Unnumbered Links In OSPF
This post is going to be a real deep dive! First, I want to send my sincere thanks to the maestro Peter Palúch and the guru Ivan Pepelnjak for helping me research this topic. Ivan wrote a couple of great posts on unnumbered links:
- Packet Forwarding and Routing over Unnumbered Interfaces
- Running OSPF over Unnumbered Ethernet Interfaces
In VXLAN fabrics, it is quite common to build the underlay using unnumbered links. The concept is not new. In the past, unnumbered links were mainly used with point to point serial links using encapsulation such as Point-to-Point Protocol (PPP). There was a time before variable length subnet masks where addressing interfaces could be very wasteful. Using unnumbered links reduced the need for addressing. It was generally not allowed on multi access interfaces such as Ethernet, though. Even though we often use Ethernet as point to point links.
What benefits do unnumbered links provide in today’s networks? There are a few:
- Reduce the number of IP addresses needed to address links.
- Less unique configuration for each device.
- Fewer lines of configuration.
Let’s dive deeper into each of these:
Reduced need of IP addresses – While these may be private IP addresses, it still Continue reading
Announcing VMware NSX+ Advanced Load Balancer Cloud Controller
Continuing the operational simplicity journey with VMware NSX+ Advanced Load Balancer Cloud Services that now include Cloud Controller
Applications are the lifeline of today’s businesses. By 2025, 750 million different applications will exist. Load balancing a variety of applications is no easy task, and cloud admins will have their work cut out for them. To meet the needs of modern applications, load balancers need to be agile, and have the ability to scale with modern applications while maintaining operational simplicity. Therefore, legacy load balancing solutions may not be a good fit for modern applications. Software defined load balancing solutions such as the NSX Advanced Load Balancer (ALB) are purpose built for such emerging scenarios.
Today we are happy to announce yet another important milestone in the pursuit of making the NSX advanced load balancing solution simpler and more flexible. Starting today, NSX ALB will be natively available as a service on VMware Cloud on AWS. NSX+ ALB Cloud Controller is completely managed by VMWare, and aims to simplify Day 0, Day 1, and Day 2 operations. This capability is available today on VMware Cloud on AWS and will be made available on public clouds in subsequent releases.
Adding application awareness Continue reading
Announcing VMware NSX+: A Simpler Path to Consistent Multi-Cloud Networking
Deploying applications on multi-cloud infrastructure is challenging. VMware has long been committed to making multi-cloud networking and security simpler and more consistent through initiatives like Project Northstar which we announced at VMware Explore last year.
Today, we’re excited to continue our mission of simplifying the multi-cloud by introducing VMware NSX+, a new multi-cloud service offering for VMware NSX that makes it easier than ever to achieve a consistent and secure multi-cloud infrastructure for your applications.
Multi-cloud presents unique networking and security challenges
Securely deploying applications and infrastructure on-premises and across multiple clouds is complex
- Complex network design and operations: Each cloud can have its own set of tools and controls, slowing down network deployment and operations.
- Limited visibility: Network operators often cannot achieve the end-to-end visibility and monitoring across clouds.
- Secure Controls for Threat Detection: Lack of visibility into cross-cloud traffic increases the risk of lateral movement of undetected threats. Also, correlating threats across multiple clouds can be challenging because of the diversity of cloud environments.
- Skills and resource gap: Public cloud providers have their own unique networking constructs and architectures, making it challenging to bridge the skills gap, and hire and train a team equipped to manage the complexity of Continue reading
Self Service Consumption with Virtual Private Clouds Powered by NSX
How cloud consumption is making its way natively into NSX and NSX+
We are excited to introduce Virtual Private Cloud (VPC) for private clouds and VMware Clouds, with the release of NSX 4.1.1.
Thanks to NSX Network Virtualization, customers can operate their networking, security, and services from a single place through the UI or API. This functionality allows one-click deployment of multi-tier network topologies, backed by distributed networking and security. The software-defined networking solution enables large-scale, self-service IaaS initiatives.
