Archive

Category Archives for "Networking"

Heavy Networking 607: ZTNA Everywhere With VMware SASE (Sponsored)

In today's sponsored Heavy Networking show with VMware, we take a fresh look at VMware's SASE and Zero Trust Network Access (ZTNA) solution. VMware has a breadth of products that allow for a differentiated overall solution. Joining us today is Craig Connors, Vice President and Chief Technology Officer of Service Provider and Edge at VMware.

The post Heavy Networking 607: ZTNA Everywhere With VMware SASE (Sponsored) appeared first on Packet Pushers.

Announcing native support for Stripe’s JavaScript SDK in Cloudflare Workers

Announcing native support for Stripe’s JavaScript SDK in Cloudflare Workers

This post is also available in 日本語, 简体中文.

Announcing native support for Stripe’s JavaScript SDK in Cloudflare Workers

Handling payments inside your apps is crucial to building a business online. For many developers, the leading choice for handling payments is Stripe. Since my first encounter with Stripe about seven years ago, the service has evolved far beyond simple payment processing. In the e-commerce example application I shared last year, Stripe managed a complete seller marketplace, using the Connect product. Stripe's product suite is great for developers looking to go beyond accepting payments.

Earlier versions of Stripe's SDK had core Node.js dependencies, like many popular JavaScript packages. In Stripe’s case, it interacted directly with core Node.js libraries like net/http, to handle HTTP interactions. For Cloudflare Workers, a V8-based runtime, this meant that the official Stripe JS library didn’t work; you had to fall back to using Stripe’s (very well-documented) REST API. By doing so, you’d lose the benefits of using Stripe’s native JS library — things like automatic type-checking in your editor, and the simplicity of function calls like stripe.customers.create(), instead of manually constructed HTTP requests, to interact with Stripe’s various pieces of functionality.

In April, we wrote that we were focused on Continue reading

New Stream Player customizations to boost your video experience

New Stream Player customizations to boost your video experience
New Stream Player customizations to boost your video experience

When we launched Stream, one of our goals was to provide the most performant video player. We focused on building a player that loads fast, works across different browsers and frameworks, and intelligently switches video quality levels depending on your end user’s connectivity.

We are expanding the Stream Player vision, so you can control the look and feel of the viewing experience. Today, we are announcing a series of new customization options to help you deliver the best video playback experience.

Add Your Own Color

One thing we kept hearing from customers is that they would like to be able to customize the Stream Player to better reflect their brand. Stream Player now supports setting a primary color to match your company’s color. Here is an example of us using the primaryColor property to set the primary color to the Cloudflare Orange.

To use the primaryColor property, simply add it to the iframe URL. In this example, the hex code is #F48120 and the uri-encoded value is %23F48120.

https://iframe.videodelivery.net/fcfa5c97795ba90251cbbae1880a0e18?primaryColor=%23F48120

If you are using the React or Angular wrapper, you can use the primaryColor prop to customize the player color.

Currently, setting the primary color property will change Continue reading

Launching a Startup on Cloudflare Workers

Launching a Startup on Cloudflare Workers
Launching a Startup on Cloudflare Workers

Closing out the Developer Spotlight series for this week is Tejas Mehta who shares how he built his startup, cClip.

cClip is a great tool that allows you to “copy/paste” and transfer files between any of your devices, regardless of what OS they run.

What is so interesting about cClip though is that it is a fully serverless application built on top of Workers and KV, but not exclusively. It uses Firebase for authentication, RevenueCat for a consolidated view over the Apple and Google Play store, and Stripe for all other billing related work.

This is a peek into the future of application development. This is a future where we will be “importing” other SaaS applications as easily as we currently import a package from a package manager. And not only unidirectional by calling APIs on that external application, but bi-directional communication through events with Webhooks.

Here is Tejas telling his story.

The origins of cClip

The abrupt transition to virtual schooling last year led to all my school communications and assignments transitioning online. With a MacBook laptop and an Android phone, submitting my precalculus homework meant I had to take a picture of each page, email each picture to Continue reading

An Open-Source CMS on the Cloudflare Stack: Introductory Post

An Open-Source CMS on the Cloudflare Stack: Introductory Post
An Open-Source CMS on the Cloudflare Stack: Introductory Post

The Cloudflare documentation is a great resource when learning concepts, reviewing API usage notes, or when you’re in need of a concise snippet to illustrate those APIs or concepts. But, as comprehensive as it is, new users to the Cloudflare Workers platform must bridge a large gap to go from the introductory example snippets to a real, production-ready application. While some of this may be specific to Workers (as with any platform), developers everywhere are figuring out how applications should be built in a serverless world. Building large serverless applications entails a learning curve journey, regardless of a developer’s experience level.

At Cloudflare, we’re intimately aware of this because we also had to go through the same transition. Our engineers are world-class and expertfully design and craft products that compliment the distributed paradigm… but experts aren’t born overnight! We have been there, and we want to help jumpstart and aid others’ understanding.

With this in mind, we decided to do something unique to the industry: we are developing an example feature-complete SaaS application that will be built entirely on the Cloudflare stack. It is and will continue to be completely free, open-sourced on GitHub, and developed in public. This Continue reading

Build your next video application on Cloudflare

Build your next video application on Cloudflare
Build your next video application on Cloudflare

Historically, building video applications has been very difficult. There's a lot of complicated tech behind recording, encoding, and playing videos. Luckily, Cloudflare Stream abstracts all the difficult parts away, so you can build custom video and streaming applications easily. Let's look at how we can combine Cloudflare Stream, Access, Pages, and Workers to create a high-performance video application with very little code.

