CPE Grounding

A discussion which comes up over and over in the WISP space is grounding and proper installation of customer CPE. The folks at perfect-10 (https://www.perfect-10.tv/) were a vendor at #WISPAPALOOZA2018.  One of the best things I have seen them in a long time is the below photo they created. This is a great illustration of how a proper CPE goes.

Updating your Bind DNS for latest trust anchors

A little Background on the rollover

From: https://www.icann.org/resources/pages/ksk-rollover/#overview
ICANN
 is planning to perform a Root Zone Domain Name System Security Extensions (DNSSEC) KSK rollover as required in the Root Zone KSK Operator DNSSEC Practice Statement [TXT, 99 KB].

Rolling the KSK means generating a new cryptographic public and private key pair and distributing the new public component to parties who operate validating resolvers, including: Internet Service Providers; enterprise network administrators and other Domain Name System (DNS) resolver operators; DNS resolver software developers; system integrators; and hardware and software distributors who install or ship the root’s “trust anchor.” The KSK is used to cryptographically sign the Zone Signing Key (ZSK), which is used by the Root Zone Maintainer to DNSSEC-sign the root zone of the Internet’s DNS.

Maintaining an up-to-date KSK is essential to ensuring DNSSEC-validating DNS resolvers continue to function following the rollover. Failure to have the current root zone KSK will mean that DNSSEC-validating DNS resolvers will be unable to resolve any DNS queries.

If you are running bind the quickest way to check is this:

If your configuration shows dnssec-validation yes;, you must change it to dnssec-validation auto;and restart your server before taking the steps below. This is in your named.conf

WISPAPALOOZA 2018 ponderings and musings

Another WISPAPALOOZA has come and gone to Las Vegas.  If you are not familiar with WISPAPALOOZA it is one of the two major trade shows Wispa puts on each year.  The Las Vegas show is the larger of the two. If you are a Wireless Internet Service Provider (WISP), doing outdoor wireless networks, or involved in the WISP industry whatsoever this is the premier event for you.

Having attended several shows I have been able to see the evolution of the shows over the past X years. The industry has been evolving and this show highlights many of the evolutions the industry is undergoing.  This year billing, LTE, and business services needed by WISPs were prominent in the sessions and on the vendor floors.  Vendors such as Baicells, Cambium, Redline, and others were talking about their LTE offerings.

Other vendors such as  Ritalia funding and Unitel were there getting their message out to WISPs. As WISPs evolve, they are looking for services and products which help the business side of things.  This business side becomes as important in a mature WISP as the technical side is.

Another aspect WISPs look for as they grow are billing platforms.  Companies such as Sonar, Azotel, and VISP were represented at the Vegas show.  These can help your WISP streamline and automate operations.  The more you can stretch your resources the better.

 

One of the many sessions

Other themes of the show included fiber deployments, MDUs, and CBRS to name just a few. Knowledge exchange is a key highlight of shows such as this.  Operato

 

rs sitting around trading tips, war stories, and what is working and not working for them is invaluable.  The selection of the speakers and sessions highlight the pulse WISPA has on the industry as a whole.

Due to the varied mix of people in this WISP industry shows such as this are great for any level of employee.  Any employee will be able to find things they can be engaged with and hopefully add to their knowledge. As with any industry, making personal connections and people networking is huge these events. Being able to have a Rolodex of Vendors, distributors, consultants, and other folks in the industry are invaluable. Whether you forge relationships over a beer at the local bar, a walk down the strip, or just sitting at a table talking these conversations are something you can’t get anywhere else.

My week started with a 5 am arrival at the airport.  I was able to catch up with a friend in the industry over a coke at breakfast in the airport.  Even though he lives an hour south of me we don’t get together all that much.  He is a friend and someone who is doing cool stuff in the industry.  The ability to have that focused time is something many of us don’t get. We are so busy with our own lives we have to get into situations like that.  After landing in Vegas the intensity level ramps up.  You start seeing people you know and quick conversations turn into 20-minute conversations, and the next thing you know its 6 pm and you are just checking into your room. The next several days are more of the same.  Late nights, lots of conversations, lots of walking, and an overwhelming amount of information you will only begin to digest once you have a moment to relax. In the end it is a good kind of tired.

For more information and a show re-cap visit http://thebrotherswisp.com/ for a cast coming soon on a re-cap of some of the brothers discussing the show.

MTIN Family of Sites
https://j2sw.com
https://mtin.net/
https://www.indycolo.net

Baicells announces local EPC

Dubbed BaiEPC, the solution will be available in two forms – Standard and Professional. The Standard version is designed for small to mid-sized networks, while the Professional version is designed for larger networks and provides smaller companies an expansion path as their businesses grow.

Baicells Announces Localized EPC at WISPAPALOOZA

Time Management

One of the things at #WISPAPALOOZA2018 I kept hearing was “I don’t have the time”.  Randy Pauusch gives a talk on time management.  Why pay attention to this video? Randy Pausch was diagnosed with pancreatic cancer and he was working against this when giving this talk.  He only had a limited time to live and became an expert on time management because he had to.

 

NIST releases second draft of “Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations.”

From an e-mail the folks at nist sent out.

NIST has released a second draft of NIST Special Publication (SP) 800-52 Revision 2,Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations. It provides guidance for selecting and configuring TLS protocol implementations that utilize NIST-recommended cryptographic algorithms and Federal Information Processing Standards (FIPS). The document requires that government TLS servers and clients support TLS 1.2 configured with FIPS-based cipher suites, and recommends that agencies develop migration plans to support TLS 1.3 by January 1, 2024.

A public comment period for this document is open until November 16, 2018.

CSRC Update:
https://csrc.nist.gov/news/2018/second-draft-of-TLS-guidance-now-available

Publication Details:
https://csrc.nist.gov/publications/detail/sp/800-52/rev-2/draft