10 Ocak 2017 Salı

WAN conditions for your service


When you are about to launch a new network service you should be prepared to face with real life conditions.
Your service should be ready for some delay, jitter and packet loss. This post aims to create a LAB environment to test our service if it is ready for real-life or not.

All we need to have a debian server (virtual or physical) with two ethernet interfaces and 30 minutes of time for installation and configuration.


In my case I used a virtual server on vmware that has 1 vCPU and 1GB RAM.

I used 8.6.0 netinst cd image from debian.org https://cdimage.debian.org/debian-cd/8.6.0/i386/iso-cd/debian-8.6.0-i386-netinst.iso

After minimal installation I configured the network :
cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug eth0
iface eth0 inet static
        address 192.168.1.253
        netmask 255.255.255.0
        network 192.168.1.0
        broadcast 192.168.1.255
        gateway 192.168.1.1
        # dns-* options are implemented by the resolvconf package, if installed
        dns-nameservers 8.8.8.8


allow-hotplug eth1
iface eth1 inet static
        address 192.168.2.253
        netmask 255.255.255.0
        network 192.168.2.0

        broadcast 192.168.2.255

Then I created a script that controls the traffic between two interfaces.
cat /root/trafficshaper

#!/bin/bash

INT1="eth0"
INT2="eth1"
BWLIMIT="256kbit"
PLOSS="50%"
DELAY="300ms 10ms"

startme() {
        tc qdisc add dev $INT1 root handle 1:0 netem delay $DELAY loss $PLOSS
        tc qdisc add dev $INT1 parent 1:1 handle 10: tbf rate $BWLIMIT buffer 1600 limit 3000

        tc qdisc add dev $INT2 root handle 1:0 netem delay $DELAY loss $PLOSS
        tc qdisc add dev $INT2 parent 1:1 handle 10: tbf rate $BWLIMIT buffer 1600 limit 3000
}

stopme() {
        tc qdisc del dev $INT1 root handle 1:0
        tc qdisc del dev $INT2 root handle 1:0
}

case "$1" in
        start)  startme ;;
        stop)   stopme ;;
        list)
                tc -s qdisc ls dev $INT1
                tc -s qdisc ls dev $INT2
                ;;
        restart)        stopme; startme ;;
        *) echo "usage: $0 start|stop|restart|list"

        esac


Now all we have to do is edit the file to set the conditions

   BWLIMIT="256kbit"
   PLOSS="50%"
   DELAY="300ms 10ms"

then execute 
   /root/trafficshaper start

to make your service face with real life :)

example :
shaper@tshaper:~$ su - root
Password:
root@tshaper:~# ping 192.168.1.1
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_seq=1 ttl=255 time=0.803 ms
64 bytes from 192.168.1.1: icmp_seq=2 ttl=255 time=1.05 ms
64 bytes from 192.168.1.1: icmp_seq=3 ttl=255 time=1.01 ms
64 bytes from 192.168.1.1: icmp_seq=4 ttl=255 time=0.749 ms
64 bytes from 192.168.1.1: icmp_seq=5 ttl=255 time=0.894 ms
64 bytes from 192.168.1.1: icmp_seq=6 ttl=255 time=1.09 ms
64 bytes from 192.168.1.1: icmp_seq=7 ttl=255 time=0.786 ms
64 bytes from 192.168.1.1: icmp_seq=8 ttl=255 time=0.912 ms
64 bytes from 192.168.1.1: icmp_seq=9 ttl=255 time=0.846 ms
^C
--- 192.168.1.1 ping statistics ---
9 packets transmitted, 9 received, 0% packet loss, time 8003ms
rtt min/avg/max/mdev = 0.749/0.906/1.097/0.120 ms
root@tshaper:~# /root/trafficshaper.sh start
root@tshaper:~# ping 192.168.1.1
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_seq=2 ttl=255 time=297 ms
64 bytes from 192.168.1.1: icmp_seq=4 ttl=255 time=305 ms
64 bytes from 192.168.1.1: icmp_seq=6 ttl=255 time=306 ms
64 bytes from 192.168.1.1: icmp_seq=7 ttl=255 time=294 ms
64 bytes from 192.168.1.1: icmp_seq=8 ttl=255 time=293 ms
64 bytes from 192.168.1.1: icmp_seq=10 ttl=255 time=308 ms
64 bytes from 192.168.1.1: icmp_seq=12 ttl=255 time=306 ms
64 bytes from 192.168.1.1: icmp_seq=13 ttl=255 time=309 ms
64 bytes from 192.168.1.1: icmp_seq=16 ttl=255 time=304 ms
^C
--- 192.168.1.1 ping statistics ---
17 packets transmitted, 9 received, 47% packet loss, time 16040ms
rtt min/avg/max/mdev = 293.008/302.931/309.238/6.076 ms
root@tshaper:~# /root/trafficshaper.sh stop


References and further reading :



BIP39 design experiments

I've been using some software and hardware wallets for years. Like most of you I am familiar with mnemonic seed phrases used in wallet c...