BPF: The future of configs
BPF has some wow-presentations, showing how it enables new performance measuring and tracing. Brendan Gregg has a whole bunch, for example. But I don’t think’s it’s very well explained just why BPF is such a big deal.
Most of the demos are essentially cool and useful looking tools, with an “oh by the way BPF made this happen”. Similar to how it’s common to see announcements about some software, where the very title of the announcement ends with “written in Go”. It gives a vibe of “so what?”.
If you’re interested in system tooling and configuration, and aren’t already aware of BPF, then this is for you.
I’m not an expert on BPF, but this will hopefully help someone else bootstrap faster.
bpftrace
bpftrace is really cool. Clearly it’s inspired by dtrace. But one should not mistake bpftrace for BPF. bpftrace is only yet another tool that uses BPF, albeit one that allows you to create trace points in a domain specific language.
This is not the full power of BPF. It’s not at all the big picture.
BPF and configs
Let’s take packet filtering as an example. Once upon a time in Linux
there was ipfwadm. I Continue reading
Pyenv Install Centos 8
Install and use pyenv on Centos 8.Data Mobility and Freedom Maximizes Its Business Value
Companies that fail to manage their unstructured file and object data often end up with unstructured data silos, leaving valuable intelligence on the table.IETF 109
The latest IETF meeting was held in mid-November. Here I’m going to pick just one presentation from each of a small collection of the week’s working group meetings and explore that topic in a little more detail.The History of EARN, RARE, and European Networks (part 1)
European networks from the mid-1980’s to the late 2000’s underwent a lot of change, bolstered by the rise and fall of America Online, the laying of a lot of subsea cables, and the creation of several organizations, including EARN and RARE, to bolster the spread and use of the Internet. Daniele Bovio joins Donald Sharp and Russ White on this episode of the History of Networking to give us a good overall perspective of this history.
You can find more information about the history of EARN at https://earn-history.net.
New LibSSH Connection Plugin for Ansible Network Replaces Paramiko, Adds FIPS Mode Enablement
As Red Hat Ansible Automation Platform expands its footprint with a growing customer base, security continues to be an important aspect of organizations’ overall strategy. Red Hat regularly reviews and enhances the foundational codebase to follow better security practices. As part of this effort, we are introducing FIPS 140-2 readiness enablement by means of a newly developed Ansible SSH connection plugin that uses the libssh library.
Ansible Network SSH Connection Basics
Since most network appliances don't support or have limited capability for the local execution of a third party software, the Ansible network modules are not copied to the remote host unlike linux hosts; instead, they run on the control node itself. Hence, Ansible network can’t use the typical Ansible SSH connection plugin that is used with linux host. Furthermore, due to this behavior, performance of the underlying SSH subsystem is critical. Not only is the new LibSSH connection plugin enabling FIPS readiness, but it was also designed to be more performant than the existing Paramiko SSH subsystem.
The top level network_cli connection plugin, provided by the ansible.netcommon Collection (specifically ansible.netcommon.network_cli), provides an SSH based connection to the network appliance. It in turn calls the Continue reading
Leading from the Front: How the Internet Society’s Training Efforts Are Helping to Upskill Africa’s Future Digital Champions
Tech skills are important for digital transformation in Africa. To realize this transformation, the Internet Society is supporting work-ready digital skills development with local talent.
By 2030, over 230 million jobs in Sub-Saharan Africa will require digital skills. With the fourth industrial revolution taking shape, we are helping to build a community of digital champions in Africa who will fill the skills gap on the continent.
African governments are already banking big on the contributions that digital technologies will provide to this transformation. For example, the African Union’s Digital Transformation Strategy (2020-2030) wants to create a “Digital Single Market” for the continent, while national governments are increasingly embracing digitalization in several sectors of their economies.
But the continent needs the right talent for its ambitious economic agenda to succeed. Though more learners are taking interest in STEM (science, technology, engineering, and mathematics) subjects, school curricula in Africa primarily focus on theoretical learning with scarce engagement with digital subjects. This is one of the main reasons a skills gap exists for jobs that require digital skills.
To play a role in positively changing these circumstances, the Internet Society developed the Introduction to Network Operations course, which equips novice and intermediate level Continue reading
Fast Failover: Hardware and Software Implementations
In previous blog posts in this series we discussed whether it makes sense to invest into fast failover network designs, the topologies you can use in such designs, and the fault detection techniques. I also hinted at different fast failover implementations; this blog post focuses on some of them.
