On the ‘net: Fog computing architecture posing challenges for IT

As the processing power of individual, handheld, always on devices has overtaken the computing power of most mainframes of old, and network bandwidth has ramped up, a new trend is emerging towards fog computing. In fog computing as much of the processing as possible is pushed out of large scale data centers and into individual devices at the edge. To case a case study, consider the process of tagging the images of people uploaded to a social media site. —Search Networking

Worth Reading: Containers and Spectre

Software containers can offer some respite against Spectre and Meltdown attacks — but without the help of critical security tools and practices, they remain relatively easy targets.—B. Cameron Gain @The New Stack

History of Networking: Paul Vixie on the Origins of DNS

Paul Vixie joins us on the History of Networking to talk about the spread of the DNS system—like a virus through the body network. All those radios in the background at a bit of history; Paul is an Amateur Radio Operator of many years, though, like me, he is not as active as he used to be in this realm.

Worth Reading: Tech Ethics

Do teaching and codifying ethics effectively improve Tech? Consider a new software engineer, Ardentia, thrilled with her gleaming new workspace, her new refreshments bar, and her clever new colleagues. —Robin K. Hill @ACM

Worth Reading: Which Linux Kernel is Stable?

Almost every time Linus Torvalds releases a new mainline Linux kernel, there’s inevitable confusion about which kernel is the “stable” one now. Is it the brand new X.Y one, or the previous X.Y-1.Z one? —Konstantin Ryabitsev @linux.com

Some Market Thoughts on the Broadcom SDKLT

Broadcom, to much fanfare, has announced a new open source API that can be used to program and manage their Tomahawk set of chips. As a general refresher, the Tomahawk chip series is the small buffer, moderate forwarding table size hardware network switching platform on which a wide array of 1RU (and some chassis) routers (often called switches, but this is just a bad habit of the networking world) used in large scale data centers. In fact, I cannot think of a single large scale data center operating today that does not somehow involve some version of the Tomahawk chip set.

What does this all mean? While I will probably end up running a number of posts on SDKLT over time, I want to start with just some general observations about the meaning of this move on the part of Broadcom for the overall network engineering world.

This is a strong validation of a bifurcation in the market between disaggregation and hyperconvergence in the networking world. Back when the CCDE was designed and developed, there was a strong sense among the folks working on the certification that design and operations were splitting. This trend is still ongoing, probably ultimately resulting Continue reading

Worth Reading: NAT66

Network Address Translation (NAT) and Network Address Port Translation (NAPT) are technologies many people have a strong opinion about. —Marco Cilloni @APNIC

Weekends Reads 020218: GDPR, taxes, and security

The regulatory environment for brands and retailers that do business online is getting stricter thanks to regulatory changes in Europe with the General Data Protection Regulation (GDPR), as well as existing regulations in th ompanies that adapt quickly can turn these changes into a competitive advantage. —Christopher Rence @CircleID

Europe’s General Data Protection Regulation (GDPR) will come into effect in May 2018, and with it, a new set of tough penalties for companies that fail to adequately protect the personal data of European users. Amongst those affected are domain name registries and registrars, who are required by ICANN, the global domain name authority, to list the personal information of domain name registrants in publicly-accessible WHOIS directories. ICANN and European registrars have clashed over this long-standing contractual requirement, which does not comply [PDF] with European data protection law. —Jeremy Malcom @EFF

Security is always changing and failure always exists. This toxic scenario requires a fresh perspective on how we think about operational security. We must understand that we are often the primary cause of our own security flaws. The industry typically looks at cybersecurity and failure in isolation or as separate matters. We believe that our lack of insight and operational Continue reading

Live Training at Safari Books: How the Internet Really Works

I will be teaching my first live training course at Safari Books Online on the 9th of March, starting at noon ET: How the Internet Really Works. It’s hard to describe the level and background for this training, as it will be all over the place; this is a bit of an experiment in this realm. The course description is—

This live training will provide an overview of the systems, providers, and standards bodies important to the operation of the global Internet, including the Domain Name System (DNS), the routing and transport systems, standards bodies, and registrars. For DNS, the process of a query will be considered in some detail, who pays for each server used in the resolution process, and tools engineers can use to interact DNS. For routing and transport, the role of each kind of provider will be considered, along with how they make money to cover their costs, and how engineers can interact with the global routing table (the Default Free Zone, of DFZ). Finally, registrars and standards bodies will be considered, including their organizational structure, how they generate revenue, and how to find their standards.

