Database and cloud orchestration specialists seem to agree, as Atos extends work with Google Cloud...
This is a short placeholder blog and will be replaced with a full post-mortem and disclosure of what happened today.
For about 30 minutes today, visitors to Cloudflare sites received 502 errors caused by a massive spike in CPU utilization on our network. This CPU spike was caused by a bad software deploy that was rolled back. Once rolled back the service returned to normal operation and all domains using Cloudflare returned to normal traffic levels.
This was not an attack (as some have speculated) and we are incredibly sorry that this incident occurred. Internal teams are meeting as I write performing a full post-mortem to understand how this occurred and how we prevent this from ever occurring again.
Starting at 1342 UTC today we experienced a global outage across our network that resulted in visitors to Cloudflare-proxied domains being shown 502 errors (“Bad Gateway”). The cause of this outage was deployment of a single misconfigured rule within the Cloudflare Web Application Firewall (WAF) during a routine deployment of new Cloudflare WAF Managed rules.
The intent of these new rules was to improve the blocking of inline JavaScript that is used in attacks. These rules were Continue reading
This is a short placeholder blog and will be replaced with a full post-mortem and disclosure of what happened today.
For about 30 minutes today, visitors to Cloudflare sites received 502 errors caused by a massive spike in CPU utilization on our network. This CPU spike was caused by a bad software deploy that was rolled back. Once rolled back the service returned to normal operation and all domains using Cloudflare returned to normal traffic levels.
This was not an attack (as some have speculated) and we are incredibly sorry that this incident occurred. Internal teams are meeting as I write performing a full post-mortem to understand how this occurred and how we prevent this from ever occurring again.
Starting at 1342 UTC today we experienced a global outage across our network that resulted in visitors to Cloudflare-proxied domains being shown 502 errors (“Bad Gateway”). The cause of this outage was deployment of a single misconfigured rule within the Cloudflare Web Application Firewall (WAF) during a routine deployment of new Cloudflare WAF Managed rules.
The intent of these new rules was to improve the blocking of inline JavaScript that is used in attacks. These rules were Continue reading
It’s been a little over a year since the European Union’s General Data Protection Regulation (GDPR) was implemented, but almost immediately, people noticed its impact. First, there was the flurry of emails seeking users’ consent to the collection and use of their data. Since then, there’s also been an increase in the number of sites that invite the user to consent to tracking by clicking “Yes to everything,” or to reject them by going through a laborious process of clicking “No” for each individual category. (Though some non-EU sites simply broadcast “if we think you’re visiting from the EU, we can’t let you access our content.”) There was also the headline-grabbing €50 million fine imposed on Google by the French supervisory authority.
In its summary of the year, the EU Data Protection Board (EDPB) reported an increase in the number of complaints received under GDPR, compared to the previous year, and a “perceived rise in awareness about data protection rights among individuals.” Users are more informed and want more control over the collection and use of their personal data.
They’re probably irritated by the current crop of consent panels, and either ignore, bypass, or click through them Continue reading
Isaac Asimov used the term ‘cerebration session’ : It seems to me then that the purpose of cerebration sessions is not to think up new ideas but to educate the participants in facts and fact-combinations, in theories and vagrant thoughts. Source Most people would know this as brain storming but you can impress managers and […]
The post Dictionary: Cerebration Session appeared first on EtherealMind.
The interconnection giant has been looking for a partner to help finance these hyperscale...
Over the last decade there has been a gradual, continuous shift of enterprise software applications away from the data center and towards one or multiple public clouds. As more and more applications are built natively in public clouds like AWS or Azure, the management of networking and security for those workloads becomes more complex: each cloud has its own set of unique constructs that must be managed independently of those in the data center.
What if there was a way to unify all of those workloads under one consistent networking fabric that can manage one standard set of networking and security policies across both on-premises and public clouds? This is where VMware NSX Cloud comes in.
Designed specifically for public-cloud-native workloads, NSX Cloud extends VMware NSX software-defined networking and security from the data center to multiple public clouds, enabling consistent policy management from a single NSX interface.
To explain what NSX Cloud is and how it can deliver consistent hybrid networking and security for you, we asked our product manager Shiva Somasundaram to recored a three-part lightboard video series.
