Demand for bandwidth continues to surge with increasing use of AI, high-definition video streaming, cloud and 5G mobile applications. In response, optical services need to become more dynamic and meet stricter service-level requirements. Consequently, metro-based networks owned by communications service providers (CSPs) and used for mobile transport, enterprise services or broadband access services face new demands relating to power, multiservice aggregation, security, AI integration and network slicing. Figure 1 shows a rich set of applications in a typical metro network. Figure 1 — A typical metro network supports a rich set of applications. As AI use grows, it will create a force multiplier that will drive significant traffic to transport networks. But the challenging throughput, latency and reliability requirements of AI workloads are already taking network scale and complexity to another level. CSPs are facing unprecedented pressure to deliver more, faster and better. Figure 2 shows the impact of AI traffic growth based on a recent Nokia Bell Labs study. This growth can range from 14% to 31%. Figure 2 — Traffic growth effects on CSP networks. CSPs’ access and aggregation network (orange) will bear the heaviest load, roughly 31% of the total AI traffic. CSPs’ metro network (pink) is Continue reading
Addressing a long-standing perceived roadblock in enabling systems to span multiple cloud services, Amazon Web Services and Google Cloud have jointly developed a standard for customers to easily bridge their cloud deployments with Layer 3 connectivity. The idea, according to both companies, is to make it easy for their customers with cloud operations in both clouds to network them together in a private network, reducing the burden of maintaining multicloud connectivity, and perhaps even dispelling fears of cloud lock-in. Such easy connectivity may even spur customers to create more multicloud applications, theConnection Coordinator API specification is built on OpenAPI 3.0 customized for easily provisioning dedicated bandwidth between two cloud providers. The two cloud giants want other cloud providers to use the API as well. AWS implemented the spec in Google Cloud’s Cross-Cloud Interconnect. Both companies pledge to “engage in continuous monitoring to proactively detect and resolve issues,” according to the AWS website. The private lines between Google and AWS will be built on
The Kubernetes ecosystem is undergoing a fundamental shift in how it manages external traffic. On Nov. 12, 2025, Kubernetes Kubernetes Gateway API emerges as the successor, which is a standardized, extensible framework that addresses these fundamental limitations. Rather than relying on fragmented implementations and proprietary annotations, Gateway API introduces a unified model that supports multiprotocol routing (L4 and L7), fine-grained traffic control, header-based pattern matching, request mirroring, and native traffic metrics. Achieving General Availability in 2023, Gateway API represents the Kubernetes community’s answer to the ingress problem. For a detailed comparison of Ingress controller and Gateway, refer to my previous article Continue reading
Running the GitHub for archival purposes, as well as supporting software such as the
On Nov. 18, 2025, major outage lasting several hours that disrupted access to numerous popular websites and online services worldwide. This was only the latest in a wave of major Internet service providers going down. Others have included Amazon Web Services and Cloudflare, the root cause was a database system’s permissions blunder. This resulted in popular sites and services such as Shopify, Amazon, and Robox failing, and in essentially all AI chatbots, such as ChatGPT, Perplexity, and Anthropic Claude, being knocked out. Root Cause: A Database Permissions Blunder Specifically, the outage was triggered not by a cyberattack, but by a software bug in Cloudflare’s Bot Management system. Specifically, a recent change to the permissions for a database query generated an overlarge “feature file” that was used by the Bot Management module with many duplicate entries. This Continue reading
Virtual Private Network (VPN) software provider Tailscale has brought on Kubernetes pioneer Brendan Burns (currently at Microsoft) and open source VPN software WireGuard, which provides an easy way to remotely connect to a network by way of VPN protocols. The company has parlayed the open source success of the code into an enterprise platform for running networks as well. Now, in an effort to expand its reach, Tailscale is looking to break into the cloud native Kubernetes market. The company has kicked off a number of initiatives to support Kubernetes networking in a production-scale facility. “Kubernetes networking has always been a bit of a challenge,” largely owing to its immense flexibility and ability to work in so many different environments, Beda said in an interview with TNS. Setting up the networking for a single cluster is easy enough, he said. But as the Continue reading
