Archive

Category Archives for "Networking"

Looking at your Linux system’s network interface with ethtool

The ethtool utility on Linux allows you to view and change some of your network-driver and interface-card settings, especially for wired devices. These include their speed, whether the interface uses auto-negotiation, and whether it runs in half- or full-duplex mode. Ethtool also provides an easy way to view or troubleshoot your network interface.More than likely, ethtool is already available on your Linux system. However, to check, you can use one or both of these commands:$ which ethtool /usr/sbin/ethtool $ sudo ethtool —version ethtool version 5.13 To get a sense of how this utility can control settings, run a command like the one below. The -h means “help”. You’ll likely find yourself looking at 10 pages or so of syntax like what is shown here.To read this article in full, please click here

Tape backup as a defense vs. ransomware

Tape is definitely not the best choice for primary recovery, but it does have features that make it a credible option for restoring systems and data that have fallen victim to ransomware without having to pay the ransom.The cloud has many more upsides than tape as a recovery tool in general, but there are circumstances where tape should be seriously considerd, and ransomware recovery is one of them.How to choose the best NVMe storage array When cloud’s not good enough Using the cloud for ransomware recovery—or not—has become somewhat of a religious discussion in many circles. Choosing the cloud offers many positive things, including cost, speed, and immediate availability—all great advantages when responding to a ransomware attack.To read this article in full, please click here

Tape backup as a defense vs. ransomware

Tape is definitely not the best choice for primary recovery, but it does have features that make it a credible option for restoring systems and data that have fallen victim to ransomware without having to pay the ransom.The cloud has many more upsides than tape as a recovery tool in general, but there are circumstances where tape should be seriously considerd, and ransomware recovery is one of them.How to choose the best NVMe storage array When cloud’s not good enough Using the cloud for ransomware recovery—or not—has become somewhat of a religious discussion in many circles. Choosing the cloud offers many positive things, including cost, speed, and immediate availability—all great advantages when responding to a ransomware attack.To read this article in full, please click here

Tape backup as a defense vs. ransomware

Tape is definitely not the best choice for primary recovery, but it does have features that make it a credible option for restoring systems and data that have fallen victim to ransomware without having to pay the ransom.The cloud has many more upsides than tape as a recovery tool in general, but there are circumstances where tape should be seriously considerd, and ransomware recovery is one of them.How to choose the best NVMe storage array When cloud’s not good enough Using the cloud for ransomware recovery—or not—has become somewhat of a religious discussion in many circles. Choosing the cloud offers many positive things, including cost, speed, and immediate availability—all great advantages when responding to a ransomware attack.To read this article in full, please click here

Tech Bytes: Operationalizing EVPN For Data Center Networks With Nokia (Sponsored)

On today’s Tech Bytes podcast, sponsored by Nokia, we dive into data center networking and EVPN. Nokia’s SR-Linux operating system can help you build a data center fabric with EVPN, and in this episode we’re going to discuss how Nokia operationalizes that protocol.

The post Tech Bytes: Operationalizing EVPN For Data Center Networks With Nokia (Sponsored) appeared first on Packet Pushers.

Arrcus Brings Network Automation and API Accessibility to the Edge

Arrcus, a well-funded edge network software startup that is working to make a name for itself in the expanding multicloud arena. But even as enterprise adoption of multicloud and hybrid cloud strategies continues to rise, he sees the future being at the network and compute edge. “Everybody talks about how you can get benefits from large pools of centralized capacity in the public cloud,” said Ayyar, whose was announced as chairman and CEO on Sept. 15. “What I feel very, very confident about is that this action is almost passé in terms of the clouds, and it’s moving a lot more into the edge. The pendulum is swinging from consolidated and large data centers doing everything to highly distributed and disaggregated infrastructures doing things that are point of consumption, point of sale, Continue reading

Network Break 351: Juniper’s Wired Campus Fabric Challenges Cisco; More Azure Holes Revealed

Today's Network Break podcast discusses Juniper's new wired campus effort and how it leverages Mist Cloud for to help automate its campus fabric, a new set of Azure vulnerabilities, robust SD-WAN growth with the biggest players reaping most of the rewards, free space optics for hard-to-wire regions, and more tech news.

