Worth Reading: Changes to the DNS marketplace

The new gTLD program and the introduction of 1200+ new domain name registries has significantly altered the marketplace dynamics. New domain name registries must navigate an environment that is, to an extent, stacked against them. —Kurt Pritz @CircleID

On the ‘net: Thinking about APIs

Network disaggregation is a lot of work for engineers, and it’s fraught with potential hurdles posed by sourcing hardware, a control plane, network operating system and how you manage necessary APIs. @Search Networking

Worth Reading: Intel fights for its life

The Smartphone 2.0 era has destroyed many companies: Nokia, Blackberry, Palm… Will Intel be another victim, either as a result of the proposed Broadcom-Qualcomm combination, or as a consequence of a suicidal defensive move? —Jean-Louis Gassée @ Monday Note

Worth Reading: The IPv4 market

The IPv4 market has grown significantly in the last four years. It finished particularly strong in 2017, both in terms of the total volume of addresses traded and overall number of intra- and inter-RIR transactions in the ARIN region. —Janine Goodman @CircleID

Short Take: Side Channel Attacks

In this short take, recently posted over at the Network Collective, I discuss what a side channel attack is, and why they are important.

Worth Reading: Top 4 problems with “doing DevOps”

“Doing DevOps” sounds so easy. You’ve read the books. You’ve gone to the conferences. You follow the right people on Twitter. But it’s taking so long. What’s going on? —Magnus Hedemark @Opensource.com

Worth Reading: Drilling down into the Ethernet switching market

Cisco has always bragged that it doesn’t play in markets where it doesn’t command a 65 percent market share and a 65 percent operating margin, but you won’t hear the new top brass at Cisco saying that. The reason is simple: That ain’t ever gonna happen again. —Timothy Prickett Morgan @The Next Platform

Low Latency Networking

Low latency is coming to a network near you. In fact, it’s probably coming to your network, whether or not you realize it.

While bandwidth has always been the primary measure of a network, and cross sectional or non-contending bandwidth for data center fabrics, further research and reflection has taught large scale network operators that latency is actually much more of a killer for application performance than lack of bandwidth—and not only latency, but its close cousin, jitter. Why is this?

To understand, it is useful to return to an example given by Tanenbaum in his book Computer Networks. He includes a humorous example of calculating the bandwidth of a station wagon full of VHS tapes, with each tape containing the maximum amount of data possible. For those young folks out there who didn’t understand a single word in that last sentence, think of an overnight delivery box from your favorite shipping service. Now stuff the box full of high density solid state storage of some kind, and ship it. You can calculate the bandwidth of the box by multiplying the number of devices you can stuff in there by the capacity of each device, and then dividing by roughly Continue reading

Worth Reading: Why decentralization matters

The internet is the ultimate software-based network, consisting of a relatively simple core layer connecting billions of fully programmable computers at the edge. Software is simply the encoding of human thought, and as such has an almost unbounded design space. —Chris Dixon @Medium

Lamp and Gateway

Weekend Reads 030918: Botnet Avalanche, DNS Security, and IoT Privacy

It’s been a busy few weeks in cybercrime news, justifying updates to a couple of cases we’ve been following closely at KrebsOnSecurity. In Ukraine, the alleged ringleader of the Avalanche malware spam botnet was arrested after eluding authorities in the wake of a global cybercrime crackdown there in 2016. @Krebs on Security

Reflection amplification is a technique that allows cyber attackers to both magnify the amount of malicious traffic they can generate, and obfuscate the sources of that attack traffic. For the past five years, this combination has been irresistible to attackers, and for good reason. —Carlos Morales @Arbor

For years, we’ve been pioneering the use of DNS to enforce security. We recognized that DNS was often a blind spot for organizations and that using DNS to enforce security was both practical and effective. Why? Because DNS isn’t optional. It’s foundational to how the internet works and and is used by every single device that connects to the network. If you’re considering using DNS for security, it’s important to understand the facts so you can combat the fiction. —Kevin Rollinson @Cisco

Attackers have seized on a relatively new method for executing distributed denial-of-service (DDoS) attacks of unprecedented disruptive power, using Continue reading

Worth Reading: Meeting blur

Problem is, I’ve had this conversation five times today, and suddenly I can not remember what was said by whom, when, and where. Welcome to Meeting Blur. @randinrepose

Administravia 030818: Added Navigation

I was asked by a reader to add categories and links for videos; I actually added three new categories, one for short videos, another for long videos, and a third for written posts. You can find these under the bottom menu item on the left. I am having a problem with the menu not showing up correctly, so I move the resources under the third menu item, as well.

Finally, I added a new archive page, which shows you all the posts in the “left” category across the three years this blog has been “in production.” I couldn’t figure out how to narrow things down so pictures and other stuff are not included, so there is more on the page than needed right now, but it’s a start.

Cloud Connectivity on the Network Collective

On this episode of the Network Collective, we’re chatting with Miguel Villareal and Scott Wheeler about cloud connectivity.

Worth Reading: Airline web sites and privacy

I asked my wife if it is alright if her Date of Birth is known to a stranger. Only if they send me a birthday gift, she joked. What about your passport number? She lowered the book she was reading. I now had her attention. —Konark Modi @FreeCodeCamp

Worth Reading: Finding shared IP address

…we developed a project to identify IPv4 addresses shared simultaneously by many users — we call such addresses ‘gateway’ addresses— and understand the nature of the shared address, that is if they are being used as a company/campus proxy, a CGN, or public hotspot. —Ramakrishna Padmanabhan @APNIC

History of Neworking: Alia Atlas on Fast Reroute

On this episode of the History of Networking, we talk to Alia Atlas about the history of fast reroute and Maximally Redundant Trees (MRTs). Remember to send in your suggestions for guests and technologies.

Worth Reading: CI/CD for network engineers

CI/CD creates a more agile software development environment which provides benefits including the faster delivery of applications. —Diane Patton @Cumulus

Worth Reading: Security Disclosures

Ask any bug hunter what the most annoying part of their job is and they’ll likely point to vulnerability disclosure and vendor notification. —Lucian Constantin @The New Stack

DFS and Low Points

On a recent history of networking episode, Alia talked a little about Maximally Redundant Trees (MRTs), and the concept of Depth First Search (DFS) numbering, along with the idea of a low point. While low points are quickly explained in my new book in the context of MRTs, I thought it worthwhile to revisit the concept in a blog post. Take a look at the following network:

On the left side is a small network with the nodes (think of these as routers) being labeled from A through G. On the right side is the same network, only each node has been numbered by traversing the graph, starting at A. This process, in a network, would either require some device which knows about every node and edge (link) in the network, or it would require a distributed algorithm that “walks” the network from one node to another, numbering each node as it is touched, and skipping any node that has already been visited (again, for more details on this, please see the book).

Once this numbering has been done, the numbers now produce this interesting property: if you remove the parent of any node, and the node can still reach Continue reading