Visualise and Analyse Your Data Centre Fabric with HAWK
Hello my friend,
Some time ago in LinkedIn we announced that we are working on the tool, which will allows you to model and analyse your network. As one of our primary focuses is data centres, we started from there. Despite it is an early stages, but we are happy and proud to introduce you HAWK: Highly-efficient Automated Weapon Kit. For now, this is a collection of the tools for the network management and analysis, but probably later we will put it under a joint hoot of some front-end, who knows…
2
3
4
5
retrieval system, or transmitted in any form or by any
means, electronic, mechanical or photocopying, recording,
or otherwise, for commercial purposes without the
prior permission of the author.
Where is the the border between network automation and software development?
In order to automate any network operation, you need to write a script, even if that is a simple one. On the other hand, any script is a program or software. This means that the creating of the scripts for the network automation is a form of the software development. And it is fun. Continue reading
Sarantaporo.gr Community Network: Connecting Communities Is a Marathon, Not a Race
Last week we shared the story of how the Sarantaporo.gr Community Network worked with the community of Sykea to help with a pressing problem. Like many other villages in the Thessaly region in central Greece, it lacked access to the Internet. When an alternative solution to Sykea’s connectivity challenges was found, an opportunity opened up […]
The post Sarantaporo.gr Community Network: Connecting Communities Is a Marathon, Not a Race appeared first on Internet Society.
The Hedge 78: Mike Bushong and Radical Candor
Communication is one of those soft skills so often cited as a key to success—but what does effective communication entail? Mike Bushong joins Eyvonne Sharp and Russ White on the Hedge to discuss radical candor, and the importance of giving and taking honest feedback to relationships and business.
Day Two Cloud 092: What AWS Lambda Is Good For
Today's Day Two Cloud podcast is a thorough introduction to AWS Lambda, which is AWS's serverless compute service. We discuss how Lamdba works, what it can do, use cases, and more. Our guide for today's conversation is Julian Wood, Senior Developer Advocate for the Serverless Product Group at AWS. This is not a sponsored show.
The post Day Two Cloud 092: What AWS Lambda Is Good For appeared first on Packet Pushers.
Day Two Cloud 092: What AWS Lambda Is Good For
Today's Day Two Cloud podcast is a thorough introduction to AWS Lambda, which is AWS's serverless compute service. We discuss how Lamdba works, what it can do, use cases, and more. Our guide for today's conversation is Julian Wood, Senior Developer Advocate for the Serverless Product Group at AWS. This is not a sponsored show.The Client to Cloud Enterprise
Every CIO needs to adopt a cloud strategy typically moving some e-commerce workloads to the public cloud. Yet, the migration path for the modern enterprise can be constrained by legacy barriers. With mission-critical applications that run in a diverse suite of legacy mainframe to helpdesk to IoT devices, how does one get started and what does this entail?
The reality for any enterprise whose core business is driven by a reliance on corporate-owned technology structure with strict ownership of critical assets is that it operates with many constraints. The cloudification and multi-cloud strategy requires a more pragmatic and systematic approach balancing workloads in the cloud and on-premise enterprise networks.
The Client to Cloud Enterprise
Every CIO needs to adopt a cloud strategy typically moving some e-commerce workloads to the public cloud. Yet, the migration path for the modern enterprise can be constrained by legacy barriers. With mission-critical applications that run in a diverse suite of legacy mainframe to helpdesk to IoT devices, how does one get started and what does this entail?
The reality for any enterprise whose core business is driven by a reliance on corporate-owned technology structure with strict ownership of critical assets is that it operates with many constraints. The cloudification and multi-cloud strategy requires a more pragmatic and systematic approach balancing workloads in the cloud and on-premise enterprise networks.
How to Tailor SASE According to Your Business Needs and Goals
If your business is considering tailoring a SASE model, first decide whether you want to create your own integrated security infrastructure yourself or with the help of a private services company.Reader Question: What Networking Blogs Would You Recommend?
