Go crypto: bridging the performance gap
It is no secret that we at CloudFlare love Go. We use it, and we use it a LOT. There are many things to love about Go, but what I personally find appealing is the ability to write assembly code!
That is probably not the first thing that pops to your mind when you think of Go, but yes, it does allow you to write code "close to the metal" if you need the performance!
Another thing we do a lot in CloudFlare is... cryptography. To keep your data safe we encrypt everything. And everything in CloudFlare is a LOT.
Unfortunately the built-in cryptography libraries in Go do not perform nearly as well as state-of-the-art implementations such as OpenSSL. That is not acceptable at CloudFlare's scale, therefore we created assembly implementations of Elliptic Curves and AES-GCM for Go on the amd64 architecture, supporting the AES and CLMUL NI to bring performance up to par with the OpenSSL implementation we use for Universal SSL.
We have been using those improved implementations for a while, and attempting to make them part of the official Go build for the good of the community. For now Continue reading
ARP Processing in Layer-3-Only Networks
John Jackson wrote an interesting comment on my Rearchitecting L3-Only Networks blog post:
What the host has configured for its default gateway doesn't really matter, correct? Because the default gateway in traditional L2 access networks really isn't about the gateway's IP address, but the gateway's MAC address. The destination IP address in the packet header is always the end destination IP address, never the default gateway.
He totally got the idea, however there are a few minor details to consider.
Read more ...Cisco Finally Joins the Intel Network Builders Program
Cisco's David Ward makes surprise appearance at NFV World Congress.
NETCONF and the ncclient
NETCONF is an industry standard (IETF) network management protocol. It’s actually been around for quite awhile and supported by numerous vendors. While NETCONF is not always compatible across network switch platforms, it’s the closest thing I can see that could be a unified multi-vendor API. Of course, there are also vendor extensions for those device-specific features too.
I’m not going to get too much into what NETCONF is because Matt Oswalt has already done that. Check out his post if you haven’t already done so. There are also plenty of other good resources on NETCONF out there.
What I am going to focus on in this post is using Python to interact with NETCONF-enabled network switches.
Let’s get to it.
First, you’ll want to install the ncclient. It is pretty much the de facto Python library to use when you need a NETCONF client to communicate with a NETCONF server, i.e. a network device.
sudo pip install ncclient
This will also install a few other required dependencies such as paramiko and lxml along with the client itself.
The next thing you are going to need is at least one switch (or device) that supports NETCONF. In this post, I’m Continue reading
GNS3 Weekly Development Report: May 4th
Last week we launched our first weekly development report (see: GNS3 Weekly Development Report: April 27th) in an effort to provide theHow AT&T Honed Its SDN & NFV Plan: Code First, Tweak Later
A Layer 0-7 SDN controller is among the aspects of AT&T's SDN plan, built upon DevOps-like trial and error.
Extreme Networks’ New CEO Is Still Working Out His Plan
Q3 comes in as promised, which isn't good news.
Interpreting and Graphing Aruba ARM Counters
Guest post by Mike Albano
The topic of "do you trust RRM" is often discussed. The most typical answer is: "Yes, if I understand it." I know I've personally spent numerous hours blaming RRM for a questionable Dynamic Channel Assignment (DCA), and I'm usually wrong.
For the purpose of this post, RRM = Radio Resource Management; be it ARM (Aruba), RRM (Cisco), ACSP (Aerohive), SmartRF (Extreme) etc. etc.
This post isn't about the topic of "trust", or if to use RRM. Here's a good post by @wirednot on that topic. (Read the comments!)
This is more about:
- Finding a way to interpret and use the data available to identify if/when an AP will change channels (DCA).
- Analyzing the state of the channel, from the AP's perspective, before & after a channel change.
- Showing an example of tools I use regularly in troubleshooting (Python and AirRecorder).
The system in question is an Aruba Instant AP (Instant OS version 6.3.1.8-4.0.0.9).
Data Gathering
Typically, I use Pexpect for screen-scraping CLI output but Aruba has written a handy utility to do this for you. It's called Air Recorder, and is multi-platform (Java.) Will run on Continue reading
How workflow capabilities benefit continuous delivery environments
This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.
Wikipedia defines workflow as “an orchestrated and repeatable pattern of business activity enabled by the systematic organization of resources into processes” - processesthat make things or just generally get work done. Manufacturers can thank workflows for revolutionizing the production of everything from cars to chocolate bars. Management wonks have built careers on applying workflow theories like Lean and TQM to their business processes.
To read this article in full or to leave a comment, please click here
Debunking the myths dogging the hybrid cloud
This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.
Many companies face the dilemma of how to get the most out of legacy IT equipment and applications while taking advantage of the latest cloud advances to keep their company competitive and nimble.
A hybrid approach to IT infrastructure enables internal IT groups to support legacy systems with the flexibility to optimize service delivery and performance thru third-party providers. Reconciling resources leads to improved business agility, more rapid delivery of services, exposure to innovative technologies, and increased network availability and business uptime, without having to make the budget case for CAPEX investment.
To read this article in full or to leave a comment, please click here