0

Part 4 – Monitoring PSN Load Balancing

The best way to know that your configuration is working properly is to measure with a tool outside of ISE.  Unfortunately, authentications per second is not available via SNMP or the REST API.  What does happen is for each authentication a SYSLOG message is generated.  The following messages are for every passed and failed authentication: […]

The post Part 4 – Monitoring PSN Load Balancing appeared first on Packet Pushers.

0

Part 3 – IOS-XE Load Balancing

Cisco is a large organization.  Sometimes different software development teams don’t talk to one another as much as we would like.   As it happens, the IOS-XE team developed a way of load balancing RADIUS request across multiple RADIUS servers.  I can’t claim to have read every Cisco whitepaper and I haven’t seen every Cisco Live […]

The post Part 3 – IOS-XE Load Balancing appeared first on Packet Pushers.

0

Part 2 – Enter the Load Balancer

In Part 1 we explored the simplest configuration possible.  Now let’s introduce a load balancer appliance. I’m just going to put it out there.  Load balancers are a necessary evil.  They are for protocols that are too dumb to figure out how to load balance themselves at the application layer.  But we’re going to find […]

The post Part 2 – Enter the Load Balancer appeared first on Packet Pushers.

0

Part 1: Cisco ISE Load Balancing

There are many ways to build a Cisco Identity Services Engine (ISE) installation.  This is a four-part series on load balancing multiple RADIUS servers and we’ll use Cisco’s Identity Services Engine in our examples.  If you want to jump ahead: Part 1: This Page! Part 2: Load Balancer Appliances Part 3: Simple, Fast, Cheap… all […]

The post Part 1: Cisco ISE Load Balancing appeared first on Packet Pushers.

0

Building a Small Network with ChatGPT

I must be a good prompt engineer – every time I ask ChatGPT something really simple it spews out nonsense. This time I asked it to build a small network with four routers:

I have a network with four Cisco routers (A,B,C,D). They are connected as follow: A-B, B-C, A-D, D-C. Each router has a loopback interface. Create router configurations that will result in A being able to reach loopback interfaces of all other routers.

Here’s what I got back¹:

Here’s an example configuration for the four routers that should allow Router A to reach the loopback interfaces of all other routers:

0

Building a Small Network with ChatGPT

I must be a good prompt engineer – every time I ask ChatGPT something really simple it spews out nonsense. This time I asked it to build a small network with four routers:

I have a network with four Cisco routers (A,B,C,D). They are connected as follow: A-B, B-C, A-D, D-C. Each router has a loopback interface. Create router configurations that will result in A being able to reach loopback interfaces of all other routers.

Here’s what I got back¹:

Here’s an example configuration for the four routers that should allow Router A to reach the loopback interfaces of all other routers:

0

Amazon & De Beers to Power Quantum Networks With Synthetic Diamonds

Diamond-enabled quantum networking through a collaboration between AWS and De Beers subsidiary Element Six could bring enhanced communication and data security in fields such as finance, healthcare, and defense.

0

Edge Computing Use Cases: Helping Businesses Access SD-WAN/SSE

How can edge computing be leveraged to ensure every small business benefits from the latest SD-WAN/SSE technologies?

0

Announcing VMware HCX+ Initial Availability

If you had to sum up multi-cloud management in a single word, “complex” would be a fair choice. Although multi-cloud strategies vary from one organization to the next—i.e., some use a mix of public and private clouds while others might use only public or only private infrastructures—all multi-cloud architectures significantly increase the complexity and challenges that IT organizations must navigate.

Today, we’re excited to announce a new offering, HCX+, designed to help mitigate the challenges of thriving in a multi-cloud world. By helping to streamline and accelerate workload migration and mobility between on-premises, public cloud, and private cloud environments, HCX+ simplifies complex processes like data center modernization, hardware refresh, data center consolidation, data center evacuation, cloud migration, data center extension, cloud bursting, and cloud rebalancing.

Keep reading for an overview of the major benefits and features that HCX+ brings to the table.

Announcing HCX+ Initial Availability

HCX+, which is in initial availability as of today, is a SaaS-based workload migration and mobility service from VMware that provides centralized management, orchestration, and observability for migration, repatriation, and rebalancing initiatives across multi-cloud environments.

HCX+ builds on VMware’s existing HCX solution, enabling easier and faster configuration and operability. With HCX+, migration Continue reading

0

Stratus Technologies release latest version of ftServer edge systems

Edge server maker Stratus Technologies today announced that the 12th generation of its ftServer line is now on sale, bringing new hardware upgrades, improved resiliency for mission-critical workloads and, in time, support for a broader range of operating systems.The latest ftServers come in four main configurations. The 6920 platform, designed for rigorous data- and transaction-intensive work in large data centers or similar, is the largest, while the 6910 is designed to fit into smaller facilities. The 4920 and 2920, respectively, scale back size and capability to fit into medium-size facilities and remote offices, and running individual applications on shop floors or in industrial plants.To read this article in full, please click here

0

Stratus Technologies release latest version of ftServer edge systems

Edge server maker Stratus Technologies today announced that the 12th generation of its ftServer line is now on sale, bringing new hardware upgrades, improved resiliency for mission-critical workloads and, in time, support for a broader range of operating systems.The latest ftServers come in four main configurations. The 6920 platform, designed for rigorous data- and transaction-intensive work in large data centers or similar, is the largest, while the 6910 is designed to fit into smaller facilities. The 4920 and 2920, respectively, scale back size and capability to fit into medium-size facilities and remote offices, and running individual applications on shop floors or in industrial plants.To read this article in full, please click here

