Hello #
I spend my time maintaining and improving internet infrastructure alongside people who care about performance, reliability, and privacy. Most days that means working on critical infrastructure like large-scale networks, DNS, and routing protocols while leading the teams that build and operate them. I grew up with UNIX and have spent time across various unices over the years. These days I mostly work with FreeBSD and Linux when debugging odd behavior in production.
What I Do Now #
- Internet infrastructure architect with nearly three decades of experience designing and operating global networks and services
- Network engineer focused on BGP, DNS, eBPF, and keeping things reliable at scale
- UNIX systems engineer with deep FreeBSD expertise across different UNIX-like systems
- Security researcher tracking how networks fail, sometimes on purpose
- Instructor delivering advanced UNIX and TCP/IP courses to ops teams
- Software engineer building tools in C, Go, Python, Perl, and Lua; the code I publish lives on GitHub
Selected Projects #
- Contributor and developer in the FreeBSD Project since the 2000s (commit history, code reviews)
- Developer of the DNSDiag toolkit used by operators to measure DNS performance and identify interception
- Rearchitected legacy systems and led engineering teams across multiple time zones to modernize infrastructure
- Long-form research at RIPE Labs covering DNS hijacking, public resolver behavior, and regional reachability
Selected Writing #
- Network Administration with FreeBSD 7 - Available on Amazon
- Operator Level DNS Hijacking (Jul 2016)
- Is Your ISP Hijacking Your DNS Traffic? (July 2016)
- K-root Reachability in the Middle East and Central Asia (Jun 2016)
- A Tale of Using Public DNS Servers in Iran - Part 1, Part 2, Part 3 (Feb 2016)
- FreeBSD 5.1 on LifeBook C1020 (Jan 2008)
Talks & Workshops #
- A curious case of broken DNS responses + video (RIPE 75, Oct 2017)
- DDoS Mitigation Tools and Techniques (Oct 2015)
- Instructor for custom UNIX/TCP/IP workshops