Service Mesh And Ingress In Kubernetes: Lesson 2 – Ingress Fundamentals -Video

This video demonstrates installing an ingress controller, looks at different controller options, and provides some background on why you might want to use an ingress controller in a Kubernetes cluster. Michael Levan brings his background in system administration, software development, and DevOps to this video series. He has Kubernetes experience as both a developer and […]

The post Service Mesh And Ingress In Kubernetes: Lesson 2 – Ingress Fundamentals -Video appeared first on Packet Pushers.

Was IPv6 Really the Worst Decision Ever?

A few weeks ago, Daniel Dib tweeted a slide from Radia Perlman’s presentation in which she claimed IPv6 was the worst decision ever as we could have adopted CLNP in 1992. I had similar thoughts on the topic a few years ago, and over tons of discussions, blog posts, and creating the How Networks Really Work webinar slowly realized it wouldn’t have mattered.

Was IPv6 Really the Worst Decision Ever?

A few weeks ago, Daniel Dib tweeted a slide from Radia Perlman’s presentation in which she claimed IPv6 was the worst decision ever as we could have adopted CLNP in 1992. I had similar thoughts on the topic a few years ago, and over tons of discussions, blog posts, and creating the How Networks Really Work webinar slowly realized it wouldn’t have mattered.

AWS Static Website with Pulumi

Are you tired of pointing and clicking your way through the AWS console to build out your AWS services? Me too! Fear not my lovely adventurers, in this post I will show you how to use the fantastic Infrastructure as Code (IaC) tool Pre-Flight Check The environment will need to be setup...continue reading

Ensuring Data Access with a Distributed Cloud Architecture

Improving the accuracy of our machine learning WAF using data augmentation and sampling

At Cloudflare, we are always looking for ways to make our customers' faster and more secure. A key part of that commitment is our ongoing investment in research and development of new technologies, such as the work on our machine learning based Web Application Firewall (WAF) solution we announced during security week.

In this blog, we’ll be discussing some of the data challenges we encountered during the machine learning development process, and how we addressed them with a combination of data augmentation and generation techniques.

Let’s jump right in!

Introduction

The purpose of a WAF is to analyze the characteristics of a HTTP request and determine whether the request contains any data which may cause damage to destination server systems, or was generated by an entity with malicious intent. A WAF typically protects applications from common attack vectors such as cross-site-scripting (XSS), file inclusion and SQL injection, to name a few. These attacks can result in the loss of sensitive user data and damage to critical software infrastructure, leading to monetary loss and reputation risk, along with direct harm to customers.

How do we use machine learning for the WAF?

The Cloudflare ML solution, at a high level, Continue reading

Checking exit codes in bash

There are quite a few exit codes used on Linux systems, though no listing you can display when you’re feeling curious. In fact, you won’t see the numeric codes unless you specifically ask for them.Instead, you will see a textual description of the problem you encountered—such as “No such file or directory”—in a context like this:$ bin/runme bash: bin/runme: No such file or directory [ Get regularly scheduled insights by signing up for Network World newsletters. ] If you want to see the numeric exit code, you can use the echo $? command. The error message will tell you that there is no “runme” script in your bin directory. The echo $? command will respond with only a number.To read this article in full, please click here

Checking exit codes in bash

There are quite a few exit codes used on Linux systems, though no listing you can display when you’re feeling curious. In fact, you won’t see the numeric codes unless you specifically ask for them.Instead, you will see a textual description of the problem you encountered—such as “No such file or directory”—in a context like this:$ bin/runme bash: bin/runme: No such file or directory [ Get regularly scheduled insights by signing up for Network World newsletters. ] If you want to see the numeric exit code, you can use the echo $? command. The error message will tell you that there is no “runme” script in your bin directory. The echo $? command will respond with only a number.To read this article in full, please click here

Checking exit codes in bash

There are quite a few exit codes used on Linux systems, though no listing you can display when you’re feeling curious. In fact, you won’t see the numeric codes unless you specifically ask for them.Instead, you will see a textual description of the problem you encountered—such as “No such file or directory”—in a context like this:$ bin/runme bash: bin/runme: No such file or directory [ Get regularly scheduled insights by signing up for Network World newsletters. ] If you want to see the numeric exit code, you can use the echo $? command. The error message will tell you that there is no “runme” script in your bin directory. The echo $? command will respond with only a number.To read this article in full, please click here

Checking exit codes in bash

There are quite a few exit codes used on Linux systems, though no listing you can display when you’re feeling curious. In fact, you won’t see the numeric codes unless you specifically ask for them.Instead, you will see a textual description of the problem you encountered—such as “No such file or directory”—in a context like this:$ bin/runme bash: bin/runme: No such file or directory [ Get regularly scheduled insights by signing up for Network World newsletters. ] If you want to see the numeric exit code, you can use the echo $? command. The error message will tell you that there is no “runme” script in your bin directory. The echo $? command will respond with only a number.To read this article in full, please click here

netlab Release 1.3: VXLAN and EVPN

netlab release 1.3 contains two major additions:

• VXLAN transport using static ingress replication or EVPN control plane – implemented on Arista EOS, Cisco Nexus OS, Dell OS10, Nokia SR Linux and VyOS.
• EVPN control plane supporting VXLAN transport, VLAN bridging, VLAN-aware bundles, and symmetric IRB – implemented on Arista EOS, Dell OS10, Nokia SR Linux, Nokia SR OS (control plane), VyOS, and FRR (control plane).

Here are some of the other goodies included in this release:

netlab Release 1.3: VXLAN and EVPN

netlab release 1.3 contains two major additions:

• VXLAN transport using static ingress replication or EVPN control plane – implemented on Arista EOS, Cisco Nexus OS, Dell OS10, Nokia SR Linux and VyOS.
• EVPN control plane supporting VXLAN transport, VLAN bridging, VLAN-aware bundles, and symmetric IRB – implemented on Arista EOS, Dell OS10, Nokia SR Linux, Nokia SR OS (control plane), VyOS, and FRR (control plane).