Hardware-based failover changes the hardware forwarding tables after a hardware-detectable link failure, most likely loss-of-light or transceiver-reported link fault. Forwarding hardware cannot do extensive calculations; the alternate paths are thus usually pre-programmed (more details below).
Fast Failover: Hardware and Software Implementations
In previous blog posts in this series we discussed whether it makes sense to invest into fast failover network designs, the topologies you can use in such designs, and the fault detection techniques. I also hinted at different fast failover implementations; this blog post focuses on some of them.
Hardware-based failover changes the hardware forwarding tables after a hardware-detectable link failure, most likely loss-of-light or transceiver-reported link fault. Forwarding hardware cannot do extensive calculations; the alternate paths are thus usually pre-programmed (more details below).
Pyenv Install Centos 8
cuction Pyenv is a similar tool to rbenv, where you can easily install and use mulitple versions of python. This allows you to test across multiple versions of python as well as pin an app to a specific release. Software Versions Used Centos - 8.2.2004 Pyenv - 1.2.21 Pre-requisites ...Advanced Threat Intelligence Begins with Network Visibility
The current reality has pushed users, applications, and data to the edge of the network —where traditional perimeter security solutions have historically fallen short. Threat actors know this, of course, and have spent the past nine months targeting the weakest link in the security stack: the user.
Email and web browsing continue to be popular attack vectors. Security vendors have beefed up web and email security, but issues with legacy architectures are letting some attacks slip through. Information and context derived from advanced threat intelligence remain the most powerful weapons in a security team’s arsenal. Advanced technologies such as artificial intelligence and machine learning can help scan, detect, and warn at scale, but they’re not bulletproof. Increasingly sophisticated threat actors, powered by AI and ML, are finding ways to evade threat detection.
Security professionals interested in learning more about the current state of advanced threat inspection, threat intelligence, and the emerging technologies that power these capabilities should check out the following sessions:
The Promise and Peril of AI for Cybersecurity (ISNS2794)
Artificial intelligence and machine learning are powerful, indeed essential, components of security Continue reading
Tech Bytes: Palo Alto Networks Pushes For The Next Generation Of SD-WAN (Sponsored)
On today's Tech Bytes, sponsored by Palo Alto Networks, we discuss advances in Palo Alto's CloudGenix SD-WAN capabilities, explore two new SD-WAN appliances, and talk about where the technology is headed. Our guest is Kumar Ramanchandran, SVP of Products at Palo Alto and a CloudGenix co-founder.Tech Bytes: Palo Alto Networks Pushes For The Next Generation Of SD-WAN (Sponsored)
On today's Tech Bytes, sponsored by Palo Alto Networks, we discuss advances in Palo Alto's CloudGenix SD-WAN capabilities, explore two new SD-WAN appliances, and talk about where the technology is headed. Our guest is Kumar Ramanchandran, SVP of Products at Palo Alto and a CloudGenix co-founder.
The post Tech Bytes: Palo Alto Networks Pushes For The Next Generation Of SD-WAN (Sponsored) appeared first on Packet Pushers.
The Senior Trap
How do you become a “senior engineer?” It’s a question I’m asked quite often, actually, and one that deserves a better answer than the one I usually give. Charity recently answered the question in a round-a-bout way in a post discussing the “trap of the premature senior.” She’s responding to an email from someone who is considering leaving a job where they have worked themselves into a senior role. Her advice?
Quit!
This might seem to be counter-intuitive, but it’s true. I really wanted to emphasize this one line—
Exactly! Knowing the CLI for one vendor’s gear, or even two vendor’s gear, is not nearly the same as understanding how BGP actually works. Quoting the layers in the OSI model is just not the same thing as being able to directly apply the RINA model to a real problem happening right now. You’re not going to gain the understanding of “the whole ball of wax” by staying in one place, or doing one thing, for the rest of Continue reading
How To Improve Your Networking Capability When It Comes To Your Career
When it comes to working, networking capability becomes extremely important. No matter what is your profession, you need to improve your networking capability if you want to increase your worth and efficiency. With great networking capabilities, you will not only be able to learn from the people you meet, but it will also benefit the company in which you are working. Additionally, you will also get chances to increase your authority. Thus, networking capability works as a fuel that aids your success. This is why you should always look for chances to improve your networking capabilities.
So, if you are not sure where to start or how to improve your networking capability, then continue reading. You will find everything that you need to know here.
Set Up Networking Goals
The most important thing that you need to do if you want to improve your networking capability is to set goals for yourself. You need a purpose or a goal for networking. These goals can be anything such as getting business cards from potential suppliers. You can also set a goal to find out what are the competitors doing in the market. You can also set a goal to secure Continue reading