Today, we’re going to build a video application inspired by Cloudflare TV. We’ll have user authentication and the ability for administrators to upload recorded videos or livestream new content. Think about being able to build your own YouTube or Twitch using Cloudflare services!

Fetching a list of videos

On the main page of our application, we want to display a list of all videos. The videos are uploaded and stored with Cloudflare Stream, but more on that later! This code could be changed to display only the "trending" videos or a selection of videos chosen for each user. For now, we'll use the search API and pass in an empty string to return all.

import { getSignedStreamId } from "../../src/cfStream"

export async function onRequestGet(context) {
    const {
        request,
        env,
        params,
    } = context

    const { id  Continue reading

Video: Early Data-Link-Layer Addressing

After a brief coverage of the theoretical aspects of network addressing, it’s time to pay a brief visit to the early data-link-layer addressing solutions, from one address per datagram/frame (SDLC, HDLC) and ignore this address (PPP) to no address on P2P links (SLIP).

You need Free ipSpace.net Subscription to watch the video, and the Standard ipSpace.net Subscription to register for upcoming live sessions.

Video: Early Data-Link-Layer Addressing

After a brief coverage of the theoretical aspects of network addressing, it’s time to pay a brief visit to the early data-link-layer addressing solutions, from one address per datagram/frame (SDLC, HDLC) and ignore this address (PPP) to no address on P2P links (SLIP).

You need Free ipSpace.net Subscription to watch the video, and the Standard ipSpace.net Subscription to register for upcoming live sessions.

DNS at IETF112

Here are notes from some selected working group meetings that caught my attention at the recent IETF 112 meeting. And, yes, I should say at the outset that the DNS continues to catch a lot of my attention these days, so I’ll divide this report into DNS and the other topics. This is the DNS part.

BGP Performance testing with filtering

1st Post Comparing Open Source BGP Stacks 2nd Post Follow-up Measuring BGP Stacks Performance 3rd Post Comparing Open Source BGP stacks with internet routes 4th Post Bird on Bird, Episode 4 of BGP Perf testing 5th Post BGP Performance 5 – 1000 full internet neighbors The number one request I...

Migrating from fabricpath to EVPN/VxLAN

Introduction

Do you have a 3 tier, switched, or vendor proprietary data center design?

Does it rely on spanning tree or proprietary solutions to eliminate spanning tree?

Not sure how to migrate to a new architecture without serious downtime?

If you answered yes to any of these questions then this post is for you. We’ll be looking at deploying an EVPN/VxLAN Data Center fabric and migrating a from a cisco fabricpath environment to the new design.

Although we will be focusing on a fabricpath migration many, if not all, of the principles apply to migrating a 3 tier architecture.

1. Building the new Data Center Fabric
2. Connecting the current fabricpath and new fabric
3. Migrating switched virtual interfaces
4. Migrating various types of physical devices

Building the new Data Center Fabric

The easiest part of designing and building the new fabric is the physical topology. This should be a symmetric topology to easily take advantage of equal cost multipath and add additional switches with ease. This is also known as a spine/leaf or clos topology. The basic idea is leafs connect to spines and spines connect to super spines. A leaf/spine should not connect to another switch of the Continue reading

Real-time threat response for Kubernetes workloads, using threat intelligence feeds and deep packet inspection

Cloud-native transformations come with many security and troubleshooting challenges. Real-time intrusion detection and the prevention of continuously evolving threats is challenging for cloud-native applications in Kubernetes. Due to the ephemeral nature of pods, it is difficult to determine source or destination endpoints and limit their blast radius.

Traditional perimeter-based firewalls are not ideal fit for Kubernetes and containers. Firewalls have traditionally been used to block attacks at the perimeter, but if the perimeter is breached, there’s no protection from within the cluster. The dynamic nature of Kubernetes requires a specialized approach to intrusion detection and prevention for containers, Kubernetes, and cloud.

Threat intelligence feeds, which record and track the IP addresses of known bad actors, are a critical part of modern cloud-native security. Calico Cloud now provides threat intelligence feeds, such as AlienVault, as part of its default security policies. This means that traffic to suspicious IPs is blocked from day one without the need for any extra configuration. Additionally, an anomaly detection dashboard in Calico’s UI shows full context, including which pod(s) was involved so you can analyze and remediate.

Another advanced method for intrusion detection and prevention introduced in Calico Cloud is deep packet inspection (DPI). DPI inspects, Continue reading

IDC: Cisco, Fortinet, HPE-Aruba, VMware lead hot SD-WAN market

Cisco, Fortinet, HPE-Aruba, and VMware lead the evolving and highly-competitive software-defined wide-area networking (SD-WAN) market according to a new report from IDC. “MarketScape: Worldwide SD-WAN Infrastructure 2021 Vendor Assessment” looks at the capabilities of 12 SD-WAN infrastructure vendors evaluating then on a core set of SD-WAN features such as WAN routing, WAN link management, application-based policy controls, and application steering and prioritization.Beyond these features, most current SD-WAN  packages include others such as optimized connections to public clouds (IaaS and SaaS), WAN-link visibility and analytics, end-user experience monitoring, zero-touch provisioning, and forward error correction, according to the author of the report, Brandon Butler, IDC research manager, Enterprise Networks.To read this article in full, please click here