You can find more information here.

Parrot Tire

Worth Reading: IPv6 Adoption Challenges

With the growing number of devices connected to the Internet—such as smart cars, smart homes and even smart cities—and with the pool of available IPv4 addresses quickly running out, space has become a more important issue than ever. —Marc Spindel @The Data Center Journal

Worth Reading: Networking with Intent

As servers and then storage appliances became increasingly virtualized and disaggregated over the past 15 years or so, the network stubbornly stuck with the appliance model, closed and proprietary. — Jeffrey Burt @The Next Platform

Rehashing Certifications

While at Cisco Live in Barcelona this week, I had a chat with someone—I don’t remember who—about certifications. The main point that came out of the conversation was this:

One of the big dangers with chasing a certification is you will end up chasing knowledge about using a particular vendor feature set, rather than chasing knowledge about a technology.

At some point I’m going to edit a post a video short on engineering versus meta-engineering (no, it won’t be next week), but the danger is real. For instance, in an article I’ve had in my bookmarks pile for a long while, the author says—

My boss advised me that getting my WPCE (WordPerfect Certified Resource) cert would accomplish two things: 1. It would establish my credibility as a trainer; and 2. If I didn’t know a feature before the test, I sure as heck would afterward.

I’m not going to name the author, because this is his description of thinking through a certification many years ago, rather than his current thinking on certifications—but the example is telling. I know a lot of folks studying for certifications. They mostly spend their time labbing up various protocols and… features. The temptation to Continue reading

Worth Reading: Addressing 2017

Let’s see what has changed in the past 12 months in addressing the Internet and look at how IP address allocation information can inform us of the changing nature of the network itself. —Geoff Huston @APNIC

Is Networking Becoming a Commodity?

Worth Reading: TCP Congestion Signatures

Congestion in the Internet is an age-old problem. With the rise of broadband networks, it had been implicitly accepted that congestion is most likely to occur in the ‘last mile’, that is, the broadband link between the ISP and the home customer. This is due to service plans or technical factors that limit the bandwidth in the last mile. —Srikanth Sundaresan @APNIC

Giving the Monkey a Smaller Club

Over at the ACM blog, there is a terrific article about software design that has direct application to network design and architecture.

The problem is that once you give a monkey a club, he is going to hit you with it if you try to take it away from him.

What do monkeys and clubs have to do with software or network design? The primary point of interaction is security. The club you intend to make your network operator’s life easier is also a club an attacker can use to break into your network, or damage its operation. Clubs are just that way. If you think of the collection of tools as not just tools, but also as an attack surface, you can immediately see the correlation between the available tools and the attack surface. One way to increase security is to reduce the attack surface, and one way to reduce the attack surface is tools, reduce the number of tools—or the club.

The best way to reduce the attack surface of a piece of software is to remove any unnecessary code.

Consider this: the components of any network are actually made up of code. So to translate this to Continue reading

Worth Reading: Ruru

With the increasing number of real-time applications (online games using virtual reality, multi-site financial transaction processing) and the radically new business models and use cases introduced by the 5G mobile architecture (robotics, tactile Internet) requiring interactive back-and-forth communication, user-perceived end-to-end latency is becoming an all-important factor for both users and network providers. —Richard Cziva @APNIC

Worth Reading: A constructive guide to upskilling

For years now, I’ve spent a lot of time trying to figure out the best way to go about investing in myself. —Diane Mawer @Web Designer Depot

Learning to Ask Questions

A lot of folks ask me about learning theory—they don’t have the time for it, or they don’t understand why they should. This video is in answer to that question.