Archive

Category Archives for "Networking"

HS052: Professional Liability and Qualified Design

As technology becomes more critical and vital to companies business leaders are beginning to question the reliability and liability. Insurers now require audits and demand complienace with set practices before issuing a policy. Corporate boards are realising that so-called tech professionals have zero training or professional requirement, consultants have even less and the analysts are... Read more »

IDC: Server and storage price hikes fueled cloud infrastructure growth

Thanks to the mania surrounding AI as well as the impact of inflation, spending on servers and storage for cloud deployments climbed in the first quarter of this year. Looking ahead, cloud infrastructure sales are expected to grow over the next four years while on-premises spending will diminish, reports IDC.The research firm’s quarterly enterprise infrastructure tracker finds that spending on compute and storage infrastructure products in the first quarter increased 14.9% year over year to $21.5 billion. Spending on cloud infrastructure continues to outpace the non-cloud segment, which declined 0.9% in 1Q23 to $13.8 billion.To read this article in full, please click here

Multipath TCP (MPTCP) Resources

Brian Carpenter published a list of Multipath TCP resources to one of the IETF mailing lists1:

You might also want to listen to the Multipath TCP podcast we recorded with Apple engineers in 2019.

  1. … along with a nice reminder that “it might be wise to look at actual implementations of MPTCP before jumping to conclusions”. Yeah, that’s never a bad advice, but rarely followed. ↩︎

Multipath TCP (MPTCP) Resources

Brian Carpenter published a list of Multipath TCP resources to one of the IETF mailing lists1:

You might also want to listen to the Multipath TCP podcast we recorded with Apple engineers in 2019.

  1. … along with a nice reminder that “it might be wise to look at actual implementations of MPTCP before jumping to conclusions”. Yeah, that’s never a bad advice, but rarely followed. ↩︎

Do We Really Want Creativity In IT?

This post originally appeared in the Packet Pushers’ Human Infrastructure newsletter. You can subscribe for free and see every back issue here. And we don’t share your contact details with anyone else because we’re selfish like that. Creativity sits among the group of attributes, including teamwork and communication, that employers say they most desire. For […]

The post Do We Really Want Creativity In IT? appeared first on Packet Pushers.

Tech Bytes: ThousandEyes Extends End-to-End Network Visibility To Meraki MX And More (Sponsored)

In today’s Tech Byte, we’ve got Cisco ThousandEyes sharing new product capabilities, including ThousandEyes on Meraki MX and Webex RoomOS devices and faster insights into the root cause of problems your users are calling to complain about. We also discuss the recent acquisition of SamKnows, which gives ThousandEyes deeper visibility into ISPs.

The post Tech Bytes: ThousandEyes Extends End-to-End Network Visibility To Meraki MX And More (Sponsored) appeared first on Packet Pushers.

Cisco hosts containerized firewall on Catalyst switches to protect mixed IT/OT networks

Cisco announced a containerized firewall package for its venerable Catalyst switch family that’s designed to help enterprise customers with mixed IT and OT systems more easily segment network resources and save money by consolidating network and security deployments.Specifically, Cisco built a Docker-based container for its Secure Firewall Adaptive Security Appliance (ASA) that can be hosted on its Catalyst 9300 access switches. Cisco Secure Firewall ASA combines firewall, antivirus, intrusion prevention, encryption and virtual private network (VPN) support.The firewall supports up to 10 logical interfaces, which can be used for segmentation. This segmentation helps limit the ability of an attacker to move laterally within the network by containing any breach to a specific zone, wrote Pal Lakatos-Toth, an engineering product manager with Cisco’s security business group, in a blog about the news.To read this article in full, please click here

Cisco hosts containerized firewall on Catalyst switches to protect mixed IT/OT networks

Cisco announced a containerized firewall package for its venerable Catalyst switch family that’s designed to help enterprise customers with mixed IT and OT systems more easily segment network resources and save money by consolidating network and security deployments.Specifically, Cisco built a Docker-based container for its Secure Firewall Adaptive Security Appliance (ASA) that can be hosted on its Catalyst 9300 access switches. Cisco Secure Firewall ASA combines firewall, antivirus, intrusion prevention, encryption and virtual private network (VPN) support.The firewall supports up to 10 logical interfaces, which can be used for segmentation. This segmentation helps limit the ability of an attacker to move laterally within the network by containing any breach to a specific zone, wrote Pal Lakatos-Toth, an engineering product manager with Cisco’s security business group, in a blog about the news.To read this article in full, please click here

Network Break 438: Intel Abandons NUC; EU Blesses Broadcom/VMware Union; Microsoft Joins SSE Race

Take a Network Break! This week we discuss Intel walking away from the NUC PC, Microsoft rebranding Azure AD and launching an SSE offering, and Microsoft Exchange Online getting hacked. We also cover the EU's conditional approval of Broadcom's VMware acquisition, why Wireshark needs your help, and more IT news.

The post Network Break 438: Intel Abandons NUC; EU Blesses Broadcom/VMware Union; Microsoft Joins SSE Race appeared first on Packet Pushers.

