Openswitch OPX in GNS3

The previous article discusses an installation of Openswitch OPX on VirtualBox using lvm tool. We have extracted Openswitch OPX VDI disk from VirtualBoxVM and run the disk with Qemu. The image has been subsequently customized using the after install script in order to run it inside GNS3. Finally, we have tested the image within a simple GNS3 lab that proves its functionality. This article goes further and we are going to test VLANs bridging using Linux native commands.

Picture 1 - Network Topology

The lab consists of three Openswitch OPX 2.3.2 instances powered by Qemu hypervisor. The device OPX-Distrib1 is multilayer switch that is responsible for routing between VLANs 10,20,30,40 and 50. The VLANs 10-40 are end-users VLANs and the VLAN50 is used for management. The switches OPX-Access1 and OPX-Access2 are L2 switches with the port e101-001-0 configured as the trunk ports. End users are connected to the access ports e101-002-0 and e101-003-0 on both access switches.

Note: Customized Openswitch OPX 2.3.3 vdi disk can be downloaded in Download section. Login name is opxUser and the password is not set.

1. End User Computers and Management PC Configuration

In order to save memory of host, Continue reading

Worth Reading: Apple Pushes Subscriptions

Apple is pushing suppliers/developers to move to subscription models instead of pay up front. Only 15% of purchases are paid leaving the remainder to be in-app purchases or subscriptions. —Greg Ferro @Packet Pushers

Using Edge-Side Includes with Workers for High Availability

Last week, we wrote about implementing ESI with Cloudflare Workers. This is a guest post by Lukas Reider on how to use ESI not only for better performance, but to optimize availability while migrating backends.

In this post, you will learn about how my client Titel Media was able to use Cloudflare Workers to implement simple edge side includes.

The idea is to partially replace the parts of the online magazine highsnobiety.com with a new, and much more refined frontend implementation. In this article, you will get to know the use case, and how I found a powerful application for Cloudflare Workers.

Backstory

My current project, highsnobiety.com is in the process of replacing Wordpress with a dedicated content pipeline and a custom frontend. It is a huge magazine, with tons of contents, hundreds of daily updates and an international team of more than 60 editors, researching and writing exciting stories.

The company behind it, Titel Media GmbH, a publishing house with offices in Berlin, and New York, surely has grown out of Wordpress for hosting their content.

The show must go on

One does not simply rewrite a sophisticated web publishing pipeline like WordPress. Nor does one, simply Continue reading

IDG Contributor Network: The future of devops for network engineers

If you still live in a world of the script-driven approach for both service provider and enterprise networks, you are going to reach limits. There is only so far you can go alone. It creates a gap that lacks modeling and database at a higher layer. Production-grade service provider and enterprise networks require a production-grade automation framework. In today's environment, the network infrastructure acts as the core centerpiece, providing critical connection points. Over time, the role of infrastructure has expanded substantially. In the present day, it largely influences the critical business functions for both the service provider and enterprise environments. To read this article in full, please click here

IDG Contributor Network: The future of devops for network engineers

If you still live in a world of the script-driven approach for both service provider and enterprise networks, you are going to reach limits. There is only so far you can go alone. It creates a gap that lacks modeling and database at a higher layer. Production-grade service provider and enterprise networks require a production-grade automation framework. In today's environment, the network infrastructure acts as the core centerpiece, providing critical connection points. Over time, the role of infrastructure has expanded substantially. In the present day, it largely influences the critical business functions for both the service provider and enterprise environments. To read this article in full, please click here

Hyperscale Capex Soars to $53 Billion in First Half of 2018

A Synergy Research Group report found that Google, Microsoft, Amazon, Apple, and Facebook accounted for 70 percent of total hyperscale capex.

Gremlin Chaos Engineering Now Attacks Docker Containers

The software-as-a-service (SaaS) platform recreates common Docker container failures across three categories: resource, network, and state.

Network Collective: Breaking Things

NV Certifications May Make or Break Careers for Network Engineers

Networking professionals no longer can only have a limited scope of skills. The addition of other certifications will mean more career growth and more pay.

Strengthening Foundations for Creating Open Internet Standards

The Internet Engineering Task Force has reached a significant milestone in the process of evolving its own administrative structure to best suit the current requirements of its work. After nearly two years of discussion about various options, the IETF community has created the IETF Administrative LLC (IETF LLC), a new legal entity. Both the Internet Society’s CEO & President Kathy Brown and the Internet Society’s Board of Trustees Chair Gonzalo Camarillo have expressed strong support for the process that has led to this point, and for the direction the IETF has decided to take. Continuing its long-standing positions, the Internet Society also made financial commitments to support the process, and to the IETF going forward.

All of us at the Internet Society who work closely with the IETF believe this new administrative structure strengthens the the foundation for an Internet built on open standards. The new structure will not change any aspect of the IETF’s technical work or the Internet standards process, and clarifies the relationship between ISOC and the IETF. Importantly, the IETF and ISOC continue to be strongly aligned on key principles. ISOC initiatives related to the IETF, such as the Technical Fellows to the IETF and the Continue reading

Worth Reading: Passive observations of a large DNS service

Due to the centralization that is caused by public DNS services, large content delivery networks (CDNs), such as Akamai, are no longer able to rely on the source IP of DNS queries to pinpoint their customers. Therefore, they are also no longer able to provide geobased redirection appropriate for that IP. —Wouter de Vries @APNIC

VMware sharpens security focus with vSphere Platinum, ‘adaptive micro-segmentation’

