Continuity is Not Recovery
It was a long weekend for me but it wasn’t quite as long as it could have been. The school district my son attends is in the middle of a ransomware attack. I got an email from them on Friday afternoon telling us to make sure that any district-owned assets are powered off until further notice to keep our home networks from being compromised. That’s pretty sound advice so we did it immediately.
I know that the folks working on the problem spent the whole weekend trying to clean it up and make sure there isn’t any chance of getting reinfected. However, I also wondered how that would impact school this week. The growing amount of coursework that happens online or is delivered via computer is large enough that going from that to a full stop of no devices is probably jarring. That got me to thinking once more about the difference between continuity and recovery
Keeping The Lights On
We talk about disaster recovery a lot. Backups of any kind are designed to get back what was lost. Whether it’s a natural disaster or a security incident you want to be able to recover things back to the way Continue reading
Understanding the Power Benefits of Data Processing Units
The use of hardware acceleration in a DPU to offload processing-intensive tasks can greatly reduce power use, resulting in more efficient data center.Tier 1 Carriers Performance Report: October, 2022
The post Tier 1 Carriers Performance Report: October, 2022 appeared first on Noction.
netlab Release 1.4.0: EVPN Asymmetric IRB, Anycast Gateways, VRRP
The big three features of the netlab release 1.4.0 are:
- EVPN asymmetric IRB on Arista EOS, Cumulus Linux, Dell OS10, Nokia SR Linux, Nokia SR OS and VyOS
- Anycast gateway on Arista EOS, Cumulus Linux, Nokia SR OS and Nokia SR Linux
- VRRP on Arista EOS, Cisco IOSv/CSR, Cisco Nexus OS, Cumulus Linux and Nokia SR OS
We also added tons of new functionality, including:
Integer handling is broken
Floating point can be tricky. You can’t really check for equality, and
with IEEE 754 you have a bunch of fun things like values of not a
number, infinities, and positive and negative zero.
But integers are simple, right? Nope.
I’ll use “integers” to refer to all integer types. E.g. C’s int,
unsigned int, gid_t, size_t, ssize_t, unsigned long long, and Java’s
int, Integer, etc…
Let’s list some problems:
- You can’t parse unsigned integers in C/C++ with standard functions.
- Casting between types silently discards information (C, Java, Go, Rust, Haskell).
- Casting between some other types changes the semantic meaning of the number, even when technically no information is lost.
- The state of integers in Javascript is its own mess.
What’s wrong with casting?
Casting an integer from one type to another changes three things:
- The type in the language’s type system.
- Crops values that don’t fit.
- May change the semantic value, by changing sign.
The first is obvious, and is even safe for the language to do implicitly. Why even bother telling the human that a conversion was done?
But think about the other two for a minute. Is there any reason that you want your Continue reading
Hedge November Update
November update on upcoming shows and training. My upcoming training on Safari Books Online is here.
Must Read: Routing Will Never Be a Solved Problem
Mark Seery wrote a fantastic must-read article explaining why routing will never be a solved problem.
You might want to enjoy it as a relaxing antidote after a painful exposure to SD-WAN (or SD-something-else) brainwashing.
Transit Gateway — a one-stop shop!
< MEDIUM: https://towardsaws.com/transit-gateway-a-one-stop-shop-e520d2f0afe3 >
I like Transit Gateway on so many levels, truly an NG service integrating many different points of ingress in a way with VPCs
Few important points to start with
- AWS Transit Gateway is a service that enables customers to connect their Amazon Virtual Private Clouds (VPCs) and on-premises networks to a single gateway.
- Transit Gateway is a hub that controls traffic routed among all the connected networks.
- Transit Gateway supports both IPv4 and IPv6 traffic.
- Transit Gateway is highly scalable and can support thousands of VPCs and on-premises networks.
- Transit Gateway uses route tables to determine how traffic is routed.
- Transit Gateway supports VPC peering and VPN connections.
- Transit Gateway can be used with AWS Direct Connect to create a private connection between an on-premises network and a VPN
Scenario 1 — Connect your VPCs
Interconnecting VPCs’s typically done through VPC-Peering, now while that is still valid you can easily interconnect VPCs through the transit gateway attachments feature, while VPC peering does only well VPC, transit gateway can connect VPCs, DX-Gateways and you can terminate IPSEC-VPN’s directly onto the transit gateway.
- Routing tables are not auto-propagated, meaning you have to add static routes individually in Continue reading
Palo traffic flows and sessions
Information on how applications are identified by App-ID and following sessions and traffic flows through the firewall using the CLI.
An Introduction To Data Center Network Automation: An Onion-Based Architecture
Gone are the days when the data centers had a relatively simple network with VLANs, core switches, and a few firewalls. The network rarely changed. When a change was needed, someone who knew the network like the back of their hand had to configure those changes device per device, config line per config line. Nowadays […]
The post An Introduction To Data Center Network Automation: An Onion-Based Architecture appeared first on Packet Pushers.
Heavy Networking 654: What’s Up With DPUs?
Today on Heavy Networking we have a round-table discussion about Data Processing Units (DPUs). These devices let you bring networking, security, and storage capabilities closer to server workloads without burdening server CPUs. Guests Pete Lumbis and Aaron Glenn help us dissect DPUs, identify use cases, discuss adoption and operational challenges, and more.
The post Heavy Networking 654: What’s Up With DPUs? appeared first on Packet Pushers.