Archive

Category Archives for "Networking"

BrandPost: The New Gold Standard: How AIOps Is Transforming Network Capability

You know it better than anyone: the network has become essential infrastructure for any successful enterprise. COVID-19, migration to multicloud, and new application requirements have only amplified pressure on enterprise IT to deliver high-availability, secure network services anywhere, anytime, and on any device.This isn’t a passing fad. Several key trends will drive network growth and complexity for years to come, including: The growing popularity of hybrid and fully remote work models Resource gaps exasperated by the great resignation Dramatic growth in video and cloud meetings An increase in data security regulations To address these challenges and best position themselves for the future, enterprises must implement more intelligence in the network. Modern AIOps uses artificial intelligence and machine learning to assist IT in managing, troubleshooting, and fixing network problems. As a result, AIOps is becoming a key success factor in managing modern enterprise networks.To read this article in full, please click here

IPv6 Buzz 113: We Have DAD Issues (Duplicate Address Detection)

In this episode of IPv6 Buzz, Ed, Scott, and Tom talk about our DAD issues — well, our IPv6 Duplicate Address Detection (DAD) issues anyway. DAD is a feature of IPv6 that looks for duplicate IP addresses among hosts on the same segment. We discuss how it works and operational considerations.

The post IPv6 Buzz 113: We Have DAD Issues (Duplicate Address Detection) appeared first on Packet Pushers.

CI-Based Cloud Network Automation

A pioneer in cloud networking for the last decade, Arista has become synonymous with elastic scaling and programmable provisioning through a modern data-driven software stack. Legacy networks with manual box-by-box configurations for production and testing have led to cumbersome and complex practices. Arista leads the industry in cloud automation built on an open foundation.

Rant: Cloudy Snowflakes

I could spend days writing riffs on some of the more creative (in whatever dimension) comments left on my blog post or LinkedIn1. Here’s one about uselessness of network automation in cloud infrastructure (take that, AWS!):

If the problem is well known you can apply rules to it (automation). The problem with networking is that it results in a huge number of cases that are not known in advance. And I don’t mean only the stuff you add/remove to fix operational problems. A friend in one of the biggest private clouds was saying that more than 50% of transport services are customized (a static route here, a PBR there etc) or require customization during their lifecycle (e.g. add/remove a knob). Telcos are “worse” and for good reasons.

Yeah, I’ve seen such environments. I had discussions with a wide plethora of people building private and public (telco) clouds, and summarized the few things I learned (not many of them good) in Address the Business Challenges First part of the Business Aspects of Networking Technologies webinar.

Rant: Cloudy Snowflakes

I could spend days writing riffs on some of the more creative (in whatever dimension) comments left on my blog post or LinkedIn1. Here’s one about uselessness of network automation in cloud infrastructure (take that, AWS!):

If the problem is well known you can apply rules to it (automation). The problem with networking is that it results in a huge number of cases that are not known in advance. And I don’t mean only the stuff you add/remove to fix operational problems. A friend in one of the biggest private clouds was saying that more than 50% of transport services are customized (a static route here, a PBR there etc) or require customization during their lifecycle (e.g. add/remove a knob). Telcos are “worse” and for good reasons.

Yeah, I’ve seen such environments. I had discussions with a wide plethora of people building private and public (telco) clouds, and summarized the few things I learned (not many of them good) in Address the Business Challenges First part of the Business Aspects of Networking Technologies webinar.

Hedge 153: Security Perceptions and Multicloud Roundtable

Tom, Eyvonne, and Russ hang out at the hedge on this episode. The topics of discussion include our perception of security—does the way IT professionals treat security and privacy helpful for those who aren’t involved in the IT world? Do we discourage users from taking security seriously by making it so complex and hard to use? Our second topic is whether multicloud is being oversold for the average network operator.

download

AMD posts operating loss, but solid growth for data center, embedded segments

AMD announced third quarter results this week, and while it posted a $64 million loss in terms of overall operating income—mainly due to its acquisition of Xilinx—but large gains in the company’s data center, embedded and gaming segments provided an encouraging note.Total revenue rose by 29% for the third quarter of 2022, to $5.56 billion from $4.31 billion one year ago. Gross profit also rose in year on year terms, from $2.08 billion in last year’s third quarter to $2.35 billion for the past three months. The decline in operating income was caused by much higher operating expenses, which more than doubled in the third quarter, rising from $1.14 billion a year ago to $2.42 billion in the most recent figures.To read this article in full, please click here

AMD posts operating loss, but solid growth for data center, embedded segments

AMD announced third quarter results this week, and while it posted a $64 million loss in terms of overall operating income—mainly due to its acquisition of Xilinx—but large gains in the company’s data center, embedded and gaming segments provided an encouraging note.Total revenue rose by 29% for the third quarter of 2022, to $5.56 billion from $4.31 billion one year ago. Gross profit also rose in year on year terms, from $2.08 billion in last year’s third quarter to $2.35 billion for the past three months. The decline in operating income was caused by much higher operating expenses, which more than doubled in the third quarter, rising from $1.14 billion a year ago to $2.42 billion in the most recent figures.To read this article in full, please click here

