Worth Reading: Protocol Options Rusted Shut
A long while ago I found a great article explaining TLS 1.3 and its migration woes on CloudFlare blog. While I would strongly recommend you read it just to get familiar with TLS 1.3, the real fun starts when the author discusses migration problems, kludges you have to use trying to fix them, less-than-compliant implementations breaking those kludges, and options that were supposed to be dynamic, but turn out to be static (rusted shut) due to middleboxes that implemented protocols as-seen-in-the-wild not as-described-in-RFCs.
Change a few TLAs and you could be reading about TCP, IP stack, IPv6, BGP… I addressed those aspects in the ossification and centralization part of Upcoming Internet Challenges webinar.
Worth Reading: Protocol Options Rusted Shut
A long while ago I found a great article explaining TLS 1.3 and its migration woes on CloudFlare blog. While I would strongly recommend you read it just to get familiar with TLS 1.3, the real fun starts when the author discusses migration problems, kludges you have to use trying to fix them, less-than-compliant implementations breaking those kludges, and options that were supposed to be dynamic, but turn out to be static (rusted shut) due to middleboxes that implemented protocols as-seen-in-the-wild not as-described-in-RFCs.
Change a few TLAs and you could be reading about TCP, IP stack, IPv6, BGP… I addressed those aspects in the ossification and centralization part of Upcoming Internet Challenges webinar.
Exploring Vendor-Agnostic Extended Detection and Response
Extended Detection and Response (XDR) unifies data to truly detect threats in real-time and respond to them.Internet Insights – On Track for Launch
Things might have seemed quiet on our Measuring the Internet activities for the last few weeks, but lots of work has been taking place behind the scenes to ensure that the Internet Society’s Internet Insights platform will be ready for phase one of its launch in December 2020.
What We’re Working On
To help everyone gain deeper insight into the Internet, we’re consolidating trusted third-party Internet measurement data from various sources into a single platform – Insights. We’ll use this data to examine trends, generate reports, and tell data-driven stories. Insights will be available to everyone, everywhere so that anyone can better understand the health, availability, and evolution of the Internet.
Our Data Partners
Phase one of Insights will launch with an initial set of data that will help to illustrate two of our four focus areas: Internet Shutdowns and Enabling Technologies. We’re sharing data sourced from the following trusted third-party data providers and are working to integrate data from more organizations as the platform develops.
The Hedge #59: Dan Blum and Rational Cybersecurity
Security has taken on an aura of mystery to many network engineers—why can’t we approach security in the way we do many other topics, rationally? It turns out we can. Dan Blum joins Tom Ammon and Russ White to discuss the concepts and techniques behind rational cybersecurity.
2020 Latin America Chapter Workshop: Celebrating Successes and Mobilizing for an Internet of Opportunity
Our global community of Chapters is vibrant. Chapter members implement projects, share ideas, and take actions that help bring the Internet Society’s vision to life. In particular, the leaders of the Latin American Chapters have had the opportunity to meet annually in a workshop dedicated to them.
2020 has led us to think of new ways to keep in touch and continue working for the Internet to remain open, globally-connected, trustworthy, and secure for everyone. This is why, from October 26 to 30, we held the 2020 Latin American Chapters Workshop in virtual format, with 100% participation of the Latin American Chapters.
Through 20 sessions, the workshop was a collaborative space and a meeting point for the staff and the Internet Society community. The 333 people who participated shared their knowledge and experience around topics related to our 2020 Action Plan. To offer a holistic approach, we also held sessions on leadership and Chapter management.
At the end of each day we created a summary of the most important points of each session. For these summaries we decided to give the audio format a try and created a playlist that you cannot miss. Listen – each episode lasts about five Continue reading
Tech Bytes: Getting The Benefits Of Proactive Network Monitoring With Riverbed (Sponsored)
Today's Day Two Cloud Tech Bytes is all about proactive network monitoring with sponsor Riverbed. The goal of proactive network monitoring is to see and respond to an emerging issue before it becomes a problem that affects end users or application performance. Our guest is Chris Eckert, Technical Solutions Architect at Riverbed.Tech Bytes: Getting The Benefits Of Proactive Network Monitoring With Riverbed (Sponsored)
Today's Day Two Cloud Tech Bytes is all about proactive network monitoring with sponsor Riverbed. The goal of proactive network monitoring is to see and respond to an emerging issue before it becomes a problem that affects end users or application performance. Our guest is Chris Eckert, Technical Solutions Architect at Riverbed.
The post Tech Bytes: Getting The Benefits Of Proactive Network Monitoring With Riverbed (Sponsored) appeared first on Packet Pushers.
