Archive

Category Archives for "Networking"

History of Networking: Networking at Google with Richard Hay

Google fascinates network engineers because of the sheer scale of their operations, and their obvious influence over the way networks are built and operated. In this episode of the History of Networking, Richard Hay joins Donald Sharp and Russ White to talk about some past designs and stories of failure and success in one of the world’s largest operating networks.

download

Two clicks to add region-based Zero Trust compliance

Two clicks to add region-based Zero Trust compliance

Your team members are probably not just working from home - they may be working from different regions or countries. The flexibility of remote work gives employees a chance to work from the towns where they grew up or countries they always wanted to visit. However, that distribution also presents compliance challenges.

Depending on your industry, keeping data inside of certain regions can be a compliance or regulatory requirement. You might require employees to connect from certain countries or exclude entire countries altogether from your corporate systems.

When we worked in physical offices, keeping data inside of a country was easy. All of your users connecting to an application from that office were, of course, in that country. Remote work changed that and teams had to scramble to find a way to keep people productive from anywhere, which often led to sacrifices in terms of compliance. Starting today, you can make geography-based compliance easy again in Cloudflare Access with just two clicks.

You can now build rules that require employees to connect from certain countries. You can also add rules that block team members from connecting from other countries. This feature works with any identity provider configured and requires no Continue reading

Docker Services 101

Last week I published an overview of how complex (networking-wise) Docker Swarm services can get. This time let’s focus on something that should have been way simpler: running container-based services on a single Linux host.

In the first part of this article I’m focusing on the basics, including exposed ports, and published ports. The behind-the-scenes details are coming in a week or so; in the meantime you can enjoy (most of them) in the Docker Networking Deep Dive webinar.

Researchers set a new world-record Internet speed

Researchers at University College London claim they’ve obtained a new top internet speed of 178Tbps – a fifth quicker than the prior record and fast enough to download the entire Netflix catalog in under a second, they say.To achieve that, the researchers used different bandwidth ranges than are typically used in commercial optical systems. Traditional fiber infrastructure uses bandwidth of 4.5THz with 9THz becoming more available commercially. In UCL experiments, the scientists used 16.8THz.[Get regularly scheduled insights by signing up for Network World newsletters.] To do this the researchers used a variety of amplifier technologies, customizing which ones they used for each wavelength to optimize its performance as measured by phase, brightness and polarization, according to a press statement put out by UCL. These customization packages are known as geometric signal constellations.To read this article in full, please click here

Researchers set a new world-record Internet speed

Researchers at University College London claim they’ve obtained a new top internet speed of 178Tbps – a fifth quicker than the prior record and fast enough to download the entire Netflix catalog in under a second, they say.To achieve that, the researchers used different bandwidth ranges than are typically used in commercial optical systems. Traditional fiber infrastructure uses bandwidth of 4.5THz with 9THz becoming more available commercially. In UCL experiments, the scientists used 16.8THz.[Get regularly scheduled insights by signing up for Network World newsletters.] To do this the researchers used a variety of amplifier technologies, customizing which ones they used for each wavelength to optimize its performance as measured by phase, brightness and polarization, according to a press statement put out by UCL. These customization packages are known as geometric signal constellations.To read this article in full, please click here

Build DSCP to ToS conversion table with Python

Contents

Introduction

In this post we're going to write Python program that generates DSCP to ToS conversion table while avoiding hardcoding values as much as possible. We will then save the final table to csv file with pre-defined column headers.

I got the idea for this blog article from the tweet posted the other day by Nick Russo. I thought it is an interesting problem to tackle as similar ones pop up all the time during early stages of Network Automation journey. What makes this challenge great is that it requires us to carry out tasks that apply to writing larger programs.

  • We need to understand the problem and possibly do some research.
  • We have to come up with plan of action.
  • We need to break down larger tasks into smaller pieces.
  • We need to implement all Continue reading

The Digital Divide May Be News, But It’s Not New

This opinion piece was originally published in Morning Consult.

Low-income Americans; Black, Hispanic and Native Americans; the elderly; Americans with a high school education or less; and rural Americans are much more likely to be on the wrong side of the digital divide. Ours remains a nation where too many people, often our most vulnerable citizens, are unconnected or under-connected.

The digital divide may have made the news during the COVID-19 pandemic, but it isn’t new.

For much of the past quarter-century, Washington policymakers have ignored the digital divide. In more recent years, some public officials, for political reasons, have identified the digital divide as primarily a rural issue, noting that approximately 5 million rural American households can’t access broadband networks. In reality, the number of rural households that can’t access broadband is dwarfed by the roughly 20 million American households that can’t afford Internet access, and that number almost certainly has increased as a result of the pandemic.

Today, Washington finally seems willing to engage in addressing the digital divide. What we need now are not the patchwork solutions of the past, but a thoughtful, fully funded, comprehensive effort to ensure broadband connectivity for all Americans.

My colleagues and Continue reading

Tech Bytes: UCT’s Global WAN Performance Sparkles With Silver Peak SD-WAN (Sponsored)

Today's Tech Bytes is a conversation with Silver Peak customer UCT about how it adopted SD-WAN to boost performance and minimize the downtime of critical business applications. With 21 sites in 8 countries, the company relies on its WAN to support in-house applications and manage the logistics of its global operations. Our guest is James Mccoll, Network Engineer at UCT.

Tech Bytes: UCT’s Global WAN Performance Sparkles With Silver Peak SD-WAN (Sponsored)

Today's Tech Bytes is a conversation with Silver Peak customer UCT about how it adopted SD-WAN to boost performance and minimize the downtime of critical business applications. With 21 sites in 8 countries, the company relies on its WAN to support in-house applications and manage the logistics of its global operations. Our guest is James Mccoll, Network Engineer at UCT.

