Istanbul (not Constantinople): Cloudflare’s 124th Data Center
Cloudflare is excited to turn up our newest data center in Istanbul, Turkey. This is our 124th data center globally (and 62nd country), and it is throwing a curveball in our data center by continent tracking. Istanbul is one of the only cities in the world to span two continents: Europe and Asia. Technically, we’ll specify this is our 34th data center in Europe. In the coming weeks, we’ll continue to attract more traffic to this deployment as more networks interconnect with us locally.
March 2018 is a big month for us, as we’ll be announcing (on average) nearly one new Cloudflare data center per day. Stay tuned as we continue to meaningfully expand our geographic coverage and capacity.
Turkish Internet
The Hagia Sophia - Photo by Blaque X / Unsplash
Istanbul itself is home to more than 16 million people, and Turkey is home to over 80 million people. For reference, Turkey’s population is comparable to Germany’s, where Cloudflare turned up its 11th, 31st, 44th, 72nd and 110th data centers in Frankfurt, Düsseldorf, Berlin, Hamburg and Munich. Internet usage in Turkey is approaching 70%, while the rate of Turkish households with access to Internet now exceeds Continue reading
Routing Security is a Serious Problem – and MANRS Can Help. A Report from APRICOT 2018.
Last week, at APRICOT 2018 in Kathmandu, Nepal, there were a lot of talks and discussions focused on routing security and the Mutually Agreed Norms for Routing Security (MANRS).
First, there was a Routing Security BoF, attended by about 150 people, where we talked about what it takes to implement routing security practices, how CDNs and other players can help, and why it is so difficult to make progress in this area. The BoF included an interactive poll at the end, and it showed some interesting results:
- Participants almost unanimously see lack of routing security as a serious problem.
- Slow progress in this area is largely seen as due to a lack of incentives
- Participants see community initiatives (like MANRS) as the main driving forces for improvement, followed by CDNs and cloud providers. They doubt that governments or end-customers can effectively drive change.
My colleague Aftab Siddiqui is writing a separate blog post just about that BoF, so watch the blog in the next day or two.
Later, in the security track of the main APRICOT programme, Andrei Robachevsky, ISOC’s Technology Programme Manager, presented statistics on routing incidents and suggested a way forward based on the MANRS approach. In his Continue reading
Cisco Live 2018 – Fun for grownups!
Cisco Live 2018 is just around the corner in in June from the 10th – 14th in Orlando, FL. Hard …
The post Cisco Live 2018 – Fun for grownups! appeared first on Fryguy's Blog.
We just added another module to our Ethical Hacker v9 Technology Course series
Last week we added Certified Ethical Hacker Module 7: Sniffing to our video Library. This is the 7th video to be released as part of an 18 video CEH course series. All Access Pass members can watch Module 7 by logging into their All Access Pass account. For those who are not members, you can buy the series here.
Why You Should Watch:
Attaining sniffing capabilities is a great achievement for hackers, because even when it’s difficult to get there, the rewards might be worth the risk.
About The Course:
This is the 7th of 18 video courses in our CEH v9 Technology Course series and will prepare viewers for the sniffing portion of the Certified Ethical Hacker v9 Exam. This Module is 3 hours in length and is taught by Josué Vargas.
What You’ll Learn:
During this module you will learn about gathering valuable data through sniffing techniques. You will learn LAN based and Internet based sniffing attacks and even use an experimental setting in Wireshark as a remote sniffing tool.
About The Instructor:
Josué Vargas is a networks and security engineer and also owns his own company in Costa Rica, Netquarks Technologies S.R.L. He started Continue reading
Infrastructure 2.0: Whatever We’re Calling it Now, It’s Here
The modern infrastructure needs to embrace DevOps principles and apply its methodologies to the network.
A ZTE Telco Customer Wants ZTE VNFs with Red Hat OpenStack
ZTE has its own customized NFVi layer built on OpenStack.
SDxCentral’s Top 10 Articles — February 2018
Cisco-Viptela breathes life into Orange's SD-WAN; the SD-WAN hype cycle starts its decline; AT&T SD-WAN hits 150 countries.
Related Stories
Responding to Readers: Questions on Microloops
Two different readers, in two different forums, asked me some excellent questions about some older posts on mircoloops. Unfortunately I didn’t take down the names or forums when I noted the questions, but you know who you are! For this discussion, use the network show below.
