Archive

Category Archives for "Networking"

Calico at KubeCon + CloudNativeCon Europe 2025

Tigera is getting ready for KubeCon + CloudNativeCon Europe this year!

Join us for exciting demos, networking opportunities, meaningful community connections, and fun celebrations. We can’t wait to share what’s in store!

This blog post covers all the ways you can engage with us and dive deeper into your favorite tool, Calico, at KubeCon + CloudNativeCon Europe 2025.

CalicoCon 2025

CalicoCon 2025 is your go-to event for the latest in Kubernetes networking, security, and observability. Hosted by the Calico team, it offers an in-depth look at the state of Project Calico.

Attendees will have the chance to connect with Calico engineers and leadership, ask questions, and share their experiences.

Add CalicoCon to your existing KubeCon + CloudNativeCon registration ‌to secure your spot. If you are not attending KubeCon + CloudNativeCon Europe but would still like to attend CalicoCon, please reach out to us ‌on the Calico User Slack.


Event Details

Date: April 1, 2025
Time: 1:00pm – 4:30pm BST
Location: Good Hotel London

<Register Now>

Party with Calico Cool Cats

This is your chance to connect with fellow Kubernetes enthusiasts, Calico users, and the brilliant minds behind Project Calico in a relaxed setting.

Engage in insightful conversations, share your Kubernetes Continue reading

TNO018: The Network Engineer’s Evolution: Thinking Like a Product Owner (Sponsored)

What does it mean for a network engineer to develop a product mindset? And what does a product mindset have to do with network automation? Guest Peter Sprygada connects these concepts in today’s episode of Total Network Operations, sponsored by Itential. Peter says that as an organization advances its network automation capabilities, the impetus shifts... Read more »

Some TXT about, and A PTR to, new DNS insights on Cloudflare Radar

No joke – Cloudflare's 1.1.1.1 resolver was launched on April Fool's Day in 2018. Over the last seven years, this highly performant and privacy-conscious service has grown to handle an average of 1.9 Trillion queries per day from approximately 250 locations (countries/regions) around the world. Aggregated analysis of this traffic provides us with unique insight into Internet activity that goes beyond simple Web traffic trends, and we currently use analysis of 1.1.1.1 data to power Radar's Domains page, as well as the Radar Domain Rankings.

In December 2022, Cloudflare joined the AS112 Project, which helps the Internet deal with misdirected DNS queries. In March 2023, we launched an AS112 statistics page on Radar, providing insight into traffic trends and query types for this misdirected traffic. Extending the basic analysis presented on that page, and building on the analysis of resolver data used for the Domains page, today we are excited to launch a dedicated DNS page on Cloudflare Radar to provide increased visibility into aggregate traffic and usage trends seen across 1.1.1.1 resolver traffic. In addition to looking at global, location, and autonomous system (ASN) traffic trends, Continue reading

Notes from OARC44

The DNS Operations, Analysis, and Research Center (DNS-OARC) brings together DNS service operators, DNS software implementors, and researchers together to share concerns, information and learn together about the operation and evolution of the DNS. They meet between two or three times a year in a workshops format. The most recent workshop was held in Atlanta, in February 2025. Here are my thoughts on some of the material that was presented and discussed at this workshop where too much DNS is barely enough!

Rebuilding FRR with pim6d

Short post today.

Turns out that Debian, in its infinite wisdom, disables pim6d in frr. Here’s a short howto on how to build it fixed.

$ sudo apt build-dep frr
[…]
$ apt source frr
[…]
$ cd frr-8*
$ DEB_BUILD_PROFILES=pkg.frr.pim6d dpkg-buildpackage -us -uc -b
$ sudo dpkg -i ../frr_*.deb

Then you can enable pim6d in /etc/frr/daemons and restart frr.

