Archive

Category Archives for "Networking"

Last Week on ipSpace.net (2019W10)

The Spring 2019 Building Network Automation Solutions course continued with an awesome presentation by David Gee. He started with what you should do before writing a single line of code (identify processes and document them in workflows and sequence diagrams) and covered tons of boring stuff nobody ever wants to talk about.

On Thursday Rachel Traylor continued exploring graphs and their relevance in networking, this time focusing on trees and spanning trees.

The Network Connectivity, Graph Theory, and Reliable Network Design webinar is part of standard ipSpace.net subscription You can access David’s presentation and all other materials of the Building Network Automation Solutions online course with Expert Subscription (assuming you choose this course as part of your subscription).

How IPv6 SLAAC responds to Renumbering Events

If you follow the IPv6 Maintenance (6man) Working Group of the Internet Engineering Task Force (IETF), you may have noticed the 300+ message email thread on an Internet Draft that was recently published on the “Reaction of Stateless Address Autoconfiguration (SLAAC) to Renumbering Events”. This was prompted by the experiences of developing Best Current Operational Practice on IPv6 prefix assignment for end-users, an activity led by ISOC’s Jan Žorž and published as ripe-690.

SLAAC is used to automatically assign an IPv6 address to a host, but there are a number of scenario where hosts may end up using stale configuration information and thereby leading to interoperability problems.

For example, a typical IPv6 deployment scenario is when a CPE (Customer Premises Equipment) router requests an IPv6 prefix to an ISP via DHCPv6-PD, and advertises a sub-prefix of the leased prefix on the LAN-side via SLAAC.

In such scenarios, if the CPE router crashes and reboots, it may lose all information about the previously leased prefix. Upon reboot, the CPE router may be leased a new prefix that will result in a new sub-prefix being advertised on the LAN-side of the CPE router. As a result, hosts will normally configure addresses for the newly-advertised prefix, Continue reading

A Node to Workers Story

A Node to Workers Story

Node.js allows developers to build web services with JavaScript. However, you're on your own when it comes to registering a domain, setting up DNS, managing the server processes, and setting up builds.

There's no reason to manage all these layers on separate platforms. For a site on Cloudflare, these layers can be on a single platform. Serverless technology simplifies developers' lives and reframes our current definition of backend.

In this article I will breeze through a simple example of how converting a former Node server into a Worker untangled a part of my teams’ code base. The conversion to Workers for this example can be found at this PR on Github.

Background

Cloudflare Marketplace hosts a variety of apps, most of which are produced by third party developers, but some are produced by Cloudflare employees.

The Spotify app is one of those apps that was written by the Cloudflare apps team. This app requires an OAuth flow with Spotify to retrieve the user’s token and gather the playlist, artists, other Spotify profile specific information. While Cloudflare manages the OAuth authentication portion, the app owner - in this case Cloudflare Apps - manages the small integration service that uses the Continue reading

VMware firewall takes aim at defending apps in data center, cloud

VMware has taken the wraps off a firewall it says protects enterprise applications and data inside data centers or clouds.Unlike perimeter firewalls that filter traffic from an unlimited number of unknown hosts, VMware says its new Service-defined Firewall gains deep visibility into the hosts and services that generate network traffic by tapping into into its NSX network management software, vSphere hypervisors and AppDefense threat-detection system.To read this article in full, please click here

VMware firewall takes aim at defending apps in data center, cloud

VMware has taken the wraps off a firewall it says protects enterprise applications and data inside data centers or clouds.Unlike perimeter firewalls that filter traffic from an unlimited number of unknown hosts, VMware says its new Service-defined Firewall gains deep visibility into the hosts and services that generate network traffic by tapping into into its NSX network management software, vSphere hypervisors and AppDefense threat-detection system.To read this article in full, please click here

Day Two Cloud 004: How To Optimize Cloud For Cost And Performance Without Going Insane

Your monthly cloud bill can be shocking. On today's Day Two Cloud we talk with Iris Classon about how to optimize your cloud deployment for cost without killing performance--i.e., how to keep customers and finance happy without going insane.

