SC23 SCinet traffic
Finally, check out the SC23 Dropped packet visibility demonstration to learn about one of newest developments in sFlow monitoring and see a live demonstration.
How Certified SASE Solutions Build Trust and Resilience
Implementing a certified SASE solution improves interoperability and enables an enterprise to take advantage of the latest SASE features and functionality.LAN Data Link Layer Addressing
Last week, we discussed Fibre Channel addressing. This time, we’ll focus on data link layer technologies used in multi-access networks: Ethernet, Token Ring, FDDI, and other local area- or Wi-Fi technologies.
The first local area networks (LANs) ran on a physical multi-access medium. The first one (original Ethernet) started as a thick coaxial cable1 that you had to drill into to connect a transceiver to the cable core.
Later versions of Ethernet used thinner cables with connectors that you put together to build whole network segments out of pieces of cable. However, even in that case, we were dealing with a single multi-access physical network – disconnecting a cable would bring down the whole network.
LAN Data Link Layer Addressing
Last week, we discussed Fibre Channel addressing. This time, we’ll focus on data link layer technologies used in multi-access networks: Ethernet, Token Ring, FDDI, and other local area- or Wi-Fi technologies.
The first local area networks (LANs) ran on a physical multi-access medium. The first one (original Ethernet) started as a thick coaxial cable1 that you had to drill into to connect a transceiver to the cable core.
Later versions of Ethernet used thinner cables with connectors that you put together to build whole network segments out of pieces of cable. However, even in that case, we were dealing with a single multi-access physical network – disconnecting a cable would bring down the whole network.
Cisco Intent-Based Networking: Part I – Introduction
Introduction
This chapter introduces Cisco's approach to Intent-based Networking (IBN) through their Centralized SDN Controller, Cisco DNA Center, rebranded as Cisco Catalyst Center (from now on, I am using the abbreviation C3 for Cisco Catalyst Center). We focus on the network green field installation, showing workflows, configuration parameters, and relationships and dependencies between building blocks. The C3 workflow is divided into four main entities: 1) Design, 2) Policy, 3) Provision, and 4) Assurance, each having its own sub-processes. This chapter introduces the Design phase focusing on Network Hierarchy, Network Settings, and Network Profile with Configuration Templates.
This post deprecates the previous post, "Cisco Intent-Based Networking: Part I, Overview."
Network Hierarchy
Network Hierarchy is a logical structure for organizing network devices. At the root of this hierarchy is the Global Area, where you establish your desired network structure. In our example, the hierarchy consists of four layers: Area (country - Finland), Sub-area (city - Joensuu), Building (JNS01), and Floor (JNS01-FLR01). Areas and Buildings indicate the location, while Floors provide environmental information relevant to wireless networks, such as floor type, measurements, and wall properties.
Network Settings
Network settings define device credentials (CLI, HTTP(S), SNMP, and NETCONF) required for accessing devices Continue reading
Debian on Mellanox SN2700 (32x100G)
Introduction
I’m still hunting for a set of machines with which I can generate 1Tbps and 1Gpps of VPP traffic, and considering a 100G network interface can do at most 148.8Mpps, I will need 7 or 8 of these network cards. Doing a loadtest like this with DACs back-to-back is definitely possible, but it’s a bit more convenient to connect them all to a switch. However, for this to work I would need (at least) fourteen or more HundredGigabitEthernet ports, and these switches tend to get expensive, real quick.
Or do they?
Hardware
I thought I’d ask the #nlnog IRC channel for advice, and of course the usual suspects came past, such as Juniper, Arista, and Cisco. But somebody mentioned “How about Mellanox, like SN2700?” and I remembered my buddy Eric was a fan of those switches. I looked them up on the refurbished market and I found one for EUR 1’400,- for 32x100G which felt suspiciously low priced… but I thought YOLO and I ordered it. It arrived a few days later via UPS from Denmark to Switzerland.
The switch specs are pretty impressive, with 32x100G QSFP28 ports, which can be broken out to a set of Continue reading
My First Web Page
<h2>My First Web Page</h2>
<p>My first paragraph.</p>
<p>Never call dudud document.write after the document has finished loading.
