Archive

Category Archives for "Networking"

Up and Running with Kubernetes and Tungsten Fabric

I have a predominantly technical background. You can show me all the slide decks you want but until I can get my hands on it, it’s not real to me. This has greatly influenced what I’m focusing on now that I’m doing more than just technical work - how to reduce the barrier to entry for people to become acquainted with a project or product. As a result, I’ve been getting more involved with Tungsten Fabric (formerly OpenContrail).

Up and Running with Kubernetes and Tungsten Fabric

I have a predominantly technical background. You can show me all the slide decks you want but until I can get my hands on it, it’s not real to me. This has greatly influenced what I’m focusing on now that I’m doing more than just technical work - how to reduce the barrier to entry for people to become acquainted with a project or product. As a result, I’ve been getting more involved with Tungsten Fabric (formerly OpenContrail).

Unveiling Cognitive Campus Networking

At Arista Networks, the status quo inspires us to innovate and continue our mission to reinvent the network – from ­­cloud to client. Today, we’re continuing that journey – into the campus network. Let’s face it; the legacy three-tier architecture of access-aggregation-core is wasteful and oversubscribed – creating a perfect storm for market transitions and Arista innovation.

Unveiling Cognitive Campus Networking

At Arista Networks, the status quo inspires us to innovate and continue our mission to reinvent the network – from ­­cloud to client. Today, we’re continuing that journey – into the campus network. Let’s face it; the legacy three-tier architecture of access-aggregation-core is wasteful and oversubscribed – creating a perfect storm for market transitions and Arista innovation.

CloudVision: A Cognitive Management Plane

The last 40 years have seen tremendous growth and progress in the data networking industry. Ethernet, IP, MPLS, GRE, IPsec, MACsec, and VXLAN enable operators to build secure, multiservice, high-performance data planes that interoperate across multiple vendors, multiple operators, and multiple administrative domains. Likewise, BGP, OSPF, IS-IS, LDP, RSVP, BFD, LACP, L3VPN, VPLS, and EVPN enable operators to build scalable multi-vendor control planes that federate across organizational boundaries, supporting mission-critical networks with global reach.

CloudVision: A Cognitive Management Plane

The last 40 years have seen tremendous growth and progress in the data networking industry. Ethernet, IP, MPLS, GRE, IPsec, MACsec, and VXLAN enable operators to build secure, multiservice, high-performance data planes that interoperate across multiple vendors, multiple operators, and multiple administrative domains. Likewise, BGP, OSPF, IS-IS, LDP, RSVP, BFD, LACP, L3VPN, VPLS, and EVPN enable operators to build scalable multi-vendor control planes that federate across organizational boundaries, supporting mission-critical networks with global reach.

IDG Contributor Network: Container security: crafting application identity

Over the years, we have embraced new technologies to find improved ways to build systems.  As a result, today's infrastructures have undergone significant evolution. To keep pace with the arrival of new technologies, legacy is often combined with the new, but they do not always mesh well. Such fusion between ultra-modern and conventional has created drag in the overall solution, thereby, spawning tension between past and future in how things are secured.The multi-tenant shared infrastructure of the cloud, container technologies like Docker and Kubernetes, and new architectures like microservices and serverless, while technically remarkable, increase complexity. Complexity is the number one enemy of security. Therefore, to be effectively aligned with adoption of these technologies, a new approach to security is required that does not depend on shifting infrastructure as the control point.To read this article in full, please click here

IDG Contributor Network: Container security: crafting application identity

Over the years, we have embraced new technologies to find improved ways to build systems.  As a result, today's infrastructures have undergone significant evolution. To keep pace with the arrival of new technologies, legacy is often combined with the new, but they do not always mesh well. Such fusion between ultra-modern and conventional has created drag in the overall solution, thereby, spawning tension between past and future in how things are secured.The multi-tenant shared infrastructure of the cloud, container technologies like Docker and Kubernetes, and new architectures like microservices and serverless, while technically remarkable, increase complexity. Complexity is the number one enemy of security. Therefore, to be effectively aligned with adoption of these technologies, a new approach to security is required that does not depend on shifting infrastructure as the control point.To read this article in full, please click here

Blacklisting modules on Linux

The Linux kernel is modular — composed of modules that work together but are largely independent of each other. New functionality can be added when a kernel module is loaded, but there are times when you might need to block functionality because modules interfere with each other or leave a system vulnerable. When that is the case, you can restrict what modules the kernel is able to use by blacklisting the troublemakers. This blocks them from being loaded.Listing Kernel modules You can list kernel modules with the lsmod command. For a taste of what you’re likely to see, the lsmod command below shows us the top of the lsmod command output on a sample system.To read this article in full, please click here

Why is the Feasibility Condition Less Than?

