Random Thoughts on IoT
Let’s play the analogy game. The Internet of Things (IoT) is probably going end up being like … a box of chocolates, because you never do know what you are going to get? a big bowl of spaghetti with a serious lack of meatballs? Whatever it is, the IoT should have network folks worried about security. There is, of course, the problem of IoT devices being attached to random places on the network, exfiltrating personal data back to a cloud server you don’t know anything about. Some of these devices might be rogue, of course, such as Raspberry Pi attached to some random place in the network. Others might be more conventional, such as those new exercise machines the company just brought into the gym that’s sending personal information in the clear to an outside service.
While there is research into how to tell the difference between IoT and “larger” devices, the reality is spoofing and blurred lines will likely make such classification difficult. What do you do with a virtual machine that looks like a Raspberry Pi running on a corporate laptop for completely legitimate reasons? Or what about the Raspberry Pi-like device that can run a fully operational Continue reading
Road to gRPC
Cloudflare launched support for gRPC® during our 2020 Birthday Week. We’ve been humbled by the immense interest in the beta, and we’d like to thank everyone that has applied and tried out gRPC! In this post we’ll do a deep-dive into the technical details on how we implemented support.
What is gRPC?
gRPC is an open source RPC framework running over HTTP/2. RPC (remote procedure call) is a way for one machine to tell another machine to do something, rather than calling a local function in a library. RPC has been around in the history of distributed computing, with different implementations focusing on different areas, for a long time. What makes gRPC unique are the following characteristics:
- It requires the modern HTTP/2 protocol for transport, which is now widely available.
- A full client/server reference implementation, demo, and test suites are available as open source.
- It does not specify a message format, although Protocol Buffers are the preferred serialization mechanism.
- Both clients and servers can stream data, which avoids having to poll for new data or create new connections.
In terms of the protocol, gRPC uses HTTP/2 frames extensively: requests and responses look very similar to a normal HTTP/2 request.
DSS Speeds the Rollout of 5G NR While Extending the Life of IoT Devices
DSS is a win for network operators seeking to accelerate the deployment of NR networks and users that need to ensure their IoT devices have long lifespans.Network Break 307: Cisco Launches Catalyst 8000 Edge Routers; Juniper Spends $450 Million For 128 Technology
Today's Network Break covers new SD-WAN routers from Cisco, a giant Juniper acquisition, new WIPS capabilities from Extreme, the United States' anti-trust lawsuit against Google, Intel selling its NAND business, and Space Networking!Network Break 307: Cisco Launches Catalyst 8000 Edge Routers; Juniper Spends $450 Million For 128 Technology
Today's Network Break covers new SD-WAN routers from Cisco, a giant Juniper acquisition, new WIPS capabilities from Extreme, the United States' anti-trust lawsuit against Google, Intel selling its NAND business, and Space Networking!
The post Network Break 307: Cisco Launches Catalyst 8000 Edge Routers; Juniper Spends $450 Million For 128 Technology appeared first on Packet Pushers.
The Week in Internet News: U.S. Files Antitrust Case Against Google
Searching for a monopoly: The U.S. Department of Justice has filed an antitrust lawsuit against Google, accusing the tech giant of illegal monopolies in search and search advertising, CNet reports. The DOJ has accused Google of acting as an Internet “gatekeeper.” Google disputed the allegations, saying people use its services because they choose to, not because they have to.
New networking: The Lower Brule Sioux Tribe in central South Dakota has advanced a plan to provide computers and high-speed Internet connections to all students and teachers during the COVID-19 pandemic, the Argus Leader says. Since early June, the tribe has been working on a plan to build its own wireless Internet network, intended to cover the 207-square-mile Lower Brule reservation. The new network is the first-of-its-kind in South Dakota, and it began limited operations in July.
A bumpy relaunch: The French government’s relaunch of its COVID-19 tracing app, called, “TousAntiCovid,” hit some snags when it was downloaded more than 500,000 times in the hours following its launch, the BBC says. The traffic led to some stability problems, with some people unable to launch the app.
DNS vs. crime: Securing the Internet’s domain name system is a crucial step in Continue reading
New on ipSpace.net: Graph Algorithms
After a bit more than a year we ran another math-focused webinar last week: Rachel Traylor came back to talk about graph algorithms, focusing on tree-, path- and center problems.
In her lecture you’ll find:
- maximum branching algorithms (and I couldn’t stop wondering why we don’t use them for OSPF- or IS-IS flooding)
- path algorithms including the ones used in OSPF, IS-IS, or BGP, as well as algorithms that find K shortest paths
- center problems (for example: where do I put my streaming server or my BGP route reflector)
You’ll need Standard or Expert ipSpace.net subscription to watch the videos.
No Rush
Intro
We often treat our careers like it’s a race. With only a winner. We setup goals where we want to get a degree by a certain age. Get that certification at another age. Get that job at a certain age and we judge our success by if we make more than say 100k per year. Because that’s what we’ve been told.
However, building a successful career in IT is nothing like that.
