N4N044: Redundancy Vs. High Availability Part 2 – HA Networking Isn’t Free
In Part 1 of Redundancy vs. High Availability, we said that sometimes high availability and redundancy are considered to be the same thing, but we disagree. Holly and Ethan do agree that high availability can be considered a network design goal, and that redundancy is just one technique that can be used to help make... Read more »IPB189: RFC 9898 – Neighbor Discovery Considerations in IPv6 Deployments
The newly published RFC 9898 is the discussion of today’s podcast. The IPv6 Buzz crew explore the complexities of neighbor discovery and review solutions for both operators and architects. They share how this RFC serves as a single, detailed resource to improve your understanding of neighbor discovery and to reduce the potential attack surface in... Read more »Technical Writing: Lower Your Expectations
Sean Goedecke published an excellent set of recommendations for good technical writing, including:
- Keep it short
- Try to make your point in the first sentence
- Details matter less than you think.
Based on some emails I received in the past (and the lack of response to the lengthy emails I sent), we should apply the same rules to emails (and all other forms of technical communication).
Lizzo: Suara Pemberdayaan dan Cinta Diri di Dunia Musik
Daftar Pustaka
Dunia musik modern diwarnai oleh sosok yang berbeda. Ia adalah Lizzo, seorang penyanyi, rapper, dan flutis berbakat. Namun, ia lebih dari sekadar seorang musisi. Lizzo adalah gerakan. Ia membawa pesan cinta diri dan body positivity ke panggung global. Dengan suara yang kuat dan kepribadian yang membara, ia menginspirasi jutaan orang.
Lahir dengan nama Melissa Viviane Jefferson, ia memulai perjalanannya di Detroit. Kemudian, ia dibesarkan di Houston, Texas. Di sanalah bakat bermusiknya mulai diasah. Ia belajar bermain flute klasik. Awalnya, ia tidak membayangkan akan menjadi bintang pop. Namun, takdir membawanya ke jalan yang luar biasa. Kini, ia menjadi salah satu ikon paling berpengaruh di generasinya.
Perjalanan Menuju Panggung Besar
Karier Lizzo tidak dibangun dalam semalam. Ia melewati banyak tantangan. Setelah kuliah, ia pindah ke Minneapolis untuk mengejar mimpinya. Di sana, ia membentuk beberapa grup musik. Ia juga merilis album pertamanya secara independen pada tahun 2013. Album itu berjudul “Lizzobangers”. Meskipun belum sukses besar, karyanya mulai mendapat perhatian.
Selanjutnya, ia pindah ke Los Angeles. Perpindahan ini menjadi titik balik dalam karirnya. Ia merilis dua Continue reading
D2DO288: Technology, Career, and Finding a Purpose with Deana Solis
Ned and Kyler sit down with Deana Solis, a freelance FinOps engineer and mentor. They discuss the undervalued skills of communication, look at the inherent biases and misplaced confidence of AI models, and offer guidance for those starting their careers. Deana also talks about her journey to discover the intersection of technology, career, and finding... Read more »TCG064: Governing AI Agents for Real-World Infrastructure (Sponsored)
In this sponsored episode recorded live at AutoCon 4 in Austin, we sit down with Peter Sprygada, Chief Architect at Itential, to discuss Itential’s on-stage announcement of FlowAI. Peter shares his journey from network engineering skeptic to AI advocate, explaining how Itential securely connects AI agents to infrastructure with enterprise-grade governance and traceability. We dive... Read more »Cloudflare WAF proactively protects against React vulnerability
Cloudflare has deployed a new protection to address a vulnerability in React Server Components (RSC). All Cloudflare customers are automatically protected, including those on free and paid plans, as long as their React application traffic is proxied through the Cloudflare Web Application Firewall (WAF).
Cloudflare Workers are inherently immune to this exploit. React-based applications and frameworks deployed on Workers are not affected by this vulnerability.
We strongly recommend that customers immediately update their systems to the most recent version of React, despite our WAF being designed to detect and prevent this exploit.
