0

What’s new in Calico Enterprise 3.9: Live troubleshooting and resource-efficient application-level observability

We are excited to announce Calico Enterprise 3.9, which provides faster and simpler live troubleshooting using Dynamic Packet Capture for organizations while meeting regulatory and compliance requirements to access the underlying data. The release makes application-level observability resource-efficient, less security intrusive, and easier to manage. It also includes pod-to-pod encryption with Microsoft AKS and AWS EKS with AWS CNI.

 

Live troubleshooting

Enterprises that want to carry out live troubleshooting in their production environments face the following challenges when doing packet capture at an organizational scale:

• Difficult to limit access to packet capture by organizational roles
• Takes hours to days to setting up packet capture instead of making part of the code
• Extremely difficult to capture the right amount of data to lessen storage and compute cost
• Spend days and weeks to correlate the data collected from different Kubernetes components such as namespaces, workloads, pods, microservices

With Dynamic Packet Capture, organizations can enable DevOps, SREs, service owners to collect the data that they need when they need it. They can filter the data based on protocol and port to fine-tune their capture for faster debugging and subsequent analysis for shorter time-to-resolution. With just-in-time data collection and built-in smart correlation, Continue reading

0

Tier 1 Carriers Performance Report: August, 2021

The post Tier 1 Carriers Performance Report: August, 2021 appeared first on Noction.

0

Network Break 349: T-Mobile Fails To Protect Millions Of Customer Records; Ciena Buys Vyatta Router

Today's Network Break podcast opines on why Ciena acquired the Vyatta router from AT&T (and why AT&T wanted to sell), how T-Mobile failed current and former customers via a breach that exposed sensitive details on millions of people, financial results from HPE and Dell Technologies, and more.

The post Network Break 349: T-Mobile Fails To Protect Millions Of Customer Records; Ciena Buys Vyatta Router appeared first on Packet Pushers.

0

Network Break 349: T-Mobile Fails To Protect Millions Of Customer Records; Ciena Buys Vyatta Router

Today's Network Break podcast opines on why Ciena acquired the Vyatta router from AT&T (and why AT&T wanted to sell), how T-Mobile failed current and former customers via a breach that exposed sensitive details on millions of people, financial results from HPE and Dell Technologies, and more.

0

Container Security Best Practices

A specialist responsible for container security should have an understanding of the infrastructure and proficiency in Linux and Kubernetes.

0

What’s new with Cloudflare for SaaS?

This past April, we announced the Cloudflare for SaaS Beta which makes our SSL for SaaS product available to everyone. This allows any customer — from first-time developers to large enterprises — to use Cloudflare for SaaS to extend our full product suite to their own customers. SSL for SaaS is the subset of Cloudflare for SaaS features that focus on a customer’s Public Key Infrastructure (PKI) needs.

Today, we’re excited to announce all the customizations that our team has been working on for our Enterprise customers — for both Cloudflare for SaaS and SSL for SaaS.

Let’s start with the basics — the common SaaS setup

If you’re running a SaaS company, your solution might exist as a subdomain of your SaaS website, e.g. template.<mysaas>.com, but ideally, your solution would allow the customer to use their own vanity hostname for it, such as example.com.

The most common way to begin using a SaaS company’s service is to point a CNAME DNS record to the subdomain that the SaaS provider has created for your application. This ensures traffic gets to the right place, and it allows the SaaS provider to make infrastructure changes without Continue reading

0

BGP with Link State (LS) and the reasons for BGP-LS use

The post BGP with Link State (LS) and the reasons for BGP-LS use appeared first on Noction.

