Archive

Category Archives for "Networking"

Network Break 284: Dell Technologies Announces SONiC Distro; Microsoft Acquires Metaswitch Networks

Today's Network Break asks if enterprises want a supported SONiC network OS, Microsoft acquires Metaswitch Networks, VMware buys Kubernetes security platform Octarine, Cisco announces quarterly results, and more tech news.

The post Network Break 284: Dell Technologies Announces SONiC Distro; Microsoft Acquires Metaswitch Networks appeared first on Packet Pushers.

The Week in Internet News: COVID-19 Tracing Creates Opportunities, Raises Concerns

Electronic doorman: In many restaurants, offices, and other locations in China, visitors must now show their COVID-19 risk status through a phone app before they are allowed entry, reports Agence-France Presse on Yahoo News. “A green light lets you in anywhere. A yellow light could send you into home confinement. The dreaded red light throws a person into a strict two-week quarantine at a hotel.” This use of contact tracing is raising privacy alarms in other countries.

Conflicting apps: Meanwhile, the Australian government’s new COVID-19 tracing app may interfere with Bluetooth-connected medical devices, including those used by people with diabetes, the Sydney Morning Herald reports.  Diabetes Australia has warned users of continuous glucose monitoring apps that there may be connection problems.

Keeping track of yourself: In Japan, a 16-year-old student has designed an app that allows users to keep track of their whereabouts on their mobile phones, to help with contact tracing, The Associated Press reports on Japan Times. If a user is diagnosed with COVID-19, the Asiato app can tell them where they’ve been in recent weeks. This allows users to reach out to people they may have infected or to inform health authorities.

A digital human touch: Continue reading

DeepLinks and ScrollAnchor

DeepLinks and ScrollAnchor

To directly quote Wikipedia:

“Deep linking is the use of a hyperlink that links to a specific, generally searchable or indexed, piece of web content on a website (e.g. http://example.com/path/page), rather than the website's home page (e.g., http://example.com). The URL contains all the information needed to point to a particular item.”

There are many user experiences in Cloudflare’s Dashboard that are enhanced by the use of deep linking, such as:

  • We’re able to direct users from marketing pages directly into the Dashboard so they can interact with new/changed features.
  • Troubleshooting docs can have clearer, more intently directions. e.g. “Enable SSL encryption here” vs “Log into the Dashboard, choose your account and zone, navigate to the security tab, change SSL encryption level, blah blah blah”.

One of the interesting challenges with deep linking in the Dashboard is that most interesting resources are “locked” behind the context of an account and a zone/domain/website. To illustrate this, look at a tree of possible URL paths into Cloudflare’s Dashboard:

dash.cloudflare.com/ -> root-level resources: login, sign-up, forgot-password, two-factor

dash.cloudflare.com/<accountId>/ -> account-level resources: analytics, workers,  Continue reading

Intent-Based Networking: Another Victim of Sturgeon’s Law

A few days ago Greg Ferro published an interesting post claiming DHCP is an example of intent-based networking (a bit less tongue-in-cheek than my “so is OSPF configuration” rant from 2017). BTW, so is RADIUS or TACACS+ ;)

He got quickly “corrected” by Phil Gervasi who loosely relied on Gartner’s definition of Intent-Based Networking, and claimed that an intent-based networking system should have three major components:

GNMI. Part 2. Decoding Protobuf messages with Python.

Hello my friend,

In the previous blogpost we started the discussion about the gNMI/Protobof approach to network automation by creating the Protobuf message. Today we continue it showing read the Protobuf messages.


1
2
3
4
5
No part of this blogpost could be reproduced, stored in a
retrieval system, or transmitted in any form or by any
means, electronic, mechanical or photocopying, recording,
or otherwise, for commercial purposes without the
prior permission of the author.

