahul please put them in getter.im slash rebuild sg slash live and we will ask rahul after this segment so rahul for the last bit of things how do you keep learning new things about network infrastructure so considering most people listening are more on the dev side and less on the dev ops or even the operation side the easiest way for you to get more info initially is going to be hack and use every time there's something new and exciting it turns up on hack and use yeah there's also r slash sysadmin and r slash net sec okay net sec okay these are very handy r slash sysadmin unfortunately is not something that you'd want to follow it something you want to wait this is reddit is it yeah reddit slash r slash okay because the problem with r slash sysadmin it's it's 90 percent windows people talking about like domain controllers and honestly that doesn't really factor into our world okay the other very useful source for things is nano nano the north american network operators group they have a mailing list you know you just subscribe to that mailing list you do get some noise in there every now and then but then it's not that bad okay you get that's where you go for like you know for example uh oh hey this isp you start with advertising youtube to the rest of the world uh you might want to block them and you get like advanced orders of things like this it doesn't really affect you because you know the average person has two or three isp's that you know are in the chain between tier one and them so you don't really have to deal with that very often but just in case anyway nano gives one source the other one is just read read read read read because a lot of it is just hey i didn't know this rfc existed for example rfc yes what about books uh rahul uh i have not found a good networking book yeah i was recommended uh so or rather so i've been trying to learn about networking and uh i have like two books one is interconnections by radio problem i think it's really old but i was told that this is kind of the fundamentals and the second one is by andrew s tannenbaum right yes tannenbaum yes uh he wrote operating systems and i also found a book by him about networking so if you want to get into the fundamentals maybe leads to books really really fundamental stuff and when he said old book uh that's one very important thing too often people discount something just because it's old especially protocols and they come up with a new fangled way of doing things i mean here's an example uh we had this thing in the 1980s called resource location protocol i think okay the idea was uh you connect yourself to a network and you auto discover printers and ssh things does this sound familiar yes like for sure yes so this rlp was reinvented as slp with some with some changes right and then slp was an apple pushed thing that they used up until 10.2 i think when they introduced rendezvous which was renamed bonjour yep that's autocom right it's all the general idea of zero conf as they call it yeah because autocom implies that you did something again that automatically hits something right zero conf implies you don't touch anything everything discovers itself yeah but it's amazing how it's very frequent like the more you look into history of not just you know networks but also a lot of things to do with software engineering people are just spending all their time reinventing the wheel except in the case of software engineering there's a lot of reinventing the wheel within the wheel within the platform effect as they call it yes you know it it's insane that you now have linux running inside a browser running on top of some framework running on top of your channel which is also linux and then you go right abstractions of abstractions it's not really abstractions it's more like we're building an os within an os within an os and at some point you just start wondering if that's all worth it or maybe we should just go back to me so don't discount old books and rfcs yeah read the fundamentals and know why such a protocol was built great so should we go on to the audience questions we have a few right yeah let's go on not just keep posting you know as long as chinme is asking raho we will take up your questions so let's go on to aya polling all right the first question is from michael he asks for recommendations for home routers um now see the problem is that the home router that i used to recommend to most people that didn't want to spend time on the network has been discontinued now it used to be the apple airport extreme airport yeah oh they discontinued yeah it's been discontinued very very unfortunately in apple's new as i would describe this guided approach of let's cut everything that isn't ios right okay so do you have an alternative i've yet to find one that is like great for people that don't want to spend too much time but if you're willing to spend like you know a couple of hours if that every quarter then it's a pretty good idea to get something like a router board or a micro tick or actually if you just want a router without wi-fi i can recommend the ubiquity edge router light uh-huh that has a web ui it's like you go in you set it up 10 minutes you're pretty much done right okay um that's pretty good for like i mean it's not something you can hand off to your parents and have them configure but it's something you can configure for them once it's for the geeky ones okay it's not for the geeky ones for the geeky ones you'll be doing the router board or the micro tick you know things with the cli to control it or in my case um i'm using a pc engines board pc engines yeah yeah because it was like 120 it's cheap it's really good it it's like 36 it runs linux i can do whatever i want on it yeah yeah wi-fi wise i strongly recommend even for home use these days i strongly recommend ubiquity and if you get the uh they're cheaper they used to be really expensive they used to be really expensive now it's you can get them like at a bed below 100 yeah um