1. Command to get router address: Desktop$ route -n get default
route to: default
destination: default
mask: default
gateway: xx.xx.xx.1
interface: en4
flags: <UP,GATEWAY,DONE,STATIC,PRCLONING>
recvpipe sendpipe ssthresh rtt,msec rttvar hopcount mtu expire
0 0 0 0 0 0 1500 0
Category Archives: Web
IP Routing
[1] introduces IP Subset, IP Routing
Reference
[1] Hyper-V and Networking — Part 3: IP Routing
VM Live Migration’s Impacts on the Running Applications
1. Will the IP address change after migration?
Both types of live migration exist, including changing and not changing IP address [5].
- Based on
Google cloud [1], it can migrate clients’ VM withoutaffect the customers. That means the IP address of a VM would not be changed in this case. - To retain the same IP address, hyper-V requires the source and destination hosts
to be within the same subnet. I think Google cloud may not have this requirement. - I think the virtual network [4] would be able to remove the restrictions on the locations of the destination hosts. “Hyper-V Network Virtualization decouples virtual networks for customer virtual machines from the physical network infrastructure.”
2. Will the migration interrupt the Internet service?
This depends on the implementation. The answer is different regarding different implementation.
- According to google cloud [1], there will be no service interruptions.
- During post-migration brownout, the VM executes on the target. The source VM is present, and may be providing
supporting functionality for the target. For instance, until the network fabric has caught up the new location of the VM, and source VM provides forwarding services for packets to and from the target VM. - According to hyper-V [2]
the migration is not downtime-free, the interruption is almost immeasurably brief. Usually the longest delay is the network layer while the virtual machine’s MAC address is registered on the new physical switch port and its new location is propagated throughout the network.- According to [3], in order to use live migration the VM needs to keep the same IP address across date centers in order to achieve the goal of continuous access from clients to the virtual machine during and after the migration.
3. How the network is migrated?
The most challenging issue in VM migration is to keep the network working.
In LAN, different hypervisors using different strategies.
- Xen
- It uses ARP to bind the IP address to the new host.
- The VM sends ARP signal, broadcast that the IP address is moved to a new host. But this may not be allowed for security reasons.
- VMware
- VMotion uses VNIC to ensure the network connection.
- The VNIC will be migrated with VM as well. Every VNIC has a unique MAC address in LAN and is connected to one or multiple NIC.
- Since VNIC has a MAC address that is irrelevant to the physical network address, the network will be continued as normal using VM live migration.
- Note due to the restrictions of Ethernet, the source and destination hosts have to be in the same subnet.
In WAN
- The VM will be given a new IP address in the destination host. In order to ensure the network connection, we can use IP tunnel with combination of dynamic DNS, i.e., we can build a IP tunnel between the source IP and destination IP address, and use it to forward the packets from source host to destination host. Once migration is done, VM can response to the new network. It means the DNS is updated, and the network connection will refer to the new IP address.
Reference
[1] Google cloud VM live migration
[2] Hyper-V live migration
[3] Live Migration — Implementation considerations
[4] Hyper-V 网络虚拟化概述
[5] 虚拟机迁移研究
Build a Web Proxy in Amazon EC2
Prerequisite:
- I already have an amazon ec2 instance (ubuntu) running in the cloud
- I choose to install tinyproxy
- command: sudo apt-get install tinyproxy
- Setup the IP you allowed for using the proxy
- sudo vim /etc/tinyproxy.conf
- unfortunately, tinyproxy does not support user authentication with username and password
- Restart tinyproxy
- sudo /etc/init.d/tinyproxy restart
- Then you can setup your chrome to use the web proxy
- it requires the IP address of your amazon ec2 instance and port (tinyproxy default port 8888) in setting up the web proxy
- With this proxy, you will be able to have free internet even if you are in a country with Internet censorship
How to test network bandwidth between two machines
http://askubuntu.com/questions/7976/how-do-you-test-the-network-speed-betwen-two-boxes
iperf
. It’s a client server arrangement in that you run it in server mode at one end and connect to sudo apt-get install iperf
iperf -s
iperf -c <address of Computer A>
Session
Definition
Implementation
Cluster of Servers
Client Side Web Sessions
Issues
- Browser limits the number and size of cookies that may be stored by a web site.
HTTP Session Token
- A session token is a unique identifier that is generated and sent from a server to a client to identify the current interaction session. The client usually stores and sends the token as an HTTP cookie and/or sends it as a parameter in GET or POST queries.
- The client only has to handle the identifier
- All session data is stored on the server (usually in a database).
IP Scan
Tools
- ZMap
Ports
- FTP: 20,21
- SSH: 22
- Telnet: 23
- SMTP: 25, 587
- WHOIS: 43
- DNS: 53
- DHCP: 68
- Finger Protocol: 79
- HTTP: 80
- SQL: 118
- HTTPS: 443
- MySQL: 3306
Web Applications Client & Server
Figure 1 [1] illustrates the web application architecture in the server side and client side.
