A Look At Broadcom’s Jericho3-AI Ethernet Fabric: Schedules, Credits, And Cells
Broadcom has come up with some interesting mechanisms to address the challenges of building an Ethernet-based fabric that supports AI workloads. These mechanisms, which include a scheduling framework, cells, and credits, are intended to minimize congestion, latency, and dropped frames or packets in the fabric. In this post I talk about what I learned at […]
The post A Look At Broadcom’s Jericho3-AI Ethernet Fabric: Schedules, Credits, And Cells appeared first on Packet Pushers.
Grafana Network Weathermap
Deploy real-time network dashboards using Docker compose, describes how to quickly deploy a real-time network analytics stack that includes the sFlow-RT analytics engine, Prometheus time series database, and Grafana to create dashboards. This article describes how to extend the example using the Grafana Network Weathermap Plugin to display network topologies like the ones shown here.
Project Cybersafe Schools: Bringing security tools for free to small K-12 school districts in the US
Like other under-resourced organizations, schools face cyber attacks from malicious actors that can impact their ability to safely perform their basic function: teach children. Schools face email, phishing, and ransomware attacks that slow access and threaten leaks of confidential student data. And these attacks have real effects. In a report issued at the end of 2022, the U.S. Government Accountability Office concluded that schools serving kindergarten through 12th grade (K-12) reported significant educational impact and monetary loss due to cybersecurity incidents, such as ransomware attacks. Recovery time can extend from 2 all the way up to 9 months — that’s almost an entire school year.
Cloudflare’s mission is to help build a better Internet, and we have always believed in helping protect those who might otherwise not have the resources to protect themselves from cyberattack.
It is against this backdrop that we’re very excited to introduce an initiative aimed at small K-12 public school districts: Project Cybersafe Schools. Announced as part of the Back to School Safely: K-12 Cybersecurity Summit at the White House on August 8, 2023, Project Cybersafe Schools will support eligible K-12 public school districts with a package of Zero Trust cybersecurity solutions — for Continue reading
Python – Using the IP Address Module to Calculate IPs
I’m currently preparing for a network rollout and the preparation includes assigning subnets to the sites. There are subnets needed for management, wired users, wireless users, guests, and so on. Once subnets have been assigned, for some of the subnets, DHCP scopes need to be created. The team managing the server has requested that information on the subnets, gateway, and what IP the scope begins and ends with be provided as a CSV file. This will allow for easily importing the scopes into the server.
For my scenario, I have the information in a spreadsheet and I’m accessing the information using the openpyxl project. I am then using the ipaddress library to take the prefix from the spreadsheet and performing various calculations. Why use Python for this?
- Writing CSV is time consuming for humans.
- Although I’m quite good at performing calculations, I’m not better than a computer.
- Using code means consistent output that is less error prone.
The goal is to create a line of CSV that looks like this:
VLAN 100 User,192.0.2.64,255.255.255.192,192.0.2.65,192.0.2.75,192.0.2.126,US0100 NY,example.com,
This line consists of:
- Subnet name.
- Network.
- Network mask.
- Gateway.
- Continue reading
Tech Bytes: Spotting Performance Problems Faster With Digital Experience Monitoring (Sponsored)
Today on the Tech Bytes podcast we get into Digital Experience Monitoring (DEM). DEM goes beyond traditional SLAs by offering more precise measurements of network and application performance as experienced by end users, and can provide detailed measurements to help network engineers identify and respond to problems. We talk with sponsor Fortinet about how it delivers DEM.
The post Tech Bytes: Spotting Performance Problems Faster With Digital Experience Monitoring (Sponsored) appeared first on Packet Pushers.
Tech Bytes: Spotting Performance Problems Faster With Digital Experience Monitoring (Sponsored)
Today on the Tech Bytes podcast we get into Digital Experience Monitoring (DEM). DEM goes beyond traditional SLAs by offering more precise measurements of network and application performance as experienced by end users, and can provide detailed measurements to help network engineers identify and respond to problems. We talk with sponsor Fortinet about how it delivers DEM.More Enterprises Opt for Single-Vendor SASE Solutions
A Dell’Oro Group forecast report finds great and growing interest in single-vendor SASE over multi-vendor solutions.Network Break 441: AWS Makes You Pay For IPv4; Superconductor Claims Meet Resistance; An Ultra Ethernet Q&A
Take a Network Break! This week we discuss new charges for IPv4 addresses being levied by AWS, Cisco's acquisition of a BGP monitoring service, and financial results for a host of tech companies. We also speak with J Metz, the Steering Committee Chair of the Ultra Ethernet Consortium to learn more about the organization's goals; and examine the efforts to investigate claims of a breakthrough in superconducting research.
