Archive

Category Archives for "Networking"

The truth about Black Friday and Cyber Monday

The truth about Black Friday and Cyber Monday

At Cloudflare we handle a lot of traffic on behalf of our customers. Something we all see and hear a lot about at this time of year are Black Friday (23 November this year) and Cyber Monday (26 November) - but just how important are these days on the Internet?

The truth about Black Friday and Cyber Monday
Black Friday by Per-Olof Forsberg, license: CC BY 2.0

To try and answer this question, we took a look at anonymised samples of HTTP requests crossing our network. First of all, let’s look at total page views from across our global network from the last few weeks and see if we can spot Black Friday and Cyber Monday:

The truth about Black Friday and Cyber Monday
All page views

So this is total page views by day (UTC) from November 19 (a week before Cyber Monday) until Monday December 3. Other than follow-the-sun fluctuations in a repeating daily pattern, each whole day is pretty similar in shape and size compared to the last. Black Friday and Cyber Monday aren’t visible in overall traffic patterns.

Get specific

We have a very diverse set of customers across 12 million domain names and not all of them are selling products or doing so directly online. To identify those websites Continue reading

A new look on your Cloudflare dashboard

A new look on your Cloudflare dashboard

Building a great customer experience is a top priority here at Cloudflare. Over the last week, we have been  slowly rolling out an improvement to our customer dashboard - specifically the zone overview page. We are now ready to share the new dashboard with everyone.

A new look on your Cloudflare dashboard
The new Cloudflare dashboard

Many of the changes you’ll notice first were driven directly by customer feedback. We’ve heard time and time again that site owners would like better visibility of their key analytics, and for it to be easier to apply certain common settings changes. This new dashboard provides both, with a snapshot of several of your key analytics, and a new toolkit area for easy access to key functions. This page has also been redesigned from top to bottom for responsiveness across various devices and screen widths.

Even more interesting is all the work under-the-hood that went into making this release and how it sets the stage for improvements to our customer experience as we look ahead to 2019. This is one of the first pieces of production Product work shipped using our new prototyping framework. We will soon be sharing details of the design systems work that underlies the new experience on Continue reading

Using the Linux ss command to examine network and socket connections

The ss (socket statistics) command provides a lot of information by displaying details on socket activity. One way to get started, although this may be a bit overwhelming, is to use the ss -h (help) command to get a listing of the command's numerous options. Another is to try some of the more useful commands and get an idea what each of them can tell you.One very useful command is the ss -s command. This command will show you some overall stats by transport type. In this output, we see stats for RAW, UDP, TCP, INET and FRAG sockets.$ ss -s Total: 524 TCP: 8 (estab 1, closed 0, orphaned 0, timewait 0) Transport Total IP IPv6 RAW 2 1 1 UDP 7 5 2 TCP 8 6 2 INET 17 12 5 FRAG 0 0 0 Raw sockets allow direct sending and receiving of IP packets without protocol-specific transport layer formatting and are used for security appliications such as nmap. TCP provides transmission control protocol and is the primary connection protocol. UDP (user datagram protocol) is similar to TCP but without the error checking. INET includes both of the above. (INET4 and INET6 can be viewed separately Continue reading

Using ss to examine network connections

The ss (socket statistics) command provides a lot of information on network activity by displaying details on socket activity. One way to get started, although this may be a bit overwhelming, is to use the ss -h (help) command to get a listing of the command's numerous options. Another is to try some of the more useful commands and get an idea what each of them can tell you.One very useful command is the ss -s command. This command will show you some overall stats by transport type. In this output, we see stats for RAW, UDP, TCP, INET and FRAG sockets. $ ss -s Total: 524 TCP: 8 (estab 1, closed 0, orphaned 0, timewait 0) Transport Total IP IPv6 RAW 2 1 1 UDP 7 5 2 TCP 8 6 2 INET 17 12 5 FRAG 0 0 0 Raw sockets allow direct sending and receiving of IP packets without protocol-specific transport layer formatting and are used for security appliications such as nmap TCP provides transmission control protocol is the primary connection protocol UDP (user datagram protocol) is similar to TCP but without the error checking INET includes both of the above (INET4 and INET6 can be Continue reading

Optimal Route Reflection: Next Hop Self

Recently, I posted a video short take I did on BGP optimal route reflection. A reader wrote in the comments to that post:

…why can’t Router set next hop self to updates to router E and avoid this suboptimal path?

