Tech Bytes: Automating Network Troubleshooting With PathSolutions (Sponsored)
Today we’re talking about automating network troubleshooting. We’re sponsored by PathSolutions, maker of the TotalView network monitoring software. TotalView pulls in network and device data and then runs it through a heuristics engine to identify problems such as cabling faults, QoS misconfigurations, VLAN tagging faults, and others. The engine can surface up issues automatically to help network engineers identify and resolve problems. Our guest is Tim Titus, CTO at PathSolutions.
The post Tech Bytes: Automating Network Troubleshooting With PathSolutions (Sponsored) appeared first on Packet Pushers.
Tech Bytes: Automating Network Troubleshooting With PathSolutions (Sponsored)
Today we’re talking about automating network troubleshooting. We’re sponsored by PathSolutions, maker of the TotalView network monitoring software. TotalView pulls in network and device data and then runs it through a heuristics engine to identify problems such as cabling faults, QoS misconfigurations, VLAN tagging faults, and others. The engine can surface up issues automatically to help network engineers identify and resolve problems. Our guest is Tim Titus, CTO at PathSolutions.Network Break 333: Cisco Acquires Optical Controller Software; DarkSide Gang Gets The Spotlight
This week's Network Break covers a pair of Cisco acquisitions, new path analysis capabilities from NetBeez, how the DarkSide ransomware gang is getting the spotlight, sleazy behavior from US broadband companies, and other tech news.Network Break 333: Cisco Acquires Optical Controller Software; DarkSide Gang Gets The Spotlight
This week's Network Break covers a pair of Cisco acquisitions, new path analysis capabilities from NetBeez, how the DarkSide ransomware gang is getting the spotlight, sleazy behavior from US broadband companies, and other tech news.
The post Network Break 333: Cisco Acquires Optical Controller Software; DarkSide Gang Gets The Spotlight appeared first on Packet Pushers.
The Effectiveness of AS Path Prepending (2)
Last week I began discussing why AS Path Prepend doesn’t always affect traffic the way we think it will. Two other observations from the research paper I’m working off of are:
- Adding two prepends will move more traffic than adding a single prepend
- It’s not possible to move traffic incrementally by prepending; when it works, prepending will end up moving most of the traffic from one inbound path to another
A slightly more complex network will help explain these two observations.
Assume AS65000 would like to control the inbound path for 100::/64. I’ve added a link between AS65001 and 65002 here, but we will still find prepending a single AS to the path won’t make much difference in the path used to reach 100::/64. Why?
Because most providers will have a local policy configured—using local preference—that causes them to choose any available customer connection over other paths. AS65001, on receiving the route to 100::/64 from AS65000, will set the local preference so it will prefer this route over any other route, including the one learned from AS65002. So while the cause is a little different in this case than the situation covered in the first post, the result is the Continue reading
VMware Wins 2021 Global InfoSec Award as Market Leader in Firewall
Today at RSA Conference 2021, we’re excited to announce that VMware is a winner of the CyberDefense Magazine 2021 Global InfoSec Award as Market Leader in Firewall. One of VMware’s core beliefs is that we need structural and architectural changes to how organizations approach security. This means taking a fresh look at how we approach issues such as internal data center security. This is exactly what led us to deliver the VMware NSX Service-defined Firewall.
The NSX Service-defined Firewall is one of the foundations of VMware Security. This solution is a unique distributed, scale-out internal firewall that protects all east-west traffic across all workloads without network changes. This radically simplifies the security deployment model. It includes a distributed firewall, advanced threat protection, and network traffic analytics. With the VMware NSX Service-defined Firewall, security teams can protect their organizations from cyberattacks that make it past the traditional network perimeter and attempt to move laterally. Its key differentiating capabilities include:
- Distributed, granular enforcement: The NSX Service-defined Firewall provides distributed and granular enforcement of security policies to deliver protection down to the workload level, eliminating the need for network changes.
- Scalability and throughput: Because it is distributed, the Service-defined Firewall is elastic, Continue reading
The Week in Internet News: U.S. Rolls Out Broadband Subsidy
Help is on the way: The U.S. government is offering a $50-a-month broadband subsidy for people who took a financial hit during the COVID-19 pandemic, CNet reports. The subsidies are part of a COVID-19 relief package passed by Congress in December. More than 825 broadband providers, including AT&T, Comcast and Verizon, are participating. Online soldiers: An […]
The post The Week in Internet News: U.S. Rolls Out Broadband Subsidy appeared first on Internet Society.
netsim-tools release 0.6.2
Last week we pushed out netsim-tools release 0.6.2. It’s a maintenance release, so mostly full of bug fixes apart from awesome contributions by Leo Kirchner who
- Made vSRX 3.0 work on AMD CPU (warning: totally unsupported).
- Figured out how to use vagrant mutate to use virtualbox version of Cisco Nexus 9300v Vagrant box with libvirt
Other bug fixes include:
- Numerous fixes in Ansible installation playbook
- LLDP on all vSRX interfaces as part of initial configuration
- Changes in FRR configuration process to use bash or vtysh as needed
- connect.sh executing inline commands with docker exec
netsim-tools release 0.6.2
Last week we pushed out netsim-tools release 0.6.2. It’s a maintenance release, so mostly full of bug fixes apart from awesome contributions by Leo Kirchner who
- Made vSRX 3.0 work on AMD CPU (warning: totally unsupported).
- Figured out how to use vagrant mutate to use virtualbox version of Cisco Nexus 9300v Vagrant box with libvirt
Other bug fixes include:
- Numerous fixes in Ansible installation playbook
- LLDP on all vSRX interfaces as part of initial configuration
- Changes in FRR configuration process to use bash or vtysh as needed
- connect.sh executing inline commands with docker exec
Ancient Tech for a Modern Threat: Can Tape Backup Foil Ransomware?
By diversifying your backups, you are increasing the chances of having one left in the unfortunate event ransomware comes knocking.How to Make Friends at Work
Do you have a few people at work that you can trust?
Having friends at work is more important than you think. Research suggests that being part of a close group in the workplace leads to higher levels of employee productivity, motivation, and loyalty towards the organization.
But what if you are an introvert, or are simply having trouble trying to fit into the new workplace? The good news is that there are always ways that you that make friends at work. If you think fitting in at work is far too difficult for you, we recommend trying the following tips.
1. Listen Closely.
The first step towards making friends at work is being a great listener. There is always an unspoken office culture being followed – whether that’s certain inside jokes, bringing cakes for birthdays, methods of greeting, or even nicknames for certain people. You should also carefully observe how everybody communicates with one another. Do they prefer emails, or do they have a group chat? By listening closely, you become better aware of how things work around the office and you can easily start fitting into place.
2. Greet Everybody.
An easy way to Continue reading
Networking Interviews – How to Ask Good Questions
I’m not sure if it’s just us in networking/IT, or people leading interviews in general (probably the latter), but we have a tendency to ask really bad questions in interviews. Often the questions revolve around factoids or things that need to be memorized. Some interviewers will even intentionally try to “trick” you. This is a really bad way of conducting an interview and will guaranteed lead to poor results. Instead of asking someone to quote an RFC, you should focus on asking open-ended questions and even guide the candidate if they are getting stuck on something. Why?
Reasoning – You want to see how people reason their way to answering a question. What is their thought process? Asking the administrative distance of BGP will just give you back a one-sentence answer or no answer at all. You can learn much more about someone’s skill level if you give them some clues and see if they can take the discussion forward. Are they comfortable asking you for input? Are they comfortable saying that they don’t know something?
Remove tension – Most, if not all, people are somewhat nervous when being interviewed. You want get an accurate representation of their skill so Continue reading
Worth Reading: Rethinking Internet Backbone Architectures
Johan Gustawsson wrote a lengthy blog post describing Telia’s approach to next-generation Internet backbone architecture… and it’s so refreshing seeing someone bringing to life what some of us have been preaching for ages:
- Simplify the network;
- Stop cramming ever-more-complex services into the network;
- Bloated major vendor NPUs implementing every magic ever envisioned are overpriced – platforms like Broadcom Jericho2 are good enough for most use cases.
- Return from large chassis-based stupidities to network-centric high availability.
I don’t know enough about optics to have an opinion on what they did there, but it looks as good as the routing part. It would be great to hear your opinion on the topic – write a comment.
Worth Reading: Rethinking Internet Backbone Architectures
Johan Gustawsson wrote a lengthy blog post describing Telia’s approach to next-generation Internet backbone architecture… and it’s so refreshing seeing someone bringing to life what some of us have been preaching for ages:
- Simplify the network;
- Stop cramming ever-more-complex services into the network;
- Bloated major vendor NPUs implementing every magic ever envisioned are overpriced – platforms like Broadcom Jericho2 are good enough for most use cases.
- Return from large chassis-based stupidities to network-centric high availability.
I don’t know enough about optics to have an opinion on what they did there, but it looks as good as the routing part. It would be great to hear your opinion on the topic – write a comment.
Controversial Reads 051521
Apple’s long-awaited privacy update for iOS is out, and it’s a solid step in the right direction.
One skill he focuses on is abduction, which was Sherlock Holmes’s favorite method.
Yesterday, The Epoch Times reported on leaked internal Chinese government documents revealing Continue reading