Cloudflare has been alerted by its security partners to a Remote Code Execution (RCE) vulnerability impacting Next.js, React Router, and other React frameworks (security advisory CVE-2025-55182, rated CVSS 10.0). Specifically, React version 19.0, 19.1, and 19.2, and Next.js from version 15 through 16 were found to insecurely deserialize malicious requests, leading to RCE.
In response, Cloudflare has deployed new rules across its network, with the default action set to Block. These new protections are included in both the Cloudflare Free Managed Ruleset (available to all Free customers) and the standard Cloudflare Managed Ruleset (available to all paying Continue reading
Cloudflare’s 2025 Q3 DDoS threat report — including Aisuru, the apex of botnets
Welcome to the 23rd edition of Cloudflare’s Quarterly DDoS Threat Report. This report offers a comprehensive analysis of the evolving threat landscape of Distributed Denial of Service (DDoS) attacks based on data from the Cloudflare network. In this edition, we focus on the third quarter of 2025.
The third quarter of 2025 was overshadowed by the Aisuru botnet with a massive army of an estimated 1–4 million infected hosts globally. Aisuru unleashed hyper-volumetric DDoS attacks routinely exceeding 1 terabit per second (Tbps) and 1 billion packets per second (Bpps). The number of these attacks surged 54% quarter-over-quarter (QoQ), averaging 14 hyper-volumetric attacks daily. The scale was unprecedented, with attacks peaking at 29.7 Tbps and 14.1 Bpps.
Other than Aisuru, additional key insights in this report include:
DDoS attack traffic against AI companies surged by as much as 347% MoM in September 2025, as public concern and regulatory review of AI increases.
Escalating EU-China trade tensions over rare earth minerals and EV tariffs coincide with a significant increase in DDoS attacks against the Mining, Minerals & Metals industry as well as the Automotive industry in 2025 Q3.
Overall, in the third quarter of 2025, Cloudflare’s autonomous Continue reading
Worth Watching: AI/ML Data Center Design
What could be better than watching 0x02 Jeffs discuss networking? How about having Petr Lapukhov of the RFC 7938 fame as a guest discussing AI/ML Data Center Design?
Note: Petr disappeared into the information black hole called Facebook over a decade ago, so I wondered how they allowed him to chat on a podcast for hours. It turns out he moved to NVIDIA, which might influence the podcast content a bit, but I’m pretty sure Petr is still Petr ;)
AI Meets Kubernetes Security: Tigera CEO Reveals What Comes Next for Platform Teams
Kubernetes adoption is growing rapidly, but so are complexity and security risks.
Platform teams are tasked with keeping clusters secure and observable while navigating a skills gap. At KubeCon + CloudNativeCon North America, The New Stack spoke with Ratan Tipirneni, President and CEO of Tigera, about the future of Kubernetes security, AI-driven operations, and emerging trends in enterprise networking. The highlights from that discussion are summarized below.
Portions of this article are adapted from a recorded interview between The New Stack’s Heather Joslin and Tigera CEO Ratan Tipirneni. You can watch the full conversation on The New Stack’s YouTube channel. Watch the full interview here
How Can Teams Better Manage the Kubernetes Blast Radius and Skills Gap?
Tipirneni emphasizes the importance of controlling risk in Kubernetes clusters. “You want to be able to microsegment your workloads so that if you do come under an attack, you can actually limit the blast radius,” he says.
