0

Packet Walk Through-Part 1

The objective of this blog is to discuss end to end packet (client to server)  traversing through a service provider network with special consideration on performance effecting factors.   

 

 

 

We will suppose client needs to access any of the service hosted in server connected with CE-2, all the network links and NICs on end system are Ethernet based. Almost all the vendors compute machines (PC/ servers) are generating IP data gram with 1500 bytes size  (20 bytes header +1480  data bytes) in normal circumstances. 

Fragmentation:- If any of link is unable to handle 1500 size IP data-gram then packet will be fragmented and forwarded to its destination where it will be re-assembled. The fragmentation and re-assembly will introduce overhead and  defiantly over all performance will be degraded.  In IP header following fields are important to detect fragmentation and to re-assemble the packets.

•  Identification:- Is unique for all segments if packet is fragmented at all 
•  Flags – 3 bits  . Bit 0 always 0, bit 1 -DF (Fermentation allowed or not  0 and 1 respectively), Bit 2-MF (More fragments expected or Last ,  1 and 0 respectively)
• Fragments Offset :- Determine where data will start after removal of IP header in 1st and subsequent segments once packet is re-assembled.

With below Continue reading

0

No, Trump’s losses doesn’t allow tax avoidance

The New York Times is reporting that Tump lost nearly a billion dollars in 1995, and this would enable tax avoidance for 18 years. No, it doesn't allow "avoidance". This is not how taxes work.

Let's do a little story problem:

• You invest in a broad basket of stocks for $100,000
• You later sell them for $110,000
• Capital gains rate on this is 20%
• How much taxes do you owe?

Obviously, since you gained $10,000 net, and tax rate is 20%, you then owe $2,000 in taxes.

But this is only because losses offset gains. All the stocks in your basket didn't go up 10%. Some went up more, some actually lost money. It's not unusual that the losing stocks might go down $50,000, while the gainers go up $60,000, thus giving you the 10% net return, if you are investing in high-risk/high-reward stocks.

What if instead we change the tax code to only count the winners, ignoring the losing stocks. Now, instead of owing taxes on $10,000, you owe taxes on $60,000. At 20% tax rate, this comes out to $12,000 in taxes -- which is actually more than you earned on your investments.

Taxing only investments that Continue reading

0

Your Guide to LinuxCon and ContainerCon Europe

Hey Dockers! We had such a great time attending and speaking at LinuxCon and ContainerCon North America, that we are doing it again next week in Berlin – only bigger and better this time! Make sure to come visit us at booth #D38 and check out the awesome Docker sessions we have lined up:

Keynote!

Solomon Hykes, Docker’s Founder and CTO, will kick off LinuxCon with the first keynote at 9:25. If you aren’t joining us in Berlin, you can live stream his and the other keynotes by registering here.

Sessions

Tuesday October 4th:

11:15 – 12:05 Docker Captain Adrian Mouat will deliver a comparison of orchestration tools including Docker Swarm, Mesos/Marathon and Kubernetes.

12:15 – 1:05 Patrick Chanezon and David Chung from Docker’s technical team along with Docker Captain and maintainer Phil Estes will demonstrate how to build distributed systems without Docker, using Docker plumbing projects, including RunC, containerd, swarmkit, hyperkit, vpnkit, datakit.

2:30 – 3:20 Docker’s Mike Goelzer will introduce the audience to Docker Services in Getting Started with Docker Services, explain what they are and how to use them to deploy multi-tier applications. Mike will also cover load balancing, service discovery, scaling, security, deployment Continue reading

0

Atlanta Ignites with Continued SharePoint and OneDrive Innovation!

This past week, Atlanta was host to about 25,000 visitors for Microsoft Ignite. During the Day 1 keynote, Jeff Teper, Corporate Vice President for OneDrive and SharePoint, took the stage for 15 minutes to introduce the continued investments Microsoft has made in SharePoint that were previewed in San Francisco on May 4, 2016. The SharePoint announcements were only part of an incredible array of announcements across the Office 365 family, including some major infrastructure and security announcements and some awesome features for Office that I can’t wait to try!To read this article in full or to leave a comment, please click here

0

Docker Weekly Roundup | September 25, 2016

 

The last week of September 2016 is over and you know what that means; another Docker news roundup. Highlights include, a new commercial relationship between Docker and Microsoft, general availability of Docker containers on Windows Server 2016, and consolidation of Docker documentation on GitHub! As we begin a new week, let’s recap our five hottest stories:

• Docker and Microsoft Partnership Docker announced a Commercial Partnership with Microsoft that doubles the container market by extending Docker Engine to Windows Server 2016.
• Docker for Windows Server 2016 Microsoft announced general availability of Windows Server 2016, one of the most exciting new aspect of the announcement  is that containers on Windows are powered by Docker.
• Containers for Windows a step-by-step guide on containerized workload, the various components, such as the Docker client tools, the Docker daemon, and the virtual machine host for running containers by Bruno Terkaly.
• New Docs Repo on GitHub announcement of consolidation of all Docker documentation into a new single Pages-based repository on GitHub.
• Image2Docker a new prototyping tool created by Docker Captain Trevor Sullivan for Windows VMs that shows how to replicate a VM Image to a Docker container.

