0

Introducing the Calico eBPF Dataplane

eBPF is a hot topic right now; most of the infrastructure-focused conferences and events have included talks on eBPF over the past year, which is creating a lot of interest in the technology.

You might be wondering what eBPF is. eBPF stands for “extended Berkeley Packet Filter” which is a feature in modern Linux kernels that allows you to write mini-programs that are attached to low-level hooks in the Linux kernel, that execute based on certain events (e.g. filtering network traffic). While Calico is primarily focused on networking and security use cases, eBPF is a broad technology that applies to many other use cases as well.

We’ve always been tracking eBPF and it’s potential to enhance Calico, however, most users have not been ready for it. Improving on Calico’s already excellent dataplane using eBPF requires the latest Linux kernels, that are not always available to our enterprise customers that require a vendor-supported Linux distribution to run in production. Nevertheless, we decided to add an eBPF dataplane to support those users that are able to use the latest Linux kernels, as well as provide a future-proofed path for those who will wait until their vendor-supported Linux distributions will support the Continue reading

0

Daily Roundup: Cisco Links Rakuten Mobile

Cisco paved Rakuten's virtual roaming road; VMware bolstered its hybrid cloud with Kubernetes...

Read More »

0

Omdia SD-WAN Report: Fuel to VMware, Cisco Fire?

VMware continues to lead the worldwide SD-WAN market by revenue, followed by Cisco and Fortinet,...

Read More »

0

Arm Joins O-RAN Alliance in 5G Infrastructure Push

Joining the alliance will speed Arm's mission to develop open, interoperable, and cloud-native...

Read More »

0

The Network Impact of the Global COVID-19 Pandemic

With so many countries in lockdown and so many people working (and learning) from home, online usage has risen significantly but so far, the internet is holding up well. Internet traffic is generally to 25% to 30% higher than usual, and what we do online is also changing. Internet usage often increases goes up in a typical month; for Akamai that’s usually 3% growth, in the last month it’s been 30%. In March 2019 their peak traffic was 82Tbps; this March it was 167Tbps and the sustained daily traffic rate is higher than last year’s peak for March. Internet exchanges in Amsterdam, Frankfurt and London saw 10-20% increases in traffic around March 9th, which the exchange in Milan had a 40% increase the day Italy was quarantined. Disturbingly, attacks are up too: Akamai Cloudflare tracks varies by city; it’s only up 11% in Berlin and 22% in London between early January and late March (and 17% up for the UK as whole), but it’s grown by 40% in New York and 48% in San Francisco and Silicon Continue reading

0

Cisco Paves Rakuten’s Virtual Roaming Road

That road uses a signaling interface to allow 4G LTE customers to continue data sessions between...

Read More »

0

AMD Chips Give Clouds, Data Centers EPYC Power

IBM Cloud, Microsoft, Dell Technologies, HPE, VMware, Nutanix, Lenovo, and Supermicro platforms...

Read More »

0

Over 300 ISPs Now Improving Routing Security with MANRS

Today, we’re proud to announce another milestone: the number of network operators that commit to the Mutually Agreed Norms for Routing Security (MANRS) has surpassed 300.

The current number of network operator program participants stands at 322. These Internet Service Providers (ISPs) joined the initiative by showing their conformance with the actions to improve the resilience and security of the Internet’s routing infrastructure.

Launched in 2014 with a group of nine operators, the number of MANRS participants reached 100 in 2018 and has risen rapidly in the last two years, with 156 joining in 2019 alone, and 45 so far in 2020.

This includes operators in more than 60 countries across all continents; with Brazil leading the way with nearly 70 MANRS participants, followed by the US with nearly 50.

According to BGPStream, the number of reported routing incidents was on the decrease from 2017 to 2019 (see chart below), while the number of MANRS participants grew in the period. While this does not mean one caused the other, a correlation between the two can be observed.

The MANRS community has grown rapidly through its other programs, too. In 2018, the initiative expanded to include Internet Exchange Providers (IXPs), which Continue reading

0

VMware Tanzu Gains Features, Availability

The updates include application and infrastructure additions designed to ease operations in a...

Read More »

0

VMware Boosts Hybrid-Cloud Visibility, Management

Some of the new features include better public cloud cost comparisons via integration with...

Read More »

0

Cisco $2.5B Financing Initiative Targets COVID-19 Impact

The Business Resiliency Program aims to provide organizations economically impacted by the pandemic...

Read More »

0

Comparing HTTP/3 vs. HTTP/2 Performance

We announced support for HTTP/3, the successor to HTTP/2 during Cloudflare’s birthday week last year. Our goal is and has always been to help build a better Internet. Collaborating on standards is a big part of that, and we're very fortunate to do that here.

Even though HTTP/3 is still in draft status, we've seen a lot of interest from our users. So far, over 113,000 zones have activated HTTP/3 and, if you are using an experimental browser those zones can be accessed using the new protocol! It's been great seeing so many people enable HTTP/3: having real websites accessible through HTTP/3 means browsers have more diverse properties to test against.

