Author Archives: Ethan Banks
Author Archives: Ethan Banks
Today on Heavy Networking, the icanhazip story. On the surface, icanhazip.com is simple enough: You hit the URL, and get back your external, public IP address. There are no ads, no blinky lights, just an IP. This free, simple utility has become widely popular, with billions of requests per day. We talk with creator Major Hayden about why and how he built icanhazip, the time and money he's invested, and the insane amount of personal effort it's taken to keep it going.
The post Heavy Networking 587: When Your Side Project Gets Billions Of Hits – The ICanHazIP Saga appeared first on Packet Pushers.
Fly.io is a public cloud that can run your applications all over the world. The goal of Fly.io is to allow developers to self-service complicated infrastructure without an ops team, while making multi-region a default setting to get apps as close to the user as possible. Our guest is founder Kurt Mackey. This is not a sponsored show.
The post Day Two Cloud 105: How The Fly.io Cloud Brings Apps Closer To Users appeared first on Packet Pushers.
I’m trying to figure out what makes a network engineer truly a “senior” engineer. What skills, mostly non-technical, do they possess in order to bring value to the work place?
I’ll share my opinions based on my experience having held junior and senior IT engineering roles, as well as multiple managerial stints with engineers as direct reports. I’m mostly going to address IT engineering broadly rather than networking specifically, as my opinion is the same no matter which tech silo an engineer might hail from.
As Ravi asked about “mostly non-technical” skills, I’ll be brief here. From a technical perspective, I believe a senior IT engineer is primarily differentiated from a junior in one word–experience. The senior engineer has installed more systems, planned more changes, fixed more problems, and survived more outages than a junior engineer in the same organization.
Ideally, that experience has led to wisdom about how technology can best serve the business needs of an organization. This wisdom will tend to eschew needlessly complex designs, nerd knobs, and “science experiments” conducted in production. This wisdom will also result in difficult problems being resolved more quickly. Experienced folks know somewhat instinctively Continue reading
Curt Norris started his career as an IT support specialist. Five years later he's an automation engineer. On today's Heavy Networking we discuss his career journey including milestones, ongoing learning, the pros and cons of mentorship, whether a degree makes a difference, and more.
The post Heavy Networking 585: From Help Desk To Network Automation Engineer In 5 Years appeared first on Packet Pushers.
Today's Heavy Networking explores Crosswork Cloud Traffic Analysis from episode sponsor Cisco. This tool is designed to make you deeply knowledgeable about your BGP peering relationships and traffic flows throughout your infrastructure. It will also recommend the routing tweaks in your IGPs, BGP, RSVP-TE, and segment routing to eliminate those pesky congestion points. We also discuss the pros and cons of putting network management capabilities in the cloud.
The post Heavy Networking 584: Optimize Your Peering With Crosswork Cloud Traffic Analysis (Sponsored) appeared first on Packet Pushers.
Today we're talking Edge Cloud. Guest Alex Marcham has written a book on the subject and we'll get his take on edge infrastructure, what edge cloud is all about, real-world use cases, and how it differs from typical colo facilities or centralized public cloud data centers. We also look at requirements for edge deployments including networking and 5G, and the workloads driving edge infrastructure.
On today's episode, sponsored by BlueCat Networks, we examine the technology and human challenges that arise when you integrate on-prem and the public cloud. You can't continue to do things in the cloud with traditional toolsets and processes. You need to update the tech and the people, including how they collaborate. We also discuss a new report that examines the need for, and challenges of, integrating networking and cloud teams. Our guest is Andrew Wertkin, Chief Strategy Officer at BlueCat.
The post Day Two Cloud 101: Closing The Network/Cloud Gap Before You Fall In (Sponsored) appeared first on Packet Pushers.
On today's Heavy Networking, we get practical with infrastructure-as-code, talking with sponsor Gluware about how their users have integrated network automation into their IT practices, bringing DevOps to NetOps. We also explore Gluware Lab, an IDE for network engineers can develop network features and workflows. Our guests are Olivier Huynh Van, Chief Science Officer and Co-Founder; and Michael Haugh, VP of Product Marketing.
The post Heavy Networking 581: How Gluware Lab Brings DevOps To NetOps (Sponsored) appeared first on Packet Pushers.
Today's Heavy Networking is a nerdy excursion into EVPN VXLAN, including how it works, why you might want it, and why multivendor interoperability is so difficult with this standard. Guest Tony Bourke and host Ethan Banks also explore hardware challenges, automation strategies, EVPN flooding mechanisms, BGP multi-homing, and more.
The server needed a PHP update. WordPress told me so with a severe-sounding notification adorned with red coloration, a security warning, boldface type, and a link explaining how to change the PHP version. I sighed. Security issues never end, and I have a recurring reminder in my todo list to patch the Virtual Private Server (VPS) boxes I shepherd.
But this PHP issue…hmm. This felt like a bigger deal, and many sites I support lean heavily into WordPress. Rather than wait for the next regular patching session, I decided to get on it. I did a process test on one server, a lower profile machine that wouldn’t hurt too much if things went awry. The goal was to move from PHP 7.2.insecure to PHP 7.4.secure. How hard could it be?
Most of the search engine hits for “upgrade PHP on WordPress” told me to go into CPanel or a similar tool my hosting provider might offer to abstract what’s going on with the server itself. That’s not what I was looking for, because I manage my own hosts. I needed to know how to reconfigure the host itself. The OS packages to install. The conf files Continue reading
A fractured cloud strategy causes headaches such as duplicated services, unnecessary costs, poor security controls, and other problems. A cloud center of excellence can reduce the pain by developing and championing best practices, socializing adoption, and addressing inevitable exceptions. Fred Chagnon visits the Day Two Cloud podcast to advocate for building a cloud center of excellence in your org.
