What Happens When The Whole World Goes Remote? Not To Worry, We Were Built For This
In March, governments all over the world issued stay-at-home orders, causing a mass migration to teleworking. Alongside many of our partners, Cloudflare launched free products and services supported by onboarding sessions to help our clients secure and accelerate their remote work environments. Over the past few months, a dedicated team of specialists met with hundreds of organizations - from tiny startups, to massive corporations - to help them extend better security and performance to a suddenly-remote workforce.
Most companies we heard from had a VPN in place, but it wasn’t set up to accommodate a full-on remote work environment. When employees began working from home, they found that the VPN was getting overloaded with requests, causing performance lags.
While many organizations had bought more VPN licenses to allow employees to connect to their tools, they found that just having licenses wasn’t enough: they needed to reduce the amount of traffic flowing through their VPN by taking select applications off of the private network.
We Were Built For This
My name is Dina and I am a Customer Success Manager (CSM) in our San Francisco office. I am responsible for ensuring the success of Cloudflare’s Enterprise customers and managing all of Continue reading
The Week in Internet News: Microsoft Warns of Cyberattacks on U.S. Election
Hackers vs. the election: Microsoft has warned that hackers from Russia, China, and Iran are targeting U.S. election systems, The Hill reports. The tech giant is seeing increasing efforts to hack into the Donald Trump and Joe Biden presidential campaigns. A Russian hacking group called Strontium has targeted more than 200 organizations, political campaigns, and parties over the past year, the company said.
Fighting disinformation: The government of India is calling for greater international cooperation among countries and tech companies to combat disinformation and doctored videos related to the COVID-19 pandemic, India Times reports. “The pandemic has demonstrated the existential dilemma of an information society,” Counsellor Paulomi Tripathi said at the United Nations. “We have been exposed to misinformation and disinformation campaigns which have put lives and livelihoods of millions at risk, divided communities with fake news and doctored videos and undermined the trust in public authorities to tackle the disease.”
Cutting red tape: Nigeria is looking to waive fees for laying fiber optic cables on federal highways as a way to expand Internet access in the country, Quartz Africa reports. Officials hope the waiver will help the country meet targets in its national broadband plan, which aims for Continue reading
Is Cisco ACI Too Different?
A friend of mine involved in multiple Cisco ACI installations sent me this comment on their tenant connectivity model:
I’m a bit allergic to ACI. The abstraction is mis-aligned with familiar configurations, in particular contracts being independent of and over-riding routing, tenants, etc. You can really make a mess with that, and I’ve seen some! One needs to impose some structure, naming conventions…, and most people don’t seem to get that done.
As I noticed in the NSX-or-ACI webinar, it’s interesting how NSX decided to stay with the familiar VLAN/routing/filtering paradigm (more details), whereas the designers of Cisco ACI decided to go down a totally different path.
Breaking Down SASE
Deeply integrating security with networking functions provides higher-order protections for applications and data regardless of the paths that workflows or transactions take.Duty Calls: CPU Is Not Designed for Packet Forwarding
Junhui Liu added this comment to my Where Do We Need Smart NICs? blog post:
CPU is not designed for the purpose of packet forwarding. One example is packet order retaining. It is impossible for a multicore CPU to retain the packet order as is received after parallel processing by multiple cores. Another example is scheduling. Yes CPU can do scheduling, but at a very high tax of CPU cycles.
Python Pieces: Using PyEnv
If you’re like me – one of the most frustrating things about Python is version management. You get a new Mac, the system default is 2.x something, you need 3.x something, and you’re wondering what the best (right) way to get the version you want installed. You install Python 3 but the default Python version stays the same until you do some symlink hack thing that you know is just creating a mess. So for awhile you just call python3 explicitly but then you realize that all of the packages you installed using pip are no longer available and you need to install them again using pip3.
Sound familiar? Maybe I’m the only one that struggles with this – but I tend to muddle my way through just making things work while in the back of my head I know that Im creating a complete disaster of the local Python installation. I shall muddle no longer thanks to PyEnv. I was recently introduced to the tool and it’s a total game changer. It allows you to seemlessly manage your local Python install, easily install different versions, easily switch versions, and even has the capability of automgically switching versions Continue reading
Worth Reading: The Making of an RFC in today’s IETF
Years ago I was naive enough to participate in writing an IETF document. Three years later we finally managed to turn it into an RFC, and I decided that was enough for one lifetime.
