Worth Reading: HPE trims back

The trouble that Dell and HPE found themselves in is that they did not build platforms fast enough as the market shifted away from selling or reselling licensed software and putting platforms together piecemeal for customers and towards companies using a public cloud as a platform or companies using a set of open source components figuring it out on their own. Frankly, companies like IBM, HPE, and Dell charge too much for such integration services, they take too long, and companies are always dependent on others to make changes to that platform because they lack expertise. —The NExt Platform

The post Worth Reading: HPE trims back appeared first on 'net work.

Worth Reading: Ditch the pitfalls of layer 2 in the data center

If you’re operating on the IT side, you’re likely all too familiar with troubleshooting an unexpected outage caused by what should be a simple upgrade to a switch, or bringing a new server onto the network. While modern data center design for private and public clouds has been rapidly evolving from traditional Layer 2 networks to Layer 3 centric leaf-spine architecture, too many of us are still dealing with the headaches that come from L2 technologies such as Multichassis Link Aggregation (MLAG), First Hop Redundancy Protocol (FHRP), and Spanning Tree Protocol (STP). —The New Stack

The post Worth Reading: Ditch the pitfalls of layer 2 in the data center appeared first on 'net work.

Grow Up

The post Grow Up appeared first on 'net work.

Worth Reading: Ransomware and backups

Read through the recent Wall Street Journal ransomware article and you’ll find some great stats on the growing threat and cost. One thing you won’t find: the word “backup.” We’re happy to see ransomware finally getting the attention it deserves, but why discuss the problem and leave out the obvious, simple antidote? It’s like an article on a bike theft epidemic that fails to mention that none of the bikes were locked up. —Cloud Security Alliance

The post Worth Reading: Ransomware and backups appeared first on 'net work.

Worth Reading: Hardware slaves to the master algorithm

Over the long course of IT history, the burden has been on the software side to keep pace with rapid hardware advances—to exploit new capabilities and boldly go where no benchmarks have gone before. However, as we swiftly ride into a new age where machine learning and deep learning take the place of more static applications and software advances are far faster than chipmakers can tick and tock to, hardware device makers are scrambling. —The Next Platform

The post Worth Reading: Hardware slaves to the master algorithm appeared first on 'net work.

snaproute Go BGP Code Dive (10): Moving to Established

In the last post on this topic, we traced how snaproute’s BGP code moved to the open state. At the end of that post, the speaker encodes an open message using packet, _ := bgpOpenMsg.Encode(), and then sends it. What we should be expecting next is for an open message from the new peer to be received and processed. Receiving this open message will be an event, so what we’re going to need to look for is someplace in the code that processes the receipt of an open message. All the way back in the fifth post of this series, we actually unraveled this chain, and found this is the call chain we’re looking for—

• func (st *OpenSentState) processEvent()
• st.fsm.StopConnectRetryTimer()
• bgpMsg := data.(*packet.BGPMessage)
• if st.fsm.ProcessOpenMessage(bgpMsg) {
  • st.fsm.sendKeepAliveMessage()
  • st.fsm.StartHoldTimer()
  • st.fsm.ChangeState(NewOpenConfirmState(st.fsm)) }

I don’t want to retrace all those steps here, but the call to func (st *OpenSentState) processEvent() (around line 444 in fsm.go) looks correct. The call in question must be a call to a function that processes an event while the peer is in the open state. This call seems to satisfy both Continue reading

Worth Reading: gRPC

HTTP’s convenience comes with a huge performance trade-off, which takes us back to the issue of finding the most optimal communication framework for microservices. Enter gRPC, the modern, lightweight communication protocol from Google. It’s a high-performance, open-source universal remote procedure call (RPC) framework that works across a dozen languages running in any OS. Within the first year of its launch, gRPC was adopted by CoreOS, Netflix, Square, and Cockroach Labs among others. —New Stack

The post Worth Reading: gRPC appeared first on 'net work.

Worth Reading: On decomposing systems

Flexibility (we tend to call it agility) and faster development times remain top of mind today. Comprehensibility less so, but perhaps we should be paying more attention there? Say you’re all bought into cloud native microservices based architectures, is splitting your system up into multiple independent services going to help you achieve your goals? —The Morning Paper

The post Worth Reading: On decomposing systems appeared first on 'net work.

Bridge to the Ocean

The post Bridge to the Ocean appeared first on 'net work.

Worth Reading: Do we still need OSPF areas?

When OSPF was created it used areas to minimize the size of the topology graph (and the time it took to run Dijkstra algorithm). In the meantime, the CPU speeds increased by orders of magnitude, and graph computation algorithms got a few optimization boosts (incremental SPF for example). —IPspace

The post Worth Reading: Do we still need OSPF areas? appeared first on 'net work.

Worth Reading: The Verisign DDoS Report (Q2 2016)

This report contains the observations and insights derived from distributed denial of service (DDoS) attack mitigations enacted on behalf of, and in cooperation with, customers of Verisign DDoS Protection Services from April 1, 2016 through June 30, 2016 (‘‘Q2 2016”) and the security research of Verisign iDefense® Security Intelligence Services conducted during that time. It represents a unique view into the attack trends unfolding online, including attack statistics and behavioral trends for Q2 2016. —Verisign

The post Worth Reading: The Verisign DDoS Report (Q2 2016) appeared first on 'net work.

