Video: Amazon To Sell Whitebox ? Analysis and Thinking Because I’m Not Sure
What sort of Whitebox network ? Ethernet or X86 network appliance ?
DNS-Over-TLS Built-In & Enforced – 1.1.1.1 and the GL.iNet GL-AR750S
GL.iNet GL-AR750S in black, same form-factor as the prior white GL.iNet GL-AR750. Credit card for comparison.
Back in April, I wrote about how it was possible to modify a router to encrypt DNS queries over TLS using Cloudflare's 1.1.1.1 DNS Resolver. For this, I used the GL.iNet GL-AR750 because it was pre-installed with OpenWRT (LEDE). The folks at GL.iNet read that blog post and decided to bake DNS-Over-TLS support into their new router using the 1.1.1.1 resolver, they sent me one to take a look at before it's available for pre-release. Their new router can also be configured to force DNS traffic to be encrypted before leaving your local network, which is particularly useful for any IoT or mobile device with hard-coded DNS settings that would ordinarily ignore your routers DNS settings and send DNS queries in plain-text.
In my previous blog post I discussed how DNS was often the weakest link in the chain when it came to browsing privacy; whilst HTTP traffic is increasingly encrypted, this is seldom the case for DNS traffic. This makes it relatively trivial for an intermediary to work out what site you're sending Continue reading
Crypto Energy Consumption Overtakes
I am more than happy to publish the new infographic " Crypto Energy Consumption Overtakes" with the help of my friends from btxchange.io. As we know, cryptocurrency mining is very popular nowadays but it comes with huge drawback in form of huge electricity consumption. The infographic finds out the most surprising numbers for crypto energy volumes. Enjoy reading.
Crypto Energy Consumption Overtakes
I am more than happy to publish the new infographic " Crypto Energy Consumption Overtakes" with the help of my friends from btxchange.io. As we know, cryptocurrency mining is very popular nowadays but it comes with huge drawback in form of huge electricity consumption. The infographic finds out the most surprising numbers for crypto energy volumes. Enjoy reading.
Updated Design on blog.ipspace.net
I synced the CSS used on blog.ipspace.net with the one used on the main web site. There should be no visible changes apart from a few minor fixes in color scheme and the main column being a bit narrower, but if you spot any errors please let me know.
During the summer break, I’m doing much-needed web site maintenance. Regular blog posts will return in autumn.
ISOC’s Hot Topics at IETF 102
The 102nd meeting of the IETF starts tomorrow in Montreal, Canada. This is will be the third time that an IETF has been held in the city, and tenth time in Canada – the first being way back in 1990.
The ISOC Internet Technology Team is as always highlighting the latest IPv6, DNSSEC, Securing BGP, TLS and IoT related developments, and we discuss these in detail in our Rough Guide to IETF 102. But we’ll also be bringing you daily previews of what’s happening each day as the week progresses.
Below are the sessions that we’ll be covering in the coming week. Note this post was written in advance so please check the official IETF 102 agenda for any updates, room changes, or final details.
Monday, 16 July 2018
- IPv6 Maintenance (6man) – Laurier @ 09.30-12.00 UTC-4
- Authentication and Authorization for Constrained Environments (ace) – Viger @ 09.30-12.00 UTC-4
- IP Wireless Access in Vehicular Environments (ipwave) – Laurier @ 13.30-15.30 UTC-4
- SIDR Operation (sidrops) – Viger @ 13.30-15.30 UTC-4
- Transport Layer Security (tls) – Place du Canada @ 13.30-15.30 UTC-4
Tuesday, 17 July 2018
- Distributed Mobility Management (dmm) – Van Horne @ 09.30-12.00 UTC-4
- Continue reading
New Ubuntu 18.04 Docker image – Python For Network Engineers
About one year ago I’ve created the Ubuntu 16.04 PFNE Docker image. It’s time for a new version of the Ubuntu PFNE Docker image to support Network engineers learn Python and test automation. Recently, Ubuntu announced that on the Ubuntu Docker Hub the 18.04 LTS version is using the minimal image. With this change when … Continue reading New Ubuntu 18.04 Docker image – Python For Network EngineersShow 398: The Tradeoffs Of Information Hiding In The Control Plane
Today on the Priority Queue, we re gonna hide some information. Oh, like route summarization? Sure, like route summarization. That s an example of information hiding. But there s much more to the story than that.
Our guest is Russ White. Russ is a serial networking book author, network architect, RFC writer, patent holder, technical instructor, and much of the motive force behind the early iterations of the CCDE program.
The latest tome to flow from his keyboard (and mine, actually) is Computer Networking Problems and Solutions available on Amazon right now. While I wrote or contributed to several of the chapters in this book, Russ did the lion s share, and we re going to dive into one of his book chapters, devoted to the topic of information hiding.
