Worth Reading: Journey into the hybrid cloud

“In the cloud” is more now than just a phrase that describes a feeling. Although the cloud began as a vision, over the past decade it has become an integral part of everyday business decisions, even being evaluated for an enterprise’s most critical high-value operations. Thanks to the public cloud, many startups find it quick and easy to set up their initial operation and product-development cycles. Some, such as Uber and Airbnb, even go to market entirely in the cloud. —The Data Center Journal

The post Worth Reading: Journey into the hybrid cloud appeared first on rule 11 reader.

Worth Reading: Cutting through the segment routing hype

Segment Routing (SR) is a new traffic-engineering technology being developed by the IETF’s SPRING Working Group. Two forwarding plane encapsulations are being defined for SR: Multiprotocol Label Switching (MPLS) and IPv6 with a Segment Routing Extension Header. This article provides some historical context by describing the MPLS forwarding plane and control plane protocols, explains how Segment Routing works, introduces the MPLS-SR forwarding plane, and shows how the SR control plane is used. Finally, the article compares SR with legacy MPLS systems, and identifies its unique merits. —The IETF Journal

The post Worth Reading: Cutting through the segment routing hype appeared first on rule 11 reader.

On the ‘web: Is it really simpler?

Simplification is the metabuzzword overlaying the networking world today. For instance, Software Defined Wide Area Networks (SD-WANs), which propose to reduce the complexity of the enterprise wide area network, particularly the network connecting to the many thousands of remote sites many enterprises operate, by replacing MPLS and private line services purchased from service providers, with services that operate over the top of “plain jane Internet” connectivity. A second area where network operators are simplifying is by purchasing pre-integrated stacks of compute, storage, and networking, in a single rack, and controlled through a single GUI—a form of hyperconvergence. A third area is in the large amounts of interest in deploying Software Defined Networks (SDNs), which are being promoted based on the simplifications possible from removing “complex” distributed control planes from the network. There are three questions network engineers should ask in response to the simplification metabuzzword, however. —Tech Target

The post On the ‘web: Is it really simpler? appeared first on rule 11 reader.

Worth Reading: ISPs simplifying customer IPv6 addressing

One of the main issues for an ISP planning to deliver IPv6 services is to decide how to address the customers. In a generic way, we could say that the first thing to do for any IPv6 deployment is the complete network addressing plan, even before obtaining your addressing space from your Regional Internet Registry (RIR), so you get it right from the very beginning. In the case of corporate customers, generally nobody doubts that they should receive a /48 IPv6 GUA (Global Unicast Address) at every end-site, and of course, those prefixes should be persistent (often called static) to each customer. —APNIC

The post Worth Reading: ISPs simplifying customer IPv6 addressing appeared first on rule 11 reader.

Worth Reading: Take a pause on ransomware

As these devastating global ransomware attacks illustrate, cybersecurity is not an issue that can be ignored. Any time a device or system is connected to the Internet, it is a potential target. What was once just another lucrative means of extorting money from Internet users, ransomware is emerging as a preferred tool for causing widespread disruption of vital services such as hospitals, banks, shipping, or airports. Attacks are growing more sophisticated and more enduring, with longer term damaging effects and wider impact. Ransomware exploits the slow pace of security patching, systems that are dependent on old software, and poor backup practices. It also provides a smokescreen for other nefarious acts including stealing data and credentials, or even wiping data. So, the name “ransomware” becomes illusory: what we are really dealing with is “hydraware.” —The Internet Society

The post Worth Reading: Take a pause on ransomware appeared first on rule 11 reader.

Join me at SDxE

The post Join me at SDxE appeared first on rule 11 reader.

Worth Reading: Internet of Terror

Before we get to the question of encryption and key length, I would like to point out two things. An IoT device is nothing more than an embedded system with a TCP/IP stack. It is not a magical object that is somehow protected from attackers because of how cool, interesting, or colorful it is. Second, and I can’t believe I have to point this out to people who would read or write to KV, but the Internet has a lot of stuff on it, and it’s getting bigger every day. Once upon a time, there were fewer than 100 nodes on the Internet, and that time is long past. KV has three Internet-enabled devices within arm’s reach, and, if you think a billion users of the Internet aren’t scary, try multiplying that by 10 once every fridge, microwave, and hotel alarm clock can spew packets into the ether(net). Let’s get this straight: if you attach something to a network—any network—it had better be secured as well as possible, because I am quite tired of being awakened by the sound of the gnashing of teeth caused by each and every new network security breach. The Internet reaches everywhere, and if even Continue reading

Worth Reading: Moving Computing to the Edge (Again)

Our perception of what makes a data center is shifting all the time. We’ve already seen a move away from the large, monolithic bricks and mortar structures of old and seeing new manifestations in smaller form factors. … Project Volutus, with hundreds of Kilowatts of compute capacity in each location, makes it possible to run data center scale workloads at the edge, doing everything from IoT data ingestion to distributed machine learning on GPUs. —The New Stack

The post Worth Reading: Moving Computing to the Edge (Again) appeared first on rule 11 reader.

Complexity and the Thin Waist

In recent years, we have become accustomed to—and often accosted by—the phrase software eats the world. It’s become a mantra in the networking world that software defined is the future. full stop This research paper by Microsoft, however, tells a different story. According to Baumann, hardware is the new software. Or, to put it differently, even as software eats the world, hardware is taking over an ever increasing amount of the functionality software is doing. In showing this point, the paper also points out the complexity problems involved in dissolving the thin waist of an architecture.

