Archive

Category Archives for "Networking"

Using OpenSSL with Ed Harmoush 2/6 Generating Certificates – Video

ED, HIS TLS COURSE, AND THE FREE OPENSSL CHEATSHEET Twitter @ed_pracnet https://practicalnetworking.net Practical TLS course: https://pracnet.net/tls OpenSSL Cheatsheet: https://pracnet.net/openssl FILES FOR THE CERT/KEY MATCHING EXERCISE: ZIP VERSION: packetpushers-pracnet-openssl.zip https://ln5.sync.com/dl/1f1f63d90/kqztwkp9-hkcz3yvq-tuzx79ke-aewxgaip TAR.GZ VERSION: packetpushers-pracnet-openssl.tar.gz https://ln5.sync.com/dl/0791b8d50/q973jpyb-qrmz3cpd-xeiar9zn-qu99gi5w FOR MORE INFO Hashing, Hashing Algorithms, and Collisions – Cryptography Symmetric Encryption vs Asymmetric Encryption Public & Private Keys – Signatures & […]

The post Using OpenSSL with Ed Harmoush 2/6 Generating Certificates – Video appeared first on Packet Pushers.

Friday Thoughts Pre-Cisco Live

It’s weird to think that I’m headed out to Cisco Live for the first time since 2019. The in-person parts of Cisco Live have been sorely missed during the pandemic. I know it was necessary all around but I didn’t realize how much I enjoyed being around others and learning from the community until I wasn’t able to do it for an extended period of time.

Now we’re back in Las Vegas and ready to take part in something that has been missed. I’ve got a busy lineup of meetings with the CCIE Advisory Council and Tech Field Day Extra but that doesn’t mean I’m not going to try and have a little fun along the way. And yes, before you ask, I’m going to get the airbrush tattoo again if they brought the artist back. It’s a tradition as old as my CCIE at this point.

What else am I interested in?

  • I’m curious to see how Cisco responds to their last disappointing quarter. Are they going to tell us that it was supply chain? Are they going to double down on the software transition? And how much of the purchasing that happened was pull through? Does that mean Continue reading

AAE-1 & SMW5 cable cuts impact millions of users across multiple countries

AAE-1 & SMW5 cable cuts impact millions of users across multiple countries
AAE-1 & SMW5 cable cuts impact millions of users across multiple countries

Just after 1200 UTC on Tuesday, June 7, the Africa-Asia-Europe-1 (AAE-1) and SEA-ME-WE-5 (SMW-5) submarine cables suffered cable cuts. The damage reportedly occurred in Egypt, and impacted Internet connectivity for millions of Internet users across multiple countries in the Middle East and Africa, as well as thousands of miles away in Asia. In addition, Google Cloud Platform and OVHcloud reported connectivity issues due to these cable cuts.

The impact

Data from Cloudflare Radar showed significant drops in traffic across the impacted countries as the cable damage occurred, recovering approximately four hours later as the cables were repaired.

AAE-1 & SMW5 cable cuts impact millions of users across multiple countries
AAE-1 & SMW5 cable cuts impact millions of users across multiple countries
AAE-1 & SMW5 cable cuts impact millions of users across multiple countries
AAE-1 & SMW5 cable cuts impact millions of users across multiple countries
AAE-1 & SMW5 cable cuts impact millions of users across multiple countries
AAE-1 & SMW5 cable cuts impact millions of users across multiple countries
AAE-1 & SMW5 cable cuts impact millions of users across multiple countries

It appears that Saudi Arabia may have also been affected by the cable cut(s), but the impact was much less significant, and traffic recovered almost immediately.

AAE-1 & SMW5 cable cuts impact millions of users across multiple countries

In the graphs above, we show that Ethiopia was one of the impacted countries. However, as it is landlocked, there are obviously no submarine cable landing points within the country. The Afterfibre map from the Network Startup Resource Center (NSRC) shows that that fiber in Ethiopia connects to fiber in Somalia, which experienced an impact. In addition, Ethio Telecom also routes traffic through network providers in Kenya and Djibouti. Djibouti Telecom, one of these providers, in turn Continue reading

8 certifications to prepare for hybrid and multi-cloud

As mixed cloud environments take hold and enterprises combine hosted infrastructure with private cloud and on-premises IT, networking professionals need to stay up on the latest developments in hybrid cloud and multi-cloud technologies. A good way to do that is by earning certifications.There are plenty of certifications to choose from – which has its advantages and disadvantages. There’s no one prominent hybrid cloud or multi-cloud certification, most of them are vendor specific, and some of them overlap in terms of what they cover. That means network pros have to choose wisely when they're considering which certifications to pursue.To read this article in full, please click here

Video: Rogue IPv6 RA Challenges

IPv6 security-focused presentations were usually an awesome opportunity to lean back and enjoy another round of whack-a-mole, often starting with an attacker using IPv6 Router Advertisements to divert traffic (see also: getting bored at Brussels airport) .

