Archive

Category Archives for "Networking"

DHCP Relaying with Redundant DHCP Servers

Previous posts in this series (DHCP relaying principles, inter-VRFs relaying, relaying in VXLAN segments and relaying from EVPN VRF) used a single DHCP server. It’s time to add another layer of complexity: redundant DHCP servers.

Lab Topology

We’ll use a lab topology similar to the VXLAN DHCP relaying lab, add a second DHCP server, and a third switch connecting the two DHCP servers to the rest of the network.

Read more …

DHCP Relaying with Redundant DHCP Servers

Previous posts in this series (DHCP relaying principles, inter-VRFs relaying, relaying in VXLAN segments and relaying from EVPN VRF) used a single DHCP server. It’s time to add another layer of complexity: redundant DHCP servers.

Lab Topology

We’ll use a lab topology similar to the VXLAN DHCP relaying lab, add a second DHCP server, and a third switch connecting the two DHCP servers to the rest of the network.

Read more …

AI and Networking

Bill Gates recently called the development of AI as fundamental of a creation as the microprocessor, the personal computer, the Internet, and the mobile phone. He is most likely right. OpenAI found that around 80% of the U.S. workforce could have at least 10% of their work tasks affected by the introduction of large language models (LLMs). If you are ...

The post AI and Networking appeared first on NetworkStatic | Brent Salisbury's Blog.

Network Observability: Don’t Buy Into the Hype, Follow the Data

The following post is by Jeremy Rossbach, Chief Technical Evangelist at Broadcom. We thank Broadcom for being a sponsor. For today’s teams, it is exceedingly complex and costly to support multiple generations of infrastructure and applications. What’s worse, according to an IDC report on network observability, this is the number one challenge to achieving digital […]

The post Network Observability: Don’t Buy Into the Hype, Follow the Data appeared first on Packet Pushers.

Tech Bytes: Configure Devices, Stream Telemetry With Nokia’s Free, Open-Source gNMIc (Sponsored)

Today on the Tech Bytes podcast we dive into gNMIc with sponsor Nokia. gNMIc is open-source software you can use to configure devices and collect device telemetry. It can output telemetry to InfluxDB, Prometheus, and SNMP traps. Nokia has contributed gNMIc to the OpenConfig project. We talk with gNMIc creator Karim Radhouani, Technology and Architecture Consulting Engineer at Nokia, about why he developed the tool and how customers are using it.

The post Tech Bytes: Configure Devices, Stream Telemetry With Nokia’s Free, Open-Source gNMIc (Sponsored) appeared first on Packet Pushers.

Tech Bytes: Configure Devices, Stream Telemetry With Nokia’s Free, Open-Source gNMIc (Sponsored)

Today on the Tech Bytes podcast we dive into gNMIc with sponsor Nokia. gNMIc is open-source software you can use to configure devices and collect device telemetry. It can output telemetry to InfluxDB, Prometheus, and SNMP traps. Nokia has contributed gNMIc to the OpenConfig project. We talk with gNMIc creator Karim Radhouani, Technology and Architecture Consulting Engineer at Nokia, about why he developed the tool and how customers are using it.

6 industries where private 5G makes sense

OK, I’ve come around on the notion of private 5G.Last year, I blogged about private 5G and explained how you’d know you were a prospect for the technology as an alternative to WiFi or public cellular services. My focus was on the same community of workers that most tech empowerment has focused on, meaning the white-collar or “carpet” types. Since the first of the year, I’ve had a chance to chat with 31 companies who are using or deploying private wireless technology, and I’ve also chatted with some of their integrators and suppliers. None of the enterprises were using private 5G in the hallowed (carpeted) halls of an office. Instead, their targeted jobs were outside in the dirt—sometimes literally—or on some factory or warehouse floor.To read this article in full, please click here

Global hosting providers help keep key Ukraine web sites available

If there’s one big lesson about internet availability, it might be coming from Ukraine, where more than a year of Russian attacks have failed to bring down the network.According to a study by ThousandEyes, which is part of Cisco, the repeated attempts to disrupt access to key Ukrainian web sites have occasionally succeeded, but only for short periods.The most effective defensive strategy proved to be hosting content on global providers’ infrastructure, which demonstrated the most resilience overall, according to ThousandEyes’ “Ukraine Internet Analysis – March 2023”.To read this article in full, please click here

Network Break 425: Microsoft Adds Security Copilot To AI Squadron; Samsung Stung By ChatGPT Leaks

This week's Network Break examines Security Copilot, the latest AI-infused assistant in Microsoft's growing arsenal; discusses optical advancements from Arelion and Infinera that sent 400Gb wavelengths over 1,800 kilometers; examine a news report that claims Tesla workers shared "highly invasive" images recorded by vehicle cameras; plus even more tech news.