The specific example used in the paper is the Intel x86 Instruction Set Architecture (ISA). Many years ago, when I was a “youngster” in the information technology field, there were a number of different processor platforms; the processor wars waged in full. There were, primarily, the x86 platform, by Intel, beginning with the 8086, and its subsequent generations, the 8088, 80286, 80386, then the Pentium, etc. On the other side of the world, there were the RISC based processors, the kind stuffed into Apple products, Cisco routers, and Sun Sparc workstations (like the one that I used daily while in Cisco TAC). The argument Continue reading

Worth Reading: 5G and Internet Technology

5G is the latest generation of cellular network standards. There’s a tremendous amount of activity around it in the industry. But how does 5G relate to Internet technology? Are there 5G-related work items that the IETF should be working on, for instance? —APNIC

The post Worth Reading: 5G and Internet Technology appeared first on rule 11 reader.

Worth Reading: The next generation of whois

Similar to Internet DNS, WHOIS is not a single, centrally managed database. Rather, domain name registration data is held in disparate locations and administered by multiple Registries and Registrars. Further, a similar WHOIS service (maintained by Regional and National Internet Registries) exists for Numbering Resources (IPV4/V6 addresses, ASN numbers) on Internet. For the sake of simplicity and clarity, we will only talk about domain name WHOIS in this article. —APNIC

The post Worth Reading: The next generation of whois appeared first on rule 11 reader.

Worth Reading: Why isn’t everyone running DNSSEC?

Given how critical DNS is to the functioning of the Internet, it’s a mystery that the world is prepared to accept such a security-deficient protocol at the core of all its infrastructure. What’s even crazier is that there’s a secure solution that’s been in the pipeline for over a decade: DNS security extensions, or DNSSEC. —APNIC

The post Worth Reading: Why isn’t everyone running DNSSEC? appeared first on rule 11 reader.

Worth Reading: Are more specifics harmful?

The number of more specific advertisements in the IPv4 Internet is more than 50% of all advertisements, and the comparable picture in IPv6 has more specific advertisements approaching 40% of all network advertisements. It is tempting to label this use of more specifics as part of the trashing of the Internet commons. Individual networks optimise their position by large-scale advertising of more specifics, which in turn, creates an incremental cost on all other networks in terms of increased BGP table size and increased overhead of processing BGP updates. The question I’d like to look at here is whether these more specific advertisements represent a significant imposition on everyone else, or whether they are simply unavoidable. —APNIC

The post Worth Reading: Are more specifics harmful? appeared first on rule 11 reader.

Worth Reading: Hijacking Bitcoin

It turns out that if you can hijack less than a hundred BGP prefixes (feasible) you can isolate about 50% of the mining power in the network. Once a collection of nodes are partitioned from the network the network becomes more vulnerable to double spending attacks, transaction filtering, and selfish mining attacks. —Morning Paper

The post Worth Reading: Hijacking Bitcoin appeared first on rule 11 reader.

Worth Reading: Why data integration is on the front line

Data is increasingly viewed as a strategic asset with real revenue impact for businesses of every size. A 2016 Capgemini survey found 61% of executives surveyed felt big data was a driver of revenue and was as valuable to their bottom line as the products or services they sell. Additionally, 65% of the surveyed executives felt they risked becoming irrelevant or uncompetitive if they failed to embrace big data. —Data Center Journal

The post Worth Reading: Why data integration is on the front line appeared first on rule 11 reader.

Worth Reading: A brittle and fragile future

While this is not intended to be a dystopian rant, I feel strongly motivated to draw attention to the fragile and interdependent future we are creating through the use of programmable devices and systems. Some of you are, no doubt, rather tired of this theme, but as we equip cyber-physical and virtual systems with programs that animate their functions, it seems inescapable that over time they will become increasingly interdependent and that may produce vulnerabilities and fragilities that will be exploited by inimical parties or will simply create difficult and even unrecoverable failures. —ACM Queue

The post Worth Reading: A brittle and fragile future appeared first on rule 11 reader.

Worth Reading: The impact of more specifics in the DFZ

Here I’ll examine the collected statistics of the use of more specific routing advertisements in BGP in further detail, looking at the impact of more specifics on the growth of the routing system and the dynamics of BGP updates in the larger context of scaling BGP to meet the demands of an ever-larger Internet. —potaroo

The post Worth Reading: The impact of more specifics in the DFZ appeared first on rule 11 reader.

Green Doors

The post Green Doors appeared first on rule 11 reader.

Worth Reading: Subscription based networking

Cisco’s big announcement this week ahead of Cisco Live was their new Intent-based Networking push. This new portfolio does include new switching platforms in the guise of the Catalyst 9000 series, but the majority of the innovation is coming in the software layer. Articles released so far tout the ability of the network to sense context, provide additional security based on advanced heuristics, and more. But the one thing that seems to be getting little publicity is the way you’re going to be paying for software going forward. —Networking Nerd

The post Worth Reading: Subscription based networking appeared first on rule 11 reader.

Worth Reading: Characterizing IPv6 load balancing

Routers that perform load balancing choose among multiple next-hop routers when forwarding packets. In Figure 1, router R1 chooses among R2 and R3. In general, the next-hop is chosen by computing a hash over a subset of fields in each packet’s IP header. Hashing different subsets of IP header fields allow control of a trade-off between the granularity of load balancing and impact on traffic. Below we describe common load balancing configurations, how well they can load balance traffic, and their possible impact on traffic. —APNIC

The post Worth Reading: Characterizing IPv6 load balancing appeared first on rule 11 reader.