Cisco Live 2016 Las Vegas

I’m presenting at two sessions this year at Cisco Live: BRKRST-3014, Policy, Complexity, and Modern Control Planes on Thursday afternoon, and TECCCDE-3005, The Cisco Certified Design Expert, on Sunday afternoon. If you’re attending, feel free to look me up—when I’m not speaking, I’m generally hanging out at Cisco Press, at the Certification Lounge, or just walking around the show floor.

The post Cisco Live 2016 Las Vegas appeared first on 'net work.

IS-IS LiveLesson

The post IS-IS LiveLesson appeared first on 'net work.

The Design Mindset (4)—Interaction Surfaces

Before talking the final point in the network design mindset, ,act, I wanted to answer an excellent question from the comments from the last post in this series: what is surface?

The concept of interaction surfaces is difficult to grasp primarily because it covers such a wide array of ideas. Let me try to clarify by giving a specific example. Assume you have a single function that—

• Accepts two numbers as input
• Adds them
• Multiplies the resulting sum by 100
• Returns the result

This single function can be considered a subsystem in some larger system. Now assume you break this single function into two functions, one of which does the addition, and the other of which does the multiplication. You’ve created two simpler functions (each one only does one thing), but you’ve created an interaction surface between the two functions—you’ve created two interacting subsystems within the system where there only used to be one. This is a really simple example, I know, but consider a few more that might help.

• The routing information carried in OSPF is split up into external routes being carried in BGP, and internal rotues being carried in OSPF. You’ve gone from one system with more Continue reading

How to Hack an Election

Eventually, he discovered, he could manipulate the public debate as easily as moving pieces on a chessboard—or, as he puts it, “When I realized that people believe what the Internet says more than reality, I discovered that I had the power to make people believe almost anything.” -via Bloomberg

The post How to Hack an Election appeared first on 'net work.

Oak Island Beach

The post Oak Island Beach appeared first on 'net work.

Bluetooth Technology 101

Bluetooth is everywhere—you’ll find it in smartphones, tablets, laptops, TVs, cars, security systems, computer peripherals (mice, keyboads, headphones), smartwatches and more. A great many manufacturers in every sector of the tech industry have adopted Bluetooth for reliable and ubiquitous short-distance communication. But while most of us can decode the intricacies of a Wi-Fi connection by the standard’s nomenclature, recognition of Bluetooth capabilities usually ends with the version number. -via Tom’s Hardware

The post Bluetooth Technology 101 appeared first on 'net work.

Lawful Hacking and Continuing Vulnerabilities

Vulnerabilities are found, fixed, then published. The entire security community is able to learn from the research, and­ — more important­ — everyone is more secure as a result of the work. The FBI is doing the exact opposite. It has been given whatever vulnerability it used to get into the San Bernardino phone in secret, and it is keeping it secret. All of our iPhones remain vulnerable to this exploit. This includes the iPhones used by elected officials and federal workers and the phones used by people who protect our nation’s critical infrastructure and carry out other law enforcement duties, including lots of FBI agents. -Schneier on Security

The post Lawful Hacking and Continuing Vulnerabilities appeared first on 'net work.

Writing books still matters—reading them does, too

Ivan, over at ipspace.net, has an interesting post up on writing books —

Why would you want to write a book? If you think you’ll earn a lot of money, think twice… unless you plan to write a science fiction bestseller, Swift-for-Dummies, or 50 Shades of Something.

Several points in reply…

No, you won’t make a lot of money. Writing books for a living (in fact, writing for a living at all) has been pretty much destroyed by several factors, including the absolute dismal rate at which our culture reads (I’m considered something of a freak with my goal of reading 100 books/year; C.S. Lewis read that many in a few weeks in the hospital, across four or five languages), and the rate at which people try to “climb the author pile” by writing for free on blogs/etc.

There is one comment here that I think is really worth pointing out: To make matters worse, core networking is not exactly a popular topic (compared to Swift Programming or Introduction to IPv6)… I’ve heard this a lot in my time as an author—for instance, my books simply don’t sell as well as just about anything at the CCIE level, Continue reading

The State vs. Andrews—Privacy and secrecy are not the same

Finally, the court took on the third-party doctrine, which says that if you reveal information in order to use a company’s services — say, giving a check to a bank or dialing a phone number — it is as if the information has been revealed to the world, and the police can get the same data from the company without having to get a warrant. In short, the third-party doctrine conflates secrecy and privacy: If you didn’t keep something secret, you didn’t keep it private either. -via Just Security

The post The State vs. Andrews—Privacy and secrecy are not the same appeared first on 'net work.

Reaction: The 650 Gb/s software router

I’m forever seeing announcements like this in the software defined networking world—

The Linux-based CloudRouter Project, which is working on code for an open source virtual router, released version 3.0 this week. It adds Linux Data Plane Development Kit (DPDK) kernel enhancements and claims throughput in excess of 650 Gb/s on commodity hardware.

But you need to note one specific thing about this announcement. How did they achieve these forwarding rates? By using DPDK to offload the actual, well, forwarding to a custom ASIC on a NIC. The reality is that we’ve always done the control plane in software, and we’ve always done the forwarding in hardware. There have been precious few router platforms over the years where the forwarding plane is actually an “embedded system.”