Not that I managed to get IPv6 multicast routing to to work over wireguard interfaces anyway. Not sure what’s wrong. Though it didn’t fix it, here’s an interesting command that made stuff like ip -6 mroute look like it should work:

$ sudo smcroutectl  add LAN ff38:40:fd11:222:3333:44:0:1122 wg-foo

Keep AI interactions secure and risk-free with Guardrails in AI Gateway

The transition of AI from experimental to production is not without its challenges. Developers face the challenge of balancing rapid innovation with the need to protect users and meet strict regulatory requirements. To address this, we are introducing Guardrails in AI Gateway, designed to help you deploy AI safely and confidently. 

Why safety matters

LLMs are inherently non-deterministic, meaning outputs can be unpredictable. Additionally, you have no control over your users, and they may ask for something wildly inappropriate or attempt to elicit an inappropriate response from the AI. Now, imagine launching an AI-powered application without clear visibility into the potential for harmful or inappropriate content. Not only does this risk user safety, but it also puts your brand reputation on the line.

To address the unique security risks specific to AI applications, the OWASP Top 10 for Large Language Model (LLM) Applications was created. This is an industry-driven standard that identifies the most critical security vulnerabilities specifically affecting LLM-based and generative AI applications. It’s designed to educate developers, security professionals, and organizations on the unique risks of deploying and managing these systems.

The stakes are even higher with new regulations being introduced:

Making Cloudflare the best platform for building AI Agents

As engineers, we’re obsessed with efficiency and automating anything we find ourselves doing more than twice. If you’ve ever done this, you know that the happy path is always easy, but the second the inputs get complex, automation becomes really hard. This is because computers have traditionally required extremely specific instructions in order to execute.

The state of AI models available to us today has changed that. We now have access to computers that can reason, and make judgement calls in lieu of specifying every edge case under the sun.

That’s what AI agents are all about.

Today we’re excited to share a few announcements on how we’re making it even easier to build AI agents on Cloudflare, including:

  • agents-sdk — a new JavaScript framework for building AI agents

  • Updates to Workers AI: structured outputs, tool calling, and longer context windows for Workers AI, Cloudflare’s serverless inference engine

  • An update to the workers-ai-provider for the AI SDK

We truly believe that Cloudflare is the ideal platform for building Agents and AI applications (more on why below), and we’re constantly working to make it better — you can expect to see more announcements from us in this space in the future.

Continue reading

Stub Networks in Virtual Labs

The previous blog posts described how virtualization products create LAN segments and point-to-point links.

However, sometimes we need stub segments – segments connected to a single router or switch – because we don’t want to waste resources creating hosts attached to a network device, but would still prefer a more realistic mechanism than static routes to inject IP subnets into routing protocols.

Read more …

NB515: Quantum Computing’s Future Looking More Certain; Arista Posts Record 2024 Revenues

Lots of good stuff in this week’s Network Break. Microsoft announces an 8-qubit quantum chip and declares that practical quantum computing is years, not decades, away. D-Wave says its quantum computers are now commercially available for research facilities, academic institutions, and governments. Apple rolls its own 5G modem into its iPhone 16e. Meta announces its... Read more »

How To Find and Fix What’s Trashing Your App Performance

Troubleshooting slow app or website performance is one of the more frustrating tasks developers face. Reliability is a key performance indicator and user experience metric, so when something goes wrong, it rises immediately to the top of your priority list. Unless you can find and fix the problem fast, everything else you’d planned to do today is getting pushed into the future. The Scenario Picture this: You’re busy at your keyboard, trying to hit a milestone on an important yet incremental upgrade to your company’s key user-facing app. Suddenly, your ticketing system goes berserk — dozens of users are reporting that they can’t access an essential feature in your app. More patient users report they can access it … eventually. It’s taking minutes to load, not seconds, as they’re used to. You check your app’s performance in your monitoring tool, and everything looks fine — all the indicators are showing green. But your users are saying the app is slow — which, as far as they’re concerned, means it’s down. So, what exactly is going on here? Uncover What’s Degrading Digital Performance The evolution to internet-centric application delivery has made it increasingly challenging for IT orgs to identify the root Continue reading

