0

Worth Reading: Egress Anycast in Cloudflare Network

Cloudflare has been using ingress anycast (advertising the same set of prefixes from all data centers) for ages. Now they did a giant leap forward and implemented another “this thing can never work” technology: egress anycast. Servers from multiple data centers use source addresses from the prefix that’s advertised by all data centers.

Not only that, in the long-established tradition they described their implementation in enough details that someone determined enough could go and implement it (as opposed to the typical look how awesome our secret sauce is approach from Google).

0

Chase Centers Debuts Wi-Fi 6E to Give Fan Improvement a Boost

The primary driver behind the deployment is to create the best possible fan experience.

0

Heavy Networking 658: Using Batfish To Model And Test Your Network

Today on Heavy Networking, modeling your network with Batfish. Batfish is an open-source project that builds a model of your production network based on a snapshot of your network and device configurations. Engineers can then test and validate changes against this model before making those changes to the production network. Guest Rick Donato walks us through how Batfish works, use cases, and more.

The post Heavy Networking 658: Using Batfish To Model And Test Your Network appeared first on Packet Pushers.

0

Heavy Networking 658: Using Batfish To Model And Test Your Network

Today on Heavy Networking, modeling your network with Batfish. Batfish is an open-source project that builds a model of your production network based on a snapshot of your network and device configurations. Engineers can then test and validate changes against this model before making those changes to the production network. Guest Rick Donato walks us through how Batfish works, use cases, and more.

0

Emerging Wireless Power at-a-Distance Movement Promises Users Big Benefits

The plan is to cut wiring, maintenance, and management costs for in-building and wider area power – an effort that has drawn interest and funding from enterprises, government agencies, and branches of the military.

0

Weekend Reads 120222

Nearly every application has at least one vulnerability or misconfiguration that affects security and a quarter of application tests found a highly or critically severe vulnerability, a new study shows.

75% of lookalike domains are registered with unrelated third parties and target these companies.

China’s antitrust watchdog, the State Administration for Market Regulation (SAMR), has proposed a revision of the nation’s competition law that targets tech firms.

A new report claims that Metaâ€s tracking Pixel has been used to collect your financial information when using popular tax filing services to send in your return.

Did you know that a Magniber ransomware infection can cost you a ransom of as much as US$2,500?

New York State has banned a practice becoming more common in the crypto-mining industry – the rescuing and repurposing of mothballed fossil fuel plants to exclusively provide energy for mining digital currency.

DDoS attacks target certain networks, flooding them with unwanted traffic from many different sources and causing interruptions to online services for legitimate users.

John the Ripper (JtR) is a popular password-cracking tool. John supports many encryption technologies for Windows and Unix systems (Mac included).

While in the near future most devices in the car will Continue reading

0

Video: What Can Netlab Do?

Time for another netlab video: after explaining how netlab fits into the virtual lab orchestration picture, let’s answer the next question: what exactly can netlab do?

0

Video: What Can Netlab Do?

Time for another netlab video: after explaining how netlab fits into the virtual lab orchestration picture, let’s answer the following question: what exactly can netlab do?

0

IPv6 Link-Local Next Hop Capability for BGP

The post IPv6 Link-Local Next Hop Capability for BGP appeared first on Noction.

0

IPv6 Link-Local Next Hop Capability for BGP

The post IPv6 Link-Local Next Hop Capability for BGP appeared first on Noction.

0

Surviving a Mastodon stampede

By now you’ve probably heard about Mastodon, the open-source microblogging platform that’s been gaining popularity since Elon Musk took over Twitter.A major feature of the platform is it’s de-centralized, distributed architecture that provides resilience, but a downside is that it can cause congestion and increase latency for the unprepared.Here’s how Mastodon works. Its servers (instances) operate semi-independently of each other, and users register with servers geared toward communities that interest them. But users can follow and interact with others from across the Fediverse—users hosted on other Mastodon instances as well as other services utilizing the open-source ActivityPub protocol from the Worldwide Web Consortium.To read this article in full, please click here

0

Capturing Decrypted TLS Traffic with Arkime

In a previous post, we have discussed how to decrypt TLS traffic using a transparent […]

The post Capturing Decrypted TLS Traffic with Arkime first appeared on Brezular's Blog.