HPE launches 11th generation ProLiant servers

Hewlett Packard Enterprise has introduced the 11th generation of its ProLiant servers designed for a range of modern workloads, including AI, analytics, cloud-native applications, graphic-intensive applications, machine learning, Virtual Desktop Infrastructure (VDI), and virtualization.The new ProLiants have three processor options: AMD Epyc “Genoa” generation processors, Intel Xeon Scalable “Sapphire Rapids” generation processors, and Ampere Altra and Altra Max cloud-native processors.Compared to the previous server generation, the new HPE ProLiant Gen11 servers support twice as much I/O bandwidth and 33% more high-performance GPU density per server to support AI and graphic-intensive workloads than the prior generation.To read this article in full, please click here

HPE launches 11th generation ProLiant servers

Hewlett Packard Enterprise has introduced the 11th generation of its ProLiant servers designed for a range of modern workloads, including AI, analytics, cloud-native applications, graphic-intensive applications, machine learning, Virtual Desktop Infrastructure (VDI), and virtualization.The new ProLiants have three processor options: AMD Epyc “Genoa” generation processors, Intel Xeon Scalable “Sapphire Rapids” generation processors, and Ampere Altra and Altra Max cloud-native processors.Compared to the previous server generation, the new HPE ProLiant Gen11 servers support twice as much I/O bandwidth and 33% more high-performance GPU density per server to support AI and graphic-intensive workloads than the prior generation.To read this article in full, please click here

Day Two Cloud 170: Sovereign DBaaS And Severalnines (Sponsored)

Welcome to Day Two Cloud! On today’s episode---databases. More specifically, controlling your databases. We’re discussing the database control plane company Severalnines with CEO Vinay Joosery. Severalnines is sponsoring today’s discussion about sovereign Databases as a Service (DBaaS).

The post Day Two Cloud 170: Sovereign DBaaS And Severalnines (Sponsored) appeared first on Packet Pushers.

Cisco, Red Hat team to streamline hybrid-cloud container management

Cisco and Red Hat have expanded their partnership to include a new combination that lets customers more easily turn-up and manage bare-metal containerized workloads.The companies have integrated Cisco’s cloud-operations management platform, Intersight, and Red Hat OpenShift Assisted Installer, which controls OpenShift clusters, to handle the complex and time-consuming process of networking a containerized environment.Nearly 80% of enterprises have adopted containers in production environments, and containers are especially effective when they are migrated across different hybrid-cloud domains—on-premises data centers, colocation facilities, network edge, and public clouds, wrote Dhritiman “DD” Dasgupta, vice president of  product management for Cisco’s Cloud and Compute team in a blog about the integration. To read this article in full, please click here

Cloudflare is not affected by the OpenSSL vulnerabilities CVE-2022-3602 and CVE-2022-3786

Cloudflare is not affected by the OpenSSL vulnerabilities CVE-2022-3602 and CVE-2022-3786
Cloudflare is not affected by the OpenSSL vulnerabilities CVE-2022-3602 and CVE-2022-3786

Yesterday, November 1, 2022, OpenSSL released version 3.0.7 to patch CVE-2022-3602 and CVE-2022-3786, two HIGH risk vulnerabilities in the OpenSSL 3.0.x cryptographic library. Cloudflare is not affected by these vulnerabilities because we use BoringSSL in our products.

These vulnerabilities are memory corruption issues, in which attackers may be able to execute arbitrary code on a victim’s machine. CVE-2022-3602 was initially announced as a CRITICAL severity vulnerability, but it was downgraded to HIGH because it was deemed difficult to exploit with remote code execution (RCE). Unlike previous situations where users of OpenSSL were almost universally vulnerable, software that is using other versions of OpenSSL (like 1.1.1) are not vulnerable to this attack.

How do these issues affect clients and servers?

These vulnerabilities reside in the code responsible for X.509 certificate verification - most often executed on the client side to authenticate the server and the certificate presented. In order to be impacted by this vulnerability the victim (client or server) needs a few conditions to be true:

  • A malicious certificate needs to be signed by a Certificate Authority that the victim trusts.
  • The victim needs to validate the malicious certificate or ignore a Continue reading

Scalability Aspects of SR-MPLS

Henk Smit left a wonderful comment discussing various scalability aspects of SR-MPLS. Let’s go through the points he made:

When you have a thousand routers in your networks, you can put all of them in one (IS-IS) area. Maybe with 2k routers as well. But when you have several thousand routers, you want to use areas, if only to limit the blast-radius.

Absolutely agree, and as RFC 3439 explained in more eloquent terms than I ever could:

Scalability Aspects of SR-MPLS

Henk Smit left a wonderful comment discussing various scalability aspects of SR-MPLS. Let’s go through the points he made:

When you have a thousand routers in your networks, you can put all of them in one (IS-IS) area. Maybe with 2k routers as well. But when you have several thousand routers, you want to use areas, if only to limit the blast-radius.

Absolutely agree, and as RFC 3439 explained in more eloquent terms than I ever could: