This post originally appeared on the Packet Pushers’ Ignition site on October 19, 2020. The network edge is desirable new territory for software and hardware vendors. The objective is to get compute, networking, storage, and security features as close as possible to data sources and data-hungry applications. VMware and NVIDIA have launched new initiatives to […]
The post VMware And NVIDIA Focus On The Far Edge To Host Network Services On SmartNICs appeared first on Packet Pushers.
docker run --rm -it --privileged --network host --pid="host" \Start Containerlab.
-v /var/run/docker.sock:/var/run/docker.sock -v /run/netns:/run/netns \
-v ~/clab:/home/clab -w /home/clab \
ghcr.io/srl-labs/clab bash
curl -O https://raw.githubusercontent.com/sflow-rt/containerlab/master/clos5.ymlDownload the Containerlab topology file.
sed -i "s/prometheus/topology/g" clos5.ymlChange the sFlow-RT image from sflow/prometheus to sflow/topology in the Containerlab topology. The sflow/topology image packages sFlow-RT with useful applications that combine topology awareness with analytics.
containerlab deploy -t clos5.ymlDeploy the topology.
curl -O https://raw.githubusercontent.com/sflow-rt/containerlab/master/clos5.jsonDownload the sFlow-RT topology file.
curl -X PUT -H "Content-Type: application/json" -d @clos5.json \Post the topology to sFlow-RT. Connect to the sFlow-RT Topology application, http://localhost:8008/app/topology/html/. The dashboard confirms that all the links and nodes in the topology are streaming telemetry. There is currently no traffic on the network, so none of the nodes in the topology are sending flow data.
http://localhost:8008/topology/json
docker exec -it clab-clos5-h1 iperf3 -c 172.16.4.2Generate traffic. You should see the Nodes No Flows number drop Continue reading
If you’re brand-new to Python and Ansible, you might be a bit reluctant to install a bunch of packages and Ansible collections on your production laptop to start building your automation skills. The usual recommendation I make to get past that hurdle is to create a Ubuntu virtual machine that can be destroyed every time to mess it up.
Creating a virtual machine is trivial on Linux and MacOS with Intel CPU (install VirtualBox and Vagrant). The same toolset no longer works on newer Macs with M1 CPU (VMware Fusion is in tech preview, so we’re getting there), but there’s an amazingly simple alternative: Multipass by Canonical.
The post Noction releases the new feature-rich NFA 22.02 version appeared first on Noction.
Disclaimer: I speak about reducing plastic and still I use a 3d printer to print a very specific fixture, I have weighed in options and plastic that I end up printing will be out there hopefully feeding birds or can safely be re-cycled until I come up with something innovative, as of now this is the least I could come upon re-using old bottles, helping birds feed and using some plastic to print a fixture. If I have to buy a commercial one, that is again some plastic and I won’t end up re-using it as well, so 3d printing this small fixture for me outweighs the other currently viable solution and this is something I can give out to neighbours and they can easily associate with.
Am proud to say that I have started to take some responsibility towards the environment and other living beings, that to say it’s my first step and now I appreciate even more what environmentalists and other people do to protect other beings, earth and fellow human beings which we don’t have any time to notice and appreciate them.
Once I started doing the below things which are very trivial I feel good and Continue reading
Recently, I was working with a customer that wanted to extract the TCP SYN unanswered in/out metric captured by Extrahop for a group of web servers and send that data to Splunk so their application team could view the data in a Splunk dashboard. It was an interesting problem to solve...continue reading
I was so surprised when the BGP neighbor came up. I kinda just blinked and stared at it for awhile. I knew it couldn’t be an AWS bug. This was just too basic a setup. Did I misconfigure something? If... Read More ›
The post AWS: The Case of the iBGP Peer that Worked – Part 1: The Facts appeared first on Networking with FISH.
Today's sponsored Heavy Networking dives into the latest features from Pluribus Networks, including Pluribus KubeTracker, which correlates containers with applications, maps hosts to the network fabric, and more. We also cover FlowTracker and a virtualized packet broker service. Our guest is Alessandro Barbieri, VP Product Management at Pluribus.
The post Heavy Networking 619: Pluribus Empowers NetOps With Kubernetes Network Visibility (Sponsored) appeared first on Packet Pushers.
I had a fun exchange on Twitter this week that bears some additional thinking. Emirage (@Emirage6) tweeted a fun meme about learning BGP:
I retweeted it and a few people jumped in the fun, including a couple that said it was better to configure BGP for reasons. This led to a blog post about routing protocols with even more great memes and a good dose of reality for anyone that isn’t a multi-CCIE.
I want you to call your mom and explain BGP to her. Go on and do that now because I’m curious to see how you’d open that conversation. Unless your mom is in networking already I’m willing to bet you’re going to have to start really, really basic. In fact, given the number of news organizations that don’t even know what the letters in the acronym stand for I’d guess you are going to have a hard time talking about the path selection process or leak maps or how sessions are established.
Now, try that same Continue reading
An ‘r’ before a string tells the Python interpreter to treat backslashes as a literal (raw) character. Normally, Python uses backslashes as escape characters. Prefacing the string definition with ‘r’ is a useful way to define a string where you need the backslash to be an actual backslash and not part of an escape code that means something else in the string.
1. In this example, Python will interpret each ‘\t’ found in this string as a tab. That is, the backslash+t is interpreted as an escape sequence with a special purpose.
>>> 'path\to\the\thing' 'path\to\the\thing' >>> print('path\to\the\thing') path o he hing >>>
2. By adding the leading r, Python will know that the backslashes are to be interpreted as literal characters and not escape sequences. Interestingly, note how Python represents the literal backslash–as an escape sequence of backslash + backslash.
>>> r'path\to\the\thing' 'path\\to\\the\\thing' >>> print(r'path\to\the\thing') path\to\the\thing >>>
3. This means another way to handle the literal backslash problem is to use backslash + backslash in your string definition. However, this feels like a clunkier way to define the string to me when compared to using ‘r’. Using ‘r’ makes for, I think, more readable Continue reading
“People ask me to predict the future, when all I want to do is prevent it. Better yet, build it. Predicting the future is much too easy, anyway. You look at the people around you, the street you stand on, the visible air you breathe, and predict more of the same. To hell with more. I want better.”
— Ray Bradbury, from Beyond 1984: The People Machines
The story and the path are clear: quantum computers are coming that will have the ability to break the cryptographic mechanisms we rely on to secure modern communications, but there is hope! The cryptographic community has designed new mechanisms to safeguard against this disruption. There are challenges: will the new safeguards be practical? How will the fast-evolving Internet migrate to this new reality? In other blog posts in this series, we have outlined some potential solutions to these questions: there are new algorithms for maintaining confidentiality and authentication (in a “post-quantum” manner) in the protocols we use. But will they be fast enough to deploy at scale? Will they provide the required properties and work in all protocols? Are they easy to use?
Adding post-quantum cryptography into architectures and networks Continue reading
Theoretically, there is no impediment to adding post-quantum cryptography to any system. But the reality is harder. In the middle of last year, we posed ourselves a big challenge: to change all internal connections at Cloudflare to use post-quantum cryptography. We call this, in a cheeky way, “post-quantum-ifying” our services. Theoretically, this should be simple: swap algorithms for post-quantum ones and move along. But with dozens of different services in various programming languages (as we have at Cloudflare), it is not so simple. The challenge is big but we are here and up for the task! In this blog post, we will look at what our plan was, where we are now, and what we have learned so far. Welcome to the first announcement of a post-quantum future at Cloudflare: our connections are going to be quantum-secure!
The life of most requests at Cloudflare begins and ends at the edge of our global network. Not all requests are equal and on their path they are transmitted by several protocols. Some of those protocols provide security properties whilst others do not. For the protocols that do, for context, Cloudflare uses: TLS, QUIC, WireGuard, DNSSEC Continue reading
It should be safe to say that most of us have had a tough time these past two years, no …
The post Cisco Live 2022 – Good vibes again! first appeared on Fryguy's Blog.