Upcoming BGP Policy Course

This coming Friday I’m teaching a course in BGP policy over at Safari Books Online. It’s three hours of straight-up BGP policy goodness. From the description:

This course begins by simplifying the entire BGP policy space into three basic kinds of policies that operators implement using BGP—selecting the outbound path, selecting the inbound path, and “do not transit.” A use case is given for each of these three kinds, or classes, of policies from the perspective of a transit provider, and another from the perspective of a nontransit operator connected to the edge of the ‘net.

Please register here.

Memory prices may have bottomed out

If you've been considering a memory upgrade for your systems, now might be the time to do it. The lengthy decline of memory prices has nearly stopped, and while that doesn’t mean prices are going to go up just yet, it's likely to happen down the road.DRAM and NAND flash memory makers have had to endure a severe downturn in average selling prices over the past six months, as part of the typical cyclical nature of memory sales. But a new report by technology industry analyst firm TrendForce says price declines for some forms of memory have slowed to almost zero.To read this article in full, please click here

Memory prices may have bottomed out

If you've been considering a memory upgrade for your systems, now might be the time to do it. The lengthy decline of memory prices has nearly stopped, and while that doesn’t mean prices are going to go up just yet, it's likely to happen down the road.DRAM and NAND flash memory makers have had to endure a severe downturn in average selling prices over the past six months, as part of the typical cyclical nature of memory sales. But a new report by technology industry analyst firm TrendForce says price declines for some forms of memory have slowed to almost zero.To read this article in full, please click here

Cradlepoint differentiates its SASE platform with 5G support

Cradlepoint this week shared its strategy to couple 5G wireless with its secure access service edge (SASE) platform to provide wireless WAN and hybrid WAN environments with cloud management and SIM-based security capabilities.The platform builds off Cradlepoint’s NetCloud Exchange 5G SD-WAN and will incorporate zero trust and cloud-based security technology Cradlepoint acquired recently with its acquisition of Ericom. The company plans to roll out the updates in phases over the next 12 months, with its Cellular Intelligence component available now.To read this article in full, please click here

Startup UniFabriX uses CXL memory technology to boost rack density

Israeli startup UniFabriX is aiming to give multi-core CPUs the memory and memory bandwidth needed to run compute- and memory-intensive AI and machine-learning workloads.UniFabriX is pitching its Smart Memory Node technology as an alternative to socket-connected DRAM, which restricts memory capacity and bandwidth in CPUs. UniFabriX's technology is based on CXL (Compute Express Link), an industry-supported interconnect for processors, memory expansion, and accelerators. CXL technology maintains memory coherency between the CPU memory space and memory on attached devices, which allows resource sharing for higher performance, reduced software stack complexity, and lower overall system cost.To read this article in full, please click here

Startup UniFabriX uses CXL memory technology to boost rack density

Israeli startup UniFabriX is aiming to give multi-core CPUs the memory and memory bandwidth needed to run compute- and memory-intensive AI and machine-learning workloads.UniFabriX is pitching its Smart Memory Node technology as an alternative to socket-connected DRAM, which restricts memory capacity and bandwidth in CPUs. UniFabriX's technology is based on CXL (Compute Express Link), an industry-supported interconnect for processors, memory expansion, and accelerators. CXL technology maintains memory coherency between the CPU memory space and memory on attached devices, which allows resource sharing for higher performance, reduced software stack complexity, and lower overall system cost.To read this article in full, please click here

AWS Advanced Networking Speciality 1.3 : Configuration options for load balancer target groups (for example, TCP, GENEVE, IP compared with instance)

Advanced Network Speciality Exam — Blogs

<MEDIUM : https://towardsaws.com/aws-advanced-networking-speciality-1-3-5484de6c8da >

A Target group routes requests to one or more registered targets. They can be EC2 Instances, IP addresses, Kubernetes Cluster, Lambda Functions etc. Target groups are specified when you create a listener rule. You can also define various health checks and associate them with each target-groups.

Typical load-balancer components

Ref:https://docs.aws.amazon.com/images/elasticloadbalancing/latest/application/images/component_architecture.png
Cross-Zone Load Balancing Ref:https://docs.aws.amazon.com/images/elasticloadbalancing/latest/userguide/images/cross_zone_load_balancing_enabled.png

What is Geneve, and what is the context with ELB: Generic Network Virtualisation Encapsulation

In the context of Gateway Load Balancer, a flow can be associated with either 5-Tuple or 3-Tuple.A flow can be associated with either a 5-tuple or 3-tuple flow in load balancers.

A 5-tuple flow includes the source IP address, destination IP address, source port, destination port, and protocol number. This is used for TCP, UDP, and SCTP protocols.

A 3-tuple flow includes the source IP address, destination IP address, and protocol number. This is used for ICMP and ICMPv6 protocols.

Gateway Load balancers and their registered virtual appliances use GENEVE protocol to exchange application traffic on port 6081

References :

https://docs.aws.amazon.com/elasticloadbalancing/latest/application/introduction.html

https://datatracker.ietf.org/doc/html/rfc8926 Continue reading

1 186 187 188 189 190 3,444