The new FlashSystem 9100 supports NVMe now and will support NVMe over Fabrics (NVMe-oF) and storage class memory (SCM) in the future.
As predicted, Arista starts work on the Campus …..
Open source gives telecom providers more control that will be key for deploying 5G and MEC, says James.
As usual, in this post I’ll focus on important work the IETF is doing that helps improve the security and resilience of the Internet infrastructure.
At IETF 102 there are a lot of new ideas being brought to the community in the form of Internet Drafts aimed at improving the security and resilience of the Internet infrastructure, and I’d like to introduce some of them to you. But keep in mind – an Internet Draft does not indicate IETF endorsement, is not a standard, and may not result in any further work at the IETF.
So, let us look at what is happening in the domain of BGP, the routing protocol that connects the Internet.
There has been slow progress in the work on mitigating route leaks in the IDR Working Group (WG). One of the reasons for the slowness was that the group was considering two proposals addressing the route leak problem and both are IDR WG documents: “Methods for Detection and Mitigation of BGP Route Leaks”, and “Route Leak Prevention using Roles in Update and Open Messages”. Plus, there is a third submission “Route Leak Detection and Filtering using Roles Continue reading
As networks begin leveraging intelligent DNS products, there is often a need to do some magic at the Internet edge to redirect to the target provider. Some products actually have this capability embedded. Even though the ASA doesn’t specifically have a defined configuration to do this, we can achieve the same outcome with a few simple NAT rules.
An initial thought would be to build a NAT policy as follows
//define the objects object network obj_any subnet 0.0.0.0 0.0.0.0 object network Umbrella1 host 208.67.220.220 object network Umbrella2 host 208.67.222.222 object service UDP-53 service udp destination eq domain //define the nat rules nat (any,outside) source dynamic any interface destination static obj_any Umbrella1 service UDP-53 UDP-53 nat (any,outside) source dynamic any interface destination static obj_any Umbrella2 service UDP-53 UDP-53
This will sort of work. However, there are two words of caution I would share with this approach. First, DNS sometimes leverages TCP. Second, the last NAT rule will never be used. In this case, even requests to 208.67.222.222 would match the first rule and be re-written to the destination 208.67.220.220.
My recommendation would be Continue reading
As networks begin leveraging intelligent DNS products, there is often a need to do some magic at the Internet edge to redirect to the target provider. Some products actually have this capability embedded. Even though the ASA doesn’t specifically have a defined configuration to do this, we can achieve the same outcome with a few simple NAT rules.
An initial thought would be to build a NAT policy as follows
//define the objects object network obj_any subnet 0.0.0.0 0.0.0.0 object network Umbrella1 host 208.67.220.220 object network Umbrella2 host 208.67.222.222 object service UDP-53 service udp destination eq domain //define the nat rules nat (any,outside) source dynamic any interface destination static obj_any Umbrella1 service UDP-53 UDP-53 nat (any,outside) source dynamic any interface destination static obj_any Umbrella2 service UDP-53 UDP-53
This will sort of work. However, there are two words of caution I would share with this approach. First, DNS sometimes leverages TCP. Second, the last NAT rule will never be used. In this case, even requests to 208.67.222.222 would match the first rule and be re-written to the destination 208.67.220.220.
My recommendation would be Continue reading
I recently listened to Packet Pushers show 395 recently. It is a great discussion on optical networking. One thing I wanted to make everyone aware of was a series of comments on the varying quality of optics and some justification around the premium prices often found on vendor branded optics. While the entire episode is worth a listen, the discussion around vendor optics begins at about 35:20 into the recording.
I work for a vendor and it is doubtful that people would view my opinion as unbiased. I encourage everyone to take a listen below and form their own opinions.
If you are a tech guy or girl, the Packet Pushers Podcast is a perfect addition to the podcatcher.
.
Disclaimer: This article includes the independent thoughts, opinions, commentary or technical detail of Paul Stewart. This may or may does not reflect the position of past, present or future employers.
I recently listened to Packet Pushers show 395 recently. It is a great discussion on optical networking. One thing I wanted to make everyone aware of was a series of comments on the varying quality of optics and some justification around the premium prices often found on vendor branded optics. While the entire episode is worth a listen, the discussion around vendor optics begins at about 35:20 into the recording.
I work for a vendor and it is doubtful that people would view my opinion as unbiased. I encourage everyone to take a listen below and form their own opinions.
If you are a tech guy or girl, the Packet Pushers Podcast is a perfect addition to the podcatcher.
.
Disclaimer: This article includes the independent thoughts, opinions, commentary or technical detail of Paul Stewart. This may or may does not reflect the position of past, present or future employers.
It’s that time again where once every 4 years people get very hyped over kicking a ball around a grass pitch, however this time my own country is actually doing pretty well! At the time of wr
Updating an enterprise WLAN to meet today's business needs is complicated. Follow these guidelines to make sure your wireless network provides reliable and secure connectivity.
Illumio’s new head of cybersecurity strategy — former Obama administration executive Jonathan Reiber — literally wrote the book on cyberstrategy at the U.S. Department of Defense.Reiber is Illumio’s .