0

Hedge 156: Functional Separation in Network Design with Kevin Myers

Modularization is a crucial part of network design because it supports interchangeability, reduces the size of failure domains, and controls security domains. One critical aspect of modularization is functional separation, which argues for separating services onto specific physical and logical resources. Kevin Myers joins Tom Ammon and Russ White on this episode of the Hedge to discuss the theory and importance of functional separation in network design.

download

0

Kubernetes Unpacked 014: Using GitOps And AKS To Build And Deploy Applications

In today's episode of Kubernetes Unpacked, Michael catches up with Steve Buchanan, Principal Program Manager at Microsoft, to talk about using GitOps and Azure Kubernetes Service (AKS) to automate the building and deployment of applications. Microsoft has been working incredibly hard on AKS, including integrating different tools and platforms to make the lives of DevOps and Platform Engineers easier.

The post Kubernetes Unpacked 014: Using GitOps And AKS To Build And Deploy Applications appeared first on Packet Pushers.

0

Kubernetes Unpacked 014: Using GitOps And AKS To Build And Deploy Applications

In today's episode of Kubernetes Unpacked, Michael catches up with Steve Buchanan, Principal Program Manager at Microsoft, to talk about using GitOps and Azure Kubernetes Service (AKS) to automate the building and deployment of applications. Microsoft has been working incredibly hard on AKS, including integrating different tools and platforms to make the lives of DevOps and Platform Engineers easier.

0

The Case for Hybrid Networks: Wired + Wireless

Do we foresee a world where one day all IT will be wireless – or will ethernet continue to coexist with it?

0

IPv6 Buzz 115: DNS And IPv6

In this episode, Ed, Scott, and Tom talk about DNS and IPv6. We cover legacy IPv6 brokeness and DNS, how DNS performs over v6, and how DNS works with v6-only networks.

The post IPv6 Buzz 115: DNS And IPv6 appeared first on Packet Pushers.

0

IPv6 Buzz 115: DNS And IPv6

In this episode, Ed, Scott, and Tom talk about DNS and IPv6. We cover legacy IPv6 brokeness and DNS, how DNS performs over v6, and how DNS works with v6-only networks.

0

IPv6 flow analytics with Containerlab

CONTAINERlab is a Docker orchestration tool for creating virtual network topologies. The sflow-rt/containerlab project contains a number of topologies demonstrating industry standard streaming sFlow telemetry with realistic data center topologies. This article extends the examples in Real-time telemetry from a 5 stage Clos fabric and Real-time EVPN fabric visibility to demonstrate visibility into IPv6 traffic flows.

docker run --rm -it --privileged --network host --pid="host" \
  -v /var/run/docker.sock:/var/run/docker.sock -v /run/netns:/run/netns \
  -v $(pwd):$(pwd) -w $(pwd) \
  ghcr.io/srl-labs/clab bash

Run the above command to start Containerlab if you already have Docker installed. Otherwise, Installation provides detailed instructions for a variety of platforms.

curl -O https://raw.githubusercontent.com/sflow-rt/containerlab/master/clos5.yml

Download the topology file for the 5 stage Clos fabric shown above.

containerlab deploy -t clos5.yml

Finally, deploy the topology.

The screen capture shows a real-time view of traffic flowing across the network during an iperf3 test. Click on the sFlow-RT Apps menu and select the browse-flows application, or click here for a direct link to a chart with the settings shown above.

docker exec -it clab-clos5-h1 iperf3 -c 2001:172:16:4::2

Each of the hosts in the network has an iperf3 server, so running the above command will test bandwidth between Continue reading

0

Researchers found security pitfalls in IBM’s cloud infrastructure

A demonstrated attack by cybersecurity researchers in IBM’s cloud infrastructure allowed them access to the internal server used to build database images for customer deployments.