Here are some noteworthy vendors in the crowded software-defined WAN market.
Cumulus Linux 3.2 shipped with a rudimentary EVPN implementation and everyone got really excited, including smaller ASIC manufacturers that finally got a control plane for their hardware VTEP functionality.
However, while it’s nice to have EVPN support in Cumulus Linux, the claims of its benefits are sometimes greatly exaggerated.
Read more ...Several weeks ago, we let out some big news about Backpack, Facebook’s chassis, running Cumulus Linux. If you missed the news, check it out here.
As part of our launch, we attended Facebook’s exclusive event, Disaggregate, to talk about all things open networking. Our CTO and cofounder, JR Rivers, gave a stellar presentation covering a short history of open networking (“I watched the Googles of the world grow up”), how ONIE was born and why Cumulus Linux was created to help an industry evolve, scale and build better networks. You can watch the full presentation here.
We also manned our station at the event, answering questions about our integration with Backpack and even demoing Cumulus Linux on the product. Some of our takeaways from the event included:
The Cloudflare TLS 1.3 beta is run by a Go implementation of the protocol based on the Go standard library, crypto/tls. Starting from that excellent Go codebase allowed us to quickly start experimenting, to be the first wide server deployment of the protocol, and to effectively track the changes to the specification draft.
Of course, the security of a TLS implementation is critical, so we engaged NCC Group's Cryptography Services to perform an audit at the end of 2016.
You can find the codebase on the Cloudflare GitHub. It's a drop-in replacement for crypto/tls and comes with a go wrapper to patch the standard library as needed.
The code is developed in the open but is currently targeted only at internal use: the repository is frequently rebased and the API is not guaranteed to be stable or fully documented. You can take a sneak peek at the API here.
The final goal is to upstream the patches to the Go project so that all users of the Go standard library benefit from it. You can follow the process here.
Below we republish the article about the audit first appeared on the NCC Group's blog.
Cacti is a “complete network graphing solution” according to their website. It has also been a thorn in my side for a long time.
See what I did there? Thorn… because it's a cactus… never mind.
When Cacti is in a steady state-when I could get it to a steady state-it was good. Not great, because there was a lot of effort to get it into what I consider “steady state”, but good. The rest of the time… thorny.
There are five major things that have driven me up the wall. In no particular order:
The sheer size of some of the YANG models can scare away even the bravest of network engineers. However, as it is with any programming language, the complexity is built out of a finite set of simple concepts. In this post we’ll learn some of these concepts by building our own YANG model to program static IP routes on Cisco IOS XE.
Continue reading