Worth Reading: IP addresses are not telephone numbers

A blanket association between telephone numbers and IP numbers and domain names is simply not useful. Here’s the problem — IP numbers and domain names are not telephone numbers. By using this analogy as the starting point for their rationale to consider IP numbers as CPNI, the FCC is beginning from a fundamentally flawed starting point. Circle ID

The post Worth Reading: IP addresses are not telephone numbers appeared first on 'net work.

Worth Reading: Venezuela and ‘net Neutrality

A recent study conducted by the Institute for Press and Society (IPYS) in Venezuela has confirmed that at least 43 different websites are being blocked in the country, shedding new light on the filtering practices of the Venezuelan government. The research focused on documenting incidents surrounding web access and net neutrality, zeroing in on the treatment of national networks during the 2015 elections. Somewhat Reasonable

The post Worth Reading: Venezuela and ‘net Neutrality appeared first on 'net work.

Worth Reading: Automation, Robotics, and the Future

And humility because of the poorness of our ability to peer into the future. When reviewing the mountains of books and magazine articles that have sought to predict what the future holds in automation and related fields, when reading the hyped tech headlines or when looking at the many charts and tables extrapolating from the past to help us forecast the future, it is striking to see how often our predictions go wrong. The New Atlantis

The post Worth Reading: Automation, Robotics, and the Future appeared first on 'net work.

DHCP Topology Customization Options

The Dynamic Host Configuration Protocol (DHCP) is widely used, and yet poorly understood. There are, in fact, a large number of options in DHCP—but before we get to these, let’s do a quick review of basic off-segment operation.

When the client, which has no IP address, sends out a request for configuration information, what happens? The Router, A, if it is configured to be a DHCP helper, will receive the packet and forward it to the DHCP server, which is presumably located someplace else in the network. The router generally knows what address to send the request to because of manual configuration—but how does the server know how to get the packet back to the original requester?

The helper—Router A in this case—inserts the IP address of the interface on which the request was received into the giaddr field of the DHCP packet. As boring as this might seem, this is where things actually get pretty interesting. It’s possible, of course, for a router to have an logical layer three interface that sits on a bridge group (or perhaps an IRB interface). The router obviously needs to be able to put more information in the DHCP request to handle this Continue reading

Worth Reading: DNS Privacy

The DNS is normally a relatively open protocol that smears its data (which is your data and mine too!) far and wide. Little wonder that the DNS is used in many ways, not just as a mundane name resolution protocol, but as a data channel for surveillance and as a common means of implementing various forms of content access control. Circle ID

The post Worth Reading: DNS Privacy appeared first on 'net work.

Worth Reading: It’s hard to leave Google

What I do respectfully challenge is that first, Google essentially doesn’t “collect all of that information” because they do (see here), and second, that Google somehow is easy to escape,when it comes to collecting one’s private information, because it is not, as I will prove below. Somewhat Reasonable

The post Worth Reading: It’s hard to leave Google appeared first on 'net work.

When prepend fails, what next? (1)

So you want to load share better on your inbound ‘net links. If you look around the ‘web, it won’t take long to find a site that explains how to configure AS Path Prepending. So the next time you have downtime, you configure it up, turn everything back on, and… Well, it moved some traffic, but not as much as you’d like. So you wait ’til the next scheduled maintenance window and configure a couple of extra prepends into the mix. Now you fire it all back up and… not much happens. Why not? There are a couple of reasons prepending isn’t always that effective—but it primarily has to do with the way the Internet itself tends to be built. Let’s use the figure below as an example network.

You’re sitting at AS65000, and you’re trying to get the traffic to be relatively balanced across the 65001->65000 and the 65004->65000 links. Say you’ve prepended towards AS65001, as that’s the provider sending you more traffic. Assume, for a moment, that AS65003 accepts routes from both AS65001 and AS65004 on an equal basis. When you prepend, you’re causing the route towards your destinations to appear to be longer from AS65003’s perspective. This Continue reading

Worth Reading: Today’s DNS

DevOps is revolutionizing how developers create and deploy applications. Cloud services have both enabled and necessitated a distributed model for applications. In the midst of this profusion of new technology, an old-school player has emerged to enable the reliability and performance that apps and their users demand: DNS. Data Center Journal

The post Worth Reading: Today’s DNS appeared first on 'net work.

Worth Reading: Plumgrid, Cumulus, and SDN

With the advent of Software Defined Networking, enterprises are able to manage their network through a series of abstracted layers, offering a flexibility that was out of reach even 10 years ago. While this may seem futuristic to some, SDN is quickly becoming the new standard when working with containers, networks, and VMs at scale. The New Stack

The post Worth Reading: Plumgrid, Cumulus, and SDN appeared first on 'net work.

