0

Custom Groups and Deployment Templates in netsim-tools

Using custom templates to test IP anycast with MPLS was fun, but as I got into interesting discussions focusing on convoluted details, I found myself going through the same set of steps too many times.

It started with the need to specify individual devices in netlab config command to create new loopback interfaces on anycast servers but not on any other device in the lab. Wouldn’t it be nice to have a group of devices (similar to Ansible groups) that one could use in the limit parameter of netlab config?

0

Interface Names and Descriptions Best Practices and Configuration

The post Interface Names and Descriptions Best Practices and Configuration appeared first on Noction.

0

Noction releases the new feature-rich NFA 21.11 version

The post Noction releases the new feature-rich NFA 21.11 version appeared first on Noction.

0

DINR 2021 Workshop Report

One of the more interesting recent events that acts as a showcase into early DNS research was the DNS and Internet Naming Research Directions (DINR) workshop.

0

IETF 112

Here the rest of the notes from some selected working group meetings that caught my attention at the recent IETF 112 meeting that are not related to DNS work.

0

RFC 9098: Operational Implications of IPv6 Extension Headers

It took more than seven years to publish an obvious fact as an RFC: IPv6 extension headers are a bad idea (RFC 9098 has a much more polite title or it would never get published).

0

Network Performance Update: Full Stack Week

This blog was published on November 20, 2021. As we continue to optimize our network we're publishing regular updates, which are available here.

A little over two months ago, we shared extensive benchmarking results of last mile networks all around the world. The results showed that on a range of tests (TCP connection time, time to first byte, time to last byte), and on a range of measurements (p95, mean), that Cloudflare was the fastest provider in 49% of networks around the world. Since then, we’ve worked to continuously improve performance until we’re the fastest everywhere. We set a goal to grow the number of networks where we’re the fastest by 10% every Innovation Week. We met that goal during Birthday Week (September 2021).

Today, we’re proud to report we blew the goal away for Full Stack Week (November 2021). Cloudflare measured our performance against the top 1,000 networks in the world (by number of IPv4 addresses advertised). Out of those, Cloudflare has become the fastest provider in 79 new networks, an increase of 14% of these 1,000 networks. Of course, we’re not done yet, but we wanted to share the latest results and explain how we did it.

However, Continue reading

0

Weekend Reads 111921

Kaspersky today publishes its Distributed Denial of Service (DDoS) Q3 2021 report, which found when compared to Q3 2020, the total number of DDoS attacks increased by nearly 24%, while the total number of smart attacks (advanced DDoS attacks that are often targeted) increased by 31% when compared to the same period last year.

IP fragmentation is a process that breaks large packets into smaller packets to allow them to more easily traverse a network. The process is common in the DNS, which is predominantly UDP based.

If you’ve been perusing cryptocurrency forums or video-game news recently—or spying everything from New York Times job listings to zany Twitter threads claiming that the traditional job interview is about to be replaced by blockchain-based “quests, adventures and courses to prove your worth”—you might have run into the term “Web3.”

When Facebook announced last month that it was rebranding as Meta, CEO Mark Zuckerberg enthusiastically described the metaverse his company would soon build, promising it would be a world “as detailed and convincing as this one” where “you’re going to be able to do almost anything you can imagine.”

In a previous blog, we shared how Paragon Pathfinder plays an important Continue reading

0

Worth Reading: How to Get Useful Answers to Your Questions

Another must-read masterpiece by Julia Evans: how to get useful answers to your questions.

0

A CIO’s Introduction to the Metaverse

The metaverse has arrived. Here's what CIOs need to know about it -- from business use cases, to risks, to vendor offerings from companies such as Microsoft, Nvidia, and Facebook.

0

FCC auction for prime 5G bandwidth rakes in $21.8B

The FCC auction for a prime band of 5G wireless spectrum has attracted $21.8 billion in bids, underscoring the importance of the frequency blocks that range from 3.5GHz to 3.55GHz.Of the 4,060 blocks available for discrete geographic areas throughout the country, all but 19 sold during the 29-day auction, according to the FCC.[Get regularly scheduled insights by signing up for Network World newsletters.] Carriers have been hungrily buying up this mid-range spectrum that some call the Goldilocks Zone because its transmissions propagate over a significant distance and also support high data rates. Earlier this year an auction for blocks of spectrum in the 3.7GHz (C-band) range raised more than $81 billion. To read this article in full, please click here

0

IP Class is Now in Session

You may have seen something making the rounds on Twitter this week about a couple of proposed drafts designed to alleviate the problems with IPv4 exhaustion by repurposing some old IP spaces that aren’t available for use right now. Specifically:

• 0/8
• 127/8 except for 172.0.0/16
• 240/4

Ultimately, this is probably going to fail for a variety of reasons and looks like it’s more of a suggestion than anything else but I wanted to take a moment to talk about why this isn’t an effective way of fixing address issues.

Error Bearers

The first reason that the Schoen drafts are going to fail is because most of the operating systems in the world won’t allow you to use reserved spaces for a system address. Because we knew years ago that certain spaces were marked as non-usable the logic was configured into the system to disallow the use of those spaces. And even if the system isn’t configured to disallow that space there’s no guarantee the traffic is going to be transmitted.

