Let's bring down some other large network in some weird way to get next video! ...just kidding.

I would pay for Facebook to be down.

You forgot to add "forever". :)

It’s a win/win

Not for Mark ahaha

I think he still works as a nw engineer. If im not wrong he even worked for juniper

That's because he is self thought, not sure if Ben has high school diploma.

@@dm3on "self thought"

@The Poison Donut not only that but for even a person that isn't very knowledgeable in this field, he makes it very interesting to watch and all his videos are very easy to follow and i almost never find myself lost trying to figure out what is going on, ben is the best.

@@Ripsaw460 oH nO, a slight spelling mistake that totally obfuscates the meaning of his message, what will I do?

@@Nick-lx4fo you dont have to do anything, just thought it was funny.

He not only knows everything, he also have time to live, breathe and share his knowledge

All you need is a default route and the ability to read, and you can acquire knowledge too. Exciting times.

That sounds like he is a named version of eaters from Digimon cuber sleuth. Eaters are only interested in collecting and sharing information across it's hive mind.

Ben Eater is an A.I. this physical form that we see is a computer manifestation of his real self, Ben Eater is like the M.C.P. on Tron Part 1 LOL

@Penguin Hey I remember you! You commented on my video once :)

Now multiply this times 70 000 or so, because that is the number of AS-numbers in use in the world, thus close to the number of independent Internet networks who connect with everyone else.

The number 1 reason it works so well really is the redundancy. Notice how multiple time through this video he keeps talking about dozens if not hundreds of this and that. And that is what makes things work so well, everything is connected in hundreds of ways, so if a route or 2 goes down for whatever reason, who cares, there are still hundreds of routes left to take instead.

There are further tools that make automatization much easier. You set up a few things in the beginning, and then sit back and relax.

I tell people that the entire internet only works with gentleman's agreements and handshakes. And that's when I'm being nice about phrasing it.

@@GummieI except its rarely the case with preferential routing. ISP's sign contracts with third parties to reduce overhead and operating costs by having them operate long-distance runs. - This gives these single-points of failure a Scapegoat if it fails. US and UK are the worst offenders of this, literally blocking or banning competitors networks at hops that would route through their network rather than around it. This means that regardless of speed or outage state, a singular ISP can ensure the bulk of their traffic goes through and is on their and partner networks. This gets worse when we start talking undersea cables. Exit Nodes (backbone) connections to externally connected networks are entirely priority based. When it comes to routing overseas, these contractors get priority. Why? rather than operating their backbone at a flat-cost for a nation, and telling the Goverment to cover the cost of operation so all may benefit... They instead choose to charge rate-based, with tiered flat based contracts available to ISP's. - This means that, your provider has to both pick a rate limit(and quality[jitter] limit) for its clients and limits routing to the connecting country to ONLY this backbone. | Sometimes they have failover's to competitors backbone lines, but since its rate-based there is caps client and SEVERE data-rate penalties. Amazon is the worst offender of this, offering basement priced backbone lines that are PAINFULLY slow(except to /some/ of their services) and this results in much of the worlds internet being measurably slower as a result... Australia has the worlds slowest internet exclusively due to no one hosting services inside australia (draconian encryption laws), and relying exclusively on Amazon and Telstra's dedicated Undersea cables to route outside of Australia(to the UK, the longest possible run). Since nearly everything is hosted in the US or germany. This means reaching these places is usually several hundred hops. - Turning the Fibre network that makes up Australia's rather robust internet infrastructure into a cesspool of garbage slow performance.

@@edenrose2374 this is actually super interesting. thanks for sharing.

Yea I spent years banging away on dn42 but this is BY FAR the best and most succint and insight-dense "class" on DNS and BGP I've ever seen.

He does give excellent explanations of things, he lays it out better than I've ever been able to a non-IT person.

The subnet mask description was so succinct that I'm using it internally when explaining networking to both our techs and clients.

not much changed since 90s, i mean the protocols. right?

Same. I took a grad networking systems course, Ben’s explanation of BGP is *so* much better than the course, I wish I had this then

yeah the clackity clack clack just sounds super comfy

Goes back further for me, at the keyboards for an IMSAI and a Polymorphics in the late 1970's, and the college SOROC terminals attached to a PR1ME mini in the mid 1980's.

what keyboard/switch he use?

@@izzurzuhri probably built it himself from breadboards and electrical switches. Each key is the size of a foot and he jumps on them

@@izzurzuhri sounds like clicky Alps to me, might be wrong though, a few other switches “ring” the same way

LOL -- that was my exact reaction when I heard about this. Like, what happened to break DNS and BGP, that took 6 hours to recover from? That is one COLOSSAL screw-up. With such huge stakes, too. It did make me suspicious what _really_ happened.

It took them 5 hours and 50 minutes to find someone with a physical key to let them into the building.

