0

The Rise of CLI-Based AI Coding Agents: Claude code vs Gemini CLI

Introduction I have been a Cursor user for vibe coding for 3 months. I was very skeptical about using Claude Code and Gemini CLI at first, since I wasn’t comfortable with the idea of using a terminal as an AI agent. But in the last 1–2 months, I’ve been trying them both — and it … Continue reading The Rise of CLI-Based AI Coding Agents: Claude code vs Gemini CLI →

0

How Agentic AI Is Redefining Campus and Branch Network Needs

The workplace is being redefined. AI workloads, an explosion of connected devices, and changing working patterns are forcing organizations to rethink their campus and branch network designs to support business goals and deliver great digital experiences to customers and employees. Over the last decade, IT teams have had to manage significant change with the adoption of cloud computing, widespread use of mobile devices, and SaaS applications becoming critical to core business operations. Now, the transformation that is AI presents an opportunity to gain a core competitive advantage and a productivity multiplier for those organizations that successfully embrace it. When it comes to the rise of Small Language Models (SLMs) and agentic AI, sophisticated AI capabilities are moving closer to where business happens — at the branch office and on campus. This shift to “edge AI” promises exciting possibilities but also brings significant implications for network infrastructure that network architects and decision-makers must address now. Understanding Local Small Language Models (SLMs) at the Edge Local SLMs are designed to be compact and efficient enough to run on local servers or even dedicated edge devices. For tasks like answering simple queries or summarizing documents using local data, these models perform inference right Continue reading

0

HN792: Understanding Agentic AI for Network Operations (Sponsored)

LLMs and AI-powered chatbots are becoming a regular feature of network operations tools and vendor product portfolios. Now the next iteration of AI in network ops and automation is likely to be agentic. On today’s Heavy Networking, sponsored by HPE Juniper Networking, we talk about what agentic AI actually means, how AI agents will accomplish... Read more »

0

Congestion Control at IETF 123

The Internet Engineering Task Force (IETF) meets three times a year to develop Internet Standards and related best practices. At its July 2025 meeting in Madrid, several sessions explored the evolving role of congestion control in transport protocols and sparked the observations in this post.

0

TNO038: Building Things That People Will Use – ARPANET History with Jack Haverty

Building things for people to use has been our guest’s goal since entering university in the 1960s. Total Network Operations is delighted to welcome Jack Haverty, who’s been instrumental in ARPANET operations and innovation, the development of TCP, and more. He takes us through the history of the internet from the early days of ARPANET,... Read more »

0

Calico at KubeCon + CloudNativeCon North America 2025!

Get ready, North America! The Calico team is thrilled to announce our participation in KubeCon + CloudNativeCon North America 2025, where we’ll be showcasing the latest advancements in Kubernetes networking, security, and observability. We’re excited to connect with the vibrant cloud-native community, share insights, and demonstrate how Calico Open Source continues to empower organizations worldwide.

We have a packed agenda designed to offer you multiple ways to engage with our team and learn more about Calico. Mark your calendars for these exciting opportunities!

CalicoCon North America 2025

Join us at CalicoCon North America 2025, your go-to event for the latest in Kubernetes networking, security, and observability.

Hosted by the Calico team, this hybrid event is your chance to hear directly from Calico engineers and leadership, get hands-on with new features, and take an in-depth look at the state of Project Calico. We’ll dive into Calico 3.30, Calico eBPF, and Calico Whisker: open source observability for Kubernetes.

Add CalicoCon to your existing KubeCon + CloudNativeCon registration ‌to secure your spot. If you are not attending KubeCon + CloudNativeCon North America but would still like to attend CalicoCon, please reach out to us ‌on the Calico User Slack.

Event Details

Continue reading

0

Hedge 277: Sociotechnical Systems

What is the relationship between humans and machines? Do we adapt to machines, or do we adapt machines to humans? Does technology drive culture, or does our culture drive our technology? Join Mark Prosser, Eyvonne, Tom, and Russ as they discuss what a sociotechnical system is and how it impacts our lives.
 

 
download

0

MadeYouReset: An HTTP/2 vulnerability thwarted by Rapid Reset mitigations

On August 13, security researchers at Tel Aviv University disclosed a new HTTP/2 denial-of-service (DoS) vulnerability that they are calling MadeYouReset (CVE-2025-8671). This vulnerability exists in a limited number of unpatched HTTP/2 server implementations that do not sufficiently enforce restrictions on the number of times a client may send malformed frames. If you’re using Cloudflare for HTTP DDoS mitigation, you’re already protected from MadeYouReset.

Cloudflare was informed of this vulnerability in May through a coordinated disclosure process, and we were able to confirm that our systems were not susceptible, due in large part to the mitigations we put in place during Rapid Reset (CVE-2023-44487). MadeYouReset and Rapid Reset are two conceptually similar HTTP/2 protocol attacks that exploit a fundamental feature within the HTTP/2 specification: stream resets. In the HTTP/2 protocol, a "stream" represents an independent series of HTTP request/response pairs exchanged between the client and server within an HTTP/2 connection. The stream reset feature is intended to allow a client to initiate an HTTP request and subsequently cancel it before the server has delivered its response.

The vulnerability exploited by both MadeYouReset and Rapid Reset lies in the potential for malicious actors to abuse this Continue reading

0

IPB181: Answering Your IPv6 Questions

You’ve sent in questions and on today’s IPv6 Buzz episode Ed, Nick, and Tom answer them. Questions include using DHCPv6 versus SLAAC in a home network, IPv6 and email services, a NAT66 recap, and more. Stay tuned for full episodes coming up that cover Path MTU discovery and IPv6 and containers.  Episode Links: Google IPv6... Read more »

0

Transform ISP Choice from Anecdote to Evidence

Have you ever had to defend your choice of internet service provider? All you can say is: “Everyone says they’re reliable”, “My buddy recommended them.”, “They are the incumbent player”. But when pressed about frequent connectivity issues, then what? Sound familiar? This plays out in businesses across the world every day. We make one of […]

The post Transform ISP Choice from Anecdote to Evidence first appeared on Rick Mur.

