In January 2018, the WiFi Alliance announced that WPA3 was coming this year, a collection of security enhancements to address issues with WPA2.

Today, we discuss WPA3 with Dan Harkins, a scientist at Aruba Networks, a Hewlett Packard Enterprise company. Dan has been closely involved with WPA3 s development, and I heard Dan present on his work at Aruba Atmosphere 2018 in March of this year.

Dan was kind enough to join us today for a preview of what s coming, with a special focus on one aspect of WPA3 that interests me personally, Opportunistic Wireless Encryption (OWE).

We also discuss the fixes that WPA3 makes to WPA2, and when we can anticipate product support.

Sponsor: Paessler AG

Paessler AG is the maker of PRTG Network Monitor. PRTG monitors your whole IT infrastructure 24/7 and alerts you to problems before users even notice. Find out more about the monitoring software that helps system administrators work smarter, faster, better. Visit paessler.com today.

Show Links:

Wi-Fi Alliance® introduces security enhancements – Wi-Fi Alliance

Opportunistic Wireless Encryption (RFC 8110) – IETF

Dragonfly Key Exchange (RFC 7664) – IETF

The Future of Networking series continues with guest Kyle Mestery.

Kyle is well known to many corners of the networking community including the open source community. He recently re-joined Cisco as a Distinguished Engineer.

We talk with Kyle to get his take on where the packets are flowing over the next several years, including the tech conference scene, open-source networking, the proliferation of open-source networking OSs, what’s inside Open Network Linux (ONL), and cloud-native network functions virtualization.

Sponsor: ThousandEyes

ThousandEyes gives you performance visibility from every user to every app over any network, both internal and external, so you can smoothly migrate to the cloud, transform your WAN, troubleshoot faster and deliver exceptional user experiences. Sign up for a free account at thousandeyes.com/packetpushers and choose a free ThousandEyes t-shirt.

Show Links:

Silicon Loons.com – Kyle’s blog

Kyle on Twitter

Network Service Mesh – GitHub

Three Years On: Open Standards, Open Source, Open Loop – Cisco Systems

Verizon Launches Virtual Service Bundles – Light Reading

In this episode of Packet Pushers, it’s AWS networking. You use AWS and think you know what you need to know? Maybe, but our guest today can probably share a thing or two you didn t even know were things when it comes to networking in the Amazon public cloud.

Our guest is Nick Matthews, Principal Solutions Architect at Amazon Web Services. Nick focuses on networking and security.

Nick pinged us, hoping to share  his perspective on cloud networking from the inside. Come and have a look.

We talk about how networking basics do–and don’t–map to the cloud, and how the architecture of cloud applications influence network design and operations.

We also explore AWS networking elements under the hood, such as Hyperplane, and how trends such as SD-WAN and SDN influence Amazon networking.

Show Links:

AWS re:Invent 2015 | (NET403) Another Day, Another Billion Packets – Amazon (via YouTube): Eric Brandwine talks about how Amazon’s overlay network works in detail.

AWS re:Invent 2017: Another Day, Another Billion Flows (NET405) – Amazon (via YouTube): Colm MacCarthaigh talks about how AWS Hyperplane works.

Introducing the AWS Networking Competency – AWS

Firewall Deployment Continue reading

Today on the Priority Queue, some practical Python for network engineers.

My guest is Billy Downing, and we walk through an example of how to use Python to deploy BFD, or Bidirectional Forwarding Detection.

We start by describing BFD and how it works, and then explore how to use Python to make it go in your network.

Billy is a data center engineer who works for the Department of Defense. Check out his blog at NetworkTechStudy.com.

Show Links:

NetworkTechStudy.com – Billy Downing’s blog

Learning Python from a Network Engineer’s Perspective – NetworkTechStudy.com

Bidirectional Forwarding Detection (BFD) – IETF

If you d heard of Cisco Tetration when it was first announced, you might have a vague memory of it being this huge rack of hardware at an eye-watering price that did some sort of analytics for massive data centers.

Tetration has evolved into a platform that meets needs for organizations of many sizes. Tetration also has a bunch of genuinely interesting use cases, as Cisco has become increasingly clever about what they can do with all of that data Tetration gathers.

For example, you can auto-implement a whitelist policy for application workloads. You can detect when your apps are deviating from their normal traffic patterns. You can detect software vulnerabilities. And depending on where you run Tetration, you can still get deep network performance insights, what I think of as the original Tetration value proposition.

Today on this sponsored episode, we delve into what Tetration does, explore use cases, and dive into how it fits into compute environments. Our guests from Cisco are Jason Gmitter, Principal Systems Engineer; and Yogesh Kaushik, Senior Director of Product Management for Tetration.

Show Links

Cisco Tetration – Cisco Systems

Cisco Tetration Workload Protection Extended with new Options: SaaS and Virtual Appliance – Cisco Continue reading

On today’s show Greg and Ethan talk about a few things that have been on their minds, including updates on the forthcoming Packet Pushers subscription site and a post-mortem of the recent Virtual Design Clinic.

They also hash out some tech conversations, including Cloudflare’s new DNS resolver, peak open networking, a review of the Aruba Atmosphere wireless conference, and more nerdy topics.

Sponsor: ThousandEyes

ThousandEyes gives you visibility, insights, and actionable intelligence into user experience from every user to every application over any network, so you transform your WAN, troubleshoot faster and deliver exceptional user experiences in the cloud and on premises. Try ThousandEyes for free at thousandeyes.com/packetpushers and grab a fun t-shirt!

Sponsor: Cumulus Networks

The Cumulus Linux network OS is simple, open, untethered Linux that can run on more than 70 hardware platforms and help you transition from your legacy infrastructure. Cumulus Networks is Web-scale networking for the digital age. Go to cumulusnetworks.com to find out more.

Show Links:

Introducing DNS Resolver, 1.1.1.1 (not a joke) – Cloudflare

Announcing 1.1.1.1: the fastest, privacy-first consumer DNS service – Cloudflare

jedisct1/dnsblast: A simple and stupid load testing tool for DNS resolvers – Continue reading

Today on the Priority Queue we have a roundtable show. We’ve gathered a few engineers around the microphone to talk about their experiences and what’s on their minds.

We often hear this format is an audience favorite, so we plan to record more of these in the Priority Queue and Weekly channels, so keep an eye out.

Today we welcome Alex Clipper, Eric Gullickson, Matt Elliott, and Stafford Rau to the podcast. We discuss encryption, code styles to ensure that code written by networkers is up to snuff, and what it’s like to work in technology after a certain age.

Sponsor: Paessler AG

Paessler AG is the maker of PRTG Network Monitor. PRTG monitors your entire IT infrastructure 24/7 and alerts you to problems before users notice. Find out more about the monitoring software that helps system administrators work smarter, faster, better by visiting paessler.com today.

Show Links:

Understanding Media Access Control Security (MACsec) – Technical Documentation – Support – Juniper Networks

Thales L2 Encryption – Thales

Senetas – Senetas.com

What Is Optical Encryption? – Ciena

Certes Networks

Google Style Guides – GitHub

Continue reading