Certainly we’re seeing a world where open source operating systems are learning to interact with commodity ASICs so it’s possible to separate the software from the hardware, and the operating system from the control plane, and this is all too the good. But if this is software defined networking, then we’ve been doing this since sometime in the 1990’s, perhaps even earlier…

Perhaps we’ve become so accustomed to considering the network operating Continue reading

Why an Open Internet Matters

As an Internet Society board member coming from the Middle East, I’m often confronted by the question of whether it is enough to have Internet access, or must we also ensure that the access is open and unrestricted. I hereby lay the case in this short article in defense of the argument that having an open Internet does matter and we ought to ensure it remains so. -via the Internet Society

The post Why an Open Internet Matters appeared first on 'net work.

Securing BGP: A Case Study (6)

In my last post on securing BGP, I said—

Here I’m going to discuss the problem of a centralized versus distributed database to carry the information needed to secure BGP. There are actually, again, two elements to this problem—a set of pure technical issues, and a set of more business related problems. The technical problems revolve around the CAP theorem, which is something that wants to be discussed in a separate post; I’ll do something on CAP in a separate post next week and link it back to this series.

The CAP theorem post referenced above is here.

Before I dive into the technical issues, I want to return to the business issues for a moment. In a call this week on the topic of BGP security, someone pointed out that there is no difference between an advertisement in BGP asserting some piece of information (reachability or connectivity, take your pick), and an advertisements outside BGP asserting this same bit of information. The point of the question is this: if I can’t trust you to advertise the right thing in one setting, then why should I trust you to advertise the right thing in another? More specifically, if you’re using Continue reading

Broken Configurations, Broken Windows

The “broken windows” theory states that small problems can become bigger ones unless dealt with quickly. The theory suggests that people infer the rules of behavior from what they observe. It suggests that working hard to clean up a neighborhood by making repairs like fixing broken windows will help to deter further vandalism. In this article, I will discuss how this theory applies to network configuration. -via Network Computing

The post Broken Configurations, Broken Windows appeared first on 'net work.

Worth Reading: Don’t ask what you can measure

One of the most striking things about the “big data” world of today is the focus on mining data over answering questions. So many projects start with asking what data is easily obtainable and which tools are most easily amenable to working with that dataset, rather than asking what question the analysis is trying to answer. The result is a landscape littered with data-intensive projects that prioritize technical prowess of execution over the robustness of the findings derived from the analysis. What does this mean for the future evolution of the field? -via Forbes

The post Worth Reading: Don’t ask what you can measure appeared first on 'net work.

The Candy Jar Effect

When I first started in Cisco TAC, as a lowly grade 3 engineer taking hardware RMA calls, I didn’t know anyone. I had just moved to North Carolina, we hadn’t found a church yet, I’m not the most social person on the face of the earth (in fact, if anything, I’m antisocial), and I was sitting in a cubicle surrounded by people who’d been working in serious networking for a lot longer than I had. Not only that, but a lot of them were a lot smarter than I was (and still are). These people were really busy; it was hard to sip from the firehose, and I really needed to find my way around. How could I go about building a network?

What to do… ??

I put a candy jar on my desk, and filled it with interesting candy. How would a candy jar work? Well, it attracted all sorts of interesting people to my desk throughout the day, and as I got to know what different people liked, it gave me an excuse to bring stuff to their desk—along with a question about a case I was working on, of course. In a sense, I learned all I Continue reading

Worth Reading: Are we headed to another bust?

I believe it is important to remember this history as we celebrate the rise of the unicorns. There are already some indications the current tech boom may be nearing its end. The media has started commenting “The signs of a new tech bubble are everywhere: easy money, widespread exuberance, hidden leverage, and mass participation by amateur investors.” What turns a bubble into a bust is a change in investors’ psychology. History tells us it does not take much for such a change to occur. The decline of stock markets around the world over the past few months suggests such a change may already be taking place. -via the Communications of the ACM

The post Worth Reading: Are we headed to another bust? appeared first on 'net work.

Worth Reading: A yot of YANG

The YANG Model Coordination Group has been spending time on the inventory of those YANG models in the industry, the tooling aspects, the help with the compilation, the training & education (NETCONF, YANG, pyang), the coordination across SDOs/opensource, the model coordination with the IETF. On the tooling front, the YANG model extraction and compilation is now integrated in the IETF draft submission tool, thanks to Henrik Levkowetz. So no more excuses for producing YANG models that don’t compile. -via the IETF blog

The post Worth Reading: A yot of YANG appeared first on 'net work.

Windows in Buenos Aires

The post Windows in Buenos Aires appeared first on 'net work.

Worth Reading: The road to 200g

The transitions from one network speed to another can be very disruptive and costly, as the move from 1 Gb/sec to 10 Gb/sec speeds was when it started out on routers in 2002 and trickled down to aggregation and top of rack switches in the following years as switch ASIC, adapter card, and transceiver costs all fell. -via The Next Platform

The post Worth Reading: The road to 200g appeared first on 'net work.

Worth Reading: The end of Moore’s Law?

Moore’s Law may be nearing its end, however. Tom Simonite at the MIT Technology Review writes that Intel has declared in a regulatory filing what insiders have suspected: The company is slowing the release of new chips in a manner that doesn’t keep pace with the law. The reason is simply that fabricating small transistors, which now are at about 14 nanometers, is increasingly difficult and costly. The insiders suspect that the end is near because the next generation, which aims at 10 nm, has already been delayed. -via IT Business Edge

The post Worth Reading: The end of Moore’s Law? appeared first on 'net work.