Cisco to MikroTik – MPLS

About the Cisco to MikroTik series

One of the hardest things to do quickly in network engineering, is learn a new syntax for a NOS. Especially if you have a tight deadline and need to stand up equipment you’ve never worked with before. The command structure for RouterOS can be cumbersome if you are used to the Cisco CLI.

If you’ve been in networking for a while, you probably started with learning the Cisco CLI. Therefore, it is helpful to compare the commands if you want to implement a network with a MikroTik and Cisco routers.

This is the third post in a series that creates a Rosetta stone between IOS and RouterOS. We plan to tackle  other command comparisons like VLANs, QoS and basic operations to make it easier for network engineers trained in Cisco IOS to successfully implement Mikrotik / RouterOS devices.

Click here for the first article in this series – “Cisco to MikroTik BGP command translation”
Click here for the second article in this series – “Cisco to MikroTik OSPF command translation”

While many commands have almost the exact same information, others are as close as possible. Since there isn’t always an exact match, sometimes you may have to run Continue reading

IDG Contributor Network: Get a better angle on your network monitoring with application management

With any new network monitoring and management software, the first step is to assess your existing inventory. Do this by allowing the software to discover all your devices. Your new software may alert you to things you didn’t know you had. Network monitoring and management tooling may be smart enough to propose ways to improve your system: it might suggest new configurations or highlight bottlenecks. Your last step is to let the Simple Network Management Protocol (SNMP) traps flow and inform you about day-to-day network usage.One blessing of the OSI model is that it has enabled innovation at the individual layers. These layers are abstracted from one another, which prevents accidentally injecting dependencies into other layers. The curse of the OSI model is that it has socially separated the people who work at the individual layers from one another—someone working at one layer may never think of someone else working at a different layer. It’s a recurring problem in network monitoring and management, in general.To read this article in full, please click here

IDG Contributor Network: Get a better angle on your network monitoring with application management

With any new network monitoring and management software, the first step is to assess your existing inventory. Do this by allowing the software to discover all your devices. Your new software may alert you to things you didn’t know you had. Network monitoring and management tooling may be smart enough to propose ways to improve your system: it might suggest new configurations or highlight bottlenecks. Your last step is to let the Simple Network Management Protocol (SNMP) traps flow and inform you about day-to-day network usage.One blessing of the OSI model is that it has enabled innovation at the individual layers. These layers are abstracted from one another, which prevents accidentally injecting dependencies into other layers. The curse of the OSI model is that it has socially separated the people who work at the individual layers from one another—someone working at one layer may never think of someone else working at a different layer. It’s a recurring problem in network monitoring and management, in general.To read this article in full, please click here

PQ 148: How To Monitor Cryptojacking With Paessler PRTG (Sponsored)

2018 NFV Report Series Part 2: Rising roles of MANO, LSO and Assurance Available Now

Download now to learn the latest on the MANO, LSO and Assurance market.

Rancher Labs Ties Future to Building a Car Around Kubernetes

The company launched general availability of its Kubernetes-based platform that breaks from its past reliance on Docker.

Worth Reading: Feedback Fail

But buried in all the ideas and books and blogs and seminars and real-life experiences of teams everywhere is a forgotten assumption, the Achilles’ Heel of Agile. There’s one shortcut to muck up agile fast. Ready? —Phil Seaton @Free code Camp

Sprint Shuffles Top Management Ahead of T-Mobile Acquisition

CEO Marcelo Claure will become executive chairman of Sprint. He expects to spend a lot of time in Washington, D.C., getting regulators to approve the T-Mobile merger.

Internet Society, LACNIC, and LAC-IX Partner to Strengthen IXPs in Latin America

Wednesday, 2 May 2018, the Internet Society signed a Memorandum of Understanding with the Association of Internet Exchange Points (LAC-IX) and the Latin American Registry for Internet Numbers (LACNIC) to create and strengthen Internet Exchange Points (IXPs) for a stable, secure, and open Internet and to maximise the impact of our activities across Latin America and the Caribbean.

Internet Society’s work on interconnection, traffic exchange, and IXPs not only improves local Internet service in developed regions, but also engages with the local communities that are instrumental in advancing the Internet Society’s mission. The IXP program helps develop Internet technical communities and network operators across the globe.

The Internet Society cooperates with regional organisations that lead IXP work in the field, supporting their work, promoting new IXPs where needed, and helping spread Internet Society work that is valuable to their communities.

