netlab Release 1.5.3: libvirt Public Networks
containerlab release 0.41.0 that came out a few days ago changed a few topology attributes with no backward compatibility, breaking netlab for anyone doing a new installation. The only way out of that conundrum was to push out a new netlab release that uses the new attributes and requires containerlab release 0.41.0 (more about that in a minute).
On a more positive note, netlab release 1.5.3 brings a few interesting features, including:
- Support for public libvirt networks that can be used to connect your labs to the outside world, and reuse of existing libvirt networks
- ‘unknown’ device type that can be used to deploy devices not yet supported by netlab
- MPLS/VPN support on Nokia SR-OS
netlab Release 1.5.3: libvirt Public Networks
containerlab release 0.41.0 that came out a few days ago changed a few topology attributes with no backward compatibility, breaking netlab for anyone doing a new installation. The only way out of that conundrum was to push out a new netlab release that uses the new attributes and requires containerlab release 0.41.0 (more about that in a minute).
On a more positive note, netlab release 1.5.3 brings a few interesting features, including:
- Support for public libvirt networks that can be used to connect your labs to the outside world, and reuse of existing libvirt networks
- ‘unknown’ device type that can be used to deploy devices not yet supported by netlab
- MPLS/VPN support on Nokia SR-OS
Cloud Notes: AWS Route 53
https://codingpackets.com/blog/cloud-notes-aws-route-53
Batteries included: how AI will transform the who and how of programming
The 1947 paper titled “Preparation of Problems for EDVAC-Type Machines” talks about the idea and usefulness of a “subroutine”. At the time there were only a tiny number of computers worldwide and subroutines were a novel idea, and it was clear that these subroutines were going to make programmers more productive: “Many operations which are thus excluded from the built-in set are still of sufficiently frequent occurrence to make undesirable the repetition of their coding in detail.”
Looking back it seems amazing that subroutines had to be invented, but at the time programmers wrote literally everything they needed to complete a task. That made programming slow, error-prone and restricted who could be a programmer to a relatively small group of people.
Luckily, things changed.
You can look at the history of computer programming as improvements in programmer productivity and widening the scope of who is a programmer. Think of syntax highlighting, high-level languages, IDEs, libraries and frameworks, APIs, Visual Basic, code completion, refactoring tools, spreadsheets, and so on.
And here we are with things changing again.
The new programmers
The recent arrival of LLMs capable of assisting programmers in writing, debugging and modifying code is yet Continue reading
Welcome to Developer Week 2023
This post is also available in French, Spanish, German, Japanese, Chinese.
It is an incredibly exciting time to be a developer.
The frameworks, libraries and developer tools we depend on keep leveling up in ways that allow us to build more efficiently. On top of that, we’re using AI-powered tools like ChatGPT and GitHub Copilot to ship code quicker than many of us ever could have imagined. This all means we’re spending less time on boilerplate code and setup, and more time writing the code that makes our applications unique.
It’s not only a time when we’re equipped with the tools to be successful in new ways, but we're also finding inspiration in what’s happening around us. It feels like every day there’s an advancement with AI that changes the boundaries of what we can build. Across meetups, conferences, chat rooms, and every other place we gather as developers, we’re pushing each other to expand our ideas of what is possible.
With so much excitement permeating through the global developer community, we couldn’t imagine a better time to be kicking off Developer Week here at Cloudflare.
A focus on developer experience
A big part of any Continue reading
Worth Reading: Official Ansible Collection for SR Linux
Roman Dodin wrote an article describing Nokia’s Ansible collection for SR Linux. Although I don’t use SR Linux (even though it was the first container supported by netlab ;), it was still very interesting to read about the design tradeoffs they had to make:
Worth Reading: Official Ansible Collection for SR Linux
Roman Dodin wrote an article describing Nokia’s Ansible collection for SR Linux. Although I don’t use SR Linux (even though it was the first container supported by netlab ;), it was still very interesting to read about the design tradeoffs they had to make:
Service Insertion with BGP FlowSpec
Nicola Modena had an interesting presentation describing how you can use BGP FlowSpec for traffic steering and service insertion during the recent ITNOG 7 event (more about the event in a few days).
One of the slides explained how to use three different aspects of BGP (FlowSpec, MPLS/VPN and multipathing), prompting me to claim the presentation title should be “BGP is the answer, what was the question?” 😉 Hope you’ll enjoy the PDF version of the presentation as much as we did the live one.
