One of the hardest things to do quickly in network engineering, is learn a new syntax for a NOS. Especially if you have a tight deadline and need to stand up equipment you’ve never worked with before. The command structure for RouterOS can be cumbersome if you are used to the Cisco CLI.
If you’ve been in networking for a while, you probably started with learning the Cisco CLI. Therefore, it is helpful to compare the commands if you want to implement a network with a MikroTik and Cisco routers.
This is the third post in a series that creates a Rosetta stone between IOS and RouterOS. We plan to tackle other command comparisons like VLANs, QoS and basic operations to make it easier for network engineers trained in Cisco IOS to successfully implement Mikrotik / RouterOS devices.
Click here for the first article in this series – “Cisco to MikroTik BGP command translation”
Click here for the second article in this series – “Cisco to MikroTik OSPF command translation”
While many commands have almost the exact same information, others are as close as possible. Since there isn’t always an exact match, sometimes you may have to run Continue reading
Today on Priority Queue, the Packet Pushers peer into the darker corners of network monitoring.
Monitoring gets you visibility. But when you can see what’s happening, you might not like what you find. That s the topic of today s sponsored show with Paessler AG, maker of PRTG network monitoring software.
Our guests are Greg Ross, Presales Systems Engineer at Paessler; and Troy Mursch, a security researcher who blogs at Bad Packets Report.
Troy discovered that cryptojacking malware called Coinhive had infected a popular Website. We’ll talk about how he used Paessler sensors to monitor the malware on the site, and to track down other infected systems.
We talk with Troy and Greg about how to use Paessler to monitor key metrics that could indicate malware. We also dig into Paessler’s capabilities for more typical network monitoring use cases.
And here’s a special offer for Packet Pushers listeners: Paessler is offering a free network security eBook. You can get it at go.paessler.com/packetpushers.
You can also get a free trail of PRTG here.
Free Network Security eBook – Paessler
Download now to learn the latest on the MANO, LSO and Assurance market.
The company launched general availability of its Kubernetes-based platform that breaks from its past reliance on Docker.
CEO Marcelo Claure will become executive chairman of Sprint. He expects to spend a lot of time in Washington, D.C., getting regulators to approve the T-Mobile merger.
Wednesday, 2 May 2018, the Internet Society signed a Memorandum of Understanding with the Association of Internet Exchange Points (LAC-IX) and the Latin American Registry for Internet Numbers (LACNIC) to create and strengthen Internet Exchange Points (IXPs) for a stable, secure, and open Internet and to maximise the impact of our activities across Latin America and the Caribbean.
Internet Society’s work on interconnection, traffic exchange, and IXPs not only improves local Internet service in developed regions, but also engages with the local communities that are instrumental in advancing the Internet Society’s mission. The IXP program helps develop Internet technical communities and network operators across the globe.
The Internet Society cooperates with regional organisations that lead IXP work in the field, supporting their work, promoting new IXPs where needed, and helping spread Internet Society work that is valuable to their communities.
LAC-IX and LACNIC have a unique role in promoting new IXPs, supporting existing communities, and, through them, providing the messages that contribute to a stable and scalable Internet.
This Memorandum of Understanding establishes a reference framework for cooperation mechanisms between the Parties. Plans include supporting capacity-building events, disseminating common initiatives and projects, and promoting good routing practices at traffic exchange Continue reading
Fake news doesn’t seem to be going away anytime soon, and some entrepreneurs are targeting false news reports with new services designed to alert readers.
Some countries have pushed for new laws to criminalize the creation of fake news – raising questions about government censorship – but these new fake news fighters take a different approach, some using Artificial Intelligence, some using human power, and some using a combination of AI and humans.
Several high-profile fake news fighting services have launched in recent years, some of them driven by the amount of fake news generated during the 2016 U.S. election. These services generally focus on web content appearing to be legitimate news, as an alternative to traditional fact-checking services like Snopes – which takes a broad look at Web-based news and rumors – or PolitiFact – which addresses claims made by politicians and political groups.
The amount of fake news generated during the election campaign was the main reason FightHoax founder Valentinos Tzekas began working on his service two years ago. At the time, Tzekas was a first-year applied informatics student at a Greek university, but he is planning to leave school to work full time on FightHoax.
The 2016 Continue reading
It has become clear that storing secrets in computers is hard. The best demo to the world that storing secrets on “online” computers is hard and sometimes
We are pleased to announce the 2nd Hackathon@AIS will be held in Dakar, Senegal, on 9-10 May, alongside the Africa Internet Summit. Participants from 14 countries have confirmed their participation and will work on activities centered around three main topics:
Working on open Internet standards involves a collaborative effort whereby individuals from different backgrounds provide input and expertise to improve the Internet. Work is focused on common objectives with set timelines. This work is mostly done by people in different geographical locations using the Internet (and online tools) to collaborate on the work. In some cases, short technical events called hackathons place experts in one physical location to work collaboratively to solve a problem or develop a new product or output in a short period of time.
Last year, the Internet Society’s African Regional Bureau, together with AFRINIC, organized a hackathon in Kenya, during the 2017 Africa Internet Summit. In Africa, work on open Internet standards development is low, with only a handful of Request For Comments (RFCs) known to have been published by experts from the region. One of Continue reading
With KubeCon EU happening in Copenhaguen, we looked back at the most popular posts with our readers on Docker and Kubernetes. For those of you that have yet to try Docker EE 2.0, this blog highlights how Docker EE 2.0 provides a secure supply chain for Kubernetes.
The GA release of the Docker Enterprise Edition (Docker EE) container platform last month integrates Kubernetes orchestration, running alongside Swarm, to provide a single container platform that supports both legacy and new applications running on-premises or in the cloud. For organizations that are exploring Kubernetes or deploying it in production, Docker EE offers integrated security for the entire lifecycle of a containerized application, providing an additional layer of security before the workload is deployed by Kubernetes and continuing to secure the application while it is running.
Mike Coleman previously discussed access controls for Kubernetes. This week we’ll begin discussing how Docker EE secures the Kubernetes supply chain.
When you purchase something from a retail store, there is an entire supply chain that gets the product from raw materials to the manufacturer to you. Similarly, there is a software supply chain that takes an application from Continue reading
Listening to the networking vendors it seems that zero-touch provisioning is a no-brainer … until you try to get it working in real life, and the device you want to auto-configure supports only IP address assignment via DHCP, configuration download via TFTP, and a DHCP option that points to the configuration file.
As Hans Verkerk discovered when he tried to implement zero-touch provisioning with Ansible while attending the Building Network Automation Solutions course you have to:
Read more ...Stateless datacenter load-balancing with Beamer Olteanu et al., NSDI’18
We’ve spent the last couple of days looking at datacenter network infrastructure, but we didn’t touch on the topic of load balancing. For a single TCP connection, you want all of the packets to end up at the same destination. Logically, a load balancer (a.k.a. ‘mux’) needs to keep some state somewhere to remember the mapping.
Existing load balancer solutions can load balance TCP and UDP traffic at datacenter scale at different price points. However, they all keep per-flow state; after a load balancer decides which server should handle a connection, that decision is “remembered” locally and used to handle future packets of the same connection. Keeping per-flow state should ensure that ongoing connections do not break when servers and muxes come or go…
There are two issues with keeping this state though. Firstly , it can sometimes end up incomplete or out of date (especially under periods of rapid network change, such as during scale out and scale in). Secondly, there’s only a finite amount of resource to back that state, which opens the door to denial of service attacks such as SYN flood attacks.
Beamer is Continue reading