0

Tailoring SD-WAN to fit your needs

SD-WAN resources What is SD-WAN and what does it mean for networking, security, cloud? 10 SD-WAN features you're probably not using but should be SD-WAN may be the key to smart network services SD-WAN and analytics: A marriage made for the new normal Native SD-WAN monitoring tools are not enough, survey says Why is it that we always seem to think that we can adopt a technology that has seriously revolutionary pieces by just buying it and hooking it up? This, despite the undeniable fact that everything in tech is getting more sophisticated, more complex? Software-defined WAN is a technology like that, and because all SD-WANs aren’t the same, or even close to the same, you’ll have to do some digging to make SD-WAN your own.To read this article in full, please click here

0

How to scale a Wi-Fi network

Although it’s tempting to just deploy more access points (APs) when expanding your Wi-Fi network, there are many considerations to take in account first in order to get a high-performing result without overspending. Wi-Fi resources Test and review of 4 Wi-Fi 6 routers: Who’s the fastest? How to determine if Wi-Fi 6 is right for you Five questions to answer before deploying Wi-Fi 6 Wi-Fi 6E: When it’s coming and what it’s good for Step one is to clearly understand what you are trying to achieve, then analyze the current setup so you know how well the network serves the coverage area, and only then go about designing and deploying the APs.To read this article in full, please click here

0

What You Can Learn from the AWS Tokyo Outage

Jason Yee Jason is director of advocacy at Gremlin where he helps companies build more resilient systems by learning from how they fail. He also helps lead Gremlin's internal chaos engineering practices to make it more reliable. In the movies, it seems like Tokyo is constantly facing disasters — natural ones in the forms of earthquakes and tsunamis, and unnatural ones like giant kaiju and oversized robots. On the morning of Sept. 1, the mechanized behemoth was Amazon Web Services. At around 7:30 am JST, AWS began experiencing networking issues in its AP-Northeast-1 region based in Tokyo. The outage affected business across all sectors, from financial services to retail stores, travel systems and telecommunications. Despite the troubles with not being able to access money, purchase goods, travel or call each other, the Japanese people demonstrated resilience, proving that at least some things from the movies are true. However, the financial losses due to the outage are expected to be huge. After the six-hour outage, AWS explained the issue

0

Non-Stop Forwarding 101

Non-Stop Forwarding (NSF) is one of those ideas that look great in a slide deck and marketing collaterals, but might turn into a giant can of worms once you try to implement them properly (see also: stackable switches or VMware Fault Tolerance).

0

Non-Stop Forwarding (NSF) 101

Non-Stop Forwarding (NSF) is one of those ideas that look great in a slide deck and marketing collaterals, but might turn into a giant can of worms once you try to implement them properly (see also: stackable switches or VMware Fault Tolerance).

0

What Net Admins Must Know about NicheStack Vulnerabilities

Researchers have found numerous new vulnerabilities impacting the NicheStack TCP/IP stack. These vulnerabilities could lead to heightened risks to technology managing critical infrastructure.

0

Cutting Through the Fog Surrounding Private 5G Networks

A checklist for enterprises interested in the emerging private 5G network wireless opportunity.

0

Best Questions to Ask In Job Interviews

Usually interviews are not supposed to make the person anxious and uncomfortable. As a part of an interviewer the questions should be asked in an extremely comfortable yet appropriate way, which does not make the person feel like he is being scrutinized or grilled. There are multiple techniques and ways to go about this process. However, when the interviewer asks the person whether or not they want to ask any questions regarding the company, their role, the job or position being offered, here are a few questions that can easily make one understand and get a deeper insight on what is being offered to them.

One needs to understand that as much as being able to answer the interviewer’s question is important; it is also considerably important to ask them the following significant questions. This will make them come off as a well balanced, ideal, and informative person which in return can help them stand out from others.

What Could Your Day-To-Day responsibilities look like?

Getting a deeper insight on the functionality of the job is extremely ideal and appropriate to ask during an interview. One has to know what their daily work load, their responsibilities, and the expectations could Continue reading

0

Switching to the i3 window manager

I have been using the awesome window manager for 10 years. It is a tiling window manager, configurable and extendable with the Lua language. Using a general-purpose programming language to configure every aspect is a double-edged sword. Due to laziness and the apparent difficulty of adapting my configuration—about 3000 lines—to newer releases, I was stuck with the 3.4 version, whose last release is from 2013.

