What is Transit Gateway in AWS used for ? a. Interconnect One or more VPC's eliminating need for full mesh b. customer gateway in only one region c. Enhanced NAT gateway d. Can be used to Connect SD-Wan with VPC's Answer is at the end of the post, feel free to skip it, I just did not want to make a spoiler residing just below the question
The post from transitive routing in AWS had a few different solutions at the end, the one which is most efficient and future-proof would be transit-gateway implementation for inter-VPC communication without needing a full mesh.
https://raaki-88.medium.com/transitive-routing-aws-advanced-networking-984ca492d2d7
We will first explore an example and then come back to some of the concepts
Consider below VPCs, by default, there is no VPC peering and if we want to achieve connectivity we need to do n*(n-1)/2 number of peerings, this will quickly get out of hand as the VPCs increase.
The easiest way to achieve connectivity will be in 3 steps
“Somewhere, something incredible is waiting to be known.” — Carl Sagan
In the past few years, space technology and travel have been trending with increased attention and endeavors (including private ones). In our 2021 Year in Review we showed how NASA and SpaceX flew higher, at least in terms of interest on the Internet.
This week, NASA in collaboration with the European Space Agency (ESA) and the Canadian Space Agency (CSA), released the first images from the James Webb Telescope (JWST) which conducts infrared astronomy to “reveal the unseen universe”.
So, let’s dig into something we really like here at Cloudflare, checking how real life and human interest has an impact on the Internet. In terms of general Continue reading
Before understanding the way AWS does transitive routing, let us try to wrap our head on transitive property in mathematics
What is Transitive Property?A property is called transitive property, if x, y and z are the three quantities, and if x is related to y by some rule, and y is related to z by the same rule, then we can say x is related to z by the same rule.
Alright, now let’s look at the following scenario
So Connectivity from VPC3-VPC1 would work just fine, VPC2-VPC1 will also work just fine while VPC2-VPC3/VPC3-VPC2 via VPC1 will never work in AWS, this is the first thing that we should remember.
I see only downsides! — well not everything is lost in this case, there are security benefits as well, large part of it plays a role in IP Address spoofing. Imagine someone is trying to send a packet to your VPC, check to make sure that the instance won’t accept the packet as that is not locally configured and also instance cannot send any of the packets with any source IP as well, that is one of the preliminary reasons why Source and Destination checks are turned off.
Do you ever get neck pains after sitting in front of the computer for too long? If so, you’re not alone. According to a recent study, nearly two-thirds of Americans experience some form of neck pain each year. And with the average person spending over eight hours a day staring at a screen, it’s no wonder that so many of us are suffering.
But there is some good news. If you’re looking for a way to relieve your computer-related neck pain, you may want to try an acupressure pillow. Acupressure is an ancient Chinese healing practice that involves applying pressure to specific points on the body. And according to Traditional Chinese Medicine, there are certain points on the neck that can help relieve pain.
The best part about acupressure is that it’s completely safe and there are no side effects. So if you’re looking for a natural way to ease your neck pain, an acupressure pillow may be just what you need.
There are a few different symptoms that are associated with computer-related neck pain. If you’re experiencing any of the following, it may be time to try an acupressure pillow:
This Continue reading
In this episode, the IPv6 Buzz crew talk about IPv6 transition technologies – especially NAT64/DNS64 – and what design considerations come into play when deploying them.
The post IPv6 Buzz 105: IPv6 Transition Technology Design Considerations appeared first on Packet Pushers.
In this lesson on Ansible and network automation, Josh VanDeraa reviews a common folder structure for use in Ansible and discusses where to define variables in Ansible including: -all.yml -group_vars folder -host_vars folder -importing variables from another file -accessing variables from other devices Josh has created a GitHub repo to store additional material, including links […]
The post Ansible For Network Automation Part 5: Ansible Variables And Folder Structures – Video appeared first on Packet Pushers.
In June 2022, we reported on the largest HTTPS DDoS attack that we’ve ever mitigated — a 26 million request per second attack - the largest attack on record. Our systems automatically detected and mitigated this attack and many more. Since then, we have been tracking this botnet, which we’ve called “Mantis”, and the attacks it has launched against almost a thousand Cloudflare customers.
Cloudflare WAF/CDN customers are protected against HTTP DDoS attacks including Mantis attacks. Please refer to the bottom of this blog for additional guidance on how to best protect your Internet properties against DDoS attacks.
We named the botnet that launched the 26M rps (requests per second) DDoS attack "Mantis" as it is also like the Mantis shrimp, small but very powerful. Mantis shrimps, also known as “thumb-splitters”, are very small; less than 10 cm in length, but their claws are so powerful that they can generate a shock wave with a force of 1,500 Newtons at speeds of 83 km/h from a standing start. Similarly, the Mantis botnet operates a small fleet of approximately 5,000 bots, but with them can generate a massive force — responsible for the largest Continue reading
In this video, host Michael Levan shows the basics of using Weave to enable simple networking within Kubernetes. He also shares how to find instructions to use Cisco ACI and Flannel. Michael Levan brings his background in system administration, software development, and DevOps to this video series. He has Kubernetes experience as both a developer […]
The post Kubernetes For Network Engineers – Lesson 4: Kubernetes Networking Under The Hood – Video appeared first on Packet Pushers.
Most network engineers take it as a “given” that the robustness principle is the “right way” to build protocols and networks—”be conservative in what you send, and liberal in what you receive.” The idea behind the robustness principle is that implementations should implement specifications as accurately as possible, but they should also accept malformed and otherwise erroneous data, process the best they can, and drop the bits they cannot process. This should allow the network to operate correctly in the face of defects and other failures. A recent draft, draft-iab-protocol-maintenance/, challenges the assumptions behind the robustness principle. Join Tom and Russ as they discuss the robustness principle and its potential problems.
Regulated industries such as financials often feel the pain of a current audit or upcoming audit. Implementing network automation with a product like Gluware can enable continuous compliance. Julie Wehling, Solutions Architect, Gluware; and Greg Ferro, Co-Founder, Packet Pushers discuss a real-world customer use case in which a global financial services company used Gluware to […]
The post Enabling Continuous Compliance for a Global Financial Gluware Customer: Livestream 28 June 2022 1/7 – Video appeared first on Packet Pushers.