0

Cloudflare’s global network grows to 300 cities and ever closer to end users with connections to 12,000 networks

We make no secret about how passionate we are about building a world-class global network to deliver the best possible experience for our customers. This means an unwavering and continual dedication to always improving the breadth (number of cities) and depth (number of interconnects) of our network.

This is why we are pleased to announce that Cloudflare is now connected to over 12,000 Internet networks in over 300 cities around the world!

The Cloudflare global network runs every service in every data center so your users have a consistent experience everywhere—whether you are in Reykjavík, Guam or in the vicinity of any of the 300 cities where Cloudflare lives. This means all customer traffic is processed at the data center closest to its source, with no backhauling or performance tradeoffs.

Having Cloudflare’s network present in hundreds of cities globally is critical to providing new and more convenient ways to serve our customers and their customers. However, the breadth of our infrastructure network provides other critical purposes. Let’s take a closer look at the reasons we build and the real world impact we’ve seen to customer experience:

Reduce latency

Our network allows us to sit approximately 50 ms from 95% Continue reading

0

How Cloudflare runs machine learning inference in microseconds

Cloudflare executes an array of security checks on servers spread across our global network. These checks are designed to block attacks and prevent malicious or unwanted traffic from reaching our customers’ servers. But every check carries a cost - some amount of computation, and therefore some amount of time must be spent evaluating every request we process. As we deploy new protections, the amount of time spent executing security checks increases.

Latency is a key metric on which CDNs are evaluated. Just as we optimize network latency by provisioning servers in close proximity to end users, we also optimize processing latency - which is the time spent processing a request before serving a response from cache or passing the request forward to the customers’ servers. Due to the scale of our network and the diversity of use-cases we serve, our edge software is subject to demanding specifications, both in terms of throughput and latency.

Cloudflare's bot management module is one suite of security checks which executes during the hot path of request processing. This module calculates a variety of bot signals and integrates directly with our front line servers, allowing us to customize behavior based on those signals. This module Continue reading

0

How to navigate the co-management conundrum in MSP engagements

Co-management is a key part of many arrangements between enterprise IT teams and their managed service providers (MSP), but it’s not always clear where the management boundaries and overlaps exist and how they should be handled.Oftentimes, enterprises land on a co-management approach because they don’t want to give up total control, and the MSP may be promising productive cooperation with prospective customers to provide reassurance and close the deal. In practice, co-managed technology services can vary widely depending on the type of services being offered and the parties involved.For the sake of this article, let’s assume that enterprises are already committed to outsourcing some elements of their IT and communications services to an MSP partner. The benefits of outsourcing – such as expense or headcount reduction, increased expertise, improved productivity, core business focus and enhanced capability – are well established, and the potential risks and concerns – including loss of control, reduced flexibility, dwindling internal expertise and fears about data protection and ownership – are also well known.To read this article in full, please click here

0

Tech Byte: DWDM at the Edge with Nokia PSE6 Coherent Optics

Today’s Tech Byte is a discussion on Nokia’s Photonic Service Engine (PSE) optics. Release 6 of its PSEs promises huge changes to DWDM Edge by bringing coherent optical DWDM circuits directly to your Nokia routers and switches. No more costly DWDM shelves and transponders just to terminate a tail circuit, reducing lead times and providing more options for resilience.

The post Tech Byte: DWDM at the Edge with Nokia PSE6 Coherent Optics appeared first on Packet Pushers.

0

Tech Byte: DWDM at the Edge with Nokia PSE6 Coherent Optics

Today’s Tech Byte is a discussion on Nokia’s Photonic Service Engine (PSE) optics. Release 6 of its PSEs promises huge changes to DWDM Edge by bringing coherent optical DWDM circuits directly to your Nokia routers and switches. No more costly DWDM shelves and transponders just to terminate a tail circuit, reducing lead times and providing more options for resilience.

0

NB435: Your FUs, VMware takeover, DPU News and Cooling is Toxic

FU, vendors co-operating ? Google ditches something, Quantum computing, the state of AMD DPUs. Finally liquid cooling is toxic due to PFAS are 'forever chemicals'.

The post NB435: Your FUs, VMware takeover, DPU News and Cooling is Toxic appeared first on Packet Pushers.