Rogue IPv6 RA challenges and the corresponding countermeasures are thus a mandatory part of any IPv6 security training, and Christopher Werny did a great job describing them in IPv6 security webinar.

You need Free ipSpace.net Subscription to watch the video.

Video: Rogue IPv6 RA Challenges

IPv6 security-focused presentations were usually an awesome opportunity to lean back and enjoy another round of whack-a-mole, often starting with an attacker using IPv6 Router Advertisements to divert traffic (see also: getting bored at Brussels airport) .

Rogue IPv6 RA challenges and the corresponding countermeasures are thus a mandatory part of any IPv6 security training, and Christopher Werny did a great job describing them in IPv6 security webinar.

You need Free ipSpace.net Subscription to watch the video.

A Look at Meta’s Low-Latency Metaverse Infrastructure

Tackling the challenge of providing fast, smooth, jitter-free gameplay with super low end-to-end latency, social media giant in a blog post Thursday. This low-latency gaming platform could also serve as the base Meta’s pending Metaverse, they asserted. Facebook launched its cloud gaming platform in 2020, providing users quick access to native Android and Windows mobile games across all the browsers. Along with high a volume of consumer access came a high volume of developer and engineering challenges. Network, Hosting, and Cluster Management The first step Meta took in providing low end-to-end latency was a physical one — to reduce the distance between the cloud gaming infrastructure and the players themselves. For this Meta used edge computing and deployed in edges that were close to large populations of players. The goal of edge computing is to “have a unified hosting environment to make sure we can run as many games as possible as smoothly as possible,” Meta engineers Xiaoxing Zhu wrote. The more edge computing sites, the lower the user latency. Continue reading

Key advantages of the Calico eBPF data plane

Project Calico and eBPF

Project Calico has offered a production-ready data plane based on eBPF since September 2020, and it’s been available for technical evaluation for even longer (since February 2020).

The pre-requisites and limitations are simple to review, it’s easy to enable, and it’s easy to validate your configuration. So, there’s never been a better time to start experiencing the benefits!

You do know what those are, don’t you? Don’t worry if not! That’s what this blog post is about. We’ve reached a point where the journey is easy to make, if you know why you want to get there.

Key advantages of using Calico with eBPF

Calico is already the most widely deployed Kubernetes network security solution. What can eBPF do to help our winning formula further? I’ll dive into the details, but let’s look at the highest possible level first.

These three key benefits apply across all supported environments:

  • General performance
  • Native Kubernetes service handling
  • Source IP preservation and Direct Server Return, or DSR
  • Each of these benefits is significant and worth discussing in more detail.

Performance

Calico’s eBPF data plane achieves high performance in several ways. Firstly, it achieves higher throughput and/or less CPU Continue reading

AWS turns-up mainframe-migration service

Amazon Web Services has officially opened its mainframe-migration service that promises to help Big Iron customers move apps to the cloud.AWS Mainframe Modernization, which since last November had been in preview, is available now and offers the tools, infrastructure, and software to manage migration of  mainframe applications to the cloud, AWS stated. [ Get regularly scheduled insights by signing up for Network World newsletters. ] The service includes tools to refactor workloads written for mainframes in legacy programming languages such as COBOL to Java-based cloud services. Or customers can keep their workloads as written and re-platform them to AWS with minimal code changes, AWS stated.To read this article in full, please click here

AWS turns-up mainframe-migration service

Amazon Web Services has officially opened its mainframe-migration service that promises to help Big Iron customers move apps to the cloud.AWS Mainframe Modernization, which since last November had been in preview, is available now and offers the tools, infrastructure, and software to manage migration of  mainframe applications to the cloud, AWS stated. [ Get regularly scheduled insights by signing up for Network World newsletters. ] The service includes tools to refactor workloads written for mainframes in legacy programming languages such as COBOL to Java-based cloud services. Or customers can keep their workloads as written and re-platform them to AWS with minimal code changes, AWS stated.To read this article in full, please click here

How Queen Elizabeth II’s Platinum Jubilee had an impact on the Internet

How Queen Elizabeth II’s Platinum Jubilee had an impact on the Internet
“I declare before you all that my whole life, whether it be long or short, shall be devoted to your service and the service of our great imperial family to which we all belong.”
Queen Elizabeth II birthday speech, April 21, 1947
How Queen Elizabeth II’s Platinum Jubilee had an impact on the Internet

The rising and setting of the sun has an impact on human behaviour and on Internet trends, and events like this weekend's celebration of Queen Elizabeth II’s Platinum Jubilee also show up in Internet trends.