Let’s take 127/8 as a good example. Was it a smart idea to mark 16 million addresses as loopback host-only space? Nope. But that ship has sailed and Continue reading

0

Xilinx launches a data-center accelerator for HPC

Xilinx has introduced its latest data-center accelerator, the Alveo U55C, which it says is its most powerful accelerator yet thanks to a memory change.For the most part, the FPGA-powered Alveo U55C is similar to its predecessor, Alveo U280. But the U280 has 8GB of HBM2 memory and 16GB of DDR4 DRAM, while the U55C comes with 16GB of HBM2 memory, and no DDR4. HBM2 is considerably faster and more expensive than DDR4 memory.[Get regularly scheduled insights by signing up for Network World newsletters.] By going to all HBM2 and removing the DDR4, Xilinx is able to increase performance and considerably reduce power and size. The Alveo U55C card is a single-slot full height, half length (FHHL) form factor vs. the full height, full length, dual width form of the U280. It also has a much lower power draw, 150W vs. 215W.To read this article in full, please click here

0

Xilinx launches a data-center accelerator for HPC

Xilinx has introduced its latest data-center accelerator, the Alveo U55C, which it says is its most powerful accelerator yet thanks to a memory change.For the most part, the FPGA-powered Alveo U55C is similar to its predecessor, Alveo U280. But the U280 has 8GB of HBM2 memory and 16GB of DDR4 DRAM, while the U55C comes with 16GB of HBM2 memory, and no DDR4. HBM2 is considerably faster and more expensive than DDR4 memory.[Get regularly scheduled insights by signing up for Network World newsletters.] By going to all HBM2 and removing the DDR4, Xilinx is able to increase performance and considerably reduce power and size. The Alveo U55C card is a single-slot full height, half length (FHHL) form factor vs. the full height, full length, dual width form of the U280. It also has a much lower power draw, 150W vs. 215W.To read this article in full, please click here

0

Spinoffs Kyndryl and VMware team up on multicloud

The two new spinoffs on the block—Kyndryl and VMware—have expanded their relationship and promised to help customers with their app modernization and multicloud plans.Under the agreement the companies say they will focus on developing a range of services aimed at multicloud infrastructure and management, digital workspace, managed applications, and other areas.[Get regularly scheduled insights by signing up for Network World newsletters.] “Our combination with VMware is especially important as Kyndryl continues to invest in our industry-leading skills in key areas, most notably in cloud, network and edge computing, and in security and resiliency services,” said Martin Schroeter, Chairman and CEO of Kyndryl in a statement. Through previous agreements, Kyndryl already has thousands of staffers with VMware certifications.To read this article in full, please click here

0

VMware Wins Best Network Detection and Response Award From SE Labs 

After months of in-depth testing by SE Labs across a vast spectrum of security products, VMware is honored to receive the 2021 Best Network Detection and Response award.  This award comes on the heels of the announcement earlier this year that SE Labs awarded the industry’s first NDR AAA rating to VMware NSX Network Detection and Response (NDR).   

According to the U.K. based independent testing lab, each of the award winners has demonstrated its excellence in its category. SE Labs bases their conclusions on a combination of continual public testing, private assessments and feedback from corporate clients who use SE Labs to help choose security products and services. 

The efficacy of VMware NSX NDR is clear, proving  100 percent protection across multi-cloud environments from four major advanced and persistent threats (APT) groups—including FIN7&Carbanak, OilRig, APT3 and APT29—while returning zero false positives. This ability allows security operations teams to rapidly detect malicious activity and stop the lateral movement of threats inside the network.  

A Sea Change in Independent Security Testing 

This award and AAA rating from SE Labs is the first in the industry. It is well-known that today’s attackers continually evolve and chain together an ever increasingly complex chain of events. These techniques, tactics and procedures occur across networks and often traverse and bypass traditional security tools like firewalls and antivirus. As our understanding of attacker’s behaviors evolve, so must our engineering and Continue reading

0

Heavy Networking 607: ZTNA Everywhere With VMware SASE (Sponsored)

In today's sponsored Heavy Networking show with VMware, we take a fresh look at VMware's SASE and Zero Trust Network Access (ZTNA) solution. VMware has a breadth of products that allow for a differentiated overall solution. Joining us today is Craig Connors, Vice President and Chief Technology Officer of Service Provider and Edge at VMware.

0

Heavy Networking 607: ZTNA Everywhere With VMware SASE (Sponsored)

In today's sponsored Heavy Networking show with VMware, we take a fresh look at VMware's SASE and Zero Trust Network Access (ZTNA) solution. VMware has a breadth of products that allow for a differentiated overall solution. Joining us today is Craig Connors, Vice President and Chief Technology Officer of Service Provider and Edge at VMware.

The post Heavy Networking 607: ZTNA Everywhere With VMware SASE (Sponsored) appeared first on Packet Pushers.

0

AWS Networking Fundamentals book: Table of Contents

Here is the Table of Contents of my AWS Networking Fundamentals book. I have added the figures which illustrate the example scenarios in each chapter. The book is available at Leanpub.com. It is still in progress, and there will be additional chapters soon.

 

Continue reading

0

Announcing native support for Stripe’s JavaScript SDK in Cloudflare Workers

This post is also available in 日本語, 简体中文.

Handling payments inside your apps is crucial to building a business online. For many developers, the leading choice for handling payments is Stripe. Since my first encounter with Stripe about seven years ago, the service has evolved far beyond simple payment processing. In the e-commerce example application I shared last year, Stripe managed a complete seller marketplace, using the Connect product. Stripe's product suite is great for developers looking to go beyond accepting payments.

Earlier versions of Stripe's SDK had core Node.js dependencies, like many popular JavaScript packages. In Stripe’s case, it interacted directly with core Node.js libraries like net/http, to handle HTTP interactions. For Cloudflare Workers, a V8-based runtime, this meant that the official Stripe JS library didn’t work; you had to fall back to using Stripe’s (very well-documented) REST API. By doing so, you’d lose the benefits of using Stripe’s native JS library — things like automatic type-checking in your editor, and the simplicity of function calls like stripe.customers.create(), instead of manually constructed HTTP requests, to interact with Stripe’s various pieces of functionality.

In April, we wrote that we were focused on Continue reading