the nice thing about them is these days you can get uh i think it's called the unified cloud key if you don't want to run the controller yourself oh the thing is the controller honestly doesn't need to always be running okay you fire up the controller on your laptop you configure your ap and that's it it's done okay and the control is basically just your client to talk to the ap and set it up yeah okay awesome yeah i actually run a micro tick myself so it's it's i will agree that it's super fun it's super very you can you can customize a lot of things but it also means that you know you you have to be able to do a lot of these things if you want to get it yeah you want to set aside like one or two days initially when you configure it agree exactly because it's surprising how much stuff like what you're recommending earlier with uh apple actually has preconfigured for you yeah and then you when you when you start doing it yourself you're like what the hell is a hairpin net and why the hell do i need it and then you're like yes of course that makes i mean there's also like the qos stuff apple does it automatically for you they use something that's not actually fq codel but very similar to fq codel fq codel is fair queuing with control delay yep okay probably one of the best qos algorithms out there right now okay can you can you get that that kind of stuff set up on other orders yeah you can it's just um if you the other option to get something that runs dwrt right okay in which case you just fire up the web GUI and it asks you which qos thing you want enabled okay right cool right the next question is from beyond and he asks a security question he says so i've been hearing about this ping of death and how m irc warriors can use your computer how can i protect myself oh sorry that was wrong i was going for this you need to label your soundboard my soundboard is some stickers or something like that yeah that soundboard definitely is it's very amazing when you get the badum dish when come on once again chin man yeah so question security questions i've been hearing about this ping of death and how irc warriors can nuke your computer how can i protect myself uh pings of death are just another name for denial of service attacks you can't really protect yourself that well from it other than reject the packets and hope upstream doesn't hate you anymore yeah i mean like the problem with the analysis attacks is you really can't do anything except whoever is provide you internet service could possibly you know reject packets that are naughty right but generally if you're a consumer what happens is when you get ddost your isp temporarily kills your internet for a bit yep and then you have nothing else to do just sit twiddle your fingers and i don't know maybe get like a 3g or something yeah use your lte connection instead yeah all right next question uh from seb what are your thoughts on running a cdn from a gigabit internet connection in singapore any isp limits um you shouldn't have any problems uh except if you're running uh if you're running on a residential connection um okay you're you're going to not have lots of fun in the evenings right because obviously the isp also applies um quality of service type things and they try and make it as fair as they can because they only have so much international bandwidth right and even local bandwidth um because of the way our open stuff works um okay so so so it can be done just don't expect to be able to use a full gigabit right okay um also in general is is the net like outboard outboard connections from singapore that good in general or no okay uh in general you want to avoid uh i mean if you're covering southeast asia singapore is amazing okay but it's amazing on a relative scale right i have seen uh 150 millisecond latency to indonesia okay in which time i can hit the us but then are the are the big network centers like you know amazon or whatever on a different cable well because they seem i mean there's a bunch of just paid service okay so they probably get higher it's really yeah they've just really paid more that's it okay all right fair enough uh next question from kai uh what do you think about ipv6 uh i think ipv4 needs to go die in a fire okay oh that's hard i'm not a fan of ipv4 at all nat it's something that nat is horrible these days you get cg nat so you have like translation yeah and these days you carry a great nat as well um which now you're behind two nets yes it's very annoying cg nat is especially uh i don't know that do any of telcos do it i know i know yes my republic or really my republic i'm now going to call you out publicly on the internet can you stop issuing a 10 slash eight addresses i know the mobile phone uh uh 3g networks do that yeah but the mobile phone networks use proper cg nat fans there is a 100.64 i think that has been reserved for cg nat and instead dear friends over in my republic go hey why don't we use an rfc 1918 set and all i can think of is maybe you should hire a network engine yeah because you shouldn't be you shouldn't be giving out 10 dot to non-internal networks right yeah interesting that breaks a lot of best practices all right cool and the last question we have is um do you have a hardware list for engineers wait what was it network engineers like what are your tools of the trade like tools of the trade uh you want a laptop as light as you can get because you want to run around you will be walking around and this laptop has to be linux um it can be either linux or os10 it doesn't really matter linux or os10 okay not windows 98 i mean you can use windows it's perfectly fine just make sure you have a linux vm in it okay uh you also want uh siru usb serial dongle okay you want to make sure a lot of stuff finally if everything dies talk serial yeah literally everything talks serial even at home i have like two switches and i wrote all of them use serial i mean i can i cessation them but if it breaks then serial's the only way to get