When Elizabeth II's reign started, on February 6, 1952 (the coronation was on June 2, 1953), the Turing machine had already been proposed (1936), and with that the basis for computer science. ARPANET, which became the technical foundation of the Internet, was still a dream that came to fruition in the late 60s — the World Wide Web is from 1989 and in 2014 we celebrated its Silver Jubilee. So, with that in mind, let’s answer the question: did the 2022 celebrations of the first British monarch with a 70th anniversary on the throne have an impact on the UK’s Internet traffic?

First, some details about the Platinum Jubilee. There was a four-day bank holiday (June 2-5) in the UK Continue reading

A new portal for Project Galileo participants

A new portal for Project Galileo participants

This post is also available in 日本語, Deutsch, Français, Español and Português.

A new portal for Project Galileo participants

Each anniversary of Project Galileo serves as an impetus for big-picture thinking among the Cloudflare team about where to take the initiative next. For this eighth anniversary, we want to help participants get the most out of their free security and performance services and simplify the onboarding process.

Organizations protected under Galileo are a diverse bunch, with 111 countries represented across 1,900+ web domains. Some of these organizations are very small and sometimes operated solely by volunteers. It is understandable that many do not have IT specialists or other employees with technical knowledge about security and performance capabilities. We strive to give them the tools and training to succeed, and we felt it was imperative to take this effort to a new level.

Introducing the Cloudflare Social Impact Projects Portal

To provide Galileo participants with one place to access resources, configuration tips, product explainers, and more, we built the Cloudflare Social Impact Projects Portal.

The crisis in Ukraine was a key source of inspiration for this endeavor. With overall applications for the project skyrocketing by 177% in March 2022, we were rushing to onboard new Continue reading

Kubernetes Unpacked 002: Tackling Container Management And Kubernetes Complexity

In this episode, Michael Levan chats with Neil Cresswell, CEO and Co-Founder of Portainer.io. They talk about the challenges of Kubernetes and how everyone is trying to navigate its complexities. They also dive into Kubernetes security, networking, and management.

The post Kubernetes Unpacked 002: Tackling Container Management And Kubernetes Complexity appeared first on Packet Pushers.

Using htop to check performance on Linux

While it's one of the best tools for examining performance on Linux, htop still requires some explanation before you'll be ready to take advantage of all the data it displays. It’s an excellent tool, but you need to understand the coloring scheme, how to scroll up and down through the processes displayed, and how to change your view of what’s happening on the system.It may take some time to get used to the type of information shown and be ready to quickly notice performance problems. That, of course, means that you have to know what normal behavior looks like on your system, and this generally requires spending time with the tool on a relatively frequent basis. In other words, use htop when you’re not at all concerned about how your system is performing and you’ll likely be able to make good use of it when you are.To read this article in full, please click here

Using htop to check performance on Linux

While it's one of the best tools for examining performance on Linux, htop still requires some explanation before you'll be ready to take advantage of all the data it displays. It’s an excellent tool, but you need to understand the coloring scheme, how to scroll up and down through the processes displayed, and how to change your view of what’s happening on the system.It may take some time to get used to the type of information shown and be ready to quickly notice performance problems. That, of course, means that you have to know what normal behavior looks like on your system, and this generally requires spending time with the tool on a relatively frequent basis. In other words, use htop when you’re not at all concerned about how your system is performing and you’ll likely be able to make good use of it when you are.To read this article in full, please click here

Using Custom Vagrant Boxes with netsim-tools

A friend of mine started using Vagrant with libvirt years ago (it was his enthusiasm that piqued my interest in this particular setup, eventually resulting in netsim-tools). Not surprisingly, he’s built Vagrant boxes for any device he ever encountered, created quite a collection that way, and would like to use them with netsim-tools.

While I didn’t think about this particular use case when programming the netsim-tools virtualization provider interface, I decided very early on that:

  • Everything worth changing will be specified in the system defaults
  • You will be able to change system defaults in topology file or user defaults.