D2C233: Pinning Down Private Clouds
What are we talking about when we are all talking about private clouds? On-prem? Hybrid? Virtualization? Where does hardware fit into it all– and would younger engineers even know what to do with a physical piece of hardware? Driven by Broadcom’s acquisition of VMare and the anticipated rising costs of VMare licenses, enterprises are exploring... Read more »Maui Teaches Us Why We Need to Change Our Data Protection Strategies
Needing to protect all data from disasters while bringing costs down means a one-size-fits-all DR strategy no longer works.Welcome to Network Automation Nerds
Hi, I’m Eric Chou, and welcome to the Network Automation Nerds podcast, the newest addition to the Packet Pushers family. This is your audio destination for network engineers and infrastructure professionals who are on a mission to build stronger, more resilient systems through the art of network automation. Join us as we connect with a... Read more »Shaping the future: Cloudflare’s service partner strategy
Introduction and partner landscape
Cloudflare’s global network spans over 310 cities in more than 120 countries, and interconnects with 13,000 networks globally, including major ISPs, cloud services, and enterprises. This network serves as a globally distributed foundation from which Cloudflare offers a broad product portfolio spanning everything from core Internet services like security, performance, and reliability — to web development, AI, corporate access management, creative products, and more.
The diversity of our products is reflected in our millions of customers, who span a dizzying array of industries and institutions in nearly every country around the world. This incredible diversity has meant a lot of specialisation, as Cloudflare’s adaptable product suite is fitted for each use case. Many customers are keen to have a partner to help them ensure they are getting everything they can out of Cloudflare. And they’d like to do it in the language of their choice, with partners who are familiar with the industries and regions they operate in.
This is why Cloudflare has for many years invested in our Partner Services programs, and has made a concerted effort to scout and partner with the world’s leading service providers who can deliver Cloudflare solutions to the Continue reading
BGP Labs: Session Templates
Configuring an IBGP session on a route reflector takes a half-dozen parameters, starting with the remote BGP AS number (equal to the local one), remote IP address, and the source IP address or interface. You might have to specify the propagation of BGP communities and an MD5 password, and you will definitely have to specify that the BGP neighbor is a route reflector client.
Wouldn’t it be nice if you could group those parameters into a template and apply the template to a neighbor? Most BGP implementations have something along those lines. That feature could be called a session template or a peer group, and you can practice it in the next BGP lab exercise.
BGP Labs: Session Templates
Configuring an IBGP session on a route reflector takes a half-dozen parameters, starting with the remote BGP AS number (equal to the local one), remote IP address, and the source IP address or interface. You might have to specify the propagation of BGP communities and an MD5 password, and you will definitely have to specify that the BGP neighbor is a route reflector client.
Wouldn’t it be nice if you could group those parameters into a template and apply the template to a neighbor? Most BGP implementations have something along those lines. That feature could be called a session template or a peer group, and you can practice it in the next BGP lab exercise.
Proxmox Cloud-Init with Terraform and SaltStack
https://codingpackets.com/blog/proxmox-cloud-init-with-terraform-and-saltstack
PP001: WPA3: Everything You Wanted To Know But Were Afraid To Ask
It’s time to make the switch from WPA2 to WPA3. We cover how to do it and what migration challenges to be prepared for no matter what WLAN you are dealing with (open, passphrase, or 802.1x) . We also discuss what features make WPA3 an improvement over WPA2, particularly the replacement of PSK with SAE.... Read more »HS065: Calculating the Value of Telco AIOps (Sponsored)
AI and automation are hot topics in telco, but not all projects are created equal in terms of the bottom-line value. We dive into how to calculate total value, and discuss why the area of assurance looks set to generate the most value. We provide key questions to ask when considering what AIOps to add... Read more »
How Cisco Sees Silicon One Easing Network Convergence and Helping with AI
With the rise of AI and its massive impact on networking, Cisco has pivoted swiftly to enable customers to utilize its converged networks to run taxing AI apps.Enhancing Zaraz support: introducing certified developers
Setting up Cloudflare Zaraz on your website is a great way to load third-party tools and scripts, like analytics or conversion pixels, while keeping things secure and performant. The process can be a breeze if all you need is just to add a few tools to your website, but If your setup is complex and requires using click listeners, advanced triggers and variables, or, if you’re migrating a substantial container from Google Tag Manager, it can be quite an undertaking. We want to make sure customers going through this process receive all the support they need.
Historically, we've provided hands-on support and maintenance for Zaraz customers, helping them navigate the intricacies of this powerful tool. However, as Zaraz's popularity continues to surge, providing one-on-one support has become increasingly impractical.
