0

Full Stack Journey 066: Five IT Skills To Learn In 2022

Drew Conry-Murray and Du’An Lightfoot discuss essential skills for IT professionals in 2022. They include learning to code, learning Linux, and sharing your journey. This topic was inspired by a Tweet thread Du'An recently posted. We also talk about the role of content creation such as blogging and videos to enhance your own learning and advance your career. Du'An is a Sr. Cloud Networking Developer Advocate at AWS Cloud. You may know Du’An from his work as the creator behind LabEveryday, where he posts blogs and videos on technical topics and professional development. You can follow him on Twitter at @labeveryday.

0

Integrating Network Analytics Logs with your SIEM dashboard

We’re excited to announce the availability of Network Analytics Logs. Magic Transit, Magic Firewall, Magic WAN, and Spectrum customers on the Enterprise plan can feed packet samples directly into storage services, network monitoring tools such as Kentik, or their Security Information Event Management (SIEM) systems such as Splunk to gain near real-time visibility into network traffic and DDoS attacks.

What’s included in the logs

By creating a Network Analytics Logs job, Cloudflare will continuously push logs of packet samples directly to the HTTP endpoint of your choice, including Websockets. The logs arrive in JSON format which makes them easy to parse, transform, and aggregate. The logs include packet samples of traffic dropped and passed by the following systems:

1. Network-layer DDoS Protection Ruleset
2. Advanced TCP Protection
3. Magic Firewall

Note that not all mitigation systems are applicable to all Cloudflare services. Below is a table describing which mitigation service is applicable to which Cloudflare service:

Mitigation System	Cloudflare Service
	Magic Transit	Magic WAN	Spectrum
Network-layer DDoS Protection Ruleset	✅	❌	✅
Advanced TCP Protection	✅	❌	❌
Magic Firewall	Continue reading

0

HS 023 Horrors and Hurdles of Hybrid Work

What about changing the work we do ? Perhaps with orchestration / automation and even AI ? So many questions, not many answers.

The post HS 023 Horrors and Hurdles of Hybrid Work appeared first on Packet Pushers.

0

HS 023 Horrors and Hurdles of Hybrid Work

What about changing the work we do ? Perhaps with orchestration / automation and even AI ? So many questions, not many answers.

0

Are Routing Protocols Automation ?

Declarative and intentional. So maybe ?

0

Cloud Native Security Hasn’t Solved Compliance Challenges

Modern, cloud-based, distributed networks may lack a defined perimeter to protect, but they still need network security. And nearly all organizations know that:

0

Debugging Hardware Performance on Gen X Servers

In Cloudflare’s global network, every server runs the whole software stack. Therefore, it's critical that every server performs to its maximum potential capacity. In order to provide us better flexibility from a supply chain perspective, we buy server hardware from multiple vendors with the exact same configuration. However, after the deployment of our Gen X AMD EPYC Zen 2 (Rome) servers, we noticed that servers from one vendor (which we’ll call SKU-B) were consistently performing 5-10% worse than servers from second vendor (which we'll call SKU-A).

The graph below shows the performance discrepancy between the two SKUs in terms of percentage difference. The performance is gauged on the metric of requests per second, and this data is an average of observations captured over 24 hours.

Compute performance via DGEMM

The initial debugging efforts centered around the compute performance. We ran AMD’s DGEMM high performance computing tool to determine if CPU performance was the cause. DGEMM is designed to measure the sustained floating-point computation rate of a single server. Specifically, the code measures the floating point rate of execution of a real matrix–matrix multiplication with double Continue reading

0

Announcing our Spring Developer Challenge

After many announcements from Platform Week, we’re thrilled to make one more: our Spring Developer Challenge!

The theme for this challenge is building real-time, collaborative applications — one of the most exciting use-cases emerging in the Cloudflare ecosystem. This is an opportunity for developers to merge their ideas with our newly released features, earn recognition on our blog, and take home our best swag yet.

Here’s a list of our tools that will get you started:

• Workers can either be powerful middleware connecting your app to different APIs and an origin — or it can be the entire application itself. We recommend using Worktop, a popular framework for Workers, if you need TypeScript support, routing, and well-organized submodules. Worktop can also complement your existing app even if it already uses a framework,  such as Svelte.
• Cloudflare Pages makes it incredibly easy to deploy sites, which you can make into truly dynamic apps by putting a Worker in front or using the Pages Functions (beta).
• Durable Objects are great for collaborative apps because you can use websockets while coordinating state at the edge, seen in this chat demo. To help scale any load, we also recommend Durable Object Groups.
• Workers Continue reading

0

Ethernet Encryptor Market Overview (2022 Edition)

Christoph Jaggi, the author of Ethernet Encryption webinar, published a new version of Ethernet Encryptor Market Overview including:

• Network standards and platforms
• Data plane encryption
• Control plane security
• Key- and system management
• Relevant approvals
• Vendors and products, including detailed feature support matrices.

0

Ethernet Encryptor Market Overview (2022 Edition)

Christoph Jaggi, the author of Ethernet Encryption webinar, published a new version of Ethernet Encryptor Market Overview including:

• Network standards and platforms
• Data plane encryption
• Control plane security
• Key- and system management
• Relevant approvals
• Vendors and products, including detailed feature support matrices.