The post Network Break 351: Juniper’s Wired Campus Fabric Challenges Cisco; More Azure Holes Revealed appeared first on Packet Pushers.

Containernet

Containernet is a fork of the Mininet network emulator that uses Docker containers as hosts in emulated network topologies.

Multipass describes how build a Mininet testbed that provides real-time traffic visbility using sFlow-RT. This article adapts the testbed for Containernet.

multipass launch --name=containernet bionic
multipass exec containernet -- sudo apt update
multipass exec containernet -- sudo apt -y install ansible git aptitude default-jre
multipass exec containernet -- git clone https://github.com/containernet/containernet.git
multipass exec containernet -- sudo ansible-playbook -i "localhost," -c local containernet/ansible/install.yml
multipass exec containernet -- sudo /bin/sh -c "cd containernet; make develop"
multipass exec containernet -- wget https://inmon.com/products/sFlow-RT/sflow-rt.tar.gz
multipass exec containernet -- tar -xzf sflow-rt.tar.gz
multipass exec containernet -- ./sflow-rt/get-app.sh sflow-rt mininet-dashboard

Run the above commands in a terminal to create the Containernet virtual machine. 

multipass list

List the virtual machines

Name                    State             IPv4             Image
primary                 Stopped           --               Ubuntu 20.04 LTS
containernet            Running           192.168.64.12    Ubuntu 18.04 LTS
                                          172.17.0.1

Find the IP address of the mininet virtual machine we just created (192.168.64.12).

multipass exec containernet -- ./sflow-rt/start.sh

Start sFlow-RT. Use a web browser to connect to the VM and Continue reading

How to customize your HTTP DDoS protection settings

How to customize your HTTP DDoS protection settings
How to customize your HTTP DDoS protection settings

We’re excited to announce the availability of the HTTP DDoS Managed Ruleset. This new feature allows Cloudflare customers to independently tailor their HTTP DDoS protection settings. Whether you’re on the Free plan or the Enterprise plan, you can now tweak and optimize the settings directly from within the Cloudflare dashboard or via API.

We expect that in most cases, Cloudflare customers won't need to customize any settings. Our mission is to make DDoS disruptions a thing of the past, with no customer overhead. To achieve this mission we’re constantly investing in our automated detection and mitigation systems. In some rare cases, there is a need to make some configuration changes, and so now, Cloudflare customers can customize those protection mechanisms independently. The next evolutionary step is to make those settings learn and auto-tune themselves for our customers, based on their unique traffic patterns. Zero-touch DDoS protection at scale.

Unmetered DDoS Protection

Back in 2017, we announced that we will never kick a customer off of our network because they face large attacks, even if they are not paying us at all (i.e., using the Free plan). Furthermore, we committed to never charge a customer for DDoS attack traffic Continue reading

Supermicro updates one-socket server line

For the longest time, single-socket servers were the bottom of the server hierarchy, using "server" chips weaker than what you might find on a desktop. There were even servers that used the Atom processor. These were departmental servers doing the most menial of tasks, like file and print serving.But that's changing. Driven by high-core-count processors, and no doubt a desire to reduce costs, single-socket servers are getting some hefty workloads. AMD has led the way on this with its 32-core and 64-core EPYC processors that can do more with one chip than what a five-year-old dual-socket server can do. Dell has the servers available.To read this article in full, please click here

Supermicro updates one-socket server line

For the longest time, single-socket servers were the bottom of the server hierarchy, using "server" chips weaker than what you might find on a desktop. There were even servers that used the Atom processor. These were departmental servers doing the most menial of tasks, like file and print serving.But that's changing. Driven by high-core-count processors, and no doubt a desire to reduce costs, single-socket servers are getting some hefty workloads. AMD has led the way on this with its 32-core and 64-core EPYC processors that can do more with one chip than what a five-year-old dual-socket server can do. Dell has the servers available.To read this article in full, please click here

netsim-tools: Network Topology Graphs

Someone using my netsim-tools sent me an intriguing question: “Would it be possible to get network topology graphs out of the tool?

