Installing Cisco Nexus Dashboard on Proxmox
Important disclaimerThis guide is intended strictly for lab, testing, and learning purposes. Cisco does not officially support running Nexus Dashboard (ND) on Proxmox.For production deployments, always use Cisco-supported platforms such as VMware ESXi or bare-metal / supported KVM environments. VM Creation on Proxmox Create a new VM in Proxmox with the following characteristics: One critical […]
<p>The post Installing Cisco Nexus Dashboard on Proxmox first appeared on IPNET.</p>
Best of the Hedge 9: Ethics in IT
Nash King (@gammacapricorni) joins Russ White and Tom Ammon in a wide ranging discussion of ethics in IT, including being comfortable with standing up and saying “no” when asked to do something you consider unethical and the virtue ethic.
download
Key Insights from the 2025 GigaOm Radar for Container Networking
Why Calico was named as a Leader in the GigaOm Radar Report for Container Networking
In 2025, as modern applications became ever more distributed and the use of Kubernetes continued to proliferate, the role of container networking was critical. Today’s enterprises demand networking solutions that can scale, secure, and connect services reliably, whether those services run across multiple clouds, hybrid environments, or on-premises clusters.
We’re proud to share insights from the recently released 2025 GigaOm Radar Report for Container Networking, a comprehensive evaluation of vendor solutions across innovation, platform maturity, and real-world operational capabilities, and to highlight the unique strengths of Calico Cloud and Calico Enterprise as recognized in the report.
What the GigaOm Radar Report on Container Networking Covers
GigaOm’s Radar Report evaluates container networking solutions across a spectrum of criteria that matter most to IT infrastructure teams and cloud architects. These include:
- Network Policy Definition: Declarative, granular network policies consistently enforced across clusters
- Routing (Layer 3/Layer 4): Scalable routing between pods, services, and non-container workloads using Layer 3 (IP) and Layer 4 (TCP) protocols
- Layer 7 Networking: Application-aware traffic handling with visibility using Layer 7 protocols
- Load Balancing: Controls how traffic is distributed across instances, using latency Continue reading
Negara dengan Kasus Kejahatan Tertinggi di Dunia: Trinidad and Tobago
Daftar Pustaka
Ancaman Kriminalitas Tinggi di Trinidad and Tobago
Trinidad and Tobago sering masuk daftar negara dengan kasus kejahatan tertinggi di dunia. Meskipun negara ini indah, tingkat kriminalitasnya terus mengkhawatirkan. Pemerintah bergerak cepat menghadapi masalah ini. Namun, kelompok kriminal semakin nekat. Karena itu, warganya hidup waspada setiap waktu.
Selain itu, kota besar seperti Port of Spain mengalami situasi paling buruk. Pembunuhan, penculikan, serta perampokan sering terjadi. Bahkan, serangan geng mendominasi lingkungan padat penduduk. Obat terlarang juga menjadi penyebab utama meningkatnya konflik antar kelompok. Oleh karena itu, penduduk menginginkan keamanan lebih baik.
Meskipun pariwisata penting, wisatawan tetap berhati-hati. Banyak kasus terjadi dekat lokasi wisata. Sementara itu, polisi terus memperkuat operasi keamanan. Namun, hasilnya belum signifikan. Tindak kejahatan berjalan cepat, karena pelaku semakin berani.
Berikut tabel ringkas situasi kriminal di negara ini:
| Jenis Kejahatan | Tingkat Kejadian | Penyebab Utama |
|---|---|---|
| Pembunuhan | Sangat tinggi | Konflik antar geng |
| Penculikan | Tinggi | Pemerasan & kriminal terorganisir |
| Perampokan | Tinggi | Kejahatan jalanan |
| Narkotika | Ekstrem | Jalur perdagangan internasional |
Akar Masalah Kejahatan di Trinidad and Tobago
Masalah kriminalitas ekstrem ini tidak muncul begitu saja. Banyak faktor mempengaruhi peningkatan kekerasan. Pertama, penyelundupan Continue reading
Merek Pelek Terbaik di Dunia: Rays (Jepang)
Daftar Pustaka
Sejarah Singkat dan Prestasi Rays
Brand Rays berasal dari Jepang. Perusahaan ini berdiri pada tahun 1973. Sejak awal, mereka fokus memproduksi pelek ringan dan kuat. Karena itu, Rays langsung menarik perhatian banyak penggemar otomotif.
