Archive

Category Archives for "Networking"

Latest copyright decision in Germany rejects blocking through global DNS resolvers

This post is also available in Deutsch.

A recent decision from the Higher Regional Court of Cologne in Germany marked important progress for Cloudflare and the Internet in pushing back against misguided attempts to address online copyright infringement through the DNS system. In early November, the Court in Universal v. Cloudflare issued its decision rejecting a request to require public DNS resolvers like Cloudflare’s 1.1.1.1. to block websites based on allegations of online copyright infringement. That’s a position we’ve long advocated, because blocking through public resolvers is ineffective and disproportionate, and it does not allow for much-needed transparency as to what is blocked and why.

What is a DNS resolver?

To see why the Universal decision matters, it’s important to understand what a public DNS resolver is, and why it’s not a good place to try to moderate content on the Internet.

The DNS system translates website names to IP addresses, so that Internet requests can be routed to the correct location. At a high-level, the DNS system consists of two parts. On one side sit a series of nameservers (Root, TLD, and Authoritative) that together store information mapping domain names to IP addresses; on the other Continue reading

netlab 1.7.0: Lab Validation, Fabrics, BGP Nerd Knobs

It’s been a while since the last netlab release. Most of that time was spent refactoring stuff that you don’t care about, but you might like these features:

As always, we also improved the platform support:

Read more …

netlab 1.7.0: Lab Validation, Fabrics, BGP Nerd Knobs

It’s been a while since the last netlab release. Most of that time was spent refactoring stuff that you don’t care about, but you might like these features:

As always, we also improved the platform support:

Read more …

Tech Bytes: Pliant Combines APIs, Low Code Approach For Network Automation (Sponsored)

Today on the Tech Bytes podcast we talk with sponsor Pliant about its automation platform. Pliant helps you orchestrate across devices and domains with a low-code approach that uses APIs to automate and orchestrate across your infrastructure.

The post Tech Bytes: Pliant Combines APIs, Low Code Approach For Network Automation (Sponsored) appeared first on Packet Pushers.

Tech Bytes: Pliant Combines APIs, Low Code Approach For Network Automation (Sponsored)

Network automation takes a variety of forms, from individual scripts that handle specific tasks, to workflows that have to be orchestrated across multiple devices and systems. Today on the Tech Bytes podcast we talk with sponsor Pliant about its automation platform. Pliant helps you orchestrate across devices and domains with a low-code approach that uses... Read more »

NB458: Broadcom Debuts On-Chip Neural Net, Lays Off VMware Staff; Okta Breach Gets Worse

Broadcom’s latest Trident ASIC will include a neural net inference engine on the chip that can analyze traffic  and take action in the packet pipeline, but it’s up to customers to build rules and signatures based on their own training data. Broadcom has also announced it will lay off approximately 1,300 VMware employees. Identity provider... Read more »

Routing Through the Forest of Trees

Some friends shared a Reddit post the other day that made me both shake my head and ponder the state of the networking industry. Here is the locked post for your viewing pleasure. It was locked because the comments were going to devolve into a mess eventually. The person making the comment seems to be honest and sincere in their approach to “layer 3 going away”. The post generated a lot of amusement from the networking side of IT about how this person doesn’t understand the basics but I think there’s a deeper issue going on.

Trails To Nowhere

Our visibility of the state of the network below the application interface is very general in today’s world. That’s because things “just work” to borrow an overused phrase. Aside from the occasional troubleshooting exercise to find out why packets destined for Azure or AWS are failing along the way when is the last time you had to get really creative in finding a routing issue in someone else’s equipment? We spend more time now trying to figure out how to make our own networks operate efficiently and less time worrying about what happens to the packets when they leave our organization. Continue reading

Upcoming Pearson Class: Modern Network Troubleshooting

On the 26th of January, I’ll be teaching a webinar over at Safari Books Online (subscription service) called Modern Network Troubleshooting. From the blurb:

The first section of this class considers the nature of resilience, and how design tradeoffs result in different levels of resilience. The class then moves into a theoretical understanding of failures, how network resilience is measured, and how the Mean Time to Repair (MTTR) relates to human and machine-driven factors. One of these factors is the unintended consequences arising from abstractions, covered in the next section of the class.
The class then moves into troubleshooting proper, examining the half-split formal troubleshooting method and how it can be combined with more intuitive methods. This section also examines how network models can be used to guide the troubleshooting process. The class then covers two examples of troubleshooting reachability problems in a small network, and considers using ChaptGPT and other LLMs in the troubleshooting process. A third, more complex example is then covered in a data center fabric.

Register here.

The BGP Origin Attribute

Kristijan Taskovski asked an interesting question related to my BGP AS-prepending lab:

I’ve never personally done this on the net but….wouldn’t the BGP origin code also work with moving one’s ingress traffic similarly to AS PATH?

TL&DR: Sort of, but not exactly. Also, just because you can climb up ropes using shoelaces instead of jumars doesn’t mean you should.

Let’s deal with the moving traffic bit first.

Read more …

The BGP Origin Attribute

Kristijan Taskovski asked an interesting question related to my BGP AS-prepending lab:

I’ve never personally done this on the net but….wouldn’t the BGP origin code also work with moving one’s ingress traffic similarly to AS PATH?

TL&DR: Sort of, but not exactly. Also, just because you can climb up ropes using shoelaces instead of jumars doesn’t mean you should.

Let’s deal with the moving traffic bit first.

Read more …

Weekend Reads 120223


Yet despite the constant accretion of new tools to solve new problems, the most common root cause of serious cybersecurity incidents remains failed processes.


The House of Representatives’ failure to spike a federal “kill switch” mandate means that outside of a political miracle, all new vehicles from 2026 onward will be required to incorporate “advanced drunk and impaired driving prevention technology.”


Gone are the days when a car was a dumb machine you turned on and drove from A to B. Today it’s a smartphone on wheels, and your data is possibly being taken for a ride.


APT29, believed to be an espionage group from Russia, became known for launching targeted attacks against organizations in Ukraine.


Mozilla has slapped its “Privacy Not Included” labels on several products from Google, Amazon and Microsoft – just in time for Christmas shopping.


Despite more than a decade of reminding, prodding, and downright nagging, a surprising number of developers still can’t bring themselves to keep their code free of credentials that provide the keys to their kingdoms to anyone who takes the time to look for them.


Special report Web advert blockers and other Chrome extensions will stop working by June 2024 unless Continue reading

1 90 91 92 93 94 3,412