0

VyOS dropped packet notifications

VyOS with Host sFlow agent describes how to configure and analyze industry standard sFlow telemetry recently added to the VyOS open source router platform. This article discusses sFlow dropped packet notifications support added to the latest release.

Dropped packets have a profound impact on network performance and availability. Packet discards due to congestion can significantly impact application performance. Dropped packets due to black hole routes, expired TTLs, MTU mismatches, etc. can result in insidious connection failures that are time consuming and difficult to diagnose. Visibility into dropped packets offers significant benefits for network troubleshooting, providing real-time network-wide visibility into the specific packets that were dropped as well the reason the packet was dropped. This visibility instantly reveals the root cause of drops and the impacted connections.

vyos@vyos:~$ show version
Version:          VyOS 1.4-rolling-202303260914
Release train:    current

Built by:         [email protected]
Built on:         Sun 26 Mar 2023 09:14 UTC
Build UUID:       72b34f74-bfcd-4b51-9b95-544319c2dac5
Build commit ID:  d68bda6a295ba9

Architecture:     x86_64
Boot via:         installed image
System type:       guest

Hardware vendor:  innotek GmbH
Hardware model:   VirtualBox
Hardware S/N:     0
Hardware UUID:    df0a2b79-b8c4-8342-a27f-76aa3e52ad6d

Copyright:        VyOS maintainers and contributors

Verify that the version of of VyOS is VyOS 1.4-rolling-202303260914 or later.

On VyOS dropped packet monitoring Continue reading

0

Introducing our first Authorized Service Delivery Partners for Cloudflare One

Cloudflare's commitment to building the most compelling and easy-to-use SASE platform on the market has led to significant growth over the past year. Cloudflare One services have seen the fastest adoption among our customers, with a 3x increase in partner bookings and a 70% YoY increase in transacting partners. Partners consistently cite the simplicity of our platform, our innovation, and our global network as key differentiators that are driving strong customer demand.

To continue building on this momentum and deliver required services that our customers may require, we previously announced the creation of our new specialization track for Authorized Services Delivery Partners (ASDP) as part of our efforts to continue growing our partnership program.

Cloudflare's Authorized Services Delivery Partner track is designed to authorize partners that meet our high standards for professional services delivery around Cloudflare One. Partners who undergo the rigorous technical validation process and meet the criteria for security, performance, and reliability of their services delivery capabilities are designated as Cloudflare Authorized Service Delivery Partners. This designation provides a variety of benefits, including access to Cloudflare One sourced opportunities requiring services, access to named Cloudflare One Service Delivery Managers, and access to special partner incentive funds designed to Continue reading

0

Home Automation — Finally Roller Curtains and Nightmares

< MEDIUM: https://raaki-88.medium.com/home-automation-finally-roller-curtains-and-nightmares-b8ef1fc473d9 >

Am a fan and enthusiast of home automation, tried various things in the past and now settled with few things which I would like to share.

1. Light Automation is the first and most popular thing to do — Initially I started wiring with PIR sensor available in Amazon, later upgraded the entire light system to Philips Hue and along with Philips Motion sensor, so far so good. Its expensive than my initial solution but had to choose that because of wired vs wireless situation in home
2. Smart-plugs are another common set of devices — while I have both combinations of commercially available one and also I personally flashed few of Sonoff smart switches with Tasmota firmware

. . .

Lets get to the Curtain Rollers — So for these here is the catch, I have a remote for these and thats about it, nothing more nothing less, My ideas were mostly around having network connectivity and manipulating them.

• First and foremost thought that these are blue-tooth based and am wrong

• I went to DFROBOT and bought IR-Transmitter and IR-Receiver, nope they dint work

• I went Amazon and bought some other IR-transmitter and Receiver — Again, wasted a Continue reading

0

Enabling Nested-Virtualisation on Google cloud platform Instance

< MEDIUM: https://raaki-88.medium.com/enabling-nested-virtualisation-on-google-cloud-platform-instance-7f80f3120834 >

Important Excerpt from the below page.

https://cloud.google.com/compute/docs/instances/nested-virtualization/overview

You must run Linux-based OSes that can run QEMU; you can’t use Windows Server images.