Shiva gives a high-level overview of what NSX Cloud is and how Continue reading
Bad route: A small routing error led to Internet outages in the Northeastern United States on June 24, Inc.com reports. Small network services provider DQE Communications shared inaccurate routing information with Verizon, which then passed it along to the wider network. Internet services were flaky for about two hours, with Verizon Fios phone and Internet services in Virginia, Massachusetts, New York, New Jersey, Pennsylvania, and other states affected, the Washington Post said. Server issues also affected Reddit, Twitch, and video gaming service Discord.
Attacking encryption? U.S. President Donald Trump’s National Security Council recently discussed ways to prohibit companies from offering customers unbreakable encryption, Politico reports. Officials debated whether to ask Congress to effectively outlaw end-to-end encryption, according to anonymous sources.
Embrace the dark side: Government entities looking to improve Internet speeds in their areas should consider dark fiber when it’s available, advises AmericanCityandCounty.com. Switching to dark fiber can offer both performance improvement and cost savings, but the transition can demand a major overhaul.
Service restored, for one guy: Sudan’s three-week Internet shutdown keeps going, except for one lawyer, who won a lawsuit against telecom operator Zain Sudan over the blackout ordered by the country’s military rulers, the Continue reading
Extreme Networks spends approx. $227 million to buy Aerohive Networks to add a cloud-managed WLAN to its portfolio, a route leak resulted in cascading failures on June 24th, Oracle will retire Dyn managed DNS services, Mist Systems rolls out a new 11ax AP, and more tech news on today's Network Break podcast.
The post Network Break 241: Extreme Buys Aerohive; Sloppy BGP Plumbing Causes Route Leak appeared first on Packet Pushers.
Week of 24th June 2019 was interesting. We had #ferrogate which made a lot of network engineers very unhappy and also an ongoing social media thread on code comments. For this discussion, I’m going with the title of "leaving comments in code expressed artefacts" because code represents more than writing software. I feel quite passionately about this having been on the raw end of no code comments and also being guilty of leaving plenty of crappy and unhelpful comments too.
Let’s set a scene. You’ve had a long day and you’re buckled in for what can only be described as a mentally exhausting night. The system architecture is clearly formed in your head and you’re beginning to see issues ahead of time. You can’t quite justify any premature optimisation, but you know this current design has a ceiling. You also know there are system wide intricacies that are not obvious at the component level.
Normality in these scenarios is to insert context based comments, which make perfect sense at 2am, but next day 9am exhausted you may be confused as to what on earth happened in the early hours. We’ve all been there.
There are multiple trains Continue reading
The updates ensure interoperability between a 3GPP-defined management system and ETSI’s NFV...
The China-based vendor is still likely to face U.S. opposition over its involvement in 5G...
The test deployed Microsoft’s cloud services at the edge, and makes the business case for...
Security expert Zoë Rose beams aboard the Datanauts podcast to discuss the intricacies of vulnerability management, including how to asses risks, when and what to patch, the importance of input from multiple stakeholders, compensating controls, and more.
The post Datanauts 167: Patch Now Or Later? The Delicate Art Of Vulnerability Management appeared first on Packet Pushers.
There are several ways to get an VyOS ISO image. Firstly, you can buy subscription, so you will have an access to LTS VyOS ISO images. The LTS images are also available for VyOS contributors or evangelists with perpetual 1-year access. The third option involves building ISO image itself. Building involves cloning VyOS repository with git, taking care of required dependencies and finally compiling from sources. Either you need Debian as a base and manage dependencies manually or you can compile using the docker method and Debian is not needed.
Using the Dockerfile you create your own Docker container that is used to build a VyOS ISO image or other required VyOS packages. The Dockerfile contains some of the most used packages needed to build a VyOS ISO, a qemu image, and several of the submodules.
1. Install Docker CE
We are going to install Docker CE on Ubuntu 18.04.2 LTS (bionic).
$ sudo apt-get update
$ sudo apt-get install apt-transport-https ca-certificates curl software-properties-common git
$ curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
$ sudo apt-key fingerprint 0EBFCD88
$ sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu bionic stable"
$ sudo apt-get update
$ sudo apt-get install docker-ce
Continue reading