Archive

Category Archives for "Networking"

Link Propagation 116

Welcome to Link Propagation, a Packet Pushers newsletter. Link Propagation is included in your free membership. Each week we scour the InterWebs to find the most relevant practitioner blog posts, tech news, and product announcements. We drink from the fire hose so you can sip from a coffee cup. Blogs WISP Design – Building Highly […]

A Review of RSA Conference

So, I recently went to my first RSA Conference. It’s something I’ve had on my radar for a while but never had the opportunity to do. However, with Security Field Day coming up later this year I thought it was high time I went to see what everything was about. Here are some ideas that I came up with during my pilgrimage to the big security conference.

  • It’s Huge. Like, really big. I’ve never seen a bigger conference before. I haven’t gone to Oracle OpenWorld or Dreamforce, but the size of the RSA show floor alone dwarfs anything I’ve seen. Three whole areas, including one dedicated to emerging vendors. That’s big. Almost too big in fact.
  • I Still Hate Moscone. It’s official. No conference should ever use this place again. It’s been 4 years since I railed against it and every word still applies. Doubly so this year, as RSA was being held during construction! Seriously. At this point, Moscone must be paying people to hold a convention there. RSA is too big. I don’t care if it’s cheap to ferry people up from Silicon Valley. Stop doing this to yourself and tarnishing your brand. Just go to Vegas if Continue reading

We’ve Launched Our New Bootcamps Site!

The INE Bootcamps site is finally here! We constantly strive to make our products and buying experience better, which is why we decided to give our bootcamps their very own website. As INE continues to grow, we plan on rolling out even more bootcamp dates, locations and types, all of which can now be found at bootcamps.ine.com.

What You’ll Find On Our Bootcamps Site:

  • Full description and details about CCIE Routing and Switching, Data Center, Collaboration, Service Provider and Security certifications and exams
  • Full description and details about CCNP and CCNA Routing & Switching certifications and exams
  • Full description and details about GCP Cloud Architect certification and exam
  • Detailed description of prerequisites for all tracks and vendors
  • Recommended path, outlining exactly what products you’ll need for each track and in what order to use them to ensure you pass your exams the first time
  • All of our bootcamp offerings for all tracks and vendors, including details about pricing, dates, and what to expect from each bootcamp
  • Detailed descriptions of each of our bootcamp locations


Ready to get started on your certification journey? Check out our Bootcamps Site for yourself.

Weekend Reads 042718: Mostly Security and Privacy

The Internet Corporation for Assigned Names and Numbers (ICANN) launched the Uniform Rapid Suspension System (URS) (2013) in anticipation of the marketing of new gTLDs that became available from November 2013. It is one of four new rights protection mechanisms (RPMs) designed to combat cybersquatting. —Gerald M. Levine @CircleID

Digital attackers are targeting organizations in the energy sector like never before. For example, just a few weeks ago, the FBI and Department of Homeland Security issued a joint report describing a massive Russian hacking campaign to infiltrate America’s critical infrastructure. In a first, the US government publicly blamed Russia’s government for attacks on energy infrastructure. —Ray Lepina @tripwire

About a decade ago, Kaminsky proved that vulnerabilities of the DNS can be exploited. If the DNS is corrupt (for instance by ‘cache poisoning’), the end user can be directed to a malicious website. This can be risky when sensitive (personal) information is exchanged, or a financial transaction is done. Mail security is also tied to (the security of) the DNS. A network attacker can spoof the DNS records of a mail server, to redirect mail connections to a malicious server. —Rene Bakker @APNIC

When we must depend on a system, not Continue reading

Celebrating ECMP in Linux — part two

In part one of our series on ECMP, we discussed the basics of ECMP, the recent changes that have been made and Cumulus’ part in moving the ball forward for Linux networking. Now, it’s time to get a little more technical and review how advancements in ECMP development for IPv4 and IPv6 have made ECMP what it is today — and what it can be in the near future.

Setting the stage: defining our terminologies

Hashing algorithms

Hashing algorithms are the biggest component of ECMP behavior, so it makes sense for us to talk for a moment about what we specifically mean when we refer to each one.

1.) Per-packet hash
This hash was the original hashing algorithm used in the kernel’s ECMP behavior. It is trivially simple to understand as it basically uses a pseudo random number in the kernel at the time packet is being processed (jiffies) to determine which link in an ECMP bundle the traffic will use for egress. With this algorithm in place, each packet for a single flow could use a different link to get to the destination. This leads to all kinds of bad behaviors in TCP and higher level applications/protocols Continue reading

Show 387: AWS Networking – A View From The Inside

In this episode of Packet Pushers, it’s AWS networking. You use AWS and think you know what you need to know? Maybe, but our guest today can probably share a thing or two you didn t even know were things when it comes to networking in the Amazon public cloud.