to them and also uh ethanette dongle if your laptop which because it's like should not actually have ethanette built in okay magbooks yeah well no literally everything you buy these days that's like doesn't have built because and some more you said as light as possible yeah yeah because honestly like 90 of your job is just going to be a keyboard a terminal and a web browser you don't really need power so it's okay yeah interesting cool cool so those are the tools of the trade okay good that's all the questions we have for now let's move on to the next round which is called rapid fire i got my sound effects right for the yes finally i know all right really good at shooting bullets yes so rapid fire as you know quick questions you don't have to politically correct i don't think you're ever politically correct so i don't know what is that so first question vire max e max is a similar to him okay so so e max lovers can go eat it anyway uh bite yes uh favorite website for getting your geek uh news fix um read it and i can use read and i can use cool current favorite uh video game or board game i know you like both yeah um current favorite board game is going to be codenames codenames yes look it up it's fun current favorite video game at the moment is factorial if you're a programmer or if you're a network engineer or anything to do with technology you will love that game factorial i know i know rahul loves to play this indie game so it must must be really cool all right and the next geek toy or gadget you're looking forward to buy um next toy or gadget anything you are really eyeing no not as a moment okay wow rahul's content with what he has yeah uh what's the next tool language of framework you want to learn or pick up i'm still working on picking up rust rust you gotta make sure you don't get rusty with it yeah i mean like let's put it this way the the language name is very appropriate you spend like a year doing it and you're still like wow i'm still learning new things every day i'm still rusty wow this is so rusty anyway what's your favorite sci-fi book or movie i like starship troopers only if you don't take it in the way the author meant it but you take it ironically okay ironic starship troopers um current favorite meetup group in singapore um there are lots of because that's where i get a lot of exposure to things that i normally wouldn't bother reading that's true it's like it's like the lazy meetup right people read out papers to you yeah and it's also like for most meetups uh you know you turn up for the python meetup because you do python you turn up for the go meetup because you do go you turn up for javascript meetup because you do javascript but when you turn up for this you have no idea yeah that's true i mean it's it's all it always blows your mind yeah i mean i'm still waiting for a chicken paper but still uh you could you could do it you should do it sure or we could get mang to do it i think we were funny anyway last question uh is there oh actually i would ask you this one what's your favorite programming language uh rust rust okay cool all right thank you very much for answering our rapid fire out and now we'll move on to the next section that's pics the way pics works is we go on the table we'll give you some time rahul to think about your pics it will start with sanny and me and rahul and the idea is to pick two or two three interesting things blogs books apps foods meetups whatever that you want our audience to try out so do you want to start with the pics sanny yes this year i started wearing a wearable finally my this is so so hipster she starts wearing wearables i i got a me band a siam me band or and i started pairing it with my iphone and i started tracking the sleep i'm i'm really excited about the sleep function because it vibrates on my wrist and wakes me up it actually can count how long i sleep how long i deep sleep maybe it's not so accurate because it doesn't really do my retina i motion tracking but yeah it's pretty interesting and i can get calls on my me band so if somebody's calling on well you just get notifications notifications yes because if you get calls you that would be really weird because you're like holding your watch to your ear like hello i can't hear you hello hey i do that sometimes when your hands are all like really busy the best you can do is poke a button on your watch and go can i call you back in five minutes oh so you wear rahul you wear i watch or i wear an apple watch yes okay okay apple watch so there you go so yeah try out some kind of wearable and pair it with your handphone and see what you can do yeah cool is that is that the only pick you have yes i do all right good i have two picks the first is kai kat i think i've picked this before kai kat is tool for making schematics and pcb layouts it's open source and recently its main competitor eagle so this is for electronics by the way just we just went from a freeware slash paid for a premium kind of model to a paid subscription kind of model so kai kat is basically become now the defective standard of anybody sort of you know doing small little hobbies projects check it out it's super awesome there's a lot of tutorials now the the forum called kai kai.info that does a lot of you know tutorials and questions and stuff it's a really it's really matured well now and my second pick is this interesting ic from the manufacturer silabs it's called the efm 32 it's a cortex m zero based ic it's a small little microcontroller it so basically it's nothing special about the microcontroller except it's really small it's a 24 pin package and the best part is it has a usb physical layer built in so you can actually do usb stuff you can do serial port like a console usb thing you know like how you plug in arduino and you can get console to it something similar with it it's super cheap super easy it has a lot of the stuff built in so you don't really need any components in fact just with like five or six passives around