How many machines do you have on your network that run Docker containers? One? Two? 20? Now, how are those machines and containers performing? How quickly can you log into those machines and run the necessary commands to suss out that information? Even better, do you know the commands required to do this? What if I told you you could deploy a container on one machine and then deploy agents on every server you need to monitor? And what if I told you this could all be done via Docker, and it’s really easy? The end result is a single dashboard that gives you quick access to resource usage for those machines used for your container deployments. That container is called
We see HTTP everywhere on the web. It’s considered one of its backbones. Think of it as the “language” that allows browsers, servers and websites to talk to one another. HTTP is a protocol that defines a structured way to request and exchange information. With an HTTP server, you can provide access to data, tools and services, allowing a client to request information or trigger actions. Think of HTTP like ordering at a restaurant. You don’t walk into the kitchen and ask the chef for your meal yourself. You give your meal order to the server. The server passes along your order to the right people and then, a short time later, you have a finished meal. If you need something else, like salt, you again speak to the server rather than finding salt yourself. HTTP works similarly. Your browser sends a request to the web server, and the web server figures out where the right information is and delivers it back to your browser. In this analogy, the human server represents the HTTP server. It takes in the browser’s request for information, identifies where the information is and returns it to the browser. An HTTP server is a service Continue reading
If you’re tired of worrying about your AI queries or the data you share within them being used to either train large language models (LLMs) or to create a profile of you, there are always local AI options you can use. I’ve actually reached the point where the only AI I use is local. For me, it’s not just about the privacy and security, but also the toll AI takes on the energy grids and the environment. If I can do my part to prevent an all-out collapse, you bet I’m going to do it. Most often, I deploy local AI directly on my machine. There are, however, some instances where I want to quickly deploy a local AI to a remote server (either within my LAN or a server beyond it). When that need arises, I have two choices: Install a local AI service in the same way I install it on my desktop. Containerize it. The benefit of containerizing it is that the locally installed AI is sandboxed from the rest of the system, giving me even more privacy. Also, if I want to stop the locally installed AI, I can do so with a quick and easy Continue reading
While there is no single storage architecture model that fits all NoSQL databases, the often recommended approach is a distributed, shared-nothing architecture using local storage (often flash-based) at each node. At the storage hardware level, direct-attached storage (DAS) would be an example of shared-nothing architecture. This model provides the desired high performance, low latency, fault tolerance and availability that business-critical NoSQL databases like Cassandra and MongoDB require. While DAS offers significant advantages, it’s counterproductive to today’s data center climate of reduced CapEx, OpEx and sustainability initiatives. At the same time, critical data services inherent in a shared networked storage system, such as storage area networks (SANs), are missing in DAS. However, with today’s SAN solutions, you can have your cake and eat it, too: efficiency, data services, resilience and yes, high performance and low latency, too. Modernizing your data platform to a SAN model, using a supplier with a disaggregated, software-defined architecture, can deliver the performance and fault tolerance your NoSQL database requires without compromising efficiency. Why Shared-Nothing Is Common for NoSQL DAS is a prevalent model for performance-sensitive workloads, like NoSQL databases, because historically local flash, especially
PARIS —When I worked for NASA in the 1980s, I helped build a Near Space Network tracking program using Datatrieve on VAX/VMS for the backend. When completed, it manually tracked just over a thousand static network links. That’s nothing — nothing — compared to what Starlink. This is not easy, as OpenInfra Summit Europe 2025. The problem they face is that while the mega-constellations of Low Earth Orbit (LEO) and Medium Earth Orbit (MEO) are revolutionizing telecom, traditional network routing protocols such as Open Shortest Path First (OSPF) and Border Gateway Protocol (BGP) struggle with their dynamic topologies — not to mention the next-generation Internet protocol, IPv6. The Challenge of Emulating Dynamic Satellite Networks So, the goal is to emulate large-scale, satellite mesh networks where the nodes are constantly moving and falling in and out of contact as they orbit the Earth and the world revolves underneath them. Deutsche Continue reading
GitLab is a DevOps platform that provides a single location for the entire software development cycle. This developer-centric app includes version control with Git, CI/CD pipelines, issue tracking and security scanning.