LAC-IX and LACNIC have a unique role in promoting new IXPs, supporting existing communities, and, through them, providing the messages that contribute to a stable and scalable Internet.

This Memorandum of Understanding establishes a reference framework for cooperation mechanisms between the Parties. Plans include supporting capacity-building events, disseminating common initiatives and projects, and promoting good routing practices at traffic exchange Continue reading

Intel job posting hints at major overhaul to the processor core

A job listing on Intel’s official webpage for a senior CPU micro-architect and designer to build a revolutionary microprocessor core has fueled speculation that the company is finally going to redesign its Core-branded CPU architecture after more than 12 years.Intel introduced the Core architecture in 2006, and that was an iteration of the P6 microarchitecture first introduced with the Pentium Pro in 1995. So, in some ways, Intel in 2018 is running on a 1995 design. Even though its tick/tock model called for a new microarchitecture every other year, the new architecture was, in fact, just a tweak of the old one and not a clean sheet design.The job is based in the Intel's Hillsboro, Oregon, facility, where all of the major development work is done. It initially said “join the Ocean Cove team to deliver Intel’s next-generation core design in Hillsboro, Oregon.” That entry has since been removed from the posting.To read this article in full, please click here

Intel job posting hints at major overhaul to the processor core

A job listing on Intel’s official webpage for a senior CPU micro-architect and designer to build a revolutionary microprocessor core has fueled speculation that the company is finally going to redesign its Core-branded CPU architecture after more than 12 years.Intel introduced the Core architecture in 2006, and that was an iteration of the P6 microarchitecture first introduced with the Pentium Pro in 1995. So, in some ways, Intel in 2018 is running on a 1995 design. Even though its tick/tock model called for a new microarchitecture every other year, the new architecture was, in fact, just a tweak of the old one and not a clean sheet design.The job is based in the Intel's Hillsboro, Oregon, facility, where all of the major development work is done. It initially said “join the Ocean Cove team to deliver Intel’s next-generation core design in Hillsboro, Oregon.” That entry has since been removed from the posting.To read this article in full, please click here

Some Fake News Fighters Embrace AI, Others Seek the Human Touch

Fake news doesn’t seem to be going away anytime soon, and some entrepreneurs are targeting false news reports with new services designed to alert readers.

Some countries have pushed for new laws to criminalize the creation of fake news – raising questions about government censorship – but these new fake news fighters take a different approach, some using Artificial Intelligence, some using human power, and some using a combination of AI and humans.

Several high-profile fake news fighting services have launched in recent years, some of them driven by the amount of fake news generated during the 2016 U.S. election. These services generally focus on web content appearing to be legitimate news, as an alternative to traditional fact-checking services like Snopes – which takes a broad look at Web-based news and rumors – or PolitiFact – which addresses claims made by politicians and political groups.

The amount of fake news generated during the election campaign was the main reason FightHoax founder Valentinos Tzekas began working on his service two years ago. At the time, Tzekas was a first-year applied informatics student at a Greek university, but he is planning to leave school to work full time on FightHoax.

The 2016 Continue reading

Mobile data usage overtakes Wi-Fi, and CBRS threatens

Wi-Fi use has dropped in the United States. The reason: Consumers are shifting to cellular mobile networks that are providing new, unlimited data bundles. That’s according to mobile network performance analyst OpenSignal.The testing-firm, which publishes an annual Wi-Fi-versus-mobile crowdsourced study, says consumers are taking advantage of unlimited data plans being offered by the major mobile network operators (MNOs) in the U.S. No longer are folks worrying about generating large bills using mobile data for media or having to work around limited, included-data buckets.“Users are likely becoming more confident about consuming data over cellular networks,” writes Peter Boyland in a blog post on OpenSignal’s website.To read this article in full, please click here

Google’s going to make some IoT news at I/O 2018

Google I/O, the company's annual developer conference, grabs fewer headlines than it used to in ages past – the reveal of Google Glass was one for the record books, even the biggest Google detractor would have to admit. But Google's still planning to make some waves this year, particularly with what seems likely to be a full roll-out of Android Things 1.0, the variant Android OS designed for IoT.The idea behind Things is to provide a unified, one-size-fits-all software option for the developers of constrained devices like smart displays, kiosks and digital signage, among others. Device makers won’t be allowed to modify parts of Android Things’ code, specifically the parts that ensure Google can flash updates to all devices running the software at any time.To read this article in full, please click here