Network automation training – self-paced and live online

Network automation is a must-have technology set in all the industries these days. It is no more the matter of innovation, it is a matter of normal business operation. And we are happy to help you and your company with automation by providing the necessary holistic knowledge, skills and tools to make your automation journey successful:

At this training we teach you all the necessary concepts such as YANG data modelling, working with JSON/YAML/XML/Protobuf data formats, Linux administration basics, programming in Bash/Ansible/Python for multiple network operation systems including Cisco IOS XR, Nokia SR OS, Arista EOS and Cumulus Linux. All the most useful things such as NETCONF/RESTCONF, REST API, gNMI, OpenConfig and many others. Don’t miss Continue reading

Colorization of RFC 2992(Analysis of an ECMP Algorithm)

Motivation

I recently observed a conversation around ECMP/Hash buckets which made me realize on how the end to end concept is not very well understood. So this provided me enough motivation to write about this topic which will be covered in various upcoming blog posts. But while thinking about the subject, I ran into an interesting RFC RFC2992. This RFC goes through a simple mathematical proof which I found impressive due to the fact that someone wrote that in ASCII in 2000. My intent in this blog post is to provide some colorization to the RFC and perhaps cover a bit more in detail.

Introduction

In the RFC, the focus is on Hash-threshold implementation for mapping hash values to the next-hop. To re-iterate for completeness sake, we all know that a router computes a hash key based on certain fields, like SRC IP, DST IP, SRC Port, DST Port by performing a hash (CRC16, CRC32, XOR16, XOR32 etc.). This hash gets mapped to a region and the next-hop assigned to that region is where the flow get’s assigned.

For example,assume that we have 5-next hops to choose from and we have a key space which is 40 bits wide. Continue reading

SONiC and White Box switches in the Enterprise DC! – Part 3

After discussing the architecture of our design during part 1, and the underlay configuration during part 2, today i’ll show how the overlay it’s configured and hopefully we will be able to draw our conclusions to the question: Are SONiC and White Box switches ready to be used in the enterprise DC?

Our two servers will be connected with LACP and trunk interfaces. 1 VLAN will be bridged (no SVI) and both servers will have an interface into such vlan so that layer 2 can be tested.
Other 2 vlans instead will each be configured on a different pair of switches together with an SVI so that Layer 3 symmetric IRB can be tested.

VRF Configuration

First of all, let’s create a VRF. This vrf requires an VLAN and a Layer 3 VNI for symmetric IRB to function. Configuration is really simple, but a small caveat must be overlooked, specifically every vrf must contain the prefix Vrf- in the name.

From a configuration point of view, we have to follow the usual steps:

  1. Create a VRF
  2. Create a Vlan and allow it to the peer-link port channel
  3. Create a SVI interface and assign it to the VRF itself
  4. Continue reading

Wireguard Server and QR Code scan in the mobile app – It’s that simple to set-up a VPN

Fancy a VPN build in under 10 minutes? , there are many vendors outside who offer mobile App and connectivity all through the world, most of the times ofcourse they under perform. Be it for beating Apps which impose Geographical restrictions etc.

What is wireguard ?

https://www.wireguard.com/ – you can read all about it

Why do you need it ?

Simple and easy to build your own VPN service plus Pay as you Go by turning off the cloud instance and Wire-guard has some cutting edge encryption at the software level, which makes it performs better even in cloud instances.

Do i need to Install anything?

All you need is to run a docker image.

https://hub.docker.com/r/linuxserver/wireguard – and you will have all install instructions

Ok i have installed whats Next?

Get your Mobile App, and scan the QR code generated by the system.

Next ?

Nothing, download the app and you are good to by scanning this and you are on your way to your own VPN

How do i verify my traffic stats ?

Log into docker and execute wg, all stats will be readily available

-Rakesh

Heavy Networking 517: DriveNets Disaggregates SP And Cloud Networks To Boost Capacity, Control Costs(Sponsored)

Heavy Networking gets nerdy about disaggregation with sponsor DriveNets. The company's Network Cloud routing software runs on whitebox hardware and enables service providers and telcos to quickly scale capacity, control capital outlay, and support automation. Our guests are Amir Krayden, VP R&D Customers; and Yuval Moshe, VP of Products.