@@johnm2012 That's false. It DID take them that long to get someone with the necessary protocol expertise to fly in and fix the mess. It's silly to assume that no one on site would have a key to the building. It's reasonable to assume that a corporation like Facebook understaffs their infrastructure and doesn't retain experts to maintain that infrastructure.

On site, they use badge readers to access the building. Those badge readers ran on Facebook's network.

@@zacker150 Again, this is false. Why would a badge lock system run on Facebook's global network, as opposed to an internal, segmented network? It makes no sense.

It says a lot about me when I still don't understand it

That's kind of what I was going to say - He boiled down probably 2 or 3 days of a CCNP class into 20 minutes or so.. Of course the "real" class would have confused you with all the other options you could put on those bgp routing statements, but it does make me think about maybe this video should be a prerequisite for diving into those sections of a network course. It's really good to see the basics working first!

It's a shame the education system is failing people, I didn't start truly learning until I dropped out of college. It's bizarre how much they charge for schools considering the word is Greek for "free time".

That's called applying knowledge. Next time, explain it to someone else. Try the Feynman method.

Isnt The Current Educational System Still For Factory Jobs?

Cutaway scene like from the movie “The Prestige” with an eerie music that shows a lot of those breadboards, ICs, wires and then Ben using the monitor and keyboard connected to it.

Maybe that´ll be the topic of an upcoming video?

@@TNTsundar You mean the breadboards that generate the AI known as Ben Eater? 🙃

The actual servers aren’t that different, just a lot of modularized sheet metal chassises in big housing units with so, so many hard drives

Next video: "I built 30 breadboard computers so I could make my own internet... The Eaternet."

He works there...

Not really a flex. That server is public and available for anyone to use to validate their BGP routes

There's a few of them spread around, usually referred to as a "looking glass".

Lol I like the "my address has changed by now" disclaimer. Don't poke me please. You are just poking my mouth breathing neighbor.

@@tiporari It's bad enough with bots scanning ports and trying to dump payloads into the open ports they find yet alone the comment section of youtube seeing what holes or services are avalible.

How does he even have access to that?

@@bitterlemonboy my guess is that his full time job is a network engineer at AT&T?

Maybe he rents a server there or installed his own? He has his own website that likely gets a lot of traffic.

@@Jeff-ss6qt but that wouldn't give him access to a top level route table for an AT&T router To even be able to login to something like that is a huge deal

AT&T and several other ISPs host public route servers and/or a BGP looking glass where you can view their BGP routes. Their around to assist with troubleshooting multi-carrier internet routing issues. Maybe that’s what he’s connected to? But yeah, the demo he built is incredible.

I'm just gonna keep it as Black Magic!

Same. Best I can do is IWD and copy paste commands

@@12-343 same LOL. Networking is really hard :(

isnt the commit command a thing only on junos?

@@hariranormal5584 It's a thing for JunOS and Palo Alto firewalls (PanOS). Juniper devices also let you do a confirmed commit where if you lock yourself out by doing something dumb, it will automatically rollback to the previous configuration. Cisco devices typically commit changes immediately and so can cause issues if commands are entered incorrectly or in the wrong order. The only recourse then is to reboot the device and let the "startup-config" replace the running config. That's why you typically see commands like "copy running-config startup-config" or old school "write mem" to finalize a configuration.

You're working for 6 in years in web hosting and you didnt know what dns was?

@@castles990 for web hosting dns is a table like /etc/hosts :)

@@ilyadaemon plus you don’t need to know anything after the point where your web server network connects to your ISP!

Agreed, thank you!

that would fit into the explanation of this video quite well. I'll try, probably not as clear as Ben could do it: His router has two addresses, one public IP address that is routable in the internet (i.e. his ISP advertises routes to that address via BGP) and one on his local network, that is not. Only his router knows what to do with addresses on that local network. Now when he sends a packet from a host on his local network to the internet, it gets send to the router (the default gateway). What a NAT router does is now in addition to just passing the packet on to his ISP's router, is to slightly modify it. It replaces the source address (i.e. the 'return' address that the host on the receiving end should send its answer back to) with his own public IP address. It also stores the info of where it actually came from in a table in memory. That way it looks to the host on the other end like the request was sent from the router's public IP address, not the local IP address of the host in Ben's network. Any reply will be sent back to that router's public address, that everyone knows how to route to. Once the router receives a reply, it'll look up in his table where the request actually came from and rewrites the destination address for that packet back to the original local IP. Now it can route that reply packet via the local network, and sends it to that local address. This allows one to use a big number of local addresses but still access the internet, even though the ISP gave you only one single publicly routable IP address. As Ben mentioned, IPv4 address space is limited (to about 4 Billion addresses), so NAT is an essential crutch to keep IPv4 working today, since that address space would otherwise be to small to address every device on the planet.

@@Hugh_I not bad, a little bit simple, since the NAT typically ends up rewriting the port number as well as the IP address, but that's a minor point compared to the rest of your explanation.

@@Hugh_I my favourite is when there’s two or three layers of NAT, so port-forwarding breaks because it’s only aware of its own internal NAT table, and not the layers beyond itself.