The post Day Two Cloud 098: Cloud Centers Of Excellence – Should You Have One? appeared first on Packet Pushers.
Lots of network engineers develop tools to help them automate tasks. What happens if you build something so useful it becomes adopted in your organization? Ivan Del Rio, Senior IP Engineer at DQE Communications, stops by the podcast to talk about a tool he built to automate some of his own tasks that is now being widely used. He discusses how and why he built the tool, and how supporting and developing the tool affects his day-to-day responsibilities.
The post Heavy Networking 578: When Your Homegrown Tool Becomes Essential To The Team appeared first on Packet Pushers.
Today's Day Two Cloud is a wide-ranging discussion about the value of public cloud, a response to the growing backlash toward cloud cost and complexity, and techniques to better meld automation with application and infrastructure delivery. Our guest is Chris Wahl, Senior Principal at Slalom.
The post Day Two Cloud 096: Public Cloud Isn’t Wrong. You Are. appeared first on Packet Pushers.
The networking industry has had a bumper crop of startup companies including a few unicorns, new and novel solutions, and fresh standards-driven tech in the last decade. There’s been enough churn that you’d think the landscape would be unrecognizable from what it was ten years back. And yet, a dominant vendor supplying networks to enterprises remains Cisco.
Data networking folks sometimes wonder why Cisco remains such a dominant force after all these years. With all the churn in the industry, with all the fancy new products, companies and approaches, with the cloud changing how computing is done, and with software eating the world, there are many more options than Cisco to meet networking needs. Of course, Cisco has always had competition. Cisco’s never gotten 100% of the pie, but, depending on market segment, there’s rarely been a second juggernaut in the enterprise networking space. The choice has typically been between Cisco and everyone else.
But in 2021, the networking market is increasingly fragmented with more startups than I’ve even heard of chasing after slivers of the diverse networking pie. Sure, that impacts Cisco. Still, Cisco tends to dominate, even if their share isn’t quite what it was depending on which Continue reading
I’m happy to coach through write about network architecture too. Learning in public helps everyone https://t.co/ckMdHUnwt4
— Matt Broberg (@mbbroberg) April 23, 2021
The tradition of technology blogging is built on the idea of learning in public, something Matt’s encouraging with Red Hat’s Enable Architect blog linked in his tweet above. We encourage it at Packet Pushers, too. We think everyone has at least one blog post in them worth sharing with the community. Let us know, and we’ll set you up with an author account.
Starting a blog, especially for the technically savvy, is not overly difficult, though. Maybe Matt and I are hoping to make it even easier to share by offering our platforms, but I don’t think the time it takes to stand up a blog is necessarily the barrier.
I think the biggest barrier is the “in public” part. Architects and engineers tend to be introverts who are at times unsure of themselves. We don’t want to be learning in public. We want to be left alone to figure it out. When we’ve figured it out, maybe then will we share, once we’re supremely confident that we’ve got it 110% right. We just don’t Continue reading
In this Tech Byte podcast, sponsored by Gluware, we explore the latest features and capabilities in the Gluware network automation and orchestration platform, including an API-based controller to work with SD-WAN, and Terraform integration to support infrastructure automation across public clouds.
The post Tech Bytes: Unifying Cloud Automation And Network Infrastructure With Gluware (Sponsored) appeared first on Packet Pushers.
This is a pleasant reminder to check your backups. I don’t mean, “Hey, did the backup run last night? Yes? Then all is well.” That’s slightly better than nothing, but not really what you’re checking for. Instead, you’re determining your ability to return a system to a known state by verifying your backups regularly.
Backups are a key part of disaster recovery, where modern disasters include ransomware, catastrophic public cloud failures, and asset exposure by accidental secrets posting.
For folks in IT operations such as network engineers, systems to be concerned about include network devices such as routers, switches, firewalls, load balancers, and VPN concentrators. Public cloud network artifacts also matter. Automation systems matter, too. And don’t forget about special systems like policy engines, SDN controllers, wifi controllers, network monitoring, AAA, and…you get the idea.
When I talk about backups, I’m talking about having known good copies of crucial data that exist independently of the systems they normally live on.
The points above are examples of distributed computing. Distributed computing Continue reading
Zero Trust Architecture (ZTA) is a security point of view that has gathered enough momentum in 2020 and 2021 to frequently appear in marketing literature. The big idea of zero trust in network computing is roughly, “I confidently know who you are and have applied an appropriate security policy, but I still don’t trust you.”
My understanding of ZTA continues to evolve. This post represents my understanding today, with an emphasis on what ZTA means for network engineers.
At first glance, zero trust sounds mostly like a firewall policy. Of course I don’t trust you. That’s why we apply all these filtering rules to the VPN tunnel, network interface, etc. Yes, but simple filtering implies a level of trust. The trust comes in the assumption that if you get through the filter, what you’re saying is trustworthy.
Zero trust does away with that assumption. For example…
Today's Heavy Networking thinks hard about how to manage security policy in modern IT infrastructure. We get into sources of truth, application modeling and application dictionaries, approval workflows, and more--all in the context of automation. Our guests are Ken Celenza and Brett Lykins from Network To Code.
The post Heavy Networking 573: Using Application Dictionaries For Better Security Policy Management appeared first on Packet Pushers.
Today’s Day Two Cloud tackles application modernization with sponsor VMware. As new application platforms such as containers and the public cloud take hold, organizations need to examine their application portfolio to figure out how applications are meeting business requirements—and how they aren’t. The point of app modernization is to determine whether a new approach and […]
The post Day Two Cloud 093: Application Modernization With VMware (Sponsored) appeared first on Packet Pushers.