Archive

Category Archives for "Networking"

The Linux fold command breaks up text, drives loops

The Linux fold command enables you to break a string of characters into same-size chunks, but it can also be used to provide a series of characters or strings to drive a loop. This post reviews the basic command and then demonstrates how you can use it to loop through the characters or strings that it creates.The basic use of the fold command is to take long lines of text and break them into shorter pieces. One common use is to shorten lines in a text file so that they display well in a terminal window. Lines wider than the terminal width might otherwise wrap in inconvenient places.The fold command can also be used to create a narrower file from a file with lines that are inconveniently long.To read this article in full, please click here

Juniper vQFX on GNS3

The vQFX is a virtualized version of the Juniper Networks QFX10000 Ethernet switches portfolio. It is a free tool that is not sold and therefore not supported by Juniper. The vQFX offers the same control and data plane features as the physical QFX10000 switches with limited software forwarding performance. We can use the vQFX to […]
Continue reading...

SR Linux in Containerlab

This article uses Containerlab to emulate a simple network and experiment with Nokia SR Linux and sFlow telemetry. Containerlab provides a convenient method of emulating network topologies and configurations before deploying into production on physical switches.

curl -O https://raw.githubusercontent.com/sflow-rt/containerlab/master/srlinux.yml

Download the Containerlab topology file.

containerlab deploy -t srlinux.yml

Deploy the topology.

docker exec -it clab-srlinux-h1 traceroute 172.16.2.2

Run traceroute on h1 to verify path to h2.

traceroute to 172.16.2.2 (172.16.2.2), 30 hops max, 46 byte packets
1 172.16.1.1 (172.16.1.1) 2.234 ms * 1.673 ms
2 172.16.2.2 (172.16.2.2) 0.944 ms 0.253 ms 0.152 ms

Results show path to h2 (172.16.2.2) via router interface (172.16.1.1).

docker exec -it clab-srlinux-switch sr_cli

Access SR Linux command line on switch.

Using configuration file(s): []
Welcome to the srlinux CLI.
Type 'help' (and press <ENTER>) if you need any help using this.
--{ + running }--[ ]--
A:switch#

SR Linux CLI describes how to use the interface.

A:switch# show system sflow status

Get status of sFlow telemetry.

-------------------------------------------------------------------------
Admin State Continue reading

Optimizing TCP for high WAN throughput while preserving low latency

Optimizing TCP for high WAN throughput while preserving low latency
Optimizing TCP for high WAN throughput while preserving low latency

Here at Cloudflare we're constantly working on improving our service. Our engineers are looking at hundreds of parameters of our traffic, making sure that we get better all the time.

One of the core numbers we keep a close eye on is HTTP request latency, which is important for many of our products. We regard latency spikes as bugs to be fixed. One example is the 2017 story of "Why does one NGINX worker take all the load?", where we optimized our TCP Accept queues to improve overall latency of TCP sockets waiting for accept().

Performance tuning is a holistic endeavor, and we monitor and continuously improve a range of other performance metrics as well, including throughput. Sometimes, tradeoffs have to be made. Such a case occurred in 2015, when a latency spike was discovered in our processing of HTTP requests. The solution at the time was to set tcp_rmem to 4 MiB, which minimizes the amount of time the kernel spends on TCP collapse processing. It was this collapse processing that was causing the latency spikes. Later in this post we discuss TCP collapse processing in more detail.

The tradeoff is that using a low value for Continue reading

Don’t let automation break change management

The drive to automate more and more network operations is a good thing, but it exposes a need for network teams to ensure their change-management processes are in order.Networks are doing more, becoming integral to zero-trust security architectures, for example, and to end-to-end enterprise optimization endeavors. Networks are also connecting more things than ever: Mobile devices and IoT nodes continue to proliferate outside data centers and IaaS environments, while inside the enterprise, VMs and containers and separate environments segregating groups of them from each other for security purposes continue to proliferate.To read this article in full, please click here

IBM brings hybrid-cloud app services to z/OS mainframes

IBM has introduced a service for its mainframe customers to create a cloud environment for developing and testing applications.Wazi as a Service can be used to create z/OS infrastructure instances for development and testing z/OS application components in a virtualized, containerized sandbox. The instances would run on Red Hat OpenShift on x86 hardware. The service also includes access to z/OS systems and integrates with modern source-code management platforms such as GitHub and GitLab. [ Get regularly scheduled insights by signing up for Network World newsletters. ]To read this article in full, please click here

IBM brings hybrid-cloud app services to z/OS mainframes

IBM has introduced a service for its mainframe customers to create a cloud environment for developing and testing applications.Wazi as a Service can be used to create z/OS infrastructure instances for development and testing z/OS application components in a virtualized, containerized sandbox. The instances would run on Red Hat OpenShift on x86 hardware. The service also includes access to z/OS systems and integrates with modern source-code management platforms such as GitHub and GitLab. [ Get regularly scheduled insights by signing up for Network World newsletters. ]To read this article in full, please click here

IBM brings hybrid-cloud app services to z/OS mainframes

IBM has introduced a service for its mainframe customers to create a cloud environment for developing and testing applications.Wazi as a Service can be used to create z/OS infrastructure instances for development and testing z/OS application components in a virtualized, containerized sandbox. The instances would run on Red Hat OpenShift on x86 hardware. The service also includes access to z/OS systems and integrates with modern source-code management platforms such as GitHub and GitLab. [ Get regularly scheduled insights by signing up for Network World newsletters. ]To read this article in full, please click here

Analysis: Will Your Security Infrastructure Be Determined By Your Cyberinsurance?

This post originally appeared on the Packet Pushers’ now-defunct Ignition site on October 1, 2019.   Insurance companies that offer cyberinsurance policies are looking at ways to reduce their risk (and improve profit margins) by discounting for companies that deploy reviewed and approved technologies. Company executives will make decisions about the cost and value of […]

The post Analysis: Will Your Security Infrastructure Be Determined By Your Cyberinsurance? appeared first on Packet Pushers.

BYOCNI: Introducing Calico CNI for Azure AKS

Cloud-native applications running on Kubernetes rely on container network plugins to establish workload communication. While Azure Kubernetes Service (AKS) provides several supported networking options (kubenet and Azure CNI) that address the needs of most deployments, Microsoft recently introduced the ability to bring your own networking solution, called BYOCNI, to help users address more advanced networking requirements. This new feature enables AKS customers to run Calico networking on AKS.

This blog will walk you through some exciting capabilities you can unlock with Calico running in your AKS deployments.

Why use Calico networking on AKS?

Calico is the most widely adopted container networking and security solution for Kubernetes. Powering more than 100M containers across 2M+ nodes in 166 countries, Calico is supported across all major cloud providers and Kubernetes distributions. Calico gives you a choice of data planes, including eBPF, standard Linux networking, and Windows HNS-based workloads running in public clouds and/or on-prem, on a single node, or across a multi-thousand-node cluster. Whether you need to scale to thousands of microservices with eBPF, or add Windows workloads to your Kubernetes deployments, Calico has you covered.

Calico’s core design principles leverage cloud-native design best practices, combined with proven, standards-based network protocols trusted by Continue reading

Reading: The Case for a Mostly Open Internet

This post originally appeared on the Packet Pushers’ Ignition site on January 14, 2020. There is a slow but steady trend for Governements’ to take back control of internet in their countries. For China the “great firewall” is now a rigid access control on content. Russia has been progressing changes to to be isolate itself […]

The post Reading: The Case for a Mostly Open Internet appeared first on Packet Pushers.

Kubernetes For Network Engineers: Lesson 2 – Services, Nodeports, And Load Balancers – Video

This lesson walks through the basics of reaching an application running in a Kubernetes pod. Instructor Michael Levan brings his background in system administration, software development, and DevOps to this series. He has Kubernetes experience as both a developer and infrastructure engineer. He’s also a consultant and Pluralsight author, and host of the “Kubernetes Unpacked” […]

The post Kubernetes For Network Engineers: Lesson 2 – Services, Nodeports, And Load Balancers – Video appeared first on Packet Pushers.