You can Fly!

Worth Reading: Why DDoS Won’t Die

Most every organization has been affected by a distributed denial-of-service (DDoS) attack in some way: whether they were hit directly in a traffic-flooding attack, or if they suffered the fallout from one of their partners or suppliers getting victimized. —Kelly Jackson Higgins @Dark Reading

On the ‘net: Is Networking a Commodity?

It seems, based on this, that all businesses care about, in terms of the network, is the ability to move packets. To use a comparison that is often made: It might be “nice” to drive a “nicer car,” but in the end, a car is a car is a car. All that matters in cars is that they get you from point A to point B, wherever those points might be. If all the data a business cares about can be packed up into packets, and all that matters is getting them from point A to point B—wherever those two places might be, then the kind of equipment you use to move packets does not matter. @ECI

Worth Reading: Silver linings and clouds

Clearly, your management has never heard the phrase, “You get what you pay for.” Or perhaps they heard it and didn’t realize it applied to them. The savings in cloud computing comes at the expense of a loss of control over your systems, which is summed up best in the popular nerd sticker that says, “The Cloud is Just Other People’s Computers.” —Kode Vicious @ACM

Worth Reading: Cisco to MicroTik

One of the hardest things to do quickly in network engineering, is learn a new syntax for a NOS. Especially if you have a tight deadline and need to stand up equipment you’ve never worked with before. The command structure for RouterOS can be cumbersome if you are used to the Cisco CLI. —Kevin Myers @Stubarea51

RIPE NCC: The Future of BGP Security

I was recently invited to a webinar for the RIPE NCC about the future of BGP security. The entire series is well worth watching; I was in the final session, which was a panel discussion on where we are now, and where we might go to make BGP security better.

Worth Reading: Is user interface design getting worse?

Few interface designers are indifferent to the needs of the user, but I can’t imagine that there are many for whom that is the first consideration. —Alan Jacobs @The New Atlantis

Worth Reading: Data center interconnect and performance

What factors influence the performance of a high-speed, high-latency data center interconnect? Redundant data centers are common, providing organizations with business continuity. But how far apart is too far for good, reliable application performance? —Terry Slattery @Netcraftsmen

Why is the Feasibility Condition Less Than?

A reader recently emailed me with this question: Why isn’t the condition for a Feasible Successor set to less than (<), rather than less than of equal (<=), in EIGRP? It certainly seems, as noted in the email, that this rules out a lot of possible possible loop free alternate paths. The network below will be used to illustrate.

First, assume all links are cost of 1 except D->C, which is cost of 2. Here D will choose B as the Successor, and the FC will be set to 2. The RD of C will be 1, so C will be an FS. Now consider two failures. The first failure is D->B. D will immediately reroute to the FS, which is C, without changing the FC. This works, because C’s cost to 100::/64 via D is 4, much higher than it’s cost to 100::64 along C->A. Now consider what happens if A->100::/64 fails. If the timing of the query “works right,” C and B will be notified first, then finally D. Even if D is somehow notified before C, and D switches to C as its FS, the traffic is dropped, rather than looped—so all is happy.

Now change the situation a little. Assume the A->C link is cost Continue reading

Worth Reading: The development of the domain name market

If we traveled back in time, we would discover that unauthorized squatting on someone else’s property is an ancient tort, but in cyberspace, it dates from the mid-1990s. Its emergence brought together governments and intellectual property stakeholders to demand a rights protection mechanism devised to deal with this new form of squatting. —Gerald M. Levine @CircleID

Weekend Reads 05042018: It’s time to opt in to security

Start with your business goals and decide which metrics are required to accurately measure the state of these goals. For example, say an ISP wishes to ensure that their subscribers get the best performance possible during peak usage time — this can be monitored by measuring the oversubscription ratio and uplink utilization of the terminating device. The required metrics to do this are the number of connected sessions, ifHCInOctets, ifHCOutOctets, ifHCSpeed of the uplink from the terminating device. —Tim Raphael @APNIC

What is the best threat management system for a business network? It’s a difficult question to answer because threat management isn’t about finding a single solution to every problem; it’s about layering multiple solutions in a way that offers the best protection against a variety of threats. —Diana Shtil @Dark Reading

Tomorrow, the House Judiciary Committee will host what’s likely to be a wide-ranging discussion of how social media companies moderate content, in its hearing on Filtering Practices of Social Media Platforms. While the hearing is sure to include some spectacle and grandstanding, make no mistake: This is a deeply serious issue that deserves thoughtful consideration by policymakers, companies, and users alike. Here are a few key themes we Continue reading

Trinkets

Worth Reading: Focus on stability or speed

Is your organization more like a sailboat or a speedboat? Your answer reveals the assumptions you make about dealing with change. —MaryJo Burchard @opensoure.com

Worth Reading: Feedback Fail

But buried in all the ideas and books and blogs and seminars and real-life experiences of teams everywhere is a forgotten assumption, the Achilles’ Heel of Agile. There’s one shortcut to muck up agile fast. Ready? —Phil Seaton @Free code Camp

Worth Reading: Automatically detecting peering infrastructure outages

Given the high concentration of interconnections, the uptime of peering infrastructures is crucial for overlay Internet applications. Facilities and IXPs strive to meet Service Level Agreements (SLAs) of ‘five nines’ (five minutes downtime per year), and ‘four nines’ (50 minutes downtime per year). However, outages still occur due to power failures, human errors, attacks, and natural disasters. —Vasileios Giotsas @APNIC

Short Take: The Subsidiarity Principle

Worth Reading: Blockchain and Telecom

Without getting into a technical description of blockchain (there are no shortage of YouTube videos for that), in my opinion there are three attributes that must satisfied to consider building a successful blockchain application… —Jonathan Homa @ECI

Worth Reading: AMD’s return to the data center

It has been more than a decade since AMD was a force in computing in the datacenter. For that reason, we have not wasted a lot of time going over the ins and outs of its quarterly financials. —Timothy Prickett Morgan @The Next Platform

Worth Reading: PPoE High Availability

Traditionally, PPPoE was used in DSL deployments but became one of the most adopted forms of customer device authentication in many networks. Often used with a AAA system such as RADIUS, the ability to authenticate, authorize and account for customer connections made the use of PPPoE so appealing. —Scott Hammersley @Stubarea51

The Universal Fat Tree

Have you ever wondered why spine-and-leaf networks are the “standard” for data center networks? While the answer has a lot to do with trial and error, it turns out there is also a mathematical reason the fat-tree spine-and-leaf is is used almost universally. There often is some mathematical reason for the decisions made in engineering, although we rarely explore those reasons. If it seems to work, there is probably a reason.

The fat-tree design is explored in a paper published in 2015 (available here at the ACM, and now added to my “classic papers” page so there is a local copy as well), using a novel technique to not only explore why the spine-and-leaf fat-tree is so flexible, but even what the ideal ratio of network capacity is at each stage. The idea begins with this basic concept: one kind of network topology can be emulated on top of another physical topology. For instance, you can emulate a toroid topology on top of a hierarchical network, or a spine-and-leaf on top of of hypercube, etc. To use terms engineers are familiar with in a slightly different way, let’s call the physical topology the underlay, and the emulated topology the overlay. Continue reading