Server Side
- Logic Layer
- Implements the application business logic using high-level programming languages, such as Java, PHP, or Python.
- Web Server Layer
- Receive HTTP request, and passes the request to the appropriate server-side program, e.g., Apache web server, Windows IIS, or Nginx.
- Data Storage Layer
- Stores the web application state and user data. Popular data storage systems are traditional SQL databases, which include MySQL, PorsgreSQL, or MSSQL
- Infrastructure Layer
- Runs the operating systems. An infrastructure could be a physical machine or virtualization platform which manages multiple virtual machines.
- Implements the application business logic using high-level programming languages, such as Java, PHP, or Python.
- Receive HTTP request, and passes the request to the appropriate server-side program, e.g., Apache web server, Windows IIS, or Nginx.
- Stores the web application state and user data. Popular data storage systems are traditional SQL databases, which include MySQL, PorsgreSQL, or MSSQL
- Runs the operating systems. An infrastructure could be a physical machine or virtualization platform which manages multiple virtual machines.
Client Side
- Logic Layer (Presentation Layer)
- It is written in a combination of HTML, CCS, and JavaScript, with JavaScript providing a way for the sever-side code to execute application logic on the client
- It is written in a combination of HTML, CCS, and JavaScript, with JavaScript providing a way for the sever-side code to execute application logic on the client
- Browser
- Retrieves the presentation layer code from the server, interprets it, and presents it as a graphic interface to the user.
- Retrieves the presentation layer code from the server, interprets it, and presents it as a graphic interface to the user.
- Storage Layer
- For the presentation layer code to store data. Available storage methods include cookies, local storage, IndexedDB, and File APIs.
- Operating System Layer
- Runs the browser
- For the presentation layer code to store data. Available storage methods include cookies, local storage, IndexedDB, and File APIs.
- Runs the browser
Reference
[1] Toward a Moving Target Defense for a Web Applications, by Marhony Taguinod, in International Conference on Information Reuse and Integration 2015
Web Service — REST
What is REST
- a design pattern for implementing networked systems, stands for “Representational State Transfer”
- A client references a web resources using a URL
- The web serves as a guiding framework for the web
- HTTP is not just a protocol
- It provides an API (POST, GET, PUT, DELETE) for create, read, update, and delete operations on a resource
- Approach isolates application complexity at the end points (client and server) and keeps it out of the transport
Three Fundamental Aspects of REST
- Resources
- Every distinguishable entity is a resource. A resource may be a web site, an HTML page, and XML document etc.
- URLs
- Every resource is uniquely identified by a URL.
- Simple operations
REST vs. SOAP
REST
- The web is the universe of globally accessible information
- Resource oriented
- User-driven interactions via forms
- Few operations (generic interface) on many resources
- URI: Consistent naming mechanism for resources
- Focus on scalability and performance of large scale distributed hypermedia systems
SOAP
- The web is the universal transport of message
- Activity/Service oriented
- Orchestrated reliable event flows
- Many operations (service interface) on few resources
- Lack of standard naming mechanism
- Focus on design of integrated (distributed) applications
Web Service
Web Services Fundamentals
Two Competing Approaches
- REST-style
- SOAP-style
Four Fundamental Technologies
- XML
- Describing information sent over the network
- WSDL
- Defining web service capability
- SOAP
- Accessing web services
- UDDI
- Finding web services
Web Service Infrastructure and Components
XML
- Has emerged as the standard solution for describing information exchanged between heterogeneous system
- Can be read by programs and interpreted in an application-specific way
- Example
- <Account>xx</Account>
WSDL: Describing the web service
- Provides functional description of network services
- IDL description
- Protocol and deployment details
- Platform independent description
- Extensible language
- As extended IDL: WSDL allows tools to generate compatible client and server stubs
- Allows industries to define standardized service interfaces
- Allows advertisement of service descriptions, enables dynamic discovery and binding of compatible services
- Used in conjunction with UDDI registry
- The main elements in a WSDL description
UDDI: Finding Web Service
- Universal Description, Discovery, Integration
- UDDI defines the operation of a service registry
- Data structures for registering
- Business
- Technical specification: tModel is a keyed reference to a technical sepcifcaiton
- Service and service endpoints
- Referencing the supported tModels
- The main UDDI data structures
SOAP
- Why SOAP
- A “wire protocol” necessary for accessing distributed object services
- Vendor and/or platform-specific wire protocols hinder interoperability
- SOAP
- An Internet standard specification, the goal of which is to define a platform and vendor-neural WIRE PROTOCOL based on Internet standard protocols [HTTP & XML] to access Web Services.
- Features
- Uses XML to package requests for services exposed by Web Services, and responds generates by Web services
- Typically uses HTTP as a transport protocol
- SOAP message
- Convey documents
- Support client-server communication
RESTful Approach
- Focus on using HTTP operations (GET, PUT, POST, DELETE) to manipulate data resources represented in XML
- No WSDL + SOAP