Can != Should, Is != Ought

Maybe I’m getting too old for my own good. Or maybe studying philosophy is making me older. Here in the US, though, it is Memorial Day, a day where people normally grill burgers and dogs, throw a few back, and forget to ask why. It’s just another day off, and days off are good for—well, for something.

Memorial Day, in the US, stands in memorial for those who fought—and, specifically died—for our freedom. But what is freedom? In my world, there are two types of freedom: freedom from, and freedom to. Two pieces this week made me think through this difference once again, and how we are increasingly confusing the two concepts.

But the big thing that changed this week is a Google home device is no longer a theoretical possibility. It’s here. And on a sunny day at the outdoor amphitheater, just a half mile away from the Googleplex, the audience watched as a video showed the device at work in the home of a typical American family. There was laughter when the dad broadcast his playlist into every room in the home, waking up his sleeping children — and then later remotely turned on the lights to make Continue reading

Worth Reading: The Problem with Analytics

There is a difference between knowledge and understanding. Knowledge typically comes down to knowing facts while understanding is the application of knowledge to the mastery of systems. You can know a lot while understanding very little. Cringely

The post Worth Reading: The Problem with Analytics appeared first on 'net work.

Worth Reading: The privacy of telephone metadata

We investigate the privacy properties of telephone metadata to assess the impact of policies that distinguish between content and metadata. We find that telephone metadata is densely interconnected, can trivially be reidentified, enables automated location and relationship inferences, and can be used to determine highly sensitive traits. —National Academy of Sciences

The post Worth Reading: The privacy of telephone metadata appeared first on 'net work.

Worth Reading: BGP as a southbound API

BGP is a very scalable protocol. It’s used the world over to exchange routes and keep the Internet running smoothly. But it has other power as well. It can be extended to operate in other ways beyond the original specification. Unlike rigid protocols like RIP or OSPF, BGP was designed in part to be extended and expanded as needs changes. IS-IS is a very similar protocol in that respect. It can be upgraded and adjusted to work with both old and new systems at the same time. —Networking Nerd

The post Worth Reading: BGP as a southbound API appeared first on 'net work.

Worth Reading: Are NVMe fabrics in your future?

NVMeF promises both a huge gain in system performance and new ways to configure systems. To understand what this means, we have to separate NVMe from its current implementation that uses direct PCIe connects. The PCIe approach arose a few years back from the then top-tier persistent storage, the flash card, which had reached the limit of SCSI-based operations due to IO stack overhead and interrupt handling problems. —Network Computing

The post Worth Reading: Are NVMe fabrics in your future? appeared first on 'net work.

Hilton Head

The post Hilton Head appeared first on 'net work.

Worth Reading: You can’t do everything yourself

You’ve become an operational bottleneck, slowing down all of IT. Projects and change requests stack up at your desk because you have reached your scaling limit. You’re overworked and stressed out from all the things you’ve taken on. —Packet Pushers

The post Worth Reading: You can’t do everything yourself appeared first on 'net work.

Worth Reading: The bias built in at Facebook

But “surfaced by an algorithm” is not a defense of neutrality, because algorithms aren’t neutral. Algorithms are often presented as an extension of natural sciences like physic or biology. While these algorithms also use data, math and computation, they are a fountain of bias and slants — of a new kind. —NYT

The post Worth Reading: The bias built in at Facebook appeared first on 'net work.

What is a Failure Domain?

“No, I wouldn’t do that, it will make the failure domain too large…”
“We need to divide this failure domain up…”

Okay, great—we all know we need to use failure domains, because without them our networks will be unstable, too complex, and all that stuff, right? But what, precisely, is a failure domain? It seems to have something to do with aggregation, because just about every network design book in the world says things like, “aggregating routes breaks up failure domains.” It also seems to have something to do with flooding domains in link state protocols, because we’re often informed that you need to put in flooding domain boundaries to break up large failure domains. Maybe these two things contain a clue: what is common between flooding domain boundaries and aggregating reachability information?

Hiding information.

But how does hiding information create failure domain boundaries?

If Router B is aggregating 2001:db8:0:1::/64 and 2001:db8:0:2::/64 to 2001:db8::/61, then changes in the more specific routes will be hidden from Router A. This hiding of information means a failure of one of these two more specific routes does not cause Router A to recalculate what it knows about reachability in the network. Hence a Continue reading

Worth Reading: Inside the million machine clickfraud botnet

Online advertising is a multi-billion dollar business mostly ran by Google, Yahoo or Bing via AdSense-like programs. The current generation of clickbots such as the Redirector.Paco Trojan have taken abuse to a whole new level, burning through companies’ advertising budget at an unprecedented pace. —Bitdefender

The post Worth Reading: Inside the million machine clickfraud botnet appeared first on 'net work.

Worth Reading: The spam value chain

There’s much more to spam than just the email! There are three key stages – advertising, click support, and realization – supported by a whole value chain. —the morning paper

The post Worth Reading: The spam value chain appeared first on 'net work.