CGN, IPv6 and fighting online crime…
Carrier Grade NAT (CGN) is commonly used by network operators as a way of ekeing out the limited supply of public IPv4 addresses. This is where private IPv4 addresses are allocated to end customers, who in turn also use private IPv4 address ranges on their own Local Area Networks, which means there can be multiple layers of Network Address Translation (NAT) before traffic reaches the publicly addressed Internet.
Whilst CGN offers something of a technical solution to the shortage of public IPv4 addresses, it presents a number of problems for investigating and solving online crime. A CGN environment means that many hundreds of users can be sharing a single public IPv4 address, so that when a crime is committed, tracing the perpetrator is very difficult. Furthermore, sometimes action needs to be taken against a public IPv4 address that’s the origin of particular problems, but this then penalises many hundreds or even thousands of innocent users who may also be sharing that IP address.
Europol, the European Union Agency for Law Enforcement Cooperation, has identified that CGN is an impediment to investigating online crime, and is therefore consulting the Internet community on how network operators can be encouraged to deploy IPv6.
DNSSEC Activities at ICANN 61 in San Juan on March 11-14, 2018
Sunday marks the beginning of the DNSSEC activities at the ICANN 61 meeting in San Juan, Puerto Rico. As per usual there will be a range of activities related to DNSSEC or DANE. Two of the sessions will be streamed live and will be recorded for later viewing. Here is what is happening.
All times below are Atlantic Standard Time (AST), which is UTC-4.
DNSSEC For Everybody: A Beginner’s Guide – Sunday, 11 March
On Sunday, March 11, we’ll have our “DNSSEC For Everybody: A Beginner’s Guide” session that will include our usual skit where a bunch of engineers act out how DNS and DNSSEC work! Yes, it’s a good bit of fun and people have told us it has helped tremendously.
- 17:00-18:15 – Room 102
- More info: https://61.schedule.icann.org/meetings/647720
- WATCH LIVE: https://participate.icann.org/sju61-102abc
Please come with your questions and prepare to learn all about DNSSEC!
DNSSEC Workshop – Wednesday, 14 March
Our big 6-hour workshop will take place on Wednesday, March 14, from 09:00 – 15:00 in Room 208-BC. Lunch will be included. Thank you to our lunch sponsors: Afilias, CIRA, and SIDN.
The very full agenda includes:
- DNSSEC Workshop Introduction, Program, Continue reading
Link Propagation 109
Welcome to Link Propagation, a Packet Pushers newsletter. Link Propagation is included in your free membership. Each week we scour the InterWebs to find the most relevant practitioner blog posts, tech news, and product announcements. We drink from the fire hose so you can sip from a coffee cup. A Note From Greg Why Link […]JFK Medical Center Refreshes Dell EMC Storage With NetApp
The community hospital said Dell EMC's environment was a bit complicated.
U.S. SEC Targets Unregulated Cryptocurrency Exchanges
The U.S. Securities and Exchange Commission could soon crack down on unregulated cryptocurrency trading platforms after the agency sent a strongly worded warning to them this week.
The SEC warned that unregulated online trading platforms may be misleading investors by calling themselves “exchanges,” which implies federal oversight. An SEC-related securities exchange, among other safeguards, has rules designed to prevent fraud and other manipulative practices, the SEC said in an advisory issued Wednesday.
The SEC advisory served as much as a warning to investors using cryptocurrency trading platforms as to the platforms themselves.
“The SEC staff has concerns that many online trading platforms appear to investors as SEC-registered and regulated marketplaces when they are not,” the advisory said. “Many platforms refer to themselves as ‘exchanges,’ which can give the misimpression to investors that they are regulated or meet the regulatory standards of a national securities exchange.”
The SEC does not review the trading protocols used by unregulated trading platforms, it said. “Although some of these platforms claim to use strict standards to pick only high-quality digital assets to trade, the SEC does not review these standards or the digital assets that the platforms select, and the so-called standards should Continue reading
Security and Speed Remain Tradeoffs for Containers in HPC Environments
The National Center for Atmospheric Research developed its own container platform.
Show 380: Network Engineer Roundtable: What’s On Your Mind?
Today's Weekly Show gathers a group of network engineers to talk about what's on their minds. Our roundtable covers automation, vendor relationships, not knowing things (and how to change that) & more. The post Show 380: Network Engineer Roundtable: What’s On Your Mind? appeared first on Packet Pushers.
Internet Intelligence, Now Available In The Oracle Cloud Infrastructure Console
The Oracle Cloud Infrastructure (OCI) team is proud of the data centers and network we are building for the next generation of cloud users and, in the spirit of transparency, we want to share with our users tools to better evaluate and measure the performance they will experience on our cloud. Today, we are pleased to announce two new network tools available in the Console to help you measure and analyze network performance.
OCI Market Performance is an interactive visualization tool that displays network performance metrics from OCI regions to cities around the globe. Performance is measured over time to a carefully curated set of endpoint IP addresses within the top providers in each market, providing the user with aggregated performance data for markets and providers over the last day, week, month or three months. This latency data from our Phoenix, Ashburn, and Frankfurt regions can help you predict and manage network performance. We will be adding metrics for more of our regions as they come online (including our twelve recently announced regional data centers).
OCI Market Performance can also assist in planning for growth, as you extend your footprint into new global markets. For FastConnect customers, this tool can help to predict performance between an OCI region and a specific Continue reading
SDxCentral’s Weekly Roundup — March 9, 2018
Telefónica and China Unicom enter IoT agreement; The Pentagon slashes deal with AWS partner; Dropbox leverages Equinix.
Network Refresh: Why You Need a Second Opinion
If you're upgrading your network, it's worthwhile asking others for input in order to avoid a poor or costly design that doesn't serve the needs of your business.
LIVE in 1 hour, CCNA/CCNP Q&A!
Don’t forget to watch Keith Bogart’s live CCNA/CCNP Q&A session TODAY at 1pm!
During this live Q&A Keith bogart will answer all of your questions about the Cisco CCNA and CCNP Routing and Switching exams. Check back at 1 pm (EST) to get all of your questions answered by an industry expert.
Ansible for Extreme Devices
Here’s something I’ve been working on recently: Ansible modules for Extreme SLX switches & routers. Ansible is a popular automation framework, and with good reason: it has a low barrier to entry. Time to usefulness is short. But you need device-specific modules to work with networking devices. Finally we have some modules for SLX. Read on for how to use them.
This blog is not an intro to Ansible in general. There’s plenty of good intros out there. This is specifically about demonstrating Ansible with SLX switches.
Background
Ansible is an agent-less configuration management system. It uses “playbooks”, written in YAML, to define desired configuration state. “modules” written in Python translate this into whatever is needed to configure the system, application, database or network device.
Ansible has been making great strides in adding network automation capabilities. But we haven’t had any modules for working with ~Brocade~ Extreme devices. That is now changing.
PaulQuack has contributed MLXe (Ironware) modules, which will go GA in Ansible 2.5 (due for release in March 2018). And I’ve been working on modules for the SLX, with my colleagues. These have not yet been merged upstream, but it’s Open Source, so you can grab Continue reading