We discuss the reasons for information hiding in the control plane, including resource conservation and reducing the failure domain; the pros and cons of dividing a network in multiple failure domains with information hiding; and the criticality of convergence.
We also talk about techniques for information hiding, including filtering reachability information and using overlays.
Sponsor: InterOptic
InterOptic offers high-performance, high-quality optics at a fraction of the cost. Find out more Continue reading
How to operationalize Cumulus Linux
Thanks to the limitations of traditional networks, network operators are accustomed to doing everything manually and slowly. But they want to perform configuration, troubleshooting and upgrades faster and with fewer mistakes. They’re ready and willing to learn a new approach, but they want to know what their options are. More importantly, they want to do it right. The good news is, regardless of your organization’s specific goals, you can operationalize Cumulus Linux to meet those objectives faster and more consistently. This post will help you understand your options for developing agile, speed-of-business workflows for:
- Configuration management
- Backup and recovery
- Troubleshooting
And if you’re looking for a deeper, more technical dive into how to implement these network operations, download this white paper.
Configuration management
Automation
The biggest disadvantage of manual configurations is that they simply don’t scale. Implementing BGP across dozens of switches is a copy-and-paste endeavor that’s time-consuming and prone to error. Not only that, checking that the configuration took effect and works as expected requires hop-by-hop verification in addition to testing route propagation and IP connectivity. However, In a small network, there’s no shame in at least starting out doing everything by hand.
Cumulus Linux lets you use a Continue reading
Rough Guide to IETF 102: DNSSEC, DNS Security and Privacy
DNS privacy will receive a large focus in the latter half of the IETF 102 week with attention in the DPRIVE, DNSSD, and OPSEC working groups. In an interesting bit of scheduling (which is always challenging), most of the DNS sessions are Wednesday through Friday. As part of our Rough Guide to IETF 102, here’s a quick view on what’s happening in the world of DNS.
Given that IETF 102 is in Montreal, Canada, all times below are Eastern Daylight Time (EDT), which is UTC-4.
IETF 102 Hackathon
The “DNS team” has become a regular feature of the IETF Hackathons and the Montreal meeting is no different. The IETF 102 Hackathon wiki outlines the work that will start tomorrow (scroll down to see it). Major security/privacy projects include:
- Implementing a part of draft-bortzmeyer-dprive-resolver-to-auth
- Setting up and measuring leakage avoidance using root loopback at privacy server
- Oblivious DNS
- Proof of concept of the Multi-Provider DNSSEC draft.
Anyone is welcome to join the DNS team for part or all of that event.
DNS Operations (DNSOP)
The DNS sessions at IETF 102 start on Wednesday morning from 9:30am – 12noon with the DNS Operations (DNSOP) Working Group. Paul Wouters and Ondrej Sury Continue reading
Security Vendor Fortinet Sells SD-WAN Directly to Customers
According to Gartner research, there are more than 60 SD-WAN vendors, and 90 percent of them offer little or no security. Fortinet’s SD-WAN has a single controller to manage both the security and the other SD-WAN features.
Datadog Deepens Algorithmic and Machine Learning With Watchdog Capability
Watchdog uses algorithms and machine learning to automatically look at all the data sent by an enterprises’ infrastructure and applications.
SDxCentral’s Weekly Roundup — July 13, 2018
The U.S. Justice Department appeals the AT&T-Time Warner merger; Tintri files for bankruptcy in the U.S., shutters in Europe; Ericsson divests Swedish field services operation.
Bug Bounties Jump 33% With $11.7M Paid to Hackers Last Year
Some companies and governments are now offering as much as $250,000 to find and fix security flaws, according to the Hacker-Powered Security Report.
Intel Buys a Programmable Chip Company to Prepare for 5G
Programmable chips will play a key role in 5G networks because complex processing will be necessary in the baseband and the base station.
We’ve Added a New Machine Learning Course to Our Video Library!
This is a 2 and a half hour introductory course in Machine Learning. It’s taught by Yogesh Kulkarni, a practitioner and instructor in the field of Machine learning.
Why You Should Study This Topic:
Machine Learning is getting more popular each day. It is not just hype, but an essential technique made possible and powerful by the availability of data. Studying Machine Learning is imperative, and Python is a good programming environment to get started with the basics. This workshop will not only familiarize you with this powerful and popular techniques, but will also give you the confidence necessary to venture into this on your own, thereby improving your chances of a lucrative career ahead.
Who Should Watch:
This course is for anyone who wants to become more familiar with Machine Learning. It is recommended to have some knowledge of college level mathematics and programming using Python. You can be from any domain, such as Finance, Engineering, Agriculture, Biology, etc. you will know a new problem-solving technique which could be of great help in your own domain.
What You’ll Learn:
You will learn what Artificial Intelligence is, how it relates to Machine Learning and Deep Learning, what’s the core idea Continue reading