Archive

Category Archives for "Networking"

Palo Alto CLI Tips and Tricks

Handy tips and tricks for working with the Palo Alto network CLI. Config Output Format The configuration output format can be changed. This can be useful for backing up the config or capturing a structured format from the CLI. The following formats are available: default json ...

Cisco bolsters edge networking family with expanded SD-WAN, security options

Cisco this week expanded its Catalyst 8000 Edge Platform family to offer enterprise edge customers more secure SD-WAN and cloud resource access options.The Cisco Catalyst 8000 edge router collection currently includes three models: the high-end 8500 for data-center or colocation customers, the 8300 for branch users, and the software-based 8000 for virtual environments. Feature support includes advanced routing, SD-WAN, security and secure-access service edge (SASE), depending on customer requirements, and all models run Cisco's IOS XE operating system software.To read this article in full, please click here

One Year After the First COVID Lockdown, A Secure Internet Shouldn’t Just Be for the Privileged Few

This past weekend, we observed the one-year anniversary of the first of many COVID-19 lockdowns. Since then, schools, small businesses, healthcare providers, and financial institutions around the world have relied on the Internet to maintain operations and deliver critical services – bringing the need for broadband access into sharp focus. The overflow of demand for digital communication amid the ongoing pandemic has put the Internet’s structural integrity and capacity to the test. Overwhelmingly, it has delivered.

The Internet’s network of networks has enabled massive segments of the global workforce to shift to remote operations, allowed schools to provide online educations to students around the world, and offered a space for countless businesses and individuals to continue to serve their communities amid a global crisis. The Internet’s role in not just sustaining crucial aspects of day-to-day life, but enabling communities to thrive throughout the COVID-19 pandemic is undoubtedly crucial. It is clear – now more than ever – that the Internet is indeed a force for good. The success of the Internet is the result of its universally accessible, decentralized, and open architecture; this Internet Way of Networking must be protected to allow us all to use this critical resource to its Continue reading

Agglutinating Problems Considered Harmful (RFC2915, Rule 5)

In the networking world, many equate simplicity with the fewest number of moving parts. According to this line of thinking, if there are 100 routers, 10 firewalls, 3 control planes, and 4 management systems in a network, then reducing the number of routers to 95, the number of firewalls to 8, the number of control planes to 1, and the number of management systems to 3 would make the system “much simpler.” Disregarding the reduction in the number of management systems, scientifically proven to always increase in number, it does seem that reducing the number of physical devices, protocols in use, etc., would tend to decrease the complexity of the network.

The wise engineers of the IETF, however, has a word of warning in this area that all network engineers should heed. According to RFC1925, rule 5: “It is always possible to agglutinate multiple separate problems into a single complex interdependent solution. In most cases this is a bad idea.” When “conventional wisdom” and the wisdom of engineers with the kind of experience and background as those who write IETF documents contradict one another, it is worth taking a deeper look.

A good place to begin is Continue reading

Using vim to quickly encrypt and decrypt files

Any time you have a text file on a Linux system that you want to keep private regardless of the privileges that other users with accounts on the system may have, you can resort to encryption. One easy way to do this is to use a feature that is built into the vim editor. You will have to provide a password that will you then need to remember or store in a password safe, but the process is straightforward. The file name will not be changed in any way, and the content of the file can be recovered in much the same way that it was encrypted.To begin, let's say that we have a file that begins like this:$ head -3 mysecret I feel the need to put my deepest darkest secret into a text file on my Linux system. While this likely isn't common practice, I'm not sure that I can trust anyone with it. But a penguin? That's a different story! So here goes ... Now, not wanting to risk your deepest darkest secret to fellow users, you use vim with its -x (encryption) option.To read this article in full, please click here

Using the vim editor in Linux to quickly encrypt and decrypt files

Any time you have a text file on a Linux system that you want to keep private regardless of the privileges that other users with accounts on the system may have, you can resort to encryption. One easy way to do this is to use a feature that is built into the vim editor. You will have to provide a password that will you then need to remember or store in a password safe, but the process is straightforward. The file name will not be changed in any way, and the content of the file can be recovered in much the same way that it was encrypted.To begin, let's say that we have a file that begins like this:$ head -3 mysecret I feel the need to put my deepest darkest secret into a text file on my Linux system. While this likely isn't common practice, I'm not sure that I can trust anyone with it. But a penguin? That's a different story! So here goes ... Now, not wanting to risk your deepest darkest secret to fellow users, you use vim with its -x (encryption) option.To read this article in full, please click here

