Running EVE-NG in Proxmox
If you follow my blogs, you might know that I recently switched to Proxmox from VMware Workstation Pro for my home lab. I’ve already migrated most of my VMs, including Cisco CML, to Proxmox, and the last piece left was EVE-NG. In this blog post, we’ll go through the steps to install EVE-NG in Proxmox. Let’s get started!
As always, if you find this post helpful, press the ‘clap’ button on the left. It means a lot to me and helps me know you enjoy this type of content.
Running Cisco CML in Proxmox
In this blog post, we’ll go through how to install Cisco CML (specifically CML 2.8 Free Tier) on Proxmox.
Suresh Vina
Overview
EVE-NG doesn’t have official documentation for Proxmox, but it works perfectly fine, and I haven’t faced any issues so far. For this example, I’m using
- Proxmox version 8.3.0
- EVE-NG Community Edition 6.2.0
Most of the VM’s settings can be left at their default values, but there are a couple of changes I had to make. Before diving in, let's have a quick look at Nested Virtualization.
Nested Virtualization
Nested virtualization allows you to run virtual machines Continue reading
Record-breaking 5.6 Tbps DDoS attack and global DDoS trends for 2024 Q4
Welcome to the 20th edition of the Cloudflare DDoS Threat Report, marking five years since our first report in 2020.
Published quarterly, this report offers a comprehensive analysis of the evolving threat landscape of Distributed Denial of Service (DDoS) attacks based on data from the Cloudflare network. In this edition, we focus on the fourth quarter of 2024 and look back at the year as a whole.
When we published our first report, Cloudflare’s global network capacity was 35 Terabits per second (Tbps). Since then, our network’s capacity has grown by 817% to 321 Tbps. We also significantly expanded our global presence by 65% from 200 cities in the beginning of 2020 to 330 cities by the end of 2024.
Using this massive network, we now serve and protect nearly 20% of all websites and close to 18,000 unique Cloudflare customer IP networks. This extensive infrastructure and customer base uniquely positions us to provide key insights and trends that benefit the wider Internet community.
In 2024, Cloudflare’s autonomous DDoS defense systems blocked around 21.3 million DDoS attacks, representing a 53% increase compared to 2023. On average, in 2024, Cloudflare blocked 4,870 Continue reading
The fall and rise of TikTok (traffic)
The United States ban on TikTok went into effect on January 19, 2025, and although service began to be restored after just 14 hours, it was only close to the inauguration of Donald Trump as the 47th President of the United States that associated DNS traffic started to recover to closer to previous levels. In this post, we analyze the events of January 19 and 20, and what they meant for TikTok-related DNS traffic, but also other competitors (including their growth outside the US).
For context, we wrote an initial blog post about the TikTok ban on Sunday, January 19, 2025. The ban was part of the "Protecting Americans from Foreign Adversary Controlled Applications Act," proposed in Congress, which ordered ByteDance to divest due to alleged security concerns. The bill was signed into law by Congress and President Biden in April 2024, and was upheld by the Supreme Court on January 17, 2025.
Aggregated data from our 1.1.1.1 DNS resolver shows — as we’ve posted on social media — that the TikTok shutdown in the US began to impact DNS traffic to TikTok-related domains on January 19, just after 03:30 UTC (22:30 ET on January Continue reading
Concise Link Descriptions in netlab Topologies (Part 1)
One of the goals we’re always trying to achieve when developing netlab features is to make the lab topologies as concise as possible1. Among other things, netlab supports numerous ways of describing links between lab devices, allowing you to be as succinct as possible.
A bit of a background first:
- In the end, netlab collects all links in the links list before starting the data transformation process.
- Every entry in the links list is a dictionary. That dictionary can contain link attributes and must contain a list of interfaces connected to the link.
- Every interface must have a node (specifying the lab device it belongs to) and could contain additional interface attributes.