0

Using Python to Calculate Cisco SD-WAN Tunnel Numbers – Part 2

In the first post I shared with you my code to calculate tunnel numbers in Cisco SD-WAN. I’m a beginner in Python so I thought it would be a great learning experience to have someone experienced in Python, such as Rodrigo, take a look at the code and come up with improvements. As I like to share knowledge, I’m taking this journey with you all. Let’s get started!

You may recall that I had a function to calculate the tunnel number. It looked like this:

def calculate_tunnel_number(interface_name:str) -> int:
    <SNIP>
    return total_score

Rodrigo’s comment was that the function name is excellent as it is clear what the function does. However, my return statement returns total_score which is not clear what it does. It would be better to return tunnel_number which is what the function is calculating.

The next comment is that when splitting things and it is known how many pieces you have, it is better to unpack them, that is, assign the unwanted piece to a throwaway variable rather than using indexing. My code looked something like this:

interface_number = split_interface(interface_name)[1]

It would be better to do something like this:

_, interface_number = split_interface(interface_name)[1]

The first variable, a Continue reading

0

Envoy Gateway Offers to Standardize Kubernetes Ingress

The KubeCon+CloudNativeCon EU, the open source project revealed that is has been working on an extension, explained Envoy creator

0

Extracting substrings on Linux

There are many ways to extract substrings from lines of text using Linux and doing so can be extremely useful when preparing scripts that may be used to process large amounts of data. This post describes ways you can take advantage of the commands that make extracting substrings easy.Using bash parameter expansion When using bash parameter expansion, you can specify the starting and ending positions for the text that you want to extract. For example, you can create a variable by assigning it a value and then use syntax like that shown below to select a portion of it.To read this article in full, please click here

0

Extracting substrings on Linux

There are many ways to extract substrings from lines of text using Linux and doing so can be extremely useful when preparing scripts that may be used to process large amounts of data. This post describes ways you can take advantage of the commands that make extracting substrings easy.Using bash parameter expansion When using bash parameter expansion, you can specify the starting and ending positions for the text that you want to extract. For example, you can create a variable by assigning it a value and then use syntax like that shown below to select a portion of it.To read this article in full, please click here

0

Tech Bytes: Cloudflare Simplifies Wide Area Networks With Magic WAN (Sponsored)

Today on the Tech Bytes podcast we’re talking WAN architectures and how to simplify and secure them with sponsor Cloudflare. Cloudflare's Magic WAN is a network-as-a-service offering. Customers can connect data centers, branches, and users to Cloudflare's private network; add security services; and integrate with third-party SD-WANs.

The post Tech Bytes: Cloudflare Simplifies Wide Area Networks With Magic WAN (Sponsored) appeared first on Packet Pushers.

0

Tech Bytes: Cloudflare Simplifies Wide Area Networks With Magic WAN (Sponsored)

Today on the Tech Bytes podcast we’re talking WAN architectures and how to simplify and secure them with sponsor Cloudflare. Cloudflare's Magic WAN is a network-as-a-service offering. Customers can connect data centers, branches, and users to Cloudflare's private network; add security services; and integrate with third-party SD-WANs.

0

OT’N: BGP Loop Free Paths

Over at Packet Pushers—

Russ White’s BGP series continues with a discussion of building loop-free paths with the Border Gateway Protocol (BGP). Topics include AS (Autonomous System) paths, loop prevention, why loop checks are inbound, and more on IBGP and EBGP.

0

LwM2M Holds More Promise Than MQTT

While MQTT can work with LPWAN, lightweight M2M (LwM2M) is much more efficient and provides a simpler, full-stack set of protocols that offer simplified management of deployments with less power consumption and data.

0

Network Break 382: Intel Charts DPU Roadmap; Juniper Brings Contrail SDN To Kubernetes

This week's Network Break podcast discuss Intel's roadmap for its Infrastructure Processing Units (IPUs). We get more insight into Nokia's deal to provide hardware for Azure, and examine why Juniper has extended its Contrail SDN platform to Kubernetes (hint: because of the cloud). Plus Cisco releases new Wi-Fi capabilities.

0

MikroTik – ROSv7 – VPLS over IPv6 MPLS with LDPv6

The great migration

IPv6 adoption has really picked up in the last 12 months and MikroTik RouterOSv7 development is no exception. Dual stack networks are still the most common and easiest to initially deploy for carriers.

However, single stack networks with IPv4 as a service overlay are definitely on the horizon for MikroTik users now that MPLS can operate purely on IPv6.

Single stack networks are easier and cheaper to operate in the long run and are a natural evolution of dual stack networks as we begin to turn IPv4 off for underlay infrastructure.

LDPv6

There are a few different ways to distribute labels in IPv6 MPLS. SR-MPLS (less common and usually with IS-IS) and SRv6 are the other options besides LDPv6.

While I generally am in favor of SR-MPLS/SRv6 long term due to the protocol simplification and traffic management capabilities, having an IPv6 MPLS stack is a great starting point for MikroTik.

LDPv6 is defined by RFC 7552 and is fairly recent as it finalized in 2015. It generally operates in much the same way as LDPv4.

Use Cases

The most common use case among MikroTik users is more efficient subnetting of IPv4 and directly replaces LDPv4 for this Continue reading