Selain itu, Rays bekerja sama dengan produsen mobil ternama. Misalnya Nissan, Toyota, dan Honda. Kerja sama tersebut memberikan reputasi besar. Kemudian, nama Rays semakin dikenal di ajang balap dunia. Bahkan Formula 1, Super GT, dan Drifting D1GP banyak memakai produk mereka.
Sementara itu, Rays terus berinovasi. Mereka menciptakan desain yang lebih ringan dan kuat setiap tahun. Dengan demikian, pelek mereka selalu unggul di pasar global.
Walaupun banyak pesaing, Rays tetap berada di puncak industri pelek. Konsumen merasa puas karena kualitasnya selalu konsisten. Akhirnya, banyak orang sepakat bahwa Rays adalah merek pelek terbaik di dunia.
Teknologi dan Keunggulan Produk Rays
Rays memakai teknologi forged atau tempa. Proses ini membuat pelek jauh lebih kuat daripada cast wheel biasa. Selain itu, bobotnya menjadi sangat ringan. Akibatnya, akselerasi mobil meningkat. Kemudian handling terasa lebih Continue reading
10 Film Indonesia yang Mendunia: Bukti Kualitas Sinema Tanah Air
Daftar Pustaka
Indonesia telah mencetak film-film berkualitas yang berhasil menembus pasar internasional. Tidak hanya menghibur, film-film ini juga menampilkan budaya lokal dan cerita unik Indonesia. Berikut daftar 10 film Indonesia yang mendunia, lengkap dengan pencapaian dan fakta menariknya.
1. The Raid: Redemption (2011)
The Raid: Redemption mengejutkan dunia dengan aksi laga spektakuler. Gareth Evans menyutradarai film ini, sementara Iko Uwais memukau penonton lewat gerakan silat yang tajam. Selain itu, film ini tampil di Sundance Film Festival dan menginspirasi sekuel serta adaptasi Hollywood. Dengan kata lain, film ini membuka jalan film aksi Indonesia ke pasar global.
2. The Raid 2: Berandal (2014)
Sekuel ini membawa cerita lebih kompleks dan adegan aksi lebih menegangkan. Iko Uwais kembali memikat penonton, sedangkan Evans menampilkan sinematografi yang memukau. Film ini mendapat pengakuan internasional dan memperkuat reputasi Indonesia di industri film dunia.
3. Laskar Pelangi (2008)
Laskar Pelangi Continue reading
BGP Updates cin 2025
The first part of this annual report on BGP for the year 2024 looked at the size of the routing table and some projections of table growth for both IPv4 and IPv6. However, the scalability of BGP as the Internet’s routing protocol is not just dependant on the number of prefixes carried in the routing table. BGP protocol behaviour in the form of dynamic routing updates are also part of this story. This second part of this report looks at the profile of BGP updates across 2023 to assess whether the stability of the routing system, as measured by the level of BGP update activity, is changing.I just passed the AWS Advanced Networking Specialty
It’s been almost exactly 11 years since I passed the R&S CCIE lab in Brussels, and now it was time to go with something more cloudy 🙂 I just passed the AWS Advanced Networking Specialty, and unlike CCIE I did this one on my first attempt. I did stay pretty much in networking during the last years, but shifted to significantly less Cisco and quite much into cloud architecture – mostly AWS. Since networking is the heart of every cloud architecture, and after 4 years of hands-on work with complex AWS networking projects, I decided it was time to validate
The post I just passed the AWS Advanced Networking Specialty appeared first on How Does Internet Work.