A junior networking engineer asked me for a list of recommended entry-level networking blogs. I have no idea (I haven’t been in that position for ages); the best I can do is to share my list of networking-related RSS feeds and the process I’m using to collect interesting blogs:
Infrastructure
- RSS is your friend. Find a decent RSS reader. I’m using Feedly – natively in a web browser and with various front-ends on my tablet and phone (note to Google: we haven’t forgotten you killed Reader because you weren’t making enough money with it).
- If a blog doesn’t have an RSS feed I’m not interested.
Reader Question: What Networking Blogs Would You Recommend?
A junior networking engineer asked me for a list of recommended entry-level networking blogs. I have no idea (I haven’t been in that position for ages); the best I can do is to share my list of networking-related RSS feeds and the process I’m using to collect interesting blogs:
Infrastructure
- RSS is your friend. Find a decent RSS reader. I’m using Feedly – natively in a web browser and with various front-ends on my tablet and phone (note to Google: we haven’t forgotten you killed Reader because you weren’t making enough money with it).
- If a blog doesn’t have an RSS feed I’m not interested.
What Cloud Maturity Means in 2021
In 2021, the pace of cloud adoption and the pace of the cloud maturity model (CMM) journey have accelerated drastically.How Calico Cloud’s runtime defense mitigates Kubernetes MITM vulnerability CVE-2020-8554
Since the release of CVE-2020-8554 on GitHub this past December, the vulnerability has received widespread attention from industry media and the cloud security community. This man-in-the-middle (MITM) vulnerability affects Kubernetes pods and underlying hosts, and all Kubernetes versions—including future releases—are vulnerable.
Despite this, there is currently no patch for the issue. While Kubernetes did suggest a fix, it only applies to external IPs using an admission webhook controller or an OPA gatekeeper integration, leaving the door open for attackers to exploit other attack vectors (e.g. internet, same VPC cluster, within the cluster). We previously outlined these in this post.
Suggested fixes currently on the market
Looking at the Kubernetes security market, there are currently a few security solutions that attempt to address CVE-2020-8554. Most of these solutions fall into one or two of three categories:
- Detection (using Kubernetes audit logs)
- Prevention (using admission webhook controller)
- Runtime defense (inline defense)
A few of the solutions rely on preventing vulnerable deployments using an OPA gatekeeper integration; these solutions alert users when externalIP (possibly loadBalancerIP) is deployed in their cluster configurations. Most solutions, however, present a dual strategy with a focus on prevention and detection. They use an admission controller for Continue reading
History of Internet 2: Dale Finkelsen
The Internet was originally designed as a research network, but eventually morphed into a primarily commercial system. While “Internet 2” sounds like it might be a replacement for the Internet, it was really started as a way to interconnect high speed computing systems for researchers—a goal the Internet doesn’t really provide any longer. Dale Finkelsen joins Donald Sharp and Russ White for this episode of the History of Networking to discuss the origins of Internet 2.
Nokia Lab | LAB 2 OSPF |
Introduction
Hello everyone!
It's my second Nokia lab. I've tried to cover the main scope of OSPF questions. Lets lab!
Please check my first lab for input information.
Topology example
Lab tasks and questions:
- Basic OSPF (Backbone area)
- configure OSPF area 0 (R1 and R2, use P2P interface type, add “system” interface to OSPF)
- configure BFD and authentication on interfaces
- examine BFD session
- examine the connection between OSPF adjacency and BFD session
- How can you break adjacency? Try it. What factors can influence adjacency?
- What LSA types do you see?
- examine every LSA in detail
- What is the default preference of OSPF routes?
- Multi-area OSPF(Area 0, Area 1 TNSSA, Area 2 Normal, Area 3 Totally Stub)
- configure area 1 as a Totally NSSA area
- run debug OSPF hello packets between R1 and R3
- examine hello packets
- Does it contain special bits?
- export it to OSPF by policy
- What router type is R3?
- examine LSDB on R3 - especially check NSSA external LSA
- Does it contain special bits? Describe purpose of them