0

NB435: Your FUs, VMware takeover, DPU News and Cooling is Toxic

FU, vendors co-operating ? Google ditches something, Quantum computing, the state of AMD DPUs. Finally liquid cooling is toxic due to PFAS are 'forever chemicals'.

0

Exercise: Fix BGP Route Leaks

I created a netlab topology you can use to practice BGP security tools I described in the Internet Routing Security webinar:

• The lab topology mirrors the sample topology I described in the Classification of BGP Route Leaks (RFC 7908) blog post with one router per autonomous system
• BGP is configured on all devices, and EBGP sessions are set up between all directly-connected devices.

0

Exercise: Fix BGP Route Leaks

I created a netlab topology you can use to practice BGP security tools I described in the Internet Routing Security webinar:

• The lab topology mirrors the sample topology I described in the Classification of BGP Route Leaks (RFC 7908) blog post with one router per autonomous system
• BGP is configured on all devices, and EBGP sessions are set up between all directly-connected devices.

0

Welcome to Speed Week 2023

What we consider ‘fast’ is changing. In just over a century we’ve cut the time taken to travel to the other side of the world from 28 days to 17 hours. We developed a vaccine for a virus causing a global pandemic in just one year - 10% of the typical time. AI has reduced the time taken to complete software development tasks by 55%. As a society, we are driven by metrics - and the need to beat what existed before.

At Cloudflare we don't focus on metrics of days gone by. We’re not aiming for “faster horses”. Instead we are driven by questions such as “What does it actually look like for users?”, “How is this actually speeding up the Internet?”, and “How does this make the customer faster?”.

This innovation week we are helping users measure what matters. We will cover a range of topics including how we are fastest at Zero Trust, have the fastest network and a deep dive on cache purge and why global purge latency mightn’t be the gold star it's made out to be. We’ll also cover why Time to First Byte is generally a bad measurement. And what Continue reading

0

Worth Reading: Some Blogging Myths

Julia Evans published another phenomenal blog post, this time focused on blogging myths including:

• You need to be original
• You need to be an expert
• Posts need to be 100% correct
• Writing boring posts is bad
• You need to explain every concept
• Page views matter
• More material is always better

0

Worth Reading: Some Blogging Myths

Julia Evans published another phenomenal blog post, this time focused on blogging myths including:

• You need to be original
• You need to be an expert
• Posts need to be 100% correct
• Writing boring posts is bad
• You need to explain every concept
• Page views matter
• More material is always better

0

Controversial Reads 061723

Artificial intelligence (or, at least, the Chat GPT program) makes stuff up, out of what seems to be a spirit of fun, or perhaps a desire to please.

The ad-tech industry is incredibly profitable, raking in hundreds of billions of dollars every year by spying on us.

This memo contains the thoughts and recountings of events that transpired during and after the release of information about the NSA by Edward Snowden.

If manuscripts were as imperishable as Woland famously maintained, we should have at our disposal more than a hundred tragedies written by Sophocles, instead of the mere seven that have survived the centuries.

According to a recent piece in the futurist publication Neoscope, a growing number of companies in Silicon Valley are “turning towards ketamine as a vibe cure.”

Their thesis is that breach lawyers have lost perspective in their no-holds-barred pursuit of attorney-client privilege to protect the confidentiality of forensic reports that diagnose the breach.

In today’s world, it has become axiomatic that drastic change can occur overnight. One of those cherished concepts at risk is the idea of “One World – One Internet.”

For some people, the term “black box” brings to mind the recording Continue reading

0

Worth Reading: A Primer on Communication Fundamentals

Dip Singh published an excellent primer on communication fundamentals including:

• Waves: frequency, amplitude, wavelength, phase
• Composite signals, frequency domain and Fourier transform
• Bandwidth, fundamental and harmonic frequency
• Decibels in a nutshell
• Transmission impairments: attenuation, distortion, noise
• Principles of modern communications: Nyquist theorem, Shannon’s law, bit and baud rate
• Line encoding techniques, quadrature methods (including QPSK and QAM)

Even if you don’t care about layer-1 technologies you MUST read it to get at least a basic appreciation of why stuff you’re using to read this blog post works.