Egress traffic is another area of concern. According to Tipirneni, identifying what leaves the cluster is critical for security and compliance. Platform engineers are often navigating complex configurations without decades of Continue reading
HW066: An Inside Look at the WLAN-Pi App
Ben Toner once again joins Keith Parsons to explain the new WLAN-Pi App. Originally built to control the WLAN-Pi Go, the app now works with all WLAN-Pi models and consolidates controls previously spread across the web UI and APIs. They then dive deeper into the method of connectivity for the app and the functionalities it... Read more »PP089: Hidden Wi-Fi Misconfigurations and Wi-Fi 7 Issues to Be Aware Of
There may be misconfigurations and other problems lurking in your wireless network. From a lack of peer isolation to poor segmentation to RADIUS problems and vendor fails, these issues can make your WLAN less secure. Jennifer “JJ” Minella goes from Packet Protector co-host to guest as she discusses these issues with Drew Conry-Murray. This episode... Read more »HS119: Securing 2026: How AI, Quantum, and the AI-Powered Browser are Driving Enterprise Defense (Sponsored)
Anand Oswal, Executive Vice President at Palo Alto Networks, joins Johna Johnson and John Burke for a wide-ranging exploration of two emerging focal points of enterprise risk: cryptographically relevant quantum computing, and browser-mediated agentic AI. The looming arrival of quantum computers that can break legacy encryption has already created the threat of “harvest now, decrypt... Read more »
NB554: AWS, Google Link Public Clouds; Trading Data Center Has Zero Chill
Take a Network Break! We start with listener follow-up on Fortinet’s vulnerability numbering, and sound a red alert about an authentication bypass vulnerability in ASUS’s AiCloud service. AWS and Google announce a joint cross-cloud interconnect offering (other cloud providers are invited to play), Microsoft and Ciena pitch a new design to boost optical network resiliency,... Read more »Multi-Pod EVPN Troubleshooting (Part 3)
Last week, we fixed the mismatched route targets in our sample multi-pod EVPN fabric. With that fixed, every PE device should see every other PE device as a remote VTEP for ingress replication purposes. We got that to work on Site-A (AS 65001), but not on Site-B (AS 65002); let’s see what else is broken.
Note: This is the fifth blog post in the Multi-Pod EVPN series. If you stumbled upon it, start with the design overview and troubleshooting overview posts. More importantly, familiarize yourself with the topology we’ll be using; it’s described in the Multi-Pod EVPN Troubleshooting: Fixing Next Hops.
Ready? Let’s go. Here’s our network topology:
Computer Network Design Complexity and Tradeoffs Training
I’m teaching a “one off” special event class over on O’Reilly’s platform (via Pearson) this coming Friday, the 5th of December. From the Description:
Join networking engineer and infrastructure expert Russ White for this exclusive, one-time event exploring the critical role of tradeoffs in network design. We’ll begin by unpacking how complexity shapes the decisions architects and designers must make, and how tradeoffs are often an unavoidable part of navigating that complexity. Through real-world examples, you’ll learn how different network design choices impact overall system complexity, and how to approach these decisions with greater clarity and confidence. We’ll wrap up with an in-depth discussion of unintended consequences—how they arise, how to anticipate them, and how they relate to designing in complex, adaptive environments.
As always, if you register for the course you can watch later.
How to Upgrade Windows 11 on Unsupported Hardware
Upgrading Windows 11 can be challenging if your computer does not meet Microsoft’s strict hardware […]
The post How to Upgrade Windows 11 on Unsupported Hardware first appeared on Brezular's Blog.
Tech Bytes: Bringing AI Reasoning to Infrastructure with Itential FlowAI (Sponsored)
Itential has announced FlowAI, a new offering that brings agentic AI to Itential’s network automation platform. On today’s Tech Bytes podcast Ethan Banks talks with Peter Sprygada, Chief Architect at Itential, about how FlowAI works, its components, and how Itential uses the Model Context Protocol (MCP). They also dig into how FlowAI supports AI-driven orchestration... Read more »netlab as the Universal Configuration Translator
Dan Partelly, a heavy netlab user (and an active contributor), sent me this interesting perspective on how one might want to use netlab without ever building a lab with it. All I added was a bit of AI-assisted editing; my comments are on a grey background.
In all podcasts and interviews I listened to, netlab was referred to as a “lab management solution”. But this is misleading. It’s also a translator, due to its ability to abstract devices, and can easily generate perfectly usable configs for devices or technologies you have never worked on.