The post Heavy Networking 517: DriveNets Disaggregates SP And Cloud Networks To Boost Capacity, Control Costs(Sponsored) appeared first on Packet Pushers.

Heavy Networking 517: DriveNets Disaggregates SP And Cloud Networks To Boost Capacity, Control Costs(Sponsored)

Heavy Networking gets nerdy about disaggregation with sponsor DriveNets. The company's Network Cloud routing software runs on whitebox hardware and enables service providers and telcos to quickly scale capacity, control capital outlay, and support automation. Our guests are Amir Krayden, VP R&D Customers; and Yuval Moshe, VP of Products.

Anthology Product Marketing

I’m a storyteller. I realize this based on the fact that I tell them a lot. I’ve been told by a lot of people that I tell stories all the time. I’m okay with this. And a lot of the time I’m totally good at it. But one of the side effects of being someone that enjoys telling stories is that you recognize them in others and you start critiquing.

One of the more recent trends I’ve seen in product marketing revolves around stories. We’ve seen people telling all kinds of narratives about how disparate pieces of the puzzle fit together. It’s important because it frames the discussion for everyone. But I’ve also noticed some companies focus less on the framing story and more on the pieces. And it made me realize that’s a different kind of story.

Pieces and Parts

Merriam-Webster defines an anthology as a collection of selected literary pieces or passages or works of art or music. When I think of an anthology movie or video series, I think of a collection of disconnected stories around a framing device. Sometimes that device is as tenuous as a shared narrator, such as the Twilight Zone or Tales from Continue reading

BIER – Bit Indexed Explicit Replication

BIER is Bit Indexed Explicit Replication which is a newest proposal for IP Multicast.

Although I say IP Multicast, of course it works on MPLS networks as well.

BIER works by assigning every edge device a Bit Mask position. Then, instead of sending Multicast packet to each destination IP address (Receiver IP address), basically it sets the Bit positions and save the amount of data plane state.

It uses Unicast transport as underlay reachability, and Bit Mask is advertised through IGP control plane.

So, OSPF and IS-IS newly assigned TLVs handle the BitMask to Edge device (BFER – Bit Forwarding Edge Router in BIER terminology) assignment and distribution.

It is in theory can be used not only for multicast but also for Unicast traffic as well.

When we use it, we don’t need to have mLDP, RSVP P2MP LSPs, or PIM in the Core Network (Of course at the Edge, you can still have towards the customer in mVPN scenarios).

So basically, by removing those protocols from the network, in theory, simpler network design you should have. I am saying in theory, because having less protocol doesn’t always mean, having simpler design.

Because we would be throwing the complexity to Continue reading

For Tribal Lands Ravaged by COVID-19, Broadband Access Is a Matter of Life and Death

This opinion piece was originally published in Arizona Central.

If anyone doubted the importance of the Internet before the COVID-19 pandemic, those doubts have vanished like toilet paper at Kroger. During this time, the Internet has proved to be a lifeline, delivering the latest coronavirus health and emergency updates, connecting people to coworkers and bosses, and facilitating online classes.

But this is only the case for those lucky enough to have access. The American Library Association says seven in 10 residents on rural tribal lands remain without access to fixed high-capacity broadband. Making matters worse, massive swaths of tribal land don’t even have a cellphone signal, much less a broadband Internet connection.

No Internet access means no access to the economic opportunities the Internet holds. In 2018 alone, the Internet sector accounted for $2.1 trillion of the U.S. economy. But during this pandemic, many residents of rural Indian Country don’t have the luxury of dreaming up online business plans.

They are instead fearful for their lives and the lives of their loved ones who lack access to solutions like telehealth or online counseling during this time of isolation.

A lack of access leaves us behind

The Internet was always Continue reading