My internship: Brotli compression using a reduced dictionary
Brotli is a state of the art lossless compression format, supported by all major browsers. It is capable of achieving considerably better compression ratios than the ubiquitous gzip, and is rapidly gaining in popularity. Cloudflare uses the Google brotli library to dynamically compress web content whenever possible. In 2015, we took an in-depth look at how brotli works and its compression advantages.
One of the more interesting features of the brotli file format, in the context of textual web content compression, is the inclusion of a built-in static dictionary. The dictionary is quite large, and in addition to containing various strings in multiple languages, it also supports the option to apply multiple transformations to those words, increasing its versatility.
The open sourced brotli library, that implements an encoder and decoder for brotli, has 11 predefined quality levels for the encoder, with higher quality level demanding more CPU in exchange for a better compression ratio. The static dictionary feature is used to a limited extent starting with level 5, and to the full extent only at levels 10 and 11, due to the high CPU cost of this feature.
We improve on the limited dictionary use approach and add Continue reading
DENT
Introducing DENT OS, switchdev NOS for the rest of us talk, presented at the recent Open Source Summit, describes the Linux Foundation DENT project. The slides from the presentation are available.
Linux switchdev is an in-kernel driver model for switch devices which offload the forwarding (data) plane from the kernel. Integrating switch ASIC drivers in the Linux kernel makes switch ports appear as additional Linux network interfaces that can be configured and managed using standard Linux tools.
DENT is an Ubuntu based Linux distribution that packages the drivers for switch hardware (fans, temperature sensors, ASIC, etc) along with the open source FRRouting routing protocol suite which includes protocol daemons for BGP, IS-IS, LDP, OSPF, PIM, and RIP. The FRRouting software uses the Linux netlink API to program Linux kernel packet forwarding, which on a hardware switch platform is offloaded by the switchdev driver to the ASIC for line rate forwarding.
A major benefit of DENT's approach to making Linux into the network operating system is that the same tools used to configure, manage and monitor Linux servers can also be used to manage network switches. In addition, a DENT virtual machine behaves in exactly the same way as Continue reading
Mark Your Calendars – The Modern Network for a Future Ready Business
Applications are going through a major transformation – they are becoming more dynamic, complex, and distributed. They are often built on cloud-native principles and run on-premises and in the cloud. As we speak with our customers and industry analysts, we consistently hear about the need to rethink how the network supports this transformation and why it is so important for the business.
VMware is hosting a global online event – The Modern Network for a Future Ready Business. VMware executives will join industry analysts, customers, and partners to create an event that will be memorable and worthwhile, whether you are a business leader, an architect, a developer, or part of enterprise IT.
In this virtual event, we will take a look at the traditional networking model, carefully identify its shortcomings when it comes to servicing the application and the end user and make the case for a new framework – the Modern Network. Traditional networking takes a bottom up approach – focusing on connecting boxes in the campus, branch and data center with little attention paid to the apps running on top of the infrastructure. In contrast, the Modern Network keeps the end user application experience front Continue reading
Tech Leaders on the Future of Remote Work
Dozens of top leaders and thinkers from the tech industry and beyond recently joined us for a series of fireside chats commemorating Cloudflare’s 10th birthday. Over the course of 24 hours of conversation, many of these leaders touched on how the workplace has evolved during the pandemic, and how these changes will endure into the future.
Here are some of the highlights.
On the competition for talent
Stewart Butterfield
Co-founder and CEO, Slack
The thing that I think people don't appreciate or realize is that this is not a choice that companies are really going to make on an individual basis. I've heard a lot of leaders say, “we're going back to the office after the summer.”
If we say we require you to be in the office five days a week and, you know, Twitter doesn't, Salesforce doesn't — and those offers are about equal — they'll take those ones. I think we would also lose existing employees if they didn't believe that they had the flexibility. Once you do that, it affects the market for talent. If half of the companies support distributed work or flexible hours and flexible time in the office, you can compensate Continue reading
Day Two Cloud 074: Why Is There Still Shadow IT?
Why are we talking about shadow IT in 2020? Didn't we DevOps shadow IT out of the picture? Turns out we didn't. All the initiatives and process changes that were supposed to eliminate the need for shadow IT didn't quite work out the way we expected. Guest Christopher Kusek stops by to talk about why shadow IT still exists, and how to deal with it.Day Two Cloud 074: Why Is There Still Shadow IT?
Why are we talking about shadow IT in 2020? Didn't we DevOps shadow IT out of the picture? Turns out we didn't. All the initiatives and process changes that were supposed to eliminate the need for shadow IT didn't quite work out the way we expected. Guest Christopher Kusek stops by to talk about why shadow IT still exists, and how to deal with it.
The post Day Two Cloud 074: Why Is There Still Shadow IT? appeared first on Packet Pushers.