Archive

Category Archives for "Networking"

VMware Automates Maestro, Grabs DT for vRAN

The vendor's boldly named Project Maestro is now on the market under the more strait-laced VMware...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Juniper EVPN BGP options – eBGP-only design

In another part of his never-ending EVPN/BGP saga Ivan Pepelnjak argued with Juniper fanboys once again about sanity of iBGP-over-eBGP and eBGP-over-eBGP designs and all that fun stuff. I’ve already written my opinion about that topic in my previous post and numerous comments to Ivan’s posts (TL;DR: iBGP-over-eBGP design has its advantages, just implement it wisely – don’t place RR on spine switches).

But there is one thing that worries me. In almost every one of his posts Ivan talks about some mythical Junos limitations that don’t allow Juniper to support eBGP only (over single session) design. So let’s find out what these limitaions are.

Juniper has freely available version of vQFX for Vagrant. There are a few lab topologies available on GitHub. I will be using full-2qfx-4srv-evpnvxlan topology in this post.

This topology comes with Ansible playbook that configures vQFX switches with iBGP-over-OSPF EVPN. Standard Juniper configuration, just for reference:

protocols {
     ospf {
         area 0.0.0.0 {
             interface lo0.0 {
                 passive;
             }
          Continue reading

YAML

Yaml- YAML Ain’t markup langauge

The devices need a standard  protocol to communicate between each other , similarly there  is requirement of specific standard data format to communicate between application .YAML is one of the data format and is best known to be human friendly  means it’s easier to understand and write  for human compare to other well know data format such as JSON and XML

YAML document starts with 3 hyphen ‘—‘ at top ,it indicate beginning of YAML  document .

We can have mix data types in YAML, let’s see with an yaml example

ex1_ya.yaml

---
IOS: CISCO
JNOS: JUNIPER
CISCO:
  - Router
  - 7600
  - True
  - ['interface','ip address']

 First and second item i.e IOS: CISCO  and JNOS: JUNIPER is dictionary where ‘IOS’ and ‘JNOS’ is key and ‘CISCO’ and ‘JUNIPER’ is respective values

Third Item too is dictionary which comprises of list having different data type as below:

    ‘Router’ is string type.

     ‘7600’  is integer type

    ‘True’ is Boolean type

    Fourth item [‘interface’,’ip address’] is list  containing strings

Working with YAML using Python

The first and foremost thing to use YAML is to install PyYAML  , it’s  a YAML parser .

anurudh@anurudh:~/newfolder$  Continue reading

APRICOT 2020: Routing Security Takes Center Stage

More than 600 of the world’s leading Internet engineers from 60 economies gathered last week at APRICOT, and it was encouraging to see routing security take center stage in the largest meeting of the technical community in the region.

The Internet Society is a long-time partner of the annual event, also called the Asia Pacific Regional Internet Conference on Operational Technologies, and this year we held two community gatherings, spoke in several sessions, and ran a booth throughout the conference.

The ten-day meeting consisted of workshops, tutorials, conference sessions, birds-of-a-feather sessions, and peering forums from 12-21 February in Melbourne, Australia. This year marked the 25th anniversary of APRICOT, and it was good to recognize how the event has grown over time and contributed to technical capacity building in the region. It also gave me the chance to reflect on my own participation in the event over the years, including from when I was in the private sector prior to my current role.

One of the things Internet builders get together for at APRICOT is to share the technical knowledge needed to run and expand the Internet securely. So it was a great opportunity to bring attention to the Mutually Continue reading

The Russians Are Coming for Your Network

Once Russian state-sponsored groups compromise just one machine, they can move laterally to other...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Cisco SD-WAN Accelerates Toward FedRAMP Authorization

The networking giant needs FedRAMP authorization before it can begin deploying its SD-WAN offerings...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Day Two Cloud 037: NetApp – The Cloud Data Services Company (Sponsored)

In today's sponsored Day Two Cloud podcast, we talk with NetApp, the storage company that's embracing the cloud. While most people associate NetApp with storage arrays, the company has brought cloud automation principles to its portfolio to make daily operations easier, and has a panoply of products and services to manage your data on premises and in the cloud. Our guest is Nick Howell, Global Field CTO for Cloud Data Services.

Day Two Cloud 037: NetApp – The Cloud Data Services Company (Sponsored)

In today's sponsored Day Two Cloud podcast, we talk with NetApp, the storage company that's embracing the cloud. While most people associate NetApp with storage arrays, the company has brought cloud automation principles to its portfolio to make daily operations easier, and has a panoply of products and services to manage your data on premises and in the cloud. Our guest is Nick Howell, Global Field CTO for Cloud Data Services.

The post Day Two Cloud 037: NetApp – The Cloud Data Services Company (Sponsored) appeared first on Packet Pushers.

Introducing Secrets and Environment Variables to Cloudflare Workers

Introducing Secrets and Environment  Variables to Cloudflare Workers
Introducing Secrets and Environment  Variables to Cloudflare Workers

The Workers team here at Cloudflare has been hard at work shipping a bunch of new features in the last year and we’ve seen some amazing things built with the tools we’ve provided. However, as my uncle once said, with great serverless platform growth comes great responsibility.

