Archive

Category Archives for "Networking"

Security Is Bananas

I think we’ve reached peak bombshell report discussion at this point. It all started this time around with the big news from Bloomberg that China implanted spy chips into SuperMicro boards in the assembly phase. Then came the denials from Amazon and Apple and event SuperMicro. Then started the armchair quarterbacking from everyone, including TechCrunch. From bad sources to lack of technical details all the way up to the crazy conspiracy theories that someone at Bloomberg was trying to goose their quarterly bonus with a short sale or that the Chinese planted the story to cover up future hacking incidents, I think we’ve covered the entire gamut of everything that the SuperMicro story could and couldn’t be.

So what more could there be to say about this? Well, nothing about SuperMicro specifically. But there’s a lot to say about the fact that we were both oblivious and completely unsurprised about an attack on the supply chain of a manufacturer. While the story moved the stock markets pretty effectively for a few days, none of the security people I’ve talked to were shocked by the idea of someone with the power of a nation state inserting themselves into the supply chain Continue reading

Optimizing HTTP/2 prioritization with BBR and tcp_notsent_lowat

Optimizing HTTP/2 prioritization with BBR and tcp_notsent_lowat

Getting the best end-user performance from HTTP/2 requires good support for resource prioritization. While most web servers support HTTP/2 prioritization, getting it to work well all the way to the browser requires a fair bit of coordination across the networking stack. This article will expose some of the interactions between the web server, Operating System and network and how to tune a server to optimize performance for end users.

tl;dr

On Linux 4.9 kernels and later, enable BBR congestion control and set tcp_notsent_lowat to 16KB for HTTP/2 prioritization to work reliably. This can be done in /etc/sysctl.conf:

    net.core.default_qdisc = fq
    net.ipv4.tcp_congestion_control = bbr
    net.ipv4.tcp_notsent_lowat = 16384

Browsers and Request Prioritization

A single web page is made up of dozens to hundreds of separate pieces of content that a web browser pulls together to create and present to the user. The main content (HTML) for the page you are visiting is a list of instructions on how to construct the page and the browser goes through the instructions from beginning to end to figure out everything it needs to load and how to put it all together. Each piece of content requires a Continue reading

Internet Society submits comments for the revision of the Ethiopian Cybercrime law

Imagine how much the Internet has changed our lives in the last few decades. Today, thanks to the Internet, we can communicate with anyone around the world, instantaneously, reliably and cheaply. This enables us not only to be close to our friends and family that may be far away but also to bridge the knowledge gap that we have with the developed world. It also opens many work opportunities that we wouldn’t even imagine just a few years back and democratize media, allowing anyone to reach instantaneously millions of people at almost no cost, forcing transparency in governance more than ever before.

At national level, our economies are benefiting from the economic opportunities, directly and indirectly related to the Internet. Experts say that this is just the tip of the iceberg and that there are many more opportunities that are yet to be discovered.

However, we cannot deny that the Internet also comes with increasing challenges. Cybercrime is endangering Internet users, organizations and even countries. Our privacies are threatened every day. And more …  It is therefore appropriate that governments act to protect its citizens from the negatives impacts of the Internet by enacting laws and regulations. It was therefore Continue reading

4 Tips for Safeguarding Your SD-WAN

Be mindful of these four areas of security when considering an SD-WAN solution. By incorporating security measures like these into an SD-WAN solution, businesses gain assurance that their data, network, IT assets, and customers are protected.

GIT – Version Control for Network Engineers

Is GIT any way related to Network Guys ?  What is GIT and how a network engineers can benefit from It. Most of the network engineer might have not came across GIT and even not used in their work environment,But as mentioned in  earlier posts that inclusion of DevOps in Networking has made network engineer to learn about automation and related technologies.

GIT is a distributed version control software that keeps track of every modification to the code. If any change or mistake is made , we can look back and compare with  earlier version of code and find for any mistake.

So how GIT can be useful for Network Engineers ? Network Engineer can use GIT to see the config,how and when it got changed and who made the change ,all the changes in a file  can be  tracked easily.

Git can be easily installed by following the steps provided in link https://git-scm.com/book/en/v2/Getting-Started-Installing-Git

What is Git Version Control , Lets understand it in more simple way .. As per https://stackoverflow.com/questions/1408450/why-should-i-use-version-control/1408464#1408464

Have you ever:

  • Made a change to code, realized it was a mistake and wanted to revert back?
  • Lost code or had a backup that was too old?
  • Had Continue reading

Happy National Coming Out Day: Stories from Proudflare

Happy National Coming Out Day: Stories from Proudflare

Today is the 30th Anniversary of National Coming Out Day. We wanted to share some coming out stories from members of Proudflare and draw attention to resources the Human Rights Campaign provides to those who are thinking about coming out or wish to be supportive of those who come out to them.

