MPLS Traffic Engineering Part 3

Worth Reading: Kubernetes as the Universal Scheduler

Kubernetes is emerging as one of the best resource schedulers of our times. The powerful scheduler, which is also simple and extensible enables us to solve many problems that existed in traditional distributed systems. —Janakiram MSV @The New Stack

Worth Reading: IPv6 Renumbering is a Pain

It turned out that changing the interface IPv6 addresses was just the first step, while many modifications at different services were the actual problem. And this was *only* my lab and not a complete company or the like. —Johannes Weber @blog.webernetz.net

Think Like an Engineer, not a Cheerleader

When you see a chart like this—

—you probably think if I were staking my career on technologies, I would want to jump from the older technology to the new just at the point where that adoption curve starts to really drive upward.

Over at ACM Queue, Peter J. Denning has an article up on just this topic. He argues that if you understand the cost curve and tipping point of any technology, you can predict—with some level of accuracy—the point at which the adoption s-curve is going to begin its exponential growth phase.

Going back many years, I recognize this s-curve. It was used for FDDI, ATM, Banyan Vines, Novell Netware, and just about every new technology that has ever entered the market.

The problem with this curve, Continue reading

Worth Reading: Smaching up an IT Pangea

Back in 1995, the entire X86 server market accounted for about $5.7 billion in sales, but after the dot-com boom got into full swing by 1997, sales had more than doubled to $12 billion and shipments had also more than doubled to 1.8 million units. —Timothy Prickett Morgan @The Next Platform

River Life

Weekend Reads 090718

Did the passage of gDPR impact the amount of spam on the ‘net, or not? It depends on who you ask.

The folks at the Recorded Future blog examined the volume of spam and the number of registrations for domains used in phishing activity, and determined the volume of spam was not impacted by the implementation of Europe’s new privacy laws.

There were many concerns that after the European Union’s General Data Protection Regulation (GDPR) went into effect on May 25, 2018, there would be an uptick in spam. While it has only been three months since the GDPR went into effect, based on our research, not only has there not been an increase in spam, but the volume of spam and new registrations in spam-heavy generic top-level domains (gTLDs) has been on the decline.

John Levine at CircleID, however, argues the measures used in the Recorded Future piece are not useful measures of spam volume in relation to the controls imposed by GDPR:

To understand the effect of GDPR, the relevant questions are: Is GDPR enabling damage, because it makes detection, blocking, and mitigation harder?

Note that the CircleID article only addresses the domain registration question, and does Continue reading

Worth Reading: Intel’s exascale dataflow engine

With Moore’s Law running out of steam, the chip design wizards at Intel are going off the board to tackle the exascale challenge, and have dreamed up a new architecture that could in one fell swoop kill off the general purpose processor as a concept and the X86 instruction set as the foundation of modern computing. —Timothy Prickett Morgan @The Next Platform

History of Networking: the CCIE

Worth Reading: The cost of downtime

Downtime—when a network is unable to provide its intended action or service–remains a serious threat for network managers. The consequences can wreak havoc on finances and can lead to negative perceptions of the business. —David Bjerke And Nilson Gabela @Data Center Journal

Worth Reading: VMWare wants to rearchitect your containers

One of the compelling advantages that Pivotal Container Service (PKS) has exhibited over the other container platforms in which VMware has invested, is that it promises to be an implementation of “plain vanilla Kubernetes,” requiring nothing special and no exclusive treatment from developers. —Scott M. Fulton III @The New Stack

Research: DNSSEC in the Wild

The DNS system is, unfortunately, rife with holes like Swiss Cheese; man-in-the-middle attacks can easily negate the operation of TLS and web site security. To resolve these problems, the IETF and the DNS community standardized a set of cryptographic extensions to cryptographically sign all DNS records. These signatures rely on public/private key pairs that are transitively signed (forming a signature chain) from individual subdomains through the Top Level Domain (TLD). Now that these standards are in place, how heavily is DNSSEC being used in the wild? How much safer are we from man-in-the-middle attacks against TLS and other transport encryption mechanisms?

Three researchers published an article in Winter ;login; describing their research into answering this question (membership and login required to read the original article). The result? While more than 90% of the TLDs in DNS are DNSEC enabled, DNSSEC is still not widely deployed or used. To make matter worse, where it is deployed, it isn’t well deployed. The article mentions two specific problems that appear to plague DNSSEC implementations.

First, on the server side, a number of Continue reading

Worth Reading: Why developers should learn to write

In today’s data-driven, data-heavy world, there’s so much content to consume. We’re constantly bombarded by videos, pictures, advertisements, podcasts, and articles. Each of these media has a different type of appeal, and it always seems like there’s strong competition to try to attract and retain our attention. —Derek Mei @Free Code Camp

Worth Reading: Using DNS as a Single Signon

Internet-wide identity management is one of the hot issues currently — dealing with hundreds of separate usernames and passwords is insecure and unfriendly for users. Increasingly, people use their social network accounts to log into websites, which works well, but forces you to allow either Google or Facebook to track all your logins — you don’t have a lot of choice. —Vittorio Bertola @APNIC

Short Take: Learn to Think

Worth Reading: DNS Inconsistency

In fact, I contend that it is likely impossible to construct a definitive version of the DNS graph at any point in time this way. The challenge stems from the phenomenon of DNS inconsistency, particularly in real-world NS RRset deployments. —John Kristoff @APNIC

Worth Reading: Chip architecture switches to heterogeneous

There are shifts underway in computing that are driving the need for more heterogeneous computing that can adapt to the workload at hand without having to change any of the underlying infrastructure. —Jeffrey Burt @The Next Platform

Is BGP Good Enough?

In a recent podcast, Ivan and Dinesh ask why there is a lot of interest in running link state protocols on data center fabrics. They begin with this point: if you have less than a few hundred switches, it really doesn’t matter what routing protocol you run on your data center fabric. Beyond this, there do not seem to be any problems to be solved that BGP cannot solve, so… why bother with a link state protocol? After all, BGP is much simpler than any link state protocol, and we should always solve all our problems with the simplest protocol possible.

 
Will these these contentions stand up to a rigorous challenge?

I will begin with the last contention first—BGP is simpler than any link state protocol. Consider the core protocol semantics of BGP and a link state protocol. In a link state protocol, every network device must have a synchronized copy of the Link State Continue reading

Worth Reading: Edge Analytics

Edge analytics is the lynchpin that drives real-time decision-making. So, edge analytics means increased intelligence on the devices at the edge. This translates to increased processing capabilities (compute) as well as higher storage on the edge devices. —Balaji Sivakumar @https://opensourceforu.com

Bridge of Sighs