Video: Link State Routing Protocol Basics
The Routing Protocols Overview part of How Networks Really Work webinar introduced the concepts of distance-vector and link-state routing protocols. Next step: the basics of link-state routing protocols.
You need Free ipSpace.net Subscription to watch the video, and the Standard ipSpace.net Subscription to register for upcoming live sessions.
To DNSSEC or Not?
OARC held a 2-day meeting in February, with a set of presentations on various DNS topics. Here’s some observations that I picked up from the presentations in that meeting.NIST Selects Lightweight Crypto Algorithms for IoT Data
The new algorithms are designed to protect information created and transmitted by IoT devices, implanted medical devices, stress detectors inside roads and bridges, and vehicle keyless entry fobs.So long, and thanks for all the deployments: deprecating Wrangler v1
Cloudflare Workers allow developers to deploy code instantly across the globe. Wrangler is the CLI tool we build (and use!) to create, modify, and upload Workers. We recently announced a new version of Wrangler with a bunch of new features – including offline development, zero-config startup, and developer tools support. Since then, we’ve been working hard to make the developer experience with version 2 as smooth and enjoyable as possible. We’re confident in what we’ve built and are now planning to officially deprecate version 1.
What’s happening?
Version 1 of Wrangler (@cloudflare/wrangler on npm) is now deprecated, which means no new features or bug fixes will be published unless they’re critical. Beginning August 2023, no further updates will be provided and the Wrangler v1 GitHub repo will be archived. We strongly recommend you upgrade to version 2 (wrangler on npm) to receive continued support. We have a migration guide to make this process easy!
Why?
Our goal is to make development on the Cloudflare platform as smooth and enjoyable as possible. Whether that means simplifying common workflows, incorporating powerful tools into the Wrangler codebase, or opening up Wrangler for use as a library Continue reading
Kubernetes Unpacked 019: Understanding Service Meshes And Linkerd
In today's Kubernetes Unpacked podcast, we explore the concept of a service mesh and why you might want to run one in a Kubernetes cluster. While there are many service meshes to choose from we focus on Linkerd. Linkerd is available under an Apache 2.0 license and hosted by the Cloud Native Computing Foundation (CNCF).
The post Kubernetes Unpacked 019: Understanding Service Meshes And Linkerd appeared first on Packet Pushers.
Kubernetes Unpacked 019: Understanding Service Meshes And Linkerd
In today's Kubernetes Unpacked podcast, we explore the concept of a service mesh and why you might want to run one in a Kubernetes cluster. While there are many service meshes to choose from we focus on Linkerd. Linkerd is available under an Apache 2.0 license and hosted by the Cloud Native Computing Foundation (CNCF).Day Two Cloud 182: Assembling The Multicloud Networking Puzzle To Operate At Cloud Speed (Sponsored)
Today's Day Two Cloud assembles a panel to discuss the challenges of multicloud networking. We're sponsored by Prosimo, and the recording took place live at AWS re:Invent 2022. We discuss how and why an org goes multicloud, cloud networking issues, integrating ZTNA, and more.
The post Day Two Cloud 182: Assembling The Multicloud Networking Puzzle To Operate At Cloud Speed (Sponsored) appeared first on Packet Pushers.
Day Two Cloud 182: Assembling The Multicloud Networking Puzzle To Operate At Cloud Speed (Sponsored)
Today's Day Two Cloud assembles a panel to discuss the challenges of multicloud networking. We're sponsored by Prosimo, and the recording took place live at AWS re:Invent 2022. We discuss how and why an org goes multicloud, cloud networking issues, integrating ZTNA, and more.Process monitoring: How you can detect malicious behavior in your containers
The default pod provisioning mechanism in Kubernetes has a substantial attack surface, making it susceptible to malevolent exploits and container breakouts. To achieve effective runtime security, your containerized workloads in Kubernetes require multi-layer process monitoring within the container.
In this article, I will introduce you to process monitoring and guide you through a Kubernetes-native approach that will help you enforce runtime security controls and detect unauthorized access of host resources.
What is process monitoring?
When you run a containerized workload in Kubernetes, several layers should be taken into account when you begin monitoring the process within a container. This includes container process logs and artifacts, Kubernetes and cloud infrastructure artifacts, filesystem access, network connections, system calls required, and kernel permissions (specialized workloads). Your security posture depends on how effectively your solutions can correlate disparate log sources and metadata from these various layers. Without effective workload runtime security in place, your Kubernetes workloads, which have a large attack surface, can easily be exploited by adversaries and face container breakouts.
Traditional monitoring systems
Before I dive into the details on how to monitor your processes and detect malicious activities within your container platform, let us first take a look at some of Continue reading
Feedback: Designing Active/Active and Disaster Recovery Data Centers
In the Designing Active-Active and Disaster Recovery Data Centers I tried to give networking engineers a high-level overview of challenges one might face when designing a highly-available application stack, and used that information to show why the common “solutions” like stretched VLANs make little sense if one cares about application availability (as opposed to auditor report). Some (customer) engineers like that approach; here’s the feedback I received not long ago:
As ever, Ivan cuts to the quick and provides not just the logical basis for a given design, but a wealth of advice, pointers, gotchas stemming from his extensive real-world experience. What is most valuable to me are those “gotchas” and what NOT to do, again, logically explained. You won’t find better material IMHO.
Please note that I’m talking about generic multi-site scenarios. From the high-level connectivity and application architecture perspective there’s not much difference between a multi-site on-premises (or collocation) deployment, a hybrid cloud, or a multicloud deployment.
Selector is evolving the way we operate networks
The topic of AI in the networking space has quickly moved from “what if” to “how soon”. Every major networking vendor is leveraging some aspect of...
The post Selector is evolving the way we operate networks appeared first on /overlaid.