Here are some of the other goodies included in this release:

Is VLAN 1 Special in Cisco Networks?

I got asked why we change from VLAN 1 to another VLAN in Cisco networks. What is bad with the default setup? Is VLAN 1 really magical in a Cisco network?

When Cisco ships a Catalyst switch to you, there is no configuration provided. This means that all the ports will be access ports and the only VLAN that exists is VLAN 1. Now, we’ve all seen networks that keep it like this. Everything is one big flat network and the only VLAN in use is VLAN 1. If this is a bad configuration depends on several factors, including the size of the network, but let’s take a look at some of the drawbacks to maintaining this configuration:

• No segmentation – There is no segmentation. Every user can access every other user and anything else in the VLAN such as infrastructure, servers, IoT type devices, and so on
• Default access – The user gets access simply by connecting their PC to the switch which may not be the desired outcome
• Management access – Related to the first bullet point, if the switch has a management IP in VLAN 1, the user may be able to access and login to the Continue reading

Microsoft adds virtual cores to Windows Server licensing

Microsoft has announced a major update to its Windows Server licensing program, which in part was driven by threats of legal action by the European Union.The most notable change is adding the option of licensing Windows Server based on virtual cores in addition to the current option of paying based on the number of physical processor cores in host machines. [ Get regularly scheduled insights by signing up for Network World newsletters. ] “Today, Windows Server is licensed by physical core, which means customers must have access to the physical server hardware to ensure that they have enough Windows Server licenses to cover all physical cores in the machine,” wrote Nicole Dezen, Microsoft’s chief partner officer, in  a blog post.To read this article in full, please click here

Microsoft adds virtual cores to Windows Server licensing

Microsoft has announced a major update to its Windows Server licensing program, which in part was driven by threats of legal action by the European Union.The most notable change is adding the option of licensing Windows Server based on virtual cores in addition to the current option of paying based on the number of physical processor cores in host machines. [ Get regularly scheduled insights by signing up for Network World newsletters. ] “Today, Windows Server is licensed by physical core, which means customers must have access to the physical server hardware to ensure that they have enough Windows Server licenses to cover all physical cores in the machine,” wrote Nicole Dezen, Microsoft’s chief partner officer, in  a blog post.To read this article in full, please click here

Microsoft adds virtual cores to Windows Server licensing

Microsoft has announced a major update to its Windows Server licensing program, which in part was driven by threats of legal action by the European Union.The most notable change is adding the option of licensing Windows Server based on virtual cores in addition to the current option of paying based on the number of physical processor cores in host machines. [ Get regularly scheduled insights by signing up for Network World newsletters. ] “Today, Windows Server is licensed by physical core, which means customers must have access to the physical server hardware to ensure that they have enough Windows Server licenses to cover all physical cores in the machine,” wrote Nicole Dezen, Microsoft’s chief partner officer, in  a blog post.To read this article in full, please click here

Microsoft adds virtual cores to Windows Server licensing

Microsoft has announced a major update to its Windows Server licensing program, which in part was driven by threats of legal action by the European Union.The most notable change is adding the option of licensing Windows Server based on virtual cores in addition to the current option of paying based on the number of physical processor cores in host machines. [ Get regularly scheduled insights by signing up for Network World newsletters. ] “Today, Windows Server is licensed by physical core, which means customers must have access to the physical server hardware to ensure that they have enough Windows Server licenses to cover all physical cores in the machine,” wrote Nicole Dezen, Microsoft’s chief partner officer, in  a blog post.To read this article in full, please click here

Building High-Available Web Services: Open Source Load Balancing Based on HAProxy + FRR and Origin Web Server Based on NGINX Connected to Arista EVPN/VXLAN. Part 2 – Configuration and Validation.

Hello my friend,

In the previous blogpost we have started discussion about the Open Source Load Balancing solution, which leverages HAProxy and FRR, which is connected to the data centre fabric running EVPN/VXLAN on Arista EOS switches and serving content from NGINX-based origin servers. In that blogpost we covered the architectural guidelines and design principles. Today we will cover the configuration and the validation of the solution.

1
2
3
4
5
No part of this blogpost could be reproduced, stored in a 

retrieval system, or transmitted in any form or by any 

means, electronic, mechanical or photocopying, recording, 

or otherwise, for commercial purposes without the 

prior permission of the author.

What Is More Important: Network Technologies or Network Automation?

The truth is that both disciplines are equally important. Knowledge and skills in network technologies will allow you to build great connectivity solutions to empower businesses across the globe and spread its capabilities as nowadays, perhaps, 99% of all business operations leverage IT and network technologies either entirely or at least partially. In its turn, network automation allows to make operational activities (e.g., configuration, troubleshooting, analysis, etc) much more precise and predictable, decreasing the probability of outages or Continue reading

Feedback Appreciated: Next-Generation Metro Area Networks

Etienne-Victor Depasquale, a researcher at University of Malta, is trying to figure out what technologies service providers use to build real-life metro-area networks, and what services they offer on top of that infrastructure.

If you happen to be involved with a metro area network, he’d love to hear from you – please fill in this survey – and he promised that he’ll share the results of the survey with the participants.

Feedback Appreciated: Next-Generation Metro Area Networks

Etienne-Victor Depasquale, a researcher at University of Malta, is trying to figure out what technologies service providers use to build real-life metro-area networks, and what services they offer on top of that infrastructure.

If you happen to be involved with a metro area network, he’d love to hear from you – please fill in this survey – and he promised that he’ll share the results of the survey with the participants.