The post Network Break 441: AWS Makes You Pay For IPv4; Superconductor Claims Meet Resistance; An Ultra Ethernet Q&A appeared first on Packet Pushers.
Network Break 441: AWS Makes You Pay For IPv4; Superconductor Claims Meet Resistance; An Ultra Ethernet Q&A
Take a Network Break! This week we discuss new charges for IPv4 addresses being levied by AWS, Cisco's acquisition of a BGP monitoring service, and financial results for a host of tech companies. We also speak with J Metz, the Steering Committee Chair of the Ultra Ethernet Consortium to learn more about the organization's goals; and examine the efforts to investigate claims of a breakthrough in superconducting research.Network Automation: Where Does it Work?
Network automation tools abound. But getting them to work together is hard work.Pixelfed – Part 1 – Installing
About this series
I have seen companies achieve great successes in the space of consumer internet and entertainment industry. I’ve been feeling less enthusiastic about the stronghold that these corporations have over my digital presence. I am the first to admit that using “free” services is convenient, but these companies are sometimes taking away my autonomy and exerting control over society. To each their own of course, but for me it’s time to take back a little bit of responsibility for my online social presence, away from centrally hosted services and to privately operated ones.
After having written a fair bit about my Mastodon [install] and [monitoring], I’ve been using it every day. This morning, my buddy Ramón asked if he could make a second account on ublog.tech for his Campervan Adventures, and notably to post pics of where he and his family went.
But if pics is your jam, why not … [Pixelfed]!
Introduction
Similar to how blogging is the act of publishing updates to a website, microblogging is the act of publishing small updates to a stream of updates on your profile. Very similar to the relationship between Facebook and Continue reading
OSPF Convergence In a Hub and Spoke Topology
My dear friend Micheline Murphy posted an excellent question on OSPF in a Hub and Spoke topology at the Cisco Learning Network. The scenario is a Hub and Spoke topology with two Hub routers that are ABRs belonging to area 100 and area 200. SP-101 and SP-102 belong to area 100. SP-201 and SP-202 belong to area 200. The topology is shown below:
The OSPF areas are shown below:
Some facts about the setup and intent of this post:
- All routers are Catalyst8000v running IOS-XE 17.6.3.
- Hub routers are connected to area 0 where the prefix 198.51.100.0/24 is being advertised.
- Each spoke advertises a /28 from 192.0.2.0/24.
- All interfaces are point to point as the purpose is not to simulate a NBMA topology.
- The intent is to verify what happens in a failure scenario but lab first shows the stable topology.
The expectation is that in a stable topology each Spoke will have two ECMP routes, one via each Hub, to the other spokes. The router SP-202 will be used to demonstrate. First let’s verify that everything is working as expected. SP-202 is a router in area 200:
SP-202#show ip ospf 1 Continue reading
Unmasking the top exploited vulnerabilities of 2022
The Cybersecurity and Infrastructure Security Agency (CISA) just released a report highlighting the most commonly exploited vulnerabilities of 2022. With our role as a reverse proxy to a large portion of the Internet, Cloudflare is in a unique position to observe how the Common Vulnerabilities and Exposures (CVEs) mentioned by CISA are being exploited on the Internet.
We wanted to share a bit of what we’ve learned.
Based on our analysis, two CVEs mentioned in the CISA report are responsible for the vast majority of attack traffic seen in the wild: Log4J and Atlassian Confluence Code Injection. Although CISA/CSA discuss a larger number of vulnerabilities in the same report, our data clearly suggests a major difference in exploit volume between the top two and the rest of the list.
The top CVEs for 2022
Looking at the volume of requests detected by WAF Managed Rules that were created for the specific CVEs listed in the CISA report, we rank the vulnerabilities in order of prevalence: