0

Worth Reading: 5G and Internet Technology

5G is the latest generation of cellular network standards. There’s a tremendous amount of activity around it in the industry. But how does 5G relate to Internet technology? Are there 5G-related work items that the IETF should be working on, for instance? —APNIC

The post Worth Reading: 5G and Internet Technology appeared first on rule 11 reader.

0

Show 347: Ethan & Greg Ask Me Anything Episode 3

Greg and Ethan continue the Ask Me Anything series with a new episode that includes career advice and technology conversations about SD-WAN vs. MPLS and the pros and cons of Open Network Linux. The post Show 347: Ethan & Greg Ask Me Anything Episode 3 appeared first on Packet Pushers.

0

Real-time DDoS mitigation using sFlow and BGP FlowSpec

Remotely Triggered Black Hole (RTBH) Routing describes how native BGP support in the sFlow-RT real-time sFlow analytics engine can be used to blackhole traffic in order to mitigate a distributed denial of service (DDoS) attack. Black hole routing is effective, but there is significant potential for collateral damage since ALL traffic to the IP address targeted by the attack is dropped.

The BGP FlowSpec extension (RFC 5575: Dissemination of Flow Specification Rules) provides a method of transmitting traffic filters that selectively block the attack traffic while allowing normal traffic to pass. BGP FlowSpec support has recently been added to sFlow-RT and this article demonstrates the new capability.

This demonstration uses the test network described in Remotely Triggered Black Hole (RTBH) Routing. The network was constructed using free components: VirtualBox, Cumulus VX, and Ubuntu Linux. BGP FlowSpec on white box switch describes how to implement basic FlowSpec support on Cumulus Linux.

The following flowspec.js sFlow-RT script detects and blocks UDP-Based Amplification attacks:

var router = '10.0.0.141';
var id = '10.0.0.70';
var as = 65141;
var thresh = 1000;
var block_minutes = 1;

setFlow('udp_target',{keys:'ipdestination,udpsourceport',value:'frames'});

setThreshold('attack',{metric:'udp_target', value:thresh, byFlow:true});

bgpAddNeighbor(router,as,id,{flowspec:true});

var  Continue reading

0

48% off Anker 15W Dual USB Solar Charger – Deal Alert

This solar charger from Anker delivers the fastest possible charge up to 2.1 amps under direct sunlight. 15 watt SunPower solar array is provides enough power to charge two devices simultaneously. Industrial-strength PET polymer faced solar panels are sewn into a rugged polyester canvas for weather-resistant outdoor durability. Clip it to your backpack, or attach to your tent or a tree. The charger currently averages 4.3 out of 5 stars from over 340 people on Amazon (read reviews), where its typical list price of $79.99 has been reduced 48% to $41.99. See this deal on Amazon.To read this article in full or to leave a comment, please click here

0

NEC claims new vector processor speeds data processing 50-fold

It seems more vendors are looking beyond the x86 architecture for the big leaps in performance needed to power things like artificial intelligence (AI) and machine learning. Google and IBM have their processor projects, Nvidia and AMD are positioning their GPUs as an alternative, and now Japan’s NEC has announced a vector processor accelerates that data processing by more than a factor of 50 compared to the Apache Spark cluster-computing framework. + Also on Network World: NVM Express spec updated for data-intensive operations + The company said its vector processor, called the Aurora Vector Engine, leverages “sparse matrix” data structures to accelerate processor performance in executing machine learning tasks. Vector-based computers are basically supercomputers built specifically to handle large scientific and engineering calculations. Cray used to build them in previous decades before shifting to x86 processors. To read this article in full or to leave a comment, please click here

0

NEC claims new vector processor speeds data processing 50-fold

It seems more vendors are looking beyond the x86 architecture for the big leaps in performance needed to power things like artificial intelligence (AI) and machine learning. Google and IBM have their processor projects, Nvidia and AMD are positioning their GPUs as an alternative, and now Japan’s NEC has announced a vector processor accelerates that data processing by more than a factor of 50 compared to the Apache Spark cluster-computing framework. + Also on Network World: NVM Express spec updated for data-intensive operations + The company said its vector processor, called the Aurora Vector Engine, leverages “sparse matrix” data structures to accelerate processor performance in executing machine learning tasks. Vector-based computers are basically supercomputers built specifically to handle large scientific and engineering calculations. Cray used to build them in previous decades before shifting to x86 processors. To read this article in full or to leave a comment, please click here

0

High-reliability OCSP stapling and why it matters

At Cloudflare our focus is making the internet faster and more secure. Today we are announcing a new enhancement to our HTTPS service: High-Reliability OCSP stapling. This feature is a step towards enabling an important security feature on the web: certificate revocation checking. Reliable OCSP stapling also improves connection times by up to 30% in some cases. In this post, we’ll explore the importance of certificate revocation checking in HTTPS, the challenges involved in making it reliable, and how we built a robust OCSP stapling service.

Why revocation is hard

Digital certificates are the cornerstone of trust on the web. A digital certificate is like an identification card for a website. It contains identity information including the website’s hostname along with a cryptographic public key. In public key cryptography, each public key has an associated private key. This private key is kept secret by the site owner. For a browser to trust an HTTPS site, the site’s server must provide a certificate that is valid for the site’s hostname and a proof of control of the certificate’s private key. If someone gets access to a certificate’s private key, they can impersonate the site. Private key compromise is a serious risk Continue reading

0

Encryption is Crucial to a Trusted Internet

0

Progress update – 10/07-2017

Hello folks,

Im currently going through the INE DC videos and learning a lot about fabrics and how they work along with a fair bit of UCS information on top of that!

Im spending an average of 2.5 hours on weekdays for study and a bit more in the weekends when time permits.