Our guest is Nick Matthews, Principal Solutions Architect at Amazon Web Services. Nick focuses on networking and security.

Nick pinged us, hoping to share  his perspective on cloud networking from the inside. Come and have a look.

We talk about how networking basics do–and don’t–map to the cloud, and how the architecture of cloud applications influence network design and operations.

We also explore AWS networking elements under the hood, such as Hyperplane, and how trends such as SD-WAN and SDN influence Amazon networking.

Show Links:

AWS re:Invent 2015 | (NET403) Another Day, Another Billion Packets – Amazon (via YouTube): Eric Brandwine talks about how Amazon’s overlay network works in detail.

AWS re:Invent 2017: Another Day, Another Billion Flows (NET405) – Amazon (via YouTube): Colm MacCarthaigh talks about how AWS Hyperplane works.

Introducing the AWS Networking Competency – AWS

AWS Networking Competency Technology Partner Validation Checklist – AWS (PDF)

Firewall Deployment Continue reading

Why intent-based networking is important to the Internet of Things

Last week, Cisco made a number of product announcements that deliver the benefits of its intent-based networking (IBN) solution to Internet of Things (IoT) deployments.  Network World's Michael Cooney did a great job summarizing all the product announcements, so I won’t rehash that information, but I did want to discuss the importance of IBN to IoT.The importance of IBN to IoT IBN is something that has been theorized for almost a decade, but solutions only became available recently. The reason why there has been a lag between vision and product is that network engineers didn’t really need IBN to run their networks until recently. Environments were closed, applications were on premises, and everything was under the tight control of the IT organization.To read this article in full, please click here

Why intent-based networking is important to the Internet of Things

Last week, Cisco made a number of product announcements that deliver the benefits of its intent-based networking (IBN) solution to Internet of Things (IoT) deployments.  Network World's Michael Cooney did a great job summarizing all the product announcements, so I won’t rehash that information, but I did want to discuss the importance of IBN to IoT.The importance of IBN to IoT IBN is something that has been theorized for almost a decade, but solutions only became available recently. The reason why there has been a lag between vision and product is that network engineers didn’t really need IBN to run their networks until recently. Environments were closed, applications were on premises, and everything was under the tight control of the IT organization.To read this article in full, please click here

What Happened? The Amazon Route 53 BGP Hijack to Take Over Ethereum Cryptocurrency Wallets

Yesterday, we published a blog post sharing the news and some initial details about Amazon’s DNS route hijack event to steal Ethereum cryptocurrency from myetherwallet.com. In this post, we’ll explore more details about the incident from the BGP hijack’s perspective.

As noted by Dyn, CloudFlare, and various other entities who monitor Internet routing and health, Amazon’s Route 53 (the DNS service offered by AWS) prefixes were hijacked. A BGP update taken from Isolario suggests that on 24 April, its BGP feeders were correctly receiving 205.251.192.0/23, 205.251.194.0/23, 205.251.196.0/23, 205.251.198.0/23, originated from Amazon (AS16509), until 11:04:00 (UTC). But, at 11:05:41 (UTC), Isolario recorded the first more specific /24 malicious announcements via BGP feeder and the announcements originated from eNET (AS10297) to its peer 1&1 Internet SE (AS8560). Click to enlarge image.

RIPE Stats collected the first more specific malicious advertisement at 11:05:42 (UTC) originating from eNET (AS10297), but this time through peer Hurricane Electric (AS6939).

Exactly at the same time, 11:05:42 (UTC), the Isolario BGP feeder received another update originating from eNET (AS10297) and it was also coming via Hurricane Electric (AS6939). Click to enlarge image.

Hurricane Electric has a worldwide Continue reading

CiscoLive 2018: ‘Summer Camp for Geeks’

Are you ready for CiscoLive US 2018?  Ready for Summer Camp for Geeks?!    I think it is hard to truly be completely ready for the experience nowadays.  Why?  Because CiscoLive US is just huge with so many options of things to experience as an attendee…. more options than you have time for.  If you have been to CiscoLive US before… you KNOW this is true. And every year more and more …. and more and more … get added.  For 2018 my favorite CiscoLive add is the new ‘Content Cafe’ session type (30 minutes).  Other favorites of mine are the ‘Flip Sessions’ and the “Beers with Engineers”.  ?

Deciding where to spend your time and energy during #CLUS can be overwhelming and daunting.

What is my absolute #1 suggestion to anyone going to a CiscoLive event?  Easy – “Begin with the End in Mind“.  Know what your priorities are and then schedule your week accordingly.

shutterstock_260169440

STEP #1: Create Your Cisco Live 2018 Priority List

Take your goals and translate them into a priority list.

STEP #2: Learn from the Past

If you have been to CiscoLive before… Continue reading

1 1,391 1,392 1,393 1,394 1,395 3,455