In this network, assume all link costs are one, and the destination is the 100::/64 Ipv6 address connected to A at the top. To review, a microloop will form in this network when the A->B link fails:
- B will learn about the link failure
- B will send an updated router LSP or LSA towards D, with the A->B link removed
- At about the same time, B will recalculate its best path to 100::/64, so its routing and forwarding tables now point towards D as the best path
- D, in the meantime, receives the updated information, runs SPF, and installs the new routing information into its forwarding table, with the new path pointing towards E
Between the third and fourth steps, B will be using D as its best path, while D is using B as its best path. Hence the microloop. The first question about microloops was—
Would BFD help prevent the microloop (or Continue reading
Cisco’s Tetration Extends Security Analytics, Policy to Multi-Cloud Apps
The updates also support containerized workloads.
Treasury Department Throws Fuel on Qualcomm and Broadcom Fire
The U.S. government postponed Qualcomm's annual meeting and board elections to investigate.
NETSCOUT Arbor Confirms 1.7 Tbps DDoS Attack; The Terabit Attack Era Is Upon Us
Last week, after Akamai confirmed a 1.3Tbps DDoS attack against Github. I published a blog that looked at the last five years of reflection/amplification attack innovation. I hope that it provides a helpful backgrounder on how we got here, to the terabit attack era, because […]NETSCOUT Arbor Confirms 1.7 Tbps DDoS Attack; The Terabit Attack Era Is Upon Us
Last week, after Akamai confirmed a 1.3Tbps DDoS attack against Github. I published a blog that looked at the last five years of reflection/amplification attack innovation. I hope that it provides a helpful backgrounder on how we got here, to the terabit attack era, because […]How Many Bandwidths Does An SD-WAN Need? – Video
Comparing the complexity of a private and public WANNetwork Break 174: Cisco Securifies Tetration; GitHub Beats Back DDoS
Cisco positions Tetration for workload protection, GitHub weathers a massive DDoS storm, Canada cans IBM and more tech news on this week's Network Break. The post Network Break 174: Cisco Securifies Tetration; GitHub Beats Back DDoS appeared first on Packet Pushers.
Squeezing the firehose: getting the most from Kafka compression
We at Cloudflare are long time Kafka users, first mentions of it date back to beginning of 2014 when the most recent version was 0.8.0. We use Kafka as a log to power analytics (both HTTP and DNS), DDOS mitigation, logging and metrics.
Firehose CC BY 2.0 image by RSLab
While the idea of unifying abstraction of the log remained the same since then (read this classic blog post from Jay Kreps if you haven't), Kafka evolved in other areas since then. One of these improved areas was compression support. Back in the old days we've tried enabling it a few times and ultimately gave up on the idea because of unresolved issues in the protocol.
Kafka compression overview
Just last year Kafka 0.11.0 came out with the new improved protocol and log format.
The naive approach to compression would be to compress messages in the log individually:
Edit: originally we said this is how Kafka worked before 0.11.0, but that appears to be false.
Compression algorithms work best if they have more data, so in the new log format messages (now called records) are packed back to back and compressed in Continue reading
The Week in Internet News: Working Toward a Better Internet
Fixing the Internet: Is the Internet broken? Politico’s EU site looks at the work of the Internet & Jurisdiction Policy Network, which met in Ottawa, Canada, last week to discuss how to fix problems like poor cybersecurity, inaccurate information spread on social media, and other bad behavior. The Internet Society covered the first day of the Ottawa event.
The hills are alive with the sound of broadband: Motherboard has a story about the Los Angeles Community Broadband Project, which plans to deliver wireless broadband to parts of the city using inexpensive equipment and dish-shaped antennas on hilltops and rooftops.
AI joins the force: The Verge has a long story about a secretive AI-assisted policing effort that started in 2012 as a partnership between the New Orleans Police and Palantir Technologies, a data-mining company founded with seed money from the CIA’s venture capital firm. The program apparently used AI technologies for predictive policing, a controversial practice used to trace suspects’ ties to other gang members, analyze social media, and predict the likelihood targeted people would commit violence or become a victim. Science Magazine also has a story examining predictive policing.
Women wary of Blockchain bros: The New York Continue reading
Interop ITX 2018: Meet the Infrastructure Experts
Here are some of the top-notch experts who will talk about networking, containers, cloud, open source, and more in Las Vegas.