Companies usually rely on agencies to manage their tags and marketing campaigns. These agencies often have specialized knowledge, can handle diverse client needs efficiently, scale resources as required, and may offer cost advantages compared to maintaining an in-house team. That's why we're thrilled to announce the launch of the first round of certified Zaraz developers, aligning with the way other Tag Management software works. Our certified developers have undergone an intensive Continue reading
Tech Bytes: Securing IoT/OT Devices: Beyond Traditional Solutions (Sponsored)
Hackers access a casino’s network through a fish tank thermometer. No, this isn’t Ocean’s Eleven, this is the reality of IoT/OT risks to enterprises today. Through its AI/ML-powered system, Palo Alto Networks takes a multi-pronged approach to these threats: Device identification, risk assessment, segmentation in zero trust policies, intrusion prevention, and automated security workflow. Kalyan... Read more »How to Choose the Right Form of LTE Connectivity for IoT
LTE technology offers a variety of performance capabilities and price options. This makes it a popular choice for IoT deployments.NB466: Identifying The Most-Hated ISP; Should AI Write Your Security Policies?
Take a Network Break! We start with an FU on return-to-office policies, and then dive into some announcements from Cisco Live in Amsterdam. Cisco is rolling out rack and blade servers with Nvidia Tensor chips, and Cisco is adding new features to its Digital Experience Monitoring capabilities. Verizon hopes to utilize its MPLS network as... Read more »A look at Internet traffic trends during Super Bowl LVIII
After winning Super Bowl LVII in 2023, the Kansas City Chiefs entered Super Bowl LVIII with an opportunity to pull off back-to-back wins, a feat last achieved by the New England Patriots two decades earlier, in 2003 and 2004. They faced the San Francisco 49ers, five-time Super Bowl champions, although their last win was nearly three decades ago, in 1995. The game started slowly, remaining scoreless until the start of the second quarter, after which both teams traded the lead until a tie score at the end of the game made it only the second Super Bowl to go into overtime. And if you weren’t watching it for the football, the advertisements certainly didn’t disappoint. And if you weren’t watching it for the football or the advertisements, but instead were waiting to see how many times CBS cut away to a shot of Taylor Swift during the game, the answer is… 16. (By my count, at least.)
In this blog post, we will explore which Super Bowl advertisements drove the largest spikes in traffic, as well as examine how traffic to food delivery services, social media, sports betting, and video platform websites and applications changed during the game. In Continue reading
Cloudflare defeats patent troll Sable at trial
For almost seven years, Cloudflare has been fighting against patent trolls. We’ve been doing this successfully through the efforts of our own legal team, external counsel, and the extraordinary efforts of people on the Internet looking for prior art (and getting rewarded for it) through our Project Jengo.
While we refuse to pay trolls for their meritless claims, we’ve been happy to award prizes to Project Jengo participants who help stop the trolls through prior art that invalidates their patents or claims. Project Jengo participants helped us in the past roundly beat the patent troll Blackbird (who subsequently went out of business).
Today, we’re back to talk about yet another win thanks to a lot of work by us, our external counsel, and Project Jengo participants.
Sable
Last Thursday, on a clear, sunny morning in Waco, Texas, a jury returned a verdict after less than two hours of deliberation. The jury found that Cloudflare did not infringe the patent asserted against Cloudflare by patent trolls Sable IP and Sable Networks.
And while that would have been enough to decide the case by itself, the jury went further and found that Sable’s old and broadly-written patent claim was invalid and never Continue reading
Can We Skip the Network Layer?
I mentioned that you don’t need node addresses when dealing with only two entities. Now and then, someone tries to extend this concept and suggests that the network layer addressing isn’t needed if the solution is local. For instance, if we have a solution that is supposed to run only on a single Ethernet segment, we don’t need network layer addressing because we already have data link layer addresses required for Ethernet to work (see also: ATAoE).
Too often in the past, an overly ingenious engineer or programmer got the idea to simplify everyone’s life and use the data link layer addresses as the ultimate addresses of individual nodes. They would then put the transport layer on top of that to get reliable packet transport. Finally, put whatever application on top of the transport layer. Problem solved.
Can We Skip the Network Layer?
I mentioned that you don’t need node addresses when dealing with only two entities. Now and then, someone tries to extend this concept and suggests that the network layer addressing isn’t needed if the solution is local. For instance, if we have a solution that is supposed to run only on a single Ethernet segment, we don’t need network layer addressing because we already have data link layer addresses required for Ethernet to work (see also: ATAoE).
Too often in the past, an overly ingenious engineer or programmer got the idea to simplify everyone’s life and use the data link layer addresses as the ultimate addresses of individual nodes. They would then put the transport layer on top of that to get reliable packet transport. Finally, put whatever application on top of the transport layer. Problem solved.
Home Lab
https://codingpackets.com/blog/home-lab