Archive

Category Archives for "Networking"

ipSpace.net Blog Is in a Public GitHub Repository

I migrated my blog to Hugo two years ago, and never regretted the decision. At the same time I implemented version control with Git, and started using GitHub (and GitLab for a convoluted set of reasons) to host the blog repository.

After hesitating for way too long, I decided to go one step further and made the blog repository public. The next time a blatant error of mine annoys you fork it, fix my blunder(s), and submit a pull request (or write a comment and I’ll fix stuff like I did in the past).

Nvidia announces HPC and edge reference designs, liquid cooling plans

Nvidia unveiled high-performance computing (HPC) reference designs and new water-cooling technology for its GPUs at the annual Computex tradeshow in Taipei, Taiwan.The reference designs employ Nvidia's forthcoming Grace CPU and Grace Hopper Superchips, due next year. Grace is an Arm-based CPU – Nvidia’s first for the server market. Hopper is Nvidia’s next generation of GPU processors. Read more: Highflying Nvidia widens its reach into enterprise data centersTo read this article in full, please click here

Nvidia announces HPC and edge reference designs, liquid cooling plans

Nvidia unveiled high-performance computing (HPC) reference designs and new water-cooling technology for its GPUs at the annual Computex tradeshow in Taipei, Taiwan.The reference designs employ Nvidia's forthcoming Grace CPU and Grace Hopper Superchips, due next year. Grace is an Arm-based CPU – Nvidia’s first for the server market. Hopper is Nvidia’s next generation of GPU processors. Read more: Highflying Nvidia widens its reach into enterprise data centersTo read this article in full, please click here

Another way MPLS breaks traceroute

I recently got fiber to my house. Yay! So after getting hooked up I started measuring that everything looked sane and performant.

I encountered two issues. Normal people would not notice or be bothered by either of them. But I’m not normal people.

I’m still working on one of the issues (and may not be able to disclose the details anyway, as the root cause may be confidential), so today’s issue is traceroute.

In summary: A bad MPLS config can break traceroute outside of the MPLS network.

What’s wrong with this picture?

$ traceroute -q 1 seattle.gov
traceroute to seattle.gov (156.74.251.21), 30 hops max, 60 byte packets
 1  192.168.x.x (192.168.x.x)  0.302 ms     <-- my router
 2  194.6.x.x.g.network (194.6.x.x)  3.347 ms
 3  10.102.3.45 (10.102.3.45)  3.391 ms
 4  10.102.2.29 (10.102.2.29)  2.841 ms
 5  10.102.2.25 (10.102.2.25)  2.321 ms
 6  10.102.1.0 (10.102.1.0)  3.454 ms
 7  10.200.200.4 (10.200.200.4)  2. Continue reading

Introducing our brand new (and free!) Calico Azure Course

Calico Open Source is an industry standard for container security and networking that offers high-performance cloud-native scalability and supports Kubernetes workloads, non-Kubernetes workloads, and legacy workloads. Created and maintained by Tigera, Calico Open Source offers a wide range of support for your choice of data plane whether it’s Windows, eBPF, Linux, or VPP.

We’re excited to announce our new certification course for Azure, Certified Calico Operator: Azure Expert! This free, self-paced course is the latest in our series of four courses. If you haven’t had a chance to complete our previous courses, I highly recommend enrolling in them in the following order (or as you prefer).

  1. Certified Calico Operator: Level 1
  2. Certified Calico Operator: AWS Expert
  3. Certified Calico Operator: eBPF

What will you gain from this course?

Whether you have little to no experience with cloud concepts, have entry-level DevOps and engineering experience, are keen to learn more about Azure or are already an Azure expert looking for a cloud networking and security solution, you will benefit from this course.

The course provides an introduction to Azure cloud, learnings about managed, self-managed and hybrid cluster deployment using Calico in Azure, and offers hands-on labs to help you explore most of Continue reading

What is Wi-Fi 6 (802.11ax), and why do we need it?

