Network Break 289: Cisco Live 2020, Palo’s ML, HPE Edge Telco and more
Cisco Live Virtual topics so SecureX, Webex Collaboration and the "Connected Experience" (even if we don't really know what that is). Palo Alto gets machine learning features into the latest PAN-OS release for malware scanning, automated rule creation and more. HPE get Edgey with Telco plus more on Zoom security tradeoffs.Research: Off-Path TCP Attacks
I’s fnny, bt yu cn prbbly rd ths evn thgh evry wrd s mssng t lst ne lttr. This is because every effective language—or rather every communication system—carried enough information to reconstruct the original meaning even when bits are dropped. Over-the-wire protocols, like TCP, are no different—the protocol must carry enough information about the conversation (flow data) and the data being carried (metadata) to understand when something is wrong and error out or ask for a retransmission. These things, however, are a form of data exhaust; much like you can infer the tone, direction, and sometimes even the content of conversation just by watching the expressions, actions, and occasional word spoken by one of the participants, you can sometimes infer a lot about a conversation between two applications by looking at the amount and timing of data crossing the wire.
The paper under review today, Off-Path TCP Exploit, uses cleverly designed streams of packets and observations about the timing of packets in a TCP stream to construct an off-path TCP injection attack on wireless networks. Understanding the attack requires understanding the interaction between the collision avoidance used in wireless systems and TCP’s reaction to packets with a sequence number outside Continue reading
The Week in Internet News: U.S. DOJ Wants to Hold Website Liable for User Comments
Legal landmines: The U.S. Department of Justice has proposed ending a 24-year-old provision that protections websites and social media outlets from lawsuits for comments and other content posted by users, the Washington Post reports. While some Republicans have complained about social media sites allegedly burying conservative voices, the proposal would actually force sites into heavy moderation as a way to avoid lawsuits. The DOJ proposal would also end legal protections for tech companies that fail to allow law enforcement access to encrypted communications.
Taxing the Internet: The European Union is considering a digital goods tax, but it may have to do so without an agreement from the U.S. government, Al Jazeera reports. The U.S. government has announced it is withdrawing from negotiations with European countries over new international tax rules on digital goods. Nearly 140 countries have been involved in the negotiations.
Internet in space: SpaceX is opening up its Starlink low-earth orbit Internet service to beta testers, ZDNet says. SpaceX now has 540 satellites deployed, allowing for “minor” coverage. The company plans to eventually launch as many as 30,000 Starlink satellites.
The café society: Operators of Internet cafés and gaming centers in Thailand are pushing for Continue reading
Worth Reading: Starting Your Network Automation Journey
Daniel Teycheney published an excellent blog post with numerous hints on starting your automation journey including:
- Which programming language should you start with?
- Python or Ansible?
- What about Terraform?
- What resources could you use?
Measuring Route Origin Validation
How well are we doing with the adoption of Route Origin Validation in the Inter-Domain routing space? How many users can no longer reach a destination if the only available ROAs mark the destination announcement as invalid?Bayesian Finite Mixture Models
Motivation
I have been lately looking at Bayesian Modelling which allows me to approach modelling problems from another perspective, especially when it comes to building Hierarchical Models. I think it will also be useful to approach a problem both via Frequentist and Bayesian to see how the models perform. Notes are from Bayesian Analysis with Python which I highly recommend as a starting book for learning applied Bayesian.
Mixture Models
In statistics, mixture modelling is a common approach for model building. A Model built by simpler distributions to obtain a more complex model. For instance,
- Combination of two Gaussian’s to describe a bimodal distribution.
- Many Guassian’s to describe any arbitrary distributions.
We can use a mixture of models for modelling sub-populations or complicated distributions which can not be modelled with simpler distributions.
Finite Mixture Models
In Finite mixture models, as the name suggests, we mix a known number of models together with some weights associated for each model. Probability density of the observed data is a weighted sum of the probability density for K subgroups of the data where K is the number of models.
\[p(y|\theta) = \sum_{i=1}^{K} w_{i}p_{i}(y_{i}|\theta_{i})\]Here, \(w_{i}\) is the weight for each group and all the Continue reading
Connect a VXLAN-EVPN DC to the Public Cloud the right way
In my latest blog post i was ranting on how you should not do cloud connectivity, and specifically how you should stay miles away from whoever suggests the use of vxlan to “extend layer 2”.
Today i wanted to show you instead how you could actually extend your network into the cloud to allow workload mobility. It’s assumed that your application is “cloud ready” and won’t require a layer 2 adjacency with other components.
As part of a customer project i was supposed to design a cloud connectivity solution that would allow to extend several VRFs into AWS. The requirements were very clear, so let’s list them:
- It is required to extend around 15 VRFs into AWS to allow application migrations into the cloud.
- The solution needs to be ready for other clouds like Azure or IBM Cloud
- The solution needs to be scalable and be able to ensure support to additional VRFs without network redesign
The high level solution
Simply put, what we did was to extend VXLAN-EVPN Overlay into AWS, specifically by making the CSR 1000v a vtep.