Service Insertion with BGP FlowSpec
Nicola Modena had an interesting presentation describing how you can use BGP FlowSpec for traffic steering and service insertion during the recent ITNOG 7 event (more about the event in a few days).
One of the slides explained how to use three different aspects of BGP (FlowSpec, MPLS/VPN and multipathing), prompting me to claim the presentation title should be “BGP is the answer, what was the question?” 😉 Hope you’ll enjoy the PDF version of the presentation as much as we did the live one.
ZModem over amateur radio
While I have built a file transfer protocol for AX.25, I also wanted to try old BBS era protocols. They’re more tested and standardized.
The easiest way is probably to take lrzsz and let it talk
over AX.25 connected sockets. Ideally socat should be enough, but it
seems that it does not support AX.25.
That’s actually fine, because ideally I want to run on my authenticated wrapped AX.25 (while encryption, obscuring the meaning, is banned, signatures are not).
So I had to make an adapter that bridges stdin/stdout to AX.25. Simple enough.
The setup is two Kenwood TH-D74s, set up the same way as before, in 9600bps.
D74 -> rfcomm -> kissattach -> axpipe -> socat -> lrzsz
The D74 is a great radio. It has the best text entry, menu system, and APRS support of any handheld radio I’ve seen, and it also has a built-in TNC (“modem”) that works both in 1200bps and 9600bps.
First, just for fun, let’s try YModem.
YModem
socat EXEC:'sz --ymodem axpipe.cc' EXEC:'./axpipe -r radio1 -l 0'
socat EXEC:'rz --ymodem -t 100' EXEC:'./axpipe -r radio6 -s M6VMB-12 -c M0THC-1'
On ARM and RISC-V I Continue reading
Cloudflare’s view of Internet disruptions in Pakistan
On Tuesday, May 9, Imran Khan, former Prime Minister of Pakistan was arrested on corruption charges. Following the arrest, violent protests erupted in several cities, leading the government of Pakistan to order the shutdown of mobile Internet services, as well as the blocking of several social media platforms. Below, we examine the impact of these shutdowns at a national and local level, as seen through Cloudflare traffic data. In addition, we illustrate how Pakistanis appear to be turning to Cloudflare’s 1.1.1.1 resolver in an attempt to maintain access to the open Internet.
General traffic trends
Since Tuesday, May 9, peak traffic levels aggregated at a country level (as measured by HTTP request volume) have been declining, down nearly 30% during the first several days of the mobile Internet shutdowns. The lowest traffic levels (nadirs of the graph) have also declined, dropping by as much as one-third as well. In the sections below, we drill down into this traffic loss, looking at outages at a network level, and the impact of those outages at an administrative unit and city level.
The mobile network shutdowns have also impacted the profile of traffic that Cloudflare sees from Pakistan. In Continue reading
Heavy Networking 679: Mountaintop Networking And Long-Haul Wireless
Today's Heavy Networking explores the challenges Wireless ISPs (WISPs) face when bringing services to locations without a lot of fiber in the ground. Those challenges include lining up radio antennas, maintaining mountaintop gear, wild horses, network and routing designs, and more. Our guest is Bradley Thompson, Senior Network Engineer at SkyFiber Internet.
The post Heavy Networking 679: Mountaintop Networking And Long-Haul Wireless appeared first on Packet Pushers.
Heavy Networking 679: Mountaintop Networking And Long-Haul Wireless
Today's Heavy Networking explores the challenges Wireless ISPs (WISPs) face when bringing services to locations without a lot of fiber in the ground. Those challenges include lining up radio antennas, maintaining mountaintop gear, wild horses, network and routing designs, and more. Our guest is Bradley Thompson, Senior Network Engineer at SkyFiber Internet.How to integrate Calico Image Scanner with Argo CI/CD
In today’s fast-paced software development environment, developers often use common public libraries and modules to quickly build applications. However, this presents a significant challenge for DevOps teams who must ensure that these applications are safe to use. As organizations move towards dynamic models of software development that rely on Continuous Integration and Continuous Deployment, the responsibility for deploying secure applications has shifted from traditional security teams to development teams.
To address this challenge, I will provide general guidelines on how to integrate the Calico Image Scanning feature into a CI/CD pipeline, using Argo. This will help ensure that images are built safely and free from Common Vulnerabilities and Exposures (CVEs). In this blog post, we will use a Kubernetes validating webhook configuration to attach a Calico Cloud admission controller that can accept or reject certain actions on resources, such as the creation of pods. This will prevent the deployment of images that contain known CVEs, thus strengthening the overall security of your software development process.