Wi-Fi has become an indispensable technology in enterprise networks, supporting enough bandwidth and individual channels to make all-wireless LANs feasible, thanks in large part to 802.11ax, the standard more commonly called Wi-Fi 6.What is 802.11ax (Wi-Fi 6)? Wi-Fi 6 was officially certified in 2020 and has quickly become the de facto standard for wireless LAN technology (WLAN), superseding Wi-Fi 5 (802.11ac). Wi-Fi 6 delivers improved performance, extended coverage and longer battery life compared to Wi-Fi 5.Wi-Fi 6 was originally designed to address bandwidth problems associated with dense, high-traffic environments such as airports, stadiums, trains and offices. However, the explosion of IoT devices that need to connect wirelessly to edge devices, and the ever-increasing bandwidth needs of new data-thirsty applications has rendered Wi-Fi 6 not exactly obsolete on arrival, but certainly not sufficient for some use cases.To read this article in full, please click here

Exium expands SASE, 5G-based security for midsize enterprise networks

California-based secure networking company Exium is adding a new, on-premises SASE ( secure access service edge) node to its cloud-based network management and security platform, bringing that system's capabilities directly to end users' data centers.SASE is a Gartner-defined model that combines SD-WAN with cloud services. It aims to provide a single, cloud-based service that can dramatically simplify the deployment of modern, identity-based security technology. Gartner's definition of SASE mandates the use of five specific security technologies, including secure web gateways, SD-WAN, firewall-as-a-service, a zero-trust network access model and a cloud access security broker to keep data in cloud systems secure.To read this article in full, please click here

Learning BGP Module 2 Lesson 4: Best Path – Video

This installment of Russ White’s BGP course discusses how the BGP protocol calculates the best path for a route. Topics include: -Routes to discard -Weighting -Shortest AS path -Origin type -Multi-Exit Discriminator (MED) -Oldest eBGP Path -Tiebreakers You can subscribe to the Packet Pushers’ YouTube channel for more videos as they are published. It’s a […]

The post Learning BGP Module 2 Lesson 4: Best Path – Video appeared first on Packet Pushers.

What is NFV – Network Function Virtualization

Network Functions Virtualization (NFV) was founded by the European Telecommunication Standard Institute (ETSI) with Industry Specification Group (ISG) which contains seven of the world’s leading telecom network operators.

A challenge of large-scale telecom networks is increasing the variety of proprietary hardware and launching new services that may demand the installation of new hardware. This challenge requires additional floor space, power, cooling, and more maintenance. With evolving virtualization technologies in this decade, NFV focuses on addressing the telecom problems by implementing network functions into software that can run on server hardware or hypervisors.

Furthermore, by using NFV, installing new equipment is eliminated and it will be related to the health of underlay servers and the result is lower CAPEX and OPEX.

There are many benefits when operators use NFV in today’s networks. One of them is Reducing time-to-market to deploy new services to support changing business requirements and market opportunities for new services.

Decoupling physical network equipment from the functions that run on them will help telecom companies to consolidate network equipment types onto servers, storage, and switches that are in data centers. In NFV architecture, the responsibility for handling specific network functions (e.g. IPSEC/SSL VPN) that run in one Continue reading

Bilateral Peering and Multilateral Peering

Bilateral Peering is when two networks negotiate with each other and establish a direct BGP peering session. In one of the previous posts, Settlement Free Peering was explained, in this post, both Bilateral and Multilateral Peering will be explained and both are deployment modes of Settlement Free Peering. 

This is generally done when there is a large amount of traffic between two networks. Tier 1 Operators just do Bilateral Peering as they don’t want to peer with anyone, other than other Tier 1 Operators. The rest of the companies are their potential customers, not their peers.

Multilateral Peering

As mentioned above, Bilateral Peering offers the most control, but some networks with very open peering policies may wish to simplify the process, and simply “connect with everyone”. To help facilitate this, many Exchange Points offer “multilateral peering exchanges”, or an “MLPE”.

  • An MLPE is typically an exchange point that offers a “route-server”, allowing a member to establish a single BGP session and receive routes from every other member connected to the MLPE.
  • Effectively, connecting to the MLPE is the same as agreeing to automatically peer with everyone else connected to the MLPE, without requiring the configuration of a BGP session Continue reading

What is CDN – Content Delivery Networks?

Content Delivery Network companies replicate content caches close to a large user population. They don’t provide Internet access or transit service to the customers or ISPs but distribute the content of the content providers. Today, many Internet Service Providers started their own CDN businesses as well. An example is Level 3. Level 3 provides its CDN services from its POP locations which are spread all over the World.

