Today's Network Break tackles a string of vulnerabilities from Microsoft, Cisco, and Intel. We also look at a new 400G switch from Arista, an IoT security announcement from Extreme, Cisco financial results, and more tech news.
The post Network Break 235: Microsoft Issues Patch For Wormable Vulnerability; Intel Pursued By ZombieLoad appeared first on Packet Pushers.
After careful consideration, SDxCentral has decided it will discontinue publishing third-party...
FCC Chairman Ajit Pai says he backs the $26.5 billion transaction and is encouraging his fellow...
The platform also allows users to access Oracle’s Generation 2 cloud infrastructure.
Both U.S. companies and Huawei will take revenue hits as a result of the blacklisting.
A reminder to my readers that I will be speaking at Interop19 this week in Las Vegas on Wednesday. Denise Donohue and I are speaking about finding smart people:
I will also be speaking at CHINOG Chicago Illinois on Thursday:
And interacting with some other folks on a panel about getting started in the IETF.
“We get asked a lot: ‘Do your switches compare to [Broadcom] Trident or Tomahawk?’ The short...
No cameras, please: The San Francisco Board of Supervisors has voted to ban the use of facial recognition technologies by the policy and other agencies over privacy and civil liberties concerns, the New York Times reports. Even though police across the country have used the technology to identify criminals, facial recognition has raised fears of abuse and of turning the country into a police state.
Broadband in space: SpaceX had planned to launch a rocket containing 60 satellites designed to deliver broadband service, but the company delayed the launch a couple of times, first because of wind and then because the satellites need a software update, ExtremeTech reports. The launch was supposed to be a first step toward Elon Musk’s plan to create a space-based broadband network.
Broadband in drones: As an alternative to satellite broadband and other efforts, SoftBank is looking at ways to provide Internet service by drone, the L.A. Times says. The Japanese telecom carrier recently announced it is working with drone maker AeroVironment to build a drone capable of “flying to the stratosphere, hovering around an area for months and serving as a floating cell tower to beam internet to users on Earth.”
Just Continue reading
Based on Istio and Envoy, VMware NSX Service Mesh provides discovery, visibility, control, and security of end-to-end transactions for cloud native applications. Announced at KubeCon NA 2018, NSX Service Mesh is currently in private Beta and interested users may sign up here.
The design for NSX Service Mesh extends beyond microservices to include end-users accessing applications, data stores, and sensitive data elements. NSX Service Mesh also introduces federation for containerized applications running on multiple VMware Kubernetes environments, across on-premises and public clouds. This enables improved operations, security, and visibility for containerized applications running on clusters across multiple on-premises and public clouds – with centrally defined and managed configuration, visuals, and policies.
Enterprises can leverage a number of different capabilities including:
At Google Cloud Next, VMware and Google demonstrated how a hybrid cloud solution can use a federated service mesh across Kubernetes clusters on VMware Enterprise PKS and GKE. This highlighted one example deployment for how enterprise teams can achieve consistent operations and security for cloud native applications and data.
To learn Continue reading
Congratulations on making it through Speed Week. In the last week, Cloudflare has: described how our global network speeds up the Internet, launched a HTTP/2 prioritisation model that will improve web experiences on all browsers, launched an image resizing service which will deliver the optimal image to every device, optimized live video delivery, detailed how to stream progressive images so that they render twice as fast - using the flexibility of our new HTTP/2 prioritisation model and finally, prototyped a new over-the-wire format for JavaScript that could improve application start-up performance especially on mobile devices. As a bonus, we’re also rolling out one more new feature: “TCP Turbo” automatically chooses the TCP settings to further accelerate your website.
As a company, we want to help every one of our customers improve web experiences. The growth of Cloudflare, along with the increase in features, has often made simple questions difficult to answer:
This post will describe the exciting changes we have made to the Speed Page on the Cloudflare dashboard to give Continue reading
The focus of this blog is VMware Enterprise PKS and Kubernetes Operations with NSX-T Data Center. For the sake of completion, I will start with a high level NSX-T deployment steps without going too much into the details.
