Archive

Category Archives for "Networking"

Partial kernel bypass merged into netmap master

In a previous post we described our work on a new netmap mode called single-rx-queue.

After submitting the pull request, the netmap maintainers told us that the patch was interesting, but they would prefer something more configurable instead of a tailored custom mode.

After an exchange of ideas and some more work, our patch just got merged to mainline netmap.

Meet the new netmap

Before our patch netmap used to be an all-or-nothing deal. That is: there was no way to put a network adapter partially in netmap mode. All of the queues would have to be detached from the host network stack. Even a netmap mode called “single ring pair” didn't help.

Our final patch is extended and more generic, while still supporting the simple functionality of our original single-rx-queue mode.

First we modified netmap to leave queues that are not explicitly requested to be in netmap mode attached to the host stack. In this way, if a user requests a pair of rings (for example using nm_open(“netmap:eth0-4”)) it will actually get a reference to both the number 4 RX and TX rings, while keeping the other rings attached to the kernel stack.

But since the NIC is Continue reading

Open source unleashes blockchain’s enterprise potential

Blockchain technology makes cryptocurrency like bitcoin possible, but it has a lot of potential beyond tracking currency transactions. The Linux Foundation wants to tap into that potential and is spearheading a collaborative effort to develop an enterprise-grade open source distributed ledger called Hyperledger.At its core, blockchain is a record-keeping system running across a global network of independent computers. The distributed ledger, which records and verifies transactions, is write-only -- that is, transactions cannot be tampered with or modified after the fact, so virtually anything of value can be tracked and traded using this system.To read this article in full or to leave a comment, please click here

Experience matters

The end of the year always brings about thoughts of what changes should occur in the coming year. If a change of job is in your thoughts, security executives say they look  at prospective employees’ experience before they even take a step through the door. “Certifications are a good shorthand for acquired knowledge, but experience is critical,” said Geoff Webb, vice president of solution strategy for NetIQ, the security portfolio of Micro Focus.  According to Dice’s latest hiring survey, finding highly-skilled tech talent will be a top hiring priority for companies in 2016. A record 78 percent of hiring managers anticipate more hiring in the first half of 2016 compared to the second half of 2015, Dice notes.To read this article in full or to leave a comment, please click here(Insider Story)

All the Best in 2016!

The number of visits to my web site is slowly going down – you’re giving me a very clear signal that it’s time to stop blogging.

I hope you’ll manage to catch at least a few quiet days with your loved ones and I wish you all the best in 2016!

More in 3 weeks or so ;)

Environmental metrics with Cumulus Linux

Custom metrics with Cumulus Linux describes how to extend the set of metrics exported by the sFlow agent and used the export of BGP metrics as an example. This article demonstrates how environmental metrics (power supplies, temperatures, fan speeds etc.) can be exported.

The smonctl command can be used to dump sensor data as JSON formatted text:
cumulus@cumulus$ smonctl -j
[
    {
        "pwm_path": "/sys/devices/soc.0/ffe03100.i2c/i2c-1/1-004d", 
        "all_ok": "1", 
        "driver_hwmon": [
            "fan1"
        ], 
        "min": 2500, 
        "cpld_path": "/sys/devices/ffe05000.localbus/ffb00000.CPLD", 
        "state": "OK", 
        "prev_state": "OK", 
        "msg": null, 
        "input": 8998, 
        "type": "fan", 
        "pwm1": 121, 
        "description": "Fan1", 
        "max": 29000, 
        "start_time": 1450228330, 
        "var": 15, 
        "pwm1_enable": 0, 
        "prev_msg": null, 
        "log_time": 1450228330, 
        "present": "1", 
        "target": 0, 
        "name": "Fan1", 
        "fault": "0", 
        "pwm_hwmon": [
            "pwm1"
        ], 
        "driver_path": "/sys/devices/soc.0/ffe03100.i2c/i2c-1/1-004d", 
        "div": "4", 
        "cpld_hwmon": [
            "fan1"
        ]
    },
    ...
The following Python script, smon_sflow.py, invokes the command, parses the output, and posts a set of custom sFlow metrics: 
#!/usr/bin/env python
import json
import socket
from subprocess import check_output

res = check_output(["/usr/sbin/smonctl","-j"])
smon = json.loads(res)
fan_maxpc = 0
fan_down = 0
fan_up = 0
psu_down = 0
psu_up = 0
temp_maxpc = 0
temp_up = 0
temp_down = 0
for s in smon:
  type = s["type"]
  if(type ==  Continue reading