Worth Reading: Why you shouldn’t be bummed if you were laid off

A former boss of mine said it best: “Working for the same company for too long is like living in your parent’s basement. You can’t really say you’ve experienced real life.” Over 12 years, Cisco gave me the foundation and relationships for which I will always be grateful. But over time, like a bad relationship that feels good for the wrong reasons- the comfort of familiarity and easiness, I felt myself getting career stagnant and letting it ride. I knew deep down I could be a better version of my professional self. —Camille Gatenby

The post Worth Reading: Why you shouldn’t be bummed if you were laid off appeared first on 'net work.

Worth Reading: An internet for identity

Every online identity you have was given to you by someone else. This simple fact makes every online identity completely different from identity in the physical world where you exist first, independently, as a sovereign human being. As a result, online relationships are skewed. There’s an imbalance of power between people and organizations online. Here’s why. —CircleID

The post Worth Reading: An internet for identity appeared first on 'net work.

DC Fabric Segment Routing Use Case (5)

In this, the last post on DC fabrics as a Segment Routing use case, I mostly want to tie up some final loose ends. I will probably return to SR in the future to discuss other ideas and technical details.

Anycast

Anyone who keeps up with LinkedIn knows anycast plays a major role in many parts of the infrastructure. This isn’t unique to LinkedIn, though; most DNS implementations and/or providers, as well as just about every large scale public facing web application, also uses anycast. Which leads to an obvious question—how would SR work with anycast? The answer turns out to be much simpler than it might appear. The small diagram below might be helpful—

Assume A and B have two copies of a single service running on them, and we want hosts behind F to use one service or the other, just depending on which the routing system happens to route towards first. This isn’t quite the classical case for anycast, as anycast normally involves choosing the closest service, and both of the services in this example are equal distance from the hosts—but this is going to be the case more often than not in a data center. In Continue reading

Worth Reading: What Facebook learns by shutting down entire facilities

As we have reported before, Facebook has one of the boldest approaches to testing its infrastructure resiliency. The Facebook data center team regularly shuts down entire sites to see how its application will behave and to learn what improvements can be made. During his keynote this morning at the Facebook @Scale conference in San Jose, California, Jay Parikh, the company’s head of engineering and infrastructure, shared some of the big lessons his team has learned so far from these fire drills. —Data Center Knowledge

The post Worth Reading: What Facebook learns by shutting down entire facilities appeared first on 'net work.

Worth Reading: More huge tech acquisitions

The market for tech acquisitions is booming in 2016 as legacy technology companies shed old assets and consolidate, and companies in other industries scoop up tech assets at a historic pace. This comes despite 2015’s boom in overall M&A waning, the market for initial public offerings declining, and as data shows some tech “unicorns” may wait until at least 2017 to make their market debut. The tech industry appears to be an anomaly, with analysts expecting deal making to remain strong for the foreseeable future, despite near-term macro uncertainties such as the U.S. election. —Market Watch

The post Worth Reading: More huge tech acquisitions appeared first on 'net work.

Technology

The post Technology appeared first on 'net work.

Worth Reading: Connecting Python to Slack

The scripting language Python can retrieve information from or publish information into the messaging app Slack. This means you can write a program that puts info into Slack for you, or accepts your queries using Slack as the interface. This is useful if you spend a lot of time in Slack, as I do. —Ethan Banks

The post Worth Reading: Connecting Python to Slack appeared first on 'net work.

Worth Reading: Exploring the Cybercrime Underground Part 2

In this second part of Unit 42’s Cybercrime Underground blog series, we dive into the cybercrime forum ecosystem and focus on observed cybercriminal roles, as well as prevalent tools and services bought and sold in the underground. The goal of this post is not to provide an exhaustive directory, but rather to provide additional context on the operations and highly prevalent threats observed within this ecosystem. —Palo Alto

The post Worth Reading: Exploring the Cybercrime Underground Part 2 appeared first on 'net work.

On Definitions: Whatever is Forwarding Information?

After last week’s, a reader left a comment noting “I2RS doesn’t manipulate forwarding data.” If I2RS isn’t “manipulating forwarding data,” then what, precisely, is it doing? I thought it’s worth a post to try and help folks understand the definitions in this space—except, as you’ll soon discover, there are no definitions here. In fact, it’s almost impossible to create a single set of definitions that will clarify the issues involved in understanding the various sorts of state in a network device. The following illustration might be helpful in trying to understand the vagaries of the various kinds of state, and the confusion that results from the various names used in different places.

It would be “nice” to say something like: information held in the forwarding table, that’s actually used to forward traffic through the router, is the only real “forwarding data.” This makes for a nice clean definition that clearly separates, say, what the RIB does and what the FIB does in most of the hardware based switching devices produced today. There are two problems with this clean definition, however.

First, there are, and always will be, devices produced that simply don’t have a forwarding table. Instead of Continue reading