Route export is a core algorithm of BIRD. This chapter covers how we are making this procedure multithreaded. Desired outcomes are mostly lower latency of route import, flap dampening and also faster route processing in large configurations with lots of export from one table.
Data structures used by BIRD have to be changed in order to allow multithreading safely. This chapter covers necessary changes of them. BIRD is a fast, robust and memory-efficient routing daemon designed and implemented at the end of 20th century. We’re doing a significant amount of BIRD’s internal structure changes to make it possible to run in multiple threads in parallel.
Dear readers of our blog, thank you for your support and we wish you a Merry Christmas and a Happy New Year. We look forward to seeing you in 2021.
The CZ.NIC team
At the beginning of the year, a need arose to reinstall the LDAP, which had been running in CZ.NIC on an older OS, and I figured I did not want to miss such an interesting “challenge”. And I was very excited about it until I realized that the same server was, as a “bonus”, probably, running Freeradius and Radsecproxy with a connection to Eduroam. Of course, this was also to be rewritten as the syntax between the versions Freeradius v2 and v3 had changed a little bit. Only then I understood and admired the patience of people who set these things in CZ.NIC before me and I know that they have “enjoyed” this quite a lot. But this is a topic for another day, as this blog post should be about installing LDAP. I emphasize that this article discusses only basic LDAP settings.
To those who want to test their Internet connection speed, there are several options available in the app store. An application for measuring high-speed Internet connection called Open Nettest was developed as part of the international project Open Crowdsourcing Data related to the Quality of Service of High-Speed Internet (MoQoS). Using this application, you can test the speed of connection provided by your mobile operator or the speed of connection through a wireless network.
The history of introducing the DNSSEC technology in the CZ domain goes back more than a decade, and there have been several important changes during its course. For example, let’s look at the year 2010, which was literally packed with events related to the introduction of DNSSEC. First of all, the root zone was signed in July and right afterwards, the first KSK rotation with the change of algorithm among the top-level domains took place in the CZ domain in August. After eight years, we are going to repeat this “combo”, only in reverse order. There is a delayed first rotation of the root zone KSK (without altering the algorithm) scheduled in October. And in June we will perform the already announced KSK key rotation in the CZ domain, again with the change of the algorithm. This time, however, we will use the ECDSA algorithm based on elliptic curves — as the first top-level domain administrator.
The time before the GDPR enters into force is relentlessly ticking away. Do not worry, in this post I am neither going to paint scary pictures of what companies will have to face, nor make a list of what you should forget about when this law is enacted; I will “just” focus on the processing of personal data of children, namely the Article 8 that regulates the conditions for granting consent with processing of the child’s personal data in connection with information society services.
On the 7th of December 2017, the MoQoS project held its first stakeholders´ workshop aimed at measuring the so-called Quality of Service of high-speed Internet using the crowdsourcing method.
Have you ever thought of automating the certificate issuing in your organization’s internal certification authority? How about using the same procedure as in Let’s Encrypt and the ACME protocol, while enjoying all the benefits ACME has to offer? The possible solution is to use Boulder. I will now try to break down for you the Boulder’s installation process and the pitfalls that I encountered during the setup.