Archive

Category Archives for "Networking"

The Rise of CLI-Based AI Coding Agents: Claude code vs Gemini CLI

Introduction I have been a Cursor user for vibe coding for 3 months. I was very skeptical about using Claude Code and Gemini CLI at first, since I wasn’t comfortable with the idea of using a terminal as an AI agent. But in the last 1–2 months, I’ve been trying them both — and it … Continue reading The Rise of CLI-Based AI Coding Agents: Claude code vs Gemini CLI

How Agentic AI Is Redefining Campus and Branch Network Needs

The workplace is being redefined. AI workloads, an explosion of connected devices, and changing working patterns are forcing organizations to rethink their campus and branch network designs to support business goals and deliver great digital experiences to customers and employees. Over the last decade, IT teams have had to manage significant change with the adoption of cloud computing, widespread use of mobile devices, and SaaS applications becoming critical to core business operations. Now, the transformation that is AI presents an opportunity to gain a core competitive advantage and a productivity multiplier for those organizations that successfully embrace it. When it comes to the rise of Small Language Models (SLMs) and agentic AI, sophisticated AI capabilities are moving closer to where business happens — at the branch office and on campus. This shift to “edge AI” promises exciting possibilities but also brings significant implications for network infrastructure that network architects and decision-makers must address now. Understanding Local Small Language Models (SLMs) at the Edge Local SLMs are designed to be compact and efficient enough to run on local servers or even dedicated edge devices. For tasks like answering simple queries or summarizing documents using local data, these models perform inference right Continue reading

Congestion Control at IETF 123

The Internet Engineering Task Force (IETF) meets three times a year to develop Internet Standards and related best practices. At its July 2025 meeting in Madrid, several sessions explored the evolving role of congestion control in transport protocols and sparked the observations in this post.

Calico at KubeCon + CloudNativeCon North America 2025!

Get ready, North America! The Calico team is thrilled to announce our participation in KubeCon + CloudNativeCon North America 2025, where we’ll be showcasing the latest advancements in Kubernetes networking, security, and observability. We’re excited to connect with the vibrant cloud-native community, share insights, and demonstrate how Calico Open Source continues to empower organizations worldwide.

We have a packed agenda designed to offer you multiple ways to engage with our team and learn more about Calico. Mark your calendars for these exciting opportunities!

CalicoCon North America 2025

Join us at CalicoCon North America 2025, your go-to event for the latest in Kubernetes networking, security, and observability.

Hosted by the Calico team, this hybrid event is your chance to hear directly from Calico engineers and leadership, get hands-on with new features, and take an in-depth look at the state of Project Calico. We’ll dive into Calico 3.30, Calico eBPF, and Calico Whisker: open source observability for Kubernetes.

Add CalicoCon to your existing KubeCon + CloudNativeCon registration ‌to secure your spot. If you are not attending KubeCon + CloudNativeCon North America but would still like to attend CalicoCon, please reach out to us ‌on the Calico User Slack.

CalicoCon 2025 Logo

Event Details

Continue reading

MadeYouReset: An HTTP/2 vulnerability thwarted by Rapid Reset mitigations

On August 13, security researchers at Tel Aviv University disclosed a new HTTP/2 denial-of-service (DoS) vulnerability that they are calling MadeYouReset (CVE-2025-8671). This vulnerability exists in a limited number of unpatched HTTP/2 server implementations that do not sufficiently enforce restrictions on the number of times a client may send malformed frames. If you’re using Cloudflare for HTTP DDoS mitigation, you’re already protected from MadeYouReset.

Cloudflare was informed of this vulnerability in May through a coordinated disclosure process, and we were able to confirm that our systems were not susceptible, due in large part to the mitigations we put in place during Rapid Reset (CVE-2023-44487). MadeYouReset and Rapid Reset are two conceptually similar HTTP/2 protocol attacks that exploit a fundamental feature within the HTTP/2 specification: stream resets. In the HTTP/2 protocol, a "stream" represents an independent series of HTTP request/response pairs exchanged between the client and server within an HTTP/2 connection. The stream reset feature is intended to allow a client to initiate an HTTP request and subsequently cancel it before the server has delivered its response.