---

Weekly #roundup: Top 5 #Docker stories for the Continue reading

0

IPv6 Transition Mechanisms | Dual-Stack -Tunnelling – Translation

IPv6 Transition Mechanisms The only available public IP addresses are IPv6 addresses. But vast majority of the content is still working on IPv4. How IPv6 users can connect to the IPv4 world and How IPv4 users can reach to the IPv6 content ? This is accomplished with the IPv6 transition mechanisms. In this post, I […]

The post IPv6 Transition Mechanisms | Dual-Stack -Tunnelling – Translation appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

0

Survey on IXP Routing and Privacy

Marco Canini from UC Louvain is working on an IXP research project focused on bringing privacy guarantees into Internet routing context. They’re trying to understand the privacy considerations of network operators and have created a short survey to gather the initial data.

Researchers from UC Louvain have been involved in tons of really useful projects including BGP PIC, LFA, MP-TCP, Fibbing, Software-defined IXP and flow-based load balancing, so if you’re connected to an IXP, please take your time and fill in the survey.

0

Vault – Use cases

This blog is a continuation of my previous blog on Vault. In the first blog, I have covered overview of Vault. In this blog, I will cover some Vault use cases that I tried out. Pre-requisites: Install and start Vault I have used Vault 0.6 version for the examples here. Vault can be used either in development … Continue reading Vault – Use cases →

0

Vault Overview

I have always loved Hashicorp’s Devops and cloud tools. I have used Vagrant, Consul, Terraform, Packer and Atlas before and I have written about few of them in my previous blogs. Vault is Hashicorp’s tool to manage secrets securely in a central location. Secret could be database credentials, AWS access keys, Consul api key, ssh … Continue reading Vault Overview →

0

Cloudflare Certifies Under the New EU-U.S. Privacy Shield

Cloudflare has certified with the U.S. Department of Commerce for the new EU-U.S. Privacy Shield framework.

Beginning this summer, the U.S. Department of Commerce began accepting submissions to certify under the EU-U.S. Privacy Shield framework, a new mechanism by which European companies can transfer personal data to their counterparts in the United States. By certifying under Privacy Shield, Cloudflare is taking a strong and pro-active stance towards further protecting the security and privacy of our customers.

Since 1998, following the European Union’s implementation of EU Data Protection Directive 95/46/EC, companies in Europe wishing to transfer the personal data of Europeans overseas have had to ensure that the recipient of such data practices an adequate level of protection when handling this information. Until last October, American companies were able to certify under the U.S.-EU Safe Harbor Accord, which provided a legal means to accept European personal data, in exchange for assurances of privacy commitments and the enactment of specific internal controls.

However, after having been in effect for roughly fifteen years, in October 2015 the European Court of Justice overturned the Safe Harbor and declared that a new mechanism for transatlantic data transfers would need Continue reading

0

BGP Peering – Private, Public, Bilateral and Multilateral Peering

BGP Peering BGP Peering is an agreement between different Service Providers. It is an EBGP neighborship between different Service Providers to send BGP traffic between them without paying upstream Service Provider.   To understand BGP peering, first we must understand how networks are connected to each other on the Internet. The Internet is a collection […]

The post BGP Peering – Private, Public, Bilateral and Multilateral Peering appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

0

Best Deals of the Week, September 26th – September 30th – Deal Alert

Best Deals of the Week, September 26th - September 30th - Deal AlertCheck out this roundup of the best deals on gadgets, gear and other cool stuff we have found this week, the week of September 26th. All items are highly rated, and dramatically discounted.Discounts on New Amazon Echo Dot (2nd Gen) BundlesEcho Dot is a hands-free, voice-controlled device that uses Alexa to play & control music (either on its own, or through a connected speaker/receiver), control smart home devices, provide information, read the news, set alarms, and more. Right now Amazon is discounting 3 bundles featuring an all new Echo Dot:To read this article in full or to leave a comment, please click here

0

Best Deals of the Week, September 26th – September 30th – Deal Alert

Best Deals of the Week, September 26th - September 30th - Deal AlertCheck out this roundup of the best deals on gadgets, gear and other cool stuff we have found this week, the week of September 26th. All items are highly rated, and dramatically discounted.Discounts on New Amazon Echo Dot (2nd Gen) BundlesEcho Dot is a hands-free, voice-controlled device that uses Alexa to play & control music (either on its own, or through a connected speaker/receiver), control smart home devices, provide information, read the news, set alarms, and more. Right now Amazon is discounting 3 bundles featuring an all new Echo Dot:To read this article in full or to leave a comment, please click here

0

How to wrangle meaning from Internet of Things data

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

The Internet of Things (IoT) promises to produce troves of valuable, fast moving, real-time data, offering insights that can change the way we engage with everyday objects and technologies, amplify our business acumen, and improve the efficiencies of the machines, large and small, wearable and walkable, that run our world.

