Archive

Category Archives for "Networking"

The Week in Internet News: A New Use for Blockchain

Blockchain takes on censorship: Students looking into sexual harassment accusations involving a professor at Peking University in China wrote a letter accusing the school of trying to silence one of them, but the letter was removed from social media outlets for “violating rules.” So some supporters distributed the letter using the Ethereum blockchain, reports Yahoo finance.

Why routing security matters: Hackers used a well-known weakness in Border Gateway Protocol routing to hijack Amazon Web Services’ DNS traffic for about two hours last Tuesday. Attackers were able to redirect an Ethereum wallet developer’s website to a phishing site and steal about $150,000 from MyEtherWallet.com users, ZDNet reports.

Hacking-for-hire site attacked: In this case, law enforcement agencies from 12 countries were the people who shut down hacking-for-hire site Webstresser.org. The site had 136,000 customers and its hackers launched more than 4 million DDoS attacks in recent years, according to Europol. GovTech.com has a story.

Inspecting the IoT: Researchers at Princeton University are launching IoT Inspector, an open-source tool designed to give Internet of Things users insight into the security of their devices. There’s even Raspberry Pi code for the project, says The Register.

Cryptocurrency for the suits: The Continue reading

NetChain: Scale-free sub-RTT coordination

NetChain: Scale-free sub-RTT coordination Jin et al., NSDI’18

NetChain won a best paper award at NSDI 2018 earlier this month. By thinking outside of the box (in this case, the box is the chassis containing the server), Jin et al. have demonstrated how to build a coordination service (think Apache ZooKeeper) with incredibly low latency and high throughput. We’re talking 9.7 microseconds for both reads and writes, with scalability on the order of tens of billions of operations per second. Similarly to KV-Direct that we looked at last year, NetChain achieves this stunning performance by moving the system implementation into the network. Whereas KV-Direct used programmable NICs though, NetChain takes advantage of programmable switches, and can be incrementally deployed in existing datacenters.

We expect a lightning fast coordination system like NetChain can open the door for designing a new generation of distributed systems beyond distributed transactions.

It’s really exciting to watch all of the performance leaps being made by moving compute and storage around (accelerators, taking advantage of storage pockets e.g. processing-in-memory, non-volatile memory, in-network processing, and so on). The sheer processing power we’ll have at our disposal as all of these become mainstream is staggering to Continue reading

Cloud Not Just Someone Else’s Computer

Cloud computing is a lot more than “someone else’s computer” and it annoys the hell out of me when people keep trotting out this tired old excuse. There is much more to service delivery than compute power. You do yourself and your customers a disservice if you don’t do your research.

A few years ago it was fashionable to dismiss cloud as “just someone else’s computer”, e.g.:

There’s T-shirts:

Someone else's Computer T-Shirt

You can even buy coffee mugs.

In a time when most cloud computing was Infrastructure as a Service, there was an element of truth to it. But…

Times Change

The problem is that there’s still people thinking this. Check these recent tweets.

These people don’t realize that the world has moved on a long way. There is much more to cloud computing than just “someone else’s computer.”

Consider a simple example, like email. To provide email services from “my computer” I also need power, cooling, rack space, servers, storage, networking, operating system, software, application configuration and maintenance, etc…not to mention the operational expertise to keep it all going.

If Continue reading

What’s behind Cisco’s comeback?

Cisco Systems Inc. (NASDAQ: CSCO) in just the last week or so has taken over the top spot for year-to-date performance among the 30 equities comprising the Dow Jones industrial average, with its shares having risen nearly 20 percent in 2018. That’s a big deal. How did it happen? What pushed Cisco beyond its best-known-router reputation to being a top performer on the DOW?A little history Cisco has been around for nearly as long as I've been working on Unix and Linux systems. Founded in December 1984 by two Stanford University computer scientists and clearly named after San Francisco, its logo clearly depicts the two towers of the Golden Gate Bridge and its line of products have kept it a major player in routers and switches. In fact, Cisco was on top of the tech world before the dot.com meltdown. Then it plunged with the rest of the tech sector.To read this article in full, please click here

What’s behind Cisco’s comeback?

Cisco Systems Inc. (NASDAQ: CSCO) in just the last week or so has taken over the top spot for year-to-date performance among the 30 equities comprising the Dow Jones industrial average, with its shares having risen nearly 20 percent in 2018. That’s a big deal. How did it happen? What pushed Cisco beyond its best-known-router reputation to being a top performer on the DOW?A little history about Cisco Cisco has been around for nearly as long as I've been working on Unix and Linux systems. Founded in December 1984 by two Stanford University computer scientists and clearly named after San Francisco, its logo clearly depicts the two towers of the Golden Gate Bridge and its line of products have kept it a major player in routers and switches. In fact, Cisco was on top of the tech world before the dot.com meltdown. Then it plunged with the rest of the tech sector.To read this article in full, please click here

Getting started with Terraform and Cloudflare (Part 1 of 2)

Getting started with Terraform and Cloudflare (Part 1 of 2)

As a Product Manager at Cloudflare, I spend quite a bit of my time talking to customers. One of the most common topics I'm asked about is configuration management. Developers want to know how they can write code to manage their Cloudflare config, without interacting with our APIs or UI directly.