Using the vim editor in Linux to quickly encrypt and decrypt files

Any time you have a text file on a Linux system that you want to keep private regardless of the privileges that other users with accounts on the system may have, you can resort to encryption. One easy way to do this is to use a feature that is built into the vim editor. You will have to provide a password that will you then need to remember or store in a password safe, but the process is straightforward. The file name will not be changed in any way, and the content of the file can be recovered in much the same way that it was encrypted.To begin, let's say that we have a file that begins like this:$ head -3 mysecret I feel the need to put my deepest darkest secret into a text file on my Linux system. While this likely isn't common practice, I'm not sure that I can trust anyone with it. But a penguin? That's a different story! So here goes ... Now, not wanting to risk your deepest darkest secret to fellow users, you use vim with its -x (encryption) option.To read this article in full, please click here

Fixing XML-to-JSON Conversion Challenges

In the last weeks I described the challenges you might face when converting XML documents that contain lists with a single element into JSON, be it on device (Nexus OS) or in an Ansible module. Now let’s see how we can fix that.

Fixing XML-to-JSON Conversion Challenges

In the last weeks I described the challenges you might face when converting XML documents that contain lists with a single element into JSON, be it on device (Nexus OS) or in an Ansible module. Now let’s see how we can fix that.

Blog posts in this series

Elixir Notes: Variables

Define a variable in Elixir with the equals (=) operator. Considerations Variables can start with a lowercase [a-z] or an underscore _ Variables can contain upper/lower case [a-zA-Z] and the _ underscore characters. snake_case is the formatting convention used for...

My List of Unusual Things in DNS

This is a running list of unusual data found in the Domain Name System.

Typically, DNS stores name-to-IP (for example, foo.example.net -> 192.0.2.123) and IP-to-name mappings (i.e., the inverse). But, the DNS is arguably the biggest, most distributed key/value store on the planet, making it a great place to stash all kinds of simple data.

The Week in Internet News: Google Threatens to Leave Australia

Google won’t pay for news: Google has threatened to end its search engine services in Australia over the government’s efforts there to require the company to pay news publishers for articles it links to, the BBC reports. The proposed Australian news code would require Google and Facebook to enter into mediated negotiations with publishers over the value of news content, if they don’t reach agreement first.

RIP, balloon-based Internet: Alphabet, Google’s parent company, is shutting down Loon, its attempt to deliver Internet service through balloons floating in the stratosphere, CNet reports. Alphabet says the business model doesn’t work, with the company unable to get costs low enough to offer services.

Judge rejects Parler: A U.S. judge has ruled that Amazon doesn’t have to reinstate Parler, the conservative Twitter competitor, after the company kicked it off its web hosing services this month, NPR reports. Amazon kicked out Parler after some members of the site threatened U.S. lawmakers and allegedly used the service to plan the 6 January attack on the U.S. Capitol. Parler has argued that Amazon’s decision threatens it with “extinction,” but the judge ruled that Amazon is under no obligation to “host the incendiary speech that Continue reading

Tech Bytes: Doing Better Than ‘Good’ Or ‘Bad’ For UX Metrics (Sponsored)

On today's Tech Bytes podcast, sponsored by AppNeta, we talk about getting real-time monitoring in place so that you can clearly define your performance benchmarks, accurately measure them from the end-user perspective, and have a strategy to make sure those benchmarks are met. Our guests are John Tewfik, Director of Global Alliances; and Seth Differ, Senior Manager, Solutions Consulting.

The post Tech Bytes: Doing Better Than ‘Good’ Or ‘Bad’ For UX Metrics (Sponsored) appeared first on Packet Pushers.

Tech Bytes: Doing Better Than ‘Good’ Or ‘Bad’ For UX Metrics (Sponsored)

On today's Tech Bytes podcast, sponsored by AppNeta, we talk about getting real-time monitoring in place so that you can clearly define your performance benchmarks, accurately measure them from the end-user perspective, and have a strategy to make sure those benchmarks are met. Our guests are John Tewfik, Director of Global Alliances; and Seth Differ, Senior Manager, Solutions Consulting.

Focus is a Virtue

The modern world craves our attention—but only in short bursts. To give your attention to any one thing for too long is failing, it seems, because you might miss out on something else of interest. We have entered the long tail of the attention economy, grounded in finding every smaller slices of time in which the user’s attention can be captured and used.

The damage of the attention economy is wide-ranging, including the politicization of everything, and the replacing ideas in politics with hate and fear. But for the network engineering world, the problem is exactly as Ethan describes— Technology mastery will be increasingly in the hands of the very few as a dwindling number of folks are willing, or perhaps even able, to create a mental state of focused learning. The application delivery stacks are enormously more complex than they were 25 years ago. Learning them requires a huge amount of focus over long periods of time.

The problem is obvious for anyone with eyes to see. What is the solution? The good news is there are solutions. The bad news is these solutions are swimming upstream against the major commercial interests of our day, so it’s going to Continue reading