Stress
I’ve been there myself and felt the stress. I started my university studies when I was 22. I felt old at the time when I was surrounded by people that were 18-19 years old. I know that people where I lived before my university studies had started asking questions of the kind if I wasn’t to become anything. To do something with my life. I needed a few years break from school before going to university studies , and it turns out that was a great decision. I was able to study in a matter I had never done before.
One of the goals I setup in my career was to become a CCIE by 30. I’m not sure why. It just seemed like getting it Continue reading
Optus Android MMS No Workie
What do to when MMS doesnt work on your android phone.ACI Fabric Access Policies Part 4: Leaf Interface Profile, Leaf Switch Policy Group, and Leaf Switch Profile,
Leaf Interface Profile
This section explains how to create an object Interface Profile whose basic purpose is to attach the set of physical interfaces into this object. Phase 6 in Figure 1-40 illustrates the APIC Management Information Model (MIM) from the Interface Profile perspective. We are adding an object L101__102_IPR under the class AccPortP (Leaf Interface Profile). The name of the object includes Leaf switch identifiers (Leaf-101 and Leaf-102) in which I am going to use this Interface Profile. This object has a Child object Eth1_1-5 (class InfraHPorts) that defines the internet block and which has a relationship with the object Port_Std_ESXi-Host_IPG. By doing this we state that ethernet interfaces 1/1-5 are LLDP enabled 10Gbps ports which can use VLAN Identifiers from 300-399. Note that in this phase we haven’t yet specified in which switches we are using this Interface Profile.
The RN rules used with related objects:
Objects created under the class InfraAccportP (Leaf Interface Profile):Prefix1-{name}, where the Prefix1 is “accportprof”. This gives us RN “accportprof-L101_L102_IPR”.
Objects created under the class InfraHPortS (Access Port Selector): Prefix1-{name}-Prefix2-{type}, where the Prefix1 is “hports” and the Prefix2 is “typ”. This gives us RN “hports-Eth1_1-5_typ-range”.
Objects created under the class InfraPortBlk (Access Port Block): Prefix1-{name}, where the Prefix1 is “portblk” and where the name is Property (autogenerated). This gives us the RN “portblk-Block2”.
ACI Fabric Access Policies Part 3: AAEP, Interface Policy and Interface Policy Group
Attachable Access Entity Profile - AAEP
This section explains how to create an object Attachable Access Entity Profile (AAEP) that is used for attaching a Domain into Port Group. Phase 3 in Figure 1-20 illustrates the APIC Management Information Model (MIM) from the AAEP perspective. Class AttEntityP is a Child class for infra, and they both belong to packages Infra. I have already added the object attentp-AEP_PHY into the figure.The format of the RN for this object is Prefix1-{name}, where the Prefix1 is attentp. This gives us the RN attentp-PHY-AEP.
Figure 1-20: APIC MIM Reference: Attachment Access Entity Profile.
Continue reading
Worth Reading: The Shared Irresponsibility Model in the Cloud
A long while ago I wrote a blog post along the lines of “it’s ridiculous to allow developers to deploy directly to a public cloud while burdening them with all sorts of crazy barriers when deploying to an on-premises infrastructure,” effectively arguing for self-service approach to on-premises deployments.
Not surprisingly, the reality is grimmer than I expected (I’m appalled at how optimistic my predictions are even though I always come across as a die-hard grumpy pessimist), as explained in The Shared Irresponsibility Model in the Cloud by Dan Hubbard.
For more technical details, watch cloud-focused ipSpace.net webinars, in particular the Cloud Security one.
Optus Android MMS No Workie
I migrated away from an iphone to an Android phone recently and MMS was not working. I was unable to send or receive MMS and it was pretty annoying as I was not getting funny memes from all of my non-existant friends. It looks like this is a pretty common issue going back years and...Progress on Image classification and Home-assistant and Dyson integration
Contunuing from the previous post, I was determined to learn some sort of image classification in my free time, I went with Tensorflow/keras as the language or ml language as they have a lot of tutorials around it.
Below youtube series from tensor-flow team will help you get started if you are interested in this
The other part that was a sort of problem for a long time is integration of Dyson Fan with any sort of automation platform like Alexa or python api, Dyson does have an app but apparently they have some issues in UK/Ireland integration, after some research I found that home-assistant supports integration and after a lot of documentation and trials, it looks like home-assistant has now support for it.
Here is the below file that you need to use in the configuration.yaml snippet.
dyson:
username: yourdysonemailaccount
password: yourpassword
language: GB
devices:
- device_id: xxx-xx-xxxxxx
device_ip: a.b.c.d
This has now control for any sort of automation
-Rakesh
Networking and Infrastructure News Roundup: October 23 Edition
Accenture partners with SAP to bring apps to the cloud, Verizon and Microsoft combine 5G and cloud for new edge applications, and more.Yet Again: CLI or API
Carl Montanari recently published an interesting blog post on the punditry of network APIs (including hilarious fact that “SNMP is also an API"), and as someone sent me a link to that post he commented “it reminds me of a few blog posts you wrote a while ago”.
Speaking of those blog posts… last July I was getting bored and put together a list of interesting blog posts I published on that topic. Enjoy!