TikTok ban takes hold: data reveals sharp traffic decline and rapid shift to alternatives
The United States ban on TikTok went into effect on January 19, 2025, and our data showed a clear impact starting after 03:30 UTC (10:30 PM ET on January 18, 2025). The ban was part of the "Protecting Americans from Foreign Adversary Controlled Applications Act," proposed in Congress, which ordered ByteDance to divest due to alleged security concerns. The bill was signed into law by Congress and President Biden in April 2024, and was upheld by the Supreme Court.
Aggregated data from our 1.1.1.1 DNS resolver shows — as we’ve posted on X — that the TikTok shutdown in the US began to impact DNS traffic to TikTok-related domains on January 19, just after 03:30 UTC (22:30 ET on January 18). This includes DNS traffic not only for TikTok, but also for other ByteDance-owned platforms, such as the CapCut video editor. Traffic dropped by as much as 85% compared to the previous week and showed signs of further decline in the following hours.
Around that time, a message indicating the TikTok ban began appearing for US users.
Analyzing data from autonomous systems or networks, traffic from TikTok owner ByteDance’s network (AS396986) in the US Continue reading
From Python to Go 011. Parsing XML, JSON, And YAML Files.
Hello my friend,
This blog post is probably the first one, where we start doing more practical rather than foundational things in Python and Go (Golang). Up till now we were going through all possible data types as well as small steps how to deal with files. Today we’ll bring that all together and boost it with practical scenario of parsing data following the most popular data serialization techniques these days
Which Jobs Do Require Network Automation Skills?
For quite a while I’m trying to hire a good network automation engineer, who shall be capable to write applications in Python, which shall manage networking. The pay is good, so my understanding would be that the candidates’ level shall be good as well. My understanding is sadly far from reality as general skills in software development is poor. I was thinking multiple times, if people who passed my trainings would apply, they could have smashed it (provided they practice). Which means there are a lot of jobs out there, requiring good level of automation and software development skills. But they stay unfulfilled because there are no good candidates. It could be yours.
Boost yourself up!
We offer the following training programs Continue reading
InfraHub Schema Library
In my previous InfraHub introductory post, we covered installation and the basics of InfraHub. In this second post, let’s explore the ‘Schema Library’ provided by OpsMill, the team behind InfraHub. As mentioned in the previous post, InfraHub doesn’t include any user-defined schemas out of the box, so we need to create our own. However, the Schema Library repository offers a collection of schemas that we can easily import into InfraHub. In this post, we’ll take a closer look at the Schema Library and how to use it.
If you are new to Infrahub and want to learn the basics of what it is and how to install it, feel free to check out my introductory post below.
Getting Started with Infrahub
If you’re in the network automation space or attended one of the last two Autocon events, you might have come across a new tool called ‘Infrahub’ from OpsMill
Suresh Vina
Recap on Schema
The way I think about schema is that it is a blueprint that defines the structure of your data. It specifies the nodes (like devices and interfaces), their attributes, and the relationships between them. This allows you to customize how you Continue reading
Hedge 255: Open Multi-perspective Issuance
One of the various attack surfaces in encryption is insuring the certificates used to share the initial set of private keys are not somehow replaced by an attacker. In systems where a single server or source is used to get the initial certificates, however, it is fairly easy for an attacker to hijack the certificate distribution process.
Henry Birge-Lee joins us on this episode of the Hedge to talk about extensions to existing certificate systems where a certificate is pulled from more than one source. You can find his article here.
HN764: Should You Pursue a Technical Leadership Role?
Do you think you have what it takes to be a manager? Should you go for it? Laura Santamaria, host of the Technically Leadership podcast, joins Ethan Banks to discuss those questions. They talk about the motivations for moving into a management role, the challenges of managing people, and the need to understand the business... Read more »Public Videos: Leaf-and-Spine Fabric Design
The initial videos of the Leaf-and-Spine Fabric Architectures webinar are now public. You can watch the Leaf-and-Spine Fabric Basics, Physical Fabric Design, and Layer-3 Fabrics sections without an ipSpace.net account.