it you can have a usb setup very very easily so if you wanted to get usb connect it to your electronics the efm 32 happy gecko it's called it's super awesome from silabs so those are my two picks rahul um my pick is going to be a book that i've just started reading great it's called hackers delight by something warren henry warren i think okay it's it's it's hank warren right okay it's some warren so it's called it's called hackers delight um you can get it on amazon you can get it in a kindle whatever it's a book that basically covers uh it's almost like code golf in a book so uh he starts talking about um algorithms to do certain tasks and then it's sort of like uh how what's the minimum number of operations or how fast can we make this go so it's about algorithms and it's it's about algorithms in a way that most people don't usually think of unless they're working in the embedded space i guess because you know size is important their speed's important interesting hey that's going to be my next book thanks rahul yeah what else i think that's about it all right cool thanks for doing picks and next move on to the next segment which is event loo this is where we tell all our listeners audience that hey apart from online reading and podcasting go and meet people in events so the next up we have on first web which is the hack where internet of things special it's going to be at google apac headquarters in singapore so if you are in singapore on first web evening come down and join us the next event is fosatia yeah fosatia is happening again it's gonna happen in singapore again yep it's at the 17th to 19th of march at the science center and they are looking for speakers so if you have a project that's really interesting you know it doesn't have to be software in fact they're specifically looking for hardware projects and like biohacking projects so if you have interesting projects that you think would be relevant to sort of the open source open community open source sort of ideologies duru submit talks they are absolutely looking for speakers they always have issues having enough local speakers but in general otherwise to attend a conference it's really fun you get people from all over the region coming down and sharing some really cool stuff that they're working on yay so go ahead and attend events make some friends here's something that you have never known before and the last segment is called electric plug so this is where rahul will tell us how to connect with him rahul how can people connect with you you can find me on twitter that's twitter.com slash ag rahul which is my backup username that i use because someone has taken twitter.com slash rahul g on github you can find me at twitter at github.com slash rahul g there's a bunch of really weird projects there some maybe to your interest some may not i am working on something kind of fun that i might be releasing later this week does it involve an iot rap it does not involve an iot rap but it does involve networks networks okay sounds fun cool actually rahul has a lot of interesting projects that you should check out one of the ones that i use a lot is a chrome plugin i think we have probably have it for firefox as well which strips off all the other all the random crap at the end of a url you know it's called the origin for advertising stuff yeah you know like if you click on a link and have all this crap at the end that you know tells them where you came from and just annoys the heck out of me it's okay when it's in your browser but when you copy paste it in the link to someone in facebook chat or something and you find the link is like 35 megabytes by itself yes so yeah it's there for both firefox and chrome yes so there's a lot a lot of small little gadgets that all makes that i i use here in there so small little scripts gadgets there's also something that claudio who's in the chat and i built yes called we um it's whee i think okay and what does that do um if you have a browser tab displaying audio and you close it it plays the classic cartoon rewind thingy okay it's yeah just install it try it out it's fun okay right we will definitely include the links to the show notes for all of this yes we will have all of this in the show notes yay claudio you got to mention oh right one thing one last thing i'd like to look um if you run uh vms on os 10 a lot yes um there was this lovely little project called uh x hive a while ago that i think i've talked about before so this is this is the stuff that you just the hypervisor framework hypervisor framework built into the os and um these are lightweight os x virtualization solution it's been superseded by docker's hyper kit these days okay okay so uh the x hive upstream is basically dead hyper kits where all the fun stuff is um but i do have a cute little tool that i used to run my vms called hive which is also on my github page uh you basically have a little i and i file and uh one command boom vm um the cpu usage is absolutely minimal compared to things like virtual walks cool yeah this is something that i i really enjoyed with docker but i guess i should try this out as well yeah it's like if you just want vms to run stuff oh so on my lap on all my laptops i have uh one vm called my dev environment that runs arch Linux which i do everything in the mac os bit for me is more a browser and a ui than it is like cool i should check that out that sounds really interesting yay so thank you rahul for joining us for this episode 42 of thanks for having me yes we really really enjoyed it thanks to the live audience as well for joining us today warning yeah they were very they're very tame they didn't throw too much i'm i'm actually quite surprised we learned a lot about computer network infrastructure a lot to play with as well with a lot of things that rahul mentioned so that's it for this week's episode 42 of we will live we will come together again online on another saturday morning with another cool guest until then return zero