To answer this question, it is best to return to the scene of the suboptimality—

To describe the problem again: A and C are sending the same route to B, which is a route reflector. B selects the best path from its perspective, which is through B, and sends this route to each of its clients. In this case, E will learn the path with a next hop of A, even though the path through C is closer from E’s perspective. In the video, I discuss several ways to solve this problem; one option I do not talk about is allowing B to set the next hop to itself. Would this work?

Before answering the question, however, it is important to make one observation: I have drawn this network with B as a router in the forwarding path. In many networks, the route reflector is a virtual machine, or a *nix host, and is not capable of forwarding the traffic Continue reading

sFlow to JSON

The latest version of sflowtool can convert sFlow datagrams into JSON, making it easy to write scripts to process the standard sFlow telemetry streaming from devices in the network.

Download and compile the latest version of sflowtool:
git clone https://github.com/sflow/sflowtool.git
cd sflowtool/
./boot.sh
./configure
make
sudo make install
The -J option formats the JSON output to be human readable:
$ sflowtool -J
{
"datagramSourceIP":"10.0.0.162",
"datagramSize":"396",
"unixSecondsUTC":"1544241239",
"localtime":"2018-12-07T19:53:59-0800",
"datagramVersion":"5",
"agentSubId":"0",
"agent":"10.0.0.231",
"packetSequenceNo":"1068783",
"sysUpTime":"1338417874",
"samplesInPacket":"2",
"samples":[
{
"sampleType_tag":"0:2",
"sampleType":"COUNTERSSAMPLE",
"sampleSequenceNo":"148239",
"sourceId":"0:3",
"elements":[
{
"counterBlock_tag":"0:1",
"ifIndex":"3",
"networkType":"6",
"ifSpeed":"1000000000",
"ifDirection":"1",
"ifStatus":"3",
"ifInOctets":"4162076356",
"ifInUcastPkts":"16312256",
"ifInMulticastPkts":"187789",
"ifInBroadcastPkts":"2566",
"ifInDiscards":"0",
"ifInErrors":"0",
"ifInUnknownProtos":"0",
"ifOutOctets":"2115351089",
"ifOutUcastPkts":"7087570",
"ifOutMulticastPkts":"4453258",
"ifOutBroadcastPkts":"6141715",
"ifOutDiscards":"0",
"ifOutErrors":"0",
"ifPromiscuousMode":"0"
},
{
"counterBlock_tag":"0:2",
"dot3StatsAlignmentErrors":"0",
"dot3StatsFCSErrors":"0",
"dot3StatsSingleCollisionFrames":"0",
"dot3StatsMultipleCollisionFrames":"0",
"dot3StatsSQETestErrors":"0",
"dot3StatsDeferredTransmissions":"0",
"dot3StatsLateCollisions":"0",
"dot3StatsExcessiveCollisions":"0",
"dot3StatsInternalMacTransmitErrors":"0",
"dot3StatsCarrierSenseErrors":"0",
"dot3StatsFrameTooLongs":"0",
"dot3StatsInternalMacReceiveErrors":"0",
"dot3StatsSymbolErrors":"0"
}
]
},
{
"sampleType_tag":"0:1",
"sampleType":"FLOWSAMPLE",
"sampleSequenceNo":"11791",
"sourceId":"0:3",
"meanSkipCount":"2000",
"samplePool":"34185160",
"dropEvents":"0",
"inputPort":"3",
"outputPort":"10",
"elements":[
{
"flowBlock_tag":"0:1",
"flowSampleType":"HEADER",
"headerProtocol":"1",
"sampledPacketSize":"102",
"strippedBytes":"0",
"headerLen":"104",
"headerBytes":"0C-AE-4E-98-0B-89-05-B6-D8-D9-A2-66-80-00-54-00-00-45-08-12-04-00-04-10-4A-FB-A0-00-00-BC-A0-00-00-EF-80-00-DE-B1-E7-26-00-20-75-04-B0-C5-00-00-00-00-96-01-20-00-00-00-00-00-01-11-21-31-41-51-61-71-81-91-A1-B1-C1-D1-E1-F1-02-12-22-32-42-52-62-72-82-92-A2-B2-C2-D2-E2-F2-03-13-23-33-43-53-63-73-1A-1D-4D-76-00-00",
"dstMAC":"0cae4e980b89",
"srcMAC":"05b6d8d9a266",
"IPSize":"88",
"ip.tot_len":"84",
"srcIP":"10.0.0.203",
"dstIP":"10.0.0.254",
"IPProtocol":"1",
"IPTOS":"0",
"IPTTL":"64",
"IPID":"8576",
"ICMPType":"8",
"ICMPCode":"0"
},
{
"flowBlock_tag":"0:1001",
"extendedType":"SWITCH",
"in_vlan":"1",
"in_priority":"0",
"out_vlan":"1",
"out_priority":"0"
}
]
}
]
}
The output shows the JSON representation of a single sFlow datagram containing one counter sample and one flow sample.