I still have no firm commitment to the CCIE DC track, but at some point I need to commit to it and really get behind it. One of these days

I mentioned it to the wife-to-be a couple of days ago and while she didn’t applaud the idea, at least she wasn’t firmly against it, which is always something I guess! Its very important for me to have my family behind me in these endeavours!

Im still a bit concerned about the lack of rack rentals for DCv2 from INE, which is something I need to have in place before I order a bootcamp or more training materials from them. As people know by now, I really do my best learning in front of the “system”, trying out what works and what doesn’t.

Now to spin up a few N9K’s in the lab and play around Continue reading

0

Network Automation Resources for Beginners

0

How Networks Are Changing

0

Q&A: Building Network Automation Solutions Online Course

I got tons of questions about the upcoming Building Network Automation Solutions online course. It always starts with the same one:

Is access to the self-study material granted upon enrollment?

Absolutely. You also get access to everything we did in January, and the new self-paced Ansible for Networking Engineers online course.

Read more ...

0

Cisco Datacenter: Default Cisco OTV Configurations

0

Everything Has a Cost

Everything comes at a cost: steak dinners & pre-sales engineering has to get paid for somehow. That should be obvious to most. Feature requests also come at a cost, both upfront, and ongoing. Those ongoing costs are not always understood.

It’s easy to look at vendor gross margins, and assume that there is plenty of fat. But remember that Gross margin is just Revenue minus cost of goods sold. It’s not profit. It doesn’t include sales & marketing costs, or R&D costs. Those costs affect net income, which is ‘real’ income. Companies need to recoup those costs somehow if they want to make money. Gross margin alone doesn’t pay the bills.

Four-Legged SalesDroids, and Steak Dinners

A “four-legged sales call” is when two people show up for sales calls. The usual pattern is an Account Manager for the ‘relationship’ stuff, with a Sales Engineer acting as truth police. These calls can be very useful. It’s a good way to talk about the current business challenges, discuss product roadmaps, provide feedback on what’s working, and what’s not. The Sales Engineer can offer implementation advice, maybe help with some configuration issues.

Often a sales call includes lunch or dinner. Breaking bread together Continue reading

0

Everything Has a Cost

Everything comes at a cost: steak dinners & pre-sales engineering has to get paid for somehow. That should be obvious to most. Feature requests also come at a cost, both upfront, and ongoing. Those ongoing costs are not always understood.

It’s easy to look at vendor gross margins, and assume that there is plenty of fat. But remember that Gross margin is just Revenue minus cost of goods sold. It’s not profit. It doesn’t include sales & marketing costs, or R&D costs. Those costs affect net income, which is ‘real’ income. Companies need to recoup those costs somehow if they want to make money. Gross margin alone doesn’t pay the bills.

Four-Legged SalesDroids, and Steak Dinners

A “four-legged sales call” is when two people show up for sales calls. The usual pattern is an Account Manager for the ‘relationship’ stuff, with a Sales Engineer acting as truth police. These calls can be very useful. It’s a good way to talk about the current business challenges, discuss product roadmaps, provide feedback on what’s working, and what’s not. The Sales Engineer can offer implementation advice, maybe help with some configuration issues.

Often a sales call includes lunch or dinner. Breaking bread together Continue reading

0

Three Issues of Being a Part-Time Security Professional

In Information Technology, we commonly hear the mantra of “doing more with less.” That may sound great, and in some cases it can actually be beneficial. It obviously drives the requirement of streamlining performance and the simplification of processes. It can drive innovators to innovate and the attrition of unnecessary systems. The predominate reason for this philosophy is cost cutting.

My argument would generally be that IT should NOT simply be keeping the lights on, it should be adding value by creating competitive differentiators for the business. Being able to execute on that effectively SHOULD change the perspective of IT as it is viewed by the rest of the leadership team. One particular concern I have in regards to those businesses that continue aggressively down this path of cost cutting (or don’t proper initially fund) IT, is in regards to Cybersecurity.

In many cases smaller shops, or shops that don’t fully understand the risks, tend to place their technical team members into split roles. Maybe the view is that someone should be a part-time security person and a part-time network or system administrator. This introduces several concerns and I wanted to quickly share three that are top of mind.

Issue One — What do I Continue reading

0

Participate in the Net Neutrality Day of Action

We at Cloudflare strongly believe in network neutrality, the principle that networks should not discriminate against content that passes through them.  We’ve previously posted on our views on net neutrality and the role of the FCC here and here.

In May, the FCC took a first step toward revoking bright-line rules it put in place in 2015 to require ISPs to treat all web content equally. The FCC is seeking public comment on its proposal to eliminate the legal underpinning of the 2015 rules, revoking the FCC's authority to implement and enforce net neutrality protections. Public comments are also requested on whether any rules are needed to prevent ISPs from blocking or throttling web traffic, or creating “fast lanes” for some internet traffic.

To raise awareness about the FCC's efforts, July 12th will be “Internet-Wide Day of Action to save Net Neutrality.” Led by the group Battle for the Net, participating websites will show the world what the web would look like without net neutrality by displaying an alert on their homepage. Website users will be encouraged to contact Congress and the FCC in support of net neutrality.

We wanted to make sure our users had an opportunity to participate in this Continue reading

0

Research: Intent Based SDN at ESnet

Demonstration of the ESnet research on a research project using intent based networking including an ontological engine for plain english requests. While this is specific to the ESnet requirements there is some really interesting ideas around interpreting user intent and the architecture of an intent-based system.

The post Research: Intent Based SDN at ESnet appeared first on EtherealMind.

0

Implementing VXLAN Routing- Arista Networks

0

Juniper Vagrant Box Install

Install a Juniper Vagrant boxes with the Virtualbox provider.