Use Network Automation to Detect Software Bugs
This blog post was initially sent to subscribers of my SDN and Network Automation mailing list. Subscribe here.
Here’s a question I got from one of the attendees of my network automation online course:
We had a situation where HSRP was configured on two devices and then a second change was made to use a different group ID. The HRSP mac address got "corrupted" into one of devices and according to the vendor FIB was in an inconsistent state. I know this may be vendor specific but was wondering if there is any toolkit available with validation procedures to check if FIB is consistent after implementing L3 changes.
The problem is so specific (after all, he’s fighting a specific bug) that I wouldn’t expect to find a generic tool out there that would solve it.
Read more ...Happy Birthday to the World Wide Web!
Today, March 12th 2019, marks the 30th birthday of the World Wide Web! Cloudflare is helping to celebrate in coordination with the Web Foundation, as part of a 30 hour commemoration of the many ways in which the Web has changed our lives. As we post this blog, Sir Tim Berners Lee is kicking off his journey of the web at CERN, where he wrote the first web browser.
The Web Foundation (@webfoundation) is organizing a Twitter timeline of the web, where each hour corresponds to a year starting now with 1989 at 00:00PT/ 08:00 CET. We (@cloudflare) will be tweeting out milestones in our history and the web’s history, as well as some fun infographics. We hope you will follow the journey on Twitter and contribute your own memories and thoughts to the timeline by tweeting and using #Web30 #ForTheWeb. Celebrate with us and support the Web!
Setting up Cisco ACI From Scratch
ACI from cabling, APIC initialization, fabric discovery to fabric policy creation and first Application Policy configuration in one place.
The post Setting up Cisco ACI From Scratch appeared first on How Does Internet Work.
IPv6 Security Frequently Asked Questions (FAQ)
The Internet Society recognises that global deployment of the IPv6 protocol is paramount to accommodating the growth of the Internet. Given the scale at which IPv6 must be deployed, it is also important that the possible security implications of IPv6 are well understood and considered during the design and deployment of IPv6 networks, rather than as an afterthought.
We are therefore publishing our IPv6 Security Frequently Asked Questions (FAQ), which highlights and provides answers to the most important aspects of IPv6 security.
Be sure also to check our IPv6 Security page as well!
Further Information
The post IPv6 Security Frequently Asked Questions (FAQ) appeared first on Internet Society.
IHS: SD-WAN Market Reaches $359M, VMware Dominates Over Cisco and Aryaka
According to the research firm there are new market opportunities for SD-WAN vendors in 5G and IoT.
FCC Again Pauses Review of T-Mobile’s Acquisition of Sprint
The significance and potential impact of the latest pause is largely unknown, but the companies...
SDxCentral Adds Kapko to Editorial Team, Promotes Lyons Hardcastle, Longwell
We will remain an independent voice focused on providing the in-depth content that links the...
Research: Practical Challenge-Response for DNS
Because the speed of DNS is so important to the performance of any connection on the ‘net, a lot of thought goes into making DNS servers fast, including optimized software that can respond to queries in milliseconds, and connecting DNS servers to the ‘net through high bandwidth links. To set the stage for massive DDoS attacks based in the DNS system, add a third point: DNS responses tend to be much larger than DNS queries. In fact, a carefully DNS response can be many times larger than the query.
To use a DNS server as an amplifier in a DDoS attack, then, the attacker sends a query to some number of publicly accessible DNS servers. The source of this query is the address of the system to be attacked. If the DNS query is carefully crafted, the attacker can send small packets that cause a number of DNS servers to send large responses to a single IP address, causing large amounts of traffic to the system under attack.
Citrix Internal Network Hacked by International Criminals
Security research firm Resecurity said that the attacks are the work of the Iranian-linked hacker...
Virtual Design Clinic 4
Sign up for Virtual Design Clinic 4.
The post Virtual Design Clinic 4 appeared first on EtherealMind.
Network Break 225: Juniper Buys WiFi Startup Mist Systems; Huawei Sues The U.S.
Today's Network Break analyzes Juniper's $405 billion purchase of WiFi vendor Mist Systems, discusses VMware's new service-defined firewall, digs into the launch of a new security analytics service, opines on Huawei's lawsuit against the U.S., plus more tech news.
The post Network Break 225: Juniper Buys WiFi Startup Mist Systems; Huawei Sues The U.S. appeared first on Packet Pushers.
NSX-T 2.4 – NSX Cloud eases your Adoption/Operations between on-premises Datacenter, AWS and Azure
2018 was a great year for NSX with Cloud seeing increased customer traction, strong partnerships established across the board, and a whole host of new features being released throughout the year! While most of our competitors are just starting on their public cloud solution, NSX Cloud is entering its second year of adoption, enabling consistent networking and security across on-premises Datacenter, AWS, and Azure. With NSX-T 2.4, we’re extending our industry-leading capabilities, which will further enable our customers to seamlessly, & consistently manage their public cloud and private cloud workloads.
If you would like to have a refresher on NSX Cloud before we get into the details of what’s new in NSX-T 2.4, here are some pointers to our previous blogs:
- NSX Cloud – Overview
- NSX Cloud – Consistent Security Posture across Hybrid Cloud
- NSX-T 2.3 – NSX Cloud Feature Updates
At a high level these are some of the key NSX Cloud features that were released in NSX-T 2.4:
- Shared Gateway in Transit VPC/VNET for simplified, faster onboarding and consolidation
- VPN support in Public Cloud
- Selective North-South Service Insertion and Partner Integration
- Micro-segmentation on Horizon Cloud for Azure.
- Declarative Policy for Hybrid Workloads
Now, let’s Continue reading
Nvidia Will Buy Mellanox Technologies for $6.9 Billion
The two chipmakers claim that between them they count every major cloud service provider and...
The Week in Internet News: Companies Encouraged to Conduct Q & AI
Uncomfortable AI: Inc.com has a story asking 16 “uncomfortable” questions that companies should ask about Artificial Intelligence. Among them: Are your reasons for deploying AI in the best long-term interests of humanity? And, how can we ensure that our behavior is inclusive?
Russia attacks fake news: Russian lawmakers have passed two bills, one that outlaws the spreading of fake news, at least as determined by the government there. Another bill makes it illegal to “disrespect” authorities in Russia, the BBC reports. Both bills come with heavy fines, and critics said the laws will limit the ability of journalists to report critical information.
The way forward: Facebook believes encrypted communications and privacy are its future, Recode reports. CEO Mark Zuckerberg outlined the website’s commitments to private messaging in a lengthy blog post.
The way backward: A teen who decided to get himself vaccinated said his mother got misinformation about the dangers of vaccines on Facebook, USA Today says. Ethan Lindenberger, an 18-year-old from Ohio, asked Reddit users if he should get vaccinated as an adult. There’s never misinformation on Reddit, of course.
Break ‘em up: U.S. Senator Elizabeth Warren, who is running for president in 2020, wants to break Continue reading