Unique RD per PE per VRF in MPLS
Unique RD per PE per VRF is a deployment option in MPLS Layer 3 VPN. In this post I will explain the different RD (Route Distinguisher) assignment options and at the end of the post, you will understand why you should assign unique RD per PE per VRF. Why RD (Route Distinguisher) is […]
The post Unique RD per PE per VRF in MPLS appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.
Interesting Idea: Architecture Review Working Group
John Allspaw wrote an interesting blog post describing how he dealt with requests to introduce new technologies or design patterns. While he’s writing from the software development perspective, the ideas apply equally well to network architecture, so go and read what he has to say (and how he defines what engineering method is).
The Complexity Of Choice
Russ White had an interesting post this week about the illusion of choices and how herd mentality is driving everything from cell phones to network engineering and design. I understand where Russ is coming from with his points, but I also think that Russ has some underlying assumptions in his article that ignore some of the complexity that we don’t always get to see in the world. Especially when it comes to the herd.
Collapse Into Now
Russ talks about needing to get a new mobile phone. He talks about how there are only really two choices left in the marketplace and how he really doesn’t want either of them. While I applaud Russ and his decision to stand up for his principals, there are more than two choices. He could easily purchase a used Windows mobile phone from eBay. He could choose to run a Palm Tree 650 or a Motorola RAZR from 2005. He could even choose not to carry a phone.
You’re probably saying, “That’s not a fair comparison. He needs feature X on his phone, so he can’t use phone Y.”
And you would be right! So right, in fact, that you’ve already missed one Continue reading
DPRIVE experimental service debuts @ IETF 99
The IETF is not only a place to discuss the development of Internet protocols, but also offers a place for developers and operators to ‘eat their own dog food’ on the meeting network. And given that the IETF DPRIVE Working Group has published some RFC specifications over the past year, the most recent IETF 99 in Prague provided a timely opportunity to run an experimental DNS-over-TLS service.
DNS queries and responses are currently transmitted over the Internet entirely in the clear, and whilst DNSSEC is able to authenticate a response from a DNS server, it does not actually encrypt the transmitted information. The aim of DPRIVE is therefore to add mechanisms to provide confidentiality to DNS transactions and address concerns about pervasive monitoring using TLS or DTLS to encrypt queries and responses between DNS clients and servers.
Some information about how the experimental DNS-over-TLS service was set-up on the IETF network can be found on the IETF99 Experiments page, but the DNS Privacy Project offers a list of experimental servers supporting both IPv4 and IPv6 if you want to try this out yourself. You also can check out their up status.
The post DPRIVE experimental service debuts @ IETF 99 appeared first on Internet Society.
Improving WiFi Client Connectivity Management
Wi-Fi Alliance addresses client steering challenges in WLANs.
Last 5 days for the August 2017 CCDE Practical/Lab exam
Last 5 days anymore for the August 2017, CCDE Practical/Lab exam. As you might know, you can attend only 4 times per year for the CCDE Practical exam. And not in every country ! There are many places around the world, called Professional Person Vue (PPC) exam centers, and as I said, a lot […]
The post Last 5 days for the August 2017 CCDE Practical/Lab exam appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.
IPv6, Large UDP Packets and the DNS
It would be useful to understand the larger picture of IPv6 Extension Header drop rate. What would be interesting to measure is the packet drop rate when sending fragmented packets to IPv6 end hosts.An Opinion in Defence of NATs
Network Address Translation has often been described as an unfortunate aberration in the evolution of the Internet, and one that will be expunged with the completion of the transition of IPv6. I think that this view, which appears to form part of today’s conventional wisdom about the Internet unnecessarily vilifies NATs. In my opinion, NATs are far from being an aberration, and instead I see them as an informative step in the evolution of the Internet, particularly as they relate to possibilities in the evolution of name-based networking. Here’s why.IBM SD-Storage Targets Data Protection for Virtual Machines
IBM invested $1 billion in its SD-storage portfolio.