It was time for a rewrite. Instead, I have switched to the i3 window manager, lured by the possibility to migrate to Wayland and Sway later with minimal pain. Using an embedded interpreter for configuration is not as important to me as it was in the past: it brings both complexity and brittleness.

The window manager is only one part of a desktop environment. There are several options for the other components. I am also introducing them in this post.

0

Comparing Forwarding Performance of Data Center Switches

One of my subscribers is trying to decide whether to buy an -EX or an -FX version of a Cisco Nexus data center switch:

I was comparing Cisco Nexus 93180YC-FX and Nexus 93180YC-EX. They have the same port distribution (48x 10/25G + 6x40/100G), 3.6 Tbps switching capacity, but the -FX version has just 1200 Mpps forwarding rate while EX version goes up to 2600 Mpps. What could be the reason for the difference in forwarding performance?

Both switches are single-ASIC switches. They have the same total switching bandwidth, thus it must take longer for the FX switch to forward a packet, resulting in reduced packet-per-seconds figure. It looks like the ASIC in the -FX switch is configured in more complex way: more functionality results in more complexity which results in either reduced performance or higher cost.

0

Comparing Forwarding Performance of Data Center Switches

One of my subscribers is trying to decide whether to buy an -EX or an -FX version of a Cisco Nexus data center switch:

I was comparing Cisco Nexus 93180YC-FX and Nexus 93180YC-EX. They have the same port distribution (48x 10/25G + 6x40/100G), 3.6 Tbps switching capacity, but the -FX version has just 1200 Mpps forwarding rate while EX version goes up to 2600 Mpps. What could be the reason for the difference in forwarding performance?

Both switches are single-ASIC switches. They have the same total switching bandwidth, thus it must take longer for the FX switch to forward a packet, resulting in reduced packet-per-seconds figure. It looks like the ASIC in the -FX switch is configured in more complex way: more functionality results in more complexity which results in either reduced performance or higher cost.

0

Network Centrality and Robustness

Introduction

A system is robust if the failure of some components doesn’t affect its function. As network engineers, we face various types of network failures like link, node failures all the time.

Generally, we use various Network modeling tools like Cariden(WAE), WANDL, etc. to model failures and see how the network reacts under a given failure condition. The components which are in play are:

1. Type and Number of failures. Type: Link, Node. Number of Failures: Single or Double.
2. Routing protocols running on top of the network and there reaction to the failure. Example: RSVP-TE, Pure IGP, SR-TE etc.
3. Network flows and their volume.
4. Network Topology.

In this blog post, we will focus purely on #4 Network topology and certain characteristics of topology, which may make them more robust than other topologies.

Key Idea

The network topology may have some critical nodes. If we can identify them and take them out of the service, they will significantly impact the functionality of the network. For example, in the case of a Hub and Spoke topology, if a Hub is out of service, it affects all the spokes vs. a spoke out of service. We can make this hub and spoke topology more Continue reading

0

pygnmi 11. Measuring Automated Testing with Coverage.py and Pytest

Hello my friend,

It is been a while since we posted our last blogpost, which was touching Infrastructure aspects of building Multi Server Cloud with ProxMox. After summer break we continue our blogging and developing activities at Karneliuk.com. Today we’ll show some backstage of the software development of the pygnmi.

1
2
3
4
5
No part of this blogpost could be reproduced, stored in a 

retrieval system, or transmitted in any form or by any 

means, electronic, mechanical or photocopying, recording, 

or otherwise, for commercial purposes without the 

prior permission of the author.

What is Automation? Network Automation?

In a nutshell, Automation and Network Automation are just subset of tasks from a broader topic called Software Development. With the move of the world towards Industry 4.0, the digital economy growth and others, all sort of applications are becoming more widely used. In order you create a history, and not being a part of that in the past, you shall know the principles of software development and be able to create applications yourselves. Sounds complicated? It may be, indeed. However, with our Network Automation Training you definitely will have a break-through in the software development world.

At our Continue reading