N4N009: High-Speed Ethernet Lanes Explained
On today’s episode, we’re explaining high-speed Ethernet lanes at the request of listener Matthew. We cover lanes, channels, and their physical representation in networking – think actual cables. We explain both 40Gb and 100Gb technologies and compare them to Link Aggregation Control Protocol (LACP). We also have a discussion on standards and practical implications for... Read more »Lab: Level-1 and Level-2 IS-IS Routing
One of the recipes for easy IS-IS deployments claims that you should use only level-2 routing (although most vendors enable level-1 and level-2 routing by default).
What does that mean, and why does it matter? You’ll find the answers in the Optimize Simple IS-IS Deployments lab exercise.
NAN082: Mastering Python One Bite at a Time
How do you master Python? One bite at a time. On today’s show we talk with Bob Belderbos, co-founder of PyBites, a community and learning platform for Python. Bob shares his philosophy for learning Python in small bites with practical exercises, hands-on learning, and daily coding for improvement. We discuss the importance of small wins,... Read more »Comparing IGP and BGP Data Center Convergence
A Thought Leader1 recently published a LinkedIn article comparing IGP and BGP convergence in data center fabrics2. In it, they3 claimed that:
iBGP designs would require route reflectors and additional processing, which could result in slightly slower convergence.
Let’s see whether that claim makes any sense.
TL&DR: No. If you’re building a simple leaf-and-spine fabric, the choice of the routing protocol does not matter (but you already knew that if you read this blog).
HS092: Make a Plan…and Change It!
It’s better to plan for your IT strategy than not. But sometimes circumstances arise such that the plan, no matter how well conceived, just doesn’t work any more. On today’s Heavy Strategy, we explore how and why you should change a plan in the context of IT and business objectives. Sometimes this means small changes... Read more »
PP045: Reducing the Risk of Compromised Digital Certificates with CAA and Certificate Transparency
Transport Layer Security (TLS) relies on certificates to authenticate Web sites and enable encryption. On today’s Packet Protector we look at mechanisms that domain owners can take to ensure the validity of their digital certificates. More specifically, we cover Certification Authority Authorization (CAA) and Certificate Transparency (CT). Our guest is Ed Harmoush. Ed is a... Read more »Demonstrating reduction of vulnerability classes: a key step in CISA’s “Secure by Design” pledge
In today’s rapidly evolving digital landscape, securing software systems has never been more critical. Cyber threats continue to exploit systemic vulnerabilities in widely used technologies, leading to widespread damage and disruption. That said, the United States Cybersecurity and Infrastructure Agency (CISA) helped shape best practices for the technology industry with their Secure-by-Design pledge. Cloudflare signed this pledge on May 8, 2024, reinforcing our commitment to creating resilient systems where security is not just a feature, but a foundational principle.
We’re excited to share an update aligned with one of CISA’s goals in the pledge: To reduce entire classes of vulnerabilities. This goal aligns with the Cloudflare Product Security program’s initiatives to continuously automate proactive detection and vigorously prevent vulnerabilities at scale.
Cloudflare’s commitment to the CISA pledge reflects our dedication to transparency and accountability to our customers. This blog post outlines why we prioritized certain vulnerability classes, the steps we took to further eliminate vulnerabilities, and the measurable outcomes of our work.
Cloudflare’s core security philosophy is to prevent security vulnerabilities from entering production environments. One of the goals for Cloudflare’s Product Security team is to champion this philosophy and ensure Continue reading
Weird Junos IS-IS Metrics
As part of the netlab development process, I run almost 200 integration tests on more than 20 platforms (over a dozen operating systems), and the amount of weirdness I discover is unbelievable.
Today’s special: Junos is failing the IS-IS metrics test.
The test is trivial:
- The device under test is connected to two IS-IS routers (X1 and X2)
- It has a low metric configured on the link with X1 and a high metric configured on the link with X2
The validation process is equally trivial: