A few weeks ago we covered transparent bridging fundamentals, now it’s time to recap IP routing fundamentals… and then we’ll be ready to compare the two.
Intentionally poisoning BGP routes in the Default-Free Zone (DFZ) would always be a bad thing, right? Actually, this is a fairly common method to steer traffic flows away from and through specific autonomous systems. How does this work, how common is it, and who does this? Jared Smith joins us on this episode of the Hedge to discuss the technique, and his research into how frequently it is used.
Applications have never been more important in business than they are today. And where there are applications, there’s a load balancer, working behind the scenes to ensure your applications can be used comfortably and safely at all times. When operating a load balancer, the most troublesome issue is upgrade work. Let’s examine the problems of traditional load balancer upgrades and take a look at VMware’s automated, streamlined solution: NSX Advanced Load Balancer.
The main reasons to upgrade a load balancer are to patch vulnerabilities and bugs, to enable new features, and for EoSL support. A load balancer, located between users and applications, must above all be stable; we particularly want to avoid service disruptions due to defects in the load balancer software. For this reason, load balancer upgrades are inevitable. And for IT, the trick is to make them, as transparent and painless as possible..
For illustration, let’s take a look at a recent international case involving load balancers. To address software glitches, a project was running to upgrade hundreds of load balancers. The upgrade work was carried out little by little over several months, with operations personnel setting Continue reading
This guest post is by Drew Conry-Murray on behalf of Palo Alto Networks. We thank Palo Alto Networks for being a sponsor. Prisma Access, which delivers security services via the cloud, has added an explicit proxy feature in the 2.0 version. This feature can help companies migrate off of hardware-based proxies while still protecting Web […]
The post Prisma Access 2.0 Enables Painless Migration From Hardware Web Proxies appeared first on Packet Pushers.
In this week's IPv6 Buzz episode, Ed, Scott, and Tom chat with John Burns, a lead architect at Wells Fargo, about the relatively early adoption of IPv6 at the company. The discussion also covers adoption trends in the financial sector as a whole, along with the key challenges and opportunities of the protocol.
The post IPv6 Buzz 075: Why Wells Fargo Bought Into IPv6 appeared first on Packet Pushers.
The COVID-19 pandemic has taught us once and for all that broadband access is critical infrastructure. Without it, communities cannot work, learn, or earn online – a necessity during stay-at-home orders. And policymakers are taking notice. In the past few months, trillions of dollars have been proposed by the House, Senate, and White House for […]
The post Risks and Rewards of the U.S. Broadband Funding Boom appeared first on Internet Society.
Chris Wahl explains how pipelines, sometimes thought of as a developer tool only, can be used by IT infrastructure professionals delivering infrastructure as code (IaC). Event triggers, automation, and testing.
The post Using Pipelines To Deliver Infrastructure-As-Code With Chris Wahl – Video appeared first on Packet Pushers.
Some time ago I was looking at a hot section in our code and I saw this:
if (debug) {
log("...");
}
This got me thinking. This code is in a performance critical loop and it looks like a waste - we never run with the "debug" flag enabled[1]. Is it ok to have if
clauses that will basically never be run? Surely, there must be some performance cost to that...
if
statements?Back in the days the general rule was: a fully predictable branch has close to zero CPU cost.
To what extent is this true? If one branch is fine, then how about ten? A hundred? A thousand? When does adding one more if
statement become a bad idea?
At some point the negligible cost of simple branch instructions surely adds up to a significant amount. As another example, a colleague of mine found this snippet in our production code:
const char *getCountry(int cc) {
if(cc == 1) return "A1";
if(cc == 2) return "A2";
if(cc == 3) return "O1";
if(cc == 4) return "AD";
if(cc == 5) return "AE";
if(cc == 6) return "AF";
Continue reading
I love hearing real-life “how did I start my automation journey” stories. Here’s what one of ipSpace.net subscribers sent me:
I love hearing real-life “how did I start my automation journey” stories. Here’s what one of ipSpace.net subscribers sent me:
Containerlab is a new open-source network emulator that quickly builds network test environments in a devops-style workflow. It provides a command-line-interface for orchestrating and managing container-based networking labs and supports containerized router images available from the major networking vendors.
More interestingly, Containerlab supports any open-source network operating system that is published as a container image, such as the Free Range Routing (FRR) router. This post will review how Containerlab works with the FRR open-source router.
While working through this example, you will learn about most of Containerlab’s container-based features. Containerlab also supports VM-based network devices so users may run commercial router disk images in network emulation scenarios. I’ll write about building and running VM-based labs in a future post.
While it was initially developed by Nokia engineers, Containerlab is intended to be a vendor-neutral network emulator and, since its first release, the project has accepted contributions from other individuals and companies.
The Containerlab project provides excellent documentation so I don’t need to write a tutorial. But, Containerlab does not yet document all the steps required to build an open-source router lab that starts in a pre-defined state. This post will cover that scenario so I hope it adds something of Continue reading