0

Worth Reading: A Primer on Communication Fundamentals

Dip Singh published an excellent primer on communication fundamentals including:

• Waves: frequency, amplitude, wavelength, phase
• Composite signals, frequency domain and Fourier transform
• Bandwidth, fundamental and harmonic frequency
• Decibels in a nutshell
• Transmission impairments: attenuation, distortion, noise
• Principles of modern communications: Nyquist theorem, Shannon’s law, bit and baud rate
• Line encoding techniques, quadrature methods (including QPSK and QAM)

Even if you don’t care about layer-1 technologies you MUST read it to get at least a basic appreciation of why stuff you’re using to read this blog post works.

0

Observations on Seven Years of Maintaining Open Source

June 27th marks the seventh anniversary of NetBox, a one-time hobby project which quickly took off and today largely consumes my life. What began as a proof-of-concept solution for the network engineering team at DigitalOcean is now perhaps the most widely deployed network source of truth in the world.

This feels like an opportune time to reflect on some lessons I've learned along the way, with the hope of offering mixed encouragement and caution to those considering a similar path. And as I've felt the urge to pick up blogging again, this post will also serve to share what I've been up to recently.

Most articles about open source in general are boring. Reading about licenses and software governance feels like a punishment. Keenly aware of this fact, I'll do my best to navigate around the theory and stick with observations that are of practical use to the aspiring open source maintainer.

Continue reading · No comments

0

Heavy Networking 686: Juniper Cloud-Native Contrail Networking CN2 (Sponsored)

Today we’re going deep on software-defined networking for containers and OpenStack with sponsor Juniper Networks. Juniper has revamped its approach to secure networking for telcos and telco cloud-delivered services with Juniper’s Cloud-Native Contrail Networking or CN2 software. CN2 lets you automate the creation of network connections for containers and for virtual machines while also providing routing, security, segmentation and isolation of workloads. Our guest and guide into the guts of Cloud-Native Contrail Networking, hereafter referred to as CN2, is Nick Davey. Nick is Director of Product Management for SDN and Telco Cloud technologies.

The post Heavy Networking 686: Juniper Cloud-Native Contrail Networking CN2 (Sponsored) appeared first on Packet Pushers.

0

Heavy Networking 686: Juniper Cloud-Native Contrail Networking CN2 (Sponsored)

Today we’re going deep on software-defined networking for containers and OpenStack with sponsor Juniper Networks. Juniper has revamped its approach to secure networking for telcos and telco cloud-delivered services with Juniper’s Cloud-Native Contrail Networking or CN2 software. CN2 lets you automate the creation of network connections for containers and for virtual machines while also providing routing, security, segmentation and isolation of workloads. Our guest and guide into the guts of Cloud-Native Contrail Networking, hereafter referred to as CN2, is Nick Davey. Nick is Director of Product Management for SDN and Telco Cloud technologies.

0

Weekend Reads 061623

First, there have been advances in capabilities for post-quantum computing. Second, the National Institute of Standards and Technology (NIST) will complete final rounds for selection of these new cryptographic algorithms in 2024.

Organizations get bombarded with countless attacks from every direction, including via their supply chain. FortifyData’s recent record of the top third-party data breaches in 2023 brings to light how multidirectional threat sources can be.

A report from Verizon Business’s 16th annual Data Breach Investigations Report (DBIR) reveals a startling surge in the frequency and cost of cyberattacks.

Plans are underway in Singapore to double the number of submarine cable landing facilities within the next ten years, according to the city-state’s digital connectivity blueprint, released on Monday.

I have tried to understand how I could use ChatGPT for programming and, unlike Welsh, found almost nothing. If the idea is to write some sort of program from scratch, well, then yes.

A technological singularity is a hypothetical time in the future where our expectations regarding technology break apart.

If you thought that backside power was something to do with eating too many cruciferous vegetables, think again: Intel is implementing this in future chips as a way of separating the power Continue reading

0

Hedge 182: The Decentralized Internet Infrastructure Research Group

The Internet has become very centralized in the last five to ten years, causing a lot of concern among among many in the Internet community. While we cannot turn back the clock, we can try to chart a path forward to reduce the tendency towards centralization. Join Dirk Dirk Kutscher, Lixia Zhang, Alvaro Retana, Tom Ammon, and Russ White on this episode of the Hedge as we discuss the work the Distributed Internet Research Group (DINRG) is doing to create a more decentralized Internet.

download