Archive

Category Archives for "Networking"

Network Analysis 2. Analysing Network Configuration Consistency (Sanity check, BGP, Routes) with Batfish for Cisco, Arista, and Cumulus

Hello my friend,

In the previous blogpost we’ve introduced the Batfish and how to set it up. Today we’ll take a look how to perform the analysis of the configuration to figure out discrepancies, which may lead to broken operation of your network.



1
2
3
4
5
No part of this blogpost could be reproduced, stored in a 

retrieval system, or transmitted in any form or by any 

means, electronic, mechanical or photocopying, recording, 

or otherwise, for commercial purposes without the 

prior permission of the author.

Network Analysis as Part of Automation?

In software development we have a concept called CI/CD (Continuous Integration/Continuous Delivery). In a nutshell, it’s a methodology, which incorporates mandatory testing of configuration (code, software version, etc) before bringing it to production. The main idea behind it is that automated testing and validation will make sure that code is stable and fit for purpose. Automated testing? That’s where the automation comes to the stage.

And automation is something what we are experts in. And you can benefit from that expertise as well.

In our network automation training we follow zero to hero approach, where we start with the basics including Linux operation and administration topped with Continue reading

my CKA/CKAD study plan

This is the story of studying Kubernetes basics from the perspective of network engineer. I had basic Linux background, some free time, and willingness to discover this brave new world of containers, pods and microservices.

I think one of the best ways to do this kind of studying is to follow the blueprint of recognized industry certification. This gives you a concrete study plan and bring structure to your knowledge from the very beginning.

There are such certifications in Kubernetes world – CKA and CKAD from CNCF/The Lunix Foundation. It’s quite popular certifications (as k8s in general), and so there a LOT of study material out there in the Internet. Below is the list of sources I’ve used.

  1. KubeAcademy from VMware. Collection of short courses to study the 101 of containers, Docker and Kubernetes. I’ve found it useful to do first quick dive into this area of knowledge.
  2. Kubernetes: Up and Running. The must-read book about Kubernetes architecture and concepts. Explains everything in great details.
  3. Great cources from Mumshad Mannambeth on Udemy – CKA and CKAD. This courses contain almost everything you need to know to pass the exams, and also have a lot of practice labs to consolidate theoretical Continue reading

Weekend Reads 062521


We were increasing HTTP requests for one of our applications, hosted on the Kubernetes cluster, which resulted in a spike of 5xx errors.


A continuous integration/continuous deployment (CI/CD) pipeline is an anchor for every DevOps initiative.


If you are new to the security world, it is fair to ask yourself, “Isn’t access to data and systems always conditional? Isn’t it always granted to someone who has access to the credentials (ID and password)?”


Could artificial intelligence be better at designing chips than human experts? A group of researchers from Google’s Brain Team attempted to answer this question and came back with interesting findings.


The CIS Controls are a prioritized set of Safeguards to mitigate the most prevalent cyber-attacks against systems and networks. They are mapped to and referenced by multiple legal, regulatory, and policy frameworks.


The VPN industry is booming and prospective users have hundreds of options to pick from. All claim to be the best, but some are more privacy-conscious than others.


In this article, we look at the key differences between the most popular cloud technology delivery models: Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS), and (Infrastructure-as-a-Service).


Daily decisions should be motivated by how they can improve the company, and Continue reading

Putting the FUN Back in Productivity

It’s not a secret that it’s hard to get stuff done. Procrastination is practically a super power for me. I’ve tried so many methods and systems to keep myself on track over the years that I should probably start a review site. Sadly, the battle of my executive function being on constant vacation and the inability to get organized saps a lot of my ability to execute. It’s gotten to the point where I’ve finally realized that I need to start tricking my brain into getting things done.

Any reputable researcher will tell you that dealing with neurodivergent behaviors like ADHD is all about understanding the reasons why you do the things you do. I know what needs to be done. I just don’t want to do it. Worse yet, anything that I can do to avoid working on something is going to capture my attention because I’d rather be doing something unproductive as opposed to something I don’t like. This can manifest itself in strange ways like preferring to do the dishes instead of writing a blog post or mowing the yard instead of practicing a presentation.

Not DisFUNctional

It’s taken me a while but I’ve finally come up Continue reading

Heavy Networking 585: From Help Desk To Network Automation Engineer In 5 Years

Curt Norris started his career as an IT support specialist. Five years later he's an automation engineer. On today's Heavy Networking we discuss his career journey including milestones, ongoing learning, the pros and cons of mentorship, whether a degree makes a difference, and more.

The post Heavy Networking 585: From Help Desk To Network Automation Engineer In 5 Years appeared first on Packet Pushers.