@Maxime St-Louis , Ben has ssh access to a router on the AT&T network, and he blurred out its IP address in the video. That is not public.

@Maxime St-Louis do u have access to an AT&T router? Not every Tom, Dick and Harry has it

@@ExoticMerle Wasn't that just his home router?

@@HaraldSangvik No, he specifically said he's connected to an AT&T router happens to have access to and blurred out the hostname.

@@HaraldSangvik No, it's part of the actual for real AT&T network, the one that may suddenly stop working and cost millions of dollars if you type a wrong command

Same here.

Dig your feet in and don't give up.

What is Facebook? The only one I remember is one from the movie ARMY of DARKNESS or Ash v.s. The Evil Dead. 👻🙃

Haha, and this one is one of the most beginner-level videos he has around.

@@ZeroUm_ I'm big into his breadboard PC series but not into networking. They're very different, this may be beginner but still wack for someone not familiar

Ben took down Facebook just to create an explanation video.

Ben is always extremely consice and to the point. Very consistent too at that. Look at how he sets up his breaboards, it is simply pure art.

nohh. they just disconneced Mark Zuckerberg 10 years old laptop :)

@@myname377 fb hire this man right now

LOL -- yup. The SDN controller was running on Phil's workstation, because that's the IP address it was configured to use when they were first configuring the dev POC. And unbeknownst to anyone, including Phil, it never got changed. So, when Phil shut down his workstation to do an OS update, just two minutes before a scheduled schema replication, the entire controller cluster went offline and started dropping routes. You know... or something like that. :-) If I've seen it once, I've seen it a thousand times.

@@nickwallette6201 damn you’ve genuinely seen that before? That’s depressing. I’ve had stuff like that happen with my NAS and various desktops, but to imagine professionals in a (public) company doing it… actually no, that makes perfect sense. The feet tend toward the well-trodden path and all that.

Agreed, the time Facebook was down probably got families to actually talk with each other, and hopefully get a better relationship. I hope all these unsocial networks would cease to exist.

Technical question != interweb-social question But agreed in general :)

@@TheLamefeed Actually, it made people crazy.

@@TheLamefeed back in my days we used sms instead of facetime

@@TheLamefeed pornhub usage increased massively 😂

I do know 174 is cogent and 6939 is HE, and 1299 is telia, too much interest on the hosting community so that's just stuck on my head xD

​@@hariranormal5584 Years of working in carrier networks and looking at BGP tables has me reading these like maps...It's funny how numbers stick inside the human brain.

I decided to look up who AS 1 is, and it's Level 3 these days. Ironically, they are not AS 3; that's MIT. They should broker a trade ;) (I used to work at 111 8th Ave, and Level 3 proudly had space on the 3rd floor. Always enjoyed that.)

@@JonathanRockway then they move to England and everything breaks x)

@@minirop is it because of break-xit ?

He could have a read-only account for auditing security, nothing he did on the live box needed rce.

Yeah, this is the subject he started out learning and his pro experience. The rest is just for fun.

And WhatsApp and Instagram as well.

Only reason I knew about it is because my mom was flustered she couldn't reach me on Whatsapp... ugh

Only reason I know it is because I don't have the apps on my phone but I was checking if my professor answered my question in the private Facebook group we have for a lesson

My mom was crazy about accessing her cadle and resetted the internet modem because even if she understands its the first diagnostic step, she does not understand why and when to do it. You still had internet, mom. Just not those websites.

i didn't even notice it. My friends were talking about it and thats how i learnt about it

Seriously, we need to know the answer here! That is not something normal people have access to.

Nope...

That's when DevOps becomes DevOops.

I read somewhere that the Facebook reps said there was a bug in their orchestrator and it would've caught the issue but oh well

@@devnol As with most of these large scale outages and attacks we are seeing, its not just one thing, but a break down of multiple things. Like Ben alluded to, the story as to why it took then 5 hours to resort service is more telling of the breakdown in their own internal policies. The fact that they got locked out of their own datacenters shows their reliance on a few systems and protocols that when broken cause catastrophic issues across multiple systems. I'm sure Facebook will be changing policy and systems to mitigate this point of failure in the future.

I would like to know as well.

I assume since he has access to an at&t router that he works in the industry, which would mean he has access to disk images of the router operating system. Then it's just a matter of putting it in several VMs and connect them together, using the VM provider of your choice.

My guess would be either GNS3 or some vSRXs running in VMware or similar. Logical systems are a possibility, but the interface names suggest one of the first two.

He is using a Juniper vMX virtual router.

Cisco Packet Tracer and GNS3 are the most commonly used ones

Angle?

@@khealer I think they meant "angel".

@@khealer Don't be surprised if tomorrow there is a temple dedicated to Ben in India.

"knowledge angle" ahahaha

@Toy Bingo

Huh. You're right. I didn't hear Ben use the phrases "liberals" or "agenda" even once.