Sidecarless mTLS in Kubernetes: How Istio Ambient Mesh and ztunnel Enable Zero Trust
Encrypting internal traffic and enforcing mutual (mTLS), a form of TLS in which both the client and server authenticate each other using X.509 certificates., has transitioned from a “nice-to-have” to a hard requirement, especially in Kubernetes environments where everything can talk to everything else by default. Whether your objectives are regulatory compliance, or simply aligning to the principles of Zero Trust, the goal is the same: to ensure every connection is encrypted, authenticated, and authorized.
Delivering Cluster-Wide mTLS Without Sidecars
The word ‘service mesh’ is bandied about as the ideal solution for implementing zero-trust security but it comes at a price often too high for organizations to accept. In addition to a steep learning curve, deploying a service mesh with a sidecar proxy in every pod scales poorly, driving up CPU and memory consumption and creating ongoing maintenance challenges for cluster operators.
Istio Ambient Mode addresses these pain points by decoupling the mesh from the application and splitting the service mesh into two distinct layers: mTLS and L7 traffic management, neither of which needs to run as a sidecar on a pod. By separating these domains, Istio allows platform engineers to implement mTLS cluster-wide without the complexity of Continue reading
UET Congestion Management: CCC Base RTT
Calculating Base RTT
[Edit: January 7 2026, RTT role in CWND adjustment process]
As described in the previous section, the Bandwidth-Delay Product (BDP) is a baseline value used when setting the maximum size (MaxWnd) of the Congestion Window (CWND). The BDP is calculated by multiplying the lowest link speed among the source and destination nodes by the Base Round-Trip Time (Base_RTT).
In addition to its role in BDP calculation, Base_RTT plays a key role in the CWND adjustment process. During operation, the RTT measured for each packet is compared against the Base_RTT. If the measured RTT is significantly higher than the Base_RTT, the CWND is reduced. If the RTT is close to or lower than the Base_RTT, the CWND is allowed to increase.
This adjustment process is described in more detail in the upcoming sections.
The config_base_rtt parameter represents the RTT of the longest path between sender and receiver when no other packets are in flight. In other words, it reflects the minimum RTT under uncongested conditions. Figure 6-7 illustrates the individual delay components that together form the RTT.
Serialization Delay: The network shown in Figure 6-7 supports jumbo frames with an MTU of 9216 bytes. Serialization delay is measured Continue reading
A closer look at a BGP anomaly in Venezuela
As news unfolds surrounding the U.S. capture and arrest of Venezuelan leader Nicolás Maduro, a cybersecurity newsletter examined Cloudflare Radar data and took note of a routing leak in Venezuela on January 2.
We dug into the data. Since the beginning of December there have been eleven route leak events, impacting multiple prefixes, where AS8048 is the leaker. Although it is impossible to determine definitively what happened on the day of the event, this pattern of route leaks suggests that the CANTV (AS8048) network, a popular Internet Service Provider (ISP) in Venezuela, has insufficient routing export and import policies. In other words, the BGP anomalies observed by the researcher could be tied to poor technical practices by the ISP rather than malfeasance.
In this post, we’ll briefly discuss Border Gateway Protocol (BGP) and BGP route leaks, and then dig into the anomaly observed and what may have happened to cause it.