In my specific use case, the customer is running a dual site VXLAN-EVPN DC with EVPN Multi-Site for the DCI Continue reading
DevAsc – Python Palindrome Challenge
Time for another Python challenge. This time it’s the palindrome challenge. What is a palindrome? A palindrome is a word, number, phrase, or other sequence of characters which reads the same backward as forward. Some examples are level, radar, stats.
The goal is to take a string the user inputs, reverse the string and see if it’s identical backward as forward. I will divide my code into two functions:
- get_string
- check_palindrome
The first function simply takes the string that is input. The second function checks if it’s a palindrome and prints the result.
As always, let’s first start with a docstring:
"""Program to check if string is a palindrome"""
Then we create a function to get the string from the user. This code should look familiar if you went through the divisors challenge.
def get_string():
"""Get a string from user to be used in function to check for palindrome"""
# Get string from user with input() and return result
user_string = input("Please enter a string to check if it's a palindrome: ")
return user_string
Now for the more interesting part, to check if a string is a palindrome. To do that, we need to reverse the string. How can we Continue reading
Worth Reading: When Security Takes a Backseat to Productivity
Brian Krebs wrote an interesting analysis of CIA’s Wikileaks report. In a nutshell, they were a victim of “move fast to get the mission done” shadow IT.
It could have been worse. Someone with a credit card could have started deploying stuff in AWS ;))
Not that anyone would learn anything from the PR nightmare that followed.
Measuring IPv6
This week I participated in a workshop on measurement of IPv6, organised by the US Naval Postgraduate School's Centre for Measurement and Analysis of Network Data (CMAND) and the folk at UC San Diego's Center for Applied Internet Data Analysis (CAIDA). Here's my notes from that workshop and a few opinions about IPv6 thrown is as well.Daily Roundup: AT&T Clarifies 5G Timeline
AT&T clarified its nationwide 5G timeline; Microsoft bought ADRM; and Verizon teased of its...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
DevAsc – Python Divisors Challenge
As part of Nick Russo’s DevAsc study plan, he recommends doing a few Python challenges to check your existing knowledge of Python. One of these is the Divisors challenge. The goal of of this exercise is to take a number, such as 12, and then find all the divisors, that is the numbers that you can divide 12 with and have no remainder. This would 1, 2, 3, 4, 6, and finally 12 itself.
Now, solving this doesn’t take a lot of code. However, I decided that gold plating is allowed in my studies of code. That is, I would rather practice writing functions from the get go rather than just quickly moving from exercises.
To find divisors, we need a little basic math. We can use the Modulo operation to find the reminder of a division. For example, if you divide 5 by 2, the remainder is 1. We call this 5 modulo 2. Because there is a remainder of 1, this means that 2 is not a divisor for 5. If we however use 9 and 3 instead, with 9 modulo 3, the remainder is 0. This means that 3 is a divisor for 9. We then Continue reading
Infinera, Windstream Claim 800G Milestone
Infinera says it has achieved 800 Gb/s line rates over a 730-kilometer from San Deigo to Pheonix on...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Verizon Teases Forthcoming DSS Launch for Nationwide 5G
Verizon’s market position on 5G is heavily dependent on its ability to use dynamic spectrum...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.
Remote work makes network visibility more critical than ever
What, exactly, is on your network? More to the point, where is your network? Ask yourself that now, then compare this to how your network looked a year ago. The answers have almost certainly changed, with most organizations seeing a rapid increase in the number of employees working remotely.
Hardened, policy-managed corporate networks are being exposed via remote VPNs to home network environments and, in some cases, employees’ home computers. This increases network complexity and may introduce new security and performance issues. To keep things running smoothly, having an in-depth view of the devices and events on your network is crucial.
Maintaining network performance with remote workers
When employees work from home, troubleshooting becomes more complex. Even if an employee is using a company-supplied computer, it is operating on an unmanaged network, and is exposed to everything else that happens to be on that network.
Today’s home networks often have multiple computers, smartphones, tablets, smart TVs, game consoles, and even Internet of Things devices like security camera doorbells. In addition to the security risks of putting a company computer on an insecure network, there are IT infrastructure problems that can arise when work-from-home becomes normalized.
A March 19, 2020, Network Continue reading
Heavy Networking 524: Network Modeling With Open Source pyNTM
Today on Heavy Networking we cover network modeling using the Python Network Traffic Modeler, or pyNTM, an open-source tool. Creator Tim Fiola explains what network modeling is and how you can use this tool to help you make WAN design decisions and avoid costly mistakes.Heavy Networking 524: Network Modeling With Open Source pyNTM
Today on Heavy Networking we cover network modeling using the Python Network Traffic Modeler, or pyNTM, an open-source tool. Creator Tim Fiola explains what network modeling is and how you can use this tool to help you make WAN design decisions and avoid costly mistakes.
The post Heavy Networking 524: Network Modeling With Open Source pyNTM appeared first on Packet Pushers.
FinTech Industry Report 2020-2025 – Trends, Developments and Growth Deviations Arising from the COVID-19 Pandemic
The Global Fintech Market is anticipated to grow at a CAGR of around 20% during the forecast period...
© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.