Following best practices in software development, they want to store configuration in their own source code repository (be it GitHub or otherwise), institute a change management process that includes code review, and be able to track their configuration versions and history over time. Additionally, they want the ability to quickly and easily roll back changes when required.

When I first spoke with our engineering teams about these requirements, they gave me the best answer a Product Manager could hope to hear: there's already an open source tool out there that does all of that (and more), with a strong community and plugin system to boot—it's called Terraform.

This blog post is about getting started using Terraform with Cloudflare and the new version 1.0 of our Terraform provider. A "provider" is simply a plugin that knows how to talk to a specific set of APIs—in this case, Cloudflare, but Continue reading

Link Propagation 116

Welcome to Link Propagation, a Packet Pushers newsletter. Link Propagation is included in your free membership. Each week we scour the InterWebs to find the most relevant practitioner blog posts, tech news, and product announcements. We drink from the fire hose so you can sip from a coffee cup. Blogs WISP Design – Building Highly […]

A Review of RSA Conference

So, I recently went to my first RSA Conference. It’s something I’ve had on my radar for a while but never had the opportunity to do. However, with Security Field Day coming up later this year I thought it was high time I went to see what everything was about. Here are some ideas that I came up with during my pilgrimage to the big security conference.

  • It’s Huge. Like, really big. I’ve never seen a bigger conference before. I haven’t gone to Oracle OpenWorld or Dreamforce, but the size of the RSA show floor alone dwarfs anything I’ve seen. Three whole areas, including one dedicated to emerging vendors. That’s big. Almost too big in fact.
  • I Still Hate Moscone. It’s official. No conference should ever use this place again. It’s been 4 years since I railed against it and every word still applies. Doubly so this year, as RSA was being held during construction! Seriously. At this point, Moscone must be paying people to hold a convention there. RSA is too big. I don’t care if it’s cheap to ferry people up from Silicon Valley. Stop doing this to yourself and tarnishing your brand. Just go to Vegas if Continue reading

We’ve Launched Our New Bootcamps Site!

The INE Bootcamps site is finally here! We constantly strive to make our products and buying experience better, which is why we decided to give our bootcamps their very own website. As INE continues to grow, we plan on rolling out even more bootcamp dates, locations and types, all of which can now be found at bootcamps.ine.com.

What You’ll Find On Our Bootcamps Site:

  • Full description and details about CCIE Routing and Switching, Data Center, Collaboration, Service Provider and Security certifications and exams
  • Full description and details about CCNP and CCNA Routing & Switching certifications and exams
  • Full description and details about GCP Cloud Architect certification and exam
  • Detailed description of prerequisites for all tracks and vendors
  • Recommended path, outlining exactly what products you’ll need for each track and in what order to use them to ensure you pass your exams the first time
  • All of our bootcamp offerings for all tracks and vendors, including details about pricing, dates, and what to expect from each bootcamp
  • Detailed descriptions of each of our bootcamp locations


Ready to get started on your certification journey? Check out our Bootcamps Site for yourself.

Weekend Reads 042718: Mostly Security and Privacy

The Internet Corporation for Assigned Names and Numbers (ICANN) launched the Uniform Rapid Suspension System (URS) (2013) in anticipation of the marketing of new gTLDs that became available from November 2013. It is one of four new rights protection mechanisms (RPMs) designed to combat cybersquatting. —Gerald M. Levine @CircleID

Digital attackers are targeting organizations in the energy sector like never before. For example, just a few weeks ago, the FBI and Department of Homeland Security issued a joint report describing a massive Russian hacking campaign to infiltrate America’s critical infrastructure. In a first, the US government publicly blamed Russia’s government for attacks on energy infrastructure. —Ray Lepina @tripwire

About a decade ago, Kaminsky proved that vulnerabilities of the DNS can be exploited. If the DNS is corrupt (for instance by ‘cache poisoning’), the end user can be directed to a malicious website. This can be risky when sensitive (personal) information is exchanged, or a financial transaction is done. Mail security is also tied to (the security of) the DNS. A network attacker can spoof the DNS records of a mail server, to redirect mail connections to a malicious server. —Rene Bakker @APNIC

When we must depend on a system, not Continue reading

Celebrating ECMP in Linux — part two

In part one of our series on ECMP, we discussed the basics of ECMP, the recent changes that have been made and Cumulus’ part in moving the ball forward for Linux networking. Now, it’s time to get a little more technical and review how advancements in ECMP development for IPv4 and IPv6 have made ECMP what it is today — and what it can be in the near future.

Setting the stage: defining our terminologies

Hashing algorithms

Hashing algorithms are the biggest component of ECMP behavior, so it makes sense for us to talk for a moment about what we specifically mean when we refer to each one.

1.) Per-packet hash
This hash was the original hashing algorithm used in the kernel’s ECMP behavior. It is trivially simple to understand as it basically uses a pseudo random number in the kernel at the time packet is being processed (jiffies) to determine which link in an ECMP bundle the traffic will use for egress. With this algorithm in place, each packet for a single flow could use a different link to get to the destination. This leads to all kinds of bad behaviors in TCP and higher level applications/protocols Continue reading

1 1,285 1,286 1,287 1,288 1,289 3,348