Please note that we’re talking about creating graphs out of network topology described as a YAML data structure, not a generic GUI or draw my network tool. If you’re a GUI person, this is not what you’re looking for.

I did something similar a long while ago for a simple network automation project (and numerous networking engineers built really interesting stuff while attending the Building Network Automation Solutions course), so it seemed like a no-brainer. As always, things aren’t as easy as they look.

Read more …

netlab Network Topology Graphs

A netlab user sent me an intriguing question: “Would it be possible to get network topology graphs out of the tool?

Please note that we’re talking about creating graphs out of network topology described as a YAML data structure, not a generic GUI or draw my network tool. If you’re a GUI person, this is not what you’re looking for.

I did something similar a long while ago for a simple network automation project (and numerous networking engineers built really interesting stuff while attending the Building Network Automation Solutions course), so it seemed like a no-brainer. As always, things aren’t as easy as they look.

Read more …

AWS Networking – Part III: VPC Verification Using AWS CLI

 

VPC Verification Using AWS CLI


We can verify our VPC configuration by using AWS CLI. Example 1-1 shows the output for command aws ec2 describe-vpc in JSON format. This command lists all our VPC resources with their properties. The first one is the newest VPC NVKT-VPC-01, and the second one is the default VPC which I have named DFLT-VPC. The first VPC gets ordinal zero [0], and the second VPC gets number one [1]. Note that ordinal numbers are not shown in the output. VPC properties describe the VPC-specific CIDR Block, DHCP Options, VPC Identifier, Owner Id, CIDR Block Association, and Tags.

 

aws ec2 describe-vpcs

{

    "Vpcs": [

        {

            "CidrBlock": "10.10.0.0/16",

            "DhcpOptionsId": "dopt-09217361",

            "State": "available",

            "VpcId": "vpc-04ef72cc79a73f82e",

            "OwnerId": "123456654321",

            "InstanceTenancy": "default",

            "CidrBlockAssociationSet": [

                {

                    "AssociationId": "vpc-cidr-assoc-0379c0e3e854f43ff",

                    "CidrBlock": "10.10.0.0/16",

                    "CidrBlockState": {

                        "State": "associated"

                    }

                }

            ],

            "IsDefault": false,

            "Tags": [

                {

                    "Key": "Name",

                    "Value": "NVKT-VPC-01"

                }

            ]

        },

        {

            "CidrBlock": "172.31.0.0/16",

            "DhcpOptionsId": "dopt-09217361",

            "State": "available",

            Continue reading

Project Myriagon: Cloudflare Passes 10,000 Connected Networks

Project Myriagon: Cloudflare Passes 10,000 Connected Networks
Project Myriagon: Cloudflare Passes 10,000 Connected Networks

During Speed Week, we’ve talked a lot about the products we’ve improved and the places we’ve expanded to. Today, we have a final exciting announcement: Cloudflare now connects with more than 10,000 other networks. Put another way, over 10,000 networks have direct on-ramps to the Cloudflare network.

This is the culmination of a special project we’ve been working on for the last few months dubbed Project Myriagon, a reference to the 10,000-sided polygon of the same name. In going about this project, we have learned a lot about the performance impact of adding more direct connections to our network — in one recent case, we saw a 90% reduction in median round-trip end-user latency.

But to really explain why this is such a big milestone, we first need to explain a bit about how the Internet works.

More roads leading to Rome

The Internet that all know and rely on is, on a basic level, an interconnected series of independently run local networks. Each network is defined as its own “autonomous system.” These networks are delineated numerically with Autonomous Systems Numbers, or ASNs. An ASN is like the Internet version of a zip code, a short number directly mapping Continue reading

1 579 580 581 582 583 3,478