Worth Reading: Network Traffic Telemetry Protocols

Pavel Odintsov published a series of introductory blog posts describing protocols we can use to collect network traffic telemetry:

  • Part 1 covers the ancient Netflow v5, Netflow v9, and IPFIX. It also mentions sampling and flow aggregation.
  • Part 2 describes sFlow, port mirroring and sampled mirroring, and the use of IPFIX/Netflow v9 to transport mirrored traffic.

These blog posts will not make you an expert but will give you an excellent overview of the telemetry landscape1.

  1. Hint: more than enough to turn you into an instant AI-assisted LinkedIn garbage generator Thought Leader™ 😜 ↩︎

Introduction of an Artificial Neuron

 Introduction 


Before diving into the somewhat complex world of Artificial Intelligence (AI), let’s first consider what intelligence means from a human perspective. Judo, as a martial art, serves as a good—though not an obvious—example. I trained in judo for over 20 years. During that time, I learned which throwing techniques to use to take down an opponent efficiently by leveraging their movement energy and reactions. But how did I learn that? Through a supervised training process, where our coach first taught us the throwing techniques and the situations in which they work best. Then, we practiced them ourselves. Mastering these techniques requires thousands of repetitions before achieving perfection. Ultimately, timing and reaction to the opponent’s movements play a significant role in determining whether a throw is successful or not. After mastering several throwing technics, I was capable of apply them in the situation not necessarily to seen before.

How does this relate to Artificial Intelligence (AI)? AI is a broad term encompassing solutions that aim to mimic human brain functions. A subset of AI is Machine Learning (ML), which enables systems to make decisions based on input data without being explicitly programmed for each scenario. The driving force behind this Continue reading

Palo Alto Clientless VPN Configuration

Palo Alto Clientless VPN Configuration

As the title suggests, Palo Alto's clientless VPN allows users to access internal resources (HTTPS-based) without installing the GlobalProtect client. This is useful when you have an internal application that external contractors need to use, but they may not want to install a VPN client. All they need to do is open a browser, log in to your GlobalProtect portal, and access the applications directly. In this blog post, we'll go through the steps to configure Palo Alto Clientless VPN.

As always, if you find this post helpful, press the ‘clap’ button. It means a lot to me and helps me know you enjoy this type of content.

Overview

GlobalProtect Clientless VPN lets users securely access internal web applications from a browser without installing the GlobalProtect client. This is helpful for providing partners or contractors with access to specific internal applications. You can set up the GlobalProtect portal landing page to give users direct access to these applications.

0:00
/0:21

Clientless VPN acts as a reverse proxy, intercepting and modifying web pages from internal applications before presenting them to remote users. When users access these URLs, their requests pass through the GlobalProtect portal.

💡
Before proceeding, Continue reading

From Python to Go 014. Basic SSH Interaction With Network Devices.

Hello my friend,

As mentioned in the previous blogpost, we started talking about practical usage of Python and Go (Golang) for network and IT infrastructure automation. Today we’ll take a look how we can interact with any SSH-speaking device, whether it is a network device, server, or anything else.

You Put So Much Content For Free Online, Why To Join Trainings Then?

Our ultimate goal is to make you successful with software developing for IT infrastructure management. Out blogs are the first step so that you can get up to speed if you already well equipped with fundamentals as protocols, data formats, etc. We believe that sharing is caring, hence we share back our knowledge with you, so that your path could be a little bit easier and quicker, so that you have more time to focus on what matters. If that’s enough for you to move forward, that’s great.

At the same time, if you feel you need more, you want to have finely-curated labs, slack support and deep dive not just in coding, but really in fundamentals, our training programs are here for you:

We offer the following training programs in network automation for you:

1 17 18 19 20 21 3,438