Using DNS to estimate the worldwide state of IPv6 adoption
In order for one device to talk to other devices on the Internet using the aptly named Internet Protocol (IP), it must first be assigned a unique numerical address. What this address looks like depends on the version of IP being used: IPv4 or IPv6.
IPv4 was first deployed in 1983. It’s the IP version that gave birth to the modern Internet and still remains dominant today. IPv6 can be traced back to as early as 1998, but only in the last decade did it start to gain significant traction — rising from less than 1% to somewhere between 30 and 40%, depending on who’s reporting and what and how they’re measuring.
With the growth in connected devices far exceeding the number of IPv4 addresses available, and its costs rising, the much larger address space provided by IPv6 should have made it the dominant protocol by now. However, as we’ll see, this is not the case.
Cloudflare has been a strong advocate of IPv6 for many years and, through Cloudflare Radar, we’ve been closely following IPv6 adoption across the Internet. At three years old, Radar is still a relatively recent platform. To go further back in time, we Continue reading
netlab: Version-Specific Topology Files
TL&DR: If you’re using netlab to build labs for your personal use, you can skip this one, but if you plan to use it to create training labs (like my BGP labs project), you might want to keep reading.
Like any complex enough tool, netlab eventually had to deal with inconsistent version-specific functionality and configuration syntax (OK, topology attributes). I stumbled upon this challenge when I wanted to make labs that use two types of configurable devices.
netlab: Version-Specific Topology Files
TL&DR: If you’re using netlab to build labs for your personal use, you can skip this one, but if you plan to use it to create training labs (like my BGP labs project), you might want to keep reading.
Like any complex enough tool, netlab eventually had to deal with inconsistent version-specific functionality and configuration syntax (OK, topology attributes). I stumbled upon this challenge when I wanted to make labs that use two types of configurable devices.
Why Secure SD-WAN is a Pillar of Enterprise Cybersecurity
While the networking industry chatter is centered on hot topics like ZTNA and SASE, it's easy to forget to check in on existing solutions like SD-WAN.Fighting Back Against Fileless Malware
Fileless malware attacks are extremely hard to detect and the time it takes for them to be discovered is growing. The best approach to dealing with it is preventing the malware from infecting a network by adopting a zero-trust approach.D2C224: Security KubeConversations Part 1 – Protecting Your Kubernetes Infrastructure
Our KubeConversations series continues with a two-part episode on securing Kubernetes and cloud-native infrastructure. I attended KubeCon 2023 in Chicago and had the opportunity to speak with vendors and open-source maintainers about the work they're doing to help protect your Kubernetes environments. I talk about a Kubernetes Bill of Materials, protecting K8s from ransomware, protecting APIs and Web front-ends from attacks, and the state of cloud-native security.
The post D2C224: Security KubeConversations Part 1 – Protecting Your Kubernetes Infrastructure appeared first on Packet Pushers.
D2C224: Security KubeConversations Part 1 – Protecting Your Kubernetes Infrastructure
Our KubeConversations series continues with a two-part episode on securing Kubernetes and cloud-native infrastructure. I attended KubeCon 2023 in Chicago and had the opportunity to speak with vendors and open-source maintainers about the work they’re doing to help protect your Kubernetes environments. In this episode we’ll talk about a Kubernetes Bill of Materials, protecting K8s... Read more »The Dawn of Universal Zero Trust Network Access
Universal ZTNA is a concept that calls for centralizing a user or a device's Zero Trust access policy to enable a single policy definition.BGP Labs: Use BGP Communities in a Routing Policy
A previous BGP lab focused on the customer side of BGP communities: adding them to BGP updates to influence upstream ISP behavior. Today’s lab focuses on the ISP side of the equation: using BGP communities in a routing policy to implement RFC 1998-style behavior.
BGP Labs: Use BGP Communities in a Routing Policy
A previous BGP lab focused on the customer side of BGP communities: adding them to BGP updates to influence upstream ISP behavior. Today’s lab focuses on the ISP side of the equation: using BGP communities in a routing policy to implement RFC 1998-style behavior.
