Archive

Category Archives for "Networking"

More bots, more trees

More bots, more trees
More bots, more trees

Once a year, we pull data from our Bot Fight Mode to determine the number of trees we can donate to our partners at One Tree Planted. It's part of the commitment we made in 2019 to deter malicious bots online by redirecting them to a challenge page that requires them to perform computationally intensive, but meaningless tasks. While we use these tasks to drive up the bill for bot operators, we account for the carbon cost by planting trees.

This year when we pulled the numbers, we saw something exciting. While the number of bot detections has gone significantly up, the time bots spend in the Bot Fight Mode challenge page has gone way down. We’ve observed that bot operators are giving up quickly, and moving on to other, unprotected targets. Bot Fight Mode is getting smarter at detecting bots and more efficient at deterring bot operators, and that’s a win for Cloudflare and the environment.

What’s changed?

We’ve seen two changes this year in the Bot Fight Mode results. First, the time attackers spend in Bot Fight Mode challenges has reduced by 166%. Many bot operators are disconnecting almost immediately now from Cloudflare challenge pages. We expect this Continue reading

Equinix’s fix for high power bills? Hotter data centers

Data-center giant Equinix has found a low-tech solution to high data-center electric bills: turn up the thermostat.Guidance from the American Society of Heat, Refrigerating, and Air Conditioning Engineers (ASHRAE) recommends a temperature range for data-center servers from 59°F (15°C) to as high as 89°F (31.6°C). Equinix is looking at setting the temperature at 80°F (26.6°C), up from the current setting of 73°F (22.7°C).To read this article in full, please click here

Equinix’s fix for high power bills? Hotter data centers

Data-center giant Equinix has found a low-tech solution to high data-center electric bills: turn up the thermostat.Guidance from the American Society of Heat, Refrigerating, and Air Conditioning Engineers (ASHRAE) recommends a temperature range for data-center servers from 59°F (15°C) to as high as 89°F (31.6°C). Equinix is looking at setting the temperature at 80°F (26.6°C), up from the current setting of 73°F (22.7°C).To read this article in full, please click here

A Quick Look at AWS Scalable Reliable Datagram Protocol

One of the most exciting announcements from the last AWS re:Invent was the Elastic Network Adapter (ENA) Express functionality that uses the Scalable Reliable Datagram (SRD) protocol as the transport protocol for the overlay virtual networks. AWS claims ENA Express can push 25 Gbps over a single TCP flow and that SRD improves the tail latency (99.9 percentile) for high-throughput workloads by 85%.

Ignoring the “DPUs could change the network forever” blogosphere reactions (hint: they won’t), let’s see what could be happening behind the scenes and why SRD improves TCP throughput and tail latency.

Read more …

A Quick Look at AWS Scalable Reliable Datagram Protocol

One of the most exciting announcements from the last AWS re:Invent was the Elastic Network Adapter (ENA) Express functionality that uses the Scalable Reliable Datagram (SRD) protocol as the transport protocol for the overlay virtual networks. AWS claims ENA Express can push 25 Gbps over a single TCP flow and that SRD improves the tail latency (99.9 percentile) for high-throughput workloads by 85%.

Ignoring the “DPUs could change the network forever” blogosphere reactions (hint: they won’t), let’s see what could be happening behind the scenes and why SRD improves TCP throughput and tail latency.

Read more …

In Defense of OSPF In The Underlay (In Some Situations)

When choosing an underlay for an EVPN/VXAN network, the prevailing wisdom is that BGP is the best choice for the underlay routing protocol. And overall, I think that’s true. But OSPF can make a compelling underlay too, as it has a few logistical advantages over BGP in certain cases.

When building out EVPN/VXLAN networks, I like to break the build into four components. They are layers that are built one-by-one on top of each other.

  • Topology (typically leaf/spine)
  • Underlay (provides IP connecitivity for loopbacks)
  • Overlay (exchanges EVPN routes)
  • EVPN services (these are the Layer 2 and Layer 3 networks internal hosts and external networks connect to)

This article is exclusively about the underlay portion. It’s a very simple routed network that has one job, and job only:

Provide routes to enable IP connectivity from any loopbacks on a device to any loopback on any other device.

That’s it.

In normal operation the routing table will be incredibly static. The only time the routing table would change is when a switch is added or removed, or a link goes down, or a switch is upgraded, etc. In regular operation it won’t change.

The underlay is important, but the underlay isn’t Continue reading

Meta considers liquid to cool its hard drives

A joint effort by immersion cooling firm Iceotope and Meta, the parent company of Facebook, found cooling hard drives with a dielectric liquid is safe and a more effective means of cooling than using fans.Hyperscalers like Meta deploy thousands of HDDs in their data centers, and while the heat given off on an individual basis is tiny, it adds up, especially since the drives are in constant use and are close together. The drives are stored in server racks that hold nothing but dozens of hard drives and are referred to as a JBOD (Just a Bunch Of Disks).A JBOD can overheat without cooling, which up to now has been done with fans, but some drives were further away from fans than others, causing uneven cooling.To read this article in full, please click here

Meta considers liquid to cool its hard drives

A joint effort by immersion cooling firm Iceotope and Meta, the parent company of Facebook, found cooling hard drives with a dielectric liquid is safe and a more effective means of cooling than using fans.Hyperscalers like Meta deploy thousands of HDDs in their data centers, and while the heat given off on an individual basis is tiny, it adds up, especially since the drives are in constant use and are close together. The drives are stored in server racks that hold nothing but dozens of hard drives and are referred to as a JBOD (Just a Bunch Of Disks).A JBOD can overheat without cooling, which up to now has been done with fans, but some drives were further away from fans than others, causing uneven cooling.To read this article in full, please click here