Google could be getting serious about IoT with release of Android Things

Google I/O, the company's annual developer conference, grabs fewer headlines than it used to in ages past – the reveal of Google Glass was one for the record books, even the biggest Google detractor would have to admit. But Google's still planning to make some waves this year, particularly with what seems likely to be a full roll-out of Android Things 1.0, the variant Android OS designed for IoT.The idea behind Things is to provide a unified, one-size-fits-all software option for the developers of constrained devices like smart displays, kiosks and digital signage, among others. Device makers won’t be allowed to modify parts of Android Things’ code, specifically the parts that ensure Google can flash updates to all devices running the software at any time.To read this article in full, please click here

Yubikey/Smartcard backed TLS servers

Yubikey/Smartcard backed TLS servers

It has become clear that storing secrets in computers is hard. The best demo to the world that storing secrets on “online” computers is hard and sometimes

Hackathon at Africa Internet Summit Focuses on Time, Vehicular Communications, and Network Programmability

We are pleased to announce the 2^nd Hackathon@AIS will be held in Dakar, Senegal, on 9-10 May, alongside the Africa Internet Summit. Participants from 14 countries have confirmed their participation and will work on activities centered around three main topics:

• The Network Time Protocol (or NTP)
• Wireless communication in vehicular environments – based on Intelligent Transportation Systems
• Network Programmability

Working on open Internet standards involves a collaborative effort whereby individuals from different backgrounds provide input and expertise to improve the Internet. Work is focused on common objectives with set timelines. This work is mostly done by people in different geographical locations using the Internet (and online tools) to collaborate on the work. In some cases, short technical events called hackathons place experts in one physical location to work collaboratively to solve a problem or develop a new product or output in a short period of time.

Last year, the Internet Society’s African Regional Bureau, together with AFRINIC, organized a hackathon in Kenya, during the 2017 Africa Internet Summit. In Africa, work on open Internet standards development is low, with only a handful of Request For Comments (RFCs) known to have been published by experts from the region. One of Continue reading

A Secure Supply Chain for Kubernetes

With KubeCon EU happening in Copenhaguen, we looked back at the most popular posts with our readers on Docker and Kubernetes. For those of you that have yet to try Docker EE 2.0, this blog highlights how Docker EE 2.0 provides a secure supply chain for Kubernetes.

The GA release of the Docker Enterprise Edition (Docker EE) container platform last month integrates Kubernetes orchestration, running alongside Swarm, to provide a single container platform that supports both legacy and new applications running on-premises or in the cloud. For organizations that are exploring Kubernetes or deploying it in production, Docker EE offers integrated security for the entire lifecycle of a containerized application, providing an additional layer of security before the workload is deployed by Kubernetes and continuing to secure the application while it is running.

Mike Coleman previously discussed access controls for Kubernetes. This week we’ll begin discussing how Docker EE secures the Kubernetes supply chain.

What is a Software Supply Chain?

When you purchase something from a retail store, there is an entire supply chain that gets the product from raw materials to the manufacturer to you. Similarly, there is a software supply chain that takes an application from Continue reading

Automation Win: Zero-Touch Provisioning

Listening to the networking vendors it seems that zero-touch provisioning is a no-brainer … until you try to get it working in real life, and the device you want to auto-configure supports only IP address assignment via DHCP, configuration download via TFTP, and a DHCP option that points to the configuration file.

As Hans Verkerk discovered when he tried to implement zero-touch provisioning with Ansible while attending the Building Network Automation Solutions course you have to:

Stateless datacenter load-balancing with Beamer

Stateless datacenter load-balancing with Beamer Olteanu et al., NSDI’18

We’ve spent the last couple of days looking at datacenter network infrastructure, but we didn’t touch on the topic of load balancing. For a single TCP connection, you want all of the packets to end up at the same destination. Logically, a load balancer (a.k.a. ‘mux’) needs to keep some state somewhere to remember the mapping.

Existing load balancer solutions can load balance TCP and UDP traffic at datacenter scale at different price points. However, they all keep per-flow state; after a load balancer decides which server should handle a connection, that decision is “remembered” locally and used to handle future packets of the same connection. Keeping per-flow state should ensure that ongoing connections do not break when servers and muxes come or go…

There are two issues with keeping this state though. Firstly , it can sometimes end up incomplete or out of date (especially under periods of rapid network change, such as during scale out and scale in). Secondly, there’s only a finite amount of resource to back that state, which opens the door to denial of service attacks such as SYN flood attacks.

Beamer is Continue reading