The AI era demands a simple infrastructure strategy that prioritizes scalability, performance and cost efficiency in managing AI data pipelines. A key challenge is supporting large language model (LLM) training, which requires massive data, compute and storage resources. Efficient training relies on the continuous feeding of large data sets and the storage of model parameters, intermediate results and checkpoints. Above all, the infrastructure strategy must ensure that the AI resources are scalable, reliable and cost-efficient. Scaling AI Training Infrastructure As models grow, so do the demands on high-performance block storage system with multiattach capabilities. The block Continue reading
Today’s Linux distributions are plentiful and run the gamut of purposes. There are Linux distributions for those who are new to the open source OS, for gaming, developing, content creation, multimedia, containers, Internet of Things (IoT), edge, routers, firewalls, refrigerators … the list goes on and on. And, of course, there are Linux distributions that are purpose-built for those in IT, such as its site, “SysLinuxOS was built to work right out of the box, with all networking tools already installed by default. There is no need to install anything; it is a Swiss army knife to always carry with us. There are all the major Virtual Private Networks (VPN), several remote control clients, various browsers, as well as Wine, Wireshark, Etherape, Ettercap, PackETH, Packetsender, Putty, Nmap, Packet Tracer 8.2.2, Virtualbox 7.2, Munin, Zabbix-agent2, Icinga, Monit, Nagios4, and tools for serial console and the latest stable liquorix kernel.” At first blush, SysLinuxOS seems to be similar to Tails, only instead of it being targeted at pentesters, it’s more for administrators who need Continue reading
Your network, be it home or business, is probably quite busy and crowded with devices. On my small home LAN, most Wireshark to see what packets are coming and going so I can ensure nothing nefarious is going on. But as far as network visualizers, I’d yet to come across one that is easy enough to use that it didn’t require an entire morning or afternoon to deploy. When I came across Atlas GitHub page, the container stack is “built with Go, FastAPI, NGINX, and a custom React frontend, it provides automated scanning, storage, and rich dashboards for insight into your infrastructure.” Usually, when I read such a description, I immediately think, “Sounds great, but it also sounds like it’ll be a real pain to deploy.” To my great surprise, Atlas did not Continue reading
The workplace is being redefined. AI workloads, an explosion of connected devices, and changing working patterns are forcing organizations to rethink their campus and branch network designs to support business goals and deliver great digital experiences to customers and employees. Over the last decade, IT teams have had to manage significant change with the adoption of cloud computing, widespread use of mobile devices, and SaaS applications becoming critical to core business operations. Now, the transformation that is AI presents an opportunity to gain a core competitive advantage and a productivity multiplier for those organizations that successfully embrace it. When it comes to the rise of Small Language Models (SLMs) and agentic AI, sophisticated AI capabilities are moving closer to where business happens — at the branch office and on campus. This shift to “edge AI” promises exciting possibilities but also brings significant implications for network infrastructure that network architects and decision-makers must address now. Understanding Local Small Language Models (SLMs) at the Edge Local SLMs are designed to be compact and efficient enough to run on local servers or even dedicated edge devices. For tasks like answering simple queries or summarizing documents using local data, these models perform inference right Continue reading
IPv6 was developed in the late 1990s as a successor to IPv4 to address the internet’s rapid growth and prevent IPv4 address exhaustion. The original vision was that, after a period of dual-stack operation, IPv4 would be phased out. Over 25 years later, full-scale depletion of IPv4 addresses is imminent, yet IPv6 adoption remains slow — currently only about 30% worldwide, with the same proportion of Alexa Top 1,000 websites reachable via IPv6. The timeline for a full transition remains uncertain. Understanding IP Addresses: The Internet’s Postal System Before diving into the complexities of IPv6 adoption, it’s essential to understand what these protocols actually do. Think of IP addresses as the internet’s equivalent of postal addresses — they tell data packets where to go across the vast network of interconnected computers that make up the internet. IPv4 vs. IPv6 address space: A scale comparison The scale difference is staggering.
A Ian Kelling points out that the infrastructure for the Free Software Foundation “has been under attack since August 2024.” “Nothing has changed since the article,” FSF sysadmin a report from LibreNews noting similar issues at high-profile FOSS sites including the Fedora project, KDE GitLab infrastructure, the GNOME GitLab instance, Diaspora, and even the FOSS news site Linux Weekly News. (And “GNOME has been experiencing issues since a last November…”) Articles like the FSF’s are a way of sharing “techniques and tools”, McMahon said Tuesday. Though he adds that some system administrators also have a private mailing list “where we can coordinate and share effective strategies. The specific mitigations often cannot be published because that would give our attackers an advantage.” There’s a lot to learn from the FSF’s battle against the bots — about the tactics of sysadmins, but also about Continue reading
Google Cloud now offers a fully managed version of the Google Cloud Managed Lustre service went live (“general availability”) globally on July 8. An open source, high-performance file system, running those supercomputing jobs. And Lustre’s ability to stream data in the range of terabytes per second should also make it appealing to very approximately 1TB) — and can scale up to 8PiB or more. With this release, Google Cloud has caught up with other cloud providers in offering a cloud-based Lustre. It competes with Amazon FSx and Oracle‘s EXAScaler Continue reading
If you’re like me, you depend on a lot of systems and services, even within your home LAN. Because I work from home, that’s amplified to the point where I need certain applications available to me that aren’t hosted by a third party, for flexibility, ease of use, reliability and security. Thankfully, Docker is there to make deploying those apps and services considerably easier; otherwise, I’d wind up having to first deploy a collection of virtual machines (VMs), keep them running and worry about upgrading/managing them efficiently. Yeah, Docker makes this entire process easier. Even better, I can spin up those apps and services in seconds, instead of having to go the traditional route, which can often take quite a bit longer to deploy. But what are the apps and services that I depend on for my LAN to keep me productive? Surprise, surprise: I have a list, and here it is. Nextcloud