Did you ever want your own Internet in a bottle, where you can easily look at exactly what's going on, what path every single packet is taking, where you can bring down any link you wish or even a whole country if you feel like it?
Well, this is exactly what the NorthSec 2014 implemented for their security contest back in April, a small, self-contained version of the Internet, made of around 300 routers, spread across a fake planet but with real latencies, using the same routing technology as the real thing, allowing for very easy analysis and debugging of every single connection. All of that using unprivileged LXC containers and a recent Linux kernel!
In this presentation, Stéphane Graber will go through the creation process for this work, demo the final result and what's possible to do with it and hilight some of the kernel bugs and limitations which had to be overcome.
Survey this Session