Ransomware: It’s coming for your backup servers

Backup and recovery systems are at risk for two types of ransomware attacks: encryption and exfiltration – and most on-premises backup servers are wide open to both. This makes backup systems themselves the primary target of some ransomware groups, and warrants special attention.Hackers understand that backup servers are often under-protected and administered by junior personnel that are less well versed in information security. And it seems no one wants to do something about it lest they become the new backup expert responsible for the server. This is an age-old problem that can allow backup systems to pass under the radar of sound processes that protect most servers.To read this article in full, please click here

Ransomware: It’s coming for your backup servers

Backup and recovery systems are at risk for two types of ransomware attacks: encryption and exfiltration – and most on-premises backup servers are wide open to both. This makes backup systems themselves the primary target of some ransomware groups, and warrants special attention.Hackers understand that backup servers are often under-protected and administered by junior personnel that are less well versed in information security. And it seems no one wants to do something about it lest they become the new backup expert responsible for the server. This is an age-old problem that can allow backup systems to pass under the radar of sound processes that protect most servers.To read this article in full, please click here

Migration Coordinator with HCX – Simplified Workload Migration

With the NSX 4.0.1.1 release, Migration Coordinator adds two game-changing features that help simplify workload migration in the case of lift and shift migration mode. These features build on top of the User Defined Topology mode of migration and add one more config mode. Folks familiar with the User Defined Topology will find the workflow very similar with the added benefit of simplified workload migration, leveraging HCX.   

In this blog post, we will look at this new feature and how to take advantage of it. Please check out the resource links for more information on Migration Coordinator.  We will start with a high-level overview before digging into the details. 

Migration Coordinator 

Migration Coordinator was introduced with NSX-T 2.4 to enable customers to migrate from NSX for vSphere to NSX-T Data Center. It’s a free, fully supported tool that’s built into NSX-T Data Center. Migration Coordinator is flexible with multiple options enabling multiple ways to migrate based on customer requirements. The first release provided a way to migrate everything, including config, workloads, and hosts in place using the same hardware if the deployed topology matched the supported topologies. Starting with the NSX-T 3. Continue reading

7 ways to look at network connections on Linux

Whether you’re managing a network at work or just watching out for your home systems, it’s important to understand your network connections--how you communicate with public systems and those on the local network. This article covers some of the most important commands available on Linux to help you get a clear understanding of your local network and how it reaches outside.While the links provided include important tips on using network commands, some include commands that have been deprecated in favor of newer commands. Some of the most important commands to know today include ip a, ip neigh, ping, tracepath, dig, tcpdump and whois.To read this article in full, please click here

7 ways to look at network connections on Linux

Whether you’re managing a network at work or just watching out for your home systems, it’s important to understand your network connections--how you communicate with public systems and those on the local network. This article covers some of the most important commands available on Linux to help you get a clear understanding of your local network and how it reaches outside.While the links provided include important tips on using network commands, some include commands that have been deprecated in favor of newer commands. Some of the most important commands to know today include ip a, ip neigh, ping, tracepath, dig, tcpdump and whois.To read this article in full, please click here

Full Stack Journey 073: Finding And Following Technical Passion Projects

Today's Full Stack Journey podcast welcomes software engineer Kat Morgan to discuss finding and following passion projects---which for Kat include KubeVirt and UOR Framework. Scott and Kat have a technical and entertaining conversation about how pursuing passion projects can inform, shape, and create career opportunities.

The post Full Stack Journey 073: Finding And Following Technical Passion Projects appeared first on Packet Pushers.

How to reduce 2023 network costs: The cloud

Sometimes, budget pressures mean you just have to cut costs. Sometimes, cutting costs in one area can give you some financial elbow room to fund something in another. A fifth of all CIOs tell me that they have a mandate to cut network costs in 2023, and another third say they’d be open to doing that if they could fund something else with the savings. Most admit that they don’t have a really good idea of how to accomplish their goal without creating a risk that would potentially overwhelm benefits.Cutting CAPEX is popular in theory.  Of 87 enterprises with cost-cutting interest, 55 said they thought their capital budgets would be an attractive place to start. That’s not changed much over the last five years, but what has changed is how enterprises think they could cut CAPEX. It used to be that they believed cost reductions could be achieved with new technologies like hosted router software or white-box devices, but this year they reported concerns that integration costs and risks were too high.To read this article in full, please click here

How Cloudflare helps protect small businesses

How Cloudflare helps protect small businesses
How Cloudflare helps protect small businesses

Large-scale cyber attacks on enterprises and governments make the headlines, but the impacts of cyberattacks can be felt acutely by small businesses that struggle to keep the lights on during normal times. In this blog, we’ll share new research on how small businesses, including those using our free services, have leveraged Cloudflare services to make their businesses more secure and resistant to disruption, along with a real story about how Cloudflare makes a tangible impact for small business customers.

Research has indicated that 43% of cyber attacks target small businesses [Source: Institute for Security and Technology, Blueprint for Ransomware Defense, 2022]. Small businesses face many of the same cybersecurity challenges as larger organizations, but with fewer resources to plan, design, and manage their IT systems and security protections. Most small businesses say they don’t have the personnel to address IT security adequately or appropriately [Source: Ponemon Institute, 2018 State of Cybersecurity in Small & Medium Size Businesses].

Your local florist, fitness studio, café, or pet shop is likely using a wide variety of cloud-based SaaS apps to stay open for customers, including online accounting software, booking systems, point-of-sale credit card readers, inventory management systems, content management Continue reading

1 336 337 338 339 340 3,484