When we launched support for HTTP/3, we did so in partnership with Google, who simultaneously launched experimental support in Google Chrome. Since then, we've seen more browsers add experimental support: Firefox to their nightly builds, other Chromium-based browsers such as Opera and Microsoft Edge through the underlying Chrome browser engine, and Safari via their technology preview. We closely follow these developments and partner wherever we can help; having a large network with many sites that have HTTP/3 enabled gives browser implementers an excellent testbed against which to Continue reading

0

Response: Next-Hop and VTEP Reachability in EVPN Networks

Jeff Tantsura published a great response to my Can We Trust BGP Next Hops blog post on LinkedIn, and I asked him for permission to save it in a more permanent form. Here it is (slightly edited)…

---

I’d like to bring back EVPN context. The discussion is more nuanced, the common non-arguable logic here - reachability != functionality.

0

Daily Roundup: VMware Patches Critical Bug

VMware patched a critical bug; Ericsson scored a 5G win with Nex-Tech Wireless deal; and...

Read More »

0

Tech Bytes: Improving QoE With Silver Peak SD-WAN (Sponsored)

Our sponsor today is Silver Peak, and we’re talking about how to improve QoE using SD-WAN with their customer C&S Wholesale Grocers, the largest wholesale grocer in the United States. Our guest is Leonard Bernstein, Senior Director of Infrastructure and Service Delivery.

The post Tech Bytes: Improving QoE With Silver Peak SD-WAN (Sponsored) appeared first on Packet Pushers.

0

Tech Bytes: Improving QoE With Silver Peak SD-WAN (Sponsored)

Our sponsor today is Silver Peak, and we’re talking about how to improve QoE using SD-WAN with their customer C&S Wholesale Grocers, the largest wholesale grocer in the United States. Our guest is Leonard Bernstein, Senior Director of Infrastructure and Service Delivery.

0

Cloudflare for SSH, RDP and Minecraft

Almost exactly two years ago, we launched Cloudflare Spectrum for our Enterprise customers. Today, we’re thrilled to extend DDoS protection and traffic acceleration with Spectrum for SSH, RDP, and Minecraft to our Pro and Business plan customers.

When we think of Cloudflare, a lot of the time we think about protecting and improving the performance of websites. But the Internet is so much more, ranging from gaming, to managing servers, to cryptocurrencies. How do we make sure these applications are secure and performant?

With Spectrum, you can put Cloudflare in front of your SSH, RDP and Minecraft services, protecting them from DDoS attacks and improving network performance. This allows you to protect the management of your servers, not just your website. Better yet, by leveraging the Cloudflare network you also get increased reliability and increased performance: lower latency!

Remote access to servers

While access to websites from home is incredibly important, being able to remotely manage your servers can be equally critical. Losing access to your infrastructure can be disastrous: people need to know their infrastructure is safe and connectivity is good and performant. Usually, server management is done through SSH (Linux or Unix based servers) and RDP (Windows based Continue reading

0

Network Break 279: Cisco Acquires Fluidmesh; VMware NSX 3.0; MS Events Virtual Until July 2021

Take a Network Break! Grab a virtual donut, sit back and relax, and take a journey with us through Elysian fields of tech news analysis. We’ve got stories today on Cisco, VMware, a new PCAP appliance, a Tech Byte from sponsor Silver Peak with their SD-WAN customer C&S Wholesalers, and more.

0

Network Break 279: Cisco Acquires Fluidmesh; VMware NSX 3.0; MS Events Virtual Until July 2021

Take a Network Break! Grab a virtual donut, sit back and relax, and take a journey with us through Elysian fields of tech news analysis. We’ve got stories today on Cisco, VMware, a new PCAP appliance, a Tech Byte from sponsor Silver Peak with their SD-WAN customer C&S Wholesalers, and more.

The post Network Break 279: Cisco Acquires Fluidmesh; VMware NSX 3.0; MS Events Virtual Until July 2021 appeared first on Packet Pushers.

0

Capex vs Opex – Hidden complexity by making an unmanageable network

Many networking solutions purport great Opex savings through automation, simulation and continuous integration. Similarly, there is a school of thought where network designs will have a single point in a network perform multiple roles. This will short change an initial Capex cost of purchasing additional switches with the intention of overlapping features on that single device.

Let’s take the simplest example. We have a 3 rack environment with dual-leaf per rack and 2 spines for inter-rack connectivity. In this design, we are leveraging VXLAN as the data plane overlay with BGP/EVPN as the control plane. Additionally, all 3 racks are compute, leaving no additional leafs to act as the service/border/exit leafs.

A network designer will look at the infrastructure and try to overlap features by repurposing the spines as exit leafs. Why will they think this way, you ask? Well, this is only an 8 switch design. Spending money on an additional 2 switches to act as dedicated border leafs uplifts my capex cost by 25 percent! I would then be required to buy 10 total switches instead of 8.

So instead, we end up overlaying the VXLAN onto the spines. So now the spines act as both interconnections between Continue reading