This blog does not focus on NSX-T Architecture and Deployment in Kubernetes or Enterprise PKS environments, but it highlights some of those points as needed.
There are multiple steps that are required to be configured in NSX-T before deploying Enterprise PKS. At a high level, here are the initial steps of installing NSX-T:
It’s election season in Europe, as European Parliament seats are contested across the European Union by national political parties. With approximately 400 million people eligible to vote, this is one of the biggest democratic exercises in the world - second only to India - and it takes place once every five years.
Over the course of four days, 23-26 May 2019, each of the 28 EU countries will elect a different number of Members of the European Parliament (“MEPs”) roughly mapped to population size and based on a proportional system. The 751 newly elected MEPs (a number which includes the UK’s allocation for the time being) will take their seats in July. These elections are not only important because the European Parliament plays a large role in the EU democratic system, being a co-legislator alongside the European Council, but as the French President Emmanuel Macron has described, these European elections will be decisive for the future of the continent.
Political focus on the potential cybersecurity threat to the EU elections has been extremely high, and various EU institutions and agencies have been engaged in a long campaign to drive awareness among EU Member Continue reading
On today’s Tech Bytes, sponsored by Silver Peak, we talk with homeware retailer Dunelm about how they rearchitected their WAN to improve the in-store experience for customers, lower IT costs and boost the bottom line.
The post Tech Bytes: UK Retailer Revitalizes In-Store Experience With Silver Peak SD-WAN Platform (Sponsored) appeared first on Packet Pushers.
After a few weeks of venting my frustrations on Twitter I finally completed Microsoft Azure Networking slide deck last week and published the related demos on GitHub.
I will use the slide deck in a day-long workshop in Zurich (Switzerland) on June 12th and run a series of live webinar sessions in autumn. If you’re a (paid) subscriber you can already download the slides and it would be great if you’d have time to attend the Zurich workshop – it’s infinitely better to discuss interesting challenges face-to-face than to type questions in a virtual classroom.
RPCValet: NI-driven tail-aware balancing of µs-scale RPCs Daglis et al., ASPLOS’19
Last week we learned about the [increased tail-latency sensitivity of microservices based applications with high RPC fan-outs. Seer uses estimates of queue depths to mitigate latency spikes on the order of 10-100ms, in conjunction with a cluster manager. Today’s paper choice, RPCValet, operates at latencies 3 orders of magnitude lower, targeting reduction in tail latency for services that themselves have service times on the order of a small number of µs (e.g., the average service time for memcached is approximately 2µs).
The net result of rapid advancements in the networking world is that inter-tier communications latency will approach the fundamental lower bound of speed-of-light propagation in the foreseeable future. The focus of optimization hence will completely shift to efficiently handling RPCs at the endpoints as soon as they are delivered from the network.
Furthermore, the evaluation shows that “RPCValet leaves no significant room for improvement” when compared against the theoretical ideal (it comes within 3-15%). So what we have here is a glimpse of the limits for low-latency RPCs under load. When it’s no longer physically possible to go meaningfully faster, further application-level performance Continue reading
Recently at Netdev 0x13, the Conference on Linux Networking in Prague, I gave a short talk titled "Linux at Cloudflare". The talk ended up being mostly about BPF. It seems, no matter the question - BPF is the answer.
Here is a transcript of a slightly adjusted version of that talk.
At Cloudflare we run Linux on our servers. We operate two categories of data centers: large "Core" data centers, processing logs, analyzing attacks, computing analytics, and the "Edge" server fleet, delivering customer content from 180 locations across the world.
In this talk, we will focus on the "Edge" servers. It's here where we use the newest Linux features, optimize for performance and care deeply about DoS resilience.
Our edge service is special due to our network configuration - we are extensively using anycast routing. Anycast means that the same set of IP addresses are announced by all our data centers.
This design has great advantages. First, it guarantees the optimal speed for end users. No matter where you are located, you will always reach the closest data center. Then, anycast helps us to spread out DoS traffic. During attacks each of the locations receives a small fraction of Continue reading
“We expect more people to build frameworks on top of Kubernetes,” said Janet Kuo, a software...