In addition, the introduction of native multi-tenancy in NSX 4.1.0 allows multiple users to consume the platform in parallel without the risk of overlap or disruption. This makes it possible to provide users with direct access to NSX, but to segment each within isolated environments where they can configure their own NSX objects and apply rules only to their workloads.
Now we are taking it to the next level!
With the introduction of VPC in both NSX and NSX+, we are both extending the multi-tenancy framework and offering cloud consumption to users natively, both on-premises and in VMware Cloud. Customers can apply the VPC construct on the cloud/s of their choice with efficient and consistent operations. This Continue reading
Delivering a True Cloud Operating Model with Cloud Speed: NSX+ Innovates for Multi-Cloud
Companies in every geography and industry have had the fortune, in recent years, to choose from a variety of remarkable cloud platforms to run their applications—including on-prem private cloud, VMware clouds, and native public clouds. In fact, 83% of organizations surveyed by VMware have their application workloads distributed across multiple cloud environments1.
But every major technological advancement creates new challenges and opportunities. IT leaders have been telling me that they need a true cloud operating model across multi-cloud to address two key challenges:
- First, they’re stuck in partial automation purgatory. It takes their siloed teams many IT tickets to set up security, networking, and load-balancing services to deploy an application. This isn’t just operationally inefficient, it breeds friction between the infrastructure and application owners.
- Second, operating across multi-cloud environments is complicated. Teams lack consistent visibility, policy, and operations across cloud deployments. This causes change management nightmares, security blind spots, and unprecedented delays in troubleshooting issues.
It doesn’t have to be this way. Today, I’m proud to share that VMware is taking a significant step towards making a single cloud operating model for managing and securing networks a reality through our launch of NSX+. Our Continue reading
Engagement Farming
One of my readers asked for my opinion about the following masterpiece posted on (where else) LinkedIn1:
Engagement Farming
One of my readers asked for my opinion about the following masterpiece posted on (where else) LinkedIn1:
How to Clean Network Firewall Rules in Four Steps
By fine-tuning firewall rules, enterprises can ensure that their firewall remains effective in maintaining a secure posture and protecting their networks.Application Security Report: Q2 2023
Cloudflare has a unique vantage point on the Internet. From this position, we are able to see, explore, and identify trends that would otherwise go unnoticed. In this report we are doing just that and sharing our insights into Internet-wide application security trends.
This report is the third edition of our Application Security Report. The first one was published in March 2022, with the second published earlier this year in March, and this is the first to be published on a quarterly basis.
Since the last report, our network is bigger and faster: we are now processing an average of 46 million HTTP requests/second and 63 million at peak. We consistently handle approximately 25 million DNS queries per second. That's around 2.1 trillion DNS queries per day, and 65 trillion queries a month. This is the sum of authoritative and resolver requests served by our infrastructure. Summing up both HTTP and DNS requests, we get to see a lot of malicious traffic. Focusing on HTTP requests only, in Q2 2023 Cloudflare blocked an average of 112 billion cyber threats each day, and this is the data that powers this report.
But as usual, before we dive in, Continue reading
An August reading list about online security and 2023 attacks landscape
In 2023, cybersecurity continues to be in most cases a need-to-have for those who don’t want to take chances on getting caught in a cyberattack and its consequences. Attacks have gotten more sophisticated, while conflicts (online and offline, and at the same time) continue, including in Ukraine. Governments have heightened their cyber warnings and put together strategies, including around critical infrastructure (including health and education). All of this, at a time when there were never so many online risks, but also people online — over five billion in July 2023, 64.5% of the now eight billion that are the world’s total population.
Here we take a look at what we’ve been discussing in 2023, so far, in our Cloudflare blog related to attacks and online security in general, with several August reading list suggestions. From new trends, products, initiatives or partnerships, including AI service safety, to record-breaking blocked cyberattacks. On that note, our AI hub (ai.cloudflare.com) was just launched.
Throughout the year, Cloudflare has continued to onboard customers while they were being attacked, and we have provided protection to many others, including once.net, responsible for the 2023 Eurovision Song Contest online voting system Continue reading