You can’t use E2, N2D, or N1 with attached GPUs, and A2 machine types.

You must use Intel Haswell or later processors; AMD processors are not supported. If the default processor for a zone is Sandy Bridge or Ivy Bridge, change the minimum CPU selection for the VMs in that zone to Intel Haswell or later. For information about the processors supported in each zone, see Available regions and zones.

Though there are many use cases, I will speak from a networking standpoint. Let us say you need to do some sort of lab based on popular vMX Juniper or Cisco or any other vendor, if you have a bare metal instance, you have the ability to access the virtualised CPU cores and allocate them to the Qemu which will be the underlying emulator.

Issue

Almost by default most of the cloud providers will disable access to VT-x because of various reasons and some instances are not capable of supporting this by default. So either choose a custom instance with Continue reading

0

Backup: Don’t forget cell phones used for work

Some organizations’ important data may be going unprotected if an application on someone’s mobile device creates it and then it sits there without being backed up. If the device is lost or stolen, the data is gone.You might think it’s easy to solve this problem by installing a backup app on the phone and using it. Unfortunately, it’s not that simple.The security models of Android and iOS devices allow each application to see only the data created by that application; therefore, you cannot install a backup application and have it back up data of other applications. The only way around this is to root the phone, but that’s a problem if the employee is using their personal phone for work. Most people are uncomfortable rooting their phone, especially just to satisfy their boss’s backup needs.To read this article in full, please click here

0

Predictive network technology promises to find and fix problems faster.

With the assistance of artificial intelligence (AI) and machine learning (ML), predictive network technology alerts administrators to possible network issues as early as possible and offers potential solutions.The AI and ML algorithms used in predictive network technology have become critical, says Bob Hersch, a principal with Deloitte Consulting and US lead for platforms and infrastructure. "Predictive network technology leverages artificial neural networks and utilizes models to analyze data, learn patterns, and make predictions," he says. "AI and ML significantly enhance observability, application visibility, and the ability to respond to network and other issues."To read this article in full, please click here

0

DHCP Relaying in VXLAN Segments

After I got the testing infrastructure in place (simple DHCP relay, VRF-aware DHCP relay), I was ready for the real fun: DHCP relaying in VXLAN (and later EVPN) segments.

TL&DR: It works exactly as expected. Even though I had anycast gateway configured on the VLAN, the Arista vEOS switches used their unicast IP addresses in the DHCP relaying process. The DHCP server had absolutely no problem dealing with multiple copies of the same DHCP broadcast relayed by different switches attached to the same VLAN. One could only wish things were always as easy in the networking land.

0

DHCP Relaying in VXLAN Segments

After I got the testing infrastructure in place (simple DHCP relay, VRF-aware DHCP relay), I was ready for the real fun: DHCP relaying in VXLAN (and later EVPN) segments.

TL&DR: It works exactly as expected. Even though I had anycast gateway configured on the VLAN, the Arista vEOS switches used their unicast IP addresses in the DHCP relaying process. The DHCP server had absolutely no problem dealing with multiple copies of the same DHCP broadcast relayed by different switches attached to the same VLAN. One could only wish things were always as easy in the networking land.

0

Cloud Notes: AWS ELB

https://codingpackets.com/blog/cloud-notes-aws-elb

0

Worth Reading: Off-Path Firewall with Traffic Engineering

I have blog post ideas sitting in my to-write queue for over a decade. One of them is why would you need a VRF (and associated router) between virtual servers and a firewall?

Andrea Dainese answered at least part of that question in his Off-Path firewall with Traffic Engineering blog post. Enjoy!

0

Worth Reading: Off-Path Firewall with Traffic Engineering

I have blog post ideas sitting in my to-write queue for over a decade. One of them is why would you need a VRF (and associated router) between virtual servers and a firewall?