Lightning-Fast Kubernetes Networking with Calico and VPP

Reza Ramezanpour Reza is a developer advocate at Tigera, working to promote adoption of Project Calico. Before joining Tigera, Reza worked as a systems engineer and network administrator. Public cloud infrastructures and microservices are pushing the limits of resources and service delivery beyond what was imaginable until very recently. To keep up with the demand, network infrastructures and network technologies had to evolve as well. Software-defined networking (SDN) is the pinnacle of advancement in cloud networking. By using SDN, developers can deliver an optimized, flexible networking experience that can adapt to the growing demands of their clients. This article will discuss how Tigera’s new Project Calico is an open source networking and security solution. Although it focuses on securing Kubernetes networking, Calico can also be used with OpenStack and other workloads. Calico uses a modular data plane that allows a flexible approach to networking, providing a solution for both current and future networking needs. VPP Continue reading

Video: Typical Large-Scale Bridging Use Cases

In the previous video in the Switching, Routing and Bridging section of How Networks Really Work webinar we compared transparent bridging with IP routing. Not surprisingly (given my well-known bias toward stable solutions) I recommended using IP routing as much as possible, but there are still people out there pushing large-scale transparent bridging solutions.

In today’s video we’ll look at some of the supposed use cases and stable solutions you could use instead of stretching a virtual thick yellow cable halfway across a continent.

Watch the video
The video is available with Free ipSpace.net Subscription.

Video: Typical Large-Scale Bridging Use Cases

In the previous video in the Switching, Routing and Bridging section of How Networks Really Work webinar we compared transparent bridging with IP routing. Not surprisingly (given my well-known bias toward stable solutions) I recommended using IP routing as much as possible, but there are still people out there pushing large-scale transparent bridging solutions.

In today’s video we’ll look at some of the supposed use cases and stable solutions you could use instead of stretching a virtual thick yellow cable halfway across a continent.

Watch the video
The video is available with Free ipSpace.net Subscription.

CEO Gelsinger shakes up Intel

A new CEO invariably means a reorganization around his/her vision of things and an attempt to address perceived problems in the company’s organizational structure. In hindsight, that’s another clue that Bob Swan wasn’t long for the CEO’s job at Intel, since he never did a reorg.Pat Gelsinger, who has been Intel’s CEO for just over four months, on the other hand, completely flipped the table with a major reorganization that creates two new business units, promoted several senior technologists to leadership roles, and saw the departure of a major Intel veteran.Now see "How to manage your power bill while adopting AI" The two new units: one for software and the other on high performance computing and graphics. Greg Lavender will serve as Intel’s chief technology officer and lead the new Software and Advanced Technology Group. As CTO, he will head up research programs, including Intel Labs. Lavender comes to Intel from VMware, where he was also CTO, and has held positions Citigroup, Cisco, and Sun Microsystems.To read this article in full, please click here

CEO Gelsinger shakes up Intel

A new CEO invariably means a reorganization around his/her vision of things and an attempt to address perceived problems in the company’s organizational structure. In hindsight, that’s another clue that Bob Swan wasn’t long for the CEO’s job at Intel, since he never did a reorg.

Pat Gelsinger, who has been Intel’s CEO for just over four months, on the other hand, completely flipped the table with a major reorganization that creates two new business units, promoted several senior technologists to leadership roles, and saw the departure of a major Intel veteran.

The two new units: one for software and the other on high performance computing and graphics. Greg Lavender will serve as Intel’s chief technology officer and lead the new Software and Advanced Technology Group. As CTO, he will head up research programs, including Intel Labs. Lavender comes to Intel from VMware, where he was also CTO, and has held positions Citigroup, Cisco, and Sun Microsystems.

To read this article in full, please click here

Hedge 89: Dana Iskoldski and A House Divided

Bluecat, in cooperation with an outside research consultant, jut finished a survey and study on the lack of communication and divisions between the cloud and networking teams in deployments to support business operations. Dana Iskoldski joins Tom Ammon and Russ White to discuss the findings of their study, and make some suggestions about how we can improve communication between the two teams.

Please find a copy of the study at http://bluecatnetworks.com/hedge.

download

Integrating MISP with NSX Advanced Threat Analyzer

 Contributors: Stefano Ortolani (NSBU TAU)

MISP (originally Malware Information Sharing Platform) is a platform to share, store, and correlate Indicators of Compromise (IOCs) from targeted attacks, threat intelligence, or even financial fraud information. One of the reasons underlying MISP’s success is its extensibility via third-party modules. However, as the number of contributors increases, coordination and distribution can quickly become a challenge. To solve this issue, MISP’s authors created a satellite project called MISP modules.

Before joining the NSX family, we at Lastline contributed three different modules to the MISP project in order to better integrate MISP with the sandbox that is now part of the NSX Advanced Threat Analyzer (ATA) product offering. The main idea was to enrich the file indicators referencing an artifact with behavioral information extracted by detonating the artifact in the sandbox, or by retrieving the analysis result of previous detonations. We accomplished this by relying on three different modules:

  • lastline_submit: An enrichment module used to submit new files to the sandbox; as dynamic analysis requires some time to terminate, the output of this module is an external analysis link represented by a new MISP attribute.
  • lastline_query: An enrichment module to expand a Continue reading
1 594 595 596 597 598 3,455