If you’re a BGP newbie, you’ll love this BGP Show and Tell series from Denise Fishburne. Enjoy!
Sumit Puri says his composable infrastructure startup is “gonna take over the world.” The only...
SDxCentral Weekly Wrap for March 22, 2019: The Microsoft-developed Sonic platform gathers speed....
For VMware's VeloCloud-based SD-WAN, the road ahead includes containers, VMs, VNFs, 5G, hybrid- and...
On today's Heavy Networking we explore the intersection of policy, politics, and technology with the Internet Governance Project (IGP), which connects tech and policy experts to help bridge gaps in understanding between these two communities, with the goal of influencing outcomes on issues such as free expression, privacy, and security.
The post Heavy Networking 437: Melding Policy And Technology With The Internet Governance Project appeared first on Packet Pushers.
Software is overdue for a high-level review, said Vijay Gurbaxani, founding director of the Center...
In today’s post we’re going to talk about building a CI/CD pipeline for Cloudflare Worker’s using Travis CI. If you aren’t yet aware, Cloudflare Workers allow you to run Javascript in all 165 of our data centers, and they deploy globally in about 30 seconds. Learn more here.
There are a few steps before we get started. We need to have a Worker script we want to deploy, some optional unit tests for the script, a serverless.yml
file to deploy via the Serverless Framework, a .gitignore
file to ignore the node_modules
folder, and finally, a .travis.yml
configuration file. All of these files will live in the same GitHub repository, which should have a final layout like:
----- worker.js
----- serverless.yml
----- test
. worker-test.js
----- node_modules
----- package.json
----- package-lock.json
----- .travis.yml
----- .gitignore
In a recent post we discussed a method for testing Workers. We’ll reuse this method here to test a really simple Worker script below which simply returns Hello World!
in the body of the response. We will name our Worker worker.js
.
addEventListener('fetch', event => {
event.respondWith(handleRequest(event.request))
})
async function handleRequest(request) {
return new Continue reading
The vendor has attempted to downplay concerns but admitted the investigation could result in...
The pursuit of monopoly has led Silicon Valley astray. —Tim O’Reilly
Phone numbers stink for security and authentication —Krebs on Security
Transnational data is sometimes, but not always, associated with a transaction or exchange. Much of the data, as personal data, Continue reading
The ascent of cloud computing and mobility changed the fundamental structure of Adobe’s business,...
Ericsson is still far from beating Huawei’s 5G contract tally, but it’s taking small steps in...
The company relies on platforms like Google BigQuery to store and process collected data. It then...
I mentioned Multipath TCP (MP-TCP) numerous times in the past but I never managed to get beyond “this is the thing that might solve some TCP multihoming challenges” We fixed this omission in Episode 100 of Software Gone Wild with Christoph Paasch (software engineer @ Apple) and Mat Martineau from Open Source Technology Center @ Intel.
Read more ...Let’s look at what’s happening in the Internet Engineering Task Force (IETF) and the upcoming IETF 104 meeting in the area of Internet infrastructure resilience. As usual, my focus here is primarily on the routing and forwarding planes, and specifically routing security and unwanted traffic of Distributed Denial of Service Attacks (DDoS) attacks. There’s interesting and important work underway at the IETF that can help addressing problems in both areas.
This time there are a lot of new ideas, especially of an operational nature, that people bring to the IETF in the form of Internet Drafts that aim to improve the security and resilience of the Internet infrastructure. So I’d like to introduce some of them to you, but keep in mind that an Internet Draft (I-D) does not necessarily indicate IETF endorsement. It also does not constitute a standard and may even not result in any work at the IETF.
So let’s look at what’s happening in BGP land.
In the recent paper “BGP Communities: Even more Worms in the Routing Can“, the authors demonstrated that Border Gateway Protocol (BGP) communities can be exploited by remote parties to influence routing in Continue reading
Slim: OS kernel support for a low-overhead container overlay network Zhuo et al., NSDI’19
Container overlay networks rely on packet transformations, with each packet traversing the networking stack twice on its way from the sending container to the receiving container.
There are CPU, throughput, and latency overheads associated with those traversals.
In this paper, we ask whether we can design and implement a container overlay network, where packets go through the OS kernel’s network stack only once. This requires us to remove packet transformation from the overlay network’s data-plane. Instead, we implement network virtualization by manipulating connection-level metadata at connection setup time, saving CPU cycles and reducing packet latency.
Slim comes with some caveats: it requires a kernel module for secure deployment, has longer connection establishment times, doesn’t fit with packet-based network policies, and only handles TCP traffic. For UDP, ICMP, and for its own service discovery, it also relies on an existing container overlay network (Weave Net). But for longer lasting connections managed using connection-based network policies it delivers some impressive results:
The new capability allows mobile operators to self provision for guaranteed SLAs based on latency...
The new specifications broaden support for different access technologies and NFV integration.