Sunday, June 11, 2017

Securing Communication between Data Centre and Cloud

In the early days of my career, I used to wonder why we connect to office network using the crypto card.  If you have no clue or some clue about what the hell is VPN (just like me :D) ; I would recommend this link which covers the fundamentals of VPN. 

Let's start with definition of VPN gateway-

VPN Gateway

A VPN gateway is a type of networking device that connects two or more devices or networks together in a VPN infrastructure. It is designed to create connection or communication between two or more remote sites, networks or devices and/or connect multiple VPNs together. Ref


From the Perspective of Cloud

Companies are gradually moving (their systems) to cloud, so there is need of secure connectivity between Data Centre and Cloud hosted applications. Cloud has become a logical extension of the corporate datacenter (this is referred to as hybrid datacenter). 

The cloud hosted application should be able to securely talk to in-premise data or application. This is where the VPN gateway comes into play by securing one site to another site. VPN builds a secure tunnel between two remote sites.

Below diagram shows VPC inside AWS and GCP. You can think of VPC (Virtual Private Cloud) as a cloud inside cloud; or a logical datacenter inside AWS (or GCP - Google Cloud Platform). 




Traffic traveling between the two networks is encrypted by originator's VPN gateway, then it gets decrypted by the receiver's VPN gateway. 

Count number of different bits in two Numbers

Problem:
Given two numbers, find how many bits are different in two numbers.
Or, another way to look at problem is - Determine number of bits required to convert num_1 to num_2.

num_1 = 1
num_2 = 0
Number of different bits = 1

num_1 = 11111
num_2 = 01110
Number of different bits = 2

Solution:

Basically we need to find at each position if the value of bit in two number is same or different. If they are different then increase the counter and do the same for all subsequent bits.

It might not be very obvious from the problem but there is a bit operator which exactly finds out how different two inputs are. Let's apply XOR operator and see how it behaves:

1 ^ 0 = 1
0 ^ 0 = 0
0 ^ 1 = 1
1 ^ 1 = 0

So notice that, when bits are same output is always 0. And when both bits are different then output is 1.

    11111
^  01110
-------------
    10001

So after taking XOR, we just need to count the number of 1's in the result.


Java Implementation

public static int countNumberOfDifferentBits(int a, int b){

       int xor = a ^ b;
       int count = 0;
       for(int i= xor; i!=0;){
            count += i & 1;
            i = i >> 1;
       }
}

Measuring Execution Time of a Method in Java

Old fashioned Way
System.currentTimeMillis()
Accuracy is only in milli seconds, so if you are timing a method which is quite small then you might not get good results.

List<Integer> input = getInputList();
long t1 = System.currentTimeMillis();
Collections.sort(input);
long t2 = System.currentTimeMillis();
System.out.println("Time Taken ="+ (t2-t1) + " in milli seconds");

Using Nano seconds
System.nanoTime()
Preferred approach (compared to first one). But do keep in mind that not all systems will provide accuracy in nano time.

List<Integer> input = getInputList();
long t1 = System.nanoTime();
Collections.sort(input);
long t2 = System.nanoTime();
System.out.println("Time Taken ="+ (t2-t1) + " in nano seconds");

Java 8
List<Integer> input = getInputList();
Instant start = Instant.now();
Collections.sort(input);
Instant end = Instant.now();
System.out.println("Time Taken ="+ Duration.between(start, end) + " in nano seconds");

Guava

Stopwatch stopwatch = new Stopwatch().start();
Collections.sort(input);
stopwatch.stop();


Sunday, June 4, 2017

Local DNS resolution

We can always run a DNS server and resolve a URL/URI to a specific IP address. But in development  environment there is no point running a beast to resolve url to ip address.

Let's say your URL : myServer.companyName.com
IP address : 10.20.30.40

So there is an easy alternative if you don't want to modify your source code and change the IP address.
You can add entry in /etc/hosts

MacBook-Pro-2:~ Siddheshwar$ sudo vi /etc/hosts
##
# Host Database
#
# localhost is used to configure the loopback interface
# when the system is booting.  Do not change this entry.
##
172.24.1.5 myServer.companyName.com
127.0.0.1        localhost
255.255.255.255 broadcasthost
::1 localhost
#172.24.1.5              abc.sid.com
# BEGIN section for OpenVPN Client SSL sites
127.94.0.1 client.openvpn.net
# END section for OpenVPN Client SSL sites

:wq (enter)
to save