A reader recently emailed me with this question: Why isn’t the condition for a Feasible Successor set to less than (<), rather than less than of equal (<=), in EIGRP? It certainly seems, as noted in the email, that this rules out a lot of possible possible loop free alternate paths. The network below will be used to illustrate.

First, assume all links are cost of 1 except D->C, which is cost of 2. Here D will choose B as the Successor, and the FC will be set to 2. The RD of C will be 1, so C will be an FS. Now consider two failures. The first failure is D->B. D will immediately reroute to the FS, which is C, without changing the FC. This works, because C’s cost to 100::/64 via D is 4, much higher than it’s cost to 100::64 along C->A. Now consider what happens if A->100::/64 fails. If the timing of the query “works right,” C and B will be notified first, then finally D. Even if D is somehow notified before C, and D switches to C as its FS, the traffic is dropped, rather than looped—so all is happy.

Now change the situation a little. Assume the A->C link is cost Continue reading

Tune in to Our Q&A tomorrow!


Don’t miss our CCNA/CCNP Kickoff with Keith Bogart Tomorrow!

 

Join Keith May 8th at 10 am PST/ 1 pm EST for his CCNA/CCNP Kickoff.

This is a FREE live session that is open to everyone. In this open forum, you’ll have the opportunity to ask Keith all of your questions regarding the CCNA or CCNP Routing & Switching exam and related technologies.

Get all of your questions answered by an experienced industry expert! Just click here.

Enterprises are moving SD-WAN beyond pilot stages to deployment

Research conducted by market research firm IHS Markit found that 74 percent of firms surveyed had SD-WAN lab trials in 2017, and many of them plan to move into production this year.The report, titled “The WAN Strategies North America” (pdf, registration required), found security is the number one network concern by a wide margin and the top reason to invest in new infrastructure, as companies must fend off the constant threat of cyber attacks.There are other reasons, as well, such as traffic growth, company expansion, adoption of the Internet of things (IoT), the need for greater control over the WAN, and the need to put WAN costs on a sustainable path.To read this article in full, please click here

Enterprises are moving SD-WAN beyond pilot stages to deployment

Research conducted by market research firm IHS Markit found that 74 percent of firms surveyed had SD-WAN lab trials in 2017, and many of them plan to move into production this year.The report, titled “The WAN Strategies North America” (pdf, registration required), found security is the number one network concern by a wide margin and the top reason to invest in new infrastructure, as companies must fend off the constant threat of cyber attacks.There are other reasons, as well, such as traffic growth, company expansion, adoption of the Internet of things (IoT), the need for greater control over the WAN, and the need to put WAN costs on a sustainable path.To read this article in full, please click here

Network Break 183: VMware Embraces Cloud Networking; Cisco Acquires Accompany

Take a Network Break! VMware announces its Virtual Cloud Network vision and outlines the product portfolio to bring that vision to life. Dell Technology World showcases new servers and storage and cements Dell’s one-stop-shop strategy. Cisco spends $270 million to buy relationship intelligence purveyor Accompany.

Cisco also shed its service provider video business, Anuta Networks makes its orchestration platform available as SaaS, and the Lojack laptop recovery software suffers a serious vulnerability.

Meanwhile, a Webex vulnerability enables remote code execution, Arista shares dip despite a strong quarter, and Juniper shares rise slightly despite a poor one.

Get links to all these stories after our sponsor message.

Sponsor: Couchdrop

Send files to the cloud quickly and easily with Couchdrop, a cloud-based service that uses the Secure Copy Protocol to transfer files. Couchdrop integrates with Dropbox, GoogleDrive, Amazon S3 buckets and more. Head to Couchdrop.io to get details, and get two months free with a one-year subscription.

Show Links:

VMware Advances Networking for the Digital Era with the Virtual Cloud Network – VMware

Dell outlines a one-stop-shopping portfolio for technology-hungry businesses – Diginomica

Cisco Announces Intent to Acquire Accompany – Cisco

Permira Funds to Acquire Cisco’s SPVSS Business – Cisco

Continue reading