HN687 Juniper CORA Coherent Optics Enabling IPoDWDM
Its about reducing the cost and complexity of DWDM coherent optical networks. Connecting the DWDM network directly to your router removes the DWDM edge equipment which simplifies operation, reduce cost,space & power while improving provisioning time. How is Juniper entering this market and what do you need to know ?
The post HN687 Juniper CORA Coherent Optics Enabling IPoDWDM appeared first on Packet Pushers.
HN687 Juniper CORA Coherent Optics Enabling IPoDWDM
Its about reducing the cost and complexity of DWDM coherent optical networks. Connecting the DWDM network directly to your router removes the DWDM edge equipment which simplifies operation, reduce cost,space & power while improving provisioning time. How is Juniper entering this market and what do you need to know ?Cloudflare Zaraz supports JSONata
Cloudflare users leverage Zaraz for loading their third-party JavaScript tools. Tools like analytics, conversion pixels, widgets and alike, load faster and safer when loaded through Zaraz.
When configuring a tool in Zaraz, users can specify the payload to be included when sending information to it. This allows for the transmission of more detailed data. For example, when sending the "Button Clicked" event to Google Analytics, users can include additional information such as the ID of the button element and the content of the user_id cookie at the time of the button press. In Zaraz, users have the flexibility to add as many fields as desired when configuring the action.
Typically, information reaches Zaraz through the execution of zaraz.track("event name", { properties }) within the website's code. The properties object can contain relevant details that will be sent to third-party tools, such as the button ID in the previous example. However, there are cases where users may need to process and manipulate the information before sending it to their third-party tools.
To address this requirement, we recently introduced Worker Variables, which enables users to send information to a Cloudflare Worker, perform manipulations on it, and return a modified value. Continue reading
A New Contender: NVMe in the Data Center
NVMe (nonvolatile memory express) delivers the faster performance data centers need to move to and operate in hybrid and multi-cloud environments.What’s new in Calico Enterprise 3.17: Namespace isolation, WireGuard support for AKS and EKS, and more!
We are excited to introduce the early preview releases for Calico Enterprise 3.17. This release focuses on helping enterprises have a strong security posture for their containers and Kubernetes clusters. Let’s go through some of the highlights of this release.
Namespace isolation with automatic Security Policy Recommendations
Calico will now automatically generate security policies based on workload dependencies and incoming and outgoing traffic to isolate namespaces in your Kubernetes cluster.
WireGuard support for AKS and EKS with Calico CNI
Users can now protect data-in-transit data in Microsoft AKS and Amazon EKS clusters by enabling WireGuard encryption with the Calico CNI.
Improved management of Workload-based WAF
Secure specific workload-to-workload communications at the application level with Calico’s workload-based web application firewall (WAF) by selecting and deselecting specific services.
Policy-based routing for egress gateways
Define policies on which egress gateway to use (or none at all) depending on the destination of egress traffic.
We hope you’ll enjoy these product upgrades and enhancements. We will continue to deliver new releases with innovative solutions to solve container and Kubernetes security challenges. Watch this space for future updates and details about how to leverage these features in your environment.
Check out our self-paced workshops for Continue reading
Followup: IP Multicast – Good in Theory, Bad in Reality.
The debates around IP multicast stopped about five to ten years ago AFAICT. No one wants to deal with it anymore. In theory, IP multicast was a good idea but in the real world it was a deeply flawed.
Lost in transit: debugging dropped packets from negative header lengths
Previously, I wrote about building network load balancers with the maglev scheduler, which we use for ingress into our Kubernetes clusters. At the time of that post we were using Foo-over-UDP encapsulation with virtual interfaces, one for each Internet Protocol version for each worker node.
To reduce operational toil managing the traffic director nodes, we've recently switched to using IP Virtual Server's (IPVS) native support for encapsulation. Much to our surprise, instead of a smooth change, we instead observed significant drops in bandwidth and failing API requests. In this post I'll discuss the impact observed, the multi-week search for the root cause, and the ultimate fix.
Recap and the change
To support our requirements we've been creating virtual interfaces on our traffic directors configured to encapsulate traffic with Foo-Over-UDP (FOU). In this encapsulation new UDP and IP headers are added to the original packet. When the worker node receives this packet, the kernel removes the outer headers and injects the inner packet back into the network stack. Each virtual interface would be assigned a private IP, which would be configured to send traffic to these private IPs in "direct" mode.
This configuration presents several problems for our operations teams.
Recapping Speed Week 2023
This post is also available in Deutsch.
Speed Week 2023 is officially a wrap.
In our Welcome to Speed Week 2023 blog post, we set a clear goal:
“This week we will help you measure what matters. We’ll help you gain insight into your performance, from Zero Trust and API’s to websites and applications. And finally we’ll help you get faster. Quickly.”.
This week we published five posts on how to measure performance, explaining which metrics and approaches make sense and why. We had a deep dive on the latest Core Web Vital, “Interaction to Next Paint”, what it means and how we can help. There was a post on Time To First Byte (TTFB) and why it isn't a good way to measure good web performance. We also wrote about how to measure Zero Trust performance, and announced the Internet Quality page of Cloudflare Radar - giving everyone the ability to compare Internet connection quality across Internet Service Providers, countries, and more.
We launched new products such as Observatory, Digital Experiencing Monitoring and Timing Insights. These products give an incredible window into how your applications and websites are performing through the eyes of website visitors Continue reading
NB436: Cisco AI Silicon, DEM. HPE Greenlake AI LLM. FCC Talks Bandwidth Caps.
Cisco announces AI Networking versions of SIlicon One ASICs and buys another DEM business. HPE Greenlake adds AI LLM. FTC talks bandwidth caps. Google accusing Microsoft of monopolistic behaviour. We laughed.
The post NB436: Cisco AI Silicon, DEM. HPE Greenlake AI LLM. FCC Talks Bandwidth Caps. appeared first on Packet Pushers.
NB436: Cisco AI Silicon, DEM. HPE Greenlake AI LLM. FCC Talks Bandwidth Caps.
Cisco announces AI Networking versions of SIlicon One ASICs and buys another DEM business. HPE Greenlake adds AI LLM. FTC talks bandwidth caps. Google accusing Microsoft of monopolistic behaviour. We laughed.Worth Reading: What Is Going on With BGP?
Ignas Bagdonas sent a phenomenal summary of recent BGP developments to the RIPE Routing WG mailing list. Enjoy!