VMware is expanding its security range with a new version of its virtualization software that has security integrated into the hypervisor.“Our flagship VMware vSphere product now has AppDefense built right in,” VMware CEO Pat Gelsinger told the audience at VMworld 2018, which kicked off this week in Las Vegas. “Platinum will enable virtualization teams – you – to give an enormous contribution to the security profile of your enterprise.”[See our review of VMware’s vSAN 6.6 and check out IDC’s top 10 data center predictions. Get regularly scheduled insights by signing up for Network World newsletters] Announced one year ago, AppDefense is VMware’s data-center endpoint-security product, designed to protect applications running in virtualized environments. AppDefense uses machine learning and behavioral analytics to understand how an application is supposed to behave, and it detects threats by monitoring for changes to the application’s intended state.To read this article in full, please click here

VMware sharpens security focus with vSphere Platinum, ‘adaptive micro-segmentation’

VMware is expanding its security range with a new version of its virtualization software that has security integrated into the hypervisor.“Our flagship VMware vSphere product now has AppDefense built right in,” VMware CEO Pat Gelsinger told the audience at VMworld 2018, which kicked off this week in Las Vegas. “Platinum will enable virtualization teams – you – to give an enormous contribution to the security profile of your enterprise.”[See our review of VMware’s vSAN 6.6 and check out IDC’s top 10 data center predictions. Get regularly scheduled insights by signing up for Network World newsletters] Announced one year ago, AppDefense is VMware’s data-center endpoint-security product, designed to protect applications running in virtualized environments. AppDefense uses machine learning and behavioral analytics to understand how an application is supposed to behave, and it detects threats by monitoring for changes to the application’s intended state.To read this article in full, please click here

VMware sharpens security focus with vSphere Platinum, ‘adaptive micro-segmentation’

VMware is expanding its security range with a new version of its virtualization software that has security integrated into the hypervisor.“Our flagship VMware vSphere product now has AppDefense built right in,” VMware CEO Pat Gelsinger told the audience at VMworld 2018, which kicked off this week in Las Vegas. “Platinum will enable virtualization teams – you – to give an enormous contribution to the security profile of your enterprise.”[See our review of VMware’s vSAN 6.6 and check out IDC’s top 10 data center predictions. Get regularly scheduled insights by signing up for Network World newsletters] Announced one year ago, AppDefense is VMware’s data-center endpoint-security product, designed to protect applications running in virtualized environments. AppDefense uses machine learning and behavioral analytics to understand how an application is supposed to behave, and it detects threats by monitoring for changes to the application’s intended state.To read this article in full, please click here

Future Thinking: Mozilla Director of Public Policy Chris Riley on the Internet Economy

Last year, the Internet Society unveiled the 2017 Global Internet Report: Paths to Our Digital Future. The interactive report identifies the drivers affecting tomorrow’s Internet and their impact on Media & Society, Digital Divides, and Personal Rights & Freedoms. We interviewed Chris Riley to hear his perspective on the forces shaping the Internet’s future.

Chris Riley is Director, Public Policy at Mozilla, working to advance the open Internet through public policy analysis and advocacy, strategic planning, coalition building, and community engagement. Chris manages the global Mozilla public policy team and works on all things Internet policy, motivated by the belief that an open, disruptive Internet delivers tremendous socioeconomic benefits, and that if we as a global society don’t work to protect and preserve the Internet’s core features, those benefits will go away. Prior to joining Mozilla, Chris worked as a program manager at the U.S. Department of State on Internet freedom, a policy counsel with the nonprofit public interest organization Free Press, and an attorney-advisor at the Federal Communications Commission.  

The Internet Society: Why is there a need for promoting a better understanding of technology amongst policy wonks, and of policy among technologists?

Chris Riley: Continue reading

Get Developers on Board with Application Security

Microsoft lures Win Server 2008 users toward Azure

Microsoft is offering extended support for Windows Server 2008 and SQL Server 2008 to customers who shift these platforms from on-premises into Microsoft’s Azure cloud.The scheduled ends of extended support for the 2008 versions of Server and SQL Server are Jan. 14, 2020 and July 9, 2019, respectively. But if customers move these workloads into the Azure cloud, they get three extra years of support at no extra cost beyond the price of the Azure service.In the past, when the end-of-life clock started ticking, organizations made a mad dash to upgrade operating systems and SQL servers in order to keep their systems supported. Some organizations chose to continue running their applications completely unsupported, unpatched and un-updated – a very bad thing to do in this age of viruses, malware and cyberattacks.To read this article in full, please click here

Microsoft lures Win Server 2008 users toward Azure

Microsoft is offering extended support for Windows Server 2008 and SQL Server 2008 to customers who shift these platforms from on-premises into Microsoft’s Azure cloud.The scheduled ends of extended support for the 2008 versions of Server and SQL Server are Jan. 14, 2020 and July 9, 2019, respectively. But if customers move these workloads into the Azure cloud, they get three extra years of support at no extra cost beyond the price of the Azure service.In the past, when the end-of-life clock started ticking, organizations made a mad dash to upgrade operating systems and SQL servers in order to keep their systems supported. Some organizations chose to continue running their applications completely unsupported, unpatched and un-updated – a very bad thing to do in this age of viruses, malware and cyberattacks.To read this article in full, please click here

Interview: Benefits of Network Automation (Part 2)

As promised, here’s the second part of my Benefits of Network Automation interview with Christoph Jaggi published in German on Inside-IT last Friday (part 1 is here).

What are some of the challenges?

The biggest challenge everyone faces when starting the network automation is the snowflake nature of most enterprise networks and the million one-off exceptions we had to make in the past to cope with badly-designed applications or unrealistic user requirements. Remember: you cannot automate what you cannot describe in enough details.

Dell EMC to Sync Hyperconverged Updates With VMware Software

The new Dell EMC VxRail G560 will be the first and only HCI appliance jointly developed with VMware to provide integrations that seamlessly work with VMware Cloud Services.