First, let’s revisit what a BGP route leak is. BGP route leaks cause behavior similar to taking the wrong exit off of a highway. While you may still make it to your destination, the path may be slower and come with delays you Continue reading
BGP in 2025
At the start of each year, it’s been my practice to report on the behaviour of the Internet’s inter-domain routing system over the previous 12 months, looking in some detail at some metrics from the routing system that can show the essential shape and behaviour of the underlying interconnection fabric of the Internet.Using eBPF to load-balance traffic across UDP sockets with Go
Akvorado collects sFlow and IPFIX flows over UDP. Because UDP does not retransmit lost packets, it needs to process them quickly. Akvorado runs several workers listening to the same port. The kernel should load-balance received packets fairly between these workers. However, this does not work as expected. A couple of workers exhibit high packet loss:
$ curl -s 127.0.0.1:8080/api/v0/inlet/metrics \ > | sed -n s/akvorado_inlet_flow_input_udp_in_dropped//p packets_total{listener="0.0.0.0:2055",worker="0"} 0 packets_total{listener="0.0.0.0:2055",worker="1"} 0 packets_total{listener="0.0.0.0:2055",worker="2"} 0 packets_total{listener="0.0.0.0:2055",worker="3"} 1.614933572278264e+15 packets_total{listener="0.0.0.0:2055",worker="4"} 0 packets_total{listener="0.0.0.0:2055",worker="5"} 0 packets_total{listener="0.0.0.0:2055",worker="6"} 9.59964121598348e+14 packets_total{listener="0.0.0.0:2055",worker="7"} 0
eBPF can help by implementing an alternate balancing algorithm. 🐝
Options for load-balancing
There are three methods to load-balance UDP packets across workers:
- One worker receives the packets and dispatches them to the other workers.
- All workers share the same socket.
- Each worker has its own socket, listening to the same port, with the
SO_REUSEPORTsocket option.
SO_REUSEPORT option
Tom Hebert added the SO_REUSEPORT socket Continue reading
Containerlab.dev: Quick Network Lab Setup Using Cisco IOL Containers
Containerlab has quickly become a de-facto standard for building reproducible, lightweight network labs using containers. In this article, I will walk through a minimal “hello world” setup that uses Cisco … Read MoreUET Congestion Management: Congestion Control Context
Congestion Control Context
Updated 5.1.2026: Added CWND computation example into figure. Added CWND cmputaiton into text.
Ultra Ethernet Transport (UET) uses a vendor-neutral, sender-specific congestion window–based congestion control mechanism together with flow-based, adjustable entropy-value (EV) load balancing to manage incast, outcast, local, link, and network congestion events. Congestion control in UET is implemented through coordinated sender-side and receiver-side functions to enforce end-to-end congestion control behavior.
On the sender side, UET relies on the Network-Signaled Congestion Control (NSCC) algorithm. Its main purpose is to regulate how quickly packets are transmitted by a Packet Delivery Context (PDC). The sender adapts its transmission window based on round-trip time (RTT) measurements and Explicit Congestion Notification (ECN) Congestion Experienced (CE) feedback conveyed through acknowledgments from the receiver.
On the receiver side, Receiver Credit-based Congestion Control (RCCC) limits incast pressure by issuing credits to senders. These credits define how much data a sender is permitted to transmit toward the receiver. The receiver also observes ECN-CE markings in incoming packets to detect path congestion. When congestion is detected, the receiver can instruct the sender to change the entropy value, allowing traffic to be steered away from congested paths.
Both sender-side and receiver-side mechanisms ultimately control Continue reading
Debian 13 Trixie After Install Guide
This guide documents my post-installation notes for Debian 13 "Trixie." I will show you how […]
The post Debian 13 Trixie After Install Guide first appeared on Brezular's Blog.
Focus is In for 2026
Hey everyone. It’s January 1 again, which means it’s time for me to own up to the fact that I wrote five posts in 2025. Two of those were about AI. Not surprising given that everyone was talking about it. But that seemed to be all I was talking about. What else was I doing instead?
- I upped my running amount drastically. I covered over 1,600 miles this year. I ran another half marathon distance for the first time in four years. I feel a lot better about my health and my consistency because now running is something I prioritize. I don’t think I’m going to run quite so much in 2026 but you never know.
- I revitalized a podcast. We relaunched Security Boulevard with big help from my coworker Corey Dirrig. We’ve got a great group of hosts that discuss weekly security topics. You should totally check it out.
- I’m also doing more with things like Techstrong Gang and other Futurum Group media. That’s in addition to the weekly Tech Field Day Rundown I host with Alastair Cooke. Lots of video!
- For those that follow my Scouting journey, I was asked to be an Assistant District Commissioner with the Continue reading