About National Coming Out Day

On October 11, 1987, about 500,000 people marched on Washington for Lesbian and Gay Rights. This was the second demonstration of this type in the capital and it resulted in the formation of several LGBTQ organizations.

In the late 1980s, the LGBTQ community recognized that they often reacted defensively to anti LGBTQIA+ actions and the community came up with the idea of a national day for celebrating coming out. The anniversary of the 1987 march was chosen as that national day.

Each year on October 11th, National Coming Out Day continues to promote a safe world for LGBTQ individuals to live truthfully and openly.

Source: https://www.hrc.org/resources/the-history-of-coming-out

Coming out stories from Proudflare

Here are seven examples of the coming out stories that surfaced from a company-wide awareness campaign. I hope you’ll enjoy reading these and will find inspiration in them. Let’s Continue reading

IDG Contributor Network: Introducing Named Data Networking

While computing, storage and programming have dramatically changed and become simpler and cheaper over the last 20 years, however, IP networking has not. IP networking is still stuck in the era of mid-1990s.Realistically, when I look at ways to upgrade or improve a network, the approach falls into two separate buckets. One is the tactical move and the other is strategic. For example, when I look at IPv6, I see this as a tactical move. There aren’t many business value-adds.In fact, there are opposites such as additional overheads and minimal internetworking QoS between IPv4 & v6 with zero application awareness and still a lack of security. Here, I do not intend to say that one should not upgrade to IPv6, it does give you more IP addresses (if you need them) and better multicast capabilities but it’s a tactical move.To read this article in full, please click here

IDG Contributor Network: Introducing Named Data Networking

While computing, storage and programming have dramatically changed and become simpler and cheaper over the last 20 years, however, IP networking has not. IP networking is still stuck in the era of mid-1990s.Realistically, when I look at ways to upgrade or improve a network, the approach falls into two separate buckets. One is the tactical move and the other is strategic. For example, when I look at IPv6, I see this as a tactical move. There aren’t many business value-adds.In fact, there are opposites such as additional overheads and minimal internetworking QoS between IPv4 & v6 with zero application awareness and still a lack of security. Here, I do not intend to say that one should not upgrade to IPv6, it does give you more IP addresses (if you need them) and better multicast capabilities but it’s a tactical move.To read this article in full, please click here

Private cloud spending is increasing, not decreasing

Once again, IDC has thrown cold water on the notion that enterprises are looking to shut down their data centers and instead are looking to grow them. And a new form of IT spending is taking place.The latest worldwide market study by International Data Corporation (IDC) found revenue from sales of IT infrastructure equipment grew 48.4 percent year over year in the second quarter of 2018 to $15.4 billion.Quarterly spending on public cloud IT infrastructure was $10.9 billion in the second quarter of 2018, a 58.9 percent year-over-year growth, while private cloud spending reached $4.6 billion, an increase of 28.2 percent year over year.[ Check out What is hybrid cloud computing and learn what you need to know about multi-cloud. | Get regularly scheduled insights by signing up for Network World newsletters. ] By end of the year, IDC projects public cloud spending will account for 68.2 percent of total IT equipment spending, growing at an annual rate of 36.9 percent. That’s not surprising, though, as Amazon, Microsoft, Google, etc., buy servers in the tens of thousands of units.To read this article in full, please click here

Private cloud spending is increasing, not decreasing

Once again, IDC has thrown cold water on the notion that enterprises are looking to shut down their data centers and instead are looking to grow them. And a new form of IT spending is taking place.The latest worldwide market study by International Data Corporation (IDC) found revenue from sales of IT infrastructure equipment grew 48.4 percent year over year in the second quarter of 2018 to $15.4 billion.Quarterly spending on public cloud IT infrastructure was $10.9 billion in the second quarter of 2018, a 58.9 percent year-over-year growth, while private cloud spending reached $4.6 billion, an increase of 28.2 percent year over year.[ Check out What is hybrid cloud computing and learn what you need to know about multi-cloud. | Get regularly scheduled insights by signing up for Network World newsletters. ] By end of the year, IDC projects public cloud spending will account for 68.2 percent of total IT equipment spending, growing at an annual rate of 36.9 percent. That’s not surprising, though, as Amazon, Microsoft, Google, etc., buy servers in the tens of thousands of units.To read this article in full, please click here

Radical shake-up proposed for the internet

Changes may be in the cards for the internet. Primarily, the global information system that we know as the World Wide Web could be up for some radical blockchain-concept re-thinking. It could take us back in time, but in a good way, according to some experts.Mass decentralization, which includes the shifting the control of data from corporations to individuals, is what they propose.“If you think of our existing web, it was originally designed to be decentralized, but over the years, we've come to see 90 percent of the traffic going through three or four different companies,” says Mitra Ardron, Technical Lead for Decentralization, at Internet Archive, which hosted the Decentralized Web Summit in San Francisco this summer. He was quoted on the conference’s website.To read this article in full, please click here