The Continue reading

The Week in Internet News: Australia Adopts Controversial Encryption Law

Australia vs. encryption: The Australian Parliament has passed a law that requires tech companies to give law enforcement agencies there access to encrypted communications, the New York Times reports. Several tech companies and privacy groups opposed the law, saying it hurts efforts to protect data from hackers. Fortune, which called the law “draconian,” says it will create headaches for large tech companies.

Slow rolling: While several news stories this year talked about quantum computing being an eventual threat to encryption, that possibility is still more than a decade away, according to a report from the U.S. National Academies of Sciences, Engineering, and Medicine. The U.S. may need to invest heavily in quantum computing to retain a global lead in the technology, the report recommends. Nextgov has the story.

Filling the pipes: Botnets of compromised Internet of Things devices make up more than three quarters of the malware on communication service provider networks this year, up from 33 percent of the malware in 2016, Infosecurity reports. Hackers are increasingly targeting IoT devices instead of PCs and other traditional systems.

Blockchain tackles phishing: A company called MetaCert wants to use blockchain to help fight the scourge of phishing emails, Wired. Continue reading

Introducing VMware NSX Service Mesh

Introducing VMware NSX Service Mesh

We are excited to introduce VMware NSX® Service Mesh. Built on the foundation of Istio, this VMware offering will extend the capabilities of the Istio service mesh technology to bring visibility, control, and security at the application layer to microservices, the data they access, the users that interact with them, as well as traditional monolithic applications. In short, NSX Service Mesh will enable visibility, control, and security for services, data, and users at the API level. This acts as a natural evolution of cloud-native constructs and will act as an extension of the NSX-T Data Center platform’s replication of networking and security services in software, which is applied directly to containers via the Container Network Interface (CNI).

 

NSX Service Mesh

The Rise of Microservices

With the rise of cloud-native architectures built on distributed microservices, developers are encountering challenges with visibility, management, and control of these new applications. The microservices that these apps are comprised of are developed on cloud-native platforms like Kubernetes or Cloud Foundry, using a variety of programming languages, and often across multiple cloud environments. In addition, these applications consist of many more endpoints to scale, secure, and monitor than in traditional ones. This ultimately Continue reading

2019: Look for improvements to software-defined data-center networks

IDG To help IT pros attain top performance for their software-defined data-center networks (SDDCN), we have identified 10 crucial technology areas to watch and evaluate during 2019.SDDCN performance requires advanced network software to provision, manage and secure high-speed traffic flows, and network administrators need automated solutions to monitor and deliver reliable quality of service to critical applications.To read this article in full, please click here

2019: Look for improvements to software-defined data-center networks

IDG To help IT pros attain top performance for their software-defined data-center networks (SDDCN), we have identified 10 crucial technology areas to watch and evaluate during 2019.SDDCN performance requires advanced network software to provision, manage and secure high-speed traffic flows, and network administrators need automated solutions to monitor and deliver reliable quality of service to critical applications.To read this article in full, please click here