0

Failed hard drives lasted less than three years, analysis finds

Failed hard disk drives ran for an average of 25,233 hours before their demise, which translates to a lifespan of two years and 10 months.That’s according to Secure Data Recovery, which has a specific perspective on the matter. It specializes in salvaging data from failed hard drives, so pretty much every hard drive that it sees isn’t working properly, which gives it the opportunity to spot some patterns in hard drive longevity. (Secure Data Recovery’s analysis is different from the quarterly hard-drive report from cloud storage vendor Backblaze, which focuses on the few hard drives that fail out of the hundreds of thousands that it uses.)To read this article in full, please click here

0

Failed hard drives lasted less than three years, analysis finds

Failed hard disk drives ran for an average of 25,233 hours before their demise, which translates to a lifespan of two years and 10 months.That’s according to Secure Data Recovery, which has a specific perspective on the matter. It specializes in salvaging data from failed hard drives, so pretty much every hard drive that it sees isn’t working properly, which gives it the opportunity to spot some patterns in hard drive longevity. (Secure Data Recovery’s analysis is different from the quarterly hard-drive report from cloud storage vendor Backblaze, which focuses on the few hard drives that fail out of the hundreds of thousands that it uses.)To read this article in full, please click here

0

Day Two Cloud 190: Serious Public Clouds Invest In Infrastructure With Charles Fitzgerald

On today's Day Two Cloud we dive into how the public clouds spend their money and what IT and engineering folks can learn from those spending patterns. We also look at the notion of cloud repatriation and how prevalent (or not) it is. Our guest is Charles Fitzgerald, a CapEx obsessive who writes the Platformonomics blog.

The post Day Two Cloud 190: Serious Public Clouds Invest In Infrastructure With Charles Fitzgerald appeared first on Packet Pushers.

0

Day Two Cloud 190: Serious Public Clouds Invest In Infrastructure With Charles Fitzgerald

On today's Day Two Cloud we dive into how the public clouds spend their money and what IT and engineering folks can learn from those spending patterns. We also look at the notion of cloud repatriation and how prevalent (or not) it is. Our guest is Charles Fitzgerald, a CapEx obsessive who writes the Platformonomics blog.

0

Introducing Cloudflare’s new Network Analytics dashboard

We’re pleased to introduce Cloudflare’s new and improved Network Analytics dashboard. It’s now available to Magic Transit and Spectrum customers on the Enterprise plan.

The dashboard provides network operators better visibility into traffic behavior, firewall events, and DDoS attacks as observed across Cloudflare’s global network. Some of the dashboard’s data points include:

1. Top traffic and attack attributes
2. Visibility into DDoS mitigations and Magic Firewall events
3. Detailed packet samples including full packets headers and metadata

This dashboard was the outcome of a full refactoring of our network-layer data logging pipeline. The new data pipeline is decentralized and much more flexible than the previous one — making it more resilient, performant, and scalable for when we add new mitigation systems, introduce new sampling points, and roll out new services. A technical deep-dive blog is coming soon, so stay tuned.

In this blog post, we will demonstrate how the dashboard helps network operators:

1. Understand their network better
2. Respond to DDoS attacks faster
3. Easily generate security reports for peers and managers

Understand your network better

One of the main responsibilities network operators bare is ensuring the operational stability Continue reading

0

Internet disruptions overview for Q1 2023

Cloudflare operates in more than 285 cities in over 100 countries, where we interconnect with over 11,500 network providers in order to provide a broad range of services to millions of customers. The breadth of both our network and our customer base provides us with a unique perspective on Internet resilience, enabling us to observe the impact of Internet disruptions.

We entered 2023 with Internet disruptions due to causes that ran the gamut, including several government-directed Internet shutdowns, cyclones, a massive earthquake, power outages, cable cuts, cyberattacks, technical problems, and military action. As we have noted in the past, this post is intended as a summary overview of observed disruptions, and is not an exhaustive or complete list of issues that have occurred during the quarter.

Government directed

Iran

Over the last six-plus months, government-directed Internet shutdowns in Iran have largely been in response to protests over the death of Mahsa Amini while in police custody. While these shutdowns are still occurring in a limited fashion, a notable shutdown observed in January was intended to prevent cheating on academic exams. Internet shutdowns with a similar purpose have been observed across a number of other countries, and have also occurred in Continue reading

0

Should I Care About RPKI and Internet Routing Security?

One of my subscribers sent me this question:

I’m being asked to enter a working group on RPKI and route origination. I’m doing research, listening to Jeff Tantsura, who seems optimistic about taking steps to improve BGP security vs Geoff Huston, who isn’t as optimistic. Should I recommend to the group that the application security is the better investment?

You need both. RPKI is slowly becoming the baseline of global routing hygiene (like washing hands, only virtual, and done once every blue moon when you get new IP address space or when the certificates expire). More and more Internet Service Providers (including many tier-1 providers) filter RPKI invalids thus preventing the worst cases of unintentional route leaks.

0

Should I Care About RPKI and Internet Routing Security?

One of my subscribers sent me this question:

I’m being asked to enter a working group on RPKI and route origination. I’m doing research, listening to Jeff Tantsura, who seems optimistic about taking steps to improve BGP security vs Geoff Huston, who isn’t as optimistic. Should I recommend to the group that the application security is the better investment?

You need both. RPKI is slowly becoming the baseline of global routing hygiene (like washing hands, only virtual, and done once every blue moon when you get new IP address space or when the certificates expire). More and more Internet Service Providers (including many tier-1 providers) filter RPKI invalids thus preventing the worst cases of unintentional route leaks.

0

Stable Diffusion Installation on Linux

Stable Diffusion is a text-to-image latent diffusion model created by the researchers and engineers from […]

The post Stable Diffusion Installation on Linux first appeared on Brezular's Blog.