Archive

Category Archives for "Networking"

Busting Myths – IPv6 Link Local Next Hop into BGP

In some publications it is mentioned that a link local next-hop can’t be used when redistributing routes into BGP because routers receiving the route will not know what to do with the next-hop. That is one of the reason why HSRPv2 got support for global IPv6 addresses. One such scenario is described in this link.

The topology used for this post is the following.

Topo1

I have just setup enough of the topology to prove that it works with the next-hop, so I won’t be running any pings and so on. The routers R1 and R2 have a static route for the network behind R3 and R4.

ipv6 route 2001:DB8:100::/48 GigabitEthernet0/1 FE80::5:73FF:FEA0:1

When routing towards a link local address, the exit interface must be specified. R1 then runs BGP towards R5, notice that I’m not using next-hop-self.

router bgp 100
bgp router-id 1.1.1.1
bgp log-neighbor-changes
neighbor 2001:DB8:1::5 remote-as 100
!
address-family ipv6
redistribute static
neighbor 2001:DB8:1::5 activate
exit-address-family

If we look in the BGP RIB, we can see that the route is installed with a link local next-hop.

R1#sh bgp ipv6 uni
BGP table version is 2, local router ID is 1.1.1.1
Status codes: s suppressed,  Continue reading

Don’t Optimize the Last 5%

Robin Harris described an interesting problem in his latest blog post: while you can reduce the storage access time from milliseconds to microseconds, the whole software stack riding on top still takes over 100 milliseconds to respond. Sometimes we’re optimizing the wrong part of the stack.

Any resemblance to SDN in enterprises or the magical cost-reduction properties of multi-vendor data center fabrics is obviously purely coincidental.

Yet Another new BGP NLRI: BGP-LS

Yes, that’s right, we have another new BGP NLRI: BGP-LS. In this post we will be looking at BGP with Link State (LS) extension which is an integral part of the Carrier SDN strategy. We will look at why we need BGP-LS, its internals and its applications. What I won’t cover is things like do we need SDN?, […]

The post Yet Another new BGP NLRI: BGP-LS appeared first on Packet Pushers.

Microsoft may offer some Windows 10 patch notes to enterprises

IT administrators may get more information than originally planned about Windows 10 patches, as Microsoft ponders how much to tell business customers about modifications to the new OS."We've heard that feedback from enterprise customers so we're actively working on how we provide them with information about what's changing and what new capabilities and new value they're getting," Jim Alkove, a vice president in the Windows group, said during a press briefing. It's a change in tone for the company, which previously said that it wouldn't provide detailed information about most Windows 10 patches. That original plan was bad news for IT managers and users who want to know what an update does before they install it. This is more of an issue now that Microsoft is supposed to release more frequent updates over the lifetime of Windows 10, as part of its "Windows as a service" plans, than it did for previous editions of Windows.To read this article in full or to leave a comment, please click here

US agency to seek consensus on divisive, volatile topic of security vulnerability disclosures

A U.S. agency hopes to gather security researchers, software vendors and other interested people to reach consensus on the sticky topic of how to disclose cybersecurity vulnerabilities.Beginning in September, the U.S. National Telecommunications and Information Administration (NTIA) will host a series of meetings intended to improve collaboration among security researchers, software vendors and IT system operators on the disclosure of, and response to, vulnerabilities.The first NTIA-hosted meeting will be Sept. 29 at the University of California, Berkeley, School of Law. Registration is open to all who want to participate, and the meeting will also be webcast, NTIA said.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Anatomy of an IoT hack

With Internet of Things penetration set for a trillion devices by 2025, according to recent McKinsey numbers, our thoughts are, or should be, turning to security.One question that could be posed is: Just how could a future IoT attack play out? What route could it take?A security company reckons it has an answer.'Terror in the kitchen' One World Labs, a security outfit that specializes in penetration testing, forensics, and security code review, presented a session at San Francisco's RSA Conference in April, where it attempted to address the question.To read this article in full or to leave a comment, please click here

Grsecurity will stop issuing patches citing trademark abuse

A major corporation is misusing grsecurity’s trademarks and tarnishing its brand – and as a consequence, the leader of the project said Wednesday, grsecurity will stop making its stable patches available to the general public.In an official announcement, grsecurity project leader Brad Spengler said that it was unfair to the project’s sponsors to allow the companies in the embedded Linux industry – which he declined to name, citing legal advice – to dilute grsecurity’s trademarks.+ALSO ON NETWORK WORLD: Massachusetts boarding school sued over Wi-Fi sickness + Access points with 802.11ac are taking over enterprise WLANsTo read this article in full or to leave a comment, please click here

iPexpert’s Newest “CCIE Wall of Fame” Additions 8/28/2015

Please join us in congratulating the following iPexpert students who have passed their CCIE lab!

