willem.com

How to break net neutrality

Limiting outbound network bandwidth per client IP-address

Apr. 1, 2020 -

Last month I received an automated alert indicating excessive bandwidth usage, usually a sign of trouble. When this happens, you should follow a standard incident procedure, trying to isolate the source of the traffic before shutting it down. The cause of this incident was not what I expected however... requiring a different kind of mitigation than a simple blockade.

Continue reading
Sample traffic shaping script
Sample traffic shaping script
Bandwidth graph with unusual spike indicating that something is wrong - you don't need to be Sherlock Holmes to find it
Bandwidth graph with unusual spike indicating that something is wrong - you don't need to be Sherlock Holmes to find it
Traffic must wait for tokens to become available when the maximum number of tokens is given away, enforcing the maximum concurrent traffic
Traffic must wait for tokens to become available when the maximum number of tokens is given away, enforcing the maximum concurrent traffic
Bandwidth graph of AMS-IX shows a predictable pattern - notice the wave-like pattern
Bandwidth graph of AMS-IX shows a predictable pattern - notice the wave-like pattern
Using tokens to control traffic - only passengers (or data packets) with a valid token are allowed. Tokens are returned as traffic reaches its destination.
Using tokens to control traffic - only passengers (or data packets) with a valid token are allowed. Tokens are returned as traffic reaches its destination.
Using the iftop tool to see bandwidth usage per connected IP-address
Using the iftop tool to see bandwidth usage per connected IP-address

Other stories

all blog posts

Tagged

CloudCyber SecurityDataFree SoftwareNetworkingServerWork

Articles (155)