Andrea Dainese answered at least part of that question in his Off-Path firewall with Traffic Engineering blog post. Enjoy!

0

Streamlining Security with Multi-Cloud Networking

Enterprises need multi-cloud networking and security for all layers of the stack: infrastructure, apps and app delivery, and data.

0

This Week in Computing: Malware Gone Wild

Malware is sneaky AF. It tries to hide itself and cover up its actions. It detects when it is being studied in a virtual sandbox, and so it sits still to evade detection. But when it senses a less secure environment — such as an unpatched Windows 7 box — it goes wild, as if Tudor Dumitras, in a recently posted talk from red pills, which helps malware detect when it is in a controlled environment, and change its behavior accordingly. As a result, many of the signatures used for commercial malware detection packages may not Continue reading

0

Worth Reading: The Dangers of Knowing Everything

Another interesting take on ChatGPT in networking, this time by Tom Hollingsworth in The Dangers of Knowing Everything:

In a way, ChatGPT is like a salesperson. No matter what you ask it the answer is always yes, even if it has to make something up to answer the question.

To paraphrase an old joke: It’s not that ChatGPT is lying. It’s just that what it knows isn’t necessarily true. See also: the difference between bullshit and lies.

0

Worth Reading: The Dangers of Knowing Everything

Another interesting take on ChatGPT in networking, this time by Tom Hollingsworth in The Dangers of Knowing Everything:

In a way, ChatGPT is like a salesperson. No matter what you ask it the answer is always yes, even if it has to make something up to answer the question.

To paraphrase an old joke: It’s not that ChatGPT is lying. It’s just that what it knows isn’t necessarily true. See also: the difference between bullshit and lies.

0

Briefings In Brief 103: Arista Enters The SD-WAN Arena

Arista Networks has announced two hardware WAN routers, the 5510 and the 5310, which are targeted at branch, edge, and remote sites. The routers run EOS with a full routing stack. The new hardware can run as standard routers, or be used for SD-WAN with all the features you’d expect, including support for multiple links and app identification. Ethan Banks and Drew Conry-Murray share what they learned in a briefing with the company and debate the strategy behind Arista's entry into the SD-WAN market.

The post Briefings In Brief 103: Arista Enters The SD-WAN Arena appeared first on Packet Pushers.

0

Briefings In Brief 103: Arista Enters The SD-WAN Arena

Arista Networks has announced two hardware WAN routers, the 5510 and the 5310, which are targeted at branch, edge, and remote sites. The routers run EOS with a full routing stack. The new hardware can run as standard routers, or be used for SD-WAN with all the features you’d expect, including support for multiple links and app identification. Ethan Banks and Drew Conry-Murray share what they learned in a briefing with the company and debate the strategy behind Arista's entry into the SD-WAN market.

0

Zero-trust Networks: Implementation is No Walk in the Park

Zero-trust network implementations can require an entire redefinition of your network architecture, the introduction of new technologies, and the training of both users and IT. Here’s what you need to know when you make your move to zero-trust.

0

Heavy Networking 671: Is ChatGPT Coming For Your Job?

On today's Heavy Networking we sub in a podcast from our Heavy Strategy channel. Greg Ferro from the Packet Pushers and Johna Till Johnson, CEO of Nemertes Research, discuss the impacts of ChatGPT and AI on the technology workspace, including whether human workers can partner with these tools to increase productivity and improve technology experiences. They don't have answers, but they do have unanswered questions.

The post Heavy Networking 671: Is ChatGPT Coming For Your Job? appeared first on Packet Pushers.

0

Heavy Networking 671: Is ChatGPT Coming For Your Job?

On today's Heavy Networking we sub in a podcast from our Heavy Strategy channel. Greg Ferro from the Packet Pushers and Johna Till Johnson, CEO of Nemertes Research, discuss the impacts of ChatGPT and AI on the technology workspace, including whether human workers can partner with these tools to increase productivity and improve technology experiences. They don't have answers, but they do have unanswered questions.