IoT startup Afero goes end to end for security

Internet of Things startup Afero says it can secure small and large IoT devices with a Bluetooth radio module and a cloud service.Afero's platform is just the latest approach to building an infrastructure that ties together a variety of connected devices. The company says its system can be applied to both the home and enterprise realms of IoT and encrypts data all the way from devices to the cloud.The Internet of Things is widely expected to blossom into billions of devices for consumers, cities and businesses in the next few years. Along with those connected objects in the field, software, networks and analytics will be critical components of IoT. Bringing all those components together may pose a steep challenge for consumer electronics makers, as well as for enterprises that want to reap benefits in efficiency, savings and profits.To read this article in full or to leave a comment, please click here

Over 650 terabytes of data up for grabs due to publicly exposed MongoDB databases

There are at least 35,000 publicly accessible and insecure MongoDB databases on the Internet, and their number appears to be growing. Combined they expose 684.8 terabytes of data to potential theft.This is the result of a scan performed over the past few days by John Matherly, the creator of the Shodan search engine for Internet-connected devices.Matherly originally sounded the alarm about this issue back in July, when he found nearly 30,000 unauthenticated MongoDB instances. He decided to revisit the issue after a security researcher named Chris Vickery recently found information exposed in such databases that was associated with 25 million user accounts from various apps and services, including 13 million users of the controversial OS X optimization program MacKeeper.To read this article in full or to leave a comment, please click here

Rapid7 disclosed 6 XSS and SQLi flaws in 4 Network Management Systems, 2 unpatched

Rapid7 disclosed six vulnerabilities affecting four Network Management Systems, two of which are not patched. The vendors are Opsview, Spiceworks, Ipswitch, and Castle Rock, with the latter having neither issued a security bulletin nor a fix for two vulnerabilities in its NMS.An “an array of cross-site scripting (XSS) and SQL injection (SQLi)” vulnerabilities found in NMS products were discovered by Rapid7’s Deral Heiland, aka Percent_X, and independent researcher Matthew Kienow, aka HacksForProfit. The flaws were responsibly disclosed to the vendors and CERT.To read this article in full or to leave a comment, please click here

Acts of terrorism could push Congress toward encryption backdoors in 2016

Despite the risks to online commerce, international high-tech sales, security of trade secrets and the fact that it won’t actually make encryption useless to criminals, decryption backdoors to let law enforcement access encrypted communications could become U.S. law in 2016 – and a nightmare to enterprises – especially if terrorists succeed in carrying out major acts of violence.So far the arguments against such a law have prevailed, but that could change if public opinion turns strongly in favor of it, which is more likely in the wake of events that generate fear.+More on Network World: 20 years ago: Hot sci/tech images from 1995 | Read all the stories that predict what is to come in 2016 +To read this article in full or to leave a comment, please click here

Inside AT&T’s grand dynamic network plan

AT&T is pouring billions into its network to make it more dynamic, which is resulting in new capabilities for enterprise customers. Network World Editor in Chief John Dix recently stopped by AT&T headquarters in Dallas to talk to Josh Goodell, VP of Network on Demand, about what the company is learning from early adopters of its Switched Ethernet on Demand service and what comes next. Among other things, Goodell explains how provisioning now takes days vs. weeks, service profiles can be changed in seconds, and how he expects large shops to use APIs to connect their network management systems directly to AT&T controls. Oh, and a slew of virtual functions are on the horizon that will enable you to ditch all those appliances you’ve been accumulating.To read this article in full or to leave a comment, please click here

1 2,689 2,690 2,691 2,692 2,693 3,283