But wait, it gets worse… as Geoff Huston argues in his article, the lengthy review process doesn’t necessarily result in better (or more precise) documents.
Seems like we managed to turn IETF into yet another standard body like IEEE, ISO or ITU/T.
Kubernetes Pod Networking on AWS: Getting There from Here
Thinking about running Kubernetes on AWS? To optimize your chances of success, you’ll need to have a solid understanding of Kubernetes pod networking. As applications grow to span multiple containers deployed across multiple clusters, operating them becomes more complex. Containers are grouped into pods, and those pods can be networked and scaled to meet your specific needs.
Kubernetes provides an open source API to manage this complexity, but one size doesn’t fit all. So you’ll want to get a handle on the different methods available to support your project. Then when you’re ready to move forward, you’ll have a much clearer idea of what will work best for you. If this sounds challenging, not to worry. Our short video explains Kubernetes pod networking on AWS and can answer many of the questions you may have. We’ve also included some great examples to help guide you.
Want to learn more about Calico Enterprise? Check out these resources.
————————————————-
Free Online Training
Access Live and On-Demand Kubernetes Training
Calico Enterprise – Free Trial
Network Security, Monitoring, and Troubleshooting
for Microservices Running on Kubernetes
The post Kubernetes Pod Networking on AWS: Getting There from Here appeared first on Tigera.
A Place for Things and Things in Their Place
This morning I was going to go for a run and I needed to find a rain jacket to keep from getting completely soaked. I knew I had one in my hiking backpack but couldn’t locate it. I searched for at least ten minutes in every spot I could think of and couldn’t find it. That is, until I looked under the brain of the pack and found it right next to the pack’s rain cover. Then I remembered that my past self had put the jacket there for safe keeping because I knew that if I ever needed to use the pack rain cover I would likely need to have my rain jacket as well. Present me wasn’t as happy to find out past me was so accommodating.
I realized after this little situation that I’ve grown accustomed to keeping my bags organized in a certain way both for ease of use and ease of inspection. Whether it’s a hiking backpack or an IT sling bag full of gadgets I’ve always tried to set things up in simple, sane manner to figure out how to find the tools I need quickly and also discover if any of them are Continue reading
How Peering and Infrastructure Development Improved Connectivity in Kenya, Speeding Economic Growth
The country can become a continental digital leader with strengthened Internet Exchange Points (IXPs).
In January this year, Internet users in Kenya reached 22.86 million, a 16% jump from 2019. A leap that was made with no major impact on network quality and speed, and no increase in connectivity costs. Between 2012 and now, the percentage of mobile broadband subscribers increased 100-fold to cover nearly 42% of the country’s population, while the price of data decreased by 50%. This would have been unimaginable a decade ago when around 70% of the country’s traffic went through Europe.
A recent Internet Society report shows IXPs played an important role in this success. The report shines a light on how the combination of peering and Internet infrastructure development improved connectivity in Kenya. It discusses how Kenya was able to localize Internet traffic – from 30% in 2012 to 70% in 2019 – by growing its IXP membership, through attracting local, regional, and international networks, including popular Content Delivery Networks (CDNs). This allowed the local networks to efficiently exchange regional and international traffic without incurring major additional costs.
The report reveals how informed stakeholders and the local technical community in Kenya Continue reading
Heavy Networking 539: Preventing The 4poKalypse With Inter-Domain Multicast
The 4poKalypse is coming, and service providers need more tools in their toolbox to combat congestion in eyeball networks. Local content caches close to the eyeballs (pretty much how we do it today) isn’t going to be quite enough. Jake Holland of Akamai is here to tell us just why inter-domain multicast is important, and why...this time...we can make it work.Heavy Networking 539: Preventing The 4poKalypse With Inter-Domain Multicast
The 4poKalypse is coming, and service providers need more tools in their toolbox to combat congestion in eyeball networks. Local content caches close to the eyeballs (pretty much how we do it today) isn’t going to be quite enough. Jake Holland of Akamai is here to tell us just why inter-domain multicast is important, and why...this time...we can make it work.
The post Heavy Networking 539: Preventing The 4poKalypse With Inter-Domain Multicast appeared first on Packet Pushers.
DNS Flag Day 2020 – ISC
The DNS protocol needs refreshing but a global, distributed database is not easy to change. The folks leading the DNS architecture are making small but substantial changes once per year. There is a non-zero but small risk that something will break for some people. This year they are addressing DNS Fragmentation on UDP and required […]