This Week’s CCIE Success Stories

  • Mohan Mayilraj, CCIE #49942 (Data Center)
  • Zahari Georgiev, CCIE #49996 (Wireless)
  • Mohamed Enassiri, CCIE #46237 (Collaboration)

This Week’s Testimonial

Mohan Mayilraj CCIE #49942 (Data Center)
Thank you very much for help reach my goal. Your video and training and Boot camp helped lot and your proctor lab is gem and very much useful and I used your lab most of time and workbook.This is my first attempt on CCIE. I got through it .

We Want to Hear From You!

Have you passed your CCIE lab exam and used any of iPexpert’s self-study products, or attended a CCIE Bootcamp? If so, we’d like to add you to our CCIE Wall of Fame!

Apple rewards CEO Tim Cook with $58M for bang-up job on Wall Street

Apple CEO Tim Cook earlier this week was awarded 560,000 shares, worth approximately $57.7 million, receiving the full amount of a grant due him because of Apple's performance on Wall Street over the last two years. As it did in 2014, Apple withheld just over half of the total shares -- 290,836, worth about $30 million on Monday -- for tax purposes. The half-million shares were this year's allotment under a revised schedule designed at Cook's request in 2013. Then, Apple's board modified the executive's vesting plan, which had set two large stock handouts for a massive 1 million-share grant -- after last year's stock split, equal to 7 million -- when Cook assumed the lead role at the Cupertino, Calif. company just weeks before co-founder Steve Jobs' death.To read this article in full or to leave a comment, please click here

PlexxiPulse—What are your VMworld Predictions?

If you caught our webinar on Thursday, you know that we believe the success of future networks will be a combination of hardware and software to form a dynamic, application aware, converged network fabric. We covered the evolution of the network as well as a few of our predictions for the future. If you missed it, don’t worry—there will be more to come. In the meantime, I will be at VMworld in San Francisco next week from August 30—September 3. I’m always open to chat about networking at large and how we’re disrupting the networking norm here at Plexxi. Let me know if you’ll be there! Do you have any predictions for VMworld this year?

Below please find a few of our top picks for our favorite news articles of the week. Enjoy!

No Jitter: Network Change: Evolutions and Revolutions
By Tom Noelle
Networking, and its transformation, is more than just technology. Broadband Internet came along during an unfortunate shift in the politics of networking. In the ’80s and ’90s we were moving from a global vision of communications as a regulated monopoly or even a government agency to one of a free market. The Internet exploded on the scene Continue reading

Attention whitehats, The FTC wants you to lead new privacy, security push

FTC The Federal Trade Commission will in January hold a wide-ranging conference on security and privacy issues lead by all manner of whitehat security researchers and academics, industry representatives, consumer advocates.The FTC’s PrivacyCon will include brief privacy and security research presentations, along with expert panel discussions on the latest privacy and security challenges facing consumers. Whitehat researchers and academics will discuss the latest security vulnerabilities, explain how they can be exploited to harm consumers, and highlight research affecting consumer privacy and data security. During panel discussions, participants will discuss the research presentations and the latest policy initiatives to address consumer privacy and security, develop suggestions for further collaboration between researchers and policymakers, and highlight steps that companies and consumers can and should take to protect themselves and their data, the FTC stated.To read this article in full or to leave a comment, please click here

Wi-Fi blocking debate far from over

Following the FCC’s warning in January that it would no longer tolerate the Marriotts of the world blocking visitors’ WiFi hotspots, I set a reminder on my calendar to revisit the topic six months later. After all, the issue of WiFi blocking sparked strong reactions from IT pros, end users and vendors of wireless LAN products early in the year, and I figured it wasn’t over yet. So I started by making an inquiry directly to Marriott Global CIO Bruce Hoffmeister, who foisted me on to a company spokesman, who “respectfully declined” to connect me with anyone for an update on how Marriott is now dealing with perceived threats to its network. He simply directed me back to Marriott’s statement from January that it would behave itself, no doubt hoping the hotel chain could further distance itself from the $600K fine that the FCC hit it with, as well as the rest of the bad publicity. I also inquired at the FCC, which in Marriott-like fashion, referred me back to the agency’s last statement on the matter from January, and in a follow up, said it can’t comment on whether any new investigations are underway. Continue reading

Researchers find many more modules of Regin spying tool

Security researchers from Symantec have identified 49 more modules of the sophisticated Regin cyberespionage platform that many believe is used by the U.S. National Security Agency and its close allies.This brings the total number of modules known so far to 75, each of them responsible for implementing specific functionality and giving attackers a lot of flexibility in how they exploit individual targets.Regin came to light in November last year, but it has been in use since at least 2008 and antivirus companies have known about it since 2013.To read this article in full or to leave a comment, please click here

1 3,003 3,004 3,005 3,006 3,007 3,479