One of the ways we can help is by ensuring that deploying and maintaining your Workers scripts is a low risk endeavor. Rotating a set of API keys shouldn’t require risking downtime through code edits and redeployments and in some cases it may not make sense for the developer writing the script to know the actual API key value at all. To help tackle this problem, we’re releasing Secrets and Environment Variables to the Wrangler CLI and Workers Dashboard.

Supporting secrets

As we started to design support for secrets in Workers we had a sense that this was already a big concern for a lot of our users but we wanted to learn about all of the use cases to ensure we were building the right thing. We headed to the community forums, twitter, and the inbox of Louis Grace, business development representative extraordinaire, for some anecdotes about Secrets usage. We also sent Continue reading

Impact of Cache Locality

Impact of Cache Locality
Impact of Cache Locality

In the past, we didn't have the opportunity to evaluate as many CPUs as we do today. The hardware ecosystem was simple – Intel had consistently delivered industry leading processors. Other vendors could not compete with them on both performance and cost. Recently it all changed: AMD has been challenging the status quo with their 2nd Gen EPYC processors.

This is not the first time that Intel has been challenged; previously there was Qualcomm, and we worked with AMD and considered their 1st Gen EPYC processors and based on the original Zen architecture, but ultimately, Intel prevailed. AMD did not give up and unveiled their 2nd Gen EPYC processors codenamed Rome based on the latest Zen 2 architecture.

This made many improvements over its predecessors. Improvements include a die shrink from 14nm to 7nm, a doubling of the top end core count from 32 to 64, and a larger L3 cache size. Let’s emphasize again on the size of that L3 cache, which is 32 MiB L3 cache per Core Complex Die (CCD).

This time around, we have taken steps to Continue reading

The Myth of Scaling From On-Premises Data Center into a Public Cloud

Every now and then someone tries to justify the “wisdom” of migrating VMs from on-premises data center into a public cloud (without renumbering them) with the idea of “scaling out into the public cloud” aka “cloud bursting”. My usual response: this is another vendor marketing myth that works only in PowerPoint.

To be honest, that statement is too harsh. You can easily scale your application into a public cloud assuming that:

Read more ...

The Myth of Scaling From On-Premises Data Center into a Public Cloud

Every now and then someone tries to justify the “wisdom” of migrating VMs from on-premises data center into a public cloud (without renumbering them) with the idea of “scaling out into the public cloud” aka “cloud bursting”. My usual response: this is another vendor marketing myth that works only in PowerPoint.

To be honest, that statement is too harsh. You can easily scale your application into a public cloud assuming that:

NTT Fuels Academic Research Into Security

One of the near-term goals is to make cryptography more robust and ready for a post-quantum...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

McAfee Gets SASE, Buys Light Point Security

McAfee plans to integrate Light Point Security’s browser isolation technology into its secure web...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Cisco Certifications changes: a short summary

Unless you’ve been living in a cave during the last nine months, specifically since Cisco Live US 2019, you should know that last Monday, February 24th, was the D-day for big changes in Cisco certifications. Here is a short summary of the major changes and what to remember about them. Changes on current certifications Associate level The various CCNA certifications have been consolidated to only one now. And the CCDA also disappears. Remaining certs at associate level are: CCNA DevNet Associate (I will talk about DevNet certs more in details…

The post Cisco Certifications changes: a short summary appeared first on AboutNetworks.net.

Ostinato – Packet Generator – Test your broadcast and mitigation strategies

I used ostinato long before when it was in early stages probably, at that point I never had any real need to use a packet generator as the place I was working was already equipped with IXIA and Spirant best in Class Packet generators.

https://ostinato.org/ – is the link

Whats the use case – Well I wanted to test LSP loadbalancing and also specific scenario of BUM traffic and how well it can be contained lets say in Switching level QFX and also VPLS level

Its doing a good job, though it started as open source, author now sells it with some minimal fee to keep up with the development costs.

You could also use scapy and i wrote a small program to do this , problem is scapy sorts of waits for some of the responses and i have not yet figured out what needs to be solved there

Testing Ostinato on QFX and its really good so far. Storm control got in and stopped transmitting any packets through the interface.

At the end, this is a nice to have tool for any sort of packet crafting and limited scale testing for proof of concept scenarios.

-Rakesh

Kernel of Truth season 3 episode 2: OCP Summit 2020

Subscribe to Kernel of Truth on iTunes, Google Play, SpotifyCast Box and Sticher!

Click here for our previous episode.

Early March is a busy time here at Cumulus Networks and part of the reason is the Open Compute Project Summit. Kernel of Truth hosts Brian O’Sullivan and Roopa Prabhu are joined by Scott Emery, project lead at OCP. First thing the group covers— what is OCP? The conversation continues into what’s happening in the OCP community, what you can expect at the conference and more.

Guest Bios

Brian O’Sullivan: Brian currently heads Product Management for Cumulus Linux. For 15 or so years he’s held software Product Management positions at Juniper Networks as well as other smaller companies. Once he saw the change that was happening in the networking space, he decided to join Cumulus Networks to be a part of the open networking innovation. When not working, Brian is a voracious reader and has held a variety of jobs, including bartending in three countries and working as an extra in a German soap opera. You can find him on Twitter at @bosullivan00.

Roopa Prabhu: Roopa is Director of Engineering, Linux software at Cumulus Networks. At Cumulus Continue reading

Daily Roundup: Google Loves Intel’s Security Transparency

Google showed love for Intel’s security transparency; VMware gained an extra boost with cloud...

Read More »

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.