Hedge 113: The PLM with Jeff Jakab
Over the last few episodes of the Hedge, we’ve been talking to folks involved in bringing network products to market. In this episode, Tom Ammon and Russ White talk to Jeff Jakab about the role of the Product Line Manager in helping bring new networking products to life. Join us to understand the roles various people play in the vendor side of the world—both so you can understand the range of roles network engineers can play at a vendor, and so you can better understand how products are designed, developed, and deployed.
How The Gambia lost access to the Internet for more than 8 hours
Internet outages are more common than most people think, and may be caused by misconfigurations, power outages, extreme weather, or infrastructure damage. Note that such outages are distinct from state-imposed shutdowns that also happen all too frequently, generally used to deal with situations of unrest, elections or even exams.
On the morning of January 4, 2022, citizens of The Gambia woke up to a country-wide Internet outage. Gamtel (the main state-owned telecommunications company of the West Africa country), announced that it happened due to "technical issues on the backup links" — we elaborate more on this below.
Cloudflare Radar shows that the outage had a significant impact on Internet traffic in the country and started after 01:00 UTC (which is the same local time), lasting until ~09:45 — a disruption of over 8 hours.
Looking at BGP (Border Gateway Protocol) updates from Gambian ASNs around the time of the outage, we see a clear spike at 01:10 UTC. These update messages are BGP signaling that the Gambian ASNs are no longer routable.
It is important to know that BGP is a mechanism to exchange routing information between autonomous systems (networks) on the Internet. The routers that make the Continue reading
Setting Flow Table Sizes on Juniper Routers
The post Setting Flow Table Sizes on Juniper Routers appeared first on Noction.
An Application-Layer Approach To Multi-Cloud Network Fabrics
This post was originally published on the Packet Pushers’ Ignition site on September 21, 2021. It sounds trite to say that enterprise IT environments are multi-cloud, but the extent of cloud heterogeneity might shock those not paying attention. A recent survey found that 44 percent of organizations had more than half of their workloads deployed […]
The post An Application-Layer Approach To Multi-Cloud Network Fabrics appeared first on Packet Pushers.
Recursive BGP Next Hops: an RFC 4271 Quirk
All BGP implementations I’ve seen so far use recursive next hop lookup:
- The next hop in the IP routing table is the BGP next hop advertised in the incoming update
- That next hop is resolved into the actual next hop using one or more recursive lookups into the IP routing table.
Furthermore, all BGP implementations I’ve seen used multiple recursive next hops (if available) to implement load balancing toward the BGP next hop – that’s how we made EBGP load balancing work in Stone Age of networking.
Recursive BGP Next Hops: an RFC 4271 Quirk
All BGP implementations I’ve seen so far use recursive next hop lookup:
- The next hop in the IP routing table is the BGP next hop advertised in the incoming update
- That next hop is resolved into the actual next hop using one or more recursive lookups into the IP routing table.
Furthermore, all BGP implementations I’ve seen used multiple recursive next hops (if available) to implement load balancing toward the BGP next hop – that’s how we made EBGP load balancing work in Stone Age of networking.
Procuring IPv4 Addresses: Wait in Line, Buy, or Lease
Scarce IPv4 addresses demand top dollar, opening up leasing opportunities and in some cases accelerated IPv6 migration timeframes.New Year, New Us?
It’s been a while, hope all are well. This is a behind the scenes update to share with you what has been going on with us at NC and where we are headed. Short story, we’ve taken a break but are getting back to it with new content, new ideas, and quite a few changes. If you want a heads up on what is coming, give this episode a listen. If you like surprises, well just ride it out and you’ll see soon enough. It’s good to be back.
The post New Year, New Us? appeared first on Network Collective.
Microsegmentation Terminology
While I liked reading the Where to Stick the Firewall blog post by Peter Welcher, it bothered me a bit that he used microsegmentation to mean security groups.
