Network Break 441: AWS Makes You Pay For IPv4; Superconductor Claims Meet Resistance; An Ultra Ethernet Q&A
Take a Network Break! This week we discuss new charges for IPv4 addresses being levied by AWS, Cisco's acquisition of a BGP monitoring service, and financial results for a host of tech companies. We also speak with J Metz, the Steering Committee Chair of the Ultra Ethernet Consortium to learn more about the organization's goals; and examine the efforts to investigate claims of a breakthrough in superconducting research.Network Automation: Where Does it Work?
Network automation tools abound. But getting them to work together is hard work.Pixelfed – Part 1 – Installing
About this series
I have seen companies achieve great successes in the space of consumer internet and entertainment industry. I’ve been feeling less enthusiastic about the stronghold that these corporations have over my digital presence. I am the first to admit that using “free” services is convenient, but these companies are sometimes taking away my autonomy and exerting control over society. To each their own of course, but for me it’s time to take back a little bit of responsibility for my online social presence, away from centrally hosted services and to privately operated ones.
After having written a fair bit about my Mastodon [install] and [monitoring], I’ve been using it every day. This morning, my buddy Ramón asked if he could make a second account on ublog.tech for his Campervan Adventures, and notably to post pics of where he and his family went.
But if pics is your jam, why not … [Pixelfed]!
Introduction
Similar to how blogging is the act of publishing updates to a website, microblogging is the act of publishing small updates to a stream of updates on your profile. Very similar to the relationship between Facebook and Continue reading
OSPF Convergence In a Hub and Spoke Topology
My dear friend Micheline Murphy posted an excellent question on OSPF in a Hub and Spoke topology at the Cisco Learning Network. The scenario is a Hub and Spoke topology with two Hub routers that are ABRs belonging to area 100 and area 200. SP-101 and SP-102 belong to area 100. SP-201 and SP-202 belong to area 200. The topology is shown below:
The OSPF areas are shown below:
Some facts about the setup and intent of this post:
- All routers are Catalyst8000v running IOS-XE 17.6.3.
- Hub routers are connected to area 0 where the prefix 198.51.100.0/24 is being advertised.
- Each spoke advertises a /28 from 192.0.2.0/24.
- All interfaces are point to point as the purpose is not to simulate a NBMA topology.
- The intent is to verify what happens in a failure scenario but lab first shows the stable topology.
The expectation is that in a stable topology each Spoke will have two ECMP routes, one via each Hub, to the other spokes. The router SP-202 will be used to demonstrate. First let’s verify that everything is working as expected. SP-202 is a router in area 200:
SP-202#show ip ospf 1 Continue reading
Unmasking the top exploited vulnerabilities of 2022
The Cybersecurity and Infrastructure Security Agency (CISA) just released a report highlighting the most commonly exploited vulnerabilities of 2022. With our role as a reverse proxy to a large portion of the Internet, Cloudflare is in a unique position to observe how the Common Vulnerabilities and Exposures (CVEs) mentioned by CISA are being exploited on the Internet.
We wanted to share a bit of what we’ve learned.
Based on our analysis, two CVEs mentioned in the CISA report are responsible for the vast majority of attack traffic seen in the wild: Log4J and Atlassian Confluence Code Injection. Although CISA/CSA discuss a larger number of vulnerabilities in the same report, our data clearly suggests a major difference in exploit volume between the top two and the rest of the list.
The top CVEs for 2022
Looking at the volume of requests detected by WAF Managed Rules that were created for the specific CVEs listed in the CISA report, we rank the vulnerabilities in order of prevalence:
Hedge 189: Data Center Careers with Carrie Goetz
When network engineers think of a data center, we think of fabrics and routers and switches. There is a lot more to a data center, though—there is power, building construction, environmentals, and a lot of others. What possible jobs are out there in the data center space for people who want to work in IT, but don’t either want to code or build networks? Carrie Goetz, author of Jumpstart Your Career in Data Centers joins Tom Ammon and Russ White to tell us about a few, and about the importance of other careers in the data center.
In case you didn’t see it I’m uploading the rough “machine generated” transcript of each episode about a week after the episode airs. It takes a little time for the transcription to be created, and then for me to log back in and upload the file.
Heavy Networking 693: Securing Workforce Transformation With Cloud SWG (Sponsored)
On today's sponsored Heavy Networking we dig into cloud-delivered Secure Web Gateways (SWGs), which help guard end users against Web-based threats and enforce corporate Web access policies. As employees split time between home, office, and who knows where else, and as more applications move online, cloud-based SWGs help connect and protect workers. Our sponsor is Palo Alto Networks.
The post Heavy Networking 693: Securing Workforce Transformation With Cloud SWG (Sponsored) appeared first on Packet Pushers.