The post Network Break 425: Microsoft Adds Security Copilot To AI Squadron; Samsung Stung By ChatGPT Leaks appeared first on Packet Pushers.

Network Break 425: Microsoft Adds Security Copilot To AI Squadron; Samsung Stung By ChatGPT Leaks

This week's Network Break examines Security Copilot, the latest AI-infused assistant in Microsoft's growing arsenal; discusses optical advancements from Arelion and Infinera that sent 400Gb wavelengths over 1,800 kilometers; examine a news report that claims Tesla workers shared "highly invasive" images recorded by vehicle cameras; plus even more tech news.

Kubernetes Security And Networking 6: Kubernetes CVEs – Video

This video looks at various Kubernetes vulnerabilities and their severity scores to help you understand how to evaluate CVEs so you can prioritize remediation. It also shows different options and sources of CVEs. You can subscribe to the Packet Pushers’ YouTube channel for more videos as they are published. It’s a diverse a mix of […]

The post Kubernetes Security And Networking 6: Kubernetes CVEs – Video appeared first on Packet Pushers.

VyOS DDoS mitigation

Real-time flow analytics on VyOS describes how to install real-time analytics based on sFlow and the sFlow-RT analytics engine. This article extends the example to show how to automatically mitigate DDoS attacks using flow analytics combined with BGP Remotely Triggered Black Hole (RTBH) / Flowspec. 
vyos@vyos:~$ add container image sflow/ddos-protect
First, download the sflow/ddos-protect image. 
vyos@vyos:~$ mkdir -m 777 /config/sflow-rt
Create a directory to store persistent container state. 
set container network sflowrt prefix 192.168.1.0/24
Define an internal network to connect to container. Currently VyOS BGP does not allow direct connections to local addresses (e.g. 127.0.0.1), so we need to put controller on its own network so the router can connect and receive DDoS mitigation BGP RTBH / Flowspec controls. 
set container name sflow-rt image sflow/ddos-protect
set container name sflow-rt host-name sflow-rt
set container name sflow-rt arguments '-Dddos_protect.router=192.168.1.1 -Dddos_protect.enable.flowspec=yes'
set container name sflow-rt environment RTMEM value 200M
set container name sflow-rt memory 0
set container name sflow-rt volume store source /config/sflow-rt
set container name sflow-rt volume store destination /sflow-rt/store
set container name sflow-rt network sflowrt address 192.168.1.2

Configure a container to run the image. The Continue reading

Startup Radar: Kumorai Tackles Multi-Cloud Infrastructure Automation

Kumorai is a startup that aims to simplify the deployment and operation of compute, networking, and security infrastructure across public clouds. The company says its SaaS application provides a no-code environment where IT pros can use a visual interface to assemble infrastructure components such as compute, VPCs and vNets, Transit Gateways, and firewalls, and then […]

The post Startup Radar: Kumorai Tackles Multi-Cloud Infrastructure Automation appeared first on Packet Pushers.

VPP – Monitoring

VPP

About this series

Ever since I first saw VPP - the Vector Packet Processor - I have been deeply impressed with its performance and versatility. For those of us who have used Cisco IOS/XR devices, like the classic ASR (aggregation service router), VPP will look and feel quite familiar as many of the approaches are shared between the two.

I’ve been working on the Linux Control Plane [ref], which you can read all about in my series on VPP back in 2021:

DENOG14

  • [Part 1]: Punting traffic through TUN/TAP interfaces into Linux
  • [Part 2]: Mirroring VPP interface configuration into Linux
  • [Part 3]: Automatically creating sub-interfaces in Linux
  • [Part 4]: Synchronize link state, MTU and addresses to Linux
  • [Part 5]: Netlink Listener, synchronizing state from Linux to VPP
  • [Part 6]: Observability with LibreNMS and VPP SNMP Agent
  • [Part 7]: Productionizing and reference Supermicro fleet at IPng

With this, I can make a regular server running Linux use VPP as kind of a software ASIC for super fast forwarding, filtering, NAT, and so on, while keeping control of the interface state (links, addresses and routes) itself. With Continue reading

1 269 270 271 272 273 3,478