The post Tech Bytes: UCT’s Global WAN Performance Sparkles With Silver Peak SD-WAN (Sponsored) appeared first on Packet Pushers.

Network Break 299: Cisco Acquires Audio Filter BabbleLabs; Apple Update Hits Facebook In The Ads

Today's Network Break shares listener follow-up, then dives into a new Cisco acquisition of an audio company; discusses how Facebook is responding to an Apple update that will hurt a part of Facebook's business; covers financial results from HPE, VMware, and Nutanix; and more tech news.

The post Network Break 299: Cisco Acquires Audio Filter BabbleLabs; Apple Update Hits Facebook In The Ads appeared first on Packet Pushers.

The Week in Internet News: U.S. Moves Closer to Banning Chinese Apps

Shopping for video: As U.S. President Donald Trump pushes for a ban of TikTok unless it’s sold by its Chinese owner, Walmart has joined Microsoft in a bid for the short-video sharing app, CNBC reports. TikTok is reportedly nearing an agreement to sell its U.S., Canadian, Australian, and New Zealand operations for $20 billion to $30 billion.

Boycotting an app ban: Another Chinese app that’s been targeted by Trump is WeChat, but the Chinese foreign ministry has suggested that consumers in the country could boycott Apple if the U.S. takes action against WeChat, The Straits Times says. Apple, as a large U.S. company, seems to be a convenient target for Chinese consumers.

An East/West split: As others have warned, an official with the U.K.’s National Cyber Security Centre has suggested that the Internet may split into a Western version and a Chinese-led Eastern version if Trump moves forward with a ban of Chinese apps, the Independent reports. A split could raise concerns about Western technology keeping up with the East, the official says.

Spy vs. hacker: New Zealand’s government has turned to its intelligence agency to thwart a sustained, multi-day cyberattack on the Continue reading

Century Link/Level 3 Outage is one of the biggest Internet Problem! 3.5% Drop in Global Internet Traffic

Century Link Outage

 

On August 30, 2020, Level 3/Century Link, AS 3356 had major Internet outage. In fact this outage effected massive amount of networks, including very well know ones such as Amazon, Microsoft, Twitter, Discord, Reddit etc.

3.5% Global Internet Traffic was dropped due to this outage and entire network converged after almost 7 hours. This is huge amount of time. When we usually discuss convergence, specifically fast convergence, ‘Seconds’ if not ‘ Milliseconds ‘ are the target values.

No one wants to have minutes level network convergence. But when there is an Outage like this, we categorize them as ‘ Catastrophic Failures’ and unfortunately network design usually doesn’t take this kind of failures into an account.

But could it be prevented?

In the first place, let’s understand that, this event, similar to many other catastrophic network events, started at a single location. (According to a CenturyLink status page, the issue originated from CenturyLink’s data center in Mississauga, a city near Ontario, Canada.)

But it spread over entire backbone of AS3356.

In fact, I remember on 2014, which we famously know as 512k incident happened because of this network (Level 3) as well and that event also caused Continue reading

Enhancing the Linux command line with aliases

Want to get work done a little faster, spend less time remembering commands and maybe even show your coworkers how clever you are? Easy. Set up several dozen bash aliases.Your days will get easier and a tad less stressful. You might even have some fun. In this post, we'll look at the various types of aliases that you can set up, and what you need to know to manage them.[Get regularly scheduled insights by signing up for Network World newsletters.] Why use aliases? Using aliases helps you to avoid having to type a lot of command details, especially those that are hard to remember or require a lengthy string of options that might have to be entered in some particular order before they'll spit out just the output that you're waiting to see.To read this article in full, please click here

Military looks to ultraviolet networks for secure battlefield communication

U.S. Army researchers are exploring the use of ultraviolet optical communications in battlefield situations because, under the right circumstances, the technology might support links that are undetectable to the enemy.One thing the researchers looked at was the effects of attenuation, the natural phenomenon of the signals getting weaker over distance. They wanted to know whether there was a distance range in which the signals were weak enough that adversaries likely couldn’t detect them, but still be strong enough that friendly receivers could. They say they observed that to be the case, but the research paper about their work doesn’t say what those distances are.To read this article in full, please click here

Pushing to Multiple Git Remotes

I am working on a project where I need to push to both a github and bitbucket repository as the project is stored in both of these locations. I do not have the ability to sync between the two using either github or bitbuckets built in tools. This post goes through the process of ...

Analysis of Today’s CenturyLink/Level(3) Outage

Analysis of Today's CenturyLink/Level(3) Outage

Today CenturyLink/Level(3), a major ISP and Internet bandwidth provider, experienced a significant outage that impacted some of Cloudflare’s customers as well as a significant number of other services and providers across the Internet. While we’re waiting for a post mortem from CenturyLink/Level(3), I wanted to write up the timeline of what we saw, how Cloudflare’s systems routed around the problem, why some of our customers were still impacted in spite of our mitigations, and what appears to be the likely root cause of the issue.

Increase In Errors

At 10:03 UTC our monitoring systems started to observe an increased number of errors reaching our customers’ origin servers. These show up as “522 Errors” and indicate that there is an issue connecting from Cloudflare’s network to wherever our customers’ applications are hosted.

Cloudflare is connected to CenturyLink/Level(3) among a large and diverse set of network providers. When we see an increase in errors from one network provider, our systems automatically attempt to reach customers’ applications across alternative providers. Given the number of providers we have access to, we are generally able to continue to route traffic even when one provider has an issue.

Analysis of Today's CenturyLink/Level(3) Outage
The diverse set of network providers Cloudflare connects Continue reading