Two BIND 9 Security Vulnerabilities Announced Today
ISC is releasing updated versions of BIND 9 to address two newly-discovered security vulnerabilities We have released new versions of BIND: 9.Read post
The Kea team is participating in the Google Summer of Code (GSOC) for the first time. The GSOC program pays University students to spend their summer working on an open source project. This year, according to Google, the GSOC program is sponsoring 1,264 students from 62 countries working with 206 open source organizations. Students are encouraged to take the lead in ensuring their own success, starting by writing their own project proposals, with goals, a proposed design and task lists.
We have two student interns for summer 2018 working on Kea-related open source projects, Sunil K. S. Mayya and Jerin John. The program kicked off with a month-long “community bonding” period, in which the students got more familiar with the project, joined the mailing lists, and planned their summer work. Starting in mid-May, they began coding, and they are now slightly more than one-third of the way through their projects.
Sunil (who goes by Mayya) is working towards his Masters in Electrical and Computer Engineering at the Technical University in Kaiserslautern, Germany. Mayya has quite a bit of experience already, both with programming and with networking in particular, since he worked for Nokia updating networking applications for IPv6 after receiving his Bachelor’s degree in Telecommunication.
According to his application, Mayya is interested in working on DHCPv6 because “it is cool and contributing to the internet society is cooler :).” Mayya proposed to add support for IPv6 Reconfigure as specified in RFC 3315-bis to the Kea DHCP server.
From Mayya’s GSOC proposal: “IPv6 reconfiguration through DHCP is a server triggered mechanism for the clients to update their IPv6 addresses and prefixes. The idea is to make the clients renew their configuration by making them send an Information request/Renew message/Rebind message to the server when the server configuration changes.” This is a powerful and useful feature, but also complex to implement. Among other things, the reconfigure request requires authentication.
Mayya aspires to become a regular contributor to open source projects and to work on IETF networking standards. He has already thought of several other enhancements he would like to contribute to Kea after he completes his GSOC project. In the fall, Mayya will be working on his Master’s Thesis. He is looking for a research topic in the area of networking. He is also interested in opportunities to present his work on Kea at an open source, IPv6, or networking conference in the fall of 2018.
Kea Reconfiguration project repository on Github (added December, 2018)
Also see Sunil Mayya’s presentation at the November, 2018 DENOG on DHCP reconfiguration.
Jerin John has just completed his Bachelor’s of Technology in Computer Engineering from K. J. Somaiya College of Engineering, University of Mumbai. Jerin’s senior project was a neural learning question and answer system (https://github.com/meshde/EruditeX).
In his proposal, Jerin said, “I am truly fascinated by the concept of open source development as it provides new entrants like me the opportunity to contribute to real software applications, where you can see the code you write become part of software that serve a plethora of people. Open source tools have been part of my life from the beginning, be it operating systems like Linux and Android or my favorite programming language Python.
“GSoC would provide me the ideal platform to learn tons of stuff, gain exposure to the software industry and an opportunity to give back to the open source community. Internet Systems Consortium (ISC) was my choice of organization primarily due to its work in supporting the internet infrastructure and also the innovative ideas behind Kea.” After completing his GSOC project, Jerin plans to begin a full-time job as a software developer at Microsoft India.
Jerin is working on adapting the GLASS dashboard, an open source project developed to display status and statistics for ISC DHCP, to work with Kea. Jerin chose to work with GLASS because it was developed by an operator and therefore was a direct expression of real operational requirements for a DHCP dashboard. Also, GLASS is a very young, recently developed project that uses modern methods and libraries. However, GLASS runs on the ISC DHCP server, and Jerin hopes to enable his project, Anterius, to run on a separate machine from the Kea server. Some of the data that GLASS collects from ISC DHCP is not possible to fetch remotely from Kea, so this will be a challenge. GLASS relies on a separate open source tool for monitoring ISC DHCP pool utilization; Jerin had to reproduce that functionality for Kea. Finally, GLASS supports DHCPv4 only, and Jerin is hoping to make his tool support both DHCPv4 and DHCPv6. Because this is a separate software project from the main Kea project, Jerin is also having to create a suite of automated tests for the project. Jerin is working on Github at https://github.com/isc-projects/kea-anterius.
Jerin is hoping to demonstrate his Kea dashboard to Kea-users in a webinar in mid-summer, get some operator requirements input, and perhaps interest some of them in using and contributing further to the project. He would love to have users drop in on his Github repo and leave their comments and requirements.
Kea Anterius (dashboard) project repository on Github
At ISC we have debated in past years whether to apply for GSOC, because it could be a challenge for our small team to support student interns, and our software projects are big and complicated. It is hard for any external contributors to make successful contributions, let alone beginners. Working on networking software is inherently complicated; both students have had to set up their own test environments, with simulated networks, a DHCP server and DHCP clients, and/or traffic generators.
So far, we have all made it through the first month of coding, and our first evaluation with Google, and both projects are proceeding very well. Supporting these projects does mean some additional work for the core team – we have uncovered additional changes to Kea that the GSOC projects depend on that the students can’t implement themselves, and we will have to code review Mayya’s submissions to the core Kea project. We have been very lucky to get two very capable, hard-working students as our GSOC interns and they have been able to accomplish a lot with very little help. Both students started by writing requirements documents. Now they both email weekly status and issues reports, which we follow with a weekly video conference call. Jerin will need to get additional feedback from the Kea user community once his dashboard is ready for field testing. This seems like a very worthwhile investment; we are confident that both of these projects will result in software that Kea users will benefit from.
The ultimate purpose of the GSOC program is to help train, and welcome, new software developers to engage in open source projects. We are excited to have found two very promising new open source developers through GSOC.
Kea Reconfiguration project repository on Github
Kea Anterius (dashboard) project repository on Github
What's New from ISC