But without careful, holistic forethought about how to manage a variety of data sources and types, businesses will not only miss out on critical insights, but fall behind the status quo. Here’s how to get prepared to wrangle and extract meaning from all of the data that’s headed your way:

To read this article in full or to leave a comment, please click here

0

How to wrangle meaning from Internet of Things data

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.The Internet of Things (IoT) promises to produce troves of valuable, fast moving, real-time data, offering insights that can change the way we engage with everyday objects and technologies, amplify our business acumen, and improve the efficiencies of the machines, large and small, wearable and walkable, that run our world.But without careful, holistic forethought about how to manage a variety of data sources and types, businesses will not only miss out on critical insights, but fall behind the status quo. Here’s how to get prepared to wrangle and extract meaning from all of the data that’s headed your way:To read this article in full or to leave a comment, please click here

0

We don’t need more InfoSec analysts: We need analysts to train AI infrastructures to detect attacks

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.Everyone says there is an information security talent gap. In fact, some sources say the demand for security professionals exceeds the supply by a million jobs. Their argument is basically this: attacks are not being detected quickly or often enough, and the tools are generating more alerts than can be investigated, so we need more people to investigate those alarms.Makes sense, right?Wrong.We believe that, even if companies aroaund the world miraculously hired a million qualified InfoSec professionals tomorrow there would be no change in detection effectiveness and we would still have a “talent gap.” The problem isn’t a people issue so much as it is an InfoSec infrastructure issue.To read this article in full or to leave a comment, please click here

0

We don’t need more InfoSec analysts: We need analysts to train AI infrastructures to detect attacks

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

Everyone says there is an information security talent gap. In fact, some sources say the demand for security professionals exceeds the supply by a million jobs. Their argument is basically this: attacks are not being detected quickly or often enough, and the tools are generating more alerts than can be investigated, so we need more people to investigate those alarms.

Makes sense, right?

Wrong.

We believe that, even if companies aroaund the world miraculously hired a million qualified InfoSec professionals tomorrow there would be no change in detection effectiveness and we would still have a “talent gap.” The problem isn’t a people issue so much as it is an InfoSec infrastructure issue.

To read this article in full or to leave a comment, please click here

0

We don’t need more InfoSec analysts: We need analysts to train AI infrastructures to detect attacks

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.Everyone says there is an information security talent gap. In fact, some sources say the demand for security professionals exceeds the supply by a million jobs. Their argument is basically this: attacks are not being detected quickly or often enough, and the tools are generating more alerts than can be investigated, so we need more people to investigate those alarms.Makes sense, right?Wrong.We believe that, even if companies aroaund the world miraculously hired a million qualified InfoSec professionals tomorrow there would be no change in detection effectiveness and we would still have a “talent gap.” The problem isn’t a people issue so much as it is an InfoSec infrastructure issue.To read this article in full or to leave a comment, please click here

0

By 2020, your Wi-Fi-connected car will pay for parking, gas

Wi-Fi communications in vehicles, whether from the factory or in aftermarket devices, will increase from 6.9 million per year in 2015 to 61 million per year in 2020 -- and this will usher in a new era of consumer services and applications, according to a new report from Gartner.Over the next four years, the total number of connected cars and trucks will reach 220 million, a number that will drive a huge uptick in the delivery of digital content, such as streaming music and video, navigation and location-based services.Connected vehicles increasingly will be able to direct drivers to, and pay for, parking spaces, fuel and other services, and the technology will eventually enable increased levels of automated driving, Gartner's report stated.To read this article in full or to leave a comment, please click here

0

Traffic Control: Live Demo

CC BY 2.0 image by Brian Hefele

Cloudflare helps customers control their own traffic at the edge. One of two products that we introduced to empower customers to do so is Cloudflare Traffic Control.

Traffic Control allows a customer to rate limit, shape or block traffic based on the rate of requests per client IP address, cookie, authentication token, or other attributes of the request. Traffic can be controlled on a per-URI (with wildcards for greater flexibility) basis giving pinpoint control over a website, application, or API.

Cloudflare has been dogfooding Traffic Control to add more granular controls against Layer 7 DOS and brute-force attacks. For example, we've experienced attacks on cloudflare.com from more than 4,000 IP addresses sending 600,000+ requests in 5 minutes to the same URL but with random parameters. These types of attacks send large volumes of HTTP requests intended to bring down our site or to crack login passwords.

Traffic Control protects websites and APIs from similar types of bad traffic. By leveraging our massive network, we are able to process and enforce rate limiting near the client, shielding the customer's application from unnecessary load.

To make this more concrete, let's look at a Continue reading