The post Day Two Cloud 004: How To Optimize Cloud For Cost And Performance Without Going Insane appeared first on Packet Pushers.

Seven Women Using the Internet to Make a Difference

We’re celebrating International Women’s Day this year with great news: The Internet Society welcomes a new Chapter in Lesotho – and the Chapter’s president, vice president, treasurer, secretary, as well as a board member are all talented tech women.

Lesotho is a small landlocked country within South Africa, where less than a third of its population is connected to the Internet. One of the Lesotho Chapter’s key priorities this year is to start an “Internet for Education” project, which aims to encourage five schools to use the Internet to support teaching and to improve the quality of education.

Please join us in welcoming the Lesotho Chapter, then learn about its President Ithabeleng Moreke and other women around the world who are using the Internet to make a difference in their communities!

Ithabeleng Moreke

Ithabeleng Moreke enjoys the world of the Internet and all things networks, the technology behind it, and Internet security – and how they affect our everyday lives. She’s worked as network engineer for the government of Lesotho and is now with Vodacom Lesotho.

Jazmin Fallas Kerr

In Jazmin Fallas Kerr’s hometown, Desamparados, Costa Rica, nearly half of all families with women as head of household are in Continue reading

Heavy Networking 434: Solving Network Performance And Security Problems With VIAVI Solutions (Sponsored)

On today's sponsored Heavy Networking, VIAVI Solutions joins the Packet Pushers to discuss the intersection of network performance management (NPM) and security. We discuss how network and security teams can leverage VIAVI's packet capture capabilities, how it enriches flow records with additional data to provide valuable context, and how the concept of end user experience informs VIAVI's approach to NPM.

The post Heavy Networking 434: Solving Network Performance And Security Problems With VIAVI Solutions (Sponsored) appeared first on Packet Pushers.

ExaBGP and etcd – processing routes

In my last post – we took a look at how we could leverage etcd from Python. In this post, I want to propose a use for leveraging etcd as a sort of message bus for ExaBGP. We saw some pretty compelling features with etcd that I think can work nicely in our ExaBGP model. So without further blabbering – let’s start coding.

Note: I assume you have a local instance of etcd installed and it is currently empty. If it’s not empty – you’ll want to clear it all out using a command like this ETCDCTL_API=3 etcdctl del "" --from-key=true

If you recall – in our last post on ExaBGP we were at a point where the ExaBGP process was using two Python programs we wrote. One for processing received routes (exa_bgp_receive.py) and one for sending route updates (exa_bgp_send.py). My goal here it to remove a lot of the logic for static route processing from these two scripts and make them more about route processing. More specifically – I want to turn the two Python scripts that ExaBGP is running on our behalf into simple programs that read/write to to/from etcd. Once we Continue reading

How to determine if Wi-Fi 6 is right for you

There's a lot of hype around the next Wi-Fi standard, 802.11ax, more commonly known as Wi-Fi 6. Often new technologies are built up by vendors as the "next big thing" and then flop because they don’t live up to expectations. In the case of Wi-Fi 6, however, the fervor is warranted because it's the first Wi-Fi standard designed with the premise that Wi-Fi is the primary connection for devices rather than a network of convenience. Wi-Fi resources Test and review of 4 Wi-Fi 6 routers: Who’s the fastest? Five questions to answer before deploying Wi-Fi 6 Wi-Fi 6E: When it’s coming and what it’s good for Wi-Fi 6 is a different kind of Wi-Fi Wi-Fi 6 is loaded with features, such as Orthogonal Frequency Division Multiple Access (OFDMA), 1024-QAM (quadrature amplitude modulation) encoding, and target wake time (TWT), that make Wi-Fi faster and less congested. Many of these enhancements came from the world of LTE and 4G, which addressed these challenges long ago. These new features will lead to a better mobile experience and longer client battery life, and they will open the door to a wide range of applications that could not have been done on Continue reading