Overall Architecture
The building blocks to use Argo as an example of this integration are below:
Relevant Calico configuration
Before even committing changes to our application, we must setup the Calico Admission Controller within our Continue reading
Aruba Isn’t A Wireless Company (Any More)
Remember when Aruba was a wireless company? I know it sounds like something that happened 40 years ago but the idea that Aruba only really made wireless access points and some campus switches to support them isn’t as old as you think. The company, now known as HPE Aruba Networking (née Aruba, a Hewlett Packard Enterprise Company), makes more than just Wi-Fi gear. Yet the perception of the industry is that they’re still a wireless company looking to compete with the largest parts of the market.
Branching Out of Office
This year’s Aruba Atmopshere showed me that Aruba is trying to do more than just campus wireless. The industry has shifted away from just providing edge connectivity and is now focused on a holistic lineup of products that are user-focused. You don’t need to go much further than the technical keynote on the second day of the conference to see that. Or the Networking Field Day Experience videos linked above.
Do you know what Aruba wanted to showcase?
- Campus Switches
- Data Center Switches
- Private 5G/LTE
- SASE/SSE
- IoT
- Cloud-Enabled Management
You know what wasn’t on that list? Access points. For a “wireless” company that’s a pretty glaring omission, right? I think Continue reading
How to Put Your ‘Carbonivore’ Data Center on a Diet
By taking a strategic approach to their monitoring tools and tech stack, data centers can both help their bottom line and reduce their carbon footprint.Magic in minutes: how to build a ChatGPT plugin with Cloudflare Workers
Today, we're open-sourcing our ChatGPT Plugin Quickstart repository for Cloudflare Workers, designed to help you build awesome and versatile plugins for ChatGPT with ease. If you don’t already know, ChatGPT is a conversational AI model from OpenAI which has an uncanny ability to take chat input and generate human-like text responses.
With the recent addition of ChatGPT plugins, developers can create custom extensions and integrations to make ChatGPT even more powerful. Developers can now provide custom flows for ChatGPT to integrate into its conversational workflow – for instance, the ability to look up products when asking questions about shopping, or retrieving information from an API in order to have up-to-date data when working through a problem.
That's why we're super excited to contribute to the growth of ChatGPT plugins with our new Quickstart template. Our goal is to make it possible to build and deploy a new ChatGPT plugin to production in minutes, so developers can focus on creating incredible conversational experiences tailored to their specific needs.
How it works
Our Quickstart is designed to work seamlessly with Cloudflare Workers. Under the hood, it uses our command-line tool wrangler to create a new project and deploy it to Workers.
How Pingora keeps count
A while ago we shared how we replaced NGINX with our in-house proxy, Pingora. We promised to share more technical details as well as our open sourcing plan. This blog post will be the first of a series that shares both the code libraries that power Pingora and the ideas behind them.
Today, we take a look at one of Pingora’s libraries: pingora-limits.
pingora-limits provides the functionality to count inflight events and estimate the rate of events over time. These functions are commonly used to protect infrastructure and services from being overwhelmed by certain types of malicious or misbehaving requests.
For example, when an origin server becomes slow or unresponsive, requests will accumulate on our servers, which adds pressure on both our servers and our customers’ servers. With this library, we are able to identify which origins have issues, so that action can be taken without affecting other traffic.
The problem can be abstracted in a very simple way. The input is a (never ending) stream of different types of events. At any point, the system should be able to tell the number of appearances (or the rate) of a certain type of event.
In a simple example, colors are Continue reading
Hedge 178: Defined Trust Transport with Kathleen Nichols
The Internet of Things is still “out there”—operators and individuals are deploying millions of Internet connected devices every year. IoT, however, poses some serious security challenges. Devices can be taken over as botnets for DDoS attacks, attackers can take over appliances, etc. While previous security attempts have all focused on increasing password security and keeping things updated, Kathleen Nichols is working on a new solution—defined trust transport in limited domains.
Join us on for this episode of the Hedge with Kathleen to talk about the problems of trusted transport, the work she’s putting in to finding solutions, and potential use cases beyond IoT.
You can find Kathleen at Pollere, LLC, and her slides on DeftT here.