Content distribution networks reduce latency and increase service resilience (Content is replicated to more than one location). More popular contents are cached locally and the least popular ones can be served from the origin

Why CDN – Content Delivery Networks are necessary?

Before CDNs, the contents were served from the source locations which increased latency, thus reducing throughput. Contents were delivered from the central site. User requests were reaching the central site where the source was located.

 

CDN - Content Delivery Networks

 

Figure 1 – Before CDN

With CDN Technology, the Contents are distributed to the local sites.

 

 

CDN - Content Delivery Networks

 

Figure 2 – After CDN

 

Amazon, Akamai, Limelight, Fastly, and Cloudflare are the largest CDN providers which provide services to different content providers all over the world. Also, some major content providers such Continue reading

Simplify and Standardize Mantra Encounters Reality

I’m usually telling networking engineers seriously considering whether to automate their networks to cleanup their design and simplify the network services first.

The only reasonable way forward is to simplify your processes – get rid of all corner cases, all special deals that are probably costing you more than you earned on them, all one-off kludges to support badly-designed applications – and once you get that done, you might realize you don’t need a magic platform anymore, because you can run your simpler network using traditional tools.

While seasoned automation practitioners agree with me, a lot of enterprise engineers face a different reality. Straight from a source that wished to remain anonymous…

Simplify and Standardize Mantra Encounters Reality

I’m usually telling networking engineers seriously considering whether to automate their networks to cleanup their design and simplify the network services first.

The only reasonable way forward is to simplify your processes – get rid of all corner cases, all special deals that are probably costing you more than you earned on them, all one-off kludges to support badly-designed applications – and once you get that done, you might realize you don’t need a magic platform anymore, because you can run your simpler network using traditional tools.

While seasoned automation practitioners agree with me, a lot of enterprise engineers face a different reality. Straight from a source that wished to remain anonymous…

Cloudflare Middle East & Turkey: a path to growth

Cloudflare Middle East & Turkey: a path to growth

This post is also available in عربي.

Cloudflare Middle East & Turkey: a path to growth

I am excited to announce that I have joined Cloudflare as Managing Director for the Middle East and Turkey (MET) region. Having worked in the domain of cyber security for more than two decades, I can see that Cloudflare is genuine in its mission of building a better Internet that is fast, safe and reliable for everyone. Being part of this journey that touches everyone’s life is surely an exciting thing to do, and I look forward to putting my experience in play towards successfully achieving this goal.

Cloudflare has been associated with delivering fast content over cloud in a most reliable and secure manner, accounting for at least 20% of the global Internet traffic. Cloudflare can cater for and support all types of organizations (businesses and public sector) including those with a social mission. The Middle East and Turkey as an emerging market is characterized by a relatively young population, with 70% of it being under the age of 30. This dynamic youth segment has an insatiable demand for both content and knowledge. To that extent, there has been a rapid uptake in Internet use, and digital transformation initiatives have significantly accelerated Continue reading

The rumored Broadcom purchase of VMware could raise enterprise concerns

If chipmaker Broadcom buys virtualization and multi-cloud vendor VMware as rumored, enterprise customers should watch out for whether the deal hampers the software vendor’s innovation, experts say.Others say the purchase—valued to be about $60 billion by the The Wall Street Journal—could be a boon for Broadcom by moving forward its years-long efforts to acquire enterprise technology.To read this article in full, please click here

The rumored Broadcom purchase of VMware could raise enterprise concerns

If chipmaker Broadcom buys virtualization and multi-cloud vendor VMware as rumored, enterprise customers should watch out for whether the deal hampers the software vendor’s innovation, experts say.Others say the purchase—valued to be about $60 billion by the The Wall Street Journal—could be a boon for Broadcom by moving forward its years-long efforts to acquire enterprise technology.To read this article in full, please click here

Learning BGP Module 2 Lesson 3: Messages And Updates – Video

Russ White’s BGP course continues with a lesson on messages and updates. Topics include: -BGP Open -BGP Reach -BGP MP-Reach -Address families -BGP Update -Update processing -TCP interaction You can subscribe to the Packet Pushers’ YouTube channel for more videos as they are published. It’s a diverse a mix of content from Ethan and Greg, […]

The post Learning BGP Module 2 Lesson 3: Messages And Updates – Video appeared first on Packet Pushers.