0

N4N036: OSPF Area Types

Ethan and Holly bring you the last installment of the OSPF series discussing OSPF area types. They discuss why OSPF areas exist, do a quick recap of what OSPF areas actually are, and then introduce the different types of OSPF areas.  Lastly, see if you can answer Ethan’s rapid-fire OSPF questions. Episode Transcript: This episode... Read more »

0

D2DO279: Herding the Agentic Geese

Developers Rizel Scarlett and Ian Douglas join Ned and Kyler to talk about building an AI agent. Rizel and Ian work at Block, where they’re part of a team building an agent called Goose. They talk about what the agent does, building challenges, observability, and more. They also dive into topics such as how using AI... Read more »

0

Worth Reading 081325

The current state of digital identity is a mess. Your personal information is scattered across hundreds of locations: social media companies, IoT companies, government agencies, websites you have accounts on, and data brokers you’ve never heard of.

It turns out that, if you have your domain hosted by a big provider (we happen to use GoDaddy), it’s easy to turn on DNSSEC. But I think it says a lot that it took us this long (and the stimulus of working on a new security book) to get us to turn on DNSSEC

As we left the laboratory, I thought about how we in the computing field build a tremendous number of things that really cannot be called beautiful and then are commonly tossed aside without a thought.

The accelerated migration to advanced services will be accompanied by unprecedented complexity, and security and reliability concerns that must be addressed by the network-engineering and formal-methods communities.

Quantum scientists have long treated quantum entanglement as precious cargo, forging fresh links for every secure message or computation. A new theoretical study proposes a thriftier route, letting an existing pair pass portions of its entanglement down an extended chain.

0

PP074: News Roundup – Microsoft Dumps Digital Escorts; Palo Alto Bundles Billions Aboard CyberArk

Packet Protector goes global for today’s security news roundup. Microsoft discontinues a program in which engineers in China supported the US Department of Defense’s cloud infrastructure (with the help of US ‘digital escorts’), Taiwanese chipmaker TSMC fires several employees over allegations of attempted theft of sensitive tech, an Arizona woman gets 8 years in prison... Read more »

0

HW058: Wi-Co Wi-Fi Conferences with Peter Mackenzie

Technical conferences are an excellent avenue for building community. Guest Peter Mackenzie talks about his love for conferences and how they’ve helped him in his career. In fact, Conferences helped him so much started one in Europe called Wi-Co. It has grown to include North America so that more wireless practitioners can join in the... Read more »

0

Fun Reading: AI: Great Expectations

Rodney Brooks republished an article on great AI expectations that he wrote 37 years ago. Not surprisingly, apart from a few technical details triggered by four decades of exponential growth in silicon capabilities, the article could have been written yesterday.

Side note: I’m a bit younger than Rodney, but I also went through at least three waves of AI hype cycles, starting with Prolog and 4GL, then expert systems, and finally neural networks. Around that time, I stopped caring and focused on networking, but I have enough battle scars to remain skeptical.

0

Aligning our prices and packaging with the problems we help customers solve

At Cloudflare, we have a simple but audacious goal: to help build a better Internet. That mission has driven us to build one of the world’s largest networks, to stand up for content providers, and to innovate relentlessly to make the Internet safer, faster, and more reliable for everyone, everywhere.

Building world-class products is only part of the battle, however. Fulfilling our mission means making these products accessible, including a pricing model that is fair, predictable, and aligned with the value we provide. If our packaging is confusing, or if our pricing penalizes you for using the service, then we’re not living up to our mission. And the best way to ensure that alignment?

Listen to our customers.

Over the years, your feedback has shaped our product roadmap, helping us evolve to offer nearly 100 products across four solution areas — Application Services, Network Services, Zero Trust Services, and our Developer Platform — on a single, unified platform and network infrastructure. Recently, we’ve heard a new theme emerge: the need for simplicity. You’ve asked us, “A hundred products is a lot. Can you please be more prescriptive?” and “Can you make your pricing more Continue reading

0

NB538: AI Copilot To Help Steer HPE SASE; SoftBank Will Test 5G Airships

Take a Network Break! We start with follow-up on post-quantum support in firewalls and DPDK, then highlight a command injection vulnerability in Ruckus SmartZone software. In tech news, Broadcom rolls out the Jericho4 ASIC to help scale AI across multiple data centers, InfoBlox beefs up DNS protection to spot malicious domains faster, and HPE announces... Read more »

0

Tech Bytes: How Lightyear Makes ISP Management Painless (Sponsored)

Telecom and ISP lifecycle management can be tedious and opaque. On today’s Tech Bytes, we talk with sponsor Lightyear about its SaaS-based platform that handles telecom and ISP procurement, tracks installations and inventory, manages billing, and more. We talk about the pain points that Lightyear can solve, the components of the platform, and how Lightyear... Read more »

0

BGP Community Propagation on Cisco IOS/XE: The 90’s Called

Just when I thought no vendor stupidity peculiarity could surprise me, Cisco IOS/XE proved me wrong.

I was improving a completely unrelated BGP functionality. I ran BGP integration tests on Cisco IOL (because it’s the fastest one to boot), and the BGP community propagation test failed. After verifying that I did not change the template and that the data structures had not changed, I checked the IOL release I was using.

Surprise 🎉🎉: the neighbor send-community configurations that worked since (at least) the IOS Classic release 15.x stopped working in Cisco IOS/XE release 17.16.01a.