Models of Trust for the RPKI
A report on a feasibility study looking at an alternative trust anchor structure for the Resource Public Key Infrastructure.Building Resilience in Uncertain Times: The Power Of Connected Networks
Connected networks allow every stakeholder to see exactly how different parts of the ecosystem interact and impact the customer experience and business outcomes.HW017: The Story Behind The CWNA Study Guide
Studying for a certification exam is also about grasping real-world concepts. And that’s exactly the approach David Coleman and David Westcott took when writing their CWNA study guide, now in its sixth edition
The post HW017: The Story Behind The CWNA Study Guide appeared first on Packet Pushers.
HW017: The Story Behind The CWNA Study Guide
Studying for a certification exam is also about grasping real-world concepts. And that’s exactly the approach David Coleman and David Westcott took when writing their CWNA study guide, now in its sixth edition. “The Davids” talk about the process of writing their book, the research involved, and the importance of making complex topics understandable for... Read more »5 Reasons Not to Use Serverless Computing
Despite its popularity, serverless computing has downsides and is not always the best approach for every part of every workload.NaaS and Edge Cloud: Agility and Efficiency for the Modern Enterprise
The partnership between NaaS and edge cloud unlocks new possibilities for data-driven innovation and becomes the cornerstone for optimized operations.From Google to Generative AI: Ranking top Internet services in 2023
Ask nearly any Internet user, and they are bound to have their own personal list of favorite sites, applications, and Internet services for news, messaging, video, AI chatbots, music, and more. Sum that question up across a lot of users in a lot of different countries, and you end up with a sense of the most popular websites and services in the world. In a nutshell, that’s what this blog post is about: how humans interacted with the online world in 2023 from what Cloudflare observed.
Building on similar reports we’ve done over the past two years, we have compiled a ranking of the top Internet properties of 2023. In addition to our overall ranking, we chose 9 categories to focus on. One of these is a new addition in 2023: Generative AI. Here are the 9 categories we’ll be digging into:
1. Generative AI
2. Social Media
3. E-commerce
4. Video Streaming
5. News
6. Messaging
7. Metaverse & Gaming
8. Financial Services
9. Cryptocurrency Services
Our method for calculating the results is the same as in 2022: we analyze anonymized DNS query data from our 1.1.1.1 public DNS resolver, used by millions of Continue reading
Cloudflare 2023 Year in Review
The 2023 Cloudflare Radar Year in Review is our fourth annual review of Internet trends and patterns observed throughout the year at both a global and country/region level across a variety of metrics. Below, we present a summary of key findings, and then explore them in more detail in subsequent sections.
Key findings
Traffic Insights & Trends
- Global Internet traffic grew 25%, in line with peak 2022 growth. Major holidays, severe weather, and intentional shutdowns clearly impacted Internet traffic. 🔗
- Google was again the most popular general Internet service, with 2021 leader TikTok falling to fourth place. OpenAI was the most popular service in the emerging Generative AI category, and Binance remained the most popular Cryptocurrency service. 🔗
- Globally, over two-thirds of mobile device traffic was from Android devices. Android had a >90% share of mobile device traffic in over 25 countries/regions; peak iOS mobile device traffic share was 66%. 🔗
- Global traffic from Starlink nearly tripled in 2023. After initiating service in Brazil in mid-2022, Starlink traffic from that country was up over 17x in 2023. 🔗
- Google Analytics, React, and HubSpot were among the most popular technologies found on top websites. 🔗
- Globally, nearly half of web requests Continue reading
Why Simple Cloud Computing Architectures May Be Better
There's no shame in sticking with simpler cloud architectures as long as they get the job done. Here's how simpler clouds can deliver better outcomes in certain instances.Interviewing a Network Engineer Using a Single Scenario
I always said that the Trivia Pursuit certification tests (or job interviews) are nonsense and that one should focus on fundamentals.
In a recent blog post, Daniel Dib described a fantastic scenario: using a simple “why can’t I connect to a web site” question, explore everything from ARP/ND to DNS and TLS.
Obviously, you’ll never see anything that sane in a certification test. An interactive interview doesn’t scale (beyond CCDE), and using humans (and common sense judgment) creates potential legal liabilities (there were rumors that had been one of the reasons a talk with a proctor who could flunk you was dropped from the CCIE test).