The vulnerability exploited by both MadeYouReset and Rapid Reset lies in the potential for malicious actors to abuse this Continue reading

Transform ISP Choice from Anecdote to Evidence

Have you ever had to defend your choice of internet service provider? All you can say is: “Everyone says they’re reliable”, “My buddy recommended them.”, “They are the incumbent player”. But when pressed about frequent connectivity issues, then what? Sound familiar? This plays out in businesses across the world every day. We make one of […]

The post Transform ISP Choice from Anecdote to Evidence first appeared on Rick Mur.

N4N036: OSPF Area Types

Ethan and Holly bring you the last installment of the OSPF series discussing OSPF area types. They discuss why OSPF areas exist, do a quick recap of what OSPF areas actually are, and then introduce the different types of OSPF areas.  Lastly, see if you can answer Ethan’s rapid-fire OSPF questions. Episode Transcript: This episode... Read more »

PP074: News Roundup – Microsoft Dumps Digital Escorts; Palo Alto Bundles Billions Aboard CyberArk

Packet Protector goes global for today’s security news roundup. Microsoft discontinues a program in which engineers in China supported the US Department of Defense’s cloud infrastructure (with the help of US ‘digital escorts’), Taiwanese chipmaker TSMC fires several employees over allegations of attempted theft of sensitive tech, an Arizona woman gets 8 years in prison... Read more »

Fun Reading: AI: Great Expectations

Rodney Brooks republished an article on great AI expectations that he wrote 37 years ago. Not surprisingly, apart from a few technical details triggered by four decades of exponential growth in silicon capabilities, the article could have been written yesterday.

Side note: I’m a bit younger than Rodney, but I also went through at least three waves of AI hype cycles, starting with Prolog and 4GL, then expert systems, and finally neural networks. Around that time, I stopped caring and focused on networking, but I have enough battle scars to remain skeptical.

Aligning our prices and packaging with the problems we help customers solve

At Cloudflare, we have a simple but audacious goal: to help build a better Internet. That mission has driven us to build one of the world’s largest networks, to stand up for content providers, and to innovate relentlessly to make the Internet safer, faster, and more reliable for everyone, everywhere.

Building world-class products is only part of the battle, however. Fulfilling our mission means making these products accessible, including a pricing model that is fair, predictable, and aligned with the value we provide. If our packaging is confusing, or if our pricing penalizes you for using the service, then we’re not living up to our mission. And the best way to ensure that alignment?

Listen to our customers.

Over the years, your feedback has shaped our product roadmap, helping us evolve to offer nearly 100 products across four solution areas — Application Services, Network Services, Zero Trust Services, and our Developer Platform — on a single, unified platform and network infrastructure. Recently, we’ve heard a new theme emerge: the need for simplicity. You’ve asked us, “A hundred products is a lot. Can you please be more prescriptive?” and “Can you make your pricing more Continue reading

NB538: AI Copilot To Help Steer HPE SASE; SoftBank Will Test 5G Airships

Take a Network Break! We start with follow-up on post-quantum support in firewalls and DPDK, then highlight a command injection vulnerability in Ruckus SmartZone software. In tech news, Broadcom rolls out the Jericho4 ASIC to help scale AI across multiple data centers, InfoBlox beefs up DNS protection to spot malicious domains faster, and HPE announces... Read more »

Tech Bytes: How Lightyear Makes ISP Management Painless (Sponsored)

Telecom and ISP lifecycle management can be tedious and opaque. On today’s Tech Bytes, we talk with sponsor Lightyear about its SaaS-based platform that handles telecom and ISP procurement, tracks installations and inventory, manages billing, and more. We talk about the pain points that Lightyear can solve, the components of the platform, and how Lightyear... Read more »

BGP Community Propagation on Cisco IOS/XE: The 90’s Called

Just when I thought no vendor stupidity peculiarity could surprise me, Cisco IOS/XE proved me wrong.

I was improving a completely unrelated BGP functionality. I ran BGP integration tests on Cisco IOL (because it’s the fastest one to boot), and the BGP community propagation test failed. After verifying that I did not change the template and that the data structures had not changed, I checked the IOL release I was using.

Surprise 🎉🎉: the neighbor send-community configurations that worked since (at least) the IOS Classic release 15.x stopped working in Cisco IOS/XE release 17.16.01a.