<div id="om-utia0gbpx93d4wvo9abp-holder"></div>.
It will overwrite the whole document.</p>
<script>
document.write(5 + 6);
</script>The post My First Web Page appeared first on Tigera.
Git Rebase: What Can Go Wrong?
Julia Evans wrote another must-read article (if you’re using Git): git rebase: what can go wrong?
I often use git rebase to clean up the commit history of a branch I want to merge into a main branch or to prepare a feature branch for a pull request. I don’t want to run it unattended – I’m always using the interactive option – but even then, I might get into tight spots where I can only hope the results will turn out to be what I expect them to be. Always have a backup – be it another branch or a copy of the branch you’re working on in a remote repository.
Git Rebase: What Can Go Wrong?
Julia Evans wrote another must-read article (if you’re using Git): git rebase: what can go wrong?
I often use git rebase to clean up the commit history of a branch I want to merge into a main branch or to prepare a feature branch for a pull request. I don’t want to run it unattended – I’m always using the interactive option – but even then, I might get into tight spots where I can only hope the results will turn out to be what I expect them to be. Always have a backup – be it another branch or a copy of the branch you’re working on in a remote repository.
A Threat Actor’s Playground: Why Security Teams Must Decrypt HTTPS Traffic
Despite the complexities that HTTPS decryption can present, the return is worth the investment. Security teams can more capably block malicious websites, and more.SC23 Dropped packet visibility demonstration
The SC23-NRE-026 Standard Packet Drop Monitoring In High Performance Networks dashboard combines telemetry from all the Arista switches in the SCinet network to provide real-time network-wide view of performance. Each of the three charts demonstrate a different type of measurement in the sFlow telemetry stream:
- Counters: Total Traffic shows total traffic calculated from interface counters streamed from all interfaces. Counters provide a useful way of accurately reporting byte, frame, error and discard counters for each network interface. In this case, the chart rolls up data from all interfaces to trend total traffic on the network.
- Samples: Top Flows shows the top 5 largest traffic flows traversing the network. The chart is based on sFlow's random packet sampling mechanism, providing a scaleable method of determining the hosts and services responsible Continue reading
Research Report: 2023 State of Network Management
This year’s annual network management survey found that security concerns dominate, but resiliency and cost cutting are also important priorities.KU040: Kubernetes Autoscaling Magic – Cost Control In Gen AI And LLMs With CAST AI (Sponsored)
In this sponsored episode of Kubernetes Unpacked, we dive into the importance of cost and resource optimization with CAST AI. The truth is, it’s not just about saving money. The goal is ensuring that your apps are performing the way they should. This saves both customer and engineering frustration. We also explore from an engineering perspective how CAST AI uses AI in the background and how AI teams are building integrations into the product.
The post KU040: Kubernetes Autoscaling Magic – Cost Control In Gen AI And LLMs With CAST AI (Sponsored) appeared first on Packet Pushers.
KU040: Kubernetes Autoscaling Magic – Cost Control In Gen AI And LLMs With CAST AI (Sponsored)
In this sponsored episode of the Kubernetes Unpacked Podcast, we dive into the importance of cost and resource optimization with CAST AI. The truth is, it’s not just about saving money. The goal is ensuring that your apps are performing the way they should be. This not only saves customer frustration, but engineering frustration. We... Read more »Hedge 202: Internet Governance with George Michaelson
How is the Internet governed? Who sets the rules for the Internet, civil society, and government control? How much input should techies have, and how much should government control things? These are questions we don’t often ask, and yet are crucial to building and operating networks connected to the global Internet. George Michaelson joins Toms and Russ to talk about Internet governance—including contrary views of where things should be versus where they are.
HN709: Protecting Data, Apps With Cloud DLP And CASB (Sponsored)
Cloud environments often have poor visibility and monitoring, and controlling access to sensitive corporate data is difficult. We speak with sponsor Palo Alto Networks about how it integrates CASB and Data Loss Prevention to control Web access and prevent sensitive information from leaking from your organization.
The post HN709: Protecting Data, Apps With Cloud DLP And CASB (Sponsored) appeared first on Packet Pushers.