Martin Tonusoo tonusoo
tonusoo
/ RFC7908_lateral_ISP-ISP-ISP_leak_via_RS.md
Created
May 18, 2026 10:38
verifying the entire AS path against the customer cone on a route server || RFC 7908 || NANOG mailing list thread: https://lists.nanog.org/archives/list/nanog@lists.nanog.org/thread/W7OMPSYMCHFR5N7VZFX2Y4JR7D4AU4ID/
tonusoo
/ napt-44.conf
Created
April 28, 2026 15:22
Port Address Translation with MS-DPC || j-nsp mailing list thread: https://puck.nether.net/pipermail/juniper-nsp/2026-April/039361.html
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| root@lab-mx960> show configuration services | |
| service-set pat-service-set { | |
| nat-rules rule-napt-44; | |
| interface-service { | |
| /* first PIC of MS-DPC in slot 9; Multiservices MIC should use "ms" interface instead of "sp" interface */ | |
| service-interface sp-9/0/0; | |
| } | |
| } | |
| nat { | |
| pool napt-pool { |
tonusoo
/ aspa_logic.py
Last active
April 14, 2026 11:44
A validation script for the "ASPA-based AS Path Verification Examples" document referenced in https://datatracker.ietf.org/doc/draft-ietf-sidrops-aspa-verification/ based on https://github.com/QratorLabs/ASPA
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # https://github.com/QratorLabs/ASPA | |
| # https://github.com/ksriram25/IETF/blob/main/ASPA_path_verification_examples.pdf | |
| import sys | |
| import logging | |
| DEBUG_MODE = True |
tonusoo
/ ROA-ASPA-openssl.txt
Created
March 30, 2026 14:21
Extracting and decoding the ASN.1 DER payloads of RPKI CMS signed objects using OpenSSL
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| martin@validator-2:~$ # routinator dump --output /tmp/routinator-dump/ | |
| martin@validator-2:~$ # "<- ..." comments below are manually added | |
| martin@validator-2:~$ openssl cms -verify -noverify -inform DER -in /tmp/routinator-dump/store/rrdp.arin.net/rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/69fd0156-bb1f-48b6-bf32-c9492286f195/de4a1dfa-8867-4aef-a2e6-131e93add9f9/5486ade0-fc94-3e8d-89dc-e03fab376ea9.roa -outform DER | openssl asn1parse -inform DER -i -dump | |
| CMS Verification successful | |
| 0:d=0 hl=2 l= 28 cons: SEQUENCE | |
| 2:d=1 hl=2 l= 3 prim: INTEGER :02571B <- ASN 153371 (RFC 6482 ASID) | |
| 7:d=1 hl=2 l= 21 cons: SEQUENCE | |
| 9:d=2 hl=2 l= 19 cons: SEQUENCE | |
| 11:d=3 hl=2 l= 2 prim: OCTET STRING | |
| 0000 - 00 02 .. <- v6 addr family (RFC 6482 addressFamily) |
tonusoo
/ Junos-25-4-RTBH-routes-validation.conf
Last active
March 18, 2026 12:17
RTBH prefixes validation on Junos || PoC setup || NANOG mailing list thread: https://lists.nanog.org/archives/list/nanog@lists.nanog.org/thread/O5XX6BHOSMINX4HKT2SMVOI66SMYXFOR/
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| root@vjr-17> show configuration routing-options bmp | |
| /* Rotonda */ | |
| station BMP-feed-for-RTBH-1 { | |
| /* if the session breaks, then the router tries to reestablish it every 30 seconds */ | |
| connection-mode active; | |
| /* Route Monitoring messages are sent only for peers defined under specific BGP groups */ | |
| route-monitoring { | |
| none; | |
| } | |
| station-address 10.10.8.3; |
tonusoo
/ Juniper_MX_host-outbound_traffic.png
Last active
February 2, 2026 08:03
Host-outbound TCP SYN captured on internal bridge connecting the control- and forwarding-plane on MX-series router || discussion on Packet Pushers Slack group
tonusoo
/ check_logs.bash
Created
November 12, 2025 12:35
logtail functionality for journalctl versions older than 242 not supporting the "--cursor-file" option
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| get_journal_logs() { | |
| log_type="$1" | |
| if [[ "$log_type" == "system" ]]; then | |
| args+=( "--dmesg" ) |
tonusoo
/ bgp-vortex-lab.jpg
Last active
October 23, 2025 15:34
NANOG mailing list thread: https://lists.nanog.org/archives/list/nanog@lists.nanog.org/thread/SU76M47AOL5742T6Q5OW2DBMRNSYU42Y/
tonusoo
/ packet_capture_in_g-bird1.txt
Created
September 17, 2025 08:47
Junos Non-Stop Active Routing and Fault-Tolerant TCP/IP test setup; https://cseweb.ucsd.edu/~marzullo/pubs/fttcp2.pdf
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| root@bird1:~# # acknowledgements to the client(10.10.10.1) are withheld until the hot backup has received the corresponding data | |
| root@bird1:~# tshark -c 4 -i enp7s0 -f 'tcp and port 179' | |
| Running as user "root" and group "root". This could be dangerous. | |
| Capturing on 'enp7s0' | |
| 1 0.000000000 10.10.10.1 → 10.10.10.0 BGP 85 KEEPALIVE Message | |
| 2 0.601193559 10.10.10.0 → 10.10.10.1 TCP 66 179 → 60153 [ACK] Seq=1 Ack=20 Win=16384 Len=0 TSval=2273170037 TSecr=1268402651 | |
| 3 4.135022182 10.10.10.0 → 10.10.10.1 BGP 85 KEEPALIVE Message | |
| 4 4.135067259 10.10.10.1 → 10.10.10.0 TCP 66 60153 → 179 [ACK] Seq=20 Ack=20 Win=126 Len=0 TSval=1268406786 TSecr=2273173570 | |
| 4 packets captured | |
| root@bird1:~# |
tonusoo
/ shutdown-bgp-session.bash
Last active
September 7, 2025 20:09
NANOG mailing list thread: https://lists.nanog.org/archives/list/nanog@lists.nanog.org/thread/CS25Q74D72EUV3MVHOMT3GNZ5HGRZWGV/
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # Configures Juniper router to inject a 0x0b control character to | |
| # "Shutdown Communication" field(RFC 9003) of a BGP cease NOTIFICATION message. | |
| # | |
| # Usage example: | |
| # ./shutdown-bgp-session.bash | ssh root@192.168.103.20 -p 830 -s netconf | |
| vertical_tab=$'\v' |
NewerOlder