I know that microsegmentation became approximately as well-defined as cloud or SDN1, but let’s aim our shiny lance 2 at the nearest windmill and gallop away…
Microsegmentation Terminology
While I liked reading the Where to Stick the Firewall blog post by Peter Welcher, it bothered me a bit that he used microsegmentation to mean security groups.
I know that microsegmentation became approximately as well-defined as cloud or SDN1, but let’s aim our shiny lance 2 at the nearest windmill and gallop away…
BGP in 2021 – The BGP Table
At the start of each year, I have been reporting on the behaviour of the inter-domain routing system over the past 12 months, looking in some detail at some metrics from the routing system that can show the essential shape and behaviour of the underlying interconnection fabric of the Internet.Tello Drone — Initial Review and Python Programming
What is this about ?
A small starter programmable drone that is meant for mostly indoor and has 80 grams of weight with a flight time of 13 minutes.
Some Highlights
https://www.ryzerobotics.com/tello
– Small Drone with under 100 grams weight
– Suitable for kids and anyone who is starting out to get into drones and programmable ones
– Two sites (Tello and tello.edu) offers various addons to support learning and make it more customised for learning
– 13 minutes of Flight time
– 100m Flight distance
– 720p HD Transmission
– 2 Antennas
– you can also have VR headset compatibility
– In collab with DJI and Intel
– Operation via various Apps (Paid and Free ones), Programming Languages ( we are interested in this)
Fancy Features
– Throw and Go — you can just toss Tello into the air
– 8d Flips (needs battery more than 50%)
– Bounce mode (flies up and down from your hand)
Things that I didn’t like :
-First and foremost, there is no way this connects to your home Wifi, Drone goes into an AP Broadcast mode (meaning this starts broadcasting its own AP and we have to connect to it)
This Continue reading
Quality is (too often) the missing ingredient
Software Eats the World?
I’m told software is going to eat the world very soon now. Everything already is, or will be, software based. To some folks, this sounds completely wonderful, but—leaving aside the privacy issues—I still see an elephant in the room with this vision of the future.
Quality.
Let me give you some recent examples.
First, ceiling fans. Modern ceiling fans, in case you didn’t know, don’t rely on the wall switch and pull chains. Instead, they rely on remote controls. This is brilliant—you can dim the light, change the speed of the fan, etc., from a remote control. No unsightly chains hanging from the ceiling.
Well, it’s brilliant so long as it works. I’ve replaced three of the four ceiling fans in my house. Two of the remote controls have somehow attached themselves to two of the three fans. It’s impossible to control one of the fans without also controlling the other. They sometimes get into this entertaining mode where turning one fan off turns the other one on.
For the third one—the one hanging from a 13-foot ceiling—the remote control sometimes operates one of the other fans, and sometimes the fan its supposed to operate. Continue reading
How to Achieve TAP-less Network Traffic Analysis
We’re all becoming extremely aware of the importance of east-west protection. Recent security breaches have highlighted the role of Zero Trust as an essential strategy to protect valuable information. As a result, organizations are explicitly considering the security of east-west traffic flows to prevent adversaries from gaining a foothold in the data center and moving laterally across the network to access high-value data.
The biggest problem with protecting against advanced threats is the need to inspect all network traffic to prevent unwanted access by hackers, malicious insiders, or users with compromised accounts.
The traditional approach involves setting up a series of network Test Access Points (TAPs) to see traffic going over the network. Tapped traffic is then sent to a centralized Network Traffic Analyzer (NTA) appliance for monitoring. All of this – designing the infrastructure, acquiring the devices and appliances, configuring, implementing, and managing them—can present serious issues.
Let’s look at the challenges of the traditional approach, and then show how a distributed implementation can not only respond to the challenges but also provide operational simplicity.
TAP Network Challenges
TAP Challenge 1: Where to put the TAPs
A network architect must determine which network assets are most critical, which locations Continue reading