AfPIF 2017 Kicks Off In Abidjan
The annual Africa Peering and Interconnection Forum (AfPIF) kicked off at the Azalai Hotel in Abidjan, Ivory Coast. The first day is known as “Peering Coordinators Day” where peering managers from various networks, operators, and policy makers meet and deliberate on the various ways to exchange content locally, lower the cost of connectivity, and increase the number of internet users in the region. In the course of the three days, participants get a chance to discuss, exchange ideas, and agree to exchange content, known as peering. Most peering agreements are through the handshake and AfPIF encourages participants to take advantage of the various social events and share contacts. There is a session at the beginning and end of every day, where participant share their AS numbers, peering policy, and contacts, allowing those willing to interconnect to reach out. The first session explored the general data and interconnection landscape; Telegeography presented the latest statistics, which is derived from its annual survey. Statistics show that the growth of submarine cables has led to growth in Internet bandwidth and local content. Five years ago, International transit was growing at 40 per cent, but this year, the growth is at 30 per cent, owing Continue reading
Going Global – a Localization Case Study at Cloudflare
Today Cloudflare serves nearly 10% of all global internet requests and more than 80% of our customers are based outside of the United States. Cloudflare is rapidly growing and there is nothing more important to us than being able to better serve our users across the world beyond our global offices in San Francisco, Austin, Champaign, Washington D.C., New York, London, and Singapore.
Earlier this year, we launched a team to focus on global expansion and growth. In June, we presented our agile global market expansion experiment framework at LocWorld Barcelona and wanted to report back on how things were going.
Getting started
"If you talk to a man in a language he understands, that goes to his head. If you talk to him in his language, that goes to his heart" – Nelson Mandela
At Cloudflare, we are motivated by our users from all around the world. Of our top 15 countries by traffic volume, 10 have official languages other than English. As a large part of our users do not speak our primary language of business, our priority is to reach and engage with these users in their native languages through localization.
As a growing company, Continue reading
IGF-USA: Promoting a More Inclusive Internet
The IGF-USA took place in Washington D.C on July 24, 2017. During the event, the panel "Promoting a More Inclusive Internet" looked at current barriers to an inclusive Internet and explored how access could be expanded to underserved areas and to underrepresented communities. Moderated by Dr. Brandie Nonnecke, Research & Development Manager for CITRIS and the Banatao Institute at the University of California-Berkeley and Chair of the San Francisco-Bay Area Internet Society Chapter Working Group on Internet Governance, the panel brought together several experts on access provision, each with many years experience of connecting the unconnected in the USA and overseas.
Decentralized Approach
Susannah Gray
Worth Reading: Testing in Production
The post Worth Reading: Testing in Production appeared first on rule 11 reader.
Ukraine Leaks Russian Social Media Ban
Another development in the long-running conflict between Ukraine and Russia occurred in May of this year when Ukrainian President Petro Poroshenko enacted a ban on Russia’s four most prominent internet companies in the name of national security. The ban included the two most widely used social media websites, VKontakte (often referred to as the “Russian Facebook“) and Odnoklassniki (“Classmates” in Russian), as well as email service provider Mail.ru and Russian search engine Yandex.
These websites have such a significant Ukrainian user base that Mail.ru says it expects to lose $13 million this year as a result of the ban and Yandex is appealing the ban through Ukraine’s Supreme Administrative Court.
And now it appears that this ban has spilled out into the global routing table. On 27 July 2017, Ukrainian ISP UARNet (AS3255) began announcing several new BGP routes that were hijacks of the IP address space of these Russian internet companies. On this day, AS3255 briefly announced more-specific hijacks of each of these four Russian internet companies including 94.100.180.0/24 (Mail.ru), 87.250.250.0/23 (Yandex), 87.240.165.0/24 (Vkontakte) and 217.20.159.0/24 (Odnoklassniki). While Continue reading
NeuVector Takes Stab at Securing VMware Container Environment
Company's security focus is on container runtime environments.
Forward Networks Taps Freemium Model, Raises $16M in Series B
Forward Essentials is available in beta now and will be generally available in the fourth quarter.
SnapRoute Integrates its FlexSwitch with Canonical’s Ubuntu
The joint software stack powers white-box switches.
History of Networking: BGP Optimizations with Daniel Walton
On this edition of the History of Networking, we chatted with Daniel Walton at Cumulus about his work in optimizing BGP for scale in the early and mid-1990’s. This video was recorded, and is hosted, by the Network Collective—many thanks for the work they are doing!
The post History of Networking: BGP Optimizations with Daniel Walton appeared first on rule 11 reader.